LDAPAccountManager/lam/lib/modules/account.inc

311 lines
11 KiB
PHP
Raw Normal View History

<?php
/*
$Id$
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
2006-03-03 17:30:35 +00:00
Copyright (C) 2003 - 2006 Tilo Lutz
2013-01-13 14:23:09 +00:00
2005 - 2013 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
2005-07-21 10:33:02 +00:00
/**
* Manages the object class "account" for users and hosts.
*
* @package modules
*
* @author Tilo Lutz
* @author Roland Gruber
* @author Michael Duergner
*/
/**
* Manages the object class "account" for users and hosts.
*
* @package modules
*/
class account extends baseModule {
2004-06-13 19:58:58 +00:00
/**
* Returns meta data that is interpreted by parent class
*
* @return array array with meta data
2008-02-03 14:28:28 +00:00
*
* @see baseModule::get_metaData()
2004-06-13 19:58:58 +00:00
*/
function get_metaData() {
2008-05-15 17:32:59 +00:00
if (isset($_SESSION['loggedIn']) && ($_SESSION['loggedIn'] === true)) {
2005-08-13 16:38:56 +00:00
$modules = $_SESSION['config']->get_AccountModules($this->get_scope());
}
2004-06-13 19:58:58 +00:00
$return = array();
2007-11-19 18:42:03 +00:00
// icon
$return['icon'] = 'uid.png';
2004-06-13 19:58:58 +00:00
// manages host accounts
2004-10-17 09:44:21 +00:00
$return["account_types"] = array("host", "user");
2004-06-14 16:05:36 +00:00
// alias name
$return["alias"] = _('Account');
// this is a base module
$return["is_base"] = true;
// LDAP filter
$return["ldap_filter"] = array('or' => "(objectClass=account)");
// RDN attribute
$return["RDN"] = array("uid" => "low");
2004-06-20 17:32:02 +00:00
// module dependencies
$return['dependencies'] = array('depends' => array(), 'conflicts' => array());
// managed object classes
$return['objectClasses'] = array('account');
2006-05-01 16:18:16 +00:00
// LDAP aliases
$return['LDAPaliases'] = array('userid' => 'uid');
2006-05-13 08:55:31 +00:00
// managed attributes
$return['attributes'] = array('uid', 'description');
// available PDF fields
2004-10-30 16:46:06 +00:00
$return['PDF_fields'] = array(
2010-04-05 12:38:23 +00:00
'description' => _('Description')
2004-10-30 16:46:06 +00:00
);
2008-05-15 17:32:59 +00:00
if (isset($_SESSION['loggedIn']) && ($_SESSION['loggedIn'] === true) && !in_array('posixAccount', $modules)) {
2010-04-05 12:38:23 +00:00
$return['PDF_fields']['uid'] = _('User name');
}
// help Entries
2004-10-30 16:46:06 +00:00
$return['help'] = array (
'host' => array(
2007-01-03 16:29:25 +00:00
'uid' => array(
2012-02-04 15:56:31 +00:00
"Headline" => _("Host name"), 'attr' => 'uid',
"Text" => _("Host name of the host which should be created. Valid characters are: a-z,A-Z,0-9, .-_$. Host names are always ending with $. If last character is not $ it will be added. If host name is already used host name will be expanded with a number. The next free number will be used.")
2007-01-03 16:29:25 +00:00
),
2004-10-30 16:46:06 +00:00
'description' => array (
2012-02-04 15:56:31 +00:00
"Headline" => _("Description"), 'attr' => 'description',
2004-10-30 16:46:06 +00:00
"Text" => _("Host description. If left empty host name will be used.")
)
2007-01-03 16:29:25 +00:00
),
'user' => array(
'uid' => array(
2012-02-04 15:56:31 +00:00
"Headline" => _("User name"), 'attr' => 'uid',
2012-02-18 13:48:08 +00:00
"Text" => _("User name of the user who should be created. Valid characters are: a-z,A-Z,0-9, @.-_.")
2007-01-03 16:29:25 +00:00
),
'description' => array (
2012-02-04 15:56:31 +00:00
"Headline" => _("Description"), 'attr' => 'description',
2007-01-03 16:29:25 +00:00
"Text" => _("User description. If left empty user name will be used.")
)
2004-10-30 16:46:06 +00:00
)
);
2004-11-05 16:53:38 +00:00
// upload columns
$return['upload_columns'][] = array(
'name' => 'account_description',
'description' => _('Description'),
2010-12-05 13:29:53 +00:00
'help' => 'description',
'example' => ''
);
2004-06-13 19:58:58 +00:00
return $return;
}
/**
* This function fills the message array.
*/
2004-09-28 16:46:53 +00:00
function load_Messages() {
$this->messages['uid'][0] = array('ERROR', _('User name'), _('User name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
$this->messages['uid'][1] = array('ERROR', _('Account %s:') . ' posixAccount_userName', _('User name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
2013-01-13 14:23:09 +00:00
$this->messages['uid'][2] = array('WARN', _('User name'), _('You are using capital letters. This can cause problems because Windows is not case-sensitive.'));
$this->messages['uid'][3] = array('ERROR', _('User name'), _('User name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
2004-09-28 16:46:53 +00:00
}
/**
* This functions returns true if all needed settings are done.
*
* @return boolean true if LDAP operation can be done
*/
function module_complete() {
2005-08-26 08:53:16 +00:00
$modules = $_SESSION['config']->get_AccountModules($this->get_scope());
if (!in_array('posixAccount', $modules) && $this->attributes['uid'][0] == '') return false;
return true;
2006-08-13 12:58:19 +00:00
}
2005-08-26 08:53:16 +00:00
/**
* Controls if the module button the account page is visible and activated.
*
* @return string status ("enabled", "disabled", "hidden")
*/
function getButtonStatus() {
2007-10-03 18:02:10 +00:00
if (!$this->getAccountContainer()->isNewAccount) {
2005-08-26 08:53:16 +00:00
// check if account is based on our object class
2007-10-03 18:02:10 +00:00
$objectClasses = $this->getAccountContainer()->attributes_orig['objectClass'];
2005-08-26 08:53:16 +00:00
if (is_array($objectClasses) && !in_array('account', $objectClasses)) {
return "disabled";
}
}
return "enabled";
}
2007-11-03 13:47:59 +00:00
/**
* Returns a list of modifications which have to be made to the LDAP account.
*
* @return array list of modifications
* <br>This function returns an array with 3 entries:
* <br>array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* <br>DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
* <br>"add" are attributes which have to be added to LDAP entry
* <br>"remove" are attributes which have to be removed from LDAP entry
* <br>"modify" are attributes which have to been modified in LDAP entry
2011-02-26 13:14:10 +00:00
* <br>"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
2005-08-26 08:53:16 +00:00
// skip saving if account is based on another structural object class
2007-10-03 18:02:10 +00:00
if (!$this->getAccountContainer()->isNewAccount && !in_array('account', $this->getAccountContainer()->attributes_orig['objectClass'])) {
2005-08-26 08:53:16 +00:00
return array();
}
// Get easy attributes
2007-10-03 18:02:10 +00:00
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
// Return attributes
return $return;
2005-08-26 08:53:16 +00:00
}
/**
* Processes user input of the primary module page.
* It checks if all input values are correct and updates the associated LDAP attributes.
*
* @return array list of info/error messages
*/
2006-08-13 12:58:19 +00:00
function process_attributes() {
2006-05-16 15:24:53 +00:00
$errors = array();
2003-12-30 15:36:30 +00:00
// Load attributes
2006-08-13 12:58:19 +00:00
$this->attributes['description'][0] = $_POST['description'];
2005-08-26 08:53:16 +00:00
// user name if no posixAccount
$modules = $_SESSION['config']->get_AccountModules($this->get_scope());
if (!in_array('posixAccount', $modules)) {
2006-08-13 12:58:19 +00:00
$this->attributes['uid'][0] = $_POST['uid'];
2006-08-16 17:42:35 +00:00
if (!get_preg($this->attributes['uid'][0], '!upper')) $errors[] = $this->messages['uid'][2];
if (!get_preg($this->attributes['uid'][0], 'username')) $errors[] = $this->messages['uid'][3];
}
2006-05-16 15:24:53 +00:00
return $errors;
2005-08-26 08:53:16 +00:00
}
2007-11-03 13:47:59 +00:00
/**
2007-11-03 14:17:19 +00:00
* Returns the HTML meta data for the main account page.
*
2010-06-29 17:17:36 +00:00
* @return htmlElement HTML meta data
2007-11-03 14:17:19 +00:00
*/
2006-08-13 12:58:19 +00:00
function display_html_attributes() {
2010-06-29 17:17:36 +00:00
$container = new htmlTable();
// user name if no posixAccount
$modules = $_SESSION['config']->get_AccountModules($this->get_scope());
if (!in_array('posixAccount', $modules)) {
2010-06-29 17:17:36 +00:00
$uid = null;
if (isset($this->attributes['uid'][0])) {
$uid = $this->attributes['uid'][0];
}
$title = _('User name');
if ($this->get_scope()=='host') {
$title = _('Host name');
}
$uidElement = new htmlTableExtendedInputField($title, 'uid', $uid, 'uid');
$uidElement->setRequired(true);
$uidElement->setFieldMaxLength(20);
$container->addElement($uidElement, true);
}
// description
2010-06-29 17:17:36 +00:00
$description = '';
if (isset($this->attributes['description'][0])) {
$description = $this->attributes['description'][0];
}
$container->addElement(new htmlTableExtendedInputField(_('Description'), 'description', $description, 'description'));
return $container;
}
/**
* Returns the PDF entries for this module.
2006-08-13 12:58:19 +00:00
*
* @return array list of possible PDF entries
*/
function get_pdfEntries() {
$return = array();
$description = '';
if (isset($this->attributes['description'][0])) {
$description = $this->attributes['description'][0];
}
$return['account_description'] = array('<block><key>' . _('Description') . '</key><value>' . $description . '</value></block>');
$return['account_uid'] = array('<block><key>' . _('User name') . '</key><value>' . $this->attributes['uid'][0] . '</value></block>');
return $return;
}
2004-03-14 17:33:05 +00:00
/**
* Returns an array containing all input columns for the file upload.
*
* Syntax:
* <br> array(
* <br> string: name, // fixed non-translated name which is used as column name (should be of format: <module name>_<column name>)
* <br> string: description, // short descriptive name
* <br> string: help, // help ID
* <br> string: example, // example value
* <br> boolean: required // true, if user must set a value for this column
* <br> )
*
* @param array $selectedModules list of selected account modules
* @return array column list
*/
function get_uploadColumns($selectedModules) {
$return = parent::get_uploadColumns($selectedModules);
if (!in_array('posixAccount', $selectedModules)) {
$return[] = array(
'name' => 'account_uid',
'description' => _('User name'),
'help' => 'uid',
'required' => true
);
}
return $return;
}
2004-11-05 16:53:38 +00:00
/**
* In this function the LDAP account is built up.
*
* @param array $rawAccounts list of hash arrays (name => value) from user input
* @param array $ids list of IDs for column position (e.g. "posixAccount_uid" => 5)
2012-07-15 12:05:47 +00:00
* @param array $partialAccounts list of hash arrays (name => value) which are later added to LDAP
* @param array $selectedModules list of selected account modules
2004-11-05 16:53:38 +00:00
* @return array list of error messages if any
*/
function build_uploadAccounts($rawAccounts, $ids, &$partialAccounts, $selectedModules) {
2004-11-05 16:53:38 +00:00
$messages = array();
for ($i = 0; $i < sizeof($rawAccounts); $i++) {
// add object class
if (!in_array("account", $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = "account";
// description
if ($rawAccounts[$i][$ids['account_description']] && ($rawAccounts[$i][$ids['account_description']] != '')) {
$partialAccounts[$i]['description'] = $rawAccounts[$i][$ids['account_description']];
}
2012-01-15 14:14:09 +00:00
elseif (isset($ids['account_uid']) && isset($rawAccounts[$i][$ids['account_uid']])) {
$partialAccounts[$i]['description'] = $rawAccounts[$i][$ids['account_uid']];
}
elseif (isset($partialAccounts[$i]['uid'])) {
$partialAccounts[$i]['description'] = $partialAccounts[$i]['uid'];
}
if (!in_array('posixAccount', $selectedModules)) {
2004-11-05 16:53:38 +00:00
// user name
if (get_preg($rawAccounts[$i][$ids['account_uid']], 'username')) {
$partialAccounts[$i]['uid'] = $rawAccounts[$i][$ids['account_uid']];
}
else {
$errMsg = $this->messages['uid'][1];
2004-11-05 16:53:38 +00:00
array_push($errMsg, array($i));
2006-05-16 15:24:53 +00:00
$messages[] = $errMsg;
2004-11-05 16:53:38 +00:00
}
}
}
return $messages;
}
}
?>