Skip to content
GitLab
Select Git revision
  • dev default
  • 6378-orcid-test-method-is-wrong-and-break-orcid-saving
  • core-php8
  • master
  • 6342-update-the-locales-for-1-5
  • 6344-template-issue-when-creating-a-template-with-empty-password-error-message-should-not-be-seen
  • 6365-core-locking-mechanism-is-not-changing-the-mail-ressource-it-does-lock-the-mail-account
  • 6365-core-when-lock-mechanism-is-trigger-the-user-should-not-be-editable-if-not-unlock
  • fusiondirectory-1.5
  • fusiondirectory-1.4
  • fusiondirectory-1.3.1
  • fusiondirectory-1.3
  • fusiondirectory-1.2.3
  • fusiondirectory-1.2.2
  • fusiondirectory-1.2.1
  • fusiondirectory-1.2
  • fusiondirectory-1.1.1
  • fusiondirectory-1.1
  • fusiondirectory-1.0.20
  • fusiondirectory-1.0.19
  • fusiondirectory-1.0.18
  • fusiondirectory-1.0.17
  • fusiondirectory-1.0.16
  • fusiondirectory-1.0.15
  • fusiondirectory-1.0.14
  • fusiondirectory-1.0.13
  • fusiondirectory-1.0.12
  • fusiondirectory-1.0.11
Find file BlameHistoryPermalink
class_user.inc 23.54 KiB
1 
<?php
2 
/*
3 
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
4 
  Copyright (C) 2013-2018  FusionDirectory
5
6 
  This program is free software; you can redistribute it and/or modify
7 
  it under the terms of the GNU General Public License as published by
8 
  the Free Software Foundation; either version 2 of the License, or
9 
  (at your option) any later version.
10
11 
  This program is distributed in the hope that it will be useful,
12 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
13 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14 
  GNU General Public License for more details.
15
16 
  You should have received a copy of the GNU General Public License
17 
  along with this program; if not, write to the Free Software
18 
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
19 
*/
20
21 
/* Handle a password and its hash method */
22 
class UserPasswordAttribute extends CompositeAttribute
23 
{
24 
  protected $needPassword;
25 
  protected $previousMethod;
26
27 
  function __construct ($label, $description, $ldapName, $required = FALSE, $defaultValue = "", $acl = "")
28 
  {
29 
    $temp = passwordMethod::get_available_methods();
30
31 
    /* Create password methods array */
32 
    $pwd_methods = [];
33 
    $this->needPassword = [];
34 
    foreach ($temp['name'] as $id => $name) {
35 
      $this->needPassword[$name] = $temp[$id]['object']->need_password();
36 
      $pwd_methods[$name] = $name;
37 
      if (!empty($temp[$id]['desc'])) {
38 
        $pwd_methods[$name] .= " (".$temp[$id]['desc'].")";
39 
      }
40 
    }
41
42 
    parent::__construct (
43 
      $description, $ldapName,
44 
      [
45 
        new SelectAttribute(
46 
          _('Password method'), _('Password hash method to use'),
47 
          $ldapName.'_pwstorage', TRUE,
48 
          array_keys($pwd_methods), '', array_values($pwd_methods)
49 
        ),
50 
        new PasswordAttribute(
51 
          _('Password'), _('Password (Leave empty if you do not wish to change it)'),
52 
          $ldapName.'_password', $required
53 
        ),
54 
        new PasswordAttribute(
55 
          _('Password again'), _('Same password as above, to avoid errors'),
56 
          $ldapName.'_password2', $required
57 
        ),
58 
        new HiddenAttribute(
59 
          $ldapName.'_hash'
60 
        ),
61 
        new HiddenAttribute(
62 
          $ldapName.'_locked', FALSE,
63 
          FALSE
64 
        )
65 
      ],
66 
      '', '', $acl, $label
67 
    );
68 
    $this->attributes[0]->setSubmitForm(TRUE);
69 
  }
70
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
public function setParent (&$plugin) { global $config; parent::setParent($plugin); if (is_object($this->plugin)) { $hash = $config->get_cfg_value('passwordDefaultHash', 'ssha'); $this->attributes[0]->setDefaultValue($hash); if ($config->get_cfg_value('forcePasswordDefaultHash', 'FALSE') == 'TRUE') { $this->attributes[0]->setValue($hash); $this->attributes[0]->setDisabled(TRUE); } $this->checkIfMethodNeedsPassword(); } } /* We need to handle method select disabling manually */ function renderAttribute (&$attributes, $readOnly) { global $config; if ($this->visible) { if ($this->linearRendering) { parent::renderAttribute($attributes, $readOnly); } else { foreach ($this->attributes as $key => &$attribute) { if (is_object($this->plugin) && $this->plugin->is_template && ($key == 2)) { /* Do not display confirmation field in template mode */ continue; } if (($key == 0) && ($config->get_cfg_value('forcePasswordDefaultHash', 'FALSE') == 'TRUE')) { $attribute->setDisabled(TRUE); } else { $attribute->setDisabled($this->disabled); } $attribute->renderAttribute($attributes, $readOnly); } unset($attribute); } } } /*! \brief Loads this attribute value from the attrs array */ protected function loadAttrValue ($attrs) { if (isset($attrs[$this->getLdapName()])) { $this->setValue($this->inputValue($attrs[$this->getLdapName()][0])); $this->setRequired(FALSE); $this->attributes[1]->setRequired(FALSE); $this->attributes[2]->setRequired(FALSE); } else { $this->setRequired(TRUE); $this->attributes[0]->resetToDefault(); $this->attributes[1]->setRequired(TRUE); $this->attributes[2]->setRequired(TRUE); $this->checkIfMethodNeedsPassword(); } } function setValue ($value) { reset($value); $key = key($value); if ($this->attributes[0]->isDisabled() || ($value[$key] == '')) { $value[$key] = $this->attributes[0]->getValue(); } parent::setValue($value); $this->checkIfMethodNeedsPassword(); } function applyPostValue ()
141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
{ parent::applyPostValue(); $this->checkIfMethodNeedsPassword(); } function checkIfMethodNeedsPassword () { $method = $this->attributes[0]->getValue(); if ($method != $this->previousMethod) { if ($this->needPassword[$method]) { $this->attributes[1]->setVisible(TRUE); $this->attributes[2]->setVisible(TRUE); } else { $this->attributes[1]->setVisible(FALSE); $this->attributes[1]->setValue(''); $this->attributes[2]->setVisible(FALSE); $this->attributes[2]->setValue(''); } } $this->previousMethod = $method; } function readValues ($value) { global $config; $pw_storage = $config->get_cfg_value('passwordDefaultHash', 'ssha'); $locked = FALSE; $password = ''; if ($this->plugin->is_template) { list($value, $password) = explode('|', $value, 2); } if (preg_match ('/^{[^}]+}/', $value)) { $tmp = passwordMethod::get_method($value); if (is_object($tmp)) { $pw_storage = $tmp->get_hash(); $locked = $tmp->is_locked($this->plugin->dn); if ($this->plugin->is_template) { $value = $tmp->generate_hash($password); } } } else { if ($value != '') { $pw_storage = 'clear'; } } return [$pw_storage, $password, $password, $value, $locked]; } function writeValues ($values) { if ($this->needPassword[$values[0]] && ($values[1] == '')) { if ($this->plugin->is_template) { return ''; } else { return $values[3]; } } $temp = passwordMethod::get_available_methods(); if (!isset($temp[$values[0]])) { trigger_error('Unknown password method '.$values[0]); return $values[3]; } $test = new $temp[$values[0]]($this->plugin->dn, $this->plugin); $test->set_hash($values[0]); if ($this->plugin->is_template) { return $test->generate_hash($values[1]).'|'.$values[1]; } else { return $test->generate_hash($values[1]); } }