LDAPAccountManager/lam/lib/modules/shadowAccount.inc

564 lines
24 KiB
PHP
Raw Normal View History

<?php
/*
$Id$
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
2006-03-03 17:30:35 +00:00
Copyright (C) 2003 - 2006 Tilo Lutz
2009-10-09 18:21:12 +00:00
Copyright (C) 2007 - 2009 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
2005-07-21 10:33:02 +00:00
/**
* Manages Unix shadow accounts for users.
*
* @package modules
*
* @author Tilo Lutz
* @author Roland Gruber
* @author Michael Duergner
*/
/**
* Manages the object class "shadowAccount" for users.
*
* @package modules
*/
2009-10-09 18:21:12 +00:00
class shadowAccount extends baseModule implements passwordService {
2008-10-21 18:47:45 +00:00
/**
* Creates a new shadowAccount object.
*
* @param string $scope account type (user, group, host)
*/
function __construct($scope) {
// call parent constructor
parent::__construct($scope);
$this->autoAddObjectClasses = false;
}
2004-06-13 19:58:58 +00:00
/**
* This function builds up the message array.
*/
function load_Messages() {
// error messages for input checks
2006-07-29 15:13:08 +00:00
$this->messages['shadowMin'][0] = array('ERROR', _('Minimum password age'), _('Password minimum age must be are natural number.'));
2004-11-08 19:48:39 +00:00
$this->messages['shadowMin'][1] = array('ERROR', _('Account %s:') . ' shadowAccount_minAge', _('Password minimum age must be are natural number.'));
2006-07-29 15:13:08 +00:00
$this->messages['shadowMax'][0] = array('ERROR', _('Maximum password age'), _('Password maximum age must be are natural number.'));
2004-11-08 19:48:39 +00:00
$this->messages['shadowMax'][1] = array('ERROR', _('Account %s:') . ' shadowAccount_maxAge', _('Password maximum age must be are natural number.'));
2004-11-10 14:00:00 +00:00
$this->messages['inactive'][0] = array('ERROR', _('Password expiration'), _('Password expiration must be are natural number or -1.'));
$this->messages['inactive'][1] = array('ERROR', _('Account %s:') . ' shadowAccount_ignoreExpire', _('Password expiration must be are natural number or -1.'));
2004-11-08 19:48:39 +00:00
$this->messages['shadowWarning'][0] = array('ERROR', _('Password warning'), _('Password warning must be are natural number.'));
$this->messages['shadowWarning'][1] = array('ERROR', _('Account %s:') . ' shadowAccount_warning', _('Password warning must be are natural number.'));
2010-03-07 15:50:38 +00:00
$this->messages['shadow_cmp'][0] = array('ERROR', _('Maximum password age'), _('Password maximum age must be bigger than password minimum age.'));
2004-11-08 19:48:39 +00:00
$this->messages['shadow_cmp'][1] = array('ERROR', _('Account %s:') . ' shadowAccount_min/maxAge', _('Password maximum age must be bigger as password minimum age.'));
$this->messages['shadow_expireDate'][0] = array('ERROR', _('Account %s:') . ' shadowAccount_expireDate', _('The expiration date is invalid.'));
}
2006-08-14 17:24:27 +00:00
2004-06-13 19:58:58 +00:00
/**
* Returns meta data that is interpreted by parent class
*
* @return array array with meta data
2008-02-03 14:28:28 +00:00
*
* @see baseModule::get_metaData()
2004-06-13 19:58:58 +00:00
*/
function get_metaData() {
$return = array();
2007-11-19 18:42:03 +00:00
// icon
2007-12-01 12:34:52 +00:00
$return['icon'] = 'keyBig.png';
2004-06-13 19:58:58 +00:00
// manages user accounts
$return["account_types"] = array("user");
2004-06-14 16:05:36 +00:00
// alias name
$return["alias"] = _('Shadow');
2004-06-20 17:32:02 +00:00
// module dependencies
$return['dependencies'] = array('depends' => array('posixAccount'), 'conflicts' => array());
// managed object classes
$return['objectClasses'] = array('shadowAccount');
2006-05-13 08:55:31 +00:00
// managed attributes
2006-09-03 12:41:22 +00:00
$return['attributes'] = array('shadowLastChange', 'shadowMin', 'shadowMax', 'shadowWarning',
2009-12-18 21:02:21 +00:00
'shadowInactive', 'shadowExpire', 'shadowFlag');
2004-07-04 15:18:53 +00:00
// lists for expiration date
$day = array(); $mon = array(); $year = array();
for ( $i=1; $i<=31; $i++ ) $day[] = $i;
for ( $i=1; $i<=12; $i++ ) $mon[] = $i;
for ( $i=2003; $i<=2030; $i++ ) $year[] = $i;
$return['profile_options'] = array(
2009-12-20 14:35:42 +00:00
array(
array('kind' => 'text', 'text' => _('Automatically add this extension') . ":"),
array('kind' => 'input', 'name' => 'shadowAccount_addExt', 'type' => 'checkbox'),
array('kind' => 'help', 'value' => 'autoAdd')),
2004-07-04 15:18:53 +00:00
// password warning
array(
2008-08-23 16:08:50 +00:00
array('kind' => 'text', 'text' => _('Password warning')),
array('kind' => 'input', 'name' => 'shadowAccount_shadowWarning', 'type' => 'text', 'size' => '5', 'maxlength' => '4', 'value' => ""),
array('kind' => 'help', 'value' => 'shadowWarning')),
2004-07-04 15:18:53 +00:00
// password expiration
array(
2008-08-23 16:08:50 +00:00
array('kind' => 'text', 'text' => _('Password expiration')),
array('kind' => 'input', 'name' => 'shadowAccount_shadowInactive', 'type' => 'text', 'size' => '5', 'maxlength' => '4', 'value' => ""),
array('kind' => 'help', 'value' => 'shadowInactive')),
2004-07-04 15:18:53 +00:00
// minimum password age
array(
2008-08-23 16:08:50 +00:00
array('kind' => 'text', 'text' => _('Minimum password age')),
array('kind' => 'input', 'name' => 'shadowAccount_shadowMin', 'type' => 'text', 'size' => '5', 'maxlength' => '5', 'value' => ""),
array('kind' => 'help', 'value' => 'shadowMin')),
2004-07-04 15:18:53 +00:00
// maximum password age
array(
2008-08-23 16:08:50 +00:00
array('kind' => 'text', 'text' => _('Maximum password age')),
array('kind' => 'input', 'name' => 'shadowAccount_shadowMax', 'type' => 'text', 'size' => '5', 'maxlength' => '5', 'value' => ""),
array('kind' => 'help', 'value' => 'shadowMax')),
2004-07-04 15:18:53 +00:00
// expiration date
array(
2008-08-23 16:08:50 +00:00
array('kind' => 'text', 'text' => _('Account expiration date')),
array('kind' => 'table', 'value' => array(
array (
array('kind' => 'select', 'name' => 'shadowAccount_shadowExpire_day', 'options' => $day, 'options_selected' => array('1')),
array('kind' => 'select', 'name' => 'shadowAccount_shadowExpire_mon', 'options' => $mon, 'options_selected' => array('1')),
array('kind' => 'select', 'name' => 'shadowAccount_shadowExpire_yea', 'options' => $year, 'options_selected' => array('2030'))
2004-07-04 15:18:53 +00:00
)
)),
2009-12-20 14:35:42 +00:00
array('kind' => 'help', 'value' => 'shadowExpire')),
2004-07-04 15:18:53 +00:00
);
// profile checks
2004-09-26 15:55:29 +00:00
$return['profile_checks']['shadowAccount_shadowMin'] = array(
'type' => 'ext_preg',
'regex' => 'digit',
'error_message' => $this->messages['shadowMin'][0]);
2004-09-26 15:55:29 +00:00
$return['profile_checks']['shadowAccount_shadowMax'] = array(
'type' => 'ext_preg',
'regex' => 'digit',
'error_message' => $this->messages['shadowMax'][0]);
2004-09-26 15:55:29 +00:00
$return['profile_checks']['shadowAccount_cmp'] = array(
'type' => 'int_greater',
'cmp_name1' => 'shadowAccount_shadowMax',
'cmp_name2' => 'shadowAccount_shadowMin',
'error_message' => $this->messages['shadow_cmp'][0]);
$return['profile_checks']['shadowAccount_shadowInactive'] = array(
'type' => 'ext_preg',
'regex' => 'digit2',
'error_message' => $this->messages['inactive'][0]);
2004-09-26 15:55:29 +00:00
$return['profile_checks']['shadowAccount_shadowWarning'] = array(
'type' => 'ext_preg',
'regex' => 'digit',
'error_message' => $this->messages['shadowWarning'][0]);
2005-01-29 15:14:13 +00:00
// profile mappings
$return['profile_mappings'] = array(
'shadowAccount_shadowWarning' => 'shadowWarning',
'shadowAccount_shadowInactive' => 'shadowInactive',
'shadowAccount_shadowMin' => 'shadowMin',
'shadowAccount_shadowMax' => 'shadowMax'
);
// available PDF fields
2004-10-30 16:46:06 +00:00
$return['PDF_fields'] = array(
'shadowLastChange',
'shadowWarning',
'shadowInactive',
2006-05-13 08:55:31 +00:00
'shadowExpire'
2004-10-30 16:46:06 +00:00
);
// help Entries
2004-10-30 16:46:06 +00:00
$return['help'] = array (
'shadowWarning' => array (
2004-11-08 19:48:39 +00:00
"Headline" => _("Password warning"),
2007-10-28 15:06:59 +00:00
"Text" => _("Days before password is to expire that user is warned of pending password expiration. If set value must be >0."). ' '. _("Can be left empty.")
2004-10-30 16:46:06 +00:00
),
'shadowInactive' => array (
2004-11-10 14:00:00 +00:00
"Headline" => _("Password expiration"),
2004-10-30 16:46:06 +00:00
"Text" => _("Number of days a user can login even his password has expired. -1=always."). ' '. _("Can be left empty.")
),
'shadowMin' => array (
"Headline" => _("Minimum password age"),
2007-10-28 15:06:59 +00:00
"Text" => _("Number of days a user has to wait until he is allowed to change his password again. If set value must be >0."). ' '. _("Can be left empty.")
2004-10-30 16:46:06 +00:00
),
'shadowMax' => array (
"Headline" => _("Maximum password age"),
2007-10-28 15:06:59 +00:00
"Text" => _("Number of days after a user has to change his password again. If set value must be >0."). ' '. _("Can be left empty.")
2004-10-30 16:46:06 +00:00
),
'shadowExpire' => array (
2005-10-01 07:23:57 +00:00
"Headline" => _("Account expiration date"),
"Text" => _("This is the date when the account will expire. Format: DD-MM-YYYY")
2009-12-20 14:35:42 +00:00
),
'autoAdd' => array(
"Headline" => _("Automatically add this extension"),
"Text" => _("This will enable the extension automatically if this profile is loaded.")
2004-10-30 16:46:06 +00:00
)
);
2004-11-08 19:48:39 +00:00
// upload fields
$return['upload_columns'] = array(
array(
'name' => 'shadowAccount_warning',
'description' => _('Password warning'),
'help' => 'shadowWarning',
'example' => '14'
),
array(
2004-11-10 14:00:00 +00:00
'name' => 'shadowAccount_expiration',
'description' => _('Password expiration'),
2004-11-08 19:48:39 +00:00
'help' => 'shadowInactive',
'example' => '7'
),
array(
'name' => 'shadowAccount_minAge',
'description' => _('Minimum password age'),
'help' => 'shadowMin',
'example' => '1'
),
array(
'name' => 'shadowAccount_maxAge',
'description' => _('Maximum password age'),
'help' => 'shadowMax',
'example' => '365'
),
array(
2004-11-10 14:00:00 +00:00
'name' => 'shadowAccount_expireDate',
2005-10-01 07:23:57 +00:00
'description' => _('Account expiration date'),
2004-11-08 19:48:39 +00:00
'help' => 'shadowExpire',
'example' => '17-07-2011'
)
);
2004-06-13 19:58:58 +00:00
return $return;
}
2005-08-14 11:38:06 +00:00
/**
* Returns a list of modifications which have to be made to the LDAP account.
*
* @return array list of modifications
* <br>This function returns an array with 3 entries:
* <br>array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* <br>DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
* <br>"add" are attributes which have to be added to LDAP entry
* <br>"remove" are attributes which have to be removed from LDAP entry
* <br>"modify" are attributes which have to been modified in LDAP entry
*/
function save_attributes() {
2009-12-18 21:02:21 +00:00
if (!in_array('shadowAccount', $this->attributes['objectClass']) && !in_array('shadowAccount', $this->orig['objectClass'])) {
// skip saving if the extension was not added/modified
2008-10-21 18:47:45 +00:00
return array();
}
2009-12-18 21:02:21 +00:00
return parent::save_attributes();
2005-08-14 11:38:06 +00:00
}
2005-08-14 11:38:06 +00:00
/**
* Processes user input of the primary module page.
* It checks if all input values are correct and updates the associated LDAP attributes.
2005-08-14 11:38:06 +00:00
*
* @return array list of info/error messages
*/
2006-08-14 17:24:27 +00:00
function process_attributes() {
2009-12-18 21:02:21 +00:00
if (isset($_POST['form_subpage_shadowAccount_attributes_remObjectClass'])) {
$this->attributes['objectClass'] = array_delete(array('shadowAccount'), $this->attributes['objectClass']);
if (isset($this->attributes['shadowMin'])) unset($this->attributes['shadowMin']);
if (isset($this->attributes['shadowMax'])) unset($this->attributes['shadowMax']);
if (isset($this->attributes['shadowWarning'])) unset($this->attributes['shadowWarning']);
if (isset($this->attributes['shadowInactive'])) unset($this->attributes['shadowInactive']);
if (isset($this->attributes['shadowLastChange'])) unset($this->attributes['shadowLastChange']);
if (isset($this->attributes['shadowExpire'])) unset($this->attributes['shadowExpire']);
if (isset($this->attributes['shadowFlag'])) unset($this->attributes['shadowFlag']);
return array();
}
2008-10-21 18:47:45 +00:00
if (!in_array('shadowAccount', $this->attributes['objectClass'])) {
return array();
}
2006-05-17 17:57:42 +00:00
$errors = array();
2003-12-30 15:36:30 +00:00
// Load attributes
2006-08-14 17:24:27 +00:00
$this->attributes['shadowMin'][0] = $_POST['shadowMin'];
$this->attributes['shadowMax'][0] = $_POST['shadowMax'];
$this->attributes['shadowWarning'][0] = $_POST['shadowWarning'];
$this->attributes['shadowInactive'][0] = $_POST['shadowInactive'];
2006-08-16 17:42:35 +00:00
if ( !get_preg($this->attributes['shadowMin'][0], 'digit')) $errors[] = $this->messages['shadowMin'][0];
if ( !get_preg($this->attributes['shadowMax'][0], 'digit')) $errors[] = $this->messages['shadowMax'][0];
if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0]) $errors[] = $this->messages['shadow_cmp'][0];
if ( !get_preg($this->attributes['shadowInactive'][0], 'digit2')) $errors[] = $this->messages['inactive'][0];
if ( !get_preg($this->attributes['shadowWarning'][0], 'digit')) $errors[] = $this->messages['shadowWarning'][0];
2006-05-17 17:57:42 +00:00
return $errors;
2005-08-14 11:38:06 +00:00
}
2005-08-14 11:38:06 +00:00
/**
* This function will create the meta HTML code to show a page with all attributes.
*
* @return array meta HTML code
*/
2006-08-14 17:24:27 +00:00
function display_html_attributes() {
2008-10-21 18:47:45 +00:00
if (isset($_POST['form_subpage_shadowAccount_attributes_addObjectClass'])) {
$this->attributes['objectClass'][] = 'shadowAccount';
2006-10-18 16:58:29 +00:00
}
2008-10-21 18:47:45 +00:00
$return = array();
if (in_array('shadowAccount', $this->attributes['objectClass'])) {
$shWarning = '';
if (isset($this->attributes['shadowWarning'][0])) {
$shWarning = $this->attributes['shadowWarning'][0];
}
$return[] = array(
array('kind' => 'text', 'text' => _('Password warning')),
array('kind' => 'input', 'name' => 'shadowWarning', 'type' => 'text', 'size' => '5', 'maxlength' => '4', 'value' => $shWarning),
array('kind' => 'help', 'value' => 'shadowWarning'));
$shPwdExpiration = '';
if (isset($this->attributes['shadowInactive'][0])) $shPwdExpiration = $this->attributes['shadowInactive'][0];
$return[] = array(
array('kind' => 'text', 'text' => _('Password expiration')),
array('kind' => 'input', 'name' => 'shadowInactive', 'type' => 'text', 'size' => '5', 'maxlength' => '4', 'value' => $shPwdExpiration),
array('kind' => 'help', 'value' => 'shadowInactive'));
$shMinAge = '';
if (isset($this->attributes['shadowMin'][0])) $shMinAge = $this->attributes['shadowMin'][0];
$return[] = array(
array('kind' => 'text', 'text' => _('Minimum password age')),
array('kind' => 'input', 'name' => 'shadowMin', 'type' => 'text', 'size' => '5', 'maxlength' => '5', 'value' => $shMinAge),
array('kind' => 'help', 'value' => 'shadowMin'));
$shMaxAge = '';
if (isset($this->attributes['shadowMax'][0])) $shMaxAge = $this->attributes['shadowMax'][0];
$return[] = array(
array('kind' => 'text', 'text' => _('Maximum password age')),
array('kind' => 'input', 'name' => 'shadowMax', 'type' => 'text', 'size' => '5', 'maxlength' => '5', 'value' => $shMaxAge),
array('kind' => 'help', 'value' => 'shadowMax'));
$expirationDate = "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
if (isset($this->attributes['shadowExpire'][0])) {
$shAccExpirationDate = $this->attributes['shadowExpire'][0];
$date = getdate($shAccExpirationDate*3600*24);
$expirationDate = $date['mday'] . "." . $date['mon'] . "." . $date['year'];
}
$return[] = array(
array('kind' => 'text', 'text' => _('Account expiration date')),
array('kind' => 'table', 'value' => array(array(
array('kind' => 'text', 'text' => $expirationDate),
array('kind' => 'input', 'name' => 'form_subpage_shadowAccount_expire_open', 'type' => 'submit', 'value' => _('Change'))
))),
array('kind' => 'help', 'value' => 'shadowExpire' ));
2009-12-18 21:02:21 +00:00
$return[] = array(
array('kind' => 'text', 'text' => '&nbsp;')
);
$return[] = array(
array('kind' => 'input', 'type' => 'submit', 'name' => 'form_subpage_shadowAccount_attributes_remObjectClass',
'value' => _('Remove Shadow account extension'), 'td' => array('colspan' => '4'))
);
2008-10-21 18:47:45 +00:00
}
else {
$return[] = array(
array('kind' => 'text', 'text' => '&nbsp;'),
2009-12-18 21:02:21 +00:00
array('kind' => 'input', 'type' => 'submit', 'name' => 'form_subpage_shadowAccount_attributes_addObjectClass', 'value' => _('Add Shadow account extension'))
2008-10-21 18:47:45 +00:00
);
2006-10-18 16:58:29 +00:00
}
return $return;
}
/**
* Processes user input of the expiration page.
* It checks if all input values are correct and updates the associated LDAP attributes.
*
* @return array list of info/error messages
*/
function process_expire() {
$errors = array();
// set expiration date
if (isset($_POST['form_subpage_shadowAccount_attributes_change'])) {
$this->attributes['shadowExpire'][0] = intval(gmmktime(0, 0, 0, intval($_POST['shadowExpire_mon']), intval($_POST['shadowExpire_day']),
intval($_POST['shadowExpire_yea']))/3600/24);
}
// remove expiration date
elseif (isset($_POST['form_subpage_shadowAccount_attributes_del'])) {
unset($this->attributes['shadowExpire']);
}
return $errors;
}
/**
* This function will create the meta HTML code to show a page with the expiration date.
*
* @return array meta HTML code
*/
function display_html_expire() {
$return = array();
$shAccExpirationDate = 0;
if (isset($this->attributes['shadowExpire'][0])) {
$shAccExpirationDate = $this->attributes['shadowExpire'][0];
}
$date = getdate($shAccExpirationDate*3600*24);
for ( $i=1; $i<=31; $i++ ) $mday[] = $i;
for ( $i=1; $i<=12; $i++ ) $mon[] = $i;
for ( $i=2003; $i<=2030; $i++ ) $year[] = $i;
2008-08-23 16:08:50 +00:00
$return[] = array(
array('kind' => 'text', 'text' => _('Account expiration date')),
array('kind' => 'table', 'value' => array(
array(
array('kind' => 'select', 'name' => 'shadowExpire_day', 'options' => $mday, 'options_selected' => $date['mday']),
array('kind' => 'select', 'name' => 'shadowExpire_mon', 'options' => $mon, 'options_selected' => $date['mon']),
array('kind' => 'select', 'name' => 'shadowExpire_yea', 'options' => $year, 'options_selected' => $date['year'])))),
array('kind' => 'help', 'value' => 'shadowExpire'));
2006-10-18 16:58:29 +00:00
$buttons = array();
$buttons[] = array('kind' => 'input', 'name' => 'form_subpage_shadowAccount_attributes_change', 'type' => 'submit', 'value' => _('Change'));
if (isset($this->attributes['shadowExpire'][0])) {
$buttons[] = array('kind' => 'input', 'name' => 'form_subpage_shadowAccount_attributes_del', 'type' => 'submit', 'value' => _('Remove'));
}
$buttons[] = array('kind' => 'input', 'name' => 'form_subpage_shadowAccount_attributes_back', 'type' => 'submit', 'value' => _('Cancel'));
$return[] = array(
array('kind' => 'table', 'td' => array('colspan' => 3), 'value' => array($buttons))
);
return $return;
2005-08-14 11:38:06 +00:00
}
2005-08-14 11:38:06 +00:00
/**
* Returns the PDF entries for this module.
2006-08-14 17:24:27 +00:00
*
* @return array list of possible PDF entries
2005-08-14 11:38:06 +00:00
*/
function get_pdfEntries() {
return array('shadowAccount_shadowLastChange' => array('<block><key>' . _('Last password change') . '</key><value>' . $this->attributes['shadowLastChange'][0] . '</value></block>'),
'shadowAccount_shadowWarning' => array('<block><key>' . _('Password warning') . '</key><value>' . $this->attributes['shadowWarn'][0] . '</value><block>'),
'shadowAccount_shadowInactive' => array('<block><key>' . _('Account inactive') . '</key><value>' . $this->attributes['shadowInactive'][0] . '</value></block>'),
2007-02-14 18:42:23 +00:00
'shadowAccount_shadowExpire' => array('<block><key>' . _('Password expiration') . '</key><value>' . date('d. m. Y',$this->attributes['shadowExpire'][0]*24*3600) . '</value></block>'));
}
2004-03-14 17:33:05 +00:00
2004-11-08 19:48:39 +00:00
/**
* In this function the LDAP account is built up.
*
* @param array $rawAccounts list of hash arrays (name => value) from user input
* @param array $partialAccounts list of hash arrays (name => value) which are later added to LDAP
* @param array $ids list of IDs for column position (e.g. "posixAccount_uid" => 5)
* @param array $selectedModules list of selected account modules
2004-11-08 19:48:39 +00:00
* @return array list of error messages if any
*/
function build_uploadAccounts($rawAccounts, $ids, &$partialAccounts, $selectedModules) {
2004-11-08 19:48:39 +00:00
$messages = array();
for ($i = 0; $i < sizeof($rawAccounts); $i++) {
// add object class
if (!in_array("shadowAccount", $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = "shadowAccount";
2006-02-23 18:48:20 +00:00
// shadow last change
$partialAccounts[$i]['shadowLastChange'] = array(intval(time()/3600/24));
2004-11-08 19:48:39 +00:00
// password warning
if ($rawAccounts[$i][$ids['shadowAccount_warning']] != '') {
if (get_preg($rawAccounts[$i][$ids['shadowAccount_warning']], 'digit')) {
$partialAccounts[$i]['shadowWarning'][] = $rawAccounts[$i][$ids['shadowAccount_warning']];
}
else {
$errMsg = $this->messages['shadowWarning'][1];
array_push($errMsg, array($i));
$messages[] = $errMsg;
}
}
// password expire ignoration
if ($rawAccounts[$i][$ids['shadowAccount_ignoreExpire']] != '') {
if (get_preg($rawAccounts[$i][$ids['shadowAccount_ignoreExpire']], 'digit2')) {
$partialAccounts[$i]['shadowInactive'][] = $rawAccounts[$i][$ids['shadowAccount_ignoreExpire']];
}
else {
$errMsg = $this->messages['inactive'][1];
array_push($errMsg, array($i));
$messages[] = $errMsg;
}
}
// password minAge
if ($rawAccounts[$i][$ids['shadowAccount_minAge']] != '') {
if (get_preg($rawAccounts[$i][$ids['shadowAccount_minAge']], 'digit')) {
$partialAccounts[$i]['shadowMin'][] = $rawAccounts[$i][$ids['shadowAccount_minAge']];
}
else {
$errMsg = $this->messages['shadowMin'][1];
array_push($errMsg, array($i));
$messages[] = $errMsg;
}
}
// password maxAge
if ($rawAccounts[$i][$ids['shadowAccount_maxAge']] != '') {
if (get_preg($rawAccounts[$i][$ids['shadowAccount_maxAge']], 'digit')) {
$partialAccounts[$i]['shadowMax'][] = $rawAccounts[$i][$ids['shadowAccount_maxAge']];
}
else {
$errMsg = $this->messages['shadowMax'][1];
array_push($errMsg, array($i));
$messages[] = $errMsg;
}
}
// minAge <= maxAge
if ((($rawAccounts[$i][$ids['shadowAccount_minAge']] != '') || ($rawAccounts[$i][$ids['shadowAccount_maxAge']] != '')) && // if at least one is set
(($rawAccounts[$i][$ids['shadowAccount_minAge']] == '') || ($rawAccounts[$i][$ids['shadowAccount_maxAge']] == '') || ( // and one is not set
($rawAccounts[$i][$ids['shadowAccount_minAge']] > $rawAccounts[$i][$ids['shadowAccount_maxAge']])))) { // or minAge > maxAge
$errMsg = $this->messages['shadow_cmp'][1];
array_push($errMsg, array($i));
$messages[] = $errMsg;
}
// expiration date
if ($rawAccounts[$i][$ids['shadowAccount_expireDay']] != '') {
if (get_preg($rawAccounts[$i][$ids['shadowAccount_expireDay']], 'date')) {
$parts = explode('-', $rawAccounts[$i][$ids['shadowAccount_expireDay']]);
2006-06-29 15:21:44 +00:00
$partialAccounts[$i]['shadowExpire'][] = intval(mktime(0, 0, 0, intval($parts[1]), intval($parts[0]), intval($parts[2]))/3600/24);
2004-11-08 19:48:39 +00:00
}
else {
$errMsg = $this->messages['shadow_expireDate'][0];
array_push($errMsg, array($i));
$messages[] = $errMsg;
}
}
}
return $messages;
}
2005-01-29 15:14:13 +00:00
/**
* Loads the values of an account profile into internal variables.
*
* @param array $profile hash array with profile values (identifier => value)
*/
function load_profile($profile) {
// profile mappings in meta data
parent::load_profile($profile);
2009-12-20 14:35:42 +00:00
// add extension
if ($profile['shadowAccount_addExt'][0] == "true") {
if (!in_array('shadowAccount', $this->attributes['objectClass'])) {
$this->attributes['objectClass'][] = 'shadowAccount';
}
}
2005-01-29 15:14:13 +00:00
// expiration date
if (isset($profile['shadowAccount_shadowExpire_day'][0]) && ($profile['shadowAccount_shadowExpire_day'][0] != "")) {
2006-06-29 15:21:44 +00:00
$date = intval(mktime(0, 0, 0, intval($profile['shadowAccount_shadowExpire_mon'][0]),
2006-02-23 08:22:22 +00:00
intval($profile['shadowAccount_shadowExpire_day'][0]), intval($profile['shadowAccount_shadowExpire_yea'][0]))/3600/24);
2005-01-29 15:14:13 +00:00
$this->attributes['shadowExpire'][0] = $date;
}
}
2006-08-14 17:24:27 +00:00
2009-10-09 18:21:12 +00:00
/**
* This method specifies if a module manages password attributes.
* @see passwordService::managesPasswordAttributes
*
* @return boolean true if this module manages password attributes
*/
public function managesPasswordAttributes() {
// only listen to password changes
return false;
}
/**
* This function is called whenever the password should be changed. Account modules
* must change their password attributes only if the modules list contains their module name.
*
* @param String $password new password
* @param $modules list of modules for which the password should be changed
* @return array list of error messages if any as parameter array for StatusMessage
* e.g. return arrray(array('ERROR', 'Password change failed.'))
* @see passwordService::passwordChangeRequested
*/
public function passwordChangeRequested($password, $modules) {
// update password timestamp when Unix password was updated
if (!in_array('posixAccount', $modules)) {
return array();
}
if (in_array_ignore_case('shadowAccount', $this->attributes['objectClass'])) {
$this->attributes['shadowLastChange'][0] = intval(time()/3600/24);
}
2009-10-09 18:21:12 +00:00
return array();
}
}
?>