gunnar: server/php-kolab/Kolab_Webadmin/Webadmin config.class.php, NONE, 1.1 domainmaintainer.class.php, NONE, 1.1 group.class.php, NONE, 1.1 sharedfolder.class.php, NONE, 1.1 ldap.class.php, 1.4, 1.5 user.class.php, 1.2, 1.3 webadmin.class.php, 1.4, 1.5
cvs at kolab.org
cvs at kolab.org
Tue Aug 21 19:13:46 CEST 2007
Author: gunnar
Update of /kolabrepository/server/php-kolab/Kolab_Webadmin/Webadmin
In directory doto:/tmp/cvs-serv8028
Modified Files:
ldap.class.php user.class.php webadmin.class.php
Added Files:
config.class.php domainmaintainer.class.php group.class.php
sharedfolder.class.php
Log Message:
Intermediate commit while constructing this package.
--- NEW FILE: config.class.php ---
function domains($reload = false) {
if ($reload || !$this->cached_domains) {
$kolab_obj = $this->read('k=kolab,'.$this->_base_dn);
if (!$kolab_obj) return false;
$this->cached_domains = $kolab_obj['postfix-mydestination'];
unset($this->cached_domains['count']);
debug("loading domains");
}
debug("ldap->domains() returns ".join(", ", $this->cached_domains));
return $this->cached_domains;
}
--- NEW FILE: domainmaintainer.class.php ---
/*
* COPYRIGHT
* ---------
*
* See ../AUTHORS file
*
*
* LICENSE
* -------
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* $Revision: 1.1 $
*
* ABOUT
* -----
*
* A class for Kolab domain maintainer management.
*
*/
/**
* This class provides methods associated to Kolab domain maintainers.
*
* $Header: /kolabrepository/server/php-kolab/Kolab_Webadmin/Webadmin/domainmaintainer.class.php,v 1.1 2007/08/21 17:13:44 gunnar Exp $
*
* @author Steffen Hansen <steffen at klaralvdalens-datakonsult.se>
* @author Gunnar Wrobel <wrobel at pardus.de>
* @package Kolab_Webadmin
*/
class KolabDomainMaintainer {
/**
* The LDAP server connection
*
* @var KolabLDAP
*/
var $_ldap;
/**
* The DN of the domain maintainer
*
* @var string
*/
var $_dn;
/**
* Initialize the class.
*
* @param KolabLDAP $ldap Kolab LDAP connection
* @param string $dn The DN of the domain maintainer
*/
function KolabDomainMaintainer($ldap, $dn)
{
$this->_ldap = $ldap;
$this->_dn = $dn;
}
/**
* Return the domains that this maintainer maintains
*
* @return array The domains belonging to this domain maintainer.
*/
function domains() {
$domains = array();
$filter = '(member=' . $this->escape($this->_dn) . ')';
$result = $this->_ldap->search('cn=domains,cn=internal,' .
$this->_ldap->base_dn, $filter,
array('cn'));
if (is_a($result, 'PEAR_Error')) {
return $result;
}
$entries = $this->_ldap->getEntries($result);
unset($entries['count']);
if (count($entries) > 0) {
foreach($entries as $val) {
$domains[] = $val['cn'][0];
}
}
return $domains;
}
function domainsForMaintainerUid($uid) {
debug("domainsForMaintainer($uid):");
$dn = $this->dnForUid($uid);
if ($dn) {
return $this->domainsForMaintainerDn($dn);
}
return false;
}
function addToDomainGroups($member, $domains) {
if (empty($domains)) {
return true;
}
foreach($domains as $domain) {
$domgrpdn = 'cn='.$this->dn_escape($domain).',cn=domains,cn=internal,'.$this->_base_dn;
$dom_obj = $this->read($domgrpdn);
if (!$dom_obj) {
debug("+Adding group $domgrpdn with member $member");
if (!ldap_add($this->_ldap, $domgrpdn,
array('objectClass' => array('top', 'kolabGroupOfNames'),
'cn' => $domain,
'member' => $member))) {
debug("Error adding domain group: ".ldap_error($this->_ldap));
return false;
}
} else {
if (!in_array($member, $dom_obj['member'])) {
debug("+Adding member $member to $domgrpdn");
if (!ldap_mod_add($this->_ldap, $domgrpdn, array('member' => $member))) {
debug("Error adding $member to domain $domgrpdn: ".ldap_error($this->_ldap));
return false;
}
}
}
}
return true;
}
function removeFromDomainGroups($member, $domains) {
if (empty($domains)) {
return true;
}
foreach($domains as $domain) {
$domgrpdn = 'cn='.$this->dn_escape($domain).',cn=domains,cn=internal,'.$this->_base_dn;
$dom_obj = $this->read($domgrpdn);
if ($dom_obj) {
if (count($dom_obj['member'] == 1)) {
debug("-Removing group $domgrpdn");
if (!ldap_delete($this->_ldap, $domgrpdn)) {
debug("Error deleting domain group $domgrpdn: ".ldap_error($this->_ldap));
return false;
}
} else {
debug("-Removing member $member from group $domgrpdn");
if (!ldap_mod_del($this->_ldap, $domgrpdn, array('member' => $member))) {
debug("Error deleting $member from domain $domgrpdn: ".ldap_error($this->_ldap));
return false;
}
}
}
}
}
}
/*
Local variables:
mode: php
indent-tabs-mode: f
tab-width: 4
buffer-file-coding-system: utf-8
End:
vim:encoding=utf-8:
*/
?>
--- NEW FILE: group.class.php ---
function groupForUid($uid) {
$group = false;
if (!$this->_bound) {
return false;
}
$dn = $this->dnForUid($uid);
if ($dn) {
$group = 'user';
$filter = '(member='.$this->escape($dn).')';
$result = $this->search('cn=domain-maintainer,cn=internal,'.$this->_base_dn, $filter);
if (ldap_count_entries($this->_ldap, $result) > 0) $group = 'domain-maintainer';
$result = $this->search('cn=maintainer,cn=internal,'.$this->_base_dn, $filter);
if (ldap_count_entries($this->_ldap, $result) > 0) $group = 'maintainer';
$result = $this->search('cn=admin,cn=internal,'.$this->_params["base_dn"], $filter);
if (ldap_count_entries($this->_ldap, $result) > 0) $group = 'admin';
if ($result) $this->freeSearchResult();
}
debug("groupForUid($uid) = $group");
return $group;
}
function exists_group($group) {
$filter = '(&(objectClass=kolabGroupOfNames)(mail='.$this->escape($group).'))';
$res = $this->search($this->_base_dn, $filter, array('dn'));
return ($this->count($res) > 0);
}
// Get members of a group as an array of DNs
function groupMembers($base, $group) {
$privmembers = array();
$mybase = 'cn='.$group.','.$base;
$filter = '(objectClass=kolabGroupOfNames)';
$res = ldap_search($this->_ldap, $mybase, $filter, array('member'));
if (!$res) {
array_push($this->errors, _("LDAP Error: Can't read maintainers group: ")
.ldap_error($conn));
return array();
}
$entries = ldap_get_entries($this->_ldap, $res);
foreach($entries as $key=>$val) {
if ($key === 'count') {
// Do nothing
} else if (is_array($val) && is_array($val['member'])) {
foreach($val['member'] as $member) {
$privmembers[$member] = true;
}
}
}
ldap_free_result($res);
return $privmembers;
}
function deleteGroupOfNames($dn, $delete_now = false) {
return $this->_doDeleteObject($dn, $delete_now, false);
}
--- NEW FILE: sharedfolder.class.php ---
function deleteSharedFolder($dn, $delete_now = false) {
return $this->_doDeleteObject($dn, $delete_now, false);
}
Index: ldap.class.php
===================================================================
RCS file: /kolabrepository/server/php-kolab/Kolab_Webadmin/Webadmin/ldap.class.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- ldap.class.php 17 Aug 2007 08:48:50 -0000 1.4
+++ ldap.class.php 21 Aug 2007 17:13:44 -0000 1.5
@@ -32,513 +32,609 @@
*
*/
-require_once('debug.php');
-
/* We dont have any better place to put this right now... */
function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789') {
- $str = '';
- $seeds_count = strlen($seeds);
+ $str = '';
+ $seeds_count = strlen($seeds);
[...1024 lines suppressed...]
};
/*
- Local variables:
- mode: php
- indent-tabs-mode: f
- tab-width: 4
- buffer-file-coding-system: utf-8
- End:
- vim:encoding=utf-8:
- */
+ Local variables:
+ mode: php
+ indent-tabs-mode: f
+ tab-width: 4
+ buffer-file-coding-system: utf-8
+ End:
+ vim:encoding=utf-8:
+*/
?>
Index: user.class.php
===================================================================
RCS file: /kolabrepository/server/php-kolab/Kolab_Webadmin/Webadmin/user.class.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- user.class.php 20 Aug 2007 10:11:26 -0000 1.2
+++ user.class.php 21 Aug 2007 17:13:44 -0000 1.3
@@ -45,7 +45,7 @@
* @author Gunnar Wrobel <wrobel at pardus.de>
* @package Kolab_Webadmin
*/
-class KolabUsers {
+class KolabUser {
/**
* A link to the object that handles our ldap connection.
@@ -57,173 +57,198 @@
/**
* The configuration options for the Kolab web admin
*
- * @var params
+ * @var array
*/
var $_params;
/**
+ * The possible selections for invitation policies
+ *
+ * @var array
+ */
+ var $invpol = array('ACT_ALWAYS_ACCEPT',
+ 'ACT_ALWAYS_REJECT',
+ 'ACT_REJECT_IF_CONFLICTS',
+ 'ACT_MANUAL_IF_CONFLICTS',
+ 'ACT_MANUAL' );
+
+ /**
+ * The possible account types
+ *
+ * @var array
+ */
+ var $acctyp = array('',
+ 'cn=internal,',
+ 'cn=groups,',
+ 'cn=resources,');
+
+ /**
* Initialize the users class
*
* @param KolabLDAP $ldap An object that wraps the ldap connection.
*
* @return KolabUsers The initialized KolabUsers object
*/
- function KolabUsers($ldap, $dn, $params)
+ function KolabUsers($ldap, $params)
{
$this->_ldap = $ldap;
- $this->_dn = $dn;
$this->_params = $params;
}
/**
* Return a list of all users
*
- * @param string $dn The distinguished name of the current user.
- * @param mixed $filterattr FIXME
- * @param mixed $filtertype FIXME
- * @param mixed $filtervalue FIXME
- * @param mixed $alphalimit FIXME
- * @param mixed $alphagroup FIXME
+ * @param KolabLDAP $ldap The connection to the Kolab LDAP filter.
+ * @param string $base_dn Base DN for the search
+ * @param string $addfilter Additional LDAP filter criteria.
+ * @param int $perpage Maximal entries per page
+ * @param int $page Start with this page
*
- * @return KolabUsers The initialized KolabUsers object
+ * @return array An array of user information
*/
- function getVisibleUsers($filterattr = false, $filtertype = false,
- $filtervalue = false, $alphalimit = false,
- $alphagroup = false)
+ function getUsers($ldap, $base_dn, $addfilter = '', $perpage = 50, $page = 1)
{
// Get all entries & dynamically split the letters with growing entries
$entries = array();
- if (isset($this->_params['base_dn'])) {
- $base_dn = $this->_params['base_dn'];
- } else {
- $base_dn = 'k=kolab';
- }
$privmembers = array_merge(
(array)$this->_ldap->groupMembers( "cn=internal,$base_dn", 'admin' ),
(array)$this->_ldap->groupMembers( "cn=internal,$base_dn", 'maintainer' )
);
- $userfilter = "cn=*";
-
- if( !in_array( $filterattr, array( 'cn', 'uid', 'mail' ) ) ) {
- $filterattr = 'cn';
- }
-
- if( !empty( $filtervalue ) ) {
- switch( $filtertype ) {
- case 'contains': // contains
- $userfilter = "$filterattr=*" .
- $this->_ldap->escape($filtervalue) . '*';
- break;
- case 'is': // is
- $userfilter = "$filterattr=" .
- $this->_ldap->escape($filtervalue);
- break;
- case 'begins': // begins with
- $userfilter = "$filterattr=" .
- $this->_ldap->escape($filtervalue) . '*';
- break;
- case 'ends': // ends with
- $userfilter = "$filterattr=*" .
- $this->_ldap->escape($filtervalue);
- break;
- }
- }
- $alphalimit = '';
- $alphagroup = '';
- // Disabled for now
- if( false && !empty($alphalimit)) {
- $ala='sn'; // alpha limit attibute
- if( $alphalimit == "other" ) {
- $alphalimit = "(|($ala=æ*)($ala=ø*)($ala=å*)($ala=ä*)($ala=ö*)($ala=ü*)($ala=0*)($ala=1*)($ala=2*)($ala=3*)($ala=4*)($ala=5*)($ala=6*)($ala=7*)($ala=8*)($ala=9*))";
- } else {
- $alphalimit ="($ala=$alphalimit*)";
- }
- } else if( !empty($alphagroup)) {
- $ala='sn'; // alpha limit attibute
- switch( $alphagroup ) {
- case 'a':
- $alphalimit = "(|($ala=a*)($ala=b*)($ala=c*)($ala=d*)($ala=e*)($ala=f*))";
- break;
- case 'g':
- $alphalimit = "(|($ala=g*)($ala=h*)($ala=i*)($ala=j*)($ala=k*)($ala=l*))";
- break;
- case 'm':
- $alphalimit = "(|($ala=m*)($ala=n*)($ala=o*)($ala=p*)($ala=q*)($ala=r*))";
- break;
- case 's':
- $alphalimit = "(|($ala=s*)($ala=t*)($ala=u*)($ala=v*)($ala=w*)($ala=x*)($ala=y*)($ala=z*))";
- break;
- case 'other':
- $alphalimit = "(|($ala=æ*)($ala=ø*)($ala=å*)($ala=ä*)($ala=ö*)($ala=ü*)($ala=0*)($ala=1*)($ala=2*)($ala=3*)($ala=4*)($ala=5*)($ala=6*)($ala=7*)($ala=8*)($ala=9*))";
- break;
- default:
- $alphalimit = '';
- }
- }
- $domains = $this->_ldap->domainsForMaintainerDn($this->_dn);
- if( is_array($domains) ) {
- $domainfilter='';
- foreach( $domains as $dom ) {
- $domainfilter .= '(mail=*@' . $this->_ldap->escape($dom) . ')';
- }
- if( $domainfilter ) {
- $domainfilter = "(|$domainfilter)";
- }
- } else {
- $domainfilter= "";
- }
- $filter = "(&($userfilter)$domainfilter$alphalimit(objectclass=kolabInetOrgPerson)(uid=*)(mail=*)(sn=*))";
- debug("filter is \"$filter\"");
- $result = ldap_search($this->_ldap->connection, $base_dn, $filter,
- array( 'uid', 'mail', 'sn', 'cn',
- 'kolabDeleteflag' ));
+ $filter = "($addfilter(objectclass=kolabInetOrgPerson)(uid=*)(mail=*)(sn=*))";
+ $result = $ldap->search($base_dn, $filter,
+ array( 'uid', 'mail', 'sn', 'cn',
+ 'kolabDeleteflag' ));
- $entries = array();
-
if( $result ) {
- ldap_sort($this->_ldap->connection, $result, 'sn');
- $entry = ldap_first_entry($this->_ldap->connection, $result);
- while( $entry ) {
- $attrs = ldap_get_attributes($this->_ldap->connection, $entry);
- $dn = ldap_get_dn($this->_ldap->connection,$entry);
- $deleted = array_key_exists('kolabDeleteflag',$attrs)?$attrs['kolabDeleteflag'][0]:"FALSE";
- $uid = $attrs['uid'][0];
- $mail = $attrs['mail'][0];
- $sn = $attrs['sn'][0];
- $cn = $attrs['cn'][0];
- $a = strlen($sn);
- $b = strlen($cn);
- $fn = substr($cn, 0, $b - $a);
- $dncomp = split( ',', $dn );
- if( in_array('cn=groups',$dncomp) ) {
- $type = 'G';
- } else if( in_array('cn=resources',$dncomp) ) {
- $type = 'R';
- } else if( in_array('cn=internal',$dncomp) ) {
- $type = 'I';
- } else {
- $type = 'U';
- }
+ $this->_ldap->sort($result, 'sn');
+ $from = ($page - 1) * $perpage);
+ $to = $page * $perpage;
+
+ $ldap_entries = getEntrySection($result, $from, $to);
+
+ $entries = array();
+ foreach($ldap_entries as $attrs) {
+ $dn = $attrs['dn'][0];;
// skip admins and maintainers
- if( !array_key_exists( $dn, $privmembers ) ) {
+ if(!array_key_exists($dn, $privmembers)) {
+ $dncomp = split(',', $dn);
+ if( in_array('cn=groups',$dncomp) ) {
+ $type = 'G';
+ } else if(in_array('cn=resources',$dncomp)) {
+ $type = 'R';
+ } else if(in_array('cn=internal',$dncomp)) {
+ $type = 'I';
+ } else {
+ $type = 'U';
+ }
+ $deleted = array_key_exists('kolabDeleteflag', $attrs)?$attrs['kolabDeleteflag'][0]:'FALSE';
+ $a = strlen($sn);
+ $b = strlen($cn);
+ $cn = $attrs['cn'][0];
+ $fn = substr($cn, 0, $b - $a);
$entries[] = array( 'dn' => $dn,
- 'sn' => $sn,
+ 'sn' => $attrs['sn'][0],
'fn' => $fn,
'type' => $type,
- 'mail' => $mail,
- 'uid' => $uid,
+ 'mail' => $attrs['mail'][0],
+ 'uid' => $attrs['uid'][0],
'deleted' => $deleted );
}
- $entry = ldap_next_entry( $this->_ldap->connection,$entry );
}
}
-
return $entries;
}
+
+ /**
+ * Create a user
+ *
+ * @param string $dn DN
+ *
+ * @return boolean True on success, a PEAR error otherwise
+ */
+ function createUser($userdata)
+ {
+ $ldap_object = array();
+ $ldap_object['objectClass'] = $userdata['objectclasses'];
+ $ldap_object['sn'] = $userdata['sn'];
+ $ldap_object['cn'] = $userdata['givenname'] . ' ' . $ldap_object['sn'];
+ $ldap_object['givenName'] = $userdata['givenname'];
+ $ldap_object['userPassword'] = ssha( $userdata['password_0'], gensalt());
+ $ldap_object['mail'] = $userdata['usermail'] . '@' . $userdata['domainmail'];
+ if ($create) {
+ $ldap_object['uid'] = ($uid == '') ? $ldap_object['mail'] : $userdata['uid'];
+ $ldap_object['kolabHomeServer'] = $userdata['kolabhomeserver'];
+ }
+ foreach( array( 'title', 'o', 'ou', 'roomNumber', 'street',
+ 'postOfficeBox', 'postalCode', 'l', 'c',
+ 'telephoneNumber', 'facsimileTelephoneNumber',
+ 'kolabFreeBusyFuture', 'kolabDelegate', 'cyrus-userquota' ) as $attr ) {
+ $ldap_object[$attr] = $userdata[$attr];
+ }
+
+ // Handle group/resource policies
+ $i = 0;
+ $ldap_object['kolabInvitationPolicy'] = array();
+ while( isset( $userdata['user_kolabinvitationpolicy_' . $i] ) ) {
+ $user = $userdata['user_kolabinvitationpolicy_' . $i];
+ $pol = (int)$userdata['policy_kolabinvitationpolicy_' . $i];
+ $i++;
+ if( !empty($user) && 0 <= $pol && $pol < 5 ) {
+ if( $this->invpol[$pol] ) {
+ $ldap_object['kolabInvitationPolicy'][] = ($user=='anyone' ? '' : "$user:") . $this->invpol[$pol];
+ }
+ }
+ }
+
+ $type = $userdata['accttype'];
+ if( $type < 0 || $type > 3 ) {
+ $type = 3;
+ }
+ $domain_dn = $this->acctyp[$type] . $this->_params['base_dn'];
+
+
+ }
+
+ /**
+ * Delete a user
+ *
+ * @param string $dn DN of the user that should be deleted
+ *
+ * @return boolean True on success, a PEAR error otherwise
+ */
+ function deleteUser($dn)
+ {
+ // Check for distribution lists with only this user as member
+ $smarty->ldap->search( $_SESSION['base_dn'],
+ '(&(objectClass=kolabGroupOfNames)(member='.$smarty->ldap->escape($dn).'))',
+ array( 'dn', 'cn', 'mail', 'member' ) );
+ $distlists = $smarty->ldap->getEntries();
+ unset($distlists['count']);
+ foreach( $distlists as $distlist ) {
+ $dlmail = $distlist['mail'][0];
+ if( !$dlmail ) $dlmail = $distlist['cn'][0]; # Compatibility with old stuff
+ if( $distlist['member']['count'] == 1 ) {
+ $errors[] = sprintf(_("Account could not be deleted, distribution list '%s' depends on it."), $dlmail);
+ }
+ }
+ if( !$errors ) foreach( $distlists as $distlist ) {
+ $dlmail = $distlist['mail'][0];
+ if( !$dlmail ) $dlmail = $distlist['cn'][0]; # Compatibility with old stuff
+ if( ldap_mod_del( $smarty->ldap->connection, $distlist['dn'], array('member' => $dn ) ) ) {
+ $messages[] = sprintf(_("Account removed from distribution list '%s'."), $dlmail);
+ } else {
+ $errors[] = sprintf(_("Failure to remove account from distribution list '%s', account will not be deleted."),
+ $dlmail);
+ break;
+ }
+ }
+
+ }
+
};
Index: webadmin.class.php
===================================================================
RCS file: /kolabrepository/server/php-kolab/Kolab_Webadmin/Webadmin/webadmin.class.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- webadmin.class.php 20 Aug 2007 10:11:26 -0000 1.4
+++ webadmin.class.php 21 Aug 2007 17:13:44 -0000 1.5
@@ -51,7 +51,8 @@
/** We need some form tools. */
require_once 'Kolab/Webadmin/form.class.php';
-/** Provide access to the users db. */
+/** Provide access to the Kolab specific objects. */
+require_once 'Kolab/Webadmin/domainmaintainer.class.php';
require_once 'Kolab/Webadmin/user.class.php';
/**
@@ -103,6 +104,13 @@
var $_config;
/**
+ * DN of the user currently logged in.
+ *
+ * @var string
+ */
+ var $_dn;
+
+ /**
* An array of section accessible to the current user.
*
* @var array
@@ -130,7 +138,10 @@
* Prepare authentication.
*/
- $this->_ldap =& new KolabLDAP($config);
+ $this->_ldap =& new KolabLDAP($config['ldap_master_uri'],
+ $config['base_dn'],
+ $config['php_dn'],
+ $config['php_pw']);
$this->_auth =& new KolabAuth($this->_ldap, $config);
/*
@@ -212,13 +223,14 @@
}
// User is authenticated
+ $this->_dn = $this->_auth->dn();
$this->assign( 'uid', $this->_auth->uid() );
$this->assign( 'group', $this->_auth->group() );
// Get the menu the user is able to see
$this->_menuitems = generate_menu($this->_auth, $config['topdir']);
- $this->_config = $config;
+ $this->_config = $config;
}
/**
@@ -347,12 +359,22 @@
}
/**
+ * Get the DN of the current user
+ *
+ * @return string The distinguished name of the current user.
+ */
+ function getCurrentDn()
+ {
+ return $this->_dn;
+ }
+
+ /**
* Return the sieve connection.
*/
function getSieve()
{
if (empty($this->_sieve)) {
- $obj = $this->_ldap->read( $this->_auth->dn() );
+ $obj = $this->_ldap->read( $this->_dn );
$this->_sieve =& new KolabSieve( $this->_auth->uid(),
$this->_auth->password(),
$obj['kolabHomeServer'][0] );
@@ -367,13 +389,168 @@
{
if (empty($this->_users)) {
$this->_users =& new KolabUsers( $this->_ldap,
- $this->_auth->dn(),
+ $this->_dn,
$this->_config );
}
return $this->_users;
}
/**
+ * Build a LDAP filter for leading characters based on an array.
+ *
+ * @param string $attr The attribute to filter on
+ * @param array $chars An array of acceptable leading characters.
+ *
+ * @return string A LDAP search filter.
+ */
+ function alphaFromArray($attr, $chars)
+ {
+ $filter = '(|';
+ foreach ($chars as $char) {
+ $filter .= '(' . $attr . '=' . $char . '*)';
+ }
+ return $filter . ')';
+ }
+
+ /**
+ * Build an alphabetic LDAP filter.
+ *
+ * @param string $attr The attribute to filter on
+ *
+ * @return string A LDAP search filter.
+ */
+ function buildAlphaFilter($attr = 'sn')
+ {
+ if ($this->_params['alpha_filter_type'] == 'none') {
+ return '';
+ }
+
+ $alphagroup = KolabForm::getRequestVar('alphagroup');
+
+
+ if ($this->_params['alpha_filter_type'] == 'group') {
+ switch( $alphagroup ) {
+ case 'a':
+ return $this->alphaFromArray($attr, array('a', 'b', 'c', 'd', 'e', 'f'));
+ case 'g':
+ return $this->alphaFromArray($attr, array('g', 'h', 'i', 'j', 'k', 'l'));
+ case 'm':
+ return $this->alphaFromArray($attr, array('m', 'n', 'o', 'p', 'q', 'r'));
+ case 's':
+ return $this->alphaFromArray($attr, array('s', 't', 'u', 'v', 'w', 'x', 'y', 'z'));
+ case 'other':
+ return $this->alphaFromArray($attr, array('æ', 'ø', 'å', 'ä', 'ö', 'ü', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'));
+ case 'all':
+ return '';
+ case 'none':
+ return "(&($attr=a*)($attr=b*))";
+ default:
+ return '';
+ }
+ } else {
+ if (strlen($alphagroup) == 1 &&
+ ord($alphagroup) > 96 &&
+ ord($alphagroup) < 123) {
+ return $this->alphaFromArray($attr, array($alphagroup));
+ }
+ switch( $alphagroup ) {
+ case 'other':
+ return $this->alphaFromArray($attr, array('æ', 'ø', 'å', 'ä', 'ö', 'ü', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'));
+ case 'all':
+ return '';
+ case 'none':
+ return "(&($attr=a*)($attr=b*))";
+ default:
+ return '';
+ }
+ }
+
+ return '';
+ }
+
+ /**
+ * Build a LDAP filter based on user settings.
+ *
+ * @return string A LDAP search filter.
+ */
+ function buildUserFilter()
+ {
+ if (!$this->_params['allow_user_filter']) {
+ return '';
+ }
+
+ $filterattr = KolabForm::getRequestVar('filterattr');
+ $filtertype = KolabForm::getRequestVar('filtertype');
+ $filtervalue = KolabForm::getRequestVar('filtervalue');
+
+ if( !in_array( $filterattr, array( 'cn', 'uid', 'mail' ) ) ) {
+ $filterattr = 'cn';
+ }
+
+ if( !empty( $filtervalue ) ) {
+ switch( $filtertype ) {
+ case 'contains': // contains
+ return $filterattr . '=*' .
+ $this->_ldap->escape($filtervalue) . '*';
+ case 'is': // is
+ return $filterattr . '=' .
+ $this->_ldap->escape($filtervalue);
+ case 'begins': // begins with
+ return $filterattr . '=' .
+ $this->_ldap->escape($filtervalue) . '*';
+ case 'ends': // ends with
+ return $filterattr . '=*' .
+ $this->_ldap->escape($filtervalue);
+ default:
+ return $filterattr . '=*' .
+ $this->_ldap->escape($filtervalue) . '*';
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Build a LDAP filter to select specifc domains for a domain
+ * maintainer.
+ *
+ * @return string A LDAP search filter.
+ */
+ function buildDomainFilter()
+ {
+ if (!$this->isDomainMaintainer()) {
+ return '';
+ }
+
+ $dm =& new KolabDomainMaintainer($this->_ldap, $this->_dn);
+ $domains = $dm->domains();
+ if( !is_array($domains) ) {
+ return '';
+ }
+
+ $domainfilter='(|';
+ foreach( $domains as $domain ) {
+ $domainfilter .= '(mail=*@' . $this->_ldap->escape($domain) . ')';
+ }
+ return $domainfilter . ')';
+ }
+
+
+ /**
+ * Return the visible users
+ */
+ function getVisibleUsers()
+ {
+ $userfilter = $this->buildUserFilter();
+ $alphafilter = $this->buildAlphaFilter();
+ $domainfilter = $this->buildDomainFilter();
+
+ $users = $this->getUsersInterface();
+ return $users->getUsers("&($userfilter)$domainfilter$alphafilter");
+ }
+
+
+
+ /**
* Run a text through htmlentities.
*
* @param string $text Text to transform
@@ -384,7 +561,194 @@
{
return KolabForm::htmlentities($text);
}
+
+ /**
+ * Check if the given dn is maintainable by the current user
+ *
+ * @param string $dn DN of the user to be modified
+ *
+ * @return boolean True if the current user may modify the user
+ * specified by the given dn.
+ */
+ function inMaintainerDomain($dn) {
+
+ // both groups have full access
+ if ($this->isMaintainer() || $this->isAdmin()) {
+ return true;
+ }
+
+ // user may not maintain anything
+ if ($this->isUser()) {
+ return false;
+ }
+
+ // we have a domain maintainer. Get his domains
+ $domains = $this->_ldap->domainsForMaintainerDn($this->_dn);
+
+ // retrieve the mail for the current dn
+ $mail = $this->_ldap->mailForDn($dn);
+
+ $ok = false;
+
+ // Check if the mail is within that domain
+ foreach( $domains as $domain ) {
+ if( endsWith( $mail, '@'.$domain ) ) {
+ $ok = true;
+ }
+ }
+ return $ok;
+ }
+
+ /**
+ * Get the LDAP object classes for the given DN
+ *
+ * @param string $dn DN of the object
+ *
+ * @return array An array of object classes
+ */
+ function storeUser($dn, $create = false) {
+
+ // Handle the users object classes
+ $oc = array('top', 'inetOrgPerson', 'kolabInetOrgPerson');
+ if( $dn ) {
+ $oc = $this->getObjectClasses($dn);
+ if (is_a($oc, 'PEAR_Error')) {
+ return $oc;
+ }
+ }
+
+ // Get the interface to the user db
+
+ if ($create) {
+ $ldap_object['uid'] = ($uid == '') ? $ldap_object['mail'] : $userdata['uid'];
+ $ldap_object['kolabHomeServer'] = $userdata['kolabhomeserver'];
+ }
+
+ if( !$ldap_object['alias'] && $action == 'firstsave' ) unset($ldap_object['alias']);
+ }
+
+ /**
+ * Grab data from a posted form
+ *
+ * @return boolean True on success, a PEAR error otherwise
+ */
+ function parseUserFromPost()
+ {
+
+ $userdata = array();
+
+ $userdata['sn'] = trim($_POST['sn']);
+ $userdata['givenname'] = trim($_POST['givenname']);
+ $userdata['password_0'] = $_POST['password_0'];
+ $userdata['usermail'] = trim( strtolower( $_POST['user_mail'] ) );
+ $userdata['domainmail'] = trim( strtolower( $_POST['domain_mail'] ) );
+ $userdata['uid'] = trim( strtolower( $_POST['uid'] ) );
+ $userdata['kolabhomeserver'] = trim($_POST['kolabhomeserver']);
+ $userdata['accttype'] = (int) $_POST['accttype'];
+
+ // Multiline data
+ foreach( array( 'kolabDelegate', 'alias') as $attr ) {
+ $userdata[$attr] = array_unique(
+ array_filter(
+ array_map(
+ 'trim',
+ preg_split('/\n/',
+ $_POST[$attr]
+ )
+ ),
+ 'strlen'
+ )
+ );
+ }
+
+
+ // Multiple entry data
+ foreach(
+ array(
+ 'title', 'o', 'ou', 'roomNumber', 'street', 'postOfficeBox',
+ 'postalCode', 'l', 'c', 'telephoneNumber',
+ 'facsimileTelephoneNumber', 'kolabFreeBusyFuture',
+ 'user_kolabinvitationpolicy', 'policy_kolabinvitationpolicy'
+ ) as $attr ) {
+ $count = 0;
+ $key = $attr."_0";
+ $args = array();
+ while (isset($_POST[$key])) {
+ $args[$count] = trim($_POST[$key]);
+ $count++;
+ $key = $attr."_".$count;
+ }
+ if ($count > 0) {
+ $userdata[$attr] = $args;
+ } elseif (!empty($_POST[$key])) {
+ $userdata[$attr] = $_POST[$key];
+ } else {
+ $userdata[$attr] = array();
+ }
+ }
+
+ // userquota
+ if( isset( $_POST['cyrus-userquota'] ) ) {
+ $userdata['cyrus-userquota'] = trim($_POST['cyrus-userquota']);
+ if( empty( $userdata['cyrus-userquota'] ) ) {
+ $userdata['cyrus-userquota'] = array();
+ }
+ }
+
+ }
+
+
+
+ /**
+ * Apply attribute access settings to an array of entries.
+ *
+ * @param array $entries An array of form entries
+ *
+ * @return array The modified array of entries
+ */
+ function apply_attributeaccess( &$entries ) {
+
+ $attributeaccess =& $this->_config['attribute_access'];
+ foreach( $entries as $key=>$value ) {
+ if( ereg( '(.*)_[0-9]', $key, $regs ) ) {
+ $akey = $regs[1];
+ } else {
+ $akey = $key;
+ }
+ if( isset($attributeaccess[$akey] ) ) {
+ if( $attributeaccess[$akey] == 'ro' ) {
+ $entries[$key]['attrs'] = 'readonly';
+ } else if( $attributeaccess[$akey] == 'hidden' ) {
+ //$entries[$key]['attrs'] = 'hidden';
+ unset($entries[$key]);
+ } else if( $attributeaccess[$akey] == 'mandatory' ) {
+ if( isset( $entries[$key]['validation'] ) ) {
+ if( is_array( $entries[$key]['validation'] ) ) {
+ $entries[$key]['validation'][] = 'notempty';
+ } else {
+ $entries[$key]['validation'][] = array( $entries[$key]['validation'],
+ 'notempty' );
+ }
+ } else {
+ $entries[$key]['validation'] = 'notempty';
+ }
+ }
+ }
+ }
+ return $entries;
+ }
+
+ /**
+ * Update the password of the current user
+ *
+ * @param array $pass The new password
+ */
+ function updatePassword($pass) {
+ $this->_auth->setPassword($pass);
+ }
+
+
};
/*
More information about the commits
mailing list