fixed additional group handling

This commit is contained in:
Roland Gruber 2005-10-08 14:35:30 +00:00
parent 45614e7bce
commit 1e0c6be290
1 changed files with 15 additions and 39 deletions

View File

@ -409,8 +409,10 @@ class posixAccount extends baseModule {
function init($base) { function init($base) {
// call parent init // call parent init
parent::init($base); parent::init($base);
$groups = $_SESSION['cache']->findgroups(); // list of all groupnames
$this->createhomedir=false; $this->createhomedir=false;
$this->groups = array();
$this->groups_orig = array();
$groups = $_SESSION['cache']->findgroups(); // list of all groupnames
if (count($groups)==0) { if (count($groups)==0) {
StatusMessage("ERROR", _('No Unix groups found in LDAP! Please create one first.'), ''); StatusMessage("ERROR", _('No Unix groups found in LDAP! Please create one first.'), '');
return; return;
@ -451,15 +453,14 @@ class posixAccount extends baseModule {
// get additional group memberships // get additional group memberships
$dn_groups = $_SESSION['cache']->get_cache(array('memberUid', 'cn'), 'posixGroup', 'group'); $dn_groups = $_SESSION['cache']->get_cache(array('memberUid', 'cn'), 'posixGroup', 'group');
if (is_array($dn_groups)) { if (is_array($dn_groups)) {
if (!is_array($this->groups)) $this->groups = array();
$DNs = array_keys($dn_groups); $DNs = array_keys($dn_groups);
for ($i = 0; $i < sizeof($DNs); $i++) { for ($i = 0; $i < sizeof($DNs); $i++) {
if (isset($dn_groups[$DNs[$i]]['memberUid'][0])) { if (isset($dn_groups[$DNs[$i]]['memberUid'][0])) {
if (in_array($attr['uid'][0], $dn_groups[$DNs[$i]]['memberUid'])) $this->groups[] = $dn_groups[$DNs[$i]]['cn'][0]; if (in_array($attr['uid'][0], $dn_groups[$DNs[$i]]['memberUid'])) $this->groups[] = $dn_groups[$DNs[$i]]['cn'][0];
} }
} }
$this->groups_orig = $this->groups;
} }
$this->groups_orig = $this->groups;
return 0; return 0;
} }
@ -548,44 +549,19 @@ class posixAccount extends baseModule {
} }
} }
else { else {
if (is_array($this->groups)) { // update groups.
// There are some additional groups defined
if (is_array($this->groups_orig)) {
//There are some old groups.
$add = array_delete($this->groups_orig, $this->groups); $add = array_delete($this->groups_orig, $this->groups);
$remove = array_delete($this->groups, $this->groups_orig); $remove = array_delete($this->groups, $this->groups_orig);
$dn_cns = $_SESSION['cache']->get_cache('cn', 'posixGroup', 'group'); $dn_cns = $_SESSION['cache']->get_cache('cn', 'posixGroup', 'group');
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) // get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys($dn_cns); $DNs = array_keys($dn_cns);
foreach ($DNs as $DN) { foreach ($DNs as $DN) {
if (is_array($add)) if (is_array($add)) {
if (in_array($dn_cns[$DN][0], $add)) $return[$DN]['add']['memberUid'][] = $this->attributes['uid'][0]; if (in_array($dn_cns[$DN][0], $add)) $return[$DN]['add']['memberUid'][] = $this->attributes['uid'][0];
if (is_array($remove)) }
if (is_array($remove)) {
if (in_array($dn_cns[$DN][0], $remove)) $return[$DN]['remove']['memberUid'][] = $this->attributes['uid'][0]; if (in_array($dn_cns[$DN][0], $remove)) $return[$DN]['remove']['memberUid'][] = $this->attributes['uid'][0];
} }
// primary group mut also be removed if it has changed after setting additional groups
if (in_array($_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]), $this->groups_orig)) $return[$DN]['remove']['memberUid'][] = $this->attributes['uid'];
}
else {
// Add user to every group
$dn_cns = $_SESSION['cache']->get_cache('cn', 'posixGroup', 'group');
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys($dn_cns);
foreach ($DNs as $DN) {
if (in_array($dn_cns[$DN][0], $this->groups)) $return[$DN]['add']['memberUid'][] = $this->attributes['uid'][0];
}
}
}
else {
if (is_array($this->groups_orig)) {
//There are some old groups which have to be removed
$dn_cns = $_SESSION['cache']->get_cache('cn', 'posixGroup', 'group');
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys($dn_cns);
foreach ($DNs as $DN) {
if (in_array($dn_cns[$DN][0], $this->orig['groups'])) $return[$DN]['remove']['memberUid'][] = $this->attributes['uid'][0];
}
}
} }
} }
// fixme TODO lamdeamon without DN // fixme TODO lamdeamon without DN