From 1dda9847acbdc3bc39a642bcd43928b53593afa3 Mon Sep 17 00:00:00 2001 From: Miles Lott Date: Thu, 28 Jun 2001 00:35:44 +0000 Subject: [PATCH] This should now work, with setup3 and phpgw --- phpgwapi/inc/class.accounts_ldap_wip.inc.php | 480 +++++++++---------- 1 file changed, 231 insertions(+), 249 deletions(-) diff --git a/phpgwapi/inc/class.accounts_ldap_wip.inc.php b/phpgwapi/inc/class.accounts_ldap_wip.inc.php index 46378569a0..e9a65d142f 100644 --- a/phpgwapi/inc/class.accounts_ldap_wip.inc.php +++ b/phpgwapi/inc/class.accounts_ldap_wip.inc.php @@ -40,10 +40,11 @@ 'alias' => True, 'web' => True, 'sweep' => True, 'cvs' => True, 'qmaild' => True, 'qmaill' => True, 'qmaillog' => True, 'qmailp' => True, 'qmailq' => True, - 'qmailr' => True, 'qmails' => True, 'nscd' => True, - 'rpc' => True, 'rpcuser' => True, 'amanda' => True, - 'apache' => True, 'pvm' => True, 'squid' => True, - 'ident' => True, 'mailnull' => True + 'qmailr' => True, 'qmails' => True, 'rpc' => True, + 'rpcuser' => True, 'amanda' => True, 'apache' => True, + 'pvm' => True, 'squid' => True, 'ident' => True, + 'nscd' => True, 'mailnull' => True, 'cyrus' => True, + 'backup' => True ); $phpgw_info['server']['global_denied_groups'] = array( @@ -60,59 +61,62 @@ 'dba' => True, 'oinstall' => True, 'oracle' => True, 'gdm' => True, 'sweep' => True, 'cvs' => True, 'postgres' => True, 'qmail' => True, 'nofiles' => True, - 'ldap' => True + 'ldap' => True, 'backup' => True ); class accounts_ { + var $db; var $account_id; - var $acct_type = ''; var $data; - var $total; function accounts_() { global $phpgw; + $this->db = $phpgw->db; } function read_repository() { global $phpgw, $phpgw_info; - // get a ldap connection handle + /* get an ldap connection handle */ $ds = $phpgw->common->ldapConnect(); $acct_type = $this->get_type($this->account_id); - // search the dn for the given uid - if ( ($acct_type == "g") && $phpgw_info["server"]["ldap_group_context"] ) + /* search the dn for the given uid */ + if ( ($acct_type == 'g') && $phpgw_info['server']['ldap_group_context'] ) { - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_group_context"], "gidnumber=".$this->account_id); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$this->account_id); } else { - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], "uidnumber=".$this->account_id); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id); } $allValues = ldap_get_entries($ds, $sri); /* Now dump it into the array; take first entry found */ if($acct_type =='g') { - $this->data["account_id"] = $allValues[0]["gidnumber"][0]; - $this->data["account_lid"] = $allValues[0]["cn"][0]; + $this->data['account_id'] = $allValues[0]['gidnumber'][0]; + $this->data['account_lid'] = $allValues[0]['cn'][0]; + $this->data['firstname'] = $allValues[0]['cn'][0]; + $this->data['lastname'] = 'Group'; } else { - $this->data["account_id"] = $allValues[0]["uidnumber"][0]; - $this->data["account_lid"] = $allValues[0]["uid"][0]; + $this->data['account_id'] = $allValues[0]['uidnumber'][0]; + $this->data['account_lid'] = $allValues[0]['uid'][0]; + $this->data['firstname'] = $allValues[0]['givenname'][0]; + $this->data['lastname'] = $allValues[0]['sn'][0]; } - $this->data["account_dn"] = $allValues[0]["dn"]; - $this->data["firstname"] = $allValues[0]["givenname"][0]; - $this->data["lastname"] = $allValues[0]["sn"][0]; - $this->data["fullname"] = $allValues[0]["cn"][0]; - if ($phpgw_info["server"]["ldap_extra_attributes"]) + $this->data['account_dn'] = $allValues[0]['dn']; + $this->data['fullname'] = $allValues[0]['cn'][0]; + + if ($phpgw_info['server']['ldap_extra_attributes']) { - $this->data["homedirectory"] = $allValues[0]["homedirectory"][0]; - $this->data["loginshell"] = $allValues[0]["loginshell"][0]; + $this->data['homedirectory'] = $allValues[0]['homedirectory'][0]; + $this->data['loginshell'] = $allValues[0]['loginshell'][0]; } $this->data['lastlogin'] = $allValues[0]['phpgwaccountlastlogin'][0]; @@ -132,14 +136,14 @@ $ds = $phpgw->common->ldapConnect(); $acct_type = $this->get_type($this->account_id); - // search the dn for the given u/gidnumber - if ( ($acct_type == "g") && $phpgw_info["server"]["ldap_group_context"] ) + /* search the dn for the given u/gidnumber */ + if ( ($acct_type == 'g') && $phpgw_info['server']['ldap_group_context'] ) { - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_group_context"], "gidnumber=".$this->account_id); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$this->account_id); } else { - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], "uidnumber=".$this->account_id); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id); } $allValues = ldap_get_entries($ds, $sri); @@ -153,24 +157,26 @@ $entry['phpgwaccounttype'] = $this->data['type']; $entry['phpgwaccountexpires'] = $this->data['expires']; - if ($phpgw_info["server"]["ldap_extra_attributes"]) + if ($phpgw_info['server']['ldap_extra_attributes']) { - $entry["homedirectory"] = $this->data["homedirectory"]; - $entry["loginshell"] = $this->data["loginshell"]; + $entry['homedirectory'] = $this->data['homedirectory']; + $entry['loginshell'] = $this->data['loginshell']; } - // Changing the uid: Need to delete and add new, since - // PHP cannot change the dn for the entry. - if ($acct_type == 'g') { $test = $allValues[0]["cn"][0]; } - else { $test = $allValues[0]["uid"][0]; } - if ($test != $this->data["account_lid"]) + /* + Changing the uid: Need to delete and add new, since + PHP cannot change the dn for the entry. + */ + if ($acct_type == 'g') { $test = $allValues[0]['cn'][0]; } + else { $test = $allValues[0]['uid'][0]; } + if ($test != $this->data['account_lid']) { - ldap_delete($ds,$allValues[0]["dn"]); - unset($allValues[0]["dn"]); + ldap_delete($ds,$allValues[0]['dn']); + unset($allValues[0]['dn']); while (list($key,$val) = each($allValues[0])) { - // Don't include row count and headers - if (gettype($key) == "string" && $key != "count") + /* Don't include row count and headers */ + if (gettype($key) == 'string' && $key != 'count') { if (is_array($val)) { @@ -193,85 +199,71 @@ } } - // Groups - if ($this->data["account_type"] == "g" && $phpgw_info["server"]["ldap_group_context"] ) + /* Groups */ + if ($this->data['account_type'] == 'g' && $phpgw_info['server']['ldap_group_context'] ) { - $dn = 'cn='.$this->data["account_lid"].','.$phpgw_info["server"]["ldap_group_context"]; - $entry["cn"] = $this->data["account_lid"]; - $entry["gidnumber"] = $this->data["account_id"]; - //$entry["objectclass"] = ""; - $entry["objectclass"][0] = 'top'; - $entry["objectclass"][1] = 'posixGroup'; + $dn = 'cn='.$this->data['account_lid'].','.$phpgw_info['server']['ldap_group_context']; + $entry['cn'] = $this->data['account_lid']; + $entry['gidnumber'] = $this->data['account_id']; + /* $entry["objectclass"] = ''; */ + $entry['objectclass'][0] = 'top'; + $entry['objectclass'][1] = 'posixGroup'; $members = $this->members($this->data["account_id"]); - $entry["memberuid"] = array(); + $entry['memberuid'] = array(); for ($i=0;$iid2name($members[$i]['account_id']); - if (!$this->isin_array($currname,$entry["memberuid"])) + if (!$this->isin_array($currname,$entry['memberuid'])) { - $entry["memberuid"][] = $currname; + $entry['memberuid'][] = $currname; } } } - // Accounts + /* Accounts */ else { - $dn = 'uid='.$this->data["account_lid"].','.$phpgw_info["server"]["ldap_context"]; - $entry["uidnumber"] = $this->data["account_id"]; - $entry["cn"] = sprintf("%s %s", $this->data["firstname"], $this->data["lastname"]); - $entry["uid"] = $this->data["account_lid"]; - $entry["givenname"] = $this->data["firstname"]; - $entry["sn"] = $this->data["lastname"]; - $entry["objectclass"] = ""; - $entry["objectclass"][0] = 'top'; - $entry["objectclass"][1] = 'person'; - $entry["objectclass"][2] = 'organizationalPerson'; - $entry["objectclass"][3] = 'inetOrgPerson'; - //$entry["objectclass"][4] = 'account'; Causes problems with some LDAP servers - $entry["objectclass"][4] = 'posixAccount'; - $entry["objectclass"][5] = 'shadowAccount'; - $entry["objectclass"][6] = 'phpgwAccount'; + $dn = 'uid='.$this->data['account_lid'].','.$phpgw_info['server']['ldap_context']; + $entry['uidnumber'] = $this->data['account_id']; + $entry['cn'] = sprintf("%s %s", $this->data['firstname'], $this->data['lastname']); + $entry['uid'] = $this->data['account_lid']; + $entry['givenname'] = $this->data['firstname']; + $entry['sn'] = $this->data['lastname']; + $entry['objectclass'] = ''; + $entry['objectclass'][0] = 'top'; + $entry['objectclass'][1] = 'person'; + $entry['objectclass'][2] = 'organizationalPerson'; + $entry['objectclass'][3] = 'inetOrgPerson'; + /* $entry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */ + $entry['objectclass'][4] = 'posixAccount'; + $entry['objectclass'][5] = 'shadowAccount'; + $entry['objectclass'][6] = 'phpgwAccount'; - if ($phpgw_info["server"]["ldap_extra_attributes"]) + if ($phpgw_info['server']['ldap_extra_attributes']) { - $entry["homedirectory"] = $this->data["homedirectory"]; - $entry["loginshell"] = $this->data["loginshell"]; + $entry['homedirectory'] = $this->data['homedirectory']; + $entry['loginshell'] = $this->data['loginshell']; } } - /* - echo '
dn: '.$dn; - while (list($key,$val) = each($entry)) { - if (is_array($val)) { - for ($i=0;$i\n".$key.': '.$val[$i]; } - } - } else { - if ($val) { echo '
'.$key.': '.$val; } - } - } - exit;*/ + /* print_r($entry); exit;*/ ldap_add($ds, $dn, $entry); } - // Normal behavior for save_repository + /* Normal behavior for save_repository */ else { - if ($this->data["account_type"] == "g" && $phpgw_info["server"]["ldap_group_context"] ) + if ($this->data['account_type'] == 'g' && $phpgw_info['server']['ldap_group_context'] ) { - $members = $this->members($this->data["account_id"]); - $entry["memberuid"] = array(); + $members = $this->members($this->data['account_id']); + $entry['memberuid'] = array(); for ($i=0;$iid2name($members[$i]['account_id']); - //$currname = "@@".$this->id2name($members[$i]['account_id'])."@@"; $currname = $this->id2name($members[$i]['account_id']); - //if (!ereg($currname, "@@" . join("@@", $entry["memberuid"]) . "@@")) - if (!$this->isin_array($currname,$entry["memberuid"])) + if (!$this->isin_array($currname,$entry['memberuid'])) { - $entry["memberuid"][] = $currname; + $entry['memberuid'][] = $currname; } } - unset($entry["givenname"]); - unset($entry["sn"]); + unset($entry['givenname']); + unset($entry['sn']); } while (list($key,$val) = each($entry)) { @@ -282,21 +274,20 @@ } else { - $tmpentry[$key] = trim($val); // must trim! + $tmpentry[$key] = trim($val); /* must trim! */ } - //echo '
'.$key.' '.$val; if ($tmpentry[$key] && $key) { if (!$allValues[0][$key][0]) { - // attribute was not in LDAP, add it - ldap_mod_add($ds, $allValues[0]["dn"], $tmpentry); + /* attribute was not in LDAP, add it */ + ldap_mod_add($ds, $allValues[0]['dn'], $tmpentry); } else { - // attribute was in LDAP, modify it - ldap_modify($ds, $allValues[0]["dn"], $tmpentry); + /* attribute was in LDAP, modify it */ + ldap_modify($ds, $allValues[0]['dn'], $tmpentry); } } } @@ -309,11 +300,6 @@ return ($i!=count($haystack)); } - function add($account_info) - { - $this->create($account_info); - } - function delete($accountid = '') { global $phpgw, $phpgw_info; @@ -328,16 +314,12 @@ { $del = ldap_delete($ds, $allValues[0]['dn']); } - else - { - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'cn='.$account_lid); - $allValues = ldap_get_entries($ds, $sri); - if ($allValues[0]['dn']) - { - $del = ldap_delete($ds, $allValues[0]['dn']); - } - } + /* Do this last since we are depending upon this record to get the account_lid above */ + $tables_array = Array('phpgw_accounts'); + $this->db->lock($tables_array); + $this->db->query('DELETE FROM phpgw_accounts WHERE account_id='.$account_id); + $this->db->unlock(); } function get_list($_type='both', $start = '',$sort = '', $order = '', $query = '', $offset = '') @@ -346,25 +328,25 @@ if ($offset) { - $limitclause = $phpgw->db->limit($start,$offset); + $limitclause = '';//$phpgw->db->limit($start,$offset); } elseif ($start && !$offset) { - $limitclause = $phpgw->db->limit($start); + $limitclause = '';//$phpgw->db->limit($start); } if (! $sort) { - $sort = "desc"; + $sort = '';//"desc"; } if ($order) { - $orderclause = "order by $order $sort"; + $orderclause = '';//"order by $order $sort"; } else { - $orderclause = "order by account_lid,account_lastname,account_firstname asc"; + $orderclause = '';//"order by account_lid,account_lastname,account_firstname asc"; } $ds = $phpgw->common->ldapConnect(); @@ -376,7 +358,7 @@ while (list($null,$allVals) = @each($allValues)) { $test = $allVals['uid'][0]; - if (!$phpgw_info['server']['global_denied_users'][$test]) + if (!$phpgw_info['server']['global_denied_users'][$test] && $allVals['uid'][0]) { $accounts[] = Array( 'account_id' => $allVals['uidnumber'][0], @@ -396,7 +378,7 @@ while (list($null,$allVals) = @each($allValues)) { $test = $allVals['cn'][0]; - if (!$phpgw_info['server']['global_denied_groups'][$test]) + if (!$phpgw_info['server']['global_denied_groups'][$test] && $allVals['cn'][0]) { $accounts[] = Array( 'account_id' => $allVals['gidnumber'][0], @@ -468,7 +450,7 @@ $account_id = get_account_id($accountid); $ds = $phpgw->common->ldapConnect(); - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], "uid=$account_id"); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "uid=$account_id"); $allValues = ldap_get_entries($ds, $sri); if ($allValues[0]['phpgwaccounttype'][0]) @@ -476,9 +458,9 @@ return $allValues[0]['phpgwaccounttype'][0]; } - $allValues = array*(); + $allValues = array(); - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_group_context"], "cn=$account_id"); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], "cn=$account_id"); $allValues = ldap_get_entries($ds, $sri); if ($allValues[0]['phpgwaccounttype'][0]) @@ -509,35 +491,35 @@ $ds = $phpgw->common->ldapConnect(); $acct_type = $this->acct_type; - if ($acct_type == 'g' && $phpgw_info["server"]["ldap_group_context"]) + if ($acct_type == 'g' && $phpgw_info['server']['ldap_group_context']) { if($searchlid) { - //echo '
searching LDAP groups for lid: '.$account_lid; - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_group_context"], "cn=".$account_lid); + /* echo '
searching LDAP groups for lid: '.$account_lid; */ + $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'cn='.$account_lid); } else { - //echo '
searching LDAP groups for id: '.$account_id; - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_group_context"], "gidnumber=".$account_id); + /* echo '
searching LDAP groups for id: '.$account_id; */ + $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$account_id); } } else { if($searchlid) { - //echo '
searching LDAP accounts for lid: '.$account_lid; - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], "uid=".$account_lid); + /* echo '
searching LDAP accounts for lid: '.$account_lid; */ + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uid='.$account_lid); } else { - //echo '
searching LDAP accounts for id: '.$account_id; - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], "uidnumber=".$account_id); + /* echo '
searching LDAP accounts for id: '.$account_id; */ + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$account_id); } } $allValues = ldap_get_entries($ds, $sri); - if ($allValues[0]["dn"]) + if ($allValues[0]['dn']) { return True; } @@ -554,193 +536,192 @@ $ds = $phpgw->common->ldapConnect(); $this->acct_type = $account_type; - //echo '
in create for account_lid: "'.$account_lid.'"'; + /* echo '
in create for account_lid: "'.$account_lid.'"'; */ if (empty($account_info['id']) || !$account_info['id']) { - $account_id = $this->get_nextid(); - //echo '
using'.$account_id;exit; + $account_id = $this->get_nextid($account_info['account_type']); + /* echo '
using'.$account_id;exit; */ } - $entry['userpasswd'] = $account_info['passwd']; - $entry['phpgwaccountlastlogin'] = $account_info['lastlogin']; - $entry['phpgwaccountlastloginfrom'] = $account_info['lastloginfrom']; - $entry['phpgwlastpasswdchange'] = $account_info['lastpasswd_change']; - $entry['phpgwaccountstatus'] = $account_info['status']; - $entry['phpgwaccounttype'] = $account_info['type']; - $entry['phpgwaccountexpires'] = $account_info['expires']; + $entry['userpassword'] = $account_info['account_passwd']; +// $entry['phpgwaccountlastlogin'] = $account_info['lastlogin']; +// $entry['phpgwaccountlastloginfrom'] = $account_info['lastloginfrom']; +// $entry['phpgwlastpasswdchange'] = $account_info['lastpasswd_change']; +// $entry['phpgwaccountstatus'] = $account_info['account_status']; + $entry['phpgwaccounttype'] = $account_info['account_type']; + $entry['phpgwaccountexpires'] = $account_info['account_expires']; - if ($account_type == "g") + if ($account_type == 'g') { - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_group_context"], "cn=" . $account_info['account_lid']); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'cn=' . $account_info['account_lid']); } else { - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], "uid=" . $account_info['account_lid']); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uid=' . $account_info['account_lid']); } $allValues = ldap_get_entries($ds, $sri); - if ($phpgw_info["server"]["ldap_extra_attributes"] && $account_info['account_type'] != 'g') + if ($phpgw_info['server']['ldap_extra_attributes'] && $account_info['account_type'] != 'g') { - if ($account_home) + if ($account_info['homedirectory']) { - $entry["homedirectory"] = $account_info['homedirectory']; + $entry['homedirectory'] = $account_info['homedirectory']; } else { - $entry["homedirectory"] = $phpgw_info["server"]["ldap_account_home"].SEP.$account_info['account_lid']; + $entry['homedirectory'] = $phpgw_info['server']['ldap_account_home'].SEP.$account_info['account_lid']; } - if ($account_shell) + if ($account_info['loginshell']) { - $entry["loginshell"] = $account_info['loginshell']; + $entry['loginshell'] = $account_info['loginshell']; } else { - $entry["loginshell"] = $phpgw_info["server"]["ldap_account_shell"]; + $entry['loginshell'] = $phpgw_info['server']['ldap_account_shell']; } } - if ($allValues[0]["dn"]) + if ($allValues[0]['dn']) { - // This should keep the password from being overwritten here on ldap import - unset($entry["userpassword"]); - $entry["gidnumber"] = $account_id; + /* This should keep the password from being overwritten here on ldap import */ + unset($entry['userpassword']); + $entry['gidnumber'] = $account_id; while (list($key,$val) = each($entry)) { $tmpentry = ''; - $tmpentry[$key] = trim($val); // must trim! - //echo '
'.$key.' '.$val; + $tmpentry[$key] = trim($val); /* must trim! */ + /* echo '
'.$key.' '.$val; */ if ($tmpentry[$key]) { if (!$allValues[0][$key][0]) { - // attribute was not in LDAP, add it + /* attribute was not in LDAP, add it */ ldap_mod_add($ds, $allValues[0]["dn"], $tmpentry); } else { - // attribute was in LDAP, modify it + /* attribute was in LDAP, modify it */ ldap_modify($ds, $allValues[0]["dn"], $tmpentry); } } } - if ($account_type == "g") + if ($account_info['account_type'] == 'g') { - $tmpentry["objectclass"][0] = 'top'; - $tmpentry["objectclass"][1] = 'posixGroup'; + $tmpentry['objectclass'][0] = 'top'; + $tmpentry['objectclass'][1] = 'posixGroup'; + $tmpentry['objectclass'][2] = 'phpgwAccount'; } else { - $tmpentry["uidnumber"] = $account_id; - $tmpentry["objectclass"][0] = 'top'; - $tmpentry["objectclass"][1] = 'person'; - $tmpentry["objectclass"][2] = 'organizationalPerson'; - $tmpentry["objectclass"][3] = 'inetOrgPerson'; - $tmpentry["userpassword"] = $phpgw->common->encrypt_password($account_info['passwd']); - //$tmpentry["objectclass"][4] = 'account'; Causes problems with some LDAP servers - $tmpentry["objectclass"][4] = 'posixAccount'; - $tmpentry["objectclass"][5] = 'shadowAccount'; - $tmpentry["objectclass"][6] = 'phpgwAccount'; - $tmpentry['phpgwaccountlastlogin'] = $account_info['lastlogin']; - $tmpentry['phpgwaccountlastloginfrom'] = $account_info['lastloginfrom']; - $tmpentry['phpgwlastpasswdchange'] = $account_info['lastpasswd_change']; - $tmpentry['phpgwaccountstatus'] = $account_info['status']; + $tmpentry['uidnumber'] = $account_id; + $tmpentry['objectclass'][0] = 'top'; + $tmpentry['objectclass'][1] = 'person'; + $tmpentry['objectclass'][2] = 'organizationalPerson'; + $tmpentry['objectclass'][3] = 'inetOrgPerson'; + $tmpentry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']); + /* $tmpentry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */ + $tmpentry['objectclass'][4] = 'posixAccount'; + $tmpentry['objectclass'][5] = 'shadowAccount'; + $tmpentry['objectclass'][6] = 'phpgwAccount'; + $tmpentry['phpgwaccountstatus'] = $account_info['account_status']; $tmpentry['phpgwaccounttype'] = $account_info['account_type']; - $tmpentry['phpgwaccountexpires'] = $account_info['expires']; + $tmpentry['phpgwaccountexpires'] = $account_info['account_expires']; } ldap_modify($ds, $allValues[0]["dn"], $tmpentry); } else { - // Not already there, we will add it - if ($account_type == "g") + /* Not already there, we will add it */ + if ($account_info['account_type'] == 'g') { - $dn = 'cn='.$account_info['account_lid'] . ',' . $phpgw_info["server"]["ldap_group_context"]; - unset($entry["homedirectory"]); - unset($entry["loginshell"]); - $entry["objectclass"][0] = 'top'; - $entry["objectclass"][1] = 'posixGroup'; - $entry["cn"] = $account_info['account_lid']; - $entry["gidnumber"] = $account_id; - $entry["userpassword"] = $phpgw->common->encrypt_password($account_info['passwd']); - $entry["description"] = 'phpgw-created group'; + $dn = 'cn='.$account_info['account_lid'] . ',' . $phpgw_info['server']['ldap_group_context']; + unset($entry['homedirectory']); + unset($entry['loginshell']); + $entry['objectclass'][0] = 'top'; + $entry['objectclass'][1] = 'posixGroup'; + $entry['objectclass'][2] = 'phpgwAccount'; + $entry['cn'] = $account_info['account_lid']; + $entry['gidnumber'] = $account_id; + $entry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']); + $entry['description'] = 'phpgw-created group'; } else { - $dn = 'uid=' . $account_info['account_lid'] . ',' . $phpgw_info["server"]["ldap_context"]; - $entry["cn"] = sprintf("%s %s", $account_firstname, $account_lastname); - $entry["sn"] = $account_info['lastname']; - $entry["givenname"] = $account_info['firstname']; - $entry["uid"] = $account_info['account_lid']; - $entry["uidnumber"] = $account_id; - if ($phpgw_info["server"]["ldap_group_id"]) + $dn = 'uid=' . $account_info['account_lid'] . ',' . $phpgw_info['server']['ldap_context']; + $entry['cn'] = sprintf("%s %s", $account_info['account_firstname'], $account_info['account_lastname']); + $entry['sn'] = $account_info['account_lastname']; + $entry['givenname'] = $account_info['account_firstname']; + $entry['uid'] = $account_info['account_lid']; + $entry['uidnumber'] = $account_id; + if ($phpgw_info['server']['ldap_group_id']) { - $entry["gidnumber"] = $phpgw_info["server"]["ldap_group_id"]; + $entry['gidnumber'] = $phpgw_info['server']['ldap_group_id']; } else { - $entry["gidnumber"] = $account_id; + $entry['gidnumber'] = $account_id; } - $entry["userpassword"] = $phpgw->common->encrypt_password($account_info['passwd']); - $entry["objectclass"][0] = 'top'; - $entry["objectclass"][1] = 'person'; - $entry["objectclass"][2] = 'organizationalPerson'; - $entry["objectclass"][3] = 'inetOrgPerson'; - //$entry["objectclass"][4] = 'account'; Causes problems with some LDAP servers - $entry["objectclass"][4] = 'posixAccount'; - $entry["objectclass"][5] = 'shadowAccount'; - $entry["objectclass"][5] = 'phpgwAccount'; + $entry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']); + $entry['objectclass'][0] = 'top'; + $entry['objectclass'][1] = 'person'; + $entry['objectclass'][2] = 'organizationalPerson'; + $entry['objectclass'][3] = 'inetOrgPerson'; + /* $entry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */ + $entry['objectclass'][4] = 'posixAccount'; + $entry['objectclass'][5] = 'shadowAccount'; + $entry['objectclass'][5] = 'phpgwAccount'; } ldap_add($ds, $dn, $entry); } - //print ldap_error($ds); + /* print ldap_error($ds); */ } - function auto_add($account_name, $passwd, $default_prefs=False, $default_acls= False) + function auto_add($accountname, $passwd, $default_prefs = False, $default_acls = False, $expiredate = 0, $account_status = 'A') { - print "not done yet auto_generate class.accounts_ldap.inc.php
"; - exit(); + return False; + global $phpgw, $phpgw_info; - $accountid = $this->get_nextid(); - - if ($defaultprefs =="") { - $defaultprefs = 'a:5:{s:6:"common";a:10:{s:9:"maxmatchs";s:2:"15";s:12:"template_set";s:8:"verdilak";s:5:"theme";s:6:"purple";s:13:"navbar_format";s:5:"icons";s:9:"tz_offset";N;s:10:"dateformat";s:5:"m/d/Y";s:10:"timeformat";s:2:"12";s:4:"lang";s:2:"en";s:11:"default_app";N;s:8:"currency";s:1:"$";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}:s:8:"calendar";a:4:{s:13:"workdaystarts";s:1:"7";s:11:"workdayends";s:2:"15";s:13:"weekdaystarts";s:6:"Monday";s:15:"defaultcalendar";s:9:"month.php";}}'; -// $defaultprefs = 'a:5:{s:6:"common";a:1:{s:0:"";s:2:"en";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}s:8:"calendar";a:1:{s:0:"";s:13:"workdaystarts";}i:15;a:1:{s:0:"";s:11:"workdayends";}s:6:"Monday";a:1:{s:0:"";s:13:"weekdaystarts";}}'; + if (! $expiredate) + { + /* expire in 30 days by default */ + $expiredate = time() + ( ( 60 * 60 ) * (30 * 24) ); } - $sql = "insert into phpgw_accounts"; - $sql .= "(account_id, account_lid, account_pwd, account_firstname, account_lastname, account_lastpwd_change, account_status, account_type)"; - $sql .= "values (".$accountid.", '".$accountname."', '".md5($passwd)."', '".$accountname."', 'AutoCreated', ".time().", 'A','u')"; - $this->db->query($sql); - $this->db->query(" - insert into phpgw_preferences (preference_owner, preference_value) - values ('".$accountid."', '$defaultprefs')"); - $this->db->query(" - insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) - values('preferences', 'changepassword', ".$accountid.", 'u', 1)",__LINE__,__FILE__); - $this->db->query(" - insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) - values('phpgw_group', '1', ".$accountid.", 'u', 1)",__LINE__,__FILE__); - $this->db->query(" - insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) - values('addressbook', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); - $this->db->query(" - insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) - values('filemanager', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); - $this->db->query(" - insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) - values('calendar', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); - $this->db->query(" - insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) - values('email', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); - $this->db->query(" - insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) - values('notes', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); - $this->db->query(" - insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) - values('todo', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); + + $acct_info = array( + 'account_lid' => $accountname, + 'account_type' => 'u', + 'account_passwd' => $passwd, + 'account_firstname' => 'New', + 'account_lastname' => 'User', + 'account_status' => $account_status, + 'account_expires' => mktime(2,0,0,date('n',$expiredate), intval(date('d',$expiredate)), date('Y',$expiredate)) + ); + $this->create($acct_info); + $accountid = $this->name2id($accountname); + + $this->db->transaction_begin(); + if ($default_prefs == False) + { + $default_prefs = 'a:5:{s:6:"common";a:10:{s:9:"maxmatchs";s:2:"15";s:12:"template_set";s:8:"verdilak";s:5:"theme";s:6:"purple";s:13:"navbar_format";s:5:"icons";s:9:"tz_offset";N;s:10:"dateformat";s:5:"m/d/Y";s:10:"timeformat";s:2:"12";s:4:"lang";s:2:"en";s:11:"default_app";N;s:8:"currency";s:1:"$";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}:s:8:"calendar";a:4:{s:13:"workdaystarts";s:1:"7";s:11:"workdayends";s:2:"15";s:13:"weekdaystarts";s:6:"Monday";s:15:"defaultcalendar";s:9:"month.php";}}'; + $this->db->query("insert into phpgw_preferences (preference_owner, preference_value) values ('".$accountid."', '$default_prefs')"); + } + + if ($default_acls == False) + { + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)values('preferences', 'changepassword', ".$accountid.", 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('phpgw_group', '1', ".$accountid.", 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('addressbook', 'run', ".$accountid.", 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('filemanager', 'run', ".$accountid.", 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('calendar', 'run', ".$accountid.", 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('email', 'run', ".$accountid.", 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('notes', 'run', ".$accountid.", 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('todo', 'run', ".$accountid.", 1)",__LINE__,__FILE__); + } + $this->db->transaction_commit(); return $accountid; } @@ -749,11 +730,12 @@ global $phpgw; $_account_id = get_account_id($_accountid); + $ds = $phpgw->common->ldapConnect(); - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], "uidnumber=$_account_id"); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "uidnumber=$_account_id"); $allValues = ldap_get_entries($ds, $sri); - return $allValues[0]["dn"]; + return $allValues[0]['dn']; } }