lib/Auth
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Sat Sep 1 17:20:33 CEST 2012
lib/Auth/LDAP.php | 45 ++++++++++++++++++++++++++++++++++-----------
1 file changed, 34 insertions(+), 11 deletions(-)
New commits:
commit 34f39098ed5d0b659b0390184e47ad8d0ad13c0e
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Sat Sep 1 16:20:22 2012 +0100
Fix creating new domains
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 7f1c034..53b8a30 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -125,7 +125,7 @@ class LDAP extends Net_LDAP3 {
public function domain_add($domain, $parent_domain = false, $prepopulate = true) {
// Apply some routines for access control to this function here.
if (!empty($parent_domain)) {
- if (!$this->domain_info($parent_domain)) {
+ if ($this->domain_info($parent_domain)->count() < 1) {
$this->_domain_add_new($parent_domain, $prepopulate);
}
@@ -1047,14 +1047,27 @@ class LDAP extends Net_LDAP3 {
// Get the parent
$domain_filter = '(&(' . $domain_name_attribute . '=' . $parent . ')' . $domain_filter . ')';
- $domain_entry = $this->_search($domain_base_dn, $domain_filter);
- $domain_dn = key($domain_entry);
+ $result = $this->_search($domain_base_dn, $domain_filter);
+
+ if ($result->count() < 1) {
+ Log::error("Attempt to add a domain alias for a non-existent parent domain.");
+ return false;
+ } else if ($result->count() > 1) {
+ Log::error("Attempt to add a domain alias for a parent domain which is found to have multiple entries.");
+ return false;
+ }
+
+ $entries = $result->entries(TRUE);
+
+ $domain_dn = key($entries);
+ $domain_entry = $entries[$domain_dn];
+
+ $_old_attr = array($domain_name_attribute => $domain_entry[$domain_name_attribute]);
- $_old_attr = array($domain_name_attribute => $domain_entry[$domain_dn][$domain_name_attribute]);
if (is_array($domain)) {
- $_new_attr = array($domain_name_attribute => array_unique(array_merge((array)($domain_entry[$domain_dn][$domain_name_attribute]), $domain)));
+ $_new_attr = array($domain_name_attribute => array_unique(array_merge((array)($domain_entry[$domain_name_attribute]), $domain)));
} else {
- $_new_attr = array($domain_name_attribute => array($domain_entry[$domain_dn][$domain_name_attribute], $domain));
+ $_new_attr = array($domain_name_attribute => array($domain_entry[$domain_name_attribute], $domain));
}
return $this->modify_entry($domain_dn, $_old_attr, $_new_attr);
@@ -1103,19 +1116,27 @@ class LDAP extends Net_LDAP3 {
$this->add_entry($dn, $attrs);
+ //
+ // Use the information we find on the primary domain configuration for
+ // the new domain configuration.
+ //
$domain_filter = $this->conf->get('ldap', 'domain_filter');
$domain_filter = '(&(' . $domain_name_attribute . '=' . $this->conf->get('kolab', 'primary_domain') . ')' . $domain_filter . ')';
- $domain_entry = $this->_search($domain_base_dn, $domain_filter);
+ $results = $this->_search($domain_base_dn, $domain_filter);
+ $entries = $results->entries(TRUE);
+ $domain_entry = array_shift($entries);
+ // The root_dn for the parent domain is needed to find the ldbm
+ // database.
if (in_array('inetdomainbasedn', $domain_entry)) {
$_base_dn = $domain_entry['inetdomainbasedn'];
} else {
$_base_dn = $this->_standard_root_dn($this->conf->get('kolab', 'primary_domain'));
}
- $result = $this->_read("cn=" . str_replace('.', '_', $this->conf->get('kolab', 'primary_domain') . ",cn=ldbm database,cn=plugins,cn=config"), '(objectclass=*)', array('nsslapd-directory'));
+ $result = $this->_read("cn=" . str_replace('.', '_', $this->conf->get('kolab', 'primary_domain') . ",cn=ldbm database,cn=plugins,cn=config"), array('nsslapd-directory'));
- console("Result normalized", $result);
+ Log::trace("Primary domain ldbm database configuration entry: " . var_export($result, TRUE));
$result = $result[key($result)];
$directory = str_replace(str_replace('.', '_', $this->conf->get('kolab', 'primary_domain')), str_replace('.','_',$domain_name), $result['nsslapd-directory']);
@@ -1142,7 +1163,9 @@ class LDAP extends Net_LDAP3 {
// Query the ACI for the primary domain
$domain_filter = $this->conf->get('ldap', 'domain_filter');
$domain_filter = '(&(' . $domain_name_attribute . '=' . $this->conf->get('kolab', 'primary_domain') . ')' . $domain_filter . ')';
- $domain_entry = $this->_search($domain_base_dn, $domain_filter);
+ $results = $this->_search($domain_base_dn, $domain_filter);
+ $entries = $results->entries(TRUE);
+ $domain_entry = array_shift($entries);
if (in_array('inetdomainbasedn', $domain_entry)) {
$_base_dn = $domain_entry['inetdomainbasedn'];
@@ -1150,7 +1173,7 @@ class LDAP extends Net_LDAP3 {
$_base_dn = $this->_standard_root_dn($this->conf->get('kolab', 'primary_domain'));
}
- $result = $this->_read($_base_dn, '(objectclass=*)', array('aci'));
+ $result = $this->_read($_base_dn, array('aci'));
$result = $result[key($result)];
$acis = $result['aci'];
More information about the commits
mailing list