Support multi-domain configuration of LDAP addressbooks (Bug #2292)

2013-10-04 11:54:49 +02:00 · 2013-10-04 11:54:49 +02:00 · 1f3f8e69db
commit 1f3f8e69db
parent 803510b4f1
2 changed files with 36 additions and 0 deletions
--- a/plugins/kolab_auth/config.inc.php.dist
+++ b/plugins/kolab_auth/config.inc.php.dist
@ -72,5 +72,9 @@ $rcmail_config['kolab_auth_role_settings'] = Array(
            ),
    );

+// List of LDAP addressbooks (keys of ldap_public configuration array)
+// for which base_dn variables (%dc, etc.) will be replaced according to authenticated user DN
+// Note: special name '*' for all LDAP addressbooks
+$rcmail_config['kolab_auth_ldap_addressbooks'] = array('*');

 ?>
--- a/plugins/kolab_auth/kolab_auth.php
+++ b/plugins/kolab_auth/kolab_auth.php
@ -51,6 +51,9 @@ class kolab_auth extends rcube_plugin
        $this->add_hook('smtp_connect', array($this, 'smtp_connect'));
        $this->add_hook('identity_form', array($this, 'identity_form'));

+        // Hook to modify some configuration, e.g. ldap
+        $this->add_hook('config_get', array($this, 'config_get'));
+
        $this->add_hook('write_log', array($this, 'write_log'));

        // TODO: This section does not actually seem to work
@ -75,6 +78,35 @@ class kolab_auth extends rcube_plugin
        return $args;
    }

+    /**
+     * Modify some configuration according to LDAP user record
+     */
+    public function config_get($args)
+    {
+        // Replaces ldap_vars (%dc, etc) in public kolab ldap addressbooks
+        // config based on the users base_dn. (for multi domain support)
+        if ($args['name'] == 'ldap_public' && !empty($args['result'])) {
+            $this->load_config();
+
+            $rcmail      = rcube::get_instance();
+            $kolab_books = (array) $rcmail->config->get('kolab_auth_ldap_addressbooks');
+
+            foreach ($args['result'] as $name => $config) {
+                if (in_array($name, $kolab_books) || in_array('*', $kolab_books)) {
+                    $args['result'][$name]['base_dn']        = self::parse_ldap_vars($config['base_dn']);
+                    $args['result'][$name]['search_base_dn'] = self::parse_ldap_vars($config['search_base_dn']);
+                    $args['result'][$name]['bind_dn']        = str_replace('%dn', $_SESSION['kolab_dn'], $config['bind_dn']);
+
+                    if (!empty($config['groups'])) {
+                        $args['result'][$name]['groups']['base_dn'] = self::parse_ldap_vars($config['groups']['base_dn']);
+                    }
+                }
+            }
+        }
+
+        return $args;
+    }
+
    /**
     * Modifies list of plugins and settings according to
     * specified LDAP roles