Skip to content

Metagroups #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
fabianlipp wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Metagroups #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5735a16
Introduce metagroups to add multiple groups
fabianlipp Jan 5, 2019
5f0cea4
Missing file
fabianlipp Jan 5, 2019
3e8188a
Handled TODO comments
fabianlipp Jan 5, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion addUser.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,11 @@
require_once(BASE_PATH . 'helpers.inc.php');
require_once(BASE_PATH . 'classes/user.inc.php');
require_once(BASE_PATH . 'classes/group.inc.php');
require_once(BASE_PATH . 'classes/metagroup.inc.php');
session_start();

$ldapconn = ldap_bind_session();
$metagroups = Metagroup::readMetagroups($ldapconn);
$groupOus = GroupOu::readGroupOus($ldapconn);
ldap_close($ldapconn);

Expand Down Expand Up @@ -102,7 +104,8 @@

<!-- Modal-Dialog zur Gruppenauswahl zum Hinzufügen -->
<usradm-group-add-modal
group-data="adduser.groupEditServ.groupData">
group-data="adduser.groupEditServ.groupData"
metagroup-data="adduser.groupEditServ.metagroupData">
</usradm-group-add-modal>

<usradm-send-email
Expand All @@ -113,6 +116,7 @@
</usradm-send-email>
</div>

<?php echoJsonDataAsScript("jsonMetagroups", $metagroups); ?>
<?php echoJsonDataAsScript("jsonGroups", $groupOus); ?>
<?php echoJsonDataAsScript("mailSettings", $mailSettings); ?>

Expand Down
44 changes: 35 additions & 9 deletions ajax/addUserGroup.json.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
require_once(BASE_PATH . 'ldap.inc.php');
require_once(BASE_PATH . 'classes/user.inc.php');
require_once(BASE_PATH . 'classes/group.inc.php');
require_once(BASE_PATH . 'classes/metagroup.inc.php');
session_start();

$postdata = file_get_contents("php://input");
Expand All @@ -19,21 +20,46 @@
http_response_code(400);
die("Missing parameter: groupdn");
}
$groupdn = $request['groupdn'];
$r_groupdn = $request['groupdn'];

if (!isset($request['isMetagroup'])) {
http_response_code(400);
die("Missing parameter: isMetagroup");
}
$isMetagroup = $request['isMetagroup'];

// read group from LDAP
$ldapconn = ldap_bind_session();
$group = Group::loadGroup($ldapconn, $groupdn);
$user = User::readUser($ldapconn, $userdn);

$groupDns = null;
if ($isMetagroup) {
$metagroup = Metagroup::loadMetagroup($ldapconn, $r_groupdn);
$groupDns = $metagroup->members;
} else {
$groupDns = array($r_groupdn);
}

$retval = array();
foreach ($groupDns as $groupDn) {
if (in_array($groupDn, $user->group_dns)) {
// user is in this group already
continue;
}
$group = Group::loadGroup($ldapconn, $groupDn);
if ($group->addUser($userdn) !== true) {
http_response_code(500);
$retval["detail"] = ldap_error($ldapconn);
$retval["message"] = "Could not write change to LDAP directory";
break;
}
}

if ($group->addUser($userdn) === true) {
// success
if (empty($retval)) {
// no problems occured
http_response_code(200);
} else {
http_response_code(500);
$retval["detail"] = ldap_error($ldapconn);
$retval["message"] = "Could not write change to LDAP directory";
$user = User::readUser($ldapconn, $userdn);
$user->loadGroupInformation();
$retval["user"] = $user;
}

ldap_close($ldapconn);
Expand Down
1 change: 0 additions & 1 deletion ajax/changeUserDetail.json.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@

$retval = array();

// check which field should be changed
if ($user->changeField($field, $newValue) === true) {
// success
http_response_code(200);
Expand Down
1 change: 0 additions & 1 deletion classes/group.inc.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,6 @@ private static function readFromLdapEntry($ldapconn, $entry) {
if (isset($att['cn']) && $att['cn']['count'] == 1) {
$newGroup->cn = $att['cn'][0];
}
$vals = ldap_get_values($ldapconn, $entry, "description");
if (isset($att['description']) && $att['description']['count'] == 1) {
$newGroup->description = $att['description'][0];
}
Expand Down
72 changes: 72 additions & 0 deletions classes/metagroup.inc.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
<?php

require_once(__DIR__ . '/../config.inc.php');

class Metagroup {
var $dn;
var $cn;
var $description;
var $members;

private $ldapconn;

const FILTER_METAGROUPS = "(objectclass=groupOfNames)";

public static function readMetagroups($ldapconn) {
if (METAGROUP_DN === false) {
return array();
}

$metagroups = array();
$search = ldap_list($ldapconn, METAGROUP_DN, Metagroup::FILTER_METAGROUPS,
array("cn", "description", "member"));
if (ldap_count_entries($ldapconn, $search) > 0) {
$entry = ldap_first_entry($ldapconn, $search);
do {
$metagroups[] = Metagroup::readFromLdapEntry($ldapconn, $entry);
} while ($entry = ldap_next_entry($ldapconn, $entry));
}
return $metagroups;
}



public static function loadMetagroup($ldapconn, $dn) {
$search = ldap_read($ldapconn, $dn, Metagroup::FILTER_METAGROUPS,
array("cn", "description", "member"));
if (ldap_count_entries($ldapconn, $search) > 0) {
$entry = ldap_first_entry($ldapconn, $search);

return Metagroup::readFromLdapEntry($ldapconn, $entry);
}
}



private static function readFromLdapEntry($ldapconn, $entry) {
$newMetagroup = new Metagroup();
$newMetagroup->dn = ldap_get_dn($ldapconn, $entry);

$att = ldap_get_attributes($ldapconn, $entry);
if (isset($att['cn']) && $att['cn']['count'] == 1) {
$newMetagroup->cn = $att['cn'][0];
}
if (isset($att['description']) && $att['description']['count'] == 1) {
$newMetagroup->description = $att['description'][0];
}
if (isset($att['member'])) {
$newMetagroup->members = [];
for($i = 0; $i < $att['member']['count']; $i++) {
$dn = $att['member'][$i];
$newMetagroup->members[] = $dn;
}
} else {
$newMetagroup->members = [];
}

$newMetagroup->ldapconn = $ldapconn;
return $newMetagroup;
}
}

?>
2 changes: 1 addition & 1 deletion classes/user.inc.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ class User {
var $displayName;
var $sn;
var $givenName;
private $group_dns;
var $group_dns;
var $groups = null;

private $ldapconn;
Expand Down
5 changes: 4 additions & 1 deletion config.inc.php.template
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,11 @@ define('BASE_IMPRESSUM_LINK', 'http://www.example.com/site.html');
define('LDAP_SERVER', 'ldaps://example.com/');
define('BASE_DN', 'dc=example,dc=com');
define('GROUP_DN', 'ou=Groups,' . BASE_DN);
define('METAGROUP_DN', 'ou=Metagroups,' . BASE_DN);
// or to disable metagroups:
// define('METAGROUP_DN', false);
define('USER_DN', 'ou=People,' . BASE_DN);
define('DUMMY_USER_DN', 'cn=dummy,dc=example,dc=com');
define('DUMMY_USER_DN', 'cn=dummy,' . BASE_DN);

// LDAP objectclass assigned to new users
define('OBJECTCLASS', 'inetOrgPerson');
Expand Down
31 changes: 31 additions & 0 deletions gruppen.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,11 @@
require_once(BASE_PATH . 'ldap.inc.php');
require_once(BASE_PATH . 'helpers.inc.php');
require_once(BASE_PATH . 'classes/group.inc.php');
require_once(BASE_PATH . 'classes/metagroup.inc.php');
session_start();

$ldapconn = ldap_bind_session();
$metagroups = Metagroup::readMetagroups($ldapconn);
$ous = GroupOu::readGroupOus($ldapconn);

foreach ($ous as $ou) {
Expand All @@ -27,6 +29,34 @@
<h1>Gruppen anzeigen</h1>

<div id="accordion" class="panel-group">
<div class="panel panel-default" ng-if="list.metagroupData.length">
<div data-toggle="collapse" href="#collapseMetagroups"
data-parent="#accordion"
class="panel-heading clickable">
<h4 class="panel-title">Metagroups</h4>
</div>
<div id="collapseMetagroups" class="panel-collapse collapse">
<ul class="list-group">
<li class="list-group-item clickable"
ng-repeat="metagroup in list.metagroupData">
<h5 class="list-group-item-heading">
{{metagroup.cn}}
<span class="small">
({{metagroup.dn}})
</span>
</h5>
<p class="list-group-item-text">
{{metagroup.description}}
</p>
<ul ng-if="metagroup.members.length">
<li ng-repeat="group in metagroup.members">
{{group}}
</li>
</ul>
</li>
</ul>
</div> <!-- panel-collapse -->
</div>
<div class="panel panel-default" ng-repeat="ou in list.groupData">
<div data-toggle="collapse" href="#collapse{{ou.ou}}"
data-parent="#accordion"
Expand Down Expand Up @@ -69,6 +99,7 @@ class="panel-heading clickable">
</div> <!-- panel-group -->
</div>

<?php echoJsonDataAsScript("jsonMetagroups", $metagroups); ?>
<?php echoJsonDataAsScript("jsonGroupOus", $ous); ?>

<?php include('html_bottom.inc.php'); ?>
52 changes: 35 additions & 17 deletions js/angular-app.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,15 +73,9 @@
{params: {dn: user.dn}})
.then(function onSuccess(response) {
data = response.data;
user.groups = data.groups;
user.sn = data.sn;
user.givenName = data.givenName;
updateUserDetails(user, data);
user.detailsLoaded = true;
user.loading = false;
user.groupDns = {};
user.groups.map(function(item) {
user.groupDns[item.dn] = item;
});
});
};

Expand Down Expand Up @@ -197,6 +191,7 @@
templateUrl: 'templates/groupAddList.html',
scope: {
groupData: '=groupData',
metagroupData: '=metagroupData'
},
link: function(scope, elemet, attrs) {
scope.editUserService = editUserService;
Expand All @@ -211,33 +206,41 @@
alerts = alertsService;
var serv = {};

var jsonMetagroupEl = document.getElementById('jsonMetagroups');
if (jsonMetagroupEl) {
serv.metagroupData = JSON.parse(jsonMetagroupEl.textContent);
}
var jsonGroupEl = document.getElementById('jsonGroups');
if (jsonGroupEl) {
serv.groupData = JSON.parse(jsonGroupEl.textContent);
}

serv.addGroupToUser = function(user, group, groupAdding) {
serv.addGroupToUser = function(user, group, isMetagroup, groupAdding) {
var messageString = isMetagroup ? 'Metagruppe' : 'Gruppe';
groupAdding[user.dn] = true;
angular.element('#groupAddModal').modal('hide');
//angular.element('#groupAddModal').modal('hide'); // TODO: duplicated
$http.post('ajax/addUserGroup.json.php',
{'userdn': user.dn,
'groupdn': group.dn})
'groupdn': group.dn,
'isMetagroup': isMetagroup})
.then(function(response) {
// success
user.groups.push(group);
user.groupDns[group.dn] = group;
if (response.data.user) {
updateUserDetails(user, response.data.user);
}
groupAdding[user.dn] = false;
alerts.push(
{type: 'success',
msg: 'Benutzer ' + user.cn + ' zu Gruppe '
msg: 'Benutzer ' + user.cn + ' zu ' + messageString + ' '
+ group.cn + ' hinzugefügt',
dismiss: 5000});
}, function(response) {
// error
groupAdding[user.dn] = false;
alerts.push(
{type: 'danger',
msg: 'Konnte Benutzer ' + user.cn + ' nicht zu Gruppe '
msg: 'Konnte Benutzer ' + user.cn + ' nicht zu '
+ messageString + ' '
+ group.cn + ' hinzufügen: ' + response.data.detail});
});
};
Expand Down Expand Up @@ -341,8 +344,8 @@
return userAddGroup.groupDns.hasOwnProperty(group.dn);
};

serv.addGroupToUser = function(group) {
groupEditService.addGroupToUser(userAddGroup, group, groupAdding);
serv.addGroupToUser = function(group, isMetagroup) {
groupEditService.addGroupToUser(userAddGroup, group, isMetagroup, groupAdding);
angular.element('#groupAddModal').modal('hide');
};

Expand Down Expand Up @@ -374,14 +377,17 @@
restrict: 'E',
templateUrl: 'templates/groupAddModal.html',
scope: {
groupData: '=groupData'
groupData: '=groupData',
metagroupData: '=metagroupData'
}
};
});



useradminApp.controller('GrouplistController', function() {
this.metagroupData = JSON.parse(
document.getElementById('jsonMetagroups').textContent);
this.groupData = JSON.parse(
document.getElementById('jsonGroupOus').textContent);
});
Expand Down Expand Up @@ -681,3 +687,15 @@
};
});
})();



function updateUserDetails(user, data) {
user.groups = data.groups;
user.sn = data.sn;
user.givenName = data.givenName;
user.groupDns = {};
user.groups.map(function(item) {
user.groupDns[item.dn] = item;
});
}
Loading