From 5823772d4b76fb3ecc4390e79a48342efec16276 Mon Sep 17 00:00:00 2001 From: spelth <lukas.leidinger@gmail.com> Date: Sat, 2 May 2015 11:29:52 +0200 Subject: [PATCH] Basic Import --- admin/configuration.php | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ admin/configuration.tpl | 114 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ admin/index.php | 30 ++++++++++++++++++++++++++++++ admin/ldap_login_plugin_admin.php | 22 ++++++++++++++++++++++ admin/ldap_login_plugin_admin.tpl | 24 ++++++++++++++++++++++++ admin/newusers.php | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ admin/newusers.tpl | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 371 insertions(+), 0 deletions(-) create mode 100644 admin/configuration.php create mode 100644 admin/configuration.tpl create mode 100644 admin/index.php create mode 100644 admin/ldap_login_plugin_admin.php create mode 100644 admin/ldap_login_plugin_admin.tpl create mode 100644 admin/newusers.php create mode 100644 admin/newusers.tpl diff --git a/admin/configuration.php b/admin/configuration.php new file mode 100644 index 0000000..53fe66a --- /dev/null +++ b/admin/configuration.php @@ -0,0 +1,75 @@ +<?php +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); + +global $template; +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/configuration.tpl') ); +$template->assign( + array( + 'PLUGIN_ACTION' => get_root_url().'admin.php?page=plugin-Ldap_Login-configuration', + 'PLUGIN_CHECK' => get_root_url().'admin.php?page=plugin-Ldap_Login-configuration', + )); + +$me = new Ldap(); +$me->load_config(); +//$me = get_plugin_data($plugin_id); + +$template->assign('HOST', $me->config['host']); +$template->assign('BASEDN', $me->config['basedn']); // racine ! +$template->assign('PORT', $me->config['port']); +$template->assign('LD_ATTR', $me->config['ld_attr']); +$template->assign('LD_GROUP', $me->config['ld_group']); +$template->assign('LD_USE_SSL', $me->config['ld_use_ssl']); +$template->assign('LD_BINDPW', $me->config['ld_bindpw']); +$template->assign('LD_BINDDN', $me->config['ld_binddn']); + +if (isset($_POST['save'])){ + $me->config['host'] = $_POST['HOST']; + $me->config['basedn'] = $_POST['BASEDN']; + $me->config['port'] = $_POST['PORT']; + $me->config['ld_attr'] = $_POST['LD_ATTR']; + $me->config['ld_group'] = $_POST['LD_GROUP']; + $me->config['ld_binddn'] = $_POST['LD_BINDDN']; + $me->config['ld_bindpw'] = $_POST['LD_BINDPW']; + + if (isset($_POST['LD_USE_SSL'])){ + $me->config['ld_use_ssl'] = True; + } else { + $me->config['ld_use_ssl'] = False; + } +} + +// Save LDAP configuration +if (isset($_POST['save'])){ + $me->save_config(); +} + +// Checki LDAP configuration +$me->ldap_conn(); +if (isset($_POST['check_ldap'])){ + //$me->write_log("[function]> admin"); + //$check = $me->ldap_name($_POST['USERNAME']); + $username = $me->ldap_search_dn($_POST['USERNAME']); + //$me->write_log("[admin]> bind=".$username); + $error=$me->check_ldap(); + if($error==1 && $username) { + if ($me->ldap_bind_as($username,$_POST['PASSWORD'])){ + if($me->check_ldap_group_membership($username,$me->config['ld_group'])){ + $template->assign('LD_CHECK_LDAP','<p style="color:green;">Configuration LDAP OK : '.$username.'</p>'); + } else { + $template->assign('LD_CHECK_LDAP','<p style="color:orange;">Credentials OK, Check GroupMembership for: '.$username.'</p>'); + } + } + else { + $template->assign('LD_CHECK_LDAP','<p style="color:red;"> Binding OK, but check credentials on server '.$me->config['uri'].' for user '.$username.'</p>'); + } + } elseif($error==1 && !$username){ + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : Binding OK, but no valid DN found on server '.$me->config['uri'].' for user '.$_POST['USERNAME'].'</p>'); + } elseif($error && $username){ + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : Binding OK, but check credentials on '.$me->config['uri'].' for user '.$_POST['USERNAME'].'</p>'); + } else { + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : '.$error.' for binding on server '.$me->config['uri'].' for user '.$_POST['USERNAME'].', check your binding!</p>'); + } +} + +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content'); +?> diff --git a/admin/configuration.tpl b/admin/configuration.tpl new file mode 100644 index 0000000..072613a --- /dev/null +++ b/admin/configuration.tpl @@ -0,0 +1,114 @@ +<h2>{'Ldap_Login Plugin'|@translate}</h2> + +<div id="configContent"> + +<p>{'All LDAP users can use their ldap password everywhere on piwigo if needed.'|@translate}</p> + +<form method="post" action="{$PLUGIN_ACTION}" class="general"> + + {if (!extension_loaded('ldap'))} + <p style="color:red;">{'Warning: LDAP Extension missing.'|@translate}</p> + <br /> + {/if} + + <fieldset class="mainConf"> + <legend>{'Ldap server host connection'|@translate}</legend> + + <ul> + <li> + <label for="host">{'Ldap server host'|@translate}</label> + <br> + <input size="70" type="text" id="host" name="HOST" value="{$HOST}" /> + </li> + + <li> + <label for="ld_use_ssl"> + {if $LD_USE_SSL } + <input type="checkbox" id="ld_use_ssl" name="LD_USE_SSL" value="{$LD_USE_SSL}" checked /> + {else} + <input type="checkbox" id="ld_use_ssl" name="LD_USE_SSL" value="{$LD_USE_SSL}" /> + {/if} + {'Secure connexion'|@translate}</label> + </li> + + <li> + <label for="port">{'Ldap port'|@translate}</label> + <br> + <input type="text" id="port" name="PORT" value="{$PORT}" /> + </li> + </ul> + <i>{'If empty, localhost and standard protocol ports will be used in configuration.'|@translate}</i> + </fieldset> + + <fieldset class="mainConf"> + <legend>{'Ldap attributes'|@translate}</legend> + <ul> + <li> + <label for="basedn">{'Base DN'|@translate}</label> + <br> + <input size="70" type="text" id="basedn" name="BASEDN" value="{$BASEDN}" /> + </li> + + <li> + <label for="ld_attr">{'Attribute corresponding to the user name'|@translate}</label> + <br> + <input type="text" id="ld_attr" name="LD_ATTR" value="{$LD_ATTR}" /> + </li> + <li> + <label for="groupdn">{'DN of group for membership-check (memberOf)'|@translate}</label> + <br> + <input size="70" type="text" id="ld_group" name="LD_GROUP" value="{$LD_GROUP}" /> + </li> + </ul> + </fieldset> + + <fieldset class="mainConf"> + <legend>{'Ldap connection credentials'|@translate}</legend> + <ul> + <li> + <label for="ld_binddn">{'Bind DN, field in full ldap style'|@translate}</label> + <br> + <input size="70" type="text" id="ld_binddn" name="LD_BINDDN" value="{$LD_BINDDN}" /> + </li> + + <li> + <label for="ld_bindpw">{'Bind password'|@translate}</label> + <br> + <input type="password" id="ld_bindpw" name="LD_BINDPW" /> + </li> + </ul> + <i>{'Let the fields blank if the ldap accept anonymous connections.'|@translate}</i> +</fieldset> + +<p> +<input type="submit" value="{'Save'|@translate}" name="save" /> +</p> +</form> + +<form method="post" action="{$PLUGIN_CHECK}" class="general"> +<fieldset class="mainConf"> +<legend>{'Ldap_Login Test'|@translate}</legend> +<i>{'You must save the settings with the Save button just up there before testing here.'|@translate}</i> + <ul> + <li> + <label for="username">{'Username'|@translate}</label> + <br> + <input type="text" id="username" name="USERNAME" value="{$USERNAME}" /> + </li> + + <li> + <label for="ld_attr">{'Your password'|@translate}</label> + <br> + <input type="password" id="password" name="PASSWORD" value="{$PASSWORD}" /> + </li> + </ul> + + {if (!empty($LD_CHECK_LDAP))} + {$LD_CHECK_LDAP} + {/if} + +</fieldset> +<p><input type="submit" value="{'Test Settings'|@translate}" name="check_ldap" /></p> + +</form> +</div> diff --git a/admin/index.php b/admin/index.php new file mode 100644 index 0000000..df13f7e --- /dev/null +++ b/admin/index.php @@ -0,0 +1,30 @@ +<?php +// +-----------------------------------------------------------------------+ +// | Piwigo - a PHP based photo gallery | +// +-----------------------------------------------------------------------+ +// | Copyright(C) 2008-2013 Piwigo Team http://piwigo.org | +// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | +// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | +// +-----------------------------------------------------------------------+ +// | This program is free software; you can redistribute it and/or modify | +// | it under the terms of the GNU General Public License as published by | +// | the Free Software Foundation | +// | | +// | This program is distributed in the hope that it will be useful, but | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | +// | General Public License for more details. | +// | | +// | You should have received a copy of the GNU General Public License | +// | along with this program; if not, write to the Free Software | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | +// | USA. | +// +-----------------------------------------------------------------------+ + +// Recursive call +$url = '../'; +header( 'Request-URI: '.$url ); +header( 'Content-Location: '.$url ); +header( 'Location: '.$url ); +exit(); +?> \ No newline at end of file diff --git a/admin/ldap_login_plugin_admin.php b/admin/ldap_login_plugin_admin.php new file mode 100644 index 0000000..07c9104 --- /dev/null +++ b/admin/ldap_login_plugin_admin.php @@ -0,0 +1,22 @@ +<?php +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); + +$me = get_plugin_data($plugin_id); + +if (isset($_POST['submit'])) +{ + $me->config['host'] = $_POST['HOST']; + $me->config['basedn'] = $_POST['BASEDN']; + $me->config['pref'] = $_POST['PREF']; + $me->save_config(); +} + +global $template; +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/ldap_login_plugin_admin.tpl') ); + +$template->assign('HOST', $me->config['host']); +$template->assign('BASEDN', $me->config['basedn']); +$template->assign('PREF', $me->config['pref']); + +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content'); +?> \ No newline at end of file diff --git a/admin/ldap_login_plugin_admin.tpl b/admin/ldap_login_plugin_admin.tpl new file mode 100644 index 0000000..4ece27e --- /dev/null +++ b/admin/ldap_login_plugin_admin.tpl @@ -0,0 +1,24 @@ +<div class="titrePage"> + <h2>Ldap_Login PlugIn</h2> +</div> + +<p>Configuration du plugin Ldap_Login</p> + +<form method="post" action="{$TESTPLUGIN_F_ACTION}" class="general"> +<fieldset> + <legend>Ldap_Login PlugIn</legend> + <label>Hote du serveur Ldap + <input type="text" name="HOST" value="{$HOST}" /> + </label> + <br /> + <label>Arbre ldap à explorer : basedn = ",ou=utilisateurs,dc=22decembre,dc=eu". L'arbre doit commencer par une virgule ! + <input type="text" name="BASEDN" value="{$BASEDN}" /> + </label> + <br /> + <label>prefixe à utiliser. Les plus communs sont "uid=". + <input type="text" name="PREF" value="{$PREF}" /> + </label> +</fieldset> + +<p><input type="submit" value="Enregistrer" name="submit" /></p> +</form> \ No newline at end of file diff --git a/admin/newusers.php b/admin/newusers.php new file mode 100644 index 0000000..e54aceb --- /dev/null +++ b/admin/newusers.php @@ -0,0 +1,52 @@ +<?php +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); + +global $template; +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/newusers.tpl') ); +$template->assign( + array( + 'PLUGIN_NEWUSERS' => get_root_url().'admin.php?page=plugin-Ldap_Login-newusers', + )); + +$me = new Ldap(); +$me->load_config(); +//$me = get_plugin_data($plugin_id); + +$template->assign('ALLOW_NEWUSERS', $me->config['allow_newusers']); +$template->assign('ADVERTISE_ADMINS', $me->config['advertise_admin_new_ldapuser']); +$template->assign('SEND_CASUAL_MAIL', $me->config['send_password_by_mail_ldap']); + +if (isset($_POST['save'])){ + + if (isset($_POST['ALLOW_NEWUSERS'])){ + $me->config['allow_newusers'] = True; + } else { + $me->config['allow_newusers'] = False; + } + + if (isset($_POST['ADVERTISE_ADMINS'])){ + $me->config['advertise_admin_new_ldapuser'] = True; + } else { + $me->config['advertise_admin_new_ldapuser'] = False; + } + + if (isset($_POST['SEND_CASUAL_MAIL'])){ + $me->config['send_password_by_mail_ldap'] = True; + } else { + $me->config['send_password_by_mail_ldap'] = False; + } +} + +// Save LDAP configuration +if (isset($_POST['save'])){ + $me->save_config(); +} + +// do we allow to create new piwigo users in case of auth along the ldap ? +// does he have to belong an ldap group ? +// does ldap groups give some power ? +// what do we do when there's no mail in the ldap ? +// do we send mail to admins ? + +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content'); +?> \ No newline at end of file diff --git a/admin/newusers.tpl b/admin/newusers.tpl new file mode 100644 index 0000000..ec9d9a6 --- /dev/null +++ b/admin/newusers.tpl @@ -0,0 +1,54 @@ +{literal} +<style> +label +{ + display: block; + width: 250px; + float: left; +} +</style> +{/literal} + +<div class="titrePage"> + <h2>{'Ldap_Login Plugin'|@translate}</h2> +</div> + +<i>{"If the LDAP doesn't furnish the mail address, users can set it up in the profile page."|@translate}</i> +<form method="post" action="{$PLUGIN_NEWUSERS}" class="general"> + +<fieldset> + <legend>{'Ldap_Login configuration'|@translate}</legend> + + <p> + {if $ALLOW_NEWUSERS} + <input type="checkbox" id="allow_newusers" name="ALLOW_NEWUSERS" value="{$ALLOW_NEWUSERS}" checked /> + {else} + <input type="checkbox" id="allow_newusers" name="ALLOW_NEWUSERS" value="{$ALLOW_NEWUSERS}" /> + {/if} + {'Do you allow new piwigo users to be created when users authenticate succesfully on the ldap ?'|@translate} + </p> + + <p> + {if $ADVERTISE_ADMINS} + <input type="checkbox" id="advertise_admin_new_ldapuser" name="ADVERTISE_ADMINS" value="{$ADVERTISE_ADMINS}" checked /> + {else} + <input type="checkbox" id="advertise_admin_new_ldapuser" name="ADVERTISE_ADMINS" value="{$ADVERTISE_ADMINS}" /> + {/if} + {'Do you want admins to be advertised by mail in case of new users creation upon ldap login ?'|@translate} + </p> + + <p> + {if $SEND_CASUAL_MAIL} + <input type="checkbox" id="send_password_by_mail_ldap" name="SEND_CASUAL_MAIL" value="{$SEND_CASUAL_MAIL}" checked /> + {else} + <input type="checkbox" id="send_password_by_mail_ldap" name="SEND_CASUAL_MAIL" value="{$SEND_CASUAL_MAIL}" /> + {/if} + {'Do you want to send mail to the new users, like casual piwigo users receive ?'|@translate} + </p> + +</fieldset> + +<p> +<input type="submit" value="{'Save'|@translate}" name="save" /> +</p> +</form> \ No newline at end of file -- libgit2 0.22.2