diff --git a/lam/HISTORY b/lam/HISTORY
index 5fe6004f..a14ba1bc 100644
--- a/lam/HISTORY
+++ b/lam/HISTORY
@@ -7,6 +7,7 @@ April 2011 3.4.0
- LAM Pro:
-> support automount entries
-> Zarafa groups: allow combination with group of names
+ -> enhanced wildcards for custom scripts
- fixed bugs:
-> renaming of default profile (3183920)
diff --git a/lam/docs/devel/upgrade.htm b/lam/docs/devel/upgrade.htm
index fb06138d..4dc24816 100644
--- a/lam/docs/devel/upgrade.htm
+++ b/lam/docs/devel/upgrade.htm
@@ -11,6 +11,7 @@
+
Upgrade notes
@@ -28,7 +29,14 @@ This is a list of API changes for all LAM releases.
-3.2.0 -> 3.3.0
The cache class was removed. Please use local caching and the functions searchLDAP... instead of get_cache().
+3.3.0 -> 3.4.0
Module interface:
+
+ - save_attributes(): can now contain a return value 'info' => array() with values for pre/postModify actions
+ - checkSelfServiceOptions(): can now contain a return value 'info' => array() with values for pre/postModify actions
+
+
+3.2.0 -> 3.3.0
+The cache class was removed. Please use local caching and the functions searchLDAP... instead of get_cache().
The return values for baseModule::pre/postDeleteActions() were changed to an array of StatusMessage parameters.
CSS class TYPElist-sort removed without replacement.
diff --git a/lam/docs/manual-sources/howto.xml b/lam/docs/manual-sources/howto.xml
index 55602855..9be87dcf 100644
--- a/lam/docs/manual-sources/howto.xml
+++ b/lam/docs/manual-sources/howto.xml
@@ -2592,6 +2592,44 @@ Have fun!
the attribute "uid" and value "steve" then LAM will resolve "$uid$" to
"steve".
+ You can switch LAM's logging to debug mode if you are unsure which
+ attributes with which values are available.
+
+ The following special wildcards are available:
+
+
+
+ $INFO.userPasswordClearText$:
+ cleartext password when Unix password is changed (e.g. useful for
+ external password synchronisation) for new/modified accounts
+
+
+
+ $INFO.userPasswordStatusChange$: provides
+ additional information if the password locking status was changed,
+ possible values: locked, unlocked, unchanged
+
+
+
+ $NEW.<attribute>$: the
+ value of a new attribute (e.g. $NEW.telephoneNumber$) for modified
+ accounts
+
+
+
+ $DEL.<attribute>$: the
+ value of a deleted attribute (e.g. $DEL.telephoneNumber$) for
+ modified accounts
+
+
+
+ $MOD.<attribute>$: the
+ new value of a modified attribute (e.g. $MOD.telephoneNumber$) for
+ modified accounts
+
+
+
Output may contain HTML: If your
scripts generate HTML output then activate this option.
diff --git a/lam/lib/baseModule.inc b/lam/lib/baseModule.inc
index 498012ad..5fadef9a 100644
--- a/lam/lib/baseModule.inc
+++ b/lam/lib/baseModule.inc
@@ -1019,6 +1019,7 @@ abstract class baseModule {
*
"remove" are attributes which have to be removed from the LDAP entry
*
"modify" are attributes which have to be modified in the LDAP entry
*
"notchanged" are attributes which stay unchanged
+ *
"info" values with informational value (e.g. to be used later by pre/postModify actions)
*
*
This builds the required comands from $this-attributes and $this->orig.
*
@@ -1240,15 +1241,21 @@ abstract class baseModule {
/**
* Checks if all input values are correct and returns the LDAP attributes which should be changed.
+ *
Return values:
+ *
messages: array of parameters to create status messages
+ *
add: array of attributes to add
+ *
del: array of attributes to remove
+ *
mod: array of attributes to modify
+ *
info: array of values with informational value (e.g. to be used later by pre/postModify actions)
*
* Calling this method does not require the existence of an enclosing {@link accountContainer}.
*
* @param string $fields input fields
* @param array $attributes LDAP attributes
- * @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array()))
+ * @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array()))
*/
public function checkSelfServiceOptions($fields, $attributes) {
- $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array());
+ $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
return $return;
}
diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc
index 4e52b951..56d13461 100644
--- a/lam/lib/modules.inc
+++ b/lam/lib/modules.inc
@@ -1623,6 +1623,7 @@ class accountContainer {
* @return array an array which can be passed to $this->saveAccount()
*/
function save_module_attributes($attributes, $orig) {
+ $return = array();
$toadd = array();
$tomodify = array();
$torem = array();
@@ -1924,22 +1925,39 @@ class accountContainer {
$this->finalDN = $this->dn_orig;
}
// pre modify actions
- $currentAccountAttributes = array();
+ $prePostModifyAttributes = array();
if (isset($attributes[$this->finalDN]) && is_array($attributes[$this->finalDN])) {
if (isset($attributes[$this->finalDN]['notchanged'])) {
- $currentAccountAttributes = array_merge($currentAccountAttributes, $attributes[$this->finalDN]['notchanged']);
+ $prePostModifyAttributes = array_merge($prePostModifyAttributes, $attributes[$this->finalDN]['notchanged']);
}
if (isset($attributes[$this->finalDN]['modify'])) {
- $currentAccountAttributes = array_merge($currentAccountAttributes, $attributes[$this->finalDN]['modify']);
+ $prePostModifyAttributes = array_merge($prePostModifyAttributes, $attributes[$this->finalDN]['modify']);
+ foreach ($attributes[$this->finalDN]['modify'] as $key => $value) {
+ $prePostModifyAttributes['MOD.' . $key] = $value;
+ }
}
if (isset($attributes[$this->finalDN]['add'])) {
- $currentAccountAttributes = array_merge($currentAccountAttributes, $attributes[$this->finalDN]['add']);
+ $prePostModifyAttributes = array_merge($prePostModifyAttributes, $attributes[$this->finalDN]['add']);
+ foreach ($attributes[$this->finalDN]['add'] as $key => $value) {
+ $prePostModifyAttributes['NEW.' . $key] = $value;
+ }
+ }
+ if (isset($attributes[$this->finalDN]['remove'])) {
+ foreach ($attributes[$this->finalDN]['remove'] as $key => $value) {
+ $prePostModifyAttributes['DEL.' . $key] = $value;
+ }
+ }
+ if (isset($attributes[$this->finalDN]['info'])) {
+ foreach ($attributes[$this->finalDN]['info'] as $key => $value) {
+ $prePostModifyAttributes['INFO.' . $key] = $value;
+ }
}
}
- $currentAccountAttributes['dn'][0] = $this->finalDN;
+ $prePostModifyAttributes['dn'][0] = $this->finalDN;
+ logNewMessage(LOG_DEBUG, 'Edit page pre/postModify attributes: ' . print_r($prePostModifyAttributes, true));
$preModifyOk = true;
foreach ($module as $singlemodule) {
- $result = $this->module[$singlemodule]->preModifyActions($this->isNewAccount, $currentAccountAttributes);
+ $result = $this->module[$singlemodule]->preModifyActions($this->isNewAccount, $prePostModifyAttributes);
if (!$result) {
$preModifyOk = false;
break;
@@ -2035,7 +2053,7 @@ class accountContainer {
if (!$stopprocessing) {
// post modify actions
foreach ($module as $singlemodule) {
- $this->module[$singlemodule]->postModifyActions($this->isNewAccount, $currentAccountAttributes);
+ $this->module[$singlemodule]->postModifyActions($this->isNewAccount, $prePostModifyAttributes);
}
}
return $errors;
diff --git a/lam/lib/modules/account.inc b/lam/lib/modules/account.inc
index 206fd90a..0d5ef429 100644
--- a/lam/lib/modules/account.inc
+++ b/lam/lib/modules/account.inc
@@ -157,6 +157,7 @@ class account extends baseModule {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
// skip saving if account is based on another structural object class
diff --git a/lam/lib/modules/asteriskAccount.inc b/lam/lib/modules/asteriskAccount.inc
index b5e53f46..a06cad8b 100644
--- a/lam/lib/modules/asteriskAccount.inc
+++ b/lam/lib/modules/asteriskAccount.inc
@@ -313,6 +313,7 @@ class asteriskAccount extends baseModule implements passwordService {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
if (!in_array('AsteriskSIPUser', $this->attributes['objectClass'])) {
@@ -458,14 +459,22 @@ class asteriskAccount extends baseModule implements passwordService {
}
/**
- * Checks if all input values are correct and returns the LDAP commands which should be executed.
+ * Checks if all input values are correct and returns the LDAP attributes which should be changed.
+ *
Return values:
+ *
messages: array of parameters to create status messages
+ *
add: array of attributes to add
+ *
del: array of attributes to remove
+ *
mod: array of attributes to modify
+ *
info: array of values with informational value (e.g. to be used later by pre/postModify actions)
+ *
+ * Calling this method does not require the existence of an enclosing {@link accountContainer}.
*
* @param string $fields input fields
* @param array $attributes LDAP attributes
- * @return array messages and LDAP commands (array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array()))
+ * @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array()))
*/
function checkSelfServiceOptions($fields, $attributes) {
- $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array());
+ $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
if (!in_array_ignore_case('AsteriskSIPUser', $attributes['objectClass'])) {
return $return;
}
diff --git a/lam/lib/modules/asteriskVoicemail.inc b/lam/lib/modules/asteriskVoicemail.inc
index c93b3397..f2b78203 100644
--- a/lam/lib/modules/asteriskVoicemail.inc
+++ b/lam/lib/modules/asteriskVoicemail.inc
@@ -3,8 +3,8 @@
$Id$
This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam)
- Copyright (C) 2010 Pavel Pozdnyak
- 2010 Roland Gruber
+ Copyright (C) 2010 Pavel Pozdnyak
+ 2010 - 2011 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -523,6 +523,7 @@ class asteriskVoicemail extends baseModule implements passwordService {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
if (!in_array('AsteriskVoiceMail', $this->attributes['objectClass']) && !in_array('AsteriskVoiceMail', $this->orig['objectClass'])) {
@@ -564,14 +565,22 @@ class asteriskVoicemail extends baseModule implements passwordService {
}
/**
- * Checks if all input values are correct and returns the LDAP commands which should be executed.
+ * Checks if all input values are correct and returns the LDAP attributes which should be changed.
+ *
Return values:
+ *
messages: array of parameters to create status messages
+ *
add: array of attributes to add
+ *
del: array of attributes to remove
+ *
mod: array of attributes to modify
+ *
info: array of values with informational value (e.g. to be used later by pre/postModify actions)
+ *
+ * Calling this method does not require the existence of an enclosing {@link accountContainer}.
*
* @param string $fields input fields
* @param array $attributes LDAP attributes
- * @return array messages and LDAP commands (array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array()))
+ * @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array()))
*/
function checkSelfServiceOptions($fields, $attributes) {
- $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array());
+ $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
if (!in_array_ignore_case('AsteriskVoiceMail', $attributes['objectClass'])) {
return $return;
}
diff --git a/lam/lib/modules/dhcp_settings.inc b/lam/lib/modules/dhcp_settings.inc
index 106293d6..a477d1b1 100644
--- a/lam/lib/modules/dhcp_settings.inc
+++ b/lam/lib/modules/dhcp_settings.inc
@@ -294,13 +294,17 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
$this->messages['domainname'][5] = array('ERROR', _('Account %s:') . ' dhcp_settings_domainName', _('The domain name includes invalid characters. Valid characters are A-Z, a-z, 0-9, ".", "_","-".'));
}
- /** This function returns an array with 4 entries:
- * array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr), 'lamdaemon' => array(cmds)), DN2 .... )
- * DN is the DN to change. It may be possible to change several DNs,
- * e.g. create a new user and add him to some groups via attribute memberUid
- * add are attributes which have to be added to ldap entry
- * remove are attributes which have to be removed from ldap entry
- * lamdaemon are lamdaemon commands to modify homedir, quotas, ...
+ /**
+ * Returns a list of modifications which have to be made to the LDAP account.
+ *
+ * @return array list of modifications
+ *
This function returns an array with 3 entries:
+ *
array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
+ *
DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
+ *
"add" are attributes which have to be added to LDAP entry
+ *
"remove" are attributes which have to be removed from LDAP entry
+ *
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
public function save_attributes() {
// remove dhcpSubnet object class if only the DHCP settings were changed
diff --git a/lam/lib/modules/fixed_ip.inc b/lam/lib/modules/fixed_ip.inc
index e050c2ef..7a02694f 100644
--- a/lam/lib/modules/fixed_ip.inc
+++ b/lam/lib/modules/fixed_ip.inc
@@ -418,14 +418,17 @@ class fixed_ip extends baseModule {
}
/**
- * This function returns an array with 4 entries:
- * array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr), 'lamdaemon' => array(cmds)), DN2 .... )
- * DN is the DN to change. It may be possible to change several DNs,
- * e.g. create a new user and add him to some groups via attribute memberUid
- * add are attributes which have to be added to ldap entry
- * remove are attributes which have to be removed from ldap entry
- * lamdaemon are lamdaemon commands to modify homedir, quotas, ...
- */
+ * Returns a list of modifications which have to be made to the LDAP account.
+ *
+ * @return array list of modifications
+ *
This function returns an array with 3 entries:
+ *
array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
+ *
DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
+ *
"add" are attributes which have to be added to LDAP entry
+ *
"remove" are attributes which have to be removed from LDAP entry
+ *
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
+ */
public function save_attributes() {
}
diff --git a/lam/lib/modules/hostObject.inc b/lam/lib/modules/hostObject.inc
index 7d84999c..0f5012a1 100644
--- a/lam/lib/modules/hostObject.inc
+++ b/lam/lib/modules/hostObject.inc
@@ -114,6 +114,7 @@ class hostObject extends baseModule {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
if (!in_array('hostObject', $this->attributes['objectClass']) && !in_array('hostObject', $this->orig['objectClass'])) {
diff --git a/lam/lib/modules/inetOrgPerson.inc b/lam/lib/modules/inetOrgPerson.inc
index 9b6a6aed..238ac48b 100644
--- a/lam/lib/modules/inetOrgPerson.inc
+++ b/lam/lib/modules/inetOrgPerson.inc
@@ -697,6 +697,7 @@ class inetOrgPerson extends baseModule implements passwordService {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
// skip saving if account is based on another structural object class
@@ -1662,14 +1663,22 @@ class inetOrgPerson extends baseModule implements passwordService {
}
/**
- * Checks if all input values are correct and returns the LDAP commands which should be executed.
+ * Checks if all input values are correct and returns the LDAP attributes which should be changed.
+ *
Return values:
+ *
messages: array of parameters to create status messages
+ *
add: array of attributes to add
+ *
del: array of attributes to remove
+ *
mod: array of attributes to modify
+ *
info: array of values with informational value (e.g. to be used later by pre/postModify actions)
+ *
+ * Calling this method does not require the existence of an enclosing {@link accountContainer}.
*
* @param string $fields input fields
* @param array $attributes LDAP attributes
- * @return array messages and LDAP commands (array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array()))
+ * @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array()))
*/
function checkSelfServiceOptions($fields, $attributes) {
- $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array());
+ $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
$attributeNames = array(); // list of attributes which should be checked for modification
$attributesNew = $attributes;
// first name
diff --git a/lam/lib/modules/kolabUser.inc b/lam/lib/modules/kolabUser.inc
index c878476e..1d0f7f32 100644
--- a/lam/lib/modules/kolabUser.inc
+++ b/lam/lib/modules/kolabUser.inc
@@ -606,6 +606,7 @@ class kolabUser extends baseModule {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
if (!in_array('kolabInetOrgPerson', $this->attributes['objectClass']) && !in_array('kolabInetOrgPerson', $this->orig['objectClass'])) {
@@ -909,14 +910,22 @@ class kolabUser extends baseModule {
}
/**
- * Checks if all input values are correct and returns the LDAP commands which should be executed.
+ * Checks if all input values are correct and returns the LDAP attributes which should be changed.
+ *
Return values:
+ *
messages: array of parameters to create status messages
+ *
add: array of attributes to add
+ *
del: array of attributes to remove
+ *
mod: array of attributes to modify
+ *
info: array of values with informational value (e.g. to be used later by pre/postModify actions)
+ *
+ * Calling this method does not require the existence of an enclosing {@link accountContainer}.
*
* @param string $fields input fields
* @param array $attributes LDAP attributes
- * @return array messages and LDAP commands (array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array()))
+ * @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array()))
*/
function checkSelfServiceOptions($fields, $attributes) {
- $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array());
+ $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
if (!in_array_ignore_case('kolabInetOrgPerson', $attributes['objectClass'])) {
return $return;
}
diff --git a/lam/lib/modules/nisMailAlias.inc b/lam/lib/modules/nisMailAlias.inc
index 271cd4f9..d7f79593 100644
--- a/lam/lib/modules/nisMailAlias.inc
+++ b/lam/lib/modules/nisMailAlias.inc
@@ -119,6 +119,7 @@ class nisMailAlias extends baseModule {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
// skip saving if account is based on another structural object class
diff --git a/lam/lib/modules/nisnetgroup.inc b/lam/lib/modules/nisnetgroup.inc
index ff8aeb41..d3b665b0 100644
--- a/lam/lib/modules/nisnetgroup.inc
+++ b/lam/lib/modules/nisnetgroup.inc
@@ -154,6 +154,7 @@ class nisnetgroup extends baseModule {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
diff --git a/lam/lib/modules/phpGroupwareGroup.inc b/lam/lib/modules/phpGroupwareGroup.inc
index 6a735dd6..61a5311b 100644
--- a/lam/lib/modules/phpGroupwareGroup.inc
+++ b/lam/lib/modules/phpGroupwareGroup.inc
@@ -133,6 +133,7 @@ class phpGroupwareGroup extends baseModule {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
public function save_attributes() {
if (!in_array('phpgwGroup', $this->attributes['objectClass'])) {
diff --git a/lam/lib/modules/phpGroupwareUser.inc b/lam/lib/modules/phpGroupwareUser.inc
index 9e36456d..9a21b0c2 100644
--- a/lam/lib/modules/phpGroupwareUser.inc
+++ b/lam/lib/modules/phpGroupwareUser.inc
@@ -309,6 +309,7 @@ class phpGroupwareUser extends baseModule implements passwordService {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
if (!in_array('phpgwAccount', $this->attributes['objectClass'])) {
diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc
index ccd03814..65bfed01 100644
--- a/lam/lib/modules/posixAccount.inc
+++ b/lam/lib/modules/posixAccount.inc
@@ -474,9 +474,24 @@ class posixAccount extends baseModule implements passwordService {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
+ // add information about clear text password and password status change
+ $return[$this->getAccountContainer()->dn]['info']['userPasswordClearText'][0] = $this->clearTextPassword;
+ if (isset($this->orig['userPassword'][0]) && isset($this->attributes['userPassword'][0])) {
+ if ((pwd_is_enabled($this->orig['userPassword'][0]) && pwd_is_enabled($this->attributes['userPassword'][0]))
+ || (!pwd_is_enabled($this->orig['userPassword'][0]) && !pwd_is_enabled($this->attributes['userPassword'][0]))) {
+ $return[$this->getAccountContainer()->dn]['info']['userPasswordStatusChange'][0] = 'unchanged';
+ }
+ elseif (pwd_is_enabled($this->orig['userPassword'][0])) {
+ $return[$this->getAccountContainer()->dn]['info']['userPasswordStatusChange'][0] = 'locked';
+ }
+ else {
+ $return[$this->getAccountContainer()->dn]['info']['userPasswordStatusChange'][0] = 'unlocked';
+ }
+ }
// Remove primary group from additional groups
if (!isset($this->moduleSettings['posixAccount_primaryGroupAsSecondary'][0])
|| ($this->moduleSettings['posixAccount_primaryGroupAsSecondary'][0] != 'true')) {
@@ -1694,14 +1709,22 @@ class posixAccount extends baseModule implements passwordService {
}
/**
- * Checks if all input values are correct and returns the LDAP commands which should be executed.
+ * Checks if all input values are correct and returns the LDAP attributes which should be changed.
+ *
Return values:
+ *
messages: array of parameters to create status messages
+ *
add: array of attributes to add
+ *
del: array of attributes to remove
+ *
mod: array of attributes to modify
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
+ *
+ * Calling this method does not require the existence of an enclosing {@link accountContainer}.
*
* @param string $fields input fields
* @param array $attributes LDAP attributes
- * @return array messages and LDAP commands (array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array()))
+ * @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array()))
*/
function checkSelfServiceOptions($fields, $attributes) {
- $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array());
+ $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
if (in_array('password', $fields)) {
if (isset($_POST['posixAccount_password']) && ($_POST['posixAccount_password'] != '')) {
if ($_POST['posixAccount_password'] != $_POST['posixAccount_password2']) {
@@ -1715,6 +1738,7 @@ class posixAccount extends baseModule implements passwordService {
$pwdPolicyResult = checkPasswordStrength($_POST['posixAccount_password']);
if ($pwdPolicyResult === true) {
$return['mod']['userPassword'][0] = pwd_hash($_POST['posixAccount_password'], true, $this->selfServiceSettings->moduleSettings['posixAccount_pwdHash'][0]);
+ $return['info']['userPasswordClearText'][0] = $_POST['posixAccount_password'];
if (isset($attributes['shadowLastChange'][0])) {
$return['mod']['shadowLastChange'][0] = intval(time()/3600/24);
}
diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc
index f8a35ed0..260e5c7e 100644
--- a/lam/lib/modules/posixGroup.inc
+++ b/lam/lib/modules/posixGroup.inc
@@ -680,6 +680,7 @@ class posixGroup extends baseModule implements passwordService {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
// skip saving if account is based on another structural object class
diff --git a/lam/lib/modules/range.inc b/lam/lib/modules/range.inc
index 711a8b57..bd09dfa9 100644
--- a/lam/lib/modules/range.inc
+++ b/lam/lib/modules/range.inc
@@ -451,14 +451,17 @@ class range extends baseModule {
}
/**
- * This function returns an array with 4 entries:
- * array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr), 'lamdaemon' => array(cmds)), DN2 .... )
- * DN is the DN to change. It may be possible to change several DNs,
- * e.g. create a new user and add him to some groups via attribute memberUid
- * add are attributes which have to be added to ldap entry
- * remove are attributes which have to be removed from ldap entry
- * lamdaemon are lamdaemon commands to modify homedir, quotas, ...
- */
+ * Returns a list of modifications which have to be made to the LDAP account.
+ *
+ * @return array list of modifications
+ *
This function returns an array with 3 entries:
+ *
array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
+ *
DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
+ *
"add" are attributes which have to be added to LDAP entry
+ *
"remove" are attributes which have to be removed from LDAP entry
+ *
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
+ */
public function save_attributes() {
$return = array();
// Get easy attributes
diff --git a/lam/lib/modules/sambaGroupMapping.inc b/lam/lib/modules/sambaGroupMapping.inc
index b0a5a79a..bf40ec71 100644
--- a/lam/lib/modules/sambaGroupMapping.inc
+++ b/lam/lib/modules/sambaGroupMapping.inc
@@ -538,6 +538,7 @@ class sambaGroupMapping extends baseModule {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
if (!in_array('sambaGroupMapping', $this->attributes['objectClass'])) {
diff --git a/lam/lib/modules/sambaSamAccount.inc b/lam/lib/modules/sambaSamAccount.inc
index c437b339..9efe56de 100644
--- a/lam/lib/modules/sambaSamAccount.inc
+++ b/lam/lib/modules/sambaSamAccount.inc
@@ -659,6 +659,7 @@ class sambaSamAccount extends baseModule implements passwordService {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
if (!in_array('sambaSamAccount', $this->attributes['objectClass']) && !in_array('sambaSamAccount', $this->orig['objectClass'])) {
@@ -2051,14 +2052,22 @@ class sambaSamAccount extends baseModule implements passwordService {
}
/**
- * Checks if all input values are correct and returns the LDAP commands which should be executed.
+ * Checks if all input values are correct and returns the LDAP attributes which should be changed.
+ *
Return values:
+ *
messages: array of parameters to create status messages
+ *
add: array of attributes to add
+ *
del: array of attributes to remove
+ *
mod: array of attributes to modify
+ *
info: array of values with informational value (e.g. to be used later by pre/postModify actions)
+ *
+ * Calling this method does not require the existence of an enclosing {@link accountContainer}.
*
* @param string $fields input fields
* @param array $attributes LDAP attributes
- * @return array messages and LDAP commands (array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array()))
+ * @return array messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array()))
*/
function checkSelfServiceOptions($fields, $attributes) {
- $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array());
+ $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
if (!in_array_ignore_case('sambaSamAccount', $attributes['objectClass'])) {
return $return;
}
diff --git a/lam/lib/modules/shadowAccount.inc b/lam/lib/modules/shadowAccount.inc
index e2b83982..00340338 100644
--- a/lam/lib/modules/shadowAccount.inc
+++ b/lam/lib/modules/shadowAccount.inc
@@ -239,6 +239,7 @@ class shadowAccount extends baseModule implements passwordService {
*
"add" are attributes which have to be added to LDAP entry
*
"remove" are attributes which have to be removed from LDAP entry
*
"modify" are attributes which have to been modified in LDAP entry
+ *
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
*/
function save_attributes() {
if (!in_array('shadowAccount', $this->attributes['objectClass']) && !in_array('shadowAccount', $this->orig['objectClass'])) {
diff --git a/lam/lib/selfService.inc b/lam/lib/selfService.inc
index b292352e..89c20134 100644
--- a/lam/lib/selfService.inc
+++ b/lam/lib/selfService.inc
@@ -114,7 +114,7 @@ function getSelfServiceOptions($scope, $fields, $attributes) {
* @return array messages and LDAP commands (array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array()))
*/
function checkSelfServiceOptions($scope, $fields, $attributes) {
- $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array());
+ $return = array('messages' => array(), 'add' => array(), 'del' => array(), 'mod' => array(), 'info' => array());
$modules = getAvailableModules($scope);
for ($i = 0; $i < sizeof($modules); $i++) {
if (!isset($fields[$modules[$i]])) continue;
@@ -124,6 +124,7 @@ function checkSelfServiceOptions($scope, $fields, $attributes) {
if (sizeof($result['add']) > 0) $return['add'] = array_merge($result['add'], $return['add']);
if (sizeof($result['del']) > 0) $return['del'] = array_merge($result['del'], $return['del']);
if (sizeof($result['mod']) > 0) $return['mod'] = array_merge($result['mod'], $return['mod']);
+ if (sizeof($result['info']) > 0) $return['info'] = array_merge($result['info'], $return['info']);
}
return $return;
}
diff --git a/lam/templates/delete.php b/lam/templates/delete.php
index e9273204..a1e5be11 100644
--- a/lam/templates/delete.php
+++ b/lam/templates/delete.php
@@ -4,7 +4,7 @@
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Tilo Lutz
- Copyright (C) 2007 - 2010 Roland Gruber
+ Copyright (C) 2007 - 2011 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -218,7 +218,7 @@ if (isset($_POST['delete'])) {
$allOk = false;
}
}
- // removce attributes
+ // remove attributes
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) {
$success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']);
if (!$success) {