diff --git a/app/Classes/LDAP/Attribute.php b/app/Classes/LDAP/Attribute.php index 82c22ef9..0e2c9380 100644 --- a/app/Classes/LDAP/Attribute.php +++ b/app/Classes/LDAP/Attribute.php @@ -16,7 +16,6 @@ class Attribute implements \Countable, \ArrayAccess { // Attribute Name protected string $name; - private int $counter = 0; // Is this attribute an internal attribute protected(set) bool $is_internal = FALSE; diff --git a/app/Classes/LDAP/Attribute/Factory.php b/app/Classes/LDAP/Attribute/Factory.php index 3d23fc9e..457f633b 100644 --- a/app/Classes/LDAP/Attribute/Factory.php +++ b/app/Classes/LDAP/Attribute/Factory.php @@ -52,6 +52,7 @@ class Factory 'supportedfeatures' => Schema\OID::class, 'supportedldapversion' => Schema\Generic::class, 'supportedsaslmechanisms' => Schema\Mechanisms::class, + 'usercertificate' => UserCertificate::class, 'userpassword' => Password::class, ]; diff --git a/app/Classes/LDAP/Attribute/UserCertificate.php b/app/Classes/LDAP/Attribute/UserCertificate.php new file mode 100644 index 00000000..eba299bb --- /dev/null +++ b/app/Classes/LDAP/Attribute/UserCertificate.php @@ -0,0 +1,52 @@ +values_old,'binary.'.$key)),80)) + ); + } + + public function cert_info(string $index,int $key=0): mixed + { + if (! array_key_exists($key,$this->_object)) + $this->_object[$key] = openssl_x509_parse(openssl_x509_read($this->certificate($key))); + + + return Arr::get($this->_object[$key],$index); + } + + public function expires($key=0): Carbon + { + return Carbon::createFromTimestampUTC($this->cert_info('validTo_time_t',$key)); + } + + public function render_item_old(string $dotkey): ?string + { + return join("\n",str_split(base64_encode(parent::render_item_old($dotkey)),80)); + } + + public function subject($key=0): string + { + $subject = collect($this->cert_info('subject',$key))->reverse(); + + return $subject->map(fn($item,$key)=>sprintf("%s=%s",$key,$item))->join(','); + } +} \ No newline at end of file diff --git a/app/Ldap/Entry.php b/app/Ldap/Entry.php index 741ee998..5eddd64f 100644 --- a/app/Ldap/Entry.php +++ b/app/Ldap/Entry.php @@ -389,7 +389,6 @@ class Entry extends Model fn($item)=> (! preg_match(sprintf('/^%s$/',self::TAG_NOTAG),$item)) && (! preg_match(sprintf('/^%s+$/',self::TAG_CHARS_LANG),$item)) - && (! preg_match('/^binary$/',$item)) ) ->count()) ) @@ -428,9 +427,17 @@ class Entry extends Model */ public function getVisibleAttributes(?string $tag=NULL): Collection { - return $this->objects - ->filter(fn($item)=>! $item->is_internal) - ->filter(fn($item)=>is_null($tag) || count($item->tagValues($tag)) > 0); + static $cache = NULL; + + if (is_null($cache)) { + $ot = $this->getOtherTags(); + + $cache = $this->objects + ->filter(fn($item)=>! $item->is_internal) + ->filter(fn($item)=>is_null($tag) || $ot->has($item->name_lc) || count($item->tagValues($tag)) > 0); + } + + return $cache; } public function hasAttribute(int|string $key): bool diff --git a/composer.json b/composer.json index ff2cc10d..eeb735db 100644 --- a/composer.json +++ b/composer.json @@ -7,6 +7,7 @@ "require": { "ext-fileinfo": "*", "ext-ldap": "*", + "ext-openssl": "*", "php": "^8.4", "directorytree/ldaprecord-laravel": "^3.0", "laravel/framework": "^11.9", diff --git a/resources/views/components/attribute/usercertificate.blade.php b/resources/views/components/attribute/usercertificate.blade.php new file mode 100644 index 00000000..41e37457 --- /dev/null +++ b/resources/views/components/attribute/usercertificate.blade.php @@ -0,0 +1,25 @@ + + + @foreach($o->tagValuesOld('binary') as $key => $value) + @if($edit) + + +
+ + +
+ @if($e=$errors->get($o->name_lc.'.'.$langtag.'.'.$loop->index)) + {{ join('|',$e) }} + @endif +
+
+
+ @lang('Certificate Subject'): {{ $o->subject($loop->index) }}
+ {{ ($expire=$o->expires($loop->index))->isPast() ? __('Expired') : __('Expires') }}: {{ $expire->format(config('pla.datetime_format','Y-m-d H:i:s')) }} +
+ + @else + 
{{ $o->render_item_old('binary.'.$key) }}
 + @endif + @endforeach + \ No newline at end of file diff --git a/resources/views/components/attribute/widget/options.blade.php b/resources/views/components/attribute/widget/options.blade.php index 75065534..f33b42ba 100644 --- a/resources/views/components/attribute/widget/options.blade.php +++ b/resources/views/components/attribute/widget/options.blade.php @@ -1,16 +1,12 @@ @use(App\Classes\LDAP\Attribute\Binary\JpegPhoto) @use(App\Classes\LDAP\Attribute\ObjectClass) +@use(App\Classes\LDAP\Attribute\UserCertificate) @php($clone=FALSE) @if($o->is_rdn) @elseif($edit && $o->can_addvalues) @switch(get_class($o)) - @case(JpegPhoto::class) - (! $new)]) id="{{ $o->name_lc }}" disabled> @lang('Upload JpegPhoto') - - @break - @case(ObjectClass::class) (! $new)]) data-bs-toggle="modal" data-bs-target="#new_objectclass-modal"> @lang('Add Objectclass') @@ -216,6 +212,36 @@ @append @break + @case(JpegPhoto::class) + (! $new)]) id="{{ $o->name }}-upload" disabled> @lang('Upload JpegPhoto') + @section('page-scripts') + + @append + @break + + @case(UserCertificate::class) + (! $new)]) id="{{ $o->name }}-replace" disabled> @lang('Replace Certificate') + @section('page-scripts') + + @append + @break + @default @php($clone=TRUE) diff --git a/resources/views/frames/dn.blade.php b/resources/views/frames/dn.blade.php index 6cd68ba2..02cd7223 100644 --- a/resources/views/frames/dn.blade.php +++ b/resources/views/frames/dn.blade.php @@ -54,7 +54,7 @@
- @if(($x=$o->getOtherTags())->count()) + @if(($x=$o->getOtherTags()->filter(fn($item)=>$item->diff(['binary'])->count()))->count())
This entry has [{!! $x->flatten()->join(', ') !!}] tags used by [{!! $x->keys()->join(', ') !!}] that cant be managed by PLA. You can though manage those tags with an LDIF import.