From ff524e3f232f24ac67a1a399a1d20d78800f67ce Mon Sep 17 00:00:00 2001 From: katagia Date: Fri, 12 Dec 2003 11:52:52 +0000 Subject: [PATCH] fixed problem with new modules and ldap objectclasses. SUP-Classes weren't included in attribute list. --- lam/lib/account.inc | 50 +++- lam/lib/modules/inetOrgPerson.inc | 359 ++++++++--------------------- lam/templates/account/useredit.php | 8 +- 3 files changed, 142 insertions(+), 275 deletions(-) diff --git a/lam/lib/account.inc b/lam/lib/account.inc index cac31cd4..9aa7a0be 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -86,7 +86,7 @@ class cache { foreach ($DNs as $dn) { if (isset($this->ldapcache[$scope][$dn][$attribute]) && in_array($objectClass, $this->ldapcache[$scope][$dn]['objectClass'])) { // return string if only attribute exists only once - if (count($this->ldapcache[$scope][$dn][$attribute])==1) $return[$dn] = $this->ldapcache[$scope][$dn][$attribute][0]; + if (count($this->ldapcache[$scope][$dn][$attribute])==1) $return[$dn][] = $this->ldapcache[$scope][$dn][$attribute][0]; else { // else return array with all attributes $return[$dn] = $this->ldapcache[$scope][$dn][$attribute]; @@ -231,6 +231,7 @@ class accountContainer { var $type; var $lampath; // reference to lampath from Session var $ldap; // This is a reference to the ldap class in session + var $modules; // This is an array with all module objects /* Get the type of account. Valid * types are: user, group, host @@ -266,7 +267,7 @@ class accountContainer { // create array with may-attributes // Get startposition in string if (strpos($this->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($_SESSION['ldap']->objectClasses[$line], 'MAY (')+5); + $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -277,6 +278,49 @@ class accountContainer { else $this->attributes[$attribute][$objectClass] = 'MAY'; } } + + // Get attributes of subclasses + while (strpos($this->ldap->objectClasses[$line], "SUP ")) { + $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'SUP ')+4); + $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); + // Add account type to object + for ($i=0; $ildap->objectClasses) || $i==-1; $i++) { + if (strpos($this->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i; + } + // Return error if objectClass isn't found + if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING); + + // create array with must-attributes + // Get startposition in string + if (strpos($this->ldap->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MUST (')+6); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + $may = explode(" $ ", $string); + // Ad must + foreach ($must as $attribute) { + if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MUST'; + else $this->attributes[$attribute][$objectClass] = 'MUST'; + } + } + // create array with may-attributes + // Get startposition in string + if (strpos($this->ldap->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MAY (')+5); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + $must = explode(" $ ", $string); + // Ad may + foreach ($must as $attribute) { + if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MAY'; + else $this->attributes[$attribute][$objectClass] = 'MAY'; + } + } + } + + } /* This function return ldap attributes @@ -309,7 +353,7 @@ class accountContainer { // Add module if it exists if (filetype($this->lampath."/lib/modules/".$objectClass.".inc") == 'file') { include_once ($this->lampath."/lib/modules/".$objectClass.".inc"); - $this[] = new $objectClass($this); + $this->modules[] = new $objectClass($this); } } return 0; diff --git a/lam/lib/modules/inetOrgPerson.inc b/lam/lib/modules/inetOrgPerson.inc index d98e8720..407164c5 100644 --- a/lam/lib/modules/inetOrgPerson.inc +++ b/lam/lib/modules/inetOrgPerson.inc @@ -31,10 +31,6 @@ $Id$ * account.inc: array_delete */ -// *** fixme, start session if not yet done -// *** fixme set language if not yet done -include_once('../ldap.inc'); -include_once('../account.inc'); /* This class contains all inetOrgPerson LDAP attributes * and funtioncs required to deal with inetOrgPerson @@ -50,15 +46,15 @@ include_once('../account.inc'); class inetOrgPerson { // Constructor - function inetOrgPerson(&$basearray=false) { + function inetOrgPerson(&$basearray) { /* Return an error if posixAccount should be created without * base container */ - if (!$basearray) die _('Please create a new object with $array[] = new posixAccount($array);'); + if (!$basearray) trigger_error(_('Please create a new object with $array[] = new posixAccount($array);'), E_USER_ERROR); // Check if $basearray is an array - if (!is_array($basearray)) die _('Please create a new object with $array[] = new posixAccount($array);'); + if (!is_object($basearray)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'inetOrgPerson\');'), E_USER_ERROR); // posixAccount is only a valid objectClass for user and host - if !($basearray->get_type() == 'user') die _('inetOrgPerson can only be used for users.'); + if ($basearray->get_type() != 'user') trigger_error(_('inetOrgPerson can only be used for users.'), E_USER_WARNING); /* Create a reference to basearray so we can read all other modules * php will avaois recousrion itself */ @@ -69,8 +65,73 @@ class inetOrgPerson { $basearray->add_attributes ('inetOrgPerson'); // Add account type to object - $orig = array( 'uid' => '', 'uidNumber' => '', 'gidNumber' => '', 'homeDirectory' => '', 'loginShell' => '', 'gecos' => '', - 'description' => '', 'enc_userPassword' => '', 'groups' => array() ); + $line=-1; + for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { + if (strpos($this->base->ldap->objectClasses[$i], "NAME 'inetOrgPerson'")) $line = $i; + } + // Return error if objectClass isn't found + if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING); + // create array with must-attributes + // Get startposition in string + if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad must + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // create array with may-attributes + // Get startposition in string + if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad may + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // Get attributes of subclasses + while (strpos($this->base->ldap->objectClasses[$line], "SUP ")) { + $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'SUP ')+4); + $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); + // Add account type to object + for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { + if (strpos($this->base->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i; + } + // Return error if objectClass isn't found + if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING); + + // create array with must-attributes + // Get startposition in string + if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad must + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // create array with may-attributes + // Get startposition in string + if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad may + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + } + $this->attributes = $this->orig; $this->alias = _('inetOrgPerson'); } @@ -79,112 +140,50 @@ class inetOrgPerson { var $alias; // reference to base-array so we can read other classes in basearray var $base; - - - // Use a unix password? - var $userPassword_no; - // Lock account? - var $userPassword_lock; - // Array with all groups the user should also be member of - var $groups; - // LDAP attributes - // These attributes have to be set in ldap - var $uid; - var $uidNumber; - var $gidNumber; - var $homeDirectory; - // These attributes doesn't have to be set in ldap - var $loginShell; - var $gecos; - var $description; - /* This function will return the unencrypted password when - * called without a variable - * If it's called with a new password, the - * new password will be stored encrypted - */ - function userPassword($newpassword='') { - // Read existing password if set - if ($newpassword='') { - if ($this->enc_userPassword != '') { - $iv = base64_decode($_COOKIE["IV"]); - $key = base64_decode($_COOKIE["Key"]); - $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->enc_userPassword), MCRYPT_MODE_ECB, $iv); - $password = str_replace(chr(00), '', $password); - return $password; - } - else return ''; - } - // Write new password - else { - $iv = base64_decode($_COOKIE["IV"]); - $key = base64_decode($_COOKIE["Key"]); - $this->enc_userPassword = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $newpassword, MCRYPT_MODE_ECB, $iv)); - return 0; - } - } - + // This variable contains all inetOrgPerson Attributes + var $attributes; /* If an account was loaded all attributes are kept in this array * to compare it with new changed attributes */ var $orig; + /* $attribute['password'] can't accessed directly because it's enrcypted + * To read / write password function userPassword is needed + */ + /* This function returns a list with all required modules */ function dependencies() { - if ($this->base['type']=='user') return array('inetOrgPerson'); - if ($this->base['type']=='host') return array('account'); // return error if unsupported type is used - return -1; + return array(); } /* Write variables into object and do some regexp checks */ function proccess_attributes() { // Load attributes - $this->uid = $_POST['form_posixAccount_uid']; - if ($this->base['type']=='user') $this->uid &= $this->base['inetOrgPerson']->cn; - if ($this->base['type']=='host') $this->uid &= $this->base['account']->cn; - $this->uidNumber = $_POST['form_posixAccount_uidNumber']; - $this->gidNumber = getgrnam($_POST['form_posixAccount_gidNumber']); - $this->homeDirectory = $_POST['form_posixAccount_homeDirectory']; - $this->loginShell = $_POST['form_posixAccount_loginShell']; - $this->gecos = $_POST['form_posixAccount_gecos']; - $this->description = $_POST['form_posixAccount_description']; - if ($_POST['form_posixAccount_userPassword_no']; $this->userPassword_no=true; - else $this->userPassword_no=false; - if ($_POST['form_posixAccount_userPassword_lock']; $this->userPassword_lock=true; - else $this->userPassword_lock=false; - if (isset($_POST['form_posixAccount_userPassword'])) { - if ($_POST['form_posixAccount_userPassword'] != $_POST['form_posixAccount_userPassword2']) { - $errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); - unset ($_POST['form_posixAccount_userPassword2']); - } - else $this->userPassword($_POST['form_posixAccount_userPassword']); - } - if ($_POST['form_posixAccount_genpass']) $this->userPassword(genpasswd()); + $this->attributes['uid'] = $_POST['form_inetOrgPerson_uid']; + $this->attributes['cn'] &= $this->attributes['cn']; // Check if Username contains only valid characters - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*$', $this->uid)) + if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*$', $this->attributes['uid'])) $errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); // Create automatic useraccount with number if original user already exists // Reset name to original name if new name is in use // *** fixme make incache modularized. Incache will return the found attribute // Set username back to original name if new username is in use - if (incache($this->uid,'uid', '*')!=$this->orig['uid'] && ($this->orig['uid']!='')) $this->uid = $this->orig['uid']; + if (incache($this->attributes['uid'],'uid', '*')!=$this->orig['uid'] && ($this->orig['uid']!='')) $this->attributes['uid'] = $this->orig['uid']; // Change uid to a new uid until a free uid is found - while (incache($this->uid, 'uid', '*')) { - // Remove "$" at end of hostname if type is host - if ($this->base['type']=='host') $this->uid = substr($this->uid, 0, $this->uid-1); + while (incache($this->attributes['uid'], 'uid', '*')) { // get last character of username - $lastchar = substr($this->uid, strlen($this->uid)-1, 1); + $lastchar = substr($this->attributes['uid'], strlen($this->attributes['uid'])-1, 1); // Last character is no number if ( !ereg('^([0-9])+$', $lastchar)) /* Last character is no number. Therefore we only have to * add "2" to it. */ - if ($this->base['type']=='host') $this->uid = $this->uid . '2$'; - else $this->uid = $this->uid . '2'; + $this->attributes['uid'] = $this->attributes['uid'] . '2'; else { /* Last character is a number -> we have to increase the number until we've * found a groupname with trailing number which is not in use. @@ -192,175 +191,35 @@ class inetOrgPerson { * $i will show us were we have to split groupname so we get a part * with the groupname and a part with the trailing number */ - $i=strlen($this->uid)-1; + $i=strlen($this->attributes['uid'])-1; $mark = false; // Set $i to the last character which is a number in $account_new->general_username while (!$mark) { - if (ereg('^([0-9])+$',substr($this->uid, $i, strlen($this->uid)-$i))) $i--; + if (ereg('^([0-9])+$',substr($this->attributes['uid'], $i, strlen($this->attributes['uid'])-$i))) $i--; else $mark=true; } // increase last number with one - $firstchars = substr($this->uid, 0, $i+1); - $lastchars = substr($this->uid, $i+1, strlen($this->uid)-$i); + $firstchars = substr($this->attributes['uid'], 0, $i+1); + $lastchars = substr($this->attributes['uid'], $i+1, strlen($this->attributes['uid'])-$i); // Put username together - $this->uid = $firstchars . (intval($lastchars)+1); - // Add $ name if type is host - if ($this->base['type']=='host') $this->uid .= '$'; + $this->attributes['uid'] = $firstchars . (intval($lastchars)+1); } } // Show warning if lam has changed username - if ($this->uid != $_POST['form_posixAccount_uid']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); + if ($this->attributes['uid'] != $_POST['form_inetOrgPerson_uid']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); - // Check if UID is valid. If none value was entered, the next useable value will be inserted - // load min and may uidNumber - if ($this->base['type']=='user') { - $minID = intval($_SESSION['config']->get_minUID()); - $maxID = intval($_SESSION['config']->get_maxUID()); - } - else { - $minID = intval($_SESSION['config']->get_minMachine()); - $maxID = intval($_SESSION['config']->get_maxMachine()); - } - // *** fixme create getcache function - $dn_uids = getcache('uidNumber', 'posixAccount', '*'); - // getcache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... ) - foreach ($dn_uids as $uid) $uids[] = $uid[0]; - if(is_array($uids)) sort ($uids, SORT_NUMERIC); - if ($this->uidNumber=='') { - // No id-number given - if ($this->orig['uidNumber']=='') { - // new account -> we have to find a free id-number - if (count($uids)!=0) { - // There are some uids - // Store highest id-number - $id = $uids[count($uids)-1]; - // Return minimum allowed id-number if all found id-numbers are too low - if ($id < $minID) $this->uidNumber = $minID; - // Return higesht used id-number + 1 if it's still in valid range - if ($id < $maxID) $this->uidNumber = $id+1; - /* If this function is still running we have to fid a free id-number between - * the used id-numbers - */ - $i = intval($minID); - while (in_array($i, $uids)) $i++; - if ($i>$maxID) - $errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!'))))); - else { - $this->uidNumber = $i; - $errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); - } - } - else $this->uidNumber = $minID; - // return minimum allowed id-number if no id-numbers are found - } - else $this->uidNumber = $this->orig['uidNumber']; - // old account -> return id-number which has been used - } - else { - // Check manual ID - // id-number is out of valid range - if ( $this->uidNumber < $minID || $this->uidNumber > $maxID) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID)); - // $uids is allways an array but not if no entries were found - if (is_array($uids)) { - // id-number is in use and account is a new account - if ((in_array($this->uidNumber, $uids)) && $this->orig['uidNumber']=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use')); - // id-number is in use, account is existing account and id-number is not used by itself - if ((in_array($this->uidNumber, $uids)) && $this->orig['uidNumber']!='' && ($this->orig['uidNumber'] != $this->uidNumber) ) { - $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use')); - $this->uidNumber = $this->orig['uidNumber']; - } - } - } - // Check if Homedir is valid - $this->homeDirectory = str_replace('$group', getgrnam($this->gidNumber), $this->homeDirectory); - if ($this->uid != '') - $this->homeDirectory = str_replace('$user', $this->uid, $this->homeDirectory); - if ($this->homeDirectory != $_POST['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); - if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->homeDirectory )) - $errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.')); - // Check if Name-length is OK. minLength=3, maxLength=20 - if ( !ereg('.{3,20}', $this->uid)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.')); - // Check if Name starts with letter - if ( !ereg('^([a-z]|[A-Z]).*$', $this->uid)) - $errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter')); - // Check if password is OK - if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword())) - $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); // Return error-messages if (is_array($errors)) return $errors; - // Go to additional group page when no error did ocour and button was pressed - if ($_POST['form_posixAccount_addgroup']) return 'group'; return 0; } - /* Write variables into object and do some regexp checks - */ - function process_groups() { - do { // X-Or, only one if() can be true - if (isset($_POST['form_posixAccount_addgroups']) && isset($_POST['form_posixAccount_addgroups_button'])) { // Add groups to list - // Add new group - $this->groups = @array_merge($this->groups, $_POST['allgroups']); - // remove doubles - $this->groups = @array_flip($this->groups); - array_unique($this->groups); - $this->groups = @array_flip($this->groups); - // sort groups - sort($this->groups); - break; - } - if (isset($_POST['form_posixAccount_removegroups']) && isset($_POST['form_posixAccount_removegroups_button'])) { // remove groups from list - $this->groups = array_delete($_POST['form_posixAccount_removegroups'], $this->groups); - break; - } - } while(0); - if (isset($_POST['form_posixAccount_addgroups_button']) || isset($_POST['form_posixAccount_removegroups_button'])) return 'group'; - if ($_POST['form_posixAccount_toattributes'] return 'attributes'; - return 0; - } - - /* This function loads all attributes into the object * $attr is an array as it's retured from ldap_get_attributes */ function load_attributes($attr) { // Load attributes which are displayed // Values are kept as copy so we can compare old attributes with new attributes - $this->cn = $attr['cn'][0]; - $this->orig['cn'] = $attr['cn'][0]; - $this->uid = $attr['uid'][0]; - $this->orig['uid'] = $attr['uid'][0]; - $this->uidNumber = $attr['uidNumber'][0]; - $this->orig['uidNumber'] = $attr['uidNumber'][0]; - $this->gidNumber = $attr['gidNumber'][0]; - $this->orig['gidNumber'] = $attr['gidNumber'][0]; - $this->homeDirectory = $attr['homeDirectory'][0]; - $this->orig['homeDirectory'] = $attr['homeDirectory'][0]; - if (isset($attr['loginShell'][0])) { - $this->loginShell = $attr['loginShell'][0]; - $this->orig['loginShell'] = $attr['loginShell'][0]; - } - if (isset($attr['gecos'][0])) { - $this->gecos = $attr['gecos'][0]; - $this->orig['gecos'] = $attr['gecos'][0]; - } - if (isset($attr['description'][0])) { - $this->gecos = $attr['description'][0]; - $this->orig['description'] = $attr['description'][0]; - } - if (isset($attr['userPassword'][0])) { - $this->orig['enc_userPassword'] = $attr['userPassword'][0]; - } - $this->userPassword_lock=!pwd_is_enabled($attr['userPassword'][0]); - // get all additional groupmemberships - $dn_groups = getcache('memberUid', 'posixGroup', 'group'); - $DNs = array_keys($dn_groups); - foreach ($DNs as $DN) { - if (in_array($attr['uid'], $dn_groups[$DN])) - $this->groups[] = substr($DN, 3, strpos($DN, ',')-1); - } - $this->orig['groups'] = $this->groups; - return 0; } @@ -424,42 +283,6 @@ class inetOrgPerson { } } } - // Set additional group memberships - if (is_array($this->groups)) { - // There are some additional groups defined - if (is_array($this->orig['groups']) { - //There are some old groups. - $add = array_delete($this->orig['groups'], $this->groups); - $remove = array_delete($this->groups, $this->orig['groups']); - $dn_cns = getcache('cn', 'posixGroup', 'group'); - // getcache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) - $DNs = array_keys($dn_cns); - foreach ($DNs as $DN) { - if (in_array($dn_cns[$DN], $add)) $return[$DN]]['add']['memberUid'] = $this->uid; - if (in_array($dn_cns[$DN], $remove)) $return[$DN]]['remove']['memberUid'] = $this->uid; - } - } - else { - // Add user to every group - $dn_cns = getcache('cn', 'posixGroup', 'group'); - // getcache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) - $DNs = array_keys($dn_cns); - foreach ($DNs as $DN) { - if (in_array($dn_cns[$DN], $this->groups)) $return[$DN]]['add']['memberUid'] = $this->uid; - } - } - } - else { - if (is_array($this->orig['groups'])) { - //There are some old groups which have to be removed - $dn_cns = getcache('cn', 'posixGroup', 'group'); - // getcache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) - $DNs = array_keys($dn_cns); - foreach ($DNs as $DN) { - if (in_array($dn_cns[$DN], $this->orig['groups'])) $return[$DN]]['remove']['memberUid'] = $this->uid; - } - } - } } /* This function returns all ldap attributes diff --git a/lam/templates/account/useredit.php b/lam/templates/account/useredit.php index 5f230f8c..a8f8dcae 100644 --- a/lam/templates/account/useredit.php +++ b/lam/templates/account/useredit.php @@ -758,10 +758,10 @@ if (is_array($errors)) // print_r($account_new); //print_r($account_old); -//$temp = new cache(); -//$temp->add_cache(array( 'user' => array('uid', 'cn' ) )); -//print_r($temp->get_cache('uid', 'posixAccount', 'user')); -//print_r($temp->ldapcache); +if (!isset($_SESSION['cache'])) $_SESSION['cache'] = new cache(); +$temp = new accountContainer('user'); +$temp->add_objectClass('inetOrgPerson'); +// print_r($temp->modules); switch ($select_local) { /* Select which part of page should be loaded and check values