diff --git a/lam/HISTORY b/lam/HISTORY
index a35fde08..3abdcb35 100644
--- a/lam/HISTORY
+++ b/lam/HISTORY
@@ -1,3 +1,7 @@
+June 2014 4.6
+ - Unix groups: allow to disable membership management
+
+
18.03.2014 4.5
- IMAP: allow dynamic admin user names by replacing wildcards with LDAP attributes
- Personal: allow to set fields read-only
diff --git a/lam/docs/manual-sources/howto.xml b/lam/docs/manual-sources/howto.xml
index 48ebac80..d0de880d 100644
--- a/lam/docs/manual-sources/howto.xml
+++ b/lam/docs/manual-sources/howto.xml
@@ -3229,10 +3229,23 @@ Have fun!
This module is used to manage Unix group entries. This is the
default module to manage Unix groups and uses the nis.schema. Suse
- users who use the rfc2307bis.schema need to use LAM Pro.
+ users who use the rfc2307bis.schema need to use
+ LAM Pro.
Configuration
+ Please add the account type "Groups" and then select account
+ module "Unix (posixGroup)".
+
+
+
+
+
+
+
+
+
GID generator: LAM will suggest GID numbers for your accounts.
Please note that it may happen that there are duplicate IDs assigned
if users create groups at the same time. Use an
+
+
+ Disable membership management: Disables group membership
+ management. This is useful if memberships are e.g. managed via
+ group of names.
+
@@ -3286,7 +3305,7 @@ Have fun!
-
+
Unix groups with rfc2307bis schema (LAM Pro)
Some applications (e.g. Suse Linux) use the rfc2307bis schema
diff --git a/lam/docs/manual-sources/images/mod_unixGroupConfig.png b/lam/docs/manual-sources/images/mod_unixGroupConfig.png
index d8122b1b..389d7fe4 100644
Binary files a/lam/docs/manual-sources/images/mod_unixGroupConfig.png and b/lam/docs/manual-sources/images/mod_unixGroupConfig.png differ
diff --git a/lam/docs/manual-sources/images/mod_unixGroupConfig1.png b/lam/docs/manual-sources/images/mod_unixGroupConfig1.png
new file mode 100644
index 00000000..ba9f2d8a
Binary files /dev/null and b/lam/docs/manual-sources/images/mod_unixGroupConfig1.png differ
diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc
index 13c9d189..45250088 100644
--- a/lam/lib/modules/posixGroup.inc
+++ b/lam/lib/modules/posixGroup.inc
@@ -102,7 +102,7 @@ class posixGroup extends baseModule implements passwordService {
}
}
// group members
- if ($rawAccounts[$i][$ids['posixGroup_members']] != "") {
+ if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid') && ($rawAccounts[$i][$ids['posixGroup_members']] != "")) {
if (get_preg($rawAccounts[$i][$ids['posixGroup_members']], 'usernameList')) {
$partialAccounts[$i]['memberUid'] = explode(",", $rawAccounts[$i][$ids['posixGroup_members']]);
}
@@ -218,26 +218,28 @@ class posixGroup extends baseModule implements passwordService {
$return->addElement(new htmlTableExtendedInputCheckbox('changegids', $this->changegids, _('Change GID number of users and hosts'), 'changegids'), true);
}
// group members
- $return->addElement(new htmlOutputText(_("Group members")));
- $return->addElement(new htmlAccountPageButton(get_class($this), 'user', 'open', _('Edit members')));
- $return->addElement(new htmlHelpLink('members'), true);
- $return->addElement(new htmlOutputText(''));
- $users = $this->getUsers();
- $members = array();
- if (isset($this->attributes['memberUid'][0])) {
- foreach ($this->attributes['memberUid'] as $uid) {
- if (isset($users[$uid]) && isset($users[$uid]['cn'])) {
- $members[] = $uid . ' (' . $users[$uid]['cn'] . ')';
- }
- else {
- $members[] = $uid;
+ if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid')) {
+ $return->addElement(new htmlOutputText(_("Group members")));
+ $return->addElement(new htmlAccountPageButton(get_class($this), 'user', 'open', _('Edit members')));
+ $return->addElement(new htmlHelpLink('members'), true);
+ $return->addElement(new htmlOutputText(''));
+ $users = $this->getUsers();
+ $members = array();
+ if (isset($this->attributes['memberUid'][0])) {
+ foreach ($this->attributes['memberUid'] as $uid) {
+ if (isset($users[$uid]) && isset($users[$uid]['cn'])) {
+ $members[] = $uid . ' (' . $users[$uid]['cn'] . ')';
+ }
+ else {
+ $members[] = $uid;
+ }
}
}
+ $members = array_unique($members);
+ natcasesort($members);
+ $members = array_map('htmlspecialchars', $members);
+ $return->addElement(new htmlOutputText(implode('
', $members), false), true);
}
- $members = array_unique($members);
- natcasesort($members);
- $members = array_map('htmlspecialchars', $members);
- $return->addElement(new htmlOutputText(implode('
', $members), false), true);
// remove button
if (!$this->autoAddObjectClasses) {
$return->addElement(new htmlSpacer(null, '20px'), true);
@@ -371,7 +373,10 @@ class posixGroup extends baseModule implements passwordService {
// LDAP aliases
$return['LDAPaliases'] = array('commonName' => 'cn');
// managed attributes
- $return['attributes'] = array('gidNumber', $this->passwordAttrName, 'memberUid');
+ $return['attributes'] = array('gidNumber', $this->passwordAttrName);
+ if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid')) {
+ $return['attributes'][] = 'memberUid';
+ }
if ($this->manageCnAttribute) {
$return['attributes'][] = 'cn';
}
@@ -402,12 +407,15 @@ class posixGroup extends baseModule implements passwordService {
$gidGeneratorDN->setRequired(true);
$configContainer->addElement($gidGeneratorDN, true);
$configContainer->addElement(new htmlTableExtendedInputField(_('Suffix for GID/group name check'), 'posixGroup_gidCheckSuffix', '', 'gidCheckSuffix'), true);
+ $configContainer->addElement(new htmlTableExtendedInputCheckbox('posixGroup_hidememberUid', false, _('Disable membership management'), 'hidememberUid'), true);
$return['config_options']['group'] = $configContainer;
// available PDF fields
$return['PDF_fields'] = array(
'gidNumber' => _('GID number'),
- 'memberUid' => _('Group members')
);
+ if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid')) {
+ $return['PDF_fields']['memberUid'] = _('Group members');
+ }
if ($this->manageCnAttribute) {
$return['PDF_fields']['cn'] = _('Group name');
}
@@ -422,12 +430,6 @@ class posixGroup extends baseModule implements passwordService {
'help' => 'gidNumber',
'example' => '2034'
),
- array(
- 'name' => 'posixGroup_members',
- 'description' => _('Group members'),
- 'help' => 'upload_members',
- 'example' => _('user01,user02,user03')
- ),
array(
'name' => 'posixGroup_password',
'description' => _('Group password'),
@@ -435,6 +437,14 @@ class posixGroup extends baseModule implements passwordService {
'example' => _('secret')
)
);
+ if (!$this->isBooleanConfigOptionSet('posixGroup_hidememberUid')) {
+ $return['upload_columns'][] = array(
+ 'name' => 'posixGroup_members',
+ 'description' => _('Group members'),
+ 'help' => 'upload_members',
+ 'example' => _('user01,user02,user03')
+ );
+ }
if ($this->manageCnAttribute) {
array_unshift($return['upload_columns'],
array(
@@ -512,6 +522,10 @@ class posixGroup extends baseModule implements passwordService {
"Text" => _("Here you can enter a filter value. Only entries which contain the filter text will be shown.")
. ' ' . _('Possible wildcards are: "*" = any character, "^" = line start, "$" = line end')
),
+ 'hidememberUid' => array(
+ "Headline" => _('Disable membership management'), 'attr' => 'memberUid',
+ "Text" => _('Disables the group membership management.')
+ ),
'autoAdd' => array(
"Headline" => _("Automatically add this extension"),
"Text" => _("This will enable the extension automatically if this profile is loaded.")