From: Dominik Csapak Date: Thu, 19 Oct 2017 12:36:17 +0000 (+0200) Subject: make accountattr a list, and get the defaults from the config X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=23b1d0f891a2c8addc6f54eac374c23640bc1b43;p=pmg-api.git make accountattr a list, and get the defaults from the config since different ldap servers use different objectclasses for users, we have at least to use sAMAccountName and uid also get the defaults from the LDAPConfig class instead of hardcoding them a second time Signed-off-by: Dominik Csapak --- diff --git a/PMG/LDAPCache.pm b/PMG/LDAPCache.pm index b361eee..9ac3fe3 100755 --- a/PMG/LDAPCache.pm +++ b/PMG/LDAPCache.pm @@ -11,8 +11,10 @@ use Net::LDAP::Constant qw (LDAP_CONTROL_PAGED); use DB_File; use PVE::SafeSyslog; +use PVE::Tools qw(split_list); use PMG::Utils; +use PMG::LDAPConfig; $DB_HASH->{'cachesize'} = 10000; $DB_RECNO->{'cachesize'} = 10000; @@ -51,20 +53,19 @@ sub new { $self->{id} = $id; } - if (!$args{mailattr}) { - $args{mailattr} = "mail, userPrincipalName, proxyAddresses, othermailbox"; - } - $args{mailattr} =~ s/[\,\;]/ /g; - $args{mailattr} =~ s/\s+/,/g; + my $config_properties = PMG::LDAPConfig::properties(); - if ($args{mode} && ($args{mode} eq 'ldap' || $args{mode} eq 'ldaps')) { - $self->{mode} = $args{mode}; - } else { - $self->{mode} = 'ldap'; + # set defaults for the fields that have one + foreach my $property (keys %$config_properties) { + my $d = $config_properties->{$property}; + next if !defined($d->{default}); + $self->{$property} = $args{$property} || $d->{default}; } - $self->{accountattr} = $args{accountattr} || 'sAMAccountName'; - @{$self->{mailattr}} = split(/,/, $args{mailattr}); + # split list returns an array not a reference + $self->{accountattr} = [split_list($self->{accountattr})]; + $self->{mailattr} = [split_list($self->{mailattr})]; + $self->{server1} = $args{server1}; $self->{server2} = $args{server2}; $self->{binddn} = $args{binddn}; @@ -156,7 +157,7 @@ sub queryusers { scope => "subtree", filter => $filter, control => [ $page ], - attrs => [ @{$self->{mailattr}}, $self->{accountattr}, 'memberOf' ] + attrs => [ @{$self->{mailattr}}, @{$self->{accountattr}}, 'memberOf' ] ); my $cookie; @@ -207,12 +208,14 @@ sub queryusers { $self->{dbstat}->{dnames}->{dbh}->put($dn, $cuid); } - my $account = $entry->get_value($self->{accountattr}); - if ($account && ($account =~ m/^\S+$/s)) { - $account = lc($account); - $self->{dbstat}->{accounts}->{dbh}->put($account, $cuid); - my $data = pack('n/a* n/a* n/a*', $pmail, $account, $dn); - $self->{dbstat}->{users}->{dbh}->put($cuid, $data); + foreach my $attr (@{$self->{accountattr}}) { + my $account = $entry->get_value($attr); + if ($account && ($account =~ m/^\S+$/s)) { + $account = lc($account); + $self->{dbstat}->{accounts}->{dbh}->put($account, $cuid); + my $data = pack('n/a* n/a* n/a*', $pmail, $account, $dn); + $self->{dbstat}->{users}->{dbh}->put($cuid, $data); + } } foreach my $mail (@$addresses) { diff --git a/PMG/LDAPConfig.pm b/PMG/LDAPConfig.pm index 3e92fc4..9c12dbb 100644 --- a/PMG/LDAPConfig.pm +++ b/PMG/LDAPConfig.pm @@ -82,9 +82,9 @@ sub properties { }, accountattr => { description => "Account attribute name name.", - type => 'string', + type => 'string', format => 'string-list', pattern => '[a-zA-Z0-9]+', - default => 'sAMAccountName', + default => 'sAMAccountName, uid', }, mailattr => { description => "List of mail attribute names.",