[horde] Some user hooks questions

Kevin Myer kevin_myer at iu13.org
Sat Apr 23 15:00:14 PDT 2005 

Hi,

Using Horde 3.0.4 with LDAP authentication/user information.

I have a number of hooks in place to accomplish a few things:  populate the
fullname and email address (__prefs_hook_fullname and _prefs_hook_from_addr),
lowercase the login (_username_hook_frombackend), and recently, an attempt to
convert usernames into shorter names for user-friendly display in lists
(_username_hook_frombackend and _username_hook_tobackend).  All of the
functions are either in hooks.php.dist or taken from the Wiki, and are slightly
modified for our environment

I found that when using Administration -> Users to view the users in the system,
if I would click on a user, their Full Name and email address would be
populated with my information.  So it would seem that the admin module is
passing my userid to the hook function and not the userid that I'm viewing. 
After looking at the code from the Wiki, it would seem that the Auth::getAuth
and Auth:getBareAuth calls are what is actually doing this - regardless of the
value of $user passed to the hook, it will always return the info for the
currently logged in user.  So my question would be - is there an equivalent
Auth::getAuth function (or maybe not an Auth function but a utility function)
to lookup values for arbitrary users?

The lowercase hook worked fine - it was taken verbatim from the hooks.php.dist.

My goal with the username hooks was to make more user friendly lists of users to
choose from.  My old config worked like this:

$conf['auth']['params']['uid'] = 'mail' (use the mail attribute of the LDAP
entry for authentication)

I hacked the main login.php page to automatically append our domain to the
userid, and used the hordeauth option to the mail config in IMP to pass just
the bare uid to the mail server for login there.  That worked ok but it had
several drawbacks - a minor, custom change was required to login.php and I want
to try to keep the base Horde and its modules as close to stock as possible and
do everthing with hooks.  And list of users all had their userid at iu13.org
displayed, where I really wanted just userid, or even better Userid's Full
Name.

So I decided to use the hooks to do this same thing.  Problem is, when I added
these two functions, I ran into display problems on the Permission screens for
the various apps that could be shared with other users:

if (!function_exists('_username_hook_frombackend')) {
    function _username_hook_frombackend($userID)
   {
        global $conf;
        $vdomain = $conf['mailer']['params']['localhost']; // our domain
       return String::lower($userID) . '@' . $vdomain;
    }
}

if (!function_exists('_username_hook_tobackend')) {
    function _username_hook_tobackend($userID)
    {
        global $conf;
       $vdomain = $conf['mailer']['params']['localhost']; // our domain
        $userID = substr($userID, 0, -(strlen($vdomain)+1));

        return $userID;
    }
}

For myself (the owner) and any users I had previously given shared permissions
to, the hooks work - everything after, and including, the @ sign was stripped. 
But in the list of Individual Users, I saw really weird behaviour:

The lists are truncated after a few characters, so I only see a few of the first
letters of the uid.  For some uids, I see nothing at all.  If I select a blank
user, or one of the truncated users, and save the permissions, then look in my
SQL DataTree backend, the userid is correct.  For example, there is a demo_user
account.  It shows up as blank in the Individual Users list.  I can assign
permissions, and look in the DataTree, and it shows up as demo_user.  Another
user, ali_namechanged shows up as ali_na but gets saved as ali_namechanged.

Which brings up another issue.  My understanding (at least from what's in the
conf.xml) was that the hooks for the username functions were useful for display
purposes.  But it looks to me like when I'm saving permissions, the frombackend
hook is not being called, and the shortened uid, without the domain, is being
saved.  Is this the correct behaviour?  Or, now that I think about it, is this
because my uid values in LDAP are the short values, and the hooks values aren't
being called at all for them?  Or they're getting called for display purposes
in the list, but not when the value is being saved?  Is there another hook I
should be using for saving the values, so that the value that is saved for
permissions is the uid + our domain?

A more succint way of saying what I want to do is this:

Have users login with their uid (without a domain).  Have Horde append our
domain, so that horde_prefs are stored with a uid at domain and permissions would
also be stored with full uid at domain values.  Have lists of users display values
that are either just uid, or Fullname(uid).

Thanks,
Kevin

-- 
Kevin M. Myer
Senior Systems Administrator
Lancaster-Lebanon Intermediate Unit 13  http://www.iu13.org

More information about the horde mailing list