True, 'nonavbar' => True, 'currentapp' => 'home', 'noapi' => True ); include('./inc/functions.inc.php'); /* Authorize the user to use setup app and load the database */ if(!$GLOBALS['phpgw_setup']->auth('Config')) { Header('Location: index.php'); exit; } /* Does not return unless user is authorized */ class phpgw { var $common; var $accounts; var $applications; var $db; } $phpgw = new phpgw; $phpgw->common = CreateObject('phpgwapi.common'); $common = $phpgw->common; $GLOBALS['phpgw_setup']->loaddb(); copyobj($GLOBALS['phpgw_setup']->db,$phpgw->db); $tpl_root = $GLOBALS['phpgw_setup']->html->setup_tpl_dir('setup'); $setup_tpl = CreateObject('setup.Template',$tpl_root); $setup_tpl->set_file(array( 'ldap' => 'ldap.tpl', 'T_head' => 'head.tpl', 'T_footer' => 'footer.tpl', 'T_alert_msg' => 'msg_alert_msg.tpl' )); $GLOBALS[ 'phpgw_setup' ] -> db -> query( "SELECT config_name, config_value FROM phpgw_config" ." WHERE config_app = 'phpgwapi' and config_name LIKE 'ldap%' OR config_name='account_repository'", __LINE__, __FILE__ ); while ( $GLOBALS[ 'phpgw_setup' ] -> db -> next_record( ) ) $config[ $GLOBALS[ 'phpgw_setup' ] -> db -> f( 'config_name' ) ] = $GLOBALS[ 'phpgw_setup' ] -> db -> f( 'config_value' ); $phpgw_info['server']['ldap_host'] = $config['ldap_host']; $phpgw_info['server']['ldap_context'] = $config['ldap_context']; $phpgw_info['server']['ldap_group_context'] = $config['ldap_group_context']; $phpgw_info['server']['ldap_root_dn'] = $config['ldap_root_dn']; $phpgw_info['server']['ldap_root_pw'] = $config['ldap_root_pw']; $phpgw_info['server']['account_repository'] = $config['account_repository']; $phpgw_info['server']['ldap_version3'] = $config['ldap_version3']; $phpgw->accounts = CreateObject('phpgwapi.accounts'); $acct = $phpgw->accounts; // connect to ldap server if ( ! $ldap = $common -> ldapConnect( ) ) { Header( 'Location: config.php?error=badldapconnection' ); exit; } // Take the users from LDAP. $sr = ldap_search( $ldap, $config[ 'ldap_context' ], '(objectClass=posixAccount)', array( 'cn', 'givenname', 'uid', 'uidnumber', 'objectClass' ) ); $info = ldap_get_entries( $ldap, $sr ); $tmp = ''; $account_info = array( ); for ( $i = 0; $i < $info[ 'count' ]; ++$i ) if ( ! array_key_exists( $info[ $i ][ 'uid' ][ 0 ], $phpgw_info[ 'server' ][ 'global_denied_users' ] ) ) $account_info[ $info[ $i ][ 'dn' ] ] = $info[ $i ]; $group_info = array( ); if ( array_key_exists( 'ldap_group_context', $phpgw_info[ 'server' ] ) && count( $phpgw_info['server']['global_denied_groups'] ) ) { $sr = ldap_search( $ldap, $config[ 'ldap_group_context' ], '(objectClass=posixGroup)', array( 'gidnumber', 'cn', 'memberuid', 'objectclass', 'phpgwaccountstatus', 'phpgwaccounttype', 'phpgwaccountexpires' ) ); $info = ldap_get_entries( $ldap, $sr ); $tmp = ''; for ( $i = 0; $i < $info[ 'count' ]; ++$i ) if ( ! array_key_exists( $info[ $i ][ 'cn' ][ 0 ], $phpgw_info[ 'server' ][ 'global_denied_groups' ] ) ) $group_info[ $info[ $i ][ 'dn' ] ] = $info[ $i ]; } $GLOBALS[ 'phpgw_setup' ] -> db -> query( "SELECT app_name FROM phpgw_applications WHERE app_enabled!='0' AND app_enabled!='3' ORDER BY app_name", __LINE__, __FILE__ ); while( $GLOBALS[ 'phpgw_setup' ] -> db -> next_record( ) ) $apps[ $GLOBALS[ 'phpgw_setup' ] -> db -> f( 'app_name' ) ] = lang( $GLOBALS[ 'phpgw_setup' ] -> db -> f( 'app_name' ) ); if ( $cancel ) { Header( 'Location: ldap.php' ); exit; } $GLOBALS[ 'phpgw_setup' ] -> html -> show_header( lang('LDAP Modify'), false, 'config', "{$GLOBALS[ 'phpgw_setup' ] -> ConfigDomain} ( {$phpgw_domain[ $GLOBALS[ 'phpgw_setup' ] -> ConfigDomain ][ 'db_type' ]} )" ); if ( array_key_exists( 'submit', $_POST ) ) { $acl = CreateObject('phpgwapi.acl'); copyobj( $GLOBALS[ 'phpgw_setup' ] -> db, $acl -> db ); if ( array_key_exists( 'ldapgroups', $_POST ) && is_array( $_POST[ 'ldapgroups' ] ) ) { $groups = CreateObject( 'phpgwapi.accounts' ); copyobj( $GLOBALS[ 'phpgw_setup' ] -> db, $groups -> db ); foreach ( $_POST[ 'ldapgroups' ] as $groupid ) { if ( ! array_key_exists( $groupid, $group_info ) ) { echo "Has occurred some problem in the group : {$groupid}
\n"; continue; } $entry = array( ); $thisacctid = $group_info[ $groupid ][ 'gidnumber' ][ 0 ]; $thisacctlid = $group_info[ $groupid ][ 'cn' ][ 0 ]; $thisfirstname = $group_info[ $groupid ][ 'cn' ][ 0 ]; $thismembers = $group_info[ $groupid ][ 'memberuid' ]; $thisdn = $group_info[ $groupid ][ 'dn' ]; echo "Updating GROUPID : {$thisacctlid} ({$groupid})
\n"; // Do some checks before we try to import the data. if ( ! empty( $thisacctid ) && ! empty( $thisacctlid ) ) { $groups->account_id = ( int ) $thisacctid; reset( $group_info[ $groupid ][ 'objectclass' ] ); $add = array( ); if ( ! in_array( 'phpgwAccount', $group_info[ $groupid ][ 'objectclass' ] ) ) $add[ 'objectclass'] = array( 'phpgwAccount' ); if ( ! array_key_exists( 'phpgwaccountstatus', $group_info[ $groupid ] ) ) $add[ 'phpgwaccountstatus'] = array( 'A' ); if ( ! array_key_exists( 'phpgwaccounttype', $group_info[ $groupid ] ) ) $add[ 'phpgwaccounttype' ] = array( 'g' ); if ( ! array_key_exists( 'phpgwaccountexpires', $group_info[ $groupid ] ) ) $add[ 'phpgwaccountexpires' ] = array( -1 ); if ( count( $add ) ) ldap_mod_add( $ldap, $thisdn, $add ); // Now make the members a member of this group in phpgw. if ( is_array( $thismembers ) ) { if ( array_key_exists( 'count', $thismembers ) ) unset( $thismembers[ 'count' ] ); foreach ( $thismembers as $key => $members ) { echo "members: {$members}
\n"; $tmpid = NULL; foreach ( $account_info as $info ) if ( $members == $info[ 'uid' ][ 0 ] ) { $tmpid = $info[ 'uidnumber' ][ 0 ]; break; } // Insert acls for this group based on memberuid field. // Since the group has app rights, we don't need to give users // these rights. Instead, we maintain group membership here. if ( $tmpid ) { echo "inserindo user_id: {$tmpid} em {$thisacctid}
\n"; $acl -> account_id = ( int ) $tmpid; $acl -> read_repository( ); $acl -> delete( 'phpgw_group', $thisacctid, 1 ); $acl -> add( 'phpgw_group', $thisacctid, 1 ); // Now add the acl to let them change their password $acl -> delete( 'preferences', 'changepassword', 1 ); $acl -> add( 'preferences', 'changepassword', 1 ); $acl -> save_repository( ); } } } // Now give this group some rights $phpgw_info[ 'user' ][ 'account_id' ] = $thisacctid; $acl -> account_id = ( int ) $thisacctid; $acl -> read_repository( ); foreach ( $_POST[ 's_apps' ] as $app ) { $acl -> delete( $app, 'run', 1 ); $acl -> add( $app, 'run', 1 ); } $acl -> save_repository(); $defaultgroupid = $thisacctid; } echo "----------------------------------------------
\n"; } } if ( ( array_key_exists( 'users', $_POST ) && is_array( $_POST[ 'users' ] ) ) || ( array_key_exists( 'admins', $_POST ) && is_array( $_POST[ 'admins' ] ) ) ) { $accounts = CreateObject( 'phpgwapi.accounts' ); copyobj( $GLOBALS[ 'phpgw_setup' ] -> db, $accounts -> db ); $users_process = 0; $new_uidnumber = 12011; //error_log( print_r( $_POST[ 'users' ], true ), 3, '/tmp/log' ); //error_log( print_r( $config, true ), 3, '/tmp/log' ); foreach ( array( 'admins', 'users' ) as $type ) if ( array_key_exists( $type, $_POST ) ) { if ( $type == 'admins' ) { // give admin access to all apps, to save us some support requests $all_apps = array(); $GLOBALS[ 'phpgw_setup' ] -> db -> query( 'SELECT app_name FROM phpgw_applications ORDER BY app_name' ); while ( $GLOBALS[ 'phpgw_setup' ] -> db -> next_record( ) ) $all_apps[ ] = $GLOBALS[ 'phpgw_setup' ] -> db -> f( 'app_name' ); } foreach ( $_POST[ $type ] as $user_id ) { $id_exist = 0; $thisacctid = $account_info[ $user_id ][ 'uidnumber' ][ 0 ]; $thisacctlid = $account_info[ $user_id ][ 'uid' ][ 0 ]; $thisdn = $account_info[ $user_id ][ 'dn']; echo "{$thisdn}
\nUpdating ({$type}) USERID : {$thisacctlid}
\n"; // Do some checks before we try to import the data. if ( !empty($thisacctid) && !empty($thisacctlid)) { ++$users_process; $add = array( ); $objectClass = array( ); if ( ! in_array( 'qmailUser', $account_info[ $user_id ][ 'objectclass' ] ) ) $objectclass[ ] = 'qmailUser'; if ( ! in_array( 'phpgwAccount', $account_info[ $user_id ][ 'objectclass' ] ) ) { $objectclass[ ] = 'phpgwAccount'; $add[ 'phpgwAccountExpires' ] = array( '-1' ); $add[ 'phpgwAccountStatus' ] = array( 'A' ); $add[ 'phpgwAccountType' ] = array( 'u' ); $add[ 'phpgwLastPasswdChange' ] = array( '1290632486' ); } if ( count( $objectclass ) ) $add[ 'objectclass' ] = $objectclass; if ( count( $add ) ) ldap_mod_add( $ldap, $thisdn, $add ); $accounts -> account_id = ( int ) $thisacctid; // Insert default acls for this user. $acl -> account_id = ( int ) $thisacctid; $acl -> read_repository( ); // Now add the acl to let them change their password $acl -> delete( 'preferences', 'changepassword', 1 ); $acl -> add( 'preferences', 'changepassword', 1 ); // Add user to a default group, previous created //$acl -> add( 'phpgw_group', '12007', 1 ); echo "Adding in ACL BD: {$thisacctid}

\n"; // Save these new acls. $acl -> save_repository( ); ++$new_uidnumber; } if ( $type == 'admins' ) { $GLOBALS[ 'phpgw_setup' ] -> add_acl(array( 'admin', 'expressoAdmin1_2' ), 'run', ( int ) $thisacctid ); $GLOBALS[ 'phpgw_setup' ] -> db -> query( "INSERT INTO phpgw_expressoadmin VALUES ( '{$thisacctlid}', '{$config[ 'ldap_context' ]}', 2199023253495 )" ); foreach ( $all_apps as $app ) $GLOBALS[ 'phpgw_setup' ] -> db -> query( "INSERT INTO phpgw_expressoadmin_apps VALUES ( '{$thisacctlid}', '{$config[ 'ldap_context' ]}', '{$app}' )" ); } } } } printf( "
%s %s
", lang( 'Modifications have been completed!' ), lang( 'Click here to return to setup.' ) ); $GLOBALS['phpgw_setup' ] -> html -> show_footer( ); exit; } if ( array_key_exists( 'error', $_GET ) ) $GLOBALS[ 'phpgw_setup' ] -> html -> show_alert_msg( 'Error', $_GET[ 'error' ] ); $setup_tpl->set_block('ldap','header','header'); $setup_tpl->set_block('ldap','user_list','user_list'); $setup_tpl->set_block('ldap','admin_list','admin_list'); $setup_tpl->set_block('ldap','group_list','group_list'); $setup_tpl->set_block('ldap','app_list','app_list'); $setup_tpl->set_block('ldap','submit','submit'); $setup_tpl->set_block('ldap','footer','footer'); $user_list = array( ); while ( list( $key, $account ) = each( $account_info ) ) $user_list[ ] = '"; $user_list = $admin_list = implode( '', $user_list ); $group_list = ''; while( list( $key, $group ) = each( $group_info ) ) $group_list .= ''; $app_list = ''; while(list($appname,$apptitle) = each($apps)) { if($appname == 'admin' || $appname == 'skel' || $appname == 'backup' || $appname == 'netsaint' || $appname == 'developer_tools' || $appname == 'phpsysinfo' || $appname == 'eldaptir' || $appname == 'qmailldap') { $app_list .= ''; } else { $app_list .= ''; } } $setup_tpl->set_var('action_url','ldapmodify.php'); $setup_tpl->set_var('users',$user_list); $setup_tpl->set_var('admins',$admin_list); $setup_tpl->set_var('ldapgroups',$group_list); $setup_tpl->set_var('s_apps',$app_list); $setup_tpl->set_var('ldap_import',lang('LDAP Modify')); $setup_tpl->set_var('description',lang("This section will help you setup your LDAP accounts for use with eGroupWare").'.'); $setup_tpl->set_var('select_users',lang('Select which user(s) will be modified')); $setup_tpl->set_var('select_admins',lang('Select which user(s) will also have admin privileges')); $setup_tpl->set_var('select_groups',lang('Select which group(s) will be modified (group membership will be maintained)')); $setup_tpl->set_var('select_apps',lang('Select the default applications to which your users will have access').'.'); $setup_tpl->set_var('form_submit',lang('Modify')); $setup_tpl->set_var('cancel',lang('Cancel')); $setup_tpl->pfp('out','header'); $setup_tpl->pfp('out','user_list'); $setup_tpl->pfp('out','admin_list'); $setup_tpl->pfp('out','group_list'); $setup_tpl->pfp('out','app_list'); $setup_tpl->pfp('out','submit'); $setup_tpl->pfp('out','footer'); $GLOBALS['phpgw_setup']->html->show_footer(); ?>