refactoring
This commit is contained in:
parent
34431b286d
commit
6d392e51ee
|
@ -1483,7 +1483,6 @@ function getCallingURL($baseUrl = '') {
|
||||||
elseif (!empty($_SERVER['HTTP_REFERER'])) {
|
elseif (!empty($_SERVER['HTTP_REFERER'])) {
|
||||||
$url = $_SERVER['HTTP_REFERER'];
|
$url = $_SERVER['HTTP_REFERER'];
|
||||||
}
|
}
|
||||||
logNewMessage(LOG_DEBUG, 'Calling URL detected as ' . $url);
|
|
||||||
return $url;
|
return $url;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -663,8 +663,7 @@ class asteriskExtension extends baseModule {
|
||||||
* @return String owner
|
* @return String owner
|
||||||
*/
|
*/
|
||||||
function getDefaultExtensionOwner(){
|
function getDefaultExtensionOwner(){
|
||||||
$credentials = $_SESSION['ldap']->decrypt_login();
|
return $_SESSION['ldap']->getUserName();
|
||||||
return $credentials[0];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||||
Copyright (C) 2010 - 2011 Pavel Pozdniak
|
Copyright (C) 2010 - 2011 Pavel Pozdniak
|
||||||
2010 - 2018 Roland Gruber
|
2010 - 2019 Roland Gruber
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
|
@ -248,7 +248,6 @@ class imapAccess extends baseModule {
|
||||||
$return->addElement(new htmlHelpLink('MailAddress'), true);
|
$return->addElement(new htmlHelpLink('MailAddress'), true);
|
||||||
$return->addElement(new htmlSpacer(null, '10px'), true);
|
$return->addElement(new htmlSpacer(null, '10px'), true);
|
||||||
|
|
||||||
$is_mailbox_exist = false; //default is false
|
|
||||||
$list = imap_list($mbox, "{" . $imap_server_address . "}", $prefix . $this->getSep() . $this->user);
|
$list = imap_list($mbox, "{" . $imap_server_address . "}", $prefix . $this->getSep() . $this->user);
|
||||||
if (is_array($list) && sizeof($list) == 1) {
|
if (is_array($list) && sizeof($list) == 1) {
|
||||||
$this->renderQuotasForMailbox($return, $mbox, $prefix . $this->getSep() . $this->user);
|
$this->renderQuotasForMailbox($return, $mbox, $prefix . $this->getSep() . $this->user);
|
||||||
|
@ -550,11 +549,10 @@ class imapAccess extends baseModule {
|
||||||
*/
|
*/
|
||||||
public function check_configOptions($typeIds, &$options) {
|
public function check_configOptions($typeIds, &$options) {
|
||||||
$errors = parent::check_configOptions($typeIds, $options);
|
$errors = parent::check_configOptions($typeIds, $options);
|
||||||
if ($options['ImapAccess_ImapAdminPasswordSelect'][0] == 'config') {
|
if (($options['ImapAccess_ImapAdminPasswordSelect'][0] == 'config')
|
||||||
if (empty($options['ImapAccess_ImapAdminPassword'][0])) {
|
&& empty($options['ImapAccess_ImapAdminPassword'][0])) {
|
||||||
$errors[] = $this->messages['config'][2];
|
$errors[] = $this->messages['config'][2];
|
||||||
}
|
}
|
||||||
}
|
|
||||||
return $errors;
|
return $errors;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -582,8 +580,7 @@ class imapAccess extends baseModule {
|
||||||
$attrNames = array_values(array_unique($attrNames));
|
$attrNames = array_values(array_unique($attrNames));
|
||||||
$attrNames = array_change_key_case($attrNames, CASE_LOWER);
|
$attrNames = array_change_key_case($attrNames, CASE_LOWER);
|
||||||
// read LAM login user data
|
// read LAM login user data
|
||||||
$data = $_SESSION['ldap']->decrypt_login();
|
$dn = $_SESSION['ldap']->getUserName();
|
||||||
$dn = $data[0];
|
|
||||||
$sr = @ldap_read($_SESSION['ldap']->server(), $dn, '(objectclass=*)', $attrNames, 0, 0, 0, LDAP_DEREF_NEVER);
|
$sr = @ldap_read($_SESSION['ldap']->server(), $dn, '(objectclass=*)', $attrNames, 0, 0, 0, LDAP_DEREF_NEVER);
|
||||||
if ($sr) {
|
if ($sr) {
|
||||||
$info = @ldap_get_entries($_SESSION['ldap']->server(), $sr);
|
$info = @ldap_get_entries($_SESSION['ldap']->server(), $sr);
|
||||||
|
@ -617,8 +614,7 @@ class imapAccess extends baseModule {
|
||||||
$imap_admin_password = lamDecrypt($_SESSION['imapAdmPass']);
|
$imap_admin_password = lamDecrypt($_SESSION['imapAdmPass']);
|
||||||
}
|
}
|
||||||
elseif (isset($this->moduleSettings['ImapAccess_ImapAdminPasswordSelect'][0]) && ($this->moduleSettings['ImapAccess_ImapAdminPasswordSelect'][0] == "lam_user_pass")) {
|
elseif (isset($this->moduleSettings['ImapAccess_ImapAdminPasswordSelect'][0]) && ($this->moduleSettings['ImapAccess_ImapAdminPasswordSelect'][0] == "lam_user_pass")) {
|
||||||
$credentials = $_SESSION['ldap']->decrypt_login();
|
$imap_admin_password = $_SESSION['ldap']->getPassword();
|
||||||
$imap_admin_password = $credentials[1];
|
|
||||||
}
|
}
|
||||||
elseif (!empty($this->moduleSettings['ImapAccess_ImapAdminPasswordSelect'][0]) && ($this->moduleSettings['ImapAccess_ImapAdminPasswordSelect'][0] == "config")
|
elseif (!empty($this->moduleSettings['ImapAccess_ImapAdminPasswordSelect'][0]) && ($this->moduleSettings['ImapAccess_ImapAdminPasswordSelect'][0] == "config")
|
||||||
&& !empty($this->moduleSettings['ImapAccess_ImapAdminPassword'][0])) {
|
&& !empty($this->moduleSettings['ImapAccess_ImapAdminPassword'][0])) {
|
||||||
|
@ -678,8 +674,7 @@ class imapAccess extends baseModule {
|
||||||
else {
|
else {
|
||||||
$validate_opt = "validate-cert";
|
$validate_opt = "validate-cert";
|
||||||
}
|
}
|
||||||
$imap_server_address = $imap_server_name . ":" . $imap_port_number . "/" . $imap_encryption_protocol . "/" . $validate_opt;
|
return $imap_server_name . ":" . $imap_port_number . "/" . $imap_encryption_protocol . "/" . $validate_opt;
|
||||||
return $imap_server_address;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -6,7 +6,7 @@ use LAM\PDF\PDFImage;
|
||||||
|
|
||||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||||
Copyright (C) 2003 - 2006 Tilo Lutz
|
Copyright (C) 2003 - 2006 Tilo Lutz
|
||||||
2005 - 2018 Roland Gruber
|
2005 - 2019 Roland Gruber
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
|
@ -928,19 +928,17 @@ class inetOrgPerson extends baseModule implements passwordService {
|
||||||
$dn = 'ou=addressbook,' . $accountContainer->finalDN;
|
$dn = 'ou=addressbook,' . $accountContainer->finalDN;
|
||||||
$result = ldapGetDN($dn);
|
$result = ldapGetDN($dn);
|
||||||
if (empty($result)) {
|
if (empty($result)) {
|
||||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
|
||||||
$ldapUser = $ldapUser[0];
|
|
||||||
$attrs = array(
|
$attrs = array(
|
||||||
'objectClass' => array('organizationalUnit'),
|
'objectClass' => array('organizationalUnit'),
|
||||||
'ou' => 'addressbook'
|
'ou' => 'addressbook'
|
||||||
);
|
);
|
||||||
$success = @ldap_add($_SESSION['ldap']->server(), $dn, $attrs);
|
$success = @ldap_add($_SESSION['ldap']->server(), $dn, $attrs);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add addressbook for user ' . $accountContainer->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to add addressbook for user ' . $accountContainer->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_("Was unable to create DN: %s."), htmlspecialchars($dn)), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_("Was unable to create DN: %s."), htmlspecialchars($dn)), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added addressbook for user ' . $accountContainer->finalDN);
|
logNewMessage(LOG_NOTICE, 'Added addressbook for user ' . $accountContainer->finalDN);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,9 @@
|
||||||
<?php
|
<?php
|
||||||
use \LAM\TYPES\TypeManager;
|
use \LAM\TYPES\TypeManager;
|
||||||
/*
|
/*
|
||||||
$Id$
|
|
||||||
|
|
||||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||||
Copyright (C) 2014 - 2017 Roland Gruber
|
Copyright (C) 2014 - 2019 Roland Gruber
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
|
@ -175,7 +174,6 @@ class nisMailAliasUser extends baseModule {
|
||||||
$label->colspan = 5;
|
$label->colspan = 5;
|
||||||
$mailTable->addElement($label, true);
|
$mailTable->addElement($label, true);
|
||||||
}
|
}
|
||||||
$found = false;
|
|
||||||
for ($i = 0; $i < $count; $i++) {
|
for ($i = 0; $i < $count; $i++) {
|
||||||
if (empty($aliases[$i]['rfc822mailmember'])) {
|
if (empty($aliases[$i]['rfc822mailmember'])) {
|
||||||
continue;
|
continue;
|
||||||
|
@ -185,7 +183,6 @@ class nisMailAliasUser extends baseModule {
|
||||||
if (in_array($mails[$m], $members)
|
if (in_array($mails[$m], $members)
|
||||||
&& (!isset($this->recipientsToDelete[$dn]) || !in_array($mails[$m], $this->recipientsToDelete[$dn]))
|
&& (!isset($this->recipientsToDelete[$dn]) || !in_array($mails[$m], $this->recipientsToDelete[$dn]))
|
||||||
&& !in_array($dn, $this->aliasesToDelete)) {
|
&& !in_array($dn, $this->aliasesToDelete)) {
|
||||||
$found = true;
|
|
||||||
$mailTable->addSpace('5px');
|
$mailTable->addSpace('5px');
|
||||||
$mailTable->addElement(new htmlOutputText($aliases[$i]['cn'][0]));
|
$mailTable->addElement(new htmlOutputText($aliases[$i]['cn'][0]));
|
||||||
$buttonGroup = new htmlGroup();
|
$buttonGroup = new htmlGroup();
|
||||||
|
@ -334,7 +331,6 @@ class nisMailAliasUser extends baseModule {
|
||||||
function display_html_add() {
|
function display_html_add() {
|
||||||
$return = new htmlTable();
|
$return = new htmlTable();
|
||||||
$aliases = $this->getMailAliasList();
|
$aliases = $this->getMailAliasList();
|
||||||
$count = sizeof($aliases);
|
|
||||||
$userName = $this->getUserName();
|
$userName = $this->getUserName();
|
||||||
$mails = $this->getMailAddresses();
|
$mails = $this->getMailAddresses();
|
||||||
$recipient = null;
|
$recipient = null;
|
||||||
|
@ -411,7 +407,6 @@ class nisMailAliasUser extends baseModule {
|
||||||
*/
|
*/
|
||||||
function process_add() {
|
function process_add() {
|
||||||
$errors = array();
|
$errors = array();
|
||||||
$mails = $this->getMailAddresses();
|
|
||||||
// create new alias entry
|
// create new alias entry
|
||||||
if (isset($_POST['form_subpage_' . get_class($this) . '_attributes_create'])) {
|
if (isset($_POST['form_subpage_' . get_class($this) . '_attributes_create'])) {
|
||||||
if (empty($_POST['new_cn']) || !get_preg($_POST['new_cn'], 'nis_alias')) {
|
if (empty($_POST['new_cn']) || !get_preg($_POST['new_cn'], 'nis_alias')) {
|
||||||
|
@ -421,7 +416,7 @@ class nisMailAliasUser extends baseModule {
|
||||||
// build new alias entry
|
// build new alias entry
|
||||||
$newDN = 'cn=' . $_POST['new_cn'] . ',' . $_POST['new_ou'];
|
$newDN = 'cn=' . $_POST['new_cn'] . ',' . $_POST['new_ou'];
|
||||||
$found = false;
|
$found = false;
|
||||||
foreach ($this->cachedAliasList as $key => $attrs) {
|
foreach ($this->cachedAliasList as $attrs) {
|
||||||
if ($attrs['dn'] == $newDN) {
|
if ($attrs['dn'] == $newDN) {
|
||||||
$found = true;
|
$found = true;
|
||||||
break;
|
break;
|
||||||
|
@ -471,28 +466,26 @@ class nisMailAliasUser extends baseModule {
|
||||||
*/
|
*/
|
||||||
public function postModifyActions($newAccount, $attributes) {
|
public function postModifyActions($newAccount, $attributes) {
|
||||||
$errors = array();
|
$errors = array();
|
||||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
|
||||||
$ldapUser = $ldapUser[0];
|
|
||||||
// delete complete aliases
|
// delete complete aliases
|
||||||
foreach ($this->aliasesToDelete as $dn) {
|
foreach ($this->aliasesToDelete as $dn) {
|
||||||
$success = @ldap_delete($_SESSION['ldap']->server(), $dn);
|
$success = @ldap_delete($_SESSION['ldap']->server(), $dn);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to delete ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$errors[] = array('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed ' . $dn);
|
logNewMessage(LOG_NOTICE, 'Removed ' . $dn);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// delete recipient entries
|
// delete recipient entries
|
||||||
foreach ($this->recipientsToDelete as $dn => $recipients) {
|
foreach ($this->recipientsToDelete as $dn => $recipients) {
|
||||||
$success = @ldap_mod_del($_SESSION['ldap']->server(), $dn, array('rfc822mailmember' => $recipients));
|
$success = @ldap_mod_del($_SESSION['ldap']->server(), $dn, array('rfc822mailmember' => $recipients));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to remove recipients ' . implode(', ', $recipients) . ' from ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to remove recipients ' . implode(', ', $recipients) . ' from ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$errors[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed recipients ' . implode(', ', $recipients) . ' from ' . $dn);
|
logNewMessage(LOG_NOTICE, 'Removed recipients ' . implode(', ', $recipients) . ' from ' . $dn);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// create new aliases
|
// create new aliases
|
||||||
|
@ -500,22 +493,22 @@ class nisMailAliasUser extends baseModule {
|
||||||
unset($attrs['dn']);
|
unset($attrs['dn']);
|
||||||
$success = @ldap_add($_SESSION['ldap']->server(), $dn, $attrs);
|
$success = @ldap_add($_SESSION['ldap']->server(), $dn, $attrs);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to create mail alias ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to create mail alias ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to create DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$errors[] = array('ERROR', sprintf(_('Was unable to create DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added mail alias with recipients ' . implode(', ', $attrs['rfc822mailmember']) . ' and DN ' . $dn);
|
logNewMessage(LOG_NOTICE, 'Added mail alias with recipients ' . implode(', ', $attrs['rfc822mailmember']) . ' and DN ' . $dn);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// add recipients
|
// add recipients
|
||||||
foreach ($this->recipientsToAdd as $dn => $recipients) {
|
foreach ($this->recipientsToAdd as $dn => $recipients) {
|
||||||
$success = @ldap_mod_add($_SESSION['ldap']->server(), $dn, array('rfc822mailmember' => $recipients));
|
$success = @ldap_mod_add($_SESSION['ldap']->server(), $dn, array('rfc822mailmember' => $recipients));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add recipients ' . implode(', ', $recipients) . ' to ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to add recipients ' . implode(', ', $recipients) . ' to ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$errors[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$errors[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added recipients ' . implode(', ', $recipients) . ' to ' . $dn);
|
logNewMessage(LOG_NOTICE, 'Added recipients ' . implode(', ', $recipients) . ' to ' . $dn);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $errors;
|
return $errors;
|
||||||
|
|
|
@ -6,7 +6,7 @@ use \LAM\TYPES\TypeManager;
|
||||||
/*
|
/*
|
||||||
|
|
||||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||||
Copyright (C) 2015 - 2018 Roland Gruber
|
Copyright (C) 2015 - 2019 Roland Gruber
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
|
@ -315,8 +315,6 @@ class nisNetGroupUser extends baseModule {
|
||||||
if (empty($uid)) {
|
if (empty($uid)) {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
|
||||||
$ldapUser = $ldapUser[0];
|
|
||||||
$messages = array();
|
$messages = array();
|
||||||
// calculate differences
|
// calculate differences
|
||||||
$toRem = $this->groupsOrig;
|
$toRem = $this->groupsOrig;
|
||||||
|
@ -370,7 +368,7 @@ class nisNetGroupUser extends baseModule {
|
||||||
);
|
);
|
||||||
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $dn, $attributes);
|
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $dn, $attributes);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to modify attributes of DN: ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -397,8 +395,6 @@ class nisNetGroupUser extends baseModule {
|
||||||
if (empty($uid)) {
|
if (empty($uid)) {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
|
||||||
$ldapUser = $ldapUser[0];
|
|
||||||
$return = array();
|
$return = array();
|
||||||
// remove from NIS netgroups
|
// remove from NIS netgroups
|
||||||
$changes = array();
|
$changes = array();
|
||||||
|
@ -419,7 +415,7 @@ class nisNetGroupUser extends baseModule {
|
||||||
);
|
);
|
||||||
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $dn, $attributes);
|
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $dn, $attributes);
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to modify attributes of DN: ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -601,7 +601,6 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
* <br>"info" are values with informational value (e.g. to be used later by pre/postModify actions)
|
* <br>"info" are values with informational value (e.g. to be used later by pre/postModify actions)
|
||||||
*/
|
*/
|
||||||
function save_attributes() {
|
function save_attributes() {
|
||||||
$typeId = $this->getAccountContainer()->get_type()->getId();
|
|
||||||
if (!$this->skipObjectClass() && (!in_array('posixAccount', $this->attributes['objectClass']) && !in_array('posixAccount', $this->orig['objectClass']))) {
|
if (!$this->skipObjectClass() && (!in_array('posixAccount', $this->attributes['objectClass']) && !in_array('posixAccount', $this->orig['objectClass']))) {
|
||||||
// skip saving if the extension was not added/modified
|
// skip saving if the extension was not added/modified
|
||||||
return array();
|
return array();
|
||||||
|
@ -656,7 +655,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$add = array_delete($this->groups_orig, $this->groups);
|
$add = array_delete($this->groups_orig, $this->groups);
|
||||||
$remove = array_delete($this->groups, $this->groups_orig);
|
$remove = array_delete($this->groups, $this->groups_orig);
|
||||||
$groupList = searchLDAPByAttribute('cn', '*', 'posixGroup', array('cn', 'dn'), array('group'));
|
$groupList = searchLDAPByAttribute('cn', '*', 'posixGroup', array('cn', 'dn'), array('group'));
|
||||||
$dn2cn = array();
|
$cn2dn = array();
|
||||||
for ($i = 0; $i < sizeof($groupList); $i++) {
|
for ($i = 0; $i < sizeof($groupList); $i++) {
|
||||||
$cn2dn[$groupList[$i]['cn'][0]] = $groupList[$i]['dn'];
|
$cn2dn[$groupList[$i]['cn'][0]] = $groupList[$i]['dn'];
|
||||||
}
|
}
|
||||||
|
@ -815,8 +814,6 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$gons = $this->findGroupOfNames();
|
$gons = $this->findGroupOfNames();
|
||||||
$toAdd = array_values(array_diff($this->gonList, $this->gonList_orig));
|
$toAdd = array_values(array_diff($this->gonList, $this->gonList_orig));
|
||||||
$toRem = array_values(array_diff($this->gonList_orig, $this->gonList));
|
$toRem = array_values(array_diff($this->gonList_orig, $this->gonList));
|
||||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
|
||||||
$ldapUser = $ldapUser[0];
|
|
||||||
// update groups if DN changed
|
// update groups if DN changed
|
||||||
if (isset($accountContainer->dn_orig) && ($accountContainer->dn_orig != $accountContainer->finalDN)) {
|
if (isset($accountContainer->dn_orig) && ($accountContainer->dn_orig != $accountContainer->finalDN)) {
|
||||||
// update owner/member/uniqueMember attributes
|
// update owner/member/uniqueMember attributes
|
||||||
|
@ -837,7 +834,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $ownerGroups[$i]['dn'], array($searchAttr => $newOwners));
|
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $ownerGroups[$i]['dn'], array($searchAttr => $newOwners));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
$ldapError = getDefaultLDAPErrorString($_SESSION['ldap']->server());
|
$ldapError = getDefaultLDAPErrorString($_SESSION['ldap']->server());
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $ownerGroups[$i]['dn'] . ' (' . $ldapError . ').');
|
logNewMessage(LOG_ERR, 'Unable to modify attributes of DN: ' . $ownerGroups[$i]['dn'] . ' (' . $ldapError . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $ownerGroups[$i]['dn']), $ldapError);
|
$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $ownerGroups[$i]['dn']), $ldapError);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -853,11 +850,11 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array($attrName => array($accountContainer->finalDN)));
|
$success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array($attrName => array($accountContainer->finalDN)));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $accountContainer->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to add user ' . $accountContainer->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $accountContainer->finalDN . ' to group: ' . $toAdd[$i]);
|
logNewMessage(LOG_NOTICE, 'Added user ' . $accountContainer->finalDN . ' to group: ' . $toAdd[$i]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -870,11 +867,11 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
}
|
}
|
||||||
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array($attrName => array($accountContainer->dn_orig)));
|
$success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array($attrName => array($accountContainer->dn_orig)));
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $accountContainer->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
logNewMessage(LOG_ERR, 'Unable to delete user ' . $accountContainer->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').');
|
||||||
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
$messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $accountContainer->finalDN . ' from group: ' . $toRem[$i]);
|
logNewMessage(LOG_NOTICE, 'Removed user ' . $accountContainer->finalDN . ' from group: ' . $toRem[$i]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -3557,6 +3554,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$types = $typeManager->getConfiguredTypesForScopes(array('gon', 'group'));
|
$types = $typeManager->getConfiguredTypesForScopes(array('gon', 'group'));
|
||||||
foreach ($types as $type) {
|
foreach ($types as $type) {
|
||||||
$typeFilter = get_ldap_filter($type->getId());
|
$typeFilter = get_ldap_filter($type->getId());
|
||||||
|
echo $type->getId() . $typeFilter;
|
||||||
$results = searchLDAP($type->getSuffix(), $typeFilter, array('cn', 'dn', 'objectClass'));
|
$results = searchLDAP($type->getSuffix(), $typeFilter, array('cn', 'dn', 'objectClass'));
|
||||||
for ($i = 0; $i < sizeof($results); $i++) {
|
for ($i = 0; $i < sizeof($results); $i++) {
|
||||||
if ((in_array_ignore_case('groupOfNames', $results[$i]['objectclass'])
|
if ((in_array_ignore_case('groupOfNames', $results[$i]['objectclass'])
|
||||||
|
|
|
@ -270,7 +270,7 @@ function logNewMessage($level, $message) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
// ok to log, build log message
|
// ok to log, build log message
|
||||||
$prefix = "LDAP Account Manager (" . session_id() . ' - ' . getClientIPForLogging() . ") - " . $possibleLevels[$level] . ": ";
|
$prefix = "LDAP Account Manager (" . session_id() . ' - ' . getClientIPForLogging() . ' - ' . getLamLdapUser() . ") - " . $possibleLevels[$level] . ": ";
|
||||||
$message = $prefix . $message;
|
$message = $prefix . $message;
|
||||||
// Syslog logging
|
// Syslog logging
|
||||||
if ($cfg->logDestination == 'SYSLOG') {
|
if ($cfg->logDestination == 'SYSLOG') {
|
||||||
|
@ -608,6 +608,21 @@ function getClientIPForLogging() {
|
||||||
return $ip;
|
return $ip;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the login dn of the current user.
|
||||||
|
*
|
||||||
|
* @return string user DN
|
||||||
|
*/
|
||||||
|
function getLamLdapUser() {
|
||||||
|
if (isset($_SESSION['ldap'])) {
|
||||||
|
return $_SESSION['ldap']->getUserName();
|
||||||
|
}
|
||||||
|
elseif (isset($_SESSION['selfService_clientDN'])) {
|
||||||
|
return lamDecrypt($_SESSION['selfService_clientDN'], 'SelfService');
|
||||||
|
}
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Adds a security token to the session to prevent CSRF attacks.
|
* Adds a security token to the session to prevent CSRF attacks.
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in New Issue