mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-22 16:03:47 +01:00
WIP implement VLV search for LDAP too and also filtering by >=modifyTimestamp used for account-import
This commit is contained in:
parent
c151f7786f
commit
aab768d87f
@ -45,6 +45,42 @@ use setup_cmd_ldap;
|
||||
*/
|
||||
class Ldap
|
||||
{
|
||||
use LdapVlvSortRequestTrait;
|
||||
|
||||
/**
|
||||
* Timestamps ldap => egw used in several places
|
||||
*
|
||||
* @var string[]
|
||||
*/
|
||||
public $timestamps2egw = [
|
||||
'createtimestamp' => 'account_created',
|
||||
'modifytimestamp' => 'account_modified',
|
||||
'shadowexpire' => 'account_expires',
|
||||
'shadowlastchange' => 'account_lastpwd_change',
|
||||
//'lastlogon' => 'account_lastlogin',
|
||||
];
|
||||
|
||||
/**
|
||||
* Other attributes sorted by their default matching rule
|
||||
*/
|
||||
public $other2egw = [
|
||||
'uidnumber' => 'account_id',
|
||||
'gidnumber' => 'account_primary_group',
|
||||
];
|
||||
|
||||
/**
|
||||
* String attributes which can be sorted by caseIgnoreMatch ldap => egw
|
||||
*
|
||||
* @var string[]
|
||||
*/
|
||||
public $attributes2egw = [
|
||||
'uid' => 'account_lid',
|
||||
'sn' => 'account_lastname',
|
||||
'givenname' => 'account_firstname',
|
||||
'cn' => 'account_fullname',
|
||||
'email' => 'account_email',
|
||||
];
|
||||
|
||||
/**
|
||||
* Name of mail attribute
|
||||
*/
|
||||
@ -692,6 +728,7 @@ class Ldap
|
||||
* 'lid','firstname','lastname','email' - query only the given field for containing $param[query]
|
||||
* @param $param['offset'] int - number of matches to return if start given, default use the value in the prefs
|
||||
* @param $param['objectclass'] boolean return objectclass(es) under key 'objectclass' in each account
|
||||
* @param $param['modified'] int if given minimum modification time
|
||||
* @return array with account_id => data pairs, data is an array with account_id, account_lid, account_firstname,
|
||||
* account_lastname, person_id (id of the linked addressbook entry), account_status, account_expires, account_primary_group
|
||||
*/
|
||||
@ -722,9 +759,10 @@ class Ldap
|
||||
else // we need to run the unlimited query
|
||||
{
|
||||
$query = Api\Ldap::quote(strtolower($param['query']));
|
||||
$order_by = ($param['order'] ?? null ? explode(',', $param['order'])[0] : 'account_lid').' '.($param['sort'] ?? null ?: 'ASC');
|
||||
|
||||
$accounts = array();
|
||||
if($param['type'] != 'groups')
|
||||
if($param['type'] !== 'groups')
|
||||
{
|
||||
$filter = "(&(objectclass=posixaccount)";
|
||||
if (!empty($query) && $query != '*')
|
||||
@ -759,9 +797,26 @@ class Ldap
|
||||
}
|
||||
// add account_filter to filter (user has to be '*', as we otherwise only search uid's)
|
||||
$filter .= str_replace(array('%user', '%domain'), array('*', $GLOBALS['egw_info']['user']['domain']), $this->account_filter);
|
||||
|
||||
// return only group-members
|
||||
if (is_numeric($param['type']))
|
||||
{
|
||||
if (($members = Api\Accounts::getInstance()->members($param['type'], true)))
|
||||
{
|
||||
$filter .= '(|(uidNumber=' . implode(')(uidNumber=', $members) . '))';
|
||||
}
|
||||
else
|
||||
{
|
||||
$filter .= '(uidNumber=0)'; // to NOT find any user
|
||||
}
|
||||
}
|
||||
if (!empty($param['modified']))
|
||||
{
|
||||
$filter .= "(modifytimestamp>=".gmdate('YmdHis', $param['modified']).".0Z)";
|
||||
}
|
||||
$filter .= ')';
|
||||
|
||||
if ($param['type'] != 'both')
|
||||
/*if ($param['type'] != 'both')
|
||||
{
|
||||
// follow:
|
||||
// - first query only few attributes for sorting and throwing away not needed results
|
||||
@ -800,17 +855,21 @@ class Ldap
|
||||
$relevantAccounts = is_numeric($start) ? array_slice(array_keys($fullSet), $start, $offset) : array_keys($fullSet);
|
||||
$filter = '(&(objectclass=posixaccount)(|(uid='.implode(')(uid=',$relevantAccounts).'))' . $this->account_filter.')';
|
||||
$filter = str_replace(array('%user','%domain'),array('*',$GLOBALS['egw_info']['user']['domain']),$filter);
|
||||
}
|
||||
/** @noinspection SuspiciousAssignmentsInspection */
|
||||
$sri = ldap_search($this->ds, $this->user_context, $filter,array('uid','uidNumber','givenname','sn',static::MAIL_ATTR,'shadowExpire','createtimestamp','modifytimestamp','objectclass','gidNumber'));
|
||||
}*/
|
||||
|
||||
if ($param['type'] !== 'groups')
|
||||
{
|
||||
$allValues = $this->vlvSortQuery($this->user_context, $filter,
|
||||
['uid', 'uidNumber', 'givenname', 'sn', static::MAIL_ATTR, 'shadowExpire', 'createtimestamp', 'modifytimestamp', 'objectclass', 'gidNumber'],
|
||||
$order_by, $start, $offset, $totalcount);
|
||||
|
||||
$utc_diff = date('Z');
|
||||
foreach(ldap_get_entries($this->ds, $sri) ?: [] as $allVals)
|
||||
foreach ($allValues ?: [] as $allVals)
|
||||
{
|
||||
$test = @$allVals['uid'][0];
|
||||
$test = $allVals['uid'][0];
|
||||
if (!$this->frontend->config['global_denied_users'][$test] && $allVals['uid'][0])
|
||||
{
|
||||
$account = Array(
|
||||
$account = array(
|
||||
'account_id' => $allVals['uidnumber'][0],
|
||||
'account_lid' => Api\Translation::convert($allVals['uid'][0], 'utf-8'),
|
||||
'account_type' => 'u',
|
||||
@ -841,11 +900,12 @@ class Ldap
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($param['type'] == 'groups' || $param['type'] == 'both')
|
||||
}
|
||||
if ($param['type'] === 'groups' || $param['type'] === 'both')
|
||||
{
|
||||
if(empty($query) || $query === '*')
|
||||
{
|
||||
$filter = "(&(objectclass=posixgroup)$this->group_filter)";
|
||||
$filter = "(&(objectclass=posixgroup)$this->group_filter";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -861,10 +921,16 @@ class Ldap
|
||||
case 'exact':
|
||||
break;
|
||||
}
|
||||
$filter = "(&(objectclass=posixgroup)(cn=$query)$this->group_filter)";
|
||||
$filter = "(&(objectclass=posixgroup)(cn=$query)$this->group_filter";
|
||||
}
|
||||
$sri = ldap_search($this->ds, $this->group_context, $filter,array('cn','gidNumber'));
|
||||
foreach(ldap_get_entries($this->ds, $sri) ?: [] as $allVals)
|
||||
if (!empty($param['modified']))
|
||||
{
|
||||
$filter .= "(modifytimestamp>=".gmdate('YmdHis', $param['modified']).".0Z)";
|
||||
}
|
||||
$filter .= ')';
|
||||
$allValues = $this->vlvSortQuery($this->group_context, $filter, ['cn', 'gidNumber'], $order_by, $start, $offset, $group_total);
|
||||
$totalcount += $group_total;
|
||||
foreach($allValues ?: [] as $allVals)
|
||||
{
|
||||
$test = $allVals['cn'][0];
|
||||
if (!$this->frontend->config['global_denied_groups'][$test] && $allVals['cn'][0])
|
||||
@ -878,7 +944,7 @@ class Ldap
|
||||
'account_status' => 'A',
|
||||
'account_fullname' => Api\Translation::convert($allVals['cn'][0],'utf-8'),
|
||||
);
|
||||
if (isset($totalcount)) ++$totalcount;
|
||||
//if (isset($totalcount)) ++$totalcount;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -905,7 +971,7 @@ class Ldap
|
||||
if(is_numeric($start) && is_numeric($offset))
|
||||
{
|
||||
$account_search[$serial]['total'] = $this->total;
|
||||
return $account_search[$serial]['data'] = isset($totalcount) ? $sortedAccounts : array_slice($sortedAccounts, $start, $offset, true);
|
||||
return $account_search[$serial]['data'] = isset($totalcount) || !isset($start) ? $sortedAccounts : array_slice($sortedAccounts, $start, $offset, true);
|
||||
}
|
||||
return $sortedAccounts;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user