ACU/ACU/LDAP.pm

#! /usr/bin/env perl

package LDAP;

use v5.10.1;
use strict;
use warnings;
use Carp;

use Net::LDAPS;
use Net::LDAP::Filter;
use Net::LDAP::Util qw(ldap_error_text);

use ACU::Password;
use ACU::Right;
use ACU::Log;

use constant {
    BASE_DN => "dc=acu,dc=epita,dc=fr",
    YEAR_DN => "cn=year,dc=acu,dc=epita,dc=fr",
};

## Connection functions

our $ldaphost = "ldap.acu.epita.fr";
our $binddn = "cn=intra," . BASE_DN;
my $bindsecret = "";

sub ldap_get_password
{
    if (`hostname` eq "apl") {
	return Password::get_password "/home/2014/mercie_d/.secret_ldap";
    } else {
	return Password::get_password "/home/intradmin/.secret_ldap";
    }
}

our $secret_search = \&ldap_get_password;

sub ldap_connect()
{
    if (!$bindsecret) {
	$bindsecret = $secret_search->();
    }

    my $ldap = Net::LDAPS->new($ldaphost) or die ("$@");
    my $mesg = $ldap->bind($binddn, password => $bindsecret) or die ("$@");

    log(DEBUG, "Connect to LDAP with $binddn");

    croak ldap_error_text($mesg->code) if ($mesg->code);

    return $ldap;
}

sub ldap_connect_anon()
{
    my $ldap = Net::LDAPS->new($ldaphost) or die ("$@");
    my $mesg = $ldap->bind or die ("$@");

    log(DEBUG, "Connect to LDAP anonymously");

    croak ldap_error_text($mesg->code) if ($mesg->code);

    return $ldap;
}


## High end functions

sub add_group($$$;$)
{
    my $ldap = shift // ldap_connect();
    my $cn = shift;
    my $year = shift // get_year();
    my $ou = shift // "intra"; # expected roles or intra

    my $dn = "cn=$cn,ou=$year,ou=$ou,ou=groups," . BASE_DN;

    log(DEBUG, "Add group $dn");

    my $mesg = $ldap->add( $dn,
		attrs => [
		    objectclass => "intraGroup",
		    cn => $cn,
		]
	);
    if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }

    return $dn;
}

sub get_year(;$)
{
    my $ldap = shift // ldap_connect_anon();

    return get_attribute($ldap, YEAR_DN, "year");
}

sub get_rights($)
{
    my $login = shift;
    my @rights;

    my $ldap = ldap_connect_anon();

    my $mesg = $ldap->search( # search
			      base   => "ou=roles,ou=groups," . BASE_DN,
			      filter => Net::LDAP::Filter->new("&(memberUid=$login)(objectClass=intraGroup)"),
			      attrs => [ 'intraRight' ],
			      scope => "sub"
	);
    if ($mesg->code != 0) { die $mesg->error; }

    for my $entry ($mesg->entries)
    {
	for my $r ($entry->get_value('intraRight'))
	{
	    if ($r =~ /^!(.*)$/) {
		@rights = grep { $r ne $_ } @rights;
	    }
	    else {
		push @rights, Right->new($r);
	    }
	}
    }


    $mesg = $ldap->search( # search
			   base   => "ou=intra,ou=groups," . BASE_DN,
			   filter => Net::LDAP::Filter->new("&(memberUid=$login)(objectClass=intraGroup)"),
			   attrs => [ 'intraRight' ],
			   scope => "sub"
	);
    if ($mesg->code != 0) { die $mesg->error; }
    if ($mesg->count != 1) { die "User $login not found or multiple presence"; }

    for my $entry ($mesg->entries)
    {
	for my $r ($entry->get_value('intraRight')) {
	    push @rights, Right->new($r);
	}
    }


    $mesg = $ldap->search( # search
			   base   => "ou=users," . BASE_DN,
			   filter => Net::LDAP::Filter->new("&(uid=$login)(objectClass=intraAccount)"),
			   attrs => [ 'intraRight' ],
			   scope => "sub"
	);
    if ($mesg->code != 0) { die $mesg->error; }
    if ($mesg->count != 1) { die "User $login not found or multiple presence"; }

    for my $r ($mesg->entry(0)->get_value('intraRight')) {
	push @rights, Right->new($r);
    }


    $ldap->unbind or die ("couldn't disconnect correctly");

    return @rights;
}

sub has_right($$)
{
    my $login = shift;
    my $right = shift;

    my $ok = 0;

    for my $r (get_rights($login))
    {
	if ($r->{right} eq $right)
	{
	    return 0 if ($r->{negate});
	    $ok = $r;
	}
    }

    return $ok;
}


## Low level functions

sub get_dn($$@)
{
    my $ldap = shift // ldap_connect();
    my $dn = shift;

    my $base = BASE_DN;
    $dn = "$dn," . BASE_DN if ($dn !~ /$base$/);

    my $mesg = $ldap->search( # search
			      base   => "$dn",
			      filter => Net::LDAP::Filter->new("(objectClass=*)"),
			      attrs => \@_,
			      scope => "base"
	);
    return undef if ($mesg->code != 0);
    if ($mesg->count != 1) { log(WARN, "$dn not found or multiple entries match"); return undef; }

    return $mesg->entry(0);
}

sub add_attribute($$$@)
{
    my $ldap = shift // ldap_connect();
    my $dn = shift;
    my $what = shift;

    my $mod = 0;

    my $entry = get_dn($ldap, $dn, $what);
    if (!$entry) {
	log(WARN, "Trying to add attributes ($what) to an unexisting entry: $dn");
	log(TRACE, @_);
	return undef;
    }
    my @data = $entry->get_value($what);
    for my $value (@_)
    {
	if (! grep { $value eq $_ } @data)
	{
	    $mod = 1;

	    log(DEBUG, "Add attribute $value to $dn");

	    push @data, $value;
	}
	else {
	    log(WARN, "Attribute $what with value $value for $dn already exists.");
	}
    }

    if ($mod)
    {
	$entry->replace($what => \@data) or die $!;
	my $mesg = $entry->update($ldap) or die $!;

	if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }

	return 1;
    }
    else {
	return 0;
    }
}

sub delete_attribute($$$@)
{
    my $ldap = shift // ldap_connect();
    my $dn = shift;
    my $what = shift;

    my $mod = 0;

    my $entry = get_dn($ldap, $dn, $what);
    my @data = $entry->get_value($what);
    for my $value (@_)
    {
	if (grep { $value eq $_ } @data)
	{
	    log(DEBUG, "Remove attribute $what ($value) from $dn");

	    @data = grep { $value ne $_ } @data;
	    $mod = 1;
	}
	else {
	    log(WARN, "No attribute $what with value $value for $dn");
	}
    }

    if ($mod)
    {
	$entry->replace($what => \@data) or die $!;
	my $mesg = $entry->update($ldap) or die $!;
	if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }
	return 1;
    }
    else {
	return 0;
    }
}

sub delete_entry($$)
{
    my $ldap = shift // ldap_connect();

    my $mesg = $ldap->delete( shift );

    if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }

    return 1;
}

sub flush_attribute($$@)
{
    my $ldap = shift // ldap_connect();
    my $dn = shift;

    my $mesg = $ldap->modify($dn, delete => \@_);

    if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }

    return 1;
}

sub get_attribute($$$)
{
    my $ldap = shift // ldap_connect();
    my $dn = shift;
    my $what = shift;

    if (!$dn) { return undef; }

    return get_dn($ldap, $dn, $what)->get_value($what);
}

sub search_dn($$@)
{
    my $ldap = shift // ldap_connect();
    my $base = shift;
    my $filter = shift;

    $base .= "," if ($base);

    log (DEBUG, "Looking for $filter in $base" . BASE_DN);

    my $mesg = $ldap->search( # search
			      base   => $base . BASE_DN,
			      filter => Net::LDAP::Filter->new($filter),
			      attrs => [ ],
			      scope => "sub"
	);
    return undef if ($mesg->code != 0);
    croak("$filter not found") if ($mesg->count == 0);
    croak("$filter not unique") if ($mesg->count > 1);

    return $mesg->entry(0)->dn;
}

sub search_dns($$$@)
{
    my $ldap = shift // ldap_connect();
    my $base = shift;
    my $filter = shift;

    $base .= "," if ($base);

    my $mesg = $ldap->search( # search
			      base   => $base . BASE_DN,
			      filter => Net::LDAP::Filter->new($filter),
			      attrs => \@_,
			      scope => "sub"
	);
    if ($mesg->code != 0) { log(WARN, $mesg->error); return []; }

    return $mesg->entries;
}

sub update_attribute($$$@)
{
    my $ldap = shift // ldap_connect();
    my $dn = shift;
    my $what = shift;

    my $entry = get_dn($ldap, $dn, $what);
    $entry->replace($what => \@_);
    my $mesg = $entry->update($ldap);

    if ($mesg->code != 0) {
	log(WARN, $mesg->error);
	return 0;
    }

    return 1;
}

1;
Talk with LDAP 2013-09-02 17:13:12 +00:00			`#! /usr/bin/env perl`

			`package LDAP;`

			`use v5.10.1;`
			`use strict;`
			`use warnings;`
Patch for FreeBSD 2013-09-28 21:11:46 +00:00			`use Carp;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
			`use Net::LDAPS;`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`use Net::LDAP::Filter;`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`use Net::LDAP::Util qw(ldap_error_text);`

			`use ACU::Password;`
			`use ACU::Right;`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00			`use ACU::Log;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`use constant {`
			`BASE_DN => "dc=acu,dc=epita,dc=fr",`
			`YEAR_DN => "cn=year,dc=acu,dc=epita,dc=fr",`
			`};`

Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`## Connection functions`

			`our $ldaphost = "ldap.acu.epita.fr";`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`our $binddn = "cn=intra," . BASE_DN;`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $bindsecret = "";`

			`sub ldap_get_password`
			`{`
APL get password from ~mercie_d 2013-09-16 17:00:37 +00:00			if (`hostname` eq "apl") {
			`return Password::get_password "/home/2014/mercie_d/.secret_ldap";`
			`} else {`
			`return Password::get_password "/home/intradmin/.secret_ldap";`
			`}`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`}`

			`our $secret_search = \&ldap_get_password;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
			`sub ldap_connect()`
			`{`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00			`if (!$bindsecret) {`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`$bindsecret = $secret_search->();`
			`}`

Talk with LDAP 2013-09-02 17:13:12 +00:00			`my $ldap = Net::LDAPS->new($ldaphost) or die ("$@");`
			`my $mesg = $ldap->bind($binddn, password => $bindsecret) or die ("$@");`

New logging system 2013-09-04 00:56:29 +00:00			`log(DEBUG, "Connect to LDAP with $binddn");`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`croak ldap_error_text($mesg->code) if ($mesg->code);`
Talk with LDAP 2013-09-02 17:13:12 +00:00
			`return $ldap;`
			`}`

			`sub ldap_connect_anon()`
			`{`
			`my $ldap = Net::LDAPS->new($ldaphost) or die ("$@");`
			`my $mesg = $ldap->bind or die ("$@");`

New logging system 2013-09-04 00:56:29 +00:00			`log(DEBUG, "Connect to LDAP anonymously");`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`croak ldap_error_text($mesg->code) if ($mesg->code);`
Talk with LDAP 2013-09-02 17:13:12 +00:00
			`return $ldap;`
			`}`


Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`## High end functions`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Refactor update_group to work as update_user 2013-09-02 19:09:51 +00:00			`sub add_group($$$;$)`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`{`
Refactor update_group to work as update_user 2013-09-02 19:09:51 +00:00			`my $ldap = shift // ldap_connect();`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`my $cn = shift;`
Refactor update_group to work as update_user 2013-09-02 19:09:51 +00:00			`my $year = shift // get_year();`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`my $ou = shift // "intra"; # expected roles or intra`

LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`my $dn = "cn=$cn,ou=$year,ou=$ou,ou=groups," . BASE_DN;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
New logging system 2013-09-04 00:56:29 +00:00			`log(DEBUG, "Add group $dn");`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
Talk with LDAP 2013-09-02 17:13:12 +00:00			`my $mesg = $ldap->add( $dn,`
			`attrs => [`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`objectclass => "intraGroup",`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`cn => $cn,`
			`]`
			`);`
New logging system 2013-09-04 00:56:29 +00:00			`if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }`
Talk with LDAP 2013-09-02 17:13:12 +00:00
			`return $dn;`
			`}`

Sanities LDAP code 2013-09-28 16:52:38 +00:00			`sub get_year(;$)`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`{`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`my $ldap = shift // ldap_connect_anon();`
Talk with LDAP 2013-09-02 17:13:12 +00:00
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`return get_attribute($ldap, YEAR_DN, "year");`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`}`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`sub get_rights($)`
			`{`
			`my $login = shift;`
			`my @rights;`

			`my $ldap = ldap_connect_anon();`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
Talk with LDAP 2013-09-02 17:13:12 +00:00			`my $mesg = $ldap->search( # search`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`base => "ou=roles,ou=groups," . BASE_DN,`
			`filter => Net::LDAP::Filter->new("&(memberUid=$login)(objectClass=intraGroup)"),`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`attrs => [ 'intraRight' ],`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`scope => "sub"`
			`);`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`if ($mesg->code != 0) { die $mesg->error; }`

			`for my $entry ($mesg->entries)`
			`{`
			`for my $r ($entry->get_value('intraRight'))`
			`{`
			`if ($r =~ /^!(.*)$/) {`
			`@rights = grep { $r ne $_ } @rights;`
			`}`
			`else {`
			`push @rights, Right->new($r);`
			`}`
			`}`
			`}`
Talk with LDAP 2013-09-02 17:13:12 +00:00

Sanities LDAP code 2013-09-28 16:52:38 +00:00			`$mesg = $ldap->search( # search`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`base => "ou=intra,ou=groups," . BASE_DN,`
			`filter => Net::LDAP::Filter->new("&(memberUid=$login)(objectClass=intraGroup)"),`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`attrs => [ 'intraRight' ],`
			`scope => "sub"`
			`);`
			`if ($mesg->code != 0) { die $mesg->error; }`
			`if ($mesg->count != 1) { die "User $login not found or multiple presence"; }`

			`for my $entry ($mesg->entries)`
			`{`
			`for my $r ($entry->get_value('intraRight')) {`
			`push @rights, Right->new($r);`
			`}`
			`}`


			`$mesg = $ldap->search( # search`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`base => "ou=users," . BASE_DN,`
			`filter => Net::LDAP::Filter->new("&(uid=$login)(objectClass=intraAccount)"),`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`attrs => [ 'intraRight' ],`
			`scope => "sub"`
			`);`
			`if ($mesg->code != 0) { die $mesg->error; }`
			`if ($mesg->count != 1) { die "User $login not found or multiple presence"; }`

			`for my $r ($mesg->entry(0)->get_value('intraRight')) {`
			`push @rights, Right->new($r);`
			`}`


			`$ldap->unbind or die ("couldn't disconnect correctly");`

			`return @rights;`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`}`

Sanities LDAP code 2013-09-28 16:52:38 +00:00			`sub has_right($$)`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`{`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`my $login = shift;`
			`my $right = shift;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`my $ok = 0;`

			`for my $r (get_rights($login))`
			`{`
			`if ($r->{right} eq $right)`
			`{`
			`return 0 if ($r->{negate});`
			`$ok = $r;`
			`}`
			`}`

			`return $ok;`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`}`


			`## Low level functions`

			`sub get_dn($$@)`
			`{`
			`my $ldap = shift // ldap_connect();`
			`my $dn = shift;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Fix LDAP search 2013-11-15 11:40:29 +00:00			`my $base = BASE_DN;`
			`$dn = "$dn," . BASE_DN if ($dn !~ /$base$/);`

Talk with LDAP 2013-09-02 17:13:12 +00:00			`my $mesg = $ldap->search( # search`
			`base => "$dn",`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`filter => Net::LDAP::Filter->new("(objectClass=*)"),`
Fix get_dn function 2013-09-12 11:06:29 +00:00			`attrs => \@_,`
LPT: fix grant-lab and add delete account capability 2013-11-07 13:46:28 +00:00			`scope => "base"`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`);`
LPT: fix grant-lab and add delete account capability 2013-11-07 13:46:28 +00:00			`return undef if ($mesg->code != 0);`
New logging system 2013-09-04 00:56:29 +00:00			`if ($mesg->count != 1) { log(WARN, "$dn not found or multiple entries match"); return undef; }`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`return $mesg->entry(0);`
			`}`

			`sub add_attribute($$$@)`
			`{`
			`my $ldap = shift // ldap_connect();`
			`my $dn = shift;`
			`my $what = shift;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $mod = 0;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $entry = get_dn($ldap, $dn, $what);`
Fix some typos 2013-09-09 11:43:35 +00:00			`if (!$entry) {`
			`log(WARN, "Trying to add attributes ($what) to an unexisting entry: $dn");`
			`log(TRACE, @_);`
			`return undef;`
			`}`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my @data = $entry->get_value($what);`
			`for my $value (@_)`
			`{`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`if (! grep { $value eq $_ } @data)`
			`{`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`$mod = 1;`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
New logging system 2013-09-04 00:56:29 +00:00			`log(DEBUG, "Add attribute $value to $dn");`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`push @data, $value;`
			`}`
Fix grep in LDAP.pm 2013-09-03 13:12:05 +00:00			`else {`
New logging system 2013-09-04 00:56:29 +00:00			`log(WARN, "Attribute $what with value $value for $dn already exists.");`
Fix grep in LDAP.pm 2013-09-03 13:12:05 +00:00			`}`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`}`

			`if ($mod)`
			`{`
			`$entry->replace($what => \@data) or die $!;`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00			`my $mesg = $entry->update($ldap) or die $!;`

New logging system 2013-09-04 00:56:29 +00:00			`if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`return 1;`
			`}`
			`else {`
			`return 0;`
			`}`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`}`

Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`sub delete_attribute($$$@)`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`{`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $ldap = shift // ldap_connect();`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`my $dn = shift;`
			`my $what = shift;`

Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $mod = 0;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $entry = get_dn($ldap, $dn, $what);`
			`my @data = $entry->get_value($what);`
			`for my $value (@_)`
			`{`
Sanities LDAP code 2013-09-28 16:52:38 +00:00			`if (grep { $value eq $_ } @data)`
			`{`
New logging system 2013-09-04 00:56:29 +00:00			`log(DEBUG, "Remove attribute $what ($value) from $dn");`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
Fix LDAP attribute suppression 2013-10-24 22:18:15 +00:00			`@data = grep { $value ne $_ } @data;`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`$mod = 1;`
			`}`
Add some debug messages 2013-09-03 06:07:02 +00:00			`else {`
New logging system 2013-09-04 00:56:29 +00:00			`log(WARN, "No attribute $what with value $value for $dn");`
Add some debug messages 2013-09-03 06:07:02 +00:00			`}`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`}`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`if ($mod)`
			`{`
			`$entry->replace($what => \@data) or die $!;`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00			`my $mesg = $entry->update($ldap) or die $!;`
New logging system 2013-09-04 00:56:29 +00:00			`if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`return 1;`
			`}`
			`else {`
			`return 0;`
			`}`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`}`

Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`sub delete_entry($$)`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`{`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $ldap = shift // ldap_connect();`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Some fixes in LDAP 2013-09-03 05:20:58 +00:00			`my $mesg = $ldap->delete( shift );`

New logging system 2013-09-04 00:56:29 +00:00			`if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Some fixes in LDAP 2013-09-03 05:20:58 +00:00			`return 1;`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`}`

			`sub flush_attribute($$@)`
			`{`
			`my $ldap = shift // ldap_connect();`
			`my $dn = shift;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Same :( 2013-09-15 22:20:26 +00:00			`my $mesg = $ldap->modify($dn, delete => \@_);`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
New logging system 2013-09-04 00:56:29 +00:00			`if ($mesg->code != 0) { log(WARN, $mesg->error); return 0; }`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00
			`return 1;`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`}`

Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`sub get_attribute($$$)`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`{`
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $ldap = shift // ldap_connect();`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`my $dn = shift;`
			`my $what = shift;`

lpt can add group and grant-mail works 2013-09-06 03:22:35 +00:00			`if (!$dn) { return undef; }`

Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`return get_dn($ldap, $dn, $what)->get_value($what);`
			`}`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Refactor update_group to work as update_user 2013-09-02 19:09:51 +00:00			`sub search_dn($$@)`
			`{`
			`my $ldap = shift // ldap_connect();`
			`my $base = shift;`
			`my $filter = shift;`

LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`$base .= "," if ($base);`

			`log (DEBUG, "Looking for $filter in $base" . BASE_DN);`
Refactor update_group to work as update_user 2013-09-02 19:09:51 +00:00
			`my $mesg = $ldap->search( # search`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`base => $base . BASE_DN,`
			`filter => Net::LDAP::Filter->new($filter),`
Refactor update_group to work as update_user 2013-09-02 19:09:51 +00:00			`attrs => [ ],`
			`scope => "sub"`
			`);`
LPT: fix grant-lab and add delete account capability 2013-11-07 13:46:28 +00:00			`return undef if ($mesg->code != 0);`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`croak("$filter not found") if ($mesg->count == 0);`
			`croak("$filter not unique") if ($mesg->count > 1);`
Refactor update_group to work as update_user 2013-09-02 19:09:51 +00:00
			`return $mesg->entry(0)->dn;`
			`}`

New logging system 2013-09-04 00:56:29 +00:00			`sub search_dns($$$@)`
			`{`
			`my $ldap = shift // ldap_connect();`
			`my $base = shift;`
			`my $filter = shift;`

LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`$base .= "," if ($base);`
New logging system 2013-09-04 00:56:29 +00:00
			`my $mesg = $ldap->search( # search`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`base => $base . BASE_DN,`
			`filter => Net::LDAP::Filter->new($filter),`
			`attrs => \@_,`
New logging system 2013-09-04 00:56:29 +00:00			`scope => "sub"`
			`);`
LDAP: Fix for stabilization 2013-10-28 14:11:04 +00:00			`if ($mesg->code != 0) { log(WARN, $mesg->error); return []; }`
New logging system 2013-09-04 00:56:29 +00:00
			`return $mesg->entries;`
			`}`

Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`sub update_attribute($$$@)`
			`{`
			`my $ldap = shift // ldap_connect();`
			`my $dn = shift;`
			`my $what = shift;`
Talk with LDAP 2013-09-02 17:13:12 +00:00
Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`my $entry = get_dn($ldap, $dn, $what);`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00			`$entry->replace($what => \@_);`
			`my $mesg = $entry->update($ldap);`

			`if ($mesg->code != 0) {`
New logging system 2013-09-04 00:56:29 +00:00			`log(WARN, $mesg->error);`
Some fixes in LDAP 2013-09-03 05:20:58 +00:00			`return 0;`
			`}`

Refactoring LDAP package 2013-09-02 18:43:18 +00:00			`return 1;`
Talk with LDAP 2013-09-02 17:13:12 +00:00			`}`

			`1;`