[sysconfig] Support customizing LDAP attributes

8 files changed, 70 insertions, 7 deletions

diff --git a/modules-available/sysconfig/addmodule_ldapauth.inc.php b/modules-available/sysconfig/addmodule_ldapauth.inc.php
index 62120b48..32b6b37b 100644
--- a/modules-available/sysconfig/addmodule_ldapauth.inc.php
+++ b/modules-available/sysconfig/addmodule_ldapauth.inc.php
@@ -7,9 +7,32 @@
 class LdapAuth_Start extends AddModule_Base
 {
 
+	public static function getMapping($config = false)
+	{
+		$list = array(
+			['name' => 'uid', 'field' => 'uid'],
+			['name' => 'uidnumber', 'field' => 'uidnumber'],
+			['name' => 'uncHomePath', 'field' => 'homemount'],
+			['name' => 'homeDirectory', 'field' => 'localhome'],
+			['name' => 'posixAccount', 'field' => 'posixAccount'],
+			['name' => 'shadowAccount', 'field' => 'shadowAccount'],
+		);
+		if (is_array($config)) {
+			foreach ($list as &$item) {
+				if (isset($config[$item['field']])) {
+					$item['value'] = $config[$item['field']];
+				}
+				if ($item['field'] === 'homemount' && !empty($config['homeattr']) && empty($config['value'])) {
+					$item['value'] = $config['homeattr'];
+				}
+			}
+		}
+		return $list;
+	}
+
 	protected function renderInternal()
 	{
-		$LDAPAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'ssl', 'fixnumeric', 'certificate');
+		$LDAPAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'ssl', 'fixnumeric', 'certificate', 'mapping');
 		$data = array();
 		if ($this->edit !== false) {
 			moduleToArray($this->edit, $data, $LDAPAUTH_COMMON_FIELDS);
@@ -24,6 +47,7 @@ class LdapAuth_Start extends AddModule_Base
 			$data['server'] = $out[1];
 		}
 		$data['step'] = 'LdapAuth_CheckConnection';
+		$data['mapping'] = self::getMapping(isset($data['mapping']) ? $data['mapping'] : false);
 		Render::addDialog(Dictionary::translateFile('config-module', 'ldapAuth_title'), false, 'ldap-start', $data);
 	}
 
@@ -77,7 +101,8 @@ class LdapAuth_CheckConnection extends AddModule_Base
 			'ssl' => Request::post('ssl'),
 			'fixnumeric' => Request::post('fixnumeric'),
 			'certificate' => Request::post('certificate', ''),
-			'taskid' => $this->scanTask['id']
+			'taskid' => $this->scanTask['id'],
+			'mapping' => LdapAuth_Start::getMapping(Request::post('mapping', false, 'array')),
 		);
 		$data['prev'] = 'LdapAuth_Start';
 		$data['next'] = 'LdapAuth_CheckCredentials';
@@ -123,6 +148,7 @@ class LdapAuth_CheckCredentials extends AddModule_Base
 			'binddn' => $binddn,
 			'bindpw' => $bindpw,
 			'plainldap' => true,
+			'mapping' => Request::post('mapping', false, 'array'),
 		));
 		if (!isset($ldapSearch['id'])) {
 			AddModule_Base::setStep('LdapAuth_Start'); // Continues with LdapAuth_Start for render()
@@ -149,8 +175,9 @@ class LdapAuth_CheckCredentials extends AddModule_Base
 				'fixnumeric' => Request::post('fixnumeric'),
 				'fingerprint' => Request::post('fingerprint'),
 				'certificate' => Request::post('certificate', ''),
+				'mapping' => LdapAuth_Start::getMapping(Request::post('mapping', false, 'array')),
 				'prev' => 'LdapAuth_Start',
-				'next' => 'LdapAuth_HomeDir'
+				'next' => 'LdapAuth_HomeDir',
 			))
 		);
 	}
@@ -184,14 +211,14 @@ class LdapAuth_HomeDir extends AddModule_Base
 			'binddn' => Request::post('binddn'),
 			'bindpw' => Request::post('bindpw'),
 			'home' => Request::post('home'),
-			'homeattr' => Request::post('homeattr'),
 			'ssl' => Request::post('ssl') === 'on',
 			'fixnumeric' => Request::post('fixnumeric'),
 			'fingerprint' => Request::post('fingerprint'),
 			'certificate' => Request::post('certificate', ''),
 			'originalbinddn' => Request::post('originalbinddn'),
+			'mapping' => LdapAuth_Start::getMapping(Request::post('mapping', false, 'array')),
 			'prev' => 'LdapAuth_Start',
-			'next' => 'LdapAuth_Finish'
+			'next' => 'LdapAuth_Finish',
 		);
 		if ($this->edit !== false) {
 			foreach (self::getAttributes() as $key) {
diff --git a/modules-available/sysconfig/inc/configmodulebaseldap.inc.php b/modules-available/sysconfig/inc/configmodulebaseldap.inc.php
index 686bcbc0..55104005 100644
--- a/modules-available/sysconfig/inc/configmodulebaseldap.inc.php
+++ b/modules-available/sysconfig/inc/configmodulebaseldap.inc.php
@@ -8,7 +8,7 @@ abstract class ConfigModuleBaseLdap extends ConfigModule
 	private static $REQUIRED_FIELDS = array('server', 'searchbase');
 	private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fixnumeric', 'fingerprint', 'certificate', 'homeattr',
 		'shareRemapMode', 'shareRemapCreate', 'shareDocuments', 'shareDownloads', 'shareDesktop', 'shareMedia',
-		'shareOther', 'shareHomeDrive', 'shareDomain', 'credentialPassthrough');
+		'shareOther', 'shareHomeDrive', 'shareDomain', 'credentialPassthrough', 'mapping');
 
 	protected function generateInternal($tgz, $parent)
 	{
diff --git a/modules-available/sysconfig/lang/de/template-tags.json b/modules-available/sysconfig/lang/de/template-tags.json
index 7972a068..0bb5f34d 100644
--- a/modules-available/sysconfig/lang/de/template-tags.json
+++ b/modules-available/sysconfig/lang/de/template-tags.json
@@ -33,6 +33,8 @@
     "lang_customCertificate": "Zur Validierung zus\u00e4tzlich erforderliche (Intermediate-)Zertifikate",
     "lang_customModuleInfo1": "\u00dcber ein benutzerdefiniertes Modul ist es m\u00f6glich, beliebige Dateien zum Linux-Grundsystem, das auf den Clients gebootet wird, hinzuzuf\u00fcgen. Dazu kann ein Archiv mit einer Dateisystemstruktur hochgeladen werden, die in dieser Form 1:1 in das gebootete Linux extrahiert wird.",
     "lang_customModuleInfo2": "Beispiel: Enth\u00e4lt das hochgeladene Archiv eine Datei etc\/beispiel.conf, so wird auf einem gebooteten Client diese Datei als \/etc\/beispiel.conf zu finden sein.",
+    "lang_customizeAttrDesc": "Hier k\u00f6nnen Sie die Standardwerte f\u00fcr bestimmte Attribute und deren Werte \u00fcberschreiben, wenn ihr LDAP-Schema nicht dem \u00fcblichen Unix-Schema entspricht.",
+    "lang_customizeAttributes": "Attribute anpassen",
     "lang_deleteLong": "Modul oder Konfiguration l\u00f6schen.",
     "lang_determiningHomeDirectory": "Versuche Attribut f\u00fcr das Home-Verzeichnis zu ermitteln...",
     "lang_dnLookup": "Ermitteln der Bind-DN",
@@ -52,6 +54,7 @@
     "lang_helpSystemConfiguration": "\u00dcber eine Systemkonfiguration wird die grundlegende Lokalisierung des bwLehrpool-Systems durchgef\u00fchrt. Dazu geh\u00f6ren Aspekte wie das Authentifizierungsverfahren f\u00fcr Benutzer (z.B. Active Directory, LDAP), Druckerkonfiguration, Home-Verzeichnisse, etc. Eine Systemkonfiguration setzt sich aus einem oder mehreren Konfigurationsmodulen zusammen, welche im angrenzenden Panel verwaltet werden k\u00f6nnen.",
     "lang_homeAttr": "Home-Attribut",
     "lang_homeAttributeExplanation": "Bitte w\u00e4hlen Sie das Attribut, welches das Home-Verzeichnis der User enth\u00e4lt.",
+    "lang_homeFallback": "Home-Fallback",
     "lang_homedirHandling": "(Home-)Verzeichnis Einbindung",
     "lang_inheritFromParentLoc": "Von \u00fcbergeordnetem Ort erben",
     "lang_ldapStarted": "Der LDAP-Proxy wurde gestartet",
diff --git a/modules-available/sysconfig/lang/en/template-tags.json b/modules-available/sysconfig/lang/en/template-tags.json
index 6a482772..7a72700f 100644
--- a/modules-available/sysconfig/lang/en/template-tags.json
+++ b/modules-available/sysconfig/lang/en/template-tags.json
@@ -33,6 +33,8 @@
     "lang_customCertificate": "Additional (intermediate) certificates required for certificate validation",
     "lang_customModuleInfo1": "About a custom module, it is possible to add arbitrary files to a Linux system that is booted clients. For this purpose, an archive can be uploaded using a file system structure that is extracted in this form 1:1 in the booted Linux.",
     "lang_customModuleInfo2": "Example: If the uploaded archive is the file etc\/example.conf, this file will be located as \/etc\/example.conf to a booted client.",
+    "lang_customizeAttrDesc": "Here you can override attribute names and values if your LDAP scheme doesn't adhere to the usual Unix scheme.",
+    "lang_customizeAttributes": "Customize attributes",
     "lang_deleteLong": "Delete module or configuration.",
     "lang_determiningHomeDirectory": "Trying to determine home directory attribute...",
     "lang_dnLookup": "Looking up bind dn",
@@ -52,6 +54,7 @@
     "lang_helpSystemConfiguration": "The fundamental localization of the bwLehrpool system is done through a system configuration. These include aspects such as the authentication method for users (eg Active Directory, LDAP), printer configuration, home directories, etc. A system configuration is composed of one or more configuration modules, which can be managed in the panel next to this one.",
     "lang_homeAttr": "Home attribute",
     "lang_homeAttributeExplanation": "Please select the attribute which holds the user's home directory.",
+    "lang_homeFallback": "Home fallback",
     "lang_homedirHandling": "(Home) directory handling",
     "lang_inheritFromParentLoc": "Inherit from parent location",
     "lang_ldapStarted": "The LDAP proxy has been launched",
diff --git a/modules-available/sysconfig/templates/ad_ldap-checkconnection.html b/modules-available/sysconfig/templates/ad_ldap-checkconnection.html
index 35c8f1ee..630da398 100644
--- a/modules-available/sysconfig/templates/ad_ldap-checkconnection.html
+++ b/modules-available/sysconfig/templates/ad_ldap-checkconnection.html
@@ -26,6 +26,10 @@
 		<input name="ssl" value="on" type="hidden">
 		<input type="hidden" name="certificate" value="{{certificate}}">
 		{{/ssl}}
+		{{#mapping}}
+			<input type="hidden" name="mapping[{{field}}]" value="{{value}}">
+		{{/mapping}}
+
 		<input name="fixnumeric" value="{{fixnumeric}}" type="hidden">
 		<button type="submit" class="btn btn-primary">&laquo; {{lang_back}}</button>
 	</form>
@@ -47,6 +51,9 @@
 		<input id="fingerprint" name="fingerprint" value="" type="hidden">
 		<input id="certificate" type="hidden" name="certificate" value="{{certificate}}">
 		{{/ssl}}
+		{{#mapping}}
+			<input type="hidden" name="mapping[{{field}}]" value="{{value}}">
+		{{/mapping}}
 		<input name="fixnumeric" value="{{fixnumeric}}" type="hidden">
 		<input name="originalbinddn" value="{{binddn}}" type="hidden">
 		<button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_next}} &raquo;</button>
diff --git a/modules-available/sysconfig/templates/ad_ldap-checkcredentials.html b/modules-available/sysconfig/templates/ad_ldap-checkcredentials.html
index bf151da3..4f822a9b 100644
--- a/modules-available/sysconfig/templates/ad_ldap-checkcredentials.html
+++ b/modules-available/sysconfig/templates/ad_ldap-checkcredentials.html
@@ -22,6 +22,9 @@
 		<input name="ssl" value="on" type="hidden">
 		<input type="hidden" name="certificate" value="{{certificate}}">
 		{{/ssl}}
+		{{#mapping}}
+			<input type="hidden" name="mapping[{{field}}]" value="{{value}}">
+		{{/mapping}}
 		<input name="fixnumeric" value="{{fixnumeric}}" type="hidden">
 		<button type="submit" class="btn btn-primary">&laquo; {{lang_back}}</button>
 	</form>
@@ -42,6 +45,9 @@
 		<input name="ssl" value="on" type="hidden">
 		<input type="hidden" name="certificate" value="{{certificate}}">
 		{{/ssl}}
+		{{#mapping}}
+			<input type="hidden" name="mapping[{{field}}]" value="{{value}}">
+		{{/mapping}}
 		<input name="fixnumeric" value="{{fixnumeric}}" type="hidden">
 		<input name="fingerprint" value="{{fingerprint}}" type="hidden">
 		<input name="originalbinddn" value="{{binddn}}" type="hidden">
diff --git a/modules-available/sysconfig/templates/ad_ldap-homedir.html b/modules-available/sysconfig/templates/ad_ldap-homedir.html
index 10a43030..ad543594 100644
--- a/modules-available/sysconfig/templates/ad_ldap-homedir.html
+++ b/modules-available/sysconfig/templates/ad_ldap-homedir.html
@@ -14,6 +14,9 @@
 	<input name="ssl" value="on" type="hidden">
 	<input type="hidden" name="certificate" value="{{certificate}}">
 	{{/ssl}}
+	{{#mapping}}
+		<input type="hidden" name="mapping[{{field}}]" value="{{value}}">
+	{{/mapping}}
 	<input name="fixnumeric" value="{{fixnumeric}}" type="hidden">
 	<input name="fingerprint" value="{{fingerprint}}" type="hidden">
 
diff --git a/modules-available/sysconfig/templates/ldap-start.html b/modules-available/sysconfig/templates/ldap-start.html
index cbb142ea..223791ea 100644
--- a/modules-available/sysconfig/templates/ldap-start.html
+++ b/modules-available/sysconfig/templates/ldap-start.html
@@ -43,13 +43,27 @@
 	</div>
 	<br>
 	<div class="input-group">
-		<span style="min-width:150px;" class="input-group-addon slx-ga">Home</span>
+		<span class="input-group-addon slx-ga" style="min-width:150px">{{lang_homeFallback}}</span>
 		<input tabindex="6" name="home" value="{{home}}" type="text" class="form-control" placeholder="\\server.example.com\%s">
 		<span class="input-group-btn">
 			<a class="btn btn-default" data-toggle="modal" data-target="#help-home"><span class="glyphicon glyphicon-question-sign"></span></a>
 		</span>
 	</div>
 	<br>
+	<div class="collapse" id="attrbox">
+		<p>{{lang_customizeAttrDesc}}</p>
+		{{#mapping}}
+			<div class="input-group">
+				<span class="input-group-addon slx-ga2">{{name}}</span>
+				<input name="mapping[{{field}}]" value="{{value}}" type="text" class="form-control" placeholder="{{name}}">
+			</div>
+		{{/mapping}}
+	</div>
+	<div class="btn btn-default center-block" onclick="$('#attrbox').show();$(this).hide()">
+		{{lang_customizeAttributes}}
+		<span class="glyphicon glyphicon-menu-down"></span>
+	</div>
+	<br>
 	<div>
 		<div class="checkbox">
 			<input id="num-cb" type="checkbox" name="fixnumeric" {{#fixnumeric}}checked{{/fixnumeric}}>