/**
* Form on user edit page
* @param $FH FormHandler of the page
* @param $mode add or edit mode
*/
function _ppolicy_baseEdit($FH, $mode)
{
$f = new DivForModule(_T("Password policy management", "ppolicy"), "#FDF");
// default values
$hasPPolicy = false;
$pwdReset = false;
$ppolicyName = "";
$default = getDefaultPPolicyName();
if ($mode == "edit") {
$uid = $FH->getArrayOrPostValue('uid');
if (hasUserPPolicy($uid)) {
$hasPPolicy = true;
$ppolicyName = getUserPPolicy($uid);
}
if (passwordHasBeenReset($uid)) {
$pwdReset = true;
}
}
$f->push(new Table());
if ($mode == "edit") {
$pwdLock = false;
if (isAccountLocked($uid) != "0") {
$pwdLock = true;
// Display an error message on top of the page
$em = new ErrorMessage(_T("Password policy management", "ppolicy") . ' : ' . _T("This account is locked by the LDAP directory.", "ppolicy"));
$em->display();
}
$pwdExpired = isPasswordExpired($uid);
$nbGraceLogins = isAccountInGraceLogin($uid);
if ($pwdExpired && in_array($nbGraceLogins, array(0, 1))) {
// Display an error message on top of the page
$em = new ErrorMessage(_T("Password policy management", "ppolicy") . ' : ' . _T("The password of this account has expired. The user cannot change his password.", "ppolicy"));
$em->display();
}
if ($pwdExpired && ($nbGraceLogins == -1 || $nbGraceLogins > 1)) {
if ($nbGraceLogins > 1) {
// Display an error message on top of the page
$em = new ErrorMessage(_T("Password policy management", "ppolicy") . ' : ' . sprintf(_T("The password of this account has expired. The user has %s login(s) left to change his password.", "ppolicy"), $nbGraceLogins));
} else {
// Display an error message on top of the page
$em = new ErrorMessage(_T("Password policy management", "ppolicy") . ' : ' . _T("The password of this account has expired. The user can change his password.", "ppolicy"));
}
$em->display();
}
$f->add(new TrFormElement(_T("Lock account", "ppolicy"), new CheckboxTpl("pwdLock"), array("tooltip" => _T("If checked, permanently lock the user account", "ppolicy"))), array("value" => $pwdLock ? "checked" : ""));
}
$f->add(new TrFormElement(_T("Password reset flag", "ppolicy"), new CheckboxTpl("pwdReset"), array("tooltip" => _T("If checked, the user must change her password when she first binds to the LDAP directory after password is set or reset by a password administrator", "ppolicy"))), array("value" => $pwdReset ? "checked" : ""));
$ppolicyList = listPPolicy();
if (count($ppolicyList) > 1) {
$ppolicyTpl = new SelectItem("ppolicyname");
foreach ($ppolicyList as $pp) {
$name = $pp[1]['cn'][0];
if (isset($pp[1]['description'][0])) {
$desc = $pp[1]['description'][0];
} else {
$desc = $name;
}
if ($name == $default) {
$name = "";
$desc = _T($desc, "ppolicy");
}
$values[$desc] = $name;
}
$ppolicyTpl->setElements(array_keys($values));
$ppolicyTpl->setElementsVal(array_values($values));
$f->add(new TrFormElement(_T("Enable a specific password policy for this user", "ppolicy"), $ppolicyTpl, array("tooltip" => _T("If not set the default password policy is enforced.", "ppolicy"))), array("value" => $ppolicyName));
}
$f->pop();
return $f;
}
*
* This file is part of Mandriva Management Console (MMC).
*
* MMC is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* MMC is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with MMC. If not, see <http://www.gnu.org/licenses/>.
*/
/*
Included by MMC main.php to display a warning when the user logs in using
grace login.
*/
require_once "modules/ppolicy/includes/ppolicy-xmlrpc.php";
if ($_SESSION["login"] != "root") {
if (empty($_SESSION["gracelogin"]) && isAccountInGraceLogin($_SESSION["login"]) != -1) {
new NotifyWidgetSuccess(_T("Warning you have been logged using grace login mode. Please change your password as soon as possible using the password change page, else your account will be locked.", "ppolicy"));
}
$_SESSION["gracelogin"] = 1;
if (empty($_SESSION["userMustChangePassword"]) && userMustChangePassword($_SESSION["login"])) {
new NotifyWidgetSuccess(_T("Warning your password has been reset by an administrator. Your LDAP account is restricted. Please change your password as soon as possible using the password change page.", "ppolicy"));
}
$_SESSION["userMustChangePassword"] = 1;
}
*
* MMC is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with MMC. If not, see <http://www.gnu.org/licenses/>.
*/
/*
Included by MMC main.php to display a warning when the user logs in using
grace login.
*/
require_once("modules/ppolicy/includes/ppolicy-xmlrpc.php");
if ($_SESSION["login"] != "root") {
if ((empty($_SESSION["gracelogin"]))
&& (isAccountInGraceLogin($_SESSION["login"]) != -1)) {
new NotifyWidgetSuccess(_T("Warning you have been logged using grace login mode. Please change your password as soon as possible using the password change page, else your account will be locked.", "ppolicy"));
}
$_SESSION["gracelogin"] = 1;
if ((empty($_SESSION["userMustChangePassword"]))
&& (userMustChangePassword($_SESSION["login"]))) {
new NotifyWidgetSuccess(_T("Warning your password has been reset by an administrator. Your LDAP account is restricted. Please change your password as soon as possible using the password change page.", "ppolicy"));
}
$_SESSION["userMustChangePassword"] = 1;
}
?>
