<?php

namespace App\Service;

use Symfony\Component\DependencyInjection\ContainerInterface;

use App\Entity\User;
use App\Entity\Niveau01;
use App\Entity\Niveau02;
use App\Entity\Group;
use App\Entity\UserGroup;

class LdapService
{
    private $appMasteridentity;
    private $synchro;
    private $host;
    private $port;
    private $usetls;
    private $userwriter;
    private $user;
    private $password;
    private $basedn;
    private $baseorganisation;
    private $baseniveau01;
    private $baseniveau02;
    private $basegroup;
    private $baseuser;
    private $username;
    private $firstname;
    private $lastname;
    private $email;
    private $avatar;
    private $memberof;
    private $groupgid;
    private $groupname;
    private $groupmember;
    private $groupmemberisdn;
    private $filtergroup;
    private $filteruser;
    private $userattributes;

    private $connection;

    public function __construct(ContainerInterface $container)
    {
        
        $this->appMasteridentity    = $container->getParameter("appMasteridentity");
        $this->synchro              = $container->getParameter("appSynchro");
        $this->host                 = $container->getParameter("ldapHost");
        $this->port                 = $container->getParameter("ldapPort");
        $this->usetls               = $container->getParameter("ldapUsetls");
        $this->userwriter           = $container->getParameter("ldapUserwriter");
        $this->user                 = $container->getParameter("ldapUser");
        $this->password             = $container->getParameter("ldapPassword");
        $this->basedn               = $container->getParameter("ldapBasedn");
        $this->baseorganisation     = $container->getParameter("ldapBaseorganisation");
        $this->baseniveau01         = $container->getParameter("ldapBaseniveau01");
        $this->baseniveau02         = $container->getParameter("ldapBaseniveau02");
        $this->basegroup            = $container->getParameter("ldapBasegroup");
        $this->baseuser             = $container->getParameter("ldapBaseuser");
        $this->username             = $container->getParameter("ldapUsername");
        $this->firstname            = $container->getParameter("ldapFirstname");
        $this->lastname             = $container->getParameter("ldapLastname");
        $this->email                = $container->getParameter("ldapEmail");
        $this->avatar               = $container->getParameter("ldapAvatar");
        $this->memberof             = $container->getParameter("ldapMemberof");
        $this->groupgid             = $container->getParameter("ldapGroupgid");
        $this->groupname            = $container->getParameter("ldapGroupname");
        $this->groupmember          = $container->getParameter("ldapGroupmember");
        $this->groupmemberisdn      = $container->getParameter("ldapGroupmemberisdn");
        $this->filtergroup          = $container->getParameter("ldapFiltergroup");
        $this->filteruser           = $container->getParameter("ldapFilteruser");

        $this->userattributes   = [$this->username,$this->firstname,$this->lastname,$this->email,$this->avatar,$this->memberof];
        
    }

    public function isNine2Ldap() {
        return ($this->appMasteridentity=="SQL"&&$this->synchro=="NINE2LDAP"&&$this->userwriter&&$this->baseorganisation&&$this->baseniveau01&&$this->baseniveau02&&$this->basegroup&&$this->baseuser&&$this->connect());
    }

    public function connect() {
        // Si on est déjà co = on rebind pour gérer le cas d'un timeout de connection
        if($this->connection){
            if(!@ldap_bind($this->connection, $this->user, $this->password)){
                $this->disconnect();
            }
        }

        if($this->connection){
            return $this->connection;
        } else {
            $ldapConn = ldap_connect($this->host, $this->port);

            if($ldapConn){
                ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
                ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
                if($this->usetls) ldap_start_tls($ldapConn);

                if(@ldap_bind( $ldapConn, $this->user, $this->password)){
                    $this->connection = $ldapConn;
                    return $this->connection;
                }
            }
        }
        return false;
    }

    public function userconnect($username,$userpassword) {
        $ldapConn = ldap_connect($this->host, $this->port);
        $this->connection = $ldapConn;

       if($this->connection){
            ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
            ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
            if($this->usetls) ldap_start_tls($ldapConn);

            $dn = $this->getUserDN($username);
            if(@ldap_bind( $ldapConn, $dn, $userpassword)){
                $res = $this->search(str_replace("*",$username,$this->filteruser),$this->userattributes, $this->baseuser);
                $this->disconnect();            
                return $res;
            }
        }
        $this->disconnect();
        return false;
    }

    public function getParameter($key) {
        switch($key) {
            case "baseuser"     : return $this->baseuser;       break;
            case "basegroup"    : return $this->basegroup;      break;
            case "baseniveau01" : return $this->baseniveau01;   break;
            case "baseniveau02" : return $this->baseniveau02;   break;
            case "basedn"       : return $this->basedn;         break;
            case "filteruser"   : return $this->filteruser;     break;
        }
    }

    public function search($filter, $attributes = array(), $subBranch = '') {
        $connection = $this->connect();
        $branch = ($subBranch ? $subBranch : $this->basedn);
        $result = ldap_search($connection, $branch, $filter, $attributes,0,0,0);
        if(!$result) {
            $this->ldapError();
        }
        return $this->resultToArray($result);
    }

    public function searchdn($dn, $subBranch = '') {
        $connection = $this->connect();
        $tbdn=ldap_explode_dn($dn,0);
        $branch = ($subBranch ? $subBranch : $this->basedn);
        $result = ldap_search($connection, $branch, "(".$tbdn[0].")", [],0,0,0);
        if(!$result) {
            $this->ldapError();
        }
        return $this->resultToArray($result);
    }

    public function deleteByDN($dn){
        $connection = $this->connect();
        $removed = ldap_delete($connection, $dn);
        if(!$removed){
            $this->ldapError();
        }
    }

    public function rename($oldDN, $newDN, $parentDN = '', $deleteOldDN = true){
        $connection = $this->connect();
        $result = ldap_rename($connection, $oldDN, $newDN, $parentDN, $deleteOldDN);
        if(!$result) $this->ldapError();
        return $result;
    }

    
    private function resultToArray($result){

        $connection = $this->connect();
        $resultArray = array();

        if($result){
            $entry = ldap_first_entry($connection, $result);
            while ($entry){
                $row = array();
                $attr = ldap_first_attribute($connection, $entry);
                while ($attr){
                    $val = ldap_get_values_len($connection, $entry, $attr);
                    if(array_key_exists('count', $val) AND $val['count'] == 1){
                        $row[strtolower($attr)] = $val[0];
                    } else {
                        $row[strtolower($attr)] = $val;
                    }

                    if(is_array($row[strtolower($attr)])) {
                        unset($row[strtolower($attr)]["count"]);
                    }

                    $attr = ldap_next_attribute($connection, $entry);
                }
                $resultArray[] = $row;
                $entry = ldap_next_entry($connection, $entry);
            }
        }

        return $resultArray;
    }

    public function in_array_r($item , $array){
        return preg_match('/"'.$item.'"/i' , json_encode($array));
    }

    public function disconnect(){
        if($this->connection) {
            ldap_unbind($this->connection);
            $this->connection=null;
        }
    }

    public function ldapError(){
        $connection = $this->connect();
        throw new \Exception(
            'Error: ('. ldap_errno($connection) .') '. ldap_error($connection)
        );
    }

    public function ldapModify($dn,$attrs) {
        $connection = $this->connect();
        $result = ldap_modify($connection, $dn, $attrs);
        if(!$result) $this->ldapError();        
    }

//==================================================================================================================================================================
//== Function Organisation==========================================================================================================================================
//==================================================================================================================================================================

    public function addOrganisations() {
        $ldapentrys=$this->searchdn($this->baseorganisation);
        if(empty($ldapentrys)) {
            $this->addOrganisation($this->baseorganisation);
        }

        $ldapentrys=$this->searchdn($this->baseniveau01,$this->baseorganisation);
        if(empty($ldapentrys)) {
            $this->addOrganisation($this->baseniveau01);
        }

        $ldapentrys=$this->searchdn($this->baseniveau02,$this->baseorganisation);
        if(empty($ldapentrys)) {
            $this->addOrganisation($this->baseniveau02);
        }

        $ldapentrys=$this->searchdn($this->basegroup,$this->baseorganisation);
        if(empty($ldapentrys)) {
            $this->addOrganisation($this->basegroup);
        }

        $ldapentrys=$this->searchdn($this->baseuser,$this->baseorganisation);
        if(empty($ldapentrys)) {
            $this->addOrganisation($this->baseuser);
        }  
    }

    public function addOrganisation($dn) {

        $connection = $this->connect();
        $attrs = array();
        $attrs['objectclass'] = ["top","organizationalUnit"];
        $result = ldap_add($connection, $dn, $attrs);
        if(!$result) $this->ldapError();

        return $result;
    }

//==================================================================================================================================================================
//== Function User==================================================================================================================================================
//==================================================================================================================================================================

    public function addUser(User $user) {

        $connection = $this->connect();
        $dn = $this->getUserDN($user->getUsername());

        $attrs = array();
        $attrs['objectclass'] = $this->getObjectClassesUser();
        $this->fillAttributesUser($user, $attrs);

        foreach($attrs as $key => $value){
            if(empty($value)){
                unset($attrs[$key]);
            }
        }


        $result = ldap_add($connection, $dn, $attrs);
        if(!$result) $this->ldapError();

        return $result;
    }

    public function ismodifyUser(User $user,$entry){
        $attrs = [];
        $this->fillAttributesUser($user, $attrs);

        foreach($attrs as $key => $value) {
            if(!array_key_exists($key,$entry)&&!empty($value)) return true;
            elseif(array_key_exists($key,$entry)&&$value!=$entry[$key])  return true;
        }

        foreach($entry as $key => $value) {
            if(!array_key_exists($key,$attrs)&&!empty($value)) return true;
            elseif(array_key_exists($key,$attrs)&&$value!=$attrs[$key])  return true;
        }

        return false;
    }

    public function modifyUser(User $user){
        $dn = $this->basedn;
        $connection = $this->connect();

        $attrs = array();
        $this->fillAttributesUser($user, $attrs);
        
        // Rechercher le DN du user
        $dn = $this->getUserDN($user->getUsername());

        foreach($attrs as $key => $value){
            if(empty($value)){
                // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
                @ldap_mod_del($connection, $dn, array($key => array()));
                unset($attrs[$key]);
            }
        }

        $result = ldap_modify($connection, $dn, $attrs);
        if(!$result) $this->ldapError();    
    }

    
    public function modifyUserpwd(User $user){
        $dn = $this->basedn;
        $connection = $this->connect();

        $attrs = array();

        // Attributs associés au password
        $attrs['userpassword'] = $user->getPassword();

        // Rechercher le DN du user
        $dn = $this->getUserDN($user->getUsername());

        foreach($attrs as $key => $value){
            if(empty($value)){
                // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
                @ldap_mod_del($connection, $dn, array($key => array()));
                unset($attrs[$key]);
            }
        }


        $result = ldap_modify($connection, $dn, $attrs);
        if(!$result) $this->ldapError();    
    }

    public function updateNiveauUser(User $user,$todel=false) {
        $dn = $this->basedn;
        $connection = $this->connect(); 
        $result=null;
        
        // NIVEAU01
        // On recherche le Niveau01 actuellement asscocié à l'utilisateur
        $criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))';
        $subbranch=$this->baseniveau01;
        $results = $this->search($criteria, array('cn'), $subbranch);
        foreach($results as $result) {
            // Si Niveau01 différent de celui en cours on le détache de ce Niveau01
            if($result["cn"]!=$user->getNiveau01()->getLabel()||$todel) {
                $dn = $this->getNiveau01DN($result["cn"]);
                $entry['memberuid'] = $user->getUsername(); 
                $result = ldap_mod_del($connection, $dn, $entry); 
                if(!$result) $this->ldapError();
            }
        }

        // On recherche le Niveau01 en cours
        if(!$todel) {
            $criteria = '(cn='.$user->getNiveau01()->getLabel().')';
            $subbranch=$this->baseniveau01;
            $result = $this->search($criteria, array('memberuid'), $subbranch);

            // S'il n'est pas membre du Niveau01 on le rattache
            if(!$this->in_array_r($user->getUsername(),$result[0])) {
                $dn = $this->getNiveau01DN($user->getNiveau01()->getLabel());
                $entry['memberuid'] = $user->getUsername(); 
                $result = ldap_mod_add($connection, $dn, $entry); 
                if(!$result) $this->ldapError();
            }
        }

        // NIVEAU02
        // On recherche le Niveau02 actuellement asscocié à l'utilisateur
        $criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))';
        $subbranch=$this->baseniveau02;
        $results = $this->search($criteria, array('cn'), $subbranch);
        foreach($results as $result) {
            // Si Niveau02 différent de celui en cours on le détache de ce Niveau02
            if($user->getNiveau02()===null||$result["cn"]!=$user->getNiveau02()->getLabel()||$todel) {
                $dn = $this->getNiveau02DN($result["cn"]);
                $entry['memberuid'] = $user->getUsername(); 
                $result = ldap_mod_del($connection, $dn, $entry); 
                if(!$result) $this->ldapError();
            }
        }

        // On recherche le Niveau02 en cours
        if(!$todel) {
            if($user->getNiveau02()!==null) {
                $criteria = '(cn='.$user->getNiveau02()->getLabel().')';
                $subbranch=$this->baseniveau02;
                $result = $this->search($criteria, array('memberuid'), $subbranch);

                // S'il n'est pas membre du Niveau02 on le rattache
                if(empty($result)||!$this->in_array_r($user->getUsername(),$result[0])) {
                    $dn = $this->getNiveau02DN($user->getNiveau02()->getLabel());
                    $entry['memberuid'] = $user->getUsername(); 
                    $result = ldap_mod_add($connection, $dn, $entry); 
                    if(!$result) $this->ldapError();
                }
            }
        }

        return $result;        
    } 

    public function deleteUser(User $user){
        $dn = $this->getUserDN($user->getUsername());
        return $this->deleteByDN($dn);
    }

    public function getObjectClassesUser() {
        $oc = array(
            'top',
            'person',
            'organizationalPerson',
            'inetOrgPerson',
        );
        return $oc;
    }

    public function listAttributesUser() {
        return [
            "uid",
            "cn",
            "givenname",
            "sn",
            "mail",
            "displayname",
            "telephonenumber",
            "postaladdress",
            "userpassword",
        ];
    }

    public function fillAttributesUser(User $user, array &$attrs) {
        $attrs['uid']                       = $user->getUsername();
        $attrs['cn']                        = $user->getFirstname() . ' ' . $user->getLastname();
        $attrs['givenname']                 = $user->getFirstname();
        $attrs['sn']                        = $user->getLastname();
        $attrs['mail']                      = $user->getEmail();
        $attrs['displayname']               = $user->getFirstname() . ' ' . $user->getLastname();      
        $attrs['telephonenumber']           = $user->getTelephonenumber();
        $attrs['postaladdress']             = $user->getPostaladress();
        $attrs['userpassword']              = $user->getPassword();
    }

    public function getUserDN($username) {
        return $this->username.'='.$username.','.$this->baseuser;
    }

//==================================================================================================================================================================
//== Function Niveau01==============================================================================================================================================
//==================================================================================================================================================================

    public function findNiveau01($ldapfilter) {
        $ldapentrys=$this->search($ldapfilter,[$this->groupgid,$this->groupname,$this->groupmember],$this->baseniveau01);
        return $ldapentrys;
    }

    public function findNiveau01ismember($ldapfilter,$username) {
        $ldapentrys=$this->findNiveau01($ldapfilter);
        foreach($ldapentrys as $ldapentry) {
            if(is_array($ldapentry[$this->groupmember])) {
                if(in_array($username,$ldapentry[$this->groupmember])) return true;
            }
            elseif($username==$ldapentry[$this->groupmember]) return true;
        }
        return false;
    }

    public function addNiveau01(Niveau01 $niveau01) {

        $connection = $this->connect();
        $dn = $this->getNiveau01DN($niveau01->getLabel());

        $attrs = array();
        $attrs['objectclass'] = $this->getObjectClassesNiveau01();
        $this->fillAttributesNiveau01($niveau01, $attrs);

        foreach($attrs as $key => $value){
            if(empty($value)){
                unset($attrs[$key]);
            }
        }

        $result = ldap_add($connection, $dn, $attrs);
        if(!$result) $this->ldapError();

        return $result;
    }


    public function ismodifyNiveau01(Niveau01 $niveau01,$entry){
        $attrs = [];
        $this->fillAttributesNiveau01($niveau01, $attrs);

        foreach($attrs as $key => $value) {
            if(!array_key_exists($key,$entry)&&!empty($value)) return true;
            elseif(array_key_exists($key,$entry)&&$value!=$entry[$key])  return true;
        }

        foreach($entry as $key => $value) {
            if(!array_key_exists($key,$attrs)&&!empty($value)) return true;
            elseif(array_key_exists($key,$attrs)&&$value!=$attrs[$key])  return true;
        }

        return false;
    }

    public function modifyNiveau01(Niveau01 $niveau01,$oldid){

        $dn = $this->basedn;
        $connection = $this->connect();

        $attrs = array();
        $this->fillAttributesNiveau01($niveau01, $attrs);
        unset($attrs["cn"]);

        $dn = $this->getNiveau01DN($niveau01->getLabel());

        foreach($attrs as $key => $value){
            if(empty($value)){
                // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
                @ldap_mod_del($connection, $dn, array($key => array()));
                unset($attrs[$key]);
            }
        }

        if(isset($oldid)&&$oldid!=$niveau01->getLabel()) {
            $olddn = $this->getNiveau01DN($oldid);
            $this->rename($olddn,"cn=".$niveau01->getLabel(),$this->baseniveau01);
        }

        $result = ldap_modify($connection, $dn, $attrs);
        if(!$result) $this->ldapError();
    }

    public function deleteNiveau01(Niveau01 $niveau01){
        $dn = $this->getNiveau01DN($niveau01->getLabel());
        return $this->deleteByDN($dn);
    }

    private function getObjectClassesNiveau01() {
        $oc = array(
            'top',
            'posixGroup',
        );

        return $oc;
    }

    public function listAttributesNiveau01() {
        return [
            "cn",
            "gidnumber",
            "memberuid",
        ];
    }

    public function fillAttributesNiveau01(Niveau01 $niveau01, array &$attrs) {
        $attrs['cn']        = $niveau01->getLabel();
        $attrs['gidnumber'] = $niveau01->getId();

        $attrs['memberuid'] = [];
        foreach($niveau01->getUsers() as $user) {
            array_push($attrs['memberuid'],$user->getUsername());
        }

        sort($attrs['memberuid']);
        if(count($attrs['memberuid'])==1) $attrs['memberuid'] = $attrs['memberuid'][0];
    }

    public function getNiveau01DN($id) {
        return 'cn='.$id.','.$this->baseniveau01;
    }

//==================================================================================================================================================================    
//== Function Niveau02==============================================================================================================================================
//==================================================================================================================================================================

    public function addNiveau02(Niveau02 $niveau02) {

        $connection = $this->connect();
        $dn = $this->getNiveau02DN($niveau02->getLabel());

        $attrs = array();
        $attrs['objectclass'] = $this->getObjectClassesNiveau02();
        $this->fillAttributesNiveau02($niveau02, $attrs);
        
        foreach($attrs as $key => $value){
            if(empty($value)){
                unset($attrs[$key]);
            }
        }

        $result = ldap_add($connection, $dn, $attrs);
        if(!$result) $this->ldapError();

        return $result;
    }

    public function ismodifyNiveau02(Niveau02 $niveau02,$entry){
        $attrs = [];
        $this->fillAttributesNiveau02($niveau02, $attrs);

        foreach($attrs as $key => $value) {
            if(!array_key_exists($key,$entry)&&!empty($value)) return true;
            elseif(array_key_exists($key,$entry)&&$value!=$entry[$key])  return true;
        }

        foreach($entry as $key => $value) {
            if(!array_key_exists($key,$attrs)&&!empty($value)) return true;
            elseif(array_key_exists($key,$attrs)&&$value!=$attrs[$key])  return true;
        }

        return false;
    }

    public function modifyNiveau02(Niveau02 $niveau02,$oldid){
        $dn = $this->basedn;
        $connection = $this->connect();

        $attrs = array();
        $this->fillAttributesNiveau02($niveau02, $attrs);
        unset($attrs["cn"]);

        $dn = $this->getNiveau02DN($niveau02->getLabel());

        foreach($attrs as $key => $value){
            if(empty($value)){
                // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
                @ldap_mod_del($connection, $dn, array($key => array()));
                unset($attrs[$key]);
            }
        }

        if(isset($oldid)&&$oldid!=$niveau02->getLabel()) {
            $olddn = $this->getNiveau02DN($oldid);
            $this->rename($olddn,"cn=".$niveau02->getLabel(),$this->baseniveau02);
        }

        $result = ldap_modify($connection, $dn, $attrs);
        if(!$result) $this->ldapError();
    }


    public function deleteNiveau02(Niveau02 $niveau02){
        $dn = $this->getNiveau02DN($niveau02->getLabel());
        return $this->deleteByDN($dn);
    }

    private function getObjectClassesNiveau02() {
        $oc = array(
            'top',
            'posixGroup',
        );

        return $oc;
    }
    
    public function listAttributesNiveau02() {
        return [
            "cn",
            "gidnumber",
            "memberuid"
        ];
    }
    
    public function fillAttributesNiveau02(Niveau02 $niveau02, array &$attrs) {
        $attrs['cn']            = $niveau02->getLabel();
        $attrs['gidnumber']     = $niveau02->getId();

        $attrs['memberuid'] = [];
        foreach($niveau02->getUsers() as $user) {
            array_push($attrs['memberuid'],$user->getUsername());
        }

        sort($attrs['memberuid']);
        if(count($attrs['memberuid'])==1) $attrs['memberuid'] = $attrs['memberuid'][0];

    }

    public function getNiveau02DN($id) {
        return 'cn='.$id.','.$this->baseniveau02;
    }

//==================================================================================================================================================================    
//== Function Group=================================================================================================================================================
//==================================================================================================================================================================

    public function addGroup(Group $group) {

        $connection = $this->connect();
        $dn = $this->getGroupDN($group->getLabel());

        $attrs = array();
        $attrs['objectclass'] = $this->getObjectClassesGroup();
        $this->fillAttributesGroup($group, $attrs);

        foreach($attrs as $key => $value){
            if(empty($value)){
                unset($attrs[$key]);
            }
        }

        $result = ldap_add($connection, $dn, $attrs);
        if(!$result) $this->ldapError();

        return $result;
    }

    public function ismodifyGroup(Group $group,$entry){
        $attrs = [];
        $this->fillAttributesGroup($group, $attrs);

        foreach($attrs as $key => $value) {
            if(!array_key_exists($key,$entry)&&!empty($value)) return true;
            elseif(array_key_exists($key,$entry)&&$value!=$entry[$key])  return true;
        }

        foreach($entry as $key => $value) {
            if(!array_key_exists($key,$attrs)&&!empty($value)) return true;
            elseif(array_key_exists($key,$attrs)&&$value!=$attrs[$key])  return true;
        }

        return false;
    }

    public function modifyGroup(Group $group,$oldid){
        $dn = $this->basedn;
        $connection = $this->connect();

        $attrs = array();
        $this->fillAttributesGroup($group, $attrs);
        unset($attrs["cn"]);

        $dn = $this->getGroupDN($group->getLabel());
        
        foreach($attrs as $key => $value){
            if(empty($value)){
                // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
                @ldap_mod_del($connection, $dn, array($key => array()));
                unset($attrs[$key]);
            }
        }

        if(isset($oldid)&&$oldid!=$group->getLabel()) {
            $olddn = $this->getGroupDN($oldid);
            $this->rename($olddn,"cn=".$group->getLabel(),$this->basegroup);
        }

        $result = ldap_modify($connection, $dn, $attrs);
        if(!$result) $this->ldapError();
    }

    public function deleteGroup(Group $group){
        $dn = $this->getGroupDN($group->getLabel());
        return $this->deleteByDN($dn);
    }

    private function getObjectClassesGroup() {
        $oc = array(
            'top',
            'posixGroup',
        );
        return $oc;
    }

    public function listAttributesGroup() {
        return [
            "cn",
            "gidnumber",
            "memberuid"
        ];
    }

    public function fillAttributesGroup(Group $group, array &$attrs) {
        $attrs['cn']        = $group->getLabel();
        $attrs['gidnumber'] = $group->getId();


        $attrs['memberuid'] = [];
        foreach($group->getUsers() as $usergroup) {
            array_push($attrs['memberuid'],$usergroup->getUser()->getUsername());
        }

        sort($attrs['memberuid']);
        if(count($attrs['memberuid'])==1) $attrs['memberuid'] = $attrs['memberuid'][0];        
    }

    public function getGroupDN($id) {
        return 'cn='.$id.','.$this->basegroup;
    }

//==================================================================================================================================================================    
//== Function UserGroup=============================================================================================================================================
//==================================================================================================================================================================

    function addUserGroup(UserGroup $usergroup) {
        $dn = $this->basedn;
        $connection = $this->connect();
        
        // On recherche le group en cours
        $criteria = '(cn='.$usergroup->getGroup()->getLabel().')';
        $subbranch=$this->basegroup;
        $result = $this->search($criteria, array('memberuid'), $subbranch);

        if(!$this->in_array_r($usergroup->getUser()->getUsername(),$result[0])) {
            $dn = $this->getGroupDN($usergroup->getGroup()->getLabel());
            $entry['memberuid'] = $usergroup->getUser()->getUsername(); 
            $result = ldap_mod_add($connection, $dn, $entry); 
            if(!$result) $this->ldapError();
        }

        return $result;
    }

    function delUserGroup(UserGroup $usergroup) {
        $dn = $this->basedn;
        $connection = $this->connect();
        
        // On recherche le group en cours
        $criteria = '(cn='.$usergroup->getGroup()->getLabel().')';
        $subbranch=$this->basegroup;
        $result = $this->search($criteria, array('memberuid'), $subbranch);

        if($this->in_array_r($usergroup->getUser()->getUsername(),$result[0])) {
            $dn = $this->getGroupDN($usergroup->getGroup()->getLabel());
            $entry['memberuid'] = $usergroup->getUser()->getUsername(); 
            $result = ldap_mod_del($connection, $dn, $entry); 
            if(!$result) $this->ldapError();
        }

        return $result;
    }
}