Use LDAP Groups as ACL Group Aliases in WackoWiki

Sebastian Dietzold
bugs:13


With this hack, your WackoWiki gets an ACL Group Alias for every groupOfName Object. So you can reuse your LDAP Groups in your Wiki.


1. Put the file ldapgroups.php in your classes dir
2. Customize it for your environment
  1. LDAP connection parameters
  2. DIT location of your Groups
  3. preg_replace lines to generate the User WikiNames
3. Create a file action/ldapgroups.php with this content:


<?php
  
global $wacko_config;
  
show_array($wacko_config['aliases']);
?>

4. Add this lines at end the of your config.php:

// Changes for ldap-groups
include 'class/ldapgroups.php';
$wacko_config['aliases'] = add_ldap_groups_to_array($wacko_config['aliases']);

Now you can create an admin page with the action {{ldapgroups}} to display all possible ACL Group aliases.


ldapgroups.php


<?php

################################################################################
# CONFIG
################################################################################

$ldap_config['host']        = 'ldapserver.domain.tld';
$ldap_config['port']        = '389';
#$ldap_config['binddn']        = '';
#$ldap_config['bindpass']    = '';
$ldap_config['basedn']        = 'ou=Groups,dc=domain,dc=tld';

/**
* anonymous bind to ldap-server and return of the ldap-link
*/
function auth_anon ($ldap_config)
{

    
// connect
    
$ldap_config['link'] = ldap_connect($ldap_config['host'], $ldap_config['port']);
    
    if (!
$ldap_config['link'])
    {
        print(
'ldap_connect: failed');
        return 
false;
    }

    
// anonymus bind
    
if (!ldap_bind($ldap_config['link']))
    {
        print(
'ldap_bind: anonymous failed');
        return 
false;
    };

    return 
$ldap_config;
}

function 
auth_named ($ldap_config)
{
    
// anonymous first
    
$ldap_config auth_anon($ldap_config);

    if ((!
$ldap_config)||(!$ldap_config['link']))
    {
        print(
'auth_named: no ldap_link from auth_anon()');
        return 
false;
    };

    if (!
ldap_bind($ldap_config['link'], $ldap_config['binddn'], $ldap_config['bindpass']))
    {
        print(
'auth_named ldap_bind: failed');
        return 
false;
    }
}

/**
* This function will print all the keys of a multidimensional array in html
* tables. It will help to debug when you donīt have control of depths.
*/
function show_array($array)
{
    echo 
"<table width='100%' border='1' bordercolor='#6699CC' cellspacing='0' cellpadding='5'>
            <tr valign='top'>"
;

    foreach (
$array as $key => $value)
    {
        echo 
"<td align='center' bgcolor='#EEEEEE'>
        <table border='2' cellpadding='3'>
            <tr>
                <td bgcolor='#FFFFFF'>
                    
$key (<code style='white-space:pre;'>$value</code>)
                </td>
            </tr>
        </table>"
;

        if (
is_array($array[$key]))
        {
            
show_array ($array[$key]);
        }

        echo 
"</td>";
    }

    echo 
"</tr></table>";


function 
add_ldap_groups_to_array($array)
{
    global 
$ldap_config;
    
error_reporting(0);
    
$ldap_config auth_anon($ldap_config);

    
$ds        $ldap_config['link'];
    
$sr        ldap_search($ds$ldap_config['basedn'], 'cn=*');
    
ldap_sort($ds$sr'cn');
    
$info    ldap_get_entries($ds$sr);

    for (
$i 0$i $info['count']; $i++)
    {
        
$cn $info[$i]['cn'][0];
        
#echo recode("UTF-8..", $info[$i]['cn'][0]) . "<br />";

        
$alias_string 'Administrator';

        for (
$j 0$j $info[$i]['member']['count']; $j++)
        {
            
$dn        $info[$i]['member'][$j];
            
$dn        preg_replace("/^cn=/i"''$dn);
            
$dn        preg_replace("/,.*/i"''$dn);
            
$dn        preg_replace('/ 1$/i'''$dn);
            
$dn        preg_replace("/ /i"''$dn);
            
$alias_string .= "\n" $dn;
        }

        
#echo $alias_string . "<br />";
        
$array[$cn] = $alias_string;
    }

    
#show_array($wacko_config['aliases']);
    
ldap_close($ds);
    
    return 
$array;
}

#include '../config.php';
#show_array($wacko_config['aliases']);
#$wacko_config['aliases'] = add_ldap_groups_to_array($wacko_config['aliases']);
#show_array($wacko_config['aliases']);

?>


Links

  1. https://secure.php.net/manual/en/ref.ldap.php