Commit 36bc9343 authored by Côme Chilliet's avatar Côme Chilliet
Browse files

Fixes #4556 Added GeneralizedTimeDateAttribute attribute

parent 3264ee80
......@@ -19,7 +19,7 @@
*/
/*! \file class_ldapGeneralizedTime.inc
\brief ldapGeneralizedTime allows you to convert from and to LDAP GeneralizedTime format PHP DateTime objects
\brief LdapGeneralizedTime allows you to convert from and to LDAP GeneralizedTime format PHP DateTime objects
ABNF syntax was taken from RFC 4517 - https://tools.ietf.org/html/rfc4517#page-13
......@@ -32,25 +32,25 @@
'19941216101255,5Z'
*/
/*! \class ldapGeneralizedTimeBadFormatException
\brief Exception class which can be thrown by ldapGeneralizedTime if the format does not match
/*! \class LdapGeneralizedTimeBadFormatException
\brief Exception class which can be thrown by LdapGeneralizedTime if the format does not match
*/
class ldapGeneralizedTimeBadFormatException extends Exception {};
class LdapGeneralizedTimeBadFormatException extends Exception {};
/*! \class ldapGeneralizedTime
\brief ldapGeneralizedTime allows you to convert from and to LDAP GeneralizedTime format PHP DateTime objects
/*! \class LdapGeneralizedTime
\brief LdapGeneralizedTime allows you to convert from and to LDAP GeneralizedTime format PHP DateTime objects
This class provides function to convert from LDAP GeneralizedTime to DateTime and the other way.
Please note that leap seconds will be lost as PHP has no support for it (see https://bugs.php.net/bug.php?id=70335). 01:60 will become 02:00.
Also, this class does not support fraction of hours or fraction of minutes (fraction of seconds are supported).
*/
class ldapGeneralizedTime
class LdapGeneralizedTime
{
/*!
\brief Convert from LDAP GeneralizedTime formatted string to DateTime object
\param string GeneralizedTime formatted string to convert
\param useException Whether or not to throw a ldapGeneralizedTimeBadFormatException on failure. Defaults to TRUE.
\param useException Whether or not to throw a LdapGeneralizedTimeBadFormatException on failure. Defaults to TRUE.
*/
public static function fromString ($string, $useException = TRUE)
{
......@@ -105,7 +105,7 @@ class ldapGeneralizedTime
$date->setTimezone(new DateTimeZone('UTC'));
return $date;
} elseif ($useException) {
throw new ldapGeneralizedTimeBadFormatException("$string does not match LDAP GeneralizedTime format");
throw new LdapGeneralizedTimeBadFormatException("$string does not match LDAP GeneralizedTime format");
} else {
return FALSE;
}
......
......@@ -1525,6 +1525,29 @@ class DateAttribute extends Attribute
}
}
class GeneralizedTimeDateAttribute extends DateAttribute
{
function __construct ($label, $description, $ldapName, $required, $defaultValue = 'now', $acl = "")
{
parent::__construct($label, $description, $ldapName, $required, '', $defaultValue, $acl);
}
protected function ldapToDate($ldapValue)
{
try {
return LdapGeneralizedTime::fromString($ldapValue);
} catch (LdapGeneralizedTimeBadFormatException $e) {
trigger_error('LDAP value "'.$ldapValue.'" for '.$this->getLdapName().' is not in the right date format.');
return new DateTime($ldapValue, timezone::utc());
}
}
protected function dateToLdap($dateValue)
{
return LdapGeneralizedTime::toString($dateValue);
}
}
/*! \brief This class allow to handle easily an File LDAP attribute
*
*/
......
......@@ -600,7 +600,8 @@ class user extends simplePlugin
$length = $policy['pwdMinLength'][0];
}
if (isset($policy['pwdMinAge'][0]) && isset($attrs['pwdChangedTime'][0])) {
$date = DateTime::createFromFormat('YmdHis\Z', $attrs['pwdChangedTime'][0], timezone::utc());
$date = LdapGeneralizedTime::fromString($attrs['pwdChangedTime'][0]);
$date->setTimezone(timezone::utc());
$now = new DateTime('now', timezone::utc());
if ($now->getTimeStamp() < $date->getTimeStamp() + $policy['pwdMinAge'][0]) {
return sprintf(_('You must wait %d seconds before changing your password again'), $policy['pwdMinAge'][0] - ($now->getTimeStamp() - $date->getTimeStamp()));
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment