forked from extern/egroupware
* Admin: if group was selected only active accounts were shown and show primary group in LDAP
This commit is contained in:
parent
f58cb571ef
commit
bc864c4103
@ -43,7 +43,7 @@ class admin_ui
|
||||
}
|
||||
$tpl = new etemplate_new('admin.index');
|
||||
|
||||
$content = array();
|
||||
if (!is_array($content)) $content = array();
|
||||
$content['nm'] = array(
|
||||
'get_rows' => 'admin_ui::get_users',
|
||||
'no_cat' => true,
|
||||
@ -338,7 +338,7 @@ class admin_ui
|
||||
* )),
|
||||
* ));
|
||||
*
|
||||
* @param string $root='/'
|
||||
* @param string $root ='/'
|
||||
* @return array
|
||||
*/
|
||||
public static function tree_data($root = '/')
|
||||
|
@ -164,7 +164,7 @@ class accounts
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @param string|array $backend=null string with backend 'sql'|'ldap', or whole config array, default read from global egw_info
|
||||
* @param string|array $backend =null string with backend 'sql'|'ldap', or whole config array, default read from global egw_info
|
||||
*/
|
||||
public function __construct($backend=null)
|
||||
{
|
||||
@ -209,7 +209,7 @@ class accounts
|
||||
/**
|
||||
* Old constructor name
|
||||
*
|
||||
* @param int $account_id=0 depricated param to instanciate for the given account_id
|
||||
* @param int $account_id =0 depricated param to instanciate for the given account_id
|
||||
* @deprecated use __construct
|
||||
*/
|
||||
function accounts($account_id=0)
|
||||
@ -291,7 +291,7 @@ class accounts
|
||||
$members = array();
|
||||
foreach((array)$this->memberships($GLOBALS['egw_info']['user']['account_id'],true) as $grp)
|
||||
{
|
||||
$members = array_unique(array_merge($members, (array)$this->members($grp,true)));
|
||||
$members = array_unique(array_merge($members, (array)$this->members($grp,true,$param['active'])));
|
||||
if ($param['type'] == 'groupmembers+memberships') $members[] = $grp;
|
||||
}
|
||||
$param['type'] = $param['type'] == 'groupmembers+memberships' ? 'both' : 'accounts';
|
||||
@ -304,7 +304,7 @@ class accounts
|
||||
if ($app)
|
||||
{
|
||||
// we want the result merged, whatever it takes, as we only care for the ids
|
||||
$valid = $this->split_accounts($app,!in_array($param['type'],array('accounts','groups')) ? 'merge' : $param['type']);
|
||||
$valid = $this->split_accounts($app,!in_array($param['type'],array('accounts','groups')) ? 'merge' : $param['type'],$param['active']);
|
||||
}
|
||||
if (isset($members))
|
||||
{
|
||||
@ -411,8 +411,8 @@ class accounts
|
||||
* All key of the returned array use the 'account_' prefix.
|
||||
* For backward compatibility some values are additionaly availible without the prefix, using them is depricated!
|
||||
*
|
||||
* @param int/string $id numeric account_id or string with account_lid (use of default value of 0 is depricated!!!)
|
||||
* @param boolean $set_depricated_names=false set _additionaly_ the depricated keys without 'account_' prefix
|
||||
* @param int|string $id numeric account_id or string with account_lid (use of default value of 0 is depricated!!!)
|
||||
* @param boolean $set_depricated_names =false set _additionaly_ the depricated keys without 'account_' prefix
|
||||
* @return array/boolean array with account data (keys: account_id, account_lid, ...) or false if account not found
|
||||
*/
|
||||
function read($id=0,$set_depricated_names=false)
|
||||
@ -475,8 +475,8 @@ class accounts
|
||||
* If no account_id is set in data the account is added and the new id is set in $data.
|
||||
*
|
||||
* @param array $data array with account-data
|
||||
* @param boolean $check_depricated_names=false check _additionaly_ the depricated keys without 'account_' prefix
|
||||
* @return int/boolean the account_id or false on error
|
||||
* @param boolean $check_depricated_names =false check _additionaly_ the depricated keys without 'account_' prefix
|
||||
* @return int|boolean the account_id or false on error
|
||||
*/
|
||||
function save(&$data,$check_depricated_names=false)
|
||||
{
|
||||
@ -527,7 +527,7 @@ class accounts
|
||||
/**
|
||||
* Delete one account, deletes also all acl-entries for that account
|
||||
*
|
||||
* @param int/string $id numeric account_id or string with account_lid
|
||||
* @param int|string $id numeric account_id or string with account_lid
|
||||
* @return boolean true on success, false otherwise
|
||||
*/
|
||||
function delete($id)
|
||||
@ -566,7 +566,7 @@ class accounts
|
||||
*
|
||||
* Can be used static if array with user-data is supplied
|
||||
*
|
||||
* @param array $data=null array with account data, not specifying the account is depricated!!!
|
||||
* @param array $data =null array with account data, not specifying the account is depricated!!!
|
||||
* @return boolean true=expired (no more login possible), false otherwise
|
||||
*/
|
||||
function is_expired($data=null)
|
||||
@ -601,9 +601,9 @@ class accounts
|
||||
* - if multiple user have the same email address, the returned user is undefined
|
||||
*
|
||||
* @param string $name value to convert
|
||||
* @param string $which='account_lid' type of $name: account_lid (default), account_email, person_id, account_fullname
|
||||
* @param string $account_type=null u = user or g = group, or default null = try both
|
||||
* @return int/false numeric account_id or false on error ($name not found)
|
||||
* @param string $which ='account_lid' type of $name: account_lid (default), account_email, person_id, account_fullname
|
||||
* @param string $account_type =null u = user or g = group, or default null = try both
|
||||
* @return int|false numeric account_id or false on error ($name not found)
|
||||
*/
|
||||
function name2id($name,$which='account_lid',$account_type=null)
|
||||
{
|
||||
@ -630,7 +630,7 @@ class accounts
|
||||
* Uses the read method to fetch all data.
|
||||
*
|
||||
* @param int|string $account_id numeric account_id or account_lid
|
||||
* @param string $which='account_lid' type to convert to: account_lid (default), account_email, ...
|
||||
* @param string $which ='account_lid' type to convert to: account_lid (default), account_email, ...
|
||||
* @return string|boolean converted value or false on error ($account_id not found)
|
||||
*/
|
||||
static function id2name($account_id, $which='account_lid')
|
||||
@ -653,7 +653,7 @@ class accounts
|
||||
/**
|
||||
* get the type of an account: 'u' = user, 'g' = group
|
||||
*
|
||||
* @param int/string $accountid numeric account-id or alphanum. account-lid,
|
||||
* @param int|string $account_id numeric account-id or alphanum. account-lid,
|
||||
* if !$accountid account of the user of this session
|
||||
* @return string/false 'u' = user, 'g' = group or false on error ($accountid not found)
|
||||
*/
|
||||
@ -669,7 +669,7 @@ class accounts
|
||||
/**
|
||||
* check if an account exists and if it is an user or group
|
||||
*
|
||||
* @param int/string $account_id numeric account_id or account_lid
|
||||
* @param int|string $account_id numeric account_id or account_lid
|
||||
* @return int 0 = acount does not exist, 1 = user, 2 = group
|
||||
*/
|
||||
function exists($account_id)
|
||||
@ -718,8 +718,8 @@ class accounts
|
||||
/**
|
||||
* Get all memberships of an account $account_id / groups the account is a member off
|
||||
*
|
||||
* @param int/string $account_id numeric account-id or alphanum. account-lid
|
||||
* @param boolean $just_id=false return just account_id's or account_id => account_lid pairs
|
||||
* @param int|string $account_id numeric account-id or alphanum. account-lid
|
||||
* @param boolean $just_id =false return just account_id's or account_id => account_lid pairs
|
||||
* @return array with account_id's ($just_id) or account_id => account_lid pairs (!$just_id)
|
||||
*/
|
||||
function memberships($account_id, $just_id=false)
|
||||
@ -765,10 +765,10 @@ class accounts
|
||||
/**
|
||||
* Get all members of the group $account_id
|
||||
*
|
||||
* @param int/string $accountid='' numeric account-id or alphanum. account-lid,
|
||||
* @param int|string $account_id ='' numeric account-id or alphanum. account-lid,
|
||||
* default account of the user of this session
|
||||
* @param boolean $just_id=false return just an array of id's and not id => lid pairs, default false
|
||||
* @param boolean $active=false true: return only active (not expired or deactived) members, false: return all accounts
|
||||
* @param boolean $just_id =false return just an array of id's and not id => lid pairs, default false
|
||||
* @param boolean $active =false true: return only active (not expired or deactived) members, false: return all accounts
|
||||
* @return array with account_id ($just_id) or account_id => account_lid pairs (!$just_id)
|
||||
*/
|
||||
function members($account_id, $just_id=false, $active=true)
|
||||
@ -814,9 +814,10 @@ class accounts
|
||||
* @param string $use what should be returned only an array with id's of either 'accounts' or 'groups'.
|
||||
* Or an array with arrays for 'both' under the keys 'groups' and 'accounts' or 'merge' for accounts
|
||||
* and groups merged into one array
|
||||
* @param boolean $active =false true: return only active (not expired or deactived) members, false: return all accounts
|
||||
* @return array/boolean see $use, false on error (wront $use)
|
||||
*/
|
||||
function split_accounts($app_users,$use='both')
|
||||
function split_accounts($app_users,$use='both',$active=true)
|
||||
{
|
||||
if (!is_array($app_users))
|
||||
{
|
||||
@ -841,7 +842,7 @@ class accounts
|
||||
$accounts['groups'][$id] = $id;
|
||||
if ($use != 'groups')
|
||||
{
|
||||
foreach((array)$this->members($id, true) as $id)
|
||||
foreach((array)$this->members($id, true, $active) as $id)
|
||||
{
|
||||
$accounts['accounts'][$id] = $id;
|
||||
}
|
||||
@ -885,7 +886,7 @@ class accounts
|
||||
* @param string $account_lid
|
||||
* @param string $passwd
|
||||
* @param array $GLOBALS['auto_create_acct'] values for 'firstname', 'lastname', 'email' and 'primary_group'
|
||||
* @return int/boolean account_id or false on error
|
||||
* @return int|boolean account_id or false on error
|
||||
*/
|
||||
function auto_add($account_lid, $passwd)
|
||||
{
|
||||
@ -1049,7 +1050,7 @@ class accounts
|
||||
* Read account incl. members/memberships from cache (or backend and cache it)
|
||||
*
|
||||
* @param int $account_id
|
||||
* @param boolean $need_active=false true = 'members-active' required
|
||||
* @param boolean $need_active =false true = 'members-active' required
|
||||
* @return array
|
||||
* @throws egw_exception_wrong_parameter if no integer was passed as $account_id
|
||||
*/
|
||||
@ -1191,8 +1192,8 @@ class accounts
|
||||
* Create a new account with the given $account_info
|
||||
*
|
||||
* @deprecated use save
|
||||
* @param array $data account data for the new account
|
||||
* @param booelan $default_prefs has no meaning any more, as we use "real" default prefs since 1.0
|
||||
* @param array $account_info account data for the new account
|
||||
* @param booelan $default_prefs =true has no meaning any more, as we use "real" default prefs since 1.0
|
||||
* @return int new nummeric account-id
|
||||
*/
|
||||
function create($account_info,$default_prefs=True)
|
||||
@ -1217,13 +1218,13 @@ class accounts
|
||||
* Get all memberships of an account $accountid / groups the account is a member off
|
||||
*
|
||||
* @deprecated use memberships() which account_id => account_lid pairs
|
||||
* @param int/string $accountid='' numeric account-id or alphanum. account-lid,
|
||||
* @param int|string $_accountid ='' numeric account-id or alphanum. account-lid,
|
||||
* default account of the user of this session
|
||||
* @return array or arrays with keys 'account_id' and 'account_name' for the groups $accountid is a member of
|
||||
*/
|
||||
function membership($accountid = '')
|
||||
function membership($_accountid = '')
|
||||
{
|
||||
$accountid = get_account_id($accountid);
|
||||
$accountid = get_account_id($_accountid);
|
||||
|
||||
if (!($memberships = $this->memberships($accountid)))
|
||||
{
|
||||
@ -1242,7 +1243,7 @@ class accounts
|
||||
* Get all members of the group $accountid
|
||||
*
|
||||
* @deprecated use members which returns acount_id => account_lid pairs
|
||||
* @param int/string $accountid='' numeric account-id or alphanum. account-lid,
|
||||
* @param int|string $accountid ='' numeric account-id or alphanum. account-lid,
|
||||
* default account of the user of this session
|
||||
* @return array of arrays with keys 'account_id' and 'account_name'
|
||||
*/
|
||||
@ -1280,7 +1281,7 @@ class accounts
|
||||
* Gets account-name (lid), firstname and lastname of an account $accountid
|
||||
*
|
||||
* @deprecated use read to read account data
|
||||
* @param int/string $accountid='' numeric account-id or alphanum. account-lid,
|
||||
* @param int|string $accountid ='' numeric account-id or alphanum. account-lid,
|
||||
* if !$accountid account of the user of this session
|
||||
* @param string &$lid on return: alphanumeric account-name (lid)
|
||||
* @param string &$fname on return: first name
|
||||
@ -1307,7 +1308,7 @@ class accounts
|
||||
* Same effect as instanciating the class with that account, dont do it with $GLOBALS['egw']->account !!!
|
||||
*
|
||||
* @deprecated use read to read account data and store it in your own code
|
||||
* @param int $accountid numeric account-id
|
||||
* @param int $account_id numeric account-id
|
||||
* @return array with keys lid, firstname, lastname, fullname, type
|
||||
*/
|
||||
function get_account_data($account_id)
|
||||
|
@ -200,7 +200,7 @@ class accounts_ads
|
||||
*
|
||||
* Can be set via server-config "ads_context", otherwise baseDN is used
|
||||
*
|
||||
* @param boolean $set_if_empty=false true set from DN of "Domain Users" group #
|
||||
* @param boolean $set_if_empty =false true set from DN of "Domain Users" group #
|
||||
* @return string
|
||||
*/
|
||||
public function ads_context($set_if_empty=false)
|
||||
@ -244,7 +244,7 @@ class accounts_ads
|
||||
/**
|
||||
* Get connection to ldap server from adLDAP
|
||||
*
|
||||
* @param boolean $reconnect=false true: reconnect even if already connected
|
||||
* @param boolean $reconnect =false true: reconnect even if already connected
|
||||
* @return resource
|
||||
*/
|
||||
public function ldap_connection($reconnect=false)
|
||||
@ -373,7 +373,7 @@ class accounts_ads
|
||||
/**
|
||||
* Delete one account, deletes also all acl-entries for that account
|
||||
*
|
||||
* @param int $id numeric account_id
|
||||
* @param int $account_id numeric account_id
|
||||
* @return boolean true on success, false otherwise
|
||||
*/
|
||||
function delete($account_id)
|
||||
@ -403,12 +403,12 @@ class accounts_ads
|
||||
/**
|
||||
* Convert ldap data of a group
|
||||
*
|
||||
* @param array $data
|
||||
* @param array $_data
|
||||
* @return array
|
||||
*/
|
||||
protected function _ldap2group($data)
|
||||
protected function _ldap2group($_data)
|
||||
{
|
||||
$data = translation::convert($data, 'utf-8');
|
||||
$data = translation::convert($_data, 'utf-8');
|
||||
|
||||
// no need to calculate sid, if already calculated
|
||||
$sid = is_string($data['objectsid']) ? $data['objectsid'] :
|
||||
@ -464,12 +464,12 @@ class accounts_ads
|
||||
/**
|
||||
* Convert ldap data of a user
|
||||
*
|
||||
* @param array $data
|
||||
* @param array $_data
|
||||
* @return array
|
||||
*/
|
||||
protected function _ldap2user(array $data)
|
||||
protected function _ldap2user(array $_data)
|
||||
{
|
||||
$data = translation::convert($data, 'utf-8');
|
||||
$data = translation::convert($_data, 'utf-8');
|
||||
|
||||
// no need to calculate sid, if already calculated
|
||||
$sid = is_string($data['objectsid']) ? $data['objectsid'] :
|
||||
@ -483,7 +483,7 @@ class accounts_ads
|
||||
'account_guid' => $this->adldap->utilities()->decodeGuid($data['objectguid'][0]),
|
||||
'account_lid' => $data['samaccountname'][0],
|
||||
'account_type' => 'u',
|
||||
'account_primary_group' => -$data['primarygroupid'][0],
|
||||
'account_primary_group' => (string)-$data['primarygroupid'][0],
|
||||
'account_firstname' => $data['givenname'][0],
|
||||
'account_lastname' => $data['sn'][0],
|
||||
'account_email' => $data['mail'][0],
|
||||
@ -552,15 +552,15 @@ class accounts_ads
|
||||
/**
|
||||
* Convert when(Created|Changed) attribute to unix timestamp
|
||||
*
|
||||
* @param string $when eg. "20130520200000.0Z"
|
||||
* @param string $_when eg. "20130520200000.0Z"
|
||||
* @return int
|
||||
*/
|
||||
protected static function _when2ts($when)
|
||||
protected static function _when2ts($_when)
|
||||
{
|
||||
static $utc=null;
|
||||
if (!isset($utc)) $utc = new DateTimeZone('UTC');
|
||||
|
||||
list($when) = explode('.', $when); // remove .0Z not understood by createFromFormat
|
||||
list($when) = explode('.', $_when); // remove .0Z not understood by createFromFormat
|
||||
$datetime = egw_time::createFromFormat(self::WHEN_FORMAT, $when, $utc);
|
||||
if (egw_time::$server_timezone) $datetime->setTimezone(egw_time::$server_timezone);
|
||||
|
||||
@ -572,7 +572,7 @@ class accounts_ads
|
||||
*
|
||||
* @internal
|
||||
* @param array $data array with account-data in utf-8
|
||||
* @param array $old=null current data
|
||||
* @param array $old =null current data
|
||||
* @return int|false account_id or false on error
|
||||
*/
|
||||
protected function _save_group(array &$data, array $old=null)
|
||||
@ -653,7 +653,7 @@ class accounts_ads
|
||||
*
|
||||
* @internal
|
||||
* @param array $data array with account-data in utf-8
|
||||
* @param array $old=null current data
|
||||
* @param array $old =null current data
|
||||
* @return int|false account_id or false on error
|
||||
*/
|
||||
protected function _save_user(array &$data, array $old=null)
|
||||
@ -1001,8 +1001,8 @@ class accounts_ads
|
||||
*
|
||||
* @param string|array $attr_filter array with attribute => value pairs or filter string or empty
|
||||
* @param string $account_type u = user, g = group, default null = try both
|
||||
* @param array $attrs=null default return account_lid, else return raw values from ldap-query
|
||||
* @param array $accounts=array() array to add filtered accounts too, default empty array
|
||||
* @param array $attrs =null default return account_lid, else return raw values from ldap-query
|
||||
* @param array $accounts =array() array to add filtered accounts too, default empty array
|
||||
* @return array account_id => account_lid or values for $attrs pairs
|
||||
*/
|
||||
protected function filter($attr_filter, $account_type=null, array $attrs=null, array $accounts=array())
|
||||
@ -1084,7 +1084,7 @@ class accounts_ads
|
||||
* - if multiple user have the same email address, the returned user is undefined
|
||||
*
|
||||
* @param string $name value to convert
|
||||
* @param string $which='account_lid' type of $name: account_lid (default), account_email, person_id, account_fullname
|
||||
* @param string $which ='account_lid' type of $name: account_lid (default), account_email, person_id, account_fullname
|
||||
* @param string $account_type u = user, g = group, default null = try both
|
||||
* @return int|false numeric account_id or false on error ($name not found)
|
||||
*/
|
||||
@ -1117,7 +1117,7 @@ class accounts_ads
|
||||
* Calls frontend which uses (cached) read method to fetch all data by account_id.
|
||||
*
|
||||
* @param int $account_id numerica account_id
|
||||
* @param string $which='account_lid' type to convert to: account_lid (default), account_email, ...
|
||||
* @param string $which ='account_lid' type to convert to: account_lid (default), account_email, ...
|
||||
* @return string/false converted value or false on error ($account_id not found)
|
||||
*/
|
||||
public function id2name($account_id, $which='account_lid')
|
||||
@ -1128,7 +1128,7 @@ class accounts_ads
|
||||
/**
|
||||
* Update the last login timestamps and the IP
|
||||
*
|
||||
* @param int $account_id
|
||||
* @param int $_account_id
|
||||
* @param string $ip
|
||||
* @return int lastlogin time
|
||||
*/
|
||||
|
@ -295,7 +295,7 @@ class accounts_ldap
|
||||
|
||||
if (!$members) $members = $this->members($data['account_id']);
|
||||
$to_write[$forward] = array();
|
||||
foreach ($members as $member => $account_lid)
|
||||
foreach (array_keys($members) as $member)
|
||||
{
|
||||
if (($email = $this->id2name($member,'account_email')))
|
||||
{
|
||||
@ -375,7 +375,7 @@ class accounts_ldap
|
||||
/**
|
||||
* Delete one account, deletes also all acl-entries for that account
|
||||
*
|
||||
* @param int $id numeric account_id
|
||||
* @param int $account_id numeric account_id
|
||||
* @return boolean true on success, false otherwise
|
||||
*/
|
||||
function delete($account_id)
|
||||
@ -413,12 +413,12 @@ class accounts_ldap
|
||||
$sri = ldap_search($this->ds, $this->group_context,'(&(objectClass=posixGroup)(gidnumber=' . abs($account_id).'))',
|
||||
array('dn','gidnumber','cn','objectclass','mail'));
|
||||
|
||||
$data = ldap_get_entries($this->ds, $sri);
|
||||
if (!$data['count'])
|
||||
$ldap_data = ldap_get_entries($this->ds, $sri);
|
||||
if (!$ldap_data['count'])
|
||||
{
|
||||
return false; // group not found
|
||||
}
|
||||
$data = translation::convert($data[0],'utf-8');
|
||||
$data = translation::convert($ldap_data[0],'utf-8');
|
||||
|
||||
$group = array(
|
||||
'account_dn' => $data['dn'],
|
||||
@ -435,7 +435,7 @@ class accounts_ldap
|
||||
{
|
||||
$this->ldapServerInfo = $this->ldap->getLDAPServerInfo($this->frontend->config['ldap_host']);
|
||||
}
|
||||
foreach($this->group_mail_classes as $objectclass => $forward)
|
||||
foreach(array_keys($this->group_mail_classes) as $objectclass)
|
||||
{
|
||||
if ($this->ldapServerInfo->supportsObjectClass($objectclass))
|
||||
{
|
||||
@ -459,12 +459,12 @@ class accounts_ldap
|
||||
array('dn','uidnumber','uid','gidnumber','givenname','sn','cn','mail','userpassword','telephonenumber',
|
||||
'shadowexpire','shadowlastchange','homedirectory','loginshell','createtimestamp','modifytimestamp'));
|
||||
|
||||
$data = ldap_get_entries($this->ds, $sri);
|
||||
if (!$data['count'])
|
||||
$ldap_data = ldap_get_entries($this->ds, $sri);
|
||||
if (!$ldap_data['count'])
|
||||
{
|
||||
return false; // user not found
|
||||
}
|
||||
$data = translation::convert($data[0],'utf-8');
|
||||
$data = translation::convert($ldap_data[0],'utf-8');
|
||||
|
||||
$utc_diff = date('Z');
|
||||
$user = array(
|
||||
@ -566,7 +566,6 @@ class accounts_ldap
|
||||
// - if it's set to > 0, it will or already has expired --> acount is active if it not yet expired
|
||||
// shadowexpire is in days since 1970/01/01 (equivalent to a timestamp (int UTC!) / (24*60*60)
|
||||
$shadowexpire = ($data['account_expires']-$utc_diff) / (24*3600);
|
||||
$account_expire = $shadowexpire*3600*24+$utc_diff;
|
||||
//echo "<p align=right>account_expires=".date('Y-m-d H:i',$data['account_expires'])." --> $shadowexpire --> ".date('Y-m-d H:i',$account_expire)."</p>\n";
|
||||
$to_write['shadowexpire'] = !$data['account_status'] ?
|
||||
($data['account_expires'] != -1 && $data['account_expires'] < time() ? round($shadowexpire) : 0) :
|
||||
@ -676,8 +675,7 @@ class accounts_ldap
|
||||
}
|
||||
}
|
||||
// add account_filter to filter (user has to be '*', as we otherwise only search uid's)
|
||||
$filter .= $this->account_filter;
|
||||
$filter = str_replace(array('%user','%domain'),array('*',$GLOBALS['egw_info']['user']['domain']),$filter);
|
||||
$filter .= str_replace(array('%user','%domain'),array('*',$GLOBALS['egw_info']['user']['domain']),$this->account_filter);
|
||||
$filter .= ')';
|
||||
|
||||
if ($param['type'] != 'both')
|
||||
@ -694,6 +692,7 @@ class accounts_ldap
|
||||
'account_lastname' => 'sn',
|
||||
'account_email' => 'email',
|
||||
'account_fullname' => 'cn',
|
||||
'account_primary_group' => 'gidnumber',
|
||||
);
|
||||
$orders = explode(',',$param['order']);
|
||||
$order = isset($propertyMap[$orders[0]]) ? $propertyMap[$orders[0]] : 'uid';
|
||||
@ -723,7 +722,7 @@ class accounts_ldap
|
||||
$filter = '(&(objectclass=posixaccount)(|(uid='.implode(')(uid=',$relevantAccounts).'))' . $this->account_filter.')';
|
||||
$filter = str_replace(array('%user','%domain'),array('*',$GLOBALS['egw_info']['user']['domain']),$filter);
|
||||
}
|
||||
$sri = ldap_search($this->ds, $this->user_context, $filter,array('uid','uidNumber','givenname','sn','mail','shadowExpire','createtimestamp','modifytimestamp','objectclass'));
|
||||
$sri = ldap_search($this->ds, $this->user_context, $filter,array('uid','uidNumber','givenname','sn','mail','shadowExpire','createtimestamp','modifytimestamp','objectclass','gidNumber'));
|
||||
//echo "<p>ldap_search(,$this->user_context,'$filter',) ".($sri ? '' : ldap_error($this->ds)).microtime()."</p>\n";
|
||||
|
||||
$utc_diff = date('Z');
|
||||
@ -740,11 +739,13 @@ class accounts_ldap
|
||||
'account_firstname' => translation::convert($allVals['givenname'][0],'utf-8'),
|
||||
'account_lastname' => translation::convert($allVals['sn'][0],'utf-8'),
|
||||
'account_status' => isset($allVals['shadowexpire'][0]) && $allVals['shadowexpire'][0]*24*3600-$utc_diff < time() ? false : 'A',
|
||||
'account_expires' => isset($data['shadowexpire']) && $data['shadowexpire'][0] ? $data['shadowexpire'][0]*24*3600+$utc_diff : -1, // LDAP date is in UTC
|
||||
'account_expires' => isset($allVals['shadowexpire']) && $allVals['shadowexpire'][0] ? $allVals['shadowexpire'][0]*24*3600+$utc_diff : -1, // LDAP date is in UTC
|
||||
'account_email' => $allVals['mail'][0],
|
||||
'account_created' => isset($allVals['createtimestamp'][0]) ? self::accounts_ldap2ts($allVals['createtimestamp'][0]) : null,
|
||||
'account_modified' => isset($allVals['modifytimestamp'][0]) ? self::accounts_ldap2ts($allVals['modifytimestamp'][0]) : null,
|
||||
'account_primary_group' => (string)-$allVals['gidnumber'][0],
|
||||
);
|
||||
error_log(__METHOD__."() ldap=".array2string($allVals)." --> account=".array2string($account));
|
||||
if ($param['active'] && !$this->frontend->is_active($account))
|
||||
{
|
||||
if (isset($totalcount)) --$totalcount;
|
||||
@ -892,14 +893,14 @@ class accounts_ldap
|
||||
* - if a group and an user have the same account_lid the group will be returned (LDAP only)
|
||||
* - if multiple user have the same email address, the returned user is undefined
|
||||
*
|
||||
* @param string $name value to convert
|
||||
* @param string $which='account_lid' type of $name: account_lid (default), account_email, person_id, account_fullname
|
||||
* @param string $_name value to convert
|
||||
* @param string $which ='account_lid' type of $name: account_lid (default), account_email, person_id, account_fullname
|
||||
* @param string $account_type u = user, g = group, default null = try both
|
||||
* @return int|false numeric account_id or false on error ($name not found)
|
||||
*/
|
||||
function name2id($name,$which='account_lid',$account_type=null)
|
||||
function name2id($_name,$which='account_lid',$account_type=null)
|
||||
{
|
||||
$name = ldap::quote(translation::convert($name,translation::charset(),'utf-8'));
|
||||
$name = ldap::quote(translation::convert($_name,translation::charset(),'utf-8'));
|
||||
|
||||
if ($which == 'account_lid' && $account_type !== 'u') // groups only support account_lid
|
||||
{
|
||||
@ -938,7 +939,7 @@ class accounts_ldap
|
||||
* Uses the read method to fetch all data.
|
||||
*
|
||||
* @param int $account_id numerica account_id
|
||||
* @param string $which='account_lid' type to convert to: account_lid (default), account_email, ...
|
||||
* @param string $which ='account_lid' type to convert to: account_lid (default), account_email, ...
|
||||
* @return string/false converted value or false on error ($account_id not found)
|
||||
*/
|
||||
function id2name($account_id,$which='account_lid')
|
||||
@ -949,24 +950,14 @@ class accounts_ldap
|
||||
/**
|
||||
* Update the last login timestamps and the IP
|
||||
*
|
||||
* @param int $account_id
|
||||
* @param int $_account_id
|
||||
* @param string $ip
|
||||
* @return int lastlogin time
|
||||
*/
|
||||
function update_lastlogin($_account_id, $ip)
|
||||
{
|
||||
unset($_account_id, $ip);
|
||||
return false; // not longer supported
|
||||
|
||||
$entry['phpgwaccountlastlogin'] = time();
|
||||
$entry['phpgwaccountlastloginfrom'] = $ip;
|
||||
|
||||
$sri = ldap_search($this->ds, $this->frontend->config['ldap_context'], 'uidnumber=' . (int)$_account_id);
|
||||
$allValues = ldap_get_entries($this->ds, $sri);
|
||||
|
||||
$dn = $allValues[0]['dn'];
|
||||
@ldap_modify($this->ds, $dn, $entry);
|
||||
|
||||
return $allValues[0]['phpgwaccountlastlogin'][0];
|
||||
}
|
||||
|
||||
/**
|
||||
@ -994,19 +985,19 @@ class accounts_ldap
|
||||
/**
|
||||
* Query the members of a group
|
||||
*
|
||||
* @param int $gid
|
||||
* @param int $_gid
|
||||
* @return array with uidnumber => uid pairs
|
||||
*/
|
||||
function members($gid)
|
||||
function members($_gid)
|
||||
{
|
||||
if (!is_numeric($gid))
|
||||
if (!is_numeric($_gid))
|
||||
{
|
||||
// try to recover
|
||||
$gid = $this->name2id($gid,'account_lid','g');
|
||||
if (!is_numeric($gid)) return false;
|
||||
$_gid = $this->name2id($_gid,'account_lid','g');
|
||||
if (!is_numeric($_gid)) return false;
|
||||
}
|
||||
|
||||
$gid = abs($gid); // our gid is negative!
|
||||
$gid = abs($_gid); // our gid is negative!
|
||||
|
||||
$sri = ldap_search($this->ds,$this->group_context,"(&(objectClass=posixGroup)(gidnumber=$gid))",array('memberuid'));
|
||||
$group = ldap_get_entries($this->ds, $sri);
|
||||
@ -1063,8 +1054,8 @@ class accounts_ldap
|
||||
*
|
||||
* @param array $members array with uidnumber or uid's
|
||||
* @param int $gid gidnumber of group to set
|
||||
* @param boolean $groupOfNames=null should we set the member attribute of groupOfNames (default detect it)
|
||||
* @param string $use_cn=null if set $cn is used instead $gid and the attributes are returned, not written to ldap
|
||||
* @param boolean $groupOfNames =null should we set the member attribute of groupOfNames (default detect it)
|
||||
* @param string $use_cn =null if set $cn is used instead $gid and the attributes are returned, not written to ldap
|
||||
* @return boolean/array false on failure, array or true otherwise
|
||||
*/
|
||||
function set_members($members,$gid,$groupOfNames=null,$use_cn=null)
|
||||
@ -1118,7 +1109,7 @@ class accounts_ldap
|
||||
* Using the common functions next_id and last_id, find the next available account_id
|
||||
*
|
||||
* @internal
|
||||
* @param $string $account_type='u' (optional, default to 'u')
|
||||
* @param string $account_type ='u' (optional, default to 'u')
|
||||
* @return int|boolean integer account_id (negative for groups) or false if none is free anymore
|
||||
*/
|
||||
protected function _get_nextid($account_type='u')
|
||||
|
@ -263,7 +263,7 @@ class accounts_sql
|
||||
/**
|
||||
* Delete one account, deletes also all acl-entries for that account
|
||||
*
|
||||
* @param int $id numeric account_id
|
||||
* @param int $account_id numeric account_id
|
||||
* @return boolean true on success, false otherwise
|
||||
*/
|
||||
function delete($account_id)
|
||||
@ -440,7 +440,7 @@ class accounts_sql
|
||||
default:
|
||||
if (is_numeric($param['type']))
|
||||
{
|
||||
$filter['account_id'] = $this->frontend->members($param['type'], true);
|
||||
$filter['account_id'] = $this->frontend->members($param['type'], true, $param['active']);
|
||||
$filter['owner'] = 0;
|
||||
break;
|
||||
}
|
||||
@ -544,7 +544,7 @@ class accounts_sql
|
||||
* - if multiple user have the same email address, the returned user is undefined
|
||||
*
|
||||
* @param string $name value to convert
|
||||
* @param string $which='account_lid' type of $name: account_lid (default), account_email, person_id, account_fullname
|
||||
* @param string $which ='account_lid' type of $name: account_lid (default), account_email, person_id, account_fullname
|
||||
* @param string $account_type u = user, g = group, default null = try both
|
||||
* @return int/false numeric account_id or false on error ($name not found)
|
||||
*/
|
||||
@ -597,7 +597,7 @@ class accounts_sql
|
||||
* Uses the read method to fetch all data.
|
||||
*
|
||||
* @param int $account_id numerica account_id
|
||||
* @param string $which='account_lid' type to convert to: account_lid (default), account_email, ...
|
||||
* @param string $which ='account_lid' type to convert to: account_lid (default), account_email, ...
|
||||
* @return string/false converted value or false on error ($account_id not found)
|
||||
*/
|
||||
function id2name($account_id,$which='account_lid')
|
||||
|
Loading…
Reference in New Issue
Block a user