64 if (empty($conf->ldap) || empty($conf->ldap->enabled)) {
67 if (defined(
'DISABLE_LDAP_SYNCHRO')) {
71 if (!function_exists(
'ldap_connect')) {
72 dol_syslog(
"Warning, module LDAP is enabled but LDAP functions not available in this PHP", LOG_WARNING);
76 require_once DOL_DOCUMENT_ROOT.
"/core/class/ldap.class.php";
77 require_once DOL_DOCUMENT_ROOT.
"/user/class/usergroup.class.php";
82 if ($action ==
'USER_CREATE') {
83 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
86 $result = $ldap->connectBind();
89 $info =
$object->_load_ldap_info();
90 $dn =
$object->_load_ldap_dn($info);
93 if ($ldap->serverType ==
"activedirectory") {
97 $result = $ldap->add($dn, $info, $user);
101 $this->error =
"ErrorLDAP ".$ldap->error;
104 } elseif ($action ==
'USER_MODIFY') {
105 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
108 $result = $ldap->connectBind();
112 dol_syslog(
"Trigger ".$action.
" was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
116 $oldinfo =
$object->oldcopy->_load_ldap_info();
117 $olddn =
$object->oldcopy->_load_ldap_dn($oldinfo);
120 $container =
$object->oldcopy->_load_ldap_dn($oldinfo, 1);
121 $search =
"(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).
")";
122 $records = $ldap->search($container, $search);
123 if (count($records) && $records[
'count'] == 0) {
127 $info =
$object->_load_ldap_info();
128 $dn =
$object->_load_ldap_dn($info);
129 $newrdn =
$object->_load_ldap_dn($info, 2);
130 $newparent =
$object->_load_ldap_dn($info, 1);
132 $result = $ldap->update($dn, $info, $user, $olddn, $newrdn, $newparent);
134 if ($result > 0 && !empty(
$object->context[
'newgroupid'])) {
137 $usergroup->fetch(
$object->context[
'newgroupid'],
'',
true);
139 $oldinfo = $usergroup->_load_ldap_info();
140 $olddn = $usergroup->_load_ldap_dn($oldinfo);
143 $container = $usergroup->_load_ldap_dn($oldinfo, 1);
144 $search =
"(".$usergroup->_load_ldap_dn($oldinfo, 2).
")";
145 $records = $ldap->search($container, $search);
146 if (count($records) && $records[
'count'] == 0) {
150 $info = $usergroup->_load_ldap_info();
151 $dn = $usergroup->_load_ldap_dn($info);
153 $result = $ldap->update($dn, $info, $user, $olddn);
156 if ($result > 0 && !empty(
$object->context[
'oldgroupid'])) {
159 $usergroup->fetch(
$object->context[
'oldgroupid'],
'',
true);
161 $oldinfo = $usergroup->_load_ldap_info();
162 $olddn = $usergroup->_load_ldap_dn($oldinfo);
165 $container = $usergroup->_load_ldap_dn($oldinfo, 1);
166 $search =
"(".$usergroup->_load_ldap_dn($oldinfo, 2).
")";
167 $records = $ldap->search($container, $search);
168 if (count($records) && $records[
'count'] == 0) {
172 $info = $usergroup->_load_ldap_info();
173 $dn = $usergroup->_load_ldap_dn($info);
175 $result = $ldap->update($dn, $info, $user, $olddn);
180 $this->error =
"ErrorLDAP ".$ldap->error;
183 } elseif ($action ==
'USER_NEW_PASSWORD') {
184 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
187 $result = $ldap->connectBind();
191 dol_syslog(
"Trigger ".$action.
" was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
195 $oldinfo =
$object->oldcopy->_load_ldap_info();
196 $olddn =
$object->oldcopy->_load_ldap_dn($oldinfo);
199 $container =
$object->oldcopy->_load_ldap_dn($oldinfo, 1);
200 $search =
"(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).
")";
201 $records = $ldap->search($container, $search);
202 if (count($records) && $records[
'count'] == 0) {
206 $info =
$object->_load_ldap_info();
207 $dn =
$object->_load_ldap_dn($info);
209 $result = $ldap->update($dn, $info, $user, $olddn);
213 $this->error =
"ErrorLDAP ".$ldap->error;
216 } elseif ($action ==
'USER_ENABLEDISABLE') {
217 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
220 $result = $ldap->connectBind();
222 $info =
$object->_load_ldap_info();
223 $dn =
$object->_load_ldap_dn($info);
224 $search =
"(" .
$object->_load_ldap_dn($info, 2) .
")";
225 $uAC = $ldap->getAttributeValues($search,
"userAccountControl");
226 if ($uAC[
"count"] == 1) {
227 $userAccountControl = intval($uAC[0]);
228 $enabledBitMask = 0x2;
229 $isEnabled = ($userAccountControl & $enabledBitMask) === 0;
230 if ($isEnabled && intval(
$object->statut) === 1) {
231 $userAccountControl += 2;
232 } elseif (!$isEnabled && intval(
$object->statut) === 0) {
233 $userAccountControl -= 2;
235 $info[
'userAccountControl'] = $userAccountControl;
237 $resUpdate = $ldap->update($dn, $info, $user, $dn);
238 if ($resUpdate < 0) {
239 $this->error =
"ErrorLDAP " . $ldap->error;
243 $this->error =
"ErrorLDAP " . $ldap->error;
246 } elseif ($action ==
'USER_DELETE') {
247 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
250 $result = $ldap->connectBind();
253 $info =
$object->_load_ldap_info();
254 $dn =
$object->_load_ldap_dn($info);
256 $result = $ldap->delete($dn);
260 $this->error =
"ErrorLDAP ".$ldap->error;
263 } elseif ($action ==
'USERGROUP_CREATE') {
265 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
268 $result = $ldap->connectBind();
271 $info =
$object->_load_ldap_info();
272 $dn =
$object->_load_ldap_dn($info);
275 if (empty($info[
getDolGlobalString(
'LDAP_GROUP_FIELD_GROUPID')]) && in_array(
'posixGroup', $info[
'objectclass'])) {
276 $info[
'gidNumber'] = $ldap->getNextGroupGid(
'LDAP_KEY_GROUPS');
280 if (isset($info[
'member']) && empty($info[
'member'])) {
281 unset($info[
'member']);
284 $result = $ldap->add($dn, $info, $user);
287 if ($ldap->serverType ==
"activedirectory") {
288 $info[
'sAMAccountName'] =
$object->name;
292 $this->error =
"ErrorLDAP ".$ldap->error;
295 } elseif ($action ==
'USERGROUP_MODIFY') {
296 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
299 $result = $ldap->connectBind();
303 dol_syslog(
"Trigger ".$action.
" was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
307 $oldinfo =
$object->oldcopy->_load_ldap_info();
308 $olddn =
$object->oldcopy->_load_ldap_dn($oldinfo);
311 $container =
$object->oldcopy->_load_ldap_dn($oldinfo, 1);
312 $search =
"(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).
")";
313 $records = $ldap->search($container, $search);
314 if (count($records) && $records[
'count'] == 0) {
318 $info =
$object->_load_ldap_info();
319 $dn =
$object->_load_ldap_dn($info);
321 $result = $ldap->update($dn, $info, $user, $olddn);
325 $this->error =
"ErrorLDAP ".$ldap->error;
328 } elseif ($action ==
'USERGROUP_DELETE') {
329 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
332 $result = $ldap->connectBind();
335 $info =
$object->_load_ldap_info();
336 $dn =
$object->_load_ldap_dn($info);
338 $result = $ldap->delete($dn);
342 $this->error =
"ErrorLDAP ".$ldap->error;
345 } elseif ($action ==
'CONTACT_CREATE') {
347 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
350 $result = $ldap->connectBind();
353 $info =
$object->_load_ldap_info();
354 $dn =
$object->_load_ldap_dn($info);
356 $result = $ldap->add($dn, $info, $user);
360 $this->error =
"ErrorLDAP ".$ldap->error;
363 } elseif ($action ==
'CONTACT_MODIFY') {
364 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
367 $result = $ldap->connectBind();
371 dol_syslog(
"Trigger ".$action.
" was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
375 $oldinfo =
$object->oldcopy->_load_ldap_info();
376 $olddn =
$object->oldcopy->_load_ldap_dn($oldinfo);
379 $container =
$object->oldcopy->_load_ldap_dn($oldinfo, 1);
380 $search =
"(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).
")";
381 $records = $ldap->search($container, $search);
382 if (count($records) && $records[
'count'] == 0) {
386 $info =
$object->_load_ldap_info();
387 $dn =
$object->_load_ldap_dn($info);
389 $result = $ldap->update($dn, $info, $user, $olddn);
393 $this->error =
"ErrorLDAP ".$ldap->error;
396 } elseif ($action ==
'CONTACT_DELETE') {
397 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
400 $result = $ldap->connectBind();
403 $info =
$object->_load_ldap_info();
404 $dn =
$object->_load_ldap_dn($info);
406 $result = $ldap->delete($dn);
410 $this->error =
"ErrorLDAP ".$ldap->error;
413 } elseif ($action ==
'MEMBER_CREATE') {
415 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
418 $result = $ldap->connectBind();
421 $info =
$object->_load_ldap_info();
422 $dn =
$object->_load_ldap_dn($info);
424 $result = $ldap->add($dn, $info, $user);
429 require_once DOL_DOCUMENT_ROOT.
"/adherents/class/adherent_type.class.php";
431 $membertype->fetch(
$object->typeid);
432 $membertype->listMembersForMemberType(
'', 1);
434 $oldinfo = $membertype->_load_ldap_info();
435 $olddn = $membertype->_load_ldap_dn($oldinfo);
438 $container = $membertype->_load_ldap_dn($oldinfo, 1);
439 $search =
"(".$membertype->_load_ldap_dn($oldinfo, 2).
")";
440 $records = $ldap->search($container, $search);
441 if (count($records) && $records[
'count'] == 0) {
445 $info = $membertype->_load_ldap_info();
446 $dn = $membertype->_load_ldap_dn($info);
448 $result = $ldap->update($dn, $info, $user, $olddn);
454 $this->error =
"ErrorLDAP ".$ldap->error;
457 } elseif ($action ==
'MEMBER_VALIDATE') {
458 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
463 $result = $ldap->connectBind();
466 $info =
$object->_load_ldap_info();
467 $dn =
$object->_load_ldap_dn($info);
470 $result = $ldap->update($dn, $info, $user, $olddn);
474 $this->error =
"ErrorLDAP ".$ldap->error;
478 } elseif ($action ==
'MEMBER_SUBSCRIPTION') {
479 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
488 $result = $ldap->connectBind();
491 $info =
$object->_load_ldap_info();
492 $dn =
$object->_load_ldap_dn($info);
495 $result = $ldap->update($dn, $info, $user, $olddn);
499 $this->error =
"ErrorLDAP ".$ldap->error;
503 } elseif ($action ==
'MEMBER_MODIFY') {
504 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
507 $result = $ldap->connectBind();
511 dol_syslog(
"Trigger ".$action.
" was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
515 if (!method_exists(
$object->oldcopy,
'_load_ldap_info')) {
516 dol_syslog(
"Trigger ".$action.
" was called by a function that did not set previously the method ->_load_ldap_info onto object", LOG_WARNING);
520 $oldinfo =
$object->oldcopy->_load_ldap_info();
521 $olddn =
$object->oldcopy->_load_ldap_dn($oldinfo);
524 $container =
$object->oldcopy->_load_ldap_dn($oldinfo, 1);
525 $search =
"(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).
")";
526 $records = $ldap->search($container, $search);
527 if (count($records) && $records[
'count'] == 0) {
531 $info =
$object->_load_ldap_info();
532 $dn =
$object->_load_ldap_dn($info);
533 $newrdn =
$object->_load_ldap_dn($info, 2);
534 $newparent =
$object->_load_ldap_dn($info, 1);
536 $result = $ldap->update($dn, $info, $user, $olddn, $newrdn, $newparent);
540 require_once DOL_DOCUMENT_ROOT.
"/adherents/class/adherent_type.class.php";
546 $newmembertype->fetch(
$object->typeid);
547 $newmembertype->listMembersForMemberType(
'', 1);
549 $oldinfo = $newmembertype->_load_ldap_info();
550 $olddn = $newmembertype->_load_ldap_dn($oldinfo);
553 $container = $newmembertype->_load_ldap_dn($oldinfo, 1);
554 $search =
"(".$newmembertype->_load_ldap_dn($oldinfo, 2).
")";
555 $records = $ldap->search($container, $search);
556 if (count($records) && $records[
'count'] == 0) {
560 $info = $newmembertype->_load_ldap_info();
561 $dn = $newmembertype->_load_ldap_dn($info);
563 $result = $ldap->update($dn, $info, $user, $olddn);
570 $oldmembertype->fetch(
$object->oldcopy->typeid);
571 $oldmembertype->listMembersForMemberType(
'', 1);
573 $oldinfo = $oldmembertype->_load_ldap_info();
574 $olddn = $oldmembertype->_load_ldap_dn($oldinfo);
577 $container = $oldmembertype->_load_ldap_dn($oldinfo, 1);
578 $search =
"(".$oldmembertype->_load_ldap_dn($oldinfo, 2).
")";
579 $records = $ldap->search($container, $search);
580 if (count($records) && $records[
'count'] == 0) {
584 $info = $oldmembertype->_load_ldap_info();
585 $dn = $oldmembertype->_load_ldap_dn($info);
587 $result = $ldap->update($dn, $info, $user, $olddn);
593 $this->errors[] =
"ErrorLDAP ".$ldap->error;
596 } elseif ($action ==
'MEMBER_NEW_PASSWORD') {
597 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
602 $result = $ldap->connectBind();
605 $info =
$object->_load_ldap_info();
606 $dn =
$object->_load_ldap_dn($info);
609 $result = $ldap->update($dn, $info, $user, $olddn);
613 $this->errors[] =
"ErrorLDAP ".$ldap->error;
617 } elseif ($action ==
'MEMBER_RESILIATE') {
618 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
623 $result = $ldap->connectBind();
626 $info =
$object->_load_ldap_info();
627 $dn =
$object->_load_ldap_dn($info);
630 $result = $ldap->update($dn, $info, $user, $olddn);
634 $this->errors[] =
"ErrorLDAP ".$ldap->error;
638 } elseif ($action ==
'MEMBER_DELETE') {
639 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
642 $result = $ldap->connectBind();
645 $info =
$object->_load_ldap_info();
646 $dn =
$object->_load_ldap_dn($info);
648 $result = $ldap->delete($dn);
653 require_once DOL_DOCUMENT_ROOT.
"/adherents/class/adherent_type.class.php";
659 $membertype->fetch(
$object->typeid);
660 $membertype->listMembersForMemberType(
'a.rowid != '.
$object->id, 1);
662 $oldinfo = $membertype->_load_ldap_info();
663 $olddn = $membertype->_load_ldap_dn($oldinfo);
666 $container = $membertype->_load_ldap_dn($oldinfo, 1);
667 $search =
"(".$membertype->_load_ldap_dn($oldinfo, 2).
")";
668 $records = $ldap->search($container, $search);
669 if (count($records) && $records[
'count'] == 0) {
673 $info = $membertype->_load_ldap_info();
674 $dn = $membertype->_load_ldap_dn($info);
676 $result = $ldap->update($dn, $info, $user, $olddn);
682 $this->errors[] =
"ErrorLDAP ".$ldap->error;
685 } elseif ($action ==
'MEMBER_TYPE_CREATE') {
687 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
690 $result = $ldap->connectBind();
693 $info =
$object->_load_ldap_info();
694 $dn =
$object->_load_ldap_dn($info);
697 if (in_array(
'posixGroup', $info[
'objectclass'])) {
698 $info[
'gidNumber'] = $ldap->getNextGroupGid(
'LDAP_KEY_MEMBERS_TYPE');
701 $result = $ldap->add($dn, $info, $user);
705 $this->errors[] =
"ErrorLDAP ".$ldap->error;
708 } elseif ($action ==
'MEMBER_TYPE_MODIFY') {
709 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
712 $result = $ldap->connectBind();
716 dol_syslog(
"Trigger ".$action.
" was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
720 $object->oldcopy->listMembersForMemberType(
'', 1);
722 $oldinfo =
$object->oldcopy->_load_ldap_info();
723 $olddn =
$object->oldcopy->_load_ldap_dn($oldinfo);
726 $container =
$object->oldcopy->_load_ldap_dn($oldinfo, 1);
727 $search =
"(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).
")";
728 $records = $ldap->search($container, $search);
729 if (count($records) && $records[
'count'] == 0) {
733 $object->listMembersForMemberType(
'', 1);
735 $info =
$object->_load_ldap_info();
736 $dn =
$object->_load_ldap_dn($info);
738 $result = $ldap->update($dn, $info, $user, $olddn);
742 $this->errors[] =
"ErrorLDAP ".$ldap->error;
745 } elseif ($action ==
'MEMBER_TYPE_DELETE') {
746 dol_syslog(
"Trigger '".$this->
name.
"' for action '$action' launched by ".__FILE__.
". id=".
$object->id);
749 $result = $ldap->connectBind();
752 $info =
$object->_load_ldap_info();
753 $dn =
$object->_load_ldap_dn($info);
755 $result = $ldap->delete($dn);
759 $this->errors[] =
"ErrorLDAP ".$ldap->error;