2005-10-20 10:52:36 +00:00
|
|
|
<?php
|
2017-02-18 09:13:08 +00:00
|
|
|
use \LAM\PDF\PDFTable;
|
|
|
|
use \LAM\PDF\PDFTableCell;
|
|
|
|
use \LAM\PDF\PDFTableRow;
|
2005-10-20 10:52:36 +00:00
|
|
|
/*
|
|
|
|
|
2009-10-27 18:47:12 +00:00
|
|
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
2019-08-19 19:59:47 +00:00
|
|
|
Copyright (C) 2005 - 2019 Roland Gruber
|
2005-10-20 10:52:36 +00:00
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this program; if not, write to the Free Software
|
|
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Manages SSH public keys.
|
|
|
|
*
|
|
|
|
* @package modules
|
|
|
|
* @author Roland Gruber
|
|
|
|
* @author Andrew Dibble <adibble@mobitv.com>
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Manages SSH public keys.
|
|
|
|
*
|
|
|
|
* @package modules
|
|
|
|
*/
|
|
|
|
class ldapPublicKey extends baseModule {
|
2006-08-13 12:58:19 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
/** session variable for existing keys in self service */
|
|
|
|
const SESS_KEY_LIST = 'ldapPublicKey_keyList';
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2015-09-02 16:39:30 +00:00
|
|
|
/**
|
2019-08-19 19:59:47 +00:00
|
|
|
* Creates a new ldapPublicKey object.
|
2015-09-02 16:39:30 +00:00
|
|
|
*
|
|
|
|
* @param string $scope account type (user, group, host)
|
|
|
|
*/
|
|
|
|
function __construct($scope) {
|
|
|
|
// call parent constructor
|
|
|
|
parent::__construct($scope);
|
|
|
|
$this->autoAddObjectClasses = false;
|
|
|
|
}
|
|
|
|
|
2014-04-20 13:00:42 +00:00
|
|
|
/**
|
|
|
|
* Returns true if this module can manage accounts of the current type, otherwise false.
|
2015-07-08 19:22:27 +00:00
|
|
|
*
|
2014-04-20 13:00:42 +00:00
|
|
|
* @return boolean true if module fits
|
|
|
|
*/
|
|
|
|
public function can_manage() {
|
|
|
|
return in_array($this->get_scope(), array('user'));
|
|
|
|
}
|
|
|
|
|
2005-10-20 10:52:36 +00:00
|
|
|
/**
|
|
|
|
* Returns meta data that is interpreted by parent class
|
|
|
|
*
|
|
|
|
* @return array array with meta data
|
2015-07-08 19:22:27 +00:00
|
|
|
*
|
2008-02-03 14:28:28 +00:00
|
|
|
* @see baseModule::get_metaData()
|
2005-10-20 10:52:36 +00:00
|
|
|
*/
|
|
|
|
function get_metaData() {
|
|
|
|
$return = array();
|
2007-11-19 18:42:03 +00:00
|
|
|
// icon
|
2007-12-01 12:34:52 +00:00
|
|
|
$return['icon'] = 'keyBig.png';
|
2005-10-20 10:52:36 +00:00
|
|
|
// alias name
|
|
|
|
$return["alias"] = _("SSH public key");
|
|
|
|
// module dependencies
|
|
|
|
$return['dependencies'] = array('depends' => array(), 'conflicts' => array());
|
2006-04-05 15:48:27 +00:00
|
|
|
// managed object classes
|
|
|
|
$return['objectClasses'] = array('ldapPublicKey');
|
2006-05-13 08:55:31 +00:00
|
|
|
// managed attributes
|
|
|
|
$return['attributes'] = array('sshPublicKey');
|
2005-10-20 10:52:36 +00:00
|
|
|
// help Entries
|
|
|
|
$return['help'] = array(
|
2013-11-02 11:08:04 +00:00
|
|
|
'sshPublicKey' => array(
|
2012-02-04 15:56:31 +00:00
|
|
|
"Headline" => _("SSH public key"), 'attr' => 'sshPublicKey',
|
2005-10-20 10:52:36 +00:00
|
|
|
"Text" => _("Please enter your public SSH key.")
|
|
|
|
),
|
|
|
|
'keyList' => array(
|
2012-02-04 15:56:31 +00:00
|
|
|
"Headline" => _("SSH public key"), 'attr' => 'sshPublicKey',
|
2005-10-20 10:52:36 +00:00
|
|
|
"Text" => _("Please a comma separated list of your public SSH keys.")
|
2013-08-15 19:06:57 +00:00
|
|
|
),
|
|
|
|
'upload' => array(
|
|
|
|
"Headline" => _("File upload"), 'attr' => 'sshPublicKey',
|
|
|
|
"Text" => _("Upload a file with one or more keys. Each line contains one key.")
|
|
|
|
),
|
2015-09-02 16:39:30 +00:00
|
|
|
'autoAdd' => array(
|
|
|
|
"Headline" => _("Automatically add this extension"),
|
|
|
|
"Text" => _("This will enable the extension automatically if this profile is loaded.")
|
|
|
|
),
|
2005-10-20 10:52:36 +00:00
|
|
|
);
|
2015-09-02 16:39:30 +00:00
|
|
|
// profile options
|
2018-05-19 07:48:12 +00:00
|
|
|
$profileContainer = new htmlResponsiveRow();
|
|
|
|
$profileContainer->add(new htmlResponsiveInputCheckbox('ldapPublicKey_addExt', false, _('Automatically add this extension'), 'autoAdd'), 12);
|
2015-09-02 16:39:30 +00:00
|
|
|
$return['profile_options'] = $profileContainer;
|
2005-10-20 10:52:36 +00:00
|
|
|
// upload fields
|
|
|
|
$return['upload_columns'] = array(
|
|
|
|
array(
|
|
|
|
'name' => 'ldapPublicKey_sshPublicKey',
|
|
|
|
'description' => _('SSH public key'),
|
|
|
|
'help' => 'keyList',
|
2007-06-10 14:51:35 +00:00
|
|
|
'example' => _('ssh-dss 234234 user@host')
|
2005-10-20 10:52:36 +00:00
|
|
|
)
|
|
|
|
);
|
|
|
|
// available PDF fields
|
|
|
|
$return['PDF_fields'] = array(
|
2012-02-05 19:15:50 +00:00
|
|
|
'sshPublicKey' => _('SSH public keys')
|
2005-10-20 10:52:36 +00:00
|
|
|
);
|
2013-01-15 21:53:45 +00:00
|
|
|
// self service field settings
|
|
|
|
$return['selfServiceFieldSettings'] = array(
|
|
|
|
'sshPublicKey' => _('SSH public keys'),
|
|
|
|
);
|
2005-10-20 10:52:36 +00:00
|
|
|
return $return;
|
|
|
|
}
|
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
/**
|
|
|
|
* This function fills the message array.
|
|
|
|
**/
|
|
|
|
function load_Messages() {
|
|
|
|
$this->messages['file'][0] = array('ERROR', _('No file selected.'));
|
2015-07-26 07:58:42 +00:00
|
|
|
$this->messages['file'][1] = array('ERROR', _('The uploaded file seems to be no valid public key.'));
|
2013-08-15 19:06:57 +00:00
|
|
|
}
|
|
|
|
|
2005-10-20 10:52:36 +00:00
|
|
|
/**
|
2007-11-03 14:17:19 +00:00
|
|
|
* Returns the HTML meta data for the main account page.
|
2015-07-08 19:22:27 +00:00
|
|
|
*
|
2010-09-20 17:41:20 +00:00
|
|
|
* @return htmlElement HTML meta data
|
2007-11-03 14:17:19 +00:00
|
|
|
*/
|
2006-08-13 12:58:19 +00:00
|
|
|
function display_html_attributes() {
|
2019-09-06 19:13:43 +00:00
|
|
|
$return = new htmlResponsiveRow();
|
2015-09-02 16:39:30 +00:00
|
|
|
if (in_array('ldapPublicKey', $this->attributes['objectClass'])) {
|
|
|
|
$this->addMultiValueInputTextField($return, 'sshPublicKey', _('SSH public key'), false, '16384', false, null, '50');
|
|
|
|
// file upload
|
2019-09-06 19:13:43 +00:00
|
|
|
$return->addVerticalSpacer('2rem');
|
|
|
|
$return->addLabel(new htmlOutputText(_('Upload file')));
|
2015-09-02 16:39:30 +00:00
|
|
|
$uploadGroup = new htmlGroup();
|
|
|
|
$uploadGroup->addElement(new htmlInputFileUpload('sshPublicKeyFile'));
|
|
|
|
$uploadGroup->addElement(new htmlSpacer('1px', null));
|
|
|
|
$uploadGroup->addElement(new htmlButton('sshPublicKeyFileSubmit', _('Upload')));
|
|
|
|
$uploadGroup->addElement(new htmlSpacer('5px', null));
|
|
|
|
$uploadGroup->addElement(new htmlHelpLink('upload'));
|
2019-09-06 19:13:43 +00:00
|
|
|
$return->addField($uploadGroup);
|
2015-09-02 16:39:30 +00:00
|
|
|
|
2019-09-06 19:13:43 +00:00
|
|
|
$return->addVerticalSpacer('2rem');
|
2015-09-02 16:39:30 +00:00
|
|
|
|
|
|
|
$remButton = new htmlButton('remObjectClass', _('Remove SSH public key extension'));
|
2019-09-06 19:13:43 +00:00
|
|
|
$return->add($remButton, 12, 12, 12, 'text-center');
|
2015-09-02 16:39:30 +00:00
|
|
|
}
|
|
|
|
else {
|
2019-09-06 19:13:43 +00:00
|
|
|
$return->add(new htmlButton('addObjectClass', _('Add SSH public key extension')), 12);
|
2015-09-02 16:39:30 +00:00
|
|
|
}
|
2005-10-20 10:52:36 +00:00
|
|
|
return $return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Processes user input of the primary module page.
|
|
|
|
* It checks if all input values are correct and updates the associated LDAP attributes.
|
|
|
|
*
|
|
|
|
* @return array list of info/error messages
|
|
|
|
*/
|
2006-08-13 12:58:19 +00:00
|
|
|
function process_attributes() {
|
2013-08-15 19:06:57 +00:00
|
|
|
$messages = array();
|
2015-09-02 16:39:30 +00:00
|
|
|
// add extension
|
|
|
|
if (isset($_POST['addObjectClass'])) {
|
|
|
|
$this->attributes['objectClass'][] = 'ldapPublicKey';
|
|
|
|
return array();
|
|
|
|
}
|
|
|
|
// remove extension
|
|
|
|
elseif (isset($_POST['remObjectClass'])) {
|
|
|
|
$this->attributes['objectClass'] = array_delete(array('ldapPublicKey'), $this->attributes['objectClass']);
|
|
|
|
if (!empty($this->attributes['sshPublicKey'])) {
|
|
|
|
unset($this->attributes['sshPublicKey']);
|
|
|
|
}
|
|
|
|
return array();
|
|
|
|
}
|
|
|
|
// skip processing if extension is not active
|
|
|
|
if (!in_array('ldapPublicKey', $this->attributes['objectClass'])) {
|
|
|
|
return array();
|
|
|
|
}
|
2013-11-02 11:08:04 +00:00
|
|
|
$this->processMultiValueInputTextField('sshPublicKey', $messages);
|
2013-08-15 19:06:57 +00:00
|
|
|
// file upload
|
|
|
|
if (isset($_POST['sshPublicKeyFileSubmit'])) {
|
|
|
|
if ($_FILES['sshPublicKeyFile'] && ($_FILES['sshPublicKeyFile']['size'] > 0)) {
|
|
|
|
$handle = fopen($_FILES['sshPublicKeyFile']['tmp_name'], "r");
|
|
|
|
$data = fread($handle, 10000000);
|
|
|
|
fclose($handle);
|
2015-07-26 07:58:42 +00:00
|
|
|
$isOk = true;
|
|
|
|
if (is_executable('/usr/bin/ssh-keygen')) {
|
|
|
|
$out = array();
|
|
|
|
$retVal = 0;
|
|
|
|
exec('/usr/bin/ssh-keygen -l -f ' . escapeshellarg($_FILES['sshPublicKeyFile']['tmp_name']), $out, $retVal);
|
|
|
|
if ($retVal !== 0) {
|
|
|
|
$messages[] = $this->messages['file'][1];
|
|
|
|
$isOk = false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ($isOk) {
|
|
|
|
$data = str_replace("\r\n", "\n", $data);
|
|
|
|
$data = str_replace("\r", "\n", $data);
|
|
|
|
$lines = explode("\n", $data);
|
|
|
|
foreach ($lines as $line) {
|
|
|
|
if (!empty($line) && !(strpos($line, '#') === 0)) {
|
|
|
|
$this->attributes['sshPublicKey'][] = $line;
|
|
|
|
}
|
2013-08-15 19:06:57 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$messages[] = $this->messages['file'][0];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
$this->attributes['sshPublicKey'] = array_values(array_unique($this->attributes['sshPublicKey']));
|
|
|
|
return $messages;
|
2005-10-20 10:52:36 +00:00
|
|
|
}
|
|
|
|
|
2015-09-02 16:39:30 +00:00
|
|
|
/**
|
|
|
|
* Returns a list of modifications which have to be made to the LDAP account.
|
|
|
|
*
|
|
|
|
* @return array list of modifications
|
|
|
|
* <br>This function returns an array with 3 entries:
|
|
|
|
* <br>array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
|
|
|
|
* <br>DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
|
|
|
|
* <br>"add" are attributes which have to be added to LDAP entry
|
|
|
|
* <br>"remove" are attributes which have to be removed from LDAP entry
|
|
|
|
* <br>"modify" are attributes which have to been modified in LDAP entry
|
|
|
|
* <br>"info" are values with informational value (e.g. to be used later by pre/postModify actions)
|
|
|
|
*/
|
|
|
|
function save_attributes() {
|
|
|
|
if (!in_array('ldapPublicKey', $this->attributes['objectClass']) && !in_array('ldapPublicKey', $this->orig['objectClass'])) {
|
|
|
|
// skip saving if the extension was not added/modified
|
|
|
|
return array();
|
|
|
|
}
|
|
|
|
return parent::save_attributes();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Loads the values of an account profile into internal variables.
|
|
|
|
*
|
|
|
|
* @param array $profile hash array with profile values (identifier => value)
|
|
|
|
*/
|
|
|
|
function load_profile($profile) {
|
|
|
|
// profile mappings in meta data
|
|
|
|
parent::load_profile($profile);
|
|
|
|
// add extension
|
|
|
|
if (isset($profile['ldapPublicKey_addExt'][0]) && ($profile['ldapPublicKey_addExt'][0] == "true")) {
|
|
|
|
if (!in_array('ldapPublicKey', $this->attributes['objectClass'])) {
|
|
|
|
$this->attributes['objectClass'][] = 'ldapPublicKey';
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-10-20 10:52:36 +00:00
|
|
|
/**
|
2017-05-20 09:46:49 +00:00
|
|
|
* {@inheritDoc}
|
|
|
|
* @see baseModule::build_uploadAccounts()
|
|
|
|
*/
|
|
|
|
function build_uploadAccounts($rawAccounts, $ids, &$partialAccounts, $selectedModules, &$type) {
|
2005-10-20 10:52:36 +00:00
|
|
|
$messages = array();
|
|
|
|
for ($i = 0; $i < sizeof($rawAccounts); $i++) {
|
|
|
|
// add object class
|
|
|
|
if (!in_array("ldapPublicKey", $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = "ldapPublicKey";
|
|
|
|
// add keys
|
2015-08-16 08:47:48 +00:00
|
|
|
$this->mapSimpleUploadField($rawAccounts, $ids, $partialAccounts, $i, 'ldapPublicKey_sshPublicKey', 'sshPublicKey', null, null, $messages, '/,[ ]*/');
|
2005-10-20 10:52:36 +00:00
|
|
|
}
|
|
|
|
return $messages;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2017-02-19 08:14:11 +00:00
|
|
|
* {@inheritDoc}
|
|
|
|
* @see baseModule::get_pdfEntries()
|
2015-01-07 17:16:35 +00:00
|
|
|
*/
|
2017-04-01 07:57:03 +00:00
|
|
|
function get_pdfEntries($pdfKeys, $typeId) {
|
2005-10-20 10:52:36 +00:00
|
|
|
$return = array();
|
2018-05-01 07:41:30 +00:00
|
|
|
if (!empty($this->attributes['sshPublicKey'])) {
|
2015-07-08 19:22:27 +00:00
|
|
|
$pdfTable = new PDFTable(_('SSH public keys'));
|
|
|
|
for ($i = 0; $i < sizeof($this->attributes['sshPublicKey']); $i++) {
|
|
|
|
$pdfRow = new PDFTableRow();
|
|
|
|
$pdfRow->cells[] = new PDFTableCell($this->attributes['sshPublicKey'][$i]);
|
|
|
|
$pdfTable->rows[] = $pdfRow;
|
2005-10-20 10:52:36 +00:00
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
$this->addPDFTable($return, 'sshPublicKey', $pdfTable);
|
2005-10-20 10:52:36 +00:00
|
|
|
}
|
|
|
|
return $return;
|
|
|
|
}
|
|
|
|
|
2013-01-15 21:53:45 +00:00
|
|
|
/**
|
|
|
|
* Returns the meta HTML code for each input field.
|
|
|
|
* format: array(<field1> => array(<META HTML>), ...)
|
|
|
|
* It is not possible to display help links.
|
|
|
|
*
|
|
|
|
* @param array $fields list of active fields
|
|
|
|
* @param array $attributes attributes of LDAP account
|
|
|
|
* @param boolean $passwordChangeOnly indicates that the user is only allowed to change his password and no LDAP content is readable
|
|
|
|
* @param array $readOnlyFields list of read-only fields
|
2015-08-09 07:57:56 +00:00
|
|
|
* @return array list of meta HTML elements (field name => htmlResponsiveRow)
|
2013-01-15 21:53:45 +00:00
|
|
|
*/
|
|
|
|
function getSelfServiceOptions($fields, $attributes, $passwordChangeOnly, $readOnlyFields) {
|
|
|
|
$return = array();
|
|
|
|
if ($passwordChangeOnly) {
|
|
|
|
return $return; // no fields as long no LDAP content can be read
|
|
|
|
}
|
|
|
|
if (in_array('sshPublicKey', $fields)) {
|
|
|
|
$sshPublicKeys = array();
|
|
|
|
if (isset($attributes['sshPublicKey'][0])) {
|
|
|
|
$sshPublicKeys = $attributes['sshPublicKey'];
|
|
|
|
}
|
2013-08-15 19:06:57 +00:00
|
|
|
$_SESSION[self::SESS_KEY_LIST] = $sshPublicKeys;
|
|
|
|
$keyTable = new htmlTable();
|
|
|
|
// JavaScript functions
|
|
|
|
$keyTable->addElement($this->getSelfServiceKeysJSBlock(), true);
|
|
|
|
// input fields
|
|
|
|
$keyTable->addElement(new htmlDiv('sshPublicKeyDiv', $this->getSelfServiceKeys()), true);
|
|
|
|
// upload status
|
|
|
|
$uploadStatus = new htmlDiv('ldapPublicKey_upload_status_key', new htmlOutputText(''));
|
|
|
|
$uploadStatus->setCSSClasses(array('qq-upload-list'));
|
|
|
|
$keyTable->addElement($uploadStatus, true);
|
2013-11-30 15:02:06 +00:00
|
|
|
$keyLabel = new htmlOutputText($this->getSelfServiceLabel('sshPublicKey', _('SSH public keys')));
|
2015-08-09 07:57:56 +00:00
|
|
|
$row = new htmlResponsiveRow();
|
|
|
|
$row->addLabel($keyLabel);
|
|
|
|
$row->addField($keyTable);
|
|
|
|
$return['sshPublicKey'] = $row;
|
2013-08-15 19:06:57 +00:00
|
|
|
}
|
|
|
|
return $return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returns the meta HTML code to display the key area.
|
|
|
|
* This also includes the file upload.
|
2015-07-08 19:22:27 +00:00
|
|
|
*
|
2013-08-15 19:06:57 +00:00
|
|
|
* @return htmlTable key content
|
|
|
|
*/
|
|
|
|
private function getSelfServiceKeys() {
|
|
|
|
$keys = $_SESSION[self::SESS_KEY_LIST];
|
2015-08-09 09:00:38 +00:00
|
|
|
$content = new htmlResponsiveRow();
|
2013-08-15 19:06:57 +00:00
|
|
|
if (sizeof($keys) > 0) {
|
|
|
|
for ($i = 0; $i < sizeof($keys); $i++) {
|
2015-08-09 09:00:38 +00:00
|
|
|
$group = new htmlGroup();
|
2013-08-15 19:06:57 +00:00
|
|
|
$keyInput = new htmlInputField('sshPublicKey_' . $i, $keys[$i]);
|
|
|
|
$keyInput->setFieldMaxLength(16384);
|
2015-08-09 09:00:38 +00:00
|
|
|
$group->addElement($keyInput);
|
2013-08-15 19:06:57 +00:00
|
|
|
$delLink = new htmlLink('', '#', '../../graphics/del.png');
|
|
|
|
$delLink->setTitle(_('Delete'));
|
|
|
|
$delLink->setOnClick('ldapPublicKeyDeleteKey(' . $i . ', ' . sizeof($keys) . ');return false;');
|
2015-08-09 09:00:38 +00:00
|
|
|
$group->addElement($delLink);
|
2013-08-15 19:06:57 +00:00
|
|
|
if ($i == (sizeof($keys) - 1)) {
|
|
|
|
$addLink = new htmlLink('', '#', '../../graphics/add.png');
|
|
|
|
$addLink->setTitle(_('Add'));
|
|
|
|
$addLink->setOnClick('ldapPublicKeyAddKey(' . sizeof($keys) . ');return false;');
|
2015-08-09 09:00:38 +00:00
|
|
|
$group->addElement($addLink);
|
2013-01-15 21:53:45 +00:00
|
|
|
}
|
2015-08-09 09:00:38 +00:00
|
|
|
$content->add($group, 12, 12, 12, 'nowrap');
|
2013-01-15 21:53:45 +00:00
|
|
|
}
|
|
|
|
}
|
2013-08-15 19:06:57 +00:00
|
|
|
else {
|
|
|
|
$addLink = new htmlLink('', '#', '../../graphics/add.png');
|
|
|
|
$addLink->setTitle(_('Add'));
|
|
|
|
$addLink->setOnClick('ldapPublicKeyAddKey(' . sizeof($keys) . ');return false;');
|
2015-08-09 09:00:38 +00:00
|
|
|
$content->add($addLink, 12);
|
2013-08-15 19:06:57 +00:00
|
|
|
}
|
|
|
|
// upload button
|
|
|
|
$uploadButtons = new htmlGroup();
|
|
|
|
$uploadButtons->addElement(new htmlDiv('ldapPublicKeyKeyUploadId', new htmlOutputText('')), true);
|
|
|
|
$keyUpload = new htmlJavaScript('ldapPublicKeyUploadKey(\'ldapPublicKeyKeyUploadId\', ' . sizeof($keys) . ');');
|
|
|
|
$uploadButtons->addElement($keyUpload);
|
2015-08-09 09:00:38 +00:00
|
|
|
$content->add($uploadButtons, 12);
|
2013-08-15 19:06:57 +00:00
|
|
|
return $content;
|
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
/**
|
|
|
|
* Returns the Java Script functions to manage the keys.
|
2015-07-08 19:22:27 +00:00
|
|
|
*
|
2013-08-15 19:06:57 +00:00
|
|
|
* @return htmlJavaScript JS block
|
|
|
|
*/
|
|
|
|
private static function getSelfServiceKeysJSBlock() {
|
|
|
|
$content = '
|
|
|
|
function ldapPublicKeyDeleteKey(id, count) {
|
|
|
|
var actionJSON = {
|
|
|
|
"action": "deleteKey",
|
|
|
|
"id": id
|
|
|
|
};
|
|
|
|
for (c = 0; c < count; c++) {
|
|
|
|
actionJSON["sshPublicKey_" + c] = jQuery(\'#sshPublicKey_\' + c).val();
|
|
|
|
}
|
2018-03-14 19:06:09 +00:00
|
|
|
var data = {jsonInput: actionJSON};
|
|
|
|
data["' . getSecurityTokenName() . '"] = "' . getSecurityTokenValue() . '";
|
|
|
|
jQuery.post(\'../misc/ajax.php?selfservice=1&module=ldapPublicKey&scope=user\',
|
|
|
|
data, function(data) {ldapPublicKeyDeleteKeyHandleReply(data);}, \'json\');
|
2013-08-15 19:06:57 +00:00
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
function ldapPublicKeyDeleteKeyHandleReply(data) {
|
|
|
|
if (data.errorsOccured == "false") {
|
|
|
|
jQuery(\'#sshPublicKeyDiv\').html(data.html);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
alert(data.errormessage);
|
|
|
|
}
|
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
function ldapPublicKeyAddKey(count) {
|
|
|
|
var actionJSON = {
|
|
|
|
"action": "addKey"
|
|
|
|
};
|
|
|
|
for (c = 0; c < count; c++) {
|
|
|
|
actionJSON["sshPublicKey_" + c] = jQuery(\'#sshPublicKey_\' + c).val();
|
|
|
|
}
|
2018-03-14 19:06:09 +00:00
|
|
|
var data = {jsonInput: actionJSON};
|
|
|
|
data["' . getSecurityTokenName() . '"] = "' . getSecurityTokenValue() . '";
|
2015-05-14 09:18:45 +00:00
|
|
|
jQuery.post(\'../misc/ajax.php?selfservice=1&module=ldapPublicKey&scope=user'
|
|
|
|
. '&' . getSecurityTokenName() . '=' . getSecurityTokenValue()
|
2018-03-14 19:06:09 +00:00
|
|
|
. '\', data, function(data) {ldapPublicKeyAddKeyHandleReply(data);}, \'json\');
|
2013-08-15 19:06:57 +00:00
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
function ldapPublicKeyAddKeyHandleReply(data) {
|
|
|
|
if (data.errorsOccured == "false") {
|
|
|
|
jQuery(\'#sshPublicKeyDiv\').html(data.html);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
alert(data.errormessage);
|
|
|
|
}
|
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
function ldapPublicKeyUploadKey(elementID, count) {
|
|
|
|
var uploadStatus = document.getElementById(\'ldapPublicKey_upload_status_key\');
|
|
|
|
var parameters = {
|
|
|
|
action: \'ajaxKeyUpload\'
|
|
|
|
};
|
|
|
|
for (c = 0; c < count; c++) {
|
|
|
|
parameters["sshPublicKey_" + c] = jQuery(\'#sshPublicKey_\' + c).val();
|
|
|
|
}
|
2018-03-14 19:06:09 +00:00
|
|
|
parameters["' . getSecurityTokenName() . '"] = "' . getSecurityTokenValue() . '";
|
2013-08-15 19:06:57 +00:00
|
|
|
var uploader = new qq.FineUploader({
|
|
|
|
element: document.getElementById(elementID),
|
|
|
|
listElement: uploadStatus,
|
|
|
|
request: {
|
2018-03-14 19:06:09 +00:00
|
|
|
endpoint: \'../misc/ajax.php?selfservice=1&module=ldapPublicKey&scope=user\',
|
2013-08-15 19:06:57 +00:00
|
|
|
forceMultipart: true,
|
|
|
|
paramsInBody: true,
|
|
|
|
params: parameters
|
|
|
|
},
|
|
|
|
multiple: false,
|
|
|
|
callbacks: {
|
|
|
|
onComplete: function(id, fileName, data) {
|
|
|
|
if (data.success) {
|
|
|
|
if (data.html) {
|
|
|
|
jQuery(\'#sshPublicKeyDiv\').html(data.html);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
alert(data.error);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
});
|
2013-08-15 19:06:57 +00:00
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
';
|
|
|
|
return new htmlJavaScript($content);
|
2013-01-15 21:53:45 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks if all input values are correct and returns the LDAP attributes which should be changed.
|
|
|
|
* <br>Return values:
|
|
|
|
* <br>messages: array of parameters to create status messages
|
|
|
|
* <br>add: array of attributes to add
|
|
|
|
* <br>del: array of attributes to remove
|
|
|
|
* <br>mod: array of attributes to modify
|
|
|
|
* <br>info: array of values with informational value (e.g. to be used later by pre/postModify actions)
|
2015-07-08 19:22:27 +00:00
|
|
|
*
|
2013-01-15 21:53:45 +00:00
|
|
|
* Calling this method does not require the existence of an enclosing {@link accountContainer}.
|
|
|
|
*
|
|
|
|
* @param string $fields input fields
|
|
|
|
* @param array $attributes LDAP attributes
|
|
|
|
* @param boolean $passwordChangeOnly indicates that the user is only allowed to change his password and no LDAP content is readable
|
|
|
|
* @param array $readOnlyFields list of read-only fields
|
|
|
|
* @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array()))
|
|
|
|
*/
|
|
|
|
public function checkSelfServiceOptions($fields, $attributes, $passwordChangeOnly, $readOnlyFields) {
|
|
|
|
$return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
|
|
|
|
if ($passwordChangeOnly) {
|
|
|
|
return $return; // skip processing if only a password change is done
|
|
|
|
}
|
|
|
|
if (in_array('sshPublicKey', $fields)) {
|
2013-08-15 19:06:57 +00:00
|
|
|
$newKeys = array();
|
|
|
|
$counter = 0;
|
|
|
|
while (isset($_POST['sshPublicKey_' . $counter])) {
|
|
|
|
$newKeys[] = $_POST['sshPublicKey_' . $counter];
|
|
|
|
$counter++;
|
|
|
|
}
|
2013-01-15 21:53:45 +00:00
|
|
|
$count = sizeof($newKeys);
|
|
|
|
for ($i = 0; $i < $count; $i++) {
|
|
|
|
if (trim($newKeys[$i]) == '') {
|
|
|
|
unset($newKeys[$i]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
$newKeys = array_values(array_unique($newKeys));
|
|
|
|
$oldKeys = array();
|
|
|
|
if (isset($attributes['sshPublicKey'][0])) {
|
|
|
|
$oldKeys = $attributes['sshPublicKey'];
|
|
|
|
}
|
|
|
|
$update = false;
|
|
|
|
if (sizeof($newKeys) != sizeof($oldKeys)) {
|
|
|
|
$update = true;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
for ($i = 0; $i < sizeof($newKeys); $i++) {
|
|
|
|
if (!in_array($newKeys[$i], $oldKeys)) {
|
|
|
|
$update = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ($update) {
|
|
|
|
if (sizeof($oldKeys) == 0) {
|
|
|
|
$return['add']['sshPublicKey'] = $newKeys;
|
|
|
|
}
|
|
|
|
elseif (sizeof($newKeys) == 0) {
|
|
|
|
$return['del']['sshPublicKey'] = $newKeys;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$return['mod']['sshPublicKey'] = $newKeys;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $return;
|
|
|
|
}
|
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
/**
|
|
|
|
* Manages AJAX requests.
|
|
|
|
* This function may be called with or without an account container.
|
|
|
|
*/
|
|
|
|
public function handleAjaxRequest() {
|
|
|
|
// AJAX uploads are non-JSON
|
|
|
|
if (isset($_GET['action']) && ($_GET['action'] == 'ajaxKeyUpload')) {
|
|
|
|
$this->ajaxUpload();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
$jsonInput = $_POST['jsonInput'];
|
|
|
|
$jsonReturn = self::invalidAjaxRequest();
|
|
|
|
if (isset($jsonInput['action'])) {
|
|
|
|
if ($jsonInput['action'] == 'deleteKey') {
|
|
|
|
$jsonReturn = $this->ajaxDeleteSelfServiceKey($jsonInput);
|
|
|
|
}
|
|
|
|
elseif ($jsonInput['action'] == 'addKey') {
|
|
|
|
$_SESSION[self::SESS_KEY_LIST][] = '';
|
|
|
|
ob_start();
|
|
|
|
$contentElement = $this->getSelfServiceKeys();
|
|
|
|
ob_end_clean();
|
|
|
|
ob_start();
|
|
|
|
$tabindex = 999;
|
|
|
|
parseHtml(null, $contentElement, array(), true, $tabindex, $this->get_scope());
|
|
|
|
$content = ob_get_contents();
|
|
|
|
ob_end_clean();
|
|
|
|
$jsonReturn = array(
|
|
|
|
'errorsOccured' => 'false',
|
|
|
|
'html' => $content,
|
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
echo json_encode($jsonReturn);
|
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
/**
|
|
|
|
* Handles an AJAX file upload and prints the JSON result.
|
|
|
|
*/
|
|
|
|
private function ajaxUpload() {
|
|
|
|
$x = $_GET;
|
|
|
|
$y = $_FILES;
|
|
|
|
$result = array('success' => true);
|
|
|
|
if (!isset($_FILES['qqfile']) || ($_FILES['qqfile']['size'] < 10)) {
|
|
|
|
$result = array('error' => _('No file received.'));
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$handle = fopen($_FILES['qqfile']['tmp_name'], "r");
|
|
|
|
$data = fread($handle, 100000000);
|
|
|
|
fclose($handle);
|
2015-07-26 07:58:42 +00:00
|
|
|
if (is_executable('/usr/bin/ssh-keygen')) {
|
|
|
|
$out = array();
|
|
|
|
$retVal = 0;
|
|
|
|
exec('/usr/bin/ssh-keygen -l -f ' . escapeshellarg($_FILES['qqfile']['tmp_name']), $out, $retVal);
|
|
|
|
if ($retVal !== 0) {
|
|
|
|
$result = array('error' => $this->messages['file'][1][1]);
|
|
|
|
echo json_encode($result);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
2013-08-15 19:06:57 +00:00
|
|
|
$data = str_replace("\r\n", "\n", $data);
|
|
|
|
$data = str_replace("\r", "\n", $data);
|
|
|
|
$lines = explode("\n", $data);
|
|
|
|
foreach ($lines as $line) {
|
|
|
|
if (!empty($line) && !(strpos($line, '#') === 0)) {
|
|
|
|
$_SESSION[self::SESS_KEY_LIST][] = $line;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
$_SESSION[self::SESS_KEY_LIST] = array_values(array_unique($_SESSION[self::SESS_KEY_LIST]));
|
|
|
|
ob_start();
|
|
|
|
$contentElement = $this->getSelfServiceKeys();
|
|
|
|
ob_end_clean();
|
|
|
|
ob_start();
|
|
|
|
$tabindex = 999;
|
|
|
|
parseHtml(null, $contentElement, array(), true, $tabindex, $this->get_scope());
|
|
|
|
$content = ob_get_contents();
|
|
|
|
ob_end_clean();
|
|
|
|
$result['html'] = $content;
|
|
|
|
}
|
|
|
|
echo json_encode($result);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Manages the deletion of a key.
|
2015-07-08 19:22:27 +00:00
|
|
|
*
|
2013-08-15 19:06:57 +00:00
|
|
|
* @param array $data JSON data
|
|
|
|
*/
|
|
|
|
private function ajaxDeleteSelfServiceKey($data) {
|
|
|
|
if (!isset($data['id'])) {
|
|
|
|
return self::invalidAjaxRequest();
|
|
|
|
}
|
|
|
|
$index = $data['id'];
|
|
|
|
if (array_key_exists($index, $_SESSION[self::SESS_KEY_LIST])) {
|
|
|
|
unset($_SESSION[self::SESS_KEY_LIST][$index]);
|
|
|
|
$_SESSION[self::SESS_KEY_LIST] = array_values($_SESSION[self::SESS_KEY_LIST]);
|
|
|
|
}
|
|
|
|
ob_start();
|
|
|
|
$contentElement = $this->getSelfServiceKeys();
|
|
|
|
ob_end_clean();
|
|
|
|
ob_start();
|
|
|
|
$tabindex = 999;
|
|
|
|
parseHtml(null, $contentElement, array(), true, $tabindex, $this->get_scope());
|
|
|
|
$content = ob_get_contents();
|
|
|
|
ob_end_clean();
|
|
|
|
return array(
|
|
|
|
'errorsOccured' => 'false',
|
|
|
|
'html' => $content,
|
|
|
|
);
|
|
|
|
}
|
2015-07-08 19:22:27 +00:00
|
|
|
|
2013-08-15 19:06:57 +00:00
|
|
|
/**
|
|
|
|
* Invalid AJAX request received.
|
2015-07-08 19:22:27 +00:00
|
|
|
*
|
2013-08-15 19:06:57 +00:00
|
|
|
* @param String $message error message
|
|
|
|
*/
|
|
|
|
public static function invalidAjaxRequest($message = null) {
|
|
|
|
if ($message == null) {
|
|
|
|
$message = _('Invalid request');
|
|
|
|
}
|
|
|
|
return array('errorsOccured' => 'true', 'errormessage' => $message);
|
|
|
|
}
|
|
|
|
|
2005-10-20 10:52:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
?>
|