Release note v16.0
------------------ ### Features * Advanced Employee Management Module is now included in IceHrm Open Source Edition * LDAP Module which was only available in IceHrm Enterprise is now included in open source also * Initial implementation of icehrm REST Api for reading employee details * Improvements to data filtering * Multiple tabs for settings module * Overtime reports - now its possible to calculate overtime for employees.compatible with US overtime rules * Logout the user if tried accessing an unauthorized module * Setting for updating module names ### Fixes * Fix issue: classes should be loaded even the module is disabled * Deleting the only Admin user is not allowed * Fixes for handling non UTF-8 * Fix for non-mandatory select boxes are shown as mandatory
This commit is contained in:
Thilina Hasantha
82
core-ext/classes/LDAPManager.php
Normal file
82
core-ext/classes/LDAPManager.php
Normal file
@@ -0,0 +1,82 @@
|
||||
<?php
|
||||
|
||||
class LDAPManager {
|
||||
|
||||
private static $me = null;
|
||||
|
||||
private function __construct(){
|
||||
|
||||
}
|
||||
|
||||
|
||||
public static function getInstance(){
|
||||
if(empty(self::$me)){
|
||||
self::$me = new LDAPManager();
|
||||
}
|
||||
|
||||
return self::$me;
|
||||
}
|
||||
|
||||
public function checkLDAPLogin($user, $password){
|
||||
$ldap_host = SettingsManager::getInstance()->getSetting("LDAP: Server");
|
||||
$ldap_port = SettingsManager::getInstance()->getSetting("LDAP: Port");
|
||||
$ldap_dn = SettingsManager::getInstance()->getSetting("LDAP: Root DN");
|
||||
|
||||
$managerDN = SettingsManager::getInstance()->getSetting("LDAP: Manager DN");
|
||||
$managerPassword = SettingsManager::getInstance()->getSetting("LDAP: Manager Password");
|
||||
|
||||
// connect to active directory
|
||||
if(empty($ldap_port)){
|
||||
$ldap_port = 389;
|
||||
}
|
||||
|
||||
$ldap = ldap_connect($ldap_host, intval($ldap_port));
|
||||
|
||||
if(!$ldap){
|
||||
return new IceResponse(IceResponse::ERROR,"Could not connect to LDAP Server");
|
||||
}
|
||||
|
||||
LogManager::getInstance()->debug("LDAP Connect Result:".print_r($ldap,true));
|
||||
|
||||
if(SettingsManager::getInstance()->getSetting("LDAP: Version 3") == "1"){
|
||||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
}
|
||||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
// verify user and password
|
||||
$bind = @ldap_bind($ldap, $managerDN, $managerPassword);
|
||||
|
||||
LogManager::getInstance()->debug("LDAP Manager Bind:".print_r($bind,true));
|
||||
|
||||
if($bind) {
|
||||
|
||||
$userFilterStr = SettingsManager::getInstance()->getSetting("LDAP: User Filter");
|
||||
|
||||
$filter = str_replace("{}", $user, $userFilterStr); //"(uid=" . $user . ")";
|
||||
$result = ldap_search($ldap, $ldap_dn, $filter);
|
||||
LogManager::getInstance()->debug("LDAP Search Result:".print_r($result,true));
|
||||
if(!$result){
|
||||
exit("Unable to search LDAP server");
|
||||
}
|
||||
$entries = ldap_get_entries($ldap, $result);
|
||||
LogManager::getInstance()->debug("LDAP Search Entries:".print_r($entries,true));
|
||||
|
||||
if(empty($entries) || !isset($entries[0]) || !isset($entries[0]['dn'])){
|
||||
return new IceResponse(IceResponse::ERROR,"Invalid user");
|
||||
}
|
||||
|
||||
$bind = @ldap_bind($ldap,$entries[0]['dn'], $password);
|
||||
ldap_unbind($ldap);
|
||||
|
||||
if($bind){
|
||||
return new IceResponse(IceResponse::SUCCESS, $entries[0]);
|
||||
}else{
|
||||
return new IceResponse(IceResponse::ERROR,"Invalid user");
|
||||
}
|
||||
|
||||
|
||||
} else {
|
||||
return new IceResponse(IceResponse::ERROR,"Invalid manager user");
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user