From e11b86473a71b942a499bcd8233807acb7fefc3e Mon Sep 17 00:00:00 2001
From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Tue, 30 Oct 2007 11:31:58 +0000
Subject: [PATCH] Allow mail attribute for login attribute too. Configurable in
 setup

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@7688 594d385d-05f5-0310-b6e9-bd551577e9d8
---
 contrib/gosa.conf                 |  5 +++++
 html/index.php                    |  2 +-
 include/functions.inc             | 34 +++++++++++++++++++++++++++----
 setup/class_setupStep_Config3.inc |  7 ++++++-
 setup/setup_config3.tpl           | 11 ++++++++++
 5 files changed, 53 insertions(+), 6 deletions(-)

diff --git a/contrib/gosa.conf b/contrib/gosa.conf
index 0cdaf16d0..33212f59a 100644
--- a/contrib/gosa.conf
+++ b/contrib/gosa.conf
@@ -452,6 +452,11 @@
 			groups="{$cv.groupou}"
 			gidbase="{$cv.uidbase}"
 			uidbase="{$cv.uidbase}"
+{if $cv.optional.login_attribute}
+			login_attribute="{$cv.optional.login_attribute}"
+{else}
+			login_attribute="uid"
+{/if}
 {if $cv.optional.strict_units}
 			strict_units="true"
 {else}
diff --git a/html/index.php b/html/index.php
index ab9ed3f5c..5be46dbec 100644
--- a/html/index.php
+++ b/html/index.php
@@ -258,7 +258,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])){
 
   /* Check for valid input */
   $username= $_POST["username"];
-  if (!ereg("^[A-Za-z0-9_.-]+$", $username)){
+  if (!ereg("^[@A-Za-z0-9_.-]+$", $username)){
     $message= _("Please specify a valid username!");
   } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0){
     $message= _("Please specify your password!");
diff --git a/include/functions.inc b/include/functions.inc
index f20ec5c9d..0de2bcfc1 100644
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -312,7 +312,27 @@ function ldap_login_user ($username, $password)
     exit();
   }
   $ldap->cd($config->current['BASE']);
-  $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
+  $allowed_attributes = array("uid","mail");
+  $verify_attr = array();
+  if(isset($config->current['LOGIN_ATTRIBUTE'])){
+    $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']); 
+    foreach($tmp as $attr){
+      if(in_array($attr,$allowed_attributes)){
+        $verify_attr[] = $attr;
+      }
+    }
+  }
+  if(count($verify_attr) == 0){
+    $verify_attr = array("uid");
+  }
+  $tmp= $verify_attr;
+  $tmp[] = "uid";
+  $filter = "";
+  foreach($verify_attr as $attr) {
+    $filter.= "(".$attr."=".$username.")";
+  }
+  $filter = "(&(|".$filter.")(objectClass=gosaAccount))";
+  $ldap->search($filter,$tmp);
 
   /* get results, only a count of 1 is valid */
   switch ($ldap->count()){
@@ -332,13 +352,19 @@ function ldap_login_user ($username, $password)
 
   /* LDAP schema is not case sensitive. Perform additional check. */
   $attrs= $ldap->fetch();
-  if ($attrs['uid'][0] != $username){
-    return(NULL);
+  $success = FALSE;
+  foreach($verify_attr as $attr){
+    if ($attrs[$attr][0] == $username){
+      $success = TRUE;
+    }
+  }
+  if(!$success){
+    return(FALSE);
   }
 
   /* got user dn, fill acl's */
   $ui= new userinfo($config, $ldap->getDN());
-  $ui->username= $username;
+  $ui->username= $attrs['uid'][0];
 
   /* password check, bind as user with supplied password  */
   $ldap->disconnect();
diff --git a/setup/class_setupStep_Config3.inc b/setup/class_setupStep_Config3.inc
index 6db74ddb3..cc2307b5c 100644
--- a/setup/class_setupStep_Config3.inc
+++ b/setup/class_setupStep_Config3.inc
@@ -26,7 +26,11 @@ class Step_Config3 extends setup_step
 
   var $errorlvl   = TRUE;
 
+  var $login_attributes = array("uid"       => "uid", 
+                                "mail"      => "mail",
+                                "uid,mail"  => "both");
   var $optional = array(
+              "login_attribute" => "uid",
               "strict_units" => false,
               "list_summary" => false,
               "forceglobals" => true,
@@ -83,6 +87,7 @@ class Step_Config3 extends setup_step
     foreach($this->attributes as $attr){
       $smarty->assign($attr,$this->$attr);
     }
+    $smarty->assign("login_attributes",$this->login_attributes);
     return($smarty -> fetch (get_template_path("../setup/setup_config3.tpl")));
   }
 
@@ -98,7 +103,7 @@ class Step_Config3 extends setup_step
         }
       }
       
-      foreach(array("list_summary","strict_units","noprimarygroup","forceglobals","forcessl","ldapstats","warnssl","snmpcommunity","compile","debuglevel","session_lifetime") as $name){
+      foreach(array("login_attribute","list_summary","strict_units","noprimarygroup","forceglobals","forcessl","ldapstats","warnssl","snmpcommunity","compile","debuglevel","session_lifetime") as $name){
         if(isset($_POST[$name])){
           $this->optional[$name] = get_post($name);
         }
diff --git a/setup/setup_config3.tpl b/setup/setup_config3.tpl
index d92601a6e..1db42f49e 100644
--- a/setup/setup_config3.tpl
+++ b/setup/setup_config3.tpl
@@ -163,6 +163,17 @@
     </div>
 
     <p><b>{t}Login and session{/t}</b></p>
+    <div class='step4_container'>
+        <div class='step4_name'>
+            {t}Login attribute{/t}
+        </div>
+        <div class='step4_value'>
+            <select name="login_attribute" size="1" title="">
+            	{html_options options=$login_attributes selected=$optional.login_attribute}
+            </select>
+        </div>
+    </div>
+
     <div class='step4_container'>
         <div class='step4_name'>
             {t}Enforce register_globals to be deactivated{/t}
-- 
2.30.2