![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/admin/users/class_userManagement.inc b/plugins/admin/users/class_userManagement.inc
index 6109af8349f5887e17ccdc8febaef6f68679728b..a031e89d9f783a2cbb19272ea867938b1bde2c65 100644 (file)
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-/* Include user tab class */
-require "tabs_user.inc";
-
-
class userManagement extends plugin
{
/* Plugin definitions */
var $CPPasswordChange = ""; // Contains the entry id which should get a new password
var $DivListUsers;
- var $start_pasting_copied_objects = FALSE;
+ var $pwd_change_queue = array();
- function userManagement($config, $ui)
+ var $start_pasting_copied_objects = FALSE;
+ var $current_action ="";
+ var $msg_dialog= NULL;
+
+ function userManagement(&$config, $ui)
{
/* Save configuration for internal use */
- $this->config= $config;
- $this->ui= $ui;
+ $this->config= &$config;
+ $this->ui= &$ui;
/* Copy & Paste handler */
if ($this->config->boolValueIsTrue("main", "enableCopyPaste")){
plugin::execute();
/* LOCK MESSAGE Vars */
- $_SESSION['LOCK_VARS_TO_USE'] = array("/^act$/","/^id$/","/^user_edit_/","/^user_del_/","/^item_selected/","/^remove_multiple_users/");
+ $_SESSION['LOCK_VARS_TO_USE'] = array("/^act$/","/^id$/","/^user_edit_/","/^user_del_/","/^item_selected/","/^remove_multiple_users/","/^multiple_edit/","/menu_action/");
$smarty = get_smarty(); // Smarty instance
$s_action = ""; // Contains the action to be taken
foreach($_POST as $key => $val){
/* Get every possible POST combination and set s_action/s_entry accordingly */
- foreach(array("del" => "user_del", "edit" => "user_edit",
+ foreach(array("del" => "user_del",
+ "edit" => "user_edit",
"new" => "user_new",
"new_tpl" => "user_tplnew",
"del_multiple" => "^remove_multiple_users",
"change_pw" => "user_chgpw",
"editPaste" => "editPaste",
"copy_multiple" => "multiple_copy_users",
+ "multiple_edit" => "multiple_edit",
"cut_multiple" => "multiple_cut_users",
+ "multiple_password_change" => "multiple_password_change",
"copy" => "^copy",
+ "toggle_lock_status" => "toggle_lock_status",
"cut" => "^cut") as $act => $name){
if (preg_match("/".$name.".*/", $key)){
$s_tab= "user";
}
- if(!search_config($this->config->data['TABS'], $s_tab , "CLASS")){
+ if(!$this->config->search($s_tab, 'class',array('tabs'))){
$s_tab = "user";
}
+ /* handle C&P from layers menu */
+ if(isset($_POST['menu_action']) && preg_match("/^multiple_copy_systems/",$_POST['menu_action'])){
+ $s_action = "copy_multiple";
+ }
+ if(isset($_POST['menu_action']) && preg_match("/^multiple_cut_systems/",$_POST['menu_action'])){
+ $s_action = "cut_multiple";
+ }
+ if(isset($_POST['menu_action']) && preg_match("/^editPaste/",$_POST['menu_action'])){
+ $s_action = "editPaste";
+ }
+
+ /* Create options */
+ if(isset($_POST['menu_action']) && $_POST['menu_action'] == "user_new"){
+ $s_action = "new";
+ }
+ if(isset($_POST['menu_action']) && $_POST['menu_action'] == "user_tplnew"){
+ $s_action = "new_tpl";
+ }
+ if(isset($_POST['menu_action']) && $_POST['menu_action'] == "multiple_edit"){
+ $s_action = "multiple_edit";
+ }
+
+ /* handle remove from layers menu */
+ if(isset($_POST['menu_action']) && preg_match("/^multiple_password_change/",$_POST['menu_action'])){
+ $s_action = "multiple_password_change";
+ }
+
+ /* handle remove from layers menu */
+ if(isset($_POST['menu_action']) && preg_match("/^remove_multiple/",$_POST['menu_action'])){
+ $s_action = "del_multiple";
+ }
+
+
/********************
Copy & Paste
********************/
/* Display the copy & paste dialog, if it is currently open */
if($this->CPPasswordChange == ""){
- $ret = $this->copyPasteHandling_from_queue($s_action);
+ $ret = $this->copyPasteHandling_from_queue($s_action,$s_entry);
if($ret){
return($ret);
}
}
- /********************
- Change password requested
- ********************/
-
- /* Password change requested */
- if (($s_action == "change_pw") || (!empty($this->CPPasswordChange))){
-
- if(!empty($this->CPPasswordChange)){
- $s_entry = $this->CPPasswordChange;
- $this->CPPasswordChange = "";
- }
-
- /* Get 'dn' from posted 'uid' */
- $this->dn= $this->list[trim($s_entry)]['dn'];
-
- /* Load permissions for selected 'dn' and check if
- we're allowed to remove this 'dn' */
- if (preg_match("/w/",$this->ui->get_permissions($this->dn,"users/password"))){
-
- /* User is allowed to change passwords, save 'dn' and 'acl' for next
- dialog. */
- $_SESSION['objectinfo']= $this->dn;
- return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
-
- } else {
- /* User is not allowed. Show message and cancel. */
- print_red (_("You are not allowed to set this users password!"));
- }
- }
-
-
/********************
Change password confirmed
********************/
} else {
/* Missing permissions, show message */
- print_red (_("You are not allowed to set this users password!"));
+ msg_dialog::display(_("Password change failed."),_("You are not allowed to set this users password!"),WARNING_DIALOG);
}
/* Clean session, delete lock */
del_lock ($this->dn);
/********************
- Edit existing entry
+ Change multiple passwords requested
+ ********************/
+
+ if($s_action == "multiple_password_change"){
+ $this->pwd_change_queue = $this->list_get_selected_items();
+ }
+
+
+ /********************
+ Change password requested
+ ********************/
+
+ /* Password change requested */
+ if (($s_action == "change_pw") || (!empty($this->CPPasswordChange)) || count($this->pwd_change_queue)){
+
+ /* Get users whose passwords should be changed. */
+ if(count($this->pwd_change_queue)){
+ $s_entry= array_pop($this->pwd_change_queue);
+ }
+
+ if(!empty($this->CPPasswordChange)){
+ $s_entry = $this->CPPasswordChange;
+ $this->CPPasswordChange = "";
+ }
+
+ /* Get 'dn' from posted 'uid' */
+ $this->dn= $this->list[trim($s_entry)]['dn'];
+
+ /* Load permissions for selected 'dn' and check if
+ we're allowed to remove this 'dn' */
+ if (preg_match("/w/",$this->ui->get_permissions($this->dn,"users/password"))){
+
+ /* User is allowed to change passwords, save 'dn' and 'acl' for next
+ dialog. */
+ $_SESSION['objectinfo']= $this->dn;
+ return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
+
+
+ } else {
+ /* User is not allowed. Show message and cancel. */
+ msg_dialog::display(_("Password change"),_("You are not allowed to set this users password!"),WARNING_DIALOG);
+ }
+ }
+
+
+
+ /********************
+ Edit existing entry
********************/
/* User wants to edit data? */
add_lock ($this->dn, $this->ui->dn);
/* Register usertab to trigger edit dialog */
- $this->usertab= new usertabs($this->config,
+ $this->usertab= new usertabs($this->config,
$this->config->data['TABS']['USERTABS'], $this->dn);
/* Switch tab, if it was requested by the user */
}
+ /********************
+ Edit multiple entries
+ ********************/
+
+ /* User wants to edit data? */
+ if ($s_action == "multiple_edit" && !isset($this->usertab->config)){
+
+ $this->dn = array();
+ foreach($this->list_get_selected_items() as $id){
+ $this->dn[] = $this->list[$id]['dn'];;
+ }
+ $tmp = new multi_plug($this->config,"usertabs",$this->config->data['TABS']['USERTABS'],
+ $this->dn,$this->DivListUsers->selectedBase,"user");
+ if ($tmp->entries_locked()){
+ return($tmp->display_lock_message());
+ }
+ $tmp->lock_entries($this->ui->dn);
+ if($tmp->multiple_available()){
+ $this->usertab = $tmp;
+ $this->usertab->set_active_tab($s_tab);
+ $_SESSION['objectinfo']= $this->usertab->get_object_info();
+ }
+ }
+
+
/********************
Edit canceled
********************/
if ($s_action=="del_multiple"){
$ids = $this->list_get_selected_items();
-
+ $this->dns = array();
if(count($ids)){
foreach($ids as $id){
$dns_names = "<br><pre>";
foreach($this->dns as $dn){
- add_lock ($dn, $this->ui->dn);
$dns_names .= $dn."\n";
}
$dns_names .="</pre>";
/* Lock the current entry, so nobody will edit it during deletion */
if (count($this->dns) == 1){
- $smarty->assign("info", sprintf(_("You're about to delete the following entry: %s"), @LDAP::fix($dns_names)));
+ $info = sprintf(_("You're about to delete the following entry: %s"), @LDAP::fix($dns_names));
} else {
- $smarty->assign("info", sprintf(_("You're about to delete the following entries: %s"), @LDAP::fix($dns_names)));
+ $info = sprintf(_("You're about to delete the following entries: %s"), @LDAP::fix($dns_names));
}
- $smarty->assign("multiple", true);
- return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ $this->msg_dialog = new msg_dialog(_("Delete users"),$info,CONFIRM_DIALOG);
+ $this->current_action = $s_action;
}
}
********************/
/* Confirmation for deletion has been passed. Users should be deleted. */
- if (isset($_POST['delete_multiple_user_confirm'])){
-
+ if ($this->current_action == "del_multiple" && is_object($this->msg_dialog) && $this->msg_dialog->is_confirmed()){
+
+ $this->current_action = "";
+
/* Remove user by user and check acls before removeing them */
foreach($this->dns as $key => $dn){
unset ($this->usertab);
$this->usertab= NULL;
} else {
- print_red (sprintf(_("You are not allowed to delete the user '%s'!"),$dn));
+ msg_dialog::display(_("User delete"),sprintf(_("You are not allowed to delete the user '%s'!"),$dn),WARNING_DIALOG);
if(isset($this->ui->uid)){
new log("security","users/".get_class($this),$dn,array(),"Tried to trick deletion.");
}
}
}
+
+ /********************
+ Toggle lock status for user
+ ********************/
+
+ if($s_action == "toggle_lock_status" && isset($this->list[$s_entry])){
+
+ /* Get entry check current status */
+ $val = $this->list[$s_entry];
+ $pwd = $val['userPassword'][0];
+
+ if(!preg_match("/^\{[^\}]/",$pwd)){
+ trigger_error("Can not deactivate user which is using clear password encryption.");
+ }else{
+
+ $locked = false;
+ if(preg_match("/^[^\}]*+\}!/",$pwd)){
+ $locked = true;
+ }
+
+ /* Create ldap array to update status */
+ $attrs = array("userPassword" => $pwd);
+ if($locked){
+ $attrs['userPassword'] = preg_replace("/(^[^\}]+\})!(.*$)/","\\1\\2",$attrs['userPassword']);
+ }else{
+ $attrs['userPassword'] = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$attrs['userPassword']);
+ }
+
+ /* Write new status back to ldap */
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($val['dn']);
+ $ldap->modify($attrs);
+ if($locked){
+ show_ldap_error($ldap->get_error(),_("Could not set user status from locked to unlocked."));
+ }else{
+ show_ldap_error($ldap->get_error(),_("Could not set user status from unlocked to locked."));
+ }
+ }
+ }
+
/********************
Delete entry requested, display confirm dialog
return(gen_locked_message ($user, $this->dn));
}
+
/* Lock the current entry, so nobody will edit it during deletion */
- add_lock ($this->dn, $this->ui->dn);
- $smarty->assign("info", sprintf(_("You're about to delete the user %s."), @LDAP::fix($this->dn)));
- $smarty->assign("multiple", false);
- return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+# add_lock ($this->dn, $this->ui->dn);
+# $smarty->assign("info", sprintf(_("You're about to delete the user %s."), @LDAP::fix($this->dn)));
+# $smarty->assign("multiple", false);
+# return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ $this->msg_dialog = new msg_dialog( _("Delete user"),sprintf(_("You're about to delete the user %s."), @LDAP::fix($this->dn)),CONFIRM_DIALOG);
+ $this->current_action = $s_action;
}
********************/
/* Confirmation for deletion has been passed. User should be deleted. */
- if (isset($_POST['delete_user_confirm'])){
+ if ($this->current_action == "del" && is_object($this->msg_dialog) && $this->msg_dialog->is_confirmed()){
+ $this->current_action = "";
+
/* Some nice guy may send this as POST, so we've to check
for the permissions again. */
$this->usertab->delete ();
unset ($this->usertab);
$this->usertab= NULL;
+ msg_dialog::display(_("User delted"),_("User successfully removed."),INFO_DIALOG);
} else {
/* Normally this shouldn't be reached, send some extra
logs to notify the administrator */
- print_red (_("You are not allowed to delete this user!"));
+ msg_dialog::display(_("User delete"),_("You are not allowed to delete this user!"),WARNING_DIALOG);
if(isset($this->ui->uid)){
new log("security","users/".get_class($this),$this->dn,array(),"Tried to trick deletion.");
$display= $this->usertab->execute();
/* Don't show buttons if tab dialog requests this */
- if(isset($this->usertab->by_object)){
- if (!$this->usertab->by_object[$this->usertab->current]->dialog){
+
+ $dia = FALSE;
+ if(isset($this->usertab->by_object[$this->usertab->current]->dialog)){
+ $dia = $this->usertab->by_object[$this->usertab->current]->dialog;
+ }
+
+ if(!is_object($dia) && $dia != TRUE){
$display.= "<p style=\"text-align:right\">\n";
$display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\""._("Ok")."\">\n";
$display.= " \n";
$display.= "<input type=submit name=\"edit_cancel\" value=\""._("Cancel")."\">\n";
$display.= "</p>";
}
- }
return ($display);
}
if ($SubSearch){
$ListTemp = get_list($filter, "users", $base,
- array("uid", "givenName", "sn", "objectClass"), GL_SUBSEARCH | GL_SIZELIMIT);
+ array("uid", "givenName", "sn", "objectClass","userPassword"), GL_SUBSEARCH | GL_SIZELIMIT);
} else {
$base= get_people_ou().$base;
$ListTemp = get_list($filter, "users", $base,
- array("uid", "givenName", "sn", "objectClass"), GL_SIZELIMIT);
+ array("uid", "givenName", "sn", "objectClass","userPassword"), GL_SIZELIMIT);
}
$SortTemp = array();
$List = array();
}
- function copyPasteHandling_from_queue($s_action)
+ function copyPasteHandling_from_queue($s_action,$s_entry)
{
+ /* Check if Copy & Paste is disabled */
+ if(!is_object($this->CopyPasteHandler)){
+ return("");
+ }
+
+ /* Add a single entry to queue */
+ if($s_action == "cut" || $s_action == "copy"){
+ /* Cleanup object queue */
+ $this->CopyPasteHandler->cleanup_queue();
+ $dn = $this->list[$s_entry]['dn'];
+ $this->CopyPasteHandler->add_to_queue($dn,$s_action,"usertabs","USERTABS","users");
+ }
/* Add entries to queue */
if($s_action == "copy_multiple" || $s_action == "cut_multiple"){