Context Navigation

source: trunk/expressoAdmin1_2/inc/class.user.inc.php @ 7223

Revision 7223, 47.8 KB checked in by acoutinho, 12 years ago (diff)
Ticket #3102 - Atualizar versionamento do Expresso e dos modulos para a versao 2.4.2
Property svn:eol-style set to `native` Property svn:executable set to ``*

Rev	Line
[2]	1	<?php
	2	/**********************************************************************************\
	3	* Expresso Administração *
	4	* by Joao Alfredo Knopik Junior (joao.alfredo@gmail.com, jakjr@celepar.pr.gov.br) *
	5	* --------------------------------------------------------------------------------*
	6	* This program is free software; you can redistribute it and/or modify it *
	7	* under the terms of the GNU General Public License as published by the *
	8	* Free Software Foundation; either version 2 of the License, or (at your *
	9	* option) any later version. *
	10	\**********************************************************************************/
	11
	12	include_once('class.ldap_functions.inc.php');
	13	include_once('class.db_functions.inc.php');
	14	include_once('class.imap_functions.inc.php');
	15	include_once('class.functions.inc.php');
	16
	17	class user
	18	{
	19	var $ldap_functions;
	20	var $db_functions;
	21	var $imap_functions;
	22	var $functions;
	23	var $current_config;
	24
	25	function user()
	26	{
	27	$this->ldap_functions = new ldap_functions;
	28	$this->db_functions = new db_functions;
	29	$this->imap_functions = new imap_functions;
	30	$this->functions = new functions;
	31	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
	32	}
	33
	34	function create($params)
	35	{
	36	$return['status'] = true;
	37
[6553]	38	if($this->db_functions->use_cota_control()) {
	39	//Verifica quota de usuários e disco
	40	$setor = $this->functions->get_info($params['context']);
	41	if (!$this->functions->existe_quota_usuario($setor[0])) {
	42	$return['status'] = false;
	43	$return['msg'] = $this->functions->lang("user cota exceeded");//TODO colocar valor de acordo com tabela de traduções.
	44	return $return;
	45	}
	46	if (!$this->functions->existe_quota_disco($setor[0],$params['mailquota'])) {
	47	$return['status'] = false;
	48	$return['msg'] = $this->functions->lang("disk cota exceeded");//TODO colocar valor de acordo com tabela de traduções.
	49	return $return;
	50	}
	51	}
	52
[2]	53	// Verifica o acesso do gerente
	54	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'add_users'))
	55	{
	56	// Adiciona a organização na frente do uid.
	57	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
	58	{
	59	$context_dn = ldap_explode_dn(strtolower($GLOBALS['phpgw_info']['server']['ldap_context']), 1);
	60
	61	$explode_dn = ldap_explode_dn(strtolower($params['context']), 1);
	62	$explode_dn = array_reverse($explode_dn);
	63	//$params['uid'] = $explode_dn[3] . '-' . $params['uid'];
	64	$params['uid'] = $explode_dn[$context_dn['count']] . '-' . $params['uid'];
	65	}
	66
[69]	67	// Leio o ID a ser usado na criação do objecto. Esta função já incrementa o ID no BD.
[64]	68	$next_id = ($this->db_functions->get_next_id('accounts'));
	69	if ((!is_numeric($next_id['id'])) \|\| (!$next_id['status']))
	70	{
	71	$return['status'] = false;
[507]	72	$return['msg'] = $this->functions->lang('problems getting user id') . ".\n" . $id['msg'];
[64]	73	return $return;
	74	}
	75	else
	76	{
	77	$id = $next_id['id'];
	78	}
[2]	79
	80	// Cria array para incluir no LDAP
[7223]	81	$dn = 'uid=' . $params['uid'] . ',' . $params['context'];
	82
	83	ob_start();
	84	print_r($params);
	85	$output = ob_get_clean();
	86	file_put_contents( "/tmp/acoutinho.log", $output , FILE_APPEND);
	87
	88
	89	$user_info = array();
[2]	90	$user_info['accountStatus'] = $params['accountstatus'] == 1 ? 'active' : 'desactive';
	91	$user_info['cn'] = $params['givenname'] . ' ' . $params['sn'];
	92	$user_info['gidNumber'] = $params['gidnumber'];
	93	$user_info['givenName'] = $params['givenname'];
	94	$user_info['homeDirectory'] = '/home/' . $params['uid'];
	95	$user_info['mail'] = $params['mail'];
	96	$user_info['objectClass'][] = 'posixAccount';
	97	$user_info['objectClass'][] = 'inetOrgPerson';
	98	$user_info['objectClass'][] = 'shadowAccount';
	99	$user_info['objectClass'][] = 'qmailuser';
	100	$user_info['objectClass'][] = 'phpgwAccount';
	101	$user_info['objectClass'][] = 'top';
	102	$user_info['objectClass'][] = 'person';
	103	$user_info['objectClass'][] = 'organizationalPerson';
	104	$user_info['phpgwAccountExpires'] = '-1';
	105	$user_info['phpgwAccountType'] = 'u';
	106	$user_info['sn'] = $params['sn'];
	107	$user_info['uid'] = $params['uid'];
	108	$user_info['uidnumber'] = $id;
	109	$user_info['userPassword'] = '{md5}' . base64_encode(pack("H*",md5($params['password1'])));
[46]	110
[72]	111	if ($params['passwd_expired'] == '1')
	112	$user_info['phpgwLastPasswdChange'] = '0';
	113
[46]	114	// Gerenciar senhas RFC2617
	115	if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true')
	116	{
	117	$realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617'];
	118	$uid = $user_info['uid'];
	119	$password = $params['password1'];
	120	$user_info['userPasswordRFC2617'] = $realm . ': ' . md5("$uid:$realm:$password");
	121	}
	122
[2]	123	if ($params['phpgwaccountstatus'] == '1')
	124	$user_info['phpgwAccountStatus'] = 'A';
	125
	126	if ($params['departmentnumber'] != '')
	127	$user_info['departmentnumber'] = $params['departmentnumber'];
	128
	129	if ($params['telephonenumber'] != '')
	130	$user_info['telephoneNumber'] = $params['telephonenumber'];
	131
	132	// Cria user_info no caso de ter alias e forwarding email.
[81]	133	foreach ($params['mailalternateaddress'] as $index=>$mailalternateaddress)
	134	{
	135	if ($mailalternateaddress != '')
	136	$user_info['mailAlternateAddress'][] = $mailalternateaddress;
	137	}
[2]	138
[81]	139	foreach ($params['mailforwardingaddress'] as $index=>$mailforwardingaddress)
	140	{
	141	if ($mailforwardingaddress != '')
	142	$user_info['mailForwardingAddress'][] = $mailforwardingaddress;
	143	}
[2]	144
	145	if ($params['deliverymode'])
	146	$user_info['deliveryMode'] = 'forwardOnly';
	147
	148	//Ocultar da pesquisa e do catálogo
	149	if ($params['phpgwaccountvisible'])
	150	$user_info['phpgwAccountVisible'] = '-1';
	151
	152	// Suporte ao SAMBA
	153	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($params['use_attrs_samba'] == 'on'))
	154	{
[317]	155
	156	// Qualquer um que crie um usuário, deve ter permissão para adicionar a senha samba.
[63]	157	// Verifica o acesso do gerente aos atributos samba
[317]	158	//if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes'))
	159	//{
[63]	160	//Verifica se o binario para criar as senhas do samba exite.
	161	if (!is_file('/home/expressolivre/mkntpwd'))
	162	{
	163	$return['status'] = false;
[493]	164	$return['msg'] .=
[507]	165	$this->functions->lang("the binary file /home/expressolivre/mkntpwd does not exist") . ".\\n" .
	166	$this->functions->lang("it is needed to create samba passwords") . ".\\n" .
	167	$this->functions->lang("alert your administrator about this") . ".";
[63]	168	}
	169	else
	170	{
	171	$user_info['objectClass'][] = 'sambaSamAccount';
	172	$user_info['loginShell'] = '/bin/bash';
	173
	174	$user_info['sambaSID'] = $params['sambadomain'] . '-' . ((2 * $id)+1000);
	175	$user_info['sambaPrimaryGroupSID'] = $params['sambadomain'] . '-' . ((2 * $user_info['gidNumber'])+1001);
[27]	176
[63]	177	$user_info['sambaAcctFlags'] = $params['sambaacctflags'];
[2]	178
[63]	179	$user_info['sambaLogonScript'] = $params['sambalogonscript'];
	180	$user_info['homeDirectory'] = $params['sambahomedirectory'];
[2]	181
[528]	182	$user_info['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L "'.$params['password1'] . '"');
	183	$user_info['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N "'.$params['password1'] . '"');
	184
[63]	185	$user_info['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
[2]	186
[63]	187	$user_info['sambaPwdCanChange'] = strtotime("now");
	188	$user_info['sambaPwdLastSet'] = strtotime("now");
	189	$user_info['sambaPwdMustChange'] = '2147483647';
	190	}
[317]	191	//}
[2]	192	}
[63]	193
	194	// Verifica o acesso do gerente aos atributos corporativos
	195	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
	196	{
[379]	197	//retira caracteres que não são números.
[5773]	198	$params['corporative_information_cpf'] = preg_replace('/[^0-9]/', '', $params['corporative_information_cpf']);
[438]	199	//description
[520]	200	$params['corporative_information_description'] = utf8_encode($params['corporative_information_description']);
[63]	201	foreach ($params as $atribute=>$value)
	202	{
[64]	203	$pos = strstr($atribute, 'corporative_information_');
[63]	204	if ($pos !== false)
	205	{
	206	if ($params[$atribute])
	207	{
	208	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
	209	$user_info[$ldap_atribute] = $params[$atribute];
	210	}
	211	}
	212	}
	213	}
	214
[2]	215	$result = $this->ldap_functions->ldap_add_entry($dn, $user_info);
	216	if (!$result['status'])
	217	{
	218	$return['status'] = false;
	219	$return['msg'] .= $result['msg'];
	220	}
	221
	222	// Chama funcao para salvar foto no OpenLDAP.
[107]	223	if ( ($_FILES['photo']['name'] != '') && ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_picture')) )
[2]	224	{
	225	$result = $this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name']);
	226	if (!$result['status'])
	227	{
	228	$return['status'] = false;
	229	$return['msg'] .= $result['msg'];
	230	}
	231	}
	232
	233	//GROUPS
	234	if ($params['groups'])
	235	{
	236	foreach ($params['groups'] as $gidnumber)
	237	{
	238	$result = $this->ldap_functions->add_user2group($gidnumber, $user_info['uid']);
	239	if (!$result['status'])
	240	{
	241	$return['status'] = false;
	242	$return['msg'] .= $result['msg'];
	243	}
	244	$result = $this->db_functions->add_user2group($gidnumber, $id);
	245	if (!$result['status'])
	246	{
	247	$return['status'] = false;
	248	$return['msg'] .= $result['msg'];
	249	}
	250	}
	251	}
	252
	253	// Inclusao do Mail do usuário nas listas de email selecionadas.
	254	if ($params['maillists'])
	255	{
[208]	256	foreach($params['maillists'] as $uid)
[2]	257	{
[208]	258	$result = $this->ldap_functions->add_user2maillist($uid, $user_info['mail']);
[2]	259	if (!$result['status'])
	260	{
	261	$return['status'] = false;
	262	$return['msg'] .= $result['msg'];
	263	}
	264	}
	265	}
	266
	267	// APPS
	268	if (count($params['apps']))
	269	{
	270	$result = $this->db_functions->add_id2apps($id, $params['apps']);
	271	if (!$result['status'])
	272	{
	273	$return['status'] = false;
	274	$return['msg'] .= $result['msg'];
	275	}
	276	}
	277
	278	// Chama funcao para incluir no pgsql as preferencia de alterar senha.
	279	if ($params['changepassword'])
	280	{
	281	$result = $this->db_functions->add_pref_changepassword($id);
	282	if (!$result['status'])
	283	{
	284	$return['status'] = false;
	285	$return['msg'] .= $result['msg'];
	286	}
	287	}
	288
	289	// Chama funcao para criar mailbox do usuario, no imap-cyrus.
	290	$result = $this->imap_functions->create($params['uid'], $params['mailquota']);
	291	if (!$result['status'])
	292	{
	293	$return['status'] = false;
	294	$return['msg'] .= $result['msg'];
	295	}
	296
[414]	297	$this->db_functions->write_log("created user",$dn);
[2]	298	}
	299
	300	return $return;
	301	}
	302
	303	function save($new_values)
	304	{
	305	$return['status'] = true;
	306
[64]	307	$old_values = $this->get_user_info($new_values['uidnumber']);
	308
[2]	309	$dn = 'uid=' . $old_values['uid'] . ',' . strtolower($old_values['context']);
[379]	310
	311	//retira caracteres que não são números.
[5773]	312	$new_values['corporative_information_cpf'] = preg_replace('/[^0-9]/', '', $new_values['corporative_information_cpf']);
[379]	313
[2]	314	$diff = array_diff($new_values, $old_values);
[81]	315
[72]	316	/*
	317	echo '<pre>';
	318	echo '--- OLD: ';
[81]	319	print_r($old_values);
[72]	320	echo '<br>--- NEW: ';
[81]	321	print_r($new_values);
[72]	322	echo '<br>';
[438]	323	exit;
	324	*/
[81]	325
[6553]	326	//Verifica quota de disco, como estou alterando, não preciso checar quota de usuários.
	327	if($this->db_functions->use_cota_control()) {
	328	$setor = $this->functions->get_info($new_values['context']);
	329	if (!$this->functions->existe_quota_disco($setor[0],$new_values['mailquota'])) {
	330	$return['status'] = false;
	331	$return['msg'] = "Quota em disco excedida...";//TODO colocar valor de acordo com tabela de traduções.
	332	return $return;
	333	}
	334	}
	335
[32]	336	$manager_account_lid = $_SESSION['phpgw_session']['session_lid'];
	337	if ((!$this->functions->check_acl($manager_account_lid,'edit_users')) &&
	338	(!$this->functions->check_acl($manager_account_lid,'change_users_password')) &&
[64]	339	(!$this->functions->check_acl($manager_account_lid,'edit_sambausers_attributes')) &&
[317]	340	(!$this->functions->check_acl($manager_account_lid,'manipulate_corporative_information')) &&
	341	(!$this->functions->check_acl($manager_account_lid,'edit_users_phonenumber'))
[32]	342	)
	343	{
	344	$return['status'] = false;
[507]	345	$return['msg'] = $this->functions->lang('You do not have access to edit user informations') . '.';
[32]	346	return $return;
	347	}
	348
[438]	349	// Check manager access
[2]	350	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	351	{
	352	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	353	// Change user organization
	354	if ($diff['context'])
	355	{
[355]	356	if (strcasecmp($old_values['context'], $new_values['context']) != 0)
[2]	357	{
[355]	358	$newrdn = 'uid=' . $new_values['uid'];
	359	$newparent = $new_values['context'];
	360	$result = $this->ldap_functions->change_user_context($dn, $newrdn, $newparent);
	361	if (!$result['status'])
	362	{
	363	$return['status'] = false;
	364	$return['msg'] .= $result['msg'];
	365	}
	366	else
	367	{
	368	$dn = $newrdn . ',' . $newparent;
[414]	369	$this->db_functions->write_log('modified user context', $dn . ': ' . $old_values['uid'] . '->' . $new_values['context']);
[355]	370	}
[2]	371	}
	372	}
	373
	374	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	375	// REPLACE some attributes
	376	if ($diff['givenname'])
	377	{
	378	$ldap_mod_replace['givenname'] = $new_values['givenname'];
	379	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
[414]	380	$this->db_functions->write_log("modified first name", "$dn: " . $old_values['givenname'] . "->" . $new_values['givenname']);
[2]	381	}
	382	if ($diff['sn'])
	383	{
	384	$ldap_mod_replace['sn'] = $new_values['sn'];
	385	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
[414]	386	$this->db_functions->write_log("modified last name", "$dn: " . $old_values['sn'] . "->" . $new_values['sn']);
[2]	387	}
	388	if ($diff['mail'])
	389	{
	390	$ldap_mod_replace['mail'] = $new_values['mail'];
	391	$this->ldap_functions->replace_user2maillists($new_values['mail'], $old_values['mail']);
[317]	392	$this->ldap_functions->replace_mail_from_institutional_account($new_values['mail'], $old_values['mail']);
[414]	393	$this->db_functions->write_log("modified user email", "$dn: " . $old_values['mail'] . "->" . $new_values['mail']);
[2]	394	}
[72]	395	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	396	// Passwd Expired - Com atributo
[414]	397	if (($old_values['passwd_expired'] != 0) && ($new_values['passwd_expired'] == '1'))
[72]	398	{
	399	$ldap_mod_replace['phpgwlastpasswdchange'] = '0';
[414]	400	$this->db_functions->write_log("Expired user password","$dn");
[72]	401	}
[2]	402	}
	403
	404	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	405	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'change_users_password')) )
	406	{
	407	if ($diff['password1'])
	408	{
	409	$ldap_mod_replace['userPassword'] = '{md5}' . base64_encode(pack("H*",md5($new_values['password1'])));
[46]	410
[2]	411	// Suporte ao SAMBA
	412	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	413	{
[528]	414	$ldap_mod_replace['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L "'.$new_values['password1'] . '"');
	415	$ldap_mod_replace['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N "'.$new_values['password1'] . '"');
[2]	416	}
[46]	417
	418	// Gerenciar senhas RFC2617
	419	if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true')
	420	{
	421	$realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617'];
	422	$uid = $new_values['uid'];
	423	$password = $new_values['password1'];
	424	$passUserRFC2617 = $realm . ': ' . md5("$uid:$realm:$password");
	425
	426	if ($old_values['userPasswordRFC2617'] != '')
	427	$ldap_mod_replace['userPasswordRFC2617'] = $passUserRFC2617;
	428	else
	429	$ldap_add['userPasswordRFC2617'] = $passUserRFC2617;
	430	}
	431
[414]	432	$this->db_functions->write_log("modified user password",$dn);
[2]	433	}
	434	}
[317]	435
	436	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	437	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_phonenumber')) )
	438	{
	439	if (($diff['telephonenumber']) && ($old_values['telephonenumber'] != ''))
	440	{
[3161]	441	$ldap_mod_replace['telephonenumber'] = $new_values['telephonenumber'];
	442	$this->db_functions->write_log('modified user telephonenumber', $dn . ': ' . $old_values['telephonenumber'] . '->' . $new_values['telephonenumber']);
[5133]	443	$ldap_mod_replace['telephonenumber'] = $new_values['telephonenumber'];
	444	$this->db_functions->write_log('modified user telephonenumber', $dn . ': ' . $old_values['telephonenumber'] . '->' . $new_values['telephonenumber']);
[317]	445	}
[3161]	446	else if (($old_values['telephonenumber'] != '') && ($new_values['telephonenumber'] == ''))
	447	{
	448	$ldap_remove['telephonenumber'] = array();
	449	$this->db_functions->write_log("removed user phone",$dn);
	450	}
	451	else if (($old_values['telephonenumber'] == '') && ($new_values['telephonenumber'] != ''))
	452	{
	453	$ldap_add['telephonenumber'] = $new_values['telephonenumber'];
	454	$this->db_functions->write_log("added user phone",$dn);
	455	}
[317]	456	}
[63]	457
	458	// REPLACE, ADD & REMOVE COPORATIVEs ATRIBUTES
	459	// Verifica o acesso do gerente aos atributos corporativos
[64]	460
	461	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	462	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information')) )
[63]	463	{
	464	foreach ($new_values as $atribute=>$value)
	465	{
[64]	466	$pos = strstr($atribute, 'corporative_information_');
[63]	467	if ($pos !== false)
	468	{
	469	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
[414]	470	// REPLACE CORPORATIVE ATTRIBUTES
[63]	471	if (($diff[$atribute]) && ($old_values[$atribute] != ''))
	472	{
	473	$ldap_atribute = str_replace("corporative_information_", "", $atribute);
[414]	474	$ldap_mod_replace[$ldap_atribute] = utf8_encode($new_values[$atribute]);
	475	$this->db_functions->write_log('modified user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	476	}
[414]	477	//ADD CORPORATIVE ATTRIBUTES
[63]	478	elseif (($old_values[$atribute] == '') && ($new_values[$atribute] != ''))
	479	{
[414]	480	$ldap_add[$ldap_atribute] = utf8_encode($new_values[$atribute]);
	481	$this->db_functions->write_log('added user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	482	}
[414]	483	//REMOVE CORPORATIVE ATTRIBUTES
[63]	484	elseif (($old_values[$atribute] != '') && ($new_values[$atribute] == ''))
	485	{
	486	$ldap_remove[$ldap_atribute] = array();
[414]	487	$this->db_functions->write_log('removed user attribute', $dn . ': ' . $ldap_atribute . ': ' . $old_values[$atribute] . '->' . $new_values[$atribute]);
[63]	488	}
	489	}
	490	}
	491	}
	492
[2]	493	//Suporte ao SAMBA
	494	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	495	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes')) )
	496	{
[355]	497
	498	if ($diff['gidnumber'])
	499	{
	500	$ldap_mod_replace['gidnumber'] = $new_values['gidnumber'];
[414]	501	$this->db_functions->write_log('modified user primary group', $dn . ': ' . $old_values['gidnumber'] . '->' . $new_values['gidnumber']);
[355]	502	}
	503
[2]	504	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	505	{
[355]	506	if ($diff['gidnumber'])
	507	{
	508	$ldap_mod_replace['sambaPrimaryGroupSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $new_values['gidnumber'])+1001);
[414]	509	$this->db_functions->write_log('modified user sambaPrimaryGroupSID', $dn);
[355]	510	}
	511
[2]	512	if ($diff['sambaacctflags'])
	513	{
	514	$ldap_mod_replace['sambaacctflags'] = $new_values['sambaacctflags'];
[414]	515	$this->db_functions->write_log("modified user sambaacctflags",$dn);
[2]	516	}
	517	if ($diff['sambalogonscript'])
	518	{
	519	$ldap_mod_replace['sambalogonscript'] = $new_values['sambalogonscript'];
[414]	520	$this->db_functions->write_log("modified user sambalogonscript",$dn);
[2]	521	}
	522	if ($diff['sambahomedirectory'])
	523	{
	524	$ldap_mod_replace['homedirectory'] = $new_values['sambahomedirectory'];
[414]	525	$this->db_functions->write_log("modified user homedirectory",$dn);
[2]	526	}
[27]	527	if ($diff['sambadomain'])
	528	{
	529	$ldap_mod_replace['sambaSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['uidnumber'])+1000);
	530	$ldap_mod_replace['sambaPrimaryGroupSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['gidnumber'])+1001);
[414]	531	$this->db_functions->write_log('modified user samba domain', $dn . ': ' . $old_values['sambadomain'] . '->' . $new_values['sambadomain']);
[27]	532	}
[2]	533	}
	534	}
	535
	536	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[81]	537	// ADD or REMOVE some attributes
[2]	538	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[180]	539
	540	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	541	// PHOTO
	542	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users_picture'))
	543	{
	544	if ($new_values['delete_photo'])
	545	{
	546	$this->ldap_functions->ldap_remove_photo($dn);
[414]	547	$this->db_functions->write_log("removed user photo",$dn);
[180]	548	}
	549	elseif ($_FILES['photo']['name'] != '')
	550	{
[283]	551
[5133]	552	if ($_FILES['photo']['size'] > 10000)
[283]	553	{
	554	$return['status'] = false;
[5133]	555	$return['msg'] .= $this->functions->lang('User photo could not be save because is bigger the 10 kb') . '.';
[283]	556	}
	557	else
	558	{
[309]	559	if ($new_values['photo_exist'])
	560	{
	561	$photo_exist = true;
[414]	562	$this->db_functions->write_log("mofified user photo",$dn);
[309]	563	}
	564	else
	565	{
	566	$photo_exist = false;
[414]	567	$this->db_functions->write_log("added user photo",$dn);
[309]	568	}
	569	$this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name'], $new_values['photo_exist'], $photo_exist);
[180]	570	}
	571	}
	572	}
[2]	573
	574	// Verifica o acesso ára adicionar ou remover tais atributos
	575	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	576	{
[72]	577	// Passwd Expired - Sem atributo
	578	if (($old_values['passwd_expired'] == '') && ($new_values['passwd_expired'] == '1'))
	579	{
	580	$ldap_add['phpgwlastpasswdchange'] = '0';
[414]	581	$this->db_functions->write_log("expired user password",$dn);
[72]	582	}
	583	if (($old_values['passwd_expired'] == '0') && ($new_values['passwd_expired'] == ''))
	584	{
	585	$ldap_remove['phpgwlastpasswdchange'] = array();
[414]	586	$this->db_functions->write_log("removed expiry from user password",$dn);
[72]	587	}
	588	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[2]	589	// PREF_CHANGEPASSWORD
	590	if (($old_values['changepassword'] == '') && ($new_values['changepassword'] != ''))
	591	{
	592	$this->db_functions->add_pref_changepassword($new_values['uidnumber']);
[414]	593	$this->db_functions->write_log("turn on changepassword",$dn);
[2]	594	}
	595	if (($old_values['changepassword'] != '') && ($new_values['changepassword'] == ''))
	596	{
	597	$this->db_functions->remove_pref_changepassword($new_values['uidnumber']);
[414]	598	$this->db_functions->write_log("turn of changepassword",$dn);
[2]	599	}
	600	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	601	// ACCOUNT STATUS
	602	if (($old_values['phpgwaccountstatus'] == '') && ($new_values['phpgwaccountstatus'] != ''))
	603	{
	604	$ldap_add['phpgwaccountstatus'] = 'A';
[414]	605	$this->db_functions->write_log("turn on user account",$dn);
[2]	606	}
	607	if (($old_values['phpgwaccountstatus'] != '') && ($new_values['phpgwaccountstatus'] == ''))
	608	{
	609	$ldap_remove['phpgwaccountstatus'] = array();
[414]	610	$this->db_functions->write_log("turn off user account",$dn);
[2]	611	}
[548]	612
	613	if ($new_values['phpgwaccountexpired'] == '1') /////////////////////////
	614	{
[621]	615	$this->db_functions->write_log("Reactivated blocked user by downtime",'',$dn,'','');
[597]	616	$this->db_functions->reactivate_inactive_user($old_values['uidnumber']);
[548]	617	}
[2]	618	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	619	// ACCOUNT VISIBLE
	620	if (($old_values['phpgwaccountvisible'] == '') && ($new_values['phpgwaccountvisible'] != ''))
	621	{
	622	$ldap_add['phpgwaccountvisible'] = '-1';
[414]	623	$this->db_functions->write_log("turn on phpgwaccountvisible",$dn);
[2]	624	}
	625	if (($old_values['phpgwaccountvisible'] != '') && ($new_values['phpgwaccountvisible'] == ''))
	626	{
	627	$ldap_remove['phpgwaccountvisible'] = array();
[414]	628	$this->db_functions->write_log("turn off phpgwaccountvisible",$dn);
[2]	629	}
	630	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	631	// Mail Account STATUS
	632	if (($old_values['accountstatus'] == '') && ($new_values['accountstatus'] != ''))
	633	{
	634	$ldap_add['accountstatus'] = 'active';
[414]	635	$this->db_functions->write_log("turn on user account email",$dn);
[2]	636	}
	637	if (($old_values['accountstatus'] != '') && ($new_values['accountstatus'] == ''))
	638	{
	639	$ldap_remove['accountstatus'] = array();
[414]	640	$this->db_functions->write_log("turn off user account email",$dn);
[2]	641	}
	642	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	643	// MAILALTERNATEADDRESS
[81]	644	if (!$new_values['mailalternateaddress'])
	645	$new_values['mailalternateaddress'] = array();
	646	if (!$old_values['mailalternateaddress'])
	647	$old_values['mailalternateaddress'] = array();
	648	$add_mailalternateaddress = array_diff($new_values['mailalternateaddress'], $old_values['mailalternateaddress']);
	649	$remove_mailalternateaddress = array_diff($old_values['mailalternateaddress'], $new_values['mailalternateaddress']);
	650	foreach ($add_mailalternateaddress as $index=>$mailalternateaddress)
	651	{
	652	if ($mailalternateaddress != '')
	653	{
	654	$ldap_add['mailalternateaddress'][] = $mailalternateaddress;
[414]	655	$this->db_functions->write_log("added mailalternateaddress","$dn: $mailalternateaddress");
[81]	656	}
	657	}
	658	foreach ($remove_mailalternateaddress as $index=>$mailalternateaddress)
	659	{
	660	if ($mailalternateaddress != '')
	661	{
	662	if ($index !== 'count')
	663	{
	664	$ldap_remove['mailalternateaddress'][] = $mailalternateaddress;
[414]	665	$this->db_functions->write_log("removed mailalternateaddress","$dn: $mailalternateaddress");
[81]	666	}
	667	}
	668	}
	669
	670	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	671	// MAILFORWARDINGADDRESS
	672	if (!$new_values['mailforwardingaddress'])
	673	$new_values['mailforwardingaddress'] = array();
	674	if (!$old_values['mailforwardingaddress'])
	675	$old_values['mailforwardingaddress'] = array();
	676	$add_mailforwardingaddress = array_diff($new_values['mailforwardingaddress'], $old_values['mailforwardingaddress']);
	677	$remove_mailforwardingaddress = array_diff($old_values['mailforwardingaddress'], $new_values['mailforwardingaddress']);
	678	foreach ($add_mailforwardingaddress as $index=>$mailforwardingaddress)
	679	{
	680	if ($mailforwardingaddress != '')
	681	{
	682	$ldap_add['mailforwardingaddress'][] = $mailforwardingaddress;
[414]	683	$this->db_functions->write_log("added mailforwardingaddress","$dn: $mailforwardingaddress");
[81]	684	}
	685	}
	686	foreach ($remove_mailforwardingaddress as $index=>$mailforwardingaddress)
	687	{
	688	if ($mailforwardingaddress != '')
	689	{
	690	if ($index !== 'count')
	691	{
	692	$ldap_remove['mailforwardingaddress'][] = $mailforwardingaddress;
[414]	693	$this->db_functions->write_log("removed mailforwardingaddress","$dn: $mailforwardingaddress");
[81]	694	}
	695	}
	696	}
	697
	698	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
[2]	699	// Delivery Mode
	700	if (($old_values['deliverymode'] == '') && ($new_values['deliverymode'] != ''))
	701	{
	702	$ldap_add['deliverymode'] = 'forwardOnly';
[414]	703	$this->db_functions->write_log("added forwardOnly", $dn);
[2]	704	}
	705	if (($old_values['deliverymode'] != '') && ($new_values['deliverymode'] == ''))
	706	{
	707	$ldap_remove['deliverymode'] = array();
[414]	708	$this->db_functions->write_log("removed forwardOnly", $dn);
[2]	709	}
	710	}
	711
	712	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	713	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'change_users_quote')) )
	714	{
	715	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	716	// MAILQUOTA
[520]	717	if ( ($new_values['mailquota'] != $old_values['mailquota']) && (is_numeric($new_values['mailquota'])) )
[2]	718	{
[520]	719	$result_change_user_quota = $this->imap_functions->change_user_quota($new_values['uid'], $new_values['mailquota']);
	720
	721	if ($result_change_user_quota['status'])
	722	{
	723	$this->db_functions->write_log("modified user email quota" , $dn . ':' . $old_values['mailquota'] . '->' . $new_values['mailquota']);
	724	}
	725	else
	726	{
	727	$return['status'] = false;
	728	$return['msg'] .= $result_change_user_quota['msg'];
	729	}
[2]	730	}
	731	}
[63]	732
[2]	733	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
	734	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes')) )
	735	{
	736	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	737	// REMOVE ATTRS OF SAMBA
	738	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] != 'on'))
	739	{
	740	$ldap_remove['objectclass'] = 'sambaSamAccount';
	741	$ldap_remove['loginShell'] = array();
	742	$ldap_remove['sambaSID'] = array();
	743	$ldap_remove['sambaPrimaryGroupSID'] = array();
	744	$ldap_remove['sambaAcctFlags'] = array();
	745	$ldap_remove['sambaLogonScript'] = array();
	746	$ldap_remove['sambaLMPassword'] = array();
	747	$ldap_remove['sambaNTPassword'] = array();
	748	$ldap_remove['sambaPasswordHistory'] = array();
	749	$ldap_remove['sambaPwdCanChange'] = array();
	750	$ldap_remove['sambaPwdLastSet'] = array();
	751	$ldap_remove['sambaPwdMustChange'] = array();
[414]	752	$this->db_functions->write_log("removed user samba attributes", $dn);
[2]	753	}
	754	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	755	// ADD ATTRS OF SAMBA
	756	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && (!$new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
	757	{
	758	if (!is_file('/home/expressolivre/mkntpwd'))
	759	{
	760	$return['status'] = false;
[507]	761	$return['msg'] .= $this->functions->lang("The file /home/expressolivre/mkntpwd does not exist") . ".\n";
	762	$return['msg'] .= $this->functions->lang("It is necessery to create samba passwords") . ".\n";
	763	$return['msg'] .= $this->functions->lang("Inform your system administrator about this") . ".\n";
[2]	764	}
	765	else
	766	{
	767	$ldap_add['objectClass'][] = 'sambaSamAccount';
	768	$ldap_mod_replace['loginShell'] = '/bin/bash';
[47]	769	$ldap_add['sambaSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['uidnumber'])+1000);
	770	$ldap_add['sambaPrimaryGroupSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['gidnumber'])+1001);
[2]	771	$ldap_add['sambaAcctFlags'] = $new_values['sambaacctflags'];
	772	$ldap_add['sambaLogonScript'] = $new_values['sambalogonscript'];
	773	$ldap_mod_replace['homeDirectory'] = $new_values['sambahomedirectory'];
	774	$ldap_add['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.'senha');
	775	$ldap_add['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.'senha');
	776	$ldap_add['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
	777	$ldap_add['sambaPwdCanChange'] = strtotime("now");
	778	$ldap_add['sambaPwdLastSet'] = strtotime("now");
	779	$ldap_add['sambaPwdMustChange'] = '2147483647';
[414]	780	$this->db_functions->write_log("added user samba attribute", $dn);
[2]	781	}
	782	}
	783	}
	784
	785	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	786	// GROUPS
[379]	787	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_groups'))
[2]	788	{
[379]	789	// If the manager does not have the suficient access, the new_values.uid is empty.
	790	if (empty($new_values['uid']))
	791	$user_uid = $old_values['uid'];
	792	else
	793	$user_uid = $new_values['uid'];
	794
[2]	795	if (!$new_values['groups'])
	796	$new_values['groups'] = array();
	797	if (!$old_values['groups'])
	798	$old_values['groups'] = array();
	799
	800	$add_groups = array_diff($new_values['groups'], $old_values['groups']);
	801	$remove_groups = array_diff($old_values['groups'], $new_values['groups']);
	802
	803	if (count($add_groups)>0)
	804	{
	805	foreach($add_groups as $gidnumber)
	806	{
	807	$this->db_functions->add_user2group($gidnumber, $new_values['uidnumber']);
[379]	808	$this->ldap_functions->add_user2group($gidnumber, $user_uid);
[438]	809	$this->db_functions->write_log("included user to group", "uid:$user_uid -> gid:$gidnumber");
[2]	810	}
	811	}
[64]	812
[2]	813	if (count($remove_groups)>0)
	814	{
	815	foreach($remove_groups as $gidnumber)
	816	{
	817	foreach($old_values['groups_info'] as $group)
	818	{
	819	if (($group['gidnumber'] == $gidnumber) && ($group['group_disabled'] == 'false'))
	820	{
	821	$this->db_functions->remove_user2group($gidnumber, $new_values['uidnumber']);
[379]	822	$this->ldap_functions->remove_user2group($gidnumber, $user_uid);
[414]	823	$this->db_functions->write_log("removed user from group", "$dn: $gidnumber");
[2]	824	}
	825	}
	826	}
	827	}
	828	}
	829	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	830	// LDAP_MOD_REPLACE
	831	if (count($ldap_mod_replace))
	832	{
	833	$result = $this->ldap_functions->replace_user_attributes($dn, $ldap_mod_replace);
	834	if (!$result['status'])
	835	{
	836	$return['status'] = false;
	837	$return['msg'] .= $result['msg'];
	838	}
	839	}
	840
	841	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	842	// LDAP_MOD_ADD
	843	if (count($ldap_add))
	844	{
	845	$result = $this->ldap_functions->add_user_attributes($dn, $ldap_add);
	846	if (!$result['status'])
	847	{
	848	$return['status'] = false;
	849	$return['msg'] .= $result['msg'];
	850	}
	851	}
	852
	853	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	854	// LDAP_MOD_REMOVE
	855	if (count($ldap_remove))
	856	{
	857	$result = $this->ldap_functions->remove_user_attributes($dn, $ldap_remove);
	858	if (!$result['status'])
	859	{
	860	$return['status'] = false;
	861	$return['msg'] .= $result['msg'];
	862	}
	863	}
	864	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	865
	866
	867	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
	868	{
	869	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	870	// MAILLISTS
	871	if (!$new_values['maillists'])
	872	$new_values['maillists'] = array();
	873	if (!$old_values['maillists'])
	874	$old_values['maillists'] = array();
[64]	875
[2]	876	$add_maillists = array_diff($new_values['maillists'], $old_values['maillists']);
	877	$remove_maillists = array_diff($old_values['maillists'], $new_values['maillists']);
	878
	879	if (count($add_maillists)>0)
	880	{
[208]	881	foreach($add_maillists as $uid)
[2]	882	{
[208]	883	$this->ldap_functions->add_user2maillist($uid, $new_values['mail']);
[438]	884	$this->db_functions->write_log("included user to maillist","$uid: $dn");
[2]	885	}
	886	}
[414]	887
[2]	888	if (count($remove_maillists)>0)
	889	{
[208]	890	foreach($remove_maillists as $uid)
[2]	891	{
[208]	892	$this->ldap_functions->remove_user2maillist($uid, $new_values['mail']);
[414]	893	$this->db_functions->write_log("removed user from maillist","$dn: $uid");
[2]	894	}
	895	}
	896
	897	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	898	// APPS
	899	$new_values2 = array();
	900	$old_values2 = array();
	901	if (count($new_values['apps'])>0)
	902	{
	903	foreach ($new_values['apps'] as $app=>$tmp)
	904	{
	905	$new_values2[] = $app;
	906	}
	907	}
	908	if (count($old_values['apps'])>0)
	909	{
	910	foreach ($old_values['apps'] as $app=>$tmp)
	911	{
	912	$old_values2[] = $app;
	913	}
	914	}
	915	$add_apps = array_flip(array_diff($new_values2, $old_values2));
	916	$remove_apps = array_flip(array_diff($old_values2, $new_values2));
	917
	918	if (count($add_apps)>0)
	919	{
	920	$this->db_functions->add_id2apps($new_values['uidnumber'], $add_apps);
[9]	921
	922	foreach ($add_apps as $app => $index)
[414]	923	$this->db_functions->write_log("added application to user","$dn: $app");
[2]	924	}
	925	if (count($remove_apps)>0)
	926	{
[9]	927	//Verifica se o gerente tem acesso a aplicação antes de remove-la do usuario.
	928	$manager_apps = $this->db_functions->get_apps($_SESSION['phpgw_session']['session_lid']);
	929
	930	foreach ($remove_apps as $app => $app_index)
	931	{
	932	if ($manager_apps[$app] == 'run')
	933	$remove_apps2[$app] = $app_index;
	934	}
	935	$this->db_functions->remove_id2apps($new_values['uidnumber'], $remove_apps2);
	936
	937	foreach ($remove_apps2 as $app => $access)
[414]	938	$this->db_functions->write_log("removed application to user","$dn: $app");
[2]	939	}
	940	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
	941	}
	942	return $return;
	943	}
	944
[64]	945	function get_user_info($uidnumber)
[2]	946	{
[507]	947	if (!$user_info_ldap = $this->ldap_functions->get_user_info($uidnumber))
	948	return false;
[2]	949	$user_info_db1 = $this->db_functions->get_user_info($uidnumber);
[64]	950	$user_info_db2 = $this->ldap_functions->gidnumbers2cn($user_info_db1['groups']);
[2]	951	$user_info_imap = $this->imap_functions->get_user_info($user_info_ldap['uid']);
	952	$user_info = array_merge($user_info_ldap, $user_info_db1, $user_info_db2, $user_info_imap);
	953	return $user_info;
	954	}
	955
	956	function set_user_default_password($params)
	957	{
[458]	958	$return['status'] = 1;
[2]	959	$uid = $params['uid'];
	960	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
	961
	962	if (!$this->db_functions->default_user_password_is_set($uid))
	963	{
	964	$userPassword = $this->ldap_functions->set_user_password($uid, $defaultUserPassword);
	965	$this->db_functions->set_user_password($uid, $userPassword);
[458]	966	$this->db_functions->write_log("inserted default password",$uid);
[2]	967	}
	968	else
	969	{
[458]	970	$return['status'] = 0;
	971	$return['msg'] = $this->functions->lang('default password already registered') . '!';
[2]	972	}
	973
	974	return $return;
	975	}
	976
	977	function return_user_password($params)
	978	{
[458]	979	$return['status'] = 1;
[2]	980	$uid = $params['uid'];
	981
	982	if ($this->db_functions->default_user_password_is_set($uid))
	983	{
	984	$userPassword = $this->db_functions->get_user_password($uid);
	985	$this->ldap_functions->set_user_password($uid, $userPassword);
	986	}
	987	else
	988	{
[458]	989	$return['status'] = 0;
	990	$return['msg'] = $this->functions->lang('default password not registered') . '!';
[2]	991	}
	992
[414]	993	$this->db_functions->write_log("returned user password",$uid);
[2]	994
	995	return $return;
	996	}
	997
	998	function delete($params)
	999	{
	1000	$return['status'] = true;
[507]	1001	$this->db_functions->write_log('delete user: start', $params['uid']);
[2]	1002
	1003	// Verifica o acesso do gerente
	1004	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'delete_users'))
	1005	{
	1006	$uidnumber = $params['uidnumber'];
[507]	1007	if (!$user_info = $this->get_user_info($uidnumber))
	1008	{
	1009	$this->db_functions->write_log('delete user: error getting users info', $user_info['uid']);
	1010	$return['status'] = false;
	1011	$return['msg'] = $this->functions->lang('error getting users info');
	1012	return $return;
	1013	}
	1014
[2]	1015	//LDAP
	1016	$result_ldap = $this->ldap_functions->delete_user($user_info);
	1017	if (!$result_ldap['status'])
	1018	{
	1019	$return['status'] = false;
[507]	1020	$return['msg'] = 'user.delete(ldap): ' . $result_ldap['msg'];
	1021	return $return;
[2]	1022	}
[64]	1023	else
[2]	1024	{
[6186]	1025
[507]	1026	$this->db_functions->write_log("deleted users data from ldap", $user_info['uid']);
	1027
[64]	1028	//DB
	1029	$result_db = $this->db_functions->delete_user($user_info);
	1030	if (!$result_db['status'])
	1031	{
	1032	$return['status'] = false;
[507]	1033	$return['msg'] .= 'user.delete(db): ' . $result_db['msg'];
[64]	1034	}
[507]	1035	else
	1036	{
	1037	$this->db_functions->write_log("deleted users data from DB", $user_info['uid']);
	1038	}
	1039
[64]	1040	//IMAP
[1913]	1041	$result_imap = $this->imap_functions->delete_mailbox($user_info['uid']);
[64]	1042	if (!$result_imap['status'])
	1043	{
	1044	$return['status'] = false;
[507]	1045	$return['msg'] .= $result_imap['msg'];
[64]	1046	}
[507]	1047	else
	1048	{
	1049	$this->db_functions->write_log("deleted users data from IMAP", $user_info['uid']);
	1050	}
	1051
[6186]	1052	//GERENTE
	1053	$result_db_manager = $this->db_functions->delete_manager($user_info['uid'], $params['uidnumber']);
	1054	if (!$result_db_manager['status'])
	1055	{
	1056	$return['status'] = false;
	1057	$return['msg'] .= $result_imap['msg'];
	1058	}
	1059	else
	1060	{
	1061	$this->db_functions->write_log("deleted manager data from BD", $user_info['uid']);
	1062	}
[2]	1063	}
	1064	}
[507]	1065	else
	1066	{
	1067	$this->db_functions->write_log('delete user: manager does not have access', $params['uidnumber']);
	1068	}
[2]	1069
[507]	1070	$this->db_functions->write_log('delete user: end', $user_info['uid']);
[2]	1071	return $return;
	1072	}
	1073
	1074
	1075	function rename($params)
	1076	{
	1077	$return['status'] = true;
[64]	1078
	1079	// Verifica acesso do gerente (OU) ao tentar renomear um usuário.
	1080	if ( ! $this->ldap_functions->check_access_to_renamed($params['uid']) )
	1081	{
	1082	$return['status'] = false;
[507]	1083	$return['msg'] .= $this->functions->lang('You do not have access to delete user') . '.';
[64]	1084	return $return;
	1085	}
[2]	1086
[414]	1087	// Check if the new_uid is in use.
[396]	1088	if ( ! $this->ldap_functions->check_rename_new_uid($params['new_uid']) )
	1089	{
	1090	$return['status'] = false;
[507]	1091	$return['msg'] = $this->functions->lang('New login already in use') . '.';
[396]	1092	return $return;
	1093	}
	1094
[2]	1095	// Verifica o acesso do gerente
	1096	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'rename_users'))
	1097	{
	1098	$uid = $params['uid'];
	1099	$new_uid = $params['new_uid'];
	1100	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
	1101	$defaultUserPassword_plain = $this->current_config['expressoAdmin_defaultUserPassword'];
	1102
	1103	$emailadmin_profiles = $this->db_functions->get_sieve_info();
	1104	$sieve_enable = $emailadmin_profiles[0]['imapenablesieve'];
	1105	$sieve_server = $emailadmin_profiles[0]['imapsieveserver'];
	1106	$sieve_port = $emailadmin_profiles[0]['imapsieveport'];
	1107
	1108	$imap_admin = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminUsername'];
	1109	$imap_passwd = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminPW'];
	1110	$imap_server = $_SESSION['phpgw_info']['expresso']['email_server']['imapServer'];
	1111	$imap_port = $_SESSION['phpgw_info']['expresso']['email_server']['imapPort'];
	1112	$imapDelimiter = $_SESSION['phpgw_info']['expresso']['email_server']['imapDelimiter'];
	1113
	1114	//Verifica se está sendo usuado cyrus 2.2 ou superior
	1115	$sk = fsockopen ($imap_server,$imap_port);
	1116	$server_resp = fread($sk, 100);
[5593]	1117	$tmp = preg_split('/v2./', $server_resp);
[2]	1118	$cyrus_version = '2' . $tmp[1][0];
	1119
[5693]	1120	if ( $cyrus_version < intVal('2.2') )
[2]	1121	{
[396]	1122	$return['status'] = false;
[414]	1123	$return['msg'] = "The rename user is only permitted with cyrus 2.2 or higher,";
	1124	$return['msg'] .= "\nand with the option 'allowusermoves: yes' set in imapd.conf.";
	1125
	1126
[396]	1127	return $return;
	1128	}
	1129
	1130	// Renomeia UID no openldap
	1131	$result = $this->ldap_functions->rename_uid($uid, $new_uid);
	1132	if (!$result['status'])
	1133	{
	1134	$return['status'] = false;
[507]	1135	$return['msg'] = $this->functions->lang("Error rename user in LDAP") . '.';
[396]	1136	return $return;
	1137	}
	1138
	1139	//Renomeia mailbox
[507]	1140	$imap_rename_result = $this->imap_functions->rename_mailbox($uid, $new_uid);
	1141	if (!$imap_rename_result['status'])
[396]	1142	{
	1143	// Back user uid.
	1144	$result = $this->ldap_functions->rename_uid($new_uid, $uid);
	1145
	1146	$return['status'] = false;
[507]	1147	$return['msg'] = $this->functions->lang("Error renaming user mailboxes") . ".\n";
	1148	$return['msg'] .= $imap_rename_result['msg'];
[396]	1149	return $return;
	1150	}
[507]	1151
[396]	1152
	1153	// Renomeia sieve script
	1154	include_once('sieve-php.lib.php');
[507]	1155	//function sieve($host, $port, $user, $pass, $auth="", $auth_types)
	1156	$sieve=new sieve($sieve_server, $sieve_port, $new_uid, $imap_passwd, $imap_admin, 'PLAIN');
[30]	1157
[396]	1158	if ($sieve->sieve_login())
	1159	{
	1160	$sieve->sieve_listscripts();
	1161	$myactivescript=$sieve->response["ACTIVE"];
	1162	$sieve->sieve_getscript($myactivescript);
	1163
	1164	$script = '';
	1165	if (!empty($sieve->response))
[30]	1166	{
	1167	foreach($sieve->response as $result)
	1168	{
	1169	$script .= $result;
	1170	}
[396]	1171	}
[507]	1172
	1173	if (!empty($script))
[396]	1174	{
[507]	1175	$scriptname = $new_uid;
	1176	if($sieve->sieve_sendscript($new_uid,$script))
[30]	1177	{
[507]	1178	if ($sieve->sieve_setactivescript($new_uid))
	1179	{
	1180	if (!$sieve->sieve_deletescript($myactivescript))
	1181	{
	1182	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1183	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem deleting old script") . '.';
	1184	}
	1185	}
	1186	else
	1187	{
	1188	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1189	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem activating sieve script") . '.';
	1190	}
[30]	1191	}
[507]	1192	else
	1193	{
	1194	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1195	$return['msg'] .= $result['msg'] . $this->functions->lang("Problem saving sieve script") . '.';
	1196	}
[30]	1197	}
[396]	1198	$sieve->sieve_logout();
	1199	}
	1200	else
	1201	{
	1202	$return['status'] = false;
[507]	1203	$return['msg'] .= $result['msg'] . $this->functions->lang("Error renaming sieve script") . ".\\n";
	1204	$return['msg'] .= $result['msg'] . $this->functions->lang("Can not login sieve") . '.';
[396]	1205	}
[30]	1206
[414]	1207	$this->db_functions->write_log("renamed user", "$uid -> $new_uid");
[2]	1208
[396]	1209	$return['exec_return'] = "";
	1210
[64]	1211	return $return;
[2]	1212	}
	1213	}
[63]	1214
	1215	function write_log_from_ajax($params)
	1216	{
	1217	$this->db_functions->write_log($params['_action'],'',$params['userinfo'],'','');
	1218	return true;
	1219	}
[2]	1220	}
[548]	1221	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: