2012-07-04 04:10:38 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
final class PhabricatorPeopleLdapController
|
|
|
|
extends PhabricatorPeopleController {
|
|
|
|
|
2015-01-13 00:18:16 +01:00
|
|
|
public function handleRequest(AphrontRequest $request) {
|
|
|
|
$this->requireApplicationCapability(
|
|
|
|
PeopleCreateUsersCapability::CAPABILITY);
|
2012-07-04 04:10:38 +02:00
|
|
|
$admin = $request->getUser();
|
|
|
|
|
|
|
|
$content = array();
|
|
|
|
|
|
|
|
$form = id(new AphrontFormView())
|
2012-07-10 16:56:38 +02:00
|
|
|
->setAction($request->getRequestURI()
|
|
|
|
->alter('search', 'true')->alter('import', null))
|
2012-07-04 04:10:38 +02:00
|
|
|
->setUser($admin)
|
|
|
|
->appendChild(
|
|
|
|
id(new AphrontFormTextControl())
|
2014-08-13 19:06:48 +02:00
|
|
|
->setLabel(pht('LDAP username'))
|
|
|
|
->setName('username'))
|
2012-07-04 04:10:38 +02:00
|
|
|
->appendChild(
|
|
|
|
id(new AphrontFormPasswordControl())
|
2014-08-13 19:06:48 +02:00
|
|
|
->setDisableAutocomplete(true)
|
|
|
|
->setLabel(pht('Password'))
|
|
|
|
->setName('password'))
|
2012-07-04 04:10:38 +02:00
|
|
|
->appendChild(
|
|
|
|
id(new AphrontFormTextControl())
|
2014-08-13 19:06:48 +02:00
|
|
|
->setLabel(pht('LDAP query'))
|
|
|
|
->setCaption(pht('A filter such as (objectClass=*)'))
|
|
|
|
->setName('query'))
|
2012-07-04 04:10:38 +02:00
|
|
|
->appendChild(
|
|
|
|
id(new AphrontFormSubmitControl())
|
2014-08-13 19:06:48 +02:00
|
|
|
->setValue(pht('Search')));
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2015-01-28 18:33:49 +01:00
|
|
|
$panel = id(new PHUIObjectBoxView())
|
|
|
|
->setHeaderText(pht('Import LDAP Users'))
|
|
|
|
->setForm($form);
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2013-04-02 17:58:52 +02:00
|
|
|
$crumbs = $this->buildApplicationCrumbs();
|
2013-12-19 02:47:34 +01:00
|
|
|
$crumbs->addTextCrumb(
|
|
|
|
pht('Import Ldap Users'),
|
|
|
|
$this->getApplicationURI('/ldap/'));
|
2013-04-02 17:58:52 +02:00
|
|
|
|
|
|
|
$nav = $this->buildSideNavView();
|
|
|
|
$nav->setCrumbs($crumbs);
|
|
|
|
$nav->selectFilter('ldap');
|
|
|
|
$nav->appendChild($content);
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2012-07-10 16:56:38 +02:00
|
|
|
if ($request->getStr('import')) {
|
2013-04-02 17:58:52 +02:00
|
|
|
$nav->appendChild($this->processImportRequest($request));
|
2012-07-04 04:10:38 +02:00
|
|
|
}
|
|
|
|
|
2013-04-02 17:58:52 +02:00
|
|
|
$nav->appendChild($panel);
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2012-07-10 16:56:38 +02:00
|
|
|
if ($request->getStr('search')) {
|
2013-04-02 17:58:52 +02:00
|
|
|
$nav->appendChild($this->processSearchRequest($request));
|
2012-07-10 16:56:38 +02:00
|
|
|
}
|
|
|
|
|
2012-08-14 00:27:21 +02:00
|
|
|
return $this->buildApplicationPage(
|
|
|
|
$nav,
|
2012-07-10 16:56:38 +02:00
|
|
|
array(
|
2013-04-02 17:58:52 +02:00
|
|
|
'title' => pht('Import Ldap Users'),
|
2012-07-10 16:56:38 +02:00
|
|
|
));
|
2012-07-04 04:10:38 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
private function processImportRequest($request) {
|
|
|
|
$admin = $request->getUser();
|
2012-07-10 16:56:38 +02:00
|
|
|
$usernames = $request->getArr('usernames');
|
|
|
|
$emails = $request->getArr('email');
|
|
|
|
$names = $request->getArr('name');
|
|
|
|
|
2013-04-02 17:58:52 +02:00
|
|
|
$notice_view = new AphrontErrorView();
|
|
|
|
$notice_view->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
|
2014-06-09 20:36:49 +02:00
|
|
|
$notice_view->setTitle(pht('Import Successful'));
|
2013-04-02 17:58:52 +02:00
|
|
|
$notice_view->setErrors(array(
|
2014-06-09 20:36:49 +02:00
|
|
|
pht('Successfully imported users from LDAP'),
|
2013-04-02 17:58:52 +02:00
|
|
|
));
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2013-09-09 23:14:34 +02:00
|
|
|
$list = new PHUIObjectItemListView();
|
2014-06-09 20:36:49 +02:00
|
|
|
$list->setNoDataString(pht('No users imported?'));
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2012-07-10 16:56:38 +02:00
|
|
|
foreach ($usernames as $username) {
|
2012-07-04 04:10:38 +02:00
|
|
|
$user = new PhabricatorUser();
|
|
|
|
$user->setUsername($username);
|
|
|
|
$user->setRealname($names[$username]);
|
2012-07-10 16:56:38 +02:00
|
|
|
|
2012-07-04 04:10:38 +02:00
|
|
|
$email_obj = id(new PhabricatorUserEmail())
|
|
|
|
->setAddress($emails[$username])
|
|
|
|
->setIsVerified(1);
|
|
|
|
try {
|
|
|
|
id(new PhabricatorUserEditor())
|
|
|
|
->setActor($admin)
|
|
|
|
->createNewUser($user, $email_obj);
|
2012-07-10 16:56:38 +02:00
|
|
|
|
2013-06-16 18:55:55 +02:00
|
|
|
id(new PhabricatorExternalAccount())
|
|
|
|
->setUserPHID($user->getPHID())
|
|
|
|
->setAccountType('ldap')
|
|
|
|
->setAccountDomain('self')
|
|
|
|
->setAccountID($username)
|
|
|
|
->save();
|
2013-04-02 17:58:52 +02:00
|
|
|
|
|
|
|
$header = pht('Successfully added %s', $username);
|
|
|
|
$attribute = null;
|
|
|
|
$color = 'green';
|
2012-07-04 04:10:38 +02:00
|
|
|
} catch (Exception $ex) {
|
2013-04-02 17:58:52 +02:00
|
|
|
$header = pht('Failed to add %s', $username);
|
|
|
|
$attribute = $ex->getMessage();
|
|
|
|
$color = 'red';
|
2012-07-04 04:10:38 +02:00
|
|
|
}
|
2013-04-02 17:58:52 +02:00
|
|
|
|
2013-09-09 23:14:34 +02:00
|
|
|
$item = id(new PHUIObjectItemView())
|
2013-04-02 17:58:52 +02:00
|
|
|
->setHeader($header)
|
|
|
|
->addAttribute($attribute)
|
|
|
|
->setBarColor($color);
|
|
|
|
|
|
|
|
$list->addItem($item);
|
2012-07-10 16:56:38 +02:00
|
|
|
}
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2013-04-02 17:58:52 +02:00
|
|
|
return array(
|
|
|
|
$notice_view,
|
|
|
|
$list,
|
|
|
|
);
|
2012-07-04 04:10:38 +02:00
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
private function processSearchRequest($request) {
|
|
|
|
$panel = new AphrontPanelView();
|
|
|
|
$admin = $request->getUser();
|
|
|
|
|
2013-06-20 20:18:11 +02:00
|
|
|
$search = $request->getStr('query');
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2014-07-22 13:18:15 +02:00
|
|
|
$ldap_provider = PhabricatorLDAPAuthProvider::getLDAPProvider();
|
2013-06-20 20:18:11 +02:00
|
|
|
if (!$ldap_provider) {
|
2014-06-09 20:36:49 +02:00
|
|
|
throw new Exception('No LDAP provider enabled!');
|
2013-06-20 20:18:11 +02:00
|
|
|
}
|
2012-07-04 04:10:38 +02:00
|
|
|
|
2013-06-20 20:18:11 +02:00
|
|
|
$ldap_adapter = $ldap_provider->getAdapter();
|
|
|
|
$ldap_adapter->setLoginUsername($request->getStr('username'));
|
|
|
|
$ldap_adapter->setLoginPassword(
|
|
|
|
new PhutilOpaqueEnvelope($request->getStr('password')));
|
|
|
|
|
|
|
|
// This causes us to connect and bind.
|
|
|
|
// TODO: Clean up this discard mode stuff.
|
|
|
|
DarkConsoleErrorLogPluginAPI::enableDiscardMode();
|
|
|
|
$ldap_adapter->getAccountID();
|
|
|
|
DarkConsoleErrorLogPluginAPI::disableDiscardMode();
|
|
|
|
|
|
|
|
$results = $ldap_adapter->searchLDAP('%Q', $search);
|
|
|
|
|
|
|
|
foreach ($results as $key => $record) {
|
|
|
|
$account_id = $ldap_adapter->readLDAPRecordAccountID($record);
|
|
|
|
if (!$account_id) {
|
|
|
|
unset($results[$key]);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
$info = array(
|
|
|
|
$account_id,
|
|
|
|
$ldap_adapter->readLDAPRecordEmail($record),
|
|
|
|
$ldap_adapter->readLDAPRecordRealName($record),
|
|
|
|
);
|
|
|
|
$results[$key] = $info;
|
|
|
|
$results[$key][] = $this->renderUserInputs($info);
|
2012-07-04 04:10:38 +02:00
|
|
|
}
|
|
|
|
|
2013-06-20 20:18:11 +02:00
|
|
|
$form = id(new AphrontFormView())
|
|
|
|
->setUser($admin);
|
|
|
|
|
|
|
|
$table = new AphrontTableView($results);
|
|
|
|
$table->setHeaders(
|
|
|
|
array(
|
|
|
|
pht('Username'),
|
|
|
|
pht('Email'),
|
|
|
|
pht('Real Name'),
|
|
|
|
pht('Import?'),
|
|
|
|
));
|
|
|
|
$form->appendChild($table);
|
|
|
|
$form->setAction($request->getRequestURI()
|
|
|
|
->alter('import', 'true')->alter('search', null))
|
|
|
|
->appendChild(
|
|
|
|
id(new AphrontFormSubmitControl())
|
|
|
|
->setValue(pht('Import')));
|
|
|
|
|
|
|
|
$panel->appendChild($form);
|
|
|
|
|
|
|
|
return $panel;
|
2012-07-04 04:10:38 +02:00
|
|
|
}
|
2012-07-10 16:56:38 +02:00
|
|
|
|
2012-07-04 04:10:38 +02:00
|
|
|
private function renderUserInputs($user) {
|
2012-07-17 23:05:26 +02:00
|
|
|
$username = $user[0];
|
2013-02-13 23:50:15 +01:00
|
|
|
return hsprintf(
|
|
|
|
'%s%s%s',
|
|
|
|
phutil_tag(
|
|
|
|
'input',
|
|
|
|
array(
|
|
|
|
'type' => 'checkbox',
|
|
|
|
'name' => 'usernames[]',
|
|
|
|
'value' => $username,
|
|
|
|
)),
|
|
|
|
phutil_tag(
|
|
|
|
'input',
|
|
|
|
array(
|
|
|
|
'type' => 'hidden',
|
|
|
|
'name' => "email[$username]",
|
|
|
|
'value' => $user[1],
|
|
|
|
)),
|
|
|
|
phutil_tag(
|
|
|
|
'input',
|
|
|
|
array(
|
|
|
|
'type' => 'hidden',
|
|
|
|
'name' => "name[$username]",
|
|
|
|
'value' => $user[2],
|
|
|
|
)));
|
2012-07-04 04:10:38 +02:00
|
|
|
}
|
2012-07-17 23:05:26 +02:00
|
|
|
|
2012-07-04 04:10:38 +02:00
|
|
|
}
|