diff --git a/htdocs/admin/ldap.php b/htdocs/admin/ldap.php index bfccacc40ac..fadde40dbed 100644 --- a/htdocs/admin/ldap.php +++ b/htdocs/admin/ldap.php @@ -92,7 +92,6 @@ if (! function_exists("ldap_connect")) setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors'); } -dol_fiche_head($head, 'ldap', $langs->trans("LDAPSetup")); $var=true; $form=new Form($db); @@ -101,6 +100,8 @@ $form=new Form($db); print '
'; print ''; +dol_fiche_head($head, 'ldap', $langs->trans("LDAPSetup")); + print ''; // Liste de synchro actives @@ -135,7 +136,7 @@ if (! empty($conf->societe->enabled)) print ''; } -// Synchro adherentt active +// Synchro member active if (! empty($conf->adherent->enabled)) { $var=!$var; @@ -143,6 +144,7 @@ if (! empty($conf->adherent->enabled)) $arraylist=array(); $arraylist['0']=$langs->trans("No"); $arraylist['1']=$langs->trans("DolibarrToLDAP"); + $arraylist['ldap2dolibarr']=$langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')'; print $form->selectarray('activemembers',$arraylist,$conf->global->LDAP_MEMBER_ACTIVE); print ''; } @@ -239,12 +241,12 @@ print ''; print '
'.$langs->trans("LDAPDnContactActiveExample").'
'.$langs->trans("LDAPDnMemberActiveExample").'
secret
'; +dol_fiche_end(); + print '
'; print '
'; -print ''; - print '
'; diff --git a/htdocs/admin/ldap_contacts.php b/htdocs/admin/ldap_contacts.php index 3af47f46aac..56b755bf64a 100644 --- a/htdocs/admin/ldap_contacts.php +++ b/htdocs/admin/ldap_contacts.php @@ -92,6 +92,8 @@ if ($action == 'setvalue' && $user->admin) * View */ +$form=new Form($db); + llxHeader('',$langs->trans("LDAPSetup"),'EN:Module_LDAP_En|FR:Module_LDAP|ES:Módulo_LDAP'); $linkback=''.$langs->trans("BackToModuleList").''; @@ -114,8 +116,6 @@ print '
'; print '
'; print ''; -$form=new Form($db); - print ''; $var=true; @@ -263,16 +263,16 @@ print ''; print '"; print ''; - -$var=!$var; -print ''; print '
 global->LDAP_KEY_CONTACTS && $conf->global->LDAP_KEY_CONTACTS==$conf->global->LDAP_CONTACT_FIELD_COUNTRY?' checked':'').">
'; +print info_admin($langs->trans("LDAPDescValues")); + +dol_fiche_end(); + +print '
'; + print '
'; -print ''; - -print info_admin($langs->trans("LDAPDescValues")); /* * Test de la connexion diff --git a/htdocs/admin/ldap_groups.php b/htdocs/admin/ldap_groups.php index bba8f2109a3..20b94023358 100644 --- a/htdocs/admin/ldap_groups.php +++ b/htdocs/admin/ldap_groups.php @@ -177,16 +177,16 @@ print ''.$langs->trans("LDAPFieldGroupMembersExample").''; print 'global->LDAP_KEY_GROUPS && $conf->global->LDAP_KEY_GROUPS==$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS)?' checked':'').">"; print ''; - -$var=!$var; -print ''; print ''; +print info_admin($langs->trans("LDAPDescValues")); + +dol_fiche_end(); + +print '
'; + print ''; -print ''; - -print info_admin($langs->trans("LDAPDescValues")); /* * Test de la connexion diff --git a/htdocs/admin/ldap_members.php b/htdocs/admin/ldap_members.php index bd9eda149b4..52117961b54 100644 --- a/htdocs/admin/ldap_members.php +++ b/htdocs/admin/ldap_members.php @@ -53,6 +53,7 @@ if ($action == 'setvalue' && $user->admin) if (! dolibarr_set_const($db, 'LDAP_MEMBER_DN',GETPOST("user"),'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_MEMBER_OBJECT_CLASS',GETPOST("objectclass"),'chaine',0,'',$conf->entity)) $error++; + if (! dolibarr_set_const($db, 'LDAP_MEMBER_FILTER',GETPOST("filterconnection"),'chaine',0,'',$conf->entity)) $error++; // Members if (! dolibarr_set_const($db, 'LDAP_MEMBER_FIELD_FULLNAME',GETPOST("fieldfullname"),'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_MEMBER_FIELD_LOGIN',GETPOST("fieldlogin"),'chaine',0,'',$conf->entity)) $error++; @@ -107,6 +108,8 @@ if ($action == 'setvalue' && $user->admin) * View */ +$form=new Form($db); + llxHeader('',$langs->trans("LDAPSetup"),'EN:Module_LDAP_En|FR:Module_LDAP|ES:Módulo_LDAP'); $linkback=''.$langs->trans("BackToModuleList").''; @@ -120,6 +123,9 @@ if (! function_exists("ldap_connect")) setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors'); } +print '
'; +print ''; + dol_fiche_head($head, 'members', $langs->trans("LDAPSetup")); @@ -127,11 +133,6 @@ print $langs->trans("LDAPDescMembers").'
'; print '
'; -print ''; -print ''; - -$form=new Form($db); - print ''; $var=true; @@ -156,6 +157,14 @@ print ''; print ''; print ''; +// Filter, used to filter search +$var=!$var; +print ''; +print ''; +print ''; + print '
'.$langs->trans("LDAPMemberObjectClassListExample").' 
'.$langs->trans("LDAPFilterConnection").''; +print ''; +print ''.$langs->trans("LDAPFilterConnectionExample").'
'; print '
'; print ''; @@ -377,15 +386,16 @@ print ''; print ''; print ''; -$var=!$var; -print ''; print '
  
'; +print info_admin($langs->trans("LDAPDescValues")); + +dol_fiche_end(); + +print '
'; + print '
'; -print ''; - -print info_admin($langs->trans("LDAPDescValues")); /* @@ -454,6 +464,7 @@ if (function_exists("ldap_connect")) } -$db->close(); llxFooter(); + +$db->close(); diff --git a/htdocs/admin/ldap_users.php b/htdocs/admin/ldap_users.php index 76d3bb9dfd0..70a94e5817a 100644 --- a/htdocs/admin/ldap_users.php +++ b/htdocs/admin/ldap_users.php @@ -63,7 +63,7 @@ if ($action == 'setvalue' && $user->admin) if (! dolibarr_set_const($db, 'LDAP_FIELD_MAIL',GETPOST("fieldmail"),'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_FIELD_PHONE',GETPOST("fieldphone"),'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_FIELD_MOBILE',GETPOST("fieldmobile"),'chaine',0,'',$conf->entity)) $error++; - if (! dolibarr_set_const($db, 'LDAP_FIELD_SKYPE',GETPOST("fieldskype"),'chaine',0,'',$conf->entity)) $error++; + if (! dolibarr_set_const($db, 'LDAP_FIELD_SKYPE',GETPOST("fieldskype"),'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_FIELD_FAX',GETPOST("fieldfax"),'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_FIELD_DESCRIPTION',GETPOST("fielddescription"),'chaine',0,'',$conf->entity)) $error++; if (! dolibarr_set_const($db, 'LDAP_FIELD_SID',GETPOST("fieldsid"),'chaine',0,'',$conf->entity)) $error++; @@ -93,6 +93,8 @@ if ($action == 'setvalue' && $user->admin) * Visu */ +$form=new Form($db); + llxHeader('',$langs->trans("LDAPSetup"),'EN:Module_LDAP_En|FR:Module_LDAP|ES:Módulo_LDAP'); $linkback=''.$langs->trans("BackToModuleList").''; @@ -106,18 +108,19 @@ if (! function_exists("ldap_connect")) setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors'); } + +print '
'; +print ''; + + dol_fiche_head($head, 'users', $langs->trans("LDAPSetup")); print $langs->trans("LDAPDescUsers").'
'; print '
'; -print ''; -print ''; -$form=new Form($db); - print ''; $var=true; @@ -141,8 +144,7 @@ print ''; print ''; print ''; -// Filtre -//Utilise pour filtrer la recherche +// Filter, used to filter search $var=!$var; print ''; print '"; print ''; -$var=!$var; -print ''; print '
'.$langs->trans("LDAPUserObjectClassListExample").' 
'.$langs->trans("LDAPFilterConnection").''; print ''; @@ -281,16 +283,16 @@ print ''.$langs->trans("LDAPFieldSidExample").'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS==$conf->global->LDAP_FIELD_SID)?' checked':'').">
'; -print '
'; - -print ''; - print info_admin($langs->trans("LDAPDescValues")); +dol_fiche_end(); + +print '
'; + +print ''; + /* * Test de la connexion @@ -392,7 +394,7 @@ if (function_exists("ldap_connect")) $conf->global->LDAP_FIELD_PASSWORD_CRYPTED, $conf->global->LDAP_FIELD_PHONE, $conf->global->LDAP_FIELD_FAX, - $conf->global->LDAP_FIELD_SKYPE, + $conf->global->LDAP_FIELD_SKYPE, $conf->global->LDAP_FIELD_MOBILE, $conf->global->LDAP_FIELD_MAIL, $conf->global->LDAP_FIELD_TITLE, diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php index 400eb934e26..c081ed34a96 100644 --- a/htdocs/core/class/ldap.class.php +++ b/htdocs/core/class/ldap.class.php @@ -108,7 +108,7 @@ class Ldap { global $conf; - //Server + // Server if (! empty($conf->global->LDAP_SERVER_HOST)) $this->server[] = $conf->global->LDAP_SERVER_HOST; if (! empty($conf->global->LDAP_SERVER_HOST_SLAVE)) $this->server[] = $conf->global->LDAP_SERVER_HOST_SLAVE; $this->serverPort = $conf->global->LDAP_SERVER_PORT; @@ -120,9 +120,11 @@ class Ldap $this->searchPassword = $conf->global->LDAP_ADMIN_PASS; $this->people = $conf->global->LDAP_USER_DN; $this->groups = $conf->global->LDAP_GROUP_DN; - $this->filter = $conf->global->LDAP_FILTER_CONNECTION; - //Users + $this->filter = $conf->global->LDAP_FILTER_CONNECTION; // Filter on user + $this->filtermember = $conf->global->LDAP_MEMBER_FILTER; // Filter on member + + // Users $this->attr_login = $conf->global->LDAP_FIELD_LOGIN; //unix $this->attr_sambalogin = $conf->global->LDAP_FIELD_LOGIN_SAMBA; //samba, activedirectory $this->attr_name = $conf->global->LDAP_FIELD_NAME; @@ -891,14 +893,14 @@ class Ldap } /** - * Returns an array containing a details of elements + * Returns an array containing a details or list of LDAP record(s) * ldapsearch -LLLx -hlocalhost -Dcn=admin,dc=parinux,dc=org -w password -b "ou=adherents,ou=people,dc=parinux,dc=org" userPassword * - * @param string $search Valeur champ cle recherche, sinon '*' pour tous. + * @param string $search Value of fiel to search, '*' for all. Not used if $activefilter is set. * @param string $userDn DN (Ex: ou=adherents,ou=people,dc=parinux,dc=org) * @param string $useridentifier Name of key field (Ex: uid) * @param array $attributeArray Array of fields required. Note this array must also contains field $useridentifier (Ex: sn,userPassword) - * @param int $activefilter 1=use field this->filter as filter instead of parameter $search + * @param int $activefilter '1' or 'user'=use field this->filter as filter instead of parameter $search, 'member'=use field this->filtermember as filter * @param array $attributeAsArray Array of fields wanted as an array not a string * @return array Array of [id_record][ldap_field]=value */ @@ -906,7 +908,7 @@ class Ldap { $fulllist=array(); - dol_syslog(get_class($this)."::getRecords search=".$search." userDn=".$userDn." useridentifier=".$useridentifier." attributeArray=array(".join(',',$attributeArray).")"); + dol_syslog(get_class($this)."::getRecords search=".$search." userDn=".$userDn." useridentifier=".$useridentifier." attributeArray=array(".join(',',$attributeArray).") activefilter=".$activefilter); // if the directory is AD, then bind first with the search user first if ($this->serverType == "activedirectory") @@ -916,15 +918,19 @@ class Ldap } // Define filter - if ($activefilter == 1) + if (! empty($activefilter)) { - if ($this->filter) + if (((string) $activefilter == '1' || (string) $activefilter == 'user') && $this->filter) { $filter = '('.$this->filter.')'; } - else + elseif (((string) $activefilter == 'member') && $this->filter) { - $filter='('.$useridentifier.'=*)'; + $filter = '('.$this->filtermember.')'; + } + else // If this->filter is empty, make fiter on * (all) + { + $filter = '('.$useridentifier.'=*)'; } } else diff --git a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php index 7a63a5cdeec..561ba330694 100644 --- a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php +++ b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php @@ -414,7 +414,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers elseif ($action == 'MEMBER_CREATE') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - if (! empty($conf->global->LDAP_MEMBER_ACTIVE)) + if (! empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') { $ldap=new Ldap(); $ldap->connect_bind(); @@ -433,7 +433,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers elseif ($action == 'MEMBER_VALIDATE') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - if (! empty($conf->global->LDAP_MEMBER_ACTIVE)) + if (! empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') { // If status field is setup to be synchronized if (! empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) @@ -457,7 +457,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers elseif ($action == 'MEMBER_SUBSCRIPTION') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - if (! empty($conf->global->LDAP_MEMBER_ACTIVE)) + if (! empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') { // If subscriptions fields are setup to be synchronized if ($conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE @@ -485,7 +485,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers elseif ($action == 'MEMBER_MODIFY') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - if (! empty($conf->global->LDAP_MEMBER_ACTIVE)) + if (! empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') { $ldap=new Ldap(); $ldap->connect_bind(); @@ -522,7 +522,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers elseif ($action == 'MEMBER_NEW_PASSWORD') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - if (! empty($conf->global->LDAP_MEMBER_ACTIVE)) + if (! empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') { // If password field is setup to be synchronized if ($conf->global->LDAP_FIELD_PASSWORD || $conf->global->LDAP_FIELD_PASSWORD_CRYPTED) @@ -546,7 +546,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers elseif ($action == 'MEMBER_RESILIATE') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - if (! empty($conf->global->LDAP_MEMBER_ACTIVE)) + if (! empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') { // If status field is setup to be synchronized if (! empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) @@ -570,7 +570,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers elseif ($action == 'MEMBER_DELETE') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); - if (! empty($conf->global->LDAP_MEMBER_ACTIVE)) + if (! empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') { $ldap=new Ldap(); $ldap->connect_bind(); diff --git a/scripts/members/sync_members_ldap2dolibarr.php b/scripts/members/sync_members_ldap2dolibarr.php index cf18a75e508..b6a27250557 100755 --- a/scripts/members/sync_members_ldap2dolibarr.php +++ b/scripts/members/sync_members_ldap2dolibarr.php @@ -2,7 +2,7 @@ - * Copyright (C) 2006-2010 Laurent Destailleur + * Copyright (C) 2006-2015 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -115,7 +115,8 @@ print "port=".$conf->global->LDAP_SERVER_PORT."\n"; print "login=".$conf->global->LDAP_ADMIN_DN."\n"; print "pass=".preg_replace('/./i','*',$conf->global->LDAP_ADMIN_PASS)."\n"; print "DN to extract=".$conf->global->LDAP_MEMBER_DN."\n"; -print 'Filter=('.$conf->global->LDAP_KEY_MEMBERS.'=*)'."\n"; +if (! empty($conf->global->LDAP_MEMBER_FILTER)) print 'Filter=('.$conf->global->LDAP_MEMBER_FILTER.')'."\n"; // Note: filter is defined into function getRecords +else print 'Filter=('.$conf->global->LDAP_KEY_MEMBERS.'=*)'."\n"; print "----- To Dolibarr database:\n"; print "type=".$conf->db->type."\n"; print "host=".$conf->db->host."\n"; @@ -191,7 +192,7 @@ if ($result >= 0) // We disable synchro Dolibarr-LDAP $conf->global->LDAP_MEMBER_ACTIVE=0; - $ldaprecords = $ldap->getRecords('*',$conf->global->LDAP_MEMBER_DN, $conf->global->LDAP_KEY_MEMBERS, $required_fields, 0); + $ldaprecords = $ldap->getRecords('*',$conf->global->LDAP_MEMBER_DN, $conf->global->LDAP_KEY_MEMBERS, $required_fields, 'member'); // Fiter on 'member' filter param if (is_array($ldaprecords)) { $db->begin(); diff --git a/scripts/user/sync_users_ldap2dolibarr.php b/scripts/user/sync_users_ldap2dolibarr.php index 53a48cc03ca..48917cc1042 100755 --- a/scripts/user/sync_users_ldap2dolibarr.php +++ b/scripts/user/sync_users_ldap2dolibarr.php @@ -106,7 +106,8 @@ print "port=".$conf->global->LDAP_SERVER_PORT."\n"; print "login=".$conf->global->LDAP_ADMIN_DN."\n"; print "pass=".preg_replace('/./i','*',$conf->global->LDAP_ADMIN_PASS)."\n"; print "DN to extract=".$conf->global->LDAP_USER_DN."\n"; -print 'Filter=('.$conf->global->LDAP_KEY_USERS.'=*)'."\n"; +if (! empty($conf->global->LDAP_FILTER_CONNECTION)) print 'Filter=('.$conf->global->LDAP_FILTER_CONNECTION.')'."\n"; // Note: filter is defined into function getRecords +else print 'Filter=('.$conf->global->LDAP_KEY_USERS.'=*)'."\n"; print "----- To Dolibarr database:\n"; print "type=".$conf->db->type."\n"; print "host=".$conf->db->host."\n"; @@ -177,7 +178,7 @@ if ($result >= 0) // We disable synchro Dolibarr-LDAP $conf->global->LDAP_SYNCHRO_ACTIVE=0; - $ldaprecords = $ldap->getRecords('*',$conf->global->LDAP_USER_DN, $conf->global->LDAP_KEY_USERS, $required_fields, 0); + $ldaprecords = $ldap->getRecords('*',$conf->global->LDAP_USER_DN, $conf->global->LDAP_KEY_USERS, $required_fields, 'user'); // Fiter on 'user' filter param if (is_array($ldaprecords)) { $db->begin();