dolibarr  20.0.0-beta
ldap_groups.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3  * Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
4  * Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
5  * Copyright (C) 2005 Regis Houssin <regis.houssin@inodbox.com>
6  * Copyright (C) 2006-2011 Laurent Destailleur <eldy@users.sourceforge.net>
7  * Copyright (C) 2011-2013 Juanjo Menent <jmenent@2byte.es>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 3 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program. If not, see <https://www.gnu.org/licenses/>.
21  */
22 
29 // Load Dolibarr environment
30 require '../main.inc.php';
31 require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
32 require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
33 require_once DOL_DOCUMENT_ROOT.'/user/class/usergroup.class.php';
34 require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';
35 require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
36 
37 // Load translation files required by the page
38 $langs->loadLangs(array("admin", "errors"));
39 
40 if (!$user->admin) {
42 }
43 
44 $action = GETPOST('action', 'aZ09');
45 
46 
47 /*
48  * Actions
49  */
50 
51 if ($action == 'setvalue' && $user->admin) {
52  $error = 0;
53  $db->begin();
54 
55  if (!dolibarr_set_const($db, 'LDAP_GROUP_DN', GETPOST("group", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
56  $error++;
57  }
58  if (!dolibarr_set_const($db, 'LDAP_GROUP_OBJECT_CLASS', GETPOST("objectclass", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
59  $error++;
60  }
61  if (!dolibarr_set_const($db, 'LDAP_GROUP_FILTER', GETPOST("filter"), 'chaine', 0, '', $conf->entity)) {
62  $error++;
63  }
64  if (!dolibarr_set_const($db, 'LDAP_GROUP_FIELD_FULLNAME', GETPOST("fieldfullname", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
65  $error++;
66  }
67  //if (! dolibarr_set_const($db, 'LDAP_GROUP_FIELD_NAME',GETPOST("fieldname", 'alphanohtml'),'chaine',0,'',$conf->entity)) $error++;
68  if (!dolibarr_set_const($db, 'LDAP_GROUP_FIELD_DESCRIPTION', GETPOST("fielddescription", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
69  $error++;
70  }
71  if (!dolibarr_set_const($db, 'LDAP_GROUP_FIELD_GROUPMEMBERS', GETPOST("fieldgroupmembers", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
72  $error++;
73  }
74  if (!dolibarr_set_const($db, 'LDAP_GROUP_FIELD_GROUPID', GETPOST("fieldgroupid", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
75  $error++;
76  }
77 
78  // This one must be after the others
79  $valkey = '';
80  $key = GETPOST("key");
81  if ($key) {
82  $valkey = getDolGlobalString($key);
83  }
84  if (!dolibarr_set_const($db, 'LDAP_KEY_GROUPS', $valkey, 'chaine', 0, '', $conf->entity)) {
85  $error++;
86  }
87 
88  if (!$error) {
89  $db->commit();
90  setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
91  } else {
92  $db->rollback();
93  dol_print_error($db);
94  }
95 }
96 
97 
98 
99 /*
100  * View
101  */
102 
103 $form = new Form($db);
104 
105 llxHeader('', $langs->trans("LDAPSetup"), 'EN:Module_LDAP_En|FR:Module_LDAP|ES:M&oacute;dulo_LDAP');
106 $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
107 
108 print load_fiche_titre($langs->trans("LDAPSetup"), $linkback, 'title_setup');
109 
110 $head = ldap_prepare_head();
111 
112 // Test if the LDAP functionality is available
113 if (!function_exists("ldap_connect")) {
114  setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors');
115 }
116 
117 print dol_get_fiche_head($head, 'groups', '', -1);
118 
119 
120 print '<span class="opacitymedium">'.$langs->trans("LDAPDescGroups").'</span><br>';
121 print '<br>';
122 
123 
124 print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
125 print '<input type="hidden" name="token" value="'.newToken().'">';
126 
127 print '<table class="noborder centpercent">';
128 
129 print '<tr class="liste_titre">';
130 print '<td colspan="4">'.$langs->trans("LDAPSynchronizeGroups").'</td>';
131 print "</tr>\n";
132 
133 // DN (Domain Name) for the groups
134 print '<!-- LDAP_GROUP_DN -->';
135 print '<tr class="oddeven"><td><span class="fieldrequired">'.$langs->trans("LDAPGroupDn").'</span></td><td>';
136 print '<input size="48" type="text" name="group" value="'.getDolGlobalString('LDAP_GROUP_DN').'">';
137 print '</td><td>'.$langs->trans("LDAPGroupDnExample").'</td>';
138 print '<td>&nbsp;</td>';
139 print '</tr>';
140 
141 // List of object class used to define attributes in structure
142 print '<!-- LDAP_GROUP_OBJECT_CLASS -->';
143 print '<tr class="oddeven"><td><span class="fieldrequired">'.$langs->trans("LDAPGroupObjectClassList").'</span></td><td>';
144 print '<input size="48" type="text" name="objectclass" value="'.getDolGlobalString('LDAP_GROUP_OBJECT_CLASS').'">';
145 print '</td><td>'.$langs->trans("LDAPGroupObjectClassListExample").'</td>';
146 print '<td>&nbsp;</td>';
147 print '</tr>';
148 
149 // Filter, used to filter search
150 print '<!-- LDAP_GROUP_FILTER -->';
151 print '<tr class="oddeven"><td>'.$langs->trans("LDAPFilterConnection").'</td><td>';
152 print '<input size="48" type="text" name="filter" value="'.getDolGlobalString('LDAP_GROUP_FILTER').'">';
153 print '</td><td>'.$langs->trans("LDAPGroupFilterExample").'</td>';
154 print '<td></td>';
155 print '</tr>';
156 
157 print '</table>';
158 
159 print '<br>';
160 
161 print '<table class="noborder centpercent">';
162 
163 print '<tr class="liste_titre">';
164 print '<td>'.$langs->trans("LDAPDolibarrMapping").'</td>';
165 print '<td colspan="2">'.$langs->trans("LDAPLdapMapping").'</td>';
166 print '<td class="right">'.$langs->trans("LDAPNamingAttribute").'</td>';
167 print "</tr>\n";
168 
169 // Filtre
170 
171 // Common name
172 print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldName").'</td><td>';
173 print '<input size="25" type="text" name="fieldfullname" value="'.getDolGlobalString('LDAP_GROUP_FIELD_FULLNAME').'">';
174 print '</td><td>'.$langs->trans("LDAPFieldCommonNameExample").'</td>';
175 print '<td class="right"><input type="radio" name="key" value="LDAP_GROUP_FIELD_FULLNAME"'.((getDolGlobalString('LDAP_KEY_GROUPS') == getDolGlobalString('LDAP_GROUP_FIELD_FULLNAME')) ? ' checked' : '')."></td>";
176 print '</tr>';
177 
178 // Name
179 /*
180 print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldName").'</td><td>';
181 print '<input size="25" type="text" name="fieldname" value="'.$conf->global->LDAP_GROUP_FIELD_NAME.'">';
182 print '</td><td>'.$langs->trans("LDAPFieldNameExample").'</td>';
183 print '<td class="right"><input type="radio" name="key" value="'.$conf->global->LDAP_GROUP_FIELD_NAME.'"'.($conf->global->LDAP_KEY_GROUPS==$conf->global->LDAP_GROUP_FIELD_NAME?' checked':'')."></td>";
184 print '</tr>';
185 */
186 
187 // Description
188 print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldDescription").'</td><td>';
189 print '<input size="25" type="text" name="fielddescription" value="'.getDolGlobalString('LDAP_GROUP_FIELD_DESCRIPTION').'">';
190 print '</td><td>'.$langs->trans("LDAPFieldDescriptionExample").'</td>';
191 print '<td class="right"><input type="radio" name="key" value="LDAP_GROUP_FIELD_DESCRIPTION"'.((getDolGlobalString('LDAP_KEY_GROUPS') == getDolGlobalString('LDAP_GROUP_FIELD_DESCRIPTION')) ? ' checked' : '')."></td>";
192 print '</tr>';
193 
194 // User group
195 print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldGroupMembers").'</td><td>';
196 print '<input size="25" type="text" name="fieldgroupmembers" value="'.getDolGlobalString('LDAP_GROUP_FIELD_GROUPMEMBERS').'">';
197 print '</td><td>'.$langs->trans("LDAPFieldGroupMembersExample").'</td>';
198 print '<td class="right"><input type="radio" name="key" value="LDAP_GROUP_FIELD_GROUPMEMBERS"'.((getDolGlobalString('LDAP_KEY_GROUPS') == getDolGlobalString('LDAP_GROUP_FIELD_GROUPMEMBERS')) ? ' checked' : '')."></td>";
199 print '</tr>';
200 
201 // Group id
202 print '<tr class="oddeven"><td>'.$langs->trans("LDAPFieldGroupid").'</td><td>';
203 print '<input size="25" type="text" name="fieldgroupid" value="'.getDolGlobalString('LDAP_GROUP_FIELD_GROUPID').'">';
204 print '</td><td>'.$langs->trans("LDAPFieldGroupidExample").'</td>';
205 print '<td class="right">&nbsp;</td>';
206 print '</tr>';
207 
208 print '</table>';
209 
210 print info_admin($langs->trans("LDAPDescValues"));
211 
212 print dol_get_fiche_end();
213 
214 print $form->buttonsSaveCancel("Modify", '');
215 
216 print '</form>';
217 
218 
219 /*
220  * Test the connection
221  */
222 if (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
223  $butlabel = $langs->trans("LDAPTestSynchroGroup");
224  $testlabel = 'testgroup';
225  $key = getDolGlobalString('LDAP_KEY_GROUPS');
226  $dn = getDolGlobalString('LDAP_GROUP_DN');
227  $objectclass = getDolGlobalString('LDAP_GROUP_OBJECT_CLASS');
228 
229  show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass);
230 } elseif (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_LDAP_TO_DOLIBARR) {
231  $butlabel = $langs->trans("LDAPTestSearch");
232  $testlabel = 'testsearchgroup';
233  $key = getDolGlobalString('LDAP_KEY_GROUPS');
234  $dn = getDolGlobalString('LDAP_GROUP_DN');
235  $objectclass = getDolGlobalString('LDAP_GROUP_OBJECT_CLASS');
236  show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass);
237 }
238 
239 if (function_exists("ldap_connect")) {
240  if ($action == 'testgroup') {
241  // Create object
242  $object = new UserGroup($db);
243  $object->initAsSpecimen();
244 
245  // Test synchro
246  $ldap = new Ldap();
247  $result = $ldap->connectBind();
248 
249  if ($result > 0) {
250  $info = $object->_load_ldap_info();
251  $dn = $object->_load_ldap_dn($info);
252 
253  // Get a gid number for objectclass PosixGroup
254  if (in_array('posixGroup', $info['objectclass'])) {
255  $info['gidNumber'] = $ldap->getNextGroupGid('LDAP_KEY_GROUPS');
256  }
257 
258  $result1 = $ldap->delete($dn); // To be sure to delete existing records
259  $result2 = $ldap->add($dn, $info, $user); // Now the test
260  $result3 = $ldap->delete($dn); // Clean what we did
261 
262  if ($result2 > 0) {
263  print img_picto('', 'info').' ';
264  print '<span class="ok">'.$langs->trans("LDAPSynchroOK").'</span><br>';
265  } else {
266  print img_picto('', 'error').' ';
267  print '<span class="error">'.$langs->trans("LDAPSynchroKOMayBePermissions");
268  print ': '.$ldap->error;
269  print '</span><br>';
270  print $langs->trans("ErrorLDAPMakeManualTest", $conf->ldap->dir_temp).'<br>';
271  }
272 
273  print "<br>\n";
274  print "LDAP input file used for test:<br><br>\n";
275  print nl2br($ldap->dumpContent($dn, $info));
276  print "\n<br>";
277  } else {
278  print img_picto('', 'error').' ';
279  print '<span class="error">'.$langs->trans("LDAPSynchroKO");
280  print ': '.$ldap->error;
281  print '</span><br>';
282  print $langs->trans("ErrorLDAPMakeManualTest", $conf->ldap->dir_temp).'<br>';
283  }
284  }
285 
286  if ($action == 'testsearchgroup') {
287  // TODO Mutualize code below with other ldap_xxxx.php pages
288 
289  // Test synchro
290  $ldap = new Ldap();
291  $result = $ldap->connectBind();
292 
293  if ($result > 0) {
294  $required_fields = array(
295  getDolGlobalString('LDAP_KEY_GROUPS'),
296  // getDolGlobalString('LDAP_GROUP_FIELD_NAME'),
297  getDolGlobalString('LDAP_GROUP_FIELD_DESCRIPTION'),
298  getDolGlobalString('LDAP_GROUP_FIELD_GROUPMEMBERS'),
299  getDolGlobalString('LDAP_GROUP_FIELD_GROUPID')
300  );
301 
302  // Remove from required_fields all entries not configured in LDAP (empty) and duplicated
303  $required_fields = array_unique(array_values(array_filter($required_fields, "dol_validElement")));
304 
305  // Get from LDAP database an array of results
306  $ldapgroups = $ldap->getRecords('*', getDolGlobalString('LDAP_GROUP_DN'), getDolGlobalString('LDAP_KEY_GROUPS'), $required_fields, 'group');
307  //$ldapgroups = $ldap->getRecords('*', $conf->global->LDAP_GROUP_DN, $conf->global->LDAP_KEY_GROUPS, '', 'group');
308 
309  if (is_array($ldapgroups)) {
310  $liste = array();
311  foreach ($ldapgroups as $key => $ldapgroup) {
312  // Define the label string for this group
313  $label = '';
314  foreach ($required_fields as $value) {
315  if ($value) {
316  $label .= $value."=".$ldapgroup[$value]." ";
317  }
318  }
319  $liste[$key] = $label;
320  }
321  } else {
322  setEventMessages($ldap->error, $ldap->errors, 'errors');
323  }
324 
325  print "<br>\n";
326  print "LDAP search for group:<br>\n";
327  print "search: *<br>\n";
328  print "userDN: ".getDolGlobalString('LDAP_GROUP_DN')."<br>\n";
329  print "useridentifier: ".getDolGlobalString('LDAP_KEY_GROUPS')."<br>\n";
330  print "required_fields: ".implode(',', $required_fields)."<br>\n";
331  print "=> ".count($liste)." records<br>\n";
332  print "\n<br>";
333  } else {
334  print img_picto('', 'error').' ';
335  print '<span class="error">'.$langs->trans("LDAPSynchroKO");
336  print ': '.$ldap->error;
337  print '</span><br>';
338  print $langs->trans("ErrorLDAPMakeManualTest", $conf->ldap->dir_temp).'<br>';
339  }
340  }
341 }
342 
343 // End of page
344 llxFooter();
345 $db->close();
if($user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition: card.php:58
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
Definition: admin.lib.php:656
if(!defined('NOREQUIRESOC')) if(!defined('NOREQUIRETRAN')) if(!defined('NOTOKENRENEWAL')) if(!defined('NOREQUIREMENU')) if(!defined('NOREQUIREHTML')) if(!defined('NOREQUIREAJAX')) llxHeader()
Empty header.
Definition: wrapper.php:55
llxFooter()
Empty footer.
Definition: wrapper.php:69
Class to manage generation of HTML components Only common components must be here.
Class to manage LDAP features.
Definition: ldap.class.php:37
Class to manage user groups.
load_fiche_titre($title, $morehtmlright='', $picto='generic', $pictoisfullpath=0, $id='', $morecssontable='', $morehtmlcenter='')
Load a title with picto.
img_picto($titlealt, $picto, $moreatt='', $pictoisfullpath=0, $srconly=0, $notitle=0, $alt='', $morecss='', $marginleftonlyshort=2)
Show picto whatever it's its name (generic function)
dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $picto='', $pictoisfullpath=0, $morehtmlright='', $morecss='', $limittoshow=0, $moretabssuffix='', $dragdropfile=0)
Show tabs of a record.
dol_get_fiche_end($notab=0)
Return tab footer of a card.
getDolGlobalInt($key, $default=0)
Return a Dolibarr global constant int value.
newToken()
Return the value of token currently saved into session with name 'newtoken'.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
info_admin($text, $infoonimgalt=0, $nodiv=0, $admin='1', $morecss='hideonsmartphone', $textfordropdown='')
Show information in HTML for admin users or standard users.
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0)
Set event messages in dol_events session object.
dol_print_error($db=null, $error='', $errors=null)
Displays error message system with all the information to facilitate the diagnosis and the escalation...
getDolGlobalString($key, $default='')
Return dolibarr global constant string value.
ldap_prepare_head()
Initialize the array of tabs for customer invoice.
Definition: ldap.lib.php:31
show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass)
Show button test LDAP synchro.
Definition: ldap.lib.php:102
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.