'; echo '

' . "Synchronizacja uprawnień do bazy LDAP" . '

'; $DBG = ('1' == V::get('DBG_SLP', '', $_GET)); if ('' !== ($userName = V::get('syncUsr', '', $_GET))) { Lib::loadClass('UserStorageFactory'); $usrStorageDB = UserStorageFactory::getStorage('DB'); $usrStorageLdap = UserStorageFactory::getStorage('MacOSX'); if (!$usrStorageDB || !$usrStorageLdap) { echo '

Error storage not exists

'; } else { echo '

Synchronizacja użytkownika '.$userName.'

'; $usrFrom = $usrStorageDB->getUser($userName); if ($usrFrom) { Lib::loadClass('ProcesHelper'); $zasobUprawnienia = ProcesHelper::getZasobTableID('CRM_AUTH_PROFILE'); if ($zasobUprawnienia > 0) { echo '

' . "Ustal stanowisko: "; echo 'ustal stanowisko'; echo '

'; } } Lib::loadClass('SyncUsers'); $synUsers = new SyncUsers($usrStorageDB, $usrStorageLdap); $syncTodoList = $synUsers->getSyncUserTodoList($userName, $syncGroups = true, $syncDisabled = true); ?> syncUser($userName, $syncGroups = true, $syncDisabled = true); if (!$synced) { ?> errors: (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($synUsers->getErrorsMsgListWithDbg());echo''; } else { ?>

Error storage not exists

'; } else { Lib::loadClass('SyncUsers'); $synUsers = new SyncUsers($usrStorageDB, $usrStorageLdap); $synced = $synUsers->syncDisabled($userName); if (!$synced) { ?> errors: (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($synUsers->getErrorsMsgListWithDbg());echo''; } else { ?> 1){ echo'

zasobyGroups (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($zasobyGroups);echo'

'; echo'

zasobyGroupsTreeRoot (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($zasobyGroupsTreeRoot);echo'

'; } // print tree stanowiska function tmpPrintTreeItem($vGroup) { if ('' !== ($userName = V::get('userName', '', $_GET))) { $userGroups = UsersHelper::getGroupByUserName($userName); } if (is_array($userGroups) && !empty($userGroups) && array_key_exists($vGroup->ID, $userGroups)) { echo '' . "[{$vGroup->ID}] {$vGroup->TYPE} {$vGroup->DESC}" . ''; } else if (in_array($vGroup->TYPE, array('DZIAL', 'PODMIOT'))) { echo '' . "[{$vGroup->ID}] {$vGroup->TYPE} {$vGroup->DESC}" . ''; } else { echo "[{$vGroup->ID}] {$vGroup->TYPE} {$vGroup->DESC}"; } } function tmpPrintTreeRec($treeIds, $items, $callback) { echo '

'; foreach ($treeIds as $vID) { $vGroup = $items[$vID]; echo '
• '; $callback($vGroup); if (!empty($vGroup->sub)) { tmpPrintTreeRec($vGroup->sub, $items, $callback); } echo '
'; } echo '

'; } tmpPrintTreeRec($zasobyGroupsTreeRoot, $zasobyGroups, tmpPrintTreeItem); // tree flat } $groupsLdapAll = UsersLdapHelper::getGroupsAll($allAttrs = false); if($DBG){echo'

groupsLdapAll (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($groupsLdapAll);echo'

';} } if (0 < ($syncGroupID = V::get('syncGroup', 0, $_GET, 'int'))) { Lib::loadClass('UserStorageFactory'); $usrStorageDB = UserStorageFactory::getStorage('DB'); $usrStorageLdap = UserStorageFactory::getStorage('MacOSX'); if (!$usrStorageDB || !$usrStorageLdap) { echo ''; } else { $groupFrom = $usrStorageDB->getGroup($syncGroupID); if (!$groupFrom) { $db = DB::getDB(); $zasob = $db->get_by_id('CRM_LISTA_ZASOBOW', $syncGroupID); if (!$zasob) { echo ''; } else { echo ''; } } else { ?>

Synchronizacja grupy:

Ustal powiązania między grupami uprawnień - grupy uprawnień

getSyncGroupTodoList($syncGroupID, $syncNestedGroups = true); ?> syncGroup($syncGroupID, $syncNestedGroups = true); if (!$synced) { ?> errors: (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($synUsers->getErrorsMsgListWithDbg());echo''; } else { ?>

ldap (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($ldap);echo'';} if ('createLdapUsr' == V::get('task', '', $_GET)) { if ('' !== ($userName = V::get('checkUser', '', $_GET))) { $usrLdap = UsersLdapHelper::getUser($userName, true); $usrDB = UsersHelper::getUserByName($userName); if ($usrDB && !$usrLdap) { ?> Error: TODO (L.' . __LINE__ . ') ???

'; } } } if ('' !== ($userName = V::get('checkUser', '', $_GET))) { // checkUser $usrLdap = UsersLdapHelper::getUser($userName, true); $usrDB = UsersHelper::getUserByName($userName); ?>

usrDB (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($usrDB);echo''; ?>

usrLdap (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($usrLdap);echo''; ?>

getUserGroups($userName); echo'

sysGroups (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($sysGroups);echo'

'; if ($usrDB && $usrLdap) { echo '

OK jest DB i LDAP

'; } else if (!$usrDB) { echo '

Brak DB

'; } else if (!$usrLdap) { ?>

Brak LDAP utwórz usera ldap na podstawie danych w bazie

0) { $errorMsg = ''; if (!$ldap->bindDiradmin($errorMsg)) { echo'

Error: cant bind as diradmin (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($errorMsg);echo'

'; } else { $attr = array(); $attr['telephoneNumber'] = $usrDB->ADM_PHONE; $ldap->mod_replace($userName, $attr); //$attr = array(); //$attr['homePhone'] = $usrDB->ADM_PHONE; //$ret = $ldap->mod_del($userName, $attr); } } } if ('' !== ($userName = V::get('userName', '', $_GET))) { $ldapUser = array(); $filter = (false !== strpos($userName, '@'))? "(mail={$userName})" : "(uid={$userName})"; //$filter = "cn=*";// show all ldap accounts $justthese = array();//array("uid", "givenName", "mail", "*"); $res = $ldap->search($filter, 'cn=users', $justthese); if ($ldap->count_entries($res) > 0) { $entry = $ldap->first_entry($res); if ($entry) { $ldapUser['user_dn'] = $ldap->get_dn($entry); $val = $ldap->get_values($entry, 'uid'); $ldapUser['uid'] = $val[0]; $val = $ldap->get_values($entry, 'mail'); $ldapUser['mail'] = $val[0]; $val = $ldap->get_values($entry, 'cn'); $ldapUser['cn'] = $val[0]; } else { echo 'Login nie istnieje'; return false; } } if($DBG){echo'

ldapUser (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($ldapUser);echo'

';} $userLdapGroups = UsersLdapHelper::getUserGroups($userName); $userGroups = UsersHelper::getGroupByUserName($userName); $gidNumbers = array(); if (!empty($userLdapGroups)) { foreach ($userLdapGroups as $vLdapGroup) { $gidNumbers[] = $vLdapGroup->gidNumber; } } $groupsAll = UsersHelper::getGroupsByLdapGids($gidNumbers); if($DBG){echo'

groupsAll (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($groupsAll);echo'

';} $zasobyGroupsTreeRoot = UsersHelper::getGroupsTreeRoot(); $zasobyGroups = UsersHelper::getGroupsTreeItems(); if($DBG){echo'

treeZasoby (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($treeZasoby);echo'

';} if($DBG){echo'

zasobyGroups (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($zasobyGroups);echo'

';} if($DBG){echo'

zasobyGroupsTreeRoot (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($zasobyGroupsTreeRoot);echo'

';} // print tree stanowiska function tmpPrintTreeItem($vGroup) { if ('' !== ($userName = V::get('userName', '', $_GET))) { $userGroups = UsersHelper::getGroupByUserName($userName); } if (array_key_exists($vGroup->ID, $userGroups)) { echo '' . "[{$vGroup->ID}] {$vGroup->TYPE} {$vGroup->DESC}" . ''; } else if (in_array($vGroup->TYPE, array('DZIAL', 'PODMIOT'))) { echo '' . "[{$vGroup->ID}] {$vGroup->TYPE} {$vGroup->DESC}" . ''; } else { echo "[{$vGroup->ID}] {$vGroup->TYPE} {$vGroup->DESC}"; } } function tmpPrintTreeRec($treeIds, $items, $callback) { echo '

'; foreach ($treeIds as $vID) { $vGroup = $items[$vID]; echo '
• '; $callback($vGroup); if (!empty($vGroup->sub)) { tmpPrintTreeRec($vGroup->sub, $items, $callback); } echo '
'; } echo '

'; } tmpPrintTreeRec($zasobyGroupsTreeRoot, $zasobyGroups, tmpPrintTreeItem); // tree flat ?>

LDAP Groups ()	Zasoby Groups ()
gidNumber}] {$vLDAPGroup->cn}"; ?>	ID}/{$vGroup->A_LDAP_GID}] {$vGroup->TYPE} {$vGroup->DESC}"; ?>

0 && $zasob_id > 0) { $sqlObj = new stdClass(); $sqlObj->ID = $zasob_id; $sqlObj->A_LDAP_GID = $ldap_gid; $db = DB::getDB(); $ret = $db->UPDATE_OBJ('CRM_LISTA_ZASOBOW', $sqlObj); if ($ret > 0) { echo ''; } else if ($ret == 0) { echo ''; } else { echo ''; echo'

db errors: (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($db->get_errors());echo'

'; } } } if (V::get('group_add', '', $_POST)) { $zasob_id = V::get('zasob_id', 0, $_POST); if ($zasob_id > 0) { $db = DB::getDB(); $zasob = $db->get_by_id('CRM_LISTA_ZASOBOW', $zasob_id); if ($zasob) { if (in_array($zasob->TYPE, array('STANOWISKO', 'DZIAL', 'PODMIOT'))) { $ldap_gid = 0; // TODO: search for free GID $allLdapGroups = UsersLdapHelper::getGroupsAll(); $ldapGids = array(); foreach ($allLdapGroups as $vLdapGroup) { $ldapGids[] = $vLdapGroup->gidNumber; } $allGroups = UsersHelper::getGroupsAll(); $dbGids = array_keys($allGroups); if ($zasob->ID > 1050 && !in_array($zasob->ID, $ldapGids)) { $ldap_gid = $zasob->ID; } else { for ($i = 10000 + $zasob->ID; $i < 20000 + $zasob->ID; $i++) { if (!in_array($i, $ldapGids) && !in_array($i, $dbGids)) { $ldap_gid = $i; break; } } } if ($ldap_gid) { $ldapUser = User::getName(); $ldapPass = V::get('pass', '', $_POST); $newGroup = new stdClass(); $newGroup->nameShort = mb_substr($zasob->DESC, 0, 50, 'utf8'); $newGroup->name = $zasob->ID . '_' . $newGroup->nameShort; $newGroup->name = str_replace(' ' , '_', $newGroup->name); $pl_letters = array('ą', 'ć', 'ę', 'ł', 'ń', 'ó', 'ś', 'ź', 'ż', 'Ą', 'Ć', 'Ę', 'Ł', 'Ń', 'Ó', 'Ś', 'Ź', 'Ż'); $en_letters = array('a', 'c', 'e', 'l', 'n', 'o', 's', 'z', 'z', 'A', 'C', 'E', 'L', 'N', 'O', 'S', 'Z', 'Z'); $newGroup->name = str_replace($pl_letters , $en_letters, $newGroup->name); $newGroup->name = preg_replace('/[^a-z0-9-_]/i' , '', $newGroup->name); $newGroup->realName = "[{$zasob->ID}] {$zasob->TYPE} {$newGroup->nameShort}"; $newGroup->gidNumber = $ldap_gid; $command1="dscl -u {$ldapUser} -P {$ldapPass} /LDAPv3/127.0.0.1 -create /Groups/{$newGroup->name} PrimaryGroupID {$newGroup->gidNumber}"; $command2="dscl -u {$ldapUser} -P {$ldapPass} /LDAPv3/127.0.0.1 -create /Groups/{$newGroup->name} RealName \"{$newGroup->realName}\" "; $return_dscl1 = system($command1, $retVal1); $return_dscl2 = system($command2, $retVal2); echo'

 (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array($command1, $command2));echo'

'; if ($retVal1 === 0 && $retVal2 === 0) { echo ''; $sqlObj = new stdClass(); $sqlObj->ID = $zasob->ID; $sqlObj->A_LDAP_GID = $newGroup->gidNumber; $db = DB::getDB(); $ret = $db->UPDATE_OBJ('CRM_LISTA_ZASOBOW', $sqlObj); if ($ret > 0) { echo ''; } else if ($ret < 0) { echo ''; echo'

db errors: (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($db->get_errors());echo'

'; } } else { echo ''; } } else { echo ''; } $zasob->DESC;// TODO: clean from bad chars } else { echo ''; } } } } Lib::loadClass('UsersHelper'); $allLdapGroups = UsersLdapHelper::getGroupsAll(); $allGroups = UsersHelper::getGroupsAll(); $groupsConnected = array(); foreach ($allGroups as $vGroup) { if ($vGroup->A_LDAP_GID > 0) { $groupsConnected[] = $vGroup->A_LDAP_GID; } } ?>

All LDAP Groups	All Zasoby Groups
gidNumber}] {$vLDAPGroup->cn}"; ?> ()	ID}] {$vGroup->TYPE} {$vGroup->DESC}"; ?> ()
allLdapGroups('.count($allLdapGroups).') (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($allLdapGroups);echo''; ?>	allGroups('.count($allGroups).') (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($allGroups);echo''; ?>
Połącz Zasoby z Grupami na serwerze LDAP
Zasób: [ wybierz ] A_LDAP_GID == 0) : $total += 1; ?> ID}] {$vGroup->TYPE} {$vGroup->DESC}"; ?> () Grupa LDAP: [ wybierz ] gidNumber, $groupsConnected)) : $total += 1; ?> gidNumber}] {$vLDAPGroup->cn}"; ?> ()

allLdapUsers (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($allLdapUsers);echo'';} // ldap.uid == db.ADM_ACCOUNT $usersDB = array(); $usersLDAP = array(); $usersConnected = array(); foreach ($allUsers as $vDBUser) { $usersDB[] = $vDBUser->ADM_ACCOUNT; } foreach ($allLdapUsers as $vLDAPUser) { $usersLDAP[] = $vLDAPUser->uid; } // array czesc wspolna foreach ($usersDB as $vLogin) { if (in_array($vLogin, $usersLDAP)) { $usersConnected[] = $vLogin; } } //echo'

$usersConnected (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($usersConnected);echo'

'; ?>

LDAP Users (ok)	DB Users (ok)
uid, $usersConnected)) : $total += 1; ?> uidNumber}] {$vLDAPUser->uid}: {$vLDAPUser->cn}"; ?>	ADM_ACCOUNT, $usersConnected)) : $total += 1; ?> ID}] {$vDBUser->ADM_ACCOUNT}: {$vDBUser->ADM_NAME}"; ?>
LDAP Users (todo)	DB Users (todo)
uid, $usersConnected)) : $total += 1; ?> uidNumber}] {$vLDAPUser->uid}: {$vLDAPUser->cn}"; ?>	ADM_ACCOUNT, $usersConnected) && $vDBUser->ADM_ADMIN_LEVEL < 6) : $total += 1; ?> ID}] {$vDBUser->ADM_ACCOUNT}: {$vDBUser->ADM_NAME} ({$vDBUser->A_STATUS}:{$vDBUser->ADM_ADMIN_LEVEL})"; ?>
	konta bez możliwości zalogwania się
	ADM_ACCOUNT, $usersConnected) && $vDBUser->ADM_ADMIN_LEVEL == 6) : $total += 1; ?> ID}] {$vDBUser->ADM_ACCOUNT}: {$vDBUser->ADM_NAME} ({$vDBUser->A_STATUS}:{$vDBUser->ADM_ADMIN_LEVEL})"; ?>
allLdapUsers('.count($allLdapUsers).') (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($allLdapUsers);echo''; ?>	allUsers('.count($allUsers).') (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($allUsers);echo''; ?>

addLdapGroup (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($addLdapGroup);echo''; $res=DB::query("select ID,`TYPE`,`DESC` from CRM_LISTA_ZASOBOW where A_STATUS!='DELETED' and `TYPE` in ('STANOWISKO','DZIAL','PODMIOT') and PARENT_ID!='-1' "); while($h=DB::fetch($res)) { if(!isset($_SESSION['AUTH_LDAP_CLIENT__LDAP_GROUPS_ID_NAME'][$h->ID])) { echo " Brak grupy [".$h->ID."] ".$h->TYPE." ".$h->DESC." , "; if (in_array($ADM_ACCOUNT,$_SESSION['AUTH_LDAP_CLIENT__LDAP_GROUPS']['admin'])) { $BAD_SIGNS = array(" ", "/", "\\", "!","(",")"); if ($h->ID>1000) $PrimaryGroupID=$h->ID; else $PrimaryGroupID="99".$h->ID; $command1="dscl -u ".$ADM_ACCOUNT." -P ".$ADM_PASSWD." /LDAPv3/127.0.0.1 -create /Groups/".$h->ID."_".str_replace($_SESSION['CONFIG']['BAD_FILE_SIGNS_LETTERS'],$_SESSION['CONFIG']['OK_FILE_SIGNS_LETTERS'],str_replace($BAD_SIGNS,"_",substr($h->DESC,0,40)))." PrimaryGroupID ".$PrimaryGroupID.""; $command2="dscl -u ".$ADM_ACCOUNT." -P ".$ADM_PASSWD." /LDAPv3/127.0.0.1 -create /Groups/".$h->ID."_".str_replace($_SESSION['CONFIG']['BAD_FILE_SIGNS_LETTERS'],$_SESSION['CONFIG']['OK_FILE_SIGNS_LETTERS'],str_replace($BAD_SIGNS,"_",substr($h->DESC,0,40)))." RealName \"[".$h->ID."] ".$h->TYPE." ".substr($h->DESC,0,50)."\" "; $return_dscl1=system($command1); $return_dscl2=system($command2); echo "\n
".$command1." return : ".$return_dscl1.""; echo "\n
".$command2." return : ".$return_dscl2.""; flush(); $AKTUALIZOWALEM=true; } $BRAKI_W_LDAP=true; } else { unset($AUTH_LDAP_CLIENT__LDAP_GROUPS_ID_NAME[$h->ID]); } } } echo '