Merge branch 'master' of git@github.com:gallery/gallery3-contrib
This commit is contained in:
commit
59d74c5896
@ -1,28 +0,0 @@
|
|||||||
<?php defined("SYSPATH") or die("No direct script access.");
|
|
||||||
/**
|
|
||||||
* Gallery - a web based photo album viewer and editor
|
|
||||||
* Copyright (C) 2000-2009 Bharat Mediratta
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify
|
|
||||||
* it under the terms of the GNU General Public License as published by
|
|
||||||
* the Free Software Foundation; either version 2 of the License, or (at
|
|
||||||
* your option) any later version.
|
|
||||||
*
|
|
||||||
* This program is distributed in the hope that it will be useful, but
|
|
||||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
||||||
* General Public License for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU General Public License
|
|
||||||
* along with this program; if not, write to the Free Software
|
|
||||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
|
||||||
*/
|
|
||||||
$config = array(
|
|
||||||
"groups" => array("eng", "google", "prebuild", "guest"),
|
|
||||||
"everybody_group" => "guest",
|
|
||||||
"registered_users_group" => "google",
|
|
||||||
"admins" => array("mediratta"),
|
|
||||||
"url" => "ldaps://ldap.corp.google.com/",
|
|
||||||
"group_domain" => "ou=Posix,ou=Groups,dc=google,dc=com",
|
|
||||||
"user_domain" => "ou=People,dc=google,dc=com",
|
|
||||||
);
|
|
@ -21,19 +21,18 @@ class ldap_installer {
|
|||||||
static function install() {
|
static function install() {
|
||||||
module::set_version("ldap", 1);
|
module::set_version("ldap", 1);
|
||||||
$root = item::root();
|
$root = item::root();
|
||||||
foreach (identity::groups() as $group) {
|
$ldap_provider = new IdentityProvider("ldap");
|
||||||
|
foreach ($ldap_provider->groups() as $group) {
|
||||||
module::event("group_created", $group);
|
module::event("group_created", $group);
|
||||||
access::allow($group, "view", $root);
|
access::allow($group, "view", $root);
|
||||||
access::allow($group, "view_full", $root);
|
access::allow($group, "view_full", $root);
|
||||||
}
|
}
|
||||||
// Let the admin own everything
|
|
||||||
$admin = identity::admin_user();
|
|
||||||
Database::instance()->query("UPDATE {items} SET owner_id = {$admin->id}");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static function uninstall() {
|
static function uninstall() {
|
||||||
// Delete all groups so that we give other modules an opportunity to clean up
|
// Delete all groups so that we give other modules an opportunity to clean up
|
||||||
foreach (identity::groups() as $group) {
|
$ldap_provider = new IdentityProvider("ldap");
|
||||||
|
foreach ($ldap_provider->groups() as $group) {
|
||||||
module::event("group_deleted", $group);
|
module::event("group_deleted", $group);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -42,9 +42,11 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
|
|||||||
self::$_guest_user = new Ldap_User();
|
self::$_guest_user = new Ldap_User();
|
||||||
self::$_guest_user->id = 0;
|
self::$_guest_user->id = 0;
|
||||||
self::$_guest_user->name = "Guest";
|
self::$_guest_user->name = "Guest";
|
||||||
|
self::$_guest_user->full_name = "Guest";
|
||||||
self::$_guest_user->guest = true;
|
self::$_guest_user->guest = true;
|
||||||
self::$_guest_user->admin = false;
|
self::$_guest_user->admin = false;
|
||||||
self::$_guest_user->locale = null;
|
self::$_guest_user->locale = null;
|
||||||
|
self::$_guest_user->email = null;
|
||||||
self::$_guest_user->groups = array($this->everybody());
|
self::$_guest_user->groups = array($this->everybody());
|
||||||
}
|
}
|
||||||
return self::$_guest_user;
|
return self::$_guest_user;
|
||||||
@ -70,7 +72,7 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
|
|||||||
public function is_correct_password($user, $password) {
|
public function is_correct_password($user, $password) {
|
||||||
$connection = ldap_connect(self::$_params["url"]);
|
$connection = ldap_connect(self::$_params["url"]);
|
||||||
ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
|
ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||||
$lbind = ldap_bind($connection, $user->dn, $password);
|
$lbind = @ldap_bind($connection, $user->dn, $password);
|
||||||
ldap_unbind($connection);
|
ldap_unbind($connection);
|
||||||
|
|
||||||
return ($lbind) ? true : false;
|
return ($lbind) ? true : false;
|
||||||
@ -80,10 +82,12 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver {
|
|||||||
* @see IdentityProvider_Driver::lookup_user.
|
* @see IdentityProvider_Driver::lookup_user.
|
||||||
*/
|
*/
|
||||||
public function lookup_user($id) {
|
public function lookup_user($id) {
|
||||||
|
if ($id == 0) {
|
||||||
|
return $this->guest();
|
||||||
|
}
|
||||||
$result = ldap_search(self::$_connection, self::$_params["user_domain"], "uidNumber=$id");
|
$result = ldap_search(self::$_connection, self::$_params["user_domain"], "uidNumber=$id");
|
||||||
$entries = ldap_get_entries(self::$_connection, $result);
|
$entries = ldap_get_entries(self::$_connection, $result);
|
||||||
if ($entries["count"] > 0) {
|
if ($entries["count"] > 0) {
|
||||||
$cn_entry = ldap_get_values(self::$_connection, $entry_id, "cn");
|
|
||||||
return new Ldap_User($entries[0]);
|
return new Ldap_User($entries[0]);
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
@ -226,32 +230,46 @@ class Ldap_User implements User_Definition {
|
|||||||
|
|
||||||
public function __get($key) {
|
public function __get($key) {
|
||||||
switch($key) {
|
switch($key) {
|
||||||
case "name":
|
case "name":
|
||||||
return $this->ldap_entry["uid"][0];
|
return $this->ldap_entry["uid"][0];
|
||||||
|
|
||||||
case "guest":
|
case "guest":
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
case "id":
|
case "id":
|
||||||
return $this->ldap_entry["uidnumber"][0];
|
return $this->ldap_entry["uidnumber"][0];
|
||||||
|
|
||||||
case "groups":
|
case "groups":
|
||||||
return IdentityProvider_Ldap_Driver::groups_for($this);
|
return IdentityProvider_Ldap_Driver::groups_for($this);
|
||||||
|
|
||||||
case "locale": // @todo
|
case "locale": // @todo
|
||||||
return null;
|
return null;
|
||||||
|
|
||||||
case "admin":
|
case "admin":
|
||||||
return in_array($this->ldap_entry["uid"][0],
|
return in_array($this->ldap_entry["uid"][0],
|
||||||
IdentityProvider_Ldap_Driver::$_params["admins"]);
|
IdentityProvider_Ldap_Driver::$_params["admins"]);
|
||||||
|
|
||||||
case "dn":
|
case "email":
|
||||||
return $this->ldap_entry["dn"];
|
return $this->ldap_entry["mail"][0];
|
||||||
|
|
||||||
default:
|
case "full_name":
|
||||||
throw new Exception("@todo UNKNOWN_KEY ($key)");
|
return $this->ldap_entry["cn"][0];
|
||||||
|
|
||||||
|
case "dn":
|
||||||
|
return $this->ldap_entry["dn"];
|
||||||
|
|
||||||
|
case "url": // @todo
|
||||||
|
return null;
|
||||||
|
|
||||||
|
default:
|
||||||
|
throw new Exception("@todo UNKNOWN_KEY ($key)");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function avatar_url($size=80, $default=null) {
|
||||||
|
return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s",
|
||||||
|
md5($this->email), $size, $default ? "&d=" . urlencode($default) : "");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class Ldap_Group implements Group_Definition {
|
class Ldap_Group implements Group_Definition {
|
||||||
|
Reference in New Issue
Block a user