dolibarr 20.0.0
ldap_groups.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3 * Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
4 * Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
5 * Copyright (C) 2005 Regis Houssin <regis.houssin@inodbox.com>
6 * Copyright (C) 2006-2011 Laurent Destailleur <eldy@users.sourceforge.net>
7 * Copyright (C) 2011-2013 Juanjo Menent <jmenent@2byte.es>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program. If not, see <https://www.gnu.org/licenses/>.
21 */
22
29// Load Dolibarr environment
30require '../main.inc.php';
31require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
32require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
33require_once DOL_DOCUMENT_ROOT.'/user/class/usergroup.class.php';
34require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';
35require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
36
37// Load translation files required by the page
38$langs->loadLangs(array("admin", "errors"));
39
40if (!$user->admin) {
42}
43
44$action = GETPOST('action', 'aZ09');
45
46
47/*
48 * Actions
49 */
50
51if ($action == 'setvalue' && $user->admin) {
52 $error = 0;
53 $db->begin();
54
55 if (!dolibarr_set_const($db, 'LDAP_GROUP_DN', GETPOST("group", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
56 $error++;
57 }
58 if (!dolibarr_set_const($db, 'LDAP_GROUP_OBJECT_CLASS', GETPOST("objectclass", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
59 $error++;
60 }
61 if (!dolibarr_set_const($db, 'LDAP_GROUP_FILTER', GETPOST("filter"), 'chaine', 0, '', $conf->entity)) {
62 $error++;
63 }
64 if (!dolibarr_set_const($db, 'LDAP_GROUP_FIELD_FULLNAME', GETPOST("fieldfullname", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
65 $error++;
66 }
67 //if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_NAME',GETPOST("fieldname", 'alphanohtml'),'chaine',0,'',$conf->entity)) $error++;
68 if (!dolibarr_set_const($db, 'LDAP_GROUP_FIELD_DESCRIPTION', GETPOST("fielddescription", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
69 $error++;
70 }
71 if (!dolibarr_set_const($db, 'LDAP_GROUP_FIELD_GROUPMEMBERS', GETPOST("fieldgroupmembers", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
72 $error++;
73 }
74 if (!dolibarr_set_const($db, 'LDAP_GROUP_FIELD_GROUPID', GETPOST("fieldgroupid", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
75 $error++;
76 }
77
78 // This one must be after the others
79 $valkey = '';
80 $key = GETPOST("key");
81 if ($key) {
82 $valkey = getDolGlobalString($key);
83 }
84 if (!dolibarr_set_const($db, 'LDAP_KEY_GROUPS', $valkey, 'chaine', 0, '', $conf->entity)) {
85 $error++;
86 }
87
88 if (!$error) {
89 $db->commit();
90 setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
91 } else {
92 $db->rollback();
93 dol_print_error($db);
94 }
95}
96
97
98
99/*
100 * View
101 */
102
103$form = new Form($db);
104
105llxHeader('', $langs->trans("LDAPSetup"), 'EN:Module_LDAP_En|FR:Module_LDAP|ES:M&oacute;dulo_LDAP', '', 0, 0, '', '', '', 'mod-admin page-ldap_groups');
106$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
107
108print load_fiche_titre($langs->trans("LDAPSetup"), $linkback, 'title_setup');
109
110$head = ldap_prepare_head();
111
112// Test if the LDAP functionality is available
113if (!function_exists("ldap_connect")) {
114 setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors');
115}
116
117print dol_get_fiche_head($head, 'groups', '', -1);
118
119
120print '<span class="opacitymedium">'.$langs->trans("LDAPDescGroups").'</span><br>';
121print '<br>';
122
123
124print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
125print '<input type="hidden" name="token" value="'.newToken().'">';
126
127print '<table class="noborder centpercent">';
128
129print '<tr class="liste_titre">';
130print '<td colspan="4">'.$langs->trans("LDAPSynchronizeGroups").'</td>';
131print "</tr>\n";
132
133// DN (Domain Name) for the groups
134print '<!-- LDAP_GROUP_DN -->';
135print '<tr class="oddeven"><td><span class="fieldrequired">'.$langs->trans("LDAPGroupDn").'</span></td><td>';
136print '<input size="48" type="text" name="group" value="'.getDolGlobalString('LDAP_GROUP_DN').'">';
137print '</td><td>'.$langs->trans("LDAPGroupDnExample").'</td>';
138print '<td>&nbsp;</td>';
139print '</tr>';
140
141// List of object class used to define attributes in structure
142print '<!-- LDAP_GROUP_OBJECT_CLASS -->';
143print '<tr class="oddeven"><td><span class="fieldrequired">'.$langs->trans("LDAPGroupObjectClassList").'</span></td><td>';
144print '<input size="48" type="text" name="objectclass" value="'.getDolGlobalString('LDAP_GROUP_OBJECT_CLASS').'">';
145print '</td><td>'.$langs->trans("LDAPGroupObjectClassListExample").'</td>';
146print '<td>&nbsp;</td>';
147print '</tr>';
148
149// Filter, used to filter search
150print '<!-- LDAP_GROUP_FILTER -->';
151print '<tr class="oddeven"><td>'.$langs->trans("LDAPFilterConnection").'</td><td>';
152print '<input size="48" type="text" name="filter" value="'.getDolGlobalString('LDAP_GROUP_FILTER').'">';
153print '</td><td>'.$langs->trans("LDAPGroupFilterExample").'</td>';
154print '<td></td>';
155print '</tr>';
156
157print '</table>';
158
159print '<br>';
160
161print '<table class="noborder centpercent">';
162
163print '<tr class="liste_titre">';
164print '<td>'.$langs->trans("LDAPDolibarrMapping").'</td>';
165print '<td colspan="2">'.$langs->trans("LDAPLdapMapping").'</td>';
166print '<td class="right">'.$langs->trans("LDAPNamingAttribute").'</td>';
167print "</tr>\n";
168
169// Filtre
170
171// Common name
172print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldName").'</td><td>';
173print '<input size="25" type="text" name="fieldfullname" value="'.getDolGlobalString('LDAP_GROUP_FIELD_FULLNAME').'">';
174print '</td><td>'.$langs->trans("LDAPFieldCommonNameExample").'</td>';
175print '<td class="right"><input type="radio" name="key" value="LDAP_GROUP_FIELD_FULLNAME"'.((getDolGlobalString('LDAP_KEY_GROUPS') == getDolGlobalString('LDAP_GROUP_FIELD_FULLNAME')) ? ' checked' : '')."></td>";
176print '</tr>';
177
178// Name
179/*
180print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldName").'</td><td>';
181print '<input size="25" type="text" name="fieldname" value="'.$conf->global->LDAP_GROUP_FIELD_NAME.'">';
182print '</td><td>'.$langs->trans("LDAPFieldNameExample").'</td>';
183print '<td class="right"><input type="radio" name="key" value="'.$conf->global->LDAP_GROUP_FIELD_NAME.'"'.($conf->global->LDAP_KEY_GROUPS==$conf->global->LDAP_GROUP_FIELD_NAME?' checked':'')."></td>";
184print '</tr>';
185*/
186
187// Description
188print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldDescription").'</td><td>';
189print '<input size="25" type="text" name="fielddescription" value="'.getDolGlobalString('LDAP_GROUP_FIELD_DESCRIPTION').'">';
190print '</td><td>'.$langs->trans("LDAPFieldDescriptionExample").'</td>';
191print '<td class="right"><input type="radio" name="key" value="LDAP_GROUP_FIELD_DESCRIPTION"'.((getDolGlobalString('LDAP_KEY_GROUPS') == getDolGlobalString('LDAP_GROUP_FIELD_DESCRIPTION')) ? ' checked' : '')."></td>";
192print '</tr>';
193
194// User group
195print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldGroupMembers").'</td><td>';
196print '<input size="25" type="text" name="fieldgroupmembers" value="'.getDolGlobalString('LDAP_GROUP_FIELD_GROUPMEMBERS').'">';
197print '</td><td>'.$langs->trans("LDAPFieldGroupMembersExample").'</td>';
198print '<td class="right"><input type="radio" name="key" value="LDAP_GROUP_FIELD_GROUPMEMBERS"'.((getDolGlobalString('LDAP_KEY_GROUPS') == getDolGlobalString('LDAP_GROUP_FIELD_GROUPMEMBERS')) ? ' checked' : '')."></td>";
199print '</tr>';
200
201// Group id
202print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldGroupid").'</td><td>';
203print '<input size="25" type="text" name="fieldgroupid" value="'.getDolGlobalString('LDAP_GROUP_FIELD_GROUPID').'">';
204print '</td><td>'.$langs->trans("LDAPFieldGroupidExample").'</td>';
205print '<td class="right">&nbsp;</td>';
206print '</tr>';
207
208print '</table>';
209
210print info_admin($langs->trans("LDAPDescValues"));
211
212print dol_get_fiche_end();
213
214print $form->buttonsSaveCancel("Modify", '');
215
216print '</form>';
217
218
219/*
220 * Test the connection
221 */
222if (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
223 $butlabel = $langs->trans("LDAPTestSynchroGroup");
224 $testlabel = 'testgroup';
225 $key = getDolGlobalString('LDAP_KEY_GROUPS');
226 $dn = getDolGlobalString('LDAP_GROUP_DN');
227 $objectclass = getDolGlobalString('LDAP_GROUP_OBJECT_CLASS');
228
229 show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass);
230} elseif (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_LDAP_TO_DOLIBARR) {
231 $butlabel = $langs->trans("LDAPTestSearch");
232 $testlabel = 'testsearchgroup';
233 $key = getDolGlobalString('LDAP_KEY_GROUPS');
234 $dn = getDolGlobalString('LDAP_GROUP_DN');
235 $objectclass = getDolGlobalString('LDAP_GROUP_OBJECT_CLASS');
236 show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass);
237}
238
239if (function_exists("ldap_connect")) {
240 if ($action == 'testgroup') {
241 // Create object
242 $object = new UserGroup($db);
243 $object->initAsSpecimen();
244
245 // Test synchro
246 $ldap = new Ldap();
247 $result = $ldap->connectBind();
248
249 if ($result > 0) {
250 $info = $object->_load_ldap_info();
251 $dn = $object->_load_ldap_dn($info);
252
253 // Get a gid number for objectclass PosixGroup
254 if (in_array('posixGroup', $info['objectclass'])) {
255 $info['gidNumber'] = $ldap->getNextGroupGid('LDAP_KEY_GROUPS');
256 }
257
258 $result1 = $ldap->delete($dn); // To be sure to delete existing records
259 $result2 = $ldap->add($dn, $info, $user); // Now the test
260 $result3 = $ldap->delete($dn); // Clean what we did
261
262 if ($result2 > 0) {
263 print img_picto('', 'info').' ';
264 print '<span class="ok">'.$langs->trans("LDAPSynchroOK").'</span><br>';
265 } else {
266 print img_picto('', 'error').' ';
267 print '<span class="error">'.$langs->trans("LDAPSynchroKOMayBePermissions");
268 print ': '.$ldap->error;
269 print '</span><br>';
270 print $langs->trans("ErrorLDAPMakeManualTest", $conf->ldap->dir_temp).'<br>';
271 }
272
273 print "<br>\n";
274 print "LDAP input file used for test:<br><br>\n";
275 print nl2br($ldap->dumpContent($dn, $info));
276 print "\n<br>";
277 } else {
278 print img_picto('', 'error').' ';
279 print '<span class="error">'.$langs->trans("LDAPSynchroKO");
280 print ': '.$ldap->error;
281 print '</span><br>';
282 print $langs->trans("ErrorLDAPMakeManualTest", $conf->ldap->dir_temp).'<br>';
283 }
284 }
285
286 if ($action == 'testsearchgroup') {
287 // TODO Mutualize code below with other ldap_xxxx.php pages
288
289 // Test synchro
290 $ldap = new Ldap();
291 $result = $ldap->connectBind();
292
293 if ($result > 0) {
294 $required_fields = array(
295 getDolGlobalString('LDAP_KEY_GROUPS'),
296 // getDolGlobalString('LDAP_GROUP_FIELD_NAME'),
297 getDolGlobalString('LDAP_GROUP_FIELD_DESCRIPTION'),
298 getDolGlobalString('LDAP_GROUP_FIELD_GROUPMEMBERS'),
299 getDolGlobalString('LDAP_GROUP_FIELD_GROUPID')
300 );
301
302 // Remove from required_fields all entries not configured in LDAP (empty) and duplicated
303 $required_fields = array_unique(array_values(array_filter($required_fields, "dol_validElement")));
304
305 // Get from LDAP database an array of results
306 $ldapgroups = $ldap->getRecords('*', getDolGlobalString('LDAP_GROUP_DN'), getDolGlobalString('LDAP_KEY_GROUPS'), $required_fields, 'group');
307 //$ldapgroups = $ldap->getRecords('*', $conf->global->LDAP_GROUP_DN, $conf->global->LDAP_KEY_GROUPS, '', 'group');
308
309 if (is_array($ldapgroups)) {
310 $liste = array();
311 foreach ($ldapgroups as $key => $ldapgroup) {
312 // Define the label string for this group
313 $label = '';
314 foreach ($required_fields as $value) {
315 if ($value) {
316 $label .= $value."=".$ldapgroup[$value]." ";
317 }
318 }
319 $liste[$key] = $label;
320 }
321 } else {
322 setEventMessages($ldap->error, $ldap->errors, 'errors');
323 }
324
325 print "<br>\n";
326 print "LDAP search for group:<br>\n";
327 print "search: *<br>\n";
328 print "userDN: ".getDolGlobalString('LDAP_GROUP_DN')."<br>\n";
329 print "useridentifier: ".getDolGlobalString('LDAP_KEY_GROUPS')."<br>\n";
330 print "required_fields: ".implode(',', $required_fields)."<br>\n";
331 print "=> ".count($liste)." records<br>\n";
332 print "\n<br>";
333 } else {
334 print img_picto('', 'error').' ';
335 print '<span class="error">'.$langs->trans("LDAPSynchroKO");
336 print ': '.$ldap->error;
337 print '</span><br>';
338 print $langs->trans("ErrorLDAPMakeManualTest", $conf->ldap->dir_temp).'<br>';
339 }
340 }
341}
342
343// End of page
344llxFooter();
345$db->close();
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:58
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
if(!defined('NOREQUIRESOC')) if(!defined( 'NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined( 'NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined( 'NOREQUIREAJAX')) llxHeader()
Empty header.
Definition wrapper.php:55
llxFooter()
Empty footer.
Definition wrapper.php:69
Class to manage generation of HTML components Only common components must be here.
Class to manage LDAP features.
Class to manage user groups.
load_fiche_titre($title, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='')
Load a title with picto.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='', $dragdropfile=0)
Show tabs of a record.
dol_get_fiche_end($notab=0)
Return tab footer of a card.
getDolGlobalInt($key, $default=0)
Return a Dolibarr global constant int value.
newToken()
Return the value of token currently saved into session with name 'newtoken'.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0)
Set event messages in dol_events session object.
dol_print_error($db=null, $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
info_admin($text, $infoonimgalt=0, $nodiv=0, $admin='1', $morecss='hideonsmartphone', $textfordropdown='', $picto='')
Show information in HTML for admin users or standard users.
ldap_prepare_head()
Initialize the array of tabs for customer invoice.
Definition ldap.lib.php:31
show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass)
Show button test LDAP synchro.
Definition ldap.lib.php:102
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.