![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ab8c183)
raw | patch | inline | side by side (parent: ab8c183)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Thu, 10 Apr 2008 08:46:56 +0000 (08:46 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Thu, 10 Apr 2008 08:46:56 +0000 (08:46 +0000) |
-Allow password change for all hosts.
-user simpleSecurityObject->userpassword for this
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@10311 594d385d-05f5-0310-b6e9-bd551577e9d8
-user simpleSecurityObject->userpassword for this
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@10311 594d385d-05f5-0310-b6e9-bd551577e9d8
| gosa-plugins/systems/admin/systems/class_divListSystem.inc | patch | blob | history | |
| gosa-plugins/systems/admin/systems/class_systemManagement.inc | patch | blob | history |
diff --git a/gosa-plugins/systems/admin/systems/class_divListSystem.inc b/gosa-plugins/systems/admin/systems/class_divListSystem.inc
index f40791a4dcbe38b86f7647236807391fd39e6933..131534595774262d6634f3424eb50a72818f26a6 100644 (file)
$display= $val["cn"][0].$dsc;
}
-
/* Check if this is a terminal/workstation && if we are allowed to change the gotoRootPasswd */
- $pwd_acl ="";
- if(in_array("gotoWorkstation",$val['objectClass'])){
- $pwd_acl = $ui->get_permissions($val['dn'],"workstation/workgeneric","gotoRootPasswd");
- }
- if(in_array("gotoTerminal",$val['objectClass'])){
- $pwd_acl = $ui->get_permissions($val['dn'],"terminal/termgeneric","gotoRootPasswd");
- }
- if(preg_match("/w/",$pwd_acl)){
- $action2 = "<input class='center' type='image' src='images/certs.png' alt='"._("Password")."' name='system_setpwd_%KEY%' title='"._("Set root password")."'>";
+ $display_key_for = array("terminal","workstation","server","component");
+ $pwd_acl = $ui->get_permissions($val['dn'],$tabs[$type]['ACL'],"userPassword");
+ if(preg_match("/w/",$pwd_acl) && in_array($type,$display_key_for)){
+ $action2 = "<input class='center' type='image' src='images/certs.png' alt='"._("Password")."' name='system_setpwd_%KEY%' title='"._("Set password")."'>";
}else{
$action2 = $empty;
}
-
if(in_array("gotoWorkstation",$val['objectClass'])){
$action2= "<input class='center' type='image' src='images/cdrom.png' alt='"._("Create CD")."'
name='gen_cd_%KEY%' title='"._("Create FAI CD")."'> ".$action2;
diff --git a/gosa-plugins/systems/admin/systems/class_systemManagement.inc b/gosa-plugins/systems/admin/systems/class_systemManagement.inc
index f56f05f78418e0998acf4416d83275d387969bc0..e25a930bdc7d855c5cfea1d902dcb767a9363490 100644 (file)
/* Set terminals root password */
if ($s_action=="change_pw"){
$tabs = array(
- "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"),
- "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation"));
+ "ArpNewDevice"=> array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "incoming/systems"),
+ "NewDevice" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "incoming/systems"),
+ "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"),
+ "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"),
+ "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"),
+ "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"),
+ "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"),
+ "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric"));
+ $dn = $this->terminals[$s_entry]['dn'];
$type = $this->get_system_type($this->terminals[$s_entry]);
+
$class = $tabs[$type]["CLASS"];
- $tabname = $tabs[$type]["TABNAME"];
- $acl_cat = $tabs[$type]["ACL"];
+ $acl = $tabs[$type]["ACL"];
$tabclass = $tabs[$type]["TABCLASS"];
$ui = get_userinfo();
- $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd");
+ $tabacl = $ui->get_permissions($dn,$acl,"userPassword");
if(preg_match("/w/",$tabacl)){
$this->dn= $this->terminals[$s_entry]['dn'];
session::set('objectinfo',$this->dn);
/* Check if user is allowed to set password */
$tabs = array(
- "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"),
- "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation"));
+ "ArpNewDevice"=> array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "incoming/systems"),
+ "NewDevice" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "incoming/systems"),
+ "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"),
+ "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"),
+ "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"),
+ "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"),
+ "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"),
+ "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric"));
/* Detect object type */
$type = "";
foreach($this->terminals as $terminal){
if($terminal['dn'] == $this->dn){
- $type = $this->get_system_type($terminal);
+ $type = $this->get_system_type($terminal);
break;
}
}
/* Get infos */
$class = $tabs[$type]["CLASS"];
- $tabname = $tabs[$type]["TABNAME"];
- $acl_cat = $tabs[$type]["ACL"];
+ $acl = $tabs[$type]["ACL"];
$tabclass = $tabs[$type]["TABCLASS"];
/* Get acls */
$ui = get_userinfo();
- $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd");
+ $tabacl = $ui->get_permissions($this->dn,$acl,"userPassword");
/* Check acls */
if(preg_match("/w/",$tabacl)){
$ldap = $this->config->get_ldap_link();
$ldap->cd($this->dn);
+ $ldap->cat($this->dn);
+ $old_attrs = $ldap->fetch();
$attrs= array();
if ($_POST['new_password'] == ""){
- $attrs['gotoRootPasswd']= array();
+
+ /* Remove password attribute
+ */
+ if(in_array("simpleSecurityObject",$old_attrs['objectClass'])){
+ $attrs['objectClass'] = array();
+ for($i = 0 ; $i < $old_attrs['objectClass']['count'] ; $i ++){
+ if(!preg_match("/simpleSecurityObject/i",$old_attrs['objectClass'][$i])){
+ $attrs['objectClass'][] = $old_attrs['objectClass'][$i];
+ }
+ }
+ }
+ $attrs['userPassword']= array();
} else {
- $attrs['gotoRootPasswd']= crypt($_POST['new_password'],substr(session_id(),0,2));
+
+ /* Add/modify password attribute
+ */
+ if(!in_array("simpleSecurityObject",$old_attrs['objectClass'])){
+ $attrs['objectClass'] = array();
+ for($i = 0 ; $i < $old_attrs['objectClass']['count'] ; $i ++){
+ $attrs['objectClass'][] = $old_attrs['objectClass'][$i];
+ }
+ $attrs['objectClass'][] = "simpleSecurityObject";
+ }
+
+ if(class_available("passwordMethodCrypt")){
+ $pwd_m = new passwordMethodCrypt($this->config);
+ $pwd_m->set_hash("crypt/md5");
+ $attrs['userPassword'] = $pwd_m->generate_hash($_POST['new_password']);
+ }else{
+ msg_dialog::display(_("Password method"),_("Password method crypt is missing. Cannot set system password."));
+ $attrs = array();
+ }
}
$ldap->modify($attrs);
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_MOD, get_class()));
+ }
+
new log("security","systems/".get_class($this),$this->dn,array_keys($attrs),$ldap->get_error());
}else{
msg_dialog::display(_("Permission error"), _("You have no permission to change this password!"), ERROR_DIALOG);