From 27ce20a52476037e26cc02fa6c90044add04c79a Mon Sep 17 00:00:00 2001 From: hickert Date: Thu, 20 Jul 2006 11:41:54 +0000 Subject: [PATCH] ACLs for posixAccount. NOT finished yet git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4258 594d385d-05f5-0310-b6e9-bd551577e9d8 --- plugins/personal/posix/class_posixAccount.inc | 163 +++++++++--------- plugins/personal/posix/generic.tpl | 26 ++- plugins/personal/posix/posix_shadow.tpl | 6 +- 3 files changed, 96 insertions(+), 99 deletions(-) diff --git a/plugins/personal/posix/class_posixAccount.inc b/plugins/personal/posix/class_posixAccount.inc index c56e30502..2d4bc797e 100644 --- a/plugins/personal/posix/class_posixAccount.inc +++ b/plugins/personal/posix/class_posixAccount.inc @@ -50,7 +50,7 @@ class posixAccount extends plugin var $use_shadowWarning= "0"; var $use_shadowInactive= "0"; var $use_shadowExpire= "0"; - var $must_change_password= "0"; + var $mustchangepassword= "0"; var $force_ids= 0; var $printerList= array(); var $group_dialog= FALSE; @@ -68,7 +68,7 @@ class posixAccount extends plugin /* attribute list for save action */ var $CopyPasteVars = array("grouplist","groupMembership","use_shadowMin","use_shadowMax", - "use_shadowWarning","use_shadowInactive","use_shadowExpire","must_change_password", + "use_shadowWarning","use_shadowInactive","use_shadowExpire","mustchangepassword", "force_ids","printerList","grouplist","savedGidNumber","savedUidNumber","savedGroupMembership"); var $attributes = array("homeDirectory", "loginShell", "uidNumber", "gidNumber", "gecos", @@ -294,20 +294,22 @@ class posixAccount extends plugin if (isset($_POST['add_groups_finish']) && isset($_POST['groups']) && count($_POST['groups'])){ - if (chkacl ($this->acl, "memberUid") == ""){ - $this->addGroup ($_POST['groups']); - $this->is_modified= TRUE; - } + /* FIX ME put the acl check into addGroup function*/ + #if (chk acl ($this->acl, "memberUid") == ""){ + # $this->addGroup ($_POST['groups']); + # $this->is_modified= TRUE; + #} } /* Delete selected groups */ if (isset($_POST['delete_groupmembership']) && isset($_POST['group_list']) && count($_POST['group_list'])){ - if (chkacl ($this->acl, "memberUid") == ""){ - $this->delGroup ($_POST['group_list']); - $this->is_modified= TRUE; - } + /* FIX ME put the acl check into addGroup function*/ + #if (chk acl ($this->acl, "memberUid") == ""){ + # $this->delGroup ($_POST['group_list']); + # $this->is_modified= TRUE; + #} } /* Add user workstation? */ @@ -434,24 +436,39 @@ class posixAccount extends plugin /* Depending on pwmode, currently hardcoded because there are no other methods */ if ( 1 == 1 ){ $smarty->assign("pwmode", dirname(__FILE__)."/posix_shadow"); - $shadowMinACL= chkacl($this->acl, "shadowMin"); - $smarty->assign("shadowmins", sprintf(_("Password can't be changed up to %s days after last change"), "shadowMin."\">")); - $shadowMaxACL= chkacl($this->acl, "shadowMax"); - $smarty->assign("shadowmaxs", sprintf(_("Password must be changed after %s days"), "shadowMax."\">")); - $shadowInactiveACL= chkacl($this->acl, "shadowInactive"); - $smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiery"), "shadowInactive."\">")); - $shadowWarningACL= chkacl($this->acl, "shadowWarning"); - $smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiery"), "shadowWarning."\">")); - foreach( array("must_change_password", "use_shadowMin", "use_shadowMax", - "use_shadowExpire", "use_shadowInactive", - "use_shadowWarning") as $val){ + + $shadowMinACL = $this->getacl("shadowMin"); + $smarty->assign("shadowmins", sprintf(_("Password can't be changed up to %s days after last change"), + "shadowMin."\">")); + + $shadowMaxACL = $this->getacl("shadowMax"); + $smarty->assign("shadowmaxs", sprintf(_("Password must be changed after %s days"), + "shadowMax."\">")); + + $shadowInactiveACL= $this->getacl("shadowInactive"); + $smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiery"), + "shadowInactive."\">")); + + $shadowWarningACL = $this->getacl("shadowWarning"); + $smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiery"), + "shadowWarning."\">")); + + foreach( array("use_shadowMin", "use_shadowMax", + "use_shadowExpire", "use_shadowInactive","use_shadowWarning") as $val){ if ($this->$val == 1){ $smarty->assign("$val", "checked"); } else { $smarty->assign("$val", ""); } - $smarty->assign("$val"."ACL", chkacl($this->acl, $val)); + $smarty->assign("$val"."ACL", $this->getacl($val)); } + + if($this->mustchangepassword){ + $smarty->assign("mustchangepassword", "checked"); + } else { + $smarty->assign("mustchangepassword", ""); + } + $smarty->assign("mustchangepasswordACL", $this->getacl("mustchangepassword")); } /* Fill calendar */ @@ -508,44 +525,38 @@ class posixAccount extends plugin } $smarty->assign("force_ids", ""); } - $smarty->assign("force_idsACL", chkacl($this->acl, "force_ids")); + + + + $smarty->assign("force_idsACL", $this->getacl("uidNumber").$this->getacl("gidNumber")); /* Load attributes and acl's */ foreach($this->attributes as $val){ - if((chkacl($this->acl,$val)=="")&&(($_SESSION["js"])&&(($val=="uidNumber")||($val=="gidNumber")))) + if(($_SESSION["js"])&&(($val=="uidNumber")||($val=="gidNumber"))) { - $smarty->assign("$val"."ACL",""); + $smarty->assign("$val"."ACL",$this->getacl($val)); $smarty->assign("$val", $this->$val); continue; } $smarty->assign("$val", $this->$val); - $smarty->assign("$val"."ACL", chkacl($this->acl,$val)); + $smarty->assign("$val"."ACL", $this->getacl($val)); } - $smarty->assign("groupMembershipACL", chkacl($this->acl, "groupMembership")); + $smarty->assign("groupMembershipACL","rw");// $this->getacl("groupMembership")); $smarty->assign("status", $this->status); /* Work on trust modes */ - $smarty->assign("trustmodeACL", chkacl($this->acl, "trustmode")); + $smarty->assign("trustmodeACL", $this->getacl("trustModel")); if ($this->trustModel == "fullaccess"){ $trustmode= 1; // pervent double disable tag in html code, this will disturb our clean w3c html - - if(chkacl($this->acl, "trustmode")==""){ - $smarty->assign("trusthide", "disabled"); - }else{ - $smarty->assign("trusthide", ""); - } + $smarty->assign("trustmode", $this->getacl("trustModel")); } elseif ($this->trustModel == "byhost"){ $trustmode= 2; $smarty->assign("trusthide", ""); } else { // pervent double disable tag in html code, this will disturb our clean w3c html - if(chkacl($this->acl, "trustmode")==""){ - $smarty->assign("trusthide", "disabled"); - }else{ - $smarty->assign("trusthide", ""); - } + $smarty->assign("trustmode", $this->getacl("trustModel")); $trustmode= 0; } $smarty->assign("trustmode", $trustmode); @@ -622,41 +633,34 @@ class posixAccount extends plugin /* Save values to object */ plugin::save_object(); - /* Save force GID attribute */ - if (chkacl ($this->acl, "force_ids") == ""){ - if (isset ($_POST['force_ids'])){ - $data= 1; - } else { - $data= 0; - } - if ($this->force_ids != $data){ - $this->is_modified= TRUE; - } - $this->force_ids= $data; - - $data= $_POST['primaryGroup']; - if ($this->primaryGroup != $data){ - $this->is_modified= TRUE; - } - $this->primaryGroup= $_POST['primaryGroup']; + /* Save force GID checkbox */ + if (isset ($_POST['force_ids'])){ + $data= 1; + } else { + $data= 0; } + if ($this->force_ids != $data){ + $this->is_modified= TRUE; + } + $this->force_ids= $data; + - /* Save pwmode dependent attributes, curently hardcoded because there're - no alternatives */ - if (1 == 1){ - foreach( array("must_change_password", "use_shadowMin", "use_shadowMax", - "use_shadowExpire", "use_shadowInactive", - "use_shadowWarning") as $val){ - if (chkacl($this->acl, "$val") == ""){ - if (isset ($_POST[$val])){ - $data= 1; - } else { - $data= 0; - } - if ($data != $this->$val){ - $this->is_modified= TRUE; - } - $this->$val= $data; + /*Save primary group settings */ + $data= $_POST['primaryGroup']; + if ($this->primaryGroup != $data){ + $this->is_modified= TRUE; + } + $this->primaryGroup= $_POST['primaryGroup']; + + foreach(array("shadowMin","shadowMax","shadowExpire","shadowInactive","shadowWarning","mustchangepassword") as $var) { + if($this->acl_is_writeable($var)){ + $use_var = "use_".$var; + if(isset($_POST['use_'.$var])){ + $this->$use_var = true; + $this->$var = $_POST['shadowMin']; + }else{ + $this->$use_var = false; + $this->$var = 0; } } } @@ -719,7 +723,7 @@ class posixAccount extends plugin if (!$this->use_shadowMax){ $this->shadowMax= "0"; } - if ($this->must_change_password){ + if ($this->mustchangepassword){ $this->shadowLastChange= (int)(date("U") / 86400) - $this->shadowMax - 1; } else { $this->shadowLastChange= (int)(date("U") / 86400); @@ -768,7 +772,7 @@ class posixAccount extends plugin $this->shadowMin = ""; } - if (($this->use_shadowMax != "1") && ($this->must_change_password != "1")) { + if (($this->use_shadowMax != "1") && ($this->mustchangepassword != "1")) { $this->shadowMax = ""; } @@ -1231,23 +1235,20 @@ class posixAccount extends plugin "plOptions" => array(), "plProvidedAcls" => array( + "homeDirectory" => _("Home directory"), + "loginShell" => _("Shell"), "uidNumber" => _("User ID"), "gidNumber" => _("Group ID"), - "homeDirectory" => _("Home directory"), - "primaryGroup" => _("Primary group"), - "loginShell" => _("Shell"), + "mustchangepassword"=> _("Force password change on login"), "shadowMin" => _("Shadow min"), "shadowMax" => _("Shadow max"), "shadowWarning" => _("Shadow warning"), "shadowInactive" => _("Shadow inactive"), - "shadowLastChange" => _("Shadow last change"), - "shadowExpire" => _("Shadow expire"), - "accessTo" => _("System trust"), "trustModel" => _("System trust model"))) - ) ; + ); } } diff --git a/plugins/personal/posix/generic.tpl b/plugins/personal/posix/generic.tpl index d765e9c62..27ec82fbd 100644 --- a/plugins/personal/posix/generic.tpl +++ b/plugins/personal/posix/generic.tpl @@ -39,7 +39,7 @@ @@ -51,7 +51,7 @@ @@ -78,16 +78,16 @@ {t}(Warning: more than 16 groups are not supported by NFS!){/t}
{/if} - {render acl=$gidNumberACL} + {render acl=$groupMembershipACL} {/render}
- {render acl=$gidNumberACL} + {render acl=$groupMembershipACL}   {/render} - {render acl=$gidNumberACL} + {render acl=$groupMembershipACL} {/render} @@ -108,13 +108,13 @@ diff --git a/plugins/personal/posix/posix_shadow.tpl b/plugins/personal/posix/posix_shadow.tpl index c489d2116..bd7862c6d 100644 --- a/plugins/personal/posix/posix_shadow.tpl +++ b/plugins/personal/posix/posix_shadow.tpl @@ -3,8 +3,8 @@
- {render acl=$gidNumberACL} + {render acl=$force_idsACL} {/render} - {render acl=$gidNumberACL} + {render acl=$uidNumberACL} {/render}

{t}System trust{/t}

{t}Trust mode{/t}  - {render acl=$gidNumberACL} + {render acl=$trustmodeACL} {/render} - {render acl=$gidNumberACL} - {html_options values=$workstations output=$workstations} {if $emptyArrAccess} @@ -122,13 +122,11 @@ {/render}
- {render acl=$gidNumberACL} -   + {render acl=$trustmodeACL} +   {/render} - {render acl=$gidNumberACL} - + {render acl=$trustmodeACL} + {/render}
-{render acl=$must_change_passwordACL} - +{render acl=$mustchangepasswordACL} + {/render} {t}User must change password on first login{/t}
@@ -46,8 +46,6 @@ -{/render} -{render acl=$must_change_passwordACL} {/render}
-- 2.30.2