<?php
abstract class ConfigModuleBaseLdap extends ConfigModule
{
const VERSION = 4;
private static $REQUIRED_FIELDS = array('server', 'searchbase');
private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fingerprint', 'certificate', 'homeattr',
'shareRemapMode', 'shareRemapCreate', 'shareDocuments', 'shareDownloads', 'shareDesktop', 'shareMedia',
'shareOther', 'shareHomeDrive', 'shareDomain', 'credentialPassthrough', 'mapping', 'genuid',
'ldapAttrMountOpts', 'shareHomeMountOpts', 'nohomewarn');
public static function getMapping(array $config = null, ?bool &$empty = true): array
{
$list = array(
['name' => 'uid', 'field' => 'uid', 'ad' => 'sAMAccountName'],
['name' => 'uidnumber', 'field' => 'uidnumber', 'ad' => false],
['name' => 'uncHomePath', 'field' => 'homemount', 'ad' => 'homeDirectory'],
['name' => 'homeDirectory', 'field' => 'localhome', 'ad' => false],
['name' => 'posixAccount', 'field' => 'posixAccount', 'ad' => 'user'],
//['name' => 'shadowAccount', 'field' => 'shadowAccount'],
);
if (is_array($config)) {
foreach ($list as &$item) {
if (!empty($config[$item['field']])) {
$item['value'] = $config[$item['field']];
$empty = false;
}
}
}
return $list;
}
public static function getActiveModuleIds()
{
return Database::queryColumnArray("SELECT DISTINCT moduleid FROM configtgz_module"
. " INNER JOIN configtgz_x_module USING (moduleid)"
. " INNER JOIN configtgz USING (configid)"
. " INNER JOIN configtgz_location USING (configid)"
. " WHERE moduletype IN ('AdAuth', 'LdapAuth')");
}
/**
* Launch all ldadp instances that need to be running.
*
* @param string $command start, restart, check
* @param bool|int|int[] $ids list of IDs to run command on, or false meaning "all"
* @param string|null $parent if not NULL, this will be the parent task of the launch-task
* @return boolean|string false on error, id of task otherwise
*/
public static function ldadp(string $command = 'start', $ids = false, string $parent = null)
{
if ($ids === false) {
$ids = self::getActiveModuleIds();
} elseif (!is_array($ids)) {
$ids = [$ids];
}
$task = Taskmanager::submit('LdadpLauncher', array(
'ids' => $ids,
'command' => $command,
'parentTask' => $parent,
'failOnParentFail' => false
));
if (!isset($task['id']))
return false;
return $task['id'];
}
protected function generateInternal(string $tgz, ?string $parent)
{
$config = $this->moduleData;
if (isset($config['certificate']) && !is_string($config['certificate'])) {
unset($config['certificate']);
}
if (preg_match('/^([^\:]+)\:(\d+)$/', $config['server'], $out)) {
$config['server'] = $out[1];
$config['adport'] = $out[2];
} else {
if (isset($config['certificate'])) {
$config['adport'] = 636;
} else {
$config['adport'] = 389;
}
}
$config['parentTask'] = $parent;
$config['failOnParentFail'] = false;
$config['proxyip'] = Property::getServerIp();
$config['proxyport'] = 3100 + $this->id();
$config['filename'] = $tgz;
$config['moduleid'] = $this->id();
if (!isset($config['shareRemapMode'])) {
$config['shareRemapMode'] = 3;
}
if (!isset($config['shareHomeDrive'])) {
$config['shareHomeDrive'] = 'H:';
}
// This is now always on, as we mask it transparently in our lightdm greeter
$config['fixnumeric'] = 'true';
$config['genuid'] = !empty($config['genuid']);
$config['nohomewarn'] = isset($config['nohomewarn']) ? (int)$config['nohomewarn'] : 0;
$this->preTaskmanagerHook($config);
$task = Taskmanager::submit('CreateLdapConfig', $config);
if (is_array($task) && isset($task['id'])) {
self::ldadp('restart', $this->id(), $task['id']);
}
return $task;
}
/**
* Hook called before running CreateLdapConfig task with the
* configuration to be passed to the task. Passed by reference
* so it can be modified.
*/
protected function preTaskmanagerHook(array &$config)
{
}
protected function moduleVersion(): int
{
return self::VERSION;
}
protected function validateConfig(): bool
{
// Check if required fields are filled
return ArrayUtil::hasAllKeys($this->moduleData, self::$REQUIRED_FIELDS);
}
public function setData(string $key, $value): bool
{
if (!in_array($key, self::$REQUIRED_FIELDS) && !in_array($key, self::$OPTIONAL_FIELDS))
return false;
$this->moduleData[$key] = $value;
return true;
}
// ############## Callbacks #############################
/**
* Server IP changed - rebuild all AD modules.
*/
public function event_serverIpChanged(): void
{
$this->generate(false);
}
}
