Context Navigation

source: trunk/expressoAdmin1_2/inc/class.user.inc.php @ 2

Revision 2, 37.7 KB checked in by niltonneto, 17 years ago (diff)
Removida todas as tags usadas pelo CVS ($Id, $Source). Primeira versão no CVS externo.
Property svn:eol-style set to `native` Property svn:executable set to ``*

Line
1	<?php
2	/**********************************************************************************\
3	* Expresso Administração *
4	* by Joao Alfredo Knopik Junior (joao.alfredo@gmail.com, jakjr@celepar.pr.gov.br) *
5	* --------------------------------------------------------------------------------*
6	* This program is free software; you can redistribute it and/or modify it *
7	* under the terms of the GNU General Public License as published by the *
8	* Free Software Foundation; either version 2 of the License, or (at your *
9	* option) any later version. *
10	\**********************************************************************************/
11
12	include_once('class.ldap_functions.inc.php');
13	include_once('class.db_functions.inc.php');
14	include_once('class.imap_functions.inc.php');
15	include_once('class.functions.inc.php');
16
17	class user
18	{
19	var $ldap_functions;
20	var $db_functions;
21	var $imap_functions;
22	var $functions;
23	var $current_config;
24
25
26	function user()
27	{
28	$this->ldap_functions = new ldap_functions;
29	$this->db_functions = new db_functions;
30	$this->imap_functions = new imap_functions;
31	$this->functions = new functions;
32	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
33	}
34
35	function create($params)
36	{
37	$return['status'] = true;
38
39	// Verifica o acesso do gerente
40	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'add_users'))
41	{
42	// Adiciona a organização na frente do uid.
43	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
44	{
45	$context_dn = ldap_explode_dn(strtolower($GLOBALS['phpgw_info']['server']['ldap_context']), 1);
46
47	$explode_dn = ldap_explode_dn(strtolower($params['context']), 1);
48	$explode_dn = array_reverse($explode_dn);
49	//$params['uid'] = $explode_dn[3] . '-' . $params['uid'];
50	$params['uid'] = $explode_dn[$context_dn['count']] . '-' . $params['uid'];
51	}
52
53	// Pega ID do BD e incrementa de 1.
54	$id = (($this->db_functions->get_next_id()) + 1);
55
56	// Incrementa o id no BD.
57	$this->db_functions->increment_id($id,'accounts');
58
59	// Cria array para incluir no LDAP
60	$dn = 'uid=' . $params['uid'] . ',' . $params['context'];
61
62	$user_info = array();
63	$user_info['accountStatus'] = $params['accountstatus'] == 1 ? 'active' : 'desactive';
64	$user_info['cn'] = $params['givenname'] . ' ' . $params['sn'];
65	$user_info['gidNumber'] = $params['gidnumber'];
66	$user_info['givenName'] = $params['givenname'];
67	$user_info['homeDirectory'] = '/home/' . $params['uid'];
68	$user_info['mail'] = $params['mail'];
69	$user_info['objectClass'][] = 'posixAccount';
70	$user_info['objectClass'][] = 'inetOrgPerson';
71	$user_info['objectClass'][] = 'shadowAccount';
72	$user_info['objectClass'][] = 'qmailuser';
73	$user_info['objectClass'][] = 'phpgwAccount';
74	$user_info['objectClass'][] = 'top';
75	$user_info['objectClass'][] = 'person';
76	$user_info['objectClass'][] = 'organizationalPerson';
77	$user_info['phpgwAccountExpires'] = '-1';
78	$user_info['phpgwAccountType'] = 'u';
79	$user_info['sn'] = $params['sn'];
80	$user_info['uid'] = $params['uid'];
81	$user_info['uidnumber'] = $id;
82	$user_info['userPassword'] = '{md5}' . base64_encode(pack("H*",md5($params['password1'])));
83
84	if ($params['phpgwaccountstatus'] == '1')
85	$user_info['phpgwAccountStatus'] = 'A';
86
87	if ($params['departmentnumber'] != '')
88	$user_info['departmentnumber'] = $params['departmentnumber'];
89
90	if ($params['telephonenumber'] != '')
91	$user_info['telephoneNumber'] = $params['telephonenumber'];
92
93	// Cria user_info no caso de ter alias e forwarding email.
94	if ($params['mailalternateaddress'] != '')
95	$user_info['mailAlternateAddress'] = $params['mailalternateaddress'];
96
97	if ($params['mailforwardingaddress'] != '')
98	$user_info['mailForwardingAddress'] = $params['mailforwardingaddress'];
99
100	if ($params['deliverymode'])
101	$user_info['deliveryMode'] = 'forwardOnly';
102
103	//Ocultar da pesquisa e do catálogo
104	if ($params['phpgwaccountvisible'])
105	$user_info['phpgwAccountVisible'] = '-1';
106
107	// Suporte ao SAMBA
108	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($params['use_attrs_samba'] == 'on'))
109	{
110	//Verifica se o binario para criar as senhas do samba exite.
111	if (!is_file('/home/expressolivre/mkntpwd'))
112	{
113	$return['status'] = false;
114	$return['msg'] .= "O arquivo binário /home/expressolivre/mkntpwd não exite.\\nEle é necessário para a criação das senhas usadas pelo SAMBA.\\nInforme o administrador ExpressoLivre sobre isto.";
115	}
116	else
117	{
118	$user_info['objectClass'][] = 'sambaSamAccount';
119
120	$user_info['loginShell'] = '/bin/bash';
121	$user_info['sambaSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $id)+1000);
122	$user_info['sambaPrimaryGroupSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $user_info['gidNumber'])+1001);
123	$user_info['sambaAcctFlags'] = $params['sambaacctflags'];
124
125	$user_info['sambaLogonScript'] = $params['sambalogonscript'];
126	$user_info['homeDirectory'] = $params['sambahomedirectory'];
127
128	$user_info['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.$params['password1']);
129	$user_info['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.$params['password1']);
130	$user_info['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
131
132	$user_info['sambaPwdCanChange'] = strtotime("now");
133	$user_info['sambaPwdLastSet'] = strtotime("now");
134	$user_info['sambaPwdMustChange'] = '2147483647';
135	}
136	}
137	$result = $this->ldap_functions->ldap_add_entry($dn, $user_info);
138	if (!$result['status'])
139	{
140	$return['status'] = false;
141	$return['msg'] .= $result['msg'];
142	}
143
144	// Chama funcao para salvar foto no OpenLDAP.
145	if ($_FILES['photo']['name'] != '')
146	{
147	$result = $this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name']);
148	if (!$result['status'])
149	{
150	$return['status'] = false;
151	$return['msg'] .= $result['msg'];
152	}
153	}
154
155	//GROUPS
156	if ($params['groups'])
157	{
158	foreach ($params['groups'] as $gidnumber)
159	{
160	$result = $this->ldap_functions->add_user2group($gidnumber, $user_info['uid']);
161	if (!$result['status'])
162	{
163	$return['status'] = false;
164	$return['msg'] .= $result['msg'];
165	}
166	$result = $this->db_functions->add_user2group($gidnumber, $id);
167	if (!$result['status'])
168	{
169	$return['status'] = false;
170	$return['msg'] .= $result['msg'];
171	}
172	}
173	}
174
175	// Inclusao do Mail do usuário nas listas de email selecionadas.
176	if ($params['maillists'])
177	{
178	foreach($params['maillists'] as $uidnumber)
179	{
180	$result = $this->ldap_functions->add_user2maillist($uidnumber, $user_info['mail']);
181	if (!$result['status'])
182	{
183	$return['status'] = false;
184	$return['msg'] .= $result['msg'];
185	}
186	}
187	}
188
189	// APPS
190	if (count($params['apps']))
191	{
192	$result = $this->db_functions->add_id2apps($id, $params['apps']);
193	if (!$result['status'])
194	{
195	$return['status'] = false;
196	$return['msg'] .= $result['msg'];
197	}
198	}
199
200	// Chama funcao para incluir no pgsql as preferencia de alterar senha.
201	if ($params['changepassword'])
202	{
203	$result = $this->db_functions->add_pref_changepassword($id);
204	if (!$result['status'])
205	{
206	$return['status'] = false;
207	$return['msg'] .= $result['msg'];
208	}
209	}
210
211	// Chama funcao para criar mailbox do usuario, no imap-cyrus.
212	$result = $this->imap_functions->create($params['uid'], $params['mailquota']);
213	if (!$result['status'])
214	{
215	$return['status'] = false;
216	$return['msg'] .= $result['msg'];
217	}
218
219	$this->db_functions->write_log('criado usuario','',$dn,'','');
220	}
221
222	return $return;
223	}
224
225	function save($new_values)
226	{
227	$return['status'] = true;
228
229	$old_values = $this->get_user_info($new_values['uidnumber'], $new_values['manager_context']);
230	$dn = 'uid=' . $old_values['uid'] . ',' . strtolower($old_values['context']);
231
232	$diff = array_diff($new_values, $old_values);
233
234	// Verifica o acesso do gerente
235	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
236	{
237	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
238	// Change user organization
239	if ($diff['context'])
240	{
241	$newrdn = 'uid=' . $new_values['uid'];
242	$newparent = $new_values['context'];
243	$result = $this->ldap_functions->change_user_context($dn, $newrdn, $newparent);
244	if (!$result['status'])
245	{
246	$return['status'] = false;
247	$return['msg'] .= $result['msg'];
248	}
249	else
250	{
251	$dn = $newrdn . ',' . $newparent;
252	$this->db_functions->write_log('alterado contexto do usuario','',$dn,'','');
253	}
254	}
255
256	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
257	// REPLACE some attributes
258	if ($diff['givenname'])
259	{
260	$ldap_mod_replace['givenname'] = $new_values['givenname'];
261	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
262	$this->db_functions->write_log("alterado givenname do usuario",'',$dn,'','');
263	}
264	if ($diff['sn'])
265	{
266	$ldap_mod_replace['sn'] = $new_values['sn'];
267	$ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn'];
268	$this->db_functions->write_log("alterado sn do usuario",'',$dn,'','');
269	}
270	if ($diff['mail'])
271	{
272	$ldap_mod_replace['mail'] = $new_values['mail'];
273	$this->ldap_functions->replace_user2maillists($new_values['mail'], $old_values['mail']);
274	$this->db_functions->write_log("alterado mail do usuario",'',$dn,'','');
275	}
276	if (($diff['mailalternateaddress']) && ($old_values['mailalternateaddress'] != ''))
277	{
278	$ldap_mod_replace['mailalternateaddress'] = $new_values['mailalternateaddress'];
279	$this->db_functions->write_log("alterado mailalternateaddress do usuario",'',$dn,'','');
280	}
281	if (($diff['mailforwardingaddress']) && ($old_values['mailforwardingaddress'] != ''))
282	{
283	$ldap_mod_replace['mailforwardingaddress'] = $new_values['mailforwardingaddress'];
284	$this->db_functions->write_log("alterado mailforwardingaddress do usuario",'',$dn,'','');
285	}
286	if (($diff['telephonenumber']) && ($old_values['telephonenumber'] != ''))
287	{
288	$ldap_mod_replace['telephonenumber'] = $new_values['telephonenumber'];
289	$this->db_functions->write_log("alterado telephonenumber do usuario",'',$dn,'','');
290	}
291	}
292
293	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
294	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'change_users_password')) )
295	{
296	if ($diff['password1'])
297	{
298	$ldap_mod_replace['userPassword'] = '{md5}' . base64_encode(pack("H*",md5($new_values['password1'])));
299	// Suporte ao SAMBA
300	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
301	{
302	$ldap_mod_replace['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.$new_values['password1']);
303	$ldap_mod_replace['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.$new_values['password1']);
304	}
305	$this->db_functions->write_log("alterado password do usuario",'',$dn,'','');
306	}
307	}
308
309	//Suporte ao SAMBA
310	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
311	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes')) )
312	{
313	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
314	{
315	if ($diff['sambaacctflags'])
316	{
317	$ldap_mod_replace['sambaacctflags'] = $new_values['sambaacctflags'];
318	$this->db_functions->write_log("alterado sambaacctflags do usuario",'',$dn,'','');
319	}
320	if ($diff['sambalogonscript'])
321	{
322	$ldap_mod_replace['sambalogonscript'] = $new_values['sambalogonscript'];
323	$this->db_functions->write_log("alterado sambalogonscript do usuario",'',$dn,'','');
324	}
325	if ($diff['sambahomedirectory'])
326	{
327	$ldap_mod_replace['homedirectory'] = $new_values['sambahomedirectory'];
328	$this->db_functions->write_log("alterado homedirectory do usuario",'',$dn,'','');
329	}
330	}
331	}
332
333	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
334	// ADD ou REMOVE some attributes
335	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
336
337	// Verifica o acesso ára adicionar ou remover tais atributos
338	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
339	{
340	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
341	// TELEPHONE
342	if (($old_values['telephonenumber'] == '') && ($new_values['telephonenumber'] != ''))
343	{
344	$ldap_add['telephonenumber'] = $new_values['telephonenumber'];
345	$this->db_functions->write_log("adicionado telephonenumber ao usuario",'',$dn,'','');
346	}
347	if (($old_values['telephonenumber'] != '') && ($new_values['telephonenumber'] == ''))
348	{
349	$ldap_remove['telephonenumber'] = array();
350	$this->db_functions->write_log("removido telephonenumber do usuario",'',$dn,'','');
351	}
352	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
353	// PREF_CHANGEPASSWORD
354	if (($old_values['changepassword'] == '') && ($new_values['changepassword'] != ''))
355	{
356	$this->db_functions->add_pref_changepassword($new_values['uidnumber']);
357	$this->db_functions->write_log("adicionado changepassword ao usuario",'',$dn,'','');
358	}
359	if (($old_values['changepassword'] != '') && ($new_values['changepassword'] == ''))
360	{
361	$this->db_functions->remove_pref_changepassword($new_values['uidnumber']);
362	$this->db_functions->write_log("removido changepassword do usuario",'',$dn,'','');
363	}
364	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
365	// ACCOUNT STATUS
366	if (($old_values['phpgwaccountstatus'] == '') && ($new_values['phpgwaccountstatus'] != ''))
367	{
368	$ldap_add['phpgwaccountstatus'] = 'A';
369	$this->db_functions->write_log("ativado conta do usuario",'',$dn,'','');
370	}
371	if (($old_values['phpgwaccountstatus'] != '') && ($new_values['phpgwaccountstatus'] == ''))
372	{
373	$ldap_remove['phpgwaccountstatus'] = array();
374	$this->db_functions->write_log("desativado conta do usuario",'',$dn,'','');
375	}
376	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
377	// ACCOUNT VISIBLE
378	if (($old_values['phpgwaccountvisible'] == '') && ($new_values['phpgwaccountvisible'] != ''))
379	{
380	$ldap_add['phpgwaccountvisible'] = '-1';
381	$this->db_functions->write_log("adicionado phpgwaccountvisible ao usuario",'',$dn,'','');
382	}
383	if (($old_values['phpgwaccountvisible'] != '') && ($new_values['phpgwaccountvisible'] == ''))
384	{
385	$ldap_remove['phpgwaccountvisible'] = array();
386	$this->db_functions->write_log("removido phpgwaccountvisible ao usuario",'',$dn,'','');
387	}
388	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
389	// PHOTO
390	if ($new_values['delete_photo'])
391	{
392	$this->ldap_functions->ldap_remove_photo($dn);
393	$this->db_functions->write_log("removido jpegphoto ao usuario",'',$dn,'','');
394	}
395	if ($_FILES['photo']['name'] != '')
396	{
397	if ($new_values['photo_exist'])
398	$photo_exist = true;
399	else
400	$photo_exist = false;
401	$this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name'], $new_values['photo_exist'], $photo_exist);
402	$this->db_functions->write_log("adicionado jpegphoto ao usuario",'',$dn,'','');
403	}
404	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
405	// Mail Account STATUS
406	if (($old_values['accountstatus'] == '') && ($new_values['accountstatus'] != ''))
407	{
408	$ldap_add['accountstatus'] = 'active';
409	$this->db_functions->write_log("ativado conta de email do usuario",'',$dn,'','');
410	}
411	if (($old_values['accountstatus'] != '') && ($new_values['accountstatus'] == ''))
412	{
413	$ldap_remove['accountstatus'] = array();
414	$this->db_functions->write_log("desativado conta de email do usuario",'',$dn,'','');
415	}
416	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
417	// MAILALTERNATEADDRESS
418	if (($old_values['mailalternateaddress'] == '') && ($new_values['mailalternateaddress'] != ''))
419	{
420	$ldap_add['mailalternateaddress'] = $new_values['mailalternateaddress'];
421	$this->db_functions->write_log("adicionado mailalternateaddress ao usuario",'',$dn,'','');
422	}
423	if (($old_values['mailalternateaddress'] != '') && ($new_values['mailalternateaddress'] == ''))
424	{
425	$ldap_remove['mailalternateaddress'] = array();
426	$this->db_functions->write_log("removido mailalternateaddress ao usuario",'',$dn,'','');
427	}
428	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
429	// MAILFORWARDINGADDRESS
430	if (($old_values['mailforwardingaddress'] == '') && ($new_values['mailforwardingaddress'] != ''))
431	{
432	$ldap_add['mailforwardingaddress'] = $new_values['mailforwardingaddress'];
433	$this->db_functions->write_log("adicionado mailforwardingaddress ao usuario",'',$dn,'','');
434	}
435	if (($old_values['mailforwardingaddress'] != '') && ($new_values['mailforwardingaddress'] == ''))
436	{
437	$ldap_remove['mailforwardingaddress'] = array();
438	$this->db_functions->write_log("removido mailforwardingaddress ao usuario",'',$dn,'','');
439	}
440	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
441	// Delivery Mode
442	if (($old_values['deliverymode'] == '') && ($new_values['deliverymode'] != ''))
443	{
444	$ldap_add['deliverymode'] = 'forwardOnly';
445	$this->db_functions->write_log("adicionado forwardOnly ao usuario",'',$dn,'','');
446	}
447	if (($old_values['deliverymode'] != '') && ($new_values['deliverymode'] == ''))
448	{
449	$ldap_remove['deliverymode'] = array();
450	$this->db_functions->write_log("removido forwardOnly ao usuario",'',$dn,'','');
451	}
452	}
453
454	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
455	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'change_users_quote')) )
456	{
457	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
458	// MAILQUOTA
459	if ($diff['mailquota'])
460	{
461	$this->imap_functions->change_user_quota($new_values['uid'], $new_values['mailquota']);
462	$this->db_functions->write_log("alterado cota do usuario",'',$dn,'','');
463	}
464	}
465
466	if ( ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users')) \|\|
467	($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_sambausers_attributes')) )
468	{
469	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
470	// REMOVE ATTRS OF SAMBA
471	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] != 'on'))
472	{
473	$ldap_remove['objectclass'] = 'sambaSamAccount';
474	$ldap_remove['loginShell'] = array();
475	$ldap_remove['sambaSID'] = array();
476	$ldap_remove['sambaPrimaryGroupSID'] = array();
477	$ldap_remove['sambaAcctFlags'] = array();
478	$ldap_remove['sambaLogonScript'] = array();
479	$ldap_remove['sambaLMPassword'] = array();
480	$ldap_remove['sambaNTPassword'] = array();
481	$ldap_remove['sambaPasswordHistory'] = array();
482	$ldap_remove['sambaPwdCanChange'] = array();
483	$ldap_remove['sambaPwdLastSet'] = array();
484	$ldap_remove['sambaPwdMustChange'] = array();
485	$this->db_functions->write_log("removido atributos samba do usuario.",'',$dn,'','');
486	}
487	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
488	// ADD ATTRS OF SAMBA
489	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && (!$new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
490	{
491	//Verifica se o binario para criar as senhas do samba exite.
492	if (!is_file('/home/expressolivre/mkntpwd'))
493	{
494	$return['status'] = false;
495	$return['msg'] .= "O arquivo binário /home/expressolivre/mkntpwd não exite.\\nEle é necessário para a criação das senhas usadas pelo SAMBA.\\nInforme o administrador ExpressoLivre sobre isto.\\n";
496	}
497	else
498	{
499	$ldap_add['objectClass'][] = 'sambaSamAccount';
500	$ldap_mod_replace['loginShell'] = '/bin/bash';
501	$ldap_add['sambaSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $new_values['uidnumber'])+1000);
502	$ldap_add['sambaPrimaryGroupSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $new_values['gidNumber'])+1001);
503	$ldap_add['sambaAcctFlags'] = $new_values['sambaacctflags'];
504	$ldap_add['sambaLogonScript'] = $new_values['sambalogonscript'];
505	$ldap_mod_replace['homeDirectory'] = $new_values['sambahomedirectory'];
506	$ldap_add['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.'senha');
507	$ldap_add['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.'senha');
508	$ldap_add['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000';
509	$ldap_add['sambaPwdCanChange'] = strtotime("now");
510	$ldap_add['sambaPwdLastSet'] = strtotime("now");
511	$ldap_add['sambaPwdMustChange'] = '2147483647';
512	$this->db_functions->write_log("adicionado atributos samba do usuario.",'',$dn,'','');
513	}
514	}
515	}
516
517	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
518	// GROUPS
519	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
520	{
521	if (!$new_values['groups'])
522	$new_values['groups'] = array();
523	if (!$old_values['groups'])
524	$old_values['groups'] = array();
525
526	$add_groups = array_diff($new_values['groups'], $old_values['groups']);
527	$remove_groups = array_diff($old_values['groups'], $new_values['groups']);
528
529	if (count($add_groups)>0)
530	{
531	foreach($add_groups as $gidnumber)
532	{
533	$this->db_functions->add_user2group($gidnumber, $new_values['uidnumber']);
534	$this->ldap_functions->add_user2group($gidnumber, $new_values['uid']);
535	$this->db_functions->write_log("adicionado usuario ao grupo $gidnumber.",'',$dn,'','');
536	}
537	}
538	if (count($remove_groups)>0)
539	{
540	foreach($remove_groups as $gidnumber)
541	{
542	foreach($old_values['groups_info'] as $group)
543	{
544	if (($group['gidnumber'] == $gidnumber) && ($group['group_disabled'] == 'false'))
545	{
546	$this->db_functions->remove_user2group($gidnumber, $new_values['uidnumber']);
547	$this->ldap_functions->remove_user2group($gidnumber, $new_values['uid']);
548	$this->db_functions->write_log("removido usuario do grupo $gidnumber.",'',$dn,'','');
549	}
550	}
551	}
552	}
553
554	if ($diff['gidnumber'])
555	{
556	$ldap_mod_replace['gidnumber'] = $new_values['gidnumber'];
557	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on'))
558	{
559	$ldap_mod_replace['sambaPrimaryGroupSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $new_values['gidnumber'])+1001);
560	}
561	$this->db_functions->write_log("alterado gidnumber do usuario.",'',$dn,'','');
562	}
563	}
564	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
565	// LDAP_MOD_REPLACE
566	if (count($ldap_mod_replace))
567	{
568	$result = $this->ldap_functions->replace_user_attributes($dn, $ldap_mod_replace);
569	if (!$result['status'])
570	{
571	$return['status'] = false;
572	$return['msg'] .= $result['msg'];
573	}
574	}
575
576	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
577	// LDAP_MOD_ADD
578	if (count($ldap_add))
579	{
580
581	$result = $this->ldap_functions->add_user_attributes($dn, $ldap_add);
582	if (!$result['status'])
583	{
584	$return['status'] = false;
585	$return['msg'] .= $result['msg'];
586	}
587	}
588
589	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
590	// LDAP_MOD_REMOVE
591	if (count($ldap_remove))
592	{
593
594	$result = $this->ldap_functions->remove_user_attributes($dn, $ldap_remove);
595	if (!$result['status'])
596	{
597	$return['status'] = false;
598	$return['msg'] .= $result['msg'];
599	}
600	}
601	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
602
603
604	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'edit_users'))
605	{
606	////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
607	// MAILLISTS
608	if (!$new_values['maillists'])
609	$new_values['maillists'] = array();
610	if (!$old_values['maillists'])
611	$old_values['maillists'] = array();
612
613	$add_maillists = array_diff($new_values['maillists'], $old_values['maillists']);
614	$remove_maillists = array_diff($old_values['maillists'], $new_values['maillists']);
615
616	if (count($add_maillists)>0)
617	{
618	foreach($add_maillists as $uidnumber)
619	{
620	$this->ldap_functions->add_user2maillist($uidnumber, $new_values['mail']);
621	$this->db_functions->write_log("adicionado usuario a maillist $uidnumber.",'',$dn,'','');
622	}
623	}
624	if (count($remove_maillists)>0)
625	{
626	foreach($remove_maillists as $uidnumber)
627	{
628	$this->ldap_functions->remove_user2maillist($uidnumber, $new_values['mail']);
629	$this->db_functions->write_log("removido usuario da maillist $uidnumber.",'',$dn,'','');
630	}
631	}
632
633	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
634	// APPS
635	$new_values2 = array();
636	$old_values2 = array();
637	if (count($new_values['apps'])>0)
638	{
639	foreach ($new_values['apps'] as $app=>$tmp)
640	{
641	$new_values2[] = $app;
642	}
643	}
644	if (count($old_values['apps'])>0)
645	{
646	foreach ($old_values['apps'] as $app=>$tmp)
647	{
648	$old_values2[] = $app;
649	}
650	}
651	$add_apps = array_flip(array_diff($new_values2, $old_values2));
652	$remove_apps = array_flip(array_diff($old_values2, $new_values2));
653
654	if (count($add_apps)>0)
655	{
656	$this->db_functions->add_id2apps($new_values['uidnumber'], $add_apps);
657	$this->db_functions->write_log("adicionado app ao usuario",'',$dn,'','');
658	}
659	if (count($remove_apps)>0)
660	{
661	$this->db_functions->remove_id2apps($new_values['uidnumber'], $remove_apps);
662	$this->db_functions->write_log("removido app do usuario",'',$dn,'','');
663	}
664	//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
665	}
666	return $return;
667	}
668
669
670	function get_user_info($uidnumber, $context)
671	{
672	$user_info_ldap = $this->ldap_functions->get_user_info($uidnumber, $context);
673	$user_info_db1 = $this->db_functions->get_user_info($uidnumber);
674	$user_info_db2 = $this->ldap_functions->gidnumbers2cn($user_info_db1['groups'], $context);
675	$user_info_imap = $this->imap_functions->get_user_info($user_info_ldap['uid']);
676	$user_info = array_merge($user_info_ldap, $user_info_db1, $user_info_db2, $user_info_imap);
677	return $user_info;
678	}
679
680	function set_user_default_password($params)
681	{
682	$return['status'] = true;
683	$uid = $params['uid'];
684	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
685
686	if (!$this->db_functions->default_user_password_is_set($uid))
687	{
688	$userPassword = $this->ldap_functions->set_user_password($uid, $defaultUserPassword);
689	$this->db_functions->set_user_password($uid, $userPassword);
690	}
691	else
692	{
693	$return['status'] = false;
694	$return['msg'] = 'Senha default já cadastrada!';
695	}
696
697	$this->db_functions->write_log('Setado senha default','',$uid,'','');
698
699	return $return;
700	}
701
702	function return_user_password($params)
703	{
704	$return['status'] = true;
705	$uid = $params['uid'];
706
707	if ($this->db_functions->default_user_password_is_set($uid))
708	{
709	$userPassword = $this->db_functions->get_user_password($uid);
710	$this->ldap_functions->set_user_password($uid, $userPassword);
711	}
712	else
713	{
714	$return['status'] = false;
715	$return['msg'] = 'Senha default NÃO cadastrada!';
716	}
717
718	$this->db_functions->write_log('Retornado senha default','',$uid,'','');
719
720	return $return;
721	}
722
723	function delete($params)
724	{
725	$return['status'] = true;
726
727	// Verifica o acesso do gerente
728	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'delete_users'))
729	{
730	$uidnumber = $params['uidnumber'];
731	$context = $params['context'];
732	$user_info = $this->get_user_info($uidnumber, $context);
733
734	//LDAP
735	$result_ldap = $this->ldap_functions->delete_user($user_info);
736	if (!$result_ldap['status'])
737	{
738	$return['status'] = false;
739	$return['msg'] .= $result_ldap['msg'];
740	}
741
742	//DB
743	$result_db = $this->db_functions->delete_user($user_info);
744	if (!$result_db['status'])
745	{
746	$return['status'] = false;
747	$return['msg'] .= $result_ldap['msg'];
748	}
749
750	//IMAP
751	$result_imap = $this->imap_functions->delete_user($user_info['uid']);
752	if (!$result_imap['status'])
753	{
754	$return['status'] = false;
755	$return['msg'] .= $result_ldap['msg'];
756	}
757
758	$this->db_functions->write_log('deletado usuario','',$user_info['uid'],'','');
759	}
760
761	return $return;
762	}
763
764
765	function rename($params)
766	{
767	$return['status'] = true;
768
769	// Verifica o acesso do gerente
770	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'rename_users'))
771	{
772	$uid = $params['uid'];
773	$new_uid = $params['new_uid'];
774	$context = $params['context'];
775	$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword'])));
776	$defaultUserPassword_plain = $this->current_config['expressoAdmin_defaultUserPassword'];
777
778	$emailadmin_profiles = $this->db_functions->get_sieve_info();
779	$sieve_enable = $emailadmin_profiles[0]['imapenablesieve'];
780	$sieve_server = $emailadmin_profiles[0]['imapsieveserver'];
781	$sieve_port = $emailadmin_profiles[0]['imapsieveport'];
782
783	$imap_admin = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminUsername'];
784	$imap_passwd = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminPW'];
785	$imap_server = $_SESSION['phpgw_info']['expresso']['email_server']['imapServer'];
786	$imap_port = $_SESSION['phpgw_info']['expresso']['email_server']['imapPort'];
787	$imapDelimiter = $_SESSION['phpgw_info']['expresso']['email_server']['imapDelimiter'];
788
789	//Verifica se está sendo usuado cyrus 2.2 ou superior
790	$sk = fsockopen ($imap_server,$imap_port);
791	$server_resp = fread($sk, 100);
792	$tmp = split('v2.', $server_resp);
793	$cyrus_version = '2' . $tmp[1][0];
794	//$is_cyrus22 = strpos($server_resp, "v2.2");
795
796	if ($cyrus_version > '21')
797	{
798	// Seta senha default
799	$user_password = $this->ldap_functions->set_user_password($uid, $defaultUserPassword);
800
801	// Renomeia UID no openldap
802	$result = $this->ldap_functions->rename_uid($uid, $new_uid);
803	$new_dn = $result['new_dn'];
804	if (!$result['status'])
805	{
806	$return['status'] = false;
807	$return['msg'] .= "\n" . $result['msg'];
808	$return['msg'] .= "\nErro ao renomear usuário no LDAP. Processo abortado.";
809	return $return;
810	}
811
812	// Remove old UID do ldap
813	$user_info_mod_remove['uid'] = $uid;
814	$this->ldap_functions->remove_user_attributes($new_dn, $user_info_mod_remove);
815
816	//Renomeia mailbox e sieve
817	$result = $this->imap_functions->rename_mailbox($uid, $new_uid);
818	if (!$result['status'])
819	{
820	$return['status'] = false;
821	$return['msg'] .= "\n" . $result['msg'];
822	$return['msg'] .= "\nErro ao renomear usuário no Cyrus. Processo abortado.";
823	}
824
825	// Retorna senha do usuário
826	$this->ldap_functions->set_user_password($new_uid, $user_password);
827
828	$this->db_functions->write_log('renomeado usuario',$new_uid,$uid,'','');
829
830	$return['exec_return'] = "";
831	return $return;
832	}
833	else
834	{
835	$return['status'] = false;
836	$return['msg'] .= "A renomeação de usuários só permitida com o cyrus versão 2.2 ou superior,";
837	$return['msg'] .= "\ne com a opção 'allowusermoves: yes' configurado no imapd.conf.";
838	return $return;
839	}
840
841	/*********************
842	*
843	* RENOMEAÇÃO APENAS PARA CYRUS 2.2 OU SUPERIOR
844	*
845	*********************/
846	/*
847	//Verifica se o binario para renomeacao existe.
848	if (!is_file('/home/expressolivre/imapsync'))
849	{
850	$return['status'] = false;
851	$return['msg'] .= "O arquivo binário /home/expressolivre/imapsync não existe.\\nEle é necessário para a renomeação das caixas postais.\\nInforme o administrador ExpressoLivre sobre isto.";
852	}
853
854	// Seta senha default
855	$user_password = $this->ldap_functions->set_user_password($uid, $defaultUserPassword);
856
857	// Renomeia UID no openldap
858	$result = $this->ldap_functions->rename_uid($uid, $new_uid);
859	$new_dn = $result['new_dn'];
860
861	if (!$result['status'])
862	{
863	$return['status'] = false;
864	$return['msg'] .= "Erro ao renomear usuário no LDAP. Processo abortado.";
865	return $return;
866	}
867
868	// Pega a cota do usuario
869	$quota = $this->imap_functions->get_user_info($uid);
870	$quota_limit = $quota['mailquota'];
871	if ($quota_limit == '-1')
872	$quota_limit = '40960';
873
874	//Cria a nova caixa postal
875	$this->imap_functions->create($new_uid, $quota_limit);
876
877	// Realiza a cópia das mensagens de uma caixa para outra.
878	$exec_return = array();
879	$exec_result = exec("/home/expressolivre/imapsync " .
880	"--host1 localhost " .
881	"--user1 " . $uid . ' ' .
882	"--password1 $defaultUserPassword_plain " .
883	"--host2 localhost " .
884	"--user2 " . $new_uid . ' ' .
885	"--password2 $defaultUserPassword_plain " .
886	"--syncinternaldates --exclude user.*", $exec_return, $exec_result);
887
888	$reg_total = count($exec_return);
889
890	for ($i=$reg_total; $i>($reg_total-9); $i--)
891	$return['exec_return'] .= $exec_return[$i] . "\n";
892
893	//SIEVE
894	if ($sieve_enable == 'yes')
895	{
896	include_once('sieve-php.lib.php');
897
898	$sieve_uid = new sieve("$sieve_server", "$sieve_port", "$uid", "$defaultUserPassword_plain", '', "PLAIN");
899	$sieve_new_uid = new sieve("$sieve_server", "$sieve_port", "$new_uid", "$defaultUserPassword_plain", '', "PLAIN");
900
901	if (!$sieve_uid->sieve_login())
902	{
903	$return['status'] = false;
904	$return['msg'] .= "\nNão foi possível fazer login no sieve:$uid";
905	}
906	elseif (!$sieve_new_uid->sieve_login())
907	{
908	$return['status'] = false;
909	$return['msg'] .= "\nNão foi possível fazer login no sieve:$new_uid";
910	}
911	else
912	{
913	$sieve_uid->sieve_listscripts();
914	$uid_active_script=$sieve_uid->response["ACTIVE"];
915	if(isset($uid_active_script))
916	{
917	$i=0;
918	$activescript="";
919	if($sieve_uid->sieve_getscript($uid_active_script))
920	{
921	if(is_array($sieve_uid->response))
922	{
923	foreach($sieve_uid->response as $result)
924	{
925	$activescript .= $result;
926	}
927	}
928	}
929
930	$new_script_name = $new_uid;
931	if ($sieve_new_uid->sieve_sendscript($new_script_name,$activescript))
932	{
933	$sieve_new_uid->sieve_setactivescript($new_script_name);
934	$return['exec_return'] .= "Script SIEVE transferido com êxito.\n";
935	}
936	else
937	{
938	$return['status'] = false;
939	$return['msg'] .= "Problemas na transferência do script Sieve.\\n";
940	}
941	}
942	else
943	$return['exec_return'] .= "\n2";
944	}
945	$sieve_uid->sieve_logout();
946	$sieve_new_uid->sieve_logout();
947	}
948	else
949	$return['exec_return'] .= "\n1";
950
951	if ($exec_result)
952	{
953	// Deleta caixa-postal antiga
954	$result = $this->imap_functions->delete_user($uid);
955	if (!$result['status'])
956	{
957	$return['status'] = false;
958	$return['msg'] .= $result['msg'];
959	}
960	}
961	else
962	{
963	$return['status'] = false;
964	$return['msg'] .= "Problemas ao executar o imapsinc. Caixa postal $uid não excluida.";
965	}
966
967	// Retorna senha do usuário
968	$this->ldap_functions->set_user_password($uid, $user_password);
969
970	// Remove old UID do ldap
971	$user_info_mod_remove['uid'] = $uid;
972	$this->ldap_functions->remove_user_attributes($new_dn, $user_info_mod_remove);
973
974	$this->db_functions->write_log('renomeado usuario',$new_uid,$uid,'','');
975
976	return $return;
977	*/
978	}
979	}
980	}
981	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: