Squiz Matrix  4.12.2
 All Data Structures Namespaces Functions Variables Pages
data_source_ldap.inc
1 <?php
18 require_once SQ_CORE_PACKAGE_PATH.'/../include/asset.inc';
19 require_once SQ_CORE_PACKAGE_PATH.'/data_source/data_source/data_source.inc';
20 require_once SQ_FUDGE_PATH.'/ldap/ldap.inc';
21 
22 
35 class Data_Source_Ldap extends Data_Source
36 {
37 
38  /*
39  * Array having details to connect to an LDAP directory
40  *
41  * Array(
42  * 'host',
43  * 'port',
44  * 'root_dn',
45  * 'bind_dn',
46  * 'password',
47  * 'ldap_options',
48  * 'aliases'
49  * )
50  *
51  * @var array
52  */
53  var $_ldap_dir;
54 
55 
62  function __construct($assetid=0)
63  {
64  $this->_ldap_dir = Array();
65 
66  parent::__construct($assetid);
67 
68  }//end constructor
69 
70 
77  function getResultSet()
78  {
79  $query_string = isset($this->_tmp['search_filter_string']) ? $this->_tmp['search_filter_string'] : $this->getSearchFilterString();
80  if (empty($query_string)) {
81  return Array();
82  }
83  $GLOBALS['SQ_SYSTEM']->pm->startTimer($this);
84  $hash = md5($query_string.$this->attr('attributes').';'.$this->attr('binary_attributes'));
85  // Check the local cache
86  if (!isset($this->_tmp[$hash])) {
87 
88  // Check the system cache
89  $result = $this->getCachedResultSet($hash);
90  if ($result !== FALSE) {
91  $this->_tmp[$hash] = $result;
92  } else {
93  // Not cached at all, get it from LDAP bridge
94  $this->_tmp[$hash] = $this->_executeQuery($query_string);
95  $this->cacheResultSet($this->_tmp[$hash], $hash);
96  }
97  }
98  $GLOBALS['SQ_SYSTEM']->pm->stopTimer($this);
99  return $this->_tmp[$hash];
100 
101  }//end getResultSet()
102 
103 
111  function _loadLdapVars()
112  {
113  // If using an existing LDAP bridge
114  $ldap_bridge_link = $GLOBALS['SQ_SYSTEM']->am->getLink($this->id, SQ_LINK_NOTICE, 'ldap_bridge', FALSE, 'ldap_bridge');
115  $ldap_bridge_assetid = isset($ldap_bridge_link['minorid']) ? $ldap_bridge_link['minorid'] : FALSE;
116  if ($ldap_bridge_assetid) {
117  $ldap_bridge_info = $GLOBALS['SQ_SYSTEM']->am->getAssetInfo($ldap_bridge_assetid);
118  }
119 
120  if (!empty($ldap_bridge_info) && $ldap_bridge_info[$ldap_bridge_assetid]['type_code'] == 'ldap_bridge') {
121  $ldap_bridge = $GLOBALS['SQ_SYSTEM']->am->getAsset($ldap_bridge_assetid);
122 
123  $this->_ldap_dir['host'] = $ldap_bridge->attr('host');
124  $this->_ldap_dir['port'] = $ldap_bridge->attr('port');
125  $this->_ldap_dir['root_dn'] = $ldap_bridge->attr('root_dn');
126  $this->_ldap_dir['bind_dn'] = $ldap_bridge->attr('bind_dn');
127  $this->_ldap_dir['password'] = $ldap_bridge->attr('password');
128  $this->_ldap_dir['ldap_options'] = $ldap_bridge->attr('ldap_options');
129  $this->_ldap_dir['aliases'] = $ldap_bridge->attr('aliases');
130 
131  $GLOBALS['SQ_SYSTEM']->am->forgetAsset($ldap_bridge_asset);
132  } else {
133  $this->_ldap_dir['host'] = $this->attr('host');
134  $this->_ldap_dir['port'] = $this->attr('port');
135  $this->_ldap_dir['root_dn'] = $this->attr('root_dn');
136  $this->_ldap_dir['bind_dn'] = $this->attr('bind_dn');
137  $this->_ldap_dir['password'] = $this->attr('password');
138  $this->_ldap_dir['ldap_options'] = $this->attr('ldap_options');
139  $this->_ldap_dir['aliases'] = $this->attr('aliases');
140  }
141 
142  }//end _loadLDAPVars()
143 
150  function connectToLdap()
151  {
152  // Load the LDAP connection details
153  $this->_loadLdapVars();
154 
155  if (empty($this->_ldap_dir['host'])) return NULL;
156 
157  $ldap = new Ldap();
158  if (!$ldap->connect($this->_ldap_dir['host'], $this->_ldap_dir['port'])) {
159  return NULL;
160  }
161 
162  // Any non-default ldap connection settings set here
163  foreach ($this->_ldap_dir['ldap_options'] as $option => $value) {
164  ldap_set_option($ldap->ptr, constant($option), $value);
165  }
166 
167  // Alias dereferencing setting here
168  ldap_set_option($ldap->ptr, LDAP_OPT_DEREF, constant($this->_ldap_dir['aliases']));
169 
170  // If the bind DN is empty, anonymous access is assumed
171  if (!empty($this->_ldap_dir['bind_dn'])) {
172  if (!$ldap->bind($this->_ldap_dir['bind_dn'], $this->_ldap_dir['password'])) {
173  return NULL;
174  }
175  }
176 
177  return $ldap;
178 
179  }//end connectToLdap()
180 
181 
190  function _executeQuery($search_filter)
191  {
192  $search_filter = trim($search_filter);
193  if (empty($search_filter)) {
194  return Array();
195  }
196 
197  $result = Array();
198 
199  $ldap = @$this->connectToLdap();
200  if (!is_null($ldap)) {
201  $base_dn = $this->_ldap_dir['root_dn'];
202  $sort_by = trim($this->attr('sort_by'));
203 
204  $required_attributes = $this->parseStringValues($this->attr('attributes').','.$this->attr('binary_attributes'));
205 
206  $search_result = $ldap->search($base_dn, $search_filter, empty($sort_by) ? NULL : $sort_by, TRUE, TRUE, $required_attributes);
207 
208  if (!empty($search_result)) {
209  $entries = $ldap->getEntries($search_result, $this->parseStringValues($this->attr('binary_attributes')));
210 
211  if (!empty($entries)) {
212  unset($entries['count']);
213  foreach($entries as $data) {
214  unset($data['count']);
215  $ds_record = Array();
216  foreach($data as $ldap_key => $ldap_val) {
217  if (!is_int($ldap_key)) {
218  if (is_array($ldap_val)) {
219  unset($ldap_val['count']);
220  $ds_record[$ldap_key] = implode(";", $ldap_val);
221  } else {
222  $ds_record[$ldap_key] = $ldap_val;
223  }
224  }//end if
225  }//end foreach
226 
227  $result[] = $ds_record;
228 
229  }//end foreach
230  }//end if
231  }//end if
232  }//end if
233 
234  if (!is_null($ldap)) {
235  $ldap->disconnect();
236  }
237 
238  return $result;
239 
240  }//end _executeQuery()
241 
242 
252  function parseStringValues($str, $delimiter = ',')
253  {
254  $values = explode($delimiter, $str);
255  $new_values = Array();
256  foreach ($values as $value) {
257  $val = trim($value);
258  if (($val != '') && !in_array($val, $new_values)) {
259  $new_values[] = $val;
260  }
261  }
262 
263  return $new_values;
264 
265  }//end parseStringValues()
266 
267 
278  function getConnectionOptions()
279  {
280  // an array of customisable ldap connection options to their customised value
281  // defaults:
282  // LDAP_OPT_PROTOCOL_VERSION default = 2
283  // LDAP_OPT_REFERRALS = 1
284  return Array(
285  'LDAP_OPT_PROTOCOL_VERSION' => 3,
286  'LDAP_OPT_REFERRALS' => 0,
287  );
288 
289  }//end getConnectionOptions()
290 
291 
298  function getSearchFilterString()
299  {
300  $search_filter_string = $this->attr('search_filter');
301  $keyword_wrapper = '%%';
302  $keyword_pattern = '('.$keyword_wrapper.'([a-zA-Z_\-0-9\.]+)'.$keyword_wrapper.')';
303 
304  // insert the dynamic parameters into the search filter string
305  preg_match_all ('/'.$keyword_pattern.'/', $search_filter_string, $matches, PREG_PATTERN_ORDER);
306  if (empty($matches[1])) {
307  $this->_tmp['search_filter_string'] = $search_filter_string;
308  return $this->_tmp['search_filter_string'];
309  }
310 
311  $raw_keywords = $matches[1];
312  $keywords = $matches[2];
313 
314  foreach ($keywords as $keyword) {
315  $value = $this->getDynamicVariableValue($keyword);
316  $replacements[] = str_replace('$', '\$', urldecode($value));
317  $patterns[] = '/('.$keyword_wrapper.$keyword.$keyword_wrapper.')/';
318  }
319 
320  $search_filter_string = preg_replace($patterns, $replacements, $search_filter_string);
321  $this->_tmp['search_filter_string'] = trim($search_filter_string);
322 
323  return $this->_tmp['search_filter_string'];
324 
325  }//end getSearchFilterString()
326 
327 
341  function _getAllowedLinks()
342  {
343  // any link is allowed
344  $allowed_link['asset']['card'] = 'M';
345  $allowed_link['asset']['exclusive'] = FALSE;
346 
347  $links[SQ_LINK_TYPE_1] = $allowed_link;
348  $links[SQ_LINK_TYPE_2] = $allowed_link;
349  $links[SQ_LINK_TYPE_3] = $allowed_link;
350  $links[SQ_LINK_NOTICE] = $allowed_link;
351 
352  return $links;
353 
354  }//end _getAllowedLinks()
355 
356 
363  function getBinaryDataAttributes()
364  {
365  return $this->parseStringValues($this->attr('binary_attributes'));
366 
367  }//end getBinaryDataAttributes()
368 
369 
370 }//end class
371 
372 ?>