From 3d96d742989ef30767b1205bbdb0d3cc9c52117f Mon Sep 17 00:00:00 2001
From: "Jeroen van Meeuwen (Kolab Systems)" <vanmeeuwen@kolabsys.com>
Date: Mon, 5 Aug 2013 11:14:14 +0100
Subject: [PATCH] Use $ldap->parse_vars to allow role specific settings and
 plugins to be applied to multi-domain environments through the expansion of
 '%dc'

---
 plugins/kolab_auth/kolab_auth.php | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/plugins/kolab_auth/kolab_auth.php b/plugins/kolab_auth/kolab_auth.php
index 5579743f..2b869f77 100644
--- a/plugins/kolab_auth/kolab_auth.php
+++ b/plugins/kolab_auth/kolab_auth.php
@@ -87,6 +87,8 @@ class kolab_auth extends rcube_plugin
         //  Array(
         //      '<role_dn>' => Array('plugin1', 'plugin2'),
         //  );
+        // 
+        // NOTE that <role_dn> may in fact be something like: 'cn=role,%dc'
 
         $role_plugins = $rcmail->config->get('kolab_auth_role_plugins');
 
@@ -101,9 +103,33 @@ class kolab_auth extends rcube_plugin
         //          ),
         //      ),
         //  );
+        //
+        // NOTE that <role_dn> may in fact be something like: 'cn=role,%dc'
 
         $role_settings = $rcmail->config->get('kolab_auth_role_settings');
 
+        $ldap = self::ldap();
+        if (!$ldap || !$ldap->ready) {
+            $args['abort'] = true;
+            return $args;
+        }
+
+        // Find user record in LDAP
+        $record = $ldap->get_user_record($user, $host);
+
+        if (empty($record)) {
+            $args['abort'] = true;
+            return $args;
+        }
+
+        foreach ($role_plugins as $role_dn => $plugins) {
+            $role_plugins[$ldap->parse_vars($role_dn)] => $plugins;
+        }
+
+        foreach ($role_settings as $role_dn => $settings) {
+            $role_settings[$ldap->parse_vars($role_dn)] => $settings;
+        }
+
         foreach ($role_dns as $role_dn) {
             if (isset($role_plugins[$role_dn]) && is_array($role_plugins[$role_dn])) {
                 foreach ($role_plugins[$role_dn] as $plugin) {