WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Made a lot of changes in modules. 

Many reference problems are fixed now

Only posixGroup module is working at the Moment but the
other modules will be fixed very soon
This commit is contained in:
katagia 2004-09-14 11:53:33 +00:00
parent e9da9ef125
commit b6bc73106c
8 changed files with 102 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lam/lib/baseModule.inc
View File

@ -51,6 +51,12 @@ class baseModule {
/** name of parent accountContainer ($_SESSION[$base]) */
var $base;
/** contains all ldap attributes which should be written */
var $attributes;
/** contains all ldap attributes which are loaded from ldap */
var $orig;
/**
* Creates a new base module class
*
@ -69,6 +75,9 @@ class baseModule {
*/
function init($base) {
$this->base = $base;
// Create Arrays with ldap attributes
$this->attributes =& $_SESSION[$this->base]->get_module_attributes(get_class($this));
$this->orig =& $_SESSION[$this->base]->get_module_attributes(get_class($this), true);
}

6
lam/lib/cache.inc
View File

@ -202,7 +202,7 @@ class cache {
// Get Scope
//$function = '$suffix = $this->config->get_'.ucfirst($scope).'Suffix();';
If ($scope != '*') //eval($function);
$suffix = call_user_func(array($this->config, 'get_'.ucfirst($scope).'Suffix'));
$suffix = call_user_func(array(&$this->config, 'get_'.ucfirst($scope).'Suffix'));
else $suffix = '';
// Get Data from ldap
$search = $this->attributes[$scope];
@ -243,7 +243,7 @@ class cache {
$function = '$suffix = $$this->config->get_'.ucfirst($allowed_types[$i]).'Suffix();';
// *** fixme, where is get_DomainSuffix
If ($scope != '*') //eval($function);
$suffix = call_user_func(array($this->config, 'get_'.ucfirst($allowed_types[$i]).'Suffix'));
$suffix = call_user_func(array(&$this->config, 'get_'.ucfirst($allowed_types[$i]).'Suffix'));
else $suffix = '';
if (substr($suffix, $dn)) $singlescope = $allowed_types[$i];
}
@ -256,7 +256,7 @@ class cache {
//$function = '$suffix = $this->config->get_'.ucfirst($scope).'Suffix();';
//eval($function);
if ($scope!='*') {
$suffix = call_user_func(array($this->config, 'get_'.ucfirst($scope).'Suffix'));
$suffix = call_user_func(array(&$this->config, 'get_'.ucfirst($scope).'Suffix'));
if (strpos($dn, $suffix)) $singlescope = $scope;
}
}

61
lam/lib/modules.inc
View File

@ -388,7 +388,6 @@ class accountContainer {
$this->type = $type;
$this->base = $base;
// Name of variables in session
$this->cache = 'cache';
$this->header2 = 'header';
// Set startpage
$this->current_page=0;
@ -509,7 +508,8 @@ class accountContainer {
}
}
}
else $result = call_user_func(array($this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), $post);
//else $result = $_SESSION[$this->base]->module['posixGroup']->proccess_attributes($post);
else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), $post);
}
if (is_string($result)) $this->subpage = $result;
if (is_int($result)) {
@ -608,7 +608,7 @@ class accountContainer {
if (count($table)!=0) $return[] = array ( 0 => array ( 'kind' => 'table', 'value' => $table ) );
// loop through all suffixes
$rootsuffix = call_user_func(array($_SESSION['config'], 'get_' . ucfirst($this->type) . 'Suffix'));
$rootsuffix = call_user_func(array(&$_SESSION['config'], 'get_' . ucfirst($this->type) . 'Suffix'));
foreach ($_SESSION['ldap']->search_units($rootsuffix) as $suffix) {
if ($this->dn == $suffix) $option_selected = $suffix;
$suffixes[] = $suffix;
@ -786,7 +786,7 @@ class accountContainer {
// loop through every existing objectlass and select current objectClass
$line=-1;
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME '$objectClass'")) $line = $i;
if (strpos(strtolower($_SESSION['ldap']->objectClasses[$i]), strtolower("NAME '$objectClass'"))) $line = $i;
}
// Return error if objectClass isn't found
if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING);
@ -877,15 +877,18 @@ class accountContainer {
}
/* This function return ldap attributes which are uses by $objectClass
* Syntax is get_attributes($objectClass)
* Return is an array with all allowed attributes
/* This function returns all ldap attributes in an array which are used by $objectClass
* ldap attributs already in use by another objectClass are passed as reference.
* Therefore this function must be called as reference: $result =& ..get_module_attributes
*
* if original is true referencees will be set to original attributes. This are the original attributes
* when an ldap entry is loaded.
*/
function get_module_attributes($objectClass) {
function get_module_attributes($objectClass, $original=false) {
// Add account type to object
$line=-1;
for ($i=0; $i<count($_SESSION['ldap']->objectClasses) || $i==-1; $i++) {
if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME '$objectClass'")) $line = $i;
if (strpos(strtolower($_SESSION['ldap']->objectClasses[$i]), strtolower("NAME '$objectClass'"))) $line = $i;
}
// Return error if objectClass isn't found
if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING);
@ -946,8 +949,31 @@ class accountContainer {
}
}
}
$this->add_attributes($objectClass);
return $return;
// Make references to attributes which are already in use
$newattributes = array_keys($return);
$module = array_keys($this->module);
if (!$original) {
// Only add attributes when original is false. We don't want to add them twice
$this->add_attributes($objectClass);
for ($i=0; $i<count($module); $i++) {
if ($module[$i]!=$objectClass)
foreach ($newattributes as $attribute)
if (isset($this->module[$module[$i]]->attributes[$attribute]))
$return[$attribute] =& $this->module[$module[$i]]->attributes[$attribute];
}
}
else {
for ($i=0; $i<count($module); $i++) {
if ($module[$i]!=$objectClass)
foreach ($newattributes as $attribute)
if (isset($this->module[$module[$i]]->orig[$attribute]))
$return[$attribute] =& $this->module[$module[$i]]->orig[$attribute];
}
}
return $return;
}
/* This function return ldap attributes which are uses by $objectClass
@ -987,6 +1013,7 @@ class accountContainer {
if (isset($torem[$attributes2[$i]])) {
// found modify entry
// Add unchanged attributes
// ***** fixme really neccesarry??????
if (isset($notchanged[$attributes2[$i]])) $tomodify[$attributes[$i]] = $notchanged[$attributes[$i]];
$tomodify[$attributes2[$i]] = array_merge_recursive($tomodify[$attributes2[$i]], $toadd[$attributes2[$i]]);
// unset attributes
@ -1229,14 +1256,14 @@ class accountContainer {
$attr = array_merge_recursive($attributes[$this->dn]['add'], $attributes[$this->dn]['notchanged'], $attributes[$this->dn]['modify']);
$success = ldap_add($_SESSION['ldap']->server(), $this->dn, $attr);
if ($success) {
$_SESSION[$this->cache]->update_cache($this->$dn, 'add', $attr);
$_SESSION['cache']->update_cache($this->$dn, 'add', $attr);
$success = ldap_delete($_SESSION['ldap']->server(), $this->dn_orig);
if (!$success) {
$errors[] = array('ERROR', 'LDAP', sprintf(_('Was unable to delete dn: %s.'), $this->dn_orig));
$stopprocessing = true;
}
if ($success)
$_SESSION[$this->cache]->update_cache($this->$dn, 'delete_dn');
$_SESSION['cache']->update_cache($this->$dn, 'delete_dn');
}
if (!$success) {
$errors[] = array('ERROR', 'LDAP', sprintf(_('Was unable to create dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $this->dn));
@ -1252,7 +1279,7 @@ class accountContainer {
$stopprocessing = true;
}
else
$_SESSION[$this->cache]->update_cache($this->$dn, 'add', $attr);
$_SESSION['cache']->update_cache($this->$dn, 'add', $attr);
}
unset($attributes[$this->dn]);
}
@ -1268,7 +1295,7 @@ class accountContainer {
$stopprocessing = true;
}
else
$_SESSION[$this->cache]->update_cache($this->$dn, 'modify', $attributes[$this->dn]['modify']);
$_SESSION['cache']->update_cache($this->$dn, 'modify', $attributes[$this->dn]['modify']);
}
// add attributes
if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) {
@ -1278,7 +1305,7 @@ class accountContainer {
$stopprocessing = true;
}
else
$_SESSION[$this->cache]->update_cache($this->$dn, 'add', $attributes[$this->dn]['add']);
$_SESSION['cache']->update_cache($this->$dn, 'add', $attributes[$this->dn]['add']);
}
// removce attributes
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) {
@ -1288,7 +1315,7 @@ class accountContainer {
$stopprocessing = true;
}
else
$_SESSION[$this->cache]->update_cache($this->$dn, 'remove', $attributes[$this->dn]['remove']);
$_SESSION['cache']->update_cache($this->$dn, 'remove', $attributes[$this->dn]['remove']);
}
}
}

44
lam/lib/modules/posixAccount.inc
View File

@ -174,7 +174,7 @@ class posixAccount extends baseModule {
$this->orig = $_SESSION[$this->base]->get_module_attributes('posixAccount');
$this->attributes = $_SESSION[$this->base]->get_module_attributes('posixAccount');
$groups = $_SESSION[$_SESSION[$this->base]->cache]->findgroups(); // list of all groupnames
$groups = $_SESSION['cache']->findgroups(); // list of all groupnames
if (count($groups)==0) trigger_error(_('No groups found in ldap.'), E_USER_WARNING);
// Make references to attributes which already esists in ldap
@ -297,7 +297,7 @@ class posixAccount extends baseModule {
$this->attributes['objectClass'][0] = 'posixAccount';
// get all additional groupmemberships
$dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('memberUid', 'posixGroup', 'group');
$dn_groups = $_SESSION['cache']->get_cache('memberUid', 'posixGroup', 'group');
$DNs = array_keys($dn_groups);
foreach ($DNs as $DN) {
if (in_array($attr['uid'][0], $dn_groups[$DN])) {
@ -350,13 +350,13 @@ class posixAccount extends baseModule {
// Remove primary group from additional groups
for ($i=0; $i<count($this->groups); $i++) {
if ($this->groups[$i]==$_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0])) unset($this->groups[$i]);
if ($this->groups[$i]==$_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0])) unset($this->groups[$i]);
}
// Set additional group memberships
if ($this->orig['uid'][0]!='' && $this->attributes['uid'][0]!=$this->orig['uid'][0]) {
// remove old memberships
$dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('memberUid', 'posixGroup', 'group');
$dn_groups = $_SESSION['cache']->get_cache('memberUid', 'posixGroup', 'group');
$DNs = array_keys($dn_groups);
foreach ($DNs as $DN)
if (in_array($this->orig['uid'][0], $dn_groups[$DN]))
@ -375,7 +375,7 @@ class posixAccount extends baseModule {
//There are some old groups.
$add = array_delete($this->groups_orig, $this->groups);
$remove = array_delete($this->groups, $this->groups_orig);
$dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group');
$dn_cns = $_SESSION['cache']->get_cache('cn', 'posixGroup', 'group');
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys($dn_cns);
foreach ($DNs as $DN) {
@ -385,11 +385,11 @@ class posixAccount extends baseModule {
if (in_array($dn_cns[$DN][0], $remove)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'][0];
}
// primary group mut also be removed if it has changed after setting additional groups
if (in_array($_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]), $this->groups_orig)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
if (in_array($_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]), $this->groups_orig)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
}
else {
// Add user to every group
$dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group');
$dn_cns = $_SESSION['cache']->get_cache('cn', 'posixGroup', 'group');
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys($dn_cns);
foreach ($DNs as $DN) {
@ -400,7 +400,7 @@ class posixAccount extends baseModule {
else {
if (is_array($this->groups_orig)) {
//There are some old groups which have to be removed
$dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group');
$dn_cns = $_SESSION['cache']->get_cache('cn', 'posixGroup', 'group');
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys($dn_cns);
foreach ($DNs as $DN) {
@ -417,7 +417,7 @@ class posixAccount extends baseModule {
function delete_attributes($post) {
$return = array();
// remove memberUids if set
$groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('memberUid', 'posixGroup', 'group');
$groups = $_SESSION['cache']->get_cache('memberUid', 'posixGroup', 'group');
$DNs = array_keys($groups);
for ($i=0; $i<count($DNs); $i++) {
if (in_array($this->attributes['uid'][0], $groups[$DNs[$i]])) $return[$DNs[$i]]['remove']['memberUid'][] = $this->attributes['uid'][0];
@ -431,8 +431,8 @@ class posixAccount extends baseModule {
function proccess_attributes($post, $profile=false) {
if ($this->orig['uid'][0]!='' && $post['uid']!=$this->attributes['uid'][0])
$errors['uid'][] = array('INFO', _('UID'), _('UID has changed. Do you want to change home directory?'));
if ($this->orig['gidNumber'][0]!='' && $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['gidNumber'])!=$this->attributes['gidNumber'][0])
$errors['gidNumber'][] = array('INFO', _('GID number'), sprintf(_('GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\''), $this->orig['gidNumber'][0], $this->orig['uidNumber'][0], $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['gidNumber'])));
if ($this->orig['gidNumber'][0]!='' && $_SESSION['cache']->getgid($post['gidNumber'])!=$this->attributes['gidNumber'][0])
$errors['gidNumber'][] = array('INFO', _('GID number'), sprintf(_('GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\''), $this->orig['gidNumber'][0], $this->orig['uidNumber'][0], $_SESSION['cache']->getgid($post['gidNumber'])));
if ($this->orig['uidNumber'][0]!='' && $post['uidNumber']!=$this->attributes['uidNumber'][0])
$errors['uidNumber'][] = array('INFO', _('UID number'), sprintf(_('UID number has changed. To keep file ownership you have to run the following command as root: \'find / -uid %s -exec chown %s {} \;\''), $this->orig['uidNumber'][0], $this->attributes['uidNumber'][0]));
if (isset($post['homeDirectory']) && $this->orig['homeDirectory'][0]!='' && $post['homeDirectory']!=$this->attributes['homeDirectory'][0])
@ -442,7 +442,7 @@ class posixAccount extends baseModule {
$this->attributes['uid'][0] = $post['uid'];
$this->attributes['cn'][0] = $this->attributes['uid'][0];
$this->attributes['uidNumber'][0] = $post['uidNumber'];
$this->attributes['gidNumber'][0] = $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['gidNumber']);
$this->attributes['gidNumber'][0] = $_SESSION['cache']->getgid($post['gidNumber']);
$this->attributes['homeDirectory'][0] = $post['homeDirectory'];
$this->attributes['loginShell'][0] = $post['loginShell'];
$this->attributes['gecos'][0] = $post['gecos'];
@ -472,7 +472,7 @@ class posixAccount extends baseModule {
$minID = intval($this->moduleSettings['posixAccount_minMachine'][0]);
$maxID = intval($this->moduleSettings['posixAccount_maxMachine'][0]);
}
$dn_uids = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uidNumber', 'posixAccount', '*');
$dn_uids = $_SESSION['cache']->get_cache('uidNumber', 'posixAccount', '*');
// get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
foreach ($dn_uids as $uid) $uids[] = $uid[0];
if(is_array($uids)) sort ($uids, SORT_NUMERIC);
@ -527,7 +527,7 @@ class posixAccount extends baseModule {
$errors['uid'][] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
// Check if Homedir is valid
if (!$profile) {
$this->attributes['homeDirectory'][0] = str_replace('$group', $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
$this->attributes['homeDirectory'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
if ($this->attributes['uid'][0] != '')
$this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]);
if ($this->attributes['homeDirectory'][0] != $post['homeDirectory']) $errors['homeDirecotry'][] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
@ -551,11 +551,11 @@ class posixAccount extends baseModule {
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
if (!$profile) {
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0],'uid', '*')!=false && ($this->orig['uid'][0]!='')) {
if ($_SESSION['cache']->in_cache($this->attributes['uid'][0],'uid', '*')!=false && ($this->orig['uid'][0]!='')) {
$this->attributes['uid'][0] = $this->orig['uid'][0];
}
// Change uid to a new uid until a free uid is found
else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0], 'uid', '*')) {
else while ($_SESSION['cache']->in_cache($this->attributes['uid'][0], 'uid', '*')) {
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = substr($this->attributes['uid'][0], 0, -1);
// get last character of username
$lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1);
@ -633,7 +633,7 @@ class posixAccount extends baseModule {
* It will output a complete html-table
*/
function display_html_attributes($post, $profile=false) {
$groups = $_SESSION[$_SESSION[$this->base]->cache]->findgroups(); // list of all groupnames
$groups = $_SESSION['cache']->findgroups(); // list of all groupnames
$shelllist = getshells(); // list of all valid shells
if (!$profile) {
@ -651,7 +651,7 @@ class posixAccount extends baseModule {
2 => array ('kind' => 'help', 'value' => 'gecos'));
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Primary group').'*' ),
1 => array ( 'kind' => 'select', 'name' => 'gidNumber', 'options' => $groups, 'options_selected' =>
array ($_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]))),
array ($_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]))),
2 => array ('kind' => 'help', 'value' => 'gidNumber'));
if ($_SESSION[$this->base]->type=='user') {
@ -704,14 +704,14 @@ class posixAccount extends baseModule {
function display_html_group($post, $profile=false) {
// load list with all groups
$dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('gidNumber', 'posixGroup', 'group');
$dn_groups = $_SESSION['cache']->get_cache('gidNumber', 'posixGroup', 'group');
$DNs = array_keys($dn_groups);
foreach ($DNs as $DN)
$groups[] = substr($DN, 3, strpos($DN, ',')-3);
// remove groups the user is member of from grouplist
$groups = array_delete($this->groups, $groups);
// Remove primary group from grouplist
$group = $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]);
$group = $_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]);
$groups = array_flip($groups);
unset ($groups[$group]);
$groups = array_flip($groups);
@ -738,7 +738,7 @@ class posixAccount extends baseModule {
function get_profileOptions() {
$return = array();
if ($_SESSION[$this->base]->type=='user') {
$groups = $_SESSION[$_SESSION[$this->base]->cache]->findgroups(); // list of all groupnames
$groups = $_SESSION['cache']->findgroups(); // list of all groupnames
$shelllist = getshells(); // list of all valid shells
// primary Unix group
$return[] = array(0 => array('kind' => 'text', 'text' => _('Primary group') . ": "),
@ -778,7 +778,7 @@ class posixAccount extends baseModule {
'posixAccount_uidNumber' => array('<block><key>' . _('UID number') . '</key><value>' . $this->attributes['uidNumber'][0] . '</value></block>'),
'posixAccount_gidNumber' => array('<block><key>' . _('GID number') . '</key><value>' . $this->attributes['gidNumber'][0] . '</value></block>'),
'posixAccount_gecos' => array('<block><key>' . _('Gecos') . '</key><value>' . $this->attributes['gecos'][0] . '</value></block>'),
'posixAccount_primaryGroup' => array('<block><key>' . _('Primary group') . '</key><value>' . $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]) . '</value></block>'),
'posixAccount_primaryGroup' => array('<block><key>' . _('Primary group') . '</key><value>' . $_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]) . '</value></block>'),
'posixAccount_additionalGroups' => array('<block><key>' . _('Additional groups') . '</key><value>' . '</value></block>'),
'posixAccount_homeDirectory' => array('<block><key>' . _('Home directory') . '</key><value>' . $this->attributes['homeDirectory'][0] . '</value></block>'),
'posixAccount_userPassword' => array('<block><key>' . _('Password') . '</key><value>' . $this->attributes['userPassword'][0] . '</value></block>'),

64
lam/lib/modules/posixGroup.inc
View File

@ -20,23 +20,6 @@ $Id$
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/* Session variables which are used:
* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached
*
* Coockie variables which are used:
* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords.
*
* Variables in basearray which are no objects:
* type: Type of account. Can be user, group, host
* attributes: List of all attributes, how to get them and are theiy required or optional
* dn: current DN without uid= or cn=
* dn_orig: old DN if account was loaded with uid= or cn=
* External functions which are used
* account.inc: findgroups, incache, get_cache, array_delete, getshells
* ldap.inc: pwd_is_enabled, pwd_hash
*/
/* This class contains all posixGroup LDAP attributes
* and funtioncs required to deal with posixGroup
* posixGroup can only be created when it should be added
@ -180,21 +163,8 @@ class posixGroup extends baseModule {
function init($base) {
// call parent init
parent::init($base);
// Add Array with all attributes and type
$this->attributes = $_SESSION[$this->base]->get_module_attributes('posixGroup');
$this->orig = $this->attributes;
// Make references to attributes which already esists in ldap
$newattributes = array_keys($this->attributes);
$module = array_keys($_SESSION[$this->base]->module);
// fixme *** do we have to unset module posixAccuont itself
for ($i=0; $i<count($module); $i++) {
if ($module[$i]!='posixGroup')
foreach ($newattributes as $attribute)
if (isset($_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute])) {
$this->attributes[$attribute] =& $_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute];
$this->orig[$attribute] =& $_SESSION[$this->base]->module[$module[$i]]->orig[$attribute];
}
}
$this->attributes =& $_SESSION[$this->base]->get_module_attributes('posixGroup');
$this->orig =& $_SESSION[$this->base]->get_module_attributes('posixGroup', true);
$this->changegids=false;
}
@ -207,13 +177,6 @@ class posixGroup extends baseModule {
// change gids of users and hosts?
var $changegids;
// This variable contains all inetOrgPerson attributes
var $attributes;
/* If an account was loaded all attributes are kept in this array
* to compare it with new changed attributes
*/
var $orig;
/* $attribute['userPassword'] can't accessed directly because it's enrcypted
* To read / write password function userPassword is needed
* This function will return the unencrypted password when
@ -341,7 +304,7 @@ class posixGroup extends baseModule {
}
// Remove primary group from users from memberUid
$users_dn = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('gidNumber', 'posixAccount', 'user');
$users_dn = $_SESSION['cache']->get_cache('gidNumber', 'posixAccount', 'user');
if (is_array($users_dn)) {
$DNs = array_keys($users_dn);
for ($i=0; $i<count($DNs); $i++) {
@ -364,7 +327,7 @@ class posixGroup extends baseModule {
if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'posixAccount'")) $line = $i;
}
if ($line!=-1) {
$result = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('gidNumber', 'posixAccount', '*');
$result = $_SESSION['cache']->get_cache('gidNumber', 'posixAccount', '*');
$DNs = array_keys($result);
for ($i=0; $i<count($DNs); $i++)
if ($result[$DNs[$i]][0] == $this->orig['gidNumber'][0]) $return[$DNs[$i]]['modify']['gidNumber'][0] = $this->attributes['gidNumber'][0];
@ -375,7 +338,7 @@ class posixGroup extends baseModule {
if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'sambaAccount'")) $line = $i;
}
if ($line!=-1) {
$result = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('primaryGroupID', 'sambaAccount', '*');
$result = $_SESSION['cache']->get_cache('primaryGroupID', 'sambaAccount', '*');
$DNs = array_keys($result);
for ($i=0; $i<count($DNs); $i++) {
if ($result[$DNs[$i]][0] == $this->orig['gidNumber'][0]*2+1001 ) $return[$DNs[$i]]['modify']['PrimaryGroupID'][0] = $this->attributes['gidNumber'][0]*2+1001;
@ -387,7 +350,7 @@ class posixGroup extends baseModule {
if (strpos($_SESSION['ldap']->objectClasses[$i], "NAME 'sambaSamAccount'")) $line = $i;
}
if ($line!=-1) {
$result = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('sambaPrimaryGroupSID', 'sambaSamAccount', '*');
$result = $_SESSION['cache']->get_cache('sambaPrimaryGroupSID', 'sambaSamAccount', '*');
$DNs = array_keys($result);
for ($i=0; $i<count($DNs); $i++) {
// Get Domain SID from name
@ -408,7 +371,7 @@ class posixGroup extends baseModule {
}
function delete_attributes($post) {
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['gidNumber'][0], 'gidNumber', 'user'))
if ($_SESSION['cache']->in_cache($this->attributes['gidNumber'][0], 'gidNumber', 'user'))
$return[$_SESSION[$this->base]->dn]['errors'][] = array ('ERROR', _('Primary groupmembers'), _('There are still primary members in group.'));
return $return;
}
@ -420,8 +383,7 @@ class posixGroup extends baseModule {
$errors['gidNumber'][] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.'));
// Load attributes
//$this->attributes['cn'][0] = $post['cn'];
$_SESSION['account']->module['posixGroup']->attributes['cn'][0] = $post['cn'];
$this->attributes['cn'][0] = $post['cn'];
$this->attributes['gidNumber'][0] = $post['gidNumber'];
$this->attributes['description'][0] = $post['description'];
if ($post['userPassword_no']) $this->userPassword_no=true;
@ -445,7 +407,7 @@ class posixGroup extends baseModule {
// load min and may uidNumber
$minID = intval($this->moduleSettings['posixGroup_minGID'][0]);
$maxID = intval($this->moduleSettings['posixGroup_maxGID'][0]);
$dn_gids = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('gidNumber', 'posixGroup', '*');
$dn_gids = $_SESSION['cache']->get_cache('gidNumber', 'posixGroup', '*');
// get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
if(is_array($dn_gids)) {
foreach ($dn_gids as $gid) $gids[] = $gid[0];
@ -506,11 +468,11 @@ class posixGroup extends baseModule {
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['cn'][0],'cn', '*')!=false && ($this->orig['cn'][0]!='')) {
if ($_SESSION['cache']->in_cache($this->attributes['cn'][0],'cn', '*')!=false && ($this->orig['cn'][0]!='')) {
$this->attributes['cn'][0] = $this->orig['cn'][0];
}
// Change uid to a new uid until a free uid is found
else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['cn'][0], 'cn', '*')) {
else while ($_SESSION['cache']->in_cache($this->attributes['cn'][0], 'cn', '*')) {
// get last character of username
$lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1);
// Last character is no number
@ -633,7 +595,7 @@ class posixGroup extends baseModule {
function display_html_user($post, $profile=false) {
// load list with all groups
$dn_users = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uid', 'posixAccount', 'user');
$dn_users = $_SESSION['cache']->get_cache('uid', 'posixAccount', 'user');
if (is_array($dn_users)) {
foreach ($dn_users as $user) $users[] = $user[0];
// sort groups
@ -641,7 +603,7 @@ class posixGroup extends baseModule {
// remove groups the user is member of from grouplist
$users = array_delete($this->attributes['memberUid'], $users);
// Remove primary group from grouplist
$users_dn = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('gidNumber', 'posixAccount', 'user');
$users_dn = $_SESSION['cache']->get_cache('gidNumber', 'posixAccount', 'user');
$DNs = array_keys($users_dn);
for ($i=0; $i<count($DNs); $i++) {
if ($users_dn[$DNs[$i]][0]==$this->attributes['gidNumber'][0]) {

10
lam/lib/modules/sambaAccount.inc
View File

@ -430,13 +430,13 @@ class sambaAccount extends baseModule {
if ($post['rid']== _('Administrator')) {
$this->attributes['rid'][0] = "500";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache("500", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
if ($_SESSION['cache']->in_cache("500", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors['rid'][] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
}
if ($post['rid']== _('Guest')) {
$this->attributes['rid'][0] = "501";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache("501", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
if ($_SESSION['cache']->in_cache("501", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors['rid'][] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
}
$this->attributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['smbHome'][0]);
@ -628,8 +628,8 @@ class sambaAccount extends baseModule {
}
else $options[] = $names[$i];
}
if ($wrid) $options[] = $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]);
else $selected[] = $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]);
if ($wrid) $options[] = $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]);
else $selected[] = $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]);
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Windows group') ),
1 => array ( 'kind' => 'select', 'name' => 'primaryGroupID', 'options' => $options, 'options_selected' => $selected),
2 => array ( 'kind' => 'help', 'value' => 'primaryGroupID' ));
@ -682,7 +682,7 @@ class sambaAccount extends baseModule {
function display_html_userWorkstations($post) {
if ($_SESSION[$this->base]->type=='user') {
// Get list of all hosts.
$result = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uid', 'sambaAccount', 'host');
$result = $_SESSION['cache']->get_cache('uid', 'sambaAccount', 'host');
if (is_array($result)) {
foreach ($result as $host) $availableUserWorkstations[] = str_replace("$", '', $host[0]);
sort($availableUserWorkstations, SORT_STRING);

2
lam/lib/modules/sambaGroupMapping.inc
View File

@ -259,7 +259,7 @@ class sambaGroupMapping extends baseModule {
// Get Domain SID
$this->attributes['sambaSID'][0] = $SID."-".$this->rids[$rids[$i]];
// Do a check if special grou pis unique
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-".$this->rids[$rids[$i]], 'sambaSID', 'group'))
if ($_SESSION['cache']->in_cache($SID."-".$this->rids[$rids[$i]], 'sambaSID', 'group'))
$errors[] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID');
}
}

10
lam/lib/modules/sambaSamAccount.inc
View File

@ -378,13 +378,13 @@ class sambaSamAccount extends baseModule {
if ($post['sambaSID']== _('Administrator')) {
$this->attributes['sambaSID'][0] = $SID."-500";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-500", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
if ($_SESSION['cache']->in_cache($SID."-500", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors['sambaSID'][] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
}
if ($post['sambaSID']== _('Guest')) {
$this->attributes['sambaSID'][0] = $SID."-501";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-501", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
if ($_SESSION['cache']->in_cache($SID."-501", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors['sambaSID'][] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
}
// Check values
@ -578,8 +578,8 @@ class sambaSamAccount extends baseModule {
}
else $options[] = $names[$i];
}
if ($wrid) $options[] = $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]);
else $selected[] = $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]);
if ($wrid) $options[] = $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]);
else $selected[] = $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]);
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Windows group') ),
1 => array ( 'kind' => 'select', 'name' => 'sambaPrimaryGroupSID', 'options' => $options, 'options_selected' => $selected),
2 => array ( 'kind' => 'help', 'value' => 'sambaPrimaryGroupSID' ));
@ -630,7 +630,7 @@ class sambaSamAccount extends baseModule {
function display_html_sambaUserWorkstations($post, $profile=false) {
if ($_SESSION[$this->base]->type=='user') {
// Get list of all hosts.
$result = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uid', 'sambaSamAccount', 'host');
$result = $_SESSION['cache']->get_cache('uid', 'sambaSamAccount', 'host');
if (is_array($result)) {
foreach ($result as $host) $availableUserWorkstations[] = str_replace("$", '', $host[0]);
sort($availableUserWorkstations, SORT_STRING);