if(!self :: loadLSclass('LSerror')) {
return;
}
+ set_error_handler(array('LSerror','errorHandler'),E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED & ~E_WARNING);
self :: defineLSerrors();
return true;
}
* @retval boolean True si l'initialisation à réussi, false sinon.
*/
public static function initialize() {
- if (!self :: startLSconfig()) {
- return;
+ try {
+ if (!self :: startLSconfig()) {
+ return;
+ }
+
+ self :: startLSerror();
+ self :: startLStemplate();
+
+ session_start();
+
+ self :: setLocale();
+
+ self :: loadLSaddons();
+ self :: loadLSauth();
+ }
+ catch (Exception $e) {
+ die('LSsession : fail to initialize session. Error : '.$e->getMessage());
}
-
- self :: startLSerror();
- self :: startLStemplate();
-
- session_start();
-
- self :: setLocale();
-
- self :: loadLSaddons();
- self :: loadLSauth();
return true;
}
self :: $ldapServerId = $id;
self :: $ldapServer = $conf;
self :: setLocale();
+ self :: setGlobals();
return true;
}
else {
// Css
self :: addCssFile("LSdefault.css");
+ if (isset($GLOBALS['defaultCSSfiles']) && is_array($GLOBALS['defaultCSSfiles'])) {
+ foreach ($GLOBALS['defaultCSSfiles'] as $file) {
+ self :: addCssFile($file);
+ }
+ }
$Css_txt='';
foreach (self :: $CssFiles as $file) {
$Css_txt.="<link rel='stylesheet' type='text/css' href='".$file."' />\n";
}
/**
+ * Prend un tableau de LSobject et le réduit en utilisant un filtre de
+ * recherche sur un autre type de LSobject.
+ *
+ * Si une erreur est présente dans le tableau de définition du filtre, un
+ * tableau vide est renvoyé.
+ *
+ * @param[in] string $LSobject le type LSobject par défaut
+ * @param[in] array $set tableau de LSobject
+ * @param[in] array $filter_def définition du filtre de recherche pour la réduction
+ * @param[in] string $basend basedn pour la recherche, null par défaut
+ *
+ * @retval array le nouveau tableau de LSobject
+ */
+ private static function reduceLdapSet($LSobject, $set, $filter_def, $basedn=null) {
+ if (empty($set)) {
+ return array();
+ }
+
+ if (! isset($filter_def['filter']) &&
+ (! isset($filter_def['attr']) ||
+ ! isset($filter_def['attr_value']))) {
+ LSdebug("Filtre de profil LSobject invalide " . var_export($filter_def, true));
+ return array();
+ }
+
+ LSdebug('LSsession :: reducing set of');
+ foreach ($set as $object) {
+ LSdebug('LSsession :: -> ' . $object -> getDn());
+ }
+
+ $LSobject = isset($filter_def['LSObject']) ? $filter_def['LSobject'] : $LSobject;
+ LSdebug('LSobject :: ' . $LSobject);
+ $filters = array();
+ foreach ($set as $object) {
+ if (isset($filter_def['filter'])) {
+ $filters[] = $object -> getFData($filter_def['filter']);
+ }
+ else {
+ $value = $object -> getFData($filter_def['attr_value']);
+ $filters[] = Net_LDAP2_Filter::create($filter_def['attr'], 'equals', $value);
+ }
+ }
+ $filter = LSldap::combineFilters('or', $filters);
+ $params = array(
+ 'basedn' => isset($filter_def['basedn']) ? $filter_def['basedn'] : $basedn,
+ 'filter' => $filter,
+ );
+ if (isset($filter_def['params']) && is_array($filter_def['params'])) {
+ $params = array_merge($filter_def['params'],$params);
+ }
+ $LSsearch = new LSsearch($LSobject,'LSsession :: loadLSprofiles',$params,true);
+ $LSsearch -> run(false);
+
+ $set = $LSsearch -> listObjects();
+ LSdebug('LSsession :: reduced set to');
+ foreach ($set as $object) {
+ LSdebug('LSsession :: -> ' . $object -> getDn());
+ }
+ return $set;
+ }
+
+ /**
+ * Charge les droits LS de l'utilisateur : uniquement du type LSobjects
+ *
+ * @param[in] string $
+ *
+ * @retval void
+ */
+ private static function loadLSprofilesLSobjects($profile, $LSobject, $listInfos) {
+ if (! self :: loadLSclass('LSsearch')) {
+ LSdebug('Impossible de charger la classe LSsearch');
+ return;
+ }
+ # we are gonna grow a set of objects progressively, we start from the user
+ $set = array(self :: getLSuserObject());
+ $basedn = isset($listInfos['basedn']) ? $listInfos['basedn'] : null;
+ $LSobject = isset($listInfos['LSobject']) ? $listInfos['LSobject'] : $LSobject;
+
+ if (isset($listInfos['filters']) && is_array($listInfos['filters'])) {
+ foreach ($listInfos['filters'] as $filter_def) {
+ $set = self :: reduceLdapSet($LSobject, $set, $filter_def, $basedn);
+ }
+ }
+ if (isset($listInfos['filter']) || (isset($listInfos['attr']) && isset($listInfos['attr_value']))) {
+ # support legacy profile definition
+ $set = self :: reduceLdapSet($LSobject, $set, $listInfos, $basedn);
+ }
+
+ $DNs = [];
+ foreach ($set as $object) {
+ $DNs[] = $object -> getDn();
+ }
+ if (!is_array(self :: $LSprofiles[$profile])) {
+ self :: $LSprofiles[$profile]=$DNs;
+ }
+ else {
+ foreach($DNs as $dn) {
+ if (!in_array($dn,self :: $LSprofiles[$profile])) {
+ self :: $LSprofiles[$profile][] = $dn;
+ }
+ }
+ }
+ }
+
+ /**
* Charge les droits LS de l'utilisateur
*
* @retval boolean True si le chargement à réussi, false sinon.
if ($topDn == 'LSobjects') {
if (is_array($rightsInfos)) {
foreach ($rightsInfos as $LSobject => $listInfos) {
- if (self :: loadLSclass('LSsearch')) {
- if (isset($listInfos['filter'])) {
- $filter = self :: getLSuserObject() -> getFData($listInfos['filter']);
- }
- else {
- $filter = '('.$listInfos['attr'].'='.self :: getLSuserObject() -> getFData($listInfos['attr_value']).')';
- }
-
- $params = array (
- 'basedn' => (isset($listInfos['basedn'])?$listInfos['basedn']:null),
- 'filter' => $filter
- );
-
- if (isset($listInfos['params']) && is_array($listInfos['params'])) {
- $params = array_merge($listInfos['params'],$params);
- }
-
- $LSsearch = new LSsearch($LSobject,'LSsession :: loadLSprofiles',$params,true);
- $LSsearch -> run(false);
-
- $DNs = $LSsearch -> listObjectsDn();
- if (!is_array(self :: $LSprofiles[$profile])) {
- self :: $LSprofiles[$profile]=$DNs;
- }
- else {
- foreach($DNs as $dn) {
- if (!in_array($dn,self :: $LSprofiles[$profile])) {
- self :: $LSprofiles[$profile][] = $dn;
- }
- }
- }
- }
+ LSdebug('loading LSprofile ' . $profile . ' for LSobject ' . $LSobject . ' with params ' . var_export($listInfos, true));
+ self :: loadLSprofilesLSobjects($profile, $LSobject, $listInfos);
}
}
else {
LSerror :: defineError('LSsession_15',
_("LSsession : Fail to reconnect to LDAP server with user's LDAP credentials.")
);
- // 16 : not yet used
+ LSerror :: defineError('LSsession_16',
+ _("LSsession : No import/export format define for this object type.")
+ );
LSerror :: defineError('LSsession_17',
_("LSsession : Error during creation of list of levels. Contact administrators. (Code : %{code})")
);
LSerror :: defineError('LSsession_20',
_("LSsession : Error during password recovery. Contact administrators.(Step : %{step})")
);
- // 21 : not yet used
+ LSerror :: defineError('LSsession_21',
+ _("LSsession : call function %{func} do not provided from LSaddon %{addon}.")
+ );
LSerror :: defineError('LSsession_22',
_("LSsession : problem during initialisation.")
);
$data=array('recoverPassword' => isset(self :: $ldapServer['recoverPassword']));
}
}
+
+ /**
+ * Set globals from the ldap server
+ *
+ * @retval void
+ */
+ public static function setGlobals() {
+ if ( isset(self :: $ldapServer['globals'])) {
+ foreach(self :: $ldapServer['globals'] as $key => $value) {
+ $GLOBALS[$key] = $value;
+ }
+ }
+ }
}
?>
projects / ldapsaisie.git / blobdiff