![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc
index ab72dfd592b0de60d4e20c3ed9f7649d745ea229..a37cdb4c8607e1da87a8e286631f04d2e8934b33 100644 (file)
var $dialog;
/* variables to trigger password changes */
- var $pw_storage= "crypt";
+ var $pw_storage= "md5";
var $last_pw_storage= "unset";
var $had_userCertificate= FALSE;
var $multiple_support = TRUE;
+ var $governmentmode = FALSE;
+
/* constructor, if 'dn' is set, the node loads the given
'dn' from LDAP */
function user (&$config, $dn= NULL)
{
$this->config= $config;
/* Configuration is fine, allways */
- if ($this->config->current['GOVERNMENTMODE']){
+ if (isset($this->config->current['GOVERNMENTMODE']) && preg_match("/true/i",$this->config->current['GOVERNMENTMODE'])){
+ $this->governmentmode = TRUE;
$this->attributes=array_merge($this->attributes,$this->govattrs);
}
$this->orig_dn = $this->dn;
$this->new_dn = $dn;
- if ($this->config->current['GOVERNMENTMODE']){
+ if ($this->governmentmode){
/* Fix public visible attribute if unset */
if (!isset($this->attrs['publicVisible'])){
$this->publicVisible == "nein";
}
/* Load government mode attributes */
- if ($this->config->current['GOVERNMENTMODE']){
+ if ($this->governmentmode){
/* Copy all attributs */
foreach ($this->govattrs as $val){
if (isset($this->attrs["$val"][0])){
if (isset ($this->attrs['userPassword'][0])){
/* Initialize local array */
$matches= array();
- if (preg_match ("/^{([^}]+)}(.+)/", $this->attrs['userPassword'][0], $matches)){
- $this->pw_storage= strtolower($matches[1]);
+ if (preg_match ("/^{[^}]+}/", $this->attrs['userPassword'][0])){
+ $tmp= passwordMethod::get_method($this->attrs['userPassword'][0]);
+ if(is_object($tmp)){
+ $this->pw_storage= $tmp->get_hash();
+ }
+
} else {
if ($this->attrs['userPassword'][0] != ""){
$this->pw_storage= "clear";
$years[]= $y;
}
$years['-']= "- ";
- $months= array(_("January"), _("February"), _("March"), _("April"),
- _("May"), _("June"), _("July"), _("August"), _("September"),
- _("October"), _("November"), _("December"), '-' => '- ');
+ $months= msgPool::months();
+ $months['-'] = '- ';
+
$smarty->assign("day", $date["mday"]);
$smarty->assign("days", $days);
$smarty->assign("months", $months);
/* Do we represent a valid gosaAccount? */
if (!$this->is_account){
- $str = "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
+ $str = "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
msgPool::noValidExtension("GOsa")."</b>";
return($str);
}
/* Upload new cert and close dialog? */
if($this->acl_is_writeable("Certificate",(!is_object($this->parent) && !session::is_set('edit')))){
+
+ $fail =false;
+
if (isset($_POST['cert_edit_finish'])){
/* for all certificates do */
$_POST["certificateSerialNumber"] != ""){
if (!tests::is_id($_POST["certificateSerialNumber"])){
- msg_dialog::display(_("Error"), _("Please enter a valid serial number!"), ERROR_DIALOG);
+ $fail = true;
+ msg_dialog::display(_("Error"), msgPool::invalid(_("Serial number"),$_POST["certificateSerialNumber"],"/[0-9]/"),ERROR_DIALOG);
foreach(array("userCertificate", "userSMIMECertificate", "userPKCS12") as $cert){
if ($this->$cert != ""){
$smarty->assign("$cert"."_state", "");
}
}
- return ($smarty->fetch (get_template_path('generic_certs.tpl', TRUE, dirname(__FILE__))));
}
$this->certificateSerialNumber= $_POST["certificateSerialNumber"];
$this->is_modified= TRUE;
}
-
- $this->cert_dialog= FALSE;
- $this->dialog= FALSE;
+ if(!$fail){
+ $this->cert_dialog= FALSE;
+ $this->dialog= FALSE;
+ }
}
}
/* Display picture dialog */
if ($this->cert_dialog){
$smarty->assign("CertificateACL",$this->getacl("Certificate",(!is_object($this->parent) && !session::is_set('edit'))));
$smarty->assign("Certificate_readable",$this->acl_is_readable("Certificate"));
+ $smarty->assign("certificateSerialNumber",$this->certificateSerialNumber);
foreach(array("userCertificate", "userSMIMECertificate", "userPKCS12") as $cert){
if ($this->$cert != ""){
$smarty->assign($cert."_state","");
}
}
- $smarty->assign("governmentmode", "false");
+
+ if($this->governmentmode){
+ $smarty->assign("governmentmode", "true");
+ }else{
+ $smarty->assign("governmentmode", "false");
+ }
return($smarty->fetch (get_template_path('generic_certs.tpl', TRUE, dirname(__FILE__))));
}
}else{
new msg_dialog(_("Password method"),_("The selected password method is no longer available."),WARNING_DIALOG);
}
-
+
+
+ /* Create password methods array */
+ $pwd_methods = array();
+ foreach($hashes as $id => $name){
+ if(!empty($temp['desc'][$id])){
+ $pwd_methods[$name] = $name." (".$temp['desc'][$id].")";
+ }else{
+ $pwd_methods[$name] = $name;
+ }
+ }
+
/* Load attributes and acl's */
$ui =get_userinfo();
foreach($this->attributes as $val){
$smarty->assign("$val"."ACL", $this->getacl($val,(!is_object($this->parent) && !session::is_set('edit'))));
}
- $smarty->assign("pwmode", $hashes);
+ $smarty->assign("pwmode", $pwd_methods);
$smarty->assign("pwmode_select", $this->pw_storage);
$smarty->assign("pw_configurable", $is_configurable);
$smarty->assign("passwordStorageACL", $this->getacl("userPassword",(!is_object($this->parent) && !session::is_set('edit'))));
$smarty->assign("bases", $tmp);
/* Save government mode attributes */
- if (isset($this->config->current['GOVERNMENTMODE']) &&
- preg_match('/true/i', $this->config->current['GOVERNMENTMODE'])){
+ if($this->governmentmode){
$smarty->assign("governmentmode", "true");
$ivbbmodes= array("nein", "ivbv", "testa", "ivbv,testa", "internet",
"internet,ivbv", "internet,testa", "internet,ivbv,testa");
{
/* Remove password extension */
$temp= passwordMethod::get_available_methods();
- $this->pwObject= new $temp[$this->pw_storage]($this->config,$this->dn);
- $this->pwObject->remove_from_parent();
+
+ /* Remove password method from user account */
+ if(isset($temp[$this->pw_storage]) && class_available($temp[$this->pw_storage])){
+ $this->pwObject= new $temp[$this->pw_storage]($this->config,$this->dn);
+ $this->pwObject->remove_from_parent();
+ }
/* Remove user */
$ldap= $this->config->get_ldap_link();
plugin::save_object ();
/* Save government mode attributes */
- if ($this->config->current['GOVERNMENTMODE']){
+ if ($this->governmentmode){
foreach ($this->govattrs as $val){
if ($this->acl_is_writeable($val,(!is_object($this->parent) && !session::is_set('edit'))) && isset($_POST["$val"])){
$data= stripcslashes($_POST["$val"]);
$this->base= $base;
}else{
$this->base = $base_tmp;
- msg_dialog::display(_("Error"), sprintf(_("You have no permission to move this object to '%s'!"), LDAP::fix($_POST['base'])), ERROR_DIALOG);
- $this->set_acl_base('dummy,'.$this->base);
+ msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
}
}
}
}
}
-
- $this->set_acl_base('dummy,'.$this->base);
}
}
}
/* Hard coded government mode? */
- if ($this->config->current['GOVERNMENTMODE'] != 'false'){
+ if ($this->governmentmode){
$this->attrs['objectClass'][]= "ivbbentry";
/* Copy standard attributes */
/* Fallback if there's no image magick inside PHP */
if (!function_exists("imagick_blob2image")){
/* Get temporary file name for conversation */
- $fname = tempnam ("/tmp", "GOsa");
+ $fname = tempnam (TEMP_DIR, "GOsa");
/* Open file and write out photoData */
$fp = fopen ($fname, "w");
/* Call common method to give check the hook */
$message= plugin::check();
+ /* Configurable password methods should be configured initially.
+ */
+ if($this->last_pw_storage != $this->pw_storage){
+ $temp= passwordMethod::get_available_methods();
+ foreach($temp['name'] as $id => $name){
+ if($name == $this->pw_storage){
+ if($temp['is_configurable'][$id] && !$this->pwObject instanceof $temp[$name] ){
+ $message[] = _("The selected password method requires initial configuration!");
+ }
+ break;
+ }
+ }
+ }
+
$this->update_new_dn();
/* Set the new acl base */
$this->set_acl_base($this->base);
}
+ /* Check if we are allowed to create/move this user
+ */
+
+ if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
+ $message[]= msgPool::permCreate();
+ }elseif($this->orig_dn != "new" && $this->new_dn != $this->orig_dn && !$this->acl_is_moveable($this->base)){
+ $message[]= msgPool::permMove();
+ }
+
/* UID already used? */
$ldap= $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
}
}
if (!tests::is_url($this->labeledURI)){
- $message[]= msgPool::invalid(_("Homepage"), "", "", "http://www.example.com/yourname");
+ $message[]= msgPool::invalid(_("Homepage"), "", "", "http://www.your-domain.com/yourname");
}
/* Check phone numbers */
/* Load certificate from file to object */
function set_cert($cert, $filename)
{
- if(!$thsi->acl_is_writeable("Certificate",(!is_object($this->parent) && !session::is_set('edit')))) return;
+ if(!$this->acl_is_writeable("Certificate",(!is_object($this->parent) && !session::is_set('edit')))) return;
$fd = fopen ($filename, "rb");
if (filesize($filename)>0) {
$this->$cert= fread ($fd, filesize ($filename));
}
/* Adapt from given 'dn' */
- function adapt_from_template($dn)
+ function adapt_from_template($dn, $skip= array())
{
- plugin::adapt_from_template($dn);
+ plugin::adapt_from_template($dn, $skip);
/* Get base */
$this->base= preg_replace('/^[^,]+,'.get_people_ou().'/i', '', $dn);
- if ($this->config->current['GOVERNMENTMODE']){
+ if($this->governmentmode){
/* Walk through govattrs */
foreach ($this->govattrs as $val){
+ if (in_array($val, $skip)){
+ continue;
+ }
+
if (isset($this->attrs["$val"][0])){
/* If attribute is set, replace dynamic parts:
}
}
- /* Get back uid/sn/givenName */
- if ($this->parent !== NULL){
+ /* Get back uid/sn/givenName - only write if nothing's skipped */
+ if ($this->parent !== NULL && count($skip) == 0){
$this->uid= $this->parent->uid;
$this->sn= $this->parent->sn;
$this->givenName= $this->parent->givenName;
"plProvidedAcls" => array(
"base" => _("Base"),
"userPassword" => _("User password"),
- "sn" => _("Surename"),
+ "sn" => _("Surname"),
"givenName" => _("Given name"),
"uid" => _("User identification"),
"personalTitle" => _("Personal title"),