fixed and extended auto_create_accounts: the following information from ldap are now automaticaly stored in the sql-account:

- name & firstname - primary group (if a group with that numerical id exists in eGW, its added as primary group to the account and acl) - numerical account-id (if availible, no new one gets created, but the one from ldap is used) - email (as preference for the email-app)
2024-10-06 18:12:22 +02:00 · 2004-05-22 11:00:18 +00:00 · 2004-05-22 11:00:18 +00:00 · eed94133c3
commit eed94133c3
parent 3a42857913
2 changed files with 57 additions and 43 deletions
--- a/phpgwapi/inc/class.accounts_sql.inc.php
+++ b/phpgwapi/inc/class.accounts_sql.inc.php
@ -9,7 +9,7 @@
 	* Copyright (C) 2003 Joseph Engo, Bettina Gille                            *
 	* ------------------------------------------------------------------------ *
 	* This library is part of the eGroupWare API                               *
-	* http://www.egroupware.org                                                * 
+	* http://www.egroupware.org                                                *
 	* ------------------------------------------------------------------------ *
 	* This library is free software; you can redistribute it and/or modify it  *
 	* under the terms of the GNU Lesser General Public License as published by *
@ -277,11 +277,19 @@
 			return $ret_val;
 		}

-		function create($account_info,$default_prefs=True)
+		function create($account_info)
 		{
-			$this->db->query('INSERT INTO phpgw_accounts (account_lid,account_type,account_pwd,'
+			if (isset($account_info['account_id']) && (!(int)$account_info['account_id'] || $this->id2name($account_info['account_id'])))
+			{
+				// account_id already used => discard it
+				unset($account_info['account_id']);
+			}
+			$this->db->query('INSERT INTO phpgw_accounts ('.(isset($account_info['account_id'])?'account_id,':'')
+				. 'account_lid,account_type,account_pwd,'
 				. 'account_firstname,account_lastname,account_status,account_expires,person_id,'
-				. "account_primary_group) VALUES ('".$this->db->db_addslashes($account_info['account_lid'])
+				. 'account_primary_group) VALUES ('
+				. (isset($account_info['account_id'])?(int)$account_info['account_id'].',':'')
+				. "'" . $this->db->db_addslashes($account_info['account_lid'])
 				. "','" . $this->db->db_addslashes($account_info['account_type'])
 				. "','" . $GLOBALS['phpgw']->common->encrypt_password($account_info['account_passwd'], True)
 				. "', '" . $this->db->db_addslashes($account_info['account_firstname'])
@ -293,12 +301,6 @@

 			$accountid = $this->db->get_last_insert_id('phpgw_accounts','account_id');

-/* default prefs dont need to be set anymore
-			if($accountid && is_object($GLOBALS['phpgw']->preferences) && $default_prefs)
-			{
-				$GLOBALS['phpgw']->preferences->create_defaults($accountid);
-			}
-*/
 			return $accountid;
 		}

@ -329,21 +331,40 @@
 					$expires   = mktime(2,0,0,date('n',$expiredate), (int)date('d',$expiredate), date('Y',$expiredate));
 				}
 			}
+			$primary_group = $GLOBALS['auto_create_acct']['primary_group'] &&
+				$this->get_type((int)$GLOBALS['auto_create_acct']['primary_group']) == 'g' ?
+				(int) $GLOBALS['auto_create_acct']['primary_group'] : 0;

 			$acct_info = array(
+				'account_id'        => (int) $GLOBALS['auto_create_acct']['id'],
 				'account_lid'       => $accountname,
 				'account_type'      => 'u',
 				'account_passwd'    => $passwd,
-				'account_firstname' => '',
-				'account_lastname'  => '',
+				'account_firstname' => $GLOBALS['auto_create_acct']['firstname'],
+				'account_lastname'  => $GLOBALS['auto_create_acct']['lastname'],
 				'account_status'    => $account_status,
-				'account_expires'   => $expires
+				'account_expires'   => $expires,
+				'account_primary_group' => $primary_group,
 			);

 			$this->db->transaction_begin();
-			$this->create($acct_info,$default_prefs);
+			$this->create($acct_info);
 			$accountid = $this->name2id($accountname);
-
+			// if we have a primary_group, add it as "regular" eGW group (via ACL) too
+			if ($accountid && $primary_group)
+			{
+				$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('phpgw_group', "
+					. $primary_group . ', ' . $accountid . ', 1)',__LINE__,__FILE__);
+			}
+			// if we have an mail address set it as email pref
+			if ($accountid && @$GLOBALS['auto_create_acct']['email'])
+			{
+				$GLOBALS['phpgw']->acl->acl($accountid);	// needed als preferences::save_repository calls acl
+				$GLOBALS['phpgw']->preferences->preferences($accountid);
+				$GLOBALS['phpgw']->preferences->read_repository();
+				$GLOBALS['phpgw']->preferences->add('email','address',$GLOBALS['auto_create_acct']['email']);
+				$GLOBALS['phpgw']->preferences->save_repository();
+			}
 			if ($default_acls == False)
 			{
 				$default_group_lid = $GLOBALS['phpgw_info']['server']['default_group_lid'];
@ -365,9 +386,7 @@
 						'addressbook',
 						'calendar',
 						'email',
-						'notes',
-						'todo',
-						'phpwebhosting',
+						'infolog',
 						'manual'
 					) as $app)
 					{
--- a/phpgwapi/inc/class.auth_ldap.inc.php
+++ b/phpgwapi/inc/class.auth_ldap.inc.php
@ -31,12 +31,6 @@

 		function authenticate($username, $passwd)
 		{
-			/*
-			error_reporting MUST be set to zero, otherwise you'll get nasty LDAP errors with a bad login/pass...
-			these are just "warnings" and can be ignored.....
-			*/
-			error_reporting(0);
-
 			if (ereg('[()|&=*,<>!~]',$username))
 			{
 				return False;
@ -60,7 +54,7 @@
 				return False;
 			}
 			/* find the dn for this uid, the uid is not always in the dn */
-			$attributes	= array('uid', 'dn');
+			$attributes	= array('uid','dn','givenName','sn','mail','uidNumber','gidNumber');
 			if ($GLOBALS['phpgw_info']['server']['account_repository'] == 'ldap')
 			{
 				$filter = "(&(uid=$username)(phpgwaccountstatus=A))";
@ -69,8 +63,10 @@
 			{
 				$filter = "(uid=$username)";
 			}
+
 			$sri = ldap_search($ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $attributes);
 			$allValues = ldap_get_entries($ldap, $sri);
+
 			if ($allValues['count'] > 0)
 			{
 				if($GLOBALS['phpgw_info']['server']['case_sensitive_username'] == true)
@ -96,16 +92,29 @@
 					if ($GLOBALS['phpgw_info']['server']['account_repository'] != 'ldap')
 					{
 						$account = CreateObject('phpgwapi.accounts',$username,'u');
+						if (!$account->account_id && $GLOBALS['phpgw_info']['server']['auto_create_acct'])
+						{
+							// create a global array with all availible info about that account
+							$GLOBALS['auto_create_acct'] = array();
+							foreach(array(
+								'givenname' => 'firstname',
+								'sn'        => 'lastname',
+								'uidnumber' => 'id',
+								'mail'      => 'email',
+								'gidnumber' => 'primary_group',
+							) as $ldap_name => $acct_name)
+							{
+								$GLOBALS['auto_create_acct'][$acct_name] =
+									$GLOBALS['phpgw']->translation->convert($allValues[0][$ldap_name][0],'utf-8');
+							}
+							return True;
+						}
 						$data = $account->read_repository();
 						return $data['status'] == 'A';
 					}
 					return True;
 				}
 			}
-
-			/* Turn error reporting back to normal */
-			error_reporting(7);
-
 			/* dn not found or password wrong */
 			return False;
 		}
@ -133,20 +142,6 @@
 			return $entry['userpassword'];
 		}

-		/* This data needs to be updated in LDAP, not SQL (jengo) */
-		function old_update_lastlogin($account_id, $ip)
-		{
-			$GLOBALS['phpgw']->db->query("SELECT account_lastlogin FROM phpgw_accounts WHERE account_id='$account_id'",__LINE__,__FILE__);
-			$GLOBALS['phpgw']->db->next_record();
-			$this->previous_login = $GLOBALS['phpgw']->db->f('account_lastlogin');
-
-			$now = time();
-
-			$GLOBALS['phpgw']->db->query("UPDATE phpgw_accounts SET account_lastloginfrom='"
-				. "$ip', account_lastlogin='" . $now
-				. "' WHERE account_id='$account_id'",__LINE__,__FILE__);
-		}
-
 		function update_lastlogin($_account_id, $ip)
 		{
 			$entry['phpgwaccountlastlogin']     = time();