Skip to content
GitLab
Select Git revision
  • dev default
  • 6378-orcid-test-method-is-wrong-and-break-orcid-saving
  • core-php8
  • master
  • 6342-update-the-locales-for-1-5
  • 6344-template-issue-when-creating-a-template-with-empty-password-error-message-should-not-be-seen
  • 6365-core-locking-mechanism-is-not-changing-the-mail-ressource-it-does-lock-the-mail-account
  • 6365-core-when-lock-mechanism-is-trigger-the-user-should-not-be-editable-if-not-unlock
  • fusiondirectory-1.5
  • fusiondirectory-1.4
  • fusiondirectory-1.3.1
  • fusiondirectory-1.3
  • fusiondirectory-1.2.3
  • fusiondirectory-1.2.2
  • fusiondirectory-1.2.1
  • fusiondirectory-1.2
  • fusiondirectory-1.1.1
  • fusiondirectory-1.1
  • fusiondirectory-1.0.20
  • fusiondirectory-1.0.19
  • fusiondirectory-1.0.18
  • fusiondirectory-1.0.17
  • fusiondirectory-1.0.16
  • fusiondirectory-1.0.15
  • fusiondirectory-1.0.14
  • fusiondirectory-1.0.13
  • fusiondirectory-1.0.12
  • fusiondirectory-1.0.11
Find file BlameHistoryPermalink
class_configInLdap.inc 21.41 KiB
1 
<?php
2 
/*
3 
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
4
5 
  Copyright (C) 2012-2019 FusionDirectory
6
7 
  This program is free software; you can redistribute it and/or modify
8 
  it under the terms of the GNU General Public License as published by
9 
  the Free Software Foundation; either version 2 of the License, or
10 
  (at your option) any later version.
11
12 
  This program is distributed in the hope that it will be useful,
13 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
14 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 
  GNU General Public License for more details.
16
17 
  You should have received a copy of the GNU General Public License
18 
  along with this program; if not, write to the Free Software
19 
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
20 
*/
21
22 
class configInLdap extends simplePlugin
23 
{
24 
  static function plInfo (): array
25 
  {
26 
    return [
27 
      'plShortName'     => _('Configuration'),
28 
      'plTitle'         => _('FusionDirectory configuration'),
29 
      'plDescription'   => _('Configuration screen of FusionDirectory'),
30 
      'plIcon'          => 'geticon.php?context=categories&icon=settings&size=48',
31 
      'plObjectClass'   => ['fusionDirectoryConf'],
32 
      'plObjectType'    => [
33 
        'configuration' => [
34 
          'name'      => _('FusionDirectory configuration'),
35 
          'filter'    => 'objectClass=fusionDirectoryConf',
36 
          'tabClass'  => 'configInLdapTabs',
37 
          'icon'      => 'geticon.php?context=categories&icon=settings&size=16',
38 
          'mainAttr'  => FALSE,
39 
          'ou'        => preg_replace('/^[^,]+,/', '', CONFIGRDN)
40 
        ]
41 
      ],
42 
      'plSection'       => ['conf' => ['name' => _('Configuration'), 'priority' => 20]],
43 
      'plManages'       => ['configuration'],
44 
      'plPriority'      => 0,
45
46 
      'plProvidedAcls'  => parent::generatePlProvidedAcls(static::getAttributesInfo())
47 
    ];
48 
  }
49
50 
  static function getAttributesInfo (): array
51 
  {
52 
    global $config;
53
54 
    return [
55 
      'look_n_feel' => [
56 
        'name'  => _('Look and feel'),
57 
        'attrs' => [
58 
          new SelectAttribute(
59 
            _('Language'), _('Language of the application. If \'automatic\' or not available, the one asked by the browser will be used. This setting can be overriden per user.'),
60 
            'fdLanguage', FALSE,
61 
            ['']
62 
          ),
63 
          new SelectAttribute(
64 
            _('Theme'), _('Theme to be used'),
65 
            'fdTheme', TRUE,
66 
            static::get_themes(),
67 
            'breezy'
68 
          ),
69 
          new SelectAttribute(
70 
            _('Timezone'), _('Timezone to be used'),
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
'fdTimezone', TRUE, ['America/New_York'] ), new HiddenAttribute('fusionConfigMd5'), new HiddenAttribute('fdIncrementalModifierStates'), ] ], 'core_settings' => [ 'name' => _('Core settings'), 'attrs' => [ new IntAttribute( _('LDAP size limit'), _('Defines the number of entries to get from LDAP by default.'), 'fdLdapSizeLimit', FALSE, 0 /*min*/, FALSE /*no max*/, 200 ), new SelectAttribute( _('Edit locking'), _('Check if a entry currently being edited has been modified outside of FusionDirectory in the meantime.'), 'fdModificationDetectionAttribute', FALSE, ['', 'entryCSN', 'contextCSN'], 'entryCSN' ), new BooleanAttribute( _('Enable logging'), _('Event logging on FusionDirectory side.'), 'fdLogging', FALSE, TRUE ), new BooleanAttribute( _('Schema validation'), _('Enables schema checking during login.'), 'fdSchemaCheck', FALSE, TRUE ), new BooleanAttribute( _('Enable snapshots'), _('This enables you to save certain states of entries and restore them later on.'), 'fdEnableSnapshots', FALSE, TRUE ), new StringAttribute( _('Snapshot base'), _('The base where snapshots should be stored inside of the LDAP.'), 'fdSnapshotBase', FALSE, 'ou=snapshots,'.$config->current['BASE'] ), new BooleanAttribute( _('Wildcard foreign keys'), _('Enables wildcard searches like member=* when moving a whole department. This will open all existing groups and roles to make sure foreign keys are respected. Slow on big trees.'), 'fdWildcardForeignKeys', FALSE, TRUE ), ] ], 'password' => [ 'name' => _('Password settings'), 'attrs' => [ new SetAttribute( new SelectAttribute( _('Allowed password hashes'), _('Password hashes which may be used for user passwords'), 'fdPasswordAllowedHashes', TRUE, ['ssha'] ) ), new SelectAttribute( _('Password default hash'), _('Default hash to be used'), 'fdPasswordDefaultHash', TRUE, ['ssha'] ), new BooleanAttribute( _('Force default hash'), _('Force the use of the default password hash'), 'fdForcePasswordDefaultHash' ), new IntAttribute(
141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
_('Password minimum length'), _('Minimum length of user passwords'), 'fdPasswordMinLength', FALSE, 0 /*min*/, FALSE /*no max*/ ), new IntAttribute( _('Password minimum differs'), _('Minimum number of different characters from last password'), 'fdPasswordMinDiffer', FALSE, 0 /*min*/, FALSE /*no max*/ ), new BooleanAttribute( _('Use account expiration'), _('Enables shadow attribute tests during the login to FusionDirectory and forces password renewal or account locking'), 'fdHandleExpiredAccounts' ), new StringAttribute( _('SASL Realm'), _('SASL Realm'), 'fdSaslRealm' ), new StringAttribute( _('SASL Exop'), _('Attribute to be stored in the userPassword attribute'), 'fdSaslExop' ), ] ], 'login' => [ 'name' => _('Login and session'), 'attrs' => [ new SelectAttribute( _('Login attribute'), _('Which LDAP attribute should be used as the login name during login.'), 'fdLoginAttribute', TRUE, ['uid', 'mail', 'uid,mail'], 'uid', ['uid', 'mail', 'both'] ), new BooleanAttribute( _('Enforce encrypted connections'), _('Enables PHP security checks to force encrypted access (https) to the web interface.'), 'fdForceSSL' ), new BooleanAttribute( _('Warn if session is not encrypted'), _('will display a warning to the user when http is used instead of https.'), 'fdWarnSSL', FALSE, TRUE ), new IntAttribute( _('Session lifetime'), _('Defines when a session will expire in seconds (0 to disable).'), 'fdSessionLifeTime', TRUE, 0 /*min*/, FALSE /*no max*/, 1800 ), new SelectAttribute( _('Login method'), _('Which login method should be used for connecting to FusionDirectory'), 'fdLoginMethod', TRUE ), new StringAttribute( _('Header name'), _('Name of the header containing user identifier.'), 'fdHttpHeaderAuthHeaderName', FALSE, 'AUTH_USER' ), ] ], 'ssl' => [ 'name' => _('SSL'), 'attrs' => [ new TrimmedStringAttribute( _('Key path'), _('Path to FusionDirectory private key. Unused for now.'), 'fdSslKeyPath', FALSE, '/etc/ssl/private/fd.key' ),