show last password change in self service

This commit is contained in:
Roland Gruber 2013-09-28 11:44:41 +00:00
parent ad86c68537
commit d6900a27b9
2 changed files with 58 additions and 2 deletions

View File

@ -241,6 +241,7 @@ class sambaSamAccount extends baseModule implements passwordService {
'syncLMPassword' => _('Sync Samba LM password with Unix password'), 'syncLMPassword' => _('Sync Samba LM password with Unix password'),
'syncSambaPwdLastSet' => _('Update attribute "sambaPwdLastSet" on password change'), 'syncSambaPwdLastSet' => _('Update attribute "sambaPwdLastSet" on password change'),
'password' => _('Password'), 'password' => _('Password'),
'sambaPwdLastSet' => _('Last password change (read-only)'),
); );
// help Entries // help Entries
$return['help'] = array ( $return['help'] = array (
@ -382,6 +383,9 @@ class sambaSamAccount extends baseModule implements passwordService {
'lmHash' => array ( 'lmHash' => array (
"Headline" => _("Disable LM hashes"), "Headline" => _("Disable LM hashes"),
"Text" => _("Windows password hashes are saved by default as NT and LM hashes. LM hashes are insecure and only needed for old versions of Windows. You should disable them unless you really need them.")), "Text" => _("Windows password hashes are saved by default as NT and LM hashes. LM hashes are insecure and only needed for old versions of Windows. You should disable them unless you really need them.")),
'sambaPwdLastSet' => array (
"Headline" => _("Last password change"), 'attr' => 'sambaPwdLastSet',
"Text" => _("This is the date when the user changed his password.")),
'hiddenOptions' => array( 'hiddenOptions' => array(
"Headline" => _("Hidden options"), "Headline" => _("Hidden options"),
"Text" => _("The selected options will not be managed inside LAM. You can use this to reduce the number of displayed input fields.")), "Text" => _("The selected options will not be managed inside LAM. You can use this to reduce the number of displayed input fields.")),
@ -585,6 +589,8 @@ class sambaSamAccount extends baseModule implements passwordService {
$hiddenContainer->addElement(new htmlTableExtendedInputCheckbox('sambaSamAccount_hideProfilePath', false, _('Profile path'), null, false)); $hiddenContainer->addElement(new htmlTableExtendedInputCheckbox('sambaSamAccount_hideProfilePath', false, _('Profile path'), null, false));
$hiddenContainer->addElement(new htmlOutputText(' ')); $hiddenContainer->addElement(new htmlOutputText(' '));
$hiddenContainer->addElement(new htmlTableExtendedInputCheckbox('sambaSamAccount_hideLogonScript', false, _('Logon script'), null, false)); $hiddenContainer->addElement(new htmlTableExtendedInputCheckbox('sambaSamAccount_hideLogonScript', false, _('Logon script'), null, false));
$hiddenContainer->addElement(new htmlOutputText(' '));
$hiddenContainer->addElement(new htmlTableExtendedInputCheckbox('sambaSamAccount_hideSambaPwdLastSet', false, _('Last password change'), null, false));
$hiddenContainer->addNewLine(); $hiddenContainer->addNewLine();
$hiddenContainer->addElement(new htmlTableExtendedInputCheckbox('sambaSamAccount_hideWorkstations', false, _('Samba workstations'), null, false)); $hiddenContainer->addElement(new htmlTableExtendedInputCheckbox('sambaSamAccount_hideWorkstations', false, _('Samba workstations'), null, false));
$hiddenContainer->addElement(new htmlOutputText(' ')); $hiddenContainer->addElement(new htmlOutputText(' '));
@ -1138,6 +1144,16 @@ class sambaSamAccount extends baseModule implements passwordService {
$return->addElement(new htmlTableExtendedInputCheckbox('sambaAcctFlagsL', $locked, _('Account is locked'), 'locked'), true); $return->addElement(new htmlTableExtendedInputCheckbox('sambaAcctFlagsL', $locked, _('Account is locked'), 'locked'), true);
// password change at next login // password change at next login
$return->addElement(new htmlTableExtendedInputCheckbox('forcePasswordChangeOption', $this->expirePassword, _('Password change at next login'), 'passwordIsExpired'), true); $return->addElement(new htmlTableExtendedInputCheckbox('forcePasswordChangeOption', $this->expirePassword, _('Password change at next login'), 'passwordIsExpired'), true);
// last password change
if (!$this->isBooleanConfigOptionSet('sambaSamAccount_hideSambaPwdLastSet')) {
$sambaPwdLastSet = '';
if (!empty($this->attributes['sambaPwdLastSet'][0])) {
$sambaPwdLastSet = date('d.m.Y H:i', $this->attributes['sambaPwdLastSet'][0]);
}
$return->addElement(new htmlOutputText(_('Last password change')));
$return->addElement(new htmlOutputText($sambaPwdLastSet));
$return->addElement(new htmlHelpLink('sambaPwdLastSet'), true);
}
// password can be changed // password can be changed
$return->addElement(new htmlOutputText(_('User can change password'))); $return->addElement(new htmlOutputText(_('User can change password')));
$tempTable = new htmlTable(); $tempTable = new htmlTable();
@ -2297,6 +2313,15 @@ class sambaSamAccount extends baseModule implements passwordService {
$pwdTable $pwdTable
)); ));
} }
if (in_array('sambaPwdLastSet', $fields)) {
$sambaPwdLastSet = '';
if (isset($attributes['sambaPwdLastSet'][0])) {
$sambaPwdLastSet = date('d.m.Y H:i', $attributes['sambaPwdLastSet'][0]);
}
$return['sambaPwdLastSet'] = new htmlTableRow(array(
new htmlOutputText(_('Last password change')), new htmlOutputText($sambaPwdLastSet)
));
}
return $return; return $return;
} }

View File

@ -4,7 +4,7 @@ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Tilo Lutz Copyright (C) 2003 - 2006 Tilo Lutz
Copyright (C) 2007 - 2012 Roland Gruber Copyright (C) 2007 - 2013 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -228,6 +228,8 @@ class shadowAccount extends baseModule implements passwordService {
'example' => '17-07-2011' 'example' => '17-07-2011'
) )
); );
// self service fields
$return['selfServiceFieldSettings'] = array('shadowLastChange' => _('Last password change (read-only)'));
return $return; return $return;
} }
@ -665,6 +667,35 @@ class shadowAccount extends baseModule implements passwordService {
intval($year))/3600/24); intval($year))/3600/24);
} }
/**
* Returns the meta HTML code for each input field.
* format: array(<field1> => array(<META HTML>), ...)
* It is not possible to display help links.
*
* @param array $fields list of active fields
* @param array $attributes attributes of LDAP account
* @param boolean $passwordChangeOnly indicates that the user is only allowed to change his password and no LDAP content is readable
* @param array $readOnlyFields list of read-only fields
* @return array list of meta HTML elements (field name => htmlTableRow)
*/
function getSelfServiceOptions($fields, $attributes, $passwordChangeOnly, $readOnlyFields) {
$return = array();
if ($passwordChangeOnly) {
return $return; // no fields as long no LDAP content can be read
}
if (in_array('shadowLastChange', $fields)) {
$shadowLastChange = '';
if (isset($attributes['shadowLastChange'][0])) {
$date = getdate($attributes['shadowLastChange'][0] * 3600 * 24);
$shadowLastChange = $date['mday'] . "." . $date['mon'] . "." . $date['year'];
}
$return['shadowLastChange'] = new htmlTableRow(array(
new htmlOutputText(_('Last password change')), new htmlOutputText($shadowLastChange)
));
}
return $return;
}
} }
?> ?>