TASK-229 Validate all Endpoints for delete Old Ajax files
This commit is contained in:
Brayan Pereyra
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
|
||||
use ProcessMaker\Model\RbacAuthenticationSource;
|
||||
use Illuminate\Support\Facades\Cache;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Support\Facades\Log;
|
||||
@@ -15,6 +15,8 @@ use ProcessMaker\Model\Groupwf;
|
||||
class LdapSource
|
||||
{
|
||||
public $authSourceUid;
|
||||
public $ldapcnn = null;
|
||||
public $terminatedOu;
|
||||
|
||||
private $arrayObjectClassFilter = [
|
||||
"user" => "|(objectclass=inetorgperson)(objectclass=organizationalperson)(objectclass=person)(objectclass=user)",
|
||||
@@ -76,6 +78,225 @@ class LdapSource
|
||||
return ['connection' =>$ldapcnn, 'startTLS' => $resultLDAPStartTLS];
|
||||
}
|
||||
|
||||
public function searchGroups() {
|
||||
try {
|
||||
$arrayGroup = [];
|
||||
|
||||
$rbac = RBAC::getSingleton();
|
||||
|
||||
if (is_null($rbac->authSourcesObj)) {
|
||||
$rbac->authSourcesObj = new AuthenticationSource();
|
||||
}
|
||||
|
||||
$arrayAuthenticationSourceData = $rbac->authSourcesObj->load($this->authSourceUid);
|
||||
|
||||
if (is_null($this->ldapcnn)) {
|
||||
$ldapcnn = $this->ldapConnection($arrayAuthenticationSourceData);
|
||||
$this->ldapcnn = $ldapcnn['connection'];
|
||||
}
|
||||
|
||||
$ldapcnn = $this->ldapcnn;
|
||||
// Get Groups
|
||||
$limit = $this->getPageSizeLimitByData($arrayAuthenticationSourceData);
|
||||
$flagError = false;
|
||||
$filter = '(' . $this->arrayObjectClassFilter['group'] . ')';
|
||||
$this->log($ldapcnn, 'search groups with Filter: ' . $filter);
|
||||
|
||||
$cookie = '';
|
||||
do {
|
||||
$searchResult = @ldap_search(
|
||||
$ldapcnn,
|
||||
$arrayAuthenticationSourceData['AUTH_SOURCE_BASE_DN'],
|
||||
$filter,
|
||||
['dn', 'cn'],
|
||||
0,
|
||||
-1,
|
||||
-1,
|
||||
LDAP_DEREF_NEVER,
|
||||
[['oid' => LDAP_CONTROL_PAGEDRESULTS, 'value' => ['size' => $limit, 'cookie' => $cookie]]]
|
||||
);
|
||||
ldap_parse_result($ldapcnn, $searchResult, $errcode, $matcheddn, $errmsg, $referrals, $controls);
|
||||
$this->stdLog($ldapcnn, "ldap_search", ["filter" => $filter, "attributes" => ['dn', 'cn']]);
|
||||
|
||||
$context = [
|
||||
"baseDN" => $arrayAuthenticationSourceData['AUTH_SOURCE_BASE_DN'],
|
||||
"filter" => $filter,
|
||||
"attributes" => ['dn', 'cn']
|
||||
];
|
||||
$this->stdLog($ldapcnn, "ldap_search", $context);
|
||||
|
||||
if ($error = ldap_errno($ldapcnn)) {
|
||||
$this->log($ldapcnn, 'Error in Search');
|
||||
|
||||
$flagError = true;
|
||||
} else {
|
||||
if ($searchResult) {
|
||||
//Get groups from the ldap entries
|
||||
$countEntries = ldap_count_entries($ldapcnn, $searchResult);
|
||||
$this->stdLog($ldapcnn, "ldap_count_entries");
|
||||
|
||||
if ($countEntries > 0) {
|
||||
$entry = ldap_first_entry($ldapcnn, $searchResult);
|
||||
$this->stdLog($ldapcnn, "ldap_first_entry");
|
||||
|
||||
do {
|
||||
$arrayEntryData = $this->ldapGetAttributes($ldapcnn, $entry);
|
||||
|
||||
if (isset($arrayEntryData['cn']) && !is_array($arrayEntryData['cn'])) {
|
||||
$arrayGroup[] = [
|
||||
'dn' => $arrayEntryData['dn'],
|
||||
'cn' => trim($arrayEntryData['cn']),
|
||||
'users' => 0,
|
||||
];
|
||||
}
|
||||
} while ($entry = ldap_next_entry($ldapcnn, $entry));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!$flagError) {
|
||||
if (isset($controls[LDAP_CONTROL_PAGEDRESULTS]['value']['cookie'])) {
|
||||
// You need to pass the cookie from the last call to the next one
|
||||
$cookie = $controls[LDAP_CONTROL_PAGEDRESULTS]['value']['cookie'];
|
||||
} else {
|
||||
$cookie = '';
|
||||
}
|
||||
}
|
||||
// Empty cookie means last page
|
||||
} while (!empty($cookie) && !$flagError);
|
||||
|
||||
$str = '';
|
||||
|
||||
foreach ($arrayGroup as $group) {
|
||||
$str .= ' ' . $group['cn'];
|
||||
}
|
||||
|
||||
$this->log($ldapcnn, 'found ' . count($arrayGroup) . ' groups: ' . $str);
|
||||
|
||||
return $arrayGroup;
|
||||
} catch (Exception $e) {
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
public function searchDepartments() {
|
||||
try {
|
||||
$arrayDepartment = [];
|
||||
|
||||
$filters = ['conditions' => ['AUTH_SOURCE_UID'=> $this->authSourceUid]];
|
||||
$rbacAuthenticationSource = new RbacAuthenticationSource();
|
||||
$authSourceReturn = $rbacAuthenticationSource->show($filters);
|
||||
$authenticationSourceData = $authSourceReturn['data'][0];
|
||||
|
||||
if (is_null($this->ldapcnn)) {
|
||||
$ldapcnn = $this->ldapConnection($authenticationSourceData);
|
||||
$this->ldapcnn = $ldapcnn['connection'];
|
||||
}
|
||||
$this->terminatedOu = $attributes['AUTH_SOURCE_RETIRED_OU'] ?? '';
|
||||
$ldapcnn = $this->ldapcnn;
|
||||
|
||||
//Get Departments
|
||||
$limit = $this->getPageSizeLimitByData($authenticationSourceData);
|
||||
$flagError = false;
|
||||
$filter = '(' . $this->arrayObjectClassFilter['department'] . ')';
|
||||
$this->log($ldapcnn, 'search Departments with Filter: ' . $filter);
|
||||
$unitsBase = $this->custom_ldap_explode_dn($authenticationSourceData['AUTH_SOURCE_BASE_DN']);
|
||||
|
||||
$cookie = '';
|
||||
do {
|
||||
$searchResult = @ldap_search(
|
||||
$ldapcnn,
|
||||
$authenticationSourceData['AUTH_SOURCE_BASE_DN'],
|
||||
$filter,
|
||||
['dn', 'ou'],
|
||||
0,
|
||||
-1,
|
||||
-1,
|
||||
LDAP_DEREF_NEVER,
|
||||
[['oid' => LDAP_CONTROL_PAGEDRESULTS, 'value' => ['size' => $limit, 'cookie' => $cookie]]]
|
||||
);
|
||||
ldap_parse_result($ldapcnn, $searchResult, $errcode, $matcheddn, $errmsg, $referrals, $controls);
|
||||
$this->stdLog($ldapcnn, "ldap_search", ["filter" => $filter, "attributes" => ['dn', 'ou']]);
|
||||
|
||||
$context = [
|
||||
"baseDN" => $authenticationSourceData['AUTH_SOURCE_BASE_DN'],
|
||||
"filter" => $filter,
|
||||
"attributes" => ['dn', 'ou']
|
||||
];
|
||||
$this->stdLog($ldapcnn, "ldap_search", $context);
|
||||
|
||||
if ($error = ldap_errno($ldapcnn)) {
|
||||
$this->log($ldapcnn, 'Error in Search');
|
||||
|
||||
$flagError = true;
|
||||
} else {
|
||||
if ($searchResult) {
|
||||
//The first node is root
|
||||
if (empty($arrayDepartment)) {
|
||||
$arrayDepartment[] = [
|
||||
'dn' => $authenticationSourceData['AUTH_SOURCE_BASE_DN'],
|
||||
'parent' => '',
|
||||
'ou' => 'ROOT',
|
||||
'users' => 0
|
||||
];
|
||||
}
|
||||
|
||||
//Get departments from the ldap entries
|
||||
if (ldap_count_entries($ldapcnn, $searchResult) > 0) {
|
||||
$this->stdLog($ldapcnn, "ldap_count_entries");
|
||||
$entry = ldap_first_entry($ldapcnn, $searchResult);
|
||||
$this->stdLog($ldapcnn, "ldap_first_entry", $context);
|
||||
|
||||
do {
|
||||
$arrayEntryData = $this->ldapGetAttributes($ldapcnn, $entry);
|
||||
$unitsEqual = $this->custom_ldap_explode_dn($arrayEntryData['dn']);
|
||||
|
||||
if (count($unitsEqual) == 1 && $unitsEqual[0] == '') {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (count($unitsEqual) > count($unitsBase)) {
|
||||
unset($unitsEqual[0]);
|
||||
}
|
||||
|
||||
if (isset($arrayEntryData['ou']) && !is_array($arrayEntryData['ou'])) {
|
||||
$arrayDepartment[] = [
|
||||
'dn' => $arrayEntryData['dn'],
|
||||
'parent' => (isset($unitsEqual[1])) ? implode(',', $unitsEqual) : '',
|
||||
'ou' => trim($arrayEntryData['ou']),
|
||||
'users' => 0
|
||||
];
|
||||
}
|
||||
} while ($entry = ldap_next_entry($ldapcnn, $entry));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!$flagError) {
|
||||
if (isset($controls[LDAP_CONTROL_PAGEDRESULTS]['value']['cookie'])) {
|
||||
// You need to pass the cookie from the last call to the next one
|
||||
$cookie = $controls[LDAP_CONTROL_PAGEDRESULTS]['value']['cookie'];
|
||||
} else {
|
||||
$cookie = '';
|
||||
}
|
||||
}
|
||||
// Empty cookie means last page
|
||||
} while (!empty($cookie) && !$flagError);
|
||||
|
||||
$str = '';
|
||||
|
||||
foreach ($arrayDepartment as $dep) {
|
||||
$str .= ' ' . $dep['ou'];
|
||||
}
|
||||
|
||||
$this->log($ldapcnn, 'found ' . count($arrayDepartment) . ' departments: ' . $str);
|
||||
|
||||
return $arrayDepartment;
|
||||
} catch (Exception $e) {
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
public function getPageSizeLimit($ldapcnn, $baseDn = '')
|
||||
{
|
||||
try {
|
||||
@@ -231,13 +452,14 @@ class LdapSource
|
||||
|
||||
$paged = !is_null($start) && !is_null($limit);
|
||||
|
||||
$rbac = RBAC::getSingleton();
|
||||
$filters = [
|
||||
'conditions' => ['AUTH_SOURCE_UID' => $this->authSourceUid],
|
||||
];
|
||||
$rbacAuthenticationSource = new RbacAuthenticationSource();
|
||||
$authSourceReturn = $rbacAuthenticationSource->show($filters);
|
||||
$arrayAuthenticationSourceData = $authSourceReturn['data'][0];
|
||||
$arrayAuthenticationSourceData['AUTH_SOURCE_DATA'] = json_decode($arrayAuthenticationSourceData['AUTH_SOURCE_DATA'], true);
|
||||
|
||||
if (is_null($rbac->authSourcesObj)) {
|
||||
$rbac->authSourcesObj = new AuthenticationSource();
|
||||
}
|
||||
|
||||
$arrayAuthenticationSourceData = $rbac->authSourcesObj->load($this->authSourceUid);
|
||||
$attributeUserSet = [];
|
||||
$attributeSetAdd = [];
|
||||
|
||||
@@ -400,6 +622,15 @@ class LdapSource
|
||||
}
|
||||
}
|
||||
|
||||
private function getPageSizeLimitByData(array $arrayAuthSourceData)
|
||||
{
|
||||
if (isset($arrayAuthSourceData['AUTH_SOURCE_DATA']['LDAP_PAGE_SIZE_LIMIT'])) {
|
||||
return $arrayAuthSourceData['AUTH_SOURCE_DATA']['LDAP_PAGE_SIZE_LIMIT'];
|
||||
} else {
|
||||
return $this->getPageSizeLimit(false);
|
||||
}
|
||||
}
|
||||
|
||||
private function ldapGetAttributes($ldapcnn, $entry)
|
||||
{
|
||||
try {
|
||||
@@ -438,4 +669,23 @@ class LdapSource
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
public function custom_ldap_explode_dn($dn)
|
||||
{
|
||||
$dn = trim($dn, ',');
|
||||
$result = ldap_explode_dn($dn, 0);
|
||||
$this->stdLog(null, "ldap_explode_dn", ["dn" => $dn]);
|
||||
|
||||
if (is_array($result)) {
|
||||
unset($result['count']);
|
||||
|
||||
foreach ($result as $key => $value) {
|
||||
$result[$key] = addcslashes(preg_replace_callback("/\\\([0-9A-Fa-f]{2})/", function ($m) {
|
||||
return chr(hexdec($m[1]));
|
||||
}, $value), '<>,"');
|
||||
}
|
||||
}
|
||||
|
||||
return $result;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user