lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Dbut ajout gestion utilisateurs ldap

Browse Source
This commit is contained in:
Regis Houssin 2006-06-24 23:15:46 +00:00
parent 0e6528ed79
commit 268dde2d3e
5 changed files with 111 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/langs/en_US/users.lang
View File

@ -67,10 +67,14 @@ GroupsToAdd=Groups to add to this user
NoLogin=No login
CreateDolibarrLogin=Create Dolibarr account
LoginAccountDisable=Account disabled, put a new login to activate it.
LoginAccountDisableInDolibarr=Account disabled in Dolibarr.
LoginAccountDisableInLdap=Account disabled in the domain.
UsePersonalValue=Use personal value
ErrorFailedToSaveFile=Error - Failed to save file
GuiLanguage=Interface language
InternalUser=Internal user
MyInformations=My informations
ExportDataset_user_1=Dolibarr's users and properties
DomainUser=Domain user
DomainUser=Domain user
Reactivate=Reactivate
ThirdParty=Third party

6
htdocs/langs/fr_FR/users.lang
View File

@ -67,10 +67,14 @@ GroupsToAdd=Groupes
NoLogin=Pas de login
CreateDolibarrLogin=Créer un compte Dolibarr
LoginAccountDisable=Le compte est désactivé, mettre un nouveau login pour l'activer.
LoginAccountDisableInDolibarr=Le compte est désactivé sur Dolibarr.
LoginAccountDisableInLdap=Le compte est désactivé sur le domaine.
UsePersonalValue=Utiliser valeur personalisée
ErrorFailedToSaveFile=Erreur - l'enregistrement du fichier a échoué
GuiLanguage=Langage de l'interface
InternalUser=Utilisateur interne
MyInformations=Mes informations
ExportDataset_user_1=Utilisateurs Dolibarr et attributs
DomainUser=Utilisateur du domaine
DomainUser=Utilisateur du domaine
Reactivate=Réactiver
ThirdParty=Tiers

41
htdocs/lib/authldap.lib.php
View File

@ -433,6 +433,47 @@ class AuthLdap {
// Return an array containing the attributes.
return $values;
}
/**
* 2.4.1.1 : Returns an array containing a set of attribute values.
* For most searches, this will just be one row, but sometimes multiple
* results are returned (eg:- multiple email addresses)
*/
function getAttributeWithSID ( $SID,$attribute) {
// builds the appropriate dn, based on whether $this->people and/or $this->group is set
//$checkDn = $this->setDn( true);
$checkDn = $this->people;
$results[0] = $attribute;
// if the directory is AD, then bind first with the search user first
if ($this->serverType == "activedirectory") {
$this->authBind($this->searchUser, $this->searchPassword);
}
// We need to search for this user in order to get their entry.
$this->result = @ldap_search( $this->connection,$checkDn,"objectsid=$SID",$results);
$info = ldap_get_entries( $this->connection, $this->result);
// Only one entry should ever be returned (no user will have the same sid)
$entry = ldap_first_entry( $this->connection, $this->result);
if ( !$entry) {
$this->ldapErrorCode = -1;
$this->ldapErrorText = "Couldn't find user";
return false; // Couldn't find the user...
}
// Get all the member DNs
if ( !$values = @ldap_get_values( $this->connection, $entry, $attribute)) {
$this->ldapErrorCode = ldap_errno( $this->connection);
$this->ldapErrorText = ldap_error( $this->connection);
return false; // No matching attributes
}
// Return an array containing the attributes.
return $values;
}
/**
* 2.4.2 : Allows an attribute value to be set.

78
htdocs/user/fiche.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2002-2003 Jean-Louis Bergamo <jlb@j1b.org>
* Copyright (C) 2004-2006 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005 Regis Houssin <regis.houssin@cap-networks.com>
* Copyright (C) 2005-2006 Regis Houssin <regis.houssin@cap-networks.com>
* Copyright (C) 2005 Lionel COUSTEIX <etm_ltd@tiscali.co.uk>
*
* This program is free software; you can redistribute it and/or modify
@ -104,6 +104,32 @@ if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == "yes")
}
}
//reactive un compte ldap
if ($_GET["action"] == 'reactivate' && $canadduser)
{
if ($_GET["id"] <> $user->id)
{
$reactiveuser = new User($db, $_GET["id"]);
$reactiveuser->fetch();
$ldap = New AuthLdap();
if ($ldap->connect())
{
$login = $conf->global->LDAP_FIELD_LOGIN_SAMBA;
$justthese = array($login);
$ldap_sid = $reactiveuser->ldap_sid;
$result = $ldap->getAttributeWithSID($ldap_sid, $justthese);
$message = '<div class="error">'.$ldap_sid.'</div><br>';
$message .= '<div class="error">'.$ldap->ldapErrorCode." - ".$ldap->ldapErrorText.'</div>';
//Header("Location: index.php");
//exit;
}
else
{
print $ldap->ldapErrorCode." - ".$ldap->ldapErrorText;
}
}
}
// Action ajout user
if ($_POST["action"] == 'add' && $canadduser)
{
@ -317,14 +343,14 @@ if (($action == 'create') || ($action == 'adduserldap'))
{
if ($conf->global->LDAP_SERVER_HOST && $conf->global->LDAP_ADMIN_DN && $conf->global->LDAP_ADMIN_PASS)
{
$name = $conf->global->LDAP_FIELD_NAME;
$name = $conf->global->LDAP_FIELD_NAME;
$firstname = $conf->global->LDAP_FIELD_FIRSTNAME;
$mail = $conf->global->LDAP_FIELD_MAIL;
$phone = $conf->global->LDAP_FIELD_PHONE;
$fax = $conf->global->LDAP_FIELD_FAX;
$mobile = $conf->global->LDAP_FIELD_MOBILE;
$login = $conf->global->LDAP_FIELD_LOGIN_SAMBA;
$SID = "objectsid";
$mail = $conf->global->LDAP_FIELD_MAIL;
$phone = $conf->global->LDAP_FIELD_PHONE;
$fax = $conf->global->LDAP_FIELD_FAX;
$mobile = $conf->global->LDAP_FIELD_MOBILE;
$login = $conf->global->LDAP_FIELD_LOGIN_SAMBA;
$SID = "objectsid";
$ldap = new AuthLdap();
@ -369,14 +395,14 @@ if (($action == 'create') || ($action == 'adduserldap'))
{
foreach ($selectedUser as $key => $attribute)
{
$ldap_nom = utf8_decode($attribute[$name]?$attribute[$name]:'');
$ldap_nom = utf8_decode($attribute[$name]?$attribute[$name]:'');
$ldap_prenom = utf8_decode($attribute[$firstname]?$attribute[$firstname]:'');
$ldap_login = utf8_decode($attribute[$login]?$attribute[$login]:'');
$ldap_phone = utf8_decode($attribute[$phone]?$attribute[$phone]:'');
$ldap_fax = utf8_decode($attribute[$fax]?$attribute[$fax]:'');
$ldap_login = utf8_decode($attribute[$login]?$attribute[$login]:'');
$ldap_phone = utf8_decode($attribute[$phone]?$attribute[$phone]:'');
$ldap_fax = utf8_decode($attribute[$fax]?$attribute[$fax]:'');
$ldap_mobile = utf8_decode($attribute[$mobile]?$attribute[$mobile]:'');
$ldap_mail = utf8_decode($attribute[$mail]?$attribute[$mail]:'');
$ldap_SID = bin2hex($attribute[$SID]);
$ldap_mail = utf8_decode($attribute[$mail]?$attribute[$mail]:'');
$ldap_SID = bin2hex($attribute[$SID]);
}
}
}
@ -658,12 +684,17 @@ else
print '<tr><td width="25%" valign="top">'.$langs->trans("Login").'</td>';
if ($fuser->login)
{
print '<td width="50%" class="valeur">'.$fuser->login.'</td></tr>';
print '<td width="50%" class="valeur">'.$fuser->login;
}
else if ($fuser->ldap_sid)
{
print '<td width="50%" class="error">'.$langs->trans("LoginAccountDisableInDolibarr");
}
else
{
print '<td width="50%" class="error">'.$langs->trans("LoginAccountDisable").'</td></tr>';
print '<td width="50%" class="error">'.$langs->trans("LoginAccountDisable");
}
print '</td></tr>';
// Password
print '<tr><td width="25%" valign="top">'.$langs->trans("Password").'</td>';
@ -769,11 +800,18 @@ else
print '<div class="tabsAction">';
if ($caneditfield)
if ($caneditfield && (!$fuser->ldap_sid || !$fuser->login))
{
print '<a class="butAction" href="fiche.php?id='.$fuser->id.'&amp;action=edit">'.$langs->trans("Edit").'</a>';
if ($canadduser && $fuser->ldap_sid && !$fuser->login)
{
print '<a class="butAction" href="fiche.php?id='.$fuser->id.'&amp;action=reactivate">'.$langs->trans("Reactivate").'</a>';
}
else
{
print '<a class="butAction" href="fiche.php?id='.$fuser->id.'&amp;action=edit">'.$langs->trans("Edit").'</a>';
}
}
elseif ($caneditpassword)
elseif ($caneditpassword && !$fuser->ldap_sid)
{
print '<a class="butAction" href="fiche.php?id='.$fuser->id.'&amp;action=edit">'.$langs->trans("EditPassword").'</a>';
}
@ -922,7 +960,7 @@ else
/*
* Fiche en mode edition
*/
if ($_GET["action"] == 'edit' && ($caneditperms || ($user->id == $fuser->id)))
if ($_GET["action"] == 'edit' && (($caneditperms && (!$fuser->ldap_sid || !$fuser->login)) || ($user->id == $fuser->id)))
{
print '<form action="fiche.php?id='.$fuser->id.'" method="post" name="updateuser" enctype="multipart/form-data">';

4
htdocs/user/index.php
View File

@ -76,8 +76,8 @@ if ($result)
print "<table class=\"noborder\" width=\"100%\">";
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Login"),"index.php","u.login",$param,"","",$sortfield);
print_liste_field_titre($langs->trans("Lastname"),"index.php","u.name",$param,"","",$sortfield);
print_liste_field_titre($langs->trans("Firstname"),"index.php","u.firstname",$param,"","",$sortfield);
print_liste_field_titre($langs->trans("LastName"),"index.php","u.name",$param,"","",$sortfield);
print_liste_field_titre($langs->trans("FirstName"),"index.php","u.firstname",$param,"","",$sortfield);
print_liste_field_titre($langs->trans("Code"),"index.php","u.code",$param,"","",$sortfield);
print_liste_field_titre($langs->trans("Company"),"index.php","u.fk_societe",$param,"","",$sortfield);
print_liste_field_titre($langs->trans("DateCreation"),"index.php","u.datec",$param,"","",$sortfield);