['CFG_VALUE'], 'conditions' => ['CFG_UID' => 'authSourcesList', 'OBJ_UID' => 'pageSize', 'USR_UID' => $userUid] ); $configuration = new Configuration(); $configurationReturn = $configuration->show($filters); if ($configurationReturn['total'] > 0) { $configValue = unserialize($configurationReturn['data'][0]['CFG_VALUE']); $limit = $configValue['pageSize'] ?? $limit; } } $filters = array( 'fields' => ['*'], 'start' => $start, 'limit'=> $limit ); if ($orderBy != '') { if (!in_array($ascending, ['asc', 'desc'])) { $ascending = 'asc'; } $filters['orderBy'] = [$orderBy, $ascending]; } if ($filter != '') { $filters['conditions'] = ['text' => $filter]; } $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceReturn = $rbacAuthenticationSource->show($filters); global $RBAC; $auth = $RBAC->getAllUsersByAuthSource(); $sources = []; foreach ($authSourceReturn['data'] as $key => $authSourceRow) { $values = explode('_', $authSourceRow['AUTH_SOURCE_PASSWORD']); foreach ($values as $value) { if ($value == '2NnV3ujj3w') { $authSourceRow['AUTH_SOURCE_PASSWORD'] = G::decrypt($values[0], $authSourceRow['AUTH_SOURCE_SERVER_NAME']); } } $label = G::LoadTranslation('ID_DISABLE'); if ($authSourceRow['AUTH_SOURCE_ENABLED_TLS'] === '1') { $label = G::LoadTranslation('ID_ENABLE'); } $authSourceRow['AUTH_SOURCE_ENABLED_TLS_LABEL'] = $label; //additional information $authSourceData = json_decode($authSourceRow['AUTH_SOURCE_DATA'], true); if (is_array($authSourceData)) { $authSourceRow = array_merge($authSourceRow, $authSourceData); } $authSourceRow['AUTH_ANONYMOUS'] = (string)$authSourceRow['AUTH_ANONYMOUS']; $sources[] = $authSourceRow; $index = sizeof($sources) - 1; $sources[$index]['CURRENT_USERS'] = isset($auth[$sources[$index]['AUTH_SOURCE_UID']]) ? $auth[$sources[$index]['AUTH_SOURCE_UID']] : 0; } $response = [ 'success' => true, 'sources' => $sources, 'total_sources' => $authSourceReturn['total'] ]; return $response; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function removeAuthSource($authSourceUid) { try { $conditions = ['AUTH_SOURCE_UID'=> $authSourceUid]; $rbacAuthenticationSource = new RbacAuthenticationSource(); $removeResponse = $rbacAuthenticationSource->remove($conditions); return ['success' => true, 'deleteRows' => $removeResponse['deleteRows'] ]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function verifyAuthSourceName($authSourceName) { try { $row = false; $suggestName = ''; $filters = [ 'fields' => ['AUTH_SOURCE_UID', 'AUTH_SOURCE_NAME'], 'conditions' => ['AUTH_SOURCE_NAME' => $authSourceName] ]; $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceReturn = $rbacAuthenticationSource->show($filters); if ($authSourceReturn['total'] > 0) { $row = $authSourceReturn['data'][0]; $filters['fields'] = ['AUTH_SOURCE_NAME']; $filters['conditions'] = ['text' => $authSourceName]; $filters['orderBy'] = ['AUTH_SOURCE_NAME', 'desc']; $lastAuthSource = $rbacAuthenticationSource->show($filters); if ($lastAuthSource['total'] > 0) { $name = $lastAuthSource['data'][0]['AUTH_SOURCE_NAME']; //get suggest name $pieces = explode( ' ', $name); $last = array_pop($pieces); $number = trim($last, '()'); if ("({$number})" === $last) { $number = intval($number) + 1; $suggestName = implode('', $pieces) . " ({$number})"; } else { $suggestName = $name . ' (1)'; } } } return ['success' => true, 'row' => $row, 'suggestName' => $suggestName]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function testConnection($authSourceData) { try { $ldapSource = new LdapSource(); $authSourceConnectionData = $ldapSource->ldapConnection($authSourceData); $response = ['success' => true, 'status' => 'OK']; if ($authSourceConnectionData['startTLS'] === false) { $response['message'] = G::LoadTranslation('ID_TLS_CERTIFICATE_IS_NOT_INSTALLED_IN_THE_SERVER'); } return $response; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function saveAuthSource($authSourceData) { try { $authSourceData['AUTH_SOURCE_VERSION'] = 3; $ldapSource = new LdapSource(); $ldapConnection = $ldapSource->ldapConnection($authSourceData); $authSourceData['AUTH_SOURCE_DATA']['LDAP_PAGE_SIZE_LIMIT'] = $ldapSource->getPageSizeLimit( $ldapConnection['connection'], $authSourceData['AUTH_SOURCE_BASE_DN'] ); $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceData['AUTH_SOURCE_UID'] = $authSourceData['AUTH_SOURCE_UID'] ?? ''; $authSourceData['AUTH_SOURCE_DATA'] = json_encode($authSourceData['AUTH_SOURCE_DATA']); $saveDataResponse = $rbacAuthenticationSource->saveData($authSourceData); return ['success' => true, 'saveData' => $saveDataResponse]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function searchUsers($authSourceUid, $filters) { try { $rbacUsers = new RbacUsers(); $usersAuthSources = $rbacUsers->listUsersAuthSources(); foreach ($usersAuthSources['data'] as $row) { $listUsers[strtolower($row['USR_USERNAME'])] = $row['UID_AUTH_SOURCE']; } $ldapSource = new LdapSource(); $ldapSource->authSourceUid = $authSourceUid; $result = $ldapSource->searchUsersLdap($filters['text'], $filters['start'], $filters['limit']); $arrayData = array(); foreach ($result['data'] as $value) { $listUsersData = $value; if (!isset($listUsers[strtolower($listUsersData['sUsername'])])) { $listUsersData['STATUS'] = G::LoadTranslation('ID_NOT_IMPORTED'); $listUsersData['IMPORT'] = 1; } elseif ($authSourceUid === $listUsers[strtolower($listUsersData['sUsername'])]) { $listUsersData['STATUS'] = G::LoadTranslation('ID_IMPORTED'); $listUsersData['IMPORT'] = 0; } else { $listUsersData['STATUS'] = G::LoadTranslation('ID_CANNOT_IMPORT'); $listUsersData['IMPORT'] = 0; } $arrayData[] = $listUsersData; } return ['success' => true, 'status' => 'OK', 'resultTotal' => $result['numRecTotal'], 'resultRoot' => $arrayData]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function importUsers($authSourceUid, $usersImport) { try { $filters = ['conditions' => ['AUTH_SOURCE_UID'=> $authSourceUid]]; $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceReturn = $rbacAuthenticationSource->show($filters); $authSourceReturn = $authSourceReturn['data'][0]; $aAttributes = array(); if (isset($authSourceReturn['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE'])) { $aAttributes = $authSourceReturn['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE']; } $usersCreated = ''; $countUsers = 0; global $RBAC; foreach ($usersImport as $sUser) { $aUser = (array) $sUser; $matches = array(); $aData = array(); $aData['USR_USERNAME'] = str_replace('*', "'", $aUser['sUsername']); $aData['USR_PASSWORD'] = '00000000000000000000000000000000'; // note added by gustavo gustavo-at-colosa.com // asign the FirstName and LastName variables // add replace to change D*Souza to D'Souza by krlos $aData['USR_FIRSTNAME'] = str_replace('*', "'", $aUser['sFirstname']); $aData['USR_FIRSTNAME'] = ($aData['USR_FIRSTNAME'] == '') ? $aData['USR_USERNAME'] : $aData['USR_FIRSTNAME']; $aData['USR_LASTNAME'] = str_replace('*', "'", $aUser['sLastname']); $aData['USR_EMAIL'] = $aUser['sEmail']; $aData['USR_DUE_DATE'] = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 2)); $aData['USR_CREATE_DATE'] = date('Y-m-d H:i:s'); $aData['USR_UPDATE_DATE'] = date('Y-m-d H:i:s'); $aData['USR_BIRTHDAY'] = date('Y-m-d'); $aData['USR_STATUS'] = (isset($aUser['USR_STATUS'])) ? (($aUser['USR_STATUS'] == 'ACTIVE') ? 1 : 0) : 1; $aData['USR_AUTH_TYPE'] = strtolower($authSourceReturn['AUTH_SOURCE_PROVIDER']); $aData['UID_AUTH_SOURCE'] = $authSourceReturn['AUTH_SOURCE_UID']; // validating with regexp if there are some missing * inside the DN string // if it's so the is changed to the ' character preg_match('/[a-zA-Z]\*[a-zA-Z]/', $aUser['sDN'], $matches); foreach ($matches as $key => $match) { $newMatch = str_replace('*', '\'', $match); $aUser['sDN'] = str_replace($match, $newMatch, $aUser['sDN']); } $aData['USR_AUTH_USER_DN'] = $aUser['sDN']; $usrRole = 'LURANA_OPERATOR'; if (!empty($authSourceReturn['AUTH_SOURCE_DATA']['USR_ROLE'])) { $usrRole = $authSourceReturn['AUTH_SOURCE_DATA']['USR_ROLE']; } $sUserUID = $RBAC->createUser($aData, $usrRole, $authSourceReturn['AUTH_SOURCE_NAME']); $usersCreated .= $aData['USR_USERNAME'] . ' '; $countUsers++; $aData['USR_STATUS'] = (isset($aUser['USR_STATUS'])) ? $aUser['USR_STATUS'] : 'ACTIVE'; $aData['USR_UID'] = $sUserUID; $aData['USR_ROLE'] = $usrRole; $calendarObj = new Calendar(); $calendarObj->assignCalendarTo($sUserUID, '00000000000000000000000000000001', 'USER'); if (count($aAttributes)) { foreach ($aAttributes as $value) { if (isset($aUser[$value['attributeUser']])) { $aData[$value['attributeUser']] = str_replace('*', "'", $aUser[$value['attributeUser']]); if ($value['attributeUser'] == 'USR_STATUS') { $evalValue = $aData[$value['attributeUser']]; $statusValue = $aData['USR_STATUS']; $aData[$value['attributeUser']] = $statusValue; } } } } $oUser = new Users(); $oUser->create($aData); } return ['success' => true]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function searchGroups($authSourceUid) { try { $ldapSource = new LdapSource(); $ldapSource->authSourceUid = $authSourceUid; $groupsLdap = $ldapSource->searchGroups(); $allGroupsLdap = []; foreach ($groupsLdap as $group) { $node = array(); $node['GRP_UID'] = $group['cn']; $node['GRP_TITLE'] = $group['cn']; $node['GRP_USERS'] = $group['users']; $node['GRP_DN'] = $group['dn']; $allGroupsLdap[] = $node; } $groupUser = new GroupUser(); $groupsNumberUsers = $groupUser->getNumberOfUsersByGroups(); $listGroupsNumberUsers = []; foreach ($groupsNumberUsers['data'] as $group) { $listGroupsNumberUsers[$group['GRP_UID']] = $group['NUM_REC']; } $groupwf = new Groupwf(); $groupsObjects = []; foreach ($allGroupsLdap as $group) { $groupObject = new TreeNodeAuthSource(); $groupObject->text = htmlentities($group['GRP_TITLE'], ENT_QUOTES, 'UTF-8'); $groupUid = $groupwf->getGroupWithDN($group['GRP_DN']); if (!empty($groupUid[0]['GRP_UID'])) { $groupUid = $groupUid[0]['GRP_UID']; $groupObject->text .= ' (' . ($listGroupsNumberUsers[$groupUid] ?? 0) . ')'; $groupObject->checked = true; } else { $groupObject->checked = false; } $groupObject->id = urlencode($group['GRP_DN']); $groupsObjects[] = $groupObject; } return $groupsObjects; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function searchDepartaments($authSourceUid) { try { $ldapSource = new LdapSource(); $ldapSource->authSourceUid = $authSourceUid; $departments = $ldapSource->searchDepartments(); $departmentsObjects = array(); $user = new User(); $departmentsNumberUsers = $user->getNumberOfUsersByDepartments(); $listDepartmentsNumberUsers = []; foreach ($departmentsNumberUsers['data'] as $group) { $listDepartmentsNumberUsers[$group['DEP_UID']] = $group['NUM_REC']; } $departmentsObject = $this->getChildrenDepartments($departments, '', $listDepartmentsNumberUsers, $ldapSource->terminatedOu); return $departmentsObject; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function saveGroups($groupsDN, $authSourceUid) { $groupsToCheck = explode('|', $groupsDN); $groupsToCheck = array_map('urldecode', $groupsToCheck); $groupsToUncheck = $this->getGroupsToUncheck($groupsToCheck); $filters = ['conditions' => ['AUTH_SOURCE_UID'=> $authSourceUid]]; $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceReturn = $rbacAuthenticationSource->show($filters); $authenticationSourceData = $authSourceReturn['data'][0]; $authenticationSourceData['AUTH_SOURCE_DATA'] = json_decode($authenticationSourceData['AUTH_SOURCE_DATA'], true); $ldapSource = new LdapSource(); $ldapSource->authSourceUid = $authSourceUid; $groupwf = new Groupwf(); foreach ($groupsToCheck as $groupDN) { $ous = $ldapSource->custom_ldap_explode_dn($groupDN); $currentGroup = array_shift($ous); $groupAux = explode('=', $currentGroup); $groupTitle = isset($groupAux[1]) ? trim($groupAux[1]) : ''; $groupTitle = stripslashes($groupTitle); if (empty($groupTitle)) { continue; } $filters = array( 'fields' => ['GRP_UID'], 'conditions' => ['GRP_TITLE' => $groupTitle, 'GRP_STATUS' => 'ACTIVE'] ); $allGroups = $groupwf->show($filters); $groupUid = $allGroups['data'][0]['GRP_UID'] ?? ''; if ($groupUid === '') { $group = [ 'GRP_TITLE' => $groupTitle, 'GRP_LDAP_DN' => $groupDN ]; } else { $group = $allGroups['data'][0]; $group['GRP_LDAP_DN'] = $groupDN; } $groupwf->saveData($group); } if (count($groupsToUncheck) > 0) { foreach ($groupsToUncheck as $groupDN) { $ous = $ldapSource->custom_ldap_explode_dn($groupDN); $currentGroup = array_shift($ous); $groupAux = explode('=', $currentGroup); $groupTitle = isset($groupAux[1]) ? trim($groupAux[1]) : ''; $groupTitle = stripslashes($groupTitle); if (empty($groupTitle)) { continue; } $filters = array( 'fields' => ['GRP_UID'], 'conditions' => ['GRP_TITLE' => $groupTitle, 'GRP_STATUS' => 'ACTIVE'] ); $allGroups = $groupwf->show($filters); $groupUid = $allGroups['data'][0]['GRP_UID'] ?? ''; if ($groupUid != '') { $group = $allGroups['data'][0]; $group['GRP_LDAP_DN'] = ''; $groupwf->saveData($group); if (!isset($authenticationSourceData['AUTH_SOURCE_DATA']['GROUPS_TO_UNASSIGN'])) { $authenticationSourceData['AUTH_SOURCE_DATA']['GROUPS_TO_UNASSIGN'] = []; } if (!in_array($groupUid, $authenticationSourceData['AUTH_SOURCE_DATA']['GROUPS_TO_UNASSIGN'])) { $authenticationSourceData['AUTH_SOURCE_DATA']['GROUPS_TO_UNASSIGN'][] = $groupUid; } } } $authenticationSourceData['AUTH_SOURCE_DATA'] = json_encode($authenticationSourceData['AUTH_SOURCE_DATA']); $rbacAuthenticationSource->saveData($authenticationSourceData); } $responseSaveGroups = [ 'status' => 'OK', 'success' => true ]; return $responseSaveGroups; if ($ldapSource->checkDuplicateTitles()) { $response->warning = G::LoadTranslation('ID_IT_WAS_IDENTIFIED_DUPLICATED_GROUPS_PLEASE_REMOVE_THESE_GROUPS'); } } public function saveDepartments($departmentsDN, $authSourceUid) { $depsToCheck = ($departmentsDN != '') ? explode('|', $departmentsDN) : []; $depsToCheck = array_map('urldecode', $depsToCheck); $depsToUncheck = $this->getDepartmentsToUncheck($depsToCheck); $filters = ['conditions' => ['AUTH_SOURCE_UID'=> $authSourceUid]]; $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceReturn = $rbacAuthenticationSource->show($filters); $authenticationSourceData = $authSourceReturn['data'][0]; $authenticationSourceData['AUTH_SOURCE_DATA'] = json_decode($authenticationSourceData['AUTH_SOURCE_DATA'], true); $ldapSource = new LdapSource(); $ldapSource->authSourceUid = $authSourceUid; $department = new Department(); foreach ($depsToCheck as $departmentDn) { $departmentUid = $department->getDepUidIfExistsDN($departmentDn); $departmentUid = $departmentUid['data'][0]['DEP_UID'] ?? ''; if ($departmentUid == '') { if (strcasecmp($departmentDn, $authenticationSourceData['AUTH_SOURCE_BASE_DN']) == 0) { $departmentTitle = 'ROOT (' . $authenticationSourceData['AUTH_SOURCE_BASE_DN'] . ')'; $parentUid = ''; } else { $ous = $ldapSource->custom_ldap_explode_dn($departmentDn); $departmentCurrent = array_shift($ous); $parentDn = implode(',', $ous); $ous = explode('=', $departmentCurrent); $departmentTitle = trim($ous[1]); $parentUid = $department->getDepUidIfExistsDN($parentDn); $parentUid = $parentUid['data'][0]['DEP_UID'] ?? ''; if (str_ireplace($authenticationSourceData['AUTH_SOURCE_BASE_DN'], '', $parentDn) != '' && $parentUid == '') { $response = new stdClass(); $response->status = 'ERROR'; $response->message = G::LoadTranslation( 'ID_DEPARTMENT_CHECK_PARENT_DEPARTMENT', [$parentDn, $departmentTitle] ); echo json_encode($response); exit(0); } } $filters = array( 'conditions' => ['DEP_STATUS' => 'ACTIVE', 'DEP_TITLE' => $departmentTitle] ); $allDepartments = $department->show($filters); $departmentUid = $allDepartments['data'][0]['DEP_UID'] ?? ''; if (empty($departmentUid)) { $data = [ 'DEP_TITLE' => stripslashes($departmentTitle), 'DEP_PARENT' => $parentUid, 'DEP_LDAP_DN' => $departmentDn, 'DEP_REF_CODE' => '' ]; $saveDerpartment = $department->saveData($data); if (empty($saveDerpartment)) { $response = new stdClass(); $response->status = 'ERROR'; $response->message = G::LoadTranslation('ID_DEPARTMENT_ERROR_CREATE'); echo json_encode($response); exit(0); } } else { $data = $allDepartments['data'][0]; $data['DEP_LDAP_DN'] = $departmentDn; $department->saveData($data); } } } if (count($depsToUncheck) > 0) { $baseDnLength = strlen($authenticationSourceData['AUTH_SOURCE_BASE_DN']); foreach ($depsToUncheck as $departmentDn) { $departmentUid = $department->getDepUidIfExistsDN($departmentDn); $departmentUid = $departmentUid['data'][0]['DEP_UID'] ?? ''; if ($departmentUid != '' && strcasecmp( substr($departmentDn, strlen($departmentDn) - $baseDnLength), $authenticationSourceData['AUTH_SOURCE_BASE_DN'] ) == 0 ) { $filters = array( 'conditions' => ['DEP_UID' => $departmentUid] ); $allDepartments = $department->show($filters); $data = $allDepartments['data'][0] ?? []; $data['DEP_LDAP_DN'] = ''; $department->saveData($data); if (!isset($authenticationSourceData['AUTH_SOURCE_DATA']['DEPARTMENTS_TO_UNASSIGN'])) { $authenticationSourceData['AUTH_SOURCE_DATA']['DEPARTMENTS_TO_UNASSIGN'] = []; } if (!in_array($departmentUid, $authenticationSourceData['AUTH_SOURCE_DATA']['DEPARTMENTS_TO_UNASSIGN'])) { $authenticationSourceData['AUTH_SOURCE_DATA']['DEPARTMENTS_TO_UNASSIGN'][] = $departmentUid; } } } $authenticationSourceData['AUTH_SOURCE_DATA'] = json_encode($authenticationSourceData['AUTH_SOURCE_DATA']); $rbacAuthenticationSource->saveData($authenticationSourceData); } $responseSaveGroups = [ 'status' => 'OK', 'success' => true ]; return $responseSaveGroups; if ($ldapAdvanced->checkDuplicateDepartmentTitles()) { $response->warning = G::LoadTranslation('ID_IT_WAS_IDENTIFIED_DUPLICATED_DEPARTMENTS_PLEASE_REMOVE_THESE_DEPARTMENTS'); } } private function getDepartments($departments, $parent, $terminatedOu) { $parentDepartments = $departments; $childDepartments = $departments; $currentDepartments = array(); foreach ($parentDepartments as $key => $val) { if (strtolower($val['dn']) != strtolower($parent)) { if ((strtolower($val['parent']) == strtolower($parent)) && (strtolower($val['ou']) != strtolower($terminatedOu))) { $node = array(); $node['DEP_UID'] = $val['ou']; $node['DEP_TITLE'] = $val['ou']; $node['DEP_USERS'] = $val['users']; $node['DEP_DN'] = $val['dn']; $node['HAS_CHILDREN'] = false; $departments[$key]['hasChildren'] = false; foreach ($childDepartments as $key2 => $val2) { if (strtolower($val2['parent']) == strtolower($val['dn'])) { $node['HAS_CHILDREN'] = true; $departments[$key]['hasChildren'] = true; break; } } $node['DEP_LAST'] = false; $currentDepartments[] = $node; } } } if (isset($currentDepartments[count($currentDepartments) - 1])) { $currentDepartments[count($currentDepartments) - 1]['DEP_LAST'] = true; } return $currentDepartments; } private function getChildrenDepartments($departments, $parent, $listDepartmentsNumberUsers, $terminatedOu) { $allDepartments = $this->getDepartments($departments, $parent, $terminatedOu); $department = new Department(); foreach ($allDepartments as $departmentData) { $departmentObject = new TreeNodeAuthSource(); $departmentObject->text = htmlentities($departmentData['DEP_TITLE'], ENT_QUOTES, 'UTF-8'); $departmentDNData = $department->getDepUidIfExistsDN($departmentData['DEP_DN']); $departmentUid = $departmentDNData['data'][0]['DEP_UID'] ?? ''; if ($departmentUid != '') { $departmentObject->text .= ' (' . ($listDepartmentsNumberUsers[$departmentUid] ?? '') . ')'; $departmentObject->checked = true; } else { $departmentObject->checked = false; } if ($departmentData['HAS_CHILDREN'] == 1) { $departmentObject->children = $this->getChildrenDepartments($departments, $departmentData['DEP_DN'], $listDepartmentsNumberUsers, $terminatedOu); } $departmentObject->id = urlencode($departmentData['DEP_DN']); $departmentsObjects[] = $departmentObject; } return $departmentsObjects; } private function getDepartmentsToUncheck($depsToCheck) { $departament = new Department(); $departmentsWithDN = $departament->getDepartmentsWithDN(); $departmentsWithDN = $departmentsWithDN['data']; $depsToUncheck = []; foreach ($departmentsWithDN as $departmentWithDN) { $found = false; foreach ($depsToCheck as $depToCheck) { if ($departmentWithDN['DEP_LDAP_DN'] == $depToCheck) { $found = true; } } if (!$found) { $depsToUncheck[] = $departmentWithDN['DEP_LDAP_DN']; } } return $depsToUncheck; } private function getGroupsToUncheck($groupsToCheck) { $groupsWithDN = $this->getGroupsWithDN(); $groupsToUncheck = array(); foreach ($groupsWithDN as $groupWithDN) { $found = false; foreach ($groupsToCheck as $groupToCheck) { if ($groupWithDN['GRP_LDAP_DN'] == $groupToCheck) { $found = true; } } if (!$found) { $groupsToUncheck[] = $groupWithDN['GRP_LDAP_DN']; } } return $groupsToUncheck; } private function getGroupsWithDN() { $groupwf = new Groupwf(); $filters = array('start' => 0, 'limit' => 1000); $allGroups = $groupwf->show($filters); $allGroups = $allGroups['data']; $groupsWithDN = array(); foreach ($allGroups as $group) { if ($group['GRP_LDAP_DN'] != '') { $groupsWithDN[] = $group; } } return $groupsWithDN; } private static function encrypt($plaintext, $key) { $cipher = 'AES-256-CBC'; $ivlen = openssl_cipher_iv_length($cipher); $iv = openssl_random_pseudo_bytes($ivlen); $ciphertext_raw = openssl_encrypt($plaintext, $cipher, $key, OPENSSL_RAW_DATA, $iv); $ciphertext = base64_encode($iv . $ciphertext_raw); return $ciphertext; } private static function decrypt($ciphertext_b64, $key) { $cipher = 'AES-256-CBC'; $ivlen = openssl_cipher_iv_length($cipher); $ciphertext = base64_decode($ciphertext_b64); $iv = substr($ciphertext, 0, $ivlen); $ciphertext_raw = substr($ciphertext, $ivlen); $plaintext = openssl_decrypt($ciphertext_raw, $cipher, $key, OPENSSL_RAW_DATA, $iv); return $plaintext; } } class TreeNodeAuthSource extends stdclass { public $text = ''; public $cls = ''; public $leaf = false; public $checked = false; public $children = array(); public $id = ''; }