2003-12-09 18:42:50 +00:00
< ? php
/*
$Id $
This code is part of LDAP Account Manager ( http :// www . sourceforge . net / projects / lam )
Copyright ( C ) 2003 Tilo Lutz
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
*/
2003-12-12 00:51:23 +00:00
/* Session variables which are used :
* $_SESSION [ 'cacheAttributes' ] : This variable contains a list of attributes and their scope which should be cached
2003-12-09 18:42:50 +00:00
*
2003-12-12 00:51:23 +00:00
* Coockie variables which are used :
* $_COOKIE [ " IV " ], $_COOKIE [ " Key " ] : Needed to en / decrypt passwords .
*
* Variables in basearray which are no objects :
* type : Type of account . Can be user , group , host
* attributes : List of all attributes , how to get them and are theiy required or optional
* dn : current DN without uid = or cn =
* dn_orig : old DN if account was loaded with uid = or cn =
2003-12-09 18:42:50 +00:00
* External functions which are used
2003-12-15 15:11:44 +00:00
* account . inc : findgroups , incache , get_cache , array_delete , getshells
2003-12-12 00:51:23 +00:00
* ldap . inc : pwd_is_enabled , pwd_hash
*/
2003-12-09 18:42:50 +00:00
/* This class contains all posixAccount LDAP attributes
* and funtioncs required to deal with posixAccount
* posixAccount can only be created when it should be added
* to an array .
* basearray is the same array posixAccount should be added
* to . If basearray is not given the constructor tries to
* create an array with posixAccount and all other required
* objects .
* Example : $user [] = new posixAccount ( $user );
*
* In container array the following things have to exist :
* account or inetOrgPerson object
* type : 'user' or 'host'
* 'attributes' : this is a list of arrays with all ldap attributes wich are allowed for this account
*/
2004-06-08 18:54:37 +00:00
class posixAccount extends baseModule {
2004-07-02 16:09:44 +00:00
/**
* Creates a new posixAccount object .
*/
function posixAccount ( $scope ) {
// error messages for input checks
$this -> messages [ 'homedir' ] = array ( 'ERROR' , _ ( 'Home directory' ), _ ( 'Homedirectory contains invalid characters.' ));
2004-08-01 09:39:24 +00:00
$this -> messages [ 'minUID' ] = array ( 'ERROR' , _ ( 'Users' ) . ': ' . _ ( 'Minimum UID number' ), _ ( " Minimum UID number is invalid! " ));
$this -> messages [ 'maxUID' ] = array ( 'ERROR' , _ ( 'Users' ) . ': ' . _ ( 'Maximum UID number' ), _ ( " Maximum UID number is invalid! " ));
$this -> messages [ 'minMachine' ] = array ( 'ERROR' , _ ( 'Hosts' ) . ': ' . _ ( 'Minimum UID number' ), _ ( " Minimum UID number is invalid! " ));
$this -> messages [ 'maxMachine' ] = array ( 'ERROR' , _ ( 'Hosts' ) . ': ' . _ ( 'Maximum UID number' ), _ ( " Maximum UID number is invalid! " ));
$this -> messages [ 'cmp_UID' ] = array ( 'ERROR' , _ ( 'Users' ) . ': ' . _ ( 'Maximum UID number' ), _ ( " Maximum UID number must be greater than minimum UID number! " ));
$this -> messages [ 'cmp_Machine' ] = array ( 'ERROR' , _ ( 'Hosts' ) . ': ' . _ ( 'Maximum UID number' ), _ ( " Maximum UID number must be greater than minimum UID number! " ));
$this -> messages [ 'cmp_both' ] = array ( 'ERROR' , _ ( 'UID ranges' ), _ ( " The UID ranges for users and hosts overlap! This is a problem because LAM uses the highest UID in use + 1. Please set the minimum UID to equal values or use independent ranges. " ));
2004-07-02 16:09:44 +00:00
// call parent constructor
parent :: baseModule ( $scope );
}
2004-06-08 18:54:37 +00:00
/**
* Returns meta data that is interpreted by parent class
*
* @ return array array with meta data
*/
function get_metaData () {
$return = array ();
2004-06-13 19:58:58 +00:00
// manages user and host accounts
$return [ " account_types " ] = array ( " user " , " host " );
// user specific data
2004-06-08 18:54:37 +00:00
if ( $this -> get_scope () == " user " ) {
2004-06-11 15:44:49 +00:00
// this is a base module
2004-06-08 18:54:37 +00:00
$return [ " is_base " ] = true ;
2004-06-11 15:44:49 +00:00
// LDAP filter
$return [ " ldap_filter " ] = array ( 'or' => " (objectClass=posixAccount) " , 'and' => " (!(uid=* $ )) " );
2004-06-20 17:32:02 +00:00
// module dependencies
$return [ 'dependencies' ] = array ( 'depends' => array ( 'inetOrgPerson' ), 'conflicts' => array ());
}
elseif ( $this -> get_scope () == " host " ) {
// module dependencies
$return [ 'dependencies' ] = array ( 'depends' => array ( 'account' ), 'conflicts' => array ());
2004-06-08 18:54:37 +00:00
}
2004-06-14 16:05:36 +00:00
// alias name
$return [ " alias " ] = _ ( " Unix " );
2004-07-02 16:09:44 +00:00
// profile checks
$return [ 'profile_checks' ][ 'posixAccount_homeDirectory' ] = array ( 'type' => 'regex_i' , 'regex' => $this -> regex_homedir ,
'error_message' => $this -> messages [ 'homedir' ]);
2004-08-01 09:39:24 +00:00
// configuration options
$return [ 'config_options' ][ 'user' ] = array (
array (
0 => array ( 'kind' => 'text' , 'text' => '<b>' . _ ( " Users " ) . ': </b>' . _ ( 'Minimum UID number' ) . " : " ),
1 => array ( 'kind' => 'input' , 'name' => 'posixAccount_minUID' , 'type' => 'text' , 'size' => '10' , 'maxlength' => '255' ),
2 => array ( 'kind' => 'text' , 'value' => ' ' ),
3 => array ( 'kind' => 'text' , 'text' => _ ( 'Maximum UID number' ) . " : " ),
4 => array ( 'kind' => 'input' , 'name' => 'posixAccount_maxUID' , 'type' => 'text' , 'size' => '10' , 'maxlength' => '255' ),
5 => array ( 'kind' => 'help' , 'value' => 'TODO' ))
);
$return [ 'config_options' ][ 'host' ] = array (
array (
0 => array ( 'kind' => 'text' , 'text' => '<b>' . _ ( " Hosts " ) . ': </b>' . _ ( 'Minimum UID number' ) . " : " ),
1 => array ( 'kind' => 'input' , 'name' => 'posixAccount_minMachine' , 'type' => 'text' , 'size' => '10' , 'maxlength' => '255' ),
2 => array ( 'kind' => 'text' , 'value' => ' ' ),
3 => array ( 'kind' => 'text' , 'text' => _ ( 'Maximum UID number' ) . " : " ),
4 => array ( 'kind' => 'input' , 'name' => 'posixAccount_maxMachine' , 'type' => 'text' , 'size' => '10' , 'maxlength' => '255' ),
5 => array ( 'kind' => 'help' , 'value' => 'TODO' ))
);
2004-08-03 18:49:19 +00:00
$return [ 'config_options' ][ 'all' ] = array (
array (
0 => array ( 'kind' => 'text' , 'text' => '<b>' . _ ( " Password hash type " ) . ': </b>' ),
1 => array ( 'kind' => 'select' , 'name' => 'posixAccount_pwdHash' , 'size' => '1' ,
'options' => array ( " CRYPT " , " SHA " , " SSHA " , " MD5 " , " SMD5 " , " PLAIN " ), 'options_selected' => array ( 'SSHA' )),
2 => array ( 'kind' => 'text' , 'value' => ' ' ),
3 => array ( 'kind' => 'text' , 'value' => ' ' ),
4 => array ( 'kind' => 'text' , 'value' => ' ' ),
5 => array ( 'kind' => 'help' , 'value' => 'TODO' ))
);
2004-08-01 09:39:24 +00:00
// configuration descriptions
$return [ 'config_descriptions' ] = array (
'legend' => _ ( " UID ranges for Unix accounts " ),
'descriptions' => array (
'posixAccount_minUID' => _ ( " Minimum UID number for Unix accounts (users) " ),
'posixAccount_maxUID' => _ ( " Maximum UID number for Unix accounts (users) " ),
'posixAccount_minMachine' => _ ( " Minimum UID number for Unix accounts (hosts) " ),
'posixAccount_maxMachine' => _ ( " Maximum UID number for Unix accounts (hosts) " ),
2004-08-03 18:49:19 +00:00
'posixAccount_pwdHash' => _ ( " Password hash type " ),
2004-08-01 09:39:24 +00:00
)
);
2004-08-17 15:16:17 +00:00
// available PDF fields
$return [ 'PDF_fields' ] = array ( 'uid' ,
'uidNumber' ,
'gidNumber' ,
'gecos' ,
'primaryGroup' ,
'additionalGroups' ,
'homeDirectory' ,
'userPassword' ,
'loginShell' );
2004-09-08 14:41:57 +00:00
// help Entries
2004-09-08 18:26:00 +00:00
$return [ 'help' ] = array ( 'user' => array ( 'uid' => array ( " ext " => " FALSE " , " Headline " => _ ( " Username " ), " Text " => _ ( " Username of the user who should be created. Valid characters are: a-z,0-9, .-_. Lam does not allow a number as first character because useradd also does not allow it. Lam does not allow capital letters A-Z because it can cause several problems. If username is already used username will be expanded with a number. The next free number will be used. Warning: Older systems have problems with usernames longer than 8 characters. You can not log in to Windows if username is longer than 16 characters. " )),
'gecos' => array ( " ext " => " FALSE " , " Headline " => _ ( " Gecos " ), " Text " => _ ( " User description. If left empty sur- and give name will be used. " )),
'gidNumber' => array ( " ext " => " FALSE " , " Headline " => _ ( " Primary group " ), " Text " => _ ( " The Primary Group the user should be member of. " ))),
'host' => array ( 'uid' => array ( " ext " => " FALSE " , " Headline " => _ ( " Host name " ), " Text " => _ ( " Host name of the host which should be created. Valid characters are: a-z,0-9, .-_ $ . Lam does not allow a number as first character because useradd also does not allow it. Lam does not allow capital letters A-Z because it can cause several problems. Hostnames are always ending with $ . If last character is not $ it will be added. If hostname is already used hostname will be expanded with a number. The next free number will be used. " )),
'gecos' => array ( " ext " => " FALSE " , " Headline " => _ ( " Gecos " ), " Text " => _ ( " Host description. If left empty host name will be used. " )),
'gidNumber' => array ( " ext " => " FALSE " , " Headline " => _ ( " Primary group " ), " Text " => _ ( " The Primary group the host should be member of. " ))),
2004-09-08 14:41:57 +00:00
'uidNumber' => array ( " ext " => " FALSE " , " Headline " => _ ( " UID number " ), " Text " => _ ( " If empty UID number will be generated automaticly. " )),
'addgroup' => array ( " ext " => " FALSE " , " Headline " => _ ( " Additional groups " ), " Text " => _ ( " Hold the CTRL-key to (de)select multiple groups. " ) . ' ' . _ ( " Can be left empty. " )),
'homeDirectory' => array ( " ext " => " FALSE " , " Headline " => _ ( " Home directory " ), " Text " => _ ( " $user and $group are replaced with username or primary groupname. " )),
/*'userPassword' =>*/
2004-09-08 17:39:06 +00:00
'userPassword_no' => array ( " ext " => " FALSE " , " Headline " => _ ( " Use no password " ), " Text " => _ ( " If checked no password will be used. " )),
2004-09-08 14:41:57 +00:00
/*'userPassword_lock' =>*/
2004-09-08 14:43:38 +00:00
'loginShell' => array ( " ext " => " FALSE " , " Headline " => _ ( " Login shell " ), " Text " => _ ( " To disable login use /bin/false. List of shells is read from lam/config/shells " )));
2004-08-17 15:16:17 +00:00
2004-06-08 18:54:37 +00:00
return $return ;
}
2003-12-09 18:42:50 +00:00
// Constructor
2004-06-08 18:54:37 +00:00
function init ( $base ) {
2004-09-01 20:53:06 +00:00
// call parent init
parent :: init ( $base );
2003-12-15 15:11:44 +00:00
// Add Array with all attributes and type
2003-12-30 17:09:15 +00:00
$this -> orig = $_SESSION [ $this -> base ] -> get_module_attributes ( 'posixAccount' );
2003-12-20 19:24:01 +00:00
$this -> attributes = $_SESSION [ $this -> base ] -> get_module_attributes ( 'posixAccount' );
2003-12-27 11:21:00 +00:00
$groups = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> findgroups (); // list of all groupnames
2003-12-15 15:11:44 +00:00
if ( count ( $groups ) == 0 ) trigger_error ( _ ( 'No groups found in ldap.' ), E_USER_WARNING );
// Make references to attributes which already esists in ldap
$newattributes = array_keys ( $this -> attributes );
2003-12-19 12:45:23 +00:00
$module = array_keys ( $_SESSION [ $this -> base ] -> module );
2003-12-15 15:11:44 +00:00
for ( $i = 0 ; $i < count ( $module ); $i ++ ) {
foreach ( $newattributes as $attribute )
2003-12-19 12:45:23 +00:00
if ( isset ( $_SESSION [ $this -> base ] -> module [ $module [ $i ]] -> attributes [ $attribute ])) $this -> attributes [ $attribute ] =& $_SESSION [ $this -> base ] -> module [ $module [ $i ]] -> attributes [ $attribute ];
2003-12-15 15:11:44 +00:00
}
2003-12-19 12:45:23 +00:00
$this -> attributes [ 'objectClass' ][ 0 ] = 'posixAccount' ;
2003-12-20 21:42:52 +00:00
$this -> createhomedir = false ;
2003-12-09 18:42:50 +00:00
}
// Variables
2003-12-21 14:52:23 +00:00
// Use a unix password?
var $userPassword_no ;
// Lock account?
var $userPassword_lock ;
2003-12-09 18:42:50 +00:00
2003-12-15 15:11:44 +00:00
// This variable contains all inetOrgPerson attributes
var $attributes ;
2003-12-09 18:42:50 +00:00
/* If an account was loaded all attributes are kept in this array
* to compare it with new changed attributes
*/
var $orig ;
2003-12-15 15:11:44 +00:00
/* These two variables keep an array of groups the
* user is also member of .
*/
var $groups ;
var $groups_orig ;
2003-12-20 21:42:52 +00:00
var $createhomedir ;
2003-12-09 18:42:50 +00:00
2004-07-02 16:09:44 +00:00
/** regular expression for home directory */
var $regex_homedir = '^[/]([a-z])([a-z0-9\\._-])*([/]([a-z\\$])([a-z0-9\\._-])*)*$' ;
/** list of possible error messages */
var $messages = array ();
2004-06-14 16:05:36 +00:00
2003-12-21 14:52:23 +00:00
/* $attribute [ 'userPassword' ] can 't accessed directly because it' s enrcypted
* To read / write password function userPassword is needed
* This function will return the unencrypted password when
* called without a variable
* If it ' s called with a new password , the
* new password will be stored encrypted
*/
function userPassword ( $newpassword = false ) {
if ( is_string ( $newpassword )) {
// Write new password
2004-09-12 10:27:14 +00:00
$this -> attributes [ 'userPassword' ][ 0 ] = base64_encode ( $_SESSION [ 'ldap' ] -> encrypt ( $newpassword ));
2003-12-21 14:52:23 +00:00
return 0 ;
}
else {
if ( $this -> attributes [ 'userPassword' ][ 0 ] != '' ) {
// Read existing password if set
2004-09-12 10:27:14 +00:00
return $_SESSION [ 'ldap' ] -> decrypt ( base64_decode ( $this -> attributes [ 'userPassword' ][ 0 ]));
2003-12-21 14:52:23 +00:00
}
else return '' ;
}
}
2003-12-20 19:24:01 +00:00
function module_ready () {
return true ;
}
2004-02-09 18:11:01 +00:00
/* This functions return true
* if all needed settings are done
*/
function module_complete () {
if ( ! $this -> module_ready ()) return false ;
if ( $this -> attributes [ 'uid' ][ 0 ] == '' ) return false ;
if ( $this -> attributes [ 'uidNumber' ][ 0 ] == '' ) return false ;
if ( $this -> attributes [ 'gidNumber' ][ 0 ] == '' ) return false ;
if ( $this -> attributes [ 'homeDirectory' ][ 0 ] == '' ) return false ;
if ( $this -> attributes [ 'loginShell' ][ 0 ] == '' ) return false ;
return true ;
}
2003-12-30 15:36:30 +00:00
/* This function returns a list of all html - pages in module
* This is usefull for mass upload and pdf - files
* because lam can walk trough all pages itself and do some
* error checkings
2003-12-09 18:42:50 +00:00
*/
2003-12-30 15:36:30 +00:00
function pages () {
2004-01-29 20:11:05 +00:00
return array ( 'attributes' , 'group' );
2003-12-09 18:42:50 +00:00
}
2003-12-30 15:36:30 +00:00
/* This function returns all ldap attributes
* which are part of posixAccount and returns
* also their values .
2003-12-12 00:51:23 +00:00
*/
2003-12-30 15:36:30 +00:00
function get_attributes () {
$return = $this -> attributes ;
$return [ 'userPassword' ] = $this -> userPassword ();
return $return ;
2003-12-12 00:51:23 +00:00
}
2003-12-09 18:42:50 +00:00
/* This function loads all attributes into the object
* $attr is an array as it ' s retured from ldap_get_attributes
*/
function load_attributes ( $attr ) {
2003-12-12 00:51:23 +00:00
// Load attributes which are displayed
2003-12-15 15:11:44 +00:00
// unset count entries
unset ( $attr [ 'count' ]);
$attributes = array_keys ( $attr );
foreach ( $attributes as $attribute ) unset ( $attr [ $attribute ][ 'count' ]);
// unset double entries
for ( $i = 0 ; $i < count ( $attr ); $i ++ )
if ( isset ( $attr [ $i ])) unset ( $attr [ $i ]);
foreach ( $attributes as $attribute ) {
if ( isset ( $this -> attributes [ $attribute ])) {
// decode as unicode
$this -> attributes [ $attribute ] = $attr [ $attribute ];
2003-12-30 17:09:15 +00:00
for ( $i = 0 ; $i < count ( $this -> attributes [ $attribute ]); $i ++ ) {
$this -> attributes [ $attribute ][ $i ] = utf8_decode ( $this -> attributes [ $attribute ][ $i ]);
$this -> orig [ $attribute ][ $i ] = utf8_decode ( $this -> attributes [ $attribute ][ $i ]);
}
2003-12-15 15:11:44 +00:00
}
2003-12-12 00:51:23 +00:00
}
2003-12-15 15:11:44 +00:00
// Values are kept as copy so we can compare old attributes with new attributes
2003-12-19 12:45:23 +00:00
$this -> attributes [ 'objectClass' ][ 0 ] = 'posixAccount' ;
2003-12-21 14:52:23 +00:00
2003-12-12 00:51:23 +00:00
// get all additional groupmemberships
2003-12-19 12:45:23 +00:00
$dn_groups = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> get_cache ( 'memberUid' , 'posixGroup' , 'group' );
2003-12-12 00:51:23 +00:00
$DNs = array_keys ( $dn_groups );
foreach ( $DNs as $DN ) {
2003-12-27 11:21:00 +00:00
if ( in_array ( $attr [ 'uid' ][ 0 ], $dn_groups [ $DN ])) {
$this -> groups [] = substr ( $DN , 3 , strpos ( $DN , ',' ) - 3 );
}
2003-12-12 00:51:23 +00:00
}
2003-12-15 15:11:44 +00:00
$this -> groups_orig = $this -> groups ;
2003-12-12 00:51:23 +00:00
return 0 ;
2003-12-09 18:42:50 +00:00
}
/* This function returns an array with 3 entries :
2003-12-12 00:51:23 +00:00
* array ( DN1 ( 'add' => array ( $attr ), 'remove' => array ( $attr ), 'modify' => array ( $attr )), DN2 .... )
* DN is the DN to change . It may be possible to change several DNs ,
* e . g . create a new user and add him to some groups via attribute memberUid
2003-12-09 18:42:50 +00:00
* add are attributes which have to be added to ldap entry
* remove are attributes which have to be removed from ldap entry
* modify are attributes which have to been modified in ldap entry
*/
function save_attributes () {
2003-12-20 19:24:01 +00:00
$return = $_SESSION [ $this -> base ] -> save_module_attributes ( $this -> attributes , $this -> orig );
2003-12-19 12:45:23 +00:00
2003-12-21 14:52:23 +00:00
if ( isset ( $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ]))
unset ( $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ]);
// Set unix password
if ( count ( $this -> orig [ 'userPassword' ]) == 0 ) {
// New user or no old password set
if ( $this -> userPassword_no ) {
2004-08-03 18:49:19 +00:00
$return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = pwd_hash ( '' , ! $this -> userPassword_lock , $this -> moduleSettings [ 'posixAccount_pwdHash' ][ 0 ]);
2003-12-21 14:52:23 +00:00
}
2004-08-03 18:49:19 +00:00
else $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = utf8_encode ( pwd_hash ( $this -> userPassword (), ! $this -> userPassword_lock , $this -> moduleSettings [ 'posixAccount_pwdHash' ][ 0 ]));
2003-12-21 14:52:23 +00:00
}
else {
if (( $this -> attributes [ 'userPassword' ][ 0 ] != $this -> orig [ 'userPassword' ][ 0 ] && $this -> userPassword () != '' ) || $this -> userPassword_no ) {
// Write new password
2004-08-03 18:49:19 +00:00
if ( $this -> userPassword_no ) $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = pwd_hash ( '' , ! $this -> userPassword_lock , $this -> moduleSettings [ 'posixAccount_pwdHash' ][ 0 ]);
else $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = utf8_encode ( pwd_hash ( $this -> userPassword (), ! $this -> userPassword_lock , $this -> moduleSettings [ 'posixAccount_pwdHash' ][ 0 ]));
2003-12-21 14:52:23 +00:00
}
else { // No new password but old password
// (un)lock password
if ( $this -> userPassword_lock == pwd_is_enabled ( $this -> orig [ 'userPassword' ][ 0 ])) {
2004-02-21 13:26:52 +00:00
if ( $this -> userPassword_lock ) {
$return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = utf8_encode ( pwd_disable ( $this -> orig [ 'userPassword' ][ 0 ]));
}
else {
$return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = utf8_encode ( pwd_enable ( $this -> orig [ 'userPassword' ][ 0 ]));
2003-12-21 14:52:23 +00:00
}
}
}
2004-02-21 13:26:52 +00:00
}
2003-12-21 14:52:23 +00:00
2003-12-15 15:11:44 +00:00
// Remove primary group from additional groups
for ( $i = 0 ; $i < count ( $this -> groups ); $i ++ ) {
2004-01-27 19:07:31 +00:00
if ( $this -> groups [ $i ] == $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgrnam ( $this -> attributes [ 'gidNumber' ][ 0 ])) unset ( $this -> groups [ $i ]);
2003-12-12 00:51:23 +00:00
}
2003-12-15 15:11:44 +00:00
2003-12-12 00:51:23 +00:00
// Set additional group memberships
2003-12-27 11:21:00 +00:00
if ( $this -> orig [ 'uid' ][ 0 ] != '' && $this -> attributes [ 'uid' ][ 0 ] != $this -> orig [ 'uid' ][ 0 ]) {
// remove old memberships
$dn_groups = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> get_cache ( 'memberUid' , 'posixGroup' , 'group' );
$DNs = array_keys ( $dn_groups );
foreach ( $DNs as $DN )
if ( in_array ( $this -> orig [ 'uid' ][ 0 ], $dn_groups [ $DN ]))
$return [ $DN ][ 'remove' ][ 'memberUid' ][ 0 ] = $this -> orig [ 'uid' ][ 0 ];
// Add new memberships
if ( is_array ( $this -> groups ))
foreach ( $this -> groups as $group ) {
2004-09-12 10:27:14 +00:00
$dn = $_SESSION [ 'ldap' ] -> in_cache ( $group , 'cn' , 'group' );
2003-12-27 11:21:00 +00:00
$return [ $dn ][ 'add' ][ 'memberUid' ][ 0 ] = $this -> attributes [ 'uid' ][ 0 ];
2003-12-12 00:51:23 +00:00
}
}
else {
2003-12-27 11:21:00 +00:00
if ( is_array ( $this -> groups )) {
// There are some additional groups defined
if ( is_array ( $this -> groups_orig )) {
//There are some old groups.
$add = array_delete ( $this -> groups_orig , $this -> groups );
$remove = array_delete ( $this -> groups , $this -> groups_orig );
$dn_cns = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> get_cache ( 'cn' , 'posixGroup' , 'group' );
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys ( $dn_cns );
foreach ( $DNs as $DN ) {
if ( is_array ( $add ))
2003-12-30 15:36:30 +00:00
if ( in_array ( $dn_cns [ $DN ][ 0 ], $add )) $return [ $DN ][ 'add' ][ 'memberUid' ] = $this -> attributes [ 'uid' ][ 0 ];
2003-12-27 11:21:00 +00:00
if ( is_array ( $remove ))
2003-12-30 15:36:30 +00:00
if ( in_array ( $dn_cns [ $DN ][ 0 ], $remove )) $return [ $DN ][ 'remove' ][ 'memberUid' ] = $this -> attributes [ 'uid' ][ 0 ];
2003-12-27 11:21:00 +00:00
}
// primary group mut also be removed if it has changed after setting additional groups
2003-12-30 15:36:30 +00:00
if ( in_array ( $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgrnam ( $this -> attributes [ 'gidNumber' ][ 0 ]), $this -> groups_orig )) $return [ $DN ][ 'remove' ][ 'memberUid' ] = $this -> attributes [ 'uid' ];
2003-12-27 11:21:00 +00:00
}
else {
// Add user to every group
$dn_cns = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> get_cache ( 'cn' , 'posixGroup' , 'group' );
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys ( $dn_cns );
foreach ( $DNs as $DN ) {
2003-12-30 15:36:30 +00:00
if ( in_array ( $dn_cns [ $DN ][ 0 ], $this -> groups )) $return [ $DN ][ 'add' ][ 'memberUid' ] = $this -> attributes [ 'uid' ][ 0 ];
2003-12-27 11:21:00 +00:00
}
}
}
else {
if ( is_array ( $this -> groups_orig )) {
//There are some old groups which have to be removed
$dn_cns = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> get_cache ( 'cn' , 'posixGroup' , 'group' );
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys ( $dn_cns );
foreach ( $DNs as $DN ) {
2003-12-30 15:36:30 +00:00
if ( in_array ( $dn_cns [ $DN ][ 0 ], $this -> orig [ 'groups' ])) $return [ $DN ][ 'remove' ][ 'memberUid' ] = $this -> attributes [ 'uid' ][ 0 ];
2003-12-27 11:21:00 +00:00
}
2003-12-12 00:51:23 +00:00
}
}
}
2003-12-27 11:21:00 +00:00
if ( $this -> createhomedir ) $return [ $_SESSION [ $this -> base ] -> dn ][ 'lamdaemon' ][ 'command' ][] = $this -> attributes [ 'uid' ][ 0 ] . " home add " ;
2003-12-15 15:11:44 +00:00
return $return ;
2003-12-09 18:42:50 +00:00
}
2003-12-30 15:36:30 +00:00
function delete_attributes ( $post ) {
$return = array ();
// remove memberUids if set
$groups = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> get_cache ( 'memberUid' , 'posixGroup' , 'group' );
$DNs = array_keys ( $groups );
for ( $i = 0 ; $i < count ( $DNs ); $i ++ ) {
2004-01-10 11:47:48 +00:00
if ( in_array ( $this -> attributes [ 'uid' ][ 0 ], $groups [ $DNs [ $i ]])) $return [ $DNs [ $i ]][ 'remove' ][ 'memberUid' ][] = $this -> attributes [ 'uid' ][ 0 ];
2003-12-30 15:36:30 +00:00
}
2004-01-10 11:47:48 +00:00
if ( $post [ 'deletehomedir' ]) $return [ $_SESSION [ $this -> base ] -> dn_orig ][ 'lamdaemon' ][ 'command' ][] = $this -> attributes [ 'uid' ][ 0 ] . " home rem " ;
2003-12-30 15:36:30 +00:00
return $return ;
}
2003-12-15 15:11:44 +00:00
2003-12-30 15:36:30 +00:00
/* Write variables into object and do some regexp checks
*/
2004-01-27 19:07:31 +00:00
function proccess_attributes ( $post , $profile = false ) {
2003-12-30 15:36:30 +00:00
if ( $this -> orig [ 'uid' ][ 0 ] != '' && $post [ 'uid' ] != $this -> attributes [ 'uid' ][ 0 ])
2004-01-27 19:07:31 +00:00
$errors [ 'uid' ][] = array ( 'INFO' , _ ( 'UID' ), _ ( 'UID has changed. Do you want to change home directory?' ));
2003-12-30 15:36:30 +00:00
if ( $this -> orig [ 'gidNumber' ][ 0 ] != '' && $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgid ( $post [ 'gidNumber' ]) != $this -> attributes [ 'gidNumber' ][ 0 ])
2004-01-27 19:07:31 +00:00
$errors [ 'gidNumber' ][] = array ( 'INFO' , _ ( 'GID number' ), sprintf ( _ ( 'GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\'' ), $this -> orig [ 'gidNumber' ][ 0 ], $this -> orig [ 'uidNumber' ][ 0 ], $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgid ( $post [ 'gidNumber' ])));
2003-12-30 15:36:30 +00:00
if ( $this -> orig [ 'uidNumber' ][ 0 ] != '' && $post [ 'uidNumber' ] != $this -> attributes [ 'uidNumber' ][ 0 ])
2004-01-27 19:07:31 +00:00
$errors [ 'uidNumber' ][] = array ( 'INFO' , _ ( 'UID number' ), sprintf ( _ ( 'UID number has changed. To keep file ownership you have to run the following command as root: \'find / -uid %s -exec chown %s {} \;\'' ), $this -> orig [ 'uidNumber' ][ 0 ], $this -> attributes [ 'uidNumber' ][ 0 ]));
2003-12-30 15:36:30 +00:00
if ( isset ( $post [ 'homeDirectory' ]) && $this -> orig [ 'homeDirectory' ][ 0 ] != '' && $post [ 'homeDirectory' ] != $this -> attributes [ 'homeDirectory' ][ 0 ])
2004-01-27 19:07:31 +00:00
$errors [ 'homeDirectory' ][] = array ( 'INFO' , _ ( 'Home directory' ), sprintf ( _ ( 'Home directory changed. To keep home directory you have to run the following command as root: \'mv %s %s\'' ), $this -> orig [ 'homeDirectory' ][ 0 ], $this -> attributes [ 'homeDirectory' ][ 0 ]));
2003-12-27 11:21:00 +00:00
2003-12-30 15:36:30 +00:00
// Load attributes
$this -> attributes [ 'uid' ][ 0 ] = $post [ 'uid' ];
$this -> attributes [ 'cn' ][ 0 ] = $this -> attributes [ 'uid' ][ 0 ];
$this -> attributes [ 'uidNumber' ][ 0 ] = $post [ 'uidNumber' ];
$this -> attributes [ 'gidNumber' ][ 0 ] = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgid ( $post [ 'gidNumber' ]);
$this -> attributes [ 'homeDirectory' ][ 0 ] = $post [ 'homeDirectory' ];
$this -> attributes [ 'loginShell' ][ 0 ] = $post [ 'loginShell' ];
$this -> attributes [ 'gecos' ][ 0 ] = $post [ 'gecos' ];
if ( $post [ 'createhomedir' ]) $this -> createhomedir = true ;
else $this -> createhomedir = false ;
if ( $post [ 'userPassword_no' ]) $this -> userPassword_no = true ;
else $this -> userPassword_no = false ;
if ( $post [ 'userPassword_lock' ]) $this -> userPassword_lock = true ;
else $this -> userPassword_lock = false ;
2004-01-27 19:07:31 +00:00
if ( ! $profile ) {
if ( $post [ 'genpass' ]) $this -> userPassword ( genpasswd ());
2004-02-09 18:11:01 +00:00
else if ( isset ( $post [ 'userPassword' ])) {
if ( $post [ 'userPassword' ] != $post [ 'userPassword2' ]) {
$errors [ 'userPassword' ][] = array ( 'ERROR' , _ ( 'Password' ), _ ( 'Please enter the same password in both password-fields.' ));
unset ( $post [ 'userPassword2' ]);
}
else $this -> userPassword ( $post [ 'userPassword' ]);
}
2004-01-27 19:07:31 +00:00
// Check if UID is valid. If none value was entered, the next useable value will be inserted
// load min and may uidNumber
if ( $_SESSION [ $this -> base ] -> type == 'user' ) {
2004-08-01 09:39:24 +00:00
$minID = intval ( $this -> moduleSettings [ 'posixAccount_minUID' ][ 0 ]);
$maxID = intval ( $this -> moduleSettings [ 'posixAccount_maxUID' ][ 0 ]);
2004-01-27 19:07:31 +00:00
}
if ( $_SESSION [ $this -> base ] -> type == 'host' ) {
2004-08-01 09:39:24 +00:00
$minID = intval ( $this -> moduleSettings [ 'posixAccount_minMachine' ][ 0 ]);
$maxID = intval ( $this -> moduleSettings [ 'posixAccount_maxMachine' ][ 0 ]);
2004-01-27 19:07:31 +00:00
}
$dn_uids = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> get_cache ( 'uidNumber' , 'posixAccount' , '*' );
// get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
foreach ( $dn_uids as $uid ) $uids [] = $uid [ 0 ];
if ( is_array ( $uids )) sort ( $uids , SORT_NUMERIC );
if ( $this -> attributes [ 'uidNumber' ][ 0 ] == '' ) {
// No id-number given
if ( $this -> orig [ 'uidNumber' ][ 0 ] == '' ) {
// new account -> we have to find a free id-number
if ( count ( $uids ) != 0 ) {
// There are some uids
// Store highest id-number
$id = $uids [ count ( $uids ) - 1 ];
// Return minimum allowed id-number if all found id-numbers are too low
if ( $id < $minID ) $this -> attributes [ 'uidNumber' ][ 0 ] = $minID ;
// Return higesht used id-number + 1 if it's still in valid range
if ( $id < $maxID ) $this -> attributes [ 'uidNumber' ][ 0 ] = $id + 1 ;
/* If this function is still running we have to fid a free id - number between
* the used id - numbers
*/
$i = intval ( $minID );
while ( in_array ( $i , $uids )) $i ++ ;
if ( $i > $maxID )
$errors [ 'uidNumber' ][] = array ( 'ERROR' , _ ( 'ID-Number' ), _ ( 'No free ID-Number!' ));
else {
$this -> attributes [ 'uidNumber' ][ 0 ] = $i ;
$errors [ 'uidNumber' ][] = array ( 'WARN' , _ ( 'ID-Number' ), _ ( 'It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.' ));
}
}
else $this -> attributes [ 'uidNumber' ][ 0 ] = $minID ;
// return minimum allowed id-number if no id-numbers are found
2003-12-30 15:36:30 +00:00
}
2004-01-27 19:07:31 +00:00
else $this -> attributes [ 'uidNumber' ][ 0 ] = $this -> orig [ 'uidNumber' ][ 0 ];
// old account -> return id-number which has been used
2003-12-30 15:36:30 +00:00
}
2004-01-27 19:07:31 +00:00
else {
// Check manual ID
// id-number is out of valid range
if ( ( $this -> attributes [ 'uidNumber' ][ 0 ] != $post [ 'uidNumber' ]) && ( $this -> attributes [ 'uidNumber' ][ 0 ] < $minID || $this -> attributes [ 'uidNumber' ][ 0 ] > $maxID )) $errors [ 'uidNumber' ][] = array ( 'ERROR' , _ ( 'ID-Number' ), sprintf ( _ ( 'Please enter a value between %s and %s!' ), $minID , $maxID ));
// $uids is allways an array but not if no entries were found
if ( is_array ( $uids )) {
// id-number is in use and account is a new account
if (( in_array ( $this -> attributes [ 'uidNumber' ][ 0 ], $uids )) && $this -> orig [ 'uidNumber' ][ 0 ] == '' ) $errors [ 'uidNumber' ][] = array ( 'ERROR' , _ ( 'ID-Number' ), _ ( 'ID is already in use' ));
// id-number is in use, account is existing account and id-number is not used by itself
if (( in_array ( $this -> attributes [ 'uidNumber' ][ 0 ], $uids )) && $this -> orig [ 'uidNumber' ][ 0 ] != '' && ( $this -> orig [ 'uidNumber' ][ 0 ] != $this -> attributes [ 'uidNumber' ][ 0 ]) ) {
$errors [ 'uidNumber' ][] = array ( 'ERROR' , _ ( 'ID-Number' ), _ ( 'ID is already in use' ));
$this -> attributes [ 'uidNumber' ][ 0 ] = $this -> orig [ 'uidNumber' ][ 0 ];
}
2003-12-30 15:36:30 +00:00
}
}
}
if ( $_SESSION [ $this -> base ] -> type == 'user' ) {
2004-01-27 19:07:31 +00:00
if (( $this -> attributes [ 'uid' ][ 0 ] != $post [ 'uid' ]) && ereg ( '[A-Z]$' , $post [ 'uid' ]) && ! $profile )
$errors [ 'uid' ][] = array ( 'WARN' , _ ( 'Username' ), _ ( 'You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.' ));
2003-12-30 15:36:30 +00:00
// Check if Homedir is valid
2004-01-27 19:07:31 +00:00
if ( ! $profile ) {
$this -> attributes [ 'homeDirectory' ][ 0 ] = str_replace ( '$group' , $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgrnam ( $this -> attributes [ 'gidNumber' ][ 0 ]), $this -> attributes [ 'homeDirectory' ][ 0 ]);
if ( $this -> attributes [ 'uid' ][ 0 ] != '' )
$this -> attributes [ 'homeDirectory' ][ 0 ] = str_replace ( '$user' , $this -> attributes [ 'uid' ][ 0 ], $this -> attributes [ 'homeDirectory' ][ 0 ]);
if ( $this -> attributes [ 'homeDirectory' ][ 0 ] != $post [ 'homeDirectory' ]) $errors [ 'homeDirecotry' ][] = array ( 'INFO' , _ ( 'Home directory' ), _ ( 'Replaced $user or $group in homedir.' ));
}
2004-07-02 16:09:44 +00:00
if ( ! eregi ( $this -> regex_homedir , $this -> attributes [ 'homeDirectory' ][ 0 ] ))
$errors [ 'homeDirecotry' ][] = $this -> messages [ 'homedir' ];
2003-12-30 15:36:30 +00:00
// Check if Username contains only valid characters
2004-01-27 19:07:31 +00:00
if ( ! ereg ( '^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$' , $this -> attributes [ 'uid' ][ 0 ]) && ! $profile )
$errors [ 'uid' ][] = array ( 'ERROR' , _ ( 'Username' ), _ ( 'Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !' ));
2003-12-30 15:36:30 +00:00
}
2003-12-27 11:21:00 +00:00
2004-01-27 19:07:31 +00:00
if ( $_SESSION [ $this -> base ] -> type == 'host' && ! $profile ) {
2003-12-30 15:36:30 +00:00
if (( $this -> attributes [ 'uid' ][ 0 ] != $post [ 'form_account_uid' ]) && ereg ( '[A-Z]$' , $post [ 'form_account_uid' ]))
2004-01-27 19:07:31 +00:00
$errors [ 'uid' ][] = array ( 'WARN' , _ ( 'Hostname' ), _ ( 'You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.' ));
2003-12-30 15:36:30 +00:00
// Check if Username contains only valid characters
if ( ! ereg ( '^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+[$]$' , $this -> attributes [ 'uid' ][ 0 ]))
2004-01-27 19:07:31 +00:00
$errors [ 'uid' ][] = array ( 'ERROR' , _ ( 'Hostname' ), _ ( 'Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ ! Hostname must end with $ !' ));
2003-12-30 15:36:30 +00:00
}
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
2004-01-27 19:07:31 +00:00
if ( ! $profile ) {
if ( $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> in_cache ( $this -> attributes [ 'uid' ][ 0 ], 'uid' , '*' ) != false && ( $this -> orig [ 'uid' ][ 0 ] != '' )) {
$this -> attributes [ 'uid' ][ 0 ] = $this -> orig [ 'uid' ][ 0 ];
}
// Change uid to a new uid until a free uid is found
else while ( $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> in_cache ( $this -> attributes [ 'uid' ][ 0 ], 'uid' , '*' )) {
if ( $_SESSION [ $this -> base ] -> type == 'host' ) $this -> attributes [ 'uid' ][ 0 ] = substr ( $this -> attributes [ 'uid' ][ 0 ], 0 , - 1 );
// get last character of username
$lastchar = substr ( $this -> attributes [ 'uid' ][ 0 ], strlen ( $this -> attributes [ 'uid' ][ 0 ]) - 1 , 1 );
// Last character is no number
if ( ! ereg ( '^([0-9])+$' , $lastchar ))
/* Last character is no number . Therefore we only have to
* add " 2 " to it .
*/
if ( $_SESSION [ $this -> base ] -> type == 'host' ) $this -> attributes [ 'uid' ][ 0 ] = $this -> attributes [ 'uid' ][ 0 ] . '2$' ;
else $this -> attributes [ 'uid' ][ 0 ] = $this -> attributes [ 'uid' ][ 0 ] . '2' ;
else {
/* Last character is a number -> we have to increase the number until we ' ve
* found a groupname with trailing number which is not in use .
*
* $i will show us were we have to split groupname so we get a part
* with the groupname and a part with the trailing number
*/
$i = strlen ( $this -> attributes [ 'uid' ][ 0 ]) - 1 ;
$mark = false ;
// Set $i to the last character which is a number in $account_new->general_username
while ( ! $mark ) {
if ( ereg ( '^([0-9])+$' , substr ( $this -> attributes [ 'uid' ][ 0 ], $i , strlen ( $this -> attributes [ 'uid' ][ 0 ]) - $i ))) $i -- ;
else $mark = true ;
}
// increase last number with one
$firstchars = substr ( $this -> attributes [ 'uid' ][ 0 ], 0 , $i + 1 );
$lastchars = substr ( $this -> attributes [ 'uid' ][ 0 ], $i + 1 , strlen ( $this -> attributes [ 'uid' ][ 0 ]) - $i );
// Put username together
if ( $_SESSION [ $this -> base ] -> type == 'host' ) $this -> attributes [ 'uid' ][ 0 ] = $firstchars . ( intval ( $lastchars ) + 1 ) . " $ " ;
else $this -> attributes [ 'uid' ][ 0 ] = $firstchars . ( intval ( $lastchars ) + 1 );
2003-12-30 15:36:30 +00:00
}
}
// Show warning if lam has changed username
if ( $_SESSION [ $this -> base ] -> type == 'user' )
if ( $this -> attributes [ 'uid' ][ 0 ] != $post [ 'uid' ]) {
2004-01-27 19:07:31 +00:00
$errors [ 'uid' ][] = array ( 'WARN' , _ ( 'Username' ), _ ( 'Username in use. Selected next free username.' ));
2003-12-30 15:36:30 +00:00
}
if ( $_SESSION [ $this -> base ] -> type == 'host' )
if ( $this -> attributes [ 'uid' ][ 0 ] != $post [ 'uid' ]) {
2004-01-27 19:07:31 +00:00
$errors [ 'uid' ][] = array ( 'WARN' , _ ( 'Hostname' ), _ ( 'Hostname in use. Selected next free hostname.' ));
2003-12-30 15:36:30 +00:00
}
2004-01-27 19:07:31 +00:00
if ( ! ereg ( '^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$' , $this -> userPassword ()))
$errors [ 'userPassword' ][] = array ( 'ERROR' , _ ( 'Password' ), _ ( 'Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !' ));
}
2003-12-30 15:36:30 +00:00
// Return error-messages
if ( is_array ( $errors )) return $errors ;
// Go to additional group page when no error did ocour and button was pressed
if ( $post [ 'addgroup' ]) return 'group' ;
return 0 ;
}
/* Write variables into object and do some regexp checks
2003-12-09 18:42:50 +00:00
*/
2004-01-27 19:07:31 +00:00
function proccess_group ( $post , $profile = false ) {
2003-12-30 15:36:30 +00:00
do { // X-Or, only one if() can be true
if ( isset ( $post [ 'addgroups' ]) && isset ( $post [ 'addgroups_button' ])) { // Add groups to list
// Add new group
$this -> groups = @ array_merge ( $this -> groups , $post [ 'addgroups' ]);
// sort groups
sort ( $this -> groups );
break ;
}
if ( isset ( $post [ 'removegroups' ]) && isset ( $post [ 'removegroups_button' ])) { // remove groups from list
$this -> groups = array_delete ( $post [ 'removegroups' ], $this -> groups );
break ;
}
} while ( 0 );
if ( isset ( $post [ 'addgroups_button' ]) || isset ( $post [ 'removegroups_button' ])) return 'group' ;
2004-02-09 20:15:43 +00:00
if ( $post [ 'back' ]) return 'attributes' ;
2003-12-30 15:36:30 +00:00
return 0 ;
2003-12-09 18:42:50 +00:00
}
/* This function will create the html - page
* to show a page with all attributes .
* It will output a complete html - table
*/
2004-01-18 12:52:52 +00:00
function display_html_attributes ( $post , $profile = false ) {
2003-12-27 11:21:00 +00:00
$groups = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> findgroups (); // list of all groupnames
2003-12-09 18:42:50 +00:00
$shelllist = getshells (); // list of all valid shells
2004-01-18 12:52:52 +00:00
if ( ! $profile ) {
2004-01-27 19:07:31 +00:00
if ( $this -> attributes [ 'userPassword' ][ 0 ] != $this -> orig [ 'userPassword' ][ 0 ]) $password = $this -> userPassword ();
else $password = '' ;
2004-01-18 12:52:52 +00:00
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( " Username " ) . '*' ),
1 => array ( 'kind' => 'input' , 'name' => 'uid' , 'type' => 'text' , 'size' => '20' , 'maxlength' => '20' , 'value' => $this -> attributes [ 'uid' ][ 0 ]),
2 => array ( 'kind' => 'help' , 'value' => 'uid' ));
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'UID number' ) . '*' ),
1 => array ( 'kind' => 'input' , 'name' => 'uidNumber' , 'type' => 'text' , 'size' => '6' , 'maxlength' => '6' , 'value' => $this -> attributes [ 'uidNumber' ][ 0 ]),
2 => array ( 'kind' => 'help' , 'value' => 'uidNumber' ));
}
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Gecos' ) ),
1 => array ( 'kind' => 'input' , 'name' => 'gecos' , 'type' => 'text' , 'size' => '30' , 'maxlength' => '255' , 'value' => $this -> attributes [ 'gecos' ][ 0 ]),
2 => array ( 'kind' => 'help' , 'value' => 'gecos' ));
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Primary group' ) . '*' ),
1 => array ( 'kind' => 'select' , 'name' => 'gidNumber' , 'options' => $groups , 'options_selected' =>
array ( $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgrnam ( $this -> attributes [ 'gidNumber' ][ 0 ]))),
2 => array ( 'kind' => 'help' , 'value' => 'gidNumber' ));
2003-12-19 12:45:23 +00:00
if ( $_SESSION [ $this -> base ] -> type == 'user' ) {
2004-01-27 19:07:31 +00:00
if ( ! $profile ) {
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Additional groups' ) ),
1 => array ( 'kind' => 'input' , 'name' => 'addgroup' , 'type' => 'submit' , 'value' => _ ( 'Edit groups' )),
2 => array ( 'kind' => 'help' , 'value' => 'addgroup' ));
}
2004-01-18 12:52:52 +00:00
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Home directory' ) . '*' ),
1 => array ( 'kind' => 'input' , 'name' => 'homeDirectory' , 'type' => 'text' , 'size' => '30' , 'maxlength' => '255' , 'value' => $this -> attributes [ 'homeDirectory' ][ 0 ]),
2 => array ( 'kind' => 'help' , 'value' => 'homeDirectory' ));
if ( ! $profile ) {
2004-09-12 10:27:14 +00:00
if ( $this -> orig [ 'homeDirectory' ] == '' && isset ( $_SESSION [ 'config' ] -> scriptPath )) {
2004-01-18 12:52:52 +00:00
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Create home directory' ) ),
1 => array ( 'kind' => 'input' , 'name' => 'createhomedir' , 'type' => 'checkbox' , 'checked' => $this -> createhomedir ),
2 => array ( 'kind' => 'help' , 'value' => 'createhomedir' ));
}
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Password' ) ),
1 => array ( 'kind' => 'input' , 'name' => 'userPassword' , 'type' => 'password' , 'size' => '20' , 'maxlength' => '255' , 'value' => $password ),
2 => array ( 'kind' => 'input' , 'name' => 'genpass' , 'type' => 'submit' , 'value' => _ ( 'Generate password' )));
if ( $post [ 'userPassword2' ] != '' ) $password2 = $post [ 'userPassword2' ];
2004-02-09 18:11:01 +00:00
else $password2 = $password ;
2004-01-18 12:52:52 +00:00
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Repeat password' ) ),
1 => array ( 'kind' => 'input' , 'name' => 'userPassword2' , 'type' => 'password' , 'size' => '20' , 'maxlength' => '255' , 'value' => $password2 ),
2 => array ( 'kind' => 'help' , 'value' => 'userPassword' ));
2003-12-09 18:42:50 +00:00
}
2004-04-04 13:48:21 +00:00
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Set no password' ) ),
2004-01-18 12:52:52 +00:00
1 => array ( 'kind' => 'input' , 'name' => 'userPassword_no' , 'type' => 'checkbox' , 'checked' => $this -> userPassword_no ),
2 => array ( 'kind' => 'help' , 'value' => 'userPassword_no' ));
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Lock password' ) ),
1 => array ( 'kind' => 'input' , 'name' => 'userPassword_lock' , 'type' => 'checkbox' , 'checked' => $this -> userPassword_lock ),
2 => array ( 'kind' => 'help' , 'value' => 'userPassword_lock' ));
if ( count ( $shelllist ) != 0 )
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Login shell' ) . '*' ),
1 => array ( 'kind' => 'select' , 'name' => 'loginShell' , 'options' => $shelllist , 'options_selected' =>
array ( $this -> attributes [ 'loginShell' ][ 0 ])),
2 => array ( 'kind' => 'help' , 'value' => 'loginShell' ));
2003-12-09 18:42:50 +00:00
}
2004-01-18 12:52:52 +00:00
return $return ;
2003-12-09 18:42:50 +00:00
}
2003-12-30 15:36:30 +00:00
function display_html_delete ( $post ) {
2004-09-12 10:27:14 +00:00
if ( $_SESSION [ $this -> base ] -> type == 'user' && isset ( $_SESSION [ 'config' ] -> scriptPath )) {
2004-01-18 12:52:52 +00:00
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Delete home directory' ) ),
1 => array ( 'kind' => 'input' , 'name' => 'deletehomedir' , 'type' => 'checkbox' ),
2 => array ( 'kind' => 'help' , 'value' => 'deletehomedir' ));
2003-12-30 15:36:30 +00:00
}
2004-01-18 12:52:52 +00:00
return $return ;
2003-12-30 15:36:30 +00:00
}
2004-01-18 12:52:52 +00:00
function display_html_group ( $post , $profile = false ) {
2003-12-09 18:42:50 +00:00
// load list with all groups
2003-12-27 11:21:00 +00:00
$dn_groups = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> get_cache ( 'gidNumber' , 'posixGroup' , 'group' );
$DNs = array_keys ( $dn_groups );
foreach ( $DNs as $DN )
$groups [] = substr ( $DN , 3 , strpos ( $DN , ',' ) - 3 );
2003-12-09 18:42:50 +00:00
// remove groups the user is member of from grouplist
$groups = array_delete ( $this -> groups , $groups );
// Remove primary group from grouplist
2004-02-09 20:15:43 +00:00
$group = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgrnam ( $this -> attributes [ 'gidNumber' ][ 0 ]);
2003-12-09 18:42:50 +00:00
$groups = array_flip ( $groups );
2004-02-09 20:15:43 +00:00
unset ( $groups [ $group ]);
2003-12-09 18:42:50 +00:00
$groups = array_flip ( $groups );
2004-02-09 20:15:43 +00:00
// sort groups
sort ( $groups , SORT_STRING );
2004-01-18 12:52:52 +00:00
$return [] = array ( 0 => array ( 'kind' => 'fieldset' , 'legend' => _ ( " Additional groups " ), 'value' =>
array ( 0 => array ( 0 => array ( 'kind' => 'fieldset' , 'td' => array ( 'valign' => 'top' ), 'legend' => _ ( " Selected groups " ), 'value' =>
array ( 0 => array ( 0 => array ( 'kind' => 'select' , 'name' => 'removegroups[]' , 'size' => '15' , 'multiple' , 'options' => $this -> groups )))),
1 => array ( 'kind' => 'table' , 'value' => array ( 0 => array ( 0 => array ( 'kind' => 'input' , 'type' => 'submit' , 'name' => 'addgroups_button' ,
'value' => '<=' )), 1 => array ( 0 => array ( 'kind' => 'input' , 'type' => 'submit' , 'name' => 'removegroups_button' , 'value' => '=>' )),
2 => array ( 0 => array ( 'kind' => 'help' , 'value' => 'addgroup' )))),
2 => array ( 'kind' => 'fieldset' , 'td' => array ( 'valign' => 'top' ), 'legend' => _ ( " Available groups " ), 'value' =>
array ( 0 => array ( 0 => array ( 'kind' => 'select' , 'name' => 'addgroups[]' , 'size' => '15' , 'multiple' , 'options' => $groups ))))
))));
2004-02-09 20:15:43 +00:00
$return [] = array ( 0 => array ( 'kind' => 'input' , 'type' => 'submit' , 'value' => _ ( 'Back' ), 'name' => 'back' ),
2004-01-18 12:52:52 +00:00
1 => array ( 'kind' => 'text' ),
2 => array ( 'kind' => 'text' ));
return $return ;
2003-12-09 18:42:50 +00:00
}
2004-04-03 14:47:33 +00:00
function get_profileOptions () {
2004-03-09 12:03:39 +00:00
$return = array ();
2004-04-04 13:48:21 +00:00
if ( $_SESSION [ $this -> base ] -> type == 'user' ) {
$groups = $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> findgroups (); // list of all groupnames
$shelllist = getshells (); // list of all valid shells
// primary Unix group
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Primary group' ) . " : " ),
1 => array ( 'kind' => 'select' , 'name' => 'posixAccount_primaryGroup' , 'options' => $groups , 'options_selected' => array (), 'size' => 1 ),
2 => array ( 'kind' => 'help' , 'value' => 'TODO' ));
// additional group memberships
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Additional groups' ) . " : " ),
1 => array ( 'kind' => 'select' , 'name' => 'posixAccount_additionalGroup' , 'options' => $groups ,
'options_selected' => array (), 'size' => 10 , 'multiple' => true ),
2 => array ( 'kind' => 'help' , 'value' => 'TODO' ));
// home directory
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Home directory' ) . " : " ),
1 => array ( 'kind' => 'input' , 'name' => 'posixAccount_homeDirectory' , 'type' => 'text' , 'size' => '30' , 'maxlength' => '255' , 'value' => '/home/$user' ),
2 => array ( 'kind' => 'help' , 'value' => 'TODO' ));
// login shell
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Login shell' ) . " : " ),
1 => array ( 'kind' => 'select' , 'name' => 'posixAccount_loginShell' , 'options' => $shelllist , 'options_selected' => array ( " /bin/bash " )),
2 => array ( 'kind' => 'help' , 'value' => 'TODO' ));
// do not set password
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Set no password' ) . " : " ),
1 => array ( 'kind' => 'input' , 'name' => 'posixAccount_userPassword_no' , 'type' => 'checkbox' , 'checked' => false ),
2 => array ( 'kind' => 'help' , 'value' => 'TODO' ));
// disable account
$return [] = array ( 0 => array ( 'kind' => 'text' , 'text' => _ ( 'Lock password' ) . " : " ),
1 => array ( 'kind' => 'input' , 'name' => 'posixAccount_userPassword_lock' , 'type' => 'checkbox' , 'checked' => false ),
2 => array ( 'kind' => 'help' , 'value' => 'TODO' ));
}
2004-03-09 12:03:39 +00:00
return $return ;
2003-12-09 18:42:50 +00:00
}
2004-08-17 15:16:17 +00:00
/*
* ( non - PHPDoc )
* @ see baseModule #get_pdfEntries
*/
2004-05-29 19:20:28 +00:00
function get_pdfEntries ( $account_type = " user " ) {
return array ( 'posixAccount_uid' => array ( '<block><key>' . _ ( 'Username' ) . '</key><value>' . $this -> attributes [ 'uid' ][ 0 ] . '</value></block>' ),
'posixAccount_uidNumber' => array ( '<block><key>' . _ ( 'UID number' ) . '</key><value>' . $this -> attributes [ 'uidNumber' ][ 0 ] . '</value></block>' ),
'posixAccount_gidNumber' => array ( '<block><key>' . _ ( 'GID number' ) . '</key><value>' . $this -> attributes [ 'gidNumber' ][ 0 ] . '</value></block>' ),
'posixAccount_gecos' => array ( '<block><key>' . _ ( 'Gecos' ) . '</key><value>' . $this -> attributes [ 'gecos' ][ 0 ] . '</value></block>' ),
'posixAccount_primaryGroup' => array ( '<block><key>' . _ ( 'Primary group' ) . '</key><value>' . $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> getgrnam ( $this -> attributes [ 'gidNumber' ][ 0 ]) . '</value></block>' ),
'posixAccount_additionalGroups' => array ( '<block><key>' . _ ( 'Additional groups' ) . '</key><value>' . '</value></block>' ),
'posixAccount_homeDirectory' => array ( '<block><key>' . _ ( 'Home directory' ) . '</key><value>' . $this -> attributes [ 'homeDirectory' ][ 0 ] . '</value></block>' ),
'posixAccount_userPassword' => array ( '<block><key>' . _ ( 'Password' ) . '</key><value>' . $this -> attributes [ 'userPassword' ][ 0 ] . '</value></block>' ),
'posixAccount_loginShell' => array ( '<block><key>' . _ ( 'Login Shell' ) . '</key><value>' . $this -> attributes [ 'loginShell' ][ 0 ] . '</value></block>' ),
2004-05-24 21:39:57 +00:00
);
}
2004-03-14 17:33:05 +00:00
2004-08-01 09:39:24 +00:00
/**
* Checks input values of module settings .
*
* @ param array $scopes list of account types which are used
* @ param array $options hash array containing the settings ( array ( 'option' => array ( 'value' )))
* @ return array list of error messages
*/
function check_configOptions ( $scopes , $options ) {
$return = array ();
// user settings
if ( in_array ( 'user' , $scopes )) {
// min/maxUID are required, check if they are numeric
if ( ! isset ( $options [ 'posixAccount_minUID' ][ 0 ]) || ! ereg ( '^[0-9]+$' , $options [ 'posixAccount_minUID' ][ 0 ])) {
$return [] = $this -> messages [ 'minUID' ];
}
if ( ! isset ( $options [ 'posixAccount_maxUID' ][ 0 ]) || ! ereg ( '^[0-9]+$' , $options [ 'posixAccount_maxUID' ][ 0 ])) {
$return [] = $this -> messages [ 'maxUID' ];
}
// minUID < maxUID
if ( isset ( $options [ 'posixAccount_minUID' ][ 0 ]) && isset ( $options [ 'posixAccount_maxUID' ][ 0 ])) {
if ( $options [ 'posixAccount_minUID' ][ 0 ] > $options [ 'posixAccount_maxUID' ][ 0 ]) {
$return [] = $this -> messages [ 'cmp_UID' ];
}
}
}
// host settings
if ( in_array ( 'host' , $scopes )) {
// min/maxUID are required, check if they are numeric
if ( ! isset ( $options [ 'posixAccount_minMachine' ][ 0 ]) || ! ereg ( '^[0-9]+$' , $options [ 'posixAccount_minMachine' ][ 0 ])) {
$return [] = $this -> messages [ 'minMachine' ];
}
if ( ! isset ( $options [ 'posixAccount_maxMachine' ][ 0 ]) || ! ereg ( '^[0-9]+$' , $options [ 'posixAccount_maxMachine' ][ 0 ])) {
$return [] = $this -> messages [ 'maxMachine' ];
}
// minUID < maxUID
if ( isset ( $options [ 'posixAccount_minMachine' ][ 0 ]) && isset ( $options [ 'posixAccount_maxMachine' ][ 0 ])) {
if ( $options [ 'posixAccount_minMachine' ][ 0 ] > $options [ 'posixAccount_maxMachine' ][ 0 ]) {
$return [] = $this -> messages [ 'cmp_Machine' ];
}
}
}
// check if user and host ranges overlap
if ( in_array ( 'user' , $scopes ) && in_array ( 'host' , $scopes )) {
if ( isset ( $options [ 'posixAccount_minUID' ][ 0 ]) && isset ( $options [ 'posixAccount_maxUID' ][ 0 ]) &&
isset ( $options [ 'posixAccount_minMachine' ][ 0 ]) && isset ( $options [ 'posixAccount_maxMachine' ][ 0 ])) {
if (( $options [ 'posixAccount_minMachine' ][ 0 ] > $options [ 'posixAccount_minUID' ][ 0 ]) &&
( $options [ 'posixAccount_minMachine' ][ 0 ] < $options [ 'posixAccount_maxUID' ][ 0 ])) {
$return [] = $this -> messages [ 'cmp_both' ];
}
if (( $options [ 'posixAccount_minUID' ][ 0 ] > $options [ 'posixAccount_minMachine' ][ 0 ]) &&
( $options [ 'posixAccount_minUID' ][ 0 ] < $options [ 'posixAccount_maxMachine' ][ 0 ])) {
$return [] = $this -> messages [ 'cmp_both' ];
}
}
}
return $return ;
}
2004-03-09 12:03:39 +00:00
}
2003-12-09 18:42:50 +00:00
?>