From be408324ef11c1e3de47f78ce9e28955040434d1 Mon Sep 17 00:00:00 2001 From: cajus Date: Tue, 1 Sep 2009 09:47:35 +0000 Subject: [PATCH] Added possibility to define the users RDN more freely. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@14185 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/contrib/gosa.conf.5 | 19 ++++ gosa-core/include/class_plugin.inc | 34 ++++++++ .../plugins/personal/generic/class_user.inc | 87 ++++++++++++++++--- 3 files changed, 126 insertions(+), 14 deletions(-) diff --git a/gosa-core/contrib/gosa.conf.5 b/gosa-core/contrib/gosa.conf.5 index ceacd8a00..d1718e209 100644 --- a/gosa-core/contrib/gosa.conf.5 +++ b/gosa-core/contrib/gosa.conf.5 @@ -644,6 +644,25 @@ selecting .I personalTitleInDN. .PP +.B accountRDN +.I pattern +.PP +The +.I accountRDN +option tells GOsa to use a placeholder pattern for generating account +RDNs. A pattern can include attribute names prefaced by a % and normal +text: +.nf +accountRDN="cn=%sn %givenName" +.fi +This will generate a RDN consisting of cn=.... filled with surname and +given name of the edited account. This option disables the use of +.I accountPrimaryAttribute +and +.I personalTitleInDn +in your config. The latter attributes are maintained for compatibility. + + .B personalTitleInDN .I bool .PP diff --git a/gosa-core/include/class_plugin.inc b/gosa-core/include/class_plugin.inc index ddd00c55a..f03490a03 100644 --- a/gosa-core/include/class_plugin.inc +++ b/gosa-core/include/class_plugin.inc @@ -746,6 +746,39 @@ class plugin } } + + /* Create unique DN */ + function create_unique_dn2($data, $base) + { + $ldap= $this->config->get_ldap_link(); + $base= preg_replace("/^,*/", "", $base); + + /* Try to use plain entry first */ + $dn= "$data,$base"; + $attribute= preg_replace('/=.*$/', '', $data); + $ldap->cat ($dn, array('dn')); + if (!$ldap->fetch()){ + return ($dn); + } + + /* Look for additional attributes */ + foreach ($this->attributes as $attr){ + if ($attr == $attribute || $this->$attr == ""){ + continue; + } + + $dn= "$data+$attr=".$this->$attr.",$base"; + $ldap->cat ($dn, array('dn')); + if (!$ldap->fetch()){ + return ($dn); + } + } + + /* None found */ + return ("none"); + } + + /* Create unique DN */ function create_unique_dn($attribute, $base) { @@ -776,6 +809,7 @@ class plugin return ("none"); } + function rebind($ldap, $referral) { $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']); diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc index 30c50e475..45678fac1 100644 --- a/gosa-core/plugins/personal/generic/class_user.inc +++ b/gosa-core/plugins/personal/generic/class_user.inc @@ -1170,27 +1170,86 @@ class user extends plugin return (0); } + + function create_initial_rdn($pattern) + { + // Only generate single RDNs + if (preg_match('/\+/', $pattern)){ + msg_dialog::display(_("Error"), _("Cannot build RDN: no + allowed to build sub RDN!"), ERROR_DIALOG); + return ""; + } + + // Extract attribute + $attribute= preg_replace('/=.*$/', '', $pattern); + if (!in_array_ics($attribute, $this->attributes)) { + msg_dialog::display(_("Error"), _("Cannot build RDN: attribute is not defined!"), ERROR_DIALOG); + return ""; + } + + // Sort attributes for length + $attrl= array(); + foreach ($this->attributes as $attr) { + $attrl[$attr]= strlen($attr); + } + arsort($attrl); + + // Walk thru sorted attributes and replace them in pattern + foreach ($attrl as $attr => $dummy) { + if (!is_array($this->$attr)){ + $pattern= preg_replace("/%$attr/", $this->$attr, $pattern); + } else { + msg_dialog::display(_("Error"), _("Cannot build RDN: invalid attribute parameters!"), ERROR_DIALOG); + break; + } + } + + // Internally assign value + $this->$attribute= preg_replace('/^[^=]+=/', '', $pattern); + + return $pattern; + } + function update_new_dn() { - $pt= ""; - if($this->config->get_cfg_value("personalTitleInDN") == "true"){ - if(!empty($this->personalTitle)){ - $pt = $this->personalTitle." "; + // Alternative way to handle DN + $pattern= $this->config->get_cfg_value("accountRDN"); + if ($pattern != "") { + $rdn= $this->create_initial_rdn($pattern); + $attribute= preg_replace('/=.*$/', '', $rdn); + $value= preg_replace('/^[^=]+=$/', '', $rdn); + + /* Don't touch dn, if $attribute hasn't changed */ + if (isset($this->saved_attributes[$attribute]) && $this->saved_attributes[$attribute] == $this->$attribute && + $this->orig_base == $this->base ){ + $this->new_dn= $this->dn; + } else { + $this->new_dn= $this->create_unique_dn2($rdn, get_people_ou().$this->base); } - } - $this->cn= $pt.$this->givenName." ".$this->sn; - /* Permissions for that base? */ - if ($this->config->get_cfg_value("accountPrimaryAttribute") == "uid"){ - $this->new_dn= 'uid='.$this->uid.','.get_people_ou().$this->base; + // Original way to handle DN } else { - /* Don't touch dn, if cn hasn't changed */ - if (isset($this->saved_attributes['cn']) && $this->saved_attributes['cn'] == $this->cn && - $this->orig_base == $this->base ){ - $this->new_dn= $this->dn; + + $pt= ""; + if($this->config->get_cfg_value("personalTitleInDN") == "true"){ + if(!empty($this->personalTitle)){ + $pt = $this->personalTitle." "; + } + } + + $this->cn= $pt.$this->givenName." ".$this->sn; + + /* Permissions for that base? */ + if ($this->config->get_cfg_value("accountPrimaryAttribute") == "uid"){ + $this->new_dn= 'uid='.$this->uid.','.get_people_ou().$this->base; } else { - $this->new_dn= $this->create_unique_dn('cn', get_people_ou().$this->base); + /* Don't touch dn, if cn hasn't changed */ + if (isset($this->saved_attributes['cn']) && $this->saved_attributes['cn'] == $this->cn && + $this->orig_base == $this->base ){ + $this->new_dn= $this->dn; + } else { + $this->new_dn= $this->create_unique_dn('cn', get_people_ou().$this->base); + } } } } -- 2.30.2