From 29753a127e9daf996dea54c3b06d757a9bbb8f45 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Fri, 4 Jun 2004 11:28:22 +0000 Subject: [PATCH] changed the LDAP filter syntax for base modules, fixed dependency information, only include files in lib/modules which end with ".inc" --- lam/docs/modules-specification.htm | 25 +++++++++++------- lam/lib/modules.inc | 38 ++++++++++++++++----------- lam/lib/modules/account.inc | 2 +- lam/lib/modules/inetOrgPerson.inc | 2 +- lam/lib/modules/main.inc | 2 +- lam/lib/modules/posixAccount.inc | 10 ++++--- lam/lib/modules/posixGroup.inc | 5 ++-- lam/lib/modules/quota.inc | 4 +-- lam/lib/modules/sambaAccount.inc | 14 +++++++--- lam/lib/modules/sambaGroupMapping.inc | 2 +- lam/lib/modules/sambaSamAccount.inc | 14 +++++++--- lam/lib/modules/shadowAccount.inc | 2 +- 12 files changed, 75 insertions(+), 45 deletions(-) diff --git a/lam/docs/modules-specification.htm b/lam/docs/modules-specification.htm index a4afad91..feec1198 100644 --- a/lam/docs/modules-specification.htm +++ b/lam/docs/modules-specification.htm @@ -108,16 +108,20 @@ quota module is no base module as it needs posixAccount.

-Returns a string that can be used as part of a LDAP filter. Usually +Returns an array('or' => '...', 'and' => '...') that is used to +build the LDAP filter. Usually used to filter object classes.
$scope is the account type ("user", "group", "host" at this time).

-All filter parts of the base modules are combined with OR and used to -find the accounts for the lists.
+All "or" filter parts of the base modules are combined with OR and then +combined with the "and" parts.
+The resulting LDAP filter will look like this: +(&(|(OR1)(OR2)(OR3))(AND1)(AND2)(AND3))

Example: return "(objectClass=posixAccount)"
+ style="font-style: italic;">return "('or' => +'objectClass=posixAccount', 'and' => '(!(uid=*$))')"

This function is only used for base modules. Standard modules do not need to @@ -314,12 +318,13 @@ If no errors occured the function returns an empty array. $scope is the account type ("user", "group", "host" at this time).
-It returns the fields which are printed in the PDF file for the specified -account type. At the monent there is no (easy) possibility for the user to -decide which fields are to be displayed. Perhaps there will be a PDF config -tool in future releases where you can offer the user to decide which fields are -to be displayed on the PDF file. The format of the array to be returned is -described in section 5. "PDF syntax".
+It returns the fields which are printed in the PDF file for the +specified account type. At the monent there is no (easy) possibility +for the user to decide which fields are to be displayed. Perhaps there +will be a PDF config tool in future releases where you can offer the +user to decide which fields are to be displayed on the PDF file. The +format of the array to be returned is described in section 5. "PDF +syntax".


diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc index 9b71dd2c..745d8502 100644 --- a/lam/lib/modules.inc +++ b/lam/lib/modules.inc @@ -37,7 +37,7 @@ while ($stay<7) { if (is_dir($relative.'lib/modules')) { $dir = opendir($relative.'lib/modules'); while ($entry = readdir($dir)) - if (is_file($relative.'lib/modules/'.$entry)) include_once ($relative.'lib/modules/'.$entry); + if ((substr($entry, strlen($entry) - 4, 4) == '.inc') && is_file($relative.'lib/modules/'.$entry)) include_once ($relative.'lib/modules/'.$entry); $stay=10; } else { @@ -66,17 +66,26 @@ function is_base_module($name, $scope) { function get_ldap_filter($scope) { $mods = getAvailableModules($scope); $filters = array(); + $orFilter = ''; for ($i = 0; $i < sizeof($mods); $i++) { if (is_base_module($mods[$i], $scope)) { - $filters[] = call_user_func(array($mods[$i], "get_ldap_filter"), $scope); + $modinfo = call_user_func(array($mods[$i], "get_ldap_filter"), $scope); + if (isset($modinfo['or'])) $filters['or'][] = $modinfo['or']; + if (isset($modinfo['and'])) $filters['and'][] = $modinfo['and']; } } - if (sizeof($filters) < 2) { - return $filters[0]; + // build OR filter + if (sizeof($filters['or']) == 1) { + $orFilter = $filters['or'][0]; } - else { - return "(&" . implode("", $filters) . ")"; + elseif (sizeof($filters['or']) > 1) { + $orFilter = "(|" . implode("", $filters['or']) . ")"; } + // add built OR filter to AND filters + if ($orFilter != '') $filters['and'][] = $orFilter; + // collapse AND filters + if (sizeof($filters['and']) < 2) return $filters['and'][0]; + else return "(&" . implode("", $filters['and']) . ")"; } // returns a hash array (module name => dependencies) of all user module dependencies @@ -85,15 +94,12 @@ function get_ldap_filter($scope) { // the elements of conflicts are module names // $scope: user, group, host, .... function getModulesDependencies($scope) { - global $relative; - // get module names. - $dir = opendir($relative . 'lib/modules'); - while ($entry = readdir($dir)) - if (is_file($relative . 'lib/modules/'.$entry)) { - $entry = substr($entry, 0, strpos($entry, '.')); - $deps = call_user_func(array($entry, "get_dependencies"), $scope); - if ($deps != -1) $return[$entry] = $deps; - } + $mods = getAvailableModules($scope); + $deps = array(); + for ($i = 0; $i < sizeof($mods); $i++) { + $deps = call_user_func(array($mods[$i], "get_dependencies"), $scope); + if ($deps != -1) $return[$mods[$i]] = $deps; + } return $return; } @@ -162,7 +168,7 @@ function getAvailableModules($scope) { // get module names. $dir = opendir($relative . 'lib/modules'); while ($entry = readdir($dir)) - if (is_file($relative . 'lib/modules/'.$entry)) { + if ((substr($entry, strlen($entry) - 4, 4) == '.inc') && is_file($relative . 'lib/modules/'.$entry)) { $entry = substr($entry, 0, strpos($entry, '.')); if (call_user_func(array($entry, "can_manage"), $scope)) $return[] = $entry; } diff --git a/lam/lib/modules/account.inc b/lam/lib/modules/account.inc index 7db5c775..8064ae85 100644 --- a/lam/lib/modules/account.inc +++ b/lam/lib/modules/account.inc @@ -79,7 +79,7 @@ class account { /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='host') return array('require' => array('main'), 'conflict' => array('inetOrgPerson', 'posixGroup', 'sambaDomain') ); + if ($scope=='host') return array('depends' => array(), 'conflicts' => array('inetOrgPerson', 'posixGroup', 'sambaDomain') ); return -1; } diff --git a/lam/lib/modules/inetOrgPerson.inc b/lam/lib/modules/inetOrgPerson.inc index 2f781c37..3106556b 100644 --- a/lam/lib/modules/inetOrgPerson.inc +++ b/lam/lib/modules/inetOrgPerson.inc @@ -82,7 +82,7 @@ class inetOrgPerson { /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='user') return array('require' => array('main', 'posixAccount'), 'conflict' => array('account', 'posixGroup', 'sambaDomain') ); + if ($scope=='user') return array('depends' => array('posixAccount'), 'conflicts' => array('account', 'posixGroup', 'sambaDomain') ); return -1; } diff --git a/lam/lib/modules/main.inc b/lam/lib/modules/main.inc index 203c8664..50e03fe2 100644 --- a/lam/lib/modules/main.inc +++ b/lam/lib/modules/main.inc @@ -78,7 +78,7 @@ class main { /* This function returns a list with all required modules */ function get_dependencies($scope) { - return array('require' => array(), 'conflict' => array() ); + return array('depends' => array(), 'conflicts' => array() ); } function module_ready() { diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index 500799e3..88e129ff 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -140,20 +140,22 @@ class posixAccount { } function is_base_module($scope) { - return true; + if ($scope == "user") return true; + else return false; } // returns an LDAP filter for the account lists // $scope: the account type ("user", "group", "host") function get_ldap_filter($scope) { - return "(objectClass=posixAccount)"; + if ($scope == "user") return array('or' => "(objectClass=posixAccount)", 'and' => "(!(uid=*$))"); + else return false; } /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='host') return array('require' => array('account'), 'conflict' => array() ); - if ($scope=='user') return array('require' => array('inetOrgPerson'), 'conflict' => array() ); + if ($scope=='host') return array('depends' => array('account'), 'conflicts' => array() ); + if ($scope=='user') return array('depends' => array('inetOrgPerson'), 'conflicts' => array() ); return -1; } diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc index 21d28f96..90b33caa 100644 --- a/lam/lib/modules/posixGroup.inc +++ b/lam/lib/modules/posixGroup.inc @@ -135,13 +135,14 @@ class posixGroup { // returns an LDAP filter for the account lists // $scope: the account type ("user", "group", "host") function get_ldap_filter($scope) { - return "(objectClass=posixGroup)"; + if ($scope == "group") return array('or' => "(objectClass=posixGroup)"); + else return false; } /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='group') return array('require' => array('main'), 'conflict' => array('inetOrgPerson', 'account', 'sambaDomain') ); + if ($scope=='group') return array('depends' => array(), 'conflicts' => array('inetOrgPerson', 'account', 'sambaDomain') ); return -1; } diff --git a/lam/lib/modules/quota.inc b/lam/lib/modules/quota.inc index d5bd0311..f0931210 100644 --- a/lam/lib/modules/quota.inc +++ b/lam/lib/modules/quota.inc @@ -84,8 +84,8 @@ class quota { /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='group') return array('require' => array('posixGroup'), 'conflict' => array() ); - if ($scope=='user') return array('require' => array('posixAccount'), 'conflict' => array() ); + if ($scope=='group') return array('depends' => array('posixGroup'), 'conflicts' => array() ); + if ($scope=='user') return array('depends' => array('posixAccount'), 'conflicts' => array() ); return -1; } diff --git a/lam/lib/modules/sambaAccount.inc b/lam/lib/modules/sambaAccount.inc index 997d14b4..21a98598 100644 --- a/lam/lib/modules/sambaAccount.inc +++ b/lam/lib/modules/sambaAccount.inc @@ -133,14 +133,22 @@ class sambaAccount { } function is_base_module($scope) { - return false; + if ($scope == "host") return true; + else return false; + } + + // returns an LDAP filter for the account lists + // $scope: the account type ("user", "group", "host") + function get_ldap_filter($scope) { + if ($scope == "host") return array('and' => '(uid=*$)', 'or' => "(objectClass=posixAccount)"); + else return false; } /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='host') return array('require' => array('account'), 'conflict' => array() ); - if ($scope=='user') return array('require' => array('inetOrgPerson'), 'conflict' => array() ); + if ($scope=='host') return array('depends' => array('account'), 'conflicts' => array() ); + if ($scope=='user') return array('depends' => array('inetOrgPerson'), 'conflicts' => array() ); return -1; } diff --git a/lam/lib/modules/sambaGroupMapping.inc b/lam/lib/modules/sambaGroupMapping.inc index e6e22c75..ebf110cb 100644 --- a/lam/lib/modules/sambaGroupMapping.inc +++ b/lam/lib/modules/sambaGroupMapping.inc @@ -109,7 +109,7 @@ class sambaGroupMapping { /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='group') return array('require' => array('posixGroup'), 'conflict' => array() ); + if ($scope=='group') return array('depends' => array('posixGroup'), 'conflicts' => array() ); return -1; } diff --git a/lam/lib/modules/sambaSamAccount.inc b/lam/lib/modules/sambaSamAccount.inc index 2894a485..42c82566 100644 --- a/lam/lib/modules/sambaSamAccount.inc +++ b/lam/lib/modules/sambaSamAccount.inc @@ -133,14 +133,22 @@ class sambaSamAccount { } function is_base_module($scope) { - return false; + if ($scope == "host") return true; + else return false; + } + + // returns an LDAP filter for the account lists + // $scope: the account type ("user", "group", "host") + function get_ldap_filter($scope) { + if ($scope == "host") return array('and' => '(uid=*$)', 'or' => "(objectClass=posixAccount)"); + else return false; } /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='host') return array('require' => array('posixAccount'), 'conflict' => array() ); - if ($scope=='user') return array('require' => array('posixAccount'), 'conflict' => array() ); + if ($scope=='host') return array('depends' => array('posixAccount'), 'conflicts' => array() ); + if ($scope=='user') return array('depends' => array('posixAccount'), 'conflicts' => array() ); return -1; } diff --git a/lam/lib/modules/shadowAccount.inc b/lam/lib/modules/shadowAccount.inc index cb767864..21b28487 100644 --- a/lam/lib/modules/shadowAccount.inc +++ b/lam/lib/modules/shadowAccount.inc @@ -103,7 +103,7 @@ class shadowAccount { /* This function returns a list with all required modules */ function get_dependencies($scope) { - if ($scope=='user') return array('require' => array('inetOrgPerson'), 'conflict' => array() ); + if ($scope=='user') return array('depends' => array('inetOrgPerson'), 'conflicts' => array() ); return -1; }