Source for file dftk_ldap_connection.php
Documentation is available at dftk_ldap_connection.php
1 <?php
2 /*
3
4 Copyright (c)2003 DuckCorp(tm) and RtpNet(tm)
5
6
7
8 This file is part of DFTK.
9
10 DFTK is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
14
15 DFTK is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with DFTK; if not, write to the Free Software
22 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25
26 /**
27 * @package dftk
28 * @author Duck <duck@DuckCorp.org>
29 * @author Rtp <rtp@rtp-net.org>
30 * @copyright Copyright (c)2003 DuckCorp(tm) and RtpNet(tm)
31 * @license http://www.gnu.org/licenses/gpl.html GNU General Public License
32 * @version 0.4.0
33 */
34
35
36 /**
37 * DFTK LDAP Connection Handling Class
38 *
39 * @package dftk
40 * @subpackage dftk-ldap
41 * @author Duck <duck@DuckCorp.org>
42 *
43 * @access public
44 */
45 class DftkLdapConnection extends DftkLdapBase
46 {
47 /**
48 * Connected to an LDAP server ?
49 *
50 * @access private
51 * @var boolean
52 */
53 var $_connected;
54 /**
55 * LDAP Server
56 * @access private
57 * @var string
58 */
59 var $_server;
60 /**
61 * LDAP Ressource
62 *
63 * @access private
64 * @var integer
65 */
66 var $_ds;
67 /**
68 * Logged in ?
69 *
70 * @access private
71 * @var boolean
72 */
73 var $_binded;
74 /**
75 * User Bind DN
76 *
77 * @access private
78 * @var string
79 */
80 var $_bind_dn;
81 /**
82 * User Bind Password
83 *
84 * @access private
85 * @var string
86 */
87 var $_bind_passwd;
88 /**
89 * User Type
90 *
91 * 0 => Unknown User Type
92 * 1 => Common User
93 * 2 => Admin User
94 * 3 => Service User
95 *
96 * @access private
97 * @var integer
98 */
99 var $_user_type;
100 /**
101 * Helping parameters set ?
102 *
103 * @access private
104 * @var boolean
105 */
106 var $_has_wrapping_parameters;
107 /**
108 * LDAP Base DN
109 *
110 * @access private
111 * @var string
112 */
113 var $_base_dn;
114 /**
115 * User part DN
116 *
117 * @access private
118 * @var string
119 */
120 var $_user_part_dn;
121 /**
122 * Common User part DN
123 *
124 * @access private
125 * @var string
126 */
127 var $_commonuser_part_dn;
128 /**
129 * Admin part User
130 *
131 * @access private
132 * @var string
133 */
134 var $_adminuser_part_dn;
135 /**
136 * Service User part DN
137 *
138 * @access private
139 * @var string
140 */
141 var $_serviceuser_part_dn;
142
143 /**
144 * Constructor
145 *
146 * @access public
147 * @param object DftkDaTraceManager &$tracemgr Trace Manager
148 */
149 function DftkLdapConnection(&$tracemgr)
150 {
151 DftkLdapBase::DftkLdapBase(&$tracemgr);
152
153 $this->_init();
154
155 register_shutdown_function(array(&$this, "_DftkLdapConnection"));
156 }
157
158 /**
159 * Destructor
160 *
161 * @access private
162 */
163 function _DftkLdapConnection()
164 {
165 if ($this->_connected)
166 $this->disconnect();
167 }
168
169 /**
170 * Initialisation
171 *
172 * @access private
173 */
174 function _init()
175 {
176 $this->_server = "";
177 $this->_connected = false;
178 $this->_ds = 0;
179 $this->_binded = false;
180 $this->_bind_dn = "";
181 $this->_bind_passwd = "";
182 $this->_user_type = 0;
183 $this->_has_wrapping_parameters = "";
184 $this->_base_dn = "";
185 $this->_user_part_dn = "";
186 $this->_commonuser_part_dn = "";
187 $this->_adminuser_part_dn = "";
188 $this->_serviceuser_part_dn = "";
189 }
190
191 /**
192 * Connect to an LDAP server
193 *
194 * @access public
195 * @param string $server Server Name
196 * @param boolean $checkv3 Protocol version 3 needed ?
197 * @return object DftkDaTrace $r Trace
198 */
199 function &connect($server, $checkv3 = true)
200 {
201 $r =& $this->_tracemgr->create_trace();
202 $this->_server = $server;
203
204 if ($this->_connected)
205 {
206 $r2 =& $this->disconnect();
207 $r->merge_traces(&$r2);
208 }
209
210 $this->_ds = @ldap_connect($this->_server);
211 if ($this->_ds)
212 {
213 if ($checkv3 && !ldap_set_option($this->_ds, LDAP_OPT_PROTOCOL_VERSION, 3))
214 {
215 $r2 =& $this->disconnect();
216 $r->merge_traces(&$r2);
217 $r->add_event('dftk-ldap_badprotover');
218 }
219 else
220 $this->_connected = true;
221 }
222 else
223 $r->add_event('dftk-ldap_cannotconnect');
224
225 return $r;
226 }
227
228 /**
229 * Disconnect from an LDAP server
230 *
231 * @access public
232 * @return object DftkDaTrace $r Trace
233 */
234 function &disconnect()
235 {
236 $r =& $this->_prerequisite(false, false);
237
238 if (!$r->has_error())
239 {
240 if (@ldap_close($this->_ds))
241 $this->_init();
242 else
243 $r->add_event('dftk-ldap_probdisconnect');
244 }
245 else
246 $r->add_event('dftk-ldap_cannotdisconnect');
247
248 return $r;
249 }
250
251 /**
252 * Log into an ldap server
253 *
254 * @access public
255 * @param string $bind_dn dn of the user
256 * @param string $bind_passwd password for the user
257 * @return object DftkDaTrace $r Trace
258 */
259 function &bind($bind_dn, $bind_passwd)
260 {
261 $r =& $this->_prerequisite(false, false);
262
263 if (!$r->has_error())
264 {
265 if (@ldap_bind($this->_ds, $bind_dn, $bind_passwd))
266 {
267 $this->_binded =true;
268 $this->_bind_dn = $bind_dn;
269 $this->_bind_passwd = $bind_passwd;
270 $this->_user_type = 0;
271 }
272 else
273 $r->add_event('dftk-ldap_probbind', ldap_error($this->_ds));
274 }
275
276 return $r;
277 }
278
279 /**
280 * Set helping parameters
281 *
282 * @access public
283 * @param string $base_dn DN of the root node of LDAP
284 * @param string $user_part_dn Part of the DN to add to find all the users
285 * @param string $commonuser_part_dn Part of the DN to add to find the common users
286 * @param string $adminuser_part_dn Part of the DN to add to find the admin users
287 * @param string $serviceuser_part_dn Part of the DN to add to find the service users
288 * @return object DftkDaTrace $r Trace
289 */
290 function &set_wrapping_parameter($base_dn, $user_part_dn, $commonuser_part_dn, $adminuser_part_dn, $serviceuser_part_dn)
291 {
292 $r =& $this->_tracemgr->create_trace();
293
294 $this->_has_wrapping_parameters = true;
295 $this->_base_dn = $base_dn;
296 $this->_user_part_dn = $user_part_dn;
297 $this->_commonuser_part_dn = $commonuser_part_dn;
298 $this->_adminuser_part_dn = $adminuser_part_dn;
299 $this->_serviceuser_part_dn = $serviceuser_part_dn;
300
301 return $r;
302 }
303
304 /**
305 * Log into an ldap server
306 *
307 * @access public
308 * @param string $bind_user UID for the user
309 * @param string $bind_passwd password for the user
310 * @return object DftkDaTrace $r Trace
311 */
312 function &w_bind($bind_user, $bind_passwd)
313 {
314 $r =& $this->_prerequisite(false, true);
315 if (!$r->has_error())
316 {
317 $this->_user_type = 0;
318
319 $bind_dn = "uid=".$bind_user.",".$this->_commonuser_part_dn.",".$this->_user_part_dn.",".$this->_base_dn;
320 if (!@ldap_bind($this->_ds, $bind_dn, $bind_passwd))
321 {
322 $bind_dn = "uid=".$bind_user.",".$this->_adminuser_part_dn.",".$this->_user_part_dn.",".$this->_base_dn;
323 if (!@ldap_bind($this->_ds, $bind_dn, $bind_passwd))
324 {
325 $bind_dn = "uid=".$bind_user.",".$this->_serviceuser_part_dn.",".$this->_user_part_dn.",".$this->_base_dn;
326 if (!@ldap_bind($this->_ds, $bind_dn, $bind_passwd))
327 {
328 $r->add_event('dftk-ldap_probbind');
329 return false;
330 }
331 else
332 $this->_user_type = 3;
333 }
334 else
335 $this->_user_type = 2;
336 }
337 else
338 $this->_user_type = 1;
339
340 if ($this->_user_type)
341 {
342 $this->_binded =true;
343 $this->_bind_dn = $bind_dn;
344 $this->_bind_passwd = $bind_passwd;
345 }
346 }
347
348 return $r;
349 }
350
351 /**
352 * Give the user type (Admin/Common/Service)
353 *
354 * @access public
355 * @return object DftkDaTrace $r Trace
356 */
357 function &get_user_type()
358 {
359 $r =& $this->_prerequisite(true, false);
360
361 if (!$r->has_error())
362 $r->set_result('user_type', $this->_user_type);
363
364 return $r;
365 }
366
367 /**
368 * Search in the LDAP Database
369 *
370 * @access public
371 * @param string $base DN where to begin the search
372 * @param string $search Search pattern
373 * @param object DftkLdapEntries &$entries Object where to put results
374 * @param array $attr Array of attribut keys to fetch
375 * @param boolean $subtree Search in subtrees ?
376 * @return object DftkDaTrace $r Trace
377 */
378 function &search($base, $search, &$entries, $attr = array(), $subtree = true)
379 {
380 $r =& $this->_prerequisite(true, false);
381 if (!$r->has_error)
382 {
383 if ($subtree)
384 $f = "ldap_search";
385 else
386 $f = "ldap_list";
387
388 if (is_array($attr) && count($attr)>0)
389 $sr = @$f($this->_ds, $base, $search, $attr);
390 else
391 $sr = @$f($this->_ds, $base, $search);
392
393 if ($sr)
394 {
395 $nb = ldap_count_entries($this->_ds, $sr);
396 if (!$nb)
397 $tab = array();
398 else
399 $tab = ldap_get_entries($this->_ds, $sr);
400
401 ldap_free_result($sr);
402 $entries->_put_tab($tab, $nb);
403 $r->set_result('count', $nb);
404 }
405 else
406 $r->add_event('dftk-ldap_probsearch', ldap_error($this->_ds));
407 }
408
409 return $r;
410 }
411
412 /**
413 * Search in all the LDAP Database
414 *
415 * @access public
416 * @param string $search Search pattern
417 * @param object DftkLdapEntries &$entries Object where to put results
418 * @param array $attr Array of attribut keys to fetch
419 * @param boolean $subtree Search in subtrees ?
420 * @return object DftkDaTrace $r Trace
421 */
422 function &w_search($search, &$entries, $attr = array(), $subtree = true)
423 {
424 $r =& $this->_prerequisite(true, true);
425 if (!$r->has_error())
426 {
427 $r2 =& $this->search($this->_base_dn, $search, $entries, $attr);
428 $r->merge_traces(&$r2);
429 }
430
431 return $r;
432 }
433
434 /**
435 * Modify an LDAP Object
436 *
437 * @access public
438 * @param string $object DN of the Object
439 * @param object DftkLdapEntries &$entries Object data
440 * @param integer $i Number of the entry to Replace
441 * @param array $attr_list List of Attributes to Replace
442 * @return object DftkDaTrace $r Trace
443 */
444 function &modify($object, &$entries, $i, $attr_list = array())
445 {
446 $r =& $this->_prerequisite(true, false);
447 if (!$r->has_error())
448 {
449 if (count($attr_list)!=0)
450 {
451 if (!@ldap_mod_replace($this->_ds, $object, $entries->_export_entry($i, $attr_list)))
452 $r->add_event('dftk-ldap_probmod', ldap_error($this->_ds));
453 }
454 else
455 {
456 if (!@ldap_modify($this->_ds, $object, $entries->_export_entry($i)))
457 $r->add_event('dftk-ldap_probmod', ldap_error($this->_ds));
458 }
459 }
460
461 return $r;
462 }
463
464 /**
465 * Add an LDAP Object
466 *
467 * @access public
468 * @param string $object DN of the Object
469 * @param object DftkLdapEntries &$entries Object data
470 * @param integer $i Number of the entry to Replace
471 * @return object DftkDaTrace $r Trace
472 */
473 function &add($object, &$entries, $i)
474 {
475 $r =& $this->_prerequisite(true, false);
476 if (!$r->has_error())
477 if (!@ldap_add($this->_ds, $object, $entries->_export_entry($i)))
478 $r->add_event('dftk-ldap_probadd', ldap_error($this->_ds));
479
480 return $r;
481 }
482
483 /**
484 * Delete an LDAP Object
485 *
486 * @access public
487 * @param string $object DN of the Object
488 * @return object DftkDaTrace $r Trace
489 */
490 function &delete($object)
491 {
492 $r =& $this->_prerequisite(true, false);
493 if (!$r->has_error())
494 {
495 //if (!$object)
496 // return false;
497
498 if (!@ldap_delete($this->_ds, $object))
499 $r->add_event('dftk-ldap_probdel', ldap_error($this->_ds));
500 }
501
502 return $r;
503 }
504
505 /**
506 * Rename an LDAP Object
507 *
508 * @access public
509 * @param string $object DN of the Object
510 * @param string $new_object New DN of the Object
511 * @return object DftkDaTrace $r Trace
512 */
513 function &rename($object, $new_object)
514 {
515 $r =& $this->_prerequisite(true, false);
516 if (!$r->has_error())
517 {
518 $z = ldap_explode_dn($new_object, 0);
519 $newrdn = $z[0];
520 array_splice($z, 0, 2);
521 $newparent = implode(",", $z);
522 if (!@ldap_rename($this->_ds, $object, $newrdn, $newparent, false))
523 $r->add_event('dftk-ldap_probren', ldap_error($this->_ds));
524 }
525
526 return $r;
527 }
528
529 /**
530 * Check prerequisite for other methodes
531 *
532 * @access private
533 * @param boolean $need_bind Is login needed ?
534 * @param boolean $need_wrapping_params Are helping parameters needed ?
535 * @return object DftkDaTrace $r Trace
536 */
537 function &_prerequisite($need_bind, $need_wrapping_params)
538 {
539 $r =& $this->_tracemgr->create_trace();
540
541 if (!$this->_connected)
542 $r->add_event('dftk-ldap_notconnected');
543 else if ($need_bind && !$this->_binded)
544 $r->add_event('dftk-ldap_notbinded');
545 else if ($need_wrapping_params && !$this->_has_wrapping_parameters)
546 $r->add_event('dftk-ldap_missparams');
547
548 return $r;
549 }
550 }
551
552 ?>
|
