allow to hide a part of the DN in display
This commit is contained in:
Roland Gruber
parent
09989ee804
commit
bfa22c6aa3
|
|
@ -1,6 +1,7 @@
|
|||
September 2020
|
||||
- PHP 7.4 compatibility
|
||||
- Configuration export and import
|
||||
- Server profiles support to specify a part of the DN to hide
|
||||
- Show password prompt when a user with expired password logs into LAM admin interface (requires PHP 7.2)
|
||||
- Better error messages on login when account is expired/deactivated/...
|
||||
- Personal/Windows: photo can be uploaded via webcam
|
||||
|
|
|
|||
|
|
@ -245,6 +245,8 @@ $helpArray = array (
|
|||
"Text" => _('This email address will be set as TO address for the mails.')),
|
||||
"291" => array ("Headline" => _('Hide password prompt for expired password'),
|
||||
"Text" => _('Hides the password prompt when a user with expired password logs into LAM.')),
|
||||
"292" => array ("Headline" => _('DN part to hide'),
|
||||
"Text" => _('Hides the given part of the DN when displaying a DN. E.g. if you set this to "dc=example,dc=com" then "ou=department,dc=example,dc=com" will be displayed as "ou=department". Use this if you have very long DNs.')),
|
||||
// 300 - 399
|
||||
// profile editor, file upload
|
||||
"301" => array ("Headline" => _("RDN identifier"),
|
||||
|
|
|
|||
|
|
@ -1069,6 +1069,10 @@ function getAbstractDN($dn) {
|
|||
return '';
|
||||
}
|
||||
$dn = str_replace('\\,', '\\2C', $dn);
|
||||
if (!empty($_SESSION['config']) && !empty($_SESSION['config']->getHideDnPart())) {
|
||||
$partToCut = ',' . $_SESSION['config']->getHideDnPart();
|
||||
$dn = str_replace($partToCut, '', $dn);
|
||||
}
|
||||
$parts = explode(',', $dn);
|
||||
for ($i = 0; $i < sizeof($parts); $i++) {
|
||||
$subparts = explode('=', $parts[$i]);
|
||||
|
|
|
|||
|
|
@ -617,6 +617,8 @@ class LAMConfig {
|
|||
private $twoFactorAuthenticationCaption = '';
|
||||
private $twoFactorAuthenticationAttribute = '';
|
||||
|
||||
private $hideDnPart = '';
|
||||
|
||||
/** List of all settings in config file */
|
||||
private $settings = array("ServerURL", "useTLS", "followReferrals", 'pagedResults', "Passwd", "Admins", "treesuffix",
|
||||
"defaultLanguage", "scriptPath", "scriptServer", "scriptRights", "cachetimeout", 'serverDisplayName',
|
||||
|
|
@ -630,7 +632,7 @@ class LAMConfig {
|
|||
'twoFactorAuthenticationInsecure', 'twoFactorAuthenticationLabel', 'twoFactorAuthenticationOptional',
|
||||
'twoFactorAuthenticationCaption', 'twoFactorAuthenticationClientId', 'twoFactorAuthenticationSecretKey',
|
||||
'twoFactorAuthenticationDomain', 'twoFactorAuthenticationAttribute', 'referentialIntegrityOverlay',
|
||||
'hidePasswordPromptForExpiredPasswords'
|
||||
'hidePasswordPromptForExpiredPasswords', 'hideDnPart'
|
||||
);
|
||||
|
||||
|
||||
|
|
@ -1093,6 +1095,9 @@ class LAMConfig {
|
|||
if (!in_array("twoFactorAuthenticationAttribute", $saved)) {
|
||||
array_push($file_array, "\n" . "twoFactorAuthenticationAttribute: " . $this->twoFactorAuthenticationAttribute . "\n");
|
||||
}
|
||||
if (!in_array("hideDnPart", $saved)) {
|
||||
array_push($file_array, "\n" . "hideDnPart: " . $this->hideDnPart . "\n");
|
||||
}
|
||||
// check if all module settings were added
|
||||
$m_settings = array_keys($this->moduleSettings);
|
||||
for ($i = 0; $i < sizeof($m_settings); $i++) {
|
||||
|
|
@ -2647,6 +2652,24 @@ class LAMConfig {
|
|||
$this->twoFactorAuthenticationAttribute = $twoFactorAuthenticationAttribute;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the DN part to hide.
|
||||
*
|
||||
* @return string DN part
|
||||
*/
|
||||
public function getHideDnPart() {
|
||||
return $this->hideDnPart;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the DN part to hide.
|
||||
*
|
||||
* @param string $hideDnPart DN part
|
||||
*/
|
||||
public function setHideDnPart($hideDnPart) {
|
||||
$this->hideDnPart = $hideDnPart;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -208,6 +208,9 @@ $searchLimitOptions = array(
|
|||
$limitSelect = new htmlResponsiveSelect('searchLimit', $searchLimitOptions, array($conf->get_searchLimit()), _("LDAP search limit"), '222');
|
||||
$limitSelect->setHasDescriptiveElements(true);
|
||||
$row->add($limitSelect, 12);
|
||||
// DN part to hide
|
||||
$urlInput = new htmlResponsiveInputField(_("DN part to hide"), 'hideDnPart', $conf->getHideDnPart(), '292');
|
||||
$row->add($urlInput, 12);
|
||||
|
||||
// access level is only visible in Pro version
|
||||
if (isLAMProVersion()) {
|
||||
|
|
@ -602,6 +605,7 @@ function checkInput() {
|
|||
$errors[] = array("ERROR", _("Cache timeout is invalid!"));
|
||||
}*/
|
||||
$conf->set_searchLimit($_POST['searchLimit']);
|
||||
$conf->setHideDnPart($_POST['hideDnPart']);
|
||||
if (isLAMProVersion()) {
|
||||
$conf->setAccessLevel($_POST['accessLevel']);
|
||||
if (isset($_POST['pwdResetAllowSpecificPassword']) && ($_POST['pwdResetAllowSpecificPassword'] == 'on')) {
|
||||
|
|
|
|||
|
|
@ -645,6 +645,17 @@ class LAMConfigTest extends TestCase {
|
|||
$this->assertEquals($val, $this->lAMConfig->getTwoFactorAuthenticationAttribute());
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests LAMConfig->getHideDnPart() and LAMConfig->setHideDnPart()
|
||||
*/
|
||||
public function testHideDnPart() {
|
||||
$val = 'dc=example,dc=com';
|
||||
$this->lAMConfig->setHideDnPart($val);
|
||||
$this->assertEquals($val, $this->lAMConfig->getHideDnPart());
|
||||
$this->doSave();
|
||||
$this->assertEquals($val, $this->lAMConfig->getHideDnPart());
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests LAMConfig->getLamProMailFrom() and LAMConfig->setLamProMailFrom()
|
||||
*/
|
||||
|
|
|
|||
Loading…
Reference in New Issue