Context Navigation

class.user.inc.php @ 3529

Revision 3529, 45.5 KB checked in by alexandrecorreia, 14 years ago (diff)
Ticket #1415 - Correcao para a deteccao da versao do cyrus, maior que 22
Property svn:eol-style set to `native` Property svn:executable set to ``*

Rev	Line
[2]	1	<?php
	2	/**********************************************************************************\
	3	* Expresso Administração *
	4	* by Joao Alfredo Knopik Junior (joao.alfredo@gmail.com, jakjr@celepar.pr.gov.br) *
	5	* --------------------------------------------------------------------------------*
	6	* This program is free software; you can redistribute it and/or modify it *
	7	* under the terms of the GNU General Public License as published by the *
	8	* Free Software Foundation; either version 2 of the License, or (at your *
	9	* option) any later version. *
	10	\**********************************************************************************/
	11
	12	include_once('class.ldap_functions.inc.php');
	13	include_once('class.db_functions.inc.php');
	14	include_once('class.imap_functions.inc.php');
	15	include_once('class.functions.inc.php');
	16
	17	class user
	18	{
	19	var $ldap_functions;
	20	var $db_functions;
	21	var $imap_functions;
	22	var $functions;
	23	var $current_config;
	24
	25	function user()
	26	{
	27	$this->ldap_functions = new ldap_functions;
	28	$this->db_functions = new db_functions;
	29	$this->imap_functions = new imap_functions;
	30	$this->functions = new functions;
	31	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
	32	}
	33
	34	function create($params)
	35	{
	36	$return['status'] = true;
	37
	38	// Verifica o acesso do gerente
	39	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'add_users'))
	40	{
	41	// Adiciona a organização na frente do uid.
	42	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
	43	{
	44	$context_dn = ldap_explode_dn(strtolower($GLOBALS['phpgw_info']['server']['ldap_context']), 1);
	45
	46	$explode_dn = ldap_explode_dn(strtolower($params['context']), 1);
	47	$explode_dn = array_reverse($explode_dn);
	48	//$params['uid'] = $explode_dn[3] . '-' . $params['uid'];
	49	$params['uid'] = $explode_dn[$context_dn['count']] . '-' . $params['uid'];
	50	}
	51
[69]	52	// Leio o ID a ser usado na criação do objecto. Esta função já incrementa o ID no BD.
[64]	53	$next_id = ($this->db_functions->get_next_id('accounts'));
	54	if ((!is_numeric($next_id['id'])) \|\| (!$next_id['status']))
	55	{
	56	$return['status'] = false;
[507]	57	$return['msg'] = $this->functions->lang('problems getting user id') . ".\n" . $id['msg'];
[64]	58	return $return;
	59	}
	60	else
	61	{
	62	$id = $next_id['id'];
	63	}
[2]	64
	65	// Cria array para incluir no LDAP
[27]	66	$dn = 'uid=' . $params['uid'] . ',' . $params['context'];
[2]	67
	68	$user_info = array();
	69	$user_info['accountStatus'] = $params['accountstatus'] == 1 ? 'active' : 'desactive';
	70	$user_info['cn'] = $params['givenname'] . ' ' . $params['sn'];
	71	$user_info['gidNumber'] = $params['gidnumber'];
	72	$user_info['givenName'] = $params['givenname'];
	73	$user_info['homeDirectory'] = '/home/' . $params['uid'];
	74	$user_info['mail'] = $params['mail'];
	75	$user_info['objectClass'][] = 'posixAccount';
	76	$user_info['objectClass'][] = 'inetOrgPerson';
	77	$user_info['objectClass'][] = 'shadowAccount';
	78	$user_info['objectClass'][] = 'qmailuser';
	79	$user_info['objectClass'][] = 'phpgwAccount';
	80	$user_info['objectClass'][] = 'top';
	81	$user_info['objectClass'][] = 'person';
	82	$user_info['objectClass'][] = 'organizationalPerson';
	83	$user_info['phpgwAccountExpires'] = '-1';
	84	$user_info['phpgwAccountType'] = 'u';
	85	$user_info['sn'] = $params['sn'];
	86	$user_info['uid'] = $params['uid'];
	87	$user_info['uidnumber'] = $id;
	88	$user_info['userPassword'] = '{md5}' . base64_encode(pack("H*",md5($params['password1'])));
[46]	89
[72]	90	if ($params['passwd_expired'] == '1')
	91	$user_info['phpgwLastPasswdChange'] = '0';
	92
[46]	93	// Gerenciar senhas RFC2617
	94	if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true')
	95	{
	96	$realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617'];
	97	$uid = $user_info['uid'];
	98	$password = $params['password1'];
	99	$user_info['userPasswordRFC2617'] = $realm . ': ' . md5("$uid:$realm:$password");
	100	}
	101
[2]	102	if ($params['phpgwaccountstatus'] == '1')
	103	$user_info['phpgwAccountStatus'] = 'A';
	104
	105	if ($params['departmentnumber'] != '')
	106	$user_info['departmentnumber'] = $params['departmentnumber'];
	107
	108	if ($params['telephonenumber'] != '')
	109	$user_info['telephoneNumber'] = $params['telephonenumber'];
	110
	111	// Cria user_info no caso de ter alias e forwarding email.
[81]	112	foreach ($params['mailalternateaddress'] as $index=>$mailalternateaddress)
	113	{
	114	if ($mailalternateaddress != '')
	115	$user_info['mailAlternateAddress'][] = $mailalternateaddress;
	116	}
[2]	117
[81]	118	foreach ($params['mailforwardingaddress'] as $index=>$mailforwardingaddress)
	119	{
	120	if ($mailforwardingaddress != '')
	121	$user_info['mailForwardingAddress'][] = $mailforwardingaddress;
	122	}
[2]	123
	124	if ($params['deliverymode'])
	125	$user_info['deliveryMode'] = 'forwardOnly';
	126
	127	//Ocultar da pesquisa e do catálogo
	128	if ($params['phpgwaccountvisible'])
	129	$user_info['phpgwAccountVisible'] = '-1';
	130
	131	// Suporte ao SAMBA
	132	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($params['use_attrs_samba'] == 'on'))
	133	{
[317]	134
	135	// Qualquer um que crie um usuário, deve ter permissão para adicionar a senha samba.
[63]	136	// Verifica o acesso do gerente aos atributos samba
[317]	137	//if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes'))
	138	//{
[63]	139	//Verifica se o binario para criar as senhas do samba exite.
	140	if (!is_file('/home/expressolivre/mkntpwd'))
	141	{
	142	$return['status'] = false;
[493]	143	$return['msg'] .=
[507]	144	$this->functions->lang("the binary file /home/expressolivre/mkntpwd does not exist") . ".\\n" .
	145	$this->functions->lang("it is needed to create samba passwords") . ".\\n" .
	146	$this->functions->lang("alert your administrator about this") . ".";
[63]	147	}
	148	else
	149	{
	150	$user_info['objectClass'][] = 'sambaSamAccount';
	151	$user_info['loginShell'] = '/bin/bash';
	152
	153	$user_info['sambaSID'] = $params['sambadomain'] . '-' . ((2 * $id)+1000);
	154	$user_info['sambaPrimaryGroupSID'] = $params['sambadomain'] . '-' . ((2 * $user_info['gidNumber'])+1001);
[27]	155
[63]	156	$user_info['sambaAcctFlags'] = $params['sambaacctflags'];
[2]	157
[63]	158	$user_info['sambaLogonScript'] = $params['sambalogonscript'];
	159	$user_info['homeDirectory'] = $params['sambahomedirectory'];
[2]	160
[528]	161	$user_info['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L "'.$params['password1'] . '"');
	162	$user_info['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N "'.$params['password1'] . '"');
	163
[63]	164	$user_info['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
[2]	165
[63]	166	$user_info['sambaPwdCanChange'] = strtotime("now");
	167	$user_info['sambaPwdLastSet'] = strtotime("now");
	168	$user_info['sambaPwdMustChange'] = '2147483647';
	169	}
[317]	170	//}
[2]	171	}
[63]	172
	173	// Verifica o acesso do gerente aos atributos corporativos
	174	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
	175	{
[379]	176	//retira caracteres que não são números.
	177	$params['corporative_information_cpf'] = ereg_replace("[^0-9]", "", $params['corporative_information_cpf']);
[438]	178	//description
[520]	179	$params['corporative_information_description'] = utf8_encode($params['corporative_information_description']);
[63]	180	foreach ($params as $atribute=>$value)
	181	{
[64]	182	$pos = strstr($atribute, 'corporative_information_');
[63]	183	if ($pos !== false)
	184	{
	185	if ($params[$atribute])
	186	{
	187	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
	188	$user_info[$ldap_atribute] = $params[$atribute];
	189	}
	190	}
	191	}
	192	}
	193
[2]	194	$result = $this->ldap_functions->ldap_add_entry($dn, $user_info);
	195	if (!$result['status'])
	196	{
	197	$return['status'] = false;
	198	$return['msg'] .= $result['msg'];
	199	}
	200
	201	// Chama funcao para salvar foto no OpenLDAP.
[107]	202	if ( ($_FILES['photo']['name'] != '') && ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_picture')) )
[2]	203	{
	204	$result = $this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name']);
	205	if (!$result['status'])
	206	{
	207	$return['status'] = false;
	208	$return['msg'] .= $result['msg'];
	209	}
	210	}
	211
	212	//GROUPS
	213	if ($params['groups'])
	214	{
	215	foreach ($params['groups'] as $gidnumber)
	216	{
	217	$result = $this->ldap_functions->add_user2group($gidnumber, $user_info['uid']);
	218	if (!$result['status'])
	219	{
	220	$return['status'] = false;
	221	$return['msg'] .= $result['msg'];
	222	}
	223	$result = $this->db_functions->add_user2group($gidnumber, $id);
	224	if (!$result['status'])
	225	{
	226	$return['status'] = false;
	227	$return['msg'] .= $result['msg'];
	228	}
	229	}
	230	}
	231
	232	// Inclusao do Mail do usuário nas listas de email selecionadas.
	233	if ($params['maillists'])
	234	{
[208]	235	foreach($params['maillists'] as $uid)
[2]	236	{
[208]	237	$result = $this->ldap_functions->add_user2maillist($uid, $user_info['mail']);
[2]	238	if (!$result['status'])
	239	{
	240	$return['status'] = false;
	241	$return['msg'] .= $result['msg'];
	242	}
	243	}
	244	}
	245
	246	// APPS
	247	if (count($params['apps']))
	248	{
	249	$result = $this->db_functions->add_id2apps($id, $params['apps']);
	250	if (!$result['status'])
	251	{
	252	$return['status'] = false;
	253	$return['msg'] .= $result['msg'];
	254	}
	255	}
	256
	257	// Chama funcao para incluir no pgsql as preferencia de alterar senha.
	258	if ($params['changepassword'])
	259	{
	260	$result = $this->db_functions->add_pref_changepassword($id);
	261	if (!$result['status'])
	262	{
	263	$return['status'] = false;
	264	$return['msg'] .= $result['msg'];
	265	}
	266	}
	267
	268	// Chama funcao para criar mailbox do usuario, no imap-cyrus.
	269	$result = $this->imap_functions->create($params['uid'], $params['mailquota']);
	270	if (!$result['status'])
	271	{
	272	$return['status'] = false;
	273	$return['msg'] .= $result['msg'];
	274	}
	275
[414]	276	$this->db_functions->write_log("created user",$dn);
[2]	277	}
	278
	279	return $return;
	280	}
	281
	282	function save($new_values)
	283	{
	284	$return['status'] = true;
	285
[64]	286	$old_values = $this->get_user_info($new_values['uidnumber']);
	287
[2]	288	$dn = 'uid=' . $old_values['uid'] . ',' . strtolower($old_values['context']);
[379]	289
	290	//retira caracteres que não são números.
	291	$new_values['corporative_information_cpf'] = ereg_replace("[^0-9]", "", $new_values['corporative_information_cpf']);
	292
[2]	293	$diff = array_diff($new_values, $old_values);
[81]	294
[72]	295	/*
	296	echo '<pre>';
	297	echo '--- OLD: ';
[81]	298	print_r($old_values);
[72]	299	echo '<br>--- NEW: ';
[81]	300	print_r($new_values);
[72]	301	echo '<br>';
[438]	302	exit;
	303	*/
[81]	304
[32]	305	$manager_account_lid = $_SESSION['phpgw_session']['session_lid'];
	306	if ((!$this->functions->check_acl($manager_account_lid,'edit_users')) &&
	307	(!$this->functions->check_acl($manager_account_lid,'change_users_password')) &&
[64]	308	(!$this->functions->check_acl($manager_account_lid,'edit_sambausers_attributes')) &&
[317]	309	(!$this->functions->check_acl($manager_account_lid,'manipulate_corporative_information')) &&
	310	(!$this->functions->check_acl($manager_account_lid,'edit_users_phonenumber'))
[32]	311	)
	312	{
	313	$return['status'] = false;
[507]	314	$return['msg'] = $this->functions->lang('You do not have access to edit user informations') . '.';
[32]	315	return $return;
	316	}
	317
[438]	318	// Check manager access
[2]	319	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	320	{
	321	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	322	// Change user organization
	323	if ($diff['context'])
	324	{
[355]	325	if (strcasecmp($old_values['context'], $new_values['context']) != 0)
[2]	326	{
[355]	327	$newrdn = 'uid=' . $new_values['uid'];
	328	$newparent = $new_values['context'];
	329	$result = $this->ldap_functions->change_user_context($dn, $newrdn, $newparent);
	330	if (!$result['status'])
	331	{
	332	$return['status'] = false;
	333	$return['msg'] .= $result['msg'];
	334	}
	335	else
	336	{
	337	$dn = $newrdn . ',' . $newparent;
[414]	338	$this->db_functions->write_log('modified user context', $dn . ': ' . $old_values['uid'] . '->' . $new_values['context']);
[355]	339	}
[2]	340	}
	341	}
	342
	343	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	344	// REPLACE some attributes
	345	if ($diff['givenname'])
	346	{
	347	$ldap_mod_replace['givenname'] = $new_values['givenname'];
	348	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
[414]	349	$this->db_functions->write_log("modified first name", "$dn: " . $old_values['givenname'] . "->" . $new_values['givenname']);
[2]	350	}
	351	if ($diff['sn'])
	352	{
	353	$ldap_mod_replace['sn'] = $new_values['sn'];
	354	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
[414]	355	$this->db_functions->write_log("modified last name", "$dn: " . $old_values['sn'] . "->" . $new_values['sn']);
[2]	356	}
	357	if ($diff['mail'])
	358	{
	359	$ldap_mod_replace['mail'] = $new_values['mail'];
	360	$this->ldap_functions->replace_user2maillists($new_values['mail'], $old_values['mail']);
[317]	361	$this->ldap_functions->replace_mail_from_institutional_account($new_values['mail'], $old_values['mail']);
[414]	362	$this->db_functions->write_log("modified user email", "$dn: " . $old_values['mail'] . "->" . $new_values['mail']);
[2]	363	}
[72]	364	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	365	// Passwd Expired - Com atributo
[414]	366	if (($old_values['passwd_expired'] != 0) && ($new_values['passwd_expired'] == '1'))
[72]	367	{
	368	$ldap_mod_replace['phpgwlastpasswdchange'] = '0';
[414]	369	$this->db_functions->write_log("Expired user password","$dn");
[72]	370	}
[2]	371	}
	372
	373	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	374	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'change_users_password')) )
	375	{
	376	if ($diff['password1'])
	377	{
	378	$ldap_mod_replace['userPassword'] = '{md5}' . base64_encode(pack("H*",md5($new_values['password1'])));
[46]	379
[2]	380	// Suporte ao SAMBA
	381	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	382	{
[528]	383	$ldap_mod_replace['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L "'.$new_values['password1'] . '"');
	384	$ldap_mod_replace['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N "'.$new_values['password1'] . '"');
[2]	385	}
[46]	386
	387	// Gerenciar senhas RFC2617
	388	if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true')
	389	{
	390	$realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617'];
	391	$uid = $new_values['uid'];
	392	$password = $new_values['password1'];
	393	$passUserRFC2617 = $realm . ': ' . md5("$uid:$realm:$password");
	394
	395	if ($old_values['userPasswordRFC2617'] != '')
	396	$ldap_mod_replace['userPasswordRFC2617'] = $passUserRFC2617;
	397	else
	398	$ldap_add['userPasswordRFC2617'] = $passUserRFC2617;
	399	}
	400
[414]	401	$this->db_functions->write_log("modified user password",$dn);
[2]	402	}
	403	}
[317]	404
	405	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	406	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_phonenumber')) )
	407	{
	408	if (($diff['telephonenumber']) && ($old_values['telephonenumber'] != ''))
	409	{
	410	$ldap_mod_replace['telephonenumber'] = $new_values['telephonenumber'];
[414]	411	$this->db_functions->write_log('modified user telephonenumber', $dn . ': ' . $old_values['telephonenumber'] . '->' . $new_values['telephonenumber']);
[317]	412	}
	413	}
[63]	414
	415	// REPLACE, ADD & REMOVE COPORATIVEs ATRIBUTES
	416	// Verifica o acesso do gerente aos atributos corporativos
[64]	417
	418	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	419	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information')) )
[63]	420	{
	421	foreach ($new_values as $atribute=>$value)
	422	{
[64]	423	$pos = strstr($atribute, 'corporative_information_');
[63]	424	if ($pos !== false)
	425	{
	426	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
[414]	427	// REPLACE CORPORATIVE ATTRIBUTES
[63]	428	if (($diff[$atribute]) && ($old_values[$atribute] != ''))
	429	{
	430	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
[414]	431	$ldap_mod_replace[$ldap_atribute] = utf8_encode($new_values[$atribute]);
	432	$this->db_functions->write_log('modified user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	433	}
[414]	434	//ADD CORPORATIVE ATTRIBUTES
[63]	435	elseif (($old_values[$atribute] == '') && ($new_values[$atribute] != ''))
	436	{
[414]	437	$ldap_add[$ldap_atribute] = utf8_encode($new_values[$atribute]);
	438	$this->db_functions->write_log('added user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	439	}
[414]	440	//REMOVE CORPORATIVE ATTRIBUTES
[63]	441	elseif (($old_values[$atribute] != '') && ($new_values[$atribute] == ''))
	442	{
	443	$ldap_remove[$ldap_atribute] = array();
[414]	444	$this->db_functions->write_log('removed user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	445	}
	446	}
	447	}
	448	}
	449
[2]	450	//Suporte ao SAMBA
	451	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	452	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes')) )
	453	{
[355]	454
	455	if ($diff['gidnumber'])
	456	{
	457	$ldap_mod_replace['gidnumber'] = $new_values['gidnumber'];
[414]	458	$this->db_functions->write_log('modified user primary group', $dn . ': ' . $old_values['gidnumber'] . '->' . $new_values['gidnumber']);
[355]	459	}
	460
[2]	461	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	462	{
[355]	463	if ($diff['gidnumber'])
	464	{
	465	$ldap_mod_replace['sambaPrimaryGroupSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $new_values['gidnumber'])+1001);
[414]	466	$this->db_functions->write_log('modified user sambaPrimaryGroupSID', $dn);
[355]	467	}
	468
[2]	469	if ($diff['sambaacctflags'])
	470	{
	471	$ldap_mod_replace['sambaacctflags'] = $new_values['sambaacctflags'];
[414]	472	$this->db_functions->write_log("modified user sambaacctflags",$dn);
[2]	473	}
	474	if ($diff['sambalogonscript'])
	475	{
	476	$ldap_mod_replace['sambalogonscript'] = $new_values['sambalogonscript'];
[414]	477	$this->db_functions->write_log("modified user sambalogonscript",$dn);
[2]	478	}
	479	if ($diff['sambahomedirectory'])
	480	{
	481	$ldap_mod_replace['homedirectory'] = $new_values['sambahomedirectory'];
[414]	482	$this->db_functions->write_log("modified user homedirectory",$dn);
[2]	483	}
[27]	484	if ($diff['sambadomain'])
	485	{
	486	$ldap_mod_replace['sambaSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['uidnumber'])+1000);
	487	$ldap_mod_replace['sambaPrimaryGroupSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['gidnumber'])+1001);
[414]	488	$this->db_functions->write_log('modified user samba domain', $dn . ': ' . $old_values['sambadomain'] . '->' . $new_values['sambadomain']);
[27]	489	}
[2]	490	}
	491	}
	492
	493	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[81]	494	// ADD or REMOVE some attributes
[2]	495	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[180]	496
	497	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	498	// PHOTO
	499	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_picture'))
	500	{
	501	if ($new_values['delete_photo'])
	502	{
	503	$this->ldap_functions->ldap_remove_photo($dn);
[414]	504	$this->db_functions->write_log("removed user photo",$dn);
[180]	505	}
	506	elseif ($_FILES['photo']['name'] != '')
	507	{
[283]	508
	509	if ($_FILES['photo']['size'] > 10000)
	510	{
	511	$return['status'] = false;
[507]	512	$return['msg'] .= $this->functions->lang('User photo could not be save because is bigger the 10 kb') . '.';
[283]	513	}
	514	else
	515	{
[309]	516	if ($new_values['photo_exist'])
	517	{
	518	$photo_exist = true;
[414]	519	$this->db_functions->write_log("mofified user photo",$dn);
[309]	520	}
	521	else
	522	{
	523	$photo_exist = false;
[414]	524	$this->db_functions->write_log("added user photo",$dn);
[309]	525	}
	526	$this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name'], $new_values['photo_exist'], $photo_exist);
[180]	527	}
	528	}
	529	}
[2]	530
	531	// Verifica o acesso ára adicionar ou remover tais atributos
	532	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	533	{
	534	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	535	// TELEPHONE
	536	if (($old_values['telephonenumber'] == '') && ($new_values['telephonenumber'] != ''))
	537	{
	538	$ldap_add['telephonenumber'] = $new_values['telephonenumber'];
[414]	539	$this->db_functions->write_log("added user phone",$dn);
[2]	540	}
	541	if (($old_values['telephonenumber'] != '') && ($new_values['telephonenumber'] == ''))
	542	{
	543	$ldap_remove['telephonenumber'] = array();
[414]	544	$this->db_functions->write_log("removed user phone",$dn);
[2]	545	}
	546	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[72]	547	// Passwd Expired - Sem atributo
	548	if (($old_values['passwd_expired'] == '') && ($new_values['passwd_expired'] == '1'))
	549	{
	550	$ldap_add['phpgwlastpasswdchange'] = '0';
[414]	551	$this->db_functions->write_log("expired user password",$dn);
[72]	552	}
	553	if (($old_values['passwd_expired'] == '0') && ($new_values['passwd_expired'] == ''))
	554	{
	555	$ldap_remove['phpgwlastpasswdchange'] = array();
[414]	556	$this->db_functions->write_log("removed expiry from user password",$dn);
[72]	557	}
	558	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[2]	559	// PREF_CHANGEPASSWORD
	560	if (($old_values['changepassword'] == '') && ($new_values['changepassword'] != ''))
	561	{
	562	$this->db_functions->add_pref_changepassword($new_values['uidnumber']);
[414]	563	$this->db_functions->write_log("turn on changepassword",$dn);
[2]	564	}
	565	if (($old_values['changepassword'] != '') && ($new_values['changepassword'] == ''))
	566	{
	567	$this->db_functions->remove_pref_changepassword($new_values['uidnumber']);
[414]	568	$this->db_functions->write_log("turn of changepassword",$dn);
[2]	569	}
	570	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	571	// ACCOUNT STATUS
	572	if (($old_values['phpgwaccountstatus'] == '') && ($new_values['phpgwaccountstatus'] != ''))
	573	{
	574	$ldap_add['phpgwaccountstatus'] = 'A';
[414]	575	$this->db_functions->write_log("turn on user account",$dn);
[2]	576	}
	577	if (($old_values['phpgwaccountstatus'] != '') && ($new_values['phpgwaccountstatus'] == ''))
	578	{
	579	$ldap_remove['phpgwaccountstatus'] = array();
[414]	580	$this->db_functions->write_log("turn off user account",$dn);
[2]	581	}
[548]	582
	583	if ($new_values['phpgwaccountexpired'] == '1') /////////////////////////
	584	{
[621]	585	$this->db_functions->write_log("Reactivated blocked user by downtime",'',$dn,'','');
[597]	586	$this->db_functions->reactivate_inactive_user($old_values['uidnumber']);
[548]	587	}
[2]	588	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	589	// ACCOUNT VISIBLE
	590	if (($old_values['phpgwaccountvisible'] == '') && ($new_values['phpgwaccountvisible'] != ''))
	591	{
	592	$ldap_add['phpgwaccountvisible'] = '-1';
[414]	593	$this->db_functions->write_log("turn on phpgwaccountvisible",$dn);
[2]	594	}
	595	if (($old_values['phpgwaccountvisible'] != '') && ($new_values['phpgwaccountvisible'] == ''))
	596	{
	597	$ldap_remove['phpgwaccountvisible'] = array();
[414]	598	$this->db_functions->write_log("turn off phpgwaccountvisible",$dn);
[2]	599	}
	600	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	601	// Mail Account STATUS
	602	if (($old_values['accountstatus'] == '') && ($new_values['accountstatus'] != ''))
	603	{
	604	$ldap_add['accountstatus'] = 'active';
[414]	605	$this->db_functions->write_log("turn on user account email",$dn);
[2]	606	}
	607	if (($old_values['accountstatus'] != '') && ($new_values['accountstatus'] == ''))
	608	{
	609	$ldap_remove['accountstatus'] = array();
[414]	610	$this->db_functions->write_log("turn off user account email",$dn);
[2]	611	}
	612	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	613	// MAILALTERNATEADDRESS
[81]	614	if (!$new_values['mailalternateaddress'])
	615	$new_values['mailalternateaddress'] = array();
	616	if (!$old_values['mailalternateaddress'])
	617	$old_values['mailalternateaddress'] = array();
	618	$add_mailalternateaddress = array_diff($new_values['mailalternateaddress'], $old_values['mailalternateaddress']);
	619	$remove_mailalternateaddress = array_diff($old_values['mailalternateaddress'], $new_values['mailalternateaddress']);
	620	foreach ($add_mailalternateaddress as $index=>$mailalternateaddress)
	621	{
	622	if ($mailalternateaddress != '')
	623	{
	624	$ldap_add['mailalternateaddress'][] = $mailalternateaddress;
[414]	625	$this->db_functions->write_log("added mailalternateaddress","$dn: $mailalternateaddress");
[81]	626	}
	627	}
	628	foreach ($remove_mailalternateaddress as $index=>$mailalternateaddress)
	629	{
	630	if ($mailalternateaddress != '')
	631	{
	632	if ($index !== 'count')
	633	{
	634	$ldap_remove['mailalternateaddress'][] = $mailalternateaddress;
[414]	635	$this->db_functions->write_log("removed mailalternateaddress","$dn: $mailalternateaddress");
[81]	636	}
	637	}
	638	}
	639
	640	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	641	// MAILFORWARDINGADDRESS
	642	if (!$new_values['mailforwardingaddress'])
	643	$new_values['mailforwardingaddress'] = array();
	644	if (!$old_values['mailforwardingaddress'])
	645	$old_values['mailforwardingaddress'] = array();
	646	$add_mailforwardingaddress = array_diff($new_values['mailforwardingaddress'], $old_values['mailforwardingaddress']);
	647	$remove_mailforwardingaddress = array_diff($old_values['mailforwardingaddress'], $new_values['mailforwardingaddress']);
	648	foreach ($add_mailforwardingaddress as $index=>$mailforwardingaddress)
	649	{
	650	if ($mailforwardingaddress != '')
	651	{
	652	$ldap_add['mailforwardingaddress'][] = $mailforwardingaddress;
[414]	653	$this->db_functions->write_log("added mailforwardingaddress","$dn: $mailforwardingaddress");
[81]	654	}
	655	}
	656	foreach ($remove_mailforwardingaddress as $index=>$mailforwardingaddress)
	657	{
	658	if ($mailforwardingaddress != '')
	659	{
	660	if ($index !== 'count')
	661	{
	662	$ldap_remove['mailforwardingaddress'][] = $mailforwardingaddress;
[414]	663	$this->db_functions->write_log("removed mailforwardingaddress","$dn: $mailforwardingaddress");
[81]	664	}
	665	}
	666	}
	667
	668	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[2]	669	// Delivery Mode
	670	if (($old_values['deliverymode'] == '') && ($new_values['deliverymode'] != ''))
	671	{
	672	$ldap_add['deliverymode'] = 'forwardOnly';
[414]	673	$this->db_functions->write_log("added forwardOnly", $dn);
[2]	674	}
	675	if (($old_values['deliverymode'] != '') && ($new_values['deliverymode'] == ''))
	676	{
	677	$ldap_remove['deliverymode'] = array();
[414]	678	$this->db_functions->write_log("removed forwardOnly", $dn);
[2]	679	}
	680	}
	681
	682	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	683	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'change_users_quote')) )
	684	{
	685	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	686	// MAILQUOTA
[520]	687	if ( ($new_values['mailquota'] != $old_values['mailquota']) && (is_numeric($new_values['mailquota'])) )
[2]	688	{
[520]	689	$result_change_user_quota = $this->imap_functions->change_user_quota($new_values['uid'], $new_values['mailquota']);
	690
	691	if ($result_change_user_quota['status'])
	692	{
	693	$this->db_functions->write_log("modified user email quota" , $dn . ':' . $old_values['mailquota'] . '->' . $new_values['mailquota']);
	694	}
	695	else
	696	{
	697	$return['status'] = false;
	698	$return['msg'] .= $result_change_user_quota['msg'];
	699	}
[2]	700	}
	701	}
[63]	702
[2]	703	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	704	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes')) )
	705	{
	706	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	707	// REMOVE ATTRS OF SAMBA
	708	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] != 'on'))
	709	{
	710	$ldap_remove['objectclass'] = 'sambaSamAccount';
	711	$ldap_remove['loginShell'] = array();
	712	$ldap_remove['sambaSID'] = array();
	713	$ldap_remove['sambaPrimaryGroupSID'] = array();
	714	$ldap_remove['sambaAcctFlags'] = array();
	715	$ldap_remove['sambaLogonScript'] = array();
	716	$ldap_remove['sambaLMPassword'] = array();
	717	$ldap_remove['sambaNTPassword'] = array();
	718	$ldap_remove['sambaPasswordHistory'] = array();
	719	$ldap_remove['sambaPwdCanChange'] = array();
	720	$ldap_remove['sambaPwdLastSet'] = array();
	721	$ldap_remove['sambaPwdMustChange'] = array();
[414]	722	$this->db_functions->write_log("removed user samba attributes", $dn);
[2]	723	}
	724	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	725	// ADD ATTRS OF SAMBA
	726	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && (!$new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	727	{
	728	if (!is_file('/home/expressolivre/mkntpwd'))
	729	{
	730	$return['status'] = false;
[507]	731	$return['msg'] .= $this->functions->lang("The file /home/expressolivre/mkntpwd does not exist") . ".\n";
	732	$return['msg'] .= $this->functions->lang("It is necessery to create samba passwords") . ".\n";
	733	$return['msg'] .= $this->functions->lang("Inform your system administrator about this") . ".\n";
[2]	734	}
	735	else
	736	{
	737	$ldap_add['objectClass'][] = 'sambaSamAccount';
	738	$ldap_mod_replace['loginShell'] = '/bin/bash';
[47]	739	$ldap_add['sambaSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['uidnumber'])+1000);
	740	$ldap_add['sambaPrimaryGroupSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['gidnumber'])+1001);
[2]	741	$ldap_add['sambaAcctFlags'] = $new_values['sambaacctflags'];
	742	$ldap_add['sambaLogonScript'] = $new_values['sambalogonscript'];
	743	$ldap_mod_replace['homeDirectory'] = $new_values['sambahomedirectory'];
	744	$ldap_add['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.'senha');
	745	$ldap_add['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.'senha');
	746	$ldap_add['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
	747	$ldap_add['sambaPwdCanChange'] = strtotime("now");
	748	$ldap_add['sambaPwdLastSet'] = strtotime("now");
	749	$ldap_add['sambaPwdMustChange'] = '2147483647';
[414]	750	$this->db_functions->write_log("added user samba attribute", $dn);
[2]	751	}
	752	}
	753	}
	754
	755	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	756	// GROUPS
[379]	757	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_groups'))
[2]	758	{
[379]	759	// If the manager does not have the suficient access, the new_values.uid is empty.
	760	if (empty($new_values['uid']))
	761	$user_uid = $old_values['uid'];
	762	else
	763	$user_uid = $new_values['uid'];
	764
[2]	765	if (!$new_values['groups'])
	766	$new_values['groups'] = array();
	767	if (!$old_values['groups'])
	768	$old_values['groups'] = array();
	769
	770	$add_groups = array_diff($new_values['groups'], $old_values['groups']);
	771	$remove_groups = array_diff($old_values['groups'], $new_values['groups']);
	772
	773	if (count($add_groups)>0)
	774	{
	775	foreach($add_groups as $gidnumber)
	776	{
	777	$this->db_functions->add_user2group($gidnumber, $new_values['uidnumber']);
[379]	778	$this->ldap_functions->add_user2group($gidnumber, $user_uid);
[438]	779	$this->db_functions->write_log("included user to group", "uid:$user_uid -> gid:$gidnumber");
[2]	780	}
	781	}
[64]	782
[2]	783	if (count($remove_groups)>0)
	784	{
	785	foreach($remove_groups as $gidnumber)
	786	{
	787	foreach($old_values['groups_info'] as $group)
	788	{
	789	if (($group['gidnumber'] == $gidnumber) && ($group['group_disabled'] == 'false'))
	790	{
	791	$this->db_functions->remove_user2group($gidnumber, $new_values['uidnumber']);
[379]	792	$this->ldap_functions->remove_user2group($gidnumber, $user_uid);
[414]	793	$this->db_functions->write_log("removed user from group", "$dn: $gidnumber");
[2]	794	}
	795	}
	796	}
	797	}
	798	}
	799	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	800	// LDAP_MOD_REPLACE
	801	if (count($ldap_mod_replace))
	802	{
	803	$result = $this->ldap_functions->replace_user_attributes($dn, $ldap_mod_replace);
	804	if (!$result['status'])
	805	{
	806	$return['status'] = false;
	807	$return['msg'] .= $result['msg'];
	808	}
	809	}
	810
	811	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	812	// LDAP_MOD_ADD
	813	if (count($ldap_add))
	814	{
	815	$result = $this->ldap_functions->add_user_attributes($dn, $ldap_add);
	816	if (!$result['status'])
	817	{
	818	$return['status'] = false;
	819	$return['msg'] .= $result['msg'];
	820	}
	821	}
	822
	823	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	824	// LDAP_MOD_REMOVE
	825	if (count($ldap_remove))
	826	{
	827	$result = $this->ldap_functions->remove_user_attributes($dn, $ldap_remove);
	828	if (!$result['status'])
	829	{
	830	$return['status'] = false;
	831	$return['msg'] .= $result['msg'];
	832	}
	833	}
	834	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	835
	836
	837	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	838	{
	839	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	840	// MAILLISTS
	841	if (!$new_values['maillists'])
	842	$new_values['maillists'] = array();
	843	if (!$old_values['maillists'])
	844	$old_values['maillists'] = array();
[64]	845
[2]	846	$add_maillists = array_diff($new_values['maillists'], $old_values['maillists']);
	847	$remove_maillists = array_diff($old_values['maillists'], $new_values['maillists']);
	848
	849	if (count($add_maillists)>0)
	850	{
[208]	851	foreach($add_maillists as $uid)
[2]	852	{
[208]	853	$this->ldap_functions->add_user2maillist($uid, $new_values['mail']);
[438]	854	$this->db_functions->write_log("included user to maillist","$uid: $dn");
[2]	855	}
	856	}
[414]	857
[2]	858	if (count($remove_maillists)>0)
	859	{
[208]	860	foreach($remove_maillists as $uid)
[2]	861	{
[208]	862	$this->ldap_functions->remove_user2maillist($uid, $new_values['mail']);
[414]	863	$this->db_functions->write_log("removed user from maillist","$dn: $uid");
[2]	864	}
	865	}
	866
	867	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	868	// APPS
	869	$new_values2 = array();
	870	$old_values2 = array();
	871	if (count($new_values['apps'])>0)
	872	{
	873	foreach ($new_values['apps'] as $app=>$tmp)
	874	{
	875	$new_values2[] = $app;
	876	}
	877	}
	878	if (count($old_values['apps'])>0)
	879	{
	880	foreach ($old_values['apps'] as $app=>$tmp)
	881	{
	882	$old_values2[] = $app;
	883	}
	884	}
	885	$add_apps = array_flip(array_diff($new_values2, $old_values2));
	886	$remove_apps = array_flip(array_diff($old_values2, $new_values2));
	887
	888	if (count($add_apps)>0)
	889	{
	890	$this->db_functions->add_id2apps($new_values['uidnumber'], $add_apps);
[9]	891
	892	foreach ($add_apps as $app => $index)
[414]	893	$this->db_functions->write_log("added application to user","$dn: $app");
[2]	894	}
	895	if (count($remove_apps)>0)
	896	{
[9]	897	//Verifica se o gerente tem acesso a aplicação antes de remove-la do usuario.
	898	$manager_apps = $this->db_functions->get_apps($_SESSION['phpgw_session']['session_lid']);
	899
	900	foreach ($remove_apps as $app => $app_index)
	901	{
	902	if ($manager_apps[$app] == 'run')
	903	$remove_apps2[$app] = $app_index;
	904	}
	905	$this->db_functions->remove_id2apps($new_values['uidnumber'], $remove_apps2);
	906
	907	foreach ($remove_apps2 as $app => $access)
[414]	908	$this->db_functions->write_log("removed application to user","$dn: $app");
[2]	909	}
	910	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	911	}
	912	return $return;
	913	}
	914
[64]	915	function get_user_info($uidnumber)
[2]	916	{
[507]	917	if (!$user_info_ldap = $this->ldap_functions->get_user_info($uidnumber))
	918	return false;
[2]	919	$user_info_db1 = $this->db_functions->get_user_info($uidnumber);
[64]	920	$user_info_db2 = $this->ldap_functions->gidnumbers2cn($user_info_db1['groups']);
[2]	921	$user_info_imap = $this->imap_functions->get_user_info($user_info_ldap['uid']);
	922	$user_info = array_merge($user_info_ldap, $user_info_db1, $user_info_db2, $user_info_imap);
	923	return $user_info;
	924	}
	925
	926	function set_user_default_password($params)
	927	{
[458]	928	$return['status'] = 1;
[2]	929	$uid = $params['uid'];
	930	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
	931
	932	if (!$this->db_functions->default_user_password_is_set($uid))
	933	{
	934	$userPassword = $this->ldap_functions->set_user_password($uid, $defaultUserPassword);
	935	$this->db_functions->set_user_password($uid, $userPassword);
[458]	936	$this->db_functions->write_log("inserted default password",$uid);
[2]	937	}
	938	else
	939	{
[458]	940	$return['status'] = 0;
	941	$return['msg'] = $this->functions->lang('default password already registered') . '!';
[2]	942	}
	943
	944	return $return;
	945	}
	946
	947	function return_user_password($params)
	948	{
[458]	949	$return['status'] = 1;
[2]	950	$uid = $params['uid'];
	951
	952	if ($this->db_functions->default_user_password_is_set($uid))
	953	{
	954	$userPassword = $this->db_functions->get_user_password($uid);
	955	$this->ldap_functions->set_user_password($uid, $userPassword);
	956	}
	957	else
	958	{
[458]	959	$return['status'] = 0;
	960	$return['msg'] = $this->functions->lang('default password not registered') . '!';
[2]	961	}
	962
[414]	963	$this->db_functions->write_log("returned user password",$uid);
[2]	964
	965	return $return;
	966	}
	967
	968	function delete($params)
	969	{
	970	$return['status'] = true;
[507]	971	$this->db_functions->write_log('delete user: start', $params['uid']);
[2]	972
	973	// Verifica o acesso do gerente
	974	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'delete_users'))
	975	{
	976	$uidnumber = $params['uidnumber'];
[507]	977	if (!$user_info = $this->get_user_info($uidnumber))
	978	{
	979	$this->db_functions->write_log('delete user: error getting users info', $user_info['uid']);
	980	$return['status'] = false;
	981	$return['msg'] = $this->functions->lang('error getting users info');
	982	return $return;
	983	}
	984
[2]	985	//LDAP
	986	$result_ldap = $this->ldap_functions->delete_user($user_info);
	987	if (!$result_ldap['status'])
	988	{
	989	$return['status'] = false;
[507]	990	$return['msg'] = 'user.delete(ldap): ' . $result_ldap['msg'];
	991	return $return;
[2]	992	}
[64]	993	else
[2]	994	{
[507]	995	$this->db_functions->write_log("deleted users data from ldap", $user_info['uid']);
	996
[64]	997	//DB
	998	$result_db = $this->db_functions->delete_user($user_info);
	999	if (!$result_db['status'])
	1000	{
	1001	$return['status'] = false;
[507]	1002	$return['msg'] .= 'user.delete(db): ' . $result_db['msg'];
[64]	1003	}
[507]	1004	else
	1005	{
	1006	$this->db_functions->write_log("deleted users data from DB", $user_info['uid']);
	1007	}
	1008
[64]	1009	//IMAP
	1010	$result_imap = $this->imap_functions->delete_user($user_info['uid']);
	1011	if (!$result_imap['status'])
	1012	{
	1013	$return['status'] = false;
[507]	1014	$return['msg'] .= $result_imap['msg'];
[64]	1015	}
[507]	1016	else
	1017	{
	1018	$this->db_functions->write_log("deleted users data from IMAP", $user_info['uid']);
	1019	}
	1020
[2]	1021	}
	1022	}
[507]	1023	else
	1024	{
	1025	$this->db_functions->write_log('delete user: manager does not have access', $params['uidnumber']);
	1026	}
[2]	1027
[507]	1028	$this->db_functions->write_log('delete user: end', $user_info['uid']);
[2]	1029	return $return;
	1030	}
	1031
	1032
	1033	function rename($params)
	1034	{
	1035	$return['status'] = true;
[64]	1036
	1037	// Verifica acesso do gerente (OU) ao tentar renomear um usuário.
	1038	if ( ! $this->ldap_functions->check_access_to_renamed($params['uid']) )
	1039	{
	1040	$return['status'] = false;
[507]	1041	$return['msg'] .= $this->functions->lang('You do not have access to delete user') . '.';
[64]	1042	return $return;
	1043	}
[2]	1044
[414]	1045	// Check if the new_uid is in use.
[396]	1046	if ( ! $this->ldap_functions->check_rename_new_uid($params['new_uid']) )
	1047	{
	1048	$return['status'] = false;
[507]	1049	$return['msg'] = $this->functions->lang('New login already in use') . '.';
[396]	1050	return $return;
	1051	}
	1052
[2]	1053	// Verifica o acesso do gerente
	1054	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'rename_users'))
	1055	{
	1056	$uid = $params['uid'];
	1057	$new_uid = $params['new_uid'];
	1058	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
	1059	$defaultUserPassword_plain = $this->current_config['expressoAdmin_defaultUserPassword'];
	1060
	1061	$emailadmin_profiles = $this->db_functions->get_sieve_info();
	1062	$sieve_enable = $emailadmin_profiles[0]['imapenablesieve'];
	1063	$sieve_server = $emailadmin_profiles[0]['imapsieveserver'];
	1064	$sieve_port = $emailadmin_profiles[0]['imapsieveport'];
	1065
	1066	$imap_admin = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminUsername'];
	1067	$imap_passwd = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminPW'];
	1068	$imap_server = $_SESSION['phpgw_info']['expresso']['email_server']['imapServer'];
	1069	$imap_port = $_SESSION['phpgw_info']['expresso']['email_server']['imapPort'];
	1070	$imapDelimiter = $_SESSION['phpgw_info']['expresso']['email_server']['imapDelimiter'];
	1071
	1072	//Verifica se está sendo usuado cyrus 2.2 ou superior
	1073	$sk = fsockopen ($imap_server,$imap_port);
	1074	$server_resp = fread($sk, 100);
	1075	$tmp = split('v2.', $server_resp);
	1076	$cyrus_version = '2' . $tmp[1][0];
	1077
[3529]	1078	if ( $cyrus_version < intVal('22') )
[2]	1079	{
[396]	1080	$return['status'] = false;
[414]	1081	$return['msg'] = "The rename user is only permitted with cyrus 2.2 or higher,";
	1082	$return['msg'] .= "\nand with the option 'allowusermoves: yes' set in imapd.conf.";
	1083
	1084
[396]	1085	return $return;
	1086	}
	1087
	1088	// Renomeia UID no openldap
	1089	$result = $this->ldap_functions->rename_uid($uid, $new_uid);
	1090	if (!$result['status'])
	1091	{
	1092	$return['status'] = false;
[507]	1093	$return['msg'] = $this->functions->lang("Error rename user in LDAP") . '.';
[396]	1094	return $return;
	1095	}
	1096
	1097	//Renomeia mailbox
[507]	1098	$imap_rename_result = $this->imap_functions->rename_mailbox($uid, $new_uid);
	1099	if (!$imap_rename_result['status'])
[396]	1100	{
	1101	// Back user uid.
	1102	$result = $this->ldap_functions->rename_uid($new_uid, $uid);
	1103
	1104	$return['status'] = false;
[507]	1105	$return['msg'] = $this->functions->lang("Error renaming user mailboxes") . ".\n";
	1106	$return['msg'] .= $imap_rename_result['msg'];
[396]	1107	return $return;
	1108	}
[507]	1109
[396]	1110
	1111	// Renomeia sieve script
	1112	include_once('sieve-php.lib.php');
[507]	1113	//function sieve($host, $port, $user, $pass, $auth="", $auth_types)
	1114	$sieve=new sieve($sieve_server, $sieve_port, $new_uid, $imap_passwd, $imap_admin, 'PLAIN');
[30]	1115
[396]	1116	if ($sieve->sieve_login())
	1117	{
	1118	$sieve->sieve_listscripts();
	1119	$myactivescript=$sieve->response["ACTIVE"];
	1120	$sieve->sieve_getscript($myactivescript);
	1121
	1122	$script = '';
	1123	if (!empty($sieve->response))
[30]	1124	{
	1125	foreach($sieve->response as $result)
	1126	{
	1127	$script .= $result;
	1128	}
[396]	1129	}
[507]	1130
	1131	if (!empty($script))
[396]	1132	{
[507]	1133	$scriptname = $new_uid;
	1134	if($sieve->sieve_sendscript($new_uid,$script))
[30]	1135	{
[507]	1136	if ($sieve->sieve_setactivescript($new_uid))
	1137	{
	1138	if (!$sieve->sieve_deletescript($myactivescript))
	1139	{
	1140	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1141	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem deleting old script") . '.';
	1142	}
	1143	}
	1144	else
	1145	{
	1146	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1147	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem activating sieve script") . '.';
	1148	}
[30]	1149	}
[507]	1150	else
	1151	{
	1152	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1153	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem saving sieve script") . '.';
	1154	}
[30]	1155	}
[396]	1156	$sieve->sieve_logout();
	1157	}
	1158	else
	1159	{
	1160	$return['status'] = false;
[507]	1161	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1162	$return['msg'] .= $result['msg'] . $this->functions->lang("Can not login sieve") . '.';
[396]	1163	}
[30]	1164
[414]	1165	$this->db_functions->write_log("renamed user", "$uid -> $new_uid");
[2]	1166
[396]	1167	$return['exec_return'] = "";
	1168
[64]	1169	return $return;
[2]	1170	}
	1171	}
[63]	1172
	1173	function write_log_from_ajax($params)
	1174	{
	1175	$this->db_functions->write_log($params['_action'],'',$params['userinfo'],'','');
	1176	return true;
	1177	}
[2]	1178	}
[548]	1179	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: branches/2.0/expressoAdmin1_2/inc/class.user.inc.php @ 3529

Download in other formats: