]> git.immae.eu Git - github/wallabag/wallabag.git/blobdiff - src/Wallabag/UserBundle/LdapHydrator.php
projects / github / wallabag / wallabag.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add ldap
[github/wallabag/wallabag.git] / src / Wallabag / UserBundle / LdapHydrator.php
diff --git a/src/Wallabag/UserBundle/LdapHydrator.php b/src/Wallabag/UserBundle/LdapHydrator.php
new file mode 100644 (file)
index 0000000..cea2450
--- /dev/null
+++ b/src/Wallabag/UserBundle/LdapHydrator.php
@@ -0,0 +1,103 @@
+<?php
+
+namespace Wallabag\UserBundle;
+
+use FR3D\LdapBundle\Hydrator\HydratorInterface;
+use FOS\UserBundle\FOSUserEvents;
+use FOS\UserBundle\Event\UserEvent;
+
+class LdapHydrator implements HydratorInterface
+{
+    private $userManager;
+    private $eventDispatcher;
+    private $attributesMap;
+    private $enabledAttribute;
+    private $ldapBaseDn;
+    private $ldapAdminFilter;
+    private $ldapDriver;
+
+    public function __construct(
+      $user_manager,
+      $event_dispatcher,
+      array $attributes_map,
+      $ldap_base_dn,
+      $ldap_admin_filter,
+      $ldap_driver
+    ) {
+        $this->userManager = $user_manager;
+        $this->eventDispatcher = $event_dispatcher;
+
+        $this->attributesMap = array(
+        'setUsername' => $attributes_map[0],
+        'setEmail' => $attributes_map[1],
+        'setName' => $attributes_map[2],
+      );
+        $this->enabledAttribute = $attributes_map[3];
+
+        $this->ldapBaseDn = $ldap_base_dn;
+        $this->ldapAdminFilter = $ldap_admin_filter;
+        $this->ldapDriver = $ldap_driver;
+    }
+
+    public function hydrate(array $ldapEntry)
+    {
+        $user = $this->userManager->findUserBy(array('dn' => $ldapEntry['dn']));
+
+        if (!$user) {
+            $user = $this->userManager->createUser();
+            $user->setDn($ldapEntry['dn']);
+            $user->setPassword('');
+            $user->setSalt('');
+            $this->updateUserFields($user, $ldapEntry);
+
+            $event = new UserEvent($user);
+            $this->eventDispatcher->dispatch(FOSUserEvents::USER_CREATED, $event);
+
+            $this->userManager->reloadUser($user);
+        } else {
+            $this->updateUserFields($user, $ldapEntry);
+        }
+
+        return $user;
+    }
+
+    private function updateUserFields($user, $ldapEntry)
+    {
+        foreach ($this->attributesMap as $key => $value) {
+            if (is_array($ldapEntry[$value])) {
+                $ldap_value = $ldapEntry[$value][0];
+            } else {
+                $ldap_value = $ldapEntry[$value];
+            }
+
+            call_user_func([$user, $key], $ldap_value);
+        }
+
+        if ($this->enabledAttribute !== null) {
+            $user->setEnabled($ldapEntry[$this->enabledAttribute]);
+        } else {
+            $user->setEnabled(true);
+        }
+
+        if ($this->isAdmin($user)) {
+            $user->addRole('ROLE_SUPER_ADMIN');
+        } else {
+            $user->removeRole('ROLE_SUPER_ADMIN');
+        }
+
+        $this->userManager->updateUser($user, true);
+    }
+
+    private function isAdmin($user)
+    {
+        if ($this->ldapAdminFilter === null) {
+            return false;
+        }
+
+        $escaped_username = ldap_escape($user->getUsername(), '', LDAP_ESCAPE_FILTER);
+        $filter = sprintf($this->ldapAdminFilter, $escaped_username);
+        $entries = $this->ldapDriver->search($this->ldapBaseDn, $filter);
+
+        return $entries['count'] == 1;
+    }
+}
A self hostable application for saving web pages: Save and classify articles. Read them later. Freely.