Location: PHPKode > projects > iF.SVNAdmin > svnadmin/update_ldap.php
<?php
/**
 * iF.SVNAdmin
 * Copyright (c) 2010 by Manuel Freiholz
 * http://www.insanefactory.com/
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; version 2
 * of the License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.
 */
/**
 * This script must be executed with cron-job or a windows task.
 *
 * It is important that the execution working directory is set to the same
 * path where the script and the iF.SVNAdmin application takes place.
 */
include_once("include/config.inc.php");

// Is LDAP configured and is it required to execute this script?
// Currently it only makes sense, when the group view provider is ldap configured,
// cause the user view provider does not support caching!
if( $appEngine->getConfig()->getValue("Engine:Providers", "GroupViewProviderType") != "ldap" )
{
  echo "The application is not configured for LDAP usage.";
  exit(1);
}

$uprov = $appEngine->getUserViewProvider();
if( $uprov == NULL )
{
  echo "Wooops!? No LDAP user view provider.\n";
  exit(1);
}

$gprov = $appEngine->getGroupViewProvider();
if( $gprov == NULL )
{
  echo "Wooops!? No LDAP group view provider.\n";
  exit(1);
}

//
// We get all users and all groups first.
// On this way we have only two request to the LDAP server
// and the searching for user-group associations are much faster
// on this way.
//


// User entries.
$userEntries = NULL;
$userAttributes = array();
foreach( $uprov->users_attributes as $name )
{
  array_push($userAttributes, $name);
}
array_push($userAttributes, $uprov->groups_to_users_attribute_value);
$userEntries = $uprov->p_getUsers($userAttributes);


// Group entries.
$groupEntries = NULL;
$groupAttributes = array();
foreach( $gprov->groups_attributes as $name )
{
  array_push($groupAttributes, $name);
}
array_push($groupAttributes, $gprov->groups_to_users_attribute);
$groupEntries = $gprov->p_getGroups($groupAttributes);


//
// Now we iterate all groups and search
// the userEntries array for members of the group.
//


// The property names of a group and user object, which are needed.
$pgName = strtolower($gprov->groups_attributes[0]);
$pgMemberId = strtolower($gprov->groups_to_users_attribute);

$puName = strtolower($uprov->users_attributes[0]);
$puId = strtolower($gprov->groups_to_users_attribute_value);

// This is the group section, fill it with
// "groupname"=>"member1,member2,member3".
$section = array();

foreach($groupEntries as $eGroup)
{
  $members = "";

  // Iterate the member of a group.
  if( !property_exists($eGroup,$pgMemberId) )
  { // No members
  }
  elseif( is_array($eGroup->$pgMemberId) )
  { // Multiple members.
    $doComma = false;
    foreach($eGroup->$pgMemberId as $mid)
    {
      foreach($userEntries as $eUser)
      {
        if( $eUser->$puId == $mid )
        {
          if( $doComma )
          {
            $members.= ",";
          }
          $doComma = true;
          $members.= $eUser->$puName;
        }
      }
    }
  }
  else
  { // One member.
    foreach($userEntries as $eUser)
    {
      if( $eUser->$puId == $eGroup->$pgMemberId )
      {
        $members.=$eUser->$puName;
        break;
      }
    }
  }
  
  $section[$eGroup->$pgName] = $members;
}
ksort($section);


//
// Open the subversion authorization file.
// Remove the old [groups] block and replace it
// with the new created one from LDAP.
//


// Open the file.
$svnAuthFile = $cfg->getValue("Subversion", "SVNAuthFile");
$svnFile = new \IF_SVNAuthFileC;
if( !$svnFile->open( $svnAuthFile ) )
{
  echo 'Can not open or read SVNAuthFile: ' . $svnAuthFile . "\n";
  echo 'Did you configured your SVNAuthFile path? (+rw)';
  exit(1);
}

// Override the [groups] section from SVNAuthFile.
$svnFile->m_data[$svnFile->GROUP_SECTION] = $section;
if( $svnFile->save() )
{
  exit(0);
}
else
{
  exit(1);
}
?>
Return current item: iF.SVNAdmin