因新版开源版本不支持ldap,只支持到7.3版本 所以新版禅道需要本地导入插件,并且直接导入之后是无法使用的,因新版的验证方式和旧版不一样。
插件包下载地址:
https://www.zentao.net/extension-buyExt-326-download.html
具体安装过程这里不讲述了,主要是安装完成之后需要修改的几处源码文件:
module/ldap/model.php
<?php
/**
* The model file of ldap module of ZenTaoPMS.
*
* @license ZPL (http://zpl.pub/page/zplv11.html)
* @author TigerLau
* @package ldap
* @link http://www.zentao.net
*/
?>
<?php
class ldapModel extends model
{
public function identify($host, $dn, $pwd)
{
#var_dump($host);
#var_dump($dn);
#var_dump($pwd);
#exit;
$ret = '';
$ds = ldap_connect($host);
if ($ds) {
ldap_set_option($ds,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_bind($ds, $dn, $pwd);
$ret = ldap_error($ds);
ldap_close($ds);
} else {
$ret = ldap_error($ds);
}
return $ret;
}
public function getUsersDn($config)
{
$ds = ldap_connect($config->host);
if ($ds) {
ldap_set_option($ds,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_bind($ds, $config->bindDN, $config->bindPWD);
#$attrs = [$config->uid, $config->mail, $config->name];
$attrs = array($config->uid, $config->mail, $config->name);
$rlt = ldap_search($ds, $config->baseDN, $config->searchFilter, $attrs);
$data = ldap_get_entries($ds, $rlt);
return $data;
}
return null;
}
public function sync2db($config)
{
#var_dump($config);
$ldapUsers = $this->getUsers($config);
var_dump($ldapUsers);
$user = new stdclass();
$account = '';
$i=0;
for (; $i < $ldapUsers['count']; $i++) {
$user->account = $ldapUsers[$i][$config->uid][0];
$user->email = $ldapUsers[$i][$config->mail][0];
$user->realname = $ldapUsers[$i][$config->name][0];
$account = $this->dao->select('*')->from(TABLE_USER)->where('account')->eq($user->account)->fetch('account');
if ($account == $user->account) {
$this->dao->update(TABLE_USER)->data($user)->where('account')->eq($user->account)->autoCheck()->exec();
} else {
$this->dao->insert(TABLE_USER)->data($user)->autoCheck()->exec();
}
if(dao::isError())
{
echo js::error(dao::getError());
die(js::reload('parent'));
}
}
return $i;
}
}
module/ldap/control.php
<?php
/**
* The control file of user module of ZenTaoPMS.
*
* @copyright Copyright 2009-2015 青岛易软天创网络科技有限公司(QingDao Nature Easy Soft Network Te
chnology Co,LTD, www.cnezsoft.com)
* @license ZPL (http://zpl.pub/page/zplv11.html)
* @author Chunsheng Wang <[email protected]>
* @package user
* @version $Id: control.php 5005 2013-07-03 08:39:11Z [email protected] $
* @link http://www.zentao.net
*/
class ldap extends control
{
public $referer;
/**
* Construct
*
* @access public
* @return void
*/
public function __construct()
{
parent::__construct();
}
public function index()
{
$this->locate(inlink('setting'));
}
public function setting()
{
$this->view->title = $this->lang->ldap->common . $this->lang->colon . $this->lang->ldap->setting;
$this->view->position[] = html::a(inlink('index'), $this->lang->ldap->common);
$this->view->position[] = $this->lang->ldap->setting;
$this->display();
}
public function save()
{
if (!empty($_POST)) {
$this->config->ldap->host = $this->post->ldapHost;
$this->config->ldap->version = $this->post->ldapVersion;
$this->config->ldap->bindDN = $this->post->ldapBindDN;
$this->config->ldap->bindPWD = $this->post->ldapPassword;
$this->config->ldap->baseDN = $this->post->ldapBaseDN;
$this->config->ldap->searchFilter = $this->post->ldapFilter;
$this->config->ldap->uid = $this->post->ldapAttr;
$this->config->ldap->mail = $this->post->ldapMail;
// 此处我们把配置写入配置文件
$ldapConfig = "<?php \n"
."\$config->ldap = new stdclass();\n"
."\$config->ldap->host = '{$this->post->ldapHost}';\n"
."\$config->ldap->version = '{$this->post->ldapVersion}';\n"
."\$config->ldap->bindDN = '{$this->post->ldapBindDN}';\n"
."\$config->ldap->bindPWD = '{$this->post->ldapPassword}';\n"
."\$config->ldap->baseDN = '{$this->post->ldapBaseDN}';\n"
."\$config->ldap->searchFilter = '{$this->post->ldapFilter}';\n"
."\$config->ldap->uid = '{$this->post->ldapAttr}';\n"
."\$config->ldap->mail = '{$this->post->ldapMail}';\n"
."\$config->ldap->name = '{$this->post->ldapName}';\n";
$file = fopen("config.php", "w") or die("Unable to open file!");
fwrite($file, $ldapConfig);
fclose($file);
$this->locate(inlink('setting'));
}
}
public function test()
{
echo $this->ldap->identify($this->get->host, $this->get->dn, $this->get->pwd);
}
public function sync()
{
$users = $this->ldap->sync2db($this->config->ldap);
echo $users;
}
public function identify($user, $pwd)
{
$ret = false;
$account = $this->config->ldap->uid.'='.$user.','.$this->config->ldap->baseDN;
if (0 == strcmp('Success', $this->ldap->identify($this->config->ldap->host, $account, $pwd))
) {
$ret = true;
}
echo $ret;
}
}
module/user/js/login.js(因新版本的登录方式里密码使用了MD5+随机数,所以当使用ldap的时候会出现验证不通过的问题,这里需要修改为正常的密码验证方式)
// Prevent login page show in a iframe modal
if(window.self !== window.top) window.top.location.href = window.location.href;
$(document).ready(function()
{
/* Fix bug for misc-ping */
$('#hiddenwin').removeAttr('id');
var $login = $('#login');
var adjustPanelPos = function()
{
var bestTop = Math.max(0, Math.floor($(window).height() - $login.outerHeight())/2);
$login.css('margin-top', bestTop);
};
adjustPanelPos();
$(window).on('resize', adjustPanelPos);
$('#account').focus();
$("#langs li > a").click(function()
{
selectLang($(this).data('value'));
});
$('#loginPanel #submit').click(function()
{
var password = $('input:password').val().trim();
var rand = $('input#verifyRand').val();
if(password.length != 32 && typeof(md5) == 'function') $('input:password').val(password);
#if(password.length != 32 && typeof(md5) == 'function') $('input:password').val(md5(md5(password) + rand));
});
});