extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-23 00:13:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Undo last change

Browse Source
This commit is contained in:
Miles Lott 2001-06-27 01:31:32 +00:00
parent f9eaea8572
commit 880bf3a86b
1 changed files with 249 additions and 475 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

724
phpgwapi/inc/class.accounts_ldap.inc.php
View File

@ -26,7 +26,7 @@
// Dont know where to put this (seek3r) // Dont know where to put this (seek3r)
// This is where it belongs (jengo) // This is where it belongs (jengo)
// This is where it ended up (milosch) // This is where it ended up (milosch)
/* Since LDAP will return system accounts, there are a few we don't want to login. */ /* Since LDAP will return system accounts, there are a few we don't want to login. */
$phpgw_info['server']['global_denied_users'] = array( $phpgw_info['server']['global_denied_users'] = array(
'root' => True, 'bin' => True, 'daemon' => True, 'root' => True, 'bin' => True, 'daemon' => True,
@ -43,25 +43,7 @@
'qmailr' => True, 'qmails' => True, 'rpc' => True, 'qmailr' => True, 'qmails' => True, 'rpc' => True,
'rpcuser' => True, 'amanda' => True, 'apache' => True, 'rpcuser' => True, 'amanda' => True, 'apache' => True,
'pvm' => True, 'squid' => True, 'ident' => True, 'pvm' => True, 'squid' => True, 'ident' => True,
'nscd' => True, 'mailnull' => True, 'cyrus' => True, 'nscd' => True, 'mailnull' => True, 'cyrus' => True
'backup' => True
);
$phpgw_info['server']['global_denied_groups'] = array(
'root' => True, 'bin' => True, 'daemon' => True,
'sys' => True, 'adm' => True, 'tty' => True,
'disk' => True, 'lp' => True, 'mem' => True,
'kmem' => True, 'wheel' => True, 'mail' => True,
'uucp' => True, 'man' => True, 'games' => True,
'dip' => True, 'ftp' => True, 'nobody' => True,
'floppy' => True, 'xfs' => True, 'console' => True,
'utmp' => True, 'pppusers' => True, 'popusers' => True,
'slipusers' => True, 'slocate' => True, 'mysql' => True,
'dnstools' => True, 'web' => True, 'named' => True,
'dba' => True, 'oinstall' => True, 'oracle' => True,
'gdm' => True, 'sweep' => True, 'cvs' => True,
'postgres' => True, 'qmail' => True, 'nofiles' => True,
'ldap' => True. 'backup' => True
); );
class accounts_ class accounts_
@ -80,32 +62,16 @@
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
/* get an ldap connection handle */ // get a ldap connection handle
$ds = $phpgw->common->ldapConnect(); $ds = $phpgw->common->ldapConnect();
$acct_type = $this->get_type($this->account_id);
/* search the dn for the given uid */ // search the dn for the given uid
if ( ($acct_type == 'g') && $phpgw_info['server']['ldap_group_context'] ) $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id);
{
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$this->account_id);
}
else
{
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id);
}
$allValues = ldap_get_entries($ds, $sri); $allValues = ldap_get_entries($ds, $sri);
/* Now dump it into the array; take first entry found */ /* Now dump it into the array; take first entry found */
if($acct_type =='g') $this->data['account_id'] = $allValues[0]['uidnumber'][0];
{ $this->data['account_lid'] = $allValues[0]['uid'][0];
$this->data['account_id'] = $allValues[0]['gidnumber'][0];
$this->data['account_lid'] = $allValues[0]['cn'][0];
}
else
{
$this->data['account_id'] = $allValues[0]['uidnumber'][0];
$this->data['account_lid'] = $allValues[0]['uid'][0];
}
$this->data['account_dn'] = $allValues[0]['dn']; $this->data['account_dn'] = $allValues[0]['dn'];
$this->data['firstname'] = $allValues[0]['givenname'][0]; $this->data['firstname'] = $allValues[0]['givenname'][0];
$this->data['lastname'] = $allValues[0]['sn'][0]; $this->data['lastname'] = $allValues[0]['sn'][0];
@ -115,13 +81,14 @@
$this->data['homedirectory'] = $allValues[0]['homedirectory'][0]; $this->data['homedirectory'] = $allValues[0]['homedirectory'][0];
$this->data['loginshell'] = $allValues[0]['loginshell'][0]; $this->data['loginshell'] = $allValues[0]['loginshell'][0];
} }
$this->db->query("SELECT * FROM phpgw_accounts WHERE account_id='" . $this->data['account_id'] . "'",__LINE__,__FILE__);
$this->db->next_record();
$this->data['lastlogin'] = $allValues[0]['phpgwaccountlastlogin'][0]; $this->data['lastlogin'] = $this->db->f('account_lastlogin');
$this->data['lastloginfrom'] = $allValues[0]['phpgwaccountlastloginfrom'][0]; $this->data['lastloginfrom'] = $this->db->f('account_lastloginfrom');
$this->data['lastpasswd_change'] = $allValues[0]['phpgwlastpasswdchange'][0]; $this->data['lastpasswd_change'] = $this->db->f('account_lastpwd_change');
$this->data['status'] = $allValues[0]['phpgwaccountstatus'][0]; $this->data['status'] = $this->db->f('account_status');
$this->data['type'] = $allValues[0]['phpgwaccounttype'][0]; $this->data['expires'] = -1;
$this->data['expires'] = $allValues[0]['phpgwaccountexpires'][0];
return $this->data; return $this->data;
} }
@ -131,28 +98,14 @@
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
$ds = $phpgw->common->ldapConnect(); $ds = $phpgw->common->ldapConnect();
$acct_type = $this->get_type($this->account_id);
/* search the dn for the given u/gidnumber */ // search the dn for the given uid
if ( ($acct_type == 'g') && $phpgw_info['server']['ldap_group_context'] ) $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id);
{
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$this->account_id);
}
else
{
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id);
}
$allValues = ldap_get_entries($ds, $sri); $allValues = ldap_get_entries($ds, $sri);
$entry['cn'] = sprintf("%s %s", $this->data['firstname'], $this->data['lastname']); $entry['cn'] = sprintf("%s %s", $this->data['firstname'], $this->data['lastname']);
$entry['sn'] = $this->data['lastname']; $entry['sn'] = $this->data['lastname'];
$entry['givenname'] = $this->data['firstname']; $entry['givenname'] = $this->data['firstname'];
$entry['phpgwaccountlastlogin'] = $this->data['lastlogin'];
$entry['phpgwaccountlastloginfrom'] = $this->data['lastloginfrom'];
$entry['phpgwlastpasswdchange'] = $this->data['lastpasswd_change'];
$entry['phpgwaccountstatus'] = $this->data['status'];
$entry['phpgwaccounttype'] = $this->data['type'];
$entry['phpgwaccountexpires'] = $this->data['expires'];
if ($phpgw_info['server']['ldap_extra_attributes']) if ($phpgw_info['server']['ldap_extra_attributes'])
{ {
@ -160,141 +113,31 @@
$entry['loginshell'] = $this->data['loginshell']; $entry['loginshell'] = $this->data['loginshell'];
} }
/* while (list($key,$val) = each($entry))
Changing the uid: Need to delete and add new, since
PHP cannot change the dn for the entry.
*/
if ($acct_type == 'g') { $test = $allValues[0]['cn'][0]; }
else { $test = $allValues[0]['uid'][0]; }
if ($test != $this->data['account_lid'])
{ {
ldap_delete($ds,$allValues[0]['dn']); $tmpentry = '';
unset($allValues[0]['dn']); $tmpentry[$key] = trim($val); // must trim!
while (list($key,$val) = each($allValues[0])) //echo '<br>'.$key.' '.$val;
if ($tmpentry[$key] && $key)
{ {
/* Don't include row count and headers */ if (!$allValues[0][$key][0])
if (gettype($key) == 'string' && $key != 'count')
{ {
if (is_array($val)) // attribute was not in LDAP, add it
{ ldap_mod_add($ds, $allValues[0]['dn'], $tmpentry);
if (count($val) == 1)
{
if($val[0]) { $entry[$key] = $val[0]; }
}
else
{
for ($i=0;$i<count($val);$i++)
{
if($val[$i]) { $entry[$key][$i] = $val[$i]; }
}
}
}
else
{
$entry[$key] = $val;
}
}
}
/* Groups */
if ($this->data['account_type'] == 'g' && $phpgw_info['server']['ldap_group_context'] )
{
$dn = 'cn='.$this->data['account_lid'].','.$phpgw_info['server']['ldap_group_context'];
$entry['cn'] = $this->data['account_lid'];
$entry['gidnumber'] = $this->data['account_id'];
/* $entry["objectclass"] = ''; */
$entry['objectclass'][0] = 'top';
$entry['objectclass'][1] = 'posixGroup';
$members = $this->members($this->data["account_id"]);
$entry['memberuid'] = array();
for ($i=0;$i<count($members);$i++)
{
$currname = $this->id2name($members[$i]['account_id']);
if (!$this->isin_array($currname,$entry['memberuid']))
{
$entry['memberuid'][] = $currname;
}
}
}
/* Accounts */
else
{
$dn = 'uid='.$this->data['account_lid'].','.$phpgw_info['server']['ldap_context'];
$entry['uidnumber'] = $this->data['account_id'];
$entry['cn'] = sprintf("%s %s", $this->data['firstname'], $this->data['lastname']);
$entry['uid'] = $this->data['account_lid'];
$entry['givenname'] = $this->data['firstname'];
$entry['sn'] = $this->data['lastname'];
$entry['objectclass'] = '';
$entry['objectclass'][0] = 'top';
$entry['objectclass'][1] = 'person';
$entry['objectclass'][2] = 'organizationalPerson';
$entry['objectclass'][3] = 'inetOrgPerson';
/* $entry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */
$entry['objectclass'][4] = 'posixAccount';
$entry['objectclass'][5] = 'shadowAccount';
$entry['objectclass'][6] = 'phpgwAccount';
if ($phpgw_info['server']['ldap_extra_attributes'])
{
$entry['homedirectory'] = $this->data['homedirectory'];
$entry['loginshell'] = $this->data['loginshell'];
}
}
/* print_r($entry); exit;*/
ldap_add($ds, $dn, $entry);
}
/* Normal behavior for save_repository */
else
{
if ($this->data['account_type'] == 'g' && $phpgw_info['server']['ldap_group_context'] )
{
$members = $this->members($this->data['account_id']);
$entry['memberuid'] = array();
for ($i=0;$i<count($members);$i++)
{
$currname = $this->id2name($members[$i]['account_id']);
if (!$this->isin_array($currname,$entry['memberuid']))
{
$entry['memberuid'][] = $currname;
}
}
unset($entry['givenname']);
unset($entry['sn']);
}
while (list($key,$val) = each($entry))
{
$tmpentry = '';
if(is_array($val))
{
$tmpentry[$key] = $val;
} }
else else
{ {
$tmpentry[$key] = trim($val); /* must trim! */ // attribute was in LDAP, modify it
} //echo $val.' ';
ldap_modify($ds, $allValues[0]['dn'], $tmpentry);
if ($tmpentry[$key] && $key)
{
if (!$allValues[0][$key][0])
{
/* attribute was not in LDAP, add it */
ldap_mod_add($ds, $allValues[0]['dn'], $tmpentry);
}
else
{
/* attribute was in LDAP, modify it */
ldap_modify($ds, $allValues[0]['dn'], $tmpentry);
}
} }
} }
} }
}
function isin_array($needle,$haystack=array()) $this->db->query("update phpgw_accounts set account_firstname='" . $this->data['firstname']
{ . "', account_lastname='" . $this->data['lastname'] . "', account_status='"
for($i=0;$i<count($haystack) && $haystack[$i] !=$needle;$i++); . $this->data['status'] . "' where account_id='" . $this->account_id . "'",__LINE__,__FILE__);
return ($i!=count($haystack));
} }
function delete($accountid = '') function delete($accountid = '')
@ -312,7 +155,7 @@
$del = ldap_delete($ds, $allValues[0]['dn']); $del = ldap_delete($ds, $allValues[0]['dn']);
} }
/* Do this last since we are depending upon this record to get the account_lid above */ // Do this last since we are depending upon this record to get the account_lid above
$tables_array = Array('phpgw_accounts'); $tables_array = Array('phpgw_accounts');
$this->db->lock($tables_array); $this->db->lock($tables_array);
$this->db->query('DELETE FROM phpgw_accounts WHERE account_id='.$account_id); $this->db->query('DELETE FROM phpgw_accounts WHERE account_id='.$account_id);
@ -325,70 +168,72 @@
if ($offset) if ($offset)
{ {
$limitclause = '';//$phpgw->db->limit($start,$offset); $limitclause = $phpgw->db->limit($start,$offset);
} }
elseif ($start && !$offset) elseif ($start && !$offset)
{ {
$limitclause = '';//$phpgw->db->limit($start); $limitclause = $phpgw->db->limit($start);
} }
if (! $sort) if (! $sort)
{ {
$sort = '';//"desc"; $sort = 'desc';
} }
if ($order) if ($order)
{ {
$orderclause = '';//"order by $order $sort"; $orderclause = "ORDER BY $order $sort";
} }
else else
{ {
$orderclause = '';//"order by account_lid,account_lastname,account_firstname asc"; $orderclause = 'ORDER BY account_lid,account_lastname,account_firstname ASC';
} }
$ds = $phpgw->common->ldapConnect(); $ds = $phpgw->common->ldapConnect();
if ($_type == 'both' || $_type == 'accounts') switch($_type)
{ {
$sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], '(&(uidnumber=*)(phpgwaccounttype=u))'); case 'accounts':
$allValues = ldap_get_entries($ds, $sri); $whereclause = "WHERE account_type = 'u'";
while (list($null,$allVals) = @each($allValues)) break;
case 'groups':
$whereclause = "WHERE account_type = 'g'";
break;
default:
$whereclause = '';
}
$sql = "SELECT * FROM phpgw_accounts $whereclause $orderclause $limitclause";
$this->db->query($sql,__LINE__,__FILE__);
while ($this->db->next_record())
{
// get user information from ldap only, if it's a user, not a group
if ($this->db->f('account_type') == 'u')
{ {
$test = $allVals['uid'][0]; $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->db->f('account_id'));
if (!$phpgw_info['server']['global_denied_users'][$test]) $allValues = ldap_get_entries($ds, $sri);
{ $accounts[] = Array(
$accounts[] = Array( 'account_id' => $allValues[0]['uidnumber'][0],
'account_id' => $allVals['uidnumber'][0], 'account_lid' => $allValues[0]['uid'][0],
'account_lid' => $allVals['uid'][0], 'account_type' => $this->db->f('account_type'),
'account_type' => $allVals['phpgwaccounttype'], 'account_firstname' => $allValues[0]['givenname'][0],
'account_firstname' => $allVals['givenname'][0], 'account_lastname' => $allValues[0]['sn'][0],
'account_lastname' => $allVals['sn'][0], 'account_status' => $this->db->f('account_status')
'account_status' => $allVals['phpgwaccountstatus'][0] );
); }
} else
{
$accounts[] = Array(
'account_id' => $this->db->f('account_id'),
'account_lid' => $this->db->f('account_lid'),
'account_type' => $this->db->f('account_type'),
'account_firstname' => $this->db->f('account_firstname'),
'account_lastname' => $this->db->f('account_lastname'),
'account_status' => $this->db->f('account_status')
);
} }
} }
elseif ($_type == 'both' || $_type == 'groups')
{
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], '(|(gidnumber=*)(phpgwaccounttype=g))');
$allValues = ldap_get_entries($ds, $sri);
while (list($null,$allVals) = @each($allValues))
{
$test = $allVals['cn'][0];
if (!$phpgw_info['server']['global_denied_groups'][$test])
{
$accounts[] = Array(
'account_id' => $allVals['gidnumber'][0],
'account_lid' => $allVals['cn'][0],
'account_type' => $allVals['phpgwaccounttype'],
'account_firstname' => $allVals['givenname'][0],
'account_lastname' => $allVals['sn'][0],
'account_status' => $allVals['phpgwaccountstatus'][0]
);
}
}
}
$this->total = count($accounts);
return $accounts; return $accounts;
} }
@ -396,129 +241,11 @@
{ {
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$ds = $phpgw->common->ldapConnect(); $this->db->query("SELECT account_id FROM phpgw_accounts WHERE account_lid='".$account_lid."'",__LINE__,__FILE__);
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "uid=$account_lid"); if($this->db->num_rows())
$allValues = ldap_get_entries($ds, $sri);
if ($allValues[0]['uidnumber'][0])
{ {
return $allValues[0]['uidnumber'][0]; $this->db->next_record();
} return intval($this->db->f('account_id'));
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], "cn=$account_id");
$allValues = ldap_get_entries($ds, $sri);
if ($allValues[0]['gidnumber'][0])
{
return $allValues[0]['gidnumber'][0];
}
return False;
}
function id2name($account_id)
{
global $phpgw, $phpgw_info;
$ds = $phpgw->common->ldapConnect();
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "uidnumber=$account_id");
$allValues = ldap_get_entries($ds, $sri);
if ($allValues[0]['uid'][0])
{
return $allValues[0]['uid'][0];
}
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], "gidnumber=$account_id");
$allValues = ldap_get_entries($ds, $sri);
if ($allValues[0]['uid'][0])
{
return $allValues[0]['uid'][0];
}
return False;
}
function get_type($accountid = '')
{
global $phpgw, $phpgw_info;
$account_id = get_account_id($accountid);
$ds = $phpgw->common->ldapConnect();
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "uid=$account_id");
$allValues = ldap_get_entries($ds, $sri);
if ($allValues[0]['phpgwaccounttype'][0])
{
return $allValues[0]['phpgwaccounttype'][0];
}
$allValues = array();
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], "cn=$account_id");
$allValues = ldap_get_entries($ds, $sri);
if ($allValues[0]['phpgwaccounttype'][0])
{
return $allValues[0]['phpgwaccounttype'][0];
}
return False;
}
function exists($account_lid)
{
global $phpgw, $phpgw_info;
if(gettype($account_lid) == 'integer')
{
$account_id = $account_lid;
settype($account_lid,'string');
$account_lid = $this->id2name($account_id);
$searchlid = 0;
}
else
{
$searchlid = 1;
$account_id = $this->name2id($account_lid);
}
$ds = $phpgw->common->ldapConnect();
$acct_type = $this->acct_type;
if ($acct_type == 'g' && $phpgw_info['server']['ldap_group_context'])
{
if($searchlid)
{
/* echo '<br>searching LDAP groups for lid: '.$account_lid; */
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'cn='.$account_lid);
}
else
{
/* echo '<br>searching LDAP groups for id: '.$account_id; */
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$account_id);
}
}
else
{
if($searchlid)
{
/* echo '<br>searching LDAP accounts for lid: '.$account_lid; */
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uid='.$account_lid);
}
else
{
/* echo '<br>searching LDAP accounts for id: '.$account_id; */
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$account_id);
}
}
$allValues = ldap_get_entries($ds, $sri);
if ($allValues[0]['dn'])
{
return True;
} }
else else
{ {
@ -526,37 +253,130 @@
} }
} }
function id2name($account_id)
{
global $phpgw, $phpgw_info;
$this->db->query("SELECT account_lid FROM phpgw_accounts WHERE account_id='".$account_id."'",__LINE__,__FILE__);
if($this->db->num_rows())
{
$this->db->next_record();
return $this->db->f('account_lid');
}
else
{
return False;
}
}
function get_type($accountid = '')
{
global $phpgw, $phpgw_info;
$account_id = get_account_id($accountid);
$this->db->query("SELECT account_type FROM phpgw_accounts WHERE account_id='".$account_id."'",__LINE__,__FILE__);
if ($this->db->num_rows())
{
$this->db->next_record();
return $this->db->f('account_type');
}
else
{
return False;
}
}
/*
* returns nonzero if $account exists in SQL or LDAP: 0: nowhere 1: SQL, 2: LDAP, 3: SQL+LDAP
* $account can be an account_id (LDAP: uidnumber) or an account_lid (LDAP: uid) (is determinded by gettype($account) == 'interger')
*/
function exists($account)
{
global $phpgw, $phpgw_info;
if(gettype($account) == 'integer')
{
$sql_name = 'account_id';
$ldap_name = 'uidnumber';
}
else
{
$sql_name = 'account_lid';
$ldap_name = 'uid';
}
$this->db->query("SELECT count(*) FROM phpgw_accounts WHERE $sql_name='$account'",__LINE__,__FILE__);
$this->db->next_record();
if ($this->db->f(0))
{
$in += 1;
}
$ds = $phpgw->common->ldapConnect();
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "$ldap_name=$account");
$allValues = ldap_get_entries($ds, $sri);
if ($allValues[0]['dn'])
{
$in += 2;
}
// echo "<p>class_accounts_ldap->exists('$account') == $in</p>";
return $in;
}
function create($account_info) function create($account_info)
{ {
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
$ds = $phpgw->common->ldapConnect(); $ds = $phpgw->common->ldapConnect();
$this->acct_type = $account_type;
/* echo '<br>in create for account_lid: "'.$account_lid.'"'; */ if (!($account_id = $account_info['account_id']))
if (empty($account_info['id']) || !$account_info['id'])
{ {
$account_id = $this->get_nextid(); if ($phpgw_info['server']['account_min_id']) { $min = $phpgw_info['server']['account_min_id']; }
/* echo '<br>using'.$account_id;exit; */ if ($phpgw_info['server']['account_max_id']) { $max = $phpgw_info['server']['account_max_id']; }
}
$entry['userpasswd'] = $account_info['account_passwd'];
// $entry['phpgwaccountlastlogin'] = $account_info['lastlogin'];
// $entry['phpgwaccountlastloginfrom'] = $account_info['lastloginfrom'];
// $entry['phpgwlastpasswdchange'] = $account_info['lastpasswd_change'];
// $entry['phpgwaccountstatus'] = $account_info['account_status'];
$entry['phpgwaccounttype'] = $account_info['account_type'];
$entry['phpgwaccountexpires'] = $account_info['account_expires'];
if ($account_type == 'g') $nextid = $phpgw->common->last_id('accounts_ldap',$min,$max);
{
$sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'cn=' . $account_info['account_lid']); // Loop until we find a free id
} $free = 0;
else while (!$free)
{ {
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uid=' . $account_info['account_lid']); $ldap_fields = '';
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'],'uidnumber='.$nextid);
$ldap_test = ldap_get_entries($ds, $sri);
if ($ldap_test[0]['dn'][0])
{
$nextid = $phpgw->common->next_id('accounts_ldap',$min,$max);
}
else
{
$free = True;
}
}
if ($phpgw_info['server']['account_max_id'] && ($nextid > $phpgw_info['server']['account_max_id']))
{
return False;
}
$account_id = $nextid;
//echo $account_id;exit;
} }
$this->db->query("INSERT INTO phpgw_accounts (account_id, account_lid, account_type, account_pwd, "
. "account_firstname, account_lastname, account_status, account_expires) VALUES ('" . $account_id . "','" . $account_info['account_lid']
. "','" . $account_info['account_type'] . "','" . md5($account_info['account_passwd']) . "', '" . $account_info['account_firstname']
. "','" . $account_info['account_lastname'] . "','" . $account_info['account_status'] . "'," . $account_info['account_expires'] . ")",__LINE__,__FILE__);
$sri = ldap_search($ds, $phpgw_info['server']['ldap_context'],'uid=' . $account_info['account_lid']);
$allValues = ldap_get_entries($ds, $sri); $allValues = ldap_get_entries($ds, $sri);
$entry['uidnumber'] = $account_id;
$entry['uid'] = $account_info['account_lid'];
$entry['cn'] = sprintf('%s %s', $account_info['account_firstname'], $account_info['account_lastname']);
$entry['sn'] = $account_info['account_lastname'];
$entry['givenname'] = $account_info['account_firstname'];
$entry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']);
if ($phpgw_info['server']['ldap_extra_attributes'] && $account_info['account_type'] != 'g') if ($phpgw_info['server']['ldap_extra_attributes'] && $account_info['account_type'] != 'g')
{ {
if ($account_home) if ($account_home)
@ -580,144 +400,98 @@
if ($allValues[0]['dn']) if ($allValues[0]['dn'])
{ {
/* This should keep the password from being overwritten here on ldap import */ // This should keep the password from being overwritten here ?
unset($entry['userpassword']); unset($entry['userpassword']);
$entry['gidnumber'] = $account_id;
while (list($key,$val) = each($entry)) while (list($key,$val) = each($entry))
{ {
$tmpentry = ''; $tmpentry = '';
$tmpentry[$key] = trim($val); /* must trim! */ $tmpentry[$key] = trim($val); // must trim!
/* echo '<br>'.$key.' '.$val; */ //echo '<br>'.$key.' '.$val;
if ($tmpentry[$key]) if ($tmpentry[$key])
{ {
if (!$allValues[0][$key][0]) if (!$allValues[0][$key][0])
{ {
/* attribute was not in LDAP, add it */ // attribute was not in LDAP, add it
ldap_mod_add($ds, $allValues[0]["dn"], $tmpentry); ldap_mod_add($ds, $allValues[0]['dn'], $tmpentry);
} }
else else
{ {
/* attribute was in LDAP, modify it */ // attribute was in LDAP, modify it
ldap_modify($ds, $allValues[0]["dn"], $tmpentry); ldap_modify($ds, $allValues[0]['dn'], $tmpentry);
} }
} }
} }
if ($account_type == 'g') // if ($account_type == 'g')
// {
// $tmpentry['objectclass'][0] = 'top';
// $tmpentry['objectclass'][1] = 'posixGroup';
// }
// else
if ($account_info['account_type'] == 'u')
{ {
$tmpentry['objectclass'][0] = 'top';
$tmpentry['objectclass'][1] = 'posixGroup';
}
else
{
$tmpentry['uidnumber'] = $account_id;
$tmpentry['objectclass'][0] = 'top'; $tmpentry['objectclass'][0] = 'top';
$tmpentry['objectclass'][1] = 'person'; $tmpentry['objectclass'][1] = 'person';
$tmpentry['objectclass'][2] = 'organizationalPerson'; $tmpentry['objectclass'][2] = 'organizationalPerson';
$tmpentry['objectclass'][3] = 'inetOrgPerson'; $tmpentry['objectclass'][3] = 'inetOrgPerson';
$tmpentry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']); $tmpentry['objectclass'][4] = 'account';
/* $tmpentry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */ $tmpentry['objectclass'][5] = 'posixAccount';
$tmpentry['objectclass'][4] = 'posixAccount'; $tmpentry['objectclass'][6] = 'shadowAccount';
$tmpentry['objectclass'][5] = 'shadowAccount';
$tmpentry['objectclass'][6] = 'phpgwAccount';
$tmpentry['phpgwaccountstatus'] = $account_info['account_status'];
$tmpentry['phpgwaccounttype'] = $account_info['account_type'];
$tmpentry['phpgwaccountexpires'] = $account_info['account_expires'];
} }
ldap_modify($ds, $allValues[0]["dn"], $tmpentry);
ldap_modify($ds, $allValues[0]['dn'], $tmpentry);
} }
else else
{ {
/* Not already there, we will add it */ // if ($account_type == 'g')
if ($account_type == "g") // {
{ // $entry['objectclass'][0] = 'top';
$dn = 'cn='.$account_info['account_lid'] . ',' . $phpgw_info['server']['ldap_group_context']; // $entry['objectclass'][1] = 'posixGroup';
unset($entry['homedirectory']); // }
unset($entry['loginshell']); // else
$entry['objectclass'][0] = 'top'; if ($account_info['account_type'] == 'u')
$entry['objectclass'][1] = 'posixGroup';
$entry['cn'] = $account_info['account_lid'];
$entry['gidnumber'] = $account_id;
$entry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']);
$entry['description'] = 'phpgw-created group';
}
else
{ {
$dn = 'uid=' . $account_info['account_lid'] . ',' . $phpgw_info['server']['ldap_context']; $dn = 'uid=' . $account_info['account_lid'] . ',' . $phpgw_info['server']['ldap_context'];
$entry['cn'] = sprintf("%s %s", $account_info['account_firstname'], $account_info['account_lastname']);
$entry['sn'] = $account_info['account_lastname'];
$entry['givenname'] = $account_info['account_firstname'];
$entry['uid'] = $account_info['account_lid'];
$entry['uidnumber'] = $account_id;
$entry['uidnumber'] = $phpgw->common->encrypt_password($account_info['account_passwd']);
if ($phpgw_info['server']['ldap_group_id'])
{
$entry['gidnumber'] = $phpgw_info['server']['ldap_group_id'];
}
else
{
$entry['gidnumber'] = $account_id;
}
$entry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']);
$entry['objectclass'][0] = 'top'; $entry['objectclass'][0] = 'top';
$entry['objectclass'][1] = 'person'; $entry['objectclass'][1] = 'person';
$entry['objectclass'][2] = 'organizationalPerson'; $entry['objectclass'][2] = 'organizationalPerson';
$entry['objectclass'][3] = 'inetOrgPerson'; $entry['objectclass'][3] = 'inetOrgPerson';
/* $entry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */ $entry['objectclass'][4] = 'account';
$entry['objectclass'][4] = 'posixAccount'; $entry['objectclass'][5] = 'posixAccount';
$entry['objectclass'][5] = 'shadowAccount'; $entry['objectclass'][6] = 'shadowAccount';
$entry['objectclass'][5] = 'phpgwAccount';
}
ldap_add($ds, $dn, $entry); ldap_add($ds, $dn, $entry);
}
//ldap_add($ds, $dn, $entry);
} }
/* print ldap_error($ds); */ //print ldap_error($ds);
} }
function auto_add($accountname, $passwd, $default_prefs = False, $default_acls = False, $expiredate = 0, $account_status = 'A') function auto_add($account_name, $passwd, $default_prefs=False, $default_acls= False)
{ {
return False; print "not done until now auto_generate class.accounts_ldap.inc.php<br>";
exit();
global $phpgw, $phpgw_info; global $phpgw, $phpgw_info;
$accountid = mt_rand (100, 600000);
if (! $expiredate) if ($defaultprefs =='')
{ {
/* expire in 30 days by default */ $defaultprefs = 'a:5:{s:6:"common";a:10:{s:9:"maxmatchs";s:2:"15";s:12:"template_set";s:8:"verdilak";s:5:"theme";s:6:"purple";s:13:"navbar_format";s:5:"icons";s:9:"tz_offset";N;s:10:"dateformat";s:5:"m/d/Y";s:10:"timeformat";s:2:"12";s:4:"lang";s:2:"en";s:11:"default_app";N;s:8:"currency";s:1:"$";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}:s:8:"calendar";a:4:{s:13:"workdaystarts";s:1:"7";s:11:"workdayends";s:2:"15";s:13:"weekdaystarts";s:6:"Monday";s:15:"defaultcalendar";s:9:"month.php";}}';
$expiredate = time() + ( ( 60 * 60 ) * (30 * 24) ); // $defaultprefs = 'a:5:{s:6:"common";a:1:{s:0:"";s:2:"en";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}s:8:"calendar";a:1:{s:0:"";s:13:"workdaystarts";}i:15;a:1:{s:0:"";s:11:"workdayends";}s:6:"Monday";a:1:{s:0:"";s:13:"weekdaystarts";}}';
} }
$sql = "insert into phpgw_accounts";
$acct_info = array( $sql .= "(account_id, account_lid, account_pwd, account_firstname, account_lastname, account_lastpwd_change, account_status, account_type)";
'account_lid' => $accountname, $sql .= "values (".$accountid.", '".$accountname."', '".md5($passwd)."', '".$accountname."', 'AutoCreated', ".time().", 'A','u')";
'account_type' => 'u', $this->db->query($sql);
'account_passwd' => $passwd, $this->db->query("insert into phpgw_preferences (preference_owner, preference_value) values ('".$accountid."', '$defaultprefs')");
'account_firstname' => 'New', $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights)values('preferences', 'changepassword', ".$accountid.", 'u', 1)",__LINE__,__FILE__);
'account_lastname' => 'User', $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('phpgw_group', '1', ".$accountid.", 'u', 1)",__LINE__,__FILE__);
'account_status' => $account_status, $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('addressbook', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__);
'account_expires' => mktime(2,0,0,date('n',$expiredate), intval(date('d',$expiredate)), date('Y',$expiredate)) $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('filemanager', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__);
); $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('calendar', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__);
$this->create($acct_info); $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('email', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__);
$accountid = $this->name2id($accountname); $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('notes', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__);
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('todo', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__);
$this->db->transaction_begin();
if ($default_prefs == False)
{
$default_prefs = 'a:5:{s:6:"common";a:10:{s:9:"maxmatchs";s:2:"15";s:12:"template_set";s:8:"verdilak";s:5:"theme";s:6:"purple";s:13:"navbar_format";s:5:"icons";s:9:"tz_offset";N;s:10:"dateformat";s:5:"m/d/Y";s:10:"timeformat";s:2:"12";s:4:"lang";s:2:"en";s:11:"default_app";N;s:8:"currency";s:1:"$";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}:s:8:"calendar";a:4:{s:13:"workdaystarts";s:1:"7";s:11:"workdayends";s:2:"15";s:13:"weekdaystarts";s:6:"Monday";s:15:"defaultcalendar";s:9:"month.php";}}';
$this->db->query("insert into phpgw_preferences (preference_owner, preference_value) values ('".$accountid."', '$default_prefs')");
}
if ($default_acls == False)
{
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)values('preferences', 'changepassword', ".$accountid.", 1)",__LINE__,__FILE__);
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('phpgw_group', '1', ".$accountid.", 1)",__LINE__,__FILE__);
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('addressbook', 'run', ".$accountid.", 1)",__LINE__,__FILE__);
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('filemanager', 'run', ".$accountid.", 1)",__LINE__,__FILE__);
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('calendar', 'run', ".$accountid.", 1)",__LINE__,__FILE__);
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('email', 'run', ".$accountid.", 1)",__LINE__,__FILE__);
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('notes', 'run', ".$accountid.", 1)",__LINE__,__FILE__);
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('todo', 'run', ".$accountid.", 1)",__LINE__,__FILE__);
}
$this->db->transaction_commit();
return $accountid; return $accountid;
} }