Context Navigation

source: companies/serpro/expressoAdminSerpro/inc/class.user.inc.php @ 903

Revision 903, 52.6 KB checked in by niltonneto, 15 years ago (diff)
Importacao inicial do Expresso do Serpro

Line
1	<?php
2	/**********************************************************************************\
3	* Expresso Administração *
4	* by Joao Alfredo Knopik Junior (joao.alfredo@gmail.com, jakjr@celepar.pr.gov.br) *
5	* --------------------------------------------------------------------------------*
6	* This program is free software; you can redistribute it and/or modify it *
7	* under the terms of the GNU General Public License as published by the *
8	* Free Software Foundation; either version 2 of the License, or (at your *
9	* option) any later version. *
10	\**********************************************************************************/
11
12	include_once('class.ldap_functions.inc.php');
13	include_once('class.db_functions.inc.php');
14	include_once('class.imap_functions.inc.php');
15	include_once('class.functions.inc.php');
16
17	class user
18	{
19	var $ldap_functions;
20	var $db_functions;
21	var $imap_functions;
22	var $functions;
23	var $current_config;
24
25	function user()
26	{
27	$this->ldap_functions = new ldap_functions;
28	$this->db_functions = new db_functions;
29	$this->imap_functions = new imap_functions;
30	$this->functions = new functions;
31	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
32	}
33
34	function create($params)
35	{
36	$return['status'] = true;
37	//$params['context'] = $params['dn'];
38	$params['context'] = $params['ldap_relative_path'];
39	// Verifica o acesso do gerente
40	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'add_users'))
41	{
42	// Adiciona a organização na frente do uid.
43	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
44	{
45	$context_dn = ldap_explode_dn(strtolower($GLOBALS['phpgw_info']['server']['ldap_context']), 1);
46
47	$explode_dn = ldap_explode_dn(strtolower($params['context']), 1);
48	$explode_dn = array_reverse($explode_dn);
49	//$params['uid'] = $explode_dn[3] . '-' . $params['uid'];
50	$params['uid'] = $explode_dn[$context_dn['count']] . '-' . $params['uid'];
51	}
52	// Caso o login for um CPF, o uidNumber deverá ser esse CPF, sem os dígitos verificadores, sem os zeros iniciais (se houver).
53	if(($params['uid'] + 0)and(strlen($params['uid'])==11)and($this->validarCPF($params['uid'])))
54	{
55	$id = substr($params['uid'],0,-2);
56	$id = $id + 0;
57	}
58	else
59	{
60	// Leio o ID a ser usado na criação do objecto. Esta função já incrementa o ID no BD.
61	$next_id = ($this->db_functions->get_next_id('accounts'));
62	if ((!is_numeric($next_id['id'])) \|\| (!$next_id['status']))
63	{
64	$return['status'] = false;
65	$return['msg'] = "Problemas obtendo ID do usuário.\n" . $id['msg'];
66	return $return;
67	}
68	else
69	{
70	$id = $next_id['id'];
71	}
72	}
73	// Cria array para incluir no LDAP
74	$dn = 'uid=' . $params['uid'] . ',' . $params['context'];
75
76	$user_info = array();
77	$user_info['accountStatus'] = $params['accountstatus'] == 1 ? 'active' : 'desactive';
78	$user_info['cn'] = $params['givenname'] . ' ' . $params['sn'];
79	$user_info['gidNumber'] = $params['gidnumber'];
80	$user_info['givenName'] = $params['givenname'];
81	$user_info['homeDirectory'] = '/home/' . $params['uid'];
82	$user_info['mail'] = $params['mail'];
83	$user_info['objectClass'][] = 'posixAccount';
84	$user_info['objectClass'][] = 'inetOrgPerson';
85	$user_info['objectClass'][] = 'shadowAccount';
86	// O if abaixo decide se vai usar o objectClass qmailuser ( deve ser usado qdo for openldap no lugar do rhds).
87	// No "setup" deve ser alterado o parametro do header de serprousr para person para usar o openldap.
88	if(!$GLOBALS['phpgw_info']['server']['atributousuarios'] or $GLOBALS['phpgw_info']['server']['atributousuarios'] == "person")
89	{
90	$user_info['objectClass'][] = 'qmailuser';
91	}
92	$user_info['objectClass'][] = 'phpgwaccount';
93	$user_info['objectClass'][] = 'top';
94	$user_info['objectClass'][] = 'person';
95	$user_info['objectClass'][] = 'organizationalPerson';
96	$user_info['objectClass'][] = 'sambasamaccount';
97	$user_info['sambasid'] = '1';
98	//verifica se o atributo usuários foi declarado no header e se o seu valor ja nao foi apresentado como uma objectclass
99	if(isset($GLOBALS['phpgw_info']['server']['atributousuarios']) and !(array_search(($GLOBALS['phpgw_info']['server']['atributousuarios']), $user_info['objectClass'])))
100	{
101	$user_info['objectClass'][] = $GLOBALS['phpgw_info']['server']['atributousuarios'];
102	}
103	$user_info['phpgwAccountType'] = 'u';
104	$user_info['sn'] = $params['sn'];
105	$user_info['uid'] = $params['uid'];
106	$user_info['uidnumber'] = $id;
107	switch ($this->current_config['expressoAdmin_passwordCrypt'])
108	{
109	case "md5":
110	$user_info['userPassword'] = '{md5}'.base64_encode(pack("H*",md5($params['password1'])));
111	break;
112	case "plain":
113	$user_info['userPassword'] = $params['password1'];
114	break;
115	default:
116	$user_info['userPassword'] = '{md5}'.base64_encode(pack("H*",md5($params['password1'])));
117	}
118	//verificando o formato do atributo de expiracao
119	$ldap_info = $this->ldap_functions->get_user_info($_SESSION['phpgw_info']['expresso']['user']['account_id']);
120	//alterando o atributo de expiracao
121	if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
122	{
123	if(substr($ldap_info['atributoexpiracao'],-1,1)=="Z")
124	{
125	###quando a data de expiração estah no formato yyyymmddhhmmssZ
126	$user_info[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '19800101000000Z';
127	}
128	else
129	{
130	###Outro atributo ldap que, assim como o phpgwaccountexpires, tambem contem hora em formato unix
131	$user_info[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '0';
132	}
133	}
134	else
135	{
136	$ldap_mod_replace['phpgwaccountexpires'] = '0';
137	}
138
139	// Gerenciar senhas RFC2617
140	if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true')
141	{
142	$realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617'];
143	$uid = $user_info['uid'];
144	$password = $params['password1'];
145	$user_info['userPasswordRFC2617'] = $realm . ': ' . md5("$uid:$realm:$password");
146	}
147	if ($params['phpgwaccountstatus'] == '1')
148	$user_info['phpgwAccountStatus'] = 'A';
149
150	if ($params['departmentnumber'] != '')
151	$user_info['departmentnumber'] = $params['departmentnumber'];
152
153	// if ($params['telephonenumber'] != '')
154	// $user_info['telephoneNumber'] = $params['telephonenumber'];
155
156	// Cria user_info no caso de ter alias e forwarding email.
157	foreach ($params['mailalternateaddress'] as $index=>$mailalternateaddress)
158	{
159	if ($mailalternateaddress != '')
160	$user_info['mailAlternateAddress'][] = $mailalternateaddress;
161	}
162
163	foreach ($params['mailforwardingaddress'] as $index=>$mailforwardingaddress)
164	{
165	if ($mailforwardingaddress != '')
166	$user_info['mailForwardingAddress'][] = $mailforwardingaddress;
167	}
168
169	foreach ($params['accountOwners'] as $index=>$responsavel)
170	{
171	if ($responsavel != '')
172	$user_info['responsavel'][] = $responsavel;
173	}
174
175	if ($params['deliverymode'])
176	$user_info['deliveryMode'] = 'forwardOnly';
177
178	//Ocultar da pesquisa e do catï¿œlogo
179	if ($params['phpgwaccountvisible'])
180	$user_info['phpgwAccountVisible'] = '-1';
181
182	// Suporte ao SAMBA
183	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($params['use_attrs_samba'] == 'on'))
184	{
185	// Qualquer um que crie um usuário, deve ter permissão para adicionar a senha samba.
186	// Verifica o acesso do gerente aos atributos samba
187	//if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_sambausers_attributes'))
188	//{
189	//Verifica se o binario para criar as senhas do samba exite.
190	if (!is_file('/home/expressolivre/mkntpwd'))
191	{
192	$return['status'] = false;
193	$return['msg'] .= "O arquivo binário /home/expressolivre/mkntpwd não exite.\\nEle é necessário para a criação das senhas usadas pelo SAMBA.\\nInforme o administrador ExpressoLivre sobre isto.";
194	}
195	else
196	{
197	$user_info['objectClass'][] = 'sambaSamAccount';
198	$user_info['loginShell'] = '/bin/bash';
199
200	$user_info['sambaSID'] = $params['sambadomain'] . '-' . ((2 * $id)+1000);
201	$user_info['sambaPrimaryGroupSID'] = $params['sambadomain'] . '-' . ((2 * $user_info['gidNumber'])+1001);
202
203	$user_info['sambaAcctFlags'] = $params['sambaacctflags'];
204
205	$user_info['sambaLogonScript'] = $params['sambalogonscript'];
206	$user_info['homeDirectory'] = $params['sambahomedirectory'];
207
208	$user_info['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.$params['password1']);
209	$user_info['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.$params['password1']);
210	$user_info['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
211
212	$user_info['sambaPwdCanChange'] = strtotime("now");
213	$user_info['sambaPwdLastSet'] = strtotime("now");
214	$user_info['sambaPwdMustChange'] = '2147483647';
215	}
216	//}
217	}
218
219	// Verifica o acesso do gerente aos atributos corporativos
220	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'manipulate_corporative_information'))
221	{
222	foreach ($params as $atribute=>$value)
223	{
224	$pos = strstr($atribute, 'corporative_information_');
225	if ($pos !== false)
226	{
227	if ($params[$atribute])
228	{
229	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
230	$user_info[$ldap_atribute] = $params[$atribute];
231	}
232	}
233	}
234	}
235
236	$result = $this->ldap_functions->ldap_add_entry($dn, $user_info);
237	if (!$result['status'])
238	{
239	$return['status'] = false;
240	$return['msg'] .= "Problemas na inclusão do usuário no ldap. ".$result['msg'];
241	}
242	else
243	{
244	// Chama funcao para salvar foto no OpenLDAP.
245	if ( ($_FILES['photo']['name'] != '') && ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users_picture')) )
246	{
247	$result = $this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name']);
248	if (!$result['status'])
249	{
250	$return['status'] = false;
251	$return['msg'] .= $result['msg'];
252	}
253	}
254	//GROUPS
255	if ($params['groups'])
256	{
257	foreach ($params['groups'] as $gidnumber)
258	{
259	$result = $this->ldap_functions->add_user2group($gidnumber, $user_info['uid']);
260	if (!$result['status'])
261	{
262	$return['status'] = false;
263	$return['msg'] .= $result['msg'];
264	}
265	$result = $this->db_functions->add_user2group($gidnumber, $id);
266	if (!$result['status'])
267	{
268	$return['status'] = false;
269	$return['msg'] .= $result['msg'];
270	}
271	}
272	}
273	// Inclusao do Mail do usuário nas listas de email selecionadas.
274	if ($params['maillists'])
275	{
276	foreach($params['maillists'] as $uid)
277	{
278	$result = $this->ldap_functions->add_user2maillist($uid, $user_info['mail']);
279	if (!$result['status'])
280	{
281	$return['status'] = false;
282	$return['msg'] .= $result['msg'];
283	}
284	}
285	}
286	// APPS
287	if (count($params['apps']))
288	{
289	$result = $this->db_functions->add_id2apps($id, $params['apps']);
290	if (!$result['status'])
291	{
292	$return['status'] = false;
293	$return['msg'] .= $result['msg'];
294	}
295	}
296	// Chama funcao para incluir no pgsql as preferência de alterar senha.
297	if ($params['changepassword'])
298	{
299	$result = $this->db_functions->add_pref_changepassword($id);
300	if (!$result['status'])
301	{
302	$return['status'] = false;
303	$return['msg'] .= $result['msg'];
304	}
305	}
306	// Chama funcao para criar mailbox do usuario, no imap-cyrus.
307	$result = $this->imap_functions->create($params['uid'], $params['mailquota']);
308	if (!$result['status'])
309	{
310	$return['status'] = false;
311	$return['msg'] .= $result['msg'];
312	}
313	$this->db_functions->write_log('criado usuario','',$dn,'','');
314	}
315	}
316
317	return $return;
318	}
319
320	function save($new_values)
321	{
322	$return['status'] = true;
323	$old_values = $this->get_user_info($new_values['uidnumber']);
324	$dn = 'uid=' . $old_values['uid'] . ',' . strtolower($old_values['context']);
325	//Nao realiza a troca de dn ldap
326	if($this->current_config['expressoAdmin_allowO rganizations']=='false')
327	{
328	$new_values['context']=$old_values['context'];
329	}
330	$diff = array_diff($new_values, $old_values);
331	$manager_account_lid = $_SESSION['phpgw_info']['expresso']['user']['account_lid'];
332	if ((!$this->functions->check_acl($manager_account_lid,'edit_users')) &&
333	(!$this->functions->check_acl($manager_account_lid,'change_users_password')) &&
334	(!$this->functions->check_acl($manager_account_lid,'edit_sambausers_attributes')) &&
335	(!$this->functions->check_acl($manager_account_lid,'manipulate_corporative_information')) &&
336	(!$this->functions->check_acl($manager_account_lid,'edit_users_phonenumber'))
337	)
338	{
339	$return['status'] = false;
340	$return['msg'] = 'Você não tem direito de editar informações de usuários.';
341	return $return;
342	}
343
344	// Verifica o acesso do gerente
345	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users'))
346	{
347	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
348	// Change user organization
349	if ($diff['context'])
350	{
351	$newrdn = 'uid=' . $new_values['uid'];
352	$newparent = $new_values['context'];
353	$result = $this->ldap_functions->change_user_context($dn, $newrdn, $newparent);
354	if (!$result['status'])
355	{
356	$return['status'] = false;
357	$return['msg'] .= $result['msg'];
358	}
359	else
360	{
361	$dn = $newrdn . ',' . $newparent;
362	$this->db_functions->write_log('alterado contexto do usuário','',$dn,'','');
363	}
364	}
365
366	/////////////////////////////////////////////////////////////////////////////////////////
367	//ATIVIDADES NECESSARIAS PARA O CASO DA CONTA EXISTIR APENAS NO LDAP
368	// Chama funcao para criar mailbox do usuario, no imap-cyrus.
369	$result = $this->imap_functions->create($old_values['uid'], $new_values['mailquota']);
370	// Chama funcao para incluir no pgsql as preferencias de alterar senha.
371	$result = $this->db_functions->add_pref_changepassword($new_values['uidnumber']);
372	$findPhpgwaccount = false;
373	foreach ($old_values['objectclass'] as $objectclass)
374	{
375	if(strtolower($objectclass) == 'phpgwaccount' )
376	{
377	$findPhpgwaccount = true;
378	}
379	}
380	if(!$findPhpgwaccount)
381	{
382	$ldap_add['objectclass'] = 'phpgwaccount';
383	$ldap_add['phpgwaccounttype'] = 'u';
384	}
385
386	////////////////////////////////////////////////////////////////////////////////////////////////////////////////
387	// REPLACE some attributes
388	if ($diff['givenname'])
389	{
390	$ldap_mod_replace['givenname'] = $new_values['givenname'];
391	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
392	$this->db_functions->write_log("alterado givenname do usuario",'',$dn,'','');
393	}
394	if ($diff['sn'])
395	{
396	$ldap_mod_replace['sn'] = $new_values['sn'];
397	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
398	$this->db_functions->write_log("altera$ldap_mod_do sn do usuario",'',$dn,'','');
399	}
400	if ($diff['mail'])
401	{
402	$ldap_mod_replace['mail'] = $new_values['mail'];
403	$this->ldap_functions->replace_user2maillists($new_values['mail'], $old_values['mail']);
404	$this->ldap_functions->replace_mail_from_institutional_account($new_values['mail'], $old_values['mail']);
405	$this->db_functions->write_log("alterado mail do usuario",'',$dn,'','');
406	}
407	////////////////////////////////////////////////////////////////////////////////////////////////////////////////
408	// Passwd Expired - Com atributo
409	//
410	// if (($old_values['passwd_expired'] != '') && ($new_values['passwd_expired'] == '1'))
411	// {
412	// $ldap_mod_replace['phpgwaccountexpires'] = '0';
413	// $this->db_functions->write_log("Expirado senha do usuï¿œrio",'',$dn,'','');
414	// }
415	//alterando a expiracao
416	if (($diff['password1']) \|\| ($new_values['passwd_expired'] == '1'))
417	{
418	if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']))
419	{
420	if(substr($old_values['atributoexpiracao'],-1,1)=="Z")
421	{
422	###quando a data de expiracao estah no formato yyyymmddhhmmssZ
423	$ldap_mod_replace[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '19800101000000Z';
424	}
425	else
426	{
427	###Outro atributo ldap que, assim como o phpgwaccountexpires, também contém hora em formato unix
428	$ldap_mod_replace[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '0';
429	}
430	}
431	else
432	{
433	$ldap_mod_replace['phpgwaccountexpires'] = '0';
434	}
435	}
436	}
437	if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) \|\|
438	($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'change_users_password')) )
439	{
440	if ($diff['password1'])
441	{
442	switch ($this->current_config['expressoAdmin_passwordCrypt'])
443	{
444	case "md5":
445	$ldap_mod_replace['userPassword'] = '{md5}'.base64_encode(pack("H*",md5($new_values['password1'])));
446	break;
447	case "plain":
448	$ldap_mod_replace['userPassword'] = $new_values['password1'];
449	break;
450	default:
451	$ldap_mod_replace['userPassword'] = '{md5}'.base64_encode(pack("H*",md5($new_values['password1'])));
452	}
453	// Suporte ao SAMBA
454	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
455	{
456	$ldap_mod_replace['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.$new_values['password1']);
457	$ldap_mod_replace['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.$new_values['password1']);
458	}
459	// Gerenciar senhas RFC2617
460	if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true')
461	{
462	$realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617'];
463	$uid = $new_values['uid'];
464	$password = $new_values['password1'];
465	$passUserRFC2617 = $realm . ': ' . md5("$uid:$realm:$password");
466
467	if ($old_values['userPasswordRFC2617'] != '')
468	$ldap_mod_replace['userPasswordRFC2617'] = $passUserRFC2617;
469	else
470	$ldap_add['userPasswordRFC2617'] = $passUserRFC2617;
471	}
472	$this->db_functions->write_log("alterado password do usuario",'',$dn,'','');
473	}
474	}
475	if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) \|\|
476	($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users_phonenumber')) )
477	{
478	// if (($diff['telephonenumber']) && ($old_values['telephonenumber'] != ''))
479	// {
480	// $ldap_mod_replace['telephonenumber'] = $new_values['telephonenumber'];
481	// $this->db_functions->write_log("alterado telephonenumber do usuario",'',$dn,'','');
482	// }
483	}
484
485	// REPLACE, ADD & REMOVE COPORATIVEs ATRIBUTES
486	// Verifica o acesso do gerente aos atributos corporativos
487
488	if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) \|\|
489	($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'manipulate_corporative_information')) )
490	{
491	foreach ($new_values as $atribute=>$value)
492	{
493	$pos = strstr($atribute, 'corporative_information_');
494	if ($pos !== false)
495	{
496	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
497	// REPLACE ATTRS OF CORPORATIVE
498	if (($diff[$atribute]) && ($old_values[$atribute] != ''))
499	{
500	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
501	$ldap_mod_replace[$ldap_atribute] = $new_values[$atribute];
502	$this->db_functions->write_log("alterado $ldap_atribute do usuario",'',$dn,'','');
503	}
504	//ADD ATTRS OF CORPORATIVE
505	elseif (($old_values[$atribute] == '') && ($new_values[$atribute] != ''))
506	{
507	$ldap_add[$ldap_atribute] = $new_values[$atribute];
508	$this->db_functions->write_log("adicionado $ldap_atribute ao usuario",'',$dn,'','');
509	}
510	//REMOVE ATTRS OF CORPORATIVE
511	elseif (($old_values[$atribute] != '') && ($new_values[$atribute] == ''))
512	{
513	$ldap_remove[$ldap_atribute] = array();
514	$this->db_functions->write_log("removido $ldap_atribute do usuario",'',$dn,'','');
515	}
516	}
517	}
518	}
519	//Suporte ao SAMBA
520	if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) \|\|
521	($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_sambausers_attributes')) )
522	{
523	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
524	{
525	if ($diff['sambaacctflags'])
526	{
527	$ldap_mod_replace['sambaacctflags'] = $new_values['sambaacctflags'];
528	$this->db_functions->write_log("alterado sambaacctflags do usuario",'',$dn,'','');
529	}
530	if ($diff['sambalogonscript'])
531	{
532	$ldap_mod_replace['sambalogonscript'] = $new_values['sambalogonscript'];
533	$this->db_functions->write_log("alterado sambalogonscript do usuario",'',$dn,'','');
534	}
535	if ($diff['sambahomedirectory'])
536	{
537	$ldap_mod_replace['homedirectory'] = $new_values['sambahomedirectory'];
538	$this->db_functions->write_log("alterado homedirectory do usuario",'',$dn,'','');
539	}
540	if ($diff['sambadomain'])
541	{
542	$ldap_mod_replace['sambaSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['uidnumber'])+1000);
543	$ldap_mod_replace['sambaPrimaryGroupSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['gidnumber'])+1001);
544	$this->db_functions->write_log("alterado dominio samba do usuario $dn para " . $params['sambadomain'],'',$dn,'','');
545	}
546	}
547	}
548
549	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
550	// ADD or REMOVE some attributes
551	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
552
553	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
554	// PHOTO
555	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users_picture'))
556	{
557	if ($new_values['delete_photo'])
558	{
559	$this->ldap_functions->ldap_remove_photo($dn);
560	$this->db_functions->write_log("removido jpegphoto do usuario",'',$dn,'','');
561	}
562	elseif ($_FILES['photo']['name'] != '')
563	{
564
565	if ($_FILES['photo']['size'] > 10000)
566	{
567	$return['status'] = false;
568	$return['msg'] .= 'Foto do usuário não foi salva, pois excede o tamanho máximo de 10 kb.';
569	}
570	else
571	{
572	if ($new_values['photo_exist'])
573	{
574	$photo_exist = true;
575	$this->db_functions->write_log("substituido jpegphoto do usuario",'',$dn,'','');
576	}
577	else
578	{
579	$photo_exist = false;
580	$this->db_functions->write_log("adicionado jpegphoto ao usuario",'',$dn,'','');
581	}
582	$this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name'], $new_values['photo_exist'], $photo_exist);
583	}
584	}
585	}
586
587	// Verifica o acesso pï¿œra adicionar ou remover atributos
588	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users'))
589	{
590	//////////////////////////////////////////////////////////////////////////////////////////////////////////
591	// Unidade Organizacional
592	if (($old_values['ou'] == '') && ($new_values['ou'] != ''))
593	{
594	$ldap_add['ou'] = $new_values['ou'];
595	$this->db_functions->write_log("modificado a OU do usuario",'',$dn,'','');
596	}
597	if (($old_values['ou'] != '') && ($new_values['ou'] == ''))
598	{
599	$ldap_remove['ou'] = array();
600	$this->db_functions->write_log("removido a OU do usuario",'',$dn,'','');
601	}
602	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
603	// Passwd Expired - Sem atributo
604	// if (($old_values['passwd_expired'] == '') && ($new_values['passwd_expired'] == '1'))
605	// {
606	// $ldap_add['phpgwaccountexpires'] = '0';
607	// $this->db_functions->write_log("Expirado senha do usuï¿œrio",'',$dn,'','');
608	// }
609	// if (($old_values['passwd_expired'] == '0') && ($new_values['passwd_expired'] == ''))
610	// {
611	// $ldap_remove['phpgwaccountexpires'] = array();
612	// $this->db_functions->write_log("Removido expiraï¿œï¿œo da senha do usuï¿œrio",'',$dn,'','');
613	// }
614	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
615	// PREF_CHANGEPASSWORD
616	if (($old_values['changepassword'] == '') && ($new_values['changepassword'] != ''))
617	{
618	$this->db_functions->add_pref_changepassword($new_values['uidnumber']);
619	$this->db_functions->write_log("adicionado changepassword ao usuario",'',$dn,'','');
620	}
621	if (($old_values['changepassword'] != '') && ($new_values['changepassword'] == ''))
622	{
623	$this->db_functions->remove_pref_changepassword($new_values['uidnumber']);
624	$this->db_functions->write_log("removido changepassword do usuario",'',$dn,'','');
625	}
626	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
627	// ACCOUNT STATUS
628	if (($old_values['phpgwaccountstatus'] == '') && ($new_values['phpgwaccountstatus'] != ''))
629	{
630	$ldap_add['phpgwaccountstatus'] = 'A';
631	$this->db_functions->write_log("ativado conta do usuario",'',$dn,'','');
632	}
633	if (($old_values['phpgwaccountstatus'] != '') && ($new_values['phpgwaccountstatus'] == ''))
634	{
635	$ldap_remove['phpgwaccountstatus'] = array();
636	$this->db_functions->write_log("desativado conta do usuario",'',$dn,'','');
637	}
638	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
639	// ACCOUNT VISIBLE
640	if (($old_values['phpgwaccountvisible'] == '') && ($new_values['phpgwaccountvisible'] != ''))
641	{
642	$ldap_add['phpgwaccountvisible'] = '-1';
643	$this->db_functions->write_log("adicionado phpgwaccountvisible ao usuario",'',$dn,'','');
644	}
645	if (($old_values['phpgwaccountvisible'] != '') && ($new_values['phpgwaccountvisible'] == ''))
646	{
647	$ldap_remove['phpgwaccountvisible'] = array();
648	$this->db_functions->write_log("removido phpgwaccountvisible ao usuario",'',$dn,'','');
649	}
650	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
651	// Mail Account STATUS
652	if (($old_values['accountstatus'] == '') && ($new_values['accountstatus'] != ''))
653	{
654	$ldap_add['accountstatus'] = 'active';
655	$this->db_functions->write_log("ativado conta de email do usuario",'',$dn,'','');
656	}
657	if (($old_values['accountstatus'] != '') && ($new_values['accountstatus'] == ''))
658	{
659	$ldap_remove['accountstatus'] = array();
660	$this->db_functions->write_log("desativado conta de email do usuario",'',$dn,'','');
661	}
662
663	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
664	// MAILALTERNATEADDRESS
665	if (!$new_values['mailalternateaddress'])
666	$new_values['mailalternateaddress'] = array();
667	if (!$old_values['mailalternateaddress'])
668	$old_values['mailalternateaddress'] = array();
669	$add_mailalternateaddress = array_diff($new_values['mailalternateaddress'], $old_values['mailalternateaddress']);
670	$remove_mailalternateaddress = array_diff($old_values['mailalternateaddress'], $new_values['mailalternateaddress']);
671	foreach ($add_mailalternateaddress as $index=>$mailalternateaddress)
672	{
673	if ($mailalternateaddress != '')
674	{
675	$ldap_add['mailalternateaddress'][] = $mailalternateaddress;
676	$this->db_functions->write_log("adicionado mailalternateaddress $mailalternateaddress ao usuario $dn",'',$dn,'','');
677	}
678	}
679	foreach ($remove_mailalternateaddress as $index=>$mailalternateaddress)
680	{
681	if ($mailalternateaddress != '')
682	{
683	if ($index !== 'count')
684	{
685	$ldap_remove['mailalternateaddress'][] = $mailalternateaddress;
686	$this->db_functions->write_log("removido mailalternateaddress $mailalternateaddress do usuario $dn",'',$dn,'','');
687	}
688	}
689	}
690
691	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
692	// MAILFORWARDINGADDRESS
693	if (!$new_values['mailforwardingaddress'])
694	$new_values['mailforwardingaddress'] = array();
695	if (!$old_values['mailforwardingaddress'])
696	$old_values['mailforwardingaddress'] = array();
697	$add_mailforwardingaddress = array_diff($new_values['mailforwardingaddress'], $old_values['mailforwardingaddress']);
698	$remove_mailforwardingaddress = array_diff($old_values['mailforwardingaddress'], $new_values['mailforwardingaddress']);
699	foreach ($add_mailforwardingaddress as $index=>$mailforwardingaddress)
700	{
701	if ($mailforwardingaddress != '')
702	{
703	$ldap_add['mailforwardingaddress'][] = $mailforwardingaddress;
704	$this->db_functions->write_log("adicionado mailforwardingaddress $mailforwardingaddress ao usuario $dn",'',$dn,'','');
705	}
706	}
707	foreach ($remove_mailforwardingaddress as $index=>$mailforwardingaddress)
708	{
709	if ($mailforwardingaddress != '')
710	{
711	if ($index !== 'count')
712	{
713	$ldap_remove['mailforwardingaddress'][] = $mailforwardingaddress;
714	$this->db_functions->write_log("removido mailforwardingaddress $mailforwardingaddress do usuario $dn",'',$dn,'','');
715	}
716	}
717	}
718	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
719	// ACCOUNTOWNERS
720	if (!$new_values['accountOwners'])
721	$new_values['accountOwners'] = array();
722	if (!$old_values['accountOwners'])
723	$old_values['accountOwners'] = array();
724	$add_accountOwners = array_diff($new_values['accountOwners'], $old_values['accountOwners']);
725	$remove_accountOwners = array_diff($old_values['accountOwners'], $new_values['accountOwners']);
726	foreach ($add_accountOwners as $index=>$accountOwners)
727	{
728	if ($accountOwners != '')
729	{
730	$ldap_add['responsavel'][] = $accountOwners;
731	$this->db_functions->write_log("adicionado responsavel $accountOwners ao usuario $dn",'',$dn,'','');
732	}
733	}
734	foreach ($remove_accountOwners as $index=>$accountOwners)
735	{
736	if ($accountOwners != '')
737	{
738	if ($index !== 'count')
739	{
740	$ldap_remove['responsavel'][] = $accountOwners;
741	$this->db_functions->write_log("removido responsavel $accountOwners do usuario $dn",'',$dn,'','');
742	}
743	}
744	}
745	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
746	// Delivery Mode
747	if (($old_values['deliverymode'] == '') && ($new_values['deliverymode'] != ''))
748	{
749	$ldap_add['deliverymode'] = 'forwardOnly';
750	$this->db_functions->write_log("adicionado forwardOnly ao usuario",'',$dn,'','');
751	}
752	if (($old_values['deliverymode'] != '') && ($new_values['deliverymode'] == ''))
753	{
754	$ldap_remove['deliverymode'] = array();
755	$this->db_functions->write_log("removido forwardOnly ao usuario",'',$dn,'','');
756	}
757	}
758
759	if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) \|\|
760	($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'change_users_quote')) )
761	{
762	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
763	// MAILQUOTA
764	if ($diff['mailquota'])
765	{
766	$this->imap_functions->change_user_quota($new_values['uid'], $new_values['mailquota']);
767	$this->db_functions->write_log("alterado cota do usuario",'',$dn,'','');
768	}
769	}
770
771	if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) \|\|
772	($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_sambausers_attributes')) )
773	{
774	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
775	// REMOVE ATTRS OF SAMBA
776	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] != 'on'))
777	{
778	$ldap_remove['objectclass'] = 'sambaSamAccount';
779	$ldap_remove['loginShell'] = array();
780	$ldap_remove['sambaSID'] = array();
781	$ldap_remove['sambaPrimaryGroupSID'] = array();
782	$ldap_remove['sambaAcctFlags'] = array();
783	$ldap_remove['sambaLogonScript'] = array();
784	$ldap_remove['sambaLMPassword'] = array();
785	$ldap_remove['sambaNTPassword'] = array();
786	$ldap_remove['sambaPasswordHistory'] = array();
787	$ldap_remove['sambaPwdCanChange'] = array();
788	$ldap_remove['sambaPwdLastSet'] = array();
789	$ldap_remove['sambaPwdMustChange'] = array();
790	$this->db_functions->write_log("removido atributos samba do usuario.",'',$dn,'','');
791	}
792	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
793	// ADD ATTRS OF SAMBA
794	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && (!$new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
795	{
796	//Verifica se o binario para criar as senhas do samba exite.
797	if (!is_file('/home/expressolivre/mkntpwd'))
798	{
799	$return['status'] = false;
800	$return['msg'] .= "O arquivo binário /home/expressolivre/mkntpwd não exite.\\nEle é necessário para a criação das senhas usadas pelo SAMBA.\\nInforme o administrador Expresso.\\n";
801	}
802	else
803	{
804	$ldap_add['objectClass'][] = 'sambaSamAccount';
805	$ldap_mod_replace['loginShell'] = '/bin/bash';
806	$ldap_add['sambaSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['uidnumber'])+1000);
807	$ldap_add['sambaPrimaryGroupSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['gidnumber'])+1001);
808	$ldap_add['sambaAcctFlags'] = $new_values['sambaacctflags'];
809	$ldap_add['sambaLogonScript'] = $new_values['sambalogonscript'];
810	$ldap_mod_replace['homeDirectory'] = $new_values['sambahomedirectory'];
811	$ldap_add['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.'senha');
812	$ldap_add['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.'senha');
813	$ldap_add['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
814	$ldap_add['sambaPwdCanChange'] = strtotime("now");
815	$ldap_add['sambaPwdLastSet'] = strtotime("now");
816	$ldap_add['sambaPwdMustChange'] = '2147483647';
817	$this->db_functions->write_log("adicionado atributos samba do usuario.",'',$dn,'','');
818	}
819	}
820	}
821
822	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
823	// GROUPS
824	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users'))
825	{
826	if (!$new_values['groups'])
827	$new_values['groups'] = array();
828	if (!$old_values['groups'])
829	$old_values['groups'] = array();
830
831	$add_groups = array_diff($new_values['groups'], $old_values['groups']);
832	$remove_groups = array_diff($old_values['groups'], $new_values['groups']);
833
834	if (count($add_groups)>0)
835	{
836	foreach($add_groups as $gidnumber)
837	{
838	$this->db_functions->add_user2group($gidnumber, $new_values['uidnumber']);
839	$this->ldap_functions->add_user2group($gidnumber, $new_values['uid']);
840	$this->db_functions->write_log("adicionado usuario ao grupo $gidnumber.",'',$dn,'','');
841	}
842	}
843
844	if (count($remove_groups)>0)
845	{
846	foreach($remove_groups as $gidnumber)
847	{
848	foreach($old_values['groups_info'] as $group)
849	{
850	if (($group['gidnumber'] == $gidnumber) && ($group['group_disabled'] == 'false'))
851	{
852	$this->db_functions->remove_user2group($gidnumber, $new_values['uidnumber']);
853	$this->ldap_functions->remove_user2group($gidnumber, $new_values['uid']);
854	$this->db_functions->write_log("removido usuario do grupo $gidnumber.",'',$dn,'','');
855	}
856	}
857	}
858	}
859
860	// if ($diff['gidnumber'])
861	// {
862	// $ldap_mod_replace['gidnumber'] = $new_values['gidnumber'];
863	// if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
864	// {
865	// $ldap_mod_replace['sambaPrimaryGroupSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $new_values['gidnumber'])+1001);
866	// }
867	// $this->db_functions->write_log("alterado gidnumber do usuario.",'',$dn,'','');
868	// }
869	}
870	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
871	// LDAP_MOD_REPLACE
872	if (count($ldap_mod_replace))
873	{
874	$result = $this->ldap_functions->replace_user_attributes($dn, $ldap_mod_replace);
875	if (!$result['status'])
876	{
877	$return['status'] = false;
878	$return['msg'] .= $result['msg'];
879	}
880	//Adaptacao para fazer o sistema escrever no atributo de expiracao depois que ja tiver alterado a senha
881	if((isset($ldap_mod_replace['userpassword']))&&($GLOBALS['phpgw_info']['server']['politicasenhas']=='diretorio'))
882	{
883	sleep(1);
884	$modifica[$GLOBALS['phpgw_info']['server']['atributoexpiracao']]=$ldap_mod_replace[$GLOBALS['phpgw_info']['server']['atributoexpiracao']];
885	$result = $this->ldap_functions->replace_user_attributes($dn, $modifica);
886	}
887	}
888
889	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
890	// LDAP_MOD_ADD
891	if (count($ldap_add))
892	{
893	echo 'ldap-add<br>';
894	print_r($ldap_add);
895	$result = $this->ldap_functions->add_user_attributes($dn, $ldap_add);
896	if (!$result['status'])
897	{
898	$return['status'] = false;
899	$return['msg'] .= $result['msg'];
900	}
901	}
902
903	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
904	// LDAP_MOD_REMOVE
905	if (count($ldap_remove))
906	{
907	echo 'ldap-remove<br>';
908	print_r($ldap_remove);
909	$result = $this->ldap_functions->remove_user_attributes($dn, $ldap_remove);
910	if (!$result['status'])
911	{
912	$return['status'] = false;
913	$return['msg'] .= $result['msg'];
914	}
915	}
916	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
917
918
919	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users'))
920	{
921	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
922	// MAILLISTS
923	if (!$new_values['maillists'])
924	$new_values['maillists'] = array();
925	if (!$old_values['maillists'])
926	$old_values['maillists'] = array();
927
928	$add_maillists = array_diff($new_values['maillists'], $old_values['maillists']);
929	$remove_maillists = array_diff($old_values['maillists'], $new_values['maillists']);
930
931	if (count($add_maillists)>0)
932	{
933	foreach($add_maillists as $uid)
934	{
935	$this->ldap_functions->add_user2maillist($uid, $new_values['mail']);
936	$this->db_functions->write_log("adicionado usuario a maillist $uid.",'',$dn,'','');
937	}
938	}
939	/*
940	echo '<pre>';
941	print_r($old_values['maillists']);
942	print_r($new_values['maillists']);
943	*/
944
945	if (count($remove_maillists)>0)
946	{
947	foreach($remove_maillists as $uid)
948	{
949	$this->ldap_functions->remove_user2maillist($uid, $new_values['mail']);
950	$this->db_functions->write_log("removido usuario da maillist $uid.",'',$dn,'','');
951	}
952	}
953
954	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
955	// APPS
956	$new_values2 = array();
957	$old_values2 = array();
958	if (count($new_values['apps'])>0)
959	{
960	foreach ($new_values['apps'] as $app=>$tmp)
961	{
962	$new_values2[] = $app;
963	}
964	}
965	if (count($old_values['apps'])>0)
966	{
967	foreach ($old_values['apps'] as $app=>$tmp)
968	{
969	$old_values2[] = $app;
970	}
971	}
972	$add_apps = array_flip(array_diff($new_values2, $old_values2));
973	$remove_apps = array_flip(array_diff($old_values2, $new_values2));
974
975	if (count($add_apps)>0)
976	{
977	$this->db_functions->add_id2apps($new_values['uidnumber'], $add_apps);
978
979	foreach ($add_apps as $app => $index)
980	$this->db_functions->write_log("Adicionado aplicativo $app ao usuário $dn",'',$dn,'','');
981	}
982	if (count($remove_apps)>0)
983	{
984	//Verifica se o gerente tem acesso a aplicação antes de removê-la do usuario.
985	$manager_apps = $this->db_functions->get_apps($_SESSION['phpgw_info']['expresso']['user']['account_lid']);
986
987	foreach ($remove_apps as $app => $app_index)
988	{
989	if ($manager_apps[$app] == 'run')
990	$remove_apps2[$app] = $app_index;
991	}
992	$this->db_functions->remove_id2apps($new_values['uidnumber'], $remove_apps2);
993
994	foreach ($remove_apps2 as $app => $access)
995	$this->db_functions->write_log("Removido aplicativo $app do usuï¿œrio $dn",'',$dn,'','');
996	}
997	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
998	}
999	return $return;
1000	}
1001	function get_user_info($uidnumber)
1002	{
1003	$user_info_ldap = $this->ldap_functions->get_user_info($uidnumber);
1004	$user_info_db1 = $this->db_functions->get_user_info($uidnumber);
1005	$user_info_db2 = $this->ldap_functions->gidnumbers2cn($user_info_db1['groups']);
1006	$user_info_imap = $this->imap_functions->get_user_info($user_info_ldap['uid']);
1007	$user_info = array_merge($user_info_ldap, $user_info_db1, $user_info_db2, $user_info_imap);
1008	return $user_info;
1009	}
1010	function set_user_default_password($params)
1011	{
1012	$return['status'] = true;
1013	$uid = $params['uid'];
1014	switch ($this->current_config['expressoAdmin_passwordCrypt'])
1015	{
1016	case "md5":
1017	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
1018	break;
1019	case "plain":
1020	$defaultUserPassword = $this->current_config['expressoAdmin_defaultUserPassword'];
1021	break;
1022	default:
1023	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
1024	}
1025	//$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
1026
1027	if (!$this->db_functions->default_user_password_is_set($uid))
1028	{
1029	$userPassword = $this->ldap_functions->set_user_password($uid, $defaultUserPassword);
1030	$this->db_functions->set_user_password($uid, $userPassword);
1031	}
1032	else
1033	{
1034	$return['status'] = false;
1035	$return['msg'] = 'Senha default já cadastrada!';
1036	}
1037
1038	$this->db_functions->write_log('Setado senha default','',$uid,'','');
1039
1040	return $return;
1041	}
1042	function return_user_password($params)
1043	{
1044	$return['status'] = true;
1045	$uid = $params['uid'];
1046
1047	if ($this->db_functions->default_user_password_is_set($uid))
1048	{
1049	$userPassword = $this->db_functions->get_user_password($uid);
1050	$this->ldap_functions->set_user_password($uid, $userPassword);
1051	}
1052	else
1053	{
1054	$return['status'] = false;
1055	$return['msg'] = 'Senha default não cadastrada!';
1056	}
1057
1058	$this->db_functions->write_log('Retornado senha default','',$uid,'','');
1059
1060	return $return;
1061	}
1062
1063	function delete($params)
1064	{
1065	$return['status'] = true;
1066	// Verifica o acesso do gerente
1067	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'delete_users'))
1068	{
1069	$uidnumber = $params['uidnumber'];
1070	$user_info = $this->get_user_info($uidnumber);
1071	//LDAP
1072	$result_ldap = $this->ldap_functions->delete_user($user_info);
1073	if (!$result_ldap['status'])
1074	{
1075	$return['status'] = false;
1076	//$return['msg'] .= $result_ldap['msg'];
1077	$return['msg'] .= "Exclusao do ldap: erro;
1078	";
1079	$return['msg'] .= "Tentando remover apenas os atributos do Expresso: ";
1080	$result_attributes = $this->ldap_functions->delete_expresso_attributes($user_info);
1081	if (!$result_attributes['status'])
1082	//$return['msg'] .= $result_attributes['msg'];
1083	$return['msg'] .= "Nao foi possivel;
1084	";
1085	else
1086	$return['msg'] .= "OK;
1087	";
1088	}
1089	else
1090	$return['msg'] .= "Exclusão do ldap: OK;
1091	";
1092	//DB
1093	$result_db = $this->db_functions->delete_user($user_info);
1094	if (!$result_db['status'])
1095	{
1096	$return['status'] = false;
1097	//$return['msg'] .= $result_db['msg'];
1098	$return['msg'] .= "Exclusão no banco: erro;
1099	";
1100	}
1101	else
1102	$return['msg'] .= "Exclusão no banco: OK;
1103	";
1104	//IMAP
1105	$result_imap = $this->imap_functions->account_exist($user_info['uid']);
1106	if($result_imap)
1107	{
1108	$result_imap = $this->imap_functions->delete_user($user_info['uid']);
1109	if (!$result_imap['status'])
1110	{
1111	$return['status'] = false;
1112	//$return['msg'] .= $result_imap['msg'];
1113	$return['msg'] .= "Exclusão da caixa: erros
1114	";
1115	}
1116	else
1117	if((!$result_ldap['status'])\|\|(!$result_imap['status']))
1118	$return['msg'] .= "Exclusão da caixa: OK.
1119	";
1120	$this->db_functions->write_log('Excluido o usuario','',$user_info['uid'],'','');
1121	}
1122	else
1123	{
1124	$return['status'] = false;
1125	//$return['msg'] .= $result_imap['msg'];
1126	$return['msg'] .= "Exclusão da caixa. A Caixa não existe.
1127	";
1128	}
1129	}
1130	return $return;
1131	}
1132
1133	/*
1134	function delete($params)
1135	{
1136	$return['status'] = true;
1137
1138	// Verifica o acesso do gerente
1139	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'delete_users'))
1140	{
1141	$uidnumber = $params['uidnumber'];
1142	$user_info = $this->get_user_info($uidnumber);
1143
1144	//LDAP
1145	$result_ldap = $this->ldap_functions->delete_user($user_info);
1146	if (!$result_ldap['status'])
1147	{
1148	$return['status'] = false;
1149	$return['msg'] .= $result_ldap['msg'];
1150	}
1151	else
1152	{
1153	//DB
1154	$result_db = $this->db_functions->delete_user($user_info);
1155	if (!$result_db['status'])
1156	{
1157	$return['status'] = false;
1158	$return['msg'] .= $result_ldap['msg'];
1159	}
1160
1161	//IMAP
1162	$result_imap = $this->imap_functions->delete_user($user_info['uid']);
1163	if (!$result_imap['status'])
1164	{
1165	$return['status'] = false;
1166	$return['msg'] .= $result_ldap['msg'];
1167	}
1168	$this->db_functions->write_log('deletado usuario','',$user_info['uid'],'','');
1169	}
1170	}
1171
1172	return $return;
1173	}
1174	*/
1175	function rename($params)
1176	{
1177
1178	$return['status'] = true;
1179
1180	// Verifica acesso do gerente (OU) ao tentar renomear um usuï¿œrio.
1181	if ( ! $this->ldap_functions->check_access_to_renamed($params['uid']) )
1182	{
1183	$return['status'] = false;
1184	$return['msg'] .= 'Você não tem acesso para excluir este usuário.';
1185	return $return;
1186	}
1187
1188	// Verifica o acesso do gerente
1189	if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'rename_users'))
1190	{
1191	$uid = $params['uid'];
1192	$new_uid = $params['new_uid'];
1193	switch ($this->current_config['expressoAdmin_passwordCrypt'])
1194	{
1195	case "md5":
1196	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
1197	break;
1198	case "plain":
1199	$defaultUserPassword = $this->current_config['expressoAdmin_defaultUserPassword'];
1200	break;
1201	default:
1202	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
1203	}
1204
1205	$defaultUserPassword_plain = $this->current_config['expressoAdmin_defaultUserPassword'];
1206
1207	$emailadmin_profiles = $this->db_functions->get_sieve_info();
1208	$sieve_enable = $emailadmin_profiles[0]['imapenablesieve'];
1209	$sieve_server = $emailadmin_profiles[0]['imapsieveserver'];
1210	$sieve_port = $emailadmin_profiles[0]['imapsieveport'];
1211
1212	$imap_admin = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminUsername'];
1213	$imap_passwd = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminPW'];
1214	$imap_server = $_SESSION['phpgw_info']['expresso']['email_server']['imapServer'];
1215	$imap_port = $_SESSION['phpgw_info']['expresso']['email_server']['imapPort'];
1216	$imapDelimiter = $_SESSION['phpgw_info']['expresso']['email_server']['imapDelimiter'];
1217
1218	//Verifica se estï¿œ sendo usuado cyrus 2.2 ou superior
1219	$sk = fsockopen ($imap_server,$imap_port);
1220	$server_resp = fread($sk, 100);
1221	$tmp = split('v2.', $server_resp);
1222	$cyrus_version = '2' . $tmp[1][0];
1223	//$is_cyrus22 = strpos($server_resp, "v2.2");
1224
1225	if ($cyrus_version > '21')
1226	{
1227	// Seta senha default
1228	$user_password = $this->ldap_functions->set_user_password($uid, $defaultUserPassword);
1229
1230	// Renomeia UID no openldap
1231	$result = $this->ldap_functions->rename_uid($uid, $new_uid);
1232	$new_dn = $result['new_dn'];
1233	if (!$result['status'])
1234	{
1235	$return['status'] = false;
1236	$return['msg'] .= "\n" . $result['msg'];
1237	$return['msg'] .= "\nErro ao renomear usuário no LDAP. Processo interrompido.";
1238	return $return;
1239	}
1240
1241	// Remove old UID do ldap
1242	$user_info_mod_remove['uid'] = $uid;
1243	$this->ldap_functions->remove_user_attributes($new_dn, $user_info_mod_remove);
1244
1245	//Renomeia mailbox
1246	$result = $this->imap_functions->rename_mailbox($uid, $new_uid);
1247	if (!$result['status'])
1248	{
1249	$return['status'] = false;
1250	$return['msg'] .= "\n" . $result['msg'];
1251	$return['msg'] .= "\nErro ao renomear usuário no Cyrus. Processo interrompido.";
1252	}
1253
1254	// Renomeia sieve script
1255	include_once('sieve-php.lib.php');
1256	$sieve=new sieve($sieve_server, $sieve_port, $new_uid, $defaultUserPassword_plain);
1257
1258	if ($sieve->sieve_login())
1259	{
1260	$sieve->sieve_listscripts();
1261	$myactivescript=$sieve->response["ACTIVE"];
1262	$sieve->sieve_getscript($myactivescript);
1263
1264	$script = '';
1265	foreach($sieve->response as $result)
1266	{
1267	$script .= $result;
1268	}
1269
1270	$scriptname = $new_uid;
1271	if($sieve->sieve_sendscript($new_uid,$script))
1272	{
1273	if ($sieve->sieve_setactivescript($new_uid))
1274	{
1275	$sieve->sieve_deletescript($myactivescript);
1276	}
1277	}
1278	else
1279	{
1280	$return['status'] = false;
1281	$return['msg'] .= $result['msg'] . "\nErro ao renomear script sieve, falha no envio do novo script.";
1282	}
1283	$sieve->sieve_logout();
1284	}
1285	else
1286	{
1287	$return['status'] = false;
1288	$return['msg'] .= $result['msg'] . "\nErro ao renomear script sieve, falha no Login.";
1289	}
1290
1291	// Retorna senha do usuï¿œrio
1292	$this->ldap_functions->set_user_password($new_uid, $user_password);
1293
1294	$this->db_functions->write_log('renomeado usuario',$new_uid,$uid,'','');
1295
1296	$return['exec_return'] = "";
1297	}
1298	else
1299	{
1300	$return['status'] = false;
1301	$return['msg'] .= "A renomeação de usuários só é permitida com o Cyrus versão 2.2 ou superior,";
1302	$return['msg'] .= "\ne com a opção 'allowusermoves: yes' configurado no imapd.conf.";
1303	}
1304	return $return;
1305	}
1306	}
1307
1308	function write_log_from_ajax($params)
1309	{
1310	$this->db_functions->write_log($params['_action'],'',$params['userinfo'],'','');
1311	return true;
1312	}
1313
1314
1315	function validarCPF($cpf)
1316	{
1317	$nulos = array("12345678909","11111111111","22222222222","33333333333",
1318	"44444444444","55555555555","66666666666","77777777777",
1319	"88888888888","99999999999","00000000000");
1320	/* Retira todos os caracteres que nao sejam 0-9 */
1321	$cpf = ereg_replace("[^0-9]", "", $cpf);
1322
1323	/Retorna falso se houver letras no cpf /
1324	if (!(ereg("[0-9]",$cpf)))
1325	return 0;
1326
1327	/* Retorna falso se o cpf for nulo */
1328	if( in_array($cpf, $nulos) )
1329	return 0;
1330
1331	/Calcula o penúltimo dígito verificador/
1332	$acum=0;
1333	for($i=0; $i<9; $i++) {
1334	$acum+= $cpf[$i]*(10-$i);
1335	}
1336
1337	$x=$acum % 11;
1338	$acum = ($x>1) ? (11 - $x) : 0;
1339	/* Retorna falso se o digito calculado eh diferente do passado na string */
1340	if ($acum != $cpf[9]){
1341	return 0;
1342	}
1343	/Calcula o último dígito verificador/
1344	$acum=0;
1345	for ($i=0; $i<10; $i++){
1346	$acum+= $cpf[$i]*(11-$i);
1347	}
1348
1349	$x=$acum % 11;
1350	$acum = ($x > 1) ? (11-$x) : 0;
1351	/* Retorna falso se o digito calculado eh diferente do passado na string */
1352	if ( $acum != $cpf[10]){
1353	return 0;
1354	}
1355	/* Retorna verdadeiro se o cpf eh valido */
1356	return 1;
1357	}
1358
1359	}
1360	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: