Project

General

Profile

Revision 8220

Added by Jing Tao over 7 years ago

Add code to generate dc=tmp. Clean up some code.

View differences:

ldapweb.cgi
351 351
sub handleRegister {
352 352
    
353 353
    print "Content-type: text/html\n\n";
354
    if ($query->param('o') =~ "LTER") {
355
      fullTemplate( ['registerLter'] );
356
      exit(0);
357
    } 
354 358
    
355
    
356 359
    my $allParams = { 'givenName' => $query->param('givenName'), 
357 360
                      'sn' => $query->param('sn'),
358 361
                      'o' => $query->param('o'), 
......
912 915
sub createTemporaryAccount {
913 916
    my $allParams = shift;
914 917
    my $org = $query->param('o'); 
915
 
918
    my $ldapUsername = $ldapConfig->{$org}{'user'};
919
    my $ldapPassword = $ldapConfig->{$org}{'password'};
920
    my $tmp = 1;
916 921

  
922
    ################## Search LDAP to see if the dc=tmp which stores the inactive accounts exist or not. If it doesn't exist, it will be generated
923
    my $orgAuthBase = $ldapConfig->{$org}{'base'};
924
    my $tmpSearchBase = 'dc=tmp,' . $orgAuthBase; 
925
    my $tmpFilter = "dc=tmp";
926
    my @attributes=['dc'];
927
    my $foundTmp = searchDirectory($ldapurl, $orgAuthBase, $tmpFilter, \@attributes);
928
    if (!$foundTmp) {
929
        my $dn = $tmpSearchBase;
930
        my $additions = [ 
931
                    'dc' => 'tmp',
932
                    'o'  => 'tmp',
933
                    'objectclass' => ['top', 'dcObject', 'organization']
934
                    ];
935
        createItem($dn, $ldapUsername, $ldapPassword, $additions, $tmp, $allParams);
936
    } else {
937
     debug("found the tmp space");
938
    }
917 939
    
918
    ################## Search LDAP for matching o or ou that already exist
919
    my $orgAuthBase = $ldapConfig->{$org}{'base'};; 
940
    ################## Search LDAP for matching o or ou under the dc=tmp that already exist. If it doesn't exist, it will be generated
920 941
    my $filter = $ldapConfig->{$org}{'filter'};   
921
    my $tmpSearchBase = 'dc=tmp,' . $orgAuthBase; 
942
    
922 943
    debug("search filer " . $filter);
923 944
    debug("ldap server ". $ldapurl);
924 945
    debug("sesarch base " . $tmpSearchBase);
925 946
    print "Content-type: text/html\n\n";
926 947
    my @attrs = ['o', 'ou' ];
927 948
    my $found = searchDirectory($ldapurl, $tmpSearchBase, $filter, \@attrs);
928
    
929
    my $ldapUsername = $ldapConfig->{$org}{'user'};
930
    my $ldapPassword = $ldapConfig->{$org}{'password'};
931
    debug("LDAP connection to $ldapurl...");    
932
    
933
     my @organizationInfo = split('=', $ldapConfig->{$org}{'org'}); #split 'o=NCEAS' or something like that
934
     my $organization = $organizationInfo[0]; # This will be 'o' or 'ou'
935
     my $organizationName = $organizationInfo[1]; # This will be 'NCEAS' or 'Account'
949

  
950
    my @organizationInfo = split('=', $ldapConfig->{$org}{'org'}); #split 'o=NCEAS' or something like that
951
    my $organization = $organizationInfo[0]; # This will be 'o' or 'ou'
952
    my $organizationName = $organizationInfo[1]; # This will be 'NCEAS' or 'Account'
936 953
        
937 954
    if(!$found) {
938 955
        debug("generate the subtree in the dc=tmp===========================");
939 956
        #need to generate the subtree o or ou
940
        my $dn;
941
        #if main ldap server is down, a html file containing warning message will be returned
942
        my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
943
        if ($ldap) {
944
            $ldap->start_tls( verify => 'none');
945
            debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword");
946
            $ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword );
947
            my $additions;
957
        my $additions;
948 958
            if($organization eq 'ou') {
949 959
                $additions = [ 
950 960
                    $organization   => $organizationName,
......
958 968
                    ];
959 969
            
960 970
            } 
961
            
962
            $dn=$ldapConfig->{$org}{'org'} . ',' . $tmpSearchBase;
963
            # Do the insertion
964
            my $result = $ldap->add ( 'dn' => $dn, 'attr' => [ @$additions ]);
965
            if ($result->code()) {
966
                fullTemplate( ['registerFailed', 'register'], { stage => "register",
967
                                                            allParams => $allParams,
968
                                                            errorMessage => $result->error });
969
                $ldap->unbind;   # take down session
970
                exist(0)
971
                # TODO SCW was included as separate errors, test this
972
                #$templateVars    = setVars({ stage => "register",
973
                #                     allParams => $allParams });
974
                #$template->process( $templates->{'register'}, $templateVars);
975
            } 
976
            $ldap->unbind;   # take down session
977
        } else {
978
            fullTemplate( ['registerFailed', 'register'], { stage => "register",
979
                                                            allParams => $allParams,
980
                                                            errorMessage => "The ldap server is not available now. Please try it later"});
981
            exit(0);
982
        }
983

  
971
        my $dn=$ldapConfig->{$org}{'org'} . ',' . $tmpSearchBase;
972
        createItem($dn, $ldapUsername, $ldapPassword, $additions, $tmp, $allParams);
984 973
    } 
985 974
    
986 975
    ################create an account under tmp subtree 
......
1019 1008
    #$$additions[$#$additions + 1] = 'o';
1020 1009
    #$$additions[$#$additions + 1] = $org;
1021 1010
    my $dn='uid=' . $query->param('uid') . ',' . $ldapConfig->{$org}{'org'} . ',' . $tmpSearchBase;
1022
    my $tmp = 1;
1023
    createAccount2($dn, $ldapUsername, $ldapPassword, $additions, $tmp, $allParams);
1011
    createItem($dn, $ldapUsername, $ldapPassword, $additions, $tmp, $allParams);
1024 1012
    
1025 1013
    
1026 1014
    ####################send the verification email to the user
......
1065 1053
}
1066 1054

  
1067 1055
#
1068
# Bind to LDAP and create a new account using the information provided
1056
# Bind to LDAP and create a new item (a user or subtree) using the information provided
1069 1057
# by the user
1070 1058
#
1071
sub createAccount2 {
1059
sub createItem {
1072 1060
    my $dn = shift;
1073 1061
    my $ldapUsername = shift;
1074 1062
    my $ldapPassword = shift;
......
1096 1084
                fullTemplate(@failureTemplate, { stage => "register",
1097 1085
                                                            allParams => $allParams,
1098 1086
                                                            errorMessage => $result->error });
1087
                exist(0);
1099 1088
                # TODO SCW was included as separate errors, test this
1100 1089
                #$templateVars    = setVars({ stage => "register",
1101 1090
                #                     allParams => $allParams });
......
1114 1103
  
1115 1104
}
1116 1105

  
1117
#
1118
# Bind to LDAP and create a new account using the information provided
1119
# by the user
1120
#
1121
sub createAccount {
1122
    my $allParams = shift;
1123 1106

  
1124
    if ($query->param('o') =~ "LTER") {
1125
        fullTemplate( ['registerLter'] );
1126
    } else {
1127 1107

  
1128
        # Be sure the passwords match
1129
        if ($query->param('userPassword') !~ $query->param('userPassword2')) {
1130
            my $errorMessage = "The passwords do not match. Try again.";
1131
            fullTemplate( ['registerFailed', 'register'], { stage => "register",
1132
                                                            allParams => $allParams,
1133
                                                            errorMessage => $errorMessage });
1134
            exit();
1135
        }
1136 1108

  
1137
        my $o = $query->param('o');
1138 1109

  
1139
        my $searchBase = $ldapConfig->{$o}{'base'};
1140
        my $dnBase = $ldapConfig->{$o}{'dn'};
1141
        debug("the dn is " . $dnBase);
1142
        my $ldapUsername = $ldapConfig->{$o}{'user'};
1143
        my $ldapPassword = $ldapConfig->{$o}{'password'};
1144
        debug("LDAP connection to $ldapurl...");    
1145
        #if main ldap server is down, a html file containing warning message will be returned
1146
        my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
1147
        
1148
        if ($ldap) {
1149
        	$ldap->start_tls( verify => 'none');
1150
        	debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword");
1151
        	$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword );
1152
        
1153
        	my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase;
1154
        	debug("Inserting new entry for: $dn");
1155 1110

  
1156
        	# Create a hashed version of the password
1157
        	my $shapass = createSeededPassHash($query->param('userPassword'));
1158

  
1159
        	# Do the insertion
1160
        	my $additions = [ 
1161
                'uid'   => $query->param('uid'),
1162
                'o'   => $query->param('o'),
1163
                'cn'   => join(" ", $query->param('givenName'), 
1164
                                    $query->param('sn')),
1165
                'sn'   => $query->param('sn'),
1166
                'givenName'   => $query->param('givenName'),
1167
                'mail' => $query->param('mail'),
1168
                'userPassword' => $shapass,
1169
                'objectclass' => ['top', 'person', 'organizationalPerson', 
1170
                                'inetOrgPerson', 'uidObject' ]
1171
            	];
1172
        	if (defined($query->param('telephoneNumber')) && 
1173
            	$query->param('telephoneNumber') &&
1174
            	! $query->param('telephoneNumber') =~ /^\s+$/) {
1175
            	$$additions[$#$additions + 1] = 'telephoneNumber';
1176
            	$$additions[$#$additions + 1] = $query->param('telephoneNumber');
1177
        	}
1178
        	if (defined($query->param('title')) && 
1179
            	$query->param('title') &&
1180
            	! $query->param('title') =~ /^\s+$/) {
1181
            	$$additions[$#$additions + 1] = 'title';
1182
            	$$additions[$#$additions + 1] = $query->param('title');
1183
        	}
1184
        	my $result = $ldap->add ( 'dn' => $dn, 'attr' => [ @$additions ]);
1185
    
1186
        	if ($result->code()) {
1187
            	fullTemplate( ['registerFailed', 'register'], { stage => "register",
1188
                                                            allParams => $allParams,
1189
                                                            errorMessage => $result->error });
1190
            	# TODO SCW was included as separate errors, test this
1191
           	 	#$templateVars    = setVars({ stage => "register",
1192
           	 	#                     allParams => $allParams });
1193
            	#$template->process( $templates->{'register'}, $templateVars);
1194
        	} else {
1195
            	fullTemplate( ['success'] );
1196
        	}
1197

  
1198
        	$ldap->unbind;   # take down session
1199
        }
1200
    }
1201
}
1202

  
1203 1111
#
1204 1112
# This subroutine will handle a email verification:
1205 1113
# If the hash string matches the one store in the ldap, the account will be

Also available in: Unified diff