bashclub/piler
1
0
Fork 0
mirror of https://bitbucket.org/jsuto/piler.git synced 2024-12-26 07:10:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

ldap fix

Browse Source
This commit is contained in:
SJ 2014-09-04 16:18:47 +02:00
parent 68b236ae77
commit 200f90d65d
1 changed files with 35 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
webui/model/user/auth.php
View File

@ -70,6 +70,29 @@ class ModelUserAuth extends Model {
private function checkLoginAgainstLDAP($username = '', $password = '') { private function checkLoginAgainstLDAP($username = '', $password = '') {
$a = array();
$ret = 0;
if(ENABLE_SAAS == 1) {
$params = $this->model_saas_ldap->get_ldap_params_by_email($username);
foreach($params as $param) {
$ret = $this->checkLoginAgainstLDAP_real($username, $password, $param);
syslog(LOG_INFO, "ldap auth result against " . $param['ldap_host'] . " / " . $param['ldap_type'] . ": $ret");
if($ret == 1) { return $ret; }
}
}
else {
$ret = $this->checkLoginAgainstLDAP_real($username, $password);
}
return $ret;
}
private function checkLoginAgainstLDAP_real($username = '', $password = '', $a = array()) {
$ldap_type = ''; $ldap_type = '';
$ldap_host = LDAP_HOST; $ldap_host = LDAP_HOST;
$ldap_base_dn = LDAP_BASE_DN; $ldap_base_dn = LDAP_BASE_DN;
@ -81,9 +104,6 @@ class ModelUserAuth extends Model {
$role = 0; $role = 0;
$username_prefix = ''; $username_prefix = '';
if(ENABLE_SAAS == 1) {
$a = $this->model_saas_ldap->get_ldap_params_by_email($username);
if(count($a) >= 6) { if(count($a) >= 6) {
$ldap_type = $a['ldap_type']; $ldap_type = $a['ldap_type'];
$ldap_host = $a['ldap_host']; $ldap_host = $a['ldap_host'];
@ -97,7 +117,6 @@ class ModelUserAuth extends Model {
$ldap_distributionlist_attr = $a['ldap_distributionlist_attr']; $ldap_distributionlist_attr = $a['ldap_distributionlist_attr'];
$ldap_distributionlist_objectclass = $a['ldap_distributionlist_objectclass']; $ldap_distributionlist_objectclass = $a['ldap_distributionlist_objectclass'];
} }
}
if($ldap_type != LDAP_TYPE_GENERIC) { if($ldap_type != LDAP_TYPE_GENERIC) {
list($ldap_mail_attr, $ldap_account_objectclass, $ldap_distributionlist_attr, $ldap_distributionlist_objectclass) = get_ldap_attribute_names($ldap_type); list($ldap_mail_attr, $ldap_account_objectclass, $ldap_distributionlist_attr, $ldap_distributionlist_objectclass) = get_ldap_attribute_names($ldap_type);
@ -369,7 +388,7 @@ class ModelUserAuth extends Model {
$emails = $this->get_email_array_from_ldap_attr($query->rows); $emails = $this->get_email_array_from_ldap_attr($query->rows);
$extra_emails = $this->model_user_user->get_email_addresses_from_groups($emails); $extra_emails = $this->model_user_user->get_email_addresses_from_groups($emails);
$emails = array_merge($emails, $extra_emails); $emails = array_merge(array($username), $emails, $extra_emails);
if($this->check_ldap_membership($ldap_auditor_member_dn, $query->rows) == 1) { $role = 2; } if($this->check_ldap_membership($ldap_auditor_member_dn, $query->rows) == 1) { $role = 2; }
if($this->check_ldap_membership($ldap_admin_member_dn, $query->rows) == 1) { $role = 1; } if($this->check_ldap_membership($ldap_admin_member_dn, $query->rows) == 1) { $role = 1; }