config= $config; $this->ui= $ui; /* Get global filter config */ if (!isset($_SESSION["userfilter"])){ $base= get_base_from_people($ui->dn); $userfilter= array( "mailusers" => "checked", "unixusers" => "checked", "templates" => "", "subsearch" => "", "proxyusers" => "checked", "sambausers" => "checked", "faxusers" => "checked", "functionalusers" => "checked", "depselect" => $base, "regex" => "*"); $_SESSION["userfilter"] = $userfilter; } } function execute() { /* Call parent execute */ plugin::execute(); $smarty = get_smarty(); // Smarty instance $userfilter = get_global("userfilter"); // contains Filter Settings $s_action = ""; // Contains the action to proceed $s_entry = ""; // The value for s_action $base_back = ""; // The Link for Backbutton /* Start for New List Managment */ if(isset($_GET['act'])&&($_GET['act']=="dep_open")){ $s_action="open"; $s_entry = base64_decode($_GET['dep_id']); $userfilter['depselect']= "".$this->config->departments[trim($s_entry)]; } /* Test Posts */ foreach($_POST as $key => $val){ // Post for delete if(preg_match("/user_del.*/",$key)){ $s_action = "del"; $s_entry = preg_replace("/user_".$s_action."_/i","",$key); // Post for edit }elseif(preg_match("/user_edit_.*/",$key)){ $s_action="edit"; $s_entry = preg_replace("/user_".$s_action."_/i","",$key); // Post for new }elseif(preg_match("/dep_back.*/i",$key)){ $s_action="back"; }elseif(preg_match("/user_new.*/",$key)){ $s_action="new"; }elseif(preg_match("/dep_home.*/i",$key)){ $s_action="home"; }elseif(preg_match("/user_tplnew.*/i",$key)){ $s_action="new_tpl"; }elseif(preg_match("/user_chgpw.*/i",$key)){ $s_action="change_pw"; $s_entry = preg_replace("/user_chgpw_/i","",$key); }elseif(preg_match("/dep_root.*/i",$key)){ $s_action="root"; }elseif(preg_match("/userfrom_tpl.*/i",$key)){ $s_action="create_user_from_tpl"; $s_entry = preg_replace("/userfrom_tpl_/i","",$key); } } if((isset($_GET['act']))&&($_GET['act']=="edit_entry")){ $s_action = "edit"; $s_entry = $_GET['id']; } $s_entry = preg_replace("/_.$/","",$s_entry); if(preg_match("/.*-.*/",$s_entry)){ $s_tab = preg_replace("/^.*-/i","",$s_entry); $s_entry = preg_replace("/-.*$/i","",$s_entry); }else{ $s_tab = "user"; }; /* Department changed? */ if(isset($_POST['depselect']) && $_POST['depselect']){ $userfilter['depselect']= $_POST['depselect']; } /* Homebutton is posted */ if($s_action=="home"){ $userfilter['depselect']=(preg_replace("/^[^,]+,/","",$this->ui->dn)); $userfilter['depselect']=(preg_replace("/^[^,]+,/","",$userfilter['depselect'])); } if($s_action=="root"){ $userfilter['depselect']=($this->config->current['BASE']); } /* If Backbutton is Posted */ if($s_action=="back"){ $base_back = preg_replace("/^[^,]+,/","",$userfilter['depselect']); $base_back = convert_department_dn($base_back); if(isset($this->config->departments[trim($base_back)])){ $userfilter['depselect']= $this->config->departments[trim($base_back)]; }else{ $userfilter['depselect']= $this->config->departments["/"]; } } /* End for new List Managment */ /* Save filter data if we are in the headpage */ if (!isset($this->usertab)){ if (isset($_POST['regexit'])){ $userfilter["regex"]= $_POST['regexit']; } } if(isset($_POST['regexit'])){ foreach( array("functionalusers", "unixusers", "mailusers","sambausers", "proxyusers", "faxusers", "templates", "subsearch") as $type){ if (isset($_POST[$type])) { $userfilter[$type]= "checked"; } else { $userfilter[$type]= ""; } } } if (isset($_GET['search'])){ $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*"; if ($s == "**"){ $s= "*"; } $userfilter['regex']= $s; } register_global("userfilter", $userfilter); /* React on user interaction here */ if (($_SERVER["REQUEST_METHOD"] == "POST")||($_SERVER["REQUEST_METHOD"]== "GET")){ /* User wants to edit data? */ if ($s_action=="edit"){ /* Get 'dn' from posted 'uid', must be unique */ $this->dn= $this->list[trim($s_entry)]['dn']; /* Check locking, save current plugin in 'back_plugin', so the dialog knows where to return. */ if (($user= get_lock($this->dn)) != ""){ return(gen_locked_message ($user, $this->dn)); } /* Lock the current entry, so everyone will get the above dialog */ add_lock ($this->dn, $this->ui->dn); /* Set up the users ACL's for this 'dn' */ $acl= get_permissions ($this->dn, $this->ui->subtreeACL); /* Register usertab to trigger edit dialog */ $this->usertab= new usertabs($this->config, $this->config->data['TABS']['USERTABS'], $this->dn); // $_POST[$s_tab]=$s_tab; // This would be better $this->usertab->current = $s_tab; $this->usertab->set_acl($acl); $_SESSION['objectinfo']= $this->dn; } } /* Reset requested? */ if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){ if (isset($this->usertab)){ del_lock ($this->usertab->dn); unset ($this->usertab); } $this->usertab= NULL; $this->lognames= array();; $this->sn= ""; $this->givenName= ""; $this->uid= ""; unset ($_SESSION['objectinfo']); } /* Password change requested */ if ($s_action=="change_pw"){ /* Get 'dn' from posted 'uid' */ $this->dn= $this->list[trim($s_entry)]['dn']; /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ $acl= get_permissions ($this->dn, $this->ui->subtreeACL); $acl= get_module_permission($acl, "user", $this->dn); if (chkacl($acl, "password") == ""){ /* User is allowed to change passwords, save 'dn' and 'acl' for next dialog. */ $this->acl= $acl; $_SESSION['objectinfo']= $this->dn; return ($smarty->fetch(get_template_path('password.tpl', TRUE))); } else { /* User is not allowed. Show message and cancel. */ print_red (_("You are not allowed to set this users password!")); } } /* Perform password change */ if (isset($_POST['password_finish'])){ /* For security reasons, check if user is allowed to set password again */ if (chkacl($this->acl, "password") == "" || chkacl($this->acl, "create")){ /* Check input and feed errors into 'message' */ $message= array(); /* Sanity checks... */ if ($_POST['new_password'] != $_POST['repeated_password']){ /* Matching passwords in new and repeated? */ $message[]= _("The passwords you've entered as 'New password' and 'Repeated new password' do not match."); } else { /* Empty password is not permitted by default. */ if ($_POST['new_password'] == ""){ $message[]= _("The password you've entered as 'New password' is empty."); } } /* Errors, or change password? */ if (count($message) != 0){ /* Show error message and continue editing */ show_errors ($message); return($smarty->fetch(get_template_path('password.tpl', TRUE))); } $config= $this->config; $ldap_ui= $this->config->get_ldap_link(); if(isset($this->usertab->dn)){ $user = ($ldap_ui->fetch($ldap_ui->cat($this->usertab->dn))); }else{ $user = ($ldap_ui->fetch($ldap_ui->cat($this->dn))); } if((is_array($user))&&(isset($user['uid']))){ $username= $user['uid'][0]; } /* Set password, perform required steps */ if ($this->usertab){ if ($this->usertab->password_change_needed()){ $obj= $this->usertab->by_object['user']; change_password ($this->usertab->dn, $_POST['new_password'], 0, $obj->pw_storage); if (isset($config->data['MAIN']['EXTERNALPWDHOOK'])){ exec($config->data['MAIN']['EXTERNALPWDHOOK']." ".$username." ".$_POST['new_password'], $resarr); } gosa_log ("Password for '".$this->usertab->dn."' has been changed"); unset($this->usertab); $this->usertab= NULL; } } else { change_password ($this->dn, $_POST['new_password']); if (isset($config->data['MAIN']['EXTERNALPWDHOOK'])){ exec($config->data['MAIN']['EXTERNALPWDHOOK']." ".$username." ".$_POST['new_password'], $resarr); } gosa_log ("Password for '".$this->dn."' has been changed"); } } else { /* Missing permissions, show message */ print_red (_("You are not allowed to set this users password!")); } /* Clean session, delete lock */ del_lock ($this->dn); $this->reload(); unset ($this->usertab); $this->usertab= NULL; $this->lognames= array();; $this->sn= ""; $this->givenName= ""; $this->uid= ""; unset ($_SESSION['objectinfo']); } /* Remove user was requested */ if ($s_action=="del"){ /* Get 'dn' from posted 'uid' */ $this->dn= $this->list[trim($s_entry)]['dn']; /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ $acl= get_permissions ($this->dn, $this->ui->subtreeACL); $this->acl= get_module_permission($acl, "user", $this->dn); if (chkacl($this->acl, "delete") == ""){ /* Check locking, save current plugin in 'back_plugin', so the dialog knows where to return. */ if (($user= get_lock($this->dn)) != ""){ return(gen_locked_message ($user, $this->dn)); } /* Lock the current entry, so nobody will edit it during deletion */ add_lock ($this->dn, $this->ui->dn); $smarty->assign("info", sprintf(_("You're about to delete the user %s."), $this->dn)); return($smarty->fetch(get_template_path('remove.tpl', TRUE))); } else { /* Obviously the user isn't allowed to delete. Show message and clean session. */ print_red (_("You are not allowed to delete this user!")); } } /* Confirmation for deletion has been passed. User should be deleted. */ if (isset($_POST['delete_user_confirm'])){ /* Some nice guy may send this as POST, so we've to check for the permissions again. */ if (chkacl($this->acl, "delete") == ""){ /* Delete request is permitted, perform LDAP action */ $this->usertab= new usertabs($this->config, $this->config->data['TABS']['USERTABS'], $this->dn); $this->usertab->set_acl(array($this->acl)); $this->usertab->delete (); gosa_log ("User object '".$this->dn."' has been removed"); unset ($this->usertab); $this->usertab= NULL; /* User list has changed, reload it. */ $this->reload (); } else { /* Normally this shouldn't be reached, send some extra logs to notify the administrator */ print_red (_("You are not allowed to delete this user!")); if(isset($this->ui->uid)){ gosa_log ("Warning: '".$this->ui->uid."' tried to trick user deletion."); } } /* Remove lock file after successfull deletion */ del_lock ($this->dn); } /* Delete user canceled? */ if (isset($_POST['delete_cancel'])){ del_lock ($this->dn); } /* Finish user edit is triggered by the tabulator dialog, so the user wants to save edited data. Check and save at this point. */ if (isset($_POST['edit_finish'])){ /* Check tabs, will feed message array */ $this->usertab->last= $this->usertab->current; $this->usertab->save_object(); $message= $this->usertab->check(); /* Save, or display error message? */ if (count($message) == 0){ /* No errors. Go ahead and prepare to ask for a password in case we're creating a new user. 'dn' will be 'new' in this case. It is set to the correct value later. */ if ($this->dn == "new"){ $set_pass= 1; } else { $set_pass= 0; } /* Save user data to ldap */ if($this->usertab->save() == 1){ gosa_log ("User object '".$this->dn."' saving failed."); return; } gosa_log ("User object '".$this->dn."' has been saved"); /* User has been saved successfully, remove lock from LDAP. */ if ($this->dn != "new"){ del_lock ($this->dn); } /* In case of new users, ask for a password */ if (($set_pass || $this->usertab->password_change_needed()) && !$this->is_template){ return($smarty->fetch(get_template_path('password.tpl', TRUE))); } /* There's no page reload so we have to read new users at this point. */ $this->reload (); unset ($this->usertab); $this->usertab= NULL; unset ($_SESSION['objectinfo']); } else { /* Ok. There seem to be errors regarding to the tab data, show message and continue as usual. */ show_errors($message); } } /* Generate template list */ if (($s_action=="new")||($s_action=="create_user_from_tpl")){ $this->templates= array(); $ldap= $this->config->get_ldap_link(); /* Create list of tempaltes */ foreach ($this->config->departments as $key => $value){ /* Get acls from different ou's */ $acl= get_permissions (get_people_ou().$value, $this->ui->subtreeACL); $acl= get_module_permission($acl, "user", get_people_ou().$value); /* If creation of a new user is allowed, append this template */ if (chkacl($acl, "create") == ""){ /* Search all templates from the current dn */ $ldap->cd (get_people_ou().$value); $ldap->search ("(objectClass=gosaUserTemplate)", array("uid")); /* Append */ if ($ldap->count() != 0){ while ($attrs= $ldap->fetch()){ $this->templates[$ldap->getDN()]= $attrs['uid'][0]." - $key"; } $this->templates['none']= _("none"); } } } /* Sort templates */ natcasesort ($this->templates); reset ($this->templates); } /* New user/template request */ if (($s_action=="create_user_from_tpl")||($s_action=="new") || ($s_action=="new_tpl")){ /* By default we set 'dn' to 'new', all relevant plugins will react on this. */ $this->dn= "new"; if (isset($this->config->current['IDGEN'])){ $this->got_uid= false; } else { $this->got_uid= true; } /* Create new usertab object */ $this->usertab= new usertabs($this->config, $this->config->data['TABS']['USERTABS'], $this->dn); $this->usertab->set_acl(array(':all')); $this->usertab->by_object['user']->base= $userfilter['depselect']; /* Take care about templates */ if ($s_action=="new_tpl"){ $this->is_template= TRUE; $this->usertab->set_template_mode (); } else { $this->is_template= FALSE; } /* Use template if there are any of them */ if ((count($this->templates) && ($s_action!='new_tpl'))||($s_action=="create_user_from_tpl")){ foreach(array("sn", "givenName", "uid", "got_uid", "templates") as $attr){ $smarty->assign("$attr", $this->$attr); } if ($s_action=="create_user_from_tpl"){ $smarty->assign("template", $this->dn= $this->list[trim($s_entry)]['dn']); } else { $smarty->assign("template", "none"); } $smarty->assign("edit_uid", ""); return($smarty->fetch(get_template_path('template.tpl', TRUE))); } } /* Continue template editing */ if ((isset($_POST['template_continue']) && $_POST['template'] != 'none' && !isset($_POST['uid']))){ $this->sn= $_POST['sn']; $this->givenName= $_POST['givenName']; /* Check for requred values */ $message= array(); if ($this->sn == "") { $message[]= _("The required field 'Name' is not set."); } if ($this->givenName == "") { $message[]= _("The required field 'Given name' is not set."); } /* Check if dn is used */ $dn= preg_replace("/^[^,]+,/i", "", $_POST['template']); $ldap= $this->config->get_ldap_link(); $ldap->cd ($dn); $ldap->search ("(&(sn=".$this->sn.")(givenName=".$this->givenName."))", array("givenName")); if ($ldap->count () != 0){ $message[]= _("A person with the choosen name is already used in this tree."); } /* Show error message / continue editing */ if (count($message) > 0){ show_errors ($message); } else { $attributes= array('sn' => $this->sn, 'givenName' => $this->givenName); if (isset($this->config->current['IDGEN']) && $this->config->current['IDGEN'] != ""){ $uids= gen_uids ($this->config->current['IDGEN'], $attributes); if (count($uids)){ $smarty->assign("edit_uid", "false"); $smarty->assign("uids", $uids); $this->uid= current($uids); } } else { $smarty->assign("edit_uid", ""); $this->uid= ""; } $this->got_uid= true; } foreach(array("sn", "givenName", "uid", "got_uid", "templates") as $attr){ $smarty->assign("$attr", $this->$attr); } if (isset($_POST['template'])){ $smarty->assign("template", $_POST['template']); } return($smarty->fetch(get_template_path('template.tpl', TRUE))); } /* No template. Ok. Lets fill data into the normal user dialog */ if (isset($_POST['template_continue']) && $_POST['template'] == 'none'){ foreach(array("sn", "givenName", "uid") as $attr){ if (isset($_POST[$attr])){ $this->usertab->by_object['user']->$attr= $_POST[$attr]; } } } /* Finish template preamble */ if (isset($_POST['template_continue']) && $_POST['template'] != 'none' && (isset($_POST['uid']))){ /* Might not be filled if IDGEN is unset */ $this->sn = $_POST['sn']; $this->givenName = $_POST['givenName']; /* Move user supplied data to sub plugins */ $this->uid = $_POST['uid']; $this->usertab->uid = $this->uid; $this->usertab->sn = $this->sn; $this->usertab->givenName = $this->givenName; $template_dn = $_POST['template']; $this->usertab->adapt_from_template($template_dn); $template_base = preg_replace("/^[^,]+,".get_people_ou()."/", '', $template_dn); $this->usertab->by_object['user']->base= $template_base; /* Set up the users ACL's for this 'dn' */ $acl= get_permissions ($template_base, $this->ui->subtreeACL); $this->usertab->set_acl($acl); } if (isset($_POST['template_continue']) && ($_POST['template'] == 'none')){ $this->usertab->by_object['user']->base= $userfilter['depselect']; } /* Show tab dialog if object is present */ if ($this->usertab){ $display= $this->usertab->execute(); /* Don't show buttons if tab dialog requests this */ if (!$this->usertab->by_object[$this->usertab->current]->dialog){ $display.= "
\n"; $display.= "\n"; $display.= " \n"; $display.= "\n"; $display.= "
"; } return ($display); } $smarty= get_smarty(); /* Check sorting variable */ if (!isset($this->usertab) && !isset($_POST['new_user']) && !isset($_POST['new_template']) && !isset($_POST['delete_user']) && !isset($_POST['setpass_user']) && !isset($_POST['select_user'])){ $this->reload(); } /* Check for exeeded sizelimit */ if (($message= check_sizelimit()) != ""){ return($message); } /* Prepare departments */ $options= ""; foreach ($this->config->idepartments as $key => $value){ if ($userfilter['depselect'] == $key){ $options.= ""; } else { $options.= ""; } } /* NEW LIST MANAGMENT */ $listhead = "