![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index 3636af9f33a55dff40a2ad7cad6006d1794006f6..4fa1e2a2012e7bb459e154faa62ebd28e477b1ca 100644 (file)
class filterLDAP {
- static function query($base, $scope, $filter, $attributes, $category, $objectStorage= "")
+ static function query($parent,$base, $scope, $filter, $attributes, $category, $objectStorage= array(""))
{
$config= session::global_get('config');
$ldap= $config->get_ldap_link(TRUE);
$flag= ($scope == "sub")?GL_SUBSEARCH:0;
- $result= filterLDAP::get_list($base, $filter, $attributes, $category, $objectStorage, $flag | GL_SIZELIMIT);
+ $result= filterLDAP::get_list($parent,$base, $filter, $attributes, $category, $objectStorage, $flag | GL_SIZELIMIT);
return $result;
}
- static function get_list($base, $filter, $attributes, $category, $objectStorage, $flags= GL_SUBSEARCH)
+ static function get_list($parent,$base, $filter, $attributes, $category, $objectStorage, $flags= GL_SUBSEARCH)
{
$ui= session::global_get('ui');
$config= session::global_get('config');
if (!is_array($category)) {
$category= array($category);
}
- if (!is_array($objectStorage)) {
- $objectStorage= array($objectStorage);
- }
+
+ // Store in base - i.e. is a rdn value empty?
+ $storeOnBase= count($objectStorage) == 1 && empty($objectStorage[0]);
+
+ $method= ($storeOnBase && !($flags & GL_SUBSEARCH))?"ls":"search";
// Initialize search bases
$bases= array();
// Get list of sub bases to search on
- foreach ($objectStorage as $oc) {
- $oc= preg_replace('/,$/', '', $oc);
- $tmp= split(',', $oc);
- if (count($tmp) == 1) {
- preg_match('/([^=]+)=(.*)$/', $oc, $m);
- if ($flags & GL_SUBSEARCH) {
- $bases[$base][]= $m[1].":dn:=".$m[2];
- } else {
- $bases["$oc,$base"][]= $m[1].":dn:=".$m[2];
- }
- } else {
- // No, there's no \, in pre defined RDN values
- preg_match('/^([^,]+),(.*)$/', $oc, $matches);
- preg_match('/([^=]+)=(.*)$/', $matches[1], $m);
- if ($flags & GL_SUBSEARCH) {
- $bases[$base][]= $m[1].":dn:=".$m[2];
+ if ($storeOnBase) {
+ $bases[$base]= "";
+ } else {
+ foreach ($objectStorage as $oc) {
+ $oc= preg_replace('/,$/', '', $oc);
+ $tmp= explode(',', $oc);
+ if (count($tmp) == 1) {
+ preg_match('/([^=]+)=(.*)$/', $oc, $m);
+ if ($flags & GL_SUBSEARCH) {
+ $bases[$base][]= $m[1].":dn:=".$m[2];
+ } else {
+ $bases["$oc,$base"][]= $m[1].":dn:=".$m[2];
+ }
} else {
- $bases[$matches[2].",$base"][]= $m[1].":dn:=".$m[2];
+ // No, there's no \, in pre defined RDN values
+ preg_match('/^([^,]+),(.*)$/', $oc, $matches);
+ preg_match('/([^=]+)=(.*)$/', $matches[1], $m);
+ if ($flags & GL_SUBSEARCH) {
+ $bases[$base][]= $m[1].":dn:=".$m[2];
+ } else {
+ $bases[$matches[2].",$base"][]= $m[1].":dn:=".$m[2];
+ }
}
}
}
}
// Switch to new base and search
+ if (is_array($dnFilters)){
+ $dnFilter= "(|";
+ foreach ($dnFilters as $df) {
+ $dnFilter.= "($df)";
+ }
+ $dnFilter.= ")";
+ } else {
+ $dnFilter= "";
+ }
$ldap->cd($base);
- $dnFilter= "(|";
- foreach ($dnFilters as $df) {
- $dnFilter.= "($df)";
+ if ($method == "ls") {
+ $ldap->ls("(&$filter$dnFilter)", $base, $attributes);
+ } else {
+ $ldap->search("(&$filter$dnFilter)", $attributes);
}
- $dnFilter.= ")";
- $ldap->search ("(&$filter$dnFilter)", $attributes);
// Check for size limit exceeded messages for GUI feedback
if (preg_match("/size limit/i", $ldap->get_error())){
$result[]= $attrs;
}else{
- /* Sort in every value that fits the permissions */
- foreach ($category as $o){
- if((preg_match("/\//",$o) && preg_match("/r/",$ui->get_permissions($dn,$o))) ||
- (!preg_match("/\//",$o) && preg_match("/r/",$ui->get_category_permissions($dn, $o)))){
+ // Check entry permission
+ $obj = $parent->headpage->getObjectType($parent->headpage->objectTypes, $attrs['objectClass']);
+ if(isset($obj['category'])){
+ $o = $obj['category']."/".$obj['class'];
+ if(preg_match("/r/",$ui->get_permissions($dn,$o))){
$result[]= $attrs;
- break;
}
+ }else{
+ //trigger_error("Invalid objectType given, please check listing.xml '{$dn}'!");
}
}
}