fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PM-2973: Fourth migration ldapAdvanced

Browse Source
This commit is contained in:
Paula V. Quispe
2015-06-15 17:12:59 -04:00
parent 3e4e5582ad
commit 0cc89a62f9
7 changed files with 536 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
workflow/engine/methods/authSources/authSourcesSynchronize.php Executable file
View File

@@ -0,0 +1,61 @@
<?php
/**
* authSourcesSynchronize.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2011 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
**/
global $RBAC;
switch ($RBAC->userCanAccess("PM_USERS")) {
case - 2:
G::SendTemporalMessage("ID_USER_HAVENT_RIGHTS_SYSTEM", "error", "labels");
G::header("location: ../login/login");
die;
break;
case - 1:
G::SendTemporalMessage("ID_USER_HAVENT_RIGHTS_PAGE", "error", "labels");
G::header("location: ../login/login");
die;
break;
case -3:
G::SendTemporalMessage("ID_USER_HAVENT_RIGHTS_PAGE", "error", "labels");
G::header("location: ../login/login");
die;
break;
}
if (!isset($_REQUEST["tab"])) {
$_REQUEST["tab"] = "synchronizeDepartments";
}
$authenticationSource = array("AUTH_SOURCE_UID" => $_REQUEST["authUid"], "CURRENT_TAB" => ($_REQUEST["tab"] == "synchronizeDepartments" ? 0 : 1));
$oHeadPublisher =& headPublisher::getSingleton();
$oHeadPublisher->addExtJsScript("authSources/authSourcesSynchronize", false);
$oHeadPublisher->addContent("authSources/authSourcesSynchronize");
$oHeadPublisher->assign("AUTHENTICATION_SOURCE", $authenticationSource);
global $G_PUBLISH;
$G_PUBLISH = new Publisher();
G::RenderPage("publish", "extJs");

472
workflow/engine/methods/authSources/authSourcesSynchronizeAjax.php Executable file
View File

@@ -0,0 +1,472 @@
<?php
/**
* authSourcesSynchronizeAjax.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2011 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
**/
class treeNode extends stdclass
{
public $text = "";
public $cls = "";
public $leaf = false;
public $checked = false;
public $children = array();
public $id = "";
}
try {
require_once ("classes" . PATH_SEP . "model" . PATH_SEP . "Department.php");
G::LoadThirdParty("pear" . PATH_SEP . "json", "class.json");
$json = new Services_JSON();
header("Content-Type: application/json;");
switch ($_REQUEST["m"]) {
case "loadDepartments":
global $ldapAdvanced;
global $departments;
global $terminatedOu;
global $baseDN;
$ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]);
$RBAC =& RBAC::getSingleton();
$authenticationSource = $RBAC->authSourcesObj->load($_REQUEST["authUid"]);
$baseDN = $authenticationSource["AUTH_SOURCE_BASE_DN"];
$departments = $ldapAdvanced->searchDepartments();
$terminatedOu = $ldapAdvanced->getTerminatedOu();
$nodes = lookForChildrenDeps("");
die($json->encode($nodes));
break;
case "saveDepartments":
$depsToCheck = explode("|", $_REQUEST["departmentsDN"]);
$depsToCheck = array_map("urldecode", $depsToCheck);
$depsToUncheck = getDepartmentsToUncheck($depsToCheck);
$RBAC =& RBAC::getSingleton();
$authenticationSource = $RBAC->authSourcesObj->load($_REQUEST["authUid"]);
$ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]);
foreach ($depsToCheck as $departmentDN) {
$baseDN = str_replace($authenticationSource["AUTH_SOURCE_BASE_DN"], "", $departmentDN);
$ous = custom_ldap_explode_dn($departmentDN);
$currentDep = array_shift($ous);
$parentDN = implode(",", $ous);
//$ous = custom_ldap_explode_dn($baseDN);
//$currentDep = array_shift($ous);
foreach ($ous as $key => $val) {
$aux = explode("=", $val);
if (isset($aux[0]) && strtolower(trim($aux[0])) != "ou") {
unset($ous[$key]);
}
}
if ($currentDep == "") {
$depTitle = "ROOT " . $authenticationSource["AUTH_SOURCE_BASE_DN"];
} else {
$depAux = explode("=", $currentDep);
$depTitle = trim($depAux[1]);
}
$departmentUID = $ldapAdvanced->getDepUidIfExistsDN($departmentDN);
if ($departmentUID == "") {
if (count($ous) == 0) {
$parentUid = "";
} else {
$parentUid = $ldapAdvanced->getDepUidIfExistsDN($parentDN);
if ($parentUid == "") {
$response = new stdclass();
$response->status = "ERROR";
$response->message = "Parent departments are needed before create this sub department " . $parentDN;
die($json->encode($response));
}
}
$department = new department();
$row["DEP_TITLE"] = stripslashes($depTitle);
$row["DEP_PARENT"] = $parentUid;
$row["DEP_LDAP_DN"] = $departmentDN;
$row["DEP_REF_CODE"] = "";
$departmentUID = $department->create($row);
if ($departmentUID == false) {
$response = new stdclass();
$response->status = "ERROR";
$response->message = "Error creating department";
die($json->encode($response));
}
}
}
if (count($depsToUncheck) > 0) {
foreach ($depsToUncheck as $departmentDN) {
$departmentUID = $ldapAdvanced->getDepUidIfExistsDN($departmentDN);
if ($departmentUID != "") {
$department = new department();
$departmentInfo = $department->Load($departmentUID);
$arrayAux1 = custom_ldap_explode_dn($departmentDN);
foreach ($arrayAux1 as $index => $value) {
$arrayAux2 = explode("=", $value);
if (isset($arrayAux2[0]) && strtolower(trim($arrayAux2[0])) == "ou") {
unset($arrayAux1[$index]);
}
}
$departmentBaseDn = implode(",", $arrayAux1);
if (strtolower($departmentBaseDn) == strtolower($authenticationSource["AUTH_SOURCE_BASE_DN"])) {
$departmentInfo["DEP_LDAP_DN"] = "";
$department->update($departmentInfo);
if (!isset($authenticationSource["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"])) {
$authenticationSource["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"] = array();
}
$authenticationSource["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"][] = $departmentUID;
}
}
}
$RBAC->authSourcesObj->update($authenticationSource);
}
$response = new stdclass();
$response->status = "OK";
die($json->encode($response));
break;
case "loadGroups":
global $ldapAdvanced;
global $groups;
$ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]);
$groups = $ldapAdvanced->searchGroups();
$nodes = lookForChildrenGroups();
die($json->encode($nodes));
break;
case "saveGroups":
$groupsToCheck = explode("|", $_REQUEST["groupsDN"]);
$groupsToCheck = array_map("urldecode", $groupsToCheck);
$groupsToUncheck = getGroupsToUncheck($groupsToCheck);
$RBAC =& RBAC::getSingleton();
$authenticationSource = $RBAC->authSourcesObj->load($_REQUEST["authUid"]);
$ldapAdvanced = getLDAPAdvanceInstance($_REQUEST["authUid"]);
foreach ($groupsToCheck as $groupDN) {
//$baseDN = str_replace($authenticationSource["AUTH_SOURCE_BASE_DN"], "", $groupDN);
$ous = custom_ldap_explode_dn($groupDN);
$currentGroup = array_shift($ous);
//$parentDN = implode(",", $ous);
//$ous = custom_ldap_explode_dn($baseDN);
//$currentGroup = array_shift($ous);
foreach ($ous as $key => $val) {
$aux = explode("=", $val);
if (isset($aux[0]) && strtolower(trim($aux[0]) != "ou")) {
unset($ous[$key]);
}
}
$groupAux = explode("=", $currentGroup);
$groupTitle = isset($groupAux[1]) ? trim($groupAux[1]) : "";
$groupUID = $ldapAdvanced->getGrpUidIfExistsDN($groupDN);
if ($groupUID == "") {
$group = new Groupwf();
$row["GRP_TITLE"] = stripslashes($groupTitle);
$row["GRP_LDAP_DN"] = $groupDN;
$groupUID = $group->create($row);
if ($groupUID == false) {
$response = new stdclass();
$response->status = "ERROR";
$response->message = "Error creating group";
die($json->encode($response));
}
}
}
if (count($groupsToUncheck) > 0) {
foreach ($groupsToUncheck as $groupDN) {
$groupUID = $ldapAdvanced->getGrpUidIfExistsDN($groupDN);
if ($groupUID != "") {
$group = new Groupwf();
$groupInfo = $group->Load($groupUID);
$groupInfo["GRP_LDAP_DN"] = "";
$group->update($groupInfo);
if (!isset($authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"])) {
$authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"] = array();
}
$authenticationSource["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"][] = $groupUID;
}
}
$RBAC->authSourcesObj->update($authenticationSource);
}
$response = new stdclass();
$response->status = "OK";
die($json->encode($response));
break;
}
} catch (Exception $error) {
$response = new stdclass();
$response->status = "ERROR";
$response->message = $error->getMessage();
die($json->encode($response));
}
function getLDAPAdvanceInstance($authUid)
{
$RBAC = &RBAC::getSingleton();
$ldapAdvanced = new ldapAdvanced();
$ldapAdvanced->sAuthSource = $authUid;
$ldapAdvanced->sSystem = $RBAC->sSystem;
return $ldapAdvanced;
}
function getDepartments($parent)
{
global $departments;
global $terminatedOu;
global $baseDN;
$parentDepartments = $departments;
$childDepartments = $departments;
$currentDepartments = array();
foreach ($parentDepartments as $key => $val) {
if (strtolower($val["dn"]) != strtolower($parent)) {
if ((strtolower($val["parent"]) == strtolower($parent)) && (strtolower($val["ou"]) != strtolower($terminatedOu))) {
$node = array();
$node["DEP_UID"] = $val["ou"];
$node["DEP_TITLE"] = $val["ou"];
$node["DEP_USERS"] = $val["users"];
$node["DEP_DN"] = $val["dn"];
$node["HAS_CHILDREN"] = false;
$departments[$key]["hasChildren"] = false;
foreach ($childDepartments as $key2 => $val2) {
if (strtolower($val2["parent"]) == strtolower($val["dn"])) {
$node["HAS_CHILDREN"] = true;
$departments[$key]["hasChildren"] = true;
break;
}
}
$node["DEP_LAST"] = false;
$currentDepartments[] = $node;
}
}
}
if (isset($currentDepartments[count($currentDepartments) - 1])) {
$currentDepartments[count($currentDepartments) - 1]["DEP_LAST"] = true;
}
return $currentDepartments;
}
function lookForChildrenDeps($parent)
{
global $ldapAdvanced;
global $departments;
$allDepartments = getDepartments($parent);
$departmentsObjects = array();
$arrayDepartmentNumberOfUsersFromDb = $ldapAdvanced->departmentsGetNumberOfUsersFromDb();
foreach ($allDepartments as $department) {
$departmentObject = new treeNode();
$departmentObject->text = htmlentities($department["DEP_TITLE"], ENT_QUOTES, "UTF-8");
$departmentUid = $ldapAdvanced->getDepUidIfExistsDN($department["DEP_DN"]);
if ($departmentUid != "") {
$departmentObject->text .= " (" . ((isset($arrayDepartmentNumberOfUsersFromDb[$departmentUid]))? $arrayDepartmentNumberOfUsersFromDb[$departmentUid] : 0) . ")";
$departmentObject->checked = true;
} else {
$departmentObject->checked = false;
}
if ($department["HAS_CHILDREN"] == 1) {
$departmentObject->children = lookForChildrenDeps($department["DEP_DN"]);
}
$departmentObject->id = urlencode($department["DEP_DN"]);
$departmentsObjects[] = $departmentObject;
}
return $departmentsObjects;
}
function getDepartmentsWithDN()
{
$arrayDepartmentLdapDn = array();
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(DepartmentPeer::DEP_LDAP_DN);
$criteria->add(DepartmentPeer::DEP_LDAP_DN, "", Criteria::NOT_EQUAL);
$criteria->add(DepartmentPeer::DEP_LDAP_DN, null, Criteria::ISNOTNULL);
$rsCriteria = DepartmentPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC);
while ($rsCriteria->next()) {
$row = $rsCriteria->getRow();
$arrayDepartmentLdapDn[] = $row;
}
return $arrayDepartmentLdapDn;
}
function getDepartmentsToUncheck($depsToCheck)
{
$departmentsWithDN = getDepartmentsWithDN();
$depsToUncheck = array();
foreach ($departmentsWithDN as $departmentWithDN) {
$found = false;
foreach ($depsToCheck as $depToCheck) {
if ($departmentWithDN["DEP_LDAP_DN"] == $depToCheck) {
$found = true;
}
}
if (!$found) {
$depsToUncheck[] = $departmentWithDN["DEP_LDAP_DN"];
}
}
return $depsToUncheck;
}
function getGroups()
{
global $groups;
$currentGroups = array();
foreach ($groups as $key => $val) {
$node = array();
$node["GRP_UID"] = $val["cn"];
$node["GRP_TITLE"] = $val["cn"];
$node["GRP_USERS"] = $val["users"];
$node["GRP_DN"] = $val["dn"];
$currentGroups[] = $node;
}
return $currentGroups;
}
function lookForChildrenGroups()
{
global $ldapAdvanced;
global $groups;
$allGroups = getGroups();
$groupsObjects = array();
$arrayGroupNumberOfUsersFromDb = $ldapAdvanced->groupsGetNumberOfUsersFromDb();
foreach ($allGroups as $group) {
$groupObject = new treeNode();
$groupObject->text = htmlentities($group["GRP_TITLE"], ENT_QUOTES, "UTF-8");
$groupUid = $ldapAdvanced->getGrpUidIfExistsDN($group["GRP_DN"]);
if ($groupUid != "") {
$groupObject->text .= " (" . ((isset($arrayGroupNumberOfUsersFromDb[$groupUid]))? $arrayGroupNumberOfUsersFromDb[$groupUid] : 0) . ")";
$groupObject->checked = true;
} else {
$groupObject->checked = false;
}
$groupObject->id = urlencode($group["GRP_DN"]);
$groupsObjects[] = $groupObject;
}
return $groupsObjects;
}
function getGroupsWithDN()
{
$groupInstance = new Groupwf();
$allGroups = $groupInstance->getAll()->data;
$groupsWithDN = array();
foreach ($allGroups as $group) {
if ($group["GRP_LDAP_DN"] != "") {
$groupsWithDN[] = $group;
}
}
return $groupsWithDN;
}
function getGroupsToUncheck($groupsToCheck)
{
$groupsWithDN = getGroupsWithDN();
$groupsToUncheck = array();
foreach ($groupsWithDN as $groupWithDN) {
$found = false;
foreach ($groupsToCheck as $groupToCheck) {
if ($groupWithDN["GRP_LDAP_DN"] == $groupToCheck) {
$found = true;
}
}
if (!$found) {
$groupsToUncheck[] = $groupWithDN["GRP_LDAP_DN"];
}
}
return $groupsToUncheck;
}
function custom_ldap_explode_dn($dn)
{
$result = ldap_explode_dn($dn, 0);
unset($result["count"]);
foreach ($result as $key => $value) {
$result[$key] = addcslashes(preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $value), '<>,"');
}
return($result);
}

3
workflow/engine/methods/authSources/authSources_List.php
View File

@@ -33,7 +33,6 @@ G::LoadClass( 'configuration' );
$c = new Configurations(); $c = new Configurations();
$configPage = $c->getConfiguration( 'authSourcesList', 'pageSize', '', $_SESSION['USER_LOGGED'] ); $configPage = $c->getConfiguration( 'authSourcesList', 'pageSize', '', $_SESSION['USER_LOGGED'] );
$Config['pageSize'] = isset( $configPage['pageSize'] ) ? $configPage['pageSize'] : 20; $Config['pageSize'] = isset( $configPage['pageSize'] ) ? $configPage['pageSize'] : 20;
G::pr($Config);
$G_MAIN_MENU = 'processmaker'; $G_MAIN_MENU = 'processmaker';
$G_SUB_MENU = 'users'; $G_SUB_MENU = 'users';
$G_ID_MENU_SELECTED = 'USERS'; $G_ID_MENU_SELECTED = 'USERS';
@@ -43,7 +42,7 @@ $G_PUBLISH = new Publisher();
$oHeadPublisher = & headPublisher::getSingleton(); $oHeadPublisher = & headPublisher::getSingleton();
$oHeadPublisher->addExtJsScript( 'authSources/authSourcesList', false ); //adding a javascript file .js $oHeadPublisher->addExtJsScript( 'authSources/authSourcesList', false ); //adding a javascript file .js
$oHeadPublisher->addExtJsScript (PATH_TPL. 'ldapAdvanced/authSourcesList', false ); //adding a javascript file .js $oHeadPublisher->addExtJsScript( 'authSources/authSourcesListSyn', false ); //adding a javascript file .js
$oHeadPublisher->addContent( 'authSources/authSourcesList' ); //adding a html file .html. $oHeadPublisher->addContent( 'authSources/authSourcesList' ); //adding a html file .html.
$oHeadPublisher->assign( 'FORMATS', $c->getFormats() ); $oHeadPublisher->assign( 'FORMATS', $c->getFormats() );
$oHeadPublisher->assign( 'CONFIG', $Config ); $oHeadPublisher->assign( 'CONFIG', $Config );

2
workflow/engine/methods/authSources/authSources_SelectType.php
View File

@@ -34,13 +34,11 @@ $G_ID_MENU_SELECTED = 'USERS';
$G_ID_SUB_MENU_SELECTED = 'AUTH_SOURCES'; $G_ID_SUB_MENU_SELECTED = 'AUTH_SOURCES';
$aAuthSourceTypes = array (array ('sType' => 'char','sLabel' => 'char')); $aAuthSourceTypes = array (array ('sType' => 'char','sLabel' => 'char'));
error_log(PATH_RBAC . 'plugins' . PATH_SEP);
$oDirectory = dir( PATH_RBAC . 'plugins' . PATH_SEP ); $oDirectory = dir( PATH_RBAC . 'plugins' . PATH_SEP );
while ($sObject = $oDirectory->read()) { while ($sObject = $oDirectory->read()) {
if (($sObject != '.') && ($sObject != '..') && ($sObject != '.svn') && ($sObject != 'ldap')) { if (($sObject != '.') && ($sObject != '..') && ($sObject != '.svn') && ($sObject != 'ldap')) {
if (is_file( PATH_RBAC . 'plugins' . PATH_SEP . $sObject )) { if (is_file( PATH_RBAC . 'plugins' . PATH_SEP . $sObject )) {
$sType = trim( str_replace( 'class.', '', str_replace( '.php', '', $sObject ) ) ); $sType = trim( str_replace( 'class.', '', str_replace( '.php', '', $sObject ) ) );
error_log($sType);
$aAuthSourceTypes[] = array ('sType' => $sType,'sLabel' => $sType ); $aAuthSourceTypes[] = array ('sType' => $sType,'sLabel' => $sType );
} }
} }

4
workflow/engine/templates/ldapAdvanced/authSourcesList.js → workflow/engine/templates/authSources/authSourcesListSyn.js Executable file → Normal file
View File

@@ -15,14 +15,14 @@ var synchronizeGroupsLDAPADV = function() {
}; };
var synchronizeDepartmentsButtonLDAPADV = new Ext.Action({ var synchronizeDepartmentsButtonLDAPADV = new Ext.Action({
text: 'Synchronize Departmentssss', text: 'Synchronize Departments',
iconCls: 'ICON_DEPARTAMENTS', iconCls: 'ICON_DEPARTAMENTS',
disabled: true, disabled: true,
handler: synchronizeDepartmentsLDAPADV handler: synchronizeDepartmentsLDAPADV
}); });
var synchronizeGroupsButtonLDAPADV = new Ext.Action({ var synchronizeGroupsButtonLDAPADV = new Ext.Action({
text: 'Synchronize Groupssss', text: 'Synchronize Groups',
iconCls: 'ICON_GROUPS', iconCls: 'ICON_GROUPS',
disabled: true, disabled: true,
handler: synchronizeGroupsLDAPADV handler: synchronizeGroupsLDAPADV

0
workflow/engine/templates/ldapAdvanced/authSourcesSynchronize.html → workflow/engine/templates/authSources/authSourcesSynchronize.html
View File

0
workflow/engine/templates/ldapAdvanced/authSourcesSynchronize.js → workflow/engine/templates/authSources/authSourcesSynchronize.js
View File