Commit 5823772d4b76fb3ecc4390e79a48342efec16276
1 parent
7ec31c09
Basic Import
Showing
7 changed files
with
371 additions
and
0 deletions
admin/configuration.php
0 → 100644
1 | +<?php | ||
2 | +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); | ||
3 | + | ||
4 | +global $template; | ||
5 | +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/configuration.tpl') ); | ||
6 | +$template->assign( | ||
7 | + array( | ||
8 | + 'PLUGIN_ACTION' => get_root_url().'admin.php?page=plugin-Ldap_Login-configuration', | ||
9 | + 'PLUGIN_CHECK' => get_root_url().'admin.php?page=plugin-Ldap_Login-configuration', | ||
10 | + )); | ||
11 | + | ||
12 | +$me = new Ldap(); | ||
13 | +$me->load_config(); | ||
14 | +//$me = get_plugin_data($plugin_id); | ||
15 | + | ||
16 | +$template->assign('HOST', $me->config['host']); | ||
17 | +$template->assign('BASEDN', $me->config['basedn']); // racine ! | ||
18 | +$template->assign('PORT', $me->config['port']); | ||
19 | +$template->assign('LD_ATTR', $me->config['ld_attr']); | ||
20 | +$template->assign('LD_GROUP', $me->config['ld_group']); | ||
21 | +$template->assign('LD_USE_SSL', $me->config['ld_use_ssl']); | ||
22 | +$template->assign('LD_BINDPW', $me->config['ld_bindpw']); | ||
23 | +$template->assign('LD_BINDDN', $me->config['ld_binddn']); | ||
24 | + | ||
25 | +if (isset($_POST['save'])){ | ||
26 | + $me->config['host'] = $_POST['HOST']; | ||
27 | + $me->config['basedn'] = $_POST['BASEDN']; | ||
28 | + $me->config['port'] = $_POST['PORT']; | ||
29 | + $me->config['ld_attr'] = $_POST['LD_ATTR']; | ||
30 | + $me->config['ld_group'] = $_POST['LD_GROUP']; | ||
31 | + $me->config['ld_binddn'] = $_POST['LD_BINDDN']; | ||
32 | + $me->config['ld_bindpw'] = $_POST['LD_BINDPW']; | ||
33 | + | ||
34 | + if (isset($_POST['LD_USE_SSL'])){ | ||
35 | + $me->config['ld_use_ssl'] = True; | ||
36 | + } else { | ||
37 | + $me->config['ld_use_ssl'] = False; | ||
38 | + } | ||
39 | +} | ||
40 | + | ||
41 | +// Save LDAP configuration | ||
42 | +if (isset($_POST['save'])){ | ||
43 | + $me->save_config(); | ||
44 | +} | ||
45 | + | ||
46 | +// Checki LDAP configuration | ||
47 | +$me->ldap_conn(); | ||
48 | +if (isset($_POST['check_ldap'])){ | ||
49 | + //$me->write_log("[function]> admin"); | ||
50 | + //$check = $me->ldap_name($_POST['USERNAME']); | ||
51 | + $username = $me->ldap_search_dn($_POST['USERNAME']); | ||
52 | + //$me->write_log("[admin]> bind=".$username); | ||
53 | + $error=$me->check_ldap(); | ||
54 | + if($error==1 && $username) { | ||
55 | + if ($me->ldap_bind_as($username,$_POST['PASSWORD'])){ | ||
56 | + if($me->check_ldap_group_membership($username,$me->config['ld_group'])){ | ||
57 | + $template->assign('LD_CHECK_LDAP','<p style="color:green;">Configuration LDAP OK : '.$username.'</p>'); | ||
58 | + } else { | ||
59 | + $template->assign('LD_CHECK_LDAP','<p style="color:orange;">Credentials OK, Check GroupMembership for: '.$username.'</p>'); | ||
60 | + } | ||
61 | + } | ||
62 | + else { | ||
63 | + $template->assign('LD_CHECK_LDAP','<p style="color:red;"> Binding OK, but check credentials on server '.$me->config['uri'].' for user '.$username.'</p>'); | ||
64 | + } | ||
65 | + } elseif($error==1 && !$username){ | ||
66 | + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : Binding OK, but no valid DN found on server '.$me->config['uri'].' for user '.$_POST['USERNAME'].'</p>'); | ||
67 | + } elseif($error && $username){ | ||
68 | + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : Binding OK, but check credentials on '.$me->config['uri'].' for user '.$_POST['USERNAME'].'</p>'); | ||
69 | + } else { | ||
70 | + $template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : '.$error.' for binding on server '.$me->config['uri'].' for user '.$_POST['USERNAME'].', check your binding!</p>'); | ||
71 | + } | ||
72 | +} | ||
73 | + | ||
74 | +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content'); | ||
75 | +?> |
admin/configuration.tpl
0 → 100644
1 | +<h2>{'Ldap_Login Plugin'|@translate}</h2> | ||
2 | + | ||
3 | +<div id="configContent"> | ||
4 | + | ||
5 | +<p>{'All LDAP users can use their ldap password everywhere on piwigo if needed.'|@translate}</p> | ||
6 | + | ||
7 | +<form method="post" action="{$PLUGIN_ACTION}" class="general"> | ||
8 | + | ||
9 | + {if (!extension_loaded('ldap'))} | ||
10 | + <p style="color:red;">{'Warning: LDAP Extension missing.'|@translate}</p> | ||
11 | + <br /> | ||
12 | + {/if} | ||
13 | + | ||
14 | + <fieldset class="mainConf"> | ||
15 | + <legend>{'Ldap server host connection'|@translate}</legend> | ||
16 | + | ||
17 | + <ul> | ||
18 | + <li> | ||
19 | + <label for="host">{'Ldap server host'|@translate}</label> | ||
20 | + <br> | ||
21 | + <input size="70" type="text" id="host" name="HOST" value="{$HOST}" /> | ||
22 | + </li> | ||
23 | + | ||
24 | + <li> | ||
25 | + <label for="ld_use_ssl"> | ||
26 | + {if $LD_USE_SSL } | ||
27 | + <input type="checkbox" id="ld_use_ssl" name="LD_USE_SSL" value="{$LD_USE_SSL}" checked /> | ||
28 | + {else} | ||
29 | + <input type="checkbox" id="ld_use_ssl" name="LD_USE_SSL" value="{$LD_USE_SSL}" /> | ||
30 | + {/if} | ||
31 | + {'Secure connexion'|@translate}</label> | ||
32 | + </li> | ||
33 | + | ||
34 | + <li> | ||
35 | + <label for="port">{'Ldap port'|@translate}</label> | ||
36 | + <br> | ||
37 | + <input type="text" id="port" name="PORT" value="{$PORT}" /> | ||
38 | + </li> | ||
39 | + </ul> | ||
40 | + <i>{'If empty, localhost and standard protocol ports will be used in configuration.'|@translate}</i> | ||
41 | + </fieldset> | ||
42 | + | ||
43 | + <fieldset class="mainConf"> | ||
44 | + <legend>{'Ldap attributes'|@translate}</legend> | ||
45 | + <ul> | ||
46 | + <li> | ||
47 | + <label for="basedn">{'Base DN'|@translate}</label> | ||
48 | + <br> | ||
49 | + <input size="70" type="text" id="basedn" name="BASEDN" value="{$BASEDN}" /> | ||
50 | + </li> | ||
51 | + | ||
52 | + <li> | ||
53 | + <label for="ld_attr">{'Attribute corresponding to the user name'|@translate}</label> | ||
54 | + <br> | ||
55 | + <input type="text" id="ld_attr" name="LD_ATTR" value="{$LD_ATTR}" /> | ||
56 | + </li> | ||
57 | + <li> | ||
58 | + <label for="groupdn">{'DN of group for membership-check (memberOf)'|@translate}</label> | ||
59 | + <br> | ||
60 | + <input size="70" type="text" id="ld_group" name="LD_GROUP" value="{$LD_GROUP}" /> | ||
61 | + </li> | ||
62 | + </ul> | ||
63 | + </fieldset> | ||
64 | + | ||
65 | + <fieldset class="mainConf"> | ||
66 | + <legend>{'Ldap connection credentials'|@translate}</legend> | ||
67 | + <ul> | ||
68 | + <li> | ||
69 | + <label for="ld_binddn">{'Bind DN, field in full ldap style'|@translate}</label> | ||
70 | + <br> | ||
71 | + <input size="70" type="text" id="ld_binddn" name="LD_BINDDN" value="{$LD_BINDDN}" /> | ||
72 | + </li> | ||
73 | + | ||
74 | + <li> | ||
75 | + <label for="ld_bindpw">{'Bind password'|@translate}</label> | ||
76 | + <br> | ||
77 | + <input type="password" id="ld_bindpw" name="LD_BINDPW" /> | ||
78 | + </li> | ||
79 | + </ul> | ||
80 | + <i>{'Let the fields blank if the ldap accept anonymous connections.'|@translate}</i> | ||
81 | +</fieldset> | ||
82 | + | ||
83 | +<p> | ||
84 | +<input type="submit" value="{'Save'|@translate}" name="save" /> | ||
85 | +</p> | ||
86 | +</form> | ||
87 | + | ||
88 | +<form method="post" action="{$PLUGIN_CHECK}" class="general"> | ||
89 | +<fieldset class="mainConf"> | ||
90 | +<legend>{'Ldap_Login Test'|@translate}</legend> | ||
91 | +<i>{'You must save the settings with the Save button just up there before testing here.'|@translate}</i> | ||
92 | + <ul> | ||
93 | + <li> | ||
94 | + <label for="username">{'Username'|@translate}</label> | ||
95 | + <br> | ||
96 | + <input type="text" id="username" name="USERNAME" value="{$USERNAME}" /> | ||
97 | + </li> | ||
98 | + | ||
99 | + <li> | ||
100 | + <label for="ld_attr">{'Your password'|@translate}</label> | ||
101 | + <br> | ||
102 | + <input type="password" id="password" name="PASSWORD" value="{$PASSWORD}" /> | ||
103 | + </li> | ||
104 | + </ul> | ||
105 | + | ||
106 | + {if (!empty($LD_CHECK_LDAP))} | ||
107 | + {$LD_CHECK_LDAP} | ||
108 | + {/if} | ||
109 | + | ||
110 | +</fieldset> | ||
111 | +<p><input type="submit" value="{'Test Settings'|@translate}" name="check_ldap" /></p> | ||
112 | + | ||
113 | +</form> | ||
114 | +</div> |
admin/index.php
0 → 100644
1 | +<?php | ||
2 | +// +-----------------------------------------------------------------------+ | ||
3 | +// | Piwigo - a PHP based photo gallery | | ||
4 | +// +-----------------------------------------------------------------------+ | ||
5 | +// | Copyright(C) 2008-2013 Piwigo Team http://piwigo.org | | ||
6 | +// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | | ||
7 | +// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | | ||
8 | +// +-----------------------------------------------------------------------+ | ||
9 | +// | This program is free software; you can redistribute it and/or modify | | ||
10 | +// | it under the terms of the GNU General Public License as published by | | ||
11 | +// | the Free Software Foundation | | ||
12 | +// | | | ||
13 | +// | This program is distributed in the hope that it will be useful, but | | ||
14 | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | | ||
15 | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | | ||
16 | +// | General Public License for more details. | | ||
17 | +// | | | ||
18 | +// | You should have received a copy of the GNU General Public License | | ||
19 | +// | along with this program; if not, write to the Free Software | | ||
20 | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | | ||
21 | +// | USA. | | ||
22 | +// +-----------------------------------------------------------------------+ | ||
23 | + | ||
24 | +// Recursive call | ||
25 | +$url = '../'; | ||
26 | +header( 'Request-URI: '.$url ); | ||
27 | +header( 'Content-Location: '.$url ); | ||
28 | +header( 'Location: '.$url ); | ||
29 | +exit(); | ||
30 | +?> | ||
0 | \ No newline at end of file | 31 | \ No newline at end of file |
admin/ldap_login_plugin_admin.php
0 → 100644
1 | +<?php | ||
2 | +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); | ||
3 | + | ||
4 | +$me = get_plugin_data($plugin_id); | ||
5 | + | ||
6 | +if (isset($_POST['submit'])) | ||
7 | +{ | ||
8 | + $me->config['host'] = $_POST['HOST']; | ||
9 | + $me->config['basedn'] = $_POST['BASEDN']; | ||
10 | + $me->config['pref'] = $_POST['PREF']; | ||
11 | + $me->save_config(); | ||
12 | +} | ||
13 | + | ||
14 | +global $template; | ||
15 | +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/ldap_login_plugin_admin.tpl') ); | ||
16 | + | ||
17 | +$template->assign('HOST', $me->config['host']); | ||
18 | +$template->assign('BASEDN', $me->config['basedn']); | ||
19 | +$template->assign('PREF', $me->config['pref']); | ||
20 | + | ||
21 | +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content'); | ||
22 | +?> | ||
0 | \ No newline at end of file | 23 | \ No newline at end of file |
admin/ldap_login_plugin_admin.tpl
0 → 100644
1 | +<div class="titrePage"> | ||
2 | + <h2>Ldap_Login PlugIn</h2> | ||
3 | +</div> | ||
4 | + | ||
5 | +<p>Configuration du plugin Ldap_Login</p> | ||
6 | + | ||
7 | +<form method="post" action="{$TESTPLUGIN_F_ACTION}" class="general"> | ||
8 | +<fieldset> | ||
9 | + <legend>Ldap_Login PlugIn</legend> | ||
10 | + <label>Hote du serveur Ldap | ||
11 | + <input type="text" name="HOST" value="{$HOST}" /> | ||
12 | + </label> | ||
13 | + <br /> | ||
14 | + <label>Arbre ldap à explorer : basedn = ",ou=utilisateurs,dc=22decembre,dc=eu". L'arbre doit commencer par une virgule ! | ||
15 | + <input type="text" name="BASEDN" value="{$BASEDN}" /> | ||
16 | + </label> | ||
17 | + <br /> | ||
18 | + <label>prefixe à utiliser. Les plus communs sont "uid=". | ||
19 | + <input type="text" name="PREF" value="{$PREF}" /> | ||
20 | + </label> | ||
21 | +</fieldset> | ||
22 | + | ||
23 | +<p><input type="submit" value="Enregistrer" name="submit" /></p> | ||
24 | +</form> | ||
0 | \ No newline at end of file | 25 | \ No newline at end of file |
admin/newusers.php
0 → 100644
1 | +<?php | ||
2 | +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); | ||
3 | + | ||
4 | +global $template; | ||
5 | +$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/newusers.tpl') ); | ||
6 | +$template->assign( | ||
7 | + array( | ||
8 | + 'PLUGIN_NEWUSERS' => get_root_url().'admin.php?page=plugin-Ldap_Login-newusers', | ||
9 | + )); | ||
10 | + | ||
11 | +$me = new Ldap(); | ||
12 | +$me->load_config(); | ||
13 | +//$me = get_plugin_data($plugin_id); | ||
14 | + | ||
15 | +$template->assign('ALLOW_NEWUSERS', $me->config['allow_newusers']); | ||
16 | +$template->assign('ADVERTISE_ADMINS', $me->config['advertise_admin_new_ldapuser']); | ||
17 | +$template->assign('SEND_CASUAL_MAIL', $me->config['send_password_by_mail_ldap']); | ||
18 | + | ||
19 | +if (isset($_POST['save'])){ | ||
20 | + | ||
21 | + if (isset($_POST['ALLOW_NEWUSERS'])){ | ||
22 | + $me->config['allow_newusers'] = True; | ||
23 | + } else { | ||
24 | + $me->config['allow_newusers'] = False; | ||
25 | + } | ||
26 | + | ||
27 | + if (isset($_POST['ADVERTISE_ADMINS'])){ | ||
28 | + $me->config['advertise_admin_new_ldapuser'] = True; | ||
29 | + } else { | ||
30 | + $me->config['advertise_admin_new_ldapuser'] = False; | ||
31 | + } | ||
32 | + | ||
33 | + if (isset($_POST['SEND_CASUAL_MAIL'])){ | ||
34 | + $me->config['send_password_by_mail_ldap'] = True; | ||
35 | + } else { | ||
36 | + $me->config['send_password_by_mail_ldap'] = False; | ||
37 | + } | ||
38 | +} | ||
39 | + | ||
40 | +// Save LDAP configuration | ||
41 | +if (isset($_POST['save'])){ | ||
42 | + $me->save_config(); | ||
43 | +} | ||
44 | + | ||
45 | +// do we allow to create new piwigo users in case of auth along the ldap ? | ||
46 | +// does he have to belong an ldap group ? | ||
47 | +// does ldap groups give some power ? | ||
48 | +// what do we do when there's no mail in the ldap ? | ||
49 | +// do we send mail to admins ? | ||
50 | + | ||
51 | +$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content'); | ||
52 | +?> | ||
0 | \ No newline at end of file | 53 | \ No newline at end of file |
admin/newusers.tpl
0 → 100644
1 | +{literal} | ||
2 | +<style> | ||
3 | +label | ||
4 | +{ | ||
5 | + display: block; | ||
6 | + width: 250px; | ||
7 | + float: left; | ||
8 | +} | ||
9 | +</style> | ||
10 | +{/literal} | ||
11 | + | ||
12 | +<div class="titrePage"> | ||
13 | + <h2>{'Ldap_Login Plugin'|@translate}</h2> | ||
14 | +</div> | ||
15 | + | ||
16 | +<i>{"If the LDAP doesn't furnish the mail address, users can set it up in the profile page."|@translate}</i> | ||
17 | +<form method="post" action="{$PLUGIN_NEWUSERS}" class="general"> | ||
18 | + | ||
19 | +<fieldset> | ||
20 | + <legend>{'Ldap_Login configuration'|@translate}</legend> | ||
21 | + | ||
22 | + <p> | ||
23 | + {if $ALLOW_NEWUSERS} | ||
24 | + <input type="checkbox" id="allow_newusers" name="ALLOW_NEWUSERS" value="{$ALLOW_NEWUSERS}" checked /> | ||
25 | + {else} | ||
26 | + <input type="checkbox" id="allow_newusers" name="ALLOW_NEWUSERS" value="{$ALLOW_NEWUSERS}" /> | ||
27 | + {/if} | ||
28 | + {'Do you allow new piwigo users to be created when users authenticate succesfully on the ldap ?'|@translate} | ||
29 | + </p> | ||
30 | + | ||
31 | + <p> | ||
32 | + {if $ADVERTISE_ADMINS} | ||
33 | + <input type="checkbox" id="advertise_admin_new_ldapuser" name="ADVERTISE_ADMINS" value="{$ADVERTISE_ADMINS}" checked /> | ||
34 | + {else} | ||
35 | + <input type="checkbox" id="advertise_admin_new_ldapuser" name="ADVERTISE_ADMINS" value="{$ADVERTISE_ADMINS}" /> | ||
36 | + {/if} | ||
37 | + {'Do you want admins to be advertised by mail in case of new users creation upon ldap login ?'|@translate} | ||
38 | + </p> | ||
39 | + | ||
40 | + <p> | ||
41 | + {if $SEND_CASUAL_MAIL} | ||
42 | + <input type="checkbox" id="send_password_by_mail_ldap" name="SEND_CASUAL_MAIL" value="{$SEND_CASUAL_MAIL}" checked /> | ||
43 | + {else} | ||
44 | + <input type="checkbox" id="send_password_by_mail_ldap" name="SEND_CASUAL_MAIL" value="{$SEND_CASUAL_MAIL}" /> | ||
45 | + {/if} | ||
46 | + {'Do you want to send mail to the new users, like casual piwigo users receive ?'|@translate} | ||
47 | + </p> | ||
48 | + | ||
49 | +</fieldset> | ||
50 | + | ||
51 | +<p> | ||
52 | +<input type="submit" value="{'Save'|@translate}" name="save" /> | ||
53 | +</p> | ||
54 | +</form> | ||
0 | \ No newline at end of file | 55 | \ No newline at end of file |