forked from extern/egroupware
added support for primary group
This commit is contained in:
parent
35674f5ca3
commit
ac487777b7
@ -315,6 +315,7 @@
|
||||
'account_status' => ($_POST['account_status'] ? 'A' : ''),
|
||||
'old_loginid' => ($_GET['old_loginid']?rawurldecode($_GET['old_loginid']):''),
|
||||
'account_id' => ($_GET['account_id']?$_GET['account_id']:0),
|
||||
'account_primary_group' => $_POST['account_primary_group'],
|
||||
'account_passwd_2' => $_POST['account_passwd_2'],
|
||||
'account_groups' => $_POST['account_groups'],
|
||||
'anonymous' => $_POST['anonymous'],
|
||||
@ -672,17 +673,6 @@
|
||||
{
|
||||
$totalerrors = 0;
|
||||
|
||||
/*
|
||||
if ($GLOBALS['phpgw_info']['server']['account_repository'] == 'ldap' && ! $allow_long_loginids)
|
||||
{
|
||||
if (strlen($_userData['account_lid']) > 8)
|
||||
{
|
||||
$error[$totalerrors] = lang('The loginid can not be more then 8 characters');
|
||||
$totalerrors++;
|
||||
}
|
||||
}
|
||||
*/
|
||||
|
||||
if ($GLOBALS['phpgw_info']['server']['account_repository'] == 'ldap' &&
|
||||
(!$_userData['account_lastname'] && !$_userData['lastname']))
|
||||
{
|
||||
@ -695,7 +685,13 @@
|
||||
$error[$totalerrors] = lang('You must enter a loginid');
|
||||
$totalerrors++;
|
||||
}
|
||||
|
||||
|
||||
if(!in_array($_userData['account_primary_group'],$_userData['account_groups']))
|
||||
{
|
||||
$error[$totalerrors] = lang('The groups must include the primary group');
|
||||
$totalerrors++;
|
||||
}
|
||||
|
||||
if ($_userData['old_loginid'] != $_userData['account_lid'])
|
||||
{
|
||||
if ($GLOBALS['phpgw']->accounts->exists($_userData['account_lid']))
|
||||
|
@ -253,7 +253,6 @@
|
||||
'lang_edit' => lang('edit'),
|
||||
'lang_delete' => lang('delete'),
|
||||
'lang_view' => lang('view'),
|
||||
'actionurl' => $GLOBALS['phpgw']->link('/index.php','menuaction=admin.uiaccounts.add_user'),
|
||||
'accounts_url' => $url,
|
||||
'lang_search' => lang('search')
|
||||
);
|
||||
@ -261,7 +260,7 @@
|
||||
|
||||
if (! $GLOBALS['phpgw']->acl->check('account_access',4,'admin'))
|
||||
{
|
||||
$p->set_var('input_add','<input type="submit" value="' . lang('Add') . '">');
|
||||
$p->set_var('url_add','<a href="'.$GLOBALS['phpgw']->link('/index.php','menuaction=admin.uiaccounts.add_user').'">' . lang('Add') . '</a>');
|
||||
}
|
||||
|
||||
if (! $GLOBALS['phpgw']->acl->check('account_access',2,'admin'))
|
||||
@ -959,6 +958,8 @@
|
||||
{
|
||||
$userData = Array();
|
||||
$userData=$_userData;
|
||||
$userData['account_firstname'] = $userData['firstname'];
|
||||
$userData['account_lastname'] = $userData['lastname'];
|
||||
@reset($userData['account_groups']);
|
||||
while (list($key, $value) = @each($userData['account_groups']))
|
||||
{
|
||||
@ -1027,7 +1028,7 @@
|
||||
$lang_homedir = lang('home directory');
|
||||
$lang_shell = lang('login shell');
|
||||
$homedirectory = '<input name="homedirectory" value="'
|
||||
. ($_account_id?$userData['homedirectory']:$GLOBALS['phpgw_info']['server']['ldap_account_home'].SEP.$account_lid)
|
||||
. ($_account_id?$userData['homedirectory']:$GLOBALS['phpgw_info']['server']['ldap_account_home'].$account_lid)
|
||||
. '">';
|
||||
$loginshell = '<input name="loginshell" value="'
|
||||
. ($_account_id?$userData['loginshell']:$GLOBALS['phpgw_info']['server']['ldap_account_shell'])
|
||||
|
@ -45,10 +45,10 @@
|
||||
</tr>
|
||||
|
||||
<tr bgcolor="{tr_color2}">
|
||||
<td>{lang_primary_group}</td>
|
||||
<td>{primary_group_select} </td>
|
||||
<td>{lang_groups}</td>
|
||||
<td>{groups_select} </td>
|
||||
<td>{lang_primary_group}</td>
|
||||
<td>{primary_group_select} </td>
|
||||
</tr>
|
||||
|
||||
{permissions_list}
|
||||
|
@ -52,10 +52,10 @@
|
||||
</tr>
|
||||
|
||||
<tr bgcolor="{tr_color2}">
|
||||
<td>{lang_primary_group}</td>
|
||||
<td>{primary_group_select} </td>
|
||||
<td>{lang_groups}</td>
|
||||
<td>{groups_select} </td>
|
||||
<td>{lang_primary_group}</td>
|
||||
<td>{primary_group_select} </td>
|
||||
</tr>
|
||||
|
||||
{permissions_list}
|
||||
|
@ -1,5 +1,15 @@
|
||||
<!-- BEGIN list -->
|
||||
<p>
|
||||
<div align="center">
|
||||
<table border="0" width="70%">
|
||||
<tr>
|
||||
<td align="right">
|
||||
{url_add}
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<br>
|
||||
<div align="center">
|
||||
<table border="0" width="70%">
|
||||
<tr>
|
||||
@ -26,14 +36,9 @@
|
||||
</table>
|
||||
</div>
|
||||
|
||||
<form method="POST" action="{actionurl}">
|
||||
<div align="center">
|
||||
<table border="0" width="70%">
|
||||
<tr>
|
||||
<td align="left">
|
||||
{input_add}
|
||||
</form>
|
||||
</td>
|
||||
<td align="right">
|
||||
<form method="POST" action="{accounts_url}">
|
||||
{input_search}
|
||||
|
@ -65,10 +65,11 @@
|
||||
}
|
||||
else
|
||||
{
|
||||
$this->data['account_id'] = $allValues[0]['uidnumber'][0];
|
||||
$this->data['account_lid'] = $allValues[0]['uid'][0];
|
||||
$this->data['firstname'] = utf8_decode($allValues[0]['givenname'][0]);
|
||||
$this->data['lastname'] = utf8_decode($allValues[0]['sn'][0]);
|
||||
$this->data['account_id'] = $allValues[0]['uidnumber'][0];
|
||||
$this->data['account_primary_group'] = $allValues[0]['gidnumber'][0];
|
||||
$this->data['account_lid'] = $allValues[0]['uid'][0];
|
||||
$this->data['firstname'] = utf8_decode($allValues[0]['givenname'][0]);
|
||||
$this->data['lastname'] = utf8_decode($allValues[0]['sn'][0]);
|
||||
}
|
||||
$this->data['account_dn'] = $allValues[0]['dn'];
|
||||
$this->data['fullname'] = $allValues[0]['cn'][0];
|
||||
@ -105,6 +106,9 @@
|
||||
$allValues = ldap_get_entries($this->ds, $sri);
|
||||
|
||||
$this->data['account_type'] = $allValues[0]['phpgwaccounttype'][0];
|
||||
|
||||
// get a copy of the DN
|
||||
$updatedValues = $allValues;
|
||||
|
||||
if($acct_type == 'u')
|
||||
{
|
||||
@ -115,20 +119,72 @@
|
||||
$entry['cn'] = utf8_encode($this->data['firstname']);
|
||||
}
|
||||
|
||||
$entry['sn'] = utf8_encode($this->data['lastname']);
|
||||
$entry['givenname'] = utf8_encode($this->data['firstname']);
|
||||
$entry['phpgwaccountlastlogin'] = $this->data['lastlogin'];
|
||||
$entry['sn'] = utf8_encode($this->data['lastname']);
|
||||
$entry['givenname'] = utf8_encode($this->data['firstname']);
|
||||
$entry['phpgwaccountlastlogin'] = $this->data['lastlogin'];
|
||||
$entry['phpgwaccountlastloginfrom'] = $this->data['lastloginfrom'];
|
||||
$entry['phpgwlastpasswdchange'] = $this->data['lastpasswd_change'];
|
||||
$entry['phpgwaccountstatus'] = $this->data['status'];
|
||||
$entry['phpgwaccounttype'] = $this->data['type'];
|
||||
$entry['phpgwaccountexpires'] = $this->data['expires'];
|
||||
|
||||
$entry['phpgwlastpasswdchange'] = $this->data['lastpasswd_change'];
|
||||
$entry['phpgwaccountstatus'] = $this->data['status'];
|
||||
$entry['phpgwaccounttype'] = $this->data['type'];
|
||||
$entry['phpgwaccountexpires'] = $this->data['expires'];
|
||||
$entry['gid'] = $this->data['account_primary_group'];
|
||||
if ($GLOBALS['phpgw_info']['server']['ldap_extra_attributes'])
|
||||
{
|
||||
$entry['homedirectory'] = $this->data['homedirectory'];
|
||||
$entry['loginshell'] = $this->data['loginshell'];
|
||||
}
|
||||
else
|
||||
{
|
||||
// the posixaccount schema requires this
|
||||
$entry['homedirectory'] = '/home/'.$this->data['account_lid'];
|
||||
$entry['loginshell'] = '/bin/false';
|
||||
}
|
||||
|
||||
|
||||
if($acct_type == 'u')
|
||||
{
|
||||
// data for posixaccount
|
||||
$newData['cn'] = utf8_encode(sprintf("%s %s",
|
||||
$this->data['firstname'],
|
||||
$this->data['lastname']));
|
||||
$newData['uid'] = $allValues[0]['uid'][0];
|
||||
if($this->data['lastname'])
|
||||
$newData['sn'] = utf8_encode($this->data['lastname']);
|
||||
if($this->data['firstname'])
|
||||
$newData['givenname'] = utf8_encode($this->data['firstname']);
|
||||
if ($GLOBALS['phpgw_info']['server']['ldap_extra_attributes'])
|
||||
{
|
||||
$newData['homedirectory'] = $this->data['homedirectory'];
|
||||
$newData['loginshell'] = $this->data['loginshell'];
|
||||
}
|
||||
else
|
||||
{
|
||||
// the posixaccount schema requires this
|
||||
$entry['homedirectory'] = '/home/'.$this->data['account_lid'];
|
||||
$entry['loginshell'] = '/bin/false';
|
||||
}
|
||||
if($this->data['account_primary_group'])
|
||||
$newData['gidNumber'] = $this->data['account_primary_group'];
|
||||
if($this->data['lastlogin'])
|
||||
$newData['phpgwaccountlastlogin'] = $this->data['lastlogin'];
|
||||
if($this->data['lastloginfrom'])
|
||||
$newData['phpgwaccountlastloginfrom'] = $this->data['lastloginfrom'];
|
||||
if($this->data['lastpasswd_change'])
|
||||
$newData['phpgwlastpasswdchange'] = $this->data['lastpasswd_change'];
|
||||
if($this->data['status'])
|
||||
$newData['phpgwaccountstatus'] = $this->data['status'];
|
||||
else
|
||||
$newData['phpgwaccountstatus'] = array();
|
||||
if($this->data['expires'])
|
||||
$newData['phpgwaccountexpires'] = $this->data['expires'];
|
||||
}
|
||||
else
|
||||
{
|
||||
// data for posixgroup
|
||||
$newData['cn'] = utf8_encode($this->data['firstname']);
|
||||
}
|
||||
if($this->data['type'])
|
||||
$newData['phpgwaccounttype'] = $this->data['type'];
|
||||
|
||||
/*
|
||||
Changing the uid: Need to delete and add new, since
|
||||
@ -202,86 +258,114 @@
|
||||
else
|
||||
{
|
||||
$dn = 'uid='.$this->data['account_lid'].','.$this->user_context;
|
||||
$entry['uidnumber'] = $this->data['account_id'];
|
||||
$entry['cn'] = utf8_encode(sprintf("%s %s", $this->data['firstname'], $this->data['lastname']));
|
||||
$entry['uid'] = $this->data['account_lid'];
|
||||
$entry['givenname'] = utf8_encode($this->data['firstname']);
|
||||
$entry['sn'] = utf8_encode($this->data['lastname']);
|
||||
$entry['objectclass'] = '';
|
||||
$entry['objectclass'][0] = 'top';
|
||||
$entry['objectclass'][1] = 'person';
|
||||
$entry['objectclass'][2] = 'organizationalPerson';
|
||||
$entry['objectclass'][3] = 'inetOrgPerson';
|
||||
/* $entry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */
|
||||
$entry['objectclass'][4] = 'posixAccount';
|
||||
$entry['objectclass'][5] = 'shadowAccount';
|
||||
$entry['objectclass'][6] = 'phpgwAccount';
|
||||
$entry['uidnumber'] = $this->data['account_id'];
|
||||
$entry['cn'] = utf8_encode(sprintf("%s %s", $this->data['firstname'], $this->data['lastname']));
|
||||
$entry['uid'] = $this->data['account_lid'];
|
||||
$entry['gid'] = $this->data['account_primary_group'];
|
||||
$entry['givenname'] = utf8_encode($this->data['firstname']);
|
||||
$entry['sn'] = utf8_encode($this->data['lastname']);
|
||||
$entry['objectclass'] = array();
|
||||
$entry['objectclass'][0] = 'top';
|
||||
$entry['objectclass'][1] = 'person';
|
||||
$entry['objectclass'][2] = 'organizationalPerson';
|
||||
$entry['objectclass'][3] = 'inetOrgPerson';
|
||||
$entry['objectclass'][4] = 'posixAccount';
|
||||
$entry['objectclass'][5] = 'shadowAccount';
|
||||
$entry['objectclass'][6] = 'phpgwAccount';
|
||||
|
||||
if ($GLOBALS['phpgw_info']['server']['ldap_extra_attributes'])
|
||||
{
|
||||
$entry['homedirectory'] = $this->data['homedirectory'];
|
||||
$entry['loginshell'] = $this->data['loginshell'];
|
||||
}
|
||||
else
|
||||
{
|
||||
// the posixaccount schema requires this
|
||||
$entry['homedirectory'] = '/home/'.$this->data['account_lid'];
|
||||
$entry['loginshell'] = '/bin/false';
|
||||
}
|
||||
}
|
||||
/* print_r($entry); exit;*/
|
||||
ldap_add($this->ds, $dn, $entry);
|
||||
}
|
||||
/* Normal behavior for save_repository */
|
||||
/* Normal behavior for save_repository
|
||||
update Account */
|
||||
else
|
||||
{
|
||||
// add the list group members
|
||||
if ($this->data['account_type'] == 'g' && $this->group_context )
|
||||
{
|
||||
$members = $this->member($this->data['account_id']);
|
||||
$entry['memberuid'] = array();
|
||||
#_debug_array($members);
|
||||
$newData['memberuid'] = array();
|
||||
for ($i=0;$i<count($members);$i++)
|
||||
{
|
||||
$currname = $this->id2name($members[$i]['account_id']);
|
||||
if (!$this->isin_array($currname,$entry['memberuid']))
|
||||
if (!$this->isin_array($currname,$newData['memberuid']))
|
||||
{
|
||||
$entry['memberuid'][] = $currname;
|
||||
}
|
||||
}
|
||||
unset($entry['givenname']);
|
||||
unset($entry['sn']);
|
||||
}
|
||||
while (list($key,$val) = each($entry))
|
||||
{
|
||||
$tmpentry = '';
|
||||
if(is_array($val))
|
||||
{
|
||||
$tmpentry[$key] = $val;
|
||||
}
|
||||
else
|
||||
{
|
||||
$tmpentry[$key] = trim($val); /* must trim! */
|
||||
}
|
||||
|
||||
if ($tmpentry[$key] && $key)
|
||||
{
|
||||
if (!$allValues[0][$key][0])
|
||||
{
|
||||
/* attribute was not in LDAP, add it */
|
||||
ldap_mod_add($this->ds, $allValues[0]['dn'], $tmpentry);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* attribute was in LDAP, modify it */
|
||||
ldap_modify($this->ds, $allValues[0]['dn'], $tmpentry);
|
||||
$newData['memberuid'][] = $currname;
|
||||
}
|
||||
}
|
||||
}
|
||||
/* If status is to be set inactive, insert a space here. This is trimmed in read_repository. */
|
||||
if (!$entry['phpgwaccountstatus'])
|
||||
// modify the DN
|
||||
ldap_modify($this->ds, $allValues[0]['dn'], $newData);
|
||||
|
||||
// lets check for groups, the user needs to be removed
|
||||
$accountID = $newData['uid'];
|
||||
|
||||
// first lets search for the groups, the user is currently member of
|
||||
// and from which he needs to be removed
|
||||
$filter = "(&(objectclass=posixgroup)(memberuid=$accountID))";
|
||||
$justThese = array('memberuid','gidnumber');
|
||||
$sri = ldap_search($this->ds, $this->group_context, $filter, $justThese);
|
||||
if($sri)
|
||||
{
|
||||
if (!$allValues[0]['phpgwaccountstatus'][0])
|
||||
$allValues = ldap_get_entries($this->ds, $sri);
|
||||
if($allValues['count'] > 0)
|
||||
{
|
||||
/* attribute was not in LDAP, add it */
|
||||
ldap_mod_add($this->ds, $allValues[0]['dn'], array('phpgwaccountstatus' => ' '));
|
||||
unset($allValues['count']);
|
||||
foreach($allValues as $key)
|
||||
{
|
||||
#_debug_array($key);
|
||||
#_debug_array($this->data['account_groups']);
|
||||
if(!in_array($key['gidnumber'][0],$this->data['account_groups']))
|
||||
{
|
||||
$dn = $key['dn'];
|
||||
$newData = array();
|
||||
$newData['memberuid'] = $key['memberuid'];
|
||||
unset($newData['memberuid']['count']);
|
||||
// remove the uid from memberuid
|
||||
$newData['memberuid'] = array_flip($newData['memberuid']);
|
||||
unset($newData['memberuid'][$accountID]);
|
||||
$newData['memberuid'] = array_values(array_unique(array_flip($newData['memberuid'])));
|
||||
ldap_mod_replace($this->ds, $dn, $newData);
|
||||
#print ldap_error($this->ds);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
}
|
||||
|
||||
// lets check group the user needs to be added
|
||||
foreach($this->data['account_groups'] as $key => $value)
|
||||
{
|
||||
// search for the group
|
||||
$filter = 'gidnumber='.$value;
|
||||
$justThese = array('memberuid');
|
||||
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber='.$value, $justThese);
|
||||
if($sri)
|
||||
{
|
||||
/* attribute was in LDAP, modify it */
|
||||
ldap_modify($this->ds, $allValues[0]['dn'], array('phpgwaccountstatus' => ' '));
|
||||
$allValues = ldap_get_entries($this->ds, $sri);
|
||||
// if the user is not member of this group, add him
|
||||
if(!in_array($newData['uid'],$allValues[0]['memberuid']))
|
||||
{
|
||||
$dn = $allValues[0]['dn'];
|
||||
$newData = array();
|
||||
$newData['memberuid'] = $allValues[0]['memberuid'];
|
||||
unset($newData['memberuid']['count']);
|
||||
$newData['memberuid'][] = $accountID;
|
||||
$newData['memberuid'] = array_values(array_unique($newData['memberuid']));
|
||||
ldap_mod_replace($this->ds, $dn, $newData);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -303,18 +387,43 @@
|
||||
$account_lid = $this->id2name($account_id);
|
||||
|
||||
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber='.$account_id);
|
||||
$allValues = ldap_get_entries($this->ds, $sri);
|
||||
|
||||
if(!$allValues[0]['dn'])
|
||||
{
|
||||
$sri = ldap_search($this->ds, $this->user_context, 'uid='.$account_lid);
|
||||
$allValues = ldap_get_entries($this->ds, $sri);
|
||||
$accountID = $allValues['0']['uid'][0];
|
||||
}
|
||||
|
||||
if ($allValues[0]['dn'])
|
||||
{
|
||||
$del = ldap_delete($this->ds, $allValues[0]['dn']);
|
||||
}
|
||||
|
||||
// remove the user from any group he is member of
|
||||
$filter = "(&(objectclass=posixgroup)(memberuid=$accountID))";
|
||||
$justThese = array('memberuid','gidnumber');
|
||||
$sri = ldap_search($this->ds, $this->group_context, $filter, $justThese);
|
||||
if($sri)
|
||||
{
|
||||
$allValues = ldap_get_entries($this->ds, $sri);
|
||||
if($allValues['count'] > 0)
|
||||
{
|
||||
unset($allValues['count']);
|
||||
foreach($allValues as $key)
|
||||
{
|
||||
$dn = $key['dn'];
|
||||
$newData = array();
|
||||
$newData['memberuid'] = $key['memberuid'];
|
||||
unset($newData['memberuid']['count']);
|
||||
// remove the uid from memberuid
|
||||
$newData['memberuid'] = array_flip($newData['memberuid']);
|
||||
unset($newData['memberuid'][$accountID]);
|
||||
$newData['memberuid'] = array_unique(array_flip($newData['memberuid']));
|
||||
ldap_mod_replace($this->ds, $dn, $newData);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function get_list($_type='both', $start = '',$sort = '', $order = '', $query = '', $offset = '')
|
||||
@ -766,6 +875,31 @@
|
||||
}
|
||||
// print ldap_error($this->ds);
|
||||
|
||||
// lets check group the user needs to be added
|
||||
foreach($account_info['account_groups'] as $key => $value)
|
||||
{
|
||||
// search for the group
|
||||
$filter = 'gidnumber='.$value;
|
||||
$justThese = array('memberuid');
|
||||
$sri = ldap_search($this->ds, $this->group_context, 'gidnumber='.$value, $justThese);
|
||||
if($sri)
|
||||
{
|
||||
$allValues = ldap_get_entries($this->ds, $sri);
|
||||
// if the user is not member of this group, add him
|
||||
if(!in_array($account_info['account_lid'],$allValues[0]['memberuid']))
|
||||
{
|
||||
$dn = $allValues[0]['dn'];
|
||||
$newData = array();
|
||||
$newData['memberuid'] = $allValues[0]['memberuid'];
|
||||
unset($newData['memberuid']['count']);
|
||||
$newData['memberuid'][] = $account_info['account_lid'];
|
||||
$newData['memberuid'] = array_unique($newData['memberuid']);
|
||||
ldap_mod_replace($this->ds, $dn, $newData);
|
||||
#print ldap_error($this->ds)."<br>";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($account_id && is_object($GLOBALS['phpgw']->preferences) && $default_prefs)
|
||||
{
|
||||
$GLOBALS['phpgw']->preferences->create_defaults($account_id);
|
||||
|
Loading…
Reference in New Issue
Block a user