fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PM-1060: Second migration ldapAdvanced

Browse Source
This commit is contained in:
Paula V. Quispe
2015-06-11 11:08:56 -04:00
parent 4d011b4174
commit 952a7f5d31
7 changed files with 643 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
workflow/engine/methods/authSources/authSources_Edit.php
View File

@@ -83,17 +83,8 @@ if ($fields['AUTH_SOURCE_PROVIDER'] == 'ldap') {
$oHeadPublisher->assign( 'sUID', $_GET['sUID'] );
G::RenderPage( 'publish', 'extJs' );
} else {
if (file_exists( PATH_PLUGINS . $fields['AUTH_SOURCE_PROVIDER'] . PATH_SEP . $fields['AUTH_SOURCE_PROVIDER'] . 'Edit.xml' )) {
$pluginEnabled = 0;
if (file_exists(PATH_PLUGINS . $fields["AUTH_SOURCE_PROVIDER"] . ".php")) {
$pluginRegistry = &PMPluginRegistry::getSingleton();
$pluginDetail = $pluginRegistry->getPluginDetails($fields["AUTH_SOURCE_PROVIDER"] . ".php");
if ($pluginDetail && $pluginDetail->enabled) {
$pluginEnabled = 1;
}
}
if (file_exists( PATH_XMLFORM . 'ldapAdvanced/' . $fields['AUTH_SOURCE_PROVIDER'] . 'Edit.xml' )) {
$pluginEnabled = 1;
if ($pluginEnabled == 1) {
//The attributes the users
@@ -110,17 +101,17 @@ if ($fields['AUTH_SOURCE_PROVIDER'] == 'ldap') {
}
$fields["AUTH_SOURCE_ATTRIBUTE_IDS"] = $attributes;
if (file_exists(PATH_PLUGINS . $fields["AUTH_SOURCE_PROVIDER"] . PATH_SEP . $fields["AUTH_SOURCE_PROVIDER"] . 'Flag')) {
if (file_exists(PATH_XMLFORM . 'ldapAdvanced/' . $fields['AUTH_SOURCE_PROVIDER'] . 'Flag')) {
$oHeadPublisher = & headPublisher::getSingleton ();
$oHeadPublisher->assign("Fields", $fields);
$oHeadPublisher->addExtJsScript (PATH_PLUGINS . $fields["AUTH_SOURCE_PROVIDER"] . PATH_SEP . 'js' . PATH_SEP . 'library', false, true );
$oHeadPublisher->addExtJsScript (PATH_PLUGINS . $fields["AUTH_SOURCE_PROVIDER"] . PATH_SEP . 'js' . PATH_SEP . 'ldapAdvancedForm', false, true );
$oHeadPublisher->addExtJsScript (PATH_PLUGINS . $fields["AUTH_SOURCE_PROVIDER"] . PATH_SEP . 'js' . PATH_SEP . 'ldapAdvancedList', false, true );
$oHeadPublisher->addExtJsScript (PATH_TPL. 'ldapAdvanced/library.js', false, true );
$oHeadPublisher->addExtJsScript (PATH_TPL. 'ldapAdvanced/ldapAdvancedForm', false, true );
$oHeadPublisher->addExtJsScript (PATH_TPL. 'ldapAdvanced/ldapAdvancedList', false, true );
G::RenderPage ('publish', 'extJs');
die();
}
$G_PUBLISH->AddContent("xmlform", "xmlform", $fields["AUTH_SOURCE_PROVIDER"] . PATH_SEP . $fields["AUTH_SOURCE_PROVIDER"] . "Edit", "", $fields, "../authSources/authSources_Save");
$G_PUBLISH->AddContent("xmlform", "xmlform", 'ldapAdvanced/' . $fields['AUTH_SOURCE_PROVIDER'] . 'Edit', '', $fields, '../authSources/authSources_Save');
} else {
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'login/showMessage', '', array ('MESSAGE' => G::LoadTranslation( 'ID_AUTH_SOURCE_MISSING' )
) );

348
workflow/engine/methods/authSources/ldapAdvancedProxy.php Executable file
View File

@@ -0,0 +1,348 @@
<?php
$function = $_REQUEST['functionAccion'];
switch ($function) {
case "ldapVerifyIfExistsRecordsInDb":
$response = array();
try {
$authenticationSourceUid = $_POST["authenticationSourceUid"];
$arrayAuthenticationSourceData = $RBAC->getAuthSource($authenticationSourceUid);
$flagUser = false;
$flagDepartment = false;
$flagGroup = false;
//Users
$criteria = new Criteria("rbac");
$criteria->addSelectColumn(RbacUsersPeer::USR_UID);
$criteria->add(RbacUsersPeer::USR_AUTH_USER_DN, "%" . $arrayAuthenticationSourceData["AUTH_SOURCE_BASE_DN"], Criteria::LIKE);
$criteria->setOffset(0); //Start
$criteria->setLimit(1); //Limit
$rsCriteria = RbacUsersPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC);
if ($rsCriteria->next()) {
$flagUser = true;
}
//Departments
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(DepartmentPeer::DEP_UID);
$criteria->add(DepartmentPeer::DEP_LDAP_DN, "%" . $arrayAuthenticationSourceData["AUTH_SOURCE_BASE_DN"], Criteria::LIKE);
$criteria->setOffset(0); //Start
$criteria->setLimit(1); //Limit
$rsCriteria = DepartmentPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC);
if ($rsCriteria->next()) {
$flagDepartment = true;
}
//Groups
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(GroupwfPeer::GRP_UID);
$criteria->add(GroupwfPeer::GRP_LDAP_DN, "%" . $arrayAuthenticationSourceData["AUTH_SOURCE_BASE_DN"], Criteria::LIKE);
$criteria->setOffset(0); //Start
$criteria->setLimit(1); //Limit
$rsCriteria = GroupwfPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC);
if ($rsCriteria->next()) {
$flagGroup = true;
}
//Response
$response["status"] = "OK";
$response["existsRecords"] = ($flagUser || $flagDepartment || $flagGroup)? 1 : 0;
} catch (Exception $e) {
//Response
$response["status"] = "ERROR";
$response["message"] = $e->getMessage();
}
echo G::json_encode($response);
break;
case 'ldapGrid':
$data = array();
switch ($_REQUEST['tipo']) {
case 'crear':
$data = array('ID' => G::generateUniqueID());
break;
case 'read':
if (isset($_REQUEST['data']) && $_REQUEST['data'] != '') {
$dataValue = G::json_decode($_REQUEST['data']);
$data = array();
foreach ($dataValue as $value) {
$data[] = array(
'ID' => G::generateUniqueID(),
'ATTRIBUTE_LDAP' => $value->attributeLdap,
'ATTRIBUTE_USER' => $value->attributeUser
);
}
}
break;
default:
break;
}
echo G::json_encode(array('success'=> true, 'data' => $data, 'message'=>'Created Quote', 'total' => count($data)));
break;
case 'ldapSave':
if (isset($_POST['AUTH_SOURCE_SHOWGRID-checkbox'])) {
if ($_POST['AUTH_SOURCE_SHOWGRID-checkbox'] == 'on') {
$_POST['AUTH_SOURCE_SHOWGRID'] = 'on';
$attributes = G::json_decode($_POST['AUTH_SOURCE_GRID_TEXT']);
$con = 1;
foreach ($attributes as $value) {
$_POST['AUTH_SOURCE_GRID_ATTRIBUTE'][$con] = (array)$value;
$con++;
}
}
unset($_POST['AUTH_SOURCE_SHOWGRID-checkbox']);
}
if ($_POST['AUTH_ANONYMOUS'] == '1') {
$_POST['AUTH_SOURCE_SEARCH_USER'] = '';
$_POST['AUTH_SOURCE_PASSWORD'] = '';
}
if (isset($_POST['AUTH_SOURCE_GRID_TEXT'])) {
unset($_POST['AUTH_SOURCE_GRID_TEXT']);
}
if (isset($_POST['DELETE1'])) {
unset($_POST['DELETE1']);
}
if (isset($_POST['DELETE2'])) {
unset($_POST['DELETE2']);
}
if (isset($_POST['AUTH_SOURCE_ATTRIBUTE_IDS'])) {
unset($_POST['AUTH_SOURCE_ATTRIBUTE_IDS']);
}
if (isset($_POST['AUTH_SOURCE_SHOWGRID_FLAG'])) {
unset($_POST['AUTH_SOURCE_SHOWGRID_FLAG']);
}
if (isset($_POST['AUTH_SOURCE_GRID_TEXT'])) {
unset($_POST['AUTH_SOURCE_GRID_TEXT']);
}
$aCommonFields = array ('AUTH_SOURCE_UID','AUTH_SOURCE_NAME','AUTH_SOURCE_PROVIDER','AUTH_SOURCE_SERVER_NAME','AUTH_SOURCE_PORT','AUTH_SOURCE_ENABLED_TLS','AUTH_ANONYMOUS','AUTH_SOURCE_SEARCH_USER','AUTH_SOURCE_PASSWORD','AUTH_SOURCE_VERSION','AUTH_SOURCE_BASE_DN','AUTH_SOURCE_OBJECT_CLASSES','AUTH_SOURCE_ATTRIBUTES');
$aFields = $aData = array ();
foreach ($_POST as $sField => $sValue) {
if (in_array( $sField, $aCommonFields )) {
$aFields[$sField] = $sValue;
} else {
$aData[$sField] = $sValue;
}
}
if (!isset($aData['AUTH_SOURCE_SHOWGRID']) || $aData['AUTH_SOURCE_SHOWGRID'] == 'off') {
unset($aData['AUTH_SOURCE_GRID_ATTRIBUTE']);
unset($aData['AUTH_SOURCE_SHOWGRID']);
}
$aFields['AUTH_SOURCE_DATA'] = $aData;
if ($aFields['AUTH_SOURCE_UID'] == '') {
$RBAC->createAuthSource( $aFields );
} else {
$RBAC->updateAuthSource( $aFields );
}
echo G::json_encode(array('success'=> true));
break;
case "searchUsers":
$response = array();
try {
$pageSize = $_POST["pageSize"];
$authenticationSourceUid = $_POST["sUID"];
$keyword = $_POST["sKeyword"];
$start = (isset($_POST["start"]))? $_POST["start"]: 0;
$limit = (isset($_POST["limit"]))? $_POST["limit"]: $pageSize;
//Get Users from Database
$arrayUser = array();
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(UsersPeer::USR_USERNAME);
$criteria->add(UsersPeer::USR_STATUS, "CLOSED", Criteria::NOT_EQUAL);
$rsCriteria = UsersPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC);
while ($rsCriteria->next()) {
$row = $rsCriteria->getRow();
$arrayUser[$row["USR_USERNAME"]] = 1;
}
//Get data
$arrayData = array();
$ldapAdvanced = new ldapAdvanced();
$ldapAdvanced->sAuthSource = $authenticationSourceUid;
$result = $ldapAdvanced->searchUsers($keyword, $start, $limit);
foreach ($result["data"] as $value) {
$arrayUserData = $value;
if (!isset($arrayUser[$arrayUserData["sUsername"]])) {
$arrayUserData["STATUS"] = "NOT IMPORTED";
$arrayUserData["IMPORT"] = 1;
} else {
$arrayUserData["STATUS"] = "IMPORTED";
$arrayUserData["IMPORT"] = 0;
}
$arrayData[] = $arrayUserData;
}
//Response
$response["status"] = "OK";
$response["success"] = true;
$response["resultTotal"] = $result["numRecTotal"];
$response["resultRoot"] = $arrayData;
} catch (Exception $e) {
//Response
$response["status"] = "ERROR";
$response["message"] = $e->getMessage();
}
echo G::json_encode($response);
break;
case 'importUsers':
$usersImport = $_REQUEST['UsersImport'];
$authSourceUid = $_REQUEST['AUTH_SOURCE_UID'];
$aUsers = G::json_decode($usersImport);
global $RBAC;
$aFields = $RBAC->getAuthSource( $authSourceUid );
$aAttributes = array();
if (isset($aFields['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE'])) {
$aAttributes = $aFields['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE'];
}
$usersCreated = '';
$countUsers = 0;
//$usersImport
foreach ($aUsers as $sUser) {
$aUser = (array)$sUser;
$matches = array();
$aData = array();
$aData['USR_USERNAME'] = str_replace( "*", "'", $aUser['sUsername'] );
$aData["USR_PASSWORD"] = "00000000000000000000000000000000";
// note added by gustavo gustavo-at-colosa.com
// asign the FirstName and LastName variables
// add replace to change D*Souza to D'Souza by krlos
$aData['USR_FIRSTNAME'] = str_replace( "*", "'", $aUser['sFirstname'] );
$aData['USR_LASTNAME'] = str_replace( "*", "'", $aUser['sLastname'] );
$aData['USR_EMAIL'] = $aUser['sEmail'];
$aData['USR_DUE_DATE'] = date( 'Y-m-d', mktime( 0, 0, 0, date( 'm' ), date( 'd' ), date( 'Y' ) + 2 ) );
$aData['USR_CREATE_DATE'] = date( 'Y-m-d H:i:s' );
$aData['USR_UPDATE_DATE'] = date( 'Y-m-d H:i:s' );
$aData['USR_BIRTHDAY'] = date( 'Y-m-d' );
$aData['USR_STATUS'] = (isset($aUser['USR_STATUS'])) ? (($aUser['USR_STATUS'] == 'ACTIVE') ? 1 : 0) : 1;
$aData['USR_AUTH_TYPE'] = strtolower( $aFields['AUTH_SOURCE_PROVIDER'] );
$aData['UID_AUTH_SOURCE'] = $aFields['AUTH_SOURCE_UID'];
// validating with regexp if there are some missing * inside the DN string
// if it's so the is changed to the ' character
preg_match( '/[a-zA-Z]\*[a-zA-Z]/', $aUser['sDN'], $matches );
foreach ($matches as $key => $match) {
$newMatch = str_replace( '*', '\'', $match );
$aUser['sDN'] = str_replace( $match, $newMatch, $aUser['sDN'] );
}
$aData['USR_AUTH_USER_DN'] = $aUser['sDN'];
try {
$sUserUID = $RBAC->createUser( $aData, 'PROCESSMAKER_OPERATOR', $aFields['AUTH_SOURCE_NAME']);
$usersCreated .= $aData['USR_USERNAME'].' ';
$countUsers ++;
} catch (Exception $oError) {
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'login/showMessage', '', array ('MESSAGE' => $oError->getMessage()) );
G::RenderPage("publish", "blank");
die();
}
$aData['USR_STATUS'] = (isset($aUser['USR_STATUS'])) ? $aUser['USR_STATUS'] :'ACTIVE';
$aData['USR_UID'] = $sUserUID;
$aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR';
G::LoadClass("calendar");
$calendarObj = new Calendar();
$calendarObj->assignCalendarTo($sUserUID, '00000000000000000000000000000001', 'USER');
if (count($aAttributes)) {
foreach ($aAttributes as $value) {
if (isset($aUser[$value['attributeUser']])) {
$aData[$value['attributeUser']] = str_replace( "*", "'", $aUser[$value['attributeUser']] );
if ($value['attributeUser'] == 'USR_STATUS') {
$evalValue = $aData[$value['attributeUser']];
$statusValue = $aData['USR_STATUS'];
$aData[$value['attributeUser']] = $statusValue;
}
}
}
}
require_once 'classes/model/Users.php';
$oUser = new Users();
$oUser->create( $aData );
}
$sClassName = strtolower($aFields['AUTH_SOURCE_PROVIDER']);
$plugin = new $sClassName();
$aAuthSource = $RBAC->authSourcesObj->load($authSourceUid);
if (is_null($plugin->ldapcnn)) {
$plugin->ldapcnn = $plugin->ldapConnection($aAuthSource);
}
$ldapcnn = $plugin->ldapcnn;
$plugin->log($ldapcnn, "Users imported $countUsers: " . $usersCreated);
echo G::json_encode(array('success'=> true));
break;
case "ldapTestConnection":
$response = array();
try {
if ($_POST["AUTH_ANONYMOUS"] == "1") {
$_POST["AUTH_SOURCE_SEARCH_USER"] = "";
$_POST["AUTH_SOURCE_PASSWORD"] = "";
}
$arrayAuthenticationSourceData = $_POST;
//Test connection
$ldapAdvanced = new ldapAdvanced();
$ldapcnn = $ldapAdvanced->ldapConnection($arrayAuthenticationSourceData);
//Response
$response["status"] = "OK";
} catch (Exception $e) {
//Response
$response["status"] = "ERROR";
$response["message"] = $e->getMessage();
}
echo G::json_encode($response);
break;
default:
break;
}