diff --git a/phpgwapi/inc/class.accounts.inc.php b/phpgwapi/inc/class.accounts.inc.php index cf4b671a6c..a0d1d356c0 100644 --- a/phpgwapi/inc/class.accounts.inc.php +++ b/phpgwapi/inc/class.accounts.inc.php @@ -237,7 +237,7 @@ } elseif ($param['type'] == 'owngroups') { - $group = -1; + $group = true; $param['type'] = 'groups'; } $start = $param['start']; @@ -269,7 +269,7 @@ } if ($group) { - $members = $group > 0 ? $GLOBALS['egw']->acl->get_ids_for_location($group, 1, 'phpgw_group') : + $members = is_int($group) ? $GLOBALS['egw']->acl->get_ids_for_location($group, 1, 'phpgw_group') : $GLOBALS['egw']->acl->get_location_list_for_id('phpgw_group', 1,$GLOBALS['egw_info']['user']['account_id']); if (!$members) $members = array(); $valid = !$app ? $members : array_intersect($valid,$members); // use the intersection @@ -303,7 +303,7 @@ /** * Searches / lists accounts: users and/or groups * - * @deprecated + * @deprecated use search */ function get_list($_type='both',$start = '',$sort = '', $order = '', $query = '', $offset = '',$query_type='') { @@ -487,23 +487,17 @@ return $membership_list[$account_id]; } - $security_equals = Array(); - $security_equals = $GLOBALS['egw']->acl->get_location_list_for_id('phpgw_group', 1, $account_id); - - if ($security_equals == False) + if(!($gids = $GLOBALS['egw']->acl->get_location_list_for_id('phpgw_group', 1, $account_id))) { return $membership_list[$account_id] = False; } - $this->memberships = Array(); - - for ($idx=0; $idxmemberships[] = Array('account_id' => $groups, 'account_name' => $this->id2name($groups)); + $memberships[] = Array('account_id' => $gid, 'account_name' => $this->id2name($gid)); } - - return $membership_list[$account_id] = $this->memberships; + return $membership_list[$account_id] = $memberships; } /** @@ -515,25 +509,27 @@ */ function member($accountid = '') { + $this->setup_cache(); + $member_list = &$this->cache['member_list']; + $account_id = get_account_id($accountid); - $security_equals = Array(); - $acl =& CreateObject('phpgwapi.acl'); - $security_equals = $acl->get_ids_for_location($account_id, 1, 'phpgw_group'); - unset($acl); - - if ($security_equals == False) + if (isset($member_list[$account_id])) { - return False; + return $member_list[$account_id]; } - for ($idx=0; $idxacl->get_ids_for_location($account_id, 1, 'phpgw_group'))) { - $name = $this->id2name((int)$security_equals[$idx]); - $this->members[] = Array('account_id' => (int)$security_equals[$idx], 'account_name' => $name); + return $member_list[$account_id] = False; } - return $this->members; + $members = array(); + foreach ($uids as $uid) + { + $members[] = Array('account_id' => $uid, 'account_name' => $this->id2name($uid)); + } + return $member_list[$account_id] = $members; } /** @@ -620,7 +616,7 @@ ); foreach($app_users as $id) { - $type = $GLOBALS['egw']->accounts->get_type($id); + $type = $this->get_type($id); if($type == 'g') { $accounts['groups'][$id] = $id; @@ -662,7 +658,7 @@ /** * phpgw compatibility function, better use split_accounts * - * @deprecated + * @deprecated use split_accounts */ function return_members($accounts) { @@ -732,25 +728,9 @@ */ function get_type($accountid) { - $this->setup_cache(); - $account_type = &$this->cache['account_type']; - $account_id = get_account_id($accountid); - - if (isset($this->account_type) && $account_id == $this->account_id) - { - return $this->account_type; - } - - if(@isset($account_type[$account_id]) && @$account_type[$account_id]) - { - return $account_type[$account_id]; - } - elseif($account_id == '') - { - return False; - } - return $account_type[$account_id] = accounts_::get_type($account_id); + + return $account_id > 0 ? 'u' : ($account_id < 0 ? 'g' : false); } /** diff --git a/phpgwapi/inc/class.accounts_ldap.inc.php b/phpgwapi/inc/class.accounts_ldap.inc.php index 4590273d2c..5647857b45 100644 --- a/phpgwapi/inc/class.accounts_ldap.inc.php +++ b/phpgwapi/inc/class.accounts_ldap.inc.php @@ -36,6 +36,15 @@ var $group_context = ''; var $total; + var $requiredObjectClasses = array( + 'user' => array( + 'top','organizationalperson','inetorgperson','posixaccount','shadowaccount','phpgwaccount' + ), + 'group' => array( + 'top','posixgroup','phpgwaccount' + ) + ); + function accounts_() { $this->ds = $GLOBALS['egw']->common->ldapConnect(); @@ -54,7 +63,7 @@ /* search the dn for the given uid */ if(($acct_type == 'g') && $this->group_context) { - $sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . (int)$this->account_id); + $sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . abs((int)$this->account_id)); } else { @@ -65,7 +74,7 @@ /* Now dump it into the array; take first entry found */ if($acct_type =='g') { - $this->data['account_id'] = $allValues[0]['gidnumber'][0]; + $this->data['account_id'] = -$allValues[0]['gidnumber'][0]; $this->data['account_lid'] = $allValues[0]['cn'][0]; $this->data['firstname'] = $GLOBALS['egw']->translation->convert($allValues[0]['cn'][0],'utf-8'); $this->data['lastname'] = lang('Group'); @@ -73,7 +82,7 @@ else { $this->data['account_id'] = $allValues[0]['uidnumber'][0]; - $this->data['account_primary_group'] = $allValues[0]['gidnumber'][0]; + $this->data['account_primary_group'] = -$allValues[0]['gidnumber'][0]; $this->data['account_lid'] = $allValues[0]['uid'][0]; $this->data['firstname'] = $GLOBALS['egw']->translation->convert($allValues[0]['givenname'][0],'utf-8'); $this->data['lastname'] = $GLOBALS['egw']->translation->convert($allValues[0]['sn'][0],'utf-8'); @@ -103,13 +112,13 @@ function save_repository() { - #_debug_array($this->data); + $acct_type = $this->get_type($this->account_id); /* search the dn for the given u/gidnumber */ if(($acct_type == 'g') && $this->group_context) { - $sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . (int)$this->account_id); + $sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . abs((int)$this->account_id)); } else { @@ -158,7 +167,7 @@ } if($this->data['account_primary_group']) { - $newData['gidnumber'] = $this->data['account_primary_group']; + $newData['gidnumber'] = abs($this->data['account_primary_group']); } if($this->data['lastlogin']) { @@ -189,6 +198,15 @@ $newData['mail'] = $this->data['email']; } + // check that we have all required objectclasses + unset($allValues[0]['objectclass']['count']); + // convert all values to lowercase + $currentObjectClasses = array_flip(array_change_key_case(array_flip($allValues[0]['objectclass']))); + $missingObjectClasses = array_diff($this->requiredObjectClasses['user'],$currentObjectClasses); + if(count($missingObjectClasses) > 0) + { + $newData['objectclass'] = array_merge($currentObjectClasses, $missingObjectClasses); + } $newAccountID = $newData['uid']; $oldAccountID = $newData['uid']; } @@ -199,7 +217,7 @@ $this->data['account_lid'], $GLOBALS['egw']->translation->charset(), 'utf-8' ); - $newData['gidnumber'] = $this->account_id; + $newData['gidnumber'] = abs($this->account_id); $newGroupID = $newData['cn']; $oldGroupID = $newData['cn']; } @@ -362,7 +380,7 @@ foreach($this->data['account_groups'] as $key => $value) { // search for the group - $filter = 'gidnumber=' . (int)$value; + $filter = 'gidnumber=' . abs((int)$value); $justThese = array('memberuid'); $sri = ldap_search($this->ds, $this->group_context, $filter, $justThese); if($sri) @@ -401,7 +419,7 @@ $account_id = get_account_id($accountid); $account_lid = $this->id2name((int)$account_id); - $filter = 'gidnumber=' . (int)$account_id; + $filter = 'gidnumber=' . abs((int)$account_id); $sri = ldap_search($this->ds, $this->group_context, $filter); if($sri) { @@ -453,7 +471,7 @@ } } - function get_list($_type='both', $start = '',$sort = '', $order = '', $query = '', $offset = '',$query_type='') + function get_list($_type='both', $start = '',$sort = '', $order = '', $query = '', $offset = '', $query_type='') { //print "\$_type=$_type, \$start=$start , \$sort=$sort, \$order=$order, \$query=$query, \$offset=$offset, \$query_type=$query_type
"; $query = strtolower($query); @@ -530,7 +548,7 @@ if (!$GLOBALS['egw_info']['server']['global_denied_groups'][$test] && $allVals['cn'][0]) { $accounts[] = Array( - 'account_id' => $allVals['gidnumber'][0], + 'account_id' => -$allVals['gidnumber'][0], 'account_lid' => $allVals['cn'][0], 'account_type' => $allVals['phpgwaccounttype'][0], 'account_firstname' => $GLOBALS['egw']->translation->convert($allVals['givenname'][0],'utf-8'), @@ -549,7 +567,6 @@ } $sortedAccounts = $arrayFunctions->arfsort($accounts,explode(',',$order),$sort); $this->total = count($accounts); - // return only the wanted accounts if (is_array($sortedAccounts)) { @@ -579,7 +596,7 @@ if (@$allValues[0]['gidnumber'][0]) { - return (int)$allValues[0]['gidnumber'][0]; + return -(int)$allValues[0]['gidnumber'][0]; } } $to_ldap = array( @@ -605,7 +622,7 @@ if ($which == 'account_lid' || $which == 'account_type') // groups only support account_lid and account_type { $allValues = array(); - $sri = ldap_search($this->ds, $this->group_context, '(&(gidnumber=' . (int)$account_id . ')(phpgwaccounttype=g))'); + $sri = ldap_search($this->ds, $this->group_context, '(&(gidnumber=' . abs((int)$account_id) . ')(phpgwaccounttype=g))'); $allValues = ldap_get_entries($this->ds, $sri); $attr = $which == 'account_lid' ? 'cn' : 'phpgwaccounttype'; @@ -634,28 +651,6 @@ return False; } - function get_type($account_id) - { - $allValues = array(); - $sri = ldap_search($this->ds, $this->user_context, '(&(uidnumber=' . (int)$account_id . ')(phpgwaccounttype=u))'); - $allValues = ldap_get_entries($this->ds, $sri); - - if ($allValues[0]['phpgwaccounttype'][0]) - { - return $allValues[0]['phpgwaccounttype'][0]; - } - - $allValues = array(); - $sri = ldap_search($this->ds, $this->group_context, '(&(gidnumber=' . (int)$account_id . ')(phpgwaccounttype=g))'); - $allValues = ldap_get_entries($this->ds, $sri); - - if ($allValues[0]['phpgwaccounttype'][0]) - { - return $allValues[0]['phpgwaccounttype'][0]; - } - return False; - } - /* * returns nonzero if $account exists in LDAP: 0: nowhere 1: user accounts, 2: group accounts, 3: both * $account can be an account_id (LDAP: uidnumber) or an account_lid (LDAP: uid) (is determinded by ettype($account) == 'integer') @@ -667,13 +662,12 @@ $users = array(); $groups = array(); - if(is_int($account)) + if(is_numeric($account)) { $ldapgroup = 'gidnumber'; $ldapacct = 'uidnumber'; - $account = (int)$account; /* If data is cached, use it. */ - if(@isset($by_id[$account]) && @$by_id[$account]) + if(isset($by_id[$account])) { return $by_id[$account]; } @@ -693,7 +687,7 @@ if ($acct_type == 'g' && $this->group_context) { - $sri = ldap_search($this->ds, $this->group_context, $ldapgroup . '=' . $account); + $sri = ldap_search($this->ds, $this->group_context, $ldapgroup . '=' . abs($account)); $groups = ldap_get_entries($this->ds, $sri); } $sri = ldap_search($this->ds, $this->user_context, $ldapacct . '=' . $account); @@ -718,7 +712,6 @@ $by_lid[$account] = $in; $by_id[$this->name2id($account)] = $in; } - return $in; } @@ -732,7 +725,7 @@ } else { - $account_id = $account_info['account_id']; + $account_id = abs($account_info['account_id']); } $entry['userpassword'] = $account_info['account_passwd']; $entry['phpgwaccounttype'] = $account_info['account_type']; @@ -817,6 +810,7 @@ $dn = 'cn='.$account_info['account_lid'] . ',' . $this->group_context; unset($entry['homedirectory']); unset($entry['loginshell']); + unset($entry['userpassword']); $entry['objectclass'][0] = 'top'; $entry['objectclass'][1] = 'posixGroup'; $entry['objectclass'][2] = 'phpgwAccount'; @@ -863,7 +857,7 @@ } $entry['uid'] = $account_info['account_lid']; $entry['uidnumber'] = $account_id; - $entry['gidnumber'] = $account_info['account_primary_group']; + $entry['gidnumber'] = abs($account_info['account_primary_group']); $entry['userpassword'] = $GLOBALS['egw']->common->encrypt_password($account_info['account_passwd']); $entry['objectclass'][0] = 'top'; $entry['objectclass'][1] = 'person'; @@ -936,7 +930,14 @@ $GLOBALS['egw']->preferences->create_defaults($account_id); } - return $account_id; + if($account_info['account_type'] == 'g') + { + return -$account_id; + } + else + { + return $account_id; + } } function auto_add($accountname, $passwd, $default_prefs = False, $default_acls = False, $expiredate = 0, $account_status = 'A') @@ -969,11 +970,11 @@ $default_group_id = $this->name2id($GLOBALS['egw_info']['server']['default_group_lid']); if (!$default_group_id) { - $default_group_id = (int) $this->name2id('Default'); + $default_group_id = abs((int)$this->name2id('Default')); } $primary_group = $GLOBALS['auto_create_acct']['primary_group'] && $this->get_type((int)$GLOBALS['auto_create_acct']['primary_group']) == 'g' ? - (int) $GLOBALS['auto_create_acct']['primary_group'] : $default_group_id; + (int)$GLOBALS['auto_create_acct']['primary_group'] : $default_group_id; $acct_info = array( 'account_lid' => $accountname, @@ -1063,7 +1064,7 @@ /* search the dn for the given uid */ if(($acct_type == 'g') && $this->group_context) { - $sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . (int)$account_id); + $sri = ldap_search($this->ds, $this->group_context, 'gidnumber=' . abs((int)$account_id)); } else { @@ -1109,10 +1110,10 @@ $entry['phpgwaccountlastloginfrom'] = $ip; $sri = ldap_search($this->ds, $GLOBALS['egw_info']['server']['ldap_context'], 'uidnumber=' . (int)$_account_id); - $allValues = ldap_get_entries($ds, $sri); + $allValues = ldap_get_entries($this->ds, $sri); $dn = $allValues[0]['dn']; - @ldap_modify($ds, $dn, $entry); + @ldap_modify($this->ds, $dn, $entry); return $allValues[0]['phpgwaccountlastlogin'][0]; } diff --git a/phpgwapi/inc/class.accounts_sql.inc.php b/phpgwapi/inc/class.accounts_sql.inc.php index dc52c136bd..81264009e8 100644 --- a/phpgwapi/inc/class.accounts_sql.inc.php +++ b/phpgwapi/inc/class.accounts_sql.inc.php @@ -260,11 +260,6 @@ return False; } - function get_type($account_id) - { - return $this->id2name($account_id,'account_type'); - } - function exists($account_lid) { static $by_id, $by_lid; @@ -324,7 +319,14 @@ } $this->db->insert($this->table,$account_data,False,__LINE__,__FILE__); - return $this->db->get_last_insert_id($this->table,'account_id'); + $id = $account_data['account_id'] ? $account_data['account_id'] : $this->db->get_last_insert_id($this->table,'account_id'); + + if ($id > 0) + { + $this->db->update($this->table,array('account_id' => -$id),array('account_id' => $id),__LINE__,__FILE__); + return -$id; + } + return $id; } function auto_add($accountname, $passwd, $default_prefs = False, $default_acls = False, $expiredate = 0, $account_status = 'A') @@ -387,9 +389,7 @@ $this->db->transaction_begin(); - $this->create($acct_info); /* create the account */ - - $accountid = $this->name2id($accountname); /* grab the account id or an error code */ + $accountid = $this->create($acct_info); /* create the account */ if ($accountid) /* begin account setup */ { diff --git a/phpgwapi/setup/setup.inc.php b/phpgwapi/setup/setup.inc.php index 595201f330..2d517f83dc 100755 --- a/phpgwapi/setup/setup.inc.php +++ b/phpgwapi/setup/setup.inc.php @@ -14,7 +14,7 @@ /* Basic information about this app */ $setup_info['phpgwapi']['name'] = 'phpgwapi'; $setup_info['phpgwapi']['title'] = 'eGroupWare API'; - $setup_info['phpgwapi']['version'] = '1.0.1.029'; + $setup_info['phpgwapi']['version'] = '1.2'; $setup_info['phpgwapi']['versions']['current_header'] = '1.28'; $setup_info['phpgwapi']['enable'] = 3; $setup_info['phpgwapi']['app_order'] = 1; diff --git a/phpgwapi/setup/tables_update.inc.php b/phpgwapi/setup/tables_update.inc.php index a8da66a5b7..61d79437d4 100644 --- a/phpgwapi/setup/tables_update.inc.php +++ b/phpgwapi/setup/tables_update.inc.php @@ -907,4 +907,76 @@ return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.0.1.029'; } + + + $test[] = '1.0.1.029'; + function phpgwapi_upgrade1_0_1_029() + { + // convert all positive group id's to negative ones + // this allows duplicate id for users and groups in ldap + $GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'config_value',array( + 'config_name' => 'account_repository', + 'config_app' => 'phpgwapi', + ),__LINE__,__FILE__); + + if($GLOBALS['egw_setup']->db->next_record() && $GLOBALS['egw_setup']->db->f('config_value') == 'ldap') + { + $GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->acl_table,'DISTINCT acl_location',array( + 'acl_appname' => 'phpgw_group', + 'acl_location > 0', + ),__LINE__,__FILE__); + } + else + { + $GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->accounts_table,'account_id',array( + 'account_type' => 'g', + 'account_id > 0', + ),__LINE__,__FILE__); + } + $groupIDs = array(); + while($GLOBALS['egw_setup']->db->next_record()) + { + $groupIDs[] = $GLOBALS['egw_setup']->db->f(0); + } + $tables = array(); + foreach($GLOBALS['egw_setup']->db->table_names() as $data) + { + $tables[] = $data['table_name']; + } + foreach(array( + array('egw_acl','acl_location'), + array('egw_acl','acl_account'), + array('egw_accounts','account_id',"account_type='g'"), + array('egw_accounts','account_primary_group',"account_type='u'"), + array('egw_cal_user','cal_user_id',"cal_user_type='u'"), + array('egw_wiki_pages','wiki_readable',true), + array('egw_wiki_pages','wiki_writable',true), + ) as $data) + { + $where = false; + list($table,$col,$where) = $data; + + if (!in_array($table,$tables)) continue; // app is not installed + + if ($col == 'acl_location') // varchar not int! + { + $set = $col.'='.$GLOBALS['egw_setup']->db->concat("'-'",$col); + $in = "$col IN ('".implode("','",$groupIDs)."')"; + } + else + { + $set = "$col=-$col"; + $in = "$col IN (".implode(',',$groupIDs).')'; + } + if ($where === true) + { + $in = ''; + $where = '1=1'; + } + $query = "UPDATE $table SET $set WHERE $in".($in && $where ? ' AND ' : '').$where; + //echo "

$query

\n"; + $GLOBALS['egw_setup']->db->query($query,__LINE__,__FILE__); + } + return $GLOBALS['setup_info']['phpgwapi']['currentver'] = '1.2'; + } ?>