From 50c5a65b98ef03cd5d8a0e1711f167985ffb2332 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Thu, 21 May 2015 17:50:00 +0000 Subject: [PATCH] support to filter by account status --- lam/lib/lists.inc | 34 ++++++++----- lam/lib/types/user.inc | 110 ++++++++++++++++++++++++++++++++++------- 2 files changed, 115 insertions(+), 29 deletions(-) diff --git a/lam/lib/lists.inc b/lam/lib/lists.inc index fa644792..a74f3c11 100644 --- a/lam/lib/lists.inc +++ b/lam/lib/lists.inc @@ -392,26 +392,36 @@ class lamList { parseHtml(null, $filterGroup, array(), false, $this->tabindex, $this->type); echo "\n"; // print input boxes for filters - for ($k = 0; $k < sizeof ($this->descArray); $k++) { + for ($k = 0; $k < sizeof($this->descArray); $k++) { echo ""; if ($this->canBeFiltered($this->attrArray[$k])) { - $value = ""; - if (!isset($_POST['clear_filter'])) { - if (isset($this->filters[strtolower($this->attrArray[$k])])) { - $value = $this->filters[strtolower($this->attrArray[$k])]; - } - } - $filterInput = new htmlInputField('filter' . strtolower($this->attrArray[$k]), $value); - $filterInput->setCSSClasses(array($this->type . '-dark')); - $filterInput->setFieldSize('15'); - $filterInput->setOnKeyPress("SubmitForm('apply_filter', event);"); - parseHtml(null, $filterInput, array(), false, $this->tabindex, $this->type); + $this->printFilterArea($this->attrArray[$k], isset($_POST['clear_filter'])); } echo "\n"; } echo "\n"; } + /** + * Prints the content of a single attribute filter area. + * + * @param String $attrName attribute name + * @param boolean $clearFilter true if filter value should be cleared + */ + protected function printFilterArea($attrName, $clearFilter) { + $value = ""; + if (!$clearFilter) { + if (isset($this->filters[strtolower($attrName)])) { + $value = $this->filters[strtolower($attrName)]; + } + } + $filterInput = new htmlInputField('filter' . strtolower($attrName), $value); + $filterInput->setCSSClasses(array($this->type . '-dark')); + $filterInput->setFieldSize('15'); + $filterInput->setOnKeyPress("SubmitForm('apply_filter', event);"); + parseHtml(null, $filterInput, array(), false, $this->tabindex, $this->type); + } + /** * Returns if the given attribute can be filtered. * If filtering is not possible then no filter box will be displayed. diff --git a/lam/lib/types/user.inc b/lam/lib/types/user.inc index 771d9973..3d4d6b46 100644 --- a/lam/lib/types/user.inc +++ b/lam/lib/types/user.inc @@ -3,7 +3,7 @@ $Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) - Copyright (C) 2005 - 2014 Roland Gruber + Copyright (C) 2005 - 2015 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -509,6 +509,9 @@ class lamUserList extends lamList { /** translates GID to group name */ private $trans_primary_hash = array(); + /** filter value for account status */ + private $accountStatusFilter = null; + /** ID for config option to translate primary group GIDs to group names */ const TRANS_PRIMARY_OPTION_NAME = "LU_TP"; /** ID for config option to show account status */ @@ -517,6 +520,13 @@ class lamUserList extends lamList { /** virtual attribute name for account status column */ const ATTR_ACCOUNT_STATUS = 'lam_virtual_account_status'; + /** filter value for locked accounts */ + const FILTER_LOCKED = 2; + /** filter value for partially locked accounts */ + const FILTER_SEMILOCKED = 3; + /** filter value for unlocked accounts */ + const FILTER_UNLOCKED = 4; + /** * Constructor * @@ -548,11 +558,13 @@ class lamUserList extends lamList { */ protected function listRefreshData() { parent::listRefreshData(); + // show group names if ($this->trans_primary == "on") { $this->refreshPrimaryGroupTranslation(); } + // show account status if ($this->showAccountStatus) { - $this->injectAccountStatusAttribute(); + $this->injectAccountStatusAttributeAndFilterByStatus(); } } @@ -726,15 +738,60 @@ class lamUserList extends lamList { * @return boolean filtering possible */ protected function canBeFiltered($attr) { - if ($attr == self::ATTR_ACCOUNT_STATUS) { - return false; - } - elseif (strtolower($attr) == 'jpegphoto') { + if (strtolower($attr) == 'jpegphoto') { return false; } return true; } + /** + * Prints the content of a single attribute filter area. + * + * @param String $attrName attribute name + * @param boolean $clearFilter true if filter value should be cleared + */ + protected function printFilterArea($attrName, $clearFilter) { + if ($attrName != self::ATTR_ACCOUNT_STATUS) { + parent::printFilterArea($attrName, $clearFilter); + return; + } + $value = "-"; + if (!$clearFilter) { + if (isset($this->filters[strtolower($attrName)])) { + $value = $this->filters[strtolower($attrName)]; + } + } + $filterOptions = array( + '' => '', + _('Unlocked') => self::FILTER_UNLOCKED, + _('Partially locked') => self::FILTER_SEMILOCKED, + _('Locked') => self::FILTER_LOCKED + ); + $filterInput = new htmlSelect('filter' . strtolower($attrName), $filterOptions, array($value)); + $filterInput->setCSSClasses(array($this->type . '-dark')); + $filterInput->setHasDescriptiveElements(true); + $filterInput->setOnchangeEvent('document.getElementsByName(\'apply_filter\')[0].click();'); + parseHtml(null, $filterInput, array(), false, $this->tabindex, $this->type); + } + + /** + * Builds the LDAP filter based on the filter entries in the GUI. + * + * @return String LDAP filter + */ + protected function buildLDAPAttributeFilter() { + $this->accountStatusFilter = null; + $text = ''; + foreach ($this->filters as $attr => $filter) { + if ($attr == self::ATTR_ACCOUNT_STATUS) { + $this->accountStatusFilter = $filter; + continue; + } + $text .= '(' . $attr . '=' . $filter . ')'; + } + return $text; + } + /** * Returns a list of additional LDAP attributes that should be read. * This can be used to show additional data even if the user selected other attributes to show in the list. @@ -758,24 +815,43 @@ class lamUserList extends lamList { /** * Injects values for the virtual account status attribute to make it sortable. */ - private function injectAccountStatusAttribute() { + private function injectAccountStatusAttributeAndFilterByStatus() { $entryCount = sizeof($this->entries); for ($i = 0; $i < $entryCount; $i++) { - $status = 0; - if (!self::isUnixLocked($this->entries[$i])) { - $status++; + $unixAvailable = self::isUnixAvailable($this->entries[$i]); + $sambaAvailable = self::isSambaAvailable($this->entries[$i]); + $ppolicyAvailable = self::isPPolicyAvailable($this->entries[$i]); + $windowsAvailable = self::isWindowsAvailable($this->entries[$i]); + $unixLocked = self::isUnixLocked($this->entries[$i]); + $sambaLocked = self::isSambaLocked($this->entries[$i]); + $ppolicyLocked = self::isPPolicyLocked($this->entries[$i]); + $windowsLocked = self::isWindowsLocked($this->entries[$i]); + $hasLocked = ($unixAvailable && $unixLocked) + || ($sambaAvailable && $sambaLocked) + || ($ppolicyAvailable && $ppolicyLocked) + || ($windowsAvailable && $windowsLocked); + $hasUnlocked = ($unixAvailable && !$unixLocked) + || ($sambaAvailable && !$sambaLocked) + || ($ppolicyAvailable && !$ppolicyLocked) + || ($windowsAvailable && !$windowsLocked); + $status = self::FILTER_UNLOCKED; + if ($hasLocked && $hasUnlocked) { + $status = self::FILTER_SEMILOCKED; } - if (!self::isSambaLocked($this->entries[$i])) { - $status++; + elseif (!$hasUnlocked && $hasLocked) { + $status = self::FILTER_LOCKED; } - if (!self::isPPolicyLocked($this->entries[$i])) { - $status++; - } - if (!self::isWindowsLocked($this->entries[$i])) { - $status++; + // filter accounts + if (!empty($this->accountStatusFilter)) { + if ($status != $this->accountStatusFilter) { + unset($this->entries[$i]); + continue; + } } + // add virtual attribute $this->entries[$i][self::ATTR_ACCOUNT_STATUS][0] = $status; } + $this->entries = array_values($this->entries); } /**