It should now be possible to modify groups and add sambaGroupMapping to an exsisting posixGroup
This commit is contained in:
katagia
parent
ba9cb593d0
commit
a23f5ecc06
|
|
@ -78,6 +78,12 @@ class baseModule {
|
|||
// Create Arrays with ldap attributes
|
||||
$this->attributes =& $_SESSION[$this->base]->get_module_attributes(get_class($this));
|
||||
$this->orig =& $_SESSION[$this->base]->get_module_attributes(get_class($this), true);
|
||||
$line=-1;
|
||||
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
|
||||
if (strpos(strtolower($_SESSION['ldap']->objectClasses[$i]), strtolower("NAME '".get_class($this)."'"))) $line = $i;
|
||||
}
|
||||
$objectClassName = substr($_SESSION['ldap']->objectClasses[$line], 6+strpos($_SESSION['ldap']->objectClasses[$line], "NAME '"), strlen(get_class($this)) );
|
||||
$this->attributes['objectClass'][0] = $objectClassName;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -381,6 +381,7 @@ class accountContainer {
|
|||
* types are: user, group, host
|
||||
*/
|
||||
// Check input variable
|
||||
|
||||
if (!is_string($type)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR);
|
||||
if (!is_string($base)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR);
|
||||
// *** fixme use global variable to determine allowed types
|
||||
|
|
@ -508,7 +509,6 @@ class accountContainer {
|
|||
}
|
||||
}
|
||||
}
|
||||
//else $result = $_SESSION[$this->base]->module['posixGroup']->proccess_attributes($post);
|
||||
else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), $post);
|
||||
}
|
||||
if (is_string($result)) $this->subpage = $result;
|
||||
|
|
@ -544,6 +544,7 @@ class accountContainer {
|
|||
echo "<td><fieldset class=\"".$this->type."edit-dark\"><legend class=\"".$this->type."edit-bright\"><b>";
|
||||
echo _('Please select page:');
|
||||
echo "</b></legend>\n";
|
||||
$x=0;
|
||||
if ($this->current_page==0) {
|
||||
// print disabled button
|
||||
echo "<input name=\"form_main_main\" type=\"submit\" value=\"";
|
||||
|
|
@ -564,14 +565,14 @@ class accountContainer {
|
|||
if ($this->order[$i]==$this->order[$this->current_page] || !$this->module[$this->order[$i]]->module_ready() ) {
|
||||
// print disabled button
|
||||
echo "<input name=\"form_main_".$this->order[$i]."\" type=\"submit\" value=\"";
|
||||
echo $this->module[$this->order[$i]]->get_alias($type);
|
||||
echo $this->module[$this->order[$i]]->get_alias();
|
||||
echo "\" disabled tabindex=$x>\n<br>";
|
||||
$x++;
|
||||
}
|
||||
else {
|
||||
// print normal button
|
||||
echo "<input name=\"form_main_".$this->order[$i]."\" type=\"submit\" value=\"";
|
||||
echo $this->module[$this->order[$i]]->get_alias($type);
|
||||
echo $this->module[$this->order[$i]]->get_alias();
|
||||
echo "\" tabindex=$x>\n<br>";
|
||||
$x++;
|
||||
}
|
||||
|
|
@ -590,18 +591,17 @@ class accountContainer {
|
|||
echo "</b></legend>\n";
|
||||
}
|
||||
// display html-code from mdule
|
||||
//$function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->display_html_'.$this->module['main']->subpage.'($post);';
|
||||
//eval ($function);
|
||||
if ($this->current_page==0) {
|
||||
if ($this->subpage=='attributes') {
|
||||
$modules = array_keys($this->module);
|
||||
$table = array();
|
||||
if (!$profile) {
|
||||
$disabled = false;
|
||||
foreach ($modules as $module) {
|
||||
if (!$this->module[$module]->module_complete()) {
|
||||
$disabled = true;
|
||||
$table[] = array ( 0 => array ( 'kind' => 'message', 'type' => 'ERROR', 'headline' => _('Check module'),
|
||||
'text' => sprintf(_('Please set up all required attributes on %s page.'), $this->module[$module]->get_alias($this->type)) ));
|
||||
'text' => sprintf(_('Please set up all required attributes on %s page.'), $this->module[$module]->get_alias()) ));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -720,7 +720,7 @@ class accountContainer {
|
|||
echo ">\n";
|
||||
echo "<fieldset>\n";
|
||||
if ($input[$i][$j]['legend']!='') echo "<legend>" . $input[$i][$j]['legend'] . "</legend>\n";
|
||||
$this->parse_html($module, $input[$i][$j]['value']);
|
||||
$this->parse_html($module, $input[$i][$j]['value'], &$y, &$z);
|
||||
echo "</fieldset>\n";
|
||||
break;
|
||||
case 'select':
|
||||
|
|
@ -752,7 +752,7 @@ class accountContainer {
|
|||
echo "<td";
|
||||
if ($input[$i][$j]['td']['valign']!='') echo ' valign="' . $input[$i][$j]['td']['valign'] .'"';
|
||||
echo ">\n";
|
||||
$this->parse_html($module, $input[$i][$j]['value'], $y, $z);
|
||||
$this->parse_html($module, $input[$i][$j]['value'], &$y, &$z);
|
||||
echo "</td>\n";
|
||||
break;
|
||||
case 'help':
|
||||
|
|
@ -890,8 +890,9 @@ class accountContainer {
|
|||
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
|
||||
if (strpos(strtolower($_SESSION['ldap']->objectClasses[$i]), strtolower("NAME '$objectClass'"))) $line = $i;
|
||||
}
|
||||
// Return error if objectClass isn't found
|
||||
if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING);
|
||||
// Return empty array if no objectClass wasn't found
|
||||
if ($line==-1) return array();
|
||||
//if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING);
|
||||
// get casesensitive objectClass name
|
||||
$objectClassName = substr($_SESSION['ldap']->objectClasses[$line], 6+strpos($_SESSION['ldap']->objectClasses[$line], "NAME '"), strlen($objectClass) );
|
||||
if (strpos($_SESSION['ldap']->objectClasses[$line], 'MUST (')) {
|
||||
|
|
@ -952,8 +953,7 @@ class accountContainer {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
// Make references to attributes which are already in use
|
||||
// make references with attibutes which are used by more than one module
|
||||
$newattributes = array_keys($return);
|
||||
$module = array_keys($this->module);
|
||||
if (!$original) {
|
||||
|
|
@ -962,7 +962,7 @@ class accountContainer {
|
|||
for ($i=0; $i<count($module); $i++) {
|
||||
if ($module[$i]!=$objectClass)
|
||||
foreach ($newattributes as $attribute)
|
||||
if (isset($this->module[$module[$i]]->attributes[$attribute]))
|
||||
if (isset($this->module[$module[$i]]->attributes[$attribute]) && ($attribute!='objectClass'))
|
||||
$return[$attribute] =& $this->module[$module[$i]]->attributes[$attribute];
|
||||
}
|
||||
}
|
||||
|
|
@ -970,11 +970,11 @@ class accountContainer {
|
|||
for ($i=0; $i<count($module); $i++) {
|
||||
if ($module[$i]!=$objectClass)
|
||||
foreach ($newattributes as $attribute)
|
||||
if (isset($this->module[$module[$i]]->orig[$attribute]))
|
||||
if (isset($this->module[$module[$i]]->orig[$attribute]) && ($attribute!='objectClass'))
|
||||
$return[$attribute] =& $this->module[$module[$i]]->orig[$attribute];
|
||||
}
|
||||
}
|
||||
$return['objectClass'][0] = $objectClassName;
|
||||
$return['objectClass'] = array();
|
||||
return $return;
|
||||
}
|
||||
|
||||
|
|
@ -990,9 +990,9 @@ class accountContainer {
|
|||
for ($j=0; $j<count($orig[$attr_names[$i]]); $j++) {
|
||||
if (is_array($attributes[$attr_names[$i]])) {
|
||||
if (!in_array($orig[$attr_names[$i]][$j], $attributes[$attr_names[$i]]))
|
||||
if ($orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] =utf8_encode($orig[$attr_names[$i]][$j]);
|
||||
if (($orig[$attr_names[$i]][$j]!='') && ($attr_names[$i]!='objectClass')) $torem[$attr_names[$i]][] =utf8_encode($orig[$attr_names[$i]][$j]);
|
||||
}
|
||||
else if ($orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] = utf8_encode($orig[$attr_names[$i]][$j]);
|
||||
else if (($orig[$attr_names[$i]][$j]!='') && ($attr_names[$i]!='objectClass')) $torem[$attr_names[$i]][] = utf8_encode($orig[$attr_names[$i]][$j]);
|
||||
}
|
||||
for ($j=0; $j<count($attributes[$attr_names[$i]]); $j++) {
|
||||
if (is_array($orig[$attr_names[$i]])) {
|
||||
|
|
@ -1008,20 +1008,24 @@ class accountContainer {
|
|||
}
|
||||
}
|
||||
}
|
||||
// create modify wuth add and remove
|
||||
// create modify with add and remove
|
||||
if (is_array($toadd)) {
|
||||
$attributes2 = array_keys($toadd);
|
||||
for ($i=0; $i<count($attributes2); $i++) {
|
||||
if (isset($torem[$attributes2[$i]])) {
|
||||
// found modify entry
|
||||
// Add unchanged attributes
|
||||
// ***** fixme really neccesarry??????
|
||||
if (isset($notchanged[$attributes2[$i]])) $tomodify[$attributes[$i]] = $notchanged[$attributes[$i]];
|
||||
$tomodify[$attributes2[$i]] = array_merge_recursive($tomodify[$attributes2[$i]], $toadd[$attributes2[$i]]);
|
||||
// unset attributes
|
||||
if (isset($notchanged[$attributes2[$i]])) unset($notchanged[$attributes2[$i]]);
|
||||
if (isset($toadd[$attributes2[$i]])) unset($toadd[$attributes2[$i]]);
|
||||
if (isset($torem[$attributes2[$i]])) unset($torem[$attributes2[$i]]);
|
||||
if (isset($torem[$attributes2[$i]]))
|
||||
/* found modify entry
|
||||
* Some ldap attributes must be set exactly one time.
|
||||
* Adding or removing such an attribute wont't work
|
||||
* because it would conflict with an ldap schema.
|
||||
* Therefore when an attribute has only one entry
|
||||
* and is set in $toadd and $torem this will be merged
|
||||
* to $tomodify
|
||||
*/
|
||||
if ((count($toadd[$attributes2[$i]]==0)) && (count($torem[$attributes2[$i]]==0))) {
|
||||
// found attribute which should only modified
|
||||
$tomodify[$attributes2[$i]] = $toadd[$attributes2[$i]];
|
||||
unset($toadd[$attributes2[$i]]);
|
||||
unset($torem[$attributes2[$i]]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1062,8 +1066,6 @@ class accountContainer {
|
|||
* $dn is the dn of the account which should be loaded
|
||||
*/
|
||||
function load_account($dn) {
|
||||
//$function = '$modules = $_SESSION['config']->get_'.ucfirst($this->type).'Modules();';
|
||||
//eval ($function);
|
||||
$modules = call_user_func(array($_SESSION['config'], 'get_'.ucfirst($this->type).'Modules'));
|
||||
$search = substr($dn, 0, strpos($dn, ','));
|
||||
$result = ldap_search($_SESSION['ldap']->server(), $dn, $search);
|
||||
|
|
@ -1078,6 +1080,9 @@ class accountContainer {
|
|||
$this->module[$module]->init($this->base);
|
||||
}
|
||||
$this->module[$module]->load_attributes($attr);
|
||||
$this->module[$module]->attributes['objectClass'] = array($module);
|
||||
if (in_array($objectClassName, $attr['objectClass']))
|
||||
$this->module[$module]->orig['objectClass'] = array($module);
|
||||
}
|
||||
|
||||
// sortm modules and make all active because all required attributes should be set
|
||||
|
|
@ -1186,7 +1191,7 @@ class accountContainer {
|
|||
return 0;
|
||||
}
|
||||
|
||||
/* This function will load an account.
|
||||
/* This function will save an account.
|
||||
*/
|
||||
function save_account() {
|
||||
$module = array_keys ($this->module);
|
||||
|
|
|
|||
|
|
@ -20,21 +20,7 @@ $Id$
|
|||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
*/
|
||||
|
||||
/* This class contains all posixGroup LDAP attributes
|
||||
* and funtioncs required to deal with posixGroup
|
||||
* posixGroup can only be created when it should be added
|
||||
* to an array.
|
||||
* basearray is the same array posixGroup should be added
|
||||
* to. If basearray is not given the constructor tries to
|
||||
* create an array with posixGroup and all other required
|
||||
* objects.
|
||||
* Example: $user[] = new posixGroup($user);
|
||||
*
|
||||
* In container array the following things have to exist:
|
||||
* account or inetOrgPerson object
|
||||
* type: 'user' or 'host'
|
||||
* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account
|
||||
*/
|
||||
|
||||
class posixGroup extends baseModule {
|
||||
|
||||
/**
|
||||
|
|
@ -175,7 +161,7 @@ class posixGroup extends baseModule {
|
|||
// change gids of users and hosts?
|
||||
var $changegids;
|
||||
|
||||
/* $attribute['userPassword'] can't accessed directly because it's enrcypted
|
||||
/** $attribute['userPassword'] can't accessed directly because it's enrcypted
|
||||
* To read / write password function userPassword is needed
|
||||
* This function will return the unencrypted password when
|
||||
* called without a variable
|
||||
|
|
@ -267,7 +253,6 @@ class posixGroup extends baseModule {
|
|||
*/
|
||||
function save_attributes() {
|
||||
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
||||
|
||||
if (isset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']))
|
||||
unset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']);
|
||||
// Set unix password
|
||||
|
|
@ -326,10 +311,12 @@ class posixGroup extends baseModule {
|
|||
}
|
||||
if ($line!=-1) {
|
||||
$result = $_SESSION['cache']->get_cache('gidNumber', 'posixAccount', '*');
|
||||
if (is_array($result)) {
|
||||
$DNs = array_keys($result);
|
||||
for ($i=0; $i<count($DNs); $i++)
|
||||
if ($result[$DNs[$i]][0] == $this->orig['gidNumber'][0]) $return[$DNs[$i]]['modify']['gidNumber'][0] = $this->attributes['gidNumber'][0];
|
||||
}
|
||||
}
|
||||
// change primaryGroupID
|
||||
$line=-1;
|
||||
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
|
||||
|
|
@ -337,11 +324,13 @@ class posixGroup extends baseModule {
|
|||
}
|
||||
if ($line!=-1) {
|
||||
$result = $_SESSION['cache']->get_cache('primaryGroupID', 'sambaAccount', '*');
|
||||
if (is_array($result)) {
|
||||
$DNs = array_keys($result);
|
||||
for ($i=0; $i<count($DNs); $i++) {
|
||||
if ($result[$DNs[$i]][0] == $this->orig['gidNumber'][0]*2+1001 ) $return[$DNs[$i]]['modify']['PrimaryGroupID'][0] = $this->attributes['gidNumber'][0]*2+1001;
|
||||
}
|
||||
}
|
||||
}
|
||||
// change sambaPrimaryGroupSID
|
||||
$line=-1;
|
||||
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
|
||||
|
|
@ -349,6 +338,7 @@ class posixGroup extends baseModule {
|
|||
}
|
||||
if ($line!=-1) {
|
||||
$result = $_SESSION['cache']->get_cache('sambaPrimaryGroupSID', 'sambaSamAccount', '*');
|
||||
if (is_array($result)) {
|
||||
$DNs = array_keys($result);
|
||||
for ($i=0; $i<count($DNs); $i++) {
|
||||
// Get Domain SID from name
|
||||
|
|
@ -362,9 +352,8 @@ class posixGroup extends baseModule {
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Add ObjectClass
|
||||
$return[$_SESSION[$this->base]->dn]['notchanged']['objectClass'][0] = 'posixGroup';
|
||||
return $return;
|
||||
}
|
||||
|
||||
|
|
@ -379,7 +368,6 @@ class posixGroup extends baseModule {
|
|||
function proccess_attributes($post, $profile=false) {
|
||||
if ($this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0])
|
||||
$errors['gidNumber'][] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.'));
|
||||
|
||||
// Load attributes
|
||||
$this->attributes['cn'][0] = $post['cn'];
|
||||
$this->attributes['gidNumber'][0] = $post['gidNumber'];
|
||||
|
|
@ -391,7 +379,6 @@ class posixGroup extends baseModule {
|
|||
If (!$profile) {
|
||||
if ($post['changegids']) $this->changegids=true;
|
||||
else $this->changegids=false;
|
||||
|
||||
if (isset($post['userPassword'])) {
|
||||
if ($post['userPassword'] != $post['userPassword2']) {
|
||||
$errors['userPassword'][] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
||||
|
|
@ -400,7 +387,6 @@ class posixGroup extends baseModule {
|
|||
else $this->userPassword($post['userPassword']);
|
||||
}
|
||||
if ($post['genpass']) $this->userPassword(genpasswd());
|
||||
|
||||
// Check if UID is valid. If none value was entered, the next useable value will be inserted
|
||||
// load min and may uidNumber
|
||||
$minID = intval($this->moduleSettings['posixGroup_minGID'][0]);
|
||||
|
|
@ -456,13 +442,11 @@ class posixGroup extends baseModule {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn']))
|
||||
$errors['cn'][] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
||||
// Check if Username contains only valid characters
|
||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['cn'][0]))
|
||||
$errors['cn'][] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
||||
|
||||
// Create automatic useraccount with number if original user already exists
|
||||
// Reset name to original name if new name is in use
|
||||
// Set username back to original name if new username is in use
|
||||
|
|
@ -500,16 +484,13 @@ class posixGroup extends baseModule {
|
|||
$this->attributes['cn'][0] = $firstchars . (intval($lastchars)+1);
|
||||
}
|
||||
}
|
||||
|
||||
// Show warning if lam has changed username
|
||||
if ($this->attributes['cn'][0] != $post['cn']) {
|
||||
$errors['cn'][] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.'));
|
||||
}
|
||||
|
||||
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
|
||||
$errors['userPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
||||
}
|
||||
|
||||
// Return error-messages
|
||||
if (is_array($errors)) return $errors;
|
||||
// Go to additional group page when no error did ocour and button was pressed
|
||||
|
|
@ -616,7 +597,6 @@ class posixGroup extends baseModule {
|
|||
// sort users
|
||||
sort($users);
|
||||
}
|
||||
|
||||
$return[] = array ( 0 => array ( 'kind' => 'fieldset', 'legend' => _("Group members"), 'value' =>
|
||||
array ( 0 => array ( 0 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Selected users"), 'value' =>
|
||||
array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'removeusers[]', 'size' => '15', 'multiple', 'options' => $this->attributes['memberUid'])))),
|
||||
|
|
@ -627,7 +607,7 @@ class posixGroup extends baseModule {
|
|||
array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'addusers[]', 'size' => '15', 'multiple', 'options' => $users))))
|
||||
))));
|
||||
|
||||
$return[] = array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'value' => _('Back') ),
|
||||
$return[] = array ( 0 => array ( 'kind' => 'input', 'name' => 'toattributes' ,'type' => 'submit', 'value' => _('Back') ),
|
||||
1 => array ( 'kind' => 'text'),
|
||||
2 => array ('kind' => 'text'));
|
||||
return $return;
|
||||
|
|
|
|||
|
|
@ -209,8 +209,6 @@ class sambaGroupMapping extends baseModule {
|
|||
if (!$wrid) $this->attributes['sambaSID'][0] == $SID."-".($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2+1+$RIDbase);
|
||||
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
||||
|
||||
// Add ObjectClass
|
||||
$return[$_SESSION[$this->base]->dn]['notchanged']['objectClass'][0] = 'sambaGroupMapping';
|
||||
return $return;
|
||||
}
|
||||
|
||||
|
|
@ -250,7 +248,7 @@ class sambaGroupMapping extends baseModule {
|
|||
$errors[] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID');
|
||||
}
|
||||
}
|
||||
if (!$wrid) $this->attributes['sambaSID'][0] = $SID."-".($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2)+$RIDbase+1;
|
||||
if (!$wrid) $this->attributes['sambaSID'][0] = $SID . "-" . ($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2+$RIDbase+1);
|
||||
}
|
||||
|
||||
// Return error-messages
|
||||
|
|
|
|||
Loading…
Reference in New Issue