Skip to content

Commit 38b6ce3

Browse files
simonLeary42simonLeary42
committed
wip
1 parent 8cd8026 commit 38b6ce3

File tree

3 files changed

+26
-35
lines changed

3 files changed

+26
-35
lines changed

resources/lib/UnityLDAP.php

Lines changed: 20 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
use UnityWebPortal\lib\exceptions\EntryNotFoundException;
66
use PHPOpenLDAPer\LDAPConn;
77
use PHPOpenLDAPer\LDAPEntry;
8+
use UnityWebPortal\lib\PosixGroup;
89

910
/**
1011
* An LDAP connection class which extends LDAPConn tailored for the Unity Cluster
@@ -35,8 +36,12 @@ class UnityLDAP extends LDAPConn
3536
private LDAPEntry $groupOU;
3637
private LDAPEntry $pi_groupOU;
3738
private LDAPEntry $org_groupOU;
38-
private LDAPEntry $adminGroup;
39-
private LDAPEntry $qualifiedUserGroup;
39+
40+
public PosixGroup $adminGroup;
41+
public PosixGroup $qualifiedUserGroup;
42+
public PosixGroup $lockedUserGroup;
43+
public PosixGroup $idlelockedUserGroup;
44+
public PosixGroup $ghostUserGroup;
4045

4146
public function __construct()
4247
{
@@ -46,8 +51,19 @@ public function __construct()
4651
$this->groupOU = $this->getEntry(CONFIG["ldap"]["group_ou"]);
4752
$this->pi_groupOU = $this->getEntry(CONFIG["ldap"]["pigroup_ou"]);
4853
$this->org_groupOU = $this->getEntry(CONFIG["ldap"]["orggroup_ou"]);
49-
$this->adminGroup = $this->getEntry(CONFIG["ldap"]["admin_group"]);
50-
$this->qualifiedUserGroup = $this->getEntry(CONFIG["ldap"]["qualified_user_group"]);
54+
$this->adminGroup = new PosixGroup(new LDAPEntry($this, CONFIG["ldap"]["admin_group"]));
55+
$this->qualifiedUserGroup = new PosixGroup(
56+
new LDAPEntry($this, CONFIG["ldap"]["qualified_user_group"]),
57+
);
58+
$this->lockedUserGroup = new PosixGroup(
59+
new LDAPEntry($this, CONFIG["ldap"]["locked_user_group"]),
60+
);
61+
$this->idlelockedUserGroup = new PosixGroup(
62+
new LDAPEntry($this, CONFIG["ldap"]["idlelocked_user_group"]),
63+
);
64+
$this->ghostUserGroup = new PosixGroup(
65+
new LDAPEntry($this, CONFIG["ldap"]["ghost_user_group"]),
66+
);
5167
}
5268

5369
public function getUserOU(): LDAPEntry
@@ -70,16 +86,6 @@ public function getOrgGroupOU(): LDAPEntry
7086
return $this->org_groupOU;
7187
}
7288

73-
public function getAdminGroup(): LDAPEntry
74-
{
75-
return $this->adminGroup;
76-
}
77-
78-
public function getQualifiedUserGroup(): LDAPEntry
79-
{
80-
return $this->qualifiedUserGroup;
81-
}
82-
8389
public function getDefUserShell(): string
8490
{
8591
return $this->def_user_shell;

resources/lib/UnityUser.php

Lines changed: 4 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -99,7 +99,7 @@ public function init(
9999

100100
public function isQualified(): bool
101101
{
102-
return $this->LDAP->getQualifiedUserGroup()->attributeValueExists("memberUid", $this->uid);
102+
return $this->LDAP->qualifiedUserGroup->memberUIDExists($this->uid);
103103
}
104104

105105
public function setIsQualified(bool $newIsQualified, bool $doSendMail = true): void
@@ -109,19 +109,15 @@ public function setIsQualified(bool $newIsQualified, bool $doSendMail = true): v
109109
return;
110110
}
111111
if ($newIsQualified) {
112-
$this->LDAP->getQualifiedUserGroup()->appendAttribute("memberuid", $this->uid);
113-
$this->LDAP->getQualifiedUserGroup()->write();
112+
$this->LDAP->qualifiedUserGroup->addMemberUID($this->uid);
114113
if ($doSendMail) {
115114
$this->MAILER->sendMail($this->getMail(), "user_qualified", [
116115
"user" => $this->uid,
117116
"org" => $this->getOrg(),
118117
]);
119118
}
120119
} else {
121-
$this->LDAP
122-
->getQualifiedUserGroup()
123-
->removeAttributeEntryByValue("memberuid", $this->uid);
124-
$this->LDAP->getQualifiedUserGroup()->write();
120+
$this->LDAP->qualifiedUserGroup->removeMemberUID($this->uid);
125121
if ($doSendMail) {
126122
$this->MAILER->sendMail($this->getMail(), "user_dequalified", [
127123
"user" => $this->uid,
@@ -324,8 +320,7 @@ public function getHomeDir(): string
324320
*/
325321
public function isAdmin(): bool
326322
{
327-
$admins = $this->LDAP->getAdminGroup()->getAttribute("memberuid");
328-
return in_array($this->uid, $admins);
323+
return $this->LDAP->adminGroup->memberUIDExists($this->uid);
329324
}
330325

331326
/**

test/phpunit-bootstrap.php

Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -186,18 +186,8 @@ function ensureUserDoesNotExist()
186186
$USER->getGroupEntry()->delete();
187187
ensure(!$USER->getGroupEntry()->exists());
188188
}
189-
$qualified_users_group = $LDAP->getQualifiedUserGroup();
190-
$all_member_uids = $qualified_users_group->getAttribute("memberuid");
191-
if (in_array($USER->uid, $all_member_uids)) {
192-
$qualified_users_group->setAttribute(
193-
"memberuid",
194-
// array_diff will break the contiguity of the array indexes
195-
// ldap_mod_replace requires contiguity, array_values restores contiguity
196-
array_values(array_diff($all_member_uids, [$USER->uid])),
197-
);
198-
$qualified_users_group->write();
199-
ensure(!in_array($USER->uid, $qualified_users_group->getAttribute("memberuid")));
200-
}
189+
$USER->setIsQualified(false);
190+
ensure(!$LDAP->qualifiedUserGroup->memberUIDExists($USER->uid));
201191
}
202192

203193
function ensureOrgGroupDoesNotExist()

0 commit comments

Comments
 (0)