From e759cc894dcbd5c0338fc9431ed2498ea7b4d785 Mon Sep 17 00:00:00 2001
From: rurban <rurban@96ab9672-09ca-45d6-a79d-3d69d39ca109>
Date: Sun, 21 Jan 2007 23:23:49 +0000
Subject: [PATCH] Improve LdapSearch

git-svn-id: svn://svn.code.sf.net/p/phpwiki/code/trunk@5548 96ab9672-09ca-45d6-a79d-3d69d39ca109
---
 lib/plugin/LdapSearch.php     | 98 +++++++++++++++++++++++++++--------
 pgsrc/Help%2FLdapSearchPlugin | 65 ++++++++++++++++++-----
 pgsrc/LdapSearch              | 12 +++++
 3 files changed, 139 insertions(+), 36 deletions(-)
 create mode 100644 pgsrc/LdapSearch

diff --git a/lib/plugin/LdapSearch.php b/lib/plugin/LdapSearch.php
index 0d4aed0fb..8977f5bb6 100644
--- a/lib/plugin/LdapSearch.php
+++ b/lib/plugin/LdapSearch.php
@@ -1,6 +1,7 @@
-<?php // -*-php-*- rcs_id('$Id: LdapSearch.php,v 1.3 2004-12-20 16:05:14 rurban Exp $');
+<?php // -*-php-*- rcs_id('$Id: LdapSearch.php,v 1.4 2007-01-21 23:23:49 rurban Exp $');
 /**
  Copyright 2004 John Lines
+ Copyright 2007 $ThePhpWikiProgrammingTeam
 
  This file is part of PhpWiki.
 
@@ -22,9 +23,9 @@
 /**
  * WikiPlugin which searches an LDAP directory.
  *
- * Note that for this version the attributes are required.
- * TODO: use the config.ini constants as defaults
+ * Uses the config.ini constants as defaults.
  * See http://phpwiki.org/LdapSearchPlugin
+ * TODO: Return a pagelist on certain attributes
  *
  * Usage Samples:
   <?plugin LdapSearch?>
@@ -32,7 +33,7 @@
            host="localhost"
            port=389
            basedn=""
- 	    filter="(cn=*)"
+ 	   filter="(cn=*)"
            attributes=""  
   ?>
   <?plugin LdapSearch host=ldap.example.com filter="(ou=web-team)" 
@@ -46,10 +47,6 @@
  * @author John Lines
  */
 
-// Constants are defined before the class.
-// if (!defined('THE_END'))
-//    define('THE_END', "!");
-
 class WikiPlugin_LdapSearch
 extends WikiPlugin
 {
@@ -62,33 +59,87 @@ extends WikiPlugin
     }
     function getVersion() {
         return preg_replace("/[Revision: $]/", '',
-                            "\$Revision: 1.3 $");
+                            "\$Revision: 1.4 $");
     }
     function getDefaultArguments() {
-        return array('host' 	=> "localhost", // change to LDAP_AUTH_HOST
-		     'port' 	=> 389,		// ditto
+        return array('host' 	=> "", 		// default: LDAP_AUTH_HOST
+		     'port' 	=> 389,		// ignored if host = full uri
 		     'basedn' 	=> "",		// LDAP_BASE_DN
                      'filter'   => "(cn=*)",
-		     'attributes' => "");
+		     'attributes' => "",
+                     'user'     => '',
+                     'password' => '',
+                     'options'   => "",
+                     );
     }
 
     // I ought to require the ldap extension, but fail sanely, if I cant get it.
     // - however at the moment this seems to work as is
     function run($dbi, $argstr, $request) {
-        extract($this->getArgs($argstr, $request));
-
-	$html = HTML::table(array('cellpadding' => 1,'cellspacing' => 1, 'border' => 1));
-	$connect = ldap_connect($host, $port);
-	if (!ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3)) {
-            $this->error(_("Failed to set LDAP protocol version to 3"));
+        if (!function_exists('ldap_connect')) {
+            if (!loadPhpExtension('ldap'))
+                return $this->error(_("Missing ldap extension"));
+        }
+        $args = $this->getArgs($argstr, $request);
+        extract($args);
+        if (!$host) {
+            if (defined('LDAP_AUTH_HOST')) {
+                $host = LDAP_AUTH_HOST;
+                if (strstr(LDAP_AUTH_HOST, '://'))
+                    $port = null;
+            } else {
+                $host = 'localhost';
+            }
+        } else {
+            if (strstr($host, '://'))
+                $port = null;
         }
-	$bind = ldap_bind($connect);
-	$attr_array = array("");		// for now - 
+	$html = HTML();
+        if (is_null($port))
+            $connect = ldap_connect($host);
+        else
+            $connect = ldap_connect($host, $port);
+        if (!$connect)
+            return $this->error(_("Failed to connect to LDAP host"));
+        if (!$options and defined('LDAP_AUTH_HOST') and $args['host'] == LDAP_AUTH_HOST) {
+            if (!empty($GLOBALS['LDAP_SET_OPTION'])) {
+                $options = $GLOBALS['LDAP_SET_OPTION'];
+            }
+        }
+        if ($options) {
+            foreach ($options as $key => $value) {
+                if (!ldap_set_option($connect, $key, $value))
+                    $this->error(_("Failed to set LDAP $key $value"));
+            }
+        }
+	$html->pushContent(HTML::table(array('cellpadding' => 1,'cellspacing' => 1, 'border' => 1)));
+        // special convenience: if host = LDAP_AUTH_HOST
+        // then take user and password from config.ini also
+        if ($user) {
+            if ($password)
+                // required for Windows Active Directory Server
+                $bind = ldap_bind($connect, $user, $password);
+            else
+                $bind = ldap_bind($connect, $user);
+        } elseif (defined('LDAP_AUTH_HOST') and $args['host'] == LDAP_AUTH_HOST) {
+            if (LDAP_AUTH_USER)
+                if (LDAP_AUTH_PASSWORD)
+                    // Windows Active Directory Server is strict
+                    $r = ldap_bind($connect, LDAP_AUTH_USER, LDAP_AUTH_PASSWORD); 
+                else
+                    $r = ldap_bind($connect, LDAP_AUTH_USER); 
+            else // anonymous bind
+                $bind = ldap_bind($connect);
+        } else { // other anonymous bind
+            $bind = ldap_bind($connect);
+        }
+        if (!$bind) return $this->error(_("Failed to bind LDAP host"));
+	$attr_array = array("");
 	if (!$attributes) {
             $res = ldap_search($connect, $basedn, $filter);
         } else {
             $attr_array = split (" ",$attributes);
-            $res = ldap_search($connect, $basedn, $filter,$attr_array);
+            $res = ldap_search($connect, $basedn, $filter, $attr_array);
         }
 	$entries = ldap_get_entries($connect, $res);
  
@@ -153,13 +204,14 @@ extends WikiPlugin
                 $html->pushContent($row);
             }
         }
-        
-        // THE_END); // ??
         return $html;
     }
 };
 
 // $Log: not supported by cvs2svn $
+// Revision 1.3  2004/12/20 16:05:14  rurban
+// gettext msg unification
+//
 // Revision 1.2  2004/10/04 23:39:34  rurban
 // just aesthetics
 //
diff --git a/pgsrc/Help%2FLdapSearchPlugin b/pgsrc/Help%2FLdapSearchPlugin
index a78830677..7a3733711 100644
--- a/pgsrc/Help%2FLdapSearchPlugin
+++ b/pgsrc/Help%2FLdapSearchPlugin
@@ -1,38 +1,77 @@
-Date: Fri, 29 Dec 2006 18:57:39 +0000
+Date: Sat, 20 Jan 2007 16:38:14 +0100
 Mime-Version: 1.0 (Produced by PhpWiki 1.3.13)
-X-Rcs-Id: $Id: Help%2FLdapSearchPlugin,v 1.1 2007-01-02 13:26:05 rurban Exp $
+X-Rcs-Id: $Id: Help%2FLdapSearchPlugin,v 1.2 2007-01-21 23:23:49 rurban Exp $
 Content-Type: application/x-phpwiki;
   pagename=Help%2FLdapSearchPlugin;
-  pgsrc_version="2 $Revision: 1.1 $";
+  pgsrc_version="2 $Revision: 1.2 $";
   flags="";
   markup=2;
   charset=iso-8859-1
 Content-Transfer-Encoding: binary
 
-_short description_
+Help:WikiPlugin which displays a LDAP query as table.
 
 ! Usage
 <verbatim>
   <?plugin LdapSearch ?>
+  <?plugin LdapSearch
+           host="localhost"
+           port=389
+           basedn=""
+ 	   filter="(cn=*)"
+           attributes=""  
+  ?>
+  <?plugin LdapSearch host=ldap.example.com filter="(ou=web-team)" 
+                      attributes="sn cn telephonenumber" ?>
+  <?plugin LdapSearch host="ldap.itd.umich.edu" basedn="" filter="(sn=jensen)" attributes="cn drink" ?>
+  <?plugin LdapSearch host=ldap.example.com attributes="cn sn telephonenumber" ?>
+  <?plugin LdapSearch host=bugs.debian.org port=10101 basedn="dc=current,dc=bugs,dc=debian,dc=org"
+                      filter="(debbugsPackage=phpwiki)" 
+                      attributes="debbugsSeverity debbugsState debbugsTitle" ?>
 </verbatim>
 
 ! Arguments
 
-page _(default: current pagename)_:
-  The page to execute upon.
+host _(default: from LDAP_AUTH_HOST or localhost)_:
+	hostname or ip or ldap:// uri to connect to.
 
-! Example
+port _(default: from LDAP_AUTH_HOST or 389)_:
+	portnumber to connect to.
 
-<verbatim>
-<?plugin LdapSearch ?>
-</verbatim>
+basedn _(default: LDAP_BASE_DN)_:
+	connect string: "ou=Users,o=Development,dc=mycompany.com"
+
+filter _(default: "(cn=*)")_:
+	Optional ldap_search() filter argument
+
+attributes _(default: empty)_ :
+	space seperated fields to return as table columns: "cn sn"
+
+options:
+	ldap_set_option(). Default: LDAP_SET_OPTION if host == LDAP_AUTH_HOST
+	Column seperated name=value pairs. Esp. needed for Windows Active directory:
+	"LDAP_OPT_PROTOCOL_VERSION=3:LDAP_OPT_REFERRALS=0"
+user:
+	Default: LDAP_AUTH_USER if host == LDAP_AUTH_HOST
+password:
+	Default: LDAP_AUTH_PASSWORD if host == LDAP_AUTH_HOST
+	user and password are required for Windows Active directory.
+
+! Examples
 
-<?plugin LdapSearch ?>
+<?plugin WikiFormRich action=LdapSearch 
+        editbox[] name=host value=bugs.debian.org size=80
+        editbox[] name=port value=10101 size=80
+        editbox[] name=basedn value="dc=current,dc=bugs,dc=debian,dc=org" size=80
+	editbox[] name=filter value="(debbugsPackage=phpwiki)" size=80
+        editbox[] name=attributes value="debbugsSeverity debbugsState debbugsTitle" size=80
+	submit[] reset[]
+?>
 
 ! Author
-PhpWiki:ReiniUrban
+PhpWiki:JohnLines
 
 ! See Also
 
 ----
-PhpWikiDocumentation Help:WikiPlugin
\ No newline at end of file
+PhpWikiDocumentation Help:WikiPlugin
diff --git a/pgsrc/LdapSearch b/pgsrc/LdapSearch
new file mode 100644
index 000000000..fec81e45f
--- /dev/null
+++ b/pgsrc/LdapSearch
@@ -0,0 +1,12 @@
+Date: Sat, 20 Jan 2007 16:38:14 +0100
+Mime-Version: 1.0 (Produced by PhpWiki 1.3.13)
+X-Rcs-Id: $Id: LdapSearch,v 1.1 2007-01-21 23:23:49 rurban Exp $
+Content-Type: application/x-phpwiki;
+  pagename=LdapSearch;
+  pgsrc_version="2 $Revision: 1.1 $";
+  flags="";
+  markup=2;
+  charset=iso-8859-1
+Content-Transfer-Encoding: binary
+
+<?plugin LdapSearch ?>
-- 
2.45.0