-
Verified331ccf95
<?php/* This code is part of FusionDirectory (http://www.fusiondirectory.org/) Copyright (C) 2003-2010 Cajus Pollmeier Copyright (C) 2011-2020 FusionDirectory This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.*//*! * \file class_userinfo.inc * Source code for the class userinfo *//* Define shadow states */define('POSIX_ACCOUNT_EXPIRED', 1);define('POSIX_WARN_ABOUT_EXPIRATION', 2);define('POSIX_FORCE_PASSWORD_CHANGE', 4);define('POSIX_DISALLOW_PASSWORD_CHANGE', 8);/*! * \brief Class userinfo * This class contains all informations and functions * about user */class userinfo{ var $dn; var $cn; var $uid; var $sn = ''; var $givenName = ''; var $gidNumber = -1; var $language = ""; var $groups = []; var $roles = []; var $mail = ''; /*! \brief LDAP attributes of this user at login */ protected $cachedAttrs = []; protected $result_cache = []; protected $ignoreACL = FALSE; protected $ACL = []; protected $ACLperPath = []; /*! \brief LDAP size limit handler */ protected $sizeLimitHandler; /*! \brief Current management base */ protected $currentBase; /*! \brief Password change should be forced */ protected $forcePasswordChange = FALSE; function __construct ($userdn)7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
{
global $config;
$this->dn = $userdn;
$this->ignoreACL = ($config->get_cfg_value('ignoreAcl') == $this->dn);
$this->loadLDAPInfo();
/* Initialize ACL_CACHE */
$this->reset_acl_cache();
$this->sizeLimitHandler = new ldapSizeLimit();
}
/*! \brief Loads user information from LDAP */
function loadLDAPInfo ()
{
global $config;
$ldap = $config->get_ldap_link();
$ldap->cat($this->dn, ['*']);
$attrs = $ldap->fetch(TRUE);
if (!$ldap->success()) {
throw new FusionDirectoryLdapError($this->dn, LDAP_SEARCH, $ldap->get_error(), $ldap->get_errno());
}
$this->uid = $attrs['uid'][0];
if (isset($attrs['cn'][0])) {
$this->cn = $attrs['cn'][0];
} elseif (isset($attrs['givenName'][0]) && isset($attrs['sn'][0])) {
$this->cn = $attrs['givenName'][0].' '.$attrs['sn'][0];
} else {
$this->cn = $attrs['uid'][0];
}
if (isset($attrs['gidNumber'][0])) {
$this->gidNumber = $attrs['gidNumber'][0];
}
if (isset($attrs['sn'][0])) {
$this->sn = $attrs['sn'][0];
}
if (isset($attrs['givenName'][0])) {
$this->givenName = $attrs['givenName'][0];
}
if (isset($attrs['mail'][0])) {
$this->mail = $attrs['mail'][0];
}
/* Assign user language */
if (isset($attrs['preferredLanguage'][0])) {
$this->language = $attrs['preferredLanguage'][0];
}
$this->cachedAttrs = $attrs;
}
/*!
* \brief Reset acl cache
*/
public function reset_acl_cache ()
{
/* Initialize ACL_CACHE */
session::set('ACL_CACHE', []);
}
/*!
* \brief Load an acl
*/
function loadACL ()
{
global $config, $plist;