Permalink
Browse files

Can now create new groups.

  • Loading branch information...
1 parent 5c4910a commit 8fc8f4d6c2e11bff714fb3eb073e96411d0152b2 @adamfranco adamfranco committed Aug 28, 2009
Showing with 116 additions and 16 deletions.
  1. +49 −0 actions/create_group.php
  2. +33 −16 actions/list.php
  3. +18 −0 lib/LdapConnector.class.php
  4. +16 −0 lib/functions.php
View
@@ -0,0 +1,49 @@
+<?php
+/**
+ * Create a new group.
+ *
+ * @since 8/28/09
+ * @package
+ *
+ * @copyright Copyright &copy; 2009, Middlebury College
+ * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License (GPL)
+ */
+
+if (!isset($_POST['container_dn']) || !$_POST['container_dn'])
+ throw new InvalidArgumentException("No container_dn passed");
+
+$containerDn = base64_decode($_POST['container_dn'], true);
+if (!$containerDn)
+ throw new InvalidArgumentException("Invalid container_dn passed");
+
+if (!isset($_POST['new_group_name']) || !$_POST['new_group_name'])
+ throw new InvalidArgumentException("No new_group_name passed");
+
+$newGroupName = $_POST['new_group_name'];
+if (!preg_match('/^[a-z0-9][a-z0-9\s.,_\'&-]+$/i', $newGroupName))
+ throw new InvalidArgumentException("Invalid new_group_name passed");
+
+$groupId = "CN=".$ldap->escapeDnValue($newGroupName).",".$containerDn;
+
+// Verify that the current user really can manage the group.
+try {
+ $groups = $ldap->read('(objectclass=group)', $groupId, array('managedby', 'member'));
+ if (count($groups))
+ throw new Exception("A group with the name $newGroupName already exists.");
+} catch (LdapException $e) {
+}
+
+$entry['cn'] = $newGroupName;
+$entry['objectClass'][0] = 'top';
+$entry['objectClass'][1] = 'group';
+$entry['groupType']="2";
+$entry['managedBy'] = $_SESSION['user'];
+// $entry["sAMAccountName"] = $newGroupName;
+
+$ldap->add($groupId, $entry);
+
+while(ob_get_level())
+ ob_end_clean();
+header('Content-Type: text/plain');
+print "Success";
+exit;
View
@@ -19,11 +19,7 @@
$groups = array_values($groups);
foreach ($groups as $group) {
- $levels = ldap_explode_dn($group['dn'], 1);
- unset($levels['count']);
- array_pop($levels);
- array_pop($levels);
- $levels = array_reverse($levels);
+ $levels = dnToLevels($group['dn']);
print "\n<div class='group'>";
// print "\n\t<h2>".$group['cn'][0]."</h2>";
@@ -38,16 +34,19 @@
print "\n\t<fieldset class='members'>\n\t\t<legend>".implode(' / ', $levels)."</legend>";
print "\n\t\t<ul>";
- sort ($group['member']);
- foreach ($group['member'] as $memberDN) {
- $members = $ldap->read('(objectclass=*)', $memberDN, array('givenName', 'sn', 'mail'));
- $member = $members[0];
-
- print "\n\t\t<li>".$member['givenname'][0]." ".$member['sn'][0]." (".$member['mail'][0].") ";
- print "\n\t\t\t<input type='hidden' class='group_id' value='".base64_encode($group['dn'])."'/>";
- print "\n\t\t\t<input type='hidden' class='member_id' value='".base64_encode($memberDN)."'/>";
- print "<button class='remove_button'>Remove</button>";
- print "</li>";
+
+ if (isset($group['member']) && is_array($group['member'])) {
+ sort ($group['member']);
+ foreach ($group['member'] as $memberDN) {
+ $members = $ldap->read('(objectclass=*)', $memberDN, array('givenName', 'sn', 'mail'));
+ $member = $members[0];
+
+ print "\n\t\t<li>".$member['givenname'][0]." ".$member['sn'][0]." (".$member['mail'][0].") ";
+ print "\n\t\t\t<input type='hidden' class='group_id' value='".base64_encode($group['dn'])."'/>";
+ print "\n\t\t\t<input type='hidden' class='member_id' value='".base64_encode($memberDN)."'/>";
+ print "<button class='remove_button'>Remove</button>";
+ print "</li>";
+ }
}
print "\n\t\t</ul>";
print "\n\t\t<input type='text' class='new_member' size='50'/>";
@@ -58,4 +57,22 @@
print "\n</div>";
-}
+}
+
+?>
+
+<form action="<?php echo getUrl('create_group'); ?>" method="post" class="create_group">
+ <p>Create a new group in
+ <select name="container_dn">
+<?php
+foreach ($ldapConfig['WritableGroupContainers'] as $dn) {
+ print "\n\t\t\t<option value=\"".base64_encode($dn)."\">".implode(" / ", dnToLevels($dn))."</option>";
+}
+?>
+
+ </select>
+ named
+ <input type="text" name="new_group_name"/>
+ <input type="submit" value="Create"/>
+ </p>
+</form>
@@ -201,6 +201,24 @@ public function escapeDn ($dn) {
return $dn;
}
+ /**
+ * Escape a DN value and throw an InvalidArgumentException if it is not of a valid format.
+ *
+ * @param string $dn
+ * @return string
+ * @access public
+ * @since 4/2/09
+ */
+ public function escapeDnValue ($dnValue) {
+ $dnValue = strval($dnValue);
+ if (!preg_match('/^[a-z0-9_=\\\,.\'&\s()-]+$/i', $dnValue))
+ throw new InvalidArgumentException("dnValue '".$dnValue."' is not valid format.");
+
+ $dnValue = str_replace(',', '\,', $dnValue);
+
+ return $dnValue;
+ }
+
/**
* Run an LDAP search
*
View
@@ -29,3 +29,19 @@ function forward ($action, array $params = array()) {
exit;
}
+/**
+ * Answer an array of the parts of a DN with the domain stripped off.
+ *
+ * @param string $dn
+ * @return array
+ * @access public
+ * @since 8/28/09
+ */
+function dnToLevels ($dn) {
+ $levels = ldap_explode_dn($dn, 1);
+ unset($levels['count']);
+ array_pop($levels);
+ array_pop($levels);
+ $levels = array_reverse($levels);
+ return $levels;
+}

0 comments on commit 8fc8f4d

Please sign in to comment.