robin.thoni
/
docker-roundcube-server
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 10 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
16 Commits
2 Branches
Tree: 9ffa51aae8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9ffa51aae8'
${ noResults }
docker-roundcube-server/roundcube/roundcubemail-1.2.2/program/lib/Roundcube/rcube_ldap_generic.php

rcube_ldap_generic.php 10KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365 
  1. <?php

  2. 

  3. /**

  4.  +-----------------------------------------------------------------------+

  5.  | Roundcube/rcube_ldap_generic.php                                      |

  6.  |                                                                       |

  7.  | This file is part of the Roundcube Webmail client                     |

  8.  | Copyright (C) 2006-2014, The Roundcube Dev Team                       |

  9.  | Copyright (C) 2012-2015, Kolab Systems AG                             |

  10.  |                                                                       |

  11.  | Licensed under the GNU General Public License version 3 or            |

  12.  | any later version with exceptions for skins & plugins.                |

  13.  | See the README file for a full license statement.                     |

  14.  |                                                                       |

  15.  | PURPOSE:                                                              |

  16.  |   Provide basic functionality for accessing LDAP directories          |

  17.  |                                                                       |

  18.  +-----------------------------------------------------------------------+

  19.  | Author: Thomas Bruederli <roundcube@gmail.com>                        |

  20.  |         Aleksander Machniak <machniak@kolabsys.com>                   |

  21.  +-----------------------------------------------------------------------+

  22. */

  23. 

  24. /**

  25.  * Model class to access an LDAP directories

  26.  *

  27.  * @package    Framework

  28.  * @subpackage LDAP

  29.  */

  30. class rcube_ldap_generic extends Net_LDAP3

  31. {

  32.     /** private properties */

  33.     protected $cache = null;

  34.     protected $attributes = array('dn');

  35.     protected $error;

  36. 

  37.     function __construct($config = null)

  38.     {

  39.         parent::__construct($config);

  40. 

  41.         $this->config_set('log_hook', array($this, 'log'));

  42.     }

  43. 

  44.     /**

  45.      * Establish a connection to the LDAP server

  46.      */

  47.     public function connect($host = null)

  48.     {

  49.         // Net_LDAP3 does not support IDNA yet

  50.         // also parse_host() here is very Roundcube specific

  51.         $host = rcube_utils::idn_to_ascii(rcube_utils::parse_host($host));

  52. 

  53.         return parent::connect($host);

  54.     }

  55. 

  56.     /**

  57.      * Get a specific LDAP entry, identified by its DN

  58.      *

  59.      * @param string $dn Record identifier

  60.      * @param array  $attributes Attributes to return

  61.      *

  62.      * @return array Hash array

  63.      */

  64.     function get_entry($dn, $attributes = array())

  65.     {

  66.         return parent::get_entry($dn, !empty($attributes) ? $attributes : $this->attributes);

  67.     }

  68. 

  69.     /**

  70.      * Prints debug/error info to the log

  71.      */

  72.     public function log($level, $msg)

  73.     {

  74.         $msg = implode("\n", $msg);

  75. 

  76.         switch ($level) {

  77.         case LOG_DEBUG:

  78.         case LOG_INFO:

  79.         case LOG_NOTICE:

  80.             if ($this->config['debug']) {

  81.                 rcube::write_log('ldap', $msg);

  82.             }

  83.             break;

  84. 

  85.         case LOG_EMERGE:

  86.         case LOG_ALERT:

  87.         case LOG_CRIT:

  88.             rcube::raise_error($msg, true, true);

  89.             break;

  90. 

  91.         case LOG_ERR:

  92.         case LOG_WARNING:

  93.             $this->error = $msg;

  94.             rcube::raise_error($msg, true, false);

  95.             break;

  96.         }

  97.     }

  98. 

  99.     /**

  100.      * Returns the last LDAP error occurred

  101.      *

  102.      * @return mixed Error message string or null if no error occured

  103.      */

  104.     function get_error()

  105.     {

  106.         return $this->error;

  107.     }

  108. 

  109.     /**

  110.      * @deprecated

  111.      */

  112.     public function set_debug($dbg = true)

  113.     {

  114.         $this->config['debug'] = (bool) $dbg;

  115.     }

  116. 

  117.     /**

  118.      * @deprecated

  119.      */

  120.     public function set_cache($cache_engine)

  121.     {

  122.         $this->config['cache'] = $cache_engine;

  123.     }

  124. 

  125.     /**

  126.      * @deprecated

  127.      */

  128.     public static function scope2func($scope, &$ns_function = null)

  129.     {

  130.         return self::scope_to_function($scope, $ns_function);

  131.     }

  132. 

  133.     /**

  134.      * @deprecated

  135.      */

  136.     public function set_config($opt, $val = null)

  137.     {

  138.         $this->config_set($opt, $val);

  139.     }

  140. 

  141.     /**

  142.      * @deprecated

  143.      */

  144.     public function add($dn, $entry)

  145.     {

  146.         return $this->add_entry($dn, $entry);

  147.     }

  148. 

  149.     /**

  150.      * @deprecated

  151.      */

  152.     public function delete($dn)

  153.     {

  154.         return $this->delete_entry($dn);

  155.     }

  156. 

  157.     /**

  158.      * Wrapper for ldap_mod_replace()

  159.      *

  160.      * @see ldap_mod_replace()

  161.      */

  162.     public function mod_replace($dn, $entry)

  163.     {

  164.         $this->_debug("C: Replace $dn: ".print_r($entry, true));

  165. 

  166.         if (!ldap_mod_replace($this->conn, $dn, $entry)) {

  167.             $this->_error("ldap_mod_replace() failed with " . ldap_error($this->conn));

  168.             return false;

  169.         }

  170. 

  171.         $this->_debug("S: OK");

  172.         return true;

  173.     }

  174. 

  175.     /**

  176.      * Wrapper for ldap_mod_add()

  177.      *

  178.      * @see ldap_mod_add()

  179.      */

  180.     public function mod_add($dn, $entry)

  181.     {

  182.         $this->_debug("C: Add $dn: ".print_r($entry, true));

  183. 

  184.         if (!ldap_mod_add($this->conn, $dn, $entry)) {

  185.             $this->_error("ldap_mod_add() failed with " . ldap_error($this->conn));

  186.             return false;

  187.         }

  188. 

  189.         $this->_debug("S: OK");

  190.         return true;

  191.     }

  192. 

  193.     /**

  194.      * Wrapper for ldap_mod_del()

  195.      *

  196.      * @see ldap_mod_del()

  197.      */

  198.     public function mod_del($dn, $entry)

  199.     {

  200.         $this->_debug("C: Delete $dn: ".print_r($entry, true));

  201. 

  202.         if (!ldap_mod_del($this->conn, $dn, $entry)) {

  203.             $this->_error("ldap_mod_del() failed with " . ldap_error($this->conn));

  204.             return false;

  205.         }

  206. 

  207.         $this->_debug("S: OK");

  208.         return true;

  209.     }

  210. 

  211.     /**

  212.      * Wrapper for ldap_rename()

  213.      *

  214.      * @see ldap_rename()

  215.      */

  216.     public function rename($dn, $newrdn, $newparent = null, $deleteoldrdn = true)

  217.     {

  218.         $this->_debug("C: Rename $dn to $newrdn");

  219. 

  220.         if (!ldap_rename($this->conn, $dn, $newrdn, $newparent, $deleteoldrdn)) {

  221.             $this->_error("ldap_rename() failed with " . ldap_error($this->conn));

  222.             return false;

  223.         }

  224. 

  225.         $this->_debug("S: OK");

  226.         return true;

  227.     }

  228. 

  229.     /**

  230.      * Wrapper for ldap_list() + ldap_get_entries()

  231.      *

  232.      * @see ldap_list()

  233.      * @see ldap_get_entries()

  234.      */

  235.     public function list_entries($dn, $filter, $attributes = array('dn'))

  236.     {

  237.         $list = array();

  238.         $this->_debug("C: List $dn [{$filter}]");

  239. 

  240.         if ($result = ldap_list($this->conn, $dn, $filter, $attributes)) {

  241.             $list = ldap_get_entries($this->conn, $result);

  242. 

  243.             if ($list === false) {

  244.                 $this->_error("ldap_get_entries() failed with " . ldap_error($this->conn));

  245.                 return array();

  246.             }

  247. 

  248.             $count = $list['count'];

  249.             unset($list['count']);

  250. 

  251.             $this->_debug("S: $count record(s)");

  252.         }

  253.         else {

  254.             $this->_error("ldap_list() failed with " . ldap_error($this->conn));

  255.         }

  256. 

  257.         return $list;

  258.     }

  259. 

  260.     /**

  261.      * Wrapper for ldap_read() + ldap_get_entries()

  262.      *

  263.      * @see ldap_read()

  264.      * @see ldap_get_entries()

  265.      */

  266.     public function read_entries($dn, $filter, $attributes = null)

  267.     {

  268.         $this->_debug("C: Read $dn [{$filter}]");

  269. 

  270.         if ($this->conn && $dn) {

  271.             $result = @ldap_read($this->conn, $dn, $filter, $attributes, 0, (int)$this->config['sizelimit'], (int)$this->config['timelimit']);

  272.             if ($result === false) {

  273.                 $this->_error("ldap_read() failed with " . ldap_error($this->conn));

  274.                 return false;

  275.             }

  276. 

  277.             $this->_debug("S: OK");

  278.             return ldap_get_entries($this->conn, $result);

  279.         }

  280. 

  281.         return false;

  282.     }

  283. 

  284.     /**

  285.      * Turn an LDAP entry into a regular PHP array with attributes as keys.

  286.      *

  287.      * @param array $entry Attributes array as retrieved from ldap_get_attributes() or ldap_get_entries()

  288.      * @param bool  $flat  Convert one-element-array values into strings (not implemented)

  289.      *

  290.      * @return array Hash array with attributes as keys

  291.      */

  292.     public static function normalize_entry($entry, $flat = false)

  293.     {

  294.         if (!isset($entry['count'])) {

  295.             return $entry;

  296.         }

  297. 

  298.         $rec = array();

  299. 

  300.         for ($i=0; $i < $entry['count']; $i++) {

  301.             $attr = $entry[$i];

  302.             if ($entry[$attr]['count'] == 1) {

  303.                 switch ($attr) {

  304.                     case 'objectclass':

  305.                         $rec[$attr] = array(strtolower($entry[$attr][0]));

  306.                         break;

  307.                     default:

  308.                         $rec[$attr] = $entry[$attr][0];

  309.                         break;

  310.                 }

  311.             }

  312.             else {

  313.                 for ($j=0; $j < $entry[$attr]['count']; $j++) {

  314.                     $rec[$attr][$j] = $entry[$attr][$j];

  315.                 }

  316.             }

  317.         }

  318. 

  319.         return $rec;

  320.     }

  321. 

  322.     /**

  323.      * Compose an LDAP filter string matching all words from the search string

  324.      * in the given list of attributes.

  325.      *

  326.      * @param string  $value    Search value

  327.      * @param mixed   $attrs    List of LDAP attributes to search

  328.      * @param int     $mode     Matching mode:

  329.      *                          0 - partial (*abc*),

  330.      *                          1 - strict (=),

  331.      *                          2 - prefix (abc*)

  332.      * @return string LDAP filter

  333.      */

  334.     public static function fulltext_search_filter($value, $attributes, $mode = 1)

  335.     {

  336.         if (empty($attributes)) {

  337.             $attributes = array('cn');

  338.         }

  339. 

  340.         $groups = array();

  341.         $value = str_replace('*', '', $value);

  342.         $words = $mode == 0 ? rcube_utils::tokenize_string($value, 1) : array($value);

  343. 

  344.         // set wildcards

  345.         $wp = $ws = '';

  346.         if ($mode != 1) {

  347.             $ws = '*';

  348.             $wp = !$mode ? '*' : '';

  349.         }

  350. 

  351.         // search each word in all listed attributes

  352.         foreach ($words as $word) {

  353.             $parts = array();

  354.             foreach ($attributes as $attr) {

  355.                 $parts[] = "($attr=$wp" . self::quote_string($word) . "$ws)";

  356.             }

  357.             $groups[] = '(|' . join('', $parts) . ')';

  358.         }

  359. 

  360.         return count($groups) > 1 ? '(&' . join('', $groups) . ')' : join('', $groups);

  361.     }

  362. }

  363. 

  364. // for backward compat.

  365. class rcube_ldap_result extends Net_LDAP3_Result {}