appMasteridentity = $container->getParameter('appMasteridentity'); $this->synchro = $container->getParameter('appSynchro'); $this->host = $container->getParameter('ldapHost'); $this->port = $container->getParameter('ldapPort'); $this->usetls = $container->getParameter('ldapUsetls'); $this->userwriter = $container->getParameter('ldapUserwriter'); $this->user = $container->getParameter('ldapUser'); $this->password = $container->getParameter('ldapPassword'); $this->basedn = $container->getParameter('ldapBasedn'); $this->baseorganisation = $container->getParameter('ldapBaseorganisation'); $this->baseniveau01 = $container->getParameter('ldapBaseniveau01'); $this->baseniveau02 = $container->getParameter('ldapBaseniveau02'); $this->baseniveau03 = $container->getParameter('ldapBaseniveau03'); $this->baseniveau04 = $container->getParameter('ldapBaseniveau04'); $this->basegroup = $container->getParameter('ldapBasegroup'); $this->baseuser = $container->getParameter('ldapBaseuser'); $this->username = $container->getParameter('ldapUsername'); $this->firstname = $container->getParameter('ldapFirstname'); $this->lastname = $container->getParameter('ldapLastname'); $this->email = $container->getParameter('ldapEmail'); $this->avatar = $container->getParameter('ldapAvatar'); $this->memberof = $container->getParameter('ldapMemberof'); $this->groupgid = $container->getParameter('ldapGroupgid'); $this->groupname = $container->getParameter('ldapGroupname'); $this->groupmember = $container->getParameter('ldapGroupmember'); $this->groupmemberisdn = $container->getParameter('ldapGroupmemberisdn'); $this->filtergroup = $container->getParameter('ldapFiltergroup'); $this->filteruser = $container->getParameter('ldapFilteruser'); $this->userattributes = [$this->username, $this->firstname, $this->lastname, $this->email, $this->avatar, $this->memberof]; } public function isNine2Ldap() { return ('SQL' == $this->appMasteridentity) && 'NINE2LDAP' == $this->synchro && $this->userwriter && $this->baseorganisation && $this->baseniveau01 && $this->baseniveau02 && $this->baseniveau03 && $this->baseniveau04 && $this->basegroup && $this->baseuser && $this->connect(); } public function connect() { // Si on est déjà co = on rebind pour gérer le cas d'un timeout de connection if ($this->connection) { if (!@ldap_bind($this->connection, $this->user, $this->password)) { $this->disconnect(); } } if ($this->connection) { return $this->connection; } else { $ldapConn = ldap_connect($this->host, $this->port); if ($ldapConn) { ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0); if ($this->usetls) { ldap_start_tls($ldapConn); } if (@ldap_bind($ldapConn, $this->user, $this->password)) { $this->connection = $ldapConn; return $this->connection; } } } return false; } public function userconnect($username, $userpassword) { $ldapConn = ldap_connect($this->host, $this->port); $this->connection = $ldapConn; if ($this->connection) { ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0); if ($this->usetls) { ldap_start_tls($ldapConn); } $dn = $this->getUserDN($username); if (@ldap_bind($ldapConn, $dn, $userpassword)) { $res = $this->search(str_replace('*', $username, $this->filteruser), $this->userattributes, $this->baseuser); $this->disconnect(); return $res; } } $this->disconnect(); return false; } public function getParameter($key) { switch ($key) { case 'baseuser': return $this->baseuser; break; case 'basegroup': return $this->basegroup; break; case 'baseniveau01': return $this->baseniveau01; break; case 'baseniveau02': return $this->baseniveau02; break; case 'baseniveau03': return $this->baseniveau03; break; case 'baseniveau04': return $this->baseniveau04; break; case 'basedn': return $this->basedn; break; case 'baseorganisation': return $this->baseorganisation; break; case 'filteruser': return $this->filteruser; break; } } public function search($filter, $attributes = [], $subBranch = '') { $connection = $this->connect(); $branch = ($subBranch ? $subBranch : $this->basedn); $result = ldap_search($connection, $branch, $filter, $attributes, 0, 0, 0); if (!$result) { $this->ldapError(); } return $this->resultToArray($result); } public function searchdn($dn, $subBranch = '') { $connection = $this->connect(); $tbdn = ldap_explode_dn($dn, 0); $branch = ($subBranch ? $subBranch : $this->basedn); $result = ldap_search($connection, $branch, '('.$tbdn[0].')', [], 0, 0, 0); if (!$result) { $this->ldapError(); } return $this->resultToArray($result); } public function deleteByDN($dn, $recursive = false) { $connection = $this->connect(); if (false == $recursive) { $ldapentrys = $this->searchdn($dn); if (!empty($ldapentrys)) { $removed = ldap_delete($connection, $dn); if (!$removed) { $this->ldapError(); } } } else { $ldapentrys = $this->searchdn($dn); if (!empty($ldapentrys)) { // searching for sub entries $sr = ldap_list($connection, $dn, 'ObjectClass=*', ['']); $info = ldap_get_entries($connection, $sr); for ($i = 0; $i < $info['count']; ++$i) { $result = $this->deleteByDN($info[$i]['dn'], $recursive); if (!$result) { return $result; } } return ldap_delete($connection, $dn); } } } public function rename($oldDN, $newDN, $parentDN = '', $deleteOldDN = true) { $connection = $this->connect(); $result = ldap_rename($connection, $oldDN, $newDN, $parentDN, $deleteOldDN); if (!$result) { $this->ldapError(); } return $result; } private function resultToArray($result) { $connection = $this->connect(); $resultArray = []; if ($result) { $entry = ldap_first_entry($connection, $result); while ($entry) { $row = []; $attr = ldap_first_attribute($connection, $entry); while ($attr) { $val = ldap_get_values_len($connection, $entry, $attr); if (array_key_exists('count', $val) and 1 == $val['count']) { $row[strtolower($attr)] = $val[0]; } else { $row[strtolower($attr)] = $val; } if (is_array($row[strtolower($attr)])) { unset($row[strtolower($attr)]['count']); } $attr = ldap_next_attribute($connection, $entry); } $resultArray[] = $row; $entry = ldap_next_entry($connection, $entry); } } return $resultArray; } public function in_array_r($item, $array) { return preg_match('/"'.$item.'"/i', json_encode($array)); } public function disconnect() { if ($this->connection) { ldap_unbind($this->connection); $this->connection = null; } } public function ldapError() { $connection = $this->connect(); throw new \Exception('Error: ('.ldap_errno($connection).') '.ldap_error($connection)); } public function ldapModify($dn, $attrs) { $connection = $this->connect(); $result = ldap_modify($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } } // ================================================================================================================================================================== // == Function Organisation========================================================================================================================================== // ================================================================================================================================================================== public function addOrganisations() { $ldapentrys = $this->searchdn($this->baseorganisation); if (empty($ldapentrys)) { $this->addOrganisation($this->baseorganisation); } $ldapentrys = $this->searchdn($this->baseniveau01, $this->baseorganisation); if (empty($ldapentrys)) { $this->addOrganisation($this->baseniveau01); } $ldapentrys = $this->searchdn($this->baseniveau02, $this->baseorganisation); if (empty($ldapentrys)) { $this->addOrganisation($this->baseniveau02); } $ldapentrys = $this->searchdn($this->baseniveau03, $this->baseorganisation); if (empty($ldapentrys)) { $this->addOrganisation($this->baseniveau03); } $ldapentrys = $this->searchdn($this->baseniveau04, $this->baseorganisation); if (empty($ldapentrys)) { $this->addOrganisation($this->baseniveau04); } $ldapentrys = $this->searchdn($this->basegroup, $this->baseorganisation); if (empty($ldapentrys)) { $this->addOrganisation($this->basegroup); } $ldapentrys = $this->searchdn($this->baseuser, $this->baseorganisation); if (empty($ldapentrys)) { $this->addOrganisation($this->baseuser); } } public function addOrganisation($dn) { $connection = $this->connect(); $attrs = []; $attrs['objectclass'] = ['top', 'organizationalUnit']; $result = ldap_add($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } return $result; } // ================================================================================================================================================================== // == Function User================================================================================================================================================== // ================================================================================================================================================================== public function addUser(User $user) { $connection = $this->connect(); $dn = $this->getUserDN($user->getUsername()); $attrs = []; $attrs['objectclass'] = $this->getObjectClassesUser(); $this->fillAttributesUser($user, $attrs); foreach ($attrs as $key => $value) { if (empty($value)) { unset($attrs[$key]); } } $result = ldap_add($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } return $result; } public function ismodifyUser(User $user, $entry) { $attrs = []; $this->fillAttributesUser($user, $attrs); foreach ($attrs as $key => $value) { if (!array_key_exists($key, $entry) && !empty($value)) { return true; } elseif (array_key_exists($key, $entry) && $value != $entry[$key]) { return true; } } foreach ($entry as $key => $value) { if (!array_key_exists($key, $attrs) && !empty($value)) { return true; } elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) { return true; } } return false; } public function modifyUser(User $user) { $dn = $this->basedn; $connection = $this->connect(); $attrs = []; $this->fillAttributesUser($user, $attrs); // Rechercher le DN du user $dn = $this->getUserDN($user->getUsername()); foreach ($attrs as $key => $value) { if (empty($value)) { // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus @ldap_mod_del($connection, $dn, [$key => []]); unset($attrs[$key]); } } $result = ldap_modify($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } } public function modifyUserpwd(User $user) { $dn = $this->basedn; $connection = $this->connect(); $attrs = []; // Attributs associés au password $attrs['userpassword'] = $user->getPassword(); // Rechercher le DN du user $dn = $this->getUserDN($user->getUsername()); foreach ($attrs as $key => $value) { if (empty($value)) { // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus @ldap_mod_del($connection, $dn, [$key => []]); unset($attrs[$key]); } } $result = ldap_modify($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } } public function updateNiveauUser(User $user, $todel = false) { $dn = $this->basedn; $connection = $this->connect(); $result = null; if (!$user->isIsactive()) { $todel = true; } // NIVEAU01 // On recherche le Niveau01 actuellement asscocié à l'utilisateur $criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))'; $subbranch = $this->baseniveau01; $results = $this->search($criteria, ['cn'], $subbranch); foreach ($results as $result) { // Si Niveau01 différent de celui en cours on le détache de ce Niveau01 if ($result['cn'] != $user->getNiveau01()->getLabel() || $todel) { $dn = $this->getNiveau01DN($result['cn']); $entry['memberuid'] = $user->getUsername(); $result = ldap_mod_del($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } // On recherche le Niveau01 en cours if (!$todel) { $criteria = '(cn='.$user->getNiveau01()->getLabel().')'; $subbranch = $this->baseniveau01; $result = $this->search($criteria, ['memberuid'], $subbranch); // S'il n'est pas membre du Niveau01 on le rattache if (!$this->in_array_r($user->getUsername(), $result[0])) { $dn = $this->getNiveau01DN($user->getNiveau01()->getLabel()); $entry['memberuid'] = $user->getUsername(); $result = ldap_mod_add($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } // NIVEAU02 // On recherche le Niveau02 actuellement asscocié à l'utilisateur $criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))'; $subbranch = $this->baseniveau02; $results = $this->search($criteria, ['cn'], $subbranch); foreach ($results as $result) { // Si Niveau02 différent de celui en cours on le détache de ce Niveau02 if (null === $user->getNiveau02() || $result['cn'] != $user->getNiveau02()->getLabel() || $todel) { $dn = $this->getNiveau02DN($result['cn']); $entry['memberuid'] = $user->getUsername(); $result = ldap_mod_del($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } // On recherche le Niveau02 en cours if (!$todel) { if (null !== $user->getNiveau02()) { $criteria = '(cn='.$user->getNiveau02()->getLabel().')'; $subbranch = $this->baseniveau02; $result = $this->search($criteria, ['memberuid'], $subbranch); // S'il n'est pas membre du Niveau02 on le rattache if (empty($result) || !$this->in_array_r($user->getUsername(), $result[0])) { $dn = $this->getNiveau02DN($user->getNiveau02()->getLabel()); $entry['memberuid'] = $user->getUsername(); $result = ldap_mod_add($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } } // NIVEAU03 // On recherche le Niveau03 actuellement asscocié à l'utilisateur $criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))'; $subbranch = $this->baseniveau03; $results = $this->search($criteria, ['cn'], $subbranch); foreach ($results as $result) { // Si Niveau03 différent de celui en cours on le détache de ce Niveau03 if (null === $user->getNiveau03() || $result['cn'] != $user->getNiveau03()->getLabel() || $todel) { $dn = $this->getNiveau03DN($result['cn']); $entry['memberuid'] = $user->getUsername(); $result = ldap_mod_del($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } // On recherche le Niveau03 en cours if (!$todel) { if (null !== $user->getNiveau03()) { $criteria = '(cn='.$user->getNiveau03()->getLabel().')'; $subbranch = $this->baseniveau03; $result = $this->search($criteria, ['memberuid'], $subbranch); // S'il n'est pas membre du Niveau03 on le rattache if (empty($result) || !$this->in_array_r($user->getUsername(), $result[0])) { $dn = $this->getNiveau03DN($user->getNiveau03()->getLabel()); $entry['memberuid'] = $user->getUsername(); $result = ldap_mod_add($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } } // NIVEAU04 // On recherche le Niveau04 actuellement asscocié à l'utilisateur $criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))'; $subbranch = $this->baseniveau04; $results = $this->search($criteria, ['cn'], $subbranch); foreach ($results as $result) { // Si Niveau04 différent de celui en cours on le détache de ce Niveau04 if (null === $user->getNiveau04() || $result['cn'] != $user->getNiveau04()->getLabel() || $todel) { $dn = $this->getNiveau04DN($result['cn']); $entry['memberuid'] = $user->getUsername(); $result = ldap_mod_del($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } // On recherche le Niveau04 en cours if (!$todel) { if (null !== $user->getNiveau04()) { $criteria = '(cn='.$user->getNiveau04()->getLabel().')'; $subbranch = $this->baseniveau04; $result = $this->search($criteria, ['memberuid'], $subbranch); // S'il n'est pas membre du Niveau04 on le rattache if (empty($result) || !$this->in_array_r($user->getUsername(), $result[0])) { $dn = $this->getNiveau04DN($user->getNiveau04()->getLabel()); $entry['memberuid'] = $user->getUsername(); $result = ldap_mod_add($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } } return $result; } public function deleteUser(User $user) { $dn = $this->getUserDN($user->getUsername()); return $this->deleteByDN($dn); } public function getObjectClassesUser() { $oc = [ 'top', 'person', 'organizationalPerson', 'inetOrgPerson', ]; return $oc; } public function listAttributesUser() { return [ 'uid', 'cn', 'givenname', 'sn', 'mail', 'displayname', 'telephonenumber', 'postaladdress', 'userpassword', ]; } public function fillAttributesUser(User $user, array &$attrs) { $attrs['uid'] = $user->getUsername(); $attrs['cn'] = $user->getFirstname().' '.$user->getLastname(); $attrs['givenname'] = $user->getFirstname(); $attrs['sn'] = $user->getLastname(); $attrs['mail'] = $user->getEmail(); $attrs['displayname'] = $user->getFirstname().' '.$user->getLastname(); $attrs['telephonenumber'] = $user->getTelephonenumber(); $attrs['postaladdress'] = $user->getPostaladress(); $attrs['userpassword'] = $user->getPassword(); } public function getUserDN($username) { return $this->username.'='.$username.','.$this->baseuser; } // ================================================================================================================================================================== // == Function Niveau01============================================================================================================================================== // ================================================================================================================================================================== public function findNiveau01($ldapfilter) { $ldapentrys = $this->search($ldapfilter, [$this->groupgid, $this->groupname, $this->groupmember], $this->baseniveau01); return $ldapentrys; } public function findNiveau01ismember($ldapfilter, $username) { $ldapentrys = $this->findNiveau01($ldapfilter); foreach ($ldapentrys as $ldapentry) { if (is_array($ldapentry[$this->groupmember])) { if (in_array($username, $ldapentry[$this->groupmember])) { return true; } } elseif ($username == $ldapentry[$this->groupmember]) { return true; } } return false; } public function addNiveau01(Niveau01 $niveau01) { $connection = $this->connect(); $dn = $this->getNiveau01DN($niveau01->getLabel()); $attrs = []; $attrs['objectclass'] = $this->getObjectClassesNiveau01(); $this->fillAttributesNiveau01($niveau01, $attrs); foreach ($attrs as $key => $value) { if (empty($value)) { unset($attrs[$key]); } } $result = ldap_add($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } return $result; } public function ismodifyNiveau01(Niveau01 $niveau01, $entry) { $attrs = []; $this->fillAttributesNiveau01($niveau01, $attrs); foreach ($attrs as $key => $value) { if (!array_key_exists($key, $entry) && !empty($value)) { return true; } elseif (array_key_exists($key, $entry) && $value != $entry[$key]) { return true; } } foreach ($entry as $key => $value) { if (!array_key_exists($key, $attrs) && !empty($value)) { return true; } elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) { return true; } } return false; } public function modifyNiveau01(Niveau01 $niveau01, $oldid) { $dn = $this->basedn; $connection = $this->connect(); $attrs = []; $this->fillAttributesNiveau01($niveau01, $attrs); unset($attrs['cn']); $dn = $this->getNiveau01DN($niveau01->getLabel()); foreach ($attrs as $key => $value) { if (empty($value)) { // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus @ldap_mod_del($connection, $dn, [$key => []]); unset($attrs[$key]); } } if (isset($oldid) && $oldid != $niveau01->getLabel()) { $olddn = $this->getNiveau01DN($oldid); $this->rename($olddn, 'cn='.$niveau01->getLabel(), $this->baseniveau01); } $result = ldap_modify($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } } public function deleteNiveau01(Niveau01 $niveau01) { $dn = $this->getNiveau01DN($niveau01->getLabel()); return $this->deleteByDN($dn); } private function getObjectClassesNiveau01() { $oc = [ 'top', 'posixGroup', ]; return $oc; } public function listAttributesNiveau01() { return [ 'cn', 'gidnumber', 'memberuid', ]; } public function fillAttributesNiveau01(Niveau01 $niveau01, array &$attrs) { $attrs['cn'] = $niveau01->getLabel(); $attrs['gidnumber'] = $niveau01->getId(); $attrs['memberuid'] = []; foreach ($niveau01->getUsers() as $user) { if ($user->isIsactive()) { array_push($attrs['memberuid'], $user->getUsername()); } } sort($attrs['memberuid']); if (1 == count($attrs['memberuid'])) { $attrs['memberuid'] = $attrs['memberuid'][0]; } } public function getNiveau01DN($id) { return 'cn='.$id.','.$this->baseniveau01; } // ================================================================================================================================================================== // == Function Niveau02============================================================================================================================================== // ================================================================================================================================================================== public function addNiveau02(Niveau02 $niveau02) { $connection = $this->connect(); $dn = $this->getNiveau02DN($niveau02->getLabel()); $attrs = []; $attrs['objectclass'] = $this->getObjectClassesNiveau02(); $this->fillAttributesNiveau02($niveau02, $attrs); foreach ($attrs as $key => $value) { if (empty($value)) { unset($attrs[$key]); } } $result = ldap_add($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } return $result; } public function ismodifyNiveau02(Niveau02 $niveau02, $entry) { $attrs = []; $this->fillAttributesNiveau02($niveau02, $attrs); foreach ($attrs as $key => $value) { if (!array_key_exists($key, $entry) && !empty($value)) { return true; } elseif (array_key_exists($key, $entry) && $value != $entry[$key]) { return true; } } foreach ($entry as $key => $value) { if (!array_key_exists($key, $attrs) && !empty($value)) { return true; } elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) { return true; } } return false; } public function modifyNiveau02(Niveau02 $niveau02, $oldid) { $dn = $this->basedn; $connection = $this->connect(); $attrs = []; $this->fillAttributesNiveau02($niveau02, $attrs); unset($attrs['cn']); $dn = $this->getNiveau02DN($niveau02->getLabel()); foreach ($attrs as $key => $value) { if (empty($value)) { // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus @ldap_mod_del($connection, $dn, [$key => []]); unset($attrs[$key]); } } if (isset($oldid) && $oldid != $niveau02->getLabel()) { $olddn = $this->getNiveau02DN($oldid); $this->rename($olddn, 'cn='.$niveau02->getLabel(), $this->baseniveau02); } $result = ldap_modify($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } } public function deleteNiveau02(Niveau02 $niveau02) { $dn = $this->getNiveau02DN($niveau02->getLabel()); return $this->deleteByDN($dn); } private function getObjectClassesNiveau02() { $oc = [ 'top', 'posixGroup', ]; return $oc; } public function listAttributesNiveau02() { return [ 'cn', 'gidnumber', 'memberuid', ]; } public function fillAttributesNiveau02(Niveau02 $niveau02, array &$attrs) { $attrs['cn'] = $niveau02->getLabel(); $attrs['gidnumber'] = $niveau02->getId(); $attrs['memberuid'] = []; foreach ($niveau02->getUsers() as $user) { if ($user->isIsactive()) { array_push($attrs['memberuid'], $user->getUsername()); } } sort($attrs['memberuid']); if (1 == count($attrs['memberuid'])) { $attrs['memberuid'] = $attrs['memberuid'][0]; } } public function getNiveau02DN($id) { return 'cn='.$id.','.$this->baseniveau02; } // ================================================================================================================================================================== // == Function Niveau03============================================================================================================================================== // ================================================================================================================================================================== public function addNiveau03(Niveau03 $niveau03) { $connection = $this->connect(); $dn = $this->getNiveau03DN($niveau03->getLabel()); $attrs = []; $attrs['objectclass'] = $this->getObjectClassesNiveau03(); $this->fillAttributesNiveau03($niveau03, $attrs); foreach ($attrs as $key => $value) { if (empty($value)) { unset($attrs[$key]); } } $result = ldap_add($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } return $result; } public function ismodifyNiveau03(Niveau03 $niveau03, $entry) { $attrs = []; $this->fillAttributesNiveau03($niveau03, $attrs); foreach ($attrs as $key => $value) { if (!array_key_exists($key, $entry) && !empty($value)) { return true; } elseif (array_key_exists($key, $entry) && $value != $entry[$key]) { return true; } } foreach ($entry as $key => $value) { if (!array_key_exists($key, $attrs) && !empty($value)) { return true; } elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) { return true; } } return false; } public function modifyNiveau03(Niveau03 $niveau03, $oldid) { $dn = $this->basedn; $connection = $this->connect(); $attrs = []; $this->fillAttributesNiveau03($niveau03, $attrs); unset($attrs['cn']); $dn = $this->getNiveau03DN($niveau03->getLabel()); foreach ($attrs as $key => $value) { if (empty($value)) { // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus @ldap_mod_del($connection, $dn, [$key => []]); unset($attrs[$key]); } } if (isset($oldid) && $oldid != $niveau03->getLabel()) { $olddn = $this->getNiveau03DN($oldid); $this->rename($olddn, 'cn='.$niveau03->getLabel(), $this->baseniveau03); } $result = ldap_modify($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } } public function deleteNiveau03(Niveau03 $niveau03) { $dn = $this->getNiveau03DN($niveau03->getLabel()); return $this->deleteByDN($dn); } private function getObjectClassesNiveau03() { $oc = [ 'top', 'posixGroup', ]; return $oc; } public function listAttributesNiveau03() { return [ 'cn', 'gidnumber', 'memberuid', ]; } public function fillAttributesNiveau03(Niveau03 $niveau03, array &$attrs) { $attrs['cn'] = $niveau03->getLabel(); $attrs['gidnumber'] = $niveau03->getId(); $attrs['memberuid'] = []; foreach ($niveau03->getUsers() as $user) { if ($user->isIsactive()) { array_push($attrs['memberuid'], $user->getUsername()); } } sort($attrs['memberuid']); if (1 == count($attrs['memberuid'])) { $attrs['memberuid'] = $attrs['memberuid'][0]; } } public function getNiveau03DN($id) { return 'cn='.$id.','.$this->baseniveau03; } // ================================================================================================================================================================== // == Function Niveau04============================================================================================================================================== // ================================================================================================================================================================== public function addNiveau04(Niveau04 $niveau04) { $connection = $this->connect(); $dn = $this->getNiveau04DN($niveau04->getLabel()); $attrs = []; $attrs['objectclass'] = $this->getObjectClassesNiveau04(); $this->fillAttributesNiveau04($niveau04, $attrs); foreach ($attrs as $key => $value) { if (empty($value)) { unset($attrs[$key]); } } $result = ldap_add($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } return $result; } public function ismodifyNiveau04(Niveau04 $niveau04, $entry) { $attrs = []; $this->fillAttributesNiveau04($niveau04, $attrs); foreach ($attrs as $key => $value) { if (!array_key_exists($key, $entry) && !empty($value)) { return true; } elseif (array_key_exists($key, $entry) && $value != $entry[$key]) { return true; } } foreach ($entry as $key => $value) { if (!array_key_exists($key, $attrs) && !empty($value)) { return true; } elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) { return true; } } return false; } public function modifyNiveau04(Niveau04 $niveau04, $oldid) { $dn = $this->basedn; $connection = $this->connect(); $attrs = []; $this->fillAttributesNiveau04($niveau04, $attrs); unset($attrs['cn']); $dn = $this->getNiveau04DN($niveau04->getLabel()); foreach ($attrs as $key => $value) { if (empty($value)) { // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus @ldap_mod_del($connection, $dn, [$key => []]); unset($attrs[$key]); } } if (isset($oldid) && $oldid != $niveau04->getLabel()) { $olddn = $this->getNiveau04DN($oldid); $this->rename($olddn, 'cn='.$niveau04->getLabel(), $this->baseniveau04); } $result = ldap_modify($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } } public function deleteNiveau04(Niveau04 $niveau04) { $dn = $this->getNiveau04DN($niveau04->getLabel()); return $this->deleteByDN($dn); } private function getObjectClassesNiveau04() { $oc = [ 'top', 'posixGroup', ]; return $oc; } public function listAttributesNiveau04() { return [ 'cn', 'gidnumber', 'memberuid', ]; } public function fillAttributesNiveau04(Niveau04 $niveau04, array &$attrs) { $attrs['cn'] = $niveau04->getLabel(); $attrs['gidnumber'] = $niveau04->getId(); $attrs['memberuid'] = []; foreach ($niveau04->getUsers() as $user) { if ($user->isIsactive()) { array_push($attrs['memberuid'], $user->getUsername()); } } sort($attrs['memberuid']); if (1 == count($attrs['memberuid'])) { $attrs['memberuid'] = $attrs['memberuid'][0]; } } public function getNiveau04DN($id) { return 'cn='.$id.','.$this->baseniveau04; } // ================================================================================================================================================================== // == Function Group================================================================================================================================================= // ================================================================================================================================================================== public function addGroup(Group $group) { $connection = $this->connect(); $dn = $this->getGroupDN($group->getLabel()); $attrs = []; $attrs['objectclass'] = $this->getObjectClassesGroup(); $this->fillAttributesGroup($group, $attrs); foreach ($attrs as $key => $value) { if (empty($value)) { unset($attrs[$key]); } } $result = ldap_add($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } return $result; } public function ismodifyGroup(Group $group, $entry) { $attrs = []; $this->fillAttributesGroup($group, $attrs); foreach ($attrs as $key => $value) { if (!array_key_exists($key, $entry) && !empty($value)) { return true; } elseif (array_key_exists($key, $entry) && $value != $entry[$key]) { return true; } } foreach ($entry as $key => $value) { if (!array_key_exists($key, $attrs) && !empty($value)) { return true; } elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) { return true; } } return false; } public function modifyGroup(Group $group, $oldid) { $dn = $this->basedn; $connection = $this->connect(); $attrs = []; $this->fillAttributesGroup($group, $attrs); unset($attrs['cn']); $dn = $this->getGroupDN($group->getLabel()); foreach ($attrs as $key => $value) { if (empty($value)) { // Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus @ldap_mod_del($connection, $dn, [$key => []]); unset($attrs[$key]); } } if (isset($oldid) && $oldid != $group->getLabel()) { $olddn = $this->getGroupDN($oldid); $this->rename($olddn, 'cn='.$group->getLabel(), $this->basegroup); } $result = ldap_modify($connection, $dn, $attrs); if (!$result) { $this->ldapError(); } } public function deleteGroup(Group $group) { $dn = $this->getGroupDN($group->getLabel()); return $this->deleteByDN($dn); } private function getObjectClassesGroup() { $oc = [ 'top', 'posixGroup', ]; return $oc; } public function listAttributesGroup() { return [ 'cn', 'gidnumber', 'memberuid', ]; } public function fillAttributesGroup(Group $group, array &$attrs) { $attrs['cn'] = $group->getLabel(); $attrs['gidnumber'] = $group->getId(); $attrs['memberuid'] = []; foreach ($group->getUsers() as $usergroup) { if ($usergroup->getUser()->isIsactive()) { array_push($attrs['memberuid'], $usergroup->getUser()->getUsername()); } } sort($attrs['memberuid']); if (1 == count($attrs['memberuid'])) { $attrs['memberuid'] = $attrs['memberuid'][0]; } } public function getGroupDN($id) { return 'cn='.$id.','.$this->basegroup; } // ================================================================================================================================================================== // == Function UserGroup============================================================================================================================================= // ================================================================================================================================================================== public function addUserGroup(UserGroup $usergroup) { $dn = $this->basedn; $connection = $this->connect(); // On recherche le group en cours $criteria = '(cn='.$usergroup->getGroup()->getLabel().')'; $subbranch = $this->basegroup; $result = $this->search($criteria, ['memberuid'], $subbranch); if (!$this->in_array_r($usergroup->getUser()->getUsername(), $result[0])) { if ($usergroup->getUser()->isIsactive()) { $dn = $this->getGroupDN($usergroup->getGroup()->getLabel()); $entry['memberuid'] = $usergroup->getUser()->getUsername(); $result = ldap_mod_add($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } } return $result; } public function delUserGroup(UserGroup $usergroup) { $dn = $this->basedn; $connection = $this->connect(); // On recherche le group en cours $criteria = '(cn='.$usergroup->getGroup()->getLabel().')'; $subbranch = $this->basegroup; $result = $this->search($criteria, ['memberuid'], $subbranch); if ($this->in_array_r($usergroup->getUser()->getUsername(), $result[0])) { $dn = $this->getGroupDN($usergroup->getGroup()->getLabel()); $entry['memberuid'] = $usergroup->getUser()->getUsername(); $result = ldap_mod_del($connection, $dn, $entry); if (!$result) { $this->ldapError(); } } return $result; } }