268 lines
12 KiB
HTML
268 lines
12 KiB
HTML
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||
|
<html><head><title>Module HowTo - Self service</title>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<link rel="stylesheet" type="text/css" href="style/layout.css">
|
||
|
<link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico"></head><body>
|
||
|
<div style="text-align: center;">
|
||
|
<h1>Module HowTo - Self service<br>
|
||
|
</h1>
|
||
|
<div style="text-align: left;"><br>
|
||
|
Self service is a LAM Pro feature. It allows your users to manage their own data (e.g. telephone numbers).<br>
|
||
|
<br>
|
||
|
</div>
|
||
|
<div style="text-align: left;">First you need to implement the function <span style="font-weight: bold;">getSelfServiceFields()</span> or use <span style="font-weight: bold;">meta['selfServiceFieldSettings']</span>. Each field
|
||
|
has an ID and a descriptive name that will be displayed on the self
|
||
|
service page.<br>
|
||
|
Your input fields may also be defined as read-only in the self service
|
||
|
profile editor. If your fields supports read-only then use
|
||
|
canSelfServiceFieldBeReadOnly() or <span style="font-weight: bold;">meta['selfServiceReadOnlyFields']</span>.<br>
|
||
|
<br>
|
||
|
<span style="font-weight: bold; text-decoration: underline;">Example:</span><br style="font-weight: bold; text-decoration: underline;">
|
||
|
<br>
|
||
|
The <span style="font-style: italic;">inetOrgPerson</span> module
|
||
|
provides lots of possible input fields for the self service.<br>
|
||
|
<br>
|
||
|
<table style="width: 100%; text-align: left;" class="mod-code" border="0" cellpadding="2" cellspacing="2">
|
||
|
<tbody>
|
||
|
<tr>
|
||
|
<td style="vertical-align: top;"> /**<br>
|
||
|
* Returns meta data that is interpreted by parent
|
||
|
class<br>
|
||
|
*<br>
|
||
|
* @return array array with meta data<br>
|
||
|
*/<br>
|
||
|
<span style="font-weight: bold;"> function</span>
|
||
|
get_metaData() {<br>
|
||
|
$return = array();<br>
|
||
|
$return['selfServiceFieldSettings'] =
|
||
|
array('firstName' => _('First name'), 'lastName' => _('Last
|
||
|
name'),<br>
|
||
|
'mail' =>
|
||
|
_('Email address'), 'telephoneNumber' => _('Telephone number'),
|
||
|
'mobile' => _('Mobile number'),<br>
|
||
|
'faxNumber'
|
||
|
=> _('Fax number'), 'street' => _('Street'), 'postalAddress'
|
||
|
=> _('Postal address'), 'registeredAddress' => _('Registered
|
||
|
address'),<br>
|
||
|
'postalCode'
|
||
|
=> _('Postal code'), 'postOfficeBox' => _('Post office box'),
|
||
|
'jpegPhoto' => _('Photo'),<br>
|
||
|
'homePhone'
|
||
|
=> _('Home telephone number'), 'roomNumber' => _('Room number'),
|
||
|
'carLicense' => _('Car license'),<br>
|
||
|
'location'
|
||
|
=> _('Location'), 'state' => _('State'), 'officeName' =>
|
||
|
_('Office name'), 'businessCategory' => _('Business category'),<br>
|
||
|
|
||
|
'departmentNumber' => _('Department'), 'initials' =>
|
||
|
_('Initials'), 'title' => _('Job title'), 'labeledURI' => _('Web
|
||
|
site'),<br>
|
||
|
'userCertificate' => _('User certificates'));<br>
|
||
|
// possible self service read-only fields<br>
|
||
|
|
||
|
$return['selfServiceReadOnlyFields'] = array('firstName',
|
||
|
'lastName', 'mail', 'telephoneNumber', 'mobile', 'faxNumber', 'street',<br>
|
||
|
|
||
|
'postalAddress', 'registeredAddress', 'postalCode',
|
||
|
'postOfficeBox', 'jpegPhoto', 'homePhone', 'roomNumber', 'carLicense',<br>
|
||
|
'location',
|
||
|
'state', 'officeName', 'businessCategory', 'departmentNumber',
|
||
|
'initials', 'title', 'labeledURI', 'userCertificate');<br>
|
||
|
[...]<br>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
<br>
|
||
|
<br>
|
||
|
In very rare cases you need to specify self service search attributes.
|
||
|
These are used to identify the user inside LDAP. Common examples are
|
||
|
"uid" or "mail".<br>
|
||
|
<br>
|
||
|
<span style="font-weight: bold; text-decoration: underline;">Example:</span><br style="font-weight: bold; text-decoration: underline;">
|
||
|
|
||
|
<br>
|
||
|
|
||
|
The <span style="font-style: italic;">inetOrgPerson</span> module specifies several search attributes.<br>
|
||
|
|
||
|
<br>
|
||
|
|
||
|
<table style="width: 100%; text-align: left;" class="mod-code" border="0" cellpadding="2" cellspacing="2">
|
||
|
|
||
|
<tbody>
|
||
|
<tr>
|
||
|
<td style="vertical-align: top;"> /**<br>
|
||
|
* Returns meta data that is interpreted by parent
|
||
|
class<br>
|
||
|
*<br>
|
||
|
* @return array array with meta data<br>
|
||
|
*/<br>
|
||
|
<span style="font-weight: bold;"> function</span>
|
||
|
get_metaData() {<br>
|
||
|
$return = array();<br> // self service search attributes<br>
|
||
|
|
||
|
$return['selfServiceSearchAttributes'] = array('uid', 'mail',
|
||
|
'cn', 'surname', 'givenName', 'employeeNumber');<br>
|
||
|
[...]<br>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
|
||
|
<br>
|
||
|
|
||
|
<br>
|
||
|
|
||
|
The HTML code for the user page is generated with the function <span style="font-weight: bold;">getSelfServiceOptions()</span>. It returns one table row for each input field.<br>
|
||
|
Please note that some fields may be defined as read-only
|
||
|
($readOnlyFields). If $passwordChangeOnly is set then no input fields
|
||
|
other than the bind password should be displayed (you will not get any
|
||
|
attribute values).<br>
|
||
|
|
||
|
|
||
|
|
||
|
<br>
|
||
|
<span style="font-weight: bold; text-decoration: underline;">Example:</span><br style="font-weight: bold; text-decoration: underline;">
|
||
|
|
||
|
|
||
|
<br>
|
||
|
|
||
|
|
||
|
The <span style="font-style: italic;">windowsUser</span> module uses
|
||
|
the addSimpleSelfServiceTextField() function from baseModule to print
|
||
|
the text field. You may also build the table row yourself if the input
|
||
|
field is more complex.<br>
|
||
|
<br>
|
||
|
|
||
|
|
||
|
<table style="width: 100%; text-align: left;" class="mod-code" border="0" cellpadding="2" cellspacing="2">
|
||
|
|
||
|
|
||
|
<tbody>
|
||
|
<tr>
|
||
|
<td style="vertical-align: top;"> /**<br>
|
||
|
* Returns the meta HTML code for each input field.<br>
|
||
|
* format: array(<field1> => array(<META HTML>), ...)<br>
|
||
|
* It is not possible to display help links.<br>
|
||
|
*<br>
|
||
|
* @param array $fields list of active fields<br>
|
||
|
* @param array $attributes attributes of LDAP account<br>
|
||
|
* @param boolean $passwordChangeOnly indicates
|
||
|
that the user is only allowed to change his password and no LDAP
|
||
|
content is readable<br>
|
||
|
* @param array $readOnlyFields list of read-only fields<br>
|
||
|
* @return array list of meta HTML elements (field name => htmlTableRow)<br>
|
||
|
*/<br>
|
||
|
function getSelfServiceOptions($fields, $attributes, $passwordChangeOnly, $readOnlyFields) {<br>
|
||
|
$return = array();<br>
|
||
|
if ($passwordChangeOnly) {<br>
|
||
|
return
|
||
|
$return; // only password fields as long no LDAP content can be read<br>
|
||
|
}<br>
|
||
|
|
||
|
$this->addSimpleSelfServiceTextField($return,
|
||
|
'physicalDeliveryOfficeName', _('Office name'), $fields, $attributes,
|
||
|
$readOnlyFields);<br>
|
||
|
[...]<br>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
|
||
|
|
||
|
<br>
|
||
|
|
||
|
|
||
|
<br>
|
||
|
Of course, the user input should also be validated before making any LDAP changes. This is done in <span style="font-weight: bold;">checkSelfServiceOptions()</span>.<br>
|
||
|
The return value includes any error messages to display and also all LDAP operations.<br>
|
||
|
Please note that some fields may be defined as read-only
|
||
|
($readOnlyFields). If $passwordChangeOnly is set then no input fields
|
||
|
other than the bind
|
||
|
password should be displayed (you will not get any attribute values).<br>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<br>
|
||
|
<span style="font-weight: bold; text-decoration: underline;">Example:</span><br style="font-weight: bold; text-decoration: underline;">
|
||
|
|
||
|
|
||
|
|
||
|
<br>
|
||
|
The <span style="font-style: italic;">inetOrgPerson</span> module has a field for the user's first name.<br>
|
||
|
<br>
|
||
|
|
||
|
|
||
|
|
||
|
<table style="width: 100%; text-align: left;" class="mod-code" border="0" cellpadding="2" cellspacing="2">
|
||
|
|
||
|
|
||
|
|
||
|
<tbody>
|
||
|
<tr>
|
||
|
<td style="vertical-align: top;"> /**<br>
|
||
|
* Checks if all input values are correct and returns the LDAP attributes which should be changed.<br>
|
||
|
* <br>Return values:<br>
|
||
|
* <br>messages: array of parameters to create status messages<br>
|
||
|
* <br>add: array of attributes to add<br>
|
||
|
* <br>del: array of attributes to remove<br>
|
||
|
* <br>mod: array of attributes to modify<br>
|
||
|
* <br>info: array of values with
|
||
|
informational value (e.g. to be used later by pre/postModify actions)<br>
|
||
|
* <br>
|
||
|
* Calling this method does not require the existence of an enclosing {@link accountContainer}.<br>
|
||
|
*<br>
|
||
|
* @param string $fields input fields<br>
|
||
|
* @param array $attributes LDAP attributes<br>
|
||
|
* @param boolean $passwordChangeOnly indicates
|
||
|
that the user is only allowed to change his password and no LDAP
|
||
|
content is readable<br>
|
||
|
* @param array $readOnlyFields list of read-only fields<br>
|
||
|
* @return array messages and attributes
|
||
|
(array('messages' => array(), 'add' => array('mail' =>
|
||
|
array('test@test.com')), 'del' => array(), 'mod' => array(),
|
||
|
'info' => array()))<br>
|
||
|
*/<br>
|
||
|
function checkSelfServiceOptions($fields, $attributes, $passwordChangeOnly, $readOnlyFields) {<br>
|
||
|
$return = array('messages' =>
|
||
|
array(), 'add' => array(), 'del' => array(), 'mod' => array(),
|
||
|
'info' => array());<br>
|
||
|
if ($passwordChangeOnly) {<br>
|
||
|
return $return; // skip processing if only a password change is done<br>
|
||
|
}<br>
|
||
|
$attributeNames = array(); // list of attributes which should be checked for modification<br>
|
||
|
$attributesNew = $attributes;<br>
|
||
|
// first name<br>
|
||
|
if (in_array('firstName', $fields) && !in_array('firstName', $readOnlyFields)) {<br>
|
||
|
$attributeNames[] = 'givenName';<br>
|
||
|
if
|
||
|
(isset($_POST['inetOrgPerson_firstName']) &&
|
||
|
($_POST['inetOrgPerson_firstName'] != '')) {<br>
|
||
|
|
||
|
if (!get_preg($_POST['inetOrgPerson_firstName'],
|
||
|
'realname')) $return['messages'][] = $this->messages['givenName'][0];<br>
|
||
|
|
||
|
else $attributesNew['givenName'][0] =
|
||
|
$_POST['inetOrgPerson_firstName'];<br>
|
||
|
}<br>
|
||
|
elseif
|
||
|
(isset($attributes['givenName'])) unset($attributesNew['givenName']);<br>
|
||
|
}<br>
|
||
|
[...]<br>
|
||
|
</td></tr></tbody>
|
||
|
</table>
|
||
|
<br>
|
||
|
<br>
|
||
|
The self service also supports configuration settings for each module. See <span style="font-weight: bold;">getSelfServiceSettings() </span>or <span style="font-weight: bold;">meta['selfServiceSettings'] </span>to specify the options.<br>
|
||
|
You can validate the input with <span style="font-weight: bold;">checkSelfServiceSettings()</span>.<br>
|
||
|
Self service configuration settings are displayed on a separate tab in the self service profile editor.<br>
|
||
|
<br>
|
||
|
<span style="font-weight: bold;"></span>
|
||
|
<h2><span style="font-weight: bold;"></span></h2>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body></html>
|