-
Notifications
You must be signed in to change notification settings - Fork 0
/
searchUser.inc.php
73 lines (60 loc) · 2.44 KB
/
searchUser.inc.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php // -*-PHP-*-
require_once ('lib/supannPerson.inc.php');
$id = GET_ldapFilterSafe_or_NULL("id");
if ($id !== NULL) {
// NB: "id" can be an array, that's ok & useful!
$token = $id;
$tokenIsId = true;
} else {
$token = GET_ldapFilterSafe_or("token", '');
$tokenIsId = false;
}
$attrs = GET_or_NULL("attrs");
$format = GET_or_NULL("format");
$anonymous = !(@$isTrustedIp || GET_uid());
$maxRows = GET_or("maxRows", 0); // but see restrictions if !$isTrustedIp
$showErrors = GET_or_NULL("showErrors");
$showExtendedInfo = GET_or_NULL("showExtendedInfo");
$allowInvalidAccounts = GET_or_NULL("allowInvalidAccounts");
$allowNoAffiliationAccounts = GET_or("allowNoAffiliationAccounts", $allowInvalidAccounts);
$allowRoles = GET_or_NULL("allowRoles"); # allow searching non-people entries
$allowExtendedInfo = $anonymous ? -1 : 0;
if ((isset($showExtendedInfo) || isset($allowInvalidAccounts)) && (@$isTrustedIp || GET_uid())) {
$allowExtendedInfo = @$isTrustedIp ? 2 : loggedUserAllowedLevel();
}
$extendedInfo = $allowExtendedInfo;
if ($allowExtendedInfo >= 1) {
if (is_numeric($showExtendedInfo)) {
$extendedInfo = min($extendedInfo, $showExtendedInfo);
}
if (!@$isTrustedIp) {
global $LDAP_CONNECT_LEVEL1, $LDAP_CONNECT_LEVEL2;
$LDAP_CONNECT = $extendedInfo == 2 ? $LDAP_CONNECT_LEVEL2 : $LDAP_CONNECT_LEVEL1;
global_ldap_open('reOpen');
}
}
$restriction = GET_extra_people_filter_from_params();
$wanted_attrs = people_attrs($attrs, $extendedInfo);
if ($allowInvalidAccounts && $extendedInfo < 1) $allowInvalidAccounts = false;
$attrRestrictions = attrRestrictions($extendedInfo);
$attrRestrictions['allowRoles'] = $allowRoles;
if ($attrRestrictions['forceProfile']) {
$wanted_attrs['up1Profile'] = 'MULTI';
}
if (!@$isTrustedIp) {
# NB: even for "allowListeRouge", limit the number of results
$max_maxRows = GET_uid() && $attrRestrictions['allowListeRouge'] ? 1000 : 10;
$maxRows = $maxRows > 1 ? min($maxRows, $max_maxRows) : $max_maxRows;
}
global $USER_KEY_FIELD;
$users = searchPeople(people_filters($token, $restriction, $allowInvalidAccounts, $allowNoAffiliationAccounts, $tokenIsId), $attrRestrictions, $wanted_attrs, $USER_KEY_FIELD, $maxRows);
if (count($users) > 0 && GET_uid()) {
$users[0]['globalInfo'] = [ "maxRows" => $maxRows, "allowExtendedInfo" => $allowExtendedInfo ];
}
if ($format === 'vcard') {
require_once 'lib/vcard.inc.php';
echo_vcard($users);
} else {
echoJson($users);
}
?>