From e9fedf3e5cd63aea4da7a71f6647ee427c62fa49 Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Sat, 5 Dec 2015 20:31:27 -0500
Subject: Rewrite of the authentication and authorization system

---
 app/Core/Ldap/Group.php | 130 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 130 insertions(+)
 create mode 100644 app/Core/Ldap/Group.php

(limited to 'app/Core/Ldap/Group.php')

diff --git a/app/Core/Ldap/Group.php b/app/Core/Ldap/Group.php
new file mode 100644
index 00000000..e11e8ecd
--- /dev/null
+++ b/app/Core/Ldap/Group.php
@@ -0,0 +1,130 @@
+<?php
+
+namespace Kanboard\Core\Ldap;
+
+use LogicException;
+use Kanboard\Group\LdapGroupProvider;
+
+/**
+ * LDAP Group Finder
+ *
+ * @package ldap
+ * @author  Frederic Guillot
+ */
+class Group
+{
+    /**
+     * Query
+     *
+     * @access private
+     * @var Query
+     */
+    private $query;
+
+    /**
+     * Constructor
+     *
+     * @access public
+     * @param  Query   $query
+     */
+    public function __construct(Query $query)
+    {
+        $this->query = $query;
+    }
+
+    /**
+     * Get groups
+     *
+     * @static
+     * @access public
+     * @param  Client    $client
+     * @param  string    $query
+     * @return array
+     */
+    public static function getGroups(Client $client, $query)
+    {
+        $self = new self(new Query($client));
+        return $self->find($query);
+    }
+
+    /**
+     * Find groups
+     *
+     * @access public
+     * @param  string    $query
+     * @return array
+     */
+    public function find($query)
+    {
+        $this->query->execute($this->getBasDn(), $query, $this->getAttributes());
+        $groups = array();
+
+        if ($this->query->hasResult()) {
+            $groups = $this->build();
+        }
+
+        return $groups;
+    }
+
+    /**
+     * Build groups list
+     *
+     * @access protected
+     * @return array
+     */
+    protected function build()
+    {
+        $groups = array();
+
+        foreach ($this->query->getEntries()->getAll() as $entry) {
+            $groups[] = new LdapGroupProvider($entry->getDn(), $entry->getFirstValue($this->getAttributeName()));
+        }
+
+        return $groups;
+    }
+
+    /**
+     * Ge the list of attributes to fetch when reading the LDAP group entry
+     *
+     * Must returns array with index that start at 0 otherwise ldap_search returns a warning "Array initialization wrong"
+     *
+     * @access public
+     * @return array
+     */
+    public function getAttributes()
+    {
+        return array_values(array_filter(array(
+            $this->getAttributeName(),
+        )));
+    }
+
+    /**
+     * Get LDAP group name attribute
+     *
+     * @access public
+     * @return string
+     */
+    public function getAttributeName()
+    {
+        if (! LDAP_GROUP_ATTRIBUTE_NAME) {
+            throw new LogicException('LDAP full name attribute empty, check the parameter LDAP_GROUP_ATTRIBUTE_NAME');
+        }
+
+        return LDAP_GROUP_ATTRIBUTE_NAME;
+    }
+
+    /**
+     * Get LDAP group base DN
+     *
+     * @access public
+     * @return string
+     */
+    public function getBasDn()
+    {
+        if (! LDAP_GROUP_BASE_DN) {
+            throw new LogicException('LDAP group base DN empty, check the parameter LDAP_GROUP_BASE_DN');
+        }
+
+        return LDAP_GROUP_BASE_DN;
+    }
+}
-- 
cgit v1.2.3