]>
Commit | Line | Data |
---|---|---|
f34b0a38 DM |
1 | package PMG::LDAPSet; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
f34b0a38 DM |
5 | |
6 | use PVE::SafeSyslog; | |
7 | ||
f34b0a38 | 8 | use PMG::LDAPCache; |
d79b9b0c | 9 | use PMG::LDAPConfig; |
f34b0a38 | 10 | |
d79b9b0c DM |
11 | sub new_from_ldap_cfg { |
12 | my ($self, $ldap_cfg, $syncmode, $serverid) = @_; | |
f34b0a38 DM |
13 | my $type = ref($self) || $self; |
14 | ||
15 | my $ids = []; | |
16 | ||
17 | if ($serverid) { | |
18 | $ids = [ $serverid ]; | |
19 | } else { | |
d79b9b0c | 20 | $ids = [ keys %{$ldap_cfg->{ids}} ]; |
f34b0a38 DM |
21 | } |
22 | ||
23 | $self = bless {}, $type; | |
24 | ||
25 | foreach my $id (@$ids) { | |
26 | ||
f62194b2 | 27 | # fixme: does it work? |
d79b9b0c | 28 | my $data = $ldap_cfg->{ids}->{$id}; |
f34b0a38 | 29 | next if !ref($data); |
1c4fa5b1 | 30 | next if $data->{disable}; |
f34b0a38 DM |
31 | |
32 | $data->{syncmode} = $syncmode; | |
33 | $data->{id} = $id; | |
34 | ||
35 | $self->{$id} = PMG::LDAPCache->new(%$data); | |
36 | } | |
37 | ||
38 | return $self; | |
39 | } | |
40 | ||
41 | sub ldap_resync { | |
d79b9b0c | 42 | my ($ldap_cfg, $tostderr) = @_; |
f34b0a38 | 43 | |
d79b9b0c | 44 | my $ldap = __PACKAGE__->new_from_ldap_cfg($ldap_cfg, 1); |
f34b0a38 DM |
45 | |
46 | foreach my $p (@{$ldap->ids()}) { | |
47 | my $server = $ldap->{$p}->{server1}; | |
48 | ||
49 | my $msg = "start syncing ldap profile '${p}' (${server})"; | |
50 | syslog('info', $msg); | |
51 | print STDERR "$msg\n" if $tostderr; | |
caaa1eab | 52 | |
f34b0a38 | 53 | $ldap->{$p}->update(2); |
caaa1eab DM |
54 | |
55 | my $errors = $ldap->{$p}->{errors}; | |
56 | print STDERR $errors if $tostderr && $errors; | |
57 | ||
f34b0a38 DM |
58 | my $gcount = $ldap->{$p}->{gcount}; |
59 | my $ucount = $ldap->{$p}->{ucount}; | |
60 | my $mcount = $ldap->{$p}->{mcount}; | |
61 | ||
caaa1eab DM |
62 | if ($errors) { |
63 | $msg = "aborted syncing ldap profile '${p}' (${server}): " . | |
64 | "keep old data, $ucount accounts, $mcount addresses, $gcount groups"; | |
65 | } else { | |
66 | $msg = "finished syncing ldap profile '${p}' (${server}): " . | |
67 | "found $ucount accounts, $mcount addresses, $gcount groups"; | |
68 | } | |
f34b0a38 DM |
69 | syslog('info', $msg); |
70 | print STDERR "$msg\n" if $tostderr; | |
71 | } | |
72 | } | |
73 | ||
74 | sub ids { | |
75 | my ($self) = @_; | |
76 | ||
77 | my $ids = []; | |
78 | ||
79 | foreach my $id (keys %$self) { | |
80 | next if ref($self->{$id}) ne 'PMG::LDAPCache'; | |
81 | push @$ids, $id; | |
82 | } | |
83 | ||
84 | return $ids; | |
85 | } | |
86 | ||
87 | sub update { | |
88 | my ($self, $syncmode) = @_; | |
89 | foreach my $id (@{$self->ids()}) { | |
90 | $self->{$id}->update($syncmode); | |
91 | } | |
92 | } | |
93 | ||
94 | sub groups { | |
95 | my ($self, $id) = @_; | |
96 | ||
97 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
98 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
99 | return undef; | |
100 | } | |
101 | ||
102 | return $self->{$id}->groups(); | |
103 | } | |
104 | ||
105 | sub mail_exists { | |
106 | my ($self, $mail, $id) = @_; | |
107 | ||
108 | if ($id) { | |
109 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
110 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
111 | return undef; | |
112 | } | |
113 | return $self->{$id}->mail_exists($mail); | |
114 | } | |
115 | ||
116 | foreach $id (@{$self->ids()}) { | |
117 | my $res = $self->{$id}->mail_exists($mail); | |
118 | return $res if $res; | |
119 | } | |
120 | ||
121 | return 0; | |
122 | } | |
123 | ||
124 | sub account_exists { | |
125 | my ($self, $account, $id) = @_; | |
126 | ||
127 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
128 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
129 | return undef; | |
130 | } | |
131 | ||
132 | return $self->{$id}->account_exists($account); | |
133 | } | |
134 | ||
135 | sub account_has_address { | |
136 | my ($self, $account, $mail, $id) = @_; | |
137 | ||
138 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
139 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
140 | return undef; | |
141 | } | |
142 | ||
143 | return $self->{$id}->account_has_address($account, $mail); | |
144 | } | |
145 | ||
146 | sub user_in_group { | |
147 | my ($self, $mail, $group, $id) = @_; | |
148 | ||
149 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
150 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
151 | return undef; | |
152 | } | |
153 | ||
154 | return $self->{$id}->user_in_group($mail, $group); | |
155 | } | |
156 | ||
157 | sub account_info { | |
158 | my ($self, $mail, $password) = @_; | |
159 | ||
160 | foreach my $id (@{$self->ids()}) { | |
161 | if ($self->{$id}->mail_exists($mail)) { | |
162 | if (my $res = $self->{$id}->account_info($mail)) { | |
163 | $res->{profile} = $id; | |
164 | ||
165 | if (defined($password)) { | |
166 | if (my $ldap = $self->{$id}->ldap_connect()) { | |
167 | my $mesg = $ldap->bind($res->{dn}, password => $password); | |
168 | return undef if ($mesg->code); | |
169 | } else { | |
170 | return undef; | |
171 | } | |
172 | } | |
173 | ||
174 | return $res; | |
175 | } | |
176 | } | |
177 | } | |
178 | ||
179 | return undef; | |
180 | } | |
181 | ||
182 | 1; |