mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-27 01:02:42 +01:00
Added ldap import controller
This commit is contained in:
parent
e683236793
commit
51d2d06e37
5 changed files with 288 additions and 5 deletions
|
@ -822,6 +822,7 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorPasteViewController' => 'applications/paste/controller/PhabricatorPasteViewController.php',
|
'PhabricatorPasteViewController' => 'applications/paste/controller/PhabricatorPasteViewController.php',
|
||||||
'PhabricatorPeopleController' => 'applications/people/controller/PhabricatorPeopleController.php',
|
'PhabricatorPeopleController' => 'applications/people/controller/PhabricatorPeopleController.php',
|
||||||
'PhabricatorPeopleEditController' => 'applications/people/controller/PhabricatorPeopleEditController.php',
|
'PhabricatorPeopleEditController' => 'applications/people/controller/PhabricatorPeopleEditController.php',
|
||||||
|
'PhabricatorPeopleLdapController' => 'applications/people/controller/PhabricatorPeopleLdapController.php',
|
||||||
'PhabricatorPeopleListController' => 'applications/people/controller/PhabricatorPeopleListController.php',
|
'PhabricatorPeopleListController' => 'applications/people/controller/PhabricatorPeopleListController.php',
|
||||||
'PhabricatorPeopleLogsController' => 'applications/people/controller/PhabricatorPeopleLogsController.php',
|
'PhabricatorPeopleLogsController' => 'applications/people/controller/PhabricatorPeopleLogsController.php',
|
||||||
'PhabricatorPeopleProfileController' => 'applications/people/controller/PhabricatorPeopleProfileController.php',
|
'PhabricatorPeopleProfileController' => 'applications/people/controller/PhabricatorPeopleProfileController.php',
|
||||||
|
@ -1792,6 +1793,7 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorPasteViewController' => 'PhabricatorPasteController',
|
'PhabricatorPasteViewController' => 'PhabricatorPasteController',
|
||||||
'PhabricatorPeopleController' => 'PhabricatorController',
|
'PhabricatorPeopleController' => 'PhabricatorController',
|
||||||
'PhabricatorPeopleEditController' => 'PhabricatorPeopleController',
|
'PhabricatorPeopleEditController' => 'PhabricatorPeopleController',
|
||||||
|
'PhabricatorPeopleLdapController' => 'PhabricatorPeopleController',
|
||||||
'PhabricatorPeopleListController' => 'PhabricatorPeopleController',
|
'PhabricatorPeopleListController' => 'PhabricatorPeopleController',
|
||||||
'PhabricatorPeopleLogsController' => 'PhabricatorPeopleController',
|
'PhabricatorPeopleLogsController' => 'PhabricatorPeopleController',
|
||||||
'PhabricatorPeopleProfileController' => 'PhabricatorPeopleController',
|
'PhabricatorPeopleProfileController' => 'PhabricatorPeopleController',
|
||||||
|
|
|
@ -72,6 +72,7 @@ class AphrontDefaultApplicationConfiguration
|
||||||
'logs/' => 'PhabricatorPeopleLogsController',
|
'logs/' => 'PhabricatorPeopleLogsController',
|
||||||
'edit/(?:(?P<id>\d+)/(?:(?P<view>\w+)/)?)?'
|
'edit/(?:(?P<id>\d+)/(?:(?P<view>\w+)/)?)?'
|
||||||
=> 'PhabricatorPeopleEditController',
|
=> 'PhabricatorPeopleEditController',
|
||||||
|
'ldap/' => 'PhabricatorPeopleLdapController',
|
||||||
),
|
),
|
||||||
'/p/(?P<username>[\w._-]+)/(?:(?P<page>\w+)/)?'
|
'/p/(?P<username>[\w._-]+)/(?:(?P<page>\w+)/)?'
|
||||||
=> 'PhabricatorPeopleProfileController',
|
=> 'PhabricatorPeopleProfileController',
|
||||||
|
|
|
@ -53,22 +53,26 @@ final class PhabricatorLDAPProvider {
|
||||||
public function retrieveUserEmail() {
|
public function retrieveUserEmail() {
|
||||||
return $this->userData['mail'][0];
|
return $this->userData['mail'][0];
|
||||||
}
|
}
|
||||||
|
|
||||||
public function retrieveUserRealName() {
|
public function retrieveUserRealName() {
|
||||||
|
return $this->retrieveUserRealNameFromData($this->userData);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function retrieveUserRealNameFromData($data) {
|
||||||
$name_attributes = PhabricatorEnv::getEnvConfig(
|
$name_attributes = PhabricatorEnv::getEnvConfig(
|
||||||
'ldap.real_name_attributes');
|
'ldap.real_name_attributes');
|
||||||
|
|
||||||
$real_name = '';
|
$real_name = '';
|
||||||
if (is_array($name_attributes)) {
|
if (is_array($name_attributes)) {
|
||||||
foreach ($name_attributes AS $attribute) {
|
foreach ($name_attributes AS $attribute) {
|
||||||
if (isset($this->userData[$attribute][0])) {
|
if (isset($data[$attribute][0])) {
|
||||||
$real_name .= $this->userData[$attribute][0] . ' ';
|
$real_name .= $data[$attribute][0] . ' ';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
trim($real_name);
|
trim($real_name);
|
||||||
} else if (isset($this->userData[$name_attributes][0])) {
|
} else if (isset($data[$name_attributes][0])) {
|
||||||
$real_name = $this->userData[$name_attributes][0];
|
$real_name = $data[$name_attributes][0];
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($real_name == '') {
|
if ($real_name == '') {
|
||||||
|
@ -146,4 +150,46 @@ final class PhabricatorLDAPProvider {
|
||||||
|
|
||||||
return $entries[0];
|
return $entries[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function search($query) {
|
||||||
|
$result = ldap_search($this->getConnection(), $this->getBaseDN(),
|
||||||
|
$query);
|
||||||
|
|
||||||
|
if (!$result) {
|
||||||
|
throw new Exception('Search failed. Please check your LDAP and HTTP '.
|
||||||
|
'logs for more information.');
|
||||||
|
}
|
||||||
|
|
||||||
|
$entries = ldap_get_entries($this->getConnection(), $result);
|
||||||
|
|
||||||
|
if ($entries === false) {
|
||||||
|
throw new Exception('Could not get entries');
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($entries['count'] == 0) {
|
||||||
|
throw new Exception('No results found');
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
$rows = array();
|
||||||
|
|
||||||
|
for($i = 0; $i < $entries['count']; $i++) {
|
||||||
|
$row = array();
|
||||||
|
$entry = $entries[$i];
|
||||||
|
// Get username, email and realname
|
||||||
|
$username = $entry[$this->getSearchAttribute()][0];
|
||||||
|
if(empty($username)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
$row[] = $username;
|
||||||
|
$row[] = $entry['mail'][0];
|
||||||
|
$row[] = $this->retrieveUserRealNameFromData($entry);
|
||||||
|
|
||||||
|
|
||||||
|
$rows[] = $row;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $rows;
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,224 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Copyright 2012 Facebook, Inc.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
final class PhabricatorPeopleLdapController
|
||||||
|
extends PhabricatorPeopleController {
|
||||||
|
|
||||||
|
public function shouldRequireAdmin() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
private $view;
|
||||||
|
|
||||||
|
public function willProcessRequest(array $data) {
|
||||||
|
$this->view = idx($data, 'view');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function processRequest() {
|
||||||
|
|
||||||
|
$request = $this->getRequest();
|
||||||
|
$admin = $request->getUser();
|
||||||
|
|
||||||
|
$base_uri = '/people/edit/';
|
||||||
|
|
||||||
|
$content = array();
|
||||||
|
|
||||||
|
|
||||||
|
$response = $this->processBasicRequest();
|
||||||
|
|
||||||
|
if ($response instanceof AphrontResponse) {
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$content[] = $response;
|
||||||
|
|
||||||
|
|
||||||
|
return $this->buildStandardPageResponse(
|
||||||
|
$content,
|
||||||
|
array(
|
||||||
|
'title' => 'Import Ldap Users',
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Displays a ldap login form, as we need to auth before we can search
|
||||||
|
*/
|
||||||
|
private function processBasicRequest() {
|
||||||
|
$panels = array();
|
||||||
|
|
||||||
|
$request = $this->getRequest();
|
||||||
|
|
||||||
|
$admin = $request->getUser();
|
||||||
|
|
||||||
|
$form = id(new AphrontFormView())
|
||||||
|
->setUser($admin)
|
||||||
|
->appendChild(
|
||||||
|
id(new AphrontFormTextControl())
|
||||||
|
->setLabel('LDAP username')
|
||||||
|
->setName('username'))
|
||||||
|
->appendChild(
|
||||||
|
id(new AphrontFormPasswordControl())
|
||||||
|
->setLabel('Password')
|
||||||
|
->setName('password'))
|
||||||
|
->appendChild(
|
||||||
|
id(new AphrontFormTextControl())
|
||||||
|
->setLabel('LDAP query')
|
||||||
|
->setName('query'))
|
||||||
|
->setAction($request->getRequestURI()->alter('search', 'true')->alter('import', null))
|
||||||
|
->appendChild(
|
||||||
|
id(new AphrontFormSubmitControl())
|
||||||
|
->setValue('Search'));
|
||||||
|
|
||||||
|
$panel = new AphrontPanelView();
|
||||||
|
$panel->setHeader('Import Ldap Users');
|
||||||
|
$panel->appendChild($form);
|
||||||
|
|
||||||
|
|
||||||
|
if($request->getStr('import')) {
|
||||||
|
$panels[] = $this->processImportRequest($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
$panels[] = $panel;
|
||||||
|
|
||||||
|
if($request->getStr('search')) {
|
||||||
|
$panels[] = $this->processSearchRequest($request);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $panels;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private function processImportRequest($request) {
|
||||||
|
$admin = $request->getUser();
|
||||||
|
$usernames = $request->getArr('usernames');
|
||||||
|
$emails = $request->getArr('email');
|
||||||
|
$names = $request->getArr('name');
|
||||||
|
|
||||||
|
$panel = new AphrontErrorView();
|
||||||
|
$panel->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
|
||||||
|
$panel->setTitle("Import Successful");
|
||||||
|
$errors = array("Successfully imported users from ldap");
|
||||||
|
|
||||||
|
|
||||||
|
foreach($usernames as $username) {
|
||||||
|
$user = new PhabricatorUser();
|
||||||
|
$user->setUsername($username);
|
||||||
|
$user->setRealname($names[$username]);
|
||||||
|
|
||||||
|
$email_obj = id(new PhabricatorUserEmail())
|
||||||
|
->setAddress($emails[$username])
|
||||||
|
->setIsVerified(1);
|
||||||
|
try {
|
||||||
|
id(new PhabricatorUserEditor())
|
||||||
|
->setActor($admin)
|
||||||
|
->createNewUser($user, $email_obj);
|
||||||
|
|
||||||
|
$ldap_info = new PhabricatorUserLDAPInfo();
|
||||||
|
$ldap_info->setLDAPUsername($username);
|
||||||
|
$ldap_info->setUserID($user->getID());
|
||||||
|
$ldap_info->save();
|
||||||
|
$errors[] = 'Succesfully added ' . $username;
|
||||||
|
} catch (Exception $ex) {
|
||||||
|
$errors[] = 'Failed to add ' . $username . ' ' . $ex->getMessage();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$panel->setErrors($errors);
|
||||||
|
return $panel;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private function processSearchRequest($request) {
|
||||||
|
$panel = new AphrontPanelView();
|
||||||
|
|
||||||
|
$admin = $request->getUser();
|
||||||
|
|
||||||
|
$username = $request->getStr('username');
|
||||||
|
$password = $request->getStr('password');
|
||||||
|
$search = $request->getStr('query');
|
||||||
|
|
||||||
|
try {
|
||||||
|
$ldapProvider = new PhabricatorLDAPProvider();
|
||||||
|
$ldapProvider->auth($username, $password);
|
||||||
|
$results = $ldapProvider->search($search);
|
||||||
|
foreach($results as $key => $result) {
|
||||||
|
$results[$key][] = $this->renderUserInputs($result);
|
||||||
|
}
|
||||||
|
|
||||||
|
$form = id(new AphrontFormView())
|
||||||
|
->setUser($admin);
|
||||||
|
|
||||||
|
$table = new AphrontTableView($results);
|
||||||
|
$table->setHeaders(
|
||||||
|
array(
|
||||||
|
'Username',
|
||||||
|
'Email',
|
||||||
|
'RealName',
|
||||||
|
'',
|
||||||
|
));
|
||||||
|
$form->appendChild($table);
|
||||||
|
$form->setAction($request->getRequestURI()->alter('import', 'true')->alter('search', null))
|
||||||
|
->appendChild(
|
||||||
|
id(new AphrontFormSubmitControl())
|
||||||
|
->setValue('Import'));
|
||||||
|
|
||||||
|
|
||||||
|
$panel->appendChild($form);
|
||||||
|
} catch (Exception $ex) {
|
||||||
|
$error_view = new AphrontErrorView();
|
||||||
|
$error_view->setTitle('LDAP Search Failed');
|
||||||
|
$error_view->setErrors(array($ex->getMessage()));
|
||||||
|
return $error_view;
|
||||||
|
}
|
||||||
|
return $panel;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private function renderUserInputs($user) {
|
||||||
|
$username = $user[0];
|
||||||
|
$inputs = phutil_render_tag(
|
||||||
|
'input',
|
||||||
|
array(
|
||||||
|
'type' => 'checkbox',
|
||||||
|
'name' => 'usernames[]',
|
||||||
|
'value' =>$username,
|
||||||
|
),
|
||||||
|
'');
|
||||||
|
|
||||||
|
$inputs .= phutil_render_tag(
|
||||||
|
'input',
|
||||||
|
array(
|
||||||
|
'type' => 'hidden',
|
||||||
|
'name' => "email[$username]",
|
||||||
|
'value' =>$user[1],
|
||||||
|
),
|
||||||
|
'');
|
||||||
|
|
||||||
|
$inputs .= phutil_render_tag(
|
||||||
|
'input',
|
||||||
|
array(
|
||||||
|
'type' => 'hidden',
|
||||||
|
'name' => "name[$username]",
|
||||||
|
'value' =>$user[2],
|
||||||
|
),
|
||||||
|
'');
|
||||||
|
|
||||||
|
return $inputs;
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -130,6 +130,16 @@ final class PhabricatorPeopleListController
|
||||||
'class' => 'button green',
|
'class' => 'button green',
|
||||||
),
|
),
|
||||||
'Create New Account'));
|
'Create New Account'));
|
||||||
|
if (PhabricatorEnv::getEnvConfig('ldap.auth-enabled')) {
|
||||||
|
$panel->addButton(
|
||||||
|
phutil_render_tag(
|
||||||
|
'a',
|
||||||
|
array(
|
||||||
|
'href' => '/people/ldap',
|
||||||
|
'class' => 'button green'
|
||||||
|
),
|
||||||
|
'Import from Ldap'));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->buildStandardPageResponse($panel, array(
|
return $this->buildStandardPageResponse($panel, array(
|
||||||
|
|
Loading…
Reference in a new issue