summaryrefslogtreecommitdiffstats
path: root/modules-available/sysconfig/inc/configmodulebaseldap.inc.php
blob: 770a40e6d6ce189b30a1d5819e22f7c8231c94c2 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
<?php

abstract class ConfigModuleBaseLdap extends ConfigModule
{

	const VERSION = 4;

	private static $REQUIRED_FIELDS = array('server', 'searchbase');
	private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fingerprint', 'certificate', 'homeattr',
		'shareRemapMode', 'shareRemapCreate', 'shareDocuments', 'shareDownloads', 'shareDesktop', 'shareMedia',
		'shareOther', 'shareHomeDrive', 'shareDomain', 'credentialPassthrough', 'mapping', 'genuid',
		'ldapAttrMountOpts', 'shareHomeMountOpts', 'nohomewarn');

	public static function getMapping(array $config = null, ?bool &$empty = true): array
	{
		$list = array(
			['name' => 'uid', 'field' => 'uid', 'ad' => 'sAMAccountName'],
			['name' => 'uidnumber', 'field' => 'uidnumber', 'ad' => false],
			['name' => 'uncHomePath', 'field' => 'homemount', 'ad' => 'homeDirectory'],
			['name' => 'homeDirectory', 'field' => 'localhome', 'ad' => false],
			['name' => 'posixAccount', 'field' => 'posixAccount', 'ad' => 'user'],
			//['name' => 'shadowAccount', 'field' => 'shadowAccount'],
		);
		if (is_array($config)) {
			foreach ($list as &$item) {
				if (!empty($config[$item['field']])) {
					$item['value'] = $config[$item['field']];
					$empty = false;
				}
			}
		}
		return $list;
	}

	public static function getActiveModuleIds()
	{
		return Database::queryColumnArray("SELECT DISTINCT moduleid FROM configtgz_module"
			. " INNER JOIN configtgz_x_module USING (moduleid)"
			. " INNER JOIN configtgz USING (configid)"
			. " INNER JOIN configtgz_location USING (configid)"
			. " WHERE moduletype IN ('AdAuth', 'LdapAuth')");
	}

	/**
	 * Launch all ldadp instances that need to be running.
	 *
	 * @param string $command start, restart, check
	 * @param bool|int|int[] $ids list of IDs to run command on, or false meaning "all"
	 * @param string|null $parent if not NULL, this will be the parent task of the launch-task
	 * @return boolean|string false on error, id of task otherwise
	 */
	public static function ldadp(string $command = 'start', $ids = false, string $parent = null)
	{
		if ($ids === false) {
			$ids = self::getActiveModuleIds();
		} elseif (!is_array($ids)) {
			$ids = [$ids];
		}
		$task = Taskmanager::submit('LdadpLauncher', array(
			'ids' => $ids,
			'command' => $command,
			'parentTask' => $parent,
			'failOnParentFail' => false
		));
		if (!isset($task['id']))
			return false;
		return $task['id'];
	}

	protected function generateInternal(string $tgz, ?string $parent)
	{
		$config = $this->moduleData;
		if (isset($config['certificate']) && !is_string($config['certificate'])) {
			unset($config['certificate']);
		}
		if (preg_match('/^([^\:]+)\:(\d+)$/', $config['server'], $out)) {
			$config['server'] = $out[1];
			$config['adport'] = $out[2];
		} else {
			if (isset($config['certificate'])) {
				$config['adport'] = 636;
			} else {
				$config['adport'] = 389;
			}
		}
		$config['parentTask'] = $parent;
		$config['failOnParentFail'] = false;
		$config['proxyip'] = Property::getServerIp();
		$config['proxyport'] = 3100 + $this->id();
		$config['filename'] = $tgz;
		$config['moduleid'] = $this->id();
		if (!isset($config['shareRemapMode'])) {
			$config['shareRemapMode'] = 3;
		}
		if (!isset($config['shareHomeDrive'])) {
			$config['shareHomeDrive'] = 'H:';
		}
		// This is now always on, as we mask it transparently in our lightdm greeter
		$config['fixnumeric'] = 'true';
		$config['genuid'] = !empty($config['genuid']);
		$config['nohomewarn'] = isset($config['nohomewarn']) ? (int)$config['nohomewarn'] : 0;
		$this->preTaskmanagerHook($config);
		$task = Taskmanager::submit('CreateLdapConfig', $config);
		if (is_array($task) && isset($task['id'])) {
			self::ldadp('restart', $this->id(), $task['id']);
		}
		return $task;
	}

	/**
	 * Hook called before running CreateLdapConfig task with the
	 * configuration to be passed to the task. Passed by reference
	 * so it can be modified.
	 */
	protected function preTaskmanagerHook(array &$config)
	{
	}

	protected function moduleVersion(): int
	{
		return self::VERSION;
	}

	protected function validateConfig(): bool
	{
		// Check if required fields are filled
		return ArrayUtil::hasAllKeys($this->moduleData, self::$REQUIRED_FIELDS);
	}

	public function setData(string $key, $value): bool
	{
		if (!in_array($key, self::$REQUIRED_FIELDS) && !in_array($key, self::$OPTIONAL_FIELDS))
			return false;
		$this->moduleData[$key] = $value;
		return true;
	}

	// ############## Callbacks #############################

	/**
	 * Server IP changed - rebuild all AD modules.
	 */
	public function event_serverIpChanged(): void
	{
		$this->generate(false);
	}

}