diff options
| author | Adrian Lang <lang@cosmocode.de> | 2010-07-05 15:43:53 +0200 |
|---|---|---|
| committer | Adrian Lang <lang@cosmocode.de> | 2010-07-05 15:44:54 +0200 |
| commit | 47fecefedeb5e1069db2bbc0ce312c9522fd5a62 (patch) | |
| tree | eefc5c37a57fa39c584ce6e60932b50bc865a1c2 /inc/auth | |
| parent | 8d9e6ae7b19a9971ec0d95cc904de6c07e6647dc (diff) | |
| download | rpg-47fecefedeb5e1069db2bbc0ce312c9522fd5a62.tar.gz rpg-47fecefedeb5e1069db2bbc0ce312c9522fd5a62.tar.bz2 | |
Add getUsers capability to LDAP backend
Diffstat (limited to 'inc/auth')
| -rw-r--r-- | inc/auth/ldap.class.php | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/inc/auth/ldap.class.php b/inc/auth/ldap.class.php index e1922ce86..069d0fc92 100644 --- a/inc/auth/ldap.class.php +++ b/inc/auth/ldap.class.php @@ -257,6 +257,58 @@ class auth_ldap extends auth_basic { } /** + * Bulk retrieval of user data + * + * @author Dominik Eckelmann <dokuwiki@cosmocode.de> + * @param start index of first user to be returned + * @param limit max number of users to be returned + * @param filter array of field/pattern pairs, null for no filter + * @return array of userinfo (refer getUserData for internal userinfo details) + */ + function retrieveUsers($start=0,$limit=-1,$filter=array()) { + if(!$this->_openLDAP()) return false; + + if (!isset($this->users)) { + // Perform the search and grab all their details + if(!empty($this->cnf['userfilter'])) { + $filter = str_replace('%{user}', '*', $this->cnf['userfilter']); + } else { + $filter = "(ObjectClass=*)"; + } + $sr=ldap_search($this->con,$this->cnf['usertree'],$filter); + $entries = ldap_get_entries($this->con, $sr); + $users_array = array(); + for ($i=0; $i<$entries["count"]; $i++){ + array_push($users_array, $entries[$i]["uid"][0]); + } + asort($users_array); + $result = $users_array; + if (!$result) return array(); + $this->users = array_fill_keys($result, false); + } + $i = 0; + $count = 0; + $this->_constructPattern($filter); + $result = array(); + + foreach ($this->users as $user => &$info) { + if ($i++ < $start) { + continue; + } + if ($info === false) { + $info = $this->getUserData($user); + } + if ($this->_filter($user, $info)) { + $result[$user] = $info; + if (($limit >= 0) && (++$count >= $limit)) break; + } + } + return $result; + + + } + + /** * Make LDAP filter strings. * * Used by auth_getUserData to make the filter @@ -285,6 +337,32 @@ class auth_ldap extends auth_basic { } /** + * return 1 if $user + $info match $filter criteria, 0 otherwise + * + * @author Chris Smith <chris@jalakai.co.uk> + */ + function _filter($user, $info) { + foreach ($this->_pattern as $item => $pattern) { + if ($item == 'user') { + if (!preg_match($pattern, $user)) return 0; + } else if ($item == 'grps') { + if (!count(preg_grep($pattern, $info['grps']))) return 0; + } else { + if (!preg_match($pattern, $info[$item])) return 0; + } + } + return 1; + } + + function _constructPattern($filter) { + $this->_pattern = array(); + foreach ($filter as $item => $pattern) { +// $this->_pattern[$item] = '/'.preg_quote($pattern,"/").'/i'; // don't allow regex characters + $this->_pattern[$item] = '/'.str_replace('/','\/',$pattern).'/i'; // allow regex characters + } + } + + /** * Escape a string to be used in a LDAP filter * * Ported from Perl's Net::LDAP::Util escape_filter_value @@ -352,6 +430,7 @@ class auth_ldap extends auth_basic { } } + $this->canDo['getUsers'] = true; return true; } |