HomeLab/ldap-user-manager
2
0
Fork 0
mirror of https://github.com/wheelybird/ldap-user-manager.git synced 2025-01-18 23:42:54 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add attribute fields for groups and allow user-defined attributes to be displayed. Move alert banner JS to a function.

Browse Source
This commit is contained in:
Brian Lycett 2022-04-04 13:55:56 +01:00
parent 2ff87e98dc
commit 9092a3a39b
8 changed files with 427 additions and 371 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
www/account_manager/groups.php
View File

@ -14,37 +14,18 @@ $ldap_connection = open_ldap_connection();
if (isset($_POST['delete_group'])) { if (isset($_POST['delete_group'])) {
?>
<script>
window.setTimeout(function() {
$(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); });
}, 4000);
</script>
<?php
$this_group = $_POST['delete_group']; $this_group = $_POST['delete_group'];
$this_group = urldecode($this_group); $this_group = urldecode($this_group);
$del_group = ldap_delete_group($ldap_connection,$this_group); $del_group = ldap_delete_group($ldap_connection,$this_group);
if ($del_group) { if ($del_group) {
?> render_alert_banner("Group <strong>$this_group</strong> was deleted.");
<div class="alert alert-success" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">Group <strong><?php print $this_group; ?> was deleted.</p>
</div>
<?php
} }
else { else {
?> render_alert_banner("Group <strong>$this_group</strong> wasn't deleted. See the logs for more information.","danger",15000);
<div class="alert alert-danger" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">Group <strong><?php print $this_group; ?></strong> wasn't deleted.</p>
</div>
<?php
} }
} }
$groups = ldap_get_group_list($ldap_connection); $groups = ldap_get_group_list($ldap_connection);

24
www/account_manager/index.php
View File

@ -14,39 +14,21 @@ $ldap_connection = open_ldap_connection();
if (isset($_POST['delete_user'])) { if (isset($_POST['delete_user'])) {
?>
<script>
window.setTimeout(function() {
$(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); });
}, 4000);
</script>
<?php
$this_user = $_POST['delete_user']; $this_user = $_POST['delete_user'];
$this_user = urldecode($this_user); $this_user = urldecode($this_user);
$del_user = ldap_delete_account($ldap_connection,$this_user); $del_user = ldap_delete_account($ldap_connection,$this_user);
if ($del_user) { if ($del_user) {
?> render_alert_banner("User <strong>$this_user</strong> was deleted.");
<div class="alert alert-success" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">User <strong><?php print $this_user; ?> was deleted.</p>
</div>
<?php
} }
else { else {
?> render_alert_banner("User <strong>$this_user</strong> wasn't deleted. See the logs for more information.","danger",15000);
<div class="alert alert-danger" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">User <strong><?php print $this_user; ?></strong> wasn't deleted.</p>
</div>
<?php
} }
} }
#'
$people = ldap_get_user_list($ldap_connection); $people = ldap_get_user_list($ldap_connection);
?> ?>

7
www/account_manager/new_user.php
View File

@ -6,7 +6,11 @@ include_once "web_functions.inc.php";
include_once "ldap_functions.inc.php"; include_once "ldap_functions.inc.php";
include_once "module_functions.inc.php"; include_once "module_functions.inc.php";
$attribute_map = ldap_complete_account_attribute_array(); $attribute_map = $LDAP['default_attribute_map'];
if (isset($LDAP['account_additional_attributes'])) { $attribute_map = ldap_complete_attribute_array($attribute_map,$LDAP['account_additional_attributes']); }
if (! array_key_exists($LDAP['account_attribute'], $attribute_map)) {
$attribute_r = array_merge($attribute_map, array($LDAP['account_attribute'] => array("label" => "Account UID")));
}
if ( isset($_POST['setup_admin_account']) ) { if ( isset($_POST['setup_admin_account']) ) {
$admin_setup = TRUE; $admin_setup = TRUE;
@ -321,7 +325,6 @@ $tabindex=1;
<input type="hidden" name="create_account"> <input type="hidden" name="create_account">
<input type="hidden" id="pass_score" value="0" name="pass_score"> <input type="hidden" id="pass_score" value="0" name="pass_score">
<?php <?php
foreach ($attribute_map as $attribute => $attr_r) { foreach ($attribute_map as $attribute => $attr_r) {
$label = $attr_r['label']; $label = $attr_r['label'];

165
www/account_manager/show_group.php
View File

@ -12,7 +12,6 @@ render_submenu();
$ldap_connection = open_ldap_connection(); $ldap_connection = open_ldap_connection();
if (!isset($_POST['group_name']) and !isset($_GET['group_name'])) { if (!isset($_POST['group_name']) and !isset($_GET['group_name'])) {
?> ?>
<div class="alert alert-danger"> <div class="alert alert-danger">
@ -41,6 +40,12 @@ exit(0);
###################################################################################### ######################################################################################
$initialise_group = FALSE; $initialise_group = FALSE;
$attribute_map = $LDAP['default_group_attribute_map'];
if (isset($LDAP['group_additional_attributes'])) {
$attribute_map = ldap_complete_attribute_array($attribute_map,$LDAP['group_additional_attributes']);
}
$to_update = array();
$this_group = array();
if (isset($_POST['new_group'])) { if (isset($_POST['new_group'])) {
$new_group = TRUE; $new_group = TRUE;
@ -57,18 +62,58 @@ elseif (isset($_POST['initialise_group'])) {
} }
else { else {
$new_group = FALSE; $new_group = FALSE;
$initialise_group = TRUE;
$current_members = ldap_get_group_members($ldap_connection,$group_cn); $current_members = ldap_get_group_members($ldap_connection,$group_cn);
$full_dn = ldap_get_dn_of_group($ldap_connection,$group_cn); $this_group = ldap_get_group_entry($ldap_connection,$group_cn);
$full_dn = $this_group[0]['dn'];
$has_been = "updated"; $has_been = "updated";
} }
foreach ($attribute_map as $attribute => $attr_r) {
if (isset($this_group[0][$attribute]) and $this_group[0][$attribute]['count'] > 0) {
$$attribute = $this_group[0][$attribute];
}
else {
$$attribute = array();
}
if (isset($_POST[$attribute])) {
$this_attribute = array();
if (is_array($_POST[$attribute])) {
$this_attribute['count'] = count($_POST[$attribute]);
foreach($_POST[$attribute] as $key => $value) {
$this_attribute[$key] = filter_var($value, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
}
}
else {
$this_attribute['count'] = 1;
$this_attribute[0] = filter_var($_POST[$attribute], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
}
if ($this_attribute != $$attribute) {
$$attribute = $this_attribute;
$to_update[$attribute] = $this_attribute;
unset($to_update[$attribute]['count']);
}
}
if (!isset($$attribute) and isset($attr_r['default'])) {
$$attribute['count'] = 1;
$$attribute[0] = $attr_r['default'];
}
}
if (!isset($gidnumber[0]) or !is_numeric($gidnumber[0])) {
$gidnumber[0]=ldap_get_highest_id($ldap_connection,$type="gid");
$gidnumber['count']=1;
}
###################################################################################### ######################################################################################
$current_members = ldap_get_group_members($ldap_connection,$group_cn);
$full_dn = ldap_get_dn_of_group($ldap_connection,$group_cn);
$all_accounts = ldap_get_user_list($ldap_connection); $all_accounts = ldap_get_user_list($ldap_connection);
$all_people = array(); $all_people = array();
@ -82,10 +127,9 @@ if (isset($_POST["update_members"])) {
$updated_membership = array(); $updated_membership = array();
foreach ($_POST as $index => $member) { foreach ($_POST['membership'] as $index => $member) {
if (is_numeric($index)) { if (is_numeric($index)) {
array_push($updated_membership,$member); array_push($updated_membership,filter_var($member, FILTER_SANITIZE_FULL_SPECIAL_CHARS));
} }
} }
@ -98,8 +142,18 @@ if (isset($_POST["update_members"])) {
if ($initialise_group == TRUE) { if ($initialise_group == TRUE) {
$initial_member = array_shift($members_to_add); $initial_member = array_shift($members_to_add);
$group_add = ldap_new_group($ldap_connection,$group_cn,$initial_member); $group_add = ldap_new_group($ldap_connection,$group_cn,$initial_member,$to_update);
} }
elseif(count($to_update) > 0) {
$updated_attr = ldap_update_group_attributes($ldap_connection,$group_cn,$to_update);
if ($updated_attr) {
render_alert_banner("The group attributes have been updated.");
}
else {
render_alert_banner("There was a problem updating the group attributes. See the logs for more information.","danger",15000);
}
}
foreach ($members_to_add as $this_member) { foreach ($members_to_add as $this_member) {
ldap_add_member_to_group($ldap_connection,$group_cn,$this_member); ldap_add_member_to_group($ldap_connection,$group_cn,$this_member);
} }
@ -116,35 +170,10 @@ if (isset($_POST["update_members"])) {
$group_members = ldap_get_group_members($ldap_connection,$group_cn); $group_members = ldap_get_group_members($ldap_connection,$group_cn);
$non_members = array_diff($all_people,$group_members); $non_members = array_diff($all_people,$group_members);
render_alert_banner("Groups can't be empty, so the final member hasn't been removed. You could try deleting the group","danger",15000);
?>
<script>
window.setTimeout(function() {
$(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); });
}, 15000);
</script>
<div class="alert alert-danger" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">Groups can't be empty, so the final member hasn't been removed. You could try deleting the group.</p>
</div>
<?php
} }
else { else {
render_alert_banner("The group has been ${has_been}.");
?>
<script>
window.setTimeout(function() {
$(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); });
}, 4000);
</script>
<div class="alert alert-success" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">The group has been <?php print $has_been; ?>.</p>
</div>
<?php
} }
} }
@ -177,7 +206,7 @@ ldap_close($ldap_connection);
for (var i = 0; i < member_list.length; ++i) { for (var i = 0; i < member_list.length; ++i) {
var hidden = document.createElement("input"); var hidden = document.createElement("input");
hidden.type = "hidden"; hidden.type = "hidden";
hidden.name = i; hidden.name = 'membership[]';
hidden.value = member_list[i]['textContent']; hidden.value = member_list[i]['textContent'];
members_form.appendChild(hidden); members_form.appendChild(hidden);
@ -205,7 +234,10 @@ ldap_close($ldap_connection);
$('.list-right ul li.active').removeClass('active'); $('.list-right ul li.active').removeClass('active');
actives.remove(); actives.remove();
} }
if ($("#membership_list").length > 0) {
$("#submit_members").prop("disabled", false); $("#submit_members").prop("disabled", false);
$("#submit_attributes").prop("disabled", false);
}
}); });
$('.dual-list .selector').click(function () { $('.dual-list .selector').click(function () {
var $checkBox = $(this); var $checkBox = $(this);
@ -257,20 +289,22 @@ ldap_close($ldap_connection);
<div class="container"> <div class="container">
<div class="col-md-12">
<div class="panel-group">
<div class="panel panel-default"> <div class="panel panel-default">
<div class="panel-heading clearfix"> <div class="panel-heading clearfix">
<h3 class="panel-title pull-left" style="padding-top: 7.5px;"><?php print $group_cn; ?><?php if ($group_cn == $LDAP["admins_group"]) { print " <sup>(admin group)</sup>" ; } ?></h3> <h3 class="panel-title pull-left" style="padding-top: 7.5px;"><?php print $group_cn; ?><?php if ($group_cn == $LDAP["admins_group"]) { print " <sup>(admin group)</sup>" ; } ?></h3>
<button class="btn btn-warning pull-right" onclick="show_delete_group_button();" <?php if ($group_cn == $LDAP["admins_group"]) { print "disabled"; } ?>>Delete group</button> <button class="btn btn-warning pull-right" onclick="show_delete_group_button();" <?php if ($group_cn == $LDAP["admins_group"]) { print "disabled"; } ?>>Delete group</button>
<form action="<?php print "${THIS_MODULE_PATH}"; ?>/groups.php" method="post"><input type="hidden" name="delete_group" value="<?php print $group_cn; ?>"><button class="btn btn-danger pull-right invisible" id="delete_group">Confirm deletion</button></form> <form action="<?php print "${THIS_MODULE_PATH}"; ?>/groups.php" method="post"><input type="hidden" name="delete_group" value="<?php print $group_cn; ?>"><button class="btn btn-danger pull-right invisible" id="delete_group">Confirm deletion</button></form>
</div> </div>
<ul class="list-group"> <ul class="list-group">
<li class="list-group-item"><?php print $full_dn; ?></li> <li class="list-group-item"><?php print $full_dn; ?></li>
</li> </li>
<div class="panel-body"> <div class="panel-body">
<div class="row"> <div class="row">
<div class="dual-list list-left col-md-5"> <div class="dual-list list-left col-md-5">
<strong>Members</strong> <strong>Members</strong>
<div class="well"> <div class="well">
@ -301,7 +335,6 @@ ldap_close($ldap_connection);
</ul> </ul>
</div> </div>
</div> </div>
<div class="list-arrows col-md-1 text-center"> <div class="list-arrows col-md-1 text-center">
<button class="btn btn-default btn-sm move-left"> <button class="btn btn-default btn-sm move-left">
<span class="glyphicon glyphicon-chevron-left"></span> <span class="glyphicon glyphicon-chevron-left"></span>
@ -313,8 +346,7 @@ ldap_close($ldap_connection);
<input type="hidden" name="update_members"> <input type="hidden" name="update_members">
<input type="hidden" name="group_name" value="<?php print urlencode($group_cn); ?>"> <input type="hidden" name="group_name" value="<?php print urlencode($group_cn); ?>">
<?php if ($new_group == TRUE) { ?><input type="hidden" name="initialise_group"><?php } ?> <?php if ($new_group == TRUE) { ?><input type="hidden" name="initialise_group"><?php } ?>
</form> <button id="submit_members" class="btn btn-info" <?php if (count($group_members)==0) print 'disabled'; ?> type="submit" onclick="update_form_with_users()">Save</button>
<button id="submit_members" class="btn btn-info" disabled type="submit" onclick="update_form_with_users()">Save</button>
</div> </div>
<div class="dual-list list-right col-md-5"> <div class="dual-list list-right col-md-5">
@ -342,12 +374,47 @@ ldap_close($ldap_connection);
</ul> </ul>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div>
<?php <?php
render_footer();
if ($SIMPLE_INTERFACE == TRUE) {
unset($attribute_map['gidnumber']);
}
if (count($attribute_map) > 0) { ?>
<div class="panel panel-default">
<div class="panel-heading clearfix">
<h3 class="panel-title pull-left" style="padding-top: 7.5px;">Group attributes</h3>
</div>
<div class="panel-body">
<div class="col-md-8">
<?php
$tabindex=1;
foreach ($attribute_map as $attribute => $attr_r) {
$label = $attr_r['label'];
if (isset($$attribute)) { $these_values=$$attribute; } else { $these_values = array(); }
if (isset($attr_r['multiple'])) { $multiple = $attr_r['multiple']; } else { $multiple = FALSE; }
print "<div class='row'>";
render_attribute_fields($attribute,$label,$these_values,"",$multiple,$tabindex);
print "</div>";
$tabindex++;
}
?> ?>
<div class="row">
<div class="col-md-4 col-md-offset-3">
<div class="form-group">
<button id="submit_attributes" class="btn btn-info" <?php if (count($group_members)==0) print 'disabled'; ?> type="submit" tabindex="<?php print $tabindex; ?>" onclick="update_form_with_users()">Save</button>
</div>
</div>
</div>
</div>
</div>
</div>
<?php } ?>
</form>
</div>
</div>
</div>
<?php render_footer(); ?>

45
www/account_manager/show_user.php
View File

@ -24,7 +24,11 @@ if ($SIMPLE_INTERFACE == FALSE) {
} }
$LDAP['default_attribute_map']["mail"] = array("label" => "Email", "onkeyup" => "check_if_we_should_enable_sending_email();"); $LDAP['default_attribute_map']["mail"] = array("label" => "Email", "onkeyup" => "check_if_we_should_enable_sending_email();");
$attribute_map = ldap_complete_account_attribute_array(); $attribute_map = $LDAP['default_attribute_map'];
if (isset($LDAP['account_additional_attributes'])) { $attribute_map = ldap_complete_attribute_array($attribute_map,$LDAP['account_additional_attributes']); }
if (! array_key_exists($LDAP['account_attribute'], $attribute_map)) {
$attribute_r = array_merge($attribute_map, array($LDAP['account_attribute'] => array("label" => "Account UID")));
}
if (!isset($_POST['account_identifier']) and !isset($_GET['account_identifier'])) { if (!isset($_POST['account_identifier']) and !isset($_GET['account_identifier'])) {
?> ?>
@ -164,30 +168,10 @@ if ($ldap_search) {
} }
if ($updated_account) { if ($updated_account) {
?> render_alert_banner("The account has been updated. $sent_email_message");
<script>
window.setTimeout(function() {
$(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); });
}, 4000);
</script>
<div class="alert alert-success" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">The account has been updated.<?php print $sent_email_message; ?></p>
</div>
<?php
} }
else { else {
?> render_alert_banner("There was a problem updating the account. Check the logs for more information.","danger",15000);
<script>
window.setTimeout(function() {
$(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); });
}, 4000);
</script>
<div class="alert alert-danger" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">There was a problem updating the account. Check the logs for more information.</p>
</div>
<?php
} }
} }
@ -248,19 +232,7 @@ if ($ldap_search) {
$not_member_of = array_diff($all_groups,$updated_group_membership); $not_member_of = array_diff($all_groups,$updated_group_membership);
$member_of = $updated_group_membership; $member_of = $updated_group_membership;
render_alert_banner("The group membership has been updated.");
?>
<script>
window.setTimeout(function() {
$(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); });
}, 4000);
</script>
<div class="alert alert-success" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center">The group membership has been updated.</p>
</div>
<?php
} }
else { else {
@ -454,7 +426,6 @@ if ($ldap_search) {
<input type="hidden" id="pass_score" value="0" name="pass_score"> <input type="hidden" id="pass_score" value="0" name="pass_score">
<input type="hidden" name="account_identifier" value="<?php print $account_identifier; ?>"> <input type="hidden" name="account_identifier" value="<?php print $account_identifier; ?>">
<?php <?php
foreach ($attribute_map as $attribute => $attr_r) { foreach ($attribute_map as $attribute => $attr_r) {
$label = $attr_r['label']; $label = $attr_r['label'];

5
www/includes/config.inc.php
View File

@ -12,6 +12,11 @@
"mail" => array("label" => "Email", "onkeyup" => "auto_email_update = false; check_email_validity(document.getElementById('mail').value);") "mail" => array("label" => "Email", "onkeyup" => "auto_email_update = false; check_email_validity(document.getElementById('mail').value);")
); );
$LDAP['group_objectclasses'] = array( 'person', 'inetOrgPerson', 'posixAccount' );
$LDAP['default_group_attribute_map'] = array( "gidnumber" => array("label" => "Group ID number")
);
#Mandatory #Mandatory
$LDAP['uri'] = getenv('LDAP_URI'); $LDAP['uri'] = getenv('LDAP_URI');

86
www/includes/ldap_functions.inc.php
View File

@ -438,19 +438,17 @@ function ldap_get_group_list($ldap_connection,$start=0,$entries=NULL,$sort="asc"
################################## ##################################
function ldap_get_dn_of_group($ldap_connection,$group_name) { function ldap_get_group_entry($ldap_connection,$group_name) {
global $log_prefix, $LDAP, $LDAP_DEBUG; global $log_prefix, $LDAP, $LDAP_DEBUG;
if (isset($group_name)) { if (isset($group_name)) {
$ldap_search_query = "(${LDAP['group_attribute']}=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")"; $ldap_search_query = "(${LDAP['group_attribute']}=" . ldap_escape($group_name, "", LDAP_ESCAPE_FILTER) . ")";
$ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query , array("dn")); $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query);
$result = @ ldap_get_entries($ldap_connection, $ldap_search); $result = @ ldap_get_entries($ldap_connection, $ldap_search);
if (isset($result[0]['dn'])) { return $result;
return $result[0]['dn'];
}
} }
@ -567,7 +565,7 @@ function ldap_user_group_membership($ldap_connection,$username) {
################################## ##################################
function ldap_new_group($ldap_connection,$group_name,$initial_member="") { function ldap_new_group($ldap_connection,$group_name,$initial_member="",$extra_attributes=array()) {
global $log_prefix, $LDAP, $LDAP_DEBUG; global $log_prefix, $LDAP, $LDAP_DEBUG;
@ -577,6 +575,7 @@ function ldap_new_group($ldap_connection,$group_name,$initial_member="") {
$new_group = ldap_escape($group_name, "", LDAP_ESCAPE_FILTER); $new_group = ldap_escape($group_name, "", LDAP_ESCAPE_FILTER);
$initial_member = ldap_escape($initial_member, "", LDAP_ESCAPE_FILTER); $initial_member = ldap_escape($initial_member, "", LDAP_ESCAPE_FILTER);
$update_gid_store=FALSE;
$ldap_search_query = "(${LDAP['group_attribute']}=$new_group,${LDAP['group_dn']})"; $ldap_search_query = "(${LDAP['group_attribute']}=$new_group,${LDAP['group_dn']})";
$ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query); $ldap_search = @ ldap_search($ldap_connection, "${LDAP['group_dn']}", $ldap_search_query);
@ -584,20 +583,26 @@ function ldap_new_group($ldap_connection,$group_name,$initial_member="") {
if ($result['count'] == 0) { if ($result['count'] == 0) {
$highest_gid = ldap_get_highest_id($ldap_connection,'gid');
$new_gid = $highest_gid + 1;
if ($rfc2307bis_available == FALSE) { $objectclasses = array('top','posixGroup'); } else { $objectclasses = array('top','groupOfUniqueNames','posixGroup'); } if ($rfc2307bis_available == FALSE) { $objectclasses = array('top','posixGroup'); } else { $objectclasses = array('top','groupOfUniqueNames','posixGroup'); }
if (isset($LDAP['group_additional_objectclasses']) and $LDAP['group_additional_objectclasses'] != "") if (isset($LDAP['group_additional_objectclasses']) and $LDAP['group_additional_objectclasses'] != "") {
$objectclasses = array_merge($objectclasses, explode(",", $LDAP['group_additional_objectclasses'])); $objectclasses = array_merge($objectclasses, explode(",", $LDAP['group_additional_objectclasses']));
}
if ($LDAP['group_membership_uses_uid'] == FALSE and $initial_member != "") { $initial_member = "${LDAP['account_attribute']}=$initial_member,${LDAP['user_dn']}"; } if ($LDAP['group_membership_uses_uid'] == FALSE and $initial_member != "") { $initial_member = "${LDAP['account_attribute']}=$initial_member,${LDAP['user_dn']}"; }
$new_group_array=array( 'objectClass' => $objectclasses, $new_group_array=array( 'objectClass' => $objectclasses,
'cn' => $new_group, 'cn' => $new_group,
'gidNumber' => $new_gid,
$LDAP['group_membership_attribute'] => $initial_member $LDAP['group_membership_attribute'] => $initial_member
); );
$new_group_array = array_merge($new_group_array,$extra_attributes);
if (!isset($new_group_array["gidnumber"][0]) or !is_numeric($new_group_array["gidnumber"][0])) {
$highest_gid = ldap_get_highest_id($ldap_connection,'gid');
$new_gid = $highest_gid + 1;
$new_group_array["gidnumber"] = $new_gid;
$update_gid_store=TRUE;
}
$group_dn="cn=$new_group,${LDAP['group_dn']}"; $group_dn="cn=$new_group,${LDAP['group_dn']}";
$add_group = @ ldap_add($ldap_connection, $group_dn, $new_group_array); $add_group = @ ldap_add($ldap_connection, $group_dn, $new_group_array);
@ -610,6 +615,7 @@ function ldap_new_group($ldap_connection,$group_name,$initial_member="") {
else { else {
error_log("$log_prefix Added new group $group_name",0); error_log("$log_prefix Added new group $group_name",0);
if ($update_gid_store == TRUE) {
$this_gid = fetch_id_stored_in_ldap($ldap_connection,"gid"); $this_gid = fetch_id_stored_in_ldap($ldap_connection,"gid");
if ($this_gid != FALSE) { if ($this_gid != FALSE) {
$update_gid = @ ldap_mod_replace($ldap_connection, "cn=lastGID,${LDAP['base_dn']}", array( 'serialNumber' => $new_gid )); $update_gid = @ ldap_mod_replace($ldap_connection, "cn=lastGID,${LDAP['base_dn']}", array( 'serialNumber' => $new_gid ));
@ -622,6 +628,7 @@ function ldap_new_group($ldap_connection,$group_name,$initial_member="") {
} }
return TRUE; return TRUE;
} }
}
} }
else { else {
@ -637,6 +644,37 @@ function ldap_new_group($ldap_connection,$group_name,$initial_member="") {
} }
##################################
function ldap_update_group_attributes($ldap_connection,$group_name,$extra_attributes) {
global $log_prefix, $LDAP, $LDAP_DEBUG;
if (isset($group_name) and (count($extra_attributes) > 0)) {
$group_name = ldap_escape($group_name, "", LDAP_ESCAPE_FILTER);
$group_dn = "${LDAP['group_attribute']}=$group_name,${LDAP['group_dn']}";
$update_group = @ ldap_mod_replace($ldap_connection, $group_dn, $extra_attributes);
if (!$update_group ) {
$this_error="$log_prefix LDAP: unable to update group attributes for group (${group_dn}): " . ldap_error($ldap_connection);
if ($LDAP_DEBUG == TRUE) { error_log("$log_prefix DEBUG update group attributes array: ". print_r($extra_attributes,true),0); }
error_log($this_error,0);
return FALSE;
}
else {
error_log("$log_prefix Updated group attributes for $group_name",0);
return TRUE;
}
}
else {
error_log("$log_prefix Update group attributes; group name wasn't set.",0);
return FALSE;
}
}
################################## ##################################
function ldap_delete_group($ldap_connection,$group_name) { function ldap_delete_group($ldap_connection,$group_name) {
@ -687,16 +725,14 @@ function ldap_get_gid_of_group($ldap_connection,$group_name) {
################################## ##################################
function ldap_complete_account_attribute_array() { function ldap_complete_attribute_array($default_attributes,$additional_attributes) {
global $LDAP; global $LDAP;
$attribute_r = $LDAP['default_attribute_map']; if (is_array($additional_attributes) and count($additional_attributes > 0)) {
$additional_attributes_r = array();
if (isset($LDAP['account_additional_attributes'])) { $user_attribute_r = explode(",", $additional_attributes);
$to_merge = array();
$user_attribute_r = explode(",", $LDAP['account_additional_attributes']);
foreach ($user_attribute_r as $this_attr) { foreach ($user_attribute_r as $this_attr) {
@ -711,7 +747,6 @@ function ldap_complete_account_attribute_array() {
$this_r['multiple'] = FALSE; $this_r['multiple'] = FALSE;
} }
if (preg_match('/^[a-zA-Z0-9\-]+$/', $attr_name) == 1) { if (preg_match('/^[a-zA-Z0-9\-]+$/', $attr_name) == 1) {
if (isset($kv[1]) and $kv[1] != "") { if (isset($kv[1]) and $kv[1] != "") {
@ -725,22 +760,21 @@ function ldap_complete_account_attribute_array() {
$this_r['default'] = filter_var($kv[2], FILTER_SANITIZE_FULL_SPECIAL_CHARS); $this_r['default'] = filter_var($kv[2], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
} }
$additional_attributes_r[$attr_name] = $this_r; $to_merge[$attr_name] = $this_r;
} }
} }
$attribute_r = array_merge($attribute_r, $additional_attributes_r); $attribute_r = array_merge($default_attributes, $to_merge);
}
if (! array_key_exists($LDAP['account_attribute'], $attribute_r)) {
$attribute_r = array_merge($attribute_r, array($LDAP['account_attribute'] => array("label" => "Account UID")));
}
return($attribute_r); return($attribute_r);
} }
else {
return($default_attributes);
}
}
################################## ##################################

15
www/includes/web_functions.inc.php
View File

@ -654,6 +654,19 @@ function render_attribute_fields($attribute,$label,$values_r,$onkeyup="",$multip
} }
######################################################
function render_alert_banner($message,$alert_class="success",$timeout=4000) {
##EoFilelocal ?>
<script>window.setTimeout(function() {$(".alert").fadeTo(500, 0).slideUp(500, function(){ $(this).remove(); }); }, $<?php print $timeout; ?>);</script>
<div class="alert alert-<?php print $alert_class; ?>" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="TRUE">&times;</span></button>
<p class="text-center"><?php print $message; ?></p>
</div>
<?php
}
##EoFile
?> ?>