Add missing LDAP code to login

assetclass.php

@@ -10,10 +10,14 @@ SPDX-License-Identifier: GPL-3.0-or-later
 include("includes.php");
 include("header.php");
 			
-$sql = "SELECT a.assetclass_id, a.assetclass_name, g.assetclassgroup_id,
-            g.assetclassgroup_name, g.assetclassgroup_color
-	FROM assetclass AS a LEFT OUTER JOIN assetclassgroup AS g USING (assetclassgroup_id)
-	ORDER BY a.assetclass_name";
+$sql = "SELECT c.assetclass_id AS id, c.assetclass_name AS name, c.assetclassgroup_id AS group_id,
+            g.assetclassgroup_name AS group_name, g.assetclassgroup_color AS color,
+            COUNT(a.asset_id) AS count_asset
+        FROM assetclass AS c
+            LEFT JOIN assetclassgroup AS g USING (assetclassgroup_id)
+            LEFT JOIN asset AS a USING (assetclass_id)
+        GROUP BY id, name, group_id, group_name, color
+        ORDER BY c.assetclass_name";
 $sth = $dbh->query($sql);
 $smarty->assign("assetclasses", $sth->fetchAll(PDO::FETCH_ASSOC));
 

assetclassgroup.php

@@ -10,14 +10,16 @@ SPDX-License-Identifier: GPL-3.0-or-later
 include("includes.php");
 include("header.php");
 	
-$sql = "SELECT assetclassgroup_id AS id, assetclassgroup_name AS name,
-            assetclassgroup_color AS color, assetclassgroup_description AS description
-        FROM assetclassgroup
-        ORDER BY assetclassgroup_name";
+$sql = "SELECT g.assetclassgroup_id AS id, g.assetclassgroup_name AS name,
+            g.assetclassgroup_color AS color, g.assetclassgroup_description AS description,
+            COUNT(c.assetclass_id) AS count_class
+        FROM assetclassgroup AS g LEFT JOIN assetclass AS c USING (assetclassgroup_id)
+        GROUP BY id, name, color, description
+        ORDER BY g.assetclassgroup_name";
 $sth = $dbh->query($sql);
 $smarty->assign('assetclassgroups', $sth->fetchAll(PDO::FETCH_ASSOC));
 
 $smarty->display("assetclassgroup.tpl");
 		
 include("footer.php");
-?>
+?>

lang/de.php

@@ -66,12 +66,14 @@ $lang = array(
     'lang_assetclass_del' => 'Objektklasse löschen',
     'lang_assetclass_edit' => 'Objektklasse ändern',
     'lang_assetclass_name' => 'Objektklassenname',
+    'lang_assetclass_count' => '# Objekte',
     'lang_assetclass_none' => 'Es sind keine Objektklassen vorhanden',
 
     'lang_assetclassgroup_add' => 'Objektklassengruppe hinzufügen',
     'lang_assetclassgroup_del' => 'Objektklassengruppe löschen',
     'lang_assetclassgroup_edit' => 'Objektklassengruppe ändern',
     'lang_assetclassgroup_name' => 'Objektklassengruppenname',
+    'lang_assetclassgroup_count' => '# Klassen',
     'lang_assetclassgroup_none' => 'Es sind keine Objektklassengruppen vorhanden',
 
     'lang_assignnodetoasset' => 'Knoten zu Objekt hinzufügen',

lang/en.php

@@ -66,12 +66,14 @@ $lang = array(
     'lang_assetclass_del' => 'Delete assetclass',
     'lang_assetclass_edit' => 'Mofidy assetclass',
     'lang_assetclass_name' => 'Assetclass name',
+    'lang_assetclass_count' => '# Assets',
     'lang_assetclass_none' => 'There are no assetclasses defined',
 
     'lang_assetclassgroup_add' => 'Add assetclassgroup',
     'lang_assetclassgroup_del' => 'Delete assetclassgroup',
     'lang_assetclassgroup_edit' => 'Modify assetclassgroup',
     'lang_assetclassgroup_name' => 'Assetclassgroup Name',
+    'lang_assetclassgroup_count' => '# Classes',
     'lang_assetclassgroup_none' => 'There are no assetclassegroups defined',
 
     'lang_assignnodetoasset' => 'Assign node to asset',

lib.php

@@ -168,6 +168,8 @@ function db_load_enum($table, $column) {
             WHERE table_name=? AND column_name=?";
     $sth = $dbh->prepare($sql);
     $sth->execute([$table, $column]);
+    // Für PHP < 7.4
+    // return array_map(function($x) { return trim($x, "'"); }, explode(',', $sth->fetchColumn()));
     return array_map(fn($x) => trim($x, "'"), explode(',', $sth->fetchColumn()));
 }
 

login.php

@@ -22,6 +22,36 @@ $dbh->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
 
 include("lib.php"); // only for get_language from browser. TODO: simplify
 
+function check_ldap_bind($user_name, $user_pass) {
+    global $config_ldap_host;
+    global $config_ldap_port;
+    global $config_ldap_base_dn;
+    global $config_ldap_bind_dn;
+    global $config_ldap_bind_pass;
+    global $config_ldap_login_attr;
+    $ldap_conn = NULL;
+    foreach ($config_ldap_host as $server) {
+        if ($ldap_conn = ldap_connect($server, $config_ldap_port)) {
+            if ($res = ldap_bind($ldap_conn, $config_ldap_bind_dn, $config_ldap_bind_pass)) {
+                ldap_set_option($ldap_conn, LDAP_OPT_REFERRALS, 0);
+                ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
+                $filter = "(&(objectClass=user)($config_ldap_login_attr=$user_name))";
+                $res = ldap_search($ldap_conn, $config_ldap_base_dn, $filter, ['dn']);
+                if ($res) {
+                    $info = ldap_get_entries($ldap_conn, $res);
+                    $user_dn = $info[0]['dn'];
+                    $res = ldap_bind($ldap_conn, $user_dn, $user_pass);
+                    if ($res) {
+                        return TRUE;
+                    }
+                }
+            }
+            return FALSE;
+        }
+    }
+    return FALSE;
+}
+
 function user_login ($user_name, $user_pass) {
     global $dbh;
 
@@ -36,7 +66,7 @@ function user_login ($user_name, $user_pass) {
     $sql = "SELECT user_id, user_pass, user_displayname, user_language,
                 user_imagesize, user_imagecount, user_mac, user_dateformat,
                 user_dns1suffix, user_dns2suffix, user_tooltips,
-                user_menu, user_role, user_flags
+                user_menu, user_role, user_flags, user_realm
             FROM user
             WHERE user_name=?";
     $sth = $dbh->prepare($sql);
@@ -47,22 +77,31 @@ function user_login ($user_name, $user_pass) {
         return FALSE;
     }
 
-    if (strcmp(md5($user_pass), rtrim($user->user_pass)) != 0) {
-        // password does not match with md5, check if new hash matches
-        // For future expansion: $pwd_peppered = hash_hmac('sha256', $user_pass, $config_pepper);
-        if (! password_verify($user_pass, $user->user_pass)) {
+    if ($user->user_realm == 'ldap') {
+        // check LDAP auth
+        if (! check_ldap_bind($user_name, $user_pass)) {
             return FALSE;
         }
-    } else {
-        // md5 match but outdated. rewrite with new algo
-        $sth = $dbh->prepare("UPDATE user SET user_pass=? WHERE user_id=?");
-        $newhash = password_hash($user_pass, PASSWORD_BCRYPT);
-        $sth->execute([$newhash, $user->user_id]);
+        // TODO sync LDAP data to local
+    { else {
+        // compare local passwords
+        if (strcmp(md5($user_pass), rtrim($user->user_pass)) != 0) {
+            // password does not match with md5, check if new hash matches
+            // For future expansion: $pwd_peppered = hash_hmac('sha256', $user_pass, $config_pepper);
+            if (! password_verify($user_pass, $user->user_pass)) {
+                return FALSE;
+            }
+        } else {
+            // md5 match but outdated. rewrite with new algo
+            $sth = $dbh->prepare("UPDATE user SET user_pass=? WHERE user_id=?");
+            $newhash = password_hash($user_pass, PASSWORD_BCRYPT);
+            $sth->execute([$newhash, $user->user_id]);
+        }
     }
 
-
     // all ok: user is logged in, register session data
     $_SESSION['suser_id'] = $user->user_id;
+    $_SESSION['suser_realm'] = $user->user_realm;
     $_SESSION['suser_displayname'] = $user->user_displayname;
     $_SESSION['suser_language'] = $user->user_language;
     $_SESSION['suser_imagesize'] = $user->user_imagesize;

options.php

@@ -10,6 +10,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 include("includes.php");
 include("header.php");
 
+$smarty->assign('realm', $_SESSION['suser_realm']);
 $smarty->assign('role_add', $_SESSION['suser_role_add']);
 $smarty->assign('role_edit', $_SESSION['suser_role_edit']);
 $smarty->assign('role_delete', $_SESSION['suser_role_delete']);

tpl/assetclass.tpl

@@ -20,15 +20,21 @@
     <td class="header">
         {$lang_assetclassgroup_name}
     </td>
+    <td class="header">
+        {$lang_assetclass_count}
+    </td>
 </tr>
 {foreach item=assetclass from=$assetclasses}
 <tr>
     <td class="label">
-        <a href="assetclassview.php?assetclass_id={$assetclass.assetclass_id}">{$assetclass.assetclass_name}</a>
+        <a href="assetclassview.php?assetclass_id={$assetclass.id}">{$assetclass.name}</a>
     </td>
     <td class="value">
-        <img src="image.php?color={$assetclass.assetclassgroup_color}" alt="#{$assetclass.assetclassgroup_color}">
-        <a href="assetclassgroupview.php?assetclassgroup_id={$assetclass.assetclassgroup_id}">{$assetclass.assetclassgroup_name}</a>
+        <img src="image.php?color={$assetclass.color}" alt="#{$assetclass.color}">
+        <a href="assetclassgroupview.php?assetclassgroup_id={$assetclass.group_id}">{$assetclass.group_name}</a>
+    </td>
+    <td class="label">
+        {$assetclass.count_asset}
     </td>
 </tr>
 {foreachelse}

tpl/assetclassgroup.tpl

@@ -20,6 +20,9 @@
     <td class="header">
         {$lang_description}
     </td>
+    <td class="header">
+        {$lang_assetclassgroup_count}
+    </td>
 </tr>
 {foreach item=acg from=$assetclassgroups}
 <tr>
@@ -30,6 +33,9 @@
     <td>
         {$acg.description}
     </td>
+    <td>
+        {$acg.count_class}
+    </td>
 </tr>
 {foreachelse}
 <tr>

tpl/options.tpl

@@ -63,4 +63,12 @@
 {/if}
     </td>
 </tr>
+<tr>
+	<td class="label">
+		{$lang_user_realm}
+	</td>
+	<td class="label">
+		{$realm}
+	</td>
+</tr>
 </table>