X-Git-Url: http://git.rot13.org/?p=virtual-ldap;a=blobdiff_plain;f=lib%2FLDAP%2FKoha.pm;h=05532eae0b6a1cfe0f581e1f7841610c894c1f1a;hp=8e3a1e7b51ede52cb9495741ea3d56fa588d54cc;hb=393f5f337f96d9db5cad0d840aea07048b4f2d00;hpb=9922a45d7172d7abe45fa1b934e7d10a37d65e14

diff --git a/lib/LDAP/Koha.pm b/lib/LDAP/Koha.pm
index 8e3a1e7..05532ea 100644
--- a/lib/LDAP/Koha.pm
+++ b/lib/LDAP/Koha.pm
@@ -2,15 +2,18 @@ package LDAP::Koha;
 
 use strict;
 use warnings;
-use Data::Dump qw/dump/;
 
 use lib '../lib';
+
 use Net::LDAP::Constant qw(LDAP_SUCCESS);
 use Net::LDAP::Server;
 use base 'Net::LDAP::Server';
 use fields qw();
 
 use DBI;
+use File::Slurp;
+
+use Data::Dump qw/dump/;
 
 # XXX test with:
 #
@@ -22,36 +25,21 @@ our $database = 'koha';
 our $user     = 'unconfigured-user';
 our $passwd   = 'unconfigured-password';
 
-our $max_results = 10; # 100; # FIXME
+our $max_results = 3000; # FIXME must be enough for all users
+
+our $objectclass = 'HrEduPerson';
+
+$SIG{__DIE__} = sub {
+	warn "!!! DIE ", @_;
+	die @_;
+};
 
 require 'config.pl' if -e 'config.pl';
 
 my $dbh = DBI->connect($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 1 }) || die $DBI::errstr;
 
-# Net::LDAP::Entry will lc all our attribute names anyway, so
-# we don't really care about correctCapitalization for LDAP
-# attributes which won't pass through DBI
-my $sql_select = q{
-	select
-		trim(userid)					as uid,
-		firstname					as givenName,
-		surname						as sn,
-		concat(firstname,' ',surname)			as cn,
-
-		-- SAFEQ specific mappings from UMgr-LDAP.conf
-		surname						as displayName,
-		rfid_sid					as pager,
-		email						as mail,
-		categorycode					as ou,
-		categorycode					as organizationalUnit,
-		categorycode					as memberOf,
-		categorycode					as department,
-		borrowernumber					as objectGUID,
-		concat('/home/',borrowernumber)			as homeDirectory
-	from borrowers
-};
-
 # we need reverse LDAP -> SQL mapping for where clause
+
 my $ldap_sql_mapping = {
 	'uid'		=> 'userid',
 	'objectGUID'	=> 'borrowernumber',
@@ -60,13 +48,6 @@ my $ldap_sql_mapping = {
 	'pager'		=> 'rfid_sid',
 };
 
-# attributes which are same for whole set, but somehow
-# LDAP clients are sending they anyway and we don't
-# have them in database
-my $ldap_ignore = {
-	'objectclass' => 1,
-};
-
 sub __sql_column {
 	my $name = shift;
 	$ldap_sql_mapping->{$name} || $name;
@@ -103,11 +84,12 @@ sub __ldap_search_to_sql {
 	if ( $how eq 'equalityMatch' && defined $what ) {
 		my $name = $what->{attributeDesc} || warn "ERROR: no attributeDesc?";
 		my $value = $what->{assertionValue} || warn "ERROR: no assertionValue?";
-		if ( ! $ldap_ignore->{ $name } ) {
+
+		if ( lc $name eq 'objectclass' ) {
+			$objectclass = $value;
+		} else {
 			push @limits, __sql_column($name) . ' = ?';
 			push @values, $value;
-		} else {
-			warn "IGNORED: $name = $value";
 		}
 	} elsif ( $how eq 'substrings' ) {
 		foreach my $substring ( @{ $what->{substrings} } ) {
@@ -131,6 +113,34 @@ sub __ldap_search_to_sql {
 	}
 }
 
+
+# my ( $dn,$attributes ) = _dn_attributes( $row, $base );
+
+sub _dn_attributes {
+	my ($row,$base) = @_;
+
+	warn "## row = ",dump( $row );
+
+	die "no objectClass column in ",dump( $row ) unless defined $row->{objectClass};
+
+	$row->{objectClass} = [ split(/\s+/, $row->{objectClass}) ] if $row->{objectClass} =~ m{\n};
+
+	warn "## row = ",dump( $row );
+
+	my $dn = delete( $row->{dn} ) || die "no dn in ",dump( $row );
+
+	# this does some sanity cleanup for our data
+	my $base_as_domain = $base;
+	$base_as_domain =~ s{dn=}{.};
+	$base_as_domain =~ s{^\.}{@};
+	$dn =~ s{$base_as_domain$}{};
+
+	$dn .= ',' . $base unless $dn =~ m{,}; # add base if none present
+
+	return ($dn, $row);
+}
+
+
 # the search operation
 sub search {
 	my $self = shift;
@@ -147,15 +157,15 @@ sub search {
 		my $sql_where = '';
 		@values = ();
 
-		foreach my $join_with ( keys %{ $reqData->{'filter'} } ) {
+		foreach my $filter ( keys %{ $reqData->{'filter'} } ) {
 
-			warn "## join_with $join_with ", dump( $reqData->{'filter'}->{ $join_with } ), "\n";
+			warn "## filter $filter ", dump( $reqData->{'filter'}->{ $filter } ), "\n";
 
 			@limits = ();
 
-			if ( ref $reqData->{'filter'}->{ $join_with } eq 'ARRAY' ) {
+			if ( ref $reqData->{'filter'}->{ $filter } eq 'ARRAY' ) {
 
-				foreach my $filter ( @{ $reqData->{'filter'}->{ $join_with } } ) {
+				foreach my $filter ( @{ $reqData->{'filter'}->{ $filter } } ) {
 					warn "### filter ",dump($filter),$/;
 					foreach my $how ( keys %$filter ) {
 						if ( $how eq 'or' ) {
@@ -167,49 +177,65 @@ sub search {
 					}
 				}
 
-				$sql_where .= ' ' . join( " $join_with ", @limits );
-
 			} else {
-				__ldap_search_to_sql( $join_with, $reqData->{'filter'}->{$join_with} );
+				__ldap_search_to_sql( $filter, $reqData->{'filter'}->{$filter} );
 			}
 
+			$sql_where .= ' ' . join( " $filter ", @limits );
+
 		}
 
 		if ( $sql_where ) {
 			$sql_where = " where $sql_where";
 		}
 
-		warn "# SQL:\n$sql_select\n$sql_where\n# DATA: ",dump( @values );
+		my $sql_select = read_file( lc "sql/$objectclass.sql" );
+
+		warn "# SQL:\n$sql_select\n", $sql_where ? $sql_where : '-- no where', "\n# DATA: ",dump( @values );
 		my $sth = $dbh->prepare( $sql_select . $sql_where . " LIMIT $max_results" ); # XXX remove limit?
 		$sth->execute( @values );
 
 		warn "# ", $sth->rows, " results for ",dump( $reqData->{'filter'} );
 
+		my $last_dn = '?';
+		my $entry;
+
 		while (my $row = $sth->fetchrow_hashref) {
 
-			warn "## row = ",dump( $row );
+			my ( $dn, $attributes ) = _dn_attributes( $row, $base );
+
+			warn "# dn $last_dn ... $dn\n";
+
+			if ( $dn ne $last_dn ) {
+
+				if ( $entry ) {
+					#$entry->changetype( 'modify' );
+					warn "### entry ",$entry->dump( \*STDERR );
+					push @entries, $entry;
+					undef $entry;
+				}
+
+				$entry = Net::LDAP::Entry->new;
+				$entry->dn( $dn );
 
-			my $dn = 'uid=' . $row->{uid} || die "no uid";
-			$dn =~ s{[@\.]}{,dc=}g;
-			$dn .= ',' . $base unless $dn =~ m{dc}i;
+				$entry->add( %$attributes );
 
-			my $entry = Net::LDAP::Entry->new;
-			$entry->dn( $dn );
-			$entry->add( objectClass => [
-				"person",
-				"organizationalPerson",
-				"inetOrgPerson",
-				"hrEduPerson",
-			] );
-			$entry->add( %$row );
+			} else {
+				foreach my $n ( keys %$attributes ) {
+					my $v = $attributes->{$n};
+					warn "# attr $n = $v\n";
+					$entry->add( $n, $v ) if $entry->get_value( $n ) ne $v;
+				}
+			}
 
-			#$entry->changetype( 'modify' );
 
-			warn "### entry ",$entry->dump( \*STDERR );
+			$last_dn = $dn;
 
-			push @entries, $entry;
 		}
 
+		warn "### last entry ",$entry->dump( \*STDERR );
+		push @entries, $entry;
+
 	} else {
 		warn "UNKNOWN request: ",dump( $reqData );
 	}