diff --git a/classes/Auth/LDAP.php b/classes/Auth/LDAP.php index f82ee99..8b77320 100644 --- a/classes/Auth/LDAP.php +++ b/classes/Auth/LDAP.php @@ -1,10 +1,13 @@ - - * @copyright (c) 2009 Beau Dacious - * @license http://www.opensource.org/licenses/mit-license.php - */ -class Auth_LDAP extends Kadldap_Auth_LDAP { } \ No newline at end of file + + * @copyright (c) 2009 Beau Dacious + * @license http://www.opensource.org/licenses/mit-license.php + */ +class Auth_LDAP extends Kadldap_Auth_LDAP +{ +} diff --git a/classes/Controller/Kadldap.php b/classes/Controller/Kadldap.php index ccf4627..646df7c 100644 --- a/classes/Controller/Kadldap.php +++ b/classes/Controller/Kadldap.php @@ -1,9 +1,10 @@ - * @copyright (c) 2011 Sam Wilson * @author Github user 'sfroeth' @@ -12,76 +13,65 @@ */ class Controller_Kadldap extends Controller_Userguide { + public function action_index() + { + // Set up template and view + $view = View::factory('kadldap/index'); + $this->template->content = $view; + $this->template->title = 'Kadldap'; + $this->template->menu = ''; + $this->template->breadcrumb = [ + Route::get('docs/guide')->uri() => __('User Guide'), + Route::get('docs/guide')->uri().'/kadldap' => $this->template->title, + 'Configuration Test', + ]; + $view->kadldap = Kadldap::instance(); + $view->message = false; - public function action_index() - { - // Set up template and view - $view = View::factory('kadldap/index'); - $this->template->content = $view; - $this->template->title = 'Kadldap'; - $this->template->menu = ''; - $this->template->breadcrumb = array( - Route::get('docs/guide')->uri() => __('User Guide'), - Route::get('docs/guide')->uri().'/kadldap' => $this->template->title, - 'Configuration Test' - ); - $view->kadldap = Kadldap::instance(); - $view->message = FALSE; - - // Check auth driver - $auth_driver = Kohana::$config->load('auth')->get('driver'); - if ($auth_driver != 'LDAP') - { - $view->message = "Incorrect configuration! Auth driver is set to '$auth_driver', but should be 'LDAP'."; - } - - // Process login - if (isset($_POST['login'])) - { - $post = Validation::factory($_POST) - ->rule('username', 'not_empty') - ->rule('password', 'not_empty'); - if ($post->check()) - { - $username = $post['username']; - $password = arr::get($post, 'password', ''); - try - { - if (Auth::instance()->login($username, $password)) - { - $view->message = 'Successful login.'; - } else - { - $view->message = 'Login failed.'; - } - } catch (\Adldap\Exceptions\AdldapException $e) - { - $view->message = $e->getMessage(); - } - } else - { - $view->message = 'You must enter both your username and password.'; - } - } + // Check auth driver + $auth_driver = Kohana::$config->load('auth')->get('driver'); + if ($auth_driver != 'LDAP') { + $view->message = "Incorrect configuration! Auth driver is set to '$auth_driver', but should be 'LDAP'."; + } - // Get information about the logged-in user - if (Auth::instance()->logged_in()) - { - $username = Auth::instance()->get_user(); - $password = Auth::instance()->password($username); - $view->kadldap->authenticate($username, $password); - $view->userinfo = $view->kadldap->users() - ->find($username) - ->getAttributes(); - } else { - $view->userinfo = NULL; - } - } + // Process login + if (isset($_POST['login'])) { + $post = Validation::factory($_POST) + ->rule('username', 'not_empty') + ->rule('password', 'not_empty'); + if ($post->check()) { + $username = $post['username']; + $password = arr::get($post, 'password', ''); + try { + if (Auth::instance()->login($username, $password)) { + $view->message = 'Successful login.'; + } else { + $view->message = 'Login failed.'; + } + } catch (\Adldap\Exceptions\AdldapException $e) { + $view->message = $e->getMessage(); + } + } else { + $view->message = 'You must enter both your username and password.'; + } + } - public function action_logout() - { - Auth::instance()->logout(); - $this->redirect('kadldap'); - } + // Get information about the logged-in user + if (Auth::instance()->logged_in()) { + $username = Auth::instance()->get_user(); + $password = Auth::instance()->password($username); + $view->kadldap->authenticate($username, $password); + $view->userinfo = $view->kadldap->users() + ->find($username) + ->getAttributes(); + } else { + $view->userinfo = null; + } + } -} \ No newline at end of file + public function action_logout() + { + Auth::instance()->logout(); + $this->redirect('kadldap'); + } +} diff --git a/classes/Kadldap.php b/classes/Kadldap.php index a628778..bc81b0b 100644 --- a/classes/Kadldap.php +++ b/classes/Kadldap.php @@ -1,8 +1,9 @@ - * @copyright (c) 2009 Beau Dacious * @author Sam Wilson @@ -13,70 +14,68 @@ */ class Kadldap { - /** @var \Adldap\Adldap Instance of third-party Adldap library. */ - protected $_adldap; + /** @var \Adldap\Adldap Instance of third-party Adldap library. */ + protected $_adldap; - /** - * Return a singleton instance of Kadldap. - * - * @return Kadldap - */ - public static function instance() - { - static $instance; + /** + * Return a singleton instance of Kadldap. + * + * @return Kadldap + */ + public static function instance() + { + static $instance; - // Load the Kadldap instance - empty($instance) AND $instance = new Kadldap(); + // Load the Kadldap instance + empty($instance) and $instance = new self(); - return $instance; - } + return $instance; + } - /** - * Reads config file and loads third-party adLDAP library. - * - * @return void - */ - public function __construct() - { - /* - * Get and check config. - */ - $config = Kohana::$config->load('kadldap')->kadldap; - if (count($config['domain_controllers'])==0) - { - $message = "No domain controllers provided in Kadldap configuration."; - throw new Kohana_Exception($message); - } + /** + * Reads config file and loads third-party adLDAP library. + * + * @return void + */ + public function __construct() + { + /* + * Get and check config. + */ + $config = Kohana::$config->load('kadldap')->kadldap; + if (count($config['domain_controllers']) == 0) { + $message = 'No domain controllers provided in Kadldap configuration.'; + throw new Kohana_Exception($message); + } - /* - * Include third-party adLDAP library from vendor directory, if it's not - * already autoloaded (via Composer). - */ - if ( ! class_exists('\Adldap\Adldap')) - { - $adldap_file = Kohana::find_file('vendor/Adldap/src', 'Adldap'); - if (!$adldap_file) - { - throw new Kohana_Exception('Unable to find Adldap library.'); - } - require_once $adldap_file; - } + /* + * Include third-party adLDAP library from vendor directory, if it's not + * already autoloaded (via Composer). + */ + if (!class_exists('\Adldap\Adldap')) { + $adldap_file = Kohana::find_file('vendor/Adldap/src', 'Adldap'); + if (!$adldap_file) { + throw new Kohana_Exception('Unable to find Adldap library.'); + } + require_once $adldap_file; + } - /* - * Store instantiation of Adldap library. - */ - $this->_adldap = new \Adldap\Adldap($config); - } + /* + * Store instantiation of Adldap library. + */ + $this->_adldap = new \Adldap\Adldap($config); + } - /** - * Validate a user's login credentials. Wraps [adLDAP::authenticate] so we - * can catch the connection or authentication error. - * - * @param string $username A user's AD username - * @param string $password A user's AD password - * @param bool optional $prevent_rebind - * @return bool - */ + /** + * Validate a user's login credentials. Wraps [adLDAP::authenticate] so we + * can catch the connection or authentication error. + * + * @param string $username A user's AD username + * @param string $password A user's AD password + * @param bool optional $prevent_rebind + * + * @return bool + */ // public function authenticate($username, $password, $prevent_rebind = FALSE) // { // try @@ -88,36 +87,33 @@ public function __construct() // } // } - /** - * Wrapper for all functions in the adLDAP class that have not already been - * wrapped in this class. - * - * @param $name - * @param $arguments - * @return - */ - public function __call($name, $arguments) - { - if ( method_exists($this->_adldap, $name) ) - { - return call_user_func_array(array($this->_adldap, $name), $arguments); - } - else - { - throw new Exception("Method $name does not exist in \Adldap\Adldap."); - } - } - - /** - * Override for adLDAP::user_info() method. Prevents the display of errors - * if the user does not exist. - * - * @see adLDAP::user_info() - */ - /*public function user_info() - { - $args = func_get_args(); - return call_user_func_array(array($this->_adldap, __FUNCTION__), $args); - }*/ + /** + * Wrapper for all functions in the adLDAP class that have not already been + * wrapped in this class. + * + * @param $name + * @param $arguments + * + * @return + */ + public function __call($name, $arguments) + { + if (method_exists($this->_adldap, $name)) { + return call_user_func_array([$this->_adldap, $name], $arguments); + } else { + throw new Exception("Method $name does not exist in \Adldap\Adldap."); + } + } + /* + * Override for adLDAP::user_info() method. Prevents the display of errors + * if the user does not exist. + * + * @see adLDAP::user_info() + */ + /*public function user_info() + { + $args = func_get_args(); + return call_user_func_array(array($this->_adldap, __FUNCTION__), $args); + }*/ } diff --git a/classes/Kadldap/Auth/LDAP.php b/classes/Kadldap/Auth/LDAP.php index b29241a..2aeaf41 100644 --- a/classes/Kadldap/Auth/LDAP.php +++ b/classes/Kadldap/Auth/LDAP.php @@ -1,111 +1,111 @@ * @copyright (c) 2009 Beau Dacious * @license http://www.opensource.org/licenses/mit-license.php */ -class Kadldap_Auth_LDAP extends Auth { +class Kadldap_Auth_LDAP extends Auth +{ + /** @var Kadldap The Kadldap instance. */ + protected $kadldap; - /** @var Kadldap The Kadldap instance. */ - protected $kadldap; + /** @var string The user's password is stored in the session under this key. */ + private $_password_session_suffix = '_kadldap_password'; - /** @var string The user's password is stored in the session under this key. */ - private $_password_session_suffix = '_kadldap_password'; + /** @var array[string] The groups to which the current user belongs. */ + private $_groups; - /** @var array[string] The groups to which the current user belongs. */ - private $_groups; + public function __construct($config = []) + { + $this->kadldap = Kadldap::instance(); + parent::__construct($config); + } - public function __construct($config = array()) - { - $this->kadldap = Kadldap::instance(); - parent::__construct($config); - } + /** + * Defines [Auth::login]. + * + * @param $username + * @param $password + * @param $remember + * + * @return + */ + public function _login($username, $password, $remember) + { + $authenticated = $this->kadldap->authenticate($username, $password, true); + if ($authenticated) { + $this->_session->set($this->_config['session_key'].$this->_password_session_suffix, $password); - /** - * Defines [Auth::login]. - * - * @param $username - * @param $password - * @param $remember - * @return - */ - public function _login($username, $password, $remember) - { - $authenticated = $this->kadldap->authenticate($username, $password, TRUE); - if ($authenticated) - { - $this->_session->set($this->_config['session_key'].$this->_password_session_suffix, $password); - return $this->complete_login($username); - } - return FALSE; - } + return $this->complete_login($username); + } - /** - * Not used, but must be overridden. - * - * @return void - */ - public function check_password($password) - { - - } + return false; + } - public function password($username) - { - return $this->_session->get($this->_config['session_key'].$this->_password_session_suffix); - } + /** + * Not used, but must be overridden. + * + * @return void + */ + public function check_password($password) + { + } - /** - * Check if there is an active session. Optionally allows checking for a - * specific role (or 'group', in LDAP parlance). - * - * @param string $role Role name - * @return mixed - */ - public function logged_in($role = NULL) - { - $logged_in = parent::logged_in($role); + public function password($username) + { + return $this->_session->get($this->_config['session_key'].$this->_password_session_suffix); + } - // If no role requested, or not logged in, don't check for role/group - // membership. - if ($role == NULL OR ! $logged_in) - { - return $logged_in; - } else - { - // If a role is being checked, first find this user's groups, - // and then see if the requested role is in them. - if ( ! is_array($this->_groups)) - { - $this->_groups = $this->get_roles(); - } - return in_array($role, $this->_groups); - } - } + /** + * Check if there is an active session. Optionally allows checking for a + * specific role (or 'group', in LDAP parlance). + * + * @param string $role Role name + * + * @return mixed + */ + public function logged_in($role = null) + { + $logged_in = parent::logged_in($role); - /** - * Get list of all roles that the current user holds (i.e. LDAP groups - * of which they are a member). - * - * @uses Adldap\Models\User::getGroups() - * @return string[] - */ - public function get_roles() - { - $username = $this->get_user(); - $this->kadldap->authenticate($username, $this->password($username)); - $user = $this->kadldap->users()->find($username); - $groups = array(); - foreach ($user->getGroups() as $group) { - $groups[$group->getCommonName()] = $group->getCommonName(); - } - return $groups; - } + // If no role requested, or not logged in, don't check for role/group + // membership. + if ($role == null or !$logged_in) { + return $logged_in; + } else { + // If a role is being checked, first find this user's groups, + // and then see if the requested role is in them. + if (!is_array($this->_groups)) { + $this->_groups = $this->get_roles(); + } + return in_array($role, $this->_groups); + } + } + + /** + * Get list of all roles that the current user holds (i.e. LDAP groups + * of which they are a member). + * + * @uses Adldap\Models\User::getGroups() + * + * @return string[] + */ + public function get_roles() + { + $username = $this->get_user(); + $this->kadldap->authenticate($username, $this->password($username)); + $user = $this->kadldap->users()->find($username); + $groups = []; + foreach ($user->getGroups() as $group) { + $groups[$group->getCommonName()] = $group->getCommonName(); + } + + return $groups; + } } diff --git a/classes/Kadldap/SimpleLDAPResult.php b/classes/Kadldap/SimpleLDAPResult.php index d10f1de..09592e5 100644 --- a/classes/Kadldap/SimpleLDAPResult.php +++ b/classes/Kadldap/SimpleLDAPResult.php @@ -1,146 +1,138 @@ * @copyright (c) 2009 Beau Dacious * @license http://www.opensource.org/licenses/mit-license.php */ -class Kadldap_SimpleLDAPResult implements Iterator, ArrayAccess, Countable { - - /** - * Tracks the current position for iterator methods - */ - protected $position = 0; - protected $positions; - - /** - * The adLDAP result after being processed by the constructor - * @var array - */ - protected $result; - - /** - * Constructor - * - * Refactors the adLDAP result array into a structure that is easier to use - * - * @param array $result the result array from adLDAP - */ - public function __construct($result) - { - if ( is_array($result) ) - { - if ( $result['count'] == 1 && is_array($result[0]) ) - { - $result = $result[0]; - } - - unset($result['count']); - - foreach ( $result as $key => $value ) - { - if ( is_numeric($key) && is_string($value) ) - { - if ( array_key_exists($value, $result) ) - { - $this->positions[$key] = $value; - unset($result[$key]); - } - } - } - - $this->result = $result; - } - } - - public function __get($name) - { - return new SimpleADResult($this->result[$name]); - } - - public function __toString() - { - if ( is_string($this->result[0]) ) - { - return $this->result[0]; - } - } +class Kadldap_SimpleLDAPResult implements Iterator, ArrayAccess, Countable +{ + /** + * Tracks the current position for iterator methods. + */ + protected $position = 0; + protected $positions; + + /** + * The adLDAP result after being processed by the constructor. + * + * @var array + */ + protected $result; + + /** + * Constructor. + * + * Refactors the adLDAP result array into a structure that is easier to use + * + * @param array $result the result array from adLDAP + */ + public function __construct($result) + { + if (is_array($result)) { + if ($result['count'] == 1 && is_array($result[0])) { + $result = $result[0]; + } + + unset($result['count']); + + foreach ($result as $key => $value) { + if (is_numeric($key) && is_string($value)) { + if (array_key_exists($value, $result)) { + $this->positions[$key] = $value; + unset($result[$key]); + } + } + } + + $this->result = $result; + } + } + + public function __get($name) + { + return new SimpleADResult($this->result[$name]); + } + + public function __toString() + { + if (is_string($this->result[0])) { + return $this->result[0]; + } + } /* ---------------------------------------------------------------------------- - Iterator Methods + Iterator Methods ---------------------------------------------------------------------------- */ - public function current() - { - $position = empty($this->positions) ? $this->position : $this->positions[$this->position]; - return $this->result[$position]; - } - - public function key() - { - return empty($this->positions) ? $this->position : $this->positions[$this->position];; - } - - public function next() - { - $this->position++; - } - - public function rewind() - { - $this->position = 0; - } - - public function valid() - { - if ( empty($this->positions) ) - { - return array_key_exists($this->position, $this->result); - } - else - { - return array_key_exists($this->position, $this->positions); - } - } + public function current() + { + $position = empty($this->positions) ? $this->position : $this->positions[$this->position]; + + return $this->result[$position]; + } + + public function key() + { + return empty($this->positions) ? $this->position : $this->positions[$this->position]; + } + + public function next() + { + $this->position++; + } + + public function rewind() + { + $this->position = 0; + } + + public function valid() + { + if (empty($this->positions)) { + return array_key_exists($this->position, $this->result); + } else { + return array_key_exists($this->position, $this->positions); + } + } /* ---------------------------------------------------------------------------- - ArrayAccess Methods + ArrayAccess Methods ---------------------------------------------------------------------------- */ - public function offsetExists($offset) - { - return array_key_exists($offset, $this->result); - } + public function offsetExists($offset) + { + return array_key_exists($offset, $this->result); + } - public function offsetGet($offset) - { - return $this->{$offset}; - } + public function offsetGet($offset) + { + return $this->{$offset}; + } - public function offsetSet($offset, $value) - { - throw new Exception('Setting of properties is unsupported.'); - } + public function offsetSet($offset, $value) + { + throw new Exception('Setting of properties is unsupported.'); + } - public function offsetUnset($offset) - { - throw new Exception('Unsetting of properties is unsupported.'); - } + public function offsetUnset($offset) + { + throw new Exception('Unsetting of properties is unsupported.'); + } /* ---------------------------------------------------------------------------- - Countable Methods + Countable Methods ---------------------------------------------------------------------------- */ - public function count() - { - return count($this->result); - } - + public function count() + { + return count($this->result); + } } diff --git a/classes/Model/LDAP.php b/classes/Model/LDAP.php index 6f2342e..6bc9aa7 100644 --- a/classes/Model/LDAP.php +++ b/classes/Model/LDAP.php @@ -1,27 +1,28 @@ - * @copyright (c) 2009 Beau Dacious * @license http://www.opensource.org/licenses/mit-license.php */ -class Model_LDAP { - - protected $ldap; - - protected $loaded = FALSE; +class Model_LDAP +{ + protected $ldap; - public function __construct() - { - $this->ldap = Kadldap::instance(); - } + protected $loaded = false; - public function is_loaded() - { - return $this->loaded; - } + public function __construct() + { + $this->ldap = Kadldap::instance(); + } + public function is_loaded() + { + return $this->loaded; + } } diff --git a/classes/Model/LDAPGroup.php b/classes/Model/LDAPGroup.php index 435c983..009ce45 100644 --- a/classes/Model/LDAPGroup.php +++ b/classes/Model/LDAPGroup.php @@ -1,135 +1,118 @@ - * @copyright (c) 2009 Beau Dacious * @license http://www.opensource.org/licenses/mit-license.php */ class Model_LDAPGroup extends Model_LDAP { - - protected $groupinfo = array(); - - public static function factory($groupname = NULL) - { - $group = new Model_LDAPGroup; - - if ( NULL !== $groupname ) - { - $group->get($groupname); - } - - return $group; - } - - public function __get($name) - { - if ( array_key_exists($name, $this->groupinfo) ) - { - $value = $this->groupinfo[$name]; - - if ( is_array($value) ) - { - if ( array_key_exists('count', $value) ) - { - unset($value['count']); - } - - $value = ( count($value) == 1 ) ? reset($value) : $value; - } - - return $value; - } - } - - public function get($group) - { - $groupinfo = $this->ldap->group_info($group); - - if ( ! is_array($groupinfo) || $groupinfo['count'] == 0 ) - { - return FALSE; - } - - // Let's tidy up this array real quick... - - $groupinfo = $groupinfo[0]; // Don't need that anymore... - - foreach ( $groupinfo as $key => $value ) - { - if ( $key == 'count' || ( is_numeric($key) && array_key_exists($value, $groupinfo) ) ) - { - unset($groupinfo[$key]); - } - } - - $this->groupinfo = $groupinfo; - $this->loaded = TRUE; - - return $this; // method chaining - } - - public function has_member($user) - { - // user model - if ( $user instanceof LDAP_User_Model ) - { - return in_array($user->dn, $this->groupinfo['member']); - } - - // dn - if ( in_array($user, $this->groupinfo['member']) ) - { - return TRUE; - } - - // display name - foreach ( $this->groupinfo['member'] as $value ) - { - if ( preg_match("/^CN={$user}/", $value) > 0 ) - { - return TRUE; - } - } - - // samaccountname - $ldap_user = new Model_LDAPUser; - $ldap_user->get($user); - - if ( $this->has_member($ldap_user) ) - { - return TRUE; - } - - return FALSE; - } - - public function is_member_of($group) - { - // group model - if ( $group instanceof Model_LDAPGroup ) - { - return in_array($group->dn, $this->groupinfo['memberof']); - } - - // dn - if ( in_array($group, $this->groupinfo['memberof']) ) - { - return TRUE; - } - - // simple name - foreach ( $this->groupinfo['memberof'] as $value ) - { - if ( preg_match("/^CN={$group}/", $value) > 0 ) - { - return TRUE; - } - } - - return FALSE; - } - + protected $groupinfo = []; + + public static function factory($groupname = null) + { + $group = new self(); + + if (null !== $groupname) { + $group->get($groupname); + } + + return $group; + } + + public function __get($name) + { + if (array_key_exists($name, $this->groupinfo)) { + $value = $this->groupinfo[$name]; + + if (is_array($value)) { + if (array_key_exists('count', $value)) { + unset($value['count']); + } + + $value = (count($value) == 1) ? reset($value) : $value; + } + + return $value; + } + } + + public function get($group) + { + $groupinfo = $this->ldap->group_info($group); + + if (!is_array($groupinfo) || $groupinfo['count'] == 0) { + return false; + } + + // Let's tidy up this array real quick... + + $groupinfo = $groupinfo[0]; // Don't need that anymore... + + foreach ($groupinfo as $key => $value) { + if ($key == 'count' || (is_numeric($key) && array_key_exists($value, $groupinfo))) { + unset($groupinfo[$key]); + } + } + + $this->groupinfo = $groupinfo; + $this->loaded = true; + + return $this; // method chaining + } + + public function has_member($user) + { + // user model + if ($user instanceof LDAP_User_Model) { + return in_array($user->dn, $this->groupinfo['member']); + } + + // dn + if (in_array($user, $this->groupinfo['member'])) { + return true; + } + + // display name + foreach ($this->groupinfo['member'] as $value) { + if (preg_match("/^CN={$user}/", $value) > 0) { + return true; + } + } + + // samaccountname + $ldap_user = new Model_LDAPUser(); + $ldap_user->get($user); + + if ($this->has_member($ldap_user)) { + return true; + } + + return false; + } + + public function is_member_of($group) + { + // group model + if ($group instanceof self) { + return in_array($group->dn, $this->groupinfo['memberof']); + } + + // dn + if (in_array($group, $this->groupinfo['memberof'])) { + return true; + } + + // simple name + foreach ($this->groupinfo['memberof'] as $value) { + if (preg_match("/^CN={$group}/", $value) > 0) { + return true; + } + } + + return false; + } } diff --git a/classes/Model/LDAPUser.php b/classes/Model/LDAPUser.php index fcf9a8a..0017b40 100644 --- a/classes/Model/LDAPUser.php +++ b/classes/Model/LDAPUser.php @@ -1,100 +1,88 @@ - * @copyright (c) 2009 Beau Dacious * @license http://www.opensource.org/licenses/mit-license.php */ class Model_LDAPUser extends Model_LDAP { - - protected $userinfo = array(); - - public static function factory($username = NULL) - { - $user = new Model_LDAPUser; - - if ( NULL !== $username ) - { - $user->get($username); - } - - return $user; - } - - public function __get($name) - { - if ( array_key_exists($name, $this->userinfo) ) - { - $value = $this->userinfo[$name]; - - if ( is_array($value) ) - { - if ( array_key_exists('count', $value) ) - { - unset($value['count']); - } - - $value = ( count($value) == 1 ) ? reset($value) : $value; - } - - return $value; - } - } - - public function get($username) - { - $userinfo = $this->ldap->user_info($username); - - if ( ! is_array($userinfo) || $userinfo['count'] == 0 ) - { - return FALSE; - } - - // Let's tidy up this array real quick... - - $userinfo = $userinfo[0]; // Don't need that anymore... - - foreach ( $userinfo as $key => $value ) - { - if ( $key == 'count' || ( is_numeric($key) && array_key_exists($value, $userinfo) ) ) - { - unset($userinfo[$key]); - } - } - - $this->userinfo = $userinfo; - $this->loaded = TRUE; - - return $this; // method chaining - } - - public function is_member_of($group) - { - // group model - if ( $group instanceof Model_LDAPGroup ) - { - return in_array($group->dn, $this->userinfo['memberof']); - } - - // dn - if ( in_array($group, $this->userinfo['memberof']) ) - { - return TRUE; - } - - // simple name - foreach ( $this->userinfo['memberof'] as $value ) - { - if ( preg_match("/^CN={$group}/", $value) > 0 ) - { - return TRUE; - } - } - - return FALSE; - } + protected $userinfo = []; + + public static function factory($username = null) + { + $user = new self(); + + if (null !== $username) { + $user->get($username); + } + + return $user; + } + + public function __get($name) + { + if (array_key_exists($name, $this->userinfo)) { + $value = $this->userinfo[$name]; + + if (is_array($value)) { + if (array_key_exists('count', $value)) { + unset($value['count']); + } + + $value = (count($value) == 1) ? reset($value) : $value; + } + + return $value; + } + } + + public function get($username) + { + $userinfo = $this->ldap->user_info($username); + + if (!is_array($userinfo) || $userinfo['count'] == 0) { + return false; + } + + // Let's tidy up this array real quick... + + $userinfo = $userinfo[0]; // Don't need that anymore... + + foreach ($userinfo as $key => $value) { + if ($key == 'count' || (is_numeric($key) && array_key_exists($value, $userinfo))) { + unset($userinfo[$key]); + } + } + + $this->userinfo = $userinfo; + $this->loaded = true; + + return $this; // method chaining + } + + public function is_member_of($group) + { + // group model + if ($group instanceof Model_LDAPGroup) { + return in_array($group->dn, $this->userinfo['memberof']); + } + + // dn + if (in_array($group, $this->userinfo['memberof'])) { + return true; + } + + // simple name + foreach ($this->userinfo['memberof'] as $value) { + if (preg_match("/^CN={$group}/", $value) > 0) { + return true; + } + } + return false; + } } diff --git a/config/kadldap.php b/config/kadldap.php index d0876ad..9d4b4eb 100644 --- a/config/kadldap.php +++ b/config/kadldap.php @@ -1,5 +1,7 @@ - @@ -7,12 +9,12 @@ * @copyright (c) 2009 Beau Dacious * @license http://www.opensource.org/licenses/mit-license.php */ -return array( - 'kadldap' => array( - 'domain_controllers' => array(), // array('dc.example.com','dc1.example.com') - 'account_suffix' => '', // '@example.com' - 'base_dn' => '', // 'dc=example,dc=com', - 'admin_username' => NULL, - 'admin_password' => NULL - ) -); +return [ + 'kadldap' => [ + 'domain_controllers' => [], // array('dc.example.com','dc1.example.com') + 'account_suffix' => '', // '@example.com' + 'base_dn' => '', // 'dc=example,dc=com', + 'admin_username' => null, + 'admin_password' => null, + ], +]; diff --git a/config/userguide.php b/config/userguide.php index dbc9cf0..d1a8aea 100644 --- a/config/userguide.php +++ b/config/userguide.php @@ -1,25 +1,26 @@ - array( - - // This should be the path to this modules userguide pages, without the 'guide/'. Ex: '/guide/modulename/' would be 'modulename' - 'kadldap' => array( - 'enabled' => TRUE, - 'name' => 'Kadldap', - 'description' => 'Active Directory and LDAP authentication.', - 'copyright' => - HTML::mailto('dacious.beau@gmail.com', 'Beau Dacious').', ' - .HTML::mailto('sam@samwilson.id.au', 'Sam Wilson').' and ' - .HTML::anchor('http://github.com/sfroeth', 'sfroeth') - ) - ) -); \ No newline at end of file + [ + + // This should be the path to this modules userguide pages, without the 'guide/'. Ex: '/guide/modulename/' would be 'modulename' + 'kadldap' => [ + 'enabled' => true, + 'name' => 'Kadldap', + 'description' => 'Active Directory and LDAP authentication.', + 'copyright' => HTML::mailto('dacious.beau@gmail.com', 'Beau Dacious').', ' + .HTML::mailto('sam@samwilson.id.au', 'Sam Wilson').' and ' + .HTML::anchor('http://github.com/sfroeth', 'sfroeth'), + ], + ], +]; diff --git a/init.php b/init.php index bf1d168..94267e1 100644 --- a/init.php +++ b/init.php @@ -1,8 +1,10 @@ -)') - ->defaults(array( - 'controller' => 'Kadldap', - 'action' => 'index', - )); + ->defaults([ + 'controller' => 'Kadldap', + 'action' => 'index', + ]); diff --git a/views/kadldap/index.php b/views/kadldap/index.php index 97a29bd..a82e491 100644 --- a/views/kadldap/index.php +++ b/views/kadldap/index.php @@ -3,7 +3,9 @@

Kadldap Configuration & Connection Test

Here you can test your Kadldap configuration.

-'.$message.'

' ?> +'.$message.'

'; +} ?> logged_in()): ?>