Chip 2000 May

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2000 May / Chip_2000-05_cd1.bin / zkuste / Perl / ActivePerl-5.6.0.613.msi / 䆊䌷䈹䈙䏵-䞅䞆䞀㡆䞃䄦䠥 / _999e60b9440c4a4e88f6c56dfd518ab5 < prev next >

Wrap

Text File | 2000-03-23 | 18.6 KB | 407 lines

<HTML> <HEAD> <TITLE>Mozilla::LDAP::Entry.pm - Object class to hold one LDAP entry.</TITLE> <LINK REL="stylesheet" HREF="../../../../Active.css" TYPE="text/css"> <LINK REV="made" HREF="mailto:"> </HEAD> <BODY> <TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%> <TR><TD CLASS=block VALIGN=MIDDLE WIDTH=100% BGCOLOR="#cccccc"> Mozilla::LDAP::Entry.pm - Object class to hold one LDAP entry. </TD></TR> </TABLE> <A NAME="__index__"></A>  <UL> <LI><A HREF="#name">NAME</A></LI><LI><A HREF="#supportedplatforms">SUPPORTED PLATFORMS</A></LI> <LI><A HREF="#synopsis">SYNOPSIS</A></LI> <LI><A HREF="#abstract">ABSTRACT</A></LI> <LI><A HREF="#description">DESCRIPTION</A></LI> <LI><A HREF="#object class methods">OBJECT CLASS METHODS</A></LI> <UL> <LI><A HREF="#creating a new entry">Creating a new entry</A></LI> <LI><A HREF="#adding and removing attributes and values">Adding and removing attributes and values</A></LI> <LI><A HREF="#deleting entries">Deleting entries</A></LI> <LI><A HREF="#renaming entries">Renaming entries</A></LI> </UL> <LI><A HREF="#examples">EXAMPLES</A></LI> <LI><A HREF="#installation">INSTALLATION</A></LI> <LI><A HREF="#availability">AVAILABILITY</A></LI> <LI><A HREF="#credits">CREDITS</A></LI> <LI><A HREF="#bugs">BUGS</A></LI> <LI><A HREF="#see also">SEE ALSO</A></LI> </UL>  <HR> <H1><A NAME="name">NAME</A></H1> <PRE> Mozilla::LDAP::Entry.pm - Object class to hold one LDAP entry.</PRE> <HR> <H1><A NAME="supportedplatforms">SUPPORTED PLATFORMS</A></H1> <UL> <LI>Windows</LI> </UL> <HR> <H1><A NAME="synopsis">SYNOPSIS</A></H1> <PRE> use Mozilla::LDAP::Conn; use Mozilla::LDAP::Entry;</PRE> <HR> <H1><A NAME="abstract">ABSTRACT</A></H1> The LDAP::Conn object is used to perform LDAP searches, updates, adds and deletes. All such functions works on LDAP::Entry objects only. All modifications and additions you'll do to an LDAP entry, will be done through this object class. <HR> <H1><A NAME="description">DESCRIPTION</A></H1> The LDAP::Entry object class is built on top of the Tie::Hash standard object class. This gives us several powerful features, the main one being to keep track of what is changing in the LDAP entry. This makes it very easy to write LDAP clients that needs to update/modify entries, since you'll just do the changes, and this object class will take care of the rest. We define local functions for STORE, FETCH, DELETE, EXISTS, FIRSTKEY and NEXTKEY in this object class, and inherit the rest from the super class. Overloading these specific functions is how we can keep track of what is changing in the entry, which turns out to be very convenient. We can also easily ``loop'' over the attribute types, ignoring internal data, or deleted attributes. Most of the methods here either return the requested LDAP value, or a status code. The status code (either 0 or 1) indicates the failure or success of a certain operation. 0 (False) meaning the operation failed, and a return code of 1 (True) means complete success. One thing to remember is that in LDAP, attribute names are case insensitive. All methods in this class are aware of this, and will convert all attribute name arguments to lower case before performing any operations. This does not mean that the values are case insensitive. On the contrary, all values are considered case sensitive by this module, even if the LDAP server itself treats it as a CIS attribute. <HR> <H1><A NAME="object class methods">OBJECT CLASS METHODS</A></H1> The LDAP::Entry class implements many methods you can use to access and modify LDAP entries. It is strongly recommended that you use this API as much as possible, and avoid using the internals of the class directly. Failing to do so may actually break the functionality. <H2><A NAME="creating a new entry">Creating a new entry</A></H2> To create a completely new entry, use the new method, for instance <PRE> $entry = new Mozilla::LDAP::Entry() $entry->setDN("uid=leif,ou=people,dc=netscape,dc=com"); $entry->{objectclass} = [ "top", "person", "inetOrgPerson" ]; $entry->addValue("cn", "Leif Hedstrom"); $entry->addValue("sn", "Hedstrom"); $entry->addValue("givenName", "Leif"); $entry->addValue("mail", "leif@netscape.com);</PRE> <PRE> $conn->add($entry);</PRE> This is the minimum requirements for an LDAP entry. It must have a DN, and it must have at least one objectclass. As it turns out, by adding the person and inetOrgPerson classes, we also must provide some more attributes, like CN and SN. This is because the object classes have these attributes marked as ``required'', and we'd get a schema violation without those values. In the example above we use both native API methods to add values, and setting an attribute entire value set directly. Note that the value set is a pointer to an array, and not the array itself. In the example above, the object classes are set using an anonymous array, which the API handles properly. It's important to be aware that the attribute value list is indeed a pointer. Finally, as you can see there's only only one way to add new LDAP entries, and it's called add(). It normally takes an LDAP::Entry object instance as argument, but it can also be called with a regular hash array if so desired. <H2><A NAME="adding and removing attributes and values">Adding and removing attributes and values</A></H2> This is the main functionality of this module. Use these methods to do any modifications and updates to your LDAP entries. <DL> <DT><A NAME="item_addDNValue">addDNValue</A> <DD> Just like addValue, except this method assume the value is a DN attribute. For instance <PRE> $dn = "uid=Leif, dc=Netscape, dc=COM"; $entry->addDNValue("uniqueMember", $dn);</PRE> will only add the DN for ``uid=leif'' if it does not exist as a DN in the uniqueMember attribute. <DT><A NAME="item_addValue">addValue</A> <DD> Add a value to an attribute. If the attribute value already exists, or we couldn't add the value for any other reason, we'll return FALSE (0), otherwise we return TRUE (1). The first two arguments are the attribute name, and the value to add. The optional third argument is a flag, indicating that we want to add the attribute without checking for duplicates. This is useful if you know the values are unique already, or if you perhaps want to allow duplicates for a particular attribute. To add a CN to an existing entry/attribute, do: <PRE> $entry->addValue("cn", "Leif Hedstrom");</PRE> <DT><A NAME="item_attrModified">attrModified</A> <DD> This is an internal function, that can be used to force the API to consider an attribute (value) to have been modified. The only argument is the name of the attribute. In almost all situation, you never, ever, should call this. If you do, please contact the developers, and as us to fix the API. Example <PRE> $entry->attrModified("cn");</PRE> <DT><A NAME="item_copy">copy</A> <DD> Copy the value of one attribute to another. Requires at least two arguments. The first argument is the name of the attribute to copy, and the second argument is the name of the new attribute to copy to. The new attribute can not currently exist in the entry, else the copy will fail. There is an optional third argument (a boolean flag), which, when set to 1, will force an override and copy to the new attribute even if it already exists. Returns TRUE if the copy was successful. <PRE> $entry->copy("cn", "description");</PRE> <DT><A NAME="item_exists">exists</A> <DD> Return TRUE if the specified attribute is defined in the LDAP entry. This is useful to know if an entry has a particular attribute, regardless of the value. For instance: <PRE> if ($entry->exists("jpegphoto")) { # do something special }</PRE> <DT><A NAME="item_getDN">getDN</A> <DD> Return the DN for the entry. For instance <PRE> print "The DN is: ", $entry->getDN(), "\n";</PRE> Just like setDN, this method also has an optional argument, which indicates we should normalize the DN before returning it to the caller. <DT><A NAME="item_getValues">getValues</A> <DD> Returns an entire array of values for the attribute specified. Note that this returns an array, and not a pointer to an array. <PRE> @someArray = $entry->getValues("description");</PRE> <DT><A NAME="item_hasValue">hasValue</A> <DD> Return TRUE or FALSE if the attribute has the specified value. A typical usage is to see if an entry is of a certain object class, e.g. <PRE> if ($entry->hasValue("objectclass", "person", 1)) { # do something }</PRE> The (optional) third argument indicates if the string comparison should be case insensitive or not, and the (optional) fourth argument indicats wheter we should normalize the string as if it was a DN. The first two arguments are the name and value of the attribute, respectively. <DT><A NAME="item_hasDNValue">hasDNValue</A> <DD> Exactly like hasValue, except we assume the attribute values are DN attributes. <DT><A NAME="item_isAttr">isAttr</A> <DD> This method can be used to decide if an attribute name really is a valid LDAP attribute in the current entry. Use of this method is fairly limited, but could potentially be useful. Usage is like previous examples, like <PRE> if ($entry->isAttr("cn")) { # do something }</PRE> The code section will only be executed if these criterias are true: <PRE> 1. The name of the attribute is a non-empty string. 2. The name of the attribute does not begin, and end, with an underscore character (_). 2. The attribute has one or more values in the entry.</PRE> <DT><A NAME="item_isDeleted">isDeleted</A> <DD> This is almost identical to isModified, except it tests if an attribute has been deleted. You use it the same way as above, like <PRE> if (! $entry->isDeleted("cn")) { # do something }</PRE> <DT><A NAME="item_isModified">isModified</A> <DD> This is a somewhat more useful method, which will return the internal modification status of a particular attribute. The argument is the name of the attribute, and the return value is True or False. If the attribute has been modified, in any way, we return True (1), otherwise we return False (0). For example: <PRE> if ($entry->isModified("cn")) { # do something }</PRE> <DT><A NAME="item_matchValue">matchValue</A> <DD> This is very similar to hasValue, except it does a regular expression match instead of a full string match. It takes the same arguments, including the optional third argument to specify case insensitive matching. The usage is identical to the example for hasValue, e.g. <PRE> if ($entry->matchValue("objectclass", "pers", 1)) { # do something }</PRE> <DT><A NAME="item_matchDNValue">matchDNValue</A> <DD> Like matchValue, except the attribute values are considered being DNs. <DT><A NAME="item_move">move</A> <DD> Identical to the copy method, except the original attribute is deleted once the move to the new attribute is complete. <PRE> $entry->move("cn", "sn");</PRE> <DT><A NAME="item_printLDIF">printLDIF</A> <DD> Print the entry in a format called LDIF (LDAP Data Interchange Format, RFC xxxx). An example of an LDIF entry is: <PRE> dn: uid=leif,ou=people,dc=netscape,dc=com objectclass: top objectclass: person objectclass: inetOrgPerson uid: leif cn: Leif Hedstrom mail: leif@netscape.com</PRE> The above would be the result of <PRE> $entry->printLDIF();</PRE> If you need to write to a file, open and then <A HREF="../../../../lib/Pod/perlfunc.html#item_select"><CODE>select()</CODE></A> it. For more useful LDIF functionality, check out the Mozilla::LDAP::LDIF.pm module. <DT><A NAME="item_remove">remove</A> <DD> This will remove the entire attribute, including all it's values, from the entry. The only argument is the name of the attribute to remove. Let's say you want to nuke all mailAlternateAddress values (i.e. the entire attribute should be removed from the entry): <PRE> $entry->remove("mailAlternateAddress");</PRE> <DT><A NAME="item_removeValue">removeValue</A> <DD> Remove a value from an attribute, if it exists. Of course, if the attribute has no such value, we won't try to remove it, and instead return a False (0) status code. The arguments are the name of the attribute, and the particular value to remove. Note that values are considered case sensitive, so make sure you preserve case properly. An example is: <PRE> $entry->removeValue("objectclass", "nscpPerson");</PRE> <DT><A NAME="item_removeDNValue">removeDNValue</A> <DD> This is almost identical to removeValue, except it will normalize the attribute values before trying to remove them. This is useful if you know that the attribute is a DN value, but perhaps the values are not cosistent in all LDAP entries. For example <PRE> $dn = "uid=Leif, dc=Netscape, dc=COM"; $entry->removeDNValue("owner", $dn);</PRE> will remove the owner ``uid=leif,dc=netscape,dc=com'', no matter how it's capitalized and formatted in the entry. <DT><A NAME="item_setDN">setDN</A> <DD> Set the DN to the specified value. Only do this on new entries, it will not work well if you try to do this on an existing entry. If you wish to rename an entry, use the Mozilla::Conn::modifyRDN method instead. Eventually we'll provide a complete ``rename'' method. To set the DN for a newly created entry, we can do <PRE> $entry->setDN("uid=leif,ou=people,dc=netscape,dc=com");</PRE> There is an optional third argument, a boolean flag, indicating that we should normalize the DN before setting it. This will assure a consistent format of your DNs. <DT><A NAME="item_setValues">setValues</A> <DD> Set the specified attribute to the new value (or values), overwriting whatever old values it had before. This is a little dangerous, since you can lose attribute values you didn't intend to remove. Therefore, it's usually recommended to use removeValue() and setValues(). If you know exactly what the new values should be like, you can use this method like <PRE> $entry->setValues("cn", "Leif Hedstrom", "The Swede"); $entry->setValues("mail", @mailAddresses);</PRE> or if it's a single value attribute, <PRE> $entry->setValues("uidNumber", "12345");</PRE> <DT><A NAME="item_size">size</A> <DD> Return the number of values for a particular attribute. For instance <PRE> $entry->{cn} = [ "Leif Hedstrom", "The Swede" ]; $numVals = $entry->size("cn");</PRE> This will set <CODE>$numVals</CODE> to two (2). The only argument is the name of the attribute, and the return value is the size of the value array. </DL> <H2><A NAME="deleting entries">Deleting entries</A></H2> To delete an LDAP entry from the LDAP server, you have to use the delete method from the Mozilla::LDAP::Conn module. It will actually delete any entry, if you provide an legitimate DN. <H2><A NAME="renaming entries">Renaming entries</A></H2> Again, there's no functionality in this object class to rename the entry (i.e. changing it's DN). For now, there is a way to modify the RDN component of a DN through the Mozilla::LDAP::Conn module, with modifyRDN. Eventually we hope to have a complete rename method, which should be capable of renaming any entry, in any way, including moving it to a different part of the DIT (Directory Information Tree). <HR> <H1><A NAME="examples">EXAMPLES</A></H1> There are plenty of examples to look at, in the examples directory. We are adding more examples every day (almost). <HR> <H1><A NAME="installation">INSTALLATION</A></H1> Installing this package is part of the Makefile supplied in the package. See the installation procedures which are part of this package. <HR> <H1><A NAME="availability">AVAILABILITY</A></H1> This package can be retrieved from a number of places, including: <PRE> <A HREF="http://www.mozilla.org/directory/">http://www.mozilla.org/directory/</A> Your local CPAN server</PRE> <HR> <H1><A NAME="credits">CREDITS</A></H1> Most of this code was developed by Leif Hedstrom, Netscape Communications Corporation. <HR> <H1><A NAME="bugs">BUGS</A></H1> None. :) <HR> <H1><A NAME="see also">SEE ALSO</A></H1> <A HREF="../../../../site/lib/Mozilla/LDAP/Conn.html">the Mozilla::LDAP::Conn manpage</A>, <A HREF="../../../../site/lib/Mozilla/LDAP/API.html">the Mozilla::LDAP::API manpage</A>, and of course Perl. <TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 WIDTH=100%> <TR><TD CLASS=block VALIGN=MIDDLE WIDTH=100% BGCOLOR="#cccccc"> Mozilla::LDAP::Entry.pm - Object class to hold one LDAP entry. </TD></TR> </TABLE> </BODY> </HTML>