We are getting the login creditentials from our LDAP server and the submitted by field is automatically populated from the username field, is there a way to display the full name instead? How can this be done?
It is possible, but would need modification to the MRBS code to do this. It's not very difficult, but unfortunately I'm not an LDAP expert and don't have an LDAP server to test against. What's needed is a function in auth_ldap.inc to get the user's common name ...
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
diff -r ff5095ce9b5e web/auth/auth_ldap.inc--- a/web/auth/auth_ldap.inc Wed Jan 31 11:56:25 2018 +0000+++ b/web/auth/auth_ldap.inc Mon Feb 05 18:50:54 2018 +0000@@ -573,6 +573,77 @@
return $user_levels[$user];
}
+/* authLdapGetName($user)+ * + * Gets the name of the user from LDAP+ * + * $user - The user name+ * + * Returns:+ * The user's name or ''+ */+function authLdapGetName($user)+{+ $name = '';+ $object = array();++ $res = authLdapAction("authLdapGetNameCallback", $user, $object);++ if ($res)+ {+ $name = $object['name'];+ }+ return $name;+}+++/* authLdapGetNameCallback(&$ldap, $base_dn, $dn, $user_search,+ $user, &$object)+ * + * Get the name of a found user+ *+ * &$ldap - Reference to the LDAP object+ * $base_dn - The base DN+ * $dn - The user's DN+ * $user_search - The LDAP filter to find the user+ * $user - The user name+ * &$object - Reference to the generic object+ * + * Returns:+ * false - Didn't find a user+ * true - Found a user+ */+function authLdapGetNameCallback(&$ldap, $base_dn, $dn, $user_search,+ $user, &$object)+{+ $name_attrib = $object['config']['ldap_name_attrib'];++ authLdapDebug("authLdapGetNameCallback: base_dn '$base_dn' dn '$dn' ".+ "user_search '$user_search' user '$user'");++ if ($ldap && $base_dn && $dn && $user_search)+ {+ $res = @ldap_read(+ $ldap,+ $dn,+ "(objectclass=*)",+ array(utf8_strtolower($name_attrib))+ );+ if (@ldap_count_entries($ldap, $res) > 0)+ {+ authLdapDebug("authLdapGetNameCallback: search successful");+ $entries = ldap_get_entries($ldap, $res);+ $object['name'] = $entries[0][utf8_strtolower($name_attrib)][0];++ authLdapDebug("authLdapGetNameCallback: name is '".+ $object['name']."'");+ + return true;+ }+ }+ return false;+}+
// Check if the user is an admin
function authLdapIsAdmin($user)
diff -r ff5095ce9b5e web/edit_entry.php--- a/web/edit_entry.php Wed Jan 31 11:56:25 2018 +0000+++ b/web/edit_entry.php Mon Feb 05 18:50:54 2018 +0000@@ -900,6 +900,14 @@
$edit_type = "series";
$name = "";
$create_by = $user;
+ if ($auth["type"] == 'ldap')+ {+ $name = authLdapGetName($user);+ if ($name != '')+ {+ $create_by = $name;+ }+ }
$description = $default_description;
$type = (empty($is_mandatory_field['entry.type'])) ? $default_type : '';
$room_id = $room;
diff -r ff5095ce9b5e web/systemdefaults.inc.php--- a/web/systemdefaults.inc.php Wed Jan 31 11:56:25 2018 +0000+++ b/web/systemdefaults.inc.php Mon Feb 05 18:50:54 2018 +0000@@ -810,6 +810,9 @@
// The LDAP attribute which holds a user's email address
// This can be an array.
$ldap_email_attrib = 'mail';
+// The LDAP attribute which holds a user's name+// This can be an array.+$ldap_name_attrib = 'displayName';
// The DN of the LDAP group that MRBS admins must be in. If this is defined
// then the $auth["admin"] is not used.
This is untested.
Last edit: John Beranek 2018-02-05
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I have just tested the code above in the 3 pages this morning and unfortunatelly the edit_entry.php page came up blank. Could it ve related to the version I'm using? MRBS 1.4.8?
Thanks again.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If it's just the edit_entry page, then it's probably nothing to do with the LDAP changes. What is the error message in your PHP error log? If you don't know where that is then add the following lines, temporarily, to the bottom of internalconfig.inc.php:
Ah, I see one problem, though it's not the problem causing the error above. In edit_entry.php at line 906 there is the code:
// It is a new booking. The data comes from whichever button the user clicked $edit_type = "series"; $name = ""; if ($auth["type"] == 'ldap') { $name = authLdapGetName($user); if ($name != '') { $create_by = $name; } }
A couple of points:
(1) $name in edit_entry. php is a bit confusing. It refers to the brief description and not the name of the booker. So the line $name = authLdapGetName($user) will set the brief description to the name of the booker. But maybe that's what you want?
(2) I don't think it's a good idea to set $create_by to the full name of the booker. I think you should keep the username in the database and then convert the username to the full name whenever you want to display it, eg in view_entry. There are lots of good reasons for using the username rather than the full name in the database, but two are: (a) your existing entries have the username and (b) you won't be able to do things such as get a user's email address if you don't have the username.
So, in summary, I don't think you should be making any changes to edit_entry.php (unless you want the brief description to be the user's name).
The notice error above is caused by something else though, but I still don't understand why it causes a blank screen. I'll have a think about it.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thanks Campbell. So what you are telling me is that I shouldn't make any changes in the edit_entry.php page but keep the other changes in the other two files? Will this capture the user's Full name? How will it be included in the confirmation email if we kept the create_by valus as the username?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Sorry, I've just seen that the edit_entry changes come from the diff above. But, yes, I wouldn't make any changes to edit_entry.php. You will get the user's full name by modifying functions_mail.inc and translating the usename to the full name. But it'll be easier to test the LDAP code by modifying view_entry first. I'll think about what to change.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
One other comment: the <img> and other HTML code right at the top of edit_entry.php is going to cause all sorts of problems, as you are outputting HTML before the PHP headers have been sent. This code should be output later, but while you are debugging this problem I would take it out altogether.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
To get the full name in view_entry.php you need to change the block of code at line 69 in functions_view.inc from
switch ($key) { case 'name': case 'description': case 'create_by': case 'room_name': case 'area_name': case 'type': case 'room_id':
to
switch ($key) { case 'create_by': $data[$key] = ($keep_private && $is_private_field["entry.$key"]) ? $private_text : authLdapGetName($data[$key]); break; case 'name': case 'description': case 'room_name': case 'area_name': case 'type': case 'room_id':
Can you try that and see if you get the full name in view_entry?
Last edit: Campbell Morrison 2018-02-07
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Any chance I can get help with this? Thanks.
It is possible, but would need modification to the MRBS code to do this. It's not very difficult, but unfortunately I'm not an LDAP expert and don't have an LDAP server to test against. What's needed is a function in auth_ldap.inc to get the user's common name ...
Thanks Campbell. Can you help with what's needed in "auth_ldap.inc"? or what do I need to change there?
Sorry, as I say, I'm not an LDAP expert and don't have a server to test against. If I knew what to change I'd have done it for you.
This diff might do the job
This is untested.
Last edit: John Beranek 2018-02-05
Note, I fixed the diff above, after I noticed a function was named incorrectly.
Thank you so much John. Will test it today and let you know.
Mona
Hi John,
I have just tested the code above in the 3 pages this morning and unfortunatelly the edit_entry.php page came up blank. Could it ve related to the version I'm using? MRBS 1.4.8?
Thanks again.
If it's just the edit_entry page, then it's probably nothing to do with the LDAP changes. What is the error message in your PHP error log? If you don't know where that is then add the following lines, temporarily, to the bottom of internalconfig.inc.php:
Thanks Campbell. This is the error I got:
Notice: Undefined index: ldap_name_attrib in auth_ldap.inc on line 340
Can you post your auth_ldap.inc here as an attachment please?
I don't think that error would cause a blank page though. Was that definitely when you were running edit_entry.php?
Yes, sure it was a blank page with the error I sent at the top when I added the error reporting part to internalconfig.inc.php. File is attached.
Thanks. Sorry, could you also post your edit_entry.php please?
Sure. Thanks for your help.
Ah, I see one problem, though it's not the problem causing the error above. In edit_entry.php at line 906 there is the code:
A couple of points:
(1)
$name
in edit_entry. php is a bit confusing. It refers to the brief description and not the name of the booker. So the line$name = authLdapGetName($user)
will set the brief description to the name of the booker. But maybe that's what you want?(2) I don't think it's a good idea to set
$create_by
to the full name of the booker. I think you should keep the username in the database and then convert the username to the full name whenever you want to display it, eg in view_entry. There are lots of good reasons for using the username rather than the full name in the database, but two are: (a) your existing entries have the username and (b) you won't be able to do things such as get a user's email address if you don't have the username.So, in summary, I don't think you should be making any changes to edit_entry.php (unless you want the brief description to be the user's name).
The notice error above is caused by something else though, but I still don't understand why it causes a blank screen. I'll have a think about it.
Thanks Campbell. So what you are telling me is that I shouldn't make any changes in the edit_entry.php page but keep the other changes in the other two files? Will this capture the user's Full name? How will it be included in the confirmation email if we kept the create_by valus as the username?
Sorry, I've just seen that the edit_entry changes come from the diff above. But, yes, I wouldn't make any changes to edit_entry.php. You will get the user's full name by modifying functions_mail.inc and translating the usename to the full name. But it'll be easier to test the LDAP code by modifying view_entry first. I'll think about what to change.
One other comment: the
<img>
and other HTML code right at the top of edit_entry.php is going to cause all sorts of problems, as you are outputting HTML before the PHP headers have been sent. This code should be output later, but while you are debugging this problem I would take it out altogether.To get the full name in view_entry.php you need to change the block of code at line 69 in functions_view.inc from
to
Can you try that and see if you get the full name in view_entry?
Last edit: Campbell Morrison 2018-02-07
This is the code I changed. I'm not sure how can I get Full name in edit_entry.php?
switch( $key )
{
case 'create_by':
$data[$key] = ($keep_private && $is_private_field["entry.$key"]) ? $private_text : authLdapGetName($data[$key]);
break;
case 'name':
create_field_entry_name();
break;
case 'description':
create_field_entry_description();
break;
Sorry - I forgot to say that the change above applies to functions_view.inc. I have now edited the post,
Last edit: Campbell Morrison 2018-02-07
I applied the changes to functions_view.inc. How can I check?
I think you also need to make the following change in auth_ldap.inc. Change the code at line 53 from
to
in other words, add in
'ldap_name_attrib'
.Done. How can I test it?
View an existing entry in view_entry.php. See if you get the full name.