extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-26 16:48:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

eGW uses now negative id's for groups, this allows to better support ldap (you can have users and groups with identical id's)

Browse Source
This commit is contained in:
Ralf Becker 2005-11-24 19:48:21 +00:00
parent e92bd2b0fb
commit 9606f6ea25
5 changed files with 157 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
phpgwapi/inc/class.accounts.inc.php
View File

@ -237,7 +237,7 @@
}
elseif ($param['type'] == 'owngroups')
{
$group = -1;
$group = true;
$param['type'] = 'groups';
}
$start = $param['start'];
@ -269,7 +269,7 @@
}
if ($group)
{
$members = $group > 0 ? $GLOBALS['egw']->acl->get_ids_for_location($group, 1, 'phpgw_group') :
$members = is_int($group) ? $GLOBALS['egw']->acl->get_ids_for_location($group, 1, 'phpgw_group') :
$GLOBALS['egw']->acl->get_location_list_for_id('phpgw_group', 1,$GLOBALS['egw_info']['user']['account_id']);
if (!$members) $members = array();
$valid = !$app ? $members : array_intersect($valid,$members); // use the intersection
@ -303,7 +303,7 @@
/**
* Searches / lists accounts: users and/or groups
*
* @deprecated
* @deprecated use search
*/
function get_list($_type='both',$start = '',$sort = '', $order = '', $query = '', $offset = '',$query_type='')
{
@ -487,23 +487,17 @@
return $membership_list[$account_id];
}
$security_equals = Array();
$security_equals = $GLOBALS['egw']->acl->get_location_list_for_id('phpgw_group', 1, $account_id);
if ($security_equals == False)
if(!($gids = $GLOBALS['egw']->acl->get_location_list_for_id('phpgw_group', 1, $account_id)))
{
return $membership_list[$account_id] = False;
}
$this->memberships = Array();
for ($idx=0; $idx<count($security_equals); $idx++)
$memberships = Array();
foreach($gids as $gid)
{
$groups = (int)$security_equals[$idx];
$this->memberships[] = Array('account_id' => $groups, 'account_name' => $this->id2name($groups));
$memberships[] = Array('account_id' => $gid, 'account_name' => $this->id2name($gid));
}
return $membership_list[$account_id] = $this->memberships;
return $membership_list[$account_id] = $memberships;
}
/**
@ -515,25 +509,27 @@
*/
function member($accountid = '')
{
$this->setup_cache();
$member_list = &$this->cache['member_list'];
$account_id = get_account_id($accountid);
$security_equals = Array();
$acl =& CreateObject('phpgwapi.acl');
$security_equals = $acl->get_ids_for_location($account_id, 1, 'phpgw_group');
unset($acl);
if ($security_equals == False)
if (isset($member_list[$account_id]))
{
return False;
return $member_list[$account_id];
}
for ($idx=0; $idx<count($security_equals); $idx++)
if (!($uids = $GLOBALS['egw']->acl->get_ids_for_location($account_id, 1, 'phpgw_group')))
{
$name = $this->id2name((int)$security_equals[$idx]);
$this->members[] = Array('account_id' => (int)$security_equals[$idx], 'account_name' => $name);
return $member_list[$account_id] = False;
}
return $this->members;
$members = array();
foreach ($uids as $uid)
{
$members[] = Array('account_id' => $uid, 'account_name' => $this->id2name($uid));
}
return $member_list[$account_id] = $members;
}
/**
@ -620,7 +616,7 @@
);
foreach($app_users as $id)
{
$type = $GLOBALS['egw']->accounts->get_type($id);
$type = $this->get_type($id);
if($type == 'g')
{
$accounts['groups'][$id] = $id;
@ -662,7 +658,7 @@
/**
* phpgw compatibility function, better use split_accounts
*
* @deprecated
* @deprecated use split_accounts
*/
function return_members($accounts)
{
@ -732,25 +728,9 @@
*/
function get_type($accountid)
{
$this->setup_cache();
$account_type = &$this->cache['account_type'];
$account_id = get_account_id($accountid);
if (isset($this->account_type) && $account_id == $this->account_id)
{
return $this->account_type;
}
if(@isset($account_type[$account_id]) && @$account_type[$account_id])
{
return $account_type[$account_id];
}
elseif($account_id == '')
{
return False;
}
return $account_type[$account_id] = accounts_::get_type($account_id);
return $account_id > 0 ? 'u' : ($account_id < 0 ? 'g' : false);
}
/**

99
phpgwapi/inc/class.accounts_ldap.inc.php
View File

@ -36,6 +36,15 @@
var $group_context = '';
var $total;
var $requiredObjectClasses = array(
'user' => array(
'top','organizationalperson','inetorgperson','posixaccount','shadowaccount','phpgwaccount'
),
'group' => array(
'top','posixgroup','phpgwaccount'
)
);
function accounts_()
{
$this->ds = $GLOBALS['egw']->common->ldapConnect();
@ -54,7 +63,7 @@
/* search the dn for the given uid */
if(($acct_type == 'g') && $this->group_context)
{
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . (int)$this->account_id);
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . abs((int)$this->account_id));
}
else
{
@ -65,7 +74,7 @@
/* Now dump it into the array; take first entry found */
if($acct_type =='g')
{
$this->data['account_id'] = $allValues[0]['gidnumber'][0];
$this->data['account_id'] = -$allValues[0]['gidnumber'][0];
$this->data['account_lid'] = $allValues[0]['cn'][0];
$this->data['firstname'] = $GLOBALS['egw']->translation->convert($allValues[0]['cn'][0],'utf-8');
$this->data['lastname'] = lang('Group');
@ -73,7 +82,7 @@
else
{
$this->data['account_id'] = $allValues[0]['uidnumber'][0];
$this->data['account_primary_group'] = $allValues[0]['gidnumber'][0];
$this->data['account_primary_group'] = -$allValues[0]['gidnumber'][0];
$this->data['account_lid'] = $allValues[0]['uid'][0];
$this->data['firstname'] = $GLOBALS['egw']->translation->convert($allValues[0]['givenname'][0],'utf-8');
$this->data['lastname'] = $GLOBALS['egw']->translation->convert($allValues[0]['sn'][0],'utf-8');
@ -103,13 +112,13 @@
function save_repository()
{
#_debug_array($this->data);
$acct_type = $this->get_type($this->account_id);
/* search the dn for the given u/gidnumber */
if(($acct_type == 'g') && $this->group_context)
{
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . (int)$this->account_id);
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . abs((int)$this->account_id));
}
else
{
@ -158,7 +167,7 @@
}
if($this->data['account_primary_group'])
{
$newData['gidnumber'] = $this->data['account_primary_group'];
$newData['gidnumber'] = abs($this->data['account_primary_group']);
}
if($this->data['lastlogin'])
{
@ -189,6 +198,15 @@
$newData['mail'] = $this->data['email'];
}
// check that we have all required objectclasses
unset($allValues[0]['objectclass']['count']);
// convert all values to lowercase
$currentObjectClasses = array_flip(array_change_key_case(array_flip($allValues[0]['objectclass'])));
$missingObjectClasses = array_diff($this->requiredObjectClasses['user'],$currentObjectClasses);
if(count($missingObjectClasses) > 0)
{
$newData['objectclass'] = array_merge($currentObjectClasses, $missingObjectClasses);
}
$newAccountID = $newData['uid'];
$oldAccountID = $newData['uid'];
}
@ -199,7 +217,7 @@
$this->data['account_lid'],
$GLOBALS['egw']->translation->charset(), 'utf-8'
);
$newData['gidnumber'] = $this->account_id;
$newData['gidnumber'] = abs($this->account_id);
$newGroupID = $newData['cn'];
$oldGroupID = $newData['cn'];
}
@ -362,7 +380,7 @@
foreach($this->data['account_groups'] as $key => $value)
{
// search for the group
$filter = 'gidnumber=' . (int)$value;
$filter = 'gidnumber=' . abs((int)$value);
$justThese = array('memberuid');
$sri = ldap_search($this->ds, $this->group_context, $filter, $justThese);
if($sri)
@ -401,7 +419,7 @@
$account_id = get_account_id($accountid);
$account_lid = $this->id2name((int)$account_id);
$filter = 'gidnumber=' . (int)$account_id;
$filter = 'gidnumber=' . abs((int)$account_id);
$sri = ldap_search($this->ds, $this->group_context, $filter);
if($sri)
{
@ -453,7 +471,7 @@
}
}
function get_list($_type='both', $start = '',$sort = '', $order = '', $query = '', $offset = '',$query_type='')
function get_list($_type='both', $start = '',$sort = '', $order = '', $query = '', $offset = '', $query_type='')
{
//print "\$_type=$_type, \$start=$start , \$sort=$sort, \$order=$order, \$query=$query, \$offset=$offset, \$query_type=$query_type<br>";
$query = strtolower($query);
@ -530,7 +548,7 @@
if (!$GLOBALS['egw_info']['server']['global_denied_groups'][$test] && $allVals['cn'][0])
{
$accounts[] = Array(
'account_id' => $allVals['gidnumber'][0],
'account_id' => -$allVals['gidnumber'][0],
'account_lid' => $allVals['cn'][0],
'account_type' => $allVals['phpgwaccounttype'][0],
'account_firstname' => $GLOBALS['egw']->translation->convert($allVals['givenname'][0],'utf-8'),
@ -549,7 +567,6 @@
}
$sortedAccounts = $arrayFunctions->arfsort($accounts,explode(',',$order),$sort);
$this->total = count($accounts);
// return only the wanted accounts
if (is_array($sortedAccounts))
{
@ -579,7 +596,7 @@
if (@$allValues[0]['gidnumber'][0])
{
return (int)$allValues[0]['gidnumber'][0];
return -(int)$allValues[0]['gidnumber'][0];
}
}
$to_ldap = array(
@ -605,7 +622,7 @@
if ($which == 'account_lid' || $which == 'account_type') // groups only support account_lid and account_type
{
$allValues = array();
$sri = ldap_search($this->ds, $this->group_context, '(&(gidnumber=' . (int)$account_id . ')(phpgwaccounttype=g))');
$sri = ldap_search($this->ds, $this->group_context, '(&(gidnumber=' . abs((int)$account_id) . ')(phpgwaccounttype=g))');
$allValues = ldap_get_entries($this->ds, $sri);
$attr = $which == 'account_lid' ? 'cn' : 'phpgwaccounttype';
@ -634,28 +651,6 @@
return False;
}
function get_type($account_id)
{
$allValues = array();
$sri = ldap_search($this->ds, $this->user_context, '(&(uidnumber=' . (int)$account_id . ')(phpgwaccounttype=u))');
$allValues = ldap_get_entries($this->ds, $sri);
if ($allValues[0]['phpgwaccounttype'][0])
{
return $allValues[0]['phpgwaccounttype'][0];
}
$allValues = array();
$sri = ldap_search($this->ds, $this->group_context, '(&(gidnumber=' . (int)$account_id . ')(phpgwaccounttype=g))');
$allValues = ldap_get_entries($this->ds, $sri);
if ($allValues[0]['phpgwaccounttype'][0])
{
return $allValues[0]['phpgwaccounttype'][0];
}
return False;
}
/*
* returns nonzero if $account exists in LDAP: 0: nowhere 1: user accounts, 2: group accounts, 3: both
* $account can be an account_id (LDAP: uidnumber) or an account_lid (LDAP: uid) (is determinded by ettype($account) == 'integer')
@ -667,13 +662,12 @@
$users = array();
$groups = array();
if(is_int($account))
if(is_numeric($account))
{
$ldapgroup = 'gidnumber';
$ldapacct = 'uidnumber';
$account = (int)$account;
/* If data is cached, use it. */
if(@isset($by_id[$account]) && @$by_id[$account])
if(isset($by_id[$account]))
{
return $by_id[$account];
}
@ -693,7 +687,7 @@
if ($acct_type == 'g' && $this->group_context)
{
$sri = ldap_search($this->ds, $this->group_context, $ldapgroup . '=' . $account);
$sri = ldap_search($this->ds, $this->group_context, $ldapgroup . '=' . abs($account));
$groups = ldap_get_entries($this->ds, $sri);
}
$sri = ldap_search($this->ds, $this->user_context, $ldapacct . '=' . $account);
@ -718,7 +712,6 @@
$by_lid[$account] = $in;
$by_id[$this->name2id($account)] = $in;
}
return $in;
}
@ -732,7 +725,7 @@
}
else
{
$account_id = $account_info['account_id'];
$account_id = abs($account_info['account_id']);
}
$entry['userpassword'] = $account_info['account_passwd'];
$entry['phpgwaccounttype'] = $account_info['account_type'];
@ -817,6 +810,7 @@
$dn = 'cn='.$account_info['account_lid'] . ',' . $this->group_context;
unset($entry['homedirectory']);
unset($entry['loginshell']);
unset($entry['userpassword']);
$entry['objectclass'][0] = 'top';
$entry['objectclass'][1] = 'posixGroup';
$entry['objectclass'][2] = 'phpgwAccount';
@ -863,7 +857,7 @@
}
$entry['uid'] = $account_info['account_lid'];
$entry['uidnumber'] = $account_id;
$entry['gidnumber'] = $account_info['account_primary_group'];
$entry['gidnumber'] = abs($account_info['account_primary_group']);
$entry['userpassword'] = $GLOBALS['egw']->common->encrypt_password($account_info['account_passwd']);
$entry['objectclass'][0] = 'top';
$entry['objectclass'][1] = 'person';
@ -936,7 +930,14 @@
$GLOBALS['egw']->preferences->create_defaults($account_id);
}
return $account_id;
if($account_info['account_type'] == 'g')
{
return -$account_id;
}
else
{
return $account_id;
}
}
function auto_add($accountname, $passwd, $default_prefs = False, $default_acls = False, $expiredate = 0, $account_status = 'A')
@ -969,11 +970,11 @@
$default_group_id = $this->name2id($GLOBALS['egw_info']['server']['default_group_lid']);
if (!$default_group_id)
{
$default_group_id = (int) $this->name2id('Default');
$default_group_id = abs((int)$this->name2id('Default'));
}
$primary_group = $GLOBALS['auto_create_acct']['primary_group'] &&
$this->get_type((int)$GLOBALS['auto_create_acct']['primary_group']) == 'g' ?
(int) $GLOBALS['auto_create_acct']['primary_group'] : $default_group_id;
(int)$GLOBALS['auto_create_acct']['primary_group'] : $default_group_id;
$acct_info = array(
'account_lid' => $accountname,
@ -1063,7 +1064,7 @@
/* search the dn for the given uid */
if(($acct_type == 'g') && $this->group_context)
{
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . (int)$account_id);
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . abs((int)$account_id));
}
else
{
@ -1109,10 +1110,10 @@
$entry['phpgwaccountlastloginfrom'] = $ip;
$sri = ldap_search($this->ds, $GLOBALS['egw_info']['server']['ldap_context'], 'uidnumber=' . (int)$_account_id);
$allValues = ldap_get_entries($ds, $sri);
$allValues = ldap_get_entries($this->ds, $sri);
$dn = $allValues[0]['dn'];
@ldap_modify($ds, $dn, $entry);
@ldap_modify($this->ds, $dn, $entry);
return $allValues[0]['phpgwaccountlastlogin'][0];
}

18
phpgwapi/inc/class.accounts_sql.inc.php
View File

@ -260,11 +260,6 @@
return False;
}
function get_type($account_id)
{
return $this->id2name($account_id,'account_type');
}
function exists($account_lid)
{
static $by_id, $by_lid;
@ -324,7 +319,14 @@
}
$this->db->insert($this->table,$account_data,False,__LINE__,__FILE__);
return $this->db->get_last_insert_id($this->table,'account_id');
$id = $account_data['account_id'] ? $account_data['account_id'] : $this->db->get_last_insert_id($this->table,'account_id');
if ($id > 0)
{
$this->db->update($this->table,array('account_id' => -$id),array('account_id' => $id),__LINE__,__FILE__);
return -$id;
}
return $id;
}
function auto_add($accountname, $passwd, $default_prefs = False, $default_acls = False, $expiredate = 0, $account_status = 'A')
@ -387,9 +389,7 @@
$this->db->transaction_begin();
$this->create($acct_info); /* create the account */
$accountid = $this->name2id($accountname); /* grab the account id or an error code */
$accountid = $this->create($acct_info); /* create the account */
if ($accountid) /* begin account setup */
{

2
phpgwapi/setup/setup.inc.php
View File

@ -14,7 +14,7 @@
/* Basic information about this app */
$setup_info['phpgwapi']['name'] = 'phpgwapi';
$setup_info['phpgwapi']['title'] = 'eGroupWare API';
$setup_info['phpgwapi']['version'] = '1.0.1.029';
$setup_info['phpgwapi']['version'] = '1.2';
$setup_info['phpgwapi']['versions']['current_header'] = '1.28';
$setup_info['phpgwapi']['enable'] = 3;
$setup_info['phpgwapi']['app_order'] = 1;

72
phpgwapi/setup/tables_update.inc.php
View File

@ -907,4 +907,76 @@
return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.0.1.029';
}
$test[] = '1.0.1.029';
function phpgwapi_upgrade1_0_1_029()
{
// convert all positive group id's to negative ones
// this allows duplicate id for users and groups in ldap
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'config_value',array(
'config_name' => 'account_repository',
'config_app' => 'phpgwapi',
),__LINE__,__FILE__);
if($GLOBALS['egw_setup']->db->next_record() && $GLOBALS['egw_setup']->db->f('config_value') == 'ldap')
{
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->acl_table,'DISTINCT acl_location',array(
'acl_appname' => 'phpgw_group',
'acl_location > 0',
),__LINE__,__FILE__);
}
else
{
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->accounts_table,'account_id',array(
'account_type' => 'g',
'account_id > 0',
),__LINE__,__FILE__);
}
$groupIDs = array();
while($GLOBALS['egw_setup']->db->next_record())
{
$groupIDs[] = $GLOBALS['egw_setup']->db->f(0);
}
$tables = array();
foreach($GLOBALS['egw_setup']->db->table_names() as $data)
{
$tables[] = $data['table_name'];
}
foreach(array(
array('egw_acl','acl_location'),
array('egw_acl','acl_account'),
array('egw_accounts','account_id',"account_type='g'"),
array('egw_accounts','account_primary_group',"account_type='u'"),
array('egw_cal_user','cal_user_id',"cal_user_type='u'"),
array('egw_wiki_pages','wiki_readable',true),
array('egw_wiki_pages','wiki_writable',true),
) as $data)
{
$where = false;
list($table,$col,$where) = $data;
if (!in_array($table,$tables)) continue; // app is not installed
if ($col == 'acl_location') // varchar not int!
{
$set = $col.'='.$GLOBALS['egw_setup']->db->concat("'-'",$col);
$in = "$col IN ('".implode("','",$groupIDs)."')";
}
else
{
$set = "$col=-$col";
$in = "$col IN (".implode(',',$groupIDs).')';
}
if ($where === true)
{
$in = '';
$where = '1=1';
}
$query = "UPDATE $table SET $set WHERE $in".($in && $where ? ' AND ' : '').$where;
//echo "<p>$query</p>\n";
$GLOBALS['egw_setup']->db->query($query,__LINE__,__FILE__);
}
return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.2';
}
?>