optional posixAccount object class
This commit is contained in:
Roland Gruber
parent
0b3c6b1036
commit
88b7a32187
|
|
@ -3070,6 +3070,26 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
<para>Hidden options: Some input fields can be hidden to simplify
|
||||
the GUI if you do not need them.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Set primary group as memberUid: By default primary group
|
||||
membership is not set on group objects but only on user
|
||||
(gidNumber). Activate this if you need to have the primary group
|
||||
membership in group object, too.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Do not add object class: This is for Windows only. When the
|
||||
checkbox is activated then the posixAccount object class will not
|
||||
be added to a user.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>User name suggestion: The user name is automatically filled
|
||||
as specified in the configuration (default smiller for Steve
|
||||
Miller). Of course, the suggested value can be changed any time.
|
||||
Common name is also filled with first/last name by default.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<screenshot>
|
||||
|
|
@ -3080,10 +3100,8 @@ mysql> GRANT ALL PRIVILEGES ON lam_cron.* TO 'lam_cron'@'localhost';
|
|||
</mediaobject>
|
||||
</screenshot>
|
||||
|
||||
<para>The user name is automatically filled as specified in the
|
||||
configuration (default smiller for Steve Miller). Of course, the
|
||||
suggested value can be changed any time. Common name is also filled
|
||||
with first/last name by default.</para>
|
||||
<literallayout>
|
||||
</literallayout>
|
||||
|
||||
<screenshot>
|
||||
<mediaobject>
|
||||
|
|
|
|||
Binary file not shown.
|
Before Width: | Height: | Size: 38 KiB After Width: | Height: | Size: 41 KiB |
|
|
@ -82,7 +82,7 @@ class posixAccount extends baseModule implements passwordService {
|
|||
// call parent constructor
|
||||
parent::__construct($scope);
|
||||
// make optional if needed
|
||||
$this->autoAddObjectClasses = !$this->isOptional();
|
||||
$this->autoAddObjectClasses = !$this->isOptional() && !$this->skipObjectClass();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -447,6 +447,10 @@ class posixAccount extends baseModule implements passwordService {
|
|||
"Headline" => _("Magic number"),
|
||||
"Text" => _("Please enter the magic number you configured on server side.")
|
||||
),
|
||||
'noObjectClass' => array(
|
||||
"Headline" => _("Do not add object class"),
|
||||
"Text" => _("This will not add the posixAccount object class to the account.")
|
||||
),
|
||||
'user' => array(
|
||||
'uid' => array(
|
||||
"Headline" => _("User name"), 'attr' => 'uid',
|
||||
|
|
@ -541,7 +545,7 @@ class posixAccount extends baseModule implements passwordService {
|
|||
* @return boolean true, if settings are complete
|
||||
*/
|
||||
function module_complete() {
|
||||
if (!isset($this->attributes['objectClass']) || !in_array('posixAccount', $this->attributes['objectClass'])) {
|
||||
if (!$this->skipObjectClass() && (!isset($this->attributes['objectClass']) || !in_array('posixAccount', $this->attributes['objectClass']))) {
|
||||
// no checks if object class is not set
|
||||
return true;
|
||||
}
|
||||
|
|
@ -616,7 +620,7 @@ class posixAccount extends baseModule implements passwordService {
|
|||
* <br>"info" are values with informational value (e.g. to be used later by pre/postModify actions)
|
||||
*/
|
||||
function save_attributes() {
|
||||
if (!in_array('posixAccount', $this->attributes['objectClass']) && !in_array('posixAccount', $this->orig['objectClass'])) {
|
||||
if (!$this->skipObjectClass() && (!in_array('posixAccount', $this->attributes['objectClass']) && !in_array('posixAccount', $this->orig['objectClass']))) {
|
||||
// skip saving if the extension was not added/modified
|
||||
return array();
|
||||
}
|
||||
|
|
@ -637,7 +641,7 @@ class posixAccount extends baseModule implements passwordService {
|
|||
$return[$this->getAccountContainer()->dn_orig]['info']['userPasswordStatusChange'][0] = 'unlocked';
|
||||
}
|
||||
}
|
||||
if (in_array('posixAccount', $this->attributes['objectClass'])) {
|
||||
if ($this->skipObjectClass() || in_array('posixAccount', $this->attributes['objectClass'])) {
|
||||
// Remove primary group from additional groups
|
||||
if (!isset($this->moduleSettings['posixAccount_primaryGroupAsSecondary'][0])
|
||||
|| ($this->moduleSettings['posixAccount_primaryGroupAsSecondary'][0] != 'true')) {
|
||||
|
|
@ -1002,7 +1006,7 @@ class posixAccount extends baseModule implements passwordService {
|
|||
return $errors;
|
||||
}
|
||||
// skip processing if object class is not set
|
||||
if ($this->isOptional() && (!isset($this->attributes['objectClass']) || !in_array('posixAccount', $this->attributes['objectClass']))) {
|
||||
if ($this->isOptional() && !$this->skipObjectClass() && (!isset($this->attributes['objectClass']) || !in_array('posixAccount', $this->attributes['objectClass']))) {
|
||||
return $errors;
|
||||
}
|
||||
$groups = $this->findGroups(); // list of all groupnames
|
||||
|
|
@ -1331,7 +1335,7 @@ class posixAccount extends baseModule implements passwordService {
|
|||
*/
|
||||
function display_html_attributes() {
|
||||
$return = new htmlTable();
|
||||
if (!$this->isOptional() || (isset($this->attributes['objectClass']) && in_array('posixAccount', $this->attributes['objectClass']))) {
|
||||
if (!$this->isOptional() || $this->skipObjectClass() || (isset($this->attributes['objectClass']) && in_array('posixAccount', $this->attributes['objectClass']))) {
|
||||
$groupList = $this->findGroups(); // list of all group names
|
||||
$groups = array();
|
||||
for ($i = 0; $i < sizeof($groupList); $i++) {
|
||||
|
|
@ -1485,7 +1489,7 @@ class posixAccount extends baseModule implements passwordService {
|
|||
$return->addElement($pwdContainer, true);
|
||||
}
|
||||
// remove button
|
||||
if ($this->isOptional()) {
|
||||
if ($this->isOptional() && !$this->skipObjectClass()) {
|
||||
$return->addElement(new htmlSpacer(null, '20px'), true);
|
||||
$remButton = new htmlButton('remObjectClass', _('Remove Unix extension'));
|
||||
$remButton->colspan = 5;
|
||||
|
|
@ -1813,7 +1817,7 @@ class posixAccount extends baseModule implements passwordService {
|
|||
}
|
||||
// add extension
|
||||
if (isset($profile['posixAccount_addExt'][0]) && ($profile['posixAccount_addExt'][0] == "true")) {
|
||||
if (!in_array('posixAccount', $this->attributes['objectClass'])) {
|
||||
if (!$this->skipObjectClass() && !in_array('posixAccount', $this->attributes['objectClass'])) {
|
||||
$this->attributes['objectClass'][] = 'posixAccount';
|
||||
}
|
||||
}
|
||||
|
|
@ -1981,6 +1985,10 @@ class posixAccount extends baseModule implements passwordService {
|
|||
$configOptionsContainer->addElement($hiddenOptionsContainer, true);
|
||||
$advancedOptions = new htmlTable();
|
||||
$advancedOptions->addElement(new htmlTableExtendedInputCheckbox('posixAccount_primaryGroupAsSecondary', false, _('Set primary group as memberUid'), 'primaryGroupAsSecondary'), true);
|
||||
$isWindows = array_key_exists('windowsUser', $allScopes);
|
||||
if ($isWindows) {
|
||||
$advancedOptions->addElement(new htmlTableExtendedInputCheckbox('posixAccount_noObjectClass', false, _('Do not add object class'), 'noObjectClass'), true);
|
||||
}
|
||||
$advancedOptions->addElement(new htmlTableExtendedInputField(_('User name suggestion'), 'posixAccount_userNameSuggestion', '@givenname@%sn%', 'userNameSuggestion'));
|
||||
$advancedOptionsAccordion = new htmlAccordion('posixAccountAdvancedOptions', array(_('Advanced options') => $advancedOptions), false);
|
||||
$advancedOptionsAccordion->colspan = 5;
|
||||
|
|
@ -2106,7 +2114,9 @@ class posixAccount extends baseModule implements passwordService {
|
|||
}
|
||||
// check input
|
||||
foreach ($rawAccounts as $i => $rawAccount) {
|
||||
if (!in_array("posixAccount", $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = "posixAccount";
|
||||
if (!$this->skipObjectClass() && !in_array("posixAccount", $partialAccounts[$i]['objectClass'])) {
|
||||
$partialAccounts[$i]['objectClass'][] = "posixAccount";
|
||||
}
|
||||
// UID
|
||||
if ($rawAccount[$ids['posixAccount_uid']] == "") {
|
||||
// autoUID
|
||||
|
|
@ -3049,6 +3059,9 @@ class posixAccount extends baseModule implements passwordService {
|
|||
$this->cachedUIDList = array();
|
||||
$attrs = array('uidNumber');
|
||||
$filter = '(&(objectClass=posixAccount)(uidNumber=*))';
|
||||
if ($this->skipObjectClass()) {
|
||||
$filter = '(uidNumber=*)';
|
||||
}
|
||||
$types = $_SESSION['config']->get_ActiveTypes();
|
||||
// get user UIDs
|
||||
if (in_array('user', $types)) {
|
||||
|
|
@ -3100,6 +3113,9 @@ class posixAccount extends baseModule implements passwordService {
|
|||
$this->cachedUserNameList = array();
|
||||
$attrs = array('uid');
|
||||
$filter = '(&(objectClass=posixAccount)(uid=*))';
|
||||
if ($this->skipObjectClass()) {
|
||||
$filter = '(uid=*)';
|
||||
}
|
||||
$types = $_SESSION['config']->get_ActiveTypes();
|
||||
// get user names
|
||||
if (in_array('user', $types)) {
|
||||
|
|
@ -3421,6 +3437,15 @@ class posixAccount extends baseModule implements passwordService {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns if the object class should not be added.
|
||||
*
|
||||
* @return do not add
|
||||
*/
|
||||
private function skipObjectClass() {
|
||||
return $this->isBooleanConfigOptionSet('posixAccount_noObjectClass');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue