You can subscribe to this list here.
2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
(7) |
Jul
(5) |
Aug
(1) |
Sep
|
Oct
(1) |
Nov
|
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2009 |
Jan
|
Feb
(5) |
Mar
(9) |
Apr
(5) |
May
(3) |
Jun
(2) |
Jul
(9) |
Aug
(4) |
Sep
(1) |
Oct
(1) |
Nov
(1) |
Dec
|
2010 |
Jan
(5) |
Feb
(1) |
Mar
|
Apr
(1) |
May
(3) |
Jun
(5) |
Jul
(1) |
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
2011 |
Jan
|
Feb
(3) |
Mar
(2) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: <axe...@us...> - 2011-03-24 02:27:44
|
Revision: 122 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=122&view=rev Author: axelseaa Date: 2011-03-24 02:27:38 +0000 (Thu, 24 Mar 2011) Log Message: ----------- revision update Modified Paths: -------------- trunk/ldap/doc/README Modified: trunk/ldap/doc/README =================================================================== --- trunk/ldap/doc/README 2011-03-23 11:48:50 UTC (rev 121) +++ trunk/ldap/doc/README 2011-03-24 02:27:38 UTC (rev 122) @@ -5,7 +5,7 @@ License: ================================================================================ -LDAP-Authentication Plugin, v.3.1 +LDAP-Authentication Plugin, v.3.1.1 for WPMU 3.1.x Copyright (C) 2010 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2011-03-23 11:48:56
|
Revision: 121 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=121&view=rev Author: axelseaa Date: 2011-03-23 11:48:50 +0000 (Wed, 23 Mar 2011) Log Message: ----------- fixed is_super_admin calls 3234877 - fixed ldap/local role setting not appearing on user profile page Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_adduser.functions.php trunk/ldap/lib/wpmu_ldap_admin.functions.php trunk/ldap_auth.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2011-02-25 05:41:17 UTC (rev 120) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2011-03-23 11:48:50 UTC (rev 121) @@ -193,7 +193,7 @@ } // Handle blog removal for various reasons - if(is_super_admin($username) === false) { + if(is_super_admin($loginObj->ID) === false) { if ($primary_blog = get_usermeta($loginObj->ID, "primary_blog")) { $details = get_blog_details( $primary_blog ); if( is_object( $details ) && $details->archived == 1 || $details->spam == 1 || $details->deleted == 1 ) { Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2011-02-25 05:41:17 UTC (rev 120) +++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2011-03-23 11:48:50 UTC (rev 121) @@ -107,7 +107,7 @@ if ($result[0]) { wp_new_user_notification($result[1]); ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username)); - } elseif ($ldapCreateLocalUser || is_super_admin($current_user->username)) { + } elseif ($ldapCreateLocalUser || is_super_admin()) { ?> <div id='message' class='updated'> <form method='post'> @@ -135,7 +135,7 @@ } elseif ($_POST['addUserBulk']) { // Check Access $ldapBulkAdd = get_site_option('ldapBulkAdd'); - if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) { + if (is_super_admin() || ($ldapBulkAdd && is_admin())) { $user = $_POST['user']; $usernames = array(); if ( !empty($user['bulk_username']) ) { @@ -177,7 +177,7 @@ } elseif ($_POST['addLocalUser']) { check_admin_referer('add-local-user'); $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); - if ($ldapCreateLocalUser || is_super_admin($current_user->username)) { + if ($ldapCreateLocalUser || is_super_admin()) { $user = $_POST['user']; if ( empty($user['username']) && empty($user['email']) ) { wp_die( __("<p>Missing username and email.</p>") ); @@ -251,7 +251,7 @@ <!-- Bulk Add User --> <?php $ldapBulkAdd = get_site_option('ldapBulkAdd'); - if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) { + if (is_super_admin() || ($ldapBulkAdd && is_admin())) { ?> <h2><?php _e('Add Bulk Users') ?></h2> <p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk. The auto create blog for new users function will be disabled for bulk adds.</p> Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2011-02-25 05:41:17 UTC (rev 120) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2011-03-23 11:48:50 UTC (rev 121) @@ -676,10 +676,7 @@ * @return null - does not actively return a value */ function ldap_addmenu() { - $objCurrUser = wp_get_current_user(); - $objUser = wp_cache_get($objCurrUser->id, 'users'); - - if (function_exists('add_submenu_page') && is_super_admin($objUser->user_login)) { + if (function_exists('add_submenu_page') && is_super_admin()) { // does not use add_options_page, because it is site-wide configuration, // not blog-specific config, but side-wide add_submenu_page('settings.php', 'LDAP Options', 'LDAP Options', '', basename(__FILE__), 'ldapOptionsPanel'); @@ -828,7 +825,7 @@ <tr> <th><?php _e('Account Authentication Type'); ?></th> <td class="regular-text"> - <?php if (is_super_admin($current_user->username) && $user_id > 1) { ?> + <?php if (is_super_admin() && $user_id > 1) { ?> <select name="ldapAccountType"> <option<?php if ($ldap_login == 'true') echo ' selected="selected"'; ?> value="LDAP"><?php _e('LDAP'); ?></option> <option<?php if ($ldap_login != 'true') echo ' selected="selected"'; ?> value="Local"><?php _e('Local'); ?></option> @@ -857,7 +854,7 @@ function wpmuUserFormLdapOptionUpdate() { global $user_id, $current_user; - if ($user_id == 1 || !is_super_admin($current_user->username)) + if ($user_id == 1 || !is_super_admin()) return; if ($_POST['ldapAccountType'] == 'LDAP') Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2011-02-25 05:41:17 UTC (rev 120) +++ trunk/ldap_auth.php 2011-03-23 11:48:50 UTC (rev 121) @@ -3,7 +3,7 @@ Plugin Name: LDAP Authentication Plug-in Plugin URI: http://wpmuldap.tuxdocs.net Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication. -Version: 3.1 +Version: 3.1.1 Author: Aaron Axelsen (http://www.frozenpc.net) Sean Wedig (http://www.thecodelife.net) Dexter Arver @@ -37,6 +37,8 @@ // Add radio buttons for switching individual users between LDAP accounts and non-LDAP accounts add_action('edit_user_profile', 'wpmuUserFormLdapOption'); add_action('edit_user_profile_update', 'wpmuUserFormLdapOptionUpdate'); + add_action('show_user_profile', 'wpmuUserFormLdapOption'); + add_action('personal_options_update', 'wpmuUserFormLdapOptionUpdate'); // *** End Admin Config Functions *** // This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2011-02-25 05:41:24
|
Revision: 120 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=120&view=rev Author: axelseaa Date: 2011-02-25 05:41:17 +0000 (Fri, 25 Feb 2011) Log Message: ----------- tagging 3.1 release Added Paths: ----------- tags/wpmu-ldap_3.1/ This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2011-02-25 05:32:23
|
Revision: 119 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=119&view=rev Author: axelseaa Date: 2011-02-25 05:32:17 +0000 (Fri, 25 Feb 2011) Log Message: ----------- rev bump, doc update Modified Paths: -------------- trunk/ldap/doc/README trunk/ldap_auth.php Modified: trunk/ldap/doc/README =================================================================== --- trunk/ldap/doc/README 2011-02-25 05:31:19 UTC (rev 118) +++ trunk/ldap/doc/README 2011-02-25 05:32:17 UTC (rev 119) @@ -5,8 +5,8 @@ License: ================================================================================ -LDAP-Authentication Plugin, v.3.0 -for WPMU 3.0.x +LDAP-Authentication Plugin, v.3.1 +for WPMU 3.1.x Copyright (C) 2010 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and Sean Wedig, Aaron Axelsen Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2011-02-25 05:31:19 UTC (rev 118) +++ trunk/ldap_auth.php 2011-02-25 05:32:17 UTC (rev 119) @@ -3,7 +3,7 @@ Plugin Name: LDAP Authentication Plug-in Plugin URI: http://wpmuldap.tuxdocs.net Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication. -Version: 3.0 +Version: 3.1 Author: Aaron Axelsen (http://www.frozenpc.net) Sean Wedig (http://www.thecodelife.net) Dexter Arver This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2011-02-25 05:31:25
|
Revision: 118 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=118&view=rev Author: axelseaa Date: 2011-02-25 05:31:19 +0000 (Fri, 25 Feb 2011) Log Message: ----------- changes for 3.1 Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_admin.functions.php trunk/ldap_auth.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-10-30 13:27:13 UTC (rev 117) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2011-02-25 05:31:19 UTC (rev 118) @@ -83,6 +83,9 @@ do_action('wpmu_activate_blog', $blog_id, $user_id, $newUserPassword, $newUserName . "'s blog", $meta); } + + // Add user as subscriber to blog #1 + wpmuUpdateBlogAccess($user_id); return new WP_User($user_id); } Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-10-30 13:27:13 UTC (rev 117) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2011-02-25 05:31:19 UTC (rev 118) @@ -682,7 +682,7 @@ if (function_exists('add_submenu_page') && is_super_admin($objUser->user_login)) { // does not use add_options_page, because it is site-wide configuration, // not blog-specific config, but side-wide - add_submenu_page('wpmu-admin.php', 'LDAP Authentication Options', 'LDAP Options', 9, basename(__FILE__), 'ldapOptionsPanel'); + add_submenu_page('settings.php', 'LDAP Options', 'LDAP Options', '', basename(__FILE__), 'ldapOptionsPanel'); } } Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2010-10-30 13:27:13 UTC (rev 117) +++ trunk/ldap_auth.php 2011-02-25 05:31:19 UTC (rev 118) @@ -4,13 +4,13 @@ Plugin URI: http://wpmuldap.tuxdocs.net Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication. Version: 3.0 -Author: Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/), - Patrick Cavit (http://patcavit.com), - Hugo Salgado (http://hugo.vulcano.cl), - Alex Barker (http://www.callutheran.edu), - Dexter Arver, - Sean Wedig (http://www.thecodelife.net), - Aaron Axelsen (http://www.frozenpc.net) +Author: Aaron Axelsen (http://www.frozenpc.net) + Sean Wedig (http://www.thecodelife.net) + Dexter Arver + Alex Barker (http://www.callutheran.edu) + Hugo Salgado (http://hugo.vulcano.cl) + Patrick Cavit (http://patcavit.com) + Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/) */ // Includes @@ -21,9 +21,11 @@ require_once("ldap/lib/wpmu_ldap_adduser.functions.php"); add_action('admin_init', 'ldap_addstylesheet'); -add_action('admin_menu', 'ldap_addmenu'); +add_action('network_admin_menu', 'ldap_addmenu'); add_action('admin_menu', 'ldap_addmenuuser'); +add_action('network_admin_menu', 'ldap_addmenuuser'); add_action('admin_menu', 'wpmuRemoveAddNewMenu'); +add_action('network_admin_menu', 'wpmuRemoveAddNewMenu'); define('LDAP_DEBUG_MODE',false); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-10-30 13:27:19
|
Revision: 117 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=117&view=rev Author: axelseaa Date: 2010-10-30 13:27:13 +0000 (Sat, 30 Oct 2010) Log Message: ----------- Fix for 3089734 Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap_adduser.functions.php Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-07-27 11:29:56 UTC (rev 116) +++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-10-30 13:27:13 UTC (rev 117) @@ -12,8 +12,8 @@ if (is_super_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser)) || ($ldapBulkAdd && is_admin($current_user->username))) { - add_submenu_page('wpmu-admin.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); - add_submenu_page('users.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); + add_submenu_page('wpmu-admin.php', 'LDAP Add User', __('Add User'), 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); + add_submenu_page('users.php', 'LDAP Add User', __('Add User'), 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); } } } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-07-27 11:30:02
|
Revision: 116 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=116&view=rev Author: axelseaa Date: 2010-07-27 11:29:56 +0000 (Tue, 27 Jul 2010) Log Message: ----------- patched SSO and fixed registration include issue Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap_auth.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-21 02:36:08 UTC (rev 115) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-07-27 11:29:56 UTC (rev 116) @@ -91,7 +91,7 @@ function wpmuLdapAuthenticate($ldapString, $loginUserName, $loginPassword) { $errors = new WP_Error; // Check that user is not flagged as a ldap account - require ( ABSPATH . WPINC . '/registration.php' ); + require_once ( ABSPATH . WPINC . '/registration.php' ); if ( username_exists($loginUserName) ) { $loginObj = get_userdatabylogin($loginUserName); $ldapMeta = get_usermeta($loginObj->ID,'ldap_login'); @@ -408,3 +408,10 @@ return $username; } + +/* +when in SSO mode we don.t need to forse a relog in so theis stops that +*/ +function wpmuLdapSSODisableReauth($login_url){ + return str_replace('&reauth=1','',$login_url); +} Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2010-06-21 02:36:08 UTC (rev 115) +++ trunk/ldap_auth.php 2010-07-27 11:29:56 UTC (rev 116) @@ -51,7 +51,10 @@ // Authentication filters add_action('authenticate', 'wpmuLdapUsernamePasswordAuthenticate', 25, 3); add_filter('wp_authenticate_user', 'wpmuLdapCheckLdapMeta'); //disabled local login if ldap meta flag is set - if (get_site_option('ldapSSOEnabled')) add_action('authenticate', 'wpmuLdapSSOAuthenticate', 40, 3); + if (get_site_option('ldapSSOEnabled')) { + add_action('authenticate', 'wpmuLdapSSOAuthenticate', 40, 3); + add_filter('login_url', 'wpmuLdapSSODisableReauth'); //removes reauth from login URL + } // disable only for ldap accounts add_filter('show_password_fields', 'wpmuLdapDisableLdapPassword'); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-06-21 02:36:14
|
Revision: 115 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=115&view=rev Author: axelseaa Date: 2010-06-21 02:36:08 +0000 (Mon, 21 Jun 2010) Log Message: ----------- added better error checking on add users screen Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_adduser.functions.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-20 05:26:28 UTC (rev 114) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-21 02:36:08 UTC (rev 115) @@ -25,7 +25,7 @@ // Check to see if email already exists if ( email_exists($ldapUserData[LDAP_INDEX_EMAIL]) ) - return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> is already associated with another account. All accounts (including the admin account) must have an unique email address.'),$ldapUserData[LDAP_INDEX_EMAIL])); + return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> (%s) is already associated with another account. All accounts (including the admin account) must have an unique email address.'),$ldapUserData[LDAP_INDEX_EMAIL],$newUserName)); // we don't actually care about the WP password (since it's LDAP), but we // need one for WP database @@ -249,9 +249,13 @@ return array( true, $user_id ); } } - if (wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $username, + $user = wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $username, 'ldapUserData' => $userDataArray, - 'createBlog' => $createBlog))) { + 'createBlog' => $createBlog)); + if ( is_wp_error($user) ) { + return $user; + } + if ( is_a($user, 'WP_User') ) { if ( $user_id = username_exists($username) ) { add_user_to_blog($blog_id, $user_id, $new_role); @@ -265,7 +269,7 @@ } return array ( true ); } - return false; + return array( false ); } /** Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-06-20 05:26:28 UTC (rev 114) +++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-06-21 02:36:08 UTC (rev 115) @@ -47,19 +47,34 @@ ?> <div id="message" class="error fade"><p> <?php - switch ($action) { - case 'exists': - printf(__('User %s exists!'),$user); - break; - case 'notfound': - printf(__('User %s not found in LDAP Directory!'),$user); - break; - case 'add': - printf(__('Error adding user %s!'),$user); - break; - default: - _e('Error!'); - break; + if (is_wp_error($error)) { + $wp_error = $error; + if ( $wp_error->get_error_code() ) { + $errors = ''; + $messages = ''; + foreach ( $wp_error->get_error_codes() as $code ) { + $severity = $wp_error->get_error_data($code); + foreach ( $wp_error->get_error_messages($code) as $error ) { + $errors .= ' ' . $error . "<br />\n"; + } + } + if ( !empty($errors) ) echo $errors; + } + } else { + switch ($action) { + case 'exists': + printf(__('User %s exists!'),$user); + break; + case 'notfound': + printf(__('User %s not found in LDAP Directory!'),$user); + break; + case 'add': + printf(__('Error adding user %s!'),$user); + break; + default: + _e('Error!'); + break; + } } ?> </p></div> @@ -84,25 +99,30 @@ $result = wpmuLdapSearchUser(array( 'username' => $username, 'blog_id' => $blog_id, 'new_role' => $user['new_role'])); - $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); - if ($result[0]) { - wp_new_user_notification($result[1]); - ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username)); - } elseif ($ldapCreateLocalUser || is_super_admin($current_user->username)) { - ?> - <div id='message' class='updated'> - <form method='post'> - <p><b><?php echo $username ?></b> not found in LDAP directory. To create a local user, enter the users email: - <input type='text' name='user[email]' size='15' /> - <input type='hidden' name='user[username]' value='<?php echo $username ?>' /> - <input type='hidden' name='user[role]' value='<?php echo $user['new_role'] ?>' /> - <?php wp_nonce_field('add-local-user') ?> - <input type='submit' class='button' name='addLocalUser' value='Create Local User' /> - </form></p> - </div> - <?php + + if (is_wp_error($result)) { + ldapAddUserResult(array('updated' => 'false','error' => $result,'username' => $username)); } else { - ldapAddUserResult(array('updated' => 'false','action' => 'notfound','username' => $username)); + $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); + if ($result[0]) { + wp_new_user_notification($result[1]); + ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username)); + } elseif ($ldapCreateLocalUser || is_super_admin($current_user->username)) { + ?> + <div id='message' class='updated'> + <form method='post'> + <p><b><?php echo $username ?></b> not found in LDAP directory. To create a local user, enter the users email: + <input type='text' name='user[email]' size='15' /> + <input type='hidden' name='user[username]' value='<?php echo $username ?>' /> + <input type='hidden' name='user[role]' value='<?php echo $user['new_role'] ?>' /> + <?php wp_nonce_field('add-local-user') ?> + <input type='submit' class='button' name='addLocalUser' value='Create Local User' /> + </form></p> + </div> + <?php + } else { + ldapAddUserResult(array('updated' => 'false','action' => 'notfound','username' => $username)); + } } } else { // Add User to Blog @@ -132,11 +152,15 @@ 'blog_id' => $blog_id, 'new_role' => $user['bulk_new_role'], 'createBlog' => false)); - if ($result[0]) { - wp_new_user_notification($result[1]); - ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username)); + if (is_wp_error($result)) { + ldapAddUserResult(array('updated' => 'false','error' => $result,'username' => $username)); } else { - ldapAddUserResult(array('updated' => 'false','action' => 'notfound','username' => $username)); + if ($result[0]) { + wp_new_user_notification($result[1]); + ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username)); + } else { + ldapAddUserResult(array('updated' => 'false','action' => 'notfound','username' => $username)); + } } } else { // Add User to Blog This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-06-20 05:26:34
|
Revision: 114 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=114&view=rev Author: axelseaa Date: 2010-06-20 05:26:28 +0000 (Sun, 20 Jun 2010) Log Message: ----------- fix for bug #3017995 - new catches to properly allow for account switching between ldap and local authentication sources Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap_auth.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-18 12:05:40 UTC (rev 113) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-20 05:26:28 UTC (rev 114) @@ -90,6 +90,17 @@ function wpmuLdapAuthenticate($ldapString, $loginUserName, $loginPassword) { $errors = new WP_Error; + // Check that user is not flagged as a ldap account + require ( ABSPATH . WPINC . '/registration.php' ); + if ( username_exists($loginUserName) ) { + $loginObj = get_userdatabylogin($loginUserName); + $ldapMeta = get_usermeta($loginObj->ID,'ldap_login'); + if ($ldapMeta != 'true') { + $errors->add('invalid_userpass', __('<strong>ERROR</strong>: Wrong username / password combination. LDAP Access Denied.')); + return array('result' => false,'errors' => $errors); + } + } + $server = new LDAP_ro($ldapString); if (LDAP_DEBUG_MODE) { echo "DEBUG: Attempting to authenticate user: $loginUserName<br/>"; @@ -163,8 +174,7 @@ } // otherwise, the account *does* exist already, so just get the account info - else - $loginObj = get_userdatabylogin($loginUserName); + else $loginObj = get_userdatabylogin($loginUserName); // At this point we must have a login object, but just in case something went wrong if (!$loginObj) { @@ -306,7 +316,7 @@ function wpmuLdapUsernamePasswordAuthenticate($user, $username, $password) { if ( is_a($user, 'WP_User') ) return $user; - + // check that username and password are not empty if ( (empty($username) || empty($password)) ) { return $user; // probably an WP_Error object, set in "wp_authenticate_username_password()" @@ -314,7 +324,7 @@ // setup ldap string $ldapString = wpmuSetupLdapOptions(); - + // Authenticate via LDAP, potentially creating a WP user $ldapauthresult = wpmuLdapAuthenticate($ldapString, $username, $password); @@ -324,6 +334,13 @@ return $ldapauthresult['errors']; } } + +function wpmuLdapCheckLdapMeta($userdata) { + $ldapMeta = get_usermeta($userdata->ID,'ldap_login'); + if (isset($ldapMeta) && $ldapMeta == 'true') + return new WP_Error('invalid_userpass', __('<strong>ERROR</strong>: Wrong username / password combination. Local Access Denied.')); + return $userdata; +} function wpmuLdapSSOAuthenticate($user, $username, $password) { if ( is_a($user, 'WP_User') ) return $user; Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2010-06-18 12:05:40 UTC (rev 113) +++ trunk/ldap_auth.php 2010-06-20 05:26:28 UTC (rev 114) @@ -50,6 +50,7 @@ // Authentication filters add_action('authenticate', 'wpmuLdapUsernamePasswordAuthenticate', 25, 3); + add_filter('wp_authenticate_user', 'wpmuLdapCheckLdapMeta'); //disabled local login if ldap meta flag is set if (get_site_option('ldapSSOEnabled')) add_action('authenticate', 'wpmuLdapSSOAuthenticate', 40, 3); // disable only for ldap accounts This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-06-18 12:05:47
|
Revision: 113 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=113&view=rev Author: axelseaa Date: 2010-06-18 12:05:40 +0000 (Fri, 18 Jun 2010) Log Message: ----------- fixed issue where user data may not have populated correctly on login - also added the start of some debugging options Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_admin.functions.php trunk/ldap_auth.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-16 11:18:43 UTC (rev 112) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-06-18 12:05:40 UTC (rev 113) @@ -19,6 +19,10 @@ if (!isset($ldapUserData)) $ldapUserData = false; if (!isset($createBlog)) $createBlog = true; + // Check to see if email is empty + if ( empty($ldapUserData[LDAP_INDEX_EMAIL]) ) + return new WP_Error('ldapcreate_emailempty', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> does not have an email address associated with the ldap record. All wordpress accounts must have a unique email address.'),$newUserName)); + // Check to see if email already exists if ( email_exists($ldapUserData[LDAP_INDEX_EMAIL]) ) return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> is already associated with another account. All accounts (including the admin account) must have an unique email address.'),$ldapUserData[LDAP_INDEX_EMAIL])); @@ -87,7 +91,10 @@ function wpmuLdapAuthenticate($ldapString, $loginUserName, $loginPassword) { $errors = new WP_Error; $server = new LDAP_ro($ldapString); - $server->DebugOff(); + if (LDAP_DEBUG_MODE) { + echo "DEBUG: Attempting to authenticate user: $loginUserName<br/>"; + $server->DebugOn(); + } else $server->DebugOff(); // undefined now - going to populate it in $server->Authenticate $userDataArray = null; $result = $server->Authenticate ($loginUserName, $loginPassword, $userDataArray); @@ -96,20 +103,24 @@ } // handle both at once, for security else if ( ($result == LDAP_ERROR_USER_NOT_FOUND || $result == LDAP_ERROR_WRONG_PASSWORD) ) { + if (LDAP_DEBUG_MODE) echo "DEBUG: Attempting to authenticate user: Wrong user/pass<br/>"; $errors->add('invalid_userpass',__('<strong>ERROR</strong>: Wrong username / password combination.')); return array('result' => false,'errors' => $errors); } // check security group else if ( $result == LDAP_ERROR_ACCESS_GROUP ){ + if (LDAP_DEBUG_MODE) echo "DEBUG: Attempting to authenticate user: not found in security group<br/>"; $errors->add('wrong_group',__('<strong>ERROR</strong>: Access denied - user not found in security access group(s).')); return array('result' => false,'errors' => $errors); } elseif ($result == LDAP_ERROR_DENIED_GROUP) { + if (LDAP_DEBUG_MODE) echo "DEBUG: Attempting to authenticate user: denied via securtiy groups<br/>"; $errors->add('deny_group',__('<strong>ERROR</strong>: Access denied - user found in security deny group(s).')); return array('result' => false,'errors' => $errors); } // the trickle-through catch-all else { + if (LDAP_DEBUG_MODE) echo "DEBUG: Attempting to authenticate user: unknown error (not user/password or security group based - something else is wrong<br/>"; $errors->add('unknown_error',__('<strong>ERROR</strong>: Unknown error in LDAP Authentication.')); return array('result' => false,'errors' => $errors); } @@ -142,7 +153,7 @@ } return wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $loginUserName, 'newUserPassword' => $loginPassword, - 'userDataArray' => $userDataArray)); + 'ldapUserData' => $userDataArray)); } // but if not configured to create 'em, exit with an error Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-06-16 11:18:43 UTC (rev 112) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-06-18 12:05:40 UTC (rev 113) @@ -578,7 +578,7 @@ </tr> </table> - <br/><b>Windows Attributes</b> + <br/><b>Windows Specific Attributes</b> <table class="form-table"> <tr valign="top"> <th scope="row"><label for="ldapAttributeWinSearch">Search Attribute:</label></th> @@ -603,7 +603,7 @@ </tr> </table> - <br/><b>Linux Attributes</b> + <br/><b>Linux Specific Attributes</b> <table class="form-table"> <tr valign="top"> <th scope="row"><label for="ldapAttributeNixSearch">Search Attribute:</label></th> Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2010-06-16 11:18:43 UTC (rev 112) +++ trunk/ldap_auth.php 2010-06-18 12:05:40 UTC (rev 113) @@ -25,6 +25,8 @@ add_action('admin_menu', 'ldap_addmenuuser'); add_action('admin_menu', 'wpmuRemoveAddNewMenu'); +define('LDAP_DEBUG_MODE',false); + // perform these filters, actions, and WP function overrides only if LDAP- // authentication is enabled; this is to cut down on parsing of this code when // it doesn't apply This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-06-16 11:18:50
|
Revision: 112 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=112&view=rev Author: axelseaa Date: 2010-06-16 11:18:43 +0000 (Wed, 16 Jun 2010) Log Message: ----------- minor tweaks Modified Paths: -------------- trunk/ldap/doc/README trunk/ldap/lib/ldap_core.php trunk/ldap_auth.php Modified: trunk/ldap/doc/README =================================================================== --- trunk/ldap/doc/README 2010-06-02 18:27:18 UTC (rev 111) +++ trunk/ldap/doc/README 2010-06-16 11:18:43 UTC (rev 112) @@ -5,10 +5,10 @@ License: ================================================================================ -LDAP-Authentication Plugin, v.2.9 -for WPMU 2.8.x and 2.9.x +LDAP-Authentication Plugin, v.3.0 +for WPMU 3.0.x -Copyright (C) 2009 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and +Copyright (C) 2010 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and Sean Wedig, Aaron Axelsen This library is free software; you can redistribute it and/or modify it under Modified: trunk/ldap/lib/ldap_core.php =================================================================== --- trunk/ldap/lib/ldap_core.php 2010-06-02 18:27:18 UTC (rev 111) +++ trunk/ldap/lib/ldap_core.php 2010-06-16 11:18:43 UTC (rev 112) @@ -215,9 +215,9 @@ $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS).")"; } $this->SetSearchCriteria("(&$search_filter)", $attributes_to_get); - $this->Search(); $results = ldap_get_entries($this->connection_handle, $this->search_result); + // Check Groups $userGroups = array(); for ($i = 0; $i < $results['count']; $i++) { Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2010-06-02 18:27:18 UTC (rev 111) +++ trunk/ldap_auth.php 2010-06-16 11:18:43 UTC (rev 112) @@ -3,7 +3,7 @@ Plugin Name: LDAP Authentication Plug-in Plugin URI: http://wpmuldap.tuxdocs.net Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication. -Version: 2.9 +Version: 3.0 Author: Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/), Patrick Cavit (http://patcavit.com), Hugo Salgado (http://hugo.vulcano.cl), This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-06-02 19:08:32
|
Revision: 111 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=111&view=rev Author: axelseaa Date: 2010-06-02 18:27:18 +0000 (Wed, 02 Jun 2010) Log Message: ----------- updated project website address Modified Paths: -------------- trunk/ldap/doc/README trunk/ldap_auth.php Modified: trunk/ldap/doc/README =================================================================== --- trunk/ldap/doc/README 2010-05-10 16:33:51 UTC (rev 110) +++ trunk/ldap/doc/README 2010-06-02 18:27:18 UTC (rev 111) @@ -1,5 +1,5 @@ ================================================================================ -Project Website: http://wpmuldap.frozenpc.net +Project Website: http://wpmuldap.tuxdocs.net ================================================================================ ================================================================================ License: @@ -136,5 +136,5 @@ Aaron Axelsen - http://www.frozenpc.net ================================================================================ -Project Website: http://wpmuldap.frozenpc.net +Project Website: http://wpmuldap.tuxdocs.net ================================================================================ Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2010-05-10 16:33:51 UTC (rev 110) +++ trunk/ldap_auth.php 2010-06-02 18:27:18 UTC (rev 111) @@ -1,7 +1,7 @@ <?php /* Plugin Name: LDAP Authentication Plug-in -Plugin URI: http://wpmuldap.frozenpc.net +Plugin URI: http://wpmuldap.tuxdocs.net Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication. Version: 2.9 Author: Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/), This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-05-10 16:33:57
|
Revision: 110 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=110&view=rev Author: axelseaa Date: 2010-05-10 16:33:51 +0000 (Mon, 10 May 2010) Log Message: ----------- changed bulk add logic to not attempt to auto create blogs if configured - wordpress does not support multiple blogs being created in a single function Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_adduser.functions.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-05-10 04:22:06 UTC (rev 109) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-05-10 16:33:51 UTC (rev 110) @@ -9,9 +9,16 @@ * * @author - dwang99 */ -function wpmuLdapCreateWPUserFromLdap($newUserName, $newUserPassword, $ldapUserData) { +function wpmuLdapCreateWPUserFromLdap($opts) { global $base, $error, $wpdb, $current_site; + // Extract Inputs + extract($opts); + if (!isset($newUserName)) $newUserName = ''; + if (!isset($newUserPassword)) $newUserPassword = ''; + if (!isset($ldapUserData)) $ldapUserData = false; + if (!isset($createBlog)) $createBlog = true; + // Check to see if email already exists if ( email_exists($ldapUserData[LDAP_INDEX_EMAIL]) ) return new WP_Error('ldapcreate_emailconflict', sprintf(__('<strong>ERROR</strong>: <strong>%s</strong> is already associated with another account. All accounts (including the admin account) must have an unique email address.'),$ldapUserData[LDAP_INDEX_EMAIL])); @@ -61,7 +68,7 @@ // is it configured to create WP blogs from LDAP accounts? $ldapCreateBlog = get_site_option("ldapCreateBlog"); - if ($ldapCreateBlog) { + if ($createBlog && $ldapCreateBlog) { // Create and update the user's blog. $meta = apply_filters('signup_create_blog_meta', array ('lang_id' => 'en', 'public' => 0)); $blog_id = wpmu_create_blog($newdomain, $path, $newUserName . "'s blog", $user_id, $meta); @@ -133,8 +140,9 @@ if (!strpos($_REQUEST['redirect_to'], $loginUserName)) { $_REQUEST['redirect_to'] = $loginUserName . "/" . $_REQUEST['redirect_to']; } - - return wpmuLdapCreateWPUserFromLdap($loginUserName, $loginPassword, $userDataArray); + return wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $loginUserName, + 'newUserPassword' => $loginPassword, + 'userDataArray' => $userDataArray)); } // but if not configured to create 'em, exit with an error @@ -193,13 +201,6 @@ if ($server->DoSearchUsername($in_username, $attributes_to_get, $userDataArray) == LDAP_OK) { return true; -# if (!empty($userDataArray)) { -# if ($server->checkGroup($userDataArray[LDAP_INDEX_DN]) == 0) { -# return true; -# } else { -# return false; -# } -# } } return false; } @@ -207,7 +208,16 @@ /** * Searches for a username. If found, adds the user and returns user data. */ -function wpmuLdapSearchUser($username,$blog_id = 1,$new_role = 'subscriber',$createUser = true) { +function wpmuLdapSearchUser($opts) { + + // Extract Inputs + extract($opts); + if (!isset($username)) $username = ''; + if (!isset($blog_id)) $blog_id = 1; + if (!isset($new_role)) $new_role = 'subscriber'; + if (!isset($createUser)) $createUser = true; + if (!isset($createBlog)) $createBlog = true; + // Bind to directory, search for username $ldapString = wpmuSetupLdapOptions(); $userDataArray = null; @@ -218,7 +228,9 @@ return array( true, $user_id ); } } - if (wpmuLdapCreateWPUserFromLdap($username,'',$userDataArray)) { + if (wpmuLdapCreateWPUserFromLdap(array( 'newUserName' => $username, + 'ldapUserData' => $userDataArray, + 'createBlog' => $createBlog))) { if ( $user_id = username_exists($username) ) { add_user_to_blog($blog_id, $user_id, $new_role); Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-05-10 04:22:06 UTC (rev 109) +++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-05-10 16:33:51 UTC (rev 110) @@ -81,7 +81,9 @@ // try finding a WP account for this user name $login = get_userdatabylogin($username); if (!$login) { - $result = wpmuLdapSearchUser($username,$blog_id,$user['new_role']); + $result = wpmuLdapSearchUser(array( 'username' => $username, + 'blog_id' => $blog_id, + 'new_role' => $user['new_role'])); $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); if ($result[0]) { wp_new_user_notification($result[1]); @@ -126,7 +128,10 @@ // try finding a WP account for this user name $login = get_userdatabylogin($username); if (!$login) { - $result = wpmuLdapSearchUser($username,$blog_id,$user['bulk_new_role']); + $result = wpmuLdapSearchUser(array( 'username' => $username, + 'blog_id' => $blog_id, + 'new_role' => $user['bulk_new_role'], + 'createBlog' => false)); if ($result[0]) { wp_new_user_notification($result[1]); ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username)); @@ -225,7 +230,7 @@ if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) { ?> <h2><?php _e('Add Bulk Users') ?></h2> - <p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk.</p> + <p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk. The auto create blog for new users function will be disabled for bulk adds.</p> <form method="post" id="ldap_add_user_bulk"> <?php wp_nonce_field('add-user-bulk') ?> <fieldset class="options"> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-05-10 04:22:12
|
Revision: 109 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=109&view=rev Author: axelseaa Date: 2010-05-10 04:22:06 +0000 (Mon, 10 May 2010) Log Message: ----------- added linux/windows specific attribute area Modified Paths: -------------- trunk/ldap/lib/defines.php trunk/ldap/lib/ldap_core.php trunk/ldap/lib/wpmu_ldap_admin.functions.php Modified: trunk/ldap/lib/defines.php =================================================================== --- trunk/ldap/lib/defines.php 2010-05-10 03:34:51 UTC (rev 108) +++ trunk/ldap/lib/defines.php 2010-05-10 04:22:06 UTC (rev 109) @@ -37,11 +37,13 @@ define ('LDAP_DEFAULT_ATTRIBUTE_PHONE', 'phone'); define ('LDAP_DEFAULT_ATTRIBUTE_HOMEDIR', 'homedirectory'); define ('LDAP_DEFAULT_ATTRIBUTE_MEMBER', 'member'); +define ('LDAP_DEFAULT_ATTRIBUTE_MEMBERNIX', 'uniquemember'); define ('LDAP_DEFAULT_ATTRIBUTE_MACADDRESS', 'zenwmmacaddress'); define ('LDAP_DEFAULT_ATTRIBUTE_DN', 'dn'); define ('LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH', 'uid'); define ('LDAP_DEFAULT_ATTRIBUTE_WINSEARCH', 'samaccountname'); define ('LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS','group'); +define ('LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASSNIX','groupofuniquenames'); define ('LDAP_DELIM', ","); define ('LDAP_USER_SEARCH_FULLNAME', '0'); Modified: trunk/ldap/lib/ldap_core.php =================================================================== --- trunk/ldap/lib/ldap_core.php 2010-05-10 03:34:51 UTC (rev 108) +++ trunk/ldap/lib/ldap_core.php 2010-05-10 04:22:06 UTC (rev 109) @@ -207,9 +207,14 @@ // Get Groups $attributes_to_get = array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)); - $search_filter = "(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)"; - $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))"; - $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", $attributes_to_get); + if (get_site_option('ldapLinuxWindows')) { + $search_filter = "(".get_site_option('ldapAttributeMemberNix',LDAP_DEFAULT_ATTRIBUTE_MEMBERNIX)."=$userDN)"; + $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclassNix',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASSNIX).")"; + } else { + $search_filter = "(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)"; + $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS).")"; + } + $this->SetSearchCriteria("(&$search_filter)", $attributes_to_get); $this->Search(); $results = ldap_get_entries($this->connection_handle, $this->search_result); Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-05-10 03:34:51 UTC (rev 108) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-05-10 04:22:06 UTC (rev 109) @@ -175,11 +175,13 @@ $ret['ldapAttributePhone'] = get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE); $ret['ldapAttributeHomedir'] = get_site_option('ldapAttributeHomedir',LDAP_DEFAULT_ATTRIBUTE_HOMEDIR); $ret['ldapAttributeMember'] = get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER); + $ret['ldapAttributeMemberNix'] = get_site_option('ldapAttributeMemberNix',LDAP_DEFAULT_ATTRIBUTE_MEMBERNIX); $ret['ldapAttributeMacaddress'] = get_site_option('ldapAttributeMacaddress',LDAP_DEFAULT_ATTRIBUTE_MACADDRESS); $ret['ldapAttributeDn'] = get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN); $ret['ldapAttributeNixSearch'] = get_site_option('ldapAttributeNixSearch',LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH); $ret['ldapAttributeWinSearch'] = get_site_option('ldapAttributeWinSearch',LDAP_DEFAULT_ATTRIBUTE_WINSEARCH); $ret['ldapAttributeGroupObjectclass'] = get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS); + $ret['ldapAttributeGroupObjectclassNix']= get_site_option('ldapAttributeGroupObjectclassNix',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASSNIX); $ret['ldapGroupAllowLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin','display' => 'web')); $ret['ldapGroupAllowLoginCreate'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLoginCreate','display' => 'web')); @@ -516,6 +518,7 @@ <form method="post" id="ldap_auth_options"> <h3>LDAP Attribute Mapping</h3> <p>This page will allow you to modify which ldap attribute the plugin uses to populate default values for the user.</p> + <b>General Attributes</b> <table class="form-table"> <tr valign="top"> <th scope="row"><label for="ldapAttributeMail">Email:</label></th> @@ -560,48 +563,71 @@ </td> </tr> <tr valign="top"> - <th scope="row"><label for="ldapAttributeMember">Group Attribute:</label></th> + <th scope="row"><label for="ldapAttributeMacaddress">Mac Address:</label></th> <td> - <input type="text" name="ldapAttributeMember" id="ldapAttributeMember" value="<?php echo $ldapAttributeMember ?>" /> + <input type="text" name="ldapAttributeMacaddress" id="ldapAttributeMacaddress" value="<?php echo $ldapAttributeMacaddress ?>" /> <br/> </td> </tr> <tr valign="top"> - <th scope="row"><label for="ldapAttributeGroupObjectclass">Group Objectclass:</label></th> + <th scope="row"><label for="ldapAttributeDn">Distinguished Name (DN):</label></th> <td> - <input type="text" name="ldapAttributeGroupObjectclass" id="ldapAttributeGroupObjectclass" value="<?php echo $ldapAttributeGroupObjectclass ?>" /> + <input type="text" name="ldapAttributeDn" id="ldapAttributeDn" value="<?php echo $ldapAttributeDn ?>" /> <br/> </td> </tr> + </table> + + <br/><b>Windows Attributes</b> + <table class="form-table"> <tr valign="top"> - <th scope="row"><label for="ldapAttributeMacaddress">Mac Address:</label></th> + <th scope="row"><label for="ldapAttributeWinSearch">Search Attribute:</label></th> <td> - <input type="text" name="ldapAttributeMacaddress" id="ldapAttributeMacaddress" value="<?php echo $ldapAttributeMacaddress ?>" /> + <input type="text" name="ldapAttributeWinSearch" id="ldapAttributeWinSearch" value="<?php echo $ldapAttributeWinSearch ?>" /> <br/> </td> </tr> <tr valign="top"> - <th scope="row"><label for="ldapAttributeDn">Distinguished Name (DN):</label></th> + <th scope="row"><label for="ldapAttributeMember">Group Attribute:</label></th> <td> - <input type="text" name="ldapAttributeDn" id="ldapAttributeDn" value="<?php echo $ldapAttributeDn ?>" /> + <input type="text" name="ldapAttributeMember" id="ldapAttributeMember" value="<?php echo $ldapAttributeMember ?>" /> <br/> </td> </tr> <tr valign="top"> - <th scope="row"><label for="ldapAttributeNixSearch">Search Attribute (Linux):</label></th> + <th scope="row"><label for="ldapAttributeGroupObjectclass">Group Objectclass:</label></th> <td> + <input type="text" name="ldapAttributeGroupObjectclass" id="ldapAttributeGroupObjectclass" value="<?php echo $ldapAttributeGroupObjectclass ?>" /> + <br/> + </td> + </tr> + </table> + + <br/><b>Linux Attributes</b> + <table class="form-table"> + <tr valign="top"> + <th scope="row"><label for="ldapAttributeNixSearch">Search Attribute:</label></th> + <td> <input type="text" name="ldapAttributeNixSearch" id="ldapAttributeNixSearch" value="<?php echo $ldapAttributeNixSearch ?>" /> <br/> </td> </tr> <tr valign="top"> - <th scope="row"><label for="ldapAttributeWinSearch">Search Attribute (Windows):</label></th> + <th scope="row"><label for="ldapAttributeMemberNix">Group Attribute:</label></th> <td> - <input type="text" name="ldapAttributeWinSearch" id="ldapAttributeWinSearch" value="<?php echo $ldapAttributeWinSearch ?>" /> + <input type="text" name="ldapAttributeMemberNix" id="ldapAttributeMemberNix" value="<?php echo $ldapAttributeMemberNix ?>" /> <br/> </td> </tr> + <tr valign="top"> + <th scope="row"><label for="ldapAttributeGroupObjectclassNix">Group Objectclass:</label></th> + <td> + <input type="text" name="ldapAttributeGroupObjectclassNix" id="ldapAttributeGroupObjectclassNix" value="<?php echo $ldapAttributeGroupObjectclassNix ?>" /> + <br/> + </td> + </tr> </table> + <p class="submit"><input type="submit" name="ldapOptionsSave" value="Save Attributes" /></p> </form> <?php This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-05-10 03:34:57
|
Revision: 108 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=108&view=rev Author: axelseaa Date: 2010-05-10 03:34:51 +0000 (Mon, 10 May 2010) Log Message: ----------- a few changes based on ken's feedback - thanks\! Modified Paths: -------------- trunk/ldap/lib/ldap_core.php trunk/ldap/lib/ldap_ro.php trunk/ldap/lib/wpmu_ldap.functions.php Modified: trunk/ldap/lib/ldap_core.php =================================================================== --- trunk/ldap/lib/ldap_core.php 2010-05-06 11:35:00 UTC (rev 107) +++ trunk/ldap/lib/ldap_core.php 2010-05-10 03:34:51 UTC (rev 108) @@ -200,13 +200,17 @@ function checkGroup($userDN,$groups){ //Make sure we're connected - we're not when this is called from the admin side if (!$this->connection_handle) { - $this->connect(); + $this->dock(); } if (empty($groups)) return LDAP_GROUP_NOT_SET; // Get Groups - $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN))); + $attributes_to_get = array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)); + $search_filter = "(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)"; + $search_filter .= "(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))"; + $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", $attributes_to_get); + $this->Search(); $results = ldap_get_entries($this->connection_handle, $this->search_result); // Check Groups Modified: trunk/ldap/lib/ldap_ro.php =================================================================== --- trunk/ldap/lib/ldap_ro.php 2010-05-06 11:35:00 UTC (rev 107) +++ trunk/ldap/lib/ldap_ro.php 2010-05-10 03:34:51 UTC (rev 108) @@ -76,8 +76,7 @@ // Default Catch $return = LDAP_OK; - } - else { + } else { if ($this->GetErrorNumber() == 49) { $return = LDAP_ERROR_WRONG_PASSWORD; } @@ -160,10 +159,21 @@ $data[LDAP_INDEX_GIVEN_NAME] = $this->GetLDAPInfo (LDAP_INDEX_GIVEN_NAME); $data[LDAP_INDEX_SURNAME] = $this->GetLDAPInfo (LDAP_INDEX_SURNAME); $data[LDAP_INDEX_PHONE] = $this->GetLDAPInfo (LDAP_INDEX_PHONE); + + // If deny group set and user found, return + $deny = $this->checkGroup($user_data[LDAP_INDEX_DN],wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin'))); + if ($deny == LDAP_IN_GROUP) return LDAP_ERROR_DENIED_GROUP; + + // If allow group set and user found, + $allow = $this->checkGroup($user_data[LDAP_INDEX_DN],wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin'))); + if ($allow == LDAP_IN_GROUP) return LDAP_OK; // found in group + if ($allow == LDAP_ERROR_NOT_IN_GROUP) return LDAP_ERROR_ACCESS_GROUP; // not in group + + // Default Catch + return LDAP_OK; } else { $data = null; } - return LDAP_OK; } function GetEmailList ($in_email_list_name, &$emails, &$dns) { @@ -203,4 +213,3 @@ return true; } } -?> Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-05-06 11:35:00 UTC (rev 107) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-05-10 03:34:51 UTC (rev 108) @@ -192,13 +192,14 @@ $userDataArray = null; if ($server->DoSearchUsername($in_username, $attributes_to_get, $userDataArray) == LDAP_OK) { - if (!empty($userDataArray)) { - if ($server->checkGroup($userDataArray[LDAP_INDEX_DN]) == 0) { - return true; - } else { - return false; - } - } + return true; +# if (!empty($userDataArray)) { +# if ($server->checkGroup($userDataArray[LDAP_INDEX_DN]) == 0) { +# return true; +# } else { +# return false; +# } +# } } return false; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-04-25 14:07:47
|
Revision: 106 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=106&view=rev Author: axelseaa Date: 2010-04-25 14:07:41 +0000 (Sun, 25 Apr 2010) Log Message: ----------- minor changes - moved group get function and setup function to admin page - elliminates errors when plugin is not enabled. Also fixed serialization issues with group options Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_admin.functions.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-02-19 14:35:41 UTC (rev 105) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-04-25 14:07:41 UTC (rev 106) @@ -242,20 +242,6 @@ return true; } -/** - * Configures the ldap options to pass in for authentication/verification - */ -function wpmuSetupLdapOptions() { - $options = array(); - $options[] = get_site_option("ldapServerAddr"); - $options[] = get_site_option("ldapServerOU"); - $options[] = get_site_option("ldapServerCN"); - $options[] = get_site_option("ldapServerPass"); - $options[] = get_site_option("ldapServerPort"); - $options[] = get_site_option("ldapEnableSSL"); - return $options; -} - /** * Overrides display and handling of the WPMU signup form. Simply * displays a message to indicate to users that they should use the login form @@ -377,13 +363,3 @@ return $username; } - -/**/ -function wpmuLdapGroupsGet($opts = array()) { - if (empty($opts['siteoption'])) return; - if (empty($opts['display'])) $opts['display'] = 'array'; - $groups = unserialize(get_site_option($opts['siteoption'])); - if (empty($groups)) return; - if ($opts['display'] == 'array') return array_filter(array_map('strtolower', $groups)); - elseif ($opts['display'] == 'web') return implode("\n",$groups); -} Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-02-19 14:35:41 UTC (rev 105) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-04-25 14:07:41 UTC (rev 106) @@ -82,15 +82,15 @@ } else if ($_POST['ldapGroupsSave']) { $allow = explode("\n", $_POST['ldapGroupAllowLogin']); $allow = array_filter(array_map('trim', $allow)); - update_site_option('ldapGroupAllowLogin',serialize($allow)); + update_site_option('ldapGroupAllowLogin',$allow); #$allowCreate = explode("\n", $_POST['ldapGroupAllowLoginCreate']); #$allowCreate = array_filter(array_map('trim', $allowCreate)); - #update_site_option('ldapGroupAllowLoginCreate',serialize($allowCreate)); + #update_site_option('ldapGroupAllowLoginCreate',$allowCreate); $deny = explode("\n", $_POST['ldapGroupDenyLogin']); $deny = array_filter(array_map('trim', $deny)); - update_site_option('ldapGroupDenyLogin',serialize($deny)); + update_site_option('ldapGroupDenyLogin',$deny); echo "<div id='message' class='updated fade'><p>Saved Options!</p></div>"; } else if ($_POST['ldapFixMeta']) { @@ -860,3 +860,29 @@ return $result; } +/** + * Get Groups from DB + */ +function wpmuLdapGroupsGet($opts = array()) { + if (empty($opts['siteoption'])) return; + if (empty($opts['display'])) $opts['display'] = 'array'; + $groups = get_site_option($opts['siteoption']); + if (empty($groups)) return; + if ($opts['display'] == 'array') return array_filter(array_map('strtolower', $groups)); + elseif ($opts['display'] == 'web') return implode("\n",$groups); +} + +/** + * Configures the ldap options to pass in for authentication/verification + */ +function wpmuSetupLdapOptions() { + $options = array(); + $options[] = get_site_option("ldapServerAddr"); + $options[] = get_site_option("ldapServerOU"); + $options[] = get_site_option("ldapServerCN"); + $options[] = get_site_option("ldapServerPass"); + $options[] = get_site_option("ldapServerPort"); + $options[] = get_site_option("ldapEnableSSL"); + return $options; +} + This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-02-19 14:35:48
|
Revision: 105 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=105&view=rev Author: axelseaa Date: 2010-02-19 14:35:41 +0000 (Fri, 19 Feb 2010) Log Message: ----------- global allow and deny groups implemented - nested group support Modified Paths: -------------- trunk/ldap/lib/defines.php trunk/ldap/lib/ldap_core.php trunk/ldap/lib/ldap_ro.php trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_admin.functions.php Modified: trunk/ldap/lib/defines.php =================================================================== --- trunk/ldap/lib/defines.php 2010-01-31 18:35:00 UTC (rev 104) +++ trunk/ldap/lib/defines.php 2010-02-19 14:35:41 UTC (rev 105) @@ -1,12 +1,17 @@ <?php -define ('LDAP_OK', '0'); -define ('LDAP_ERROR_NO_PASSWORD', '-1'); -define ('LDAP_ERROR_NO_NOVELL_ID', '-2'); -define ('LDAP_ERROR_USER_NOT_FOUND', '-3'); -define ('LDAP_ERROR_NO_EMAIL_IN_NDS', '-4'); -define ('LDAP_ERROR_CONNECTION', '-5'); -define ('LDAP_ERROR_WRONG_PASSWORD', '-6'); -define ('LDAP_ERROR_EMPTY_PARAM', '-7'); +define ('LDAP_OK', '0'); +define ('LDAP_IN_GROUP', '1'); +define ('LDAP_GROUP_NOT_SET', '2'); +define ('LDAP_ERROR_NO_PASSWORD', '-1'); +define ('LDAP_ERROR_NO_NOVELL_ID', '-2'); +define ('LDAP_ERROR_USER_NOT_FOUND', '-3'); +define ('LDAP_ERROR_NO_EMAIL_IN_NDS', '-4'); +define ('LDAP_ERROR_CONNECTION', '-5'); +define ('LDAP_ERROR_WRONG_PASSWORD', '-6'); +define ('LDAP_ERROR_EMPTY_PARAM', '-7'); +define ('LDAP_ERROR_ACCESS_GROUP', '-8'); +define ('LDAP_ERROR_DENIED_GROUP', '-9'); +define ('LDAP_ERROR_NOT_IN_GROUP', '-10'); define ('LDAP_INDEX_EMAIL', '0'); define ('LDAP_INDEX_NAME', '1'); @@ -36,6 +41,7 @@ define ('LDAP_DEFAULT_ATTRIBUTE_DN', 'dn'); define ('LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH', 'uid'); define ('LDAP_DEFAULT_ATTRIBUTE_WINSEARCH', 'samaccountname'); +define ('LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS','group'); define ('LDAP_DELIM', ","); define ('LDAP_USER_SEARCH_FULLNAME', '0'); Modified: trunk/ldap/lib/ldap_core.php =================================================================== --- trunk/ldap/lib/ldap_core.php 2010-01-31 18:35:00 UTC (rev 104) +++ trunk/ldap/lib/ldap_core.php 2010-02-19 14:35:41 UTC (rev 105) @@ -196,5 +196,69 @@ if ($type == LDAP_INDEX_DN) return $this->info[0][$dn]; if ($type == LDAP_INDEX_NICKNAME) return empty($nickname) ? false : $this->info[0][$nickname][0]; } + + function checkGroup($userDN,$groups){ + //Make sure we're connected - we're not when this is called from the admin side + if (!$this->connection_handle) { + $this->connect(); + } + + if (empty($groups)) return LDAP_GROUP_NOT_SET; + + // Get Groups + $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$userDN)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN))); + $this->Search(); + $results = ldap_get_entries($this->connection_handle, $this->search_result); + // Check Groups + $userGroups = array(); + for ($i = 0; $i < $results['count']; $i++) { + $userGroups[$i] = strtolower($results[$i][get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)]); + if (in_array($userGroups[$i],$groups)) return LDAP_IN_GROUP; + } + + if ($this->checkGroupNested($groups,$userGroups)) { + return LDAP_IN_GROUP; + } + + // Check for nested groups + return LDAP_ERROR_NOT_IN_GROUP; + } + + /* Recursive function used to check nested groups */ + function checkGroupNested($reqgroups,$groups,$checkedgroups = array()) { + if (!$groups) return false; //no more groups left to check + + #print "Checking Groups ".implode(",",$groups)." <br/>"; + + $groupstocheck = array(); + foreach ($groups as $group) { + // Get User Groups + $attributes_to_get = array(get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)); + $this->SetSearchCriteria("(&(".get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER)."=$group)(objectclass=".get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS)."))", $attributes_to_get); + $this->Search(); + $results = ldap_get_entries($this->connection_handle, $this->search_result); + $returnedgroups = array(); + for ($i = 0; $i < $results['count']; $i++) { + array_push($returnedgroups,strtolower($results[$i][get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN)])); + } + + #print "Group $group is a member of: ".implode(",",$returnedgroups)."<br/>"; + + foreach ($returnedgroups as $checkgroup) { + if (in_array($checkgroup, $checkedgroups)) { + continue; + } + + #print "Checking membership for $checkgroup<br/>"; + + if (in_array($checkgroup, $reqgroups)) { + return true; + } else { + array_push($groupstocheck,$checkgroup); + } + } + } + $checkedgroups = array_unique(array_merge($groups,$checkedgroups)); + return $this->checkGroupNested($reqgroups,$groupstocheck,$checkedgroups); + } } -?> Modified: trunk/ldap/lib/ldap_ro.php =================================================================== --- trunk/ldap/lib/ldap_ro.php 2010-01-31 18:35:00 UTC (rev 104) +++ trunk/ldap/lib/ldap_ro.php 2010-02-19 14:35:41 UTC (rev 105) @@ -33,6 +33,7 @@ get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME), get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN), get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE)); + if (get_site_option('ldapLinuxWindows')) $uid = get_site_option('ldapAttributeNixSearch',LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH); //Linux else @@ -62,8 +63,18 @@ $user_data[LDAP_INDEX_GIVEN_NAME] = $this->GetLDAPInfo (LDAP_INDEX_GIVEN_NAME); $user_data[LDAP_INDEX_SURNAME] = $this->GetLDAPInfo (LDAP_INDEX_SURNAME); $user_data[LDAP_INDEX_PHONE] = $this->GetLDAPInfo (LDAP_INDEX_PHONE); - - // Success! + $user_data[LDAP_INDEX_MEMBER] = $this->GetLDAPInfo (LDAP_INDEX_MEMBER); + + // If deny group set and user found, return + $deny = $this->checkGroup($user_data[LDAP_INDEX_DN],wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin'))); + if ($deny == LDAP_IN_GROUP) return LDAP_ERROR_DENIED_GROUP; + + // If allow group set and user found, + $allow = $this->checkGroup($user_data[LDAP_INDEX_DN],wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin'))); + if ($allow == LDAP_IN_GROUP) return LDAP_OK; // found in group + if ($allow == LDAP_ERROR_NOT_IN_GROUP) return LDAP_ERROR_ACCESS_GROUP; // not in group + + // Default Catch $return = LDAP_OK; } else { Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-31 18:35:00 UTC (rev 104) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-02-19 14:35:41 UTC (rev 105) @@ -87,13 +87,20 @@ if ($result == LDAP_OK) { return array('result' => true,'userdata' => $userDataArray); } - // handle both at once, for security else if ( ($result == LDAP_ERROR_USER_NOT_FOUND || $result == LDAP_ERROR_WRONG_PASSWORD) ) { $errors->add('invalid_userpass',__('<strong>ERROR</strong>: Wrong username / password combination.')); return array('result' => false,'errors' => $errors); } - + // check security group + else if ( $result == LDAP_ERROR_ACCESS_GROUP ){ + $errors->add('wrong_group',__('<strong>ERROR</strong>: Access denied - user not found in security access group(s).')); + return array('result' => false,'errors' => $errors); + } + elseif ($result == LDAP_ERROR_DENIED_GROUP) { + $errors->add('deny_group',__('<strong>ERROR</strong>: Access denied - user found in security deny group(s).')); + return array('result' => false,'errors' => $errors); + } // the trickle-through catch-all else { $errors->add('unknown_error',__('<strong>ERROR</strong>: Unknown error in LDAP Authentication.')); @@ -182,12 +189,16 @@ get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME), get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN), get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE)); - $userDataArray = null; if ($server->DoSearchUsername($in_username, $attributes_to_get, $userDataArray) == LDAP_OK) { - if (!empty($userDataArray)) - return true; + if (!empty($userDataArray)) { + if ($server->checkGroup($userDataArray[LDAP_INDEX_DN]) == 0) { + return true; + } else { + return false; + } + } } return false; } @@ -366,3 +377,13 @@ return $username; } + +/**/ +function wpmuLdapGroupsGet($opts = array()) { + if (empty($opts['siteoption'])) return; + if (empty($opts['display'])) $opts['display'] = 'array'; + $groups = unserialize(get_site_option($opts['siteoption'])); + if (empty($groups)) return; + if ($opts['display'] == 'array') return array_filter(array_map('strtolower', $groups)); + elseif ($opts['display'] == 'web') return implode("\n",$groups); +} Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-31 18:35:00 UTC (rev 104) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-02-19 14:35:41 UTC (rev 105) @@ -42,6 +42,8 @@ ldapOptionsPanelUpdates(); } elseif ($tab == 'general') { ldapOptionsPanelGeneral(); + } elseif ($tab == 'group') { + ldapOptionsPanelGroup(); } else { ldapOptionsPanelConnection(); } @@ -56,6 +58,7 @@ echo '<a href="?page=wpmu_ldap_admin.functions.php"'.((empty($tab) || $tab == 'connection') ? ' class="wpmuLdapOptionMenuSelected"' : '').'>Connection Settings</a> | '; echo '<a href="?page=wpmu_ldap_admin.functions.php&ldaptab=general"'.($tab == 'general' ? ' class="wpmuLdapOptionMenuSelected"' : '').'>General Settings</a> | '; echo '<a href="?page=wpmu_ldap_admin.functions.php&ldaptab=attributes"'.($tab == 'attributes' ? ' class="wpmuLdapOptionMenuSelected"' : '').'>Attribute Mapping</a> | '; + echo '<a href="?page=wpmu_ldap_admin.functions.php&ldaptab=group"'.($tab == 'group' ? ' class="wpmuLdapOptionMenuSelected"' : '').'>Group Settings</a> | '; echo '<a href="?page=wpmu_ldap_admin.functions.php&ldaptab=upgrade"'.($tab == 'upgrade' ? ' class="wpmuLdapOptionMenuSelected"' : '').'>Upgrade</a>'; echo '</p><hr/>'; } @@ -76,6 +79,20 @@ } echo "<div id='message' class='updated fade'><p>Saved Options!</p></div>"; + } else if ($_POST['ldapGroupsSave']) { + $allow = explode("\n", $_POST['ldapGroupAllowLogin']); + $allow = array_filter(array_map('trim', $allow)); + update_site_option('ldapGroupAllowLogin',serialize($allow)); + + #$allowCreate = explode("\n", $_POST['ldapGroupAllowLoginCreate']); + #$allowCreate = array_filter(array_map('trim', $allowCreate)); + #update_site_option('ldapGroupAllowLoginCreate',serialize($allowCreate)); + + $deny = explode("\n", $_POST['ldapGroupDenyLogin']); + $deny = array_filter(array_map('trim', $deny)); + update_site_option('ldapGroupDenyLogin',serialize($deny)); + + echo "<div id='message' class='updated fade'><p>Saved Options!</p></div>"; } else if ($_POST['ldapFixMeta']) { wpmuLdapFixMeta(); update_site_option('ldapfixmetafor15','true'); @@ -162,6 +179,12 @@ $ret['ldapAttributeDn'] = get_site_option('ldapAttributeDN',LDAP_DEFAULT_ATTRIBUTE_DN); $ret['ldapAttributeNixSearch'] = get_site_option('ldapAttributeNixSearch',LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH); $ret['ldapAttributeWinSearch'] = get_site_option('ldapAttributeWinSearch',LDAP_DEFAULT_ATTRIBUTE_WINSEARCH); + $ret['ldapAttributeGroupObjectclass'] = get_site_option('ldapAttributeGroupObjectclass',LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS); + + $ret['ldapGroupAllowLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin','display' => 'web')); + $ret['ldapGroupAllowLoginCreate'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLoginCreate','display' => 'web')); + $ret['ldapGroupDenyLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin','display' => 'web')); + return $ret; } @@ -537,13 +560,20 @@ </td> </tr> <tr valign="top"> - <th scope="row"><label for="ldapAttributeMember">Member:</label></th> + <th scope="row"><label for="ldapAttributeMember">Group Attribute:</label></th> <td> <input type="text" name="ldapAttributeMember" id="ldapAttributeMember" value="<?php echo $ldapAttributeMember ?>" /> <br/> </td> </tr> <tr valign="top"> + <th scope="row"><label for="ldapAttributeGroupObjectclass">Group Objectclass:</label></th> + <td> + <input type="text" name="ldapAttributeGroupObjectclass" id="ldapAttributeGroupObjectclass" value="<?php echo $ldapAttributeGroupObjectclass ?>" /> + <br/> + </td> + </tr> + <tr valign="top"> <th scope="row"><label for="ldapAttributeMacaddress">Mac Address:</label></th> <td> <input type="text" name="ldapAttributeMacaddress" id="ldapAttributeMacaddress" value="<?php echo $ldapAttributeMacaddress ?>" /> @@ -575,7 +605,41 @@ <p class="submit"><input type="submit" name="ldapOptionsSave" value="Save Attributes" /></p> </form> <?php +} +function ldapOptionsPanelGroup() { + extract(getWpmuLdapSiteOptions()); +?> + <form method="post" id="ldap_auth_groups"> + <h3>LDAP Group Settings</h3> + <p>This page allows you to specify allow and deny groups for site wide blog access. In the boxes below, enter the + full dn to each group. For multiple groups, enter each group on a new line. Nested groups are supported.</p> + <table class="form-table"> + <tr valign="top"> + <th scope="row"><label for="ldap">Allow Login:</label></th> + <td> + <textarea rows="2" cols="70" name="ldapGroupAllowLogin" id="ldapGroupAllowLogin"><?php echo $ldapGroupAllowLogin ?></textarea> + <br/> + </td> + </tr> +<!-- <tr valign="top"> + <th scope="row"><label for="ldap">Allow Login w/automatic blog creation:</label></th> + <td> + <textarea rows="2" cols="70" name="ldapGroupAllowLoginCreate" id="ldapGroupAllowLoginCreate""><?php echo $ldapGroupAllowLoginCreate ?></textarea> + <br/> + </td> + </tr>--> + <tr valign="top"> + <th scope="row"><label for="ldap">Deny Login:</label></th> + <td> + <textarea rows="2" cols="70" name="ldapGroupDenyLogin" id="ldapGroupDenyLogin"><?php echo $ldapGroupDenyLogin ?></textarea> + <br/> + </td> + </tr> + </table> + <p class="submit"><input type="submit" name="ldapGroupsSave" value="Save Groups" /></p> + </form> +<?php } /** This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-01-31 18:35:06
|
Revision: 104 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=104&view=rev Author: axelseaa Date: 2010-01-31 18:35:00 +0000 (Sun, 31 Jan 2010) Log Message: ----------- missed a few attribute calls when setting up the globals Modified Paths: -------------- trunk/ldap/lib/ldap_ro.php trunk/ldap/lib/wpmu_ldap.functions.php Modified: trunk/ldap/lib/ldap_ro.php =================================================================== --- trunk/ldap/lib/ldap_ro.php 2010-01-31 04:05:08 UTC (rev 103) +++ trunk/ldap/lib/ldap_ro.php 2010-01-31 18:35:00 UTC (rev 104) @@ -29,7 +29,10 @@ } // Set up the search stuff - $attributes_to_get = array ("fullName", "mail", "givenName", "sn", "phone"); + $attributes_to_get = array (get_site_option('ldapAttributeMail',LDAP_DEFAULT_ATTRIBUTE_MAIL), + get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME), + get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN), + get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE)); if (get_site_option('ldapLinuxWindows')) $uid = get_site_option('ldapAttributeNixSearch',LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH); //Linux else @@ -83,7 +86,15 @@ // First, connect to the LDAP server $this->Dock(); - $attributes_to_get = array ("fullName", "mail", "givenName", "sn", "phone", "homeDirectory", "member", "zenwmMACAddress", "uniquemember", "dn"); + $attributes_to_get = array (get_site_option('ldapAttributeMail',LDAP_DEFAULT_ATTRIBUTE_MAIL), + get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME), + get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN), + get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE), + get_site_option('ldapAttributeHomedir',LDAP_DEFAULT_ATTRIBUTE_HOMEDIR), + get_site_option('ldapAttributeMember',LDAP_DEFAULT_ATTRIBUTE_MEMBER), + get_site_option('ldapAttributeMacaddress',LDAP_DEFAULT_ATTRIBUTE_MACADDRESS), + "dn"); + $this->SetSearchCriteria ("(cn=$in_username)", $attributes_to_get); $this->Search(); Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-31 04:05:08 UTC (rev 103) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-31 18:35:00 UTC (rev 104) @@ -178,7 +178,10 @@ $server = new LDAP_ro($ldapString); $server->DebugOff(); - $attributes_to_get = array ("fullName", "mail", "givenName", "sn", "phone"); + $attributes_to_get = array (get_site_option('ldapAttributeMail',LDAP_DEFAULT_ATTRIBUTE_MAIL), + get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME), + get_site_option('ldapAttributeSn',LDAP_DEFAULT_ATTRIBUTE_SN), + get_site_option('ldapAttributePhone',LDAP_DEFAULT_ATTRIBUTE_PHONE)); $userDataArray = null; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-01-31 04:05:14
|
Revision: 103 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=103&view=rev Author: axelseaa Date: 2010-01-31 04:05:08 +0000 (Sun, 31 Jan 2010) Log Message: ----------- tweaked css loading to use built in wordpress fucntions Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap_admin.functions.php trunk/ldap_auth.php Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-31 03:25:19 UTC (rev 102) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-31 04:05:08 UTC (rev 103) @@ -5,10 +5,15 @@ * * @return null - does not actively return a value */ -function ldapShowOptionsCss() { +function ldap_addstylesheet() { global $current_blog; $schema = ( isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ) ? 'https://' : 'http://'; - echo "<link rel='stylesheet' href='".$schema.$current_blog->domain.$current_blog->path."wp-content/mu-plugins/ldap/public/ldap_auth.css' media='screen' type='text/css' />"; + $myStyleUrl = $schema.$current_blog->domain.$current_blog->path.MUPLUGINDIR.'/ldap/public/ldap_auth.css'; + $myStyleFile = WPMU_PLUGIN_DIR . '/ldap/public/ldap_auth.css'; + if ( file_exists($myStyleFile) ) { + wp_register_style('wpmu-ldap-css', $myStyleUrl); + wp_enqueue_style('wpmu-ldap-css'); + } } /** Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2010-01-31 03:25:19 UTC (rev 102) +++ trunk/ldap_auth.php 2010-01-31 04:05:08 UTC (rev 103) @@ -20,7 +20,7 @@ require_once("ldap/lib/wpmu_ldap_admin.functions.php"); require_once("ldap/lib/wpmu_ldap_adduser.functions.php"); -add_action('admin_head', 'ldapShowOptionsCss'); +add_action('admin_init', 'ldap_addstylesheet'); add_action('admin_menu', 'ldap_addmenu'); add_action('admin_menu', 'ldap_addmenuuser'); add_action('admin_menu', 'wpmuRemoveAddNewMenu'); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-01-31 03:25:25
|
Revision: 102 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=102&view=rev Author: axelseaa Date: 2010-01-31 03:25:19 +0000 (Sun, 31 Jan 2010) Log Message: ----------- replaced is_site_admin with new is_super_admin function Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_adduser.functions.php trunk/ldap/lib/wpmu_ldap_admin.functions.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-30 23:03:31 UTC (rev 101) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2010-01-31 03:25:19 UTC (rev 102) @@ -154,7 +154,7 @@ } // Handle blog removal for various reasons - if(is_site_admin($username) === false) { + if(is_super_admin($username) === false) { if ($primary_blog = get_usermeta($loginObj->ID, "primary_blog")) { $details = get_blog_details( $primary_blog ); if( is_object( $details ) && $details->archived == 1 || $details->spam == 1 || $details->deleted == 1 ) { Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-01-30 23:03:31 UTC (rev 101) +++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-01-31 03:25:19 UTC (rev 102) @@ -9,7 +9,7 @@ // not blog-specific config, but side-wide $ldapAddUser = get_site_option('ldapAddUser'); $ldapBulkAdd = get_site_option('ldapBulkAdd'); - if (is_site_admin() || + if (is_super_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser)) || ($ldapBulkAdd && is_admin($current_user->username))) { add_submenu_page('wpmu-admin.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); @@ -86,7 +86,7 @@ if ($result[0]) { wp_new_user_notification($result[1]); ldapAddUserResult(array('updated' => 'true','action' => 'add','username' => $username)); - } elseif ($ldapCreateLocalUser || is_site_admin($current_user->username)) { + } elseif ($ldapCreateLocalUser || is_super_admin($current_user->username)) { ?> <div id='message' class='updated'> <form method='post'> @@ -113,7 +113,7 @@ } elseif ($_POST['addUserBulk']) { // Check Access $ldapBulkAdd = get_site_option('ldapBulkAdd'); - if (is_site_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) { + if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) { $user = $_POST['user']; $usernames = array(); if ( !empty($user['bulk_username']) ) { @@ -148,7 +148,7 @@ } elseif ($_POST['addLocalUser']) { check_admin_referer('add-local-user'); $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); - if ($ldapCreateLocalUser || is_site_admin($current_user->username)) { + if ($ldapCreateLocalUser || is_super_admin($current_user->username)) { $user = $_POST['user']; if ( empty($user['username']) && empty($user['email']) ) { wp_die( __("<p>Missing username and email.</p>") ); @@ -184,7 +184,7 @@ <?php // Add User $ldapAddUser = get_site_option('ldapAddUser'); - if (is_site_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser))) { + if (is_super_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser))) { ?> <h2><?php _e('Add User') ?></h2> <?php @@ -222,7 +222,7 @@ <!-- Bulk Add User --> <?php $ldapBulkAdd = get_site_option('ldapBulkAdd'); - if (is_site_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) { + if (is_super_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) { ?> <h2><?php _e('Add Bulk Users') ?></h2> <p>Using the below fields, you can bulk add LDAP users. Separate multiple users by a new line. Local user creation is not available in bulk.</p> Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-30 23:03:31 UTC (rev 101) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2010-01-31 03:25:19 UTC (rev 102) @@ -584,7 +584,7 @@ $objCurrUser = wp_get_current_user(); $objUser = wp_cache_get($objCurrUser->id, 'users'); - if (function_exists('add_submenu_page') && is_site_admin($objUser->user_login)) { + if (function_exists('add_submenu_page') && is_super_admin($objUser->user_login)) { // does not use add_options_page, because it is site-wide configuration, // not blog-specific config, but side-wide add_submenu_page('wpmu-admin.php', 'LDAP Authentication Options', 'LDAP Options', 9, basename(__FILE__), 'ldapOptionsPanel'); @@ -733,7 +733,7 @@ <tr> <th><?php _e('Account Authentication Type'); ?></th> <td class="regular-text"> - <?php if (is_site_admin($current_user->username) && $user_id > 1) { ?> + <?php if (is_super_admin($current_user->username) && $user_id > 1) { ?> <select name="ldapAccountType"> <option<?php if ($ldap_login == 'true') echo ' selected="selected"'; ?> value="LDAP"><?php _e('LDAP'); ?></option> <option<?php if ($ldap_login != 'true') echo ' selected="selected"'; ?> value="Local"><?php _e('Local'); ?></option> @@ -762,7 +762,7 @@ function wpmuUserFormLdapOptionUpdate() { global $user_id, $current_user; - if ($user_id == 1 || !is_site_admin($current_user->username)) + if ($user_id == 1 || !is_super_admin($current_user->username)) return; if ($_POST['ldapAccountType'] == 'LDAP') This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-01-30 23:03:37
|
Revision: 101 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=101&view=rev Author: axelseaa Date: 2010-01-30 23:03:31 +0000 (Sat, 30 Jan 2010) Log Message: ----------- new release Added Paths: ----------- tags/wpmu-ldap_2.9.0/ This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2010-01-30 23:01:48
|
Revision: 100 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=100&view=rev Author: axelseaa Date: 2010-01-30 23:01:42 +0000 (Sat, 30 Jan 2010) Log Message: ----------- fix which prevented blog admins from bulk adding when enabled Modified Paths: -------------- trunk/ldap/doc/README trunk/ldap/lib/wpmu_ldap_adduser.functions.php trunk/ldap_auth.php Modified: trunk/ldap/doc/README =================================================================== --- trunk/ldap/doc/README 2009-11-25 15:52:12 UTC (rev 99) +++ trunk/ldap/doc/README 2010-01-30 23:01:42 UTC (rev 100) @@ -5,8 +5,8 @@ License: ================================================================================ -LDAP-Authentication Plugin, v.2.8.1 -for WPMU 2.8.x +LDAP-Authentication Plugin, v.2.9 +for WPMU 2.8.x and 2.9.x Copyright (C) 2009 Alistair Young, Patrick Cavit, Hugo Salgado, Alex Barker, and Sean Wedig, Aaron Axelsen Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2009-11-25 15:52:12 UTC (rev 99) +++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2010-01-30 23:01:42 UTC (rev 100) @@ -112,9 +112,8 @@ } } elseif ($_POST['addUserBulk']) { // Check Access - if (!is_site_admin($current_user->username)) { - ldapAddUserResult(array('updated' => 'false','action' => 'auth')); - } else { + $ldapBulkAdd = get_site_option('ldapBulkAdd'); + if (is_site_admin($current_user->username) || ($ldapBulkAdd && is_admin($current_user->username))) { $user = $_POST['user']; $usernames = array(); if ( !empty($user['bulk_username']) ) { @@ -143,6 +142,8 @@ ldapAddUserResult(array('updated' => 'false','action' => 'exists','username' => $username)); } } + } else { + ldapAddUserResult(array('updated' => 'false','action' => 'auth')); } } elseif ($_POST['addLocalUser']) { check_admin_referer('add-local-user'); Modified: trunk/ldap_auth.php =================================================================== --- trunk/ldap_auth.php 2009-11-25 15:52:12 UTC (rev 99) +++ trunk/ldap_auth.php 2010-01-30 23:01:42 UTC (rev 100) @@ -3,7 +3,7 @@ Plugin Name: LDAP Authentication Plug-in Plugin URI: http://wpmuldap.frozenpc.net Description: A plugin to override the core Wordpress MU authentication method so as to use an LDAP server for authentication. -Version: 2.8.4 +Version: 2.9 Author: Alistair Young (http://www.weblogs.uhi.ac.uk/sm00ay/), Patrick Cavit (http://patcavit.com), Hugo Salgado (http://hugo.vulcano.cl), This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2009-11-25 16:29:02
|
Revision: 99 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=99&view=rev Author: axelseaa Date: 2009-11-25 15:52:12 +0000 (Wed, 25 Nov 2009) Log Message: ----------- added ability for add user option to be disabled for non siteadmin users Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap_adduser.functions.php trunk/ldap/lib/wpmu_ldap_admin.functions.php Modified: trunk/ldap/lib/wpmu_ldap_adduser.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2009-10-05 15:52:11 UTC (rev 98) +++ trunk/ldap/lib/wpmu_ldap_adduser.functions.php 2009-11-25 15:52:12 UTC (rev 99) @@ -7,8 +7,14 @@ if (function_exists('add_submenu_page')) { // does not use add_options_page, because it is site-wide configuration, // not blog-specific config, but side-wide - add_submenu_page('wpmu-admin.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); - add_submenu_page('users.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); + $ldapAddUser = get_site_option('ldapAddUser'); + $ldapBulkAdd = get_site_option('ldapBulkAdd'); + if (is_site_admin() || + ($ldapAddUser == 'enabled' || empty($ldapAddUser)) || + ($ldapBulkAdd && is_admin($current_user->username))) { + add_submenu_page('wpmu-admin.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); + add_submenu_page('users.php', 'LDAP Add User', 'Add User', 9, 'wpmu_ldap_adduser.functions.php', 'ldapAddUserOptions'); + } } } @@ -174,6 +180,11 @@ ?> <div class="wrap"> + <?php + // Add User + $ldapAddUser = get_site_option('ldapAddUser'); + if (is_site_admin() || ($ldapAddUser == 'enabled' || empty($ldapAddUser))) { + ?> <h2><?php _e('Add User') ?></h2> <?php $ldapCreateLocalUser = get_site_option('ldapCreateLocalUser'); @@ -206,7 +217,7 @@ </p> </fieldset> </form> - + <?php } ?> <!-- Bulk Add User --> <?php $ldapBulkAdd = get_site_option('ldapBulkAdd'); Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2009-10-05 15:52:11 UTC (rev 98) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2009-11-25 15:52:12 UTC (rev 99) @@ -144,6 +144,7 @@ $ret['ldapfixmetafor15'] = get_site_option('ldapfixmetafor15'); $ret['ldapfixdisplayname'] = get_site_option('ldapfixdisplayname'); $ret['ldapBulkAdd'] = get_site_option('ldapBulkAdd'); + $ret['ldapAddUser'] = get_site_option('ldapAddUser'); $ret['ldapPublicDisplayName'] = get_site_option('ldapPublicDisplayName'); $ret['ldapAttributeMail'] = get_site_option('ldapAttributeMail',LDAP_DEFAULT_ATTRIBUTE_MAIL); $ret['ldapAttributeGivenname'] = get_site_option('ldapAttributeGivenname',LDAP_DEFAULT_ATTRIBUTE_GIVENNAME); @@ -180,6 +181,9 @@ if($ldapBulkAdd) $tBulkAdd = "checked='checked'"; else $fBulkAdd = "checked='checked'"; + if($ldapAddUser == 'enabled' || empty($ldapAddUser)) $tAddUser = "checked='checked'"; + else $fAddUser = "checked='checked'"; + if($ldapDisableSignup) $tDisableSignup = "checked='checked'"; else $fDisableSignup = "checked='checked'"; @@ -248,6 +252,15 @@ </td> </tr> <tr valign="top"> + <th scope="row">Allow blog admins to add users?</th> + <td> + <input type='radio' name='ldapAddUser' id='adduseryes' value='enabled' <?php echo $tAddUser; ?>/> <label for="adduseryes">Yes</label> + <input type='radio' name='ldapAddUser' id='adduserno' value='disabled' <?php echo $fAddUser; ?>/> <label for="adduserno">No</label> + <br/> + This option specifies whether or not the individual blog admins are able to add users. + </td> + </tr> + <tr valign="top"> <th scope="row">Allow blog admins to bulk add?</th> <td> <input type='radio' name='ldapBulkAdd' id='bulkaddyes' value='1' <?php echo $tBulkAdd; ?>/> <label for="bulkaddyes">Yes</label> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2009-10-05 15:52:19
|
Revision: 98 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=98&view=rev Author: axelseaa Date: 2009-10-05 15:52:11 +0000 (Mon, 05 Oct 2009) Log Message: ----------- moved test connection function - will fix errors if running test connection on initial setup Modified Paths: -------------- trunk/ldap/lib/wpmu_ldap.functions.php trunk/ldap/lib/wpmu_ldap_admin.functions.php Modified: trunk/ldap/lib/wpmu_ldap.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap.functions.php 2009-09-03 03:52:27 UTC (rev 97) +++ trunk/ldap/lib/wpmu_ldap.functions.php 2009-10-05 15:52:11 UTC (rev 98) @@ -266,14 +266,6 @@ } } -function wpmuLdapTestConnection() { - $server = new LDAP_ro(wpmuSetupLdapOptions()); - $server->DebugOff(); - $result = $server->testConnect(); - $server->Disconnect(); - return $result; -} - /** * Checks to make sure the user is added to the dashboard blog (if set) or else blog #1 */ Modified: trunk/ldap/lib/wpmu_ldap_admin.functions.php =================================================================== --- trunk/ldap/lib/wpmu_ldap_admin.functions.php 2009-09-03 03:52:27 UTC (rev 97) +++ trunk/ldap/lib/wpmu_ldap_admin.functions.php 2009-10-05 15:52:11 UTC (rev 98) @@ -767,3 +767,14 @@ unset($submenu['users.php'][10]); } +/** +* Connection Test Function +*/ +function wpmuLdapTestConnection() { + $server = new LDAP_ro(wpmuSetupLdapOptions()); + $server->DebugOff(); + $result = $server->testConnect(); + $server->Disconnect(); + return $result; +} + This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <axe...@us...> - 2009-09-03 03:52:36
|
Revision: 97 http://wpmu-ldap.svn.sourceforge.net/wpmu-ldap/?rev=97&view=rev Author: axelseaa Date: 2009-09-03 03:52:27 +0000 (Thu, 03 Sep 2009) Log Message: ----------- new release Added Paths: ----------- tags/wpmu-ldap_2.8.4/ This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |