added central password service
This commit is contained in:
parent
29647f9596
commit
9ea91629c3
|
@ -35,7 +35,7 @@ $Id$
|
||||||
*
|
*
|
||||||
* @package modules
|
* @package modules
|
||||||
*/
|
*/
|
||||||
class inetOrgPerson extends baseModule {
|
class inetOrgPerson extends baseModule implements passwordService {
|
||||||
|
|
||||||
private static $unix_hosts_supported = 'unknown';
|
private static $unix_hosts_supported = 'unknown';
|
||||||
|
|
||||||
|
@ -100,9 +100,6 @@ class inetOrgPerson extends baseModule {
|
||||||
$this->messages['uid'][1] = array('ERROR', _('Account %s:') . ' inetOrgPerson_userName', _('User name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
$this->messages['uid'][1] = array('ERROR', _('Account %s:') . ' inetOrgPerson_userName', _('User name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
||||||
$this->messages['uid'][3] = array('ERROR', _('Account %s:') . ' inetOrgPerson_userName', _('User name already exists!'));
|
$this->messages['uid'][3] = array('ERROR', _('Account %s:') . ' inetOrgPerson_userName', _('User name already exists!'));
|
||||||
$this->messages['manager'][0] = array('ERROR', _('Account %s:') . ' inetOrgPerson_manager', _('This is not a valid DN!'));
|
$this->messages['manager'][0] = array('ERROR', _('Account %s:') . ' inetOrgPerson_manager', _('This is not a valid DN!'));
|
||||||
$this->messages['userPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password fields.'));
|
|
||||||
$this->messages['userPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!%&/|?{[()]}=@$ !'));
|
|
||||||
$this->messages['userPassword'][2] = array('ERROR', _('Account %s:') . ' posixAccount_password', _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!%&/|?{[()]}=@$ !'));
|
|
||||||
$this->messages['photo'][0] = array('ERROR', _('No file selected.'));
|
$this->messages['photo'][0] = array('ERROR', _('No file selected.'));
|
||||||
$this->messages['businessCategory'][0] = array('ERROR', _('Business category'), _('Please enter a valid business category!'));
|
$this->messages['businessCategory'][0] = array('ERROR', _('Business category'), _('Please enter a valid business category!'));
|
||||||
$this->messages['businessCategory'][1] = array('ERROR', _('Account %s:') . ' inetOrgPerson_businessCategory', _('Please enter a valid business category!'));
|
$this->messages['businessCategory'][1] = array('ERROR', _('Account %s:') . ' inetOrgPerson_businessCategory', _('Please enter a valid business category!'));
|
||||||
|
@ -637,10 +634,6 @@ class inetOrgPerson extends baseModule {
|
||||||
"Headline" => _("Unix workstations"),
|
"Headline" => _("Unix workstations"),
|
||||||
"Text" => _("Please enter a comma separated list of host names where this user is allowed to log in. If you enable host restrictions for your servers then \"*\" means every host and an empty field means no host.")
|
"Text" => _("Please enter a comma separated list of host names where this user is allowed to log in. If you enable host restrictions for your servers then \"*\" means every host and an empty field means no host.")
|
||||||
),
|
),
|
||||||
'userPassword' => array(
|
|
||||||
"Headline" => _("Password"),
|
|
||||||
"Text" => _("Please enter the password which you want to set for this account.")
|
|
||||||
),
|
|
||||||
'photoUpload' => array(
|
'photoUpload' => array(
|
||||||
"Headline" => _("Add photo"),
|
"Headline" => _("Add photo"),
|
||||||
"Text" => _("Please select an image file to upload. It must be in JPG format (.jpg/.jpeg).")
|
"Text" => _("Please select an image file to upload. It must be in JPG format (.jpg/.jpeg).")
|
||||||
|
@ -736,16 +729,6 @@ class inetOrgPerson extends baseModule {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
|
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
|
||||||
// do not set password if posixAccount is active
|
|
||||||
$modules = $_SESSION['config']->get_AccountModules($this->get_scope());
|
|
||||||
if (in_array('posixAccount', $modules)) {
|
|
||||||
if (isset($return[$this->getAccountContainer()->dn]['modify']['userPassword'])) {
|
|
||||||
unset($return[$this->getAccountContainer()->dn]['modify']['userPassword']);
|
|
||||||
}
|
|
||||||
if (isset($return[$this->getAccountContainer()->dn]['add']['userPassword'])) {
|
|
||||||
unset($return[$this->getAccountContainer()->dn]['add']['userPassword']);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// postalAddress, facsimileTelephoneNumber and jpegPhoto need special removing
|
// postalAddress, facsimileTelephoneNumber and jpegPhoto need special removing
|
||||||
if (isset($return[$this->getAccountContainer()->dn]['remove']['postalAddress'])) {
|
if (isset($return[$this->getAccountContainer()->dn]['remove']['postalAddress'])) {
|
||||||
$return[$this->getAccountContainer()->dn]['modify']['postalAddress'] = array();
|
$return[$this->getAccountContainer()->dn]['modify']['postalAddress'] = array();
|
||||||
|
@ -912,26 +895,6 @@ class inetOrgPerson extends baseModule {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// check password
|
|
||||||
if (isset($_POST['userPassword']) && ($_POST['userPassword'] != '')) {
|
|
||||||
if ($_POST['userPassword'] != $_POST['userPassword2']) {
|
|
||||||
$errors[] = $this->messages['userPassword'][0];
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
if (!get_preg($_POST['userPassword'], 'password')) {
|
|
||||||
$errors[] = $this->messages['userPassword'][1];
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$pwdPolicyResult = checkPasswordStrength($_POST['userPassword']);
|
|
||||||
if ($pwdPolicyResult === true) {
|
|
||||||
$this->attributes['userPassword'][0] = pwd_hash($_POST['userPassword'], true, 'SSHA');
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$errors[] = array('ERROR', $pwdPolicyResult);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (isset($_POST['delPhoto'])) {
|
if (isset($_POST['delPhoto'])) {
|
||||||
$this->attributes['jpegPhoto'] = array();
|
$this->attributes['jpegPhoto'] = array();
|
||||||
}
|
}
|
||||||
|
@ -988,29 +951,6 @@ class inetOrgPerson extends baseModule {
|
||||||
|
|
||||||
}
|
}
|
||||||
$return[] = array(array('kind' => 'text', 'td' => array('colspan' => 3)));
|
$return[] = array(array('kind' => 'text', 'td' => array('colspan' => 3)));
|
||||||
// password
|
|
||||||
if (!in_array('posixAccount', $modules)) {
|
|
||||||
// new account, show input fields
|
|
||||||
if ($this->getAccountContainer()->isNewAccount && !isset($this->attributes['userPassword'][0])) {
|
|
||||||
$return[] = array(
|
|
||||||
array('kind' => 'text', 'text' => _('Password') ),
|
|
||||||
array('kind' => 'input', 'name' => 'userPassword', 'type' => 'password', 'size' => '30', 'maxlength' => '255'),
|
|
||||||
array('kind' => 'help', 'value' => 'userPassword'));
|
|
||||||
$return[] = array(
|
|
||||||
array('kind' => 'text', 'text' => _('Repeat password')),
|
|
||||||
array('kind' => 'input', 'name' => 'userPassword2', 'type' => 'password', 'size' => '30', 'maxlength' => '255'),
|
|
||||||
array('kind' => 'text', 'text' => ''));
|
|
||||||
}
|
|
||||||
// old account, show button for password page
|
|
||||||
else {
|
|
||||||
$return[] = array(
|
|
||||||
array('kind' => 'text', 'text' => _('Password') ),
|
|
||||||
array('kind' => 'input', 'name' => 'form_subpage_' . get_class($this) . '_password_open', 'type' => 'submit', 'value' => _('Change password')));
|
|
||||||
}
|
|
||||||
|
|
||||||
$return[] = array(array('kind' => 'text', 'td' => array('colspan' => 3)));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$this->isBooleanConfigOptionSet('inetOrgPerson_hideStreet')) {
|
if (!$this->isBooleanConfigOptionSet('inetOrgPerson_hideStreet')) {
|
||||||
$street = '';
|
$street = '';
|
||||||
if (isset($this->attributes['street'][0])) $street = $this->attributes['street'][0];
|
if (isset($this->attributes['street'][0])) $street = $this->attributes['street'][0];
|
||||||
|
@ -1236,54 +1176,6 @@ class inetOrgPerson extends baseModule {
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Sets a new password.
|
|
||||||
*/
|
|
||||||
function process_password() {
|
|
||||||
if ($_POST['form_subpage_' . get_class($this) . '_attributes_back']) return array();
|
|
||||||
$messages = array();
|
|
||||||
if ($_POST['userPassword'] != $_POST['userPassword2']) {
|
|
||||||
$messages[] = $this->messages['userPassword'][0];
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
if (!get_preg($_POST['userPassword'], 'password')) {
|
|
||||||
$messages[] = $this->messages['userPassword'][1];
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$pwdPolicyResult = checkPasswordStrength($_POST['userPassword']);
|
|
||||||
if ($pwdPolicyResult === true) {
|
|
||||||
$this->attributes['userPassword'][0] = pwd_hash($_POST['userPassword'], true, 'SSHA');
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$messages[] = array('ERROR', $pwdPolicyResult);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return $messages;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Displays the password changing dialog.
|
|
||||||
*
|
|
||||||
* @return array meta HTML code
|
|
||||||
*/
|
|
||||||
function display_html_password() {
|
|
||||||
$return[] = array(
|
|
||||||
array('kind' => 'text', 'text' => _('Password') ),
|
|
||||||
array('kind' => 'input', 'name' => 'userPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255'),
|
|
||||||
array('kind' => 'help', 'value' => 'userPassword'));
|
|
||||||
$return[] = array(
|
|
||||||
array('kind' => 'text', 'text' => _('Repeat password')),
|
|
||||||
array('kind' => 'input', 'name' => 'userPassword2', 'type' => 'password', 'size' => '20', 'maxlength' => '255'));
|
|
||||||
$return[] = array(
|
|
||||||
array('kind' => 'table', 'value' => array(
|
|
||||||
array(
|
|
||||||
array('kind' => 'input', 'type' => 'submit', 'value' => _('Ok'), 'name' => 'form_subpage_' . get_class($this) . '_attributes_submit'),
|
|
||||||
array('kind' => 'input', 'type' => 'submit', 'value' => _('Cancel'), 'name' => 'form_subpage_' . get_class($this) . '_attributes_back'),
|
|
||||||
array('kind' => 'text')))));
|
|
||||||
return $return;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets a new photo.
|
* Sets a new photo.
|
||||||
*/
|
*/
|
||||||
|
@ -2049,6 +1941,38 @@ class inetOrgPerson extends baseModule {
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method specifies if a module manages password attributes.
|
||||||
|
* @see passwordService::managesPasswordAttributes
|
||||||
|
*
|
||||||
|
* @return boolean true if this module manages password attributes
|
||||||
|
*/
|
||||||
|
public function managesPasswordAttributes() {
|
||||||
|
$modules = $_SESSION['config']->get_AccountModules($this->get_scope());
|
||||||
|
if (!in_array('posixAccount', $modules)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This function is called whenever the password should be changed. Account modules
|
||||||
|
* must change their password attributes only if the modules list contains their module name.
|
||||||
|
*
|
||||||
|
* @param String $password new password
|
||||||
|
* @param $modules list of modules for which the password should be changed
|
||||||
|
* @return array list of error messages if any as parameter array for StatusMessage
|
||||||
|
* e.g. return arrray(array('ERROR', 'Password change failed.'))
|
||||||
|
* @see passwordService::passwordChangeRequested
|
||||||
|
*/
|
||||||
|
public function passwordChangeRequested($password, $modules) {
|
||||||
|
if (!in_array(get_class($this), $modules)) {
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
$this->attributes['userPassword'][0] = pwd_hash($password, true, 'SSHA');
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
Loading…
Reference in New Issue