diff --git a/gosa-core/include/password-methods/class_password-methods.inc b/gosa-core/include/password-methods/class_password-methods.inc
index b2d0ac6fdf288bb59a8b3799ff564885345b9ba4..cde47c38ee56f835040f0626c086058172ea29f1 100644 (file)
{
var $config = false;
var $attrs= array();
+ var $display = FALSE;
var $hash= "";
+ var $lockable = TRUE;
// Konstructor
function passwordMethod($config)
{
}
+ function create_template_hash($attrs)
+ {
+ if($this->get_hash_name() == ""){
+ return("{crypt}N0T$3T4N0W");
+ }else{
+ return('{'.$this->get_hash().'}').'N0T$3T4N0W';
+ }
+ }
function get_hash_name()
{
}
- // Loads Methods in annother way as get_available_methods do, (For setup ..)
- // and loads them,.
- #FIXME: This stopped working after moving around pw-methods
- function get_available_methods_if_not_loaded($path_to_load="../include")
+ function is_locked($config,$dn = "")
+ {
+ if(!$this->lockable) return FALSE;
+
+ /* Get current password hash */
+ $pwd ="";
+ if(!empty($dn)){
+ $ldap = $config->get_ldap_link();
+ $ldap->cd($config->current['BASE']);
+ $ldap->cat($dn);
+ $attrs = $ldap->fetch();
+ if(isset($attrs['userPassword'][0])){
+ $pwd = $attrs['userPassword'][0];
+ }
+ }elseif(isset($this->attrs['userPassword'][0])){
+ $pwd = $this->attrs['userPassword'][0];
+ }
+ return(preg_match("/^[^\}]*+\}!/",$pwd));
+ }
+
+
+ function lock_account($config,$dn = "")
{
- $oh = opendir($path_to_load);
- $i = 0;
- $ret = false;
- while ($file = readdir($oh)) {
- $one = strtolower($file);
- if((strstr($one,"class_password-methods-" ))&&($one[0]!=".")){
- require_once($file);
+ if(!$this->lockable) return FALSE;
+
+ /* Get current password hash */
+ $pwd ="";
+ $ldap = $config->get_ldap_link();
+ $ldap->cd($config->current['BASE']);
+ if(!empty($dn)){
+ $ldap->cat($dn);
+ $attrs = $ldap->fetch();
+ if(isset($attrs['userPassword'][0])){
+ $pwd = $attrs['userPassword'][0];
}
+ }elseif(isset($this->attrs['userPassword'][0])){
+ $pwd = $this->attrs['userPassword'][0];
+ $dn = $this->attrs['dn'];
+ }
+
+ /* We can only lock/unlock non-empty passwords */
+ if(!empty($pwd)){
+
+ /* Check if this entry is already locked. */
+ if(preg_match("/^[^\}]*+\}!/",$pwd)){
+ return(TRUE);
+ }
+
+ /* Lock entry */
+ $pwd = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$pwd);
+ $ldap->cd($dn);
+ $ldap->modify(array("userPassword" => $pwd));
+ return($ldap->success());
}
- return(passwordMethod::get_available_methods());
+ return(FALSE);
+ }
+
+
+ function unlock_account($config,$dn = "")
+ {
+ if(!$this->lockable) return FALSE;
+
+ /* Get current password hash */
+ $pwd ="";
+ $ldap = $config->get_ldap_link();
+ $ldap->cd($config->current['BASE']);
+ if(!empty($dn)){
+ $ldap->cat($dn);
+ $attrs = $ldap->fetch();
+ if(isset($attrs['userPassword'][0])){
+ $pwd = $attrs['userPassword'][0];
+ }
+ }elseif(isset($this->attrs['userPassword'][0])){
+ $pwd = $this->attrs['userPassword'][0];
+ $dn = $this->attrs['dn'];
+ }
+
+ /* We can only lock/unlock non-empty passwords */
+ if(!empty($pwd)){
+
+ /* Check if this entry is already locked. */
+ if(!preg_match("/^[^\}]*+\}!/",$pwd)){
+ return (TRUE);
+ }
+
+ /* Lock entry */
+ $pwd = preg_replace("/(^[^\}]+\})!(.*$)/","\\1\\2",$pwd);
+ $ldap->cd($dn);
+ $ldap->modify(array("userPassword" => $pwd));
+ return($ldap->success());
+ }
+ return(FALSE);
}
global $class_mapping, $config;
$ret =false;
$i =0;
- foreach($class_mapping as $class => $path) {
- if(preg_match('/passwordMethod/i', $class) && !preg_match("/^passwordMethod$/i", $class)){
- $name = preg_replace ("/passwordMethod/i", "", $class);
- $test = new $class($config, "");
- if($test->is_available()) {
- $plugs= $test->get_hash_name();
- if (!is_array($plugs)){
- $plugs= array($plugs);
- }
- foreach ($plugs as $plugname){
- $ret['name'][$i]= $plugname;
- $ret['class'][$i]=$class;
- $ret[$i]['name']= $plugname;
- $ret[$i]['class']= $class;
- $ret[$plugname]=$class;
- $i++;
+ /* Only */
+ if(!session::is_set("passwordMethod::get_available_methods")){
+ foreach($class_mapping as $class => $path) {
+ if(preg_match('/passwordMethod/i', $class) && !preg_match("/^passwordMethod$/i", $class)){
+ $name = preg_replace ("/passwordMethod/i", "", $class);
+ $test = new $class($config, "");
+ if($test->is_available()) {
+ $plugs= $test->get_hash_name();
+ if (!is_array($plugs)){
+ $plugs= array($plugs);
+ }
+
+ foreach ($plugs as $plugname){
+
+ $cfg = $test->is_configurable();
+
+ $ret['name'][$i]= $plugname;
+ $ret['class'][$i]=$class;
+ $ret['is_configurable'][$i]= $cfg;
+ $ret['object'][$i]= $test;
+ $ret['desc'][$i] = $test->get_description();
+ $ret[$i]['name'] = $plugname;
+ $ret[$i]['class'] = $class;
+ $ret[$i]['object']= $test;
+ $ret[$i]['is_configurable']= $cfg;
+ $ret[$i]['desc'] = $test->get_description();
+ $ret[$plugname]=$class;
+ $i++;
+ }
}
}
}
+ session::set("passwordMethod::get_available_methods",$ret);
}
-
- return($ret);
+ return(session::get("passwordMethod::get_available_methods"));
}
+ function get_description()
+ {
+ return("");
+ }
+
+
// Method to let password backends remove additional information besides
// the userPassword attribute
function remove_from_parent()
// besides the userAttribute entry
function set_password($password)
{
+ return(TRUE);
}
// Try to find out if it's our hash...
- static function get_method($password_hash)
+ static function get_method($password_hash,$dn = "")
{
global $config;
foreach ($methods['class'] as $class){
- $test = new $class($config);
+ $test = new $class($config,$dn);
+# All listed methods are available.
+# if(!$test->is_available())continue;
$method= $test->_extract_method($password_hash);
if ($method != ""){
$test->set_hash($method);
return $this->hash;
}
+ function adapt_from_template($dn)
+ {
+ return($this);
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>