WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

support Samba 4

This commit is contained in:
Roland Gruber 2013-08-18 12:24:53 +00:00
parent bad02085dc
commit 24646635f9
1 changed files with 297 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

474
lam/lib/modules/posixAccount.inc
View File

@ -73,6 +73,18 @@ class posixAccount extends baseModule implements passwordService {
'ß' => 'ss', 'é' => 'e', 'è' => 'e', 'ô' => 'o', 'ç' => 'c' 'ß' => 'ss', 'é' => 'e', 'è' => 'e', 'ô' => 'o', 'ç' => 'c'
); );
/**
* Creates a new windowsPosixGroup object.
*
* @param string $scope account type (user, group, host)
*/
public function __construct($scope) {
// call parent constructor
parent::__construct($scope);
// make optional if needed
$this->autoAddObjectClasses = !$this->isOptional();
}
/** /**
* This function fills the error message array with messages. * This function fills the error message array with messages.
**/ **/
@ -154,8 +166,11 @@ class posixAccount extends baseModule implements passwordService {
// LDAP aliases // LDAP aliases
$return['LDAPaliases'] = array('commonName' => 'cn', 'userid' => 'uid'); $return['LDAPaliases'] = array('commonName' => 'cn', 'userid' => 'uid');
// managed attributes // managed attributes
$return['attributes'] = array('cn', 'uid', 'uidNumber', 'gidNumber', 'homeDirectory', $return['attributes'] = array('uid', 'uidNumber', 'gidNumber', 'homeDirectory',
'userPassword', 'loginShell', 'gecos', 'INFO.userPasswordClearText'); 'userPassword', 'loginShell', 'gecos', 'INFO.userPasswordClearText');
if ($this->manageCn()) {
$return['attributes'][] = 'cn';
}
if ($this->get_scope() == "user") { if ($this->get_scope() == "user") {
// self service search attributes // self service search attributes
$return['selfServiceSearchAttributes'] = array('uid'); $return['selfServiceSearchAttributes'] = array('uid');
@ -264,12 +279,6 @@ class posixAccount extends baseModule implements passwordService {
'required' => true, 'required' => true,
'unique' => true 'unique' => true
), ),
array(
'name' => 'posixAccount_cn',
'description' => _('Common name'),
'help' => 'cn',
'example' => _('Steve Miller')
),
array( array(
'name' => 'posixAccount_uid', 'name' => 'posixAccount_uid',
'description' => _('UID number'), 'description' => _('UID number'),
@ -326,6 +335,14 @@ class posixAccount extends baseModule implements passwordService {
'default' => 'false' 'default' => 'false'
), ),
); );
if ($this->manageCn()) {
array_unshift($return['upload_columns'], array(
'name' => 'posixAccount_cn',
'description' => _('Common name'),
'help' => 'cn',
'example' => _('Steve Miller')
));
}
if (!$this->isBooleanConfigOptionSet('posixAccount_hidegecos')) { if (!$this->isBooleanConfigOptionSet('posixAccount_hidegecos')) {
$return['upload_columns'][] = array( $return['upload_columns'][] = array(
'name' => 'posixAccount_gecos', 'name' => 'posixAccount_gecos',
@ -391,9 +408,11 @@ class posixAccount extends baseModule implements passwordService {
'additionalGroups' => _('Additional groups'), 'additionalGroups' => _('Additional groups'),
'homeDirectory' => _('Home directory'), 'homeDirectory' => _('Home directory'),
'loginShell' => _('Login shell'), 'loginShell' => _('Login shell'),
'cn' => _('Common name'),
'userPassword' => _('Password') 'userPassword' => _('Password')
)); ));
if ($this->manageCn()) {
$return['PDF_fields']['cn'] = _('Common name');
}
if (!$this->isBooleanConfigOptionSet('posixAccount_hidegecos')) { if (!$this->isBooleanConfigOptionSet('posixAccount_hidegecos')) {
$return['PDF_fields']['gecos'] = _('Gecos'); $return['PDF_fields']['gecos'] = _('Gecos');
} }
@ -402,6 +421,10 @@ class posixAccount extends baseModule implements passwordService {
} }
// help Entries // help Entries
$return['help'] = array( $return['help'] = array(
'autoAdd' => array(
"Headline" => _("Automatically add this extension"),
"Text" => _("This will enable the extension automatically if this profile is loaded.")
),
'userNameSuggestion' => array( 'userNameSuggestion' => array(
"Headline" => _("User name suggestion"), "Headline" => _("User name suggestion"),
"Text" => _("LAM will suggest a user name based on e.g. first and last name. Here you can specify the suggestion. %sn% will be replaced by the last name. @givenname@ will be replaced by the first character of first name. Only attributes of tab Personal may be used.") "Text" => _("LAM will suggest a user name based on e.g. first and last name. Here you can specify the suggestion. %sn% will be replaced by the last name. @givenname@ will be replaced by the first character of first name. Only attributes of tab Personal may be used.")
@ -557,6 +580,10 @@ class posixAccount extends baseModule implements passwordService {
* @return boolean true, if settings are complete * @return boolean true, if settings are complete
*/ */
function module_complete() { function module_complete() {
if (!isset($this->attributes['objectClass']) || !in_array('posixAccount', $this->attributes['objectClass'])) {
// no checks if object class is not set
return true;
}
if (!isset($this->attributes['uid'][0]) || ($this->attributes['uid'][0] == '')) return false; if (!isset($this->attributes['uid'][0]) || ($this->attributes['uid'][0] == '')) return false;
if (!isset($this->attributes['uidNumber'][0]) || ($this->attributes['uidNumber'][0] == '')) return false; if (!isset($this->attributes['uidNumber'][0]) || ($this->attributes['uidNumber'][0] == '')) return false;
if (!isset($this->attributes['gidNumber'][0]) || ($this->attributes['gidNumber'][0] == '')) return false; if (!isset($this->attributes['gidNumber'][0]) || ($this->attributes['gidNumber'][0] == '')) return false;
@ -607,6 +634,10 @@ class posixAccount extends baseModule implements passwordService {
*/ */
function save_attributes() { function save_attributes() {
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig); $return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
if (!in_array('posixAccount', $this->attributes['objectClass']) && !in_array('posixAccount', $this->orig['objectClass'])) {
// skip saving if the extension was not added/modified
return array();
}
// add information about clear text password and password status change // add information about clear text password and password status change
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordClearText'][0] = $this->clearTextPassword; $return[$this->getAccountContainer()->dn_orig]['info']['userPasswordClearText'][0] = $this->clearTextPassword;
if (isset($this->orig['userPassword'][0]) && isset($this->attributes['userPassword'][0])) { if (isset($this->orig['userPassword'][0]) && isset($this->attributes['userPassword'][0])) {
@ -621,50 +652,60 @@ class posixAccount extends baseModule implements passwordService {
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordStatusChange'][0] = 'unlocked'; $return[$this->getAccountContainer()->dn_orig]['info']['userPasswordStatusChange'][0] = 'unlocked';
} }
} }
// Remove primary group from additional groups if (in_array('posixAccount', $this->attributes['objectClass'])) {
if (!isset($this->moduleSettings['posixAccount_primaryGroupAsSecondary'][0]) // Remove primary group from additional groups
|| ($this->moduleSettings['posixAccount_primaryGroupAsSecondary'][0] != 'true')) { if (!isset($this->moduleSettings['posixAccount_primaryGroupAsSecondary'][0])
for ($i=0; $i<count($this->groups); $i++) { || ($this->moduleSettings['posixAccount_primaryGroupAsSecondary'][0] != 'true')) {
if ($this->groups[$i] == $this->getGroupName($this->attributes['gidNumber'][0])) { for ($i=0; $i<count($this->groups); $i++) {
unset($this->groups[$i]); if ($this->groups[$i] == $this->getGroupName($this->attributes['gidNumber'][0])) {
unset($this->groups[$i]);
}
}
}
else {
// add user as memberuid in primary group
if (!in_array($this->getGroupName($this->attributes['gidNumber'][0]), $this->groups)) {
$this->groups[] = $this->getGroupName($this->attributes['gidNumber'][0]);
}
}
// Set additional group memberships
if (isset($this->orig['uid'][0]) && ($this->orig['uid'][0] != '') && ($this->attributes['uid'][0] != $this->orig['uid'][0])) {
// find affected groups
$groupList = searchLDAPByAttribute('memberUid', $this->orig['uid'][0], 'posixGroup', array('dn'), array('group'));
for ($i = 0; $i < sizeof($groupList); $i++) {
// replace old user name with new one
$return[$groupList[$i]['dn']]['remove']['memberUid'][] = $this->orig['uid'][0];
$return[$groupList[$i]['dn']]['add']['memberUid'][] = $this->attributes['uid'][0];
}
}
else {
// update groups.
$add = array_delete($this->groups_orig, $this->groups);
$remove = array_delete($this->groups, $this->groups_orig);
$groupList = searchLDAPByAttribute('cn', '*', 'posixGroup', array('cn', 'dn'), array('group'));
$dn2cn = array();
for ($i = 0; $i < sizeof($groupList); $i++) {
$cn2dn[$groupList[$i]['cn'][0]] = $groupList[$i]['dn'];
}
for ($i = 0; $i < sizeof($add); $i++) {
if (isset($cn2dn[$add[$i]])) {
$return[$cn2dn[$add[$i]]]['add']['memberUid'][] = $this->attributes['uid'][0];
}
}
for ($i = 0; $i < sizeof($remove); $i++) {
if (isset($cn2dn[$remove[$i]])) {
$return[$cn2dn[$remove[$i]]]['remove']['memberUid'][] = $this->attributes['uid'][0];
}
} }
} }
} }
else { elseif (in_array('posixAccount', $this->orig['objectClass']) && !empty($this->orig['uid'][0])) {
// add user as memberuid in primary group // Unix extension was removed, clean group memberships
if (!in_array($this->getGroupName($this->attributes['gidNumber'][0]), $this->groups)) {
$this->groups[] = $this->getGroupName($this->attributes['gidNumber'][0]);
}
}
// Set additional group memberships
if (isset($this->orig['uid'][0]) && ($this->orig['uid'][0] != '') && ($this->attributes['uid'][0] != $this->orig['uid'][0])) {
// find affected groups
$groupList = searchLDAPByAttribute('memberUid', $this->orig['uid'][0], 'posixGroup', array('dn'), array('group')); $groupList = searchLDAPByAttribute('memberUid', $this->orig['uid'][0], 'posixGroup', array('dn'), array('group'));
for ($i = 0; $i < sizeof($groupList); $i++) { for ($i = 0; $i < sizeof($groupList); $i++) {
// replace old user name with new one // remove user name
$return[$groupList[$i]['dn']]['remove']['memberUid'][] = $this->orig['uid'][0]; $return[$groupList[$i]['dn']]['remove']['memberUid'][] = $this->orig['uid'][0];
$return[$groupList[$i]['dn']]['add']['memberUid'][] = $this->attributes['uid'][0];
}
}
else {
// update groups.
$add = array_delete($this->groups_orig, $this->groups);
$remove = array_delete($this->groups, $this->groups_orig);
$groupList = searchLDAPByAttribute('cn', '*', 'posixGroup', array('cn', 'dn'), array('group'));
$dn2cn = array();
for ($i = 0; $i < sizeof($groupList); $i++) {
$cn2dn[$groupList[$i]['cn'][0]] = $groupList[$i]['dn'];
}
for ($i = 0; $i < sizeof($add); $i++) {
if (isset($cn2dn[$add[$i]])) {
$return[$cn2dn[$add[$i]]]['add']['memberUid'][] = $this->attributes['uid'][0];
}
}
for ($i = 0; $i < sizeof($remove); $i++) {
if (isset($cn2dn[$remove[$i]])) {
$return[$cn2dn[$remove[$i]]]['remove']['memberUid'][] = $this->attributes['uid'][0];
}
} }
} }
return $return; return $return;
@ -905,6 +946,29 @@ class posixAccount extends baseModule implements passwordService {
*/ */
function process_attributes() { function process_attributes() {
$errors = array(); $errors = array();
if (isset($_POST['addObjectClass'])) {
if (!isset($this->attributes['objectClass'])) {
$this->attributes['objectClass'] = array();
}
if (!in_array('posixAccount', $this->attributes['objectClass'])) {
$this->attributes['objectClass'][] = 'posixAccount';
}
return $errors;
}
if (isset($_POST['remObjectClass'])) {
$this->attributes['objectClass'] = array_delete(array('posixAccount'), $this->attributes['objectClass']);
$attrs = $this->getManagedAttributes();
foreach ($attrs as $name) {
if (isset($this->attributes[$name])) {
unset($this->attributes[$name]);
}
}
return $errors;
}
// skip processing if object class is not set
if ($this->isOptional() && (!isset($this->attributes['objectClass']) || !in_array('posixAccount', $this->attributes['objectClass']))) {
return $errors;
}
$groups = $this->findGroups(); // list of all groupnames $groups = $this->findGroups(); // list of all groupnames
if (count($groups)==0) { if (count($groups)==0) {
// abort if no groups were found // abort if no groups were found
@ -960,9 +1024,11 @@ class posixAccount extends baseModule implements passwordService {
if (isset($_POST['removePassword'])) { if (isset($_POST['removePassword'])) {
unset($this->attributes['userPassword']); unset($this->attributes['userPassword']);
} }
$this->attributes['cn'][0] = $_POST['cn']; if ($this->manageCn()) {
if (!get_preg($this->attributes['cn'][0], 'cn')) { $this->attributes['cn'][0] = $_POST['cn'];
$errors[] = $this->messages['cn'][0]; if (!get_preg($this->attributes['cn'][0], 'cn')) {
$errors[] = $this->messages['cn'][0];
}
} }
$this->attributes['uidNumber'][0] = trim($_POST['uidNumber']); $this->attributes['uidNumber'][0] = trim($_POST['uidNumber']);
$this->attributes['gidNumber'][0] = $_POST['gidNumber']; $this->attributes['gidNumber'][0] = $_POST['gidNumber'];
@ -1207,135 +1273,150 @@ class posixAccount extends baseModule implements passwordService {
*/ */
function display_html_attributes() { function display_html_attributes() {
$return = new htmlTable(); $return = new htmlTable();
$groupList = $this->findGroups(); // list of all group names if (!$this->isOptional() || (isset($this->attributes['objectClass']) && in_array('posixAccount', $this->attributes['objectClass']))) {
$groups = array(); $groupList = $this->findGroups(); // list of all group names
for ($i = 0; $i < sizeof($groupList); $i++) { $groups = array();
$groups[$groupList[$i][1]] = $groupList[$i][0]; for ($i = 0; $i < sizeof($groupList); $i++) {
} $groups[$groupList[$i][1]] = $groupList[$i][0];
if (count($groups)==0) {
$return->addElement(new htmlStatusMessage("ERROR", _('No Unix groups found in LDAP! Please create one first.')));
return $return;
}
$shelllist = $this->getShells(); // list of all valid shells
// set default values
if (!isset($this->attributes['uid'][0]) && ($this->getAccountContainer()->getAccountModule('inetOrgPerson') != null)) {
// fill default value for user ID with first/last name
$attrs = $this->getAccountContainer()->getAccountModule('inetOrgPerson')->getAttributes();
$this->attributes['uid'][0] = $this->getUserNameSuggestion($attrs);
}
if (!isset($this->attributes['cn'][0]) || ($this->attributes['cn'][0] == '')) {
// set a default value for common name
if (($this->get_scope() == 'host') && isset($_POST['uid']) && (substr($_POST['uid'], -1, 1) == '$')) {
$this->attributes['cn'][0] = substr($_POST['uid'], 0, strlen($_POST['uid']) - 1);
} }
elseif ($this->getAccountContainer()->getAccountModule('inetOrgPerson') != null) { if (count($groups)==0) {
$return->addElement(new htmlStatusMessage("ERROR", _('No Unix groups found in LDAP! Please create one first.')));
return $return;
}
$shelllist = $this->getShells(); // list of all valid shells
// set default values
if (!isset($this->attributes['uid'][0]) && ($this->getAccountContainer()->getAccountModule('inetOrgPerson') != null)) {
// fill default value for user ID with first/last name
$attrs = $this->getAccountContainer()->getAccountModule('inetOrgPerson')->getAttributes(); $attrs = $this->getAccountContainer()->getAccountModule('inetOrgPerson')->getAttributes();
if ($attrs['givenName'][0]) { $this->attributes['uid'][0] = $this->getUserNameSuggestion($attrs);
$this->attributes['cn'][0] = $attrs['givenName'][0] . " " . $attrs['sn'][0]; }
if ($this->manageCn() && (!isset($this->attributes['cn'][0]) || ($this->attributes['cn'][0] == ''))) {
// set a default value for common name
if (($this->get_scope() == 'host') && isset($_POST['uid']) && (substr($_POST['uid'], -1, 1) == '$')) {
$this->attributes['cn'][0] = substr($_POST['uid'], 0, strlen($_POST['uid']) - 1);
} }
elseif ($attrs['sn'][0]) { elseif ($this->getAccountContainer()->getAccountModule('inetOrgPerson') != null) {
$this->attributes['cn'][0] = $attrs['sn'][0]; $attrs = $this->getAccountContainer()->getAccountModule('inetOrgPerson')->getAttributes();
if ($attrs['givenName'][0]) {
$this->attributes['cn'][0] = $attrs['givenName'][0] . " " . $attrs['sn'][0];
}
elseif ($attrs['sn'][0]) {
$this->attributes['cn'][0] = $attrs['sn'][0];
}
else {
$this->attributes['cn'][0] = $_POST['uid'];
}
} }
else { elseif (isset($_POST['uid'])) {
$this->attributes['cn'][0] = $_POST['uid']; $this->attributes['cn'][0] = $_POST['uid'];
} }
} }
elseif (isset($_POST['uid'])) {
$this->attributes['cn'][0] = $_POST['uid']; $userName = '';
if (isset($this->attributes['uid'][0])) $userName = $this->attributes['uid'][0];
$uidLabel = _("User name");
if ($this->get_scope() == 'host') {
$uidLabel = _("Host name");
} }
} $uidInput = new htmlTableExtendedInputField($uidLabel, 'uid', $userName, 'uid');
$uidInput->setRequired(true);
$userName = ''; $uidInput->setFieldMaxLength(100);
if (isset($this->attributes['uid'][0])) $userName = $this->attributes['uid'][0]; $return->addElement($uidInput, true);
$uidLabel = _("User name"); if ($this->manageCn()) {
if ($this->get_scope() == 'host') { $commonName = '';
$uidLabel = _("Host name"); if (isset($this->attributes['cn'][0])) $commonName = $this->attributes['cn'][0];
} $return->addElement(new htmlTableExtendedInputField(_("Common name"), 'cn', $commonName, 'cn'), true);
$uidInput = new htmlTableExtendedInputField($uidLabel, 'uid', $userName, 'uid');
$uidInput->setRequired(true);
$uidInput->setFieldMaxLength(100);
$return->addElement($uidInput, true);
$commonName = '';
if (isset($this->attributes['cn'][0])) $commonName = $this->attributes['cn'][0];
$return->addElement(new htmlTableExtendedInputField(_("Common name"), 'cn', $commonName, 'cn'), true);
$uidNumber = '';
if (isset($this->attributes['uidNumber'][0])) $uidNumber = $this->attributes['uidNumber'][0];
$uidNumberInput = new htmlTableExtendedInputField(_('UID number'), 'uidNumber', $uidNumber, 'uidNumber');
$uidNumberInput->setFieldMaxLength(20);
$uidNumberInput->setValidationRule(htmlElement::VALIDATE_NUMERIC);
$return->addElement($uidNumberInput, true);
if (!$this->isBooleanConfigOptionSet('posixAccount_hidegecos')) {
$gecos = '';
if (isset($this->attributes['gecos'][0])) $gecos = $this->attributes['gecos'][0];
$return->addElement(new htmlTableExtendedInputField(_('Gecos'), 'gecos', $gecos, 'gecos'), true);
}
$primaryGroup = array();
if (isset($this->attributes['gidNumber'][0])) {
$primaryGroup[] = $this->attributes['gidNumber'][0];
}
$gidNumberSelect = new htmlTableExtendedSelect('gidNumber', $groups, $primaryGroup, _('Primary group'), 'gidNumber');
$gidNumberSelect->setHasDescriptiveElements(true);
$return->addElement($gidNumberSelect, true);
if ($this->get_scope()=='user') {
// additional groups
if (!$this->isBooleanConfigOptionSet('posixAccount_hidegon') || !$this->isBooleanConfigOptionSet('posixAccount_hideposixGroups')) {
$return->addElement(new htmlOutputText(_('Additional groups')));
$return->addElement(new htmlAccountPageButton(get_class($this), 'group', 'open', _('Edit groups')));
$return->addElement(new htmlHelpLink('addgroup'), true);
} }
// home directory $uidNumber = '';
$homedirInput = new htmlTableExtendedInputField(_('Home directory'), 'homeDirectory', $this->attributes['homeDirectory'][0], 'homeDirectory'); if (isset($this->attributes['uidNumber'][0])) $uidNumber = $this->attributes['uidNumber'][0];
$homedirInput->setRequired(true); $uidNumberInput = new htmlTableExtendedInputField(_('UID number'), 'uidNumber', $uidNumber, 'uidNumber');
$return->addElement($homedirInput, true); $uidNumberInput->setFieldMaxLength(20);
if (($_SESSION['config']->get_scriptPath() != null) && ($_SESSION['config']->get_scriptPath() != '')) { $uidNumberInput->setValidationRule(htmlElement::VALIDATE_NUMERIC);
if ($this->getAccountContainer()->isNewAccount) { $return->addElement($uidNumberInput, true);
// get list of lamdaemon servers if (!$this->isBooleanConfigOptionSet('posixAccount_hidegecos')) {
$lamdaemonServers = explode(";", $_SESSION['config']->get_scriptServers()); $gecos = '';
for ($i = 0; $i < sizeof($lamdaemonServers); $i++) { if (isset($this->attributes['gecos'][0])) $gecos = $this->attributes['gecos'][0];
$temp = explode(":", $lamdaemonServers[$i]); $return->addElement(new htmlTableExtendedInputField(_('Gecos'), 'gecos', $gecos, 'gecos'), true);
if (isset($temp[1])) $lamdaemonServers[$i] = $temp[1]; }
else $lamdaemonServers[$i] = $temp[0]; $primaryGroup = array();
if (isset($this->attributes['gidNumber'][0])) {
$primaryGroup[] = $this->attributes['gidNumber'][0];
}
$gidNumberSelect = new htmlTableExtendedSelect('gidNumber', $groups, $primaryGroup, _('Primary group'), 'gidNumber');
$gidNumberSelect->setHasDescriptiveElements(true);
$return->addElement($gidNumberSelect, true);
if ($this->get_scope()=='user') {
// additional groups
if (!$this->isBooleanConfigOptionSet('posixAccount_hidegon') || !$this->isBooleanConfigOptionSet('posixAccount_hideposixGroups')) {
$return->addElement(new htmlOutputText(_('Additional groups')));
$return->addElement(new htmlAccountPageButton(get_class($this), 'group', 'open', _('Edit groups')));
$return->addElement(new htmlHelpLink('addgroup'), true);
}
// home directory
$homedirInput = new htmlTableExtendedInputField(_('Home directory'), 'homeDirectory', $this->attributes['homeDirectory'][0], 'homeDirectory');
$homedirInput->setRequired(true);
$return->addElement($homedirInput, true);
if (($_SESSION['config']->get_scriptPath() != null) && ($_SESSION['config']->get_scriptPath() != '')) {
if ($this->getAccountContainer()->isNewAccount) {
// get list of lamdaemon servers
$lamdaemonServers = explode(";", $_SESSION['config']->get_scriptServers());
for ($i = 0; $i < sizeof($lamdaemonServers); $i++) {
$temp = explode(":", $lamdaemonServers[$i]);
if (isset($temp[1])) $lamdaemonServers[$i] = $temp[1];
else $lamdaemonServers[$i] = $temp[0];
}
$homeDirLabel = new htmlOutputText(_('Create home directory'));
$homeDirLabel->alignment = htmlElement::ALIGN_TOP;
$return->addElement($homeDirLabel);
$homeServerContainer = new htmlTable();
for ($h = 0; $h < sizeof($lamdaemonServers); $h++) {
$homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h], $this->lamdaemonServers), $lamdaemonServers[$h], null, false), true);
}
$return->addElement($homeServerContainer);
$homeDirHelp = new htmlHelpLink('createhomedir');
$homeDirHelp->alignment = htmlElement::ALIGN_TOP;
$return->addElement($homeDirHelp, true);
} }
$homeDirLabel = new htmlOutputText(_('Create home directory')); else {
$homeDirLabel->alignment = htmlElement::ALIGN_TOP; $return->addElement(new htmlOutputText(''));
$return->addElement($homeDirLabel); $return->addElement(new htmlAccountPageButton(get_class($this), 'homedir', 'open', _('Check home directories')), true);
$homeServerContainer = new htmlTable();
for ($h = 0; $h < sizeof($lamdaemonServers); $h++) {
$homeServerContainer->addElement(new htmlTableExtendedInputCheckbox('createhomedir_' . $h, in_array($lamdaemonServers[$h], $this->lamdaemonServers), $lamdaemonServers[$h], null, false), true);
} }
$return->addElement($homeServerContainer); }
$homeDirHelp = new htmlHelpLink('createhomedir'); $selectedShell = array();
$homeDirHelp->alignment = htmlElement::ALIGN_TOP; if (isset($this->attributes['loginShell'][0])) {
$return->addElement($homeDirHelp, true); $selectedShell = array($this->attributes['loginShell'][0]);
}
$return->addElement(new htmlTableExtendedSelect('loginShell', $shelllist, $selectedShell, _('Login shell'), 'loginShell'), true);
}
// password buttons
if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) {
$return->addElement(new htmlOutputText(_('Password')));
$pwdContainer = new htmlTable();
if (pwd_is_enabled($this->attributes['userPassword'][0])) {
$pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
} }
else { else {
$return->addElement(new htmlOutputText('')); $pwdContainer->addElement(new htmlButton('unlockPassword', _('Unlock password')));
$return->addElement(new htmlAccountPageButton(get_class($this), 'homedir', 'open', _('Check home directories')), true);
} }
$pwdContainer->addElement(new htmlButton('removePassword', _('Remove password')));
$pwdContainer->colspan = 2;
$return->addElement($pwdContainer);
} }
$selectedShell = array(); // remove button
if (isset($this->attributes['loginShell'][0])) { if ($this->isOptional()) {
$selectedShell = array($this->attributes['loginShell'][0]); $return->addElement(new htmlSpacer(null, '20px'), true);
$remButton = new htmlButton('remObjectClass', _('Remove Unix extension'));
$remButton->colspan = 5;
$return->addElement($remButton);
} }
$return->addElement(new htmlTableExtendedSelect('loginShell', $shelllist, $selectedShell, _('Login shell'), 'loginShell'), true);
} }
// password buttons else {
if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) { // add button
$return->addElement(new htmlOutputText(_('Password'))); $return->addElement(new htmlButton('addObjectClass', _('Add Unix extension')));
$pwdContainer = new htmlTable();
if (pwd_is_enabled($this->attributes['userPassword'][0])) {
$pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
}
else {
$pwdContainer->addElement(new htmlButton('unlockPassword', _('Unlock password')));
}
$pwdContainer->addElement(new htmlButton('removePassword', _('Remove password')));
$pwdContainer->colspan = 2;
$return->addElement($pwdContainer);
} }
return $return; return $return;
} }
/** /**
@ -1592,6 +1673,9 @@ class posixAccount extends baseModule implements passwordService {
// primary Unix group // primary Unix group
$return->addElement(new htmlTableExtendedSelect('posixAccount_primaryGroup', $groups, array(), _('Primary group'), 'gidNumber')); $return->addElement(new htmlTableExtendedSelect('posixAccount_primaryGroup', $groups, array(), _('Primary group'), 'gidNumber'));
} }
if ($this->isOptional()) {
$return->addElement(new htmlTableExtendedInputCheckbox('posixAccount_addExt', false, _('Automatically add this extension'), 'autoAdd'), true);
}
return $return; return $return;
} }
@ -1634,6 +1718,12 @@ class posixAccount extends baseModule implements passwordService {
} }
} }
} }
// add extension
if (isset($profile['posixAccount_addExt'][0]) && ($profile['posixAccount_addExt'][0] == "true")) {
if (!in_array('posixAccount', $this->attributes['objectClass'])) {
$this->attributes['objectClass'][] = 'posixAccount';
}
}
} }
/** /**
@ -1951,25 +2041,27 @@ class posixAccount extends baseModule implements passwordService {
$errors[] = $errMsg; $errors[] = $errMsg;
} }
// cn // cn
if ($rawAccounts[$i][$ids['posixAccount_cn']] != "") { if ($this->manageCn()) {
if (get_preg($rawAccounts[$i][$ids['posixAccount_cn']], 'cn')) { if ($rawAccounts[$i][$ids['posixAccount_cn']] != "") {
$partialAccounts[$i]['cn'] = $rawAccounts[$i][$ids['posixAccount_cn']]; if (get_preg($rawAccounts[$i][$ids['posixAccount_cn']], 'cn')) {
$partialAccounts[$i]['cn'] = $rawAccounts[$i][$ids['posixAccount_cn']];
}
else {
$errMsg = $this->messages['cn'][1];
array_push($errMsg, array($i));
$errors[] = $errMsg;
}
} }
else { else {
$errMsg = $this->messages['cn'][1]; if ($partialAccounts[$i]['givenName']) {
array_push($errMsg, array($i)); $partialAccounts[$i]['cn'] = $partialAccounts[$i]['givenName'] . " " . $partialAccounts[$i]['sn'];
$errors[] = $errMsg; }
} elseif ($partialAccounts[$i]['sn']) {
} $partialAccounts[$i]['cn'] = $partialAccounts[$i]['sn'];
else { }
if ($partialAccounts[$i]['givenName']) { else {
$partialAccounts[$i]['cn'] = $partialAccounts[$i]['givenName'] . " " . $partialAccounts[$i]['sn']; $partialAccounts[$i]['cn'] = $partialAccounts[$i]['uid'];
} }
elseif ($partialAccounts[$i]['sn']) {
$partialAccounts[$i]['cn'] = $partialAccounts[$i]['sn'];
}
else {
$partialAccounts[$i]['cn'] = $partialAccounts[$i]['uid'];
} }
} }
} }
@ -2860,6 +2952,34 @@ class posixAccount extends baseModule implements passwordService {
); );
} }
/**
* Returns if the cn attribute should be managed.
* If Windows modules are active then cn will not be managed.
*
* @return boolean manage cn attribute
*/
private function manageCn() {
if (isset($_SESSION['config'])) {
$conf = $_SESSION['config'];
if (in_array('windowsUser', $conf->get_AccountModules($this->get_scope()))) {
return false;
}
else {
return true;
}
}
return false;
}
/**
* Returns if the Unix part can be added and removed.
*
* @return boolean is optional
*/
private function isOptional() {
return !$this->manageCn();
}
} }
?> ?>