forked from extern/egroupware
fixed and extended auto_create_accounts: the following information from ldap are now automaticaly stored in the sql-account:
- name & firstname - primary group (if a group with that numerical id exists in eGW, its added as primary group to the account and acl) - numerical account-id (if availible, no new one gets created, but the one from ldap is used) - email (as preference for the email-app)
This commit is contained in:
Ralf Becker
parent
3a42857913
commit
eed94133c3
@ -277,11 +277,19 @@
|
||||
return $ret_val;
|
||||
}
|
||||
|
||||
function create($account_info,$default_prefs=True)
|
||||
function create($account_info)
|
||||
{
|
||||
$this->db->query('INSERT INTO phpgw_accounts (account_lid,account_type,account_pwd,'
|
||||
if (isset($account_info['account_id']) && (!(int)$account_info['account_id'] || $this->id2name($account_info['account_id'])))
|
||||
{
|
||||
// account_id already used => discard it
|
||||
unset($account_info['account_id']);
|
||||
}
|
||||
$this->db->query('INSERT INTO phpgw_accounts ('.(isset($account_info['account_id'])?'account_id,':'')
|
||||
. 'account_lid,account_type,account_pwd,'
|
||||
. 'account_firstname,account_lastname,account_status,account_expires,person_id,'
|
||||
. "account_primary_group) VALUES ('".$this->db->db_addslashes($account_info['account_lid'])
|
||||
. 'account_primary_group) VALUES ('
|
||||
. (isset($account_info['account_id'])?(int)$account_info['account_id'].',':'')
|
||||
. "'" . $this->db->db_addslashes($account_info['account_lid'])
|
||||
. "','" . $this->db->db_addslashes($account_info['account_type'])
|
||||
. "','" . $GLOBALS['phpgw']->common->encrypt_password($account_info['account_passwd'], True)
|
||||
. "', '" . $this->db->db_addslashes($account_info['account_firstname'])
|
||||
@ -293,12 +301,6 @@
|
||||
|
||||
$accountid = $this->db->get_last_insert_id('phpgw_accounts','account_id');
|
||||
|
||||
/* default prefs dont need to be set anymore
|
||||
if($accountid && is_object($GLOBALS['phpgw']->preferences) && $default_prefs)
|
||||
{
|
||||
$GLOBALS['phpgw']->preferences->create_defaults($accountid);
|
||||
}
|
||||
*/
|
||||
return $accountid;
|
||||
}
|
||||
|
||||
@ -329,21 +331,40 @@
|
||||
$expires = mktime(2,0,0,date('n',$expiredate), (int)date('d',$expiredate), date('Y',$expiredate));
|
||||
}
|
||||
}
|
||||
$primary_group = $GLOBALS['auto_create_acct']['primary_group'] &&
|
||||
$this->get_type((int)$GLOBALS['auto_create_acct']['primary_group']) == 'g' ?
|
||||
(int) $GLOBALS['auto_create_acct']['primary_group'] : 0;
|
||||
|
||||
$acct_info = array(
|
||||
'account_id' => (int) $GLOBALS['auto_create_acct']['id'],
|
||||
'account_lid' => $accountname,
|
||||
'account_type' => 'u',
|
||||
'account_passwd' => $passwd,
|
||||
'account_firstname' => '',
|
||||
'account_lastname' => '',
|
||||
'account_firstname' => $GLOBALS['auto_create_acct']['firstname'],
|
||||
'account_lastname' => $GLOBALS['auto_create_acct']['lastname'],
|
||||
'account_status' => $account_status,
|
||||
'account_expires' => $expires
|
||||
'account_expires' => $expires,
|
||||
'account_primary_group' => $primary_group,
|
||||
);
|
||||
|
||||
$this->db->transaction_begin();
|
||||
$this->create($acct_info,$default_prefs);
|
||||
$this->create($acct_info);
|
||||
$accountid = $this->name2id($accountname);
|
||||
|
||||
// if we have a primary_group, add it as "regular" eGW group (via ACL) too
|
||||
if ($accountid && $primary_group)
|
||||
{
|
||||
$this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('phpgw_group', "
|
||||
. $primary_group . ', ' . $accountid . ', 1)',__LINE__,__FILE__);
|
||||
}
|
||||
// if we have an mail address set it as email pref
|
||||
if ($accountid && @$GLOBALS['auto_create_acct']['email'])
|
||||
{
|
||||
$GLOBALS['phpgw']->acl->acl($accountid); // needed als preferences::save_repository calls acl
|
||||
$GLOBALS['phpgw']->preferences->preferences($accountid);
|
||||
$GLOBALS['phpgw']->preferences->read_repository();
|
||||
$GLOBALS['phpgw']->preferences->add('email','address',$GLOBALS['auto_create_acct']['email']);
|
||||
$GLOBALS['phpgw']->preferences->save_repository();
|
||||
}
|
||||
if ($default_acls == False)
|
||||
{
|
||||
$default_group_lid = $GLOBALS['phpgw_info']['server']['default_group_lid'];
|
||||
@ -365,9 +386,7 @@
|
||||
'addressbook',
|
||||
'calendar',
|
||||
'email',
|
||||
'notes',
|
||||
'todo',
|
||||
'phpwebhosting',
|
||||
'infolog',
|
||||
'manual'
|
||||
) as $app)
|
||||
{
|
||||
|
||||
@ -31,12 +31,6 @@
|
||||
|
||||
function authenticate($username, $passwd)
|
||||
{
|
||||
/*
|
||||
error_reporting MUST be set to zero, otherwise you'll get nasty LDAP errors with a bad login/pass...
|
||||
these are just "warnings" and can be ignored.....
|
||||
*/
|
||||
error_reporting(0);
|
||||
|
||||
if (ereg('[()|&=*,<>!~]',$username))
|
||||
{
|
||||
return False;
|
||||
@ -60,7 +54,7 @@
|
||||
return False;
|
||||
}
|
||||
/* find the dn for this uid, the uid is not always in the dn */
|
||||
$attributes = array('uid', 'dn');
|
||||
$attributes = array('uid','dn','givenName','sn','mail','uidNumber','gidNumber');
|
||||
if ($GLOBALS['phpgw_info']['server']['account_repository'] == 'ldap')
|
||||
{
|
||||
$filter = "(&(uid=$username)(phpgwaccountstatus=A))";
|
||||
@ -69,8 +63,10 @@
|
||||
{
|
||||
$filter = "(uid=$username)";
|
||||
}
|
||||
|
||||
$sri = ldap_search($ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $attributes);
|
||||
$allValues = ldap_get_entries($ldap, $sri);
|
||||
|
||||
if ($allValues['count'] > 0)
|
||||
{
|
||||
if($GLOBALS['phpgw_info']['server']['case_sensitive_username'] == true)
|
||||
@ -96,16 +92,29 @@
|
||||
if ($GLOBALS['phpgw_info']['server']['account_repository'] != 'ldap')
|
||||
{
|
||||
$account = CreateObject('phpgwapi.accounts',$username,'u');
|
||||
if (!$account->account_id && $GLOBALS['phpgw_info']['server']['auto_create_acct'])
|
||||
{
|
||||
// create a global array with all availible info about that account
|
||||
$GLOBALS['auto_create_acct'] = array();
|
||||
foreach(array(
|
||||
'givenname' => 'firstname',
|
||||
'sn' => 'lastname',
|
||||
'uidnumber' => 'id',
|
||||
'mail' => 'email',
|
||||
'gidnumber' => 'primary_group',
|
||||
) as $ldap_name => $acct_name)
|
||||
{
|
||||
$GLOBALS['auto_create_acct'][$acct_name] =
|
||||
$GLOBALS['phpgw']->translation->convert($allValues[0][$ldap_name][0],'utf-8');
|
||||
}
|
||||
return True;
|
||||
}
|
||||
$data = $account->read_repository();
|
||||
return $data['status'] == 'A';
|
||||
}
|
||||
return True;
|
||||
}
|
||||
}
|
||||
|
||||
/* Turn error reporting back to normal */
|
||||
error_reporting(7);
|
||||
|
||||
/* dn not found or password wrong */
|
||||
return False;
|
||||
}
|
||||
@ -133,20 +142,6 @@
|
||||
return $entry['userpassword'];
|
||||
}
|
||||
|
||||
/* This data needs to be updated in LDAP, not SQL (jengo) */
|
||||
function old_update_lastlogin($account_id, $ip)
|
||||
{
|
||||
$GLOBALS['phpgw']->db->query("SELECT account_lastlogin FROM phpgw_accounts WHERE account_id='$account_id'",__LINE__,__FILE__);
|
||||
$GLOBALS['phpgw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['phpgw']->db->f('account_lastlogin');
|
||||
|
||||
$now = time();
|
||||
|
||||
$GLOBALS['phpgw']->db->query("UPDATE phpgw_accounts SET account_lastloginfrom='"
|
||||
. "$ip', account_lastlogin='" . $now
|
||||
. "' WHERE account_id='$account_id'",__LINE__,__FILE__);
|
||||
}
|
||||
|
||||
function update_lastlogin($_account_id, $ip)
|
||||
{
|
||||
$entry['phpgwaccountlastlogin'] = time();
|
||||
|
||||
Loading…
Reference in New Issue
Block a user