LSsession::canExecuteCustomAction(): fix handling self LSprofile

Be sure to reset current LSprofiles before (re)loading it.

doc/conf/LSaddon.docbook

@@ -12,12 +12,14 @@
   &conf-LSaddon_accesslog;
   &conf-LSaddon_asterisk;
   &conf-LSaddon_exportSearchResultAsCSV;
+  &conf-LSaddon_impersonate;
   &conf-LSaddon_LSaccessRightsMatrixView;
   &conf-LSaddon_mail;
   &conf-LSaddon_maildir;
   &conf-LSaddon_mailquota;
   &conf-LSaddon_phpldapadmin;
   &conf-LSaddon_ppolicy;
+  &conf-LSaddon_showSupportInfo;
   &conf-LSaddon_showTechInfo;
 
 </sect1>

doc/conf/LSaddon/LSaddon.entities.xml

@@ -2,10 +2,12 @@
 <!ENTITY conf-LSaddon_accesslog SYSTEM "LSaddon_accesslog.docbook">
 <!ENTITY conf-LSaddon_asterisk SYSTEM "LSaddon_asterisk.docbook">
 <!ENTITY conf-LSaddon_exportSearchResultAsCSV SYSTEM "LSaddon_exportSearchResultAsCSV.docbook">
+<!ENTITY conf-LSaddon_impersonate SYSTEM "LSaddon_impersonate.docbook">
 <!ENTITY conf-LSaddon_LSaccessRightsMatrixView SYSTEM "LSaddon_LSaccessRightsMatrixView.docbook">
 <!ENTITY conf-LSaddon_mail SYSTEM "LSaddon_mail.docbook">
 <!ENTITY conf-LSaddon_maildir SYSTEM "LSaddon_maildir.docbook">
 <!ENTITY conf-LSaddon_mailquota SYSTEM "LSaddon_mailquota.docbook">
 <!ENTITY conf-LSaddon_phpldapadmin SYSTEM "LSaddon_phpldapadmin.docbook">
 <!ENTITY conf-LSaddon_ppolicy SYSTEM "LSaddon_ppolicy.docbook">
+<!ENTITY conf-LSaddon_showSupportInfo SYSTEM "LSaddon_showSupportInfo.docbook">
 <!ENTITY conf-LSaddon_showTechInfo SYSTEM "LSaddon_showTechInfo.docbook">

doc/conf/LSaddon/LSaddon_impersonate.docbook

@@ -0,0 +1,30 @@
+<sect2 id="config-LSaddon_impersonate">
+  <title>LSaddon_impersonate</title>
+  <para>Cet &LSaddon; fournie une fonction du même nom pouvant être utilisée
+  comme &customActions; et permettant de se reconnecter en tant qu'un autre
+  utilisateur de l'annuaire.</para>
+
+<para>Ci-dessous, vous trouverez un exemple de configuration de la fonction
+<literal>impersonate()</literal> comme &customActions; :</para>
+
+<programlisting linenumbering="unnumbered">
+<citetitle>Exemple d'utilisation</citetitle><![CDATA[$GLOBALS['LSobjects']['LSpeople'] = array (
+  [...]
+  'customActions' => array (
+    'impersonate' => array (
+      'function' => 'impersonate',
+      'label' => 'Reconnect as this user',
+      'hideLabel' => True,
+      'noConfirmation' => true,
+      'disableOnSuccessMsg' => true,
+      'icon' => 'user_go',
+      'rights' => array (
+        'admin'
+      ),
+    ),
+  ),
+  [...]
+);]]>
+</programlisting>
+
+</sect2>

doc/conf/LSaddon/LSaddon_showSupportInfo.docbook

@@ -0,0 +1,44 @@
+<sect2 id="config-LSaddon_showSupportInfo">
+  <title>LSaddon_showSupportInfo</title>
+  <para>Cet &LSaddon; fourni une page affichant les informations utiles pour
+  l'équipe assurant le support de l'application. Cette page est accessible à
+  l'adresse <literal>addon/showSupportInfo/showMySupportInfo</literal>. Elle
+  compile (et permet de télécharger) l'ensemble des informations utiles à
+  l'appréciation du contexte d'accès à l'application par l'utilisateur.</para>
+
+  <para>Cette page est accessible par tous les utilisateurs connectés à
+  l'application. Cependant, par défaut, il n'y a aucun lien d'accès à celle-ci.
+  Il est possible d'ajouter un lien d'accès dans le menu et modifiant la valeur
+  de la constante <literal>SHOW_SUPPORT_INFO_IN_MENU</literal> à
+  <literal>True</literal>.</para>
+
+  <para>Une fonction <literal>showMySupportInfo()</literal> est également
+  fournie et peut-être utilisée comme &customActions;. Elle redirigera alors
+  l'utilisateur vers cette page. Ci-dessous, vous trouverez un exemple de
+  configuration de la fonction <literal>showMySupportInfo()</literal> comme
+  &customActions; :</para>
+
+<programlisting linenumbering="unnumbered">
+<citetitle>Exemple d'utilisation</citetitle><![CDATA[$GLOBALS['LSobjects']['LSpeople'] = array (
+  [...]
+  'customActions' => array (
+    'showMySupportInfo' => array (
+      'function' => 'showMySupportInfo',
+      'label' => 'Show my support information',
+      'hideLabel' => True,
+      'noConfirmation' => true,
+      'disableOnSuccessMsg' => true,
+      'icon' => 'terminal',
+      'rights' => array (
+        'admin'
+      ),
+    ),
+  ),
+  [...]
+);]]>
+</programlisting>
+
+<note><simpara>Le label et l'icône fournis dans cet exemple sont traduits et
+délivrés avec &LdapSaisie;.</simpara></note>
+
+</sect2>

src/conf/LSaddons/config.LSaddons.showSupportInfo.php

@@ -0,0 +1,30 @@
+<?php
+/*******************************************************************************
+ * Copyright (C) 2007 Easter-eggs
+ * https://ldapsaisie.org
+ *
+ * Author: See AUTHORS file in top-level directory.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+
+******************************************************************************/
+
+/*
+ *******************************************
+ * Configuration for showSupportInfo addon *
+ *******************************************
+ */
+
+// Show link in menu to access to support info page
+define('SHOW_SUPPORT_INFO_IN_MENU', False);

src/conf/config.LSaddons.php

@@ -27,5 +27,6 @@ $GLOBALS['LSaddons']['loads'] = array (
   'maildir',
   'dyngroup',
   'showTechInfo',
+  'showSupportInfo',
   'LSaccessRightsMatrixView',
 );

src/css/default/showSupportInfo.css

@@ -0,0 +1,13 @@
+#showSupportInfo pre {
+  margin-left: 1em;
+  color: #111;
+	text-align: left;
+	background-color: #eee;
+	width: 80%;
+  white-space: pre-wrap;
+	margin: auto;
+	margin-top: 3em;
+	padding: 0.5em;
+	border-radius: 1em;
+	border: 1px solid #ccc;
+}

src/includes/addons/LSaddons.impersonate.php

@@ -0,0 +1,50 @@
+<?php
+/*******************************************************************************
+ * Copyright (C) 2007 Easter-eggs
+ * https://ldapsaisie.org
+ *
+ * Author: See AUTHORS file in top-level directory.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+
+******************************************************************************/
+
+// Error messages
+LSerror :: defineError('IMPERSONATE_01',
+  ___("Impersonate: Fail to reconnect as %{name}.")
+);
+
+/**
+ * Check support of impersonate addon by LdapSaisie
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @return boolean true if impersonate addon is totally supported, false in other case
+ */
+function LSaddon_impersonate_support() {
+  return True;
+}
+
+function impersonate($object) {
+  if (LSsession::changeAuthUser($object)) {
+    LSsession::addInfo(getFData(
+      _('Successfully reconnected as %{name}.'),
+      $object->getDisplayName()
+    ));
+    LSurl::redirect('?LSsession_refresh');
+    return True;
+  }
+  LSerror :: addErrorCode('IMPERSONATE_01', $object->getDisplayName());
+  return False;
+}

src/includes/addons/LSaddons.showSupportInfo.php

@@ -0,0 +1,93 @@
+<?php
+/*******************************************************************************
+ * Copyright (C) 2007 Easter-eggs
+ * https://ldapsaisie.org
+ *
+ * Author: See AUTHORS file in top-level directory.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+
+******************************************************************************/
+
+/**
+ * Check support of showSupportInfo addon by LdapSaisie
+ *
+ * @author Benjamin Renard <brenard@easter-eggs.com>
+ *
+ * @return boolean true if LSaccessRightsMatrixView addon is totally supported, false in other case
+ */
+function LSaddon_showSupportInfo_support() {
+  return LSsession :: registerLSaddonView(
+    'showSupportInfo',
+    'showMySupportInfo',
+    _('Show my support information'),
+    'showMySupportInfoView',
+    array('user'),
+    (defined('SHOW_SUPPORT_INFO_IN_MENU') && constant('SHOW_SUPPORT_INFO_IN_MENU'))
+  );
+}
+
+function showMySupportInfo($object) {
+  LSurl :: redirect('addon/showSupportInfo/showMySupportInfo');
+}
+
+function showMySupportInfoView() {
+  $object = LSsession :: get('authenticated_user');
+  LStemplate :: assign('public_url', LSurl :: get_public_absolute_url(""));
+  LStemplate :: assign('object', $object);
+  LStemplate :: assign('ldap_server_id', LSsession :: get('ldap_server_id'));
+  LStemplate :: assign('root_dn', LSsession :: get('root_dn'));
+  LStemplate :: assign('top_dn', LSsession :: get('top_dn'));
+  LStemplate :: assign('sub_dn_name', LSsession :: get('sub_dn_name'));
+  LStemplate :: assign('sub_dn_label', LSsession :: get('sub_dn_label'));
+  LStemplate :: assign('LSprofiles', LSsession :: get('LSprofiles'));
+
+  if (isset($_REQUEST['download'])) {
+    header('Content-Type: text/plain');
+    header('Content-disposition: attachment; filename="'.$object->rdn[0].'-support-info.txt"');
+    print(LStemplate::fetch('showSupportInfo_raw.tpl'));
+    exit();
+  }
+
+  LStemplate :: assign(
+    'pagetitle',
+    getFData(
+      _('%{name}: Support information'),
+      $object->getDisplayName()
+    )
+  );
+
+  $LSview_actions = array();
+  $LSview_actions['download'] = array (
+    'label' => _('Download'),
+    'url' => LSurl :: $request->current_url.'?download',
+    'action' => 'vcard'
+  );
+  $LSview_actions['return'] = array (
+    'label' => _('Go back'),
+    'url' => 'object/SELF',
+    'action' => 'view'
+  );
+  LStemplate :: assign('LSview_actions', $LSview_actions);
+
+  if (LSsession :: loadLSclass('LSform')) {
+    LSform :: loadDependenciesDisplayView();
+  }
+
+  LStemplate :: addCssFile('showSupportInfo.css');
+  LSsession :: setTemplate('showSupportInfo.tpl');
+  // Display template
+  LSsession :: displayTemplate();
+  exit();
+}

src/includes/class/class.LSsession.php

@@ -259,7 +259,9 @@ class LSsession {
       case 'api_mode':
         return boolval(self :: $api_mode);
       case 'ldap_server_id':
-        return boolval(self :: $ldapServerId);
+        return intval(self :: $ldapServerId);
+      case 'LSprofiles':
+        return self :: $LSprofiles;
     }
     return null;
   }
@@ -2123,6 +2125,7 @@ class LSsession {
       return false;
     }
     self :: log_trace("loadLSprofiles(): Current LDAP server LSprofile configuration: ".varDump(self :: $ldapServer['LSprofiles']));
+    self :: $LSprofiles = array();
     foreach (self :: $ldapServer['LSprofiles'] as $profile => $profileInfos) {
       if (!is_array($profileInfos)) {
         self :: log_warning("loadLSprofiles(): Invalid configuration for LSprofile '$profile' (must be an array).");
@@ -2677,8 +2680,10 @@ class LSsession {
     $whoami = self :: whoami($dn);
 
     if (isset($conf['rights']) && is_array($conf['rights'])) {
+      if ($dn == self :: $dn && in_array('self', $conf['rights']))
+        return True;
       foreach($whoami as $who) {
-        if (in_array($who,$conf['rights'])) {
+        if ($who != 'self' && in_array($who,$conf['rights'])) {
           return True;
         }
       }

src/templates/default/showSupportInfo.tpl

@@ -0,0 +1,10 @@
+{extends file='ls:base_connected.tpl'}
+{block name="content"}
+<div id='showSupportInfo'>
+  <h1>{$pagetitle}</h1>
+  {include file='ls:LSview_actions.tpl'}
+  <pre>
+{include file='ls:showSupportInfo_raw.tpl'|escape:"htmlall"}
+</pre>
+</div>
+{/block}

src/templates/default/showSupportInfo_raw.tpl

@@ -0,0 +1,19 @@
+Access URL: {$public_url}
+
+Connected user: {$object->getDisplayName()}
+ - Object type: {$object->getType()}
+ - DN: {$object->getDn()}
+
+LDAP server (#{$ldap_server_id}):
+ - Root DN: {$root_dn}
+ - Top DN: {$top_dn}
+ - Sub DN: {if $sub_dn_name}{$sub_dn_name} ({$sub_dn_label}){else}None{/if}
+
+
+LSprofiles:
+{foreach $LSprofiles as $LSprofile => $dns}
+ - {$LSprofile}:
+{foreach $dns as $dn}
+  - {$dn}
+{/foreach}
+{/foreach}