nuosso/src/Service/LdapService.php

1383 lines
45 KiB
PHP
Executable File

<?php
namespace App\Service;
use App\Entity\Group;
use App\Entity\Niveau01;
use App\Entity\Niveau02;
use App\Entity\Niveau03;
use App\Entity\Niveau04;
use App\Entity\User;
use App\Entity\UserGroup;
use Symfony\Component\DependencyInjection\ContainerInterface;
class LdapService
{
private $appMasteridentity;
private $synchro;
private $host;
private $port;
private $usetls;
private $userwriter;
private $user;
private $password;
private $basedn;
private $baseorganisation;
private $baseniveau01;
private $baseniveau02;
private $baseniveau03;
private $baseniveau04;
private $basegroup;
private $baseuser;
private $username;
private $firstname;
private $lastname;
private $email;
private $avatar;
private $memberof;
private $groupgid;
private $groupname;
private $groupmember;
private $groupmemberisdn;
private $filtergroup;
private $filteruser;
private $userattributes;
private $connection;
public function __construct(ContainerInterface $container)
{
$this->appMasteridentity = $container->getParameter('appMasteridentity');
$this->synchro = $container->getParameter('appSynchro');
$this->host = $container->getParameter('ldapHost');
$this->port = $container->getParameter('ldapPort');
$this->usetls = $container->getParameter('ldapUsetls');
$this->userwriter = $container->getParameter('ldapUserwriter');
$this->user = $container->getParameter('ldapUser');
$this->password = $container->getParameter('ldapPassword');
$this->basedn = $container->getParameter('ldapBasedn');
$this->baseorganisation = $container->getParameter('ldapBaseorganisation');
$this->baseniveau01 = $container->getParameter('ldapBaseniveau01');
$this->baseniveau02 = $container->getParameter('ldapBaseniveau02');
$this->baseniveau03 = $container->getParameter('ldapBaseniveau03');
$this->baseniveau04 = $container->getParameter('ldapBaseniveau04');
$this->basegroup = $container->getParameter('ldapBasegroup');
$this->baseuser = $container->getParameter('ldapBaseuser');
$this->username = $container->getParameter('ldapUsername');
$this->firstname = $container->getParameter('ldapFirstname');
$this->lastname = $container->getParameter('ldapLastname');
$this->email = $container->getParameter('ldapEmail');
$this->avatar = $container->getParameter('ldapAvatar');
$this->memberof = $container->getParameter('ldapMemberof');
$this->groupgid = $container->getParameter('ldapGroupgid');
$this->groupname = $container->getParameter('ldapGroupname');
$this->groupmember = $container->getParameter('ldapGroupmember');
$this->groupmemberisdn = $container->getParameter('ldapGroupmemberisdn');
$this->filtergroup = $container->getParameter('ldapFiltergroup');
$this->filteruser = $container->getParameter('ldapFilteruser');
$this->userattributes = [$this->username, $this->firstname, $this->lastname, $this->email, $this->avatar, $this->memberof];
}
public function isNine2Ldap()
{
return ('SQL' == $this->appMasteridentity) && 'NINE2LDAP' == $this->synchro && $this->userwriter && $this->baseorganisation && $this->baseniveau01 && $this->baseniveau02 && $this->baseniveau03 && $this->baseniveau04 && $this->basegroup && $this->baseuser && $this->connect();
}
public function connect()
{
// Si on est déjà co = on rebind pour gérer le cas d'un timeout de connection
if ($this->connection) {
if (!@ldap_bind($this->connection, $this->user, $this->password)) {
$this->disconnect();
}
}
if ($this->connection) {
return $this->connection;
} else {
$ldapConn = ldap_connect($this->host, $this->port);
if ($ldapConn) {
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
if ($this->usetls) {
ldap_start_tls($ldapConn);
}
if (@ldap_bind($ldapConn, $this->user, $this->password)) {
$this->connection = $ldapConn;
return $this->connection;
}
}
}
return false;
}
public function userconnect($username, $userpassword)
{
$ldapConn = ldap_connect($this->host, $this->port);
$this->connection = $ldapConn;
if ($this->connection) {
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
if ($this->usetls) {
ldap_start_tls($ldapConn);
}
$dn = $this->getUserDN($username);
if (@ldap_bind($ldapConn, $dn, $userpassword)) {
$res = $this->search(str_replace('*', $username, $this->filteruser), $this->userattributes, $this->baseuser);
$this->disconnect();
return $res;
}
}
$this->disconnect();
return false;
}
public function getParameter($key)
{
switch ($key) {
case 'baseuser': return $this->baseuser;
break;
case 'basegroup': return $this->basegroup;
break;
case 'baseniveau01': return $this->baseniveau01;
break;
case 'baseniveau02': return $this->baseniveau02;
break;
case 'baseniveau03': return $this->baseniveau03;
break;
case 'baseniveau04': return $this->baseniveau04;
break;
case 'basedn': return $this->basedn;
break;
case 'baseorganisation': return $this->baseorganisation;
break;
case 'filteruser': return $this->filteruser;
break;
}
}
public function search($filter, $attributes = [], $subBranch = '')
{
$connection = $this->connect();
$branch = ($subBranch ? $subBranch : $this->basedn);
$result = ldap_search($connection, $branch, $filter, $attributes, 0, 0, 0);
if (!$result) {
$this->ldapError();
}
return $this->resultToArray($result);
}
public function searchdn($dn, $subBranch = '')
{
$connection = $this->connect();
$tbdn = ldap_explode_dn($dn, 0);
$branch = ($subBranch ? $subBranch : $this->basedn);
$result = ldap_search($connection, $branch, '('.$tbdn[0].')', [], 0, 0, 0);
if (!$result) {
$this->ldapError();
}
return $this->resultToArray($result);
}
public function deleteByDN($dn, $recursive = false)
{
$connection = $this->connect();
if (false == $recursive) {
$ldapentrys = $this->searchdn($dn);
if (!empty($ldapentrys)) {
$removed = ldap_delete($connection, $dn);
if (!$removed) {
$this->ldapError();
}
}
} else {
$ldapentrys = $this->searchdn($dn);
if (!empty($ldapentrys)) {
// searching for sub entries
$sr = ldap_list($connection, $dn, 'ObjectClass=*', ['']);
$info = ldap_get_entries($connection, $sr);
for ($i = 0; $i < $info['count']; ++$i) {
$result = $this->deleteByDN($info[$i]['dn'], $recursive);
if (!$result) {
return $result;
}
}
return ldap_delete($connection, $dn);
}
}
}
public function rename($oldDN, $newDN, $parentDN = '', $deleteOldDN = true)
{
$connection = $this->connect();
$result = ldap_rename($connection, $oldDN, $newDN, $parentDN, $deleteOldDN);
if (!$result) {
$this->ldapError();
}
return $result;
}
private function resultToArray($result)
{
$connection = $this->connect();
$resultArray = [];
if ($result) {
$entry = ldap_first_entry($connection, $result);
while ($entry) {
$row = [];
$attr = ldap_first_attribute($connection, $entry);
while ($attr) {
$val = ldap_get_values_len($connection, $entry, $attr);
if (array_key_exists('count', $val) and 1 == $val['count']) {
$row[strtolower($attr)] = $val[0];
} else {
$row[strtolower($attr)] = $val;
}
if (is_array($row[strtolower($attr)])) {
unset($row[strtolower($attr)]['count']);
}
$attr = ldap_next_attribute($connection, $entry);
}
$resultArray[] = $row;
$entry = ldap_next_entry($connection, $entry);
}
}
return $resultArray;
}
public function in_array_r($item, $array)
{
return preg_match('/"'.$item.'"/i', json_encode($array));
}
public function disconnect()
{
if ($this->connection) {
ldap_unbind($this->connection);
$this->connection = null;
}
}
public function ldapError()
{
$connection = $this->connect();
throw new \Exception('Error: ('.ldap_errno($connection).') '.ldap_error($connection));
}
public function ldapModify($dn, $attrs)
{
$connection = $this->connect();
$result = ldap_modify($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
}
// ==================================================================================================================================================================
// == Function Organisation==========================================================================================================================================
// ==================================================================================================================================================================
public function addOrganisations()
{
$ldapentrys = $this->searchdn($this->baseorganisation);
if (empty($ldapentrys)) {
$this->addOrganisation($this->baseorganisation);
}
$ldapentrys = $this->searchdn($this->baseniveau01, $this->baseorganisation);
if (empty($ldapentrys)) {
$this->addOrganisation($this->baseniveau01);
}
$ldapentrys = $this->searchdn($this->baseniveau02, $this->baseorganisation);
if (empty($ldapentrys)) {
$this->addOrganisation($this->baseniveau02);
}
$ldapentrys = $this->searchdn($this->baseniveau03, $this->baseorganisation);
if (empty($ldapentrys)) {
$this->addOrganisation($this->baseniveau03);
}
$ldapentrys = $this->searchdn($this->baseniveau04, $this->baseorganisation);
if (empty($ldapentrys)) {
$this->addOrganisation($this->baseniveau04);
}
$ldapentrys = $this->searchdn($this->basegroup, $this->baseorganisation);
if (empty($ldapentrys)) {
$this->addOrganisation($this->basegroup);
}
$ldapentrys = $this->searchdn($this->baseuser, $this->baseorganisation);
if (empty($ldapentrys)) {
$this->addOrganisation($this->baseuser);
}
}
public function addOrganisation($dn)
{
$connection = $this->connect();
$attrs = [];
$attrs['objectclass'] = ['top', 'organizationalUnit'];
$result = ldap_add($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
return $result;
}
// ==================================================================================================================================================================
// == Function User==================================================================================================================================================
// ==================================================================================================================================================================
public function addUser(User $user)
{
$connection = $this->connect();
$dn = $this->getUserDN($user->getUsername());
$attrs = [];
$attrs['objectclass'] = $this->getObjectClassesUser();
$this->fillAttributesUser($user, $attrs);
foreach ($attrs as $key => $value) {
if (empty($value)) {
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
return $result;
}
public function ismodifyUser(User $user, $entry)
{
$attrs = [];
$this->fillAttributesUser($user, $attrs);
foreach ($attrs as $key => $value) {
if (!array_key_exists($key, $entry) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $entry) && $value != $entry[$key]) {
return true;
}
}
foreach ($entry as $key => $value) {
if (!array_key_exists($key, $attrs) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) {
return true;
}
}
return false;
}
public function modifyUser(User $user)
{
$dn = $this->basedn;
$connection = $this->connect();
$attrs = [];
$this->fillAttributesUser($user, $attrs);
// Rechercher le DN du user
$dn = $this->getUserDN($user->getUsername());
foreach ($attrs as $key => $value) {
if (empty($value)) {
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, [$key => []]);
unset($attrs[$key]);
}
}
$result = ldap_modify($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
}
public function modifyUserpwd(User $user)
{
$dn = $this->basedn;
$connection = $this->connect();
$attrs = [];
// Attributs associés au password
$attrs['userpassword'] = $user->getPassword();
// Rechercher le DN du user
$dn = $this->getUserDN($user->getUsername());
foreach ($attrs as $key => $value) {
if (empty($value)) {
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, [$key => []]);
unset($attrs[$key]);
}
}
$result = ldap_modify($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
}
public function updateNiveauUser(User $user, $todel = false)
{
$dn = $this->basedn;
$connection = $this->connect();
$result = null;
if (!$user->isIsactive()) {
$todel = true;
}
// NIVEAU01
// On recherche le Niveau01 actuellement asscocié à l'utilisateur
$criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))';
$subbranch = $this->baseniveau01;
$results = $this->search($criteria, ['cn'], $subbranch);
foreach ($results as $result) {
// Si Niveau01 différent de celui en cours on le détache de ce Niveau01
if ($result['cn'] != $user->getNiveau01()->getLabel() || $todel) {
$dn = $this->getNiveau01DN($result['cn']);
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_del($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
// On recherche le Niveau01 en cours
if (!$todel) {
$criteria = '(cn='.$user->getNiveau01()->getLabel().')';
$subbranch = $this->baseniveau01;
$result = $this->search($criteria, ['memberuid'], $subbranch);
// S'il n'est pas membre du Niveau01 on le rattache
if (!$this->in_array_r($user->getUsername(), $result[0])) {
$dn = $this->getNiveau01DN($user->getNiveau01()->getLabel());
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_add($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
// NIVEAU02
// On recherche le Niveau02 actuellement asscocié à l'utilisateur
$criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))';
$subbranch = $this->baseniveau02;
$results = $this->search($criteria, ['cn'], $subbranch);
foreach ($results as $result) {
// Si Niveau02 différent de celui en cours on le détache de ce Niveau02
if (null === $user->getNiveau02() || $result['cn'] != $user->getNiveau02()->getLabel() || $todel) {
$dn = $this->getNiveau02DN($result['cn']);
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_del($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
// On recherche le Niveau02 en cours
if (!$todel) {
if (null !== $user->getNiveau02()) {
$criteria = '(cn='.$user->getNiveau02()->getLabel().')';
$subbranch = $this->baseniveau02;
$result = $this->search($criteria, ['memberuid'], $subbranch);
// S'il n'est pas membre du Niveau02 on le rattache
if (empty($result) || !$this->in_array_r($user->getUsername(), $result[0])) {
$dn = $this->getNiveau02DN($user->getNiveau02()->getLabel());
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_add($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
}
// NIVEAU03
// On recherche le Niveau03 actuellement asscocié à l'utilisateur
$criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))';
$subbranch = $this->baseniveau03;
$results = $this->search($criteria, ['cn'], $subbranch);
foreach ($results as $result) {
// Si Niveau03 différent de celui en cours on le détache de ce Niveau03
if (null === $user->getNiveau03() || $result['cn'] != $user->getNiveau03()->getLabel() || $todel) {
$dn = $this->getNiveau03DN($result['cn']);
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_del($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
// On recherche le Niveau03 en cours
if (!$todel) {
if (null !== $user->getNiveau03()) {
$criteria = '(cn='.$user->getNiveau03()->getLabel().')';
$subbranch = $this->baseniveau03;
$result = $this->search($criteria, ['memberuid'], $subbranch);
// S'il n'est pas membre du Niveau03 on le rattache
if (empty($result) || !$this->in_array_r($user->getUsername(), $result[0])) {
$dn = $this->getNiveau03DN($user->getNiveau03()->getLabel());
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_add($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
}
// NIVEAU04
// On recherche le Niveau04 actuellement asscocié à l'utilisateur
$criteria = '(&(cn=*)(memberUid='.$user->getUsername().'))';
$subbranch = $this->baseniveau04;
$results = $this->search($criteria, ['cn'], $subbranch);
foreach ($results as $result) {
// Si Niveau04 différent de celui en cours on le détache de ce Niveau04
if (null === $user->getNiveau04() || $result['cn'] != $user->getNiveau04()->getLabel() || $todel) {
$dn = $this->getNiveau04DN($result['cn']);
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_del($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
// On recherche le Niveau04 en cours
if (!$todel) {
if (null !== $user->getNiveau04()) {
$criteria = '(cn='.$user->getNiveau04()->getLabel().')';
$subbranch = $this->baseniveau04;
$result = $this->search($criteria, ['memberuid'], $subbranch);
// S'il n'est pas membre du Niveau04 on le rattache
if (empty($result) || !$this->in_array_r($user->getUsername(), $result[0])) {
$dn = $this->getNiveau04DN($user->getNiveau04()->getLabel());
$entry['memberuid'] = $user->getUsername();
$result = ldap_mod_add($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
}
return $result;
}
public function deleteUser(User $user)
{
$dn = $this->getUserDN($user->getUsername());
return $this->deleteByDN($dn);
}
public function getObjectClassesUser()
{
$oc = [
'top',
'person',
'organizationalPerson',
'inetOrgPerson',
];
return $oc;
}
public function listAttributesUser()
{
return [
'uid',
'cn',
'givenname',
'sn',
'mail',
'displayname',
'telephonenumber',
'postaladdress',
'userpassword',
];
}
public function fillAttributesUser(User $user, array &$attrs)
{
$attrs['uid'] = $user->getUsername();
$attrs['cn'] = $user->getFirstname().' '.$user->getLastname();
$attrs['givenname'] = $user->getFirstname();
$attrs['sn'] = $user->getLastname();
$attrs['mail'] = $user->getEmail();
$attrs['displayname'] = $user->getFirstname().' '.$user->getLastname();
$attrs['telephonenumber'] = $user->getTelephonenumber();
$attrs['postaladdress'] = $user->getPostaladress();
$attrs['userpassword'] = $user->getPassword();
}
public function getUserDN($username)
{
$connection = $this->connect();
$res = ldap_search($connection, $this->basedn, str_replace('*', $username, $this->filteruser));
$first = ldap_first_entry($this->connection, $res);
$dn = ldap_get_dn($this->connection, $first);
return $dn;
}
// ==================================================================================================================================================================
// == Function Niveau01==============================================================================================================================================
// ==================================================================================================================================================================
public function findNiveau01($ldapfilter)
{
$ldapentrys = $this->search($ldapfilter, [$this->groupgid, $this->groupname, $this->groupmember], $this->baseniveau01);
return $ldapentrys;
}
public function findNiveau01ismember($ldapfilter, $username)
{
$ldapentrys = $this->findNiveau01($ldapfilter);
foreach ($ldapentrys as $ldapentry) {
if (is_array($ldapentry[$this->groupmember])) {
if (in_array($username, $ldapentry[$this->groupmember])) {
return true;
}
} elseif ($username == $ldapentry[$this->groupmember]) {
return true;
}
}
return false;
}
public function addNiveau01(Niveau01 $niveau01)
{
$connection = $this->connect();
$dn = $this->getNiveau01DN($niveau01->getLabel());
$attrs = [];
$attrs['objectclass'] = $this->getObjectClassesNiveau01();
$this->fillAttributesNiveau01($niveau01, $attrs);
foreach ($attrs as $key => $value) {
if (empty($value)) {
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
return $result;
}
public function ismodifyNiveau01(Niveau01 $niveau01, $entry)
{
$attrs = [];
$this->fillAttributesNiveau01($niveau01, $attrs);
foreach ($attrs as $key => $value) {
if (!array_key_exists($key, $entry) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $entry) && $value != $entry[$key]) {
return true;
}
}
foreach ($entry as $key => $value) {
if (!array_key_exists($key, $attrs) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) {
return true;
}
}
return false;
}
public function modifyNiveau01(Niveau01 $niveau01, $oldid)
{
$dn = $this->basedn;
$connection = $this->connect();
$attrs = [];
$this->fillAttributesNiveau01($niveau01, $attrs);
unset($attrs['cn']);
$dn = $this->getNiveau01DN($niveau01->getLabel());
foreach ($attrs as $key => $value) {
if (empty($value)) {
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, [$key => []]);
unset($attrs[$key]);
}
}
if (isset($oldid) && $oldid != $niveau01->getLabel()) {
$olddn = $this->getNiveau01DN($oldid);
$this->rename($olddn, 'cn='.$niveau01->getLabel(), $this->baseniveau01);
}
$result = ldap_modify($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
}
public function deleteNiveau01(Niveau01 $niveau01)
{
$dn = $this->getNiveau01DN($niveau01->getLabel());
return $this->deleteByDN($dn);
}
private function getObjectClassesNiveau01()
{
$oc = [
'top',
'posixGroup',
];
return $oc;
}
public function listAttributesNiveau01()
{
return [
'cn',
'gidnumber',
'memberuid',
];
}
public function fillAttributesNiveau01(Niveau01 $niveau01, array &$attrs)
{
$attrs['cn'] = $niveau01->getLabel();
$attrs['gidnumber'] = $niveau01->getId();
$attrs['memberuid'] = [];
foreach ($niveau01->getUsers() as $user) {
if ($user->isIsactive()) {
array_push($attrs['memberuid'], $user->getUsername());
}
}
sort($attrs['memberuid']);
if (1 == count($attrs['memberuid'])) {
$attrs['memberuid'] = $attrs['memberuid'][0];
}
}
public function getNiveau01DN($id)
{
return 'cn='.$id.','.$this->baseniveau01;
}
// ==================================================================================================================================================================
// == Function Niveau02==============================================================================================================================================
// ==================================================================================================================================================================
public function addNiveau02(Niveau02 $niveau02)
{
$connection = $this->connect();
$dn = $this->getNiveau02DN($niveau02->getLabel());
$attrs = [];
$attrs['objectclass'] = $this->getObjectClassesNiveau02();
$this->fillAttributesNiveau02($niveau02, $attrs);
foreach ($attrs as $key => $value) {
if (empty($value)) {
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
return $result;
}
public function ismodifyNiveau02(Niveau02 $niveau02, $entry)
{
$attrs = [];
$this->fillAttributesNiveau02($niveau02, $attrs);
foreach ($attrs as $key => $value) {
if (!array_key_exists($key, $entry) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $entry) && $value != $entry[$key]) {
return true;
}
}
foreach ($entry as $key => $value) {
if (!array_key_exists($key, $attrs) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) {
return true;
}
}
return false;
}
public function modifyNiveau02(Niveau02 $niveau02, $oldid)
{
$dn = $this->basedn;
$connection = $this->connect();
$attrs = [];
$this->fillAttributesNiveau02($niveau02, $attrs);
unset($attrs['cn']);
$dn = $this->getNiveau02DN($niveau02->getLabel());
foreach ($attrs as $key => $value) {
if (empty($value)) {
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, [$key => []]);
unset($attrs[$key]);
}
}
if (isset($oldid) && $oldid != $niveau02->getLabel()) {
$olddn = $this->getNiveau02DN($oldid);
$this->rename($olddn, 'cn='.$niveau02->getLabel(), $this->baseniveau02);
}
$result = ldap_modify($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
}
public function deleteNiveau02(Niveau02 $niveau02)
{
$dn = $this->getNiveau02DN($niveau02->getLabel());
return $this->deleteByDN($dn);
}
private function getObjectClassesNiveau02()
{
$oc = [
'top',
'posixGroup',
];
return $oc;
}
public function listAttributesNiveau02()
{
return [
'cn',
'gidnumber',
'memberuid',
];
}
public function fillAttributesNiveau02(Niveau02 $niveau02, array &$attrs)
{
$attrs['cn'] = $niveau02->getLabel();
$attrs['gidnumber'] = $niveau02->getId();
$attrs['memberuid'] = [];
foreach ($niveau02->getUsers() as $user) {
if ($user->isIsactive()) {
array_push($attrs['memberuid'], $user->getUsername());
}
}
sort($attrs['memberuid']);
if (1 == count($attrs['memberuid'])) {
$attrs['memberuid'] = $attrs['memberuid'][0];
}
}
public function getNiveau02DN($id)
{
return 'cn='.$id.','.$this->baseniveau02;
}
// ==================================================================================================================================================================
// == Function Niveau03==============================================================================================================================================
// ==================================================================================================================================================================
public function addNiveau03(Niveau03 $niveau03)
{
$connection = $this->connect();
$dn = $this->getNiveau03DN($niveau03->getLabel());
$attrs = [];
$attrs['objectclass'] = $this->getObjectClassesNiveau03();
$this->fillAttributesNiveau03($niveau03, $attrs);
foreach ($attrs as $key => $value) {
if (empty($value)) {
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
return $result;
}
public function ismodifyNiveau03(Niveau03 $niveau03, $entry)
{
$attrs = [];
$this->fillAttributesNiveau03($niveau03, $attrs);
foreach ($attrs as $key => $value) {
if (!array_key_exists($key, $entry) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $entry) && $value != $entry[$key]) {
return true;
}
}
foreach ($entry as $key => $value) {
if (!array_key_exists($key, $attrs) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) {
return true;
}
}
return false;
}
public function modifyNiveau03(Niveau03 $niveau03, $oldid)
{
$dn = $this->basedn;
$connection = $this->connect();
$attrs = [];
$this->fillAttributesNiveau03($niveau03, $attrs);
unset($attrs['cn']);
$dn = $this->getNiveau03DN($niveau03->getLabel());
foreach ($attrs as $key => $value) {
if (empty($value)) {
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, [$key => []]);
unset($attrs[$key]);
}
}
if (isset($oldid) && $oldid != $niveau03->getLabel()) {
$olddn = $this->getNiveau03DN($oldid);
$this->rename($olddn, 'cn='.$niveau03->getLabel(), $this->baseniveau03);
}
$result = ldap_modify($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
}
public function deleteNiveau03(Niveau03 $niveau03)
{
$dn = $this->getNiveau03DN($niveau03->getLabel());
return $this->deleteByDN($dn);
}
private function getObjectClassesNiveau03()
{
$oc = [
'top',
'posixGroup',
];
return $oc;
}
public function listAttributesNiveau03()
{
return [
'cn',
'gidnumber',
'memberuid',
];
}
public function fillAttributesNiveau03(Niveau03 $niveau03, array &$attrs)
{
$attrs['cn'] = $niveau03->getLabel();
$attrs['gidnumber'] = $niveau03->getId();
$attrs['memberuid'] = [];
foreach ($niveau03->getUsers() as $user) {
if ($user->isIsactive()) {
array_push($attrs['memberuid'], $user->getUsername());
}
}
sort($attrs['memberuid']);
if (1 == count($attrs['memberuid'])) {
$attrs['memberuid'] = $attrs['memberuid'][0];
}
}
public function getNiveau03DN($id)
{
return 'cn='.$id.','.$this->baseniveau03;
}
// ==================================================================================================================================================================
// == Function Niveau04==============================================================================================================================================
// ==================================================================================================================================================================
public function addNiveau04(Niveau04 $niveau04)
{
$connection = $this->connect();
$dn = $this->getNiveau04DN($niveau04->getLabel());
$attrs = [];
$attrs['objectclass'] = $this->getObjectClassesNiveau04();
$this->fillAttributesNiveau04($niveau04, $attrs);
foreach ($attrs as $key => $value) {
if (empty($value)) {
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
return $result;
}
public function ismodifyNiveau04(Niveau04 $niveau04, $entry)
{
$attrs = [];
$this->fillAttributesNiveau04($niveau04, $attrs);
foreach ($attrs as $key => $value) {
if (!array_key_exists($key, $entry) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $entry) && $value != $entry[$key]) {
return true;
}
}
foreach ($entry as $key => $value) {
if (!array_key_exists($key, $attrs) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) {
return true;
}
}
return false;
}
public function modifyNiveau04(Niveau04 $niveau04, $oldid)
{
$dn = $this->basedn;
$connection = $this->connect();
$attrs = [];
$this->fillAttributesNiveau04($niveau04, $attrs);
unset($attrs['cn']);
$dn = $this->getNiveau04DN($niveau04->getLabel());
foreach ($attrs as $key => $value) {
if (empty($value)) {
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, [$key => []]);
unset($attrs[$key]);
}
}
if (isset($oldid) && $oldid != $niveau04->getLabel()) {
$olddn = $this->getNiveau04DN($oldid);
$this->rename($olddn, 'cn='.$niveau04->getLabel(), $this->baseniveau04);
}
$result = ldap_modify($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
}
public function deleteNiveau04(Niveau04 $niveau04)
{
$dn = $this->getNiveau04DN($niveau04->getLabel());
return $this->deleteByDN($dn);
}
private function getObjectClassesNiveau04()
{
$oc = [
'top',
'posixGroup',
];
return $oc;
}
public function listAttributesNiveau04()
{
return [
'cn',
'gidnumber',
'memberuid',
];
}
public function fillAttributesNiveau04(Niveau04 $niveau04, array &$attrs)
{
$attrs['cn'] = $niveau04->getLabel();
$attrs['gidnumber'] = $niveau04->getId();
$attrs['memberuid'] = [];
foreach ($niveau04->getUsers() as $user) {
if ($user->isIsactive()) {
array_push($attrs['memberuid'], $user->getUsername());
}
}
sort($attrs['memberuid']);
if (1 == count($attrs['memberuid'])) {
$attrs['memberuid'] = $attrs['memberuid'][0];
}
}
public function getNiveau04DN($id)
{
return 'cn='.$id.','.$this->baseniveau04;
}
// ==================================================================================================================================================================
// == Function Group=================================================================================================================================================
// ==================================================================================================================================================================
public function addGroup(Group $group)
{
$connection = $this->connect();
$dn = $this->getGroupDN($group->getLabel());
$attrs = [];
$attrs['objectclass'] = $this->getObjectClassesGroup();
$this->fillAttributesGroup($group, $attrs);
foreach ($attrs as $key => $value) {
if (empty($value)) {
unset($attrs[$key]);
}
}
$result = ldap_add($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
return $result;
}
public function ismodifyGroup(Group $group, $entry)
{
$attrs = [];
$this->fillAttributesGroup($group, $attrs);
foreach ($attrs as $key => $value) {
if (!array_key_exists($key, $entry) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $entry) && $value != $entry[$key]) {
return true;
}
}
foreach ($entry as $key => $value) {
if (!array_key_exists($key, $attrs) && !empty($value)) {
return true;
} elseif (array_key_exists($key, $attrs) && $value != $attrs[$key]) {
return true;
}
}
return false;
}
public function modifyGroup(Group $group, $oldid)
{
$dn = $this->basedn;
$connection = $this->connect();
$attrs = [];
$this->fillAttributesGroup($group, $attrs);
unset($attrs['cn']);
$dn = $this->getGroupDN($group->getLabel());
foreach ($attrs as $key => $value) {
if (empty($value)) {
// Bien mettre un @ car si l'attribut est déjà vide cela crache une erreur car l'attribut n'existe déjà plus
@ldap_mod_del($connection, $dn, [$key => []]);
unset($attrs[$key]);
}
}
if (isset($oldid) && $oldid != $group->getLabel()) {
$olddn = $this->getGroupDN($oldid);
$this->rename($olddn, 'cn='.$group->getLabel(), $this->basegroup);
}
$result = ldap_modify($connection, $dn, $attrs);
if (!$result) {
$this->ldapError();
}
}
public function deleteGroup(Group $group)
{
$dn = $this->getGroupDN($group->getLabel());
return $this->deleteByDN($dn);
}
private function getObjectClassesGroup()
{
$oc = [
'top',
'posixGroup',
];
return $oc;
}
public function listAttributesGroup()
{
return [
'cn',
'gidnumber',
'memberuid',
];
}
public function fillAttributesGroup(Group $group, array &$attrs)
{
$attrs['cn'] = $group->getLabel();
$attrs['gidnumber'] = $group->getId();
$attrs['memberuid'] = [];
foreach ($group->getUsers() as $usergroup) {
if ($usergroup->getUser()->isIsactive()) {
array_push($attrs['memberuid'], $usergroup->getUser()->getUsername());
}
}
sort($attrs['memberuid']);
if (1 == count($attrs['memberuid'])) {
$attrs['memberuid'] = $attrs['memberuid'][0];
}
}
public function getGroupDN($id)
{
return 'cn='.$id.','.$this->basegroup;
}
// ==================================================================================================================================================================
// == Function UserGroup=============================================================================================================================================
// ==================================================================================================================================================================
public function addUserGroup(UserGroup $usergroup)
{
$dn = $this->basedn;
$connection = $this->connect();
// On recherche le group en cours
$criteria = '(cn='.$usergroup->getGroup()->getLabel().')';
$subbranch = $this->basegroup;
$result = $this->search($criteria, ['memberuid'], $subbranch);
if (!$this->in_array_r($usergroup->getUser()->getUsername(), $result[0])) {
if ($usergroup->getUser()->isIsactive()) {
$dn = $this->getGroupDN($usergroup->getGroup()->getLabel());
$entry['memberuid'] = $usergroup->getUser()->getUsername();
$result = ldap_mod_add($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
}
return $result;
}
public function delUserGroup(UserGroup $usergroup)
{
$dn = $this->basedn;
$connection = $this->connect();
// On recherche le group en cours
$criteria = '(cn='.$usergroup->getGroup()->getLabel().')';
$subbranch = $this->basegroup;
$result = $this->search($criteria, ['memberuid'], $subbranch);
if ($this->in_array_r($usergroup->getUser()->getUsername(), $result[0])) {
$dn = $this->getGroupDN($usergroup->getGroup()->getLabel());
$entry['memberuid'] = $usergroup->getUser()->getUsername();
$result = ldap_mod_del($connection, $dn, $entry);
if (!$result) {
$this->ldapError();
}
}
return $result;
}
}