feat: enhance admin session management and display accessible OUs in menu
This commit is contained in:
Morph01
@@ -1,5 +1,4 @@
|
||||
<?php
|
||||
|
||||
require_once __DIR__ . '/../models/LDAPAuth.php';
|
||||
|
||||
class AuthController
|
||||
@@ -23,6 +22,7 @@ class AuthController
|
||||
$_SESSION['login'] = true;
|
||||
$_SESSION['sAMAccountName'] = $_POST['sAMAccountName'];
|
||||
$_SESSION['is_admin'] = $result['is_admin'];
|
||||
$_SESSION['admin_ous'] = $result['admin_ous']; // Stocker les OUs administrables
|
||||
$_SESSION['password'] = $_POST['user_password'];
|
||||
header('Location: /index.php');
|
||||
exit;
|
||||
|
||||
@@ -1,136 +1,20 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/../models/LDAPAuth.php';
|
||||
|
||||
function listAllOU()
|
||||
{
|
||||
if (session_status() == PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
if (!isset($_SESSION['sAMAccountName'])) {
|
||||
die("Nom utilisateur manquant. Veuillez vous reconnecter.");
|
||||
}
|
||||
|
||||
$ldapconn = ldap_connect("ldap://intranet.epul3a.local")
|
||||
or die("Could not connect to LDAP server.");
|
||||
|
||||
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
$ldap_user = "CN=" . $_SESSION['sAMAccountName'] . ",CN=Users,DC=epul3a,DC=local";
|
||||
|
||||
if (!@ldap_bind($ldapconn, $ldap_user, $_SESSION['password'])) {
|
||||
die("Could not bind to LDAP server: " . ldap_error($ldapconn));
|
||||
}
|
||||
|
||||
$searchBase = "DC=epul3a,DC=local";
|
||||
$filter = "(objectClass=organizationalUnit)";
|
||||
$attributes = array("ou", "distinguishedName");
|
||||
|
||||
$result = @ldap_search($ldapconn, $searchBase, $filter, $attributes);
|
||||
|
||||
$ous = [];
|
||||
if ($result) {
|
||||
$entries = ldap_get_entries($ldapconn, $result);
|
||||
if ($entries['count'] > 0) {
|
||||
foreach ($entries as $key => $entry) {
|
||||
if (is_numeric($key)) {
|
||||
$ous[] = $entry; // Ajouter chaque OU au tableau
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
echo "Error: " . ldap_error($ldapconn);
|
||||
}
|
||||
|
||||
ldap_close($ldapconn);
|
||||
return $ous; // Retourner le tableau des OUs
|
||||
$ldapAuth = new LDAPAuth();
|
||||
return $ldapAuth->listAllOU();
|
||||
}
|
||||
|
||||
function listAllUsers()
|
||||
{
|
||||
if (session_status() == PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
$ldapconn = ldap_connect("ldap://intranet.epul3a.local")
|
||||
or die("Could not connect to LDAP server.");
|
||||
|
||||
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
$ldap_user = "CN=" . $_SESSION['sAMAccountName'] . ",CN=Users,DC=epul3a,DC=local";
|
||||
|
||||
if (!@ldap_bind($ldapconn, $ldap_user, $_SESSION['password'])) {
|
||||
die("Could not bind to LDAP server: " . ldap_error($ldapconn));
|
||||
}
|
||||
|
||||
$searchBase = "DC=epul3a,DC=local";
|
||||
$filter = "(objectClass=user)";
|
||||
$attributes = array("cn", "sn", "givenName", "mail", "distinguishedName");
|
||||
|
||||
$result = @ldap_search($ldapconn, $searchBase, $filter, $attributes);
|
||||
|
||||
$users = [];
|
||||
if ($result) {
|
||||
$entries = ldap_get_entries($ldapconn, $result);
|
||||
if ($entries['count'] > 0) {
|
||||
foreach ($entries as $key => $entry) {
|
||||
if (is_numeric($key)) {
|
||||
// Extraire l'OU du DN
|
||||
preg_match('/OU=([^,]+)/', $entry['distinguishedname'][0], $matches);
|
||||
$ou = isset($matches[1]) ? $matches[1] : 'Users';
|
||||
$entry['ou'] = $ou; // Ajouter l'OU à l'entrée de l'utilisateur
|
||||
$users[] = $entry; // Ajouter chaque utilisateur au tableau
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
echo "Error: " . ldap_error($ldapconn);
|
||||
}
|
||||
|
||||
ldap_close($ldapconn);
|
||||
return $users; // Retourner le tableau des utilisateurs
|
||||
$ldapAuth = new LDAPAuth();
|
||||
return $ldapAuth->listAllUsers();
|
||||
}
|
||||
|
||||
function getUserOU($username)
|
||||
{
|
||||
if (session_status() == PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
|
||||
$ldapServer = "ldap://intranet.epul3a.local";
|
||||
$ldapUser = "CN=" . $_SESSION['sAMAccountName'] . ",CN=Users,DC=epul3a,DC=local";
|
||||
$ldapPassword = $_SESSION['password'];
|
||||
|
||||
$ldapconn = ldap_connect($ldapServer) or die("Could not connect to LDAP server.");
|
||||
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
if (!@ldap_bind($ldapconn, $ldapUser, $ldapPassword)) {
|
||||
die("Could not bind to LDAP server: " . ldap_error($ldapconn));
|
||||
}
|
||||
|
||||
$searchBase = "DC=epul3a,DC=local";
|
||||
$filter = "(sAMAccountName=$username)";
|
||||
$attributes = ["distinguishedName"];
|
||||
|
||||
$result = @ldap_search($ldapconn, $searchBase, $filter, $attributes);
|
||||
|
||||
if ($result) {
|
||||
$entries = ldap_get_entries($ldapconn, $result);
|
||||
if ($entries['count'] > 0) {
|
||||
$dn = $entries[0]['distinguishedname'][0];
|
||||
|
||||
// Extraire l'OU du DN
|
||||
preg_match('/OU=([^,]+)/', $dn, $matches);
|
||||
$ou = isset($matches[1]) ? $matches[1] : null;
|
||||
|
||||
ldap_close($ldapconn);
|
||||
return $ou;
|
||||
}
|
||||
} else {
|
||||
echo "Error: " . ldap_error($ldapconn);
|
||||
}
|
||||
|
||||
ldap_close($ldapconn);
|
||||
return null;
|
||||
}
|
||||
$ldapAuth = new LDAPAuth();
|
||||
return $ldapAuth->getUserOU($username);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user