LDAPAccountManager/lam/templates/delete.php

362 lines
12 KiB
PHP
Raw Permalink Normal View History

<?php
2017-01-07 17:39:40 +00:00
namespace LAM\DELETE;
2018-11-20 18:18:23 +00:00
use \htmlGroup;
use \htmlResponsiveRow;
use \htmlButton;
use \htmlSpacer;
use \htmlHiddenInput;
use \htmlOutputText;
use \htmlStatusMessage;
/*
2006-08-14 17:29:45 +00:00
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
2006-03-03 17:30:35 +00:00
Copyright (C) 2003 - 2006 Tilo Lutz
2019-05-23 18:38:44 +00:00
Copyright (C) 2007 - 2019 Roland Gruber
2006-08-14 17:29:45 +00:00
2005-03-26 11:27:15 +00:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
2006-08-14 17:29:45 +00:00
2005-03-26 11:27:15 +00:00
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
2006-08-14 17:29:45 +00:00
2005-03-26 11:27:15 +00:00
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
2006-08-14 17:29:45 +00:00
2005-03-26 11:27:15 +00:00
*/
2005-03-26 11:27:15 +00:00
/**
* Used to delete accounts from LDAP tree.
*
* @author Tilo Lutz
* @author Roland Gruber
2005-08-17 19:17:15 +00:00
* @package main
*/
2004-01-10 11:47:48 +00:00
2006-03-26 17:51:25 +00:00
/** security functions */
2018-12-23 16:28:42 +00:00
include_once(__DIR__ . "/../lib/security.inc");
2005-08-17 19:17:15 +00:00
/** account functions */
2018-12-23 16:28:42 +00:00
include_once(__DIR__ . '/../lib/account.inc');
2005-08-17 19:17:15 +00:00
/** current configuration options */
2018-12-23 16:28:42 +00:00
include_once(__DIR__ . '/../lib/config.inc');
2005-08-17 19:17:15 +00:00
/** message displaying */
2018-12-23 16:28:42 +00:00
include_once(__DIR__ . '/../lib/status.inc');
2005-08-17 19:17:15 +00:00
/** LDAP connection */
2018-12-23 16:28:42 +00:00
include_once(__DIR__ . '/../lib/ldap.inc');
2017-09-16 13:09:25 +00:00
/** remote interface */
2018-12-23 16:28:42 +00:00
include_once(__DIR__ . '/../lib/remote.inc');
2005-08-17 19:17:15 +00:00
/** module interface */
2018-12-23 16:28:42 +00:00
include_once(__DIR__ . '/../lib/modules.inc');
2004-01-10 11:47:48 +00:00
// Start session
2006-03-26 17:51:25 +00:00
startSecureSession();
2017-02-11 16:11:37 +00:00
enforceUserIsLoggedIn();
2004-01-10 11:47:48 +00:00
2007-12-30 16:08:54 +00:00
if (!checkIfWriteAccessIsAllowed()) {
die();
}
2020-02-24 19:08:28 +00:00
// Redirect to startpage if user is not logged in
2014-10-25 19:17:53 +00:00
if (!isLoggedIn()) {
metaRefresh("login.php");
2004-01-10 11:47:48 +00:00
exit;
2005-03-26 11:27:15 +00:00
}
2004-01-10 11:47:48 +00:00
// Set correct language, codepages, ....
setlanguage();
2003-04-25 16:14:09 +00:00
2015-05-15 19:16:46 +00:00
if (!empty($_POST)) {
validateSecurityToken();
}
2019-05-23 18:38:44 +00:00
$sessionAccountPrefix = 'deleteContainer';
foreach ($_SESSION as $key => $value) {
if (strpos($key, $sessionAccountPrefix) === 0) {
unset($_SESSION[$key]);
logNewMessage(LOG_NOTICE, "del " . $key);
}
}
2017-01-07 17:39:40 +00:00
$typeManager = new \LAM\TYPES\TypeManager();
2017-10-24 18:43:28 +00:00
if (isset($_POST['type']) && ($typeManager->getConfiguredType($_POST['type']) === null)) {
2012-03-13 21:34:13 +00:00
logNewMessage(LOG_ERR, 'Invalid type: ' . $_POST['type']);
die();
}
2007-04-21 11:04:50 +00:00
if (isset($_GET['type']) && isset($_SESSION['delete_dn'])) {
2017-01-07 17:39:40 +00:00
$typeId = $_GET['type'];
$type = $typeManager->getConfiguredType($typeId);
2017-10-24 18:43:28 +00:00
if ($type === null) {
2017-01-07 17:39:40 +00:00
logNewMessage(LOG_ERR, 'Invalid type: ' . $type->getId());
2012-03-13 21:34:13 +00:00
die();
}
2017-01-07 17:39:40 +00:00
if (!checkIfDeleteEntriesIsAllowed($type->getId()) || !checkIfWriteAccessIsAllowed($type->getId())) {
logNewMessage(LOG_ERR, 'User tried to delete entries of forbidden type '. $type->getId());
die();
}
2004-01-10 11:47:48 +00:00
// Create account list
foreach ($_SESSION['delete_dn'] as $dn) {
$start = strpos ($dn, "=")+1;
$end = strpos ($dn, ",");
$users[] = substr($dn, $start, $end-$start);
2005-03-26 11:27:15 +00:00
}
2004-01-10 11:47:48 +00:00
2019-05-23 18:38:44 +00:00
$sessionKey = $sessionAccountPrefix . (new \DateTime(null, getTimeZone()))->getTimestamp() . getRandomNumber();
2004-01-10 11:47:48 +00:00
//load account
2019-05-23 18:38:44 +00:00
$_SESSION[$sessionKey] = new \accountContainer($type, $sessionKey);
2004-01-10 11:47:48 +00:00
// Show HTML Page
2018-11-20 18:18:23 +00:00
include '../lib/adminHeader.inc';
2017-01-07 17:39:40 +00:00
echo "<div class=\"" . $type->getScope() . "-bright smallPaddingContent\">";
2010-08-21 09:43:52 +00:00
echo "<br>\n";
2004-01-10 11:47:48 +00:00
echo "<form action=\"delete.php\" method=\"post\">\n";
2018-11-20 18:18:23 +00:00
$tabindex = 1;
$container = new htmlResponsiveRow();
$container->add(new htmlOutputText(_("Do you really want to remove the following accounts?")), 12);
$container->addVerticalSpacer('2rem');
2017-09-17 09:25:11 +00:00
$userCount = sizeof($users);
for ($i = 0; $i < $userCount; $i++) {
2018-11-20 18:18:23 +00:00
$container->addLabel(new htmlOutputText(_("Account name:")));
$container->addField(new htmlOutputText($users[$i]));
$container->addLabel(new htmlOutputText(_('DN') . ':'));
$container->addField(new htmlOutputText($_SESSION['delete_dn'][$i]));
2019-05-23 18:38:44 +00:00
$_SESSION[$sessionKey]->load_account($_SESSION['delete_dn'][$i]);
if (!$_SESSION[$sessionKey]->hasOnlyVirtualChildren()) {
2016-01-06 15:05:52 +00:00
$childCount = getChildCount($_SESSION['delete_dn'][$i]);
if ($childCount > 0) {
2018-11-20 18:18:23 +00:00
$container->addLabel(new htmlOutputText(_('Number of child entries') . ':'));
$container->addField(new htmlOutputText($childCount));
2016-01-06 15:05:52 +00:00
}
2005-11-26 12:49:48 +00:00
}
2005-03-26 11:27:15 +00:00
}
2018-11-20 18:18:23 +00:00
addSecurityTokenToMetaHTML($container);
$container->add(new htmlHiddenInput('type', $type->getId()), 12);
$container->addVerticalSpacer('1rem');
parseHtml(null, $container, array(), false, $tabindex, $type->getScope());
2004-01-10 11:47:48 +00:00
// Print delete rows from modules
2017-01-07 17:39:40 +00:00
$modules = $_SESSION['config']->get_AccountModules($type->getId());
$values = array();
2005-04-04 16:55:34 +00:00
foreach ($modules as $module) {
2017-01-07 17:39:40 +00:00
$module = \moduleCache::getModule($module, $type->getScope());
parseHtml(get_class($module), $module->display_html_delete(), $values, true, $tabindex, $type->getScope());
2005-03-26 11:27:15 +00:00
}
2018-11-20 18:18:23 +00:00
$buttonContainer = new htmlResponsiveRow();
$buttonContainer->addVerticalSpacer('1rem');
$buttonGroup = new htmlGroup();
$delButton = new htmlButton('delete', _('Delete'));
$delButton->setIconClass('deleteButton');
$buttonGroup->addElement($delButton);
$buttonGroup->addElement(new htmlSpacer('0.5rem', null));
$cancelButton = new htmlButton('cancel', _('Cancel'));
$cancelButton->setIconClass('cancelButton');
$buttonGroup->addElement($cancelButton);
$buttonContainer->add($buttonGroup, 12);
$buttonContainer->addVerticalSpacer('1rem');
parseHtml(null, $buttonContainer, array(), false, $tabindex, $type->getScope());
2004-01-10 11:47:48 +00:00
echo "</form>\n";
echo "</div>\n";
2018-11-20 18:18:23 +00:00
include '../lib/adminFooter.inc';
2005-03-26 11:27:15 +00:00
}
2003-05-02 07:59:13 +00:00
2010-09-26 11:11:01 +00:00
if (isset($_POST['cancel'])) {
2018-12-23 16:28:42 +00:00
if (isset($_SESSION['delete_dn'])) {
unset($_SESSION['delete_dn']);
}
2006-01-06 10:47:43 +00:00
metaRefresh("lists/list.php?type=" . $_POST['type']);
2005-03-26 11:27:15 +00:00
}
elseif (isset($_POST['cancelAllOk'])) {
2018-12-23 16:28:42 +00:00
if (isset($_SESSION['delete_dn'])) {
unset($_SESSION['delete_dn']);
}
2018-11-20 18:18:23 +00:00
metaRefresh("lists/list.php?type=" . $_POST['type'] . '&deleteAllOk=1');
}
2010-09-26 11:11:01 +00:00
if (isset($_POST['delete'])) {
2017-01-07 17:39:40 +00:00
$typeId = $_POST['type'];
$type = $typeManager->getConfiguredType($typeId);
if (!checkIfDeleteEntriesIsAllowed($type->getId()) || !checkIfWriteAccessIsAllowed($type->getId())) {
logNewMessage(LOG_ERR, 'User tried to delete entries of forbidden type '. $type->getId());
die();
}
2004-01-10 11:47:48 +00:00
// Show HTML Page
2018-12-23 16:28:42 +00:00
include __DIR__ . '/../lib/adminHeader.inc';
2004-01-10 11:47:48 +00:00
echo "<form action=\"delete.php\" method=\"post\">\n";
2017-01-07 17:39:40 +00:00
echo "<div class=\"" . $type->getScope() . "-bright smallPaddingContent\"><br>\n";
2018-11-20 18:18:23 +00:00
$container = new htmlResponsiveRow();
addSecurityTokenToMetaHTML($container);
$container->add(new htmlHiddenInput('type', $type->getId()), 12);
2016-01-06 15:05:52 +00:00
2019-05-23 18:38:44 +00:00
$sessionKey = $sessionAccountPrefix . (new \DateTime(null, getTimeZone()))->getTimestamp() . getRandomNumber();
$_SESSION[$sessionKey] = new \accountContainer($type, $sessionKey);
2004-01-10 11:47:48 +00:00
// Delete dns
$allOk = true;
2012-06-05 18:20:17 +00:00
$allErrors = array();
2017-09-17 09:25:11 +00:00
foreach ($_SESSION['delete_dn'] as $deleteDN) {
2004-01-10 11:47:48 +00:00
// Set to true if an real error has happened
$stopprocessing = false;
// First load DN.
2019-05-23 18:38:44 +00:00
$_SESSION[$sessionKey]->load_account($deleteDN);
2004-01-10 11:47:48 +00:00
// get commands and changes of each attribute
2019-05-23 18:38:44 +00:00
$moduleNames = array_keys($_SESSION[$sessionKey]->getAccountModules());
$modules = $_SESSION[$sessionKey]->getAccountModules();
2004-01-10 11:47:48 +00:00
$attributes = array();
$errors = array();
2007-02-25 13:51:40 +00:00
// predelete actions
if (!$stopprocessing) {
2007-10-26 14:10:10 +00:00
foreach ($moduleNames as $singlemodule) {
$success = true;
$messages = $modules[$singlemodule]->preDeleteActions();
2017-09-17 10:33:33 +00:00
foreach ($messages as $message) {
$errors[] = $message;
if ($message[0] == 'ERROR') {
$success = false;
$allOk = false;
}
2017-09-17 10:33:33 +00:00
elseif ($message[0] == 'WARN') {
$allOk = false;
}
}
2007-02-25 13:51:40 +00:00
if (!$success) {
$stopprocessing = true;
break;
2004-01-10 11:47:48 +00:00
}
}
2009-06-14 12:31:51 +00:00
}
2007-02-25 13:51:40 +00:00
if (!$stopprocessing) {
// load attributes
2007-10-26 14:10:10 +00:00
foreach ($moduleNames as $singlemodule) {
2007-02-25 13:51:40 +00:00
// load changes
2007-10-26 14:10:10 +00:00
$temp = $modules[$singlemodule]->delete_attributes();
2007-02-25 13:51:40 +00:00
if (is_array($temp)) {
// merge changes
$DNs = array_keys($temp);
$attributes = array_merge_recursive($temp, $attributes);
2017-09-17 10:33:33 +00:00
foreach ($DNs as $dn) {
$ops = array_keys($temp[$dn]);
foreach ($ops as $op) {
$attrs = array_keys($temp[$dn][$op]);
foreach ($attrs as $attribute) {
$attributes[$dn][$op][$attribute] = array_unique($attributes[$dn][$op][$attribute]);
}
2007-02-25 13:51:40 +00:00
}
}
2004-01-10 11:47:48 +00:00
}
2005-03-26 11:27:15 +00:00
}
2007-02-25 13:51:40 +00:00
$DNs = array_keys($attributes);
2017-09-17 10:33:33 +00:00
foreach ($DNs as $dn) {
if (isset($attributes[$dn]['errors'])) {
foreach ($attributes[$dn]['errors'] as $singleerror) {
2007-02-25 13:51:40 +00:00
$errors[] = $singleerror;
if ($singleerror[0] == 'ERROR') {
$stopprocessing = true;
$allOk = false;
}
}
2005-03-26 11:27:15 +00:00
}
2007-02-25 13:51:40 +00:00
if (!$stopprocessing) {
// modify attributes
2017-09-17 10:33:33 +00:00
if (isset($attributes[$dn]['modify']) && !$stopprocessing) {
2017-10-24 18:48:34 +00:00
$success = ldap_mod_replace($_SESSION['ldap']->server(), $dn, $attributes[$dn]['modify']);
2007-02-25 13:51:40 +00:00
if (!$success) {
2017-09-17 10:33:33 +00:00
$errors[] = array ('ERROR', sprintf(_('Was unable to modify attributes from DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
2007-02-25 13:51:40 +00:00
$stopprocessing = true;
$allOk = false;
2007-02-25 13:51:40 +00:00
}
2003-04-26 21:58:00 +00:00
}
2007-02-25 13:51:40 +00:00
// add attributes
2017-09-17 10:33:33 +00:00
if (isset($attributes[$dn]['add']) && !$stopprocessing) {
2017-10-24 18:48:34 +00:00
$success = ldap_mod_add($_SESSION['ldap']->server(), $dn, $attributes[$dn]['add']);
2007-02-25 13:51:40 +00:00
if (!$success) {
2017-09-17 10:33:33 +00:00
$errors[] = array ('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
2007-02-25 13:51:40 +00:00
$stopprocessing = true;
$allOk = false;
2007-02-25 13:51:40 +00:00
}
}
2011-02-26 13:14:10 +00:00
// remove attributes
2017-09-17 10:33:33 +00:00
if (isset($attributes[$dn]['remove']) && !$stopprocessing) {
2017-10-24 18:48:34 +00:00
$success = ldap_mod_del($_SESSION['ldap']->server(), $dn, $attributes[$dn]['remove']);
2007-02-25 13:51:40 +00:00
if (!$success) {
2017-09-17 10:33:33 +00:00
$errors[] = array ('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
2007-02-25 13:51:40 +00:00
$stopprocessing = true;
$allOk = false;
2007-02-25 13:51:40 +00:00
}
2004-01-10 11:47:48 +00:00
}
}
}
2005-03-26 11:27:15 +00:00
}
2004-01-10 11:47:48 +00:00
if (!$stopprocessing) {
2019-05-23 18:38:44 +00:00
$recursive = !$_SESSION[$sessionKey]->hasOnlyVirtualChildren();
2017-09-17 09:25:11 +00:00
$messages = deleteDN($deleteDN, $recursive);
2012-06-05 18:20:17 +00:00
$errors = array_merge($errors, $messages);
if (sizeof($errors) > 0) {
$stopprocessing = true;
$allOk = false;
}
2005-03-26 11:27:15 +00:00
}
2007-02-25 13:51:40 +00:00
// post delete actions
if (!$stopprocessing) {
2007-10-26 14:10:10 +00:00
foreach ($moduleNames as $singlemodule) {
$messages = $modules[$singlemodule]->postDeleteActions();
2017-09-17 10:33:33 +00:00
foreach ($messages as $message) {
$errors[] = $message;
if (($message[0] == 'ERROR') || ($message[0] == 'WARN')) {
$allOk = false;
}
}
}
2016-01-06 15:05:52 +00:00
}
2004-01-10 11:47:48 +00:00
if (!$stopprocessing) {
2018-11-20 18:18:23 +00:00
$container->add(new htmlOutputText(sprintf(_('Deleted DN: %s'), $deleteDN)), 12);
foreach ($errors as $error) {
2018-11-20 18:18:23 +00:00
$container->add(htmlStatusMessage::fromParamArray($error), 12);
}
2005-03-26 11:27:15 +00:00
}
2004-01-10 11:47:48 +00:00
else {
2018-11-20 18:18:23 +00:00
$container->add(new htmlOutputText(sprintf(_('Error while deleting DN: %s'), $deleteDN)), 12);
foreach ($errors as $error) {
2018-11-20 18:18:23 +00:00
$container->add(htmlStatusMessage::fromParamArray($error), 12);
}
2003-08-20 19:16:03 +00:00
}
2012-06-05 18:20:17 +00:00
$allErrors = array_merge($allErrors, $errors);
2005-03-26 11:27:15 +00:00
}
2018-11-20 18:18:23 +00:00
$container->addVerticalSpacer('2rem');
$buttonName = $allOk ? 'cancelAllOk' : 'cancel';
$container->add(new htmlButton($buttonName, _('Back to list')), 12);
$container->addVerticalSpacer('1rem');
parseHtml(null, $container, array(), false, $tabindex, $type->getScope());
echo "</div>\n";
2004-01-10 11:47:48 +00:00
echo "</form>\n";
?>
2017-01-07 17:39:40 +00:00
<script type="text/javascript">
jQuery(document).ready(function() {
<?php
if ($allOk) {
2012-06-05 18:20:17 +00:00
$_SESSION['listRedirectMessages'] = $allErrors;
2018-11-20 18:18:23 +00:00
echo "jQuery('#btn_cancelAllOk').click();";
}
?>
});
</script>
<?php
2018-12-23 16:28:42 +00:00
include __DIR__ . '/../lib/adminFooter.inc';
2003-05-02 07:59:13 +00:00
2005-03-26 11:27:15 +00:00
}
2003-05-02 07:59:13 +00:00
2005-11-26 12:49:48 +00:00
/**
* Returns the number of child entries of a DN.
*
* @param string $dn DN of parent
2020-03-02 15:44:15 +00:00
* @return integer number of children
2005-11-26 12:49:48 +00:00
*/
function getChildCount($dn) {
$entries = searchLDAP(escapeDN($dn), 'objectClass=*', array('dn'));
return (sizeof($entries) - 1);
2005-11-26 12:49:48 +00:00
}
2003-04-25 16:14:09 +00:00
?>