2013-07-10 22:59:46 +10:00
|
|
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This class takes care of searching within LDAP
|
|
|
|
*
|
|
|
|
* @package Kohana/LDAP
|
|
|
|
* @category Helpers
|
|
|
|
* @author Deon George
|
2013-07-12 10:35:54 +10:00
|
|
|
* @copyright (c) 2013 phpLDAPadmin Development Team
|
2013-07-10 22:59:46 +10:00
|
|
|
* @license http://dev.phpldapadmin.org/license.html
|
|
|
|
*/
|
|
|
|
abstract class Kohana_Database_LDAP_Search {
|
2013-07-12 10:35:54 +10:00
|
|
|
private $_db; // Our LDAP Server to query
|
2013-07-10 22:59:46 +10:00
|
|
|
|
|
|
|
private $_attrs = array('*','+'); // LDAP Attributes to Return
|
|
|
|
private $_base = array(); // LDAP Search Base
|
|
|
|
private $_deref = LDAP_DEREF_NEVER; // LDAP Search Default DEREF
|
|
|
|
private $_filter = '(objectclass=*)'; // LDAP Search Filter
|
|
|
|
private $_size_limit = '500'; // LDAP Search Size Limit
|
|
|
|
private $_scope = 'base'; // LDAP Search Scope
|
|
|
|
private $_time_limit = '60'; // LDAP Search Time Limit
|
|
|
|
private $_db_pending = array(); // LDAP Query Filter to compile
|
|
|
|
|
2013-07-13 22:42:02 +10:00
|
|
|
// Execute the query during a cache hit
|
|
|
|
protected $_force_execute = FALSE;
|
|
|
|
|
2013-07-12 10:35:54 +10:00
|
|
|
// Cache lifetime
|
|
|
|
protected $_lifetime = NULL;
|
|
|
|
|
2013-08-16 12:21:17 +10:00
|
|
|
// Parameters for __construct when using object results
|
|
|
|
protected $_object_params = array();
|
|
|
|
|
2013-07-10 22:59:46 +10:00
|
|
|
/**
|
|
|
|
* Callable database methods
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected static $_db_methods = array(
|
|
|
|
'where', 'and_where', 'or_where', 'where_open', 'and_where_open', 'or_where_open', 'where_close',
|
|
|
|
'and_where_close', 'or_where_close',
|
2013-08-16 12:21:17 +10:00
|
|
|
'limit',
|
|
|
|
);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* ORM methods that are called, but dont do anything in LDAP
|
|
|
|
*/
|
|
|
|
protected static $_orm_ignore_methods = array(
|
|
|
|
'from',
|
2013-07-10 22:59:46 +10:00
|
|
|
);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Members that have access methods
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
protected static $_properties = array(
|
|
|
|
);
|
|
|
|
|
2013-07-12 10:35:54 +10:00
|
|
|
public function __construct(Database_LDAP $db,$base=array()) {
|
|
|
|
$this->_db = $db;
|
2013-07-10 22:59:46 +10:00
|
|
|
|
|
|
|
$this->_base = is_null($base) ? $this->base() : $base;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handles pass-through to database methods. Calls to query methods
|
|
|
|
* (query, get, insert, update) are not allowed. Query builder methods
|
|
|
|
* are chainable.
|
|
|
|
*
|
|
|
|
* @param string $method Method name
|
|
|
|
* @param array $args Method arguments
|
|
|
|
* @return mixed
|
|
|
|
*/
|
|
|
|
public function __call($method,array $args) {
|
|
|
|
if (in_array($method,Database_LDAP_Search::$_properties)) {
|
|
|
|
/*
|
|
|
|
// @todo To Implement
|
|
|
|
if ($method === 'validation')
|
|
|
|
{
|
|
|
|
if ( ! isset($this->_validation))
|
|
|
|
{
|
|
|
|
// Initialize the validation object
|
|
|
|
$this->_validation();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
*/
|
|
|
|
|
|
|
|
// Return the property
|
|
|
|
return $this->{'_'.$method};
|
2013-08-16 12:21:17 +10:00
|
|
|
|
|
|
|
} elseif (in_array($method,Database_LDAP_Search::$_db_methods)) {
|
2013-07-10 22:59:46 +10:00
|
|
|
// Add pending database call which is executed after query type is determined
|
|
|
|
$this->_db_pending[] = array('name' => $method,'args' => $args);
|
|
|
|
|
|
|
|
return $this;
|
2013-08-16 12:21:17 +10:00
|
|
|
|
|
|
|
} elseif (in_array($method,Database_LDAP_Search::$_orm_ignore_methods)) {
|
|
|
|
return $this;
|
|
|
|
|
|
|
|
} else {
|
|
|
|
throw new Kohana_Exception('Invalid method :method called in :class (:args)',
|
|
|
|
array(':method' => $method,':class' => get_class($this),':args'=>print_r($args,TRUE)));
|
2013-07-10 22:59:46 +10:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
private function _build() {
|
|
|
|
$search = new Database_LDAP_Search_Builder_Query();
|
|
|
|
|
|
|
|
// Process pending database method calls
|
|
|
|
foreach ($this->_db_pending as $method) {
|
|
|
|
$name = $method['name'];
|
|
|
|
$args = $method['args'];
|
|
|
|
|
|
|
|
$this->_db_applied[$name] = $name;
|
|
|
|
|
2013-08-16 12:21:17 +10:00
|
|
|
switch ($name) {
|
|
|
|
case 'limit':
|
|
|
|
$this->_size_limit = $args[0];
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
call_user_func_array(array($search,$name),$args);
|
|
|
|
}
|
2013-07-10 22:59:46 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
return $search;
|
|
|
|
}
|
|
|
|
|
2013-08-16 12:21:17 +10:00
|
|
|
public function as_assoc() {
|
|
|
|
$this->_as_object = FALSE;
|
|
|
|
|
|
|
|
$this->_object_params = array();
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
2013-07-10 22:59:46 +10:00
|
|
|
/**
|
|
|
|
* Figure out the bases
|
|
|
|
*/
|
2013-08-16 12:21:17 +10:00
|
|
|
public function base(array $base=NULL) {
|
|
|
|
if (! is_null($base))
|
|
|
|
$this->_base = $base;
|
|
|
|
|
|
|
|
if ($this->_base)
|
|
|
|
return $this->_base;
|
|
|
|
|
2013-07-10 22:59:46 +10:00
|
|
|
// If the base is set in the configuration file, then just return that.
|
|
|
|
if (! is_null($x=Kohana::$config->load('database.default.connection.database')))
|
|
|
|
return $x;
|
|
|
|
|
2013-07-12 10:35:54 +10:00
|
|
|
$x = LDAP::factory('auth');
|
2013-07-10 22:59:46 +10:00
|
|
|
|
|
|
|
$u = $x->search(array(''))
|
|
|
|
->scope('base')
|
2013-08-16 12:21:17 +10:00
|
|
|
->execute();
|
2013-07-10 22:59:46 +10:00
|
|
|
|
2013-07-12 10:35:54 +10:00
|
|
|
// Quick validation
|
2013-08-16 12:21:17 +10:00
|
|
|
if ($u['']->count() > 1)
|
2013-07-12 10:35:54 +10:00
|
|
|
throw HTTP_Exception::factory(501,'We got more than 1 null DN?');
|
2013-07-10 22:59:46 +10:00
|
|
|
|
2013-08-16 12:21:17 +10:00
|
|
|
return isset($u['']['']['namingcontexts']) ? $u['']['']['namingcontexts'] : array();
|
2013-07-10 22:59:46 +10:00
|
|
|
}
|
|
|
|
|
2013-07-13 22:42:02 +10:00
|
|
|
/**
|
|
|
|
* Enables the query to be cached for a specified amount of time.
|
|
|
|
*
|
2013-08-16 12:21:17 +10:00
|
|
|
* @param integer $lifetime number of seconds to cache, 0 deletes it from the cache
|
|
|
|
* @param boolean whether or not to execute the query during a cache hit
|
|
|
|
* @return $this
|
|
|
|
* @uses Kohana::$cache_life
|
2013-07-13 22:42:02 +10:00
|
|
|
*/
|
|
|
|
public function cached($lifetime=NULL,$force=FALSE) {
|
|
|
|
if ($lifetime === NULL) {
|
|
|
|
// Use the global setting
|
|
|
|
$lifetime = Kohana::$cache_life;
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->_force_execute = $force;
|
|
|
|
$this->_lifetime = $lifetime;
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
2013-07-10 22:59:46 +10:00
|
|
|
public function deref($val) {
|
|
|
|
$this->_deref = $val;
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Search the LDAP database
|
|
|
|
*/
|
2013-08-16 12:21:17 +10:00
|
|
|
public function execute($db=NULL,$as_object=FALSE,$object_params=NULL) {
|
2013-07-10 22:59:46 +10:00
|
|
|
$query = array();
|
|
|
|
|
2013-08-16 12:21:17 +10:00
|
|
|
if (! is_object($this->_db))
|
|
|
|
throw new Kohana_Exception('db must be an object');
|
|
|
|
|
|
|
|
// We'll override the DB if we have been given one
|
|
|
|
if (is_object($db))
|
|
|
|
$this->_db = $db;
|
|
|
|
|
|
|
|
if ($as_object === NULL)
|
|
|
|
$as_object = $this->_as_object;
|
|
|
|
|
|
|
|
if ($object_params === NULL)
|
|
|
|
$object_params = $this->_object_params;
|
|
|
|
|
2013-07-10 22:59:46 +10:00
|
|
|
// Query Defaults
|
|
|
|
$attrs_only = 0;
|
|
|
|
|
|
|
|
// Compile our query
|
|
|
|
if ($this->_db_pending)
|
|
|
|
$this->_filter = $this->_build();
|
|
|
|
|
2013-08-16 12:21:17 +10:00
|
|
|
// Validation that we are connected, no point contining if we are not.
|
2014-02-07 23:34:37 +11:00
|
|
|
$this->_db->connect();
|
|
|
|
|
2013-08-16 12:21:17 +10:00
|
|
|
if (! $this->_db->connection())
|
|
|
|
throw HTTP_Exception::factory(501,'Cant run a search without a connection (:type,:filter)',array(':type'=>$this->_db,':filter'=>$this->_filter));
|
2013-07-10 22:59:46 +10:00
|
|
|
|
2013-08-16 12:21:17 +10:00
|
|
|
$result = new Database_LDAP_Search_Result;
|
|
|
|
foreach ($this->_base as $base) {
|
2013-07-12 10:35:54 +10:00
|
|
|
if ($this->_lifetime !== NULL AND $this->_db->caching()) {
|
|
|
|
// Set the cache key based on the database instance name and SQL
|
|
|
|
$cache_key = 'Database::query("'.$this->_db.'","'.$base.'","'.$this->_scope.'","'.$this->_filter.'")';
|
2013-07-10 22:59:46 +10:00
|
|
|
|
2013-07-12 10:35:54 +10:00
|
|
|
// Read the cache first to delete a possible hit with lifetime <= 0
|
2013-07-13 22:42:02 +10:00
|
|
|
if (($search = Kohana::cache($cache_key, NULL, $this->_lifetime)) !== NULL AND ! $this->_force_execute) {
|
2013-07-12 10:35:54 +10:00
|
|
|
// Return a cached result
|
2013-07-13 22:42:02 +10:00
|
|
|
$result[$base] = new Database_LDAP_Result_Cached($search, array('b'=>$base,'s'=>$this->_scope,'f'=>$this->_filter), $as_object, $object_params);
|
2013-07-12 10:35:54 +10:00
|
|
|
}
|
2013-07-10 22:59:46 +10:00
|
|
|
}
|
|
|
|
|
2013-07-12 10:35:54 +10:00
|
|
|
// Search is not cached, OR caching is disabled, so we'll query
|
2013-08-16 12:21:17 +10:00
|
|
|
if (! isset($result[$base])) {
|
|
|
|
try {
|
|
|
|
switch ($this->_scope) {
|
|
|
|
case 'base':
|
|
|
|
$search = ldap_read($this->_db->connection(),$base,$this->_filter,$this->_attrs,$attrs_only,$this->_size_limit,$this->_time_limit,$this->_deref);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 'one':
|
|
|
|
$search = ldap_list($this->_db->connection(),$base,$this->_filter,$this->_attrs,$attrs_only,$this->_size_limit,$this->_time_limit,$this->_deref);
|
|
|
|
break;
|
|
|
|
|
|
|
|
case 'sub':
|
|
|
|
default:
|
|
|
|
$search = ldap_search($this->_db->connection(),$base,$this->_filter,$this->_attrs,$attrs_only,$this->_size_limit,$this->_time_limit,$this->_deref);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
} catch (Exception $e) {
|
2014-02-07 23:34:37 +11:00
|
|
|
throw HTTP_Exception::factory(501,'Error running a query (SCOPE::scope,BASE::base,TYPE::type,FILTER::filter,ATTRS::attrs) [:error]',
|
|
|
|
array(':base'=>$base,':scope'=>$this->_scope,':type'=>$this->_db,':filter'=>$this->_filter,':attrs'=>join('|',$this->_attrs),':error'=>$e->getMessage()));
|
2013-07-10 22:59:46 +10:00
|
|
|
}
|
|
|
|
|
2013-07-12 10:35:54 +10:00
|
|
|
$result[$base] = new Database_LDAP_Result(array('l'=>$this->_db->connection(),'r'=>$search),array('b'=>$base,'s'=>$this->_scope,'f'=>$this->_filter),$as_object,$object_params);
|
2013-07-13 22:42:02 +10:00
|
|
|
|
|
|
|
// Cache the result array
|
|
|
|
if (isset($cache_key) AND $this->_lifetime > 0)
|
|
|
|
Kohana::cache($cache_key,$result[$base]->as_array(),$this->_lifetime);
|
2013-07-12 10:35:54 +10:00
|
|
|
}
|
2013-07-10 22:59:46 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function size_limit($val) {
|
|
|
|
$this->_size_limit = $val;
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function scope($val) {
|
|
|
|
switch ($val) {
|
|
|
|
case 'base':
|
|
|
|
case 'sub':
|
|
|
|
case 'one': $this->_scope = $val;
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
throw new Kohana_Exception('Unknown search scope :scope',array(':scope',$val));
|
|
|
|
}
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function time_limit($val) {
|
|
|
|
$this->_time_limit = $val;
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|