![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-core/plugins/personal/posix/class_posixAccount.inc b/gosa-core/plugins/personal/posix/class_posixAccount.inc
index 764dc1409bd770c2e0dded2b2dc6a6b30f07eb77..88b1c132d08449faa8cbf3c422d229c635acfa7f 100644 (file)
class posixAccount extends plugin
{
/* Definitions */
- var $plHeadline= "UNIX";
+ var $plHeadline= "POSIX";
var $plDescription= "Edit users POSIX settings";
/* Plugin specific values */
var $shadowLastChange= "0";
var $shadowInactive= "0";
var $shadowExpire= "";
- var $gosaDefaultPrinter= "";
var $accessTo= array();
- var $trustModel= "";
var $glist=array();
var $status= "";
var $mustchangepassword= "0";
var $force_ids= 0;
var $gotoLastSystemLogin= "";
- var $group_dialog= FALSE;
- var $show_ws_dialog= FALSE;
+ var $groupSelect= FALSE;
var $secondaryGroups= array();
var $primaryGroup= 0;
- var $was_trust_account= FALSE;
var $memberGroup= array();
var $grouplist= array();
var $ui= array();
var $ssh= null;
var $sshAcl= "";
- var $GroupRegex= "*";
- var $GroupUserRegex= "*";
- var $SubSearch= false;
-
var $view_logged= false;
/* attribute list for save action */
var $CopyPasteVars =
- array("grouplist","groupMembership","activate_shadowMin",
- "activate_shadowMax","activate_shadowWarning","activate_shadowInactive","activate_shadowExpire",
- "must_change_password","printerList","grouplist","savedGidNumber","savedUidNumber");
+ array("grouplist","groupMembership","activate_shadowMin",
+ "activate_shadowMax","activate_shadowWarning","activate_shadowInactive","activate_shadowExpire",
+ "must_change_password","printerList","grouplist","savedGidNumber","savedUidNumber");
var $attributes = array("homeDirectory", "loginShell", "uidNumber", "gidNumber", "gecos",
"shadowMin", "shadowMax", "shadowWarning", "shadowInactive", "shadowLastChange",
- "shadowExpire", "gosaDefaultPrinter", "uid","accessTo","trustModel", "gotoLastSystemLogin");
+ "shadowExpire", "uid", "gotoLastSystemLogin");
var $objectclasses= array("posixAccount", "shadowAccount");
/* constructor, if 'dn' is set, the node loads the given
'dn' from LDAP */
- function posixAccount (&$config, $dn= NULL)
+ function posixAccount (&$config, $dn= NULL, $parent =NULL)
{
global $class_mapping;
$this->config= $config;
/* Load bases attributes */
- plugin::plugin($config, $dn);
+ plugin::plugin($config, $dn, $parent);
+
+ $this->trustModeDialog = new trustModeDialog($this->config, $this->dn, $parent);
+ $this->trustModeDialog->setAcl('users/posixAccount');
/* If gotoLastSystemLogin is available read it from ldap and create a readable
date time string, fallback to sambaLogonTime if available.
/* Correct is_account. shadowAccount is not required. */
if (isset($this->attrs['objectClass']) &&
- in_array ('posixAccount', $this->attrs['objectClass'])){
+ in_array_strict('posixAccount', $this->attrs['objectClass'])){
$this->is_account= TRUE;
}
-
- /* Is this account a trustAccount? */
- if ($this->is_account && isset($this->attrs['trustModel'])){
- $this->trustModel= $this->attrs['trustModel'][0];
- $this->was_trust_account= TRUE;
- } else {
- $this->was_trust_account= FALSE;
- $this->trustModel= "";
- }
-
- $this->accessTo = array();
- if ($this->is_account && isset($this->attrs['accessTo'])){
- for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
- $tmp= $this->attrs['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
$this->initially_was_account= $this->is_account;
/* Fill group */
}
/* Insert possibly missing loginShell */
- if ($this->loginShell != "" && !in_array($this->loginShell, $this->loginShellList)){
+ if ($this->loginShell != "" && !in_array_strict($this->loginShell, $this->loginShellList)){
$this->loginShellList[]= $this->loginShell;
}
}
asort ($this->secondaryGroups);
- /* Get global filter config */
- if (!session::is_set("sysfilter")){
- $ui= get_userinfo();
- $base= get_base_from_people($ui->dn);
- $sysfilter= array( "depselect" => $base,
- "regex" => "*");
- session::set("sysfilter", $sysfilter);
- }
$this->ui = get_userinfo();
}
$this->view_logged = TRUE;
new log("view","users/".get_class($this),$this->dn);
}
-
- /* Department has changed? */
- if(isset($_POST['depselect'])){
- session::set('CurrentMainBase',validate($_POST['depselect']));
- }
+ $this->dialog = FALSE;
if($this->multiple_support_active){
$this->is_account = TRUE;
}
}
- /* Trigger group edit? */
+ // Display dialog to allow selection of groups
if (isset($_POST['edit_groupmembership'])){
- $this->group_dialog= TRUE;
- $this->dialog= TRUE;
+ $this->groupSelect = new groupSelect($this->config,get_userinfo());
}
- /* Cancel group edit? */
- if (isset($_POST['add_groups_cancel']) ||
- isset($_POST['add_groups_finish'])){
- $this->group_dialog= FALSE;
- $this->dialog= FALSE;
+ // Cancel group dialog
+ if (isset($_POST['add_groups_cancel'])){
+ $this->groupSelect= NULL;
}
- /* Add selected groups */
- if (isset($_POST['add_groups_finish']) && isset($_POST['groups']) &&
- count($_POST['groups'])){
-
- $this->addGroup ($_POST['groups']);
+ // Add groups selected in groupSelect dialog to ours.
+ if (isset($_POST['add_groups_finish']) && $this->groupSelect){
+ $groups = $this->groupSelect->detectPostActions();
+ if(isset($groups['targets'])){
+ $this->addGroup ($groups['targets']);
+ $this->is_modified= TRUE;
+ }
+ $this->groupSelect= NULL;
}
- /* Delete selected groups */
+ // Remove groups from currently selected groups.
if (isset($_POST['delete_groupmembership']) &&
isset($_POST['group_list']) && count($_POST['group_list'])){
- $this->delGroup ($_POST['group_list']);
- }
-
- /* Add user workstation? */
- if (isset($_POST["add_ws"])){
- $this->show_ws_dialog= TRUE;
- $this->dialog= TRUE;
- }
-
- /* Add user workstation? */
- if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
- foreach($_POST['wslist'] as $ws){
- $this->accessTo[$ws]= $ws;
- }
- ksort($this->accessTo);
- $this->is_modified= TRUE;
- }
-
- /* Remove user workstations? */
- if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
- foreach($_POST['workstation_list'] as $name){
- unset ($this->accessTo[$name]);
- }
- $this->is_modified= TRUE;
- }
-
- /* Add user workstation finished? */
- if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
- $this->show_ws_dialog= FALSE;
- $this->dialog= FALSE;
+ $this->delGroup (get_post('group_list'));
}
/* Templates now! */
$smarty= get_smarty();
- $smarty->assign("usePrototype", "true");
-
- /* Show ws dialog */
- if ($this->show_ws_dialog){
- /* Save data */
- $sysfilter= session::get("sysfilter");
- foreach( array("depselect", "regex") as $type){
- if (isset($_POST[$type])){
- $sysfilter[$type]= $_POST[$type];
- }
- }
- if (isset($_GET['search'])){
- $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
- if ($s == "**"){
- $s= "*";
- }
- $sysfilter['regex']= $s;
- }
- session::set("sysfilter", $sysfilter);
-
- /* Get workstation list */
- $exclude= "";
- foreach($this->accessTo as $ws){
- $exclude.= "(cn=$ws)";
- }
- if ($exclude != ""){
- $exclude= "(!(|$exclude))";
- }
- $regex= $sysfilter['regex'];
- $acls = array();
- if(class_available("servgeneric")) $acls[] = "server";
- if(class_available("workgeneric")) $acls[] = "worstation";
- if(class_available("termgeneric")) $acls[] = "terminal";
- $filter= "(&(|(objectClass=goServer)(objectClass=gotoWorkstation)(objectClass=gotoTerminal))$exclude(cn=*)(cn=$regex))";
- $deps_a = array(get_ou("serverRDN"),
- get_ou("terminalRDN"),
- get_ou("workstationRDN"));
-
- $res= get_sub_list($filter, $acls, $deps_a, get_ou("systemRDN").$sysfilter['depselect'], array("cn"), GL_SUBSEARCH | GL_SIZELIMIT);
- $wslist= array();
- foreach ($res as $attrs){
- $wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
- }
- asort($wslist);
- $smarty->assign("search_image", get_template_path('images/lists/search.png'));
- $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
- $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
- $smarty->assign("deplist", $this->config->idepartments);
- $smarty->assign("alphabet", generate_alphabet());
- foreach( array("depselect", "regex") as $type){
- $smarty->assign("$type", $sysfilter[$type]);
- }
- $smarty->assign("hint", print_sizelimit_warning());
- $smarty->assign("wslist", $wslist);
- $smarty->assign("apply", apply_filter());
- $display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
- return ($display);
+ // Handle trust mode dialog
+ $trustModeDialog = $this->trustModeDialog->execute();
+ if($this->trustModeDialog->trustSelect){
+ $this->dialog = TRUE;
+ return($trustModeDialog);
+
}
+ $smarty->assign("trustModeDialog" , $trustModeDialog);
- /* Manage group add dialog */
- if ($this->group_dialog){
-
- /* Get global filter config */
- $this->reload();
-
- /* remove already assigned groups */
- $glist= array();
- foreach ($this->grouplist as $key => $value){
- if (!isset($this->groupMembership[$key]) && obj_is_writable($key,"groups/group","memberUid")){
- $glist[$key]= $value;
- }
- }
-
- if($this->SubSearch){
- $smarty->assign("SubSearchCHK"," checked ");
- }else{
- $smarty->assign("SubSearchCHK","");
- }
- $smarty->assign("regex",$this->GroupRegex);
- $smarty->assign("guser",$this->GroupUserRegex);
- $smarty->assign("groups", $glist);
- $smarty->assign("search_image", get_template_path('images/lists/search.png'));
- $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
- $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
- $smarty->assign("deplist", $this->config->idepartments);
- $smarty->assign("alphabet", generate_alphabet());
- $smarty->assign("depselect", session::get('CurrentMainBase'));
- $smarty->assign("hint", print_sizelimit_warning());
- $smarty->assign("apply", apply_filter());
+ /* Manage group add dialog */
+ if ($this->groupSelect){
+ $this->dialog = TRUE;
- $display.= $smarty->fetch (get_template_path('posix_groups.tpl', TRUE, dirname(__FILE__)));
- return ($display);
+ // Build up blocklist
+ session::set('filterBlacklist', array('dn' => array_keys($this->groupMembership)));
+ return($this->groupSelect->execute());
}
// Handle ssh dialog?
if ($this->ssh instanceOf sshPublicKey && preg_match('/[rw]/', $this->getacl("sshPublicKey"))) {
- $smarty->assign("usePrototype", "false");
- if ($result= $this->ssh->execute()) {
- $this->dialog= true;
- return $result;
- }
- $this->dialog= false;
+
+ if ($result= $this->ssh->execute()) {
+ $this->dialog= true;
+ pathNavigator::registerPlugin("SSH keys");
+ return $result;
+ }
}
/* Show main page */
$smarty= get_smarty();
- /* In 'MyAccount' mode, we must remove write acls if we are not in editing mode. */
- $SkipWrite = (!isset($this->parent) || !$this->parent) && !session::is_set('edit');
- $smarty->assign("sshPublicKeyACL", $this->getacl("sshPublicKey", $SkipWrite));
+ $smarty->assign("sshPublicKeyACL", $this->getacl("sshPublicKey"));
/* Depending on pwmode, currently hardcoded because there are no other methods */
if ( 1 == 1 ){
$smarty->assign("pwmode", dirname(__FILE__)."/posix_shadow");
- $shadowMinACL = $this->getacl("shadowMin",$SkipWrite);
+ $shadowMinACL = $this->getacl("shadowMin");
$smarty->assign("shadowmins", sprintf(_("Password can't be changed up to %s days after last change"),
- "<input name=\"shadowMin\" size=3 maxlength=4 value=\"".$this->shadowMin."\">"));
+ "<input type='text' name=\"shadowMin\" size=3 maxlength=4 value=\"".$this->shadowMin."\">"));
- $shadowMaxACL = $this->getacl("shadowMax",$SkipWrite);
+ $shadowMaxACL = $this->getacl("shadowMax");
$smarty->assign("shadowmaxs", sprintf(_("Password must be changed after %s days"),
- "<input name=\"shadowMax\" size=3 maxlength=4 value=\"".$this->shadowMax."\">"));
+ "<input type='text' name=\"shadowMax\" size=3 maxlength=4 value=\"".$this->shadowMax."\">"));
- $shadowInactiveACL= $this->getacl("shadowInactive",$SkipWrite);
+ $shadowInactiveACL= $this->getacl("shadowInactive");
$smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiry"),
- "<input name=\"shadowInactive\" size=3 maxlength=4 value=\"".$this->shadowInactive."\">"));
+ "<input type='text' name=\"shadowInactive\" size=3 maxlength=4 value=\"".$this->shadowInactive."\">"));
- $shadowWarningACL = $this->getacl("shadowWarning",$SkipWrite);
+ $shadowWarningACL = $this->getacl("shadowWarning");
$smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiry"),
- "<input name=\"shadowWarning\" size=3 maxlength=4 value=\"".$this->shadowWarning."\">"));
+ "<input type='text' name=\"shadowWarning\" size=3 maxlength=4 value=\"".$this->shadowWarning."\">"));
foreach( array("activate_shadowMin", "activate_shadowMax",
- "activate_shadowExpire", "activate_shadowInactive","activate_shadowWarning") as $val){
+ "activate_shadowExpire", "activate_shadowInactive","activate_shadowWarning") as $val){
if ($this->$val == 1){
$smarty->assign("$val", "checked");
} else {
$smarty->assign("$val", "");
}
- $smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
+ $smarty->assign("$val"."ACL", $this->getacl(preg_replace("/^.*_/","",$val)));
}
- $smarty->assign("mustchangepasswordACL", $this->getacl("mustchangepassword",$SkipWrite));
+ $smarty->assign("mustchangepasswordACL", $this->getacl("mustchangepassword"));
}
// Set last system login
- $smarty->assign("gotoLastSystemLogin",$this->gotoLastSystemLogin);
+ $smarty->assign("gotoLastSystemLogin", set_post($this->gotoLastSystemLogin));
/* Fill arrays */
- $smarty->assign("shells", $this->loginShellList);
+ $smarty->assign("shells", set_post($this->loginShellList));
$smarty->assign("secondaryGroups", $this->secondaryGroups);
- $smarty->assign("primaryGroup", $this->primaryGroup);
+ $smarty->assign("primaryGroup", set_post($this->primaryGroup));
if(!$this->multiple_support_active){
if (!count($this->groupMembership)){
$smarty->assign("groupMembership", array(" "));
} else {
- $smarty->assign("groupMembership", $this->groupMembership);
+ $smarty->assign("groupMembership", set_post($this->groupMembership));
}
}else{
- $smarty->assign("groupMembership", $this->groupMembership);
- $smarty->assign("groupMembership_some", $this->groupMembership_some);
+ $smarty->assign("groupMembership", set_post($this->groupMembership));
+ $smarty->assign("groupMembership_some", set_post($this->groupMembership_some));
}
+
if (count($this->groupMembership) > 16){
$smarty->assign("groups", "too_many_for_nfs");
} else {
/* Create onClick="" action string for the "Force UID/GID" option
*/
$onClickIDS ="";
- if(preg_match("/w/",$this->getacl("uidNumber",$SkipWrite))){
+ if(preg_match("/w/",$this->getacl("uidNumber"))){
$onClickIDS .= "changeState('uidNumber');";
}
- if(preg_match("/w/",$this->getacl("gidNumber",$SkipWrite))){
+ if(preg_match("/w/",$this->getacl("gidNumber"))){
$onClickIDS .= "changeState('gidNumber');";
}
$smarty->assign("onClickIDS", $onClickIDS);
- $smarty->assign("force_idsACL", $this->getacl("uidNumber",$SkipWrite).$this->getacl("gidNumber",$SkipWrite));
+ $smarty->assign("force_idsACL", $this->getacl("uidNumber").$this->getacl("gidNumber"));
- foreach(array("primaryGroup","trustmode","activate_shadowWarning","activate_shadowInactive","activate_shadowMin","activate_shadowMax","activate_shadowExpire","mustchangepassword") as $val){
- if(in_array($val,$this->multi_boxes)){
+ foreach(array("primaryGroup","activate_shadowWarning","activate_shadowInactive","activate_shadowMin","activate_shadowMax","activate_shadowExpire","mustchangepassword") as $val){
+ if(in_array_strict($val,$this->multi_boxes)){
$smarty->assign("use_".$val,TRUE);
}else{
$smarty->assign("use_".$val,FALSE);
/* Load attributes and acl's */
foreach($this->attributes as $val){
- if(in_array($val,$this->multi_boxes)){
+ if(in_array_strict($val,$this->multi_boxes)){
$smarty->assign("use_".$val,TRUE);
}else{
$smarty->assign("use_".$val,FALSE);
}
-
- if((session::get("js"))&&(($val=="uidNumber")||($val=="gidNumber")))
- {
- $smarty->assign("$val"."ACL",$this->getacl($val,$SkipWrite));
- $smarty->assign("$val", $this->$val);
- continue;
- }
- $smarty->assign("$val", $this->$val);
- $smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
+ $smarty->assign("$val", set_post($this->$val));
}
- if($SkipWrite){
+
+ $tmp = $this->plInfo();
+ foreach($tmp['plProvidedAcls'] as $val => $desc){
+ $smarty->assign("$val"."ACL", $this->getacl($val));
+ }
+
+ if($this->read_only){
$smarty->assign("groupMembershipACL","r");
}else{
$smarty->assign("groupMembershipACL","rw");
}
$smarty->assign("status", $this->status);
- /* Work on trust modes */
- $smarty->assign("trusthide", " disabled ");
- $smarty->assign("trustmodeACL", $this->getacl("trustModel",$SkipWrite));
- if ($this->trustModel == "fullaccess"){
- $trustmode= 1;
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
-
- } elseif ($this->trustModel == "byhost"){
- $trustmode= 2;
- $smarty->assign("trusthide", "");
+ if($this->mustchangepassword){
+ $smarty->assign("mustchangepassword", " checked ");
} else {
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
- $trustmode= 0;
+ $smarty->assign("mustchangepassword", "");
}
- $smarty->assign("trustmode", $trustmode);
- $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
- 2 => _("allow access to these hosts")));
-
-
-
- if((count($this->accessTo))==0)
- $smarty->assign("emptyArrAccess",true);
- else
- $smarty->assign("emptyArrAccess",false);
-
- if($this->mustchangepassword){
- $smarty->assign("mustchangepassword", " checked ");
- } else {
- $smarty->assign("mustchangepassword", "");
- }
-
- $smarty->assign("workstations", $this->accessTo);
// Add SSH button if available
$smarty->assign("sshPublicKey", $this->ssh?1:0);
- $smarty->assign("apply", apply_filter());
$smarty->assign("multiple_support" , $this->multiple_support_active);
$display.= $smarty->fetch (get_template_path('generic.tpl', TRUE, dirname(__FILE__)));
return($display);
/* Keep uid, because we need it for authentification! */
unset($this->attrs['uid']);
- unset($this->attrs['trustModel']);
@DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__,
- /* include global link_info */
- $this->attributes, "Save");
+ /* include global link_info */
+ $this->attributes, "Save");
$ldap= $this->config->get_ldap_link();
$ldap->cd($this->dn);
$this->cleanup();
if (isset($_POST['posixTab'])){
/* Save values to object */
plugin::save_object();
-
+ $this->trustModeDialog->save_object();
/* Save force GID checkbox */
if($this->acl_is_writeable("gidNumber") || $this->acl_is_writeable("uidNumber")){
/*Save primary group settings */
if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
- $data= $_POST['primaryGroup'];
+ $data= get_post('primaryGroup');
if ($this->primaryGroup != $data){
$this->is_modified= TRUE;
}
- $this->primaryGroup= $_POST['primaryGroup'];
+ $this->primaryGroup= get_post('primaryGroup');
}
/* Get seelcted shadow checkboxes */
$activate_var = "activate_".$var;
if(isset($_POST['activate_'.$var])){
$this->$activate_var = true;
- $this->$var = $_POST[$var];
+ $this->$var = get_post($var);
}else{
$this->$activate_var = false;
if ($var != "shadowExpire") {
}else{
$this->mustchangepassword = FALSE;
}
-
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
- }
-
- /* Get regex from alphabet */
- if(isset($_GET['search'])){
- $this->GroupRegex = $_GET['search']."*";
- }
-
- /* Check checkboxes and regexes */
- if(isset($_POST["PosixGroupDialogPosted"])){
-
- if(isset($_POST['SubSearch']) && ($_POST['SubSearch'])){
- $this->SubSearch = true;
- }else{
- $this->SubSearch = false;
- }
- if(isset($_POST['guser'])){
- $this->GroupUserRegex = $_POST['guser'];
- }
- if(isset($_POST['regex'])){
- $this->GroupRegex = $_POST['regex'];
- }
}
- $this->GroupRegex = preg_replace("/\*\**/","*",$this->GroupRegex);
- $this->GroupUserRegex = preg_replace("/\*\**/","*",$this->GroupUserRegex);
}
$this->shadowExpire= "0";
} else {
/* Transform date to days since the beginning */
- list($day, $month, $year)= split('\.', $this->shadowExpire, 3);
+ list($day, $month, $year)= explode('.', $this->shadowExpire, 3);
$this->shadowExpire= (int)(mktime(0, 0, 0, $month, $day, $year)/ (60 * 60 * 24)) ;
}
if (!$this->activate_shadowMax){
if ($this->mustchangepassword){
$this->shadowLastChange= (int)(date("U") / 86400) - $this->shadowMax - 1;
} else {
- $this->shadowLastChange= (int)(date("U") / 86400);
+# $this->shadowLastChange= (int)(date("U") / 86400);
}
if (!$this->activate_shadowWarning){
$this->shadowWarning= "0";
}
/* Check what to do with ID's
- Nothing forced, so we may have to generate our own IDs, if not done already.
+ Nothing forced, so we may have to generate our own IDs, if not done already.
*/
if ($this->force_ids == 0){
if ($ldap->count() == 0){
$groupcn = $this->uid;
- $groupdn= preg_replace ('/^'.$this->config->get_cfg_value("accountPrimaryAttribute").'=[^,]+,'.get_people_ou().'/i',
+ $pri_attr = $this->config->get_cfg_value("core","accountPrimaryAttribute");
+ $groupdn= preg_replace ('/^'.preg_quote($pri_attr,'/').'=[^,]+,'.preg_quote(get_people_ou(),'/').'/i',
'cn='.$groupcn.','.get_groups_ou(), $this->dn);
/* Request a new and uniqe gidNumber, if required */
if(!$this->force_ids){
$this->gidNumber= get_next_id("gidNumber", $this->dn);
- }else{
-
- /* If forced gidNumber could not be found, then check if the given group name already exists
- we do not want to modify the gidNumber of an existing group.
- */
- $cnt= 0;
- while($ldap->dn_exists($groupdn)){
- $cnt ++;
- $groupcn = $this->uid."_".$cnt;
- $groupdn= preg_replace ('/^'.$this->config->get_cfg_value("accountPrimaryAttribute").'=[^,]+,'.get_people_ou().'/i',
- 'cn='.$groupcn.','.get_groups_ou(), $this->dn);
- }
+ }
+
+ /* If forced gidNumber could not be found, then check if the given group name already exists
+ we do not want to modify the gidNumber of an existing group.
+ */
+ $cnt= 0;
+ while($ldap->dn_exists($groupdn) && ($cnt < 100)){
+ $cnt ++;
+ $groupcn = $this->uid."_".$cnt;
+ $groupdn= preg_replace ('/^'.preg_quote($pri_attr,'/').'=[^,]+,'.preg_quote(get_people_ou(),'/').'/i',
+ 'cn='.$groupcn.','.get_groups_ou(), $this->dn);
}
/* Create new primary group and enforce the new gidNumber */
/* Call parents save to prepare $this->attrs */
plugin::save();
- /* Trust accounts */
- $objectclasses= array();
- foreach ($this->attrs['objectClass'] as $key => $class){
- if (preg_match('/trustAccount/i', $class)){
- continue;
- }
- $objectclasses[]= $this->attrs['objectClass'][$key];
- }
- $this->attrs['objectClass']= $objectclasses;
- if ($this->trustModel != ""){
- $this->attrs['objectClass'][]= "trustAccount";
- $this->attrs['trustModel']= $this->trustModel;
- $this->attrs['accessTo']= array();
- if ($this->trustModel == "byhost"){
- foreach ($this->accessTo as $host){
- $this->attrs['accessTo'][]= $host;
- }
- }
- } else {
- if ($this->was_trust_account){
- $this->attrs['accessTo']= array();
- $this->attrs['trustModel']= array();
- }
- }
-
- if(empty($this->attrs['gosaDefaultPrinter'])){
- $thid->attrs['gosaDefaultPrinter']=array();
- }
-
-
/* include global link_info */
$this->cleanup();
-
+
/* This is just a test, we have had duplicated ids
- in the past when copy & paste was used.
+ in the past when copy & paste was used.
Normaly this should not happen.
*/
if(isset($this->attrs['uidNumber']) && !$this->force_ids){
$this->ssh->save();
}
+ $this->trustModeDialog->dn = $this->dn;
+ $this->trustModeDialog->save();
+
/* Take care about groupMembership values: add to groups */
foreach ($this->groupMembership as $key => $value){
if (!isset($this->savedGroupMembership[$key])){
if (!tests::is_id($this->uidNumber)){
$message[]= msgPool::invalid(_("UID"), $this->uidNumber, "/[0-9]/");
} else {
- if ($this->uidNumber < $this->config->get_cfg_value("minId")){
- $message[]= msgPool::toosmall(_("UID"), $this->config->get_cfg_value("minId"));
+ if ($this->uidNumber < $this->config->get_cfg_value("core","minId")){
+ $message[]= msgPool::toosmall(_("UID"), $this->config->get_cfg_value("core","minId"));
}
}
if (!tests::is_id($this->gidNumber)){
$message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
} else {
- if ($this->gidNumber < $this->config->get_cfg_value("minId")){
- $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("minId"));
+ if ($this->gidNumber < $this->config->get_cfg_value("core","minId")){
+ $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("core","minId"));
}
}
}
function multiple_check()
{
$message = plugin::multiple_check();
- if ($this->homeDirectory == "" && in_array("homeDirectory",$this->multi_boxes)){
+ if ($this->homeDirectory == "" && in_array_strict("homeDirectory",$this->multi_boxes)){
$message[]= msgPool::required(_("Home directory"));
}
- if (!tests::is_path($this->homeDirectory) && in_array("homeDirectory",$this->multi_boxes)){
+ if (!tests::is_path($this->homeDirectory) && in_array_strict("homeDirectory",$this->multi_boxes)){
$message[]= msgPool::invalid(_("Home directory"), "", "", "/home/yourname" );
}
/* Check shadow settings, well I like spaghetties... */
- if ($this->activate_shadowMin && in_array("activate_shadowMin",$this->multi_boxes)){
+ if ($this->activate_shadowMin && in_array_strict("activate_shadowMin",$this->multi_boxes)){
if (!tests::is_id($this->shadowMin)){
$message[]= msgPool::invalid(_("shadowMin"), $this->shadowMin, "/[0-9]/");
}
}
- if ($this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+ if ($this->activate_shadowMax && in_array_strict("activate_shadowMax",$this->multi_boxes)){
if (!tests::is_id($this->shadowMax)){
$message[]= msgPool::invalid(_("shadowMax"), $this->shadowMax, "/[0-9]/");
}
}
- if ($this->activate_shadowWarning && in_array("activate_shadowWarning",$this->multi_boxes)){
+ if ($this->activate_shadowWarning && in_array_strict("activate_shadowWarning",$this->multi_boxes)){
if (!tests::is_id($this->shadowWarning)){
$message[]= msgPool::invalid(_("shadowWarning"), $this->shadowWarning, "/[0-9]/");
}
- if (!$this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+ if (!$this->activate_shadowMax && in_array_strict("activate_shadowMax",$this->multi_boxes)){
$message[]= msgPool::depends("shadowWarning", "shadowMax");
}
- if ($this->shadowWarning > $this->shadowMax && in_array("activate_shadowWarning",$this->multi_boxes)){
+ if ($this->shadowWarning > $this->shadowMax && in_array_strict("activate_shadowWarning",$this->multi_boxes)){
$message[]= msgPool::toobig("shadowWarning", "shadowMax");
}
- if ($this->activate_shadowMin && $this->shadowWarning < $this->shadowMin && in_array("activate_shadowMin",$this->multi_boxes)){
+ if ($this->activate_shadowMin && $this->shadowWarning < $this->shadowMin && in_array_strict("activate_shadowMin",$this->multi_boxes)){
$message[]= msgPool::tosmall("shadowWarning", "shadowMin");
}
}
- if ($this->activate_shadowInactive && in_array("activate_shadowInactive",$this->multi_boxes)){
+ if ($this->activate_shadowInactive && in_array_strict("activate_shadowInactive",$this->multi_boxes)){
if (!tests::is_id($this->shadowInactive)){
$message[]= msgPool::invalid(_("shadowInactive"), $this->shadowInactive, "/[0-9]/");
}
- if (!$this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+ if (!$this->activate_shadowMax && in_array_strict("activate_shadowMax",$this->multi_boxes)){
$message[]= msgPool::depends("shadowInactive", "shadowMax");
}
}
- if ($this->activate_shadowMin && $this->activate_shadowMax && in_array("activate_shadowMin",$this->multi_boxes)){
+ if ($this->activate_shadowMin && $this->activate_shadowMax && in_array_strict("activate_shadowMin",$this->multi_boxes)){
if ($this->shadowMin > $this->shadowMax){
$message[]= msgPool::toobig("shadowMin", "shadowMax");
}
}
}
- /* FIXME: NEED review of this section */
- /* Need to check shadowExpire separately */
-
- /*
- * If shadowExpire is not enabled in the template, it's a UNIX timestamp - so don't convert it to seconds.
- * The check is a hack - if difference between timestamp generated above and here is max 1 day.
- */
- if(abs($this->shadowExpire - time())>86400) {
- $this->shadowExpire= $this->convertToSeconds($this->shadowExpire);
- }
-
/* Only enable checkbox, if shadowExpire is in the future */
if($this->shadowExpire > time()) {
$this->activate_shadowExpire= "1";
}
+
+ /* Convert shadowExpire for usage */
+ if ($this->shadowExpire == 0){
+ $this->shadowExpire= "";
+ } else {
+ $this->shadowExpire= date('d.m.Y', $this->shadowExpire * 60 * 60 * 24);
+ }
}
function convertToSeconds($val)
return($ids);
}
-
- function reload()
- {
- /* Set base for all searches */
- $base = session::get('CurrentMainBase');
- $base = $base;
- $ldap = $this->config->get_ldap_link();
- $attrs = array("cn", "description", "gidNumber");
- $Flags = GL_SIZELIMIT;
-
- /* Get groups */
- if ($this->GroupUserRegex == '*'){
- $filter = "(&(objectClass=posixGroup)(cn=".$this->GroupRegex."))";
- } else {
- $filter= "(&(objectClass=posixGroup)(cn=".$this->GroupRegex.")(memberUid=".$this->GroupUserRegex."))";
- }
- if($this->SubSearch){
- $Flags |= GL_SUBSEARCH;
- }else{
- $base = get_groups_ou().$base;
- }
-
- $res= get_list($filter, "groups", $base,$attrs, $Flags);
-
- /* check sizelimit */
- if (preg_match("/size limit/i", $ldap->get_error())){
- session::set('limit_exceeded',TRUE);
- }
-
- /* Create a list of users */
- $this->grouplist = array();
- foreach ($res as $value){
- $this->grouplist[$value['gidNumber'][0]]= $value;
- }
-
- $tmp=array();
- foreach($this->grouplist as $tkey => $val ){
- $tmp[strtolower($val['cn'][0]).$val['cn'][0]]=$val;
- }
-
- /* Sort index */
- ksort($tmp);
-
- /* Recreate index array[dn]=cn[description]*/
- $this->grouplist=array();
- foreach($tmp as $val){
- if(isset($val['description'])){
- $this->grouplist[$val['dn']]=$val['cn'][0]." [".$val['description'][0]."]";
- }else{
- $this->grouplist[$val['dn']]=$val['cn'][0];
- }
- }
-
- reset ($this->grouplist);
- }
-
/* Get posts from copy & paste dialog */
function saveCopyDialog()
{
if(isset($_POST['homeDirectory'])){
- $this->homeDirectory = $_POST['homeDirectory'];
+ $this->homeDirectory = get_post('homeDirectory');
if (isset ($_POST['force_ids'])){
$data= 1;
- $this->gidNumber = $_POST['gidNumber'];
- $this->uidNumber = $_POST['uidNumber'];
+ $this->gidNumber = get_post('gidNumber');
+ $this->uidNumber = get_post('uidNumber');
} else {
$data= 0;
}
$this->is_modified= TRUE;
}
$this->force_ids= $data;
- $data= $_POST['primaryGroup'];
+ $data= get_post('primaryGroup');
if ($this->primaryGroup != $data){
$this->is_modified= TRUE;
}
- $this->primaryGroup= $_POST['primaryGroup'];
+ $this->primaryGroup= get_post('primaryGroup');
}
}
-
+
/* Create the posix dialog part for copy & paste */
function getCopyDialog()
/* Open group add dialog */
if(isset($_POST['edit_groupmembership'])){
- $this->group_dialog = TRUE;
+ $this->groupSelect = new groupSelect($this->config,get_userinfo());
$sta = "SubDialog";
}
to ensure that the membership is updatd */
if(isset($_POST['add_groups_finish']) || isset($_POST['add_groups_cancel'])){
$this->execute();
- $this->group_dialog =FALSE;
+ $this->groupSelect =NULL;
}
- if($this->group_dialog){
+ if($this->groupSelect){
$str = $this->execute(true);
$ret = array();
$ret['string'] = $str;
/* Assigned informations to smarty */
$smarty = get_smarty();
- $smarty->assign("homeDirectory",$this->homeDirectory);
+ $smarty->assign("homeDirectory",set_post($this->homeDirectory));
$smarty->assign("secondaryGroups",$this->secondaryGroups);
- $smarty->assign("primaryGroup",$this->primaryGroup);
-
- $smarty->assign("uidNumber",$this->uidNumber);
- $smarty->assign("gidNumber",$this->gidNumber);
- $smarty->assign("forceMode",$forceMode);
- $smarty->assign("force_ids",$force_ids);
+ $smarty->assign("primaryGroup",set_post($this->primaryGroup));
+
+ $smarty->assign("uidNumber",set_post($this->uidNumber));
+ $smarty->assign("gidNumber",set_post($this->gidNumber));
+ $smarty->assign("forceMode",set_post($forceMode));
+ $smarty->assign("force_ids",set_post($force_ids));
if (!count($this->groupMembership)){
$smarty->assign("groupMembership", array(" "));
} else {
- $smarty->assign("groupMembership", $this->groupMembership);
+ $smarty->assign("groupMembership", set_post($this->groupMembership));
}
/* Display wars message if there are more than 16 group members */
{
plugin::PrepareForCopyPaste($source);
+ $this->trustModeDialog->PrepareForCopyPaste($source);
+
/* Avoid using the same gid/uid number as source user
- empty numbers to enforce new ones. */
+ empty numbers to enforce new ones. */
$this->savedUidNumber = "";
$this->savedGidNumber = "";
$this->primaryGroup= $source['gidNumber'][0];
}
+
+ /* Adjust shadow checkboxes */
+ foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive",
+ "shadowExpire") as $val){
+
+ if ($this->$val != 0){
+ $oval= "activate_".$val;
+ $this->$oval= "1";
+ }
+ }
+
+ /* Convert shadowExpire for usage */
+ if ($this->shadowExpire == 0){
+ $this->shadowExpire= "";
+ } else {
+ $this->shadowExpire= date('d.m.Y', $this->shadowExpire * 60 * 60 * 24);
+ }
+
+ $tmp = new trustModeDialog($this->config, $source['dn']);
+ $this->trustModeDialog = new trustModeDialog($this->config, $this->dn);
+ $this->trustModeDialog->trustModel = $tmp->trustModel;
+ $this->trustModeDialog->accessTo = $tmp->accessTo;
+ $this->trustModeDialog->setAcl('users/posixAccount');
+
}
"plSection" => array("personal" => _("My account")),
"plCategory" => array("users"),
"plOptions" => array(),
+ "plRequirements"=> array(
+ 'ldapSchema' => array('posixAccount' => ''),
+ 'onFailureDisablePlugin' => array(get_class(), 'sambaAccount','netatalk','environment')
+ ),
"plProvidedAcls" => array(
"homeDirectory" => _("Home directory"),
+ "primaryGroup" => _("Primary group"),
"loginShell" => _("Shell"),
"uidNumber" => _("User ID"),
"gidNumber" => _("Group ID"),
+ "shadowLastChange" => _("Shadow last changed"),
+ "gotoLastSystemLogin" => _("Last login"),
+
"mustchangepassword"=> _("Force password change on login"),
"shadowMin" => _("Shadow min"),
"shadowMax" => _("Shadow max"),
"shadowWarning" => _("Shadow warning"),
"shadowInactive" => _("Shadow inactive"),
"shadowExpire" => _("Shadow expire"),
- "sshPublickey" => _("Public SSH key"),
- "trustModel" => _("System trust model")))
- );
+ "sshPublicKey" => _("Public SSH key"),
+ "accessTo" => _("System trust model")))
+ );
}
function get_multi_edit_values()
{
$ret = plugin::get_multi_edit_values();
+ $ret = array_merge($ret,$this->trustModeDialog->get_multi_edit_values());
$ret['groupMembership'] = $this->groupMembership;
$ret['groupMembership_some']= $this->groupMembership_some;
- if(in_array("primaryGroup",$this->multi_boxes)){
+ if(in_array_strict("primaryGroup",$this->multi_boxes)){
$ret['primaryGroup'] = $this->primaryGroup;
}
- if(in_array("trustmode",$this->multi_boxes)){
- $ret['trustModel'] = $this->trustModel;
- $ret['accessTo'] = $this->accessTo;
- }
foreach(array("shadowWarning","shadowInactive","shadowMin","shadowMax", "shadowExpire") as $entry){
$active = "activate_".$entry;
- if(in_array($active,$this->multi_boxes)){
+ if(in_array_strict($active,$this->multi_boxes)){
$ret[$entry] = $this->$entry;
$ret[$active] = $this->$active;
}
}
- if(in_array("mustchangepassword",$this->multi_boxes)){
+ if(in_array_strict("mustchangepassword",$this->multi_boxes)){
$ret['mustchangepassword'] = $this->mustchangepassword;
}
return($ret);
function multiple_save_object()
{
if(isset($_POST['posix_mulitple_edit'])){
-
+
/* Backup expire value */
$expire_tmp = $this->shadowExpire;
-
+
/* Update all values */
plugin::multiple_save_object();
+ $this->trustModeDialog->multiple_save_object();
+
/* Get selected checkboxes */
- foreach(array("primaryGroup","trustmode","mustchangepassword","activate_shadowWarning","activate_shadowInactive","activate_shadowMin", "activate_shadowMax","activate_shadowExpire") as $val){
+ foreach(array("primaryGroup","mustchangepassword","activate_shadowWarning","activate_shadowInactive","activate_shadowMin", "activate_shadowMax","activate_shadowExpire") as $val){
if(isset($_POST["use_".$val])){
$this->multi_boxes[] = $val;
}
foreach(array("shadowMin","shadowMax","shadowExpire","shadowInactive","shadowWarning") as $var) {
if($this->acl_is_writeable($var)){
$activate_var = "activate_".$var;
- if(in_array($activate_var, $this->multi_boxes)){
+ if(in_array_strict($activate_var, $this->multi_boxes)){
if(isset($_POST['activate_'.$var])){
$this->$activate_var = true;
- $this->$var = $_POST[$var];
+ $this->$var = get_post($var);
}else{
$this->$activate_var = false;
$this->$var = 0;
}
/* Restore shadow value, if the shadow attribute isn't used */
- if(!in_array("activate_shadowExpire",$this->multi_boxes)){
+ if(!in_array_strict("activate_shadowExpire",$this->multi_boxes)){
$this->shadowExpire = $expire_tmp;
}
$this->mustchangepassword = FALSE;
}
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
-
/* Save primary group settings */
if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
- $data= $_POST['primaryGroup'];
+ $data= get_post('primaryGroup');
if ($this->primaryGroup != $data){
$this->is_modified= TRUE;
}
- $this->primaryGroup= $_POST['primaryGroup'];
+ $this->primaryGroup= get_post('primaryGroup');
}
}
}
-
+
/* Initialize plugin with given atribute arrays
*/
function init_multiple_support($attrs,$all)
{
plugin::init_multiple_support($attrs,$all);
+ $this->trustModeDialog->init_multiple_support($attrs,$all);
/* Some dummy values */
$groups_some = array();
$groups_all = $groups_some;
foreach($groups_all as $id => $group){
foreach($uids as $uid){
- if(!in_array($uid,$groups_uid[$id])){
+ if(!in_array_strict($uid,$groups_uid[$id])){
unset($groups_all[$id]);
break;
}
$this->groupMembership_some = $groups_some;
$this->primaryGroup = $this->gidNumber;
- /* Is this account a trustAccount? */
- if (isset($this->multi_attrs['trustModel'])){
- $this->trustModel= $this->multi_attrs['trustModel'][0];
- $this->was_trust_account= TRUE;
- $this->multi_boxes[] = "trustmode";
- } else {
- $this->was_trust_account= FALSE;
- $this->trustModel= "";
- }
-
- /* Create access informations */
- $this->accessTo = array();
- if (isset($this->multi_attrs['accessTo'])){
- for ($i= 0; $i<$this->multi_attrs['accessTo']['count']; $i++){
- $tmp= $this->multi_attrs['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
-
/* Adjust shadow checkboxes */
foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive",
"shadowExpire") as $val){
$groups[$dn] = $cn;
}
plugin::set_multi_edit_values($attrs);
+ $this->trustModeDialog->set_multi_edit_values($attrs);
$this->groupMembership = $groups;
}
+
+ function set_acl_base($base)
+ {
+ @DEBUG (DEBUG_ACL, __LINE__, __FUNCTION__, __FILE__,"<b>".$base."</b>","<b>ACL-Base:</b> ");
+ $this->acl_base= $base;
+ $this->trustModeDialog->set_acl_base($base);
+ }
+
+ /*! \brief Enables multiple support for this plugin
+ */
+ function enable_multiple_support()
+ {
+ plugin::enable_multiple_support();
+ $this->trustModeDialog->enable_multiple_support();
+ }
+
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: