From 4c53e53d2250f0654797481ca68a132cb2403554 Mon Sep 17 00:00:00 2001 From: Djamil Legato Date: Wed, 9 May 2018 18:15:40 -0700 Subject: [PATCH] Added groups support and mapping --- login-ldap.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/login-ldap.php b/login-ldap.php index 5f0fd97..1e4ee61 100644 --- a/login-ldap.php +++ b/login-ldap.php @@ -70,6 +70,7 @@ class LoginLDAPPlugin extends Plugin // Get Proper username $user_dn = $this->config->get('plugins.login-ldap.user_dn'); + $group_dn = $this->config->get('plugins.login-ldap.group_dn'); $search_dn = $this->config->get('plugins.login-ldap.search_dn'); $username = str_replace('[username]', $credentials['username'], $user_dn); @@ -131,6 +132,20 @@ class LoginLDAPPlugin extends Plugin unset($userdata['ldap']['userPassword']); } + // Get Groups + // retrieves all extra groups for user + $query = $ldap->query($group_dn, "(&(cn=*)(memberUid=" . $credentials['username'] . "))"); + $groups = $query->execute()->toArray(); + + // retrieve current primary group for user + $query = $ldap->query($group_dn, 'gidnumber=' . $this->getLDAPMappedItem('gidNumber', $ldap_data)); + $groups = array_merge($groups, $query->execute()->toArray()); + + foreach($groups as $group) { + $attributes = $group->getAttributes(); + $userdata['ldap']['groups'][] = array_shift($attributes['cn']); + } + $grav_user->merge($userdata); // Set Groups