WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

support Samba 4

This commit is contained in:
Roland Gruber 2013-08-18 11:47:18 +00:00
parent a3a911f4ed
commit f665ef3425
2 changed files with 126 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lam/lib/baseModule.inc
View File

@ -91,8 +91,8 @@ abstract class baseModule {
// initialize module // initialize module
$this->scope = $scope; $this->scope = $scope;
$this->load_Messages(); $this->load_Messages();
$this->meta = $this->get_metaData();
$this->autoAddObjectClasses = true; $this->autoAddObjectClasses = true;
$this->meta = $this->get_metaData();
} }
/** /**

184
lam/lib/modules/posixGroup.inc
View File

@ -169,72 +169,85 @@ class posixGroup extends baseModule implements passwordService {
*/ */
function display_html_attributes() { function display_html_attributes() {
$return = new htmlTable(); $return = new htmlTable();
// group name if ($this->autoAddObjectClasses || (isset($this->attributes['objectClass']) && in_array('posixGroup', $this->attributes['objectClass']))) {
if ($this->manageCnAttribute) { // group name
$cn = ''; if ($this->manageCnAttribute) {
if (isset($this->attributes['cn'][0])) { $cn = '';
$cn = $this->attributes['cn'][0]; if (isset($this->attributes['cn'][0])) {
$cn = $this->attributes['cn'][0];
}
$cnInput = new htmlTableExtendedInputField(_("Group name"), 'cn', $cn, 'cn');
$cnInput->setRequired(true);
$cnInput->setFieldMaxLength(100);
$return->addElement($cnInput, true);
} }
$cnInput = new htmlTableExtendedInputField(_("Group name"), 'cn', $cn, 'cn'); // GID number
$cnInput->setRequired(true); $gidNumber = '';
$cnInput->setFieldMaxLength(100); if (isset($this->attributes['gidNumber'][0])) {
$return->addElement($cnInput, true); $gidNumber = $this->attributes['gidNumber'][0];
}
// GID number
$gidNumber = '';
if (isset($this->attributes['gidNumber'][0])) {
$gidNumber = $this->attributes['gidNumber'][0];
}
$gidNumberInput = new htmlTableExtendedInputField(_('GID number'), 'gidNumber', $gidNumber, 'gidNumber');
$gidNumberInput->setFieldMaxLength(20);
$gidNumberInput->setValidationRule(htmlElement::VALIDATE_NUMERIC);
$return->addElement($gidNumberInput, true);
// description
$description = '';
if (isset($this->attributes['description'][0])) {
$description = $this->attributes['description'][0];
}
if ($this->manageDescriptionAttribute) {
$return->addElement(new htmlTableExtendedInputField(_('Description'), 'description', $description, 'description'), true);
}
// password buttons
if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) {
$return->addElement(new htmlOutputText(_('Password')));
$pwdContainer = new htmlTable();
if (pwd_is_enabled($this->attributes['userPassword'][0])) {
$pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
} }
else { $gidNumberInput = new htmlTableExtendedInputField(_('GID number'), 'gidNumber', $gidNumber, 'gidNumber');
$pwdContainer->addElement(new htmlButton('unlockPassword', _('Unlock password'))); $gidNumberInput->setFieldMaxLength(20);
$gidNumberInput->setValidationRule(htmlElement::VALIDATE_NUMERIC);
$return->addElement($gidNumberInput, true);
// description
$description = '';
if (isset($this->attributes['description'][0])) {
$description = $this->attributes['description'][0];
} }
$pwdContainer->addElement(new htmlButton('removePassword', _('Remove password'))); if ($this->manageDescriptionAttribute) {
$pwdContainer->colspan = 2; $return->addElement(new htmlTableExtendedInputField(_('Description'), 'description', $description, 'description'), true);
$return->addElement($pwdContainer, true); }
} // password buttons
if (isset($this->orig['gidNumber'][0]) && $this->attributes['gidNumber'][0]!=$this->orig['gidNumber'][0]) { if (checkIfWriteAccessIsAllowed() && isset($this->attributes['userPassword'][0])) {
$return->addElement(new htmlTableExtendedInputCheckbox('changegids', $this->changegids, _('Change GID number of users and hosts'), 'changegids'), true); $return->addElement(new htmlOutputText(_('Password')));
} $pwdContainer = new htmlTable();
// group members if (pwd_is_enabled($this->attributes['userPassword'][0])) {
$return->addElement(new htmlOutputText(_("Group members"))); $pwdContainer->addElement(new htmlButton('lockPassword', _('Lock password')));
$return->addElement(new htmlAccountPageButton(get_class($this), 'user', 'open', _('Edit members')));
$return->addElement(new htmlHelpLink('members'), true);
$return->addElement(new htmlOutputText(''));
$users = $this->getUsers();
$members = array();
if (isset($this->attributes['memberUid'][0])) {
foreach ($this->attributes['memberUid'] as $uid) {
if (isset($users[$uid]) && isset($users[$uid]['cn'])) {
$members[] = $uid . ' (' . $users[$uid]['cn'] . ')';
} }
else { else {
$members[] = $uid; $pwdContainer->addElement(new htmlButton('unlockPassword', _('Unlock password')));
}
$pwdContainer->addElement(new htmlButton('removePassword', _('Remove password')));
$pwdContainer->colspan = 2;
$return->addElement($pwdContainer, true);
}
if (isset($this->orig['gidNumber'][0]) && $this->attributes['gidNumber'][0]!=$this->orig['gidNumber'][0]) {
$return->addElement(new htmlTableExtendedInputCheckbox('changegids', $this->changegids, _('Change GID number of users and hosts'), 'changegids'), true);
}
// group members
$return->addElement(new htmlOutputText(_("Group members")));
$return->addElement(new htmlAccountPageButton(get_class($this), 'user', 'open', _('Edit members')));
$return->addElement(new htmlHelpLink('members'), true);
$return->addElement(new htmlOutputText(''));
$users = $this->getUsers();
$members = array();
if (isset($this->attributes['memberUid'][0])) {
foreach ($this->attributes['memberUid'] as $uid) {
if (isset($users[$uid]) && isset($users[$uid]['cn'])) {
$members[] = $uid . ' (' . $users[$uid]['cn'] . ')';
}
else {
$members[] = $uid;
}
} }
} }
$members = array_unique($members);
natcasesort($members);
$members = array_map('htmlspecialchars', $members);
$return->addElement(new htmlOutputText(implode('<br>', $members), false), true);
// remove button
if (!$this->autoAddObjectClasses) {
$return->addElement(new htmlSpacer(null, '20px'), true);
$remButton = new htmlButton('remObjectClass', _('Remove Unix extension'));
$remButton->colspan = 5;
$return->addElement($remButton);
}
}
else {
// add button
$return->addElement(new htmlButton('addObjectClass', _('Add Unix extension')));
} }
$members = array_unique($members);
natcasesort($members);
$members = array_map('htmlspecialchars', $members);
$return->addElement(new htmlOutputText(implode('<br>', $members), false), true);
return $return; return $return;
} }
@ -357,6 +370,12 @@ class posixGroup extends baseModule implements passwordService {
$return['LDAPaliases'] = array('commonName' => 'cn'); $return['LDAPaliases'] = array('commonName' => 'cn');
// managed attributes // managed attributes
$return['attributes'] = array('cn', 'gidNumber', 'userPassword', 'memberUid', 'description'); $return['attributes'] = array('cn', 'gidNumber', 'userPassword', 'memberUid', 'description');
// profile options
if (!$this->autoAddObjectClasses) {
$profileContainer = new htmlTable();
$profileContainer->addElement(new htmlTableExtendedInputCheckbox('posixGroup_addExt', false, _('Automatically add this extension'), 'autoAdd'), true);
$return['profile_options'] = $profileContainer;
}
// configuration options // configuration options
$configContainer = new htmlTable(); $configContainer = new htmlTable();
$configContainer->addElement(new htmlSubTitle(_("Groups")), true); $configContainer->addElement(new htmlSubTitle(_("Groups")), true);
@ -485,6 +504,10 @@ class posixGroup extends baseModule implements passwordService {
"Text" => _("Here you can enter a filter value. Only entries which contain the filter text will be shown.") "Text" => _("Here you can enter a filter value. Only entries which contain the filter text will be shown.")
. ' ' . _('Possible wildcards are: "*" = any character, "^" = line start, "$" = line end') . ' ' . _('Possible wildcards are: "*" = any character, "^" = line start, "$" = line end')
), ),
'autoAdd' => array(
"Headline" => _("Automatically add this extension"),
"Text" => _("This will enable the extension automatically if this profile is loaded.")
),
); );
return $return; return $return;
@ -606,6 +629,29 @@ class posixGroup extends baseModule implements passwordService {
*/ */
function process_attributes() { function process_attributes() {
$errors = array(); $errors = array();
if (isset($_POST['addObjectClass'])) {
if (!isset($this->attributes['objectClass'])) {
$this->attributes['objectClass'] = array();
}
if (!in_array('posixGroup', $this->attributes['objectClass'])) {
$this->attributes['objectClass'][] = 'posixGroup';
}
return $errors;
}
if (isset($_POST['remObjectClass'])) {
$this->attributes['objectClass'] = array_delete(array('posixGroup'), $this->attributes['objectClass']);
$attrs = $this->getManagedAttributes();
foreach ($attrs as $name) {
if (isset($this->attributes[$name])) {
unset($this->attributes[$name]);
}
}
return $errors;
}
// skip processing if object class is not set
if (!$this->autoAddObjectClasses && (!isset($this->attributes['objectClass']) || !in_array('posixGroup', $this->attributes['objectClass']))) {
return $errors;
}
if ($this->manageDescriptionAttribute) { if ($this->manageDescriptionAttribute) {
$this->attributes['description'][0] = $_POST['description']; $this->attributes['description'][0] = $_POST['description'];
} }
@ -759,7 +805,11 @@ class posixGroup extends baseModule implements passwordService {
*/ */
function save_attributes() { function save_attributes() {
// skip saving if account is based on another structural object class // skip saving if account is based on another structural object class
if (!$this->getAccountContainer()->isNewAccount && !in_array('posixGroup', $this->getAccountContainer()->attributes_orig['objectClass'])) { if ($this->is_base_module() && !$this->getAccountContainer()->isNewAccount && !in_array('posixGroup', $this->getAccountContainer()->attributes_orig['objectClass'])) {
return array();
}
if (!in_array('posixGroup', $this->attributes['objectClass']) && !in_array('posixGroup', $this->orig['objectClass'])) {
// skip saving if the extension was not added/modified
return array(); return array();
} }
$return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig); $return = $this->getAccountContainer()->save_module_attributes($this->attributes, $this->orig);
@ -776,6 +826,22 @@ class posixGroup extends baseModule implements passwordService {
return $return; return $return;
} }
/**
* Loads the values of an account profile into internal variables.
*
* @param array $profile hash array with profile values (identifier => value)
*/
function load_profile($profile) {
// profile mappings in meta data
parent::load_profile($profile);
// add extension
if (isset($profile['posixGroup_addExt'][0]) && ($profile['posixGroup_addExt'][0] == "true")) {
if (!in_array('posixGroup', $this->attributes['objectClass'])) {
$this->attributes['objectClass'][] = 'posixGroup';
}
}
}
/** /**
* Checks input values of module settings. * Checks input values of module settings.
* *