X-Git-Url: http://git.rot13.org/?p=virtual-ldap;a=blobdiff_plain;f=lib%2FLDAP%2FKoha.pm;h=8e3a1e7b51ede52cb9495741ea3d56fa588d54cc;hp=801c4fdec6abf06bf369d4c7793c4aadc89e021d;hb=9922a45d7172d7abe45fa1b934e7d10a37d65e14;hpb=e677132070a88d0c06e6d8b98dd062202f3a2099 diff --git a/lib/LDAP/Koha.pm b/lib/LDAP/Koha.pm index 801c4fd..8e3a1e7 100644 --- a/lib/LDAP/Koha.pm +++ b/lib/LDAP/Koha.pm @@ -22,29 +22,55 @@ our $database = 'koha'; our $user = 'unconfigured-user'; our $passwd = 'unconfigured-password'; +our $max_results = 10; # 100; # FIXME + require 'config.pl' if -e 'config.pl'; -my $dbh = DBI->connect($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 0 }) || die $DBI::errstr; +my $dbh = DBI->connect($dsn . $database, $user,$passwd, { RaiseError => 1, AutoCommit => 1 }) || die $DBI::errstr; # Net::LDAP::Entry will lc all our attribute names anyway, so # we don't really care about correctCapitalization for LDAP # attributes which won't pass through DBI -my $sth = $dbh->prepare(q{ +my $sql_select = q{ select - userid as uid, - firstname as givenName, - surname as sn, - concat( - firstname, - ' ', - surname - ) as cn, - cardnumber as otherPager, - email as mail + trim(userid) as uid, + firstname as givenName, + surname as sn, + concat(firstname,' ',surname) as cn, + + -- SAFEQ specific mappings from UMgr-LDAP.conf + surname as displayName, + rfid_sid as pager, + email as mail, + categorycode as ou, + categorycode as organizationalUnit, + categorycode as memberOf, + categorycode as department, + borrowernumber as objectGUID, + concat('/home/',borrowernumber) as homeDirectory from borrowers - where - cardnumber = ? -}); +}; + +# we need reverse LDAP -> SQL mapping for where clause +my $ldap_sql_mapping = { + 'uid' => 'userid', + 'objectGUID' => 'borrowernumber', + 'displayName' => 'surname', + 'sn' => 'surname', + 'pager' => 'rfid_sid', +}; + +# attributes which are same for whole set, but somehow +# LDAP clients are sending they anyway and we don't +# have them in database +my $ldap_ignore = { + 'objectclass' => 1, +}; + +sub __sql_column { + my $name = shift; + $ldap_sql_mapping->{$name} || $name; +} use constant RESULT_OK => { 'matchedDN' => '', @@ -68,24 +94,96 @@ sub bind { return RESULT_OK; } +our @values; +our @limits; + +sub __ldap_search_to_sql { + my ( $how, $what ) = @_; + warn "### __ldap_search_to_sql $how ",dump( $what ),"\n"; + if ( $how eq 'equalityMatch' && defined $what ) { + my $name = $what->{attributeDesc} || warn "ERROR: no attributeDesc?"; + my $value = $what->{assertionValue} || warn "ERROR: no assertionValue?"; + if ( ! $ldap_ignore->{ $name } ) { + push @limits, __sql_column($name) . ' = ?'; + push @values, $value; + } else { + warn "IGNORED: $name = $value"; + } + } elsif ( $how eq 'substrings' ) { + foreach my $substring ( @{ $what->{substrings} } ) { + my $name = $what->{type} || warn "ERROR: no type?"; + while ( my($op,$value) = each %$substring ) { + push @limits, __sql_column($name) . ' LIKE ?'; + if ( $op eq 'any' ) { + $value = '%' . $value . '%'; + } else { + warn "UNSUPPORTED: op $op - using plain $value"; + } + push @values, $value; + } + } + } elsif ( $how eq 'present' ) { + my $name = __sql_column( $what ); + push @limits, "$name IS NOT NULL and length($name) > 1"; + ## XXX length(foo) > 1 to avoid empty " " strings + } else { + warn "UNSUPPORTED: $how ",dump( $what ); + } +} + # the search operation sub search { my $self = shift; my $reqData = shift; print "searching...\n"; - warn "# request = ", dump($reqData); + warn "# " . localtime() . " request = ", dump($reqData); my $base = $reqData->{'baseObject'}; # FIXME use it? my @entries; - if ( $reqData->{'filter'}->{'equalityMatch'}->{'attributeDesc'} eq 'otherPager' ) { + if ( $reqData->{'filter'} ) { + + my $sql_where = ''; + @values = (); + + foreach my $join_with ( keys %{ $reqData->{'filter'} } ) { + + warn "## join_with $join_with ", dump( $reqData->{'filter'}->{ $join_with } ), "\n"; - my $value = $reqData->{'filter'}->{'equalityMatch'}->{'assertionValue'} || die "no value?"; + @limits = (); - $sth->execute( $value ); + if ( ref $reqData->{'filter'}->{ $join_with } eq 'ARRAY' ) { - warn "# ", $sth->rows, " results for: $value\n"; + foreach my $filter ( @{ $reqData->{'filter'}->{ $join_with } } ) { + warn "### filter ",dump($filter),$/; + foreach my $how ( keys %$filter ) { + if ( $how eq 'or' ) { + __ldap_search_to_sql( %$_ ) foreach ( @{ $filter->{$how} } ); + } else { + __ldap_search_to_sql( $how, $filter->{$how} ); + } + warn "## limits ",dump(@limits), " values ",dump(@values); + } + } + + $sql_where .= ' ' . join( " $join_with ", @limits ); + + } else { + __ldap_search_to_sql( $join_with, $reqData->{'filter'}->{$join_with} ); + } + + } + + if ( $sql_where ) { + $sql_where = " where $sql_where"; + } + + warn "# SQL:\n$sql_select\n$sql_where\n# DATA: ",dump( @values ); + my $sth = $dbh->prepare( $sql_select . $sql_where . " LIMIT $max_results" ); # XXX remove limit? + $sth->execute( @values ); + + warn "# ", $sth->rows, " results for ",dump( $reqData->{'filter'} ); while (my $row = $sth->fetchrow_hashref) { @@ -93,12 +191,21 @@ sub search { my $dn = 'uid=' . $row->{uid} || die "no uid"; $dn =~ s{[@\.]}{,dc=}g; + $dn .= ',' . $base unless $dn =~ m{dc}i; my $entry = Net::LDAP::Entry->new; $entry->dn( $dn ); + $entry->add( objectClass => [ + "person", + "organizationalPerson", + "inetOrgPerson", + "hrEduPerson", + ] ); $entry->add( %$row ); - #warn "## entry ",dump( $entry ); + #$entry->changetype( 'modify' ); + + warn "### entry ",$entry->dump( \*STDERR ); push @entries, $entry; }