3 commits - lib/Auth lib/Auth.php lib/ext lib/kolab_api_service.php
Aleksander Machniak
machniak at kolabsys.com
Thu Oct 25 12:45:33 CEST 2012
lib/Auth.php | 5 ++--
lib/Auth/LDAP.php | 8 +++++++
lib/ext/Net/LDAP3.php | 15 ++++++++------
lib/kolab_api_service.php | 49 +++++++++++++++++++++++++---------------------
4 files changed, 47 insertions(+), 30 deletions(-)
New commits:
commit 97cf9a49f05ae7effa7138906242ce170553ef5b
Author: Aleksander Machniak <alec at alec.pl>
Date: Thu Oct 25 12:45:04 2012 +0200
Fix an issues where get_entry_attributes() was called without bind()
diff --git a/lib/Auth.php b/lib/Auth.php
index bd5c908..d7a0467 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -241,12 +241,13 @@ class Auth {
public function get_entry_attribute($subject, $attribute)
{
- return $this->auth_instance()->get_entry_attribute($subject, $attribute);
+ $entry = $this->auth_instance()->get_attributes($subject, (array)$attribute);
+ return $entry[$attribute];
}
public function get_entry_attributes($subject, $attributes)
{
- return $this->auth_instance()->get_entry_attributes($subject, $attributes);
+ return $this->auth_instance()->get_attributes($subject, $attributes);
}
public function group_add($attributes, $typeid = null)
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index e2f5d27..9bbcce0 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -242,6 +242,14 @@ class LDAP extends Net_LDAP3 {
}
+ public function get_attributes($subject_dn, $attributes)
+ {
+ $this->_log(LOG_DEBUG, "Auth::LDAP::get_attributes() for $subject_dn");
+ $this->bind($_SESSION['user']->user_bind_dn, $_SESSION['user']->user_bind_pw);
+
+ return $this->get_entry_attributes($subject_dn, $attributes);
+ }
+
public function group_add($attrs, $typeid = null)
{
$base_dn = $this->entry_base_dn('group', $typeid);
diff --git a/lib/kolab_api_service.php b/lib/kolab_api_service.php
index ac590d1..a2eda00 100644
--- a/lib/kolab_api_service.php
+++ b/lib/kolab_api_service.php
@@ -446,11 +446,11 @@ abstract class kolab_api_service
// Get extra attributes
if (!empty($extra_attrs)) {
$extra_attrs = $auth->get_entry_attributes($dn, $extra_attrs);
+
if (!empty($extra_attrs)) {
$attrs = array_merge($attrs, $extra_attrs);
}
}
-
// Replace unique attribute with 'id' key
$attrs['id'] = $attrs[$unique_attr];
unset($attrs[$unique_attr]);
commit f221c0def33046dc0aedbfe69256ccd350744227
Author: Aleksander Machniak <alec at alec.pl>
Date: Thu Oct 25 12:32:48 2012 +0200
Exclude attributes not listed in object type definition
diff --git a/lib/kolab_api_service.php b/lib/kolab_api_service.php
index 7d9da8b..ac590d1 100644
--- a/lib/kolab_api_service.php
+++ b/lib/kolab_api_service.php
@@ -410,33 +410,35 @@ abstract class kolab_api_service
$dn = key($attrs);
$attrs = $attrs[$dn];
$extra_attrs = array();
-
- // add group type id to the result
- $attrs['type_id'] = $this->object_type_id($object_name, $attrs);
-
- if (empty($attrs['type_id'])) {
- if ($object_name == 'domain') {
- $attrs['type_id'] = 1;
- }
- }
+ $type_id = $this->object_type_id($object_name, $attrs);
+ $unique_attr = $this->unique_attribute();
// Search for attributes associated with the type_id that are not part
- // of the results returned earlier. Example: nsrole / nsroledn / aci, etc.
+ // of the result returned earlier. Example: nsrole / nsroledn / aci, etc.
// @TODO: this should go to LDAP class
- if ($attrs['type_id']) {
- $uta = $this->object_type_attributes($object_name, $attrs['type_id']);
-
- foreach ((array)$uta as $field_type => $attributes) {
- foreach ($attributes as $attribute => $data) {
- if (!array_key_exists($attribute, $attrs)) {
- $extra_attrs[] = $attribute;
- }
- }
- }
+ if ($type_id) {
+ $uta = $this->object_type_attributes($object_name, $type_id);
+
+ $attributes = array_merge(
+ array_keys((array) $uta['auto_form_fields']),
+ array_keys((array) $uta['form_fields']),
+ array_keys((array) $uta['fields'])
+ );
+ $attributes = array_filter($attributes);
+ $attributes = array_unique($attributes);
+
+ $object_attributes = array_keys($attrs);
+
+ // extra attributes
+ $extra_attrs = array_diff($attributes, $object_attributes);
+
+ // remove attributes not listed in object type definition
+ // @TODO: make this optional?
+ $attributes = array_flip(array_merge($attributes, array($unique_attr)));
+ $attrs = array_intersect_key($attrs, $attributes);
}
// Insert the persistent, unique attribute
- $unique_attr = $this->unique_attribute();
if (!array_key_exists($unique_attr, $attrs)) {
$extra_attrs[] = $unique_attr;
}
@@ -453,6 +455,9 @@ abstract class kolab_api_service
$attrs['id'] = $attrs[$unique_attr];
unset($attrs[$unique_attr]);
+ // add object type id to the result
+ $attrs['type_id'] = $type_id;
+
return $attrs;
}
commit 2cc2f49aaf644b6c32ad8eba3e3c375780ff2422
Author: Aleksander Machniak <alec at alec.pl>
Date: Thu Oct 25 12:24:01 2012 +0200
Fix possible error in get_entry_attributes(s) where search() result
wasn't checked for error
diff --git a/lib/ext/Net/LDAP3.php b/lib/ext/Net/LDAP3.php
index 2980076..466b351 100644
--- a/lib/ext/Net/LDAP3.php
+++ b/lib/ext/Net/LDAP3.php
@@ -714,10 +714,7 @@ class Net_LDAP3
public function get_entry_attribute($subject_dn, $attribute)
{
- $this->config_set('return_attributes', $attribute);
- $entries = $this->search($subject_dn, '(objectclass=*)', 'base')->entries(TRUE);
- $entry_dn = key($entries);
- $entry = $entries[$entry_dn];
+ $entry = $this->get_entry_attributes($subject_dn, (array)$attribute);
return $entry[$attribute];
}
@@ -725,9 +722,15 @@ class Net_LDAP3
public function get_entry_attributes($subject_dn, $attributes)
{
$this->config_set('return_attributes', $attributes);
- $entries = $this->search($subject_dn, '(objectclass=*)', 'base')->entries(TRUE);
+ $result = $this->search($subject_dn, '(objectclass=*)', 'base');
+
+ if (!$result) {
+ return array();
+ }
+
+ $entries = $result->entries(true);
$entry_dn = key($entries);
- $entry = $entries[$entry_dn];
+ $entry = $entries[$entry_dn];
return $entry;
}
More information about the commits
mailing list