2003-12-27 11:21:00 +00:00
< ? php
/*
$Id $
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager ( http :// www . ldap - account - manager . org / )
2006-03-03 17:30:35 +00:00
Copyright ( C ) 2003 - 2006 Tilo Lutz
2012-01-15 19:34:14 +00:00
2007 - 2012 Roland Gruber
2004-09-15 19:52:29 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
2003-12-27 11:21:00 +00:00
*/
2004-09-15 19:52:29 +00:00
2005-07-21 10:33:02 +00:00
/**
* Manages Unix accounts for groups .
*
* @ package modules
*
* @ author Tilo Lutz
* @ author Roland Gruber
* @ author Michael Duergner
*/
/**
* Manages the object class " posixGroup " for groups.
*
* @ package modules
*/
2009-10-10 12:38:52 +00:00
class posixGroup extends baseModule implements passwordService {
2004-06-08 18:54:37 +00:00
2006-09-03 13:02:42 +00:00
/** change GIDs of users and hosts? */
2007-10-13 17:28:37 +00:00
private $changegids ;
2008-12-17 18:44:37 +00:00
/** specifies if the cn attribute should be managed by this module */
protected $manageCnAttribute = true ;
2008-12-17 20:30:56 +00:00
/** specifies if the description attribute should be managed by this module */
protected $manageDescriptionAttribute = true ;
2010-11-21 19:00:33 +00:00
/** cache for existing GID numbers */
private $cachedGIDList = null ;
/** cache for existing users and their GIDs */
private $cachedUserToGIDList = null ;
2008-12-17 20:30:56 +00:00
2004-09-21 11:14:22 +00:00
/**
* In this function the LDAP account is built up .
*
* @ param array $rawAccounts list of hash arrays ( name => value ) from user input
* @ param array $ids list of IDs for column position ( e . g . " posixAccount_uid " => 5 )
2012-07-15 12:05:47 +00:00
* @ param array $partialAccounts list of hash arrays ( name => value ) which are later added to LDAP
2010-02-15 20:21:44 +00:00
* @ param array $selectedModules list of selected account modules
2004-09-21 11:14:22 +00:00
* @ return array list of error messages if any
*/
2010-02-15 20:21:44 +00:00
function build_uploadAccounts ( $rawAccounts , $ids , & $partialAccounts , $selectedModules ) {
2005-03-25 12:38:36 +00:00
$error_messages = array ();
$needAutoGID = array ();
2004-09-21 11:14:22 +00:00
for ( $i = 0 ; $i < sizeof ( $rawAccounts ); $i ++ ) {
2004-09-21 18:32:44 +00:00
if ( ! in_array ( " posixGroup " , $partialAccounts [ $i ][ 'objectClass' ])) $partialAccounts [ $i ][ 'objectClass' ][] = " posixGroup " ;
2008-12-17 18:44:37 +00:00
if ( $this -> manageCnAttribute ) {
// group name
if ( get_preg ( $rawAccounts [ $i ][ $ids [ 'posixGroup_cn' ]], 'groupname' )) {
$partialAccounts [ $i ][ 'cn' ] = $rawAccounts [ $i ][ $ids [ 'posixGroup_cn' ]];
}
else {
$errMsg = $this -> messages [ 'cn' ][ 3 ];
array_push ( $errMsg , array ( $i ));
$error_messages [] = $errMsg ;
}
2004-09-26 17:39:27 +00:00
}
// GID
2004-09-21 11:14:22 +00:00
if ( $rawAccounts [ $i ][ $ids [ 'posixGroup_gid' ]] == " " ) {
2005-03-25 12:38:36 +00:00
// autoGID
$needAutoGID [] = $i ;
2004-09-21 11:14:22 +00:00
}
2004-09-26 17:39:27 +00:00
elseif ( get_preg ( $rawAccounts [ $i ][ $ids [ 'posixGroup_gid' ]], 'digit' )) {
2004-09-21 11:14:22 +00:00
$partialAccounts [ $i ][ 'gidNumber' ] = $rawAccounts [ $i ][ $ids [ 'posixGroup_gid' ]];
}
2004-10-09 11:09:53 +00:00
else {
$errMsg = $this -> messages [ 'gidNumber' ][ 8 ];
array_push ( $errMsg , array ( $i ));
2005-03-25 12:38:36 +00:00
$error_messages [] = $errMsg ;
2004-10-09 11:09:53 +00:00
}
2008-12-17 20:30:56 +00:00
if ( $this -> manageDescriptionAttribute ) {
// description (UTF-8, no regex check needed)
if ( $rawAccounts [ $i ][ $ids [ 'posixGroup_description' ]] == " " ) {
$partialAccounts [ $i ][ 'description' ] = $partialAccounts [ $i ][ 'cn' ];
}
else {
$partialAccounts [ $i ][ 'description' ] = $rawAccounts [ $i ][ $ids [ 'posixGroup_description' ]];
}
2004-09-21 11:14:22 +00:00
}
2004-09-26 17:39:27 +00:00
// group members
2004-09-21 11:14:22 +00:00
if ( $rawAccounts [ $i ][ $ids [ 'posixGroup_members' ]] != " " ) {
2004-09-26 17:39:27 +00:00
if ( get_preg ( $rawAccounts [ $i ][ $ids [ 'posixGroup_members' ]], 'usernameList' )) {
2004-09-21 11:14:22 +00:00
$partialAccounts [ $i ][ 'memberUid' ] = explode ( " , " , $rawAccounts [ $i ][ $ids [ 'posixGroup_members' ]]);
}
else {
2004-10-03 18:06:57 +00:00
$errMsg = $this -> messages [ 'memberUID' ][ 0 ];
array_push ( $errMsg , $i );
2005-03-25 12:38:36 +00:00
$error_messages [] = $errMsg ;
2004-09-21 11:14:22 +00:00
}
}
2004-09-26 17:39:27 +00:00
// password
2004-09-21 11:14:22 +00:00
if ( $rawAccounts [ $i ][ $ids [ 'posixGroup_password' ]] != " " ) {
2004-09-26 17:39:27 +00:00
if ( get_preg ( $rawAccounts [ $i ][ $ids [ 'posixGroup_password' ]], 'password' )) {
2006-03-06 17:09:17 +00:00
$partialAccounts [ $i ][ 'userPassword' ] = pwd_hash ( $rawAccounts [ $i ][ $ids [ 'posixGroup_password' ]], true , $this -> moduleSettings [ 'posixAccount_pwdHash' ][ 0 ]);
2004-09-21 11:14:22 +00:00
}
else {
2005-03-25 12:38:36 +00:00
$error_messages [] = $this -> messages [ 'userPassword' ][ 1 ];
2004-09-21 11:14:22 +00:00
}
}
}
2005-03-25 12:38:36 +00:00
// fill in autoGIDs
if ( sizeof ( $needAutoGID ) > 0 ) {
2005-03-25 12:54:04 +00:00
$errorsTemp = array ();
$gids = $this -> getNextGIDs ( sizeof ( $needAutoGID ), $errorsTemp );
2005-03-25 12:38:36 +00:00
if ( is_array ( $gids )) {
for ( $i = 0 ; $i < sizeof ( $needAutoGID ); $i ++ ) {
$partialAccounts [ $i ][ 'gidNumber' ] = $gids [ $i ];
}
}
else {
$error_messages [] = $this -> messages [ 'gidNumber' ][ 2 ];
}
}
return $error_messages ;
2004-09-21 11:14:22 +00:00
}
2007-11-03 14:17:19 +00:00
/**
* Checks if the group which should be deleted is still used as primary group .
*
* @ return List of LDAP operations , same as for save_attributes ()
*/
2006-08-13 12:58:19 +00:00
function delete_attributes () {
2010-11-21 19:00:33 +00:00
$return = array ();
2011-11-16 17:38:59 +00:00
$result = searchLDAPByFilter ( '(&(objectClass=posixAccount)(gidNumber=' . $this -> attributes [ 'gidNumber' ][ 0 ] . '))' , array ( 'dn' ), array ( 'user' , 'host' ));
2010-11-21 19:00:33 +00:00
if ( sizeof ( $result ) > 0 ) {
2011-11-15 19:15:10 +00:00
$max = 5 ;
if ( sizeof ( $result ) < 5 ) {
$max = sizeof ( $result );
}
$users = array ();
for ( $i = 0 ; $i < $max ; $i ++ ) {
$users [] = getAbstractDN ( $result [ $i ][ 'dn' ]);
}
$message = $this -> messages [ 'primaryGroup' ][ 0 ];
$message [] = implode ( ', ' , $users );
$return [ $this -> getAccountContainer () -> dn_orig ][ 'errors' ][] = $message ;
2005-07-30 09:01:56 +00:00
}
2004-09-21 11:14:22 +00:00
return $return ;
}
2007-11-03 14:17:19 +00:00
/**
* Returns the HTML meta data for the main account page .
*
* @ return array HTML meta data
2008-02-03 14:28:28 +00:00
*
* @ see baseModule :: get_metaData ()
2007-11-03 14:17:19 +00:00
*/
2006-08-13 12:58:19 +00:00
function display_html_attributes () {
2010-09-26 11:12:59 +00:00
$return = new htmlTable ();
// group name
2008-12-17 18:44:37 +00:00
if ( $this -> manageCnAttribute ) {
2010-09-26 11:12:59 +00:00
$cn = '' ;
if ( isset ( $this -> attributes [ 'cn' ][ 0 ])) {
$cn = $this -> attributes [ 'cn' ][ 0 ];
}
$cnInput = new htmlTableExtendedInputField ( _ ( " Group name " ), 'cn' , $cn , 'cn' );
$cnInput -> setRequired ( true );
$cnInput -> setFieldMaxLength ( 30 );
$return -> addElement ( $cnInput , true );
}
// GID number
$gidNumber = '' ;
if ( isset ( $this -> attributes [ 'gidNumber' ][ 0 ])) {
$gidNumber = $this -> attributes [ 'gidNumber' ][ 0 ];
}
$gidNumberInput = new htmlTableExtendedInputField ( _ ( 'GID number' ), 'gidNumber' , $gidNumber , 'gidNumber' );
$gidNumberInput -> setFieldMaxLength ( 20 );
2011-10-19 17:57:57 +00:00
$gidNumberInput -> setValidationRule ( htmlElement :: VALIDATE_NUMERIC );
2010-09-26 11:12:59 +00:00
$return -> addElement ( $gidNumberInput , true );
// description
$description = '' ;
if ( isset ( $this -> attributes [ 'description' ][ 0 ])) {
$description = $this -> attributes [ 'description' ][ 0 ];
2008-12-17 18:44:37 +00:00
}
2008-12-17 20:30:56 +00:00
if ( $this -> manageDescriptionAttribute ) {
2010-09-26 11:12:59 +00:00
$return -> addElement ( new htmlTableExtendedInputField ( _ ( 'Description' ), 'description' , $description , 'description' ), true );
2008-12-17 20:30:56 +00:00
}
2010-09-26 11:12:59 +00:00
// group members
$return -> addElement ( new htmlOutputText ( _ ( " Group members " )));
$return -> addElement ( new htmlAccountPageButton ( get_class ( $this ), 'user' , 'open' , _ ( 'Edit members' )));
$return -> addElement ( new htmlHelpLink ( 'members' ), true );
// password buttons
2010-10-16 12:39:26 +00:00
if ( checkIfWriteAccessIsAllowed () && isset ( $this -> attributes [ 'userPassword' ][ 0 ])) {
2010-09-26 11:12:59 +00:00
$return -> addElement ( new htmlOutputText ( _ ( 'Password' )));
$pwdContainer = new htmlTable ();
2006-09-03 13:02:42 +00:00
if ( pwd_is_enabled ( $this -> attributes [ 'userPassword' ][ 0 ])) {
2010-09-26 11:12:59 +00:00
$pwdContainer -> addElement ( new htmlButton ( 'lockPassword' , _ ( 'Lock password' )));
2006-09-03 13:02:42 +00:00
}
else {
2010-09-26 11:12:59 +00:00
$pwdContainer -> addElement ( new htmlButton ( 'unlockPassword' , _ ( 'Unlock password' )));
2006-09-03 13:02:42 +00:00
}
2010-09-26 11:12:59 +00:00
$pwdContainer -> addElement ( new htmlButton ( 'removePassword' , _ ( 'Remove password' )));
$pwdContainer -> colspan = 2 ;
$return -> addElement ( $pwdContainer , true );
}
if ( isset ( $this -> orig [ 'gidNumber' ][ 0 ]) && $this -> attributes [ 'gidNumber' ][ 0 ] != $this -> orig [ 'gidNumber' ][ 0 ]) {
$return -> addElement ( new htmlTableExtendedInputCheckbox ( 'changegids' , $this -> changegids , _ ( 'Change GID number of users and hosts' ), 'changegids' ));
2005-05-03 14:46:06 +00:00
}
2004-09-21 11:14:22 +00:00
return $return ;
}
2005-04-22 13:33:34 +00:00
/**
* Displays selections to add or remove users from current group .
*
* @ return array meta HTML output
*/
2006-08-13 12:58:19 +00:00
function display_html_user () {
2010-09-26 11:12:59 +00:00
$return = new htmlTable ();
2010-11-21 19:00:33 +00:00
if ( ! isset ( $this -> attributes [ 'memberUid' ])) {
$this -> attributes [ 'memberUid' ] = array ();
}
2010-09-26 11:12:59 +00:00
// load list with all users
2010-11-21 19:00:33 +00:00
$userAndGIDs = $this -> getUserAndGIDs ();
2005-05-05 13:07:34 +00:00
$users = array ();
2010-11-21 19:00:33 +00:00
foreach ( $userAndGIDs as $user => $GID ) {
if ( ! in_array ( $user , $this -> attributes [ 'memberUid' ])) {
if ( $this -> attributes [ 'gidNumber' ][ 0 ] == $GID ) {
if ( isset ( $this -> moduleSettings [ 'posixAccount_primaryGroupAsSecondary' ][ 0 ])
&& ( $this -> moduleSettings [ 'posixAccount_primaryGroupAsSecondary' ][ 0 ] == 'true' )) {
$users [] = $user ;
}
}
else {
$users [] = $user ;
2004-09-21 11:14:22 +00:00
}
}
2008-03-15 19:12:19 +00:00
}
2010-09-26 11:12:59 +00:00
$return -> addElement ( new htmlSubTitle ( _ ( " Group members " )), true );
$return -> addElement ( new htmlOutputText ( _ ( " Selected users " )));
$return -> addElement ( new htmlOutputText ( '' ));
$return -> addElement ( new htmlOutputText ( _ ( " Available users " )));
$return -> addNewLine ();
$remGroups = array ();
if ( isset ( $this -> attributes [ 'memberUid' ])) {
$remGroups = $this -> attributes [ 'memberUid' ];
}
$remSelect = new htmlSelect ( 'removeusers' , $remGroups , null , 15 );
$remSelect -> setMultiSelect ( true );
2010-11-21 19:00:33 +00:00
$remSelect -> setTransformSingleSelect ( false );
2010-09-26 11:12:59 +00:00
$return -> addElement ( $remSelect );
$buttonContainer = new htmlTable ();
$buttonContainer -> addElement ( new htmlButton ( 'addusers_button' , 'back.gif' , true ), true );
$buttonContainer -> addElement ( new htmlButton ( 'removeusers_button' , 'forward.gif' , true ), true );
$buttonContainer -> addElement ( new htmlHelpLink ( 'members' ));
$return -> addElement ( $buttonContainer );
$addSelect = new htmlSelect ( 'addusers' , $users , null , 15 );
$addSelect -> setMultiSelect ( true );
2010-11-21 19:00:33 +00:00
$addSelect -> setTransformSingleSelect ( false );
2010-09-26 11:12:59 +00:00
$return -> addElement ( $addSelect );
$return -> addNewLine ();
2004-09-21 11:14:22 +00:00
2010-09-26 11:12:59 +00:00
// back button
$return -> addElement ( new htmlSpacer ( null , '10px' ), true );
$return -> addElement ( new htmlAccountPageButton ( get_class ( $this ), 'attributes' , 'back' , _ ( 'Back' )));
return $return ;
2004-09-21 11:14:22 +00:00
}
2004-06-08 18:54:37 +00:00
/**
* Returns meta data that is interpreted by parent class
*
* @ return array array with meta data
*/
function get_metaData () {
$return = array ();
2007-11-19 18:42:03 +00:00
// icon
$return [ 'icon' ] = 'tux.png' ;
2004-06-13 19:58:58 +00:00
// manages group accounts
$return [ " account_types " ] = array ( " group " );
2004-06-08 18:54:37 +00:00
if ( $this -> get_scope () == " group " ) {
2004-06-11 15:44:49 +00:00
// this is a base module
2004-06-08 18:54:37 +00:00
$return [ " is_base " ] = true ;
2004-06-11 15:44:49 +00:00
// LDAP filter
$return [ " ldap_filter " ] = array ( 'or' => " (objectClass=posixGroup) " );
2004-06-08 18:54:37 +00:00
}
2004-06-14 16:05:36 +00:00
// alias name
$return [ " alias " ] = _ ( 'Unix' );
2004-10-06 18:17:22 +00:00
// RDN attribute
$return [ " RDN " ] = array ( " cn " => " normal " );
2004-06-20 17:32:02 +00:00
// module dependencies
2005-01-10 10:41:38 +00:00
$return [ 'dependencies' ] = array ( 'depends' => array (), 'conflicts' => array ());
2006-04-05 15:48:27 +00:00
// managed object classes
$return [ 'objectClasses' ] = array ( 'posixGroup' );
2006-05-01 16:13:10 +00:00
// LDAP aliases
$return [ 'LDAPaliases' ] = array ( 'commonName' => 'cn' );
2006-05-13 08:55:31 +00:00
// managed attributes
$return [ 'attributes' ] = array ( 'cn' , 'gidNumber' , 'userPassword' , 'memberUid' , 'description' );
2004-07-26 15:15:30 +00:00
// configuration options
2010-09-26 11:12:59 +00:00
$configContainer = new htmlTable ();
$configContainer -> addElement ( new htmlSubTitle ( _ ( " Groups " )), true );
$minGidInput = new htmlTableExtendedInputField ( _ ( 'Minimum GID number' ), 'posixGroup_minGID' , null , 'minMaxGID' );
$minGidInput -> setRequired ( true );
$configContainer -> addElement ( $minGidInput , true );
$maxGidInput = new htmlTableExtendedInputField ( _ ( 'Maximum GID number' ), 'posixGroup_maxGID' , null , 'minMaxGID' );
$maxGidInput -> setRequired ( true );
$configContainer -> addElement ( $maxGidInput , true );
$return [ 'config_options' ][ 'group' ] = $configContainer ;
2004-07-26 15:15:30 +00:00
// configuration checks
2004-09-26 14:51:18 +00:00
$return [ 'config_checks' ][ 'group' ][ 'posixGroup_minGID' ] = array (
'type' => 'ext_preg' ,
'regex' => 'digit' ,
'required' => true ,
2004-09-26 14:56:34 +00:00
'required_message' => $this -> messages [ 'gidNumber' ][ 5 ],
'error_message' => $this -> messages [ 'gidNumber' ][ 5 ]);
2004-09-26 14:51:18 +00:00
$return [ 'config_checks' ][ 'group' ][ 'posixGroup_maxGID' ] = array (
'type' => 'ext_preg' ,
'regex' => 'digit' ,
'required' => true ,
2004-09-26 14:56:34 +00:00
'required_message' => $this -> messages [ 'gidNumber' ][ 6 ],
'error_message' => $this -> messages [ 'gidNumber' ][ 6 ]);
2004-09-26 14:51:18 +00:00
$return [ 'config_checks' ][ 'group' ][ 'cmpGID' ] = array (
'type' => 'int_greater' ,
'cmp_name1' => 'posixGroup_maxGID' ,
'cmp_name2' => 'posixGroup_minGID' ,
2004-09-26 14:56:34 +00:00
'error_message' => $this -> messages [ 'gidNumber' ][ 7 ]);
2004-08-17 15:16:17 +00:00
// available PDF fields
2004-10-30 16:46:06 +00:00
$return [ 'PDF_fields' ] = array (
2010-04-05 12:38:23 +00:00
'gidNumber' => _ ( 'GID number' ),
'memberUid' => _ ( 'Group members' )
2004-10-30 16:46:06 +00:00
);
2008-12-17 18:44:37 +00:00
if ( $this -> manageCnAttribute ) {
2010-04-05 12:38:23 +00:00
$return [ 'PDF_fields' ][ 'cn' ] = _ ( 'Group name' );
2008-12-17 18:44:37 +00:00
}
2008-12-17 20:30:56 +00:00
if ( $this -> manageDescriptionAttribute ) {
2010-04-05 12:38:23 +00:00
$return [ 'PDF_fields' ][ 'description' ] = _ ( 'Description' );
2008-12-17 20:30:56 +00:00
}
2004-08-28 11:53:40 +00:00
// upload fields
$return [ 'upload_columns' ] = array (
2004-09-15 19:52:29 +00:00
array (
2004-11-14 13:50:57 +00:00
'name' => 'posixGroup_gid' ,
'description' => _ ( 'GID number' ),
'help' => 'gidNumber' ,
'example' => '2034'
2004-09-15 19:52:29 +00:00
),
array (
2004-11-14 13:50:57 +00:00
'name' => 'posixGroup_members' ,
'description' => _ ( 'Group members' ),
'help' => 'upload_members' ,
'example' => _ ( 'user01,user02,user03' )
2004-09-15 19:52:29 +00:00
),
array (
2004-11-14 13:50:57 +00:00
'name' => 'posixGroup_password' ,
'description' => _ ( 'Group password' ),
'help' => 'password' ,
'example' => _ ( 'secret' )
2004-09-15 19:52:29 +00:00
)
2004-08-28 11:53:40 +00:00
);
2008-12-17 18:44:37 +00:00
if ( $this -> manageCnAttribute ) {
array_unshift ( $return [ 'upload_columns' ],
array (
'name' => 'posixGroup_cn' ,
'description' => _ ( 'Group name' ),
'help' => 'cn' ,
'example' => _ ( 'adminstrators' ),
'required' => true ,
'unique' => true
)
);
}
2008-12-17 20:30:56 +00:00
if ( $this -> manageDescriptionAttribute ) {
array_unshift ( $return [ 'upload_columns' ],
array (
'name' => 'posixGroup_description' ,
'description' => _ ( 'Group description' ),
'help' => 'description' ,
'example' => _ ( 'Administrators group' )
)
);
}
2004-09-08 17:39:06 +00:00
// help Entries
2004-09-26 10:58:36 +00:00
$return [ 'help' ] = array (
2004-10-30 16:46:06 +00:00
'gidNumber' => array (
2012-02-04 15:56:31 +00:00
" Headline " => _ ( " GID number " ), 'attr' => 'gidNumber' ,
2004-10-30 16:46:06 +00:00
" Text " => _ ( " If empty GID number will be generated automaticly depending on your configuration settings. " )
),
'description' => array (
2012-02-04 15:56:31 +00:00
" Headline " => _ ( " Description " ), 'attr' => 'description' ,
2004-10-30 16:46:06 +00:00
" Text " => _ ( " Group description. If left empty group name will be used. " )
),
'members' => array (
2012-02-04 15:56:31 +00:00
" Headline " => _ ( " Group members " ), 'attr' => 'memberUid' ,
2006-03-04 12:30:20 +00:00
" Text " => _ ( " Users who are member of the current group. Users who have set their primary group to this group will not be shown. " )
2004-10-30 16:46:06 +00:00
),
'upload_members' => array (
2012-02-04 15:56:31 +00:00
" Headline " => _ ( " Group members " ), 'attr' => 'memberUid' ,
2004-11-07 13:25:48 +00:00
" Text " => _ ( " Users who will become member of the current group. User names are separated by semicolons. " )
2004-10-30 16:46:06 +00:00
),
'password' => array (
2012-02-04 15:56:31 +00:00
" Headline " => _ ( " Group password " ), 'attr' => 'userPassword' ,
2004-10-30 16:46:06 +00:00
" Text " => _ ( " Sets the group password. " )
),
'minMaxGID' => array (
" Headline " => _ ( " GID number " ),
" Text " => _ ( " These are the minimum and maximum numbers to use for group IDs when creating new group accounts. New group accounts will always get the highest number in use plus one. " )
),
'pwdHash' => array (
" Headline " => _ ( " Password hash type " ),
" Text " => _ ( " LAM supports CRYPT, SHA, SSHA, MD5 and SMD5 to generate the hash value of passwords. SSHA and CRYPT are the most common but CRYPT does not support passwords greater than 8 letters. We do not recommend to use plain text passwords. " )
2008-12-17 20:30:56 +00:00
),
'cn' => array (
2012-02-04 15:56:31 +00:00
" Headline " => _ ( " Group name " ), 'attr' => 'cn' ,
2009-11-24 16:03:07 +00:00
" Text " => _ ( " Group name of the group which should be created. Valid characters are: a-z, A-Z, 0-9 and .-_ . If group name is already used group name will be expanded with a number. The next free number will be used. " )
2010-11-21 19:00:33 +00:00
),
'changegids' => array (
" Headline " => _ ( " Change GID number of users and hosts " ),
" Text " => _ ( " The ID of this group was changed. You can update all user and host entries to the new group ID. " )
2008-12-17 20:30:56 +00:00
)
);
2004-09-15 19:52:29 +00:00
2004-06-08 18:54:37 +00:00
return $return ;
}
2004-09-21 11:14:22 +00:00
2006-03-06 17:09:17 +00:00
/**
* Returns a list of elements for the configuration .
*
* @ param array $scopes account types ( user , group , host )
* @ param array $allScopes list of all modules and active scopes
* @ return array configuration elements
*/
function get_configOptions ( $scopes , $allScopes ) {
$return = parent :: get_configOptions ( $scopes , $allScopes );
// display password hash option only if posixAccount module is not used
2010-09-26 11:12:59 +00:00
if ( ! isset ( $allScopes [ 'posixAccount' ])) {
$return [ 0 ] -> addElement ( new htmlTableExtendedSelect ( 'posixAccount_pwdHash' , array ( " CRYPT " , " SHA " , " SSHA " , " MD5 " , " SMD5 " , " PLAIN " ), array ( 'SSHA' ), _ ( " Password hash type " ), 'pwdHash' ));
}
2006-03-06 17:09:17 +00:00
return $return ;
}
2005-10-09 18:05:32 +00:00
/**
* Returns the PDF entries for this module .
2006-08-13 12:58:19 +00:00
*
2005-10-09 18:05:32 +00:00
* @ return array list of possible PDF entries
2004-09-21 11:14:22 +00:00
*/
2005-10-09 18:05:32 +00:00
function get_pdfEntries () {
2010-09-06 17:39:34 +00:00
$members = '' ;
if ( isset ( $this -> attributes [ 'memberUid' ][ 0 ])) {
$members = implode ( ', ' , $this -> attributes [ 'memberUid' ]);
}
2005-07-15 13:34:29 +00:00
return array (
2010-09-06 17:39:34 +00:00
get_class ( $this ) . '_cn' => array ( '<block><key>' . _ ( 'Group name' ) . '</key><value>' . $this -> attributes [ 'cn' ][ 0 ] . '</value></block>' ),
get_class ( $this ) . '_gidNumber' => array ( '<block><key>' . _ ( 'GID number' ) . '</key><value>' . $this -> attributes [ 'gidNumber' ][ 0 ] . '</value></block>' ),
get_class ( $this ) . '_memberUid' => array ( '<block><key>' . _ ( 'Group members' ) . '</key><value>' . $members . '</value></block>' ),
get_class ( $this ) . '_description' => array ( '<block><key>' . _ ( 'Description' ) . '</key><value>' . $this -> attributes [ 'description' ][ 0 ] . '</value></block>' )
);
2004-09-21 11:14:22 +00:00
}
2012-07-15 12:05:47 +00:00
/**
* This functin will be called when the module will be loaded
*
* @ param String $base the name of the { @ link accountContainer } object ( $_SESSION [ $base ])
*/
2004-06-08 18:54:37 +00:00
function init ( $base ) {
2004-09-01 20:53:06 +00:00
// call parent init
parent :: init ( $base );
2003-12-27 11:21:00 +00:00
$this -> changegids = false ;
2004-09-15 19:52:29 +00:00
}
2003-12-27 11:21:00 +00:00
2004-06-14 16:05:36 +00:00
2006-07-01 08:23:28 +00:00
/**
* This function fills the $messages variable with output messages from this module .
*/
2004-09-26 13:48:52 +00:00
function load_Messages () {
2007-05-03 19:28:12 +00:00
$this -> messages [ 'userPassword' ][ 1 ] = array ( 'ERROR' , _ ( 'Password' ), _ ( 'Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!%&/|?{[()]}=@$ !' ));
2004-09-26 13:48:52 +00:00
$this -> messages [ 'gidNumber' ][ 0 ] = array ( 'INFO' , _ ( 'GID number' ), _ ( 'GID number has changed. Please select checkbox to change GID number of users and hosts.' ));
$this -> messages [ 'gidNumber' ][ 2 ] = array ( 'WARN' , _ ( 'ID-Number' ), _ ( 'It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.' ));
$this -> messages [ 'gidNumber' ][ 3 ] = array ( 'ERROR' , _ ( 'ID-Number' ), _ ( 'No free ID-Number!' ));
$this -> messages [ 'gidNumber' ][ 4 ] = array ( 'ERROR' , _ ( 'ID-Number' ), _ ( 'ID is already in use' ));
2004-09-26 14:51:18 +00:00
$this -> messages [ 'gidNumber' ][ 5 ] = array ( 'ERROR' , _ ( 'Minimum GID number' ), _ ( 'Minimum GID number is invalid or empty!' ));
$this -> messages [ 'gidNumber' ][ 6 ] = array ( 'ERROR' , _ ( 'Maximum GID number' ), _ ( 'Maximum GID number is invalid or empty!' ));
$this -> messages [ 'gidNumber' ][ 7 ] = array ( 'ERROR' , _ ( 'Maximum GID number' ), _ ( 'Maximum GID number must be greater than minimum GID number!' ));
2004-10-23 11:11:31 +00:00
$this -> messages [ 'gidNumber' ][ 8 ] = array ( 'ERROR' , _ ( 'Account %s:' ) . ' posixGroup_gid' , _ ( 'GID number has to be a numeric value!' ));
2005-06-18 16:12:01 +00:00
$this -> messages [ 'cn' ][ 0 ] = array ( 'WARN' , _ ( 'Group name' ), _ ( 'You are using a capital letters. This can cause problems because Windows isn\'t case-sensitive.' ));
$this -> messages [ 'cn' ][ 1 ] = array ( 'WARN' , _ ( 'Group name' ), _ ( 'Group name in use. Selected next free group name.' ));
$this -> messages [ 'cn' ][ 2 ] = array ( 'ERROR' , _ ( 'Group name' ), _ ( 'Group name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !' ));
$this -> messages [ 'cn' ][ 3 ] = array ( 'ERROR' , _ ( 'Account %s:' ) . ' posixGroup_cn' , _ ( 'Group name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !' ));
2004-10-23 11:11:31 +00:00
$this -> messages [ 'memberUID' ][ 0 ] = array ( 'ERROR' , _ ( 'Account %s:' ) . ' posixGroup_members' , _ ( " This value must be a list of user names separated by semicolons. " ));
2011-11-15 19:15:10 +00:00
$this -> messages [ 'primaryGroup' ][ 0 ] = array ( 'ERROR' , _ ( 'There are still users who have this group as their primary group.' ));
2006-07-01 08:23:28 +00:00
}
2004-09-21 11:14:22 +00:00
2003-12-27 11:21:00 +00:00
2006-07-01 08:23:28 +00:00
/**
* This functions is used to check if all settings for this module have been made .
*
* @ return boolean true , if settings are complete
2004-02-09 18:11:01 +00:00
*/
function module_complete () {
2007-10-03 18:02:10 +00:00
if ( ! $this -> getAccountContainer () -> isNewAccount ) {
2005-08-26 08:53:16 +00:00
// check if account is based on our object class
2007-10-03 18:02:10 +00:00
$objectClasses = $this -> getAccountContainer () -> attributes_orig [ 'objectClass' ];
2005-08-26 08:53:16 +00:00
if ( is_array ( $objectClasses ) && ! in_array ( 'posixGroup' , $objectClasses )) {
return true ;
}
}
2008-12-17 18:44:37 +00:00
if ( $this -> manageCnAttribute && ( $this -> attributes [ 'cn' ][ 0 ] == '' )) return false ;
2004-02-09 18:11:01 +00:00
if ( $this -> attributes [ 'gidNumber' ][ 0 ] == '' ) return false ;
return true ;
2004-09-15 19:52:29 +00:00
}
2004-09-21 11:14:22 +00:00
2005-08-26 08:53:16 +00:00
/**
* Controls if the module button the account page is visible and activated .
*
* @ return string status ( " enabled " , " disabled " , " hidden " )
*/
function getButtonStatus () {
2007-10-03 18:02:10 +00:00
if ( ! $this -> getAccountContainer () -> isNewAccount ) {
2005-08-26 08:53:16 +00:00
// check if account is based on our object class
2007-10-03 18:02:10 +00:00
$objectClasses = $this -> getAccountContainer () -> attributes_orig [ 'objectClass' ];
2005-08-26 08:53:16 +00:00
if ( is_array ( $objectClasses ) && ! in_array ( 'posixGroup' , $objectClasses )) {
return " disabled " ;
}
}
return " enabled " ;
}
2005-09-07 12:58:34 +00:00
/**
* Processes user input of the primary module page .
* It checks if all input values are correct and updates the associated LDAP attributes .
*
* @ return array list of info / error messages
2003-12-27 11:21:00 +00:00
*/
2006-08-13 12:58:19 +00:00
function process_attributes () {
2006-05-16 18:15:02 +00:00
$errors = array ();
2008-12-17 20:30:56 +00:00
if ( $this -> manageDescriptionAttribute ) {
$this -> attributes [ 'description' ][ 0 ] = $_POST [ 'description' ];
}
2010-09-26 11:12:59 +00:00
if ( isset ( $_POST [ 'lockPassword' ])) {
2006-09-03 13:02:42 +00:00
$this -> attributes [ 'userPassword' ][ 0 ] = pwd_disable ( $this -> attributes [ 'userPassword' ][ 0 ]);
2004-10-16 19:51:36 +00:00
}
2010-09-26 11:12:59 +00:00
if ( isset ( $_POST [ 'unlockPassword' ])) {
2006-09-03 13:02:42 +00:00
$this -> attributes [ 'userPassword' ][ 0 ] = pwd_enable ( $this -> attributes [ 'userPassword' ][ 0 ]);
}
2010-09-26 11:12:59 +00:00
if ( isset ( $_POST [ 'removePassword' ])) {
2006-09-03 13:02:42 +00:00
unset ( $this -> attributes [ 'userPassword' ]);
2006-06-28 15:57:48 +00:00
}
2010-05-19 19:22:29 +00:00
if ( isset ( $_POST [ 'changegids' ])) $this -> changegids = true ;
2004-10-16 19:51:36 +00:00
else $this -> changegids = false ;
2010-11-21 19:00:33 +00:00
if ( ! isset ( $this -> attributes [ 'gidNumber' ][ 0 ]) || ( $this -> attributes [ 'gidNumber' ][ 0 ] != $_POST [ 'gidNumber' ])) {
2004-10-16 19:51:36 +00:00
// Check if GID is valid. If none value was entered, the next useable value will be inserted
2005-09-26 11:57:17 +00:00
// load min and max GID number
2004-10-16 19:51:36 +00:00
$minID = intval ( $this -> moduleSettings [ 'posixGroup_minGID' ][ 0 ]);
$maxID = intval ( $this -> moduleSettings [ 'posixGroup_maxGID' ][ 0 ]);
2006-08-13 12:58:19 +00:00
$this -> attributes [ 'gidNumber' ][ 0 ] = $_POST [ 'gidNumber' ];
2006-05-16 18:15:02 +00:00
if ( $this -> attributes [ 'gidNumber' ][ 0 ] == '' ) {
2005-03-25 12:38:36 +00:00
// No id-number given, find free GID
2010-11-21 19:00:33 +00:00
if ( ! isset ( $this -> orig [ 'gidNumber' ][ 0 ])) {
2006-05-16 18:15:02 +00:00
$newGID = $this -> getNextGIDs ( 1 , $errors );
2005-03-25 12:38:36 +00:00
if ( is_array ( $newGID )) {
$this -> attributes [ 'gidNumber' ][ 0 ] = $newGID [ 0 ];
}
else {
2006-08-16 17:42:35 +00:00
$errors [] = $this -> messages [ 'gidNumber' ][ 3 ];
2004-09-15 19:52:29 +00:00
}
}
2004-10-16 19:51:36 +00:00
else $this -> attributes [ 'gidNumber' ][ 0 ] = $this -> orig [ 'gidNumber' ][ 0 ];
// old account -> return id-number which has been used
}
else {
2010-11-21 19:00:33 +00:00
$gids = $this -> getGIDs ();
2004-10-16 19:51:36 +00:00
// Check manual ID
2008-07-17 19:25:30 +00:00
if ( $this -> getAccountContainer () -> isNewAccount || ! isset ( $this -> orig [ 'gidNumber' ][ 0 ]) || ( $this -> orig [ 'gidNumber' ][ 0 ] != $this -> attributes [ 'gidNumber' ][ 0 ])) {
// check range
if (( $this -> attributes [ 'gidNumber' ][ 0 ] < $minID ) || ( $this -> attributes [ 'gidNumber' ][ 0 ] > $maxID ) || ! is_numeric ( $this -> attributes [ 'gidNumber' ][ 0 ])) {
$errors [] = array ( 'ERROR' , _ ( 'ID-Number' ), sprintf ( _ ( 'Please enter a value between %s and %s!' ), $minID , $maxID ));
if ( isset ( $this -> orig [ 'gidNumber' ][ 0 ])) $this -> attributes [ 'gidNumber' ][ 0 ] = $this -> orig [ 'gidNumber' ][ 0 ];
else unset ( $this -> attributes [ 'gidNumber' ][ 0 ]);
2006-06-28 15:57:48 +00:00
}
2008-07-17 19:25:30 +00:00
// $uids is allways an array but not if no entries were found
if ( is_array ( $gids )) {
// id-number is in use and account is a new account
if (( in_array ( $this -> attributes [ 'gidNumber' ][ 0 ], $gids )) && $this -> orig [ 'gidNumber' ][ 0 ] == '' ) {
2010-11-21 19:00:33 +00:00
$errors [] = $this -> messages [ 'gidNumber' ][ 4 ];
2008-07-17 19:25:30 +00:00
unset ( $this -> attributes [ 'gidNumber' ][ 0 ]);
}
// id-number is in use, account is existing account and id-number is not used by itself
if (( in_array ( $this -> attributes [ 'gidNumber' ][ 0 ], $gids )) && $this -> orig [ 'gidNumber' ][ 0 ] != '' && ( $this -> orig [ 'gidNumber' ][ 0 ] != $this -> attributes [ 'gidNumber' ][ 0 ]) ) {
$errors [] = $this -> messages [ 'gidNumber' ][ 4 ];
$this -> attributes [ 'gidNumber' ][ 0 ] = $this -> orig [ 'gidNumber' ][ 0 ];
}
2003-12-30 15:36:30 +00:00
}
}
2004-09-15 19:52:29 +00:00
}
2004-10-16 19:51:36 +00:00
}
2008-12-17 18:44:37 +00:00
if ( $this -> manageCnAttribute && ( $this -> attributes [ 'cn' ][ 0 ] != $_POST [ 'cn' ])) {
2006-08-13 12:58:19 +00:00
$this -> attributes [ 'cn' ][ 0 ] = $_POST [ 'cn' ];
2009-08-13 18:57:26 +00:00
if ( preg_match ( '/^[A-Z]+$/' , $_POST [ 'cn' ])) {
2006-08-16 17:42:35 +00:00
$errors [] = $this -> messages [ 'cn' ][ 0 ];
2009-08-13 18:57:26 +00:00
}
2004-10-16 19:51:36 +00:00
// Check if Groupname contains only valid characters
if ( ! get_preg ( $this -> attributes [ 'cn' ][ 0 ], 'groupname' ))
2006-08-16 17:42:35 +00:00
$errors [] = $this -> messages [ 'cn' ][ 2 ];
2004-10-16 19:51:36 +00:00
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
2009-11-26 13:20:36 +00:00
if (( sizeof ( searchLDAPByAttribute ( 'cn' , $this -> attributes [ 'cn' ][ 0 ], 'posixGroup' , array ( 'cn' ), array ( 'group' ))) > 0 ) && ( $this -> orig [ 'cn' ][ 0 ] != '' )) {
2004-10-16 19:51:36 +00:00
$this -> attributes [ 'cn' ][ 0 ] = $this -> orig [ 'cn' ][ 0 ];
}
// Change gid to a new gid until a free gid is found
2009-11-26 13:20:36 +00:00
else while ( sizeof ( searchLDAPByAttribute ( 'cn' , $this -> attributes [ 'cn' ][ 0 ], 'posixGroup' , array ( 'cn' ), array ( 'group' ))) > 0 ) {
2004-10-16 19:51:36 +00:00
// get last character of username
$lastchar = substr ( $this -> attributes [ 'cn' ][ 0 ], strlen ( $this -> attributes [ 'cn' ][ 0 ]) - 1 , 1 );
// Last character is no number
2009-08-13 18:57:26 +00:00
if ( ! preg_match ( '/^([0-9])+$/' , $lastchar ))
2004-10-16 19:51:36 +00:00
/* Last character is no number . Therefore we only have to
* add " 2 " to it .
*/
$this -> attributes [ 'cn' ][ 0 ] = $this -> attributes [ 'cn' ][ 0 ] . '2' ;
else {
/* Last character is a number -> we have to increase the number until we ' ve
* found a groupname with trailing number which is not in use .
*
* $i will show us were we have to split groupname so we get a part
* with the groupname and a part with the trailing number
2004-01-27 19:07:31 +00:00
*/
2004-10-16 19:51:36 +00:00
$i = strlen ( $this -> attributes [ 'cn' ][ 0 ]) - 1 ;
$mark = false ;
// Set $i to the last character which is a number in $account_new->general_username
while ( ! $mark ) {
2009-08-13 18:57:26 +00:00
if ( preg_match ( '/^([0-9])+$/' , substr ( $this -> attributes [ 'cn' ][ 0 ], $i , strlen ( $this -> attributes [ 'cn' ][ 0 ]) - $i ))) $i -- ;
2004-10-16 19:51:36 +00:00
else $mark = true ;
2004-09-15 19:52:29 +00:00
}
2004-10-16 19:51:36 +00:00
// increase last number with one
$firstchars = substr ( $this -> attributes [ 'cn' ][ 0 ], 0 , $i + 1 );
$lastchars = substr ( $this -> attributes [ 'cn' ][ 0 ], $i + 1 , strlen ( $this -> attributes [ 'cn' ][ 0 ]) - $i );
// Put username together
$this -> attributes [ 'cn' ][ 0 ] = $firstchars . ( intval ( $lastchars ) + 1 );
2004-09-18 18:44:47 +00:00
}
2004-09-15 19:52:29 +00:00
}
2004-10-16 19:51:36 +00:00
// Show warning if lam has changed username
2006-08-13 12:58:19 +00:00
if ( $this -> attributes [ 'cn' ][ 0 ] != $_POST [ 'cn' ]) {
2009-08-13 18:57:26 +00:00
$errors [] = $this -> messages [ 'cn' ][ 1 ];
2004-10-16 19:51:36 +00:00
}
2006-05-16 18:15:02 +00:00
// show info when gidnumber has changed
2006-08-13 12:58:19 +00:00
if (( $this -> orig [ 'gidNumber' ][ 0 ] != $this -> attributes [ 'gidNumber' ][ 0 ]) && $this -> orig [ 'gidNumber' ][ 0 ] != '' && $_POST [ 'gidNumber' ] != $this -> attributes [ 'gidNumber' ][ 0 ]) {
2006-08-16 17:42:35 +00:00
$errors [] = $this -> messages [ 'gidNumber' ][ 0 ];
2006-06-28 15:57:48 +00:00
}
2004-10-12 13:34:00 +00:00
}
2003-12-30 15:36:30 +00:00
// Return error-messages
2006-05-16 18:15:02 +00:00
return $errors ;
2004-09-15 19:52:29 +00:00
}
2003-12-30 15:36:30 +00:00
2004-09-21 11:14:22 +00:00
2005-04-22 13:33:34 +00:00
/**
2005-09-07 12:58:34 +00:00
* Processes user input of the user selection page .
* It checks if all input values are correct and updates the associated LDAP attributes .
2005-04-22 13:33:34 +00:00
*
2005-09-07 12:58:34 +00:00
* @ return array list of info / error messages
2003-12-30 15:36:30 +00:00
*/
2006-08-13 12:58:19 +00:00
function process_user () {
2006-05-13 08:55:31 +00:00
if ( ! isset ( $this -> attributes [ 'memberUid' ])) $this -> attributes [ 'memberUid' ] = array ();
2006-08-13 12:58:19 +00:00
if ( isset ( $_POST [ 'addusers' ]) && isset ( $_POST [ 'addusers_button' ])) { // Add users to list
2005-04-22 13:33:34 +00:00
// Add new user
2006-08-13 12:58:19 +00:00
$this -> attributes [ 'memberUid' ] = @ array_merge ( $this -> attributes [ 'memberUid' ], $_POST [ 'addusers' ]);
2004-09-15 19:52:29 +00:00
}
2006-08-13 12:58:19 +00:00
elseif ( isset ( $_POST [ 'removeusers' ]) && isset ( $_POST [ 'removeusers_button' ])) { // remove users from list
$this -> attributes [ 'memberUid' ] = array_delete ( $_POST [ 'removeusers' ], $this -> attributes [ 'memberUid' ]);
2004-09-15 19:52:29 +00:00
}
2006-08-16 17:42:35 +00:00
return array ();
2004-09-15 19:52:29 +00:00
}
2003-12-27 11:21:00 +00:00
2004-09-21 11:14:22 +00:00
2007-11-03 14:17:19 +00:00
/**
* Returns a list of modifications which have to be made to the LDAP account .
*
* @ return array list of modifications
* < br > This function returns an array with 3 entries :
* < br > array ( DN1 ( 'add' => array ( $attr ), 'remove' => array ( $attr ), 'modify' => array ( $attr )), DN2 .... )
* < br > DN is the DN to change . It may be possible to change several DNs ( e . g . create a new user and add him to some groups via attribute memberUid )
* < br > " add " are attributes which have to be added to LDAP entry
* < br > " remove " are attributes which have to be removed from LDAP entry
* < br > " modify " are attributes which have to been modified in LDAP entry
2011-02-26 13:14:10 +00:00
* < br > " info " are values with informational value ( e . g . to be used later by pre / postModify actions )
2003-12-27 11:21:00 +00:00
*/
2004-09-21 11:14:22 +00:00
function save_attributes () {
2005-08-26 08:53:16 +00:00
// skip saving if account is based on another structural object class
2007-10-03 18:02:10 +00:00
if ( ! $this -> getAccountContainer () -> isNewAccount && ! in_array ( 'posixGroup' , $this -> getAccountContainer () -> attributes_orig [ 'objectClass' ])) {
2005-08-26 08:53:16 +00:00
return array ();
}
2007-10-03 18:02:10 +00:00
$return = $this -> getAccountContainer () -> save_module_attributes ( $this -> attributes , $this -> orig );
2004-09-21 11:14:22 +00:00
// Change gids of users and hosts?
if ( $this -> changegids ) {
2010-11-21 19:00:33 +00:00
// find all accounts to change
$result = searchLDAPByFilter ( '(&(objectClass=posixAccount)(gidNumber=' . $this -> orig [ 'gidNumber' ][ 0 ] . '))' , array ( 'dn' ), array ( 'user' , 'host' ));
if ( sizeof ( $result ) > 0 ) {
for ( $i = 0 ; $i < sizeof ( $result ); $i ++ ) {
$return [ $result [ $i ][ 'dn' ]][ 'modify' ][ 'gidNumber' ][ 0 ] = $this -> attributes [ 'gidNumber' ][ 0 ];
2004-09-19 08:33:37 +00:00
}
}
}
2004-09-21 11:14:22 +00:00
return $return ;
2004-09-19 08:33:37 +00:00
}
2004-09-21 11:14:22 +00:00
2005-03-25 12:38:36 +00:00
/**
* Returns one or more free GID numbers .
*
* @ param integer $count Number of needed free GIDs .
2006-05-16 18:15:02 +00:00
* @ param array $errors list of error messages where errors can be added
2006-08-13 12:58:19 +00:00
* @ return mixed Null if no GIDs are free else an array of free GIDs .
2005-03-25 12:38:36 +00:00
*/
2006-05-16 18:15:02 +00:00
function getNextGIDs ( $count , & $errors ) {
2005-03-25 12:38:36 +00:00
$ret = array ();
$minID = intval ( $this -> moduleSettings [ 'posixGroup_minGID' ][ 0 ]);
$maxID = intval ( $this -> moduleSettings [ 'posixGroup_maxGID' ][ 0 ]);
2010-11-21 19:00:33 +00:00
$gidList = $this -> getGIDs ();
2005-03-25 12:38:36 +00:00
$gids = array ();
2010-11-21 19:00:33 +00:00
foreach ( $gidList as $gid ) {
if (( $gid <= $maxID ) && ( $gid >= $minID )) $gids [] = $gid ; // ignore GIDs > maxID and GIDs < minID
2005-03-25 12:38:36 +00:00
}
for ( $i = 0 ; $i < $count ; $i ++ ) {
if ( count ( $gids ) != 0 ) {
// there already are some GIDs
// store highest id-number
$id = $gids [ count ( $gids ) - 1 ];
// Return minimum allowed id-number if all found id-numbers are too low
if ( $id < $minID ) {
$ret [] = $minID ;
$gids [] = $minID ;
}
// return highest used id-number + 1 if it's still in valid range
elseif ( $id < $maxID ) {
$ret [] = $id + 1 ;
$gids [] = $id + 1 ;
}
// find free numbers between existing ones
else {
$k = intval ( $minID );
while ( in_array ( $k , $gids )) $k ++ ;
if ( $k > $maxID ) return null ;
else {
$ret [] = $k ;
$gids [] = $k ;
sort ( $gids , SORT_NUMERIC );
}
// show warning message
2006-08-16 17:42:35 +00:00
$errors [] = $this -> messages [ 'gidNumber' ][ 2 ];
2005-03-25 12:38:36 +00:00
}
}
else {
// return minimum allowed id-number if no id-numbers are found
$ret [] = $minID ;
$gids [] = $minID ;
}
}
return $ret ;
2004-10-16 19:51:36 +00:00
}
2005-03-25 12:38:36 +00:00
2009-10-10 12:38:52 +00:00
/**
* This method specifies if a module manages password attributes .
* @ see passwordService :: managesPasswordAttributes
*
* @ return boolean true if this module manages password attributes
*/
public function managesPasswordAttributes () {
return true ;
}
2012-01-15 19:34:14 +00:00
/**
* Specifies if this module supports to force that a user must change his password on next login .
*
* @ return boolean force password change supported
*/
public function supportsForcePasswordChange () {
return false ;
}
2009-10-10 12:38:52 +00:00
/**
* This function is called whenever the password should be changed . Account modules
* must change their password attributes only if the modules list contains their module name .
*
* @ param String $password new password
* @ param $modules list of modules for which the password should be changed
2012-01-15 19:34:14 +00:00
* @ param boolean $forcePasswordChange force the user to change his password at next login
2009-10-10 12:38:52 +00:00
* @ return array list of error messages if any as parameter array for StatusMessage
* e . g . return arrray ( array ( 'ERROR' , 'Password change failed.' ))
* @ see passwordService :: passwordChangeRequested
*/
2012-01-15 19:34:14 +00:00
public function passwordChangeRequested ( $password , $modules , $forcePasswordChange ) {
2009-10-10 12:38:52 +00:00
if ( ! in_array ( get_class ( $this ), $modules )) {
return array ();
}
$this -> attributes [ 'userPassword' ][ 0 ] = pwd_hash ( $password , true , $this -> moduleSettings [ 'posixAccount_pwdHash' ][ 0 ]);
return array ();
}
2010-11-21 19:00:33 +00:00
/**
* Returns a list of existing GID numbers .
*
* @ return array list of GID numbers
*/
private function getGIDs () {
if ( $this -> cachedGIDList != null ) {
return $this -> cachedGIDList ;
}
$result = searchLDAPByAttribute ( 'gidNumber' , '*' , 'posixGroup' , array ( 'gidNumber' ), array ( 'group' ));
$this -> cachedGIDList = array ();
for ( $i = 0 ; $i < sizeof ( $result ); $i ++ ) {
$this -> cachedGIDList [] = $result [ $i ][ 'gidnumber' ][ 0 ];
}
sort ( $this -> cachedGIDList , SORT_NUMERIC );
return $this -> cachedGIDList ;
}
/**
* Returns a list of existing users and their GID numbers .
*
* @ return array list in format array ( uid => gidNumber )
*/
private function getUserAndGIDs () {
if ( $this -> cachedUserToGIDList != null ) {
return $this -> cachedUserToGIDList ;
}
$result = searchLDAPByAttribute ( 'gidNumber' , '*' , 'posixAccount' , array ( 'uid' , 'gidNumber' ), array ( 'user' ));
$this -> cachedUserToGIDList = array ();
for ( $i = 0 ; $i < sizeof ( $result ); $i ++ ) {
$this -> cachedUserToGIDList [ $result [ $i ][ 'uid' ][ 0 ]] = $result [ $i ][ 'gidnumber' ][ 0 ];
}
return $this -> cachedUserToGIDList ;
}
2005-03-25 12:38:36 +00:00
}
2006-08-13 12:58:19 +00:00
2003-12-27 11:21:00 +00:00
?>