[tokkee]

tokkee.org

Code

projects / gosa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Added rendering for action menu
[gosa.git] / gosa-core / include / password-methods / class_password-methods.inc
diff --git a/gosa-core/include/password-methods/class_password-methods.inc b/gosa-core/include/password-methods/class_password-methods.inc
index d0495b09f85264865e585e8d746d9371be9862ac..cde47c38ee56f835040f0626c086058172ea29f1 100644 (file)
--- a/gosa-core/include/password-methods/class_password-methods.inc
+++ b/gosa-core/include/password-methods/class_password-methods.inc
@@ -24,19 +24,124 @@ class passwordMethod
 {
   var $config = false;
   var $attrs= array();
+  var $display = FALSE;
   var $hash= "";
+  var $lockable = TRUE;
 
   // Konstructor
   function passwordMethod($config)
   {
   }
 
+  function create_template_hash($attrs)
+  {
+    if($this->get_hash_name() == ""){
+      return("{crypt}N0T$3T4N0W");
+    }else{
+      return('{'.$this->get_hash().'}').'N0T$3T4N0W';
+    }
+  }
 
   function get_hash_name()
   {
   }
 
 
+  function is_locked($config,$dn = "")
+  {
+    if(!$this->lockable) return FALSE;
+
+    /* Get current password hash */
+    $pwd ="";
+    if(!empty($dn)){
+      $ldap = $config->get_ldap_link();
+      $ldap->cd($config->current['BASE']);
+      $ldap->cat($dn);
+      $attrs = $ldap->fetch();
+      if(isset($attrs['userPassword'][0])){
+        $pwd = $attrs['userPassword'][0];
+      }
+    }elseif(isset($this->attrs['userPassword'][0])){
+      $pwd = $this->attrs['userPassword'][0];
+    }
+    return(preg_match("/^[^\}]*+\}!/",$pwd));
+  }
+
+
+  function lock_account($config,$dn = "")
+  {
+    if(!$this->lockable) return FALSE;
+
+    /* Get current password hash */
+    $pwd ="";
+    $ldap = $config->get_ldap_link();
+    $ldap->cd($config->current['BASE']);
+    if(!empty($dn)){
+      $ldap->cat($dn);
+      $attrs = $ldap->fetch();
+      if(isset($attrs['userPassword'][0])){
+        $pwd = $attrs['userPassword'][0];
+      }
+    }elseif(isset($this->attrs['userPassword'][0])){
+      $pwd = $this->attrs['userPassword'][0];
+      $dn = $this->attrs['dn'];
+    }
+
+    /* We can only lock/unlock non-empty passwords */
+    if(!empty($pwd)){
+
+      /* Check if this entry is already locked. */
+      if(preg_match("/^[^\}]*+\}!/",$pwd)){
+        return(TRUE);
+      }     
+      
+      /* Lock entry */
+      $pwd = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$pwd);
+      $ldap->cd($dn);
+      $ldap->modify(array("userPassword" => $pwd));
+      return($ldap->success());
+    }
+    return(FALSE);
+  }
+
+
+  function unlock_account($config,$dn = "")
+  {
+    if(!$this->lockable) return FALSE;
+
+    /* Get current password hash */
+    $pwd ="";
+    $ldap = $config->get_ldap_link();
+    $ldap->cd($config->current['BASE']);
+    if(!empty($dn)){
+      $ldap->cat($dn);
+      $attrs = $ldap->fetch();
+      if(isset($attrs['userPassword'][0])){
+        $pwd = $attrs['userPassword'][0];
+      }
+    }elseif(isset($this->attrs['userPassword'][0])){
+      $pwd = $this->attrs['userPassword'][0];
+      $dn = $this->attrs['dn'];
+    }
+
+    /* We can only lock/unlock non-empty passwords */
+    if(!empty($pwd)){
+
+      /* Check if this entry is already locked. */
+      if(!preg_match("/^[^\}]*+\}!/",$pwd)){
+        return (TRUE);
+      }     
+      
+      /* Lock entry */
+      $pwd = preg_replace("/(^[^\}]+\})!(.*$)/","\\1\\2",$pwd);
+      $ldap->cd($dn);
+      $ldap->modify(array("userPassword" => $pwd));
+      return($ldap->success());
+    }
+    return(FALSE);
+  }
+
+
   // this function returns all loaded classes for password encryption
   static function get_available_methods()
   {
@@ -64,10 +169,12 @@ class passwordMethod
               $ret['class'][$i]=$class;
               $ret['is_configurable'][$i]= $cfg;
               $ret['object'][$i]= $test;
+              $ret['desc'][$i] = $test->get_description();
               $ret[$i]['name']  = $plugname;
               $ret[$i]['class'] = $class;
               $ret[$i]['object']= $test;
               $ret[$i]['is_configurable']= $cfg;
+              $ret[$i]['desc'] = $test->get_description();
               $ret[$plugname]=$class;                    
               $i++;
             }
@@ -80,6 +187,12 @@ class passwordMethod
   }
   
 
+  function get_description()
+  {
+    return("");
+  }
+
+
   // Method to let password backends remove additional information besides
   // the userPassword attribute
   function remove_from_parent()
@@ -91,6 +204,7 @@ class passwordMethod
   // besides the userAttribute entry
   function set_password($password)
   {
+    return(TRUE);
   }
 
 
@@ -115,7 +229,7 @@ class passwordMethod
 
 
   // Try to find out if it's our hash...
-  static function get_method($password_hash)
+  static function get_method($password_hash,$dn = "")
   {
     global $config;
 
@@ -123,8 +237,9 @@ class passwordMethod
 
     foreach ($methods['class'] as $class){
 
-        $test = new $class($config);
-        if(!$test->is_available())continue;
+        $test = new $class($config,$dn);
+#        All listed methods are available. 
+#        if(!$test->is_available())continue;
         $method= $test->_extract_method($password_hash);
         if ($method != ""){
           $test->set_hash($method);
@@ -171,6 +286,10 @@ class passwordMethod
     return $this->hash;
   }
 
+  function adapt_from_template($dn)
+  {
+    return($this);
+  }
 }
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
 ?>
GONICUS system administrator (SVN clone)