Initial application work

This commit is contained in:
Deon George 2012-06-05 13:50:21 +10:00
parent cfd7b5db83
commit 808766bb87
31 changed files with 1748 additions and 0 deletions

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Auth_LDAP extends PLA_Auth_LDAP {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Block extends PLA_Block {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Config extends PLA_Config {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_Login extends PLA_Controller_Login {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_Logout extends PLA_Controller_Logout {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_Media extends PLA_Controller_Media {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Controller_Template extends PLA_Controller_Template {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Database_LDAP extends PLA_Database_LDAP {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Database_LDAP_Search extends PLA_Database_LDAP_Search {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Database_LDAP_Search_Builder_Query extends PLA_Database_LDAP_Search_Builder_Query {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class HTMLRender extends PLA_HTMLRender {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Meta extends PLA_Meta {}
?>

View File

@ -0,0 +1,79 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* LDAP Auth driver.
*
* @package PLA
* @subpackage Auth/LDAP
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
class PLA_Auth_LDAP extends Auth {
// Unnused required abstract functions
public function password($username) {}
public function check_password($password) {}
// Overrides
public function hash($str) {
// Since this is used automatically to encrypted a password, we need to suppress that for LDAP
if (! $this->_config['hash_key'])
return $str;
else
return parent::hash($str);
}
/**
* Logs a user in.
*
* @param string username
* @param string password
* @param boolean enable autologin (not supported)
* @return boolean
*/
protected function _login($user, $password, $remember) {
if ( ! is_object($user)) {
$username = $user;
// Load the user
// @todo Get the server ID
$sid = 'default';
$user = Database_LDAP::instance($sid)->select_db('user')->connect();
$user->bind($username,$password);
}
// @todo Implement conditional logging based on memberships to groups or other criteria.
// @todo This check of user being logged in needs to be better
if (! $user->noconnect) {
/*
// @todo To implement
if ($remember === TRUE) {
// Token data
$data = array(
'user_id'=>$user->id,
'expires'=>time()+$this->_config['lifetime'],
'user_agent'=>sha1(Request::$user_agent),
);
// Create a new autologin token
$token = ORM::factory('user_token')
->values($data)
->create();
// Set the autologin cookie
Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
}
*/
// Finish the login
$this->complete_login($user);
return TRUE;
}
// Login failed
return FALSE;
}
}
?>

View File

@ -0,0 +1,81 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class is for rendering HTML body blocks (left, center, right).
*
* It will provide a header, body and footer.
*
* @package PLA
* @subpackage Page
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
* @uses Style
*/
abstract class PLA_Block extends HTMLRender {
protected static $_data = array();
protected static $_spacer = '<table><tr class="spacer"><td>&nbsp;</td></tr></table>';
protected static $_required_keys = array('body');
/**
* Add a block to be rendered
*
* @param array Block attributes
*/
public static function add($block,$prepend=FALSE) {
parent::add($block);
// Detect any style sheets.
if (! empty($block['style']) && is_array($block['style']))
foreach ($block['style'] as $data=>$media)
Style::add(array(
'type'=>'file',
'data'=>$data,
'media'=>$media,
));
}
/**
* Return an instance of this class
*
* @return Block
*/
public static function factory() {
return new Block;
}
/**
* Render this block
*
* @see HTMLRender::render()
*/
protected function render() {
$output = '';
$styles = array();
$i = 0;
foreach (static::$_data as $value) {
if ($i++)
$output .= static::$_spacer;
$output .= '<table class="block" border="0">';
if (! empty($value['title']))
$output .= sprintf('<tr class="title"><td>%s</td></tr>',$value['title']);
if (! empty($value['subtitle']))
$output .= sprintf('<tr class="subtitle"><td>%s</td></tr>',$value['subtitle']);
$output .= sprintf('<tr class="body"><td>%s</td></tr>',$value['body']);
if (! empty($value['footer']))
$output .= sprintf('<tr class="footer"><td>%s</td></tr>',$value['footer']);
$output .= '</table>';
}
return $output;
}
}
?>

View File

@ -0,0 +1,105 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class extends the core Kohana class by adding some core application
* specific functions, and configuration.
*
* @package PLA
* @subpackage Config
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Config extends Kohana_Config {
protected static $logo = 'img/logo-small.png';
/**
* Some early initialisation
*
* At this point, KH hasnt been fully initialised either, so we cant rely on
* too many KH functions yet.
* NOTE: Kohana doesnt provide a parent construct for the Kohana_Config class.
*/
public function __construct() {
if (Kohana::$is_cli) {
if (! $site = CLI::options('site'))
throw new Kohana_Exception(_('Cant figure out the site, use --site= for CLI'));
else
$_SERVER['SERVER_NAME'] = $site['site'];
}
}
/**
* Return our site name
*/
public static function site() {
return $_SERVER['SERVER_NAME'];
}
/**
* Work out our site ID for multiehosting
*/
public static function siteid() {
return Kohana::Config('config.site.id');
}
/**
* Work out our site mode (dev,test,prod)
*/
public static function sitemode() {
return Kohana::Config('config.site.mode');
}
public static function sitemodeverbose() {
$modes = array(
Kohana::PRODUCTION=>'Production',
Kohana::STAGING=>'Staging',
Kohana::TESTING=>'Testing',
Kohana::DEVELOPMENT=>'Development',
);
return (! isset($modes[static::sitemode()])) ? 'Unknown' : $modes[static::sitemode()];
}
public static function submode() {
$submode = Kohana::Config('config.debug.submode');
return (isset($submode[Request::$client_ip])) ? $submode[Request::$client_ip] : FALSE;
}
public static function sitename() {
return Kohana::Config('config.site.name');
}
// Called in Invoice/Emailing to embed the file.
public static function logo_file() {
list ($path,$suffix) = explode('.',static::$logo);
return Kohana::find_file(sprintf('media/%s',Config::siteid()),$path,$suffix);
}
public static function logo_uri() {
list ($path,$suffix) = explode('.',static::$logo);
return URL::site(Route::get('default/media')->uri(array('file'=>$path.'.'.$suffix),array('alt'=>static::sitename())),'http');
}
public static function logo() {
return HTML::image(static::logo_uri(),array('class'=>'headlogo','alt'=>_('Logo')));
}
public static function login_uri() {
return ($ao = Auth::instance()->get_user()) ? $ao->name() : HTML::anchor('login',_('Login'));
}
public static function copywrite() {
return '(c) phpLDAPadmin Development Team';
}
/**
* Return our caching mechanism
*/
public static function cachetype() {
return is_null(Kohana::config('config.cache_type')) ? 'file' : Kohana::config('config.cache_type');
}
}
?>

View File

@ -0,0 +1,200 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides login capability
*
* @package PLA
* @subpackage Page/Login
* @category Controllers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
* @also [logout]
*/
class PLA_Controller_Login extends Controller_Template {
protected $auth_required = FALSE;
public function action_index() {
// If user already signed-in
if (Auth::instance()->logged_in()!= 0) {
// Redirect to the user account
Request::current()->redirect('user/welcome');
}
// If there is a post and $_POST is not empty
if ($_POST) {
//echo debug::vars(array('p'=>$_POST,'ai'=>Auth::instance()));die();
// Store our details in a session key
Session::instance()->set('login',$_POST['username']);
Session::instance()->set('password',$_POST['password']);
// If the post data validates using the rules setup in the user model
if (Auth::instance()->login($_POST['username'],$_POST['password'])) {
// Redirect to the user account
if ($redir = Session::instance()->get('afterlogin')) {
Session::instance()->delete('afterlogin');
Request::current()->redirect($redir);
} else
Request::current()->redirect('user/welcome');
} else {
SystemMessage::add(array(
'title'=>_('Invalid username or password'),
'type'=>'error',
'body'=>_('The username or password was invalid.')
));
}
}
Block::add(array(
'title'=>_('Login to server'),
'body'=>View::factory('login'),
'style'=>array('css/login.css'=>'screen'),
));
Script::add(array('type'=>'stdin','data'=>'
$(document).ready(function() {
$("#ajxbody").click(function() {$("#ajBODY").load("'.$this->request->uri().'/"); return false;});
});'
));
}
public function action_register() {
// If user already signed-in
if (Auth::instance()->logged_in()!= 0) {
// Redirect to the user account
Request::current()->redirect('welcome/index');
}
// Instantiate a new user
$account = ORM::factory('account');
// If there is a post and $_POST is not empty
if ($_POST) {
// Check Auth
$status = $account->values($_POST)->check();
if (! $status) {
foreach ($account->validation()->errors('form/register') as $f => $r) {
// $r[0] has our reason for validation failure
switch ($r[0]) {
// Generic validation reason
default:
SystemMessage::add(array(
'title'=>_('Validation failed'),
'type'=>'error',
'body'=>sprintf(_('The defaults on your submission were not valid for field %s (%s).'),$f,$r)
));
}
}
}
$ido = ORM::factory('module')
->where('name','=','account')
->find();
$account->id = $ido->record_id->next_id($ido->id);
// Save the user details
if ($account->save()) {}
}
SystemMessage::add(array(
'title'=>_('Already have an account?'),
'type'=>'info',
'body'=>_('If you already have an account, please login..')
));
Block::add(array(
'title'=>_('Register'),
'body'=>View::factory('bregister')
->set('account',$account)
->set('errors',$account->validation()->errors('form/register')),
));
$this->template->left = HTML::anchor('login','Login').'...';
}
/**
* Enable user password reset
*/
public function action_reset() {
// If user already signed-in
if (Auth::instance()->logged_in()!= 0) {
// Redirect to the user account
Request::current()->redirect('welcome/index');
}
// If the user posted their details to reset their password
if ($_POST) {
// If the email address is correct, create a method token
if (! empty($_POST['email']) AND ($ao=ORM::factory('account',array('email'=>$_POST['email']))) AND $ao->loaded()) {
$mt = ORM::factory('module_method_token');
// Find out our password reset method id
// @todo move this to a more generic method, so that it can be called by other methods
$mo = ORM::factory('module',array('name'=>'account'));
$mmo = ORM::factory('module_method',array('name'=>'user_resetpassword','module_id'=>$mo->id));
// Check to see if there is already a token, if so, do nothing.
if ($mt->where('account_id','=',$ao->id)->and_where('method_id','=',$mmo->id)->find()) {
if ($mt->date_expire < time()) {
$mt->delete();
$mt->clear();
}
}
if (! $mt->loaded()) {
$mt->account_id = $ao->id;
$mt->method_id = $mmo->id;
$mt->date_expire = time() + 15*3600;
$mt->token = md5(sprintf('%s:%s:%s',$mt->account_id,$mt->method_id,$mt->date_expire));
$mt->save();
// Send our email with the token
$et = EmailTemplate::instance('account_reset_password');
$et->to = array($mt->account->email=>sprintf('%s %s',$mt->account->first_name,$mt->account->last_name));
$et->variables = array(
'SITE'=>URL::base(TRUE,TRUE),
'SITE_ADMIN'=>Config::sitename(),
'SITE_NAME'=>Config::sitename(),
'TOKEN'=>$mt->token,
'USER_NAME'=>sprintf('%s %s',$mt->account->first_name,$mt->account->last_name),
);
$et->send();
}
// Redirect to our password reset, the Auth will validate the token.
} elseif (! empty($_REQUEST['token'])) {
Request::current()->redirect(sprintf('user/account/resetpassword?token=%s',$_REQUEST['token']));
}
// Show our token screen even if the email was invalid.
if (isset($_POST['email']))
Block::add(array(
'title'=>_('Reset your password'),
'body'=>View::factory('login_reset_sent'),
'style'=>array('css/login.css'=>'screen'),
));
else
Request::current()->redirect('login');
} else {
Block::add(array(
'title'=>_('Reset your password'),
'body'=>View::factory('login_reset'),
'style'=>array('css/login.css'=>'screen'),
));
}
}
public function action_noaccess() {
SystemMessage::add(array(
'title'=>_('No access to requested resource'),
'type'=>'error',
'body'=>_('You do not have access to the requested resource, please contact your administrator.')
));
}
}
?>

View File

@ -0,0 +1,26 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides logout capability
*
* @package PLA
* @subpackage Page/Logout
* @category Controllers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
* @also [login]
*/
class PLA_Controller_Logout extends Controller {
public function action_index() {
# If user already signed-in
if (Auth::instance()->logged_in()!= 0) {
Auth::instance()->logout();
Request::current()->redirect('login');
}
Request::current()->redirect('welcome/index');
}
}
?>

View File

@ -0,0 +1,59 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides access to rendering media items (javascript, images and css).
*
* @package PLA
* @subpackage Page/Media
* @category Controllers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Controller_Media extends Controller {
/**
* This action will render all the media related files for a page
*
* @return void
*/
public function action_get() {
// Get the file path from the request
$file = $this->request->param('file');
// Find the file extension
$ext = pathinfo($file,PATHINFO_EXTENSION);
// Remove the extension from the filename
$file = substr($file,0,-(strlen($ext)+1));
$f = '';
// If our file is pathed with session, our file is in our session.
if ($fd = Session::instance()->get_once($this->request->param('file'))) {
$this->response->body($fd);
// If not found try a default media file
} elseif ($f = Kohana::find_file('media/'.Kohana::Config('config.theme'),$file,$ext)) {
// Send the file content as the response
$this->response->body(file_get_contents($f));
// If not found try a default media file
} elseif ($f = Kohana::find_file('media',$file,$ext)) {
// Send the file content as the response
$this->response->body(file_get_contents($f));
} else {
// Return a 404 status
$this->response->status(404);
}
// Generate and check the ETag for this file
if (Kohana::$environment === Kohana::PRODUCTION)
$this->response->check_cache(NULL,$this->request);
// Set the proper headers to allow caching
$this->response->headers('Content-Type',File::mime_by_ext($ext));
$this->response->headers('Content-Length',(string)$this->response->content_length());
$this->response->headers('Last-Modified',date('r', $f ? filemtime($f) : time()));
}
}
?>

View File

@ -0,0 +1,124 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides the default template controller for rendering pages.
*
* @package PLA
* @subpackage Page/Template
* @category Controllers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Controller_Template extends Kohana_Controller_Template {
// @var object meta object information as per [meta]
private $meta;
public function __construct(Request $request, Response $response) {
$this->template = Kohana::Config('config.theme');
return parent::__construct($request,$response);
}
public function before() {
// Do not template media files
if ($this->request->action() === 'media') {
$this->auto_render = FALSE;
return;
}
parent::before();
// For AJAX calls, we dont need to render the complete page.
if ($this->request->is_ajax()) {
$this->auto_render = FALSE;
return;
}
$this->template->content = '';
// Setup the page template
$this->meta = new meta;
View::bind_global('meta',$this->meta);
}
public function after() {
if ($this->auto_render === TRUE) {
// Application Title
$this->meta->title = Kohana::Config('config.appname');
// Language
// @todo
$this->meta->language = '';
// Description
$this->meta->description = sprintf('%s::%s',$this->request->controller(),$this->request->action());
// Control Line
// @todo
$this->template->control = '';
// System Messages line
// @todo
$this->template->sysmsg = '';
// Left Item
// @todo
$this->template->left = '';
$this->template->right = '';
$this->template->center = '';
if (! $this->response->body())
$this->response->body((string)Block::factory());
if (empty($this->template->content))
$this->template->content = $this->response->body();
// Footer
// @todo
$this->template->footer = '';
// Our default script(s)
foreach (array('file'=>array_reverse(array(
'js/jquery-1.6.4.min.js',
))) as $type => $datas) {
foreach ($datas as $data) {
Script::add(array(
'type'=>$type,
'data'=>$data,
),TRUE);
}
}
// Add our logo
Style::add(array(
'type'=>'stdin',
'data'=>'h1 span{background:url('.Config::logo_uri().') no-repeat;}',
));
// For any ajax rendered actions, we'll need to capture the content and put it in the response
// @todo
} elseif ($this->request->is_ajax() && isset($this->template->content) && ! $this->response->body()) {
// @todo move this formatting to a view?
if ($s = $this->_sysmsg() AND (string)$s)
$this->response->body(sprintf('<table class="sysmsg"><tr><td>%s</td></tr></table>',$s));
// Since we are ajax, we should re-render the breadcrumb
Session::instance()->set('breadcrumb',(string)Breadcrumb::factory());
$this->response->bodyadd(Script::add(array('type'=>'stdin','data'=>'$().ready($("#ajCONTROL").load("'.URL::site('welcome/breadcrumb').'",null,function(x,s,r) {}));')));
// In case there any javascript for this render.
$this->response->bodyadd(Script::factory());
// Get the response body
$this->response->bodyadd(sprintf('<table class="content"><tr><td>%s</td></tr></table>',$this->template->content));
}
parent::after();
// Generate and check the ETag for this file
if (Kohana::$environment === Kohana::PRODUCTION)
$this->response->check_cache(NULL,$this->request);
}
}

View File

@ -0,0 +1,186 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class takes care of communicating with LDAP
*
* @package PLA
* @subpackage LDAP
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Database_LDAP extends Database {
// Our required abstract functions
public function set_charset($charset) {}
public function query($type, $sql, $as_object = FALSE, array $params = NULL) {}
public function begin($mode = NULL) {}
public function commit() {}
public function rollback() {}
public function list_tables($like = NULL) {}
public function list_columns($table, $like = NULL, $add_prefix = TRUE) {}
public function escape($value) { return $value;}
// Overrides
public function quote_column($column) {
return $column;
}
// This function will enable us to have multiple resource contexts
// @todo To Implement
public function select_db($x) {
return $this;
}
private function _connect() {
/*
// @todo To implement
# No identifiable connection exists, lets create a new one.
if (DEBUG_ENABLED)
debug_log('Creating NEW connection [%s] for index [%s]',16,0,__FILE__,__LINE__,__METHOD__,
$method,$this->index);
*/
/*
// @todo To implement
if (function_exists('run_hook'))
run_hook('pre_connect',array('server_id'=>$this->index,'method'=>$method));
*/
if (! empty($this->_config['port']))
$r = ldap_connect($this->_config['connection']['hostname'],$this->_config['port']);
else
$r = ldap_connect($this->_config['connection']['hostname']);
/*
// @todo To implement
if (DEBUG_ENABLED)
debug_log('LDAP Resource [%s], Host [%s], Port [%s]',16,0,__FILE__,__LINE__,__METHOD__,
$this->_r,$this->getValue('server','host'),$this->getValue('server','port'));
*/
if (! is_resource($r))
throw Kohana_Exception('UNHANDLED, $r is not a resource');
// Go with LDAP version 3 if possible (needed for renaming and Novell schema fetching)
ldap_set_option($r,LDAP_OPT_PROTOCOL_VERSION,3);
/* Disabling this makes it possible to browse the tree for Active Directory, and seems
* to not affect other LDAP servers (tested with OpenLDAP) as phpLDAPadmin explicitly
* specifies deref behavior for each ldap_search operation. */
ldap_set_option($r,LDAP_OPT_REFERRALS,0);
/*
// @todo To implement
# Try to fire up TLS is specified in the config
if ($this->isTLSEnabled())
$this->startTLS($this->_r);
*/
return $r;
}
private function _bind($r,$u,$p) {
if (! is_resource($r))
throw Kohana_Exception('UNHANDLED, $r is not a resource');
/*
// @todo To implement
# If SASL has been configured for binding, then start it now.
if ($this->isSASLEnabled())
$br = $this->startSASL($this->_r,$method);
# Normal bind...
else
*/
$br = @ldap_bind($r,$u,$p);
/*
if ($debug)
debug_dump(array('method'=>$method,'bind'=>$bind,'USER'=>$_SESSION['USER']));
if (DEBUG_ENABLED)
debug_log('Resource [%s], Bind Result [%s]',16,0,__FILE__,__LINE__,__METHOD__,$this->_r,$bind);
*/
if (! $br) {
/*
if (DEBUG_ENABLED)
debug_log('Leaving with FALSE, bind FAILed',16,0,__FILE__,__LINE__,__METHOD__);
*/
$this->noconnect = true;
/*
// @todo To implement
system_message(array(
'title'=>sprintf('%s %s',_('Unable to connect to LDAP server'),$this->getName()),
'body'=>sprintf('<b>%s</b>: %s (%s) for <b>%s</b>',_('Error'),$this->getErrorMessage($method),$this->getErrorNum($method),$method),
'type'=>'error'));
*/
} else {
$this->noconnect = false;
/*
// @todo To implement
# If this is a proxy session, we need to switch to the proxy user
if ($this->isProxyEnabled() && $bind['id'] && $method != 'anon')
if (! $this->startProxy($this->_r,$method)) {
$this->noconnect = true;
$CACHE[$this->index][$method] = null;
}
*/
}
/*
// @todo To implement
if (function_exists('run_hook'))
run_hook('post_connect',array('server_id'=>$this->index,'method'=>$method,'id'=>$bind['id']));
*/
/*
// @todo To implement
if ($debug)
debug_dump(array($method=>$CACHE[$this->index][$method]));
*/
return $br;
}
public function connect() {
if ($this->_r = $this->_connect())
return $this;
else
throw Kohana_Exception('Unable to connect to LDAP Server?');
}
public function bind($user,$pass) {
// If this is an anon query, then we return
// Do we need to do an anon search to find the DN
if (! empty($this->_config['login_attr']) AND strtoupper($this->_config['login_attr']) != 'DN') {
$u = $this->search()
->scope('sub')
->where($this->_config['login_attr'],'=',$user)
->run();
if (! $u)
throw new Kohana_Exception('Unable to find user :user',array(':user'=>$user));
$u = array_shift($u);
$user = $u['dn'];
}
// Bind
if ($this->_bind($this->_r,$user,$pass))
return $this;
else
throw new Kohana_Exception('Unable to bind');
}
public function search() {
return new Database_LDAP_Search($this->_r);
}
}
?>

View File

@ -0,0 +1,270 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class takes care of searching within LDAP
*
* @package PLA
* @subpackage LDAP/Search
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Database_LDAP_Search {
private $_r; // Our LDAP Server to query
private $_scope = 'base'; // LDAP Search Scope
private $_filter = '(objectclass=*)'; // LDAP Search Scope
private $_attrs = array('*','+'); // LDAP Attributes to Return
private $_base = ''; // LDAP Base to Search
private $_db_pending = array(); // LDAP Query Filter to compile
/**
* Callable database methods
* @var array
*/
protected static $_db_methods = array(
'where', 'and_where', 'or_where', 'where_open', 'and_where_open', 'or_where_open', 'where_close',
'and_where_close', 'or_where_close',
);
/**
* Members that have access methods
* @var array
*/
protected static $_properties = array(
);
public function __construct($resource) {
$this->_r = $resource;
}
/**
* Handles pass-through to database methods. Calls to query methods
* (query, get, insert, update) are not allowed. Query builder methods
* are chainable.
*
* @param string $method Method name
* @param array $args Method arguments
* @return mixed
*/
public function __call($method,array $args) {
if (in_array($method,Database_LDAP_Search::$_properties)) {
/*
// @todo To Implement
if ($method === 'validation')
{
if ( ! isset($this->_validation))
{
// Initialize the validation object
$this->_validation();
}
}
*/
// Return the property
return $this->{'_'.$method};
}
elseif (in_array($method,Database_LDAP_Search::$_db_methods))
{
// Add pending database call which is executed after query type is determined
$this->_db_pending[] = array('name' => $method,'args' => $args);
return $this;
}
else
{
throw new Kohana_Exception('Invalid method :method called in :class',
array(':method' => $method,':class' => get_class($this)));
}
}
private function _build() {
$s = Database_LDAP_Search::Search();
// Process pending database method calls
foreach ($this->_db_pending as $method) {
$name = $method['name'];
$args = $method['args'];
$this->_db_applied[$name] = $name;
call_user_func_array(array($s,$name),$args);
}
return $s;
}
public static function Search($columns = NULL) {
return new Database_LDAP_Search_Builder_Query(func_get_args());
}
public static function instance($resource) {
return new Database_LDAP_Search($resource);
}
public function scope($val) {
switch ($val) {
case 'base':
case 'sub':
case 'one': $this->_scope = $val;
break;
default:
throw new Kohana_Exception('Unknown search scope :scope',array(':scope',$val));
}
return $this;
}
/**
* Search the LDAP database
*/
public function run() {
$query = array();
// Compile our query
if ($this->_db_pending)
$this->_filter = $this->_build();
/*
if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
debug_log('Entered (%%)',17,0,__FILE__,__LINE__,__METHOD__,$fargs);
*/
$attrs_only = 0;
$this->_base = 'o=Simpsons';
/*
// @todo To implement
if (! isset($query['base'])) {
$bases = $this->getBaseDN();
$query['base'] = array_shift($bases);
}
*/
/*
// @todo To implement
if (! isset($query['deref']))
$query['deref'] = $_SESSION[APPCONFIG]->getValue('deref','search');
*/
if (! isset($query['size_limit']))
$query['size_limit'] = 0;
if (! isset($query['time_limit']))
$query['time_limit'] = 0;
/*
if ($query['scope'] == 'base' && ! isset($query['baseok']))
system_message(array(
'title'=>sprintf('Dont call %s',__METHOD__),
'body'=>sprintf('Use getDNAttrValues for base queries [%s]',$query['base']),
'type'=>'info'));
*/
/*
if (is_array($query['base'])) {
system_message(array(
'title'=>_('Invalid BASE for query'),
'body'=>_('The query was cancelled because of an invalid base.'),
'type'=>'error'));
return array();
}
*/
/*
if (DEBUG_ENABLED)
debug_log('%s search PREPARE.',16,0,__FILE__,__LINE__,__METHOD__,$query['scope']);
*/
/*
if ($debug)
debug_dump(array('query'=>$query,'server'=>$this->getIndex(),'con'=>$this->connect($method)));
*/
//$resource = $this->connect($method,$debug);
switch ($this->_scope) {
case 'base':
$search = @ldap_read($this->_r,$this->_base,$this->_filter,$this->_attrs,$attrs_only,$query['size_limit'],$query['time_limit'],$query['deref']);
break;
case 'one':
$search = @ldap_list($this->_r,$this->_base,$this->_filter,$this->_attrs,$attrs_only,$query['size_limit'],$query['time_limit'],$query['deref']);
break;
case 'sub':
default:
$search = @ldap_search($this->_r,$this->_base,$this->_filter,$this->_attrs,$attrs_only,$query['size_limit'],$query['time_limit'],$query['deref']);
break;
}
/*
if ($debug)
debug_dump(array('method'=>$method,'search'=>$search,'error'=>$this->getErrorMessage()));
*/
/*
if (DEBUG_ENABLED)
debug_log('Search scope [%s] base [%s] filter [%s] attrs [%s] COMPLETE (%s).',16,0,__FILE__,__LINE__,__METHOD__,
$query['scope'],$query['base'],$query['filter'],$query['attrs'],is_null($search));
*/
if (! $search)
return array();
$return = array();
// Get the first entry identifier
if ($entries = ldap_get_entries($this->_r,$search)) {
# Remove the count
if (isset($entries['count']))
unset($entries['count']);
// Iterate over the entries
foreach ($entries as $a => $entry) {
/*
if (! isset($entry['dn']))
debug_dump_backtrace('No DN?',1);
*/
// Remove the none entry references.
if (! is_array($entry)) {
unset($entries[$a]);
continue;
}
$dn = $entry['dn'];
unset($entry['dn']);
// Iterate over the attributes
foreach ($entry as $b => $attrs) {
// Remove the none entry references.
if (! is_array($attrs)) {
unset($entry[$b]);
continue;
}
// Remove the count
if (isset($entry[$b]['count']))
unset($entry[$b]['count']);
}
// Our queries always include the DN (the only value not an array).
$entry['dn'] = $dn;
$return[$dn] = $entry;
}
// Sort our results
foreach ($return as $key => $values)
ksort($return[$key]);
}
/*
if (DEBUG_ENABLED)
debug_log('Returning (%s)',17,0,__FILE__,__LINE__,__METHOD__,$return);
*/
return $return;
}
}
?>

View File

@ -0,0 +1,214 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class takes care of building an LDAP filter query
*
* @package PLA
* @subpackage LDAP/Search
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Database_LDAP_Search_Builder_Query extends Database_Query_Builder {
protected $_where = array();
// @todo Not implemented
public function reset() {}
public function __construct() {
parent::__construct(Database::SELECT,'ldap');
}
/**
* Alias of and_where()
*
* @param mixed column name or array($column, $alias) or object
* @param string logic operator
* @param mixed column value
* @return $this
*/
public function where($column,$op,$value) {
return $this->and_where($column,$op,$value);
}
/**
* Creates a new "AND WHERE" condition for the query.
*
* @param mixed column name or array($column,$alias) or object
* @param string logic operator
* @param mixed column value
* @return $this
*/
public function and_where($column,$op,$value) {
$this->_where[] = array('AND' => array($column,$op,$value));
return $this;
}
/**
* Creates a new "OR WHERE" condition for the query.
*
* @param mixed column name or array($column,$alias) or object
* @param string logic operator
* @param mixed column value
* @return $this
*/
public function or_where($column,$op,$value) {
$this->_where[] = array('OR' => array($column,$op,$value));
return $this;
}
/**
* Alias of and_where_open()
*
* @return $this
*/
public function where_open() {
return $this->and_where_open();
}
/**
* Opens a new "AND WHERE (...)" grouping.
*
* @return $this
*/
public function and_where_open() {
$this->_where[] = array('AND' => '(');
return $this;
}
/**
* Opens a new "OR WHERE (...)" grouping.
*
* @return $this
*/
public function or_where_open() {
$this->_where[] = array('OR' => '(');
return $this;
}
public function compile(Database $db) {
$filter = '';
return $this->_compile_conditions($db,$this->_where);
}
/**
* Closes an open "AND WHERE (...)" grouping.
*
* @return $this
*/
public function where_close() {
return $this->and_where_close();
}
/**
* Closes an open "AND WHERE (...)" grouping.
*
* @return $this
*/
public function and_where_close() {
$this->_where[] = array('AND' => ')');
return $this;
}
/**
* Closes an open "OR WHERE (...)" grouping.
*
* @return $this
*/
public function or_where_close() {
$this->_where[] = array('OR' => ')');
return $this;
}
/**
* Compiles an array of conditions into an LDAP filter.
*
* @param object Database instance
* @param array condition statements
* @return string
*/
protected function _compile_conditions(Database $db,array $conditions,$index=0) {
$current_condition = $last_condition = NULL;
$filter = '';
$sub = 0;
foreach ($conditions as $key => $group) {
// If we have been called again, we need to skip ahead, or skip what has been processed
if ($key < $index OR $sub)
continue;
// Process groups of conditions
foreach ($group as $logic => $condition) {
if ($condition === '(') {
$filter .= $this->_compile_conditions($db,$conditions,$key+1);
$sub = 1;
} elseif ($condition === ')') {
if ($index) {
// As we return, we'll include our condition
switch ($current_condition) {
case 'AND':
return '(&'.$filter.')';
case 'OR':
return '(|'.$filter.')';
default:
throw new Kohana_Exception('Condition :condition not handled.',array(':condition'=>$condition));
}
}
$sub = 0;
} else {
// We currently cant handle when a condition changes, without brackets.
if ($filter AND $current_condition AND $current_condition != $logic)
throw new Kohana_Exception('Condition changed without brackets');
$current_condition = $logic;
// Split the condition
list($column,$op,$value) = $condition;
// Database operators are always uppercase
$op = strtoupper($op);
if ((is_string($value) AND array_key_exists($value,$this->_parameters)) === FALSE) {
// Quote the value, it is not a parameter
$value = $db->quote($value);
}
if ($column) {
// Apply proper quoting to the column
$column = $db->quote_column($column);
}
// Append the statement to the query
$filter .= trim('('.$column.$op.$value.')');
}
$last_condition = $condition;
}
}
switch ($current_condition) {
case 'AND':
return '(&'.$filter.')';
case 'OR':
return '(|'.$filter.')';
default:
throw new Kohana_Exception('Condition :condition not handled.',array(':condition'=>$condition));
}
}
}
?>

View File

@ -0,0 +1,92 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class is the base used for common static methods that are used
* for rendering.
*
* @package PLA
* @subpackage Page
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_HTMLRender {
protected static $_media_path = 'default/media';
protected static $_required_keys = array();
protected static $_unique_vals = array();
public function __construct() {
if (! isset(static::$_data))
throw new Kohana_Exception(':class is missing important static variables',array(':class'=>get_called_class()));
}
/**
* Add an item to be rendered
*
* @param array Item to be added
*/
public static function add($item,$prepend=FALSE) {
foreach (static::$_required_keys as $key)
if (! isset($item[$key]))
throw new Kohana_Exception('Missing key :key for image',array(':key'=>$key));
// Check for unique keys
if (static::$_unique_vals)
foreach (static::$_unique_vals as $v=>$u)
foreach (static::$_data as $d)
if (isset($d[$u]) && $d['data'] == $item['data'])
return;
if ($prepend)
array_unshift(static::$_data,$item);
else
array_push(static::$_data,$item);
}
/**
* Set the space used between rendering output
*/
public static function setSpacer($spacer) {
static::$_spacer = $spacer;
}
/**
* Set the Kohana Media Path, used to determine where to find additional
* HTML content required for rendering.
*/
public static function setMediaPath($path) {
static::$_media_path = $path;
}
/**
* Factory instance method must be declared by the child class
*/
public static function factory() {
throw new Kohana_Exception(':class is calling :method, when it should have its own method',
array(':class'=>get_called_class(),':method'=>__METHOD__));
}
/**
* Return the HTML to render the header images
*/
public function __toString() {
try {
return static::render();
}
// Display the exception message
catch (Exception $e) {
Kohana_Exception::handler($e);
}
}
/**
* Rendering must be declared by the child class
*/
protected function render() {
throw new Kohana_Exception(':class is calling :method, when it should have its own method',
array(':class'=>get_called_class(),':method'=>__METHOD__));
}
}
?>

View File

@ -0,0 +1,34 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This is class is for all HTML page attributes.
*
* @package PLA
* @subpackage Page
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Meta {
private $_data = array();
private $_array_keys = array();
public function __get($key) {
if (in_array($key,$this->_array_keys) && empty($this->_data[$key]))
return array();
if (empty($this->_data[$key]))
return null;
else
return $this->_data[$key];
}
public function __set($key,$value) {
if (in_array($key,$this->_array_keys) && ! is_array($value))
throw new Kohana_Exception('Key :key must be an array',array(':key'=>$key));
$this->_data[$key] = $value;
}
}
?>

View File

@ -0,0 +1,53 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class is for rendering HTML script tags
*
* @package PLA
* @subpackage Page
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Script extends HTMLRender {
protected static $_data = array();
protected static $_spacer = "\n";
protected static $_required_keys = array('type','data');
protected static $_unique_vals = array('file'=>'type');
/**
* Return an instance of this class
*
* @return Script
*/
public static function factory() {
return new Script;
}
/**
* Render the script tag
*
* @see HTMLRender::render()
*/
protected function render() {
$foutput = $soutput = '';
$mediapath = Route::get(static::$_media_path);
foreach (static::$_data as $value) {
switch ($value['type']) {
case 'file':
$foutput .= HTML::script($mediapath->uri(array('file'=>$value['data'])));
break;
case 'stdin':
$soutput .= sprintf("<script type=\"text/javascript\">//<![CDATA[\n%s\n//]]></script>",$value['data']);
break;
default:
throw new Kohana_Exception('Unknown style type :type',array(':type'=>$value['type']));
}
}
return $foutput.static::$_spacer.$soutput;
}
}
?>

View File

@ -0,0 +1,54 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class is for rendering HTML style tags
*
* @package PLA
* @subpackage Page
* @category Helpers
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
abstract class PLA_Style extends HTMLRender {
protected static $_data = array();
protected static $_spacer = "\n";
protected static $_required_keys = array('type','data');
protected static $_unique_vals = array('file'=>'type');
/**
* Return an instance of this class
*
* @return Style
*/
public static function factory() {
return new Style;
}
/**
* Render the style tag
*
* @see HTMLRender::render()
*/
protected function render() {
$foutput = $soutput = '';
$mediapath = Route::get(static::$_media_path);
foreach (static::$_data as $value) {
switch ($value['type']) {
case 'file':
$foutput .= HTML::style($mediapath->uri(array('file'=>$value['data'])),
array('media'=>(! empty($value['media'])) ? $value['media'] : 'screen'),TRUE);
break;
case 'stdin':
$soutput .= sprintf("<style type=\"text/css\">%s</style>",$value['data']);
break;
default:
throw new Kohana_Exception('Unknown style type :type',array(':type'=>$value['type']));
}
}
return $foutput.static::$_spacer.$soutput;
}
}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Script extends PLA_Script {}
?>

View File

@ -0,0 +1,4 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
class Style extends PLA_Style {}
?>

View File

@ -0,0 +1,21 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* OSB authentication configuration
*
* @package PLA
* @category Configuration
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
return array(
'driver' => 'LDAP',
// 'hash_method' => '',
'hash_key' => '', // LDAP passwords should be cleartext
'lifetime' => 1209600,
// 'session_key' => 'auth_user',
// 'forced_key' => 'auth_forced',
);
?>

View File

@ -0,0 +1,24 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* PLA Configuration - System Default Configurable Items.
*
* @package PLA
* @subpackage System
* @category Configuration
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
return array(
// Our application name, as shown in the title bar of pages
'appname' => 'phpLDAPadmin - LDAP Administration',
// Our mode level (PRODUCTION, STAGING, TESTING, DEVELOPMENT) - see [Kohana]
'mode' => Kohana::PRODUCTION,
'site' => array(
'name'=>'phpLDAPadmin',
),
// Our custom theme
'theme' => 'original',
);
?>

View File

@ -0,0 +1,70 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* PLA Configuration - LDAP Server Definitions
*
* @package PLA
* @subpackage System
* @category Configuration
* @author Deon George
* @copyright (c) phpLDAPadmin Development Team
* @license http://dev.phpldapadmin.org/license.html
*/
return array
(
'default' => array
(
'type' => 'ldap',
'connection' => array(
/**
* The following options are available for MySQL:
*
* string hostname server hostname, or socket
* string database database name
* string username database username
* string password database password
* boolean persistent use persistent connections?
*
* Ports and sockets may be appended to the hostname.
*/
'hostname' => 'localhost',
'database' => 'kohana',
'username' => FALSE,
'password' => FALSE,
'persistent' => FALSE,
),
'table_prefix' => '',
'charset' => 'utf8',
'caching' => FALSE,
'profiling' => TRUE,
'login_attr'=>'uid',
),
'alternate' => array(
'type' => 'pdo',
'connection' => array(
/**
* The following options are available for PDO:
*
* string dsn Data Source Name
* string username database username
* string password database password
* boolean persistent use persistent connections?
*/
'dsn' => 'mysql:host=localhost;dbname=kohana',
'username' => 'root',
'password' => 'r00tdb',
'persistent' => FALSE,
),
/**
* The following extra options are available for PDO:
*
* string identifier set the escaping identifier
*/
'table_prefix' => '',
'charset' => 'utf8',
'caching' => FALSE,
'profiling' => TRUE,
),
);