![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/personal/posix/class_posixAccount.inc b/plugins/personal/posix/class_posixAccount.inc
index c56e3050296dee34218d90d57377e493364220fa..a67d03b95f1afda74da42c4534294c8c1963d733 100644 (file)
var $use_shadowWarning= "0";
var $use_shadowInactive= "0";
var $use_shadowExpire= "0";
- var $must_change_password= "0";
+ var $mustchangepassword= "0";
var $force_ids= 0;
var $printerList= array();
var $group_dialog= FALSE;
/* attribute list for save action */
var $CopyPasteVars = array("grouplist","groupMembership","use_shadowMin","use_shadowMax",
- "use_shadowWarning","use_shadowInactive","use_shadowExpire","must_change_password",
+ "use_shadowWarning","use_shadowInactive","use_shadowExpire","mustchangepassword",
"force_ids","printerList","grouplist","savedGidNumber","savedUidNumber","savedGroupMembership");
var $attributes = array("homeDirectory", "loginShell", "uidNumber", "gidNumber", "gecos",
/* execute generates the html output for this node */
function execute($isCopyPaste = false)
{
+ echo "Fix get_list for group add";
+
/* Call parent execute */
plugin::execute();
$display= "";
}
if(!$isCopyPaste){
+
/* Do we need to flip is_account state? */
- if (isset($_POST['modify_state'])){
- $this->is_account= !$this->is_account;
+ if(isset($_POST['modify_state'])){
+ if($this->is_account && $this->acl_is_removeable()){
+ $this->is_account= FALSE;
+ }elseif(!$this->is_account && $this->acl_is_createable()){
+ $this->is_account= TRUE;
+ }
}
/* Do we represent a valid posixAccount? */
if (isset($_POST['add_groups_finish']) && isset($_POST['groups']) &&
count($_POST['groups'])){
- if (chkacl ($this->acl, "memberUid") == ""){
- $this->addGroup ($_POST['groups']);
- $this->is_modified= TRUE;
- }
+ echo "FIXME, 302, put the acl check into addGroup function ";
+ #if (chk acl ($this->acl, "memberUid") == ""){
+ # $this->addGroup ($_POST['groups']);
+ # $this->is_modified= TRUE;
+ #}
}
/* Delete selected groups */
if (isset($_POST['delete_groupmembership']) &&
isset($_POST['group_list']) && count($_POST['group_list'])){
- if (chkacl ($this->acl, "memberUid") == ""){
- $this->delGroup ($_POST['group_list']);
- $this->is_modified= TRUE;
- }
+ echo "FIXME, 302, put the acl check into addGroup function ";
+ #if (chk acl ($this->acl, "memberUid") == ""){
+ # $this->delGroup ($_POST['group_list']);
+ # $this->is_modified= TRUE;
+ #}
}
/* Add user workstation? */
/* remove already assigned groups */
$glist= array();
foreach ($this->grouplist as $key => $value){
- if (!isset($this->groupMembership[$key]) && obj_is_writable($key,"group","memberUid")){
+ if (!isset($this->groupMembership[$key]) && obj_is_writable($key,"group","memberUid",$SkipWrite)){
$glist[$key]= $value;
}
}
/* Show main page */
$smarty= get_smarty();
+ /* In 'MyAccount' mode, we must remove write acls if we are not in editing mode. */
+ $SkipWrite = (!isset($this->parent) || !$this->parent) && !isset($_SESSION['edit']);
+
/* Depending on pwmode, currently hardcoded because there are no other methods */
if ( 1 == 1 ){
$smarty->assign("pwmode", dirname(__FILE__)."/posix_shadow");
- $shadowMinACL= chkacl($this->acl, "shadowMin");
- $smarty->assign("shadowmins", sprintf(_("Password can't be changed up to %s days after last change"), "<input name=\"shadowMin\" size=3 maxlength=4 $shadowMinACL value=\"".$this->shadowMin."\">"));
- $shadowMaxACL= chkacl($this->acl, "shadowMax");
- $smarty->assign("shadowmaxs", sprintf(_("Password must be changed after %s days"), "<input name=\"shadowMax\" size=3 maxlength=4 $shadowMaxACL value=\"".$this->shadowMax."\">"));
- $shadowInactiveACL= chkacl($this->acl, "shadowInactive");
- $smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiery"), "<input name=\"shadowInactive\" size=3 maxlength=4 $shadowInactiveACL value=\"".$this->shadowInactive."\">"));
- $shadowWarningACL= chkacl($this->acl, "shadowWarning");
- $smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiery"), "<input name=\"shadowWarning\" size=3 maxlength=4 $shadowWarningACL value=\"".$this->shadowWarning."\">"));
- foreach( array("must_change_password", "use_shadowMin", "use_shadowMax",
- "use_shadowExpire", "use_shadowInactive",
- "use_shadowWarning") as $val){
+
+ $shadowMinACL = $this->getacl("shadowMin",$SkipWrite);
+ $smarty->assign("shadowmins", sprintf(_("Password can't be changed up to %s days after last change"),
+ "<input name=\"shadowMin\" size=3 maxlength=4 $shadowMinACL value=\"".$this->shadowMin."\">"));
+
+ $shadowMaxACL = $this->getacl("shadowMax",$SkipWrite);
+ $smarty->assign("shadowmaxs", sprintf(_("Password must be changed after %s days"),
+ "<input name=\"shadowMax\" size=3 maxlength=4 $shadowMaxACL value=\"".$this->shadowMax."\">"));
+
+ $shadowInactiveACL= $this->getacl("shadowInactive",$SkipWrite);
+ $smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiery"),
+ "<input name=\"shadowInactive\" size=3 maxlength=4 $shadowInactiveACL value=\"".$this->shadowInactive."\">"));
+
+ $shadowWarningACL = $this->getacl("shadowWarning",$SkipWrite);
+ $smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiery"),
+ "<input name=\"shadowWarning\" size=3 maxlength=4 $shadowWarningACL value=\"".$this->shadowWarning."\">"));
+
+ foreach( array("use_shadowMin", "use_shadowMax",
+ "use_shadowExpire", "use_shadowInactive","use_shadowWarning") as $val){
if ($this->$val == 1){
$smarty->assign("$val", "checked");
} else {
$smarty->assign("$val", "");
}
- $smarty->assign("$val"."ACL", chkacl($this->acl, $val));
+ $smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
+ }
+
+ if($this->mustchangepassword){
+ $smarty->assign("mustchangepassword", "checked");
+ } else {
+ $smarty->assign("mustchangepassword", "");
}
+ $smarty->assign("mustchangepasswordACL", $this->getacl("mustchangepassword",$SkipWrite));
}
/* Fill calendar */
}
$smarty->assign("force_ids", "");
}
- $smarty->assign("force_idsACL", chkacl($this->acl, "force_ids"));
+
+
+
+ $smarty->assign("force_idsACL", $this->getacl("uidNumber",$SkipWrite).$this->getacl("gidNumber",$SkipWrite));
/* Load attributes and acl's */
foreach($this->attributes as $val){
- if((chkacl($this->acl,$val)=="")&&(($_SESSION["js"])&&(($val=="uidNumber")||($val=="gidNumber"))))
+ if(($_SESSION["js"])&&(($val=="uidNumber")||($val=="gidNumber")))
{
- $smarty->assign("$val"."ACL","");
+ $smarty->assign("$val"."ACL",$this->getacl($val,$SkipWrite));
$smarty->assign("$val", $this->$val);
continue;
}
$smarty->assign("$val", $this->$val);
- $smarty->assign("$val"."ACL", chkacl($this->acl,$val));
+ $smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
+ }
+ if($SkipWrite){
+ $smarty->assign("groupMembershipACL","r");
+ }else{
+ $smarty->assign("groupMembershipACL","rw");
}
- $smarty->assign("groupMembershipACL", chkacl($this->acl, "groupMembership"));
$smarty->assign("status", $this->status);
/* Work on trust modes */
- $smarty->assign("trustmodeACL", chkacl($this->acl, "trustmode"));
+ $smarty->assign("trustmodeACL", $this->getacl("trustModel",$SkipWrite));
if ($this->trustModel == "fullaccess"){
$trustmode= 1;
// pervent double disable tag in html code, this will disturb our clean w3c html
-
- if(chkacl($this->acl, "trustmode")==""){
- $smarty->assign("trusthide", "disabled");
- }else{
- $smarty->assign("trusthide", "");
- }
+ $smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
} elseif ($this->trustModel == "byhost"){
$trustmode= 2;
$smarty->assign("trusthide", "");
} else {
// pervent double disable tag in html code, this will disturb our clean w3c html
- if(chkacl($this->acl, "trustmode")==""){
- $smarty->assign("trusthide", "disabled");
- }else{
- $smarty->assign("trusthide", "");
- }
+ $smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
$trustmode= 0;
}
$smarty->assign("trustmode", $trustmode);
function remove_from_parent()
{
/* Cancel if there's nothing to do here */
- if (!$this->initially_was_account){
+ if ((!$this->initially_was_account) || (!$this->acl_is_removeable())){
return;
}
function save_object()
{
- if (isset($_POST['posixTab'])){
+ if ((isset($_POST['posixTab'])) && (isset($_SESSION['edit']))){
/* Save values to object */
plugin::save_object();
- /* Save force GID attribute */
- if (chkacl ($this->acl, "force_ids") == ""){
+
+ /* Save force GID checkbox */
+ if($this->acl_is_writeable("gidNumber") || $this->acl_is_writeable("uidNumber")){
if (isset ($_POST['force_ids'])){
$data= 1;
} else {
$this->is_modified= TRUE;
}
$this->force_ids= $data;
+ }
+ /*Save primary group settings */
+ if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
$data= $_POST['primaryGroup'];
if ($this->primaryGroup != $data){
$this->is_modified= TRUE;
$this->primaryGroup= $_POST['primaryGroup'];
}
- /* Save pwmode dependent attributes, curently hardcoded because there're
- no alternatives */
- if (1 == 1){
- foreach( array("must_change_password", "use_shadowMin", "use_shadowMax",
- "use_shadowExpire", "use_shadowInactive",
- "use_shadowWarning") as $val){
- if (chkacl($this->acl, "$val") == ""){
- if (isset ($_POST[$val])){
- $data= 1;
- } else {
- $data= 0;
- }
- if ($data != $this->$val){
- $this->is_modified= TRUE;
- }
- $this->$val= $data;
+ foreach(array("shadowMin","shadowMax","shadowExpire","shadowInactive","shadowWarning","mustchangepassword") as $var) {
+ if($this->acl_is_writeable($var)){
+ $use_var = "use_".$var;
+ if(isset($_POST['use_'.$var])){
+ $this->$use_var = true;
+ $this->$var = $_POST[$var];
+ }else{
+ $this->$use_var = false;
+ $this->$var = 0;
}
}
}
/* Trust mode - special handling */
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
+ if($this->acl_is_writeable("trustModel")){
+ if (isset($_POST['trustmode'])){
+ $saved= $this->trustModel;
+ if ($_POST['trustmode'] == "1"){
+ $this->trustModel= "fullaccess";
+ } elseif ($_POST['trustmode'] == "2"){
+ $this->trustModel= "byhost";
+ } else {
+ $this->trustModel= "";
+ }
+ if ($this->trustModel != $saved){
+ $this->is_modified= TRUE;
+ }
}
}
}
if (!$this->use_shadowMax){
$this->shadowMax= "0";
}
- if ($this->must_change_password){
+ if ($this->mustchangepassword){
$this->shadowLastChange= (int)(date("U") / 86400) - $this->shadowMax - 1;
} else {
$this->shadowLastChange= (int)(date("U") / 86400);
$this->shadowMin = "";
}
- if (($this->use_shadowMax != "1") && ($this->must_change_password != "1")) {
+ if (($this->use_shadowMax != "1") && ($this->mustchangepassword != "1")) {
$this->shadowMax = "";
}
"plOptions" => array(),
"plProvidedAcls" => array(
+
"homeDirectory" => _("Home directory"),
+ "loginShell" => _("Shell"),
"uidNumber" => _("User ID"),
"gidNumber" => _("Group ID"),
- "homeDirectory" => _("Home directory"),
- "primaryGroup" => _("Primary group"),
- "loginShell" => _("Shell"),
+ "mustchangepassword"=> _("Force password change on login"),
"shadowMin" => _("Shadow min"),
"shadowMax" => _("Shadow max"),
"shadowWarning" => _("Shadow warning"),
"shadowInactive" => _("Shadow inactive"),
- "shadowLastChange" => _("Shadow last change"),
-
"shadowExpire" => _("Shadow expire"),
- "accessTo" => _("System trust"),
"trustModel" => _("System trust model")))
- ) ;
+ );
}
}