made rbac dfn-aai ready: if a domain (e.g. uni-xy.de) is not present yet in...

made rbac dfn-aai ready: if a domain (e.g. uni-xy.de) is not present yet in RBAC, it will be created once its first user logs in. git-svn-id: https://textgridlab.org/svn/textgrid/trunk/middleware/tgauth@2475 7c539038-3410-0410-b1ec-0f2a7bf1c452

made rbac dfn-aai ready: if a domain (e.g. uni-xy.de) is not present yet in...
f957a66f · Martin Haase · b49b68e6 · f957a66f
Commit f957a66f authored 16 years ago by Martin Haase
--- a/info.textgrid.middleware.tgauth.rbac/rbacSoap/TgAdministration.class.php
+++ b/info.textgrid.middleware.tgauth.rbac/rbacSoap/TgAdministration.class.php
@@ -12,6 +12,7 @@ class TgAdministration {
  // Global variables
  protected $rbac;
  protected $config;
+  protected $connection;



@@ -30,6 +31,16 @@ class TgAdministration {

    $this->config = new SimpleConfig( $inConfigurationFilename );

+
+    // Create connection
+    $this->connection['user'] = new LDAP();
+    $this->connection['user']->connect( $this->config->getValue( "authentication", "host" ),
+                                        $this->config->getValue( "authentication", "port" ),
+                                        $this->config->getValue( "authentication", "version" ),
+                                        preg_match( "/yes/i", $this->config->getValue( "authentication", "tls" ) ) ? true : false );
+    $this->connection['user']->bind( $this->config->getValue( "authentication", "binddn" ),
+                                     $this->config->getValue( "authentication", "password" ) );
+
  }


@@ -71,6 +82,27 @@ class TgAdministration {
        // addition.
        $userTreeDn = $this->config->getValue( "user", "userTreeAttribute" ) . "=" . $userDomain;

+
+        // If the internal user tree does not already exist,
+        // it has to be created to avoid unnecessarry faults.
+        $filter = "(" . $this->config->getValue( "user", "userTreeAttribute" ) . "=" . $userDomain . ")";
+        $treeResult = $this->connection['user']->search( $this->config->getValue( "authentication", "base" ), $filter, "one" );
+
+
+        if( sizeof( $treeResult ) < 1 ) {
+
+          $arrTree['objectclass'][] = "organizationalunit";
+          $arrTree['objectclass'][] = "rbacresource";
+          $arrTree['ou'][] = $userDomain;
+
+          $file = fopen( "/tmp/debug.log", "a+" );
+          fwrite( $file, $userTreeDn . "," . $this->config->getValue( "authentication", "base" ) );
+          fclose( $file );
+          $this->connection['user']->add( $userTreeDn . "," . $this->config->getValue( "authentication", "base" ), $arrTree );
+
+        }
+
+
        try {

          $addUserResult = $this->rbac->addUser( $inRequest->username, $inRequest->password, $userTreeDn );