gosa-core/plugins/personal/password/class_password.inc

   1 <?php
   2 /*
   3  * This code is part of GOsa (http://www.gosa-project.org)
   4  * Copyright (C) 2003-2008 GONICUS GmbH
   5  *
   6  * ID: $$Id$$
   7  *
   8  * This program is free software; you can redistribute it and/or modify
   9  * it under the terms of the GNU General Public License as published by
  10  * the Free Software Foundation; either version 2 of the License, or
  11  * (at your option) any later version.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  21  */
  22
  23 class password extends plugin
  24 {
  25     /* Definitions */
  26     var $plHeadline     = "Change password";
  27     var $plDescription  = "Change user password";
  28
  29     var $proposal = "";
  30     var $proposalEnabled = FALSE;
  31     var $proposalSelected = FALSE;
  32
  33     function password(&$config, $dn= NULL, $parent= NULL)
  34     {
  35         plugin::plugin($config, $dn, $parent);
  36
  37         // Try to generate a password proposal, if this is successfull
  38         //  then preselect the proposal usage.
  39         $this->refreshProposal();
  40         if($this->proposal != ""){
  41             $this->proposalSelected = TRUE;
  42         }
  43     }
  44
  45
  46     function refreshProposal()
  47     {
  48         $this->proposal = passwordMethod::getPasswordProposal($this->config);
  49         $this->proposalEnabled = (!empty($this->proposal));
  50     }
  51
  52
  53     function execute()
  54     {
  55         plugin::execute();
  56         $smarty = get_smarty();
  57         $ui = get_userinfo();
  58
  59         /* Get acls */
  60         $password_ACLS = $ui->get_permissions($ui->dn,"users/password");
  61         $smarty->assign("ChangeACL" ,  $password_ACLS);
  62         $smarty->assign("NotAllowed" , !preg_match("/w/i",$password_ACLS));
  63
  64         /* Display expiration template */
  65         if ($this->config->get_cfg_value("core","handleExpiredAccounts") == "true"){
  66             $expired= ldap_expired_account($this->config, $ui->dn, $ui->username);
  67             if($expired == 4){
  68                 return($smarty->fetch(get_template_path("nochange.tpl", TRUE)));
  69             }
  70         }
  71
  72         // Refresh proposal if requested
  73         if(isset($_POST['refreshProposal'])) $this->refreshProposal();
  74         $smarty->assign("proposal" , $this->proposal);
  75         $smarty->assign("proposalEnabled" , $this->proposalEnabled);
  76         $smarty->assign("proposalSelected" , $this->proposalSelected);
  77
  78         if(isset($_POST['proposalSelected'])) $this->proposalSelected = get_post('proposalSelected') == 1;
  79
  80         /* Pwd change requested */
  81         if (isset($_POST['password_finish'])){
  82
  83             if($this->proposalSelected){
  84                 $current_password = get_post('current_password');
  85                 $new_password = $this->proposal;
  86                 $repeated_password = $this->proposal;
  87             }else{
  88                 $current_password = get_post('current_password');
  89                 $new_password = get_post('new_password');
  90                 $repeated_password = get_post('repeated_password');
  91             }
  92
  93
  94             /* Should we check different characters in new password */
  95             $check_differ = $this->config->get_cfg_value("core","passwordMinDiffer") != "";
  96             $differ       = $this->config->get_cfg_value("core","passwordMinDiffer");
  97
  98             /* Enable length check ? */
  99             $check_length = $this->config->get_cfg_value("core","passwordMinLength") != "";
 100             $length       = $this->config->get_cfg_value("core","passwordMinLength");
 101
 102             /* Call external password quality hook ?*/
 103             $check_hook   = $this->config->get_cfg_value("core","passwordHook") != "";
 104             $hook         = $this->config->get_cfg_value("core","passwordHook")." ".
 105                         $ui->username." ".$current_password." ".$new_password;
 106
 107             if($check_hook){
 108                 exec($hook,$resarr);
 109                 $check_hook_output = "";
 110                 if(count($resarr) > 0) {
 111                     $check_hook_output= join('\n', $resarr);
 112                 }
 113             }
 114
 115             /* Check given values */
 116             if(empty($current_password)){
 117                 msg_dialog::display(_("Password change"),
 118                         _("You need to specify your current password in order to proceed."),WARNING_DIALOG);
 119             }elseif ($new_password  != $repeated_password){
 120                 msg_dialog::display(_("Password change"),
 121                         _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."),WARNING_DIALOG);
 122             } elseif ($new_password == ""){
 123                 msg_dialog::display(_("Password change"),
 124                         _("The password you've entered as 'New password' is empty."),WARNING_DIALOG);
 125             }elseif($check_differ && (substr($current_password, 0, $differ) == substr($new_password, 0, $differ))){
 126                 msg_dialog::display(_("Password change"),
 127                         _("The password used as new and current are too similar."),WARNING_DIALOG);
 128             }elseif($check_length && (strlen($new_password) < $length)){
 129                 msg_dialog::display(_("Password change"),
 130                         _("The password used as new is to short."),WARNING_DIALOG);
 131             }elseif(!passwordMethod::is_harmless($new_password)){
 132                 msg_dialog::display(_("Password change"),
 133                         _("The password contains possibly problematic unicode characters!"),WARNING_DIALOG);
 134             }elseif($check_hook && $check_hook_output != ""){
 135                 msg_dialog::display(_("Password change"),
 136                         sprintf(_("External password changer reported a problem: %s."),$check_hook_output),WARNING_DIALOG);
 137             }else{
 138
 139                 /* Try to connect via current password */
 140                 $tldap = new LDAP(
 141                         $ui->dn,
 142                         $current_password,
 143                         $this->config->current['SERVER'],
 144                         $this->config->get_cfg_value("core","ldapFollowReferrals") == "true",
 145                         $this->config->get_cfg_value("core","ldapTLS") == "true");
 146
 147                 /* connection Successfull ? */
 148                 if (!$tldap->success()){
 149                     msg_dialog::display(_("Password change"),
 150                             _("The password you've entered as your current password doesn't match the real one."),WARNING_DIALOG);
 151                 }else{
 152
 153                     /* Check GOsa permissions */
 154                     if (!preg_match("/w/i",$password_ACLS)){
 155                         msg_dialog::display(_("Password change"),
 156                                 _("You have no permission to change your password."),WARNING_DIALOG);
 157                     }else{
 158                         $this->change_password($ui->dn, $new_password);
 159                         gosa_log ("User/password has been changed");
 160                         $ui->password= $new_password;
 161                         session::set('ui',$ui);
 162 #$this->handle_post_events("modify",array("userPassword" => $new_password));
 163                         return($smarty->fetch(get_template_path("changed.tpl", TRUE)));
 164                     }
 165                 }
 166             }
 167         }
 168         return($smarty->fetch(get_template_path("password.tpl", TRUE)));
 169     }
 170
 171     function change_password($dn, $pwd)
 172     {
 173         change_password ($dn, $pwd);
 174     }
 175
 176     function remove_from_parent()
 177     {
 178         $this->handle_post_events("remove");
 179     }
 180
 181     function save()
 182     {
 183     }
 184
 185     static function plInfo()
 186     {
 187         return (array(
 188                     "plDescription"     => _("User password"),
 189                     "plSelfModify"      => TRUE,
 190                     "plDepends"         => array("user"),
 191                     "plPriority"        => 10,
 192                     "plSection"     => array("personal" => _("My account")),
 193                     "plCategory"    => array("users"),
 194                     "plOptions"         => array(),
 195
 196                     "plProvidedAcls"  => array())
 197                );
 198     }
 199
 200 }
 201 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
 202 ?>