X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Fplugins%2Fpersonal%2Fposix%2Fclass_posixAccount.inc;h=88b1c132d08449faa8cbf3c422d229c635acfa7f;hb=9326e9b1f918d8454ed1e19da954bf1f2e13d758;hp=1b54695c1d8a7b08d0ded02116557e3b42df78ef;hpb=7d94653c63f1fdf372d4a225060d9652c62e11b9;p=gosa.git
diff --git a/gosa-core/plugins/personal/posix/class_posixAccount.inc b/gosa-core/plugins/personal/posix/class_posixAccount.inc
index 1b54695c1..88b1c132d 100644
--- a/gosa-core/plugins/personal/posix/class_posixAccount.inc
+++ b/gosa-core/plugins/personal/posix/class_posixAccount.inc
@@ -34,8 +34,8 @@
class posixAccount extends plugin
{
/* Definitions */
- var $plHeadline= "UNIX";
- var $plDescription= "Edit users POSIX extensions";
+ var $plHeadline= "POSIX";
+ var $plDescription= "Edit users POSIX settings";
/* Plugin specific values */
var $homeDirectory= "";
@@ -48,10 +48,8 @@ class posixAccount extends plugin
var $shadowWarning= "0";
var $shadowLastChange= "0";
var $shadowInactive= "0";
- var $shadowExpire= "0";
- var $gosaDefaultPrinter= "";
+ var $shadowExpire= "";
var $accessTo= array();
- var $trustModel= "";
var $glist=array();
var $status= "";
@@ -67,30 +65,27 @@ class posixAccount extends plugin
var $activate_shadowExpire= "0";
var $mustchangepassword= "0";
var $force_ids= 0;
- var $group_dialog= FALSE;
- var $show_ws_dialog= FALSE;
+ var $gotoLastSystemLogin= "";
+ var $groupSelect= FALSE;
var $secondaryGroups= array();
var $primaryGroup= 0;
- var $was_trust_account= FALSE;
- var $memberGroup = array();
- var $grouplist = array();
- var $ui = array();
+ var $memberGroup= array();
+ var $grouplist= array();
+ var $ui= array();
+ var $ssh= null;
+ var $sshAcl= "";
- var $GroupRegex = "*";
- var $GroupUserRegex = "*";
- var $SubSearch = false;
-
- var $view_logged = FALSE;
+ var $view_logged= false;
/* attribute list for save action */
var $CopyPasteVars =
- array("grouplist","groupMembership","activate_shadowMin",
- "activate_shadowMax","activate_shadowWarning","activate_shadowInactive","activate_shadowExpire",
- "must_change_password","printerList","grouplist","savedGidNumber","savedUidNumber");
+ array("grouplist","groupMembership","activate_shadowMin",
+ "activate_shadowMax","activate_shadowWarning","activate_shadowInactive","activate_shadowExpire",
+ "must_change_password","printerList","grouplist","savedGidNumber","savedUidNumber");
var $attributes = array("homeDirectory", "loginShell", "uidNumber", "gidNumber", "gecos",
"shadowMin", "shadowMax", "shadowWarning", "shadowInactive", "shadowLastChange",
- "shadowExpire", "gosaDefaultPrinter", "uid","accessTo","trustModel");
+ "shadowExpire", "uid", "gotoLastSystemLogin");
var $objectclasses= array("posixAccount", "shadowAccount");
@@ -100,13 +95,27 @@ class posixAccount extends plugin
/* constructor, if 'dn' is set, the node loads the given
'dn' from LDAP */
- function posixAccount (&$config, $dn= NULL)
+ function posixAccount (&$config, $dn= NULL, $parent =NULL)
{
+ global $class_mapping;
+
/* Configuration is fine, allways */
$this->config= $config;
/* Load bases attributes */
- plugin::plugin($config, $dn);
+ plugin::plugin($config, $dn, $parent);
+
+ $this->trustModeDialog = new trustModeDialog($this->config, $this->dn, $parent);
+ $this->trustModeDialog->setAcl('users/posixAccount');
+
+ /* If gotoLastSystemLogin is available read it from ldap and create a readable
+ date time string, fallback to sambaLogonTime if available.
+ */
+ if(isset($this->attrs['gotoLastSystemLogin'][0]) && preg_match("/^[0-9]*$/",$this->attrs['gotoLastSystemLogin'][0])){
+ $this->gotoLastSystemLogin = date("d.m.Y H:i:s", strtotime($this->attrs['gotoLastSystemLogin'][0]));
+ } else if(isset($this->attrs['sambaLogonTime'][0]) && preg_match("/^[0-9]*$/",$this->attrs['sambaLogonTime'][0])){
+ $this->gotoLastSystemLogin = date("d.m.Y H:i:s", $this->attrs['sambaLogonTime'][0]);
+ }
/* Setting uid to default */
if(isset($this->attrs['uid'][0])){
@@ -119,27 +128,10 @@ class posixAccount extends plugin
/* Correct is_account. shadowAccount is not required. */
if (isset($this->attrs['objectClass']) &&
- in_array ('posixAccount', $this->attrs['objectClass'])){
+ in_array_strict('posixAccount', $this->attrs['objectClass'])){
$this->is_account= TRUE;
}
-
- /* Is this account a trustAccount? */
- if ($this->is_account && isset($this->attrs['trustModel'])){
- $this->trustModel= $this->attrs['trustModel'][0];
- $this->was_trust_account= TRUE;
- } else {
- $this->was_trust_account= FALSE;
- $this->trustModel= "";
- }
-
- $this->accessTo = array();
- if ($this->is_account && isset($this->attrs['accessTo'])){
- for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
- $tmp= $this->attrs['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
$this->initially_was_account= $this->is_account;
/* Fill group */
@@ -156,9 +148,9 @@ class posixAccount extends plugin
$this->status.= ", "._("grace time active");
}
} elseif (($this->shadowLastChange + $this->shadowMin) >= $current){
- $this->status= _("active, password not changable");
+ $this->status= _("active").", "._("password not changeable");
} elseif (($this->shadowLastChange + $this->shadowMax) >= $current){
- $this->status= _("active, password expired");
+ $this->status= _("active").", "._("password expired");
} else {
$this->status= _("active");
}
@@ -180,6 +172,16 @@ class posixAccount extends plugin
$this->savedGroupMembership= $this->groupMembership;
$this->savedUidNumber= $this->uidNumber;
$this->savedGidNumber= $this->gidNumber;
+
+ // Instanciate SSH object if available
+ if (isset($class_mapping["sshPublicKey"])){
+ if (empty($this->acl_base)){
+ $this->acl_base= $config->current['BASE'];
+ }
+
+ $this->sshAcl= $this->getacl("sshPublicKey");
+ $this->ssh= new sshPublicKey($this->config, $this->dn, $this->sshAcl);
+ }
}
/* Adjust shadow checkboxes */
@@ -192,8 +194,13 @@ class posixAccount extends plugin
}
}
- /* Convert to seconds */
- $this->shadowExpire= $this->convertToSeconds($this->shadowExpire);
+ /* Convert shadowExpire for usage */
+ if ($this->shadowExpire == 0){
+ $this->shadowExpire= "";
+ } else {
+ $this->shadowExpire= date('d.m.Y', $this->shadowExpire * 60 * 60 * 24);
+ }
+
/* Generate shell list from CONFIG_DIR./shells */
if (file_exists(CONFIG_DIR.'/shells')){
@@ -210,7 +217,7 @@ class posixAccount extends plugin
}
/* Insert possibly missing loginShell */
- if ($this->loginShell != "" && !in_array($this->loginShell, $this->loginShellList)){
+ if ($this->loginShell != "" && !in_array_strict($this->loginShell, $this->loginShellList)){
$this->loginShellList[]= $this->loginShell;
}
@@ -224,14 +231,6 @@ class posixAccount extends plugin
}
asort ($this->secondaryGroups);
- /* Get global filter config */
- if (!session::is_set("sysfilter")){
- $ui= get_userinfo();
- $base= get_base_from_people($ui->dn);
- $sysfilter= array( "depselect" => $base,
- "regex" => "*");
- session::set("sysfilter", $sysfilter);
- }
$this->ui = get_userinfo();
}
@@ -248,11 +247,7 @@ class posixAccount extends plugin
$this->view_logged = TRUE;
new log("view","users/".get_class($this),$this->dn);
}
-
- /* Department has changed? */
- if(isset($_POST['depselect'])){
- session::set('CurrentMainBase',validate($_POST['depselect']));
- }
+ $this->dialog = FALSE;
if($this->multiple_support_active){
$this->is_account = TRUE;
@@ -271,7 +266,7 @@ class posixAccount extends plugin
/* Do we represent a valid posixAccount? */
if (!$this->is_account && $this->parent === NULL ){
- $display= "![\"\"](\"images/stop.png\")
".
+ $display= "![\"\"](\"images/small-error.png\")
".
msgPool::noValidExtension(_("POSIX"))."";
$display.= back_to_main();
return ($display);
@@ -302,234 +297,126 @@ class posixAccount extends plugin
}
}
}
- /* Trigger group edit? */
+
+ // Display dialog to allow selection of groups
if (isset($_POST['edit_groupmembership'])){
- $this->group_dialog= TRUE;
- $this->dialog= TRUE;
+ $this->groupSelect = new groupSelect($this->config,get_userinfo());
}
- /* Cancel group edit? */
- if (isset($_POST['add_groups_cancel']) ||
- isset($_POST['add_groups_finish'])){
- $this->group_dialog= FALSE;
- $this->dialog= FALSE;
+ // Cancel group dialog
+ if (isset($_POST['add_groups_cancel'])){
+ $this->groupSelect= NULL;
}
- /* Add selected groups */
- if (isset($_POST['add_groups_finish']) && isset($_POST['groups']) &&
- count($_POST['groups'])){
-
- $this->addGroup ($_POST['groups']);
+ // Add groups selected in groupSelect dialog to ours.
+ if (isset($_POST['add_groups_finish']) && $this->groupSelect){
+ $groups = $this->groupSelect->detectPostActions();
+ if(isset($groups['targets'])){
+ $this->addGroup ($groups['targets']);
+ $this->is_modified= TRUE;
+ }
+ $this->groupSelect= NULL;
}
- /* Delete selected groups */
+ // Remove groups from currently selected groups.
if (isset($_POST['delete_groupmembership']) &&
isset($_POST['group_list']) && count($_POST['group_list'])){
- $this->delGroup ($_POST['group_list']);
- }
-
- /* Add user workstation? */
- if (isset($_POST["add_ws"])){
- $this->show_ws_dialog= TRUE;
- $this->dialog= TRUE;
- }
-
- /* Add user workstation? */
- if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
- foreach($_POST['wslist'] as $ws){
- $this->accessTo[$ws]= $ws;
- }
- ksort($this->accessTo);
- $this->is_modified= TRUE;
- }
-
- /* Remove user workstations? */
- if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
- foreach($_POST['workstation_list'] as $name){
- unset ($this->accessTo[$name]);
- }
- $this->is_modified= TRUE;
- }
-
- /* Add user workstation finished? */
- if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
- $this->show_ws_dialog= FALSE;
- $this->dialog= FALSE;
+ $this->delGroup (get_post('group_list'));
}
/* Templates now! */
$smarty= get_smarty();
- /* Show ws dialog */
- if ($this->show_ws_dialog){
- /* Save data */
- $sysfilter= session::get("sysfilter");
- foreach( array("depselect", "regex") as $type){
- if (isset($_POST[$type])){
- $sysfilter[$type]= $_POST[$type];
- }
- }
- if (isset($_GET['search'])){
- $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
- if ($s == "**"){
- $s= "*";
- }
- $sysfilter['regex']= $s;
- }
- session::set("sysfilter", $sysfilter);
-
- /* Get workstation list */
- $exclude= "";
- foreach($this->accessTo as $ws){
- $exclude.= "(cn=$ws)";
- }
- if ($exclude != ""){
- $exclude= "(!(|$exclude))";
- }
- $regex= $sysfilter['regex'];
- $filter= "(&(|(objectClass=goServer)(objectClass=gotoWorkstation)(objectClass=gotoTerminal))$exclude(cn=*)(cn=$regex))";
- $deps_a = array(get_ou("serverou"),
- get_ou("terminalou"),
- get_ou("workstationou"));
- $res= get_sub_list($filter, array("terminal","server","workstation"), $deps_a, get_ou("systemsou").$sysfilter['depselect'], array("cn"), GL_SUBSEARCH | GL_SIZELIMIT);
- $wslist= array();
- foreach ($res as $attrs){
- $wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
- }
- asort($wslist);
- $smarty->assign("search_image", get_template_path('images/search.png'));
- $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
- $smarty->assign("tree_image", get_template_path('images/tree.png'));
- $smarty->assign("deplist", $this->config->idepartments);
- $smarty->assign("alphabet", generate_alphabet());
- foreach( array("depselect", "regex") as $type){
- $smarty->assign("$type", $sysfilter[$type]);
- }
- $smarty->assign("hint", print_sizelimit_warning());
- $smarty->assign("wslist", $wslist);
- $smarty->assign("apply", apply_filter());
- $display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
- return ($display);
+ // Handle trust mode dialog
+ $trustModeDialog = $this->trustModeDialog->execute();
+ if($this->trustModeDialog->trustSelect){
+ $this->dialog = TRUE;
+ return($trustModeDialog);
+
}
+ $smarty->assign("trustModeDialog" , $trustModeDialog);
+
/* Manage group add dialog */
- if ($this->group_dialog){
+ if ($this->groupSelect){
+ $this->dialog = TRUE;
- /* Get global filter config */
- $this->reload();
+ // Build up blocklist
+ session::set('filterBlacklist', array('dn' => array_keys($this->groupMembership)));
+ return($this->groupSelect->execute());
+ }
- /* remove already assigned groups */
- $glist= array();
- foreach ($this->grouplist as $key => $value){
- if (!isset($this->groupMembership[$key]) && obj_is_writable($key,"groups/group","memberUid")){
- $glist[$key]= $value;
- }
- }
+ // Handle ssh dialog?
+ if ($this->ssh instanceOf sshPublicKey && preg_match('/[rw]/', $this->getacl("sshPublicKey"))) {
- if($this->SubSearch){
- $smarty->assign("SubSearchCHK"," checked ");
- }else{
- $smarty->assign("SubSearchCHK","");
+ if ($result= $this->ssh->execute()) {
+ $this->dialog= true;
+ pathNavigator::registerPlugin("SSH keys");
+ return $result;
}
-
- $smarty->assign("regex",$this->GroupRegex);
- $smarty->assign("guser",$this->GroupUserRegex);
- $smarty->assign("groups", $glist);
- $smarty->assign("search_image", get_template_path('images/search.png'));
- $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
- $smarty->assign("tree_image", get_template_path('images/tree.png'));
- $smarty->assign("deplist", $this->config->idepartments);
- $smarty->assign("alphabet", generate_alphabet());
- $smarty->assign("depselect", session::get('CurrentMainBase'));
- $smarty->assign("hint", print_sizelimit_warning());
-
- $smarty->assign("apply", apply_filter());
- $display.= $smarty->fetch (get_template_path('posix_groups.tpl', TRUE, dirname(__FILE__)));
- return ($display);
}
+
/* Show main page */
$smarty= get_smarty();
- /* In 'MyAccount' mode, we must remove write acls if we are not in editing mode. */
- $SkipWrite = (!isset($this->parent) || !$this->parent) && !session::is_set('edit');
+
+ $smarty->assign("sshPublicKeyACL", $this->getacl("sshPublicKey"));
/* Depending on pwmode, currently hardcoded because there are no other methods */
if ( 1 == 1 ){
$smarty->assign("pwmode", dirname(__FILE__)."/posix_shadow");
- $shadowMinACL = $this->getacl("shadowMin",$SkipWrite);
+ $shadowMinACL = $this->getacl("shadowMin");
$smarty->assign("shadowmins", sprintf(_("Password can't be changed up to %s days after last change"),
- "shadowMin."\">"));
+ "shadowMin."\">"));
- $shadowMaxACL = $this->getacl("shadowMax",$SkipWrite);
+ $shadowMaxACL = $this->getacl("shadowMax");
$smarty->assign("shadowmaxs", sprintf(_("Password must be changed after %s days"),
- "shadowMax."\">"));
+ "shadowMax."\">"));
- $shadowInactiveACL= $this->getacl("shadowInactive",$SkipWrite);
- $smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiery"),
- "shadowInactive."\">"));
+ $shadowInactiveACL= $this->getacl("shadowInactive");
+ $smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiry"),
+ "shadowInactive."\">"));
- $shadowWarningACL = $this->getacl("shadowWarning",$SkipWrite);
- $smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiery"),
- "shadowWarning."\">"));
+ $shadowWarningACL = $this->getacl("shadowWarning");
+ $smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiry"),
+ "shadowWarning."\">"));
foreach( array("activate_shadowMin", "activate_shadowMax",
- "activate_shadowExpire", "activate_shadowInactive","activate_shadowWarning") as $val){
+ "activate_shadowExpire", "activate_shadowInactive","activate_shadowWarning") as $val){
if ($this->$val == 1){
$smarty->assign("$val", "checked");
} else {
$smarty->assign("$val", "");
}
- $smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
+ $smarty->assign("$val"."ACL", $this->getacl(preg_replace("/^.*_/","",$val)));
}
- $smarty->assign("mustchangepasswordACL", $this->getacl("mustchangepassword",$SkipWrite));
+ $smarty->assign("mustchangepasswordACL", $this->getacl("mustchangepassword"));
}
- /* Fill calendar */
- /* If this $this->shadowExpire is empty
- use current date as base for calculating selectbox values.
- (This attribute is empty if this is a new user )*/
- if(empty($this->shadowExpire)){
- $date= getdate(time());
- }else{
- $date= getdate($this->shadowExpire);
- }
-
- $days= array();
- for($d= 1; $d<32; $d++){
- $days[$d]= $d;
- }
- $years= array();
- for($y= $date['year']-10; $y<$date['year']+10; $y++){
- $years[]= $y;
- }
- $months= msgPool::months();
- $smarty->assign("day", $date["mday"]);
- $smarty->assign("days", $days);
- $smarty->assign("months", $months);
- $smarty->assign("month", $date["mon"]-1);
- $smarty->assign("years", $years);
- $smarty->assign("year", $date["year"]);
+ // Set last system login
+ $smarty->assign("gotoLastSystemLogin", set_post($this->gotoLastSystemLogin));
/* Fill arrays */
- $smarty->assign("shells", $this->loginShellList);
+ $smarty->assign("shells", set_post($this->loginShellList));
$smarty->assign("secondaryGroups", $this->secondaryGroups);
- $smarty->assign("primaryGroup", $this->primaryGroup);
+ $smarty->assign("primaryGroup", set_post($this->primaryGroup));
if(!$this->multiple_support_active){
if (!count($this->groupMembership)){
$smarty->assign("groupMembership", array(" "));
} else {
- $smarty->assign("groupMembership", $this->groupMembership);
+ $smarty->assign("groupMembership", set_post($this->groupMembership));
}
}else{
- $smarty->assign("groupMembership", $this->groupMembership);
- $smarty->assign("groupMembership_some", $this->groupMembership_some);
+ $smarty->assign("groupMembership", set_post($this->groupMembership));
+ $smarty->assign("groupMembership_some", set_post($this->groupMembership_some));
}
+
if (count($this->groupMembership) > 16){
$smarty->assign("groups", "too_many_for_nfs");
} else {
@@ -551,12 +438,21 @@ class posixAccount extends plugin
}
$smarty->assign("force_ids", "");
}
-
- $smarty->assign("force_idsACL", $this->getacl("uidNumber",$SkipWrite).$this->getacl("gidNumber",$SkipWrite));
+ /* Create onClick="" action string for the "Force UID/GID" option
+ */
+ $onClickIDS ="";
+ if(preg_match("/w/",$this->getacl("uidNumber"))){
+ $onClickIDS .= "changeState('uidNumber');";
+ }
+ if(preg_match("/w/",$this->getacl("gidNumber"))){
+ $onClickIDS .= "changeState('gidNumber');";
+ }
+ $smarty->assign("onClickIDS", $onClickIDS);
+ $smarty->assign("force_idsACL", $this->getacl("uidNumber").$this->getacl("gidNumber"));
- foreach(array("primaryGroup","trustmode","activate_shadowWarning","activate_shadowInactive","activate_shadowMin","activate_shadowMax","activate_shadowExpire","mustchangepassword") as $val){
- if(in_array($val,$this->multi_boxes)){
+ foreach(array("primaryGroup","activate_shadowWarning","activate_shadowInactive","activate_shadowMin","activate_shadowMax","activate_shadowExpire","mustchangepassword") as $val){
+ if(in_array_strict($val,$this->multi_boxes)){
$smarty->assign("use_".$val,TRUE);
}else{
$smarty->assign("use_".$val,FALSE);
@@ -566,64 +462,35 @@ class posixAccount extends plugin
/* Load attributes and acl's */
foreach($this->attributes as $val){
- if(in_array($val,$this->multi_boxes)){
+ if(in_array_strict($val,$this->multi_boxes)){
$smarty->assign("use_".$val,TRUE);
}else{
$smarty->assign("use_".$val,FALSE);
}
-
- if((session::get("js"))&&(($val=="uidNumber")||($val=="gidNumber")))
- {
- $smarty->assign("$val"."ACL",$this->getacl($val,$SkipWrite));
- $smarty->assign("$val", $this->$val);
- continue;
- }
- $smarty->assign("$val", $this->$val);
- $smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
+ $smarty->assign("$val", set_post($this->$val));
}
- if($SkipWrite){
+
+ $tmp = $this->plInfo();
+ foreach($tmp['plProvidedAcls'] as $val => $desc){
+ $smarty->assign("$val"."ACL", $this->getacl($val));
+ }
+
+ if($this->read_only){
$smarty->assign("groupMembershipACL","r");
}else{
$smarty->assign("groupMembershipACL","rw");
}
$smarty->assign("status", $this->status);
- /* Work on trust modes */
- $smarty->assign("trusthide", " disabled ");
- $smarty->assign("trustmodeACL", $this->getacl("trustModel",$SkipWrite));
- if ($this->trustModel == "fullaccess"){
- $trustmode= 1;
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
-
- } elseif ($this->trustModel == "byhost"){
- $trustmode= 2;
- $smarty->assign("trusthide", "");
+ if($this->mustchangepassword){
+ $smarty->assign("mustchangepassword", " checked ");
} else {
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
- $trustmode= 0;
+ $smarty->assign("mustchangepassword", "");
}
- $smarty->assign("trustmode", $trustmode);
- $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
- 2 => _("allow access to these hosts")));
-
-
-
- if((count($this->accessTo))==0)
- $smarty->assign("emptyArrAccess",true);
- else
- $smarty->assign("emptyArrAccess",false);
-
- if($this->mustchangepassword){
- $smarty->assign("mustchangepassword", " checked ");
- } else {
- $smarty->assign("mustchangepassword", "");
- }
- $smarty->assign("workstations", $this->accessTo);
+ // Add SSH button if available
+ $smarty->assign("sshPublicKey", $this->ssh?1:0);
- $smarty->assign("apply", apply_filter());
$smarty->assign("multiple_support" , $this->multiple_support_active);
$display.= $smarty->fetch (get_template_path('generic.tpl', TRUE, dirname(__FILE__)));
return($display);
@@ -638,8 +505,6 @@ class posixAccount extends plugin
return;
}
- /* include global link_info */
- $ldap= $this->config->get_ldap_link();
/* Remove and write to LDAP */
plugin::remove_from_parent();
@@ -649,10 +514,11 @@ class posixAccount extends plugin
/* Keep uid, because we need it for authentification! */
unset($this->attrs['uid']);
- unset($this->attrs['trustModel']);
@DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__,
+ /* include global link_info */
$this->attributes, "Save");
+ $ldap= $this->config->get_ldap_link();
$ldap->cd($this->dn);
$this->cleanup();
$ldap->modify ($this->attrs);
@@ -686,7 +552,7 @@ class posixAccount extends plugin
if (isset($_POST['posixTab'])){
/* Save values to object */
plugin::save_object();
-
+ $this->trustModeDialog->save_object();
/* Save force GID checkbox */
if($this->acl_is_writeable("gidNumber") || $this->acl_is_writeable("uidNumber")){
@@ -703,11 +569,11 @@ class posixAccount extends plugin
/*Save primary group settings */
if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
- $data= $_POST['primaryGroup'];
+ $data= get_post('primaryGroup');
if ($this->primaryGroup != $data){
$this->is_modified= TRUE;
}
- $this->primaryGroup= $_POST['primaryGroup'];
+ $this->primaryGroup= get_post('primaryGroup');
}
/* Get seelcted shadow checkboxes */
@@ -716,10 +582,12 @@ class posixAccount extends plugin
$activate_var = "activate_".$var;
if(isset($_POST['activate_'.$var])){
$this->$activate_var = true;
- $this->$var = $_POST[$var];
+ $this->$var = get_post($var);
}else{
$this->$activate_var = false;
- $this->$var = 0;
+ if ($var != "shadowExpire") {
+ $this->$var = 0;
+ }
}
}
}
@@ -730,47 +598,7 @@ class posixAccount extends plugin
}else{
$this->mustchangepassword = FALSE;
}
-
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
- }
-
- /* Get regex from alphabet */
- if(isset($_GET['search'])){
- $this->GroupRegex = $_GET['search']."*";
- }
-
- /* Check checkboxes and regexes */
- if(isset($_POST["PosixGroupDialogPosted"])){
-
- if(isset($_POST['SubSearch']) && ($_POST['SubSearch'])){
- $this->SubSearch = true;
- }else{
- $this->SubSearch = false;
- }
- if(isset($_POST['guser'])){
- $this->GroupUserRegex = $_POST['guser'];
- }
- if(isset($_POST['regex'])){
- $this->GroupRegex = $_POST['regex'];
- }
}
- $this->GroupRegex = preg_replace("/\*\**/","*",$this->GroupRegex);
- $this->GroupUserRegex = preg_replace("/\*\**/","*",$this->GroupUserRegex);
}
@@ -778,15 +606,13 @@ class posixAccount extends plugin
function save()
{
- /* include global link_info */
- $ldap= $this->config->get_ldap_link();
-
/* Adapt shadow values */
if (!$this->activate_shadowExpire){
$this->shadowExpire= "0";
} else {
- /* Transform seconds to days here */
- $this->shadowExpire= (int)($this->shadowExpire / (60 * 60 * 24)) ;
+ /* Transform date to days since the beginning */
+ list($day, $month, $year)= explode('.', $this->shadowExpire, 3);
+ $this->shadowExpire= (int)(mktime(0, 0, 0, $month, $day, $year)/ (60 * 60 * 24)) ;
}
if (!$this->activate_shadowMax){
$this->shadowMax= "0";
@@ -794,23 +620,28 @@ class posixAccount extends plugin
if ($this->mustchangepassword){
$this->shadowLastChange= (int)(date("U") / 86400) - $this->shadowMax - 1;
} else {
- $this->shadowLastChange= (int)(date("U") / 86400);
+# $this->shadowLastChange= (int)(date("U") / 86400);
}
if (!$this->activate_shadowWarning){
$this->shadowWarning= "0";
}
- /* Check what to do with ID's */
+ /* Check what to do with ID's
+ Nothing forced, so we may have to generate our own IDs, if not done already.
+ */
if ($this->force_ids == 0){
- /* Use id's that are already set */
+ /* Handle uidNumber.
+ * - use existing number if possible
+ * - if not, try to create a new uniqe one.
+ * */
if ($this->savedUidNumber != ""){
$this->uidNumber= $this->savedUidNumber;
- $this->gidNumber= $this->savedGidNumber;
} else {
/* Calculate new id's. We need to place a lock before calling get_next_id
- to get real unique values. */
+ to get real unique values.
+ */
$wait= 10;
while (get_lock("uidnumber") != ""){
sleep (1);
@@ -821,19 +652,79 @@ class posixAccount extends plugin
break;
}
}
-
add_lock ("uidnumber", "gosa");
- $this->uidNumber= $this->get_next_id("uidNumber", $this->dn);
- if ($this->savedGidNumber != ""){
- $this->gidNumber= $this->savedGidNumber;
- } else {
- $this->gidNumber= $this->get_next_id("gidNumber", $this->dn);
- }
+ $this->uidNumber= get_next_id("uidNumber", $this->dn);
+ }
+ }
+
+
+ /* Handle gidNumber
+ * - If we do not have a primary group selected (automatic), we will check if there
+ * is already a group with the same name and use this as primary.
+ * - .. if we couldn't find a group with the same name, we will create a new one,
+ * using the users uid as cn and a generated uniqe gidNumber.
+ * */
+ if ($this->primaryGroup == 0 || $this->force_ids){
+
+ /* Search for existing group */
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+
+ /* Are we forced to use a special gidNumber? */
+ if($this->force_ids){
+ $ldap->search("(&(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))", array("cn","gidNumber"));
+ }else{
+ $ldap->search("(&(objectClass=posixGroup)(gidNumber=*)(cn=".$this->uid."))", array("cn","gidNumber"));
}
- if ($this->primaryGroup != 0){
- $this->gidNumber= $this->primaryGroup;
+ /* No primary group found, create a new one */
+ if ($ldap->count() == 0){
+
+ $groupcn = $this->uid;
+ $pri_attr = $this->config->get_cfg_value("core","accountPrimaryAttribute");
+ $groupdn= preg_replace ('/^'.preg_quote($pri_attr,'/').'=[^,]+,'.preg_quote(get_people_ou(),'/').'/i',
+ 'cn='.$groupcn.','.get_groups_ou(), $this->dn);
+
+ /* Request a new and uniqe gidNumber, if required */
+ if(!$this->force_ids){
+ $this->gidNumber= get_next_id("gidNumber", $this->dn);
+ }
+
+ /* If forced gidNumber could not be found, then check if the given group name already exists
+ we do not want to modify the gidNumber of an existing group.
+ */
+ $cnt= 0;
+ while($ldap->dn_exists($groupdn) && ($cnt < 100)){
+ $cnt ++;
+ $groupcn = $this->uid."_".$cnt;
+ $groupdn= preg_replace ('/^'.preg_quote($pri_attr,'/').'=[^,]+,'.preg_quote(get_people_ou(),'/').'/i',
+ 'cn='.$groupcn.','.get_groups_ou(), $this->dn);
+ }
+
+ /* Create new primary group and enforce the new gidNumber */
+ $g= new group($this->config, $groupdn);
+ $g->cn= $groupcn;
+ $g->force_gid= 1;
+ $g->gidNumber= $this->gidNumber;
+ $g->description= _("Group of user")." ".$this->givenName." ".$this->sn;
+ $g->save ();
+
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
+ sprintf("Primary group '%s' created, using gidNumber '%s'.",$groupcn,$this->gidNumber),"");
+ }else{
+ $attrs = $ldap->fetch();
+ $this->gidNumber = $attrs['gidNumber'][0];
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
+ "Found and used: ".$attrs['dn']."",
+ sprintf("Primary group '%s' exists, gidNumber is '%s'.",$this->uid,$this->gidNumber));
}
+ }else{
+
+ /* Primary group was selected by user
+ */
+ $this->gidNumber = $this->primaryGroup;
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
+ sprintf("Primary group '%s' for user '%s' manually selected.",$this->gidNumber,$this->uid),"");
}
if ($this->activate_shadowMin != "1" ) {
@@ -870,51 +761,22 @@ class posixAccount extends plugin
/* Call parents save to prepare $this->attrs */
plugin::save();
- /* Trust accounts */
- $objectclasses= array();
- foreach ($this->attrs['objectClass'] as $key => $class){
- if (preg_match('/trustAccount/i', $class)){
- continue;
- }
- $objectclasses[]= $this->attrs['objectClass'][$key];
- }
- $this->attrs['objectClass']= $objectclasses;
- if ($this->trustModel != ""){
- $this->attrs['objectClass'][]= "trustAccount";
- $this->attrs['trustModel']= $this->trustModel;
- $this->attrs['accessTo']= array();
- if ($this->trustModel == "byhost"){
- foreach ($this->accessTo as $host){
- $this->attrs['accessTo'][]= $host;
- }
- }
- } else {
- if ($this->was_trust_account){
- $this->attrs['accessTo']= array();
- $this->attrs['trustModel']= array();
- }
- }
-
- if(empty($this->attrs['gosaDefaultPrinter'])){
- $thid->attrs['gosaDefaultPrinter']=array();
- }
-
-
- /* Save data to LDAP */
- $ldap->cd($this->dn);
+ /* include global link_info */
$this->cleanup();
-
+
/* This is just a test, we have had duplicated ids
- in the past when copy & paste was used.
+ in the past when copy & paste was used.
Normaly this should not happen.
*/
if(isset($this->attrs['uidNumber']) && !$this->force_ids){
$used = $this->get_used_uid_numbers();
if(isset($used[$this->attrs['uidNumber']]) && $used[$this->attrs['uidNumber']] != $this->dn){
- msg_dialog::display(_("Uid number"),_("A duplicated uid number was written for this user, if this was not intended please verify all used uidNumbers."), WARNING_DIALOG);
+ msg_dialog::display(_("Warning"),_("A duplicated UID number was written for this user. If this was not intended please verify all used uidNumbers!"), WARNING_DIALOG);
}
}
+ $ldap= $this->config->get_ldap_link();
+ $ldap->cd($this->dn);
unset($this->attrs['uid']);
$ldap->modify ($this->attrs);
@@ -932,25 +794,15 @@ class posixAccount extends plugin
/* Remove lock needed for unique id generation */
del_lock ("uidnumber");
- /* Posix accounts have group interrelationship,
- take care about these here if this is a new user without forced gidNumber. */
- if ($this->force_ids == 0 && $this->primaryGroup == 0 && !$this->initially_was_account){
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))", array("cn"));
-
- /* Create group if it doesn't exist */
- if ($ldap->count() == 0){
- $groupdn= preg_replace ('/^'.$this->config->current['DNMODE'].'=[^,]+,'.get_people_ou().'/i', 'cn='.$this->uid.','.get_groups_ou(), $this->dn);
-
- $g= new group($this->config, $groupdn);
- $g->cn= $this->uid;
- $g->force_gid= 1;
- $g->gidNumber= $this->gidNumber;
- $g->description= _("Group of user")." ".$this->givenName." ".$this->sn;
- $g->save ();
- }
+ // Save ssh stuff if needed
+ if ($this->ssh) {
+ $this->ssh->setDN($this->dn);
+ $this->ssh->save();
}
+ $this->trustModeDialog->dn = $this->dn;
+ $this->trustModeDialog->save();
+
/* Take care about groupMembership values: add to groups */
foreach ($this->groupMembership as $key => $value){
if (!isset($this->savedGroupMembership[$key])){
@@ -961,7 +813,7 @@ class posixAccount extends plugin
}
}
- /* Remove from groups not listed in groupMembership */
+ /* Remove groups not listed in groupMembership */
foreach ($this->savedGroupMembership as $key => $value){
if (!isset($this->groupMembership[$key])){
$g= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $key,"groups");
@@ -981,6 +833,7 @@ class posixAccount extends plugin
}
}
+
/* Check formular input */
function check()
{
@@ -1015,19 +868,24 @@ class posixAccount extends plugin
if (!tests::is_id($this->uidNumber)){
$message[]= msgPool::invalid(_("UID"), $this->uidNumber, "/[0-9]/");
} else {
- if ($this->uidNumber < $this->config->current['MINID']){
- $message[]= msgPool::toosmall(_("UID"), $this->config->current['MINID']);
+ if ($this->uidNumber < $this->config->get_cfg_value("core","minId")){
+ $message[]= msgPool::toosmall(_("UID"), $this->config->get_cfg_value("core","minId"));
}
}
if (!tests::is_id($this->gidNumber)){
$message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
} else {
- if ($this->gidNumber < $this->config->current['MINID']){
- $message[]= msgPool::toosmall(_("GID"), $this->config->current['MINID']);
+ if ($this->gidNumber < $this->config->get_cfg_value("core","minId")){
+ $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("core","minId"));
}
}
}
+ /* Check dates */
+ if ($this->activate_shadowExpire && ($this->shadowExpire == "" || !tests::is_date($this->shadowExpire))){
+ $message[]= msgPool::invalid("shadowExpire", $this->shadowExpire);
+ }
+
/* Check shadow settings, well I like spaghetties... */
if ($this->activate_shadowMin){
if (!tests::is_id($this->shadowMin)){
@@ -1074,47 +932,47 @@ class posixAccount extends plugin
function multiple_check()
{
$message = plugin::multiple_check();
- if ($this->homeDirectory == "" && in_array("homeDirectory",$this->multi_boxes)){
+ if ($this->homeDirectory == "" && in_array_strict("homeDirectory",$this->multi_boxes)){
$message[]= msgPool::required(_("Home directory"));
}
- if (!tests::is_path($this->homeDirectory) && in_array("homeDirectory",$this->multi_boxes)){
+ if (!tests::is_path($this->homeDirectory) && in_array_strict("homeDirectory",$this->multi_boxes)){
$message[]= msgPool::invalid(_("Home directory"), "", "", "/home/yourname" );
}
/* Check shadow settings, well I like spaghetties... */
- if ($this->activate_shadowMin && in_array("activate_shadowMin",$this->multi_boxes)){
+ if ($this->activate_shadowMin && in_array_strict("activate_shadowMin",$this->multi_boxes)){
if (!tests::is_id($this->shadowMin)){
$message[]= msgPool::invalid(_("shadowMin"), $this->shadowMin, "/[0-9]/");
}
}
- if ($this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+ if ($this->activate_shadowMax && in_array_strict("activate_shadowMax",$this->multi_boxes)){
if (!tests::is_id($this->shadowMax)){
$message[]= msgPool::invalid(_("shadowMax"), $this->shadowMax, "/[0-9]/");
}
}
- if ($this->activate_shadowWarning && in_array("activate_shadowWarning",$this->multi_boxes)){
+ if ($this->activate_shadowWarning && in_array_strict("activate_shadowWarning",$this->multi_boxes)){
if (!tests::is_id($this->shadowWarning)){
$message[]= msgPool::invalid(_("shadowWarning"), $this->shadowWarning, "/[0-9]/");
}
- if (!$this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+ if (!$this->activate_shadowMax && in_array_strict("activate_shadowMax",$this->multi_boxes)){
$message[]= msgPool::depends("shadowWarning", "shadowMax");
}
- if ($this->shadowWarning > $this->shadowMax && in_array("activate_shadowWarning",$this->multi_boxes)){
+ if ($this->shadowWarning > $this->shadowMax && in_array_strict("activate_shadowWarning",$this->multi_boxes)){
$message[]= msgPool::toobig("shadowWarning", "shadowMax");
}
- if ($this->activate_shadowMin && $this->shadowWarning < $this->shadowMin && in_array("activate_shadowMin",$this->multi_boxes)){
+ if ($this->activate_shadowMin && $this->shadowWarning < $this->shadowMin && in_array_strict("activate_shadowMin",$this->multi_boxes)){
$message[]= msgPool::tosmall("shadowWarning", "shadowMin");
}
}
- if ($this->activate_shadowInactive && in_array("activate_shadowInactive",$this->multi_boxes)){
+ if ($this->activate_shadowInactive && in_array_strict("activate_shadowInactive",$this->multi_boxes)){
if (!tests::is_id($this->shadowInactive)){
$message[]= msgPool::invalid(_("shadowInactive"), $this->shadowInactive, "/[0-9]/");
}
- if (!$this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+ if (!$this->activate_shadowMax && in_array_strict("activate_shadowMax",$this->multi_boxes)){
$message[]= msgPool::depends("shadowInactive", "shadowMax");
}
}
- if ($this->activate_shadowMin && $this->activate_shadowMax && in_array("activate_shadowMin",$this->multi_boxes)){
+ if ($this->activate_shadowMin && $this->activate_shadowMax && in_array_strict("activate_shadowMin",$this->multi_boxes)){
if ($this->shadowMin > $this->shadowMax){
$message[]= msgPool::toobig("shadowMin", "shadowMax");
}
@@ -1177,12 +1035,12 @@ class posixAccount extends plugin
/* Adapt from template, using 'dn' */
- function adapt_from_template($dn)
+ function adapt_from_template($dn, $skip= array())
{
/* Include global link_info */
$ldap= $this->config->get_ldap_link();
- plugin::adapt_from_template($dn);
+ plugin::adapt_from_template($dn, $skip);
$template= $this->attrs['uid'][0];
/* Adapt group membership */
@@ -1221,21 +1079,17 @@ class posixAccount extends plugin
}
}
- /* FIXME: NEED review of this section */
- /* Need to check shadowExpire separately */
-
- /*
- * If shadowExpire is not enabled in the template, it's a UNIX timestamp - so don't convert it to seconds.
- * The check is a hack - if difference between timestamp generated above and here is max 1 day.
- */
- if(abs($this->shadowExpire - time())>86400) {
- $this->shadowExpire= $this->convertToSeconds($this->shadowExpire);
- }
-
/* Only enable checkbox, if shadowExpire is in the future */
if($this->shadowExpire > time()) {
$this->activate_shadowExpire= "1";
}
+
+ /* Convert shadowExpire for usage */
+ if ($this->shadowExpire == 0){
+ $this->shadowExpire= "";
+ } else {
+ $this->shadowExpire= date('d.m.Y', $this->shadowExpire * 60 * 60 * 24);
+ }
}
function convertToSeconds($val)
@@ -1265,130 +1119,16 @@ class posixAccount extends plugin
return($ids);
}
-
- function get_next_id($attrib, $dn)
- {
- $ids= array();
- $ldap= $this->config->get_ldap_link();
-
- $ldap->cd ($this->config->current['BASE']);
- if (preg_match('/gidNumber/i', $attrib)){
- $oc= "posixGroup";
- } else {
- $oc= "posixAccount";
- }
- $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
-
- /* Get list of ids */
- while ($attrs= $ldap->fetch()){
- $ids[]= (int)$attrs["$attrib"][0];
- }
-
- /* Add the nobody id */
- $ids[]= 65534;
-
- /* get the ranges */
- $tmp = array('0'=> 1000);
- if (preg_match('/posixAccount/', $oc) && isset($this->config->current['UIDBASE'])) {
- $tmp= split('-',$this->config->current['UIDBASE']);
- } elseif(isset($this->config->current['GIDBASE'])){
- $tmp= split('-',$this->config->current['GIDBASE']);
- }
-
- /* Set hwm to max if not set - for backward compatibility */
- $lwm= $tmp[0];
- if (isset($tmp[1])){
- $hwm= $tmp[1];
- } else {
- $hwm= pow(2,32);
- }
-
- /* Find out next free id near to UID_BASE */
- if (!isset($this->config->current['BASE_HOOK'])){
- $base= $lwm;
- } else {
- /* Call base hook */
- $base= get_base_from_hook($dn, $attrib);
- }
- for ($id= $base; $id++; $id < pow(2,32)){
- if (!in_array($id, $ids)){
- return ($id);
- }
- }
-
- /* Should not happen */
- if ($id == $hwm){
- msg_dialog::display(_("Error"), _("Cannot allocate a free ID: too many users!"), ERROR_DIALOG);
- exit;
- }
-
- }
-
- function reload()
- {
- /* Set base for all searches */
- $base = session::get('CurrentMainBase');
- $base = $base;
- $ldap = $this->config->get_ldap_link();
- $attrs = array("cn", "description", "gidNumber");
- $Flags = GL_SIZELIMIT;
-
- /* Get groups */
- if ($this->GroupUserRegex == '*'){
- $filter = "(&(objectClass=posixGroup)(cn=".$this->GroupRegex."))";
- } else {
- $filter= "(&(objectClass=posixGroup)(cn=".$this->GroupRegex.")(memberUid=".$this->GroupUserRegex."))";
- }
- if($this->SubSearch){
- $Flags |= GL_SUBSEARCH;
- }else{
- $base = get_groups_ou().$base;
- }
-
- $res= get_list($filter, "groups", $base,$attrs, $Flags);
-
- /* check sizelimit */
- if (preg_match("/size limit/i", $ldap->get_error())){
- session::set('limit_exceeded',TRUE);
- }
-
- /* Create a list of users */
- $this->grouplist = array();
- foreach ($res as $value){
- $this->grouplist[$value['gidNumber'][0]]= $value;
- }
-
- $tmp=array();
- foreach($this->grouplist as $tkey => $val ){
- $tmp[strtolower($val['cn'][0]).$val['cn'][0]]=$val;
- }
-
- /* Sort index */
- ksort($tmp);
-
- /* Recreate index array[dn]=cn[description]*/
- $this->grouplist=array();
- foreach($tmp as $val){
- if(isset($val['description'])){
- $this->grouplist[$val['dn']]=$val['cn'][0]." [".$val['description'][0]."]";
- }else{
- $this->grouplist[$val['dn']]=$val['cn'][0];
- }
- }
-
- reset ($this->grouplist);
- }
-
/* Get posts from copy & paste dialog */
function saveCopyDialog()
{
if(isset($_POST['homeDirectory'])){
- $this->homeDirectory = $_POST['homeDirectory'];
+ $this->homeDirectory = get_post('homeDirectory');
if (isset ($_POST['force_ids'])){
$data= 1;
- $this->gidNumber = $_POST['gidNumber'];
- $this->uidNumber = $_POST['uidNumber'];
+ $this->gidNumber = get_post('gidNumber');
+ $this->uidNumber = get_post('uidNumber');
} else {
$data= 0;
}
@@ -1396,9 +1136,14 @@ class posixAccount extends plugin
$this->is_modified= TRUE;
}
$this->force_ids= $data;
+ $data= get_post('primaryGroup');
+ if ($this->primaryGroup != $data){
+ $this->is_modified= TRUE;
+ }
+ $this->primaryGroup= get_post('primaryGroup');
}
}
-
+
/* Create the posix dialog part for copy & paste */
function getCopyDialog()
@@ -1422,7 +1167,7 @@ class posixAccount extends plugin
/* Open group add dialog */
if(isset($_POST['edit_groupmembership'])){
- $this->group_dialog = TRUE;
+ $this->groupSelect = new groupSelect($this->config,get_userinfo());
$sta = "SubDialog";
}
@@ -1430,10 +1175,10 @@ class posixAccount extends plugin
to ensure that the membership is updatd */
if(isset($_POST['add_groups_finish']) || isset($_POST['add_groups_cancel'])){
$this->execute();
- $this->group_dialog =FALSE;
+ $this->groupSelect =NULL;
}
- if($this->group_dialog){
+ if($this->groupSelect){
$str = $this->execute(true);
$ret = array();
$ret['string'] = $str;
@@ -1448,15 +1193,18 @@ class posixAccount extends plugin
/* Assigned informations to smarty */
$smarty = get_smarty();
- $smarty->assign("homeDirectory",$this->homeDirectory);
- $smarty->assign("uidNumber",$this->uidNumber);
- $smarty->assign("gidNumber",$this->gidNumber);
- $smarty->assign("forceMode",$forceMode);
- $smarty->assign("force_ids",$force_ids);
+ $smarty->assign("homeDirectory",set_post($this->homeDirectory));
+ $smarty->assign("secondaryGroups",$this->secondaryGroups);
+ $smarty->assign("primaryGroup",set_post($this->primaryGroup));
+
+ $smarty->assign("uidNumber",set_post($this->uidNumber));
+ $smarty->assign("gidNumber",set_post($this->gidNumber));
+ $smarty->assign("forceMode",set_post($forceMode));
+ $smarty->assign("force_ids",set_post($force_ids));
if (!count($this->groupMembership)){
$smarty->assign("groupMembership", array(" "));
} else {
- $smarty->assign("groupMembership", $this->groupMembership);
+ $smarty->assign("groupMembership", set_post($this->groupMembership));
}
/* Display wars message if there are more than 16 group members */
@@ -1478,9 +1226,58 @@ class posixAccount extends plugin
{
plugin::PrepareForCopyPaste($source);
- /* Avoid using the same gid/uid number as source user */
- $this->savedUidNumber = $this->get_next_id("uidNumber", $this->dn);
- $this->savedGidNumber = $this->get_next_id("gidNumber", $this->dn);
+ $this->trustModeDialog->PrepareForCopyPaste($source);
+
+ /* Avoid using the same gid/uid number as source user
+ empty numbers to enforce new ones. */
+ $this->savedUidNumber = "";
+ $this->savedGidNumber = "";
+
+ /* Get group membership */
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(&(objectClass=posixGroup)(memberUid=".$source['uid'][0]."))", array("cn", "description"));
+
+ while ($attrs= $ldap->fetch()){
+ if (!isset($attrs["description"][0])){
+ $entry= $attrs["cn"][0];
+ } else {
+ $entry= $attrs["cn"][0]." [".$attrs["description"][0]."]";
+ }
+ $this->groupMembership[$ldap->getDN()]= $entry;
+ }
+ asort($this->groupMembership);
+ reset($this->groupMembership);
+
+ /* Fill group */
+ if(isset($source['gidNumber'][0])){
+ $this->primaryGroup= $source['gidNumber'][0];
+ }
+
+
+ /* Adjust shadow checkboxes */
+ foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive",
+ "shadowExpire") as $val){
+
+ if ($this->$val != 0){
+ $oval= "activate_".$val;
+ $this->$oval= "1";
+ }
+ }
+
+ /* Convert shadowExpire for usage */
+ if ($this->shadowExpire == 0){
+ $this->shadowExpire= "";
+ } else {
+ $this->shadowExpire= date('d.m.Y', $this->shadowExpire * 60 * 60 * 24);
+ }
+
+ $tmp = new trustModeDialog($this->config, $source['dn']);
+ $this->trustModeDialog = new trustModeDialog($this->config, $this->dn);
+ $this->trustModeDialog->trustModel = $tmp->trustModel;
+ $this->trustModeDialog->accessTo = $tmp->accessTo;
+ $this->trustModeDialog->setAcl('users/posixAccount');
+
}
@@ -1500,22 +1297,31 @@ class posixAccount extends plugin
"plSection" => array("personal" => _("My account")),
"plCategory" => array("users"),
"plOptions" => array(),
+ "plRequirements"=> array(
+ 'ldapSchema' => array('posixAccount' => ''),
+ 'onFailureDisablePlugin' => array(get_class(), 'sambaAccount','netatalk','environment')
+ ),
"plProvidedAcls" => array(
"homeDirectory" => _("Home directory"),
+ "primaryGroup" => _("Primary group"),
"loginShell" => _("Shell"),
"uidNumber" => _("User ID"),
"gidNumber" => _("Group ID"),
+ "shadowLastChange" => _("Shadow last changed"),
+ "gotoLastSystemLogin" => _("Last login"),
+
"mustchangepassword"=> _("Force password change on login"),
"shadowMin" => _("Shadow min"),
"shadowMax" => _("Shadow max"),
"shadowWarning" => _("Shadow warning"),
"shadowInactive" => _("Shadow inactive"),
"shadowExpire" => _("Shadow expire"),
- "trustModel" => _("System trust model")))
- );
+ "sshPublicKey" => _("Public SSH key"),
+ "accessTo" => _("System trust model")))
+ );
}
@@ -1523,24 +1329,21 @@ class posixAccount extends plugin
function get_multi_edit_values()
{
$ret = plugin::get_multi_edit_values();
+ $ret = array_merge($ret,$this->trustModeDialog->get_multi_edit_values());
$ret['groupMembership'] = $this->groupMembership;
$ret['groupMembership_some']= $this->groupMembership_some;
- if(in_array("primaryGroup",$this->multi_boxes)){
+ if(in_array_strict("primaryGroup",$this->multi_boxes)){
$ret['primaryGroup'] = $this->primaryGroup;
}
- if(in_array("trustmode",$this->multi_boxes)){
- $ret['trustModel'] = $this->trustModel;
- $ret['accessTo'] = $this->accessTo;
- }
foreach(array("shadowWarning","shadowInactive","shadowMin","shadowMax", "shadowExpire") as $entry){
$active = "activate_".$entry;
- if(in_array($active,$this->multi_boxes)){
+ if(in_array_strict($active,$this->multi_boxes)){
$ret[$entry] = $this->$entry;
$ret[$active] = $this->$active;
}
}
- if(in_array("mustchangepassword",$this->multi_boxes)){
+ if(in_array_strict("mustchangepassword",$this->multi_boxes)){
$ret['mustchangepassword'] = $this->mustchangepassword;
}
return($ret);
@@ -1552,15 +1355,17 @@ class posixAccount extends plugin
function multiple_save_object()
{
if(isset($_POST['posix_mulitple_edit'])){
-
+
/* Backup expire value */
$expire_tmp = $this->shadowExpire;
-
+
/* Update all values */
plugin::multiple_save_object();
+ $this->trustModeDialog->multiple_save_object();
+
/* Get selected checkboxes */
- foreach(array("primaryGroup","trustmode","mustchangepassword","activate_shadowWarning","activate_shadowInactive","activate_shadowMin", "activate_shadowMax","activate_shadowExpire") as $val){
+ foreach(array("primaryGroup","mustchangepassword","activate_shadowWarning","activate_shadowInactive","activate_shadowMin", "activate_shadowMax","activate_shadowExpire") as $val){
if(isset($_POST["use_".$val])){
$this->multi_boxes[] = $val;
}
@@ -1570,10 +1375,10 @@ class posixAccount extends plugin
foreach(array("shadowMin","shadowMax","shadowExpire","shadowInactive","shadowWarning") as $var) {
if($this->acl_is_writeable($var)){
$activate_var = "activate_".$var;
- if(in_array($activate_var, $this->multi_boxes)){
+ if(in_array_strict($activate_var, $this->multi_boxes)){
if(isset($_POST['activate_'.$var])){
$this->$activate_var = true;
- $this->$var = $_POST[$var];
+ $this->$var = get_post($var);
}else{
$this->$activate_var = false;
$this->$var = 0;
@@ -1583,7 +1388,7 @@ class posixAccount extends plugin
}
/* Restore shadow value, if the shadow attribute isn't used */
- if(!in_array("activate_shadowExpire",$this->multi_boxes)){
+ if(!in_array_strict("activate_shadowExpire",$this->multi_boxes)){
$this->shadowExpire = $expire_tmp;
}
@@ -1594,40 +1399,24 @@ class posixAccount extends plugin
$this->mustchangepassword = FALSE;
}
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
-
/* Save primary group settings */
if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
- $data= $_POST['primaryGroup'];
+ $data= get_post('primaryGroup');
if ($this->primaryGroup != $data){
$this->is_modified= TRUE;
}
- $this->primaryGroup= $_POST['primaryGroup'];
+ $this->primaryGroup= get_post('primaryGroup');
}
}
}
-
+
/* Initialize plugin with given atribute arrays
*/
function init_multiple_support($attrs,$all)
{
plugin::init_multiple_support($attrs,$all);
+ $this->trustModeDialog->init_multiple_support($attrs,$all);
/* Some dummy values */
$groups_some = array();
@@ -1658,7 +1447,7 @@ class posixAccount extends plugin
$groups_all = $groups_some;
foreach($groups_all as $id => $group){
foreach($uids as $uid){
- if(!in_array($uid,$groups_uid[$id])){
+ if(!in_array_strict($uid,$groups_uid[$id])){
unset($groups_all[$id]);
break;
}
@@ -1677,25 +1466,6 @@ class posixAccount extends plugin
$this->groupMembership_some = $groups_some;
$this->primaryGroup = $this->gidNumber;
- /* Is this account a trustAccount? */
- if (isset($this->multi_attrs['trustModel'])){
- $this->trustModel= $this->multi_attrs['trustModel'][0];
- $this->was_trust_account= TRUE;
- $this->multi_boxes[] = "trustmode";
- } else {
- $this->was_trust_account= FALSE;
- $this->trustModel= "";
- }
-
- /* Create access informations */
- $this->accessTo = array();
- if (isset($this->multi_attrs['accessTo'])){
- for ($i= 0; $i<$this->multi_attrs['accessTo']['count']; $i++){
- $tmp= $this->multi_attrs['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
-
/* Adjust shadow checkboxes */
foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive",
"shadowExpire") as $val){
@@ -1729,8 +1499,25 @@ class posixAccount extends plugin
$groups[$dn] = $cn;
}
plugin::set_multi_edit_values($attrs);
+ $this->trustModeDialog->set_multi_edit_values($attrs);
$this->groupMembership = $groups;
}
+
+ function set_acl_base($base)
+ {
+ @DEBUG (DEBUG_ACL, __LINE__, __FUNCTION__, __FILE__,"".$base."","ACL-Base: ");
+ $this->acl_base= $base;
+ $this->trustModeDialog->set_acl_base($base);
+ }
+
+ /*! \brief Enables multiple support for this plugin
+ */
+ function enable_multiple_support()
+ {
+ plugin::enable_multiple_support();
+ $this->trustModeDialog->enable_multiple_support();
+ }
+
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: