| 1 | package LATMOS::Accounts::Bases::Ldap::Group; |
|---|
| 2 | |
|---|
| 3 | use 5.010000; |
|---|
| 4 | use strict; |
|---|
| 5 | use warnings; |
|---|
| 6 | |
|---|
| 7 | use base qw(LATMOS::Accounts::Bases::Ldap::objects); |
|---|
| 8 | use Net::LDAP; |
|---|
| 9 | use Net::LDAP::Entry; |
|---|
| 10 | use Net::LDAP::Control::Paged; |
|---|
| 11 | use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED ); |
|---|
| 12 | use Net::LDAP::Util qw( escape_filter_value ); |
|---|
| 13 | use LATMOS::Accounts::Log; |
|---|
| 14 | |
|---|
| 15 | our $VERSION = (q$Rev: 649 $ =~ /^Rev: (\d+) /)[0]; |
|---|
| 16 | |
|---|
| 17 | =head1 NAME |
|---|
| 18 | |
|---|
| 19 | LATMOS::Ldap - Perl extension for blah blah blah |
|---|
| 20 | |
|---|
| 21 | =head1 SYNOPSIS |
|---|
| 22 | |
|---|
| 23 | use LATMOS::Ldap; |
|---|
| 24 | blah blah blah |
|---|
| 25 | |
|---|
| 26 | =head1 DESCRIPTION |
|---|
| 27 | |
|---|
| 28 | Stub documentation for LATMOS::Ldap, created by h2xs. It looks like the |
|---|
| 29 | author of the extension was negligent enough to leave the stub |
|---|
| 30 | unedited. |
|---|
| 31 | |
|---|
| 32 | Blah blah blah. |
|---|
| 33 | |
|---|
| 34 | =head1 FUNCTIONS |
|---|
| 35 | |
|---|
| 36 | =cut |
|---|
| 37 | |
|---|
| 38 | sub _class_filter { '(ObjectClass=posixGroup)' } |
|---|
| 39 | |
|---|
| 40 | sub _key_attr { 'cn' } |
|---|
| 41 | |
|---|
| 42 | sub _my_ldap_classes { qw(top posixGroup sambaGroupMapping) } |
|---|
| 43 | |
|---|
| 44 | sub _get_attr_schema { |
|---|
| 45 | my ($class, $base) = @_; |
|---|
| 46 | $class->SUPER::_get_attr_schema($base, |
|---|
| 47 | { |
|---|
| 48 | gidNumber => { uniq => 1, }, |
|---|
| 49 | description => { }, |
|---|
| 50 | memberUID => { |
|---|
| 51 | multiple => 1, |
|---|
| 52 | delayed => 1, |
|---|
| 53 | reference => 'user', |
|---|
| 54 | }, |
|---|
| 55 | cn => { ro => 1 }, |
|---|
| 56 | dn => { ro => 1 }, |
|---|
| 57 | objectClass => { ro => 1 }, |
|---|
| 58 | sambaSID => { }, |
|---|
| 59 | } |
|---|
| 60 | ); |
|---|
| 61 | } |
|---|
| 62 | |
|---|
| 63 | sub _update_class { |
|---|
| 64 | my ($self) = @_; |
|---|
| 65 | |
|---|
| 66 | $self->SUPER::_update_class( |
|---|
| 67 | sambaSID => $self->base->sambaSID( |
|---|
| 68 | _computeSSID($self->_get_attributes('gidNumber')) |
|---|
| 69 | ) |
|---|
| 70 | ); |
|---|
| 71 | } |
|---|
| 72 | |
|---|
| 73 | sub _create { |
|---|
| 74 | my ($class, $base, $id, %data) = @_; |
|---|
| 75 | |
|---|
| 76 | my $entry = Net::LDAP::Entry->new(); |
|---|
| 77 | |
|---|
| 78 | $data{sambaSID} ||= $base->sambaSID(_computeSSID($data{gidNumber})); |
|---|
| 79 | |
|---|
| 80 | $entry->dn(join(',', |
|---|
| 81 | sprintf('%s=%s', |
|---|
| 82 | $class->_dn_attribute($base), |
|---|
| 83 | escape_filter_value($id)), |
|---|
| 84 | $base->object_base_dn($class->type), |
|---|
| 85 | )); |
|---|
| 86 | $entry->replace(objectClass => [ $class->_my_ldap_classes ],); |
|---|
| 87 | my %delayed; |
|---|
| 88 | $data{$class->_key_attribute($base)} = $id; |
|---|
| 89 | foreach (keys %data) { |
|---|
| 90 | /^(memberUID)$/ and do { |
|---|
| 91 | $delayed{memberUID} = $data{$_}; |
|---|
| 92 | next; |
|---|
| 93 | }; |
|---|
| 94 | $class->_populate_entry($entry, $_, $data{$_}); |
|---|
| 95 | } |
|---|
| 96 | my $msg = $base->ldap->add($entry); |
|---|
| 97 | $base->log(LA_ERR, "Cannot create group: %s", $msg->error) if ($msg->code); |
|---|
| 98 | return if ($msg->code); |
|---|
| 99 | if (! keys %delayed) { return 1 }; |
|---|
| 100 | my $res = $base->get_object('group', $id)->set_fields(%delayed); |
|---|
| 101 | return defined($res) ? 1 : 0; |
|---|
| 102 | } |
|---|
| 103 | |
|---|
| 104 | sub _computeSSID { |
|---|
| 105 | my ($value) = @_; |
|---|
| 106 | $value * 2 + 1000 |
|---|
| 107 | } |
|---|
| 108 | |
|---|
| 109 | sub get_field { |
|---|
| 110 | my ($self, $field) = @_; |
|---|
| 111 | |
|---|
| 112 | $field eq 'memberUID' and do { |
|---|
| 113 | my $val = $self->SUPER::get_field('memberUid'); |
|---|
| 114 | return ref $val ? $val : [ grep { $_ } $val ]; |
|---|
| 115 | }; |
|---|
| 116 | $self->SUPER::get_field($field); |
|---|
| 117 | } |
|---|
| 118 | |
|---|
| 119 | sub set_fields { |
|---|
| 120 | my ($self, %data) = @_; |
|---|
| 121 | my %ndata; |
|---|
| 122 | while (my ($f, $val) = each(%data)) { |
|---|
| 123 | $f eq 'memberUID' and do { |
|---|
| 124 | $val = [ $val ] unless(ref $val); |
|---|
| 125 | my %users; |
|---|
| 126 | $users{$_}{e} = 1 foreach (@{ $self->get_field('memberUID') || []}); |
|---|
| 127 | $users{$_}{n} = 1 foreach (grep { $_ } @{ $val || []}); |
|---|
| 128 | foreach (keys %users) { |
|---|
| 129 | $users{$_}{e} && $users{$_}{n} and next; |
|---|
| 130 | if ($users{$_}{e}) { |
|---|
| 131 | $self->{entry}->delete(memberUid => $_); |
|---|
| 132 | } elsif ($users{$_}{n} && $self->base->get_object('user', $_)) { |
|---|
| 133 | $self->{entry}->add(memberUid => $_); |
|---|
| 134 | } # else {} # can't happen |
|---|
| 135 | my $mesg = $self->{entry}->update($self->base->ldap); |
|---|
| 136 | } |
|---|
| 137 | next; |
|---|
| 138 | }; |
|---|
| 139 | $ndata{$f} = $val; |
|---|
| 140 | } |
|---|
| 141 | $self->SUPER::set_fields(%ndata); |
|---|
| 142 | } |
|---|
| 143 | |
|---|
| 144 | 1; |
|---|
| 145 | |
|---|
| 146 | __END__ |
|---|
| 147 | |
|---|
| 148 | =head1 SEE ALSO |
|---|
| 149 | |
|---|
| 150 | =head1 AUTHOR |
|---|
| 151 | |
|---|
| 152 | Olivier Thauvin, E<lt>olivier.thauvin@aerov.jussieu.frE<gt> |
|---|
| 153 | |
|---|
| 154 | =head1 COPYRIGHT AND LICENSE |
|---|
| 155 | |
|---|
| 156 | Copyright (C) 2008 CNRS SA/CETP/LATMOS |
|---|
| 157 | |
|---|
| 158 | This library is free software; you can redistribute it and/or modify |
|---|
| 159 | it under the same terms as Perl itself, either Perl version 5.10.0 or, |
|---|
| 160 | at your option, any later version of Perl 5 you may have available. |
|---|
| 161 | |
|---|
| 162 | |
|---|
| 163 | =cut |
|---|
![(please configure the [header_logo] section in trac.ini)](/link-accounts/chrome/site/your_project_logo.png){kind=logo}
