Skip to content
GitLab
Select Git revision
Find file BlameHistoryPermalink
class_userManagement.inc 6.86 KiB
1 
<?php
2 
/*
3 
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
4 
  Copyright (C) 2003  Cajus Pollmeier
5 
  Copyright (C) 2011-2018  FusionDirectory
6
7 
  This program is free software; you can redistribute it and/or modify
8 
  it under the terms of the GNU General Public License as published by
9 
  the Free Software Foundation; either version 2 of the License, or
10 
  (at your option) any later version.
11
12 
  This program is distributed in the hope that it will be useful,
13 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
14 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 
  GNU General Public License for more details.
16
17 
  You should have received a copy of the GNU General Public License
18 
  along with this program; if not, write to the Free Software
19 
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
20 
*/
21
22 
class LockAction extends Action
23 
{
24 
  function __construct($name, $targets, $callable, array $acl = array(), $inmenu = TRUE, $inline = TRUE)
25 
  {
26 
    parent::__construct(
27 
      $name,
28 
      array('lock' => _('Lock users'), 'unlock' => _('Unlock users')),
29 
      array(
30 
        'lock'    => 'geticon.php?context=status&icon=object-locked&size=16',
31 
        'unlock'  => 'geticon.php?context=status&icon=object-unlocked&size=16',
32 
      ),
33 
      $targets, $callable, $acl, $inmenu, $inline);
34 
  }
35
36 
  function isLocked(ListingEntry $entry)
37 
  {
38 
    if (isset($entry['userPassword']) && preg_match('/^\{[^\}]/', $entry['userPassword'])) {
39 
      if (preg_match('/^[^\}]*+\}!/', $entry['userPassword'])) {
40 
        return TRUE;
41 
      } else {
42 
        return FALSE;
43 
      }
44 
    }
45 
    return NULL;
46 
  }
47
48 
  function fillMenuItems(&$actions)
49 
  {
50 
    if (!$this->inmenu) {
51 
      return;
52 
    }
53
54 
    if (!$this->hasPermission($this->parent->listing->getBase())) {
55 
      return;
56 
    }
57
58 
    $actions[] = array(
59 
      'name'      => $this->name.'_lock',
60 
      'icon'      => $this->icon['lock'],
61 
      'label'     => $this->label['lock'],
62 
      'enabled'   => $this->isEnabledFor(),
63 
      'separator' => $this->separator,
64 
    );
65
66 
    $actions[] = array(
67 
      'name'      => $this->name.'_unlock',
68 
      'icon'      => $this->icon['unlock'],
69 
      'label'     => $this->label['unlock'],
70 
      'enabled'   => $this->isEnabledFor(),
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
'separator' => FALSE, ); } function fillRowClasses(&$classes, ListingEntry $entry) { if ($this->isLocked($entry) === TRUE) { $classes[] = 'entry-locked'; } } function renderColumnIcons(ListingEntry $entry) { if (!$this->inline) { return ''; } // Skip the entry completely if there's no permission to execute it if (!$this->hasPermission($entry->dn, $entry->getTemplatedType(), $entry->isTemplate())) { return '<img src="images/empty.png" alt=" " class="center optional"/>'; } $lockStatus = $this->isLocked($entry); if ($lockStatus === NULL) { return '<img src="images/empty.png" alt=" " class="center optional"/>'; } elseif ($lockStatus) { // Render return '<input type="image" src="'.htmlentities($this->icon['lock'], ENT_COMPAT, 'UTF-8').'"'. ' title="'.$this->label['unlock'].'" alt="'.$this->label['unlock'].'" name="listing_'.$this->name.'_unlock_'.$entry->row.'"/>'; } else { return '<input type="image" src="'.htmlentities($this->icon['unlock'], ENT_COMPAT, 'UTF-8').'"'. ' title="'.$this->label['lock'].'" alt="'.$this->label['lock'].'" name="listing_'.$this->name.'_lock_'.$entry->row.'"/>'; } } } class userManagement extends management { public $neededAttrs = array('userPassword' => '1'); public static $skipTemplates = FALSE; public static $columns = array( array('ObjectTypeColumn', array()), array('LinkColumn', array('attribute' => 'sn', 'label' => 'Last name')), array('LinkColumn', array('attribute' => 'givenName', 'label' => 'First name')), array('Column', array('attribute' => 'uid', 'label' => 'Login')), array('PropertiesColumn', array('label' => 'Properties')), array('ActionsColumn', array('label' => 'Actions')), ); static function plInfo() { return array( 'plShortName' => _('Users'), 'plTitle' => _('Manage users'), 'plDescription' => _('Manage user accounts and their properties'), 'plIcon' => 'geticon.php?context=types&icon=user&size=48', 'plSection' => 'accounts', 'plManages' => array('user'), 'plPriority' => 10, 'plProvidedAcls' => array() ); } protected function configureActions() { parent::configureActions();
141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
$this->registerAction( new LockAction( 'lockUsers', '+', 'lockUsers', array('userPassword:rw'), TRUE, TRUE ) ); $this->actions['lockUsers']->setSeparator(TRUE); } /* !\brief Lock/unlock multiple users. */ function lockUsers(array $action) { global $config, $ui; @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $action, 'Lock'); // Filter out entries we are not allowed to modify $disallowed = array(); $allowed = array(); foreach ($action['targets'] as $dn) { if (strpos($ui->get_permissions($dn, 'user/user', 'userLock'), 'w') === FALSE) { $disallowed[] = $dn; } else { $allowed[] = $dn; } } if (count($disallowed)) { msg_dialog::display(_('Permission'), msgPool::permModify($disallowed), INFO_DIALOG); } // Try to lock/unlock the rest of the entries. foreach ($allowed as $dn) { // We can't lock empty passwords. $entry = $this->listing->getEntry($dn); if (!isset($entry['userPassword'])) { continue; } // Detect the password method and try to lock/unlock. $pwd = $entry['userPassword']; $method = passwordMethod::get_method($pwd, $dn); $success = TRUE; if ($method instanceOf passwordMethod) { if (!$method->is_lockable()) { $hn = $method->get_hash_name(); if (is_array($hn)) { $hn = $hn[0]; } msg_dialog::display(_('Account locking'), sprintf(_('Password method "%s" does not support locking. Account "%s" has not been locked!'), $hn, $dn), ERROR_DIALOG); return; } if (($action['subaction'] == 'lock') && !$method->is_locked($dn)) { $success = $method->lock_account($dn); } elseif (($action['subaction'] == 'unlock') && $method->is_locked($dn)) { $success = $method->unlock_account($dn); } // Check if everything went fine. if (!$success) { $hn = $method->get_hash_name(); if (is_array($hn)) { $hn = $hn[0]; } msg_dialog::display(_('Account locking'), sprintf(_('Locking failed using password method "%s". Account "%s" has not been locked!'), $hn, $dn), ERROR_DIALOG);
211212213214215216217
} } } } } ?>