protected function drawShadowDateShadowAttribute($attribute)
{
if (DEBUGTMP) {
printf('<font size=-2>%s</font><br />', __METHOD__);
}
$shadow_before_today_attrs = arrayLower($attribute->shadow_before_today_attrs);
$shadow_after_today_attrs = arrayLower($attribute->shadow_after_today_attrs);
$shadow_date = $this->shadow_date($attribute);
if (!$shadow_date) {
return;
}
$today = date('U');
echo '<br/><small>';
if ($today < $shadow_date && in_array(strtolower($attribute->getName()), $shadow_before_today_attrs)) {
printf('<span style="color:red">(%s)</span>', strftime($_SESSION[APPCONFIG]->getValue('appearance', 'date'), $shadow_date));
} elseif ($today > $shadow_date && in_array(strtolower($attribute->getName()), $shadow_after_today_attrs)) {
printf('<span style="color:red">(%s)</span>', strftime($_SESSION[APPCONFIG]->getValue('appearance', 'date'), $shadow_date));
} else {
printf('(%s)', strftime($_SESSION[APPCONFIG]->getValue('appearance', 'date'), $shadow_date));
}
echo '</small><br />';
}
<?php
}
/* end foreach value */
?>
</tr>
<?php
/* Draw the "add value" link under the list of values for this attributes */
if (!$ldapserver_dst->isReadOnly()) {
// First check if the required objectClass is in this DN
$isOK = 0;
$src_oclass = array();
$attr_object = $ldapserver_dst->getSchemaAttribute($attr, $dn_dst);
foreach ($attr_object->used_in_object_classes as $oclass) {
if (in_array(strtolower($oclass), arrayLower($attrs_dst['objectClass']))) {
$isOK = 1;
break;
} else {
// Find oclass that the source has that provides this attribute.
if (in_array($oclass, $attrs_src['objectClass'])) {
$src_oclass[] = $oclass;
}
}
}
print "<tr><td colspan=2></td><td colspan=2> </td><td> </td><td>";
if (!$isOK) {
if (count($src_oclass) == 1) {
$add_href = sprintf('add_oclass_form.php?server_id=%s&dn=%s&new_oclass=%s', $ldapserver_dst->server_id, $encoded_dn_dst, $src_oclass[0]);
} else {
$add_href = sprintf('add_value_form.php?server_id=%s&dn=%s&attr=objectClass', $ldapserver_dst->server_id, $encoded_dn_dst);
/**
* This function will check whether the value for an attribute being changed
* is already assigned to another DN.
*
* Returns the bad value, or null if all values are OK
*
* @param dn DN that is being changed
* @param string Attribute being changed
* @param string|array New values for the attribute
*/
public function checkUniqueAttrs($dn, $attrs)
{
if (DEBUG_ENABLED && (($fargs = func_get_args()) || ($fargs = 'NOARGS'))) {
debug_log('Entered (%%)', 17, 0, __FILE__, __LINE__, __METHOD__, $fargs);
}
# If none of the attributes are defined unique, we'll return immediately;
if (!($checkattrs = array_intersect(arrayLower($this->getValue('unique', 'attrs')), array_keys(array_change_key_case($attrs))))) {
return true;
}
# Check see and use our alternate uid_dn and password if we have it.
if (!$this->login($this->getValue('unique', 'dn'), $this->getValue('unique', 'pass'), 'unique')) {
system_message(array('title' => _('UNIQUE invalid login/password'), 'body' => sprintf('%s (<b>%s</b>)', _('Unable to connect to LDAP server with the unique login/password, please check your configuration.'), $this->getName()), 'type' => 'warn'));
return false;
}
$query = array();
# Build our search filter to double check each attribute.
$query['filter'] = '(|';
foreach ($checkattrs as $attr) {
foreach ($attrs[$attr] as $val) {
if ($val) {
$query['filter'] .= sprintf('(%s=%s)', $attr, $val);
}
}
}
$query['filter'] .= ')';
$query['attrs'] = $checkattrs;
# Search through our bases and see if we have match
foreach ($this->getBaseDN() as $base) {
$query['base'] = $base;
# Do the search
$results = $this->query($query, 'unique');
# If we have a match.
if (count($results)) {
foreach ($results as $values) {
# If one of the attributes is owned to somebody else, then we may as well die here.
if ($values['dn'] != $dn) {
$href = sprintf('cmd.php?cmd=query_engine&server_id=%s&filter=%s&scope=sub&query=none&format=list&search=true', $this->index, $query['filter']);
system_message(array('title' => _('Attribute value would not be unique'), 'body' => sprintf('%s (<b><a href="%s">%s</a></b>)', _('This update has been or will be cancelled, it would result in an attribute value not being unique. You might like to search the LDAP server for the offending entry.'), htmlspecialchars($href), _('Search')), 'type' => 'warn'));
return false;
}
}
}
}
# If we get here, then it must be OK?
return true;
}
/**
* This function will test if a user is a member of a group.
*
* Inputs:
* @param string $user membership value that is being checked
* @param dn $group DN to see if user is a member
* @return bool true|false
*/
function userIsMember($user, $group)
{
if (DEBUG_ENABLED) {
debug_log('%s:userIsMember(): Entered with (%s,%s)', 17, get_class($this), $user, $group);
}
$user = strtolower($user);
$group = $this->getDNAttrs($group, false, $deref = LDAP_DEREF_NEVER);
if (is_array($group)) {
$group = array_change_key_case($group);
# If you are using groupOfNames objectClass
if (array_key_exists('member', $group) && !is_array($group['member'])) {
$group['member'] = array($group['member']);
}
if (array_key_exists('member', $group) && in_array($user, arrayLower($group['member']))) {
return true;
}
# If you are using groupOfUniqueNames objectClass
if (array_key_exists('uniquemember', $group) && !is_array($group['uniquemember'])) {
$group['uniquemember'] = array($group['uniquemember']);
}
if (array_key_exists('uniquemember', $group) && in_array($user, arrayLower($group['uniquemember']))) {
return true;
}
return false;
}
}
/**
* This function will test if a user is a member of a group.
*
* Inputs:
* @param string $user membership value that is being checked
* @param dn $group DN to see if user is a member
* @return bool true|false
*/
function userIsMember($user, $group)
{
if (DEBUG_ENABLED && (($fargs = func_get_args()) || ($fargs = 'NOARGS'))) {
debug_log('Entered (%%)', 17, 0, __FILE__, __LINE__, __METHOD__, $fargs);
}
$user = strtolower($user);
$group = $this->getDNAttrValues($group);
# If you are using groupOfNames objectClass
if (array_key_exists('member', $group) && !is_array($group['member'])) {
$group['member'] = array($group['member']);
}
if (array_key_exists('member', $group) && in_array($user, arrayLower($group['member']))) {
return true;
}
# If you are using groupOfUniqueNames objectClass
if (array_key_exists('uniquemember', $group) && !is_array($group['uniquemember'])) {
$group['uniquemember'] = array($group['uniquemember']);
}
if (array_key_exists('uniquemember', $group) && in_array($user, arrayLower($group['uniquemember']))) {
return true;
}
return false;
}
/**
* Attribute sorting
*/
function sortAttrs($a, $b)
{
if (DEBUG_ENABLED && (($fargs = func_get_args()) || ($fargs = 'NOARGS'))) {
debug_log('Entered (%%)', 1, 0, __FILE__, __LINE__, __METHOD__, $fargs);
}
if ($a == $b) {
return 0;
}
$server = $_SESSION[APPCONFIG]->getServer(get_request('server_id', 'REQUEST'));
$attrs_display_order = arrayLower($_SESSION[APPCONFIG]->getValue('appearance', 'attr_display_order'));
# Check if $a is in $attrs_display_order, get its key
$a_key = array_search($a->getName(), $attrs_display_order);
$b_key = array_search($b->getName(), $attrs_display_order);
if (!$a_key && $a_key !== 0) {
if (!($a_key = array_search(strtolower($a->getFriendlyName()), $attrs_display_order)) && $a_key !== 0) {
$a_key = count($attrs_display_order) + 1;
}
}
if (!$b_key && $b_key !== 0) {
if (!($b_key = array_search(strtolower($b->getFriendlyName()), $attrs_display_order)) && $b_key !== 0) {
$b_key = count($attrs_display_order) + 1;
}
}
# Case where neither $a, nor $b are in $attrs_display_order, $a_key = $b_key = one greater than num elements.
# So we sort them alphabetically
if ($a_key === $b_key) {
return strcasecmp($a->getFriendlyName(), $b->getFriendlyName());
}
# Case where at least one attribute or its friendly name is in $attrs_display_order
# return -1 if $a before $b in $attrs_display_order
return $a_key < $b_key ? -1 : 1;
}
protected function getMenuItemAttribute($attribute, $action)
{
if (DEBUG_ENABLED && (($fargs = func_get_args()) || ($fargs = 'NOARGS'))) {
debug_log('Entered (%%)', 129, 0, __FILE__, __LINE__, __METHOD__, $fargs);
}
if (DEBUGTMP) {
printf('<font size=-2>%s</font><br />', __METHOD__);
}
# If there is no DN, then this is a creating entry.
if ($this->template->getContext() == 'create' || $this->template->isReadOnly()) {
return false;
}
switch ($action) {
case 'add':
if ($attribute->isVisible() && !$attribute->isReadOnly() && $_SESSION[APPCONFIG]->isCommandAvailable('script', 'add_value_form')) {
if ($attribute->haveMoreValues()) {
return $this->get('AddValueMenuItem', $attribute);
}
}
return '';
case 'modify':
if (in_array($attribute->getName(), arrayLower($_SESSION[APPCONFIG]->getValue('modify_member', 'groupattr')))) {
if ($attribute->isVisible() && !$attribute->isReadOnly() && !$attribute->isRDN() && $_SESSION[APPCONFIG]->isCommandAvailable('script', 'modify_member_form')) {
return $this->get('ModifyMemberMenuItem', $attribute);
}
}
return '';
case 'rename':
if ($attribute->isVisible() && $attribute->isRDN() && !$attribute->isReadOnly() && $_SESSION[APPCONFIG]->isCommandAvailable('script', 'rename_form') && $_SESSION[APPCONFIG]->isCommandAvailable('script', 'rename')) {
return $this->get('RenameMenuItem', $attribute);
}
return '';
default:
return false;
}
}
if (isset($friendly_attrs[strtolower($attr)])) {
$attr_display = $friendly_attrs[strtolower($attr)];
$attr_note = "<acronym title=\"" . sprintf(_('Note: \'%s\' is an alias for \'%s\''), $attr_display, $attr) . "\">alias</acronym>";
} else {
$attr_display = $attr;
}
# is this attribute required by an objectClass?
$required_by = '';
if ($schema_attr) {
foreach ($schema_attr->getRequiredByObjectClasses() as $required) {
if (isset($attrs['objectClass']) && !is_array($attrs['objectClass'])) {
$attrs['objectClass'] = array($attrs['objectClass']);
}
if (isset($attrs['objectClass']) && in_array(strtolower($required), arrayLower($attrs['objectClass']))) {
$required_by .= $required . ' ';
} elseif (isset($attrs['objectclass']) && in_array(strtolower($required), arrayLower($attrs['objectclass']))) {
$required_by .= $required . ' ';
}
}
}
if ($required_by) {
if (trim($attr_note)) {
$attr_note .= ', ';
}
$attr_note .= "<acronym title=\"" . sprintf(_('Required attribute for objectClass(es) %s'), $required_by) . "\">" . _('required') . "</acronym> ";
}
# is this attribute required because its the RDN
if (preg_match("/^{$attr}=/", $rdn)) {
if (trim($attr_note)) {
$attr_note .= ', ';
}
