[sork] PATCH: rework ldap backend
Richard.Heggs at nottinghamcity.gov.uk
Richard.Heggs at nottinghamcity.gov.uk
Thu Dec 11 09:03:03 PST 2003
Hi List,
This is a repost of my patch from 3rd Dec, rediffed against CVS.
Changes:
lib/Driver.php:
- isEnabled() returns 'Y', 'N' or null, and main.php to take this into
account. This means that if the backend can say with certainty that
vacation is enabled/disabled, the fact can be reported to the user. If the
backend is not so reliable, the functionality is unchanged.
main.php:
- Make use of the new form of isEnabled().
lib/Driver/ldap.php:
- Added more detailed comments at the top of the file, explaining each
option.
- Fixed a typo :)
- Renamed some functions (eg get_ -> get) to fit the naming convention of
the other drivers
- Added a 'version' parameter - PHP4 defaults to LDAP protocol 2, but newer
versions of OpenLDAP default to protocol 3, so it is necessary to set the
appropriate option befor calling ldap_bind().
I'm using this on my test box and it seems to work ok.
Comments would be appreciated (especially nice ones :)
Cheers,
--
Richard Heggs
Systems Analyst
Nottingham City Council
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
######################################################################
This e-mail (and any attachments) is confidential and may contain personal
views which are not the views of Nottingham City Council unless specifically
stated. If you have received it in error, please delete it from your system,
do not use, copy or disclose the information in any way nor act in reliance
on it and notify the sender immediately. Please note that Nottingham City
Council monitors e-mails sent or received. Further communication will
signify your consent to this.
######################################################################
-------------- next part --------------
Index: main.php
===================================================================
RCS file: /var/rsync-horde/vacation/main.php,v
retrieving revision 1.35
diff -u -r1.35 main.php
--- main.php 24 Sep 2003 15:23:07 -0000 1.35
+++ main.php 3 Dec 2003 09:45:43 -0000
@@ -94,10 +94,15 @@
// this fails, it could be because it is disabled, or just because we
// can't tell, so just be quiet about it.
$pass = Auth::getCredential('password');
-if ($driver->isEnabled($user, $realm, $pass)) {
+if ($driver->isEnabled($user, $realm, $pass) == "Y") {
$curmessage = $driver->currentMessage($user, $realm, $pass);
$notification->push(_("Your vacation notice is currently enabled."), 'horde.success');
+} else if ($driver->isEnabled($user, $realm, $pass) == "N") {
+ $curmessage = $driver->currentMessage($user, $realm, $pass);
+ $notification->push(_("Your vacation notice is currently disabled."), 'horde.warning');
} else {
+ // If the driver can't tell the difference between "disabled" and
+ // "unknown", be inscrutable.
$curmessage = $conf['vacation']['default'];
}
Index: lib/Driver.php
===================================================================
RCS file: /var/rsync-horde/vacation/lib/Driver.php,v
retrieving revision 1.19
diff -u -r1.19 Driver.php
--- lib/Driver.php 30 Oct 2003 23:38:37 -0000 1.19
+++ lib/Driver.php 3 Dec 2003 09:47:36 -0000
@@ -96,7 +96,10 @@
// Check vacation flag.
if ($current_details['vacation'] === 'y' ||
$current_details['vacation'] === 'Y') {
- return true;
+ return "Y";
+ } else if ($current_details['vacation'] === 'n' ||
+ $current_details['vacation'] === 'N') {
+ return "N";
} else {
return false;
}
Index: lib/Driver/ldap.php
===================================================================
RCS file: /var/rsync-horde/vacation/lib/Driver/ldap.php,v
retrieving revision 1.2
diff -u -r1.2 ldap.php
--- lib/Driver/ldap.php 3 Oct 2003 19:16:18 -0000 1.2
+++ lib/Driver/ldap.php 3 Dec 2003 12:50:43 -0000
@@ -7,8 +7,23 @@
* See the enclosed file LICENSE for license information (BSD). If you
* did not receive this file, see http://www.horde.org/bsdl.php.
*
- * Vacation_Driver_forwards:: implements the Vacation_Driver API for ftp driven
- * dot-forward compliant mail servers.
+ * Vacation_Driver_ldap:: implements the Vacation_Driver API for LDAP-compliant
+ * mail servers (such as Exim).
+ *
+ * Parameters:
+ * (required)
+ * host - hostname of the LDAP server
+ * port - port number of the LDAP service
+ * basedn - base DN of the user directory
+ * uid - attribute to use for uid
+ * vacation - attribute to use for storing the vacation message
+ * active - attribute which determines if the vacation message is active
+ * (optional)
+ * userdn - another way of specifying the user DN (instead of
+ * constructing it from uid+basedn).
+ * version - Protocol version for the LDAP server (PHP defaults
+ * to version 2. OpenLDAP >= 2.1.4 uses version 3, and
+ * so must be set explicitly).
*
* @author Eric Rostetter <eric.rostetter at physics.utexas.edu>
* @version $Revision: 1.2 $
@@ -50,6 +65,10 @@
if (!$this->_ds) {
return PEAR::raiseError(_("Could not connect to ldap server"));
}
+ if (array_key_exists('version', $this->_params[$realm])) {
+ ldap_set_option($this->_ds, LDAP_OPT_PROTOCOL_VERSION,
+ $this->_params[$realm]['version']);
+ }
if (!is_null($userdn)) {
$result = @ldap_bind($this->_ds, $userdn, $password);
@@ -142,7 +161,7 @@
* @param string $target The message to install.
* @return boolean Returns true on success, false on error.
*/
- function set_vacation($user, $realm, $pass, $message)
+ function setVacation($user, $realm, $pass, $message)
{
// Make sure the configuration file is correct
if (!$this->check_config($realm)) {
@@ -161,12 +180,10 @@
// connect as the user
$res = $this->_connect($userdn, $pass, $realm);
- if (PEAR::isError($res)) {
- $this->_disconnect();
- if ($res->getMessage() == _("Could not bind to ldap server")) {
- return PEAR::raiseError(_("Incorect Password"));
- }
- return $res;
+ if (is_a($res, 'PEAR_Error')) {
+ $this->err_str = $res->getMessage();
+ $this->err_str .= ' - ' . _("Check your password");
+ return false;
}
// Prepare the message. \n->\n\n and UTF-8 encode.
@@ -175,8 +192,10 @@
// change the user's vacation.
$newDetails[$this->_params[$realm]['vacation']] = $message;
+ $newDetails[$this->_params[$realm]['active']] = "Y";
$res = ldap_mod_replace($this->_ds, $userdn, $newDetails);
- $value = $this->_get_vacation($userdn, $this->_params[$realm]['vacation']);
+ $attribs = array($this->_params[$realm]['vacation'], $this->_params[$realm]['active']);
+ $value = $this->_get_vacation($userdn, $attribs);
if (!$res) {
$res = PEAR::raiseError(ldap_error($this->_ds));
}
@@ -187,7 +206,7 @@
return true;
}
- function get_vacation($realm = 'default', $user, $pass)
+ function _getUserDetails($user, $realm = 'default', $pass)
{
// Make sure the configuration file is correct
if (!$this->check_config($realm)) {
@@ -209,39 +228,45 @@
if (PEAR::isError($res)) {
$this->_disconnect();
if ($res->getMessage() == _("Could not bind to ldap server")) {
- return PEAR::raiseError(_("Incorect Password"));
+ return PEAR::raiseError(_("Incorrect Password"));
}
return $res;
}
- $vac = $this->_params[$realm]['vacation'];
- $msg = $this->_get_vacation($userdn, $vac);
-
- // Disconnect from ldap server.
- $this->_disconnect();
+ $attribs = array($this->_params[$realm]['vacation'], $this->_params[$realm]['active']);
+ $vac = $this->_get_vacation($userdn, $attribs);
// Prepare the message. \n->\n\n and UTF-8 encode.
- $msg = str_replace("\\\\n", "\r\n", $msg);
- $msg = mb_convert_encoding($msg, "ISO-8859-1", "UTF-8");
- return $msg;
+ $vac['message'] = str_replace("\\\\n", "\r\n", $vac['message']);
+ $vac['message'] = mb_convert_encoding($vac['message'], "ISO-8859-1", "UTF-8");
+
+ return $vac;
}
- function _get_vacation($userdn, $vac)
+ function _get_vacation($userdn, $attribs)
{
- $sr = ldap_search($this->_ds, $userdn, "$vac=*");
+ $sr = ldap_search($this->_ds, $userdn, "uid=*", $attribs);
$entry = ldap_first_entry($this->_ds, $sr);
if (!$entry) {
return false;
}
- $values = ldap_get_values($this->_ds, $entry, $vac);
- if ($values["count"] == 0) {
+ $value = ldap_get_values($this->_ds, $entry, $attribs[0]);
+ if ($value["count"] == 0) {
+ return false;
+ }
+ $retval['message'] = $value[0];
+ $value = ldap_get_values($this->_ds, $entry, $attribs[1]);
+ if ($value["count"] == 0) {
return false;
}
- return $values[0];
+ $retval['vacation'] = $value[0];
+ return $retval;
}
/**
- * Remove any existing vacation notices.
+ * Deactivate the vacation notice.
+ * NB: This does not delete the vacation message, just marks it as
+ * disabled.
*
* @param string $user The user to disable vacation notices for.
* @param string $realm The realm of the user.
@@ -249,7 +274,7 @@
*
* @return boolean Returns true on success, false on error.
*/
- function unset_vacation($user, $realm, $pass)
+ function unsetVacation($user, $realm, $pass)
{
// Make sure the configuration file is correct
if (!$this->check_config($realm)) {
@@ -276,11 +301,9 @@
return $res;
}
- // del the user's vacation.
- $value = $this->_get_vacation($userdn,
- $this->_params[$realm]['vacation']);
- $newDetails[$this->_params[$realm]['vacation']] = $value;
- $res = ldap_mod_del($this->_ds, $userdn, $newDetails);
+ // Set the vacation message to inactive.
+ $newDetails[$this->_params[$realm]['active']] = "N";
+ $res = ldap_mod_replace($this->_ds, $userdn, $newDetails);
if (!$res) {
$res = PEAR::raiseError(ldap_error($this->_ds));
}
More information about the sork
mailing list