1<?php
2/* Copyright (C) 2004		Rodolphe Quiedeville	<rodolphe@quiedeville.org>
3 * Copyright (C) 2004		Sebastien Di Cintio	<sdicintio@ressource-toi.org>
4 * Copyright (C) 2004		Benoit Mortier		<benoit.mortier@opensides.be>
5 * Copyright (C) 2005-2017	Regis Houssin		<regis.houssin@inodbox.com>
6 * Copyright (C) 2006-2020	Laurent Destailleur	<eldy@users.sourceforge.net>
7 * Copyright (C) 2011-2013	Juanjo Menent		<jmenent@2byte.es>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program. If not, see <https://www.gnu.org/licenses/>.
21 */
22
23/**
24 *      \file       htdocs/admin/ldap.php
25 *      \ingroup    ldap
26 *      \brief      Page to setup module LDAP
27 */
28
29require '../main.inc.php';
30require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
31require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';
32require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
33
34// Load translation files required by the page
35$langs->load("admin");
36
37if (!$user->admin)
38	accessforbidden();
39
40$action = GETPOST('action', 'aZ09');
41
42// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
43$hookmanager->initHooks(array('adminldap', 'globaladmin'));
44
45/*
46 * Actions
47 */
48
49$parameters = array();
50$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
51if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
52
53if (empty($reshook))
54{
55	if ($action == 'setvalue' && $user->admin)
56	{
57		$error = 0;
58
59		$db->begin();
60
61		if (!dolibarr_set_const($db, 'LDAP_SERVER_TYPE', GETPOST("type", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++;
62		if (!dolibarr_set_const($db, 'LDAP_SERVER_PROTOCOLVERSION', GETPOST("LDAP_SERVER_PROTOCOLVERSION", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++;
63		if (!dolibarr_set_const($db, 'LDAP_SERVER_HOST', GETPOST("host", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) $error++;
64		if (!dolibarr_set_const($db, 'LDAP_SERVER_HOST_SLAVE', GETPOST("slave", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) $error++;
65		if (!dolibarr_set_const($db, 'LDAP_SERVER_PORT', GETPOST("port", 'int'), 'chaine', 0, '', $conf->entity)) $error++;
66		if (!dolibarr_set_const($db, 'LDAP_SERVER_DN', GETPOST("dn", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) $error++;
67		if (!dolibarr_set_const($db, 'LDAP_ADMIN_DN', GETPOST("admin", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) $error++;
68		if (!dolibarr_set_const($db, 'LDAP_ADMIN_PASS', GETPOST("pass", 'none'), 'chaine', 0, '', $conf->entity)) $error++;
69		if (!dolibarr_set_const($db, 'LDAP_SERVER_USE_TLS', GETPOST("usetls", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++;
70		if (!dolibarr_set_const($db, 'LDAP_SYNCHRO_ACTIVE', GETPOST("activesynchro", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++;
71		if (!dolibarr_set_const($db, 'LDAP_CONTACT_ACTIVE', GETPOST("activecontact", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++;
72		if (!dolibarr_set_const($db, 'LDAP_MEMBER_ACTIVE', GETPOST("activemembers", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++;
73		if (!dolibarr_set_const($db, 'LDAP_MEMBER_TYPE_ACTIVE', GETPOST("activememberstypes", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++;
74
75		if (!$error)
76		{
77			$db->commit();
78			setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
79		} else {
80			$db->rollback();
81			dol_print_error($db);
82		}
83	}
84}
85
86/*
87 * View
88 */
89
90llxHeader('', $langs->trans("LDAPSetup"), 'EN:Module_LDAP_En|FR:Module_LDAP|ES:M&oacute;dulo_LDAP');
91
92$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
93
94print load_fiche_titre($langs->trans("LDAPSetup"), $linkback, 'title_setup');
95
96$head = ldap_prepare_head();
97
98// Test si fonction LDAP actives
99if (!function_exists("ldap_connect"))
100{
101	setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors');
102}
103
104
105$form = new Form($db);
106
107
108print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue">';
109print '<input type="hidden" name="token" value="'.newToken().'">';
110
111print dol_get_fiche_head($head, 'ldap', $langs->trans("LDAPSetup"), -1);
112
113print '<table class="noborder centpercent">';
114
115// Liste de synchro actives
116print '<tr class="liste_titre">';
117print '<td colspan="3">'.$langs->trans("LDAPSynchronization").'</td>';
118print "</tr>\n";
119
120// Synchro utilisateurs/groupes active
121
122print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnSynchroActive").'</td><td>';
123$arraylist = array();
124$arraylist['0'] = $langs->trans("No");
125$arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr");
126$arraylist['dolibarr2ldap'] = $langs->trans("DolibarrToLDAP");
127print $form->selectarray('activesynchro', $arraylist, $conf->global->LDAP_SYNCHRO_ACTIVE);
128print '</td><td>'.$langs->trans("LDAPDnSynchroActiveExample");
129if ($conf->global->LDAP_SYNCHRO_ACTIVE && !$conf->global->LDAP_USER_DN)
130{
131	print '<br><font class="error">'.$langs->trans("LDAPSetupNotComplete").'</font>';
132}
133print '</td></tr>';
134
135// Synchro contact active
136if (!empty($conf->societe->enabled))
137{
138	print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnContactActive").'</td><td>';
139	$arraylist = array();
140	$arraylist['0'] = $langs->trans("No");
141	$arraylist['1'] = $langs->trans("DolibarrToLDAP");
142	print $form->selectarray('activecontact', $arraylist, $conf->global->LDAP_CONTACT_ACTIVE);
143	print '</td><td>'.$langs->trans("LDAPDnContactActiveExample").'</td></tr>';
144}
145
146// Synchro member active
147if (!empty($conf->adherent->enabled))
148{
149	print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnMemberActive").'</td><td>';
150	$arraylist = array();
151	$arraylist['0'] = $langs->trans("No");
152	$arraylist['1'] = $langs->trans("DolibarrToLDAP");
153	$arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')';
154	print $form->selectarray('activemembers', $arraylist, $conf->global->LDAP_MEMBER_ACTIVE);
155	print '</td><td>'.$langs->trans("LDAPDnMemberActiveExample").'</td></tr>';
156}
157
158// Synchro member type active
159if (!empty($conf->adherent->enabled))
160{
161	print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnMemberTypeActive").'</td><td>';
162	$arraylist = array();
163	$arraylist['0'] = $langs->trans("No");
164	$arraylist['1'] = $langs->trans("DolibarrToLDAP");
165	$arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')';
166	print $form->selectarray('activememberstypes', $arraylist, $conf->global->LDAP_MEMBER_TYPE_ACTIVE);
167	print '</td><td>'.$langs->trans("LDAPDnMemberTypeActiveExample").'</td></tr>';
168}
169
170// Fields from hook
171$parameters = array();
172$reshook = $hookmanager->executeHooks('addAdminLdapOptions', $parameters); // Note that $action and $object may have been modified by hook
173print $hookmanager->resPrint;
174
175print '<tr class="liste_titre">';
176print '<td>'.$langs->trans("Parameter").'</td>';
177print '<td>'.$langs->trans("Value").'</td>';
178print '<td>'.$langs->trans("Example").'</td>';
179print "</tr>\n";
180
181// Type
182print '<tr class="oddeven"><td>'.$langs->trans("Type").'</td><td>';
183$arraylist = array();
184$arraylist['activedirectory'] = 'Active Directory';
185$arraylist['openldap'] = 'OpenLdap';
186$arraylist['egroupware'] = 'Egroupware';
187print $form->selectarray('type', $arraylist, $conf->global->LDAP_SERVER_TYPE);
188print '</td><td>&nbsp;</td></tr>';
189
190// Version
191print '<tr class="oddeven"><td>'.$langs->trans("Version").'</td><td>';
192$arraylist = array();
193$arraylist['3'] = 'Version 3';
194$arraylist['2'] = 'Version 2';
195print $form->selectarray('LDAP_SERVER_PROTOCOLVERSION', $arraylist, $conf->global->LDAP_SERVER_PROTOCOLVERSION);
196print '</td><td>'.$langs->trans("LDAPServerProtocolVersion").'</td></tr>';
197
198// Serveur primaire
199print '<tr class="oddeven"><td>';
200print $langs->trans("LDAPPrimaryServer").'</td><td>';
201print '<input size="25" type="text" name="host" value="'.$conf->global->LDAP_SERVER_HOST.'">';
202print '</td><td>'.$langs->trans("LDAPServerExample").'</td></tr>';
203
204// Serveur secondaire
205print '<tr class="oddeven"><td>';
206print $langs->trans("LDAPSecondaryServer").'</td><td>';
207print '<input size="25" type="text" name="slave" value="'.$conf->global->LDAP_SERVER_HOST_SLAVE.'">';
208print '</td><td>'.$langs->trans("LDAPServerExample").'</td></tr>';
209
210// Port
211print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerPort").'</td><td>';
212if (!empty($conf->global->LDAP_SERVER_PORT))
213{
214	print '<input size="25" type="text" name="port" value="'.$conf->global->LDAP_SERVER_PORT.'">';
215} else {
216	print '<input size="25" type="text" name="port" value="389">';
217}
218print '</td><td>'.$langs->trans("LDAPServerPortExample").'</td></tr>';
219
220// DNserver
221print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerDn").'</td><td>';
222print '<input size="25" type="text" name="dn" value="'.$conf->global->LDAP_SERVER_DN.'">';
223print '</td><td>'.$langs->trans("LDAPServerDnExample").'</td></tr>';
224
225// Utiliser TLS
226print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerUseTLS").'</td><td>';
227$arraylist = array();
228$arraylist['0'] = $langs->trans("No");
229$arraylist['1'] = $langs->trans("Yes");
230print $form->selectarray('usetls', $arraylist, $conf->global->LDAP_SERVER_USE_TLS);
231print '</td><td>'.$langs->trans("LDAPServerUseTLSExample").'</td></tr>';
232
233print '<tr class="liste_titre">';
234print '<td colspan="3">'.$langs->trans("ForANonAnonymousAccess").'</td>';
235print "</tr>\n";
236
237// DNAdmin
238print '<tr class="oddeven"><td>'.$langs->trans("LDAPAdminDn").'</td><td>';
239print '<input size="25" type="text" name="admin" value="'.$conf->global->LDAP_ADMIN_DN.'">';
240print '</td><td>'.$langs->trans("LDAPAdminDnExample").'</td></tr>';
241
242// Pass
243print '<tr class="oddeven"><td>'.$langs->trans("LDAPPassword").'</td><td>';
244if (!empty($conf->global->LDAP_ADMIN_PASS))
245{
246	print '<input size="25" type="password" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">'; // je le met en visible pour test
247} else {
248	print '<input size="25" type="text" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">';
249}
250print '</td><td>'.$langs->trans('Password').' (ex: secret)</td></tr>';
251
252print '</table>';
253
254print dol_get_fiche_end();
255
256print '<div class="center"><input type="submit" class="button" value="'.$langs->trans("Modify").'"></div>';
257
258print '</form>';
259
260print '<br>';
261
262
263/*
264 * Test de la connexion
265 */
266if (function_exists("ldap_connect"))
267{
268	if (!empty($conf->global->LDAP_SERVER_HOST))
269	{
270		print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=test">'.$langs->trans("LDAPTestConnect").'</a><br><br>';
271	}
272
273	if ($_GET["action"] == 'test')
274	{
275		$ldap = new Ldap(); // Les parametres sont passes et recuperes via $conf
276
277		$result = $ldap->connect_bind();
278		if ($result > 0)
279		{
280			// Test ldap connect and bind
281			print img_picto('', 'info').' ';
282			print '<font class="ok">'.$langs->trans("LDAPTCPConnectOK", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT).'</font>';
283			print '<br>';
284
285			if ($conf->global->LDAP_ADMIN_DN && !empty($conf->global->LDAP_ADMIN_PASS))
286			{
287				if ($result == 2)
288				{
289					print img_picto('', 'info').' ';
290					print '<font class="ok">'.$langs->trans("LDAPBindOK", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</font>';
291					print '<br>';
292				} else {
293					print img_picto('', 'error').' ';
294					print '<font class="error">'.$langs->trans("LDAPBindKO", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</font>';
295					print '<br>';
296					print $langs->trans("Error").' '.$ldap->error;
297					print '<br>';
298				}
299			} else {
300				print img_picto('', 'warning').' ';
301				print '<font class="warning">'.$langs->trans("LDAPNoUserOrPasswordProvidedAccessIsReadOnly").'</font>';
302				print '<br>';
303			}
304
305
306			// Test ldap_getversion
307			if (($ldap->getVersion() == 3))
308			{
309				print img_picto('', 'info').' ';
310				print '<font class="ok">'.$langs->trans("LDAPSetupForVersion3").'</font>';
311				print '<br>';
312			} else {
313				print img_picto('', 'info').' ';
314				print '<font class="ok">'.$langs->trans("LDAPSetupForVersion2").'</font>';
315				print '<br>';
316			}
317
318			$unbind = $ldap->unbind();
319		} else {
320			print img_picto('', 'error').' ';
321			print '<font class="error">'.$langs->trans("LDAPTCPConnectKO", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT).'</font>';
322			print '<br>';
323			print $langs->trans("Error").' '.$ldap->error;
324			print '<br>';
325		}
326	}
327}
328
329// End of page
330llxFooter();
331$db->close();
332