Revision 8351
Added by ben leinfelder over 10 years ago
| ldapweb.cgi | ||
|---|---|---|
| 38 | 38 |
use URI; # for parsing URL syntax |
| 39 | 39 |
use Config::Properties; # for parsing Java .properties files |
| 40 | 40 |
use File::Basename; # for path name parsing |
| 41 |
use DateTime; # for parsing dates |
|
| 42 |
use DateTime::Duration; # for substracting |
|
| 41 | 43 |
use Captcha::reCAPTCHA; # for protection against spams |
| 42 | 44 |
use Cwd 'abs_path'; |
| 43 | 45 |
|
| ... | ... | |
| 320 | 322 |
# Define the subroutines to do the work |
| 321 | 323 |
#--------------------------------------------------------------------------80c-> |
| 322 | 324 |
|
| 325 |
sub clearTemporaryAccounts {
|
|
| 326 |
|
|
| 327 |
#search accounts that have expired |
|
| 328 |
my $org = $query->param('o');
|
|
| 329 |
my $ldapUsername = $ldapConfig->{$org}{'user'};
|
|
| 330 |
my $ldapPassword = $ldapConfig->{$org}{'password'};
|
|
| 331 |
my $orgAuthBase = $ldapConfig->{$org}{'base'};
|
|
| 332 |
my $orgExpiration = $ldapConfig->{$org}{'expiration'};
|
|
| 333 |
my $tmpSearchBase = 'dc=tmp,' . $orgAuthBase; |
|
| 334 |
|
|
| 335 |
my $dt = DateTime->now; |
|
| 336 |
$dt->subtract( hours => $orgExpiration ); |
|
| 337 |
my $expirationDate = $dt->ymd() . $dt->hms() . "Z"; |
|
| 338 |
my $filter = "(createTimestamp <= " . $expirationDate . ")"; |
|
| 339 |
debug("Clearing expired accounts with filter: " . $filter);
|
|
| 340 |
my @attrs = [ 'uid', 'o', 'ou', 'cn', 'mail', 'telephoneNumber', 'title' ]; |
|
| 341 |
|
|
| 342 |
my $ldap; |
|
| 343 |
my $mesg; |
|
| 344 |
|
|
| 345 |
my $dn; |
|
| 346 |
|
|
| 347 |
#if main ldap server is down, a html file containing warning message will be returned |
|
| 348 |
debug("clearTempAccounts: connecting to $ldapurl, $timeout");
|
|
| 349 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
|
| 350 |
if ($ldap) {
|
|
| 351 |
$ldap->start_tls( verify => 'none'); |
|
| 352 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
|
| 353 |
$mesg = $ldap->search ( |
|
| 354 |
base => $base, |
|
| 355 |
filter => $filter, |
|
| 356 |
attrs => \@attrs, |
|
| 357 |
); |
|
| 358 |
|
|
| 359 |
if ($mesg->count() > 0) {
|
|
| 360 |
my $entry; |
|
| 361 |
foreach $entry ($mesg->all_entries) {
|
|
| 362 |
$dn = $entry->dn(); |
|
| 363 |
# remove the entry |
|
| 364 |
debug("DRY RUN: Removing expired account: " . $dn);
|
|
| 365 |
#$ldap->delete($dn); |
|
| 366 |
} |
|
| 367 |
} |
|
| 368 |
$ldap->unbind; # take down session |
|
| 369 |
} |
|
| 370 |
|
|
| 371 |
return $foundAccounts; |
|
| 372 |
} |
|
| 373 |
|
|
| 323 | 374 |
sub fullTemplate {
|
| 324 | 375 |
my $templateList = shift; |
| 325 | 376 |
my $templateVars = setVars(shift); |
| ... | ... | |
| 503 | 554 |
my $o = $query->param('o');
|
| 504 | 555 |
$searchBase = $ldapConfig->{$o}{'base'};
|
| 505 | 556 |
} |
| 557 |
|
|
| 558 |
# Remove any expired temporary accounts for this subtree before continuing |
|
| 559 |
clearTemporaryAccounts(); |
|
| 506 | 560 |
|
| 507 | 561 |
# Search LDAP for matching entries that already exist |
| 508 | 562 |
# Some forms use a single text search box, whereas others search per |
Also available in: Unified diff
clear temporary accounts that have not been activated after a configurable number of hours. https://projects.ecoinformatics.org/ecoinfo/issues/6099