deon/phpldapadmin
1
0
Fork 0
Code Issues 36 Pull Requests Packages Projects Releases Wiki Activity

Added appearance option show_authz (#94)

Browse Source 
Enabling displays the authorization ID rather than the authentication ID,
similar to using ldapwhoami.  Requires PHP 7.2+
This commit is contained in:
sshambar 2020-02-19 14:14:18 -08:00 committed by GitHub
parent 0fe1758572
commit 0a57b2f80e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 28 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/config.php.example
View File

@ -431,6 +431,9 @@ $servers->setValue('server','name','My LDAP Server');
/* Set to true if you would like to initially open the first level of each tree. */ /* Set to true if you would like to initially open the first level of each tree. */
// $servers->setValue('appearance','open_tree',false); // $servers->setValue('appearance','open_tree',false);
/* Set to true to display authorization ID in place of login dn (PHP 7.2+) */
// $servers->setValue('appearance','show_authz',false);
/* This feature allows phpLDAPadmin to automatically determine the next /* This feature allows phpLDAPadmin to automatically determine the next
available uidNumber for a new entry. */ available uidNumber for a new entry. */
// $servers->setValue('auto_number','enable',true); // $servers->setValue('auto_number','enable',true);

5
lib/HTMLTree.php
View File

@ -45,7 +45,8 @@ class HTMLTree extends Tree {
if (! $onlytree) { if (! $onlytree) {
$this->draw_menu(); $this->draw_menu();
if ($server->getAuthType() != 'config') if (($server->getAuthType() != 'config') ||
$server->getValue('appearance', 'show_authz'))
$this->draw_logged_in_user(); $this->draw_logged_in_user();
else else
printf('<tr><td class="blank" colspan="%s">&nbsp;</td></tr>',$this->getDepth()+3); printf('<tr><td class="blank" colspan="%s">&nbsp;</td></tr>',$this->getDepth()+3);
@ -344,7 +345,7 @@ class HTMLTree extends Tree {
$server = $this->getServer(); $server = $this->getServer();
$logged_in_dn = $server->getLogin(null); $logged_in_dn = $server->displayLogin(null);
echo '<tr>'; echo '<tr>';
echo '<td class="spacer"></td>'; echo '<td class="spacer"></td>';
printf('<td class="logged_in" colspan="%s">%s: ',$this->getDepth()+3-1,_('Logged in as')); printf('<td class="logged_in" colspan="%s">%s: ',$this->getDepth()+3-1,_('Logged in as'));

22
lib/ds_ldap_pla.php
View File

@ -28,6 +28,10 @@ class ldap_pla extends ldap {
'desc'=>'Whether to initially open each tree', 'desc'=>'Whether to initially open each tree',
'default'=>false); 'default'=>false);
$this->default->appearance['show_authz'] = array(
'desc'=>'Enable display of authorization ID as login',
'default'=>false);
$this->default->login['fallback_dn'] = array( $this->default->login['fallback_dn'] = array(
'desc'=>'If the attribute base login fails, see if a DN was entered', 'desc'=>'If the attribute base login fails, see if a DN was entered',
'default'=>false); 'default'=>false);
@ -655,5 +659,23 @@ class ldap_pla extends ldap {
$_SESSION['ACTIVITY'][$this->getIndex()] = $this->inactivityTime(); $_SESSION['ACTIVITY'][$this->getIndex()] = $this->inactivityTime();
return true; return true;
} }
/**
* Return login, or authorization ID if show_authz enabled
*/
public function displayLogin($method=null) {
// check for whoami function, added in 7.2
if ($this->getValue('appearance', 'show_authz') && function_exists('ldap_exop_whoami')) {
$result = @ldap_exop_whoami($this->connect($method));
if ($result) // strip any dn: or u: prefix
$result = preg_replace('/^(u|dn):/i', '', $result);
else // fall back to login on error
$result = $this->getLogin($method);
return $result;
}
else {
return $this->getLogin($method);
}
}
} }
?> ?>