WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

It should now be possible to modify groups and add sambaGroupMapping to an exsisting posixGroup

This commit is contained in:
katagia 2004-09-15 19:52:29 +00:00
parent ba9cb593d0
commit a23f5ecc06
4 changed files with 286 additions and 297 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lam/lib/baseModule.inc
View File

@ -78,6 +78,12 @@ class baseModule {
// Create Arrays with ldap attributes // Create Arrays with ldap attributes
$this->attributes =& $_SESSION[$this->base]->get_module_attributes(get_class($this)); $this->attributes =& $_SESSION[$this->base]->get_module_attributes(get_class($this));
$this->orig =& $_SESSION[$this->base]->get_module_attributes(get_class($this), true); $this->orig =& $_SESSION[$this->base]->get_module_attributes(get_class($this), true);
$line=-1;
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
if (strpos(strtolower($_SESSION['ldap']->objectClasses[$i]), strtolower("NAME '".get_class($this)."'"))) $line = $i;
}
$objectClassName = substr($_SESSION['ldap']->objectClasses[$line], 6+strpos($_SESSION['ldap']->objectClasses[$line], "NAME '"), strlen(get_class($this)) );
$this->attributes['objectClass'][0] = $objectClassName;
} }

67
lam/lib/modules.inc
View File

@ -381,6 +381,7 @@ class accountContainer {
* types are: user, group, host * types are: user, group, host
*/ */
// Check input variable // Check input variable
if (!is_string($type)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); if (!is_string($type)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR);
if (!is_string($base)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); if (!is_string($base)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR);
// *** fixme use global variable to determine allowed types // *** fixme use global variable to determine allowed types
@ -508,7 +509,6 @@ class accountContainer {
} }
} }
} }
//else $result = $_SESSION[$this->base]->module['posixGroup']->proccess_attributes($post);
else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), $post); else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), $post);
} }
if (is_string($result)) $this->subpage = $result; if (is_string($result)) $this->subpage = $result;
@ -544,6 +544,7 @@ class accountContainer {
echo "<td><fieldset class=\"".$this->type."edit-dark\"><legend class=\"".$this->type."edit-bright\"><b>"; echo "<td><fieldset class=\"".$this->type."edit-dark\"><legend class=\"".$this->type."edit-bright\"><b>";
echo _('Please select page:'); echo _('Please select page:');
echo "</b></legend>\n"; echo "</b></legend>\n";
$x=0;
if ($this->current_page==0) { if ($this->current_page==0) {
// print disabled button // print disabled button
echo "<input name=\"form_main_main\" type=\"submit\" value=\""; echo "<input name=\"form_main_main\" type=\"submit\" value=\"";
@ -564,14 +565,14 @@ class accountContainer {
if ($this->order[$i]==$this->order[$this->current_page] || !$this->module[$this->order[$i]]->module_ready() ) { if ($this->order[$i]==$this->order[$this->current_page] || !$this->module[$this->order[$i]]->module_ready() ) {
// print disabled button // print disabled button
echo "<input name=\"form_main_".$this->order[$i]."\" type=\"submit\" value=\""; echo "<input name=\"form_main_".$this->order[$i]."\" type=\"submit\" value=\"";
echo $this->module[$this->order[$i]]->get_alias($type); echo $this->module[$this->order[$i]]->get_alias();
echo "\" disabled tabindex=$x>\n<br>"; echo "\" disabled tabindex=$x>\n<br>";
$x++; $x++;
} }
else { else {
// print normal button // print normal button
echo "<input name=\"form_main_".$this->order[$i]."\" type=\"submit\" value=\""; echo "<input name=\"form_main_".$this->order[$i]."\" type=\"submit\" value=\"";
echo $this->module[$this->order[$i]]->get_alias($type); echo $this->module[$this->order[$i]]->get_alias();
echo "\" tabindex=$x>\n<br>"; echo "\" tabindex=$x>\n<br>";
$x++; $x++;
} }
@ -590,18 +591,17 @@ class accountContainer {
echo "</b></legend>\n"; echo "</b></legend>\n";
} }
// display html-code from mdule // display html-code from mdule
//$function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->display_html_'.$this->module['main']->subpage.'($post);';
//eval ($function);
if ($this->current_page==0) { if ($this->current_page==0) {
if ($this->subpage=='attributes') { if ($this->subpage=='attributes') {
$modules = array_keys($this->module); $modules = array_keys($this->module);
$table = array();
if (!$profile) { if (!$profile) {
$disabled = false; $disabled = false;
foreach ($modules as $module) { foreach ($modules as $module) {
if (!$this->module[$module]->module_complete()) { if (!$this->module[$module]->module_complete()) {
$disabled = true; $disabled = true;
$table[] = array ( 0 => array ( 'kind' => 'message', 'type' => 'ERROR', 'headline' => _('Check module'), $table[] = array ( 0 => array ( 'kind' => 'message', 'type' => 'ERROR', 'headline' => _('Check module'),
'text' => sprintf(_('Please set up all required attributes on %s page.'), $this->module[$module]->get_alias($this->type)) )); 'text' => sprintf(_('Please set up all required attributes on %s page.'), $this->module[$module]->get_alias()) ));
} }
} }
} }
@ -720,7 +720,7 @@ class accountContainer {
echo ">\n"; echo ">\n";
echo "<fieldset>\n"; echo "<fieldset>\n";
if ($input[$i][$j]['legend']!='') echo "<legend>" . $input[$i][$j]['legend'] . "</legend>\n"; if ($input[$i][$j]['legend']!='') echo "<legend>" . $input[$i][$j]['legend'] . "</legend>\n";
$this->parse_html($module, $input[$i][$j]['value']); $this->parse_html($module, $input[$i][$j]['value'], &$y, &$z);
echo "</fieldset>\n"; echo "</fieldset>\n";
break; break;
case 'select': case 'select':
@ -752,7 +752,7 @@ class accountContainer {
echo "<td"; echo "<td";
if ($input[$i][$j]['td']['valign']!='') echo ' valign="' . $input[$i][$j]['td']['valign'] .'"'; if ($input[$i][$j]['td']['valign']!='') echo ' valign="' . $input[$i][$j]['td']['valign'] .'"';
echo ">\n"; echo ">\n";
$this->parse_html($module, $input[$i][$j]['value'], $y, $z); $this->parse_html($module, $input[$i][$j]['value'], &$y, &$z);
echo "</td>\n"; echo "</td>\n";
break; break;
case 'help': case 'help':
@ -890,8 +890,9 @@ class accountContainer {
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) { for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
if (strpos(strtolower($_SESSION['ldap']->objectClasses[$i]), strtolower("NAME '$objectClass'"))) $line = $i; if (strpos(strtolower($_SESSION['ldap']->objectClasses[$i]), strtolower("NAME '$objectClass'"))) $line = $i;
} }
// Return error if objectClass isn't found // Return empty array if no objectClass wasn't found
if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); if ($line==-1) return array();
//if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING);
// get casesensitive objectClass name // get casesensitive objectClass name
$objectClassName = substr($_SESSION['ldap']->objectClasses[$line], 6+strpos($_SESSION['ldap']->objectClasses[$line], "NAME '"), strlen($objectClass) ); $objectClassName = substr($_SESSION['ldap']->objectClasses[$line], 6+strpos($_SESSION['ldap']->objectClasses[$line], "NAME '"), strlen($objectClass) );
if (strpos($_SESSION['ldap']->objectClasses[$line], 'MUST (')) { if (strpos($_SESSION['ldap']->objectClasses[$line], 'MUST (')) {
@ -952,8 +953,7 @@ class accountContainer {
} }
} }
// make references with attibutes which are used by more than one module
// Make references to attributes which are already in use
$newattributes = array_keys($return); $newattributes = array_keys($return);
$module = array_keys($this->module); $module = array_keys($this->module);
if (!$original) { if (!$original) {
@ -962,7 +962,7 @@ class accountContainer {
for ($i=0; $i<count($module); $i++) { for ($i=0; $i<count($module); $i++) {
if ($module[$i]!=$objectClass) if ($module[$i]!=$objectClass)
foreach ($newattributes as $attribute) foreach ($newattributes as $attribute)
if (isset($this->module[$module[$i]]->attributes[$attribute])) if (isset($this->module[$module[$i]]->attributes[$attribute]) && ($attribute!='objectClass'))
$return[$attribute] =& $this->module[$module[$i]]->attributes[$attribute]; $return[$attribute] =& $this->module[$module[$i]]->attributes[$attribute];
} }
} }
@ -970,11 +970,11 @@ class accountContainer {
for ($i=0; $i<count($module); $i++) { for ($i=0; $i<count($module); $i++) {
if ($module[$i]!=$objectClass) if ($module[$i]!=$objectClass)
foreach ($newattributes as $attribute) foreach ($newattributes as $attribute)
if (isset($this->module[$module[$i]]->orig[$attribute])) if (isset($this->module[$module[$i]]->orig[$attribute]) && ($attribute!='objectClass'))
$return[$attribute] =& $this->module[$module[$i]]->orig[$attribute]; $return[$attribute] =& $this->module[$module[$i]]->orig[$attribute];
} }
} }
$return['objectClass'][0] = $objectClassName; $return['objectClass'] = array();
return $return; return $return;
} }
@ -990,9 +990,9 @@ class accountContainer {
for ($j=0; $j<count($orig[$attr_names[$i]]); $j++) { for ($j=0; $j<count($orig[$attr_names[$i]]); $j++) {
if (is_array($attributes[$attr_names[$i]])) { if (is_array($attributes[$attr_names[$i]])) {
if (!in_array($orig[$attr_names[$i]][$j], $attributes[$attr_names[$i]])) if (!in_array($orig[$attr_names[$i]][$j], $attributes[$attr_names[$i]]))
if ($orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] =utf8_encode($orig[$attr_names[$i]][$j]); if (($orig[$attr_names[$i]][$j]!='') && ($attr_names[$i]!='objectClass')) $torem[$attr_names[$i]][] =utf8_encode($orig[$attr_names[$i]][$j]);
} }
else if ($orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] = utf8_encode($orig[$attr_names[$i]][$j]); else if (($orig[$attr_names[$i]][$j]!='') && ($attr_names[$i]!='objectClass')) $torem[$attr_names[$i]][] = utf8_encode($orig[$attr_names[$i]][$j]);
} }
for ($j=0; $j<count($attributes[$attr_names[$i]]); $j++) { for ($j=0; $j<count($attributes[$attr_names[$i]]); $j++) {
if (is_array($orig[$attr_names[$i]])) { if (is_array($orig[$attr_names[$i]])) {
@ -1008,20 +1008,24 @@ class accountContainer {
} }
} }
} }
// create modify wuth add and remove // create modify with add and remove
if (is_array($toadd)) { if (is_array($toadd)) {
$attributes2 = array_keys($toadd); $attributes2 = array_keys($toadd);
for ($i=0; $i<count($attributes2); $i++) { for ($i=0; $i<count($attributes2); $i++) {
if (isset($torem[$attributes2[$i]])) { if (isset($torem[$attributes2[$i]]))
// found modify entry /* found modify entry
// Add unchanged attributes * Some ldap attributes must be set exactly one time.
// ***** fixme really neccesarry?????? * Adding or removing such an attribute wont't work
if (isset($notchanged[$attributes2[$i]])) $tomodify[$attributes[$i]] = $notchanged[$attributes[$i]]; * because it would conflict with an ldap schema.
$tomodify[$attributes2[$i]] = array_merge_recursive($tomodify[$attributes2[$i]], $toadd[$attributes2[$i]]); * Therefore when an attribute has only one entry
// unset attributes * and is set in $toadd and $torem this will be merged
if (isset($notchanged[$attributes2[$i]])) unset($notchanged[$attributes2[$i]]); * to $tomodify
if (isset($toadd[$attributes2[$i]])) unset($toadd[$attributes2[$i]]); */
if (isset($torem[$attributes2[$i]])) unset($torem[$attributes2[$i]]); if ((count($toadd[$attributes2[$i]]==0)) && (count($torem[$attributes2[$i]]==0))) {
// found attribute which should only modified
$tomodify[$attributes2[$i]] = $toadd[$attributes2[$i]];
unset($toadd[$attributes2[$i]]);
unset($torem[$attributes2[$i]]);
} }
} }
} }
@ -1062,8 +1066,6 @@ class accountContainer {
* $dn is the dn of the account which should be loaded * $dn is the dn of the account which should be loaded
*/ */
function load_account($dn) { function load_account($dn) {
//$function = '$modules = $_SESSION['config']->get_'.ucfirst($this->type).'Modules();';
//eval ($function);
$modules = call_user_func(array($_SESSION['config'], 'get_'.ucfirst($this->type).'Modules')); $modules = call_user_func(array($_SESSION['config'], 'get_'.ucfirst($this->type).'Modules'));
$search = substr($dn, 0, strpos($dn, ',')); $search = substr($dn, 0, strpos($dn, ','));
$result = ldap_search($_SESSION['ldap']->server(), $dn, $search); $result = ldap_search($_SESSION['ldap']->server(), $dn, $search);
@ -1078,6 +1080,9 @@ class accountContainer {
$this->module[$module]->init($this->base); $this->module[$module]->init($this->base);
} }
$this->module[$module]->load_attributes($attr); $this->module[$module]->load_attributes($attr);
$this->module[$module]->attributes['objectClass'] = array($module);
if (in_array($objectClassName, $attr['objectClass']))
$this->module[$module]->orig['objectClass'] = array($module);
} }
// sortm modules and make all active because all required attributes should be set // sortm modules and make all active because all required attributes should be set
@ -1186,7 +1191,7 @@ class accountContainer {
return 0; return 0;
} }
/* This function will load an account. /* This function will save an account.
*/ */
function save_account() { function save_account() {
$module = array_keys ($this->module); $module = array_keys ($this->module);

506
lam/lib/modules/posixGroup.inc
View File

@ -2,51 +2,37 @@
/* /*
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam) This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam)
Copyright (C) 2003 Tilo Lutz Copyright (C) 2003 Tilo Lutz
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/ */
/* This class contains all posixGroup LDAP attributes
* and funtioncs required to deal with posixGroup
* posixGroup can only be created when it should be added
* to an array.
* basearray is the same array posixGroup should be added
* to. If basearray is not given the constructor tries to
* create an array with posixGroup and all other required
* objects.
* Example: $user[] = new posixGroup($user);
*
* In container array the following things have to exist:
* account or inetOrgPerson object
* type: 'user' or 'host'
* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account
*/
class posixGroup extends baseModule { class posixGroup extends baseModule {
/** /**
* Creates a new posixGroup object. * Creates a new posixGroup object.
*/ */
function posixGroup($scope) { function posixGroup($scope) {
// error messages for input checks // error messages for input checks
$this->messages['minGID'] = array('ERROR', _('Minimum GID number'), _('Minimum GID number is invalid or empty!')); $this->messages['minGID'] = array('ERROR', _('Minimum GID number'), _('Minimum GID number is invalid or empty!'));
$this->messages['maxGID'] = array('ERROR', _('Maximum GID number'), _('Maximum GID number is invalid or empty!')); $this->messages['maxGID'] = array('ERROR', _('Maximum GID number'), _('Maximum GID number is invalid or empty!'));
$this->messages['cmpGID'] = array('ERROR', _('Maximum GID number'), _('Maximum GID number must be greater than minimum GID number!')); $this->messages['cmpGID'] = array('ERROR', _('Maximum GID number'), _('Maximum GID number must be greater than minimum GID number!'));
// call parent constructor // call parent constructor
parent::baseModule($scope); parent::baseModule($scope);
} }
/** /**
@ -70,92 +56,92 @@ class posixGroup extends baseModule {
$return['dependencies'] = array('depends' => array(), 'conflicts' => array('inetOrgPerson', 'account', 'sambaDomain')); $return['dependencies'] = array('depends' => array(), 'conflicts' => array('inetOrgPerson', 'account', 'sambaDomain'));
// configuration options // configuration options
$return['config_options']['group'] = array( $return['config_options']['group'] = array(
array( array(
0 => array('kind' => 'text', 'text' => '<b>' . _('Minimum GID number') . " *: </b>"), 0 => array('kind' => 'text', 'text' => '<b>' . _('Minimum GID number') . " *: </b>"),
1 => array('kind' => 'input', 'name' => 'posixGroup_minGID', 'type' => 'text', 'size' => '10', 'maxlength' => '255'), 1 => array('kind' => 'input', 'name' => 'posixGroup_minGID', 'type' => 'text', 'size' => '10', 'maxlength' => '255'),
2 => array('kind' => 'text', 'value' => '&nbsp;'), 2 => array('kind' => 'text', 'value' => '&nbsp;'),
3 => array('kind' => 'text', 'text' => '<b>' . _('Maximum GID number') . " *: </b>"), 3 => array('kind' => 'text', 'text' => '<b>' . _('Maximum GID number') . " *: </b>"),
4 => array('kind' => 'input', 'name' => 'posixGroup_maxGID', 'type' => 'text', 'size' => '10', 'maxlength' => '255'), 4 => array('kind' => 'input', 'name' => 'posixGroup_maxGID', 'type' => 'text', 'size' => '10', 'maxlength' => '255'),
5 => array('kind' => 'help', 'value' => 'TODO')) 5 => array('kind' => 'help', 'value' => 'TODO'))
); );
$return['config_options']['all'] = array( $return['config_options']['all'] = array(
array( array(
0 => array('kind' => 'text', 'text' => '<b>' . _("Password hash type") . ': &nbsp;</b>'), 0 => array('kind' => 'text', 'text' => '<b>' . _("Password hash type") . ': &nbsp;</b>'),
1 => array('kind' => 'select', 'name' => 'posixGroup_pwdHash', 'size' => '1', 1 => array('kind' => 'select', 'name' => 'posixGroup_pwdHash', 'size' => '1',
'options' => array("CRYPT", "SHA", "SSHA", "MD5", "SMD5", "PLAIN"), 'options_selected' => array('SSHA')), 'options' => array("CRYPT", "SHA", "SSHA", "MD5", "SMD5", "PLAIN"), 'options_selected' => array('SSHA')),
2 => array('kind' => 'text', 'value' => '&nbsp;'), 2 => array('kind' => 'text', 'value' => '&nbsp;'),
3 => array('kind' => 'text', 'value' => '&nbsp;'), 3 => array('kind' => 'text', 'value' => '&nbsp;'),
4 => array('kind' => 'text', 'value' => '&nbsp;'), 4 => array('kind' => 'text', 'value' => '&nbsp;'),
5 => array('kind' => 'help', 'value' => 'TODO')) 5 => array('kind' => 'help', 'value' => 'TODO'))
); );
// configuration descriptions // configuration descriptions
$return['config_descriptions'] = array( $return['config_descriptions'] = array(
'legend' => _("GID ranges for Unix groups"), 'legend' => _("GID ranges for Unix groups"),
'descriptions' => array( 'descriptions' => array(
'posixGroup_minGID' => _("Minimum GID number for Unix groups"), 'posixGroup_minGID' => _("Minimum GID number for Unix groups"),
'posixGroup_maxGID' => _("Maximum GID number for Unix groups"), 'posixGroup_maxGID' => _("Maximum GID number for Unix groups"),
'posixGroup_pwdHash' => _("Password hash type"), 'posixGroup_pwdHash' => _("Password hash type"),
) )
); );
// configuration checks // configuration checks
$return['config_checks']['group']['posixGroup_minGID'] = array('type' => 'regex', 'regex' => '^[0-9]+$', $return['config_checks']['group']['posixGroup_minGID'] = array('type' => 'regex', 'regex' => '^[0-9]+$',
'required' => true, 'required_message' => $this->messages['minGID'], 'error_message' => $this->messages['minGID']); 'required' => true, 'required_message' => $this->messages['minGID'], 'error_message' => $this->messages['minGID']);
$return['config_checks']['group']['posixGroup_maxGID'] = array('type' => 'regex', 'regex' => '^[0-9]+$', $return['config_checks']['group']['posixGroup_maxGID'] = array('type' => 'regex', 'regex' => '^[0-9]+$',
'required' => true, 'required_message' => $this->messages['maxGID'], 'error_message' => $this->messages['maxGID']); 'required' => true, 'required_message' => $this->messages['maxGID'], 'error_message' => $this->messages['maxGID']);
$return['config_checks']['group']['cmpGID'] = array('type' => 'int_greater', 'cmp_name1' => 'posixGroup_maxGID', $return['config_checks']['group']['cmpGID'] = array('type' => 'int_greater', 'cmp_name1' => 'posixGroup_maxGID',
'cmp_name2' => 'posixGroup_minGID', 'error_message' => $this->messages['cmpGID']); 'cmp_name2' => 'posixGroup_minGID', 'error_message' => $this->messages['cmpGID']);
// available PDF fields // available PDF fields
$return['PDF_fields'] = array( 'cn', $return['PDF_fields'] = array( 'cn',
'gidNumber', 'gidNumber',
'memberUid', 'memberUid',
'description'); 'description');
// upload fields // upload fields
$return['upload_columns'] = array( $return['upload_columns'] = array(
array( array(
'name' => 'posixGroup_cn', 'name' => 'posixGroup_cn',
'description' => _('Group name'), 'description' => _('Group name'),
'help' => 'TODO', 'help' => 'TODO',
'example' => _('adminstrators'), 'example' => _('adminstrators'),
'required' => true 'required' => true
), ),
array( array(
'name' => 'posixGroup_gid', 'name' => 'posixGroup_gid',
'description' => _('GID number'), 'description' => _('GID number'),
'help' => 'TODO', 'help' => 'TODO',
'example' => _('2034'), 'example' => _('2034'),
'required' => false 'required' => false
), ),
array( array(
'name' => 'posixGroup_description', 'name' => 'posixGroup_description',
'description' => _('Group description'), 'description' => _('Group description'),
'help' => 'TODO', 'help' => 'TODO',
'example' => _('Administrators group'), 'example' => _('Administrators group'),
'required' => false 'required' => false
), ),
array( array(
'name' => 'posixGroup_members', 'name' => 'posixGroup_members',
'description' => _('Group members'), 'description' => _('Group members'),
'help' => 'TODO', 'help' => 'TODO',
'example' => _('user01,user02,user03'), 'example' => _('user01,user02,user03'),
'required' => false 'required' => false
), ),
array( array(
'name' => 'posixGroup_password', 'name' => 'posixGroup_password',
'description' => _('Group password'), 'description' => _('Group password'),
'help' => 'TODO', 'help' => 'TODO',
'example' => _('secret'), 'example' => _('secret'),
'required' => false 'required' => false
) )
); );
// help Entries // help Entries
$return['help'] = array ( 'cn' => array ("ext" => "FALSE", "Headline" => _("Groupname"), "Text" => _("Group name of the group which should be created. Valid characters are: a-z,0-9, .-_. Lam does not allow a number as first character because groupadd also does not allow it. Lam does not allow capital letters A-Z because it can cause several problems. If groupname is already used groupname will be expanded with a number. The next free number will be used.")), $return['help'] = array ( 'cn' => array ("ext" => "FALSE", "Headline" => _("Groupname"), "Text" => _("Group name of the group which should be created. Valid characters are: a-z,0-9, .-_. Lam does not allow a number as first character because groupadd also does not allow it. Lam does not allow capital letters A-Z because it can cause several problems. If groupname is already used groupname will be expanded with a number. The next free number will be used.")),
'gidNumber' => array ("ext" => "FALSE", "Headline" => _("GID number"), "Text" => _("If empty GID number will be generated automaticly depending on your configuration settings.")), 'gidNumber' => array ("ext" => "FALSE", "Headline" => _("GID number"), "Text" => _("If empty GID number will be generated automaticly depending on your configuration settings.")),
'description' => array ("ext" => "FALSE", "Headline" => _("Gecos"), "Text" => _("Group description. If left empty group name will be used.")), 'description' => array ("ext" => "FALSE", "Headline" => _("Gecos"), "Text" => _("Group description. If left empty group name will be used.")),
'adduser' => array ("ext" => "FALSE", "Headline" => _("Group members"), "Text" => _("Users also being member of the current group."). ' '. _("Can be left empty.")), 'adduser' => array ("ext" => "FALSE", "Headline" => _("Group members"), "Text" => _("Users also being member of the current group."). ' '. _("Can be left empty.")),
/*'userPassword' => */ /*'userPassword' => */
'userPassword_no' => array ("ext" => "FALSE", "Headline" => _("Use no password"), "Text" => _("If checked no password will be used."))/*,*/ 'userPassword_no' => array ("ext" => "FALSE", "Headline" => _("Use no password"), "Text" => _("If checked no password will be used."))/*,*/
/*'userPassword_lock' => */); /*'userPassword_lock' => */);
return $return; return $return;
} }
@ -164,7 +150,7 @@ class posixGroup extends baseModule {
// call parent init // call parent init
parent::init($base); parent::init($base);
$this->changegids=false; $this->changegids=false;
} }
// Variables // Variables
@ -175,7 +161,7 @@ class posixGroup extends baseModule {
// change gids of users and hosts? // change gids of users and hosts?
var $changegids; var $changegids;
/* $attribute['userPassword'] can't accessed directly because it's enrcypted /** $attribute['userPassword'] can't accessed directly because it's enrcypted
* To read / write password function userPassword is needed * To read / write password function userPassword is needed
* This function will return the unencrypted password when * This function will return the unencrypted password when
* called without a variable * called without a variable
@ -187,19 +173,19 @@ class posixGroup extends baseModule {
// Write new password // Write new password
$this->attributes['userPassword'][0] = base64_encode($_SESSION['ldap']->encrypt($newpassword)); $this->attributes['userPassword'][0] = base64_encode($_SESSION['ldap']->encrypt($newpassword));
return 0; return 0;
} }
else { else {
if ($this->attributes['userPassword'][0]!='') { if ($this->attributes['userPassword'][0]!='') {
// Read existing password if set // Read existing password if set
return $_SESSION['ldap']->decrypt(base64_decode($this->attributes['userPassword'][0])); return $_SESSION['ldap']->decrypt(base64_decode($this->attributes['userPassword'][0]));
}
else return '';
} }
else return '';
} }
}
function module_ready() { function module_ready() {
return true; return true;
} }
/* This functions return true /* This functions return true
* if all needed settings are done * if all needed settings are done
@ -209,8 +195,8 @@ class posixGroup extends baseModule {
if ($this->attributes['cn'][0] == '') return false; if ($this->attributes['cn'][0] == '') return false;
if ($this->attributes['gidNumber'][0] == '') return false; if ($this->attributes['gidNumber'][0] == '') return false;
return true; return true;
} }
/* This function returns a list of all html-pages in module /* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files * This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some * because lam can walk trough all pages itself and do some
@ -218,7 +204,7 @@ class posixGroup extends baseModule {
*/ */
function pages() { function pages() {
return array('attributes', 'user'); return array('attributes', 'user');
} }
/* This function returns all ldap attributes /* This function returns all ldap attributes
* which are part of posixGroup and returns * which are part of posixGroup and returns
@ -228,7 +214,7 @@ class posixGroup extends baseModule {
$return = $this->attributes; $return = $this->attributes;
$return['userPassword'] = $this->userPassword(); $return['userPassword'] = $this->userPassword();
return $return; return $return;
} }
/* This function loads all attributes into the object /* This function loads all attributes into the object
* $attr is an array as it's retured from ldap_get_attributes * $attr is an array as it's retured from ldap_get_attributes
@ -241,7 +227,7 @@ class posixGroup extends baseModule {
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
// unset double entries // unset double entries
for ($i=0; $i<count($attr); $i++) for ($i=0; $i<count($attr); $i++)
if (isset($attr[$i])) unset($attr[$i]); if (isset($attr[$i])) unset($attr[$i]);
foreach ($attributes as $attribute) { foreach ($attributes as $attribute) {
if (isset($this->attributes[$attribute])) { if (isset($this->attributes[$attribute])) {
// decode as unicode // decode as unicode
@ -249,13 +235,13 @@ class posixGroup extends baseModule {
for ($i=0; $i<count($this->attributes[$attribute]); $i++) { for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); $this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
}
} }
} }
}
// Values are kept as copy so we can compare old attributes with new attributes // Values are kept as copy so we can compare old attributes with new attributes
$this->attributes['objectClass'][0] = 'posixGroup'; $this->attributes['objectClass'][0] = 'posixGroup';
return 0; return 0;
} }
/* This function returns an array with 3 entries: /* This function returns an array with 3 entries:
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... ) * array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
@ -267,39 +253,38 @@ class posixGroup extends baseModule {
*/ */
function save_attributes() { function save_attributes() {
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig); $return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
if (isset($return[$_SESSION[$this->base]->dn]['modify']['userPassword'])) if (isset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']))
unset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']); unset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']);
// Set unix password // Set unix password
if (count($this->orig['userPassword'])==0) { if (count($this->orig['userPassword'])==0) {
// New user or no old password set // New user or no old password set
if ($this->userPassword_no) { if ($this->userPassword_no) {
$return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]); $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]);
}
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash($this->userPassword(), !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]));
} }
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash($this->userPassword(), !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]));
}
else { else {
if (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0] && $this->userPassword()!='' ) || $this->userPassword_no) { if (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0] && $this->userPassword()!='' ) || $this->userPassword_no) {
// Write new password // Write new password
if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]); if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]);
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash($this->userPassword(), !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0])); else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash($this->userPassword(), !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]));
}
else { // No new password but old password
// (un)lock password
if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'][0])) {
// Split old password hash in {CRYPT} and password-hash
$i = 0;
while ($this->orig['userPassword'][0]{$i} != '}') $i++;
$passwd = substr($this->orig['userPassword'][0], $i+1 );
$crypt = substr($this->orig['userPassword'][0], 0, $i+1 );
// remove trailing ! from password hash
if ($passwd{0} == '!') $passwd = substr($passwd, 1);
// Write new password
if ($this->userPassword_lock) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd");
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd");
}
}
} }
else { // No new password but old password
// (un)lock password
if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'][0])) {
// Split old password hash in {CRYPT} and password-hash
$i = 0;
while ($this->orig['userPassword'][0]{$i} != '}') $i++;
$passwd = substr($this->orig['userPassword'][0], $i+1 );
$crypt = substr($this->orig['userPassword'][0], 0, $i+1 );
// remove trailing ! from password hash
if ($passwd{0} == '!') $passwd = substr($passwd, 1);
// Write new password
if ($this->userPassword_lock) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd");
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd");
}
}
}
// Remove primary group from users from memberUid // Remove primary group from users from memberUid
$users_dn = $_SESSION['cache']->get_cache('gidNumber', 'posixAccount', 'user'); $users_dn = $_SESSION['cache']->get_cache('gidNumber', 'posixAccount', 'user');
@ -312,95 +297,96 @@ class posixGroup extends baseModule {
$this->attribtues['memberUid'] = @array_flip($this->attribtues['memberUid']); $this->attribtues['memberUid'] = @array_flip($this->attribtues['memberUid']);
unset($this->attribtues['memberUid'][$thisuser]); unset($this->attribtues['memberUid'][$thisuser]);
$this->attribtues['memberUid'] = @array_flip($this->attribtues['memberUid']); $this->attribtues['memberUid'] = @array_flip($this->attribtues['memberUid']);
}
} }
} }
} }
}
// Change gids of users and hosts? // Change gids of users and hosts?
if ($this->changegids) { if ($this->changegids) {
// get gidNumber // get gidNumber
$line=-1; $line=-1;
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) { for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'posixAccount'")) $line = $i; if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'posixAccount'")) $line = $i;
} }
if ($line!=-1) { if ($line!=-1) {
$result = $_SESSION['cache']->get_cache('gidNumber', 'posixAccount', '*'); $result = $_SESSION['cache']->get_cache('gidNumber', 'posixAccount', '*');
$DNs = array_keys($result); if (is_array($result)) {
for ($i=0; $i<count($DNs); $i++) $DNs = array_keys($result);
for ($i=0; $i<count($DNs); $i++)
if ($result[$DNs[$i]][0] == $this->orig['gidNumber'][0]) $return[$DNs[$i]]['modify']['gidNumber'][0] = $this->attributes['gidNumber'][0]; if ($result[$DNs[$i]][0] == $this->orig['gidNumber'][0]) $return[$DNs[$i]]['modify']['gidNumber'][0] = $this->attributes['gidNumber'][0];
} }
}
// change primaryGroupID // change primaryGroupID
$line=-1; $line=-1;
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) { for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'sambaAccount'")) $line = $i; if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'sambaAccount'")) $line = $i;
} }
if ($line!=-1) { if ($line!=-1) {
$result = $_SESSION['cache']->get_cache('primaryGroupID', 'sambaAccount', '*'); $result = $_SESSION['cache']->get_cache('primaryGroupID', 'sambaAccount', '*');
$DNs = array_keys($result); if (is_array($result)) {
for ($i=0; $i<count($DNs); $i++) { $DNs = array_keys($result);
if ($result[$DNs[$i]][0] == $this->orig['gidNumber'][0]*2+1001 ) $return[$DNs[$i]]['modify']['PrimaryGroupID'][0] = $this->attributes['gidNumber'][0]*2+1001; for ($i=0; $i<count($DNs); $i++) {
if ($result[$DNs[$i]][0] == $this->orig['gidNumber'][0]*2+1001 ) $return[$DNs[$i]]['modify']['PrimaryGroupID'][0] = $this->attributes['gidNumber'][0]*2+1001;
} }
} }
}
// change sambaPrimaryGroupSID // change sambaPrimaryGroupSID
$line=-1; $line=-1;
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) { for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'sambaSamAccount'")) $line = $i; if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'sambaSamAccount'")) $line = $i;
} }
if ($line!=-1) { if ($line!=-1) {
$result = $_SESSION['cache']->get_cache('sambaPrimaryGroupSID', 'sambaSamAccount', '*'); $result = $_SESSION['cache']->get_cache('sambaPrimaryGroupSID', 'sambaSamAccount', '*');
$DNs = array_keys($result); if (is_array($result)) {
for ($i=0; $i<count($DNs); $i++) { $DNs = array_keys($result);
// Get Domain SID from name for ($i=0; $i<count($DNs); $i++) {
$sambaDomains = $_SESSION['ldap']->search_domains($_SESSION['config']->get_domainSuffix()); // Get Domain SID from name
// Get Domain-SID from group SID $sambaDomains = $_SESSION['ldap']->search_domains($_SESSION['config']->get_domainSuffix());
$domainSID = substr($result[$DNs[$i]], 0, strrpos($result[$DNs[$i]], "-")); // Get Domain-SID from group SID
for ($i=0; $i<count($sambaDomains); $i++ ) $domainSID = substr($result[$DNs[$i]], 0, strrpos($result[$DNs[$i]], "-"));
for ($i=0; $i<count($sambaDomains); $i++ )
if ($domainSID==$sambaDomains[$i]->SID) if ($domainSID==$sambaDomains[$i]->SID)
$RIDbase = $sambaDomains[$i]->RIDbase; $RIDbase = $sambaDomains[$i]->RIDbase;
if ($result[$DNs[$i]][0] == $SID . "-" . $this->orig['gidNumber'][0]*2+1+$RIDbase ) $return[$DNs[$i]]['modify']['sambaPrimaryGroupSID'][0] = $SID . "-" . $this->attributes['gidNumber'][0]*2+1+$RIDbase; if ($result[$DNs[$i]][0] == $SID . "-" . $this->orig['gidNumber'][0]*2+1+$RIDbase ) $return[$DNs[$i]]['modify']['sambaPrimaryGroupSID'][0] = $SID . "-" . $this->attributes['gidNumber'][0]*2+1+$RIDbase;
} }
} }
} }
// Add ObjectClass
$return[$_SESSION[$this->base]->dn]['notchanged']['objectClass'][0] = 'posixGroup';
return $return;
} }
return $return;
}
function delete_attributes($post) { function delete_attributes($post) {
if ($_SESSION['cache']->in_cache($this->attributes['gidNumber'][0], 'gidNumber', 'user')) if ($_SESSION['cache']->in_cache($this->attributes['gidNumber'][0], 'gidNumber', 'user'))
$return[$_SESSION[$this->base]->dn]['errors'][] = array ('ERROR', _('Primary groupmembers'), _('There are still primary members in group.')); $return[$_SESSION[$this->base]->dn]['errors'][] = array ('ERROR', _('Primary groupmembers'), _('There are still primary members in group.'));
return $return; return $return;
} }
/* Write variables into object and do some regexp checks /* Write variables into object and do some regexp checks
*/ */
function proccess_attributes($post, $profile=false) { function proccess_attributes($post, $profile=false) {
if ($this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0]) if ($this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0])
$errors['gidNumber'][] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.')); $errors['gidNumber'][] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.'));
// Load attributes // Load attributes
$this->attributes['cn'][0] = $post['cn']; $this->attributes['cn'][0] = $post['cn'];
$this->attributes['gidNumber'][0] = $post['gidNumber']; $this->attributes['gidNumber'][0] = $post['gidNumber'];
$this->attributes['description'][0] = $post['description']; $this->attributes['description'][0] = $post['description'];
if ($post['userPassword_no']) $this->userPassword_no=true; if ($post['userPassword_no']) $this->userPassword_no=true;
else $this->userPassword_no=false; else $this->userPassword_no=false;
if ($post['userPassword_lock']) $this->userPassword_lock=true; if ($post['userPassword_lock']) $this->userPassword_lock=true;
else $this->userPassword_lock=false; else $this->userPassword_lock=false;
If (!$profile) { If (!$profile) {
if ($post['changegids']) $this->changegids=true; if ($post['changegids']) $this->changegids=true;
else $this->changegids=false; else $this->changegids=false;
if (isset($post['userPassword'])) { if (isset($post['userPassword'])) {
if ($post['userPassword'] != $post['userPassword2']) { if ($post['userPassword'] != $post['userPassword2']) {
$errors['userPassword'][] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); $errors['userPassword'][] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
unset ($post['userPassword2']); unset ($post['userPassword2']);
}
else $this->userPassword($post['userPassword']);
} }
else $this->userPassword($post['userPassword']);
}
if ($post['genpass']) $this->userPassword(genpasswd()); if ($post['genpass']) $this->userPassword(genpasswd());
// Check if UID is valid. If none value was entered, the next useable value will be inserted // Check if UID is valid. If none value was entered, the next useable value will be inserted
// load min and may uidNumber // load min and may uidNumber
$minID = intval($this->moduleSettings['posixGroup_minGID'][0]); $minID = intval($this->moduleSettings['posixGroup_minGID'][0]);
@ -410,7 +396,7 @@ class posixGroup extends baseModule {
if(is_array($dn_gids)) { if(is_array($dn_gids)) {
foreach ($dn_gids as $gid) $gids[] = $gid[0]; foreach ($dn_gids as $gid) $gids[] = $gid[0];
sort ($gids, SORT_NUMERIC); sort ($gids, SORT_NUMERIC);
} }
if ($this->attributes['gidNumber'][0]=='') { if ($this->attributes['gidNumber'][0]=='') {
// No id-number given // No id-number given
if ($this->orig['gidNumber'][0]=='') { if ($this->orig['gidNumber'][0]=='') {
@ -429,18 +415,18 @@ class posixGroup extends baseModule {
$i = intval($minID); $i = intval($minID);
while (in_array($i, $gids)) $i++; while (in_array($i, $gids)) $i++;
if ($i>$maxID) if ($i>$maxID)
$errors['gidNumber'][] = array('ERROR', _('ID-Number'), _('No free ID-Number!')); $errors['gidNumber'][] = array('ERROR', _('ID-Number'), _('No free ID-Number!'));
else { else {
$this->attributes['gidNumber'][0] = $i; $this->attributes['gidNumber'][0] = $i;
$errors['gidNumber'][] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); $errors['gidNumber'][] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
}
} }
}
else $this->attributes['gidNumber'][0] = $minID; else $this->attributes['gidNumber'][0] = $minID;
// return minimum allowed id-number if no id-numbers are found // return minimum allowed id-number if no id-numbers are found
} }
else $this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0]; else $this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0];
// old account -> return id-number which has been used // old account -> return id-number which has been used
} }
else { else {
// Check manual ID // Check manual ID
// id-number is out of valid range // id-number is out of valid range
@ -453,32 +439,30 @@ class posixGroup extends baseModule {
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]!='' && ($this->orig['gidNumber'][0] != $this->attributes['gidNumber'][0]) ) { if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]!='' && ($this->orig['gidNumber'][0] != $this->attributes['gidNumber'][0]) ) {
$errors['gidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use')); $errors['gidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use'));
$this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0]; $this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0];
}
} }
} }
}
if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn'])) if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn']))
$errors['cn'][] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); $errors['cn'][] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
// Check if Username contains only valid characters // Check if Username contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['cn'][0])) if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['cn'][0]))
$errors['cn'][] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); $errors['cn'][] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
// Create automatic useraccount with number if original user already exists // Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use // Reset name to original name if new name is in use
// Set username back to original name if new username is in use // Set username back to original name if new username is in use
if ($_SESSION['cache']->in_cache($this->attributes['cn'][0],'cn', '*')!=false && ($this->orig['cn'][0]!='')) { if ($_SESSION['cache']->in_cache($this->attributes['cn'][0],'cn', '*')!=false && ($this->orig['cn'][0]!='')) {
$this->attributes['cn'][0] = $this->orig['cn'][0]; $this->attributes['cn'][0] = $this->orig['cn'][0];
} }
// Change uid to a new uid until a free uid is found // Change uid to a new uid until a free uid is found
else while ($_SESSION['cache']->in_cache($this->attributes['cn'][0], 'cn', '*')) { else while ($_SESSION['cache']->in_cache($this->attributes['cn'][0], 'cn', '*')) {
// get last character of username // get last character of username
$lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1); $lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1);
// Last character is no number // Last character is no number
if ( !ereg('^([0-9])+$', $lastchar)) if ( !ereg('^([0-9])+$', $lastchar))
/* Last character is no number. Therefore we only have to /* Last character is no number. Therefore we only have to
* add "2" to it. * add "2" to it.
*/ */
$this->attributes['cn'][0] = $this->attributes['cn'][0] . '2'; $this->attributes['cn'][0] = $this->attributes['cn'][0] . '2';
else { else {
/* Last character is a number -> we have to increase the number until we've /* Last character is a number -> we have to increase the number until we've
* found a groupname with trailing number which is not in use. * found a groupname with trailing number which is not in use.
@ -491,56 +475,53 @@ class posixGroup extends baseModule {
// Set $i to the last character which is a number in $account_new->general_username // Set $i to the last character which is a number in $account_new->general_username
while (!$mark) { while (!$mark) {
if (ereg('^([0-9])+$',substr($this->attributes['cn'][0], $i, strlen($this->attributes['cn'][0])-$i))) $i--; if (ereg('^([0-9])+$',substr($this->attributes['cn'][0], $i, strlen($this->attributes['cn'][0])-$i))) $i--;
else $mark=true; else $mark=true;
} }
// increase last number with one // increase last number with one
$firstchars = substr($this->attributes['cn'][0], 0, $i+1); $firstchars = substr($this->attributes['cn'][0], 0, $i+1);
$lastchars = substr($this->attributes['cn'][0], $i+1, strlen($this->attributes['cn'][0])-$i); $lastchars = substr($this->attributes['cn'][0], $i+1, strlen($this->attributes['cn'][0])-$i);
// Put username together // Put username together
$this->attributes['cn'][0] = $firstchars . (intval($lastchars)+1); $this->attributes['cn'][0] = $firstchars . (intval($lastchars)+1);
}
} }
}
// Show warning if lam has changed username // Show warning if lam has changed username
if ($this->attributes['cn'][0] != $post['cn']) { if ($this->attributes['cn'][0] != $post['cn']) {
$errors['cn'][] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.')); $errors['cn'][] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.'));
}
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
$errors['userPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
} }
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
$errors['userPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
}
// Return error-messages // Return error-messages
if (is_array($errors)) return $errors; if (is_array($errors)) return $errors;
// Go to additional group page when no error did ocour and button was pressed // Go to additional group page when no error did ocour and button was pressed
if ($post['adduser']) return 'user'; if ($post['adduser']) return 'user';
return 0; return 0;
} }
/* Write variables into object and do some regexp checks /* Write variables into object and do some regexp checks
*/ */
function proccess_user($post, $profile=false) { function proccess_user($post, $profile=false) {
do { // X-Or, only one if() can be true do { // X-Or, only one if() can be true
if (isset($post['addusers']) && isset($post['addusers_button'])) { // Add groups to list if (isset($post['addusers']) && isset($post['addusers_button'])) { // Add groups to list
// Add new user // Add new user
$this->attributes['memberUid'] = @array_merge($this->attributes['memberUid'], $post['addusers']); $this->attributes['memberUid'] = @array_merge($this->attributes['memberUid'], $post['addusers']);
// remove doubles // remove doubles
$this->attributes['memberUid'] = @array_flip($this->attributes['memberUid']); $this->attributes['memberUid'] = @array_flip($this->attributes['memberUid']);
array_unique($this->attributes['memberUid']); array_unique($this->attributes['memberUid']);
$this->attributes['memberUid'] = @array_flip($this->attributes['memberUid']); $this->attributes['memberUid'] = @array_flip($this->attributes['memberUid']);
// sort groups // sort groups
sort($this->attributes['memberUid']); sort($this->attributes['memberUid']);
break; break;
} }
if (isset($post['removeusers']) && isset($post['removeusers_button'])) { // remove groups from list if (isset($post['removeusers']) && isset($post['removeusers_button'])) { // remove groups from list
$this->attributes['memberUid'] = array_delete($post['removeusers'], $this->attributes['memberUid']); $this->attributes['memberUid'] = array_delete($post['removeusers'], $this->attributes['memberUid']);
break; break;
} }
} while(0); } while(0);
if (isset($post['adduser_button']) || isset($post['removeuser_button'])) return 'user'; if (isset($post['adduser_button']) || isset($post['removeuser_button'])) return 'user';
if ($post['toattributes']) return 'attributes'; if ($post['toattributes']) return 'attributes';
return 0; return 0;
} }
/* This function will create the html-page /* This function will create the html-page
* to show a page with all attributes. * to show a page with all attributes.
@ -548,48 +529,48 @@ class posixGroup extends baseModule {
*/ */
function display_html_attributes($post) { function display_html_attributes($post) {
if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword(); if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword();
else $password=''; else $password='';
if (!$profile) { if (!$profile) {
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Groupname").'*' ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Groupname").'*' ),
1 => array ( 'kind' => 'input', 'name' => 'cn', 'type' => 'text', 'size' => '20', 'maxlength' => '20', 'value' => $this->attributes['cn'][0]), 1 => array ( 'kind' => 'input', 'name' => 'cn', 'type' => 'text', 'size' => '20', 'maxlength' => '20', 'value' => $this->attributes['cn'][0]),
2 => array ('kind' => 'help', 'value' => 'cn')); 2 => array ('kind' => 'help', 'value' => 'cn'));
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('GID number').'*' ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('GID number').'*' ),
1 => array ( 'kind' => 'input', 'name' => 'gidNumber', 'type' => 'text', 'size' => '6', 'maxlength' => '6', 'value' => $this->attributes['gidNumber'][0]), 1 => array ( 'kind' => 'input', 'name' => 'gidNumber', 'type' => 'text', 'size' => '6', 'maxlength' => '6', 'value' => $this->attributes['gidNumber'][0]),
2 => array ('kind' => 'help', 'value' => 'gidNumber')); 2 => array ('kind' => 'help', 'value' => 'gidNumber'));
} }
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Description') ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Description') ),
1 => array ( 'kind' => 'input', 'name' => 'description', 'type' => 'text', 'size' => '30', 'maxlength' => '255', 'value' => $this->attributes['description'][0]), 1 => array ( 'kind' => 'input', 'name' => 'description', 'type' => 'text', 'size' => '30', 'maxlength' => '255', 'value' => $this->attributes['description'][0]),
2 => array ('kind' => 'help', 'value' => 'description')); 2 => array ('kind' => 'help', 'value' => 'description'));
if (!$profile) { if (!$profile) {
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Group members").'*' ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Group members").'*' ),
1 => array ( 'kind' => 'input', 'name' => 'adduser', 'type' => 'submit', 'value' => _('Edit groups')), 1 => array ( 'kind' => 'input', 'name' => 'adduser', 'type' => 'submit', 'value' => _('Edit groups')),
2 => array ('kind' => 'help', 'value' => 'adduser')); 2 => array ('kind' => 'help', 'value' => 'adduser'));
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Password') ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Password') ),
1 => array ( 'kind' => 'input', 'name' => 'userPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password), 1 => array ( 'kind' => 'input', 'name' => 'userPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password),
2 => array ( 'kind' => 'input', 'name' => 'genpass', 'type' => 'submit', 'value' => _('Generate password'))); 2 => array ( 'kind' => 'input', 'name' => 'genpass', 'type' => 'submit', 'value' => _('Generate password')));
if ($post['userPassword2']!='') $password2 = $post['userPassword2']; if ($post['userPassword2']!='') $password2 = $post['userPassword2'];
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Repeat password') ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Repeat password') ),
1 => array ( 'kind' => 'input', 'name' => 'userPassword2', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password2), 1 => array ( 'kind' => 'input', 'name' => 'userPassword2', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password2),
2 => array ('kind' => 'help', 'value' => 'userPassword')); 2 => array ('kind' => 'help', 'value' => 'userPassword'));
} }
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Use no password') ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Use no password') ),
1 => array ( 'kind' => 'input', 'name' => 'userPassword_no', 'type' => 'checkbox', 'checked' => $this->userPassword_no), 1 => array ( 'kind' => 'input', 'name' => 'userPassword_no', 'type' => 'checkbox', 'checked' => $this->userPassword_no),
2 => array ('kind' => 'help', 'value' => 'userPassword_no')); 2 => array ('kind' => 'help', 'value' => 'userPassword_no'));
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Lock password') ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Lock password') ),
1 => array ( 'kind' => 'input', 'name' => 'userPassword_lock', 'type' => 'checkbox', 'checked' => $this->userPassword_lock), 1 => array ( 'kind' => 'input', 'name' => 'userPassword_lock', 'type' => 'checkbox', 'checked' => $this->userPassword_lock),
2 => array ('kind' => 'help', 'value' => 'userPassword_lock')); 2 => array ('kind' => 'help', 'value' => 'userPassword_lock'));
if ($this->attributes['gidNumber'][0]!=$this->orig['gidNumber'][0] && $this->orig['gidNumber'][0]!='' && !$profile) { if ($this->attributes['gidNumber'][0]!=$this->orig['gidNumber'][0] && $this->orig['gidNumber'][0]!='' && !$profile) {
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Change GID number of users and hosts') ), $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Change GID number of users and hosts') ),
1 => array ( 'kind' => 'input', 'name' => 'changegids', 'type' => 'checkbox', 'checked' => $this->changegids), 1 => array ( 'kind' => 'input', 'name' => 'changegids', 'type' => 'checkbox', 'checked' => $this->changegids),
2 => array ('kind' => 'help', 'value' => 'changegids')); 2 => array ('kind' => 'help', 'value' => 'changegids'));
}
return $return;
} }
return $return;
}
function display_html_delete($post) { function display_html_delete($post) {
// Get list of primary groupmembers. // Get list of primary groupmembers.
return 0; return 0;
} }
function display_html_user($post, $profile=false) { function display_html_user($post, $profile=false) {
// load list with all groups // load list with all groups
@ -610,38 +591,37 @@ class posixGroup extends baseModule {
$users = @array_flip($users); $users = @array_flip($users);
unset($users[$thisuser]); unset($users[$thisuser]);
$users = @array_flip($users); $users = @array_flip($users);
}
} }
} }
}
// sort users // sort users
sort($users); sort($users);
}
$return[] = array ( 0 => array ( 'kind' => 'fieldset', 'legend' => _("Group members"), 'value' =>
array ( 0 => array ( 0 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Selected users"), 'value' =>
array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'removeusers[]', 'size' => '15', 'multiple', 'options' => $this->attributes['memberUid'])))),
1 => array ( 'kind' => 'table', 'value' => array ( 0 => array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'addusers_button',
'value' => '<=')), 1 => array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'removeusers_button', 'value' => '=>' )),
2 => array ( 0 => array ( 'kind' => 'help', 'value' => 'adduser' )))),
2 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Available users"), 'value' =>
array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'addusers[]', 'size' => '15', 'multiple', 'options' => $users))))
))));
$return[] = array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'value' => _('Back') ),
1 => array ( 'kind' => 'text'),
2 => array ('kind' => 'text'));
return $return;
} }
$return[] = array ( 0 => array ( 'kind' => 'fieldset', 'legend' => _("Group members"), 'value' =>
array ( 0 => array ( 0 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Selected users"), 'value' =>
array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'removeusers[]', 'size' => '15', 'multiple', 'options' => $this->attributes['memberUid'])))),
1 => array ( 'kind' => 'table', 'value' => array ( 0 => array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'addusers_button',
'value' => '<=')), 1 => array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'removeusers_button', 'value' => '=>' )),
2 => array ( 0 => array ( 'kind' => 'help', 'value' => 'adduser' )))),
2 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Available users"), 'value' =>
array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'addusers[]', 'size' => '15', 'multiple', 'options' => $users))))
))));
$return[] = array ( 0 => array ( 'kind' => 'input', 'name' => 'toattributes' ,'type' => 'submit', 'value' => _('Back') ),
1 => array ( 'kind' => 'text'),
2 => array ('kind' => 'text'));
return $return;
}
/* /*
* (non-PHPDoc) * (non-PHPDoc)
* @see baseModule#get_pdfEntries * @see baseModule#get_pdfEntries
*/ */
function get_pdfEntries($account_type = "group") { function get_pdfEntries($account_type = "group") {
return array( 'posixGroup_cn' => array('<block><key>' . _('Groupname') . '</key><value>' . $this->attributes['cn'][0] . '</value></block>'), return array( 'posixGroup_cn' => array('<block><key>' . _('Groupname') . '</key><value>' . $this->attributes['cn'][0] . '</value></block>'),
'posixGroup_gidNumber' => array('<block><key>' . _('GID number') . '</key><value>' . $this->attributes['gidNumber'][0] . '</value></block>'), 'posixGroup_gidNumber' => array('<block><key>' . _('GID number') . '</key><value>' . $this->attributes['gidNumber'][0] . '</value></block>'),
'posixGroup_memberUid' => array('<block><key>' . _('Group members') . '</key><value>' . $this->attributes['memberUid'][0] . '</value></block>'), 'posixGroup_memberUid' => array('<block><key>' . _('Group members') . '</key><value>' . $this->attributes['memberUid'][0] . '</value></block>'),
'posixGroup_description' => array('<block><key>' . _('Description') . '</key><value>' . $this->attributes['description'][0] . '</value></block>')); 'posixGroup_description' => array('<block><key>' . _('Description') . '</key><value>' . $this->attributes['description'][0] . '</value></block>'));
} }
} }

4
lam/lib/modules/sambaGroupMapping.inc
View File

@ -209,8 +209,6 @@ class sambaGroupMapping extends baseModule {
if (!$wrid) $this->attributes['sambaSID'][0] == $SID."-".($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2+1+$RIDbase); if (!$wrid) $this->attributes['sambaSID'][0] == $SID."-".($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2+1+$RIDbase);
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig); $return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
// Add ObjectClass
$return[$_SESSION[$this->base]->dn]['notchanged']['objectClass'][0] = 'sambaGroupMapping';
return $return; return $return;
} }
@ -250,7 +248,7 @@ class sambaGroupMapping extends baseModule {
$errors[] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID'); $errors[] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID');
} }
} }
if (!$wrid) $this->attributes['sambaSID'][0] = $SID."-".($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2)+$RIDbase+1; if (!$wrid) $this->attributes['sambaSID'][0] = $SID . "-" . ($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2+$RIDbase+1);
} }
// Return error-messages // Return error-messages