Commit ad83f6ef authored by bmortier's avatar bmortier

Merge branch '1.0.15-fixes'

parents d61d1c66 2d663fd0
......@@ -198,5 +198,8 @@ documentation and additional help.
Code and ideas for making Argonaut Events Extensible
* Paola Penati <paolapenati@hotmail.com>
Italian translation
Italian translation of FusionDirectory and the website
* Martin Hamant <mh@ow2.org>
Adding DSA accounts into groups
FusionDirectory changelog
=========================
* FusionDirectory 1.0.16
|Fix] Bugs #3587: Edit a template add bad characters
Bugs #4808: improve the script error code and return documentation in hooks
|Fix] Bugs #4925: document the autofs plugin
|Fix] FusionDirectory plugins - Bugs #4997: getfields method returns wrong info in attrs_order
|Fix] Bugs #5005: No upper case characters allowed in group-names
|Fix] FusionDirectory plugins - Bugs #5093: [DNS plugin] when click to "Refresh zone file" button in DNS tab it would not update reverse zones.
[Feature] Bugs #5095: Checkhook should have a way to know if other check errors occured
|Fix] FusionDirectory plugins - Bugs #5138: Name of the directory must authorized "/"
|Fix] Bugs #5145: Dashboard should not have references and ldap tabs
|Fix] Bugs #5149: Handling of SSL and URL when behind a proxy
|Fix] Bugs #5151: Create only digit with %r% placeholder not work
|Fix] Bugs #5152: We should not be able of adding users to groups we have no rights on
|Fix] Bugs #5153: Manager that manage a department cannot lock an user
[Feature] Bugs #5154: Possibility to know who edit the same user when we have a lock entry error
[Feature] FusionDirectory plugins - Bugs #5155: Add an ACL for LDAP tab
[Feature] FusionDirectory plugins - Bugs #5156: Add a backend configuration to desactivate the warning popup when we add a user
[Feature] Bugs #5157: Possibility to know when was a lock put when we have a conflict
|Fix] FusionDirectory plugins - Bugs #5160: opsi import is broken
|Fix] Bugs #5161: when trying to delete system i got a lock error
[Feature] FusionDirectory plugins - Bugs #5165: Possible to store sudo role in different OU in the LDAP Tree
|Fix] Bugs #5172: ldap error after upgrade from 1.0.15 release to 1.0.15 fixes (lock object)
[Feature] FusionDirectory plugins - Bugs #5173: putting acl on ldap/import export
[Feature] Wishlist #5004: Do not require nis schema
[Feature] Wishlist #5096: HTTP header authentication
[Feature] Wishlist #5162: allow DSA entries to be part of a group
* FusionDirectory 1.0.15
[Feature] Wishlist #4832: Allow removal of user picture
......
......@@ -1548,6 +1548,34 @@ sub migrate_acls {
}
}
sub delete_gosa_locks {
# initiate the LDAP connexion
my %hash_ldap_param = get_ldap_connexion();
# LDAP's connection's parameters
my $base = $hash_ldap_param{base};
my $ldap = $hash_ldap_param{ldap};
# Search for old formatted ACLs
my $mesg = $ldap->search(
base => "$base",
filter => "(objectClass=gosaLockEntry)",
attrs => ['dn']
);
$mesg->code && die $mesg->error;
my @entries = $mesg->entries;
foreach my $entry (@entries) {
$mesg = $ldap->delete($entry);
if ($mesg->code) {
print "Failed to delete lock '".$entry->dn."': ".$mesg->error."\n";
} else {
print "Deleted lock '".$entry->dn."'\n";
}
}
}
# Get LDAP attributes which have been deprecated
sub get_deprecated {
# initiate the LDAP connexion
......@@ -1886,6 +1914,7 @@ die ("! You have to run this script as root\n") if ($<!=0);
$commands{"--migrate-printers"} = ["Migrating your printer from FD < 1.0.14", \&migrate_printers];
$commands{"--migrate-dns"} = ["Migrating DNS zones for FD 1.0.10", \&migrate_dns];
$commands{"--migrate-acls"} = ["Migrating your ACLs", \&migrate_acls];
$commands{"--delete-gosa-locks"} = ["Delete lock tokens using old gosaLockEntry class", \&delete_gosa_locks];
$commands{"--install-plugins"} = ["Installing FusionDirectory's plugins", \&install_plugins];
$commands{"--encrypt-passwords"} = ["Encrypt passwords in fusiondirectory.conf", \&encrypt_passwords];
$commands{"--show-version"} = ["Show FusionDirectory version from variables_common.inc", \&show_version];
......@@ -1994,6 +2023,10 @@ This option moves DNS zones from systems branch to DNS branch, which is necessar
This option will migrated old GOsa style acl from 1.0.7 into FusionDirectory acl roles in 1.0.8
=item --delete-gosa-locks
This option will delete old GOsa style lock tokens from 1.0.15 or older
=item --install-plugins
This option will install the plugin from a tar.gz of the plugin. This option is intended for people wanting to install from the sources.
......
This diff is collapsed.
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY-INSERT-SCHEMA 1"
.TH FUSIONDIRECTORY-INSERT-SCHEMA 1 "2016-08-01" "FusionDirectory 1.0.15" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY-INSERT-SCHEMA 1 "2016-08-01" "FusionDirectory 1.0.x" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY-SETUP 1"
.TH FUSIONDIRECTORY-SETUP 1 "2016-08-09" "FusionDirectory 1.0.15" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY-SETUP 1 "2016-10-03" "FusionDirectory 1.0.15" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......@@ -177,6 +177,9 @@ This option moves \s-1DNS\s0 zones from systems branch to \s-1DNS\s0 branch, whi
.IP "\-\-migrate\-acls" 4
.IX Item "--migrate-acls"
This option will migrated old GOsa style acl from 1.0.7 into FusionDirectory acl roles in 1.0.8
.IP "\-\-delete\-gosa\-locks" 4
.IX Item "--delete-gosa-locks"
This option will delete old GOsa style lock tokens from 1.0.15 or older
.IP "\-\-install\-plugins" 4
.IX Item "--install-plugins"
This option will install the plugin from a tar.gz of the plugin. This option is intended for people wanting to install from the sources.
......
......@@ -7,12 +7,14 @@
attributetype ( 1.3.6.1.4.1.10098.1.1.12.2 NAME 'gosaUser'
DESC 'GOsa - DN of a user'
OBSOLETE
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
attributetype ( 1.3.6.1.4.1.10098.1.1.12.3 NAME 'gosaObject'
DESC 'GOsa - DN of an object'
OBSOLETE
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
......@@ -51,10 +53,29 @@ attributetype ( 1.3.6.1.4.1.10098.1.1.12.39 NAME 'gosaSnapshotData'
DESC 'GOsa - Original data of saved object in snapshot'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.38414.62.1.1 NAME 'fdUserDn'
DESC 'GOsa - DN of a user'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.38414.62.1.2 NAME 'fdObjectDn'
DESC 'GOsa - DN of an object'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.38414.62.1.3 NAME 'fdLockTimestamp'
DESC 'FusionDirectory - Lock token timestamp'
EQUALITY generalizedTimeMatch
ORDERING generalizedTimeOrderingMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE )
# Classes
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.2 NAME 'gosaLockEntry' SUP top STRUCTURAL
DESC 'GOsa - Class for GOsa locking'
OBSOLETE
MUST ( gosaUser $ gosaObject $ cn ))
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.4 NAME 'gosaDepartment' SUP top AUXILIARY
......@@ -89,3 +110,7 @@ objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.19 NAME 'gosaSnapshotObject'
MUST ( gosaSnapshotTimestamp $ gosaSnapshotDN $ gosaSnapshotData )
MAY ( description ) )
objectclass ( 1.3.6.1.4.1.38414.62.2.1 NAME 'fdLockEntry' SUP top STRUCTURAL
DESC 'GOsa - Class for FD locking'
MUST ( fdUserDn $ fdObjectDn $ cn $ fdLockTimestamp ))
......@@ -151,20 +151,16 @@ class standAlonePage {
$smarty = get_smarty();
/* Check for SSL connection */
$ssl = "";
$smarty->assign("ssl", "");
if (!isset($_SERVER['HTTPS']) || !stristr($_SERVER['HTTPS'], "on")) {
if (empty($_SERVER['REQUEST_URI'])) {
$ssl = "https://".$_SERVER['HTTP_HOST'].$_SERVER['PATH_INFO'];
} else {
$ssl = "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
}
$ssl = '';
$smarty->assign('ssl', '');
if (!sslOn()) {
$ssl = sslUrl();
/* If SSL is forced, just forward to the SSL enabled site */
if ($config->get_cfg_value("forcessl") == 'TRUE') {
if ($config->get_cfg_value('forcessl') == 'TRUE') {
header("Location: $ssl");
exit;
} elseif ($config->get_cfg_value("warnssl") == 'TRUE') {
} elseif ($config->get_cfg_value('warnssl') == 'TRUE') {
/* Display SSL mode warning? */
$smarty->assign ('ssl', sprintf(_('Warning: <a href="%s">Session is not encrypted!</a>'), $ssl));
}
......@@ -175,20 +171,34 @@ class standAlonePage {
function getPageURL()
{
$pageURL = "http";
if (isset($_SERVER['HTTPS']) && ($_SERVER["HTTPS"] == "on")) {
$pageURL .= "s";
$protocol = 'http';
if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on')) {
$protocol .= 's';
}
$pageURL .= '://';
$port = '80';
if (!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
$pageURL .= $_SERVER['HTTP_X_FORWARDED_HOST'];
} else {
$pageURL .= $_SERVER['SERVER_NAME'];
if ($_SERVER['SERVER_PORT'] != '80') {
$pageURL .= ':'.$_SERVER['SERVER_PORT'];
$host = $_SERVER['HTTP_X_FORWARDED_HOST'];
if (isset($_SERVER['HTTP_X_FORWARDED_PORT'])) {
$port = $_SERVER['HTTP_X_FORWARDED_PORT'];
}
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
$protocol = $_SERVER['HTTP_X_FORWARDED_PROTO'];
}
} else {
$host = $_SERVER['SERVER_NAME'];
$port = $_SERVER['SERVER_PORT'];
}
$pageURL = $protocol.'://';
$pageURL .= $host;
if ($port != '80') {
$pageURL .= ':'.$port;
}
if (empty($_SERVER['PATH_INFO'])) {
$pageURL .= $_SERVER['PHP_SELF'];
} else {
$pageURL .= $_SERVER['PATH_INFO'];
}
$pageURL .= $_SERVER["PHP_SELF"];
return $pageURL;
}
......
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2003-2010 Cajus Pollmeier
Copyright (C) 2011 FusionDirectory
Copyright (C) 2011-2016 FusionDirectory
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -23,20 +23,6 @@ Event.observe(window, 'resize', resizeHandler);
Event.observe(window, 'load', resizeHandler);
Event.observe(window, 'load', initProgressPie);
/* Ask before switching a plugin with this function */
function question(text, url)
{
if(document.mainform.ignore){
location.href= url;
return true;
}
if(confirm(text)){
location.href= url;
return true;
}
return false;
}
/* Toggle checkbox that matches regex */
function chk_set_all(regex,value)
......@@ -119,94 +105,10 @@ function changeState() {
}
}
function changeSelectState(triggerField, myField) {
if (document.getElementById(triggerField).value != 2){
document.getElementById(myField).disabled= true;
} else {
document.getElementById(myField).disabled= false;
}
}
function changeSubselectState(triggerField, myField) {
if (document.getElementById(triggerField).checked == true){
document.getElementById(myField).disabled= false;
} else {
document.getElementById(myField).disabled= true;
}
}
function changeTripleSelectState(firstTriggerField, secondTriggerField, myField) {
if (
document.getElementById(firstTriggerField).checked == true &&
document.getElementById(secondTriggerField).checked == true){
document.getElementById(myField).disabled= false;
} else {
document.getElementById(myField).disabled= true;
}
}
<!-- Second field must be non-checked -->
function changeTripleSelectState_2nd_neg(firstTriggerField, secondTriggerField, myField) {
if (
document.getElementById(firstTriggerField).checked == true &&
document.getElementById(secondTriggerField).checked == false){
document.getElementById(myField).disabled= false;
} else {
document.getElementById(myField).disabled= true;
}
}
function popup(target, name) {
var mypopup=
window.open(
target,
name,
"width=600,height=700,location=no,toolbar=no,directories=no,menubar=no,status=no,scrollbars=yes"
);
mypopup.focus();
return false;
}
function js_check(form) {
form.javascript.value = 'true';
}
function divGOsa_toggle(element) {
var cell;
var cellname="tr_"+(element);
if (Prototype.Browser.Gecko) {
document.poppedLayer = document.getElementById(element);
cell= document.getElementById(cellname);
if (document.poppedLayer.style.visibility == "visible") {
$(element).hide();
cell.style.height="0px";
document.poppedLayer.style.height="0px";
} else {
$(element).show();
document.poppedLayer.style.height="";
if(document.defaultView) {
cell.style.height=document.defaultView.getComputedStyle(document.poppedLayer,"").getPropertyValue('height');
}
}
} else if (Prototype.Browser.IE) {
document.poppedLayer = document.getElementById(element);
cell= document.getElementById(cellname);
if (document.poppedLayer.style.visibility == "visible") {
$(element).hide();
cell.style.height="0px";
document.poppedLayer.style.height="0px";
document.poppedLayer.style.position="absolute";
} else {
$(element).show();
cell.style.height="";
document.poppedLayer.style.height="";
document.poppedLayer.style.position="relative";
}
}
}
function resizeHandler (e) {
if (!e) e=window.event;
if (document.getElementById("menucell") && document.getElementById("d_scrollbody")) {
......
......@@ -248,8 +248,12 @@ class Index {
$cfg['tls'] = ($config->get_cfg_value('ldapTLS') == 'TRUE');
$str = check_schema($cfg);
foreach ($str as $tr) {
if (isset($tr['IS_MUST_HAVE']) && !$tr['STATUS']) {
return _('LDAP schema check reported errors:').'<br/><br/><i>'.$tr['MSG'].'</i>';
if (!$tr['STATUS']) {
if ($tr['IS_MUST_HAVE']) {
return _('LDAP schema check reported errors:').'<br/><br/><i>'.$tr['MSG'].'</i>';
} else {
msg_dialog::display(_('LDAP schema error'), $tr['MSG'], WARNING_DIALOG);
}
}
}
return TRUE;
......
list-add.png
\ No newline at end of file
go-down.png
\ No newline at end of file
go-next.png
\ No newline at end of file
go-previous.png
\ No newline at end of file
list-remove.png
\ No newline at end of file
view-refresh.png
\ No newline at end of file
go-up.png
\ No newline at end of file
accessories-text-editor.png
\ No newline at end of file
preferences-desktop.png
\ No newline at end of file
media-optical.png
\ No newline at end of file