26 |
|
|
27 |
require 'config.pl' if -e 'config.pl'; |
require 'config.pl' if -e 'config.pl'; |
28 |
|
|
29 |
my $dbh = DBI->connect($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 0 }) || die $DBI::errstr; |
my $dbh = DBI->connect($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 1 }) || die $DBI::errstr; |
30 |
|
|
31 |
# Net::LDAP::Entry will lc all our attribute names anyway, so |
# Net::LDAP::Entry will lc all our attribute names anyway, so |
32 |
# we don't really care about correctCapitalization for LDAP |
# we don't really care about correctCapitalization for LDAP |
40 |
|
|
41 |
-- SAFEQ specific mappings from UMgr-LDAP.conf |
-- SAFEQ specific mappings from UMgr-LDAP.conf |
42 |
surname as displayName, |
surname as displayName, |
43 |
cardnumber as pager, |
rfid_sid as pager, |
44 |
email as mail, |
email as mail, |
45 |
|
categorycode as ou, |
46 |
categorycode as organizationalUnit, |
categorycode as organizationalUnit, |
47 |
|
categorycode as memberOf, |
48 |
|
categorycode as department, |
49 |
borrowernumber as objectGUID, |
borrowernumber as objectGUID, |
50 |
concat('/home/',borrowernumber) as homeDirectory |
concat('/home/',borrowernumber) as homeDirectory |
51 |
from borrowers |
from borrowers |
57 |
'objectGUID' => 'borrowernumber', |
'objectGUID' => 'borrowernumber', |
58 |
'displayName' => 'surname', |
'displayName' => 'surname', |
59 |
'sn' => 'surname', |
'sn' => 'surname', |
60 |
'pager' => 'cardnumber', |
'pager' => 'rfid_sid', |
61 |
}; |
}; |
62 |
|
|
63 |
# attributes which are same for whole set, but somehow |
# attributes which are same for whole set, but somehow |
99 |
|
|
100 |
sub __ldap_search_to_sql { |
sub __ldap_search_to_sql { |
101 |
my ( $how, $what ) = @_; |
my ( $how, $what ) = @_; |
102 |
warn "### how $how\n"; |
warn "### __ldap_search_to_sql $how ",dump( $what ),"\n"; |
103 |
if ( $how eq 'equalityMatch' && defined $what ) { |
if ( $how eq 'equalityMatch' && defined $what ) { |
104 |
my $name = $what->{attributeDesc} || warn "ERROR: no attributeDesc?"; |
my $name = $what->{attributeDesc} || warn "ERROR: no attributeDesc?"; |
105 |
my $value = $what->{assertionValue} || warn "ERROR: no assertionValue?"; |
my $value = $what->{assertionValue} || warn "ERROR: no assertionValue?"; |
106 |
if ( ! $ldap_ignore->{ $name } ) { |
if ( ! $ldap_ignore->{ $name } ) { |
107 |
push @limits, __sql_column($name) . ' = ?'; |
push @limits, __sql_column($name) . ' = ?'; |
108 |
push @values, $value; |
push @values, $value; |
109 |
|
} else { |
110 |
|
warn "IGNORED: $name = $value"; |
111 |
} |
} |
112 |
} elsif ( $how eq 'substrings' ) { |
} elsif ( $how eq 'substrings' ) { |
113 |
foreach my $substring ( @{ $what->{substrings} } ) { |
foreach my $substring ( @{ $what->{substrings} } ) { |
127 |
push @limits, "$name IS NOT NULL and length($name) > 1"; |
push @limits, "$name IS NOT NULL and length($name) > 1"; |
128 |
## XXX length(foo) > 1 to avoid empty " " strings |
## XXX length(foo) > 1 to avoid empty " " strings |
129 |
} else { |
} else { |
130 |
warn "UNSUPPORTED: how $how what ",dump( $what ); |
warn "UNSUPPORTED: $how ",dump( $what ); |
131 |
} |
} |
132 |
} |
} |
133 |
|
|
147 |
my $sql_where = ''; |
my $sql_where = ''; |
148 |
@values = (); |
@values = (); |
149 |
|
|
150 |
foreach my $join_with ( keys %{ $reqData->{'filter'} } ) { |
foreach my $filter ( keys %{ $reqData->{'filter'} } ) { |
151 |
|
|
152 |
warn "## join_with $join_with\n"; |
warn "## filter $filter ", dump( $reqData->{'filter'}->{ $filter } ), "\n"; |
153 |
|
|
154 |
@limits = (); |
@limits = (); |
155 |
|
|
156 |
foreach my $filter ( @{ $reqData->{'filter'}->{ $join_with } } ) { |
if ( ref $reqData->{'filter'}->{ $filter } eq 'ARRAY' ) { |
157 |
warn "### filter ",dump($filter),$/; |
|
158 |
foreach my $how ( keys %$filter ) { |
foreach my $filter ( @{ $reqData->{'filter'}->{ $filter } } ) { |
159 |
if ( $how eq 'or' ) { |
warn "### filter ",dump($filter),$/; |
160 |
__ldap_search_to_sql( %$_ ) foreach ( @{ $filter->{$how} } ); |
foreach my $how ( keys %$filter ) { |
161 |
} else { |
if ( $how eq 'or' ) { |
162 |
__ldap_search_to_sql( $how, $filter->{$how} ); |
__ldap_search_to_sql( %$_ ) foreach ( @{ $filter->{$how} } ); |
163 |
|
} else { |
164 |
|
__ldap_search_to_sql( $how, $filter->{$how} ); |
165 |
|
} |
166 |
|
warn "## limits ",dump(@limits), " values ",dump(@values); |
167 |
} |
} |
|
warn "## limits ",dump(@limits), " values ",dump(@values); |
|
168 |
} |
} |
|
} |
|
169 |
|
|
170 |
$sql_where .= ' ' . join( " $join_with ", @limits ); |
$sql_where .= ' ' . join( " $filter ", @limits ); |
171 |
|
|
172 |
|
} else { |
173 |
|
__ldap_search_to_sql( $filter, $reqData->{'filter'}->{$filter} ); |
174 |
|
} |
175 |
|
|
176 |
} |
} |
177 |
|
|
179 |
$sql_where = " where $sql_where"; |
$sql_where = " where $sql_where"; |
180 |
} |
} |
181 |
|
|
182 |
warn "# SQL:\n$sql_select $sql_where\n# DATA: ",dump( @values ); |
warn "# SQL:\n$sql_select\n$sql_where\n# DATA: ",dump( @values ); |
183 |
my $sth = $dbh->prepare( $sql_select . $sql_where . " LIMIT $max_results" ); # XXX remove limit? |
my $sth = $dbh->prepare( $sql_select . $sql_where . " LIMIT $max_results" ); # XXX remove limit? |
184 |
$sth->execute( @values ); |
$sth->execute( @values ); |
185 |
|
|
191 |
|
|
192 |
my $dn = 'uid=' . $row->{uid} || die "no uid"; |
my $dn = 'uid=' . $row->{uid} || die "no uid"; |
193 |
$dn =~ s{[@\.]}{,dc=}g; |
$dn =~ s{[@\.]}{,dc=}g; |
194 |
|
$dn .= ',' . $base unless $dn =~ m{dc}i; |
195 |
|
|
196 |
my $entry = Net::LDAP::Entry->new; |
my $entry = Net::LDAP::Entry->new; |
197 |
$entry->dn( $dn . $base ); |
$entry->dn( $dn ); |
198 |
|
$entry->add( objectClass => [ |
199 |
|
"person", |
200 |
|
"organizationalPerson", |
201 |
|
"inetOrgPerson", |
202 |
|
"hrEduPerson", |
203 |
|
] ); |
204 |
$entry->add( %$row ); |
$entry->add( %$row ); |
205 |
|
|
206 |
#warn "### entry ",dump( $entry ); |
#$entry->changetype( 'modify' ); |
207 |
|
|
208 |
|
warn "### entry ",$entry->dump( \*STDERR ); |
209 |
|
|
210 |
push @entries, $entry; |
push @entries, $entry; |
211 |
} |
} |