Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added function for ldap-identities plugin to filter by mail prefixes (allow compatibility for e.g. Exchange and others) #1454

Merged
merged 6 commits into from
Feb 27, 2024
Merged

Added function for ldap-identities plugin to filter by mail prefixes (allow compatibility for e.g. Exchange and others) #1454

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
12cbb9f
Added config fields for mail prefix
S-A-L13 Feb 26, 2024
ebf7540
Added function CleanupMailAddresses
S-A-L13 Feb 27, 2024
f455437
Minor changes to match coding style of original coder
S-A-L13 Feb 27, 2024
0763f3d
Removed wrong escapes
S-A-L13 Feb 27, 2024
20f6dea
minor changes
S-A-L13 Feb 27, 2024
31d9e9f
Changed version to 2.3
S-A-L13 Feb 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions plugins/ldap-identities/LdapConfig.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ class LdapConfig
public const CONFIG_SERVER = "server";
public const CONFIG_PROTOCOL_VERSION = "server_version";
public const CONFIG_STARTTLS = "starttls";
public const CONFIG_MAIL_PREFIX = "mail_prefix";

public const CONFIG_BIND_USER = "bind_user";
public const CONFIG_BIND_PASSWORD = "bind_password";
Expand All @@ -30,6 +31,7 @@ class LdapConfig
public $server;
public $protocol;
public $starttls;
public $mail_prefix;
public $bind_user;
public $bind_password;
public $user_base;
Expand All @@ -51,6 +53,7 @@ public static function MakeConfig(Plugin $config): LdapConfig
$ldap->server = trim($config->Get("plugin", self::CONFIG_SERVER));
$ldap->protocol = (int)trim($config->Get("plugin", self::CONFIG_PROTOCOL_VERSION, 3));
$ldap->starttls = (bool)trim($config->Get("plugin", self::CONFIG_STARTTLS));
$ldap->mail_prefix = trim($config->Get("plugin", self::CONFIG_MAIL_PREFIX));
$ldap->bind_user = trim($config->Get("plugin", self::CONFIG_BIND_USER));
$ldap->bind_password = trim($config->Get("plugin", self::CONFIG_BIND_PASSWORD));
$ldap->user_base = trim($config->Get("plugin", self::CONFIG_USER_BASE));
Expand Down
53 changes: 50 additions & 3 deletions plugins/ldap-identities/LdapIdentities.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,8 @@ public function GetIdentities(Account $account): array
$this->config->user_base,
$this->config->user_objectclass,
$this->config->user_field_name,
$this->config->user_field_mail
$this->config->user_field_mail,
$this->config->mail_prefix
);
} catch (LdapException $e) {
return []; // exceptions are only thrown from the handleerror function that does logging already
Expand Down Expand Up @@ -104,7 +105,8 @@ public function GetIdentities(Account $account): array
$this->config->group_base,
$this->config->group_objectclass,
$this->config->group_field_name,
$this->config->group_field_mail
$this->config->group_field_mail,
$this->config->mail_prefix
);
} catch (LdapException $e) {
return []; // exceptions are only thrown from the handleerror function that does logging already
Expand Down Expand Up @@ -241,7 +243,7 @@ private function HandleLdapError(string $op = ""): void
* @return LdapResult[]
* @throws LdapException
*/
private function FindLdapResults(string $searchField, string $searchValue, string $searchBase, string $objectClass, string $nameField, string $mailField): array
private function FindLdapResults(string $searchField, string $searchValue, string $searchBase, string $objectClass, string $nameField, string $mailField, string $mailPrefix): array
{
$this->EnsureBound();

Expand All @@ -261,6 +263,8 @@ private function FindLdapResults(string $searchField, string $searchValue, strin
return [];
}

$entries = $this->CleanupMailAddresses($entries, $mailField, $mailPrefix);

$results = [];
for ($i = 0; $i < $entries["count"]; $i++) {
$entry = $entries[$i];
Expand All @@ -276,6 +280,49 @@ private function FindLdapResults(string $searchField, string $searchValue, strin
return $results;
}

// Function CleanupMailAddresses(): If a prefix is given this function removes addresses without / with the wrong prefix and then the prefix itself from all remaining values.
// This is usefull for example for importing Active Directory LDAP entry "proxyAddresses" which can hold different address types with prefixes like "X400:", "smtp:" "sip:" and others.

/**
@param array $entries
@param string $mailField
@paraam string $mailPrefix
@return array
*/
private function CleanupMailAddresses(array $entries, string $mailField, string $mailPrefix)
{
if (!empty($mailPrefix)) {
for ($i = 0; $i < $entries["count"]; $i++) {
// Remove addresses without the given prefix
$entries[$i]["$mailField"] = array_filter($entries[$i]["$mailField"],
function($prefixMail)
{
// $mailPrefix can't be used here, because it's nailed to the CleanupMailAddresses function and can't be passed to the array_filter function afaik.
// Ideas to avoid this are welcome.
if (stripos($prefixMail, $this->config->mail_prefix) === 0) {
return TRUE;
}
return FALSE;
}
);
// Set "count" to new value
$newcount = count($entries[$i]["$mailField"]);
if (array_key_exists("count", $entries[$i]["$mailField"])) {
$newcount = $newcount - 1;
}
$entries[$i]["$mailField"]["count"] = $newcount;

// Remove the prefix
for ($j = 0; $j < $entries[$i]["$mailField"]["count"]; $j++) {
$mailPrefixLen = mb_strlen($mailPrefix);
$entries[$i]["$mailField"][$j] = substr($entries[$i]["$mailField"][$j], $mailPrefixLen);
}
}
}

return $entries;
}

/**
* @param array $entry
* @param string $attribute
Expand Down
12 changes: 9 additions & 3 deletions plugins/ldap-identities/index.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ class LdapIdentitiesPlugin extends AbstractPlugin
{
const
NAME = 'LDAP Identities',
VERSION = '2.2',
VERSION = '2.3',
AUTHOR = 'FWest98',
URL = 'https://github.com/FWest98',
RELEASE = '2024-02-22',
RELEASE = '2024-02-27',
REQUIRED = '2.20.0',
CATEGORY = 'Accounts',
DESCRIPTION = 'Adds functionality to import account identities from LDAP.';
Expand Down Expand Up @@ -57,13 +57,19 @@ protected function configMapping(): array
->SetLabel("LDAP Protocol Version")
->SetType(PluginPropertyType::SELECTION)
->SetDefaultValue([2, 3]),

Property::NewInstance(LdapConfig::CONFIG_STARTTLS)
->SetLabel("Use StartTLS")
->SetType(PluginPropertyType::BOOL)
->SetDescription("Whether or not to use TLS encrypted connection")
->SetDefaultValue(true),

Property::NewInstance(LdapConfig::CONFIG_MAIL_PREFIX)
->SetLabel("Email prefix")
->SetType(PluginPropertyType::STRING)
->SetDescription("Only addresses with this prefix will be used as identity. The prefix is removed from the identity list.\nThis is useful for example to import identities from Exchange, which stores mail addresses in the ProxyAddresses attribut of Active Directory with \"smtp:\" as prefix. (e.g. \"smtp:[email protected]\")\n-> To use addresses set by Exchange use \"smtp:\" as prefix.")
->SetDefaultValue(""),

Property::NewInstance(LdapConfig::CONFIG_BIND_USER)
->SetLabel("Bind User DN")
->SetDescription("The user to use for binding to the LDAP server. Should be a DN or RDN. Leave empty for anonymous bind")
Expand Down
Loading