1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
|
From f9058a1289778209190afb7c7bee50065b8c583b Mon Sep 17 00:00:00 2001
From: Jan Schneider <jan@horde.org>
Date: Wed, 11 Jun 2014 16:13:14 +0200
Subject: [PATCH] Allow to specify base DN for searching user DNs (Bug #12128).
---
framework/Core/lib/Horde/Config.php | 169 +++++++++++++++++++++---------------
framework/Core/package.xml | 2 +
framework/Ldap/lib/Horde/Ldap.php | 6 +-
framework/Ldap/package.xml | 16 ++--
4 files changed, 114 insertions(+), 79 deletions(-)
diff --git a/framework/Core/lib/Horde/Config.php b/framework/Core/lib/Horde/Config.php
index 816d202..43aec96 100644
--- a/framework/Core/lib/Horde/Config.php
+++ b/framework/Core/lib/Horde/Config.php
@@ -746,8 +746,8 @@ protected function _parseLevel(&$conf, $children, $ctx)
* @param string $ctx The context of the <configldap> tag.
* @param DomNode $node The DomNode representation of the
* <configldap> tag.
- * @param string $switchname If DomNode is not set, the value of the
- * tag's switchname attribute.
+ * @param string $switchname If $node is not set, the value of the tag's
+ * switchname attribute.
*
* @return array An associative array with the LDAP configuration tree.
*/
@@ -823,73 +823,7 @@ protected function _configLDAP($ctx, $node = null,
),
'user' => array(
'desc' => 'Bind as the currently logged-in user',
- 'fields' => array(
- 'user' => array(
- 'binddn' => array(
- '_type' => 'text',
- 'required' => false,
- 'desc' => 'DN used to bind for searching the user\'s DN (leave empty for anonymous bind)',
- 'default' => $this->_default(
- $ctx . '|user|binddn',
- $node ? ($xpath->evaluate('string(configsection/configstring[@name="binddn"])', $node) ?: '') : ''
- )
- ),
- 'bindpw' => array(
- '_type' => 'text',
- 'required' => false,
- 'desc' => 'Password for bind DN',
- 'default' => $this->_default(
- $ctx . '|user|bindpw',
- $node ? ($xpath->evaluate('string(configsection/configstring[@name="bindpw"])', $node) ?: '') : ''
- )
- ),
- 'uid' => array(
- '_type' => 'text',
- 'required' => true,
- 'desc' => 'The username search key (set to samaccountname for AD).',
- 'default' => $this->_default(
- $ctx . '|user|uid',
- $node ? ($xpath->evaluate('string(configsection/configstring[@name="uid"])', $node) ?: 'uid') : 'uid'
- )
- ),
- 'filter_type' => array(
- 'required' => false,
- 'desc' => 'How to specify a filter for the user lists.',
- 'default' => $this->_default(
- $ctx . '|user|filter_type',
- $node ? ($xpath->evaluate('normalize-space(configsection/configswitch[@name="filter_type"]/text())', $node) ?: 'objectclass') : 'objectclass'),
- 'switch' => array(
- 'filter' => array(
- 'desc' => 'LDAP filter string',
- 'fields' => array(
- 'filter' => array(
- '_type' => 'text',
- 'required' => true,
- 'desc' => 'The LDAP filter string used to search for users.',
- 'default' => $this->_default(
- $ctx . '|user|filter',
- $node ? ($xpath->evaluate('string(configsection/configstring[@name="filter"])', $node) ?: '(objectClass=*)') : '(objectClass=*)'
- )
- ),
- ),
- ),
- 'objectclass' => array(
- 'desc' => 'List of objectClasses',
- 'fields' => array(
- 'objectclass' => array(
- '_type' => 'stringlist',
- 'required' => true,
- 'desc' => 'The objectclass filter used to search for users. Can be a single objectclass or a comma-separated list.',
- 'default' => implode(', ', $this->_default(
- $ctx . '|user|objectclass',
- $node ? ($xpath->evaluate('string(configsection/configlist[@name="objectclass"])', $node) ?: array('*')) : array('*')))
- ),
- ),
- ),
- ),
- ),
- ),
- ),
+ 'fields' => $this->_configLDAPUser($ctx, $node)
),
'admin' => array(
'desc' => 'Bind with administrative/system credentials',
@@ -995,6 +929,103 @@ protected function _configLDAP($ctx, $node = null,
}
/**
+ * Returns the configuration tree for an LDAP configuration to search user
+ * DNs to replace a <configldapuser> tag.
+ *
+ * Subnodes will be parsed and added.
+ *
+ * @param string $ctx The context of the <configldapuser> tag.
+ * @param DomNode $node The DomNode representation of the
+ * <configldapuser> tag.
+ *
+ * @return array A list of associative arrays with the LDAP configuration
+ * tree.
+ */
+ protected function _configLDAPUser($ctx, $node = null)
+ {
+ if ($node) {
+ $xpath = new DOMXPath($node->ownerDocument);
+ }
+
+ return array(
+ 'user' => array(
+ 'basedn' => array(
+ '_type' => 'text',
+ 'required' => false,
+ 'desc' => 'Base DN for searching the user\'s DN',
+ 'default' => $this->_default(
+ $ctx . '|user|basedn',
+ $node ? ($xpath->evaluate('string(configsection/configstring[@name="basedn"])', $node) ?: '') : ''
+ )
+ ),
+ 'binddn' => array(
+ '_type' => 'text',
+ 'required' => false,
+ 'desc' => 'DN used to bind for searching the user\'s DN (leave empty for anonymous bind)',
+ 'default' => $this->_default(
+ $ctx . '|user|binddn',
+ $node ? ($xpath->evaluate('string(configsection/configstring[@name="binddn"])', $node) ?: '') : ''
+ )
+ ),
+ 'bindpw' => array(
+ '_type' => 'text',
+ 'required' => false,
+ 'desc' => 'Password for bind DN',
+ 'default' => $this->_default(
+ $ctx . '|user|bindpw',
+ $node ? ($xpath->evaluate('string(configsection/configstring[@name="bindpw"])', $node) ?: '') : ''
+ )
+ ),
+ 'uid' => array(
+ '_type' => 'text',
+ 'required' => true,
+ 'desc' => 'The username search key (set to samaccountname for AD).',
+ 'default' => $this->_default(
+ $ctx . '|user|uid',
+ $node ? ($xpath->evaluate('string(configsection/configstring[@name="uid"])', $node) ?: 'uid') : 'uid'
+ )
+ ),
+ 'filter_type' => array(
+ 'required' => false,
+ 'desc' => 'How to specify a filter for the user lists.',
+ 'default' => $this->_default(
+ $ctx . '|user|filter_type',
+ $node ? ($xpath->evaluate('normalize-space(configsection/configswitch[@name="filter_type"]/text())', $node) ?: 'objectclass') : 'objectclass'),
+ 'switch' => array(
+ 'filter' => array(
+ 'desc' => 'LDAP filter string',
+ 'fields' => array(
+ 'filter' => array(
+ '_type' => 'text',
+ 'required' => true,
+ 'desc' => 'The LDAP filter string used to search for users.',
+ 'default' => $this->_default(
+ $ctx . '|user|filter',
+ $node ? ($xpath->evaluate('string(configsection/configstring[@name="filter"])', $node) ?: '(objectClass=*)') : '(objectClass=*)'
+ )
+ ),
+ ),
+ ),
+ 'objectclass' => array(
+ 'desc' => 'List of objectClasses',
+ 'fields' => array(
+ 'objectclass' => array(
+ '_type' => 'stringlist',
+ 'required' => true,
+ 'desc' => 'The objectclass filter used to search for users. Can be a single objectclass or a comma-separated list.',
+ 'default' => implode(', ', $this->_default(
+ $ctx . '|user|objectclass',
+ $node ? ($xpath->evaluate('string(configsection/configlist[@name="objectclass"])', $node) ?: array('*')) : array('*')))
+ ),
+ ),
+ ),
+ ),
+ ),
+ ),
+ );
+ }
+
+ /**
* Returns the configuration tree for a NoSQL backend configuration to
* replace a <confignosql> tag.
* Subnodes will be parsed and added to both the Horde defaults and the
--
1.9.3
|
