extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2025-01-13 01:18:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

* Addressbook/LDAP: recreation of contact (eg. because of missing objectclass) failed and lead to deleted contact or account

Browse Source
This commit is contained in:
Ralf Becker 2013-06-18 10:45:00 +00:00
parent b993253dcd
commit 02e4c44624
3 changed files with 50 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
addressbook/inc/class.addressbook_ldap.inc.php
View File

@ -115,7 +115,8 @@ class addressbook_ldap
var $schema2egw = array( var $schema2egw = array(
'posixaccount' => array( 'posixaccount' => array(
'account_id' => 'uidnumber', 'account_id' => 'uidnumber',
'account_lid' => 'uid', // 'account_lid' => 'uid',
'id' => 'uid',
'shadowexpire', 'shadowexpire',
), ),
'inetorgperson' => array( 'inetorgperson' => array(
@ -432,6 +433,7 @@ class addressbook_ldap
*/ */
function save($keys=null) function save($keys=null)
{ {
//error_log(__METHOD__."(".array2string($keys).") this->data=".array2string($this->data));
if(is_array($keys)) if(is_array($keys))
{ {
$this->data = is_array($this->data) ? array_merge($this->data,$keys) : $keys; $this->data = is_array($this->data) ? array_merge($this->data,$keys) : $keys;
@ -505,7 +507,7 @@ class addressbook_ldap
// add for all supported objectclasses the objectclass and it's attributes // add for all supported objectclasses the objectclass and it's attributes
foreach($this->schema2egw as $objectclass => $mapping) foreach($this->schema2egw as $objectclass => $mapping)
{ {
if(!$this->ldapServerInfo->supportsObjectClass($objectclass) || $objectclass == 'posixaccount') continue; if(!$this->ldapServerInfo->supportsObjectClass($objectclass)) continue;
if(!in_array($objectclass, $oldObjectclasses)) if(!in_array($objectclass, $oldObjectclasses))
{ {
@ -523,6 +525,7 @@ class addressbook_ldap
} }
foreach($mapping as $egwFieldName => $ldapFieldName) foreach($mapping as $egwFieldName => $ldapFieldName)
{ {
if (is_int($egwFieldName)) continue;
if(!empty($data[$egwFieldName])) if(!empty($data[$egwFieldName]))
{ {
// dont convert the (binary) jpegPhoto! // dont convert the (binary) jpegPhoto!
@ -533,6 +536,7 @@ class addressbook_ldap
{ {
$ldapContact[$ldapFieldName] = array(); $ldapContact[$ldapFieldName] = array();
} }
//error_log(__METHOD__."() ".__LINE__." objectclass=$objectclass, data['$egwFieldName']=".array2string($data[$egwFieldName])." --> ldapContact['$ldapFieldName']=".array2string($ldapContact[$ldapFieldName]));
} }
// handling of special attributes, like cat_id in evolutionPerson // handling of special attributes, like cat_id in evolutionPerson
$egw2objectclass = '_egw2'.$objectclass; $egw2objectclass = '_egw2'.$objectclass;
@ -556,7 +560,7 @@ class addressbook_ldap
$needRecreation = false; $needRecreation = false;
// add missing objectclasses // add missing objectclasses
if($ldapContact['objectClass'] && array_diff($ldapContact['objectClass'],$oldObjectclasses)) if($ldapContact['objectClass'] && ($missing=array_diff($ldapContact['objectClass'],$oldObjectclasses)))
{ {
if (!@ldap_mod_add($this->ds, $dn, array('objectClass' => $ldapContact['objectClass']))) if (!@ldap_mod_add($this->ds, $dn, array('objectClass' => $ldapContact['objectClass'])))
{ {
@ -564,12 +568,12 @@ class addressbook_ldap
{ {
// need to modify structural objectclass // need to modify structural objectclass
$needRecreation = true; $needRecreation = true;
//error_log(__METHOD__."() ".__LINE__." could not add objectclasses ".array2string($missing)." --> need to recreate contact");
} }
else else
{ {
//echo "<p>ldap_mod_add($this->ds,'$dn',array(objectClass =>".print_r($ldapContact['objectClass'],true)."))</p>\n"; //echo "<p>ldap_mod_add($this->ds,'$dn',array(objectClass =>".print_r($ldapContact['objectClass'],true)."))</p>\n";
error_log('class.so_ldap.inc.php ('. __LINE__ .') update of '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .')'); error_log(__METHOD__.'() '.__LINE__.' update of '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .')');
return $this->_error(__LINE__); return $this->_error(__LINE__);
} }
} }
@ -582,14 +586,10 @@ class addressbook_ldap
{ {
$result = ldap_read($this->ds, $dn, 'objectclass=*'); $result = ldap_read($this->ds, $dn, 'objectclass=*');
$oldContact = ldap_get_entries($this->ds, $result); $oldContact = ldap_get_entries($this->ds, $result);
foreach($oldContact[0] as $key => $value) $oldContact = ldap::result2array($oldContact[0]);
{ unset($oldContact['dn']);
if(is_array($value))
{ $newContact = $oldContact;
unset($value['count']);
$newContact[$key] = $value;
}
}
$newContact[$this->dn_attribute] = $ldapContact[$this->dn_attribute]; $newContact[$this->dn_attribute] = $ldapContact[$this->dn_attribute];
if(is_array($ldapContact['objectClass']) && count($ldapContact['objectClass']) > 0) if(is_array($ldapContact['objectClass']) && count($ldapContact['objectClass']) > 0)
@ -600,15 +600,14 @@ class addressbook_ldap
if(!ldap_delete($this->ds, $dn)) if(!ldap_delete($this->ds, $dn))
{ {
error_log('class.so_ldap.inc.php ('. __LINE__ .') delete of old '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .')'); error_log(__METHOD__.'() '.__LINE__.' delete of old '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .')');
return $this->_error(__LINE__); return $this->_error(__LINE__);
} }
if(!@ldap_add($this->ds, $newDN, $newContact)) if(!@ldap_add($this->ds, $newDN, $newContact))
{ {
//echo "<p>recreate: ldap_add($this->ds,'$newDN',".print_r($newContact,true).")</p>\n"; error_log(__METHOD__.'() '.__LINE__.' re-create contact as '. $newDN .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .') newContact='.array2string($newContact));
//print 'class.so_ldap.inc.php ('. __LINE__ .') update of '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .')';_debug_array($newContact);exit; // if adding with new objectclass or dn fails, re-add deleted contact
error_log('class.so_ldap.inc.php ('. __LINE__ .') re-create contact as '. $newDN .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .')'); @ldap_add($this->ds, $dn, $oldContact);
error_log(print_r($newContact,true));
return $this->_error(__LINE__); return $this->_error(__LINE__);
} }
$dn = $newDN; $dn = $newDN;
@ -622,7 +621,7 @@ class addressbook_ldap
} }
else else
{ {
error_log(__METHOD__."() ldap_rename or $dn to $newRDN failed! ".ldap_error($this->ds)); error_log(__METHOD__.'() '.__LINE__." ldap_rename of $dn to $newRDN failed! ".ldap_error($this->ds));
} }
} }
unset($ldapContact[$this->dn_attribute]); unset($ldapContact[$this->dn_attribute]);
@ -631,9 +630,7 @@ class addressbook_ldap
if (!@ldap_modify($this->ds, $dn, $ldapContact)) if (!@ldap_modify($this->ds, $dn, $ldapContact))
{ {
//echo "<p>ldap_modify($this->ds,'$dn',".print_r($ldapContact,true).') failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .")</p>\n"; error_log(__METHOD__.'() '.__LINE__.' update of '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .') ldapContact='.array2string($ldapContact));
error_log('class.so_ldap.inc.php ('. __LINE__ .') update of '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .')');
error_log(print_r($ldapContact,true));
return $this->_error(__LINE__); return $this->_error(__LINE__);
} }
} }
@ -644,9 +641,7 @@ class addressbook_ldap
if (!@ldap_add($this->ds, $dn, $ldapContact)) if (!@ldap_add($this->ds, $dn, $ldapContact))
{ {
//echo "<p>ldap_add($this->ds,'$dn',".array2string($ldapContact).") failed errorcode: ".ldap_errno($this->ds) .' ('. ldap_error($this->ds) .")</p>\n"; error_log(__METHOD__.'() '.__LINE__.' add of '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .') ldapContact='.array2string($ldapContact));
error_log('class.so_ldap.inc.php ('. __LINE__ .') add of '. $dn .' failed errorcode: '. ldap_errno($this->ds) .' ('. ldap_error($this->ds) .')');
error_log(array2string($ldapContact));
return $this->_error(__LINE__); return $this->_error(__LINE__);
} }
} }

32
phpgwapi/inc/class.accounts_ldap.inc.php
View File

@ -189,7 +189,7 @@ class accounts_ldap
} }
else else
{ {
$old = $this->_ldap2array($old[0]); $old = ldap::result2array($old[0]);
foreach($old['objectclass'] as $n => $class) foreach($old['objectclass'] as $n => $class)
{ {
$old['objectclass'][$n] = strtolower($class); $old['objectclass'][$n] = strtolower($class);
@ -362,36 +362,6 @@ class accounts_ldap
return $data['account_id']; return $data['account_id'];
} }
/**
* Convert a single ldap value into a associative array
*
* @param array $ldap array with numerical and associative indexes and count's
* @return array with only associative index and no count's
*/
function _ldap2array($ldap)
{
if (!is_array($ldap)) return false;
$arr = array();
foreach($ldap as $var => $val)
{
if (is_int($var) || $var == 'count') continue;
if (is_array($val) && $val['count'] == 1)
{
$arr[$var] = $val[0];
}
else
{
if (is_array($val)) unset($val['count']);
$arr[$var] = $val;
}
}
return $arr;
}
/** /**
* Delete one account, deletes also all acl-entries for that account * Delete one account, deletes also all acl-entries for that account
* *

29
phpgwapi/inc/class.ldap.inc.php
View File

@ -83,6 +83,35 @@ class ldap
return str_replace(array('\\','*','(',')','\0',' '),array('\\\\','\*','\(','\)','\\0','\20'),$string); return str_replace(array('\\','*','(',')','\0',' '),array('\\\\','\*','\(','\)','\\0','\20'),$string);
} }
/**
* Convert a single ldap result into a associative array
*
* @param array $ldap array with numerical and associative indexes and count's
* @return boolean|array with only associative index and no count's or false on error (parm is no array)
*/
static function result2array($ldap)
{
if (!is_array($ldap)) return false;
$arr = array();
foreach($ldap as $var => $val)
{
if (is_int($var) || $var == 'count') continue;
if (is_array($val) && $val['count'] == 1)
{
$arr[$var] = $val[0];
}
else
{
if (is_array($val)) unset($val['count']);
$arr[$var] = $val;
}
}
return $arr;
}
/** /**
* Connect to ldap server and return a handle * Connect to ldap server and return a handle
* *