Context Navigation

source: trunk/expressoAdmin1_2/inc/class.user.inc.php @ 5773

Revision 5773, 45.5 KB checked in by gustavo, 12 years ago (diff)
Ticket #2398 - Compatibilizacao com PHP-5.3 em alguns módulos do expresso
Property svn:eol-style set to `native` Property svn:executable set to ``*

Rev	Line
[2]	1	<?php
	2	/**********************************************************************************\
	3	* Expresso Administração *
	4	* by Joao Alfredo Knopik Junior (joao.alfredo@gmail.com, jakjr@celepar.pr.gov.br) *
	5	* --------------------------------------------------------------------------------*
	6	* This program is free software; you can redistribute it and/or modify it *
	7	* under the terms of the GNU General Public License as published by the *
	8	* Free Software Foundation; either version 2 of the License, or (at your *
	9	* option) any later version. *
	10	\**********************************************************************************/
	11
	12	include_once('class.ldap_functions.inc.php');
	13	include_once('class.db_functions.inc.php');
	14	include_once('class.imap_functions.inc.php');
	15	include_once('class.functions.inc.php');
	16
	17	class user
	18	{
	19	var $ldap_functions;
	20	var $db_functions;
	21	var $imap_functions;
	22	var $functions;
	23	var $current_config;
	24
	25	function user()
	26	{
	27	$this->ldap_functions = new ldap_functions;
	28	$this->db_functions = new db_functions;
	29	$this->imap_functions = new imap_functions;
	30	$this->functions = new functions;
	31	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
	32	}
	33
	34	function create($params)
	35	{
	36	$return['status'] = true;
	37
	38	// Verifica o acesso do gerente
	39	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'add_users'))
	40	{
	41	// Adiciona a organização na frente do uid.
	42	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
	43	{
	44	$context_dn = ldap_explode_dn(strtolower($GLOBALS['phpgw_info']['server']['ldap_context']), 1);
	45
	46	$explode_dn = ldap_explode_dn(strtolower($params['context']), 1);
	47	$explode_dn = array_reverse($explode_dn);
	48	//$params['uid'] = $explode_dn[3] . '-' . $params['uid'];
	49	$params['uid'] = $explode_dn[$context_dn['count']] . '-' . $params['uid'];
	50	}
	51
[69]	52	// Leio o ID a ser usado na criação do objecto. Esta função já incrementa o ID no BD.
[64]	53	$next_id = ($this->db_functions->get_next_id('accounts'));
	54	if ((!is_numeric($next_id['id'])) \|\| (!$next_id['status']))
	55	{
	56	$return['status'] = false;
[507]	57	$return['msg'] = $this->functions->lang('problems getting user id') . ".\n" . $id['msg'];
[64]	58	return $return;
	59	}
	60	else
	61	{
	62	$id = $next_id['id'];
	63	}
[2]	64
	65	// Cria array para incluir no LDAP
[27]	66	$dn = 'uid=' . $params['uid'] . ',' . $params['context'];
[2]	67
	68	$user_info = array();
	69	$user_info['accountStatus'] = $params['accountstatus'] == 1 ? 'active' : 'desactive';
	70	$user_info['cn'] = $params['givenname'] . ' ' . $params['sn'];
	71	$user_info['gidNumber'] = $params['gidnumber'];
	72	$user_info['givenName'] = $params['givenname'];
	73	$user_info['homeDirectory'] = '/home/' . $params['uid'];
	74	$user_info['mail'] = $params['mail'];
	75	$user_info['objectClass'][] = 'posixAccount';
	76	$user_info['objectClass'][] = 'inetOrgPerson';
	77	$user_info['objectClass'][] = 'shadowAccount';
	78	$user_info['objectClass'][] = 'qmailuser';
	79	$user_info['objectClass'][] = 'phpgwAccount';
	80	$user_info['objectClass'][] = 'top';
	81	$user_info['objectClass'][] = 'person';
	82	$user_info['objectClass'][] = 'organizationalPerson';
	83	$user_info['phpgwAccountExpires'] = '-1';
	84	$user_info['phpgwAccountType'] = 'u';
	85	$user_info['sn'] = $params['sn'];
	86	$user_info['uid'] = $params['uid'];
	87	$user_info['uidnumber'] = $id;
	88	$user_info['userPassword'] = '{md5}' . base64_encode(pack("H*",md5($params['password1'])));
[46]	89
[72]	90	if ($params['passwd_expired'] == '1')
	91	$user_info['phpgwLastPasswdChange'] = '0';
	92
[46]	93	// Gerenciar senhas RFC2617
	94	if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true')
	95	{
	96	$realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617'];
	97	$uid = $user_info['uid'];
	98	$password = $params['password1'];
	99	$user_info['userPasswordRFC2617'] = $realm . ': ' . md5("$uid:$realm:$password");
	100	}
	101
[2]	102	if ($params['phpgwaccountstatus'] == '1')
	103	$user_info['phpgwAccountStatus'] = 'A';
	104
	105	if ($params['departmentnumber'] != '')
	106	$user_info['departmentnumber'] = $params['departmentnumber'];
	107
	108	if ($params['telephonenumber'] != '')
	109	$user_info['telephoneNumber'] = $params['telephonenumber'];
	110
	111	// Cria user_info no caso de ter alias e forwarding email.
[81]	112	foreach ($params['mailalternateaddress'] as $index=>$mailalternateaddress)
	113	{
	114	if ($mailalternateaddress != '')
	115	$user_info['mailAlternateAddress'][] = $mailalternateaddress;
	116	}
[2]	117
[81]	118	foreach ($params['mailforwardingaddress'] as $index=>$mailforwardingaddress)
	119	{
	120	if ($mailforwardingaddress != '')
	121	$user_info['mailForwardingAddress'][] = $mailforwardingaddress;
	122	}
[2]	123
	124	if ($params['deliverymode'])
	125	$user_info['deliveryMode'] = 'forwardOnly';
	126
	127	//Ocultar da pesquisa e do catálogo
	128	if ($params['phpgwaccountvisible'])
	129	$user_info['phpgwAccountVisible'] = '-1';
	130
	131	// Suporte ao SAMBA
	132	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($params['use_attrs_samba'] == 'on'))
	133	{
[317]	134
	135	// Qualquer um que crie um usuário, deve ter permissão para adicionar a senha samba.
[63]	136	// Verifica o acesso do gerente aos atributos samba
[317]	137	//if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes'))
	138	//{
[63]	139	//Verifica se o binario para criar as senhas do samba exite.
	140	if (!is_file('/home/expressolivre/mkntpwd'))
	141	{
	142	$return['status'] = false;
[493]	143	$return['msg'] .=
[507]	144	$this->functions->lang("the binary file /home/expressolivre/mkntpwd does not exist") . ".\\n" .
	145	$this->functions->lang("it is needed to create samba passwords") . ".\\n" .
	146	$this->functions->lang("alert your administrator about this") . ".";
[63]	147	}
	148	else
	149	{
	150	$user_info['objectClass'][] = 'sambaSamAccount';
	151	$user_info['loginShell'] = '/bin/bash';
	152
	153	$user_info['sambaSID'] = $params['sambadomain'] . '-' . ((2 * $id)+1000);
	154	$user_info['sambaPrimaryGroupSID'] = $params['sambadomain'] . '-' . ((2 * $user_info['gidNumber'])+1001);
[27]	155
[63]	156	$user_info['sambaAcctFlags'] = $params['sambaacctflags'];
[2]	157
[63]	158	$user_info['sambaLogonScript'] = $params['sambalogonscript'];
	159	$user_info['homeDirectory'] = $params['sambahomedirectory'];
[2]	160
[528]	161	$user_info['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L "'.$params['password1'] . '"');
	162	$user_info['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N "'.$params['password1'] . '"');
	163
[63]	164	$user_info['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
[2]	165
[63]	166	$user_info['sambaPwdCanChange'] = strtotime("now");
	167	$user_info['sambaPwdLastSet'] = strtotime("now");
	168	$user_info['sambaPwdMustChange'] = '2147483647';
	169	}
[317]	170	//}
[2]	171	}
[63]	172
	173	// Verifica o acesso do gerente aos atributos corporativos
	174	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
	175	{
[379]	176	//retira caracteres que não são números.
[5773]	177	$params['corporative_information_cpf'] = preg_replace('/[^0-9]/', '', $params['corporative_information_cpf']);
[438]	178	//description
[520]	179	$params['corporative_information_description'] = utf8_encode($params['corporative_information_description']);
[63]	180	foreach ($params as $atribute=>$value)
	181	{
[64]	182	$pos = strstr($atribute, 'corporative_information_');
[63]	183	if ($pos !== false)
	184	{
	185	if ($params[$atribute])
	186	{
	187	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
	188	$user_info[$ldap_atribute] = $params[$atribute];
	189	}
	190	}
	191	}
	192	}
	193
[2]	194	$result = $this->ldap_functions->ldap_add_entry($dn, $user_info);
	195	if (!$result['status'])
	196	{
	197	$return['status'] = false;
	198	$return['msg'] .= $result['msg'];
	199	}
	200
	201	// Chama funcao para salvar foto no OpenLDAP.
[107]	202	if ( ($_FILES['photo']['name'] != '') && ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_picture')) )
[2]	203	{
	204	$result = $this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name']);
	205	if (!$result['status'])
	206	{
	207	$return['status'] = false;
	208	$return['msg'] .= $result['msg'];
	209	}
	210	}
	211
	212	//GROUPS
	213	if ($params['groups'])
	214	{
	215	foreach ($params['groups'] as $gidnumber)
	216	{
	217	$result = $this->ldap_functions->add_user2group($gidnumber, $user_info['uid']);
	218	if (!$result['status'])
	219	{
	220	$return['status'] = false;
	221	$return['msg'] .= $result['msg'];
	222	}
	223	$result = $this->db_functions->add_user2group($gidnumber, $id);
	224	if (!$result['status'])
	225	{
	226	$return['status'] = false;
	227	$return['msg'] .= $result['msg'];
	228	}
	229	}
	230	}
	231
	232	// Inclusao do Mail do usuário nas listas de email selecionadas.
	233	if ($params['maillists'])
	234	{
[208]	235	foreach($params['maillists'] as $uid)
[2]	236	{
[208]	237	$result = $this->ldap_functions->add_user2maillist($uid, $user_info['mail']);
[2]	238	if (!$result['status'])
	239	{
	240	$return['status'] = false;
	241	$return['msg'] .= $result['msg'];
	242	}
	243	}
	244	}
	245
	246	// APPS
	247	if (count($params['apps']))
	248	{
	249	$result = $this->db_functions->add_id2apps($id, $params['apps']);
	250	if (!$result['status'])
	251	{
	252	$return['status'] = false;
	253	$return['msg'] .= $result['msg'];
	254	}
	255	}
	256
	257	// Chama funcao para incluir no pgsql as preferencia de alterar senha.
	258	if ($params['changepassword'])
	259	{
	260	$result = $this->db_functions->add_pref_changepassword($id);
	261	if (!$result['status'])
	262	{
	263	$return['status'] = false;
	264	$return['msg'] .= $result['msg'];
	265	}
	266	}
	267
	268	// Chama funcao para criar mailbox do usuario, no imap-cyrus.
	269	$result = $this->imap_functions->create($params['uid'], $params['mailquota']);
	270	if (!$result['status'])
	271	{
	272	$return['status'] = false;
	273	$return['msg'] .= $result['msg'];
	274	}
	275
[414]	276	$this->db_functions->write_log("created user",$dn);
[2]	277	}
	278
	279	return $return;
	280	}
	281
	282	function save($new_values)
	283	{
	284	$return['status'] = true;
	285
[64]	286	$old_values = $this->get_user_info($new_values['uidnumber']);
	287
[2]	288	$dn = 'uid=' . $old_values['uid'] . ',' . strtolower($old_values['context']);
[379]	289
	290	//retira caracteres que não são números.
[5773]	291	$new_values['corporative_information_cpf'] = preg_replace('/[^0-9]/', '', $new_values['corporative_information_cpf']);
[379]	292
[2]	293	$diff = array_diff($new_values, $old_values);
[81]	294
[72]	295	/*
	296	echo '<pre>';
	297	echo '--- OLD: ';
[81]	298	print_r($old_values);
[72]	299	echo '<br>--- NEW: ';
[81]	300	print_r($new_values);
[72]	301	echo '<br>';
[438]	302	exit;
	303	*/
[81]	304
[32]	305	$manager_account_lid = $_SESSION['phpgw_session']['session_lid'];
	306	if ((!$this->functions->check_acl($manager_account_lid,'edit_users')) &&
	307	(!$this->functions->check_acl($manager_account_lid,'change_users_password')) &&
[64]	308	(!$this->functions->check_acl($manager_account_lid,'edit_sambausers_attributes')) &&
[317]	309	(!$this->functions->check_acl($manager_account_lid,'manipulate_corporative_information')) &&
	310	(!$this->functions->check_acl($manager_account_lid,'edit_users_phonenumber'))
[32]	311	)
	312	{
	313	$return['status'] = false;
[507]	314	$return['msg'] = $this->functions->lang('You do not have access to edit user informations') . '.';
[32]	315	return $return;
	316	}
	317
[438]	318	// Check manager access
[2]	319	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	320	{
	321	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	322	// Change user organization
	323	if ($diff['context'])
	324	{
[355]	325	if (strcasecmp($old_values['context'], $new_values['context']) != 0)
[2]	326	{
[355]	327	$newrdn = 'uid=' . $new_values['uid'];
	328	$newparent = $new_values['context'];
	329	$result = $this->ldap_functions->change_user_context($dn, $newrdn, $newparent);
	330	if (!$result['status'])
	331	{
	332	$return['status'] = false;
	333	$return['msg'] .= $result['msg'];
	334	}
	335	else
	336	{
	337	$dn = $newrdn . ',' . $newparent;
[414]	338	$this->db_functions->write_log('modified user context', $dn . ': ' . $old_values['uid'] . '->' . $new_values['context']);
[355]	339	}
[2]	340	}
	341	}
	342
	343	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	344	// REPLACE some attributes
	345	if ($diff['givenname'])
	346	{
	347	$ldap_mod_replace['givenname'] = $new_values['givenname'];
	348	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
[414]	349	$this->db_functions->write_log("modified first name", "$dn: " . $old_values['givenname'] . "->" . $new_values['givenname']);
[2]	350	}
	351	if ($diff['sn'])
	352	{
	353	$ldap_mod_replace['sn'] = $new_values['sn'];
	354	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
[414]	355	$this->db_functions->write_log("modified last name", "$dn: " . $old_values['sn'] . "->" . $new_values['sn']);
[2]	356	}
	357	if ($diff['mail'])
	358	{
	359	$ldap_mod_replace['mail'] = $new_values['mail'];
	360	$this->ldap_functions->replace_user2maillists($new_values['mail'], $old_values['mail']);
[317]	361	$this->ldap_functions->replace_mail_from_institutional_account($new_values['mail'], $old_values['mail']);
[414]	362	$this->db_functions->write_log("modified user email", "$dn: " . $old_values['mail'] . "->" . $new_values['mail']);
[2]	363	}
[72]	364	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	365	// Passwd Expired - Com atributo
[414]	366	if (($old_values['passwd_expired'] != 0) && ($new_values['passwd_expired'] == '1'))
[72]	367	{
	368	$ldap_mod_replace['phpgwlastpasswdchange'] = '0';
[414]	369	$this->db_functions->write_log("Expired user password","$dn");
[72]	370	}
[2]	371	}
	372
	373	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	374	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'change_users_password')) )
	375	{
	376	if ($diff['password1'])
	377	{
	378	$ldap_mod_replace['userPassword'] = '{md5}' . base64_encode(pack("H*",md5($new_values['password1'])));
[46]	379
[2]	380	// Suporte ao SAMBA
	381	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	382	{
[528]	383	$ldap_mod_replace['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L "'.$new_values['password1'] . '"');
	384	$ldap_mod_replace['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N "'.$new_values['password1'] . '"');
[2]	385	}
[46]	386
	387	// Gerenciar senhas RFC2617
	388	if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true')
	389	{
	390	$realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617'];
	391	$uid = $new_values['uid'];
	392	$password = $new_values['password1'];
	393	$passUserRFC2617 = $realm . ': ' . md5("$uid:$realm:$password");
	394
	395	if ($old_values['userPasswordRFC2617'] != '')
	396	$ldap_mod_replace['userPasswordRFC2617'] = $passUserRFC2617;
	397	else
	398	$ldap_add['userPasswordRFC2617'] = $passUserRFC2617;
	399	}
	400
[414]	401	$this->db_functions->write_log("modified user password",$dn);
[2]	402	}
	403	}
[317]	404
	405	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	406	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_phonenumber')) )
	407	{
	408	if (($diff['telephonenumber']) && ($old_values['telephonenumber'] != ''))
	409	{
[3161]	410	$ldap_mod_replace['telephonenumber'] = $new_values['telephonenumber'];
	411	$this->db_functions->write_log('modified user telephonenumber', $dn . ': ' . $old_values['telephonenumber'] . '->' . $new_values['telephonenumber']);
[5133]	412	$ldap_mod_replace['telephonenumber'] = $new_values['telephonenumber'];
	413	$this->db_functions->write_log('modified user telephonenumber', $dn . ': ' . $old_values['telephonenumber'] . '->' . $new_values['telephonenumber']);
[317]	414	}
[3161]	415	else if (($old_values['telephonenumber'] != '') && ($new_values['telephonenumber'] == ''))
	416	{
	417	$ldap_remove['telephonenumber'] = array();
	418	$this->db_functions->write_log("removed user phone",$dn);
	419	}
	420	else if (($old_values['telephonenumber'] == '') && ($new_values['telephonenumber'] != ''))
	421	{
	422	$ldap_add['telephonenumber'] = $new_values['telephonenumber'];
	423	$this->db_functions->write_log("added user phone",$dn);
	424	}
[317]	425	}
[63]	426
	427	// REPLACE, ADD & REMOVE COPORATIVEs ATRIBUTES
	428	// Verifica o acesso do gerente aos atributos corporativos
[64]	429
	430	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	431	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information')) )
[63]	432	{
	433	foreach ($new_values as $atribute=>$value)
	434	{
[64]	435	$pos = strstr($atribute, 'corporative_information_');
[63]	436	if ($pos !== false)
	437	{
	438	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
[414]	439	// REPLACE CORPORATIVE ATTRIBUTES
[63]	440	if (($diff[$atribute]) && ($old_values[$atribute] != ''))
	441	{
	442	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
[414]	443	$ldap_mod_replace[$ldap_atribute] = utf8_encode($new_values[$atribute]);
	444	$this->db_functions->write_log('modified user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	445	}
[414]	446	//ADD CORPORATIVE ATTRIBUTES
[63]	447	elseif (($old_values[$atribute] == '') && ($new_values[$atribute] != ''))
	448	{
[414]	449	$ldap_add[$ldap_atribute] = utf8_encode($new_values[$atribute]);
	450	$this->db_functions->write_log('added user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	451	}
[414]	452	//REMOVE CORPORATIVE ATTRIBUTES
[63]	453	elseif (($old_values[$atribute] != '') && ($new_values[$atribute] == ''))
	454	{
	455	$ldap_remove[$ldap_atribute] = array();
[414]	456	$this->db_functions->write_log('removed user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	457	}
	458	}
	459	}
	460	}
	461
[2]	462	//Suporte ao SAMBA
	463	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	464	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes')) )
	465	{
[355]	466
	467	if ($diff['gidnumber'])
	468	{
	469	$ldap_mod_replace['gidnumber'] = $new_values['gidnumber'];
[414]	470	$this->db_functions->write_log('modified user primary group', $dn . ': ' . $old_values['gidnumber'] . '->' . $new_values['gidnumber']);
[355]	471	}
	472
[2]	473	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	474	{
[355]	475	if ($diff['gidnumber'])
	476	{
	477	$ldap_mod_replace['sambaPrimaryGroupSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $new_values['gidnumber'])+1001);
[414]	478	$this->db_functions->write_log('modified user sambaPrimaryGroupSID', $dn);
[355]	479	}
	480
[2]	481	if ($diff['sambaacctflags'])
	482	{
	483	$ldap_mod_replace['sambaacctflags'] = $new_values['sambaacctflags'];
[414]	484	$this->db_functions->write_log("modified user sambaacctflags",$dn);
[2]	485	}
	486	if ($diff['sambalogonscript'])
	487	{
	488	$ldap_mod_replace['sambalogonscript'] = $new_values['sambalogonscript'];
[414]	489	$this->db_functions->write_log("modified user sambalogonscript",$dn);
[2]	490	}
	491	if ($diff['sambahomedirectory'])
	492	{
	493	$ldap_mod_replace['homedirectory'] = $new_values['sambahomedirectory'];
[414]	494	$this->db_functions->write_log("modified user homedirectory",$dn);
[2]	495	}
[27]	496	if ($diff['sambadomain'])
	497	{
	498	$ldap_mod_replace['sambaSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['uidnumber'])+1000);
	499	$ldap_mod_replace['sambaPrimaryGroupSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['gidnumber'])+1001);
[414]	500	$this->db_functions->write_log('modified user samba domain', $dn . ': ' . $old_values['sambadomain'] . '->' . $new_values['sambadomain']);
[27]	501	}
[2]	502	}
	503	}
	504
	505	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[81]	506	// ADD or REMOVE some attributes
[2]	507	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[180]	508
	509	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	510	// PHOTO
	511	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_picture'))
	512	{
	513	if ($new_values['delete_photo'])
	514	{
	515	$this->ldap_functions->ldap_remove_photo($dn);
[414]	516	$this->db_functions->write_log("removed user photo",$dn);
[180]	517	}
	518	elseif ($_FILES['photo']['name'] != '')
	519	{
[283]	520
[5133]	521	if ($_FILES['photo']['size'] > 10000)
[283]	522	{
	523	$return['status'] = false;
[5133]	524	$return['msg'] .= $this->functions->lang('User photo could not be save because is bigger the 10 kb') . '.';
[283]	525	}
	526	else
	527	{
[309]	528	if ($new_values['photo_exist'])
	529	{
	530	$photo_exist = true;
[414]	531	$this->db_functions->write_log("mofified user photo",$dn);
[309]	532	}
	533	else
	534	{
	535	$photo_exist = false;
[414]	536	$this->db_functions->write_log("added user photo",$dn);
[309]	537	}
	538	$this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name'], $new_values['photo_exist'], $photo_exist);
[180]	539	}
	540	}
	541	}
[2]	542
	543	// Verifica o acesso ára adicionar ou remover tais atributos
	544	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	545	{
[72]	546	// Passwd Expired - Sem atributo
	547	if (($old_values['passwd_expired'] == '') && ($new_values['passwd_expired'] == '1'))
	548	{
	549	$ldap_add['phpgwlastpasswdchange'] = '0';
[414]	550	$this->db_functions->write_log("expired user password",$dn);
[72]	551	}
	552	if (($old_values['passwd_expired'] == '0') && ($new_values['passwd_expired'] == ''))
	553	{
	554	$ldap_remove['phpgwlastpasswdchange'] = array();
[414]	555	$this->db_functions->write_log("removed expiry from user password",$dn);
[72]	556	}
	557	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[2]	558	// PREF_CHANGEPASSWORD
	559	if (($old_values['changepassword'] == '') && ($new_values['changepassword'] != ''))
	560	{
	561	$this->db_functions->add_pref_changepassword($new_values['uidnumber']);
[414]	562	$this->db_functions->write_log("turn on changepassword",$dn);
[2]	563	}
	564	if (($old_values['changepassword'] != '') && ($new_values['changepassword'] == ''))
	565	{
	566	$this->db_functions->remove_pref_changepassword($new_values['uidnumber']);
[414]	567	$this->db_functions->write_log("turn of changepassword",$dn);
[2]	568	}
	569	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	570	// ACCOUNT STATUS
	571	if (($old_values['phpgwaccountstatus'] == '') && ($new_values['phpgwaccountstatus'] != ''))
	572	{
	573	$ldap_add['phpgwaccountstatus'] = 'A';
[414]	574	$this->db_functions->write_log("turn on user account",$dn);
[2]	575	}
	576	if (($old_values['phpgwaccountstatus'] != '') && ($new_values['phpgwaccountstatus'] == ''))
	577	{
	578	$ldap_remove['phpgwaccountstatus'] = array();
[414]	579	$this->db_functions->write_log("turn off user account",$dn);
[2]	580	}
[548]	581
	582	if ($new_values['phpgwaccountexpired'] == '1') /////////////////////////
	583	{
[621]	584	$this->db_functions->write_log("Reactivated blocked user by downtime",'',$dn,'','');
[597]	585	$this->db_functions->reactivate_inactive_user($old_values['uidnumber']);
[548]	586	}
[2]	587	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	588	// ACCOUNT VISIBLE
	589	if (($old_values['phpgwaccountvisible'] == '') && ($new_values['phpgwaccountvisible'] != ''))
	590	{
	591	$ldap_add['phpgwaccountvisible'] = '-1';
[414]	592	$this->db_functions->write_log("turn on phpgwaccountvisible",$dn);
[2]	593	}
	594	if (($old_values['phpgwaccountvisible'] != '') && ($new_values['phpgwaccountvisible'] == ''))
	595	{
	596	$ldap_remove['phpgwaccountvisible'] = array();
[414]	597	$this->db_functions->write_log("turn off phpgwaccountvisible",$dn);
[2]	598	}
	599	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	600	// Mail Account STATUS
	601	if (($old_values['accountstatus'] == '') && ($new_values['accountstatus'] != ''))
	602	{
	603	$ldap_add['accountstatus'] = 'active';
[414]	604	$this->db_functions->write_log("turn on user account email",$dn);
[2]	605	}
	606	if (($old_values['accountstatus'] != '') && ($new_values['accountstatus'] == ''))
	607	{
	608	$ldap_remove['accountstatus'] = array();
[414]	609	$this->db_functions->write_log("turn off user account email",$dn);
[2]	610	}
	611	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	612	// MAILALTERNATEADDRESS
[81]	613	if (!$new_values['mailalternateaddress'])
	614	$new_values['mailalternateaddress'] = array();
	615	if (!$old_values['mailalternateaddress'])
	616	$old_values['mailalternateaddress'] = array();
	617	$add_mailalternateaddress = array_diff($new_values['mailalternateaddress'], $old_values['mailalternateaddress']);
	618	$remove_mailalternateaddress = array_diff($old_values['mailalternateaddress'], $new_values['mailalternateaddress']);
	619	foreach ($add_mailalternateaddress as $index=>$mailalternateaddress)
	620	{
	621	if ($mailalternateaddress != '')
	622	{
	623	$ldap_add['mailalternateaddress'][] = $mailalternateaddress;
[414]	624	$this->db_functions->write_log("added mailalternateaddress","$dn: $mailalternateaddress");
[81]	625	}
	626	}
	627	foreach ($remove_mailalternateaddress as $index=>$mailalternateaddress)
	628	{
	629	if ($mailalternateaddress != '')
	630	{
	631	if ($index !== 'count')
	632	{
	633	$ldap_remove['mailalternateaddress'][] = $mailalternateaddress;
[414]	634	$this->db_functions->write_log("removed mailalternateaddress","$dn: $mailalternateaddress");
[81]	635	}
	636	}
	637	}
	638
	639	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	640	// MAILFORWARDINGADDRESS
	641	if (!$new_values['mailforwardingaddress'])
	642	$new_values['mailforwardingaddress'] = array();
	643	if (!$old_values['mailforwardingaddress'])
	644	$old_values['mailforwardingaddress'] = array();
	645	$add_mailforwardingaddress = array_diff($new_values['mailforwardingaddress'], $old_values['mailforwardingaddress']);
	646	$remove_mailforwardingaddress = array_diff($old_values['mailforwardingaddress'], $new_values['mailforwardingaddress']);
	647	foreach ($add_mailforwardingaddress as $index=>$mailforwardingaddress)
	648	{
	649	if ($mailforwardingaddress != '')
	650	{
	651	$ldap_add['mailforwardingaddress'][] = $mailforwardingaddress;
[414]	652	$this->db_functions->write_log("added mailforwardingaddress","$dn: $mailforwardingaddress");
[81]	653	}
	654	}
	655	foreach ($remove_mailforwardingaddress as $index=>$mailforwardingaddress)
	656	{
	657	if ($mailforwardingaddress != '')
	658	{
	659	if ($index !== 'count')
	660	{
	661	$ldap_remove['mailforwardingaddress'][] = $mailforwardingaddress;
[414]	662	$this->db_functions->write_log("removed mailforwardingaddress","$dn: $mailforwardingaddress");
[81]	663	}
	664	}
	665	}
	666
	667	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[2]	668	// Delivery Mode
	669	if (($old_values['deliverymode'] == '') && ($new_values['deliverymode'] != ''))
	670	{
	671	$ldap_add['deliverymode'] = 'forwardOnly';
[414]	672	$this->db_functions->write_log("added forwardOnly", $dn);
[2]	673	}
	674	if (($old_values['deliverymode'] != '') && ($new_values['deliverymode'] == ''))
	675	{
	676	$ldap_remove['deliverymode'] = array();
[414]	677	$this->db_functions->write_log("removed forwardOnly", $dn);
[2]	678	}
	679	}
	680
	681	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	682	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'change_users_quote')) )
	683	{
	684	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	685	// MAILQUOTA
[520]	686	if ( ($new_values['mailquota'] != $old_values['mailquota']) && (is_numeric($new_values['mailquota'])) )
[2]	687	{
[520]	688	$result_change_user_quota = $this->imap_functions->change_user_quota($new_values['uid'], $new_values['mailquota']);
	689
	690	if ($result_change_user_quota['status'])
	691	{
	692	$this->db_functions->write_log("modified user email quota" , $dn . ':' . $old_values['mailquota'] . '->' . $new_values['mailquota']);
	693	}
	694	else
	695	{
	696	$return['status'] = false;
	697	$return['msg'] .= $result_change_user_quota['msg'];
	698	}
[2]	699	}
	700	}
[63]	701
[2]	702	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	703	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes')) )
	704	{
	705	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	706	// REMOVE ATTRS OF SAMBA
	707	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] != 'on'))
	708	{
	709	$ldap_remove['objectclass'] = 'sambaSamAccount';
	710	$ldap_remove['loginShell'] = array();
	711	$ldap_remove['sambaSID'] = array();
	712	$ldap_remove['sambaPrimaryGroupSID'] = array();
	713	$ldap_remove['sambaAcctFlags'] = array();
	714	$ldap_remove['sambaLogonScript'] = array();
	715	$ldap_remove['sambaLMPassword'] = array();
	716	$ldap_remove['sambaNTPassword'] = array();
	717	$ldap_remove['sambaPasswordHistory'] = array();
	718	$ldap_remove['sambaPwdCanChange'] = array();
	719	$ldap_remove['sambaPwdLastSet'] = array();
	720	$ldap_remove['sambaPwdMustChange'] = array();
[414]	721	$this->db_functions->write_log("removed user samba attributes", $dn);
[2]	722	}
	723	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	724	// ADD ATTRS OF SAMBA
	725	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && (!$new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	726	{
	727	if (!is_file('/home/expressolivre/mkntpwd'))
	728	{
	729	$return['status'] = false;
[507]	730	$return['msg'] .= $this->functions->lang("The file /home/expressolivre/mkntpwd does not exist") . ".\n";
	731	$return['msg'] .= $this->functions->lang("It is necessery to create samba passwords") . ".\n";
	732	$return['msg'] .= $this->functions->lang("Inform your system administrator about this") . ".\n";
[2]	733	}
	734	else
	735	{
	736	$ldap_add['objectClass'][] = 'sambaSamAccount';
	737	$ldap_mod_replace['loginShell'] = '/bin/bash';
[47]	738	$ldap_add['sambaSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['uidnumber'])+1000);
	739	$ldap_add['sambaPrimaryGroupSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['gidnumber'])+1001);
[2]	740	$ldap_add['sambaAcctFlags'] = $new_values['sambaacctflags'];
	741	$ldap_add['sambaLogonScript'] = $new_values['sambalogonscript'];
	742	$ldap_mod_replace['homeDirectory'] = $new_values['sambahomedirectory'];
	743	$ldap_add['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.'senha');
	744	$ldap_add['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.'senha');
	745	$ldap_add['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
	746	$ldap_add['sambaPwdCanChange'] = strtotime("now");
	747	$ldap_add['sambaPwdLastSet'] = strtotime("now");
	748	$ldap_add['sambaPwdMustChange'] = '2147483647';
[414]	749	$this->db_functions->write_log("added user samba attribute", $dn);
[2]	750	}
	751	}
	752	}
	753
	754	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	755	// GROUPS
[379]	756	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_groups'))
[2]	757	{
[379]	758	// If the manager does not have the suficient access, the new_values.uid is empty.
	759	if (empty($new_values['uid']))
	760	$user_uid = $old_values['uid'];
	761	else
	762	$user_uid = $new_values['uid'];
	763
[2]	764	if (!$new_values['groups'])
	765	$new_values['groups'] = array();
	766	if (!$old_values['groups'])
	767	$old_values['groups'] = array();
	768
	769	$add_groups = array_diff($new_values['groups'], $old_values['groups']);
	770	$remove_groups = array_diff($old_values['groups'], $new_values['groups']);
	771
	772	if (count($add_groups)>0)
	773	{
	774	foreach($add_groups as $gidnumber)
	775	{
	776	$this->db_functions->add_user2group($gidnumber, $new_values['uidnumber']);
[379]	777	$this->ldap_functions->add_user2group($gidnumber, $user_uid);
[438]	778	$this->db_functions->write_log("included user to group", "uid:$user_uid -> gid:$gidnumber");
[2]	779	}
	780	}
[64]	781
[2]	782	if (count($remove_groups)>0)
	783	{
	784	foreach($remove_groups as $gidnumber)
	785	{
	786	foreach($old_values['groups_info'] as $group)
	787	{
	788	if (($group['gidnumber'] == $gidnumber) && ($group['group_disabled'] == 'false'))
	789	{
	790	$this->db_functions->remove_user2group($gidnumber, $new_values['uidnumber']);
[379]	791	$this->ldap_functions->remove_user2group($gidnumber, $user_uid);
[414]	792	$this->db_functions->write_log("removed user from group", "$dn: $gidnumber");
[2]	793	}
	794	}
	795	}
	796	}
	797	}
	798	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	799	// LDAP_MOD_REPLACE
	800	if (count($ldap_mod_replace))
	801	{
	802	$result = $this->ldap_functions->replace_user_attributes($dn, $ldap_mod_replace);
	803	if (!$result['status'])
	804	{
	805	$return['status'] = false;
	806	$return['msg'] .= $result['msg'];
	807	}
	808	}
	809
	810	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	811	// LDAP_MOD_ADD
	812	if (count($ldap_add))
	813	{
	814	$result = $this->ldap_functions->add_user_attributes($dn, $ldap_add);
	815	if (!$result['status'])
	816	{
	817	$return['status'] = false;
	818	$return['msg'] .= $result['msg'];
	819	}
	820	}
	821
	822	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	823	// LDAP_MOD_REMOVE
	824	if (count($ldap_remove))
	825	{
	826	$result = $this->ldap_functions->remove_user_attributes($dn, $ldap_remove);
	827	if (!$result['status'])
	828	{
	829	$return['status'] = false;
	830	$return['msg'] .= $result['msg'];
	831	}
	832	}
	833	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	834
	835
	836	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	837	{
	838	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	839	// MAILLISTS
	840	if (!$new_values['maillists'])
	841	$new_values['maillists'] = array();
	842	if (!$old_values['maillists'])
	843	$old_values['maillists'] = array();
[64]	844
[2]	845	$add_maillists = array_diff($new_values['maillists'], $old_values['maillists']);
	846	$remove_maillists = array_diff($old_values['maillists'], $new_values['maillists']);
	847
	848	if (count($add_maillists)>0)
	849	{
[208]	850	foreach($add_maillists as $uid)
[2]	851	{
[208]	852	$this->ldap_functions->add_user2maillist($uid, $new_values['mail']);
[438]	853	$this->db_functions->write_log("included user to maillist","$uid: $dn");
[2]	854	}
	855	}
[414]	856
[2]	857	if (count($remove_maillists)>0)
	858	{
[208]	859	foreach($remove_maillists as $uid)
[2]	860	{
[208]	861	$this->ldap_functions->remove_user2maillist($uid, $new_values['mail']);
[414]	862	$this->db_functions->write_log("removed user from maillist","$dn: $uid");
[2]	863	}
	864	}
	865
	866	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	867	// APPS
	868	$new_values2 = array();
	869	$old_values2 = array();
	870	if (count($new_values['apps'])>0)
	871	{
	872	foreach ($new_values['apps'] as $app=>$tmp)
	873	{
	874	$new_values2[] = $app;
	875	}
	876	}
	877	if (count($old_values['apps'])>0)
	878	{
	879	foreach ($old_values['apps'] as $app=>$tmp)
	880	{
	881	$old_values2[] = $app;
	882	}
	883	}
	884	$add_apps = array_flip(array_diff($new_values2, $old_values2));
	885	$remove_apps = array_flip(array_diff($old_values2, $new_values2));
	886
	887	if (count($add_apps)>0)
	888	{
	889	$this->db_functions->add_id2apps($new_values['uidnumber'], $add_apps);
[9]	890
	891	foreach ($add_apps as $app => $index)
[414]	892	$this->db_functions->write_log("added application to user","$dn: $app");
[2]	893	}
	894	if (count($remove_apps)>0)
	895	{
[9]	896	//Verifica se o gerente tem acesso a aplicação antes de remove-la do usuario.
	897	$manager_apps = $this->db_functions->get_apps($_SESSION['phpgw_session']['session_lid']);
	898
	899	foreach ($remove_apps as $app => $app_index)
	900	{
	901	if ($manager_apps[$app] == 'run')
	902	$remove_apps2[$app] = $app_index;
	903	}
	904	$this->db_functions->remove_id2apps($new_values['uidnumber'], $remove_apps2);
	905
	906	foreach ($remove_apps2 as $app => $access)
[414]	907	$this->db_functions->write_log("removed application to user","$dn: $app");
[2]	908	}
	909	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	910	}
	911	return $return;
	912	}
	913
[64]	914	function get_user_info($uidnumber)
[2]	915	{
[507]	916	if (!$user_info_ldap = $this->ldap_functions->get_user_info($uidnumber))
	917	return false;
[2]	918	$user_info_db1 = $this->db_functions->get_user_info($uidnumber);
[64]	919	$user_info_db2 = $this->ldap_functions->gidnumbers2cn($user_info_db1['groups']);
[2]	920	$user_info_imap = $this->imap_functions->get_user_info($user_info_ldap['uid']);
	921	$user_info = array_merge($user_info_ldap, $user_info_db1, $user_info_db2, $user_info_imap);
	922	return $user_info;
	923	}
	924
	925	function set_user_default_password($params)
	926	{
[458]	927	$return['status'] = 1;
[2]	928	$uid = $params['uid'];
	929	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
	930
	931	if (!$this->db_functions->default_user_password_is_set($uid))
	932	{
	933	$userPassword = $this->ldap_functions->set_user_password($uid, $defaultUserPassword);
	934	$this->db_functions->set_user_password($uid, $userPassword);
[458]	935	$this->db_functions->write_log("inserted default password",$uid);
[2]	936	}
	937	else
	938	{
[458]	939	$return['status'] = 0;
	940	$return['msg'] = $this->functions->lang('default password already registered') . '!';
[2]	941	}
	942
	943	return $return;
	944	}
	945
	946	function return_user_password($params)
	947	{
[458]	948	$return['status'] = 1;
[2]	949	$uid = $params['uid'];
	950
	951	if ($this->db_functions->default_user_password_is_set($uid))
	952	{
	953	$userPassword = $this->db_functions->get_user_password($uid);
	954	$this->ldap_functions->set_user_password($uid, $userPassword);
	955	}
	956	else
	957	{
[458]	958	$return['status'] = 0;
	959	$return['msg'] = $this->functions->lang('default password not registered') . '!';
[2]	960	}
	961
[414]	962	$this->db_functions->write_log("returned user password",$uid);
[2]	963
	964	return $return;
	965	}
	966
	967	function delete($params)
	968	{
	969	$return['status'] = true;
[507]	970	$this->db_functions->write_log('delete user: start', $params['uid']);
[2]	971
	972	// Verifica o acesso do gerente
	973	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'delete_users'))
	974	{
	975	$uidnumber = $params['uidnumber'];
[507]	976	if (!$user_info = $this->get_user_info($uidnumber))
	977	{
	978	$this->db_functions->write_log('delete user: error getting users info', $user_info['uid']);
	979	$return['status'] = false;
	980	$return['msg'] = $this->functions->lang('error getting users info');
	981	return $return;
	982	}
	983
[2]	984	//LDAP
	985	$result_ldap = $this->ldap_functions->delete_user($user_info);
	986	if (!$result_ldap['status'])
	987	{
	988	$return['status'] = false;
[507]	989	$return['msg'] = 'user.delete(ldap): ' . $result_ldap['msg'];
	990	return $return;
[2]	991	}
[64]	992	else
[2]	993	{
[507]	994	$this->db_functions->write_log("deleted users data from ldap", $user_info['uid']);
	995
[64]	996	//DB
	997	$result_db = $this->db_functions->delete_user($user_info);
	998	if (!$result_db['status'])
	999	{
	1000	$return['status'] = false;
[507]	1001	$return['msg'] .= 'user.delete(db): ' . $result_db['msg'];
[64]	1002	}
[507]	1003	else
	1004	{
	1005	$this->db_functions->write_log("deleted users data from DB", $user_info['uid']);
	1006	}
	1007
[64]	1008	//IMAP
[1913]	1009	$result_imap = $this->imap_functions->delete_mailbox($user_info['uid']);
[64]	1010	if (!$result_imap['status'])
	1011	{
	1012	$return['status'] = false;
[507]	1013	$return['msg'] .= $result_imap['msg'];
[64]	1014	}
[507]	1015	else
	1016	{
	1017	$this->db_functions->write_log("deleted users data from IMAP", $user_info['uid']);
	1018	}
	1019
[2]	1020	}
	1021	}
[507]	1022	else
	1023	{
	1024	$this->db_functions->write_log('delete user: manager does not have access', $params['uidnumber']);
	1025	}
[2]	1026
[507]	1027	$this->db_functions->write_log('delete user: end', $user_info['uid']);
[2]	1028	return $return;
	1029	}
	1030
	1031
	1032	function rename($params)
	1033	{
	1034	$return['status'] = true;
[64]	1035
	1036	// Verifica acesso do gerente (OU) ao tentar renomear um usuário.
	1037	if ( ! $this->ldap_functions->check_access_to_renamed($params['uid']) )
	1038	{
	1039	$return['status'] = false;
[507]	1040	$return['msg'] .= $this->functions->lang('You do not have access to delete user') . '.';
[64]	1041	return $return;
	1042	}
[2]	1043
[414]	1044	// Check if the new_uid is in use.
[396]	1045	if ( ! $this->ldap_functions->check_rename_new_uid($params['new_uid']) )
	1046	{
	1047	$return['status'] = false;
[507]	1048	$return['msg'] = $this->functions->lang('New login already in use') . '.';
[396]	1049	return $return;
	1050	}
	1051
[2]	1052	// Verifica o acesso do gerente
	1053	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'rename_users'))
	1054	{
	1055	$uid = $params['uid'];
	1056	$new_uid = $params['new_uid'];
	1057	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
	1058	$defaultUserPassword_plain = $this->current_config['expressoAdmin_defaultUserPassword'];
	1059
	1060	$emailadmin_profiles = $this->db_functions->get_sieve_info();
	1061	$sieve_enable = $emailadmin_profiles[0]['imapenablesieve'];
	1062	$sieve_server = $emailadmin_profiles[0]['imapsieveserver'];
	1063	$sieve_port = $emailadmin_profiles[0]['imapsieveport'];
	1064
	1065	$imap_admin = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminUsername'];
	1066	$imap_passwd = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminPW'];
	1067	$imap_server = $_SESSION['phpgw_info']['expresso']['email_server']['imapServer'];
	1068	$imap_port = $_SESSION['phpgw_info']['expresso']['email_server']['imapPort'];
	1069	$imapDelimiter = $_SESSION['phpgw_info']['expresso']['email_server']['imapDelimiter'];
	1070
	1071	//Verifica se está sendo usuado cyrus 2.2 ou superior
	1072	$sk = fsockopen ($imap_server,$imap_port);
	1073	$server_resp = fread($sk, 100);
[5593]	1074	$tmp = preg_split('/v2./', $server_resp);
[2]	1075	$cyrus_version = '2' . $tmp[1][0];
	1076
[5693]	1077	if ( $cyrus_version < intVal('2.2') )
[2]	1078	{
[396]	1079	$return['status'] = false;
[414]	1080	$return['msg'] = "The rename user is only permitted with cyrus 2.2 or higher,";
	1081	$return['msg'] .= "\nand with the option 'allowusermoves: yes' set in imapd.conf.";
	1082
	1083
[396]	1084	return $return;
	1085	}
	1086
	1087	// Renomeia UID no openldap
	1088	$result = $this->ldap_functions->rename_uid($uid, $new_uid);
	1089	if (!$result['status'])
	1090	{
	1091	$return['status'] = false;
[507]	1092	$return['msg'] = $this->functions->lang("Error rename user in LDAP") . '.';
[396]	1093	return $return;
	1094	}
	1095
	1096	//Renomeia mailbox
[507]	1097	$imap_rename_result = $this->imap_functions->rename_mailbox($uid, $new_uid);
	1098	if (!$imap_rename_result['status'])
[396]	1099	{
	1100	// Back user uid.
	1101	$result = $this->ldap_functions->rename_uid($new_uid, $uid);
	1102
	1103	$return['status'] = false;
[507]	1104	$return['msg'] = $this->functions->lang("Error renaming user mailboxes") . ".\n";
	1105	$return['msg'] .= $imap_rename_result['msg'];
[396]	1106	return $return;
	1107	}
[507]	1108
[396]	1109
	1110	// Renomeia sieve script
	1111	include_once('sieve-php.lib.php');
[507]	1112	//function sieve($host, $port, $user, $pass, $auth="", $auth_types)
	1113	$sieve=new sieve($sieve_server, $sieve_port, $new_uid, $imap_passwd, $imap_admin, 'PLAIN');
[30]	1114
[396]	1115	if ($sieve->sieve_login())
	1116	{
	1117	$sieve->sieve_listscripts();
	1118	$myactivescript=$sieve->response["ACTIVE"];
	1119	$sieve->sieve_getscript($myactivescript);
	1120
	1121	$script = '';
	1122	if (!empty($sieve->response))
[30]	1123	{
	1124	foreach($sieve->response as $result)
	1125	{
	1126	$script .= $result;
	1127	}
[396]	1128	}
[507]	1129
	1130	if (!empty($script))
[396]	1131	{
[507]	1132	$scriptname = $new_uid;
	1133	if($sieve->sieve_sendscript($new_uid,$script))
[30]	1134	{
[507]	1135	if ($sieve->sieve_setactivescript($new_uid))
	1136	{
	1137	if (!$sieve->sieve_deletescript($myactivescript))
	1138	{
	1139	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1140	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem deleting old script") . '.';
	1141	}
	1142	}
	1143	else
	1144	{
	1145	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1146	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem activating sieve script") . '.';
	1147	}
[30]	1148	}
[507]	1149	else
	1150	{
	1151	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1152	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem saving sieve script") . '.';
	1153	}
[30]	1154	}
[396]	1155	$sieve->sieve_logout();
	1156	}
	1157	else
	1158	{
	1159	$return['status'] = false;
[507]	1160	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1161	$return['msg'] .= $result['msg'] . $this->functions->lang("Can not login sieve") . '.';
[396]	1162	}
[30]	1163
[414]	1164	$this->db_functions->write_log("renamed user", "$uid -> $new_uid");
[2]	1165
[396]	1166	$return['exec_return'] = "";
	1167
[64]	1168	return $return;
[2]	1169	}
	1170	}
[63]	1171
	1172	function write_log_from_ajax($params)
	1173	{
	1174	$this->db_functions->write_log($params['_action'],'',$params['userinfo'],'','');
	1175	return true;
	1176	}
[2]	1177	}
[548]	1178	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: