Made auth_mail a boolean value.

If true allow login with mail too

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@7695 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/FAQ b/FAQ
index a6332bb5da2f9133606530bc79e2fde4fc72d4ee..082db56ad3604c637565742e466559d71e9c5373 100644 (file)
--- a/FAQ
+++ b/FAQ
@@ -417,13 +417,7 @@ Q: Is it possible to login with the users mail address too?
 
 A: Yes, just add the following line to your gosa.conf:
    <location ...
-       login_attribute="mail"
-   ...>
-
-       or for both, uid and mail:
-
-   <location ...
-       login_attribute="uid,mail"
+       auth_mail="true"
    ...>
 
 

diff --git a/contrib/gosa.conf b/contrib/gosa.conf
index 33212f59a1eb9ddebb80b923fd90a19a261a728c..7f96d76f74577c142ad819c5a83ee0b5b2cf69db 100644 (file)
--- a/contrib/gosa.conf
+++ b/contrib/gosa.conf
@@ -452,10 +452,10 @@
                        groups="{$cv.groupou}"
                        gidbase="{$cv.uidbase}"
                        uidbase="{$cv.uidbase}"
-{if $cv.optional.login_attribute}
-                       login_attribute="{$cv.optional.login_attribute}"
+{if $cv.optional.auth_mail}
+                       auth_mail="true"
 {else}
-                       login_attribute="uid"
+                       auth_mail="false"
 {/if}
 {if $cv.optional.strict_units}
                        strict_units="true"

diff --git a/include/functions.inc b/include/functions.inc
index 0de2bcfc11821c2eb49de7348eaee0929d722b96..cc724f8a62807467cc5b295ac272ba36fa7dbcac 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -311,28 +311,19 @@ function ldap_login_user ($username, $password)
     echo "<body>".$_SESSION['errors']."</body></html>";
     exit();
   }
-  $ldap->cd($config->current['BASE']);
-  $allowed_attributes = array("uid","mail");
-  $verify_attr = array();
-  if(isset($config->current['LOGIN_ATTRIBUTE'])){
-    $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']); 
-    foreach($tmp as $attr){
-      if(in_array($attr,$allowed_attributes)){
-        $verify_attr[] = $attr;
-      }
-    }
-  }
-  if(count($verify_attr) == 0){
-    $verify_attr = array("uid");
+
+  /* Check if mail address is also a valid auth name */
+  $auth_mail = FALSE;
+  if(isset($config->current['AUTH_MAIL']) && preg_match("/true/",$config->current['AUTH_MAIL'])){
+    $auth_mail = TRUE;
   }
-  $tmp= $verify_attr;
-  $tmp[] = "uid";
-  $filter = "";
-  foreach($verify_attr as $attr) {
-    $filter.= "(".$attr."=".$username.")";
+
+  $ldap->cd($config->current['BASE']);
+  if(!$auth_mail){
+    $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
+  }else{
+    $ldap->search("(&(|(uid=".$username.")(mail=".$username."))(objectClass=gosaAccount))", array("uid","mail"));
   }
-  $filter = "(&(|".$filter.")(objectClass=gosaAccount))";
-  $ldap->search($filter,$tmp);
 
   /* get results, only a count of 1 is valid */
   switch ($ldap->count()){
@@ -352,14 +343,14 @@ function ldap_login_user ($username, $password)
 
   /* LDAP schema is not case sensitive. Perform additional check. */
   $attrs= $ldap->fetch();
-  $success = FALSE;
-  foreach($verify_attr as $attr){
-    if ($attrs[$attr][0] == $username){
-      $success = TRUE;
+  if($auth_mail){
+    if ($attrs['uid'][0] != $username && $attrs['mail'][0] != $username){
+      return(NULL);
+    }
+  }else{
+    if ($attrs['uid'][0] != $username){
+      return(NULL);
     }
-  }
-  if(!$success){
-    return(FALSE);
   }
 
   /* got user dn, fill acl's */

diff --git a/setup/class_setupStep_Config3.inc b/setup/class_setupStep_Config3.inc
index cc2307b5cd6953f1db869fd6ce88aea3d6310933..13415175bb73029a70968bc66332ce50a3f756a7 100644 (file)
--- a/setup/class_setupStep_Config3.inc
+++ b/setup/class_setupStep_Config3.inc
@@ -26,11 +26,8 @@ class Step_Config3 extends setup_step
 
   var $errorlvl   = TRUE;
 
-  var $login_attributes = array("uid"       => "uid", 
-                                "mail"      => "mail",
-                                "uid,mail"  => "both");
   var $optional = array(
-              "login_attribute" => "uid",
+              "auth_mail" => "false",
               "strict_units" => false,
               "list_summary" => false,
               "forceglobals" => true,
@@ -87,7 +84,6 @@ class Step_Config3 extends setup_step
     foreach($this->attributes as $attr){
       $smarty->assign($attr,$this->$attr);
     }
-    $smarty->assign("login_attributes",$this->login_attributes);
     return($smarty -> fetch (get_template_path("../setup/setup_config3.tpl")));
   }
 
@@ -103,7 +99,7 @@ class Step_Config3 extends setup_step
         }
       }
       
-      foreach(array("login_attribute","list_summary","strict_units","noprimarygroup","forceglobals","forcessl","ldapstats","warnssl","snmpcommunity","compile","debuglevel","session_lifetime") as $name){
+      foreach(array("auth_mail","list_summary","strict_units","noprimarygroup","forceglobals","forcessl","ldapstats","warnssl","snmpcommunity","compile","debuglevel","session_lifetime") as $name){
         if(isset($_POST[$name])){
           $this->optional[$name] = get_post($name);
         }

diff --git a/setup/setup_config3.tpl b/setup/setup_config3.tpl
index 1db42f49e1106d80ac26ec35c201a30745f18782..6a65f7a08a5b8e20637117eee10d90379b92c44e 100644 (file)
--- a/setup/setup_config3.tpl
+++ b/setup/setup_config3.tpl
@@ -165,11 +165,11 @@
     <p><b>{t}Login and session{/t}</b></p>
     <div class='step4_container'>
         <div class='step4_name'>
-            {t}Login attribute{/t}
+            {t}Allow login with users mail address{/t}
         </div>
         <div class='step4_value'>
-            <select name="login_attribute" size="1" title="">
-               {html_options options=$login_attributes selected=$optional.login_attribute}
+            <select name="auth_mail" size="1" title="">
+               {html_options options=$bool selected=$optional.auth_mail}
             </select>
         </div>
     </div>