From: Mikal Kolbein Gule <m.k.gule@usit.uio.no>
Date: Wed, 24 Apr 2013 14:13:37 +0000 (+0200)
Subject: Added LDAP-lookup for the forgotten password field.
X-Git-Url: http://git.uio.no/git/?p=usit-rt.git;a=commitdiff_plain;h=60d25619683a997bf61321ed745c964a5c717c5e

Added LDAP-lookup for the forgotten password field.
---

diff --git a/local/html/Callbacks/UiOCallbacks/Elements/Login/AfterForm b/local/html/Callbacks/UiOCallbacks/Elements/Login/AfterForm
index 4207f67..031ba38 100644
--- a/local/html/Callbacks/UiOCallbacks/Elements/Login/AfterForm
+++ b/local/html/Callbacks/UiOCallbacks/Elements/Login/AfterForm
@@ -40,13 +40,20 @@
 </DIV>
 
 <%INIT>
+use Net::LDAP qw(LDAP_SUCCESS LDAP_PARTIAL_RESULTS);
+use Net::LDAP::Util qw(ldap_error_name);
+
 my $customMessage;
 my $customMessage2;
 
-my $mailfrom = 'RT reminder <general@hjelp.uio.no>';
+#my $mailfrom = 'RT reminder <general@hjelp.uio.no>';
 
 if ($email) {
-  if ($email =~ m/((abelprisen|abelprize|atferdssenteret|blindern-studenterhjem|cubestar|dnva|fsweb|funmat|fysikkforeningen|grunderskolen|hlsenteret|holocaust|kavliprisen|kavliprize|naturfagsenteret|nik|nix|noffo|samordnaopptak|shs|simula|stami|studweb|uio|unimus|unirand|unirand|universityofoslo|usit)\.no|(matematikk|gutta)\.org|hisp.info|fronter.com)/) {
+my $targetType = (GetEmailTypeFromLdap($email) || "none" );
+
+
+
+if ($targetType !~ /(Sympa|none)/)	{
     $customMessage = "[ You can not change or request a password for an UiO account here. See: <a href=https://brukerinfo.uio.no/>UiO user administration services</a>. ]";
     $customMessage2  = "[ ERROR: Use your UiO username and password to log in above. ]";
   }
@@ -95,66 +102,65 @@ sub ResetPassword {
     else {
         return ( 0, $self->loc('[ ERROR: Notification could not be sent ]') );
     }
+}
+
+sub GetEmailTypeFromLdap {
+    my $email = shift;
+    my $ldap = LdapConnect($RT::LdapServer);
+    my $targetType;
+    my $mesg = $ldap->search (
+            base    => $RT::LdapMailBase,
+            scope   => "one",
+            filter  => "(&(&(objectClass=mailAddr))(mail=$email))",
+            attributes => ["targetType"],
+            );
+    
+    if ( ($mesg->code != LDAP_SUCCESS) and
+         ($mesg->code != LDAP_PARTIAL_RESULTS) ) {
+        $RT::Logger->critical("Login-After-Form: Search failed: ",
+                              "retval=", $mesg->code, " ",
+                              ldap_error_name($mesg->code));
+        LdapDisconnect($ldap);
+        return undef;
+    }
 
+    while (my $entry = $mesg->shift_entry) {
+        $targetType = $entry->get_value("targetType");
+    }
+    LdapDisconnect($ldap);
+    return $targetType;
+}
+
+sub LdapConnect {
+    my $LdapServer = shift;
+    my $mesg;
+    my $ldap = Net::LDAP->new($LdapServer,
+                              version => 3);
+    unless ($ldap) {
+        $RT::Logger->critical("Login-After-Form: Cannot connect to",
+                              "LDAP server ", $LdapServer);
+        return undef;
+    }
+    $mesg = $ldap->bind;
+    if ($mesg->code != LDAP_SUCCESS) {
+        $RT::Logger->critical("Login-After-Form: Cannot bind to LDAP: ",
+                              "retval=", $mesg->code, " ",
+                              ldap_error_name($mesg->code));
+        return undef;
+    }
+    return $ldap;
+}
+
+sub LdapDisconnect {
+    my $ldap = shift;
+    my $mesg = $ldap->unbind();
+    if ($mesg->code != LDAP_SUCCESS) {
+        $RT::Logger->critical("Login-After-Form: unbind failed: ",
+                              "retval=", $mesg->code, " ",
+                              ldap_error_name($mesg->code));
+    }
 }
 
-# Pre 3.8.2.
-#
-#sub ResetPassword {
-#    my $self = shift;
-#    my $mailfrom = shift;
-#
-#    my $email = $self->EmailAddress;
-#
-#    unless ( $self->CurrentUserCanModify('Password') ) {
-#        return ( 0, $self->loc("[ ERROR: Permission Denied ]") );
-#    }
-#
-#    unless ( ($self->Name =~ m/\@/) ) {
-#        return ( 0, $self->loc("[ ERROR: Not an external user ]") );
-#    }
-#
-#    my ( $status, $pass ) = $self->SetRandomPassword();
-#
-#    unless ($status) {
-#        return ( 0, "$pass" );
-#    }
-#
-#    my $template = RT::Template->new( $self->CurrentUser );
-#
-#    my $parsed;
-#    # This test do not work.  I'm not sure how to detect if the template
-#    # loading failed [pere 2006-08-16]
-#    if ($template->LoadGlobalTemplate('Password Change')) {
-#        $T::RealName = $self->RealName;
-#        $T::Username = $self->Name;
-#        $T::Password = $pass;
-#        $parsed = $template->_ParseContent();
-#    } else {
-#        $parsed = <<EOF;
-#
-#Using hardcoded default text body because 'Password Change' template is missing.
-#
-#        RealName = '$self->RealName'
-#        Username = '$self->Name'
-#        Password = '$pass'
-#EOF
-#    }
-#    my $entity = MIME::Entity->build(
-#                                      From    => $mailfrom,
-#                                      To      => $email,
-#                                      Subject => loc("Bytte av passord (Password change)"),
-#                                      'X-RT-Loop-Prevention' => $RT::rtname,
-#                                      Type    => "text/plain",
-#                                      Charset => "UTF-8",
-#                                      Data    => [$parsed]
-#                                    );
-#    open (MAIL, "|$RT::SendmailPath $RT::SendmailArguments -t") || return(0);
-#    print MAIL $entity->as_string;
-#    close(MAIL);
-#
-#    return ( 1, '[ SUCCESS: New password notification sent to Your email address ]');
-#}
 </%INIT>
 
 <%ARGS>