forked from extern/egroupware
- new account-migration script which replace the former import and export
- retired the modifiy script as it's no longer necessary - removed references and translations of the old scripts - removed ldap version 3 switch from config
This commit is contained in:
parent
29f83cba19
commit
a7ecb209a9
230
setup/account_migration.php
Normal file
230
setup/account_migration.php
Normal file
@ -0,0 +1,230 @@
|
||||
<?php
|
||||
/**
|
||||
* Setup - Account migration between SQL <--> LDAP
|
||||
*
|
||||
* The migration is done to the account-repository configured for eGroupWare!
|
||||
*
|
||||
* @link http://www.egroupware.org
|
||||
* @package setup
|
||||
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
||||
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
||||
* @version $Id$
|
||||
*/
|
||||
|
||||
$GLOBALS['egw_info'] = array(
|
||||
'flags' => array(
|
||||
'noheader' => True,
|
||||
'nonavbar' => True,
|
||||
'currentapp' => 'home',
|
||||
'noapi' => True
|
||||
));
|
||||
include('./inc/functions.inc.php');
|
||||
|
||||
// Authorize the user to use setup app and load the database
|
||||
if (!$GLOBALS['egw_setup']->auth('Config') || $_POST['cancel'])
|
||||
{
|
||||
Header('Location: index.php');
|
||||
exit;
|
||||
}
|
||||
// Does not return unless user is authorized
|
||||
|
||||
// the migration script needs a session to store the accounts
|
||||
session_start();
|
||||
|
||||
$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');
|
||||
$setup_tpl = CreateObject('setup.Template',$tpl_root);
|
||||
$setup_tpl->set_file(array(
|
||||
'migration' => 'account_migration.tpl',
|
||||
'T_head' => 'head.tpl',
|
||||
'T_footer' => 'footer.tpl',
|
||||
'T_alert_msg' => 'msg_alert_msg.tpl'
|
||||
));
|
||||
|
||||
function hash_sql2ldap($hash)
|
||||
{
|
||||
switch(strtolower($GLOBALS['egw_info']['server']['sql_encryption_type']))
|
||||
{
|
||||
case '': // not set sql_encryption_type
|
||||
case 'md5':
|
||||
$hash = '{md5}' . base64_encode(pack("H*",$hash));
|
||||
break;
|
||||
case 'crypt':
|
||||
$hash = '{crypt}' . $hash;
|
||||
break;
|
||||
}
|
||||
return $hash;
|
||||
}
|
||||
|
||||
// determine from where we migrate to what
|
||||
if (!is_object($GLOBALS['egw_setup']->db))
|
||||
{
|
||||
$GLOBALS['egw_setup']->loaddb();
|
||||
}
|
||||
// Load configuration values account_repository and auth_type, a setup has not yet done so
|
||||
/*$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'config_name,config_value',
|
||||
array('config_name'=>array('account_respository','auth_type')),__LINE__,__FILE__);
|
||||
while(($row = $GLOBALS['egw_setup']->db->row(true)))
|
||||
{
|
||||
$GLOBALS['egw_info']['server'][$row['config_name']] = $row['config_value'];
|
||||
}*/
|
||||
$to = $GLOBALS['egw_info']['server']['account_repository'];
|
||||
if (!$to && !($to = $GLOBALS['egw_info']['server']['auth_type']))
|
||||
{
|
||||
$to = 'sql';
|
||||
}
|
||||
$from = $to == 'sql' ? 'ldap' : 'sql';
|
||||
$direction = strtoupper($from).' --> '.strtoupper($to);
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_header($direction,False,'config',$GLOBALS['egw_setup']->ConfigDomain .
|
||||
'(' . $GLOBALS['egw_domain'][$GLOBALS['egw_setup']->ConfigDomain]['db_type'] . ')');
|
||||
|
||||
if (!$_POST['migrate'])
|
||||
{
|
||||
// fetch and display the accounts of the NOT set $from repository
|
||||
$GLOBALS['egw_info']['server']['account_repository'] = $from;
|
||||
$GLOBALS['egw_setup']->setup_account_object();
|
||||
|
||||
// fetch all users and groups
|
||||
$accounts = $GLOBALS['egw']->accounts->search(array(
|
||||
'type' => 'both',
|
||||
));
|
||||
// fetch the complete data (search reads not everything), plus the members(hips)
|
||||
foreach($accounts as $account_id => $account)
|
||||
{
|
||||
$accounts[$account_id] = $GLOBALS['egw']->accounts->read($account_id);
|
||||
|
||||
if ($account['account_type'] == 'g')
|
||||
{
|
||||
$accounts[$account_id]['members'] = $GLOBALS['egw']->accounts->members($account_id,true);
|
||||
}
|
||||
else
|
||||
{
|
||||
$accounts[$account_id]['memberships'] = $GLOBALS['egw']->accounts->memberships($account_id,true);
|
||||
}
|
||||
}
|
||||
//_debug_array($accounts);
|
||||
// store the complete info in the session to be availible after user selected what to migrate
|
||||
// we cant instanciate to account-repositories at the same time, as the backend-classes have identical names
|
||||
$_SESSION['all_accounts'] =& $accounts;
|
||||
|
||||
// now outputting the account selection
|
||||
$setup_tpl->set_block('migration','header','header');
|
||||
$setup_tpl->set_block('migration','user_list','user_list');
|
||||
$setup_tpl->set_block('migration','group_list','group_list');
|
||||
$setup_tpl->set_block('migration','submit','submit');
|
||||
$setup_tpl->set_block('migration','footer','footer');
|
||||
|
||||
foreach($accounts as $account_id => $account)
|
||||
{
|
||||
if ($account['account_type'] == 'g')
|
||||
{
|
||||
$group_list .= '<option value="' . $account_id . '" selected="1">'. $account['account_lid'] . "</option>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
$user_list .= '<option value="' . $account_id . '" selected="1">'.
|
||||
$GLOBALS['egw']->common->display_fullname($account['account_lid'],
|
||||
$account['account_firstname'],$account['account_lastname']) . "</option>\n";
|
||||
}
|
||||
}
|
||||
$setup_tpl->set_var('action_url','account_migration.php');
|
||||
$setup_tpl->set_var('users',$user_list);
|
||||
$setup_tpl->set_var('groups',$group_list);
|
||||
|
||||
$setup_tpl->set_var('description',lang('Migration between eGroupWare account repositories').': '.$direction);
|
||||
$setup_tpl->set_var('select_users',lang('Select which user(s) will be exported'));
|
||||
$setup_tpl->set_var('select_groups',lang('Select which group(s) will be exported'));
|
||||
$setup_tpl->set_var('memberships',lang('Group memberships will be migrated too.'));
|
||||
$setup_tpl->set_var('migrate',$direction);
|
||||
$setup_tpl->set_var('cancel',lang('Cancel'));
|
||||
|
||||
$setup_tpl->pfp('out','header');
|
||||
if($user_list)
|
||||
{
|
||||
$setup_tpl->pfp('out','user_list');
|
||||
}
|
||||
if($group_list)
|
||||
{
|
||||
$setup_tpl->pfp('out','group_list');
|
||||
}
|
||||
$setup_tpl->pfp('out','submit');
|
||||
$setup_tpl->pfp('out','footer');
|
||||
}
|
||||
else // do the migration
|
||||
{
|
||||
$GLOBALS['egw_info']['server']['account_repository'] = $to;
|
||||
$GLOBALS['egw_setup']->setup_account_object();
|
||||
|
||||
$target = strtoupper($to);
|
||||
$accounts =& $_SESSION['all_accounts'];
|
||||
|
||||
if($_POST['users'])
|
||||
{
|
||||
foreach($_POST['users'] as $account_id)
|
||||
{
|
||||
if (!isset($accounts[$account_id])) continue;
|
||||
|
||||
// check if user already exists
|
||||
if ($GLOBALS['egw']->accounts->exists($account_id))
|
||||
{
|
||||
echo '<p>'.lang('%1 already exists in %2.',lang('User')." $account_id ({$accounts[$account_id]['account_lid']})",$target)."</p>\n";
|
||||
continue;
|
||||
}
|
||||
if ($to == 'ldap')
|
||||
{
|
||||
if ($GLOBALS['egw_info']['server']['ldap_extra_attributes'])
|
||||
{
|
||||
$accounts[$account_id]['homedirectory'] = $GLOBALS['egw_info']['server']['ldap_account_home'] . '/' . $accounts[$account_id]['account_lid'];
|
||||
$accounts[$account_id]['loginshell'] = $GLOBALS['egw_info']['server']['ldap_account_shell'];
|
||||
}
|
||||
$accounts[$account_id]['account_passwd'] = hash_sql2ldap($accounts[$account_id]['account_pwd']);
|
||||
}
|
||||
else
|
||||
{
|
||||
// ToDo migrate ldap password hashes to sql, not as easy as we dont store the hash-type in the password
|
||||
// maybe we should change sql to store passwords identical to ldap prefixed with {hash}
|
||||
$accounts[$account_id]['account_passwd'] = $accounts[$account_id]['account_pwd'];
|
||||
}
|
||||
if (!$GLOBALS['egw']->accounts->save($accounts[$account_id]))
|
||||
{
|
||||
echo '<p>'.lang('Creation of %1 in %2 failed !!!',lang('User')." $account_id ({$accounts[$account_id]['account_lid']})",$target)."</p>\n";
|
||||
continue;
|
||||
}
|
||||
$GLOBALS['egw']->accounts->set_memberships($accounts[$account_id]['memberships'],$account_id);
|
||||
echo '<p>'.lang('%1 created in %2.',lang('User')." $account_id ({$accounts[$account_id]['account_lid']})",$target)."</p>\n";
|
||||
}
|
||||
}
|
||||
if($_POST['groups'])
|
||||
{
|
||||
foreach($_POST['groups'] as $account_id)
|
||||
{
|
||||
if (!isset($accounts[$account_id])) continue;
|
||||
|
||||
// check if group already exists
|
||||
if (!$GLOBALS['egw']->accounts->exists($account_id))
|
||||
{
|
||||
if (!$GLOBALS['egw']->accounts->save($accounts[$account_id]))
|
||||
{
|
||||
echo '<p>'.lang('Creation of %1 in %2 failed !!!',lang('Group')." $account_id ({$accounts[$account_id]['account_lid']})",$target)."</p>\n";
|
||||
continue;
|
||||
}
|
||||
echo '<p>'.lang('%1 created in %2.',lang('Group')." $account_id ({$accounts[$account_id]['account_lid']})",$target)."</p>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
echo '<p>'.lang('%1 already exists in %2.',lang('Group')." $account_id ({$accounts[$account_id]['account_lid']})",$target)."</p>\n";
|
||||
|
||||
if ($GLOBALS['egw']->accounts->id2name($account_id) != $accounts[$account_id]['account_lid'])
|
||||
{
|
||||
continue; // different group under that gidnumber!
|
||||
}
|
||||
}
|
||||
// now saving / updating the memberships
|
||||
$GLOBALS['egw']->accounts->set_members($accounts[$account_id]['members'],$account_id);
|
||||
}
|
||||
}
|
||||
echo '<p align="center">'.lang('Export has been completed!')."</p>\n";
|
||||
echo '<p align="center">'.lang('Click <a href="index.php">here</a> to return to setup.')."</p>\n";
|
||||
}
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_footer();
|
@ -72,9 +72,10 @@
|
||||
'username' => $username,
|
||||
'fname' => $fname,
|
||||
'lname' => $lname,
|
||||
'email' => $email,
|
||||
));
|
||||
$setup_tpl->set_var('action_url','admin_account.php');
|
||||
$setup_tpl->set_var('description',lang('<b>This will create 1 admin account and 3 demo accounts</b><br />The username/passwords are: demo/guest, demo2/guest and demo3/guest.'));
|
||||
$setup_tpl->set_var('description',lang('This will create a first user in eGroupWare or reset password and admin rights of an exiting user'));
|
||||
$setup_tpl->set_var('lang_deleteall',lang('Delete all existing SQL accounts, groups, ACLs and preferences (normally not necessary)?'));
|
||||
|
||||
$setup_tpl->set_var('detailadmin',lang('Details for Admin account'));
|
||||
@ -84,7 +85,10 @@
|
||||
$setup_tpl->set_var('adminemail',lang('Admin email address'));
|
||||
$setup_tpl->set_var('adminpassword',lang('Admin password'));
|
||||
$setup_tpl->set_var('adminpassword2',lang('Re-enter password'));
|
||||
$setup_tpl->set_var('admin_all_apps',lang('Give admin access to all installed apps'));
|
||||
$setup_tpl->set_var('all_apps_desc',lang('Usually more annoying.<br />Admins can use Admin >> Manage accounts or groups to give access to further apps.'));
|
||||
$setup_tpl->set_var('create_demo_accounts',lang('Create demo accounts'));
|
||||
$setup_tpl->set_var('demo_desc',lang('The username/passwords are: demo/guest, demo2/guest and demo3/guest.'));
|
||||
|
||||
$setup_tpl->set_var('lang_submit',lang('Save'));
|
||||
$setup_tpl->set_var('lang_cancel',lang('Cancel'));
|
||||
@ -110,24 +114,34 @@
|
||||
|
||||
if (!$defaultgroupid || !$admingroupid)
|
||||
{
|
||||
if (strstr($_SERVER['PHP_SELF'],'setup-cli.php'))
|
||||
{
|
||||
return 42; //lang('Error in group-creation !!!'); // dont exit on setup-cli
|
||||
}
|
||||
echo '<p><b>'.lang('Error in group-creation !!!')."</b></p>\n";
|
||||
echo '<p>'.lang('click <a href="index.php">here</a> to return to setup.')."</p>\n";
|
||||
$GLOBALS['egw_setup']->db->transaction_abort();
|
||||
exit;
|
||||
}
|
||||
|
||||
/* Group perms for the default group */
|
||||
// Group perms for the default group
|
||||
$GLOBALS['egw_setup']->add_acl(array('addressbook','calendar','infolog','felamimail','preferences','home','manual'),'run',$defaultgroupid);
|
||||
|
||||
// give admin access to all apps, to save us some support requests
|
||||
$all_apps = array();
|
||||
$apps = array();
|
||||
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->applications_table,'app_name','app_enabled < 3',__LINE__,__FILE__);
|
||||
while ($GLOBALS['egw_setup']->db->next_record())
|
||||
{
|
||||
$all_apps[] = $GLOBALS['egw_setup']->db->f('app_name');
|
||||
$apps[] = $GLOBALS['egw_setup']->db->f('app_name');
|
||||
}
|
||||
$GLOBALS['egw_setup']->add_acl($all_apps,'run',$admingroupid);
|
||||
// if not otherwise selected, give admin only access to the rest of the default apps,
|
||||
// not yet set for the default group or development only apps like (etemplate, jinn, tt's)
|
||||
if (!$_POST['admin_all_apps'])
|
||||
{
|
||||
$apps = array_intersect(array('admin','emailadmin','filemanager','mydms','news_admin','phpbrain','phpsysinfo','polls','projectmanager','resources','sambaadmin','sitemgr','timesheet','wiki'),$apps);
|
||||
}
|
||||
$GLOBALS['egw_setup']->add_acl($apps,'run',$admingroupid);
|
||||
|
||||
// give admin access to default apps, not yet set for the default group
|
||||
function insert_default_prefs($accountid)
|
||||
{
|
||||
$defaultprefs = array(
|
||||
@ -187,6 +201,10 @@
|
||||
$accountid = $GLOBALS['egw_setup']->add_account($username,$fname,$lname,$passwd,'Admins',True,$email);
|
||||
if (!$accountid)
|
||||
{
|
||||
if (strstr($_SERVER['PHP_SELF'],'setup-cli.php'))
|
||||
{
|
||||
return 41; //lang('Error in admin-creation !!!'); // dont exit on setup-cli
|
||||
}
|
||||
echo '<p><b>'.lang('Error in admin-creation !!!')."</b></p>\n";
|
||||
echo '<p>'.lang('click <a href="index.php">here</a> to return to setup.')."</p>\n";
|
||||
$GLOBALS['egw_setup']->db->transaction_abort();
|
||||
|
@ -111,18 +111,10 @@
|
||||
{
|
||||
$GLOBALS['egw_setup']->db->transaction_commit();
|
||||
|
||||
if($newsettings['auth_type'] == 'ldap')
|
||||
{
|
||||
Header('Location: ldap.php');
|
||||
exit;
|
||||
}
|
||||
else
|
||||
{
|
||||
Header('Location: index.php');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_header(lang('Configuration'),False,'config',$GLOBALS['egw_setup']->ConfigDomain . '(' . $GLOBALS['egw_domain'][$GLOBALS['egw_setup']->ConfigDomain]['db_type'] . ')');
|
||||
|
||||
|
@ -859,13 +859,16 @@
|
||||
$this->loaddb();
|
||||
}
|
||||
/* Load up some configured values */
|
||||
$this->db->query("SELECT config_name,config_value FROM $this->config_table "
|
||||
. "WHERE config_name LIKE 'ldap%' OR config_name LIKE 'account_%' OR config_name LIKE '%encryption%'",__LINE__,__FILE__);
|
||||
while($this->db->next_record())
|
||||
$this->db->select($this->config_table,'config_name,config_value',
|
||||
"config_name LIKE 'ldap%' OR config_name LIKE 'account_%' OR config_name LIKE '%encryption%' OR config_name='auth_type'",__LINE__,__FILE__);
|
||||
while(($row = $this->db->row(true)))
|
||||
{
|
||||
$GLOBALS['egw_info']['server'][$this->db->f('config_name')] = $this->db->f('config_value');
|
||||
if (!isset($GLOBALS['egw_info']['server'][$row['config_name']])) // dont overwrite
|
||||
{
|
||||
$GLOBALS['egw_info']['server'][$row['config_name']] = $row['config_value'];
|
||||
}
|
||||
//if (!is_object($GLOBALS['egw']))
|
||||
}
|
||||
if (!is_object($GLOBALS['egw']))
|
||||
{
|
||||
$GLOBALS['egw'] =& new egw_dummy();
|
||||
$GLOBALS['phpgw'] =& $GLOBALS['egw'];
|
||||
|
@ -1,77 +0,0 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare - Setup *
|
||||
* http://www.egroupware.org *
|
||||
* -------------------------------------------- *
|
||||
* This program is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU General Public License as published by the *
|
||||
* Free Software Foundation; either version 2 of the License, or (at your *
|
||||
* option) any later version. *
|
||||
\**************************************************************************/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
$GLOBALS['egw_info'] = array(
|
||||
'flags' => array(
|
||||
'noheader' => True,
|
||||
'nonavbar' => True,
|
||||
'currentapp' => 'home',
|
||||
'noapi' => True
|
||||
));
|
||||
include('./inc/functions.inc.php');
|
||||
|
||||
// Authorize the user to use setup app and load the database
|
||||
if (!$GLOBALS['egw_setup']->auth('Config'))
|
||||
{
|
||||
Header('Location: index.php');
|
||||
exit;
|
||||
}
|
||||
// Does not return unless user is authorized
|
||||
|
||||
if (get_var('cancel',Array('POST')))
|
||||
{
|
||||
Header('Location: index.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');
|
||||
$setup_tpl = CreateObject('setup.Template',$tpl_root);
|
||||
$setup_tpl->set_file(array(
|
||||
'ldap' => 'ldap.tpl',
|
||||
'T_head' => 'head.tpl',
|
||||
'T_footer' => 'footer.tpl',
|
||||
'T_alert_msg' => 'msg_alert_msg.tpl'
|
||||
));
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_header(lang('LDAP Config'),False,'config',$GLOBALS['egw_setup']->ConfigDomain . '(' . $GLOBALS['egw_domain'][$GLOBALS['egw_setup']->ConfigDomain]['db_type'] . ')');
|
||||
|
||||
if ($GLOBALS['error'])
|
||||
{
|
||||
//echo '<br /><center><b>Error:</b> '.$error.'</center>';
|
||||
$GLOBALS['egw_setup']->html->show_alert_msg('Error',$GLOBALS['error']);
|
||||
}
|
||||
|
||||
$setup_tpl->set_block('ldap','header','header');
|
||||
$setup_tpl->set_block('ldap','jump','jump');
|
||||
$setup_tpl->set_block('ldap','cancel_only','cancel_only');
|
||||
$setup_tpl->set_block('ldap','footer','footer');
|
||||
|
||||
$setup_tpl->set_var('description',lang('LDAP Accounts Configuration'));
|
||||
$setup_tpl->set_var('lang_ldapmodify',lang('Modify an existing LDAP account store for use with eGroupWare (for a new install using LDAP accounts)'));
|
||||
$setup_tpl->set_var('lang_ldapimport',lang('Import accounts from LDAP to the eGroupware accounts table (for a new install using SQL accounts)'));
|
||||
$setup_tpl->set_var('lang_ldapexport',lang('Export eGroupware accounts from SQL to LDAP'));
|
||||
$setup_tpl->set_var('lang_ldapdummy',lang('Setup demo accounts in LDAP'));
|
||||
$setup_tpl->set_var('ldapmodify','ldapmodify.php');
|
||||
$setup_tpl->set_var('ldapimport','ldapimport.php');
|
||||
$setup_tpl->set_var('ldapexport','ldapexport.php');
|
||||
$setup_tpl->set_var('ldapdummy','admin_account.php');
|
||||
$setup_tpl->set_var('action_url','index.php');
|
||||
$setup_tpl->set_var('cancel',lang('Cancel'));
|
||||
|
||||
$setup_tpl->pfp('out','header');
|
||||
$setup_tpl->pfp('out','jump');
|
||||
$setup_tpl->pfp('out','cancel_only');
|
||||
$setup_tpl->pfp('out','footer');
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_footer();
|
||||
?>
|
@ -1,250 +0,0 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare - Setup *
|
||||
* http://www.egroupware.org *
|
||||
* -------------------------------------------- *
|
||||
* This program is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU General Public License as published by the *
|
||||
* Free Software Foundation; either version 2 of the License, or (at your *
|
||||
* option) any later version. *
|
||||
\**************************************************************************/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
$GLOBALS['egw_info'] = array(
|
||||
'flags' => array(
|
||||
'noheader' => True,
|
||||
'nonavbar' => True,
|
||||
'currentapp' => 'home',
|
||||
'noapi' => True
|
||||
));
|
||||
include('./inc/functions.inc.php');
|
||||
|
||||
// Authorize the user to use setup app and load the database
|
||||
if (!$GLOBALS['egw_setup']->auth('Config'))
|
||||
{
|
||||
Header('Location: index.php');
|
||||
exit;
|
||||
}
|
||||
// Does not return unless user is authorized
|
||||
|
||||
class egw
|
||||
{
|
||||
var $common;
|
||||
var $accounts;
|
||||
var $applications;
|
||||
var $db;
|
||||
}
|
||||
$egw =& new egw;
|
||||
$egw->common =& CreateObject('phpgwapi.common');
|
||||
|
||||
$common =& $egw->common;
|
||||
$GLOBALS['egw_setup']->loaddb();
|
||||
$egw->db = clone($GLOBALS['egw_setup']->db);
|
||||
|
||||
$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');
|
||||
$setup_tpl = CreateObject('setup.Template',$tpl_root);
|
||||
$setup_tpl->set_file(array(
|
||||
'ldap' => 'ldap.tpl',
|
||||
'T_head' => 'head.tpl',
|
||||
'T_footer' => 'footer.tpl',
|
||||
'T_alert_msg' => 'msg_alert_msg.tpl'
|
||||
));
|
||||
|
||||
function hash_sql2ldap($hash)
|
||||
{
|
||||
switch(strtolower($GLOBALS['egw_info']['server']['sql_encryption_type']))
|
||||
{
|
||||
case '': // not set sql_encryption_type
|
||||
case 'md5':
|
||||
$hash = '{md5}' . base64_encode(pack("H*",$hash));
|
||||
break;
|
||||
case 'crypt':
|
||||
$hash = '{crypt}' . $hash;
|
||||
break;
|
||||
}
|
||||
return $hash;
|
||||
}
|
||||
|
||||
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'config_name,config_value',array(
|
||||
"config_name LIKE 'ldap%'",
|
||||
),__LINE__,__FILE__);
|
||||
while ($GLOBALS['egw_setup']->db->next_record())
|
||||
{
|
||||
$GLOBALS['egw_info']['server'][$GLOBALS['egw_setup']->db->f('config_name')] = $GLOBALS['egw_setup']->db->f('config_value');
|
||||
}
|
||||
$GLOBALS['egw_info']['server']['account_repository'] = 'ldap';
|
||||
|
||||
$egw->accounts =& CreateObject('phpgwapi.accounts');
|
||||
$acct =& $egw->accounts;
|
||||
|
||||
// First, see if we can connect to the LDAP server, if not send `em back to config.php with an
|
||||
// error message.
|
||||
|
||||
// connect to ldap server
|
||||
if(!$ldap = $common->ldapConnect())
|
||||
{
|
||||
$noldapconnection = True;
|
||||
}
|
||||
|
||||
if($noldapconnection)
|
||||
{
|
||||
Header('Location: config.php?error=badldapconnection');
|
||||
exit;
|
||||
}
|
||||
|
||||
// read all accounts & groups direct from SQL for export
|
||||
$group_info = $account_info = array();
|
||||
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->accounts_table,'*',false,__LINE__,__FILE__);
|
||||
while(($row = $GLOBALS['egw_setup']->db->row(true)))
|
||||
{
|
||||
if ($row['account_type'] == 'u') // account
|
||||
{
|
||||
$account_info[$row['account_id']] = $row;
|
||||
}
|
||||
else // group
|
||||
{
|
||||
$row['account_id'] *= -1; // group account_id is internally negative since 1.2
|
||||
$group_info[(string)$row['account_id']] = $row;
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
if($_POST['cancel'])
|
||||
{
|
||||
Header('Location: ldap.php');
|
||||
exit;
|
||||
}
|
||||
$GLOBALS['egw_setup']->html->show_header(lang('LDAP Export'),False,'config',$GLOBALS['egw_setup']->ConfigDomain . '(' . $GLOBALS['egw_domain'][$GLOBALS['egw_setup']->ConfigDomain]['db_type'] . ')');
|
||||
|
||||
if($_POST['submit'])
|
||||
{
|
||||
if($_POST['users'])
|
||||
{
|
||||
foreach($_POST['users'] as $accountid)
|
||||
{
|
||||
if (!isset($account_info[$accountid])) continue;
|
||||
|
||||
$accounts =& CreateObject('phpgwapi.accounts',(int)$accountid);
|
||||
|
||||
// check if user already exists in ldap
|
||||
if ($accounts->exists($accountid))
|
||||
{
|
||||
echo '<p>'.lang('%1 already exists in LDAP.',lang('User')." $accountid ({$account_info[$accountid]['account_lid']})")."</p>\n";
|
||||
continue;
|
||||
}
|
||||
$account_info[$accountid]['homedirectory'] = $GLOBALS['egw_info']['server']['ldap_account_home'] . '/' . $account_info[$accountid]['account_lid'];
|
||||
$account_info[$accountid]['loginshell'] = $GLOBALS['egw_info']['server']['ldap_account_shell'];
|
||||
|
||||
$account_info[$accountid]['account_passwd'] = hash_sql2ldap($account_info[$accountid]['account_passwd']);
|
||||
|
||||
if (!$accounts->create($account_info[$accountid]))
|
||||
{
|
||||
echo '<p>'.lang('Creation of %1 in LDAP failed !!!',lang('User')." $accountid ({$account_info[$accountid]['account_lid']})")."</p>\n";
|
||||
continue;
|
||||
}
|
||||
echo '<p>'.lang('%1 created in LDAP.',lang('User')." $accountid ({$account_info[$accountid]['account_lid']})")."</p>\n";
|
||||
}
|
||||
}
|
||||
if($_POST['ldapgroups'])
|
||||
{
|
||||
foreach($_POST['ldapgroups'] as $groupid)
|
||||
{
|
||||
if (!isset($group_info[$groupid])) continue;
|
||||
|
||||
$groups =& CreateObject('phpgwapi.accounts',(int)$groupid);
|
||||
|
||||
// check if group already exists in ldap
|
||||
if (!$groups->exists($groupid))
|
||||
{
|
||||
if (!$groups->create($group_info[$groupid]))
|
||||
{
|
||||
echo '<p>'.lang('Creation of %1 failed !!!',lang('Group')." $groupid ({$group_info[$groupid]['account_lid']})")."</p>\n";
|
||||
continue;
|
||||
}
|
||||
echo '<p>'.lang('%1 created in LDAP.',lang('Group')." $groupid ({$group_info[$groupid]['account_lid']})")."</p>\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
echo '<p>'.lang('%1 already exists in LDAP.',lang('Group')." $groupid ({$group_info[$groupid]['account_lid']})")."</p>\n";
|
||||
|
||||
if ($groups->id2name($groupid) != $group_info[$groupid]['account_lid'])
|
||||
{
|
||||
continue; // different group under that gidnumber in ldap!
|
||||
}
|
||||
}
|
||||
// now saving / updating the memberships
|
||||
$groups->read_repository();
|
||||
if (!is_object($GLOBALS['egw']->acl))
|
||||
{
|
||||
$GLOBALS['egw']->acl =& CreateObject('phpgwapi.acl');
|
||||
}
|
||||
$groups->save_repository();
|
||||
}
|
||||
}
|
||||
$setup_complete = True;
|
||||
}
|
||||
|
||||
|
||||
if($error)
|
||||
{
|
||||
//echo '<br /><center><b>Error:</b> '.$error.'</center>';
|
||||
$GLOBALS['egw_setup']->html->show_alert_msg('Error',$error);
|
||||
}
|
||||
|
||||
if($setup_complete)
|
||||
{
|
||||
echo '<br /><center>'.lang('Export has been completed! You will need to set the user passwords manually.').'</center>';
|
||||
echo '<br /><center>'.lang('Click <a href="index.php">here</a> to return to setup.').'</center>';
|
||||
$GLOBALS['egw_setup']->html->show_footer();
|
||||
exit;
|
||||
}
|
||||
|
||||
$setup_tpl->set_block('ldap','header','header');
|
||||
$setup_tpl->set_block('ldap','user_list','user_list');
|
||||
$setup_tpl->set_block('ldap','admin_list','admin_list');
|
||||
$setup_tpl->set_block('ldap','group_list','group_list');
|
||||
$setup_tpl->set_block('ldap','app_list','app_list');
|
||||
$setup_tpl->set_block('ldap','submit','submit');
|
||||
$setup_tpl->set_block('ldap','footer','footer');
|
||||
|
||||
foreach($account_info as $account)
|
||||
{
|
||||
$user_list .= '<option value="' . $account['account_id'] . '" selected="1">'
|
||||
. $common->display_fullname($account['account_lid'],$account['account_firstname'],$account['account_lastname'])
|
||||
. '</option>';
|
||||
}
|
||||
|
||||
foreach($group_info as $group)
|
||||
{
|
||||
$group_list .= '<option value="' . $group['account_id'] . '" selected="1">'
|
||||
. $group['account_lid']
|
||||
. '</option>';
|
||||
}
|
||||
|
||||
$setup_tpl->set_var('action_url','ldapexport.php');
|
||||
$setup_tpl->set_var('users',$user_list);
|
||||
$setup_tpl->set_var('admins',$admin_list);
|
||||
$setup_tpl->set_var('ldapgroups',$group_list);
|
||||
$setup_tpl->set_var('s_apps',$app_list);
|
||||
|
||||
$setup_tpl->set_var('ldap_import',lang('LDAP export users'));
|
||||
$setup_tpl->set_var('description',lang("This section will help you export users and groups from eGroupWare's account tables into your LDAP tree").'.');
|
||||
$setup_tpl->set_var('select_users',lang('Select which user(s) will be exported'));
|
||||
$setup_tpl->set_var('select_groups',lang('Select which group(s) will be exported (group membership will be maintained)'));
|
||||
$setup_tpl->set_var('form_submit','export');
|
||||
$setup_tpl->set_var('cancel',lang('Cancel'));
|
||||
|
||||
$setup_tpl->pfp('out','header');
|
||||
if($account_info)
|
||||
{
|
||||
$setup_tpl->pfp('out','user_list');
|
||||
}
|
||||
if($group_info)
|
||||
{
|
||||
$setup_tpl->pfp('out','group_list');
|
||||
}
|
||||
$setup_tpl->pfp('out','submit');
|
||||
$setup_tpl->pfp('out','footer');
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_footer();
|
@ -1,481 +0,0 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare - Setup *
|
||||
* http://www.egroupware.org *
|
||||
* -------------------------------------------- *
|
||||
* This program is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU General Public License as published by the *
|
||||
* Free Software Foundation; either version 2 of the License, or (at your *
|
||||
* option) any later version. *
|
||||
\**************************************************************************/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
$GLOBALS['egw_info'] = array(
|
||||
'flags' => array(
|
||||
'noheader' => True,
|
||||
'nonavbar' => True,
|
||||
'currentapp' => 'home',
|
||||
'noapi' => True
|
||||
));
|
||||
include('./inc/functions.inc.php');
|
||||
|
||||
// Authorize the user to use setup app and load the database
|
||||
if(!$GLOBALS['egw_setup']->auth('Config'))
|
||||
{
|
||||
Header('Location: index.php');
|
||||
exit;
|
||||
}
|
||||
// Does not return unless user is authorized
|
||||
|
||||
class phpgw
|
||||
{
|
||||
var $common;
|
||||
var $accounts;
|
||||
var $applications;
|
||||
var $db;
|
||||
}
|
||||
$phpgw = new phpgw;
|
||||
$phpgw->common = CreateObject('phpgwapi.common');
|
||||
|
||||
$common = $phpgw->common;
|
||||
$GLOBALS['egw_setup']->loaddb();
|
||||
$phpgw->db = $GLOBALS['egw_setup']->db;
|
||||
|
||||
$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');
|
||||
$setup_tpl = CreateObject('setup.Template',$tpl_root);
|
||||
$setup_tpl->set_file(array(
|
||||
'ldap' => 'ldap.tpl',
|
||||
'T_head' => 'head.tpl',
|
||||
'T_footer' => 'footer.tpl',
|
||||
'T_alert_msg' => 'msg_alert_msg.tpl'
|
||||
));
|
||||
|
||||
$GLOBALS['egw_info']['server']['auth_type'] = 'ldap';
|
||||
|
||||
$phpgw->applications = CreateObject('phpgwapi.applications');
|
||||
$applications = $phpgw->applications;
|
||||
|
||||
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'config_name,config_value',array(
|
||||
"config_name LIKE 'ldap%' OR config_name='account_repository'",
|
||||
),__LINE__,__FILE__);
|
||||
while($GLOBALS['egw_setup']->db->next_record())
|
||||
{
|
||||
$config[$GLOBALS['egw_setup']->db->f('config_name')] = $GLOBALS['egw_setup']->db->f('config_value');
|
||||
}
|
||||
$GLOBALS['egw_info']['server']['ldap_host'] = $config['ldap_host'];
|
||||
$GLOBALS['egw_info']['server']['ldap_context'] = $config['ldap_context'];
|
||||
$GLOBALS['egw_info']['server']['ldap_group_context'] = $config['ldap_group_context'];
|
||||
$GLOBALS['egw_info']['server']['ldap_root_dn'] = $config['ldap_root_dn'];
|
||||
$GLOBALS['egw_info']['server']['ldap_root_pw'] = $config['ldap_root_pw'];
|
||||
$GLOBALS['egw_info']['server']['ldap_version3'] = $config['ldap_version3'] == "True" ? True : False;
|
||||
$GLOBALS['egw_info']['server']['account_repository'] = $config['account_repository'];
|
||||
|
||||
$phpgw->accounts = CreateObject('phpgwapi.accounts');
|
||||
$acct = $phpgw->accounts;
|
||||
|
||||
// First, see if we can connect to the LDAP server, if not send `em back to config.php with an
|
||||
// error message.
|
||||
|
||||
// connect to ldap server
|
||||
if(!$ldap = $common->ldapConnect())
|
||||
{
|
||||
$noldapconnection = True;
|
||||
}
|
||||
|
||||
if($noldapconnection)
|
||||
{
|
||||
Header('Location: config.php?error=badldapconnection');
|
||||
exit;
|
||||
}
|
||||
|
||||
$sr = ldap_search($ldap,$config['ldap_context'],'(|(uid=*))',array('sn','givenname','uid','uidnumber','email','gidnumber'));
|
||||
$info = ldap_get_entries($ldap, $sr);
|
||||
$account_info = $group_info = array();
|
||||
|
||||
for($i=0; $i<$info['count']; $i++)
|
||||
{
|
||||
if(!$GLOBALS['egw_info']['server']['global_denied_users'][$info[$i]['uid'][0]])
|
||||
{
|
||||
$account_info[$info[$i]['uidnumber'][0]] = array(
|
||||
'account_id' => $info[$i]['uidnumber'][0],
|
||||
'account_lid' => $info[$i]['uid'][0],
|
||||
'account_firstname' => $info[$i]['givenname'][0],
|
||||
'account_lastname' => $info[$i]['sn'][0],
|
||||
'account_passwd' => $info[$i]['userpassword'][0],
|
||||
'account_email' => $info[$i]['email'][0],
|
||||
'account_primary_group' => -$info[$i]['gidnumber'][0],
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
if($GLOBALS['egw_info']['server']['ldap_group_context'])
|
||||
{
|
||||
$srg = ldap_search($ldap,$config['ldap_group_context'],'(|(cn=*))',array('gidnumber','cn','memberuid'));
|
||||
$info = ldap_get_entries($ldap, $srg);
|
||||
|
||||
for($i=0; $i<$info['count']; $i++)
|
||||
{
|
||||
if(!$GLOBALS['egw_info']['server']['global_denied_groups'][$info[$i]['cn'][0]] &&
|
||||
!$account_info[$i][$info[$i]['cn'][0]])
|
||||
{
|
||||
$group_info[-$info[$i]['gidnumber'][0]] = array(
|
||||
'account_id' => -$info[$i]['gidnumber'][0],
|
||||
'account_lid' => $info[$i]['cn'][0],
|
||||
'members' => $info[$i]['memberuid'],
|
||||
'account_firstname' => $info[$i]['cn'][0],
|
||||
'account_lastname' => 'Group'
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->applications_table,'app_name','app_enabled != 0 AND app_enabled != 3',__LINE__,__FILE__);
|
||||
while($GLOBALS['egw_setup']->db->next_record())
|
||||
{
|
||||
$apps[$GLOBALS['egw_setup']->db->f('app_name')] = lang($GLOBALS['egw_setup']->db->f('app_name'));
|
||||
}
|
||||
|
||||
$cancel = get_var('cancel','POST');
|
||||
$submit = get_var('submit','POST');
|
||||
$users = get_var('users','POST');
|
||||
$admins = get_var('admins','POST');
|
||||
$s_apps = get_var('s_apps','POST');
|
||||
$ldapgroups = get_var('ldapgroups','POST');
|
||||
|
||||
if($cancel)
|
||||
{
|
||||
Header('Location: ldap.php');
|
||||
exit;
|
||||
}
|
||||
|
||||
if($submit)
|
||||
{
|
||||
if(!count($admins))
|
||||
{
|
||||
$error = '<br />You must select at least 1 admin';
|
||||
}
|
||||
|
||||
if(!count($s_apps))
|
||||
{
|
||||
$error .= '<br />You must select at least 1 application';
|
||||
}
|
||||
|
||||
if(!$error)
|
||||
{
|
||||
if($users)
|
||||
{
|
||||
foreach($users as $id)
|
||||
{
|
||||
$thisacctid = $account_info[$id]['account_id'];
|
||||
$thisacctlid = $account_info[$id]['account_lid'];
|
||||
|
||||
// Do some checks before we try to import the data.
|
||||
if(!empty($thisacctid) && !empty($thisacctlid))
|
||||
{
|
||||
$accounts =& CreateObject('phpgwapi.accounts',(int)$thisacctid);
|
||||
|
||||
// Check if the account is already there.
|
||||
// If so, we won't try to create it again.
|
||||
$acct_exist = $acct->name2id($thisacctlid);
|
||||
if($acct_exist)
|
||||
{
|
||||
$thisacctid = $acct_exist;
|
||||
}
|
||||
$id_exist = $accounts->exists($thisacctlid);
|
||||
// If not, create it now.
|
||||
if(!$id_exist)
|
||||
{
|
||||
$thisacctid = $accounts->create($account_info[$id]+array(
|
||||
'account_type' => 'u',
|
||||
'account_status' => 'A',
|
||||
'account_expires' => -1,
|
||||
));
|
||||
}
|
||||
if (!$thisacctid) // if we have no account_id, we cant continue
|
||||
{
|
||||
continue;
|
||||
}
|
||||
// Insert default acls for this user.
|
||||
// Since the group has app rights, we don't need to give users
|
||||
// these rights. Instead, we make the user a member of the Default group
|
||||
// below.
|
||||
$acl = CreateObject('phpgwapi.acl',(int)$thisacctid);
|
||||
$acl->db = $GLOBALS['egw_setup']->db;
|
||||
$acl->read_repository();
|
||||
|
||||
// Only give them admin if we asked for them to have it.
|
||||
// This is typically an exception to apps for run rights
|
||||
// as a group member.
|
||||
for($a=0;$a<count($admins);$a++)
|
||||
{
|
||||
if($admins[$a] == $thisacctlid)
|
||||
{
|
||||
$acl->delete('admin','run',1);
|
||||
$acl->add('admin','run',1);
|
||||
}
|
||||
}
|
||||
|
||||
// Now make them a member of the 'Default' group.
|
||||
// But, only if the current user is not the group itself.
|
||||
if(!$defaultgroupid)
|
||||
{
|
||||
$defaultgroupid = $accounts->name2id('Default');
|
||||
}
|
||||
if($defaultgroupid)
|
||||
{
|
||||
$acl->delete('phpgw_group',$defaultgroupid,1);
|
||||
$acl->add('phpgw_group',$defaultgroupid,1);
|
||||
}
|
||||
|
||||
// Save these new acls.
|
||||
$acl->save_repository();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($ldapgroups)
|
||||
{
|
||||
foreach($ldapgroups as $groupid)
|
||||
{
|
||||
$id_exist = 0;
|
||||
$thisacctid = $group_info[$groupid]['account_id'];
|
||||
$thisacctlid = $group_info[$groupid]['account_lid'];
|
||||
$thisfirstname = $group_info[$groupid]['account_firstname'];
|
||||
$thislastname = $group_info[$groupid]['account_lastname'];
|
||||
$thismembers = $group_info[$groupid]['members'];
|
||||
|
||||
// Do some checks before we try to import the data.
|
||||
if(!empty($thisacctid) && !empty($thisacctlid))
|
||||
{
|
||||
$groups = CreateObject('phpgwapi.accounts',(int)$thisacctid);
|
||||
|
||||
// Check if the account is already there.
|
||||
// If so, we won't try to create it again.
|
||||
$acct_exist = $groups->name2id($thisacctlid);
|
||||
/* echo '<br<group: ' . $acct_exist; */
|
||||
if($acct_exist)
|
||||
{
|
||||
$thisacctid = $acct_exist;
|
||||
}
|
||||
$id_exist = $groups->exists((int)$thisacctid);
|
||||
// If not, create it now.
|
||||
if(!$id_exist)
|
||||
{
|
||||
$thisacctid = $groups->create(array(
|
||||
'account_type' => 'g',
|
||||
'account_lid' => $thisacctlid,
|
||||
'account_passwd' => 'x',
|
||||
'account_firstname' => $thisfirstname,
|
||||
'account_lastname' => $thislastname,
|
||||
'account_status' => 'A',
|
||||
'account_expires' => -1
|
||||
));
|
||||
}
|
||||
if (!$thisacctid) // if we have no account_id, we cant continue
|
||||
{
|
||||
continue;
|
||||
}
|
||||
// Now make them a member of this group in phpgw.
|
||||
foreach($thismembers as $key =>$members)
|
||||
{
|
||||
if($key == 'count')
|
||||
{
|
||||
continue;
|
||||
}
|
||||
/* echo '<br />members: ' . $members; */
|
||||
$tmpid = 0;
|
||||
@reset($account_info);
|
||||
while(list($x,$y) = each($account_info))
|
||||
{
|
||||
/* echo '<br />checking: '.$y['account_lid']; */
|
||||
if($members == $y['account_lid'])
|
||||
{
|
||||
$tmpid = $acct->name2id($y['account_lid']);
|
||||
}
|
||||
}
|
||||
/*
|
||||
Insert acls for this group based on memberuid field.
|
||||
Since the group has app rights, we don't need to give users
|
||||
these rights. Instead, we maintain group membership here.
|
||||
*/
|
||||
if($tmpid)
|
||||
{
|
||||
$acl = CreateObject('phpgwapi.acl',$tmpid);
|
||||
$acl->account_id = (int)$tmpid;
|
||||
$acl->read_repository();
|
||||
|
||||
$acl->delete('phpgw_group',$thisacctid,1);
|
||||
$acl->add('phpgw_group',$thisacctid,1);
|
||||
|
||||
/* Now add the acl to let them change their password */
|
||||
$acl->delete('preferences','changepassword',1);
|
||||
$acl->add('preferences','changepassword',1);
|
||||
|
||||
$acl->save_repository();
|
||||
|
||||
/* Add prefs for selected apps here, since they are per-user.
|
||||
App access is added below.
|
||||
*/
|
||||
$pref = CreateObject('phpgwapi.preferences',$tmpid);
|
||||
$pref->db = $GLOBALS['egw_setup']->db;
|
||||
$pref->account_id = (int)$tmpid;
|
||||
$pref->read_repository();
|
||||
@reset($s_apps);
|
||||
while(list($key,$app) = each($s_apps))
|
||||
{
|
||||
$phpgw->hooks->single('add_def_pref',$app);
|
||||
}
|
||||
$pref->save_repository();
|
||||
}
|
||||
}
|
||||
/* Now give this group some rights */
|
||||
$GLOBALS['egw_info']['user']['account_id'] = $thisacctid;
|
||||
$acl = CreateObject('phpgwapi.acl');
|
||||
$acl->account_id = (int)$thisacctid;
|
||||
$acl->read_repository();
|
||||
@reset($s_apps);
|
||||
while(list($key,$app) = each($s_apps))
|
||||
{
|
||||
$acl->delete($app,'run',1);
|
||||
$acl->add($app,'run',1);
|
||||
}
|
||||
$acl->save_repository();
|
||||
$defaultgroupid = $thisacctid;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
/* Create the 'Default' group */
|
||||
$groups = CreateObject('phpgwapi.accounts',$defaultgroupid);
|
||||
|
||||
// Check if the group account is already there.
|
||||
// If so, set our group_id to that account's id for use below.
|
||||
$acct_exist = $groups->name2id('Default');
|
||||
if($acct_exist)
|
||||
{
|
||||
$defaultgroupid = $acct_exist;
|
||||
}
|
||||
$id_exist = $groups->exists((int)$defaultgroupid);
|
||||
// if not, create it, using our original groupid.
|
||||
if($id_exist)
|
||||
{
|
||||
$groups->delete($defaultgroupid);
|
||||
}
|
||||
$thisgroup_info = array(
|
||||
'account_type' => 'g',
|
||||
'account_lid' => 'Default',
|
||||
'account_passwd' => $passwd,
|
||||
'account_firstname' => 'Default',
|
||||
'account_lastname' => 'Group',
|
||||
'account_status' => 'A',
|
||||
'account_expires' => -1
|
||||
);
|
||||
$defaultgroupid = $acct->create($thisgroup_info);
|
||||
|
||||
$acl = CreateObject('phpgwapi.acl',$defaultgroupid);
|
||||
$acl->account_id = (int)$defaultgroupid;
|
||||
$acl->read_repository();
|
||||
@reset($s_apps);
|
||||
while(list($key,$app) = each($s_apps))
|
||||
{
|
||||
$acl->delete($app,'run',1);
|
||||
$acl->add($app,'run',1);
|
||||
}
|
||||
$acl->save_repository();
|
||||
} //end default group creation
|
||||
}
|
||||
$setup_complete = True;
|
||||
}
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_header(lang('LDAP Import'),False,'config',$GLOBALS['egw_setup']->ConfigDomain . '(' . $GLOBALS['egw_domain'][$GLOBALS['egw_setup']->ConfigDomain]['db_type'] . ')');
|
||||
|
||||
if($error)
|
||||
{
|
||||
//echo '<br /><center><b>Error:</b> '.$error.'</center>';
|
||||
$GLOBALS['egw_setup']->html->show_alert_msg('Error',$error);
|
||||
}
|
||||
|
||||
if($setup_complete)
|
||||
{
|
||||
echo '<br /><center>'.lang('Import has been completed!').' '.lang('Click <a href="index.php">here</a> to return to setup.').'</center>';
|
||||
$GLOBALS['egw_setup']->html->show_footer();
|
||||
exit;
|
||||
}
|
||||
|
||||
$setup_tpl->set_block('ldap','header','header');
|
||||
$setup_tpl->set_block('ldap','user_list','user_list');
|
||||
$setup_tpl->set_block('ldap','admin_list','admin_list');
|
||||
$setup_tpl->set_block('ldap','group_list','group_list');
|
||||
$setup_tpl->set_block('ldap','app_list','app_list');
|
||||
$setup_tpl->set_block('ldap','submit','submit');
|
||||
$setup_tpl->set_block('ldap','footer','footer');
|
||||
|
||||
while(list($key,$account) = each($account_info))
|
||||
{
|
||||
$user_list .= '<option value="' . $account['account_id'] . '">'
|
||||
. $common->display_fullname($account['account_lid'],$account['account_firstname'],$account['account_lastname'])
|
||||
. '</option>';
|
||||
}
|
||||
|
||||
@reset($account_info);
|
||||
while(list($key,$account) = each($account_info))
|
||||
{
|
||||
$admin_list .= '<option value="' . $account['account_lid'] . '">'
|
||||
. $common->display_fullname($account['account_lid'],$account['account_firstname'],$account['account_lastname'])
|
||||
. '</option>';
|
||||
}
|
||||
|
||||
while(list($key,$group) = each($group_info))
|
||||
{
|
||||
$group_list .= '<option value="' . $group['account_id'] . '">'
|
||||
. $group['account_lid']
|
||||
. '</option>';
|
||||
}
|
||||
|
||||
while(list($appname,$apptitle) = each($apps))
|
||||
{
|
||||
if($appname == 'admin' ||
|
||||
$appname == 'skel' ||
|
||||
$appname == 'backup' ||
|
||||
$appname == 'netsaint' ||
|
||||
$appname == 'developer_tools' ||
|
||||
$appname == 'phpsysinfo' ||
|
||||
$appname == 'eldaptir' ||
|
||||
$appname == 'qmailldap')
|
||||
{
|
||||
$app_list .= '<option value="' . $appname . '">' . $apptitle . '</option>';
|
||||
}
|
||||
else
|
||||
{
|
||||
$app_list .= '<option value="' . $appname . '" selected="selected">' . $apptitle . '</option>';
|
||||
}
|
||||
}
|
||||
|
||||
$setup_tpl->set_var('action_url','ldapimport.php');
|
||||
$setup_tpl->set_var('users',$user_list);
|
||||
$setup_tpl->set_var('admins',$admin_list);
|
||||
$setup_tpl->set_var('ldapgroups',$group_list);
|
||||
$setup_tpl->set_var('s_apps',$app_list);
|
||||
|
||||
$setup_tpl->set_var('ldap_import',lang('LDAP import users'));
|
||||
$setup_tpl->set_var('description',lang("This section will help you import users and groups from your LDAP tree into eGroupWare's account tables").'.');
|
||||
$setup_tpl->set_var('select_users',lang('Select which user(s) will be imported'));
|
||||
$setup_tpl->set_var('select_admins',lang('Select which user(s) will have admin privileges'));
|
||||
$setup_tpl->set_var('select_groups',lang('Select which group(s) will be imported (group membership will be maintained)'));
|
||||
$setup_tpl->set_var('select_apps',lang('Select the default applications to which your users will have access').'.');
|
||||
$setup_tpl->set_var('note',lang('Note: You will be able to customize this later').'.');
|
||||
$setup_tpl->set_var('form_submit','import');
|
||||
$setup_tpl->set_var('cancel',lang('Cancel'));
|
||||
|
||||
$setup_tpl->pfp('out','header');
|
||||
$setup_tpl->pfp('out','user_list');
|
||||
$setup_tpl->pfp('out','admin_list');
|
||||
$setup_tpl->pfp('out','group_list');
|
||||
$setup_tpl->pfp('out','app_list');
|
||||
$setup_tpl->pfp('out','submit');
|
||||
$setup_tpl->pfp('out','footer');
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_footer();
|
||||
?>
|
@ -1,433 +0,0 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare - Setup *
|
||||
* http://www.egroupware.org *
|
||||
* -------------------------------------------- *
|
||||
* This program is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU General Public License as published by the *
|
||||
* Free Software Foundation; either version 2 of the License, or (at your *
|
||||
* option) any later version. *
|
||||
\**************************************************************************/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
$GLOBALS['egw_info'] = array(
|
||||
'flags' => array(
|
||||
'noheader' => True,
|
||||
'nonavbar' => True,
|
||||
'currentapp' => 'home',
|
||||
'noapi' => True
|
||||
));
|
||||
include('./inc/functions.inc.php');
|
||||
|
||||
/* Authorize the user to use setup app and load the database */
|
||||
if(!$GLOBALS['egw_setup']->auth('Config'))
|
||||
{
|
||||
Header('Location: index.php');
|
||||
exit;
|
||||
}
|
||||
/* Does not return unless user is authorized */
|
||||
|
||||
class egw
|
||||
{
|
||||
var $common;
|
||||
var $accounts;
|
||||
var $applications;
|
||||
var $db;
|
||||
}
|
||||
$GLOBALS['egw'] = new egw;
|
||||
$GLOBALS['egw']->common = CreateObject('phpgwapi.common');
|
||||
|
||||
$common = $GLOBALS['egw']->common;
|
||||
$GLOBALS['egw_setup']->loaddb();
|
||||
$GLOBALS['egw']->db = clone($GLOBALS['egw_setup']->db);
|
||||
|
||||
$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');
|
||||
$setup_tpl = CreateObject('setup.Template',$tpl_root);
|
||||
$setup_tpl->set_file(array(
|
||||
'ldap' => 'ldap.tpl',
|
||||
'T_head' => 'head.tpl',
|
||||
'T_footer' => 'footer.tpl',
|
||||
'T_alert_msg' => 'msg_alert_msg.tpl'
|
||||
));
|
||||
|
||||
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'config_name,config_value',array(
|
||||
"config_name LIKE 'ldap%' OR config_name='account_repository'",
|
||||
),__LINE__,__FILE__);
|
||||
while($GLOBALS['egw_setup']->db->next_record())
|
||||
{
|
||||
$config[$GLOBALS['egw_setup']->db->f('config_name')] = $GLOBALS['egw_setup']->db->f('config_value');
|
||||
}
|
||||
$GLOBALS['egw_info']['server']['ldap_host'] = $config['ldap_host'];
|
||||
$GLOBALS['egw_info']['server']['ldap_context'] = $config['ldap_context'];
|
||||
$GLOBALS['egw_info']['server']['ldap_group_context'] = $config['ldap_group_context'];
|
||||
$GLOBALS['egw_info']['server']['ldap_root_dn'] = $config['ldap_root_dn'];
|
||||
$GLOBALS['egw_info']['server']['ldap_root_pw'] = $config['ldap_root_pw'];
|
||||
$GLOBALS['egw_info']['server']['account_repository'] = $config['account_repository'];
|
||||
$GLOBALS['egw_info']['server']['ldap_version3'] = $config['ldap_version3'];
|
||||
|
||||
$GLOBALS['egw']->accounts = CreateObject('phpgwapi.accounts');
|
||||
$acct = $GLOBALS['egw']->accounts;
|
||||
|
||||
/* connect to ldap server */
|
||||
if(!$ldap = $common->ldapConnect())
|
||||
{
|
||||
$noldapconnection = True;
|
||||
}
|
||||
|
||||
if($noldapconnection)
|
||||
{
|
||||
Header('Location: config.php?error=badldapconnection');
|
||||
exit;
|
||||
}
|
||||
|
||||
$sr = ldap_search($ldap,$config['ldap_context'],'(|(uid=*))',array('cn','givenname','uid','uidnumber'));
|
||||
$info = ldap_get_entries($ldap, $sr);
|
||||
$tmp = '';
|
||||
|
||||
for($i=0; $i<$info['count']; $i++)
|
||||
{
|
||||
if(!$GLOBALS['egw_info']['server']['global_denied_users'][$info[$i]['uid'][0]])
|
||||
{
|
||||
$account_info[$info[$i]['uidnumber'][0]] = $info[$i];
|
||||
}
|
||||
}
|
||||
|
||||
if($GLOBALS['egw_info']['server']['ldap_group_context'])
|
||||
{
|
||||
$srg = ldap_search($ldap,$config['ldap_group_context'],'(|(cn=*))',array('gidnumber','cn','memberuid'));
|
||||
$info = ldap_get_entries($ldap, $srg);
|
||||
$tmp = '';
|
||||
|
||||
for($i=0; $i<$info['count']; $i++)
|
||||
{
|
||||
if(!$GLOBALS['egw_info']['server']['global_denied_groups'][$info[$i]['cn'][0]] &&
|
||||
!$account_info[$i][$info[$i]['cn'][0]])
|
||||
{
|
||||
$group_info[-$info[$i]['gidnumber'][0]] = $info[$i];
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$group_info = array();
|
||||
}
|
||||
|
||||
$GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->applications_table,'app_name','app_enabled != 0 AND app_enabled != 3',__LINE__,__FILE__);
|
||||
while($GLOBALS['egw_setup']->db->next_record())
|
||||
{
|
||||
$apps[$GLOBALS['egw_setup']->db->f('app_name')] = lang($GLOBALS['egw_setup']->db->f('app_name'));
|
||||
}
|
||||
|
||||
if($cancel)
|
||||
{
|
||||
Header("Location: ldap.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_header(lang('LDAP Modify'),False,'config',$GLOBALS['egw_setup']->ConfigDomain . '(' . $GLOBALS['egw_domain'][$GLOBALS['egw_setup']->ConfigDomain]['db_type'] . ')');
|
||||
$setup_complete = False;
|
||||
if(isset($_POST['submit']))
|
||||
{
|
||||
$acl = CreateObject('phpgwapi.acl');
|
||||
if(isset($_POST['ldapgroups']))
|
||||
{
|
||||
$groups = CreateObject('phpgwapi.accounts');
|
||||
while(list($key,$groupid) = each($_POST['ldapgroups']))
|
||||
{
|
||||
$id_exist = 0;
|
||||
$entry = array();
|
||||
$thisacctid = $group_info[$groupid]['gidnumber'][0];
|
||||
$thisacctlid = $group_info[$groupid]['cn'][0];
|
||||
/* echo "Updating GROUPID : ".$thisacctlid."<br />\n"; */
|
||||
$thisfirstname = $group_info[$groupid]['cn'][0];
|
||||
$thismembers = $group_info[$groupid]['memberuid'];
|
||||
$thisdn = $group_info[$groupid]['dn'];
|
||||
|
||||
/* Do some checks before we try to import the data. */
|
||||
if(!empty($thisacctid) && !empty($thisacctlid))
|
||||
{
|
||||
$groups->account_id = (int)$thisacctid;
|
||||
|
||||
$sr = ldap_search($ldap,$config['ldap_group_context'],'cn='.$thisacctlid);
|
||||
$entry = ldap_get_entries($ldap, $sr);
|
||||
|
||||
reset($entry[0]['objectclass']);
|
||||
$addclass = True;
|
||||
while(list($key,$value) = each($entry[0]['objectclass']))
|
||||
{
|
||||
if(strtolower($value) == 'phpgwaccount')
|
||||
{
|
||||
$addclass = False;
|
||||
}
|
||||
}
|
||||
if($addclass)
|
||||
{
|
||||
reset($entry[0]['objectclass']);
|
||||
$replace['objectclass'] = $entry[0]['objectclass'];
|
||||
unset($replace['objectclass']['count']);
|
||||
$replace['objectclass'][] = 'phpgwAccount';
|
||||
sort($replace['objectclass']);
|
||||
ldap_mod_replace($ldap,$thisdn,$replace);
|
||||
unset($replace);
|
||||
unset($addclass);
|
||||
}
|
||||
unset($add);
|
||||
if(!@isset($entry[0]['phpgwaccountstatus']))
|
||||
{
|
||||
$add['phpgwaccountstatus'][] = 'A';
|
||||
}
|
||||
if(!@isset($entry[0]['phpgwaccounttype']))
|
||||
{
|
||||
$add['phpgwaccounttype'][] = 'g';
|
||||
}
|
||||
if(!@isset($entry[0]['phpgwaccountexpires']))
|
||||
{
|
||||
$add['phpgwaccountexpires'][] = -1;
|
||||
}
|
||||
if(@isset($add))
|
||||
{
|
||||
ldap_mod_add($ldap,$thisdn,$add);
|
||||
}
|
||||
|
||||
/* Now make the members a member of this group in phpgw. */
|
||||
if(is_array($thismembers))
|
||||
{
|
||||
foreach($thismembers as $key => $members)
|
||||
{
|
||||
if($key == 'count')
|
||||
{
|
||||
continue;
|
||||
}
|
||||
/* echo '<br />members: ' . $members; */
|
||||
$tmpid = 0;
|
||||
@reset($account_info);
|
||||
while(list($x,$y) = each($account_info))
|
||||
{
|
||||
/* echo '<br />checking: '.$y['account_lid']; */
|
||||
if($members == $y['account_lid'])
|
||||
{
|
||||
$tmpid = $y['account_id'];
|
||||
}
|
||||
}
|
||||
// Insert acls for this group based on memberuid field.
|
||||
// Since the group has app rights, we don't need to give users
|
||||
// these rights. Instead, we maintain group membership here.
|
||||
if($tmpid)
|
||||
{
|
||||
$acl->account_id = (int)$tmpid;
|
||||
$acl->read_repository();
|
||||
|
||||
$acl->delete('phpgw_group',$thisacctid,1);
|
||||
$acl->add('phpgw_group',$thisacctid,1);
|
||||
|
||||
// Now add the acl to let them change their password
|
||||
$acl->delete('preferences','changepassword',1);
|
||||
$acl->add('preferences','changepassword',1);
|
||||
|
||||
$acl->save_repository();
|
||||
}
|
||||
}
|
||||
}
|
||||
/* Now give this group some rights */
|
||||
$GLOBALS['egw_info']['user']['account_id'] = $thisacctid;
|
||||
$acl->account_id = (int)$thisacctid;
|
||||
$acl->read_repository();
|
||||
@reset($_POST['s_apps']);
|
||||
while(list($key,$app) = @each($_POST['s_apps']))
|
||||
{
|
||||
$acl->delete($app,'run',1);
|
||||
$acl->add($app,'run',1);
|
||||
}
|
||||
$acl->save_repository();
|
||||
$defaultgroupid = $thisacctid;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if(isset($_POST['users']))
|
||||
{
|
||||
$accounts = CreateObject('phpgwapi.accounts');
|
||||
while(list($key,$id) = each($_POST['users']))
|
||||
{
|
||||
$id_exist = 0;
|
||||
$thisacctid = $account_info[$id]['uidnumber'][0];
|
||||
$thisacctlid = $account_info[$id]['uid'][0];
|
||||
/* echo "Updating USERID : ".$thisacctlid."<br />\n"; */
|
||||
$thisdn = $account_info[$id]['dn'];
|
||||
|
||||
/* Do some checks before we try to import the data. */
|
||||
if(!empty($thisacctid) && !empty($thisacctlid))
|
||||
{
|
||||
$accounts->account_id = (int)$thisacctid;
|
||||
$sr = ldap_search($ldap,$config['ldap_context'],'uid='.$thisacctlid);
|
||||
$entry = ldap_get_entries($ldap, $sr);
|
||||
reset($entry[0]['objectclass']);
|
||||
$addclass = True;
|
||||
while(list($key,$value) = each($entry[0]['objectclass']))
|
||||
{
|
||||
if(strtolower($value) == 'phpgwaccount')
|
||||
{
|
||||
$addclass = False;
|
||||
}
|
||||
}
|
||||
if($addclass)
|
||||
{
|
||||
reset($entry[0]['objectclass']);
|
||||
$replace['objectclass'] = $entry[0]['objectclass'];
|
||||
unset($replace['objectclass']['count']);
|
||||
$replace['objectclass'][] = 'phpgwAccount';
|
||||
sort($replace['objectclass']);
|
||||
ldap_mod_replace($ldap,$thisdn,$replace);
|
||||
unset($replace);
|
||||
unset($addclass);
|
||||
}
|
||||
unset($add);
|
||||
if(!@isset($entry[0]['phpgwaccountstatus']))
|
||||
{
|
||||
$add['phpgwaccountstatus'][] = 'A';
|
||||
}
|
||||
if(!@isset($entry[0]['phpgwaccounttype']))
|
||||
{
|
||||
$add['phpgwaccounttype'][] = 'u';
|
||||
}
|
||||
if(!@isset($entry[0]['phpgwaccountexpires']))
|
||||
{
|
||||
$add['phpgwaccountexpires'][] = -1;
|
||||
}
|
||||
if(@isset($add))
|
||||
{
|
||||
ldap_mod_add($ldap,$thisdn,$add);
|
||||
}
|
||||
|
||||
/*
|
||||
Insert default acls for this user.
|
||||
Since the group has app rights, we don't need to give users
|
||||
these rights.
|
||||
*/
|
||||
$acl->account_id = (int)$thisacctid;
|
||||
$acl->read_repository();
|
||||
|
||||
/*
|
||||
However, if no groups were imported, we do need to give each user
|
||||
apps access
|
||||
*/
|
||||
if(empty($_POST['ldapgroups']))
|
||||
{
|
||||
@reset($_POST['s_apps']);
|
||||
while(list($key,$app) = @each($_POST['s_apps']))
|
||||
{
|
||||
$acl->delete($app,'run',1);
|
||||
$acl->add($app,'run',1);
|
||||
}
|
||||
}
|
||||
// Now add the acl to let them change their password
|
||||
$acl->delete('preferences','changepassword',1);
|
||||
$acl->add('preferences','changepassword',1);
|
||||
|
||||
/*
|
||||
Only give them admin if we asked for them to have it.
|
||||
This is typically an exception to apps for run rights
|
||||
as a group member.
|
||||
*/
|
||||
for($a=0;$a<=count($_POST['admins']);$a++)
|
||||
{
|
||||
if($_POST['admins'][$a] == $thisacctid)
|
||||
{
|
||||
$acl->delete('admin','run',1);
|
||||
$acl->add('admin','run',1);
|
||||
}
|
||||
}
|
||||
/* Save these new acls. */
|
||||
$acl->save_repository();
|
||||
}
|
||||
}
|
||||
}
|
||||
$setup_complete = True;
|
||||
}
|
||||
|
||||
if(isset($_GET['error']))
|
||||
{
|
||||
/* echo '<br /><center><b>Error:</b> '.$error.'</center>'; */
|
||||
$GLOBALS['egw_setup']->html->show_alert_msg('Error',$_GET['error']);
|
||||
}
|
||||
|
||||
if($setup_complete)
|
||||
{
|
||||
echo '<br /><center>'.lang('Modifications have been completed!').' '.lang('Click <a href="index.php">here</a> to return to setup.').'<br /><center>';
|
||||
$GLOBALS['egw_setup']->html->show_footer();
|
||||
exit;
|
||||
}
|
||||
|
||||
$setup_tpl->set_block('ldap','header','header');
|
||||
$setup_tpl->set_block('ldap','user_list','user_list');
|
||||
$setup_tpl->set_block('ldap','admin_list','admin_list');
|
||||
$setup_tpl->set_block('ldap','group_list','group_list');
|
||||
$setup_tpl->set_block('ldap','app_list','app_list');
|
||||
$setup_tpl->set_block('ldap','submit','submit');
|
||||
$setup_tpl->set_block('ldap','footer','footer');
|
||||
|
||||
$user_list = '';
|
||||
while(list($key,$account) = @each($account_info))
|
||||
{
|
||||
$user_list .= '<option value="' . $account['uidnumber'][0] . '">' . utf8_decode($account['cn'][0]) . ' (' . $account['uid'][0] . ')</option>';
|
||||
}
|
||||
|
||||
$admin_list = '';
|
||||
@reset($account_info);
|
||||
while (list($key,$account) = @each($account_info))
|
||||
{
|
||||
$admin_list .= '<option value="' . $account['uidnumber'][0] . '">' . utf8_decode($account['cn'][0]) . ' (' . $account['uid'][0] . ')</option>';
|
||||
}
|
||||
|
||||
$group_list = '';
|
||||
while(list($key,$group) = @each($group_info))
|
||||
{
|
||||
$group_list .= '<option value="' . $group['gidnumber'][0] . '">' . utf8_decode($group['cn'][0]) . '</option>';
|
||||
}
|
||||
|
||||
$app_list = '';
|
||||
while(list($appname,$apptitle) = each($apps))
|
||||
{
|
||||
if($appname == 'admin' ||
|
||||
$appname == 'skel' ||
|
||||
$appname == 'backup' ||
|
||||
$appname == 'netsaint' ||
|
||||
$appname == 'developer_tools' ||
|
||||
$appname == 'phpsysinfo' ||
|
||||
$appname == 'eldaptir' ||
|
||||
$appname == 'qmailldap')
|
||||
{
|
||||
$app_list .= '<option value="' . $appname . '">' . $apptitle . '</option>';
|
||||
}
|
||||
else
|
||||
{
|
||||
$app_list .= '<option value="' . $appname . '" selected>' . $apptitle . '</option>';
|
||||
}
|
||||
}
|
||||
|
||||
$setup_tpl->set_var('action_url','ldapmodify.php');
|
||||
$setup_tpl->set_var('users',$user_list);
|
||||
$setup_tpl->set_var('admins',$admin_list);
|
||||
$setup_tpl->set_var('ldapgroups',$group_list);
|
||||
$setup_tpl->set_var('s_apps',$app_list);
|
||||
|
||||
$setup_tpl->set_var('ldap_import',lang('LDAP Modify'));
|
||||
$setup_tpl->set_var('description',lang("This section will help you setup your LDAP accounts for use with eGroupWare").'.');
|
||||
$setup_tpl->set_var('select_users',lang('Select which user(s) will be modified'));
|
||||
$setup_tpl->set_var('select_admins',lang('Select which user(s) will also have admin privileges'));
|
||||
$setup_tpl->set_var('select_groups',lang('Select which group(s) will be modified (group membership will be maintained)'));
|
||||
$setup_tpl->set_var('select_apps',lang('Select the default applications to which your users will have access').'.');
|
||||
$setup_tpl->set_var('form_submit',lang('Modify'));
|
||||
$setup_tpl->set_var('cancel',lang('Cancel'));
|
||||
|
||||
$setup_tpl->pfp('out','header');
|
||||
$setup_tpl->pfp('out','user_list');
|
||||
$setup_tpl->pfp('out','admin_list');
|
||||
$setup_tpl->pfp('out','group_list');
|
||||
$setup_tpl->pfp('out','app_list');
|
||||
$setup_tpl->pfp('out','submit');
|
||||
$setup_tpl->pfp('out','footer');
|
||||
|
||||
$GLOBALS['egw_setup']->html->show_footer();
|
||||
?>
|
@ -131,12 +131,22 @@ function do_config($args)
|
||||
),
|
||||
'--smtpserver' => array( //smtp server,[smtp port],[smtp user],[smtp password]
|
||||
'smtp_server','smtp_port','smtp_auth_user','smtp_auth_passwd'),
|
||||
'--account-auth' => array(
|
||||
array('name' => 'account_repository','allowed' => array('sql','ldap')),
|
||||
array('name' => 'auth_type','allowed' => array('sql','ldap','mail','ads','http','sqlssl','nis','pam')),
|
||||
array('name' => 'sql_encryption','allowed' => array('md5','blowfish_crypt','md5_crypt','crypt')),
|
||||
'check_save_password','allow_cookie_auth'),
|
||||
'--ldap-host' => 'ldap_host',
|
||||
'--ldap-root-dn' => 'ldap_root_dn',
|
||||
'--ldap-root-pw' => 'ldap_root_pw',
|
||||
'--ldap-context' => 'ldap_context',
|
||||
'--ldap-group-context' => 'ldap_group_context',
|
||||
);
|
||||
while (($arg = array_shift($args)))
|
||||
{
|
||||
if (!isset($config[$arg])) fail(90,lang("Unknown option '%1' !!!",$arg));
|
||||
|
||||
foreach(explode(',',array_shift($args)) as $n => $value)
|
||||
foreach(is_array($config[$arg]) ? explode(',',array_shift($args)) : array(array_shift($args)) as $n => $value)
|
||||
{
|
||||
if ($value === '' && is_array($config[$arg])) continue;
|
||||
|
||||
@ -187,14 +197,14 @@ function do_admin($arg)
|
||||
if (!$_POST['lname']) $_POST['lname'] = 'User';
|
||||
|
||||
$_POST['submit'] = true;
|
||||
ob_start();
|
||||
include('admin_account.php');
|
||||
$error = ob_get_contents();
|
||||
ob_end_clean();
|
||||
$error = include('admin_account.php');
|
||||
|
||||
if ($error)
|
||||
switch ($error)
|
||||
{
|
||||
case 41:
|
||||
fail(41,lang('Error in admin-creation !!!'));
|
||||
case 42:
|
||||
fail(42,lang('Error in group-creation !!!'));
|
||||
}
|
||||
echo lang('Admin account successful created.')."\n";
|
||||
}
|
||||
@ -799,6 +809,8 @@ function do_usage()
|
||||
echo ' --webserver-url '.lang('eg. /egroupware or http://domain.com/egroupware, default: %1',str_replace('/setup/setup-cli.php','',$_SERVER['PHP_SELF']))."\n";
|
||||
echo ' --mailserver '.lang('host,{imap | pop3 | imaps | pop3s},[domain],[{standard(default)|vmailmgr = add domain for mailserver login}]')."\n";
|
||||
echo ' --smtpserver '.lang('host,[smtp port],[smtp user],[smtp password]')."\n";
|
||||
echo ' --account-auth '.lang('account repository{sql(default) | ldap},[authentication{sql | ldap | mail | ads | http | ...}],[sql encrypttion{md5 | blowfish_crypt | md5_crypt | crypt}],[check save password{ (default)|True}],[allow cookie auth{ (default)|True}]')."\n";
|
||||
echo ' --ldap-host --ldap-root-dn --ldap-root-pw --ldap-context --ldap-group-context'."\n";
|
||||
echo '--admin '.lang('creates an admin user: domain(default),[config user(admin)],password,username,password,[first name],[last name],[email]')."\n";
|
||||
echo '--language '.lang('install or update translations: domain(all),[config user(admin)],password,[[+]lang1[,lang2,...]] + adds, no langs update existing ones')."\n";
|
||||
echo '--backup '.lang('domain(all),[config user(admin)],password,[file-name(default: backup-dir/db_backup-YYYYMMDDHHii)]')."\n";
|
||||
|
52
setup/templates/default/account_migration.tpl
Normal file
52
setup/templates/default/account_migration.tpl
Normal file
@ -0,0 +1,52 @@
|
||||
<!-- BEGIN header -->
|
||||
<form action="{action_url}" method="post">
|
||||
<table border="0" align="center" width="70%">
|
||||
<tr bgcolor="#486591">
|
||||
<td colspan="2" align="center"><b><font color="#fefefe">{description}</font></b></td>
|
||||
</tr>
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<!-- END header -->
|
||||
|
||||
<!-- BEGIN user_list -->
|
||||
<td align="center" valign="top">
|
||||
{select_users}<br />
|
||||
<select name="users[]" multiple size="20">
|
||||
{users}
|
||||
</select>
|
||||
</td>
|
||||
<!-- END user_list -->
|
||||
|
||||
<!-- BEGIN group_list -->
|
||||
<td align="center" valign="top">
|
||||
{select_groups}<br />
|
||||
<select name="groups[]" multiple size="20">
|
||||
{groups}
|
||||
</select>
|
||||
</td>
|
||||
<!-- END group_list -->
|
||||
|
||||
<!-- BEGIN submit -->
|
||||
</tr>
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2" align="center">{memberships}</td>
|
||||
</tr>
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2" align="center">
|
||||
<input type="submit" name="migrate" value="{migrate}" />
|
||||
<input type="submit" name="cancel" value="{cancel}" />
|
||||
</td>
|
||||
</tr>
|
||||
<!-- END submit -->
|
||||
|
||||
<!-- BEGIN cancel_only -->
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2" align="center">
|
||||
<input type="submit" name="cancel" value="{cancel}" />
|
||||
</td>
|
||||
</tr>
|
||||
<!-- END cancel_only -->
|
||||
|
||||
<!-- BEGIN footer -->
|
||||
</table>
|
||||
</form>
|
||||
<!-- END footer -->
|
@ -3,10 +3,8 @@
|
||||
<table border="0" width="90%" cellspacing="0" cellpadding="2">
|
||||
<tr>
|
||||
<td>
|
||||
{description}
|
||||
<p>
|
||||
<input type="checkbox" name="delete_all" />{lang_deleteall}
|
||||
</p>
|
||||
<p><b>{description}</b></p>
|
||||
<p><input type="checkbox" name="delete_all" />{lang_deleteall}</p>
|
||||
<font color="red">{error}</font>
|
||||
</td>
|
||||
</tr>
|
||||
@ -18,35 +16,43 @@
|
||||
<table border="0">
|
||||
<tr>
|
||||
<td>{adminusername}</td>
|
||||
<td><input type="text" name="username" value="{username}" /></td>
|
||||
<td colspan="2"><input type="text" name="username" value="{username}" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{adminfirstname}</td>
|
||||
<td><input type="text" name="fname" value="{fname}" /></td>
|
||||
<td colspan="2"><input type="text" name="fname" value="{fname}" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{adminlastname}</td>
|
||||
<td><input type="text" name="lname" value="{lname}" /></td>
|
||||
<td colspan="2"><input type="text" name="lname" value="{lname}" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{adminemail}</td>
|
||||
<td><input type="text" name="email" value="{email}" /></td>
|
||||
<td colspan="2"><input type="text" name="email" value="{email}" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{adminpassword}</td>
|
||||
<td><input type="password" name="passwd" /></td>
|
||||
<td colspan="2"><input type="password" name="passwd" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{adminpassword2}</td>
|
||||
<td><input type="password" name="passwd2" /></td>
|
||||
<td colspan="2"><input type="password" name="passwd2" /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{admin_all_apps}</td>
|
||||
<td><input type="checkbox" name="admin_all_aps" /></td>
|
||||
<td >{all_apps_desc}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>{create_demo_accounts}</td>
|
||||
<td><input type="checkbox" name="create_demo" /></td>
|
||||
<td >{demo_desc}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><input type="submit" name="submit" value="{lang_submit}" /></td>
|
||||
<td><input type="submit" name="cancel" value="{lang_cancel}" /></td>
|
||||
<td colspan="2"><input type="submit" name="cancel" value="{lang_cancel}" /></td>
|
||||
</tr>
|
||||
</table>
|
||||
</td>
|
||||
|
@ -327,29 +327,6 @@
|
||||
<tr class="th">
|
||||
<td colspan="2"><b>{lang_If_using_LDAP}:</b></td>
|
||||
</tr>
|
||||
<tr class="row_on">
|
||||
<td colspan="2"><b>{lang_You_will_need_to_load_the_proper_schema_into_your_ldap_server_-_see_phpgwapi/doc/ldap/README} !!!</b></td>
|
||||
</tr>
|
||||
|
||||
<tr class="row_off">
|
||||
<td>{lang_Do_you_want_to_manage_homedirectory_and_loginshell_attributes?}:</td>
|
||||
<td>
|
||||
<select name="newsettings[ldap_extra_attributes]">
|
||||
<option value="">{lang_No}</option>
|
||||
<option value="True"{selected_ldap_extra_attributes_True}>{lang_Yes}</option>
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr class="row_on">
|
||||
<td>{lang_LDAP_Default_homedirectory_prefix_(e.g._/home_for_/home/username)}:</td>
|
||||
<td><input name="newsettings[ldap_account_home]" value="{value_ldap_account_home}" /></td>
|
||||
</tr>
|
||||
|
||||
<tr class="row_off">
|
||||
<td>{lang_LDAP_Default_shell_(e.g._/bin/bash)}:</td>
|
||||
<td><input name="newsettings[ldap_account_shell]" value="{value_ldap_account_shell}" /></td>
|
||||
</tr>
|
||||
|
||||
<tr class="row_on">
|
||||
<td>{lang_LDAP_host}:</td>
|
||||
@ -391,17 +368,33 @@
|
||||
</tr>
|
||||
|
||||
<tr class="row_off">
|
||||
<td>{lang_Enable_LDAP_Version_3}:</td>
|
||||
<td>{lang_Do_you_want_to_manage_homedirectory_and_loginshell_attributes?}:</td>
|
||||
<td>
|
||||
<select name="newsettings[ldap_version3]">
|
||||
<select name="newsettings[ldap_extra_attributes]">
|
||||
<option value="">{lang_No}</option>
|
||||
<option value="True" {selected_ldap_version3_True}>{lang_Yes}</option>
|
||||
<option value="True"{selected_ldap_extra_attributes_True}>{lang_Yes}</option>
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr class="row_on">
|
||||
<td colspan="2"> </td>
|
||||
<td>{lang_LDAP_Default_homedirectory_prefix_(e.g._/home_for_/home/username)}:</td>
|
||||
<td><input name="newsettings[ldap_account_home]" value="{value_ldap_account_home}" /></td>
|
||||
</tr>
|
||||
|
||||
<tr class="row_off">
|
||||
<td>{lang_LDAP_Default_shell_(e.g._/bin/bash)}:</td>
|
||||
<td><input name="newsettings[ldap_account_shell]" value="{value_ldap_account_shell}" /></td>
|
||||
</tr>
|
||||
|
||||
<tr class="row_on" valign="top">
|
||||
<td>
|
||||
<a href="account_migration.php"><b>{lang_Migration_between_eGroupWare_account_repositories}:</b></a>
|
||||
</td>
|
||||
<td>
|
||||
<li>{lang_Account_repository_need_to_be_set_to_the_one_you_migrate_to!}</li>
|
||||
<li>{lang_You_need_to_save_the_settings_you_made_here_first!}</li>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr class="th">
|
||||
|
@ -1,98 +0,0 @@
|
||||
<!-- BEGIN header -->
|
||||
<form action="{action_url}" method="post">
|
||||
<table border="0" align="center" width="70%">
|
||||
<tr bgcolor="#486591">
|
||||
<td colspan="2"> <font color="#fefefe">{description}<br /> </font></td>
|
||||
</tr>
|
||||
<!-- END header -->
|
||||
|
||||
<!-- BEGIN jump -->
|
||||
<table border="0" align="center" width="70%">
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2"><a href="{ldapmodify}">{lang_ldapmodify}</a></td>
|
||||
</tr>
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2"><a href="{ldapimport}">{lang_ldapimport}</a></td>
|
||||
</tr>
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2"><a href="{ldapexport}">{lang_ldapexport}</a></td>
|
||||
</tr>
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2"><a href="{ldapdummy}">{lang_ldapdummy}</a></td>
|
||||
</tr>
|
||||
<!-- END jump -->
|
||||
|
||||
<!-- BEGIN user_list -->
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td align="left" valign="top">
|
||||
{select_users}
|
||||
</td>
|
||||
<td align="center">
|
||||
<select name="users[]" multiple size="8">
|
||||
{users}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<!-- END user_list -->
|
||||
|
||||
<!-- BEGIN admin_list -->
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td align="left" valign="top">
|
||||
{select_admins}
|
||||
</td>
|
||||
<td align="center">
|
||||
<select name="admins[]" multiple size="8">
|
||||
{admins}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<!-- END admin_list -->
|
||||
|
||||
<!-- BEGIN group_list -->
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td align="left" valign="top">
|
||||
{select_groups}
|
||||
</td>
|
||||
<td align="center">
|
||||
<select name="ldapgroups[]" multiple size="5">
|
||||
{ldapgroups}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<!-- END group_list -->
|
||||
|
||||
<!-- BEGIN app_list -->
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td align="left" valign="top">
|
||||
{select_apps}
|
||||
<br /> {note}
|
||||
</td>
|
||||
<td>
|
||||
<select name="s_apps[]" multiple size="10">
|
||||
{s_apps}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<!-- END app_list -->
|
||||
|
||||
<!-- BEGIN submit -->
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2" align="center">
|
||||
<input type="submit" name="submit" value="{form_submit}" />
|
||||
<input type="submit" name="cancel" value="{cancel}" />
|
||||
</td>
|
||||
</tr>
|
||||
<!-- END submit -->
|
||||
|
||||
<!-- BEGIN cancel_only -->
|
||||
<tr bgcolor="#e6e6e6">
|
||||
<td colspan="2" align="center">
|
||||
<input type="submit" name="cancel" value="{cancel}" />
|
||||
</td>
|
||||
</tr>
|
||||
<!-- END cancel_only -->
|
||||
|
||||
<!-- BEGIN footer -->
|
||||
</table>
|
||||
</form>
|
||||
<!-- END footer -->
|
Loading…
Reference in New Issue
Block a user