From: Nicolas Boisselier <nicolas.boisselier@gmail.com>
Date: Wed, 13 Dec 2017 06:01:23 +0000 (+0000)
Subject: www/dbq/dbq.php
X-Git-Url: https://git.nbdom.net/?a=commitdiff_plain;h=d3e2df807e35b819ec82e0e3b9797d5c2214206c;p=nb.git

www/dbq/dbq.php
---

diff --git a/lib/php/nb.php b/lib/php/nb.php
index 127d65c4..33f012f2 100644
--- a/lib/php/nb.php
+++ b/lib/php/nb.php
@@ -1065,24 +1065,22 @@ class NB {
   }
 
   public static function ldap_search($o=[]) {
-		$base = '127.0.0.1';
+		$host = '127.0.0.1';
 		if (preg_match('/^.*?([^\.]+\.[^\.]+)$/',$_SERVER['HTTP_HOST'],$m)) {
-			$base = $m[1];
+			$host = 'ldap.'.$m[1];
 		}
+		if (!isset($o['host'])) $o['host'] = $host;
+		if (!isset($o['base_dn'])) $o['base_dn'] = 'dc=' . str_replace('.',',dc=',preg_replace('/^ldap[^.]*./','',$host));
 
 		if (!isset($o['user'])) $o['user'] = $_SERVER['PHP_AUTH_USER'];
 
 		if (!isset($o['password'])) $o['password'] = $_SERVER['PHP_AUTH_PW'];
 
-		if (!isset($o['host'])) $o['host'] = "ldap.$base";
-
-		if (!isset($o['base_dn'])) $o['base_dn'] = 'dc=' . str_replace('.',',dc=',$base);
-
 		$o['bind_dn_preff'] = isset($o['bind_dn_preff']) ? ','.$o['bind_dn_preff'].',' : '';
 
 		if (!isset($o['bind_dn'])) $o['bind_dn'] = 'cn=' . $o['user'] . $o['bind_dn_preff'] . $o['base_dn'];
 
-		if (empty($o['filter'])) $o['filter'] = "(cn=".$o['user'].")";
+		if (empty($o['filter'])) $o['filter'] = "(&(userpassword=*)(cn=".$o['user']."))";
 		if (empty($o['attrs'])) $o['attrs'] = [];
 
 		#return [$o];
diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php
index 16abac39..5be7fd43 100644
--- a/www/dbq/dbq.php
+++ b/www/dbq/dbq.php
@@ -90,6 +90,14 @@ class DbQ extends nb {
 		// Init
 		$this->uri_init();
 
+		if (!empty($_SERVER['DBQ_ENVS'])) {
+			foreach(explode(' ',trim($_SERVER['DBQ_ENVS'])) as $e) {
+				list($env,$val) = explode('=',trim($e));
+				#debug([$env,$val]);
+				$_SERVER['DBQ_'.strtoupper($env)] = $val;
+			}
+		}
+
 		// Envs -> var
 		foreach ([
 			'perm',
@@ -1001,7 +1009,8 @@ EOF;
 		} elseif ($action == 'ldap') {
 			#debug($this->params);
 			$rows = $this->ldap_search([
-				'bind_dn_preff' => 'ou=auth',
+				'bind_dn_preff' => (!empty($_SERVER['DBQ_LDAP_BIND_DN_PREFF']) ? 'ou='.$_SERVER['DBQ_LDAP_BIND_DN_PREFF'] : 'ou=auth'),
+				#'bind_dn' => 'ou=auth',
 				'filter' => ($this->params['table'] ? $this->params['table'] : ''),
 				'attrs' => ($this->params['action'] ? explode(',',$this->params['action']) : []),
 			]);
diff --git a/www/dbq/etc/nginx.conf b/www/dbq/etc/nginx.conf
index 002c55bd..4cf2402e 100644
--- a/www/dbq/etc/nginx.conf
+++ b/www/dbq/etc/nginx.conf
@@ -43,6 +43,10 @@ location ~ /index\.php$ {
 	if ($DBQ_CONF_FILE = "") { set $DBQ_CONF_FILE $document_root/../../../etc/dbq/000-local.php; }
 	fastcgi_param DBQ_CONF_FILE $DBQ_CONF_FILE;
 	fastcgi_param DBQ_PERM $DBQ_PERM;
+
 	if ($DBQ_PROD = "") { set $DBQ_PROD ""; }
 	fastcgi_param PRODUCTION $DBQ_PROD;
+
+	if ($DBQ_ENVS = "") { set $DBQ_ENVS ""; }
+	fastcgi_param DBQ_ENVS $DBQ_ENVS;
 }