From 9d8d0d8efc79547202f2d9271b9afda5d95fdbab Mon Sep 17 00:00:00 2001 From: hickert Date: Tue, 12 Jan 2010 10:16:06 +0000 Subject: [PATCH] Allow to change password again git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@15151 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../admin/systems/class_systemManagement.inc | 109 ++++++++++++++++++ 1 file changed, 109 insertions(+) diff --git a/gosa-plugins/systems/admin/systems/class_systemManagement.inc b/gosa-plugins/systems/admin/systems/class_systemManagement.inc index 9bc5b486c..1f0c472b8 100644 --- a/gosa-plugins/systems/admin/systems/class_systemManagement.inc +++ b/gosa-plugins/systems/admin/systems/class_systemManagement.inc @@ -123,6 +123,8 @@ class systemManagement extends management $this->registerAction("new_ieee802Device", "newEntry"); $this->registerAction("new_FAKE_OC_OpsiHost", "newEntry"); + $this->registerAction("setPassword", "setPassword"); + $this->registerAction("passwordChangeConfirmed", "passwordChangeConfirmed"); // Add copy&paste and snapshot handler. if ($this->config->boolValueIsTrue("main", "copyPaste")){ @@ -148,6 +150,111 @@ class systemManagement extends management } + function setPassword($action,$target) + { + if(count($target) == 1){ + $tDefs= $this->getObjectDefinitions(); + $headpage = $this->getHeadpage(); + $dn = array_pop($target); + $type = $headpage->getType($dn); + $entry = $headpage->getEntry($dn); + $ui = get_userinfo(); + $smarty = get_smarty(); + if(in_array("FAKE_OC_PWD_changeAble", $entry['objectClass'])){ + $acl = $tDefs[$type]['aclCategory'].'/'.$tDefs[$type]['aclClass']; + $tabacl = $ui->get_permissions($dn,$acl,"userPassword"); + if(preg_match("/w/",$tabacl)){ + $this->dn= $dn; + set_object_info($this->dn); + return ($smarty->fetch(get_template_path('password.tpl', TRUE))); + }else{ + msg_dialog::display(_("Permission error"), _("You have no permission to change this password!"), ERROR_DIALOG); + } + } + } + } + + + function passwordChangeConfirmed() + { + $tDefs= $this->getObjectDefinitions(); + $headpage = $this->getHeadpage(); + $type = $headpage->getType($this->dn); + $entry = $headpage->getEntry($this->dn); + $ui = get_userinfo(); + $smarty = get_smarty(); + + if(!in_array('FAKE_OC_PWD_changeAble', $entry['objectClass'])){ + trigger_error("Tried to change pwd, for invalid object!"); + }elseif ($_POST['new_password'] != $_POST['repeated_password']){ + msg_dialog::display(_("Error"), + _("The passwords you've entered as 'New password' and 'Repeated password' do not match!"), ERROR_DIALOG); + return($smarty->fetch(get_template_path('password.tpl', TRUE))); + }else{ + $acl = $tDefs[$type]['aclCategory'].'/'.$tDefs[$type]['aclClass']; + $tabacl = $ui->get_permissions($this->dn,$acl,"userPassword"); + + // Check acls + if(!preg_match("/w/",$tabacl)){ + msg_dialog::display(_("Permission error"), _("You have no permission to change this password!"), ERROR_DIALOG); + }else{ + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->dn); + $ldap->cat($this->dn); + $old_attrs = $ldap->fetch(); + + $attrs= array(); + if ($_POST['new_password'] == ""){ + + /* Remove password attribute + */ + if(in_array("simpleSecurityObject",$old_attrs['objectClass'])){ + $attrs['objectClass'] = array(); + for($i = 0 ; $i < $old_attrs['objectClass']['count'] ; $i ++){ + if(!preg_match("/simpleSecurityObject/i",$old_attrs['objectClass'][$i])){ + $attrs['objectClass'][] = $old_attrs['objectClass'][$i]; + } + } + } + $attrs['userPassword']= array(); + } else { + + /* Add/modify password attribute + */ + if(!in_array("simpleSecurityObject",$old_attrs['objectClass'])){ + $attrs['objectClass'] = array(); + for($i = 0 ; $i < $old_attrs['objectClass']['count'] ; $i ++){ + $attrs['objectClass'][] = $old_attrs['objectClass'][$i]; + } + $attrs['objectClass'][] = "simpleSecurityObject"; + } + + if(class_available("passwordMethodCrypt")){ + $pwd_m = new passwordMethodCrypt($this->config); + $pwd_m->set_hash("crypt/md5"); + $attrs['userPassword'] = $pwd_m->generate_hash($_POST['new_password']); + }else{ + msg_dialog::display(_("Password method"),_("Password method crypt is missing. Cannot set system password.")); + $attrs = array(); + } + } + $ldap->modify($attrs); + if (!$ldap->success()){ + msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_MOD, $type)); + }else{ + if(class_available($tDefs[$type]['plugClass'])){ + $plug = $tDefs[$type]['plugClass']; + $p = new $plug($this->config,$this->dn); + $p->handle_post_events("modify"); + } + } + new log("security","systems/".get_class($this),$this->dn,array_keys($attrs),$ldap->get_error()); + } + set_object_info(); + } + } + + function createISO($action,$target) { if(count($target) == 1){ @@ -871,6 +978,8 @@ class systemManagement extends management if(isset($_POST['cd_create'])) $action['action'] = "initiateISOcreation"; if(isset($_GET['PerformIsoCreation'])) $action['action'] = "performIsoCreation"; if(isset($_POST['SystemTypeAborted'])) $action['action'] = "cancel"; + if(isset($_POST['password_cancel'])) $action['action'] = "cancel"; + if(isset($_POST['password_finish'])) $action['action'] = "passwordChangeConfirmed"; if(isset($_POST['new_goServer'])) $action['action'] = "new_goServer"; if(isset($_POST['new_gotoWorkstation'])) $action['action'] = "new_gotoWorkstation"; -- 2.30.2