X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Finclude%2Fclass_ldap.inc;h=21fc089307554f4e25d9449088097a3e13ed8ec9;hb=c9bd6c4d92532063a9dd8df3cfd20740d43e5841;hp=1f2baab3e41cfef1fa6d308329bb6b7b27c4fcd6;hpb=a0de0b1a8c3ad3c1b18c57f276c7d8fb65ac0c8c;p=gosa.git diff --git a/gosa-core/include/class_ldap.inc b/gosa-core/include/class_ldap.inc index 1f2baab3e..21fc08930 100644 --- a/gosa-core/include/class_ldap.inc +++ b/gosa-core/include/class_ldap.inc @@ -60,8 +60,8 @@ class LDAP{ $this->hostname=$hostname; /* Check if MAX_LDAP_QUERY_TIME is defined */ - if(is_object($config) && $config->get_cfg_value("ldapMaxQueryTime") != ""){ - $str = $config->get_cfg_value("ldapMaxQueryTime"); + if(is_object($config) && $config->get_cfg_value("core","ldapMaxQueryTime") != ""){ + $str = $config->get_cfg_value("core","ldapMaxQueryTime"); $this->max_ldap_query_time = (float)($str); } @@ -230,7 +230,7 @@ class LDAP{ if($this->max_ldap_query_time){ $diff = microtime(true) - $start; if($diff > $this->max_ldap_query_time){ - msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took about %.2fs!"), $diff), WARNING_DIALOG); + msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took %.2fs!"), $diff), WARNING_DIALOG); } } @@ -263,7 +263,7 @@ class LDAP{ if($this->max_ldap_query_time){ $diff = microtime(true) - $start; if($diff > $this->max_ldap_query_time){ - msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took about %.2fs!"), $diff), WARNING_DIALOG); + msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took %.2fs!"), $diff), WARNING_DIALOG); } } @@ -662,7 +662,8 @@ class LDAP{ } else { $type= preg_replace('/^([^=]+)=.*$/', '\\1', $cdn); - $param= preg_replace('/^[^=]+=([^,]+).*$/', '\\1', $cdn); + $param= LDAP::fix(preg_replace('/^[^=]+=([^,]+).*$/', '\\1', $cdn)); + $param=preg_replace(array('/\\\\,/','/\\\\"/'),array(',','"'),$param); $na= array(); @@ -672,7 +673,7 @@ class LDAP{ /* Get name of first matching objectClass */ $ocname= ""; foreach($classes as $class){ - if (isset($class['MUST']) && $class['MUST'] == "$type"){ + if (isset($class['MUST']) && in_array($type, $class['MUST'])){ /* Look for first classes that is structural... */ if (isset($class['STRUCTURAL'])){ @@ -689,7 +690,7 @@ class LDAP{ /* Bail out, if we've nothing to do... */ if ($ocname == ""){ - msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN '%s': no object class found!"),$type), FATAL_ERROR_DIALOG); + msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN %s: no object class found"), bold($type)), FATAL_ERROR_DIALOG); exit(); } @@ -708,8 +709,11 @@ class LDAP{ $na['objectClass'][]= 'locality'; } $na[$type]= $param; + + // Fill in MUST values - but do not overwrite existing ones. if (is_array($classes[$ocname]['MUST'])){ foreach($classes[$ocname]['MUST'] as $attr){ + if(isset($na[$attr]) && !empty($na[$attr])) continue; $na[$attr]= "filled"; } } @@ -737,7 +741,7 @@ class LDAP{ $na["dc"]= $param; break; default: - msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN '%s': not supported"),$type), FATAL_ERROR_DIALOG); + msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN %s: not supported"), bold($type)), FATAL_ERROR_DIALOG); exit(); } @@ -824,9 +828,9 @@ class LDAP{ } else { $adderror= $this->get_additional_error(); if ($adderror != ""){ - $error= $this->error." (".$this->get_additional_error().", ".sprintf(_("while operating on '%s' using LDAP server '%s'"), $this->basedn, $this->hostname).")"; + $error= $this->error." (".$this->get_additional_error().", ".sprintf(_("while operating on %s using LDAP server %s"), bold($this->basedn), bold($this->hostname)).")"; } else { - $error= $this->error." (".sprintf(_("while operating on LDAP server %s"), $this->hostname).")"; + $error= $this->error." (".sprintf(_("while operating on LDAP server %s"), bold($this->hostname)).")"; } return $error; } @@ -853,27 +857,29 @@ class LDAP{ } - function gen_ldif ($srp, $dn, $filter= "(objectClass=*)", $attributes= array('*'), $recursive= TRUE) + /*! \brief Generates an ldif for all entries matching the filter settings, scope and limit. + * @param $dn The entry to export. + * @param $filter Limit the exported object to those maching this filter. + * @param $attributes Specify the attributes to export here, empty means all. + * @param $scope 'base', 'sub' .. see manpage for 'ldapmodify' for details. + * @param $limit Limits the result. + */ + function generateLdif ($dn, $filter= "(objectClass=*)", $attributes= array(), $scope = 'sub', $limit=0) { - $display= ""; - - if ($recursive){ - $this->cd($dn); - $this->ls($srp, $filter,$dn, array('dn','objectClass')); - $deps = array(); - - $display .= $this->gen_one_entry($dn)."\n"; - - while ($attrs= $this->fetch($srp)){ - $deps[] = $attrs['dn']; - } - foreach($deps as $dn){ - $display .= $this->gen_ldif($srp, $dn, $filter,$attributes,$recursive); - } - } else { - $display.= $this->gen_one_entry($dn); - } - return ($display); + $attrs = (count($attributes))?implode($attributes,' '):''; + $scope = (!empty($scope))?' -s '.$scope: ''; + $limit = (!$limit)?'':' -z '.$limit; + $dn = escapeshellarg($dn); + $admin = escapeshellarg($this->binddn); + $pwd = escapeshellarg($this->bindpw); + $filter = escapeshellarg($filter); + $host = escapeshellarg($this->hostname); + $cmd = "ldapsearch -x -LLLL -D {$admin} -w {$pwd} {$filter} {$limit} {$scope} -H {$host} -b {$dn} $attrs "; + ob_start(); + passthru($cmd); + $res=ob_get_contents(); + ob_end_clean(); + return($res); } @@ -900,57 +906,6 @@ class LDAP{ } - function gen_one_entry($dn, $filter= "(objectClass=*)" , $name= array("*")) - { - $ret = ""; - $data = ""; - if($this->reconnect){ - $this->connect(); - } - - /* Searching Ldap Tree */ - $sr= @ldap_read($this->cid, LDAP::fix($dn), $filter, $name); - - /* Get the first entry */ - $entry= @ldap_first_entry($this->cid, $sr); - - /* Get all attributes related to that Objekt */ - $atts = array(); - - /* Assemble dn */ - $atts[0]['name'] = "dn"; - $atts[0]['value'] = array('count' => 1, 0 => $dn); - - /* Reset index */ - $i = 1 ; - $identifier = array(); - $attribute= @ldap_first_attribute($this->cid,$entry,$identifier); - while ($attribute) { - $i++; - $atts[$i]['name'] = $attribute; - $atts[$i]['value'] = @ldap_get_values_len($this->cid, $entry, "$attribute"); - - /* Next one */ - $attribute= @ldap_next_attribute($this->cid,$entry,$identifier); - } - - foreach($atts as $at) - { - for ($i= 0; $i<$at['value']['count']; $i++){ - - /* Check if we must encode the data */ - if(!preg_match('/^[a-z0-9+@#.=, \/ -]+$/i', $at['value'][$i])) { - $ret .= $at['name'].":: ".base64_encode($at['value'][$i])."\n"; - } else { - $ret .= $at['name'].": ".$at['value'][$i]."\n"; - } - } - } - - return($ret); - } - - function dn_exists($dn) { return @ldap_list($this->cid, LDAP::fix($dn), "(objectClass=*)", array("objectClass")); @@ -1048,7 +1003,7 @@ class LDAP{ /* Every block must begin with a dn */ if($dn != "dn") { - $error= sprintf(_("This is not a valid DN: '%s'. A block for import should begin with 'dn: ...' in line %s"), $line, $current_line); + $error= sprintf(_("Invalid DN %s: block to be imported should start with 'dn: ...' in line %s"), bold($line), bold($current_line)); return -2; } @@ -1077,7 +1032,7 @@ class LDAP{ /* If we can't Import, return with a file error */ if(!$this->import_single_entry($srp, $single,$usemodify,$usermdir) ) { - $error= sprintf(_("Error while importing dn: '%s', please check your LDIF from line %s on!"), $line, + $error= sprintf(_("Error while importing DN %s: please check LDIF from line %s on!"), bold($line), $current_line); return UNKNOWN_TOKEN_IN_LDIF_FILE; } } @@ -1251,7 +1206,7 @@ class LDAP{ /* Only read schema if it is allowed */ if(isset($config) && preg_match("/config/i",get_class($config))){ - if ($config->get_cfg_value("schemaCheck") != "true"){ + if ($config->get_cfg_value("core","schemaCheck") != "true"){ return($objectclasses); } } @@ -1294,7 +1249,11 @@ class LDAP{ break; case ')': if ($name != ""){ - $objectclasses[$ocname][$name]= $this->value2container($value); + $v = $this->value2container($value); + if(in_array($name, array('MUST', 'MAY')) && !is_array($v)){ + $v = array($v); + } + $objectclasses[$ocname][$name]= $v; } $name= ""; $value= ""; @@ -1309,7 +1268,11 @@ class LDAP{ case 'MUST': case 'MAY': if ($name != ""){ - $objectclasses[$ocname][$name]= $this->value2container($value); + $v = $this->value2container($value); + if(in_array($name, array('MUST', 'MAY')) && !is_array($v)){ + $v = array($v); + } + $objectclasses[$ocname][$name]= $v; } $name= $chunk; $value= "";