From 973b7d95fc34571e56db708af0c4ccca313e4bb3 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Thu, 8 Oct 2009 20:16:02 +0000 Subject: [PATCH] first step for adding central password service --- lam/help/help.inc | 2 + lam/lib/modules.inc | 154 ++++++++++++++++++++++++++-- lam/lib/modules/posixAccount.inc | 26 ++++- lam/lib/modules/sambaSamAccount.inc | 26 ++++- 4 files changed, 199 insertions(+), 9 deletions(-) diff --git a/lam/help/help.inc b/lam/help/help.inc index c7973332..377529ff 100644 --- a/lam/help/help.inc +++ b/lam/help/help.inc @@ -159,6 +159,8 @@ $helpArray = array ( "Text" => _("Here you can load an account profile to set default settings for your account. The \"default\" profile is automatically loaded for new accounts.")), "403" => array ("Headline" => _("Create PDF file"), "Text" => _("Here you can select a PDF structure and export the account to a PDF file.")), + "404" => array ("Headline" => _("Password"), + "Text" => _("Please enter the password which you want to set for this account. You may also generate a random password (12 characters) which will be displayed on your screen.")), // 500 - 599 // Roland Gruber // LAM Pro diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc index 703518a2..d442041b 100644 --- a/lam/lib/modules.inc +++ b/lam/lib/modules.inc @@ -1022,6 +1022,26 @@ class accountContainer { if (isset($_POST['accountContainerReset'])) { $result = $this->load_account($this->dn_orig); } + elseif (isset($_POST['setNewPasswordCancel'])) { + // ignore + } + elseif (isset($_POST['setNewPasswordOk']) || isset($_POST['setNewPasswordRandom'])) { + $pwdMessages = $this->setNewPassword(); + $pwdErrors = 0; + for ($i = 0; $i < sizeof($pwdMessages); $i++) { + if ($pwdMessages[$i][0] == 'ERROR') { + $pwdErrors++; + } + } + if ($pwdErrors == 0) { + $result[] = array('INFO', 'New password set successfully.'); + $result = array_merge($result, $pwdMessages); + } + else { + $this->printPasswordPromt($pwdMessages); + return; + } + } elseif (!$profileLoaded) { // change dn suffix if (isset($_REQUEST['suffix']) && ($_REQUEST['suffix'] != '')) { @@ -1130,6 +1150,22 @@ class accountContainer { } } } + // check if password change was requested + if (!$errorsOccured && isset($_POST['accountContainerSetPassword'])) { + $this->printPasswordPromt(array()); + return; + } + // prints a module content page + $this->printModuleContent($result, $stopProcessing); + } + + /** + * Prints the content part provided by the current module. + * + * @param array $result list of messages + * @param boolean $stopProcessing true if page should end after displaying the messages + */ + private function printModuleContent($result, $stopProcessing) { $this->printPageHeader(); // Display error-messages if (is_array($result)) { @@ -1162,10 +1198,7 @@ class accountContainer { // content area echo ""; // display html-code from modules - $return = array(); - $return = call_user_func(array($this->module[$this->order[$this->current_page]], 'display_html_'.$this->subpage)); - $y = 5000; parseHtml($this->order[$this->current_page], $return, array(), false, $y, $this->type); // Display rest of html-page @@ -1173,6 +1206,97 @@ class accountContainer { echo "\n"; $this->printPageFooter(); } + + /** + * Prints the input fields of the central password service. + * + * @param $errors list of error messages + */ + private function printPasswordPromt($errors) { + $this->printPageHeader(); + // print error messages + for ($i = 0; $i < sizeof($errors); $i++) { + call_user_func_array('StatusMessage', $errors[$i]); + } + // create module menu + echo "
type."list\" border=0 width=\"100%\" style=\"border-collapse: collapse;\">\n"; + echo "type . "list\">\n"; + echo "
 \"key.png\" \n"; + echo "Set password
\n"; + echo "\n"; + echo "'; + echo ''; + echo ''; + echo ''; + echo '"; + + echo "\n"; + echo "\n"; + echo "
\n"; + echo _('Password') . ''; + + echo ' '; + echo ''; + foreach ($this->module as $name => $module) { + if (($module instanceof passwordService) && $module->managesPasswordAttributes()) { + echo ''; + } + } + echo '
'; + $buttonImage = $module->getIcon(); + if ($buttonImage != null) { + $buttonImage = '' . getModuleAlias($name, $this->type) . ''; + } + echo '' . $buttonImage . getModuleAlias($name, $this->type) . "
\n"; + echo '
 '; + printHelpLink(getHelp(null, 404), 404); + echo "
"; + echo _('Repeat password') . ''; + echo "


"; + echo ''; + echo ' '; + echo ''; + echo '   '; + echo ''; + echo "
\n"; + echo "
\n"; + $this->printPageFooter(); + } + + /** + * Sets the new password in all selected account modules. + * + * @return array list of messages + */ + private function setNewPassword() { + $return = array(); + if (isset($_POST['setNewPasswordRandom'])) { + $_POST['newPassword1'] = generateRandomPassword(); + $return[] = array('INFO', _('The password was set to:') . ' ' . $_POST['newPassword1']); + } + else { + // check if passwords match + if ($_POST['newPassword1'] != $_POST['newPassword2']) { + $return[] = array('ERROR', _('Passwords are different!')); + return $return; + } + // check passsword stregth + $pwdPolicyResult = checkPasswordStrength($_POST['newPassword1']); + if ($pwdPolicyResult !== true) { + $return[] = array('ERROR', $pwdPolicyResult); + return $return; + } + } + // set new password + foreach ($_POST as $key => $value) { + if (substr($key, 0, 3) == 'cb_') { + $name = substr($key, 3); + $return = array_merge($return, $this->module[$name]->passwordChanged($_POST['newPassword1'])); + } + } + return $return; + } + /** * Prints common controls like the save button and the ou selection. @@ -1181,10 +1305,14 @@ class accountContainer { echo "type."list\" style=\"border-width:0px;\" width=\"100%\">"; echo ""; echo "
"; // save button - echo " \n"; + echo " \n"; // reset button if ($this->dn_orig!='') { - echo "\n"; + echo "\n"; + } + if ($this->showSetPasswordButton()) { + echo "    "; + echo " \n"; } echo ""; @@ -1208,6 +1336,20 @@ class accountContainer { echo "
"; } + /** + * Returns if the page should show a button to set the password. + * + * @return boolean show or hide button + */ + private function showSetPasswordButton() { + foreach ($this->module as $name => $module) { + if (($module instanceof passwordService) && $module->managesPasswordAttributes()) { + return true; + } + } + return false; + } + /** * Prints the header of the account pages. */ @@ -1379,7 +1521,7 @@ class accountContainer { echo "\n"; echo "\n"; // separator line - echo '
'; + echo '
'; } /** diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index 4bbb73d9..8c16c956 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -37,7 +37,7 @@ * * @package modules */ -class posixAccount extends baseModule { +class posixAccount extends baseModule implements passwordService { // Variables @@ -919,7 +919,7 @@ class posixAccount extends baseModule { $pwd = generateRandomPassword(); $this->clearTextPassword = $pwd; $this->attributes['userPassword'][0] = pwd_hash($pwd, true, $this->moduleSettings['posixAccount_pwdHash'][0]); - return array(array('INFO', 'The password was set to:' . ' ' . $pwd)); + return array(array('INFO', _('The password was set to:') . ' ' . $pwd)); } $errors = array(); if ($_POST['userPassword'] != $_POST['userPassword2']) { @@ -1820,6 +1820,28 @@ class posixAccount extends baseModule { return $this->clearTextPassword; } + /** + * This method specifies if a module manages password attributes. + * @see passwordService::managesPasswordAttributes + * + * @return boolean true if this module manages password attributes + */ + public function managesPasswordAttributes() { + return true; + } + + /** + * This function is called whenever the password of this module should be changed. + * @see passwordService::managesPasswordAttributes + * + * @param String $password new password + * @return array list of error messages if any as parameter array for StatusMessage + * e.g. return arrray(array('ERROR', 'Password change failed.')) + */ + public function passwordChanged($password) { + return array(); + } + } ?> diff --git a/lam/lib/modules/sambaSamAccount.inc b/lam/lib/modules/sambaSamAccount.inc index 231ab641..d67644bf 100644 --- a/lam/lib/modules/sambaSamAccount.inc +++ b/lam/lib/modules/sambaSamAccount.inc @@ -39,7 +39,7 @@ include_once('sambaSamAccount/sambaMungedDial.inc'); * * @package modules */ -class sambaSamAccount extends baseModule { +class sambaSamAccount extends baseModule implements passwordService { // Variables /** use Unix password as samba password? */ @@ -2366,6 +2366,30 @@ class sambaSamAccount extends baseModule { return $return; } + /** + * This method specifies if a module manages password attributes. + * @see passwordService::managesPasswordAttributes + * + * @return boolean true if this module manages password attributes + */ + public function managesPasswordAttributes() { + if ($this->get_scope() == "user") { + return true; + } + } + + /** + * This function is called whenever the password of this module should be changed. + * @see passwordService::managesPasswordAttributes + * + * @param String $password new password + * @return array list of error messages if any as parameter array for StatusMessage + * e.g. return arrray(array('ERROR', 'Password change failed.')) + */ + public function passwordChanged($password) { + return array(); + } + } ?>