![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
8082f9f4fbc6463a16cc45a5c4f0026e4237a886
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class userManagement extends management
24 {
25 var $plHeadline = "Users";
26 var $plDescription = "Manage users";
27 var $plIcon = "plugins/users/images/user.png";
29 var $sn = "";
30 var $givenName = "";
31 var $uid = "";
32 var $got_uid = "";
33 var $edit_uid = "";
35 // Tab definition
36 protected $tabClass = "usertabs";
37 protected $tabType = "USERTABS";
38 protected $aclCategory = "users";
39 protected $aclPlugin = "user";
40 protected $objectName = "user";
42 function __construct($config,$ui)
43 {
44 $this->config = $config;
45 $this->ui = $ui;
47 // Build filter
48 $filter = new filter(get_template_path("user-filter.xml", true));
49 $filter->setObjectStorage("ou=people,");
51 // Build headpage
52 $headpage = new listing(get_template_path("user-list.xml", true));
53 $headpage->registerElementFilter("lockLabel", "userManagement::filterLockLabel");
54 $headpage->registerElementFilter("lockImage", "userManagement::filterLockImage");
55 $headpage->setFilter($filter);
56 $this->cpHandler = new CopyPasteHandler($this->config);
57 $this->snapHandler = new SnapshotHandler($this->config);
59 parent::__construct($config, $ui, "users", $headpage);
61 $this->registerAction("new", "newEntry");
62 $this->registerAction("edit", "editEntry");
63 $this->registerAction("apply", "applyChanges");
64 $this->registerAction("save", "saveChanges");
65 $this->registerAction("cancel", "cancelEdit");
66 $this->registerAction("remove", "removeEntryRequested");
67 $this->registerAction("removeConfirmed", "removeEntryConfirmed");
69 $this->registerAction("copy", "copyPasteHandler");
70 $this->registerAction("cut", "copyPasteHandler");
71 $this->registerAction("paste", "copyPasteHandler");
73 // Register special user actions
74 $this->registerAction("lock", "lockEntry");
75 $this->registerAction("lockUsers", "lockUsers");
76 $this->registerAction("unlockUsers", "lockUsers");
77 $this->registerAction("new_template", "newTemplate");
78 $this->registerAction("newfromtpl", "newUserFromTemplate");
79 $this->registerAction("templateContinue", "templateContinue");
80 $this->registerAction("templatize", "templatizeUsers");
81 $this->registerAction("templatizeContinue", "templatizeContinue");
82 }
84 // Inject user actions
85 function detectPostActions()
86 {
87 $action = management::detectPostActions();
88 if(isset($_POST['template_continue'])) $action['action'] = "templateContinue";
89 if(isset($_POST['templatize_continue'])) $action['action'] = "templatizeContinue";
90 return($action);
91 }
95 function alert($action,$values)
96 {
97 print_a(array($action,$values));
98 }
100 /*! \brief Intiates template creation.
101 */
102 function newTemplate($action,$entry)
103 {
104 $this->newEntry();
105 $this->tabObject->set_template_mode ();
106 }
109 /*! \brief Intiates user creation.
110 * If we've user templates, then the user will be asked to use to use one.
111 * -> See 'templateContinue' for further handling.
112 */
113 function newUserFromTemplate($action="",$target=array(),$all=array())
114 {
115 // Call parent method, it knows whats to do, locking and so on ...
116 management::newEntry($action,$target,$all);
118 // Reset uid selection.
119 $this->got_uid= "";
121 // Use template if there are any of them
122 $templates = array();
123 $templates['none']= _("none");
124 $templates = array_merge($templates,$this->get_templates());
126 // We've templates, so preset the current template and display the input dialog.
127 if (count($templates)){
128 $smarty = get_smarty();
129 foreach(array("sn", "givenName", "uid", "got_uid") as $attr){
130 $smarty->assign("$attr", "");
131 }
132 $smarty->assign("template", array_pop($target));
133 $smarty->assign("templates", $templates);
134 $smarty->assign("edit_uid", "");
135 return($smarty->fetch(get_template_path('template.tpl', TRUE)));
137 // -> See 'templateContinue' for further handling!
138 }
139 }
143 /*! \brief Intiates user creation.
144 * If we've user templates, then the user will be asked
145 * if he wants to use one.
146 * -> See 'templateContinue' for further handling.
147 */
148 function newEntry($action="",$target=array(),$all=array())
149 {
151 // Call parent method, it manages everything, locking, object creation...
152 management::newEntry($action,$target,$all);
154 // If we've at least one template, then ask the user if he wants to use one?
155 $templates = array();
156 $templates['none']= _("none");
157 $templates = array_merge($templates,$this->get_templates());
159 // Display template selection
160 if (count($templates)){
161 $smarty = get_smarty();
163 // Set default variables, normally empty.
164 foreach(array("sn", "givenName", "uid", "got_uid") as $attr){
165 $smarty->assign($attr, "");
166 }
167 $smarty->assign("template", "none");
168 $smarty->assign("templates", $templates);
169 $smarty->assign("edit_uid", "");
170 return($smarty->fetch(get_template_path('template.tpl', TRUE)));
172 // -> See 'templateContinue' for further handling!
173 }
174 }
177 /* !\brief This method is called whenever a template selection was displayed.
178 * Here we act on the use selection.
179 * - Does the user want to create a user from template?
180 * - Create user without template?
181 * - Input correct, every value given and valid?
182 */
183 function templateContinue()
184 {
185 // Get the list of available templates.
186 $templates = array();
187 $templates['none']= _("none");
188 $templates = array_merge($templates,$this->get_templates());
190 // Input validation, if someone wants to create a user from a template
191 // then validate the given values.
192 $message = array();
193 if(!isset($_POST['template']) || (empty($_POST['template']))){
194 $message[]= msgPool::invalid(_("Template"));
195 }
196 if(!isset($_POST['sn']) || (empty($_POST['sn']))){
197 $message[]= msgPool::required(_("Name"));
198 }
199 if(!isset($_POST['givenName']) || (empty($_POST['givenName']))){
200 $message[]= msgPool::required(_("Given name"));
201 }
203 /********************
204 * 1 We've had input errors - Display errors and show input dialog again.
205 ********************/
207 if (count($message) > 0){
208 msg_dialog::displayChecks($message);
210 // Preset input fields with user input.
211 $smarty = get_smarty();
212 foreach(array("sn", "givenName", "uid", "template") as $attr){
213 if(isset($_POST[$attr])){
214 $smarty->assign("$attr", get_post($attr));
215 }else{
216 $smarty->assign("$attr", "");
217 }
218 }
220 $smarty->assign("templates",$templates);
221 $smarty->assign("got_uid", $this->got_uid);
222 $smarty->assign("edit_uid",false);
223 return($smarty->fetch(get_template_path('template.tpl', TRUE)));
224 }
227 /********************
228 * 2 There was a template selected, now ask for the uid.
229 ********************/
231 if ($_POST['template'] != 'none' && !isset($_POST['uid'])){
233 // Remember user input.
234 $smarty = get_smarty();
235 $this->sn = $_POST['sn'];
236 $this->givenName = $_POST['givenName'];
238 // Avoid duplicate entries, check if such a user already exists.
239 $dn= preg_replace("/^[^,]+,/i", "", $_POST['template']);
240 $ldap= $this->config->get_ldap_link();
241 $ldap->cd ($dn);
242 $ldap->search ("(&(sn=".normalizeLdap($this->sn).")(givenName=".normalizeLdap($this->givenName)."))", array("givenName"));
243 if ($ldap->count () != 0){
244 msg_dialog::displayChecks(array(msgPool::duplicated(_("Name"))));
245 }else{
247 // Preset uid field by using the idGenerator
248 $attributes= array('sn' => $this->sn, 'givenName' => $this->givenName);
249 if ($this->config->get_cfg_value("idGenerator") != ""){
250 $uids= gen_uids ($this->config->get_cfg_value("idGenerator"), $attributes);
251 if (count($uids)){
252 $smarty->assign("edit_uid", "false");
253 $smarty->assign("uids", $uids);
254 $this->uid= current($uids);
255 }
256 } else {
257 $smarty->assign("edit_uid", "");
258 $this->uid= "";
259 }
260 $this->got_uid= true;
261 }
263 // Assign user input
264 foreach(array("sn", "givenName", "uid", "got_uid") as $attr){
265 $smarty->assign("$attr", $this->$attr);
266 }
267 if (isset($_POST['template'])){
268 $smarty->assign("template", $_POST['template']);
269 }
270 $smarty->assign("templates",$templates);
271 return($smarty->fetch(get_template_path('template.tpl', TRUE)));
272 }
275 /********************
276 * 3 No template - Ok. Lets fill the data into the user object and skip templating here.
277 ********************/
278 if ($_POST['template'] == 'none'){
279 foreach(array("sn", "givenName", "uid") as $attr){
280 if (isset($_POST[$attr])){
281 $this->tabObject->by_object['user']->$attr= $_POST[$attr];
282 }
283 }
285 // The user Tab object is already instantiated, so just go back and let the
286 // management class do the rest.
287 return("");
288 }
291 /********************
292 * 4 Template selected and uid given - Ok, then lets adapt tempalte values.
293 ********************/
294 if(isset($_POST['uid'])){
296 // Move user supplied data to sub plugins
297 foreach(array("uid","sn","givenName") as $attr){
298 $this->$attr = $_POST[$attr];
299 $this->tabObject->$attr = $this->$attr;
300 $this->tabObject->by_object['user']->$attr = $this->$attr;
301 }
303 // Adapt template values.
304 $template_dn = $_POST['template'];
305 $this->tabObject->adapt_from_template($template_dn, array("uid","cn","givenName","sn"));
306 $template_base = preg_replace("/^[^,]+,".preg_quote(get_people_ou(), '/')."/", '', $template_dn);
307 $this->tabObject->by_object['user']->base= $template_base;
309 // The user Tab object is already instantiated, so just go back and let the
310 // management class do the rest.
311 return("");
312 }
313 }
316 /* !\brief This method applies a template to a set of users.
317 */
318 function templatizeUsers($action="",$target=array(),$all=array())
319 {
320 $this->dns = array();
321 if(count($target)){
323 // Get the list of available templates.
324 $templates = $this->get_templates();
326 // Check entry locking
327 foreach($target as $dn){
328 if (($user= get_lock($dn)) != ""){
329 return(gen_locked_message ($user, $dn));
330 }
331 $this->dns[] = $dn;
332 }
334 // Display template
335 $smarty = get_smarty();
336 $smarty->assign("templates", $templates);
337 return($smarty->fetch(get_template_path('templatize.tpl', TRUE)));
338 }
339 }
342 /* !\brief This method is called whenever the templatize dialog was used.
343 */
344 function templatizeContinue()
345 {
346 // Template readable?
347 $template= get_post('template');
348 $acl = $this->ui->get_permissions($template, $this->aclCategory."/".$this->aclPlugin);
349 if (preg_match('/r/', $acl)){
350 $tab = $this->tabClass;
351 foreach ($this->dns as $dn){
353 // User writeable
354 $acl = $this->ui->get_permissions($dn, $this->aclCategory."/".$this->aclPlugin);
355 if (preg_match('/w/', $acl)){
356 $this->tabObject= new $tab($this->config, $this->config->data['TABS'][$this->tabType], $dn, $this->aclCategory);
357 $this->tabObject->adapt_from_template($template, array("sn", "givenName", "uid"));
358 $this->tabObject->save();
359 } else {
360 msg_dialog::display(_("Permission error"), msgPool::permModify($dn), ERROR_DIALOG);
361 }
362 }
363 } else {
364 msg_dialog::display(_("Permission error"), msgPool::permView($template), ERROR_DIALOG);
365 }
367 // Cleanup!
368 $this->remove_lock();
369 $this->closeDialogs();
370 }
373 /* !\brief Lock/unlock multiple users.
374 */
375 function lockUsers($action,$target,$all)
376 {
377 if($action == "lockUsers"){
378 $this->lockEntry($action,$target, $all, "lock");
379 }else{
380 $this->lockEntry($action,$target, $all, "unlock");
381 }
382 }
385 /* !\brief Locks/unlocks the given user(s).
386 */
387 function lockEntry($action,$entry, $all, $type = "toggle")
388 {
390 // Filter out entries we are not allowed to modify
391 $disallowed = array();
392 $dns = array();
393 foreach($entry as $dn){
394 if (!preg_match("/w/",$this->ui->get_permissions($dn,"users/password"))){
395 $disallowed[] = $dn;
396 }else{
397 $allowed[] = $dn;
398 }
399 }
400 if(count($disallowed)){
401 msg_dialog::display(_("Permission"),msgPool::permDelete($disallowed),INFO_DIALOG);
402 }
404 // Try to lock/unlock the rest of the entries.
405 $ldap = $this->config->get_ldap_link();
406 foreach($allowed as $dn){
407 $ldap->cat($dn, array('userPassword'));
408 if($ldap->count() == 1){
410 // We can't lock empty passwords.
411 $val = $ldap->fetch();
412 if(!isset($val['userPassword'])){
413 continue;
414 }
416 // Detect the password method and try to lock/unlock.
417 $pwd = $val['userPassword'][0];
418 $method = passwordMethod::get_method($pwd,$val['dn']);
419 $success= true;
420 if($method instanceOf passwordMethod){
421 if($type == "toggle"){
422 if($method->is_locked($this->config,$val['dn'])){
423 $success= $method->unlock_account($this->config,$val['dn']);
424 }else{
425 $success= $method->lock_account($this->config,$val['dn']);
426 }
427 }elseif($type == "lock" && !$method->is_locked($this->config,$val['dn'])){
428 $success= $method->lock_account($this->config,$val['dn']);
429 }elseif($type == "unlock" && $method->is_locked($this->config,$val['dn'])){
430 $success= $method->unlock_account($this->config,$val['dn']);
431 }
433 // Check if everything went fine.
434 if (!$success){
435 $hn= $method->get_hash_name();
436 if (is_array($hn)){
437 $hn= $hn[0];
438 }
439 msg_dialog::display(_("Account locking"),
440 sprintf(_("Password method '%s' does not support locking. Account (%s) has not been locked!"),
441 $hn,$dn),WARNING_DIALOG);
442 }
443 }else{
444 // Can't lock unknown methods.
445 }
446 }
447 }
448 }
451 /* !\brief This method returns a list of all available templates.
452 */
453 function get_templates()
454 {
455 $templates= array();
456 $ldap= $this->config->get_ldap_link();
457 foreach ($this->config->departments as $key => $value){
458 $acl = $this->ui->get_permissions($value,$this->aclCategory."/".$this->aclPlugin);
459 if (preg_match("/c/",$acl)){
461 // Search all templates from the current dn.
462 $ldap->cd (get_people_ou().$value);
463 $ldap->search ("(objectClass=gosaUserTemplate)", array("uid"));
464 if ($ldap->count() != 0){
465 while ($attrs= $ldap->fetch()){
466 $templates[$ldap->getDN()]= $attrs['uid'][0]." - ".LDAP::fix($key);
467 }
468 }
469 }
470 }
471 natcasesort ($templates);
472 reset ($templates);
473 return($templates);
474 }
477 static function filterLockImage($userPassword)
478 {
479 $image= "images/empty.png";
480 if(isset($userPassword[0]) && preg_match("/^\{[^\}]/",$userPassword[0])){
481 if(preg_match("/^[^\}]*+\}!/",$userPassword[0])){
482 $image= "images/lists/locked.png";
483 }else{
484 $image= "images/lists/unlocked.png";
485 }
486 }
487 return $image;
488 }
491 static function filterLockLabel($userPassword)
492 {
493 $label= "";
494 if(isset($userPassword[0]) && preg_match("/^\{[^\}]/",$userPassword[0])){
495 if(preg_match("/^[^\}]*+\}!/",$userPassword[0])){
496 $label= _("Unlock account");
497 }else{
498 $label= _("Lock account");
499 }
500 }
501 return $label;
502 }
503 }
504 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
505 ?>