From 0cc89a62f97ce783d8915cba117bd581a47a38d2 Mon Sep 17 00:00:00 2001 From: "Paula V. Quispe" Date: Mon, 15 Jun 2015 17:12:59 -0400 Subject: [PATCH] PM-2973: Fourth migration ldapAdvanced --- .../authSources/authSourcesSynchronize.php | 61 +++ .../authSourcesSynchronizeAjax.php | 472 ++++++++++++++++++ .../methods/authSources/authSources_List.php | 3 +- .../authSources/authSources_SelectType.php | 2 - .../authSourcesListSyn.js} | 4 +- .../authSourcesSynchronize.html | 0 .../authSourcesSynchronize.js | 0 7 files changed, 536 insertions(+), 6 deletions(-) create mode 100755 workflow/engine/methods/authSources/authSourcesSynchronize.php create mode 100755 workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php rename workflow/engine/templates/{ldapAdvanced/authSourcesList.js => authSources/authSourcesListSyn.js} (95%) mode change 100755 => 100644 rename workflow/engine/templates/{ldapAdvanced => authSources}/authSourcesSynchronize.html (100%) rename workflow/engine/templates/{ldapAdvanced => authSources}/authSourcesSynchronize.js (100%) diff --git a/workflow/engine/methods/authSources/authSourcesSynchronize.php b/workflow/engine/methods/authSources/authSourcesSynchronize.php new file mode 100755 index 000000000..d9ce964e6 --- /dev/null +++ b/workflow/engine/methods/authSources/authSourcesSynchronize.php @@ -0,0 +1,61 @@ +. + * + * For more information, contact Colosa Inc, 2566 Le Jeune Rd., + * Coral Gables, FL, 33134, USA, or email info@colosa.com. + * + **/ + +global $RBAC; + +switch ($RBAC->userCanAccess("PM_USERS")) { + case - 2: + G::SendTemporalMessage("ID_USER_HAVENT_RIGHTS_SYSTEM", "error", "labels"); + G::header("location: ../login/login"); + die; + break; + case - 1: + G::SendTemporalMessage("ID_USER_HAVENT_RIGHTS_PAGE", "error", "labels"); + G::header("location: ../login/login"); + die; + break; + case -3: + G::SendTemporalMessage("ID_USER_HAVENT_RIGHTS_PAGE", "error", "labels"); + G::header("location: ../login/login"); + die; + break; +} + +if (!isset($_REQUEST["tab"])) { + $_REQUEST["tab"] = "synchronizeDepartments"; +} + +$authenticationSource = array("AUTH_SOURCE_UID" => $_REQUEST["authUid"], "CURRENT_TAB" => ($_REQUEST["tab"] == "synchronizeDepartments" ? 0 : 1)); + +$oHeadPublisher =& headPublisher::getSingleton(); +$oHeadPublisher->addExtJsScript("authSources/authSourcesSynchronize", false); +$oHeadPublisher->addContent("authSources/authSourcesSynchronize"); +$oHeadPublisher->assign("AUTHENTICATION_SOURCE", $authenticationSource); + +global $G_PUBLISH; + +$G_PUBLISH = new Publisher(); +G::RenderPage("publish", "extJs"); + diff --git a/workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php b/workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php new file mode 100755 index 000000000..2fa17fefc --- /dev/null +++ b/workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php @@ -0,0 +1,472 @@ +. + * + * For more information, contact Colosa Inc, 2566 Le Jeune Rd., + * Coral Gables, FL, 33134, USA, or email info@colosa.com. + * + **/ + +class treeNode extends stdclass +{ + public $text = ""; + public $cls = ""; + public $leaf = false; + public $checked = false; + public $children = array(); + public $id = ""; +} + +try { + require_once ("classes" . PATH_SEP . "model" . PATH_SEP . "Department.php"); + G::LoadThirdParty("pear" . PATH_SEP . "json", "class.json"); + + $json = new Services_JSON(); + header("Content-Type: application/json;"); + + switch ($_REQUEST["m"]) { + case "loadDepartments": + global $ldapAdvanced; + global $departments; + global $terminatedOu; + global $baseDN; + + $ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]); + $RBAC =& RBAC::getSingleton(); + $authenticationSource = $RBAC->authSourcesObj->load($_REQUEST["authUid"]); + $baseDN = $authenticationSource["AUTH_SOURCE_BASE_DN"]; + $departments = $ldapAdvanced->searchDepartments(); + $terminatedOu = $ldapAdvanced->getTerminatedOu(); + $nodes = lookForChildrenDeps(""); + die($json->encode($nodes)); + break; + case "saveDepartments": + $depsToCheck = explode("|", $_REQUEST["departmentsDN"]); + $depsToCheck = array_map("urldecode", $depsToCheck); + $depsToUncheck = getDepartmentsToUncheck($depsToCheck); + $RBAC =& RBAC::getSingleton(); + $authenticationSource = $RBAC->authSourcesObj->load($_REQUEST["authUid"]); + $ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]); + + foreach ($depsToCheck as $departmentDN) { + $baseDN = str_replace($authenticationSource["AUTH_SOURCE_BASE_DN"], "", $departmentDN); + $ous = custom_ldap_explode_dn($departmentDN); + $currentDep = array_shift($ous); + $parentDN = implode(",", $ous); + + //$ous = custom_ldap_explode_dn($baseDN); + //$currentDep = array_shift($ous); + + foreach ($ous as $key => $val) { + $aux = explode("=", $val); + + if (isset($aux[0]) && strtolower(trim($aux[0])) != "ou") { + unset($ous[$key]); + } + } + + if ($currentDep == "") { + $depTitle = "ROOT " . $authenticationSource["AUTH_SOURCE_BASE_DN"]; + } else { + $depAux = explode("=", $currentDep); + $depTitle = trim($depAux[1]); + } + + $departmentUID = $ldapAdvanced->getDepUidIfExistsDN($departmentDN); + + if ($departmentUID == "") { + if (count($ous) == 0) { + $parentUid = ""; + } else { + $parentUid = $ldapAdvanced->getDepUidIfExistsDN($parentDN); + + if ($parentUid == "") { + $response = new stdclass(); + $response->status = "ERROR"; + $response->message = "Parent departments are needed before create this sub department " . $parentDN; + die($json->encode($response)); + } + } + + $department = new department(); + $row["DEP_TITLE"] = stripslashes($depTitle); + $row["DEP_PARENT"] = $parentUid; + $row["DEP_LDAP_DN"] = $departmentDN; + $row["DEP_REF_CODE"] = ""; + $departmentUID = $department->create($row); + + if ($departmentUID == false) { + $response = new stdclass(); + $response->status = "ERROR"; + $response->message = "Error creating department"; + die($json->encode($response)); + } + } + } + + if (count($depsToUncheck) > 0) { + foreach ($depsToUncheck as $departmentDN) { + $departmentUID = $ldapAdvanced->getDepUidIfExistsDN($departmentDN); + + if ($departmentUID != "") { + $department = new department(); + $departmentInfo = $department->Load($departmentUID); + + $arrayAux1 = custom_ldap_explode_dn($departmentDN); + + foreach ($arrayAux1 as $index => $value) { + $arrayAux2 = explode("=", $value); + + if (isset($arrayAux2[0]) && strtolower(trim($arrayAux2[0])) == "ou") { + unset($arrayAux1[$index]); + } + } + + $departmentBaseDn = implode(",", $arrayAux1); + + if (strtolower($departmentBaseDn) == strtolower($authenticationSource["AUTH_SOURCE_BASE_DN"])) { + $departmentInfo["DEP_LDAP_DN"] = ""; + $department->update($departmentInfo); + + if (!isset($authenticationSource["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"])) { + $authenticationSource["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"] = array(); + } + + $authenticationSource["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"][] = $departmentUID; + } + } + } + + $RBAC->authSourcesObj->update($authenticationSource); + } + + $response = new stdclass(); + $response->status = "OK"; + die($json->encode($response)); + break; + case "loadGroups": + global $ldapAdvanced; + global $groups; + + $ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]); + $groups = $ldapAdvanced->searchGroups(); + $nodes = lookForChildrenGroups(); + die($json->encode($nodes)); + break; + case "saveGroups": + $groupsToCheck = explode("|", $_REQUEST["groupsDN"]); + $groupsToCheck = array_map("urldecode", $groupsToCheck); + $groupsToUncheck = getGroupsToUncheck($groupsToCheck); + $RBAC =& RBAC::getSingleton(); + $authenticationSource = $RBAC->authSourcesObj->load($_REQUEST["authUid"]); + $ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]); + + foreach ($groupsToCheck as $groupDN) { + //$baseDN = str_replace($authenticationSource["AUTH_SOURCE_BASE_DN"], "", $groupDN); + $ous = custom_ldap_explode_dn($groupDN); + $currentGroup = array_shift($ous); + //$parentDN = implode(",", $ous); + //$ous = custom_ldap_explode_dn($baseDN); + //$currentGroup = array_shift($ous); + + foreach ($ous as $key => $val) { + $aux = explode("=", $val); + + if (isset($aux[0]) && strtolower(trim($aux[0]) != "ou")) { + unset($ous[$key]); + } + } + + $groupAux = explode("=", $currentGroup); + $groupTitle = isset($groupAux[1]) ? trim($groupAux[1]) : ""; + $groupUID = $ldapAdvanced->getGrpUidIfExistsDN($groupDN); + + if ($groupUID == "") { + $group = new Groupwf(); + $row["GRP_TITLE"] = stripslashes($groupTitle); + $row["GRP_LDAP_DN"] = $groupDN; + $groupUID = $group->create($row); + + if ($groupUID == false) { + $response = new stdclass(); + $response->status = "ERROR"; + $response->message = "Error creating group"; + die($json->encode($response)); + } + } + } + + if (count($groupsToUncheck) > 0) { + foreach ($groupsToUncheck as $groupDN) { + $groupUID = $ldapAdvanced->getGrpUidIfExistsDN($groupDN); + + if ($groupUID != "") { + $group = new Groupwf(); + $groupInfo = $group->Load($groupUID); + $groupInfo["GRP_LDAP_DN"] = ""; + $group->update($groupInfo); + + if (!isset($authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"])) { + $authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"] = array(); + } + + $authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"][] = $groupUID; + } + } + + $RBAC->authSourcesObj->update($authenticationSource); + } + + $response = new stdclass(); + $response->status = "OK"; + die($json->encode($response)); + break; + } +} catch (Exception $error) { + $response = new stdclass(); + $response->status = "ERROR"; + $response->message = $error->getMessage(); + + die($json->encode($response)); +} + +function getLDAPAdvanceInstance($authUid) +{ + $RBAC = &RBAC::getSingleton(); + $ldapAdvanced = new ldapAdvanced(); + $ldapAdvanced->sAuthSource = $authUid; + $ldapAdvanced->sSystem = $RBAC->sSystem; + + return $ldapAdvanced; +} + +function getDepartments($parent) +{ + global $departments; + global $terminatedOu; + global $baseDN; + + $parentDepartments = $departments; + $childDepartments = $departments; + $currentDepartments = array(); + + foreach ($parentDepartments as $key => $val) { + if (strtolower($val["dn"]) != strtolower($parent)) { + if ((strtolower($val["parent"]) == strtolower($parent)) && (strtolower($val["ou"]) != strtolower($terminatedOu))) { + $node = array(); + $node["DEP_UID"] = $val["ou"]; + $node["DEP_TITLE"] = $val["ou"]; + $node["DEP_USERS"] = $val["users"]; + $node["DEP_DN"] = $val["dn"]; + $node["HAS_CHILDREN"] = false; + $departments[$key]["hasChildren"] = false; + + foreach ($childDepartments as $key2 => $val2) { + if (strtolower($val2["parent"]) == strtolower($val["dn"])) { + $node["HAS_CHILDREN"] = true; + $departments[$key]["hasChildren"] = true; + break; + } + } + + $node["DEP_LAST"] = false; + $currentDepartments[] = $node; + } + } + } + + if (isset($currentDepartments[count($currentDepartments) - 1])) { + $currentDepartments[count($currentDepartments) - 1]["DEP_LAST"] = true; + } + + return $currentDepartments; +} + +function lookForChildrenDeps($parent) +{ + global $ldapAdvanced; + global $departments; + + $allDepartments = getDepartments($parent); + $departmentsObjects = array(); + + $arrayDepartmentNumberOfUsersFromDb = $ldapAdvanced->departmentsGetNumberOfUsersFromDb(); + + foreach ($allDepartments as $department) { + $departmentObject = new treeNode(); + $departmentObject->text = htmlentities($department["DEP_TITLE"], ENT_QUOTES, "UTF-8"); + $departmentUid = $ldapAdvanced->getDepUidIfExistsDN($department["DEP_DN"]); + + if ($departmentUid != "") { + $departmentObject->text .= " (" . ((isset($arrayDepartmentNumberOfUsersFromDb[$departmentUid]))? $arrayDepartmentNumberOfUsersFromDb[$departmentUid] : 0) . ")"; + $departmentObject->checked = true; + } else { + $departmentObject->checked = false; + } + + if ($department["HAS_CHILDREN"] == 1) { + $departmentObject->children = lookForChildrenDeps($department["DEP_DN"]); + } + + $departmentObject->id = urlencode($department["DEP_DN"]); + $departmentsObjects[] = $departmentObject; + } + return $departmentsObjects; +} + +function getDepartmentsWithDN() +{ + $arrayDepartmentLdapDn = array(); + + $criteria = new Criteria("workflow"); + + $criteria->addSelectColumn(DepartmentPeer::DEP_LDAP_DN); + $criteria->add(DepartmentPeer::DEP_LDAP_DN, "", Criteria::NOT_EQUAL); + $criteria->add(DepartmentPeer::DEP_LDAP_DN, null, Criteria::ISNOTNULL); + + $rsCriteria = DepartmentPeer::doSelectRS($criteria); + $rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC); + + while ($rsCriteria->next()) { + $row = $rsCriteria->getRow(); + + $arrayDepartmentLdapDn[] = $row; + } + + return $arrayDepartmentLdapDn; +} + +function getDepartmentsToUncheck($depsToCheck) +{ + $departmentsWithDN = getDepartmentsWithDN(); + $depsToUncheck = array(); + + foreach ($departmentsWithDN as $departmentWithDN) { + $found = false; + + foreach ($depsToCheck as $depToCheck) { + if ($departmentWithDN["DEP_LDAP_DN"] == $depToCheck) { + $found = true; + } + } + + if (!$found) { + $depsToUncheck[] = $departmentWithDN["DEP_LDAP_DN"]; + } + } + + return $depsToUncheck; +} + +function getGroups() +{ + global $groups; + + $currentGroups = array(); + + foreach ($groups as $key => $val) { + $node = array(); + $node["GRP_UID"] = $val["cn"]; + $node["GRP_TITLE"] = $val["cn"]; + $node["GRP_USERS"] = $val["users"]; + $node["GRP_DN"] = $val["dn"]; + $currentGroups[] = $node; + } + + return $currentGroups; +} + +function lookForChildrenGroups() +{ + global $ldapAdvanced; + global $groups; + + $allGroups = getGroups(); + $groupsObjects = array(); + + $arrayGroupNumberOfUsersFromDb = $ldapAdvanced->groupsGetNumberOfUsersFromDb(); + + foreach ($allGroups as $group) { + $groupObject = new treeNode(); + $groupObject->text = htmlentities($group["GRP_TITLE"], ENT_QUOTES, "UTF-8"); + $groupUid = $ldapAdvanced->getGrpUidIfExistsDN($group["GRP_DN"]); + + if ($groupUid != "") { + $groupObject->text .= " (" . ((isset($arrayGroupNumberOfUsersFromDb[$groupUid]))? $arrayGroupNumberOfUsersFromDb[$groupUid] : 0) . ")"; + $groupObject->checked = true; + } else { + $groupObject->checked = false; + } + + $groupObject->id = urlencode($group["GRP_DN"]); + $groupsObjects[] = $groupObject; + } + + return $groupsObjects; +} + +function getGroupsWithDN() +{ + $groupInstance = new Groupwf(); + $allGroups = $groupInstance->getAll()->data; + $groupsWithDN = array(); + + foreach ($allGroups as $group) { + if ($group["GRP_LDAP_DN"] != "") { + $groupsWithDN[] = $group; + } + } + + return $groupsWithDN; +} + +function getGroupsToUncheck($groupsToCheck) +{ + $groupsWithDN = getGroupsWithDN(); + $groupsToUncheck = array(); + + foreach ($groupsWithDN as $groupWithDN) { + $found = false; + + foreach ($groupsToCheck as $groupToCheck) { + if ($groupWithDN["GRP_LDAP_DN"] == $groupToCheck) { + $found = true; + } + } + + if (!$found) { + $groupsToUncheck[] = $groupWithDN["GRP_LDAP_DN"]; + } + } + + return $groupsToUncheck; +} + +function custom_ldap_explode_dn($dn) +{ + $result = ldap_explode_dn($dn, 0); + unset($result["count"]); + + foreach ($result as $key => $value) { + $result[$key] = addcslashes(preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $value), '<>,"'); + } + + return($result); +} + diff --git a/workflow/engine/methods/authSources/authSources_List.php b/workflow/engine/methods/authSources/authSources_List.php index 6d0f299e3..d6e06407b 100755 --- a/workflow/engine/methods/authSources/authSources_List.php +++ b/workflow/engine/methods/authSources/authSources_List.php @@ -33,7 +33,6 @@ G::LoadClass( 'configuration' ); $c = new Configurations(); $configPage = $c->getConfiguration( 'authSourcesList', 'pageSize', '', $_SESSION['USER_LOGGED'] ); $Config['pageSize'] = isset( $configPage['pageSize'] ) ? $configPage['pageSize'] : 20; -G::pr($Config); $G_MAIN_MENU = 'processmaker'; $G_SUB_MENU = 'users'; $G_ID_MENU_SELECTED = 'USERS'; @@ -43,7 +42,7 @@ $G_PUBLISH = new Publisher(); $oHeadPublisher = & headPublisher::getSingleton(); $oHeadPublisher->addExtJsScript( 'authSources/authSourcesList', false ); //adding a javascript file .js -$oHeadPublisher->addExtJsScript (PATH_TPL. 'ldapAdvanced/authSourcesList', false ); //adding a javascript file .js +$oHeadPublisher->addExtJsScript( 'authSources/authSourcesListSyn', false ); //adding a javascript file .js $oHeadPublisher->addContent( 'authSources/authSourcesList' ); //adding a html file .html. $oHeadPublisher->assign( 'FORMATS', $c->getFormats() ); $oHeadPublisher->assign( 'CONFIG', $Config ); diff --git a/workflow/engine/methods/authSources/authSources_SelectType.php b/workflow/engine/methods/authSources/authSources_SelectType.php index 8ae58e893..437823ba8 100755 --- a/workflow/engine/methods/authSources/authSources_SelectType.php +++ b/workflow/engine/methods/authSources/authSources_SelectType.php @@ -34,13 +34,11 @@ $G_ID_MENU_SELECTED = 'USERS'; $G_ID_SUB_MENU_SELECTED = 'AUTH_SOURCES'; $aAuthSourceTypes = array (array ('sType' => 'char','sLabel' => 'char')); -error_log(PATH_RBAC . 'plugins' . PATH_SEP); $oDirectory = dir( PATH_RBAC . 'plugins' . PATH_SEP ); while ($sObject = $oDirectory->read()) { if (($sObject != '.') && ($sObject != '..') && ($sObject != '.svn') && ($sObject != 'ldap')) { if (is_file( PATH_RBAC . 'plugins' . PATH_SEP . $sObject )) { $sType = trim( str_replace( 'class.', '', str_replace( '.php', '', $sObject ) ) ); - error_log($sType); $aAuthSourceTypes[] = array ('sType' => $sType,'sLabel' => $sType ); } } diff --git a/workflow/engine/templates/ldapAdvanced/authSourcesList.js b/workflow/engine/templates/authSources/authSourcesListSyn.js old mode 100755 new mode 100644 similarity index 95% rename from workflow/engine/templates/ldapAdvanced/authSourcesList.js rename to workflow/engine/templates/authSources/authSourcesListSyn.js index ece98e9e7..c38cd0471 --- a/workflow/engine/templates/ldapAdvanced/authSourcesList.js +++ b/workflow/engine/templates/authSources/authSourcesListSyn.js @@ -15,14 +15,14 @@ var synchronizeGroupsLDAPADV = function() { }; var synchronizeDepartmentsButtonLDAPADV = new Ext.Action({ - text: 'Synchronize Departmentssss', + text: 'Synchronize Departments', iconCls: 'ICON_DEPARTAMENTS', disabled: true, handler: synchronizeDepartmentsLDAPADV }); var synchronizeGroupsButtonLDAPADV = new Ext.Action({ - text: 'Synchronize Groupssss', + text: 'Synchronize Groups', iconCls: 'ICON_GROUPS', disabled: true, handler: synchronizeGroupsLDAPADV diff --git a/workflow/engine/templates/ldapAdvanced/authSourcesSynchronize.html b/workflow/engine/templates/authSources/authSourcesSynchronize.html similarity index 100% rename from workflow/engine/templates/ldapAdvanced/authSourcesSynchronize.html rename to workflow/engine/templates/authSources/authSourcesSynchronize.html diff --git a/workflow/engine/templates/ldapAdvanced/authSourcesSynchronize.js b/workflow/engine/templates/authSources/authSourcesSynchronize.js similarity index 100% rename from workflow/engine/templates/ldapAdvanced/authSourcesSynchronize.js rename to workflow/engine/templates/authSources/authSourcesSynchronize.js