Context Navigation

source: trunk/expressoAdmin1_2/inc/class.ldap_functions.inc.php @ 396

Revision 396, 73.1 KB checked in by niltonneto, 16 years ago (diff)
Modificações referente a opção de configurar um ldap_master no setup do Expresso, usado somente para escrita.
Property svn:eol-style set to `native` Property svn:executable set to ``*

Line
1	<?php
2	define('PHPGW_INCLUDE_ROOT','../');
3	define('PHPGW_API_INC','../phpgwapi/inc');
4	include_once(PHPGW_API_INC.'/class.common.inc.php');
5	include_once('class.functions.inc.php');
6
7	function ldapRebind($ldap_connection, $ldap_url)
8	{
9	// Enquanto estivermos utilizando referral na arvore ldap, teremos que continuar a utilizar o usuário sistemas:expresso.
10	// Depois, quando não existir mais referral, não existirá a necessidade de ldapRebind.
11	//ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_master_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
12	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
13	{
14	@ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
15	}
16	}
17
18	class ldap_functions
19	{
20	var $ldap;
21	var $current_config;
22	var $functions;
23	var $manager_contexts;
24
25	function ldap_functions(){
26	$GLOBALS['phpgw_info']['server'] = $_SESSION['phpgw_info']['expresso']['server'];
27	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
28	$common = new common();
29
30	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
31	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
32	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
33	{
34	$this->ldap = $common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_master_host'],
35	$GLOBALS['phpgw_info']['server']['ldap_master_root_dn'],
36	$GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
37	}
38	else
39	{
40	$this->ldap = $common->ldapConnect();
41	}
42
43	$this->functions = new functions;
44	$manager_acl = $this->functions->read_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid']);
45	$this->manager_contexts = $manager_acl['contexts'];
46	}
47
48	/* expressoAdmin: email lists : deve utilizar o ldap Host Master com o usuario e senha do CC*/
49	/* ldap connection following referrals and using Master config, from setup */
50	function ldapMasterConnect()
51	{
52	/*
53	$common = new common();
54	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
55	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
56	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
57	{
58	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_master_host']);
59	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
60	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
61	ldap_set_rebind_proc($ldap_connection, ldapRebind);
62	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_master_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
63	}
64	else
65	{
66	$ldap_connection = $common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_host'],
67	$GLOBALS['phpgw_info']['server']['ldap_root_dn'],
68	$GLOBALS['phpgw_info']['server']['ldap_root_pw'], true);
69	}
70
71	// If success, return follow_referral connection. Else, return normal connection.
72	if ($ldap_connection)
73	return $ldap_connection;
74	else
75	return $this->ldap;
76	*/
77
78	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) && ($ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_master_host'])) )
79	{
80	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
81	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
82	ldap_set_rebind_proc($ldap_connection, ldapRebind);
83	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
84	{
85	if ( ! ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']) )
86	{
87	return false;
88	}
89	}
90	return $ldap_connection;
91	}
92	else
93	{
94	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
95	if ($ldap_connection)
96	{
97	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
98	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
99	if ( ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']) )
100	return $ldap_connection;
101	}
102	}
103
104	return false;
105	}
106
107	function validate_fields($params)
108	{
109	/* ldap connection following referals and using Contac Center config*/
110	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
111	{
112	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
113	if ($ldap_connection)
114	{
115	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
116	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
117
118	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
119	ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
120	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
121	}
122	else
123	{
124	$result['status'] = false;
125	$result['msg'] = 'Falha na conexao com o ldap.';
126	return $result;
127	}
128	}
129	else
130	{
131	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
132	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
133	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
134	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
135	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
136	}
137
138	$result['status'] = true;
139
140	$params = unserialize($params['attributes']);
141	$type = $params['type'];
142	$uid = $params['uid'];
143	$mail = $params['mail'];
144	$mailalternateaddress = $params['mailalternateaddress'];
145	$cpf = $params['cpf'];
146
147	if ($_SESSION['phpgw_info']['expresso']['global_denied_users'][$uid])
148	{
149	$result['status'] = false;
150	$result['msg'] = 'Este LOGIN não pode ser usado pois é uma conta de sistema.';
151	return $result;
152	}
153
154	if (($type == 'create_user') \|\| ($type == 'rename_user'))
155	{
156	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
157	{
158	//Obtenho UID sem a organização. Na criação o uid já vem sem a organização
159	$tmp_uid_without_org = split("-", $params['uid']);
160	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
161	array_pop($tmp_reverse_uid_without_org);
162	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
163	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(uid=$uid)(uid=$uid_without_org)))";
164	}
165	else
166	{
167	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$uid))";
168	}
169	/*
170	//UID
171	if (($type == 'rename_user') && ($this->current_config['expressoAdmin_prefix_org'] == 'true'))
172	{
173	//Obtenho UID sem a organização. Na criação o uid já vem sem a organização
174	$tmp_uid_without_org = split("-", $params['uid']);
175	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
176	array_pop($tmp_reverse_uid_without_org);
177	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
178	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(uid=$uid)(uid=$uid_without_org)))";
179	}
180	else
181	{
182	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$uid))";
183	}
184	*/
185
186	$justthese = array("uid", "mail", "cn");
187	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
188	$count_entries = ldap_count_entries($ldap_connection,$search);
189	if ($count_entries > 0)
190	{
191	$entries = ldap_get_entries($ldap_connection, $search);
192
193	for ($i=0; $i<$entries['count']; $i++)
194	{
195	$users .= $entries[$i]['cn'][0] . ' - ' . $entries[$i]['mail'][0] . "\n";
196	}
197
198	$result['status'] = false;
199	$result['msg'] = "LOGIN já está sendo utilizado por:\n" . $users;
200	return $result;
201	}
202
203	// GRUPOS
204	$filter = "(&(phpgwAccountType=g)(cn=$uid))";
205	$justthese = array("cn");
206	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
207	$count_entries = ldap_count_entries($ldap_connection,$search);
208	if ($count_entries > 0)
209	{
210	$result['status'] = false;
211	$result['msg'] = 'LOGIN do usuário já esta sendo usado por um grupo.';
212	return $result;
213	}
214
215
216	// UID em outras organizações, pesquiso apenas na maquina local e se utilizar prefix_org
217	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
218	{
219	$ldap_connection2 = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
220	ldap_set_option($ldap_connection2,LDAP_OPT_PROTOCOL_VERSION,3);
221	ldap_set_option($ldap_connection2, LDAP_OPT_REFERRALS, false);
222	ldap_bind($ldap_connection2, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
223	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
224
225	//Obtenho UID sem a organização
226	/*
227	$tmp_uid_without_org = split("-", $params['uid']);
228	if (count($tmp_uid_without_org) < 2)
229	{
230	$result['status'] = false;
231	$result['msg'] = 'Novo login sem organização.';
232	return $result;
233	}
234	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
235	array_pop($tmp_reverse_uid_without_org);
236	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
237	*/
238
239	$filter = "(ou=*)";
240	$justthese = array("ou");
241	$search = ldap_list($ldap_connection2, $context, $filter, $justthese);
242	$entries = ldap_get_entries($ldap_connection2 ,$search);
243
244	foreach ($entries as $index=>$org)
245	{
246	$organization = $org['ou'][0];
247	$organization = strtolower($organization);
248
249	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$organization-$uid))";
250
251	$justthese = array("uid");
252	$search = ldap_search($ldap_connection2, $context, $filter, $justthese);
253	$count_entries = ldap_count_entries($ldap_connection2,$search);
254	if ($count_entries > 0)
255	{
256	$result['status'] = false;
257	$result['msg'] = 'LOGIN já esta sendo usado por outro usuário em outra organização.';
258	ldap_close($ldap_connection2);
259	return $result;
260	}
261	}
262	ldap_close($ldap_connection2);
263	}
264	}
265
266	if ($type == 'rename_user')
267	{
268	return $result;
269	}
270
271	// MAIL
272	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mail)(mailalternateaddress=$mail)))";
273	$justthese = array("mail", "uid");
274	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
275	$entries = ldap_get_entries($ldap_connection,$search);
276	if ($entries['count'] == 1){
277	if ($entries[0]['uid'][0] != $uid){
278	$result['status'] = false;
279	$result['msg'] = 'E-MAIL está sendo usado por 1 usuário: ' . $entries[0]['uid'][0];
280	//ldap_close($ldap_connection);
281	return $result;
282	}
283	}
284	else if ($entries['count'] > 1){
285	$result['status'] = false;
286	$result['msg'] = 'E-MAIL está sendo usado por 2 ou mais usuários.';
287	//ldap_close($ldap_connection);
288	return $result;
289	}
290
291	// MAILAlternateAddress
292	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mailalternateaddress)(mailalternateaddress=$mailalternateaddress)))";
293	$justthese = array("mail", "uid");
294	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
295	$entries = ldap_get_entries($ldap_connection,$search);
296	if ($entries['count'] == 1){
297	if ($entries[0]['uid'][0] != $uid){
298	$result['status'] = false;
299	$result['msg'] = "E-MAIL alternativo está sendo usado por 1 usuário: " . $entries[0]['uid'][0];
300	//ldap_close($ldap_connection);
301	return $result;
302	}
303	}
304	else if ($entries['count'] > 1){
305	$result['status'] = false;
306	$result['msg'] = 'E-MAIL alternativo está sendo usado por 2 ou mais usuários.';
307	return $result;
308	}
309
310	//Begin: Check CPF, only if the manager has access to this field.
311	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
312	{
313	if (!empty($cpf))
314	{
315	if (!$this->functions->checkCPF($cpf))
316	{
317	$result['status'] = false;
318	$result['msg'] = $this->functions->lang('Field CPF is invalid') . '.';
319	return $result;
320	}
321	else
322	{
323	//retira caracteres que não são números.
324	$cpf = ereg_replace("[^0-9]", "", $cpf);
325
326	$local_ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
327	if ($ldap_connection)
328	{
329	ldap_set_option($local_ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
330	ldap_set_option($local_ldap_connection, LDAP_OPT_REFERRALS, false);
331	ldap_bind($local_ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
332	}
333	else
334	{
335	$result['status'] = false;
336	$result['msg'] = 'Falha na conexao com o ldap.';
337	return $result;
338	}
339
340	$filter = "(&(phpgwAccountType=u)(cpf=$cpf))";
341	$justthese = array("cn","uid");
342	$search = ldap_search($local_ldap_connection, $context, $filter, $justthese);
343	$entries = ldap_get_entries($local_ldap_connection,$search);
344
345	if ( ($entries['count'] != 1) && (strcasecmp($uid, $entries[0]['uid'][0]) != 0) )
346	{
347	if ($entries['count'] > 0)
348	{
349	$result['question'] = $this->functions->lang('Field CPF used by') . ":\n";
350	for ($i=0; $i<$entries['count']; $i++)
351	{
352	if (strcasecmp($uid, $entries[$i]['uid'][0]) != 0)
353	$result['question'] .= "- " . $entries[$i]['cn'][0] . "\n";
354	}
355	$result['question'] .= $this->functions->lang("Do you want to continue anyway") . "?";
356	return $result;
357	}
358	}
359	ldap_close($local_ldap_connection);
360	}
361	}
362	else if ($this->current_config['expressoAdmin_cpf_obligation'])
363	{
364	$result['status'] = false;
365	$result['msg'] = $this->functions->lang('Field CPF must be completed') . '.';
366	return $result;
367	}
368	}
369	//End: Check CPF
370
371	return $result;
372	}
373
374	function validate_fields_group($params)
375	{
376	/* ldap connection following referals and using Contac Center config*/
377	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
378	{
379	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
380	if ($ldap_connection)
381	{
382	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
383	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
384	if ( ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
385	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'], $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw']);
386	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
387	}
388	else
389	{
390	$result['status'] = false;
391	$result['msg'] = 'Falha na conexao com o ldap.';
392	return $result;
393	}
394	}
395	else
396	{
397	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
398	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
399	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
400	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
401	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
402	}
403
404	$cn = $params['cn'];
405	$result['status'] = true;
406
407	if ($_SESSION['phpgw_info']['expresso']['global_denied_groups'][$cn])
408	{
409	$result['status'] = false;
410	$result['msg'] = 'Este nome de grupo não pode ser usado pois é um grupo de sistema.';
411	return $result;
412	}
413
414	// CN
415	$filter = "(&(phpgwAccountType=g)(cn=$cn))";
416	$justthese = array("cn");
417	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
418	$count_entries = ldap_count_entries($ldap_connection,$search);
419	if ($count_entries > 0)
420	{
421	$result['status'] = false;
422	$result['msg'] = 'NOME do grupo já está sendo usado.';
423	return $result;
424	}
425
426	// UID
427	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$cn))";
428	$justthese = array("uid");
429	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
430	$count_entries = ldap_count_entries($ldap_connection,$search);
431	if ($count_entries > 0)
432	{
433	$result['status'] = false;
434	$result['msg'] = 'NOME do grupo já esta sendo usado por um usuário.';
435	return $result;
436	}
437
438	return $result;
439	}
440
441	function validate_fields_maillist($params)
442	{
443	/* ldap connection following referals and using Contac Center config*/
444	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
445	{
446	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
447	if ($ldap_connection)
448	{
449	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
450	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
451	if ( ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
452	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'], $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw']);
453	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
454	}
455	else
456	{
457	$result['status'] = false;
458	$result['msg'] = 'Falha na conexao com o ldap.';
459	return $result;
460	}
461	}
462	else
463	{
464	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
465	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
466	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
467	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
468	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
469	}
470
471	$uid = $params['uid'];
472	$mail = $params['mail'];
473	$result['status'] = true;
474
475	if ($_SESSION['phpgw_info']['expresso']['global_denied_users'][$uid])
476	{
477	$result['status'] = false;
478	$result['msg'] = 'Este LOGIN não pode ser usado pois é uma conta de sistema.';
479	return $result;
480	}
481
482	// UID
483	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
484	$justthese = array("uid");
485	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
486	$count_entries = ldap_count_entries($ldap_connection,$search);
487	if ($count_entries > 0)
488	{
489	$result['status'] = false;
490	$result['msg'] = 'LOGIN da lista já está sendo usado.';
491	return $result;
492	}
493
494	// MAIL
495	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mail)(mailalternateaddress=$mail)))";
496	$justthese = array("mail");
497	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
498	$count_entries = ldap_count_entries($ldap_connection,$search);
499	if ($count_entries > 0)
500	{
501	$result['status'] = false;
502	$result['msg'] = 'E-MAIL da lista já está sendo usado.';
503	return $result;
504	}
505
506	return $result;
507	}
508
509	//Busca usuários de um contexto e já retorna as options do select;
510	function get_available_users($params)
511	{
512	$context = $params['context'];
513	$recursive = $params['recursive'];
514	$justthese = array("cn", "uidNumber");
515	$filter="(phpgwAccountType=u)";
516
517	if ($recursive == 'true')
518	$groups_list=ldap_search($this->ldap, $context, $filter, $justthese);
519	else
520	$groups_list=ldap_list($this->ldap, $context, $filter, $justthese);
521
522	$entries = ldap_get_entries($this->ldap, $groups_list);
523
524	for ($i=0; $i<$entries["count"]; $i++){
525	$u_tmp[$entries[$i]["uidnumber"][0]] = $entries[$i]["cn"][0];
526	}
527
528	if (count($u_tmp))
529	natcasesort($u_tmp);
530
531	$i = 0;
532	$users = array();
533
534	if (count($u_tmp))
535	{
536	foreach ($u_tmp as $uidnumber => $cn)
537	{
538	$options .= "<option value=$uidnumber>$cn</option>";
539	}
540	unset($u_tmp);
541	}
542
543	return $options;
544	}
545
546	//Busca usuários de um contexto e já retorna as options do select;
547	/*
548	function get_available_users_and_maillist($params)
549	{
550	$context = $params['context'];
551	$recursive = $params['recursive'];
552	$justthese = array("cn", "uidNumber");
553	$filter="(\|(phpgwAccountType=u)(phpgwAccountType=l))";
554
555	if ($recursive == 'true')
556	$groups_list=ldap_search($this->ldap, $context, $filter, $justthese);
557	else
558	$groups_list=ldap_list($this->ldap, $context, $filter, $justthese);
559
560	$entries = ldap_get_entries($this->ldap, $groups_list);
561
562	for ($i=0; $i<$entries["count"]; $i++){
563	$u_tmp[$entries[$i]["uidnumber"][0]] = $entries[$i]["cn"][0];
564	}
565
566	if (count($u_tmp))
567	natcasesort($u_tmp);
568
569	$i = 0;
570	$users = array();
571
572	if (count($u_tmp))
573	{
574	foreach ($u_tmp as $uidnumber => $cn)
575	{
576	$options .= "<option value=$uidnumber>$cn</option>";
577	}
578	unset($u_tmp);
579	}
580
581	return $options;
582	}
583	*/
584
585	//Busca usuários e listas de um contexto e já retorna as options do select;
586	function get_available_users_and_maillist($params)
587	{
588	$context = $params['context'];
589	$recursive = $params['recursive'];
590
591	//Usado para retirar a própria lista das possibilidades de inclusão.
592	$denied_uidnumber = $params['denied_uidnumber'];
593
594	$justthese = array("cn", "uidNumber", "mail");
595
596	$users_filter="(phpgwAccountType=u)";
597	$lists_filter = $denied_uidnumber == '' ? "(phpgwAccountType=l)" : "(&(phpgwAccountType=l)(!(uidnumber=$denied_uidnumber)))";
598
599	$users = Array();
600	$lists = Array();
601
602	/* folling referral connection */
603	$ldap_conn_following_ref = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
604	if ($ldap_conn_following_ref)
605	{
606	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_PROTOCOL_VERSION, 3);
607	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_REFERRALS, 1);
608
609	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
610	ldap_bind($ldap_conn_following_ref, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
611	}
612	else
613	return false;
614
615	if ($recursive == 'true')
616	{
617	$lists_search = ldap_search($ldap_conn_following_ref, $context, $lists_filter, $justthese);
618	$users_search = ldap_search($ldap_conn_following_ref, $context, $users_filter, $justthese);
619	}
620	else
621	{
622	$lists_search = ldap_list($ldap_conn_following_ref, $context, $lists_filter, $justthese);
623	$users_search = ldap_list($ldap_conn_following_ref, $context, $users_filter, $justthese);
624	}
625
626	/* email lists */
627	$lists_entries = ldap_get_entries($ldap_conn_following_ref, $lists_search);
628
629	for ($i=0; $i<$lists_entries["count"]; $i++)
630	{
631	$l_tmp[$lists_entries[$i]["mail"][0]] = $lists_entries[$i]["cn"][0];
632	}
633
634	if (count($l_tmp))
635	natcasesort($l_tmp);
636
637	$i = 0;
638	$lists = array();
639
640	$options .= '<option value="-1" disabled>------------------------------    Listas    ------------------------------ </option>'."\n";
641	if (count($l_tmp))
642	{
643	foreach ($l_tmp as $mail => $cn)
644	{
645	$options .= "<option value=$mail>$cn</option>";
646	}
647	unset($l_tmp);
648	}
649
650	/* users */
651	$users_entries = ldap_get_entries($ldap_conn_following_ref, $users_search);
652	for ($i=0; $i<$users_entries["count"]; $i++)
653	{
654	$u_tmp[$users_entries[$i]["mail"][0]] = $users_entries[$i]["cn"][0];
655	}
656
657	if (count($u_tmp))
658	natcasesort($u_tmp);
659
660	$i = 0;
661	$users = array();
662
663	$options .= '<option value="-1" disabled>-----------------------------    Usuários    ---------------------------- </option>'."\n";
664	if (count($u_tmp))
665	{
666	foreach ($u_tmp as $mail => $cn)
667	{
668	$options .= "<option value=$mail class='line-above'>$cn</option>";
669	}
670	unset($u_tmp);
671	}
672
673	ldap_close($ldap_conn_following_ref);
674	return $options;
675	}
676
677	function get_available_groups($params)
678	{
679	$context = $params['context'];
680	$justthese = array("cn", "gidNumber");
681	$groups_list=ldap_list($this->ldap, $context, ("(phpgwAccountType=g)"), $justthese);
682	ldap_sort($this->ldap, $groups_list, "cn");
683
684	$entries = ldap_get_entries($this->ldap, $groups_list);
685
686	$options = '';
687	for ($i=0; $i<$entries['count']; $i++)
688	{
689	$options .= "<option value=" . $entries[$i]['gidnumber'][0] . ">" . $entries[$i]['cn'][0] . "</option>";
690	}
691
692	return $options;
693	}
694
695	function get_available_maillists($params)
696	{
697	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
698	return false;
699
700	$context = $params['context'];
701	$justthese = array("uid","mail","uidNumber");
702	$maillists=ldap_list($ldapMasterConnect, $context, ("(phpgwAccountType=l)"), $justthese);
703	ldap_sort($ldapMasterConnect, $maillists, "uid");
704
705	$entries = ldap_get_entries($ldapMasterConnect, $maillists);
706
707	$options = '';
708	for ($i=0; $i<$entries['count']; $i++)
709	{
710	$options .= "<option value=" . $entries[$i]['uid'][0] . ">" . $entries[$i]['uid'][0] . " (" . $entries[$i]['mail'][0] . ")" . "</option>";
711	}
712
713	ldap_close($ldapMasterConnect);
714	return $options;
715	}
716
717	function ldap_add_entry($dn, $entry)
718	{
719	$result = array();
720	if (!@ldap_add ( $this->ldap, $dn, $entry ))
721	{
722	$result['status'] = false;
723	$result['error_number'] = ldap_errno($this->ldap);
724	$result['msg'] = "Erro na funcao ldap_functions->ldap_add_entry ($dn).\nRetorno do servidor:" . ldap_errno($this->ldap) . ldap_error($this->ldap);
725	}
726	else
727	$result['status'] = true;
728
729	return $result;
730	}
731
732	function ldap_save_photo($dn, $pathphoto, $photo_exist=false)
733	{
734	$fd = fopen($pathphoto, "r");
735	$fsize = filesize($pathphoto);
736	$jpegStr = fread($fd, $fsize);
737	fclose ($fd);
738	$attrs['jpegPhoto'] = $jpegStr;
739
740	if ($photo_exist)
741	$res = @ldap_mod_replace($this->ldap, $dn, $attrs);
742	else
743	$res = @ldap_mod_add($this->ldap, $dn, $attrs);
744
745	if ($res)
746	{
747	$result['status'] = true;
748	}
749	else
750	{
751	$result['status'] = false;
752	$result['msg'] = "Erro na funcao ldap_functions->ldap_save_photo ($dn).\nRetorno do servidor:" . ldap_error($this->ldap);
753	}
754
755	return $result;
756	}
757
758	function ldap_remove_photo($dn)
759	{
760	$attrs['jpegPhoto'] = array();
761	$res = ldap_mod_del($this->ldap, $dn, $attrs);
762
763	if ($res)
764	{
765	$result['status'] = true;
766	}
767	else
768	{
769	$result['status'] = false;
770	$result['msg'] = "Erro na funcao ldap_functions->ldap_remove_photo ($dn).\nRetorno do servidor:" . ldap_error($this->ldap);
771	}
772
773	return $result;
774	}
775
776	// Pode receber tanto um único memberUid quanto um array de memberUid's
777	function add_user2group($gidNumber, $memberUid)
778	{
779	$filter = "(&(phpgwAccountType=g)(gidNumber=$gidNumber))";
780	$justthese = array("dn");
781	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
782	$entry = ldap_get_entries($this->ldap, $search);
783	$group_dn = $entry[0]['dn'];
784	$attrs['memberUid'] = $memberUid;
785
786	$res = @ldap_mod_add($this->ldap, $group_dn, $attrs);
787
788	if ($res)
789	{
790	$result['status'] = true;
791	}
792	else
793	{
794	$result['status'] = false;
795	$result['msg'] = "Erro na funcao ldap_functions->add_user2group ($memberUid).\nRetorno do servidor:" . ldap_error($this->ldap);
796	}
797	return $result;
798	}
799
800	function remove_user2group($gidNumber, $memberUid)
801	{
802	$filter = "(&(phpgwAccountType=g)(gidNumber=$gidNumber))";
803	$justthese = array("dn");
804	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
805	$entry = ldap_get_entries($this->ldap, $search);
806	$group_dn = $entry[0]['dn'];
807	$attrs['memberUid'] = $memberUid;
808	$res = @ldap_mod_del($this->ldap, $group_dn, $attrs);
809
810	/*echo 'usuarios recebidos para remocao no ldap';
811	echo '<pre>';
812	print_r($memberUid);*/
813
814	if ($res)
815	{
816	$result['status'] = true;
817	}
818	else
819	{
820	$result['status'] = false;
821	$result['msg'] = "Erro na funcao ldap_functions->remove_user2group ($memberUid).\nRetorno do servidor:" . ldap_error($this->ldap);
822	}
823	return $result;
824	}
825
826	function add_user2maillist($uid, $mail)
827	{
828	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
829	{
830	$result['status'] = false;
831	$result['msg'] = "Falha de conexão com o openLDAP.\n\nRetorno do servidor:" . ldap_error($ldapMasterConnect);
832	return $result;
833	}
834
835	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
836	$justthese = array("dn");
837	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
838	$entry = ldap_get_entries($ldapMasterConnect, $search);
839	$group_dn = $entry[0]['dn'];
840	$attrs['mailForwardingAddress'] = $mail;
841	$res = @ldap_mod_add($ldapMasterConnect, $group_dn, $attrs);
842
843	if ($res)
844	{
845	$result['status'] = true;
846	}
847	else
848	{
849	$result['status'] = false;
850	if (ldap_errno($ldapMasterConnect) == '50')
851	{
852	$result['msg'] = "Erro na funcao ldap_functions->add_user2maillist.\n" .
853	"O usuário utilizado para gravação no LDAP, DEVE ter direito de escrita.\n".
854	"O usuário " . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . " não tem este direito.\n".
855	"Edite \"Configuração Global do Catálogo\", no módulo Administrador, Catálogo de Endereços e adicione um usuário com direitos de escrita.";
856	}
857	else
858	$result['msg'] = "Erro na funcao ldap_functions->add_user2maillist.\nRetorno do servidor:" . ldap_error($ldapMasterConnect);
859	}
860
861	ldap_close($ldapMasterConnect);
862	return $result;
863	}
864
865	function add_user2maillist_scl($dn, $array_emails)
866	{
867	$attrs['mailSenderAddress'] = $array_emails;
868
869	print_r($attrs);
870
871	$res = @ldap_mod_add($this->ldap, $dn, $attrs);
872
873	if ($res)
874	{
875	$result['status'] = true;
876	}
877	else
878	{
879	$result['status'] = false;
880	$result['msg'] = "Erro na funcao ldap_functions->add_user2maillist_scp ($dn).\n\nRetorno do servidor:" . ldap_error($this->ldap);
881	}
882	return $result;
883	}
884
885	function remove_user2maillist($uid, $mail)
886	{
887	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
888	{
889	$result['status'] = false;
890	$result['msg'] = "Falha de conexão com o openLDAP.\n\nRetorno do servidor:" . ldap_error($ldapMasterConnect);
891	return $result;
892	}
893
894	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
895	$justthese = array("dn");
896	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
897	$entry = ldap_get_entries($ldapMasterConnect, $search);
898	$group_dn = $entry[0]['dn'];
899	$attrs['mailForwardingAddress'] = $mail;
900	$res = @ldap_mod_del($ldapMasterConnect, $group_dn, $attrs);
901
902	if ($res)
903	{
904	$result['status'] = true;
905	}
906	else
907	{
908	$result['status'] = false;
909	if (ldap_errno($ldapMasterConnect) == '50')
910	{
911	$result['msg'] = "Erro na funcao ldap_functions->add_user2maillist.\n" .
912	"O usuário utilizado para gravação no LDAP, DEVE ter direito de escrita.\n".
913	"O usuário " . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . " não tem este direito.\n".
914	"Edite \"Configuração Global do Catálogo\", no módulo Administrador, Catálogo de Endereços e adicione um usuário com direitos de escrita.";
915	}
916	else
917	$result['msg'] = "Erro na funcao ldap_functions->add_user2maillist.\nRetorno do servidor:" . ldap_error($ldapMasterConnect);
918	}
919	ldap_close($ldapMasterConnect);
920	return $result;
921	}
922
923	function remove_user2maillist_scl($dn, $array_emails)
924	{
925	$attrs['mailSenderAddress'] = $array_emails;
926	$res = @ldap_mod_del($this->ldap, $dn, $attrs);
927
928	if ($res)
929	{
930	$result['status'] = true;
931	}
932	else
933	{
934	$result['status'] = false;
935	$result['msg'] = "Erro na funcao ldap_functions->remove_user2maillist_scp ($dn).\n\nRetorno do servidor:" . ldap_error($this->ldap);
936	}
937	return $result;
938	}
939
940	function replace_user2maillists($new_mail, $old_mail)
941	{
942	$filter = "(&(phpgwAccountType=l)(mailforwardingaddress=$old_mail))";
943	$justthese = array("dn");
944	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
945	$entries = ldap_get_entries($this->ldap, $search);
946	$result['status'] = true;
947	for ($i=0; $i<$entries['count']; $i++)
948	{
949	$attrs['mailforwardingaddress'] = $old_mail;
950	$res1 = @ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs);
951	$attrs['mailforwardingaddress'] = $new_mail;
952	$res2 = @ldap_mod_add($this->ldap, $entries[$i]['dn'], $attrs);
953
954	if ((!$res1) \|\| (!$res2))
955	{
956	$result['status'] = false;
957	$result['msg'] = "Erro na funcao ldap_functions->replace_user2maillists ($old_mail).\nRetorno do servidor:" . ldap_error($this->ldap);
958	}
959	}
960
961	return $result;
962	}
963
964	function get_user_info($uidnumber)
965	{
966	foreach ($this->manager_contexts as $index=>$context)
967	{
968	$filter="(&(phpgwAccountType=u)(uidNumber=".$uidnumber."))";
969	$search = ldap_search($this->ldap, $context, $filter);
970	$entry = ldap_get_entries($this->ldap, $search);
971
972	if ($entry['count'])
973	{
974	//Pega o dn do setor do usuario.
975	$entry[0]['dn'] = strtolower($entry[0]['dn']);
976	$sector_dn_array = explode(",", $entry[0]['dn']);
977	for($i=1; $i<count($sector_dn_array); $i++)
978	$sector_dn .= $sector_dn_array[$i] . ',';
979	//Retira ultimo pipe.
980	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
981
982	$result['context'] = $sector_dn;
983	$result['uid'] = $entry[0]['uid'][0];
984	$result['uidnumber'] = $entry[0]['uidnumber'][0];
985	$result['gidnumber'] = $entry[0]['gidnumber'][0];
986	$result['departmentnumber'] = $entry[0]['departmentnumber'][0];
987	$result['givenname'] = $entry[0]['givenname'][0];
988	$result['sn'] = $entry[0]['sn'][0];
989	$result['telephonenumber'] = $entry[0]['telephonenumber'][0];
990	$result['passwd_expired'] = $entry[0]['phpgwlastpasswdchange'][0];
991	$result['phpgwaccountstatus'] = $entry[0]['phpgwaccountstatus'][0];
992	$result['phpgwaccountvisible'] = $entry[0]['phpgwaccountvisible'][0];
993	$result['accountstatus'] = $entry[0]['accountstatus'][0];
994	$result['mail'] = $entry[0]['mail'][0];
995	$result['mailalternateaddress'] = $entry[0]['mailalternateaddress'];
996	$result['mailforwardingaddress']= $entry[0]['mailforwardingaddress'];
997	$result['deliverymode'] = $entry[0]['deliverymode'][0];
998	$result['userPasswordRFC2617'] = $entry[0]['userpasswordrfc2617'][0];
999
1000	//Photo
1001	if ($entry[0]['jpegphoto']['count'] == 1)
1002	$result['photo_exist'] = 'true';
1003
1004	// Samba
1005	for ($i=0; $i<$entry[0]['objectclass']['count']; $i++)
1006	{
1007	if ($entry[0]['objectclass'][$i] == 'sambaSamAccount')
1008	$result['sambaUser'] = true;
1009	}
1010	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($result['sambaUser']))
1011	{
1012	$result['sambaaccflags'] = $entry[0]['sambaacctflags'][0];
1013	$result['sambalogonscript'] = $entry[0]['sambalogonscript'][0];
1014	$result['homedirectory'] = $entry[0]['homedirectory'][0];
1015	$a_tmp = explode("-", $entry[0]['sambasid'][0]);
1016	array_pop($a_tmp);
1017	$result['sambasid'] = implode("-", $a_tmp);
1018	}
1019
1020	// Verifica o acesso do gerente aos atributos corporativos
1021	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
1022	{
1023	$result['corporative_information_employeenumber']= $entry[0]['employeenumber'][0];
1024	$result['corporative_information_cpf'] = $entry[0]['cpf'][0];
1025	$result['corporative_information_rg'] = $entry[0]['rg'][0];
1026	$result['corporative_information_rguf'] = $entry[0]['rguf'][0];
1027	}
1028
1029	// MailLists
1030	$result['maillists_info'] = $this->get_user_maillists($result['mail']);
1031	if($result['maillists_info'])
1032	{
1033	foreach ($result['maillists_info'] as $maillist)
1034	{
1035	$result['maillists'][] = $maillist['uid'];
1036	}
1037	}
1038
1039	// Groups
1040	$justthese = array("gidnumber","cn");
1041	$filter="(&(phpgwAccountType=g)(memberuid=".$result['uid']."))";
1042	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1043	ldap_sort($this->ldap, $search, "cn");
1044	$entries = ldap_get_entries($this->ldap, $search);
1045	for ($i=0; $i<$entries['count']; $i++)
1046	{
1047	$result['groups_ldap'][ $entries[$i]['gidnumber'][0] ] = $entries[$i]['cn'][0];
1048	}
1049	}
1050	}
1051	return $result;
1052	}
1053
1054	function get_user_maillists($mail)
1055	{
1056	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1057	return false;
1058
1059	$result = array();
1060
1061	//Mostra somente os mailists dos contextos do gerente
1062	$justthese = array("uid","mail","uidnumber");
1063	$filter="(&(phpgwAccountType=l)(mailforwardingaddress=$mail))";
1064
1065	foreach ($this->manager_contexts as $index=>$context)
1066	{
1067	$search = ldap_search($ldapMasterConnect, $context, $filter, $justthese);
1068	$entries = ldap_get_entries($ldapMasterConnect, $search);
1069
1070	for ($i=0; $i<$entries['count']; $i++)
1071	{
1072	$result[ $entries[$i]['uid'][0] ]['uid'] = $entries[$i]['uid'][0];
1073	$result[ $entries[$i]['uid'][0] ]['mail'] = $entries[$i]['mail'][0];
1074
1075	$a_tmp[] = $entries[$i]['uid'][0];
1076	}
1077	}
1078
1079	if($a_tmp) {
1080	natcasesort($a_tmp);
1081
1082	foreach ($a_tmp as $uid)
1083	{
1084	$return[$uid]['uid'] = $result[$uid]['uid'];
1085	$return[$uid]['mail'] = $result[$uid]['mail'];
1086	}
1087	}
1088	ldap_close($ldapMasterConnect);
1089	return $return;
1090	}
1091
1092	function get_group_info($gidnumber)
1093	{
1094	foreach ($this->manager_contexts as $index=>$context)
1095	{
1096	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1097	$search = ldap_search($this->ldap, $context, $filter);
1098	$entry = ldap_get_entries($this->ldap, $search);
1099
1100	if ($entry['count'])
1101	{
1102	//Pega o dn do setor do grupo.
1103	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1104	$sector_dn_array = explode(",", $entry[0]['dn']);
1105	for($i=1; $i<count($sector_dn_array); $i++)
1106	$sector_dn .= $sector_dn_array[$i] . ',';
1107	//Retira ultimo pipe.
1108	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1109
1110	$result['context'] = $sector_dn;
1111	$result['cn'] = $entry[0]['cn'][0];
1112	$result['description'] = $entry[0]['description'][0];
1113	$result['gidnumber'] = $entry[0]['gidnumber'][0];
1114	$result['phpgwaccountvisible'] = $entry[0]['phpgwaccountvisible'][0];
1115	$result['email'] = $entry[0]['mail'][0];
1116
1117	//MemberUid
1118	for ($i=0; $i<$entry[0]['memberuid']['count']; $i++)
1119	{
1120	$justthese = array("cn","uid","uidnumber");
1121
1122	// Montagem dinamica do filtro
1123	$filter="(&(phpgwAccountType=u)(\|";
1124	for ($k=0; (($k<10) && ($i<$entry[0]['memberuid']['count'])); $k++)
1125	{
1126	$filter .= "(uid=".$entry[0]['memberuid'][$i].")";
1127	$i++;
1128	}
1129	$i--;
1130	$filter .= "))";
1131
1132	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1133	$user_entry = ldap_get_entries($this->ldap, $search);
1134
1135	for ($j=0; $j<$user_entry['count']; $j++)
1136	{
1137	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['cn'] = $user_entry[$j]['cn'][0];
1138	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['uidnumber'] = $user_entry[$j]['uidnumber'][0];
1139	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['type'] = 'u';
1140	}
1141	}
1142
1143	// Checamos e-mails que não fazem parte do expresso.
1144	// Criamos um array temporario
1145	$tmp_array = array();
1146	if($result['memberuid_info'])
1147	foreach ($result['memberuid_info'] as $uid => $user_data)
1148	{
1149	$tmp_array[] = $uid;
1150	}
1151
1152	if($entry[0]['memberuid']) {
1153	// Retira o count do array
1154	array_shift($entry[0]['memberuid']);
1155	// Vemos a diferença
1156	$array_diff = array_diff($entry[0]['memberuid'], $tmp_array);
1157	// Incluimos no resultado
1158	foreach ($array_diff as $index=>$uid)
1159	{
1160	$result['memberuid_info'][$uid]['cn'] = $uid;
1161	}
1162	}
1163
1164	// Samba
1165	for ($i=0; $i<$entry[0]['objectclass']['count']; $i++)
1166	{
1167	if ($entry[0]['objectclass'][$i] == 'sambaGroupMapping')
1168	$result['sambaGroup'] = true;
1169
1170	$a_tmp = explode("-", $entry[0]['sambasid'][0]);
1171	array_pop($a_tmp);
1172	$result['sambasid'] = implode("-", $a_tmp);
1173	}
1174	return $result;
1175	}
1176	}
1177	}
1178
1179	function get_maillist_info($uidnumber)
1180	{
1181
1182	/* folling referral connection */
1183	$ldap_conn_following_ref = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
1184	if ($ldap_conn_following_ref)
1185	{
1186	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_PROTOCOL_VERSION, 3);
1187	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_REFERRALS, 1);
1188
1189	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
1190	ldap_bind($ldap_conn_following_ref, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
1191	}
1192
1193	foreach ($this->manager_contexts as $index=>$context)
1194	{
1195	$filter="(&(phpgwAccountType=l)(uidNumber=".$uidnumber."))";
1196	$search = ldap_search($this->ldap, $context, $filter);
1197	$entry = ldap_get_entries($this->ldap, $search);
1198
1199	if ($entry['count'])
1200	{
1201	//Pega o dn do setor do usuario.
1202	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1203	$sector_dn_array = explode(",", $entry[0]['dn']);
1204	for($i=1; $i<count($sector_dn_array); $i++)
1205	$sector_dn .= $sector_dn_array[$i] . ',';
1206	//Retira ultimo pipe.
1207	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1208
1209	$result['context'] = $sector_dn;
1210	$result['uidnumber'] = $entry[0]['uidnumber'][0];
1211	$result['uid'] = strtolower($entry[0]['uid'][0]);
1212	$result['cn'] = $entry[0]['cn'][0];
1213	$result['mail'] = $entry[0]['mail'][0];
1214	$result['accountStatus'] = $entry[0]['accountstatus'][0];
1215	$result['phpgwAccountVisible'] = $entry[0]['phpgwaccountvisible'][0];
1216
1217	//Members
1218	for ($i=0; $i<$entry[0]['mailforwardingaddress']['count']; $i++)
1219	{
1220	$justthese = array("cn", "uidnumber", "uid", "phpgwaccounttype", "mail");
1221
1222	// Montagem dinamica do filtro, para nao ter muitas conexoes com o ldap
1223	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|";
1224	for ($k=0; (($k<10) && ($i<$entry[0]['mailforwardingaddress']['count'])); $k++)
1225	{
1226	$filter .= "(mail=".$entry[0]['mailforwardingaddress'][$i].")";
1227	$i++;
1228	}
1229	$i--;
1230	$filter .= "))";
1231
1232	$search = ldap_search($ldap_conn_following_ref, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1233	$user_entry = ldap_get_entries($ldap_conn_following_ref, $search);
1234
1235	for ($j=0; $j<$user_entry['count']; $j++)
1236	{
1237	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['uid'] = $user_entry[$j]['uid'][0];
1238	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['cn'] = $user_entry[$j]['cn'][0];
1239	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['type'] = $user_entry[$j]['phpgwaccounttype'][0];
1240	$result['mailForwardingAddress'][] = $user_entry[$j]['mail'][0];
1241	}
1242	}
1243
1244	// Emails não encontrados no ldap
1245	array_shift($entry[0]['mailforwardingaddress']); //Retira o count do array
1246	$missing_emails = array_diff($entry[0]['mailforwardingaddress'], $result['mailForwardingAddress']);
1247
1248	// Incluimos estes no resultado
1249	foreach ($missing_emails as $index=>$mailforwardingaddress)
1250	{
1251	$result['mailForwardingAddress_info'][$mailforwardingaddress]['uid'] = $mailforwardingaddress;
1252	$result['mailForwardingAddress_info'][$mailforwardingaddress]['cn'] = 'E-Mail nao encontrado';
1253	$result['mailForwardingAddress'][] = $mailforwardingaddress;
1254	}
1255
1256	ldap_close($ldap_conn_following_ref);
1257	return $result;
1258	}
1259	}
1260	}
1261
1262	function get_maillist_scl_info($uidnumber)
1263	{
1264	foreach ($this->manager_contexts as $index=>$context)
1265	{
1266	$filter="(&(phpgwAccountType=l)(uidNumber=$uidnumber))";
1267	$search = ldap_search($this->ldap, $context, $filter);
1268	$entry = ldap_get_entries($this->ldap, $search);
1269
1270	if ($entry['count'])
1271	{
1272	//Pega o dn do setor do usuario.
1273	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1274	$sector_dn_array = explode(",", $entry[0]['dn']);
1275	for($i=1; $i<count($sector_dn_array); $i++)
1276	$sector_dn .= $sector_dn_array[$i] . ',';
1277	//Retira ultimo pipe.
1278	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1279
1280	$result['dn'] = $entry[0]['dn'];
1281	$result['context'] = $sector_dn;
1282	$result['uidnumber'] = $entry[0]['uidnumber'][0];
1283	$result['uid'] = $entry[0]['uid'][0];
1284	$result['cn'] = $entry[0]['cn'][0];
1285	$result['mail'] = $entry[0]['mail'][0];
1286	$result['accountStatus'] = $entry[0]['accountstatus'][0];
1287	$result['phpgwAccountVisible'] = $entry[0]['phpgwaccountvisible'][0];
1288	$result['accountRestrictive'] = $entry[0]['accountrestrictive'][0];
1289	$result['participantCanSendMail'] = $entry[0]['participantcansendmail'][0];
1290
1291	//Senders
1292	for ($i=0; $i<$entry[0]['mailsenderaddress']['count']; $i++)
1293	{
1294	$justthese = array("cn", "uidnumber", "uid", "mail");
1295	$filter="(&(phpgwAccountType=u)(mail=".$entry[0]['mailsenderaddress'][$i]."))";
1296	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1297	$user_entry = ldap_get_entries($this->ldap, $search);
1298
1299	$result['senders_info'][$user_entry[0]['mail'][0]]['uid'] = $user_entry[0]['uid'][0];
1300	$result['senders_info'][$user_entry[0]['mail'][0]]['cn'] = $user_entry[0]['cn'][0];
1301	$result['members'][] = $user_entry[0]['mail'][0];
1302	}
1303	return $result;
1304	}
1305	}
1306	}
1307
1308	function group_exist($gidnumber)
1309	{
1310	$justthese = array("cn");
1311	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1312	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1313
1314	$entry = ldap_get_entries($this->ldap, $search);
1315	if ($entry['count'] == 0)
1316	return false;
1317	else
1318	return true;
1319	}
1320
1321	function gidnumbers2cn($gidnumbers)
1322	{
1323	$result = array();
1324	if (count($gidnumbers))
1325	{
1326	$justthese = array("cn");
1327	$i = 0;
1328	foreach ($gidnumbers as $gidnumber)
1329	{
1330	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1331	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1332
1333	$entry = ldap_get_entries($this->ldap, $search);
1334	if ($entry['count'] == 0)
1335	$result['groups_info'][$i]['cn'] = '_Grupo existe no BD mas não no LDAP';
1336	else
1337	$result['groups_info'][$i]['cn'] = $entry[0]['cn'][0];
1338	$result['groups_info'][$i]['gidnumber'] = $gidnumber;
1339
1340	/* o gerente pode excluir um grupo de um usuario onde este grupo esta em outra OU ? */
1341	/* é o mesmo que o manager editar um grupo de outra OU */
1342	$result['groups_info'][$i]['group_disabled'] = 'true';
1343	foreach ($this->manager_contexts as $index=>$context)
1344	{
1345	if (strpos(strtolower($entry[0]['dn']), strtolower($context)))
1346	{
1347	$result['groups_info'][$i]['group_disabled'] = 'false';
1348	}
1349	}
1350
1351	$i++;
1352	}
1353	}
1354	return $result;
1355	}
1356
1357	function uidnumber2uid($uidnumber)
1358	{
1359	$justthese = array("uid");
1360	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uidNumber=".$uidnumber."))";
1361	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1362	$entry = ldap_get_entries($this->ldap, $search);
1363	return $entry[0]['uid'][0];
1364	}
1365
1366	function uidnumber2mail($uidnumber)
1367	{
1368	$justthese = array("mail");
1369	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uidNumber=".$uidnumber."))";
1370	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1371	$entry = ldap_get_entries($this->ldap, $search);
1372	return $entry[0]['mail'][0];
1373	}
1374
1375
1376	function change_user_context($dn, $newrdn, $newparent)
1377	{
1378	if (!ldap_rename ( $this->ldap, $dn, $newrdn, $newparent, true ))
1379	{
1380	$return['status'] = false;
1381	$return['msg'] = 'Erro em ldap_funcitons->change_user_context: ' . ldap_error($this->ldap);
1382	}
1383	else
1384	$return['status'] = true;
1385
1386	return $return;
1387	}
1388
1389	function replace_user_attributes($dn, $ldap_mod_replace)
1390	{
1391	if (!@ldap_mod_replace ( $this->ldap, $dn, $ldap_mod_replace ))
1392	{
1393	$return['status'] = false;
1394	$return['error_number'] = ldap_errno($this->ldap);
1395	$return['msg'] = 'Erro em ldap_funcitons->replace_user_attributes: ' . ldap_error($this->ldap);
1396	}
1397	else
1398	$return['status'] = true;
1399
1400	return $return;
1401	}
1402
1403	function add_user_attributes($dn, $ldap_add)
1404	{
1405	if (!@ldap_mod_add ( $this->ldap, $dn, $ldap_add ))
1406	{
1407	$return['status'] = false;
1408	$return['error_number'] = ldap_errno($this->ldap);
1409	$return['msg'] = 'Erro em ldap_funcitons->add_user_attributes: ' . ldap_error($this->ldap);
1410	}
1411	else
1412	$return['status'] = true;
1413
1414	return $return;
1415	}
1416
1417	function remove_user_attributes($dn, $ldap_remove)
1418	{
1419	if (!@ldap_mod_del ( $this->ldap, $dn, $ldap_remove ))
1420	{
1421	$return['status'] = false;
1422	$return['msg'] = 'Erro em ldap_funcitons->remove_user_attributes: ' . ldap_error($this->ldap);
1423	}
1424	else
1425	$return['status'] = true;
1426
1427	return $return;
1428	}
1429
1430	function set_user_password($uid, $password)
1431	{
1432	$justthese = array("userPassword");
1433	$filter="(&(phpgwAccountType=u)(uid=".$uid."))";
1434	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1435	$entry = ldap_get_entries($this->ldap, $search);
1436	$dn = $entry[0]['dn'];
1437	$userPassword = $entry[0]['userpassword'][0];
1438	$ldap_mod_replace['userPassword'] = $password;
1439	$this->replace_user_attributes($dn, $ldap_mod_replace);
1440	return $userPassword;
1441	}
1442
1443	function delete_user($user_info)
1444	{
1445	// Verifica acesso do gerente (OU) ao tentar deletar um usuário.
1446	$manager_access = false;
1447	foreach ($this->manager_contexts as $index=>$context)
1448	{
1449	if ( (strpos(strtolower($user_info['context']), strtolower($context))) \|\| (strtolower($user_info['context']) == strtolower($context)) )
1450	{
1451	$manager_access = true;
1452	break;
1453	}
1454	}
1455	if (!$manager_access)
1456	{
1457	$return['status'] = false;
1458	$return['msg'] .= 'Você não tem acesso para deletar este usuário.';
1459	return $return;
1460	}
1461
1462	$return['status'] = true;
1463	$return['msg'] = "";
1464
1465	// GROUPS
1466	$attrs = array();
1467	$attrs['memberuid'] = $user_info['uid'];
1468
1469	if (count($user_info['groups_info']))
1470	{
1471	foreach ($user_info['groups_info'] as $group_info)
1472	{
1473	$gidnumber = $group_info['gidnumber'];
1474	$justthese = array("dn");
1475	$filter="(&(phpgwAccountType=g)(gidnumber=".$gidnumber."))";
1476	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1477	$entry = ldap_get_entries($this->ldap, $search);
1478	$dn = $entry[0]['dn'];
1479
1480	if (!@ldap_mod_del($this->ldap, $dn, $attrs))
1481	{
1482	$return['status'] = false;
1483	$return['msg'] .= "Erro em ldap_functions->delete_user from group ($dn): " . ldap_error($this->ldap);
1484	}
1485	}
1486	}
1487
1488	//INSTITUTIONAL ACCOUNTS
1489	$attrs = array();
1490	$attrs['mailForwardingAddress'] = $user_info['mail'];
1491
1492	$justthese = array("dn");
1493	$filter="(&(phpgwAccountType=i)(mailforwardingaddress=".$user_info['mail']."))";
1494	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1495	$entries = ldap_get_entries($this->ldap, $search);
1496
1497	for ($i=0; $i<$entries['count']; $i++)
1498	{
1499	if ( !@ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs) )
1500	{
1501	$result['status'] = false;
1502	$result['msg'] = "Erro na funcao ldap_functions->delete_user, instutional_accounts.\nRetorno do servidor:" . ldap_error($this->ldap);
1503	}
1504	}
1505
1506	// MAILLISTS
1507	$attrs = array();
1508	$attrs['mailForwardingAddress'] = $user_info['mail'];
1509
1510	if (count($user_info['maillists_info']))
1511	{
1512
1513	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1514	{
1515	$return['status'] = false;
1516	$return['msg'] .= 'Erro ao conectar ao ldap_master: ' . ldap_error($this->ldap);
1517	return $return;
1518	}
1519
1520	foreach ($user_info['maillists_info'] as $maillists_info)
1521	{
1522	$uid = $maillists_info['uid'];
1523	$justthese = array("dn");
1524	$filter="(&(phpgwAccountType=l)(uid=".$uid."))";
1525	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1526	$entry = ldap_get_entries($ldapMasterConnect, $search);
1527	$dn = $entry[0]['dn'];
1528
1529	if (!@ldap_mod_del($ldapMasterConnect, $dn, $attrs))
1530	{
1531	$return['status'] = false;
1532	if (ldap_errno($ldapMasterConnect) == '50')
1533	{
1534	$result['msg'] = "Erro na funcao ldap_functions->delete_user.\n" .
1535	"O usuário utilizado para gravação no LDAP, DEVE ter direito de escrita.\n".
1536	"O usuário " . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . " não tem este direito.\n".
1537	"Edite \"Configuração Global do Catálogo\", no módulo Administrador, Catálogo de Endereços e adicione um usuário com direitos de escrita.";
1538	}
1539	else
1540	$result['msg'] = "Erro na funcao ldap_functions->add_user2maillist.\nRetorno do servidor:" . ldap_error($ldapMasterConnect);
1541	}
1542	}
1543	ldap_close($ldapMasterConnect);
1544	}
1545
1546	// UID
1547	$dn = "uid=" . $user_info['uid'] . "," . $user_info['context'];
1548	if (!@ldap_delete($this->ldap, $dn))
1549	{
1550	$return['status'] = false;
1551	$return['msg'] .= 'Erro em ldap_funcitons->delete_user, listas de email: ' . ldap_error($this->ldap);
1552	}
1553
1554	return $return;
1555	}
1556
1557	function delete_maillist($uidnumber, $mail)
1558	{
1559	$return['status'] = true;
1560
1561	$justthese = array("dn");
1562
1563	// remove listas dentro de listas
1564	$filter="(&(phpgwAccountType=l)(mailForwardingAddress=".$mail."))";
1565	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1566	$entry = ldap_get_entries($this->ldap, $search);
1567	$attrs['mailForwardingAddress'] = $mail;
1568	for ($i=0; $i<=$entry['count']; $i++)
1569	{
1570	$dn = $entry[$i]['dn'];
1571	@ldap_mod_del ( $this->ldap, $dn, $attrs);
1572	}
1573
1574	$filter="(&(phpgwAccountType=l)(uidnumber=".$uidnumber."))";
1575	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1576	$entry = ldap_get_entries($this->ldap, $search);
1577	$dn = $entry[0]['dn'];
1578
1579	if (!@ldap_delete($this->ldap, $dn))
1580	{
1581	$return['status'] = false;
1582	$return['msg'] .= 'Erro em ldap_funcitons->delete_maillist, listas de email: ' . ldap_error($this->ldap);
1583	}
1584
1585	return $return;
1586	}
1587
1588	function delete_group($gidnumber)
1589	{
1590	$return['status'] = true;
1591
1592	$justthese = array("dn");
1593	$filter="(&(phpgwAccountType=g)(gidnumber=".$gidnumber."))";
1594	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1595	$entry = ldap_get_entries($this->ldap, $search);
1596	$dn = $entry[0]['dn'];
1597
1598	if (!@ldap_delete($this->ldap, $dn))
1599	{
1600	$return['status'] = false;
1601	$return['msg'] .= 'Erro em ldap_funcitons->delete_maillist, listas de email: ' . ldap_error($this->ldap);
1602	}
1603
1604	return $return;
1605	}
1606
1607	function check_access_to_renamed($uid)
1608	{
1609	$justthese = array("dn");
1610	$filter="(&(phpgwAccountType=u)(uid=$uid))";
1611
1612	foreach ($this->manager_contexts as $index=>$context)
1613	{
1614	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1615	$entry = ldap_get_entries($this->ldap, $search);
1616	if ($entry['count'])
1617	return true;
1618	}
1619	return false;
1620	}
1621
1622	function check_rename_new_uid($uid)
1623	{
1624	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1625	return false;
1626
1627	$justthese = array("dn");
1628	$filter="(&(phpgwAccountType=u)(uid=$uid))";
1629
1630	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1631	$count_entries = @ldap_count_entries($ldapMasterConnect, $search);
1632
1633	if ($count_entries)
1634	return false;
1635
1636	return true;
1637	}
1638
1639	function rename_uid($uid, $new_uid)
1640	{
1641	$return['status'] = true;
1642
1643	$justthese = array("dn");
1644	$filter="(&(phpgwAccountType=u)(uid=".$uid."))";
1645	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1646	$entry = ldap_get_entries($this->ldap, $search);
1647	$dn = $entry[0]['dn'];
1648
1649	$explode_dn = ldap_explode_dn($dn, 0);
1650	$rdn = "uid=" . $new_uid;
1651
1652	$parent = array();
1653	for ($j=1; $j<(count($explode_dn)-1); $j++)
1654	$parent[] = $explode_dn[$j];
1655	$parent = implode(",", $parent);
1656
1657	$return['new_dn'] = $rdn . ',' . $parent;
1658
1659	if (!@ldap_rename($this->ldap, $dn, $rdn, $parent, true))
1660	{
1661	$return['status'] = false;
1662	$return['msg'] .= 'Erro em ldap_funcitons->rename_uid: ' . ldap_error($this->ldap);
1663	}
1664
1665	//Grupos
1666	$justthese = array("dn");
1667	$filter="(&(phpgwAccountType=g)(memberuid=".$uid."))";
1668	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1669	$entry = ldap_get_entries($this->ldap, $search);
1670	$array_mod_add['memberUid'] = $new_uid;
1671	$array_mod_del['memberUid'] = $uid;
1672
1673	for ($i=0; $i<=$entry['count']; $i++)
1674	{
1675	$dn = $entry[$i]['dn'];
1676	@ldap_mod_add ( $this->ldap, $dn, $array_mod_add);
1677	@ldap_mod_del ( $this->ldap, $dn, $array_mod_del);
1678	}
1679	return $return;
1680	}
1681
1682	function rename_cn($cn, $new_cn)
1683	{
1684	$return['status'] = true;
1685
1686	$justthese = array("dn");
1687	$filter="(&(phpgwAccountType=g)(uid=".$cn."))";
1688	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1689	$entry = ldap_get_entries($this->ldap, $search);
1690	$dn = $entry[0]['dn'];
1691
1692	$explode_dn = ldap_explode_dn($dn, 0);
1693	$rdn = "cn=" . $new_cn;
1694
1695	$parent = array();
1696	for ($j=1; $j<(count($explode_dn)-1); $j++)
1697	$parent[] = $explode_dn[$j];
1698	$parent = implode(",", $parent);
1699
1700	$return['new_dn'] = $rdn . ',' . $parent;
1701
1702	if (!@ldap_rename($this->ldap, $dn, $rdn, $parent, false))
1703	{
1704	$return['status'] = false;
1705	}
1706
1707	return $return;
1708	}
1709
1710	function exist_sambadomains($contexts, $sambaDomainName)
1711	{
1712	$justthese = array("dn");
1713	$filter="(&(objectClass=sambaDomain)(sambaDomainName=$sambaDomainName))";
1714
1715	foreach ($contexts as $index=>$context)
1716	{
1717	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1718	$entry = ldap_get_entries($this->ldap, $search);
1719
1720	if ($entry['count'])
1721	return true;
1722	}
1723	return false;
1724	}
1725
1726	// Primeiro nilvel de organização.
1727	function exist_sambadomains_in_context($params)
1728	{
1729	$dn = $GLOBALS['phpgw_info']['server']['ldap_context'];
1730	$array_dn = ldap_explode_dn ( $dn, 0 );
1731
1732	$context = $params['context'];
1733	$array_context = ldap_explode_dn ( $context, 0 );
1734
1735	// Pego o setor no caso do contexto ser um sub-setor.
1736	if (($array_dn['count']+1) < ($array_context['count']))
1737	{
1738	// inverto o array_dn para poder retirar o count
1739	$array_dn_reverse = array_reverse ( $array_dn, false );
1740
1741	//retiro o count
1742	array_pop($array_dn_reverse);
1743
1744	//incluo o setor no dn
1745	array_push ( $array_dn_reverse, $array_context[ $array_context['count'] - 1 - $array_dn['count']]);
1746
1747	// Volto a ordem natural
1748	$array_dn = array_reverse ( $array_dn_reverse, false );
1749
1750	// Implodo
1751	$context = implode ( ",", $array_dn );
1752	}
1753
1754	$justthese = array("dn","sambaDomainName");
1755	$filter="(objectClass=sambaDomain)";
1756	$search = ldap_list($this->ldap, $context, $filter, $justthese);
1757	$entry = ldap_get_entries($this->ldap, $search);
1758
1759	for ($i=0; $i<$entry['count']; $i++)
1760	{
1761	$return['sambaDomains'][$i] = $entry[$i]['sambadomainname'][0];
1762	}
1763
1764	if ($entry['count'])
1765	$return['status'] = true;
1766	else
1767	$return['status'] = false;
1768
1769	return $return;
1770	}
1771	function exist_domain_name_sid($sambadomainname, $sambasid)
1772	{
1773	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
1774
1775	$justthese = array("dn","sambaDomainName");
1776	$filter="(&(objectClass=sambaDomain)(sambaSID=$sambasid)(sambaDomainName=$sambadomainname))";
1777	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1778	$count_entries = ldap_count_entries($this->ldap, $search);
1779
1780	if ($count_entries > 0)
1781	return true;
1782	else
1783	return false;
1784	}
1785
1786	function add_sambadomain($sambadomainname, $sambasid, $context)
1787	{
1788	$result = array();
1789
1790	$dn = "sambaDomainName=$sambadomainname,$context";
1791	$entry['sambaSID'] = $sambasid;
1792	$entry['objectClass'] = 'sambaDomain';
1793	$entry['sambaAlgorithmicRidBase'] = '1000';
1794	$entry['sambaDomainName'] = $sambadomainname;
1795
1796	if (!@ldap_add ( $this->ldap, $dn, $entry ))
1797	{
1798	$return['status'] = false;
1799	$return['msg'] = "Erro ao adicionar Samba Domain";
1800	}
1801	else
1802	$return['status'] = true;
1803
1804	return $return;
1805	}
1806
1807	function delete_sambadomain($sambadomainname)
1808	{
1809	$return['status'] = true;
1810	$filter="(sambaDomainName=$sambadomainname)";
1811	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter);
1812	$entry = ldap_get_entries($this->ldap, $search);
1813
1814	if ($entry['count'] != 0)
1815	{
1816	$dn = $entry[0]['dn'];
1817
1818	if (!@ldap_delete($this->ldap, $dn))
1819	{
1820	$return['status'] = false;
1821	$return['msg'] .= "Erro em ldap_funcitons->delete_sambadomain ($sambadomainname).\nRetorno do servidor: " . ldap_error($this->ldap);
1822	}
1823	}
1824
1825	return $return;
1826	}
1827
1828	function search_user($params)
1829	{
1830	$search = $params['search'];
1831	$justthese = array("cn","uid", "mail");
1832	$users_list=ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], "(&(phpgwAccountType=u) (\|(cn=$search)(mail=$search*)) )", $justthese);
1833
1834	if (ldap_count_entries($this->ldap, $users_list) == 0)
1835	{
1836	$return['status'] = 'false';
1837	$return['msg'] = 'Nenhum resultado encontrado.';
1838	return $return;
1839	}
1840
1841	ldap_sort($this->ldap, $users_list, "cn");
1842
1843	$entries = ldap_get_entries($this->ldap, $users_list);
1844
1845	$options = '';
1846	for ($i=0; $i<$entries['count']; $i++)
1847	{
1848	$options .= "<option value=" . $entries[$i]['uid'][0] . ">" . $entries[$i]['cn'][0] . " (".$entries[$i]['mail'][0].")" . "</option>";
1849	}
1850
1851	return $options;
1852	}
1853
1854	function create_institutional_accounts($params)
1855	{
1856	/* Begin: Access verification */
1857	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'add_institutional_accounts'))
1858	{
1859	$return['status'] = false;
1860	$return['msg'] = $this->functions->lang('You do not have right to create institutional accounts') . ".";
1861	return $return;
1862	}
1863
1864	$access_granted = false;
1865	foreach ($this->manager_contexts as $idx=>$manager_context)
1866	{
1867	if (stristr($params['context'], $manager_context))
1868	{
1869	$access_granted = true;
1870	break;
1871	}
1872	}
1873	if (!$access_granted)
1874	{
1875	$return['status'] = false;
1876	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
1877	return $return;
1878	}
1879	/* End: Access verification */
1880
1881	/* Begin: Validation */
1882	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
1883	{
1884	$result['status'] = false;
1885	$result['msg'] = $this->functions->lang('Field mail or name is empty');
1886	return $result;
1887	}
1888
1889	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
1890	{
1891	$result['status'] = false;
1892	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
1893	return $result;
1894	}
1895
1896	$uid = 'institutional_account_' . $params['mail'];
1897	$dn = "uid=$uid," . $params['context'];
1898
1899	$filter = "(mail=".$params['mail'].")";
1900	$justthese = array("cn");
1901	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1902	$entries = @ldap_get_entries($this->ldap,$search);
1903	if ($entries['count'] != 0)
1904	{
1905	$result['status'] = false;
1906	$result['msg'] = $this->functions->lang('Field mail already in use');
1907	return $result;
1908	}
1909	/* End: Validation */
1910
1911	$info = array();
1912	$info['cn'] = $params['cn'];
1913	$info['sn'] = $params['cn'];
1914	$info['uid'] = $uid;
1915	$info['mail'] = $params['mail'];
1916	$info['phpgwAccountType'] = 'i';
1917	$info['objectClass'][] = 'inetOrgPerson';
1918	$info['objectClass'][] = 'phpgwAccount';
1919	$info['objectClass'][] = 'top';
1920	$info['objectClass'][] = 'person';
1921	$info['objectClass'][] = 'qmailUser';
1922	$info['objectClass'][] = 'organizationalPerson';
1923
1924	if ($params['accountStatus'] == 'on')
1925	{
1926	$info['accountStatus'] = 'active';
1927	}
1928	if ($params['phpgwAccountVisible'] == 'on')
1929	{
1930	$info['phpgwAccountVisible'] = '-1';
1931	}
1932
1933	if (!empty($params['owners']))
1934	{
1935	foreach($params['owners'] as $index=>$uidnumber)
1936	{
1937	$info['mailForwardingAddress'][] = $this->uidnumber2mail($uidnumber);
1938	}
1939	}
1940
1941	$result = array();
1942	if (!@ldap_add ( $this->ldap, $dn, $info ))
1943	{
1944	$result['status'] = false;
1945	$result['msg'] = $this->functions->lang('Error in function') . ' ldap_functions->create_institutional_accounts';
1946	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
1947	}
1948	else
1949	$result['status'] = true;
1950
1951	return $result;
1952	}
1953
1954	function save_institutional_accounts($params)
1955	{
1956	/* Begin: Access verification */
1957	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_institutional_accounts'))
1958	{
1959	$return['status'] = false;
1960	$return['msg'] = $this->functions->lang('You do not have right to edit institutional accounts') . ".";
1961	return $return;
1962	}
1963	$access_granted = false;
1964	foreach ($this->manager_contexts as $idx=>$manager_context)
1965	{
1966	if (stristr($params['context'], $manager_context))
1967	{
1968	$access_granted = true;
1969	break;
1970	}
1971	}
1972	if (!$access_granted)
1973	{
1974	$return['status'] = false;
1975	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
1976	return $return;
1977	}
1978	/* End: Access verification */
1979
1980	/* Begin: Validation */
1981	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
1982	{
1983	$result['status'] = false;
1984	$result['msg'] = $this->functions->lang('Field mail or name is empty') . '.';
1985	return $result;
1986	}
1987
1988	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
1989	{
1990	$result['status'] = false;
1991	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
1992	return $result;
1993	}
1994
1995	$uid = 'institutional_account_' . $params['mail'];
1996	$dn = strtolower("uid=$uid," . $params['context']);
1997	$anchor = strtolower($params['anchor']);
1998
1999	$filter = "(mail=".$params['mail'].")";
2000	$justthese = array("cn");
2001	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2002	$entries = @ldap_get_entries($this->ldap,$search);
2003
2004	if ( ($entries['count'] > 1) \|\| (($entries['count'] == 1) && ($entries[0]['dn'] != $anchor)) )
2005	{
2006	$result['status'] = false;
2007	$result['msg'] = $this->functions->lang('Field mail already in use.');
2008	return $result;
2009	}
2010	/* End: Validation */
2011
2012	$result = array();
2013	$result['status'] = true;
2014
2015	if ($anchor != $dn)
2016	{
2017	if (!@ldap_rename($this->ldap, $anchor, "uid=$uid", $params['context'], true))
2018	{
2019	$result['status'] = false;
2020	$result['msg'] = $this->functions->lang('Error in function') . ' ldap_functions->save_institutional_accounts: ldap_rename';
2021	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2022	}
2023	}
2024
2025	$info = array();
2026	$info['cn'] = $params['cn'];
2027	$info['sn'] = $params['cn'];
2028	$info['uid'] = $uid;
2029	$info['mail'] = $params['mail'];
2030
2031	if ($params['accountStatus'] == 'on')
2032	$info['accountStatus'] = 'active';
2033	else
2034	$info['accountStatus'] = array();
2035
2036	if ($params['phpgwAccountVisible'] == 'on')
2037	$info['phpgwAccountVisible'] = '-1';
2038	else
2039	$info['phpgwAccountVisible'] = array();
2040
2041	if (!empty($params['owners']))
2042	{
2043	foreach($params['owners'] as $index=>$uidnumber)
2044	{
2045	$mailForwardingAddress = $this->uidnumber2mail($uidnumber);
2046	if ($mailForwardingAddress != '')
2047	$info['mailForwardingAddress'][] = $mailForwardingAddress;
2048	}
2049	}
2050	else
2051	$info['mailForwardingAddress'] = array();
2052
2053	if (!@ldap_modify ( $this->ldap, $dn, $info ))
2054	{
2055	$result['status'] = false;
2056	$result['msg'] = $this->functions->lang('Error in function') . ' ldap_functions->save_institutional_accounts: ldap_modify';
2057	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2058	}
2059
2060	return $result;
2061	}
2062
2063	function get_institutional_accounts($params)
2064	{
2065	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'list_institutional_accounts'))
2066	{
2067	$return['status'] = false;
2068	$return['msg'] = $this->functions->lang('You do not have right to list institutional accounts') . ".";
2069	return $return;
2070	}
2071
2072	$input = $params['input'];
2073	$justthese = array("cn", "mail", "uid");
2074	$trs = array();
2075
2076	foreach ($this->manager_contexts as $idx=>$context)
2077	{
2078	$institutional_accounts = ldap_search($this->ldap, $context, ("(&(phpgwAccountType=i)(\|(mail=$input)(cn=$input*)))"), $justthese);
2079	$entries = ldap_get_entries($this->ldap, $institutional_accounts);
2080
2081	for ($i=0; $i<$entries['count']; $i++)
2082	{
2083	$tr = "<tr class='normal' onMouseOver=this.className='selected' onMouseOut=this.className='normal'><td onClick=edit_institutional_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['cn'][0] . "</td><td onClick=edit_institutional_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['mail'][0] . "</td><td align='center' onClick=delete_institutional_accounts('".$entries[$i]['uid'][0]."')><img HEIGHT='16' WIDTH='16' src=./expressoAdmin1_2/templates/default/images/delete.png></td></tr>";
2084	$trs[$tr] = $entries[$i]['cn'][0];
2085	}
2086	}
2087
2088	$trs_string = '';
2089	if (count($trs))
2090	{
2091	natcasesort($trs);
2092	foreach ($trs as $tr=>$cn)
2093	{
2094	$trs_string .= $tr;
2095	}
2096	}
2097
2098	$return['status'] = 'true';
2099	$return['trs'] = $trs_string;
2100	return $return;
2101	}
2102
2103	function get_institutional_account_data($params)
2104	{
2105	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_institutional_accounts'))
2106	{
2107	$return['status'] = false;
2108	$return['msg'] = $this->functions->lang('You do not have right to list institutional accounts') . ".";
2109	return $return;
2110	}
2111
2112	$uid = $params['uid'];
2113	$justthese = array("accountStatus", "phpgwAccountVisible", "cn", "mail", "mailForwardingAddress");
2114
2115	$institutional_accounts = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=i)(uid=$uid))"), $justthese);
2116	$entrie = ldap_get_entries($this->ldap, $institutional_accounts);
2117
2118	if ($entrie['count'] != 1)
2119	{
2120	$return['status'] = 'false';
2121	$return['msg'] = 'Problemas carregando dados.';
2122	}
2123	else
2124	{
2125	$tmp_user_context = split(",", $entrie[0]['dn']);
2126	$tmp_reverse_user_context = array_reverse($tmp_user_context);
2127	array_pop($tmp_reverse_user_context);
2128	$return['user_context'] = implode(",", array_reverse($tmp_reverse_user_context));
2129
2130	$return['status'] = 'true';
2131	$return['accountStatus'] = $entrie[0]['accountstatus'][0];
2132	$return['phpgwAccountVisible'] = $entrie[0]['phpgwaccountvisible'][0];
2133	$return['cn'] = $entrie[0]['cn'][0];
2134	$return['mail'] = $entrie[0]['mail'][0];
2135
2136	if ($entrie[0]['mailforwardingaddress']['count'] > 0)
2137	{
2138	$a_cn = array();
2139	for ($i=0; $i<$entrie[0]['mailforwardingaddress']['count']; $i++)
2140	{
2141	$tmp = $this->mailforwardingaddress2uidnumber($entrie[0]['mailforwardingaddress'][$i]);
2142	if (!$tmp) {}
2143	else
2144	$a_cn[$tmp['uidnumber']] = $tmp['cn'];
2145	}
2146	natcasesort($a_cn);
2147	foreach($a_cn as $uidnumber => $cn)
2148	{
2149	$return['owners'] .= '<option value='. $uidnumber .'>' . $cn . '</option>';
2150	}
2151	}
2152	}
2153
2154	return $return;
2155	}
2156
2157	function mailforwardingaddress2uidnumber($mail)
2158	{
2159	$justthese = array("uidnumber","cn");
2160	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=u)(mail=$mail))"), $justthese);
2161	$entrie = ldap_get_entries($this->ldap, $search);
2162	if ($entrie['count'] != 1)
2163	return false;
2164	else
2165	{
2166	$return['uidnumber'] = $entrie[0]['uidnumber'][0];
2167	$return['cn'] = $entrie[0]['cn'][0];
2168	return $return;
2169	}
2170	}
2171
2172	function delete_institutional_account_data($params)
2173	{
2174	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'remove_institutional_accounts'))
2175	{
2176	$return['status'] = false;
2177	$return['msg'] = $this->functions->lang('You do not have right to delete institutional accounts') . ".";
2178	return $return;
2179	}
2180
2181	$uid = $params['uid'];
2182	$return['status'] = true;
2183
2184	$justthese = array("cn");
2185	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=i)(uid=$uid))"), $justthese);
2186	$entrie = ldap_get_entries($this->ldap, $search);
2187	if ($entrie['count'] > 1)
2188	{
2189	$return['status'] = false;
2190	$return['msg'] = $this->functions->lang('More then one uid was found');
2191	return $return;
2192	}
2193	if ($entrie['count'] == 0)
2194	{
2195	$return['status'] = false;
2196	$return['msg'] = $this->functions->lang('No uid was found');
2197	return $return;
2198	}
2199
2200	$dn = $entrie[0]['dn'];
2201	if (!@ldap_delete($this->ldap, $dn))
2202	{
2203	$return['status'] = false;
2204	$return['msg'] = $this->functions->lang('Error in function') . " ldap_functions->delete_institutional_accounts: ldap_delete";
2205	$return['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2206	return $return;
2207	}
2208
2209	return $return;
2210	}
2211
2212	function replace_mail_from_institutional_account($newMail, $oldMail)
2213	{
2214	$filter = "(&(phpgwAccountType=i)(mailforwardingaddress=$oldMail))";
2215	$justthese = array("dn");
2216	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2217	$entries = ldap_get_entries($this->ldap, $search);
2218	$result['status'] = true;
2219	for ($i=0; $i<$entries['count']; $i++)
2220	{
2221	$attrs['mailforwardingaddress'] = $oldMail;
2222	$res1 = @ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs);
2223	$attrs['mailforwardingaddress'] = $newMail;
2224	$res2 = @ldap_mod_add($this->ldap, $entries[$i]['dn'], $attrs);
2225
2226	if ((!$res1) \|\| (!$res2))
2227	{
2228	$result['status'] = false;
2229	$return['msg'] = $this->functions->lang('Error in function') . " ldap_functions->replace_mail_from_institutional_account.";
2230	}
2231	}
2232
2233	return $result;
2234	}
2235	}
2236	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: