dolibarr 21.0.0-alpha
interface_50_modLdap_Ldapsynchro.class.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2005-2012 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2005-2021 Regis Houssin <regis.houssin@inodbox.com>
4 * Copyright (C) 2014 Marcos GarcĂ­a <marcosgdf@gmail.com>
5 * Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
19 */
20
27require_once DOL_DOCUMENT_ROOT.'/core/triggers/dolibarrtriggers.class.php';
28
29
33class InterfaceLdapsynchro extends DolibarrTriggers
34{
40 public function __construct($db)
41 {
42 $this->db = $db;
43
44 $this->name = preg_replace('/^Interface/i', '', get_class($this));
45 $this->family = "ldap";
46 $this->description = "Triggers of this module allows to synchronize Dolibarr toward a LDAP database.";
47 $this->version = self::VERSIONS['prod'];
48 $this->picto = 'technic';
49 }
50
62 public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
63 {
64 if (empty($conf->ldap) || empty($conf->ldap->enabled)) {
65 return 0; // Module not active, we do nothing
66 }
67 if (defined('DISABLE_LDAP_SYNCHRO')) {
68 return 0; // If constant defined, we do nothing
69 }
70
71 if (!function_exists('ldap_connect')) {
72 dol_syslog("Warning, module LDAP is enabled but LDAP functions not available in this PHP", LOG_WARNING);
73 return 0;
74 }
75
76 require_once DOL_DOCUMENT_ROOT."/core/class/ldap.class.php";
77 require_once DOL_DOCUMENT_ROOT."/user/class/usergroup.class.php";
78
79 $result = 0;
80
81 // Users
82 if ($action == 'USER_CREATE') {
83 '@phan-var-force User $object'; // Seems to suppose this object kind
84 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
85 if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
86 $ldap = new Ldap();
87 $result = $ldap->connectBind();
88
89 if ($result > 0) {
90 $info = $object->_load_ldap_info();
91 $dn = $object->_load_ldap_dn($info);
92
93 //For compatibility with Samba 4 AD
94 if ($ldap->serverType == "activedirectory") {
95 $info['userAccountControl'] = getDolGlobalString('LDAP_USERACCOUNTCONTROL');
96 }
97
98 $result = $ldap->add($dn, $info, $user);
99 }
100
101 if ($result < 0) {
102 $this->error = "ErrorLDAP ".$ldap->error;
103 }
104 }
105 } elseif ($action == 'USER_MODIFY') {
106 '@phan-var-force User $object'; // Seems to suppose this object kind
107 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
108 if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
109 $ldap = new Ldap();
110 $result = $ldap->connectBind();
111
112 if ($result > 0) {
113 if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
114 dol_syslog("Trigger ".$action." was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
115 $object->oldcopy = clone $object; // @phan-suppress-current-line PhanTypeMismatchProperty
116 }
117
118 $oldinfo = $object->oldcopy->_load_ldap_info();
119 $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
120
121 // Verify if entry exist
122 $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
123 $search = "(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).")";
124 $records = $ldap->search($container, $search);
125 if (count($records) && $records['count'] == 0) {
126 $olddn = '';
127 }
128
129 $info = $object->_load_ldap_info();
130 $dn = $object->_load_ldap_dn($info);
131 $newrdn = $object->_load_ldap_dn($info, 2);
132 $newparent = $object->_load_ldap_dn($info, 1);
133
134 $result = $ldap->update($dn, $info, $user, $olddn, $newrdn, $newparent);
135
136 if ($result > 0 && !empty($object->context['newgroupid'])) { // We are in context of adding a new group to user
137 $usergroup = new UserGroup($this->db);
138
139 $usergroup->fetch($object->context['newgroupid'], '', true);
140
141 $oldinfo = $usergroup->_load_ldap_info();
142 $olddn = $usergroup->_load_ldap_dn($oldinfo);
143
144 // Verify if entry exist
145 $container = $usergroup->_load_ldap_dn($oldinfo, 1);
146 $search = "(".$usergroup->_load_ldap_dn($oldinfo, 2).")";
147 $records = $ldap->search($container, $search);
148 if (count($records) && $records['count'] == 0) {
149 $olddn = '';
150 }
151
152 $info = $usergroup->_load_ldap_info(); // Contains all members, included the new one (insert already done before trigger call)
153 $dn = $usergroup->_load_ldap_dn($info);
154
155 $result = $ldap->update($dn, $info, $user, $olddn);
156 }
157
158 if ($result > 0 && !empty($object->context['oldgroupid'])) { // We are in context of removing a group from user
159 $usergroup = new UserGroup($this->db);
160
161 $usergroup->fetch($object->context['oldgroupid'], '', true);
162
163 $oldinfo = $usergroup->_load_ldap_info();
164 $olddn = $usergroup->_load_ldap_dn($oldinfo);
165
166 // Verify if an entry exists
167 $container = $usergroup->_load_ldap_dn($oldinfo, 1);
168 $search = "(".$usergroup->_load_ldap_dn($oldinfo, 2).")";
169 $records = $ldap->search($container, $search);
170 if (count($records) && $records['count'] == 0) {
171 $olddn = '';
172 }
173
174 $info = $usergroup->_load_ldap_info(); // Contains all members, except the old one (remove already done before trigger call)
175 $dn = $usergroup->_load_ldap_dn($info);
176
177 $result = $ldap->update($dn, $info, $user, $olddn);
178 }
179 }
180
181 if ($result < 0) {
182 $this->error = "ErrorLDAP ".$ldap->error;
183 }
184 }
185 } elseif ($action == 'USER_NEW_PASSWORD') {
186 '@phan-var-force User $object'; // Seems to suppose this object kind
187 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
188 if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
189 $ldap = new Ldap();
190 $result = $ldap->connectBind();
191
192 if ($result > 0) {
193 if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
194 dol_syslog("Trigger ".$action." was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
195 $object->oldcopy = clone $object; // @phan-suppress-current-line PhanTypeMismatchProperty
196 }
197
198 $oldinfo = $object->oldcopy->_load_ldap_info();
199 $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
200
201 // Verify if entry exist
202 $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
203 $search = "(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).")";
204 $records = $ldap->search($container, $search);
205 if (count($records) && $records['count'] == 0) {
206 $olddn = '';
207 }
208
209 $info = $object->_load_ldap_info();
210 $dn = $object->_load_ldap_dn($info);
211
212 $result = $ldap->update($dn, $info, $user, $olddn);
213 }
214
215 if ($result < 0) {
216 $this->error = "ErrorLDAP ".$ldap->error;
217 }
218 }
219 } elseif ($action == 'USER_ENABLEDISABLE') {
220 '@phan-var-force User $object'; // Seems to suppose this object kind
221 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
222 if (getDolGlobalInt("LDAP_SYNCHRO_ACTIVE") === Ldap::SYNCHRO_DOLIBARR_TO_LDAP && getDolGlobalString('LDAP_SERVER_TYPE') == "activedirectory") {
223 $ldap = new Ldap();
224 $result = $ldap->connectBind();
225 if ($result > 0) {
226 $info = $object->_load_ldap_info();
227 $dn = $object->_load_ldap_dn($info);
228 $search = "(" . $object->_load_ldap_dn($info, 2) . ")";
229 $uAC = $ldap->getAttributeValues($search, "userAccountControl");
230 if ($uAC["count"] == 1) {
231 $userAccountControl = intval($uAC[0]);
232 $enabledBitMask = 0x2;
233 $isEnabled = ($userAccountControl & $enabledBitMask) === 0;
234 if ($isEnabled && intval($object->statut) === 1) {
235 $userAccountControl += 2;
236 } elseif (!$isEnabled && intval($object->statut) === 0) {
237 $userAccountControl -= 2;
238 }
239 $info['userAccountControl'] = $userAccountControl;
240 // @phan-suppress-next-line PhanPluginSuspiciousParamPosition
241 $resUpdate = $ldap->update($dn, $info, $user, $dn);
242 if ($resUpdate < 0) {
243 $this->error = "ErrorLDAP " . $ldap->error;
244 }
245 }
246 } else {
247 $this->error = "ErrorLDAP " . $ldap->error;
248 }
249 }
250 } elseif ($action == 'USER_DELETE') {
251 '@phan-var-force User $object'; // Seems to suppose this object kind
252 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
253 if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
254 $ldap = new Ldap();
255 $result = $ldap->connectBind();
256
257 if ($result > 0) {
258 $info = $object->_load_ldap_info();
259 $dn = $object->_load_ldap_dn($info);
260
261 $result = $ldap->delete($dn);
262 }
263
264 if ($result < 0) {
265 $this->error = "ErrorLDAP ".$ldap->error;
266 }
267 }
268 } elseif ($action == 'USERGROUP_CREATE') {
269 '@phan-var-force UserGroup $object'; // Seems to suppose this object kind
270 // Groups
271 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
272 if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
273 $ldap = new Ldap();
274 $result = $ldap->connectBind();
275
276 if ($result > 0) {
277 $info = $object->_load_ldap_info();
278 $dn = $object->_load_ldap_dn($info);
279
280 // Get a gid number for objectclass PosixGroup if none was provided
281 if (empty($info[getDolGlobalString('LDAP_GROUP_FIELD_GROUPID')]) && in_array('posixGroup', $info['objectclass'])) {
282 $info['gidNumber'] = $ldap->getNextGroupGid('LDAP_KEY_GROUPS');
283 }
284
285 // Avoid Ldap error due to empty member
286 if (isset($info['member']) && empty($info['member'])) {
287 unset($info['member']);
288 }
289
290 $result = $ldap->add($dn, $info, $user);
291 }
292
293 if ($ldap->serverType == "activedirectory") {
294 $info['sAMAccountName'] = $object->name;
295 }
296
297 if ($result < 0) {
298 $this->error = "ErrorLDAP ".$ldap->error;
299 }
300 }
301 } elseif ($action == 'USERGROUP_MODIFY') {
302 '@phan-var-force UserGroup $object'; // Seems to suppose this object kind
303 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
304 if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
305 $ldap = new Ldap();
306 $result = $ldap->connectBind();
307
308 if ($result > 0) {
309 if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
310 dol_syslog("Trigger ".$action." was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
311 $object->oldcopy = clone $object;
312 }
313
314 $oldinfo = $object->oldcopy->_load_ldap_info();
315 $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
316
317 // Verify if entry exist
318 $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
319 $search = "(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).")";
320 $records = $ldap->search($container, $search);
321 if (count($records) && $records['count'] == 0) {
322 $olddn = '';
323 }
324
325 $info = $object->_load_ldap_info();
326 $dn = $object->_load_ldap_dn($info);
327
328 $result = $ldap->update($dn, $info, $user, $olddn);
329 }
330
331 if ($result < 0) {
332 $this->error = "ErrorLDAP ".$ldap->error;
333 }
334 }
335 } elseif ($action == 'USERGROUP_DELETE') {
336 '@phan-var-force UserGroup $object'; // Seems to suppose this object kind
337 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
338 if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
339 $ldap = new Ldap();
340 $result = $ldap->connectBind();
341
342 if ($result > 0) {
343 $info = $object->_load_ldap_info();
344 $dn = $object->_load_ldap_dn($info);
345
346 $result = $ldap->delete($dn);
347 }
348
349 if ($result < 0) {
350 $this->error = "ErrorLDAP ".$ldap->error;
351 }
352 }
353 } elseif ($action == 'CONTACT_CREATE') {
354 '@phan-var-force Contact $object'; // Seems to suppose this object kind
355 // Contacts
356 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
357 if (getDolGlobalString('LDAP_CONTACT_ACTIVE')) {
358 $ldap = new Ldap();
359 $result = $ldap->connectBind();
360
361 if ($result > 0) {
362 $info = $object->_load_ldap_info();
363 $dn = $object->_load_ldap_dn($info);
364
365 $result = $ldap->add($dn, $info, $user);
366 }
367
368 if ($result < 0) {
369 $this->error = "ErrorLDAP ".$ldap->error;
370 }
371 }
372 } elseif ($action == 'CONTACT_MODIFY') {
373 '@phan-var-force Contact $object'; // Seems to suppose this object kind
374 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
375 if (getDolGlobalString('LDAP_CONTACT_ACTIVE')) {
376 $ldap = new Ldap();
377 $result = $ldap->connectBind();
378
379 if ($result > 0) {
380 if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
381 dol_syslog("Trigger ".$action." was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
382 $object->oldcopy = clone $object; // @phan-suppress-current-line PhanTypeMismatchProperty
383 }
384
385 $oldinfo = $object->oldcopy->_load_ldap_info();
386 $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
387
388 // Verify if entry exist
389 $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
390 $search = "(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).")";
391 $records = $ldap->search($container, $search);
392 if (count($records) && $records['count'] == 0) {
393 $olddn = '';
394 }
395
396 $info = $object->_load_ldap_info();
397 $dn = $object->_load_ldap_dn($info);
398
399 $result = $ldap->update($dn, $info, $user, $olddn);
400 }
401
402 if ($result < 0) {
403 $this->error = "ErrorLDAP ".$ldap->error;
404 }
405 }
406 } elseif ($action == 'CONTACT_DELETE') {
407 '@phan-var-force Contact $object'; // Seems to suppose this object kind
408 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
409 if (getDolGlobalString('LDAP_CONTACT_ACTIVE')) {
410 $ldap = new Ldap();
411 $result = $ldap->connectBind();
412
413 if ($result > 0) {
414 $info = $object->_load_ldap_info();
415 $dn = $object->_load_ldap_dn($info);
416
417 $result = $ldap->delete($dn);
418 }
419
420 if ($result < 0) {
421 $this->error = "ErrorLDAP ".$ldap->error;
422 }
423 }
424 } elseif ($action == 'MEMBER_CREATE') {
425 '@phan-var-force Adherent $object'; // Seems to suppose this object kind
426 // Members
427 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
428 if (getDolGlobalString('LDAP_MEMBER_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
429 $ldap = new Ldap();
430 $result = $ldap->connectBind();
431
432 if ($result > 0) {
433 $info = $object->_load_ldap_info();
434 $dn = $object->_load_ldap_dn($info);
435
436 $result = $ldap->add($dn, $info, $user);
437
438 // For member type
439 if (getDolGlobalString('LDAP_MEMBER_TYPE_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
440 if ($object->typeid > 0) {
441 require_once DOL_DOCUMENT_ROOT."/adherents/class/adherent_type.class.php";
442 $membertype = new AdherentType($this->db);
443 $membertype->fetch($object->typeid);
444 $membertype->listMembersForMemberType('', 1);
445
446 $oldinfo = $membertype->_load_ldap_info();
447 $olddn = $membertype->_load_ldap_dn($oldinfo);
448
449 // Verify if entry exist
450 $container = $membertype->_load_ldap_dn($oldinfo, 1);
451 $search = "(".$membertype->_load_ldap_dn($oldinfo, 2).")";
452 $records = $ldap->search($container, $search);
453 if (count($records) && $records['count'] == 0) {
454 $olddn = '';
455 }
456
457 $info = $membertype->_load_ldap_info(); // Contains all members, included the new one (insert already done before trigger call)
458 $dn = $membertype->_load_ldap_dn($info);
459
460 $result = $ldap->update($dn, $info, $user, $olddn);
461 }
462 }
463 }
464
465 if ($result < 0) {
466 $this->error = "ErrorLDAP ".$ldap->error;
467 }
468 }
469 } elseif ($action == 'MEMBER_VALIDATE') {
470 '@phan-var-force UserGroup $object'; // Seems to suppose this object kind
471 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
472 if (getDolGlobalString('LDAP_MEMBER_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
473 // If status field is setup to be synchronized
474 if (getDolGlobalString('LDAP_FIELD_MEMBER_STATUS')) {
475 $ldap = new Ldap();
476 $result = $ldap->connectBind();
477
478 if ($result > 0) {
479 $info = $object->_load_ldap_info();
480 $dn = $object->_load_ldap_dn($info);
481 $olddn = $dn; // We know olddn=dn as we change only status
482
483 $result = $ldap->update($dn, $info, $user, $olddn);
484 }
485
486 if ($result < 0) {
487 $this->error = "ErrorLDAP ".$ldap->error;
488 }
489 }
490 }
491 } elseif ($action == 'MEMBER_SUBSCRIPTION') {
492 '@phan-var-force Adherent|User $object'; // Seems to suppose this object type
493 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
494 if (getDolGlobalString('LDAP_MEMBER_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
495 // If subscriptions fields are setup to be synchronized
496 if (getDolGlobalString('LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE')
497 || getDolGlobalString('LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_AMOUNT')
498 || getDolGlobalString('LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_DATE')
499 || getDolGlobalString('LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_AMOUNT')
500 || getDolGlobalString('LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION')) {
501 $ldap = new Ldap();
502 $result = $ldap->connectBind();
503
504 if ($result > 0) {
505 $info = $object->_load_ldap_info();
506 $dn = $object->_load_ldap_dn($info);
507 $olddn = $dn; // We know olddn=dn as we change only subscriptions
508
509 $result = $ldap->update($dn, $info, $user, $olddn);
510 }
511
512 if ($result < 0) {
513 $this->error = "ErrorLDAP ".$ldap->error;
514 }
515 }
516 }
517 } elseif ($action == 'MEMBER_MODIFY') {
518 '@phan-var-force Adherent|User $object'; // Seems to suppose this object type
519 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
520 if (getDolGlobalString('LDAP_MEMBER_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
521 $ldap = new Ldap();
522 $result = $ldap->connectBind();
523
524 if ($result > 0) {
525 if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
526 dol_syslog("Trigger ".$action." was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
527 $object->oldcopy = clone $object; // @phan-suppress-current-line PhanTypeMismatchProperty
528 }
529
530 $oldinfo = $object->oldcopy->_load_ldap_info();
531 $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
532
533 // Verify if entry exist
534 $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
535 $search = "(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).")";
536 $records = $ldap->search($container, $search);
537 if (count($records) && $records['count'] == 0) {
538 $olddn = '';
539 }
540
541 $info = $object->_load_ldap_info();
542 $dn = $object->_load_ldap_dn($info);
543 $newrdn = $object->_load_ldap_dn($info, 2);
544 $newparent = $object->_load_ldap_dn($info, 1);
545
546 $result = $ldap->update($dn, $info, $user, $olddn, $newrdn, $newparent);
547
548 // For member type
549 if (getDolGlobalString('LDAP_MEMBER_TYPE_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
550 require_once DOL_DOCUMENT_ROOT."/adherents/class/adherent_type.class.php";
551
552 /*
553 * Change member info
554 */
555 $newmembertype = new AdherentType($this->db);
556 $newmembertype->fetch($object->typeid);
557 $newmembertype->listMembersForMemberType('', 1);
558
559 $oldinfo = $newmembertype->_load_ldap_info();
560 $olddn = $newmembertype->_load_ldap_dn($oldinfo);
561
562 // Verify if entry exist
563 $container = $newmembertype->_load_ldap_dn($oldinfo, 1);
564 $search = "(".$newmembertype->_load_ldap_dn($oldinfo, 2).")";
565 $records = $ldap->search($container, $search);
566 if (count($records) && $records['count'] == 0) {
567 $olddn = '';
568 }
569
570 $info = $newmembertype->_load_ldap_info(); // Contains all members, included the new one (insert already done before trigger call)
571 $dn = $newmembertype->_load_ldap_dn($info);
572
573 $result = $ldap->update($dn, $info, $user, $olddn);
574
575 if ($object->oldcopy->typeid != $object->typeid) {
576 /*
577 * Remove member in old member type
578 */
579 $oldmembertype = new AdherentType($this->db);
580 $oldmembertype->fetch($object->oldcopy->typeid);
581 $oldmembertype->listMembersForMemberType('', 1);
582
583 $oldinfo = $oldmembertype->_load_ldap_info();
584 $olddn = $oldmembertype->_load_ldap_dn($oldinfo);
585
586 // Verify if entry exist
587 $container = $oldmembertype->_load_ldap_dn($oldinfo, 1);
588 $search = "(".$oldmembertype->_load_ldap_dn($oldinfo, 2).")";
589 $records = $ldap->search($container, $search);
590 if (count($records) && $records['count'] == 0) {
591 $olddn = '';
592 }
593
594 $info = $oldmembertype->_load_ldap_info(); // Contains all members, included the new one (insert already done before trigger call)
595 $dn = $oldmembertype->_load_ldap_dn($info);
596
597 $result = $ldap->update($dn, $info, $user, $olddn);
598 }
599 }
600 }
601
602 if ($result <= 0) {
603 $this->errors[] = "ErrorLDAP ".$ldap->error;
604 }
605 }
606 } elseif ($action == 'MEMBER_NEW_PASSWORD') {
607 '@phan-var-force Adherent|User $object'; // Seems to suppose this object type
608 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
609 if (getDolGlobalString('LDAP_MEMBER_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
610 // If password field is setup to be synchronized
611 if (getDolGlobalString('LDAP_FIELD_PASSWORD') || getDolGlobalString('LDAP_FIELD_PASSWORD_CRYPTED')) {
612 $ldap = new Ldap();
613 $result = $ldap->connectBind();
614
615 if ($result > 0) {
616 $info = $object->_load_ldap_info();
617 $dn = $object->_load_ldap_dn($info);
618 $olddn = $dn; // We know olddn=dn as we change only password
619
620 $result = $ldap->update($dn, $info, $user, $olddn);
621 }
622
623 if ($result <= 0) {
624 $this->errors[] = "ErrorLDAP ".$ldap->error;
625 }
626 }
627 }
628 } elseif ($action == 'MEMBER_RESILIATE') {
629 '@phan-var-force Adherent|User $object'; // Seems to suppose this object type
630 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
631 if (getDolGlobalString('LDAP_MEMBER_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
632 // If status field is setup to be synchronized
633 if (getDolGlobalString('LDAP_FIELD_MEMBER_STATUS')) {
634 $ldap = new Ldap();
635 $result = $ldap->connectBind();
636
637 if ($result > 0) {
638 $info = $object->_load_ldap_info();
639 $dn = $object->_load_ldap_dn($info);
640 $olddn = $dn; // We know olddn=dn as we change only status
641
642 $result = $ldap->update($dn, $info, $user, $olddn);
643 }
644
645 if ($result <= 0) {
646 $this->errors[] = "ErrorLDAP ".$ldap->error;
647 }
648 }
649 }
650 } elseif ($action == 'MEMBER_DELETE') {
651 '@phan-var-force Adherent|User $object'; // Seems to suppose this object type
652 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
653 if (getDolGlobalString('LDAP_MEMBER_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
654 $ldap = new Ldap();
655 $result = $ldap->connectBind();
656
657 if ($result > 0) {
658 $info = $object->_load_ldap_info();
659 $dn = $object->_load_ldap_dn($info);
660
661 $result = $ldap->delete($dn);
662
663 // For member type
664 if (getDolGlobalString('LDAP_MEMBER_TYPE_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
665 if ($object->typeid > 0) {
666 require_once DOL_DOCUMENT_ROOT."/adherents/class/adherent_type.class.php";
667
668 /*
669 * Remove member in member type
670 */
671 $membertype = new AdherentType($this->db);
672 $membertype->fetch($object->typeid);
673 $membertype->listMembersForMemberType('a.rowid != '.$object->id, 1); // remove deleted member from the list
674
675 $oldinfo = $membertype->_load_ldap_info();
676 $olddn = $membertype->_load_ldap_dn($oldinfo);
677
678 // Verify if entry exist
679 $container = $membertype->_load_ldap_dn($oldinfo, 1);
680 $search = "(".$membertype->_load_ldap_dn($oldinfo, 2).")";
681 $records = $ldap->search($container, $search);
682 if (count($records) && $records['count'] == 0) {
683 $olddn = '';
684 }
685
686 $info = $membertype->_load_ldap_info(); // Contains all members, included the new one (insert already done before trigger call)
687 $dn = $membertype->_load_ldap_dn($info);
688
689 $result = $ldap->update($dn, $info, $user, $olddn);
690 }
691 }
692 }
693
694 if ($result <= 0) {
695 $this->errors[] = "ErrorLDAP ".$ldap->error;
696 }
697 }
698 } elseif ($action == 'MEMBER_TYPE_CREATE') {
699 '@phan-var-force Adherent|User $object'; // Seems to suppose this object type
700 // Member types
701 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
702 if (getDolGlobalString('LDAP_MEMBER_TYPE_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
703 $ldap = new Ldap();
704 $result = $ldap->connectBind();
705
706 if ($result > 0) {
707 $info = $object->_load_ldap_info();
708 $dn = $object->_load_ldap_dn($info);
709
710 // Get a gid number for objectclass PosixGroup
711 if (in_array('posixGroup', $info['objectclass'])) {
712 $info['gidNumber'] = $ldap->getNextGroupGid('LDAP_KEY_MEMBERS_TYPE');
713 }
714
715 $result = $ldap->add($dn, $info, $user);
716 }
717
718 if ($result <= 0) {
719 $this->errors[] = "ErrorLDAP ".$ldap->error;
720 }
721 }
722 } elseif ($action == 'MEMBER_TYPE_MODIFY') {
723 '@phan-var-force Adherent|User $object'; // Seems to suppose this object type
724 dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
725 if (getDolGlobalString('LDAP_MEMBER_TYPE_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
726 $ldap = new Ldap();
727 $result = $ldap->connectBind();
728
729 if ($result > 0) {
730 if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
731 dol_syslog("Trigger ".$action." was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
732 $object->oldcopy = clone $object; // @phan-suppress-current-line PhanTypeMismatchProperty
733 }
734
735 $object->oldcopy->listMembersForMemberType('', 1);
736
737 $oldinfo = $object->oldcopy->_load_ldap_info();
738 $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
739
740 // Verify if entry exist
741 $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
742 $search = "(".$object->oldcopy->_load_ldap_dn($oldinfo, 2).")";
743 $records = $ldap->search($container, $search);
744 if (count($records) && $records['count'] == 0) {
745 $olddn = '';
746 }
747
748 $object->listMembersForMemberType('', 1);
749
750 $info = $object->_load_ldap_info();
751 $dn = $object->_load_ldap_dn($info);
752
753 $result = $ldap->update($dn, $info, $user, $olddn);
754 }
755
756 if ($result <= 0) {
757 $this->errors[] = "ErrorLDAP ".$ldap->error;
758 }
759 }
760 } elseif ($action == 'MEMBER_TYPE_DELETE') {
761 '@phan-var-force Adherent|User $object'; // Seems to suppose this object type
762 if (getDolGlobalString('LDAP_MEMBER_TYPE_ACTIVE') && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
763 $ldap = new Ldap();
764 $result = $ldap->connectBind();
765
766 if ($result > 0) {
767 $info = $object->_load_ldap_info();
768 $dn = $object->_load_ldap_dn($info);
769
770 $result = $ldap->delete($dn);
771 }
772
773 if ($result <= 0) {
774 $this->errors[] = "ErrorLDAP ".$ldap->error;
775 }
776 }
777 }
778
779 return $result;
780 }
781}
$object
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:58
AdherentType
Class to manage members type.
Definition adherent_type.class.php:38
Conf
Class to stock current configuration.
Definition conf.class.php:35
DolibarrTriggers
Class that all triggers must inherit.
Definition dolibarrtriggers.class.php:24
InterfaceLdapsynchro
Class of triggers for ldap module.
Definition interface_50_modLdap_Ldapsynchro.class.php:34
InterfaceLdapsynchro\runTrigger
runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
Function called when a Dolibarr business event is done.
Definition interface_50_modLdap_Ldapsynchro.class.php:62
Ldap
Class to manage LDAP features.
Definition ldap.class.php:38
Translate
Class to manage translations.
Definition translate.class.php:32
UserGroup
Class to manage user groups.
Definition usergroup.class.php:42
User
Class to manage Dolibarr users.
Definition user.class.php:50
description
print $script_file $mode $langs defaultlang(is_numeric($duration_value) ? " delay=". $duration_value :"").(is_numeric($duration_value2) ? " after cd cd cd description as description
Only used if Module[ID]Desc translation string is not found.
Definition email_expire_services_to_customers.php:89
getDolGlobalInt
getDolGlobalInt($key, $default=0)
Return a Dolibarr global constant int value.
Definition functions.lib.php:232
getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:217
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2251
name
$conf db name
Only used if Module[ID]Name translation string is not found.
Definition repair.php:140
Generated on Fri Nov 1 2024 01:00:29 for dolibarr by Doxygen 1.11.0