Menu

#1 Schema functions

open
nobody
None
5
2003-05-24
2003-05-24
David Smith
No

Your TODO listed something about needing more specific
schema fetching code. Here are a few PHP functions
(attached). that will tell you pretty much everything
you want to know about your LDAP schema.

Discussion

  • Oren Held

    Oren Held - 2003-06-08

    Logged In: YES
    user_id=24978

    I cannot access any files, seems like you didn't upload
    them.. can you please do? Sounds like something I'm really
    interested in.

    Thanks

     

  • David Smith

    David Smith - 2003-06-26

    Logged In: YES
    user_id=602471

    Here are the schema functions I promised so long ago :)

    You can consider this a bug report as well, since YALA did
    not know how to treat schema lines that had 'AUXILLARY'. It
    kept bombing out on my OpenLDAP 2.0.27 stock install because
    of it. Notice that you'll need to replace the
    davedap_ldap_connect() calls here with the standard
    ldap_connect() and ldap_bind() calls.

    <pre>

    /*
    * Returns true if $var is not white space only, and false
    otherwise.
    */
    function not_white( $var )
    {
    return trim($var) != "" ? true : false;
    }

    /*
    * Returns an associative array of objectClasses for the
    specified
    * $server_id. Each array entry's key is the name of the
    objectClass
    * in lower-case.
    * The sub-entries consist of sub-arrays called 'must_attrs'
    and
    * 'may_attrs', and sub-entries called 'oid', 'name' and
    'description'.
    *
    * The bulk of this function came from the good code in the
    * GPL'ed LDAP Explorer project. Thank you.
    */
    function get_schema_objectclasses( $server_id )
    {
    $ds = davedap_ldap_connect( $server_id );

    if( ! $ds )
    return false;

    // get all the objectClasses
    $result = @ldap_read($ds, 'cn=subschema', '(objectClass=*)',
    array( 'objectclasses' ), 0, 200, 0, LDAP_DEREF_ALWAYS );
    if( ! $result )
    $result = @ldap_read($ds, 'cn=schema', '(objectClass=*)',
    array( 'objectclasses' ), 0, 200, 0, LDAP_DEREF_ALWAYS );

    if( ! $result ) return false;
    if( $result ) $raw_oclasses = ldap_get_entries($ds,$result );

    // build the array of objectClasses
    $oclasses = array();
    for( $att=0; $att < count(
    $raw_oclasses[0]["objectclasses"] ); $att++ )
    {
    $class = $raw_oclasses[0]["objectclasses"][$att];

    preg_match( "/[\s]+NAME[\s'\(]+([a-zA-Z0-9\-_]+)[\s'\)]/"
    , $class, $name);
    preg_match( "/[\s]+([\d\.]+)[\s]+NAME/", $class, $oid );
    preg_match( "/[\s]+DESC[\s]+'([a-zA-Z0-9\-_ ]+)'/",
    $class, $description );
    preg_match( "/[\s]+SUP[\s]+([a-zA-Z0-9\-_]+)[\s]/",
    $class, $sup );

    $key = strtolower( trim( $name[1] ) );
    $oclass_name = trim( $name[1] );
    if( ! $key ) continue;

    $oclasses[$key] = array();
    $oclasses[$key]['oid'] = trim( $oid[1] );
    $oclasses[$key]['description'] = trim( $description[1] );
    $oclasses[$key]['sup'] = trim( $sup[1] );

    unset( $name );
    unset( $syntax );
    unset( $desription );

    // get all the required attributes
    preg_match( "/MUST[\s\(]+([a-zA-Z0-9\s$]+)(MAY|\))/" ,
    $class, $must_attrs );
    $must_attrs = str_replace( ' ', '', $must_attrs[1] );
    $oclasses[$key]['must_attrs'] = array_filter( explode(
    '$', $must_attrs ), "not_white" );

    // get all the optional attributes
    preg_match( "/MAY[\s\(]+([a-zA-Z0-9\s$]+)(MUST|\))/" ,
    $class, $may_attrs );
    $may_attrs = str_replace( ' ', '', $may_attrs[1] );
    $oclasses[$key]['may_attrs'] = array_filter( array_merge(
    $oclasses[$key]['must_attrs'], explode( '$', $may_attrs) ),
    "not_white" );
    unset( $must_attrs );
    unset( $may_attrs );

    $oclasses[$key]['name'] = $oclass_name;
    }

    // go back and add any inherited MUST/MAY attrs to each
    objectClass
    foreach( $oclasses as $oclass => $attrs )
    {
    $new_must = $attrs['must_attrs'];
    $new_may = $attrs['may_attrs'];
    $sup_attr = $attrs['sup'];

    while( $sup_attr && $sup_attr != "top" ) {
    $new_must = array_merge( $new_must,
    $oclasses[strtolower($sup_attr)]['must_attrs'] );
    $new_may = array_merge( $new_may,
    $oclasses[strtolower($sup_attr)]['may_attrs'] );
    $sup_attr = $oclasses[strtolower($sup_attr)]['sup'];
    }

    // TODO: flag these new attrs somehow to show that they
    were inherited... (maybe?)

    $oclasses[$oclass]['must_attrs'] = array_unique( $new_must );
    $oclasses[$oclass]['may_attrs'] = array_unique( $new_may );
    }

    ksort( $oclasses );

    return $oclasses;

    }

    /*
    * Returns an associate array of the syntax OIDs that this
    LDAP server uses mapped to
    * their descriptions.
    */
    function get_schema_syntaxes( $server_id )
    {
    static $cache;

    if( isset( $cache[$server_id] ) )
    return $cache[$server_id];

    $ds = davedap_ldap_connect( $server_id );

    if( ! $ds )
    return false;

    // get all the attributeTypes
    $result = @ldap_read($ds, 'cn=subschema', '(objectClass=*)',
    array( 'ldapSyntaxes' ), 0, 200, 0, LDAP_DEREF_ALWAYS );
    if( ! $result )
    $result = @ldap_read($ds, 'cn=schema', '(objectClass=*)',
    array( 'ldapSyntaxes' ), 0, 200, 0, LDAP_DEREF_ALWAYS );

    if( $result )
    $raw = ldap_get_entries( $ds, $result );
    else
    return( array() );

    // build the array of attributes
    $syntaxes = array();
    for( $i=0; $i < $raw[0]['ldapsyntaxes']['count']; $i++ )
    {
    $syntax = $raw[0]['ldapsyntaxes'][$i];
    preg_match( "/[\s]+([\d\.]+)[\s]+/", $syntax, $oid);
    preg_match( "/[\s]+DESC[\s]+'([\)\(:?\.a-zA-Z0-9\-_
    ]+)'/", $syntax, $description );

    $key = strtolower( trim( $oid[1] ) );
    if( ! $key ) continue;

    $syntaxes[$key] = array();
    $syntaxes[$key]['description'] = $description[1];
    }

    ksort( $syntaxes );

    $cache[$server_id] = $syntaxes;

    return $syntaxes;
    }

    /*
    * Returns an associative array of attributes for the specified
    * $server_id. Each array entry's key is the name of the
    attribute,
    * in lower-case.
    * The sub-entries are 'oid', 'syntax', 'equality',
    'substr', 'name',
    * and 'single_value'.
    *
    * The bulk of this function came from the good code in the
    * GPL'ed LDAP Explorer project. Thank you. It was extended
    * considerably for application here.
    */
    function get_schema_attributes( $server_id )
    {
    $ds = davedap_ldap_connect( $server_id );

    if( ! $ds )
    return false;

    // get all the attributeTypes
    $result = @ldap_read($ds, 'cn=subschema', '(objectClass=*)',
    array( 'attributeTypes' ), 0, 200, 0, LDAP_DEREF_ALWAYS );
    if( ! $result )
    $result = @ldap_read($ds, 'cn=schema', '(objectClass=*)',
    array( 'attributeTypes' ), 0, 200, 0, LDAP_DEREF_ALWAYS );

    if( $result )
    $raw_attrs = ldap_get_entries( $ds, $result );
    else
    $raw_attrs = array();

    $syntaxes = get_schema_syntaxes( $server_id );

    // build the array of attributes
    $attrs = array();
    for( $i=0; $i < $raw_attrs[0]['attributetypes']['count'];
    $i++ )
    {
    $attr = $raw_attrs[0]['attributetypes'][$i];

    preg_match( "/[\s]+NAME[\s'\(]+([a-zA-Z0-9\-_]+)[\s'\)]/"
    , $attr, $name);
    preg_match( "/[\s]+([\d\.]+)[\s]+NAME/", $attr, $oid );
    preg_match( "/[\s]+DESC[\s]+'([\)\(:?\.a-zA-Z0-9\-_
    ]+)'/", $attr, $description );
    preg_match( "/[\s]+SYNTAX[\s]+([\d\.]+)/", $attr, $syntax);
    preg_match( "/[\s]+EQUALITY[\s]+([a-zA-Z]+)/", $attr,
    $equality);
    preg_match( "/[\s]+SUBSTR[\s]+([a-zA-Z]+)/", $attr, $substr);
    preg_match( "/[\s]+SUP[\s]+([a-zA-Z0-9\-_]+)/", $attr, $sup );

    if( preg_match( "/[\s]+SINGLE-VALUE[\s]+/", $attr,
    $single_value ) )
    $single_value = 'Yes';
    else
    $single_value = 'No';

    $key = strtolower( trim( $name[1] ) );
    $attr_name = trim( $name[1] );
    if( ! $key ) continue;

    $attrs[$key] = array();
    $attrs[$key]['oid'] = trim( $oid[1] );
    $attrs[$key]['description'] = trim( $description[1] );
    $attrs[$key]['syntax'] = trim( $syntax[1] );
    $attrs[$key]['type'] = $syntaxes[ trim($syntax[1])
    ]['description'];
    $attrs[$key]['equality'] = trim( $equality[1] );
    $attrs[$key]['substr'] = trim( $substr[1] );
    $attrs[$key]['single_value'] = $single_value;
    $attrs[$key]['sup'] = trim( $sup[1] );
    $attrs[$key]['name'] = $attr_name;
    }

    // go back and add any inherited descriptions from parent
    attributes (ie, cn inherits name)
    foreach( $attrs as $attr => $desc )
    {
    $sup_attr = $desc['sup'];
    while( $sup_attr ) {
    if( ! $attrs[ $sup_attr ]['sup'] ) {
    $attrs[ $attr ][ 'syntax' ] = $attrs[ $sup_attr
    ]['syntax'];
    $attrs[ $attr ][ 'equality' ] = $attrs[ $sup_attr
    ]['equality'];
    $attrs[ $attr ][ 'substr' ] = $attrs[ $sup_attr
    ]['substr'];
    $attrs[ $attr ][ 'single_value' ] = $attrs[ $sup_attr
    ]['single_value'];
    break;
    } else {
    $sup_attr = $attrs[ $sup_attr ]['sup'];
    }
    }
    }

    ksort( $attrs );

    return $attrs;
    }

    /*
    * A wrapper function to save you from having to call
    get_schema_objectclasses()
    * and get_schema_attributes(). Returns an array with two
    indexes: 'oclasses'
    * and 'attributes', as defined by their respective
    functions above.
    */
    function get_schema( $server_id )
    {
    $ds = davedap_ldap_connect( $server_id );

    if( ! $ds )
    return false;

    $attrs = get_schema_attributes($server_id, $lower_case_all );
    $oclasses = get_schema_objectclasses($server_id,
    $lower_case_all );

    if( ! $oclasses )
    return false;

    $schema = array( 'attrs' => $attrs,
    'oclasses' => $oclasses );
    return $schema;
    }

    </pre>

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.