tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-28 08:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '1643-login-con-administrador-en-ldap-para-realizar-acciones-dev' into 'develop'

Browse Source 
Added code to login with admin ldap user

See merge request artica/pandorafms!1119
This commit is contained in:
vgilc 2017-11-29 13:24:01 +01:00
commit 6ecc9f524c
3 changed files with 66 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pandora_console/godmode/setup/setup_auth.php
View File

@ -106,6 +106,18 @@ if (is_ajax ()) {
$row['name'] = __('Login attribute'); $row['name'] = __('Login attribute');
$row['control'] = html_print_input_text ('ldap_login_attr', $config['ldap_login_attr'], '', 60, 100, true); $row['control'] = html_print_input_text ('ldap_login_attr', $config['ldap_login_attr'], '', 60, 100, true);
$table->data['ldap_login_attr'] = $row; $table->data['ldap_login_attr'] = $row;
// Admin LDAP login
$row = array();
$row['name'] = __('Admin LDAP login');
$row['control'] = html_print_input_text ('ldap_admin_login', $config['ldap_admin_login'], '', 60, 100, true);
$table->data['ldap_admin_login'] = $row;
// Admin LDAP password
$row = array();
$row['name'] = __('Admin LDAP password');
$row['control'] = html_print_input_password ('ldap_admin_pass', $config['ldap_admin_pass'], $alt = '', 60, 100, true);
$table->data['ldap_admin_pass'] = $row;
break; break;
case 'pandora': case 'pandora':

42
pandora_console/include/auth/mysql.php
View File

@ -689,6 +689,20 @@ function ldap_process_user_login ($login, $password) {
} }
} }
$correct_admin_bind = true;
if ($config['ldap_admin_login'] != "" && $config['ldap_admin_pass'] != "") {
if (!@ldap_bind($ds, io_safe_output($config['ldap_admin_login']), $config['ldap_admin_pass'])) {
$correct_admin_bind = false;
}
}
if (!$correct_admin_bind) {
$config["auth_error"] = 'Admin ldap connection fail';
@ldap_close ($ds);
return false;
}
$dc = io_safe_output($config["ldap_base_dn"]); $dc = io_safe_output($config["ldap_base_dn"]);
#Search group of this user it belong. #Search group of this user it belong.
@ -771,6 +785,20 @@ function get_ldap_login_attr ($login) {
case 'email': case 'email':
$dc = io_safe_output($config["ldap_base_dn"]); $dc = io_safe_output($config["ldap_base_dn"]);
$correct_admin_bind = true;
if ($config['ldap_admin_login'] != "" && $config['ldap_admin_pass'] != "") {
if (!@ldap_bind($ds, io_safe_output($config['ldap_admin_login']), $config['ldap_admin_pass'])) {
$correct_admin_bind = false;
}
}
if (!$correct_admin_bind) {
$config["auth_error"] = 'Admin ldap connection fail';
@ldap_close ($ds);
return false;
}
$filter="(" . $config['ldap_login_attr'] . "=" . io_safe_output($id_user) . ")"; $filter="(" . $config['ldap_login_attr'] . "=" . io_safe_output($id_user) . ")";
$justthese = array("mail"); $justthese = array("mail");
@ -859,6 +887,20 @@ function prepare_permissions_groups_of_user_ldap ($id_user, $password,
$dc = io_safe_output($config["ldap_base_dn"]); $dc = io_safe_output($config["ldap_base_dn"]);
$correct_admin_bind = true;
if ($config['ldap_admin_login'] != "" && $config['ldap_admin_pass'] != "") {
if (!@ldap_bind($ds, io_safe_output($config['ldap_admin_login']), $config['ldap_admin_pass'])) {
$correct_admin_bind = false;
}
}
if (!$correct_admin_bind) {
$config["auth_error"] = 'Admin ldap connection fail';
@ldap_close ($ds);
return false;
}
#Search group of this user it belong. #Search group of this user it belong.
$filter="(" . $config['ldap_login_attr'] . "=" . io_safe_output($id_user) . ")"; $filter="(" . $config['ldap_login_attr'] . "=" . io_safe_output($id_user) . ")";
$justthese = array("objectclass=group"); $justthese = array("objectclass=group");

12
pandora_console/include/functions_config.php
View File

@ -343,6 +343,10 @@ function config_update_config () {
$error_update[] = __('Base DN'); $error_update[] = __('Base DN');
if (!config_update_value ('ldap_login_attr', get_parameter ('ldap_login_attr'))) if (!config_update_value ('ldap_login_attr', get_parameter ('ldap_login_attr')))
$error_update[] = __('Login attribute'); $error_update[] = __('Login attribute');
if (!config_update_value ('ldap_admin_login', get_parameter ('ldap_admin_login')))
$error_update[] = __('Admin LDAP login');
if (!config_update_value ('ldap_admin_pass', get_parameter ('ldap_admin_pass')))
$error_update[] = __('Admin LDAP password');
if (!config_update_value ('fallback_local_auth', get_parameter ('fallback_local_auth'))) if (!config_update_value ('fallback_local_auth', get_parameter ('fallback_local_auth')))
$error_update[] = __('Fallback to local authentication'); $error_update[] = __('Fallback to local authentication');
if (!config_update_value ('ldap_login_user_attr', get_parameter ('ldap_login_user_attr'))) if (!config_update_value ('ldap_login_user_attr', get_parameter ('ldap_login_user_attr')))
@ -1359,6 +1363,14 @@ function config_process_config () {
config_update_value ( 'ldap_login_attr', 'uid'); config_update_value ( 'ldap_login_attr', 'uid');
} }
if (!isset ($config['ldap_admin_login'])) {
config_update_value ( 'ldap_admin_login', '');
}
if (!isset ($config['ldap_admin_pass'])) {
config_update_value ( 'ldap_admin_pass', '');
}
if (!isset ($config['fallback_local_auth'])) { if (!isset ($config['fallback_local_auth'])) {
config_update_value ( 'fallback_local_auth', '0'); config_update_value ( 'fallback_local_auth', '0');
} }