Squiz Matrix  4.12.2
 All Data Structures Namespaces Functions Variables Pages
ldap_change_dn.php
1 <?php
25 error_reporting(E_ALL);
26 if ((php_sapi_name() != 'cli')) {
27  trigger_error("You can only run this script from the command line\n", E_USER_ERROR);
28 }
29 
30 $SYSTEM_ROOT = (isset($_SERVER['argv'][1])) ? $_SERVER['argv'][1] : '';
31 if (empty($SYSTEM_ROOT) || !is_dir($SYSTEM_ROOT)) {
32  echo "ERROR: You need to supply the path to the System Root as the first argument\n";
33  exit();
34 }
35 
36 require_once $SYSTEM_ROOT.'/core/include/init.inc';
37 
38 // ask for the root password for the system
39 echo 'Enter the root password for "'.SQ_CONF_SYSTEM_NAME.'": ';
40 $root_password = rtrim(fgets(STDIN, 4094));
41 
42 // check that the correct root password was entered
43 $root_user = &$GLOBALS['SQ_SYSTEM']->am->getSystemAsset('root_user');
44 if (!$root_user->comparePassword($root_password)) {
45  echo "ERROR: The root password entered was incorrect\n";
46  exit();
47 }
48 
49 // log in as root
50 if (!$GLOBALS['SQ_SYSTEM']->setCurrentUser($root_user)) {
51  trigger_error("Failed loging in as root user\n", E_USER_ERROR);
52 }
53 
54 // get a list of all LDAP Bridges to help the user select the correct bridge ID
55 $bridge_ids = $GLOBALS['SQ_SYSTEM']->am->getTypeAssetids('ldap_bridge', true);
56 $bridge_info = $GLOBALS['SQ_SYSTEM']->am->getAssetInfo($bridge_ids, 'ldap_bridge');
57 
58 // ask for the bridge ID
59 echo "\n*** The following bridges are available in the system ***\n";
60 foreach ($bridge_info as $assetid => $asset_info) {
61  echo "[$assetid] - ".$asset_info['name']."\n";
62 }
63 echo 'Enter the ID of the bridge to apply changes to: ';
64 $bridge_id = rtrim(fgets(STDIN, 4094));
65 if (!in_array($bridge_id, $bridge_ids)) {
66  echo "Supplied bridge ID was not valid. No DN changes were made\n";
67  exit();
68 }
69 
70 // ask for the old DN
71 echo 'Enter the DN to change: ';
72 $old_dn = rtrim(fgets(STDIN, 4094));
73 
74 // ask for the new DN
75 echo 'Enter the new DN: ';
76 $new_dn = rtrim(fgets(STDIN, 4094));
77 
78 
79 echo "\n*** Please confirm the following information is correct ***\n";
80 echo "[BRIDGE] $bridge_id\n";
81 echo "[OLD DN] $old_dn\n";
82 echo "[NEW DN] $new_dn\n";
83 echo 'Is this correct [y/n]: ';
84 $confirm = rtrim(fgets(STDIN, 4094));
85 
86 if (strtolower($confirm) != 'y') {
87  echo "No DN changes were made\n";
88  exit();
89 }
90 echo "\n";
91 
92 $old_dn = $bridge_id.':'.$old_dn;
93 $new_dn = $bridge_id.':'.$new_dn;
94 
95 $db =& $GLOBALS['SQ_SYSTEM']->db;
96 $GLOBALS['SQ_SYSTEM']->doTransaction('BEGIN');
97 
98  printActionName('Changing asset ownership');
99  // Change created ownership
100  $bind_vars = Array(
101  'old_userid' => $old_dn,
102  'new_userid' => $new_dn,
103  );
104 
105  MatrixDAL::executeQuery('core', 'changeCreatedAssetDateUser', $bind_vars);
106  MatrixDAL::executeQuery('core', 'changeUpdatedAssetDateUser', $bind_vars);
107  MatrixDAL::executeQuery('core', 'changePublishedAssetDateUser', $bind_vars);
108  MatrixDAL::executeQuery('core', 'changeStatusChangedAssetDateUser', $bind_vars);
109  MatrixDAL::executeQuery('core', 'changeLinkUpdatedDateUser', $bind_vars);
110  printActionStatus('OK');
111 
112  printActionName('Changing asset ownership (rollback)');
113  $sql = 'UPDATE sq_rb_ast
114  SET created_userid = '.MatrixDAL::quote($new_dn).'
115  WHERE created_userid = '.MatrixDAL::quote($old_dn);
116  $result = MatrixDAL::executeSql($sql);
117 
118  $sql = 'UPDATE sq_rb_ast
119  SET updated_userid = '.MatrixDAL::quote($new_dn).'
120  WHERE updated_userid = '.MatrixDAL::quote($old_dn);
121  $result = MatrixDAL::executeSql($sql);
122 
123  $sql = 'UPDATE sq_rb_ast
124  SET published_userid = '.MatrixDAL::quote($new_dn).'
125  WHERE published_userid = '.MatrixDAL::quote($old_dn);
126  $result = MatrixDAL::executeSql($sql);
127 
128  $sql = 'UPDATE sq_rb_ast
129  SET status_changed_userid = '.MatrixDAL::quote($new_dn).'
130  WHERE status_changed_userid = '.MatrixDAL::quote($old_dn);
131  $result = MatrixDAL::executeSql($sql);
132 
133  $sql = 'UPDATE sq_rb_ast_lnk
134  SET updated_userid = '.MatrixDAL::quote($new_dn).'
135  WHERE updated_userid = '.MatrixDAL::quote($old_dn);
136  $result = MatrixDAL::executeSql($sql);
137  printActionStatus('OK');
138 
139  printActionName('Changing shadow links');
140  // find out any links that has already be re-created..possibly from backend
141  $sql = 'SELECT majorid FROM sq_shdw_ast_lnk where minorid = '.MatrixDAL::quote($new_dn);
142  $existing_links = MatrixDAL::executeSqlAssoc($sql);
143 
144  foreach ($existing_links as $index => $existing_link) {
145  $existing_links[] = $existing_links[$index]['majorid'];
146  unset($existing_links[$index]);
147  }
148 
149  // update the dn here but be sure to not to try to insert
150  // duplicate entries incase the updated ldap user is already
151  // linked to target asset from backend for more info see bug
152  // 5686 LDAP update script fails if unique constraint violated
153  $sql = 'UPDATE sq_shdw_ast_lnk
154  SET minorid = '.MatrixDAL::quote($new_dn).'
155  WHERE minorid = '.MatrixDAL::quote($old_dn).'
156  AND majorid NOT IN (SELECT s.majorid FROM sq_shdw_ast_lnk s where s.minorid = '.MatrixDAL::quote($new_dn).')';
157  $result = MatrixDAL::executeSql($sql);
158 
159  MatrixDAL::executeQuery('core', 'changeShadowLinkUpdatedDateUser', $bind_vars);
160  printActionStatus('OK');
161 
162  printActionName('Changing shadow links (rollback)');
163  $sql = 'UPDATE sq_rb_shdw_ast_lnk
164  SET minorid = '.MatrixDAL::quote($new_dn).'
165  WHERE minorid = '.MatrixDAL::quote($old_dn);
166  $result = MatrixDAL::executeSql($sql);
167 
168  $sql = 'UPDATE sq_rb_shdw_ast_lnk
169  SET updated_userid = '.MatrixDAL::quote($new_dn).'
170  WHERE updated_userid = '.MatrixDAL::quote($old_dn);
171  $result = MatrixDAL::executeSql($sql);
172  printActionStatus('OK');
173 
174  printActionName('Changing asset permissions');
175  $sql = 'UPDATE sq_ast_perm
176  SET userid = '.MatrixDAL::quote($new_dn).'
177  WHERE userid = '.MatrixDAL::quote($old_dn);
178  $result = MatrixDAL::executeSql($sql);
179  printActionStatus('OK');
180 
181  printActionName('Changing asset permissions (rollback)');
182  $sql = 'UPDATE sq_rb_ast_perm
183  SET userid = '.MatrixDAL::quote($new_dn).'
184  WHERE userid = '.MatrixDAL::quote($old_dn);
185  $result = MatrixDAL::executeSql($sql);
186  printActionStatus('OK');
187 
188  printActionName('Changing internal messages');
189  $sql = 'UPDATE sq_internal_msg
190  SET userto = '.MatrixDAL::quote($new_dn).'
191  WHERE userto = '.MatrixDAL::quote($old_dn);
192  $result = MatrixDAL::executeSql($sql);
193 
194  $sql = 'UPDATE sq_internal_msg
195  SET userfrom = '.MatrixDAL::quote($new_dn).'
196  WHERE userfrom = '.MatrixDAL::quote($old_dn);
197  $result = MatrixDAL::executeSql($sql);
198  printActionStatus('OK');
199 
200  printActionName('Changing screen access');
201  $sql = 'UPDATE sq_ast_edit_access
202  SET userid = '.MatrixDAL::quote($new_dn).'
203  WHERE userid = '.MatrixDAL::quote($old_dn);
204  $result = MatrixDAL::executeSql($sql);
205  printActionStatus('OK');
206 
207  printActionName('Changing screen access (rollback)');
208  $sql = 'UPDATE sq_rb_ast_edit_access
209  SET userid = '.MatrixDAL::quote($new_dn).'
210  WHERE userid = '.MatrixDAL::quote($old_dn);
211  $result = MatrixDAL::executeSql($sql);
212  printActionStatus('OK');
213 
214  printActionName('Changing locks');
215  $class_name = 'locking_method_'.SQ_CONF_LOCKING_METHOD;
216  $GLOBALS['SQ_SYSTEM']->am->includeAsset($class_name);
217 
218  try {
219  eval('return '.$class_name.'::changeLockOwner($old_dn, $new_dn);');
220  } catch (Exception $e) {
221  trigger_error('Unable to change owner of existing locks, '.$e->getMessage(), E_USER_ERROR);
222  }
223 
224  // ??? This doesn't look correct...
225  $sql = 'UPDATE sq_lock
226  SET lockid = '.MatrixDAL::quote('asset.'.$new_dn).'
227  WHERE lockid = '.MatrixDAL::quote('asset.'.$old_dn);
228  $result = MatrixDAL::executeSql($sql);
229 
230  $sql = 'UPDATE sq_lock
231  SET source_lockid = '.MatrixDAL::quote('asset.'.$new_dn).'
232  WHERE source_lockid = '.MatrixDAL::quote('asset.'.$old_dn);
233  $result = MatrixDAL::executeSql($sql);
234  printActionStatus('OK');
235 
236  // update the sq_ast_attr val table coz if the old dn is not going to be available
237  // henceforth then there is no point keeping it in our database
238  // see #5608 ldap_change_dn.php does not update running_as attribute for cron jobs
239  printActionName('Changing Asset Attributes ');
240  $sql = 'UPDATE sq_ast_attr_val
241  SET custom_val = '.MatrixDAL::quote($new_dn).'
242  WHERE custom_val = '.MatrixDAL::quote($old_dn);
243  $result = MatrixDAL::executeSql($sql);
244  printActionStatus('OK');
245 
246 $GLOBALS['SQ_SYSTEM']->doTransaction('COMMIT');
247 
248 
249 if (!empty($existing_links)) {
250  echo "Few links in sq_shdw_ast_lnk table were already updated prior to running script.\n";
251  echo "Links for old DN under following parents need to be fixed manually\n";
252  foreach ($existing_links as $index => $link) {
253  echo "$index) $link\n";
254  }
255 }
266 function printActionName($str)
267 {
268  printf ('%s%'.(40 - strlen($str)).'s', $str,'');
269 
270 }//end printActionName()
271 
272 
281 function printActionStatus($status)
282 {
283  echo "[ $status ]\n";
284 
285 }//end printActionStatus()
286 
287 
288 ?>