mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-29 23:08:06 +02:00
69 lines
2.5 KiB
Django/Jinja
69 lines
2.5 KiB
Django/Jinja
<?php
|
|
// Joomla CLI script to enable and configure the Authentication - LDAP plugin.
|
|
// Safe to run multiple times. Uses only Factory::getDbo() (no web/administrator app context required).
|
|
|
|
define('_JEXEC', 1);
|
|
define('JPATH_BASE', __DIR__ . '/..');
|
|
|
|
// Load Joomla framework
|
|
require JPATH_BASE . '/includes/defines.php';
|
|
require JPATH_BASE . '/includes/framework.php';
|
|
|
|
use Joomla\CMS\Factory;
|
|
|
|
// Database driver from Factory
|
|
$dbo = Factory::getDbo();
|
|
|
|
// Locate the LDAP plugin row in #__extensions
|
|
$query = $dbo->getQuery(true)
|
|
->select('*')
|
|
->from($dbo->quoteName('#__extensions'))
|
|
->where($dbo->quoteName('type') . ' = ' . $dbo->quote('plugin'))
|
|
->where($dbo->quoteName('folder') . ' = ' . $dbo->quote('authentication'))
|
|
->where($dbo->quoteName('element') . ' = ' . $dbo->quote('ldap'));
|
|
$dbo->setQuery($query);
|
|
$ext = $dbo->loadObject();
|
|
|
|
if (!$ext) {
|
|
fwrite(STDERR, "LDAP plugin not found.\n");
|
|
exit(2);
|
|
}
|
|
|
|
// Helper to strip quotes if present in env-file values
|
|
$get = static fn($k) => preg_replace('/^(["\'])(.*)\1$/', '$2', getenv($k) ?: '');
|
|
|
|
// Desired plugin parameters (must match Joomla LDAP plugin schema)
|
|
$desired = [
|
|
// Connection settings
|
|
"host" => $get('JOOMLA_LDAP_HOST'),
|
|
"port" => (int) $get('JOOMLA_LDAP_PORT'),
|
|
"use_ldapV3" => true,
|
|
"negotiate_tls" => (bool) $get('JOOMLA_LDAP_USE_STARTTLS'),
|
|
"no_referrals" => false,
|
|
|
|
// Authentication settings
|
|
"auth_method" => $get('JOOMLA_LDAP_AUTH_METHOD') ?: "search", // "search" or "bind"
|
|
"base_dn" => $get('JOOMLA_LDAP_BASE_DN'),
|
|
"search_string" => $get('JOOMLA_LDAP_USER_SEARCH_STRING'), // e.g. uid=[username]
|
|
"users_dn" => $get('JOOMLA_LDAP_USER_TREE_DN'), // required for "bind" mode
|
|
"username" => $get('JOOMLA_LDAP_BIND_DN'),
|
|
"password" => $get('JOOMLA_LDAP_BIND_PASSWORD'),
|
|
|
|
// Attribute mapping
|
|
"ldap_uid" => $get('JOOMLA_LDAP_UID_ATTR') ?: "uid",
|
|
"ldap_email" => $get('JOOMLA_LDAP_EMAIL_ATTR') ?: "mail",
|
|
"ldap_fullname" => $get('JOOMLA_LDAP_NAME_ATTR') ?: "cn",
|
|
];
|
|
|
|
// Merge current parameters with desired values
|
|
$current = json_decode($ext->params ?: "{}", true) ?: [];
|
|
$clean = array_filter($desired, static fn($v) => $v !== null && $v !== '');
|
|
$merged = array_replace($current, $clean);
|
|
|
|
// Save back to database and enable the plugin
|
|
$ext->params = json_encode($merged, JSON_UNESCAPED_SLASHES);
|
|
$ext->enabled = 1;
|
|
$dbo->updateObject('#__extensions', $ext, 'extension_id');
|
|
|
|
echo "LDAP plugin enabled={$ext->enabled} and configured.\n";
|