From 640abcbf3b48e5b4778c9d80696653f95e07b2a8 Mon Sep 17 00:00:00 2001 From: Deon George Date: Sun, 5 Jul 2009 13:55:27 +1000 Subject: [PATCH 1/5] Enabled a param so that some calls to getValue() are not fatal --- htdocs/login_form.php | 2 +- lib/ds.php | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/htdocs/login_form.php b/htdocs/login_form.php index e8e02ca..669e915 100644 --- a/htdocs/login_form.php +++ b/htdocs/login_form.php @@ -45,7 +45,7 @@ printf('%s:', ($app['server']->getValue('login','attr') == 'dn' ? _('Login DN') : $_SESSION[APPCONFIG]->getFriendlyName($app['server']->getValue('login','attr')))); printf('', - $app['server']->getValue('login','attr') == 'dn' ? $app['server']->getValue('login','bind_id') : ''); + $app['server']->getValue('login','attr',false) == 'dn' ? $app['server']->getValue('login','bind_id') : ''); echo ' '; printf('%s:',_('Password')); diff --git a/lib/ds.php b/lib/ds.php index 1c2ff14..bd8cc5e 100644 --- a/lib/ds.php +++ b/lib/ds.php @@ -69,16 +69,18 @@ abstract class DS { /** * Return a configuration value */ - public function getValue($key,$setting) { + public function getValue($key,$setting,$fatal=true) { if (isset($this->custom->{$key}[$setting])) return $this->custom->{$key}[$setting]; elseif (isset($this->default->{$key}[$setting]) && array_key_exists('default',$this->default->{$key}[$setting])) return $this->default->{$key}[$setting]['default']; - else { + elseif ($fatal) debug_dump_backtrace("Error trying to get a non-existant value ($key,$setting)",1); - } + + else + return null; } /** From 20bdaa466320a59b39ed14b0e6d9a937ee247c83 Mon Sep 17 00:00:00 2001 From: Deon George Date: Sun, 5 Jul 2009 13:55:53 +1000 Subject: [PATCH 2/5] Fixed invalid return variable --- lib/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/functions.php b/lib/functions.php index cb0dbfa..c5d0e23 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -789,7 +789,7 @@ function blowfish_decrypt($encdata,$secret=null) { if (file_exists(LIBDIR.'blowfish.php')) require_once LIBDIR.'blowfish.php'; else - return $data; + return $encdata; $pma_cipher = new Horde_Cipher_blowfish; $decrypt = ''; From 7591eefb70c58352855b56b30406d9a30f10e90e Mon Sep 17 00:00:00 2001 From: Deon George Date: Sun, 5 Jul 2009 22:13:17 +1000 Subject: [PATCH 3/5] Template modifications now add/remove attributes as per the template definition --- htdocs/update_confirm.php | 66 +++++++++++++++++++++++++++++++++------ lib/Attribute.php | 15 +++++++-- lib/Template.php | 14 ++++++--- 3 files changed, 79 insertions(+), 16 deletions(-) diff --git a/htdocs/update_confirm.php b/htdocs/update_confirm.php index e9f7bf6..7d735a9 100644 --- a/htdocs/update_confirm.php +++ b/htdocs/update_confirm.php @@ -54,6 +54,15 @@ if (count($request['template']->getLDAPmodify(true))) { _('Attribute'),_('Old Value'),_('New Value'),_('Skip')); echo "\n\n"; + # If we skip objectclass changes, but there are new must/may attrs provided by the new objectclass, they need to be skip. + $mustattrs = array(); + foreach ($request['template']->getAttribute('objectclass')->getValues() as $value) { + $soc = $app['server']->getSchemaObjectClass($value); + + foreach ($soc->getMustAttrs() as $sma) + array_push($mustattrs,$sma->getName()); + } + $counter = 0; foreach ($request['template']->getLDAPmodify(true) as $attribute) { $counter++; @@ -109,23 +118,60 @@ if (count($request['template']->getLDAPmodify(true))) { $input_disabled = ''; $input_onclick = ''; - if ($attribute->isForceDelete()) + if ($attribute->isForceDelete() || in_array($attribute->getName(),$mustattrs)) $input_disabled = 'disabled="disabled"'; - if ($attribute->getName() == 'objectclass' && (count($request['template']->getForceDeleteAttrs()) > 0)) { - $input_onclick = 'onclick="if (this.checked) {'; + if ($attribute->getName() == 'objectclass') { + $input_onclick = ''; - foreach ($request['template']->getForceDeleteAttrs() as $ad_name) { - $input_onclick .= sprintf("document.getElementById('skip_array_%s').disabled = false;",$ad_name->getName()); - $input_onclick .= sprintf("document.getElementById('skip_array_%s').checked = true;",$ad_name->getName()); + if (count($request['template']->getForceDeleteAttrs()) > 0) { + $input_onclick = 'onclick="if (this.checked) {'; + + foreach ($request['template']->getForceDeleteAttrs() as $ad_name) { + $input_onclick .= sprintf("document.getElementById('skip_array_%s').disabled = false;",$ad_name->getName()); + $input_onclick .= sprintf("document.getElementById('skip_array_%s').checked = true;",$ad_name->getName()); + $input_onclick .= "\n"; + } + + $input_onclick .= '} else {'; + + foreach ($request['template']->getForceDeleteAttrs() as $ad_name) { + $input_onclick .= sprintf("document.getElementById('skip_array_%s').checked = false;",$ad_name->getName()); + $input_onclick .= sprintf("document.getElementById('skip_array_%s').disabled = true;",$ad_name->getName()); + $input_onclick .= "\n"; + } + + $input_onclick .= '};'; + } + + if ($input_onclick) + $input_onclick .= 'if (this.checked) {'; + else + $input_onclick = 'onclick="if (this.checked) {'; + + foreach ($request['template']->getLDAPmodify(true) as $skipattr) { + if (! $skipattr->getOldValues()) { + if (! in_array($skipattr->getName(),$mustattrs)) + $input_onclick .= sprintf("document.getElementById('skip_array_%s').disabled = true;",$skipattr->getName()); + + $input_onclick .= sprintf("document.getElementById('skip_array_%s').checked = true;",$skipattr->getName()); + $input_onclick .= "\n"; + } } $input_onclick .= '} else {'; - foreach ($request['template']->getForceDeleteAttrs() as $ad_name) { - $input_onclick .= sprintf("document.getElementById('skip_array_%s').checked = false;",$ad_name->getName()); - $input_onclick .= sprintf("document.getElementById('skip_array_%s').disabled = true;",$ad_name->getName()); + + foreach ($request['template']->getLDAPmodify(true) as $skipattr) { + if (! $skipattr->getOldValues()) { + if (! in_array($skipattr->getName(),$mustattrs)) + $input_onclick .= sprintf("document.getElementById('skip_array_%s').disabled = false;",$skipattr->getName()); + + $input_onclick .= sprintf("document.getElementById('skip_array_%s').checked = false;",$skipattr->getName()); + $input_onclick .= "\n"; + } } - $input_onclick .= '}"'; + + $input_onclick .= '};"'; } printf('', diff --git a/lib/Attribute.php b/lib/Attribute.php index 0ac9998..03e28dc 100644 --- a/lib/Attribute.php +++ b/lib/Attribute.php @@ -146,6 +146,10 @@ class Attribute { return count($this->values); } + public function getSource() { + return $this->source; + } + /** * Autovalue is called after the attribute is initialised, and thus the values from the ldap server will be set. */ @@ -169,9 +173,16 @@ class Attribute { $this->values = array(); } + public function setOldValue($val) { + $this->oldvalues = $val; + } + public function setValue($new_val) { if ($this->values) { - if ($this->oldvalues && ($new_val != $this->values)) { + if ($this->values == $new_val) + return; + + if ($this->oldvalues) { debug_dump($this); debug_dump_backtrace('old values are set',1); } else @@ -595,6 +606,7 @@ class Attribute { case 'readonly': case 'rows': case 'size': + case 'values': case 'verify': $this->$index = $value; break; @@ -607,7 +619,6 @@ class Attribute { elseif (is_string($values) && (strlen($values) > 0)) $this->values = array($values); - } /** diff --git a/lib/Template.php b/lib/Template.php index 70b9f3d..d232d76 100644 --- a/lib/Template.php +++ b/lib/Template.php @@ -175,9 +175,10 @@ class Template extends xmlTemplate { return; } else { - $attribute = $this->addAttribute('objectClass',array('values'=>$objectclasses)); + $attribute = $this->addAttribute('objectClass',array('values'=>$objectclasses),'XML'); $attribute->justModified(); $attribute->setRequired(); + $attribute->hide(); } $this->rebuildTemplateAttrs(); @@ -266,9 +267,14 @@ class Template extends xmlTemplate { if (is_null($attribute)) $attribute = $this->addAttribute($attr,array('values'=>$values)); else - if ($attribute->getValues()) - $attribute->setValue(array_values($values)); - else + if ($attribute->getValues()) { + # Override values to those that are defined in the XML file. + if ($attribute->getSource() != 'XML') + $attribute->setValue(array_values($values)); + else + $attribute->setOldValue(array_values($values)); + + } else $attribute->initValue(array_values($values)); # Work out the RDN attributes From a0ae7bf111042a52c670026631f44e956075bafe Mon Sep 17 00:00:00 2001 From: Deon George Date: Sun, 5 Jul 2009 23:40:09 +1000 Subject: [PATCH 4/5] Fix added detection of password already encode when submitting updates --- lib/PageRender.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/PageRender.php b/lib/PageRender.php index ee1e6f3..e2fef63 100644 --- a/lib/PageRender.php +++ b/lib/PageRender.php @@ -834,6 +834,10 @@ class PageRender extends Visitor { } protected function getAutoPostPasswordAttribute($attribute,$i) { + # If the password is already encoded, then we'll return + if (preg_match('/^\{.+\}.+/',$attribute->getValue($i))) + return; + $attribute->setPostValue(array('function'=>'PasswordEncrypt','args'=>sprintf('%%enc%%;%%%s%%',$attribute->getName()))); $this->get('Post',$attribute,$i); } From c230058d3f6939d2cc9be92a2e05ac71c7853b55 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 6 Jul 2009 10:57:58 +1000 Subject: [PATCH 5/5] Added .gitignore --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ac7db53 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +config/config.php +queries/custom_* +templates/*/custom_*