2006-01-01 16:30:05 +00:00
< ? php
/*
$Id $
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager ( http :// www . ldap - account - manager . org / )
2017-05-07 11:26:41 +00:00
Copyright ( C ) 2005 - 2017 Roland Gruber
2006-01-01 16:30:05 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
*/
/**
* The account type for user accounts ( e . g . Unix , Samba and Kolab ) .
*
* @ package types
* @ author Roland Gruber
*/
/**
* The account type for user accounts ( e . g . Unix , Samba and Kolab ) .
2006-02-07 16:05:37 +00:00
*
* @ package types
2006-01-01 16:30:05 +00:00
*/
class user extends baseType {
2015-08-23 17:56:27 +00:00
2009-02-18 19:15:56 +00:00
/**
* Constructs a new user type object .
2017-04-26 16:22:05 +00:00
*
* @ param ConfiguredType $type configuration
2009-02-18 19:15:56 +00:00
*/
2017-04-26 16:22:05 +00:00
public function __construct ( $type ) {
parent :: __construct ( $type );
2009-02-18 19:15:56 +00:00
$this -> LABEL_CREATE_ANOTHER_ACCOUNT = _ ( 'Create another user' );
$this -> LABEL_BACK_TO_ACCOUNT_LIST = _ ( 'Back to user list' );
}
2015-08-23 17:56:27 +00:00
2006-01-01 16:30:05 +00:00
/**
* Returns the alias name of this account type .
*
* @ return string alias name
*/
function getAlias () {
return _ ( " Users " );
}
2015-08-23 17:56:27 +00:00
2006-01-01 16:30:05 +00:00
/**
* Returns the description of this account type .
*
* @ return string description
*/
function getDescription () {
return _ ( " User accounts (e.g. Unix, Samba and Kolab) " );
}
2015-08-23 17:56:27 +00:00
2006-01-01 16:30:05 +00:00
/**
* Returns the class name for the list object .
*
* @ return string class name
*/
function getListClassName () {
return " lamUserList " ;
}
2015-08-23 17:56:27 +00:00
2006-01-01 16:30:05 +00:00
/**
* Returns the default attribute list for this account type .
*
* @ return string attribute list
*/
function getDefaultListAttributes () {
return " #uid;#givenName;#sn;#uidNumber;#gidNumber " ;
}
/**
* Returns a list of attributes which have a translated description .
* This is used for the head row in the list view .
*
* @ return array list of descriptions
*/
function getListAttributeDescriptions () {
return array (
2013-10-08 16:14:58 +00:00
" cn " => _ ( " Common name " ),
2016-11-14 18:37:39 +00:00
'company' => _ ( 'Company' ),
'departmentNumber' => _ ( 'Department' ),
'displayName' => _ ( 'Display name' ),
'employeeNumber' => _ ( 'Employee number' ),
" gecos " => _ ( " Description " ),
" gidnumber " => _ ( " GID number " ),
2006-01-01 16:30:05 +00:00
" givenname " => _ ( " First name " ),
" homedirectory " => _ ( " Home directory " ),
2016-11-14 18:37:39 +00:00
" host " => _ ( " Allowed hosts " ),
" jpegphoto " => _ ( 'Photo' ),
2006-01-01 16:30:05 +00:00
" loginshell " => _ ( " Login shell " ),
2010-04-02 11:39:09 +00:00
" mail " => _ ( " Email " ),
2016-11-14 18:37:39 +00:00
'manager' => _ ( 'Manager' ),
'o' => _ ( 'Organisation' ),
2016-11-28 17:59:10 +00:00
'ou' => _ ( 'Organisational unit' ),
'proxyAddresses' => _ ( 'Proxy-Addresses' ),
2016-11-14 18:37:39 +00:00
'sambakickofftime' => _ ( 'Account expiration date' ),
2011-04-18 18:27:53 +00:00
'shadowexpire' => _ ( 'Password expiration' ),
2016-11-14 18:37:39 +00:00
" sn " => _ ( " Last name " ),
'streetAddress' => _ ( 'Street' ),
'telephoneNumber' => _ ( 'Telephone number' ),
'title' => _ ( 'Job title' ),
" uid " => _ ( " User name " ),
" uidnumber " => _ ( " UID number " ),
'userPrincipalName' => _ ( 'User name' ),
);
2006-01-01 16:30:05 +00:00
}
2010-12-11 15:58:25 +00:00
/**
* Returns the the title text for the title bar on the new / edit page .
*
2012-04-07 16:40:34 +00:00
* @ param accountContainer $container account container
2010-12-11 15:58:25 +00:00
* @ return String title text
*/
2012-04-07 16:40:34 +00:00
public function getTitleBarTitle ( $container ) {
// get attributes
$personalAttributes = null ;
if ( $container -> getAccountModule ( 'inetOrgPerson' ) != null ) {
$personalAttributes = $container -> getAccountModule ( 'inetOrgPerson' ) -> getAttributes ();
}
2013-03-29 18:25:34 +00:00
elseif ( $container -> getAccountModule ( 'windowsUser' ) != null ) {
$personalAttributes = $container -> getAccountModule ( 'windowsUser' ) -> getAttributes ();
}
2012-04-07 16:40:34 +00:00
$accountAttributes = null ;
if ( $container -> getAccountModule ( 'account' ) != null ) {
$accountAttributes = $container -> getAccountModule ( 'account' ) -> getAttributes ();
}
$sambaAttributes = null ;
if ( $container -> getAccountModule ( 'sambaSamAccount' ) != null ) {
$sambaAttributes = $container -> getAccountModule ( 'sambaSamAccount' ) -> getAttributes ();
}
$unixAttributes = null ;
if ( $container -> getAccountModule ( 'posixAccount' ) != null ) {
$unixAttributes = $container -> getAccountModule ( 'posixAccount' ) -> getAttributes ();
2010-12-11 15:58:25 +00:00
}
2012-11-11 11:35:45 +00:00
$mitKerberosAttributes = null ;
if ( $container -> getAccountModule ( 'mitKerberosStructural' ) != null ) {
$mitKerberosAttributes = $container -> getAccountModule ( 'mitKerberosStructural' ) -> getAttributes ();
}
elseif ( $container -> getAccountModule ( 'mitKerberos' ) != null ) {
$mitKerberosAttributes = $container -> getAccountModule ( 'mitKerberos' ) -> getAttributes ();
}
2010-12-11 15:58:25 +00:00
// check if first and last name can be shown
2013-04-20 08:31:09 +00:00
if (( $personalAttributes != null ) && isset ( $personalAttributes [ 'sn' ][ 0 ]) && ! empty ( $personalAttributes [ 'sn' ][ 0 ])
&& isset ( $personalAttributes [ 'givenName' ][ 0 ]) && ! empty ( $personalAttributes [ 'givenName' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
return htmlspecialchars ( $personalAttributes [ 'givenName' ][ 0 ] . ' ' . $personalAttributes [ 'sn' ][ 0 ]);
2010-12-11 15:58:25 +00:00
}
// check if a display name is set
2013-04-20 08:31:09 +00:00
if (( $sambaAttributes != null ) && isset ( $sambaAttributes [ 'displayName' ][ 0 ]) && ! empty ( $sambaAttributes [ 'displayName' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
return htmlspecialchars ( $sambaAttributes [ 'displayName' ][ 0 ]);
2010-12-11 15:58:25 +00:00
}
// check if a common name is set
2013-04-20 08:31:09 +00:00
if (( $personalAttributes != null ) && isset ( $personalAttributes [ 'cn' ][ 0 ]) && ! empty ( $personalAttributes [ 'cn' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
return htmlspecialchars ( $personalAttributes [ 'cn' ][ 0 ]);
}
2013-04-20 08:31:09 +00:00
if (( $unixAttributes != null ) && isset ( $unixAttributes [ 'cn' ][ 0 ]) && ! empty ( $unixAttributes [ 'cn' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
return htmlspecialchars ( $unixAttributes [ 'cn' ][ 0 ]);
2010-12-11 15:58:25 +00:00
}
// check if a user name is set
2013-04-20 08:31:09 +00:00
if (( $unixAttributes != null ) && isset ( $unixAttributes [ 'uid' ][ 0 ]) && ! empty ( $unixAttributes [ 'uid' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
return htmlspecialchars ( $unixAttributes [ 'uid' ][ 0 ]);
}
2013-04-20 08:31:09 +00:00
if (( $personalAttributes != null ) && isset ( $personalAttributes [ 'uid' ][ 0 ]) && ! empty ( $personalAttributes [ 'uid' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
return htmlspecialchars ( $personalAttributes [ 'uid' ][ 0 ]);
}
2013-04-20 08:31:09 +00:00
if (( $accountAttributes != null ) && isset ( $accountAttributes [ 'uid' ][ 0 ]) && ! empty ( $accountAttributes [ 'uid' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
return htmlspecialchars ( $accountAttributes [ 'uid' ][ 0 ]);
}
2013-04-20 08:31:09 +00:00
if (( $mitKerberosAttributes != null ) && isset ( $mitKerberosAttributes [ 'krbPrincipalName' ][ 0 ]) && ! empty ( $mitKerberosAttributes [ 'krbPrincipalName' ][ 0 ])) {
2012-11-11 11:35:45 +00:00
return htmlspecialchars ( $mitKerberosAttributes [ 'krbPrincipalName' ][ 0 ]);
}
2012-04-07 16:40:34 +00:00
if ( $container -> isNewAccount ) {
return _ ( " New user " );
2010-12-11 15:58:25 +00:00
}
// fall back to default
2012-04-07 16:40:34 +00:00
return parent :: getTitleBarTitle ( $container );
2010-12-11 15:58:25 +00:00
}
/**
* Returns the the title text for the title bar on the new / edit page .
*
2012-04-07 16:40:34 +00:00
* @ param accountContainer $container account container
2010-12-11 15:58:25 +00:00
* @ return String title text
*/
2012-04-07 16:40:34 +00:00
public function getTitleBarSubtitle ( $container ) {
$personalAttributes = null ;
if ( $container -> getAccountModule ( 'inetOrgPerson' ) != null ) {
$personalAttributes = $container -> getAccountModule ( 'inetOrgPerson' ) -> getAttributes ();
}
2013-03-29 18:25:34 +00:00
elseif ( $container -> getAccountModule ( 'windowsUser' ) != null ) {
$personalAttributes = $container -> getAccountModule ( 'windowsUser' ) -> getAttributes ();
}
2012-04-07 16:40:34 +00:00
if ( $personalAttributes == null ) {
2012-04-09 13:20:24 +00:00
return $this -> buildAccountStatusIcon ( $container );
2010-12-11 15:58:25 +00:00
}
2012-04-09 13:20:24 +00:00
$subtitle = $this -> buildAccountStatusIcon ( $container );
2010-12-11 15:58:25 +00:00
$spacer = ' ' ;
// check if an email address can be shown
2013-04-20 08:31:09 +00:00
if ( isset ( $personalAttributes [ 'mail' ][ 0 ]) && ! empty ( $personalAttributes [ 'mail' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
$subtitle .= '<a href="mailto:' . htmlspecialchars ( $personalAttributes [ 'mail' ][ 0 ]) . '">' . htmlspecialchars ( $personalAttributes [ 'mail' ][ 0 ]) . '</a>' . $spacer ;
2010-12-11 15:58:25 +00:00
}
// check if an telephone number can be shown
2013-04-20 08:31:09 +00:00
if ( isset ( $personalAttributes [ 'telephoneNumber' ][ 0 ]) && ! empty ( $personalAttributes [ 'telephoneNumber' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
$subtitle .= _ ( 'Telephone number' ) . ' ' . htmlspecialchars ( $personalAttributes [ 'telephoneNumber' ][ 0 ]) . $spacer ;
2010-12-11 15:58:25 +00:00
}
// check if an mobile number can be shown
2013-04-20 08:31:09 +00:00
if ( isset ( $personalAttributes [ 'mobile' ][ 0 ]) && ! empty ( $personalAttributes [ 'mobile' ][ 0 ])) {
2012-04-07 16:40:34 +00:00
$subtitle .= _ ( 'Mobile number' ) . ' ' . htmlspecialchars ( $personalAttributes [ 'mobile' ][ 0 ]);
2010-12-11 15:58:25 +00:00
}
if ( $subtitle == '' ) {
return null ;
}
return $subtitle ;
}
2015-08-23 17:56:27 +00:00
2012-04-07 16:40:34 +00:00
/**
* Builds the HTML code for the icon that shows the account status ( locked / unlocked ) .
2015-08-23 17:56:27 +00:00
*
2012-04-09 13:20:24 +00:00
* @ param accountContainer $container account container
2012-04-07 16:40:34 +00:00
* @ return String HTML code for icon
*/
2012-04-09 13:20:24 +00:00
private function buildAccountStatusIcon ( $container ) {
2017-05-10 17:23:28 +00:00
$modules = $this -> getType () -> getModules ();
2012-04-09 13:20:24 +00:00
// check if there are account parts that can be locked
2017-05-10 17:23:28 +00:00
$unixAvailable = ( $container -> getAccountModule ( 'posixAccount' ) != null ) && $container -> getAccountModule ( 'posixAccount' ) -> isLockable ( $modules );
2012-04-09 13:20:24 +00:00
$sambaAvailable = (( $container -> getAccountModule ( 'sambaSamAccount' ) != null ) && $container -> getAccountModule ( 'sambaSamAccount' ) -> isExtensionEnabled ());
$ppolicyAvailable = ( $container -> getAccountModule ( 'ppolicyUser' ) != null );
2013-04-20 08:31:09 +00:00
$windowsAvailable = ( $container -> getAccountModule ( 'windowsUser' ) != null );
2016-06-19 12:48:28 +00:00
$is389dsAvailable = ( $container -> getAccountModule ( 'locking389ds' ) != null );
$is389dsLocked = $is389dsAvailable && $container -> getAccountModule ( 'locking389ds' ) -> isLocked ();
$is389dsDeactivated = $is389dsAvailable && $container -> getAccountModule ( 'locking389ds' ) -> isDeactivated ();
2016-06-19 15:12:00 +00:00
if ( ! $unixAvailable && ! $sambaAvailable && ! $ppolicyAvailable && ! $windowsAvailable && ! $is389dsAvailable ) {
2012-04-07 16:40:34 +00:00
return '' ;
}
2016-06-19 15:12:00 +00:00
$isEditable = checkIfWriteAccessIsAllowed ( 'user' ) && ( $unixAvailable || $sambaAvailable || $ppolicyAvailable || $windowsAvailable || $is389dsAvailable );
2012-04-09 13:20:24 +00:00
// get locking status
$unixLocked = false ;
2017-05-10 17:23:28 +00:00
if ( $unixAvailable && $container -> getAccountModule ( 'posixAccount' ) -> isLocked ( $modules )) {
2012-04-09 13:20:24 +00:00
$unixLocked = true ;
}
$sambaLocked = false ;
if ( $sambaAvailable && $container -> getAccountModule ( 'sambaSamAccount' ) -> isDeactivated ()) {
$sambaLocked = true ;
}
$ppolicyLocked = false ;
if ( $ppolicyAvailable && $container -> getAccountModule ( 'ppolicyUser' ) -> isLocked ()) {
$ppolicyLocked = true ;
}
2013-04-20 08:31:09 +00:00
$windowsLocked = false ;
2017-05-07 11:26:41 +00:00
$windowsPasswordLockedTime = null ;
$windowsPasswordLocked = false ;
if ( $windowsAvailable ){
$attrs = $container -> getAccountModule ( 'windowsUser' ) -> getAttributes ();
$attrs [ 'dn' ] = $container -> dn_orig ;
if ( windowsUser :: isDeactivated ( $attrs )) {
$windowsLocked = true ;
}
$windowsPasswordLockedTime = windowsUser :: getPasswordLocked ( $attrs , $this -> getType ());
if ( $windowsPasswordLockedTime != null ) {
$windowsPasswordLocked = true ;
}
2013-04-20 08:31:09 +00:00
}
2017-05-07 11:26:41 +00:00
$partiallyLocked = $unixLocked || $sambaLocked
|| $ppolicyLocked || $windowsLocked || $windowsPasswordLocked
|| $is389dsDeactivated || $is389dsLocked ;
2016-05-15 10:15:30 +00:00
$fullyLocked = ( $unixAvailable || $sambaAvailable || $ppolicyAvailable || $windowsAvailable || $is389dsDeactivated || $is389dsLocked )
2012-04-09 13:20:24 +00:00
&& ( ! $unixAvailable || $unixLocked )
&& ( ! $sambaAvailable || $sambaLocked )
2013-04-20 08:31:09 +00:00
&& ( ! $ppolicyAvailable || $ppolicyLocked )
&& ( ! $windowsAvailable || $windowsLocked );
2012-04-09 13:20:24 +00:00
// build tooltip
$icon = 'unlocked.png' ;
if ( $fullyLocked ) {
$icon = 'lock.png' ;
}
elseif ( $partiallyLocked ) {
$icon = 'partiallyLocked.png' ;
}
$statusTable = '<table border=0>' ;
// Unix
if ( $unixAvailable ) {
$unixIcon = 'unlocked.png' ;
if ( $unixLocked ) {
$unixIcon = 'lock.png' ;
}
$statusTable .= '<tr><td>' . _ ( 'Unix' ) . ' </td><td><img height=16 width=16 src="../../graphics/' . $unixIcon . '"></td></tr>' ;
}
// Samba
if ( $sambaAvailable ) {
$sambaIcon = 'unlocked.png' ;
if ( $sambaLocked ) {
$sambaIcon = 'lock.png' ;
}
2012-04-19 16:53:12 +00:00
$statusTable .= '<tr><td>' . _ ( 'Samba 3' ) . ' </td><td><img height=16 width=16 src="../../graphics/' . $sambaIcon . '"></td></tr>' ;
2012-04-09 13:20:24 +00:00
}
// PPolicy
if ( $ppolicyAvailable ) {
$ppolicyIcon = 'unlocked.png' ;
if ( $ppolicyLocked ) {
$ppolicyIcon = 'lock.png' ;
}
$statusTable .= '<tr><td>' . _ ( 'Password policy' ) . ' </td><td><img height=16 width=16 src="../../graphics/' . $ppolicyIcon . '"></td></tr>' ;
}
2013-04-20 08:31:09 +00:00
// Windows
if ( $windowsAvailable ) {
$windowsIcon = 'unlocked.png' ;
if ( $windowsLocked ) {
$windowsIcon = 'lock.png' ;
}
$statusTable .= '<tr><td>' . _ ( 'Windows' ) . ' </td><td><img height=16 width=16 src="../../graphics/' . $windowsIcon . '"></td></tr>' ;
}
2017-05-07 11:26:41 +00:00
if ( $windowsAvailable && $windowsPasswordLocked ) {
$statusTable .= '<tr><td>' . _ ( 'Locked till' ) . ' </td><td>' . $windowsPasswordLockedTime -> format ( 'Y-m-d H:i:s' ) . '</td></tr>' ;
}
2016-05-15 10:15:30 +00:00
// 389ds locked
if ( $is389dsLocked ) {
$statusTable .= '<tr><td>' . _ ( 'Locked' ) . ' </td><td><img height=16 width=16 src="../../graphics/lock.png"></td></tr>' ;
}
// 389ds deactivated
2016-06-19 15:12:00 +00:00
if ( $is389dsAvailable ) {
$text389dsActivation = $is389dsDeactivated ? _ ( 'Deactivated' ) : _ ( 'Active' );
$icon389dsActivation = $is389dsDeactivated ? 'lock.png' : 'unlocked.png' ;
$statusTable .= '<tr><td>' . $text389dsActivation . ' </td><td><img height=16 width=16 src="../../graphics/' . $icon389dsActivation . '"></td></tr>' ;
2016-05-15 10:15:30 +00:00
}
2012-04-09 13:20:24 +00:00
$statusTable .= '</table>' ;
$tipContent = $statusTable ;
2016-05-15 10:15:30 +00:00
if ( $isEditable ) {
2012-05-27 19:20:32 +00:00
$tipContent .= '<br><img alt="hint" src="../../graphics/light.png"> ' ;
$tipContent .= _ ( 'Please click to lock/unlock this account.' );
}
2017-05-07 11:26:41 +00:00
$dialogDiv = $this -> buildAccountStatusDialogDiv ( $unixAvailable , $unixLocked , $sambaAvailable , $sambaLocked , $ppolicyAvailable , $ppolicyLocked , $windowsAvailable , $windowsLocked , $windowsPasswordLockedTime , $is389dsAvailable , $is389dsLocked , $is389dsDeactivated );
2012-05-27 19:20:32 +00:00
$onClick = '' ;
2016-05-15 10:15:30 +00:00
if ( $isEditable ) {
2012-05-27 19:20:32 +00:00
$onClick = 'onclick="showConfirmationDialog(\'' . _ ( 'Change account status' ) . '\', \'' . _ ( 'Ok' ) . '\', \'' . _ ( 'Cancel' ) . '\', \'lam_accountStatusDialog\', \'inputForm\', \'lam_accountStatusResult\');"' ;
}
2017-10-16 17:51:27 +00:00
$dialogDiv .= '<a href="#"><img id="lam_accountStatus" alt="status" ' . $onClick . ' helptitle="' . _ ( 'Account status' ) . '" helpdata="' . $tipContent . '" height=16 width=16 src="../../graphics/' . $icon . '"></a> ' ;
// expiration status
$expiredLabels = array ();
$shadowModule = $container -> getAccountModule ( 'shadowAccount' );
if ( $shadowModule != null ) {
$shadowAttrs = $shadowModule -> getAttributes ();
if ( shadowAccount :: isAccountExpired ( $shadowAttrs )) {
2017-10-16 17:54:44 +00:00
$expiredLabels [] = _ ( 'Shadow' ) . ': ' . _ ( 'Account expiration' );
2017-10-16 17:51:27 +00:00
}
2017-10-17 15:46:04 +00:00
elseif ( shadowAccount :: isPasswordExpired ( $shadowAttrs )) {
$expiredLabels [] = _ ( 'Shadow' ) . ': ' . _ ( 'Password expiration' );
}
2017-10-16 17:51:27 +00:00
}
2017-10-19 17:32:22 +00:00
$windowsModule = $container -> getAccountModule ( 'windowsUser' );
if ( $windowsModule != null ) {
$windowsAttrs = $windowsModule -> getAttributes ();
if ( windowsUser :: isAccountExpired ( $windowsAttrs )) {
$expiredLabels [] = _ ( 'Windows' ) . ': ' . _ ( 'Account expiration' );
}
}
2017-10-16 17:51:27 +00:00
if ( ! empty ( $expiredLabels )) {
$expiredTip = '<table border=0>' ;
foreach ( $expiredLabels as $label ) {
$expiredTip .= '<tr><td>' . $label . '</td><td><img src="../../graphics/expired.png"/></td></tr>' ;
}
$expiredTip .= '</table>' ;
$dialogDiv .= '<img alt="expired" helptitle="' . _ ( 'Expired' ) . '" helpdata="' . $expiredTip . '" height=16 width=16 src="../../graphics/expired.png"> ' ;
}
return $dialogDiv ;
2012-04-09 13:20:24 +00:00
}
2015-08-23 17:56:27 +00:00
2012-04-09 13:20:24 +00:00
/**
* Builds the dialog to ( un ) lock parts of an account .
2015-08-23 17:56:27 +00:00
*
2012-04-09 13:20:24 +00:00
* @ param boolean $unixAvailable Unix part is active
* @ param boolean $unixLocked Unix part is locked
* @ param boolean $sambaAvailable Samba part is active
* @ param boolean $sambaLocked Samba part is locked
* @ param boolean $ppolicyAvailable PPolicy part is active
* @ param boolean $ppolicyLocked PPolicy part is locked
2013-04-20 08:31:09 +00:00
* @ param boolean $windowsAvailable Windows part is active
* @ param boolean $windowsLocked Windows part is locked
2017-05-07 11:26:41 +00:00
* @ param DateTime $windowsPasswordLockedTime lock time for Windows or null
2016-06-19 12:48:28 +00:00
* @ param boolean $is389dsAvailable 389 ds is available
2016-05-15 10:15:30 +00:00
* @ param boolean $is389dsLocked account is locked
2016-06-19 12:48:28 +00:00
* @ param boolean $is389dsDeactivated account is deactivated
2012-04-09 13:20:24 +00:00
*/
2016-06-19 12:48:28 +00:00
private function buildAccountStatusDialogDiv ( $unixAvailable , $unixLocked , $sambaAvailable , $sambaLocked , $ppolicyAvailable , $ppolicyLocked , $windowsAvailable ,
2017-05-07 11:26:41 +00:00
$windowsLocked , $windowsPasswordLockedTime , $is389dsAvailable , $is389dsLocked , $is389dsDeactivated ) {
$windowsPasswordLocked = ( $windowsPasswordLockedTime != null );
$partiallyLocked = $unixLocked || $sambaLocked || $ppolicyLocked || $windowsLocked || $windowsPasswordLocked || $is389dsLocked || $is389dsDeactivated ;
2016-06-19 12:48:28 +00:00
$fullyLocked = ( $unixAvailable || $sambaAvailable || $ppolicyAvailable || $windowsAvailable || $is389dsLocked || $is389dsDeactivated )
2012-04-09 13:20:24 +00:00
&& ( ! $unixAvailable || $unixLocked )
&& ( ! $sambaAvailable || $sambaLocked )
2013-04-20 08:31:09 +00:00
&& ( ! $ppolicyAvailable || $ppolicyLocked )
2017-05-07 11:26:41 +00:00
&& ( ! $windowsAvailable || $windowsLocked || $windowsPasswordLocked );
2015-08-23 17:56:27 +00:00
2013-01-12 18:29:18 +00:00
$container = new htmlTable ();
2015-08-23 17:56:27 +00:00
2012-04-09 13:20:24 +00:00
// show radio buttons for lock/unlock
2012-07-22 17:45:58 +00:00
$radioDisabled = true ;
2016-05-15 10:15:30 +00:00
$selectedRadio = 'unlock' ;
2012-04-09 13:20:24 +00:00
$onchange = '' ;
if ( $partiallyLocked && ! $fullyLocked ) {
2012-07-22 17:45:58 +00:00
$radioDisabled = false ;
2013-01-12 18:29:18 +00:00
$onchange = 'if (jQuery(\'#lam_accountStatusAction0:checked\').val()) {' .
2012-04-09 13:20:24 +00:00
'jQuery(\'#lam_accountStatusDialogLockDiv\').removeClass(\'hidden\');' .
'jQuery(\'#lam_accountStatusDialogUnlockDiv\').addClass(\'hidden\');' .
'}' .
'else {' .
'jQuery(\'#lam_accountStatusDialogLockDiv\').addClass(\'hidden\');' .
'jQuery(\'#lam_accountStatusDialogUnlockDiv\').removeClass(\'hidden\');' .
2013-01-12 18:29:18 +00:00
'};' ;
2012-04-09 13:20:24 +00:00
}
2016-05-15 10:15:30 +00:00
if ( ! $fullyLocked && ! $partiallyLocked ) {
$selectedRadio = 'lock' ;
2012-04-09 13:20:24 +00:00
}
2012-07-22 17:45:58 +00:00
if ( ! $radioDisabled ) {
2013-01-12 18:29:18 +00:00
$radio = new htmlRadio ( 'lam_accountStatusAction' , array ( _ ( 'Lock' ) => 'lock' , _ ( 'Unlock' ) => 'unlock' ), $selectedRadio );
$radio -> setOnchangeEvent ( $onchange );
$container -> addElement ( $radio , true );
2012-07-22 17:45:58 +00:00
}
else {
2013-01-12 18:29:18 +00:00
$radio = new htmlRadio ( 'lam_accountStatusActionDisabled' , array ( _ ( 'Lock' ) => 'lock' , _ ( 'Unlock' ) => 'unlock' ), $selectedRadio );
$radio -> setIsEnabled ( false );
$container -> addElement ( $radio , true );
$container -> addElement ( new htmlHiddenInput ( 'lam_accountStatusAction' , $selectedRadio ), true );
2012-07-22 17:45:58 +00:00
}
2015-08-23 17:56:27 +00:00
2013-01-12 18:29:18 +00:00
$container -> addElement ( new htmlHiddenInput ( 'lam_accountStatusResult' , 'cancel' ), true );
2015-08-23 17:56:27 +00:00
2012-04-09 13:20:24 +00:00
// locking part
if ( ! $fullyLocked ) {
2013-01-12 18:29:18 +00:00
$lockContent = new htmlTable ();
2015-08-23 17:56:27 +00:00
2012-04-09 13:20:24 +00:00
if ( $unixAvailable && ! $unixLocked ) {
2013-01-12 18:29:18 +00:00
$lockContent -> addElement ( new htmlImage ( '../../graphics/tux.png' ));
$lockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusLockUnix' , true , _ ( 'Unix' ), null , false ), true );
2012-04-09 13:20:24 +00:00
}
if ( $sambaAvailable && ! $sambaLocked ) {
2013-01-12 18:29:18 +00:00
$lockContent -> addElement ( new htmlImage ( '../../graphics/samba.png' ));
$lockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusLockSamba' , true , _ ( 'Samba 3' ), null , false ), true );
2012-04-09 13:20:24 +00:00
}
if ( $ppolicyAvailable && ! $ppolicyLocked ) {
2013-01-12 18:29:18 +00:00
$lockContent -> addElement ( new htmlImage ( '../../graphics/security.png' ));
$lockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusLockPPolicy' , true , _ ( 'PPolicy' ), null , false ), true );
2012-04-09 13:20:24 +00:00
}
2016-06-19 12:48:28 +00:00
if ( $is389dsAvailable && ! $is389dsDeactivated ) {
$lockContent -> addElement ( new htmlImage ( '../../graphics/security.png' ));
$lockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusDeactivate389ds' , true , _ ( 'Deactivate' ), null , false ), true );
}
2013-04-20 08:31:09 +00:00
if ( $windowsAvailable && ! $windowsLocked ) {
$lockContent -> addElement ( new htmlImage ( '../../graphics/samba.png' ));
$lockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusLockWindows' , true , _ ( 'Windows' ), null , false ), true );
}
2012-04-09 13:20:24 +00:00
if ( $unixAvailable ) {
2013-01-12 18:29:18 +00:00
$lockContent -> addElement ( new htmlImage ( '../../graphics/groupBig.png' ));
$lockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusRemoveUnixGroups' , true , _ ( 'Remove from all Unix groups' ), null , false ), true );
2012-04-09 13:20:24 +00:00
}
2012-04-23 17:52:19 +00:00
if ( $unixAvailable && posixAccount :: areGroupOfNamesActive ()) { // check unixAvailable because Unix module removes group memberships
2013-01-12 18:29:18 +00:00
$lockContent -> addElement ( new htmlImage ( '../../graphics/groupBig.png' ));
$lockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusRemoveGONGroups' , true , _ ( 'Remove from all group of (unique) names' ), null , false ), true );
2012-04-09 13:20:24 +00:00
}
2013-01-12 18:29:18 +00:00
$lockDiv = new htmlDiv ( 'lam_accountStatusDialogLockDiv' , $lockContent );
2016-05-15 10:15:30 +00:00
if ( $fullyLocked || $partiallyLocked ) {
$lockDiv -> setCSSClasses ( array ( 'hidden' ));
}
2013-01-12 18:29:18 +00:00
$container -> addElement ( $lockDiv , true );
2012-04-09 13:20:24 +00:00
}
// unlocking part
if ( $partiallyLocked ) {
2013-01-12 18:29:18 +00:00
$unlockContent = new htmlTable ();
2015-08-23 17:56:27 +00:00
2012-04-09 13:20:24 +00:00
if ( $unixAvailable && $unixLocked ) {
2013-01-12 18:29:18 +00:00
$unlockContent -> addElement ( new htmlImage ( '../../graphics/tux.png' ));
$unlockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusUnlockUnix' , true , _ ( 'Unix' ), null , false ), true );
2012-04-09 13:20:24 +00:00
}
if ( $sambaAvailable && $sambaLocked ) {
2013-01-12 18:29:18 +00:00
$unlockContent -> addElement ( new htmlImage ( '../../graphics/samba.png' ));
$unlockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusUnlockSamba' , true , _ ( 'Samba 3' ), null , false ), true );
2012-04-09 13:20:24 +00:00
}
if ( $ppolicyAvailable && $ppolicyLocked ) {
2013-01-12 18:29:18 +00:00
$unlockContent -> addElement ( new htmlImage ( '../../graphics/security.png' ));
$unlockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusUnlockPPolicy' , true , _ ( 'PPolicy' ), null , false ), true );
}
2016-06-19 12:48:28 +00:00
if ( $is389dsAvailable && $is389dsDeactivated ) {
$unlockContent -> addElement ( new htmlImage ( '../../graphics/security.png' ));
$unlockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusActivate389ds' , true , _ ( 'Activate' ), null , false ), true );
}
2013-04-20 08:31:09 +00:00
if ( $windowsAvailable && $windowsLocked ) {
$unlockContent -> addElement ( new htmlImage ( '../../graphics/samba.png' ));
$unlockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusUnlockWindows' , true , _ ( 'Windows' ), null , false ), true );
}
2017-05-07 11:26:41 +00:00
if ( $windowsAvailable && $windowsPasswordLocked ) {
$unlockContent -> addElement ( new htmlImage ( '../../graphics/samba.png' ));
$unlockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusUnlockWindowsPassword' , true , _ ( 'Locked till' ) . ' ' . $windowsPasswordLockedTime -> format ( 'Y-m-d H:i:s' ), null , false ), true );
}
2016-05-15 10:15:30 +00:00
if ( $is389dsLocked ) {
$unlockContent -> addElement ( new htmlImage ( '../../graphics/security.png' ));
$unlockContent -> addElement ( new htmlTableExtendedInputCheckbox ( 'lam_accountStatusUnlock389ds' , true , _ ( 'Unlock' ), null , false ), true );
}
2015-08-23 17:56:27 +00:00
2013-01-12 18:29:18 +00:00
$unlockDiv = new htmlDiv ( 'lam_accountStatusDialogUnlockDiv' , $unlockContent );
2016-05-15 10:15:30 +00:00
if ( ! $fullyLocked && ! $partiallyLocked ) {
2013-01-12 18:29:18 +00:00
$unlockDiv -> setCSSClasses ( array ( 'hidden' ));
2012-04-09 13:20:24 +00:00
}
2013-01-12 18:29:18 +00:00
$container -> addElement ( $unlockDiv , true );
2012-04-09 13:20:24 +00:00
}
2015-08-23 17:56:27 +00:00
2013-01-12 18:29:18 +00:00
$div = new htmlDiv ( 'lam_accountStatusDialog' , $container );
$div -> setCSSClasses ( array ( 'hidden' ));
2015-08-23 17:56:27 +00:00
2013-01-12 18:29:18 +00:00
$tabindex = 999 ;
ob_start ();
parseHtml ( null , $div , array (), false , $tabindex , 'user' );
$output = ob_get_contents ();
ob_clean ();
2015-08-23 17:56:27 +00:00
2013-01-12 18:29:18 +00:00
return $output ;
2012-04-07 16:40:34 +00:00
}
2010-12-11 15:58:25 +00:00
2012-04-09 13:20:24 +00:00
/**
* This function is called after the edit page is processed and before the page content is generated .
* This can be used to run custom handlers after each page processing .
2015-08-23 17:56:27 +00:00
*
2012-04-09 13:20:24 +00:00
* @ param accountContainer $container account container
*/
2014-07-12 13:39:07 +00:00
public function runEditPagePostAction ( & $container ) {
2017-05-10 17:23:28 +00:00
$modules = $this -> getType () -> getModules ();
2012-04-09 13:20:24 +00:00
// check if account status should be changed
if ( isset ( $_POST [ 'lam_accountStatusResult' ]) && ( $_POST [ 'lam_accountStatusResult' ] == 'ok' )) {
// lock account
if ( $_POST [ 'lam_accountStatusAction' ] == 'lock' ) {
// Unix
if ( isset ( $_POST [ 'lam_accountStatusLockUnix' ]) && ( $_POST [ 'lam_accountStatusLockUnix' ] == 'on' )) {
2017-05-10 17:23:28 +00:00
$container -> getAccountModule ( 'posixAccount' ) -> lock ( $modules );
2012-04-09 13:20:24 +00:00
}
// Samba
if ( isset ( $_POST [ 'lam_accountStatusLockSamba' ]) && ( $_POST [ 'lam_accountStatusLockSamba' ] == 'on' )) {
$container -> getAccountModule ( 'sambaSamAccount' ) -> deactivate ();
}
// PPolicy
if ( isset ( $_POST [ 'lam_accountStatusLockPPolicy' ]) && ( $_POST [ 'lam_accountStatusLockPPolicy' ] == 'on' )) {
$container -> getAccountModule ( 'ppolicyUser' ) -> lock ();
}
2016-06-19 12:48:28 +00:00
// 389ds
if ( isset ( $_POST [ 'lam_accountStatusDeactivate389ds' ]) && ( $_POST [ 'lam_accountStatusDeactivate389ds' ] == 'on' )) {
$container -> getAccountModule ( 'locking389ds' ) -> deactivate ();
}
2013-04-20 08:31:09 +00:00
// Windows
if ( isset ( $_POST [ 'lam_accountStatusLockWindows' ]) && ( $_POST [ 'lam_accountStatusLockWindows' ] == 'on' )) {
$container -> getAccountModule ( 'windowsUser' ) -> setIsDeactivated ( true );
}
2012-04-09 13:20:24 +00:00
// remove Unix groups
if ( isset ( $_POST [ 'lam_accountStatusRemoveUnixGroups' ]) && ( $_POST [ 'lam_accountStatusRemoveUnixGroups' ] == 'on' )) {
$container -> getAccountModule ( 'posixAccount' ) -> removeFromUnixGroups ();
}
// remove group of names memberships
if ( isset ( $_POST [ 'lam_accountStatusRemoveGONGroups' ]) && ( $_POST [ 'lam_accountStatusRemoveGONGroups' ] == 'on' )) {
$container -> getAccountModule ( 'posixAccount' ) -> removeFromGONGroups ();
}
}
// unlock account
elseif ( $_POST [ 'lam_accountStatusAction' ] == 'unlock' ) {
// Unix
if ( isset ( $_POST [ 'lam_accountStatusUnlockUnix' ]) && ( $_POST [ 'lam_accountStatusUnlockUnix' ] == 'on' )) {
2017-05-10 17:23:28 +00:00
$container -> getAccountModule ( 'posixAccount' ) -> unlock ( $modules );
2012-04-09 13:20:24 +00:00
}
// Samba
if ( isset ( $_POST [ 'lam_accountStatusUnlockSamba' ]) && ( $_POST [ 'lam_accountStatusUnlockSamba' ] == 'on' )) {
$container -> getAccountModule ( 'sambaSamAccount' ) -> activate ();
}
// PPolicy
if ( isset ( $_POST [ 'lam_accountStatusUnlockPPolicy' ]) && ( $_POST [ 'lam_accountStatusUnlockPPolicy' ] == 'on' )) {
$container -> getAccountModule ( 'ppolicyUser' ) -> unlock ();
}
2016-06-19 12:48:28 +00:00
// 389ds
if ( isset ( $_POST [ 'lam_accountStatusActivate389ds' ]) && ( $_POST [ 'lam_accountStatusActivate389ds' ] == 'on' )) {
$container -> getAccountModule ( 'locking389ds' ) -> activate ();
}
2013-04-20 08:31:09 +00:00
// Windows
if ( isset ( $_POST [ 'lam_accountStatusUnlockWindows' ]) && ( $_POST [ 'lam_accountStatusUnlockWindows' ] == 'on' )) {
$container -> getAccountModule ( 'windowsUser' ) -> setIsDeactivated ( false );
}
2017-05-07 11:26:41 +00:00
// Windows password
if ( isset ( $_POST [ 'lam_accountStatusUnlockWindowsPassword' ]) && ( $_POST [ 'lam_accountStatusUnlockWindowsPassword' ] == 'on' )) {
$container -> getAccountModule ( 'windowsUser' ) -> unlockPassword ();
}
2016-05-15 10:15:30 +00:00
// 389ds unlocking
if ( isset ( $_POST [ 'lam_accountStatusUnlock389ds' ]) && ( $_POST [ 'lam_accountStatusUnlock389ds' ] == 'on' )) {
$container -> getAccountModule ( 'locking389ds' ) -> unlock ( false );
}
2012-04-09 13:20:24 +00:00
}
}
}
2015-08-23 17:56:27 +00:00
2006-01-01 16:30:05 +00:00
}
/**
* Generates the list view .
*
* @ package lists
* @ author Roland Gruber
2015-08-23 17:56:27 +00:00
*
2006-01-01 16:30:05 +00:00
*/
class lamUserList extends lamList {
2015-08-23 17:56:27 +00:00
2006-01-01 16:30:05 +00:00
/** Controls if GID number is translated to group name */
2007-10-13 17:28:37 +00:00
private $trans_primary = false ;
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/** Controls if the account status is shown */
private $showAccountStatus = false ;
2006-01-01 16:30:05 +00:00
/** translates GID to group name */
2007-10-13 17:28:37 +00:00
private $trans_primary_hash = array ();
2015-08-23 17:56:27 +00:00
2015-05-21 17:50:00 +00:00
/** filter value for account status */
private $accountStatusFilter = null ;
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/** ID for config option to translate primary group GIDs to group names */
2007-11-11 14:01:16 +00:00
const TRANS_PRIMARY_OPTION_NAME = " LU_TP " ;
2012-04-06 13:12:43 +00:00
/** ID for config option to show account status */
const ACCOUNT_STATUS_OPTION_NAME = " LU_AS " ;
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/** virtual attribute name for account status column */
const ATTR_ACCOUNT_STATUS = 'lam_virtual_account_status' ;
2015-08-23 17:56:27 +00:00
2017-10-17 15:22:22 +00:00
/** filter value for expired accounts */
const FILTER_EXPIRED = 1 ;
2015-05-21 17:50:00 +00:00
/** filter value for locked accounts */
const FILTER_LOCKED = 2 ;
/** filter value for partially locked accounts */
const FILTER_SEMILOCKED = 3 ;
/** filter value for unlocked accounts */
const FILTER_UNLOCKED = 4 ;
2015-08-23 17:56:27 +00:00
2006-01-01 16:30:05 +00:00
/**
* Constructor
*
* @ param string $type account type
* @ return lamList list object
*/
2007-12-28 16:08:56 +00:00
public function __construct ( $type ) {
parent :: __construct ( $type );
2006-01-01 16:30:05 +00:00
$this -> labels = array (
2012-02-09 17:08:39 +00:00
'nav' => _ ( " User count: %s " ),
2006-01-01 16:30:05 +00:00
'error_noneFound' => _ ( " No users found! " ),
'newEntry' => _ ( " New user " ),
2012-02-05 19:03:25 +00:00
'deleteEntry' => _ ( " Delete selected users " ));
2006-01-01 16:30:05 +00:00
}
2015-08-23 17:56:27 +00:00
2007-06-01 17:25:07 +00:00
/**
* Sets some internal parameters .
*/
2007-11-11 14:01:16 +00:00
protected function listGetParams () {
2007-06-01 17:25:07 +00:00
parent :: listGetParams ();
2006-01-01 16:30:05 +00:00
// generate hash table for group translation
2007-06-01 17:25:07 +00:00
if ( $this -> trans_primary == " on " && ! $this -> refresh && ( sizeof ( $this -> trans_primary_hash ) == 0 )) {
$this -> refreshPrimaryGroupTranslation ();
2015-08-23 17:56:27 +00:00
}
2007-06-01 17:25:07 +00:00
}
2015-08-23 17:56:27 +00:00
2007-06-01 17:25:07 +00:00
/**
* Rereads the entries from LDAP .
*/
2007-11-11 14:01:16 +00:00
protected function listRefreshData () {
2007-06-01 17:25:07 +00:00
parent :: listRefreshData ();
2015-05-21 17:50:00 +00:00
// show group names
2007-06-01 17:25:07 +00:00
if ( $this -> trans_primary == " on " ) {
$this -> refreshPrimaryGroupTranslation ();
2006-01-01 16:30:05 +00:00
}
2015-05-21 17:50:00 +00:00
// show account status
2012-04-06 13:12:43 +00:00
if ( $this -> showAccountStatus ) {
2015-05-21 17:50:00 +00:00
$this -> injectAccountStatusAttributeAndFilterByStatus ();
2012-04-06 13:12:43 +00:00
}
2006-01-01 16:30:05 +00:00
}
2015-08-23 17:56:27 +00:00
2007-06-01 17:25:07 +00:00
/**
* Refreshes the GID to group name cache .
*/
2007-11-11 14:01:16 +00:00
protected function refreshPrimaryGroupTranslation () {
2007-06-01 17:25:07 +00:00
$this -> trans_primary_hash = array ();
$filter = " objectClass=posixGroup " ;
$attrs = array ( " cn " , " gidNumber " );
2010-02-06 11:52:48 +00:00
$entries = searchLDAPByAttribute ( null , null , 'posixGroup' , $attrs , array ( 'group' ));
2013-04-20 15:14:03 +00:00
$entryCount = sizeof ( $entries );
for ( $i = 0 ; $i < $entryCount ; $i ++ ) {
2010-02-06 11:52:48 +00:00
$this -> trans_primary_hash [ $entries [ $i ][ 'gidnumber' ][ 0 ]] = $entries [ $i ][ 'cn' ][ 0 ];
}
2007-06-01 17:25:07 +00:00
}
2006-01-01 16:30:05 +00:00
/**
2007-02-17 16:26:08 +00:00
* Prints the content of a cell in the account list for a given LDAP entry and attribute .
*
* @ param array $entry LDAP attributes
* @ param string $attribute attribute name
*/
2007-11-11 14:01:16 +00:00
protected function listPrintTableCellContent ( & $entry , & $attribute ) {
2007-02-17 16:26:08 +00:00
// check if there is something to display at all
2012-04-06 13:12:43 +00:00
if (( $attribute != self :: ATTR_ACCOUNT_STATUS ) && ( ! isset ( $entry [ $attribute ]) || ! is_array ( $entry [ $attribute ]) || ( sizeof ( $entry [ $attribute ]) < 1 ))) {
2014-02-16 16:20:41 +00:00
parent :: listPrintTableCellContent ( $entry , $attribute );
2012-04-06 13:12:43 +00:00
return ;
}
2007-02-17 16:26:08 +00:00
// translate GID to group name
if (( $attribute == " gidnumber " ) && ( $this -> trans_primary == " on " )) {
if ( isset ( $this -> trans_primary_hash [ $entry [ $attribute ][ 0 ]])) {
echo $this -> trans_primary_hash [ $entry [ $attribute ][ 0 ]];
2006-01-01 16:30:05 +00:00
}
else {
2007-02-17 16:26:08 +00:00
parent :: listPrintTableCellContent ( $entry , $attribute );
2006-01-01 16:30:05 +00:00
}
2007-02-17 16:26:08 +00:00
}
// show user photos
2016-07-11 17:30:53 +00:00
elseif (( $attribute == " jpegphoto " ) && ( sizeof ( $entry [ $attribute ][ 0 ]) > 0 )) {
2007-02-17 16:26:08 +00:00
if ( sizeof ( $entry [ $attribute ][ 0 ]) < 100 ) {
// looks like we have read broken binary data, reread photo
2010-02-06 11:52:48 +00:00
$result = @ ldap_read ( $_SESSION [ 'ldap' ] -> server (), escapeDN ( $entry [ 'dn' ]), $attribute . " =* " , array ( $attribute ), 0 , 0 , 0 , LDAP_DEREF_NEVER );
2007-02-17 16:26:08 +00:00
if ( $result ) {
$tempEntry = @ ldap_first_entry ( $_SESSION [ 'ldap' ] -> server (), $result );
2007-02-18 18:35:25 +00:00
if ( $tempEntry ) {
$binData = ldap_get_values_len ( $_SESSION [ 'ldap' ] -> server (), $tempEntry , $attribute );
$entry [ $attribute ] = $binData ;
}
2006-01-01 16:30:05 +00:00
}
}
2015-08-23 17:56:27 +00:00
$imgNumber = getRandomNumber ();
2010-01-02 13:49:56 +00:00
$jpeg_filename = 'jpg' . $imgNumber . '.jpg' ;
2010-04-01 18:12:07 +00:00
$outjpeg = @ fopen ( dirname ( __FILE__ ) . '/../../tmp/' . $jpeg_filename , " wb " );
2007-02-17 16:26:08 +00:00
fwrite ( $outjpeg , $entry [ $attribute ][ 0 ]);
fclose ( $outjpeg );
$photoFile = '../../tmp/' . $jpeg_filename ;
2010-01-01 23:26:57 +00:00
$imgSize = getimagesize ( $photoFile );
$minSize = 64 ;
if ( $imgSize [ 0 ] < 64 ) {
$minSize = $imgSize [ 0 ];
}
$imgTitle = _ ( 'Click to switch between thumbnail and original size.' );
2010-01-02 13:49:56 +00:00
echo " <img id= \" img $imgNumber\ " title = \ " $imgTitle\ " height = $minSize src = \ " " . $photoFile . " \" alt= \" " . _ ( 'Photo' ) . " \" > " ;
echo '<script type="text/javascript">' ;
echo " addResizeHandler(document.getElementById( \" img $imgNumber\ " ), $minSize , " . $imgSize[1] . " ) " ;
echo '</script>' ;
2007-02-17 16:26:08 +00:00
}
2008-01-26 13:01:36 +00:00
elseif (( $attribute == 'mail' ) || ( $attribute == 'rfc822Mailbox' )) {
if ( isset ( $entry [ $attribute ][ 0 ]) && ( $entry [ $attribute ][ 0 ] != '' )) {
for ( $i = 0 ; $i < sizeof ( $entry [ $attribute ]); $i ++ ) {
if ( $i > 0 ) {
echo " , " ;
}
echo " <a href= \" mailto: " . $entry [ $attribute ][ $i ] . " \" > " . $entry [ $attribute ][ $i ] . " </a> \n " ;
}
}
}
2011-04-25 17:47:17 +00:00
// expire dates
elseif ( $attribute == 'shadowexpire' ) {
2015-08-23 17:56:27 +00:00
if ( ! empty ( $entry [ $attribute ][ 0 ])) {
2015-11-07 08:30:52 +00:00
$time = new DateTime ( '@' . $entry [ $attribute ][ 0 ] * 24 * 3600 , getTimeZone ());
2015-08-23 17:56:27 +00:00
echo $time -> format ( 'd.m.Y' );
2011-04-25 17:47:17 +00:00
}
}
elseif ( $attribute == 'sambakickofftime' ) {
2015-08-23 17:56:27 +00:00
if ( ! empty ( $entry [ $attribute ][ 0 ])) {
2011-04-25 17:47:17 +00:00
if ( $entry [ $attribute ][ 0 ] > 2147483648 ) {
echo " ∞ " ;
}
else {
2016-07-18 18:34:43 +00:00
$date = new DateTime ( '@' . $entry [ $attribute ][ 0 ], new DateTimeZone ( 'UTC' ));
echo $date -> format ( 'd.m.Y' );
2011-04-25 17:47:17 +00:00
}
}
}
2012-04-06 13:12:43 +00:00
// account status
elseif ( $attribute == self :: ATTR_ACCOUNT_STATUS ) {
$this -> printAccountStatus ( $entry );
}
2007-02-17 16:26:08 +00:00
// print all other attributes
else {
parent :: listPrintTableCellContent ( $entry , $attribute );
2006-01-01 16:30:05 +00:00
}
}
2007-02-17 16:26:08 +00:00
2007-11-05 18:15:26 +00:00
/**
* Returns a list of lamListTool objects to display next to the edit / delete buttons .
*
* @ return lamListTool [] tools
*/
protected function getAdditionalTools () {
2016-07-30 07:37:07 +00:00
if ( ! isLAMProVersion ()) {
return array ();
}
if ( checkIfWriteAccessIsAllowed ( 'user' ) || ( checkIfPasswordChangeIsAllowed () && ! checkIfWriteAccessIsAllowed ())) {
2007-11-05 18:15:26 +00:00
$passwordTool = new lamListTool ( _ ( 'Change password' ), 'key.png' , 'changePassword.php' );
return array ( $passwordTool );
}
2008-01-08 17:49:50 +00:00
return array ();
2007-11-05 18:15:26 +00:00
}
2006-01-01 16:30:05 +00:00
2007-11-11 14:01:16 +00:00
/**
* Returns a list of possible configuration options .
*
* @ return array list of lamListOption objects
*/
protected function listGetAllConfigOptions () {
2007-12-09 10:45:04 +00:00
$options = parent :: listGetAllConfigOptions ();
$options [] = new lamBooleanListOption ( _ ( 'Translate GID number to group name' ), self :: TRANS_PRIMARY_OPTION_NAME );
2012-04-06 13:12:43 +00:00
$options [] = new lamBooleanListOption ( _ ( 'Show account status' ), self :: ACCOUNT_STATUS_OPTION_NAME );
2007-12-09 10:45:04 +00:00
return $options ;
2007-11-11 14:01:16 +00:00
}
/**
* Called when the configuration options changed .
*/
protected function listConfigurationChanged () {
2007-12-09 10:45:04 +00:00
parent :: listConfigurationChanged ();
2007-11-11 14:01:16 +00:00
$tpOption = $this -> listGetConfigOptionByID ( self :: TRANS_PRIMARY_OPTION_NAME );
$this -> trans_primary = $tpOption -> isSelected ();
2012-04-06 13:12:43 +00:00
$asOption = $this -> listGetConfigOptionByID ( self :: ACCOUNT_STATUS_OPTION_NAME );
2012-04-19 17:18:14 +00:00
// if account status was activated, reload LDAP data
$asOptionOldValue = $this -> showAccountStatus ;
2012-04-06 13:12:43 +00:00
$this -> showAccountStatus = $asOption -> isSelected ();
2012-04-19 17:18:14 +00:00
if ( $this -> showAccountStatus && ! $asOptionOldValue ) {
2013-01-20 19:12:32 +00:00
$this -> forceRefresh ();
2012-04-19 17:18:14 +00:00
}
2012-04-06 13:12:43 +00:00
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Returns an hash array containing with all attributes to be shown and their descriptions .
* < br > Format : array ( attribute => description )
* < br >
* < br > The user list may display an additional account status column
*
* @ return array attribute list
*/
protected function listGetAttributeDescriptionList () {
$list = parent :: listGetAttributeDescriptionList ();
if ( $this -> showAccountStatus ) {
$list [ self :: ATTR_ACCOUNT_STATUS ] = _ ( 'Account status' );
}
return $list ;
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Returns if the given attribute can be filtered .
* If filtering is not possible then no filter box will be displayed .
* < br >
* < br > The user list allows no filtering for account status .
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ param String $attr attribute name
* @ return boolean filtering possible
*/
protected function canBeFiltered ( $attr ) {
2015-05-21 17:50:00 +00:00
if ( strtolower ( $attr ) == 'jpegphoto' ) {
2012-04-06 13:12:43 +00:00
return false ;
}
return true ;
}
2015-08-23 17:56:27 +00:00
2015-05-21 17:50:00 +00:00
/**
* Prints the content of a single attribute filter area .
2015-08-23 17:56:27 +00:00
*
2015-05-21 17:50:00 +00:00
* @ param String $attrName attribute name
* @ param boolean $clearFilter true if filter value should be cleared
*/
protected function printFilterArea ( $attrName , $clearFilter ) {
if ( $attrName != self :: ATTR_ACCOUNT_STATUS ) {
parent :: printFilterArea ( $attrName , $clearFilter );
return ;
}
$value = " - " ;
if ( ! $clearFilter ) {
if ( isset ( $this -> filters [ strtolower ( $attrName )])) {
$value = $this -> filters [ strtolower ( $attrName )];
}
}
$filterOptions = array (
'' => '' ,
_ ( 'Unlocked' ) => self :: FILTER_UNLOCKED ,
_ ( 'Partially locked' ) => self :: FILTER_SEMILOCKED ,
2017-10-17 15:22:22 +00:00
_ ( 'Locked' ) => self :: FILTER_LOCKED ,
_ ( 'Expired' ) => self :: FILTER_EXPIRED ,
2015-05-21 17:50:00 +00:00
);
$filterInput = new htmlSelect ( 'filter' . strtolower ( $attrName ), $filterOptions , array ( $value ));
2016-12-24 12:04:31 +00:00
$filterInput -> setCSSClasses ( array ( $this -> type -> getScope () . '-dark' ));
2015-05-21 17:50:00 +00:00
$filterInput -> setHasDescriptiveElements ( true );
$filterInput -> setOnchangeEvent ( 'document.getElementsByName(\'apply_filter\')[0].click();' );
2016-12-24 12:04:31 +00:00
parseHtml ( null , $filterInput , array (), false , $this -> tabindex , $this -> type -> getScope ());
2015-05-21 17:50:00 +00:00
}
2015-08-23 17:56:27 +00:00
2015-05-21 17:50:00 +00:00
/**
* Builds the LDAP filter based on the filter entries in the GUI .
2015-08-23 17:56:27 +00:00
*
2015-05-21 17:50:00 +00:00
* @ return String LDAP filter
*/
protected function buildLDAPAttributeFilter () {
$this -> accountStatusFilter = null ;
$text = '' ;
foreach ( $this -> filters as $attr => $filter ) {
if ( $attr == self :: ATTR_ACCOUNT_STATUS ) {
$this -> accountStatusFilter = $filter ;
continue ;
}
$text .= '(' . $attr . '=' . $filter . ')' ;
}
return $text ;
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Returns a list of additional LDAP attributes that should be read .
* This can be used to show additional data even if the user selected other attributes to show in the list .
* < br >
* < br > The user list reads pwdAccountLockedTime , sambaAcctFlags and userPassword
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ return array additional attribute names
*/
protected function getAdditionalLDAPAttributesToRead () {
$attrs = parent :: getAdditionalLDAPAttributesToRead ();
if ( $this -> showAccountStatus ) {
$attrs [] = 'pwdAccountLockedTime' ;
$attrs [] = 'sambaAcctFlags' ;
$attrs [] = 'userPassword' ;
2013-04-20 08:31:09 +00:00
$attrs [] = 'userAccountControl' ;
2017-05-07 11:26:41 +00:00
$attrs [] = 'lockoutTime' ;
2016-05-14 11:28:22 +00:00
$attrs [] = 'nsAccountLock' ;
2016-05-14 12:12:24 +00:00
$attrs [] = 'accountUnlockTime' ;
2017-10-16 17:51:27 +00:00
$attrs [] = 'shadowExpire' ;
2017-10-17 15:46:04 +00:00
$attrs [] = 'shadowLastChange' ;
$attrs [] = 'shadowMax' ;
$attrs [] = 'shadowInactive' ;
2017-10-19 17:32:22 +00:00
$attrs [] = 'accountExpires' ;
2012-04-06 13:12:43 +00:00
$attrs [] = 'objectClass' ;
}
return $attrs ;
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Injects values for the virtual account status attribute to make it sortable .
*/
2015-05-21 17:50:00 +00:00
private function injectAccountStatusAttributeAndFilterByStatus () {
2013-04-20 15:14:03 +00:00
$entryCount = sizeof ( $this -> entries );
for ( $i = 0 ; $i < $entryCount ; $i ++ ) {
2015-05-21 17:50:00 +00:00
$unixAvailable = self :: isUnixAvailable ( $this -> entries [ $i ]);
$sambaAvailable = self :: isSambaAvailable ( $this -> entries [ $i ]);
2017-04-26 17:01:57 +00:00
$ppolicyAvailable = $this -> isPPolicyAvailable ( $this -> entries [ $i ]);
2015-05-21 17:50:00 +00:00
$windowsAvailable = self :: isWindowsAvailable ( $this -> entries [ $i ]);
$unixLocked = self :: isUnixLocked ( $this -> entries [ $i ]);
$sambaLocked = self :: isSambaLocked ( $this -> entries [ $i ]);
$ppolicyLocked = self :: isPPolicyLocked ( $this -> entries [ $i ]);
$windowsLocked = self :: isWindowsLocked ( $this -> entries [ $i ]);
2017-05-07 11:26:41 +00:00
$windowsPasswordLocked = ( $this -> getWindowsPasswordLockedTime ( $this -> entries [ $i ]) != null );
2016-05-15 10:15:30 +00:00
$is389dsLocked = self :: is389dsLocked ( $this -> entries [ $i ]);
$is389dsDeactivated = self :: is389dsDeactivated ( $this -> entries [ $i ]);
2015-05-21 17:50:00 +00:00
$hasLocked = ( $unixAvailable && $unixLocked )
|| ( $sambaAvailable && $sambaLocked )
|| ( $ppolicyAvailable && $ppolicyLocked )
2017-05-07 11:26:41 +00:00
|| ( $windowsAvailable && ( $windowsLocked || $windowsPasswordLocked ))
2016-05-15 10:15:30 +00:00
|| $is389dsDeactivated
|| $is389dsLocked ;
2015-05-21 17:50:00 +00:00
$hasUnlocked = ( $unixAvailable && ! $unixLocked )
|| ( $sambaAvailable && ! $sambaLocked )
|| ( $ppolicyAvailable && ! $ppolicyLocked )
2015-08-23 17:56:27 +00:00
|| ( $windowsAvailable && ! $windowsLocked );
2017-10-17 15:22:22 +00:00
$shadowExpired = shadowAccount :: isAccountExpired ( $this -> entries [ $i ]);
2017-10-17 15:46:04 +00:00
$shadowPasswordExpired = shadowAccount :: isPasswordExpired ( $this -> entries [ $i ]);
2017-10-19 17:32:22 +00:00
$windowsExpired = windowsUser :: isAccountExpired ( $this -> entries [ $i ]);
$expired = $shadowExpired || $shadowPasswordExpired || $windowsExpired ;
2015-05-21 17:50:00 +00:00
$status = self :: FILTER_UNLOCKED ;
2017-10-17 15:22:22 +00:00
if ( $expired ) {
$status = self :: FILTER_EXPIRED ;
}
elseif ( $hasLocked && $hasUnlocked ) {
2015-05-21 17:50:00 +00:00
$status = self :: FILTER_SEMILOCKED ;
2013-04-20 08:31:09 +00:00
}
2015-05-21 17:50:00 +00:00
elseif ( ! $hasUnlocked && $hasLocked ) {
$status = self :: FILTER_LOCKED ;
2012-04-06 13:12:43 +00:00
}
2015-05-21 17:50:00 +00:00
// filter accounts
if ( ! empty ( $this -> accountStatusFilter )) {
if ( $status != $this -> accountStatusFilter ) {
unset ( $this -> entries [ $i ]);
continue ;
}
2012-04-06 13:12:43 +00:00
}
2015-05-21 17:50:00 +00:00
// add virtual attribute
2012-04-06 13:12:43 +00:00
$this -> entries [ $i ][ self :: ATTR_ACCOUNT_STATUS ][ 0 ] = $status ;
}
2015-05-21 17:50:00 +00:00
$this -> entries = array_values ( $this -> entries );
2012-04-06 13:12:43 +00:00
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Prints the account status .
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ param array $attrs LDAP attributes
*/
private function printAccountStatus ( & $attrs ) {
// check status
2012-04-07 16:40:34 +00:00
$unixAvailable = self :: isUnixAvailable ( $attrs );
$sambaAvailable = self :: isSambaAvailable ( $attrs );
2017-04-26 17:01:57 +00:00
$ppolicyAvailable = $this -> isPPolicyAvailable ( $attrs );
2013-04-20 08:31:09 +00:00
$windowsAvailable = self :: isWindowsAvailable ( $attrs );
$unixLocked = self :: isUnixLocked ( $attrs );
$sambaLocked = self :: isSambaLocked ( $attrs );
2012-04-07 16:40:34 +00:00
$ppolicyLocked = self :: isPPolicyLocked ( $attrs );
2013-04-20 08:31:09 +00:00
$windowsLocked = self :: isWindowsLocked ( $attrs );
2017-05-07 11:26:41 +00:00
$windowsPasswordLockedTime = $this -> getWindowsPasswordLockedTime ( $attrs );
$windowsPasswordLocked = ( $windowsPasswordLockedTime != null );
2016-05-14 11:28:22 +00:00
$is389dsDeactivated = self :: is389dsDeactivated ( $attrs );
2016-05-14 12:12:24 +00:00
$is389dsLocked = self :: is389dsLocked ( $attrs );
2017-05-07 11:26:41 +00:00
$partiallyLocked = $unixLocked || $sambaLocked
|| $ppolicyLocked || $windowsLocked || $windowsPasswordLocked
|| $is389dsDeactivated || $is389dsLocked ;
2016-05-14 12:12:24 +00:00
$fullyLocked = ( $unixAvailable || $sambaAvailable || $ppolicyAvailable || $windowsAvailable || $is389dsDeactivated || $is389dsLocked )
2012-04-06 13:12:43 +00:00
&& ( ! $unixAvailable || $unixLocked )
&& ( ! $sambaAvailable || $sambaLocked )
2013-04-20 08:31:09 +00:00
&& ( ! $ppolicyAvailable || $ppolicyLocked )
&& ( ! $windowsAvailable || $windowsLocked );
2017-10-16 17:51:27 +00:00
$shadowExpired = shadowAccount :: isAccountExpired ( $attrs );
2017-10-17 15:46:04 +00:00
$shadowPasswordExpired = shadowAccount :: isPasswordExpired ( $attrs );
2017-10-19 17:32:22 +00:00
$windowsExpired = windowsUser :: isAccountExpired ( $attrs );
$expired = $shadowExpired || $shadowPasswordExpired || $windowsExpired ;
2012-04-06 13:12:43 +00:00
$icon = 'unlocked.png' ;
2017-10-16 17:51:27 +00:00
if ( $expired ) {
$icon = 'expired.png' ;
}
elseif ( $fullyLocked ) {
2012-04-06 13:12:43 +00:00
$icon = 'lock.png' ;
}
elseif ( $partiallyLocked ) {
$icon = 'partiallyLocked.png' ;
}
// print icon and detail tooltips
2017-10-16 17:51:27 +00:00
if ( $unixAvailable || $sambaAvailable || $ppolicyAvailable || $windowsAvailable || $is389dsDeactivated || $expired ) {
2012-04-06 13:12:43 +00:00
$tipContent = '<table border=0>' ;
2017-10-16 17:51:27 +00:00
// Shadow expired
if ( $shadowExpired ) {
2017-10-16 17:54:44 +00:00
$tipContent .= '<tr><td>' . _ ( 'Shadow' ) . ': ' . _ ( 'Account expiration' ) . ' </td><td><img height=16 width=16 src="../../graphics/expired.png"></td></tr>' ;
2017-10-16 17:51:27 +00:00
}
2017-10-17 15:46:04 +00:00
elseif ( $shadowPasswordExpired ) {
$tipContent .= '<tr><td>' . _ ( 'Shadow' ) . ': ' . _ ( 'Password expiration' ) . ' </td><td><img height=16 width=16 src="../../graphics/expired.png"></td></tr>' ;
}
2012-04-06 13:12:43 +00:00
// Unix
if ( $unixAvailable ) {
$unixIcon = 'unlocked.png' ;
if ( $unixLocked ) {
$unixIcon = 'lock.png' ;
}
$tipContent .= '<tr><td>' . _ ( 'Unix' ) . ' </td><td><img height=16 width=16 src="../../graphics/' . $unixIcon . '"></td></tr>' ;
}
// Samba
if ( $sambaAvailable ) {
$sambaIcon = 'unlocked.png' ;
if ( $sambaLocked ) {
$sambaIcon = 'lock.png' ;
}
2012-04-19 16:53:12 +00:00
$tipContent .= '<tr><td>' . _ ( 'Samba 3' ) . ' </td><td><img height=16 width=16 src="../../graphics/' . $sambaIcon . '"></td></tr>' ;
2012-04-06 13:12:43 +00:00
}
// PPolicy
if ( $ppolicyAvailable ) {
$ppolicyIcon = 'unlocked.png' ;
if ( $ppolicyLocked ) {
$ppolicyIcon = 'lock.png' ;
}
$tipContent .= '<tr><td>' . _ ( 'Password policy' ) . ' </td><td><img height=16 width=16 src="../../graphics/' . $ppolicyIcon . '"></td></tr>' ;
}
2013-04-20 08:31:09 +00:00
// Windows
if ( $windowsAvailable ) {
$windowsIcon = 'unlocked.png' ;
if ( $windowsLocked ) {
$windowsIcon = 'lock.png' ;
}
$tipContent .= '<tr><td>' . _ ( 'Windows' ) . ' </td><td><img height=16 width=16 src="../../graphics/' . $windowsIcon . '"></td></tr>' ;
2017-10-19 17:32:22 +00:00
if ( $windowsExpired ) {
$tipContent .= '<tr><td>' . _ ( 'Windows' ) . ': ' . _ ( 'Account expiration' ) . ' </td><td><img height=16 width=16 src="../../graphics/expired.png"></td></tr>' ;
}
2013-04-20 08:31:09 +00:00
}
2017-05-07 11:26:41 +00:00
if ( $windowsAvailable && $windowsPasswordLocked ) {
$tipContent .= '<tr><td>' . _ ( 'Locked till' ) . ' </td><td>' . $windowsPasswordLockedTime -> format ( 'Y-m-d H:i:s' ) . '</td></tr>' ;
}
2016-05-14 12:12:24 +00:00
// 389 locked
if ( $is389dsLocked ) {
$tipContent .= '<tr><td>' . _ ( 'Locked' ) . ' </td><td><img height=16 width=16 src="../../graphics/lock.png"></td></tr>' ;
}
2016-05-14 11:28:22 +00:00
// 389 deactivation
if ( $is389dsDeactivated ) {
$tipContent .= '<tr><td>' . _ ( 'Deactivated' ) . ' </td><td><img height=16 width=16 src="../../graphics/lock.png"></td></tr>' ;
}
2012-04-06 13:12:43 +00:00
$tipContent .= '</table>' ;
2013-10-20 18:07:56 +00:00
echo '<img helptitle="' . _ ( 'Account status' ) . '" helpdata="' . $tipContent . '" alt="status" height=16 width=16 src="../../graphics/' . $icon . '">' ;
2012-04-06 13:12:43 +00:00
}
else {
echo '<img alt="status" height=16 width=16 src="../../graphics/' . $icon . '">' ;
}
}
/**
* Returns if the Unix part exists .
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ param array $attrs LDAP attributes
* @ return boolean Unix part exists
*/
2012-05-27 20:27:13 +00:00
public static function isUnixAvailable ( & $attrs ) {
2013-04-07 17:27:21 +00:00
return ( isset ( $attrs [ 'objectclass' ]) && in_array_ignore_case ( 'posixAccount' , $attrs [ 'objectclass' ]) && isset ( $attrs [ 'userpassword' ][ 0 ]));
2012-04-06 13:12:43 +00:00
}
2015-08-23 17:56:27 +00:00
2017-10-16 17:51:27 +00:00
/**
* Returns if the Shadow part exists .
*
* @ param array $attrs LDAP attributes
* @ return boolean Shadow part exists
*/
public static function isShadowAvailable ( & $attrs ) {
return ( isset ( $attrs [ 'objectclass' ]) && in_array_ignore_case ( 'shadowAccount' , $attrs [ 'objectclass' ]));
}
2012-04-06 13:12:43 +00:00
/**
* Returns if the Unix part is locked .
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ param array $attrs LDAP attributes
* @ return boolean Unix part locked
*/
2012-05-27 20:27:13 +00:00
public static function isUnixLocked ( & $attrs ) {
2013-04-07 17:27:21 +00:00
return (( isset ( $attrs [ 'userpassword' ][ 0 ]) && ! pwd_is_enabled ( $attrs [ 'userpassword' ][ 0 ])));
2012-04-06 13:12:43 +00:00
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Returns if the Samba part exists .
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ param array $attrs LDAP attributes
* @ return boolean Samba part exists
*/
2012-05-27 20:27:13 +00:00
public static function isSambaAvailable ( & $attrs ) {
2012-04-06 13:12:43 +00:00
return ( isset ( $attrs [ 'objectclass' ]) && in_array_ignore_case ( 'sambaSamAccount' , $attrs [ 'objectclass' ]));
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Returns if the Samba part is locked .
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ param array $attrs LDAP attributes
* @ return boolean Samba part is locked
*/
2012-05-27 20:27:13 +00:00
public static function isSambaLocked ( & $attrs ) {
2012-04-06 13:12:43 +00:00
return ( isset ( $attrs [ 'sambaacctflags' ][ 0 ]) && strpos ( $attrs [ 'sambaacctflags' ][ 0 ], " D " ));
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Returns if the PPolicy part exists .
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ param array $attrs LDAP attributes
* @ return boolean PPolicy part exists
*/
2017-04-26 17:01:57 +00:00
public function isPPolicyAvailable ( & $attrs ) {
return in_array ( 'ppolicyUser' , $this -> type -> getModules ());
2012-04-06 13:12:43 +00:00
}
2015-08-23 17:56:27 +00:00
2012-04-06 13:12:43 +00:00
/**
* Returns if the PPolicy part is locked .
2015-08-23 17:56:27 +00:00
*
2012-04-06 13:12:43 +00:00
* @ param array $attrs LDAP attributes
* @ return boolean PPolicy part is locked
*/
2012-05-27 20:27:13 +00:00
public static function isPPolicyLocked ( & $attrs ) {
2012-04-06 13:12:43 +00:00
return ( isset ( $attrs [ 'pwdaccountlockedtime' ][ 0 ]) && ( $attrs [ 'pwdaccountlockedtime' ][ 0 ] != '' ));
2007-11-11 14:01:16 +00:00
}
2015-08-23 17:56:27 +00:00
2013-04-20 08:31:09 +00:00
/**
* Returns if the Windows part exists .
2015-08-23 17:56:27 +00:00
*
2013-04-20 08:31:09 +00:00
* @ param array $attrs LDAP attributes
* @ return boolean Windows part exists
*/
public static function isWindowsAvailable ( & $attrs ) {
return ( isset ( $attrs [ 'objectclass' ]) && in_array_ignore_case ( 'user' , $attrs [ 'objectclass' ]) && isset ( $attrs [ 'useraccountcontrol' ][ 0 ]));
}
2015-08-23 17:56:27 +00:00
2013-04-20 08:31:09 +00:00
/**
* Returns if the Windows part is locked .
2015-08-23 17:56:27 +00:00
*
2013-04-20 08:31:09 +00:00
* @ param array $attrs LDAP attributes
* @ return boolean Windows part is locked
*/
public static function isWindowsLocked ( & $attrs ) {
return windowsUser :: isDeactivated ( $attrs );
}
2015-08-23 17:56:27 +00:00
2017-05-07 11:26:41 +00:00
/**
* Returns if the Windows password is locked .
*
* @ param array $attrs LDAP attributes
* @ return DateTime Windows password lock time or null
*/
public function getWindowsPasswordLockedTime ( & $attrs ) {
return windowsUser :: getPasswordLocked ( $attrs , $this -> type );
}
2016-06-19 13:34:02 +00:00
/**
* Returns if the 389 ds is activated .
*
* @ param array $attrs LDAP attributes
* @ return boolean 389 ds available
*/
2017-04-26 17:01:57 +00:00
public function is389dsAvailable ( & $attrs ) {
return in_array ( 'locking389ds' , $this -> type -> getModules ());
2016-06-19 13:34:02 +00:00
}
2016-05-14 11:28:22 +00:00
/**
* Returns if deactivated by nsAccountLock .
*
* @ param array $attrs LDAP attributes
* @ return boolean account is deactivated
*/
public static function is389dsDeactivated ( & $attrs ) {
return ( isset ( $attrs [ 'nsaccountlock' ][ 0 ]) && ( $attrs [ 'nsaccountlock' ][ 0 ] == 'true' ));
}
2016-05-14 12:12:24 +00:00
/**
* Returns if locked by accountUnlockTime .
*
* @ param array $attrs LDAP attributes
* @ return boolean account is locked
*/
public static function is389dsLocked ( & $attrs ) {
return ( isset ( $attrs [ 'accountunlocktime' ][ 0 ]) && ! empty ( $attrs [ 'accountunlocktime' ][ 0 ]));
}
2006-01-01 16:30:05 +00:00
}
?>