[Tickets #6883] Re: group permission with LDAP does not work
bugs at horde.org
bugs at horde.org
Sat Oct 25 15:36:55 UTC 2008
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/6883
------------------------------------------------------------------------------
Ticket | 6883
Updated By | horde_list at blomberg.tk
Summary | group permission with LDAP does not work
Queue | Horde Framework Packages
Version | FRAMEWORK_3
Type | Bug
State | Resolved
Priority | 3. High
Milestone | 3.3
Patch |
Owners | Jan Schneider
------------------------------------------------------------------------------
horde_list at blomberg.tk (2008-10-25 11:36) wrote:
The supplied quoting algorithm does not work for me. It is shown by this:
--- sql.php.1.1.2.49 Fri Oct 24 17:50:36 2008
+++ sql.php Sat Oct 25 17:05:19 2008
@@ -671,10 +671,13 @@
if (!is_a($groups, 'PEAR_Error') && $groups) {
// (name == perm_groups and key in ($groups) and val & $perm)
$group_ids = array_keys($groups);
+ Horde::logMessage($group_ids[0], __FILE__, __LINE__,
PEAR_LOG_ERR);
array_walk($group_ids, array($this->_db, 'quote'));
+ Horde::logMessage($group_ids[0], __FILE__, __LINE__,
PEAR_LOG_ERR);
$query .= ' LEFT JOIN ' . $this->_table . '_groups
AS g ON g.share_id = s.share_id';
$where .= ' OR (g.group_uid IN (' . implode(',',
$group_ids) . ')'
. ' AND (g.perm & ' . $perm .') != 0)';
+ Horde::logMessage($where, __FILE__, __LINE__, PEAR_LOG_ERR);
} elseif (is_a($groups, 'PEAR_Error')) {
Horde::logMessage($groups, __FILE__, __LINE__, PEAR_LOG_ERR);
}
Oct 25 17:05:50 HORDE [error] [nag]
cn=filer,ou=Grupper,o=Blomberg,c=SE [pid 53781 on line 674 of
"/usr/local/www/horde/lib/Horde/Share/sql.php"]
Oct 25 17:05:50 HORDE [error] [nag]
cn=filer,ou=Grupper,o=Blomberg,c=SE [pid 53781 on line 676 of
"/usr/local/www/horde/lib/Horde/Share/sql.php"]
Oct 25 17:05:50 HORDE [error] [nag] s.share_owner = 'jbl' OR
(s.perm_creator & 2) != 0 OR (s.perm_default & 2) != 0 OR ( u.user_uid
= 'jbl' AND (u.perm & 2) != 0) OR (g.group_uid IN
(cn=filer,ou=Grupper,o=Blomberg,c=SE,cn=jbl,ou=Personliga,ou=Grupper,o=Blomberg,c=SE,cn=webadmin,ou=Grupper,o=Blomberg,c=SE,cn=smbdomusers,ou=Grupper,o=Blomberg,c=SE,cn=Horde-anv,ou=grupper,o=blomberg,c=se) AND (g.perm & 2) != 0) [pid 53781 on line 680 of
"/usr/local/www/horde/lib/Horde/Share/sql.php"]
Oct 25 17:05:50 HORDE [error] [nag] MDB2 Error: no such field:
_doQuery: [Error message: Could not execute statement]
[Last executed query: SELECT DISTINCT s.* FROM nag_shares s LEFT
JOIN nag_shares_users AS u ON u.share_id = s.share_id LEFT JOIN
nag_shares_groups AS g ON g.share_id = s.share_id WHERE s.share_owner
= 'jbl' OR (s.perm_creator & 2) != 0 OR (s.perm_default & 2) != 0 OR (
u.user_uid = 'jbl' AND (u.perm & 2) != 0) OR (g.group_uid IN
(cn=filer,ou=Grupper,o=Blomberg,c=SE,cn=jbl,ou=Personliga,ou=Grupper,o=Blomberg,c=SE,cn=webadmin,ou=Grupper,o=Blomberg,c=SE,cn=smbdomusers,ou=Grupper,o=Blomberg,c=SE,cn=Horde-anv,ou=grupper,o=blomberg,c=se) AND (g.perm & 2) != 0) ORDER BY s.attribute_name
ASC]
[Native message: ERROR: column "cn" does not exist
RAD 1: ... 'jbl' AND (u.perm & 2) != 0) OR (g.group_uid IN (cn=filer,o...
^]
[pid 53781 on line 457 of "/usr/local/www/horde/lib/Horde/Share/sql.php"]
Then, I changed the algorithm:
--- sql.php.1.1.2.49 Fri Oct 24 17:50:36 2008
+++ sql.php Sat Oct 25 17:09:25 2008
@@ -671,10 +671,17 @@
if (!is_a($groups, 'PEAR_Error') && $groups) {
// (name == perm_groups and key in ($groups) and val & $perm)
$group_ids = array_keys($groups);
- array_walk($group_ids, array($this->_db, 'quote'));
+ Horde::logMessage($group_ids[0], __FILE__, __LINE__,
PEAR_LOG_ERR);
+ //array_walk($group_ids, array($this->_db, 'quote'));
+ foreach ($group_ids as &$groupitem) {
+ $groupitem = $this->_db->quote($groupitem);
+ }
+ unset($groupitem);
+ Horde::logMessage($group_ids[0], __FILE__, __LINE__,
PEAR_LOG_ERR);
$query .= ' LEFT JOIN ' . $this->_table . '_groups
AS g ON g.share_id = s.share_id';
$where .= ' OR (g.group_uid IN (' . implode(',',
$group_ids) . ')'
. ' AND (g.perm & ' . $perm .') != 0)';
+ Horde::logMessage($where, __FILE__, __LINE__, PEAR_LOG_ERR);
} elseif (is_a($groups, 'PEAR_Error')) {
Horde::logMessage($groups, __FILE__, __LINE__, PEAR_LOG_ERR);
}
Now it quotes nicely:
Oct 25 17:10:57 HORDE [error] [nag]
cn=filer,ou=Grupper,o=Blomberg,c=SE [pid 41648 on line 674 of
"/usr/local/www/horde/lib/Horde/Share/sql.php"]
Oct 25 17:10:57 HORDE [error] [nag]
'cn=filer,ou=Grupper,o=Blomberg,c=SE' [pid 41648 on line 680 of
"/usr/local/www/horde/lib/Horde/Share/sql.php"]
Oct 25 17:10:57 HORDE [error] [nag] s.share_owner = 'jbl' OR
(s.perm_creator & 2) != 0 OR (s.perm_default & 2) != 0 OR ( u.user_uid
= 'jbl' AND (u.perm & 2) != 0) OR (g.group_uid IN
('cn=filer,ou=Grupper,o=Blomberg,c=SE','cn=jbl,ou=Personliga,ou=Grupper,o=Blomberg,c=SE','cn=webadmin,ou=Grupper,o=Blomberg,c=SE','cn=smbdomusers,ou=Grupper,o=Blomberg,c=SE','cn=Horde-anv,ou=grupper,o=blomberg,c=se') AND (g.perm & 2) != 0) [pid 41648 on line 684 of
"/usr/local/www/horde/lib/Horde/Share/sql.php"]
More information about the bugs
mailing list