Branch 'dev/edit-existing-entries' - 2 commits - lib/api lib/Auth lib/Auth.php lib/kolab_client_task.php

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Sat Mar 31 13:57:15 CEST 2012


 lib/Auth.php                        |    5 ++
 lib/Auth/LDAP.php                   |   83 +++++++++++++++++++++++++++++++++++-
 lib/api/kolab_api_service_group.php |   61 ++++++++++----------------
 lib/api/kolab_api_service_user.php  |    2 
 lib/kolab_client_task.php           |    2 
 5 files changed, 114 insertions(+), 39 deletions(-)

New commits:
commit f5a58c5eaa14f741cb582e9a1b2b60bcb9811c99
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Sat Mar 31 13:56:06 2012 +0200

    Move to use configuration value 'unique_attribute' and 'user_name_attribute' and 'group_name_attribute' instead of it's short equivalents (write once read many times)
    Move some of the LDAP logic in modifying entries back to where it belongs in Auth::LDAP instead of the lib/api/ files

diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index bd5f6a2..abf328b 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -371,11 +371,92 @@ class LDAP
         return $roles;
     }
 
+    public function modify_entry($subject_dn, $old_attrs, $new_attrs)
+    {
+        // TODO: Get $rdn_attr - we have type_id in $new_attrs
+        $rdn_attr = 'cn';
+
+        $mod_array = Array(
+                "add"       => Array(), // For use with ldap_mod_add()
+                "del"       => Array(), // For use with ldap_mod_del()
+                "replace"   => Array(), // For use with ldap_mod_replace()
+                "rename"    => Array(), // For use with ldap_rename()
+            );
+
+        // Compare each attribute value of the old attrs with the corresponding value
+        // in the new attrs, if any.
+        foreach ($old_attrs as $attr => $old_attr_value) {
+            if (array_key_exists($attr, $new_attrs)) {
+                if (!($new_attrs[$attr] === $old_attr_value)) {
+                    console("Attribute $attr changed from", $old_attr_value, "to", $new_attrs[$attr]);
+                    if ($attr === $rdn_attr) {
+                        $mod_array['rename'][$subject_dn] = $rdn_attr . '=' . $new_attrs[$attr];
+                    } else {
+                        console("Adding to replace: $attr");
+                        $mod_array['replace'][$attr] = (array)($new_attrs[$attr]);
+                    }
+                } else {
+                    console("Attribute $attr unchanged");
+                }
+            } else {
+                // TODO: Since we're not shipping the entire object back and forth, and only post
+                // part of the data... we don't know what is actually removed (think modifiedtimestamp, etc.)
+                console("Group attribute $attr not mentioned in \$new_attrs..., but not explicitly removed... by assumption");
+            }
+        }
+
+        foreach ($new_attrs as $attr => $value) {
+            if (array_key_exists($attr, $old_attrs)) {
+                if (!($old_attrs[$attr] === $value) && !($attr === $rdn_attr)) {
+                    if (!array_key_exists($attr, $mod_array['replace'])) {
+                        console("Adding to replace(2): $attr");
+                        $mod_array['replace'][$attr] = $value;
+                    }
+                }
+            } else {
+                $mod_array['add'][$attr] = $value;
+            }
+        }
+
+        console($mod_array);
+
+        $result = $this->modify_entry_attributes($subject_dn, $mod_array);
+
+        if ($result) {
+            return $mod_array;
+        }
+
+    }
+
     public function modify_entry_attributes($subject_dn, $attributes)
     {
         $this->_bind($_SESSION['user']->user_bind_dn, $_SESSION['user']->user_bind_pw);
 
-        $result = ldap_mod_replace($this->conn, $subject_dn, $attributes['replace']);
+        // Opportunities to set false include failed ldap commands.
+        $result = true;
+
+        if (is_array($attributes['replace']) && !empty($attributes['replace'])) {
+            $result = ldap_mod_replace($this->conn, $subject_dn, $attributes['replace']);
+        }
+
+        if (!$result)
+            return false;
+
+        if (is_array($attributes['add']) && !empty($attributes['add'])) {
+            $result = ldap_mod_add($this->conn, $subject_dn, $attributes['add']);
+        }
+
+        if (!$result)
+            return false;
+
+        if (is_array($attributes['rename']) && !empty($attributes['rename'])) {
+            $olddn = key($attributes['rename']);
+            $newrdn = $attributes['rename'][$olddn];
+            $result = ldap_rename($this->conn, $olddn, $newrdn, NULL, true);
+        }
+
+        if (!$result)
+            return false;
 
         if ($result)
             return true;
diff --git a/lib/api/kolab_api_service_group.php b/lib/api/kolab_api_service_group.php
index d2103fa..76e8cfd 100644
--- a/lib/api/kolab_api_service_group.php
+++ b/lib/api/kolab_api_service_group.php
@@ -132,13 +132,32 @@ class kolab_api_service_group extends kolab_api_service
         $gta             = $this->object_type_attributes('group', $postdata['type_id']);
         $form_service    = $this->controller->get_service('form_value');
         $group_attributes = array();
-    
+
+        // Get the type "key" string for the next few settings.
+        if ($postdata['type_id'] == null) {
+            $type_str = 'group';
+        }
+        else {
+            $db   = SQL::get_instance();
+            $_key = $db->fetch_assoc($db->query("SELECT `key` FROM group_types WHERE id = ?", $postdata['type_id']));
+            $type_str = $_key['key'];
+        }
+
         $conf = Conf::get_instance();
 
-        $unique_attr = $conf->get('unique_attr');
+        $unique_attr = $conf->get('unique_attribute');
         if (!$unique_attr) {
             $unique_attr = 'nsuniqueid';
         }
+        // TODO: "rdn" is somewhat LDAP specific, but not used as something
+        // LDAP specific...?
+        $rdn_attr = $conf->get($type_str . '_group_name_attribute');
+        if (!$rdn_attr) {
+            $rdn_attr = $conf->get('group_name_attribute');
+        }
+        if (!$rdn_attr) {
+            $rdn_attr = 'cn';
+        }
 
         if (isset($gta['form_fields'])) {
             foreach ($gta['form_fields'] as $key => $value) {
@@ -189,41 +208,11 @@ class kolab_api_service_group extends kolab_api_service
         $_group_dn = key($_group);
         $_group = $this->group_info(Array('group' => $_group_dn), Array());
 
-        $mod_array = Array(
-                "add" => Array(),
-                "del" => Array(),
-                "replace" => Array(),
-            );
-
-        foreach ($_group as $_group_attr => $_group_value) {
-            if (array_key_exists($_group_attr, $group_attributes)) {
-                if (!($group_attributes[$_group_attr] === $_group_value)) {
-                    console("Attribute $_group_attr changed from", $_group_value, "to", $group_attributes[$_group_attr]);
-                    $mod_array['replace'][$_group_attr] = (array)($_group_value);
-                }
-            } else {
-                // TODO: Since we're not shipping the entire object back and forth, and only post
-                // part of the data... we don't know what is actually removed (think modifiedtimestamp, etc.)
-                console("Group attribute not mentioned, but not explicitly removed... by assumption");
-            }
-        }
-
-        foreach ($group_attributes as $attr => $value) {
-            if (array_key_exists($attr, $_group)) {
-                if (!($_group[$attr] === $value)) {
-                    $mod_array['replace'][$attr] = $value;
-                }
-            } else {
-                $mod_array['add'][$attr] = $value;
-            }
-        }
-
-        console($mod_array);
-
-        $result = $auth->modify_entry_attributes($_group_dn, $mod_array);
+        // We should start throwing stuff over the fence here.
+        $result = $auth->modify_entry($_group_dn, $_group, $group_attributes);
 
         if ($result) {
-            return $mod_array;
+            return true;
         }
 
         return false;
@@ -271,7 +260,7 @@ class kolab_api_service_group extends kolab_api_service
             }
 
             // Insert the persistent, unique attribute
-            $unique_attr = $conf->get('unique_attr');
+            $unique_attr = $conf->get('unique_attribute');
             if (!$unique_attr) {
                 $unique_attr = 'nsuniqueid';
             }
diff --git a/lib/api/kolab_api_service_user.php b/lib/api/kolab_api_service_user.php
index 5810732..222d5a7 100644
--- a/lib/api/kolab_api_service_user.php
+++ b/lib/api/kolab_api_service_user.php
@@ -172,7 +172,7 @@ class kolab_api_service_user extends kolab_api_service
             }
 
             // Insert the persistent, unique attribute
-            $unique_attr = $conf->get('unique_attr');
+            $unique_attr = $conf->get('unique_attribute');
             if (!$unique_attr) {
                 $unique_attr = 'nsuniqueid';
             }
diff --git a/lib/kolab_client_task.php b/lib/kolab_client_task.php
index b0ffba3..14fe71f 100644
--- a/lib/kolab_client_task.php
+++ b/lib/kolab_client_task.php
@@ -837,7 +837,7 @@ class kolab_client_task
             );
 
         if (!$add_mode) {
-            $unique_attr = $this->config->get('unique_attr');
+            $unique_attr = $this->config->get('unique_attribute');
             if (!$unique_attr) {
                 $unique_attr = 'nsuniqueid';
             }


commit b8bba11531399482b2c24ab273649e3156e66859
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Sat Mar 31 13:55:07 2012 +0200

    Create a function Auth::modify_entry() to get things edited in one go.

diff --git a/lib/Auth.php b/lib/Auth.php
index b72b7bc..e4bbc8d 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -251,6 +251,11 @@ class Auth {
         return $roles;
     }
 
+    public function modify_entry($subject, $attrs, $_attrs)
+    {
+        return $this->_auth[$_SESSION['user']->get_domain()]->modify_entry($subject, $attrs, $_attrs);
+    }
+
     public function modify_entry_attributes($subject, $mod_array)
     {
         return $this->_auth[$_SESSION['user']->get_domain()]->modify_entry_attributes($subject, $mod_array);





More information about the commits mailing list