- Développement des capacité de l'interface (ajout / suppression / copie / modification)
- Création d'un annuaire de test (dossier lsexample) - Debug divers
|
@ -43,7 +43,8 @@ $GLOBALS['LSobjects']['LSeecompany'] = array (
|
||||||
'admin' => 'w'
|
'admin' => 'w'
|
||||||
),
|
),
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1
|
'modify' => 1,
|
||||||
|
'create' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'dc' => array (
|
'dc' => array (
|
||||||
|
@ -57,7 +58,8 @@ $GLOBALS['LSobjects']['LSeecompany'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1
|
'modify' => 1,
|
||||||
|
'create' => 1
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
|
|
||||||
$GLOBALS['LSobjects']['LSeegroup'] = array (
|
$GLOBALS['LSobjects']['LSeegroup'] = array (
|
||||||
'objectclass' => array(
|
'objectclass' => array(
|
||||||
|
'lsgroup',
|
||||||
'posixGroup'
|
'posixGroup'
|
||||||
),
|
),
|
||||||
'rdn' => 'cn',
|
'rdn' => 'cn',
|
||||||
|
@ -51,7 +52,8 @@ $GLOBALS['LSobjects']['LSeegroup'] = array (
|
||||||
'admin' => 'w'
|
'admin' => 'w'
|
||||||
),
|
),
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1
|
'modify' => 1,
|
||||||
|
'create' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'gidNumber' => array (
|
'gidNumber' => array (
|
||||||
|
@ -59,6 +61,7 @@ $GLOBALS['LSobjects']['LSeegroup'] = array (
|
||||||
'ldap_type' => 'numeric',
|
'ldap_type' => 'numeric',
|
||||||
'html_type' => 'text',
|
'html_type' => 'text',
|
||||||
'required' => 1,
|
'required' => 1,
|
||||||
|
'generate_function' => 'generate_gidNumber',
|
||||||
'validation' => array (
|
'validation' => array (
|
||||||
array (
|
array (
|
||||||
'filter' => 'gidNumber=%{val}',
|
'filter' => 'gidNumber=%{val}',
|
||||||
|
@ -71,7 +74,7 @@ $GLOBALS['LSobjects']['LSeegroup'] = array (
|
||||||
'admin' => 'w'
|
'admin' => 'w'
|
||||||
),
|
),
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1
|
'modify' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'uniqueMember' => array (
|
'uniqueMember' => array (
|
||||||
|
@ -91,10 +94,10 @@ $GLOBALS['LSobjects']['LSeegroup'] = array (
|
||||||
'admin' => 'w'
|
'admin' => 'w'
|
||||||
),
|
),
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1
|
'modify' => 1,
|
||||||
|
'create' => 1
|
||||||
),
|
),
|
||||||
'possible_values' => array(
|
'possible_values' => array(
|
||||||
'aucun' => _('-- Selectionner --'),
|
|
||||||
'OTHER_OBJECT' => array(
|
'OTHER_OBJECT' => array(
|
||||||
'object_type' => 'LSeepeople', // Nom de l'objet à lister
|
'object_type' => 'LSeepeople', // Nom de l'objet à lister
|
||||||
'display_attribute' => '%{cn} (%{uidNumber})', // Spécifie le attributs à lister pour le choix,
|
'display_attribute' => '%{cn} (%{uidNumber})', // Spécifie le attributs à lister pour le choix,
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
$GLOBALS['LSobjects']['LSeepeople'] = array (
|
$GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
'objectclass' => array(
|
'objectclass' => array(
|
||||||
'top',
|
'top',
|
||||||
|
'lspeople',
|
||||||
'posixAccount',
|
'posixAccount',
|
||||||
'sambaSamAccount',
|
'sambaSamAccount',
|
||||||
),
|
),
|
||||||
|
@ -58,8 +59,8 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 0,
|
'modify' => 0,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'uidNumber' => array (
|
'uidNumber' => array (
|
||||||
|
@ -86,7 +87,7 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 0,
|
'modify' => 0,
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'cn' => array (
|
'cn' => array (
|
||||||
|
@ -103,8 +104,8 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'givenName' => array (
|
'givenName' => array (
|
||||||
|
@ -125,8 +126,8 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
),
|
),
|
||||||
'onDisplay' => 'return_data'
|
'onDisplay' => 'return_data'
|
||||||
),
|
),
|
||||||
|
@ -135,15 +136,15 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
'ldap_type' => 'ascii',
|
'ldap_type' => 'ascii',
|
||||||
'html_type' => 'text',
|
'html_type' => 'text',
|
||||||
'required' => 1,
|
'required' => 1,
|
||||||
'rights' => array( // Définition de droits : 'r' => lecture / 'w' => modification / '' => aucun (par defaut)
|
'rights' => array(
|
||||||
'self' => 'w', // définition des droits de l'utilisateur sur lui même
|
'self' => 'w',
|
||||||
'user' => 'r', // définition des droits de tout les utilisateurs
|
'user' => 'r',
|
||||||
'admin' => 'w'
|
'admin' => 'w'
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'gidNumber' => array (
|
'gidNumber' => array (
|
||||||
|
@ -166,8 +167,8 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
),
|
),
|
||||||
'possible_values' => array(
|
'possible_values' => array(
|
||||||
'OTHER_OBJECT' => array(
|
'OTHER_OBJECT' => array(
|
||||||
|
@ -200,8 +201,8 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
),
|
),
|
||||||
'possible_values' => array(
|
'possible_values' => array(
|
||||||
'/bin/false' => _('Aucun'),
|
'/bin/false' => _('Aucun'),
|
||||||
|
@ -218,7 +219,7 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
'admin' => 'r'
|
'admin' => 'r'
|
||||||
),
|
),
|
||||||
'form' => array (
|
'form' => array (
|
||||||
//'test' => 0,
|
//'modify' => 0,
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'homeDirectory' => array (
|
'homeDirectory' => array (
|
||||||
|
@ -233,7 +234,7 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'mail' => array (
|
'mail' => array (
|
||||||
|
@ -253,8 +254,8 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'personalTitle' => array (
|
'personalTitle' => array (
|
||||||
|
@ -270,8 +271,8 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
),
|
),
|
||||||
'possible_values' => array(
|
'possible_values' => array(
|
||||||
'M.' => 'M.',
|
'M.' => 'M.',
|
||||||
|
@ -295,7 +296,7 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'vacationActive' => array (
|
'vacationActive' => array (
|
||||||
|
@ -315,7 +316,7 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
),
|
),
|
||||||
'possible_values' => array(
|
'possible_values' => array(
|
||||||
'' => 'Non',
|
'' => 'Non',
|
||||||
|
@ -333,7 +334,7 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'vacationForward' => array (
|
'vacationForward' => array (
|
||||||
|
@ -352,7 +353,7 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'mailQuota' => array (
|
'mailQuota' => array (
|
||||||
|
@ -370,7 +371,7 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'description' => array (
|
'description' => array (
|
||||||
|
@ -384,7 +385,8 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
),
|
),
|
||||||
'view' => 1,
|
'view' => 1,
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
|
'create' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'userPassword' => array (
|
'userPassword' => array (
|
||||||
|
@ -401,23 +403,29 @@ $GLOBALS['LSobjects']['LSeepeople'] = array (
|
||||||
'sambaNTPassword'
|
'sambaNTPassword'
|
||||||
),
|
),
|
||||||
'form' => array (
|
'form' => array (
|
||||||
'test' => 1,
|
'modify' => 1,
|
||||||
'add' => 1
|
'create' => 1
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
'sambaLMPassword' => array (
|
'sambaLMPassword' => array (
|
||||||
'label' => _('Mot de passe Samba (LM)'),
|
'label' => _('Mot de passe Samba (LM)'),
|
||||||
'ldap_type' => 'ascii',
|
'ldap_type' => 'ascii',
|
||||||
'html_type' => 'password',
|
'html_type' => 'text',
|
||||||
'required' => 1,
|
'required' => 1,
|
||||||
'generate_function' => 'generate_sambaLMPassword'
|
'generate_function' => 'generate_sambaLMPassword',
|
||||||
|
'form' => array (
|
||||||
|
'modify' => 0
|
||||||
|
)
|
||||||
),
|
),
|
||||||
'sambaNTPassword' => array (
|
'sambaNTPassword' => array (
|
||||||
'label' => _('Mot de passe Samba (NT)'),
|
'label' => _('Mot de passe Samba (NT)'),
|
||||||
'ldap_type' => 'ascii',
|
'ldap_type' => 'ascii',
|
||||||
'html_type' => 'password',
|
'html_type' => 'text',
|
||||||
'required' => 1,
|
'required' => 1,
|
||||||
'generate_function' => 'generate_sambaNTPassword'
|
'generate_function' => 'generate_sambaNTPassword',
|
||||||
|
'form' => array (
|
||||||
|
'modify' => 0
|
||||||
|
)
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
|
@ -104,6 +104,10 @@ $GLOBALS['LSerror_code'] = array (
|
||||||
'msg' => _("LSldapObject : L'attribut %{attr_depend} dépendant de l'attribut %{attr} n'existe pas."),
|
'msg' => _("LSldapObject : L'attribut %{attr_depend} dépendant de l'attribut %{attr} n'existe pas."),
|
||||||
'level' => 'w'
|
'level' => 'w'
|
||||||
),
|
),
|
||||||
|
35 => array (
|
||||||
|
'msg' => _("LSldapObject : Erreur durant la suppression de %{objectname}."),
|
||||||
|
'level' => 'c'
|
||||||
|
),
|
||||||
|
|
||||||
// LSldapObject
|
// LSldapObject
|
||||||
41 => array (
|
41 => array (
|
||||||
|
@ -238,6 +242,11 @@ $GLOBALS['LSerror_code'] = array (
|
||||||
1011 => array (
|
1011 => array (
|
||||||
'msg' => _("LSsession : Vous n'êtes pas authorisé à effectuer cette action."),
|
'msg' => _("LSsession : Vous n'êtes pas authorisé à effectuer cette action."),
|
||||||
'level' => 'c'
|
'level' => 'c'
|
||||||
|
),
|
||||||
|
1012 => array (
|
||||||
|
'msg' => _("LSsession : Des informations sont manquantes pour l'affichage de cette page."),
|
||||||
|
'level' => 'c'
|
||||||
)
|
)
|
||||||
|
|
||||||
);
|
);
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -28,13 +28,13 @@ $GLOBALS['LSconfig'] = array(
|
||||||
'cacheLSrights' => true,
|
'cacheLSrights' => true,
|
||||||
'ldap_servers' => array (
|
'ldap_servers' => array (
|
||||||
array (
|
array (
|
||||||
'name' => 'Ldap 1',
|
'name' => 'LSexample',
|
||||||
'ldap_config'=> array(
|
'ldap_config'=> array(
|
||||||
'host' => '127.0.0.1',
|
'host' => '127.0.0.1',
|
||||||
'port' => 389,
|
'port' => 389,
|
||||||
'version' => 3,
|
'version' => 3,
|
||||||
'starttls' => false,
|
'starttls' => false,
|
||||||
'binddn' => 'uid=toto,ou=people,o=ls',
|
'binddn' => 'uid=eeggs,ou=people,o=ls',
|
||||||
'bindpw' => 'toto',
|
'bindpw' => 'toto',
|
||||||
'basedn' => 'o=ls',
|
'basedn' => 'o=ls',
|
||||||
'options' => array(),
|
'options' => array(),
|
||||||
|
@ -42,9 +42,11 @@ $GLOBALS['LSconfig'] = array(
|
||||||
'scope' => 'sub'
|
'scope' => 'sub'
|
||||||
),
|
),
|
||||||
'LSadmins' => array (
|
'LSadmins' => array (
|
||||||
'o=ost' => array (
|
'o=ls' => array (
|
||||||
'uid=toto,ou=people,o=ls' => NULL,
|
'uid=eeggs,ou=people,o=ls' => NULL
|
||||||
'cn=adminldap,ou=groups,o=ost' => array (
|
),
|
||||||
|
'ou=people,o=ls' => array (
|
||||||
|
'cn=adminldap,ou=groups,o=ls' => array (
|
||||||
'attr' => 'uniqueMember',
|
'attr' => 'uniqueMember',
|
||||||
'LSobject' => 'LSeegroup'
|
'LSobject' => 'LSeegroup'
|
||||||
)
|
)
|
||||||
|
@ -76,7 +78,7 @@ $GLOBALS['LSconfig'] = array(
|
||||||
);
|
);
|
||||||
|
|
||||||
//Debug
|
//Debug
|
||||||
$GLOBALS['LSdebug']['active'] = false;
|
$GLOBALS['LSdebug']['active'] = true;
|
||||||
|
|
||||||
// Définitions des locales
|
// Définitions des locales
|
||||||
$textdomain = 'ldapsaisie';
|
$textdomain = 'ldapsaisie';
|
||||||
|
|
79
trunk/create.php
Normal file
|
@ -0,0 +1,79 @@
|
||||||
|
<?php
|
||||||
|
/*******************************************************************************
|
||||||
|
* Copyright (C) 2007 Easter-eggs
|
||||||
|
* http://ldapsaisie.labs.libre-entreprise.org
|
||||||
|
*
|
||||||
|
* Author: See AUTHORS file in top-level directory.
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU General Public License version 2
|
||||||
|
* as published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||||
|
|
||||||
|
******************************************************************************/
|
||||||
|
|
||||||
|
require_once 'includes/functions.php';
|
||||||
|
require_once 'includes/class/class.LSsession.php';
|
||||||
|
|
||||||
|
$GLOBALS['LSsession'] = new LSsession();
|
||||||
|
|
||||||
|
if($LSsession -> startLSsession()) {
|
||||||
|
|
||||||
|
if (isset($_POST['LSform_objecttype'])) {
|
||||||
|
$LSobject = $_POST['LSform_objecttype'];
|
||||||
|
}
|
||||||
|
else if (isset($_GET['LSobject'])) {
|
||||||
|
$LSobject = $_GET['LSobject'];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($LSobject)) {
|
||||||
|
// Création d'un LSobject
|
||||||
|
if (class_exists($LSobject)) {
|
||||||
|
if ( $GLOBALS['LSsession'] -> canCreate($LSobject) ) {
|
||||||
|
$object = new $LSobject();
|
||||||
|
|
||||||
|
if ($_GET['load']!='') {
|
||||||
|
$form = $object -> getForm('create',$_GET['load']);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$form = $object -> getForm('create');
|
||||||
|
}
|
||||||
|
if ($form->validate()) {
|
||||||
|
// MàJ des données de l'objet LDAP
|
||||||
|
if ($object -> updateData('create')) {
|
||||||
|
header('Location: view.php?LSobject='.$LSobject.'&dn='.$object -> getDn());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Définition du Titre de la page
|
||||||
|
$GLOBALS['Smarty'] -> assign('pagetitle',_('Nouveau').' : '.$object -> getLabel());
|
||||||
|
$GLOBALS['LSsession'] -> setTemplate('create.tpl');
|
||||||
|
$form -> display();
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1011);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(21);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1012);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSsession'] -> setTemplate('login.tpl');
|
||||||
|
}
|
||||||
|
|
||||||
|
// Affichage des retours d'erreurs
|
||||||
|
$GLOBALS['LSsession'] -> displayTemplate();
|
||||||
|
?>
|
|
@ -22,200 +22,201 @@
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Données de configuration pour le support SAMBA
|
* Données de configuration pour le support SAMBA
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// SID du domaine Samba géré
|
// SID du domaine Samba géré
|
||||||
define('LS_SAMBA_DOMAIN_SID','S-1-5-21-2421470416-3566881284-3047381809');
|
define('LS_SAMBA_DOMAIN_SID','S-1-5-21-2421470416-3566881284-3047381809');
|
||||||
|
|
||||||
// Nombre de base pour le calcul des sambaSID Utilisateur
|
// Nombre de base pour le calcul des sambaSID Utilisateur
|
||||||
define('LS_SAMBA_SID_BASE_USER',1000);
|
define('LS_SAMBA_SID_BASE_USER',1000);
|
||||||
|
|
||||||
// Nombre de base pour le calcul des sambaSID Groupe
|
// Nombre de base pour le calcul des sambaSID Groupe
|
||||||
define('LS_SAMBA_SID_BASE_GROUP',1001);
|
define('LS_SAMBA_SID_BASE_GROUP',1001);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* NB : C'est deux nombres doivent être pour l'un paire et pour l'autre impaire
|
* NB : C'est deux nombres doivent être pour l'un paire et pour l'autre impaire
|
||||||
* pour conserver l'unicité des SID
|
* pour conserver l'unicité des SID
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// Nom de l'attribut LDAP uidNumber
|
// Nom de l'attribut LDAP uidNumber
|
||||||
define('LS_SAMBA_UIDNUMBER_ATTR','uidNumber');
|
define('LS_SAMBA_UIDNUMBER_ATTR','uidNumber');
|
||||||
|
|
||||||
// Nom de l'attribut LDAP gidNumber
|
// Nom de l'attribut LDAP gidNumber
|
||||||
define('LS_SAMBA_GIDNUMBER_ATTR','gidNumber');
|
define('LS_SAMBA_GIDNUMBER_ATTR','gidNumber');
|
||||||
|
|
||||||
// Nom de l'attribut LDAP userPassword
|
// Nom de l'attribut LDAP userPassword
|
||||||
define('LS_SAMBA_USERPASSWORD_ATTR','userPassword');
|
define('LS_SAMBA_USERPASSWORD_ATTR','userPassword');
|
||||||
|
|
||||||
// Message d'erreur
|
// Message d'erreur
|
||||||
|
|
||||||
$GLOBALS['error_code']['SAMBA_SUPPORT_01']= array (
|
$GLOBALS['error_code']['SAMBA_SUPPORT_01']= array (
|
||||||
'msg' => _("SAMBA Support : la classe smHash ne peut pas être chargée."),
|
'msg' => _("SAMBA Support : la classe smHash ne peut pas être chargée."),
|
||||||
'level' => 'c'
|
'level' => 'c'
|
||||||
);
|
);
|
||||||
$GLOBALS['error_code']['SAMBA_SUPPORT_02']= array (
|
$GLOBALS['error_code']['SAMBA_SUPPORT_02']= array (
|
||||||
'msg' => _("SAMBA Support : La constante %{const} n'est pas définie."),
|
'msg' => _("SAMBA Support : La constante %{const} n'est pas définie."),
|
||||||
'level' => 'c'
|
'level' => 'c'
|
||||||
);
|
);
|
||||||
|
|
||||||
$GLOBALS['error_code']['SAMBA_SUPPORT_03']= array (
|
$GLOBALS['error_code']['SAMBA_SUPPORT_03']= array (
|
||||||
'msg' => _("SAMBA Support : Les constantes LS_SAMBA_SID_BASE_USER et LS_SAMBA_SID_BASE_GROUP ne doivent pas avoir la même parité pour l'unicité des sambaSID."),
|
'msg' => _("SAMBA Support : Les constantes LS_SAMBA_SID_BASE_USER et LS_SAMBA_SID_BASE_GROUP ne doivent pas avoir la même parité pour l'unicité des sambaSID."),
|
||||||
'level' => 'c'
|
'level' => 'c'
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
$GLOBALS['error_code']['SAMBA_01']= array (
|
$GLOBALS['error_code']['SAMBA_01']= array (
|
||||||
'msg' => _("SAMBA Support : L'attribut %{dependency} est introuvable. Impossible de générer l'attribut %{attr}."),
|
'msg' => _("SAMBA Support : L'attribut %{dependency} est introuvable. Impossible de générer l'attribut %{attr}."),
|
||||||
'level' => 'c'
|
'level' => 'c'
|
||||||
);
|
);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Fin des données de configuration
|
* Fin des données de configuration
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Verification du support Samba par ldapSaisie
|
* Verification du support Samba par ldapSaisie
|
||||||
*
|
*
|
||||||
* @author Benjamin Renard <brenard@easter-eggs.com>
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
||||||
*
|
*
|
||||||
* @retval boolean true si Samba est pleinement supporté, false sinon
|
* @retval boolean true si Samba est pleinement supporté, false sinon
|
||||||
*/
|
*/
|
||||||
function LSaddon_samba_support() {
|
function LSaddon_samba_support() {
|
||||||
|
|
||||||
$retval=true;
|
$retval=true;
|
||||||
|
|
||||||
// Dependance de librairie
|
// Dependance de librairie
|
||||||
if ( !class_exists('smbHash') ) {
|
if ( !class_exists('smbHash') ) {
|
||||||
if ( ! @include_once(LS_LIB_DIR . 'class.smbHash.php') ) {
|
if ( ! @include_once(LS_LIB_DIR . 'class.smbHash.php') ) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_SUPPORT_O1');
|
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_SUPPORT_O1');
|
||||||
$retval=false;
|
$retval=false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
$MUST_DEFINE_CONST= array(
|
$MUST_DEFINE_CONST= array(
|
||||||
'LS_SAMBA_DOMAIN_SID',
|
'LS_SAMBA_DOMAIN_SID',
|
||||||
'LS_SAMBA_SID_BASE_USER',
|
'LS_SAMBA_SID_BASE_USER',
|
||||||
'LS_SAMBA_SID_BASE_GROUP',
|
'LS_SAMBA_SID_BASE_GROUP',
|
||||||
'LS_SAMBA_UIDNUMBER_ATTR',
|
'LS_SAMBA_UIDNUMBER_ATTR',
|
||||||
'LS_SAMBA_GIDNUMBER_ATTR',
|
'LS_SAMBA_GIDNUMBER_ATTR',
|
||||||
'LS_SAMBA_USERPASSWORD_ATTR'
|
'LS_SAMBA_USERPASSWORD_ATTR'
|
||||||
);
|
);
|
||||||
|
|
||||||
foreach($MUST_DEFINE_CONST as $const) {
|
foreach($MUST_DEFINE_CONST as $const) {
|
||||||
if ( constant($const) == '' ) {
|
if ( constant($const) == '' ) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_SUPPORT_O2',$const);
|
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_SUPPORT_O2',$const);
|
||||||
$retval=false;
|
$retval=false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Pour l'intégrité des SID
|
// Pour l'intégrité des SID
|
||||||
if ( (LS_SAMBA_SID_BASE_USER % 2) == (LS_SAMBA_SID_BASE_GROUP % 2) ) {
|
if ( (LS_SAMBA_SID_BASE_USER % 2) == (LS_SAMBA_SID_BASE_GROUP % 2) ) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_SUPPORT_O3');
|
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_SUPPORT_O3');
|
||||||
$retval=false;
|
$retval=false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return $retval;
|
return $retval;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generation de sambaSID
|
* Generation de sambaSID
|
||||||
*
|
*
|
||||||
* @author Benjamin Renard <brenard@easter-eggs.com>
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
||||||
*
|
*
|
||||||
* Number = LS_SAMBA_UIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_USER
|
* Number = LS_SAMBA_UIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_USER
|
||||||
* sambaSID = LS_SAMBA_DOMAIN_SID-Number
|
* sambaSID = LS_SAMBA_DOMAIN_SID-Number
|
||||||
*
|
*
|
||||||
* @param[in] $ldapObject L'objet ldap
|
* @param[in] $ldapObject L'objet ldap
|
||||||
*
|
*
|
||||||
* @retval string SambaSID ou false si il y a un problème durant la génération
|
* @retval string SambaSID ou false si il y a un problème durant la génération
|
||||||
*/
|
*/
|
||||||
function generate_sambaSID($ldapObject) {
|
function generate_sambaSID($ldapObject) {
|
||||||
if ( get_class($ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ]) != 'LSattribute' ) {
|
if ( get_class($ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ]) != 'LSattribute' ) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_UIDNUMBER_ATTR, 'attr' => 'sambaSID'));
|
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_01',array('dependency' => LS_SAMBA_UIDNUMBER_ATTR, 'attr' => 'sambaSID'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$uidNumber = $ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ] -> getValue() * 2 + LS_SAMBA_SID_BASE_USER;
|
$uidNumber = $ldapObject -> attrs[ LS_SAMBA_UIDNUMBER_ATTR ] -> getValue() * 2 + LS_SAMBA_SID_BASE_USER;
|
||||||
$sambaSID = LS_SAMBA_DOMAIN_SID . '-' . $uidNumber;
|
$sambaSID = LS_SAMBA_DOMAIN_SID . '-' . $uidNumber;
|
||||||
|
|
||||||
return ($sambaSID);
|
return ($sambaSID);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generation de sambaPrimaryGroupSID
|
* Generation de sambaPrimaryGroupSID
|
||||||
*
|
*
|
||||||
* @author Benjamin Renard <brenard@easter-eggs.com>
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
||||||
*
|
*
|
||||||
* Number = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP
|
* Number = LS_SAMBA_GIDNUMBER_ATTR * 2 + LS_SAMBA_SID_BASE_GROUP
|
||||||
* sambaSID = LS_SAMBA_DOMAIN_SID-Number
|
* sambaSID = LS_SAMBA_DOMAIN_SID-Number
|
||||||
*
|
*
|
||||||
* @param[in] $ldapObject L'objet ldap
|
* @param[in] $ldapObject L'objet ldap
|
||||||
*
|
*
|
||||||
* @retval string sambaPrimaryGroupSID ou false si il y a un problème durant la génération
|
* @retval string sambaPrimaryGroupSID ou false si il y a un problème durant la génération
|
||||||
*/
|
*/
|
||||||
function generate_sambaPrimaryGroupSID($ldapObject) {
|
function generate_sambaPrimaryGroupSID($ldapObject) {
|
||||||
if ( get_class($ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ]) != 'LSattribute' ) {
|
if ( get_class($ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ]) != 'LSattribute' ) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_02',array('dependency' => LS_SAMBA_GIDNUMBER_ATTR, 'attr' => 'sambaPrimaryGroupSID'));
|
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_02',array('dependency' => LS_SAMBA_GIDNUMBER_ATTR, 'attr' => 'sambaPrimaryGroupSID'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$gidNumber = $ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ] -> getValue() * 2 + LS_SAMBA_SID_BASE_GROUP;
|
$gidNumber = $ldapObject -> attrs[ LS_SAMBA_GIDNUMBER_ATTR ] -> getValue() * 2 + LS_SAMBA_SID_BASE_GROUP;
|
||||||
$sambaPrimaryGroupSID = LS_SAMBA_DOMAIN_SID . '-' . $gidNumber;
|
$sambaPrimaryGroupSID = LS_SAMBA_DOMAIN_SID . '-' . $gidNumber;
|
||||||
|
|
||||||
return ($sambaPrimaryGroupSID);
|
return ($sambaPrimaryGroupSID);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generation de sambaNTPassword
|
* Generation de sambaNTPassword
|
||||||
*
|
*
|
||||||
* @author Benjamin Renard <brenard@easter-eggs.com>
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
||||||
*
|
*
|
||||||
* @param[in] $ldapObject L'objet ldap
|
* @param[in] $ldapObject L'objet ldap
|
||||||
*
|
*
|
||||||
* @retval string sambaNTPassword ou false si il y a un problème durant la génération
|
* @retval string sambaNTPassword ou false si il y a un problème durant la génération
|
||||||
*/
|
*/
|
||||||
function generate_sambaNTPassword($ldapObject) {
|
function generate_sambaNTPassword($ldapObject) {
|
||||||
if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) {
|
if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_03',array('dependency' => LS_SAMBA_USERPASSWORD_ATTR, 'attr' => 'sambaNTPassword'));
|
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_03',array('dependency' => LS_SAMBA_USERPASSWORD_ATTR, 'attr' => 'sambaNTPassword'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$password = $ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ] -> ldap -> getClearPassword();
|
$password = $ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ] -> ldap -> getClearPassword();
|
||||||
$sambapassword = new smbHash;
|
debug('pwd : '.$password);
|
||||||
$sambaNTPassword = $sambapassword -> nthash($password);
|
$sambapassword = new smbHash;
|
||||||
|
$sambaNTPassword = $sambapassword -> nthash($password);
|
||||||
|
|
||||||
if($sambaNTPassword == '') {
|
if($sambaNTPassword == '') {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
return $sambaNTPassword;
|
return $sambaNTPassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Generation de sambaLMPassword
|
* Generation de sambaLMPassword
|
||||||
*
|
*
|
||||||
* @author Benjamin Renard <brenard@easter-eggs.com>
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
||||||
*
|
*
|
||||||
* @param[in] $ldapObject L'objet ldap
|
* @param[in] $ldapObject L'objet ldap
|
||||||
*
|
*
|
||||||
* @retval string sambaLMPassword ou false si il y a un problème durant la génération
|
* @retval string sambaLMPassword ou false si il y a un problème durant la génération
|
||||||
*/
|
*/
|
||||||
function generate_sambaLMPassword($ldapObject) {
|
function generate_sambaLMPassword($ldapObject) {
|
||||||
if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) {
|
if ( get_class($ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ]) != 'LSattribute' ) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_04',array('dependency' => LS_SAMBA_USERPASSWORD_ATTR, 'attr' => 'sambaLMPassword'));
|
$GLOBALS['LSerror'] -> addErrorCode('SAMBA_04',array('dependency' => LS_SAMBA_USERPASSWORD_ATTR, 'attr' => 'sambaLMPassword'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$password = $ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ] -> ldap -> getClearPassword();
|
$password = $ldapObject -> attrs[ LS_SAMBA_USERPASSWORD_ATTR ] -> ldap -> getClearPassword();
|
||||||
$sambapassword = new smbHash;
|
$sambapassword = new smbHash;
|
||||||
$sambaLMPassword = $sambapassword -> lmhash($password);
|
$sambaLMPassword = $sambapassword -> lmhash($password);
|
||||||
|
|
||||||
if($sambaLMPassword == '') {
|
if($sambaLMPassword == '') {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
return $sambaLMPassword;
|
return $sambaLMPassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -80,14 +80,6 @@ class LSattr_html {
|
||||||
function addToForm (&$form,$idForm,$data=NULL) {
|
function addToForm (&$form,$idForm,$data=NULL) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(101,$this -> name);
|
$GLOBALS['LSerror'] -> addErrorCode(101,$this -> name);
|
||||||
}
|
}
|
||||||
|
|
||||||
function __sleep() {
|
|
||||||
return ( array_keys( get_object_vars( &$this ) ) );
|
|
||||||
}
|
|
||||||
|
|
||||||
function __wakeup() {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -37,10 +37,10 @@ class LSattr_html_select_list extends LSattr_html{
|
||||||
* @retval LSformElement L'element du formulaire ajouté
|
* @retval LSformElement L'element du formulaire ajouté
|
||||||
*/
|
*/
|
||||||
function addToForm (&$form,$idForm,$data=NULL) {
|
function addToForm (&$form,$idForm,$data=NULL) {
|
||||||
if (count($data)>1) {
|
/*if (count($data)>1) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(103,'select_list');
|
$GLOBALS['LSerror'] -> addErrorCode(103,'select_list');
|
||||||
return;
|
return;
|
||||||
}
|
}*/
|
||||||
$possible_values=$this -> getPossibleValues();
|
$possible_values=$this -> getPossibleValues();
|
||||||
$this -> config['text_possible_values'] = $possible_values;
|
$this -> config['text_possible_values'] = $possible_values;
|
||||||
$element=$form -> addElement('select', $this -> name, $this -> config['label'],$this -> config);
|
$element=$form -> addElement('select', $this -> name, $this -> config['label'],$this -> config);
|
||||||
|
|
|
@ -26,38 +26,38 @@
|
||||||
*/
|
*/
|
||||||
class LSattr_ldap_password extends LSattr_ldap {
|
class LSattr_ldap_password extends LSattr_ldap {
|
||||||
|
|
||||||
var $clearPassword = NULL;
|
var $clearPassword = NULL;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retourne la valeur d'affichage de l'attribut après traitement lié à son type ldap
|
* Retourne la valeur d'affichage de l'attribut après traitement lié à son type ldap
|
||||||
*
|
*
|
||||||
* @param[in] $data mixed La valeur de l'attribut
|
* @param[in] $data mixed La valeur de l'attribut
|
||||||
*
|
*
|
||||||
* @retval mixed La valeur d'affichage de l'attribut
|
* @retval mixed La valeur d'affichage de l'attribut
|
||||||
*/
|
*/
|
||||||
function getDisplayValue($data) {
|
function getDisplayValue($data) {
|
||||||
return '********';
|
return '********';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retourne la valeur de l'attribut après traitement lié à son type ldap
|
* Retourne la valeur de l'attribut après traitement lié à son type ldap
|
||||||
*
|
*
|
||||||
* @param[in] $data mixed La valeur de l'attribut
|
* @param[in] $data mixed La valeur de l'attribut
|
||||||
*
|
*
|
||||||
* @retval mixed La valeur traitée de l'attribut
|
* @retval mixed La valeur traitée de l'attribut
|
||||||
*/
|
*/
|
||||||
function getUpdateData($data) {
|
function getUpdateData($data) {
|
||||||
$this -> clearPassord = $data[0];
|
$this -> clearPassword = $data[0];
|
||||||
return '{CRYPT}'.crypt($data[0],'$1$'.$this -> getSalt().'$');
|
return '{CRYPT}'.crypt($data[0],'$1$'.$this -> getSalt().'$');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retourne une salt (chaine de caractère aléatoire) de la longueur passée en paramètre
|
* Retourne une salt (chaine de caractère aléatoire) de la longueur passée en paramètre
|
||||||
*
|
*
|
||||||
* @param[in] integer La longueur de la salt (par defaut : 8)
|
* @param[in] integer La longueur de la salt (par defaut : 8)
|
||||||
*
|
*
|
||||||
* @retval string La salt
|
* @retval string La salt
|
||||||
*/
|
*/
|
||||||
function getSalt($length=8) {
|
function getSalt($length=8) {
|
||||||
$pattern = "1234567890abcdefghijklmnopqrstuvwxyz";
|
$pattern = "1234567890abcdefghijklmnopqrstuvwxyz";
|
||||||
$key = $pattern{rand(0,35)};
|
$key = $pattern{rand(0,35)};
|
||||||
|
@ -68,14 +68,14 @@ class LSattr_ldap_password extends LSattr_ldap {
|
||||||
return $key;
|
return $key;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retourne le mot de passe en texte clair
|
* Retourne le mot de passe en texte clair
|
||||||
*
|
*
|
||||||
* @retval string Le mot de passe en texte clair
|
* @retval string Le mot de passe en texte clair
|
||||||
*/
|
*/
|
||||||
function getClearPassword() {
|
function getClearPassword() {
|
||||||
return $this -> clearPassword;
|
return $this -> clearPassword;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -184,15 +184,19 @@ class LSattribute {
|
||||||
* @param[in] object $form Le formulaire dans lequel doit être ajouté l'attribut
|
* @param[in] object $form Le formulaire dans lequel doit être ajouté l'attribut
|
||||||
* @param[in] string $idForm L'identifiant du formulaire
|
* @param[in] string $idForm L'identifiant du formulaire
|
||||||
* @param[in] objet &$obj Objet utilisable pour la génération de la valeur de l'attribut
|
* @param[in] objet &$obj Objet utilisable pour la génération de la valeur de l'attribut
|
||||||
|
* @param[in] array $value valeur de l'élement
|
||||||
*
|
*
|
||||||
* @retval boolean true si l'ajout a fonctionner ou qu'il n'est pas nécessaire, false sinon
|
* @retval boolean true si l'ajout a fonctionner ou qu'il n'est pas nécessaire, false sinon
|
||||||
*/
|
*/
|
||||||
function addToForm(&$form,$idForm,&$obj=NULL) {
|
function addToForm(&$form,$idForm,&$obj=NULL,$value=NULL) {
|
||||||
if(isset($this -> config['form'][$idForm])) {
|
if(isset($this -> config['form'][$idForm])) {
|
||||||
if($this -> myRights() == 'n') {
|
if($this -> myRights() == 'n') {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
if($this -> data !='') {
|
if ($value) {
|
||||||
|
$data = $value;
|
||||||
|
}
|
||||||
|
else if($this -> data !='') {
|
||||||
$data=$this -> getFormVal();
|
$data=$this -> getFormVal();
|
||||||
}
|
}
|
||||||
else if (isset($this -> config['default_value'])) {
|
else if (isset($this -> config['default_value'])) {
|
||||||
|
@ -235,6 +239,11 @@ class LSattribute {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Récupération des droits de l'utilisateur sur l'attribut
|
||||||
|
*
|
||||||
|
* @retval string 'r'/'w'/'n' pour 'read'/'write'/'none'
|
||||||
|
**/
|
||||||
function myRights() {
|
function myRights() {
|
||||||
// cache
|
// cache
|
||||||
if ($this -> _myRights != NULL) {
|
if ($this -> _myRights != NULL) {
|
||||||
|
@ -483,14 +492,7 @@ class LSattribute {
|
||||||
function getDependsAttrs() {
|
function getDependsAttrs() {
|
||||||
return $this -> config['dependAttrs'];
|
return $this -> config['dependAttrs'];
|
||||||
}
|
}
|
||||||
|
|
||||||
function __sleep() {
|
|
||||||
return ( array_keys( get_object_vars( &$this ) ) );
|
|
||||||
}
|
|
||||||
|
|
||||||
function __wakeup() {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -85,7 +85,7 @@ class LSform {
|
||||||
$GLOBALS['Smarty'] -> assign('LSform_header',$LSform_header);
|
$GLOBALS['Smarty'] -> assign('LSform_header',$LSform_header);
|
||||||
$LSform_object = array(
|
$LSform_object = array(
|
||||||
'type' => $this -> ldapObject -> getType(),
|
'type' => $this -> ldapObject -> getType(),
|
||||||
'dn' => $this -> ldapObject -> getDn()
|
'dn' => $this -> ldapObject -> getValue('dn')
|
||||||
);
|
);
|
||||||
$GLOBALS['Smarty'] -> assign('LSform_object',$LSform_object);
|
$GLOBALS['Smarty'] -> assign('LSform_object',$LSform_object);
|
||||||
$fields = array();
|
$fields = array();
|
||||||
|
|
|
@ -51,13 +51,13 @@ class LSformElement {
|
||||||
* @param[in] $params mixed Paramètres supplémentaires
|
* @param[in] $params mixed Paramètres supplémentaires
|
||||||
*
|
*
|
||||||
* @retval true
|
* @retval true
|
||||||
*/
|
*/
|
||||||
function LSformElement (&$form, $name, $label, $params){
|
function LSformElement (&$form, $name, $label, $params){
|
||||||
$this -> name = $name;
|
$this -> name = $name;
|
||||||
$this -> label = $label;
|
$this -> label = $label;
|
||||||
$this -> params = $params;
|
$this -> params = $params;
|
||||||
$this -> form = $form;
|
$this -> form = $form;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -72,15 +72,15 @@ class LSformElement {
|
||||||
* @retval boolean Retourne True
|
* @retval boolean Retourne True
|
||||||
*/
|
*/
|
||||||
function setValue($data) {
|
function setValue($data) {
|
||||||
if (!is_array($data)) {
|
if (!is_array($data)) {
|
||||||
$data=array($data);
|
$data=array($data);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this -> values = $data;
|
$this -> values = $data;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Ajoute une valeur à l'élément
|
* Ajoute une valeur à l'élément
|
||||||
*
|
*
|
||||||
* Cette méthode ajoute une valeur à l'élément
|
* Cette méthode ajoute une valeur à l'élément
|
||||||
|
@ -92,24 +92,24 @@ class LSformElement {
|
||||||
* @retval void
|
* @retval void
|
||||||
*/
|
*/
|
||||||
function addValue($data) {
|
function addValue($data) {
|
||||||
if (is_array($data)) {
|
if (is_array($data)) {
|
||||||
$this -> values = array_merge($this -> values, $data);
|
$this -> values = array_merge($this -> values, $data);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$this -> values[] = $data;
|
$this -> values[] = $data;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test si l'élément est éditable
|
* Test si l'élément est éditable
|
||||||
*
|
*
|
||||||
* Cette méthode test si l'élément est éditable
|
* Cette méthode test si l'élément est éditable
|
||||||
*
|
*
|
||||||
* @retval boolean
|
* @retval boolean
|
||||||
*/
|
*/
|
||||||
function isFreeze(){
|
function isFreeze(){
|
||||||
return $this -> _freeze;
|
return $this -> _freeze;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Freeze l'élément
|
* Freeze l'élément
|
||||||
|
@ -119,7 +119,7 @@ class LSformElement {
|
||||||
* @retval void
|
* @retval void
|
||||||
*/
|
*/
|
||||||
function freeze() {
|
function freeze() {
|
||||||
$this -> _freeze = true;
|
$this -> _freeze = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -130,109 +130,109 @@ class LSformElement {
|
||||||
* @retval void
|
* @retval void
|
||||||
*/
|
*/
|
||||||
function setRequired($isRequired=true) {
|
function setRequired($isRequired=true) {
|
||||||
$this -> _required = $isRequired;
|
$this -> _required = $isRequired;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Test si l'élément est requis
|
* Test si l'élément est requis
|
||||||
*
|
*
|
||||||
* Cette méthode test si l'élément est requis
|
* Cette méthode test si l'élément est requis
|
||||||
*
|
*
|
||||||
* @retval boolean
|
* @retval boolean
|
||||||
*/
|
*/
|
||||||
function isRequired(){
|
function isRequired(){
|
||||||
return $this -> _required;
|
return $this -> _required;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Affiche le label de l'élement
|
* Affiche le label de l'élement
|
||||||
*
|
*
|
||||||
* @retval void
|
* @retval void
|
||||||
*/
|
*/
|
||||||
function displayLabel() {
|
function displayLabel() {
|
||||||
if ($this -> isRequired()) {
|
if ($this -> isRequired()) {
|
||||||
$required=" <span class='required_elements'>*</span>";
|
$required=" <span class='required_elements'>*</span>";
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$required="";
|
$required="";
|
||||||
}
|
}
|
||||||
echo "\t\t<td>".$this -> getLabel()."$required</td>\n";
|
echo "\t\t<td>".$this -> getLabel()."$required</td>\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retourne le label de l'élement
|
* Retourne le label de l'élement
|
||||||
*
|
*
|
||||||
* @retval void
|
* @retval void
|
||||||
*/
|
*/
|
||||||
function getLabelInfos() {
|
function getLabelInfos() {
|
||||||
if ($this -> isRequired()) {
|
if ($this -> isRequired()) {
|
||||||
$return['required']=true;
|
$return['required']=true;
|
||||||
}
|
}
|
||||||
$return['label'] = $this -> getLabel();
|
$return['label'] = $this -> getLabel();
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Recupère la valeur de l'élement passée en POST
|
* Recupère la valeur de l'élement passée en POST
|
||||||
*
|
*
|
||||||
* Cette méthode vérifie la présence en POST de la valeur de l'élément et la récupère
|
* Cette méthode vérifie la présence en POST de la valeur de l'élément et la récupère
|
||||||
* pour la mettre dans le tableau passer en paramètre avec en clef le nom de l'élément
|
* pour la mettre dans le tableau passer en paramètre avec en clef le nom de l'élément
|
||||||
*
|
*
|
||||||
* @param[] array Pointeur sur le tableau qui recupèrera la valeur.
|
* @param[] array Pointeur sur le tableau qui recupèrera la valeur.
|
||||||
*
|
*
|
||||||
* @retval boolean true si la valeur est présente en POST, false sinon
|
* @retval boolean true si la valeur est présente en POST, false sinon
|
||||||
*/
|
*/
|
||||||
function getPostData(&$return) {
|
function getPostData(&$return) {
|
||||||
if($this -> params['form'][$this -> form -> idForm] != 1) {
|
if($this -> isFreeze()) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
if (isset($_POST[$this -> name])) {
|
if (isset($_POST[$this -> name])) {
|
||||||
if(!is_array($_POST[$this -> name])) {
|
if(!is_array($_POST[$this -> name])) {
|
||||||
$_POST[$this -> name] = array($_POST[$this -> name]);
|
$_POST[$this -> name] = array($_POST[$this -> name]);
|
||||||
}
|
}
|
||||||
foreach($_POST[$this -> name] as $key => $val) {
|
foreach($_POST[$this -> name] as $key => $val) {
|
||||||
$return[$this -> name][$key] = $val;
|
$return[$this -> name][$key] = $val;
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$return[$this -> name] = array();
|
$return[$this -> name] = array();
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retourne le label de l'élement
|
* Retourne le label de l'élement
|
||||||
*
|
*
|
||||||
* Retourne $this -> label, ou $this -> params['label'], ou $this -> name
|
* Retourne $this -> label, ou $this -> params['label'], ou $this -> name
|
||||||
*
|
*
|
||||||
* @retval string Le label de l'élément
|
* @retval string Le label de l'élément
|
||||||
*/
|
*/
|
||||||
function getLabel() {
|
function getLabel() {
|
||||||
if ($this -> label != "") {
|
if ($this -> label != "") {
|
||||||
return $this -> label;
|
return $this -> label;
|
||||||
}
|
}
|
||||||
else if ($this -> params['label']) {
|
else if ($this -> params['label']) {
|
||||||
return $this -> params['label'];
|
return $this -> params['label'];
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
return $this -> name;
|
return $this -> name;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retourne l'HTML pour les boutons d'ajout et de suppression de champs du formulaire LSform
|
* Retourne l'HTML pour les boutons d'ajout et de suppression de champs du formulaire LSform
|
||||||
*
|
*
|
||||||
* @retval string Le code HTML des boutons
|
* @retval string Le code HTML des boutons
|
||||||
*/
|
*/
|
||||||
function getMultipleData() {
|
function getMultipleData() {
|
||||||
if ($this -> params['multiple'] == true ) {
|
if ($this -> params['multiple'] == true ) {
|
||||||
return "<img src='templates/images/add.png' id='LSform_add_field_btn_".$this -> name."_".rand()."' class='LSform-add-field-btn' alt='"._('Ajouter')."'/><img src='templates/images/remove.png' class='LSform-remove-field-btn' alt='"._('Supprimer')."'/>";
|
return "<img src='templates/images/add.png' id='LSform_add_field_btn_".$this -> name."_".rand()."' class='LSform-add-field-btn' alt='"._('Ajouter')."'/><img src='templates/images/remove.png' class='LSform-remove-field-btn' alt='"._('Supprimer')."'/>";
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
|
|
||||||
class LSformElement_password extends LSformElement {
|
class LSformElement_password extends LSformElement {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Recupère la valeur de l'élement passée en POST
|
* Recupère la valeur de l'élement passée en POST
|
||||||
*
|
*
|
||||||
* Cette méthode vérifie la présence en POST de la valeur de l'élément et la récupère
|
* Cette méthode vérifie la présence en POST de la valeur de l'élément et la récupère
|
||||||
|
@ -43,17 +43,17 @@ class LSformElement_password extends LSformElement {
|
||||||
* @retval boolean true si la valeur est présente en POST, false sinon
|
* @retval boolean true si la valeur est présente en POST, false sinon
|
||||||
*/
|
*/
|
||||||
function getPostData(&$return) {
|
function getPostData(&$return) {
|
||||||
// Récupère la valeur dans _POST, et les vérifie avec la fonction générale
|
// Récupère la valeur dans _POST, et les vérifie avec la fonction générale
|
||||||
$retval = parent :: getPostData($return);
|
$retval = parent :: getPostData($return);
|
||||||
// Si une valeur est recupérée
|
// Si une valeur est recupérée
|
||||||
if ($retval) {
|
if ($retval) {
|
||||||
$val = $this -> form -> ldapObject -> attrs[$this -> name] -> getValue();
|
$val = $this -> form -> ldapObject -> attrs[$this -> name] -> getValue();
|
||||||
if( (empty($return[$this -> name][0]) ) && ( ! empty( $val ) ) ) {
|
if( (empty($return[$this -> name][0]) ) && ( ! empty( $val ) ) ) {
|
||||||
unset($return[$this -> name]);
|
unset($return[$this -> name]);
|
||||||
$this -> form -> _notUpdate[$this -> name] == true;
|
$this -> form -> _notUpdate[$this -> name] == true;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $retval;
|
return $retval;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -64,22 +64,25 @@ class LSformElement_password extends LSformElement {
|
||||||
*
|
*
|
||||||
* @retval array
|
* @retval array
|
||||||
*/
|
*/
|
||||||
function getDisplay(){
|
function getDisplay(){
|
||||||
$return = $this -> getLabelInfos();
|
$return = $this -> getLabelInfos();
|
||||||
if (!$this -> isFreeze()) {
|
if (!$this -> isFreeze()) {
|
||||||
$return['html'] = "<input type='password' name='".$this -> name."[]' />\n* "._('Modification uniquement').".";
|
$return['html'] = "<input type='password' name='".$this -> name."[]' />\n";
|
||||||
}
|
if (!empty($this -> values)) {
|
||||||
else {
|
$return['html'] .= "* "._('Modification uniquement').".";
|
||||||
if (empty($this -> values)) {
|
}
|
||||||
$return['html'] = _('Aucunes valeur definie');
|
}
|
||||||
}
|
else {
|
||||||
else {
|
if (empty($this -> values)) {
|
||||||
$return['html'] = "********";
|
$return['html'] = _('Aucunes valeur definie');
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
$return['html'] = "********";
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -50,7 +50,7 @@ class LSformElement_select extends LSformElement {
|
||||||
$multiple_tag='multiple';
|
$multiple_tag='multiple';
|
||||||
}
|
}
|
||||||
|
|
||||||
$return['html'] = "<select name='".$this -> name."' $multiple_tag class='LSform'>\n";
|
$return['html'] = "<select name='".$this -> name."[]' $multiple_tag class='LSform'>\n";
|
||||||
foreach ($this -> params['text_possible_values'] as $choice_value => $choice_text) {
|
foreach ($this -> params['text_possible_values'] as $choice_value => $choice_text) {
|
||||||
if (in_array($choice_value, $this -> values)) {
|
if (in_array($choice_value, $this -> values)) {
|
||||||
$selected=' selected';
|
$selected=' selected';
|
||||||
|
|
|
@ -212,13 +212,13 @@ class LSldap {
|
||||||
* @retval boolean true si l'objet a bien été mis à jour, false sinon
|
* @retval boolean true si l'objet a bien été mis à jour, false sinon
|
||||||
*/
|
*/
|
||||||
function update($object_type,$dn,$change) {
|
function update($object_type,$dn,$change) {
|
||||||
debug($change);
|
debug($change);
|
||||||
if($entry=$this -> getEntry($object_type,$dn)) {
|
if($entry=$this -> getEntry($object_type,$dn)) {
|
||||||
$entry -> replace($change);
|
$entry -> replace($change);
|
||||||
$ret = $entry -> update();
|
$ret = $entry -> update();
|
||||||
if (Net_Ldap::isError($ret)) {
|
if (Net_Ldap::isError($ret)) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(5,$dn);
|
$GLOBALS['LSerror'] -> addErrorCode(5,$dn);
|
||||||
debug('NetLdap-Error : '.$ret->getMessage());
|
debug('NetLdap-Error : '.$ret->getMessage());
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
return true;
|
return true;
|
||||||
|
@ -234,16 +234,16 @@ class LSldap {
|
||||||
* Test de bind
|
* Test de bind
|
||||||
*
|
*
|
||||||
* Cette methode établie une connexion à l'annuaire Ldap et test un bind
|
* Cette methode établie une connexion à l'annuaire Ldap et test un bind
|
||||||
* avec un login et un mot de passe passé en paramètre
|
* avec un login et un mot de passe passé en paramètre
|
||||||
*
|
*
|
||||||
* @author Benjamin Renard <brenard@easter-eggs.com>
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
||||||
*
|
*
|
||||||
* @retval boolean true si la connection à réussi, false sinon
|
* @retval boolean true si la connection à réussi, false sinon
|
||||||
*/
|
*/
|
||||||
function checkBind($dn,$pwd) {
|
function checkBind($dn,$pwd) {
|
||||||
$config = $this -> config;
|
$config = $this -> config;
|
||||||
$config['binddn'] = $dn;
|
$config['binddn'] = $dn;
|
||||||
$config['bindpw'] = $pwd;
|
$config['bindpw'] = $pwd;
|
||||||
$cnx = Net_LDAP::connect($config);
|
$cnx = Net_LDAP::connect($config);
|
||||||
if (Net_LDAP::isError($cnx)) {
|
if (Net_LDAP::isError($cnx)) {
|
||||||
return;
|
return;
|
||||||
|
@ -251,14 +251,25 @@ class LSldap {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retourne l'état de la connexion Ldap
|
* Retourne l'état de la connexion Ldap
|
||||||
*
|
*
|
||||||
* @retval boolean True si le serveur est connecté, false sinon.
|
* @retval boolean True si le serveur est connecté, false sinon.
|
||||||
*/
|
*/
|
||||||
function isConnected() {
|
function isConnected() {
|
||||||
return ($this -> cnx == NULL)?false:true;
|
return ($this -> cnx == NULL)?false:true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Supprime un objet de l'annuaire
|
||||||
|
*
|
||||||
|
* @param[in] string DN de l'objet à supprimer
|
||||||
|
*
|
||||||
|
* @retval boolean True si l'objet à été supprimé, false sinon
|
||||||
|
*/
|
||||||
|
function remove($dn) {
|
||||||
|
return $this -> cnx -> delete($dn);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -87,13 +87,16 @@ class LSldapObject {
|
||||||
* @retval boolean true si la chargement a réussi, false sinon.
|
* @retval boolean true si la chargement a réussi, false sinon.
|
||||||
*/
|
*/
|
||||||
function loadData($dn) {
|
function loadData($dn) {
|
||||||
$this -> dn = $dn;
|
$this -> dn = $dn;
|
||||||
$data = $GLOBALS['LSldap'] -> getAttrs($dn);
|
$data = $GLOBALS['LSldap'] -> getAttrs($dn);
|
||||||
|
if(!empty($data)) {
|
||||||
foreach($this -> attrs as $attr_name => $attr) {
|
foreach($this -> attrs as $attr_name => $attr) {
|
||||||
if(!$this -> attrs[$attr_name] -> loadData($data[$attr_name]))
|
if(!$this -> attrs[$attr_name] -> loadData($data[$attr_name]))
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
|
}
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -166,21 +169,39 @@ class LSldapObject {
|
||||||
* et de chaque attribut.
|
* et de chaque attribut.
|
||||||
*
|
*
|
||||||
* @param[in] $idForm [<b>required</b>] Identifiant du formulaire a créer
|
* @param[in] $idForm [<b>required</b>] Identifiant du formulaire a créer
|
||||||
* @param[in] $config Configuration spécifique pour le formulaire
|
* @param[in] $load DN d'un objet similaire dont la valeur des attribut doit être chargé dans le formulaire.
|
||||||
*
|
*
|
||||||
* @author Benjamin Renard <brenard@easter-eggs.com>
|
* @author Benjamin Renard <brenard@easter-eggs.com>
|
||||||
*
|
*
|
||||||
* @retval LSform Le formulaire crée
|
* @retval LSform Le formulaire crée
|
||||||
*/
|
*/
|
||||||
function getForm($idForm,$config=array()) {
|
function getForm($idForm,$load=NULL) {
|
||||||
$GLOBALS['LSsession'] -> loadLSclass('LSform');
|
$GLOBALS['LSsession'] -> loadLSclass('LSform');
|
||||||
$LSform = new LSform($this,$idForm);
|
$LSform = new LSform($this,$idForm);
|
||||||
$this -> forms[$idForm] = array($LSform,$config);
|
$this -> forms[$idForm] = array($LSform,$load);
|
||||||
foreach($this -> attrs as $attr_name => $attr) {
|
|
||||||
if(!$this -> attrs[$attr_name] -> addToForm($LSform,$idForm,$this)) {
|
if ($load) {
|
||||||
$LSform -> can_validate = false;
|
$type = $this -> getType();
|
||||||
|
$loadObject = new $type();
|
||||||
|
if (!$loadObject -> loadData($load)) {
|
||||||
|
$load=false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($load) {
|
||||||
|
foreach($this -> attrs as $attr_name => $attr) {
|
||||||
|
if(!$this -> attrs[$attr_name] -> addToForm($LSform,$idForm,$this,$loadObject -> getValue($attr_name))) {
|
||||||
|
$LSform -> can_validate = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
foreach($this -> attrs as $attr_name => $attr) {
|
||||||
|
if(!$this -> attrs[$attr_name] -> addToForm($LSform,$idForm,$this)) {
|
||||||
|
$LSform -> can_validate = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
return $LSform;
|
return $LSform;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -261,7 +282,7 @@ class LSldapObject {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(23,$this -> type_name);
|
$GLOBALS['LSerror'] -> addErrorCode(23,$this -> type_name);
|
||||||
$GLOBALS['LSerror'] -> stop();
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$new_data = $LSform -> exportValues();
|
$new_data = $LSform -> exportValues();
|
||||||
|
@ -276,12 +297,12 @@ class LSldapObject {
|
||||||
if(function_exists($this -> config['before_save'])) {
|
if(function_exists($this -> config['before_save'])) {
|
||||||
if(!$this -> config['before_save']($this)) {
|
if(!$this -> config['before_save']($this)) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(28,$this -> config['before_save']);
|
$GLOBALS['LSerror'] -> addErrorCode(28,$this -> config['before_save']);
|
||||||
$GLOBALS['LSerror'] -> stop();
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(27,$this -> config['before_save']);
|
$GLOBALS['LSerror'] -> addErrorCode(27,$this -> config['before_save']);
|
||||||
$GLOBALS['LSerror'] -> stop();
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($this -> submitChange($idForm)) {
|
if ($this -> submitChange($idForm)) {
|
||||||
|
@ -290,16 +311,25 @@ class LSldapObject {
|
||||||
$this -> reloadData();
|
$this -> reloadData();
|
||||||
$this -> refreshForm($idForm);
|
$this -> refreshForm($idForm);
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
return;
|
||||||
|
}
|
||||||
if((isset($this -> config['after_save']))&&(!$this -> submitError)) {
|
if((isset($this -> config['after_save']))&&(!$this -> submitError)) {
|
||||||
if(function_exists($this -> config['after_save'])) {
|
if(function_exists($this -> config['after_save'])) {
|
||||||
if(!$this -> config['after_save']($this)) {
|
if(!$this -> config['after_save']($this)) {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(30,$this -> config['after_save']);
|
$GLOBALS['LSerror'] -> addErrorCode(30,$this -> config['after_save']);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(29,$this -> config['after_save']);
|
$GLOBALS['LSerror'] -> addErrorCode(29,$this -> config['after_save']);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -478,6 +508,7 @@ class LSldapObject {
|
||||||
if(!empty($submitData)) {
|
if(!empty($submitData)) {
|
||||||
$dn=$this -> getDn();
|
$dn=$this -> getDn();
|
||||||
if($dn) {
|
if($dn) {
|
||||||
|
$this -> dn=$dn;
|
||||||
debug($submitData);
|
debug($submitData);
|
||||||
return $GLOBALS['LSldap'] -> update($this -> type_name,$dn, $submitData);
|
return $GLOBALS['LSldap'] -> update($this -> type_name,$dn, $submitData);
|
||||||
}
|
}
|
||||||
|
@ -486,6 +517,9 @@ class LSldapObject {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -848,24 +882,35 @@ class LSldapObject {
|
||||||
return $this -> type_name;
|
return $this -> type_name;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Retourne qui est l'utilisateur par rapport à cet object
|
||||||
|
*
|
||||||
|
* @retval string 'admin'/'self'/'user' pour Admin , l'utilisateur lui même ou un simple utilisateur
|
||||||
|
*/
|
||||||
function whoami() {
|
function whoami() {
|
||||||
if (!$this -> _whoami)
|
if (!$this -> _whoami)
|
||||||
$this -> _whoami = $GLOBALS['LSsession'] -> whoami($this -> dn);
|
$this -> _whoami = $GLOBALS['LSsession'] -> whoami($this -> dn);
|
||||||
return $this -> _whoami;
|
return $this -> _whoami;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Retourne le label de l'objet
|
||||||
|
*
|
||||||
|
* @retval string Le label de l'objet ($this -> config['label'])
|
||||||
|
*/
|
||||||
function getLabel() {
|
function getLabel() {
|
||||||
return $this -> config['label'];
|
return $this -> config['label'];
|
||||||
}
|
}
|
||||||
|
|
||||||
function __sleep() {
|
|
||||||
return ( array_keys( get_object_vars( &$this ) ) );
|
|
||||||
}
|
|
||||||
|
|
||||||
function __wakeup() {
|
|
||||||
return true;
|
/**
|
||||||
|
* Supprime l'objet dans l'annuaire
|
||||||
|
*
|
||||||
|
* @retval boolean True si l'objet à été supprimé, false sinon
|
||||||
|
*/
|
||||||
|
function remove() {
|
||||||
|
return $GLOBALS['LSldap'] -> remove($this -> getDn());
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -240,10 +240,10 @@ class LSsession {
|
||||||
if (!$this -> LSldapConnect())
|
if (!$this -> LSldapConnect())
|
||||||
return;
|
return;
|
||||||
$this -> loadLSrights();
|
$this -> loadLSrights();
|
||||||
$this -> loadLSaccess();
|
|
||||||
}
|
}
|
||||||
$this -> LSuserObject = new $this -> ldapServer['authobject']();
|
$this -> LSuserObject = new $this -> ldapServer['authobject']();
|
||||||
$this -> LSuserObject -> loadData($this -> dn);
|
$this -> LSuserObject -> loadData($this -> dn);
|
||||||
|
$this -> loadLSaccess();
|
||||||
$GLOBALS['Smarty'] -> assign('LSsession_username',$this -> LSuserObject -> getDisplayValue());
|
$GLOBALS['Smarty'] -> assign('LSsession_username',$this -> LSuserObject -> getDisplayValue());
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
|
@ -589,16 +589,25 @@ class LSsession {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Charge les droits d'accès de l'utilisateur pour construire le menu de l'interface
|
||||||
|
*
|
||||||
|
* @retval void
|
||||||
|
*/
|
||||||
function loadLSaccess() {
|
function loadLSaccess() {
|
||||||
$LSaccess = array(
|
if ($this -> canAccess($this -> LSuserObject -> getType(),$this -> dn)) {
|
||||||
'SELF' => array(
|
$LSaccess = array(
|
||||||
'label' => _('Mon compte'),
|
'SELF' => array(
|
||||||
'DNs' => $this -> dn
|
'label' => _('Mon compte'),
|
||||||
)
|
'DNs' => $this -> dn
|
||||||
);
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$LSaccess = array();
|
||||||
|
}
|
||||||
foreach ($GLOBALS['LSobjects'] as $objecttype => $objectconf) {
|
foreach ($GLOBALS['LSobjects'] as $objecttype => $objectconf) {
|
||||||
$objectdn = $objectconf['container_dn'].','.$this -> topDn;
|
if ($this -> canAccess($objecttype) ) {
|
||||||
if ($this -> isAdmin($objectdn) ) {
|
|
||||||
$LSaccess[$objecttype] = array (
|
$LSaccess[$objecttype] = array (
|
||||||
'label' => $objectconf['label'],
|
'label' => $objectconf['label'],
|
||||||
'Dns' => 'All'
|
'Dns' => 'All'
|
||||||
|
@ -608,6 +617,13 @@ class LSsession {
|
||||||
$this -> LSaccess = $LSaccess;
|
$this -> LSaccess = $LSaccess;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Dit si l'utilisateur est admin de le DN spécifié
|
||||||
|
*
|
||||||
|
* @param[in] string DN de l'objet
|
||||||
|
*
|
||||||
|
* @retval boolean True si l'utilisateur est admin sur l'objet, false sinon.
|
||||||
|
*/
|
||||||
function isAdmin($dn) {
|
function isAdmin($dn) {
|
||||||
foreach($this -> LSrights['topDn_admin'] as $topDn_admin) {
|
foreach($this -> LSrights['topDn_admin'] as $topDn_admin) {
|
||||||
if($dn == $topDn_admin) {
|
if($dn == $topDn_admin) {
|
||||||
|
@ -620,6 +636,13 @@ class LSsession {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Retourne qui est l'utilisateur par rapport à l'object
|
||||||
|
*
|
||||||
|
* @param[in] string Le DN de l'objet
|
||||||
|
*
|
||||||
|
* @retval string 'admin'/'self'/'user' pour Admin , l'utilisateur lui même ou un simple utilisateur
|
||||||
|
*/
|
||||||
function whoami($dn) {
|
function whoami($dn) {
|
||||||
if ($this -> isAdmin($dn)) {
|
if ($this -> isAdmin($dn)) {
|
||||||
return 'admin';
|
return 'admin';
|
||||||
|
@ -632,15 +655,51 @@ class LSsession {
|
||||||
return 'user';
|
return 'user';
|
||||||
}
|
}
|
||||||
|
|
||||||
function canAccess($LSobject,$dn=NULL,$right=NULL) {
|
/**
|
||||||
|
* Retourne le droit de l'utilisateur à accèder à un objet
|
||||||
|
*
|
||||||
|
* @param[in] string $LSobject Le type de l'objet
|
||||||
|
* @param[in] string $dn Le DN de l'objet (le container_dn du type de l'objet par défaut)
|
||||||
|
* @param[in] string $right Le type de droit d'accès à tester ('r'/'w')
|
||||||
|
* @param[in] string $attr Le nom de l'attribut auquel on test l'accès
|
||||||
|
*
|
||||||
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
||||||
|
*/
|
||||||
|
function canAccess($LSobject,$dn=NULL,$right=NULL,$attr=NULL) {
|
||||||
if (!$this -> loadLSobject($LSobject))
|
if (!$this -> loadLSobject($LSobject))
|
||||||
return;
|
return;
|
||||||
if ($dn) {
|
if ($dn) {
|
||||||
$whoami = $this -> whoami($dn);
|
$whoami = $this -> whoami($dn);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$whoami = 'user';
|
$objectdn=$GLOBALS['LSobjects'][$LSobject]['container_dn'].','.$this -> topDn;
|
||||||
|
$whoami = $this -> whoami($objectdn);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Pour un attribut particulier
|
||||||
|
if ($attr) {
|
||||||
|
if ($attr=='rdn') {
|
||||||
|
$attr=$GLOBALS['LSobjects'][$LSobject]['rdn'];
|
||||||
|
}
|
||||||
|
if (!isset($GLOBALS['LSobjects'][$LSobject]['attrs'][$attr])) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (($right=='r')||($right=='w')) {
|
||||||
|
if ($GLOBALS['LSobjects'][$LSobject]['attrs'][$attr]['rights'][$whoami]==$right) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if ( ($GLOBALS['LSobjects'][$LSobject]['attrs'][$attr]['rights'][$whoami]=='r') || ($GLOBALS['LSobjects'][$LSobject]['attrs'][$attr]['rights'][$whoami]=='w') ) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Pour un attribut quelconque
|
||||||
if (is_array($GLOBALS['LSobjects'][$LSobject]['attrs'])) {
|
if (is_array($GLOBALS['LSobjects'][$LSobject]['attrs'])) {
|
||||||
if (($right=='r')||($right=='w')) {
|
if (($right=='r')||($right=='w')) {
|
||||||
foreach ($GLOBALS['LSobjects'][$LSobject]['attrs'] as $attr_name => $attr_config) {
|
foreach ($GLOBALS['LSobjects'][$LSobject]['attrs'] as $attr_name => $attr_config) {
|
||||||
|
@ -660,17 +719,42 @@ class LSsession {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
function canEdit($LSobject,$dn=NULL) {
|
/**
|
||||||
return $this -> canAccess($LSobject,$dn,'w');
|
* Retourne le droit de l'utilisateur à editer à un objet
|
||||||
|
*
|
||||||
|
* @param[in] string $LSobject Le type de l'objet
|
||||||
|
* @param[in] string $dn Le DN de l'objet (le container_dn du type de l'objet par défaut)
|
||||||
|
* @param[in] string $attr Le nom de l'attribut auquel on test l'accès
|
||||||
|
*
|
||||||
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
||||||
|
*/
|
||||||
|
function canEdit($LSobject,$dn=NULL,$attr=NULL) {
|
||||||
|
return $this -> canAccess($LSobject,$dn,'w',$attr);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Retourne le droit de l'utilisateur à supprimer un objet
|
||||||
|
*
|
||||||
|
* @param[in] string $LSobject Le type de l'objet
|
||||||
|
* @param[in] string $dn Le DN de l'objet (le container_dn du type de l'objet par défaut)
|
||||||
|
*
|
||||||
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
||||||
|
*/
|
||||||
|
function canRemove($LSobject,$dn) {
|
||||||
|
return $this -> canAccess($LSobject,$dn,'w','rdn');
|
||||||
}
|
}
|
||||||
|
|
||||||
function __sleep() {
|
/**
|
||||||
return ( array_keys( get_object_vars( &$this ) ) );
|
* Retourne le droit de l'utilisateur à créer un objet
|
||||||
}
|
*
|
||||||
|
* @param[in] string $LSobject Le type de l'objet
|
||||||
function __wakeup() {
|
*
|
||||||
return true;
|
* @retval boolean True si l'utilisateur a accès, false sinon
|
||||||
|
*/
|
||||||
|
function canCreate($LSobject) {
|
||||||
|
return $this -> canAccess($LSobject,NULL,'w','rdn');
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
175
trunk/lsexample/ls.schema
Normal file
|
@ -0,0 +1,175 @@
|
||||||
|
# Easter-eggs OID: 1.3.6.1.4.1.10650
|
||||||
|
# 1.3.6.1.4.1.10650.2 LDAP OID
|
||||||
|
# 1.3.6.1.4.1.10650.3 Customers OID
|
||||||
|
#
|
||||||
|
# 1.3.6.1.4.1.10650.2.1 Ldap Attributes
|
||||||
|
# 1.3.6.1.4.1.10650.2.1.1 Admin sys Ldap Attributes
|
||||||
|
# 1.3.6.1.4.1.10650.2.1.2 Dev Ldap Attributes
|
||||||
|
# 1.3.6.1.4.1.10650.2.1.3 Global Attributes
|
||||||
|
# 1.3.6.1.4.1.10650.2.2 Ldap Objectclass
|
||||||
|
# 1.3.6.1.4.1.10650.2.2.1 Admin sys Ldap Objectclass
|
||||||
|
# 1.3.6.1.4.1.10650.2.2.2 Dev Ldap Objectclass
|
||||||
|
# 1.3.6.1.4.1.10650.2.2.3 Global OC
|
||||||
|
|
||||||
|
# Ost
|
||||||
|
# 1.3.6.1.4.1.10650.3.1127.2.1 Ldap attributes
|
||||||
|
# 1.3.6.1.4.1.10650.3.1127.2.2 Ldap OC
|
||||||
|
|
||||||
|
|
||||||
|
# <Ee attributes>
|
||||||
|
attributetype (1.3.6.1.4.1.10650.2.1.1.1
|
||||||
|
NAME 'eeallowedservices'
|
||||||
|
DESC 'List of allowed services'
|
||||||
|
EQUALITY caseIgnoreMatch
|
||||||
|
SUBSTR caseIgnoreSubstringsMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
|
||||||
|
|
||||||
|
# </Ee attributes>
|
||||||
|
|
||||||
|
# <From qmail schema>
|
||||||
|
attributetype ( 1.3.6.1.4.1.7914.1.2.1.4 NAME 'mailAlternateAddress'
|
||||||
|
SUBSTR caseIgnoreSubstringsMatch
|
||||||
|
DESC 'Secondary (alias) mailaddresses for the same user'
|
||||||
|
EQUALITY caseIgnoreIA5Match
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
|
||||||
|
|
||||||
|
attributetype ( 1.3.6.1.4.1.7914.1.2.1.7 NAME 'mailForwardingAddress'
|
||||||
|
DESC 'Address(es) to forward all incoming messages to.'
|
||||||
|
EQUALITY caseIgnoreIA5Match
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
|
||||||
|
|
||||||
|
# </From qmail schema>
|
||||||
|
|
||||||
|
# <From courier.schema>
|
||||||
|
attributetype ( 1.3.6.1.4.1.10018.1.1.1 NAME 'mailbox'
|
||||||
|
DESC 'The absolute path to the mailbox for a mail account in a non-default location'
|
||||||
|
EQUALITY caseExactIA5Match
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
|
||||||
|
|
||||||
|
|
||||||
|
attributetype ( 1.3.6.1.4.1.10018.1.1.4 NAME 'maildrop'
|
||||||
|
DESC 'RFC822 Mailbox - mail alias'
|
||||||
|
EQUALITY caseIgnoreIA5Match
|
||||||
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
|
||||||
|
# </From courier.schema>
|
||||||
|
|
||||||
|
# <From postfix>
|
||||||
|
attributetype ( 1.3.6.1.4.1.7914.1.2.1.5 NAME 'mailQuota'
|
||||||
|
DESC 'The amount of space the user can use until all further messages get bounced.'
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
|
||||||
|
SINGLE-VALUE )
|
||||||
|
# </From postfix>
|
||||||
|
|
||||||
|
# <From gnarwl>
|
||||||
|
# Original
|
||||||
|
#attributetype ( 1.3.6.1.4.1.11048.1.1.1.1
|
||||||
|
# NAME 'vacationActive'
|
||||||
|
# SINGLE-VALUE
|
||||||
|
# EQUALITY booleanMatch
|
||||||
|
# DESC 'A flag, for marking the user as being away'
|
||||||
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
|
||||||
|
|
||||||
|
# Ee
|
||||||
|
attributetype ( 1.3.6.1.4.1.11048.1.1.1.1
|
||||||
|
NAME 'vacationActive'
|
||||||
|
SINGLE-VALUE
|
||||||
|
DESC 'Equal to uid@autoreponse.foo.bar, for marking the user as being away'
|
||||||
|
EQUALITY caseIgnoreIA5Match
|
||||||
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
|
||||||
|
|
||||||
|
attributetype ( 1.3.6.1.4.1.11048.1.1.1.3
|
||||||
|
NAME 'vacationInfo'
|
||||||
|
SINGLE-VALUE
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
|
||||||
|
DESC 'Absentee note to leave behind, while on vacation'
|
||||||
|
EQUALITY octetStringMatch )
|
||||||
|
|
||||||
|
attributetype ( 1.3.6.1.4.1.11048.1.1.1.4
|
||||||
|
NAME 'vacationStart'
|
||||||
|
SINGLE-VALUE
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
|
||||||
|
DESC 'Beginning of vacation'
|
||||||
|
EQUALITY octetStringMatch )
|
||||||
|
|
||||||
|
# Original
|
||||||
|
#attributetype ( 1.3.6.1.4.1.11048.1.1.1.5
|
||||||
|
# NAME 'vacationEnd'
|
||||||
|
# SINGLE-VALUE
|
||||||
|
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
|
||||||
|
# DESC 'End of vacation'
|
||||||
|
# EQUALITY octetStringMatch )
|
||||||
|
|
||||||
|
# Ee
|
||||||
|
attributetype ( 1.3.6.1.4.1.11048.1.1.1.5
|
||||||
|
NAME 'vacationEnd'
|
||||||
|
SINGLE-VALUE
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||||
|
DESC 'End of vacation'
|
||||||
|
ORDERING generalizedTimeOrderingMatch
|
||||||
|
EQUALITY generalizedTimeMatch )
|
||||||
|
|
||||||
|
attributetype (1.3.6.1.4.1.11048.1.1.1.10
|
||||||
|
NAME 'vacationForward'
|
||||||
|
EQUALITY caseIgnoreIA5Match
|
||||||
|
SUBSTR caseIgnoreIA5SubstringsMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
|
||||||
|
DESC 'Where to forward mails to, while on vacation' )
|
||||||
|
|
||||||
|
# </From gnarwl>
|
||||||
|
|
||||||
|
## Objectclasses
|
||||||
|
# LS people
|
||||||
|
objectclass (1.3.6.1.4.1.10650.3.1127.2.2.1
|
||||||
|
NAME 'lspeople'
|
||||||
|
DESC 'LS people Objectclass'
|
||||||
|
STRUCTURAL
|
||||||
|
MUST ( uid $ cn )
|
||||||
|
MAY ( jpegPhoto $ sn $ givenName $ postalAddress $ postalCode $ l $ st $ c $ telephoneNumber $ mobile $ fax $ mail $ mailalternateaddress $ personalTitle $ description $ userPassword $ eeallowedservices $ mailforwardingaddress $ maildrop $ mailquota $ mailbox $ vacationActive $ vacationInfo $ vacationEnd $ vacationForward ))
|
||||||
|
|
||||||
|
# LS Alias
|
||||||
|
objectclass (1.3.6.1.4.1.10650.3.1127.2.2.2
|
||||||
|
NAME 'lsalias'
|
||||||
|
DESC 'LS alias Objectclass'
|
||||||
|
STRUCTURAL
|
||||||
|
MUST ( mail $ maildrop )
|
||||||
|
MAY ( mailalternateaddress $ description ))
|
||||||
|
|
||||||
|
# LS group
|
||||||
|
objectclass (1.3.6.1.4.1.10650.3.1127.2.2.3
|
||||||
|
NAME 'lsgroup'
|
||||||
|
DESC 'LS group Objectclass'
|
||||||
|
STRUCTURAL
|
||||||
|
MUST ( cn )
|
||||||
|
MAY ( uniquemember $ description ))
|
||||||
|
|
||||||
|
# LS system account
|
||||||
|
objectclass (1.3.6.1.4.1.10650.3.1127.2.2.4
|
||||||
|
NAME 'lssysaccount'
|
||||||
|
DESC 'LS system account Objectclass'
|
||||||
|
STRUCTURAL
|
||||||
|
MUST ( uid )
|
||||||
|
MAY (userpassword $ description))
|
||||||
|
|
||||||
|
# Ost mailbox
|
||||||
|
objectclass (1.3.6.1.4.1.10650.3.1127.2.2.5
|
||||||
|
NAME 'lsmailbox'
|
||||||
|
DESC 'LS custom mailbox Objectclass'
|
||||||
|
STRUCTURAL
|
||||||
|
MUST ( uid )
|
||||||
|
MAY ( userPassword $ description $ eeallowedservices $ maildrop $ mailbox $ mail $ mailalternateaddress $ mailforwardingaddress $ mailquota ))
|
||||||
|
|
||||||
|
# Ost computer
|
||||||
|
objectclass (1.3.6.1.4.1.10650.3.1127.2.2.6
|
||||||
|
NAME 'lscomputer'
|
||||||
|
DESC 'LS computer Objectclass'
|
||||||
|
STRUCTURAL
|
||||||
|
MUST ( uid ))
|
||||||
|
|
||||||
|
# Ost samba domains
|
||||||
|
objectclass (1.3.6.1.4.1.10650.3.1127.2.2.8
|
||||||
|
NAME 'lssambadomain'
|
||||||
|
DESC 'LS samba domain Objectclass'
|
||||||
|
STRUCTURAL)
|
||||||
|
|
604
trunk/lsexample/lsexample.ldif
Normal file
|
@ -0,0 +1,604 @@
|
||||||
|
dn: o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organization
|
||||||
|
o: ls
|
||||||
|
structuralObjectClass: organization
|
||||||
|
entryUUID: 2229e388-825b-1029-838c-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#000001#000#000000
|
||||||
|
|
||||||
|
dn: ou=sysaccounts,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: sysaccounts
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
entryUUID: 2238a738-825b-1029-838d-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#000002#000#000000
|
||||||
|
|
||||||
|
dn: ou=people,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: people
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
entryUUID: 223b67e8-825b-1029-838e-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#000003#000#000000
|
||||||
|
|
||||||
|
dn: ou=mailboxes,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: mailboxes
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
entryUUID: 2240f622-825b-1029-8390-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#000005#000#000000
|
||||||
|
|
||||||
|
dn: ou=aliases,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: aliases
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
entryUUID: 2243b88a-825b-1029-8391-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#000006#000#000000
|
||||||
|
|
||||||
|
dn: ou=computers,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: computers
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
entryUUID: 22468588-825b-1029-8392-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#000007#000#000000
|
||||||
|
|
||||||
|
dn: ou=sambadomains,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: sambadomains
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
entryUUID: 224cf30a-825b-1029-8394-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#000009#000#000000
|
||||||
|
|
||||||
|
dn: sambaDomainName=LS_NT,ou=sambadomains,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lssambadomain
|
||||||
|
objectClass: sambaDomain
|
||||||
|
sambaDomainName: LS_NT
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809
|
||||||
|
structuralObjectClass: lssambadomain
|
||||||
|
entryUUID: 2250d4ac-825b-1029-8395-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#00000a#000#000000
|
||||||
|
|
||||||
|
dn: ou=groups,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
ou: groups
|
||||||
|
structuralObjectClass: organizationalUnit
|
||||||
|
entryUUID: 224947d2-825b-1029-8393-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111624Z
|
||||||
|
modifyTimestamp: 20050706111624Z
|
||||||
|
entryCSN: 20050706111624.000000Z#000008#000#000000
|
||||||
|
|
||||||
|
dn: cn=adminldap,ou=groups,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsgroup
|
||||||
|
objectClass: posixGroup
|
||||||
|
objectClass: sambaGroupMapping
|
||||||
|
cn: adminldap
|
||||||
|
gidNumber: 70000
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-70000
|
||||||
|
sambaGroupType: 2
|
||||||
|
structuralObjectClass: lsgroup
|
||||||
|
entryUUID: 226bb240-825b-1029-8396-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111625Z
|
||||||
|
uniqueMember: uid=eeggs,ou=people,o=ls
|
||||||
|
entryCSN: 20080211142717.746402Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20080211142717Z
|
||||||
|
|
||||||
|
dn: uid=mail,ou=sysaccounts,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lssysaccount
|
||||||
|
uid: mail
|
||||||
|
structuralObjectClass: lssysaccount
|
||||||
|
userPassword: toto
|
||||||
|
entryUUID: 22958d72-825b-1029-839c-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111625Z
|
||||||
|
modifyTimestamp: 20050706111625Z
|
||||||
|
entryCSN: 20050706111625.000000Z#000007#000#000000
|
||||||
|
|
||||||
|
dn: uid=ftp,ou=sysaccounts,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lssysaccount
|
||||||
|
uid: ftp
|
||||||
|
structuralObjectClass: lssysaccount
|
||||||
|
userPassword: toto
|
||||||
|
entryUUID: 22a46608-825b-1029-839d-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111625Z
|
||||||
|
modifyTimestamp: 20050706111625Z
|
||||||
|
entryCSN: 20050706111625.000000Z#000008#000#000000
|
||||||
|
|
||||||
|
dn: uid=http,ou=sysaccounts,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lssysaccount
|
||||||
|
uid: http
|
||||||
|
structuralObjectClass: lssysaccount
|
||||||
|
userPassword: toto
|
||||||
|
entryUUID: 22a7274e-825b-1029-839e-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111625Z
|
||||||
|
modifyTimestamp: 20050706111625Z
|
||||||
|
entryCSN: 20050706111625.000000Z#000009#000#000000
|
||||||
|
|
||||||
|
dn: uid=samba,ou=sysaccounts,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lssysaccount
|
||||||
|
uid: samba
|
||||||
|
structuralObjectClass: lssysaccount
|
||||||
|
entryUUID: 22a9f44c-825b-1029-839f-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111625Z
|
||||||
|
userPassword: toto
|
||||||
|
entryCSN: 20050706115506.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20050706115506Z
|
||||||
|
|
||||||
|
dn: uid=ldapsaisie,ou=sysaccounts,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lssysaccount
|
||||||
|
uid: ldapsaisie
|
||||||
|
structuralObjectClass: lssysaccount
|
||||||
|
userPassword: toto
|
||||||
|
entryUUID: 22acb6aa-825b-1029-83a0-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
modifiersName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111625Z
|
||||||
|
modifyTimestamp: 20050706111625Z
|
||||||
|
entryCSN: 20050706111625.000000Z#00000b#000#000000
|
||||||
|
|
||||||
|
dn: uid=nss,ou=sysaccounts,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lssysaccount
|
||||||
|
uid: nss
|
||||||
|
structuralObjectClass: lssysaccount
|
||||||
|
entryUUID: 22b06d40-825b-1029-83a1-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111625Z
|
||||||
|
userPassword: toto
|
||||||
|
entryCSN: 20050706115152.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20050706115152Z
|
||||||
|
|
||||||
|
dn: uid=eeggs,ou=people,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lspeople
|
||||||
|
objectClass: posixAccount
|
||||||
|
objectClass: sambaSamAccount
|
||||||
|
uid: eeggs
|
||||||
|
uidNumber: 100000
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-201000
|
||||||
|
structuralObjectClass: lspeople
|
||||||
|
entryUUID: 22b70a42-825b-1029-83a3-b10e837060e0
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111625Z
|
||||||
|
gidNumber: 102009
|
||||||
|
mail: eeggs@ldapsaisie.biz
|
||||||
|
facsimileTelephoneNumber: 030000000
|
||||||
|
vacationInfo: Je suis absent pour le moment
|
||||||
|
vacationEnd: 20070101000000Z
|
||||||
|
vacationForward: brenard@easter-eggs.com
|
||||||
|
eeallowedservices: MAIL
|
||||||
|
eeallowedservices: FTP
|
||||||
|
description: Utilisateur test Easter-eggs
|
||||||
|
cn: Easter Eggs
|
||||||
|
sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-205019
|
||||||
|
mailbox: eeggs/
|
||||||
|
personalTitle: M.
|
||||||
|
userPassword: toto
|
||||||
|
sambaLMPassword: AAD3B435B51404EEAAD3B435B51404EE
|
||||||
|
sambaNTPassword: 31D6CFE0D16AE931B73C59D7E0C089C0
|
||||||
|
mailQuota: 5
|
||||||
|
homeDirectory: /home/eeggs
|
||||||
|
loginShell: /bin/false
|
||||||
|
givenName: Easter
|
||||||
|
maildrop: eeggs@ldapsaisie.biz
|
||||||
|
vacationActive:
|
||||||
|
sn: Eggs
|
||||||
|
entryCSN: 20080211134602.394624Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20080211134602Z
|
||||||
|
|
||||||
|
dn: uid=invite,ou=people,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lspeople
|
||||||
|
objectClass: posixAccount
|
||||||
|
objectClass: sambaSamAccount
|
||||||
|
uid: invite
|
||||||
|
cn: Utilisateur de passage
|
||||||
|
givenName: Utilisateur
|
||||||
|
sn: de passage
|
||||||
|
homeDirectory: /home/invite
|
||||||
|
loginShell: /bin/false
|
||||||
|
uidNumber: 101012
|
||||||
|
gidNumber: 101009
|
||||||
|
userPassword: toto
|
||||||
|
sambaAcctFlags: [U ]
|
||||||
|
sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-203019
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203024
|
||||||
|
mailbox: invite/
|
||||||
|
mailQuota: 52428800
|
||||||
|
eeallowedservices: MAIL
|
||||||
|
eeallowedservices: SAMBA
|
||||||
|
eeallowedservices: FTP
|
||||||
|
mail: invite@ldapsaisie.biz
|
||||||
|
maildrop: invite@ldapsaisie.biz
|
||||||
|
structuralObjectClass: lspeople
|
||||||
|
entryUUID: 233dd144-825b-1029-9a9d-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111626Z
|
||||||
|
sambaNTPassword: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||||
|
sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
|
||||||
|
entryCSN: 20050706133832.000000Z#000008#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20050706133832Z
|
||||||
|
|
||||||
|
dn: uid=hmartin,ou=people,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lspeople
|
||||||
|
objectClass: posixAccount
|
||||||
|
objectClass: sambaSamAccount
|
||||||
|
uid: hmartin
|
||||||
|
homeDirectory: /home/com
|
||||||
|
loginShell: /bin/false
|
||||||
|
uidNumber: 101022
|
||||||
|
sambaAcctFlags: [U ]
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203044
|
||||||
|
structuralObjectClass: lspeople
|
||||||
|
entryUUID: 234393a4-825b-1029-9a9f-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111626Z
|
||||||
|
givenName: Henri
|
||||||
|
sn: MARTIN
|
||||||
|
gidNumber: 102001
|
||||||
|
mail: henri.martin@ldapsaisie.biz
|
||||||
|
maildrop: henri.martin@ldapsaisie.biz
|
||||||
|
mailAlternateAddress: hmartin@ldapsaisie.biz
|
||||||
|
vacationEnd: 20060101000000Z
|
||||||
|
mailQuota: 52428800
|
||||||
|
eeallowedservices: MAIL
|
||||||
|
eeallowedservices: SAMBA
|
||||||
|
eeallowedservices: FTP
|
||||||
|
cn: Henri MARTIN
|
||||||
|
sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-205003
|
||||||
|
mailbox: hmartin/
|
||||||
|
personalTitle: M.
|
||||||
|
userPassword: toto
|
||||||
|
sambaLMPassword: AAD3B435B51404EEAAD3B435B51404EE
|
||||||
|
sambaNTPassword: 31D6CFE0D16AE931B73C59D7E0C089C0
|
||||||
|
entryCSN: 20080211164417.161923Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20080211164417Z
|
||||||
|
|
||||||
|
dn: uid=secretariat,ou=people,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lspeople
|
||||||
|
objectClass: posixAccount
|
||||||
|
objectClass: sambaSamAccount
|
||||||
|
uid: secretariat
|
||||||
|
homeDirectory: /home/secretariat
|
||||||
|
loginShell: /bin/false
|
||||||
|
uidNumber: 101036
|
||||||
|
userPassword: toto
|
||||||
|
sambaAcctFlags: [U ]
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203072
|
||||||
|
structuralObjectClass: lspeople
|
||||||
|
entryUUID: 239920bc-825b-1029-9abb-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111627Z
|
||||||
|
sambaNTPassword: 8DB716B655D71DF6BD056A41B22B9EA9
|
||||||
|
sambaLMPassword: 6CE56DC112C920EF0F5E44C88BF9DC39
|
||||||
|
givenName: Secretariat
|
||||||
|
sn: Secretariat
|
||||||
|
gidNumber: 70513
|
||||||
|
mail: secretariat@ldapsaisie.biz
|
||||||
|
maildrop: secretariat@ldapsaisie.biz
|
||||||
|
vacationEnd: 20050101000000Z
|
||||||
|
mailQuota: 52428800
|
||||||
|
eeallowedservices: MAIL
|
||||||
|
eeallowedservices: SAMBA
|
||||||
|
eeallowedservices: FTP
|
||||||
|
cn: Secretariat Secretariat
|
||||||
|
mailbox: secretariat/
|
||||||
|
sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-513
|
||||||
|
entryCSN: 20050706144306.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20050706144306Z
|
||||||
|
|
||||||
|
dn: uid=ls,ou=people,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lspeople
|
||||||
|
objectClass: posixAccount
|
||||||
|
objectClass: sambaSamAccount
|
||||||
|
uid: ls
|
||||||
|
homeDirectory: /home/ls
|
||||||
|
loginShell: /bin/false
|
||||||
|
uidNumber: 101068
|
||||||
|
userPassword: toto
|
||||||
|
sambaAcctFlags: [U ]
|
||||||
|
sambaLMPassword: 6E72264E11F708C0AAD3B435B51404EE
|
||||||
|
sambaNTPassword: 8D9B9B87EE8C0423691F4F0E00C5BDE1
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203136
|
||||||
|
structuralObjectClass: lspeople
|
||||||
|
entryUUID: 23afa346-825b-1029-9ac3-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111627Z
|
||||||
|
givenName: _
|
||||||
|
sn: LdapSaisie
|
||||||
|
gidNumber: 102001
|
||||||
|
mail: ls@ldapsaisie.biz
|
||||||
|
maildrop: ls@ldapsaisie.biz
|
||||||
|
vacationEnd: 20060101000000Z
|
||||||
|
mailQuota: 52428800
|
||||||
|
eeallowedservices: MAIL
|
||||||
|
eeallowedservices: SAMBA
|
||||||
|
eeallowedservices: FTP
|
||||||
|
cn: LS
|
||||||
|
sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-205003
|
||||||
|
mailbox: ls/
|
||||||
|
entryCSN: 20061212145541.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=catbo,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20061212145541Z
|
||||||
|
|
||||||
|
dn: cn=invite,ou=groups,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsgroup
|
||||||
|
objectClass: posixGroup
|
||||||
|
objectClass: sambaGroupMapping
|
||||||
|
cn: invite
|
||||||
|
gidNumber: 101009
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203019
|
||||||
|
sambaGroupType: 2
|
||||||
|
structuralObjectClass: lsgroup
|
||||||
|
entryUUID: 2425636a-825b-1029-9ae1-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111628Z
|
||||||
|
entryCSN: 20070308165544.000000Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20070308165544Z
|
||||||
|
|
||||||
|
dn: cn=ls,ou=groups,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsgroup
|
||||||
|
objectClass: posixGroup
|
||||||
|
objectClass: sambaGroupMapping
|
||||||
|
cn: ls
|
||||||
|
gidNumber: 102001
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205003
|
||||||
|
sambaGroupType: 2
|
||||||
|
structuralObjectClass: lsgroup
|
||||||
|
entryUUID: 242bef1e-825b-1029-9ae3-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111628Z
|
||||||
|
uniqueMember: uid=secretariat,ou=people,o=ls
|
||||||
|
entryCSN: 20080211142555.171664Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20080211142555Z
|
||||||
|
|
||||||
|
dn: cn=informatique,ou=groups,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsgroup
|
||||||
|
objectClass: posixGroup
|
||||||
|
objectClass: sambaGroupMapping
|
||||||
|
gidNumber: 102009
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205019
|
||||||
|
sambaGroupType: 2
|
||||||
|
structuralObjectClass: lsgroup
|
||||||
|
entryUUID: 2438d9d6-825b-1029-9ae7-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111628Z
|
||||||
|
cn: informatique
|
||||||
|
uniqueMember: uid=eeggs,ou=people,o=ls
|
||||||
|
entryCSN: 20070309093000.000000Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20070309093000Z
|
||||||
|
|
||||||
|
dn: cn=direction,ou=groups,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsgroup
|
||||||
|
objectClass: posixGroup
|
||||||
|
objectClass: sambaGroupMapping
|
||||||
|
cn: direction
|
||||||
|
gidNumber: 102007
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205015
|
||||||
|
sambaGroupType: 2
|
||||||
|
structuralObjectClass: lsgroup
|
||||||
|
entryUUID: 243f7a34-825b-1029-9ae9-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111628Z
|
||||||
|
entryCSN: 20070309093009.000000Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20070309093009Z
|
||||||
|
|
||||||
|
dn: cn=administratif,ou=groups,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsgroup
|
||||||
|
objectClass: posixGroup
|
||||||
|
objectClass: sambaGroupMapping
|
||||||
|
cn: administratif
|
||||||
|
gidNumber: 102005
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205011
|
||||||
|
sambaGroupType: 2
|
||||||
|
structuralObjectClass: lsgroup
|
||||||
|
entryUUID: 245e0cb0-825b-1029-9af4-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111628Z
|
||||||
|
entryCSN: 20070308180424.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20070308180424Z
|
||||||
|
|
||||||
|
dn: cn=communication,ou=groups,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsgroup
|
||||||
|
objectClass: posixGroup
|
||||||
|
objectClass: sambaGroupMapping
|
||||||
|
cn: communication
|
||||||
|
gidNumber: 102003
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-205007
|
||||||
|
sambaGroupType: 2
|
||||||
|
structuralObjectClass: lsgroup
|
||||||
|
entryUUID: 2460db34-825b-1029-9af5-8f6e2b792dd2
|
||||||
|
creatorsName: cn=anonymous
|
||||||
|
createTimestamp: 20050706111628Z
|
||||||
|
entryCSN: 20070308180413.000000Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20070308180413Z
|
||||||
|
|
||||||
|
dn: uid=spam,ou=mailboxes,o=ls
|
||||||
|
uid: spam
|
||||||
|
userPassword: toto
|
||||||
|
mailQuota: 104857600
|
||||||
|
eeallowedservices: MAIL
|
||||||
|
mail: spam@ldapsaisie.biz
|
||||||
|
maildrop: spam@ldapsaisie.biz
|
||||||
|
mailbox: spam/
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsmailbox
|
||||||
|
structuralObjectClass: lsmailbox
|
||||||
|
entryUUID: c88b9eb4-8301-1029-9567-dda2c03231d0
|
||||||
|
creatorsName: uid=eeggs,ou=people,o=ls
|
||||||
|
createTimestamp: 20050707070920Z
|
||||||
|
entryCSN: 20050707070920.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20050707070920Z
|
||||||
|
|
||||||
|
dn: uid=virus,ou=mailboxes,o=ls
|
||||||
|
uid: virus
|
||||||
|
userPassword: toto
|
||||||
|
mailbox: virus/
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsmailbox
|
||||||
|
structuralObjectClass: lsmailbox
|
||||||
|
entryUUID: 974dac8c-8303-1029-9569-dda2c03231d0
|
||||||
|
creatorsName: uid=eeggs,ou=people,o=ls
|
||||||
|
createTimestamp: 20050707072216Z
|
||||||
|
mailQuota: 104857600
|
||||||
|
eeallowedservices: MAIL
|
||||||
|
mail: virus@ldapsaisie.biz
|
||||||
|
maildrop: virus@ldapsaisie.biz
|
||||||
|
entryCSN: 20050707072249.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20050707072249Z
|
||||||
|
|
||||||
|
dn: uid=gnarwl,ou=sysaccounts,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lssysaccount
|
||||||
|
uid: gnarwl
|
||||||
|
structuralObjectClass: lssysaccount
|
||||||
|
entryUUID: f55954e0-fdcc-1029-9d72-de06c303d7ef
|
||||||
|
creatorsName: uid=eeggs,ou=people,o=ls
|
||||||
|
createTimestamp: 20051210133105Z
|
||||||
|
userPassword: toto
|
||||||
|
entryCSN: 20051210133237.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20051210133237Z
|
||||||
|
|
||||||
|
dn: mail=informatique@ldapsaisie.biz,ou=aliases,o=ls
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsalias
|
||||||
|
structuralObjectClass: lsalias
|
||||||
|
entryUUID: 081e6612-fdd0-1029-9d73-de06c303d7ef
|
||||||
|
creatorsName: uid=eeggs,ou=people,o=ls
|
||||||
|
createTimestamp: 20051210135305Z
|
||||||
|
mail: informatique@ldapsaisie.biz
|
||||||
|
description: Service Informatique
|
||||||
|
maildrop: eeggs@ldapsaisie.biz
|
||||||
|
entryCSN: 20051210141428.000000Z#000001#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20051210141428Z
|
||||||
|
|
||||||
|
dn: uid=erwpa,ou=people,o=ls
|
||||||
|
uid: erwpa
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lspeople
|
||||||
|
objectClass: posixAccount
|
||||||
|
objectClass: sambaSamAccount
|
||||||
|
uidNumber: 101082
|
||||||
|
sambaAcctFlags: [U ]
|
||||||
|
homeDirectory: /home/erwpa
|
||||||
|
loginShell: /bin/false
|
||||||
|
sambaSID: S-1-5-21-2421470416-3566881284-3047381809-203164
|
||||||
|
structuralObjectClass: lspeople
|
||||||
|
entryUUID: aa7fcb30-b1a3-102a-875e-dcce935f6f2c
|
||||||
|
sn: PAGEARD
|
||||||
|
gidNumber: 102009
|
||||||
|
mail: erwan.page@ldapsaisie.biz
|
||||||
|
maildrop: erwan.page@ldapsaisie.biz
|
||||||
|
vacationEnd: 20060101000000Z
|
||||||
|
eeallowedservices: MAIL
|
||||||
|
eeallowedservices: SAMBA
|
||||||
|
eeallowedservices: FTP
|
||||||
|
cn: Erwan PAGE
|
||||||
|
sambaPrimaryGroupSID: S-1-5-21-2421470416-3566881284-3047381809-205019
|
||||||
|
mailbox: erwpa/
|
||||||
|
personalTitle: M.
|
||||||
|
givenName: Erwan
|
||||||
|
userPassword: toto
|
||||||
|
sambaLMPassword: BAC14D04669EE1D1AAD3B435B51404EE
|
||||||
|
sambaNTPassword: FBBF55D0EF0E34D39593F55C5F2CA5F2
|
||||||
|
entryCSN: 20080211170049.821887Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20080211170049Z
|
||||||
|
|
||||||
|
dn: cn=test,ou=groups,o=ls
|
||||||
|
cn: test
|
||||||
|
description: test BR
|
||||||
|
objectClass: top
|
||||||
|
objectClass: lsgroup
|
||||||
|
objectClass: sambaGroupMapping
|
||||||
|
objectClass: posixGroup
|
||||||
|
sambaGroupType: 2
|
||||||
|
gidNumber: 102012
|
||||||
|
sambaSID: 42
|
||||||
|
structuralObjectClass: lsgroup
|
||||||
|
entryUUID: 91b290d2-6117-102b-9c6f-91889acd20dc
|
||||||
|
creatorsName: uid=eeggs,ou=people,o=ls
|
||||||
|
createTimestamp: 20070307164933Z
|
||||||
|
entryCSN: 20070308165811.000000Z#000000#000#000000
|
||||||
|
modifiersName: uid=eeggs,ou=people,o=ls
|
||||||
|
modifyTimestamp: 20070308165811Z
|
||||||
|
|
208
trunk/lsexample/permissions-ls.conf
Normal file
|
@ -0,0 +1,208 @@
|
||||||
|
## Racine
|
||||||
|
access to dn.regex="^o=ls$" attrs="entry,children,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * read
|
||||||
|
|
||||||
|
## Sysaccounts
|
||||||
|
### Ajout d'entrees par les admins
|
||||||
|
access to dn.regex="^ou=sysaccounts,o=ls$" attrs="children"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=sysaccounts,o=ls$" attrs="entry,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier le mot de passe, les autres peuvent s'en servir pour l'authentification
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=sysaccounts,o=ls$" attrs="userPassword"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by anonymous auth
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier tous les attributs, les autres ne voient rien
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=sysaccounts,o=ls$"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by * none
|
||||||
|
|
||||||
|
## Aliases
|
||||||
|
### Ajout d'entrees par les admins
|
||||||
|
access to dn.regex="^ou=aliases,o=ls$" attrs="children,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by * read
|
||||||
|
|
||||||
|
access to dn.regex="^mail=[^,]+,ou=aliases,o=ls$" attrs="entry,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by * read
|
||||||
|
|
||||||
|
### Les admins peuvent modifier tous les attributs, tout le monde peut voir
|
||||||
|
access to dn.regex="^mail=[^,]+,ou=aliases,o=ls$"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by * read
|
||||||
|
|
||||||
|
## Mailboxes
|
||||||
|
### Ajout d'entrees par les admins
|
||||||
|
access to dn.regex="^ou=mailboxes,o=ls$" attrs="children,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by * read
|
||||||
|
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=mailboxes,o=ls$" attrs="entry,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by * read
|
||||||
|
|
||||||
|
### Les admins peuvent modifier le mot de passe, les autres peuvent s'en servir pour l'authentification
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=mailboxes,o=ls$" attrs="userPassword"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by anonymous auth
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, l'appli mail le voir, les autres aucun droits
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=mailboxes,o=ls$" attrs="mailbox,mailforwardingaddress"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=mail,ou=sysaccounts,o=ls" read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, les authentifies peuvent les voir
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=mailboxes,o=ls$" attrs="uid,description,mail,mailalternateaddress,mailquota,eeallowedservices"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by * read
|
||||||
|
|
||||||
|
## Groups
|
||||||
|
### Ajout d'entrees par les admins
|
||||||
|
access to dn.regex="^ou=groups,o=ls$" attrs="children,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
access to dn.regex="^cn=[^,]+,ou=groups,o=ls$" attrs="entry,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent tout modifier, les authentifies peuvent tout voir
|
||||||
|
access to dn.regex="^cn=[^,]+,ou=groups,o=ls$"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
|
||||||
|
## Peoples
|
||||||
|
### Ajout d'entrees par les admins
|
||||||
|
access to dn.regex="^ou=people,o=ls$" attrs="children,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * read
|
||||||
|
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="entry,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * read
|
||||||
|
|
||||||
|
|
||||||
|
### Les admins peuvent modifier le mot de passe, samba le mettre à jour, les autres peuvent s'en servir pour l'authentification
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="userPassword"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=samba,ou=sysaccounts,o=ls" write
|
||||||
|
by self write
|
||||||
|
by anonymous auth
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, l'appli mail les voir, les autres aucun droits
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="mailbox"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=mail,ou=sysaccounts,o=ls" read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, les authentifies peuvent les voir
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="uid,mailquota,eeallowedservices,uidNumber,gidNumber,homeDirectory,loginShell,sambaSID,sambaAcctFlags,sambaPrimaryGroupSID"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, le proprio aussi, gnarwl peut les modifier et mail les voir
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="mailforwardingaddress"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=gnarwl,ou=sysaccounts,o=ls" write
|
||||||
|
by self write
|
||||||
|
by dn="uid=mail,ou=sysaccounts,o=ls" read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, le proprio aussi, les authentifies peuvent les voir, gnarwl peut les modifier
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="vacationActive"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=gnarwl,ou=sysaccounts,o=ls" write
|
||||||
|
by self write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, le proprio aussi, mail et gnarwl peuvent les voir
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="vacationForward"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by self write
|
||||||
|
by dn="uid=mail,ou=sysaccounts,o=ls" read
|
||||||
|
by dn="uid=gnarwl,ou=sysaccounts,o=ls" read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, le proprio aussi, samba aussi
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="sambaLMPassword,sambaNTPassword"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=samba,ou=sysaccounts,o=ls" write
|
||||||
|
by self write
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, le proprio aussi, les authentifies peuvent les voir
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=people,o=ls$" attrs="c,cn,jpegPhoto,personalTitle,sn,givenName,postalAddress,postalCode,l,st,telephoneNumber,mobile,fax,mail,mailalternateaddress,maildrop,description,vacationInfo,vacationEnd"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by self write
|
||||||
|
by users read
|
||||||
|
by * read
|
||||||
|
|
||||||
|
## Computers
|
||||||
|
### Ajout d'entrees par les admins
|
||||||
|
access to dn.regex="^ou=computers,o=ls$" attrs="children,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=samba,ou=sysaccounts,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=computers,o=ls$" attrs="entry,objectclass"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=samba,ou=sysaccounts,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, samba peut les voir
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=computers,o=ls$" attrs="sambaLMPassword,sambaNTPassword"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=samba,ou=sysaccounts,o=ls" write
|
||||||
|
by * none
|
||||||
|
|
||||||
|
### Les admins peuvent modifier ces attributs, les authentifiés peuvent les voir
|
||||||
|
access to dn.regex="^uid=[^,]+,ou=computers,o=ls$" attrs="cn,uid,uidNumber,gidNumber,homeDirectory,sambaSID,sambaPrimaryGroupSID,sambaAcctFlags,sambaPwdCanChange,sambaPwdMustChange,sambaPwdLastSet"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=samba,ou=sysaccounts,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
|
||||||
|
## Les authentifies peuvent voir les noeuds et les admins peuvent en ajouter
|
||||||
|
access to * attrs="entry"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
## SambaDomains
|
||||||
|
### Ajout d'entrees par les admins
|
||||||
|
access to dn.regex="^ou=sambadomains,o=ls$"
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by dn="uid=samba,ou=sysaccounts,o=ls" read
|
||||||
|
by users read
|
||||||
|
by * none
|
||||||
|
|
||||||
|
## Le reste
|
||||||
|
access to *
|
||||||
|
by group/lsgroup/uniqueMember="cn=adminldap,ou=groups,o=ls" write
|
||||||
|
by * none
|
28
trunk/lsexample/slapd.conf
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
include /etc/ldap/schema/ls.schema
|
||||||
|
|
||||||
|
|
||||||
|
database bdb
|
||||||
|
suffix "o=ls"
|
||||||
|
|
||||||
|
# The database directory MUST exist prior to running slapd AND
|
||||||
|
# should only be accessible by the slapd and slap tools.
|
||||||
|
# Mode 700 recommended.
|
||||||
|
directory /var/lib/ldap/ls
|
||||||
|
|
||||||
|
# Indices to maintain
|
||||||
|
index objectClass eq
|
||||||
|
index uid pres,eq
|
||||||
|
index uidNumber eq
|
||||||
|
index gidNumber eq
|
||||||
|
index eeallowedservices eq
|
||||||
|
index cn pres,eq
|
||||||
|
index mail pres,eq
|
||||||
|
index mailalternateaddress pres,eq
|
||||||
|
index sambasid eq
|
||||||
|
index sambaDomainName eq
|
||||||
|
index memberUid eq
|
||||||
|
|
||||||
|
# Save the time that the entry gets modified, for database #1
|
||||||
|
lastmod on
|
||||||
|
|
||||||
|
include /etc/ldap/permissions-ls.conf
|
|
@ -30,31 +30,67 @@ if($LSsession -> startLSsession()) {
|
||||||
// Définition du Titre de la page
|
// Définition du Titre de la page
|
||||||
$GLOBALS['Smarty'] -> assign('pagetitle',_('Modifier'));
|
$GLOBALS['Smarty'] -> assign('pagetitle',_('Modifier'));
|
||||||
|
|
||||||
// Création d'un LSobject
|
if (isset($_POST['LSform_objecttype'])) {
|
||||||
if (class_exists($_GET['LSobject'])) {
|
$LSobject = $_POST['LSform_objecttype'];
|
||||||
debug('me : '.$GLOBALS['LSsession'] -> whoami($_GET['dn']));
|
}
|
||||||
if ( $GLOBALS['LSsession'] -> whoami($_GET['dn']) != 'user' ) {
|
else if (isset($_GET['LSobject'])) {
|
||||||
$object = new $_GET['LSobject']();
|
$LSobject = $_GET['LSobject'];
|
||||||
if ($object -> loadData($_GET['dn'])) {
|
}
|
||||||
$form = $object -> getForm('test');
|
|
||||||
if ($form->validate()) {
|
if (isset($_POST['LSform_objectdn'])) {
|
||||||
// MàJ des données de l'objet LDAP
|
$dn = $_POST['LSform_objectdn'];
|
||||||
$object -> updateData('test');
|
}
|
||||||
|
else if (isset($_GET['dn'])) {
|
||||||
|
$dn = $_GET['dn'];
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((isset($dn)) && (isset($LSobject)) ) {
|
||||||
|
// Création d'un LSobject
|
||||||
|
if (class_exists($LSobject)) {
|
||||||
|
if ( $GLOBALS['LSsession'] -> canEdit($LSobject,$dn) ) {
|
||||||
|
$LSview_actions[] = array(
|
||||||
|
'label' => _('Voir'),
|
||||||
|
'url' =>'view.php?LSobject='.$LSobject.'&dn='.$dn,
|
||||||
|
'action' => 'view'
|
||||||
|
);
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> canRemove($LSobject,$dn)) {
|
||||||
|
$LSview_actions[] = array(
|
||||||
|
'label' => _('Supprimer'),
|
||||||
|
'url' => 'remove.php?LSobject='.$LSobject.'&dn='.$dn,
|
||||||
|
'action' => 'delete'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
$object = new $LSobject();
|
||||||
|
if ($object -> loadData($dn)) {
|
||||||
|
$form = $object -> getForm('modify');
|
||||||
|
if ($form->validate()) {
|
||||||
|
// MàJ des données de l'objet LDAP
|
||||||
|
if ($object -> updateData('modify')) {
|
||||||
|
header('Location: view.php?LSobject='.$LSobject.'&dn='.$object -> getDn());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$GLOBALS['Smarty'] -> assign('LSview_actions',$LSview_actions);
|
||||||
|
$GLOBALS['LSsession'] -> setTemplate('modify.tpl');
|
||||||
|
$form -> display();
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1011);
|
||||||
}
|
}
|
||||||
$form -> display();
|
|
||||||
}
|
}
|
||||||
else debug('erreur durant le chargement du dn');
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1011);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1011);
|
$GLOBALS['LSerror'] -> addErrorCode(21);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(21);
|
$GLOBALS['LSerror'] -> addErrorCode(1012);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Template
|
|
||||||
$GLOBALS['LSsession'] -> setTemplate('modify.tpl');
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$GLOBALS['LSsession'] -> setTemplate('login.tpl');
|
$GLOBALS['LSsession'] -> setTemplate('login.tpl');
|
||||||
|
|
78
trunk/remove.php
Normal file
|
@ -0,0 +1,78 @@
|
||||||
|
<?php
|
||||||
|
/*******************************************************************************
|
||||||
|
* Copyright (C) 2007 Easter-eggs
|
||||||
|
* http://ldapsaisie.labs.libre-entreprise.org
|
||||||
|
*
|
||||||
|
* Author: See AUTHORS file in top-level directory.
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU General Public License version 2
|
||||||
|
* as published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||||
|
|
||||||
|
******************************************************************************/
|
||||||
|
|
||||||
|
require_once 'includes/functions.php';
|
||||||
|
require_once 'includes/class/class.LSsession.php';
|
||||||
|
|
||||||
|
$GLOBALS['LSsession'] = new LSsession();
|
||||||
|
|
||||||
|
if($LSsession -> startLSsession()) {
|
||||||
|
|
||||||
|
if ((isset($_GET['LSobject'])) && (isset($_GET['dn']))) {
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> loadLSobject($_GET['LSobject'])) {
|
||||||
|
if ( $GLOBALS['LSsession'] -> canRemove($_GET['LSobject'],$_GET['dn']) ) {
|
||||||
|
$object = new $_GET['LSobject']();
|
||||||
|
if ($object -> loadData($_GET['dn'])) {
|
||||||
|
if (isset($_GET['valid'])) {
|
||||||
|
$objectname=$object -> getDisplayValue();
|
||||||
|
$GLOBALS['Smarty'] -> assign('pagetitle',_('Suppression').' : '.$objectname);
|
||||||
|
if ($object -> remove()) {
|
||||||
|
$GLOBALS['Smarty'] -> assign('question',$objectname.' '._('a bien été supprimé').'.');
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(35,$objectname);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// Définition du Titre de la page
|
||||||
|
$GLOBALS['Smarty'] -> assign('pagetitle',_('Suppresion').' : '.$object -> getDisplayValue());
|
||||||
|
$GLOBALS['Smarty'] -> assign('question',_('Voulez-vous vraiment supprimer').' <strong>'.$object -> getDisplayValue().'</strong> ?');
|
||||||
|
$GLOBALS['Smarty'] -> assign('validation_url','remove.php?LSobject='.$_GET['LSobject'].'&dn='.$_GET['dn'].'&valid');
|
||||||
|
$GLOBALS['Smarty'] -> assign('validation_txt',_('Valider'));
|
||||||
|
}
|
||||||
|
$GLOBALS['LSsession'] -> setTemplate('question.tpl');
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1012);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1011);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(21);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1012);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSsession'] -> setTemplate('login.tpl');
|
||||||
|
}
|
||||||
|
|
||||||
|
// Affichage des retours d'erreurs
|
||||||
|
$GLOBALS['LSsession'] -> displayTemplate();
|
||||||
|
?>
|
52
trunk/templates/create.tpl
Normal file
|
@ -0,0 +1,52 @@
|
||||||
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||||
|
"http://www.w3.org/TR/html4/loose.dtd">
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>LdapSaisie{if $pagetitle != ''} - {$pagetitle}{/if}</title>
|
||||||
|
<link rel="stylesheet" type="text/css" href="templates/css/base.css" media="screen" title="Normal" />
|
||||||
|
{$LSsession_css}
|
||||||
|
{$LSsession_js}
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div id='LSerror'>
|
||||||
|
{$LSerrors}
|
||||||
|
</div>
|
||||||
|
<div id='LSdebug'>
|
||||||
|
<a href='#' id='LSdebug_hidden'>X</a>
|
||||||
|
<div id='LSdebug_infos'>{if $LSdebug != ''}{$LSdebug}{/if}</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id='main'>
|
||||||
|
<div id='left'>
|
||||||
|
<img src='templates/images/logo.png' alt='Logo' id='logo'/>
|
||||||
|
<ul class='menu'>
|
||||||
|
{foreach from=$LSaccess item=item key=LSobject}
|
||||||
|
<li class='menu'><a href='view.php?LSobject={$LSobject}' class='menu'>{$item.label}</a></li>
|
||||||
|
{/foreach}
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
<div id='right'>
|
||||||
|
<p id='status'>Connecté en tant que <span id='user_name'>{$LSsession_username}</span></b> <a href='index.php?LSsession_logout'><img src='templates/images/logout.png' alt='Logout' title='Logout' /></a></p>
|
||||||
|
|
||||||
|
{if $pagetitle != ''}<h1>{$pagetitle}</h1>{/if}
|
||||||
|
|
||||||
|
<form action='{$LSform_action}' method='post' class='LSform'>
|
||||||
|
{$LSform_header}
|
||||||
|
<dl class='LSform'>
|
||||||
|
{foreach from=$LSform_fields item=field}
|
||||||
|
<dt class='LSform'>{$field.label}</dt>
|
||||||
|
<dd class='LSform'>{$field.html}{if $field.add != ''} <span class='LSform-addfield'>+ Ajouter un champ</span>{/if}</dd>
|
||||||
|
{if $field.errors != ''}
|
||||||
|
{foreach from=$field.errors item=error}
|
||||||
|
<dd class='LSform LSform-errors'>{$error}</dd>
|
||||||
|
{/foreach}
|
||||||
|
{/if}
|
||||||
|
{/foreach}
|
||||||
|
<dd class='LSform'><input type='submit' value='{$LSform_submittxt}' class='LSform' /></dd>
|
||||||
|
</dl>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
<hr class='spacer' />
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
|
@ -1,20 +1,3 @@
|
||||||
p.LSform-view-actions {
|
|
||||||
text-align: right;
|
|
||||||
font-size: 0.8em;
|
|
||||||
margin: 0.2em;
|
|
||||||
margin-right: 3em;
|
|
||||||
color: #0072b8;
|
|
||||||
}
|
|
||||||
|
|
||||||
a.LSform-view-actions {
|
|
||||||
text-decoration: none;
|
|
||||||
color: #0072b8;
|
|
||||||
}
|
|
||||||
|
|
||||||
a.LSform-view-actions:hover {
|
|
||||||
text-decoration: underline;
|
|
||||||
}
|
|
||||||
|
|
||||||
dl.LSform {
|
dl.LSform {
|
||||||
margin: 0;
|
margin: 0;
|
||||||
margin-left: 2em;
|
margin-left: 2em;
|
||||||
|
|
|
@ -114,6 +114,10 @@ td.LSobject-list-actions {
|
||||||
width: 7em;
|
width: 7em;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
td.LSobject-list-names {
|
||||||
|
cursor: pointer;
|
||||||
|
}
|
||||||
|
|
||||||
p.LSobject-list-page {
|
p.LSobject-list-page {
|
||||||
text-align: center;
|
text-align: center;
|
||||||
margin: 0.5em;
|
margin: 0.5em;
|
||||||
|
@ -132,3 +136,21 @@ a.LSobject-list-page:hover {
|
||||||
strong.LSobject-list-page {
|
strong.LSobject-list-page {
|
||||||
color: #0072b8;
|
color: #0072b8;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
p.LSview-actions {
|
||||||
|
text-align: right;
|
||||||
|
font-size: 0.8em;
|
||||||
|
margin: 0.2em;
|
||||||
|
margin-right: 3em;
|
||||||
|
color: #0072b8;
|
||||||
|
}
|
||||||
|
|
||||||
|
p.question {
|
||||||
|
margin-left: 3em;
|
||||||
|
}
|
||||||
|
|
||||||
|
a.question {
|
||||||
|
margin-left: 10em;
|
||||||
|
margin-top: 3em;
|
||||||
|
color: #0072b8;
|
||||||
|
}
|
||||||
|
|
BIN
trunk/templates/images/clear.png
Normal file
After Width: | Height: | Size: 773 B |
Before Width: | Height: | Size: 498 B After Width: | Height: | Size: 498 B |
BIN
trunk/templates/images/create.png
Normal file
After Width: | Height: | Size: 477 B |
BIN
trunk/templates/images/delete.png
Normal file
After Width: | Height: | Size: 655 B |
Before Width: | Height: | Size: 805 B After Width: | Height: | Size: 799 B |
BIN
trunk/templates/images/modify.png
Normal file
After Width: | Height: | Size: 317 B |
|
@ -29,7 +29,13 @@
|
||||||
<p id='status'>Connecté en tant que <span id='user_name'>{$LSsession_username}</span></b> <a href='index.php?LSsession_logout'><img src='templates/images/logout.png' alt='Logout' title='Logout' /></a></p>
|
<p id='status'>Connecté en tant que <span id='user_name'>{$LSsession_username}</span></b> <a href='index.php?LSsession_logout'><img src='templates/images/logout.png' alt='Logout' title='Logout' /></a></p>
|
||||||
|
|
||||||
{if $pagetitle != ''}<h1>{$pagetitle}</h1>{/if}
|
{if $pagetitle != ''}<h1>{$pagetitle}</h1>{/if}
|
||||||
<p class='LSform-view-actions'><a href='view.php?LSobject={$LSform_object.type}&dn={$LSform_object.dn}' class='LSform-view-actions'>Voir</a></p>
|
{if $LSview_actions != ''}
|
||||||
|
<p class='LSview-actions'>
|
||||||
|
{foreach from=$LSview_actions item=item}
|
||||||
|
<a href='{$item.url}' class='LSview-actions'><img src='templates/images/{$item.action}.png' alt='{$item.label}' title='{$item.label}' /></a>
|
||||||
|
{/foreach}
|
||||||
|
</p>
|
||||||
|
{/if}
|
||||||
|
|
||||||
<form action='{$LSform_action}' method='post' class='LSform'>
|
<form action='{$LSform_action}' method='post' class='LSform'>
|
||||||
{$LSform_header}
|
{$LSform_header}
|
||||||
|
|
45
trunk/templates/question.tpl
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
||||||
|
"http://www.w3.org/TR/html4/loose.dtd">
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>LdapSaisie{if $pagetitle != ''} - {$pagetitle}{/if}</title>
|
||||||
|
<link rel="stylesheet" type="text/css" href="templates/css/base.css" media="screen" title="Normal" />
|
||||||
|
{$LSsession_css}
|
||||||
|
{$LSsession_js}
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div id='LSerror'>
|
||||||
|
{$LSerrors}
|
||||||
|
</div>
|
||||||
|
<div id='LSdebug'>
|
||||||
|
<a href='#' id='LSdebug_hidden'>X</a>
|
||||||
|
<div id='LSdebug_infos'>{if $LSdebug != ''}{$LSdebug}{/if}</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div id='main'>
|
||||||
|
<div id='left'>
|
||||||
|
<img src='templates/images/logo.png' alt='Logo' id='logo'/>
|
||||||
|
<ul class='menu'>
|
||||||
|
{foreach from=$LSaccess item=item key=LSobject_type}
|
||||||
|
<li class='menu'><a href='view.php?LSobject={$LSobject_type}' class='menu'>{$item.label}</a></li>
|
||||||
|
{/foreach}
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
<div id='right'>
|
||||||
|
<p id='status'>Connecté en tant que <span id='user_name'>{$LSsession_username}</span></b> <a href='index.php?LSsession_logout'><img src='templates/images/logout.png' alt='Logout' title='Logout' /></a></p>
|
||||||
|
{if $pagetitle != ''}<h1>{$pagetitle}</h1>{/if}
|
||||||
|
{if $LSview_actions != ''}
|
||||||
|
<p class='LSview-actions'>
|
||||||
|
{foreach from=$LSview_actions item=item}
|
||||||
|
<a href='{$item.url}' class='LSview-actions'><img src='templates/images/{$item.action}.png' alt='{$item.label}' title='{$item.label}' /></a>
|
||||||
|
{/foreach}
|
||||||
|
</p>
|
||||||
|
{/if}
|
||||||
|
|
||||||
|
<p class='question'>{$question}</p>
|
||||||
|
{if $validation_txt!=''}<a href='{$validation_url}' class='question'>Valider</a>{/if}
|
||||||
|
</div>
|
||||||
|
<hr class='spacer' />
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
|
@ -28,7 +28,14 @@
|
||||||
<div id='right'>
|
<div id='right'>
|
||||||
<p id='status'>Connecté en tant que <span id='user_name'>{$LSsession_username}</span></b> <a href='index.php?LSsession_logout'><img src='templates/images/logout.png' alt='Logout' title='Logout' /></a></p>
|
<p id='status'>Connecté en tant que <span id='user_name'>{$LSsession_username}</span></b> <a href='index.php?LSsession_logout'><img src='templates/images/logout.png' alt='Logout' title='Logout' /></a></p>
|
||||||
{if $pagetitle != ''}<h1>{$pagetitle}</h1>{/if}
|
{if $pagetitle != ''}<h1>{$pagetitle}</h1>{/if}
|
||||||
{if $LSform_canEdit == 'true'}<p class='LSform-view-actions'><a href='modify.php?LSobject={$LSform_object.type}&dn={$LSform_object.dn}' class='LSform-view-actions'>Modifier</a></p>{/if}
|
{if $LSview_actions != ''}
|
||||||
|
<p class='LSview-actions'>
|
||||||
|
{foreach from=$LSview_actions item=item}
|
||||||
|
<a href='{$item.url}' class='LSview-actions'><img src='templates/images/{$item.action}.png' alt='{$item.label}' title='{$item.label}' /></a>
|
||||||
|
{/foreach}
|
||||||
|
</p>
|
||||||
|
{/if}
|
||||||
|
|
||||||
<dl class='LSform'>
|
<dl class='LSform'>
|
||||||
{foreach from=$LSform_fields item=field}
|
{foreach from=$LSform_fields item=field}
|
||||||
<dt class='LSform'>{$field.label}</dt>
|
<dt class='LSform'>{$field.label}</dt>
|
||||||
|
|
|
@ -28,6 +28,14 @@
|
||||||
<div id='right'>
|
<div id='right'>
|
||||||
<p id='status'>Connecté en tant que <span id='user_name'>{$LSsession_username}</span></b> <a href='index.php?LSsession_logout'><img src='templates/images/logout.png' alt='Logout' title='Logout' /></a></p>
|
<p id='status'>Connecté en tant que <span id='user_name'>{$LSsession_username}</span></b> <a href='index.php?LSsession_logout'><img src='templates/images/logout.png' alt='Logout' title='Logout' /></a></p>
|
||||||
{if $pagetitle != ''}<h1>{$pagetitle}</h1>{/if}
|
{if $pagetitle != ''}<h1>{$pagetitle}</h1>{/if}
|
||||||
|
|
||||||
|
{if $LSview_actions != ''}
|
||||||
|
<p class='LSview-actions'>
|
||||||
|
{foreach from=$LSview_actions item=item}
|
||||||
|
<a href='{$item.url}' class='LSview-actions'><img src='templates/images/{$item.action}.png' alt='{$item.label}' title='{$item.label}' /></a>
|
||||||
|
{/foreach}
|
||||||
|
</p>
|
||||||
|
{/if}
|
||||||
<table class='LSobject-list'>
|
<table class='LSobject-list'>
|
||||||
<tr class='LSobject-list'>
|
<tr class='LSobject-list'>
|
||||||
<th class='LSobject-list'>{$LSobject_list_objectname}</th>
|
<th class='LSobject-list'>{$LSobject_list_objectname}</th>
|
||||||
|
@ -36,7 +44,13 @@
|
||||||
{foreach from=$LSobject_list item=object}
|
{foreach from=$LSobject_list item=object}
|
||||||
<tr class='LSobject-list'>
|
<tr class='LSobject-list'>
|
||||||
<td class='LSobject-list LSobject-list-names'><a href='view.php?LSobject={$LSobject_list_objecttype}&dn={$object.dn}' class='LSobject-list'>{$object.displayValue}</a> </td>
|
<td class='LSobject-list LSobject-list-names'><a href='view.php?LSobject={$LSobject_list_objecttype}&dn={$object.dn}' class='LSobject-list'>{$object.displayValue}</a> </td>
|
||||||
<td class='LSobject-list LSobject-list-actions'>{if $object.canEdit}<a href='modify.php?LSobject={$LSobject_list_objecttype}&dn={$object.dn}' class='LSobject-list-actions'><img src='templates/images/edit.png' alt='{$_Modifier}' title='{$_Modifier}'/></a>{/if}</td>
|
<td class='LSobject-list LSobject-list-actions'>
|
||||||
|
{if $object.actions!=''}
|
||||||
|
{foreach from=$object.actions item=item}
|
||||||
|
<a href='{$item.url}' class='LSobject-list-actions'><img src='templates/images/{$item.action}.png' alt='{$item.label}' title='{$item.label}'/></a>
|
||||||
|
{/foreach}
|
||||||
|
{/if}
|
||||||
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
{/foreach}
|
{/foreach}
|
||||||
</table>
|
</table>
|
||||||
|
|
222
trunk/view.php
|
@ -28,82 +28,174 @@ require_once 'includes/class/class.LSsession.php';
|
||||||
$GLOBALS['LSsession'] = new LSsession();
|
$GLOBALS['LSsession'] = new LSsession();
|
||||||
|
|
||||||
if($LSsession -> startLSsession()) {
|
if($LSsession -> startLSsession()) {
|
||||||
$LSobject = $_GET['LSobject'];
|
if (isset($_GET['LSobject'])) {
|
||||||
|
$LSobject = $_GET['LSobject'];
|
||||||
if ( $LSobject == 'SELF' ) {
|
|
||||||
if ($GLOBALS['LSsession'] -> canAccess($GLOBALS['LSsession']-> LSuserObject -> getType(),$GLOBALS['LSsession']-> LSuserObject -> getValue('dn'))) {
|
if ( $LSobject == 'SELF' ) {
|
||||||
if ( $GLOBALS['LSsession'] -> canEdit($GLOBALS['LSsession']-> LSuserObject -> getType(),$GLOBALS['LSsession']-> LSuserObject -> getValue('dn'))) {
|
if ($GLOBALS['LSsession'] -> canAccess($GLOBALS['LSsession']-> LSuserObject -> getType(),$GLOBALS['LSsession']-> LSuserObject -> getValue('dn'))) {
|
||||||
$GLOBALS['Smarty'] -> assign('LSform_canEdit',true);
|
if ( $GLOBALS['LSsession'] -> canEdit($GLOBALS['LSsession']-> LSuserObject -> getType(),$GLOBALS['LSsession']-> LSuserObject -> getValue('dn')) ) {
|
||||||
|
$LSview_actions[] = array (
|
||||||
|
'label' => _('Modifier'),
|
||||||
|
'url' => 'modify.php?LSobject='.$GLOBALS['LSsession']-> LSuserObject -> getType().'&dn='.$GLOBALS['LSsession']-> LSuserObject -> getValue('dn'),
|
||||||
|
'action' => 'modify'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> canCreate($GLOBALS['LSsession']-> LSuserObject -> getType())) {
|
||||||
|
$LSview_actions[] = array(
|
||||||
|
'label' => _('Copier'),
|
||||||
|
'url' =>'create.php?LSobject='.$GLOBALS['LSsession']-> LSuserObject -> getType().'&load='.$GLOBALS['LSsession']-> LSuserObject -> getValue('dn'),
|
||||||
|
'action' => 'copy'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> canRemove($GLOBALS['LSsession']-> LSuserObject -> getType(),$GLOBALS['LSsession']-> LSuserObject -> getValue('dn'))) {
|
||||||
|
$LSview_actions[] = array (
|
||||||
|
'label' => _('Supprimer'),
|
||||||
|
'url' => 'remove.php?LSobject='.$GLOBALS['LSsession']-> LSuserObject -> getType().'&dn='.$GLOBALS['LSsession']-> LSuserObject -> getValue('dn'),
|
||||||
|
'action' => 'delete'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
$GLOBALS['Smarty'] -> assign('pagetitle',_('Mon compte'));
|
||||||
|
$GLOBALS['Smarty'] -> assign('LSview_actions',$LSview_actions);
|
||||||
|
$form = $GLOBALS['LSsession']-> LSuserObject -> getView();
|
||||||
|
$form -> displayView();
|
||||||
|
$GLOBALS['LSsession'] -> setTemplate('view.tpl');
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1004,$_GET['LSobject']);
|
||||||
}
|
}
|
||||||
$GLOBALS['Smarty'] -> assign('pagetitle',_('Mon compte'));
|
|
||||||
$form = $GLOBALS['LSsession']-> LSuserObject -> getView();
|
|
||||||
$form -> displayView();
|
|
||||||
$GLOBALS['LSsession'] -> setTemplate('view.tpl');
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1004,$_GET['LSobject']);
|
if ( $GLOBALS['LSsession'] -> loadLSobject($_GET['LSobject']) ) {
|
||||||
}
|
if ( isset($_GET['dn']) ) {
|
||||||
}
|
if ($GLOBALS['LSsession'] -> canAccess($_GET['LSobject'],$_GET['dn'])) {
|
||||||
else {
|
if ( $GLOBALS['LSsession'] -> canEdit($_GET['LSobject'],$_GET['dn']) ) {
|
||||||
if ( $GLOBALS['LSsession'] -> loadLSobject($_GET['LSobject']) ) {
|
$LSview_actions[] = array(
|
||||||
if ( isset($_GET['dn']) ) {
|
'label' => _('Modifier'),
|
||||||
if ($GLOBALS['LSsession'] -> canAccess($_GET['LSobject'],$_GET['dn'])) {
|
'url' =>'modify.php?LSobject='.$_GET['LSobject'].'&dn='.$_GET['dn'],
|
||||||
if ( $GLOBALS['LSsession'] -> canEdit($_GET['LSobject'],$_GET['dn']) ) {
|
'action' => 'modify'
|
||||||
$GLOBALS['Smarty'] -> assign('LSform_canEdit','true');
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> canCreate($_GET['LSobject'])) {
|
||||||
|
$LSview_actions[] = array(
|
||||||
|
'label' => _('Copier'),
|
||||||
|
'url' =>'create.php?LSobject='.$_GET['LSobject'].'&load='.$_GET['dn'],
|
||||||
|
'action' => 'copy'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> canRemove($_GET['LSobject'],$_GET['dn'])) {
|
||||||
|
$LSview_actions[] = array(
|
||||||
|
'label' => _('Supprimer'),
|
||||||
|
'url' => 'remove.php?LSobject='.$_GET['LSobject'].'&dn='.$_GET['dn'],
|
||||||
|
'action' => 'delete'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
$object = new $_GET['LSobject']();
|
||||||
|
$object -> loadData($_GET['dn']);
|
||||||
|
$view = $object -> getView();
|
||||||
|
$view -> displayView();
|
||||||
|
$GLOBALS['Smarty'] -> assign('pagetitle',$object -> getDisplayValue());
|
||||||
|
$GLOBALS['Smarty'] -> assign('LSview_actions',$LSview_actions);
|
||||||
|
$GLOBALS['LSsession'] -> setTemplate('view.tpl');
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$GLOBALS['LSerror'] -> addErrorCode(1011);
|
||||||
}
|
}
|
||||||
$object = new $_GET['LSobject']();
|
|
||||||
$object -> loadData($_GET['dn']);
|
|
||||||
$view = $object -> getView();
|
|
||||||
$view -> displayView();
|
|
||||||
$GLOBALS['LSsession'] -> setTemplate('view.tpl');
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1011);
|
$objectList=array();
|
||||||
|
$object = new $_GET['LSobject']();
|
||||||
|
$GLOBALS['Smarty']->assign('pagetitle',$object -> getLabel());
|
||||||
|
$GLOBALS['Smarty']->assign('LSobject_list_objectname',$object -> getLabel());
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> canCreate($_GET['LSobject'])) {
|
||||||
|
$LSview_actions[] = array (
|
||||||
|
'label' => _('Nouveau'),
|
||||||
|
'url' => 'create.php?LSobject='.$_GET['LSobject'],
|
||||||
|
'action' => 'create'
|
||||||
|
);
|
||||||
|
$canCopy=true;
|
||||||
|
}
|
||||||
|
|
||||||
|
$list=$object -> listObjects();
|
||||||
|
$nbObjects=count($list);
|
||||||
|
if ($nbObjects > NB_LSOBJECT_LIST) {
|
||||||
|
if (isset($_GET['page'])) {
|
||||||
|
$list = array_slice($list, ($_GET['page']) * NB_LSOBJECT_LIST, NB_LSOBJECT_LIST);
|
||||||
|
$GLOBALS['Smarty']->assign('LSobject_list_currentpage',$_GET['page']);
|
||||||
|
$GLOBALS['Smarty']->assign('LSobject_list_nbpage',ceil($nbObjects / NB_LSOBJECT_LIST));
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$list = array_slice($list, 0, NB_LSOBJECT_LIST);
|
||||||
|
$GLOBALS['Smarty']->assign('LSobject_list_currentpage',0);
|
||||||
|
$GLOBALS['Smarty']->assign('LSobject_list_nbpage',ceil($nbObjects / NB_LSOBJECT_LIST));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
foreach($list as $thisObject) {
|
||||||
|
unset($actions);
|
||||||
|
if ($GLOBALS['LSsession'] -> canAccess($_GET['LSobject'],$thisObject->getValue('dn'))) {
|
||||||
|
$actions[] = array(
|
||||||
|
'label' => _('Voir'),
|
||||||
|
'url' =>'view.php?LSobject='.$_GET['LSobject'].'&dn='.$thisObject -> getValue('dn'),
|
||||||
|
'action' => 'view'
|
||||||
|
);
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> canEdit($_GET['LSobject'],$thisObject->getValue('dn'))) {
|
||||||
|
$actions[]=array(
|
||||||
|
'label' => _('Modifier'),
|
||||||
|
'url' => 'modify.php?LSobject='.$_GET['LSobject'].'&dn='.$thisObject->getValue('dn'),
|
||||||
|
'action' => 'modify'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($canCopy) {
|
||||||
|
$actions[] = array(
|
||||||
|
'label' => _('Copier'),
|
||||||
|
'url' =>'create.php?LSobject='.$_GET['LSobject'].'&load='.$thisObject -> getValue('dn'),
|
||||||
|
'action' => 'copy'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($GLOBALS['LSsession'] -> canRemove($thisObject -> getType(),$GLOBALS['LSsession']-> LSuserObject -> getValue('dn'))) {
|
||||||
|
$actions[] = array (
|
||||||
|
'label' => _('Supprimer'),
|
||||||
|
'url' => 'remove.php?LSobject='.$_GET['LSobject'].'&dn='.$thisObject -> getValue('dn'),
|
||||||
|
'action' => 'delete'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
$objectList[]=array(
|
||||||
|
'dn' => $thisObject->getValue('dn'),
|
||||||
|
'displayValue' => $thisObject->getDisplayValue(),
|
||||||
|
'actions' => $actions
|
||||||
|
);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
debug($thisObject->getValue('dn'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$GLOBALS['LSsession'] -> addJSscript('LSview.js');
|
||||||
|
|
||||||
|
$GLOBALS['Smarty']->assign('_Actions',_('Actions'));
|
||||||
|
$GLOBALS['Smarty']->assign('_Modifier',_('Modifier'));
|
||||||
|
$GLOBALS['Smarty']->assign('LSobject_list',$objectList);
|
||||||
|
$GLOBALS['Smarty']->assign('LSobject_list_objecttype',$_GET['LSobject']);
|
||||||
|
$GLOBALS['Smarty'] -> assign('LSview_actions',$LSview_actions);
|
||||||
|
$GLOBALS['LSsession'] -> setTemplate('viewList.tpl');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$objectList=array();
|
$GLOBALS['LSerror'] -> addErrorCode(1004,$_GET['LSobject']);
|
||||||
$object = new $_GET['LSobject']();
|
|
||||||
$GLOBALS['Smarty']->assign('pagetitle',$object -> getLabel());
|
|
||||||
$GLOBALS['Smarty']->assign('LSobject_list_objectname',$object -> getLabel());
|
|
||||||
$list=$object -> listObjects();
|
|
||||||
$nbObjects=count($list);
|
|
||||||
if ($nbObjects > NB_LSOBJECT_LIST) {
|
|
||||||
if (isset($_GET['page'])) {
|
|
||||||
$list = array_slice($list, ($_GET['page']) * NB_LSOBJECT_LIST, NB_LSOBJECT_LIST);
|
|
||||||
$GLOBALS['Smarty']->assign('LSobject_list_currentpage',$_GET['page']);
|
|
||||||
$GLOBALS['Smarty']->assign('LSobject_list_nbpage',ceil($nbObjects / NB_LSOBJECT_LIST));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$list = array_slice($list, 0, NB_LSOBJECT_LIST);
|
|
||||||
$GLOBALS['Smarty']->assign('LSobject_list_currentpage',0);
|
|
||||||
$GLOBALS['Smarty']->assign('LSobject_list_nbpage',ceil($nbObjects / NB_LSOBJECT_LIST));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
foreach($list as $thisObject) {
|
|
||||||
if ($GLOBALS['LSsession'] -> canAccess($_GET['LSobject'],$thisObject->getValue('dn'))) {
|
|
||||||
$objectList[]=array(
|
|
||||||
'dn' => $thisObject->getValue('dn'),
|
|
||||||
'displayValue' => $thisObject->getDisplayValue(),
|
|
||||||
'canEdit' => $GLOBALS['LSsession'] -> canEdit($_GET['LSobject'],$thisObject->getValue('dn'))
|
|
||||||
);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
debug($thisObject->getValue('dn'));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$GLOBALS['LSsession'] -> addJSscript('LSview.js');
|
|
||||||
|
|
||||||
$GLOBALS['Smarty']->assign('_Actions',_('Actions'));
|
|
||||||
$GLOBALS['Smarty']->assign('_Modifier',_('Modifier'));
|
|
||||||
$GLOBALS['Smarty']->assign('LSobject_list',$objectList);
|
|
||||||
$GLOBALS['Smarty']->assign('LSobject_list_objecttype',$_GET['LSobject']);
|
|
||||||
$GLOBALS['LSsession'] -> setTemplate('viewList.tpl');
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
}
|
||||||
$GLOBALS['LSerror'] -> addErrorCode(1004,$_GET['LSobject']);
|
else {
|
||||||
}
|
$GLOBALS['LSerror'] -> addErrorCode(1012);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|