Use LDAP Groups as ACL Group Aliases in WackoWiki

bugs:13
Compatible with: R4.3
Credits: Sebastian Dietzold


New Implementation for R6.0

Anyone interested in implementing LDAP/AD in the current code base, please provide a patch against the repo head. We will help you then with adding the corresponding config module for the admin panel.

With this hack, your WackoWiki gets an ACL Group Alias for every groupOfName Object. So you can reuse your LDAP Groups in your Wiki.


1. Put the file ldapgroups.php in your class dir
2. Customize it for your environment
  1. LDAP connection parameters
  2. DIT location of your Groups
  3. preg_replace lines to generate the User WikiNames
3. Create a file action/ldapgroups.php with this content:


<?php
  
global $wacko_config;
  
show_array($wacko_config['aliases']);
?>

4. Add this lines at end the of your config.php:
// Changes for ldap-groups
include 'class/ldapgroups.php';
$wacko_config['aliases'] = add_ldap_groups_to_array($wacko_config['aliases']);

Now you can create an admin page with the action {{ldapgroups}} to display all possible ACL Group aliases.


ldapgroups.php


<?php

################################################################################
# CONFIG
################################################################################

$ldap_config['host']        = 'ldapserver.domain.tld';
$ldap_config['port']        = '389';
#$ldap_config['binddn']        = '';
#$ldap_config['bindpass']    = '';
$ldap_config['basedn']        = 'ou=Groups,dc=domain,dc=tld';

/**
* anonymous bind to ldap-server and return of the ldap-link
*/
function auth_anon ($ldap_config)
{

    
// connect
    
$ldap_config['link'] = ldap_connect($ldap_config['host'], $ldap_config['port']);
    
    if (!
$ldap_config['link'])
    {
        print(
'ldap_connect: failed');
        return 
false;
    }

    
// anonymus bind
    
if (!ldap_bind($ldap_config['link']))
    {
        print(
'ldap_bind: anonymous failed');
        return 
false;
    };

    return 
$ldap_config;
}

function 
auth_named ($ldap_config)
{
    
// anonymous first
    
$ldap_config auth_anon($ldap_config);

    if ((!
$ldap_config)||(!$ldap_config['link']))
    {
        print(
'auth_named: no ldap_link from auth_anon()');
        return 
false;
    };

    if (!
ldap_bind($ldap_config['link'], $ldap_config['binddn'], $ldap_config['bindpass']))
    {
        print(
'auth_named ldap_bind: failed');
        return 
false;
    }
}

/**
* This function will print all the keys of a multidimensional array in html
* tables. It will help to debug when you don´t have control of depths.
*/
function show_array($array)
{
    echo 
"<table width='100%' border='1' bordercolor='#6699CC' cellspacing='0' cellpadding='5'>
            <tr valign='top'>"
;

    foreach (
$array as $key => $value)
    {
        echo 
"<td align='center' bgcolor='#EEEEEE'>
        <table border='2' cellpadding='3'>
            <tr>
                <td bgcolor='#FFFFFF'>
                    
$key (<code style='white-space:pre;'>$value</code>)
                </td>
            </tr>
        </table>"
;

        if (
is_array($array[$key]))
        {
            
show_array ($array[$key]);
        }

        echo 
"</td>";
    }

    echo 
"</tr></table>";


function 
add_ldap_groups_to_array($array)
{
    global 
$ldap_config;
    
error_reporting(0);
    
$ldap_config auth_anon($ldap_config);

    
$ds        $ldap_config['link'];
    
$sr        ldap_search($ds$ldap_config['basedn'], 'cn=*');
    
ldap_sort($ds$sr'cn');
    
$info    ldap_get_entries($ds$sr);

    for (
$i 0$i $info['count']; $i++)
    {
        
$cn $info[$i]['cn'][0];
        
#echo recode("UTF-8..", $info[$i]['cn'][0]) . "<br />";

        
$alias_string 'Administrator';

        for (
$j 0$j $info[$i]['member']['count']; $j++)
        {
            
$dn        $info[$i]['member'][$j];
            
$dn        preg_replace("/^cn=/i"''$dn);
            
$dn        preg_replace("/,.*/i"''$dn);
            
$dn        preg_replace('/ 1$/i'''$dn);
            
$dn        preg_replace("/ /i"''$dn);
            
$alias_string .= "\n" $dn;
        }

        
#echo $alias_string . "<br />";
        
$array[$cn] = $alias_string;
    }

    
#show_array($wacko_config['aliases']);
    
ldap_close($ds);
    
    return 
$array;
}

#include '../config.php';
#show_array($wacko_config['aliases']);
#$wacko_config['aliases'] = add_ldap_groups_to_array($wacko_config['aliases']);
#show_array($wacko_config['aliases']);

?>


Links

  1. https://secure.php.net/manual/en/ref.ldap.php