Skip to content
This repository was archived by the owner on Sep 19, 2022. It is now read-only.

Commit ffcf7cd

Browse files
vyskocilpavelvyskocilpavel
committed
Added configuration option for ldap base.
1 parent b88373c commit ffcf7cd

File tree

2 files changed

+21
-11
lines changed

2 files changed

+21
-11
lines changed

config-templates/module_perun.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,8 @@
2525
*/
2626
'ldap.hostname' => 'ldaps://perun.inside.cz',
2727

28+
'ldap.base' => 'dc=perun,dc=inside,dc=cz',
29+
2830
/**
2931
* ldap credentials if ldap search is protected. If it is null or not set at all. No user is used for bind.
3032
*/

lib/AdapterLdap.php

Lines changed: 19 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,16 @@
88
class sspmod_perun_AdapterLdap extends sspmod_perun_Adapter
99
{
1010

11+
private $ldapBase;
1112

13+
const CONFIG_FILE_NAME = 'module_perun.php';
14+
const LDAP_BASE = 'ldap.base';
15+
16+
public function __construct ()
17+
{
18+
$conf = SimpleSAML_Configuration::getConfig(self::CONFIG_FILE_NAME);
19+
$this->ldapBase = $conf->getString(self::LDAP_BASE);
20+
}
1221
public function getPerunUser($idpEntityId, $uids)
1322
{
1423
# Build a LDAP query, we are searching for the user who has at least one of the uid
@@ -21,11 +30,10 @@ public function getPerunUser($idpEntityId, $uids)
2130
return null;
2231
}
2332

24-
$user = sspmod_perun_LdapConnector::searchForEntity("ou=People,dc=perun,dc=cesnet,dc=cz",
33+
$user = sspmod_perun_LdapConnector::searchForEntity("ou=People," . $this->ldapBase,
2534
"(|$query)",
2635
array("perunUserId", "displayName", "cn", "givenName", "sn", "preferredMail", "mail")
2736
);
28-
2937
if (is_null($user)) {
3038
return $user;
3139
}
@@ -44,7 +52,7 @@ public function getPerunUser($idpEntityId, $uids)
4452
public function getMemberGroups($user, $vo)
4553
{
4654
$userId = $user->getId();
47-
$userWithMembership = sspmod_perun_LdapConnector::searchForEntity("perunUserId=$userId,ou=People,dc=perun,dc=cesnet,dc=cz",
55+
$userWithMembership = sspmod_perun_LdapConnector::searchForEntity("perunUserId=$userId,ou=People," . $this->ldapBase,
4856
"(objectClass=perunUser)",
4957
array("perunUserId", "memberOf")
5058
);
@@ -69,15 +77,15 @@ public function getMemberGroups($user, $vo)
6977

7078
public function getSpGroups($spEntityId, $vo)
7179
{
72-
$resources = sspmod_perun_LdapConnector::searchForEntities("dc=perun,dc=cesnet,dc=cz",
80+
$resources = sspmod_perun_LdapConnector::searchForEntities($this->ldapBase,
7381
"(&(objectClass=perunResource)(entityID=$spEntityId))",
7482
array("perunResourceId", "assignedGroupId", "perunVoId")
7583
);
7684

7785
$groups = array();
7886
foreach ($resources as $resource) {
7987
foreach ($resource['assignedGroupId'] as $groupId) {
80-
$group = sspmod_perun_LdapConnector::searchForEntity("perunGroupId=$groupId,perunVoId=" . $resource['perunVoId'][0] . ",dc=perun,dc=cesnet,dc=cz",
88+
$group = sspmod_perun_LdapConnector::searchForEntity("perunGroupId=$groupId,perunVoId=" . $resource['perunVoId'][0] . "," . $this->ldapBase,
8189
"(objectClass=perunGroup)",
8290
array("perunGroupId", "cn", "perunUniqueGroupName", "perunVoId", "description")
8391
);
@@ -94,7 +102,7 @@ public function getSpGroups($spEntityId, $vo)
94102
public function getGroupByName($vo, $name)
95103
{
96104
$voId = $vo->getId();
97-
$group = sspmod_perun_LdapConnector::searchForEntity("perunVoId=$voId,dc=perun,dc=cesnet,dc=cz",
105+
$group = sspmod_perun_LdapConnector::searchForEntity("perunVoId=$voId," . $this->ldapBase,
98106
"(&(objectClass=perunGroup)(perunUniqueGroupName=$name))",
99107
array("perunGroupId", "cn", "perunUniqueGroupName", "perunVoId", "description")
100108
);
@@ -108,7 +116,7 @@ public function getGroupByName($vo, $name)
108116

109117
public function getVoByShortName($voShortName)
110118
{
111-
$vo = sspmod_perun_LdapConnector::searchForEntity("dc=perun,dc=cesnet,dc=cz",
119+
$vo = sspmod_perun_LdapConnector::searchForEntity($this->ldapBase,
112120
"(&(objectClass=perunVo)(o=$voShortName))",
113121
array("perunVoId", "o", "description")
114122
);
@@ -123,7 +131,7 @@ public function getVoByShortName($voShortName)
123131
public function getUserAttributes($user, $attrNames)
124132
{
125133
$userId = $user->getId();
126-
$attributes = sspmod_perun_LdapConnector::searchForEntity("perunUserId=$userId,ou=People,dc=perun,dc=cesnet,dc=cz",
134+
$attributes = sspmod_perun_LdapConnector::searchForEntity("perunUserId=$userId,ou=People," . $this->ldapBase,
127135
"(objectClass=perunUser)",
128136
$attrNames
129137
);
@@ -134,7 +142,7 @@ public function getUserAttributes($user, $attrNames)
134142

135143
public function isUserOnFacility($spEntityId, $userId)
136144
{
137-
$resources = sspmod_perun_LdapConnector::searchForEntities("dc=perun,dc=cesnet,dc=cz",
145+
$resources = sspmod_perun_LdapConnector::searchForEntities($this->ldapBase,
138146
"(&(objectClass=perunResource)(entityID=$spEntityId))",
139147
array("perunResourceId")
140148
);
@@ -150,8 +158,8 @@ public function isUserOnFacility($spEntityId, $userId)
150158
$resourcesString .= ")";
151159

152160
$resultGroups = array();
153-
$groups = sspmod_perun_LdapConnector::searchForEntities("dc=perun,dc=cesnet,dc=cz",
154-
"(&(uniqueMember=perunUserId=".$userId.",ou=People,dc=perun,dc=cesnet,dc=cz)".$resourcesString.")",
161+
$groups = sspmod_perun_LdapConnector::searchForEntities($this->ldapBase,
162+
"(&(uniqueMember=perunUserId=".$userId.", ou=People," . $this->ldapBase. ")".$resourcesString.")",
155163
array("perunGroupId", "cn", "perunUniqueGroupName", "perunVoId", "description")
156164
);
157165

0 commit comments

Comments
 (0)