![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index cdea64d379cc08d6c6479b0ab6daa8729d20da97..6437f1dd9452694874bc0cd197cce1aed39b6d9e 100644 (file)
/* Plugin specific values */
var $base= "";
+ var $orig_base= "";
var $cn= "";
+ var $new_dn= "";
var $personalTitle= "";
var $academicTitle= "";
var $homePostalAddress= "";
var $role= "";
var $publicVisible= "";
+ var $orig_dn;
var $dialog;
/* variables to trigger password changes */
var $last_pw_storage= "unset";
var $had_userCertificate= FALSE;
+ var $view_logged = FALSE;
+
/* attribute list for save action */
var $attributes= array("sn", "givenName", "uid", "personalTitle", "academicTitle",
- "homePostalAddress", "homePhone", "labeledURI", "o", "ou", "dateOfBirth", "gender","preferredLanguage",
+ "homePostalAddress", "homePhone", "labeledURI", "ou", "o", "dateOfBirth", "gender","preferredLanguage",
"departmentNumber", "employeeNumber", "employeeType", "l", "st","jpegPhoto",
"roomNumber", "telephoneNumber", "mobile", "pager", "cn", "userPKCS12",
"postalAddress", "facsimileTelephoneNumber", "userSMIMECertificate");
"functionalTitle", "certificateSerialNumber", "publicVisible", "street", "role",
"postalCode");
+ var $multiple_support = TRUE;
+ var $multiple_support_active = FALSE;
+ var $selected_edit_values = array();
+ var $multiple_user_handles = array();
/* constructor, if 'dn' is set, the node loads the given
'dn' from LDAP */
- function user ($config, $dn= NULL)
+ function user (&$config, $dn= NULL)
{
+
$this->config= $config;
/* Configuration is fine, allways */
if ($this->config->current['GOVERNMENTMODE']){
/* Load base attributes */
plugin::plugin ($config, $dn);
+ $this->orig_dn = $this->dn;
+ $this->new_dn = $this->dn;
+
+ $this->new_dn = $dn;
+
if ($this->config->current['GOVERNMENTMODE']){
/* Fix public visible attribute if unset */
if (!isset($this->attrs['publicVisible'])){
}
/* Load data from LDAP? */
- if ($dn != NULL){
+ if ($dn !== NULL){
/* Do base conversation */
if ($this->dn == "new"){
if (isset ($this->attrs['gender'])){
$this->gender= strtoupper($this->attrs['gender'][0]);
}
+
+ $this->orig_base = $this->base;
}
+
+
/* execute generates the html output for this node */
function execute()
{
/* Call parent execute */
plugin::execute();
+ if($this->multiple_support_active){
+ return($this->execute_multiple());
+ }
+ /* Log view */
+ if($this->is_account && !$this->view_logged){
+ $this->view_logged = TRUE;
+ new log("view","users/".get_class($this),$this->dn);
+ }
+
$smarty= get_smarty();
/* Fill calendar */
$sex= array(0 => " ", "F" => _("female"), "M" => _("male"));
$smarty->assign("gender_list", $sex);
- /* Assign prefered langage */
- $language= array(0 => " ", "fr_FR" => ("fr_FR"), "en_EN" => ("en_EN"),
- "de_DE" => ("de_DE"), "it_IT" => ("it_IT"),
- "nl_NL" => ("nl_NL"), "ru_RU" => ("ru_RU"));
+ $language= array_merge(array(0 => " ") ,get_languages(TRUE));
$smarty->assign("preferredLanguage_list", $language);
/* Get random number for pictures */
$this->pw_storage= $this->config->current['HASH'];
}
- $temp = @passwordMethod::get_available_methods();
+ $temp= passwordMethod::get_available_methods();
$hashes = $temp['name'];
+ $test= new $temp[$this->pw_storage]($this->config);
+ $is_configurable= $test->is_configurable();
/* Load attributes and acl's */
$ui =get_userinfo();
$smarty->assign("pwmode", $hashes);
$smarty->assign("pwmode_select", $this->pw_storage);
+ $smarty->assign("pw_configurable", $is_configurable);
$smarty->assign("passwordStorageACL", $this->getacl("userPassword",(!is_object($this->parent) && !isset($_SESSION['edit']))));
$smarty->assign("base_select", $this->base);
$smarty->assign("CertificatesACL", $this->getacl("Certificate",(!is_object($this->parent) && !isset($_SESSION['edit']))));
$ldap= $this->config->get_ldap_link();
$ldap->rmdir ($this->dn);
show_ldap_error($ldap->get_error(), sprintf(_("Removing of user/generic account with dn '%s' failed."),$this->dn));
-
+
+ new log("remove","users/".get_class($this),$this->dn,$this->attributes,$ldap->get_error());
+
/* Delete references to groups */
$ldap->cd ($this->config->current['BASE']);
$ldap->search ("(&(objectClass=posixGroup)(memberUid=".$this->uid."))", array("uid"));
$og->save ();
}
- /* Kerberos server defined? */
- if (isset($this->config->data['SERVERS']['KERBEROS'])){
- $cfg= $this->config->data['SERVERS']['KERBEROS'];
- }
- if (isset($cfg['SERVER']) && function_exists('kadm5_init_with_password')){
-
- /* Connect to the admin interface */
- $handle = kadm5_init_with_password($cfg['SERVER'], $cfg['REALM'],
- $cfg['ADMIN'], $cfg['PASSWORD']);
-
- /* Errors? */
- if ($handle === FALSE){
- print_red (_("Kerberos database communication failed"));
- return (2);
- }
-
- /* Build user principal, get list of existsing principals */
- $principal= $this->uid."@".$cfg['REALM'];
- $principals = kadm5_get_principals($handle);
-
- /* User exists in database? */
- if (in_array($principal, $principals)){
-
- /* Ok. User exists. Remove him/her */
- $ret= kadm5_delete_principal ( $handle, $principal);
- if ($ret === FALSE){
- print_red (_("Can't remove user from kerberos database."));
- }
- }
-
- /* Free kerberos admin handle */
- kadm5_destroy($handle);
+ /* If needed, let the password method do some cleanup */
+ $tmp = new passwordMethod($_SESSION['config']);
+ $available = $tmp->get_available_methods();
+ if (in_array_ics($this->pw_storage, $available['name'])){
+ $test= new $available[$this->pw_storage]($this->config);
+ $test->attrs= $this->attrs;
+ $test->dn= $this->dn;
+ $test->remove_from_parent();
}
+ /* Remove ACL dependencies too */
+ $tmp = new acl($this->config,$this->parent,$this->dn);
+ $tmp->remove_acl();
/* Optionally execute a command after we're done */
$this->handle_post_events("remove",array("uid" => $this->uid));
/* Save data to object */
function save_object()
{
- if (isset($_POST['generic'])){
+ if (isset($_POST['multiple_user_posted'])){
+ $this->save_object_multiple();
+ }
+ if(isset($_POST['generic']) || isset($_POST['multiple_user_posted'])){
/* Make a backup of the current selected base */
$base_tmp = $this->base;
}
}
+
/* Save data to LDAP, depending on is_account we save or delete */
function save()
{
if($this->gender=="0") $this->gender ="";
if($this->preferredLanguage=="0") $this->preferredLanguage ="";
-
/* First use parents methods to do some basic fillup in $this->attrs */
plugin::save ();
/* Load the new uploaded Photo */
if(!$handle = imagick_blob2image($this->photoData)) {
- gosa_log("Can't Load image");
+ new log("debug","users/".get_class($this),"",array(),"Could not access uploaded image");
}
/* Resizing image to 147x200 and blur */
if(!imagick_resize($handle,147,200,IMAGICK_FILTER_GAUSSIAN,0)){
- gosa_log("imagick_resize failed");
+ new log("debug","users/".get_class($this),"",array(),"Could not resize uploaded image");
}
/* Converting image to JPEG */
if(!imagick_convert($handle,"JPEG")) {
- gosa_log("Can't Convert to JPEG");
+ new log("debug","users/".get_class($this),"",array(),"Could not convert uploaded image to jepg");
}
/* Creating binary Code for the Image */
if(!$dump = imagick_image2blob($handle)){
- gosa_log("Can't create blob for image");
+ new log("debug","users/".get_class($this),"",array(),"Could not create new user image");
}
/* Sending Image */
}
- /* Build new dn */
- if (isset($this->config->current['DNMODE']) && $this->config->current['DNMODE'] == "uid"){
- $new_dn= 'uid='.$this->uid.','.get_people_ou().$this->base;
- } else {
- $new_dn= 'cn='.$this->cn.','.get_people_ou().$this->base;
- }
-
/* This only gets called when user is renaming himself */
$ldap= $this->config->get_ldap_link();
- if ($this->dn != $new_dn){
+ if ($this->dn != $this->new_dn){
/* Write entry on new 'dn' */
- $this->move($this->dn, $new_dn);
+ $this->update_acls($this->dn,$this->new_dn);
+ $this->move($this->dn, $this->new_dn);
/* Happen to use the new one */
- change_ui_dn($this->dn, $new_dn);
- $this->dn= $new_dn;
+ change_ui_dn($this->dn, $this->new_dn);
+ $this->dn= $this->new_dn;
}
/* Finally write data with selected 'mode' */
$this->cleanup();
+
+ if(isset($this->attrs['preferredLanguage'])){
+ $_SESSION['ui']->language = $this->preferredLanguage;
+ $_SESSION['Last_init_lang'] = "update";
+ }
+
$ldap->cd ($this->dn);
$ldap->$mode ($this->attrs);
if (show_ldap_error($ldap->get_error(), sprintf(_("Saving of user/generic account with dn '%s' failed."),$this->dn))){
return (1);
}
+
+ /* Remove ACL dependencies too */
+ if($this->dn != $this->orig_dn && $this->orig_dn != "new"){
+ $tmp = new acl($this->config,$this->parent,$this->dn);
+ $tmp->update_acl_membership($this->orig_dn,$this->dn);
+ }
+
+ if($mode == "modify"){
+ new log("modify","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+ }else{
+ new log("create","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+ }
+
/* Remove cert?
For some reason, the 'ldap' class doesn't want to remove binary entries, so I need
to work around myself. */
ldap_close($ds);
}
- /* Kerberos server defined? */
- if (isset($this->config->data['SERVERS']['KERBEROS'])){
- $cfg= $this->config->data['SERVERS']['KERBEROS'];
- }
- if (isset($cfg['SERVER']) && function_exists('kadm5_init_with_password')){
-
- /* Connect to the admin interface */
- $handle = kadm5_init_with_password($cfg['SERVER'], $cfg['REALM'],
- $cfg['ADMIN'], $cfg['PASSWORD']);
-
- /* Errors? */
- if ($handle === FALSE){
- print_red (_("Kerberos database communication failed"));
- return (2);
+ /* If needed, let the password method do some cleanup */
+ if ($this->pw_storage != $this->last_pw_storage){
+ $tmp = new passwordMethod($_SESSION['config']);
+ $available = $tmp->get_available_methods();
+ if (in_array_ics($this->pw_storage, $available['name'])){
+ $test= new $available[$this->pw_storage]($this->config);
+ $test->attrs= $this->attrs;
+ $test->dn= $this->dn;
+ $test->remove_from_parent();
}
-
- /* Build user principal, get list of existsing principals */
- $principal= $this->uid."@".$cfg['REALM'];
- $principals = kadm5_get_principals($handle);
-
- /* User exists in database? */
- if (in_array($principal, $principals)){
-
- /* Ok. User exists. Remove him/her when pw_storage has
- changed to be NOT kerberos. */
- if ($this->pw_storage != $this->config->current['KRBSASL']){
- $ret= kadm5_delete_principal ( $handle, $principal);
-
- if ($ret === FALSE){
- print_red (_("Can't remove user from kerberos database."));
- }
- }
-
- } else {
-
- /* User doesn't exists, create it when pw_storage is kerberos. */
- if ($this->pw_storage == "kerberos" || $this->pw_storage == "sasl" ){
- $ret= kadm5_create_principal ( $handle, $principal);
-
- if ($ret === FALSE){
- print_red (_("Can't add user to kerberos database."));
- }
- }
-
- }
-
- /* Free kerberos admin handle */
- kadm5_destroy($handle);
}
/* Optionally execute a command after we're done */
/* Permissions for that base? */
if (isset($this->config->current['DNMODE']) && $this->config->current['DNMODE'] == "uid"){
- $new_dn= 'uid='.$this->uid.','.get_people_ou().$this->base;
+ $this->new_dn= 'uid='.$this->uid.','.get_people_ou().$this->base;
} else {
- $new_dn= 'cn='.$this->cn.','.get_people_ou().$this->base;
+ /* Don't touch dn, if cn hasn't changed */
+ if (isset($this->saved_attributes['cn']) && $this->saved_attributes['cn'] == $this->cn &&
+ $this->orig_base == $this->base ){
+ $this->new_dn= $this->dn;
+ } else {
+ $this->new_dn= $this->create_unique_dn('cn', get_people_ou().$this->base);
+ }
}
/* Set the new acl base */
$this->set_acl_base($this->base);
}
- /* must: sn, givenName, uid */
- if ($this->sn == "" && ($this->acl_is_writeable("sn",(!is_object($this->parent) && !isset($_SESSION['edit'])) || ($this->is_new)))){
- $message[]= _("The required field 'Name' is not set.");
- }
- /* UID already used? */
- $ldap= $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(uid=$this->uid)", array("uid"));
- $ldap->fetch();
- if ($ldap->count() != 0 && $this->dn == 'new'){
- $message[]= _("There's already a person with this 'Login' in the database.");
- }
+ if(!$this->multiple_support_active){
- /* In template mode, the uid and givenName are autogenerated... */
- if (!$this->is_template){
- if ($this->givenName == "" && $this->acl_is_writeable("givenName",(!is_object($this->parent) && !isset($_SESSION['edit'])))){
- $message[]= _("The required field 'Given name' is not set.");
+ /* must: sn, givenName, uid */
+ if ($this->sn == "" && ($this->acl_is_writeable("sn",(!is_object($this->parent) && !isset($_SESSION['edit'])) || ($this->is_new)))){
+ $message[]= _("The required field 'Name' is not set.");
}
- if ($this->uid == "" && $this->acl_is_writeable("uid",(!is_object($this->parent) && !isset($_SESSION['edit'])))){
- $message[]= _("The required field 'Login' is not set.");
+
+ /* UID already used? */
+ $ldap= $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(uid=$this->uid)", array("uid"));
+ $ldap->fetch();
+ if ($ldap->count() != 0 && $this->dn == 'new'){
+ $message[]= _("There's already a person with this 'Login' in the database.");
}
- if (!(isset($this->config->current['DNMODE']) && $this->config->current['DNMODE'] == "uid")){
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(cn=".$this->cn.")", array("uid"));
- $ldap->fetch();
- if ($ldap->count() != 0 && $this->dn != $new_dn && $this->dn == 'new'){
- $message[]= _("There's already a person with this 'Name'/'Given name' combination in the database.");
+
+ /* In template mode, the uid and givenName are autogenerated... */
+ if (!$this->is_template){
+ if ($this->givenName == "" && $this->acl_is_writeable("givenName",(!is_object($this->parent) && !isset($_SESSION['edit'])))){
+ $message[]= _("The required field 'Given name' is not set.");
+ }
+ if ($this->uid == "" && $this->acl_is_writeable("uid",(!is_object($this->parent) && !isset($_SESSION['edit'])))){
+ $message[]= _("The required field 'Login' is not set.");
+ }
+ if (!(isset($this->config->current['DNMODE']) && $this->config->current['DNMODE'] == "uid")){
+ $ldap->cat($this->new_dn);
+ if ($ldap->count() != 0 && $this->dn != $this->new_dn && $this->dn == 'new'){
+ $message[]= _("There's already a person with this 'Name'/'Given name' combination in the database.");
+ }
}
}
- }
- /* Check for valid input */
- if ($this->is_modified && !is_uid($this->uid)){
- $message[]= _("The field 'Login' contains invalid characters. Lowercase, numbers and dashes are allowed.");
- }
- if (!is_url($this->labeledURI)){
- $message[]= _("The field 'Homepage' contains an invalid URL definition.");
- }
- if (preg_match ("/[\\\\]/", $this->sn)){
- $message[]= _("The field 'Name' contains invalid characters.");
- }
- if (preg_match ("/[\\\\]/", $this->givenName)){
- $message[]= _("The field 'Given name' contains invalid characters.");
+ /* Check for valid input */
+ if ($this->is_modified && !is_uid($this->uid)){
+ $message[]= _("The field 'Login' contains invalid characters. Lowercase, numbers and dashes are allowed.");
+ }
+ if (!is_url($this->labeledURI)){
+ $message[]= _("The field 'Homepage' contains an invalid URL definition.");
+ }
+ if (preg_match ("/[\\\\]/", $this->sn)){
+ $message[]= _("The field 'Name' contains invalid characters.");
+ }
+ if (preg_match ("/[\\\\]/", $this->givenName)){
+ $message[]= _("The field 'Given name' contains invalid characters.");
+ }
}
/* Check phone numbers */
/* Indicate whether a password change is needed or not */
function password_change_needed()
{
- return ($this->pw_storage != $this->last_pw_storage);
+ return($this->pw_storage != $this->last_pw_storage);
}
}
/* Get back uid/sn/givenName */
- if ($this->parent != NULL){
+ if ($this->parent !== NULL){
$this->uid= $this->parent->uid;
$this->sn= $this->parent->sn;
$this->givenName= $this->parent->givenName;
}
- function plInfo()
+ static function plInfo()
{
$govattrs= array(
"gouvernmentOrganizationalUnitDescription" => _("Unit description"),
"gouvernmentOrganizationalUnitSubjectArea" => _("Subject area"),
"functionalTitle" => _("Functional title"),
- "certificateSerialNumber" => _(""),
+ "certificateSerialNumber" => _("Certificate serial number"),
"publicVisible" => _("Public visible"),
"street" => _("Street"),
"role" => _("Role"),
$ret["plProvidedAcls"][$attr] = $desc;
}
}
-
return($ret);
}
+
+
+
+
+
+
+
+
+ function get_values_to_update()
+ {
+ $ret = plugin::get_multi_edit_values();
+ return($ret);
+ }
+
+
+ function save_object_multiple()
+ {
+ foreach(array("pw_storage","base","edit_cert") as $attr){
+ if(isset($_POST["use_".$attr])){
+ $this->selected_edit_values[$attr] = TRUE;
+ }else{
+ $this->selected_edit_values[$attr] = FALSE;
+ }
+ }
+ }
+
+
+ function execute_multiple()
+ {
+ $smarty =get_smarty();
+ $language= array_merge(array(0 => " ") ,get_languages(TRUE));
+ $smarty->assign("preferredLanguage_list", $language);
+ @$smarty->assign("bases", $this->allowedBasesToMoveTo());
+ $smarty->assign("base_select", $this->base);
+
+ /* Save government mode attributes */
+ if (isset($this->config->current['GOVERNMENTMODE']) &&
+ preg_match('/true/i', $this->config->current['GOVERNMENTMODE'])){
+ $smarty->assign("governmentmode", "true");
+ $ivbbmodes= array("nein", "ivbv", "testa", "ivbv,testa", "internet",
+ "internet,ivbv", "internet,testa", "internet,ivbv,testa");
+ $smarty->assign("ivbbmodes", $ivbbmodes);
+ foreach ($this->govattrs as $val){
+ $smarty->assign("$val", $this->$val);
+ $smarty->assign("$val"."ACL", $this->getacl($val,(!is_object($this->parent) && !isset($_SESSION['edit']))));
+ }
+ } else {
+ $smarty->assign("governmentmode", "false");
+ }
+
+ $temp= passwordMethod::get_available_methods();
+ $hashes = $temp['name'];
+ $test= new $temp[$this->pw_storage]($this->config);
+ $is_configurable= $test->is_configurable();
+ $smarty->assign("pwmode", $hashes);
+ $smarty->assign("pwmode_select", $this->pw_storage);
+ $smarty->assign("pw_configurable", $is_configurable);
+
+ foreach($this->attributes as $attr){
+ if(isset($this->selected_edit_values[$attr]) && $this->selected_edit_values[$attr] == TRUE){
+ $smarty->assign("use_".$attr,TRUE);
+ }else{
+ $smarty->assign("use_".$attr,FALSE);
+ }
+ $smarty->assign($attr,$this->$attr);
+ }
+ foreach(array("pw_storage","base","edit_cert") as $attr){
+ if(isset($this->selected_edit_values[$attr]) && $this->selected_edit_values[$attr] == TRUE){
+ $smarty->assign("use_".$attr,TRUE);
+ }else{
+ $smarty->assign("use_".$attr,FALSE);
+ }
+ }
+ return($smarty->fetch (get_template_path('multiple_generic.tpl', TRUE, dirname(__FILE__))));
+ }
+
+
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: