diff --git a/lam/lib/modules/windowsGroup.inc b/lam/lib/modules/windowsGroup.inc
index a3c930ba..ae9281ba 100644
--- a/lam/lib/modules/windowsGroup.inc
+++ b/lam/lib/modules/windowsGroup.inc
@@ -34,6 +34,41 @@ $Id$
*/
class windowsGroup extends baseModule {
+ /** possible group types (e.g. distribution) */
+ private $groupTypes;
+ /** possible group scopes (e.g. universal) */
+ private $groupScopes;
+
+ /** security group */
+ const TYPE_SECURITY = 'security';
+ /** email list */
+ const TYPE_DISTRIBUTION = 'distribution';
+ /** domain local group */
+ const SCOPE_DOMAIN_LOCAL = 'domain';
+ /** global group */
+ const SCOPE_GLOBAL = 'global';
+ /** universal group */
+ const SCOPE_UNIVERSAL = 'universal';
+
+ /**
+ * Creates a new module for Samba 3 groups.
+ *
+ * @param string $scope account type
+ */
+ function __construct($scope) {
+ $this->groupTypes = array(
+ _('Security') => windowsGroup::TYPE_SECURITY,
+ _('Distribution') => windowsGroup::TYPE_DISTRIBUTION,
+ );
+ $this->groupScopes = array(
+ _('Domain local') => windowsGroup::SCOPE_DOMAIN_LOCAL,
+ _('Global') => windowsGroup::SCOPE_GLOBAL,
+ _('Universal') => windowsGroup::SCOPE_UNIVERSAL,
+ );
+ // call parent constructor
+ parent::__construct($scope);
+ }
+
/**
* Returns meta data that is interpreted by parent class
*
@@ -60,7 +95,7 @@ class windowsGroup extends baseModule {
// managed object classes
$return['objectClasses'] = array('group');
// managed attributes
- $return['attributes'] = array('cn', 'description', 'info', 'mail', 'member', 'sAMAccountName');
+ $return['attributes'] = array('cn', 'description', 'info', 'mail', 'member', 'sAMAccountName', 'groupType');
// help Entries
$return['help'] = array(
'hiddenOptions' => array(
@@ -87,6 +122,18 @@ class windowsGroup extends baseModule {
"Headline" => _('Members'), 'attr' => 'member',
"Text" => _('This is a list of members of this group.')
),
+ 'memberList' => array(
+ "Headline" => _('Members'), 'attr' => 'member',
+ "Text" => _('This is a list of members of this group. Multiple members are separated by semicolons.')
+ ),
+ 'groupType' => array(
+ "Headline" => _('Group type'), 'attr' => 'groupType',
+ "Text" => _('Security groups are used for permission management and distribution groups as email lists.')
+ ),
+ 'groupScope' => array(
+ "Headline" => _('Group scope'), 'attr' => 'groupType',
+ "Text" => _('Please specify the group scope.')
+ ),
);
// configuration settings
$configContainer = new htmlTable();
@@ -100,6 +147,53 @@ class windowsGroup extends baseModule {
$return['config_options']['all'] = $configContainer;
// upload fields
$return['upload_columns'] = array(
+ array(
+ 'name' => 'windowsGroup_name',
+ 'description' => _('Group name'),
+ 'help' => 'cn',
+ 'example' => _('Domain administrators'),
+ 'required' => true
+ ),
+ array(
+ 'name' => 'windowsGroup_description',
+ 'description' => _('Description'),
+ 'help' => 'description',
+ 'example' => _('Domain administrators'),
+ ),
+ array(
+ 'name' => 'windowsGroup_notes',
+ 'description' => _('Notes'),
+ 'help' => 'info',
+ 'example' => _('Domain administrators'),
+ ),
+ array(
+ 'name' => 'windowsGroup_mail',
+ 'description' => _('Email address'),
+ 'help' => 'mail',
+ 'example' => _('group@company.com'),
+ ),
+ array(
+ 'name' => 'windowsGroup_scope',
+ 'description' => _('Group scope'),
+ 'help' => 'groupScope',
+ 'values' => implode(', ', array_values($this->groupScopes)),
+ 'example' => windowsGroup::SCOPE_GLOBAL,
+ 'default' => windowsGroup::SCOPE_GLOBAL,
+ ),
+ array(
+ 'name' => 'windowsGroup_type',
+ 'description' => _('Group type'),
+ 'help' => 'groupType',
+ 'values' => implode(', ', array_values($this->groupTypes)),
+ 'example' => windowsGroup::TYPE_SECURITY,
+ 'default' => windowsGroup::TYPE_SECURITY,
+ ),
+ array(
+ 'name' => 'windowsGroup_members',
+ 'description' => _('Members'),
+ 'help' => 'memberList',
+ 'example' => 'uid=user1,o=test;uid=user2,o=test',
+ ),
);
// available PDF fields
$return['PDF_fields'] = array(
@@ -107,6 +201,8 @@ class windowsGroup extends baseModule {
'description' => _('Description'),
'info' => _('Notes'),
'member' => _('Members'),
+ 'groupType' => _('Group type'),
+ 'groupScope' => _('Group scope'),
);
if (!$this->isBooleanConfigOptionSet('windowsGroup_hidemail')) {
$return['PDF_fields']['mail'] = _('Email address');
@@ -122,6 +218,8 @@ class windowsGroup extends baseModule {
$this->messages['cn'][1] = array('ERROR', _('Account %s:') . ' windowsGroup_cn', _('Group name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
$this->messages['mail'][0] = array('ERROR', _('Email address'), _('Please enter a valid email address!'));
$this->messages['mail'][1] = array('ERROR', _('Account %s:') . ' windowsGroup_mail', _('Please enter a valid email address!'));
+ $this->messages['groupScope'][0] = array('ERROR', _('Account %s:') . ' windowsGroup_groupScope', _('Please enter a valid group scope.'));
+ $this->messages['groupType'][0] = array('ERROR', _('Account %s:') . ' windowsGroup_groupType', _('Please enter a valid group type.'));
}
/**
@@ -136,6 +234,51 @@ class windowsGroup extends baseModule {
if (!$this->isBooleanConfigOptionSet('windowsGroup_hidemail')) {
$this->addSimpleInputTextField($container, 'mail', _('Email address'), false);
}
+ // group type
+ $groupType = windowsGroup::TYPE_SECURITY;
+ $groupScope = windowsGroup::SCOPE_GLOBAL;
+ if (isset($this->attributes['groupType'][0])) {
+ if ($this->attributes['groupType'][0] & 2) {
+ $groupScope = windowsGroup::SCOPE_GLOBAL;
+ }
+ elseif ($this->attributes['groupType'][0] & 4) {
+ $groupScope = windowsGroup::SCOPE_DOMAIN_LOCAL;
+ }
+ elseif ($this->attributes['groupType'][0] & 8) {
+ $groupScope = windowsGroup::SCOPE_UNIVERSAL;
+ }
+ if ($this->attributes['groupType'][0] & 0x80000000) {
+ $groupType = windowsGroup::TYPE_SECURITY;
+ }
+ else {
+ $groupType = windowsGroup::TYPE_DISTRIBUTION;
+ }
+ }
+ $scopeList = $this->groupScopes;
+ // do not allow invalid conversions
+ if (isset($this->orig['groupType'][0])) {
+ $flippedScopes = array_flip($this->groupScopes);
+ if ($this->orig['groupType'][0] & 2) {
+ // no change from global to domain local
+ unset($scopeList[$flippedScopes[windowsGroup::SCOPE_DOMAIN_LOCAL]]);
+ }
+ elseif ($this->orig['groupType'][0] & 4) {
+ // no change from domain local to global
+ unset($scopeList[$flippedScopes[windowsGroup::SCOPE_GLOBAL]]);
+ }
+ }
+ $groupScopeSelect = new htmlTableExtendedSelect('groupScope', $scopeList, array($groupScope), _('Group scope'), 'groupScope');
+ $groupScopeSelect->setHasDescriptiveElements(true);
+ $container->addElement($groupScopeSelect, true);
+ $groupTypeSelect = new htmlTableExtendedSelect('groupType', $this->groupTypes, array($groupType), _('Group type'), 'groupType');
+ $groupTypeSelect->setHasDescriptiveElements(true);
+ $container->addElement($groupTypeSelect, true);
+ // notes
+ $info = '';
+ if (isset($this->attributes['info'][0])) {
+ $info = $this->attributes['info'][0];
+ }
+ $container->addElement(new htmlTableExtendedInputTextarea('info', $info, 30, 5, _('Notes'), 'info'), true);
// group members
$container->addElement(new htmlSpacer(null, '10px'), true);
$container->addElement(new htmlOutputText(_("Group members")));
@@ -158,6 +301,7 @@ class windowsGroup extends baseModule {
}
$container->addElement(new htmlOutputText(''));
$container->addElement($members, true);
+ $container->addElement(new htmlEqualWidth(array('groupType', 'groupScope')));
return $container;
}
@@ -184,6 +328,24 @@ class windowsGroup extends baseModule {
$return[] = $this->messages['mail'][0];
}
}
+ // group scope
+ switch ($_POST['groupScope']) {
+ case windowsGroup::SCOPE_DOMAIN_LOCAL:
+ $this->attributes['groupType'][0] = 4;
+ break;
+ case windowsGroup::SCOPE_GLOBAL:
+ $this->attributes['groupType'][0] = 2;
+ break;
+ case windowsGroup::SCOPE_UNIVERSAL:
+ $this->attributes['groupType'][0] = 8;
+ break;
+ }
+ // group type
+ if ($_POST['groupType'] == windowsGroup::TYPE_SECURITY) {
+ $this->attributes['groupType'][0] = $this->attributes['groupType'][0] - 2147483648;
+ }
+ // notes
+ $this->attributes['info'][0] = $_POST['info'];
return $return;
}
@@ -317,12 +479,87 @@ class windowsGroup extends baseModule {
* @return array list of error messages if any
*/
public function build_uploadAccounts($rawAccounts, $ids, &$partialAccounts, $selectedModules) {
- $messages = array();
+ $errors = array();
for ($i = 0; $i < sizeof($rawAccounts); $i++) {
// add object class
if (!in_array('group', $partialAccounts[$i]['objectClass'])) $partialAccounts[$i]['objectClass'][] = 'group';
+ // cn + sAMAccountName
+ if ($rawAccounts[$i][$ids['windowsGroup_name']] != "") {
+ if (get_preg($rawAccounts[$i][$ids['windowsGroup_name']], 'groupname')) {
+ $partialAccounts[$i]['cn'] = $rawAccounts[$i][$ids['windowsGroup_name']];
+ $partialAccounts[$i]['sAMAccountName'] = $rawAccounts[$i][$ids['windowsGroup_name']];
+ }
+ else {
+ $errMsg = $this->messages['cn'][1];
+ array_push($errMsg, array($i));
+ $errors[] = $errMsg;
+ }
+ }
+ // description
+ if ($rawAccounts[$i][$ids['windowsGroup_description']] != "") {
+ $partialAccounts[$i]['description'] = $rawAccounts[$i][$ids['windowsGroup_description']];
+ }
+ // notes
+ if ($rawAccounts[$i][$ids['windowsGroup_notes']] != "") {
+ $partialAccounts[$i]['info'] = $rawAccounts[$i][$ids['windowsGroup_notes']];
+ }
+ // email
+ if ($rawAccounts[$i][$ids['windowsGroup_mail']] != "") {
+ if (get_preg($rawAccounts[$i][$ids['windowsGroup_mail']], 'email')) {
+ $partialAccounts[$i]['mail'] = $rawAccounts[$i][$ids['windowsGroup_mail']];
+ }
+ else {
+ $errMsg = $this->messages['mail'][1];
+ array_push($errMsg, array($i));
+ $errors[] = $errMsg;
+ }
+ }
+ // add members
+ if ($rawAccounts[$i][$ids['windowsGroup_members']] != "") {
+ $partialAccounts[$i]['member'] = explode(";", $rawAccounts[$i][$ids['windowsGroup_members']]);
+ }
+ // group scope
+ if ($rawAccounts[$i][$ids['windowsGroup_scope']] != "") {
+ if (in_array($rawAccounts[$i][$ids['windowsGroup_scope']], $this->groupScopes)) {
+ switch ($rawAccounts[$i][$ids['windowsGroup_scope']]) {
+ case windowsGroup::SCOPE_DOMAIN_LOCAL:
+ $partialAccounts[$i]['groupType'] = 4;
+ break;
+ case windowsGroup::SCOPE_GLOBAL:
+ $partialAccounts[$i]['groupType'] = 2;
+ break;
+ case windowsGroup::SCOPE_UNIVERSAL:
+ $partialAccounts[$i]['groupType'] = 8;
+ break;
+ }
+ }
+ else {
+ $errMsg = $this->messages['groupScope'][0];
+ array_push($errMsg, array($i));
+ $errors[] = $errMsg;
+ }
+ }
+ else {
+ $partialAccounts[$i]['groupType'] = 2;
+ }
+ // group type
+ if ($rawAccounts[$i][$ids['windowsGroup_type']] != "") {
+ if (in_array($rawAccounts[$i][$ids['windowsGroup_type']], $this->groupTypes)) {
+ if ($rawAccounts[$i][$ids['windowsGroup_type']] == windowsGroup::TYPE_SECURITY) {
+ $partialAccounts[$i]['groupType'] = $partialAccounts[$i]['groupType'] - 2147483648;
+ }
+ }
+ else {
+ $errMsg = $this->messages['groupType'][0];
+ array_push($errMsg, array($i));
+ $errors[] = $errMsg;
+ }
+ }
+ else {
+ $partialAccounts[$i]['groupType'] = $partialAccounts[$i]['groupType'] - 2147483648;
+ }
}
- return $messages;
+ return $errors;
}
/**
@@ -334,6 +571,32 @@ class windowsGroup extends baseModule {
$this->addSimplePDFField($return, 'description', _('Description'));
$this->addSimplePDFField($return, 'info', _('Notes'));
$this->addSimplePDFField($return, 'mail', _('Email address'));
+ // group type
+ $groupType = windowsGroup::TYPE_SECURITY;
+ $groupScope = windowsGroup::SCOPE_GLOBAL;
+ if (isset($this->attributes['groupType'][0])) {
+ if ($this->attributes['groupType'][0] & 2) {
+ $groupScope = windowsGroup::SCOPE_GLOBAL;
+ }
+ elseif ($this->attributes['groupType'][0] & 4) {
+ $groupScope = windowsGroup::SCOPE_DOMAIN_LOCAL;
+ }
+ elseif ($this->attributes['groupType'][0] & 8) {
+ $groupScope = windowsGroup::SCOPE_UNIVERSAL;
+ }
+ if ($this->attributes['groupType'][0] & 0x80000000) {
+ $groupType = windowsGroup::TYPE_SECURITY;
+ }
+ else {
+ $groupType = windowsGroup::TYPE_DISTRIBUTION;
+ }
+ }
+ $groupTypeLabels = array_flip($this->groupTypes);
+ $groupType = $groupTypeLabels[$groupType];
+ $groupScopeLabels = array_flip($this->groupScopes);
+ $groupScope = $groupScopeLabels[$groupScope];
+ $return[get_class($this) . '_groupScope'] = array('' . _('Group scope') . '' . $groupScope . '');
+ $return[get_class($this) . '_groupType'] = array('' . _('Group type') . '' . $groupType . '');
// members
if (sizeof($this->attributes['member']) > 0) {
$memberList = array();