Context Navigation

← Previous Changeset
Next Changeset →

Changeset 121224

Timestamp:

05/28/2009 07:21:15 PM (17 years ago)

Author:

redgecko

Message:

Add role equivalent groups edit GUI and add setting link in the plugin page.

Location:

simple-ldap-authentication/trunk

Files:

: 3 added
: 5 edited
: 1 copied

extra-table.css (added)
extra-table.js (added)
languages/simple-ldap-authentication-ja.mo (modified) (previous)
languages/simple-ldap-authentication-ja.po (modified) (13 diffs)
languages/simple-ldap-authentication.pot (modified) (9 diffs)
readme.txt (modified) (1 diff)
screenshot-2.png (added)
screenshot-3.png (copied) (copied from simple-ldap-authentication/trunk/screenshot-2.png)
simple-ldap-authentication.php (modified) (10 diffs)

Legend:

: Unmodified
: Added
: Removed

simple-ldap-authentication/trunk/languages/simple-ldap-authentication-ja.po

-                      r118102
+                      r121224
 "Project-Id-Version: シンプル LDAP 認証 1.0.1\n"
 "Report-Msgid-Bugs-To: http://wordpress.org/tag/simple-ldap-authentication\n"
 "POT-Creation-Date: 2009-05-15 18:40+0900\n"
 "PO-Revision-Date: 2009-05-15 18:43+0900\n"
+"POT-Creation-Date: 2009-05-29 03:34+0900\n"
+"PO-Revision-Date: 2009-05-29 03:36+0900\n"
 "Last-Translator: Yoshimitsu Mori <[email protected]>\n"
 "Language-Team: Japanese <[email protected]>\n"
 …
 "Content-Transfer-Encoding: 8bit\n"
 #. #-#-#-#-#  simple-ldap-authentication.pot (Simple LDAP Authentication 1.0.1)  #-#-#-#-#
+#. #-#-#-#-#  simple-ldap-authentication.pot (Simple LDAP Authentication 1.0.4)  #-#-#-#-#
 #. Plugin Name of an extension
 #: simple-ldap-authentication.php:78
+#: simple-ldap-authentication.php:80
 msgid "Simple LDAP Authentication"
 msgstr "シンプル LDAP 認証"
 #: simple-ldap-authentication.php:143
+#: simple-ldap-authentication.php:103
 msgid ""
 "<strong>ERROR</strong>: LDAP user ID search filter is inacuurate. The filter "
 …
 "には '%user_id%' が含まれている必要があります。"
 #: simple-ldap-authentication.php:155
+#: simple-ldap-authentication.php:115
 #, php-format
 msgid "<strong>ERROR</strong>: Cannot connect to '%s'."
 msgstr "<strong>エラー</strong>：'%s' に接続できません。"
 #: simple-ldap-authentication.php:165
+#: simple-ldap-authentication.php:125
 msgid ""
 "<strong>ERROR</strong>: LDAP bind failed. Either the LDAPS connection failed "
 …
 "たか、ログイン資格が間違っています。"
 #: simple-ldap-authentication.php:167
+#: simple-ldap-authentication.php:127
 msgid "<strong>ERROR</strong>: LDAP bind failed. Check the login credentials."
 msgstr ""
 …
 "てください。"
 #: simple-ldap-authentication.php:230
+#: simple-ldap-authentication.php:190
 msgid ""
 "<strong>ERROR</strong>: This user exists in LDAP, but has not been granted "
 …
 "セスは許可されていません。"
 #: simple-ldap-authentication.php:329
+#: simple-ldap-authentication.php:372
 msgid "Simple LDAP Authentication Options"
 msgstr "シンプル LDAP 認証の設定"
 #: simple-ldap-authentication.php:337
+#: simple-ldap-authentication.php:380
 msgid "LDAP Server"
 msgstr "LDAP サーバ"
 #: simple-ldap-authentication.php:340
+#: simple-ldap-authentication.php:383
 msgid "LDAP Server (e.g. <code>ldap.example.net</code>)"
 msgstr "LDAP サーバを指定してください。（例：<code>ldap.example.net</code>）"
 #: simple-ldap-authentication.php:344
+#: simple-ldap-authentication.php:387
 msgid "Use SSL connection with LDAP?"
 msgstr "SSL 接続を使いますか？"
 #: simple-ldap-authentication.php:347
+#: simple-ldap-authentication.php:390
 msgid "If you use SSL connection or not, when LDAP connection."
 msgstr "LDAP での接続時に SSL で通信を行うかを設定します。"
 #: simple-ldap-authentication.php:351
+#: simple-ldap-authentication.php:394
 msgid "Base DN"
 msgstr "ベース DN"
 #: simple-ldap-authentication.php:354
+#: simple-ldap-authentication.php:397
 msgid "Base DN (e.g., <code>dc=example,dc=net</code>)"
 msgstr ""
 …
 "code>）"
 #: simple-ldap-authentication.php:358
+#: simple-ldap-authentication.php:401
 msgid "Bind DN"
 msgstr "特権のないデータベースユーザ (バインド DN)"
 #: simple-ldap-authentication.php:361
+#: simple-ldap-authentication.php:404
 msgid "Bind DN (e.g., <code>cn=proxyuser,dc=example,dc=net</code>)"
 msgstr ""
 …
 "（例：<code>cn=proxyuser,dc=example,dc=net</code>）"
 #: simple-ldap-authentication.php:365
+#: simple-ldap-authentication.php:408
 msgid "Bind Password"
 msgstr "データベースログインアカウントのパスワード (バインド・パスワード)"
 #: simple-ldap-authentication.php:368
+#: simple-ldap-authentication.php:411
 msgid "Password for database login account."
 msgstr ""
 "LDAP データベースにログインするのに使われるパスワードを入力してください。"
 #: simple-ldap-authentication.php:372
+#: simple-ldap-authentication.php:415
 msgid "User ID Search Filter"
 msgstr "ユーザ ID を検索する際のフィルタ"
 #: simple-ldap-authentication.php:375
 msgid ""
 "LDAP filter for searching user ID (e.g., <code>(uid=%user_id%)</code>)<br/>\n"
+#: simple-ldap-authentication.php:418
+msgid ""
+"LDAP filter for searching user ID (e.g., <code>(uid=%user_id%)</code>)<br />\n"
 "This setting must contain <code>%user_id%</code> string."
 msgstr ""
 "ユーザ ID を検索するための LDAP フィルタを指定してください。（例：<code>(uid="
 "%user_id%)</code>）<br/>\n"
+"%user_id%)</code>）<br />\n"
 "この設定には、文字列 <code>%user_id%</code> が含まれている必要があります。"
 #: simple-ldap-authentication.php:380
+#: simple-ldap-authentication.php:423
 msgid "Group Search Filter"
 msgstr "グループを検索する際のフィルタ"
 #: simple-ldap-authentication.php:383
 msgid ""
 "LDAP filter for searching group (e.g., <code>(cn=%group%)</code>)<br/>\n"
+#: simple-ldap-authentication.php:426
+msgid ""
+"LDAP filter for searching group (e.g., <code>(cn=%group%)</code>)<br />\n"
 "This setting must contain <code>%group%</code> string."
 msgstr ""
 "グループを検索するための LDAP フィルタを指定してください。（例：<code>(cn=%"
 "group%)</code>）<br/>\n"
+"group%)</code>）<br />\n"
 "この設定には、文字列 <code>%group%</code> が含まれている必要があります。"
 #: simple-ldap-authentication.php:388
+#: simple-ldap-authentication.php:431
 msgid "Group Member Attribute"
 msgstr "グループメンバの属性"
 #: simple-ldap-authentication.php:391
+#: simple-ldap-authentication.php:434
 msgid "LDAP attribute for group member (e.g., <code>memberuid</code>)"
 msgstr ""
 …
 "<code>memberuid</code>）"
 #: simple-ldap-authentication.php:395
+#: simple-ldap-authentication.php:438
 msgid ""
 "Automatically create accounts for any and all users can authenticate to the "
 …
 msgstr "LDAP で認証された全てのユーザに対し自動的にアカウントを作成しますか？"
 #: simple-ldap-authentication.php:398
+#: simple-ldap-authentication.php:441
 msgid ""
 "Should a new user be created automatically if not already in the WordPress "
 …
 "Created users will obtain the role defined under &quot;New User Default "
 "Role&quot; on the <a href=\"options-general.php\">General Options</a> page.\n"
 "<br/>\n"
+"<br />\n"
 "This setting is separate from the Role Equivalent Groups option, below.\n"
 "<br/>\n"
+"<br />\n"
 "<strong>Users with role equivalent groups will be created even if this "
 "setting is turned off</strong> (because if you didn't want this to happen, "
 …
 "作成されたユーザは、<a href=\"options-general.php\">一般設定</a>ページの "
 "&quot;新規ユーザーのデフォルト権限&quot; に沿った権限が与えられます。\n"
 "<br/>\n"
+"<br />\n"
 "この設定は下にある自動グループ権限オプションとは独立して動作します。\n"
 "<br/>\n"
+"<br />\n"
 "<strong>この設定がオフの場合でも、自動グループ権限に従ってユーザは作成されま"
 "す。</strong>（この動作を望ましくないと思うのであれば、くだんの設定を空にして"
 "おく必要があります。）"
 #: simple-ldap-authentication.php:407
+#: simple-ldap-authentication.php:450
 msgid "Default email domain"
 msgstr "デフォルトの E-Mail ドメイン"
 #: simple-ldap-authentication.php:410
+#: simple-ldap-authentication.php:453
 msgid ""
 "If the LDAP attribute 'mail' is blank, a user's email will be set to "
 …
 "定値\"になります。"
 #: simple-ldap-authentication.php:414
+#: simple-ldap-authentication.php:457
 msgid "Role Equivalent Groups"
 msgstr "自動グループ権限"
 #: simple-ldap-authentication.php:417
 msgid ""
 "List of LDAP groups which correspond to WordPress user roles.<br/>\n"
+#: simple-ldap-authentication.php:460
+msgid ""
+"List of LDAP groups which correspond to WordPress user roles.<br />\n"
 "When a user is first created, his role will correspond to what is specified "
 "here.<br/>\n"
+"here.<br />\n"
 "Format: <code>LDAP-Group=WordPress-Role;LDAP-Group=WordPress-Role;...</"
 "code><br/>\n"
+"code><br />\n"
 "E.g., <code>Soc-Faculty=faculty</code> or <code>Faculty=faculty;"
 "Students=subscriber</code><br/>\n"
+"Students=subscriber</code><br />\n"
 "A user will be created based on the first math, from left to right, so you "
 "should obviously put the more powerful groups first.<br/>\n"
+"should obviously put the more powerful groups first.<br />\n"
 "NOTE: WordPress stores roles as lower case ( Faculty is stored as faculty )"
 "<br/>\n"
+"<br />\n"
 "ALSO NOTE: LDAP groups are case-sensitive"
 msgstr ""
 "WordPress ユーザ権限に対応する LDAP グループをリストアップしてください。<br/"
+"WordPress ユーザ権限に対応する LDAP グループをリストアップしてください。<br /"
 ">\n"
 "ユーザが最初に作成される際、そのユーザの権限はここで指定される該当の物になり"
 "ます。<br/>\n"
+"ます。<br />\n"
 "フォーマット：<code>LDAPグループ=WordPress権限;LDAPグループ=WordPress権限;..."
 "</code><br/>\n"
+"</code><br />\n"
 "例：<code>Soc-Faculty=faculty</code> もしくは <code>Faculty=faculty;"
 "Students=subscriber</code><br/>\n"
+"Students=subscriber</code><br />\n"
 "ユーザは左から右に向けて処理された最初の一致条件に基づき作成されるため、もっ"
 "とも権限の強いグループを先に書くべきです。<br/>\n"
+"とも権限の強いグループを先に書くべきです。<br />\n"
 "注：WordPress は権限を小文字で保存します。（Faculty は faculty として保存され"
 "ます）<br/>\n"
+"ます）<br />\n"
 "注：LDAP のグループは大文字小文字を区別します。"
+#: simple-ldap-authentication.php:476
+msgid "Role Equivalent Groups Editor"
+msgstr "自動グループ権限エディタ"
+#: simple-ldap-authentication.php:480
+msgid "LDAP Group"
+msgstr "LDAP グループ"
+#: simple-ldap-authentication.php:481
+msgid "WordPress Role"
+msgstr "WordPress 権限"
 #. Plugin URI of an extension

simple-ldap-authentication/trunk/languages/simple-ldap-authentication.pot

-                      r118102
+                      r121224
 msgid ""
 msgstr ""
 "Project-Id-Version: Simple LDAP Authentication 1.0.1\n"
+"Project-Id-Version: Simple LDAP Authentication 1.0.4\n"
 "Report-Msgid-Bugs-To: http://wordpress.org/tag/simple-ldap-authentication\n"
 "POT-Creation-Date: 2009-05-15 18:40+0900\n"
+"POT-Creation-Date: 2009-05-29 03:34+0900\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 …
 "Content-Transfer-Encoding: 8bit\n"
 #. #-#-#-#-#  simple-ldap-authentication.pot (Simple LDAP Authentication 1.0.1)  #-#-#-#-#
+#. #-#-#-#-#  simple-ldap-authentication.pot (Simple LDAP Authentication 1.0.4)  #-#-#-#-#
 #. Plugin Name of an extension
 #: simple-ldap-authentication.php:78
+#: simple-ldap-authentication.php:80
 msgid "Simple LDAP Authentication"
 msgstr ""
 #: simple-ldap-authentication.php:143
+#: simple-ldap-authentication.php:103
 msgid ""
 "<strong>ERROR</strong>: LDAP user ID search filter is inacuurate. The filter "
 …
 msgstr ""
 #: simple-ldap-authentication.php:155
+#: simple-ldap-authentication.php:115
 #, php-format
 msgid "<strong>ERROR</strong>: Cannot connect to '%s'."
 msgstr ""
 #: simple-ldap-authentication.php:165
+#: simple-ldap-authentication.php:125
 msgid ""
 "<strong>ERROR</strong>: LDAP bind failed. Either the LDAPS connection failed "
 …
 msgstr ""
 #: simple-ldap-authentication.php:167
+#: simple-ldap-authentication.php:127
 msgid "<strong>ERROR</strong>: LDAP bind failed. Check the login credentials."
 msgstr ""
 #: simple-ldap-authentication.php:230
+#: simple-ldap-authentication.php:190
 msgid ""
 "<strong>ERROR</strong>: This user exists in LDAP, but has not been granted "
 …
 msgstr ""
 #: simple-ldap-authentication.php:329
+#: simple-ldap-authentication.php:372
 msgid "Simple LDAP Authentication Options"
 msgstr ""
 #: simple-ldap-authentication.php:337
+#: simple-ldap-authentication.php:380
 msgid "LDAP Server"
 msgstr ""
 #: simple-ldap-authentication.php:340
+#: simple-ldap-authentication.php:383
 msgid "LDAP Server (e.g. <code>ldap.example.net</code>)"
 msgstr ""
 #: simple-ldap-authentication.php:344
+#: simple-ldap-authentication.php:387
 msgid "Use SSL connection with LDAP?"
 msgstr ""
 #: simple-ldap-authentication.php:347
+#: simple-ldap-authentication.php:390
 msgid "If you use SSL connection or not, when LDAP connection."
 msgstr ""
 #: simple-ldap-authentication.php:351
+#: simple-ldap-authentication.php:394
 msgid "Base DN"
 msgstr ""
 #: simple-ldap-authentication.php:354
+#: simple-ldap-authentication.php:397
 msgid "Base DN (e.g., <code>dc=example,dc=net</code>)"
 msgstr ""
 #: simple-ldap-authentication.php:358
+#: simple-ldap-authentication.php:401
 msgid "Bind DN"
 msgstr ""
 #: simple-ldap-authentication.php:361
+#: simple-ldap-authentication.php:404
 msgid "Bind DN (e.g., <code>cn=proxyuser,dc=example,dc=net</code>)"
 msgstr ""
 #: simple-ldap-authentication.php:365
+#: simple-ldap-authentication.php:408
 msgid "Bind Password"
 msgstr ""
 #: simple-ldap-authentication.php:368
+#: simple-ldap-authentication.php:411
 msgid "Password for database login account."
 msgstr ""
 #: simple-ldap-authentication.php:372
+#: simple-ldap-authentication.php:415
 msgid "User ID Search Filter"
 msgstr ""
 #: simple-ldap-authentication.php:375
 msgid ""
 "LDAP filter for searching user ID (e.g., <code>(uid=%user_id%)</code>)<br/>\n"
+#: simple-ldap-authentication.php:418
+msgid ""
+"LDAP filter for searching user ID (e.g., <code>(uid=%user_id%)</code>)<br />\n"
 "This setting must contain <code>%user_id%</code> string."
 msgstr ""
 #: simple-ldap-authentication.php:380
+#: simple-ldap-authentication.php:423
 msgid "Group Search Filter"
 msgstr ""
 #: simple-ldap-authentication.php:383
 msgid ""
 "LDAP filter for searching group (e.g., <code>(cn=%group%)</code>)<br/>\n"
+#: simple-ldap-authentication.php:426
+msgid ""
+"LDAP filter for searching group (e.g., <code>(cn=%group%)</code>)<br />\n"
 "This setting must contain <code>%group%</code> string."
 msgstr ""
 #: simple-ldap-authentication.php:388
+#: simple-ldap-authentication.php:431
 msgid "Group Member Attribute"
 msgstr ""
 #: simple-ldap-authentication.php:391
+#: simple-ldap-authentication.php:434
 msgid "LDAP attribute for group member (e.g., <code>memberuid</code>)"
 msgstr ""
 #: simple-ldap-authentication.php:395
+#: simple-ldap-authentication.php:438
 msgid ""
 "Automatically create accounts for any and all users can authenticate to the "
 …
 msgstr ""
 #: simple-ldap-authentication.php:398
+#: simple-ldap-authentication.php:441
 msgid ""
 "Should a new user be created automatically if not already in the WordPress "
 …
 "Created users will obtain the role defined under &quot;New User Default "
 "Role&quot; on the <a href=\"options-general.php\">General Options</a> page.\n"
 "<br/>\n"
+"<br />\n"
 "This setting is separate from the Role Equivalent Groups option, below.\n"
 "<br/>\n"
+"<br />\n"
 "<strong>Users with role equivalent groups will be created even if this "
 "setting is turned off</strong> (because if you didn't want this to happen, "
 …
 msgstr ""
 #: simple-ldap-authentication.php:407
+#: simple-ldap-authentication.php:450
 msgid "Default email domain"
 msgstr ""
 #: simple-ldap-authentication.php:410
+#: simple-ldap-authentication.php:453
 msgid ""
 "If the LDAP attribute 'mail' is blank, a user's email will be set to "
 …
 msgstr ""
 #: simple-ldap-authentication.php:414
+#: simple-ldap-authentication.php:457
 msgid "Role Equivalent Groups"
 msgstr ""
 #: simple-ldap-authentication.php:417
 msgid ""
 "List of LDAP groups which correspond to WordPress user roles.<br/>\n"
+#: simple-ldap-authentication.php:460
+msgid ""
+"List of LDAP groups which correspond to WordPress user roles.<br />\n"
 "When a user is first created, his role will correspond to what is specified "
 "here.<br/>\n"
+"here.<br />\n"
 "Format: <code>LDAP-Group=WordPress-Role;LDAP-Group=WordPress-Role;...</"
 "code><br/>\n"
+"code><br />\n"
 "E.g., <code>Soc-Faculty=faculty</code> or <code>Faculty=faculty;"
 "Students=subscriber</code><br/>\n"
+"Students=subscriber</code><br />\n"
 "A user will be created based on the first math, from left to right, so you "
 "should obviously put the more powerful groups first.<br/>\n"
+"should obviously put the more powerful groups first.<br />\n"
 "NOTE: WordPress stores roles as lower case ( Faculty is stored as faculty )"
 "<br/>\n"
+"<br />\n"
 "ALSO NOTE: LDAP groups are case-sensitive"
+msgstr ""
+#: simple-ldap-authentication.php:476
+msgid "Role Equivalent Groups Editor"
+msgstr ""
+#: simple-ldap-authentication.php:480
+msgid "LDAP Group"
+msgstr ""
+#: simple-ldap-authentication.php:481
+msgid "WordPress Role"
 msgstr ""

simple-ldap-authentication/trunk/readme.txt

r119748	r121224
77	77
78	78	1. The administration page under Settings -> Simple LDAP Authentication
79		2. This plugin supports i18n. Japanese example.
	79	2. Role Equivalent Groups Editor in the option page.
	80	3. This plugin supports i18n. Japanese example.

simple-ldap-authentication/trunk/simple-ldap-authentication.php

-                      r119677
+                      r121224
 /*
 Plugin Name: Simple LDAP Authentication
 Version: 1.0.3
+Version: 1.0.4
 Plugin URI: http://redgecko.jp/wp/ldap_auth/
 Description: Allows WordPress to authenticate users through LDAP
 …
             add_action('check_passwords', array(&$this, 'generate_password'), 10, 3);
             add_filter('show_password_fields', array(&$this, 'disable_password_fields'));
+            add_filter('plugin_action_links', array(&$this, 'add_link'), 10, 2);
             $this->ldap_auth_domain = dirname(plugin_basename(__FILE__));
+        }
 …
                 PLUGINDIR.'/'.dirname(plugin_basename(__FILE__)).'/languages',
                 dirname(plugin_basename(__FILE__)).'/languages');
+            if ( function_exists('add_options_page') )
+                    add_options_page(__('Simple LDAP Authentication', $this->ldap_auth_domain), __('Simple LDAP Authentication', $this->ldap_auth_domain), 9, __FILE__, array(&$this, '_display_options_page'));
+        }
+        function _user_in_group( $ldap, $username, $group ) {
+            $base_dn = get_option('LDAP_authentication_base_dn');
+            $group_filter = get_option('LDAP_authentication_group_filter');
+            $group_attr = strtolower(get_option('LDAP_authentication_group_attribute'));
+            $replace_count = 0;
+            $group_filter = str_replace('%group%', $group, $group_filter, &$replace_count);
+            if ( $replace_count == 0 ) {
+                if ( defined('WP_DEBUG') && ( true === WP_DEBUG ) )
+                    trigger_error('LDAP group search filter is mistaked.');
+                return false;
+            }
+            if ( !defined('WP_DEBUG') || ( defined('WP_DEBUG') && false === WP_DEBUG ) ) {
+                $result = @ldap_search($ldap, $base_dn, $group_filter, array($group_attr));
+            } else {
+                trigger_error('Searching group in LDAP with \'' . $group_filter . '\' filter.');
+                $result = ldap_search($ldap, $base_dn, $group_filter, array($group_attr));
+            }
+            if ( $result === FALSE ) return false;
+            $members = @ldap_get_entries($ldap, $result);
+            $members = $members[0][$group_attr];
+            return in_array($username, $members);
+        }
+        function _get_user_role_equiv( $ldap, $username ) {
+            $role_equiv_groups = get_option('LDAP_authentication_role_equivalent_groups');
+            $role_equiv_groups = explode(';', $role_equiv_groups);
+            $user_role = '';
+            foreach ( $role_equiv_groups as $whatever => $role_group ) {
+                if ( defined('WP_DEBUG') && ( true === WP_DEBUG ) )
+                    trigger_error('Trying \''  . $role_group . '\' rule.');
+                $role_group = explode('=', $role_group);
+                if ( count($role_group) != 2 )
+                    continue;
+                $ldap_group = $role_group[0];
+                $corresponding_role = $role_group[1];
+                if ( $this->_user_in_group($ldap, $username, $ldap_group) ) {
+                    $user_role = $corresponding_role;
+                    break;
+                }
+            }
+            if ( defined('WP_DEBUG') && ( true === WP_DEBUG ) )
+                trigger_error('User \'' . $username . '\' is assigned as \'' . $user_role . '\' role.');
+            return $user_role;
+            if ( function_exists('add_options_page') ) {
+                $page = add_options_page(__('Simple LDAP Authentication', $this->ldap_auth_domain), __('Simple LDAP Authentication', $this->ldap_auth_domain), 9, __FILE__, array(&$this, '_display_options_page'));
+                add_action("admin_print_styles-$page", array(&$this, 'add_admin_custom_css'));
+                add_action("admin_print_scripts-$page", array(&$this, 'add_admin_script'));
+            }
+        }
 …
+        }
+        /*
+         * Add action link in the plugin page.
+         */
+        function add_link($links, $file) {
+            static $this_plugin;
+            if ( !$this_plugin ) $this_plugin = plugin_basename(__FILE__);
+            if ( $file === $this_plugin ) {
+                $settings_link = '<a href="options-general.php?page=' . $this_plugin . '">' . _('Settings') . '</a>';
+                array_unshift($links, $settings_link);
+            }
+            return($links);
+        }
+        /*
+         * Add custom style sheet to the admin page
+         */
+        function add_admin_custom_css() {
+            $style = WP_PLUGIN_URL . '/' . dirname(plugin_basename(__FILE__)) . '/extra-table.css';
+            wp_register_style('ldap-auth-extra', $style, array('colors'));
+            wp_enqueue_style('ldap-auth-extra');
+        }
+        /*
+         * Add custom script to the admin page
+         */
+        function add_admin_script() {
+            $script = WP_PLUGIN_URL . '/' . dirname(plugin_basename(__FILE__)) . '/extra-table.js';
+            wp_register_script('ldap-auth-extra', $script, array('jquery-ui-dialog'));
+            wp_enqueue_script('ldap-auth-extra');
+        }
         /*************************************************************
          * Functions
          *************************************************************/
+        /*
+         * Check the group includes the target user.
+         */
+        function _user_in_group( $ldap, $username, $group ) {
+            $base_dn = get_option('LDAP_authentication_base_dn');
+            $group_filter = get_option('LDAP_authentication_group_filter');
+            $group_attr = strtolower(get_option('LDAP_authentication_group_attribute'));
+            $replace_count = 0;
+            $group_filter = str_replace('%group%', $group, $group_filter, &$replace_count);
+            if ( $replace_count == 0 ) {
+                if ( defined('WP_DEBUG') && ( true === WP_DEBUG ) )
+                    trigger_error('LDAP group search filter is mistaked.');
+                return false;
+            }
+            if ( !defined('WP_DEBUG') || ( defined('WP_DEBUG') && false === WP_DEBUG ) ) {
+                $result = @ldap_search($ldap, $base_dn, $group_filter, array($group_attr));
+            } else {
+                trigger_error('Searching group in LDAP with \'' . $group_filter . '\' filter.');
+                $result = ldap_search($ldap, $base_dn, $group_filter, array($group_attr));
+            }
+            if ( $result === FALSE ) return false;
+            $members = @ldap_get_entries($ldap, $result);
+            $members = $members[0][$group_attr];
+            return in_array($username, $members);
+        }
+        /*
+         * Get the user's group info from LDAP and return the WordPress role.
+         */
+        function _get_user_role_equiv( $ldap, $username ) {
+            $role_equiv_groups = get_option('LDAP_authentication_role_equivalent_groups');
+            $role_equiv_groups = explode(';', $role_equiv_groups);
+            $user_role = '';
+            foreach ( $role_equiv_groups as $whatever => $role_group ) {
+                if ( defined('WP_DEBUG') && ( true === WP_DEBUG ) )
+                    trigger_error('Trying \''  . $role_group . '\' rule.');
+                $role_group = explode('=', $role_group);
+                if ( count($role_group) != 2 )
+                    continue;
+                $ldap_group = $role_group[0];
+                $corresponding_role = $role_group[1];
+                if ( $this->_user_in_group($ldap, $username, $ldap_group) ) {
+                    $user_role = $corresponding_role;
+                    break;
+                }
+            }
+            if ( defined('WP_DEBUG') && ( true === WP_DEBUG ) )
+                trigger_error('User \'' . $username . '\' is assigned as \'' . $user_role . '\' role.');
+            return $user_role;
+        }
         /*
 …
                 <td>
                     <input type="text" name="LDAP_authentication_uid_filter" id="LDAP_authentication_uid_filter" value="<?php echo $uid_filter; ?>" /><br />
                     <?php _e('LDAP filter for searching user ID (e.g., <code>(uid=%user_id%)</code>)<br/>
+                    <?php _e('LDAP filter for searching user ID (e.g., <code>(uid=%user_id%)</code>)<br />
 This setting must contain <code>%user_id%</code> string.', $this->ldap_auth_domain); ?>
                 </td>
 …
                 <td>
                     <input type="text" name="LDAP_authentication_group_filter" id="LDAP_authentication_group_filter" value="<?php echo $group_filter; ?>" /><br />
                     <?php _e('LDAP filter for searching group (e.g., <code>(cn=%group%)</code>)<br/>
+                    <?php _e('LDAP filter for searching group (e.g., <code>(cn=%group%)</code>)<br />
 This setting must contain <code>%group%</code> string.', $this->ldap_auth_domain); ?>
                 </td>
 …
                     <?php _e('Should a new user be created automatically if not already in the WordPress database?<br />
 Created users will obtain the role defined under &quot;New User Default Role&quot; on the <a href="options-general.php">General Options</a> page.
 <br/>
+<br />
 This setting is separate from the Role Equivalent Groups option, below.
 <br/>
+<br />
 <strong>Users with role equivalent groups will be created even if this setting is turned off</strong> (because if you didn\'t want this to happen, you would leave that option blank.)'); ?>
                 </td>
 …
                 <th scope="row"><label for="LDAP_authentication_default_email_domain"><?php _e('Default email domain', $this->ldap_auth_domain); ?></label></th>
                 <td>
                     <input type="text" name="LDAP_authentication_default_email_domain" id="LDAP_authentication_default_email_domain" value="<?php echo $email_domain; ?>"><br />
+                    <input type="text" name="LDAP_authentication_default_email_domain" id="LDAP_authentication_default_email_domain" value="<?php echo $email_domain; ?>" /><br />
                     <?php _e('If the LDAP attribute \'mail\' is blank, a user\'s email will be set to username@whatever-this-says', $this->ldap_auth_domain); ?>
                 </td>
 …
                 <td>
                     <input type="text" name="LDAP_authentication_role_equivalent_groups" id="LDAP_authentication_role_equivalent_groups" value="<?php echo $role_equiv_groups; ?>" /><br />
                     <?php _e('List of LDAP groups which correspond to WordPress user roles.<br/>
 When a user is first created, his role will correspond to what is specified here.<br/>
 Format: <code>LDAP-Group=WordPress-Role;LDAP-Group=WordPress-Role;...</code><br/>
 E.g., <code>Soc-Faculty=faculty</code> or <code>Faculty=faculty;Students=subscriber</code><br/>
 A user will be created based on the first math, from left to right, so you should obviously put the more powerful groups first.<br/>
 NOTE: WordPress stores roles as lower case ( Faculty is stored as faculty )<br/>
+                    <?php _e('List of LDAP groups which correspond to WordPress user roles.<br />
+When a user is first created, his role will correspond to what is specified here.<br />
+Format: <code>LDAP-Group=WordPress-Role;LDAP-Group=WordPress-Role;...</code><br />
+E.g., <code>Soc-Faculty=faculty</code> or <code>Faculty=faculty;Students=subscriber</code><br />
+A user will be created based on the first math, from left to right, so you should obviously put the more powerful groups first.<br />
+NOTE: WordPress stores roles as lower case ( Faculty is stored as faculty )<br />
 ALSO NOTE: LDAP groups are case-sensitive', $this->ldap_auth_domain); ?>
                 </td>
             </tr>
         </table>
+        <input type="hidden" name="default_role" id="default_role" value="<?php echo get_option('default_role'); ?>" />
         <p class="submit">
             <input type="submit" name="Submit" value="<?php _e('Save Changes'); ?>" />
 …
     </form>
 </div>
+<div id="equivalent_dialog" title="<?php _e('Role Equivalent Groups Editor', $this->ldap_auth_domain); ?>" style="display: none" class="ui-widget">
+    <table class="equivalent-table form-table">
+        <thead>
+            <tr align="center" class="ui-widget-header">
+                <th scope="col"><?php _e('LDAP Group', $this->ldap_auth_domain); ?></th>
+                <th scope="col"><?php _e('WordPress Role', $this->ldap_auth_domain); ?></th>
+                <th scope="col"></th>
+            </tr>
+        </thead>
+        <tbody>
+            <tr valign="top" style="display: none">
+                <td>
+                    <input type="text" />
+                </td>
+                <td>
+                    <select><?php wp_dropdown_roles(); ?></select>
+                </td>
+                <td>
+                    <div class="submit">
+                        <input type="button" value="+" />
+                        <input type="button" value="-" />
+                        <input type="button" value="&uarr;" />
+                        <input type="button" value="&darr;" />
+                    </div>
+                </td>
+            </tr>
+        </tbody>
+    </table>
+</div>
 <?php
+        }

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Download in other formats: