From f5cfb7d3e63fefef588572e722b6a1ef40fa39e1 Mon Sep 17 00:00:00 2001 From: David Coutadeur Date: Fri, 19 Jul 2024 11:43:40 +0200 Subject: [PATCH] add a get_first_value method in LDAP (#23) --- src/Ltb/Ldap.php | 40 +++++++++++++++++- tests/Ltb/LdapTest.php | 96 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 135 insertions(+), 1 deletion(-) diff --git a/src/Ltb/Ldap.php b/src/Ltb/Ldap.php index 333c809..f1feb80 100644 --- a/src/Ltb/Ldap.php +++ b/src/Ltb/Ldap.php @@ -35,7 +35,7 @@ public function __construct( $this->ldap_user_base = $ldap_user_base; $this->ldap_size_limit = $ldap_size_limit; $this->ldap_krb5ccname = $ldap_krb5ccname; - + } function connect() { @@ -393,5 +393,43 @@ function modify_attributes($dn, $userdata): array { 8 => "inhistory" ]; + /** + * get the first value of the first attribute in the first entry found + * @param string $ldap_base: the base search + * @param string $ldap_scope: the scope for the search + * @param string $ldap_filter: the filter for searching the entry + * @param string $attribute: a list of attributes, separated by "," + * @return string: the first value of the first attribute found in the first entry + */ + function get_first_value($ldap_base, $ldap_scope, $ldap_filter, $attribute): string { + + $value = ""; + + if ($this->ldap) { + + # Search entry + $search = $this->search_with_scope($ldap_scope, $ldap_base, $ldap_filter, explode(",", $attribute)); + + $errno = \Ltb\PhpLDAP::ldap_errno($this->ldap); + + if ( $errno ) { + error_log("LDAP - Search error $errno (".\Ltb\PhpLDAP::ldap_error($this->ldap).")"); + } else { + $entry = \Ltb\PhpLDAP::ldap_get_entries($this->ldap, $search); + + # Loop over attribute + foreach ( explode(",", $attribute) as $ldap_attribute ) { + if ( isset ($entry[0][$ldap_attribute]) ) { + $value = $entry[0][$ldap_attribute][0]; + break; + } + } + } + } + + return $value; + + } + } ?> diff --git a/tests/Ltb/LdapTest.php b/tests/Ltb/LdapTest.php index 1680f90..db2d87c 100644 --- a/tests/Ltb/LdapTest.php +++ b/tests/Ltb/LdapTest.php @@ -866,6 +866,102 @@ public function test_modify_attributes(): void } + public function test_get_first_value(): void + { + + $ldap_connection = "ldap_connection"; + $ldap_base = "uid=test,ou=people,dc=my-domain,dc=com"; + $ldap_scope = "base"; + $ldap_filter = '(objectClass=inetOrgPerson)'; + $attribute = "mail,cn"; + $search_result = "search_result"; + $entries = [ + 'count' => 2, + 0 => [ + 'count' => 2, + 0 => 'cn', + 1 => 'sn', + 'cn' => [ + 'count' => 1, + 0 => 'testcn1' + ], + 'sn' => [ + 'count' => 1, + 0 => 'zzzzzz' + ] + ], + 1 => [ + 'count' => 2, + 0 => 'cn', + 1 => 'sn', + 'cn' => [ + 'count' => 1, + 0 => 'testcn2' + ], + 'sn' => [ + 'count' => 1, + 0 => 'aaaaaa' + ] + ] + ]; + + + $phpLDAPMock = Mockery::mock('overload:Ltb\PhpLDAP'); + + $phpLDAPMock->shouldreceive('ldap_read') + ->with($ldap_connection, $ldap_base, $ldap_filter, explode(",", $attribute)) + ->andReturn($search_result); + + $phpLDAPMock->shouldreceive('ldap_errno') + ->with($ldap_connection) + ->andReturn(0); + + $phpLDAPMock->shouldreceive('ldap_get_entries') + ->with($ldap_connection, $search_result) + ->andReturn($entries); + + $ldapInstance = new \Ltb\Ldap( null, null, null, null, null, null, null, null ); + $ldapInstance->ldap = $ldap_connection; + $value = $ldapInstance->get_first_value($ldap_base, $ldap_scope, $ldap_filter, $attribute); + + $this->assertEquals("testcn1", $value, 'Weird value returned by get_first_value method'); + + } + + public function test_get_first_value_error(): void + { + + $ldap_connection = "ldap_connection"; + $ldap_base = "DUMMY"; + $ldap_scope = "base"; + $ldap_filter = '(objectClass=inetOrgPerson)'; + $attribute = "mail,cn"; + $search_result = "search_result"; + $errno = 34; + $error_msg = "invalidDNSyntax"; + + $phpLDAPMock = Mockery::mock('overload:Ltb\PhpLDAP'); + + $phpLDAPMock->shouldreceive('ldap_read') + ->with($ldap_connection, $ldap_base, $ldap_filter, explode(",", $attribute)) + ->andReturn($search_result); + + $phpLDAPMock->shouldreceive('ldap_errno') + ->with($ldap_connection) + ->andReturn($errno); + + $phpLDAPMock->shouldreceive('ldap_error') + ->with($ldap_connection) + ->andReturn($error_msg); + + $ldapInstance = new \Ltb\Ldap( null, null, null, null, null, null, null, null ); + $ldapInstance->ldap = $ldap_connection; + $value = $ldapInstance->get_first_value($ldap_base, $ldap_scope, $ldap_filter, $attribute); + + $this->assertEquals("", $value, 'Weird value returned by get_first_value method called with an invalid DN'); + + } + public function setUp(): void { // Turn on error reporting