From 322053c827418130f3e7201f246ab7e188542a00 Mon Sep 17 00:00:00 2001 From: Ultra2D Date: Mon, 7 Mar 2016 14:07:51 +0100 Subject: [PATCH 1/3] API access when using LDAP authentication --- html/includes/api_functions.inc.php | 5 ++++- html/includes/authentication/ldap.inc.php | 4 +++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index 8db6f28a4e..5bc471304e 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -15,12 +15,15 @@ require_once '../includes/functions.php'; require_once '../includes/component.php'; require_once '../includes/device-groups.inc.php'; +if (file_exists('../html/includes/authentication/'.$config['auth_mechanism'].'.inc.php')) { + include '../html/includes/authentication/'.$config['auth_mechanism'].'.inc.php'; +} function authToken(\Slim\Route $route) { $app = \Slim\Slim::getInstance(); $token = $app->request->headers->get('X-Auth-Token'); if (isset($token) && !empty($token)) { - $username = dbFetchCell('SELECT `U`.`username` FROM `api_tokens` AS AT JOIN `users` AS U ON `AT`.`user_id`=`U`.`user_id` WHERE `AT`.`token_hash`=?', array($token)); + $username = get_user(dbFetchCell('SELECT `AT`.`user_id` FROM `api_tokens` AS AT WHERE `AT`.`token_hash`=?', array($token))); if (!empty($username)) { $authenticated = true; } diff --git a/html/includes/authentication/ldap.inc.php b/html/includes/authentication/ldap.inc.php index f9cc37b211..a9679072fd 100644 --- a/html/includes/authentication/ldap.inc.php +++ b/html/includes/authentication/ldap.inc.php @@ -189,7 +189,9 @@ function can_update_users() { function get_user($user_id) { - // not supported + foreach (get_userlist() as $users) { + if ($users['user_id'] === $user_id) return $users['username']; + } return 0; } From d63744c32c09190ff0c27169dda97bb1356b2dff Mon Sep 17 00:00:00 2001 From: Ultra2D Date: Thu, 10 Mar 2016 08:17:09 +0100 Subject: [PATCH 2/3] Only use get_user if it exists --- html/includes/api_functions.inc.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/html/includes/api_functions.inc.php b/html/includes/api_functions.inc.php index 5bc471304e..d15ccb1779 100644 --- a/html/includes/api_functions.inc.php +++ b/html/includes/api_functions.inc.php @@ -23,7 +23,12 @@ function authToken(\Slim\Route $route) { $app = \Slim\Slim::getInstance(); $token = $app->request->headers->get('X-Auth-Token'); if (isset($token) && !empty($token)) { - $username = get_user(dbFetchCell('SELECT `AT`.`user_id` FROM `api_tokens` AS AT WHERE `AT`.`token_hash`=?', array($token))); + if (!function_exists('get_user')) { + $username = dbFetchCell('SELECT `U`.`username` FROM `api_tokens` AS AT JOIN `users` AS U ON `AT`.`user_id`=`U`.`user_id` WHERE `AT`.`token_hash`=?', array($token)); + } + else { + $username = get_user(dbFetchCell('SELECT `AT`.`user_id` FROM `api_tokens` AS AT WHERE `AT`.`token_hash`=?', array($token))); + } if (!empty($username)) { $authenticated = true; } From 12a3b305ed92bc4715108ae33ff74d5e0b3111f2 Mon Sep 17 00:00:00 2001 From: Ultra2D Date: Thu, 10 Mar 2016 14:48:01 +0100 Subject: [PATCH 3/3] API access when using LDAP authorization --- html/includes/authentication/ldap-authorization.inc.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/html/includes/authentication/ldap-authorization.inc.php b/html/includes/authentication/ldap-authorization.inc.php index 89717557a9..5b68fdf82f 100644 --- a/html/includes/authentication/ldap-authorization.inc.php +++ b/html/includes/authentication/ldap-authorization.inc.php @@ -242,7 +242,9 @@ function can_update_users () { function get_user ($user_id) { - // Not supported + foreach (get_userlist() as $users) { + if ($users['user_id'] === $user_id) return $users['username']; + } return 0; }