fixed many things ralated to groups like wrong SIDs

2003-09-16 12:44:28 +00:00 · 2003-09-16 12:44:28 +00:00 · 775aa6cf0d
parent 444c69f0dc
commit 775aa6cf0d
2 changed files with 54 additions and 55 deletions
--- a/lam/lib/account.inc
+++ b/lam/lib/account.inc
@ -66,6 +66,7 @@ class account { // This class keeps all needed values for any account
 	var $smb_flagsD;		// string (1|0) account is disabled? (user|host)
 	var $smb_flagsX;		// string (1|0) password doesn'T expire (user|host)
 	var $smb_mapgroup;		// decimal ID for groups
+	var $smb_displayName;		// string, description, similar to gecos-field.
 	// Quota Settins
 	var $quota;			// array[][] First array is an index for every chare with active quotas
 					// second array Contains values for every share:
@ -350,6 +351,10 @@ function checksamba($values, $type) { // This function checks all samba account
 		 else $return->smb_password = "";
 			break;
 		case 'group' :
+			if (($values->smb_displayName=='') && isset($values->general_gecos)) {
+				$return->smb_displayName = $values->general_gecos;
+				$errors[] = array('INFO', _('Display name'), _('Inserted gecos-field as display name.'));
+				}
 			break;
 		}
 	// Return values and errors
@ -932,6 +937,7 @@ function loadgroup($dn) { // Will load all needed values from an existing group
 	$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
 	$return->general_dn = (ldap_get_dn($_SESSION['ldap']->server(), $entry));
 	$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
+	// Load values into account object
 	$i=0;
 	while (isset($attr['objectClass'][$i])) {
 		$return->general_objectClass[$i] = $attr['objectClass'][$i];
@ -943,13 +949,19 @@ function loadgroup($dn) { // Will load all needed values from an existing group
 		$i++;
 		}
 	if (isset($attr['gidNumber'][0])) $return->general_uidNumber = $attr['gidNumber'][0];
-	if (isset($attr['gecos'][0])) $return->general_gecos = utf8_decode($attr['gecos'][0]);
+	if (isset($attr['description'][0])) $return->general_gecos = utf8_decode($attr['description'][0]);
 	if (isset($attr['cn'][0])) {
 		$return->general_username = $attr['cn'][0];
-		if ($_SESSION['config']->scriptServer) getquotas('group',$attr['cn'][0]);
+		$values = getquotas('group', $attr['cn'][0]);
+		if (is_object($values)) {
+			while (list($key, $val) = each($values)) // Set only defined values
+				if (isset($val)) $return->$key = $val;
+			}
 		}
-	if (isset($attr['sambaSID'][0])) {
+	if (isset($attr['sambaSID'][0])) { // Samba3 Samba 2.0 don't have any objects 4 groups
 		$return->smb_mapgroup = $attr['sambaSID'][0];
+		if (isset($attr['displayName'][0])) $return->smb_displayName = utf8_decode($attr['displayName'][0]);
+		// extract SID from sambaSID to find domain
 		$temp = explode('-', $attr['sambaSID'][0]);
 		$SID = $temp[0].'-'.$temp[1].'-'.$temp[2].'-'.$temp[3].'-'.$temp[4].'-'.$temp[5].'-'.$temp[6];
 		$samba3domains = $_SESSION['ldap']->search_domains($_SESSION[config]->get_domainSuffix());
@ -1612,27 +1624,15 @@ function creategroup($values) { // Will create the LDAP-Group
 	// 4 == Error while creating Group
 	// 5 == Error while modifying Group
 	$values->general_dn = 'cn=' . $values->general_username . ',' . $values->general_dn;
-
-	// decrypt password
-	$iv = base64_decode($_COOKIE["IV"]);
-	$key = base64_decode($_COOKIE["Key"]);
-	if ($values->unix_password != '') {
-		$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($values->unix_password), MCRYPT_MODE_ECB, $iv);
-		$values->unix_password = str_replace(chr(00), '', $values->unix_password);
-		}
-	if ($values->smb_password != '') {
-		$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($values->smb_password), MCRYPT_MODE_ECB, $iv);
-		$values->smb_password = str_replace(chr(00), '', $values->smb_password);
-		}
 	$attr['objectClass'][0] = 'posixGroup';
 	$attr['cn'] = $values->general_username;
 	$attr['gidNumber'] = $values->general_uidNumber;
-	$attr['description'] = $values->general_gecos;
+	if ($values->general_gecos) $attr['description'] = utf8_encode($values->general_gecos);
 	if ($_SESSION['config']->samba3 =='yes' && (isset($values->smb_mapgroup))) {
 		$attr['sambaSID'] = $values->smb_mapgroup;
 		$attr['objectClass'][1] = 'sambaGroupMapping';
 		$attr['sambaGroupType'] = '2';
-		if ($values->general_gecos) $attr['displayName'] = $values->general_gecos;
+		if ($values->smb_displayName) $attr['displayName'] = utf8_encode($values->smb_displayName);
 		}
 	$success = ldap_add($_SESSION['ldap']->server(),$values->general_dn, $attr);
 	if ($_SESSION['config']->scriptServer) setquotas($values,'group');
@ -1652,34 +1652,21 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
 	// 5 == Error while modifying Group
 	$values->general_dn = 'cn=' . $values->general_username . ',' . $values->general_dn;

-	// decrypt password
-	$iv = base64_decode($_COOKIE["IV"]);
-	$key = base64_decode($_COOKIE["Key"]);
-	if ($values->unix_password != '') {
-		$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($values->unix_password), MCRYPT_MODE_ECB, $iv);
-		$values->unix_password = str_replace(chr(00), '', $values->unix_password);
-		}
-	if ($values->smb_password != '') {
-		$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($values->smb_password), MCRYPT_MODE_ECB, $iv);
-		$values->smb_password = str_replace(chr(00), '', $values->smb_password);
-		}
 	if ($values->general_username != $values_old->general_username) $attr['cn'] = $values->general_username;
 	if ($values->general_uidNumber != $values_old->general_uidNumber) $attr['gidNumber'] = $values->general_uidNumber;
-	if ($values->general_gecos != $values_old->general_gecos) $attr['description'] = $values->general_gecos;
+	if ($values->general_gecos != $values_old->general_gecos) $attr['description'] = utf8_encode($values->general_gecos);
+
+	if (($values->smb_displayName != $values_old->smb_displayName) && ($values->smb_displayName != ''))
+		$attr['displayName'] = utf8_encode($values->smb_displayName);
+	if (($values->smb_displayName != $values_old->smb_displayName) && ($values->smb_displayName == ''))
+		$attr_rem['displayName'] = utf8_encode($values_old->smb_displayName);
+
 	if ($_SESSION['config']->samba3 =='yes') {
 		if ($values->smb_mapgroup != $values_old->smb_mapgroup)
 			$attr['sambaSID'] = $values->smb_mapgroup;
-		if ($values->general_gecos!=$values_old->general_gecos)
-			$attr['displayName'] = $values->general_gecos;
 		}

 	if (($values->unix_memberUid != $values_old->unix_memberUid)) {
-		//$values->unix_memberUid = str_replace(' ', '', $values->unix_memberUid);
-		//$memberUid = explode (',', $values->unix_memberUid);
-		//$values_old->unix_memberUid = str_replace(' ', '', $values_old->unix_memberUid);
-		//$memberUid_old = explode (',', $values_old->unix_memberUid);
-		//if ($memberUid[0]=='') $attr_rem['memberUid'] = $memberUid_old;
-		// else if ($memberUid[0]!='') $attr['memberUid'] = $memberUid;
 		if (count($values->unix_memberUid)==0) $attr_rem['memberUid'] = $values_old->unix_memberUid;
 		 else $attr['memberUid'] = $values->unix_memberUid;
 		}
@ -1724,6 +1711,7 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
 		if ($success) $success = ldap_mod_replace($_SESSION['ldap']->server(),$values->general_dn, $attr);
 		if (!$success) return 5;
 		}
+
 	if ( $_SESSION['final_changegids']==true ) {
 		$result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_UserSuffix(), 'gidNumber=' . $values_old->general_uidNumber, array('gidNumber'));
 		$entry = ldap_first_entry($_SESSION['ldap']->server(), $result);
--- a/lam/templates/account/groupedit.php
+++ b/lam/templates/account/groupedit.php
@ -111,24 +111,26 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
 		break;

 	case 'samba':
-		$_SESSION['account']->smb_domain = $_POST['f_smb_domain'];
+		$samba3domains = $_SESSION['ldap']->search_domains($_SESSION[config]->get_domainSuffix());
+		foreach ($samba3domains as $domain)
+			if ($_POST['f_smb_domain'] == $domain->name)
+				$_SESSION['account']->smb_domain = $domain;
+		$_SESSION['account']->smb_displayName = $_POST['f_smb_displayName'];
 		switch ($_POST['f_smb_mapgroup']) {
 			case '*'._('Domain Guests'): $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '514'; break;
 			case '*'._('Domain Users'): $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '513'; break;
 			case '*'._('Domain Admins'): $_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-" . '512'; break;
-			case $_SESSION['account']->general_group:
-				if ($_SESSION['config']->samba3 == 'yes')
-					$_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-".
-						(2 * getgid($_SESSION['account']->general_group) + $_SESSION['account']->smb_domain->RIDbase +1);
-				else $_SESSION['account']->smb_mapgroup = (2 * getgid($_SESSION['account']->general_group) + 1001);
-				break;
 			case $_SESSION['account']->general_username:
-				if ($_SESSION['config']->samba3 == 'yes')
-					$_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-".
-						(2 * $_SESSION['account']->general_uidNumber + $_SESSION['account']->smb_domain->RIDbase +1);
-				else $_SESSION['account']->smb_mapgroup = (2 * $_SESSION['account']->general_uidNumber + 1001);
+				$_SESSION['account']->smb_mapgroup = $_SESSION['account']->smb_domain->SID . "-".
+					(2 * getgid($_SESSION['account']->general_username) + $_SESSION['account']->smb_domain->RIDbase +1);
 				break;
 			}
+		if (isset($_SESSION['account_old'])) list($values, $errors) = checksamba($_SESSION['account'], 'group', $_SESSION['account_old']); // account.inc
+			else list($values, $errors) = checksamba($_SESSION['account'], 'group'); // account.inc
+		if (is_object($values)) { // Set only defined values
+			while (list($key, $val) = each($values))
+				if (isset($val)) $_SESSION['account']->$key = $val;
+			}
 		break;

 	case 'quota':
@ -249,6 +251,7 @@ if (is_array($errors)) {
 	for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]);
 	echo "</table>";
 	}
+
 // print_r($_SESSION['account']);

 switch ($select_local) { // Select which part of page will be loaded
@ -269,7 +272,8 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "</b></legend>\n";
 		echo "<input name=\"next_general\" type=\"submit\" value=\""; echo _('General'); echo "\">\n<br>";
 		echo "<input name=\"next_members\" type=\"submit\" disabled value=\""; echo _('Members'); echo "\">\n<br>";
-		echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Samba'); echo "\">\n<br>";
+		if ($_SESSION['config']->samba3 == 'yes')
+			echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Samba'); echo "\">\n<br>";
 		echo "<input name=\"next_quota\" type=\"submit\""; if (!isset($_SESSION['config']->scriptPath)) echo " disabled ";
 		echo "value=\""; echo _('Quota'); echo "\">\n<br>";
 		echo "<input name=\"next_final\" type=\"submit\" value=\""; echo _('Final');
@ -308,7 +312,8 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "</b></legend>\n";
 		echo "<input name=\"next_general\" type=\"submit\" disabled value=\""; echo _('General'); echo "\">\n<br>";
 		echo "<input name=\"next_members\" type=\"submit\" value=\""; echo _('Members'); echo "\">\n<br>";
-		echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Samba'); echo "\">\n<br>";
+		if ($_SESSION['config']->samba3 == 'yes')
+			echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Samba'); echo "\">\n<br>";
 		echo "<input name=\"next_quota\" type=\"submit\""; if (!isset($_SESSION['config']->scriptPath)) echo " disabled ";
 		echo "value=\""; echo _('Quota'); echo "\">\n<br>";
 		echo "<input name=\"next_final\" type=\"submit\" value=\""; echo _('Final');
@ -357,7 +362,7 @@ switch ($select_local) { // Select which part of page will be loaded

 	case 'samba':
 		// Samba Settings
-		if ($_SESSION['config']->samba3 == 'yes') $samba3domains = $_SESSION['ldap']->search_domains($_SESSION[config]->get_domainSuffix());
+		$samba3domains = $_SESSION['ldap']->search_domains($_SESSION[config]->get_domainSuffix());
 		echo "<input name=\"select\" type=\"hidden\" value=\"samba\">\n";
 		echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
 		echo "<table border=0><tr><td><fieldset class=\"groupedit-middle\"><legend class=\"groupedit-bright\"><b>";
@ -370,8 +375,12 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "value=\""; echo _('Quota'); echo "\">\n<br>";
 		echo "<input name=\"next_final\" type=\"submit\" value=\""; echo _('Final');
 		echo "\"></fieldset></td></tr></table></td>\n<td valign=\"top\">";
-		echo "<table border=0><tr><td><fieldset class=\"groupedit-bright\"><legend class=\"groupedit-bright\"><b>"._('Samba properties')."</b></legend>\n";
+		echo "<table border=0 width=\"100%\"><tr><td><fieldset class=\"groupedit-bright\"><legend class=\"groupedit-bright\"><b>"._('Samba properties')."</b></legend>\n";
 		echo "<table border=0 width=\"100%\"><tr><td>";
+		echo _("Display name");
+		echo "</td>\n<td>".
+			"<input name=\"f_smb_displayName\" type=\"text\" size=\"30\" maxlength=\"50\" value=\"".$_SESSION['account']->smb_displayName."\">".
+			"</td>\n<td><a href=\"../help.php?HelpNumber=XXX\" target=\"lamhelp\">"._('Help-XX')."</a></td>\n</tr>\n<tr>\n<td>";
 		echo _('Windows groupname');
 		echo "</td>\n<td><select name=\"f_smb_mapgroup\">";
 		if ( $_SESSION['account']->smb_mapgroup == $_SESSION['account']->smb_domain->SID . "-".
@ -437,7 +446,8 @@ switch ($select_local) { // Select which part of page will be loaded
 		echo "</b></legend>\n";
 		echo "<input name=\"next_general\" type=\"submit\" value=\""; echo _('General'); echo "\">\n<br>";
 		echo "<input name=\"next_members\" type=\"submit\" value=\""; echo _('Members'); echo "\">\n<br>";
-		echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Samba'); echo "\">\n<br>";
+		if ($_SESSION['config']->samba3 == 'yes')
+			echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Samba'); echo "\">\n<br>";
 		echo "<input name=\"next_quota\" type=\"submit\" disabled value=\""; echo _('Quota'); echo "\">\n<br>";
 		echo "<input name=\"next_final\" type=\"submit\" value=\""; echo _('Final');
 		echo "\"></fieldset></td></tr></table></td>\n<td valign=\"top\">";
@ -471,14 +481,15 @@ switch ($select_local) { // Select which part of page will be loaded
 	case 'final':
 		// Final Settings
 		echo '<input name="select" type="hidden" value="final">';
-		echo "<input name=\"select\" type=\"hidden\" value=\"samba\">\n";
+		echo "<input name=\"select\" type=\"hidden\" value=\"final\">\n";
 		echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
 		echo "<table><tr><td><fieldset class=\"groupedit-middle\"><legend class=\"groupedit-bright\"><b>";
 		echo _('Please select page:');
 		echo "</b></legend>\n";
 		echo "<input name=\"next_general\" type=\"submit\" value=\""; echo _('General'); echo "\">\n<br>";
 		echo "<input name=\"next_members\" type=\"submit\" value=\""; echo _('Members'); echo "\">\n<br>";
-		echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Samba'); echo "\">\n<br>";
+		if ($_SESSION['config']->samba3 == 'yes')
+			echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Samba'); echo "\">\n<br>";
 		echo "<input name=\"next_quota\" type=\"submit\""; if (!isset($_SESSION['config']->scriptPath)) echo " disabled ";
 		echo "value=\""; echo _('Quota'); echo "\">\n<br>";
 		echo "<input name=\"next_final\" type=\"submit\" disabled value=\""; echo _('Final');