phpldapadmin/app/Http/Controllers/HomeController.php

339 lines
8.4 KiB
PHP
Raw Normal View History

2020-08-20 22:33:13 +10:00
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
2020-09-15 22:40:32 +10:00
use Illuminate\Support\Arr;
2020-09-19 00:08:00 +10:00
use Illuminate\Support\Collection;
2020-09-15 22:40:32 +10:00
use Illuminate\Support\Facades\Auth;
2020-09-13 21:30:04 +10:00
use Illuminate\Support\Facades\Crypt;
2020-09-19 00:08:00 +10:00
use Illuminate\Support\Facades\File;
2023-09-02 20:50:54 +10:00
use Illuminate\Support\Facades\Redirect;
2023-03-31 15:55:08 +11:00
use LdapRecord\Exceptions\InsufficientAccessException;
use LdapRecord\LdapRecordException;
2023-02-14 21:38:42 +11:00
use LdapRecord\Query\ObjectNotFoundException;
2020-08-20 22:33:13 +10:00
2023-09-02 20:50:54 +10:00
use App\Classes\LDAP\{Attribute,Server};
use App\Classes\LDAP\Import\LDIF as LDIFImport;
use App\Classes\LDAP\Export\LDIF as LDIFExport;
use App\Exceptions\Import\{GeneralException,VersionException};
use App\Exceptions\InvalidUsage;
use App\Http\Requests\{EntryRequest,ImportRequest};
use App\Ldap\Entry;
2023-09-02 20:50:54 +10:00
use App\View\Components\AttributeType;
use Nette\NotImplementedException;
2020-08-22 22:26:06 +10:00
2020-08-20 22:33:13 +10:00
class HomeController extends Controller
{
private function bases()
{
$base = Server::baseDNs() ?: collect();
return $base->transform(function($item) {
return [
'title'=>$item->getRdn(),
'item'=>$item->getDNSecure(),
'lazy'=>TRUE,
'icon'=>'fa-fw fas fa-sitemap',
'tooltip'=>$item->getDn(),
];
});
}
2023-01-27 19:59:31 +11:00
/**
* Debug Page
*
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Contracts\View\View
*/
public function debug()
{
return view('debug');
}
2023-03-31 15:55:08 +11:00
/**
* Render a specific DN
*
* @param Request $request
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Contracts\View\View
*/
public function dn_frame(Request $request)
{
$dn = Crypt::decryptString($request->post('key'));
2023-04-12 08:17:57 +10:00
$page_actions = collect(['edit'=>TRUE,'copy'=>TRUE]);
2023-03-31 15:55:08 +11:00
return view('frames.dn')
->with('o',config('server')->fetch($dn))
2023-04-12 08:17:57 +10:00
->with('dn',$dn)
->with('page_actions',$page_actions);
2023-03-31 15:55:08 +11:00
}
public function entry_export(Request $request,string $id)
{
$dn = Crypt::decryptString($id);
$result = (new Entry)
->query()
//->cache(Carbon::now()->addSeconds(Config::get('ldap.cache.time')))
//->select(['*'])
->setDn($dn)
->recursive()
->get();
return view('fragment.export')
->with('result',new LDIFExport($result));
}
2023-09-02 20:50:54 +10:00
public function entry_newattr(string $id)
{
$x = new AttributeType(new Attribute($id,[]),TRUE);
return $x->render();
}
public function entry_password_check(Request $request)
{
$dn = Crypt::decryptString($request->dn);
$o = config('server')->fetch($dn);
$password = $o->getObject('userpassword');
$result = collect();
foreach ($password as $key => $value) {
$type = $password->hash_id($value);
$compare = Arr::get($request->password,$key);
//Log::debug(sprintf('comparing [%s] with [%s] type [%s]',$value,$compare,$type));
$result->push((($compare !== NULL) && Attribute\Password::hash($type)->compare($value,$compare)) ? 'OK' :'FAIL');
}
return $result;
}
2023-09-02 20:50:54 +10:00
/**
* Show a confirmation to update a DN
*
* @param EntryRequest $request
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Contracts\View\View|\Illuminate\Foundation\Application|\Illuminate\Http\RedirectResponse
* @throws ObjectNotFoundException
*/
public function entry_pending_update(EntryRequest $request)
2023-03-31 15:55:08 +11:00
{
$dn = Crypt::decryptString($request->dn);
$o = config('server')->fetch($dn);
foreach ($request->except(['_token','dn','userpassword_hash','userpassword']) as $key => $value)
$o->{$key} = array_filter($value,fn($item)=>! is_null($item));
2023-03-31 15:55:08 +11:00
// We need to process and encrypt the password
$passwords = [];
foreach ($request->userpassword as $key => $value) {
if ($value) {
$type = Arr::get($request->userpassword_hash,$key);
array_push($passwords,Attribute\Password::hash($type)->encode($value));
}
}
$o->userpassword = $passwords;
2023-09-02 20:50:54 +10:00
if (! $o->getDirty())
return back()
->withInput()
->with('note',__('No attributes changed'));
return view('update')
->with('bases',$this->bases())
2023-09-02 20:50:54 +10:00
->with('dn',$dn)
->with('o',$o);
}
/**
* Update a DN entry
*
* @param EntryRequest $request
* @return \Illuminate\Http\RedirectResponse
* @throws ObjectNotFoundException
*/
public function entry_update(EntryRequest $request)
{
$dn = Crypt::decryptString($request->dn);
$o = config('server')->fetch($dn);
foreach ($request->except(['_token','dn']) as $key => $value)
$o->{$key} = array_filter($value);
2023-03-31 15:55:08 +11:00
if (! $dirty=$o->getDirty())
2023-04-12 08:17:57 +10:00
return back()
2023-09-02 20:50:54 +10:00
->withInput()
2023-04-12 08:17:57 +10:00
->with('note',__('No attributes changed'));
2023-03-31 15:55:08 +11:00
try {
$o->update($request->except(['_token','dn']));
} catch (InsufficientAccessException $e) {
$request->flash();
switch ($x=$e->getDetailedError()->getErrorCode()) {
case 50:
2023-09-02 20:50:54 +10:00
return Redirect::to('/')
->withInput()
2023-04-12 08:17:57 +10:00
->withErrors(sprintf('%s: %s (%s)',__('LDAP Server Error Code'),$x,__($e->getDetailedError()->getErrorMessage())));
2023-03-31 15:55:08 +11:00
default:
abort(599,$e->getDetailedError()->getErrorMessage());
}
} catch (LdapRecordException $e) {
$request->flash();
switch ($x=$e->getDetailedError()->getErrorCode()) {
case 8:
2023-09-02 20:50:54 +10:00
return Redirect::to('/')
->withInput()
2023-04-12 08:17:57 +10:00
->withErrors(sprintf('%s: %s (%s)',__('LDAP Server Error Code'),$x,__($e->getDetailedError()->getErrorMessage())));
2023-03-31 15:55:08 +11:00
default:
abort(599,$e->getDetailedError()->getErrorMessage());
}
}
2023-09-02 20:50:54 +10:00
return Redirect::to('/')
->withInput()
2023-04-12 08:17:57 +10:00
->with('success',__('Entry updated'))
->with('updated',$dirty);
2023-03-31 15:55:08 +11:00
}
/**
* Application home page
*/
2020-09-19 00:08:00 +10:00
public function home()
{
2023-04-12 23:18:26 +10:00
if (old('dn'))
return view('frame')
->with('subframe','dn')
->with('bases',$this->bases())
2023-04-12 23:18:26 +10:00
->with('o',config('server')->fetch($dn=Crypt::decryptString(old('dn'))))
2023-03-31 15:55:08 +11:00
->with('dn',$dn);
elseif (old('frame'))
return view('frame')
->with('subframe',old('frame'))
->with('bases',$this->bases());
2023-03-31 15:55:08 +11:00
else
return view('home')
->with('bases',$this->bases())
2023-03-31 15:55:08 +11:00
->with('server',config('ldap.connections.default.name'));
2020-09-13 21:30:04 +10:00
}
/**
* Process the incoming LDIF file or LDIF text
*
* @param ImportRequest $request
* @param string $type
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Contracts\View\View|\Illuminate\Foundation\Application
* @throws GeneralException
* @throws VersionException
*/
public function import(ImportRequest $request,string $type)
{
switch ($type) {
case 'ldif':
$import = new LDIFImport($x=($request->text ?: $request->file->get()));
break;
default:
abort(404,'Unknown import type: '.$type);
}
try {
$result = $import->process();
} catch (NotImplementedException $e) {
abort(555,$e->getMessage());
} catch (\Exception $e) {
abort(598,$e->getMessage());
}
return view('frame')
->with('subframe','import_result')
->with('bases',$this->bases())
->with('result',$result)
->with('ldif',htmlspecialchars($x));
}
public function import_frame()
{
return view('frames.import');
}
/**
* LDAP Server INFO
*
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Contracts\View\View
*/
2020-09-19 00:08:00 +10:00
public function info()
{
return view('frames.info')
->with('s',config('server'));
2020-09-19 00:08:00 +10:00
}
/**
* Show the Schema Viewer
*
* @note Our route will validate that types are valid.
* @param Request $request
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Contracts\View\View
* @throws InvalidUsage
*/
public function schema_frame(Request $request)
2023-02-14 21:38:42 +11:00
{
$s = config('server');
// If an invalid key, we'll 404
if ($request->type && $request->key && ($s->schema($request->type)->has($request->key) === FALSE))
abort(404);
return view('frames.schema')
->with('type',$request->type)
->with('key',$request->key);
2023-02-14 21:38:42 +11:00
}
2020-09-19 00:08:00 +10:00
/**
* Sort the attributes
*
* @param Collection $attrs
* @return Collection
*/
private function sortAttrs(Collection $attrs): Collection
{
return $attrs->sortKeys();
2020-08-22 22:26:06 +10:00
}
2020-09-15 22:40:32 +10:00
/**
* Return the image for the logged in user or anonymous
*
* @param Request $request
* @return mixed
*/
public function user_image(Request $request)
{
$image = NULL;
$content = NULL;
if (Auth::check()) {
$image = Arr::get(Auth::user()->getAttribute('jpegphoto'),0);
$content = 'image/jpeg';
}
if (! $image) {
$image = File::get('../resources/images/user-secret-solid.svg');
$content = 'image/svg+xml';
}
return response($image)
->header('Content-Type',$content);
}
2020-08-20 22:33:13 +10:00
}