Menu
▾
▴
wpmu-ldap-commits — SVN Commits List
You can subscribe to this list here.
| 2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
(7) |
Jul
(5) |
Aug
(1) |
Sep
|
Oct
(1) |
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2009 |
Jan
|
Feb
(5) |
Mar
(9) |
Apr
(5) |
May
(3) |
Jun
(2) |
Jul
(9) |
Aug
(4) |
Sep
(1) |
Oct
(1) |
Nov
(1) |
Dec
|
| 2010 |
Jan
(5) |
Feb
(1) |
Mar
|
Apr
(1) |
May
(3) |
Jun
(5) |
Jul
(1) |
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
| 2011 |
Jan
|
Feb
(3) |
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <axe...@us...> - 2011-03-24 02:27:44
|
Revision: 122
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=122&view=rev
Author: axelseaa
Date: 2011-03-24 02:27:38 +0000 (Thu, 24 Mar 2011)
Log Message:
-----------
revision update
Modified Paths:
--------------
trunk/ldap/doc/README
Modified: trunk/ldap/doc/README
===================================================================
--- trunk/ldap/doc/README 2011-03-23 11:48:50 UTC (rev 121)
+++ trunk/ldap/doc/README 2011-03-24 02:27:38 UTC (rev 122)
@@ -5,7 +5,7 @@
License:
================================================================================
-LDAP-Authentication Plugin, v.3.1
+LDAP-Authentication Plugin, v.3.1.1
for WPMU 3.1.x
Copyright (C) 2010 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2011-03-23 11:48:56
|
Revision: 121
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=121&view=rev
Author: axelseaa
Date: 2011-03-23 11:48:50 +0000 (Wed, 23 Mar 2011)
Log Message:
-----------
fixed is_super_admin calls 3234877 - fixed ldap/local role setting not appearing on user profile page
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_adduser.functions.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
trunk/ldap_auth.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2011-02-25 05:41:17 UTC (rev 120)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2011-03-23 11:48:50 UTC (rev 121)
@@ -193,7 +193,7 @@
}
// Handle blog removal for various reasons
- if(is_super_admin($username) === false) {
+ if(is_super_admin($loginObj->ID) === false) {
if ($primary_blog = get_usermeta($loginObj->ID, "primary_blog")) {
$details = get_blog_details( $primary_blog );
if( is_object( $details ) && $details->archived == 1 || $details->spam == 1 || $details->deleted == 1 ) {
Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2011-02-25 05:41:17 UTC (rev 120)
+++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2011-03-23 11:48:50 UTC (rev 121)
@@ -107,7 +107,7 @@
if ($result[0]) {
wp_new_user_notification($result[1]);
ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username));
- } elseif ($ldapCreateLocalUser || is_super_admin($current_user->username)) {
+ } elseif ($ldapCreateLocalUser || is_super_admin()) {
?>
<div id='message' class='updated'>
<form method='post'>
@@ -135,7 +135,7 @@
} elseif ($_POST['addUserBulk']) {
// Check Access
$ldapBulkAdd = get_site_option('ldapBulkAdd');
- if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) {
+ if (is_super_admin() || ($ldapBulkAdd && is_admin())) {
$user = $_POST['user'];
$usernames = array();
if ( !empty($user['bulk_username']) ) {
@@ -177,7 +177,7 @@
} elseif ($_POST['addLocalUser']) {
check_admin_referer('add-local-user');
$ldapCreateLocalUser = get_site_option('ldapCreateLocalUser');
- if ($ldapCreateLocalUser || is_super_admin($current_user->username)) {
+ if ($ldapCreateLocalUser || is_super_admin()) {
$user = $_POST['user'];
if ( empty($user['username']) && empty($user['email']) ) {
wp_die( __("<p>Missing username and email.</p>") );
@@ -251,7 +251,7 @@
<!-- Bulk Add User -->
<?php
$ldapBulkAdd = get_site_option('ldapBulkAdd');
- if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) {
+ if (is_super_admin() || ($ldapBulkAdd && is_admin())) {
?>
<h2><?php _e('Add Bulk Users') ?></h2>
<p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk. The auto create blog for new users function will be disabled for bulk adds.</p>
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2011-02-25 05:41:17 UTC (rev 120)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2011-03-23 11:48:50 UTC (rev 121)
@@ -676,10 +676,7 @@
* @return null - does not actively return a value
*/
function ldap_addmenu() {
- $objCurrUser = wp_get_current_user();
- $objUser = wp_cache_get($objCurrUser->id, 'users');
-
- if (function_exists('add_submenu_page') && is_super_admin($objUser->user_login)) {
+ if (function_exists('add_submenu_page') && is_super_admin()) {
// does not use add_options_page, because it is site-wide configuration,
// not blog-specific config, but side-wide
add_submenu_page('settings.php', 'LDAP Options', 'LDAP Options', '', basename(__FILE__), 'ldapOptionsPanel');
@@ -828,7 +825,7 @@
<tr>
<th><?php _e('Account Authentication Type'); ?></th>
<td class="regular-text">
- <?php if (is_super_admin($current_user->username) && $user_id > 1) { ?>
+ <?php if (is_super_admin() && $user_id > 1) { ?>
<select name="ldapAccountType">
<option<?php if ($ldap_login == 'true') echo ' selected="selected"'; ?> value="LDAP"><?php _e('LDAP'); ?></option>
<option<?php if ($ldap_login != 'true') echo ' selected="selected"'; ?> value="Local"><?php _e('Local'); ?></option>
@@ -857,7 +854,7 @@
function wpmuUserFormLdapOptionUpdate() {
global $user_id, $current_user;
- if ($user_id == 1 || !is_super_admin($current_user->username))
+ if ($user_id == 1 || !is_super_admin())
return;
if ($_POST['ldapAccountType'] == 'LDAP')
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2011-02-25 05:41:17 UTC (rev 120)
+++ trunk/ldap_auth.php 2011-03-23 11:48:50 UTC (rev 121)
@@ -3,7 +3,7 @@
Plugin Name: LDAP Authentication Plug-in
Plugin URI: http://wpmuldap.tuxdocs.net
Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication.
-Version: 3.1
+Version: 3.1.1
Author: Aaron Axelsen (http://www.frozenpc.net)
Sean Wedig (http://www.thecodelife.net)
Dexter Arver
@@ -37,6 +37,8 @@
// Add radio buttons for switching individual users between LDAP accounts and non-LDAP accounts
add_action('edit_user_profile', 'wpmuUserFormLdapOption');
add_action('edit_user_profile_update', 'wpmuUserFormLdapOptionUpdate');
+ add_action('show_user_profile', 'wpmuUserFormLdapOption');
+ add_action('personal_options_update', 'wpmuUserFormLdapOptionUpdate');
// *** End Admin Config Functions *** //
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2011-02-25 05:41:24
|
Revision: 120
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=120&view=rev
Author: axelseaa
Date: 2011-02-25 05:41:17 +0000 (Fri, 25 Feb 2011)
Log Message:
-----------
tagging 3.1 release
Added Paths:
-----------
tags/wpmu-ldap_3.1/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2011-02-25 05:32:23
|
Revision: 119
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=119&view=rev
Author: axelseaa
Date: 2011-02-25 05:32:17 +0000 (Fri, 25 Feb 2011)
Log Message:
-----------
rev bump, doc update
Modified Paths:
--------------
trunk/ldap/doc/README
trunk/ldap_auth.php
Modified: trunk/ldap/doc/README
===================================================================
--- trunk/ldap/doc/README 2011-02-25 05:31:19 UTC (rev 118)
+++ trunk/ldap/doc/README 2011-02-25 05:32:17 UTC (rev 119)
@@ -5,8 +5,8 @@
License:
================================================================================
-LDAP-Authentication Plugin, v.3.0
-for WPMU 3.0.x
+LDAP-Authentication Plugin, v.3.1
+for WPMU 3.1.x
Copyright (C) 2010 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and
Sean Wedig, Aaron Axelsen
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2011-02-25 05:31:19 UTC (rev 118)
+++ trunk/ldap_auth.php 2011-02-25 05:32:17 UTC (rev 119)
@@ -3,7 +3,7 @@
Plugin Name: LDAP Authentication Plug-in
Plugin URI: http://wpmuldap.tuxdocs.net
Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication.
-Version: 3.0
+Version: 3.1
Author: Aaron Axelsen (http://www.frozenpc.net)
Sean Wedig (http://www.thecodelife.net)
Dexter Arver
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2011-02-25 05:31:25
|
Revision: 118
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=118&view=rev
Author: axelseaa
Date: 2011-02-25 05:31:19 +0000 (Fri, 25 Feb 2011)
Log Message:
-----------
changes for 3.1
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
trunk/ldap_auth.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-10-30 13:27:13 UTC (rev 117)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2011-02-25 05:31:19 UTC (rev 118)
@@ -83,6 +83,9 @@
do_action('wpmu_activate_blog', $blog_id, $user_id, $newUserPassword, $newUserName . "'s blog", $meta);
}
+
+ // Add user as subscriber to blog #1
+ wpmuUpdateBlogAccess($user_id);
return new WP_User($user_id);
}
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-10-30 13:27:13 UTC (rev 117)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2011-02-25 05:31:19 UTC (rev 118)
@@ -682,7 +682,7 @@
if (function_exists('add_submenu_page') && is_super_admin($objUser->user_login)) {
// does not use add_options_page, because it is site-wide configuration,
// not blog-specific config, but side-wide
- add_submenu_page('wpmu-admin.php', 'LDAP Authentication Options', 'LDAP Options', 9, basename(__FILE__), 'ldapOptionsPanel');
+ add_submenu_page('settings.php', 'LDAP Options', 'LDAP Options', '', basename(__FILE__), 'ldapOptionsPanel');
}
}
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2010-10-30 13:27:13 UTC (rev 117)
+++ trunk/ldap_auth.php 2011-02-25 05:31:19 UTC (rev 118)
@@ -4,13 +4,13 @@
Plugin URI: http://wpmuldap.tuxdocs.net
Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication.
Version: 3.0
-Author: Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/),
- Patrick Cavit (http://patcavit.com),
- Hugo Salgado (http://hugo.vulcano.cl),
- Alex Barker (http://www.callutheran.edu),
- Dexter Arver,
- Sean Wedig (http://www.thecodelife.net),
- Aaron Axelsen (http://www.frozenpc.net)
+Author: Aaron Axelsen (http://www.frozenpc.net)
+ Sean Wedig (http://www.thecodelife.net)
+ Dexter Arver
+ Alex Barker (http://www.callutheran.edu)
+ Hugo Salgado (http://hugo.vulcano.cl)
+ Patrick Cavit (http://patcavit.com)
+ Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/)
*/
// Includes
@@ -21,9 +21,11 @@
require_once("ldap/lib/wpmu_ldap_adduser.functions.php");
add_action('admin_init', 'ldap_addstylesheet');
-add_action('admin_menu', 'ldap_addmenu');
+add_action('network_admin_menu', 'ldap_addmenu');
add_action('admin_menu', 'ldap_addmenuuser');
+add_action('network_admin_menu', 'ldap_addmenuuser');
add_action('admin_menu', 'wpmuRemoveAddNewMenu');
+add_action('network_admin_menu', 'wpmuRemoveAddNewMenu');
define('LDAP_DEBUG_MODE',false);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-10-30 13:27:19
|
Revision: 117
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=117&view=rev
Author: axelseaa
Date: 2010-10-30 13:27:13 +0000 (Sat, 30 Oct 2010)
Log Message:
-----------
Fix for 3089734
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap_adduser.functions.php
Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-07-27 11:29:56 UTC (rev 116)
+++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-10-30 13:27:13 UTC (rev 117)
@@ -12,8 +12,8 @@
if (is_super_admin() ||
($ldapAddUser == 'enabled' || empty($ldapAddUser)) ||
($ldapBulkAdd && is_admin($current_user->username))) {
- add_submenu_page('wpmu-admin.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
- add_submenu_page('users.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
+ add_submenu_page('wpmu-admin.php', 'LDAP Add User', __('Add User'), 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
+ add_submenu_page('users.php', 'LDAP Add User', __('Add User'), 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
}
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-07-27 11:30:02
|
Revision: 116
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=116&view=rev
Author: axelseaa
Date: 2010-07-27 11:29:56 +0000 (Tue, 27 Jul 2010)
Log Message:
-----------
patched SSO and fixed registration include issue
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap_auth.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-21 02:36:08 UTC (rev 115)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-07-27 11:29:56 UTC (rev 116)
@@ -91,7 +91,7 @@
function wpmuLdapAuthenticate($ldapString, $loginUserName, $loginPassword) {
$errors = new WP_Error;
// Check that user is not flagged as a ldap account
- require ( ABSPATH . WPINC . '/registration.php' );
+ require_once ( ABSPATH . WPINC . '/registration.php' );
if ( username_exists($loginUserName) ) {
$loginObj = get_userdatabylogin($loginUserName);
$ldapMeta = get_usermeta($loginObj->ID,'ldap_login');
@@ -408,3 +408,10 @@
return $username;
}
+
+/*
+when in SSO mode we don.t need to forse a relog in so theis stops that
+*/
+function wpmuLdapSSODisableReauth($login_url){
+ return str_replace('&reauth=1','',$login_url);
+}
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2010-06-21 02:36:08 UTC (rev 115)
+++ trunk/ldap_auth.php 2010-07-27 11:29:56 UTC (rev 116)
@@ -51,7 +51,10 @@
// Authentication filters
add_action('authenticate', 'wpmuLdapUsernamePasswordAuthenticate', 25, 3);
add_filter('wp_authenticate_user', 'wpmuLdapCheckLdapMeta'); //disabled local login if ldap meta flag is set
- if (get_site_option('ldapSSOEnabled')) add_action('authenticate', 'wpmuLdapSSOAuthenticate', 40, 3);
+ if (get_site_option('ldapSSOEnabled')) {
+ add_action('authenticate', 'wpmuLdapSSOAuthenticate', 40, 3);
+ add_filter('login_url', 'wpmuLdapSSODisableReauth'); //removes reauth from login URL
+ }
// disable only for ldap accounts
add_filter('show_password_fields', 'wpmuLdapDisableLdapPassword');
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-06-21 02:36:14
|
Revision: 115
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=115&view=rev
Author: axelseaa
Date: 2010-06-21 02:36:08 +0000 (Mon, 21 Jun 2010)
Log Message:
-----------
added better error checking on add users screen
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_adduser.functions.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-20 05:26:28 UTC (rev 114)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-21 02:36:08 UTC (rev 115)
@@ -25,7 +25,7 @@
// Check to see if email already exists
if ( email_exists($ldapUserData[LDAP_INDEX_EMAIL]) )
- return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> is already associated with another account. All accounts (including the admin account) must have an unique email address.'),$ldapUserData[LDAP_INDEX_EMAIL]));
+ return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> (%s) is already associated with another account. All accounts (including the admin account) must have an unique email address.'),$ldapUserData[LDAP_INDEX_EMAIL],$newUserName));
// we don't actually care about the WP password (since it's LDAP), but we
// need one for WP database
@@ -249,9 +249,13 @@
return array( true, $user_id );
}
}
- if (wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $username,
+ $user = wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $username,
'ldapUserData' => $userDataArray,
- 'createBlog' => $createBlog))) {
+ 'createBlog' => $createBlog));
+ if ( is_wp_error($user) ) {
+ return $user;
+ }
+ if ( is_a($user, 'WP_User') ) {
if ( $user_id = username_exists($username) ) {
add_user_to_blog($blog_id, $user_id, $new_role);
@@ -265,7 +269,7 @@
}
return array ( true );
}
- return false;
+ return array( false );
}
/**
Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-06-20 05:26:28 UTC (rev 114)
+++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-06-21 02:36:08 UTC (rev 115)
@@ -47,19 +47,34 @@
?>
<div id="message" class="error fade"><p>
<?php
- switch ($action) {
- case 'exists':
- printf(__('User %s exists!'),$user);
- break;
- case 'notfound':
- printf(__('User %s not found in LDAP Directory!'),$user);
- break;
- case 'add':
- printf(__('Error adding user %s!'),$user);
- break;
- default:
- _e('Error!');
- break;
+ if (is_wp_error($error)) {
+ $wp_error = $error;
+ if ( $wp_error->get_error_code() ) {
+ $errors = '';
+ $messages = '';
+ foreach ( $wp_error->get_error_codes() as $code ) {
+ $severity = $wp_error->get_error_data($code);
+ foreach ( $wp_error->get_error_messages($code) as $error ) {
+ $errors .= ' ' . $error . "<br />\n";
+ }
+ }
+ if ( !empty($errors) ) echo $errors;
+ }
+ } else {
+ switch ($action) {
+ case 'exists':
+ printf(__('User %s exists!'),$user);
+ break;
+ case 'notfound':
+ printf(__('User %s not found in LDAP Directory!'),$user);
+ break;
+ case 'add':
+ printf(__('Error adding user %s!'),$user);
+ break;
+ default:
+ _e('Error!');
+ break;
+ }
}
?>
</p></div>
@@ -84,25 +99,30 @@
$result = wpmuLdapSearchUser(array( 'username' => $username,
'blog_id' => $blog_id,
'new_role' => $user['new_role']));
- $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser');
- if ($result[0]) {
- wp_new_user_notification($result[1]);
- ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username));
- } elseif ($ldapCreateLocalUser || is_super_admin($current_user->username)) {
- ?>
- <div id='message' class='updated'>
- <form method='post'>
- <p><b><?php echo $username ?></b> not found in LDAP directory. To create a local user, enter the users email:
- <input type='text' name='user[email]' size='15' />
- <input type='hidden' name='user[username]' value='<?php echo $username ?>' />
- <input type='hidden' name='user[role]' value='<?php echo $user['new_role'] ?>' />
- <?php wp_nonce_field('add-local-user') ?>
- <input type='submit' class='button' name='addLocalUser' value='Create Local User' />
- </form></p>
- </div>
- <?php
+
+ if (is_wp_error($result)) {
+ ldapAddUserResult(array('updated' => 'false','error' => $result,'username' => $username));
} else {
- ldapAddUserResult(array('updated' => 'false','action' => 'notfound','username' => $username));
+ $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser');
+ if ($result[0]) {
+ wp_new_user_notification($result[1]);
+ ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username));
+ } elseif ($ldapCreateLocalUser || is_super_admin($current_user->username)) {
+ ?>
+ <div id='message' class='updated'>
+ <form method='post'>
+ <p><b><?php echo $username ?></b> not found in LDAP directory. To create a local user, enter the users email:
+ <input type='text' name='user[email]' size='15' />
+ <input type='hidden' name='user[username]' value='<?php echo $username ?>' />
+ <input type='hidden' name='user[role]' value='<?php echo $user['new_role'] ?>' />
+ <?php wp_nonce_field('add-local-user') ?>
+ <input type='submit' class='button' name='addLocalUser' value='Create Local User' />
+ </form></p>
+ </div>
+ <?php
+ } else {
+ ldapAddUserResult(array('updated' => 'false','action' => 'notfound','username' => $username));
+ }
}
} else {
// Add User to Blog
@@ -132,11 +152,15 @@
'blog_id' => $blog_id,
'new_role' => $user['bulk_new_role'],
'createBlog' => false));
- if ($result[0]) {
- wp_new_user_notification($result[1]);
- ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username));
+ if (is_wp_error($result)) {
+ ldapAddUserResult(array('updated' => 'false','error' => $result,'username' => $username));
} else {
- ldapAddUserResult(array('updated' => 'false','action' => 'notfound','username' => $username));
+ if ($result[0]) {
+ wp_new_user_notification($result[1]);
+ ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username));
+ } else {
+ ldapAddUserResult(array('updated' => 'false','action' => 'notfound','username' => $username));
+ }
}
} else {
// Add User to Blog
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-06-20 05:26:34
|
Revision: 114
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=114&view=rev
Author: axelseaa
Date: 2010-06-20 05:26:28 +0000 (Sun, 20 Jun 2010)
Log Message:
-----------
fix for bug #3017995 - new catches to properly allow for account switching between ldap and local authentication sources
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap_auth.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-18 12:05:40 UTC (rev 113)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-20 05:26:28 UTC (rev 114)
@@ -90,6 +90,17 @@
function wpmuLdapAuthenticate($ldapString, $loginUserName, $loginPassword) {
$errors = new WP_Error;
+ // Check that user is not flagged as a ldap account
+ require ( ABSPATH . WPINC . '/registration.php' );
+ if ( username_exists($loginUserName) ) {
+ $loginObj = get_userdatabylogin($loginUserName);
+ $ldapMeta = get_usermeta($loginObj->ID,'ldap_login');
+ if ($ldapMeta != 'true') {
+ $errors->add('invalid_userpass', __('<strong>ERROR</strong>: Wrong username / password combination. LDAP Access Denied.'));
+ return array('result' => false,'errors' => $errors);
+ }
+ }
+
$server = new LDAP_ro($ldapString);
if (LDAP_DEBUG_MODE) {
echo "DEBUG: Attempting to authenticate user: $loginUserName<br/>";
@@ -163,8 +174,7 @@
}
// otherwise, the account *does* exist already, so just get the account info
- else
- $loginObj = get_userdatabylogin($loginUserName);
+ else $loginObj = get_userdatabylogin($loginUserName);
// At this point we must have a login object, but just in case something went wrong
if (!$loginObj) {
@@ -306,7 +316,7 @@
function wpmuLdapUsernamePasswordAuthenticate($user, $username, $password) {
if ( is_a($user, 'WP_User') ) return $user;
-
+
// check that username and password are not empty
if ( (empty($username) || empty($password)) ) {
return $user; // probably an WP_Error object, set in "wp_authenticate_username_password()"
@@ -314,7 +324,7 @@
// setup ldap string
$ldapString = wpmuSetupLdapOptions();
-
+
// Authenticate via LDAP, potentially creating a WP user
$ldapauthresult = wpmuLdapAuthenticate($ldapString, $username, $password);
@@ -324,6 +334,13 @@
return $ldapauthresult['errors'];
}
}
+
+function wpmuLdapCheckLdapMeta($userdata) {
+ $ldapMeta = get_usermeta($userdata->ID,'ldap_login');
+ if (isset($ldapMeta) && $ldapMeta == 'true')
+ return new WP_Error('invalid_userpass', __('<strong>ERROR</strong>: Wrong username / password combination. Local Access Denied.'));
+ return $userdata;
+}
function wpmuLdapSSOAuthenticate($user, $username, $password) {
if ( is_a($user, 'WP_User') ) return $user;
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2010-06-18 12:05:40 UTC (rev 113)
+++ trunk/ldap_auth.php 2010-06-20 05:26:28 UTC (rev 114)
@@ -50,6 +50,7 @@
// Authentication filters
add_action('authenticate', 'wpmuLdapUsernamePasswordAuthenticate', 25, 3);
+ add_filter('wp_authenticate_user', 'wpmuLdapCheckLdapMeta'); //disabled local login if ldap meta flag is set
if (get_site_option('ldapSSOEnabled')) add_action('authenticate', 'wpmuLdapSSOAuthenticate', 40, 3);
// disable only for ldap accounts
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-06-18 12:05:47
|
Revision: 113
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=113&view=rev
Author: axelseaa
Date: 2010-06-18 12:05:40 +0000 (Fri, 18 Jun 2010)
Log Message:
-----------
fixed issue where user data may not have populated correctly on login - also added the start of some debugging options
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
trunk/ldap_auth.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-16 11:18:43 UTC (rev 112)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-18 12:05:40 UTC (rev 113)
@@ -19,6 +19,10 @@
if (!isset($ldapUserData)) $ldapUserData = false;
if (!isset($createBlog)) $createBlog = true;
+ // Check to see if email is empty
+ if ( empty($ldapUserData[LDAP_INDEX_EMAIL]) )
+ return new WP_Error('ldapcreate_emailempty', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> does not have an email address associated with the ldap record. All wordpress accounts must have a unique email address.'),$newUserName));
+
// Check to see if email already exists
if ( email_exists($ldapUserData[LDAP_INDEX_EMAIL]) )
return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> is already associated with another account. All accounts (including the admin account) must have an unique email address.'),$ldapUserData[LDAP_INDEX_EMAIL]));
@@ -87,7 +91,10 @@
function wpmuLdapAuthenticate($ldapString, $loginUserName, $loginPassword) {
$errors = new WP_Error;
$server = new LDAP_ro($ldapString);
- $server->DebugOff();
+ if (LDAP_DEBUG_MODE) {
+ echo "DEBUG: Attempting to authenticate user: $loginUserName<br/>";
+ $server->DebugOn();
+ } else $server->DebugOff();
// undefined now - going to populate it in $server->Authenticate
$userDataArray = null;
$result = $server->Authenticate ($loginUserName, $loginPassword, $userDataArray);
@@ -96,20 +103,24 @@
}
// handle both at once, for security
else if ( ($result == LDAP_ERROR_USER_NOT_FOUND || $result == LDAP_ERROR_WRONG_PASSWORD) ) {
+ if (LDAP_DEBUG_MODE) echo "DEBUG: Attempting to authenticate user: Wrong user/pass<br/>";
$errors->add('invalid_userpass',__('<strong>ERROR</strong>: Wrong username / password combination.'));
return array('result' => false,'errors' => $errors);
}
// check security group
else if ( $result == LDAP_ERROR_ACCESS_GROUP ){
+ if (LDAP_DEBUG_MODE) echo "DEBUG: Attempting to authenticate user: not found in security group<br/>";
$errors->add('wrong_group',__('<strong>ERROR</strong>: Access denied - user not found in security access group(s).'));
return array('result' => false,'errors' => $errors);
}
elseif ($result == LDAP_ERROR_DENIED_GROUP) {
+ if (LDAP_DEBUG_MODE) echo "DEBUG: Attempting to authenticate user: denied via securtiy groups<br/>";
$errors->add('deny_group',__('<strong>ERROR</strong>: Access denied - user found in security deny group(s).'));
return array('result' => false,'errors' => $errors);
}
// the trickle-through catch-all
else {
+ if (LDAP_DEBUG_MODE) echo "DEBUG: Attempting to authenticate user: unknown error (not user/password or security group based - something else is wrong<br/>";
$errors->add('unknown_error',__('<strong>ERROR</strong>: Unknown error in LDAP Authentication.'));
return array('result' => false,'errors' => $errors);
}
@@ -142,7 +153,7 @@
}
return wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $loginUserName,
'newUserPassword' => $loginPassword,
- 'userDataArray' => $userDataArray));
+ 'ldapUserData' => $userDataArray));
}
// but if not configured to create 'em, exit with an error
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-06-16 11:18:43 UTC (rev 112)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-06-18 12:05:40 UTC (rev 113)
@@ -578,7 +578,7 @@
</tr>
</table>
- <br/><b>Windows Attributes</b>
+ <br/><b>Windows Specific Attributes</b>
<table class="form-table">
<tr valign="top">
<th scope="row"><label for="ldapAttributeWinSearch">Search Attribute:</label></th>
@@ -603,7 +603,7 @@
</tr>
</table>
- <br/><b>Linux Attributes</b>
+ <br/><b>Linux Specific Attributes</b>
<table class="form-table">
<tr valign="top">
<th scope="row"><label for="ldapAttributeNixSearch">Search Attribute:</label></th>
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2010-06-16 11:18:43 UTC (rev 112)
+++ trunk/ldap_auth.php 2010-06-18 12:05:40 UTC (rev 113)
@@ -25,6 +25,8 @@
add_action('admin_menu', 'ldap_addmenuuser');
add_action('admin_menu', 'wpmuRemoveAddNewMenu');
+define('LDAP_DEBUG_MODE',false);
+
// perform these filters, actions, and WP function overrides only if LDAP-
// authentication is enabled; this is to cut down on parsing of this code when
// it doesn't apply
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-06-16 11:18:50
|
Revision: 112
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=112&view=rev
Author: axelseaa
Date: 2010-06-16 11:18:43 +0000 (Wed, 16 Jun 2010)
Log Message:
-----------
minor tweaks
Modified Paths:
--------------
trunk/ldap/doc/README
trunk/ldap/lib/ldap_core.php
trunk/ldap_auth.php
Modified: trunk/ldap/doc/README
===================================================================
--- trunk/ldap/doc/README 2010-06-02 18:27:18 UTC (rev 111)
+++ trunk/ldap/doc/README 2010-06-16 11:18:43 UTC (rev 112)
@@ -5,10 +5,10 @@
License:
================================================================================
-LDAP-Authentication Plugin, v.2.9
-for WPMU 2.8.x and 2.9.x
+LDAP-Authentication Plugin, v.3.0
+for WPMU 3.0.x
-Copyright (C) 2009 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and
+Copyright (C) 2010 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and
Sean Wedig, Aaron Axelsen
This library is free software; you can redistribute it and/or modify it under
Modified: trunk/ldap/lib/ldap_core.php
===================================================================
--- trunk/ldap/lib/ldap_core.php 2010-06-02 18:27:18 UTC (rev 111)
+++ trunk/ldap/lib/ldap_core.php 2010-06-16 11:18:43 UTC (rev 112)
@@ -215,9 +215,9 @@
$search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS).")";
}
$this->SetSearchCriteria("(&$search_filter)", $attributes_to_get);
-
$this->Search();
$results = ldap_get_entries($this->connection_handle, $this->search_result);
+
// Check Groups
$userGroups = array();
for ($i = 0; $i < $results['count']; $i++) {
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2010-06-02 18:27:18 UTC (rev 111)
+++ trunk/ldap_auth.php 2010-06-16 11:18:43 UTC (rev 112)
@@ -3,7 +3,7 @@
Plugin Name: LDAP Authentication Plug-in
Plugin URI: http://wpmuldap.tuxdocs.net
Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication.
-Version: 2.9
+Version: 3.0
Author: Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/),
Patrick Cavit (http://patcavit.com),
Hugo Salgado (http://hugo.vulcano.cl),
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-06-02 19:08:32
|
Revision: 111
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=111&view=rev
Author: axelseaa
Date: 2010-06-02 18:27:18 +0000 (Wed, 02 Jun 2010)
Log Message:
-----------
updated project website address
Modified Paths:
--------------
trunk/ldap/doc/README
trunk/ldap_auth.php
Modified: trunk/ldap/doc/README
===================================================================
--- trunk/ldap/doc/README 2010-05-10 16:33:51 UTC (rev 110)
+++ trunk/ldap/doc/README 2010-06-02 18:27:18 UTC (rev 111)
@@ -1,5 +1,5 @@
================================================================================
-Project Website: http://wpmuldap.frozenpc.net
+Project Website: http://wpmuldap.tuxdocs.net
================================================================================
================================================================================
License:
@@ -136,5 +136,5 @@
Aaron Axelsen - http://www.frozenpc.net
================================================================================
-Project Website: http://wpmuldap.frozenpc.net
+Project Website: http://wpmuldap.tuxdocs.net
================================================================================
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2010-05-10 16:33:51 UTC (rev 110)
+++ trunk/ldap_auth.php 2010-06-02 18:27:18 UTC (rev 111)
@@ -1,7 +1,7 @@
<?php
/*
Plugin Name: LDAP Authentication Plug-in
-Plugin URI: http://wpmuldap.frozenpc.net
+Plugin URI: http://wpmuldap.tuxdocs.net
Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication.
Version: 2.9
Author: Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/),
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-05-10 16:33:57
|
Revision: 110
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=110&view=rev
Author: axelseaa
Date: 2010-05-10 16:33:51 +0000 (Mon, 10 May 2010)
Log Message:
-----------
changed bulk add logic to not attempt to auto create blogs if configured - wordpress does not support multiple blogs being created in a single function
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_adduser.functions.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-05-10 04:22:06 UTC (rev 109)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-05-10 16:33:51 UTC (rev 110)
@@ -9,9 +9,16 @@
*
* @author - dwang99
*/
-function wpmuLdapCreateWPUserFromLdap($newUserName, $newUserPassword, $ldapUserData) {
+function wpmuLdapCreateWPUserFromLdap($opts) {
global $base, $error, $wpdb, $current_site;
+ // Extract Inputs
+ extract($opts);
+ if (!isset($newUserName)) $newUserName = '';
+ if (!isset($newUserPassword)) $newUserPassword = '';
+ if (!isset($ldapUserData)) $ldapUserData = false;
+ if (!isset($createBlog)) $createBlog = true;
+
// Check to see if email already exists
if ( email_exists($ldapUserData[LDAP_INDEX_EMAIL]) )
return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> is already associated with another account. All accounts (including the admin account) must have an unique email address.'),$ldapUserData[LDAP_INDEX_EMAIL]));
@@ -61,7 +68,7 @@
// is it configured to create WP blogs from LDAP accounts?
$ldapCreateBlog = get_site_option("ldapCreateBlog");
- if ($ldapCreateBlog) {
+ if ($createBlog && $ldapCreateBlog) {
// Create and update the user's blog.
$meta = apply_filters('signup_create_blog_meta', array ('lang_id' => 'en', 'public' => 0));
$blog_id = wpmu_create_blog($newdomain, $path, $newUserName . "'s blog", $user_id, $meta);
@@ -133,8 +140,9 @@
if (!strpos($_REQUEST['redirect_to'], $loginUserName)) {
$_REQUEST['redirect_to'] = $loginUserName . "/" . $_REQUEST['redirect_to'];
}
-
- return wpmuLdapCreateWPUserFromLdap($loginUserName, $loginPassword, $userDataArray);
+ return wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $loginUserName,
+ 'newUserPassword' => $loginPassword,
+ 'userDataArray' => $userDataArray));
}
// but if not configured to create 'em, exit with an error
@@ -193,13 +201,6 @@
if ($server->DoSearchUsername($in_username, $attributes_to_get, $userDataArray) == LDAP_OK) {
return true;
-# if (!empty($userDataArray)) {
-# if ($server->checkGroup($userDataArray[LDAP_INDEX_DN]) == 0) {
-# return true;
-# } else {
-# return false;
-# }
-# }
}
return false;
}
@@ -207,7 +208,16 @@
/**
* Searches for a username. If found, adds the user and returns user data.
*/
-function wpmuLdapSearchUser($username,$blog_id = 1,$new_role = 'subscriber',$createUser = true) {
+function wpmuLdapSearchUser($opts) {
+
+ // Extract Inputs
+ extract($opts);
+ if (!isset($username)) $username = '';
+ if (!isset($blog_id)) $blog_id = 1;
+ if (!isset($new_role)) $new_role = 'subscriber';
+ if (!isset($createUser)) $createUser = true;
+ if (!isset($createBlog)) $createBlog = true;
+
// Bind to directory, search for username
$ldapString = wpmuSetupLdapOptions();
$userDataArray = null;
@@ -218,7 +228,9 @@
return array( true, $user_id );
}
}
- if (wpmuLdapCreateWPUserFromLdap($username,'',$userDataArray)) {
+ if (wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $username,
+ 'ldapUserData' => $userDataArray,
+ 'createBlog' => $createBlog))) {
if ( $user_id = username_exists($username) ) {
add_user_to_blog($blog_id, $user_id, $new_role);
Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-05-10 04:22:06 UTC (rev 109)
+++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-05-10 16:33:51 UTC (rev 110)
@@ -81,7 +81,9 @@
// try finding a WP account for this user name
$login = get_userdatabylogin($username);
if (!$login) {
- $result = wpmuLdapSearchUser($username,$blog_id,$user['new_role']);
+ $result = wpmuLdapSearchUser(array( 'username' => $username,
+ 'blog_id' => $blog_id,
+ 'new_role' => $user['new_role']));
$ldapCreateLocalUser = get_site_option('ldapCreateLocalUser');
if ($result[0]) {
wp_new_user_notification($result[1]);
@@ -126,7 +128,10 @@
// try finding a WP account for this user name
$login = get_userdatabylogin($username);
if (!$login) {
- $result = wpmuLdapSearchUser($username,$blog_id,$user['bulk_new_role']);
+ $result = wpmuLdapSearchUser(array( 'username' => $username,
+ 'blog_id' => $blog_id,
+ 'new_role' => $user['bulk_new_role'],
+ 'createBlog' => false));
if ($result[0]) {
wp_new_user_notification($result[1]);
ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username));
@@ -225,7 +230,7 @@
if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) {
?>
<h2><?php _e('Add Bulk Users') ?></h2>
- <p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk.</p>
+ <p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk. The auto create blog for new users function will be disabled for bulk adds.</p>
<form method="post" id="ldap_add_user_bulk">
<?php wp_nonce_field('add-user-bulk') ?>
<fieldset class="options">
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-05-10 04:22:12
|
Revision: 109
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=109&view=rev
Author: axelseaa
Date: 2010-05-10 04:22:06 +0000 (Mon, 10 May 2010)
Log Message:
-----------
added linux/windows specific attribute area
Modified Paths:
--------------
trunk/ldap/lib/defines.php
trunk/ldap/lib/ldap_core.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
Modified: trunk/ldap/lib/defines.php
===================================================================
--- trunk/ldap/lib/defines.php 2010-05-10 03:34:51 UTC (rev 108)
+++ trunk/ldap/lib/defines.php 2010-05-10 04:22:06 UTC (rev 109)
@@ -37,11 +37,13 @@
define ('LDAP_DEFAULT_ATTRIBUTE_PHONE', 'phone');
define ('LDAP_DEFAULT_ATTRIBUTE_HOMEDIR', 'homedirectory');
define ('LDAP_DEFAULT_ATTRIBUTE_MEMBER', 'member');
+define ('LDAP_DEFAULT_ATTRIBUTE_MEMBERNIX', 'uniquemember');
define ('LDAP_DEFAULT_ATTRIBUTE_MACADDRESS', 'zenwmmacaddress');
define ('LDAP_DEFAULT_ATTRIBUTE_DN', 'dn');
define ('LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH', 'uid');
define ('LDAP_DEFAULT_ATTRIBUTE_WINSEARCH', 'samaccountname');
define ('LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS','group');
+define ('LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASSNIX','groupofuniquenames');
define ('LDAP_DELIM', ",");
define ('LDAP_USER_SEARCH_FULLNAME', '0');
Modified: trunk/ldap/lib/ldap_core.php
===================================================================
--- trunk/ldap/lib/ldap_core.php 2010-05-10 03:34:51 UTC (rev 108)
+++ trunk/ldap/lib/ldap_core.php 2010-05-10 04:22:06 UTC (rev 109)
@@ -207,9 +207,14 @@
// Get Groups
$attributes_to_get = array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN));
- $search_filter = "(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)";
- $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))";
- $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", $attributes_to_get);
+ if (get_site_option('ldapLinuxWindows')) {
+ $search_filter = "(".get_site_option('ldapAttributeMemberNix',LDAP_DEFAULT_ATTRIBUTE_MEMBERNIX)."=$userDN)";
+ $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclassNix',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASSNIX).")";
+ } else {
+ $search_filter = "(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)";
+ $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS).")";
+ }
+ $this->SetSearchCriteria("(&$search_filter)", $attributes_to_get);
$this->Search();
$results = ldap_get_entries($this->connection_handle, $this->search_result);
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-05-10 03:34:51 UTC (rev 108)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-05-10 04:22:06 UTC (rev 109)
@@ -175,11 +175,13 @@
$ret['ldapAttributePhone'] = get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE);
$ret['ldapAttributeHomedir'] = get_site_option('ldapAttributeHomedir',LDAP_DEFAULT_ATTRIBUTE_HOMEDIR);
$ret['ldapAttributeMember'] = get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER);
+ $ret['ldapAttributeMemberNix'] = get_site_option('ldapAttributeMemberNix',LDAP_DEFAULT_ATTRIBUTE_MEMBERNIX);
$ret['ldapAttributeMacaddress'] = get_site_option('ldapAttributeMacaddress',LDAP_DEFAULT_ATTRIBUTE_MACADDRESS);
$ret['ldapAttributeDn'] = get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN);
$ret['ldapAttributeNixSearch'] = get_site_option('ldapAttributeNixSearch',LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH);
$ret['ldapAttributeWinSearch'] = get_site_option('ldapAttributeWinSearch',LDAP_DEFAULT_ATTRIBUTE_WINSEARCH);
$ret['ldapAttributeGroupObjectclass'] = get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS);
+ $ret['ldapAttributeGroupObjectclassNix']= get_site_option('ldapAttributeGroupObjectclassNix',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASSNIX);
$ret['ldapGroupAllowLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin','display' => 'web'));
$ret['ldapGroupAllowLoginCreate'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLoginCreate','display' => 'web'));
@@ -516,6 +518,7 @@
<form method="post" id="ldap_auth_options">
<h3>LDAP Attribute Mapping</h3>
<p>This page will allow you to modify which ldap attribute the plugin uses to populate default values for the user.</p>
+ <b>General Attributes</b>
<table class="form-table">
<tr valign="top">
<th scope="row"><label for="ldapAttributeMail">Email:</label></th>
@@ -560,48 +563,71 @@
</td>
</tr>
<tr valign="top">
- <th scope="row"><label for="ldapAttributeMember">Group Attribute:</label></th>
+ <th scope="row"><label for="ldapAttributeMacaddress">Mac Address:</label></th>
<td>
- <input type="text" name="ldapAttributeMember" id="ldapAttributeMember" value="<?php echo $ldapAttributeMember ?>" />
+ <input type="text" name="ldapAttributeMacaddress" id="ldapAttributeMacaddress" value="<?php echo $ldapAttributeMacaddress ?>" />
<br/>
</td>
</tr>
<tr valign="top">
- <th scope="row"><label for="ldapAttributeGroupObjectclass">Group Objectclass:</label></th>
+ <th scope="row"><label for="ldapAttributeDn">Distinguished Name (DN):</label></th>
<td>
- <input type="text" name="ldapAttributeGroupObjectclass" id="ldapAttributeGroupObjectclass" value="<?php echo $ldapAttributeGroupObjectclass ?>" />
+ <input type="text" name="ldapAttributeDn" id="ldapAttributeDn" value="<?php echo $ldapAttributeDn ?>" />
<br/>
</td>
</tr>
+ </table>
+
+ <br/><b>Windows Attributes</b>
+ <table class="form-table">
<tr valign="top">
- <th scope="row"><label for="ldapAttributeMacaddress">Mac Address:</label></th>
+ <th scope="row"><label for="ldapAttributeWinSearch">Search Attribute:</label></th>
<td>
- <input type="text" name="ldapAttributeMacaddress" id="ldapAttributeMacaddress" value="<?php echo $ldapAttributeMacaddress ?>" />
+ <input type="text" name="ldapAttributeWinSearch" id="ldapAttributeWinSearch" value="<?php echo $ldapAttributeWinSearch ?>" />
<br/>
</td>
</tr>
<tr valign="top">
- <th scope="row"><label for="ldapAttributeDn">Distinguished Name (DN):</label></th>
+ <th scope="row"><label for="ldapAttributeMember">Group Attribute:</label></th>
<td>
- <input type="text" name="ldapAttributeDn" id="ldapAttributeDn" value="<?php echo $ldapAttributeDn ?>" />
+ <input type="text" name="ldapAttributeMember" id="ldapAttributeMember" value="<?php echo $ldapAttributeMember ?>" />
<br/>
</td>
</tr>
<tr valign="top">
- <th scope="row"><label for="ldapAttributeNixSearch">Search Attribute (Linux):</label></th>
+ <th scope="row"><label for="ldapAttributeGroupObjectclass">Group Objectclass:</label></th>
<td>
+ <input type="text" name="ldapAttributeGroupObjectclass" id="ldapAttributeGroupObjectclass" value="<?php echo $ldapAttributeGroupObjectclass ?>" />
+ <br/>
+ </td>
+ </tr>
+ </table>
+
+ <br/><b>Linux Attributes</b>
+ <table class="form-table">
+ <tr valign="top">
+ <th scope="row"><label for="ldapAttributeNixSearch">Search Attribute:</label></th>
+ <td>
<input type="text" name="ldapAttributeNixSearch" id="ldapAttributeNixSearch" value="<?php echo $ldapAttributeNixSearch ?>" />
<br/>
</td>
</tr>
<tr valign="top">
- <th scope="row"><label for="ldapAttributeWinSearch">Search Attribute (Windows):</label></th>
+ <th scope="row"><label for="ldapAttributeMemberNix">Group Attribute:</label></th>
<td>
- <input type="text" name="ldapAttributeWinSearch" id="ldapAttributeWinSearch" value="<?php echo $ldapAttributeWinSearch ?>" />
+ <input type="text" name="ldapAttributeMemberNix" id="ldapAttributeMemberNix" value="<?php echo $ldapAttributeMemberNix ?>" />
<br/>
</td>
</tr>
+ <tr valign="top">
+ <th scope="row"><label for="ldapAttributeGroupObjectclassNix">Group Objectclass:</label></th>
+ <td>
+ <input type="text" name="ldapAttributeGroupObjectclassNix" id="ldapAttributeGroupObjectclassNix" value="<?php echo $ldapAttributeGroupObjectclassNix ?>" />
+ <br/>
+ </td>
+ </tr>
</table>
+
<p class="submit"><input type="submit" name="ldapOptionsSave" value="Save Attributes" /></p>
</form>
<?php
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-05-10 03:34:57
|
Revision: 108
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=108&view=rev
Author: axelseaa
Date: 2010-05-10 03:34:51 +0000 (Mon, 10 May 2010)
Log Message:
-----------
a few changes based on ken's feedback - thanks\!
Modified Paths:
--------------
trunk/ldap/lib/ldap_core.php
trunk/ldap/lib/ldap_ro.php
trunk/ldap/lib/wpmu_ldap.functions.php
Modified: trunk/ldap/lib/ldap_core.php
===================================================================
--- trunk/ldap/lib/ldap_core.php 2010-05-06 11:35:00 UTC (rev 107)
+++ trunk/ldap/lib/ldap_core.php 2010-05-10 03:34:51 UTC (rev 108)
@@ -200,13 +200,17 @@
function checkGroup($userDN,$groups){
//Make sure we're connected - we're not when this is called from the admin side
if (!$this->connection_handle) {
- $this->connect();
+ $this->dock();
}
if (empty($groups)) return LDAP_GROUP_NOT_SET;
// Get Groups
- $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)));
+ $attributes_to_get = array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN));
+ $search_filter = "(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)";
+ $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))";
+ $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", $attributes_to_get);
+
$this->Search();
$results = ldap_get_entries($this->connection_handle, $this->search_result);
// Check Groups
Modified: trunk/ldap/lib/ldap_ro.php
===================================================================
--- trunk/ldap/lib/ldap_ro.php 2010-05-06 11:35:00 UTC (rev 107)
+++ trunk/ldap/lib/ldap_ro.php 2010-05-10 03:34:51 UTC (rev 108)
@@ -76,8 +76,7 @@
// Default Catch
$return = LDAP_OK;
- }
- else {
+ } else {
if ($this->GetErrorNumber() == 49) {
$return = LDAP_ERROR_WRONG_PASSWORD;
}
@@ -160,10 +159,21 @@
$data[LDAP_INDEX_GIVEN_NAME] = $this->GetLDAPInfo (LDAP_INDEX_GIVEN_NAME);
$data[LDAP_INDEX_SURNAME] = $this->GetLDAPInfo (LDAP_INDEX_SURNAME);
$data[LDAP_INDEX_PHONE] = $this->GetLDAPInfo (LDAP_INDEX_PHONE);
+
+ // If deny group set and user found, return
+ $deny = $this->checkGroup($user_data[LDAP_INDEX_DN],wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin')));
+ if ($deny == LDAP_IN_GROUP) return LDAP_ERROR_DENIED_GROUP;
+
+ // If allow group set and user found,
+ $allow = $this->checkGroup($user_data[LDAP_INDEX_DN],wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin')));
+ if ($allow == LDAP_IN_GROUP) return LDAP_OK; // found in group
+ if ($allow == LDAP_ERROR_NOT_IN_GROUP) return LDAP_ERROR_ACCESS_GROUP; // not in group
+
+ // Default Catch
+ return LDAP_OK;
} else {
$data = null;
}
- return LDAP_OK;
}
function GetEmailList ($in_email_list_name, &$emails, &$dns) {
@@ -203,4 +213,3 @@
return true;
}
}
-?>
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-05-06 11:35:00 UTC (rev 107)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-05-10 03:34:51 UTC (rev 108)
@@ -192,13 +192,14 @@
$userDataArray = null;
if ($server->DoSearchUsername($in_username, $attributes_to_get, $userDataArray) == LDAP_OK) {
- if (!empty($userDataArray)) {
- if ($server->checkGroup($userDataArray[LDAP_INDEX_DN]) == 0) {
- return true;
- } else {
- return false;
- }
- }
+ return true;
+# if (!empty($userDataArray)) {
+# if ($server->checkGroup($userDataArray[LDAP_INDEX_DN]) == 0) {
+# return true;
+# } else {
+# return false;
+# }
+# }
}
return false;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-04-25 14:07:47
|
Revision: 106
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=106&view=rev
Author: axelseaa
Date: 2010-04-25 14:07:41 +0000 (Sun, 25 Apr 2010)
Log Message:
-----------
minor changes - moved group get function and setup function to admin page - elliminates errors when plugin is not enabled. Also fixed serialization issues with group options
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-02-19 14:35:41 UTC (rev 105)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-04-25 14:07:41 UTC (rev 106)
@@ -242,20 +242,6 @@
return true;
}
-/**
- * Configures the ldap options to pass in for authentication/verification
- */
-function wpmuSetupLdapOptions() {
- $options = array();
- $options[] = get_site_option("ldapServerAddr");
- $options[] = get_site_option("ldapServerOU");
- $options[] = get_site_option("ldapServerCN");
- $options[] = get_site_option("ldapServerPass");
- $options[] = get_site_option("ldapServerPort");
- $options[] = get_site_option("ldapEnableSSL");
- return $options;
-}
-
/**
* Overrides display and handling of the WPMU signup form. Simply
* displays a message to indicate to users that they should use the login form
@@ -377,13 +363,3 @@
return $username;
}
-
-/**/
-function wpmuLdapGroupsGet($opts = array()) {
- if (empty($opts['siteoption'])) return;
- if (empty($opts['display'])) $opts['display'] = 'array';
- $groups = unserialize(get_site_option($opts['siteoption']));
- if (empty($groups)) return;
- if ($opts['display'] == 'array') return array_filter(array_map('strtolower', $groups));
- elseif ($opts['display'] == 'web') return implode("\n",$groups);
-}
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-02-19 14:35:41 UTC (rev 105)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-04-25 14:07:41 UTC (rev 106)
@@ -82,15 +82,15 @@
} else if ($_POST['ldapGroupsSave']) {
$allow = explode("\n", $_POST['ldapGroupAllowLogin']);
$allow = array_filter(array_map('trim', $allow));
- update_site_option('ldapGroupAllowLogin',serialize($allow));
+ update_site_option('ldapGroupAllowLogin',$allow);
#$allowCreate = explode("\n", $_POST['ldapGroupAllowLoginCreate']);
#$allowCreate = array_filter(array_map('trim', $allowCreate));
- #update_site_option('ldapGroupAllowLoginCreate',serialize($allowCreate));
+ #update_site_option('ldapGroupAllowLoginCreate',$allowCreate);
$deny = explode("\n", $_POST['ldapGroupDenyLogin']);
$deny = array_filter(array_map('trim', $deny));
- update_site_option('ldapGroupDenyLogin',serialize($deny));
+ update_site_option('ldapGroupDenyLogin',$deny);
echo "<div id='message' class='updated fade'><p>Saved Options!</p></div>";
} else if ($_POST['ldapFixMeta']) {
@@ -860,3 +860,29 @@
return $result;
}
+/**
+ * Get Groups from DB
+ */
+function wpmuLdapGroupsGet($opts = array()) {
+ if (empty($opts['siteoption'])) return;
+ if (empty($opts['display'])) $opts['display'] = 'array';
+ $groups = get_site_option($opts['siteoption']);
+ if (empty($groups)) return;
+ if ($opts['display'] == 'array') return array_filter(array_map('strtolower', $groups));
+ elseif ($opts['display'] == 'web') return implode("\n",$groups);
+}
+
+/**
+ * Configures the ldap options to pass in for authentication/verification
+ */
+function wpmuSetupLdapOptions() {
+ $options = array();
+ $options[] = get_site_option("ldapServerAddr");
+ $options[] = get_site_option("ldapServerOU");
+ $options[] = get_site_option("ldapServerCN");
+ $options[] = get_site_option("ldapServerPass");
+ $options[] = get_site_option("ldapServerPort");
+ $options[] = get_site_option("ldapEnableSSL");
+ return $options;
+}
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-02-19 14:35:48
|
Revision: 105
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=105&view=rev
Author: axelseaa
Date: 2010-02-19 14:35:41 +0000 (Fri, 19 Feb 2010)
Log Message:
-----------
global allow and deny groups implemented - nested group support
Modified Paths:
--------------
trunk/ldap/lib/defines.php
trunk/ldap/lib/ldap_core.php
trunk/ldap/lib/ldap_ro.php
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
Modified: trunk/ldap/lib/defines.php
===================================================================
--- trunk/ldap/lib/defines.php 2010-01-31 18:35:00 UTC (rev 104)
+++ trunk/ldap/lib/defines.php 2010-02-19 14:35:41 UTC (rev 105)
@@ -1,12 +1,17 @@
<?php
-define ('LDAP_OK', '0');
-define ('LDAP_ERROR_NO_PASSWORD', '-1');
-define ('LDAP_ERROR_NO_NOVELL_ID', '-2');
-define ('LDAP_ERROR_USER_NOT_FOUND', '-3');
-define ('LDAP_ERROR_NO_EMAIL_IN_NDS', '-4');
-define ('LDAP_ERROR_CONNECTION', '-5');
-define ('LDAP_ERROR_WRONG_PASSWORD', '-6');
-define ('LDAP_ERROR_EMPTY_PARAM', '-7');
+define ('LDAP_OK', '0');
+define ('LDAP_IN_GROUP', '1');
+define ('LDAP_GROUP_NOT_SET', '2');
+define ('LDAP_ERROR_NO_PASSWORD', '-1');
+define ('LDAP_ERROR_NO_NOVELL_ID', '-2');
+define ('LDAP_ERROR_USER_NOT_FOUND', '-3');
+define ('LDAP_ERROR_NO_EMAIL_IN_NDS', '-4');
+define ('LDAP_ERROR_CONNECTION', '-5');
+define ('LDAP_ERROR_WRONG_PASSWORD', '-6');
+define ('LDAP_ERROR_EMPTY_PARAM', '-7');
+define ('LDAP_ERROR_ACCESS_GROUP', '-8');
+define ('LDAP_ERROR_DENIED_GROUP', '-9');
+define ('LDAP_ERROR_NOT_IN_GROUP', '-10');
define ('LDAP_INDEX_EMAIL', '0');
define ('LDAP_INDEX_NAME', '1');
@@ -36,6 +41,7 @@
define ('LDAP_DEFAULT_ATTRIBUTE_DN', 'dn');
define ('LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH', 'uid');
define ('LDAP_DEFAULT_ATTRIBUTE_WINSEARCH', 'samaccountname');
+define ('LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS','group');
define ('LDAP_DELIM', ",");
define ('LDAP_USER_SEARCH_FULLNAME', '0');
Modified: trunk/ldap/lib/ldap_core.php
===================================================================
--- trunk/ldap/lib/ldap_core.php 2010-01-31 18:35:00 UTC (rev 104)
+++ trunk/ldap/lib/ldap_core.php 2010-02-19 14:35:41 UTC (rev 105)
@@ -196,5 +196,69 @@
if ($type == LDAP_INDEX_DN) return $this->info[0][$dn];
if ($type == LDAP_INDEX_NICKNAME) return empty($nickname) ? false : $this->info[0][$nickname][0];
}
+
+ function checkGroup($userDN,$groups){
+ //Make sure we're connected - we're not when this is called from the admin side
+ if (!$this->connection_handle) {
+ $this->connect();
+ }
+
+ if (empty($groups)) return LDAP_GROUP_NOT_SET;
+
+ // Get Groups
+ $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)));
+ $this->Search();
+ $results = ldap_get_entries($this->connection_handle, $this->search_result);
+ // Check Groups
+ $userGroups = array();
+ for ($i = 0; $i < $results['count']; $i++) {
+ $userGroups[$i] = strtolower($results[$i][get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)]);
+ if (in_array($userGroups[$i],$groups)) return LDAP_IN_GROUP;
+ }
+
+ if ($this->checkGroupNested($groups,$userGroups)) {
+ return LDAP_IN_GROUP;
+ }
+
+ // Check for nested groups
+ return LDAP_ERROR_NOT_IN_GROUP;
+ }
+
+ /* Recursive function used to check nested groups */
+ function checkGroupNested($reqgroups,$groups,$checkedgroups = array()) {
+ if (!$groups) return false; //no more groups left to check
+
+ #print "Checking Groups ".implode(",",$groups)." <br/>";
+
+ $groupstocheck = array();
+ foreach ($groups as $group) {
+ // Get User Groups
+ $attributes_to_get = array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN));
+ $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$group)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", $attributes_to_get);
+ $this->Search();
+ $results = ldap_get_entries($this->connection_handle, $this->search_result);
+ $returnedgroups = array();
+ for ($i = 0; $i < $results['count']; $i++) {
+ array_push($returnedgroups,strtolower($results[$i][get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)]));
+ }
+
+ #print "Group $group is a member of: ".implode(",",$returnedgroups)."<br/>";
+
+ foreach ($returnedgroups as $checkgroup) {
+ if (in_array($checkgroup, $checkedgroups)) {
+ continue;
+ }
+
+ #print "Checking membership for $checkgroup<br/>";
+
+ if (in_array($checkgroup, $reqgroups)) {
+ return true;
+ } else {
+ array_push($groupstocheck,$checkgroup);
+ }
+ }
+ }
+ $checkedgroups = array_unique(array_merge($groups,$checkedgroups));
+ return $this->checkGroupNested($reqgroups,$groupstocheck,$checkedgroups);
+ }
}
-?>
Modified: trunk/ldap/lib/ldap_ro.php
===================================================================
--- trunk/ldap/lib/ldap_ro.php 2010-01-31 18:35:00 UTC (rev 104)
+++ trunk/ldap/lib/ldap_ro.php 2010-02-19 14:35:41 UTC (rev 105)
@@ -33,6 +33,7 @@
get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME),
get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN),
get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE));
+
if (get_site_option('ldapLinuxWindows'))
$uid = get_site_option('ldapAttributeNixSearch',LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH); //Linux
else
@@ -62,8 +63,18 @@
$user_data[LDAP_INDEX_GIVEN_NAME] = $this->GetLDAPInfo (LDAP_INDEX_GIVEN_NAME);
$user_data[LDAP_INDEX_SURNAME] = $this->GetLDAPInfo (LDAP_INDEX_SURNAME);
$user_data[LDAP_INDEX_PHONE] = $this->GetLDAPInfo (LDAP_INDEX_PHONE);
-
- // Success!
+ $user_data[LDAP_INDEX_MEMBER] = $this->GetLDAPInfo (LDAP_INDEX_MEMBER);
+
+ // If deny group set and user found, return
+ $deny = $this->checkGroup($user_data[LDAP_INDEX_DN],wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin')));
+ if ($deny == LDAP_IN_GROUP) return LDAP_ERROR_DENIED_GROUP;
+
+ // If allow group set and user found,
+ $allow = $this->checkGroup($user_data[LDAP_INDEX_DN],wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin')));
+ if ($allow == LDAP_IN_GROUP) return LDAP_OK; // found in group
+ if ($allow == LDAP_ERROR_NOT_IN_GROUP) return LDAP_ERROR_ACCESS_GROUP; // not in group
+
+ // Default Catch
$return = LDAP_OK;
}
else {
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-31 18:35:00 UTC (rev 104)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-02-19 14:35:41 UTC (rev 105)
@@ -87,13 +87,20 @@
if ($result == LDAP_OK) {
return array('result' => true,'userdata' => $userDataArray);
}
-
// handle both at once, for security
else if ( ($result == LDAP_ERROR_USER_NOT_FOUND || $result == LDAP_ERROR_WRONG_PASSWORD) ) {
$errors->add('invalid_userpass',__('<strong>ERROR</strong>: Wrong username / password combination.'));
return array('result' => false,'errors' => $errors);
}
-
+ // check security group
+ else if ( $result == LDAP_ERROR_ACCESS_GROUP ){
+ $errors->add('wrong_group',__('<strong>ERROR</strong>: Access denied - user not found in security access group(s).'));
+ return array('result' => false,'errors' => $errors);
+ }
+ elseif ($result == LDAP_ERROR_DENIED_GROUP) {
+ $errors->add('deny_group',__('<strong>ERROR</strong>: Access denied - user found in security deny group(s).'));
+ return array('result' => false,'errors' => $errors);
+ }
// the trickle-through catch-all
else {
$errors->add('unknown_error',__('<strong>ERROR</strong>: Unknown error in LDAP Authentication.'));
@@ -182,12 +189,16 @@
get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME),
get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN),
get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE));
-
$userDataArray = null;
if ($server->DoSearchUsername($in_username, $attributes_to_get, $userDataArray) == LDAP_OK) {
- if (!empty($userDataArray))
- return true;
+ if (!empty($userDataArray)) {
+ if ($server->checkGroup($userDataArray[LDAP_INDEX_DN]) == 0) {
+ return true;
+ } else {
+ return false;
+ }
+ }
}
return false;
}
@@ -366,3 +377,13 @@
return $username;
}
+
+/**/
+function wpmuLdapGroupsGet($opts = array()) {
+ if (empty($opts['siteoption'])) return;
+ if (empty($opts['display'])) $opts['display'] = 'array';
+ $groups = unserialize(get_site_option($opts['siteoption']));
+ if (empty($groups)) return;
+ if ($opts['display'] == 'array') return array_filter(array_map('strtolower', $groups));
+ elseif ($opts['display'] == 'web') return implode("\n",$groups);
+}
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-31 18:35:00 UTC (rev 104)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-02-19 14:35:41 UTC (rev 105)
@@ -42,6 +42,8 @@
ldapOptionsPanelUpdates();
} elseif ($tab == 'general') {
ldapOptionsPanelGeneral();
+ } elseif ($tab == 'group') {
+ ldapOptionsPanelGroup();
} else {
ldapOptionsPanelConnection();
}
@@ -56,6 +58,7 @@
echo '<a href="?page=wpmu_ldap_admin.functions.php"'.((empty($tab) || $tab == 'connection') ? ' class="wpmuLdapOptionMenuSelected"' : '').'>Connection Settings</a> | ';
echo '<a href="?page=wpmu_ldap_admin.functions.php&ldaptab=general"'.($tab == 'general' ? ' class="wpmuLdapOptionMenuSelected"' : '').'>General Settings</a> | ';
echo '<a href="?page=wpmu_ldap_admin.functions.php&ldaptab=attributes"'.($tab == 'attributes' ? ' class="wpmuLdapOptionMenuSelected"' : '').'>Attribute Mapping</a> | ';
+ echo '<a href="?page=wpmu_ldap_admin.functions.php&ldaptab=group"'.($tab == 'group' ? ' class="wpmuLdapOptionMenuSelected"' : '').'>Group Settings</a> | ';
echo '<a href="?page=wpmu_ldap_admin.functions.php&ldaptab=upgrade"'.($tab == 'upgrade' ? ' class="wpmuLdapOptionMenuSelected"' : '').'>Upgrade</a>';
echo '</p><hr/>';
}
@@ -76,6 +79,20 @@
}
echo "<div id='message' class='updated fade'><p>Saved Options!</p></div>";
+ } else if ($_POST['ldapGroupsSave']) {
+ $allow = explode("\n", $_POST['ldapGroupAllowLogin']);
+ $allow = array_filter(array_map('trim', $allow));
+ update_site_option('ldapGroupAllowLogin',serialize($allow));
+
+ #$allowCreate = explode("\n", $_POST['ldapGroupAllowLoginCreate']);
+ #$allowCreate = array_filter(array_map('trim', $allowCreate));
+ #update_site_option('ldapGroupAllowLoginCreate',serialize($allowCreate));
+
+ $deny = explode("\n", $_POST['ldapGroupDenyLogin']);
+ $deny = array_filter(array_map('trim', $deny));
+ update_site_option('ldapGroupDenyLogin',serialize($deny));
+
+ echo "<div id='message' class='updated fade'><p>Saved Options!</p></div>";
} else if ($_POST['ldapFixMeta']) {
wpmuLdapFixMeta();
update_site_option('ldapfixmetafor15','true');
@@ -162,6 +179,12 @@
$ret['ldapAttributeDn'] = get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN);
$ret['ldapAttributeNixSearch'] = get_site_option('ldapAttributeNixSearch',LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH);
$ret['ldapAttributeWinSearch'] = get_site_option('ldapAttributeWinSearch',LDAP_DEFAULT_ATTRIBUTE_WINSEARCH);
+ $ret['ldapAttributeGroupObjectclass'] = get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS);
+
+ $ret['ldapGroupAllowLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin','display' => 'web'));
+ $ret['ldapGroupAllowLoginCreate'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLoginCreate','display' => 'web'));
+ $ret['ldapGroupDenyLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin','display' => 'web'));
+
return $ret;
}
@@ -537,13 +560,20 @@
</td>
</tr>
<tr valign="top">
- <th scope="row"><label for="ldapAttributeMember">Member:</label></th>
+ <th scope="row"><label for="ldapAttributeMember">Group Attribute:</label></th>
<td>
<input type="text" name="ldapAttributeMember" id="ldapAttributeMember" value="<?php echo $ldapAttributeMember ?>" />
<br/>
</td>
</tr>
<tr valign="top">
+ <th scope="row"><label for="ldapAttributeGroupObjectclass">Group Objectclass:</label></th>
+ <td>
+ <input type="text" name="ldapAttributeGroupObjectclass" id="ldapAttributeGroupObjectclass" value="<?php echo $ldapAttributeGroupObjectclass ?>" />
+ <br/>
+ </td>
+ </tr>
+ <tr valign="top">
<th scope="row"><label for="ldapAttributeMacaddress">Mac Address:</label></th>
<td>
<input type="text" name="ldapAttributeMacaddress" id="ldapAttributeMacaddress" value="<?php echo $ldapAttributeMacaddress ?>" />
@@ -575,7 +605,41 @@
<p class="submit"><input type="submit" name="ldapOptionsSave" value="Save Attributes" /></p>
</form>
<?php
+}
+function ldapOptionsPanelGroup() {
+ extract(getWpmuLdapSiteOptions());
+?>
+ <form method="post" id="ldap_auth_groups">
+ <h3>LDAP Group Settings</h3>
+ <p>This page allows you to specify allow and deny groups for site wide blog access. In the boxes below, enter the
+ full dn to each group. For multiple groups, enter each group on a new line. Nested groups are supported.</p>
+ <table class="form-table">
+ <tr valign="top">
+ <th scope="row"><label for="ldap">Allow Login:</label></th>
+ <td>
+ <textarea rows="2" cols="70" name="ldapGroupAllowLogin" id="ldapGroupAllowLogin"><?php echo $ldapGroupAllowLogin ?></textarea>
+ <br/>
+ </td>
+ </tr>
+<!-- <tr valign="top">
+ <th scope="row"><label for="ldap">Allow Login w/automatic blog creation:</label></th>
+ <td>
+ <textarea rows="2" cols="70" name="ldapGroupAllowLoginCreate" id="ldapGroupAllowLoginCreate""><?php echo $ldapGroupAllowLoginCreate ?></textarea>
+ <br/>
+ </td>
+ </tr>-->
+ <tr valign="top">
+ <th scope="row"><label for="ldap">Deny Login:</label></th>
+ <td>
+ <textarea rows="2" cols="70" name="ldapGroupDenyLogin" id="ldapGroupDenyLogin"><?php echo $ldapGroupDenyLogin ?></textarea>
+ <br/>
+ </td>
+ </tr>
+ </table>
+ <p class="submit"><input type="submit" name="ldapGroupsSave" value="Save Groups" /></p>
+ </form>
+<?php
}
/**
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-01-31 18:35:06
|
Revision: 104
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=104&view=rev
Author: axelseaa
Date: 2010-01-31 18:35:00 +0000 (Sun, 31 Jan 2010)
Log Message:
-----------
missed a few attribute calls when setting up the globals
Modified Paths:
--------------
trunk/ldap/lib/ldap_ro.php
trunk/ldap/lib/wpmu_ldap.functions.php
Modified: trunk/ldap/lib/ldap_ro.php
===================================================================
--- trunk/ldap/lib/ldap_ro.php 2010-01-31 04:05:08 UTC (rev 103)
+++ trunk/ldap/lib/ldap_ro.php 2010-01-31 18:35:00 UTC (rev 104)
@@ -29,7 +29,10 @@
}
// Set up the search stuff
- $attributes_to_get = array ("fullName", "mail", "givenName", "sn", "phone");
+ $attributes_to_get = array (get_site_option('ldapAttributeMail',LDAP_DEFAULT_ATTRIBUTE_MAIL),
+ get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME),
+ get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN),
+ get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE));
if (get_site_option('ldapLinuxWindows'))
$uid = get_site_option('ldapAttributeNixSearch',LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH); //Linux
else
@@ -83,7 +86,15 @@
// First, connect to the LDAP server
$this->Dock();
- $attributes_to_get = array ("fullName", "mail", "givenName", "sn", "phone", "homeDirectory", "member", "zenwmMACAddress", "uniquemember", "dn");
+ $attributes_to_get = array (get_site_option('ldapAttributeMail',LDAP_DEFAULT_ATTRIBUTE_MAIL),
+ get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME),
+ get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN),
+ get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE),
+ get_site_option('ldapAttributeHomedir',LDAP_DEFAULT_ATTRIBUTE_HOMEDIR),
+ get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER),
+ get_site_option('ldapAttributeMacaddress',LDAP_DEFAULT_ATTRIBUTE_MACADDRESS),
+ "dn");
+
$this->SetSearchCriteria ("(cn=$in_username)", $attributes_to_get);
$this->Search();
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-31 04:05:08 UTC (rev 103)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-31 18:35:00 UTC (rev 104)
@@ -178,7 +178,10 @@
$server = new LDAP_ro($ldapString);
$server->DebugOff();
- $attributes_to_get = array ("fullName", "mail", "givenName", "sn", "phone");
+ $attributes_to_get = array (get_site_option('ldapAttributeMail',LDAP_DEFAULT_ATTRIBUTE_MAIL),
+ get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME),
+ get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN),
+ get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE));
$userDataArray = null;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-01-31 04:05:14
|
Revision: 103
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=103&view=rev
Author: axelseaa
Date: 2010-01-31 04:05:08 +0000 (Sun, 31 Jan 2010)
Log Message:
-----------
tweaked css loading to use built in wordpress fucntions
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap_admin.functions.php
trunk/ldap_auth.php
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-31 03:25:19 UTC (rev 102)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-31 04:05:08 UTC (rev 103)
@@ -5,10 +5,15 @@
*
* @return null - does not actively return a value
*/
-function ldapShowOptionsCss() {
+function ldap_addstylesheet() {
global $current_blog;
$schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://';
- echo "<link rel='stylesheet' href='".$schema.$current_blog->domain.$current_blog->path."wp-content/mu-plugins/ldap/public/ldap_auth.css' media='screen' type='text/css' />";
+ $myStyleUrl = $schema.$current_blog->domain.$current_blog->path.MUPLUGINDIR.'/ldap/public/ldap_auth.css';
+ $myStyleFile = WPMU_PLUGIN_DIR . '/ldap/public/ldap_auth.css';
+ if ( file_exists($myStyleFile) ) {
+ wp_register_style('wpmu-ldap-css', $myStyleUrl);
+ wp_enqueue_style('wpmu-ldap-css');
+ }
}
/**
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2010-01-31 03:25:19 UTC (rev 102)
+++ trunk/ldap_auth.php 2010-01-31 04:05:08 UTC (rev 103)
@@ -20,7 +20,7 @@
require_once("ldap/lib/wpmu_ldap_admin.functions.php");
require_once("ldap/lib/wpmu_ldap_adduser.functions.php");
-add_action('admin_head', 'ldapShowOptionsCss');
+add_action('admin_init', 'ldap_addstylesheet');
add_action('admin_menu', 'ldap_addmenu');
add_action('admin_menu', 'ldap_addmenuuser');
add_action('admin_menu', 'wpmuRemoveAddNewMenu');
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-01-31 03:25:25
|
Revision: 102
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=102&view=rev
Author: axelseaa
Date: 2010-01-31 03:25:19 +0000 (Sun, 31 Jan 2010)
Log Message:
-----------
replaced is_site_admin with new is_super_admin function
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_adduser.functions.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-30 23:03:31 UTC (rev 101)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-31 03:25:19 UTC (rev 102)
@@ -154,7 +154,7 @@
}
// Handle blog removal for various reasons
- if(is_site_admin($username) === false) {
+ if(is_super_admin($username) === false) {
if ($primary_blog = get_usermeta($loginObj->ID, "primary_blog")) {
$details = get_blog_details( $primary_blog );
if( is_object( $details ) && $details->archived == 1 || $details->spam == 1 || $details->deleted == 1 ) {
Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-01-30 23:03:31 UTC (rev 101)
+++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-01-31 03:25:19 UTC (rev 102)
@@ -9,7 +9,7 @@
// not blog-specific config, but side-wide
$ldapAddUser = get_site_option('ldapAddUser');
$ldapBulkAdd = get_site_option('ldapBulkAdd');
- if (is_site_admin() ||
+ if (is_super_admin() ||
($ldapAddUser == 'enabled' || empty($ldapAddUser)) ||
($ldapBulkAdd && is_admin($current_user->username))) {
add_submenu_page('wpmu-admin.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
@@ -86,7 +86,7 @@
if ($result[0]) {
wp_new_user_notification($result[1]);
ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username));
- } elseif ($ldapCreateLocalUser || is_site_admin($current_user->username)) {
+ } elseif ($ldapCreateLocalUser || is_super_admin($current_user->username)) {
?>
<div id='message' class='updated'>
<form method='post'>
@@ -113,7 +113,7 @@
} elseif ($_POST['addUserBulk']) {
// Check Access
$ldapBulkAdd = get_site_option('ldapBulkAdd');
- if (is_site_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) {
+ if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) {
$user = $_POST['user'];
$usernames = array();
if ( !empty($user['bulk_username']) ) {
@@ -148,7 +148,7 @@
} elseif ($_POST['addLocalUser']) {
check_admin_referer('add-local-user');
$ldapCreateLocalUser = get_site_option('ldapCreateLocalUser');
- if ($ldapCreateLocalUser || is_site_admin($current_user->username)) {
+ if ($ldapCreateLocalUser || is_super_admin($current_user->username)) {
$user = $_POST['user'];
if ( empty($user['username']) && empty($user['email']) ) {
wp_die( __("<p>Missing username and email.</p>") );
@@ -184,7 +184,7 @@
<?php
// Add User
$ldapAddUser = get_site_option('ldapAddUser');
- if (is_site_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser))) {
+ if (is_super_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser))) {
?>
<h2><?php _e('Add User') ?></h2>
<?php
@@ -222,7 +222,7 @@
<!-- Bulk Add User -->
<?php
$ldapBulkAdd = get_site_option('ldapBulkAdd');
- if (is_site_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) {
+ if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) {
?>
<h2><?php _e('Add Bulk Users') ?></h2>
<p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk.</p>
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-30 23:03:31 UTC (rev 101)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-31 03:25:19 UTC (rev 102)
@@ -584,7 +584,7 @@
$objCurrUser = wp_get_current_user();
$objUser = wp_cache_get($objCurrUser->id, 'users');
- if (function_exists('add_submenu_page') && is_site_admin($objUser->user_login)) {
+ if (function_exists('add_submenu_page') && is_super_admin($objUser->user_login)) {
// does not use add_options_page, because it is site-wide configuration,
// not blog-specific config, but side-wide
add_submenu_page('wpmu-admin.php', 'LDAP Authentication Options', 'LDAP Options', 9, basename(__FILE__), 'ldapOptionsPanel');
@@ -733,7 +733,7 @@
<tr>
<th><?php _e('Account Authentication Type'); ?></th>
<td class="regular-text">
- <?php if (is_site_admin($current_user->username) && $user_id > 1) { ?>
+ <?php if (is_super_admin($current_user->username) && $user_id > 1) { ?>
<select name="ldapAccountType">
<option<?php if ($ldap_login == 'true') echo ' selected="selected"'; ?> value="LDAP"><?php _e('LDAP'); ?></option>
<option<?php if ($ldap_login != 'true') echo ' selected="selected"'; ?> value="Local"><?php _e('Local'); ?></option>
@@ -762,7 +762,7 @@
function wpmuUserFormLdapOptionUpdate() {
global $user_id, $current_user;
- if ($user_id == 1 || !is_site_admin($current_user->username))
+ if ($user_id == 1 || !is_super_admin($current_user->username))
return;
if ($_POST['ldapAccountType'] == 'LDAP')
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-01-30 23:03:37
|
Revision: 101
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=101&view=rev
Author: axelseaa
Date: 2010-01-30 23:03:31 +0000 (Sat, 30 Jan 2010)
Log Message:
-----------
new release
Added Paths:
-----------
tags/wpmu-ldap_2.9.0/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2010-01-30 23:01:48
|
Revision: 100
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=100&view=rev
Author: axelseaa
Date: 2010-01-30 23:01:42 +0000 (Sat, 30 Jan 2010)
Log Message:
-----------
fix which prevented blog admins from bulk adding when enabled
Modified Paths:
--------------
trunk/ldap/doc/README
trunk/ldap/lib/wpmu_ldap_adduser.functions.php
trunk/ldap_auth.php
Modified: trunk/ldap/doc/README
===================================================================
--- trunk/ldap/doc/README 2009-11-25 15:52:12 UTC (rev 99)
+++ trunk/ldap/doc/README 2010-01-30 23:01:42 UTC (rev 100)
@@ -5,8 +5,8 @@
License:
================================================================================
-LDAP-Authentication Plugin, v.2.8.1
-for WPMU 2.8.x
+LDAP-Authentication Plugin, v.2.9
+for WPMU 2.8.x and 2.9.x
Copyright (C) 2009 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and
Sean Wedig, Aaron Axelsen
Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2009-11-25 15:52:12 UTC (rev 99)
+++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-01-30 23:01:42 UTC (rev 100)
@@ -112,9 +112,8 @@
}
} elseif ($_POST['addUserBulk']) {
// Check Access
- if (!is_site_admin($current_user->username)) {
- ldapAddUserResult(array('updated' => 'false','action' => 'auth'));
- } else {
+ $ldapBulkAdd = get_site_option('ldapBulkAdd');
+ if (is_site_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) {
$user = $_POST['user'];
$usernames = array();
if ( !empty($user['bulk_username']) ) {
@@ -143,6 +142,8 @@
ldapAddUserResult(array('updated' => 'false','action' => 'exists','username' => $username));
}
}
+ } else {
+ ldapAddUserResult(array('updated' => 'false','action' => 'auth'));
}
} elseif ($_POST['addLocalUser']) {
check_admin_referer('add-local-user');
Modified: trunk/ldap_auth.php
===================================================================
--- trunk/ldap_auth.php 2009-11-25 15:52:12 UTC (rev 99)
+++ trunk/ldap_auth.php 2010-01-30 23:01:42 UTC (rev 100)
@@ -3,7 +3,7 @@
Plugin Name: LDAP Authentication Plug-in
Plugin URI: http://wpmuldap.frozenpc.net
Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication.
-Version: 2.8.4
+Version: 2.9
Author: Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/),
Patrick Cavit (http://patcavit.com),
Hugo Salgado (http://hugo.vulcano.cl),
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2009-11-25 16:29:02
|
Revision: 99
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=99&view=rev
Author: axelseaa
Date: 2009-11-25 15:52:12 +0000 (Wed, 25 Nov 2009)
Log Message:
-----------
added ability for add user option to be disabled for non siteadmin users
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap_adduser.functions.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2009-10-05 15:52:11 UTC (rev 98)
+++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2009-11-25 15:52:12 UTC (rev 99)
@@ -7,8 +7,14 @@
if (function_exists('add_submenu_page')) {
// does not use add_options_page, because it is site-wide configuration,
// not blog-specific config, but side-wide
- add_submenu_page('wpmu-admin.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
- add_submenu_page('users.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
+ $ldapAddUser = get_site_option('ldapAddUser');
+ $ldapBulkAdd = get_site_option('ldapBulkAdd');
+ if (is_site_admin() ||
+ ($ldapAddUser == 'enabled' || empty($ldapAddUser)) ||
+ ($ldapBulkAdd && is_admin($current_user->username))) {
+ add_submenu_page('wpmu-admin.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
+ add_submenu_page('users.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions');
+ }
}
}
@@ -174,6 +180,11 @@
?>
<div class="wrap">
+ <?php
+ // Add User
+ $ldapAddUser = get_site_option('ldapAddUser');
+ if (is_site_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser))) {
+ ?>
<h2><?php _e('Add User') ?></h2>
<?php
$ldapCreateLocalUser = get_site_option('ldapCreateLocalUser');
@@ -206,7 +217,7 @@
</p>
</fieldset>
</form>
-
+ <?php } ?>
<!-- Bulk Add User -->
<?php
$ldapBulkAdd = get_site_option('ldapBulkAdd');
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2009-10-05 15:52:11 UTC (rev 98)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2009-11-25 15:52:12 UTC (rev 99)
@@ -144,6 +144,7 @@
$ret['ldapfixmetafor15'] = get_site_option('ldapfixmetafor15');
$ret['ldapfixdisplayname'] = get_site_option('ldapfixdisplayname');
$ret['ldapBulkAdd'] = get_site_option('ldapBulkAdd');
+ $ret['ldapAddUser'] = get_site_option('ldapAddUser');
$ret['ldapPublicDisplayName'] = get_site_option('ldapPublicDisplayName');
$ret['ldapAttributeMail'] = get_site_option('ldapAttributeMail',LDAP_DEFAULT_ATTRIBUTE_MAIL);
$ret['ldapAttributeGivenname'] = get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME);
@@ -180,6 +181,9 @@
if($ldapBulkAdd) $tBulkAdd = "checked='checked'";
else $fBulkAdd = "checked='checked'";
+ if($ldapAddUser == 'enabled' || empty($ldapAddUser)) $tAddUser = "checked='checked'";
+ else $fAddUser = "checked='checked'";
+
if($ldapDisableSignup) $tDisableSignup = "checked='checked'";
else $fDisableSignup = "checked='checked'";
@@ -248,6 +252,15 @@
</td>
</tr>
<tr valign="top">
+ <th scope="row">Allow blog admins to add users?</th>
+ <td>
+ <input type='radio' name='ldapAddUser' id='adduseryes' value='enabled' <?php echo $tAddUser; ?>/> <label for="adduseryes">Yes</label>
+ <input type='radio' name='ldapAddUser' id='adduserno' value='disabled' <?php echo $fAddUser; ?>/> <label for="adduserno">No</label>
+ <br/>
+ This option specifies whether or not the individual blog admins are able to add users.
+ </td>
+ </tr>
+ <tr valign="top">
<th scope="row">Allow blog admins to bulk add?</th>
<td>
<input type='radio' name='ldapBulkAdd' id='bulkaddyes' value='1' <?php echo $tBulkAdd; ?>/> <label for="bulkaddyes">Yes</label>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2009-10-05 15:52:19
|
Revision: 98
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=98&view=rev
Author: axelseaa
Date: 2009-10-05 15:52:11 +0000 (Mon, 05 Oct 2009)
Log Message:
-----------
moved test connection function - will fix errors if running test connection on initial setup
Modified Paths:
--------------
trunk/ldap/lib/wpmu_ldap.functions.php
trunk/ldap/lib/wpmu_ldap_admin.functions.php
Modified: trunk/ldap/lib/wpmu_ldap.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap.functions.php 2009-09-03 03:52:27 UTC (rev 97)
+++ trunk/ldap/lib/wpmu_ldap.functions.php 2009-10-05 15:52:11 UTC (rev 98)
@@ -266,14 +266,6 @@
}
}
-function wpmuLdapTestConnection() {
- $server = new LDAP_ro(wpmuSetupLdapOptions());
- $server->DebugOff();
- $result = $server->testConnect();
- $server->Disconnect();
- return $result;
-}
-
/**
* Checks to make sure the user is added to the dashboard blog (if set) or else blog #1
*/
Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php
===================================================================
--- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2009-09-03 03:52:27 UTC (rev 97)
+++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2009-10-05 15:52:11 UTC (rev 98)
@@ -767,3 +767,14 @@
unset($submenu['users.php'][10]);
}
+/**
+* Connection Test Function
+*/
+function wpmuLdapTestConnection() {
+ $server = new LDAP_ro(wpmuSetupLdapOptions());
+ $server->DebugOff();
+ $result = $server->testConnect();
+ $server->Disconnect();
+ return $result;
+}
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <axe...@us...> - 2009-09-03 03:52:36
|
Revision: 97
http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=97&view=rev
Author: axelseaa
Date: 2009-09-03 03:52:27 +0000 (Thu, 03 Sep 2009)
Log Message:
-----------
new release
Added Paths:
-----------
tags/wpmu-ldap_2.8.4/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
