<?php namespace LAM\DELETE; /* $Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) Copyright (C) 2003 - 2006 Tilo Lutz Copyright (C) 2007 - 2017 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /** * Used to delete accounts from LDAP tree. * * @author Tilo Lutz * @author Roland Gruber * @package main */ /** security functions */ include_once("../lib/security.inc"); /** account functions */ include_once('../lib/account.inc'); /** current configuration options */ include_once('../lib/config.inc'); /** message displaying */ include_once('../lib/status.inc'); /** LDAP connection */ include_once('../lib/ldap.inc'); /** remote interface */ include_once('../lib/remote.inc'); /** module interface */ include_once('../lib/modules.inc'); // Start session startSecureSession(); enforceUserIsLoggedIn(); if (!checkIfWriteAccessIsAllowed()) { die(); } // Redirect to startpage if user is not loged in if (!isLoggedIn()) { metaRefresh("login.php"); exit; } // Set correct language, codepages, .... setlanguage(); if (!empty($_POST)) { validateSecurityToken(); } $typeManager = new \LAM\TYPES\TypeManager(); if (isset($_POST['type']) && ($typeManager->getConfiguredType($_POST['type']) === null)) { logNewMessage(LOG_ERR, 'Invalid type: ' . $_POST['type']); die(); } if (isset($_GET['type']) && isset($_SESSION['delete_dn'])) { $typeId = $_GET['type']; $type = $typeManager->getConfiguredType($typeId); if ($type === null) { logNewMessage(LOG_ERR, 'Invalid type: ' . $type->getId()); die(); } if (!checkIfDeleteEntriesIsAllowed($type->getId()) || !checkIfWriteAccessIsAllowed($type->getId())) { logNewMessage(LOG_ERR, 'User tried to delete entries of forbidden type '. $type->getId()); die(); } // Create account list foreach ($_SESSION['delete_dn'] as $dn) { $start = strpos ($dn, "=")+1; $end = strpos ($dn, ","); $users[] = substr($dn, $start, $end-$start); } //load account $_SESSION['account'] = new \accountContainer($type, 'account'); // Show HTML Page include 'main_header.php'; echo "<div class=\"" . $type->getScope() . "-bright smallPaddingContent\">"; echo "<br>\n"; echo "<form action=\"delete.php\" method=\"post\">\n"; echo '<input type="hidden" name="' . getSecurityTokenName() . '" value="' . getSecurityTokenValue() . '">'; echo "<input name=\"type\" type=\"hidden\" value=\"" . $type->getId() . "\">\n"; echo "<b>" . _("Do you really want to remove the following accounts?") . "</b>"; echo "<br><br>\n"; echo "<table border=0>\n"; $userCount = sizeof($users); for ($i = 0; $i < $userCount; $i++) { echo "<tr>\n"; echo "<td><b>" . _("Account name:") . "</b> " . htmlspecialchars($users[$i]) . "</td>\n"; echo "<td> <b>" . _('DN') . ":</b> " . htmlspecialchars($_SESSION['delete_dn'][$i]) . "</td>\n"; $_SESSION['account']->load_account($_SESSION['delete_dn'][$i]); if (!$_SESSION['account']->hasOnlyVirtualChildren()) { $childCount = getChildCount($_SESSION['delete_dn'][$i]); if ($childCount > 0) { echo "<td> <b>" . _('Number of child entries') . ":</b> " . $childCount . "</td>\n"; } } echo "</tr>\n"; } echo "</table>\n"; echo "<br>\n"; // Print delete rows from modules echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; $modules = $_SESSION['config']->get_AccountModules($type->getId()); $values = array(); $tabindex = 100; foreach ($modules as $module) { $module = \moduleCache::getModule($module, $type->getScope()); parseHtml(get_class($module), $module->display_html_delete(), $values, true, $tabindex, $type->getScope()); } echo "</table>\n"; echo "<br>\n"; echo "<button class=\"smallPadding\" name=\"delete\" id=\"submitButton\">" . _('Delete') . "</button> \n"; echo "<button class=\"smallPadding\" name=\"cancel\" id=\"cancelButton\">" . _('Cancel') . "</button>\n"; echo "</form>\n"; echo "</div>\n"; ?> <script type="text/javascript"> jQuery(document).ready(function() { jQuery('#submitButton').button(); jQuery('#cancelButton').button(); }); </script> <?php include 'main_footer.php'; } if (isset($_POST['cancel'])) { if (isset($_SESSION['delete_dn'])) unset($_SESSION['delete_dn']); metaRefresh("lists/list.php?type=" . $_POST['type']); } elseif (isset($_POST['cancelAllOk'])) { if (isset($_SESSION['delete_dn'])) unset($_SESSION['delete_dn']); metaRefresh("lists/list.php?type=" . $_POST['type'] . '&deleteAllOk=1'); } if (isset($_POST['delete'])) { $typeId = $_POST['type']; $type = $typeManager->getConfiguredType($typeId); if (!checkIfDeleteEntriesIsAllowed($type->getId()) || !checkIfWriteAccessIsAllowed($type->getId())) { logNewMessage(LOG_ERR, 'User tried to delete entries of forbidden type '. $type->getId()); die(); } // Show HTML Page include 'main_header.php'; echo "<form action=\"delete.php\" method=\"post\">\n"; echo '<input type="hidden" name="' . getSecurityTokenName() . '" value="' . getSecurityTokenValue() . '">'; echo "<input name=\"type\" type=\"hidden\" value=\"" . $type->getId() . "\">\n"; echo "<div class=\"" . $type->getScope() . "-bright smallPaddingContent\"><br>\n"; echo "<br>\n"; // Delete dns $allOk = true; $allErrors = array(); foreach ($_SESSION['delete_dn'] as $deleteDN) { // Set to true if an real error has happened $stopprocessing = false; // First load DN. $_SESSION['account']->load_account($deleteDN); // get commands and changes of each attribute $moduleNames = array_keys($_SESSION['account']->getAccountModules()); $modules = $_SESSION['account']->getAccountModules(); $attributes = array(); $errors = array(); // predelete actions if (!$stopprocessing) { foreach ($moduleNames as $singlemodule) { $success = true; $messages = $modules[$singlemodule]->preDeleteActions(); foreach ($messages as $message) { $errors[] = $message; if ($message[0] == 'ERROR') { $success = false; $allOk = false; } elseif ($message[0] == 'WARN') { $allOk = false; } } if (!$success) { $stopprocessing = true; break; } } } if (!$stopprocessing) { // load attributes foreach ($moduleNames as $singlemodule) { // load changes $temp = $modules[$singlemodule]->delete_attributes(); if (is_array($temp)) { // merge changes $DNs = array_keys($temp); $attributes = array_merge_recursive($temp, $attributes); foreach ($DNs as $dn) { $ops = array_keys($temp[$dn]); foreach ($ops as $op) { $attrs = array_keys($temp[$dn][$op]); foreach ($attrs as $attribute) { $attributes[$dn][$op][$attribute] = array_unique($attributes[$dn][$op][$attribute]); } } } } } $DNs = array_keys($attributes); foreach ($DNs as $dn) { if (isset($attributes[$dn]['errors'])) { foreach ($attributes[$dn]['errors'] as $singleerror) { $errors[] = $singleerror; if ($singleerror[0] == 'ERROR') { $stopprocessing = true; $allOk = false; } } } if (!$stopprocessing) { // modify attributes if (isset($attributes[$dn]['modify']) && !$stopprocessing) { $success = ldap_mod_replace($_SESSION['ldap']->server(), $dn, $attributes[$dn]['modify']); if (!$success) { $errors[] = array ('ERROR', sprintf(_('Was unable to modify attributes from DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $stopprocessing = true; $allOk = false; } } // add attributes if (isset($attributes[$dn]['add']) && !$stopprocessing) { $success = ldap_mod_add($_SESSION['ldap']->server(), $dn, $attributes[$dn]['add']); if (!$success) { $errors[] = array ('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $stopprocessing = true; $allOk = false; } } // remove attributes if (isset($attributes[$dn]['remove']) && !$stopprocessing) { $success = ldap_mod_del($_SESSION['ldap']->server(), $dn, $attributes[$dn]['remove']); if (!$success) { $errors[] = array ('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $stopprocessing = true; $allOk = false; } } } } } if (!$stopprocessing) { $recursive = !$_SESSION['account']->hasOnlyVirtualChildren(); $messages = deleteDN($deleteDN, $recursive); $errors = array_merge($errors, $messages); if (sizeof($errors) > 0) { $stopprocessing = true; $allOk = false; } } // post delete actions if (!$stopprocessing) { foreach ($moduleNames as $singlemodule) { $messages = $modules[$singlemodule]->postDeleteActions(); foreach ($messages as $message) { $errors[] = $message; if (($message[0] == 'ERROR') || ($message[0] == 'WARN')) { $allOk = false; } } } } if (!$stopprocessing) { echo sprintf(_('Deleted DN: %s'), $deleteDN) . "<br>\n"; foreach ($errors as $error) { call_user_func_array('StatusMessage', $error); } echo "<br>\n"; flush(); } else { echo sprintf(_('Error while deleting DN: %s'), $deleteDN) . "<br>\n"; foreach ($errors as $error) { call_user_func_array('StatusMessage', $error); } echo "<br>\n"; } $allErrors = array_merge($allErrors, $errors); } echo "<br>\n"; echo "<br><button class=\"smallPadding\" name=\"cancel\" id=\"backButton\">" . _('Back to list') . "</button>\n"; echo "<br><button class=\"hidden\" name=\"cancelAllOk\" id=\"backButtonAllOk\"> </button>\n"; echo "</div>\n"; echo "</form>\n"; ?> <script type="text/javascript"> jQuery(document).ready(function() { jQuery('#backButton').button(); <?php if ($allOk) { $_SESSION['listRedirectMessages'] = $allErrors; echo "jQuery('#backButtonAllOk').click();"; } ?> }); </script> <?php include 'main_footer.php'; } /** * Returns the number of child entries of a DN. * * @param string $dn DN of parent * @return integer number of childs */ function getChildCount($dn) { $entries = searchLDAP(escapeDN($dn), 'objectClass=*', array('dn')); return (sizeof($entries) - 1); } ?>