![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e19e3d5)
raw | patch | inline | side by side (parent: e19e3d5)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Fri, 27 Apr 2007 11:03:50 +0000 (11:03 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Fri, 27 Apr 2007 11:03:50 +0000 (11:03 +0000) |
Removed admin account check from index.php
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@6203 594d385d-05f5-0310-b6e9-bd551577e9d8
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@6203 594d385d-05f5-0310-b6e9-bd551577e9d8
| html/index.php | patch | blob | history | |
| setup/class_setupStep_Migrate.inc | patch | blob | history | |
| setup/setup_migrate.tpl | patch | blob | history |
diff --git a/html/index.php b/html/index.php
index 74ac18e9b69e2e927a54355434eaaffc8e31c1cf..91ebe02ffc66d899fb2db20a49bed4d20070071f 100644 (file)
--- a/html/index.php
+++ b/html/index.php
$ldap->create_missing_trees($config->current['CONFIG']);
}
- /* Check for at least one subtreeACL in the complete tree */
- $ldap->cd($config->current['BASE']);
- $ldap->search("(&(objectClass=gosaObject)(gosaSubtreeACL=:all))");
- if ($ldap->count() < 1){
-# print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
-# displayLogin();
-# exit();
- }
-
/* Check for valid input */
$username= $_POST["username"];
if (!ereg("^[A-Za-z0-9_.-]+$", $username)){
index 5fd72d01dcd0ce6389dd8b28a46713b8d890f4fb..ad1534b09cf7e2587af7aafb52c375df7e404001 100644 (file)
*/
+
+
class Step_Migrate extends setup_step
{
var $languages = array();
$this->check_acls();
}
-
- /* Check Acls if there is at least one object with acls defined
- */
- function check_acls()
- {
- /* Establish ldap connection */
- $cv = $this->parent->captured_values;
- $ldap = new LDAP($cv['admin'],
- $cv['password'],
- $cv['connection'],
- FALSE,
- $cv['tls']);
-
- /* Search for gosaAcls */
- $ldap->cd($cv['base']);
- $res = $ldap->search("(&(objectClass=gosaAccount)(|(objectClass=posixAccount)".
- "(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))");
- if(!$res){
- $this->checks['acls']['STATUS'] = FALSE;
- $this->checks['acls']['STATUS_MSG']= _("Ldap query failed.");
- $this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
- }elseif($ldap->count() == 0){
- $this->checks['acls']['STATUS'] = TRUE;
- $this->checks['acls']['STATUS_MSG']= _("Ok");
- }else{
- $this->checks['acls']['STATUS'] = FALSE;
- $this->checks['acls']['STATUS_MSG']= _("Failed");
- $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create adminitrational account")."'>";
- }
- return($ldap->count()>=1);
- }
/* Check ldap accessibility
}
+ /* Check Acls if there is at least one object with acls defined
+ */
+ function check_acls()
+ {
+ /* Establish ldap connection */
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Search for gosaAcls */
+ $ldap->cd($cv['base']);
+ $res = $ldap->search("(&(objectClass=gosaAccount)(|(objectClass=posixAccount)".
+ "(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))");
+ if(!$res){
+ $this->checks['acls']['STATUS'] = FALSE;
+ $this->checks['acls']['STATUS_MSG']= _("Ldap query failed.");
+ $this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+ }elseif($ldap->count()){
+ $this->checks['acls']['STATUS'] = TRUE;
+ $this->checks['acls']['STATUS_MSG']= _("Ok");
+ }else{
+ $this->checks['acls']['STATUS'] = FALSE;
+ $this->checks['acls']['STATUS_MSG']= _("Failed");
+ $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create adminitrational account")."'>";
+ }
+ return($ldap->count()>=1);
+ }
+
+
function get_user_list()
{
/* Get collected configuration settings */
}
}
}
+
+ function create_admin_user()
+ {
+ if(isset($_POST['new_user_password']) && !empty($_POST['new_user_password'])){
+ $pwd = $_POST['new_user_password'];
+ }else{
+ print_red(_("Please specify a valid password for the new GOsa admin user."));
+ return(FALSE);
+ }
+
+ /* Establish ldap connection */
+ $cv = $this->parent->captured_values;
+ $ldap = new LDAP($cv['admin'],
+ $cv['password'],
+ $cv['connection'],
+ FALSE,
+ $cv['tls']);
+
+ /* Get current base attributes */
+ $ldap->cd($cv['base']);
+
+ if($cv['peopledn'] == "cn"){
+ $dn = "cn=System Administrator,".$cv['peopleou'].",".$cv['base'];
+ }else{
+ $dn = "uid=admin,".$cv['peopleou'].",".$cv['base'];
+ }
+
+ $methods = @passwordMethod::get_available_methods_if_not_loaded();
+ $p_m = $methods[$cv['encryption']];
+ $p_c = new $p_m(array());
+ $hash = $p_c->generate_hash($pwd);
+
+ $new_user=array();
+ $new_user['objectClass']= array("gosaAccount","organizationalPerson","inetOrgPerson");
+ $new_user['givenName'] = "System";
+ $new_user['sn'] = "Administrator";
+ $new_user['cn'] = "System Administrator";
+ $new_user['uid'] = "admin";
+ $new_user['userPassword'] = $hash;
+
+ $ldap->cd($cv['base']);
+ $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$dn));
+ $ldap->cd($dn);
+ $res = $ldap->add($new_user);
+ $this->acl_create_selected = $dn;
+ $this->create_admin();
+
+ if(!$res){
+ print_red($ldap->get_error());
+ }
+
+ $this->acl_create_dialog=FALSE;
+ $this->check_acls();
+ }
+
function execute()
{
$this->initialize_checks();
$this->checks_initialised = TRUE;
}
-
- /* Permission check */
- $this->check_ldap_permissions();
-
+
/*************
* Root object check
*************/
$this->create_admin(TRUE);
}
+ if(isset($_POST['create_admin_user'])){
+ $this->create_admin_user();
+ }
+
if($this->acl_create_dialog){
$smarty = get_smarty();
+ $smarty->assign("new_user_password",@$_POST['new_user_password']);
$smarty->assign("users" ,$this->get_user_list());
+ $smarty->assign("users_cnt" ,count($this->get_user_list()));
$smarty->assign("groups",$this->get_group_list());
+ $smarty->assign("groups_cnt",count($this->get_group_list()));
$smarty->assign("type" ,$this->acl_create_type);
$smarty->assign("method","create_acls");
$smarty->assign("acl_create_selected",$this->acl_create_selected);
index 30ac7d651ae020c1dbe37224df04001b8eb20778..04718500a476ab44ae815aebf72b08646622cee3 100644 (file)
--- a/setup/setup_migrate.tpl
+++ b/setup/setup_migrate.tpl
<div>
<h1 style='color:red'>Style fixes necessary here ;-)</h1>
+ <div class='default'>
+
+ {if $method == "default"}
<p>
Create a reload for each entry later
<input type='submit' name='reload' value='{t}Reload{/t}'>
</p>
- <div class='default'>
-
- {if $method == "default"}
{foreach from=$checks item=val key=key}
<div class='step2_entry_name'><b>{$checks.$key.TITLE}</b></div>
{if $checks.$key.STATUS}
{else}
<b>{t}Create a new user and a group with adminstrational acls{/t}</b><br>
+ {t}To automatically add a new administrative user to your ldap database use the formular below.{/t}<br>
<p style='padding-left:10px;'>
- {t}To automatically add a new administrative user and group to your ldap database use the formular below.{/t}<br>
<table>
<tr>
<td>
- {t}User uid{/t}:
+ {t}Name{/t}:
</td>
<td>
- <input type='input' value='' name='new_user_uid'><br>
+ <i>System administrator</i>
</td>
- </tr>
+ <tr>
<tr>
<td>
- {t}User password{/t}:
+ {t}User ID{/t}:
</td>
<td>
- <input type='input' value='' name='new_user_password'><br>
+ <i>admin</i>
</td>
- </tr>
<tr>
+ </tr>
<td>
- {t}Group name{/t}:
+ {t}Password{/t}:
</td>
<td>
- <input type='input' value='' name='new_group_cn'>
+ <input type='input' value='{$new_user_password}' name='new_user_password'><br>
</td>
</tr>
- </table>
+ </table>
+ <input type='submit' name='create_admin_user' value='{t}Create{/t}'>
</p>
-
+
+ {if $users_cnt != 0 && $groups_cnt != 0}
+
<p> </p>
<b>{t}Append administrational acls to existing an user or a group{/t}</b><br>
Bla {t}To grant administrative permissions to a user or a group, select an element and use button below.{/t}
<input type='submit' name='create_acls_create' value='{t}Add administrational acls to this object{/t}'>
</p>
+ {/if}
{/if}