diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc index cb0db5f4..c9c0e6f2 100644 --- a/lam/lib/modules/posixGroup.inc +++ b/lam/lib/modules/posixGroup.inc @@ -4,7 +4,7 @@ $Id$ This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam) Copyright (C) 2003 - 2006 Tilo Lutz - 2007 - 2008 Roland Gruber + 2007 - 2009 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -37,7 +37,7 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * * @package modules */ -class posixGroup extends baseModule { +class posixGroup extends baseModule implements passwordService { /** change GIDs of users and hosts? */ private $changegids; @@ -182,12 +182,7 @@ class posixGroup extends baseModule { array('kind' => 'text', 'text' => _("Group members")), array('kind' => 'input', 'name' => 'form_subpage_' . get_class($this) . '_user_open', 'type' => 'submit', 'value' => _('Edit members')), array ('kind' => 'help', 'value' => 'members')); - if (!isset($this->attributes['userPassword'][0])) { - $return[] = array( - array('kind' => 'text', 'text' => _('Password') ), - array('kind' => 'input', 'name' => 'form_subpage_' . get_class($this) . '_password_open', 'type' => 'submit', 'value' => _('Set password'))); - } - else { + if (isset($this->attributes['userPassword'][0])) { if (pwd_is_enabled($this->attributes['userPassword'][0])) { $lockOption = array('kind' => 'input', 'name' => 'form_subpage_' . get_class($this) . '_attributes_lockPassword', 'type' => 'submit', 'value' => _('Lock password')); } @@ -198,9 +193,6 @@ class posixGroup extends baseModule { $return[] = array( array('kind' => 'text', 'text' => _('Password') ), array('kind' => 'table', 'value' => array( - array( - array('kind' => 'input', 'name' => 'form_subpage_' . get_class($this) . '_password_open', 'type' => 'submit', 'value' => _('Change password')) - ), array($lockOption), array( array('kind' => 'input', 'name' => 'form_subpage_' . get_class($this) . '_attributes_removePassword', 'type' => 'submit', 'value' => _('Remove password')) @@ -269,28 +261,6 @@ class posixGroup extends baseModule { return $return; } - /** - * Displays the password changing dialog. - * - * @return array meta HTML code - */ - function display_html_password() { - $return[] = array( - array('kind' => 'text', 'text' => _('Password') ), - array('kind' => 'input', 'name' => 'userPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => ""), - array('kind' => 'help', 'value' => 'password')); - $return[] = array( - array('kind' => 'text', 'text' => _('Repeat password')), - array('kind' => 'input', 'name' => 'userPassword2', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => "")); - $return[] = array( - array('kind' => 'table', 'value' => array( - array( - array('kind' => 'input', 'type' => 'submit', 'value' => _('Ok'), 'name' => 'form_subpage_' . get_class($this) . '_attributes_submit'), - array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'form_subpage_' . get_class($this) . '_attributes_back'), - array('kind' => 'text'))))); - return $return; - } - /** * Returns meta data that is interpreted by parent class * @@ -491,7 +461,6 @@ class posixGroup extends baseModule { * This function fills the $messages variable with output messages from this module. */ function load_Messages() { - $this->messages['userPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); $this->messages['userPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!%&/|?{[()]}=@$ !')); $this->messages['gidNumber'][0] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.')); $this->messages['gidNumber'][2] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); @@ -697,32 +666,6 @@ class posixGroup extends baseModule { } - /** - * Processes user input of the password page. - * It checks if all input values are correct and updates the associated LDAP attributes. - * - * @return array list of info/error messages - */ - function process_password() { - if ($_POST['form_subpage_' . get_class($this) . '_attributes_back']) return array(); - $errors = array(); - if ($_POST['userPassword'] != $_POST['userPassword2']) { - $errors[] = $this->messages['userPassword'][0]; - if (!get_preg($_POST['userPassword'], 'password')) - $errors[] = $this->messages['userPassword'][1]; - } - else { - $pwdPolicyResult = checkPasswordStrength($_POST['userPassword']); - if ($pwdPolicyResult === true) { - $this->attributes['userPassword'][0] = pwd_hash($_POST['userPassword'], true, $this->moduleSettings['posixAccount_pwdHash'][0]); - } - else { - $errors[] = array('ERROR', $pwdPolicyResult); - } - } - return $errors; - } - /** * Returns a list of modifications which have to be made to the LDAP account. * @@ -815,6 +758,34 @@ class posixGroup extends baseModule { return $ret; } + /** + * This method specifies if a module manages password attributes. + * @see passwordService::managesPasswordAttributes + * + * @return boolean true if this module manages password attributes + */ + public function managesPasswordAttributes() { + return true; + } + + /** + * This function is called whenever the password should be changed. Account modules + * must change their password attributes only if the modules list contains their module name. + * + * @param String $password new password + * @param $modules list of modules for which the password should be changed + * @return array list of error messages if any as parameter array for StatusMessage + * e.g. return arrray(array('ERROR', 'Password change failed.')) + * @see passwordService::passwordChangeRequested + */ + public function passwordChangeRequested($password, $modules) { + if (!in_array(get_class($this), $modules)) { + return array(); + } + $this->attributes['userPassword'][0] = pwd_hash($password, true, $this->moduleSettings['posixAccount_pwdHash'][0]); + return array(); + } + } ?>