// Takes username and groupdn(s) , separated by ;
// Returns true if user is member of any given groups
- $result = false;
$ldapconnection = $this->ldap_connect();
- if (empty($username) or empty($groupdns)) {
- return $result;
+ if (empty($extusername) or empty($groupdns)) {
+ return false;
}
if ($this->config->memberattribute_isdn) {
- $username=$this->ldap_find_userdn($ldapconnection, $username);
+ $memberuser = $this->ldap_find_userdn($ldapconnection, $extusername);
+ } else {
+ $memberuser = $extusername;
}
- if (! $username ) {
- return $result;
+
+ if (empty($memberuser)) {
+ return false;
}
$groups = explode(";",$groupdns);
+ $result = false;
foreach ($groups as $group) {
$group = trim($group);
if (empty($group)) {
continue;
}
//echo "Checking group $group for member $username\n";
- $search = @ldap_read($ldapconnection, $group, '('.$this->config->memberattribute.'='.$this->filter_addslashes($username).')', array($this->config->memberattribute));
-
- if (!empty($search) and ldap_count_entries($ldapconnection, $search)) {$info = $this->ldap_get_entries($ldapconnection, $search);
+ $search = ldap_read($ldapconnection, $group, '('.$this->config->memberattribute.'='.$this->filter_addslashes($memberuser).')', array($this->config->memberattribute));
+ if (!empty($search) and ldap_count_entries($ldapconnection, $search)) {
+ $info = $this->ldap_get_entries($ldapconnection, $search);
if (count($info) > 0 ) {
// user is member of group
$result = true;
break;
}
+ }
}
- }
return $result;
{$config->objectclass = ''; }
if (!isset($config->memberattribute))
{$config->memberattribute = ''; }
+ if (!isset($config->memberattribute_isdn))
+ {$config->memberattribute_isdn = ''; }
if (!isset($config->creators))
{$config->creators = ''; }
if (!isset($config->create_context))
set_config('version', $config->version, 'auth/ldap');
set_config('objectclass', $config->objectclass, 'auth/ldap');
set_config('memberattribute', $config->memberattribute, 'auth/ldap');
+ set_config('memberattribute_isdn', $config->memberattribute_isdn, 'auth/ldap');
set_config('creators', $config->creators, 'auth/ldap');
set_config('create_context', $config->create_context, 'auth/ldap');
set_config('expiration', $config->expiration, 'auth/ldap');
{$config->objectclass = ''; }
if (!isset($config->memberattribute))
{$config->memberattribute = ''; }
+ if (!isset($config->memberattribute_isdn))
+ {$config->memberattribute_isdn = ''; }
if (!isset($config->creators))
{$config->creators = ''; }
if (!isset($config->create_context))
</td>
</tr>
+<tr valign="top" class="required">
+ <td align="right"><label for="memberattribute_isdn"><?php print_string('auth_ldap_memberattribute_isdn_key','auth') ?></label></td>
+ <td>
+ <input name="memberattribute" id="memberattribute_isdn" type="text" size="30" value="<?php echo $config->memberattribute_isdn?>" />
+ <?php if (isset($err['memberattribute_isdn'])) formerr($err['memberattribute_isdn']); ?>
+ </td><td>
+ <?php print_string('auth_ldap_memberattribute_isdn','auth') ?>
+ </td>
+</tr>
+
<tr valign="top" class="required">
<td align="right"><label for="objectclass"><?php print_string('auth_ldap_objectclass_key','auth') ?></label></td>
<td>
$string['auth_ldap_ldap_encoding'] = 'Specify encoding used by LDAP server. Most probably utf-8, MS AD v2 uses default platform encoding such as cp1252, cp1250, etc.';
$string['auth_ldap_login_settings'] = 'Login settings';
$string['auth_ldap_memberattribute'] = 'Optional: Overrides user member attribute, when users belongs to a group. Usually \'member\'';
+$string['auth_ldap_memberattribute_isdn'] = 'Optional: Overrides handling of member attribute values, either 0 or 1';
$string['auth_ldap_objectclass'] = 'Optional: Overrides objectClass used to name/search users on ldap_user_type. Usually you dont need to chage this.';
$string['auth_ldap_opt_deref'] = 'Determines how aliases are handled during search. Select one of the following values: \"No\" (LDAP_DEREF_NEVER) or \"Yes\" (LDAP_DEREF_ALWAYS)';
$string['auth_ldap_passwdexpire_settings'] = 'LDAP password expiration settings.';
$string['auth_ldap_opt_deref_key'] = 'Dereference aliases';
$string['auth_ldap_user_attribute_key'] = 'User attribute';
$string['auth_ldap_memberattribute_key'] = 'Member attribute';
+$string['auth_ldap_memberattribute_isdn_key'] = 'Member attribute uses dn';
$string['auth_ldap_objectclass_key'] = 'Object class';
$string['auth_ldap_changepasswordurl_key'] = 'Password-change URL';
$string['auth_ldap_expiration_key'] = 'Expiration';
projects / moodle.git / commitdiff