mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-07 16:44:20 +01:00
* method to reset passwords of multiple users to a random password and notify them about that, also allows to change from plaintext passwords to a different hash
This commit is contained in:
Ralf Becker
parent
d7d28e75d5
commit
bab48aee0a
198
admin/inc/class.admin_passwordreset.inc.php
Normal file
198
admin/inc/class.admin_passwordreset.inc.php
Normal file
@ -0,0 +1,198 @@
|
||||
<?php
|
||||
/**
|
||||
* EGgroupware admin - Reset passwords
|
||||
*
|
||||
* @link http://www.egroupware.org
|
||||
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||
* @package admin
|
||||
* @copyright (c) 2011 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
||||
* @version $Id$
|
||||
*/
|
||||
|
||||
include_once(EGW_INCLUDE_ROOT.'/setup/inc/hook_config.inc.php'); // functions to return password hashes
|
||||
|
||||
/**
|
||||
* Reset passwords
|
||||
*/
|
||||
class admin_passwordreset
|
||||
{
|
||||
/**
|
||||
* Which methods of this class can be called as menuation
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $public_functions = array(
|
||||
'index' => true,
|
||||
);
|
||||
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
var $replacements = array();
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
*/
|
||||
function __construct()
|
||||
{
|
||||
if($GLOBALS['egw']->acl->check('account_access',16,'admin'))
|
||||
{
|
||||
$GLOBALS['egw']->redirect_link('/index.php');
|
||||
}
|
||||
$this->replacements = array(
|
||||
'account_lid' => lang('Login-ID'),
|
||||
'account_firstname' => lang('firstname'),
|
||||
'account_lastname' => lang('lastname'),
|
||||
'account_email' => lang('email'),
|
||||
'account_password' => lang('new password'),
|
||||
'account_id' => lang('nummeric account ID'),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Reset passwords
|
||||
*
|
||||
* @param array $content=null
|
||||
* @param string $msg=''
|
||||
*/
|
||||
function index(array $content=null, $msg='')
|
||||
{
|
||||
if (!($account_repository = $GLOBALS['egw_info']['server']['account_repository']) &&
|
||||
!($account_repository = $GLOBALS['egw_info']['server']['auth_type']))
|
||||
{
|
||||
$account_repository = 'sql';
|
||||
}
|
||||
if (!($current_hash = $GLOBALS['egw_info']['server'][$account_repository.'_encryption_type']))
|
||||
{
|
||||
$current_hash = 'md5';
|
||||
}
|
||||
if (is_array($content))
|
||||
{
|
||||
if ($content['download_csv'] && $content['changed'])
|
||||
{
|
||||
html::content_header('changed.csv','text/csv');
|
||||
//echo "account_lid;account_password;account_email;account_firstname;account_lastname\n";
|
||||
foreach($content['changed'] as $account)
|
||||
{
|
||||
echo "$account[account_lid];$account[account_password];$account[account_email];$account[account_firstname];$account[account_lastname]\n";
|
||||
}
|
||||
common::egw_exit();
|
||||
}
|
||||
if (!$content['users'])
|
||||
{
|
||||
$msg = lang('You need to select some users first!');
|
||||
}
|
||||
elseif (!$content['random_pw'] && !$content['hash'] && !$content['notify'])
|
||||
{
|
||||
$msg = lang('You need to check "%1", "%2" or select any from "%3"!',
|
||||
lang('Set a random password'),
|
||||
lang('Notify user by email'),
|
||||
lang('Change password hash to'));
|
||||
}
|
||||
elseif(!$content['random_pw'] && $content['hash'] && $content['hash'] != $current_hash && $current_hash != 'plain')
|
||||
{
|
||||
$msg = lang('You can only change the hash, if you set a random password or currently use plaintext passwords!');
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($content['hash'] && $content['hash'] != $current_hash)
|
||||
{
|
||||
config::save_value($account_repository.'_encryption_type',$content['hash'],'phpgwapi');
|
||||
$msg = lang('Changed password hash for %1 to %2.',strtoupper($account_repository),$content['hash'])."\n";
|
||||
$GLOBALS['egw_info']['server'][$account_repository.'_encryption_type'] = $content['hash'];
|
||||
}
|
||||
$changed = array();
|
||||
foreach($content['users'] as $account_id)
|
||||
{
|
||||
if (($account = $GLOBALS['egw']->accounts->read($account_id)))
|
||||
{
|
||||
//_debug_array($account); //break;
|
||||
|
||||
if ($content['random_pw'])
|
||||
{
|
||||
$password = auth::randomstring(8);
|
||||
$old_password = null;
|
||||
}
|
||||
elseif (!preg_match('/^{plain}/i',$account['account_pwd']) &&
|
||||
($current_hash != 'plain' || $current_hash == 'plain' && $account['account_pwd'][0] == '{'))
|
||||
{
|
||||
$msg .= lang('Account "%1" has NO plaintext password!',$account['account_lid'])."\n";
|
||||
continue;
|
||||
}
|
||||
else
|
||||
{
|
||||
$old_password = $password = preg_replace('/^{plain}/i','',$account['account_pwd']);
|
||||
}
|
||||
if (!$GLOBALS['egw']->auth->change_password($old_password,$password,$account_id))
|
||||
{
|
||||
$msg .= lang('Failed to change password for account "%1"!',$account['account_lid'])."\n";
|
||||
continue;
|
||||
}
|
||||
$account['account_password'] = $password;
|
||||
$changed[] = $account;
|
||||
|
||||
if ($content['notify'])
|
||||
{
|
||||
if (strpos($account['account_email'],'@') === false)
|
||||
{
|
||||
$msg .= lang('Account "%1" has no email address --> not notified!',$account['account_lid']);
|
||||
continue;
|
||||
}
|
||||
$send = new send();
|
||||
$send->AddAddress($account['account_email'],$account['account_fullname']);
|
||||
$replacements = array();
|
||||
foreach($this->replacements as $name => $label)
|
||||
{
|
||||
$replacements['$$'.$name.'$$'] = $account[$name];
|
||||
}
|
||||
$send->Subject = strtr($content['subject'],$replacements);
|
||||
$send->Body = strtr($content['body'],$replacements);
|
||||
if (!empty($GLOBALS['egw_info']['user']['account_email']))
|
||||
{
|
||||
$send->From = $GLOBALS['egw_info']['user']['account_email'];
|
||||
$send->FromName = $GLOBALS['egw_info']['user']['account_fullname'];
|
||||
}
|
||||
try
|
||||
{
|
||||
$send->Send();
|
||||
}
|
||||
catch (phpmailerException $e)
|
||||
{
|
||||
$msg .= lang('Notifying account "%1" %2 failed!',$account['account_lid'],$account['account_email']).
|
||||
': '.strip_tags(str_replace('<p>',"\n",$send->ErrorInfo))."\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($changed)
|
||||
{
|
||||
$msg .= lang('Passwords of %1 accounts changed',count($changed));
|
||||
}
|
||||
}
|
||||
}
|
||||
$content['msg'] = $msg;
|
||||
$content['account_repository'] = $account_repository;
|
||||
$content['current_hash'] = $current_hash;
|
||||
$sel_options['hash'] = $account_repository == 'sql' ?
|
||||
sql_passwdhashes($GLOBALS['egw_info']['server'],true) :
|
||||
passwdhashes($GLOBALS['egw_info']['server'],true);
|
||||
$content['replacements'] = array();
|
||||
foreach($this->replacements as $name => $label)
|
||||
{
|
||||
$content['replacements'][] = array(
|
||||
'name' => '$$'.$name.'$$',
|
||||
'label' => $label,
|
||||
);
|
||||
}
|
||||
$readonlys['download_csv'] = !$changed;
|
||||
|
||||
$GLOBALS['egw_info']['flags']['app_header'] = lang('Reset passwords');
|
||||
|
||||
$tmpl = new etemplate('admin.passwordreset');
|
||||
$tmpl->exec('admin.admin_passwordreset.index',$content,$sel_options,$readonlys,array(
|
||||
'changed' => $changed,
|
||||
));
|
||||
}
|
||||
}
|
||||
@ -57,6 +57,11 @@ class admin_prefs_sidebox_hooks
|
||||
$file['User Accounts'] = egw::link('/index.php','menuaction=admin.uiaccounts.list_users');
|
||||
}
|
||||
|
||||
if (! $GLOBALS['egw']->acl->check('account_access',16,'admin'))
|
||||
{
|
||||
$file['Reset passwords'] = egw::link('/index.php','menuaction=admin.admin_passwordreset.index');
|
||||
}
|
||||
|
||||
if (! $GLOBALS['egw']->acl->check('group_access',1,'admin'))
|
||||
{
|
||||
$file['User Groups'] = egw::link('/index.php','menuaction=admin.uiaccounts.list_groups');
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
/**
|
||||
* eGroupWare - eTemplates for Application admin
|
||||
* http://www.egroupware.org
|
||||
* generated by soetemplate::dump4setup() 2011-01-25 13:29
|
||||
* generated by soetemplate::dump4setup() 2011-04-01 15:33
|
||||
*
|
||||
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
||||
* @package admin
|
||||
@ -53,6 +53,8 @@ $templ_data[] = array('name' => 'admin.customfields.fields','template' => '','la
|
||||
|
||||
$templ_data[] = array('name' => 'admin.customfields.types','template' => '','lang' => '','group' => '0','version' => '1.2','data' => 'a:1:{i:0;a:4:{s:4:"type";s:4:"grid";s:4:"data";a:2:{i:0;a:4:{s:1:"D";s:15:",@non_deletable";s:1:"E";s:8:",@no_add";s:1:"F";s:8:",@no_add";s:2:"h1";s:15:",@no_edit_types";}i:1;a:6:{s:1:"A";a:2:{s:4:"type";s:5:"label";s:4:"name";s:8:"app-name";}s:1:"B";a:2:{s:4:"type";s:5:"label";s:5:"label";s:7:"- type";}s:1:"C";a:4:{s:4:"type";s:6:"select";s:4:"name";s:5:"types";s:8:"onchange";s:1:"1";s:7:"no_lang";s:1:"1";}s:1:"D";a:4:{s:4:"type";s:6:"button";s:5:"label";s:6:"Delete";s:4:"name";s:6:"delete";s:7:"onclick";s:110:"return confirm(\'WARNING: You are about to delete this type. Entries of this type won\\\'t be accessable then.\');";}s:1:"E";a:3:{s:4:"type";s:4:"text";s:4:"name";s:4:"name";s:4:"blur";s:8:"new name";}s:1:"F";a:3:{s:4:"type";s:6:"button";s:5:"label";s:6:"Create";s:4:"name";s:6:"create";}}}s:4:"rows";i:1;s:4:"cols";i:6;}}','size' => '','style' => '','modified' => '1139823458',);
|
||||
|
||||
$templ_data[] = array('name' => 'admin.passwordreset','template' => '','lang' => '','group' => '0','version' => '1.9.001','data' => 'a:1:{i:0;a:4:{s:4:"type";s:4:"grid";s:4:"data";a:10:{i:0;a:2:{s:2:"c8";s:4:",top";s:2:"h1";s:6:",!@msg";}i:1;a:2:{s:1:"A";a:3:{s:4:"type";s:5:"label";s:4:"span";s:13:"all,redItalic";s:4:"name";s:3:"msg";}s:1:"B";a:1:{s:4:"type";s:5:"label";}}i:2;a:2:{s:1:"A";a:2:{s:4:"type";s:5:"label";s:5:"label";s:12:"Select users";}s:1:"B";a:1:{s:4:"type";s:5:"label";}}i:3;a:2:{s:1:"A";a:3:{s:4:"type";s:14:"select-account";s:4:"size";s:2:"15";s:4:"name";s:5:"users";}s:1:"B";a:1:{s:4:"type";s:5:"label";}}i:4;a:2:{s:1:"A";a:3:{s:4:"type";s:8:"checkbox";s:5:"label";s:21:"Set a random password";s:4:"name";s:9:"random_pw";}s:1:"B";a:1:{s:4:"type";s:5:"label";}}i:5;a:2:{s:1:"A";a:3:{s:4:"type";s:6:"select";s:4:"size";s:23:"Change password hash to";s:4:"name";s:4:"hash";}s:1:"B";a:5:{s:4:"type";s:4:"text";s:5:"label";s:12:"Current hash";s:4:"name";s:12:"current_hash";s:4:"span";s:5:",gray";s:8:"readonly";s:1:"1";}}i:6;a:2:{s:1:"A";a:3:{s:4:"type";s:8:"checkbox";s:5:"label";s:20:"Notify user by email";s:4:"name";s:6:"notify";}s:1:"B";a:1:{s:4:"type";s:5:"label";}}i:7;a:2:{s:1:"A";a:4:{s:4:"type";s:4:"text";s:4:"size";s:2:"64";s:4:"name";s:7:"subject";s:4:"blur";s:7:"Subject";}s:1:"B";a:3:{s:4:"type";s:5:"label";s:4:"span";s:5:",gray";s:5:"label";s:22:"Available placeholders";}}i:8;a:2:{s:1:"A";a:3:{s:4:"type";s:8:"textarea";s:4:"size";s:5:"15,64";s:4:"name";s:4:"body";}s:1:"B";a:7:{s:4:"type";s:4:"grid";s:4:"span";s:5:",gray";s:4:"name";s:12:"replacements";s:4:"data";a:2:{i:0;a:0:{}i:1;a:2:{s:1:"A";a:2:{s:4:"type";s:5:"label";s:4:"name";s:12:"${row}[name]";}s:1:"B";a:2:{s:4:"type";s:5:"label";s:4:"name";s:13:"${row}[label]";}}}s:4:"rows";i:1;s:4:"cols";i:2;s:7:"options";a:0:{}}}i:9;a:2:{s:1:"A";a:3:{s:4:"type";s:6:"button";s:5:"label";s:5:"Start";s:4:"name";s:5:"start";}s:1:"B";a:3:{s:4:"type";s:6:"button";s:5:"label";s:12:"Download CSV";s:4:"name";s:12:"download_csv";}}}s:4:"rows";i:9;s:4:"cols";i:2;}}','size' => '','style' => '','modified' => '1301655701',);
|
||||
|
||||
$templ_data[] = array('name' => 'admin.remotes','template' => '','lang' => '','group' => '0','version' => '1.5.001','data' => 'a:1:{i:0;a:6:{s:4:"type";s:4:"grid";s:4:"data";a:5:{i:0;a:3:{s:2:"h2";s:9:",!@remote";s:2:"h1";s:6:",!@msg";s:2:"h3";s:2:",1";}i:1;a:1:{s:1:"A";a:3:{s:4:"type";s:5:"label";s:4:"span";s:13:"all,redItalic";s:4:"name";s:3:"msg";}}i:2;a:1:{s:1:"A";a:4:{s:4:"type";s:8:"template";s:4:"size";s:6:"remote";s:4:"span";s:10:"all,border";s:4:"name";s:18:"admin.remotes.edit";}}i:3;a:1:{s:1:"A";a:3:{s:4:"type";s:8:"template";s:5:"align";s:5:"right";s:4:"name";s:26:"admin.remotes.header_right";}}i:4;a:1:{s:1:"A";a:3:{s:4:"type";s:9:"nextmatch";s:4:"name";s:2:"nm";s:4:"size";s:18:"admin.remotes.rows";}}}s:4:"rows";i:4;s:4:"cols";i:1;s:4:"size";s:4:"100%";s:7:"options";a:1:{i:0;s:4:"100%";}}}','size' => '100%','style' => '.border { border: black solid 2px; }','modified' => '1195926693',);
|
||||
|
||||
$templ_data[] = array('name' => 'admin.remotes.edit','template' => '','lang' => '','group' => '0','version' => '1.5.001','data' => 'a:1:{i:0;a:4:{s:4:"type";s:4:"grid";s:4:"data";a:9:{i:0;a:8:{s:2:"c2";s:2:"th";s:2:"c3";s:3:"row";s:2:"c5";s:3:"row";s:2:"c6";s:3:"row";s:2:"c4";s:3:"row";s:2:"c7";s:3:"row";s:2:"h5";s:14:",!@remote_hash";s:2:"h1";s:11:",@remote_id";}i:1;a:2:{s:1:"A";a:3:{s:4:"type";s:5:"label";s:4:"span";s:13:"all,redItalic";s:5:"label";s:97:"Remote administration need to be enabled in the remote instance under Admin > Site configuration!";}s:1:"B";a:1:{s:4:"type";s:5:"label";}}i:2;a:2:{s:1:"A";a:4:{s:4:"type";s:5:"label";s:4:"size";s:14:",,,remote_name";s:5:"label";s:4:"Name";s:6:"needed";s:1:"1";}s:1:"B";a:4:{s:4:"type";s:4:"text";s:4:"size";s:5:"64,64";s:4:"name";s:11:"remote_name";s:6:"needed";s:1:"1";}}i:3;a:2:{s:1:"A";a:3:{s:4:"type";s:5:"label";s:4:"size";s:13:",,,install_id";s:5:"label";s:10:"Install ID";}s:1:"B";a:4:{s:4:"type";s:4:"text";s:4:"size";s:24:"40,32,/^[a-f0-9]{0,32}$/";s:4:"name";s:10:"install_id";s:4:"help";s:75:"The install ID of an instance can be found under Admin > Site configuration";}}i:4;a:2:{s:1:"A";a:3:{s:4:"type";s:5:"label";s:4:"size";s:16:",,,config_passwd";s:5:"label";s:8:"Password";}s:1:"B";a:4:{s:4:"type";s:4:"text";s:4:"size";s:5:"40,32";s:4:"name";s:13:"config_passwd";s:4:"help";s:51:"Config password or md5 hash from the header.inc.php";}}i:5;a:2:{s:1:"A";a:2:{s:4:"type";s:5:"label";s:5:"label";s:4:"Hash";}s:1:"B";a:2:{s:4:"type";s:5:"label";s:4:"name";s:11:"remote_hash";}}i:6;a:2:{s:1:"A";a:3:{s:4:"type";s:5:"label";s:4:"size";s:13:",,,remote_url";s:5:"label";s:3:"URL";}s:1:"B";a:5:{s:4:"type";s:4:"text";s:4:"size";s:62:"64,128,/^https?:\\/\\/[a-z0-9._-]+(\\:[0-9]+)?(\\/[a-z0-9._-]+)*$/";s:4:"name";s:10:"remote_url";s:6:"needed";s:1:"1";s:4:"help";s:68:"URL of the eGroupWare installation, eg. http://domain.com/egroupware";}}i:7;a:2:{s:1:"A";a:3:{s:4:"type";s:5:"label";s:4:"size";s:16:",,,remote_domain";s:5:"label";s:8:"Instance";}s:1:"B";a:4:{s:4:"type";s:4:"text";s:4:"size";s:5:"64,64";s:4:"name";s:13:"remote_domain";s:4:"help";s:44:"Name of the eGroupWare instance, eg. default";}}i:8;a:2:{s:1:"A";a:6:{s:4:"type";s:4:"hbox";s:4:"size";s:1:"3";i:1;a:4:{s:4:"type";s:6:"button";s:5:"label";s:4:"Save";s:4:"name";s:12:"button[save]";s:4:"help";s:16:"Saves this entry";}s:4:"span";s:3:"all";i:2;a:4:{s:4:"type";s:6:"button";s:4:"name";s:13:"button[apply]";s:5:"label";s:5:"Apply";s:4:"help";s:17:"Apply the changes";}i:3;a:4:{s:4:"type";s:6:"button";s:5:"label";s:6:"Cancel";s:4:"name";s:14:"button[cancel]";s:4:"help";s:31:"leave without saveing the entry";}}s:1:"B";a:1:{s:4:"type";s:5:"label";}}}s:4:"rows";i:8;s:4:"cols";i:2;}}','size' => '','style' => '','modified' => '1195927476',);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user