| Index: trunk/extensions/OpenStackManager/OpenStackNovaUser.php |
| — | — | @@ -409,12 +409,15 @@ |
| 410 | 410 | * @param $auth |
| 411 | 411 | * @param $username |
| 412 | 412 | * @param $values |
| | 413 | + * @param $writeloc |
| | 414 | + * @param $userdn |
| 413 | 415 | * @param $result |
| 414 | 416 | * @return bool |
| 415 | 417 | */ |
| 416 | | - static function LDAPSetCreationValues( $auth, $username, &$values, &$result ) { |
| | 418 | + static function LDAPSetCreationValues( $auth, $username, &$values, $writeloc, &$userdn, &$result ) { |
| 417 | 419 | global $wgOpenStackManagerLDAPDefaultGid; |
| 418 | 420 | global $wgOpenStackManagerLDAPDefaultShell; |
| | 421 | + global $wgOpenStackManagerLDAPUseUidAsNamingAttribute; |
| 419 | 422 | global $wgRequest; |
| 420 | 423 | |
| 421 | 424 | $values['objectclass'][] = 'person'; |
| — | — | @@ -462,6 +465,15 @@ |
| 463 | 466 | $values['homedirectory'] = '/home/' . $username; |
| 464 | 467 | $values['loginshell'] = $wgOpenStackManagerLDAPDefaultShell; |
| 465 | 468 | |
| | 469 | + if ( $wgOpenStackManagerLDAPUseUidAsNamingAttribute ) { |
| | 470 | + if ( $writeloc = '' ) { |
| | 471 | + return false; |
| | 472 | + $auth->printDebug( "Trying to set the userdn, but write location isn't set.", NONSENSITIVE ); |
| | 473 | + } else { |
| | 474 | + $userdn = 'uid=' . $username . ',' . $writeloc; |
| | 475 | + $auth->printDebug( "Using uid as the naming attribute, dn is: $userdn", NONSENSITIVE ); |
| | 476 | + } |
| | 477 | + } |
| 466 | 478 | $auth->printDebug( "User account's objectclasses: ", NONSENSITIVE, $values['objectclass'] ); |
| 467 | 479 | $auth->printDebug( "User account's attributes: ", HIGHLYSENSITIVE, $values ); |
| 468 | 480 | |
| — | — | @@ -469,7 +481,40 @@ |
| 470 | 482 | } |
| 471 | 483 | |
| 472 | 484 | /** |
| | 485 | + * Hook to add objectclasses and attributes for users that already exist, but have |
| | 486 | + * missing information. |
| | 487 | + * |
| 473 | 488 | * @static |
| | 489 | + * @param $auth |
| | 490 | + * @return bool |
| | 491 | + */ |
| | 492 | + static function LDAPSetNovaInfo( $auth ) { |
| | 493 | + $this->userInfo = $auth->userInfo; |
| | 494 | + if ( !$this->exists() ) { |
| | 495 | + if ( !in_array( 'novauser', $this->userInfo[0]['objectclass'] ) ) { |
| | 496 | + $values['objectclass'] = $this->userInfo[0]['objectclass']; |
| | 497 | + $values['objectclass'][] = 'novauser'; |
| | 498 | + } |
| | 499 | + $values['accesskey'] = OpenStackNovaUser::uuid4(); |
| | 500 | + $values['secretkey'] = OpenStackNovaUser::uuid4(); |
| | 501 | + $values['isnovaadmin'] = 'FALSE'; |
| | 502 | + |
| | 503 | + wfSuppressWarnings(); |
| | 504 | + $success = ldap_modify( $auth->ldapconn, $auth->userdn, $values ); |
| | 505 | + wfRestoreWarnings(); |
| | 506 | + if ( $success ) { |
| | 507 | + $auth->printDebug( "Successfully modified the user's nova attributes", NONSENSITIVE ); |
| | 508 | + return true; |
| | 509 | + } else { |
| | 510 | + $auth->printDebug( "Failed to modify the user's nova attributes", NONSENSITIVE ); |
| | 511 | + # Always return true, other hooks should still run, even if this fails |
| | 512 | + return true; |
| | 513 | + } |
| | 514 | + } |
| | 515 | + } |
| | 516 | + |
| | 517 | + /** |
| | 518 | + * @static |
| 474 | 519 | * @param $template |
| 475 | 520 | * @return bool |
| 476 | 521 | */ |
| Index: trunk/extensions/OpenStackManager/OpenStackManager.php |
| — | — | @@ -131,5 +131,6 @@ |
| 132 | 132 | |
| 133 | 133 | $wgHooks['LDAPSetCreationValues'][] = 'OpenStackNovaUser::LDAPSetCreationValues'; |
| 134 | 134 | $wgHooks['LDAPModifyUITemplate'][] = 'OpenStackNovaUser::LDAPModifyUITemplate'; |
| | 135 | +$wgHooks['LDAPUpdateUser'][] = 'OpenStackNovaUser::LDAPSetNovaInfo'; |
| 135 | 136 | |
| 136 | 137 | require_once( "$IP/extensions/OpenStackManager/OpenStackNovaProject.php" ); |