| 72 | | ldap_lib.pm |
| 73 | | |
| 74 | | sub Authenticate accepts credentials (UID or mailAlternateAddress and password) |
| 75 | | returns whether authenticated [Y|N] and |
| 76 | | if successful: null msg, UID, displayName and list of user's roles |
| 77 | | if unsuccessful: error msg, UID, null, null |
| 78 | | |
| 79 | | sub CampusPickList generates generic HTML form element for campus picklist using |
| 80 | | ldap_uakEmployeeCampus.txt as input |
| 81 | | |
| 82 | | sub Credentials generates HTML form elements for LDAP credentials (id and password) |
| 83 | | |
| 84 | | sub UAclose generates closing HTML elements for standard window look and feel |
| 85 | | |
| 86 | | sub UAopen generates opening HTML elements for standard window look and feel |
| 87 | | |
| 88 | | sub abort uses mailx to send $body with $subject to $MAILTO |
| 89 | | |
| 90 | | sub appendMsg formats $msg_in according to $msg_type and appends to $MSG |
| 91 | | |
| 92 | | sub bldgCampusPickList generates HTML form element for building pick list for MAU |
| 93 | | |
| 94 | | sub bldgExists checks static file to determine if building code exists (issue: building |
| 95 | | codes are stored in registry and in static file but not in directory) |
| 96 | | |
| 97 | | sub bldgPicklist generates HTML form element for building pick list |
| 98 | | |
| 99 | | sub crypt simple encryption of strings; used to encrypt password before storing |
| 100 | | in LDAP cookie |
| 101 | | |
| 102 | | sub debug utility used to record debugging information (utilizes debug runtime config parm) |
| 103 | | |
| 104 | | sub deptUnitPickList generates HTML form element for department picklist; elements of list |
| 105 | | taken from external file ldap_deptUnits.txt |
| 106 | | |
| 107 | | sub embeddedAttributes (may be obsolete; was formatting solution for uakPhonebookFlag attribute, |
| 108 | | the values of which could represent an unlimited number of MAU specific |
| 109 | | phonebook "attributes") |
| 110 | | |
| 111 | | sub employeeCampusPickList generates HTML form element for an employee's campus picklist using |
| 112 | | ldapsearch to locate that employee's uakEmployeeCampus attribute values |
| 113 | | |
| 114 | | sub employeeDeptPickList generates generic HTML form element for campus picklist using |
| 115 | | ldap_uakEmployeeAffiliation.txt |
| 116 | | |
| 117 | | sub formatAttributes function returning hash of attribute characteristics used to control |
| 118 | | formatting of HTML form elements; elements with exceptional (non-standard) |
| 119 | | formatting requirements are recorded here |
| 120 | | |
| 121 | | sub formatLabel formats field descriptions with or without accompanying comments |
| 122 | | |
| 123 | | sub formatValue formats attribute values, generating href tags for specific attribute types |
| 124 | | |
| 125 | | sub genClearCookie Generates Set-Cookie metadata that clears old cookie (where ldapstring |
| 126 | | is assumed to be the cookie being cleared) |
| 127 | | |
| 128 | | sub genClearSimpleCookie Generates Set-Cookie metadata that clears new simple cookie (where |
| 129 | | name/value are passed to funtion). |
| 130 | | |
| 131 | | sub genSetCookie Generates Set-Cookie metadata that establishes a specific cookie (new or old) |
| 132 | | |
| 133 | | sub getACL Returns hash of permissions for requested list of ACL names. |
| 134 | | |
| 135 | | sub getAttributes returns a hash of arrays for attributes meeting specified criteria |
| 136 | | the hash keys are LDAP attribute names |
| 137 | | each hash value is an array of attribute characteristics |
| 138 | | |
| 139 | | sub getEntityDisplayLabel function returning one of DISPLAY_NAME, TITLE_<something>, UNITDISPLAYNAME, |
| 140 | | UNITNAME or UID from an array of attributes passed to the function |
| 141 | | |
| 142 | | sub getUserAttributes returns array of attribute=value pairs for $filter |
| 143 | | |
| 144 | | sub getSecureAttributes returns array of attribute=value pairs for $filter (utilizes privileged |
| 145 | | credentials) |
| 146 | | |
| 147 | | sub is_deptAdmin function that determines if credentialed user is admin for department record |
| 148 | | |
| 149 | | sub is_emplAdmin function that determines if credentialed user is admin for people record |
| 150 | | |
| 151 | | sub lookUpParentUnit function that returns parent unit for department record |
| 152 | | |
| 153 | | sub pad returns string padded with character to specified length |
| 154 | | |
| 155 | | sub parseCookie parses old, complex cookie; returning the UID, password, name and role elements |
| 156 | | |
| 157 | | sub parseDN parses $dn and returns UID and OU elements |
| 158 | | |
| 159 | | sub parseSimpleCookie parses new simple cookie; returning a single string value |
| 160 | | |
| 161 | | sub post_admin executes HTTPS request to call ldap_bulk_admin CGI script as though |
| 162 | | from the web (utilizes directory_server_link runtime config parm) |
| 163 | | |
| 164 | | sub post_updates executes HTTPS request to call ldap_bulk_update CGI script as though |
| 165 | | from the web (utilizes directory_server_link runtime config parm) |
| 166 | | |
| 167 | | sub returnIdentifierFilter used to return a generic filter that can be used to search for |
| 168 | | a people record by name or any identifier accepted during AUTHSERV |
| 169 | | authentication (see ldap_dlevelx CGI script) |
| 170 | | |
| 171 | | sub studentDeptPickList generates generic HTML form element for student department picklist using |
| 172 | | ldap_uakStudentAffiliation.txt |
| 173 | | |
| 174 | | sub uidLDAPlookup returns (last) $attribute value for matching $filter where query |
| 175 | | executed by credentialed user or default gateway user |
| 176 | | (weak - utilized currently only by ldap_lib.pm) |
| 177 | | |
| 178 | | |
| 179 | | sub connect establishes ORACLE_HOME and executes DBI->connect utilizing $eff_login |
| 180 | | to establish $dbh |
| 181 | | |
| 182 | | sub evaluate executes $dbh->prepare on $sql to establishes $sth |
| 183 | | |
| 184 | | sub execute performs $sth->execute which executes sql statement in Oracle database |
| 185 | | |
| 186 | | sub getSecureAttributes returns array of attribute=value pairs for $filter (utilizes privileged |
| 187 | | credentials) |
| 188 | | |
| 189 | | sub log_error writes $msg to $ERRORLOG |
| | 74 | ||= Library Sub Procedure =||= Description =|| |
| | 75 | ||sub Authenticate ||accepts credentials (UID or mailAlternateAddress and password) returns whether authenticated [Y|N] and if successful: null msg, UID, displayName and list of user's roles if unsuccessful: error msg, UID, null, null || |
| | 76 | ||sub !CampusPickList ||generates generic HTML form element for campus picklist using ldap_uakEmployeeCampus.txt as input|| |
| | 77 | ||sub Credentials ||generates HTML form elements for LDAP credentials (id and password) |
| | 78 | ||sub UAclose ||generates closing HTML elements for standard window look and feel|| |
| | 79 | ||sub UAopen ||generates opening HTML elements for standard window look and feel |
| | 80 | ||sub abort ||uses mailx to send $body with $subject to $MAILTO |
| | 81 | ||sub appendMsg ||formats $msg_in according to $msg_type and appends to $MSG|| |
| | 82 | ||sub bldgCampusPickList ||generates HTML form element for building pick list for MAU|| |
| | 83 | ||sub bldgExists ||checks static file to determine if building code exists (issue: building |
| | 84 | codes are stored in registry and in static file but not in directory)|| |
| | 85 | ||sub bldgPicklist ||generates HTML form element for building pick list|| |
| | 86 | ||sub crypt ||simple encryption of strings; used to encrypt password before storing in LDAP cookie|| |
| | 87 | ||sub debug ||utility used to record debugging information (utilizes debug runtime config parm)|| |
| | 88 | ||sub deptUnitPickList ||generates HTML form element for department picklist; elements of list taken from external file ldap_deptUnits.txt|| |
| | 89 | ||sub embeddedAttributes ||(may be obsolete; was formatting solution for the values of which could represent an unlimited number of MAU specific phonebook "attributes")|| |
| | 90 | ||sub employeeCampusPickList ||generates HTML form element for an employee's ldapsearch to locate that employee's uakEmployeeCampus attribute values || |
| | 91 | ||sub employeeDeptPickList ||generates generic HTML form element for campus picklist using ldap_uakEmployeeAffiliation.txt|| |
| | 92 | ||sub formatAttributes ||function returning hash of attribute characteristics used to control formatting of HTML form elements; elements with exceptional (non-standard) formatting requirements are recorded here|| |
| | 93 | ||sub formatLabel ||formats field descriptions with or without accompanying comments|| |
| | 94 | ||sub formatValue ||formats attribute values, generating href tags for specific attribute types|| |
| | 95 | ||sub genClearCookie ||Generates Set-Cookie metadata that clears old cookie (where ldapstring is assumed to be the cookie being cleared)|| |
| | 96 | ||sub genClearSimpleCookie ||Generates Set-Cookie metadata that clears new simple cookie (where name/value are passed to funtion).|| |
| | 97 | ||sub genSetCookie ||Generates Set-Cookie metadata that establishes a specific cookie (new or old)|| |
| | 98 | ||sub getACL ||Returns hash of permissions for requested list of ACL names.|| |
| | 99 | ||sub getAttributes ||returns a hash of arrays for attributes meeting specified criteria the hash keys are LDAP attribute names each hash value is an array of attribute characteristics|| |
| | 100 | ||sub getEntityDisplayLabel ||function returning one of DISPLAY_NAME, TITLE_<something>, UNITDISPLAYNAME, UNITNAME or UID from an array of attributes passed to the function|| |
| | 101 | ||sub getUserAttributes ||returns array of attribute=value pairs for $filter || |
| | 102 | ||sub getSecureAttributes ||returns array of attribute=value pairs for $filter (utilizes privileged credentials)|| |
| | 103 | ||sub is_deptAdmin ||function that determines if credentialed user is admin for department record|| |
| | 104 | ||sub is_emplAdmin ||function that determines if credentialed user is admin for people record|| |
| | 105 | ||sub lookUpParentUnit ||function that returns parent unit for department record |
| | 106 | ||sub pad ||returns string padded with character to specified length|| |
| | 107 | ||sub parseCookie ||parses old, complex cookie; returning the UID, password, name and role elements || |
| | 108 | ||sub parseDN ||parses $dn and returns UID and OU elements|| |
| | 109 | ||sub parseSimpleCookie ||parses new simple cookie; returning a single string value || |
| | 110 | ||sub post_admin ||executes HTTPS request to call ldap_bulk_admin CGI script as though from the web (utilizes directory_server_link runtime config parm)|| |
| | 111 | ||sub post_updates ||executes HTTPS request to call ldap_bulk_update CGI script as though from the web (utilizes directory_server_link runtime config parm)|| |
| | 112 | ||sub returnIdentifierFilter ||used to return a generic filter that can be used to search for a people record by name or any identifier accepted during AUTHSERV authentication (see ldap_dlevelx CGI script)|| |
| | 113 | ||sub studentDeptPickList ||generates generic HTML form element for student department picklist using ldap_uakStudentAffiliation.txt|| |
| | 114 | ||sub uidLDAPlookup ||returns (last) $attribute value for matching $filter where query executed by credentialed user or default gateway user (weak - utilized currently only by ldap_lib.pm)|| |
| | 115 | ||sub connect ||establishes ORACLE_HOME and executes DBI->connect utilizing $eff_login to establish $dbh|| |
| | 116 | ||sub evaluate ||executes $dbh->prepare on $sql to establishes $sth|| |
| | 117 | ||sub execute ||performs $sth->execute which executes sql statement in Oracle database|| |
| | 118 | ||sub getSecureAttributes ||returns array of attribute=value pairs for $filter (utilizes privileged credentials)|| |
| | 119 | ||sub log_error ||writes $msg to $ERRORLOG|| |