HomeLab/ldap-user-manager
2
0
Fork 0
mirror of https://github.com/wheelybird/ldap-user-manager.git synced 2025-01-18 23:42:54 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add dynamic Group Attribute. (#119)

Browse Source 
* Add dynamic Group Attribute.

* Update ldap_functions.inc.php

* Update show_group.php

* Update run_checks.php
This commit is contained in:
huzvar 2021-10-05 15:55:22 +02:00 committed by GitHub
parent 7753eb4a7b
commit 08a37ee961
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
www/account_manager/show_group.php
View File

@ -50,7 +50,7 @@ elseif (isset($_POST['initialise_group'])) {
$new_group = FALSE; $new_group = FALSE;
$initialise_group = TRUE; $initialise_group = TRUE;
$current_members = array(); $current_members = array();
$full_dn = "cn=$group_cn,${LDAP['group_dn']}"; $full_dn = "${LDAP['group_attribute']}=$group_cn,${LDAP['group_dn']}";
$has_been = "created"; $has_been = "created";
} }
else { else {

1
www/includes/config.inc.php
View File

@ -24,6 +24,7 @@
#Optional #Optional
$LDAP['account_attribute'] = (getenv('LDAP_ACCOUNT_ATTRIBUTE') ? getenv('LDAP_ACCOUNT_ATTRIBUTE') : 'uid'); $LDAP['account_attribute'] = (getenv('LDAP_ACCOUNT_ATTRIBUTE') ? getenv('LDAP_ACCOUNT_ATTRIBUTE') : 'uid');
$LDAP['group_attribute'] = (getenv('LDAP_GROUP_ATTRIBUTE') ? getenv('LDAP_GROUP_ATTRIBUTE') : 'cn');
$LDAP['group_ou'] = (getenv('LDAP_GROUP_OU') ? getenv('LDAP_GROUP_OU') : 'groups'); $LDAP['group_ou'] = (getenv('LDAP_GROUP_OU') ? getenv('LDAP_GROUP_OU') : 'groups');
$LDAP['user_ou'] = (getenv('LDAP_USER_OU') ? getenv('LDAP_USER_OU') : 'people'); $LDAP['user_ou'] = (getenv('LDAP_USER_OU') ? getenv('LDAP_USER_OU') : 'people');

26
www/includes/ldap_functions.inc.php
View File

@ -420,9 +420,9 @@ function ldap_get_group_list($ldap_connection,$start=0,$entries=NULL,$sort="asc"
$records = array(); $records = array();
foreach ($result as $record) { foreach ($result as $record) {
if (isset($record['cn'][0])) { if (isset($record[$LDAP['group_attribute']][0])) {
array_push($records, $record['cn'][0]); array_push($records, $record[$LDAP['group_attribute']][0]);
} }
} }
@ -444,7 +444,7 @@ function ldap_get_dn_of_group($ldap_connection,$group_name) {
if (isset($group_name)) { if (isset($group_name)) {
$ldap_search_query = "(cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")"; $ldap_search_query = "(${LDAP['group_attribute']}=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")";
$ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query , array("dn")); $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query , array("dn"));
$result = @ ldap_get_entries($ldap_connection, $ldap_search); $result = @ ldap_get_entries($ldap_connection, $ldap_search);
@ -466,7 +466,7 @@ function ldap_get_group_members($ldap_connection,$group_name,$start=0,$entries=N
if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); } if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
$ldap_search_query = "(cn=". ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")"; $ldap_search_query = "(${LDAP['group_attribute']}=". ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")";
$ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query, array($LDAP['group_membership_attribute'])); $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query, array($LDAP['group_membership_attribute']));
$result = @ ldap_get_entries($ldap_connection, $ldap_search); $result = @ ldap_get_entries($ldap_connection, $ldap_search);
@ -513,7 +513,7 @@ function ldap_is_group_member($ldap_connection,$group_name,$username) {
if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); } if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
$ldap_search_query = "(cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")"; $ldap_search_query = "(${LDAP['group_attribute']}=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")";
$ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query); $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query);
if ($ldap_search) { if ($ldap_search) {
@ -550,13 +550,13 @@ function ldap_user_group_membership($ldap_connection,$username) {
} }
$ldap_search_query = "(&(objectClass=posixGroup)(${LDAP['group_membership_attribute']}=${username}))"; $ldap_search_query = "(&(objectClass=posixGroup)(${LDAP['group_membership_attribute']}=${username}))";
$ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query, array('cn')); $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query, array($LDAP['group_attribute']));
$result = ldap_get_entries($ldap_connection, $ldap_search); $result = ldap_get_entries($ldap_connection, $ldap_search);
$groups = array(); $groups = array();
foreach ($result as $record) { foreach ($result as $record) {
if (isset($record['cn'][0])) { if (isset($record[$LDAP['group_attribute']][0])) {
array_push($groups, $record['cn'][0]); array_push($groups, $record[$LDAP['group_attribute']][0]);
} }
} }
sort($groups); sort($groups);
@ -578,7 +578,7 @@ function ldap_new_group($ldap_connection,$group_name,$initial_member="") {
$new_group = ldap_escape($group_name, "", LDAP_ESCAPE_FILTER); $new_group = ldap_escape($group_name, "", LDAP_ESCAPE_FILTER);
$initial_member = ldap_escape($initial_member, "", LDAP_ESCAPE_FILTER); $initial_member = ldap_escape($initial_member, "", LDAP_ESCAPE_FILTER);
$ldap_search_query = "(cn=$new_group,${LDAP['group_dn']})"; $ldap_search_query = "(${LDAP['group_attribute']}=$new_group,${LDAP['group_dn']})";
$ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query); $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query);
$result = @ ldap_get_entries($ldap_connection, $ldap_search); $result = @ ldap_get_entries($ldap_connection, $ldap_search);
@ -643,7 +643,7 @@ function ldap_delete_group($ldap_connection,$group_name) {
if (isset($group_name)) { if (isset($group_name)) {
$delete_query = "cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']}"; $delete_query = "${LDAP['group_attribute']}=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']}";
$delete = @ ldap_delete($ldap_connection, $delete_query); $delete = @ ldap_delete($ldap_connection, $delete_query);
if ($delete) { if ($delete) {
@ -668,7 +668,7 @@ function ldap_get_gid_of_group($ldap_connection,$group_name) {
if (isset($group_name)) { if (isset($group_name)) {
$ldap_search_query = "(cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")"; $ldap_search_query = "(${LDAP['group_attribute']}=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")";
$ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query , array("gidNumber")); $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query , array("gidNumber"));
$result = @ ldap_get_entries($ldap_connection, $ldap_search); $result = @ ldap_get_entries($ldap_connection, $ldap_search);
@ -865,7 +865,7 @@ function ldap_add_member_to_group($ldap_connection,$group_name,$username) {
if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); } if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
$group_dn = "cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']}"; $group_dn = "${LDAP['group_attribute']}=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']}";
if ($LDAP['group_membership_uses_uid'] == FALSE) { if ($LDAP['group_membership_uses_uid'] == FALSE) {
$username = "${LDAP['account_attribute']}=$username,${LDAP['user_dn']}"; $username = "${LDAP['account_attribute']}=$username,${LDAP['user_dn']}";
@ -900,7 +900,7 @@ function ldap_delete_member_from_group($ldap_connection,$group_name,$username) {
else { else {
if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); } if ($LDAP['rfc2307bis_check_run'] != TRUE) { $rfc2307bis_available = ldap_detect_rfc2307bis($ldap_connection); }
$group_dn = "cn=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']}"; $group_dn = "${LDAP['group_attribute']}=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ",${LDAP['group_dn']}";
if ($LDAP['group_membership_uses_uid'] == FALSE and $username != "") { if ($LDAP['group_membership_uses_uid'] == FALSE and $username != "") {
$username = "${LDAP['account_attribute']}=$username,${LDAP['user_dn']}"; $username = "${LDAP['account_attribute']}=$username,${LDAP['user_dn']}";

4
www/setup/run_checks.php
View File

@ -187,7 +187,7 @@ else {
} }
$defgroup_filter = "(&(objectclass=posixGroup)(cn=${DEFAULT_USER_GROUP}))"; $defgroup_filter = "(&(objectclass=posixGroup)(${LDAP['group_attribute']}=${DEFAULT_USER_GROUP}))";
$ldap_defgroup_search = ldap_search($ldap_connection, "${LDAP['base_dn']}", $defgroup_filter); $ldap_defgroup_search = ldap_search($ldap_connection, "${LDAP['base_dn']}", $defgroup_filter);
$defgroup_result = ldap_get_entries($ldap_connection, $ldap_defgroup_search); $defgroup_result = ldap_get_entries($ldap_connection, $ldap_defgroup_search);
@ -207,7 +207,7 @@ else {
} }
$adminsgroup_filter = "(&(objectclass=posixGroup)(cn=${LDAP['admins_group']}))"; $adminsgroup_filter = "(&(objectclass=posixGroup)(${LDAP['group_attribute']}=${LDAP['admins_group']}))";
$ldap_adminsgroup_search = ldap_search($ldap_connection, "${LDAP['base_dn']}", $adminsgroup_filter); $ldap_adminsgroup_search = ldap_search($ldap_connection, "${LDAP['base_dn']}", $adminsgroup_filter);
$adminsgroup_result = ldap_get_entries($ldap_connection, $ldap_adminsgroup_search); $adminsgroup_result = ldap_get_entries($ldap_connection, $ldap_adminsgroup_search);