2 commits - lib/api lib/Auth.php lib/kolab_api_service.php lib/kolab_client_task.php lib/User.php

Aleksander Machniak machniak at kolabsys.com
Thu Mar 27 09:49:59 CET 2014


 lib/Auth.php                             |   18 ------------
 lib/User.php                             |   46 +++++++++++--------------------
 lib/api/kolab_api_service_domain.php     |    2 -
 lib/api/kolab_api_service_form_value.php |    2 -
 lib/api/kolab_api_service_ou.php         |    2 -
 lib/api/kolab_api_service_role.php       |    4 +-
 lib/kolab_api_service.php                |   10 +++---
 lib/kolab_client_task.php                |    2 -
 8 files changed, 28 insertions(+), 58 deletions(-)

New commits:
commit c28a93980330f0f2bce80e131100f5f5d676032b
Author: Aleksander Machniak <machniak at kolabsys.com>
Date:   Thu Mar 27 09:49:05 2014 +0100

    Set 'userid' to unique attribute value in system.authenticate response, cs fixes

diff --git a/lib/User.php b/lib/User.php
index e7905cc..1ef2f60 100644
--- a/lib/User.php
+++ b/lib/User.php
@@ -3,7 +3,7 @@
  +--------------------------------------------------------------------------+
  | This file is part of the Kolab Web Admin Panel                           |
  |                                                                          |
- | Copyright (C) 2011-2012, Kolab Systems AG                                |
+ | Copyright (C) 2011-2014, Kolab Systems AG                                |
  |                                                                          |
  | This program is free software: you can redistribute it and/or modify     |
  | it under the terms of the GNU Affero General Public License as published |
@@ -25,31 +25,17 @@
 
 class User
 {
-    private $_authenticated = FALSE;
+    private $_authenticated = false;
+    private $_groups        = false;
     private $auth;
-
     private $userid;
     private $username;
     private $password;
-
-    private $_groups = FALSE;
-
     private $domain;
     private $working_domain;
 
 
-    public function _get_information()
-    {
-        // Return an array of information about this user. For one, the auth method.
-        $user['information'] = array(
-            'email_address' => $this->_auth_method->_get_email_address(),
-            'username' => $this->username,
-            'password' => $this->password,
-            'domain' => $this->get_domain()
-        );
-    }
-
-    public function authenticate($username, $password, $domain = null, $method = FALSE)
+    public function authenticate($username, $password, $domain = null, $method = false)
     {
         //console("Running with domain", $domain);
 
@@ -62,18 +48,19 @@ class User
         $result = $this->auth->authenticate($username, $password);
 
         if ($result) {
-            $this->_authenticated = TRUE;
+            $this->_authenticated = true;
             $this->username = $username;
             $this->password = $password;
             $this->userid   = $result;
+            $this->domain   = empty($domain) ? $this->auth->domain : $domain;
 
-            if (empty($domain)) {
-                $this->domain   = $this->auth->domain;
-            } else {
-                $this->domain = $domain;
+            // set unique attribute value as userid
+            if ($this->userid != 'cn=Directory Manager') {
+                $unique_attr = kolab_api_service::unique_attribute();
+                if ($result = $this->auth->get_entry_attribute($result, $unique_attr)) {
+                    $this->userid = $result;
+                }
             }
-
-            //$this->_groups = $this->groups();
         }
 
         return $this->_authenticated;
@@ -115,7 +102,7 @@ class User
         }
 
         $this->_groups = array();
-        $this->auth = Auth::get_instance();
+        $this->auth    = Auth::get_instance();
 
         $entry = $this->auth->user_find_by_attribute(array('mail' => $this->username));
 
@@ -142,7 +129,8 @@ class User
         // Validate access to domain
         // Set $this->working_domain
         $this->working_domain = $this->domain;
-        return TRUE;
+
+        return true;
     }
 
     public function set_domain($domain)
@@ -151,7 +139,7 @@ class User
         // Validate access to domain
         // Set $this->working_domain
         $this->working_domain = $domain;
-        return TRUE;
-    }
 
+        return true;
+    }
 }
diff --git a/lib/api/kolab_api_service_domain.php b/lib/api/kolab_api_service_domain.php
index 6b82d0d..16b1908 100644
--- a/lib/api/kolab_api_service_domain.php
+++ b/lib/api/kolab_api_service_domain.php
@@ -190,7 +190,7 @@ class kolab_api_service_domain extends kolab_api_service
         // TODO: Input validation
         if (!empty($getdata[$dna])) {
             $entry_dn    = $getdata[$dna];
-            $unique_attr = $this->unique_attribute();
+            $unique_attr = self::unique_attribute();
             $domain      = $auth->domain_find_by_attribute(array($unique_attr => $entry_dn));
 
             if (!empty($domain)) {
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 58b30a1..e013285 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -988,7 +988,7 @@ class kolab_api_service_form_value extends kolab_api_service
         $auth = Auth::get_instance();
         $conf = Conf::get_instance();
 
-        $unique_attr = $this->unique_attribute();
+        $unique_attr = self::unique_attribute();
         $object_type = $postdata['object_type'];
         $object_key  = $postdata['type_key'];
 
diff --git a/lib/api/kolab_api_service_ou.php b/lib/api/kolab_api_service_ou.php
index b7c902e..cd4fa28 100644
--- a/lib/api/kolab_api_service_ou.php
+++ b/lib/api/kolab_api_service_ou.php
@@ -136,7 +136,7 @@ class kolab_api_service_ou extends kolab_api_service
 
         // Org. units are special in that they are ldapsubentries.
         if (!empty($getdata['id'])) {
-            $unique_attr = $this->unique_attribute();
+            $unique_attr = self::unique_attribute();
             $unit        = $auth->organizationalunit_find_by_attribute(array($unique_attr => $getdata['id']));
 
             if (is_array($unit) && count($unit) == 1) {
diff --git a/lib/api/kolab_api_service_role.php b/lib/api/kolab_api_service_role.php
index 31c3a8b..f00c4df 100644
--- a/lib/api/kolab_api_service_role.php
+++ b/lib/api/kolab_api_service_role.php
@@ -140,8 +140,8 @@ class kolab_api_service_role extends kolab_api_service
 
         // Roles are special in that they are ldapsubentries.
         if (!empty($getdata['id'])) {
-            $unique_attr = $this->unique_attribute();
-            $role        = $auth->role_find_by_attribute(Array($unique_attr => $getdata['id']));
+            $unique_attr = self::unique_attribute();
+            $role        = $auth->role_find_by_attribute(array($unique_attr => $getdata['id']));
 
             if (is_array($role) && count($role) == 1) {
                 $role_dn = key($role);
diff --git a/lib/kolab_api_service.php b/lib/kolab_api_service.php
index 752c243..7b4ba62 100644
--- a/lib/kolab_api_service.php
+++ b/lib/kolab_api_service.php
@@ -371,7 +371,7 @@ abstract class kolab_api_service
 
             // unique attribute is always allowed
             if (($key = array_search('id', $post['attributes'])) !== false) {
-                $attributes[] = $this->unique_attribute();
+                $attributes[] = self::unique_attribute();
             }
         }
 
@@ -385,7 +385,7 @@ abstract class kolab_api_service
     protected function parse_list_result($result)
     {
         if (!empty($result) && !empty($result['count'])) {
-            $unique_attr = $this->unique_attribute();
+            $unique_attr = self::unique_attribute();
 
             // replace back unique attribute name with 'id'
             foreach ($result['list'] as $idx => $record) {
@@ -473,7 +473,7 @@ abstract class kolab_api_service
         $attrs       = $attrs[$dn];
         $extra_attrs = array();
         $type_id     = $this->object_type_id($object_name, $attrs);
-        $unique_attr = $this->unique_attribute();
+        $unique_attr = self::unique_attribute();
 
         // Search for attributes associated with the type_id that are not part
         // of the result returned earlier. Example: nsrole / nsroledn / aci, etc.
@@ -561,7 +561,7 @@ abstract class kolab_api_service
      *
      * @return string Unique attribute name
      */
-    protected function unique_attribute()
+    public static function unique_attribute()
     {
         $conf        = Conf::get_instance();
         $unique_attr = $conf->get('unique_attribute');
@@ -586,7 +586,7 @@ abstract class kolab_api_service
             return $this->cache['unique_attributes'][$dn];
         }
 
-        $unique_attr = $this->unique_attribute();
+        $unique_attr = self::unique_attribute();
         $auth        = Auth::get_instance();
         $result      = $auth->get_entry_attribute($dn, $unique_attr);
 
diff --git a/lib/kolab_client_task.php b/lib/kolab_client_task.php
index 2c016e6..8d95fba 100644
--- a/lib/kolab_client_task.php
+++ b/lib/kolab_client_task.php
@@ -226,7 +226,7 @@ class kolab_client_task
                             $user['language'] = $res['preferredlanguage'];
                             $user['fullname'] = $res['cn'];
 
-                            // overwrite user id set in login request, which is user base DN,
+                            // overwrite user id set in login request, which might be user base DN,
                             // with unique attribute, which suits better to our needs
                             $user['id'] = $res['id'];
                         }


commit 3d20d78200830449c97b7be6085dbd14882612bc
Author: Aleksander Machniak <machniak at kolabsys.com>
Date:   Thu Mar 27 09:08:10 2014 +0100

    Remove unused code

diff --git a/lib/Auth.php b/lib/Auth.php
index fa6c455..88a2cc5 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -181,24 +181,6 @@ class Auth {
         return $this->_auth[$domain];
     }
 
-    // TODO: Dummy function to be removed
-    public function attr_details($attribute)
-    {
-        $conf   = Conf::get_instance();
-        $domain = $conf->get('kolab', 'primary_domain');
-
-        return $this->auth_instance($domain)->attribute_details((array)$attribute);
-    }
-
-    // TODO: Dummy function to be removed
-    public function attrs_allowed($objectclasses = array())
-    {
-        $conf   = Conf::get_instance();
-        $domain = $conf->get('kolab', 'primary_domain');
-
-        return $this->auth_instance($domain)->allowed_attributes($objectclasses);
-    }
-
     public function allowed_attributes($objectclasses = array())
     {
         return $this->auth_instance()->allowed_attributes((array)$objectclasses);




More information about the commits mailing list