From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Fri, 27 Apr 2007 11:03:50 +0000 (+0000)
Subject: Added simple admin add function, not yet finished.
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=835eb6c0fa79389b190f0625fdaf6c17e51de822;p=gosa.git

Added simple admin add function, not yet finished.
Removed admin account check from index.php


git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@6203 594d385d-05f5-0310-b6e9-bd551577e9d8
---

diff --git a/html/index.php b/html/index.php
index 74ac18e9b..91ebe02ff 100644
--- a/html/index.php
+++ b/html/index.php
@@ -246,15 +246,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])){
     $ldap->create_missing_trees($config->current['CONFIG']);
   }
 
-  /* Check for at least one subtreeACL in the complete tree */
-  $ldap->cd($config->current['BASE']);
-  $ldap->search("(&(objectClass=gosaObject)(gosaSubtreeACL=:all))");
-  if ($ldap->count() < 1){
-#    print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
-#    displayLogin();
-#    exit();
-  }
-
   /* Check for valid input */
   $username= $_POST["username"];
   if (!ereg("^[A-Za-z0-9_.-]+$", $username)){
diff --git a/setup/class_setupStep_Migrate.inc b/setup/class_setupStep_Migrate.inc
index 5fd72d01d..ad1534b09 100644
--- a/setup/class_setupStep_Migrate.inc
+++ b/setup/class_setupStep_Migrate.inc
@@ -20,6 +20,8 @@
  */
 
 
+
+
 class Step_Migrate extends setup_step
 {
   var $languages      = array();
@@ -91,37 +93,6 @@ class Step_Migrate extends setup_step
     $this->check_acls();
   }
 
-  
-  /* Check Acls if there is at least one object with acls defined 
-   */
-  function check_acls()
-  {
-    /* Establish ldap connection */
-    $cv = $this->parent->captured_values;
-    $ldap = new LDAP($cv['admin'],
-        $cv['password'],
-        $cv['connection'],
-        FALSE,
-        $cv['tls']);
-
-    /* Search for gosaAcls */ 
-    $ldap->cd($cv['base']);
-    $res = $ldap->search("(&(objectClass=gosaAccount)(|(objectClass=posixAccount)".     
-                           "(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))");
-    if(!$res){
-      $this->checks['acls']['STATUS']    = FALSE;
-      $this->checks['acls']['STATUS_MSG']= _("Ldap query failed.");
-      $this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
-    }elseif($ldap->count() == 0){
-      $this->checks['acls']['STATUS']    = TRUE;
-      $this->checks['acls']['STATUS_MSG']= _("Ok");
-    }else{
-      $this->checks['acls']['STATUS']    = FALSE;
-      $this->checks['acls']['STATUS_MSG']= _("Failed");
-      $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create adminitrational account")."'>";
-    }
-    return($ldap->count()>=1);
-  }
 
 
   /* Check ldap accessibility 
@@ -432,6 +403,38 @@ class Step_Migrate extends setup_step
   }
 
 
+  /* Check Acls if there is at least one object with acls defined 
+   */
+  function check_acls()
+  {
+    /* Establish ldap connection */
+    $cv = $this->parent->captured_values;
+    $ldap = new LDAP($cv['admin'],
+        $cv['password'],
+        $cv['connection'],
+        FALSE,
+        $cv['tls']);
+
+    /* Search for gosaAcls */ 
+    $ldap->cd($cv['base']);
+    $res = $ldap->search("(&(objectClass=gosaAccount)(|(objectClass=posixAccount)".     
+                           "(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))");
+    if(!$res){
+      $this->checks['acls']['STATUS']    = FALSE;
+      $this->checks['acls']['STATUS_MSG']= _("Ldap query failed.");
+      $this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
+    }elseif($ldap->count()){
+      $this->checks['acls']['STATUS']    = TRUE;
+      $this->checks['acls']['STATUS_MSG']= _("Ok");
+    }else{
+      $this->checks['acls']['STATUS']    = FALSE;
+      $this->checks['acls']['STATUS_MSG']= _("Failed");
+      $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create adminitrational account")."'>";
+    }
+    return($ldap->count()>=1);
+  }
+
+
   function get_user_list()
   {
     /* Get collected configuration settings */
@@ -538,7 +541,62 @@ class Step_Migrate extends setup_step
       }
     }
   }
+ 
   
+  function create_admin_user()
+  {
+    if(isset($_POST['new_user_password']) && !empty($_POST['new_user_password'])){
+      $pwd = $_POST['new_user_password'];
+    }else{
+      print_red(_("Please specify a valid password for the new GOsa admin user."));
+      return(FALSE);
+    }
+    
+    /* Establish ldap connection */
+    $cv = $this->parent->captured_values;
+    $ldap = new LDAP($cv['admin'],
+        $cv['password'],
+        $cv['connection'],
+        FALSE,
+        $cv['tls']);
+
+    /* Get current base attributes */
+    $ldap->cd($cv['base']);
+  
+    if($cv['peopledn'] == "cn"){
+      $dn = "cn=System Administrator,".$cv['peopleou'].",".$cv['base'];
+    }else{
+      $dn = "uid=admin,".$cv['peopleou'].",".$cv['base'];
+    }
+
+    $methods = @passwordMethod::get_available_methods_if_not_loaded();
+    $p_m = $methods[$cv['encryption']];
+    $p_c = new $p_m(array());
+    $hash = $p_c->generate_hash($pwd);
+
+    $new_user=array();
+    $new_user['objectClass']= array("gosaAccount","organizationalPerson","inetOrgPerson");
+    $new_user['givenName']  = "System";
+    $new_user['sn']  = "Administrator";
+    $new_user['cn']  = "System Administrator";
+    $new_user['uid'] = "admin";
+    $new_user['userPassword'] = $hash;
+    
+    $ldap->cd($cv['base']);
+    $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$dn));
+    $ldap->cd($dn);  
+    $res = $ldap->add($new_user);
+    $this->acl_create_selected = $dn;
+    $this->create_admin();
+    
+    if(!$res){
+      print_red($ldap->get_error());
+    }
+  
+    $this->acl_create_dialog=FALSE;        
+    $this->check_acls();
+  }
+ 
 
   function execute()
   {
@@ -547,10 +605,7 @@ class Step_Migrate extends setup_step
       $this->initialize_checks();
       $this->checks_initialised = TRUE;
     }
-
-    /* Permission check */
-    $this->check_ldap_permissions();
-  
+ 
     /*************
      * Root object check  
      *************/
@@ -585,10 +640,17 @@ class Step_Migrate extends setup_step
       $this->create_admin(TRUE);
     }
 
+    if(isset($_POST['create_admin_user'])){
+      $this->create_admin_user();
+    }
+
     if($this->acl_create_dialog){
       $smarty = get_smarty();
+      $smarty->assign("new_user_password",@$_POST['new_user_password']);
       $smarty->assign("users" ,$this->get_user_list());
+      $smarty->assign("users_cnt" ,count($this->get_user_list()));
       $smarty->assign("groups",$this->get_group_list());
+      $smarty->assign("groups_cnt",count($this->get_group_list()));
       $smarty->assign("type"  ,$this->acl_create_type);
       $smarty->assign("method","create_acls");
       $smarty->assign("acl_create_selected",$this->acl_create_selected);
diff --git a/setup/setup_migrate.tpl b/setup/setup_migrate.tpl
index 30ac7d651..04718500a 100644
--- a/setup/setup_migrate.tpl
+++ b/setup/setup_migrate.tpl
@@ -1,15 +1,15 @@
 <div>
 
 	<h1 style='color:red'>Style fixes necessary here ;-)</h1>
+    <div class='default'>
+
+		{if $method == "default"}
 
 	<p>	
 		Create a reload for each entry later 
 		<input type='submit' name='reload' value='{t}Reload{/t}'>
 	</p>
 
-    <div class='default'>
-
-		{if $method == "default"}
 			{foreach from=$checks item=val key=key}
 				<div class='step2_entry_name'><b>{$checks.$key.TITLE}</b></div>
 				{if $checks.$key.STATUS}
@@ -45,36 +45,39 @@
 		{else}
 		<b>{t}Create a new user and a group with adminstrational acls{/t}</b><br>
 	
+			{t}To automatically add a new administrative user to your ldap database use the formular below.{/t}<br>
 			<p style='padding-left:10px;'>
-			{t}To automatically add a new administrative user and group to your ldap database use the formular below.{/t}<br>
 			<table>
 				<tr>
 					<td>
-						{t}User uid{/t}:&nbsp;
+						{t}Name{/t}:&nbsp;
 					</td>
 					<td>
-						<input type='input' value='' name='new_user_uid'><br>
+						<i>System administrator</i>
 					</td>
-				</tr>
+				<tr>
 				<tr>
 					<td>
-						{t}User password{/t}:&nbsp;
+						{t}User ID{/t}:&nbsp;
 					</td>
 					<td>
-						<input type='input' value='' name='new_user_password'><br>
+						<i>admin</i>
 					</td>
-				</tr>
 				<tr>
+				</tr>
 					<td>
-						{t}Group name{/t}:&nbsp;
+						{t}Password{/t}:&nbsp;
 					</td>
 					<td>
-						<input type='input' value='' name='new_group_cn'>
+						<input type='input' value='{$new_user_password}' name='new_user_password'><br>
 					</td>
 				</tr>
-			</table>	
+			</table>
+			<input type='submit' name='create_admin_user' value='{t}Create{/t}'>	
 			</p>
-
+			
+			{if $users_cnt != 0 && $groups_cnt != 0}
+			
 			<p>&nbsp;</p>
 			<b>{t}Append administrational acls to existing an user or a group{/t}</b><br>
 			Bla {t}To grant administrative permissions to a user or a group, select an element and use button below.{/t}
@@ -98,6 +101,7 @@
 
 				<input type='submit' name='create_acls_create' value='{t}Add administrational acls to this object{/t}'>
 			</p>
+			{/if}
 		{/if}
 
 

- {t}User uid{/t}: + {t}Name{/t}:	- + System administrator
- {t}User password{/t}: + {t}User ID{/t}:	- + admin
- {t}Group name{/t}: + {t}Password{/t}:	- +