";
foreach($dn as $sub_dn){
@@ -1330,6 +1674,17 @@ function gen_locked_message($user, $dn)
}
+/*! \brief Return a string/HTML representation of an array
+ *
+ * This returns a string representation of a given value.
+ * It can be used to dump arrays, where every value is printed
+ * on its own line. The output is targetted at HTML output, it uses
+ * '
' for line breaks. If the value is already a string its
+ * returned unchanged.
+ *
+ * \param mixed 'value' Whatever needs to be printed.
+ * \return string
+ */
function to_string ($value)
{
/* If this is an array, generate a text blob */
@@ -1345,6 +1700,19 @@ function to_string ($value)
}
+/*! \brief Return a list of all printers in the current base
+ *
+ * Returns an array with the CNs of all printers (objects with
+ * objectClass gotoPrinter) in the current base.
+ * ($config->current['BASE']).
+ *
+ * Example:
+ * \code
+ * $this->printerList = get_printer_list();
+ * \endcode
+ *
+ * \return array an array with the CNs of the printers as key and value.
+ * */
function get_printer_list()
{
global $config;
@@ -1357,18 +1725,30 @@ function get_printer_list()
}
+/*! \brief Function to rewrite some problematic characters
+ *
+ * This function takes a string and replaces all possibly characters in it
+ * with less problematic characters, as defined in $REWRITE.
+ *
+ * \param string 's' the string to rewrite
+ * \return string 's' the result of the rewrite
+ * */
function rewrite($s)
{
global $REWRITE;
foreach ($REWRITE as $key => $val){
- $s= preg_replace("/$key/", "$val", $s);
+ $s= str_replace("$key", "$val", $s);
}
return ($s);
}
+/*! \brief Return the base of a given DN
+ *
+ * \param string 'dn' a DN
+ * */
function dn2base($dn)
{
global $config;
@@ -1385,7 +1765,14 @@ function dn2base($dn)
}
-
+/*! \brief Check if a given command exists and is executable
+ *
+ * Test if a given cmdline contains an executable command. Strips
+ * arguments from the given cmdline.
+ *
+ * \param string 'cmdline' the cmdline to check
+ * \return TRUE if command exists and is executable, otherwise FALSE.
+ * */
function check_command($cmdline)
{
$cmd= preg_replace("/ .*$/", "", $cmdline);
@@ -1404,6 +1791,12 @@ function check_command($cmdline)
}
+/*! \brief Print plugin HTML header
+ *
+ * \param string 'image' the path of the image to be used next to the headline
+ * \param string 'image' the headline
+ * \param string 'info' additional information to print
+ */
function print_header($image, $headline, $info= "")
{
$display= "\n";
@@ -1423,6 +1816,13 @@ function print_header($image, $headline, $info= "")
}
+/*! \brief Print page number selector for paged lists
+ *
+ * \param int 'dcnt' Number of entries
+ * \param int 'start' Page to start
+ * \param int 'range' Number of entries per page
+ * \param string 'post_var' POST variable to check for range
+ */
function range_selector($dcnt,$start,$range=25,$post_var=false)
{
@@ -1530,6 +1930,7 @@ function range_selector($dcnt,$start,$range=25,$post_var=false)
}
+/*! \brief Generate HTML for the 'Apply filter' button */
function apply_filter()
{
$apply= "";
@@ -1542,6 +1943,7 @@ function apply_filter()
}
+/*! \brief Generate HTML for the 'Back' button */
function back_to_main()
{
$string= '
$value){
+ $value = iconv('UTF-8', 'US-ASCII//TRANSLIT', $value);
+ $value = preg_replace('/[^(\x20-\x7F)]*/','',$value);
+ $attributes[$name] = $value;
+ }
+
/* Search for keys and fill the variables array with all
possible values for that key. */
$part= "";
@@ -1667,7 +2117,7 @@ function gen_uids($rule, $attributes)
$stripped= "";
$variables= array();
- for ($pos= 0; $pos < strlen($rule); $pos++){
+ for ($pos= 0, $l= strlen($rule); $pos < $l; $pos++){
if ($rule[$pos] == "{" ){
$trigger= true;
@@ -1693,59 +2143,78 @@ function gen_uids($rule, $attributes)
$proposed= recurse($stripped, $variables);
/* Get list of used ID's */
- $used= array();
$ldap= $config->get_ldap_link();
$ldap->cd($config->current['BASE']);
- $ldap->search('(uid=*)');
-
- while($attrs= $ldap->fetch()){
- $used[]= $attrs['uid'][0];
- }
/* Remove used uids and watch out for id tags */
$ret= array();
foreach($proposed as $uid){
/* Check for id tag and modify uid if needed */
- if(preg_match('/\{id:\d+}/',$uid)){
- $size= preg_replace('/^.*{id:(\d+)}.*$/', '\\1', $uid);
+ if(preg_match('/\{id(:|!)\d+}/',$uid, $m)){
+ $size= preg_replace('/^.*{id(:|!)(\d+)}.*$/', '\\2', $uid);
- for ($i= 0; $i < pow(10,$size); $i++){
- $number= sprintf("%0".$size."d", $i);
- $res= preg_replace('/{id:(\d+)}/', $number, $uid);
- if (!in_array($res, $used)){
+ $start= $m[1]==":"?0:-1;
+ for ($i= $start, $p= pow(10,$size)-1; $i < $p; $i++){
+ if ($i == -1) {
+ $number= "";
+ } else {
+ $number= sprintf("%0".$size."d", $i+1);
+ }
+ $res= preg_replace('/{id(:|!)\d+}/', $number, $uid);
+
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn'));
+ if($ldap->count() == 0){
$uid= $res;
break;
}
}
+
+ /* Remove link if nothing has been found */
+ $uid= preg_replace('/{id(:|!)\d+}/', '', $uid);
}
- if(preg_match('/\{id#\d+}/',$uid)){
- $size= preg_replace('/^.*{id#(\d+)}.*$/', '\\1', $uid);
+ if(preg_match('/\{id#\d+}/',$uid)){
+ $size= preg_replace('/^.*{id#(\d+)}.*$/', '\\1', $uid);
- while (true){
- mt_srand((double) microtime()*1000000);
- $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1));
- $res= preg_replace('/{id#(\d+)}/', $number, $uid);
- if (!in_array($res, $used)){
- $uid= $res;
- break;
+ while (true){
+ mt_srand((double) microtime()*1000000);
+ $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1));
+ $res= preg_replace('/{id#(\d+)}/', $number, $uid);
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn'));
+ if($ldap->count() == 0){
+ $uid= $res;
+ break;
+ }
}
+
+ /* Remove link if nothing has been found */
+ $uid= preg_replace('/{id#\d+}/', '', $uid);
}
- }
-/* Don't assign used ones */
-if (!in_array($uid, $used)){
- $ret[]= $uid;
-}
-}
+ /* Don't assign used ones */
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $uid).")",array('dn'));
+ if($ldap->count() == 0){
+ /* Add uid, but remove {} first. These are invalid anyway. */
+ $ret[]= preg_replace('/[{}]/', '', $uid);
+ }
+ }
-return(array_unique($ret));
+ return(array_unique($ret));
}
-/* Sadly values like memory_limit are perpended by K, M, G, etc.
- Need to convert... */
+/*! \brief Convert various data sizes to bytes
+ *
+ * Given a certain value in the format n(g|m|k), where n
+ * is a value and (g|m|k) stands for Gigabyte, Megabyte and Kilobyte
+ * this function returns the byte value.
+ *
+ * \param string 'value' a value in the above specified format
+ * \return a byte value or the original value if specified string is simply
+ * a numeric value
+ *
+ */
function to_byte($value) {
$value= strtolower(trim($value));
@@ -1770,22 +2239,21 @@ function to_byte($value) {
}
+/*! \brief Check if a value exists in an array (case-insensitive)
+ *
+ * This is just as http://php.net/in_array except that the comparison
+ * is case-insensitive.
+ *
+ * \param string 'value' needle
+ * \param array 'items' haystack
+ */
function in_array_ics($value, $items)
{
- if (!is_array($items)){
- return (FALSE);
- }
-
- foreach ($items as $item){
- if (strcasecmp($item, $value) == 0) {
- return (TRUE);
- }
- }
-
- return (FALSE);
-}
+ return preg_grep('/^'.preg_quote($value, '/').'$/i', $items);
+}
+/*! \brief Generate a clickable alphabet */
function generate_alphabet($count= 10)
{
$characters= _("*ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789");
@@ -1793,7 +2261,7 @@ function generate_alphabet($count= 10)
$c= 0;
/* Fill cells with charaters */
- for ($i= 0; $iassign("installprogress", progressbar($current_progress_in_percent),100,15,true);
+ * \endcode
+ *
+ * \param int 'percentage' Value to display
+ * \param int 'width' width of the resulting output
+ * \param int 'height' height of the resulting output
+ * \param boolean 'showvalue' weither to show the percentage in the progressbar or not
+ * */
function progressbar($percentage,$width=100,$height=15,$showvalue=false)
{
- $str = ""; // Our return value will be saved in this var
-
- $color = dechex($percentage+150);
- $color2 = dechex(150 - $percentage);
- $bgcolor= $showvalue?"FFFFFF":"DDDDDD";
-
- $progress = (int)(($percentage /100)*$width);
-
- /* If theres a better solution for this, use it... */
- $str = "\n ";
-
- $str.= "\n ";
-
- if(($height >10)&&($showvalue)){
- $str.= "\n ";
- $str.= "\n ".$percentage."% ";
- $str.= "\n ";
- }
-
- $str.= "\n ";
- $str.= "\n ";
- $str.= "\n ";
- $str.= "\n ";
-
- return($str);
+ return("
");
}
+/*! \brief Lookup a key in an array case-insensitive
+ *
+ * Given an associative array this can lookup the value of
+ * a certain key, regardless of the case.
+ *
+ * \code
+ * $items = array ('FOO' => 'blub', 'bar' => 'blub');
+ * array_key_ics('foo', $items); # Returns 'blub'
+ * array_key_ics('BAR', $items); # Returns 'blub'
+ * \endcode
+ *
+ * \param string 'key' needle
+ * \param array 'items' haystack
+ */
function array_key_ics($ikey, $items)
{
- /* Gather keys, make them lowercase */
- $tmp= array();
- foreach ($items as $key => $value){
- $tmp[strtolower($key)]= $key;
+ $tmp= array_change_key_case($items, CASE_LOWER);
+ $ikey= strtolower($ikey);
+ if (isset($tmp[$ikey])){
+ return($tmp[$ikey]);
}
- if (isset($tmp[strtolower($ikey)])){
- return($tmp[strtolower($ikey)]);
- }
-
- return ("");
+ return ('');
}
+/*! \brief Determine if two arrays are different
+ *
+ * \param array 'src'
+ * \param array 'dst'
+ * \return boolean TRUE or FALSE
+ * */
function array_differs($src, $dst)
{
/* If the count is differing, the arrays differ */
@@ -2037,15 +2534,7 @@ function array_differs($src, $dst)
return (TRUE);
}
- /* So the count is the same - lets check the contents */
- $differs= FALSE;
- foreach($src as $value){
- if (!in_array($value, $dst)){
- $differs= TRUE;
- }
- }
-
- return ($differs);
+ return (count(array_diff($src, $dst)) != 0);
}
@@ -2076,34 +2565,14 @@ function saveFilter($a_filter, $values)
}
-/* Escape all preg_* relevant characters */
-function normalizePreg($input)
-{
- return (addcslashes($input, '[]()|/.*+-'));
-}
-
-
-/* Escape all LDAP filter relevant characters */
+/*! \brief Escape all LDAP filter relevant characters */
function normalizeLdap($input)
{
return (addcslashes($input, '()|'));
}
-/* Resturns the difference between to microtime() results in float */
-function get_MicroTimeDiff($start , $stop)
-{
- $a = split("\ ",$start);
- $b = split("\ ",$stop);
-
- $secs = $b[1] - $a[1];
- $msecs= $b[0] - $a[0];
-
- $ret = (float) ($secs+ $msecs);
- return($ret);
-}
-
-
+/*! \brief Return the gosa base directory */
function get_base_dir()
{
global $BASE_DIR;
@@ -2112,6 +2581,7 @@ function get_base_dir()
}
+/*! \brief Test weither we are allowed to read the object */
function obj_is_readable($dn, $object, $attribute)
{
global $ui;
@@ -2120,6 +2590,7 @@ function obj_is_readable($dn, $object, $attribute)
}
+/*! \brief Test weither we are allowed to change the object */
function obj_is_writable($dn, $object, $attribute)
{
global $ui;
@@ -2128,6 +2599,16 @@ function obj_is_writable($dn, $object, $attribute)
}
+/*! \brief Explode a DN into its parts
+ *
+ * Similar to explode (http://php.net/explode), but a bit more specific
+ * for the needs when splitting, exploding LDAP DNs.
+ *
+ * \param string 'dn' the DN to split
+ * \param config-object a config object. only neeeded if DN shall be verified in the LDAP
+ * \param boolean verify_in_ldap check weither DN is valid
+ *
+ */
function gosa_ldap_explode_dn($dn,$config = NULL,$verify_in_ldap=false)
{
/* Initialize variables */
@@ -2192,49 +2673,51 @@ function get_base_from_hook($dn, $attrib)
{
global $config;
- if ($config->get_cfg_value("base_hook") != ""){
+ if ($config->get_cfg_value("baseIdHook") != ""){
/* Call hook script - if present */
- $command= $config->get_cfg_value("base_hook");
+ $command= $config->get_cfg_value("baseIdHook");
if ($command != ""){
- $command.= " '".LDAP::fix($dn)."' $attrib";
+ $command.= " ".escapeshellarg(LDAP::fix($dn))." ".escapeshellarg($attrib);
if (check_command($command)){
@DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
exec($command, $output);
if (preg_match("/^[0-9]+$/", $output[0])){
return ($output[0]);
} else {
- msg_dialog::display(_("Warning"), _("'base_hook' is not available. Using default base!"), WARNING_DIALOG);
- return ($config->get_cfg_value("uidbase"));
+ msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG);
+ return ($config->get_cfg_value("uidNumberBase"));
}
} else {
- msg_dialog::display(_("Warning"), _("'base_hook' is not available. Using default base!"), WARNING_DIALOG);
- return ($config->get_cfg_value("uidbase"));
+ msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG);
+ return ($config->get_cfg_value("uidNumberBase"));
}
} else {
- msg_dialog::display(_("Warning"), _("'base_hook' is not available. Using default base!"), WARNING_DIALOG);
- return ($config->get_cfg_value("uidbase"));
+ msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG);
+ return ($config->get_cfg_value("uidNumberBase"));
}
}
}
+/*! \brief Check if schema version matches the requirements */
function check_schema_version($class, $version)
{
return preg_match("/\(v$version\)/", $class['DESC']);
}
+/*! \brief Check if LDAP schema matches the requirements */
function check_schema($cfg,$rfc2307bis = FALSE)
{
$messages= array();
/* Get objectclasses */
- $ldap = new ldapMultiplexer(new LDAP($cfg['admin'],$cfg['password'],$cfg['connection'] ,FALSE,$cfg['tls']));
+ $ldap = new ldapMultiplexer(new LDAP($cfg['admin'],$cfg['password'],$cfg['connection'] ,FALSE, $cfg['tls']));
$objectclasses = $ldap->get_objectclasses();
if(count($objectclasses) == 0){
msg_dialog::display(_("LDAP warning"), _("Cannot get schema information from server. No schema check possible!"), WARNING_DIALOG);
@@ -2253,49 +2736,49 @@ function check_schema($cfg,$rfc2307bis = FALSE)
/* The gosa base schema */
$checks['gosaObject'] = $def_check;
- $checks['gosaObject']['REQUIRED_VERSION'] = "2.4";
- $checks['gosaObject']['SCHEMA_FILES'] = array("gosa+samba3.schema","gosa.schema");
+ $checks['gosaObject']['REQUIRED_VERSION'] = "2.6.1";
+ $checks['gosaObject']['SCHEMA_FILES'] = array("gosa-samba3.schema","gosa-samba2.schema");
$checks['gosaObject']['CLASSES_REQUIRED'] = array("gosaObject");
$checks['gosaObject']['IS_MUST_HAVE'] = TRUE;
/* GOsa Account class */
- $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.4";
- $checks["gosaAccount"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema");
+ $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.6.6";
+ $checks["gosaAccount"]["SCHEMA_FILES"] = array("gosa-samba3.schema","gosa-samba2.schema");
$checks["gosaAccount"]["CLASSES_REQUIRED"]= array("gosaAccount");
$checks["gosaAccount"]["IS_MUST_HAVE"] = TRUE;
$checks["gosaAccount"]["INFO"] = _("Used to store account specific informations.");
/* GOsa lock entry, used to mark currently edited objects as 'in use' */
- $checks["gosaLockEntry"]["REQUIRED_VERSION"] = "2.4";
- $checks["gosaLockEntry"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema");
+ $checks["gosaLockEntry"]["REQUIRED_VERSION"] = "2.6.1";
+ $checks["gosaLockEntry"]["SCHEMA_FILES"] = array("gosa-samba3.schema","gosa-samba2.schema");
$checks["gosaLockEntry"]["CLASSES_REQUIRED"] = array("gosaLockEntry");
$checks["gosaLockEntry"]["IS_MUST_HAVE"] = TRUE;
$checks["gosaLockEntry"]["INFO"] = _("Used to lock currently edited entries to avoid multiple changes at the same time.");
/* Some other checks */
foreach(array(
- "gosaCacheEntry" => array("version" => "2.4"),
- "gosaDepartment" => array("version" => "2.4"),
+ "gosaCacheEntry" => array("version" => "2.6.1", "class" => "gosaAccount"),
+ "gosaDepartment" => array("version" => "2.6.1", "class" => "gosaAccount"),
"goFaxAccount" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
"goFaxSBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
"goFaxRBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
- "gosaUserTemplate" => array("version" => "2.4", "class" => "posixAccount","file" => "nis.schema"),
- "gosaMailAccount" => array("version" => "2.4", "class" => "mailAccount","file" => "gosa+samba3.schema"),
- "gosaProxyAccount" => array("version" => "2.4", "class" => "proxyAccount","file" => "gosa+samba3.schema"),
- "gosaApplication" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
- "gosaApplicationGroup" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
- "GOhard" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"),
- "gotoTerminal" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"),
- "goServer" => array("version" => "2.4","class" => "server","file" => "goserver.schema"),
- "goTerminalServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "goShareServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "goNtpServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "goSyslogServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "goLdapServer" => array("version" => "2.4"),
- "goCupsServer" => array("version" => "2.4", "class" => array("posixAccount", "terminals"),),
- "goImapServer" => array("version" => "2.4", "class" => array("mailAccount", "mailgroup"),"file" => "gosa+samba3. schema"),
- "goKrbServer" => array("version" => "2.4"),
- "goFaxServer" => array("version" => "2.4", "class" => "gofaxAccount","file" => "gofax.schema"),
+ "gosaUserTemplate" => array("version" => "2.6.1", "class" => "posixAccount","file" => "nis.schema"),
+ "gosaMailAccount" => array("version" => "2.6.1", "class" => "mailAccount","file" => "gosa-samba3.schema"),
+ "gosaProxyAccount" => array("version" => "2.6.1", "class" => "proxyAccount","file" => "gosa-samba3.schema"),
+ "gosaApplication" => array("version" => "2.6.1", "class" => "appgroup","file" => "gosa.schema"),
+ "gosaApplicationGroup" => array("version" => "2.6.1", "class" => "appgroup","file" => "gosa.schema"),
+ "GOhard" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "gotoTerminal" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goServer" => array("version" => "2.6.1", "class" => "server","file" => "goserver.schema"),
+ "goTerminalServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goShareServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goNtpServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goSyslogServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goLdapServer" => array("version" => "2.6.1", "class" => "goServer"),
+ "goCupsServer" => array("version" => "2.6.1", "class" => array("posixAccount", "terminals"),),
+ "goImapServer" => array("version" => "2.6.1", "class" => array("mailAccount", "mailgroup"),"file" => "gosa-samba3.schema"),
+ "goKrbServer" => array("version" => "2.6.1", "class" => "goServer"),
+ "goFaxServer" => array("version" => "2.6.1", "class" => "gofaxAccount","file" => "gofax.schema"),
) as $name => $values){
$checks[$name] = $def_check;
@@ -2305,26 +2788,25 @@ function check_schema($cfg,$rfc2307bis = FALSE)
if(isset($values['file'])){
$checks[$name]["SCHEMA_FILES"] = array($values['file']);
}
- $checks[$name]["CLASSES_REQUIRED"] = array($name);
+ if (isset($values['class'])) {
+ $checks[$name]["CLASSES_REQUIRED"] = is_array($values['class'])?$values['class']:array($values['class']);
+ }
}
foreach($checks as $name => $value){
foreach($value['CLASSES_REQUIRED'] as $class){
if(!isset($objectclasses[$name])){
- $checks[$name]['STATUS'] = FALSE;
if($value['IS_MUST_HAVE']){
+ $checks[$name]['STATUS'] = FALSE;
$checks[$name]['MSG'] = sprintf(_("Missing required object class '%s'!"),$class);
- }else{
+ } else {
+ $checks[$name]['STATUS'] = TRUE;
$checks[$name]['MSG'] = sprintf(_("Missing optional object class '%s'!"),$class);
}
}elseif(!check_schema_version($objectclasses[$name],$value['REQUIRED_VERSION'])){
$checks[$name]['STATUS'] = FALSE;
- if($value['IS_MUST_HAVE']){
- $checks[$name]['MSG'] = sprintf(_("Version mismatch for required object class '%s' (!=%s)!"), $class, $value['REQUIRED_VERSION']);
- }else{
- $checks[$name]['MSG'] = sprintf(_("Version mismatch for optional object class '%s' (!=%s)!"), $class, $value['REQUIRED_VERSION']);
- }
+ $checks[$name]['MSG'] = sprintf(_("Version mismatch for required object class '%s' (!=%s)!"), $class, $value['REQUIRED_VERSION']);
}else{
$checks[$name]['STATUS'] = TRUE;
$checks[$name]['MSG'] = sprintf(_("Class(es) available"));
@@ -2336,8 +2818,8 @@ function check_schema($cfg,$rfc2307bis = FALSE)
/* The gosa base schema */
$checks['posixGroup'] = $def_check;
- $checks['posixGroup']['REQUIRED_VERSION'] = "2.4";
- $checks['posixGroup']['SCHEMA_FILES'] = array("gosa+samba3.schema","gosa.schema");
+ $checks['posixGroup']['REQUIRED_VERSION'] = "2.6.1";
+ $checks['posixGroup']['SCHEMA_FILES'] = array("gosa-samba3.schema","gosa-samba2.schema");
$checks['posixGroup']['CLASSES_REQUIRED'] = array("posixGroup");
$checks['posixGroup']['STATUS'] = TRUE;
$checks['posixGroup']['IS_MUST_HAVE'] = TRUE;
@@ -2373,7 +2855,7 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA
"en_US" => "English",
"nl_NL" => "Dutch",
"pl_PL" => "Polish",
- "sv_SE" => "Swedish",
+ #"sv_SE" => "Swedish",
"zh_CN" => "Chinese",
"vi_VN" => "Vietnamese",
"ru_RU" => "Russian");
@@ -2386,7 +2868,7 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA
"en_US" => _("English"),
"nl_NL" => _("Dutch"),
"pl_PL" => _("Polish"),
- "sv_SE" => _("Swedish"),
+ #"sv_SE" => _("Swedish"),
"zh_CN" => _("Chinese"),
"vi_VN" => _("Vietnamese"),
"ru_RU" => _("Russian"));
@@ -2428,22 +2910,30 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA
}
-/* Returns contents of the given POST variable and check magic quotes settings */
+/*! \brief Returns contents of the given POST variable and check magic quotes settings
+ *
+ * Depending on the magic quotes settings this returns a stripclashed'ed version of
+ * a certain POST variable.
+ *
+ * \param string 'name' the POST var to return ($_POST[$name])
+ * \return string
+ * */
function get_post($name)
{
if(!isset($_POST[$name])){
trigger_error("Requested POST value (".$name.") does not exists, you should add a check to prevent this message.");
return(FALSE);
}
+
if(get_magic_quotes_gpc()){
- return(stripcslashes($_POST[$name]));
+ return(stripcslashes(validate($_POST[$name])));
}else{
- return($_POST[$name]);
+ return(validate($_POST[$name]));
}
}
-/* Return class name in correct case */
+/*! \brief Return class name in correct case */
function get_correct_class_name($cls)
{
global $class_mapping;
@@ -2458,7 +2948,17 @@ function get_correct_class_name($cls)
}
-// change_password, changes the Password, of the given dn
+/*! \brief Change the password of a given DN
+ *
+ * Change the password of a given DN with the specified hash.
+ *
+ * \param string 'dn' the DN whose password shall be changed
+ * \param string 'password' the password
+ * \param int mode
+ * \param string 'hash' which hash to use to encrypt it, default is empty
+ * for cleartext storage.
+ * \return boolean TRUE on success FALSE on error
+ */
function change_password ($dn, $password, $mode=0, $hash= "")
{
global $config;
@@ -2470,7 +2970,7 @@ function change_password ($dn, $password, $mode=0, $hash= "")
// Get all available encryption Methods
// NON STATIC CALL :)
- $methods = new passwordMethod(session::get('config'));
+ $methods = new passwordMethod(session::get('config'),$dn);
$available = $methods->get_available_methods();
// read current password entry for $dn, to detect the encryption Method
@@ -2478,13 +2978,6 @@ function change_password ($dn, $password, $mode=0, $hash= "")
$ldap->cat ($dn, array("shadowLastChange", "userPassword", "uid"));
$attrs = $ldap->fetch ();
- // Check if user account was deactivated, indicated by ! after } ... {crypt}!###
- if(isset($attrs['userPassword'][0]) && preg_match("/^[^\}]*+\}!/",$attrs['userPassword'][0])){
- $deactivated = TRUE;
- }else{
- $deactivated = FALSE;
- }
-
/* Is ensure that clear passwords will stay clear */
if($hash == "" && isset($attrs['userPassword'][0]) && !preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0])){
$hash = "clear";
@@ -2507,123 +3000,147 @@ function change_password ($dn, $password, $mode=0, $hash= "")
} else {
// User MD5 by default
$hash= "md5";
- $test = new $available['md5']($config);
+ $test = new $available['md5']($config, $dn);
}
- /* Feed password backends with information */
- $test->dn= $dn;
- $test->attrs= $attrs;
- $newpass= $test->generate_hash($password);
-
- // Update shadow timestamp?
- if (isset($attrs["shadowLastChange"][0])){
- $shadow= (int)(date("U") / 86400);
- } else {
- $shadow= 0;
- }
+ if($test instanceOf passwordMethod){
- // Write back modified entry
- $ldap->cd($dn);
- $attrs= array();
+ $deactivated = $test->is_locked($config,$dn);
- // Not for groups
- if ($mode == 0){
+ /* Feed password backends with information */
+ $test->dn= $dn;
+ $test->attrs= $attrs;
+ $newpass= $test->generate_hash($password);
- if ($shadow != 0){
- $attrs['shadowLastChange']= $shadow;
+ // Update shadow timestamp?
+ if (isset($attrs["shadowLastChange"][0])){
+ $shadow= (int)(date("U") / 86400);
+ } else {
+ $shadow= 0;
}
- // Create SMB Password
- $attrs= generate_smb_nt_hash($password);
- }
+ // Write back modified entry
+ $ldap->cd($dn);
+ $attrs= array();
- /* Read ! if user was deactivated */
- if($deactivated){
- $newpass = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$newpass);
- }
+ // Not for groups
+ if ($mode == 0){
- $attrs['userPassword']= array();
- $attrs['userPassword']= $newpass;
+ // Create SMB Password
+ if ($config->get_cfg_value('sambaHashHook', NULL)) {
+ $attrs= generate_smb_nt_hash($password);
- $ldap->modify($attrs);
+ if ($shadow != 0){
+ $attrs['shadowLastChange']= $shadow;
+ }
+ }
+ }
- new log("modify","users/passwordMethod",$dn,array_keys($attrs),$ldap->get_error());
+ $attrs['userPassword']= array();
+ $attrs['userPassword']= $newpass;
- if (!$ldap->success()) {
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, ERROR_DIALOG));
- } else {
+ $ldap->modify($attrs);
- /* Run backend method for change/create */
- if(!$test->set_password($password)){
- return(FALSE);
+ /* Read ! if user was deactivated */
+ if($deactivated){
+ $test->lock_account($config,$dn);
}
- /* Find postmodify entries for this class */
- $command= $config->search("password", "POSTMODIFY",array('menu'));
+ new log("modify","users/passwordMethod",$dn,array_keys($attrs),$ldap->get_error());
- if ($command != ""){
- /* Walk through attribute list */
- $command= preg_replace("/%userPassword/", $password, $command);
- $command= preg_replace("/%dn/", $dn, $command);
+ if (!$ldap->success()) {
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, ERROR_DIALOG));
+ } else {
- if (check_command($command)){
- @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
- exec($command);
- } else {
- $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, "password");
- msg_dialog::display(_("Configuration error"), $message, ERROR_DIALOG);
+ /* Run backend method for change/create */
+ if(!$test->set_password($password)){
+ return(FALSE);
+ }
+
+ /* Find postmodify entries for this class */
+ $command= $config->search("password", "POSTMODIFY",array('menu'));
+
+ if ($command != ""){
+ /* Walk through attribute list */
+ $command= preg_replace("/%userPassword/", escapeshellarg($password), $command);
+ $command= preg_replace("/%dn/", escapeshellarg($dn), $command);
+
+ if (check_command($command)){
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
+ exec($command);
+ } else {
+ $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, "password");
+ msg_dialog::display(_("Configuration error"), $message, ERROR_DIALOG);
+ }
}
}
+ return(TRUE);
}
- return(TRUE);
}
-// Return something like array['sambaLMPassword']= "lalla..."
+/*! \brief Generate samba hashes
+ *
+ * Given a certain password this constructs an array like
+ * array['sambaLMPassword'] etc.
+ *
+ * \param string 'password'
+ * \return array contains several keys for lmPassword, ntPassword, pwdLastSet, etc. depending
+ * on the samba version
+ */
function generate_smb_nt_hash($password)
{
global $config;
# Try to use gosa-si?
- if ($config->get_cfg_value("gosa_si") != ""){
+ if ($config->get_cfg_value("gosaSupportURI") != ""){
$res= gosaSupportDaemon::send("gosa_gen_smb_hash", "GOSA", array("password" => $password), TRUE);
if (isset($res['XML']['HASH'])){
$hash= $res['XML']['HASH'];
} else {
$hash= "";
}
+
+ if ($hash == "") {
+ msg_dialog::display(_("Configuration error"), _("Cannot generate samba hash!"), ERROR_DIALOG);
+ return ("");
+ }
} else {
- $tmp= $config->get_cfg_value('smbhash')." ".escapeshellarg($password);
+ $tmp= $config->get_cfg_value('sambaHashHook')." ".escapeshellarg($password);
@DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute");
exec($tmp, $ar);
flush();
reset($ar);
$hash= current($ar);
- }
- if ($hash == "") {
- msg_dialog::display(_("Configuration error"), _("Cannot generate samba hash!"), ERROR_DIALOG);
- return ("");
+ if ($hash == "") {
+ msg_dialog::display(_("Configuration error"), sprintf(_("Cannot generate samba hash: running '%s' failed, check the 'sambaHashHook'!"),$config->get_cfg_value('sambaHashHook')), ERROR_DIALOG);
+ return ("");
+ }
}
- list($lm,$nt)= split (":", trim($hash));
+ list($lm,$nt)= explode(":", trim($hash));
- if ($config->get_cfg_value("sambaversion") == 3) {
- $attrs['sambaLMPassword']= $lm;
- $attrs['sambaNTPassword']= $nt;
- $attrs['sambaPwdLastSet']= date('U');
- $attrs['sambaBadPasswordCount']= "0";
- $attrs['sambaBadPasswordTime']= "0";
- } else {
- $attrs['lmPassword']= $lm;
- $attrs['ntPassword']= $nt;
- $attrs['pwdLastSet']= date('U');
- }
+ $attrs['sambaLMPassword']= $lm;
+ $attrs['sambaNTPassword']= $nt;
+ $attrs['sambaPwdLastSet']= date('U');
+ $attrs['sambaBadPasswordCount']= "0";
+ $attrs['sambaBadPasswordTime']= "0";
return($attrs);
}
+/*! \brief Get the Change Sequence Number of a certain DN
+ *
+ * To verify if a given object has been changed outside of Gosa
+ * in the meanwhile, this function can be used to get the entryCSN
+ * from the LDAP directory. It uses the attribute as configured
+ * in modificationDetectionAttribute
+ *
+ * \param string 'dn'
+ * \return either the result or "" in any other case
+ */
function getEntryCSN($dn)
{
global $config;
@@ -2632,7 +3149,7 @@ function getEntryCSN($dn)
}
/* Get attribute that we should use as serial number */
- $attr= $config->get_cfg_value("uniq_identifier");
+ $attr= $config->get_cfg_value("modificationDetectionAttribute");
if($attr != ""){
$ldap = $config->get_ldap_link();
$ldap->cat($dn,array($attr));
@@ -2645,7 +3162,16 @@ function getEntryCSN($dn)
}
-/* Add a given objectClass to an attrs entry */
+/*! \brief Add (a) given objectClass(es) to an attrs entry
+ *
+ * The function adds the specified objectClass(es) to the given
+ * attrs entry.
+ *
+ * \param mixed 'classes' Either a single objectClass or several objectClasses
+ * as an array
+ * \param array 'attrs' The attrs array to be modified.
+ *
+ * */
function add_objectClass($classes, &$attrs)
{
if (is_array($classes)){
@@ -2660,7 +3186,11 @@ function add_objectClass($classes, &$attrs)
}
-/* Removes a given objectClass from the attrs entry */
+/*! \brief Removes a given objectClass from the attrs entry
+ *
+ * Similar to add_objectClass, except that it removes the given
+ * objectClasses. See it for the params.
+ * */
function remove_objectClass($classes, &$attrs)
{
if (isset($attrs['objectClass'])){
@@ -2683,10 +3213,11 @@ function remove_objectClass($classes, &$attrs)
}
}
+
/*! \brief Initialize a file download with given content, name and data type.
- * @param data String The content to send.
- * @param name String The name of the file.
- * @param type String The content identifier, default value is "application/octet-stream";
+ * \param string data The content to send.
+ * \param string name The name of the file.
+ * \param string type The content identifier, default value is "application/octet-stream";
*/
function send_binary_content($data,$name,$type = "application/octet-stream")
{
@@ -2731,8 +3262,8 @@ function reverse_html_entities($str,$type = ENT_QUOTES , $charset = "UTF-8")
/*! \brief Encode special string characters so we can use the string in \
HTML output, without breaking quotes.
- @param The String we want to encode.
- @return The encoded String
+ \param string The String we want to encode.
+ \return string The encoded String
*/
function xmlentities($str)
{
@@ -2764,8 +3295,8 @@ function xmlentities($str)
/*! \brief Updates all accessTo attributes from a given value to a new one.
For example if a host is renamed.
- @param String $from The source accessTo name.
- @param String $to The destination accessTo name.
+ \param String $from The source accessTo name.
+ \param String $to The destination accessTo name.
*/
function update_accessTo($from,$to)
{
@@ -2798,6 +3329,7 @@ function update_accessTo($from,$to)
}
+/*! \brief Returns a random char */
function get_random_char () {
$randno = rand (0, 63);
if ($randno < 12) {
@@ -2819,6 +3351,7 @@ function cred_encrypt($input, $password) {
}
+
function cred_decrypt($input,$password) {
$size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
@@ -2827,5 +3360,212 @@ function cred_decrypt($input,$password) {
}
+function get_object_info()
+{
+ return(session::get('objectinfo'));
+}
+
+
+function set_object_info($str = "")
+{
+ session::set('objectinfo',$str);
+}
+
+
+function isIpInNet($ip, $net, $mask) {
+ // Move to long ints
+ $ip= ip2long($ip);
+ $net= ip2long($net);
+ $mask= ip2long($mask);
+
+ // Mask given IP with mask. If it returns "net", we're in...
+ $res= $ip & $mask;
+
+ return ($res == $net);
+}
+
+
+function get_next_id($attrib, $dn)
+{
+ global $config;
+
+ switch ($config->get_cfg_value("idAllocationMethod", "traditional")){
+ case "pool":
+ return get_next_id_pool($attrib);
+ case "traditional":
+ return get_next_id_traditional($attrib, $dn);
+ }
+
+ msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("unknown idAllocation method!"), ERROR_DIALOG);
+ return null;
+}
+
+
+function get_next_id_pool($attrib) {
+ global $config;
+
+ /* Fill informational values */
+ $min= $config->get_cfg_value("${attrib}PoolMin", 10000);
+ $max= $config->get_cfg_value("${attrib}PoolMax", 40000);
+
+ /* Sanity check */
+ if ($min >= $max) {
+ msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." ".sprintf(_("%sPoolMin >= %sPoolMax!"), $attrib), ERROR_DIALOG);
+ return null;
+ }
+
+ /* ID to skip */
+ $ldap= $config->get_ldap_link();
+ $id= null;
+
+ /* Try to allocate the ID several times before failing */
+ $tries= 3;
+ while ($tries--) {
+
+ /* Look for ID map entry */
+ $ldap->cd ($config->current['BASE']);
+ $ldap->search ("(&(objectClass=sambaUnixIdPool)($attrib=*))", array("$attrib"));
+
+ /* If it does not exist, create one with these defaults */
+ if ($ldap->count() == 0) {
+ /* Fill informational values */
+ $minUserId= $config->get_cfg_value("uidPoolMin", 10000);
+ $minGroupId= $config->get_cfg_value("gidPoolMin", 10000);
+
+ /* Add as default */
+ $attrs= array("objectClass" => array("organizationalUnit", "sambaUnixIdPool"));
+ $attrs["ou"]= "idmap";
+ $attrs["uidNumber"]= $minUserId;
+ $attrs["gidNumber"]= $minGroupId;
+ $ldap->cd("ou=idmap,".$config->current['BASE']);
+ $ldap->add($attrs);
+ if ($ldap->error != "Success") {
+ msg_dialog::display(_("Error"), _("Cannot create sambaUnixIdPool entry!"), ERROR_DIALOG);
+ return null;
+ }
+ $tries++;
+ continue;
+ }
+ /* Bail out if it's not unique */
+ if ($ldap->count() != 1) {
+ msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("sambaUnixIdPool is not unique!"), ERROR_DIALOG);
+ return null;
+ }
+
+ /* Store old attrib and generate new */
+ $attrs= $ldap->fetch();
+ $dn= $ldap->getDN();
+ $oldAttr= $attrs[$attrib][0];
+ $newAttr= $oldAttr + 1;
+
+ /* Sanity check */
+ if ($newAttr >= $max) {
+ msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("no ID available!"), ERROR_DIALOG);
+ return null;
+ }
+ if ($newAttr < $min) {
+ msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("no ID available!"), ERROR_DIALOG);
+ return null;
+ }
+
+ #FIXME: PHP is not able to do a modification of "del: .../add: ...", so this
+ # is completely unsafe in the moment.
+ #/* Remove old attr, add new attr */
+ #$attrs= array($attrib => $oldAttr);
+ #$ldap->rm($attrs, $dn);
+ #if ($ldap->error != "Success") {
+ # continue;
+ #}
+ $ldap->cd($dn);
+ $ldap->modify(array($attrib => $newAttr));
+ if ($ldap->error != "Success") {
+ msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." ".$ldap->get_error(), ERROR_DIALOG);
+ return null;
+ } else {
+ return $oldAttr;
+ }
+ }
+
+ /* Bail out if we had problems getting the next id */
+ if (!$tries) {
+ msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("maximum tries exceeded!"), ERROR_DIALOG);
+ }
+
+ return $id;
+}
+
+
+function get_next_id_traditional($attrib, $dn)
+{
+ global $config;
+
+ $ids= array();
+ $ldap= $config->get_ldap_link();
+
+ $ldap->cd ($config->current['BASE']);
+ if (preg_match('/gidNumber/i', $attrib)){
+ $oc= "posixGroup";
+ } else {
+ $oc= "posixAccount";
+ }
+ $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
+
+ /* Get list of ids */
+ while ($attrs= $ldap->fetch()){
+ $ids[]= (int)$attrs["$attrib"][0];
+ }
+
+ /* Add the nobody id */
+ $ids[]= 65534;
+
+ /* get the ranges */
+ $tmp = array('0'=> 1000);
+ if (preg_match('/posixAccount/', $oc) && $config->get_cfg_value("uidNumberBase") != ""){
+ $tmp= explode('-',$config->get_cfg_value("uidNumberBase"));
+ } elseif($config->get_cfg_value("gidNumberBase") != ""){
+ $tmp= explode('-',$config->get_cfg_value("gidNumberBase"));
+ }
+
+ /* Set hwm to max if not set - for backward compatibility */
+ $lwm= $tmp[0];
+ if (isset($tmp[1])){
+ $hwm= $tmp[1];
+ } else {
+ $hwm= pow(2,32);
+ }
+ /* Find out next free id near to UID_BASE */
+ if ($config->get_cfg_value("baseIdHook") == ""){
+ $base= $lwm;
+ } else {
+ /* Call base hook */
+ $base= get_base_from_hook($dn, $attrib);
+ }
+ for ($id= $base; $id++; $id < $hwm){
+ if (!in_array($id, $ids)){
+ return ($id);
+ }
+ }
+
+ /* Should not happen */
+ if ($id == $hwm){
+ msg_dialog::display(_("Error"), _("Cannot allocate a free ID!"), ERROR_DIALOG);
+ exit;
+ }
+}
+
+
+/* Mark the occurance of a string with a span */
+function mark($needle, $haystack, $ignorecase= true)
+{
+ $result= "";
+
+ while (preg_match('/^(.*)('.preg_quote($needle).')(.*)$/i', $haystack, $matches)) {
+ $result.= $matches[1]."".$matches[2]."";
+ $haystack= $matches[3];
+ }
+
+ return $result.$haystack;
+}
+
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>