![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class userManagement extends plugin
24 {
25 /* Plugin definitions */
26 var $plHeadline = "Users";
27 var $plDescription = "Manage users";
28 var $plIcon = "plugins/users/images/user.png";
30 /* Dialog attributes */
31 var $usertab = NULL;
32 var $ui = NULL;
33 var $templates = array();
34 var $got_uid = false;
35 var $CopyPasteHandler = NULL;
36 var $CPPasswordChange = ""; // Contains the entry id which should get a new password
37 var $DivListUsers;
39 var $pwd_change_queue = array();
41 var $start_pasting_copied_objects = FALSE;
42 var $msg_dialog= NULL;
43 var $acl_module = array("users");
44 var $dns = array();
46 function userManagement(&$config, $ui)
47 {
48 /* Save configuration for internal use */
49 $this->config= &$config;
50 $this->ui= &$ui;
52 /* Copy & Paste handler */
53 if ($this->config->boolValueIsTrue("main", "copyPaste")){
54 $this->CopyPasteHandler= new CopyPasteHandler($this->config);
55 }
57 /* Creat dialog object */
58 $this->DivListUsers = new divListUsers($this->config,$this);
60 }
63 function execute()
64 {
65 /* Call parent execute */
66 plugin::execute();
68 /* LOCK MESSAGE Vars */
69 session::global_set('LOCK_VARS_TO_USE',array("/^act$/","/^id$/","/^user_edit_/","/^user_del_/","/^item_selected/","/^remove_multiple_users/","/^multiple_edit/","/menu_action/"));
71 $smarty = get_smarty(); // Smarty instance
72 $s_action = ""; // Contains the action to be taken
73 $s_entry = ""; // The value for s_action
75 /* Edit entry button pressed? */
76 if( isset($_GET['act']) && $_GET['act'] == "edit_entry" ){
77 $s_action= "edit";
78 $s_entry= validate($_GET['id']);
79 }
81 /* Test relevant POST values */
82 foreach($_POST as $key => $val){
84 /* Get every possible POST combination and set s_action/s_entry accordingly */
85 foreach(array("del" => "user_del",
86 "edit" => "user_edit",
87 "new" => "user_new",
88 "new_tpl" => "user_tplnew",
89 "del_multiple" => "^remove_multiple_users",
90 "create_user_from_tpl" => "userfrom_tpl",
91 "change_pw" => "user_chgpw",
92 "editPaste" => "editPaste",
93 "copy_multiple" => "multiple_copy_users",
94 "multiple_edit" => "multiple_edit",
95 "cut_multiple" => "multiple_cut_users",
96 "multiple_password_change" => "multiple_password_change",
97 "copy" => "^copy",
98 "toggle_lock_status" => "toggle_lock_status",
99 "cut" => "^cut") as $act => $name){
101 if (preg_match("/".$name.".*/", $key)){
102 $s_action= $act;
103 $s_entry= preg_replace("/".$name."_/i", "", $key);
104 break;
105 }
106 }
108 } /* ...Test POST */
110 /* Remove coordinate prefix from POST, required by some browsers */
111 $s_entry= preg_replace("/_.$/", "", $s_entry);
113 /* Seperate possibly encoded tab and entry, default to tab "user" */
114 if(preg_match("/.*-.*/", $s_entry)){
115 $s_tab= preg_replace("/^[^-]*-/i", "" ,$s_entry);
116 $s_entry= preg_replace("/-[^-]*$/i", "", $s_entry);
117 }else{
118 $s_tab= "user";
119 }
121 if(!$this->config->search($s_tab, 'class',array('tabs'))){
122 $s_tab = "user";
123 }
125 if (isset($_POST['menu_action'])){
127 /* handle C&P from layers menu */
128 if(preg_match("/^multiple_copy_systems/",$_POST['menu_action'])){
129 $s_action = "copy_multiple";
130 }
131 if(preg_match("/^multiple_cut_systems/",$_POST['menu_action'])){
132 $s_action = "cut_multiple";
133 }
134 if(preg_match("/^editPaste/",$_POST['menu_action'])){
135 $s_action = "editPaste";
136 }
138 /* Create options */
139 if($_POST['menu_action'] == "user_new"){
140 $s_action = "new";
141 }
142 if($_POST['menu_action'] == "user_tplnew"){
143 $s_action = "new_tpl";
144 }
145 if($_POST['menu_action'] == "multiple_edit"){
146 $s_action = "multiple_edit";
147 }
149 /* handle remove from layers menu */
150 if(preg_match("/^multiple_password_change/",$_POST['menu_action'])){
151 $s_action = "multiple_password_change";
152 }
154 /* handle remove from layers menu */
155 if(preg_match("/^remove_multiple/",$_POST['menu_action'])){
156 $s_action = "del_multiple";
157 }
158 if(preg_match("/^templatize_multiple/",$_POST['menu_action'])){
159 $s_action = "templatize_multiple";
160 }
162 if(preg_match("/^event/",$_POST['menu_action'])){
163 $s_action = $_POST['menu_action'];
164 }
165 }
167 /* Use template */
168 if(isset($_POST['templatize_continue'])){
169 $s_action = "templatize_continue";
170 }
173 /********************
174 Create notification event
175 ********************/
177 if(preg_match("/^event_/",$s_action) && class_available("DaemonEvent")){
178 $ids = $this->list_get_selected_items();
179 $uids = array();
180 foreach($ids as $id){
181 $uids[] = $this->list[$id]['uid'][0];
182 }
183 if(count($uids)){
184 $events = DaemonEvent::get_event_types(USER_EVENT);
185 $event = preg_replace("/^event_/","",$s_action);
186 if(isset($events['BY_CLASS'][$event])){
187 $type = $events['BY_CLASS'][$event];
188 $this->usertab = new $type['CLASS_NAME']($this->config);
189 $this->usertab->add_users($uids);
190 $this->usertab->set_type(TRIGGERED_EVENT);
191 }
192 }
193 }
195 /* Abort event dialog */
196 if(isset($_POST['abort_event_dialog'])){
197 $this->usertab = FALSE;
198 }
200 /* Save event */
201 if(isset($_POST['save_event_dialog'])){
202 $this->usertab->save_object();
203 $msgs = $this->usertab->check();
204 if(count($msgs)){
205 msg_dialog::displayChecks($msgs);
206 }else{
208 $o_queue = new gosaSupportDaemon();
209 $o_queue->append($this->usertab);
210 if($o_queue->is_error()){
211 msg_dialog::display(_("Infrastructure error"), msgPool::siError($o_queue->get_error()),ERROR_DIALOG);
212 }else{
213 $this->usertab = FALSE;
214 }
215 }
216 }
218 /* Display event */
219 if($this->usertab instanceof DaemonEvent){
220 $this->usertab->save_object();
221 return($this->usertab->execute());
222 }
225 /********************
226 Copy & Paste
227 ********************/
229 /* Display the copy & paste dialog, if it is currently open */
230 if($this->CPPasswordChange == ""){
231 $ret = $this->copyPasteHandling_from_queue($s_action,$s_entry);
232 if($ret){
233 return($ret);
234 }
235 }
238 /********************
239 Change password confirmed
240 ********************/
242 /* Perform password change */
243 if (isset($_POST['password_finish'])){
245 /* For security reasons, check if user is allowed to set password again */
246 $dn = $this->dn;
247 $acl = $this->ui->get_permissions($dn, "users/password");
248 $cacl= $this->ui->get_permissions($dn, "users/user");
250 /* Are we allowed to create a new user or to set the password attribute? */
251 if (preg_match('/w/', $acl) || preg_match('/c/', $cacl)){
253 /* Check input and feed errors into 'message' */
254 $message= array();
256 /* Sanity checks... */
257 if ($_POST['new_password'] != $_POST['repeated_password']){
259 /* Matching passwords in new and repeated? */
260 $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match.");
261 } else {
263 /* Empty password is not permitted by default. */
264 if ($_POST['new_password'] == ""){
265 msgPool::required(_("New password"));
266 }
267 }
269 /* Errors, or password change? */
270 if (count($message) != 0){
272 /* Show error message and continue editing */
273 msg_dialog::displayChecks($message);
274 return($smarty->fetch(get_template_path('password.tpl', TRUE)));
275 }
277 $config= $this->config;
278 $ldap_ui= $this->config->get_ldap_link();
279 if(isset($this->usertab->dn)){
280 $ldap_ui->cat($this->usertab->dn,array("uid"));
281 $user = $ldap_ui->fetch();
282 }else{
283 $ldap_ui->cat($this->dn,array("uid"));
284 $user = $ldap_ui->fetch();
285 }
286 if((is_array($user))&&(isset($user['uid']))){
287 $username= $user['uid'][0];
288 }
290 /* Set password, perform required steps */
291 if ($this->usertab){
292 if ($this->usertab->password_change_needed()){
293 $obj= $this->usertab->by_object['user'];
294 if(!change_password ($this->usertab->dn, $_POST['new_password'],0, $obj->pw_storage)){
295 return($smarty->fetch(get_template_path('password.tpl', TRUE)));
296 }
297 if ($config->get_cfg_value("passwordHook") != ""){
298 exec($config->get_cfg_value("passwordHook")." ".$username." ".$_POST['new_password'], $resarr);
299 }
300 new log("modify","users/".get_class($this),$this->usertab->dn,array(),"Password has been changed");
301 unset($this->usertab);
302 $this->usertab= NULL;
303 }
304 } else {
305 if(!change_password ($this->dn, $_POST['new_password'])){
306 return($smarty->fetch(get_template_path('password.tpl', TRUE)));
307 }
308 if ($config->get_cfg_value("passwordHook") != ""){
309 exec($config->get_cfg_value("passwordHook")." ".$username." ".$_POST['new_password'], $resarr);
310 }
311 new log("modify","users/".get_class($this),$this->dn,array(),"Password has been changed");
312 }
313 } else {
315 /* Missing permissions, show message */
316 msg_dialog::display(_("Password change"),_("You have no permission to change this users password!"),WARNING_DIALOG);
317 }
318 /* Clean session, delete lock */
319 $this->remove_lock();
320 unset ($this->usertab);
321 $this->usertab= NULL;
322 $this->lognames= array();;
323 $this->sn= "";
324 $this->givenName= "";
325 $this->uid= "";
326 session::un_set('objectinfo');
327 }
330 /********************
331 Change multiple passwords requested
332 ********************/
334 if($s_action == "multiple_password_change"){
335 $this->pwd_change_queue = $this->list_get_selected_items();
336 $disallowed = array();
337 foreach($this->pwd_change_queue as $key => $id){
338 if(!preg_match("/w/",$this->ui->get_permissions($this->list[trim($id)]['dn'],"users/password"))){
339 unset($this->pwd_change_queue[$key]);
340 $disallowed[] = $this->list[trim($id)]['dn'];
341 }
342 }
343 if(count($disallowed)){
344 msg_dialog::display(_("Permission"),msgPool::permModify($disallowed),INFO_DIALOG);
345 }
346 }
349 /********************
350 Change password requested
351 ********************/
353 /* Password change requested */
354 if (($s_action == "change_pw") || (!empty($this->CPPasswordChange)) || count($this->pwd_change_queue)){
356 /* Get users whose passwords should be changed. */
357 if(count($this->pwd_change_queue)){
358 $s_entry= array_pop($this->pwd_change_queue);
359 }
361 if(!empty($this->CPPasswordChange)){
362 $s_entry = $this->CPPasswordChange;
363 $this->CPPasswordChange = "";
364 }
366 /* Get 'dn' from posted 'uid' */
367 $this->dn= $this->list[trim($s_entry)]['dn'];
369 /* Load permissions for selected 'dn' and check if
370 we're allowed to remove this 'dn' */
371 if (preg_match("/w/",$this->ui->get_permissions($this->dn,"users/password"))){
373 /* User is allowed to change passwords, save 'dn' and 'acl' for next
374 dialog. */
375 session::set('objectinfo',$this->dn);
376 return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
377 } else {
378 /* User is not allowed. Show message and cancel. */
379 msg_dialog::display(_("Password change"),_("You have no permission to change this users password!"),WARNING_DIALOG);
380 }
381 }
385 /********************
386 Edit existing entry
387 ********************/
390 /* User wants to edit data? */
391 if (($s_action=="edit") && (!isset($this->usertab->config))){
393 /* Get 'dn' from posted 'uid', must be unique */
394 $this->dn= $this->list[trim($s_entry)]['dn'];
396 /* Check locking, save current plugin in 'back_plugin', so
397 the dialog knows where to return. */
398 if (($user= get_lock($this->dn)) != ""){
399 return(gen_locked_message ($user, $this->dn,TRUE));
400 }
402 /* Lock the current entry, so everyone will get the
403 above dialog */
404 add_lock ($this->dn, $this->ui->dn);
406 /* Register usertab to trigger edit dialog */
407 $this->usertab= new usertabs($this->config,
408 $this->config->data['TABS']['USERTABS'], $this->dn);
410 /* Switch tab, if it was requested by the user */
411 $this->usertab->current = $s_tab;
413 /* Set ACL and move DN to the headline */
414 $this->usertab->set_acl_base($this->dn);
415 session::set('objectinfo',$this->dn);
416 }
419 /********************
420 Edit multiple entries
421 ********************/
423 /* User wants to edit data? */
424 if ($s_action == "multiple_edit" && !isset($this->usertab->config)){
426 $this->dn = array();
427 foreach($this->list_get_selected_items() as $id){
428 $this->dn[] = $this->list[$id]['dn'];;
429 }
430 $tmp = new multi_plug($this->config,"usertabs",$this->config->data['TABS']['USERTABS'],
431 $this->dn,$this->DivListUsers->selectedBase,"user");
432 if ($tmp->entries_locked()){
433 return($tmp->display_lock_message());
434 }
435 $tmp->lock_entries($this->ui->dn);
436 if($tmp->multiple_available()){
437 $this->usertab = $tmp;
438 $this->usertab->set_active_tab($s_tab);
439 session::set('objectinfo',$this->usertab->get_object_info());
440 }
441 }
444 /********************
445 Edit canceled
446 ********************/
448 /* Reset all relevant data, if we get a _cancel request */
449 if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){
450 if (isset($this->usertab)){
451 $this->remove_lock();
452 }
453 $this->usertab= NULL;
454 $this->lognames= array();;
455 $this->sn= "";
456 $this->givenName= "";
457 $this->uid= "";
458 session::un_set('objectinfo');
459 }
462 /********************
463 We want to create a new user, so fetch all available user templates
464 ********************/
466 /* Generate template list */
467 if ($s_action == "new" || $s_action == "create_user_from_tpl" || $s_action == "templatize_multiple"){
469 $this->templates= array();
470 $ldap= $this->config->get_ldap_link();
472 /* Create list of templates */
473 foreach ($this->config->departments as $key => $value){
475 /* Get acls from different ou's */
476 $acl = $this->ui->get_permissions($value,"users/user") ;
478 /* If creation of a new user is allowed, append this template */
479 if (preg_match("/c/",$acl)){
481 /* Search all templates from the current dn */
482 $ldap->cd (get_people_ou().$value);
483 $ldap->search ("(objectClass=gosaUserTemplate)", array("uid"));
485 /* Append */
486 if ($ldap->count() != 0){
487 while ($attrs= $ldap->fetch()){
488 $this->templates[$ldap->getDN()]=
489 $attrs['uid'][0]." - ".LDAP::fix($key);
490 }
491 if ($s_action != "templatize_multiple"){
492 $this->templates['none']= _("none");
493 }
494 }
495 }
496 }
498 /* Sort templates */
499 natcasesort ($this->templates);
500 reset ($this->templates);
501 }
504 /********************
505 Apply template to multiple entries requested, display confirm dialog
506 ********************/
508 if ($s_action=="templatize_multiple"){
509 $ids = $this->list_get_selected_items();
510 $this->dns = array();
511 if(count($ids)){
513 foreach($ids as $id){
514 $dn = $this->list[$id]['dn'];
515 if (($user= get_lock($dn)) != ""){
516 return(gen_locked_message ($user, $dn));
517 }
518 $this->dns[$id] = $dn;
519 }
520 }
522 $smarty->assign("templates", $this->templates);
524 return($smarty->fetch(get_template_path('templatize.tpl', TRUE)));
525 }
527 /* Perform templatizing after the button has been pressed */
528 if ($s_action == "templatize_continue"){
530 $acl = $this->ui->get_permissions($_POST['template'], "users/user");
532 /* Template readable? */
533 if (preg_match('/r/', $acl)){
534 $template_dn= $_POST['template'];
536 foreach ($this->dns as $dn){
537 $acl = $this->ui->get_permissions($_POST['template'], "users/user");
538 if (preg_match('/w/', $acl)){
539 $usertab= new usertabs($this->config, $this->config->data['TABS']['USERTABS'], $dn);
540 $usertab->adapt_from_template($template_dn, array("sn", "givenName", "uid"));
541 $usertab->save();
542 unset ($usertab);
543 $usertab= NULL;
544 } else {
545 msg_dialog::display(_("Permission error"), sprintf(_("You have no permission to modify object '%s'!"), $dn), ERROR_DIALOG);
546 }
547 }
548 } else {
549 msg_dialog::display(_("Permission error"), _("You have no permission to use this template!"), ERROR_DIALOG);
550 }
552 }
555 /********************
556 Delete MULTIPLE entries requested, display confirm dialog
557 ********************/
559 if ($s_action=="del_multiple" || $s_action == "del"){
561 if($s_action == "del"){
563 /* Get 'dn' from posted 'uid' */
564 $ids = array($s_entry);
565 }else{
566 $ids = $this->list_get_selected_items();
567 }
569 $this->dns = array();
570 if(count($ids)){
571 $disallowed = array();
572 foreach($ids as $id){
573 $dn = $this->list[$id]['dn'];
574 $acl = $this->ui->get_permissions($dn, "users/user");
575 if(preg_match("/d/",$acl)){
576 $this->dns[$id] = $dn;
577 }else{
578 $disallowed[] = $dn;
579 }
580 }
582 if(count($disallowed)){
583 msg_dialog::display(_("Permission"),msgPool::permDelete($disallowed),INFO_DIALOG);
584 }
586 if(count($this->dns)){
588 /* Check locks */
589 if ($user= get_multiple_locks($this->dns)){
590 return(gen_locked_message($user,$this->dns));
591 }
593 $dns_names = array();
594 foreach($this->dns as $dn){
595 $dns_names[] = LDAP::fix($dn);
596 }
598 add_lock($this->dns, $this->ui->dn);
600 /* Lock the current entry, so nobody will edit it during deletion */
601 $info = sprintf(msgPool::deleteInfo($dns_names,_("user")));
603 /* Lock the current entry, so nobody will edit it during deletion */
604 $smarty->assign("info", msgPool::deleteInfo($dns_names));
605 return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
606 }
607 }
608 }
611 /********************
612 Delete MULTIPLE entries confirmed
613 ********************/
615 if(isset($_POST['delete_user_confirm'])){
617 /* Remove user by user and check acls before removeing them */
618 foreach($this->dns as $key => $dn){
620 $acl = $this->ui->get_permissions($dn, "users/user");
621 if (preg_match('/d/', $acl)){
623 /* Delete request is permitted, perform LDAP action */
624 $this->usertab= new usertabs($this->config, $this->config->data['TABS']['USERTABS'],$dn);
625 $this->usertab->set_acl_base();
626 $this->usertab->delete ();
627 unset ($this->usertab);
628 $this->usertab= NULL;
629 } else {
630 msg_dialog::display(_("Warning"),msgPool::permDelete($dn),WARNING_DIALOG);
631 if(isset($this->ui->uid)){
632 new log("security","users/".get_class($this),$dn,array(),"Tried to trick deletion.");
633 }
634 }
635 }
636 /* Remove lock file after successfull deletion */
637 $this->remove_lock();
638 $this->dns = array();
639 }
642 /********************
643 Toggle lock status for user
644 ********************/
646 if($s_action == "toggle_lock_status" && isset($this->list[$s_entry])){
648 /* Get entry check current status */
649 $val = $this->list[$s_entry];
650 if (!preg_match("/w/",$this->ui->get_permissions($val['dn'],"users/password"))){
651 msg_dialog::display(_("Password locking"),
652 _("You have no permission to change the lock status for this user!"),WARNING_DIALOG);
653 }else{
654 $pwd = $val['userPassword'][0];
655 $method = passwordMethod::get_method($pwd,$val['dn']);
656 $success= false;
657 if($method instanceOf passwordMethod){
658 if($method->is_locked($this->config,$val['dn'])){
659 $success= $method->unlock_account($this->config,$val['dn']);
660 }else{
661 $success= $method->lock_account($this->config,$val['dn']);
662 }
664 /* Check for success */
665 if (!$success){
666 $hn= $method->get_hash_name();
667 if (is_array($hn)){
668 $hn= $hn[0];
669 }
670 msg_dialog::display(_("Password locking"),
671 sprintf(_("Password method '%s' does not support locking. Account has not been locked!"), $hn),WARNING_DIALOG);
672 }
673 }else{
674 // Can't lock unknown methods.
675 }
677 }
678 }
680 /********************
681 Delete entry Canceled
682 ********************/
684 /* Delete user canceled? */
685 if (isset($_POST['delete_cancel'])){
687 /* Remove lock file after successfull deletion */
688 $this->remove_lock();
689 $this->dns = array();
690 }
693 /********************
694 Edit entry finished (Save)
695 ********************/
697 /* Finish user edit is triggered by the tabulator dialog, so
698 the user wants to save edited data. Check and save at this
699 point. */
700 if ((isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && (isset($this->usertab->config))){
702 /* Check tabs, will feed message array */
703 $this->usertab->last= $this->usertab->current;
704 $this->usertab->save_object();
705 $message= $this->usertab->check();
707 /* Save, or display error message? */
708 if (count($message) == 0){
710 /* No errors. Go ahead and prepare to ask for a password
711 in case we're creating a new user. 'dn' will be 'new'
712 in this case. It is set to the correct value later. */
713 if ($this->dn == "new"){
714 $set_pass= 1;
715 } else {
716 $set_pass= 0;
717 }
719 /* Save user data to ldap */
720 if($this->usertab->save() == 1){
721 return;
722 }
724 if (!isset($_POST['edit_apply'])){
725 /* User has been saved successfully, remove lock from LDAP. */
726 if ($this->dn != "new"){
727 $this->remove_lock();
728 }
730 /* In case of new users, ask for a password, skip this for templates */
731 if (($set_pass || $this->usertab->password_change_needed()) && !$this->is_template){
732 $this->dn = $this->usertab->dn;
733 return($smarty->fetch(get_template_path('password.tpl', TRUE)));
734 }
736 unset ($this->usertab);
737 $this->usertab= NULL;
738 session::un_set('objectinfo');
739 }else{
741 /* Reinitialize tab */
742 if($this->usertab instanceof tabs){
743 $this->usertab->re_init();
744 }
745 }
746 } else {
747 /* Ok. There seem to be errors regarding to the tab data,
748 show message and continue as usual. */
749 msg_dialog::displayChecks($message);
750 }
751 }
755 /********************
756 Create a new user,template, user from template
757 ********************/
759 /* Check selected options for template */
760 if (isset($_POST['template_continue'])){
761 $message = array();
762 if(!isset($_POST['template']) || (empty($_POST['template']))){
763 $message[]= msgPool::invalid(_("Template"));
764 }
765 if(!isset($_POST['sn']) || (empty($_POST['sn']))){
766 $message[]= msgPool::required(_("Name"));
767 }
768 if(!isset($_POST['givenName']) || (empty($_POST['givenName']))){
769 $message[]= msgPool::required(_("Given name"));
770 }
772 /* Show error message / continue editing */
773 if (count($message) > 0){
774 msg_dialog::displayChecks($message);
776 foreach(array("sn", "givenName", "uid", "template") as $attr){
777 if(isset($_POST[$attr])){
778 $smarty->assign("$attr", $_POST[$attr]);
779 }else{
780 $smarty->assign("$attr", "");
781 }
782 }
783 $smarty->assign("templates",$this->templates);
784 $smarty->assign("got_uid",$this->got_uid);
785 $smarty->assign("edit_uid",false);
786 return($smarty->fetch(get_template_path('template.tpl', TRUE)));
788 }
789 }
791 /* New user/template request */
792 if (($s_action=="create_user_from_tpl")||($s_action=="new") || ($s_action=="new_tpl")){
793 /* By default we set 'dn' to 'new', all relevant plugins will
794 react on this. */
795 $this->dn= "new";
797 $this->got_uid= ($this->config->get_cfg_value("idGenerator") == "");
799 /* Create new usertab object */
800 $this->usertab= new usertabs($this->config,$this->config->data['TABS']['USERTABS'], $this->dn);
801 $this->usertab->by_object['user']->base= $this->DivListUsers->selectedBase;
802 $this->usertab->set_acl_base($this->DivListUsers->selectedBase);
804 /* Take care about templates */
805 if ($s_action=="new_tpl"){
806 $this->is_template= TRUE;
807 $this->usertab->set_template_mode ();
808 } else {
809 $this->is_template= FALSE;
810 }
812 /* Use template if there are any of them */
813 if ((count($this->templates) && ($s_action!='new_tpl'))||($s_action=="create_user_from_tpl")){
814 foreach(array("sn", "givenName", "uid", "got_uid", "templates") as $attr){
815 $smarty->assign("$attr", $this->$attr);
816 }
817 if ($s_action=="create_user_from_tpl"){
818 $smarty->assign("template", $this->dn= $this->list[trim($s_entry)]['dn']);
819 } else {
820 $smarty->assign("template", "none");
821 }
822 $smarty->assign("edit_uid", "");
823 return($smarty->fetch(get_template_path('template.tpl', TRUE)));
824 }
825 }
827 /********************
828 Template selected continue edit
829 ********************/
831 /* Continue template editing */
832 if ((isset($_POST['template_continue'])) && ($_POST['template'] != 'none') && (!isset($_POST['uid']))){
834 $this->sn = $_POST['sn'];
835 $this->givenName = $_POST['givenName'];
837 /* Check for requred values */
838 $message= array();
839 if ($this->sn == "") {
840 $message[]= msgPool::required(_("Name"));
841 }
842 if ($this->givenName == "") {
843 $message[]= msgPool::required(_("Given name"));
844 }
846 /* Check if dn is used */
847 $dn= preg_replace("/^[^,]+,/i", "", $_POST['template']);
848 $ldap= $this->config->get_ldap_link();
849 $ldap->cd ($dn);
850 $ldap->search ("(&(sn=".normalizeLdap($this->sn).")(givenName=".normalizeLdap($this->givenName)."))", array("givenName"));
851 if ($ldap->count () != 0){
852 msgPool::duplicated(_("Name"));
853 }
855 /* Show error message / continue editing */
856 if (count($message) > 0){
857 msg_dialog::displayChecks($message);
858 } else {
859 $attributes= array('sn' => $this->sn, 'givenName' => $this->givenName);
860 if ($this->config->get_cfg_value("idGenerator") != ""){
861 $uids= gen_uids ($this->config->get_cfg_value("idGenerator"), $attributes);
862 if (count($uids)){
863 $smarty->assign("edit_uid", "false");
864 $smarty->assign("uids", $uids);
865 $this->uid= current($uids);
866 }
867 } else {
868 $smarty->assign("edit_uid", "");
869 $this->uid= "";
870 }
871 $this->got_uid= true;
872 }
874 foreach(array("sn", "givenName", "uid", "got_uid", "templates") as $attr){
875 $smarty->assign("$attr", $this->$attr);
876 }
877 if (isset($_POST['template'])){
878 $smarty->assign("template", $_POST['template']);
879 }
880 return($smarty->fetch(get_template_path('template.tpl', TRUE)));
881 }
883 /********************
884 No template selected continue edit
885 ********************/
887 /* No template. Ok. Lets fill data into the normal user dialog */
888 if (isset($_POST['template_continue']) && $_POST['template'] == 'none'){
889 foreach(array("sn", "givenName", "uid") as $attr){
890 if (isset($_POST[$attr])){
891 $this->usertab->by_object['user']->$attr= $_POST[$attr];
892 }
893 }
894 }
897 /********************
898 Template selected continue edit
899 ********************/
901 /* Finish template preamble */
902 if (isset($_POST['template_continue']) && $_POST['template'] != 'none' && (isset($_POST['uid']))){
904 /* Might not be filled if IDGEN is unset */
905 $this->sn = $_POST['sn'];
906 $this->givenName = $_POST['givenName'];
908 /* Move user supplied data to sub plugins */
909 $this->uid = $_POST['uid'];
910 $this->usertab->uid = $this->uid;
911 $this->usertab->sn = $this->sn;
912 $this->usertab->givenName = $this->givenName;
913 $template_dn = $_POST['template'];
914 $this->usertab->adapt_from_template($template_dn);
915 $template_base = preg_replace("/^[^,]+,".preg_quote(get_people_ou(), '/')."/", '', $template_dn);
916 $this->usertab->by_object['user']->base= $template_base;
917 }
920 /********************
921 If no template was selected set base
922 ********************/
924 if (isset($_POST['template_continue']) && ($_POST['template'] == 'none')){
925 $this->usertab->by_object['user']->base= $this->DivListUsers->selectedBase;
926 }
929 /********************
930 Display subdialog
931 ********************/
933 /* Show tab dialog if object is present */
934 if(isset($this->usertab->config)){
936 $display= $this->usertab->execute();
938 /* Don't show buttons if tab dialog requests this */
940 $dia = FALSE;
941 if(isset($this->usertab->by_object[$this->usertab->current]->dialog)){
942 $dia = $this->usertab->by_object[$this->usertab->current]->dialog;
943 }
945 if(!is_object($dia) && $dia != TRUE){
946 if(($this->usertab instanceOf tabs || $this->usertab instanceOf plugin) && $this->usertab->read_only == TRUE){
947 $display.= "<p style=\"text-align:right\">
948 <input type=submit name=\"edit_cancel\" value=\"".msgPool::cancelButton()."\">
949 </p>";
950 }else{
951 $display.= "<p style=\"text-align:right\">\n";
952 $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\"".msgPool::okButton()."\">\n";
953 $display.= " \n";
954 if ($this->dn != "new"){
955 $display.= "<input type=submit name=\"edit_apply\" value=\"".msgPool::applyButton()."\">\n";
956 $display.= " \n";
957 }
958 $display.= "<input type=submit name=\"edit_cancel\" value=\"".msgPool::cancelButton()."\">\n";
959 $display.= "</p>";
960 }
961 }
962 return ($display);
963 }
965 /* Check if there is a snapshot dialog open */
966 $base = $this->DivListUsers->selectedBase;
967 if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){
968 return($str);
969 }
971 /* Return rendered main page */
972 /* Display dialog with system list */
973 $this->DivListUsers->parent = $this;
974 $this->DivListUsers->execute();
976 /* Add departments if subsearch is disabled */
977 if(!$this->DivListUsers->SubSearch){
978 $this->DivListUsers->AddDepartments($this->DivListUsers->selectedBase,4,1);
979 }
980 $this->reload();
981 $this->DivListUsers->setEntries($this->list);
982 return($this->DivListUsers->Draw());
983 }
986 /* Return departments, that will be included within snapshot detection */
987 function get_used_snapshot_bases()
988 {
989 return(array(get_people_ou().$this->DivListUsers->selectedBase));
990 }
993 function reload()
994 {
995 /* Set base for all searches */
996 $base= $this->DivListUsers->selectedBase;
997 $this->list =array();
999 /* Get filter configuration */
1000 $Regex = $this->DivListUsers->Regex;
1001 $SubSearch = $this->DivListUsers->SubSearch;
1002 $ShowTemplates = $this->DivListUsers->ShowTemplates;
1003 $ShowFunctionalUsers = $this->DivListUsers->ShowFunctionalUsers;
1004 $ShowUnixUsers = $this->DivListUsers->ShowUnixUsers;
1005 $ShowMailUsers = $this->DivListUsers->ShowMailUsers;
1006 $ShowSambaUsers = $this->DivListUsers->ShowSambaUsers;
1007 $ShowProxyUsers = $this->DivListUsers->ShowProxyUsers;
1009 /* Setup filter depending on selection */
1010 $filter="";
1011 if ($this->config->get_cfg_value("sambaversion") == 3){
1012 $samba= "sambaSamAccount";
1013 } else {
1014 $samba= "sambaAccount";
1015 }
1017 if ($ShowFunctionalUsers){
1018 $filter.= "(&(objectClass=gosaAccount)(!(|(objectClass=posixAccount)".
1019 "(objectClass=gosaMailAccount)(objectClass=$samba)".
1020 "(objectClass=gosaProxyAccount))))";
1021 }
1022 if ($ShowUnixUsers){
1023 $filter.= "(objectClass=posixAccount)";
1024 }
1025 if ($ShowMailUsers){
1026 $filter.= "(objectClass=gosaMailAccount)";
1027 }
1028 if ($ShowSambaUsers){
1029 $filter.= "(objectClass=$samba)";
1030 }
1031 if ($ShowProxyUsers){
1032 $filter.= "(objectClass=gosaProxyAccount)";
1033 }
1034 if ($ShowTemplates){
1035 $filter= "(|(objectClass=gosaUserTemplate)(&(objectClass=gosaAccount)(|$filter)))";
1036 } else {
1037 $filter= "(&(objectClass=gosaAccount)(objectClass=person)".
1038 "(objectClass=inetOrgPerson)(objectClass=organizationalPerson)".
1039 "(!(objectClass=gosaUserTemplate))(|$filter))";
1040 }
1041 $filter= "(&(|(uid=".normalizeLdap($Regex).")(sn=".normalizeLdap($Regex).")(givenName=".normalizeLdap($Regex)."))$filter)";
1043 /* Generate userlist */
1044 $ldap= $this->config->get_ldap_link(TRUE);
1046 if ($SubSearch){
1047 $ListTemp = get_sub_list($filter, "users", get_people_ou(),$base,
1048 array("uid", "givenName", "sn", "objectClass","userPassword"), GL_SUBSEARCH | GL_SIZELIMIT);
1049 } else {
1050 $base= get_people_ou().$base;
1051 $ListTemp = get_sub_list($filter, "users", get_people_ou(),$base,
1052 array("uid", "givenName", "sn", "objectClass","userPassword"), GL_SIZELIMIT);
1053 }
1054 $SortTemp = array();
1055 $List = array();
1057 foreach($ListTemp as $Key => $Entry){
1059 /* Due to the fact that "inetOrgPerson" is derived from "organizationalPerson" and that openldap
1060 doesn't differentiate both classes in search filters, we have to skip entries that do not provide
1061 both classes. (Both classes are required for a valid GOsa user Account.)
1062 */
1063 if(!in_array("inetOrgPerson",$Entry['objectClass'])|| !in_array("organizationalPerson",$Entry['objectClass'])){
1064 continue;
1065 }
1067 /* Skip entries that are not located under the people ou (normaly 'ou=people,')
1068 * Else winstations will be listed too, if you use the subtree flag.
1069 */
1070 if(!preg_match("/".preg_quote(get_people_ou(), '/')."/i",$Entry['dn'])){
1071 continue;
1072 }else{
1074 // Generate caption for rows
1075 if (isset($Entry["sn"]) && isset($Entry["givenName"])){
1076 $display= $Entry["sn"][0].", ".$Entry["givenName"][0]." [".$Entry["uid"][0]."]";
1077 } else {
1078 $display= "[".$Entry["uid"][0]."]";
1079 }
1081 $display = strtolower($display);
1082 $List[$display] = $Entry;
1083 $SortTemp[$display] = $display;
1084 }
1085 }
1086 natcasesort($SortTemp);
1087 reset($SortTemp);
1089 $this->list = array();
1090 foreach($SortTemp as $Key){
1091 $this->list[] = $List[$Key];
1092 }
1093 }
1096 function remove_lock()
1097 {
1098 /* Remove user lock if a DN is marked as "currently edited" */
1099 if (isset($this->usertab->dn)){
1100 del_lock ($this->usertab->dn);
1101 }elseif(isset($this->dn) && !empty($this->dn) && $this->dn != "new"){
1102 del_lock($this->dn);
1103 }
1104 if(isset($this->dns) && is_array($this->dns) && count($this->dns)){
1105 del_lock($this->dns);
1106 }
1107 }
1110 function copyPasteHandling_from_queue($s_action,$s_entry)
1111 {
1112 /* Check if Copy & Paste is disabled */
1113 if(!is_object($this->CopyPasteHandler)){
1114 return("");
1115 }
1117 $ui = get_userinfo();
1119 /* Add a single entry to queue */
1120 if($s_action == "cut" || $s_action == "copy"){
1122 /* Cleanup object queue */
1123 $this->CopyPasteHandler->cleanup_queue();
1124 $dn = $this->list[$s_entry]['dn'];
1125 if($s_action == "copy" && $ui->is_copyable($dn,"users","user")){
1126 $this->CopyPasteHandler->add_to_queue($dn,$s_action,"usertabs","USERTABS","users");
1127 }
1128 if($s_action == "cut" && $ui->is_cutable($dn,"users","user")){
1129 $this->CopyPasteHandler->add_to_queue($dn,$s_action,"usertabs","USERTABS","users");
1130 }
1131 }
1133 /* Add entries to queue */
1134 if($s_action == "copy_multiple" || $s_action == "cut_multiple"){
1136 /* Cleanup object queue */
1137 $this->CopyPasteHandler->cleanup_queue();
1139 /* Add new entries to CP queue */
1140 foreach($this->list_get_selected_items() as $id){
1141 $dn = $this->list[$id]['dn'];
1143 if($s_action == "copy_multiple" && $ui->is_copyable($dn,"users","user")){
1144 $this->CopyPasteHandler->add_to_queue($dn,"copy","usertabs","USERTABS","users");
1145 }
1146 if($s_action == "cut_multiple" && $ui->is_cutable($dn,"users","user")){
1147 $this->CopyPasteHandler->add_to_queue($dn,"cut","usertabs","USERTABS","users");
1148 }
1149 }
1150 }
1152 /* Start pasting entries */
1153 if($s_action == "editPaste"){
1154 $this->start_pasting_copied_objects = TRUE;
1155 }
1157 /* Return C&P dialog */
1158 if($this->start_pasting_copied_objects && $this->CopyPasteHandler->entries_queued()){
1160 /* Get dialog */
1161 $this->CopyPasteHandler->SetVar("base",$this->DivListUsers->selectedBase);
1162 $data = $this->CopyPasteHandler->execute();
1164 /* Set CPPasswordChange to s_entry which indicates that this entry requires a new password. */
1165 if(isset($_POST['passwordTodo']) && ($_POST['passwordTodo'] == "new")){
1166 $s_entry = $this->CopyPasteHandler->last_entry();
1167 $this->reload();
1168 foreach($this->list as $key => $entry){
1169 if($entry['dn'] == $s_entry){
1170 $this->CPPasswordChange = $key;
1171 }
1172 }
1173 }
1175 /* Return dialog data */
1176 if(!empty($data) && $this->CPPasswordChange == ""){
1177 return($data);
1178 }
1179 }
1181 /* Automatically disable status for pasting */
1182 if(!$this->CopyPasteHandler->entries_queued()){
1183 $this->start_pasting_copied_objects = FALSE;
1184 }
1185 return("");
1186 }
1189 function save_object()
1190 {
1191 /* Handle divlist filter && department selection*/
1192 if(!is_object($this->usertab)){
1193 $this->DivListUsers->save_object();
1194 }
1195 if(is_object($this->CopyPasteHandler)){
1196 $this->CopyPasteHandler->save_object();
1197 }
1198 }
1201 function list_get_selected_items()
1202 {
1203 $ids = array();
1204 foreach($_POST as $name => $value){
1205 if(preg_match("/^item_selected_[0-9]*$/",$name)){
1206 $id = preg_replace("/^item_selected_/","",$name);
1207 $ids[$id] = $id;
1208 }
1209 }
1210 return($ids);
1211 }
1214 /* A set of disabled and therefore overloaded functions. They are
1215 not needed in this class. */
1216 function remove_from_parent() { }
1217 function check() { }
1218 function save() { }
1219 function adapt_from_template($dn, $skip= array()) { }
1220 function password_change_needed() { }
1222 } /* ... class userManagement */
1223 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1224 ?>