ldap.php 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346
  1. <?php
  2. /* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  3. * Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
  4. * Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
  5. * Copyright (C) 2005-2017 Regis Houssin <regis.houssin@inodbox.com>
  6. * Copyright (C) 2006-2020 Laurent Destailleur <eldy@users.sourceforge.net>
  7. * Copyright (C) 2011-2013 Juanjo Menent <jmenent@2byte.es>
  8. *
  9. * This program is free software; you can redistribute it and/or modify
  10. * it under the terms of the GNU General Public License as published by
  11. * the Free Software Foundation; either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU General Public License
  20. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  21. */
  22. /**
  23. * \file htdocs/admin/ldap.php
  24. * \ingroup ldap
  25. * \brief Page to setup module LDAP
  26. */
  27. require '../main.inc.php';
  28. require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
  29. require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';
  30. require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
  31. // Load translation files required by the page
  32. $langs->load("admin");
  33. if (!$user->admin) {
  34. accessforbidden();
  35. }
  36. $action = GETPOST('action', 'aZ09');
  37. // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
  38. $hookmanager->initHooks(array('adminldap', 'globaladmin'));
  39. /*
  40. * Actions
  41. */
  42. $parameters = array();
  43. $reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
  44. if ($reshook < 0) {
  45. setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
  46. }
  47. if (empty($reshook)) {
  48. if ($action == 'setvalue' && $user->admin) {
  49. $error = 0;
  50. $db->begin();
  51. if (!dolibarr_set_const($db, 'LDAP_SERVER_TYPE', GETPOST("type", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
  52. $error++;
  53. }
  54. if (!dolibarr_set_const($db, 'LDAP_SERVER_PROTOCOLVERSION', GETPOST("LDAP_SERVER_PROTOCOLVERSION", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
  55. $error++;
  56. }
  57. if (!dolibarr_set_const($db, 'LDAP_SERVER_HOST', GETPOST("host", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
  58. $error++;
  59. }
  60. if (!dolibarr_set_const($db, 'LDAP_SERVER_HOST_SLAVE', GETPOST("slave", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
  61. $error++;
  62. }
  63. if (!dolibarr_set_const($db, 'LDAP_SERVER_PORT', GETPOST("port", 'int'), 'chaine', 0, '', $conf->entity)) {
  64. $error++;
  65. }
  66. if (!dolibarr_set_const($db, 'LDAP_SERVER_DN', GETPOST("dn", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
  67. $error++;
  68. }
  69. if (!dolibarr_set_const($db, 'LDAP_ADMIN_DN', GETPOST("admin", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) {
  70. $error++;
  71. }
  72. if (!dolibarr_set_const($db, 'LDAP_ADMIN_PASS', GETPOST("pass", 'none'), 'chaine', 0, '', $conf->entity)) {
  73. $error++;
  74. }
  75. if (!dolibarr_set_const($db, 'LDAP_SERVER_USE_TLS', GETPOST("usetls", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
  76. $error++;
  77. }
  78. if (!dolibarr_set_const($db, 'LDAP_SYNCHRO_ACTIVE', GETPOST("activesynchro", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
  79. $error++;
  80. }
  81. if (!dolibarr_set_const($db, 'LDAP_CONTACT_ACTIVE', GETPOST("activecontact", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
  82. $error++;
  83. }
  84. if (!dolibarr_set_const($db, 'LDAP_MEMBER_ACTIVE', GETPOST("activemembers", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
  85. $error++;
  86. }
  87. if (!dolibarr_set_const($db, 'LDAP_MEMBER_TYPE_ACTIVE', GETPOST("activememberstypes", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
  88. $error++;
  89. }
  90. if (!$error) {
  91. $db->commit();
  92. setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
  93. } else {
  94. $db->rollback();
  95. dol_print_error($db);
  96. }
  97. }
  98. }
  99. /*
  100. * View
  101. */
  102. llxHeader('', $langs->trans("LDAPSetup"), 'EN:Module_LDAP_En|FR:Module_LDAP|ES:M&oacute;dulo_LDAP');
  103. $linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
  104. print load_fiche_titre($langs->trans("LDAPSetup"), $linkback, 'title_setup');
  105. $head = ldap_prepare_head();
  106. // Test si fonction LDAP actives
  107. if (!function_exists("ldap_connect")) {
  108. setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors');
  109. }
  110. $form = new Form($db);
  111. print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue">';
  112. print '<input type="hidden" name="token" value="'.newToken().'">';
  113. print dol_get_fiche_head($head, 'ldap', $langs->trans("LDAPSetup"), -1);
  114. print '<table class="noborder centpercent">';
  115. // Liste de synchro actives
  116. print '<tr class="liste_titre">';
  117. print '<td colspan="3">'.$langs->trans("LDAPSynchronization").'</td>';
  118. print "</tr>\n";
  119. // Synchro utilisateurs/groupes active
  120. print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnSynchroActive").'</td><td>';
  121. $arraylist = array();
  122. $arraylist['0'] = $langs->trans("No");
  123. $arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr");
  124. $arraylist['dolibarr2ldap'] = $langs->trans("DolibarrToLDAP");
  125. print $form->selectarray('activesynchro', $arraylist, $conf->global->LDAP_SYNCHRO_ACTIVE);
  126. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPDnSynchroActiveExample").'</span>';
  127. if ($conf->global->LDAP_SYNCHRO_ACTIVE && !$conf->global->LDAP_USER_DN) {
  128. print '<br><font class="error">'.$langs->trans("LDAPSetupNotComplete").'</font>';
  129. }
  130. print '</td></tr>';
  131. // Synchro contact active
  132. if (!empty($conf->societe->enabled)) {
  133. print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnContactActive").'</td><td>';
  134. $arraylist = array();
  135. $arraylist['0'] = $langs->trans("No");
  136. $arraylist['1'] = $langs->trans("DolibarrToLDAP");
  137. print $form->selectarray('activecontact', $arraylist, $conf->global->LDAP_CONTACT_ACTIVE);
  138. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPDnContactActiveExample").'</span></td></tr>';
  139. }
  140. // Synchro member active
  141. if (!empty($conf->adherent->enabled)) {
  142. print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnMemberActive").'</td><td>';
  143. $arraylist = array();
  144. $arraylist['0'] = $langs->trans("No");
  145. $arraylist['1'] = $langs->trans("DolibarrToLDAP");
  146. $arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')';
  147. print $form->selectarray('activemembers', $arraylist, $conf->global->LDAP_MEMBER_ACTIVE);
  148. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPDnMemberActiveExample").'</span></td></tr>';
  149. }
  150. // Synchro member type active
  151. if (!empty($conf->adherent->enabled)) {
  152. print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnMemberTypeActive").'</td><td>';
  153. $arraylist = array();
  154. $arraylist['0'] = $langs->trans("No");
  155. $arraylist['1'] = $langs->trans("DolibarrToLDAP");
  156. $arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')';
  157. print $form->selectarray('activememberstypes', $arraylist, $conf->global->LDAP_MEMBER_TYPE_ACTIVE);
  158. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPDnMemberTypeActiveExample").'</span></td></tr>';
  159. }
  160. // Fields from hook
  161. $parameters = array();
  162. $reshook = $hookmanager->executeHooks('addAdminLdapOptions', $parameters); // Note that $action and $object may have been modified by hook
  163. print $hookmanager->resPrint;
  164. print '<tr class="liste_titre">';
  165. print '<td>'.$langs->trans("Parameter").'</td>';
  166. print '<td>'.$langs->trans("Value").'</td>';
  167. print '<td>'.$langs->trans("Example").'</td>';
  168. print "</tr>\n";
  169. // Type
  170. print '<tr class="oddeven"><td>'.$langs->trans("Type").'</td><td>';
  171. $arraylist = array();
  172. $arraylist['activedirectory'] = 'Active Directory';
  173. $arraylist['openldap'] = 'OpenLdap';
  174. $arraylist['egroupware'] = 'Egroupware';
  175. print $form->selectarray('type', $arraylist, $conf->global->LDAP_SERVER_TYPE);
  176. print '</td><td>&nbsp;</td></tr>';
  177. // Version
  178. print '<tr class="oddeven"><td>'.$langs->trans("Version").'</td><td>';
  179. $arraylist = array();
  180. $arraylist['3'] = 'Version 3';
  181. $arraylist['2'] = 'Version 2';
  182. print $form->selectarray('LDAP_SERVER_PROTOCOLVERSION', $arraylist, $conf->global->LDAP_SERVER_PROTOCOLVERSION);
  183. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerProtocolVersion").'</span></td></tr>';
  184. // Serveur primaire
  185. print '<tr class="oddeven"><td>';
  186. print $langs->trans("LDAPPrimaryServer").'</td><td>';
  187. print '<input class="minwidth200" type="text" name="host" value="'.$conf->global->LDAP_SERVER_HOST.'">';
  188. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerExample").'</span></td></tr>';
  189. // Serveur secondaire
  190. print '<tr class="oddeven"><td>';
  191. print $langs->trans("LDAPSecondaryServer").'</td><td>';
  192. print '<input class="minwidth200" type="text" name="slave" value="'.$conf->global->LDAP_SERVER_HOST_SLAVE.'">';
  193. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerExample").'</span></td></tr>';
  194. // Port
  195. print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerPort").'</td><td>';
  196. if (!empty($conf->global->LDAP_SERVER_PORT)) {
  197. print '<input class="width75" type="text" name="port" value="'.$conf->global->LDAP_SERVER_PORT.'">';
  198. } else {
  199. print '<input class="width75" type="text" name="port" value="389">';
  200. }
  201. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerPortExample").'</span></td></tr>';
  202. // DNserver
  203. print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerDn").'</td><td>';
  204. print '<input class="minwidth300" type="text" name="dn" value="'.$conf->global->LDAP_SERVER_DN.'">';
  205. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerDnExample").'</span></td></tr>';
  206. // Utiliser TLS
  207. print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerUseTLS").'</td><td>';
  208. $arraylist = array();
  209. $arraylist['0'] = $langs->trans("No");
  210. $arraylist['1'] = $langs->trans("Yes");
  211. print $form->selectarray('usetls', $arraylist, $conf->global->LDAP_SERVER_USE_TLS);
  212. print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerUseTLSExample").'</span></td></tr>';
  213. print '<tr class="liste_titre">';
  214. print '<td colspan="3">'.$langs->trans("ForANonAnonymousAccess").'</td>';
  215. print "</tr>\n";
  216. // DNAdmin
  217. print '<!-- LDAP_ADMIN_DN -->';
  218. print '<tr class="oddeven"><td>'.$langs->trans("LDAPAdminDn").'</td><td>';
  219. print '<input class="minwidth300" type="text" name="admin" value="'.$conf->global->LDAP_ADMIN_DN.'">';
  220. print '</td><td class="maxwidthhalf"><span class="opacitymedium">'.$langs->trans("LDAPAdminDnExample").'</span></td></tr>';
  221. // Pass
  222. print '<!-- LDAP_ADMIN_PASS -->';
  223. print '<tr class="oddeven"><td>'.$langs->trans("LDAPPassword").'</td><td>';
  224. if (!empty($conf->global->LDAP_ADMIN_PASS)) {
  225. print '<input class="minwidth150" type="password" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">'; // je le met en visible pour test
  226. } else {
  227. print '<input class="minwidth150" type="text" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">';
  228. }
  229. print '</td><td><span class="opacitymedium">'.$langs->trans('Password').' (ex: secret)</span></td></tr>';
  230. print '</table>';
  231. print dol_get_fiche_end();
  232. print '<div class="center"><input type="submit" class="button" value="'.$langs->trans("Modify").'"></div>';
  233. print '</form>';
  234. print '<br>';
  235. /*
  236. * Test de la connexion
  237. */
  238. if (function_exists("ldap_connect")) {
  239. if (!empty($conf->global->LDAP_SERVER_HOST)) {
  240. print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=test">'.$langs->trans("LDAPTestConnect").'</a><br><br>';
  241. }
  242. if ($_GET["action"] == 'test') {
  243. $ldap = new Ldap(); // Les parametres sont passes et recuperes via $conf
  244. $result = $ldap->connect_bind();
  245. if ($result > 0) {
  246. // Test ldap connect and bind
  247. print img_picto('', 'info').' ';
  248. print '<font class="ok">'.$langs->trans("LDAPTCPConnectOK", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT).'</font>';
  249. print '<br>';
  250. if ($conf->global->LDAP_ADMIN_DN && !empty($conf->global->LDAP_ADMIN_PASS)) {
  251. if ($result == 2) {
  252. print img_picto('', 'info').' ';
  253. print '<font class="ok">'.$langs->trans("LDAPBindOK", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</font>';
  254. print '<br>';
  255. } else {
  256. print img_picto('', 'error').' ';
  257. print '<font class="error">'.$langs->trans("LDAPBindKO", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</font>';
  258. print '<br>';
  259. print $langs->trans("Error").' '.$ldap->error;
  260. print '<br>';
  261. }
  262. } else {
  263. print img_picto('', 'warning').' ';
  264. print '<font class="warning">'.$langs->trans("LDAPNoUserOrPasswordProvidedAccessIsReadOnly").'</font>';
  265. print '<br>';
  266. }
  267. // Test ldap_getversion
  268. if (($ldap->getVersion() == 3)) {
  269. print img_picto('', 'info').' ';
  270. print '<font class="ok">'.$langs->trans("LDAPSetupForVersion3").'</font>';
  271. print '<br>';
  272. } else {
  273. print img_picto('', 'info').' ';
  274. print '<font class="ok">'.$langs->trans("LDAPSetupForVersion2").'</font>';
  275. print '<br>';
  276. }
  277. $unbind = $ldap->unbind();
  278. } else {
  279. print img_picto('', 'error').' ';
  280. print '<font class="error">'.$langs->trans("LDAPTCPConnectKO", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT).'</font>';
  281. print '<br>';
  282. print $langs->trans("Error").' '.$ldap->error;
  283. print '<br>';
  284. }
  285. }
  286. }
  287. // End of page
  288. llxFooter();
  289. $db->close();