gosa-core/plugins/personal/password/class_password.inc

   1 <?php
   2 /*
   3  * This code is part of GOsa (http://www.gosa-project.org)
   4  * Copyright (C) 2003-2008 GONICUS GmbH
   5  *
   6  * ID: $$Id$$
   7  *
   8  * This program is free software; you can redistribute it and/or modify
   9  * it under the terms of the GNU General Public License as published by
  10  * the Free Software Foundation; either version 2 of the License, or
  11  * (at your option) any later version.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  21  */
  22
  23 class password extends plugin
  24 {
  25     /* Definitions */
  26     var $plHeadline     = "Change password";
  27     var $plDescription  = "Change user password";
  28
  29     var $proposal = "";
  30     var $proposalEnabled = FALSE;
  31     var $proposalSelected = FALSE;
  32
  33     function password(&$config, $dn= NULL, $parent= NULL)
  34     {
  35         plugin::plugin($config, $dn, $parent);
  36
  37         // Try to generate a password proposal, if this is successfull
  38         //  then preselect the proposal usage.
  39         $this->refreshProposal();
  40         if($this->proposal != ""){
  41             $this->proposalSelected = TRUE;
  42         }
  43     }
  44
  45
  46     function refreshProposal()
  47     {
  48         $this->proposal = passwordMethod::getPasswordProposal($this->config);
  49         if($this->proposal != ""){
  50             $this->proposalEnabled  =TRUE;
  51         }
  52     }
  53
  54
  55     function execute()
  56     {
  57         plugin::execute();
  58         $smarty = get_smarty();
  59         $ui = get_userinfo();
  60
  61         /* Get acls */
  62         $password_ACLS = $ui->get_permissions($ui->dn,"users/password");
  63         $smarty->assign("ChangeACL" ,  $password_ACLS);
  64         $smarty->assign("NotAllowed" , !preg_match("/w/i",$password_ACLS));
  65
  66         /* Display expiration template */
  67         if ($this->config->get_cfg_value("core","handleExpiredAccounts") == "true"){
  68             $expired= ldap_expired_account($this->config, $ui->dn, $ui->username);
  69             if($expired == 4){
  70                 return($smarty->fetch(get_template_path("nochange.tpl", TRUE)));
  71             }
  72         }
  73
  74         // Refresh proposal if requested
  75         if(isset($_POST['refreshProposal'])) $this->refreshProposal();
  76         $smarty->assign("proposal" , $this->proposal);
  77         $smarty->assign("proposalEnabled" , $this->proposalEnabled);
  78         $smarty->assign("proposalSelected" , $this->proposalSelected);
  79
  80         if(isset($_POST['proposalSelected'])) $this->proposalSelected = get_post('proposalSelected') == 1;
  81
  82         /* Pwd change requested */
  83         if (isset($_POST['password_finish'])){
  84
  85             if($this->proposalSelected){
  86                 $current_password = get_post('current_password');
  87                 $new_password = $this->proposal;
  88                 $repeated_password = $this->proposal;
  89             }else{
  90                 $current_password = get_post('current_password');
  91                 $new_password = get_post('new_password');
  92                 $repeated_password = get_post('repeated_password');
  93             }
  94
  95
  96             /* Should we check different characters in new password */
  97             $check_differ = $this->config->get_cfg_value("core","passwordMinDiffer") != "";
  98             $differ       = $this->config->get_cfg_value("core","passwordMinDiffer");
  99
 100             /* Enable length check ? */
 101             $check_length = $this->config->get_cfg_value("core","passwordMinLength") != "";
 102             $length       = $this->config->get_cfg_value("core","passwordMinLength");
 103
 104             /* Call external password quality hook ?*/
 105             $check_hook   = $this->config->get_cfg_value("core","passwordHook") != "";
 106             $hook         = $this->config->get_cfg_value("core","passwordHook")." ".
 107                         $ui->username." ".$current_password." ".$new_password;
 108
 109             if($check_hook){
 110                 exec($hook,$resarr);
 111                 $check_hook_output = "";
 112                 if(count($resarr) > 0) {
 113                     $check_hook_output= join('\n', $resarr);
 114                 }
 115             }
 116
 117             /* Check given values */
 118             if(empty($current_password)){
 119                 msg_dialog::display(_("Password change"),
 120                         _("You need to specify your current password in order to proceed."),WARNING_DIALOG);
 121             }elseif ($new_password  != $repeated_password){
 122                 msg_dialog::display(_("Password change"),
 123                         _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."),WARNING_DIALOG);
 124             } elseif ($new_password == ""){
 125                 msg_dialog::display(_("Password change"),
 126                         _("The password you've entered as 'New password' is empty."),WARNING_DIALOG);
 127             }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){
 128                 msg_dialog::display(_("Password change"),
 129                         _("The password used as new and current are too similar."),WARNING_DIALOG);
 130             }elseif($check_length && (strlen($new_password) < $length)){
 131                 msg_dialog::display(_("Password change"),
 132                         _("The password used as new is to short."),WARNING_DIALOG);
 133             }elseif(!passwordMethod::is_harmless($new_password)){
 134                 msg_dialog::display(_("Password change"),
 135                         _("The password contains possibly problematic unicode characters!"),WARNING_DIALOG);
 136             }elseif($check_hook && $check_hook_output != ""){
 137                 msg_dialog::display(_("Password change"),
 138                         sprintf(_("External password changer reported a problem: %s."),$check_hook_output),WARNING_DIALOG);
 139             }else{
 140
 141                 /* Try to connect via current password */
 142                 $tldap = new LDAP(
 143                         $ui->dn,
 144                         $current_password,
 145                         $this->config->current['SERVER'],
 146                         $this->config->get_cfg_value("core","ldapFollowReferrals") == "true",
 147                         $this->config->get_cfg_value("core","ldapTLS") == "true");
 148
 149                 /* connection Successfull ? */
 150                 if (!$tldap->success()){
 151                     msg_dialog::display(_("Password change"),
 152                             _("The password you've entered as your current password doesn't match the real one."),WARNING_DIALOG);
 153                 }else{
 154
 155                     /* Check GOsa permissions */
 156                     if (!preg_match("/w/i",$password_ACLS)){
 157                         msg_dialog::display(_("Password change"),
 158                                 _("You have no permission to change your password."),WARNING_DIALOG);
 159                     }else{
 160                         $this->change_password($ui->dn, $new_password);
 161                         gosa_log ("User/password has been changed");
 162                         $ui->password= $new_password;
 163                         session::set('ui',$ui);
 164 #$this->handle_post_events("modify",array("userPassword" => $new_password));
 165                         return($smarty->fetch(get_template_path("changed.tpl", TRUE)));
 166                     }
 167                 }
 168             }
 169         }
 170         return($smarty->fetch(get_template_path("password.tpl", TRUE)));
 171     }
 172
 173     function change_password($dn, $pwd)
 174     {
 175         change_password ($dn, $pwd);
 176     }
 177
 178     function remove_from_parent()
 179     {
 180         $this->handle_post_events("remove");
 181     }
 182
 183     function save()
 184     {
 185     }
 186
 187     static function plInfo()
 188     {
 189         return (array(
 190                     "plDescription"     => _("User password"),
 191                     "plSelfModify"      => TRUE,
 192                     "plDepends"         => array("user"),
 193                     "plPriority"        => 10,
 194                     "plSection"     => array("personal" => _("My account")),
 195                     "plCategory"    => array("users"),
 196                     "plOptions"         => array(),
 197
 198                     "plProvidedAcls"  => array())
 199                );
 200     }
 201
 202 }
 203 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
 204 ?>