projects / pmg-api.git / blame
| Commit | Line | Data |
|---|---|---|
| f34b0a38 DM |
1 | package PMG::LDAPSet; |
| 2 | ||
| 3 | use strict; | |
| 4 | use warnings; | |
| f34b0a38 DM |
5 | |
| 6 | use PVE::SafeSyslog; | |
| 7 | ||
| f34b0a38 | 8 | use PMG::LDAPCache; |
| d79b9b0c | 9 | use PMG::LDAPConfig; |
| f34b0a38 | 10 | |
| d79b9b0c DM |
11 | sub new_from_ldap_cfg { |
| 12 | my ($self, $ldap_cfg, $syncmode, $serverid) = @_; | |
| f34b0a38 DM |
13 | my $type = ref($self) || $self; |
| 14 | ||
| 15 | my $ids = []; | |
| 16 | ||
| 17 | if ($serverid) { | |
| 18 | $ids = [ $serverid ]; | |
| 19 | } else { | |
| d79b9b0c | 20 | $ids = [ keys %{$ldap_cfg->{ids}} ]; |
| f34b0a38 DM |
21 | } |
| 22 | ||
| 23 | $self = bless {}, $type; | |
| 24 | ||
| 25 | foreach my $id (@$ids) { | |
| 26 | ||
| f62194b2 | 27 | # fixme: does it work? |
| d79b9b0c | 28 | my $data = $ldap_cfg->{ids}->{$id}; |
| f34b0a38 | 29 | next if !ref($data); |
| 1c4fa5b1 | 30 | next if $data->{disable}; |
| f34b0a38 DM |
31 | |
| 32 | $data->{syncmode} = $syncmode; | |
| 33 | $data->{id} = $id; | |
| 34 | ||
| 35 | $self->{$id} = PMG::LDAPCache->new(%$data); | |
| 36 | } | |
| 37 | ||
| 38 | return $self; | |
| 39 | } | |
| 40 | ||
| 41 | sub ldap_resync { | |
| d79b9b0c | 42 | my ($ldap_cfg, $tostderr) = @_; |
| f34b0a38 | 43 | |
| d79b9b0c | 44 | my $ldap = __PACKAGE__->new_from_ldap_cfg($ldap_cfg, 1); |
| f34b0a38 DM |
45 | |
| 46 | foreach my $p (@{$ldap->ids()}) { | |
| 47 | my $server = $ldap->{$p}->{server1}; | |
| 48 | ||
| 49 | my $msg = "start syncing ldap profile '${p}' (${server})"; | |
| 50 | syslog('info', $msg); | |
| 51 | print STDERR "$msg\n" if $tostderr; | |
| caaa1eab | 52 | |
| f34b0a38 | 53 | $ldap->{$p}->update(2); |
| caaa1eab DM |
54 | |
| 55 | my $errors = $ldap->{$p}->{errors}; | |
| 56 | print STDERR $errors if $tostderr && $errors; | |
| 57 | ||
| f34b0a38 DM |
58 | my $gcount = $ldap->{$p}->{gcount}; |
| 59 | my $ucount = $ldap->{$p}->{ucount}; | |
| 60 | my $mcount = $ldap->{$p}->{mcount}; | |
| 61 | ||
| caaa1eab DM |
62 | if ($errors) { |
| 63 | $msg = "aborted syncing ldap profile '${p}' (${server}): " . | |
| 64 | "keep old data, $ucount accounts, $mcount addresses, $gcount groups"; | |
| 65 | } else { | |
| 66 | $msg = "finished syncing ldap profile '${p}' (${server}): " . | |
| 67 | "found $ucount accounts, $mcount addresses, $gcount groups"; | |
| 68 | } | |
| f34b0a38 DM |
69 | syslog('info', $msg); |
| 70 | print STDERR "$msg\n" if $tostderr; | |
| 71 | } | |
| 72 | } | |
| 73 | ||
| 74 | sub ids { | |
| 75 | my ($self) = @_; | |
| 76 | ||
| 77 | my $ids = []; | |
| 78 | ||
| 79 | foreach my $id (keys %$self) { | |
| 80 | next if ref($self->{$id}) ne 'PMG::LDAPCache'; | |
| 81 | push @$ids, $id; | |
| 82 | } | |
| 83 | ||
| 84 | return $ids; | |
| 85 | } | |
| 86 | ||
| 87 | sub update { | |
| 88 | my ($self, $syncmode) = @_; | |
| 89 | foreach my $id (@{$self->ids()}) { | |
| 90 | $self->{$id}->update($syncmode); | |
| 91 | } | |
| 92 | } | |
| 93 | ||
| 94 | sub groups { | |
| 95 | my ($self, $id) = @_; | |
| 96 | ||
| 97 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
| 98 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
| 99 | return undef; | |
| 100 | } | |
| 101 | ||
| 102 | return $self->{$id}->groups(); | |
| 103 | } | |
| 104 | ||
| 105 | sub mail_exists { | |
| 106 | my ($self, $mail, $id) = @_; | |
| 107 | ||
| 108 | if ($id) { | |
| 109 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
| 110 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
| 111 | return undef; | |
| 112 | } | |
| 113 | return $self->{$id}->mail_exists($mail); | |
| 114 | } | |
| 115 | ||
| 116 | foreach $id (@{$self->ids()}) { | |
| 117 | my $res = $self->{$id}->mail_exists($mail); | |
| 118 | return $res if $res; | |
| 119 | } | |
| 120 | ||
| 121 | return 0; | |
| 122 | } | |
| 123 | ||
| 124 | sub account_exists { | |
| 125 | my ($self, $account, $id) = @_; | |
| 126 | ||
| 127 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
| 128 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
| 129 | return undef; | |
| 130 | } | |
| 131 | ||
| 132 | return $self->{$id}->account_exists($account); | |
| 133 | } | |
| 134 | ||
| 135 | sub account_has_address { | |
| 136 | my ($self, $account, $mail, $id) = @_; | |
| 137 | ||
| 138 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
| 139 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
| 140 | return undef; | |
| 141 | } | |
| 142 | ||
| 143 | return $self->{$id}->account_has_address($account, $mail); | |
| 144 | } | |
| 145 | ||
| 146 | sub user_in_group { | |
| 147 | my ($self, $mail, $group, $id) = @_; | |
| 148 | ||
| 149 | if (!($self->{$id} && ref($self->{$id}) eq 'PMG::LDAPCache')) { | |
| 150 | syslog('warning', "WARNING: trying to query non-existent ldap profile '$id'"); | |
| 151 | return undef; | |
| 152 | } | |
| 153 | ||
| 154 | return $self->{$id}->user_in_group($mail, $group); | |
| 155 | } | |
| 156 | ||
| 157 | sub account_info { | |
| 158 | my ($self, $mail, $password) = @_; | |
| 159 | ||
| 160 | foreach my $id (@{$self->ids()}) { | |
| 161 | if ($self->{$id}->mail_exists($mail)) { | |
| 162 | if (my $res = $self->{$id}->account_info($mail)) { | |
| 163 | $res->{profile} = $id; | |
| 164 | ||
| 165 | if (defined($password)) { | |
| 166 | if (my $ldap = $self->{$id}->ldap_connect()) { | |
| 167 | my $mesg = $ldap->bind($res->{dn}, password => $password); | |
| 168 | return undef if ($mesg->code); | |
| 169 | } else { | |
| 170 | return undef; | |
| 171 | } | |
| 172 | } | |
| 173 | ||
| 174 | return $res; | |
| 175 | } | |
| 176 | } | |
| 177 | } | |
| 178 | ||
| 179 | return undef; | |
| 180 | } | |
| 181 | ||
| 182 | 1; |