X-Git-Url: http://git.rot13.org/?p=virtual-ldap;a=blobdiff_plain;f=lib%2FLDAP%2FKoha.pm;h=540d2783fdef3875e183e4e85cf4a8be1ac888e2;hp=80af0d3c18efb0361694e19c393a2688640d8cb2;hb=455a72f2613cd8b182b03972cdd1160a40198dc6;hpb=bb4b025904b75f9548590e86572348705cd74744 diff --git a/lib/LDAP/Koha.pm b/lib/LDAP/Koha.pm index 80af0d3..540d278 100644 --- a/lib/LDAP/Koha.pm +++ b/lib/LDAP/Koha.pm @@ -2,15 +2,20 @@ package LDAP::Koha; use strict; use warnings; -use Data::Dump qw/dump/; use lib '../lib'; + use Net::LDAP::Constant qw(LDAP_SUCCESS); use Net::LDAP::Server; use base 'Net::LDAP::Server'; use fields qw(); use DBI; +use File::Slurp; + +use Data::Dump qw/dump/; + +my $debug = 0; # XXX very slow # XXX test with: # @@ -22,9 +27,10 @@ our $database = 'koha'; our $user = 'unconfigured-user'; our $passwd = 'unconfigured-password'; -our $max_results = 3; # 100; # FIXME +our $max_results = $ENV{MAX_RESULTS} || 3000; # FIXME must be enough for all users +our $objectclass_default = 'hrEduPerson'; -our $objectclass = 'HrEduPerson'; +our $objectclass; $SIG{__DIE__} = sub { warn "!!! DIE ", @_; @@ -33,64 +39,14 @@ $SIG{__DIE__} = sub { require 'config.pl' if -e 'config.pl'; -my $dbh = DBI->connect($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 1 }) || die $DBI::errstr; - -# Net::LDAP::Entry will lc all our attribute names anyway, so -# we don't really care about correctCapitalization for LDAP -# attributes which won't pass through DBI -my $objectclass_sql = { - -HrEduPerson => q{ - - select - concat('uid=',trim(userid),',dc=ffzg,dc=hr') as dn, - 'person - organizationalPerson - inetOrgPerson - hrEduPerson' as objectClass, - - trim(userid) as uid, - firstname as givenName, - surname as sn, - concat(firstname,' ',surname) as cn, - - -- SAFEQ specific mappings from UMgr-LDAP.conf - cardnumber as objectGUID, - surname as displayName, - rfid_sid as pager, - email as mail, - categorycode as ou, - categorycode as organizationalUnit, - categorycode as memberOf, - categorycode as department, - concat('/home/',borrowernumber) as homeDirectory - from borrowers - -}, - -organizationalUnit => q{ - - select - concat('ou=',categorycode) as dn, - 'organizationalUnit - top' as objectClass, - - hex(md5(categorycode)) % 10000 as objectGUID, - - categorycode as ou, - description as displayName - from categories - -}, -}; - # we need reverse LDAP -> SQL mapping for where clause + my $ldap_sql_mapping = { 'uid' => 'userid', - 'objectGUID' => 'borrowernumber', + 'objectGUID' => 'b.borrowernumber', 'displayName' => 'surname', 'sn' => 'surname', - 'pager' => 'rfid_sid', + 'pager' => 'a.attribute', # was: rfid_sid }; sub __sql_column { @@ -158,6 +114,34 @@ sub __ldap_search_to_sql { } } + +# my ( $dn,$attributes ) = _dn_attributes( $row, $base ); + +sub _dn_attributes { + my ($row,$base) = @_; + + warn "## row = ",dump( $row ) if $debug; + + die "no objectClass column in ",dump( $row ) unless defined $row->{objectClass}; + + $row->{objectClass} = [ split(/\s+/, $row->{objectClass}) ] if $row->{objectClass} =~ m{\n}; + + warn "## row = ",dump( $row ) if $debug; + + my $dn = delete( $row->{dn} ) || die "no dn in ",dump( $row ); + + # this does some sanity cleanup for our data +# my $base_as_domain = $base; +# $base_as_domain =~ s{dn=}{.}; +# $base_as_domain =~ s{^\.}{@}; +# $dn =~ s{$base_as_domain$}{}; +# +# $dn .= ',' . $base unless $dn =~ m{,}; # add base if none present + + return ($dn, $row); +} + + # the search operation sub search { my $self = shift; @@ -173,6 +157,7 @@ sub search { my $sql_where = ''; @values = (); + $objectclass = ''; foreach my $filter ( keys %{ $reqData->{'filter'} } ) { @@ -194,44 +179,79 @@ sub search { } } - $sql_where .= ' ' . join( " $filter ", @limits ); - } else { __ldap_search_to_sql( $filter, $reqData->{'filter'}->{$filter} ); } + $sql_where .= ' ' . join( " $filter ", @limits ) if @limits; + } + $objectclass ||= $objectclass_default; + + my $sql_select = read_file( lc "sql/$objectclass.sql" ); if ( $sql_where ) { - $sql_where = " where $sql_where"; + if ( $sql_select !~ m{where}i ) { + $sql_where = " where $sql_where"; + } else { + $sql_where = " and $sql_where"; + } } - my $sql_select = $objectclass_sql->{ $objectclass } || die "can't find SQL query for $objectclass"; - warn "# SQL:\n$sql_select\n$sql_where\n# DATA: ",dump( @values ); - my $sth = $dbh->prepare( $sql_select . $sql_where . " LIMIT $max_results" ); # XXX remove limit? + my $sql + = $sql_select + . $sql_where +# . ( $objectclass =~ m{person}i ? " LIMIT $max_results" : '' ) # add limit just for persons + ; + + warn "# SQL:\n$sql\n# DATA: ",dump( @values ); + my $dbh = DBI->connect_cached($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 1 }) || die $DBI::errstr; + my $sth = $dbh->prepare( $sql ); $sth->execute( @values ); warn "# ", $sth->rows, " results for ",dump( $reqData->{'filter'} ); + my $last_dn = '?'; + my $entry; + while (my $row = $sth->fetchrow_hashref) { - die "no objectClass column in $sql_select" unless defined $row->{objectClass}; + my ( $dn, $attributes ) = _dn_attributes( $row, $base ); + + warn "# dn $last_dn ... $dn\n"; + + if ( $dn ne $last_dn ) { + + if ( $entry ) { + #$entry->changetype( 'modify' ); + warn "### entry ",$entry->dump( \*STDERR ); + push @entries, $entry; + undef $entry; + } + + $dn =~ s{@[^,]+}{}; - $row->{objectClass} = [ split(/\s+/, $row->{objectClass}) ] if $row->{objectClass} =~ m{\n}; + $entry = Net::LDAP::Entry->new; + $entry->dn( $dn ); - warn "## row = ",dump( $row ); + $entry->add( %$attributes ); - my $dn = delete( $row->{dn} ) || die "no dn in $sql_select"; + } else { + foreach my $n ( keys %$attributes ) { + my $v = $attributes->{$n}; + warn "# attr $n = $v\n"; + $entry->add( $n, $v ) if $entry->get_value( $n ) ne $v; + } + } - my $entry = Net::LDAP::Entry->new; - $entry->dn( $dn ); - $entry->add( %$row ); - #$entry->changetype( 'modify' ); + $last_dn = $dn; - warn "### entry ",$entry->dump( \*STDERR ); + } + if ( $entry ) { + warn "### last entry ",$entry->dump( \*STDERR ); push @entries, $entry; }