| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 3 require_once ('ldap-class.inc.php'); 4 5 6 /** 7 * Classe people qui permet de gérer les utilisateurs de se3 8 * 9 * Cette classe fournit une abstraction qui permet de gérer 10 * les utilisateurs du se3 de façon homogène. 11 * 12 */ 13 14 class people { 15 // public $title; //devrait être utilisé 16 // public $type; // pourrait être utilisé Administratif, Prof, Eleves 17 public $nom; 18 public $prenom; 19 public $cn; 20 public $mail; 21 public $naissance; // On utilise le champs description du LDAP carLicense 22 23 public $uid; 24 public $uidnumber; 25 public $gidnumber; 26 27 public $gecos; 28 29 public $ine; 30 public $userpw; 31 32 public $loginshell; 33 34 public $sambaAcctFlag; 35 public $sambaLMPassword; 36 public $sambaNTPassword; 37 public $sambaSID; 38 public $sambaPrimaryGroupSID; 39 public $sambaPwdLastSet; 40 public $sambaPwdMustChange; 41 42 // Membre protégé 43 protected $passwdhash; 44 protected $dn; 45 46 /** 47 * Constructeur de la classe 48 * 49 * Le constructeur de la classe people peut travailler de trois façons : 50 * - si il n'a pas d'argument, il donne une instance vide de la classe 51 * qui peut être remplie comme on veut 52 * - S'il a une chaine en argument, il considère que c'est un uid et 53 * va lire dans l'annuaire les informations 54 * - Si il a un tableau en argument, il considère qu'on crée un nouvel 55 * utilisateur à partir d'un tableau 56 */ 57 58 function __construct() { 59 if (func_num_args() == 1 ) { 60 if (is_array(func_get_arg(0))) { 61 $people = func_get_arg(0); 62 $this->nom=$people['nom']; 63 $this->prenom=$people['prenom']; 64 $this->mail=$people['mail']; 65 $this->naissance=$people['naissance']; 66 $this->uid=$people['uid']; 67 $this->ine=$people['ine']; 68 if (isset($people['userpw'])) $this->pwdhash=$people['userpw']; 69 } 70 else{ 71 $this->read_from_ldap(func_get_arg(0)); 72 } 73 } 74 } 75 76 /** 77 * Mapping des paramètres LDAP / Objet 78 * 79 */ 80 81 82 function assign_attrib_from_ldap($ldap_entry,$ldap_attrib,$attrib) { 83 if (is_array($ldap_entry[$ldap_attrib])) { 84 $this->$attrib=$ldap_entry[$ldap_attrib]['0']; 85 } 86 } 87 88 function map_to_ldap(&$ldap_entry,$attrib,$ldap_attrib) { 89 if ($this->$attrib !='') { 90 $ldap_admin[$ldap_entry]=$this->$attrib; 91 } 92 } 93 94 /** 95 * Génération aléatoire de mot de passe 96 */ 97 98 function random_password() { 99 100 $this->userpw=substr(`openssl rand -base64 12 | tr -d '/'`,0,8); 101 $this->set_password($this->userpw); 102 103 } 104 105 /** 106 * Fixer les mots de passe dans le LDAP 107 */ 108 109 function set_password() { 110 111 if ($this->uid_is_in_ldap()) { 112 $password=$userpassword = "{SHA}" . base64_encode( pack('H*', sha1( $this->userpw))); 113 $ntpassword=`mkntpwd -N $this->userpw`; 114 $lmpassword=`mkntpwd -L $this->userpw`; 115 $attribut['userPassword']=$password; 116 $attributlm['sambaLMPassword']=$lmpassword; 117 $attributnt['sambaNTPassword']=$ntpassword; 118 $search_dn=$c2i_ldap['people_dn']; 119 $filter="(uid=".$this->uid.")"; 120 $dn="uid=".$this->uid.",".$c2i_ldap['people_dn']; 121 $ldap_search_result=ldap_search($ldap_res,$search_dn,$filter); 122 $info=ldap_get_entries($ldap_res,$ldap_search_result); 123 if (isset($info['0']['userpassword'])) { 124 //password exists 125 ldap_mod_replace($ldap_res,$dn,$attribut); 126 } 127 else { 128 ldap_mod_add($ldap_res,$dn,$attribut); 129 } 130 if (isset($info['0']['sambaNTPassword'])) { 131 //password exists 132 ldap_mod_replace($ldap_res,$dn,$attributnt); 133 } 134 else { 135 ldap_mod_add($ldap_res,$dn,$attributnt); 136 } 137 if (isset($info['0']['sambaLMPassword'])) { 138 //password exists 139 ldap_mod_replace($ldap_res,$dn,$attributlm); 140 } 141 else { 142 ldap_mod_add($ldap_res,$dn,$attributlm); 143 } 144 } 145 // TODO : * regrouper en un seul appel 146 // * si on a amdin, modifier le htpassword aussi pour setup 147 } 148 149 150 151 function add_to_group($group) { 152 global $Se3Ldap; 153 154 if (!$this->is_member($group)) { 155 $ldap_dn="cn=$group,".$Se3Ldap->dn['groups']; 156 $ldap_people['memberUid']=$this->uid; 157 ldap_mod_add($Se3Ldap->res,$ldap_dn,$ldap_people); 158 } 159 } 160 161 function del_from_group($group) { 162 global $Se3Ldap; 163 164 if ($this->is_member($group)) { 165 $ldap_dn="cn=$group,".$Se3Ldap->dn['groups']; 166 $ldap_people['memberUid']=$this->uid; 167 ldap_mod_del($Se3Ldap->res,$ldap_dn,$ldap_people); 168 } 169 } 170 171 function uid_is_in_ldap() { 172 global $Se3Ldap; 173 174 if (!isset($this->uid)) return FALSE; 175 176 $search_dn=$Se3Ldap->dn['people']; 177 $filter="(uid=".$this->uid.")"; 178 179 $ldap_search_result=ldap_search($Se3Ldap->res,$search_dn,$filter); 180 $info=ldap_get_entries($Se3Ldap->res,$ldap_search_result); 181 if ($info['count']>0) { 182 return TRUE; 183 } 184 else { 185 return FALSE; 186 } 187 } 188 189 function is_member($group) { 190 global $Se3Ldap; 191 192 $search_dn=$Se3Ldap->dn['groups']; 193 $filter="(&(cn=$group)(memberUid=".$this->uid."))"; 194 $ldap_search_result=ldap_search($Se3Ldap->res,$search_dn,$filter); 195 $info=ldap_get_entries($Se3Ldap->res,$ldap_search_result); 196 if ($info['count']>0) { 197 return true; 198 } 199 else { 200 return false; 201 } 202 } 203 204 function get_groups($type='') { 205 global $Se3Ldap; 206 $groups=array(); 207 208 $search_dn=$Se3Ldap->dn['groups']; 209 $filter="(memberUid=".$this->uid.")"; 210 if ($type != '') $filter="(&(cn=".$type."*)".$filter.")"; 211 $ldap_search_result=ldap_search($Se3Ldap->res,$search_dn,$filter); 212 $info=ldap_get_entries($Se3Ldap->res,$ldap_search_result); 213 $number_groups=$info['count']; 214 for ($i=0;$i<$number_groups;$i++) { 215 $groups[$info[$i]['cn']['0']]=$info[$i]['description']['0']; 216 } 217 return $groups; 218 } 219 220 function get_equipes() { 221 return $this->get_groups("Equipe_"); 222 } 223 224 function get_matieres() { 225 return $this->get_groups("Matiere_"); 226 } 227 228 function read_from_ldap ($uid) { 229 // le uid peut être donné isolément ou sous la forme de dn LDAP 230 global $Se3Ldap; 231 232 $search_dn=$Se3Ldap->dn['people']; 233 $uid=trim($uid); 234 $exploded=explode(',',$uid); 235 $uid=$exploded['0']; 236 $exploded=explode('=',$uid); 237 if (isset($exploded['1'])) { 238 $uid=$exploded['1']; 239 } 240 else { 241 $uid=$exploded['0']; 242 } 243 244 $filter="(uid=$uid)"; 245 246 $ldap_search_result=ldap_list($Se3Ldap->res,$search_dn,$filter); 247 248 $peoples=ldap_get_entries($Se3Ldap->res,$ldap_search_result); 249 250 $people=$peoples['0']; 251 252 $this->uid=$people['uid']['0']; 253 $this->name=$people['sn']['0']; 254 $this->assign_attrib_from_ldap($people,'givenname','firstname'); 255 $this->assign_attrib_from_ldap($people,'mail','mail'); 256 $this->assign_attrib_from_ldap($people,'telephonenumber','phone'); 257 $this->assign_attrib_from_ldap($people,'title','title'); 258 $this->assign_attrib_from_ldap($people,'carlicense','birth'); 259 $this->assign_attrib_from_ldap($people,'departmentnumber','section'); 260 $this->assign_attrib_from_ldap($people,'userpassword','pwdhash'); 261 $this->assign_attrib_from_ldap($people,'ou','rne'); 262 $this->assign_attrib_from_ldap($people,'jpegphoto','photo'); 263 $this->assign_attrib_from_ldap($people,'employeetype','type'); 264 $this->assign_attrib_from_ldap($people,'employeenumber','ine'); 265 $this->assign_attrib_from_ldap($people,'cn','cn'); 266 $this->assign_attrib_from_ldap($people,'l','localisation'); 267 } 268 269 270 function modify_into_ldap() { 271 global $c2i_ldap; 272 global $ldap_res; 273 global $current_year; 274 275 $ldap_dn="uid=".$this->uid.",".$c2i_ldap['people_dn']; 276 277 $ldap_entry['objectClass']="inetOrgPerson"; 278 $ldap_entry['uid']=$this->uid; 279 280 $this->map_to_ldap($ldap_entry,'name','sn'); 281 $this->map_to_ldap($ldap_entry,'firstname','givenName'); 282 $this->cn=$this->firstname." ".$this->name; 283 $this->map_to_ldap($ldap_entry,'cn','cn'); 284 $this->map_to_ldap($ldap_entry,'title','title'); 285 $this->map_to_ldap($ldap_entry,'rne','ou'); 286 $this->map_to_ldap($ldap_entry,'mail','mail'); 287 $this->map_to_ldap($ldap_entry,'phone','telephoneNumber'); 288 289 if ($this->type=="pupil") { 290 $this->map_to_ldap($ldap_entry,'section','departmentNumber'); 291 $this->map_to_ldap($ldap_entry,'birth','carLicense'); 292 $this->map_to_ldap($ldap_entry,'localisation','l'); 293 break; 294 } 295 296 ldap_modify($ldap_res,$ldap_dn,$ldap_entry); 297 298 if (isset($this->pwdclear)) { 299 $this->set_password($this->pwdclear); 300 } 301 302 } 303 304 function destroy(){ 305 306 global $c2i_ldap; 307 global $ldap_res; 308 global $current_year; 309 310 if ($this->is_in_ldap()) { 311 switch ($this->type) { 312 case 'sadmin': 313 $this->del_from_group('sadmins'); 314 break; 315 case 'admin': 316 if ($this->is_member('admins')) $this->del_from_group('admins'); 317 $this->delete_from_SQL(); 318 break; 319 case 'teacher': 320 if ($this->is_member('teacher')) $this->del_from_group('teachers'); 321 $this->delete_from_SQL(); 322 break; 323 case 'pupil': 324 $group = $current_year."_".$this->rne."_".$this->section; 325 if ($this->is_member($group)) $this->del_from_group($group); 326 if ($this->is_member('pupils')) $this->del_from_group('pupils'); 327 if ($this->is_member('trash')) $this->del_from_group('trash'); 328 break; 329 } 330 331 $ldap_dn="uid=".$this->uid.",".$c2i_ldap['people_dn']; 332 ldap_delete($ldap_res,$ldap_dn); 333 334 } 335 336 } 337 } 338 339 340 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Mar 17 22:47:18 2015 | Cross-referenced by PHPXref 0.7.1 |