1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 14:00:56 +01:00

Merge pull request #150 from linead/ldap_dir

Ldap dir
This commit is contained in:
Evan Priestley 2012-07-11 18:37:36 -07:00
commit 62e039b748
5 changed files with 261 additions and 5 deletions

View file

@ -840,6 +840,7 @@ phutil_register_library_map(array(
'PhabricatorPasteViewController' => 'applications/paste/controller/PhabricatorPasteViewController.php',
'PhabricatorPeopleController' => 'applications/people/controller/PhabricatorPeopleController.php',
'PhabricatorPeopleEditController' => 'applications/people/controller/PhabricatorPeopleEditController.php',
'PhabricatorPeopleLdapController' => 'applications/people/controller/PhabricatorPeopleLdapController.php',
'PhabricatorPeopleListController' => 'applications/people/controller/PhabricatorPeopleListController.php',
'PhabricatorPeopleLogsController' => 'applications/people/controller/PhabricatorPeopleLogsController.php',
'PhabricatorPeopleProfileController' => 'applications/people/controller/PhabricatorPeopleProfileController.php',
@ -1834,6 +1835,7 @@ phutil_register_library_map(array(
'PhabricatorPasteViewController' => 'PhabricatorPasteController',
'PhabricatorPeopleController' => 'PhabricatorController',
'PhabricatorPeopleEditController' => 'PhabricatorPeopleController',
'PhabricatorPeopleLdapController' => 'PhabricatorPeopleController',
'PhabricatorPeopleListController' => 'PhabricatorPeopleController',
'PhabricatorPeopleLogsController' => 'PhabricatorPeopleController',
'PhabricatorPeopleProfileController' => 'PhabricatorPeopleController',

View file

@ -72,6 +72,7 @@ class AphrontDefaultApplicationConfiguration
'logs/' => 'PhabricatorPeopleLogsController',
'edit/(?:(?P<id>\d+)/(?:(?P<view>\w+)/)?)?'
=> 'PhabricatorPeopleEditController',
'ldap/' => 'PhabricatorPeopleLdapController',
),
'/p/(?P<username>[\w._-]+)/(?:(?P<page>\w+)/)?'
=> 'PhabricatorPeopleProfileController',

View file

@ -55,20 +55,24 @@ final class PhabricatorLDAPProvider {
}
public function retrieveUserRealName() {
return $this->retrieveUserRealNameFromData($this->userData);
}
public function retrieveUserRealNameFromData($data) {
$name_attributes = PhabricatorEnv::getEnvConfig(
'ldap.real_name_attributes');
$real_name = '';
if (is_array($name_attributes)) {
foreach ($name_attributes AS $attribute) {
if (isset($this->userData[$attribute][0])) {
$real_name .= $this->userData[$attribute][0] . ' ';
if (isset($data[$attribute][0])) {
$real_name .= $data[$attribute][0] . ' ';
}
}
trim($real_name);
} else if (isset($this->userData[$name_attributes][0])) {
$real_name = $this->userData[$name_attributes][0];
} else if (isset($data[$name_attributes][0])) {
$real_name = $data[$name_attributes][0];
}
if ($real_name == '') {
@ -146,4 +150,46 @@ final class PhabricatorLDAPProvider {
return $entries[0];
}
public function search($query) {
$result = ldap_search($this->getConnection(), $this->getBaseDN(),
$query);
if (!$result) {
throw new Exception('Search failed. Please check your LDAP and HTTP '.
'logs for more information.');
}
$entries = ldap_get_entries($this->getConnection(), $result);
if ($entries === false) {
throw new Exception('Could not get entries');
}
if ($entries['count'] == 0) {
throw new Exception('No results found');
}
$rows = array();
for($i = 0; $i < $entries['count']; $i++) {
$row = array();
$entry = $entries[$i];
// Get username, email and realname
$username = $entry[$this->getSearchAttribute()][0];
if(empty($username)) {
continue;
}
$row[] = $username;
$row[] = $entry['mail'][0];
$row[] = $this->retrieveUserRealNameFromData($entry);
$rows[] = $row;
}
return $rows;
}
}

View file

@ -0,0 +1,197 @@
<?php
/*
* Copyright 2012 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
final class PhabricatorPeopleLdapController
extends PhabricatorPeopleController {
public function shouldRequireAdmin() {
return true;
}
private $view;
public function processRequest() {
$request = $this->getRequest();
$admin = $request->getUser();
$content = array();
$form = id(new AphrontFormView())
->setAction($request->getRequestURI()
->alter('search', 'true')->alter('import', null))
->setUser($admin)
->appendChild(
id(new AphrontFormTextControl())
->setLabel('LDAP username')
->setName('username'))
->appendChild(
id(new AphrontFormPasswordControl())
->setLabel('Password')
->setName('password'))
->appendChild(
id(new AphrontFormTextControl())
->setLabel('LDAP query')
->setCaption('A filter such as (objectClass=*)')
->setName('query'))
->appendChild(
id(new AphrontFormSubmitControl())
->setValue('Search'));
$panel = new AphrontPanelView();
$panel->setHeader('Import Ldap Users');
$panel->appendChild($form);
if ($request->getStr('import')) {
$content[] = $this->processImportRequest($request);
}
$content[] = $panel;
if ($request->getStr('search')) {
$content[] = $this->processSearchRequest($request);
}
return $this->buildStandardPageResponse(
$content,
array(
'title' => 'Import Ldap Users',
));
}
private function processImportRequest($request) {
$admin = $request->getUser();
$usernames = $request->getArr('usernames');
$emails = $request->getArr('email');
$names = $request->getArr('name');
$panel = new AphrontErrorView();
$panel->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$panel->setTitle("Import Successful");
$errors = array("Successfully imported users from LDAP");
foreach ($usernames as $username) {
$user = new PhabricatorUser();
$user->setUsername($username);
$user->setRealname($names[$username]);
$email_obj = id(new PhabricatorUserEmail())
->setAddress($emails[$username])
->setIsVerified(1);
try {
id(new PhabricatorUserEditor())
->setActor($admin)
->createNewUser($user, $email_obj);
$ldap_info = new PhabricatorUserLDAPInfo();
$ldap_info->setLDAPUsername($username);
$ldap_info->setUserID($user->getID());
$ldap_info->save();
$errors[] = 'Successfully added ' . $username;
} catch (Exception $ex) {
$errors[] = 'Failed to add ' . $username . ' ' . $ex->getMessage();
}
}
$panel->setErrors($errors);
return $panel;
}
private function processSearchRequest($request) {
$panel = new AphrontPanelView();
$admin = $request->getUser();
$username = $request->getStr('username');
$password = $request->getStr('password');
$search = $request->getStr('query');
try {
$ldap_provider = new PhabricatorLDAPProvider();
$ldap_provider->auth($username, $password);
$results = $ldap_provider->search($search);
foreach ($results as $key => $result) {
$results[$key][] = $this->renderUserInputs($result);
}
$form = id(new AphrontFormView())
->setUser($admin);
$table = new AphrontTableView($results);
$table->setHeaders(
array(
'Username',
'Email',
'RealName',
'',
));
$form->appendChild($table);
$form->setAction($request->getRequestURI()
->alter('import', 'true')->alter('search', null))
->appendChild(
id(new AphrontFormSubmitControl())
->setValue('Import'));
$panel->appendChild($form);
} catch (Exception $ex) {
$error_view = new AphrontErrorView();
$error_view->setTitle('LDAP Search Failed');
$error_view->setErrors(array($ex->getMessage()));
return $error_view;
}
return $panel;
}
private function renderUserInputs($user) {
$username = $user[0];
$inputs = phutil_render_tag(
'input',
array(
'type' => 'checkbox',
'name' => 'usernames[]',
'value' =>$username,
),
'');
$inputs .= phutil_render_tag(
'input',
array(
'type' => 'hidden',
'name' => "email[$username]",
'value' =>$user[1],
),
'');
$inputs .= phutil_render_tag(
'input',
array(
'type' => 'hidden',
'name' => "name[$username]",
'value' =>$user[2],
),
'');
return $inputs;
}
}

View file

@ -130,6 +130,16 @@ final class PhabricatorPeopleListController
'class' => 'button green',
),
'Create New Account'));
if (PhabricatorEnv::getEnvConfig('ldap.auth-enabled')) {
$panel->addButton(
phutil_render_tag(
'a',
array(
'href' => '/people/ldap/',
'class' => 'button green'
),
'Import from Ldap'));
}
}
return $this->buildStandardPageResponse($panel, array(