Scalr\Net\Ldap\LdapClient::getUserGroups PHP Method

LdapClient Class Documentation Show file Open project: scalr/scalr

getUserGroups() public method

Gets the list of the groups in which specified user has memberships.
public getUserGroups ( ) : array
return array Returns array of the sAMAccount name of the Groups 
    public function getUserGroups()
    {
        $this->log('%s is called.', __FUNCTION__);
        $name = strtok($this->username, '@');
        $groups = array();
        $this->getConnection();
        //Ldap bind
        if (!$this->isbound && (!empty($this->config->user) && !empty($this->password))) {
            if ($this->bindRdn() === false) {
                throw new Exception\LdapException(sprintf("Could not bind LDAP. %s", $this->getLdapError()));
            }
        }
        if (empty($this->dn)) {
            $filter = sprintf('(&%s(' . $this->getConfig()->usernameAttribute . '=%s))', $this->config->userFilter, self::realEscape($name));
            $query = @ldap_search($this->conn, $this->config->baseDn, $filter, array('dn'), 0, 1);
            $this->log("Query user baseDn:%s filter:%s - %s", $this->config->baseDn, $filter, $query !== false ? 'OK' : 'Failed');
            if ($query === false) {
                throw new Exception\LdapException(sprintf("Could not perform ldap_search. %s", $this->getLdapError()));
            }
            $results = ldap_get_entries($this->conn, $query);
            $this->dn = $results[0]['dn'];
        }
        $baseDn = !empty($this->config->baseDnGroups) ? $this->config->baseDnGroups : $this->config->baseDn;
        if ($this->memberofDn !== null && empty($this->memberofDn)) {
            //User has no membership in any group.
            return array();
        }
        if ($this->getConfig()->bindType == 'openldap') {
            $uid = $this->uid ? $this->uid : $this->username;
            if ($this->getConfig()->groupMemberAttributeType == 'unix_netgroup') {
                $filter = "(&" . $this->config->groupFilter . "(" . $this->getConfig()->groupMemberAttribute . "" . ($this->config->groupNesting ? ":1.2.840.113556.1.4.1941:" : "") . '=\\(,' . self::escape($uid) . ',\\)))';
            } elseif ($this->getConfig()->groupMemberAttributeType == 'regular') {
                $filter = "(&" . $this->config->groupFilter . "(" . $this->getConfig()->groupMemberAttribute . "" . ($this->config->groupNesting ? ":1.2.840.113556.1.4.1941:" : "") . '=' . self::escape($uid) . '))';
            } elseif ($this->getConfig()->groupMemberAttributeType == 'user_dn') {
                $filter = "(&" . $this->config->groupFilter . "(" . $this->getConfig()->groupMemberAttribute . "" . ($this->config->groupNesting ? ":1.2.840.113556.1.4.1941:" : "") . '=' . self::escape($this->username) . '))';
            }
        } else {
            $filter = "(&" . $this->config->groupFilter . "(" . $this->getConfig()->groupMemberAttribute . "" . ($this->config->groupNesting ? ":1.2.840.113556.1.4.1941:" : "") . "=" . ldap_escape($this->dn, null, LDAP_ESCAPE_FILTER) . "))";
        }
        $search = @ldap_search($this->conn, $baseDn, $filter, array($this->getConfig()->groupnameAttribute));
        $this->log("Query user's groups baseDn:%s filter:%s - %s", $baseDn, $filter, $search !== false ? 'OK' : 'Failed');
        if ($search === false) {
            throw new Exception\LdapException(sprintf("Could not perform ldap_search. %s", $this->getLdapError()));
        }
        $results = ldap_get_entries($this->conn, $search);
        for ($item = 0; $item < $results['count']; $item++) {
            $groups[] = $results[$item][strtolower($this->getConfig()->groupnameAttribute)][0];
        }
        $this->log("Found groups: %s", implode(", ", $groups));
        return $groups;
    }
LdapClient
__construct
__destruct
__sleep
__wakeup
bindRdn
clearLog
escape
getConfig
getConnection
getEmail
getFullName
getGroupsDetails
getLdapError
getLog
getUserGroups
getUsername
isValidUser
isValidUsername
log
realEscape
unbind