added new get_preg function. Changed all modules to use get_reg
Changed Status Messages in Module. Thex are now all stored in a single array. Changed Password handling in psoxGroup and posixAccount
This commit is contained in:
parent
bbc8ef2b6d
commit
e53a3874cb
|
@ -424,17 +424,17 @@ function get_preg($argument, $regexp) {
|
||||||
// First we check "positive" cases
|
// First we check "positive" cases
|
||||||
$pregexpr = '';
|
$pregexpr = '';
|
||||||
switch ($regexp) {
|
switch ($regexp) {
|
||||||
case "password": // fixme where do i get an exact regexp?
|
case 'password': // fixme where do i get an exact regexp?
|
||||||
$pregexpr = '/^([[:alnum:]\\ \\|\\#\\*\\,\\.\\;\\:\\_\\+\\!\\%\\&\\/\\?\\{\\(\\)\\}-])*$/';
|
$pregexpr = '/^([[:alnum:]\\ \\|\\#\\*\\,\\.\\;\\:\\_\\+\\!\\%\\&\\/\\?\\{\\(\\)\\}-])*$/';
|
||||||
break;
|
break;
|
||||||
case "groupname": // first character must be a letter. All letters, numbers, space and ._- are allowed characters
|
case 'groupname': // first character must be a letter. All letters, numbers, space and ._- are allowed characters
|
||||||
case "username": // first character must be a letter. All letters, numbers, space and ._- are allowed characters
|
case 'username': // first character must be a letter. All letters, numbers, space and ._- are allowed characters
|
||||||
$pregexpr = '/^[[:alpha:]]([[:alnum:]\\.\\ \\_-])*$/';
|
$pregexpr = '/^[[:alpha:]]([[:alnum:]\\.\\ \\_-])*$/';
|
||||||
break;
|
break;
|
||||||
case "hostname": // first character must be letter, last must be $. Only normal letters, numbers and ._- are allowed
|
case 'hostname': // first character must be letter, last must be $. Only normal letters, numbers and ._- are allowed
|
||||||
$pregexpr = '/^[a-zA-Z]([a-zA-Z0-9\\.\\_-])*\\$$/';
|
$pregexpr = '/^[a-zA-Z]([a-zA-Z0-9\\.\\_-])*\\$$/';
|
||||||
break;
|
break;
|
||||||
case "realname": // Allow all letters, space and .-_
|
case 'realname': // Allow all letters, space and .-_
|
||||||
$pregexpr = '/^[[:alpha:]]([[:alpha:]\\.\\ \\_-])*$/';
|
$pregexpr = '/^[[:alpha:]]([[:alpha:]\\.\\ \\_-])*$/';
|
||||||
break;
|
break;
|
||||||
case "telephone": // Allow numbers, space, brackets, /-+.
|
case "telephone": // Allow numbers, space, brackets, /-+.
|
||||||
|
@ -452,7 +452,7 @@ function get_preg($argument, $regexp) {
|
||||||
case "employeeType": // Allow all letters, numbers, space and .-_
|
case "employeeType": // Allow all letters, numbers, space and .-_
|
||||||
$pregexpr = '/^([[:alnum:]\\.\\ \\_-])*$/';
|
$pregexpr = '/^([[:alnum:]\\.\\ \\_-])*$/';
|
||||||
break;
|
break;
|
||||||
case "homedir": // Homapath, /path/......
|
case "homeDirectory": // Homapath, /path/......
|
||||||
$pregexpr = '/^[/]([[:alnum:]\\.\\ \\_-)+([/]([[:alnum:]\\.\\ \\_-)+)*$/';
|
$pregexpr = '/^[/]([[:alnum:]\\.\\ \\_-)+([/]([[:alnum:]\\.\\ \\_-)+)*$/';
|
||||||
break;
|
break;
|
||||||
case "digit": // Normal number
|
case "digit": // Normal number
|
||||||
|
@ -468,7 +468,10 @@ function get_preg($argument, $regexp) {
|
||||||
$pregexpr = '/^(([a-zA-Z0-9\\.\\_-])+(,[a-zA-Z0-9\\.\\_-])*)*$/';
|
$pregexpr = '/^(([a-zA-Z0-9\\.\\_-])+(,[a-zA-Z0-9\\.\\_-])*)*$/';
|
||||||
break;
|
break;
|
||||||
case "domainname": // Windows Domainname
|
case "domainname": // Windows Domainname
|
||||||
$pregexpr = '/^([a-z0-9\\_-])+$/';
|
$pregexpr = '/^([a-z0-9\\.\\_-])+$/';
|
||||||
|
break;
|
||||||
|
case "unixhost": // Unix hosts
|
||||||
|
$pregexpr = '/^([a-z0-9\\.\\_-])*$/';
|
||||||
break;
|
break;
|
||||||
case 'digit2': // Same as digit but also -1
|
case 'digit2': // Same as digit but also -1
|
||||||
$pregexpr = '/^(([-][1])|([:digit:]*))$/';
|
$pregexpr = '/^(([-][1])|([:digit:]*))$/';
|
||||||
|
@ -480,7 +483,15 @@ function get_preg($argument, $regexp) {
|
||||||
// Now we check "negative" cases, characters which are not allowed
|
// Now we check "negative" cases, characters which are not allowed
|
||||||
$pregexpr = '';
|
$pregexpr = '';
|
||||||
switch ($regexp) {
|
switch ($regexp) {
|
||||||
case "dummy": $pregexpr = '/^([a-z])*$/'; break;
|
case "!lower":
|
||||||
|
$pregexpr = '/[[:lower:]]/';
|
||||||
|
break;
|
||||||
|
case "!upper":
|
||||||
|
$pregexpr = '/[[:upper:]]/';
|
||||||
|
break;
|
||||||
|
case "!digit":
|
||||||
|
$pregexpr = '/[[:digit:]]/';
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
if ($pregexpr!='')
|
if ($pregexpr!='')
|
||||||
if (!preg_match($pregexpr, $argument)) return true;
|
if (!preg_match($pregexpr, $argument)) return true;
|
||||||
|
|
|
@ -90,6 +90,7 @@ class baseModule {
|
||||||
}
|
}
|
||||||
$objectClassName = substr($_SESSION['ldap']->objectClasses[$line], 6+strpos($_SESSION['ldap']->objectClasses[$line], "NAME '"), strlen(get_class($this)) );
|
$objectClassName = substr($_SESSION['ldap']->objectClasses[$line], 6+strpos($_SESSION['ldap']->objectClasses[$line], "NAME '"), strlen(get_class($this)) );
|
||||||
$this->attributes['objectClass'][0] = $objectClassName;
|
$this->attributes['objectClass'][0] = $objectClassName;
|
||||||
|
$this->load_Messages();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -20,23 +20,6 @@ $Id$
|
||||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
|
||||||
* Variables in basearray which are no objects:
|
|
||||||
* type: Type of account. Can be user, group, host, domain
|
|
||||||
* attributes: List of all attributes, how to get them and are theiy required or optional
|
|
||||||
* dn: current DN without uid= or cn=
|
|
||||||
* dn_orig: old DN if account was loaded with uid= or cn=
|
|
||||||
*/
|
|
||||||
|
|
||||||
|
|
||||||
/* This class contains all account LDAP attributes
|
|
||||||
* and funtioncs required to deal with account
|
|
||||||
* account can only be created when it should be added
|
|
||||||
* to an array.
|
|
||||||
* $base is the name of account_container in session
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
|
|
||||||
class account extends baseModule {
|
class account extends baseModule {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -65,15 +48,6 @@ class account extends baseModule {
|
||||||
parent::init($base);
|
parent::init($base);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Variables
|
|
||||||
// This variable contains all account attributes
|
|
||||||
var $attributes;
|
|
||||||
/* If an account was loaded all attributes are kept in this array
|
|
||||||
* to compare it with new changed attributes
|
|
||||||
*/
|
|
||||||
var $orig;
|
|
||||||
|
|
||||||
|
|
||||||
/* This function returns true if all required attributes from other
|
/* This function returns true if all required attributes from other
|
||||||
* modules are set. This is required to prevent undefined states
|
* modules are set. This is required to prevent undefined states
|
||||||
*/
|
*/
|
||||||
|
@ -110,26 +84,7 @@ class account extends baseModule {
|
||||||
* $attr is an array as it's retured from ldap_get_attributes
|
* $attr is an array as it's retured from ldap_get_attributes
|
||||||
*/
|
*/
|
||||||
function load_attributes($attr) {
|
function load_attributes($attr) {
|
||||||
// Load attributes which are displayed
|
$this->load_ldap_attributes($attr);
|
||||||
// unset count entries
|
|
||||||
unset ($attr['count']);
|
|
||||||
$attributes = array_keys($attr);
|
|
||||||
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
|
|
||||||
// unset double entries
|
|
||||||
for ($i=0; $i<count($attr); $i++)
|
|
||||||
if (isset($attr[$i])) unset($attr[$i]);
|
|
||||||
foreach ($attributes as $attribute) {
|
|
||||||
if (isset($this->attributes[$attribute])) {
|
|
||||||
// decode as unicode
|
|
||||||
$this->attributes[$attribute] = $attr[$attribute];
|
|
||||||
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
|
|
||||||
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Add objectClass to orig because we don't want to add objectClass if it's already set
|
|
||||||
$this->orig['objectClass'][0] = 'account';
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -41,23 +41,27 @@ class inetOrgPerson extends baseModule {
|
||||||
* Creates a new inetOrgPerson object.
|
* Creates a new inetOrgPerson object.
|
||||||
*/
|
*/
|
||||||
function inetOrgPerson($scope) {
|
function inetOrgPerson($scope) {
|
||||||
// error messages for input checks
|
|
||||||
$this->messages['host'] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.'));
|
|
||||||
$this->messages['givenName'] = array('ERROR', _('Given name'), _('Given name contains invalid characters'));
|
|
||||||
$this->messages['surname'] = array('ERROR', _('Surname'), _('Surname contains invalid characters'));
|
|
||||||
$this->messages['telephoneNumber'] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!'));
|
|
||||||
$this->messages['mobileTelephone'] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!'));
|
|
||||||
$this->messages['facsimileNumber'] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!'));
|
|
||||||
$this->messages['email'] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!'));
|
|
||||||
$this->messages['street'] = array('ERROR', _('Street'), _('Please enter a valid street name!'));
|
|
||||||
$this->messages['postalAddress'] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!'));
|
|
||||||
$this->messages['postalCode'] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!'));
|
|
||||||
$this->messages['title'] = array('ERROR', _('Title'), _('Please enter a valid title!'));
|
|
||||||
$this->messages['employeeType'] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!'));
|
|
||||||
// call parent constructor
|
// call parent constructor
|
||||||
parent::baseModule($scope);
|
parent::baseModule($scope);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** this functin fills the error message array with messages
|
||||||
|
**/
|
||||||
|
function load_Messages() {
|
||||||
|
$this->messages['host'][0] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.'));
|
||||||
|
$this->messages['givenName'][0] = array('ERROR', _('Given name'), _('Given name contains invalid characters'));
|
||||||
|
$this->messages['surname'][0] = array('ERROR', _('Surname'), _('Surname contains invalid characters'));
|
||||||
|
$this->messages['telephoneNumber'][0] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!'));
|
||||||
|
$this->messages['mobileTelephone'][0] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!'));
|
||||||
|
$this->messages['facsimileNumber'][0] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!'));
|
||||||
|
$this->messages['email'][0] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!'));
|
||||||
|
$this->messages['street'][0] = array('ERROR', _('Street'), _('Please enter a valid street name!'));
|
||||||
|
$this->messages['postalAddress'][0] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!'));
|
||||||
|
$this->messages['postalCode'][0] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!'));
|
||||||
|
$this->messages['title'][0] = array('ERROR', _('Title'), _('Please enter a valid title!'));
|
||||||
|
$this->messages['employeeType'][0] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!'));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns meta data that is interpreted by parent class
|
* Returns meta data that is interpreted by parent class
|
||||||
*
|
*
|
||||||
|
@ -83,10 +87,10 @@ class inetOrgPerson extends baseModule {
|
||||||
2 => array('kind' => 'help', 'value' => 'TODO'))
|
2 => array('kind' => 'help', 'value' => 'TODO'))
|
||||||
);
|
);
|
||||||
// profile checks
|
// profile checks
|
||||||
$return['profile_checks']['inetOrgPerson_title'] = array('type' => 'regex_i', 'regex' => $this->regex_title,
|
$return['profile_checks']['inetOrgPerson_title'] = array('type' => 'regex_i', 'regex' => 'title',
|
||||||
'error_message' => $this->messages['title']);
|
'error_message' => $this->messages['title'][0]);
|
||||||
$return['profile_checks']['inetOrgPerson_employeeType'] = array('type' => 'regex_i',
|
$return['profile_checks']['inetOrgPerson_employeeType'] = array('type' => 'regex_i',
|
||||||
'regex' => $this->regex_employeeType, 'error_message' => $this->messages['employeeType']);
|
'regex' => 'employeeType', 'error_message' => $this->messages['employeeType'][0]);
|
||||||
// available PDF fields
|
// available PDF fields
|
||||||
$return['PDF_fields'] = array( 'description',
|
$return['PDF_fields'] = array( 'description',
|
||||||
'host',
|
'host',
|
||||||
|
@ -128,37 +132,6 @@ class inetOrgPerson extends baseModule {
|
||||||
parent::init($base);
|
parent::init($base);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Variables
|
|
||||||
/** This variable contains all inetOrgPerson attributes */
|
|
||||||
var $attributes;
|
|
||||||
/**
|
|
||||||
* If an account was loaded all attributes are kept in this array
|
|
||||||
* to compare it with new changed attributes.
|
|
||||||
*/
|
|
||||||
var $orig;
|
|
||||||
|
|
||||||
/** regular expression for host name */
|
|
||||||
var $regex_host = '^([a-z0-9\\.-])+(([,])+([ ])*([a-z0-9\\.-])+)*$';
|
|
||||||
/** regular expression for first/last name */
|
|
||||||
var $regex_name = '^([a-z <20><>])+$';
|
|
||||||
/** regular expression for telephone numbers */
|
|
||||||
var $regex_telephoneNumber = '^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$';
|
|
||||||
/** regular expression for e-mail */
|
|
||||||
var $regex_email = '^(([0-9a-z\\._-])+[@]([0-9a-z-])+([.]([0-9a-z-])+)*)*$';
|
|
||||||
/** regular expression for street names */
|
|
||||||
var $regex_street = '^([0-9a-z \\.<2E><>])*$';
|
|
||||||
/** regular expression for postal address */
|
|
||||||
var $regex_postalAddress = '^([0-9a-z \\.<2E><>])*$';
|
|
||||||
/** regular expression for postal codes */
|
|
||||||
var $regex_postalCode = '^([0-9a-z])*$';
|
|
||||||
/** regular expression for job titles */
|
|
||||||
var $regex_title = '^([0-9a-z \\.<2E><>])*$';
|
|
||||||
/** regular expression for employee types */
|
|
||||||
var $regex_employeeType = '^([0-9a-z \\.<2E><>])*$';
|
|
||||||
|
|
||||||
/** list of possible error messages */
|
|
||||||
var $messages = array();
|
|
||||||
|
|
||||||
/* This function returns true if all required attributes from other
|
/* This function returns true if all required attributes from other
|
||||||
* modules are set. This is required to prevent undefined states
|
* modules are set. This is required to prevent undefined states
|
||||||
*/
|
*/
|
||||||
|
@ -197,26 +170,7 @@ class inetOrgPerson extends baseModule {
|
||||||
* $attr is an array as it's retured from ldap_get_attributes
|
* $attr is an array as it's retured from ldap_get_attributes
|
||||||
*/
|
*/
|
||||||
function load_attributes($attr) {
|
function load_attributes($attr) {
|
||||||
// Load attributes which are displayed
|
$this->load_ldap_attributes($attr);
|
||||||
// unset count entries
|
|
||||||
unset ($attr['count']);
|
|
||||||
$attributes = array_keys($attr);
|
|
||||||
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
|
|
||||||
// unset double entries
|
|
||||||
for ($i=0; $i<count($attr); $i++)
|
|
||||||
if (isset($attr[$i])) unset($attr[$i]);
|
|
||||||
foreach ($attributes as $attribute) {
|
|
||||||
if (isset($this->attributes[$attribute])) {
|
|
||||||
// decode as unicode
|
|
||||||
$this->attributes[$attribute] = $attr[$attribute];
|
|
||||||
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
|
|
||||||
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Add objectClass to orig because we don't want to add objectClass if it's already set
|
|
||||||
$this->orig['objectClass'][0] = 'inetOrgPerson';
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -265,8 +219,8 @@ class inetOrgPerson extends baseModule {
|
||||||
// handle host-attribute in on epice because it's not set by default
|
// handle host-attribute in on epice because it's not set by default
|
||||||
if (isset($this->attributes['host'])) {
|
if (isset($this->attributes['host'])) {
|
||||||
$host = $post['host'];
|
$host = $post['host'];
|
||||||
if ((!$host=='') && !eregi($this->regex_host, $host))
|
if (!get_preg($host,'unixhost'))
|
||||||
$errors['host'][] = $this->messages['host'];
|
$errors['host'][] = $this->messages['host'][0];
|
||||||
$hosts = explode(" ", $host);
|
$hosts = explode(" ", $host);
|
||||||
$this->attributes['host'] = array();
|
$this->attributes['host'] = array();
|
||||||
foreach ($hosts as $host)
|
foreach ($hosts as $host)
|
||||||
|
@ -275,18 +229,18 @@ class inetOrgPerson extends baseModule {
|
||||||
|
|
||||||
// Do some regex-checks and return error if attributes are set to wrong values
|
// Do some regex-checks and return error if attributes are set to wrong values
|
||||||
if (!$profile) {
|
if (!$profile) {
|
||||||
if ( !eregi($this->regex_name, $this->attributes['givenName'][0])) $errors['givenName'][] = $this->messages['givenName'];
|
if ( !get_preg($this->attributes['givenName'][0], 'realname')) $errors['givenName'][] = $this->messages['givenName'][0];
|
||||||
if ( !eregi($this->regex_name, $this->attributes['sn'][0])) $errors['sn'][] = $this->messages['surname'];
|
if ( !get_preg($this->attributes['sn'][0], 'realname')) $errors['sn'][] = $this->messages['surname'][0];
|
||||||
if ( !ereg($this->regex_telephoneNumber, $this->attributes['telephoneNumber'][0])) $errors['telephoneNumber'][] = $this->messages['telephoneNumber'];
|
if ( !get_preg($this->attributes['telephoneNumber'][0], 'telephone')) $errors['telephoneNumber'][] = $this->messages['telephoneNumber'][0];
|
||||||
if ( !ereg($this->regex_telephoneNumber, $this->attributes['mobileTelephoneNumber'][0])) $errors['mobileTelephoneNumber'][] = $this->messages['mobileTelephone'];
|
if ( !get_preg($this->attributes['mobileTelephoneNumber'][0], 'telephone')) $errors['mobileTelephoneNumber'][] = $this->messages['mobileTelephone'][0];
|
||||||
if ( !ereg($this->regex_telephoneNumber, $this->attributes['facsimileTelephoneNumber'][0])) $errors['facsimileTelephoneNumber'][] = $this->messages['facsimileNumber'];
|
if ( !get_preg($this->attributes['facsimileTelephoneNumber'][0], 'telephone')) $errors['facsimileTelephoneNumber'][] = $this->messages['facsimileNumber'][0];
|
||||||
if ( !eregi($this->regex_email, $this->attributes['mail'][0])) $errors['mail'][] = $this->messages['email'];
|
if ( !get_preg($this->attributes['mail'][0], 'email')) $errors['mail'][] = $this->messages['email'][0];
|
||||||
if ( !eregi($this->regex_street, $this->attributes['street'][0])) $errors['street'][] = $this->messages['street'];
|
if ( !get_preg($this->attributes['street'][0], 'street')) $errors['street'][] = $this->messages['street'][0];
|
||||||
if ( !eregi($this->regex_postalAddress, $this->attributes['postalAddress'][0])) $errors['postalAdress'][] = $this->messages['postalAddress'];
|
if ( !get_preg($this->attributes['postalAddress'][0], 'postalAddress')) $errors['postalAdress'][] = $this->messages['postalAddress'][0];
|
||||||
if ( !eregi($this->regex_postalCode, $this->attributes['personal_postalCode'][0])) $errors['personal_postalCode'][] = $this->messages['postalCode'];
|
if ( !get_preg($this->attributes['personal_postalCode'][0], 'postalCode')) $errors['personal_postalCode'][] = $this->messages['postalCode'][0];
|
||||||
}
|
}
|
||||||
if ( !eregi($this->regex_title, $this->attributes['title'][0])) $errors['title'][] = $this->messages['title'];
|
if ( !get_preg($this->attributes['title'][0], 'title')) $errors['title'][] = $this->messages['title'][0];
|
||||||
if ( !eregi($this->regex_employeeType, $this->attributes['employeeType'][0])) $errors['employeeType'][] = $this->messages['employeeType'];
|
if ( !get_preg($this->attributes['employeeType'][0], 'employeeType')) $errors['employeeType'][] = $this->messages['employeeType'][0];
|
||||||
// Return error-messages
|
// Return error-messages
|
||||||
if (is_array($errors)) return $errors;
|
if (is_array($errors)) return $errors;
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
@ -20,57 +20,46 @@ $Id$
|
||||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* Session variables which are used:
|
|
||||||
* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached
|
|
||||||
*
|
|
||||||
* Coockie variables which are used:
|
|
||||||
* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords.
|
|
||||||
*
|
|
||||||
* Variables in basearray which are no objects:
|
|
||||||
* type: Type of account. Can be user, group, host
|
|
||||||
* attributes: List of all attributes, how to get them and are theiy required or optional
|
|
||||||
* dn: current DN without uid= or cn=
|
|
||||||
* dn_orig: old DN if account was loaded with uid= or cn=
|
|
||||||
|
|
||||||
* External functions which are used
|
|
||||||
* account.inc: findgroups, incache, get_cache, array_delete, getshells
|
|
||||||
* ldap.inc: pwd_is_enabled, pwd_hash
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* This class contains all posixAccount LDAP attributes
|
|
||||||
* and funtioncs required to deal with posixAccount
|
|
||||||
* posixAccount can only be created when it should be added
|
|
||||||
* to an array.
|
|
||||||
* basearray is the same array posixAccount should be added
|
|
||||||
* to. If basearray is not given the constructor tries to
|
|
||||||
* create an array with posixAccount and all other required
|
|
||||||
* objects.
|
|
||||||
* Example: $user[] = new posixAccount($user);
|
|
||||||
*
|
|
||||||
* In container array the following things have to exist:
|
|
||||||
* account or inetOrgPerson object
|
|
||||||
* type: 'user' or 'host'
|
|
||||||
* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account
|
|
||||||
*/
|
|
||||||
class posixAccount extends baseModule {
|
class posixAccount extends baseModule {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates a new posixAccount object.
|
* Creates a new posixAccount object.
|
||||||
*/
|
*/
|
||||||
function posixAccount($scope) {
|
function posixAccount($scope) {
|
||||||
// error messages for input checks
|
|
||||||
$this->messages['homedir'] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
|
|
||||||
$this->messages['minUID'] = array('ERROR', _('Users') . ': ' . _('Minimum UID number'), _("Minimum UID number is invalid!"));
|
|
||||||
$this->messages['maxUID'] = array('ERROR', _('Users') . ': ' . _('Maximum UID number'), _("Maximum UID number is invalid!"));
|
|
||||||
$this->messages['minMachine'] = array('ERROR', _('Hosts') . ': ' . _('Minimum UID number'), _("Minimum UID number is invalid!"));
|
|
||||||
$this->messages['maxMachine'] = array('ERROR', _('Hosts') . ': ' . _('Maximum UID number'), _("Maximum UID number is invalid!"));
|
|
||||||
$this->messages['cmp_UID'] = array('ERROR', _('Users') . ': ' . _('Maximum UID number'), _("Maximum UID number must be greater than minimum UID number!"));
|
|
||||||
$this->messages['cmp_Machine'] = array('ERROR', _('Hosts') . ': ' . _('Maximum UID number'), _("Maximum UID number must be greater than minimum UID number!"));
|
|
||||||
$this->messages['cmp_both'] = array('ERROR', _('UID ranges'), _("The UID ranges for users and hosts overlap! This is a problem because LAM uses the highest UID in use + 1. Please set the minimum UID to equal values or use independent ranges."));
|
|
||||||
// call parent constructor
|
// call parent constructor
|
||||||
parent::baseModule($scope);
|
parent::baseModule($scope);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** this functin fills the error message array with messages
|
||||||
|
**/
|
||||||
|
function load_Messages() {
|
||||||
|
// error messages for input checks
|
||||||
|
$this->messages['minUID'][0] = array('ERROR', _('Users') . ': ' . _('Minimum UID number'), _("Minimum UID number is invalid!"));
|
||||||
|
$this->messages['maxUID'][0] = array('ERROR', _('Users') . ': ' . _('Maximum UID number'), _("Maximum UID number is invalid!"));
|
||||||
|
$this->messages['minMachine'][0] = array('ERROR', _('Hosts') . ': ' . _('Minimum UID number'), _("Minimum UID number is invalid!"));
|
||||||
|
$this->messages['maxMachine'][0] = array('ERROR', _('Hosts') . ': ' . _('Maximum UID number'), _("Maximum UID number is invalid!"));
|
||||||
|
$this->messages['cmp_UID'][0] = array('ERROR', _('Users') . ': ' . _('Maximum UID number'), _("Maximum UID number must be greater than minimum UID number!"));
|
||||||
|
$this->messages['cmp_Machine'][0] = array('ERROR', _('Hosts') . ': ' . _('Maximum UID number'), _("Maximum UID number must be greater than minimum UID number!"));
|
||||||
|
$this->messages['cmp_both'][0] = array('ERROR', _('UID ranges'), _("The UID ranges for users and hosts overlap! This is a problem because LAM uses the highest UID in use + 1. Please set the minimum UID to equal values or use independent ranges."));
|
||||||
|
$this->messages['homeDirectory'][0] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
|
||||||
|
$this->messages['homeDirectory'][1] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
||||||
|
$this->messages['homeDirectory'][2] = array('INFO', _('Home directory'), sprintf(_('Home directory changed. To keep home directory you have to run the following command as root: \'mv %s %s\''), $this->orig['homeDirectory'][0], $this->attributes['homeDirectory'][0]));
|
||||||
|
$this->messages['gidNumber'][0] = array('INFO', _('GID number'), sprintf(_('GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\''), $this->orig['gidNumber'][0], $this->orig['uidNumber'][0], $_SESSION['cache']->getgid($this->attribtues['gidNumber'][0])));
|
||||||
|
$this->messages['uidNumber'][0] = array('INFO', _('UID number'), sprintf(_('UID number has changed. To keep file ownership you have to run the following command as root: \'find / -uid %s -exec chown %s {} \;\''), $this->orig['uidNumber'][0], $this->attributes['uidNumber'][0]));
|
||||||
|
$this->messages['uidNumber'][1] = array('ERROR', _('ID-Number'), _('No free ID-Number!'));
|
||||||
|
$this->messages['uidNumber'][2] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
|
||||||
|
$this->messages['uidNumber'][3] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
||||||
|
$this->messages['userPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
||||||
|
$this->messages['userPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
||||||
|
$this->messages['uid'][0] = array('INFO', _('UID'), _('UID has changed. Do you want to change home directory?'));
|
||||||
|
$this->messages['uid'][1] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
||||||
|
$this->messages['uid'][2] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
||||||
|
$this->messages['uid'][3] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
||||||
|
$this->messages['uid'][4] = array('ERROR', _('Hostname'), _('Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ ! Hostname must end with $ !'));
|
||||||
|
$this->messages['uid'][5] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
|
||||||
|
$this->messages['uid'][6] = array('WARN', _('Hostname'), _('Hostname in use. Selected next free hostname.'));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns meta data that is interpreted by parent class
|
* Returns meta data that is interpreted by parent class
|
||||||
*
|
*
|
||||||
|
@ -96,8 +85,8 @@ class posixAccount extends baseModule {
|
||||||
// alias name
|
// alias name
|
||||||
$return["alias"] = _("Unix");
|
$return["alias"] = _("Unix");
|
||||||
// profile checks
|
// profile checks
|
||||||
$return['profile_checks']['posixAccount_homeDirectory'] = array('type' => 'regex_i', 'regex' => $this->regex_homedir,
|
$return['profile_checks']['posixAccount_homeDirectory'] = array('type' => 'regex_i', 'regex' => 'homeDirectory',
|
||||||
'error_message' => $this->messages['homedir']);
|
'error_message' => $this->messages['homeDirectory'][0]);
|
||||||
// configuration options
|
// configuration options
|
||||||
$return['config_options']['user'] = array(
|
$return['config_options']['user'] = array(
|
||||||
array(
|
array(
|
||||||
|
@ -172,7 +161,6 @@ class posixAccount extends baseModule {
|
||||||
parent::init($base);
|
parent::init($base);
|
||||||
$groups = $_SESSION['cache']->findgroups(); // list of all groupnames
|
$groups = $_SESSION['cache']->findgroups(); // list of all groupnames
|
||||||
if (count($groups)==0) trigger_error(_('No groups found in ldap.'), E_USER_WARNING);
|
if (count($groups)==0) trigger_error(_('No groups found in ldap.'), E_USER_WARNING);
|
||||||
|
|
||||||
$this->createhomedir=false;
|
$this->createhomedir=false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -181,13 +169,6 @@ class posixAccount extends baseModule {
|
||||||
var $userPassword_no;
|
var $userPassword_no;
|
||||||
// Lock account?
|
// Lock account?
|
||||||
var $userPassword_lock;
|
var $userPassword_lock;
|
||||||
|
|
||||||
// This variable contains all inetOrgPerson attributes
|
|
||||||
var $attributes;
|
|
||||||
/* If an account was loaded all attributes are kept in this array
|
|
||||||
* to compare it with new changed attributes
|
|
||||||
*/
|
|
||||||
var $orig;
|
|
||||||
/* These two variables keep an array of groups the
|
/* These two variables keep an array of groups the
|
||||||
* user is also member of.
|
* user is also member of.
|
||||||
*/
|
*/
|
||||||
|
@ -195,12 +176,6 @@ class posixAccount extends baseModule {
|
||||||
var $groups_orig;
|
var $groups_orig;
|
||||||
var $createhomedir;
|
var $createhomedir;
|
||||||
|
|
||||||
/** regular expression for home directory */
|
|
||||||
var $regex_homedir = '^[/]([a-z])([a-z0-9\\._-])*([/]([a-z\\$])([a-z0-9\\._-])*)*$';
|
|
||||||
|
|
||||||
/** list of possible error messages */
|
|
||||||
var $messages = array();
|
|
||||||
|
|
||||||
/* $attribute['userPassword'] can't accessed directly because it's enrcypted
|
/* $attribute['userPassword'] can't accessed directly because it's enrcypted
|
||||||
* To read / write password function userPassword is needed
|
* To read / write password function userPassword is needed
|
||||||
* This function will return the unencrypted password when
|
* This function will return the unencrypted password when
|
||||||
|
@ -263,26 +238,7 @@ class posixAccount extends baseModule {
|
||||||
* $attr is an array as it's retured from ldap_get_attributes
|
* $attr is an array as it's retured from ldap_get_attributes
|
||||||
*/
|
*/
|
||||||
function load_attributes($attr) {
|
function load_attributes($attr) {
|
||||||
// Load attributes which are displayed
|
$this->load_ldap_attributes($attr);
|
||||||
// unset count entries
|
|
||||||
unset ($attr['count']);
|
|
||||||
$attributes = array_keys($attr);
|
|
||||||
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
|
|
||||||
// unset double entries
|
|
||||||
for ($i=0; $i<count($attr); $i++)
|
|
||||||
if (isset($attr[$i])) unset($attr[$i]);
|
|
||||||
foreach ($attributes as $attribute) {
|
|
||||||
if (isset($this->attributes[$attribute])) {
|
|
||||||
// decode as unicode
|
|
||||||
$this->attributes[$attribute] = $attr[$attribute];
|
|
||||||
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
|
|
||||||
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Values are kept as copy so we can compare old attributes with new attributes
|
|
||||||
$this->attributes['objectClass'][0] = 'posixAccount';
|
|
||||||
|
|
||||||
// get all additional groupmemberships
|
// get all additional groupmemberships
|
||||||
$dn_groups = $_SESSION['cache']->get_cache('memberUid', 'posixGroup', 'group');
|
$dn_groups = $_SESSION['cache']->get_cache('memberUid', 'posixGroup', 'group');
|
||||||
|
@ -418,13 +374,19 @@ class posixAccount extends baseModule {
|
||||||
*/
|
*/
|
||||||
function proccess_attributes($post, $profile=false) {
|
function proccess_attributes($post, $profile=false) {
|
||||||
if ($this->orig['uid'][0]!='' && $post['uid']!=$this->attributes['uid'][0])
|
if ($this->orig['uid'][0]!='' && $post['uid']!=$this->attributes['uid'][0])
|
||||||
$errors['uid'][] = array('INFO', _('UID'), _('UID has changed. Do you want to change home directory?'));
|
$errors['uid'][] = $this->messages['uid'][0];
|
||||||
if ($this->orig['gidNumber'][0]!='' && $_SESSION['cache']->getgid($post['gidNumber'])!=$this->attributes['gidNumber'][0])
|
if ($this->orig['gidNumber'][0]!='' && $_SESSION['cache']->getgid($post['gidNumber'])!=$this->attributes['gidNumber'][0]) {
|
||||||
$errors['gidNumber'][] = array('INFO', _('GID number'), sprintf(_('GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\''), $this->orig['gidNumber'][0], $this->orig['uidNumber'][0], $_SESSION['cache']->getgid($post['gidNumber'])));
|
$this->load_errorMessage();
|
||||||
if ($this->orig['uidNumber'][0]!='' && $post['uidNumber']!=$this->attributes['uidNumber'][0])
|
$errors['gidNumber'][] = $this->messages['gidNumber'][0];
|
||||||
$errors['uidNumber'][] = array('INFO', _('UID number'), sprintf(_('UID number has changed. To keep file ownership you have to run the following command as root: \'find / -uid %s -exec chown %s {} \;\''), $this->orig['uidNumber'][0], $this->attributes['uidNumber'][0]));
|
}
|
||||||
if (isset($post['homeDirectory']) && $this->orig['homeDirectory'][0]!='' && $post['homeDirectory']!=$this->attributes['homeDirectory'][0])
|
if ($this->orig['uidNumber'][0]!='' && $post['uidNumber']!=$this->attributes['uidNumber'][0]) {
|
||||||
$errors['homeDirectory'][] = array('INFO', _('Home directory'), sprintf(_('Home directory changed. To keep home directory you have to run the following command as root: \'mv %s %s\''), $this->orig['homeDirectory'][0], $this->attributes['homeDirectory'][0]));
|
$this->load_errorMessage();
|
||||||
|
$errors['uidNumber'][] = $this->messages['uidNumber'][0];
|
||||||
|
}
|
||||||
|
if (isset($post['homeDirectory']) && $this->orig['homeDirectory'][0]!='' && $post['homeDirectory']!=$this->attributes['homeDirectory'][0]) {
|
||||||
|
$this->load_errorMessage();
|
||||||
|
$errors['homeDirectory'][] = $this->messages['homeDirectory'][2];
|
||||||
|
}
|
||||||
|
|
||||||
// Load attributes
|
// Load attributes
|
||||||
$this->attributes['uid'][0] = $post['uid'];
|
$this->attributes['uid'][0] = $post['uid'];
|
||||||
|
@ -441,13 +403,19 @@ class posixAccount extends baseModule {
|
||||||
if ($post['userPassword_lock']) $this->userPassword_lock=true;
|
if ($post['userPassword_lock']) $this->userPassword_lock=true;
|
||||||
else $this->userPassword_lock=false;
|
else $this->userPassword_lock=false;
|
||||||
if (!$profile) {
|
if (!$profile) {
|
||||||
if ($post['genpass']) $this->userPassword(genpasswd());
|
if ($post['genpass']) {
|
||||||
else if (isset($post['userPassword'])) {
|
$this->userPassword(genpasswd());
|
||||||
|
$post['userPassword2'] = '';
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if (isset($post['userPassword'])) {
|
||||||
if ($post['userPassword'] != $post['userPassword2']) {
|
if ($post['userPassword'] != $post['userPassword2']) {
|
||||||
$errors['userPassword'][] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
$errors['userPassword'][] = $this->messages['userPassword'][0];
|
||||||
unset ($post['userPassword2']);
|
|
||||||
}
|
}
|
||||||
else $this->userPassword($post['userPassword']);
|
else $this->userPassword($post['userPassword']);
|
||||||
|
if (!get_preg($this->userPassword(), 'password'))
|
||||||
|
$errors['userPassword'][] = $this->messages['userPassword'][1];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if UID is valid. If none value was entered, the next useable value will be inserted
|
// Check if UID is valid. If none value was entered, the next useable value will be inserted
|
||||||
|
@ -482,10 +450,10 @@ class posixAccount extends baseModule {
|
||||||
$i = intval($minID);
|
$i = intval($minID);
|
||||||
while (in_array($i, $uids)) $i++;
|
while (in_array($i, $uids)) $i++;
|
||||||
if ($i>$maxID)
|
if ($i>$maxID)
|
||||||
$errors['uidNumber'][] = array('ERROR', _('ID-Number'), _('No free ID-Number!'));
|
$errors['uidNumber'][] = $this->messages['uidNumber'][1];
|
||||||
else {
|
else {
|
||||||
$this->attributes['uidNumber'][0] = $i;
|
$this->attributes['uidNumber'][0] = $i;
|
||||||
$errors['uidNumber'][] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
|
$errors['uidNumber'][] = $this->messages['uidNumber'][2];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else $this->attributes['uidNumber'][0] = $minID;
|
else $this->attributes['uidNumber'][0] = $minID;
|
||||||
|
@ -504,15 +472,15 @@ class posixAccount extends baseModule {
|
||||||
if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]=='') $errors['uidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]=='') $errors['uidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
||||||
// id-number is in use, account is existing account and id-number is not used by itself
|
// id-number is in use, account is existing account and id-number is not used by itself
|
||||||
if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]!='' && ($this->orig['uidNumber'][0] != $this->attributes['uidNumber'][0]) ) {
|
if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]!='' && ($this->orig['uidNumber'][0] != $this->attributes['uidNumber'][0]) ) {
|
||||||
$errors['uidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
$errors['uidNumber'][] = $this->messages['uidNumber'][3];
|
||||||
$this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0];
|
$this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($_SESSION[$this->base]->type=='user') {
|
if ($_SESSION[$this->base]->type=='user') {
|
||||||
if (($this->attributes['uid'][0] != $post['uid']) && ereg('[A-Z]$', $post['uid']) && !$profile)
|
if (($this->attributes['uid'][0] != $post['uid']) && !get_preg($post['uid'], '!upper') && !$profile)
|
||||||
$errors['uid'][] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
$errors['uid'][] = $this->messages['uid'][1];
|
||||||
// Check if Homedir is valid
|
// Check if Homedir is valid
|
||||||
if (!$profile) {
|
if (!$profile) {
|
||||||
$this->attributes['homeDirectory'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
|
$this->attributes['homeDirectory'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
|
||||||
|
@ -520,19 +488,19 @@ class posixAccount extends baseModule {
|
||||||
$this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]);
|
$this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]);
|
||||||
if ($this->attributes['homeDirectory'][0] != $post['homeDirectory']) $errors['homeDirecotry'][] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
if ($this->attributes['homeDirectory'][0] != $post['homeDirectory']) $errors['homeDirecotry'][] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
||||||
}
|
}
|
||||||
if ( !eregi($this->regex_homedir, $this->attributes['homeDirectory'][0] ))
|
if ( !get_preg($this->attributes['homeDirectory'][0], 'homeDirectory' ))
|
||||||
$errors['homeDirecotry'][] = $this->messages['homedir'];
|
$errors['homeDirecotry'][] = $this->messages['homeDirectory'][0];
|
||||||
// Check if Username contains only valid characters
|
// Check if Username contains only valid characters
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['uid'][0]) && !$profile)
|
if ( !get_preg($this->attributes['uid'][0], 'username') && !$profile)
|
||||||
$errors['uid'][] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
$errors['uid'][] = $this->messages['uid'][2];
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_SESSION[$this->base]->type=='host' && !$profile) {
|
if ($_SESSION[$this->base]->type=='host' && !$profile) {
|
||||||
if (($this->attributes['uid'][0] != $post['form_account_uid']) && ereg('[A-Z]$', $post['form_account_uid']))
|
if (($this->attributes['uid'][0] != $post['uid']) && !get_preg($post['uid'], '!upper'))
|
||||||
$errors['uid'][] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
$errors['uid'][] = $this->messages['uid'][3];
|
||||||
// Check if Username contains only valid characters
|
// Check if Hostname contains only valid characters
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+[$]$', $this->attributes['uid'][0]))
|
if ( !get_preg($this->attributes['uid'][0], 'hostname'))
|
||||||
$errors['uid'][] = array('ERROR', _('Hostname'), _('Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ ! Hostname must end with $ !'));
|
$errors['uid'][] = $this->messages['uid'][4];
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create automatic useraccount with number if original user already exists
|
// Create automatic useraccount with number if original user already exists
|
||||||
|
@ -579,14 +547,14 @@ class posixAccount extends baseModule {
|
||||||
// Show warning if lam has changed username
|
// Show warning if lam has changed username
|
||||||
if ($_SESSION[$this->base]->type=='user')
|
if ($_SESSION[$this->base]->type=='user')
|
||||||
if ($this->attributes['uid'][0] != $post['uid']) {
|
if ($this->attributes['uid'][0] != $post['uid']) {
|
||||||
$errors['uid'][] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
|
$errors['uid'][] = $this->messages['uid'][5];
|
||||||
}
|
}
|
||||||
if ($_SESSION[$this->base]->type=='host')
|
if ($_SESSION[$this->base]->type=='host')
|
||||||
if ($this->attributes['uid'][0] != $post['uid']) {
|
if ($this->attributes['uid'][0] != $post['uid']) {
|
||||||
$errors['uid'][] = array('WARN', _('Hostname'), _('Hostname in use. Selected next free hostname.'));
|
$errors['uid'][] = $this->messages['uid'][6];
|
||||||
}
|
}
|
||||||
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
|
if (!get_preg($this->userPassword(), 'password'))
|
||||||
$errors['userPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
$errors['userPassword'][] = $this->messages['userPassword'][1];
|
||||||
}
|
}
|
||||||
// Return error-messages
|
// Return error-messages
|
||||||
if (is_array($errors)) return $errors;
|
if (is_array($errors)) return $errors;
|
||||||
|
@ -626,7 +594,7 @@ class posixAccount extends baseModule {
|
||||||
|
|
||||||
if (!$profile) {
|
if (!$profile) {
|
||||||
if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword();
|
if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword();
|
||||||
else $password='';
|
else if ($this->attributes['userPassword'][0] != '') $password=$post['userPassword'];
|
||||||
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Username").'*' ),
|
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Username").'*' ),
|
||||||
1 => array ( 'kind' => 'input', 'name' => 'uid', 'type' => 'text', 'size' => '20', 'maxlength' => '20', 'value' => $this->attributes['uid'][0]),
|
1 => array ( 'kind' => 'input', 'name' => 'uid', 'type' => 'text', 'size' => '20', 'maxlength' => '20', 'value' => $this->attributes['uid'][0]),
|
||||||
2 => array ('kind' => 'help', 'value' => 'uid'));
|
2 => array ('kind' => 'help', 'value' => 'uid'));
|
||||||
|
@ -792,15 +760,15 @@ class posixAccount extends baseModule {
|
||||||
if (in_array('user', $scopes)) {
|
if (in_array('user', $scopes)) {
|
||||||
// min/maxUID are required, check if they are numeric
|
// min/maxUID are required, check if they are numeric
|
||||||
if (!isset($options['posixAccount_minUID'][0]) || !ereg('^[0-9]+$', $options['posixAccount_minUID'][0])) {
|
if (!isset($options['posixAccount_minUID'][0]) || !ereg('^[0-9]+$', $options['posixAccount_minUID'][0])) {
|
||||||
$return[] = $this->messages['minUID'];
|
$return[] = $this->messages['minUID'][0];
|
||||||
}
|
}
|
||||||
if (!isset($options['posixAccount_maxUID'][0]) || !ereg('^[0-9]+$', $options['posixAccount_maxUID'][0])) {
|
if (!isset($options['posixAccount_maxUID'][0]) || !ereg('^[0-9]+$', $options['posixAccount_maxUID'][0])) {
|
||||||
$return[] = $this->messages['maxUID'];
|
$return[] = $this->messages['maxUID'][0];
|
||||||
}
|
}
|
||||||
// minUID < maxUID
|
// minUID < maxUID
|
||||||
if (isset($options['posixAccount_minUID'][0]) && isset($options['posixAccount_maxUID'][0])) {
|
if (isset($options['posixAccount_minUID'][0]) && isset($options['posixAccount_maxUID'][0])) {
|
||||||
if ($options['posixAccount_minUID'][0] > $options['posixAccount_maxUID'][0]) {
|
if ($options['posixAccount_minUID'][0] > $options['posixAccount_maxUID'][0]) {
|
||||||
$return[] = $this->messages['cmp_UID'];
|
$return[] = $this->messages['cmp_UID'][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -808,15 +776,15 @@ class posixAccount extends baseModule {
|
||||||
if (in_array('host', $scopes)) {
|
if (in_array('host', $scopes)) {
|
||||||
// min/maxUID are required, check if they are numeric
|
// min/maxUID are required, check if they are numeric
|
||||||
if (!isset($options['posixAccount_minMachine'][0]) || !ereg('^[0-9]+$', $options['posixAccount_minMachine'][0])) {
|
if (!isset($options['posixAccount_minMachine'][0]) || !ereg('^[0-9]+$', $options['posixAccount_minMachine'][0])) {
|
||||||
$return[] = $this->messages['minMachine'];
|
$return[] = $this->messages['minMachine'][0];
|
||||||
}
|
}
|
||||||
if (!isset($options['posixAccount_maxMachine'][0]) || !ereg('^[0-9]+$', $options['posixAccount_maxMachine'][0])) {
|
if (!isset($options['posixAccount_maxMachine'][0]) || !ereg('^[0-9]+$', $options['posixAccount_maxMachine'][0])) {
|
||||||
$return[] = $this->messages['maxMachine'];
|
$return[] = $this->messages['maxMachine'][0];
|
||||||
}
|
}
|
||||||
// minUID < maxUID
|
// minUID < maxUID
|
||||||
if (isset($options['posixAccount_minMachine'][0]) && isset($options['posixAccount_maxMachine'][0])) {
|
if (isset($options['posixAccount_minMachine'][0]) && isset($options['posixAccount_maxMachine'][0])) {
|
||||||
if ($options['posixAccount_minMachine'][0] > $options['posixAccount_maxMachine'][0]) {
|
if ($options['posixAccount_minMachine'][0] > $options['posixAccount_maxMachine'][0]) {
|
||||||
$return[] = $this->messages['cmp_Machine'];
|
$return[] = $this->messages['cmp_Machine'][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -826,11 +794,11 @@ class posixAccount extends baseModule {
|
||||||
isset($options['posixAccount_minMachine'][0]) && isset($options['posixAccount_maxMachine'][0])) {
|
isset($options['posixAccount_minMachine'][0]) && isset($options['posixAccount_maxMachine'][0])) {
|
||||||
if (($options['posixAccount_minMachine'][0] > $options['posixAccount_minUID'][0]) &&
|
if (($options['posixAccount_minMachine'][0] > $options['posixAccount_minUID'][0]) &&
|
||||||
($options['posixAccount_minMachine'][0] < $options['posixAccount_maxUID'][0])) {
|
($options['posixAccount_minMachine'][0] < $options['posixAccount_maxUID'][0])) {
|
||||||
$return[] = $this->messages['cmp_both'];
|
$return[] = $this->messages['cmp_both'][0];
|
||||||
}
|
}
|
||||||
if (($options['posixAccount_minUID'][0] > $options['posixAccount_minMachine'][0]) &&
|
if (($options['posixAccount_minUID'][0] > $options['posixAccount_minMachine'][0]) &&
|
||||||
($options['posixAccount_minUID'][0] < $options['posixAccount_maxMachine'][0])) {
|
($options['posixAccount_minUID'][0] < $options['posixAccount_maxMachine'][0])) {
|
||||||
$return[] = $this->messages['cmp_both'];
|
$return[] = $this->messages['cmp_both'][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,8 +37,6 @@ class posixGroup extends baseModule {
|
||||||
* @param string $scope account type
|
* @param string $scope account type
|
||||||
*/
|
*/
|
||||||
function posixGroup($scope) {
|
function posixGroup($scope) {
|
||||||
// load error messages
|
|
||||||
$this->load_errorMessages();
|
|
||||||
// call parent constructor
|
// call parent constructor
|
||||||
parent::baseModule($scope);
|
parent::baseModule($scope);
|
||||||
}
|
}
|
||||||
|
@ -254,23 +252,42 @@ class posixGroup extends baseModule {
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
// configuration checks
|
// configuration checks
|
||||||
$return['config_checks']['group']['posixGroup_minGID'] = array(
|
$return['config_checks']['group']['posixGroup_minGID'] = array
|
||||||
'type' => 'regex',
|
|
||||||
'regex' => '^[0-9]+$',
|
'type' => 'regex'
|
||||||
'required' => true,
|
|
||||||
'required_message' => $this->errormessages['gidNumber'][5],
|
'regex' => 'digit'
|
||||||
'error_message' => $this->errormessages['gidNumber'][5]);
|
|
||||||
$return['config_checks']['group']['posixGroup_maxGID'] = array(
|
'required' => true
|
||||||
'type' => 'regex',
|
|
||||||
'regex' => '^[0-9]+$',
|
'required_message' => $this->errormessages['gidNumber'][5]
|
||||||
'required' => true,
|
|
||||||
'required_message' => $this->errormessages['gidNumber'][6],
|
'error_message' => $this->errormessages['gidNumber'][5])
|
||||||
'error_message' => $this->errormessages['gidNumber'][6]);
|
|
||||||
$return['config_checks']['group']['cmpGID'] = array(
|
$return['config_checks']['group']['posixGroup_maxGID'] = array
|
||||||
'type' => 'int_greater',
|
|
||||||
'cmp_name1' => 'posixGroup_maxGID',
|
'type' => 'regex'
|
||||||
'cmp_name2' => 'posixGroup_minGID',
|
|
||||||
'error_message' => $this->errormessages['gidNumber'][7]);
|
'regex' => 'digit'
|
||||||
|
|
||||||
|
'required' => true
|
||||||
|
|
||||||
|
'required_message' => $this->errormessages['gidNumber'][6]
|
||||||
|
|
||||||
|
'error_message' => $this->errormessages['gidNumber'][6])
|
||||||
|
|
||||||
|
$return['config_checks']['group']['cmpGID'] = array
|
||||||
|
|
||||||
|
'type' => 'int_greater'
|
||||||
|
|
||||||
|
'cmp_name1' => 'posixGroup_maxGID'
|
||||||
|
|
||||||
|
'cmp_name2' => 'posixGroup_minGID'
|
||||||
|
|
||||||
|
'error_message' => $this->errormessages['gidNumber'][7])
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// available PDF fields
|
// available PDF fields
|
||||||
$return['PDF_fields'] = array( 'cn',
|
$return['PDF_fields'] = array( 'cn',
|
||||||
'gidNumber',
|
'gidNumber',
|
||||||
|
@ -390,19 +407,19 @@ class posixGroup extends baseModule {
|
||||||
|
|
||||||
/** this functin fills the error message array with messages
|
/** this functin fills the error message array with messages
|
||||||
**/
|
**/
|
||||||
function load_errorMessages() {
|
function load_Messages() {
|
||||||
$this->errormessages['userPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
$this->messages['minGID'][0] = array('ERROR', _('Minimum GID number'), _('Minimum GID number is invalid or empty!'));
|
||||||
$this->errormessages['userPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
$this->messages['maxGID'][0] = array('ERROR', _('Maximum GID number'), _('Maximum GID number is invalid or empty!'));
|
||||||
$this->errormessages['gidNumber'][0] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.'));
|
$this->messages['cmpGID'][0] = array('ERROR', _('Maximum GID number'), _('Maximum GID number must be greater than minimum GID number!'));
|
||||||
$this->errormessages['gidNumber'][2] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
|
$this->messages['userPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
||||||
$this->errormessages['gidNumber'][3] = array('ERROR', _('ID-Number'), _('No free ID-Number!'));
|
$this->messages['userPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
||||||
$this->errormessages['gidNumber'][4] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
$this->messages['gidNumber'][0] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.'));
|
||||||
$this->errormessages['gidNumber'][5] = array('ERROR', _('Minimum GID number'), _('Minimum GID number is invalid or empty!'));
|
$this->messages['gidNumber'][2] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
|
||||||
$this->errormessages['gidNumber'][6] = array('ERROR', _('Maximum GID number'), _('Maximum GID number is invalid or empty!'));
|
$this->messages['gidNumber'][3] = array('ERROR', _('ID-Number'), _('No free ID-Number!'));
|
||||||
$this->errormessages['gidNumber'][7] = array('ERROR', _('Maximum GID number'), _('Maximum GID number must be greater than minimum GID number!'));
|
$this->messages['gidNumber'][4] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
||||||
$this->errormessages['cn'][0] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
$this->messages['cn'][0] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
||||||
$this->errormessages['cn'][1] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.'));
|
$this->messages['cn'][1] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.'));
|
||||||
$this->errormessages['cn'][2] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
$this->messages['cn'][2] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -451,11 +468,11 @@ class posixGroup extends baseModule {
|
||||||
else {
|
else {
|
||||||
if (isset($post['userPassword'])) {
|
if (isset($post['userPassword'])) {
|
||||||
if ($post['userPassword'] != $post['userPassword2']) {
|
if ($post['userPassword'] != $post['userPassword2']) {
|
||||||
$errors['userPassword'][] = $this->errormessages['userPassword'][0];
|
$errors['userPassword'][] = $this->messages['userPassword'][0];
|
||||||
}
|
}
|
||||||
else $this->userPassword($post['userPassword']);
|
else $this->userPassword($post['userPassword']);
|
||||||
if (!get_preg($this->userPassword(), 'password'))
|
if (!get_preg($this->userPassword(), 'password'))
|
||||||
$errors['userPassword'][] = $this->errormessages['userPassword'][1];
|
$errors['userPassword'][] = $this->messages['userPassword'][1];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($this->attributes['gidNumber'][0]!=$post['gidNumber'] || ($this->errors['gidNumber'][0]='ERROR')) {
|
if ($this->attributes['gidNumber'][0]!=$post['gidNumber'] || ($this->errors['gidNumber'][0]='ERROR')) {
|
||||||
|
@ -488,10 +505,10 @@ class posixGroup extends baseModule {
|
||||||
$i = intval($minID);
|
$i = intval($minID);
|
||||||
while (in_array($i, $gids)) $i++;
|
while (in_array($i, $gids)) $i++;
|
||||||
if ($i>$maxID)
|
if ($i>$maxID)
|
||||||
$errors['gidNumber'][] = $this->errormessages['gidNumber'][3];
|
$errors['gidNumber'][] = $this->messages['gidNumber'][3];
|
||||||
else {
|
else {
|
||||||
$this->attributes['gidNumber'][0] = $i;
|
$this->attributes['gidNumber'][0] = $i;
|
||||||
$errors['gidNumber'][] = $this->errormessages['gidNumber'][2];
|
$errors['gidNumber'][] = $this->messages['gidNumber'][2];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else $this->attributes['gidNumber'][0] = $minID;
|
else $this->attributes['gidNumber'][0] = $minID;
|
||||||
|
@ -510,7 +527,7 @@ class posixGroup extends baseModule {
|
||||||
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]=='') $errors['gidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]=='') $errors['gidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
||||||
// id-number is in use, account is existing account and id-number is not used by itself
|
// id-number is in use, account is existing account and id-number is not used by itself
|
||||||
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]!='' && ($this->orig['gidNumber'][0] != $this->attributes['gidNumber'][0]) ) {
|
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]!='' && ($this->orig['gidNumber'][0] != $this->attributes['gidNumber'][0]) ) {
|
||||||
$errors['gidNumber'][] = $this->errormessages['gidNumber'][4];
|
$errors['gidNumber'][] = $this->messages['gidNumber'][4];
|
||||||
$this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0];
|
$this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -519,10 +536,10 @@ class posixGroup extends baseModule {
|
||||||
if ($this->attributes['cn'][0]!=$post['cn'] || ($this->errors['cn'][0]='ERROR')) {
|
if ($this->attributes['cn'][0]!=$post['cn'] || ($this->errors['cn'][0]='ERROR')) {
|
||||||
$this->attributes['cn'][0] = $post['cn'];
|
$this->attributes['cn'][0] = $post['cn'];
|
||||||
if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn']))
|
if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn']))
|
||||||
$errors['cn'][] = $this->errormessages['cn'][0];
|
$errors['cn'][] = $this->messages['cn'][0];
|
||||||
// Check if Groupname contains only valid characters
|
// Check if Groupname contains only valid characters
|
||||||
if ( !get_preg($this->attributes['cn'][0],'groupname'))
|
if ( !get_preg($this->attributes['cn'][0],'groupname'))
|
||||||
$errors['cn'][] = $this->errormessages['cn'][2];
|
$errors['cn'][] = $this->messages['cn'][2];
|
||||||
// Create automatic useraccount with number if original user already exists
|
// Create automatic useraccount with number if original user already exists
|
||||||
// Reset name to original name if new name is in use
|
// Reset name to original name if new name is in use
|
||||||
// Set username back to original name if new username is in use
|
// Set username back to original name if new username is in use
|
||||||
|
@ -562,11 +579,11 @@ class posixGroup extends baseModule {
|
||||||
}
|
}
|
||||||
// Show warning if lam has changed username
|
// Show warning if lam has changed username
|
||||||
if ($this->attributes['cn'][0] != $post['cn']) {
|
if ($this->attributes['cn'][0] != $post['cn']) {
|
||||||
$errors['cn'][] = $this->errormessages['cn'][0];
|
$errors['cn'][] = $this->messages['cn'][0];
|
||||||
}
|
}
|
||||||
// show info when gidnumber has changed
|
// show info when gidnumber has changed
|
||||||
if (($this->orig['gidNumber'][0]!=$this->attributes['gidNumber'][0]) && $this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0])
|
if (($this->orig['gidNumber'][0]!=$this->attributes['gidNumber'][0]) && $this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0])
|
||||||
$errors['gidNumber'][] = $this->errormessages['gidNumber'][0];
|
$errors['gidNumber'][] = $this->messages['gidNumber'][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Return error-messages
|
// Return error-messages
|
||||||
|
|
|
@ -27,17 +27,22 @@ class quota extends baseModule {
|
||||||
* Creates a new quota object.
|
* Creates a new quota object.
|
||||||
*/
|
*/
|
||||||
function quota($scope) {
|
function quota($scope) {
|
||||||
// error messages for input checks
|
|
||||||
$this->messages['softblock'] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed'));
|
|
||||||
$this->messages['hardblock'] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed'));
|
|
||||||
$this->messages['softinode'] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed'));
|
|
||||||
$this->messages['hardinode'] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed'));
|
|
||||||
$this->messages['block_cmp'] = array('ERROR', _('Block quota'), _('Block soft quota must be smaller than block hard quota'));
|
|
||||||
$this->messages['inode_cmp'] = array('ERROR', _('Inode quota'), _('Inode soft quota must be smaller than inode hard quota'));
|
|
||||||
// call parent constructor
|
// call parent constructor
|
||||||
parent::baseModule($scope);
|
parent::baseModule($scope);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** this functin fills the error message array with messages
|
||||||
|
**/
|
||||||
|
function load_Messages() {
|
||||||
|
// error messages for input checks
|
||||||
|
$this->messages['softblock'][0] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed'));
|
||||||
|
$this->messages['hardblock'][0] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed'));
|
||||||
|
$this->messages['softinode'][0] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed'));
|
||||||
|
$this->messages['hardinode'][0] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed'));
|
||||||
|
$this->messages['block_cmp'][0] = array('ERROR', _('Block quota'), _('Block soft quota must be smaller than block hard quota'));
|
||||||
|
$this->messages['inode_cmp'][0] = array('ERROR', _('Inode quota'), _('Inode soft quota must be smaller than inode hard quota'));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns meta data that is interpreted by parent class
|
* Returns meta data that is interpreted by parent class
|
||||||
*
|
*
|
||||||
|
@ -94,16 +99,8 @@ class quota extends baseModule {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Variables
|
// Variables
|
||||||
|
|
||||||
var $quota;
|
var $quota;
|
||||||
|
|
||||||
/** regular expression for quota values */
|
|
||||||
var $regex_quota = '^[0-9]*$';
|
|
||||||
|
|
||||||
/** list of possible error messages */
|
|
||||||
var $messages = array();
|
|
||||||
|
|
||||||
|
|
||||||
function module_ready() {
|
function module_ready() {
|
||||||
if (!isset($_SESSION['config']->scriptPath)) return $false;
|
if (!isset($_SESSION['config']->scriptPath)) return $false;
|
||||||
if ($_SESSION[$this->base]->type=='user' && $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0]=='') return false;
|
if ($_SESSION[$this->base]->type=='user' && $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0]=='') return false;
|
||||||
|
@ -240,18 +237,18 @@ class quota extends baseModule {
|
||||||
$this->quota[$i][6] = $post[$i . '_6'];
|
$this->quota[$i][6] = $post[$i . '_6'];
|
||||||
$this->quota[$i][7] = $post[$i . '_7'];
|
$this->quota[$i][7] = $post[$i . '_7'];
|
||||||
// Check if values are OK and set automatic values. if not error-variable will be set
|
// Check if values are OK and set automatic values. if not error-variable will be set
|
||||||
if (!ereg($this->regex_quota, $this->quota[$i][2]))
|
if (!get_preg($this->quota[$i][2], 'digit'))
|
||||||
$errors[$this->quota[$i][2]][] = $this->messages['softblock'];
|
$errors[$this->quota[$i][2]][] = $this->messages['softblock'][0];
|
||||||
if (!ereg($this->regex_quota, $this->quota[$i][3]))
|
if (!get_preg($this->quota[$i][3], 'digit'))
|
||||||
$errors[$this->quota[$i][3]][] = $this->messages['hardblock'];
|
$errors[$this->quota[$i][3]][] = $this->messages['hardblock'][0];
|
||||||
if (!ereg($this->regex_quota, $this->quota[$i][6]))
|
if (!get_preg($this->quota[$i][6], 'digit'))
|
||||||
$errors[$this->quota[$i][6]][] = $this->messages['softinode'];
|
$errors[$this->quota[$i][6]][] = $this->messages['softinode'][0];
|
||||||
if (!ereg($this->regex_quota, $this->quota[$i][7]))
|
if (!get_preg($this->quota[$i][7], 'digit'))
|
||||||
$errors[$this->quota[$i][7]][] = $this->messages['hardinode'];
|
$errors[$this->quota[$i][7]][] = $this->messages['hardinode'][0];
|
||||||
if (intval($this->quota[$i][2]) > intval($this->quota[$i][3]))
|
if (intval($this->quota[$i][2]) > intval($this->quota[$i][3]))
|
||||||
$errors[$this->quota[$i][2]][] = $this->messages['block_cmp'];
|
$errors[$this->quota[$i][2]][] = $this->messages['block_cmp'][0];
|
||||||
if (intval($this->quota[$i][6]) > intval($this->quota[$i][7]))
|
if (intval($this->quota[$i][6]) > intval($this->quota[$i][7]))
|
||||||
$errors[$this->quota[$i][6]][] = $this->messages['inode_cmp'];
|
$errors[$this->quota[$i][6]][] = $this->messages['inode_cmp'][0];
|
||||||
$i++;
|
$i++;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -360,12 +357,12 @@ class quota extends baseModule {
|
||||||
$return = array();
|
$return = array();
|
||||||
$i = 0;
|
$i = 0;
|
||||||
while (isset($options["quota_softblock_$i"])) {
|
while (isset($options["quota_softblock_$i"])) {
|
||||||
if (!ereg($this->regex_quota, $options["quota_softblock_$i"][0])) $return[] = $this->messages['softblock'];
|
if (!get_preg($options["quota_softblock_$i"][0], 'digit')) $return[] = $this->messages['softblock'][0];
|
||||||
if (!ereg($this->regex_quota, $options["quota_hardblock_$i"][0])) $return[] = $this->messages['hardblock'];
|
if (!get_preg($options["quota_hardblock_$i"][0], 'digit')) $return[] = $this->messages['hardblock'][0];
|
||||||
if (!ereg($this->regex_quota, $options["quota_softinode_$i"][0])) $return[] = $this->messages['softinode'];
|
if (!get_preg($options["quota_softinode_$i"][0], 'digit')) $return[] = $this->messages['softinode'][0];
|
||||||
if (!ereg($this->regex_quota, $options["quota_hardinode_$i"][0])) $return[] = $this->messages['hardinode'];
|
if (!get_preg($options["quota_hardinode_$i"][0], 'digit')) $return[] = $this->messages['hardinode'][0];
|
||||||
if (intval($options["quota_softblock_$i"][0]) > $options["quota_hardblock_$i"][0]) $return[] = $this->messages['block_cmp'];
|
if (intval($options["quota_softblock_$i"][0]) > $options["quota_hardblock_$i"][0]) $return[] = $this->messages['block_cmp'][0];
|
||||||
if (intval($options["quota_softinode_$i"][0]) > $options["quota_hardinode_$i"][0]) $return[] = $this->messages['inode_cmp'];
|
if (intval($options["quota_softinode_$i"][0]) > $options["quota_hardinode_$i"][0]) $return[] = $this->messages['inode_cmp'][0];
|
||||||
$i++;
|
$i++;
|
||||||
}
|
}
|
||||||
return $return;
|
return $return;
|
||||||
|
|
|
@ -20,38 +20,6 @@ $Id$
|
||||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* Session variables which are used:
|
|
||||||
* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached
|
|
||||||
*
|
|
||||||
* Coockie variables which are used:
|
|
||||||
* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords.
|
|
||||||
*
|
|
||||||
* Variables in basearray which are no objects:
|
|
||||||
* type: Type of account. Can be user, group, host
|
|
||||||
* attributes: List of all attributes, how to get them and are theiy required or optional
|
|
||||||
* dn: current DN without uid= or cn=
|
|
||||||
* dn_orig: old DN if account was loaded with uid= or cn=
|
|
||||||
|
|
||||||
* External functions which are used
|
|
||||||
* account.inc: findgroups, incache, get_cache, array_delete, getshells
|
|
||||||
* ldap.inc: pwd_is_enabled, pwd_hash
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* This class contains all sambaAccount LDAP attributes
|
|
||||||
* and funtioncs required to deal with sambaAccount
|
|
||||||
* sambaAccount can only be created when it should be added
|
|
||||||
* to an array.
|
|
||||||
* basearray is the same array sambaAccount should be added
|
|
||||||
* to. If basearray is not given the constructor tries to
|
|
||||||
* create an array with sambaAccount and all other required
|
|
||||||
* objects.
|
|
||||||
* Example: $user[] = new sambaAccount($user);
|
|
||||||
*
|
|
||||||
* In container array the following things have to exist:
|
|
||||||
* account or inetOrgPerson object
|
|
||||||
* type: 'user' or 'host'
|
|
||||||
* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account
|
|
||||||
*/
|
|
||||||
class sambaAccount extends baseModule {
|
class sambaAccount extends baseModule {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -60,16 +28,29 @@ class sambaAccount extends baseModule {
|
||||||
* @param string $scope account type (user, group, host)
|
* @param string $scope account type (user, group, host)
|
||||||
*/
|
*/
|
||||||
function sambaAccount($scope) {
|
function sambaAccount($scope) {
|
||||||
// error messages for input checks
|
|
||||||
$this->messages['homedir'] = array('ERROR', _('Home path'), _('Home path is invalid.'));
|
|
||||||
$this->messages['profilePath'] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
|
|
||||||
$this->messages['logonScript'] = array('ERROR', _('Script path'), _('Script path is invalid!'));
|
|
||||||
$this->messages['workstations'] = array('ERROR', _('Samba workstations'), _('Please enter a comma separated list of host names!'));
|
|
||||||
$this->messages['domain'] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
|
|
||||||
// call parent constructor
|
// call parent constructor
|
||||||
parent::baseModule($scope);
|
parent::baseModule($scope);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** this functin fills the error message array with messages
|
||||||
|
**/
|
||||||
|
function load_Messages() {
|
||||||
|
// error messages for input checks
|
||||||
|
$this->messages['homePath'][0] = array('ERROR', _('Home path'), _('Home path is invalid.'));
|
||||||
|
$this->messages['homePath'][1] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
|
||||||
|
$this->messages['profilePath'][0] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
|
||||||
|
$this->messages['profilePath'][1] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
|
||||||
|
$this->messages['logonScript'][0] = array('ERROR', _('Script path'), _('Script path is invalid!'));
|
||||||
|
$this->messages['logonScript'][1] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.'));
|
||||||
|
$this->messages['workstations'][0] = array('ERROR', _('Samba workstations'), _('Please enter a comma separated list of host names!'));
|
||||||
|
$this->messages['domain'][0] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
|
||||||
|
$this->messages['lmPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
||||||
|
$this->messages['lmPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
||||||
|
$this->messages['rid'][0] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
|
||||||
|
$this->messages['rid'][1] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns meta data that is interpreted by parent class
|
* Returns meta data that is interpreted by parent class
|
||||||
*
|
*
|
||||||
|
@ -155,16 +136,16 @@ class sambaAccount extends baseModule {
|
||||||
2 => array('kind' => 'help', 'value' => 'TODO')
|
2 => array('kind' => 'help', 'value' => 'TODO')
|
||||||
);
|
);
|
||||||
// profile checks
|
// profile checks
|
||||||
$return['profile_checks']['sambaAccount_smbhome'] = array('type' => 'regex_i', 'regex' => $this->regex_homedir,
|
$return['profile_checks']['sambaAccount_smbhome'] = array('type' => 'regex_i', 'regex' => 'UNC',
|
||||||
'error_message' => $this->messages['homedir']);
|
'error_message' => $this->messages['homePath'][0]);
|
||||||
$return['profile_checks']['sambaAccount_profilePath'] = array('type' => 'regex_i', 'regex' => $this->regex_profilePath,
|
$return['profile_checks']['sambaAccount_profilePath'] = array('type' => 'regex_i', 'regex' => 'UNC',
|
||||||
'error_message' => $this->messages['profilePath']);
|
'error_message' => $this->messages['profilePath'][0]);
|
||||||
$return['profile_checks']['sambaAccount_scriptPath'] = array('type' => 'regex_i', 'regex' => $this->regex_logonScript,
|
$return['profile_checks']['sambaAccount_scriptPath'] = array('type' => 'regex_i', 'regex' => 'logonScript',
|
||||||
'error_message' => $this->messages['logonScript']);
|
'error_message' => $this->messages['logonScript'][0]);
|
||||||
$return['profile_checks']['sambaAccount_userWorkstations'] = array('type' => 'regex_i', 'regex' => $this->regex_workstations,
|
$return['profile_checks']['sambaAccount_userWorkstations'] = array('type' => 'regex_i', 'regex' => 'unixhost',
|
||||||
'error_message' => $this->messages['workstations']);
|
'error_message' => $this->messages['workstations'][0]);
|
||||||
$return['profile_checks']['sambaAccount_domain'] = array('type' => 'regex_i', 'regex' => $this->regex_domain,
|
$return['profile_checks']['sambaAccount_domain'] = array('type' => 'regex_i', 'regex' => 'domainname',
|
||||||
'error_message' => $this->messages['domain']);
|
'error_message' => $this->messages['domain'][0]);
|
||||||
// available PDF fields
|
// available PDF fields
|
||||||
$return['PDF_fields'] = array( 'displayName',
|
$return['PDF_fields'] = array( 'displayName',
|
||||||
'uid',
|
'uid',
|
||||||
|
@ -189,31 +170,11 @@ class sambaAccount extends baseModule {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Variables
|
// Variables
|
||||||
// This variable contains all inetOrgPerson attributes
|
|
||||||
var $attributes;
|
|
||||||
/* If an account was loaded all attributes are kept in this array
|
|
||||||
* to compare it with new changed attributes
|
|
||||||
*/
|
|
||||||
var $orig;
|
|
||||||
// use unix password as samba password?
|
// use unix password as samba password?
|
||||||
var $useunixpwd;
|
var $useunixpwd;
|
||||||
// Array of well known rids
|
// Array of well known rids
|
||||||
var $rids;
|
var $rids;
|
||||||
|
|
||||||
/** regular expression for home directory */
|
|
||||||
var $regex_homedir = '^[\][\]([a-z0-9\\.%-])+([\]([a-z0-9\\.%<25><>\$-])+)+$';
|
|
||||||
/** regular expression for profile path */
|
|
||||||
var $regex_profilePath = '^([\][\]([a-zA-Z0-9\\.%-])+([\]([a-z0-9\\.%-])+)+)|([/][a-z]([a-z0-9\\._%-])*([/][a-z]([a-z0-9\\._%-])*)*)$';
|
|
||||||
/** regular expression for logon script */
|
|
||||||
var $regex_logonScript = '^([/])*([a-z0-9\\._%<25><>])+([/]([a-z0-9\\._%<25><>])+)*((\\.bat)|(\\.cmd))$';
|
|
||||||
/** regular expression for allowed workstations */
|
|
||||||
var $regex_workstations = '^([a-z0-9\\._-])+(,[a-z0-9\\._-])*$';
|
|
||||||
/** regular expression for domain name */
|
|
||||||
var $regex_domain = '^([a-z0-9_-])+$';
|
|
||||||
|
|
||||||
/** list of possible error messages */
|
|
||||||
var $messages = array();
|
|
||||||
|
|
||||||
/* $attribute['lmPassword'] and ntPassword can't accessed directly because it's enrcypted
|
/* $attribute['lmPassword'] and ntPassword can't accessed directly because it's enrcypted
|
||||||
* To read / write password function userPassword is needed
|
* To read / write password function userPassword is needed
|
||||||
* This function will return the unencrypted password when
|
* This function will return the unencrypted password when
|
||||||
|
@ -287,26 +248,7 @@ class sambaAccount extends baseModule {
|
||||||
* $attr is an array as it's retured from ldap_get_attributes
|
* $attr is an array as it's retured from ldap_get_attributes
|
||||||
*/
|
*/
|
||||||
function load_attributes($attr) {
|
function load_attributes($attr) {
|
||||||
// Load attributes which are displayed
|
$this->load_ldap_attributes($attr);
|
||||||
// unset count entries
|
|
||||||
unset ($attr['count']);
|
|
||||||
$attributes = array_keys($attr);
|
|
||||||
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
|
|
||||||
// unset double entries
|
|
||||||
for ($i=0; $i<count($attr); $i++)
|
|
||||||
if (isset($attr[$i])) unset($attr[$i]);
|
|
||||||
foreach ($attributes as $attribute) {
|
|
||||||
if (isset($this->attributes[$attribute])) {
|
|
||||||
// decode as unicode
|
|
||||||
$this->attributes[$attribute] = $attr[$attribute];
|
|
||||||
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
|
|
||||||
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Values are kept as copy so we can compare old attributes with new attributes
|
|
||||||
$this->attributes['objectClass'][0] = 'sambaAccount';
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -410,7 +352,7 @@ class sambaAccount extends baseModule {
|
||||||
|
|
||||||
if (isset($post['lmPassword'])) {
|
if (isset($post['lmPassword'])) {
|
||||||
if ($post['lmPassword'] != $post['lmPassword2']) {
|
if ($post['lmPassword'] != $post['lmPassword2']) {
|
||||||
$errors['lmPassword'][] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
$errors['lmPassword'][] = $this->messages['lmPassword'][0];
|
||||||
unset ($post['lmPassword2']);
|
unset ($post['lmPassword2']);
|
||||||
}
|
}
|
||||||
else $this->lmPassword($post['lmPassword']);
|
else $this->lmPassword($post['lmPassword']);
|
||||||
|
@ -419,31 +361,30 @@ class sambaAccount extends baseModule {
|
||||||
$this->attributes['rid'][0] = "500";
|
$this->attributes['rid'][0] = "500";
|
||||||
// Do a check if an administrator already exists
|
// Do a check if an administrator already exists
|
||||||
if ($_SESSION['cache']->in_cache("500", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
|
if ($_SESSION['cache']->in_cache("500", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
|
||||||
$errors['rid'][] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
|
$errors['rid'][] = $this->messages['rid'][0];
|
||||||
}
|
}
|
||||||
if ($post['rid']== _('Guest')) {
|
if ($post['rid']== _('Guest')) {
|
||||||
$this->attributes['rid'][0] = "501";
|
$this->attributes['rid'][0] = "501";
|
||||||
// Do a check if an administrator already exists
|
// Do a check if an administrator already exists
|
||||||
if ($_SESSION['cache']->in_cache("501", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
|
if ($_SESSION['cache']->in_cache("501", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
|
||||||
$errors['rid'][] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
|
$errors['rid'][] = $this->messages['rid'][1];
|
||||||
}
|
}
|
||||||
$this->attributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['smbHome'][0]);
|
$this->attributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['smbHome'][0]);
|
||||||
$this->attributes['smbHome'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['smbHome'][0]);
|
$this->attributes['smbHome'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['smbHome'][0]);
|
||||||
if ($this->attributes['smbHome'][0] != stripslashes($post['smbHome'])) $errors['smbHome'][] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
|
if ($this->attributes['smbHome'][0] != stripslashes($post['smbHome'])) $errors['smbHome'][] = $this->messages['homePath'][1];
|
||||||
$this->attributes['scriptPath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['scriptPath'][0]);
|
$this->attributes['scriptPath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['scriptPath'][0]);
|
||||||
$this->attributes['scriptPath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['scriptPath'][0]);
|
$this->attributes['scriptPath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['scriptPath'][0]);
|
||||||
if ($this->attributes['scriptPath'][0] != stripslashes($post['scriptPath'])) $errors['scriptPath'][] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.'));
|
if ($this->attributes['scriptPath'][0] != stripslashes($post['scriptPath'])) $errors['scriptPath'][] = $this->messages['logonScript'][1];
|
||||||
$this->attributes['profilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['profilePath'][0]);
|
$this->attributes['profilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['profilePath'][0]);
|
||||||
$this->attributes['profilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['profilePath'][0]);
|
$this->attributes['profilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['profilePath'][0]);
|
||||||
if ($this->attributes['profiletPath'][0] != stripslashes($post['profilePath'])) $errors['profilePath'][] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
|
if ($this->attributes['profiletPath'][0] != stripslashes($post['profilePath'])) $errors['profilePath'][] = $this->messages['profilePath'][1];
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
|
if ( !get_preg($this->lmPassword(), 'passord')) $errors['lmPassword'][] = $this->messages['lmPassword'][1];
|
||||||
$this->lmPassword())) $errors['lmPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
if ( (!$this->attributes['smbHome'][0]=='') && (!get_preg($this->attributes['smbHome'][0], 'UNC')))
|
||||||
if ( (!$this->attributes['smbHome'][0]=='') && (!eregi($this->regex_homedir, $this->attributes['smbHome'][0])))
|
$errors['smbHome'][] = $this->messages['homedir'][0];
|
||||||
$errors['smbHome'][] = $this->messages['homedir'];
|
if ( (!$this->attributes['scriptPath'][0]=='') && (!get_preg($this->attributes['scriptPath'][0], 'logonscript')))
|
||||||
if ( (!$this->attributes['scriptPath'][0]=='') && (!eregi($this->regex_logonScript, $this->attributes['scriptPath'][0])))
|
$errors['scriptPath'][] = $this->messages['logonScript'][0];
|
||||||
$errors['scriptPath'][] = $this->messages['logonScript'];
|
if ( (!$this->attributes['profilePath'][0]=='') && (!get_preg($this->attributes['profilePath'][0], 'UNC')))
|
||||||
if ( (!$this->attributes['profilePath'][0]=='') && (!eregi($this->regex_profilePath, $this->attributes['profilePath'][0])))
|
$errors['profilePath'][] = $this->messages['profilePath'][0];
|
||||||
$errors['profilePath'][] = $this->messages['profilePath'];
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$smbHome = str_replace('$user', 'user', $this->attributes['smbHome'][0]);
|
$smbHome = str_replace('$user', 'user', $this->attributes['smbHome'][0]);
|
||||||
|
@ -452,22 +393,21 @@ class sambaAccount extends baseModule {
|
||||||
$scriptPath = str_replace('$group', 'group', $scriptPath);
|
$scriptPath = str_replace('$group', 'group', $scriptPath);
|
||||||
$profilePath = str_replace('$user', 'user', $this->attributes['profilePath'][0]);
|
$profilePath = str_replace('$user', 'user', $this->attributes['profilePath'][0]);
|
||||||
$profilePath = str_replace('$group', 'group', $profilePath);
|
$profilePath = str_replace('$group', 'group', $profilePath);
|
||||||
if ( (!$smbHome=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[<5B>|[<5B>|[<5B>|[<5B>|[]|[<5B>|[<5B>)+)+$', $smbHome)))
|
if ( (!$smbHome=='') && (!get_preg($smbHome, 'UNC')))
|
||||||
$errors['smbHome'][] = array('ERROR', _('Home path'), _('Home path is invalid.'));
|
$errors['smbHome'][] = $this->messages['homePath'][0];
|
||||||
if ( (!$scriptPath=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[<5B>|[<5B>|[<5B>|[<5B>|[]|[<5B>|[<5B>)+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[<5B>|[<5B>|[<5B>|[<5B>|[]|[<5B>|[<5B>)*'.
|
if ( (!$scriptPath=='') && (!get_preg($scriptPath, 'logonscript')))
|
||||||
'([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[<5B>|[<5B>|[<5B>|[<5B>|[]|[<5B>|[<5B>)+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[<5B>|[<5B>|[<5B>|[<5B>|[]|[<5B>|[<5B>)*)*(([.][b][a][t])|([.][c][m][d]))$', $scriptPath)))
|
$errors['scriptPath'][] = $this->messages['logonScript'][0];
|
||||||
$errors['scriptPath'][] = array('ERROR', _('Script path'), _('Script path is invalid!'));
|
if ( (!$profilePath=='') && (!get_preg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $profilePath))
|
||||||
if ( (!$profilePath=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $profilePath))
|
&& (!get_preg($profilePath, 'UNC')))
|
||||||
&& (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $profilePath)))
|
$errors['profilePath'][] = $this->messages['profilePath'][0];
|
||||||
$errors['profilePath'][] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($post['useunixpwd']) $this->useunixpwd = true;
|
if ($post['useunixpwd']) $this->useunixpwd = true;
|
||||||
else $this->useunixpwd = false;
|
else $this->useunixpwd = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((!$this->attributes['domain'][0]=='') && !eregi($this->regex_domain, $this->attributes['domain'][0]))
|
if ((!$this->attributes['domain'][0]=='') && !get_preg($this->attributes['domain'][0], 'domainname'))
|
||||||
$errors['domain'][] = $this->messages['domain'];
|
$errors['domain'][] = $this->messages['domain'][0];
|
||||||
|
|
||||||
if (is_array($errors)) return $errors;
|
if (is_array($errors)) return $errors;
|
||||||
if ($post['userWorkstations']) return 'userWorkstations';
|
if ($post['userWorkstations']) return 'userWorkstations';
|
||||||
|
@ -541,7 +481,7 @@ class sambaAccount extends baseModule {
|
||||||
|
|
||||||
if (!$profile) {
|
if (!$profile) {
|
||||||
if ($this->attributes['lmPassword'][0] != $this->orig['lmPassword'][0]) $password=$this->lmPassword();
|
if ($this->attributes['lmPassword'][0] != $this->orig['lmPassword'][0]) $password=$this->lmPassword();
|
||||||
else $password='';
|
else if ($this->attributes['lmPassword'][0] != '') $password=$post['lmPassword'];
|
||||||
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Samba password') ),
|
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Samba password') ),
|
||||||
1 => array ( 'kind' => 'input', 'name' => 'lmPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password));
|
1 => array ( 'kind' => 'input', 'name' => 'lmPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password));
|
||||||
if ($post['lmPassword2']!='') $password2 = $post['lmPassword2'];
|
if ($post['lmPassword2']!='') $password2 = $post['lmPassword2'];
|
||||||
|
|
|
@ -229,8 +229,8 @@ class sambaGroupMapping extends baseModule {
|
||||||
|
|
||||||
/** this functin fills the error message array with messages
|
/** this functin fills the error message array with messages
|
||||||
**/
|
**/
|
||||||
function load_errorMessages() {
|
function load_Messages() {
|
||||||
$this->errormessages['sambaSID'][0] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID');
|
$this->messages['sambaSID'][0] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -290,7 +290,7 @@ class sambaGroupMapping extends baseModule {
|
||||||
$this->attributes['sambaSID'][0] = $SID."-".$this->rids[$rids[$i]];
|
$this->attributes['sambaSID'][0] = $SID."-".$this->rids[$rids[$i]];
|
||||||
// Do a check if special grou pis unique
|
// Do a check if special grou pis unique
|
||||||
if ($_SESSION['cache']->in_cache($SID."-".$this->rids[$rids[$i]], 'sambaSID', 'group'))
|
if ($_SESSION['cache']->in_cache($SID."-".$this->rids[$rids[$i]], 'sambaSID', 'group'))
|
||||||
$errors[] = $this->errormessages['sambaSID'][0];
|
$errors[] = $this->messages['sambaSID'][0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!$wrid) $this->attributes['sambaSID'][0] = $SID . "-" . ($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2+$RIDbase+1);
|
if (!$wrid) $this->attributes['sambaSID'][0] = $SID . "-" . ($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2+$RIDbase+1);
|
||||||
|
|
|
@ -20,38 +20,6 @@ $Id$
|
||||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* Session variables which are used:
|
|
||||||
* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached
|
|
||||||
*
|
|
||||||
* Coockie variables which are used:
|
|
||||||
* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords.
|
|
||||||
*
|
|
||||||
* Variables in basearray which are no objects:
|
|
||||||
* type: Type of account. Can be user, group, host
|
|
||||||
* attributes: List of all attributes, how to get them and are theiy required or optional
|
|
||||||
* dn: current DN without uid= or cn=
|
|
||||||
* dn_orig: old DN if account was loaded with uid= or cn=
|
|
||||||
|
|
||||||
* External functions which are used
|
|
||||||
* account.inc: findgroups, incache, get_cache, array_delete, getshells
|
|
||||||
* ldap.inc: pwd_is_enabled, pwd_hash
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* This class contains all sambaSamAccount LDAP attributes
|
|
||||||
* and funtioncs required to deal with sambaSamAccount
|
|
||||||
* sambaSamAccount can only be created when it should be added
|
|
||||||
* to an array.
|
|
||||||
* basearray is the same array sambaSamAccount should be added
|
|
||||||
* to. If basearray is not given the constructor tries to
|
|
||||||
* create an array with sambaSamAccount and all other required
|
|
||||||
* objects.
|
|
||||||
* Example: $user[] = new sambaSamAccount($user);
|
|
||||||
*
|
|
||||||
* In container array the following things have to exist:
|
|
||||||
* account or inetOrgPerson object
|
|
||||||
* type: 'user' or 'host'
|
|
||||||
* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account
|
|
||||||
*/
|
|
||||||
class sambaSamAccount extends baseModule {
|
class sambaSamAccount extends baseModule {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -60,15 +28,27 @@ class sambaSamAccount extends baseModule {
|
||||||
* @param string $scope account type (user, group, host)
|
* @param string $scope account type (user, group, host)
|
||||||
*/
|
*/
|
||||||
function sambaSamAccount($scope) {
|
function sambaSamAccount($scope) {
|
||||||
// error messages for input checks
|
|
||||||
$this->messages['homedir'] = array('ERROR', _('Home path'), _('Home path is invalid.'));
|
|
||||||
$this->messages['profilePath'] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
|
|
||||||
$this->messages['logonScript'] = array('ERROR', _('Script path'), _('Script path is invalid!'));
|
|
||||||
$this->messages['workstations'] = array('ERROR', _('Samba workstations'), _('Please enter a comma separated list of host names!'));
|
|
||||||
// call parent constructor
|
// call parent constructor
|
||||||
parent::baseModule($scope);
|
parent::baseModule($scope);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** this functin fills the error message array with messages
|
||||||
|
**/
|
||||||
|
function load_Messages() {
|
||||||
|
// error messages for input checks
|
||||||
|
$this->messages['homePath'][0] = array('ERROR', _('Home path'), _('Home path is invalid.'));
|
||||||
|
$this->messages['homePath'][1] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
|
||||||
|
$this->messages['profilePath'][0] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
|
||||||
|
$this->messages['profilePath'][1] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
|
||||||
|
$this->messages['logonScript'][0] = array('ERROR', _('Script path'), _('Script path is invalid!'));
|
||||||
|
$this->messages['logonScript'][1] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.'));
|
||||||
|
$this->messages['workstations'][0] = array('ERROR', _('Samba workstations'), _('Please enter a comma separated list of host names!'));
|
||||||
|
$this->messages['sambaLMPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'), 'sambaLMPassword');
|
||||||
|
$this->messages['sambaLMPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
||||||
|
$this->messages['rid'][0] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
|
||||||
|
$this->messages['rid'][1] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns meta data that is interpreted by parent class
|
* Returns meta data that is interpreted by parent class
|
||||||
*
|
*
|
||||||
|
@ -89,14 +69,14 @@ class sambaSamAccount extends baseModule {
|
||||||
// module dependencies
|
// module dependencies
|
||||||
$return['dependencies'] = array('depends' => array('posixAccount'), 'conflicts' => array());
|
$return['dependencies'] = array('depends' => array('posixAccount'), 'conflicts' => array());
|
||||||
// profile checks
|
// profile checks
|
||||||
$return['profile_checks']['sambaSamAccount_smbhome'] = array('type' => 'regex_i', 'regex' => $this->regex_homedir,
|
$return['profile_checks']['sambaSamAccount_smbhome'] = array('type' => 'regex_i', 'regex' => 'UNC',
|
||||||
'error_message' => $this->messages['homedir']);
|
'error_message' => $this->messages['homePath'][0]);
|
||||||
$return['profile_checks']['sambaSamAccount_profilePath'] = array('type' => 'regex_i', 'regex' => $this->regex_profilePath,
|
$return['profile_checks']['sambaSamAccount_profilePath'] = array('type' => 'regex_i', 'regex' => 'UNC',
|
||||||
'error_message' => $this->messages['profilePath']);
|
'error_message' => $this->messages['profilePath'][0]);
|
||||||
$return['profile_checks']['sambaSamAccount_logonScript'] = array('type' => 'regex_i', 'regex' => $this->regex_logonScript,
|
$return['profile_checks']['sambaSamAccount_logonScript'] = array('type' => 'regex_i', 'regex' => 'logonscript',
|
||||||
'error_message' => $this->messages['logonScript']);
|
'error_message' => $this->messages['logonScript'][0]);
|
||||||
$return['profile_checks']['sambaSamAccount_userWorkstations'] = array('type' => 'regex_i', 'regex' => $this->regex_workstations,
|
$return['profile_checks']['sambaSamAccount_userWorkstations'] = array('type' => 'regex_i', 'regex' => 'unixhost',
|
||||||
'error_message' => $this->messages['workstations']);
|
'error_message' => $this->messages['workstations'][0]);
|
||||||
// available PDF fields
|
// available PDF fields
|
||||||
$return['PDF_fields'] = array( 'displayName',
|
$return['PDF_fields'] = array( 'displayName',
|
||||||
'uid',
|
'uid',
|
||||||
|
@ -122,30 +102,12 @@ class sambaSamAccount extends baseModule {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Variables
|
// Variables
|
||||||
// This variable contains all inetOrgPerson attributes
|
|
||||||
var $attributes;
|
|
||||||
/* If an account was loaded all attributes are kept in this array
|
|
||||||
* to compare it with new changed attributes
|
|
||||||
*/
|
|
||||||
var $orig;
|
|
||||||
// use unix password as samba password?
|
// use unix password as samba password?
|
||||||
var $useunixpwd;
|
var $useunixpwd;
|
||||||
// Array of well known rids
|
// Array of well known rids
|
||||||
var $rids;
|
var $rids;
|
||||||
|
|
||||||
|
|
||||||
/** regular expression for home directory */
|
|
||||||
var $regex_homedir = '^[\][\]([a-z0-9\\.%-])+([\]([a-z0-9\\.%<25><>\$-])+)+$';
|
|
||||||
/** regular expression for profile path */
|
|
||||||
var $regex_profilePath = '^([\][\]([a-zA-Z0-9\\.%-])+([\]([a-z0-9\\.%-])+)+)|([/][a-z]([a-z0-9\\._%-])*([/][a-z]([a-z0-9\\._%-])*)*)$';
|
|
||||||
/** regular expression for logon script */
|
|
||||||
var $regex_logonScript = '^([/])*([a-z0-9\\._%<25><>])+([/]([a-z0-9\\._%<25><>])+)*((\\.bat)|(\\.cmd))$';
|
|
||||||
/** regular expression for allowed workstations */
|
|
||||||
var $regex_workstations = '^([a-z0-9\\._-])+(,[a-z0-9\\._-])*$';
|
|
||||||
|
|
||||||
/** list of possible error messages */
|
|
||||||
var $messages = array();
|
|
||||||
|
|
||||||
/* $attribute['sambaLMPassword'] and sambaNTPassword can't accessed directly because it's enrcypted
|
/* $attribute['sambaLMPassword'] and sambaNTPassword can't accessed directly because it's enrcypted
|
||||||
* To read / write password function userPassword is needed
|
* To read / write password function userPassword is needed
|
||||||
* This function will return the unencrypted password when
|
* This function will return the unencrypted password when
|
||||||
|
@ -220,26 +182,7 @@ class sambaSamAccount extends baseModule {
|
||||||
* $attr is an array as it's retured from ldap_get_attributes
|
* $attr is an array as it's retured from ldap_get_attributes
|
||||||
*/
|
*/
|
||||||
function load_attributes($attr) {
|
function load_attributes($attr) {
|
||||||
// Load attributes which are displayed
|
$this->load_ldap_attributes($attr);
|
||||||
// unset count entries
|
|
||||||
unset ($attr['count']);
|
|
||||||
$attributes = array_keys($attr);
|
|
||||||
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
|
|
||||||
// unset double entries
|
|
||||||
for ($i=0; $i<count($attr); $i++)
|
|
||||||
if (isset($attr[$i])) unset($attr[$i]);
|
|
||||||
foreach ($attributes as $attribute) {
|
|
||||||
if (isset($this->attributes[$attribute])) {
|
|
||||||
// decode as unicode
|
|
||||||
$this->attributes[$attribute] = $attr[$attribute];
|
|
||||||
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
|
|
||||||
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Values are kept as copy so we can compare old attributes with new attributes
|
|
||||||
$this->attributes['objectClass'][0] = 'sambaSamAccount';
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -354,7 +297,7 @@ class sambaSamAccount extends baseModule {
|
||||||
|
|
||||||
if (isset($post['sambaLMPassword']) && !$profile) {
|
if (isset($post['sambaLMPassword']) && !$profile) {
|
||||||
if ($post['sambaLMPassword'] != $post['sambaLMPassword2']) {
|
if ($post['sambaLMPassword'] != $post['sambaLMPassword2']) {
|
||||||
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'), 'sambaLMPassword');
|
$errors[] = $this->messages['sambaLMPassword'][0];
|
||||||
unset ($post['sambaLMPassword2']);
|
unset ($post['sambaLMPassword2']);
|
||||||
}
|
}
|
||||||
else $this->sambaLMPassword($post['sambaLMPassword']);
|
else $this->sambaLMPassword($post['sambaLMPassword']);
|
||||||
|
@ -367,13 +310,13 @@ class sambaSamAccount extends baseModule {
|
||||||
$this->attributes['sambaSID'][0] = $SID."-500";
|
$this->attributes['sambaSID'][0] = $SID."-500";
|
||||||
// Do a check if an administrator already exists
|
// Do a check if an administrator already exists
|
||||||
if ($_SESSION['cache']->in_cache($SID."-500", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
|
if ($_SESSION['cache']->in_cache($SID."-500", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
|
||||||
$errors['sambaSID'][] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
|
$errors['sambaSID'][] = $this->messages['rid'][0];
|
||||||
}
|
}
|
||||||
if ($post['sambaSID']== _('Guest')) {
|
if ($post['sambaSID']== _('Guest')) {
|
||||||
$this->attributes['sambaSID'][0] = $SID."-501";
|
$this->attributes['sambaSID'][0] = $SID."-501";
|
||||||
// Do a check if an administrator already exists
|
// Do a check if an administrator already exists
|
||||||
if ($_SESSION['cache']->in_cache($SID."-501", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
|
if ($_SESSION['cache']->in_cache($SID."-501", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
|
||||||
$errors['sambaSID'][] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
|
$errors['sambaSID'][] = $this->messages['rid'][1];
|
||||||
}
|
}
|
||||||
// Check values
|
// Check values
|
||||||
$this->attributes['sambaHomePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaHomePath'][0]);
|
$this->attributes['sambaHomePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaHomePath'][0]);
|
||||||
|
@ -385,14 +328,13 @@ class sambaSamAccount extends baseModule {
|
||||||
$this->attributes['sambaProfilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaProfilePath'][0]);
|
$this->attributes['sambaProfilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaProfilePath'][0]);
|
||||||
$this->attributes['sambaProfilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaProfilePath'][0]);
|
$this->attributes['sambaProfilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaProfilePath'][0]);
|
||||||
if ($this->attributes['sambaProfiletPath'][0] != stripslashes($post['sambaProfilePath'])) $errors['sambaProfilePath'][] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
|
if ($this->attributes['sambaProfiletPath'][0] != stripslashes($post['sambaProfilePath'])) $errors['sambaProfilePath'][] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
|
||||||
if ( (!$this->attributes['sambaHomePath'][0]=='') && (!ereg($this->regex_homedir, $this->attributes['sambaHomePath'][0])))
|
if ( (!$this->attributes['sambaHomePath'][0]=='') && (!get_preg($this->attributes['sambaHomePath'][0], 'UNC')))
|
||||||
$errors['sambaHomePath'][] = $this->messages['homedir'];
|
$errors['sambaHomePath'][] = $this->messages['homePath'][0];
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
|
if ( !get_preg($this->sambaLMPassword(), 'password')) $errors['sambaLMPassword'][] = $this->messages['sambaLMPassword'][1];
|
||||||
$this->sambaLMPassword())) $errors['sambaLMPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!get_preg($this->attributes['sambaLogonScript'][0], 'logonscript')))
|
||||||
if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!ereg($this->regex_logonScript, $this->attributes['sambaLogonScript'][0])))
|
$errors['sambaScriptPath'][] = $this->messages['logonScript'][0];
|
||||||
$errors['sambaScriptPath'][] = $this->messages['logonScript'];
|
if (!($this->attributes['sambaProfilePath'][0] == '') && !get_preg($this->attributes['sambaProfilePath'][0], 'UNC'))
|
||||||
if (!($this->attributes['sambaProfilePath'][0] == '') && !ereg($this->regex_profilePath, $this->attributes['sambaProfilePath'][0]))
|
$errors['sambaProfilePath'][] = $this->messages['profilePath'][0];
|
||||||
$errors['sambaProfilePath'][] = $this->messages['profilePath'];
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$sambaHomePath = str_replace('$user', 'user', $this->attributes['sambaHomePath'][0]);
|
$sambaHomePath = str_replace('$user', 'user', $this->attributes['sambaHomePath'][0]);
|
||||||
|
@ -401,16 +343,14 @@ class sambaSamAccount extends baseModule {
|
||||||
$sambaLogonScript = str_replace('$group', 'group', $sambaLogonScript);
|
$sambaLogonScript = str_replace('$group', 'group', $sambaLogonScript);
|
||||||
$sambaProfilePath = str_replace('$user', 'user', $this->attributes['sambaProfilePath'][0]);
|
$sambaProfilePath = str_replace('$user', 'user', $this->attributes['sambaProfilePath'][0]);
|
||||||
$sambaProfilePath = str_replace('$group', 'group', $sambaProfilePath);
|
$sambaProfilePath = str_replace('$group', 'group', $sambaProfilePath);
|
||||||
if ( (!$this->attributes['sambaHomePath'][0]=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+)+$', $this->attributes['sambaHomePath'][0])))
|
if ( (!$this->attributes['sambaHomePath'][0]=='') && (!get_preg($this->attributes['sambaHomePath'][0], 'UNC')))
|
||||||
$errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'), 'sambaHomePath');
|
$errors[] = $this->messages['homePath'][0];
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
|
if ( !get_preg($this->sambaLMPassword(), 'UNC')) $errors[] = $this->messages['sambaLMPassword'][1];
|
||||||
$this->sambaLMPassword())) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'), 'sambaLMPassword');
|
if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!get_preg($this->attributes['sambaLogonScript'][0], 'logonscript')))
|
||||||
if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])*'.
|
$errors[] = $this->messages['logonScript'][0];
|
||||||
'([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])*)*(([.][b][a][t])|([.][c][m][d]))$', $this->attributes['sambaLogonScript'][0])))
|
if ( (!$this->attributes['sambaProfilePath'][0]=='') && (!get_preg($this->attributes['sambaProfilePath'][0], 'UNC'))
|
||||||
$errors[] = array('ERROR', _('Script path'), _('Script path is invalid!'), 'sambaScriptPath');
|
&& (!get_preg($this->attributes['sambaProfilePath'][0], 'UNC')))
|
||||||
if ( (!$this->attributes['sambaProfilePath'][0]=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $this->attributes['sambaProfilePath'][0]))
|
$errors[] = $this->messages['profilePath'][0];
|
||||||
&& (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $this->attributes['sambaProfilePath'][0])))
|
|
||||||
$errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!'), 'sambaProfilePath');
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (is_array($errors)) return $errors;
|
if (is_array($errors)) return $errors;
|
||||||
|
@ -491,8 +431,8 @@ class sambaSamAccount extends baseModule {
|
||||||
5 => array ( 'kind' => 'input', 'name' => 'sambaPwdMustChange_s', 'type' => 'hidden', 'value' => $mustchangedate['seconds']),
|
5 => array ( 'kind' => 'input', 'name' => 'sambaPwdMustChange_s', 'type' => 'hidden', 'value' => $mustchangedate['seconds']),
|
||||||
6 => array ( 'kind' => 'input', 'name' => 'sambaAcctFlagsU', 'type' => 'hidden', 'value' => 'true'));
|
6 => array ( 'kind' => 'input', 'name' => 'sambaAcctFlagsU', 'type' => 'hidden', 'value' => 'true'));
|
||||||
if (!$profile) {
|
if (!$profile) {
|
||||||
if ($this->attributes['lmPassword'][0] != $this->orig['lmPassword'][0]) $password=$this->sambaLMPassword();
|
if ($this->attributes['sambaLMPassword'][0] != $this->orig['sambaLMPassword'][0]) $password=$this->sambaLMPassword();
|
||||||
else $password='';
|
else if ($this->attributes['sambaLMPassword'][0] != '') $password=$post['sambaLMPassword'];
|
||||||
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Samba password') ),
|
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Samba password') ),
|
||||||
1 => array ( 'kind' => 'input', 'name' => 'sambaLMPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password));
|
1 => array ( 'kind' => 'input', 'name' => 'sambaLMPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password));
|
||||||
if ($post['sambaLMPassword2']!='') $password2 = $post['sambaLMPassword2'];
|
if ($post['sambaLMPassword2']!='') $password2 = $post['sambaLMPassword2'];
|
||||||
|
|
|
@ -20,38 +20,6 @@ $Id$
|
||||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* Session variables which are used:
|
|
||||||
* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached
|
|
||||||
*
|
|
||||||
* Coockie variables which are used:
|
|
||||||
* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords.
|
|
||||||
*
|
|
||||||
* Variables in basearray which are no objects:
|
|
||||||
* type: Type of account. Can be user, group, host
|
|
||||||
* attributes: List of all attributes, how to get them and are theiy required or optional
|
|
||||||
* dn: current DN without uid= or cn=
|
|
||||||
* dn_orig: old DN if account was loaded with uid= or cn=
|
|
||||||
|
|
||||||
* External functions which are used
|
|
||||||
* account.inc: findgroups, incache, get_cache, array_delete, getshells
|
|
||||||
* ldap.inc: pwd_is_enabled, pwd_hash
|
|
||||||
*/
|
|
||||||
|
|
||||||
/* This class contains all shadowAccount LDAP attributes
|
|
||||||
* and funtioncs required to deal with shadowAccount
|
|
||||||
* shadowAccount can only be created when it should be added
|
|
||||||
* to an array.
|
|
||||||
* basearray is the same array shadowAccount should be added
|
|
||||||
* to. If basearray is not given the constructor tries to
|
|
||||||
* create an array with shadowAccount and all other required
|
|
||||||
* objects.
|
|
||||||
* Example: $user[] = new shadowAccount($user);
|
|
||||||
*
|
|
||||||
* In container array the following things have to exist:
|
|
||||||
* account or inetOrgPerson object
|
|
||||||
* type: 'user' or 'host'
|
|
||||||
* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account
|
|
||||||
*/
|
|
||||||
class shadowAccount extends baseModule {
|
class shadowAccount extends baseModule {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -60,16 +28,21 @@ class shadowAccount extends baseModule {
|
||||||
* @param string $scope account type (user, group, host)
|
* @param string $scope account type (user, group, host)
|
||||||
*/
|
*/
|
||||||
function shadowAccount($scope) {
|
function shadowAccount($scope) {
|
||||||
// error messages for input checks
|
|
||||||
$this->messages['shadowMin'] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.'));
|
|
||||||
$this->messages['shadowMax'] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.'));
|
|
||||||
$this->messages['inactive'] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.'));
|
|
||||||
$this->messages['shadowWarning'] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.'));
|
|
||||||
$this->messages['shadow_cmp'] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.'));
|
|
||||||
// call parent constructor
|
// call parent constructor
|
||||||
parent::baseModule($scope);
|
parent::baseModule($scope);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** this functin fills the error message array with messages
|
||||||
|
**/
|
||||||
|
function load_Messages() {
|
||||||
|
// error messages for input checks
|
||||||
|
$this->messages['shadowMin'][0] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.'));
|
||||||
|
$this->messages['shadowMax'][0] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.'));
|
||||||
|
$this->messages['inactive'][0] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.'));
|
||||||
|
$this->messages['shadowWarning'][0] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.'));
|
||||||
|
$this->messages['shadow_cmp'][0] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.'));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns meta data that is interpreted by parent class
|
* Returns meta data that is interpreted by parent class
|
||||||
*
|
*
|
||||||
|
@ -125,16 +98,16 @@ class shadowAccount extends baseModule {
|
||||||
2 => array('kind' => 'help', 'value' => 'TODO'))
|
2 => array('kind' => 'help', 'value' => 'TODO'))
|
||||||
);
|
);
|
||||||
// profile checks
|
// profile checks
|
||||||
$return['profile_checks']['shadowAccount_shadowMin'] = array('type' => 'regex', 'regex' => $this->regex_number,
|
$return['profile_checks']['shadowAccount_shadowMin'] = array('type' => 'regex', 'regex' => 'digit',
|
||||||
'error_message' => $this->messages['shadowMin']);
|
'error_message' => $this->messages['shadowMin'][0]);
|
||||||
$return['profile_checks']['shadowAccount_shadowMax'] = array('type' => 'regex', 'regex' => $this->regex_number,
|
$return['profile_checks']['shadowAccount_shadowMax'] = array('type' => 'regex', 'regex' => 'digit',
|
||||||
'error_message' => $this->messages['shadowMax']);
|
'error_message' => $this->messages['shadowMax'][0]);
|
||||||
$return['profile_checks']['shadowAccount_cmp'] = array('type' => 'int_greater', 'cmp_name1' => 'shadowAccount_shadowMax',
|
$return['profile_checks']['shadowAccount_cmp'] = array('type' => 'int_greater', 'cmp_name1' => 'shadowAccount_shadowMax',
|
||||||
'cmp_name2' => 'shadowAccount_shadowMin', 'error_message' => $this->messages['shadow_cmp']);
|
'cmp_name2' => 'shadowAccount_shadowMin', 'error_message' => $this->messages['shadow_cmp'][0]);
|
||||||
$return['profile_checks']['shadowAccount_shadowInactive'] = array('type' => 'regex', 'regex' => $this->regex_inactive,
|
$return['profile_checks']['shadowAccount_shadowInactive'] = array('type' => 'regex', 'regex' => 'digit2',
|
||||||
'error_message' => $this->messages['inactive']);
|
'error_message' => $this->messages['inactive'][0]);
|
||||||
$return['profile_checks']['shadowAccount_shadowWarning'] = array('type' => 'regex', 'regex' => $this->regex_number,
|
$return['profile_checks']['shadowAccount_shadowWarning'] = array('type' => 'regex', 'regex' => 'digit',
|
||||||
'error_message' => $this->messages['shadowWarning']);
|
'error_message' => $this->messages['shadowWarning'][0]);
|
||||||
// available PDF fields
|
// available PDF fields
|
||||||
$return['PDF_fields'] = array( 'shadowLastChange',
|
$return['PDF_fields'] = array( 'shadowLastChange',
|
||||||
'shadowWarning',
|
'shadowWarning',
|
||||||
|
@ -158,21 +131,6 @@ class shadowAccount extends baseModule {
|
||||||
parent::init($base);
|
parent::init($base);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Variables
|
|
||||||
// This variable contains all inetOrgPerson attributes
|
|
||||||
var $attributes;
|
|
||||||
/* If an account was loaded all attributes are kept in this array
|
|
||||||
* to compare it with new changed attributes
|
|
||||||
*/
|
|
||||||
var $orig;
|
|
||||||
|
|
||||||
/** regular expression for numeric values */
|
|
||||||
var $regex_number = '^([0-9])*$';
|
|
||||||
/** regular expression for shasowInactive */
|
|
||||||
var $regex_inactive = '^(([-][1])|([0-9]*))$';
|
|
||||||
|
|
||||||
/** list of possible error messages */
|
|
||||||
var $messages = array();
|
|
||||||
|
|
||||||
function module_ready() {
|
function module_ready() {
|
||||||
return true;
|
return true;
|
||||||
|
@ -207,26 +165,8 @@ class shadowAccount extends baseModule {
|
||||||
* $attr is an array as it's retured from ldap_get_attributes
|
* $attr is an array as it's retured from ldap_get_attributes
|
||||||
*/
|
*/
|
||||||
function load_attributes($attr) {
|
function load_attributes($attr) {
|
||||||
// Load attributes which are displayed
|
$this->load_ldap_attributes($attr);
|
||||||
// unset count entries
|
return 0;
|
||||||
unset ($attr['count']);
|
|
||||||
$attributes = array_keys($attr);
|
|
||||||
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
|
|
||||||
// unset double entries
|
|
||||||
for ($i=0; $i<count($attr); $i++)
|
|
||||||
if (isset($attr[$i])) unset($attr[$i]);
|
|
||||||
foreach ($attributes as $attribute) {
|
|
||||||
if (isset($this->attributes[$attribute])) {
|
|
||||||
// decode as unicode
|
|
||||||
$this->attributes[$attribute] = $attr[$attribute];
|
|
||||||
for ($i=0; $i<count($this->attributes[$attribute]); $i++) {
|
|
||||||
$this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
$this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Values are kept as copy so we can compare old attributes with new attributes
|
|
||||||
$this->attributes['objectClass'][0] = 'shadowAccount';
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This function returns an array with 3 entries:
|
/* This function returns an array with 3 entries:
|
||||||
|
@ -261,11 +201,11 @@ class shadowAccount extends baseModule {
|
||||||
$this->attributes['shadowExpire'][0] = intval(mktime(10, 0, 0, $post['shadowExpire_mon'],
|
$this->attributes['shadowExpire'][0] = intval(mktime(10, 0, 0, $post['shadowExpire_mon'],
|
||||||
$post['shadowExpire_day'], $post['shadowExpire_yea'])/3600/24);
|
$post['shadowExpire_day'], $post['shadowExpire_yea'])/3600/24);
|
||||||
|
|
||||||
if ( !ereg($this->regex_number, $this->attributes['shadowMin'][0])) $errors['shadowMin'][] = $this->messages['shadowMin'];
|
if ( !get_preg($this->attributes['shadowMin'][0], 'digit')) $errors['shadowMin'][] = $this->messages['shadowMin'][0];
|
||||||
if ( !ereg($this->regex_number, $this->attributes['shadowMax'][0])) $errors['shadowMax'][] = $this->messages['shadowMax'];
|
if ( !get_preg($this->attributes['shadowMax'][0], 'digit')) $errors['shadowMax'][] = $this->messages['shadowMax'][0];
|
||||||
if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0]) $errors['shadowMin'][] = $this->messages['shadow_cmp'];
|
if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0]) $errors['shadowMin'][] = $this->messages['shadow_cmp'][0];
|
||||||
if ( !ereg($this->regex_inactive, $this->attributes['shadowInactive'][0])) $errors['shadowInactive'][] = $this->messages['inactive'];
|
if ( !get_preg($this->attributes['shadowInactive'][0], 'digit2')) $errors['shadowInactive'][] = $this->messages['inactive'][0];
|
||||||
if ( !ereg($this->regex_number, $this->attributes['shadowWarning'][0])) $errors['shadowWarning'][] = $this->messages['shadowWarning'];
|
if ( !get_preg($this->attributes['shadowWarning'][0], 'digit')) $errors['shadowWarning'][] = $this->messages['shadowWarning'][0];
|
||||||
if (is_array($errors)) return $errors;
|
if (is_array($errors)) return $errors;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue