liuji
/
zentao-ldap-plugin
0
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

feat: add plugin

master
domsgit 6 years ago
parent
86e36f6d9d
commit
ba676e7763
12 changed files with 436 additions and 0 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 27
      doc/zh-cn.yaml
  2. 7
      module/common/ext/lang/zh-cn/ldap-plugin.php
  3. 5
      module/group/ext/lang/en/ldap-resource.php
  4. 5
      module/group/ext/lang/zh-cn/ldap-resource.php
  5. 5
      module/group/ext/lang/zh-tw/ldap-resource.php
  6. 72
      module/ldap/control.php
  7. 28
      module/ldap/lang/en.php
  8. 29
      module/ldap/lang/zh-cn.php
  9. 28
      module/ldap/lang/zh-tw.php
  10. 127
      module/ldap/model.php
  11. 72
      module/ldap/view/setting.html.php
  12. 31
      module/user/ext/model/identify.php

27
doc/zh-cn.yaml
View File

@ -0,0 +1,27 @@
---
name: 禅道开源版LDAP插件
code: ldap
type: extension
site: http://www.zentao.net
author: 'jie.dong<409726418@qq.com>'
abstract: >
支持LDAP验证登录,并将用户的邮箱,姓名同步至禅道数据库。
desc: >
1.插件安装后,在后台页面会多出一个"LDAP"子页面,可在该页面配置LDAP服务器信息
2.本地用户,通过在账户名称前加“$”符号来登录禅道
install: |
1. 通过禅道的插件管理来进行安装。
1.1 使用管理员身份登录禅道,访问插件管理。
1.2 通过本地安装的方式进行安装
2. 手工安装,将代码解压缩,然后将目录拷贝到禅道对应的目录,比如module拷贝到zentao的module。
releases:
1.2:
zentao:
compatible: 11.5
incompatible:
charge: free
date: 2019-05-16
conflicts: null
depends: null
license: LGPL
changelog: >

7
module/common/ext/lang/zh-cn/ldap-plugin.php
View File

@ -0,0 +1,7 @@
<?php
$lang->admin->menu->ldap = array('link' => 'LDAP|ldap|index', 'subModule' => 'ldap');
$lang->ldap = new stdclass();
$lang->ldap->menu = $lang->admin->menu;
$lang->menugroup->ldap = 'admin';
$lang->admin->menuOrder[100] = 'ldap';
$lang->ldap->menuOrder = $lang->admin->menuOrder;

5
module/group/ext/lang/en/ldap-resource.php
View File

@ -0,0 +1,5 @@
<?php
$lang->resource->ldap = new stdclass();
$lang->resource->ldap->index = 'common';
$lang->resource->ldap->setting = 'setting';

5
module/group/ext/lang/zh-cn/ldap-resource.php
View File

@ -0,0 +1,5 @@
<?php
$lang->resource->ldap = new stdclass();
$lang->resource->ldap->index = 'common';
$lang->resource->ldap->setting = 'setting';

5
module/group/ext/lang/zh-tw/ldap-resource.php
View File

@ -0,0 +1,5 @@
<?php
$lang->resource->ldap = new stdclass();
$lang->resource->ldap->index = 'common';
$lang->resource->ldap->setting = 'setting';

72
module/ldap/control.php
View File

@ -0,0 +1,72 @@
<?php
/**
* The control file of user module of ZenTaoPMS.
*
* @copyright Copyright 2009-2015 青岛易软天创网络科技有限公司(QingDao Nature Easy Soft Network Technology Co,LTD, www.cnezsoft.com)
* @license ZPL (http://zpl.pub/page/zplv11.html)
* @author Chunsheng Wang <chunsheng@cnezsoft.com>
* @package user
* @version $Id: control.php 5005 2013-07-03 08:39:11Z chencongzhi520@gmail.com $
* @link http://www.zentao.net
*/
class ldap extends control
{
public $referer;
/**
* Construct
*
* @access public
* @return void
*/
public function __construct()
{
parent::__construct();
}
public function index()
{
$this->locate(inlink('setting'));
}
public function setting()
{
$this->view->title = $this->lang->ldap->common . $this->lang->colon . $this->lang->ldap->setting;
$this->view->position[] = html::a(inlink('index'), $this->lang->ldap->common);
$this->view->position[] = $this->lang->ldap->setting;
$this->display();
}
//将LDAP信息保存至config.php
public function save()
{
if (!empty($_POST)) {
$this->config->ldap->host = $this->post->ldapHost;
$this->config->ldap->version = $this->post->ldapVersion;
$this->config->ldap->bindDN = $this->post->ldapBindDN;
$this->config->ldap->bindPWD = $this->post->ldapPassword;
$this->config->ldap->baseDN = $this->post->ldapBaseDN;
$this->config->ldap->searchFilter = $this->post->ldapFilter;
$this->config->ldap->uid = $this->post->ldapAttr;
$this->config->ldap->mail = $this->post->ldapMail;
// 此处我们把配置写入配置文件
$ldapConfig = "<?php \n"
."\$config->ldap = new stdclass();\n"
."\$config->ldap->host = '{$this->post->ldapHost}';\n"
."\$config->ldap->version = '{$this->post->ldapVersion}';\n"
."\$config->ldap->bindDN = '{$this->post->ldapBindDN}';\n"
."\$config->ldap->bindPWD = '{$this->post->ldapPassword}';\n"
."\$config->ldap->baseDN = '{$this->post->ldapBaseDN}';\n"
."\$config->ldap->searchFilter = '{$this->post->ldapFilter}';\n"
."\$config->ldap->uid = '{$this->post->ldapAttr}';\n"
."\$config->ldap->mail = '{$this->post->ldapMail}';\n"
."\$config->ldap->name = '{$this->post->ldapName}';\n";
$file = fopen("config.php", "w") or die("Unable to open file!");
fwrite($file, $ldapConfig);
fclose($file);
$this->locate(inlink('setting'));
}
}
}

28
module/ldap/lang/en.php
View File

@ -0,0 +1,28 @@
<?php
/**
* The user module English file of ZenTaoPMS.
*
* @copyright Copyright 2009-2015 青岛易软天创网络科技有限公司(QingDao Nature Easy Soft Network Technology Co,LTD, www.cnezsoft.com)
* @license ZPL (http://zpl.pub/page/zplv11.html)
* @author Chunsheng Wang <chunsheng@cnezsoft.com>
* @package user
* @version $Id: en.php 5053 2013-07-06 08:17:37Z wyd621@gmail.com $
* @link http://www.zentao.net
*/
$lang->ldap->common = "LDAP";
$lang->ldap->setting = "Setting";
$lang->ldap->host = 'LDAP Host: ';
$lang->ldap->version = 'Protocol Version: ';
$lang->ldap->bindDN = 'BindDN: ';
$lang->ldap->password = 'BindDN Password: ';
$lang->ldap->baseDN = 'BaseDN: ';
$lang->ldap->filter = 'Search filter: ';
$lang->ldap->attributes = 'Account Attribute: ';
$lang->ldap->sync = 'Sync';
$lang->ldap->save = 'Save';
$lang->ldap->test = 'Connect Test';
$lang->ldap->mail = 'EMail:';
$lang->ldap->name = 'Name Attrubte:';
$lang->ldap->methodOrder[5] = 'index';
$lang->ldap->methodOrder[10] = 'setting';

29
module/ldap/lang/zh-cn.php
View File

@ -0,0 +1,29 @@
<?php
/**
* The user module zh-cn file of ZenTaoPMS.
*
* @copyright Copyright 2009-2015 青岛易软天创网络科技有限公司(QingDao Nature Easy Soft Network Technology Co,LTD, www.cnezsoft.com)
* @license ZPL (http://zpl.pub/page/zplv11.html)
* @author Chunsheng Wang <chunsheng@cnezsoft.com>
* @package user
* @version $Id: zh-cn.php 5053 2013-07-06 08:17:37Z wyd621@gmail.com $
* @link http://www.zentao.net
*/
$lang->ldap->common = "LDAP";
$lang->ldap->setting = "设置";
$lang->ldap->host = 'LDAP服务器: ';
$lang->ldap->version = '协议版本: ';
$lang->ldap->bindDN = 'BindDN: ';
$lang->ldap->password = 'BindDN 密码: ';
$lang->ldap->baseDN = 'BaseDN: ';
$lang->ldap->filter = 'Search filter: ';
$lang->ldap->attributes = '账号字段: ';
$lang->ldap->sync = '手动同步';
$lang->ldap->save = '保存设置';
$lang->ldap->test = '测试连接';
$lang->ldap->mail = 'EMail 字段:';
$lang->ldap->name = '姓名字段:';
$lang->ldap->methodOrder[5] = 'index';
$lang->ldap->methodOrder[10] = 'setting';

28
module/ldap/lang/zh-tw.php
View File

@ -0,0 +1,28 @@
<?php
/**
* The user module zh-tw file of ZenTaoPMS.
*
* @copyright Copyright 2009-2015 青島易軟天創網絡科技有限公司(QingDao Nature Easy Soft Network Technology Co,LTD, www.cnezsoft.com)
* @license ZPL (http://zpl.pub/page/zplv11.html)
* @author Chunsheng Wang <chunsheng@cnezsoft.com>
* @package user
* @version $Id: zh-tw.php 5053 2013-07-06 08:17:37Z wyd621@gmail.com $
* @link http://www.zentao.net
*/
$lang->ldap->common = "LDAP";
$lang->ldap->setting = "设置";
$lang->ldap->host = 'LDAP服务器: ';
$lang->ldap->version = '协议版本: ';
$lang->ldap->bindDN = 'BindDN: ';
$lang->ldap->password = 'BindDN 密码: ';
$lang->ldap->baseDN = 'BaseDN: ';
$lang->ldap->filter = 'Search filter: ';
$lang->ldap->attributes = '账号字段: ';
$lang->ldap->sync = '手动同步';
$lang->ldap->save = '保存设置';
$lang->ldap->test = '测试连接';
$lang->ldap->mail = 'EMail 字段:';
$lang->ldap->name = '姓名字段:';
$lang->ldap->methodOrder[5] = 'index';
$lang->ldap->methodOrder[10] = 'setting';

127
module/ldap/model.php
View File

@ -0,0 +1,127 @@
<?php
/**
* The model file of ldap module of ZenTaoPMS.
*
* @license ZPL (http://zpl.pub/page/zplv11.html)
* @author TigerLau
* @package ldap
* @link http://www.zentao.net
*/
?>
<?php
class ldapModel extends model
{
//通过UID和passwd验证用户登录
//参数:LDAP地址,用户UID,用户口令
//验证成功返回Success,失败返回ldap error message
public function identify($config, $dn, $pwd)
{
$ret = '';
$ds = ldap_connect($config->host);
if ($ds) {
ldap_set_option($ds,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_bind($ds, $dn, $pwd);
$ret = ldap_error($ds);
ldap_close($ds);
} else {
$ret = ldap_error($ds);
}
return $ret;
}
//通过UID获取用户DN信息
//参数:配置文件,用户UID
//返回用户DN信息或者null
public function getUserDN($config, $account)
{
$ret = null;
$ds = ldap_connect($config->host);
if ($ds) {
ldap_set_option($ds,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_bind($ds, $config->bindDN, $config->bindPWD);
//$filter = "(uid=$account)";
$rlt = ldap_search($ds, $config->baseDN, $config->uid.'='.$account);
$count=ldap_count_entries($ds, $rlt);
if($count > 0){
$data = ldap_get_entries($ds, $rlt);
$ret = $data[0]['dn'];
$str = serialize($data);
}
ldap_unbind($ds);
}
return $ret;
}
//添加新用户到禅道数据库
public function addUserToZrnTaoDB($config, $data, $password){
$pass = true;
$user = new stdclass();
//$account = '';
$user->account = $data[0][$config->uid][0];
$user->password = md5($password);
$user->email = $data[0][$config->mail][0];
$user->realname = $data[0][$config->name][0];
$this->dao->insert(TABLE_USER)->data($user)->autoCheck()->exec();
if(dao::isError())
{
echo js::error(dao::getError());
die(js::reload('parent'));
$pass = false;
}
return $pass;
}
//获取LDAP用户信息
//accoutn uid=d0388
public function getUserMessageFromLDAP($config, $account)
{
$ds = ldap_connect($config->host);
if ($ds) {
ldap_set_option($ds,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_bind($ds, $config->bindDN, $config->bindPWD);
$filter = "(|(sn=*))";
$rlt = ldap_search($ds, $config->baseDN, $account);
$data = ldap_get_entries($ds, $rlt);
return $data;
}
return null;
}
//判断当前用户是否存在于禅道数据库
//参数:用户UID
//成功返回true,失败返回false
public function isExistInZenTaoDB($account)
{
$pass = false;
$record = $this->dao->select('*')->from(TABLE_USER)
->where('account')->eq($account)
->andWhere('deleted')->eq(0)
->fetch();
if($record){
$pass = true;
}
return $pass;
}
//更新用户状态
public function updateUserDB($account, $password){
$record = $this->dao->select('*')->from(TABLE_USER)
->where('account')->eq($account)
->andWhere('deleted')->eq(0)
->fetch();
$user = $record;
$ip = $this->server->remote_addr;
$password = md5($password);
$last = $this->server->request_time;
$this->dao->update(TABLE_USER)->set('password')->eq($password)->set('visits = visits + 1')->set('ip')->eq($ip)->set('last')->eq($last)->where('account')->eq($account)->exec();
$user->last = date(DT_DATETIME1, $user->last);
}
//设置新增用户默认权限,默认权限为guest
//参数:account
public function setDefaultUserGroup($account){
$data = new stdclass();
$data->account = $account;
$data->group = 2;
$this->dao->insert(TABLE_USERGROUP)->data($data)->exec();
}
}

72
module/ldap/view/setting.html.php
View File

@ -0,0 +1,72 @@
<?php
/**
* The detect view file of mail module of ZenTaoPMS.
*
* @copyright Copyright 2009-2015 青岛易软天创网络科技有限公司(QingDao Nature Easy Soft Network Technology Co,LTD, www.cnezsoft.com)
* @license ZPL (http://zpl.pub/page/zplv11.html)
* @author Chunsheng Wang <wwccss@cnezsoft.com>
* @package mail
* @version $Id$
* @link http://www.zentao.net
*/
include '../../common/view/header.html.php';
?>
<div class='container mw-700px'>
<div id='titlebar'>
<div class='heading'>
<span class='prefix'><?php echo html::icon($lang->icons['mail']);?></span>
<strong><?php echo $lang->ldap->common;?></strong>
<small class='text-muted'> <?php echo $lang->ldap->setting;?> <?php echo html::icon('cog');?></small>
</div>
</div>
<form class='form-condensed pdt-20' method='post' action='<?php echo inlink('save');?>'>
<table class='table table-form'>
<tr>
<th class='w-p25'><?php echo $lang->ldap->host; ?></th>
<td class='w-p50'><?php echo html::input('ldapHost', $config->ldap->host, "class='form-control'");?></td>
</tr>
<tr>
<th class='w-p25'><?php echo $lang->ldap->version; ?></th>
<td class='w-p50'><?php echo html::input('ldapVersion', $config->ldap->version, "class='form-control'");?></td>
</tr>
<tr>
<th class='w-p25'><?php echo $lang->ldap->bindDN; ?></th>
<td class='w-p50'><?php echo html::input('ldapBindDN', $config->ldap->bindDN, "class='form-control'");?></td>
</tr>
<tr>
<th class='w-p25'><?php echo $lang->ldap->password; ?></th>
<td class='w-p50'><?php echo html::password('ldapPassword', $config->ldap->bindPWD, "class='form-control'");?></td>
</tr>
<tr>
<th class='w-p25'><?php echo $lang->ldap->baseDN; ?></th>
<td class='w-p50'><?php echo html::input('ldapBaseDN', $config->ldap->baseDN, "class='form-control'");?></td>
</tr>
<tr>
<th class='w-p25'><?php echo $lang->ldap->filter; ?></th>
<td class='w-p50'><?php echo html::input('ldapFilter', $config->ldap->searchFilter, "class='form-control'");?></td>
</tr>
<tr>
<th class='w-p25'><?php echo $lang->ldap->attributes; ?></th>
<td class='w-p50'><?php echo html::input('ldapAttr', $config->ldap->uid, "class='form-control'");?></td>
</tr>
<tr>
<th class='w-p25'><?php echo $lang->ldap->mail; ?></th>
<td class='w-p50'><?php echo html::input('ldapMail', $config->ldap->mail, "class='form-control'");?></td>
</tr>
<tr>
<th class='w-p25'><?php echo $lang->ldap->name; ?></th>
<td class='w-p50'><?php echo html::input('ldapName', $config->ldap->name, "class='form-control'");?></td>
</tr>
<tr>
<td class='w-p25'></td>
<td class="text-center">
<?php
echo html::submitButton($lang->ldap->save);
?>
</td>
</tr>
</table>
</form>
</div>
<?php include '../../common/view/footer.html.php';?>

31
module/user/ext/model/identify.php
View File

@ -0,0 +1,31 @@
<?php
public function identify($account, $password, $password1)
{
//如果添加$符号,则启用本地账号。
if (0 == strcmp('$',substr($account, 0, 1))) {
return parent::identify(ltrim($account, '$'), $password);
} else {
//进行LDAP用户验证
$ldap = $this->loadModel('ldap');
$dn = $ldap->getUserDN($this->config->ldap, $account);
$pass = $ldap->identify($this->config->ldap, $dn, $password);
if ('Success' == $pass){
//验证成功
//账户是否存在于禅道DB
if ($ldap->isExistInZenTaoDB($account)){
//存在,更新用户信息并登录
$ldap->updateUserDB($account, $password);
return parent::identify($account, $password);
} else {
//不存在,添加到禅道DB后进行登录
$data = $ldap->getUserMessageFromLDAP($this->config->ldap,$this->config->ldap->uid.'='.$account);
$addUser = $ldap->addUserToZrnTaoDB($this->config->ldap, $data, $password);
//设置用户默认权限
$ldap->setDefaultUserGroup($account);
return parent::identify($account, $password);
}
}
//验证失败
return false;
}
}
Write Preview
Loading…
Cancel
Save