diff --git a/lam/docs/devel/upgrade.htm b/lam/docs/devel/upgrade.htm
index f867206a..199d5603 100644
--- a/lam/docs/devel/upgrade.htm
+++ b/lam/docs/devel/upgrade.htm
@@ -18,6 +18,8 @@
+
+
@@ -48,8 +50,17 @@ This is a list of API changes for all LAM releases.
5.5 -> 5.6
-Functions in lib/types.inc got namespace LAM/TYPES (e.g. getTypeAlias()).
-New API to access configured account types: LAM\TYPES\TypeManager.
+
+ -
+Functions in lib/types.inc got namespace LAM/TYPES (e.g. getTypeAlias()).
+ -
+New API to access configured account types: LAM\TYPES\TypeManager.
+ - class baseType: new function getSuffixFilter()
+ - moved getSuffixList() from baseType to ConfiguredType
+
+
+
+
5.4 -> 5.5
Functions Ldap::encrypt/decrypt in ldap.inc moved to lamEncrypt/lamDecrypt in security.inc.
diff --git a/lam/lib/baseType.inc b/lam/lib/baseType.inc
index ef208bf1..5833d189 100644
--- a/lam/lib/baseType.inc
+++ b/lam/lib/baseType.inc
@@ -3,7 +3,7 @@
$Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
- Copyright (C) 2005 - 2014 Roland Gruber
+ Copyright (C) 2005 - 2016 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -130,50 +130,12 @@ class baseType {
}
/**
- * Returns a list of LDAP suffixes for this type.
+ * Returns the LDAP filter to find the possible suffixes for this account type.
*
- * @return array sorted list of possible suffixes for this type.
+ * @return string LDAP filter
*/
- public function getSuffixList() {
- if (isset($_SESSION["config"])) {
- $suffix = $_SESSION["config"]->get_Suffix(get_class($this));
- $connection = $_SESSION["ldap"]->server();
- }
- else {
- $suffix = $_SESSION['selfServiceProfile']->LDAPSuffix;
- $connection = $_SESSION['ldapHandle'];
- }
- $ret = array();
- $filter = "(|(objectClass=organizationalunit)(objectClass=country)(objectClass=organization)(objectClass=krbRealmContainer)(objectClass=container))";
- $sr = @ldap_search($connection, escapeDN($suffix),$filter , array('dn', 'objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);
- if ($sr) {
- $units = ldap_get_entries($connection, $sr);
- cleanLDAPResult($units);
- // extract Dns
- $count = sizeof($units);
- for ($i = 0; $i < $count; $i++) {
- if (in_array('container', $units[$i]['objectclass'])) {
- // Active Directory fix, hide system containers
- if (preg_match('/.*cn=system,dc=.+/i', $units[$i]['dn']) || preg_match('/.*CN=program data,dc=.+/i', $units[$i]['dn'])) {
- continue;
- }
- }
- $ret[] = $units[$i]['dn'];
- }
- }
- // add root suffix if needed
- $found = false;
- for ($i = 0; $i < sizeof($ret); $i++) { // search suffix case-intensitive
- if (strtolower($suffix) == strtolower($ret[$i])) {
- $found = true;
- break;
- }
- }
- if (!$found) {
- $ret[] = $suffix;
- }
- usort($ret, 'compareDN');
- return $ret;
+ public function getSuffixFilter() {
+ return "(|(objectClass=organizationalunit)(objectClass=country)(objectClass=organization)(objectClass=krbRealmContainer)(objectClass=container))";
}
/**
diff --git a/lam/lib/lists.inc b/lam/lib/lists.inc
index 49b7750a..bfd687a9 100644
--- a/lam/lib/lists.inc
+++ b/lam/lib/lists.inc
@@ -962,7 +962,7 @@ class lamList {
call_user_func_array('StatusMessage', $lastError);
}
// generate list of possible suffixes
- $this->possibleSuffixes = $this->type->getBaseType()->getSuffixList();
+ $this->possibleSuffixes = $this->type->getSuffixList();
}
/**
diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc
index 1c956c0b..39de01e8 100644
--- a/lam/lib/modules.inc
+++ b/lam/lib/modules.inc
@@ -812,7 +812,7 @@ class accountContainer {
*/
function get_type() {
return $this->type;
- }
+ }
/**
* This function is called when the user clicks on any button on the account pages.
@@ -2146,8 +2146,7 @@ class accountContainer {
if ($this->cachedOUs != null) {
return $this->cachedOUs;
}
- $typeObj = $this->type->getBaseType();
- $this->cachedOUs = $typeObj->getSuffixList();
+ $this->cachedOUs = $this->type->getSuffixList();
return $this->cachedOUs;
}
diff --git a/lam/lib/modules/inetOrgPerson.inc b/lam/lib/modules/inetOrgPerson.inc
index 15df66e0..4bf5ef80 100644
--- a/lam/lib/modules/inetOrgPerson.inc
+++ b/lam/lib/modules/inetOrgPerson.inc
@@ -2809,7 +2809,13 @@ class inetOrgPerson extends baseModule implements passwordService {
}
else {
$userObj = new user();
- $ouList = $userObj->getSuffixList();
+ $filter = $userObj->getSuffixFilter();
+ $suffix = $_SESSION['selfServiceProfile']->LDAPSuffix;
+ $foundOus = searchLDAPPaged($_SESSION['ldapHandle'], $suffix, $filter, array('dn'), false, 0);
+ $ouList = array();
+ foreach ($foundOus as $foundOu) {
+ $ouList[] = $foundOu['dn'];
+ }
if (!empty($attributes['ou'][0]) && !in_array($attributes['ou'][0], $ouList)) {
$ouList[] = $attributes['ou'][0];
usort($ouList, 'compareDN');
diff --git a/lam/lib/modules/nisMailAliasUser.inc b/lam/lib/modules/nisMailAliasUser.inc
index 12931565..fad3ee73 100644
--- a/lam/lib/modules/nisMailAliasUser.inc
+++ b/lam/lib/modules/nisMailAliasUser.inc
@@ -36,7 +36,7 @@ class nisMailAliasUser extends baseModule {
/** alias cache */
private $cachedAliasList = null;
-
+
/** recipient entries to delete (list of arrays: dn => attributes) */
private $recipientsToDelete = array();
/** complete alias entries to delete */
@@ -45,10 +45,10 @@ class nisMailAliasUser extends baseModule {
private $aliasesToAdd = array();
/** alias entries to extend with new recipients (list of arrays: dn => recipients) */
private $recipientsToAdd = array();
-
+
/**
* Returns true if this module can manage accounts of the current type, otherwise false.
- *
+ *
* @return boolean true if module fits
*/
public function can_manage() {
@@ -59,7 +59,7 @@ class nisMailAliasUser extends baseModule {
* Returns meta data that is interpreted by parent class
*
* @return array array with meta data
- *
+ *
* @see baseModule::get_metaData()
*/
function get_metaData() {
@@ -122,7 +122,7 @@ class nisMailAliasUser extends baseModule {
/**
* Returns the HTML meta data for the main account page.
- *
+ *
* @return htmlElement HTML meta data
*/
function display_html_attributes() {
@@ -247,10 +247,10 @@ class nisMailAliasUser extends baseModule {
}
return $errors;
}
-
+
/**
* Removes a recipient from the given DN.
- *
+ *
* @param String $recipient recipient as user name or email
* @param String $dn alias DN
*/
@@ -300,7 +300,7 @@ class nisMailAliasUser extends baseModule {
/**
* Removes an alias with the given DN.
- *
+ *
* @param String $dn alias DN
*/
private function deleteAlias($dn) {
@@ -324,10 +324,10 @@ class nisMailAliasUser extends baseModule {
unset($this->recipientsToDelete[$dn]);
}
}
-
+
/**
* Returns the HTML meta data for the add page.
- *
+ *
* @return htmlElement HTML meta data
*/
function display_html_add() {
@@ -357,9 +357,18 @@ class nisMailAliasUser extends baseModule {
$return->addElement(new htmlHiddenInput('recipient', $recipient), true);
// new mail alias
$return->addElement(new htmlSubTitle(_('Create new alias')), true);
- $typeObj = new mailAlias();
- $ous = $typeObj->getSuffixList();
- $return->addElement(new htmlTableExtendedSelect('new_ou', $ous, array(), _('Suffix'), 'suffix'), true);
+ $typeManager = new \LAM\TYPES\TypeManager();
+ $mailAliasTypes = $typeManager->getConfiguredTypesForScope('mailAlias');
+ $ous = array();
+ foreach ($mailAliasTypes as $type) {
+ $ous = array_merge($ous, $type->getSuffixList());
+ }
+ $ous = array_unique($ous);
+ usort($ous, 'compareDN');
+ $suffixSelect = new htmlTableExtendedSelect('new_ou', $ous, array(), _('Suffix'), 'suffix');
+ $suffixSelect->setRightToLeftTextDirection(true);
+ $suffixSelect->setSortElements(false);
+ $return->addElement($suffixSelect, true);
$newAliasCn = empty($_POST['new_cn']) ? '' : $_POST['new_cn'];
$return->addElement(new htmlTableExtendedInputField(_('Alias name'), 'new_cn', $newAliasCn, 'newAlias'), true);
$return->addVerticalSpace('5px');
@@ -367,9 +376,9 @@ class nisMailAliasUser extends baseModule {
$addButton->setIconClass('createButton');
$addButton->colspan = 5;
$return->addElement($addButton, true);
-
+
$return->addVerticalSpace('20px');
-
+
// add to existing alias
$return->addElement(new htmlSubTitle(_('Add to existing alias')), true);
$aliasesToAdd = array();
@@ -388,7 +397,7 @@ class nisMailAliasUser extends baseModule {
$addButton->setIconClass('createButton');
$addButton->colspan = 5;
$return->addElement($addButton, true);
-
+
$return->addElement(new htmlEqualWidth(array('new_ou', 'new_cn', 'ex_cn')));
return $return;
}
@@ -446,13 +455,13 @@ class nisMailAliasUser extends baseModule {
}
}
}
-
+
return $errors;
}
-
+
/**
* Allows the module to run commands after the LDAP entry is changed or created.
- *
+ *
* Calling this method requires the existence of an enclosing {@link accountContainer}.
*
* @param boolean $newAccount new account
@@ -545,7 +554,7 @@ class nisMailAliasUser extends baseModule {
/**
* Returns a list of configuration options.
- *
+ *
* Calling this method does not require the existence of an enclosing {@link accountContainer}.
*
* The field names are used as keywords to load and save settings.
@@ -554,7 +563,7 @@ class nisMailAliasUser extends baseModule {
* @param array $scopes account types (user, group, host)
* @param array $allScopes list of all active account modules and their scopes (module => array(scopes))
* @return mixed htmlElement or array of htmlElement
- *
+ *
* @see baseModule::get_metaData()
* @see htmlElement
*/
@@ -584,10 +593,10 @@ class nisMailAliasUser extends baseModule {
$this->cachedAliasList = searchLDAPByAttribute('cn', '*', 'nisMailAlias', array('dn', 'cn', 'rfc822MailMember'), array('mailAlias'));
return $this->cachedAliasList;
}
-
+
/**
* Returns the user name of this account.
- *
+ *
* @return String user name
*/
private function getUserName() {
@@ -605,10 +614,10 @@ class nisMailAliasUser extends baseModule {
}
return null;
}
-
+
/**
* Returns the email addresses of this account.
- *
+ *
* @return String mail addresses
*/
private function getMailAddresses() {
@@ -620,10 +629,10 @@ class nisMailAliasUser extends baseModule {
}
return null;
}
-
+
/**
* Returns if the mail alias type is active. Otherwise, aliases cannot be managed.
- *
+ *
* @return boolean is active
*/
private function isMailAliasTypeActive() {
diff --git a/lam/lib/types.inc b/lam/lib/types.inc
index 405646c9..7f22bb57 100644
--- a/lam/lib/types.inc
+++ b/lam/lib/types.inc
@@ -271,6 +271,46 @@ class ConfiguredType {
return $this->baseType;
}
+ /**
+ * Returns a list of LDAP suffixes for this type.
+ *
+ * @return array sorted list of possible suffixes for this type.
+ */
+ public function getSuffixList() {
+ $connection = $_SESSION["ldap"]->server();
+ $ret = array();
+ $filter = $this->getBaseType()->getSuffixFilter();
+ $sr = @ldap_search($connection, escapeDN($this->suffix), $filter, array('dn', 'objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);
+ if ($sr) {
+ $units = ldap_get_entries($connection, $sr);
+ cleanLDAPResult($units);
+ // extract Dns
+ $count = sizeof($units);
+ for ($i = 0; $i < $count; $i++) {
+ if (in_array('container', $units[$i]['objectclass'])) {
+ // Active Directory fix, hide system containers
+ if (preg_match('/.*cn=system,dc=.+/i', $units[$i]['dn']) || preg_match('/.*CN=program data,dc=.+/i', $units[$i]['dn'])) {
+ continue;
+ }
+ }
+ $ret[] = $units[$i]['dn'];
+ }
+ }
+ // add root suffix if needed
+ $found = false;
+ for ($i = 0; $i < sizeof($ret); $i++) { // search suffix case-intensitive
+ if (strtolower($this->suffix) == strtolower($ret[$i])) {
+ $found = true;
+ break;
+ }
+ }
+ if (!$found) {
+ $ret[] = $this->suffix;
+ }
+ usort($ret, 'compareDN');
+ return $ret;
+ }
+
}
/**
@@ -389,6 +429,23 @@ class TypeManager {
return $configuredTypes;
}
+ /**
+ * Returns a list of configured types for this scope.
+ *
+ * @param string $scope scope (e.g. user)
+ * @return \LAM\TYPES\ConfiguredType[] list of ConfiguredType
+ */
+ public function getConfiguredTypesForScope($scope) {
+ $allTypes = $this->getConfiguredTypes();
+ $scopedTypes = array();
+ foreach ($allTypes as $type) {
+ if ($type->getScope() == $scope) {
+ $scopedTypes[] = $type;
+ }
+ }
+ return $scopedTypes;
+ }
+
/**
* Builds a configured account type.
*
diff --git a/lam/lib/types/asteriskExt.inc b/lam/lib/types/asteriskExt.inc
index 617a41ed..319d271d 100644
--- a/lam/lib/types/asteriskExt.inc
+++ b/lam/lib/types/asteriskExt.inc
@@ -180,7 +180,7 @@ class lamAsteriskExtList extends lamList {
$entries = $this->normalizeLdapOutput($entries);
$this->entries = $entries;
// generate list of possible suffixes
- $this->possibleSuffixes = $this->type->getBaseType()->getSuffixList();
+ $this->possibleSuffixes = $this->type->getSuffixList();
}
/**
diff --git a/lam/templates/profedit/profilepage.php b/lam/templates/profedit/profilepage.php
index 07866e25..1e0aef15 100644
--- a/lam/templates/profedit/profilepage.php
+++ b/lam/templates/profedit/profilepage.php
@@ -207,8 +207,7 @@ $dnContent->addElement(new htmlSpacer(null, '10px'), true);
$rootsuffix = $type->getSuffix();
// get subsuffixes
$suffixes = array('-' => '-');
-$typeObj = $type->getBaseType();
-$possibleSuffixes = $typeObj->getSuffixList();
+$possibleSuffixes = $type->getSuffixList();
foreach ($possibleSuffixes as $suffix) {
$suffixes[getAbstractDN($suffix)] = $suffix;
}