r107411 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r107410‎ \| r107411 \| r107412 >
Date:	20:14, 27 December 2011
Author:	laner
Status:	ok
Tags:
Comment:	Fixing static calls to LdapAuthenticationPlugin
Modified paths:	/trunk/extensions/LdapAuthentication/LdapAuthentication.php (modified) (history)

Diff [purge]

Index: trunk/extensions/LdapAuthentication/LdapAuthentication.php
—	—	@@ -633,15 +633,15 @@
634	634	// anything back, then the user exists.
635	635	if ( $this->useAutoAuth() && $searchstring != '' ) {
636	636	// getSearchString is going to bind, but will not unbind
637		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	637	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
638	638	return true;
639	639	}
640	640
641	641	// Search for the entry.
642		~~- $entry = LdapAuthentication::ldap_read( $this->ldapconn, $searchstring, "objectclass=*" );~~
	642	+ $entry = LdapAuthenticationPlugin::ldap_read( $this->ldapconn, $searchstring, "objectclass=*" );
643	643
644	644	// getSearchString is going to bind, but will not unbind
645		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	645	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
646	646	if ( !$entry ) {
647	647	$this->printDebug( "Did not find a matching user in LDAP", NONSENSITIVE );
648	648	return false;
—	—	@@ -702,7 +702,7 @@
703	703	$this->printDebug( "Using servers: $servers", SENSITIVE );
704	704
705	705	// Connect and set options
706		~~- $this->ldapconn = LdapAuthentication::ldap_connect( $servers );~~
	706	+ $this->ldapconn = LdapAuthenticationPlugin::ldap_connect( $servers );
707	707	ldap_set_option( $this->ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3 );
708	708	ldap_set_option( $this->ldapconn, LDAP_OPT_REFERRALS, 0 );
709	709
—	—	@@ -777,7 +777,7 @@
778	778	// return true, and will let anyone in!
779	779	if ( '' == $this->userdn ) {
780	780	$this->printDebug( "User DN is blank", NONSENSITIVE );
781		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	781	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
782	782	$this->markAuthFailed();
783	783	return false;
784	784	}
—	—	@@ -813,12 +813,12 @@
814	814	$filter = "(" . $aa . ")";
815	815	$attributes = array( "dn" );
816	816
817		~~- $entry = LdapAuthentication::ldap_read( $this->ldapconn, $this->userdn, $filter, $attributes );~~
818		~~- $info = LdapAuthentication::ldap_get_entries( $this->ldapconn, $entry );~~
	817	+ $entry = LdapAuthenticationPlugin::ldap_read( $this->ldapconn, $this->userdn, $filter, $attributes );
	818	+ $info = LdapAuthenticationPlugin::ldap_get_entries( $this->ldapconn, $entry );
819	819
820	820	if ( $info["count"] < 1 ) {
821	821	$this->printDebug( "Failed auth attribute check", NONSENSITIVE );
822		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	822	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
823	823	$this->markAuthFailed();
824	824	return false;
825	825	}
—	—	@@ -828,14 +828,14 @@
829	829	$this->getGroups( $username );
830	830
831	831	if ( !$this->checkGroups( $username ) ) {
832		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	832	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
833	833	$this->markAuthFailed();
834	834	return false;
835	835	}
836	836
837	837	$this->getPreferences();
838	838
839		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	839	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
840	840	} else {
841	841	$this->markAuthFailed();
842	842	return false;
—	—	@@ -959,9 +959,9 @@
960	960	// domain credentials for security reasons.
961	961	$password = '';
962	962
963		~~- $success = LdapAuthentication::ldap_modify( $this->ldapconn, $this->userdn, $values );~~
	963	+ $success = LdapAuthenticationPlugin::ldap_modify( $this->ldapconn, $this->userdn, $values );
964	964
965		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	965	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
966	966	if ( $success ) {
967	967	$this->printDebug( "Successfully modified the user's password", NONSENSITIVE );
968	968	return true;
—	—	@@ -1021,13 +1021,13 @@
1022	1022	if ( '' != $this->realname ) { $values["cn"] = $this->realname; }
1023	1023	if ( '' != $this->lang ) { $values["preferredlanguage"] = $this->lang; }
1024	1024
1025		~~- if ( 0 != sizeof( $values ) && LdapAuthentication::ldap_modify( $this->ldapconn, $this->userdn, $values ) ) {~~
	1025	+ if ( 0 != sizeof( $values ) && LdapAuthenticationPlugin::ldap_modify( $this->ldapconn, $this->userdn, $values ) ) {
1026	1026	$this->printDebug( "Successfully modified the user's attributes", NONSENSITIVE );
1027		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	1027	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
1028	1028	return true;
1029	1029	} else {
1030	1030	$this->printDebug( "Failed to modify the user's attributes", NONSENSITIVE );
1031		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	1031	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
1032	1032	return false;
1033	1033	}
1034	1034	} else {
—	—	@@ -1120,7 +1120,7 @@
1121	1121	} else {
1122	1122	$this->printDebug( "wgLDAPWriteLocation is not set, failing", NONSENSITIVE );
1123	1123	// getSearchString will bind, but will not unbind
1124		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	1124	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
1125	1125	return false;
1126	1126	}
1127	1127	}
—	—	@@ -1147,7 +1147,7 @@
1148	1148	wfRunHooks( 'LDAPSetCreationValues', array( $this, $username, &$values, $writeloc, &$this->userdn, &$result ) );
1149	1149	if ( ! $result ) {
1150	1150	$this->printDebug( "Failed to add user because LDAPSetCreationValues returned false", NONSENSITIVE );
1151		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	1151	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
1152	1152	return false;
1153	1153	}
1154	1154
—	—	@@ -1157,13 +1157,13 @@
1158	1158	}
1159	1159
1160	1160	$this->printDebug( "Adding user", NONSENSITIVE );
1161		~~- if ( LdapAuthentication::ldap_add( $this->ldapconn, $this->userdn, $values ) ) {~~
	1161	+ if ( LdapAuthenticationPlugin::ldap_add( $this->ldapconn, $this->userdn, $values ) ) {
1162	1162	$this->printDebug( "Successfully added user", NONSENSITIVE );
1163		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	1163	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
1164	1164	return true;
1165	1165	} else {
1166	1166	$this->printDebug( "Failed to add user", NONSENSITIVE );
1167		~~- LdapAuthentication::ldap_unbind( $this->ldapconn );~~
	1167	+ LdapAuthenticationPlugin::ldap_unbind( $this->ldapconn );
1168	1168	return false;
1169	1169	}
1170	1170	} else {
—	—	@@ -1446,14 +1446,14 @@
1447	1447
1448	1448	$this->printDebug( "Using base: $base", SENSITIVE );
1449	1449
1450		~~- $entry = LdapAuthentication::ldap_search( $this->ldapconn, $base, $filter, $attributes );~~
1451		~~- if ( LdapAuthentication::ldap_count_entries( $this->ldapconn, $entry ) == 0 ) {~~
	1450	+ $entry = LdapAuthenticationPlugin::ldap_search( $this->ldapconn, $base, $filter, $attributes );
	1451	+ if ( LdapAuthenticationPlugin::ldap_count_entries( $this->ldapconn, $entry ) == 0 ) {
1452	1452	$this->printDebug( "Couldn't find an entry", NONSENSITIVE );
1453	1453	$this->fetchedUserInfo = false;
1454	1454	return '';
1455	1455	}
1456	1456
1457		~~- $this->userInfo = LdapAuthentication::ldap_get_entries( $this->ldapconn, $entry );~~
	1457	+ $this->userInfo = LdapAuthenticationPlugin::ldap_get_entries( $this->ldapconn, $entry );
1458	1458	$this->fetchedUserInfo = true;
1459	1459	if ( isset( $this->userInfo[0][$searchattr] ) ) {
1460	1460	$username = $this->userInfo[0][$searchattr][0];
—	—	@@ -1493,8 +1493,8 @@
1494	1494	// Don't fetch the same data more than once
1495	1495	// TODO: use memcached here
1496	1496
1497		~~- $entry = LdapAuthentication::ldap_read( $this->ldapconn, $userdn, "objectclass=", array( '', 'memberof' ) );~~
1498		~~- $userInfo = LdapAuthentication::ldap_get_entries( $this->ldapconn, $entry );~~
	1497	+ $entry = LdapAuthenticationPlugin::ldap_read( $this->ldapconn, $userdn, "objectclass=", array( '', 'memberof' ) );
	1498	+ $userInfo = LdapAuthenticationPlugin::ldap_get_entries( $this->ldapconn, $entry );
1499	1499	if ( $userInfo["count"] < 1 ) {
1500	1500	return;
1501	1501	} else {
—	—	@@ -1658,10 +1658,10 @@
1659	1659	}
1660	1660	} else {
1661	1661	$this->printDebug( "Searching for the groups", NONSENSITIVE );
1662		~~- $this->userLDAPGroups = LdapAuthentication::ldap_searchGroups( $usertopass );~~
	1662	+ $this->userLDAPGroups = LdapAuthenticationPlugin::ldap_searchGroups( $usertopass );
1663	1663
1664	1664	if ( $this->getConf( 'GroupSearchNestedGroups' ) ) {
1665		~~- $this->userLDAPGroups = LdapAuthentication::ldap_searchNestedGroups( $this->userLDAPGroups );~~
	1665	+ $this->userLDAPGroups = LdapAuthenticationPlugin::ldap_searchNestedGroups( $this->userLDAPGroups );
1666	1666	$this->printDebug( "Got the following nested groups:", SENSITIVE, $this->userLDAPGroups["dn"] );
1667	1667	}
1668	1668	}
—	—	@@ -1669,7 +1669,7 @@
1670	1670	// Only find all groups if the user has any groups; otherwise, we are
1671	1671	// just wasting a search.
1672	1672	if ( $this->getConf( 'GroupsPrevail' ) && count( $this->userLDAPGroups ) != 0 ) {
1673		~~- $this->allLDAPGroups = LdapAuthentication::ldap_searchGroups( '*' );~~
	1673	+ $this->allLDAPGroups = LdapAuthenticationPlugin::ldap_searchGroups( '*' );
1674	1674	}
1675	1675	}
1676	1676	}
—	—	@@ -1697,7 +1697,7 @@
1698	1698
1699	1699	$groupstosearch = array( "short" => array(), "dn" => array() );
1700	1700	foreach ( $groups["dn"] as $group ) {
1701		~~- $returnedgroups = LdapAuthentication::ldap_searchGroups( $group );~~
	1701	+ $returnedgroups = LdapAuthenticationPlugin::ldap_searchGroups( $group );
1702	1702	$this->printDebug( "Group $group is in the following groups:", SENSITIVE, $returnedgroups["dn"] );
1703	1703	foreach ( $returnedgroups["dn"] as $searchme ) {
1704	1704	if ( in_array( $searchme, $searchedgroups["dn"] ) ) {
—	—	@@ -1723,7 +1723,7 @@
1724	1724
1725	1725	$searchedgroups = array_merge_recursive( $groups, $searchedgroups );
1726	1726
1727		~~- return LdapAuthentication::ldap_searchNestedGroups( $groupstosearch, $searchedgroups );~~
	1727	+ return LdapAuthenticationPlugin::ldap_searchNestedGroups( $groupstosearch, $searchedgroups );
1728	1728	}
1729	1729
1730	1730	/**
—	—	@@ -1763,8 +1763,8 @@
1764	1764	if ( $dn != "*" ) {
1765	1765	$PGfilter = "(&(distinguishedName=$value)(objectclass=user))";
1766	1766	$this->printDebug( "User Filter: $PGfilter", SENSITIVE );
1767		~~- $PGinfo = LdapAuthentication::ldap_search( $this->ldapconn, $base, $PGfilter );~~
1768		~~- $PGentries = LdapAuthentication::ldap_get_entries( $this->ldapconn, $PGinfo );~~
	1767	+ $PGinfo = LdapAuthenticationPlugin::ldap_search( $this->ldapconn, $base, $PGfilter );
	1768	+ $PGentries = LdapAuthenticationPlugin::ldap_get_entries( $this->ldapconn, $PGinfo );
1769	1769	if ( $PGentries ) {
1770	1770	$Usid = $PGentries[0]['objectsid'][0];
1771	1771	$PGrid = $PGentries[0]['primarygroupid'][0];
—	—	@@ -1787,8 +1787,8 @@
1788	1788	}
1789	1789	$PGfilter = "(&(objectSid=$PGsid_string)(objectclass=$objectclass))";
1790	1790	$this->printDebug( "Primary Group Filter: $PGfilter", SENSITIVE );
1791		~~- $info = LdapAuthentication::ldap_search( $this->ldapconn, $base, $PGfilter );~~
1792		~~- $PGentries = LdapAuthentication::ldap_get_entries( $this->ldapconn, $info );~~
	1791	+ $info = LdapAuthenticationPlugin::ldap_search( $this->ldapconn, $base, $PGfilter );
	1792	+ $PGentries = LdapAuthenticationPlugin::ldap_get_entries( $this->ldapconn, $info );
1793	1793	array_shift( $PGentries );
1794	1794	$dnMember = strtolower( $PGentries[0]['dn'] );
1795	1795	$groups["dn"][] = $dnMember;
—	—	@@ -1808,7 +1808,7 @@
1809	1809
1810	1810	$this->printDebug( "Search string: $filter", SENSITIVE );
1811	1811
1812		~~- $info = LdapAuthentication::ldap_search( $this->ldapconn, $base, $filter );~~
	1812	+ $info = LdapAuthenticationPlugin::ldap_search( $this->ldapconn, $base, $filter );
1813	1813	if ( !$info ) {
1814	1814	$this->printDebug( "No entries returned from search.", SENSITIVE );
1815	1815
—	—	@@ -1817,7 +1817,7 @@
1818	1818	return array( "short" => array(), "dn" => array() );
1819	1819	}
1820	1820
1821		~~- $entries = LdapAuthentication::ldap_get_entries( $this->ldapconn, $info );~~
	1821	+ $entries = LdapAuthenticationPlugin::ldap_get_entries( $this->ldapconn, $info );
1822	1822
1823	1823	if ( $entries ){
1824	1824	// We need to shift because the first entry will be a count
—	—	@@ -1995,9 +1995,9 @@
1996	1996	function bindAs( $userdn = null, $password = null ) {
1997	1997	// Let's see if the user can authenticate.
1998	1998	if ( $userdn == null \|\| $password == null ) {
1999		~~- $bind = LdapAuthentication::ldap_bind( $this->ldapconn );~~
	1999	+ $bind = LdapAuthenticationPlugin::ldap_bind( $this->ldapconn );
2000	2000	} else {
2001		~~- $bind = LdapAuthentication::ldap_bind( $this->ldapconn, $userdn, $password );~~
	2001	+ $bind = LdapAuthenticationPlugin::ldap_bind( $this->ldapconn, $userdn, $password );
2002	2002	}
2003	2003	if ( !$bind ) {
2004	2004	$this->printDebug( "Failed to bind as $userdn", NONSENSITIVE );

Status & tagging log

17:42, 4 January 2012 Reedy (talk | contribs) changed the status of r107411 [removed: new added: ok]