LdapUserBackend: Fetch and interpret the correct attributes (OpenLDAP)
refs #8826
This commit is contained in:
Johannes Meyer
parent
d1a5321d02
commit
601b720a03
|
|
@ -262,9 +262,11 @@ class LdapUserBackend extends Repository implements UserBackendInterface
|
||||||
$createdAtAttribute = 'whenCreated';
|
$createdAtAttribute = 'whenCreated';
|
||||||
$lastModifiedAttribute = 'whenChanged';
|
$lastModifiedAttribute = 'whenChanged';
|
||||||
} else {
|
} else {
|
||||||
$isActiveAttribute = 'unknown';
|
// TODO(jom): Elaborate whether it is possible to add dynamic support for the ppolicy
|
||||||
$createdAtAttribute = 'unknown';
|
$isActiveAttribute = 'shadowExpire';
|
||||||
$lastModifiedAttribute = 'unknown';
|
|
||||||
|
$createdAtAttribute = 'createTimestamp';
|
||||||
|
$lastModifiedAttribute = 'modifyTimestamp';
|
||||||
}
|
}
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
|
|
@ -293,17 +295,15 @@ class LdapUserBackend extends Repository implements UserBackendInterface
|
||||||
|
|
||||||
if ($this->ds->getCapabilities()->hasAdOid()) {
|
if ($this->ds->getCapabilities()->hasAdOid()) {
|
||||||
$stateConverter = 'user_account_control';
|
$stateConverter = 'user_account_control';
|
||||||
$timeConverter = 'generalized_time';
|
|
||||||
} else {
|
} else {
|
||||||
$timeConverter = null;
|
$stateConverter = 'shadow_expire';
|
||||||
$stateConverter = null;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
$this->userClass => array(
|
$this->userClass => array(
|
||||||
'is_active' => $stateConverter,
|
'is_active' => $stateConverter,
|
||||||
'created_at' => $timeConverter,
|
'created_at' => 'generalized_time',
|
||||||
'last_modified' => $timeConverter
|
'last_modified' => 'generalized_time'
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
@ -342,6 +342,9 @@ class LdapUserBackend extends Repository implements UserBackendInterface
|
||||||
($dateTime = DateTime::createFromFormat('YmdHis.uO', $value)) !== false
|
($dateTime = DateTime::createFromFormat('YmdHis.uO', $value)) !== false
|
||||||
|| ($dateTime = DateTime::createFromFormat('YmdHis.uZ', $value)) !== false
|
|| ($dateTime = DateTime::createFromFormat('YmdHis.uZ', $value)) !== false
|
||||||
|| ($dateTime = DateTime::createFromFormat('YmdHis.u', $value)) !== false
|
|| ($dateTime = DateTime::createFromFormat('YmdHis.u', $value)) !== false
|
||||||
|
|| ($dateTime = DateTime::createFromFormat('YmdHis', $value)) !== false
|
||||||
|
|| ($dateTime = DateTime::createFromFormat('YmdHi', $value)) !== false
|
||||||
|
|| ($dateTime = DateTime::createFromFormat('YmdH', $value)) !== false
|
||||||
) {
|
) {
|
||||||
return $dateTime->getTimeStamp();
|
return $dateTime->getTimeStamp();
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -353,6 +356,25 @@ class LdapUserBackend extends Repository implements UserBackendInterface
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return whether the given shadowExpire value defines that a user is permitted to login
|
||||||
|
*
|
||||||
|
* @param string|null $value
|
||||||
|
*
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
protected function retrieveShadowExpire($value)
|
||||||
|
{
|
||||||
|
if ($value === null) {
|
||||||
|
return $value;
|
||||||
|
}
|
||||||
|
|
||||||
|
$now = new DateTime();
|
||||||
|
$bigBang = clone $now;
|
||||||
|
$bigBang->setTimestamp(0);
|
||||||
|
return ((int) $value) >= $bigBang->diff($now)->days;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Probe the backend to test if authentication is possible
|
* Probe the backend to test if authentication is possible
|
||||||
*
|
*
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue