00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040 include_once( "kernel/classes/datatypes/ezuser/ezusersetting.php" );
00041 include_once( "kernel/classes/datatypes/ezuser/ezuser.php" );
00042 include_once( 'lib/ezutils/classes/ezini.php' );
00043
00044 class eZLDAPUser extends eZUser
00045 {
00046
00047
00048
00049 function eZLDAPUser()
00050 {
00051 }
00052
00053
00054
00055
00056
00057
00058 function &loginUser( $login, $password, $authenticationMatch = false )
00059 {
00060 $http =& eZHTTPTool::instance();
00061 $db =& eZDB::instance();
00062
00063 if ( $authenticationMatch === false )
00064 $authenticationMatch = eZUser::authenticationMatch();
00065
00066 $loginEscaped = $db->escapeString( $login );
00067 $passwordEscaped = $db->escapeString( $password );
00068
00069 $loginArray = array();
00070 if ( $authenticationMatch & EZ_USER_AUTHENTICATE_LOGIN )
00071 $loginArray[] = "login='$loginEscaped'";
00072 if ( $authenticationMatch & EZ_USER_AUTHENTICATE_EMAIL )
00073 $loginArray[] = "email='$loginEscaped'";
00074 if ( count( $loginArray ) == 0 )
00075 $loginArray[] = "login='$loginEscaped'";
00076 $loginText = implode( ' OR ', $loginArray );
00077
00078 $contentObjectStatus = EZ_CONTENT_OBJECT_STATUS_PUBLISHED;
00079
00080 $ini =& eZINI::instance();
00081 $LDAPIni =& eZINI::instance( 'ldap.ini' );
00082 $databaseImplementation = $ini->variable( 'DatabaseSettings', 'DatabaseImplementation' );
00083
00084 if ( $databaseImplementation == "ezmysql" )
00085 {
00086 $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00087 FROM ezuser, ezcontentobject
00088 WHERE ( $loginText ) AND
00089 ezcontentobject.status='$contentObjectStatus' AND
00090 ( ezcontentobject.id=contentobject_id OR ( password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') ) )";
00091 }
00092 else
00093 {
00094 $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00095 FROM ezuser, ezcontentobject
00096 WHERE ( $loginText ) AND
00097 ezcontentobject.status='$contentObjectStatus' AND
00098 ezcontentobject.id=contentobject_id";
00099 }
00100
00101 $users = $db->arrayQuery( $query );
00102 $exists = false;
00103 if ( count( $users ) >= 1 )
00104 {
00105 foreach ( array_keys( $users ) as $key )
00106 {
00107 $userRow =& $users[$key];
00108 $userID = $userRow['contentobject_id'];
00109 $hashType = $userRow['password_hash_type'];
00110 $hash = $userRow['password_hash'];
00111 $exists = eZUser::authenticateHash( $userRow['login'], $password, eZUser::site(),
00112 $hashType,
00113 $hash );
00114
00115
00116 if ( $hashType == EZ_USER_PASSWORD_HASH_MYSQL and $databaseImplementation == "ezmysql" )
00117 {
00118 $queryMysqlUser = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00119 FROM ezuser, ezcontentobject
00120 WHERE ezcontentobject.status='$contentObjectStatus' AND
00121 password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') ";
00122 $mysqlUsers = $db->arrayQuery( $queryMysqlUser );
00123 if ( count( $mysqlUsers ) >= 1 )
00124 $exists = true;
00125 }
00126
00127 eZDebugSetting::writeDebug( 'kernel-user', eZUser::createHash( $userRow['login'], $password, eZUser::site(),
00128 $hashType ), "check hash" );
00129 eZDebugSetting::writeDebug( 'kernel-user', $hash, "stored hash" );
00130
00131 $canLogin = eZUser::isEnabledAfterFailedLogin( $userID );
00132
00133 if ( $exists )
00134 {
00135
00136 $GLOBALS['eZFailedLoginAttemptUserID'] = $userID;
00137
00138 $userSetting = eZUserSetting::fetch( $userID );
00139 $isEnabled = $userSetting->attribute( "is_enabled" );
00140 if ( $hashType != eZUser::hashType() and
00141 strtolower( $ini->variable( 'UserSettings', 'UpdateHash' ) ) == 'true' )
00142 {
00143 $hashType = eZUser::hashType();
00144 $hash = eZUser::createHash( $login, $password, eZUser::site(),
00145 $hashType );
00146 $db->query( "UPDATE ezuser SET password_hash='$hash', password_hash_type='$hashType' WHERE contentobject_id='$userID'" );
00147 }
00148 break;
00149 }
00150 }
00151 }
00152 if ( $exists and $isEnabled and $canLogin )
00153 {
00154 eZDebugSetting::writeDebug( 'kernel-user', $userRow, 'user row' );
00155 $user = new eZUser( $userRow );
00156 eZDebugSetting::writeDebug( 'kernel-user', $user, 'user' );
00157 $userID = $user->attribute( 'contentobject_id' );
00158
00159 eZUser::updateLastVisit( $userID );
00160 eZUser::setCurrentlyLoggedInUser( $user, $userID );
00161
00162
00163 eZUser::setFailedLoginAttempts( $userID, 0 );
00164
00165 return $user;
00166 }
00167 else if ( $LDAPIni->variable( 'LDAPSettings', 'LDAPEnabled' ) == "true" )
00168 {
00169
00170
00171
00172 $LDAPVersion = $LDAPIni->variable( 'LDAPSettings', 'LDAPVersion' );
00173 $LDAPServer = $LDAPIni->variable( 'LDAPSettings', 'LDAPServer' );
00174 $LDAPPort = $LDAPIni->variable( 'LDAPSettings', 'LDAPPort' );
00175 $LDAPBaseDN = $LDAPIni->variable( 'LDAPSettings', 'LDAPBaseDn' );
00176 $LDAPBindUser = $LDAPIni->variable( 'LDAPSettings', 'LDAPBindUser' );
00177 $LDAPBindPassword = $LDAPIni->variable( 'LDAPSettings', 'LDAPBindPassword' );
00178 $LDAPSearchScope = $LDAPIni->variable( 'LDAPSettings', 'LDAPSearchScope' );
00179
00180 $LDAPLoginAttribute = $LDAPIni->variable( 'LDAPSettings', 'LDAPLoginAttribute' );
00181 $LDAPFirstNameAttribute = $LDAPIni->variable( 'LDAPSettings', 'LDAPFirstNameAttribute' );
00182 $LDAPLastNameAttribute = $LDAPIni->variable( 'LDAPSettings', 'LDAPLastNameAttribute' );
00183 $LDAPEmailAttribute = $LDAPIni->variable( 'LDAPSettings', 'LDAPEmailAttribute' );
00184
00185 $defaultUserPlacement = $ini->variable( "UserSettings", "DefaultUserPlacement" );
00186
00187 $LDAPUserGroupAttributeType = $LDAPIni->variable( 'LDAPSettings', 'LDAPUserGroupAttributeType' );
00188 $LDAPUserGroupAttribute = $LDAPIni->variable( 'LDAPSettings', 'LDAPUserGroupAttribute' );
00189
00190 if ( $LDAPIni->hasVariable( 'LDAPSettings', 'Utf8Encoding' ) )
00191 {
00192 $Utf8Encoding = $LDAPIni->variable( 'LDAPSettings', 'Utf8Encoding' );
00193 if ( $Utf8Encoding == "true" )
00194 $isUtf8Encoding = true;
00195 else
00196 $isUtf8Encoding = false;
00197 }
00198 else
00199 {
00200 $isUtf8Encoding = false;
00201 }
00202
00203 if ( $LDAPIni->hasVariable( 'LDAPSettings', 'LDAPSearchFilters' ) )
00204 {
00205 $LDAPFilters = $LDAPIni->variable( 'LDAPSettings', 'LDAPSearchFilters' );
00206 }
00207 if ( $LDAPIni->hasVariable( 'LDAPSettings', 'LDAPUserGroupType' ) and $LDAPIni->hasVariable( 'LDAPSettings', 'LDAPUserGroup' ) )
00208 {
00209 $LDAPUserGroupType = $LDAPIni->variable( 'LDAPSettings', 'LDAPUserGroupType' );
00210 $LDAPUserGroup = $LDAPIni->variable( 'LDAPSettings', 'LDAPUserGroup' );
00211 }
00212
00213 $LDAPFilter = "( &";
00214 if ( count( $LDAPFilters ) > 0 )
00215 {
00216 foreach ( array_keys( $LDAPFilters ) as $key )
00217 {
00218 $LDAPFilter .= "(" . $LDAPFilters[$key] . ")";
00219 }
00220 }
00221 $LDAPEqualSign = trim($LDAPIni->variable( 'LDAPSettings', "LDAPEqualSign" ) );
00222 $LDAPBaseDN = str_replace( $LDAPEqualSign, "=", $LDAPBaseDN );
00223 $LDAPFilter = str_replace( $LDAPEqualSign, "=", $LDAPFilter );
00224
00225 $ds = ldap_connect( $LDAPServer, $LDAPPort );
00226
00227 if ( $ds )
00228 {
00229 ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, $LDAPVersion );
00230 if ( $LDAPBindUser == '' )
00231 {
00232 $r = ldap_bind( $ds );
00233 }
00234 else
00235 {
00236 $r = ldap_bind( $ds, $LDAPBindUser, $LDAPBindPassword );
00237 }
00238 if ( !$r )
00239 {
00240
00241 if ( isset( $userID ) )
00242 eZUser::setFailedLoginAttempts( $userID );
00243
00244 $user = false;
00245 return $user;
00246 }
00247
00248 $LDAPFilter .= "($LDAPLoginAttribute=$login)";
00249 $LDAPFilter .= ")";
00250
00251 ldap_set_option( $ds, LDAP_OPT_SIZELIMIT, 0 );
00252 ldap_set_option( $ds, LDAP_OPT_TIMELIMIT, 0 );
00253
00254 $retrieveAttributes = array( $LDAPLoginAttribute,
00255 $LDAPFirstNameAttribute,
00256 $LDAPLastNameAttribute,
00257 $LDAPEmailAttribute );
00258 if ( $LDAPUserGroupAttributeType )
00259 $retrieveAttributes[] = $LDAPUserGroupAttribute;
00260
00261 if ( $LDAPSearchScope == "one" )
00262 $sr = ldap_list( $ds, $LDAPBaseDN, $LDAPFilter, $retrieveAttributes );
00263 else if ( $LDAPSearchScope == "base" )
00264 $sr = ldap_read( $ds, $LDAPBaseDN, $LDAPFilter, $retrieveAttributes );
00265 else
00266 $sr = ldap_search( $ds, $LDAPBaseDN, $LDAPFilter, $retrieveAttributes );
00267
00268 $info = ldap_get_entries( $ds, $sr ) ;
00269 if ( $info['count'] > 1 )
00270 {
00271
00272 $user = false;
00273 return $user;
00274 }
00275 else if ( $info['count'] < 1 )
00276 {
00277
00278 if ( isset( $userID ) )
00279 eZUser::setFailedLoginAttempts( $userID );
00280
00281
00282 $user = false;
00283 return $user;
00284 }
00285
00286 if( !$password )
00287 {
00288 $password = crypt( microtime() );
00289 }
00290
00291
00292 if ( !@ldap_bind( $ds, $info[0]['dn'], $password ) )
00293 {
00294
00295 if ( isset( $userID ) )
00296 eZUser::setFailedLoginAttempts( $userID );
00297
00298 $user = false;
00299 return $user;
00300 }
00301
00302 $extraNodeAssignments = array();
00303 $userGroupClassID = $ini->variable( "UserSettings", "UserGroupClassID" );
00304
00305
00306 if ( $LDAPUserGroupType != null )
00307 {
00308 if ( $LDAPUserGroupType == "name" )
00309 {
00310 if ( is_array( $LDAPUserGroup ) )
00311 {
00312 foreach ( array_keys( $LDAPUserGroup ) as $key )
00313 {
00314 $groupName = $LDAPUserGroup[$key];
00315 $groupQuery = "SELECT ezcontentobject_tree.node_id
00316 FROM ezcontentobject, ezcontentobject_tree
00317 WHERE ezcontentobject.name like '$groupName'
00318 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id
00319 AND ezcontentobject.contentclass_id=$userGroupClassID";
00320 $groupObject = $db->arrayQuery( $groupQuery );
00321 if ( count( $groupObject ) > 0 and $key == 0 )
00322 {
00323 $defaultUserPlacement = $groupObject[0]['node_id'];
00324 }
00325 else if ( count( $groupObject ) > 0 )
00326 {
00327 $extraNodeAssignments[] = $groupObject[0]['node_id'];
00328 }
00329 }
00330 }
00331 else
00332 {
00333 $groupName = $LDAPUserGroup;
00334 $groupQuery = "SELECT ezcontentobject_tree.node_id
00335 FROM ezcontentobject, ezcontentobject_tree
00336 WHERE ezcontentobject.name like '$groupName'
00337 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id
00338 AND ezcontentobject.contentclass_id=$userGroupClassID";
00339 $groupObject = $db->arrayQuery( $groupQuery );
00340
00341 if ( count( $groupObject ) > 0 )
00342 {
00343 $defaultUserPlacement = $groupObject[0]['node_id'];
00344 }
00345 }
00346 }
00347 else if ( $LDAPUserGroupType == "id" )
00348 {
00349 if ( is_array( $LDAPUserGroup ) )
00350 {
00351 foreach ( array_keys( $LDAPUserGroup ) as $key )
00352 {
00353 $groupID = $LDAPUserGroup[$key];
00354 $groupQuery = "SELECT ezcontentobject_tree.node_id
00355 FROM ezcontentobject, ezcontentobject_tree
00356 WHERE ezcontentobject.id='$groupID'
00357 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id
00358 AND ezcontentobject.contentclass_id=$userGroupClassID";
00359 $groupObject = $db->arrayQuery( $groupQuery );
00360 if ( count( $groupObject ) > 0 and $key == 0 )
00361 {
00362 $defaultUserPlacement = $groupObject[0]['node_id'];
00363 }
00364 else if ( count( $groupObject ) > 0 )
00365 {
00366 $extraNodeAssignments[] = $groupObject[0]['node_id'];
00367 }
00368 }
00369 }
00370 else
00371 {
00372 $groupID = $LDAPUserGroup;
00373 $groupQuery = "SELECT ezcontentobject_tree.node_id
00374 FROM ezcontentobject, ezcontentobject_tree
00375 WHERE ezcontentobject.id='$groupID'
00376 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id
00377 AND ezcontentobject.contentclass_id=$userGroupClassID";
00378 $groupObject = $db->arrayQuery( $groupQuery );
00379
00380 if ( count( $groupObject ) > 0 )
00381 {
00382 $defaultUserPlacement = $groupObject[0]['node_id'];
00383 }
00384 }
00385 }
00386 }
00387
00388 $adminUser = eZUser::fetchByName( 'admin' );
00389 $adminUserContentObjectID = $adminUser->attribute( 'contentobject_id' );
00390
00391
00392 $LDAPGroupMappingType = $LDAPIni->variable( 'LDAPSettings', 'LDAPGroupMappingType' );
00393 $LDAPUserGroupMap = $LDAPIni->variable( 'LDAPSettings', 'LDAPUserGroupMap' );
00394
00395 if ( !is_array( $LDAPUserGroupMap ) )
00396 $LDAPUserGroupMap = array();
00397
00398
00399 $ByMemberAttribute = 'SimpleMapping';
00400 $ByMemberAttributeHierarhicaly = 'GetGroupsTree';
00401 $ByGroupAttribute = 'UseGroupAttribute';
00402 $groupMappingTypes = array( $ByMemberAttribute,
00403 $ByMemberAttributeHierarhicaly,
00404 $ByGroupAttribute);
00405
00406 $userData =& $info[ 0 ];
00407
00408
00409 if ( !in_array( $LDAPGroupMappingType, $groupMappingTypes ) )
00410 {
00411 $LDAPGroupMappingType = $ByGroupAttribute;
00412 }
00413
00414 if ( $LDAPGroupMappingType == $ByMemberAttribute or
00415 $LDAPGroupMappingType == $ByMemberAttributeHierarhicaly )
00416 {
00417 $LDAPGroupBaseDN = $LDAPIni->variable( 'LDAPSettings', 'LDAPGroupBaseDN' );
00418 $LDAPGroupClass = $LDAPIni->variable( 'LDAPSettings', 'LDAPGroupClass' );
00419
00420 $LDAPGroupNameAttribute = $LDAPIni->variable( 'LDAPSettings', 'LDAPGroupNameAttribute' );
00421 $LDAPGroupMemberAttribute = $LDAPIni->variable( 'LDAPSettings', 'LDAPGroupMemberAttribute' );
00422 $LDAPGroupDescriptionAttribute = $LDAPIni->variable( 'LDAPSettings', 'LDAPGroupDescriptionAttribute' );
00423
00424 $groupSearchingDepth = ( $LDAPGroupMappingType == '1' ) ? 1 : 1000;
00425
00426
00427 $requiredParams = array();
00428 $requiredParams[ 'LDAPLoginAttribute' ] = $LDAPLoginAttribute;
00429 $requiredParams[ 'LDAPGroupBaseDN' ] = $LDAPGroupBaseDN;
00430 $requiredParams[ 'LDAPGroupClass' ] = $LDAPGroupClass;
00431 $requiredParams[ 'LDAPGroupNameAttribute' ] = $LDAPGroupNameAttribute;
00432 $requiredParams[ 'LDAPGroupMemberAttribute' ] = $LDAPGroupMemberAttribute;
00433 $requiredParams[ 'LDAPGroupDescriptionAttribute' ] = $LDAPGroupDescriptionAttribute;
00434 $requiredParams[ 'ds' ] =& $ds;
00435 $requiredParams[ 'TopUserGroupNodeID' ] = 5;
00436
00437 $groupsTree = array();
00438 $stack = array();
00439 $newfilter = '(&(objectClass=' . $LDAPGroupClass . ')(' . $LDAPGroupMemberAttribute . '=' . $userData['dn'] . '))';
00440
00441 $groupsTree[ $userData['dn'] ] = array( 'data' => & $userData,
00442 'parents' => array(),
00443 'children' => array() );
00444
00445 eZLDAPUser::getUserGroupsTree( $requiredParams, $newfilter, $userData['dn'], $groupsTree, $stack, $groupSearchingDepth );
00446 $userRecord =& $groupsTree[ $userData['dn'] ];
00447
00448 if ( $LDAPGroupMappingType == $ByMemberAttribute )
00449 {
00450 if ( count( $userRecord[ 'parents' ] ) > 0 )
00451 {
00452 $remappedGroupNames = array();
00453 foreach ( array_keys( $userRecord[ 'parents' ] ) as $key )
00454 {
00455 $parentGroup =& $userRecord[ 'parents' ][ $key ];
00456 if ( isset( $parentGroup[ 'data' ][ $LDAPGroupNameAttribute ] ) )
00457 {
00458 $ldapGroupName = $parentGroup[ 'data' ][ $LDAPGroupNameAttribute ];
00459 if ( is_array( $ldapGroupName ) )
00460 {
00461 $ldapGroupName = ( $ldapGroupName[ 'count' ] > 0 ) ? $ldapGroupName[ 0 ] : '';
00462 }
00463
00464
00465 if ( array_key_exists( $ldapGroupName, $LDAPUserGroupMap ) )
00466 {
00467 $remmapedGroupName = $LDAPUserGroupMap[ $ldapGroupName ];
00468 $groupQuery = "SELECT ezcontentobject_tree.node_id
00469 FROM ezcontentobject, ezcontentobject_tree
00470 WHERE ezcontentobject.name like '$remmapedGroupName'
00471 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id
00472 AND ezcontentobject.contentclass_id=$userGroupClassID";
00473 $groupRow = $db->arrayQuery( $groupQuery );
00474
00475 if ( count( $groupRow ) > 0 )
00476 {
00477 $userRecord['new_parents'][] = $groupRow[ 0 ][ 'node_id' ];
00478 }
00479 }
00480 }
00481 }
00482 }
00483 }
00484 else if ( $LDAPGroupMappingType == $ByMemberAttributeHierarhicaly )
00485 {
00486 eZUser::setCurrentlyLoggedInUser( $adminUser, $adminUserContentObjectID );
00487
00488 $stack = array();
00489 goAndPublishGroups( $requiredParams, $userData['dn'], $groupsTree, $stack, $groupSearchingDepth, true );
00490 }
00491 if ( isset( $userRecord['new_parents'] ) and
00492 count( $userRecord['new_parents'] ) > 0 )
00493 {
00494 $defaultUserPlacement = $userRecord['new_parents'][0];
00495 $extraNodeAssignments = array_merge( $extraNodeAssignments, $userRecord['new_parents'] );
00496 }
00497 }
00498 else if ( $LDAPGroupMappingType == $ByGroupAttribute )
00499 {
00500 if ( $LDAPUserGroupAttributeType )
00501 {
00502 $groupAttributeCount = $info[0][$LDAPUserGroupAttribute]['count'];
00503 if ( $LDAPUserGroupAttributeType == "name" )
00504 {
00505 for ( $i = 0; $i < $groupAttributeCount; $i++ )
00506 {
00507 if ( $isUtf8Encoding )
00508 {
00509 $groupName = utf8_decode( $info[0][$LDAPUserGroupAttribute][$i] );
00510 }
00511 else
00512 {
00513 $groupName = $info[0][$LDAPUserGroupAttribute][$i];
00514 }
00515 if ( $groupName != null )
00516 {
00517 $groupQuery = "SELECT ezcontentobject_tree.node_id
00518 FROM ezcontentobject, ezcontentobject_tree
00519 WHERE ezcontentobject.name like '$groupName'
00520 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id
00521 AND ezcontentobject.contentclass_id=$userGroupClassID";
00522 $groupObject = $db->arrayQuery( $groupQuery );
00523
00524 if ( count( $groupObject ) > 0 and $i == 0 )
00525 {
00526 $defaultUserPlacement = $groupObject[0]['node_id'];
00527 }
00528 else if ( count( $groupObject ) > 0 )
00529 {
00530 $extraNodeAssignments[] = $groupObject[0]['node_id'];
00531 }
00532 }
00533 }
00534 }
00535 else if ( $LDAPUserGroupAttributeType == "id" )
00536 {
00537 for ( $i = 0; $i < $groupAttributeCount; $i++ )
00538 {
00539 if ( $isUtf8Encoding )
00540 {
00541 $groupID = utf8_decode( $info[0][$LDAPUserGroupAttribute][$i] );
00542 }
00543 else
00544 {
00545 $groupID = $info[0][$LDAPUserGroupAttribute][$i];
00546 }
00547
00548 if ( $groupID != null )
00549 {
00550 $groupName = "LDAP " . $groupID;
00551 $groupQuery = "SELECT ezcontentobject_tree.node_id
00552 FROM ezcontentobject, ezcontentobject_tree
00553 WHERE ezcontentobject.name like '$groupName'
00554 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id
00555 AND ezcontentobject.contentclass_id=$userGroupClassID";
00556 $groupObject = $db->arrayQuery( $groupQuery );
00557
00558 if ( count( $groupObject ) > 0 and $i == 0 )
00559 {
00560 $defaultUserPlacement = $groupObject[0]['node_id'];
00561 }
00562 else if ( count( $groupObject ) > 0 )
00563 {
00564 $extraNodeAssignments[] = $groupObject[0]['node_id'];
00565 }
00566 }
00567 }
00568 }
00569 }
00570 }
00571
00572 $userAttributes = array( 'login' => $login,
00573 'first_name' => isset( $userData[ $LDAPFirstNameAttribute ] ) ? $userData[ $LDAPFirstNameAttribute ][0] : false,
00574 'last_name' => isset( $userData[ $LDAPLastNameAttribute ] ) ? $userData[ $LDAPLastNameAttribute ][0] : false,
00575 'email' => isset( $userData[ $LDAPEmailAttribute ] ) ? $userData[ $LDAPEmailAttribute ][0] : false );
00576
00577 $oldUser = eZUser::currentUser();
00578 eZUser::setCurrentlyLoggedInUser( $adminUser, $adminUserContentObjectID );
00579 $existingUser = eZLDAPUser::publishUpdateUser( $extraNodeAssignments, $defaultUserPlacement, $userAttributes, $isUtf8Encoding );
00580
00581 if ( is_object( $existingUser ) )
00582 {
00583 eZUser::setCurrentlyLoggedInUser( $existingUser, $existingUser->attribute( 'contentobject_id' ) );
00584 }
00585 else
00586 {
00587 eZUser::setCurrentlyLoggedInUser( $oldUser, $oldUser->attribute( 'contentobject_id' ) );
00588 }
00589
00590 ldap_close( $ds );
00591 return $existingUser;
00592 }
00593 else
00594 {
00595 eZDebug::writeError( 'Cannot initialize connection for LDAP server', 'eZLDAPUser::loginUser()' );
00596 $user = false;
00597 return $user;
00598 }
00599 }
00600 else
00601 {
00602
00603 if ( isset( $userID ) )
00604 eZUser::setFailedLoginAttempts( $userID );
00605
00606 $user = false;
00607 return $user;
00608 }
00609 }
00610
00611
00612
00613
00614
00615 function publishUpdateUser( $parentNodeIDs, $defaultUserPlacement, $userAttributes, $isUtf8Encoding = false )
00616 {
00617 $thisFunctionErrorLabel = 'eZLDAPUser.php, function publishUpdateUser()';
00618
00619 if ( !is_array( $userAttributes ) or
00620 !isset( $userAttributes[ 'login' ] ) or empty( $userAttributes[ 'login' ] ) )
00621 {
00622 eZDebug::writeWarning( 'Empty user login passed.',
00623 $thisFunctionErrorLabel );
00624 return false;
00625 }
00626
00627 if ( ( !is_array( $parentNodeIDs ) or count( $parentNodeIDs ) < 1 ) and
00628 !is_numeric( $defaultUserPlacement ) )
00629 {
00630 eZDebug::writeWarning( 'No one parent node IDs was passed for publishing new user (login = "' .
00631 $userAttributes[ 'login' ] . '")',
00632 $thisFunctionErrorLabel );
00633 return false;
00634 }
00635 $parentNodeIDs[] = $defaultUserPlacement;
00636 $parentNodeIDs = array_unique( $parentNodeIDs );
00637
00638
00639 $login = $userAttributes[ 'login' ];
00640 $first_name = $userAttributes[ 'first_name' ];
00641 $last_name = $userAttributes[ 'last_name' ];
00642 $email = $userAttributes[ 'email' ];
00643
00644 $user = eZUser::fetchByName( $login );
00645 $createNewUser = ( is_object( $user ) ) ? false : true;
00646
00647 if ( $createNewUser )
00648 {
00649 if ( !isset( $first_name ) or empty( $first_name ) or
00650 !isset( $last_name ) or empty( $last_name ) or
00651 !isset( $email ) or empty( $email ) )
00652 {
00653 eZDebug::writeWarning( 'Cannot create user with empty first name (last name or email).',
00654 $thisFunctionErrorLabel );
00655 return false;
00656 }
00657
00658 $ini =& eZINI::instance();
00659 $userClassID = $ini->variable( "UserSettings", "UserClassID" );
00660 $userCreatorID = $ini->variable( "UserSettings", "UserCreatorID" );
00661 $defaultSectionID = $ini->variable( "UserSettings", "DefaultSectionID" );
00662
00663 $class = eZContentClass::fetch( $userClassID );
00664 $contentObject = $class->instantiate( $userCreatorID, $defaultSectionID );
00665
00666 $remoteID = "LDAP_" . $login;
00667 $contentObject->setAttribute( 'remote_id', $remoteID );
00668 $contentObject->store();
00669
00670 $userID = $contentObjectID = $contentObject->attribute( 'id' );
00671
00672 $version =& $contentObject->version( 1 );
00673 $version->setAttribute( 'modified', time() );
00674 $version->setAttribute( 'status', EZ_VERSION_STATUS_DRAFT );
00675 $version->store();
00676
00677 $user = eZLDAPUser::create( $userID );
00678 $user->setAttribute( 'login', $login );
00679 }
00680 else
00681 {
00682 $userID = $contentObjectID = $user->attribute( 'contentobject_id' );
00683 $contentObject =& eZContentObject::fetch( $userID );
00684 $version =& $contentObject->attribute( 'current' );
00685
00686 }
00687
00688
00689 $contentObjectAttributes =& $version->contentObjectAttributes();
00690
00691
00692 $firstNameIdentifier = 'first_name';
00693 $lastNameIdentifier = 'last_name';
00694 $firstNameAttribute = null;
00695 $lastNameAttribute = null;
00696
00697 foreach( array_keys( $contentObjectAttributes ) as $key )
00698 {
00699 $attribute =& $contentObjectAttributes[ $key ];
00700 if ( $attribute->attribute( 'contentclass_attribute_identifier' ) == $firstNameIdentifier )
00701 $firstNameAttribute =& $attribute;
00702 else
00703 if ( $attribute->attribute( 'contentclass_attribute_identifier' ) == $lastNameIdentifier )
00704 $lastNameAttribute =& $attribute;
00705 }
00706 if ( $firstNameAttribute )
00707 {
00708 if ( $isUtf8Encoding )
00709 $first_name = utf8_decode( $first_name );
00710 $firstNameAttribute->setAttribute( 'data_text', $first_name );
00711 $firstNameAttribute->store();
00712 }
00713 if ( $lastNameAttribute )
00714 {
00715 if ( $isUtf8Encoding )
00716 $last_name = utf8_decode( $last_name );
00717 $lastNameAttribute->setAttribute( 'data_text', $last_name );
00718 $lastNameAttribute->store();
00719 }
00720
00721 $contentClass =& $contentObject->attribute( 'content_class' );
00722 $name = $contentClass->contentObjectName( $contentObject );
00723 $contentObject->setName( $name );
00724
00725 $user->setAttribute( 'email', $email );
00726 $user->setAttribute( 'password_hash', "" );
00727 $user->setAttribute( 'password_hash_type', 0 );
00728 $user->store();
00729
00730
00731 if ( $createNewUser )
00732 {
00733 reset( $parentNodeIDs );
00734
00735
00736 foreach( $parentNodeIDs as $parentNodeID )
00737 {
00738 $newNodeAssignment = eZNodeAssignment::create( array( 'contentobject_id' => $contentObjectID,
00739 'contentobject_version' => 1,
00740 'parent_node' => $parentNodeID,
00741 'is_main' => ( $defaultUserPlacement == $parentNodeID ? 1 : 0 ) ) );
00742 $newNodeAssignment->setAttribute( 'parent_remote_id', "LDAP_" . $parentNodeID );
00743 $newNodeAssignment->store();
00744 }
00745
00746
00747
00748
00749 include_once( 'lib/ezutils/classes/ezoperationhandler.php' );
00750 $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $contentObjectID,
00751 'version' => 1 ) );
00752 }
00753 else
00754 {
00755 $LDAPIni =& eZINI::instance( 'ldap.ini' );
00756 $keepGroupAssignment = ( $LDAPIni->hasVariable( 'LDAPSettings', 'KeepGroupAssignment' ) ) ?
00757 ( $LDAPIni->variable( 'LDAPSettings', 'KeepGroupAssignment' ) == "enabled" ) : false;
00758
00759 if ( $keepGroupAssignment == false )
00760 {
00761 $parentNodeID = $contentObject->attribute( 'main_parent_node_id' );
00762 if ( $defaultUserPlacement != $parentNodeID )
00763 {
00764
00765
00766
00767
00768 $nodeAssignmentList =& $version->nodeAssignments();
00769 $isAssignmentExist = false;
00770 foreach ( array_keys( $nodeAssignmentList ) as $nodeAssignmentKey )
00771 {
00772 $nodeAssignment =& $nodeAssignmentList[$nodeAssignmentKey];
00773 if ( $defaultUserPlacement == $nodeAssignment->attribute( 'parent_node' ) )
00774 {
00775 $isAssignmentExist = true;
00776 break;
00777 }
00778 }
00779
00780 if ( $isAssignmentExist )
00781 {
00782
00783 $existingNode = eZContentObjectTreeNode::fetchNode( $contentObjectID, $defaultUserPlacement );
00784 if ( !is_object( $existingNode ) )
00785 {
00786 eZDebug::writeError( "Cannot find assigned node as $defaultUserPlacement's child.",
00787 'kernel/classes/datatypes/ezuser/ezldapuser' );
00788 }
00789 else
00790 {
00791 $existingNodeID = $existingNode->attribute( 'node_id' );
00792 $versionNum = $version->attribute( 'version' );
00793 eZContentObjectTreeNode::updateMainNodeID( $existingNodeID, $contentObjectID, $versionNum, $defaultUserPlacement );
00794 }
00795 }
00796 else
00797 {
00798 $mainNodeID = $contentObject->attribute( 'main_node_id' );
00799 $mainNode = eZContentObjectTreeNode::fetch( $mainNodeID );
00800
00801 if ( !$mainNode->canMoveFrom() )
00802 {
00803 eZDebug::writeError( "Cannot move node $mainNodeID.",
00804 'kernel/classes/datatypes/ezuser/ezldapuser' );
00805 }
00806 $newParentNode = eZContentObjectTreeNode::fetch( $defaultUserPlacement );
00807
00808 if ( in_array( $mainNodeID, $newParentNode->pathArray() ) )
00809 {
00810 eZDebug::writeError( "Cannot move node $mainNodeID as child of itself or one of its own children (node $defaultUserPlacement).",
00811 'kernel/classes/datatypes/ezuser/ezldapuser' );
00812 }
00813 else
00814 {
00815 include_once( 'kernel/classes/ezcontentobjecttreenodeoperations.php' );
00816 if ( !eZContentObjectTreeNodeOperations::move( $mainNodeID, $defaultUserPlacement ) )
00817 {
00818 eZDebug::writeError( "Failed to move node $mainNodeID as child of parent node $defaultUserPlacement",
00819 'kernel/classes/datatypes/ezuser/ezldapuser' );
00820 }
00821 }
00822 }
00823 }
00824 }
00825 }
00826
00827 eZUser::updateLastVisit( $userID );
00828
00829
00830 eZUser::setFailedLoginAttempts( $userID, 0 );
00831 return $user;
00832 }
00833
00834
00835
00836
00837
00838
00839 function publishNewUserGroup( $parentNodeIDs, $newGroupAttributes, $isUtf8Encoding = false )
00840 {
00841 $thisFunctionErrorLabel = 'eZLDAPUser.php, function publishNewUserGroup()';
00842 $newNodeIDs = array();
00843
00844 if ( !is_array( $newGroupAttributes ) or
00845 !isset( $newGroupAttributes[ 'name' ] ) or
00846 empty( $newGroupAttributes[ 'name' ] ) )
00847 {
00848 eZDebug::writeWarning( 'Cannot create user group with empty name.',
00849 $thisFunctionErrorLabel );
00850 return $newNodeIDs;
00851 }
00852 if ( !is_array( $parentNodeIDs ) or count( $parentNodeIDs ) < 1 )
00853 {
00854 eZDebug::writeWarning( 'No one parent node IDs was passed for publishing new group (group name = "' .
00855 $newGroupAttributes[ 'name' ] . '")',
00856 $thisFunctionErrorLabel );
00857 return $newNodeIDs;
00858 }
00859
00860 $ini =& eZINI::instance();
00861 $userGroupClassID = $ini->variable( "UserSettings", "UserGroupClassID" );
00862 $userCreatorID = $ini->variable( "UserSettings", "UserCreatorID" );
00863 $defaultSectionID = $ini->variable( "UserSettings", "DefaultSectionID" );
00864
00865 $userGroupClass = eZContentClass::fetch( $userGroupClassID );
00866 $contentObject = $userGroupClass->instantiate( $userCreatorID, $defaultSectionID );
00867
00868 $remoteID = "LDAP_" . $newGroupAttributes[ 'name' ];
00869 $contentObject->setAttribute( 'remote_id', $remoteID );
00870 $contentObject->store();
00871
00872 $contentObjectID = $contentObject->attribute( 'id' );
00873
00874 reset( $parentNodeIDs );
00875 $defaultPlacement = current( $parentNodeIDs );
00876 array_shift( $parentNodeIDs );
00877
00878 $nodeAssignment = eZNodeAssignment::create( array( 'contentobject_id' => $contentObjectID,
00879 'contentobject_version' => 1,
00880 'parent_node' => $defaultPlacement,
00881 'is_main' => 1 ) );
00882 $nodeAssignment->setAttribute( 'parent_remote_id', "LDAP_" . $defaultPlacement );
00883 $nodeAssignment->store();
00884
00885 foreach( $parentNodeIDs as $parentNodeID )
00886 {
00887 $newNodeAssignment = eZNodeAssignment::create( array( 'contentobject_id' => $contentObjectID,
00888 'contentobject_version' => 1,
00889 'parent_node' => $parentNodeID,
00890 'is_main' => 0 ) );
00891 $newNodeAssignment->setAttribute( 'parent_remote_id', "LDAP_" . $parentNodeID );
00892 $newNodeAssignment->store();
00893 }
00894
00895 $version =& $contentObject->version( 1 );
00896 $version->setAttribute( 'modified', time() );
00897 $version->setAttribute( 'status', EZ_VERSION_STATUS_DRAFT );
00898 $version->store();
00899
00900 $contentObjectAttributes =& $version->contentObjectAttributes();
00901
00902
00903 $nameIdentifier = 'name';
00904 $descIdentifier = 'description';
00905 $nameContentAttribute = null;
00906 $descContentAttribute = null;
00907 foreach( array_keys( $contentObjectAttributes ) as $key )
00908 {
00909 $attribute =& $contentObjectAttributes[ $key ];
00910 if ( $attribute->attribute( 'contentclass_attribute_identifier' ) == $nameIdentifier )
00911 {
00912 $nameContentAttribute =& $attribute;
00913 } else
00914 if ( $attribute->attribute( 'contentclass_attribute_identifier' ) == $descIdentifier )
00915 {
00916 $descContentAttribute =& $attribute;
00917 }
00918 }
00919 if ( $nameContentAttribute )
00920 {
00921 if ( $isUtf8Encoding )
00922 $newGroupAttributes[ 'name' ] = utf8_decode( $newGroupAttributes[ 'name' ] );
00923 $nameContentAttribute->setAttribute( 'data_text', $newGroupAttributes[ 'name' ] );
00924 $nameContentAttribute->store();
00925 }
00926 if ( $descContentAttribute and
00927 isset( $newGroupAttributes[ 'description' ] ) )
00928 {
00929 if ( $isUtf8Encoding )
00930 $newGroupAttributes[ 'description' ] = utf8_decode( $newGroupAttributes[ 'description' ] );
00931 $descContentAttribute->setAttribute( 'data_text', $newGroupAttributes[ 'description' ] );
00932 $descContentAttribute->store();
00933 }
00934
00935 include_once( 'lib/ezutils/classes/ezoperationhandler.php' );
00936 $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $contentObjectID,
00937 'version' => 1 ) );
00938 $newNodes = eZContentObjectTreeNode::fetchByContentObjectID( $contentObjectID, true, 1 );
00939 foreach ( array_keys( $newNodes ) as $key )
00940 {
00941 $newNode =& $newNodes[ $key ];
00942 $newNodeIDs[] = $newNode->attribute( 'node_id' );
00943 }
00944
00945 return $newNodeIDs;
00946 }
00947
00948
00949
00950
00951
00952 function goAndPublishGroups( &$requiredParams,
00953 $curDN,
00954 &$groupsTree,
00955 &$stack,
00956 $depth,
00957 $isUser = false )
00958 {
00959 $thisFunctionErrorLabel = 'eZLDAPUser.php, function goAndPublishGroups()';
00960 if ( !isset( $groupsTree[ $curDN ] ) )
00961 {
00962 eZDebug::writeError( 'Passed $curDN is not in result tree array.',
00963 $thisFunctionErrorLabel );
00964 return false;
00965 }
00966
00967 array_push( $stack, $curDN );
00968 $current =& $groupsTree[ $curDN ];
00969
00970
00971 if ( $isUser )
00972 {
00973 $currentName = $current[ 'data' ][ $requiredParams[ 'LDAPLoginAttribute' ] ];
00974 }
00975 else
00976 {
00977 $currentName = $current[ 'data' ][ $requiredParams[ 'LDAPGroupNameAttribute' ] ];
00978 }
00979
00980 if ( is_array( $currentName ) and
00981 isset( $currentName[ 'count' ] ) and $currentName[ 'count' ] > 0 )
00982 {
00983 $currentName = $currentName[ 0 ];
00984 }
00985
00986 if ( empty( $currentName ) )
00987 {
00988 eZDebug::writeWarning( "Cannot create/use group with empty name (dn = $curDN)",
00989 $thisFunctionErrorLabel );
00990 return false;
00991 }
00992
00993
00994 if ( is_array( $current['parents'] ) and count( $current['parents'] ) > 0 )
00995 {
00996 foreach( array_keys( $current['parents'] ) as $key )
00997 {
00998 $parent =& $groupsTree[ $key ];
00999
01000 if ( in_array( $parent['data']['dn'], $stack ) )
01001 {
01002 $groupsTree[ '_recursion_detected_' ] = true;
01003 eZDebug::writeError( 'Recursion is detected in the user-groups tree while getting parent groups for ' . $curDN,
01004 $thisFunctionErrorLabel );
01005 return false;
01006 }
01007 if ( isset( $parent[ 'nodes' ] ) and count( $parent[ 'nodes' ] ) > 0 )
01008 {
01009 continue;
01010 }
01011 $ret = goAndPublishGroups( $requiredParams,
01012 $parent['data']['dn'],
01013 $groupsTree,
01014 $stack,
01015 $depth - 1 );
01016 if ( isset( $groupsTree[ '_recursion_detected_' ] ) and $groupsTree[ '_recursion_detected_' ] )
01017 {
01018 return false;
01019 }
01020 }
01021 }
01022 else
01023 {
01024
01025 if ( !isset( $groupsTree[ 'root' ] ) )
01026 {
01027 $groupsTree[ 'root' ] = array( 'data' => null,
01028 'parents' => null,
01029 'children' => array(),
01030 'nodes' => array( $requiredParams[ 'TopUserGroupNodeID' ] ) );
01031 }
01032 if ( !isset( $groupsTree[ 'root' ][ 'children' ][ $curDN ] ) )
01033 $groupsTree[ 'root' ][ 'children' ][ $curDN ] =& $current;
01034 if ( !isset( $current[ 'parents' ][ 'root' ] ) )
01035 $current[ 'parents' ][ 'root' ] =& $groupsTree[ 'root' ];
01036 }
01037
01038 if ( !isset( $current[ 'nodes' ] ) )
01039 $current[ 'nodes' ] = array();
01040
01041 $parentNodesForNew = array();
01042 foreach( array_keys( $current[ 'parents' ] ) as $key )
01043 {
01044 $parent =& $groupsTree[ $key ];
01045 if ( is_array( $parent[ 'nodes' ] ) and count( $parent[ 'nodes' ] ) > 0 )
01046 {
01047 foreach ( $parent[ 'nodes' ] as $parentNodeID )
01048 {
01049
01050 $parentNode = eZContentObjectTreeNode::fetch( $parentNodeID );
01051 if ( is_object( $parentNode ) )
01052 {
01053 $params = array( 'Depth' => 1,
01054 'AttributeFilter' => array( array( 'name', '=', $currentName ) ) );
01055 $nodes =& eZContentObjectTreeNode::subTree( $params, $parentNodeID );
01056
01057 if ( is_array( $nodes ) and count( $nodes ) > 0 and !$isUser )
01058 {
01059
01060
01061 $node =& $nodes[ 0 ];
01062 $nodeID = $node->attribute( 'node_id' );
01063 $current[ 'nodes' ][] = $nodeID;
01064 }
01065 else
01066 {
01067
01068 $parentNodesForNew[] = $parentNodeID;
01069 }
01070 }
01071 else
01072 {
01073 eZDebug::writeError( 'Cannot fetch parent node for creating new user group ' . $parentNodeID,
01074 $thisFunctionErrorLabel );
01075 }
01076 }
01077 }
01078 else
01079 {
01080 eZDebug::writeError( "Cannot get any published parent group for group/user with name = '$currentName'" .
01081 " (dn = '" . $current[ 'data' ]['dn'] . "')",
01082 $thisFunctionErrorLabel );
01083 }
01084 }
01085
01086 if ( count( $parentNodesForNew ) > 0 )
01087 {
01088 if ( $isUser )
01089 {
01090 $current[ 'new_parents' ] = $parentNodesForNew;
01091 $newNodeIDs = array();
01092 }
01093 else
01094 {
01095 $newNodeIDs = eZLDAPUser::publishNewUserGroup( $parentNodesForNew, array( 'name' => $currentName,
01096 'description' => '' ) );
01097 }
01098 $current[ 'nodes' ] = array_merge( $current[ 'nodes' ], $newNodeIDs );
01099 }
01100
01101 array_pop( $stack );
01102 return true;
01103 }
01104
01105
01106
01107
01108
01109 function getUserGroupsTree( &$requiredParams,
01110 $filter,
01111 $curDN,
01112 &$groupsTree,
01113 &$stack,
01114 $depth = 0 )
01115 {
01116 if ( $depth == 0 )
01117 {
01118 return false;
01119 }
01120 $thisFunctionErrorLabel = 'eZLDAPUser.php, function getUserGroupsTree()';
01121
01122 if ( !isset( $requiredParams[ 'LDAPGroupBaseDN' ] ) or empty( $requiredParams[ 'LDAPGroupBaseDN' ] ) or
01123 !isset( $requiredParams[ 'LDAPGroupClass' ] ) or empty( $requiredParams[ 'LDAPGroupClass' ] ) or
01124 !isset( $requiredParams[ 'LDAPGroupNameAttribute' ] ) or empty( $requiredParams[ 'LDAPGroupNameAttribute' ] ) or
01125 !isset( $requiredParams[ 'LDAPGroupMemberAttribute' ] ) or empty( $requiredParams[ 'LDAPGroupMemberAttribute' ] ) or
01126 !isset( $requiredParams[ 'ds' ] ) or !$requiredParams[ 'ds' ] )
01127 {
01128 eZDebug::writeError( 'Missing one of required parameters.',
01129 $thisFunctionErrorLabel );
01130 return false;
01131 }
01132 if ( !isset( $groupsTree[ $curDN ] ) )
01133 {
01134 eZDebug::writeError( 'Passed $curDN is not in result tree array. Algorithm\'s usage error.',
01135 $thisFunctionErrorLabel );
01136 return false;
01137 }
01138 array_push( $stack, $curDN );
01139
01140 $LDAPGroupBaseDN =& $requiredParams[ 'LDAPGroupBaseDN' ];
01141 $LDAPGroupClass =& $requiredParams[ 'LDAPGroupClass' ];
01142 $LDAPGroupNameAttribute =& $requiredParams[ 'LDAPGroupNameAttribute' ];
01143 $LDAPGroupMemberAttribute =& $requiredParams[ 'LDAPGroupMemberAttribute' ];
01144 $LDAPGroupDescriptionAttribute =& $requiredParams[ 'LDAPGroupDescriptionAttribute' ];
01145 $ds =& $requiredParams[ 'ds' ];
01146
01147 $current =& $groupsTree[ $curDN ];
01148
01149 $retrieveAttributes = array( $LDAPGroupNameAttribute,
01150 $LDAPGroupMemberAttribute );
01151 $sr = ldap_search( $ds, $LDAPGroupBaseDN, $filter, $retrieveAttributes );
01152 $entries = ldap_get_entries( $ds, $sr );
01153
01154 if ( is_array( $entries ) and
01155 isset( $entries[ 'count' ] ) and $entries[ 'count' ] > 0 )
01156 {
01157 $newfilter = '(&(objectClass=' . $LDAPGroupClass . ')';
01158
01159 for ( $i = 0; $i < $entries[ 'count' ]; $i++ )
01160 {
01161 $parent =& $entries[ $i ];
01162 if ( is_null( $parent ) )
01163 continue;
01164
01165 $parentDN =& $parent['dn'];
01166 if ( in_array( $parentDN, $stack ) )
01167 {
01168 $requiredParams[ 'LDAPGroupNameAttribute' ];
01169
01170 eZDebug::writeError( 'Recursion is detected in the user-groups tree while getting parent groups for ' . $curDN,
01171 $thisFunctionErrorLabel );
01172 $groupsTree[ '_recursion_detected_' ] = true;
01173 return false;
01174 }
01175
01176 if ( !isset( $groupsTree[ $parentDN ] ) )
01177 {
01178 $groupsTree[ $parentDN ] = array( 'data' => $parent,
01179 'parents' => array(),
01180 'children' => array() );
01181 }
01182 $groupsTree[ $parentDN ][ 'children' ][ $curDN ] =& $current;
01183 $current[ 'parents' ][ $parentDN ] =& $groupsTree[ $parentDN ];
01184 $newfilter1 = $newfilter . '(' . $LDAPGroupMemberAttribute . '=' . $parentDN . '))';
01185 $ret = eZLDAPUser::getUserGroupsTree( $requiredParams,
01186 $newfilter1,
01187 $parentDN,
01188 $groupsTree,
01189 $stack,
01190 $depth - 1 );
01191 if ( isset( $groupsTree[ '_recursion_detected_' ] ) and
01192 $groupsTree[ '_recursion_detected_' ] )
01193 {
01194 return false;
01195 }
01196 }
01197 }
01198 else
01199 {
01200
01201 if ( !isset( $groupsTree[ 'root' ] ) )
01202 {
01203 $groupsTree[ 'root' ] = array( 'data' => null,
01204 'parents' => null,
01205 'children' => array(),
01206 'nodes' => array( $requiredParams[ 'TopUserGroupNodeID' ] ) );
01207 }
01208 if ( !isset( $groupsTree[ 'root' ][ 'children' ][ $curDN ] ) )
01209 $groupsTree[ 'root' ][ 'children' ][ $curDN ] =& $current;
01210 if ( !isset( $current[ 'parents' ][ 'root' ] ) )
01211 $current[ 'parents' ][ 'root' ] =& $groupsTree[ 'root' ];
01212 }
01213
01214 array_pop( $stack );
01215 return true;
01216 }
01217
01218
01219 }
01220
01221 ?>
