6 commits - lib/Auth lib/Conf.php lib/kolab_client_task.php
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Fri Mar 30 13:54:57 CEST 2012
lib/Auth/LDAP.php | 52 ++++++++++++++++++++++++++++++----------------
lib/Conf.php | 45 +++++++++++++++++++++++++++++++--------
lib/kolab_client_task.php | 10 +++++++-
3 files changed, 80 insertions(+), 27 deletions(-)
New commits:
commit eb96292fffa8d3161e4be710ebe014a3e40f8b97
Merge: 7906fe6 df76f94
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Mar 30 12:54:47 2012 +0100
Merge branch 'dev/configuration-handling'
Conflicts:
lib/Auth/LDAP.php
diff --cc lib/Auth/LDAP.php
index fd537d2,f09e37f..4339c71
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@@ -64,8 -64,24 +64,22 @@@ class LDA
{
$this->conf = Conf::get_instance();
+ // See if we are to connect to any domain explicitly defined.
+ if (!isset($domain) || empty($domain)) {
+ // If not, attempt to get the domain from the session.
+ if (isset($_SESSION['user'])) {
+ try {
+ $domain = $_SESSION['user']->get_domain();
+ } catch (Exception $e) {
+ // TODO: Debug logging
+ error_log("Warning, user not authenticated yet");
+ }
+ }
+ }
+
+ // Continue and default to the primary domain.
$this->domain = $domain ? $domain : $this->conf->get('primary_domain');
-
$this->_ldap_uri = $this->conf->get('ldap_uri');
-
$this->_ldap_server = parse_url($this->_ldap_uri, PHP_URL_HOST);
$this->_ldap_port = parse_url($this->_ldap_uri, PHP_URL_PORT);
$this->_ldap_scheme = parse_url($this->_ldap_uri, PHP_URL_SCHEME);
commit df76f949cbc592a3b58079ace738b3d16e0f323d
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Mar 30 13:35:44 2012 +0200
Only use $_SESSION['user']->get_domain() if the method actually exists
diff --git a/lib/Conf.php b/lib/Conf.php
index 7c35baf..d333e42 100644
--- a/lib/Conf.php
+++ b/lib/Conf.php
@@ -106,10 +106,17 @@ class Conf {
// and we can try and iterate over it.
// First, try the most exotic.
- if (isset($_SESSION['user'])) {
- $domain_section_name = $_SESSION['user']->get_domain();
- if (isset($this->_conf[$domain_section_name][$key1])) {
- return $this->_conf[$domain_section_name][$key1];
+ if (isset($_SESSION['user']) && method_exists($_SESSION['user'], 'get_domain')) {
+ try {
+ $domain_section_name = $_SESSION['user']->get_domain();
+ if (isset($this->_conf[$domain_section_name][$key1])) {
+ return $this->_conf[$domain_section_name][$key1];
+ }
+ } catch (Exception $e) {
+ $domain_section_name = $this->get('kolab', 'primary_domain');
+ if (isset($this->_conf[$domain_section_name][$key1])) {
+ return $this->_conf[$domain_section_name][$key1];
+ }
}
}
diff --git a/lib/kolab_client_task.php b/lib/kolab_client_task.php
index d454215..54a5c2d 100644
--- a/lib/kolab_client_task.php
+++ b/lib/kolab_client_task.php
@@ -107,7 +107,7 @@ class kolab_client_task
$url = $this->config_get('api_url', '');
// TODO: Debug logging
- console($url);
+ //console($url);
if (!$url) {
$url = kolab_utils::https_check() ? 'https://' : 'http://';
@@ -117,7 +117,7 @@ class kolab_client_task
}
// TODO: Debug logging
- console($url);
+ //console($url);
$this->api = new kolab_client_api($url);
}
@@ -173,6 +173,8 @@ class kolab_client_task
if ($login['username']) {
$result = $this->api->login($login['username'], $login['password']);
+ //console($result);
+
if ($token = $result->get('session_token')) {
$user = array('token' => $token, 'domain' => $result->get('domain'));
commit e39ec68a94c12786d7ec6648ed253e90c62ae07c
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Mar 30 12:15:49 2012 +0100
Return false rather than null
diff --git a/lib/Conf.php b/lib/Conf.php
index d843cdd..7c35baf 100644
--- a/lib/Conf.php
+++ b/lib/Conf.php
@@ -131,7 +131,7 @@ class Conf {
" with \$key2: " . $key2
);
- return null;
+ return false;
}
public function expand($str, $custom = FALSE)
commit 4fc11aa0deea5a4e1b2b94adaf1fdc3dd831305f
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Mar 30 12:15:32 2012 +0100
More verbose loggin
diff --git a/lib/kolab_client_task.php b/lib/kolab_client_task.php
index 010e1ce..d454215 100644
--- a/lib/kolab_client_task.php
+++ b/lib/kolab_client_task.php
@@ -104,7 +104,10 @@ class kolab_client_task
*/
private function api_init()
{
- $url = $this->config_get('api_url', '');
+ $url = $this->config_get('api_url', '');
+
+ // TODO: Debug logging
+ console($url);
if (!$url) {
$url = kolab_utils::https_check() ? 'https://' : 'http://';
@@ -113,6 +116,9 @@ class kolab_client_task
$url .= '/api';
}
+ // TODO: Debug logging
+ console($url);
+
$this->api = new kolab_client_api($url);
}
commit 03686454c92239b44848767eadce9097aeec8223
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Mar 30 12:13:54 2012 +0100
Use more items from configuration
Circumvent bootstrap catch-22 during login
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 7c5b658..f09e37f 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -68,7 +68,12 @@ class LDAP
if (!isset($domain) || empty($domain)) {
// If not, attempt to get the domain from the session.
if (isset($_SESSION['user'])) {
- $domain = $_SESSION['user']->get_domain();
+ try {
+ $domain = $_SESSION['user']->get_domain();
+ } catch (Exception $e) {
+ // TODO: Debug logging
+ error_log("Warning, user not authenticated yet");
+ }
}
}
@@ -183,11 +188,11 @@ class LDAP
'/usr/lib64/mozldap/ldapsearch',
'-x',
'-h',
- // TODO: Get from conf
- 'ldap.klab.cc',
+ $this->_ldap_server,
+ '-p',
+ $this->_ldap_port,
'-b',
- // TODO: Get from conf
- 'dc=klab,dc=cc',
+ $conf->get('base_dn'),
'-D',
'"' . $_SESSION['user']->user_bind_dn . '"',
'-w',
@@ -560,8 +565,12 @@ class LDAP
{
$conf = Conf::get_instance();
- $base_dn = $conf->get('ldap', 'user_base_dn');
- $filter = $conf->get('ldap', 'user_filter');
+ $base_dn = $conf->get('user_base_dn');
+
+ if (!$base_dn)
+ $base_dn = $conf->get('base_dn');
+
+ $filter = $conf->get('user_filter');
if (empty($attributes) || !is_array($attributes)) {
$attributes = array('*');
@@ -579,8 +588,7 @@ class LDAP
{
$conf = Conf::get_instance();
- // TODO: From config
- $base_dn = "dc=klab,dc=cc";
+ $base_dn = $conf->get('base_dn');
// TODO: From config
$filter = "(&(objectclass=ldapsubentry)(objectclass=nsroledefinition))";
@@ -598,14 +606,12 @@ class LDAP
private function groups_list($attributes = array(), $search = array())
{
- // TODO: From config
- $base_dn = "ou=Groups,dc=klab,dc=cc";
- // TODO: From config
- $filter = "(|"
- ."(objectClass=kolabgroupofnames)"
- ."(objectclass=kolabgroupofuniquenames)"
- ."(objectclass=kolabgroupofurls)"
- .")";
+ $base_dn = $conf->get('group_base_dn');
+
+ if (!$base_dn)
+ $base_dn = $conf->get('base_dn');
+
+ $filter = $conf->get('group_filter');
if (empty($attributes) || !is_array($attributes)) {
$attributes = array('*');
@@ -641,6 +647,7 @@ class LDAP
else {
$result[$dn][$attr] = array();
for ($z = 0; $z < $__result[$x][$attr]["count"]; $z++) {
+ // The first result in the array is the primary domain.
if ($z == 0 && $attr == $dn_attr) {
$result[$dn]['primary_domain'] = $__result[$x][$attr][$z];
}
@@ -1102,6 +1109,7 @@ class LDAP
private function _get_group_dn($root_dn, $search_filter)
{
+ // TODO: Why does this use privileged credentials?
if (($this->_bind($this->conf->get('bind_dn'), $this->conf->get('bind_pw'))) == false) {
$this->_bind($this->conf->get('manager_bind_dn'), $this->conf->get('manager_bind_pw'));
}
@@ -1124,6 +1132,7 @@ class LDAP
private function _get_user_dn($root_dn, $search_filter)
{
+ // TODO: Why does this use privileged credentials?
if (($this->_bind($this->conf->get('bind_dn'), $this->conf->get('bind_pw'))) == false) {
//message("WARNING: Invalid Service bind credentials supplied");
$this->_bind($this->conf->get('manager_bind_dn'), $this->conf->get('manager_bind_pw'));
commit 171b2d1f1e104c9c1110a722c7bc62fe1c407c8f
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Fri Mar 30 11:52:34 2012 +0100
Improve configuration handling
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 3c2e96e..7c5b658 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -64,8 +64,19 @@ class LDAP
{
$this->conf = Conf::get_instance();
+ // See if we are to connect to any domain explicitly defined.
+ if (!isset($domain) || empty($domain)) {
+ // If not, attempt to get the domain from the session.
+ if (isset($_SESSION['user'])) {
+ $domain = $_SESSION['user']->get_domain();
+ }
+ }
+
+ // Continue and default to the primary domain.
$this->domain = $domain ? $domain : $this->conf->get('primary_domain');
- $this->_ldap_uri = $this->conf->get('uri');
+
+ $this->_ldap_uri = $this->conf->get('ldap_uri');
+
$this->_ldap_server = parse_url($this->_ldap_uri, PHP_URL_HOST);
$this->_ldap_port = parse_url($this->_ldap_uri, PHP_URL_PORT);
$this->_ldap_scheme = parse_url($this->_ldap_uri, PHP_URL_SCHEME);
@@ -955,7 +966,7 @@ class LDAP
if (empty($search) || !is_array($search) || empty($search['params'])) {
return null;
}
-
+
$filter = '';
foreach ((array) $search['params'] as $field => $param) {
$value = self::_quote_string($param['value']);
diff --git a/lib/Conf.php b/lib/Conf.php
index 704c3c4..d843cdd 100644
--- a/lib/Conf.php
+++ b/lib/Conf.php
@@ -99,19 +99,39 @@ class Conf {
}
}
- // Simple (global) settings may be obtained by calling the key and omitting
- // the section. This goes for sections 'kolab', and whatever is the equivalent
- // of 'kolab', 'auth_mechanism'.
-// echo "<pre>";
-// print_r($this->_conf);
-// echo "</pre>";
+ // Simple (global) settings may be obtained by calling the key and
+ // omitting the section. This goes for sections 'kolab', and whatever
+ // is the equivalent of 'kolab', 'auth_mechanism', such as getting
+ // 'ldap_uri', which is in the [$domain] section, or in section 'ldap',
+ // and we can try and iterate over it.
+
+ // First, try the most exotic.
+ if (isset($_SESSION['user'])) {
+ $domain_section_name = $_SESSION['user']->get_domain();
+ if (isset($this->_conf[$domain_section_name][$key1])) {
+ return $this->_conf[$domain_section_name][$key1];
+ }
+ }
+
+ // Fall back to whatever is the equivalent of auth_mechanism as the
+ // section (i.e. 'ldap', or 'sql')
+ $auth_mech = $this->_conf['kolab']['auth_mechanism'];
+ if (isset($this->_conf[$auth_mech])) {
+ if (isset($this->_conf[$auth_mech][$key1])) {
+ return $this->_conf[$auth_mech][$key1];
+ }
+ }
+ // Fall back to global settings in the 'kolab' section.
if (isset($this->_conf['kolab'][$key1])) {
return $this->_conf['kolab'][$key1];
}
- else if (isset($this->_conf[$this->_conf['kolab']['auth_mechanism']][$key1])) {
- return $this->_conf[$this->_conf['kolab']['auth_mechanism']][$key1];
- }
+
+ error_log("Could not find setting for \$key1: " . $key1 .
+ " with \$key2: " . $key2
+ );
+
+ return null;
}
public function expand($str, $custom = FALSE)
More information about the commits
mailing list