our $user = 'unconfigured-user';
our $passwd = 'unconfigured-password';
-our $max_results = 3; # 100; # FIXME
+our $max_results = 10; # 100; # FIXME
require 'config.pl' if -e 'config.pl';
-my $dbh = DBI->connect($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 0 }) || die $DBI::errstr;
+my $dbh = DBI->connect($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 1 }) || die $DBI::errstr;
# Net::LDAP::Entry will lc all our attribute names anyway, so
# we don't really care about correctCapitalization for LDAP
my $sql_select = q{
select
trim(userid) as uid,
- firstname as givenName,
- surname as sn,
- concat(firstname,' ',surname) as cn,
+ firstname as givenName,
+ surname as sn,
+ concat(firstname,' ',surname) as cn,
-- SAFEQ specific mappings from UMgr-LDAP.conf
- concat(firstname,' ',surname) as displayName,
- cardnumber as otherPager,
- email as mail,
+ surname as displayName,
+ rfid_sid as pager,
+ email as mail,
+ categorycode as ou,
categorycode as organizationalUnit,
+ categorycode as memberOf,
+ categorycode as department,
borrowernumber as objectGUID,
- concat('/home/',borrowernumber) as homeDirectory
+ concat('/home/',borrowernumber) as homeDirectory
from borrowers
};
-# needed for where clause
-my $sql_ldap_mapping = {
- 'userid' => 'uid',
- 'borrowernumber' => 'objectGUID',
+# we need reverse LDAP -> SQL mapping for where clause
+my $ldap_sql_mapping = {
+ 'uid' => 'userid',
+ 'objectGUID' => 'borrowernumber',
+ 'displayName' => 'surname',
+ 'sn' => 'surname',
+ 'pager' => 'rfid_sid',
};
# attributes which are same for whole set, but somehow
'objectclass' => 1,
};
-my $ldap_sql_mapping;
-while ( my ($sql,$ldap) = each %$sql_ldap_mapping ) {
- $ldap_sql_mapping->{ $ldap } = $sql;
-}
-
sub __sql_column {
my $name = shift;
$ldap_sql_mapping->{$name} || $name;
return RESULT_OK;
}
+our @values;
+our @limits;
+
+sub __ldap_search_to_sql {
+ my ( $how, $what ) = @_;
+ warn "### __ldap_search_to_sql $how ",dump( $what ),"\n";
+ if ( $how eq 'equalityMatch' && defined $what ) {
+ my $name = $what->{attributeDesc} || warn "ERROR: no attributeDesc?";
+ my $value = $what->{assertionValue} || warn "ERROR: no assertionValue?";
+ if ( ! $ldap_ignore->{ $name } ) {
+ push @limits, __sql_column($name) . ' = ?';
+ push @values, $value;
+ } else {
+ warn "IGNORED: $name = $value";
+ }
+ } elsif ( $how eq 'substrings' ) {
+ foreach my $substring ( @{ $what->{substrings} } ) {
+ my $name = $what->{type} || warn "ERROR: no type?";
+ while ( my($op,$value) = each %$substring ) {
+ push @limits, __sql_column($name) . ' LIKE ?';
+ if ( $op eq 'any' ) {
+ $value = '%' . $value . '%';
+ } else {
+ warn "UNSUPPORTED: op $op - using plain $value";
+ }
+ push @values, $value;
+ }
+ }
+ } elsif ( $how eq 'present' ) {
+ my $name = __sql_column( $what );
+ push @limits, "$name IS NOT NULL and length($name) > 1";
+ ## XXX length(foo) > 1 to avoid empty " " strings
+ } else {
+ warn "UNSUPPORTED: $how ",dump( $what );
+ }
+}
+
# the search operation
sub search {
my $self = shift;
if ( $reqData->{'filter'} ) {
my $sql_where = '';
- my @values;
+ @values = ();
- foreach my $join_with ( keys %{ $reqData->{'filter'} } ) {
+ foreach my $filter ( keys %{ $reqData->{'filter'} } ) {
- warn "## join_with $join_with\n";
+ warn "## filter $filter ", dump( $reqData->{'filter'}->{ $filter } ), "\n";
- my @limits;
+ @limits = ();
- foreach my $filter ( @{ $reqData->{'filter'}->{ $join_with } } ) {
- warn "### filter ",dump($filter),$/;
- foreach my $how ( keys %$filter ) {
- warn "### how $how\n";
- if ( $how eq 'equalityMatch' && defined $filter->{$how} ) {
- my $name = $filter->{$how}->{attributeDesc} || warn "ERROR: no attributeDesc?";
- my $value = $filter->{$how}->{assertionValue} || warn "ERROR: no assertionValue?";
- if ( ! $ldap_ignore->{ $name } ) {
- push @limits, __sql_column($name) . ' = ?';
- push @values, $value;
- }
- } elsif ( $how eq 'substrings' ) {
- foreach my $substring ( @{ $filter->{$how}->{substrings} } ) {
- my $name = $filter->{$how}->{type} || warn "ERROR: no type?";
- while ( my($op,$value) = each %$substring ) {
- push @limits, __sql_column($name) . ' LIKE ?';
- if ( $op eq 'any' ) {
- $value = '%' . $value . '%';
- } else {
- warn "UNSUPPORTED: op $op - using plain $value";
- }
- push @values, $value;
- }
+ if ( ref $reqData->{'filter'}->{ $filter } eq 'ARRAY' ) {
+
+ foreach my $filter ( @{ $reqData->{'filter'}->{ $filter } } ) {
+ warn "### filter ",dump($filter),$/;
+ foreach my $how ( keys %$filter ) {
+ if ( $how eq 'or' ) {
+ __ldap_search_to_sql( %$_ ) foreach ( @{ $filter->{$how} } );
+ } else {
+ __ldap_search_to_sql( $how, $filter->{$how} );
}
- } elsif ( $how eq 'present' ) {
- my $name = __sql_column( $filter->{$how} );
- push @limits, "$name IS NOT NULL and length($name) > 1";
- ## XXX length(foo) > 1 to avoid empty " " strings
- } else {
- warn "UNSUPPORTED: how $how ",dump( $filter );
+ warn "## limits ",dump(@limits), " values ",dump(@values);
}
- warn "## limits ",dump(@limits), " values ",dump(@values);
}
- }
- $sql_where .= ' ' . join( " $join_with ", @limits );
+ $sql_where .= ' ' . join( " $filter ", @limits );
+
+ } else {
+ __ldap_search_to_sql( $filter, $reqData->{'filter'}->{$filter} );
+ }
}
$sql_where = " where $sql_where";
}
- warn "# SQL:\n$sql_select $sql_where\n# DATA: ",dump( @values );
+ warn "# SQL:\n$sql_select\n$sql_where\n# DATA: ",dump( @values );
my $sth = $dbh->prepare( $sql_select . $sql_where . " LIMIT $max_results" ); # XXX remove limit?
$sth->execute( @values );
my $dn = 'uid=' . $row->{uid} || die "no uid";
$dn =~ s{[@\.]}{,dc=}g;
+ $dn .= ',' . $base unless $dn =~ m{dc}i;
my $entry = Net::LDAP::Entry->new;
- $entry->dn( $dn . $base );
+ $entry->dn( $dn );
+ $entry->add( objectClass => [
+ "person",
+ "organizationalPerson",
+ "inetOrgPerson",
+ "hrEduPerson",
+ ] );
$entry->add( %$row );
- #warn "### entry ",dump( $entry );
+ #$entry->changetype( 'modify' );
+
+ warn "### entry ",$entry->dump( \*STDERR );
push @entries, $entry;
}