Refactor common parts of LdapAuthorization and LdapAuthentication plugins into a...

[quix0rs-gnu-social.git] / plugins / LdapAuthorization / LdapAuthorizationPlugin.php

diff --git a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php
index 5173781f9f4f63c739d9b59c2535d768962b452f..97103d158e8c2e0c689cb0f0d31b8abe228c00f2 100644 (file)
--- a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php
+++ b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php
@@ -31,42 +31,28 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
     exit(1);
 }
 
-require_once INSTALLDIR.'/plugins/Authorization/AuthorizationPlugin.php';
-require_once 'Net/LDAP2.php';
-
 class LdapAuthorizationPlugin extends AuthorizationPlugin
 {
-    public $host=null;
-    public $port=null;
-    public $version=null;
-    public $starttls=null;
-    public $binddn=null;
-    public $bindpw=null;
-    public $basedn=null;
-    public $options=null;
-    public $filter=null;
-    public $scope=null;
-    public $provider_name = null;
-    public $uniqueMember_attribute = null;
-    public $roles_to_groups = null;
+    public $roles_to_groups = array();
     public $login_group = null;
 
     function onInitializePlugin(){
-        parent::onInitializePlugin();
-        if(!isset($this->host)){
-            throw new Exception("must specify a host");
-        }
-        if(!isset($this->basedn)){
-            throw new Exception("must specify a basedn");
-        }
         if(!isset($this->provider_name)){
             throw new Exception("provider_name must be set. Use the provider_name from the LDAP Authentication plugin.");
         }
         if(!isset($this->uniqueMember_attribute)){
             throw new Exception("uniqueMember_attribute must be set.");
         }
-        if(!isset($this->roles_to_groups)){
-            throw new Exception("roles_to_groups must be set.");
+        $this->ldapCommon = new LdapCommon(get_object_vars($this));
+    }
+
+    function onAutoload($cls)
+    {
+        switch ($cls)
+        {
+         case 'LdapCommon':
+            require_once(INSTALLDIR.'/plugins/LdapCommon/LdapCommon.php');
+            return false;
         }
     }
 
@@ -76,17 +62,17 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
         $user_username->user_id=$user->id;
         $user_username->provider_name=$this->provider_name;
         if($user_username->find() && $user_username->fetch()){
-            $entry = $this->ldap_get_user($user_username->username);
+            $entry = $this->ldapCommon->get_user($user_username->username);
             if($entry){
                 if(isset($this->login_group)){
                     if(is_array($this->login_group)){
                         foreach($this->login_group as $group){
-                            if($this->isMemberOfGroup($entry->dn(),$group)){
+                            if($this->ldapCommon->is_dn_member_of_group($entry->dn(),$group)){
                                 return true;
                             }
                         }
                     }else{
-                        if($this->isMemberOfGroup($entry->dn(),login_group)){
+                        if($this->ldapCommon->is_dn_member_of_group($entry->dn(),$this->login_group)){
                             return true;
                         }
                     }
@@ -108,17 +94,17 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
         $user_username->user_id=$profile->id;
         $user_username->provider_name=$this->provider_name;
         if($user_username->find() && $user_username->fetch()){
-            $entry = $this->ldap_get_user($user_username->username);
+            $entry = $this->ldapCommon->get_user($user_username->username);
             if($entry){
                 if(isset($this->roles_to_groups[$name])){
                     if(is_array($this->roles_to_groups[$name])){
                         foreach($this->roles_to_groups[$name] as $group){
-                            if($this->isMemberOfGroup($entry->dn(),$group)){
+                            if($this->ldapCommon->is_dn_member_of_group($entry->dn(),$group)){
                                 return true;
                             }
                         }
                     }else{
-                        if($this->isMemberOfGroup($entry->dn(),$this->roles_to_groups[$name])){
+                        if($this->ldapCommon->is_dn_member_of_group($entry->dn(),$this->roles_to_groups[$name])){
                             return true;
                         }
                     }
@@ -128,18 +114,14 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
         return false;
     }
 
-    function isMemberOfGroup($userDn, $groupDn)
+    function onPluginVersion(&$versions)
     {
-        $ldap = ldap_get_connection();
-        $link = $ldap->getLink();
-        $r = ldap_compare($link, $groupDn, $this->uniqueMember_attribute, $userDn);
-        if ($r === true){
-            return true;
-        }else if($r === false){
-            return false;
-        }else{
-            common_log(LOG_ERR, ldap_error($r));
-            return false;
-        }
+        $versions[] = array('name' => 'LDAP Authorization',
+                            'version' => STATUSNET_VERSION,
+                            'author' => 'Craig Andrews',
+                            'homepage' => 'http://status.net/wiki/Plugin:LdapAuthorization',
+                            'rawdescription' =>
+                            _m('The LDAP Authorization plugin allows for StatusNet to handle authorization through LDAP.'));
+        return true;
     }
 }