piwigo / Ldap_Login

Commit 5823772d4b76fb3ecc4390e79a48342efec16276

Authored by spelth
1 parent 7ec31c09

Basic Import

Inline Side-by-side
Showing 7 changed files with 371 additions and 0 deletions
admin/configuration.php 0 → 100644
  View file @5823772
  1 +<?php
  2 +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
  3 +
  4 +global $template;
  5 +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/configuration.tpl') );
  6 +$template->assign(
  7 + array(
  8 + 'PLUGIN_ACTION' => get_root_url().'admin.php?page=plugin-Ldap_Login-configuration',
  9 + 'PLUGIN_CHECK' => get_root_url().'admin.php?page=plugin-Ldap_Login-configuration',
  10 + ));
  11 +
  12 +$me = new Ldap();
  13 +$me->load_config();
  14 +//$me = get_plugin_data($plugin_id);
  15 +
  16 +$template->assign('HOST', $me->config['host']);
  17 +$template->assign('BASEDN', $me->config['basedn']); // racine !
  18 +$template->assign('PORT', $me->config['port']);
  19 +$template->assign('LD_ATTR', $me->config['ld_attr']);
  20 +$template->assign('LD_GROUP', $me->config['ld_group']);
  21 +$template->assign('LD_USE_SSL', $me->config['ld_use_ssl']);
  22 +$template->assign('LD_BINDPW', $me->config['ld_bindpw']);
  23 +$template->assign('LD_BINDDN', $me->config['ld_binddn']);
  24 +
  25 +if (isset($_POST['save'])){
  26 + $me->config['host'] = $_POST['HOST'];
  27 + $me->config['basedn'] = $_POST['BASEDN'];
  28 + $me->config['port'] = $_POST['PORT'];
  29 + $me->config['ld_attr'] = $_POST['LD_ATTR'];
  30 + $me->config['ld_group'] = $_POST['LD_GROUP'];
  31 + $me->config['ld_binddn'] = $_POST['LD_BINDDN'];
  32 + $me->config['ld_bindpw'] = $_POST['LD_BINDPW'];
  33 +
  34 + if (isset($_POST['LD_USE_SSL'])){
  35 + $me->config['ld_use_ssl'] = True;
  36 + } else {
  37 + $me->config['ld_use_ssl'] = False;
  38 + }
  39 +}
  40 +
  41 +// Save LDAP configuration
  42 +if (isset($_POST['save'])){
  43 + $me->save_config();
  44 +}
  45 +
  46 +// Checki LDAP configuration
  47 +$me->ldap_conn();
  48 +if (isset($_POST['check_ldap'])){
  49 + //$me->write_log("[function]> admin");
  50 + //$check = $me->ldap_name($_POST['USERNAME']);
  51 + $username = $me->ldap_search_dn($_POST['USERNAME']);
  52 + //$me->write_log("[admin]> bind=".$username);
  53 + $error=$me->check_ldap();
  54 + if($error==1 && $username) {
  55 + if ($me->ldap_bind_as($username,$_POST['PASSWORD'])){
  56 + if($me->check_ldap_group_membership($username,$me->config['ld_group'])){
  57 + $template->assign('LD_CHECK_LDAP','<p style="color:green;">Configuration LDAP OK : '.$username.'</p>');
  58 + } else {
  59 + $template->assign('LD_CHECK_LDAP','<p style="color:orange;">Credentials OK, Check GroupMembership for: '.$username.'</p>');
  60 + }
  61 + }
  62 + else {
  63 + $template->assign('LD_CHECK_LDAP','<p style="color:red;"> Binding OK, but check credentials on server '.$me->config['uri'].' for user '.$username.'</p>');
  64 + }
  65 + } elseif($error==1 && !$username){
  66 + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : Binding OK, but no valid DN found on server '.$me->config['uri'].' for user '.$_POST['USERNAME'].'</p>');
  67 + } elseif($error && $username){
  68 + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : Binding OK, but check credentials on '.$me->config['uri'].' for user '.$_POST['USERNAME'].'</p>');
  69 + } else {
  70 + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : '.$error.' for binding on server '.$me->config['uri'].' for user '.$_POST['USERNAME'].', check your binding!</p>');
  71 + }
  72 +}
  73 +
  74 +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content');
  75 +?>
admin/configuration.tpl 0 → 100644
  View file @5823772
  1 +<h2>{'Ldap_Login Plugin'|@translate}</h2>
  2 +
  3 +<div id="configContent">
  4 +
  5 +<p>{'All LDAP users can use their ldap password everywhere on piwigo if needed.'|@translate}</p>
  6 +
  7 +<form method="post" action="{$PLUGIN_ACTION}" class="general">
  8 +
  9 + {if (!extension_loaded('ldap'))}
  10 + <p style="color:red;">{'Warning: LDAP Extension missing.'|@translate}</p>
  11 + <br />
  12 + {/if}
  13 +
  14 + <fieldset class="mainConf">
  15 + <legend>{'Ldap server host connection'|@translate}</legend>
  16 +
  17 + <ul>
  18 + <li>
  19 + <label for="host">{'Ldap server host'|@translate}</label>
  20 + <br>
  21 + <input size="70" type="text" id="host" name="HOST" value="{$HOST}" />
  22 + </li>
  23 +
  24 + <li>
  25 + <label for="ld_use_ssl">
  26 + {if $LD_USE_SSL }
  27 + <input type="checkbox" id="ld_use_ssl" name="LD_USE_SSL" value="{$LD_USE_SSL}" checked />
  28 + {else}
  29 + <input type="checkbox" id="ld_use_ssl" name="LD_USE_SSL" value="{$LD_USE_SSL}" />
  30 + {/if}
  31 + {'Secure connexion'|@translate}</label>
  32 + </li>
  33 +
  34 + <li>
  35 + <label for="port">{'Ldap port'|@translate}</label>
  36 + <br>
  37 + <input type="text" id="port" name="PORT" value="{$PORT}" />
  38 + </li>
  39 + </ul>
  40 + <i>{'If empty, localhost and standard protocol ports will be used in configuration.'|@translate}</i>
  41 + </fieldset>
  42 +
  43 + <fieldset class="mainConf">
  44 + <legend>{'Ldap attributes'|@translate}</legend>
  45 + <ul>
  46 + <li>
  47 + <label for="basedn">{'Base DN'|@translate}</label>
  48 + <br>
  49 + <input size="70" type="text" id="basedn" name="BASEDN" value="{$BASEDN}" />
  50 + </li>
  51 +
  52 + <li>
  53 + <label for="ld_attr">{'Attribute corresponding to the user name'|@translate}</label>
  54 + <br>
  55 + <input type="text" id="ld_attr" name="LD_ATTR" value="{$LD_ATTR}" />
  56 + </li>
  57 + <li>
  58 + <label for="groupdn">{'DN of group for membership-check (memberOf)'|@translate}</label>
  59 + <br>
  60 + <input size="70" type="text" id="ld_group" name="LD_GROUP" value="{$LD_GROUP}" />
  61 + </li>
  62 + </ul>
  63 + </fieldset>
  64 +
  65 + <fieldset class="mainConf">
  66 + <legend>{'Ldap connection credentials'|@translate}</legend>
  67 + <ul>
  68 + <li>
  69 + <label for="ld_binddn">{'Bind DN, field in full ldap style'|@translate}</label>
  70 + <br>
  71 + <input size="70" type="text" id="ld_binddn" name="LD_BINDDN" value="{$LD_BINDDN}" />
  72 + </li>
  73 +
  74 + <li>
  75 + <label for="ld_bindpw">{'Bind password'|@translate}</label>
  76 + <br>
  77 + <input type="password" id="ld_bindpw" name="LD_BINDPW" />
  78 + </li>
  79 + </ul>
  80 + <i>{'Let the fields blank if the ldap accept anonymous connections.'|@translate}</i>
  81 +</fieldset>
  82 +
  83 +<p>
  84 +<input type="submit" value="{'Save'|@translate}" name="save" />
  85 +</p>
  86 +</form>
  87 +
  88 +<form method="post" action="{$PLUGIN_CHECK}" class="general">
  89 +<fieldset class="mainConf">
  90 +<legend>{'Ldap_Login Test'|@translate}</legend>
  91 +<i>{'You must save the settings with the Save button just up there before testing here.'|@translate}</i>
  92 + <ul>
  93 + <li>
  94 + <label for="username">{'Username'|@translate}</label>
  95 + <br>
  96 + <input type="text" id="username" name="USERNAME" value="{$USERNAME}" />
  97 + </li>
  98 +
  99 + <li>
  100 + <label for="ld_attr">{'Your password'|@translate}</label>
  101 + <br>
  102 + <input type="password" id="password" name="PASSWORD" value="{$PASSWORD}" />
  103 + </li>
  104 + </ul>
  105 +
  106 + {if (!empty($LD_CHECK_LDAP))}
  107 + {$LD_CHECK_LDAP}
  108 + {/if}
  109 +
  110 +</fieldset>
  111 +<p><input type="submit" value="{'Test Settings'|@translate}" name="check_ldap" /></p>
  112 +
  113 +</form>
  114 +</div>
admin/index.php 0 → 100644
  View file @5823772
  1 +<?php
  2 +// +-----------------------------------------------------------------------+
  3 +// | Piwigo - a PHP based photo gallery |
  4 +// +-----------------------------------------------------------------------+
  5 +// | Copyright(C) 2008-2013 Piwigo Team http://piwigo.org |
  6 +// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
  7 +// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
  8 +// +-----------------------------------------------------------------------+
  9 +// | This program is free software; you can redistribute it and/or modify |
  10 +// | it under the terms of the GNU General Public License as published by |
  11 +// | the Free Software Foundation |
  12 +// | |
  13 +// | This program is distributed in the hope that it will be useful, but |
  14 +// | WITHOUT ANY WARRANTY; without even the implied warranty of |
  15 +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
  16 +// | General Public License for more details. |
  17 +// | |
  18 +// | You should have received a copy of the GNU General Public License |
  19 +// | along with this program; if not, write to the Free Software |
  20 +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
  21 +// | USA. |
  22 +// +-----------------------------------------------------------------------+
  23 +
  24 +// Recursive call
  25 +$url = '../';
  26 +header( 'Request-URI: '.$url );
  27 +header( 'Content-Location: '.$url );
  28 +header( 'Location: '.$url );
  29 +exit();
  30 +?>
0 \ No newline at end of file 31 \ No newline at end of file
admin/ldap_login_plugin_admin.php 0 → 100644
  View file @5823772
  1 +<?php
  2 +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
  3 +
  4 +$me = get_plugin_data($plugin_id);
  5 +
  6 +if (isset($_POST['submit']))
  7 +{
  8 + $me->config['host'] = $_POST['HOST'];
  9 + $me->config['basedn'] = $_POST['BASEDN'];
  10 + $me->config['pref'] = $_POST['PREF'];
  11 + $me->save_config();
  12 +}
  13 +
  14 +global $template;
  15 +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/ldap_login_plugin_admin.tpl') );
  16 +
  17 +$template->assign('HOST', $me->config['host']);
  18 +$template->assign('BASEDN', $me->config['basedn']);
  19 +$template->assign('PREF', $me->config['pref']);
  20 +
  21 +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content');
  22 +?>
0 \ No newline at end of file 23 \ No newline at end of file
admin/ldap_login_plugin_admin.tpl 0 → 100644
  View file @5823772
  1 +<div class="titrePage">
  2 + <h2>Ldap_Login PlugIn</h2>
  3 +</div>
  4 +
  5 +<p>Configuration du plugin Ldap_Login</p>
  6 +
  7 +<form method="post" action="{$TESTPLUGIN_F_ACTION}" class="general">
  8 +<fieldset>
  9 + <legend>Ldap_Login PlugIn</legend>
  10 + <label>Hote du serveur Ldap
  11 + <input type="text" name="HOST" value="{$HOST}" />
  12 + </label>
  13 + <br />
  14 + <label>Arbre ldap à explorer : basedn = ",ou=utilisateurs,dc=22decembre,dc=eu". L'arbre doit commencer par une virgule !
  15 + <input type="text" name="BASEDN" value="{$BASEDN}" />
  16 + </label>
  17 + <br />
  18 + <label>prefixe à utiliser. Les plus communs sont "uid=".
  19 + <input type="text" name="PREF" value="{$PREF}" />
  20 + </label>
  21 +</fieldset>
  22 +
  23 +<p><input type="submit" value="Enregistrer" name="submit" /></p>
  24 +</form>
0 \ No newline at end of file 25 \ No newline at end of file
admin/newusers.php 0 → 100644
  View file @5823772
  1 +<?php
  2 +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
  3 +
  4 +global $template;
  5 +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/newusers.tpl') );
  6 +$template->assign(
  7 + array(
  8 + 'PLUGIN_NEWUSERS' => get_root_url().'admin.php?page=plugin-Ldap_Login-newusers',
  9 + ));
  10 +
  11 +$me = new Ldap();
  12 +$me->load_config();
  13 +//$me = get_plugin_data($plugin_id);
  14 +
  15 +$template->assign('ALLOW_NEWUSERS', $me->config['allow_newusers']);
  16 +$template->assign('ADVERTISE_ADMINS', $me->config['advertise_admin_new_ldapuser']);
  17 +$template->assign('SEND_CASUAL_MAIL', $me->config['send_password_by_mail_ldap']);
  18 +
  19 +if (isset($_POST['save'])){
  20 +
  21 + if (isset($_POST['ALLOW_NEWUSERS'])){
  22 + $me->config['allow_newusers'] = True;
  23 + } else {
  24 + $me->config['allow_newusers'] = False;
  25 + }
  26 +
  27 + if (isset($_POST['ADVERTISE_ADMINS'])){
  28 + $me->config['advertise_admin_new_ldapuser'] = True;
  29 + } else {
  30 + $me->config['advertise_admin_new_ldapuser'] = False;
  31 + }
  32 +
  33 + if (isset($_POST['SEND_CASUAL_MAIL'])){
  34 + $me->config['send_password_by_mail_ldap'] = True;
  35 + } else {
  36 + $me->config['send_password_by_mail_ldap'] = False;
  37 + }
  38 +}
  39 +
  40 +// Save LDAP configuration
  41 +if (isset($_POST['save'])){
  42 + $me->save_config();
  43 +}
  44 +
  45 +// do we allow to create new piwigo users in case of auth along the ldap ?
  46 +// does he have to belong an ldap group ?
  47 +// does ldap groups give some power ?
  48 +// what do we do when there's no mail in the ldap ?
  49 +// do we send mail to admins ?
  50 +
  51 +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content');
  52 +?>
0 \ No newline at end of file 53 \ No newline at end of file
admin/newusers.tpl 0 → 100644
  View file @5823772
  1 +{literal}
  2 +<style>
  3 +label
  4 +{
  5 + display: block;
  6 + width: 250px;
  7 + float: left;
  8 +}
  9 +</style>
  10 +{/literal}
  11 +
  12 +<div class="titrePage">
  13 + <h2>{'Ldap_Login Plugin'|@translate}</h2>
  14 +</div>
  15 +
  16 +<i>{"If the LDAP doesn't furnish the mail address, users can set it up in the profile page."|@translate}</i>
  17 +<form method="post" action="{$PLUGIN_NEWUSERS}" class="general">
  18 +
  19 +<fieldset>
  20 + <legend>{'Ldap_Login configuration'|@translate}</legend>
  21 +
  22 + <p>
  23 + {if $ALLOW_NEWUSERS}
  24 + <input type="checkbox" id="allow_newusers" name="ALLOW_NEWUSERS" value="{$ALLOW_NEWUSERS}" checked />
  25 + {else}
  26 + <input type="checkbox" id="allow_newusers" name="ALLOW_NEWUSERS" value="{$ALLOW_NEWUSERS}" />
  27 + {/if}
  28 + {'Do you allow new piwigo users to be created when users authenticate succesfully on the ldap ?'|@translate}
  29 + </p>
  30 +
  31 + <p>
  32 + {if $ADVERTISE_ADMINS}
  33 + <input type="checkbox" id="advertise_admin_new_ldapuser" name="ADVERTISE_ADMINS" value="{$ADVERTISE_ADMINS}" checked />
  34 + {else}
  35 + <input type="checkbox" id="advertise_admin_new_ldapuser" name="ADVERTISE_ADMINS" value="{$ADVERTISE_ADMINS}" />
  36 + {/if}
  37 + {'Do you want admins to be advertised by mail in case of new users creation upon ldap login ?'|@translate}
  38 + </p>
  39 +
  40 + <p>
  41 + {if $SEND_CASUAL_MAIL}
  42 + <input type="checkbox" id="send_password_by_mail_ldap" name="SEND_CASUAL_MAIL" value="{$SEND_CASUAL_MAIL}" checked />
  43 + {else}
  44 + <input type="checkbox" id="send_password_by_mail_ldap" name="SEND_CASUAL_MAIL" value="{$SEND_CASUAL_MAIL}" />
  45 + {/if}
  46 + {'Do you want to send mail to the new users, like casual piwigo users receive ?'|@translate}
  47 + </p>
  48 +
  49 +</fieldset>
  50 +
  51 +<p>
  52 +<input type="submit" value="{'Save'|@translate}" name="save" />
  53 +</p>
  54 +</form>
0 \ No newline at end of file 55 \ No newline at end of file