![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/personal/posix/class_posixAccount.inc b/plugins/personal/posix/class_posixAccount.inc
index 47b7b36ada1c2b0c9ab95955e8279d7b165c0083..2a59d5b86323e1051632f534a586f1367022dd07 100644 (file)
var $plHeadline= "UNIX";
var $plDescription= "This does something";
- /* CLI vars */
- var $cli_summary= "Manage users posix account";
- var $cli_description= "Some longer text\nfor help";
- var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
-
/* Plugin specific values */
var $homeDirectory= "";
var $loginShell= "/bin/bash";
var $shadowInactive= "0";
var $shadowExpire= "0";
var $gosaDefaultPrinter= "";
- var $gosaDefaultLanguage= "";
var $accessTo= array();
var $trustModel= "";
+ var $glist=array();
var $status= "";
var $loginShellList= array();
var $groupMembership= array();
var $use_shadowExpire= "0";
var $must_change_password= "0";
var $force_ids= 0;
- var $printerList= array();
var $group_dialog= FALSE;
var $show_ws_dialog= FALSE;
var $secondaryGroups= array();
var $primaryGroup= 0;
var $was_trust_account= FALSE;
+ var $grouplist = array();
+ var $ui = array();
+
+ var $GroupRegex = "*";
+ var $GroupUserRegex = "*";
+ var $SubSearch = false;
+ var $memberGroup = array();
/* attribute list for save action */
- var $attributes= array("homeDirectory", "loginShell", "uidNumber", "gidNumber", "gecos",
+ var $CopyPasteVars = array("grouplist","groupMembership","use_shadowMin","use_shadowMax","use_shadowWarning","use_shadowInactive","use_shadowExpire","must_change_password","grouplist","savedGidNumber","savedUidNumber");
+ var $attributes = array("homeDirectory", "loginShell", "uidNumber", "gidNumber", "gecos",
"shadowMin", "shadowMax", "shadowWarning", "shadowInactive", "shadowLastChange",
- "shadowExpire", "gosaDefaultPrinter", "gosaDefaultLanguage", "uid");
+ "shadowExpire", "gosaDefaultPrinter", "uid","accessTo","trustModel");
var $objectclasses= array("posixAccount", "shadowAccount");
+ var $uid ="";
/* constructor, if 'dn' is set, the node loads the given
'dn' from LDAP */
- function posixAccount ($config, $dn= NULL)
+ function posixAccount ($config, $dn= NULL, $parent= NULL)
{
/* Configuration is fine, allways */
$this->config= $config;
/* Load bases attributes */
- plugin::plugin($config, $dn);
+ plugin::plugin($config, $dn, $parent);
+
+ /* set user id */
+ if(isset($this->attrs['uid'])){
+ $this->uid = $this->attrs['uid'][0];
+ }
$ldap= $this->config->get_ldap_link();
$this->was_trust_account= FALSE;
$this->trustModel= "";
}
+
+ $this->accessTo = array();
if ($this->is_account && isset($this->attrs['accessTo'])){
for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
$tmp= $this->attrs['accessTo'][$i];
/* Generate status text */
$current= date("U");
+
+ $current= floor($current / 60 /60 / 24);
+
if (($current >= $this->shadowExpire) && $this->shadowExpire){
- $this->status= "expired";
- if (($this->shadowExpire - $current) < $this->shadowInactive){
- $this->status.= ", grace time active";
+ $this->status= _("expired");
+ if (($current - $this->shadowExpire) < $this->shadowInactive){
+ $this->status.= ", "._("grace time active");
}
} elseif (($this->shadowLastChange + $this->shadowMin) >= $current){
- $this->status= "active, password not changable";
+ $this->status= _("active, password not changable");
} elseif (($this->shadowLastChange + $this->shadowMax) >= $current){
- $this->status= "active, password expired";
+ $this->status= _("active, password expired");
} else {
- $this->status= "active";
+ $this->status= _("active");
}
/* Get group membership */
}
/* Convert to seconds */
- if ($this->shadowExpire != 0){
- $this->shadowExpire*= 60 * 60 * 24;
- } else {
- $date= getdate();
- $this->shadowExpire= floor($date[0] / (60*60*24)) * 60 * 60 * 24;
- }
+ $this->shadowExpire= $this->convertToSeconds($this->shadowExpire);
- /* Generate shell list from /etc/gosa/shells */
- if (file_exists('/etc/gosa/shells')){
- $shells = file ('/etc/gosa/shells');
+ /* Generate shell list from CONFIG_DIR./shells */
+ if (file_exists(CONFIG_DIR.'/shells')){
+ $shells = file (CONFIG_DIR.'/shells');
foreach ($shells as $line){
if (!preg_match ("/^#/", $line)){
$this->loginShellList[]= trim($line);
$this->loginShellList[]= $this->loginShell;
}
- /* Generate printer list */
- if (isset($this->config->data['SERVERS']['CUPS'])){
- $this->printerList= get_printer_list ($this->config->data['SERVERS']['CUPS']);
- asort($this->printerList);
+ /* Set tag attribute if we've tagging activated */
+ $filter= "(objectClass=posixGroup)";
+ $ui= get_userinfo();
+ if ($ui->gosaUnitTag != "" && isset($config->current['STRICT_UNITS']) &&
+ preg_match('/TRUE/i', $config->current['STRICT_UNITS'])){
+ $filter= "(&(objectClass=posixGroup)(gosaUnitTag=".$ui->gosaUnitTag."))";
}
/* Generate group list */
$ldap->cd($this->config->current['BASE']);
- $ldap->search("(objectClass=posixGroup)", array("cn", "gidNumber"));
+ $ldap->search("$filter", array("cn", "gidNumber"));
$this->secondaryGroups[]= "- "._("automatic")." -";
while ($attrs= $ldap->fetch()){
$this->secondaryGroups[$attrs['gidNumber'][0]]= $attrs['cn'][0];
"regex" => "*");
register_global("sysfilter", $sysfilter);
}
+ $this->ui = get_userinfo();
}
/* execute generates the html output for this node */
- function execute()
+ function execute($isCopyPaste = false)
{
+ /* Call parent execute */
+ plugin::execute();
+ $display= "";
+
+ /* Department has changed? */
+ if(isset($_POST['depselect'])){
+ $_SESSION['CurrentMainBase']= validate($_POST['depselect']);
+ }
+
+ if(!$isCopyPaste){
+
+ $required = (isset($this->parent->by_object['sambaAccount']) && $this->parent->by_object['sambaAccount']->is_account) ||
+ (isset($this->parent->by_object['environment'] ) && $this->parent->by_object['environment'] ->is_account);
+
/* Do we need to flip is_account state? */
if (isset($_POST['modify_state'])){
- $this->is_account= !$this->is_account;
+ if($this->is_account && $this->acl == "#all#" && !$required ){
+ $this->is_account= !$this->is_account;
+ }elseif(!$this->is_account && chkacl($this->acl,"create") == ""){
+ $this->is_account= !$this->is_account;
+ }
}
/* Do we represent a valid posixAccount? */
if (!$this->is_account && $this->parent == NULL ){
- $display= "<img src=\"images/stop.png\" align=center> <b>".
+ $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
_("This account has no unix extensions.")."</b>";
$display.= back_to_main();
return ($display);
}
- $display= "";
/* Show tab dialog headers */
if ($this->parent != NULL){
$obj= $this->parent->by_object['sambaAccount'];
}
if (isset($obj) && $obj->is_account == TRUE &&
- isset($this->parent->by_object['sambaAccount'])){
+ ((isset($this->parent->by_object['sambaAccount']))&&($this->parent->by_object['sambaAccount']->is_account))
+ ||(isset($this->parent->by_object['environment'] ))&&($this->parent->by_object['environment'] ->is_account)){
/* Samba3 dependency on posix accounts are enabled
in the moment, because I need to rely on unique
uidNumbers. There'll be a better solution later
on. */
$display= $this->show_header(_("Remove posix account"),
- _("This account has unix features enabled. To disable them, you'll need to remove the samba account first."), TRUE);
+ _("This account has unix features enabled. To disable them, you'll need to remove the samba / environment account first."), TRUE);
} else {
$display= $this->show_header(_("Remove posix account"),
_("This account has posix features enabled. You can disable them by clicking below."));
return($display);
}
}
+ }
+ /* Trigger group edit? */
+ if (isset($_POST['edit_groupmembership'])){
+ $this->group_dialog= TRUE;
+ $this->dialog= TRUE;
+ }
- /* Trigger group edit? */
- if (isset($_POST['edit_groupmembership'])){
- $this->group_dialog= TRUE;
- $this->dialog= TRUE;
- }
-
- /* Cancel group edit? */
- if (isset($_POST['add_groups_cancel']) ||
- isset($_POST['add_groups_finish'])){
- $this->group_dialog= FALSE;
- $this->dialog= FALSE;
- }
+ /* Cancel group edit? */
+ if (isset($_POST['add_groups_cancel']) ||
+ isset($_POST['add_groups_finish'])){
+ $this->group_dialog= FALSE;
+ $this->dialog= FALSE;
+ }
- /* Add selected groups */
- if (isset($_POST['add_groups_finish']) && isset($_POST['groups']) &&
- count($_POST['groups'])){
+ /* Add selected groups */
+ if (isset($_POST['add_groups_finish']) && isset($_POST['groups']) &&
+ count($_POST['groups'])){
if (chkacl ($this->acl, "memberUid") == ""){
$this->addGroup ($_POST['groups']);
}
/* Add user workstation? */
- if (isset($_POST["add_ws"])){
+ if (isset($_POST["add_ws"]) && chkacl($this->acl,"allowedHosts") == ""){
$this->show_ws_dialog= TRUE;
$this->dialog= TRUE;
}
}
/* Remove user workstations? */
- if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
+ if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list']) && chkacl($this->acl,"allowedHosts") == ""){
foreach($_POST['workstation_list'] as $name){
unset ($this->accessTo[$name]);
}
$acl= array($this->config->current['BASE'] => ":all");
$regex= $sysfilter['regex'];
$filter= "(&(|(objectClass=goServer)(objectClass=gotoWorkstation)(objectClass=gotoTerminal))$exclude(cn=*)(cn=$regex))";
- $res= get_list($acl, "$filter", TRUE, $sysfilter['depselect'], array("cn"), TRUE);
+ $res= get_list($filter, $acl, $sysfilter['depselect'], array("cn"), GL_SUBSEARCH | GL_SIZELIMIT);
$wslist= array();
foreach ($res as $attrs){
$wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
}
$smarty->assign("hint", print_sizelimit_warning());
$smarty->assign("wslist", $wslist);
+ $smarty->assign("apply", apply_filter());
$display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
return ($display);
}
/* Manage group add dialog */
if ($this->group_dialog){
- $gd= new groupManagement($this->config, get_userinfo());
- /* Save data */
- $groupfilter= get_global("groupfilter");
- foreach( array("depselect", "guser", "regex") as $type){
- if (isset($_POST[$type])){
- $groupfilter[$type]= $_POST[$type];
- }
- }
- if (isset($_POST['depselect'])){
- foreach( array("primarygroups", "sambagroups", "mailgroups", "appgroups",
- "functionalgroups") as $type){
-
- if (isset($_POST[$type])) {
- $groupfilter[$type]= "checked";
- } else {
- $groupfilter[$type]= "";
- }
- }
- }
- if (isset($_GET['search'])){
- $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
- if ($s == "**"){
- $s= "*";
- }
- $groupfilter['regex']= $s;
- }
- register_global("groupfilter", $groupfilter);
+ /* Get global filter config */
+ $this->reload();
- /* Calculate actual groups */
- $gd->reload();
+ /* remove already assigned groups */
$glist= array();
- foreach ($gd->grouplist as $key => $value){
+ foreach ($this->grouplist as $key => $value){
if (!isset($this->groupMembership[$key])){
$glist[$key]= $value;
}
}
- /* Show dialog */
+ if($this->SubSearch){
+ $smarty->assign("SubSearchCHK"," checked ");
+ }else{
+ $smarty->assign("SubSearchCHK","");
+ }
+
+ $smarty->assign("regex",$this->GroupRegex);
+ $smarty->assign("guser",$this->GroupUserRegex);
$smarty->assign("groups", $glist);
$smarty->assign("search_image", get_template_path('images/search.png'));
$smarty->assign("launchimage", get_template_path('images/small_filter.png'));
$smarty->assign("tree_image", get_template_path('images/tree.png'));
$smarty->assign("deplist", $this->config->idepartments);
$smarty->assign("alphabet", generate_alphabet());
- foreach( array("depselect", "guser", "regex", "primarygroups", "mailgroups",
- "appgroups", "sambagroups", "functionalgroups") as $type){
- $smarty->assign("$type", $groupfilter[$type]);
- }
+ $smarty->assign("depselect",$_SESSION['CurrentMainBase']);
$smarty->assign("hint", print_sizelimit_warning());
+ $smarty->assign("apply", apply_filter());
$display.= $smarty->fetch (get_template_path('posix_groups.tpl', TRUE, dirname(__FILE__)));
return ($display);
}
"use_shadowWarning") as $val){
if ($this->$val == 1){
$smarty->assign("$val", "checked");
- $smarty->assign("$val"."ACL", chkacl($this->acl, $val));
+ } else {
+ $smarty->assign("$val", "");
}
+ $smarty->assign("$val"."ACL", chkacl($this->acl, $val));
}
}
/* Fill calendar */
- $date= getdate($this->shadowExpire);
+
+ /* If this $this->shadowExpire is empty
+ use current date as base for calculating selectbox values.
+ (This attribute is empty if this is a new user )*/
+ if(empty($this->shadowExpire)){
+ $date= getdate(time());
+ }else{
+ $date= getdate($this->shadowExpire);
+ }
$days= array();
for($d= 1; $d<32; $d++){
$smarty->assign("shells", $this->loginShellList);
$smarty->assign("secondaryGroups", $this->secondaryGroups);
$smarty->assign("primaryGroup", $this->primaryGroup);
- $smarty->assign("groupMembership", $this->groupMembership);
+ if (!count($this->groupMembership)){
+ $smarty->assign("groupMembership", array(" "));
+ } else {
+ $smarty->assign("groupMembership", $this->groupMembership);
+ }
if (count($this->groupMembership) > 16){
$smarty->assign("groups", "too_many_for_nfs");
+ } else {
+ $smarty->assign("groups", "");
}
- $smarty->assign("printerList", $this->printerList);
- $smarty->assign("languages", $this->config->data['MAIN']['LANGUAGES']);
+
+ /* Avoid "Undefined index: forceMode" */
+ $smarty->assign("forceMode", "");
/* Checkboxes */
if ($this->force_ids == 1){
$smarty->assign("force_ids", "checked");
+ if ($_SESSION['js']){
+ $smarty->assign("forceMode", "");
+ }
} else {
- if ($_SESSION["js"]){
+ if ($_SESSION['js']){
+ if($this->acl != "#none#")
$smarty->assign("forceMode", "disabled");
}
+ $smarty->assign("force_ids", "");
}
$smarty->assign("force_idsACL", chkacl($this->acl, "force_ids"));
/* Load attributes and acl's */
foreach($this->attributes as $val){
+ if((chkacl($this->acl,$val)=="")&&(($_SESSION["js"])&&(($val=="uidNumber")||($val=="gidNumber"))))
+ {
+ $smarty->assign("$val"."ACL","");
+ $smarty->assign("$val", $this->$val);
+ continue;
+ }
$smarty->assign("$val", $this->$val);
$smarty->assign("$val"."ACL", chkacl($this->acl,$val));
}
$smarty->assign("groupMembershipACL", chkacl($this->acl, "groupMembership"));
- $smarty->assign("must_change_password", chkacl($this->acl, "must_change_password"));
+ $smarty->assign("status", $this->status);
/* Work on trust modes */
$smarty->assign("trustmodeACL", chkacl($this->acl, "trustmode"));
if ($this->trustModel == "fullaccess"){
$trustmode= 1;
- $smarty->assign("trusthide", "disabled");
+ // pervent double disable tag in html code, this will disturb our clean w3c html
+
+ if(chkacl($this->acl, "trustmode")==""){
+ $smarty->assign("trusthide", "disabled");
+ }else{
+ $smarty->assign("trusthide", "");
+ }
+
} elseif ($this->trustModel == "byhost"){
$trustmode= 2;
$smarty->assign("trusthide", "");
} else {
- $smarty->assign("trusthide", "disabled");
+ // pervent double disable tag in html code, this will disturb our clean w3c html
+ if(chkacl($this->acl, "trustmode")==""){
+ $smarty->assign("trusthide", "disabled");
+ }else{
+ $smarty->assign("trusthide", "");
+ }
$trustmode= 0;
}
$smarty->assign("trustmode", $trustmode);
$smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
2 => _("allow access to these hosts")));
+
+
+
+ if((count($this->accessTo))==0)
+ $smarty->assign("emptyArrAccess",true);
+ else
+ $smarty->assign("emptyArrAccess",false);
+
+
+
$smarty->assign("workstations", $this->accessTo);
+ $smarty->assign("apply", apply_filter());
$display.= $smarty->fetch (get_template_path('generic.tpl', TRUE, dirname(__FILE__)));
return($display);
}
if (!$this->initially_was_account){
return;
}
-
+
/* include global link_info */
$ldap= $this->config->get_ldap_link();
-
- /* Remove and write to LDAP */
+
+ /* Remove and write to LDAP */
plugin::remove_from_parent();
/* Zero out array */
/* Keep uid, because we need it for authentification! */
unset($this->attrs['uid']);
+ unset($this->attrs['trustModel']);
@DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__,
$this->attributes, "Save");
$ldap->cd($this->dn);
- $ldap->modify($this->attrs);
- show_ldap_error($ldap->get_error());
+ $this->cleanup();
+ $ldap->modify ($this->attrs);
+
+ show_ldap_error($ldap->get_error(), _("Removing UNIX account failed"));
/* Delete group only if cn is uid and there are no other
members inside */
}
/* Optionally execute a command after we're done */
- $this->handle_post_events("remove");
+ $this->handle_post_events("remove", array("uid" => $this->uid));
}
$this->is_modified= TRUE;
}
$this->primaryGroup= $_POST['primaryGroup'];
+ if ($this->primaryGroup != 0){
+ $this->gidNumber= $this->primaryGroup;
+ }
}
/* Save pwmode dependent attributes, curently hardcoded because there're
}
/* Trust mode - special handling */
- if (isset($_POST['trustmode'])){
+ if (isset($_POST['trustmode']) && chkacl($this->acl,"allowedHosts") == ""){
$saved= $this->trustModel;
if ($_POST['trustmode'] == "1"){
$this->trustModel= "fullaccess";
}
}
}
+
+ /* Get regex from alphabet */
+ if(isset($_GET['search'])){
+ $this->GroupRegex = $_GET['search']."*";
+ }
+
+ /* Check checkboxes and regexes */
+ if(isset($_POST["PosixGroupDialogPosted"])){
+ if(isset($_POST['SubSearch']) && ($_POST['SubSearch'])){
+ $this->SubSearch = true;
+ }else{
+ $this->SubSearch = false;
+ }
+
+ if(isset($_POST['guser'])){
+ $this->GroupUserRegex = $_POST['guser'];
+ }
+ if(isset($_POST['regex'])){
+ $this->GroupRegex = $_POST['regex'];
+ }
+ }
+ $this->GroupRegex = preg_replace("/\*\**/","*",$this->GroupRegex);
+ $this->GroupUserRegex = preg_replace("/\*\**/","*",$this->GroupUserRegex);
}
/* Save data to LDAP, depending on is_account we save or delete */
function save()
{
+
/* include global link_info */
$ldap= $this->config->get_ldap_link();
$this->shadowExpire= "0";
} else {
/* Transform seconds to days here */
- $this->shadowExpire= (int)($this->shadowExpire / (60 * 60 * 24)) + 1;
+ $this->shadowExpire= (int)($this->shadowExpire / (60 * 60 * 24)) ;
}
if (!$this->use_shadowMax){
$this->shadowMax= "0";
}
add_lock ("uidnumber", "gosa");
- $this->uidNumber= $this->get_next_id("uidNumber");
+ $this->uidNumber= $this->get_next_id("uidNumber", $this->dn);
if ($this->savedGidNumber != ""){
$this->gidNumber= $this->savedGidNumber;
} else {
- $this->gidNumber= $this->get_next_id("gidNumber");
+ $this->gidNumber= $this->get_next_id("gidNumber", $this->dn);
}
}
$this->shadowExpire = "";
}
- /* Call parents save to prepare $this->attrs */
- plugin::save();
-
/* Fill gecos */
if (isset($this->parent) && $this->parent != NULL){
- $this->gecos= $this->parent->by_object['user']->cn;
+ $this->gecos= rewrite($this->parent->by_object['user']->cn);
+ if (!preg_match('/^[a-z0-9 -]+$/i', $this->gecos)){
+ $this->gecos= "";
+ }
}
+ foreach(array("shadowMin","shadowMax","shadowWarning","shadowInactive","shadowExpire") as $attr){
+ $this->$attr = (int) $this->$attr;
+ }
+ /* Call parents save to prepare $this->attrs */
+ plugin::save();
+
/* Trust accounts */
$objectclasses= array();
foreach ($this->attrs['objectClass'] as $key => $class){
}
}
+ if(empty($this->attrs['gosaDefaultPrinter'])){
+ $thid->attrs['gosaDefaultPrinter']=array();
+ }
+
+
/* Save data to LDAP */
$ldap->cd($this->dn);
- $ldap->modify($this->attrs);
- show_ldap_error($ldap->get_error());
+ $this->cleanup();
+ unset($this->attrs['uid']);
+ $ldap->modify ($this->attrs);
+
+ show_ldap_error($ldap->get_error(), _("Saving UNIX account failed"));
/* Remove lock needed for unique id generation */
del_lock ("uidnumber");
- /* Posix accounts have group interrelationship, take care about these here. */
- if ($this->force_ids == 0 && $this->primaryGroup == 0){
+ /* Posix accounts have group interrelationship,
+ take care about these here if this is a new user without forced gidNumber. */
+ if ($this->force_ids == 0 && $this->primaryGroup == 0 && !$this->initially_was_account){
$ldap->cd($this->config->current['BASE']);
$ldap->search("(&(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))", array("cn"));
/* Create group if it doesn't exist */
if ($ldap->count() == 0){
$groupdn= preg_replace ('/^'.$this->config->current['DNMODE'].'=[^,]+,'.get_people_ou().'/i', 'cn='.$this->uid.','.get_groups_ou(), $this->dn);
-
$g= new group($this->config, $groupdn);
$g->cn= $this->uid;
$g->force_gid= 1;
$g->save ();
}
}
-
+
/* Take care about groupMembership values: add to groups */
foreach ($this->groupMembership as $key => $value){
- $g= new group($this->config, $key);
- $g->addUser ($this->uid);
- $g->save();
-
- /* May need to save the mail part, too */
- if ($g->has_mailAccount){
- $m= new mailgroup($this->config, $key);
- $m->save();
+ if (!isset($this->savedGroupMembership[$key])){
+ $g= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $key, false);
+ $g->by_object['group']->addUser($this->uid);
+ $g->save();
}
}
-
+
/* Remove from groups not listed in groupMembership */
foreach ($this->savedGroupMembership as $key => $value){
- if (!array_key_exists ($key, $this->groupMembership)){
- $g= new group($this->config, $key);
- $g->removeUser ($this->uid);
+ if (!isset($this->groupMembership[$key])){
+ $g= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $key);
+ $g->by_object['group']->removeUser ($this->uid);
$g->save();
-
- /* May need to save the mail part, too */
- if ($g->has_mailAccount){
- $m= new mailgroup($this->config, $key);
- $m->save();
- }
}
}
/* Optionally execute a command after we're done */
if ($this->initially_was_account == $this->is_account){
if ($this->is_modified){
- $this->handle_post_events("mofify");
+ $this->handle_post_events("modify",array("uid" => $this->uid));
}
} else {
- $this->handle_post_events("add");
+ $this->handle_post_events("add",array("uid" , $this->uid));
}
}
/* Include global link_info */
$ldap= $this->config->get_ldap_link();
- /* Reset message array */
- $message= array();
+ /* Append groups as memberGroup: to check hook
+ */
+ $tmp_attributes = $this->attributes;
+ $this->attributes[] = "memberGroup";
+ $this->memberGroup = array();
+ foreach($this->groupMembership as $dn => $name){
+ $this->memberGroup[] = $name;
+ }
+
+ /* Call common method to give check the hook */
+ $message= plugin::check();
+ $this->attributes = $tmp_attributes;
/* must: homeDirectory */
if ($this->homeDirectory == ""){
$message[]= _("Value specified as 'GID' is too small.");
}
}
-
}
/* Check shadow settings, well I like spaghetties... */
}
}
+ // if(empty($this->gosaDefaultPrinter)){
+ // $message[]= _("You need to specify a valid default printer.");
+ // }
+
return ($message);
}
-
- /* Add posix user to some groups */
function addGroup ($groups)
{
/* include global link_info */
/* Walk through groups and add the descriptive entry if not exists */
foreach ($groups as $value){
if (!array_key_exists($value, $this->groupMembership)){
- $ldap->cat($value);
+ $ldap->cat($value, array('cn', 'description', 'dn'));
$attrs= $ldap->fetch();
error_reporting (0);
if (!isset($attrs['description'][0])){
$entry= $attrs["cn"][0]." [$dsc]";
}
error_reporting (E_ALL);
- $this->groupMembership[$ldap->getDN()]= $entry;
+ $this->groupMembership[$attrs['dn']]= $entry;
}
}
if ($ldap->count() != 1){
$this->primaryGroup= $this->gidNumber;
}
+
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(&(objectClass=gosaUserTemplate)(uid=".$template.")(accessTo=*))", array("cn","accessTo"));
+
+ while($attr = $ldap->fetch()){
+ $tmp = $attr['accessTo'];
+ unset ($tmp['count']);
+ $this->accessTo = $tmp;
+ }
+
+ /* Adjust shadow checkboxes */
+ foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive") as $val){
+ if ($this->$val != 0){
+ $oval= "use_".$val;
+ $this->$oval= "1";
+ }
+ }
+
+ /*
+ * If shadowExpire is not enabled in the template, it's a UNIX timestamp - so don't convert it to seconds.
+ * The check is a hack - if difference between timestamp generated above and here is max 1 day.
+ */
+ if(abs($this->shadowExpire - time())>86400) {
+ $this->shadowExpire= $this->convertToSeconds($this->shadowExpire);
+ }
+
+ /* Only enable checkbox, if shadowExpire is in the future */
+ if($this->shadowExpire > time()) {
+ $this->use_shadowExpire= "1";
+ }
}
- function get_next_id($attrib)
+ function get_next_id($attrib, $dn)
{
$ids= array();
$ldap= $this->config->get_ldap_link();
$ldap->cd ($this->config->current['BASE']);
- $ldap->search ("($attrib=*)", array("$attrib"));
+ if (preg_match('/gidNumber/i', $attrib)){
+ $oc= "posixGroup";
+ } else {
+ $oc= "posixAccount";
+ }
+ $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
/* Get list of ids */
while ($attrs= $ldap->fetch()){
$ids[]= (int)$attrs["$attrib"][0];
}
+ /* Add the nobody id */
+ $ids[]= 65534;
+
/* Find out next free id near to UID_BASE */
- for ($id= $this->config->current['UIDBASE']; $id++; $id<65000){
+ if (!isset($this->config->current['BASE_HOOK'])){
+ $base= $this->config->current['UIDBASE'];
+ } else {
+ /* Call base hook */
+ $base= get_base_from_hook($dn, $attrib);
+ }
+ for ($id= $base; $id++; $id < pow(2,32)){
if (!in_array($id, $ids)){
return ($id);
}
}
- /* Should not happen */
- if ($id == 65000){
- print_red(_("Too many users, can't allocate a free ID!"));
+ /* Check if current id reaches the maximum of 32 bit */
+ if ($id >= pow(2,32)){
+ echo _("Too many users, can't allocate a free ID!");
exit;
}
+ }
+
+ function reload()
+ {
+ /* Set base for all searches */
+ $base = $_SESSION['CurrentMainBase'];
+ $ldap = $this->config->get_ldap_link();
+ $attrs = array("cn", "description", "gidNumber");
+ $Flags = GL_SIZELIMIT;
+
+ /* Get groups */
+ if ($this->GroupUserRegex == '*'){
+ $filter = "(&(objectClass=posixGroup)(cn=".$this->GroupRegex."))";
+ } else {
+ $filter= "(&(objectClass=posixGroup)(cn=".$this->GroupRegex.")(memberUid=".$this->GroupUserRegex."))";
+ }
+ if($this->SubSearch){
+ $Flags |= GL_SUBSEARCH;
+ }else{
+ $base = get_groups_ou().$base;
+ }
+
+
+ $res= get_list($filter, $this->ui->subtreeACL, $base,$attrs, $Flags);
+ /* check sizelimit */
+ if (preg_match("/size limit/i", $ldap->error)){
+ $_SESSION['limit_exceeded']= TRUE;
+ }
+
+ /* Create a list of users */
+ $this->grouplist = array();
+ foreach ($res as $value){
+ $this->grouplist[$value['gidNumber'][0]]= $value;
+ }
+
+ $tmp=array();
+ foreach($this->grouplist as $tkey => $val ){
+ $tmp[strtolower($val['cn'][0]).$val['cn'][0]]=$val;
+ }
+
+ /* Sort index */
+ ksort($tmp);
+
+ /* Recreate index array[dn]=cn[description]*/
+ $this->grouplist=array();
+ foreach($tmp as $val){
+ if(isset($val['description'])){
+ $this->grouplist[$val['dn']]=$val['cn'][0]." [".$val['description'][0]."]";
+ }else{
+ $this->grouplist[$val['dn']]=$val['cn'][0];
+ }
+ }
+ reset ($this->grouplist);
+ }
+
+
+ /* Get posts from copy & paste dialog */
+ function saveCopyDialog()
+ {
+ if(isset($_POST['homeDirectory'])){
+ $this->homeDirectory = $_POST['homeDirectory'];
+ if (isset ($_POST['force_ids'])){
+ $data= 1;
+ $this->gidNumber = $_POST['gidNumber'];
+ $this->uidNumber = $_POST['uidNumber'];
+ } else {
+ $data= 0;
+ }
+ if ($this->force_ids != $data){
+ $this->is_modified= TRUE;
+ }
+ $this->force_ids= $data;
+ }
+ }
+
+
+ /* Create the posix dialog part for copy & paste */
+ function getCopyDialog()
+ {
+ /* Skip dialog creation if this is not a valid account */
+ if(!$this->is_account) return("");
+ if ($this->force_ids == 1){
+ $force_ids = "checked";
+ if ($_SESSION['js']){
+ $forceMode = "";
+ }
+ } else {
+ if ($_SESSION['js']){
+ if($this->acl != "#none#")
+ $forceMode ="disabled";
+ }
+ $force_ids = "";
+ }
+
+ $sta = "";
+
+ /* Open group add dialog */
+ if(isset($_POST['edit_groupmembership'])){
+ $this->group_dialog = TRUE;
+ $sta = "SubDialog";
+ }
+
+ /* If the group-add dialog is closed, call execute
+ to ensure that the membership is updatd */
+ if(isset($_POST['add_groups_finish']) || isset($_POST['add_groups_cancel'])){
+ $this->execute();
+ $this->group_dialog =FALSE;
+ }
+
+ if($this->group_dialog){
+ $str = $this->execute(true);
+ $ret = array();
+ $ret['string'] = $str;
+ $ret['status'] = $sta;
+ return($ret);
+ }
+
+ /* If a group member should be deleted, simply call execute */
+ if(isset($_POST['delete_groupmembership'])){
+ $this->execute();
+ }
+
+ /* Assigned informations to smarty */
+ $smarty = get_smarty();
+ $smarty->assign("homeDirectory",$this->homeDirectory);
+ $smarty->assign("uidNumber",$this->uidNumber);
+ $smarty->assign("gidNumber",$this->gidNumber);
+ $smarty->assign("forceMode",$forceMode);
+ $smarty->assign("force_ids",$force_ids);
+ if (!count($this->groupMembership)){
+ $smarty->assign("groupMembership", array(" "));
+ } else {
+ $smarty->assign("groupMembership", $this->groupMembership);
+ }
+
+ /* Display wars message if there are more than 16 group members */
+ if (count($this->groupMembership) > 16){
+ $smarty->assign("groups", "too_many_for_nfs");
+ } else {
+ $smarty->assign("groups", "");
+ }
+ $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
+
+ $ret = array();
+ $ret['string'] = $str;
+ $ret['status'] = $sta;
+ return($ret);
+ }
+
+ function PrepareForCopyPaste($source)
+ {
+ plugin::PrepareForCopyPaste($source);
+
+ /* Avoid using the same gid/uid number as source user */
+ $this->savedUidNumber = $this->get_next_id("uidNumber", $this->dn);
+ $this->savedGidNumber = $this->get_next_id("gidNumber", $this->dn);
+ }
+
+ function convertToSeconds($val)
+ {
+ if ($val != 0){
+ $val*= 60 * 60 * 24;
+ } else {
+ $date= getdate();
+ $val= floor($date[0] / (60*60*24)) * 60 * 60 * 24;
+ }
+ return($val);
}
}