3 commits - lib/api lib/Auth lib/Auth.php lib/kolab_api_controller.php

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Mon May 14 12:51:42 CEST 2012


 lib/Auth.php                         |    5 ++
 lib/Auth/LDAP.php                    |   69 ++++++++++++++++++++++++++++++-----
 lib/api/kolab_api_service_domain.php |   59 +++++++++++++++++++++++++++++
 lib/kolab_api_controller.php         |    5 +-
 4 files changed, 127 insertions(+), 11 deletions(-)

New commits:
commit dd606a640db335660fe5ebc6748aac0ecf9bdf10
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Mon May 14 12:51:29 2012 +0200

    Add domain API service

diff --git a/lib/api/kolab_api_service_domain.php b/lib/api/kolab_api_service_domain.php
new file mode 100644
index 0000000..f690b4a
--- /dev/null
+++ b/lib/api/kolab_api_service_domain.php
@@ -0,0 +1,59 @@
+<?php
+/*
+ +--------------------------------------------------------------------------+
+ | This file is part of the Kolab Web Admin Panel                           |
+ |                                                                          |
+ | Copyright (C) 2011-2012, Kolab Systems AG                                |
+ |                                                                          |
+ | This program is free software: you can redistribute it and/or modify     |
+ | it under the terms of the GNU Affero General Public License as published |
+ | by the Free Software Foundation, either version 3 of the License, or     |
+ | (at your option) any later version.                                      |
+ |                                                                          |
+ | This program is distributed in the hope that it will be useful,          |
+ | but WITHOUT ANY WARRANTY; without even the implied warranty of           |
+ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the             |
+ | GNU Affero General Public License for more details.                      |
+ |                                                                          |
+ | You should have received a copy of the GNU Affero General Public License |
+ | along with this program. If not, see <http://www.gnu.org/licenses/>      |
+ +--------------------------------------------------------------------------+
+ | Author: Aleksander Machniak <machniak at kolabsys.com>                      |
+ | Author: Jeroen van Meeuwen <vanmeeuwen at kolabsys.com>                     |
+ +--------------------------------------------------------------------------+
+*/
+
+/**
+ * Service providing domain mutations
+ */
+class kolab_api_service_domain extends kolab_api_service
+{
+
+    /**
+     * Returns service capabilities.
+     *
+     * @param string $domain Domain name
+     *
+     * @return array Capabilities list
+     */
+    public function capabilities($domain)
+    {
+        return array(
+            'add' => 'w',
+        );
+    }
+
+    public function domain_add($getdata, $postdata)
+    {
+        if (empty($postdata['domain'])) {
+            return;
+        }
+
+        if (empty($postdata['parent'])) {
+            return;
+        }
+
+        $auth = Auth::get_instance();
+        $auth->domain_add($postdata['domain'], $postdata['parent']);
+    }
+}
diff --git a/lib/kolab_api_controller.php b/lib/kolab_api_controller.php
index cfd984a..23556c8 100644
--- a/lib/kolab_api_controller.php
+++ b/lib/kolab_api_controller.php
@@ -56,15 +56,16 @@ class kolab_api_controller
         }
 
         // TODO: register services based on config or whatsoever
+        $this->add_service('domain', 'kolab_api_service_domain');
+        $this->add_service('domains', 'kolab_api_service_domains');
         $this->add_service('form_value', 'kolab_api_service_form_value');
         $this->add_service('group_types', 'kolab_api_service_group_types');
         $this->add_service('group', 'kolab_api_service_group');
         $this->add_service('groups', 'kolab_api_service_groups');
+        $this->add_service('roles', 'kolab_api_service_roles');
         $this->add_service('user_types', 'kolab_api_service_user_types');
         $this->add_service('user', 'kolab_api_service_user');
         $this->add_service('users', 'kolab_api_service_users');
-        $this->add_service('domains', 'kolab_api_service_domains');
-        $this->add_service('roles', 'kolab_api_service_roles');
     }
 
     /**


commit 02662488e36ddebc7e501e834dfa2afbfb8833cd
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Mon May 14 12:50:46 2012 +0200

    Add function Auth::LDAP::domain_add(). Currently only supports adding a domain alias.

diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index a788c09..02045af 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -292,11 +292,11 @@ class LDAP
 
     }
 
-    public function domain_add($domain, $domain_alias = false, $prepopulate = true)
+    public function domain_add($domain, $parent_domain = false, $prepopulate = true)
     {
         // Apply some routines for access control to this function here.
-        if ($domain_alias) {
-            return $this->_domain_add_alias($domain, $domain_alias);
+        if (!empty($parent_domain)) {
+            return $this->_domain_add_alias($domain, $parent_domain);
         }
         else {
             return $this->_domain_add_new($domain, $prepopulate);
@@ -809,11 +809,6 @@ class LDAP
         return $result;
     }
 
-    private function _search($base_dn, $search_filter = '(objectClass=*)', $attributes = array('*'))
-    {
-        return $this->__search($base_dn, $search_filter, $attributes);
-    }
-
     private function domains_list()
     {
         $section = $this->conf->get('kolab', 'auth_mechanism');
@@ -1036,6 +1031,30 @@ class LDAP
                 if (!($new_attrs[$attr] === $old_attr_value) && !($_sort1 === $_sort2)) {
                     //console("Attribute $attr changed from", $old_attr_value, "to", $new_attrs[$attr]);
                     if ($attr === $rdn_attr) {
+                        //console("This attribute is the RDN attribute. Let's see if it is multi-valued, and if the original still exists in the new value.");
+                        if (is_array($old_attrs[$attr])) {
+                            if (!is_array($new_attrs[$attr])) {
+                                if (in_array($new_attrs[$attr], $old_attrs[$attr])) {
+                                    // TODO: Need to remove all $old_attrs[$attr] values not equal to $new_attrs[$attr]
+                                    if ($new_attrs[$attr] !== $old_attrs[$attr][0]) {
+                                        // TODO: Also need to rename the entry
+                                    }
+                                } else {
+                                    // TODO: Both replace attribute value and rename.
+                                }
+                            } else {
+                                // TODO: See if the rdn attr. value is still in $new_attrs[$attr]
+                            }
+                        } else {
+                            if (!is_array($new_attrs[$attr])) {
+                                // TODO: Do something here
+                            } else {
+                                // An additional attribute value is being supplied. Just replace and continue.
+                                $mod_array['replace'][$attr] = $new_attrs[$attr];
+                                continue;
+                            }
+                        }
+
                         $mod_array['rename']['dn'] = $subject_dn;
                         $mod_array['rename']['new_rdn'] = $rdn_attr . '=' . $new_attrs[$attr];
                     } else {
@@ -1457,6 +1476,33 @@ class LDAP
         return true;
     }
 
+    private function _domain_add_alias($domain, $parent)
+    {
+        $conf = Conf::get_instance();
+        $domain_base_dn = $conf->get('ldap', 'domain_base_dn');
+        $domain_filter = $conf->get('ldap', 'domain_filter');
+
+        $domain_name_attribute = $conf->get('ldap', 'domain_name_attribute');
+
+        $domain_filter = '(&(' . $domain_name_attribute . '=' . $parent . ')' . $domain_filter . ')';
+
+        $domain_entry = self::normalize_result($this->_search($domain_base_dn, $domain_filter));
+
+        // TODO: Catch not having found any such parent domain
+
+        $domain_dn = key($domain_entry);
+
+        //    private function modify_entry($subject_dn, $old_attrs, $new_attrs)
+
+        $_old_attr = array($domain_name_attribute => $domain_entry[$domain_dn][$domain_name_attribute]);
+        $_new_attr = array($domain_name_attribute => array($domain_entry[$domain_dn][$domain_name_attribute], $domain));
+
+        return $this->modify_entry($domain_dn, $_old_attr, $_new_attr);
+
+
+        
+    }
+
     /**
      * Shortcut to ldap_bind()
      */
@@ -1595,6 +1641,11 @@ class LDAP
         return $ldap_entries;
     }
 
+    private function _search($base_dn, $search_filter = '(objectClass=*)', $attributes = array('*'))
+    {
+        return $this->__search($base_dn, $search_filter, $attributes);
+    }
+
     /**
      * Shortcut to ldap_search()
      */
@@ -1615,7 +1666,7 @@ class LDAP
         }
 
         if (($search_results = @ldap_search($this->conn, $base_dn, $search_filter, $attributes)) == false) {
-            //message("Could not search in " . __METHOD__ . " in " . __FILE__ . " on line " . __LINE__ . ": " . $this->_errstr());
+            //console("Could not search in " . __METHOD__ . " in " . __FILE__ . " on line " . __LINE__ . ": " . $this->_errstr());
             return false;
         }
 


commit ff52febdc663feac76338d1429c9ce19d6bb09ab
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Mon May 14 12:49:22 2012 +0200

    Add Auth::domain_add()

diff --git a/lib/Auth.php b/lib/Auth.php
index fd34e97..d77b6a8 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -205,6 +205,11 @@ class Auth {
         return $this->_auth[$_SESSION['user']->get_domain()]->attribute_details($attributes);
     }
 
+    public function domain_add($domain, $parent_domain=null)
+    {
+        return $this->_auth[$_SESSION['user']->get_domain()]->domain_add($domain, $parent_domain);
+    }
+
     public function find_user_groups($member_dn)
     {
         return $this->_auth[$_SESSION['user']->get_domain()]->find_user_groups($member_dn);





More information about the commits mailing list