diff --git a/lam/HISTORY b/lam/HISTORY
index f75abe3b..f97bbf1c 100644
--- a/lam/HISTORY
+++ b/lam/HISTORY
@@ -1,5 +1,6 @@
June 2010 3.1.0
- Asterisk voicemail support
+ - new hosts module for user accounts to define valid login workstations (replaces inetOrgPerson schema hack) (2951116)
- fixed bugs:
-> Asterisk password handling (patch 2979728)
diff --git a/lam/lib/modules/hostObject.inc b/lam/lib/modules/hostObject.inc
new file mode 100644
index 00000000..65883f2f
--- /dev/null
+++ b/lam/lib/modules/hostObject.inc
@@ -0,0 +1,285 @@
+autoAddObjectClasses = false;
+ }
+
+ /**
+ * Returns meta data that is interpreted by parent class
+ *
+ * @return array array with meta data
+ *
+ * @see baseModule::get_metaData()
+ */
+ function get_metaData() {
+ $return = array();
+ // icon
+ $return['icon'] = 'computer.png';
+ // manages host accounts
+ $return["account_types"] = array("user");
+ // alias name
+ $return["alias"] = _("Hosts");
+ // module dependencies
+ $return['dependencies'] = array('depends' => array(), 'conflicts' => array());
+ // managed object classes
+ $return['objectClasses'] = array('hostObject');
+ // managed attributes
+ $return['attributes'] = array('host');
+ // help Entries
+ $return['help'] = array(
+ 'host' => array(
+ "Headline" => _("Hosts"),
+ "Text" => _("Here you can specify the list of host names where this account has login privileges. The wildcard \"*\" represents all hosts. You may also use \"!\" in front of a host name to deny access to a host.")
+ ),
+ 'autoAdd' => array(
+ "Headline" => _("Automatically add this extension"),
+ "Text" => _("This will enable the extension automatically if this profile is loaded.")
+ )
+ );
+ // upload fields
+ $return['upload_columns'] = array(
+ array(
+ 'name' => 'hostObject_hosts',
+ 'description' => _('Host list'),
+ 'help' => 'host',
+ 'example' => _('pc01,pc02')
+ )
+ );
+ // available PDF fields
+ $return['PDF_fields'] = array(
+ 'hosts'
+ );
+ $return['profile_options'] = array(
+ array(
+ array('kind' => 'text', 'text' => _('Automatically add this extension') . ":"),
+ array('kind' => 'input', 'name' => 'hostObject_addExt', 'type' => 'checkbox'),
+ array('kind' => 'help', 'value' => 'autoAdd')),
+ );
+ return $return;
+ }
+
+ /**
+ * This function fills the error message array with messages
+ */
+ function load_Messages() {
+ $this->messages['host'][0] = array('ERROR', 'Please enter a valid host name.'); // third array value is set dynamically
+ $this->messages['host'][1] = array('ERROR', _('Account %s:') . ' hostObject_host', _('Please enter a valid list of host names.'));
+ }
+
+ /**
+ * Returns a list of modifications which have to be made to the LDAP account.
+ *
+ * @return array list of modifications
+ *
This function returns an array with 3 entries:
+ *
array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
+ *
DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
+ *
"add" are attributes which have to be added to LDAP entry
+ *
"remove" are attributes which have to be removed from LDAP entry
+ *
"modify" are attributes which have to been modified in LDAP entry
+ */
+ function save_attributes() {
+ if (!in_array('hostObject', $this->attributes['objectClass']) && !in_array('hostObject', $this->orig['objectClass'])) {
+ // skip saving if the extension was not added/modified
+ return array();
+ }
+ return parent::save_attributes();
+ }
+
+ /**
+ * Returns the HTML meta data for the main account page.
+ *
+ * @return array HTML meta data
+ */
+ function display_html_attributes() {
+ if (isset($_POST['form_subpage_hostObject_attributes_addObjectClass'])) {
+ $this->attributes['objectClass'][] = 'hostObject';
+ }
+ $return = array();
+ if (in_array('hostObject', $this->attributes['objectClass'])) {
+ // list current hosts
+ for ($i = 0; $i < sizeof($this->attributes['host']); $i++) {
+ $return[] = array(
+ array('kind' => 'text', 'text' => _('Host')),
+ array('kind' => 'input', 'name' => 'host' . $i, 'type' => 'text', 'size' => '20', 'value' => $this->attributes['host'][$i]),
+ array('kind' => 'input', 'type' => 'submit', 'name' => 'delHost' . $i, 'title' => _("Remove"), 'value' => ' ', 'image' => 'del.png'),
+ array('kind' => 'help', 'value' => 'host'));
+ }
+ // input box for new host
+ $return[] = array(
+ array('kind' => 'text', 'text' => _('New host')),
+ array('kind' => 'input', 'name' => 'host', 'type' => 'text', 'size' => '20', 'value' => ''),
+ array('kind' => 'input', 'type' => 'submit', 'name' => 'addHost', 'title' => _("Add"), 'value' => ' ', 'image' => 'add.png'),
+ array('kind' => 'help', 'value' => 'host'),
+ array('kind' => 'input', 'type' => 'hidden', 'value' => sizeof($this->attributes['host']), 'name' => 'host_number'));
+ $return[] = array(
+ array('kind' => 'text', 'text' => ' ')
+ );
+ $return[] = array(
+ array('kind' => 'input', 'type' => 'submit', 'name' => 'form_subpage_hostObject_attributes_remObjectClass',
+ 'value' => _('Remove host extension'), 'td' => array('colspan' => '4'))
+ );
+ }
+ else {
+ $return[] = array(
+ array('kind' => 'text', 'text' => ' '),
+ array('kind' => 'input', 'type' => 'submit', 'name' => 'form_subpage_hostObject_attributes_addObjectClass', 'value' => _('Add host extension'))
+ );
+ }
+ return $return;
+ }
+
+ /**
+ * Processes user input of the primary module page.
+ * It checks if all input values are correct and updates the associated LDAP attributes.
+ *
+ * @return array list of info/error messages
+ */
+ function process_attributes() {
+ if (isset($_POST['form_subpage_hostObject_attributes_remObjectClass'])) {
+ $this->attributes['objectClass'] = array_delete(array('hostObject'), $this->attributes['objectClass']);
+ if (isset($this->attributes['host'])) unset($this->attributes['host']);
+ return array();
+ }
+ if (!in_array('hostObject', $this->attributes['objectClass'])) {
+ return array();
+ }
+ $errors = array();
+ $this->attributes['host'] = array();
+ // check old hosts
+ if (isset($_POST['host_number'])) {
+ for ($i = 0; $i < $_POST['host_number']; $i++) {
+ if (isset($_POST['delHost' . $i])) continue;
+ if (isset($_POST['host' . $i]) && ($_POST['host' . $i] != "")) {
+ // check if host has correct format
+ if (!get_preg($_POST['host' . $i], 'hostObject')) {
+ $message = $this->messages['host'][0];
+ $message[] = $_POST['host' . $i];
+ $errors[] = $message;
+ }
+ $this->attributes['host'][] = $_POST['host' . $i];
+ }
+ }
+ }
+ // check new host
+ if (isset($_POST['host']) && ($_POST['host'] != "")) {
+ // check if host has correct format
+ if (get_preg($_POST['host'], 'hostObject')) {
+ $this->attributes['host'][] = $_POST['host'];
+ }
+ else {
+ $message = $this->messages['host'][0];
+ $message[] = $_POST['host'];
+ $errors[] = $message;
+ }
+ }
+ $this->attributes['host'] = array_unique($this->attributes['host']);
+ return $errors;
+ }
+
+ /**
+ * In this function the LDAP account is built up.
+ *
+ * @param array $rawAccounts list of hash arrays (name => value) from user input
+ * @param array $partialAccounts list of hash arrays (name => value) which are later added to LDAP
+ * @param array $ids list of IDs for column position (e.g. "posixAccount_uid" => 5)
+ * @param array $selectedModules list of selected account modules
+ * @return array list of error messages if any
+ */
+ function build_uploadAccounts($rawAccounts, $ids, &$partialAccounts, $selectedModules) {
+ $messages = array();
+ for ($i = 0; $i < sizeof($rawAccounts); $i++) {
+ // add object class
+ if (!in_array("hostObject", $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = "hostObject";
+ // add hosts
+ if ($rawAccounts[$i][$ids['hostObject_hosts']] != "") {
+ $hosts = explode(',', $rawAccounts[$i][$ids['hostObject_hosts']]);
+ // check format
+ for ($a = 0; $a < sizeof($hosts); $a++) {
+ if (get_preg($hosts[$a], 'hostObject')) {
+ $partialAccounts[$i]['host'][] = $hosts[$a];
+ }
+ else {
+ $errMsg = $this->messages['host'][1];
+ array_push($errMsg, array($i));
+ $messages[] = $errMsg;
+ }
+ }
+ }
+ }
+ return $messages;
+ }
+
+ /**
+ * Returns the PDF entries for this module.
+ *
+ * @return array list of possible PDF entries
+ */
+ function get_pdfEntries() {
+ $return = array();
+ if (sizeof($this->attributes['host']) > 0) {
+ $return['hostObject_hosts'][0] = '' . _('Host list') . '' . implode(', ', $this->attributes['host']) . '';
+ }
+ return $return;
+ }
+
+ /**
+ * Loads the values of an account profile into internal variables.
+ *
+ * @param array $profile hash array with profile values (identifier => value)
+ */
+ function load_profile($profile) {
+ // profile mappings in meta data
+ parent::load_profile($profile);
+ // add extension
+ if ($profile['hostObject_addExt'][0] == "true") {
+ if (!in_array('hostObject', $this->attributes['objectClass'])) {
+ $this->attributes['objectClass'][] = 'hostObject';
+ }
+ }
+ }
+
+}
+
+
+?>