diff options
Diffstat (limited to 'lib/plugins/authad')
| -rw-r--r-- | lib/plugins/authad/action.php | 2 | ||||
| -rw-r--r-- | lib/plugins/authad/auth.php | 170 | ||||
| -rw-r--r-- | lib/plugins/authad/lang/da/lang.php | 8 | ||||
| -rw-r--r-- | lib/plugins/authad/lang/ru/settings.php | 6 |
4 files changed, 170 insertions, 16 deletions
diff --git a/lib/plugins/authad/action.php b/lib/plugins/authad/action.php index 97be9897e..bc0f90c7e 100644 --- a/lib/plugins/authad/action.php +++ b/lib/plugins/authad/action.php @@ -17,7 +17,7 @@ class action_plugin_authad extends DokuWiki_Action_Plugin { /** * Registers a callback function for a given event */ - public function register(Doku_Event_Handler &$controller) { + public function register(Doku_Event_Handler $controller) { $controller->register_hook('AUTH_LOGIN_CHECK', 'BEFORE', $this, 'handle_auth_login_check'); $controller->register_hook('HTML_LOGINFORM_OUTPUT', 'BEFORE', $this, 'handle_html_loginform_output'); diff --git a/lib/plugins/authad/auth.php b/lib/plugins/authad/auth.php index 88b56046c..400a5efee 100644 --- a/lib/plugins/authad/auth.php +++ b/lib/plugins/authad/auth.php @@ -3,6 +3,7 @@ if(!defined('DOKU_INC')) die(); require_once(DOKU_PLUGIN.'authad/adLDAP/adLDAP.php'); +require_once(DOKU_PLUGIN.'authad/adLDAP/classes/adLDAPUtils.php'); /** * Active Directory authentication backend for DokuWiki @@ -67,6 +68,10 @@ class auth_plugin_authad extends DokuWiki_Auth_Plugin { */ protected $_pattern = array(); + protected $_actualstart = 0; + + protected $_grpsusers = array(); + /** * Constructor */ @@ -116,6 +121,7 @@ class auth_plugin_authad extends DokuWiki_Auth_Plugin { // other can do's are changed in $this->_loadServerConfig() base on domain setup $this->cando['modName'] = true; $this->cando['modMail'] = true; + $this->cando['getUserCount'] = true; } /** @@ -326,14 +332,137 @@ class auth_plugin_authad extends DokuWiki_Auth_Plugin { } /** + * Create a Search-String useable by adLDAPUsers::all($includeDescription = false, $search = "*", $sorted = true) + * + * @param array $filter + * @return string + */ + protected function _constructSearchString($filter){ + if (!$filter){ + return '*'; + } + $adldapUtils = new adLDAPUtils($this->_adldap(null)); + $result = '*'; + if (isset($filter['name'])) { + $result .= ')(displayname=*' . $adldapUtils->ldapSlashes($filter['name']) . '*'; + unset($filter['name']); + } + + if (isset($filter['user'])) { + $result .= ')(samAccountName=*' . $adldapUtils->ldapSlashes($filter['user']) . '*'; + unset($filter['user']); + } + + if (isset($filter['mail'])) { + $result .= ')(mail=*' . $adldapUtils->ldapSlashes($filter['mail']) . '*'; + unset($filter['mail']); + } + return $result; + } + + /** + * Return a count of the number of user which meet $filter criteria + * + * @param array $filter $filter array of field/pattern pairs, empty array for no filter + * @return int number of users + */ + public function getUserCount($filter = array()) { + $adldap = $this->_adldap(null); + if(!$adldap) { + dbglog("authad/auth.php getUserCount(): _adldap not set."); + return -1; + } + if ($filter == array()) { + $result = $adldap->user()->all(); + } else { + $searchString = $this->_constructSearchString($filter); + $result = $adldap->user()->all(false, $searchString); + if (isset($filter['grps'])) { + $this->users = array_fill_keys($result, false); + $usermanager = plugin_load("admin", "usermanager", false); + $usermanager->setLastdisabled(true); + if (!isset($this->_grpsusers[$this->_filterToString($filter)])){ + $this->_fillGroupUserArray($filter,$usermanager->getStart() + 3*$usermanager->getPagesize()); + } elseif (count($this->_grpsusers[$this->_filterToString($filter)]) < $usermanager->getStart() + 3*$usermanager->getPagesize()) { + $this->_fillGroupUserArray($filter,$usermanager->getStart() + 3*$usermanager->getPagesize() - count($this->_grpsusers[$this->_filterToString($filter)])); + } + $result = $this->_grpsusers[$this->_filterToString($filter)]; + } else { + $usermanager = plugin_load("admin", "usermanager", false); + $usermanager->setLastdisabled(false); + } + + } + + if (!$result) { + return 0; + } + return count($result); + } + + /** + * + * create a unique string for each filter used with a group + * + * @param array $filter + * @return string + */ + protected function _filterToString ($filter) { + $result = ''; + if (isset($filter['user'])) { + $result .= 'user-' . $filter['user']; + } + if (isset($filter['name'])) { + $result .= 'name-' . $filter['name']; + } + if (isset($filter['mail'])) { + $result .= 'mail-' . $filter['mail']; + } + if (isset($filter['grps'])) { + $result .= 'grps-' . $filter['grps']; + } + return $result; + } + + /** + * Create an array of $numberOfAdds users passing a certain $filter, including belonging + * to a certain group and save them to a object-wide array. If the array + * already exists try to add $numberOfAdds further users to it. + * + * @param array $filter + * @param int $numberOfAdds additional number of users requested + * @return int number of Users actually add to Array + */ + protected function _fillGroupUserArray($filter, $numberOfAdds){ + $this->_grpsusers[$this->_filterToString($filter)]; + $i = 0; + $count = 0; + $this->_constructPattern($filter); + foreach ($this->users as $user => &$info) { + if($i++ < $this->_actualstart) { + continue; + } + if($info === false) { + $info = $this->getUserData($user); + } + if($this->_filter($user, $info)) { + $this->_grpsusers[$this->_filterToString($filter)][$user] = $info; + if(($numberOfAdds > 0) && (++$count >= $numberOfAdds)) break; + } + } + $this->_actualstart = $i; + return $count; + } + + /** * Bulk retrieval of user data * * @author Dominik Eckelmann <dokuwiki@cosmocode.de> * - * @param int $start index of first user to be returned - * @param int $limit max number of users to be returned - * @param array $filter array of field/pattern pairs, null for no filter - * @return array userinfo (refer getUserData for internal userinfo details) + * @param int $start index of first user to be returned + * @param int $limit max number of users to be returned + * @param array $filter array of field/pattern pairs, null for no filter + * @return array userinfo (refer getUserData for internal userinfo details) */ public function retrieveUsers($start = 0, $limit = 0, $filter = array()) { $adldap = $this->_adldap(null); @@ -341,27 +470,44 @@ class auth_plugin_authad extends DokuWiki_Auth_Plugin { if(!$this->users) { //get info for given user - $result = $adldap->user()->all(); + $result = $adldap->user()->all(false, $this->_constructSearchString($filter)); if (!$result) return array(); $this->users = array_fill_keys($result, false); } $i = 0; $count = 0; - $this->_constructPattern($filter); $result = array(); - foreach($this->users as $user => &$info) { - if($i++ < $start) { - continue; + if (!isset($filter['grps'])) { + $usermanager = plugin_load("admin", "usermanager", false); + $usermanager->setLastdisabled(false); + $this->_constructPattern($filter); + foreach($this->users as $user => &$info) { + if($i++ < $start) { + continue; + } + if($info === false) { + $info = $this->getUserData($user); + } + $result[$user] = $info; + if(($limit > 0) && (++$count >= $limit)) break; } - if($info === false) { - $info = $this->getUserData($user); + } else { + $usermanager = plugin_load("admin", "usermanager", false); + $usermanager->setLastdisabled(true); + if (!isset($this->_grpsusers[$this->_filterToString($filter)]) || count($this->_grpsusers[$this->_filterToString($filter)]) < ($start+$limit)) { + $this->_fillGroupUserArray($filter,$start+$limit - count($this->_grpsusers[$this->_filterToString($filter)]) +1); } - if($this->_filter($user, $info)) { + if (!$this->_grpsusers[$this->_filterToString($filter)]) return false; + foreach($this->_grpsusers[$this->_filterToString($filter)] as $user => &$info) { + if($i++ < $start) { + continue; + } $result[$user] = $info; if(($limit > 0) && (++$count >= $limit)) break; } + } return $result; } diff --git a/lib/plugins/authad/lang/da/lang.php b/lib/plugins/authad/lang/da/lang.php new file mode 100644 index 000000000..8fc7db775 --- /dev/null +++ b/lib/plugins/authad/lang/da/lang.php @@ -0,0 +1,8 @@ +<?php + +/** + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * + * @author Jacob Palm <mail@jacobpalm.dk> + */ +$lang['domain'] = 'Logondomæne'; diff --git a/lib/plugins/authad/lang/ru/settings.php b/lib/plugins/authad/lang/ru/settings.php index 99c916b44..c791bd791 100644 --- a/lib/plugins/authad/lang/ru/settings.php +++ b/lib/plugins/authad/lang/ru/settings.php @@ -19,9 +19,9 @@ $lang['admin_username'] = 'Привилегированный польз $lang['admin_password'] = 'Пароль для указанного пользователя.'; $lang['sso'] = 'Использовать SSO (Single-Sign-On) через Kerberos или NTLM?'; $lang['sso_charset'] = 'Кодировка, в которой веб-сервер передаёт имя пользователя Kerberos или NTLM. Для UTF-8 или latin-1 остаётся пустым. Требует расширение iconv.'; -$lang['real_primarygroup'] = 'Должна ли использоваться настоящая первичная группа вместо "Domain Users" (медленнее)'; +$lang['real_primarygroup'] = 'Должна ли использоваться настоящая первичная группа вместо “Domain Users” (медленнее)'; $lang['use_ssl'] = 'Использовать SSL? Если да, то не включайте TLS.'; $lang['use_tls'] = 'Использовать TLS? Если да, то не включайте SSL.'; $lang['debug'] = 'Выводить дополнительную информацию при ошибках?'; -$lang['expirywarn'] = 'За сколько дней нужно предупреждать пользователя о необходимости изменить пароль. 0 - отключить.'; -$lang['additional'] = 'Дополнительные AD атрибуты, разделённые запятой, для выборки из данных пользователя. Используется некоторыми плагинами.'; +$lang['expirywarn'] = 'За сколько дней нужно предупреждать пользователя о необходимости изменить пароль? Для отключения укажите 0 (ноль).'; +$lang['additional'] = 'Дополнительные AD-атрибуты, разделённые запятой, для выборки из данных пользователя. Используется некоторыми плагинами.'; |