/** * Updates a user in the backend. * * @param array $info The user information to save. * * @return array The user information. * @throws Vilma_Exception */ protected function _updateUser($info) { $address = $info['address']; if (empty($address)) { $user_name = $info['user_name']; $domain = $info['domain']; if (empty($user_name)) { throw new Vilma_Exception(_("Unable to acquire handle on address.")); } $address = $info['user_name'] . $info['domain']; } $addrinfo = $this->getAddressInfo($address); $type = $addrinfo['type']; if ($type != 'user') { throw new Vilma_Exception(sprintf(_("Unable to save account of type \"%s\""), $type)); } $user_info = $this->_searchForUser($address); if ($res['count'] === 0) { throw new Vilma_Exception(_("Error reading address information from backend.")); } $objectClassData = null; if (isset($user_info[0]['objectclass'])) { $objectClassData = $user_info[0]['objectclass']; } // Don't want to save this to LDAP. unset($info['mode']); // Special case for the password: If it was provided, it needs // to be crypted. Otherwise, ignore it. if (isset($info['password'])) { if (!empty($user['password'])) { // FIXME: Allow choice of hash $info['user_password'] = Horde_Auth::getCryptedPassowrd($info['password'], '', 'ssha', true); } unset($info['password']); } $tmp['dn'] = $addrinfo['id']; foreach ($info as $key => $val) { $attr = $this->_fieldmap[$key]; $tmp[$attr] = $val; } // Bind with appropriate dn to give update access. $res = ldap_bind($this->_ldap, $this->_params['ldap']['binddn'], $this->_params['ldap']['bindpw']); if (!$res) { throw new Vilma_Exception(_("Unable to bind to the LDAP server. Check authentication credentials.")); } // Prepare data. $entry['cn'] = $info['user_full_name']; // sn is not used operationally but we make an effort to be // something sensical. No guarantees, though. $entry['sn'] = array_pop(explode(' ', $info['user_full_name'])); $entry['mail'] = $info['user_name'] . $info['domain']; $entry['uid'] = $entry['mail']; $entry['homeDirectory'] = '/srv/vhost/mail/' . $info['domain'] . '/' . $info['user_name']; if ($type != 'group' && $type != 'forward') { $entry['qmailUID'] = $entry['qmailGID'] = 8; } $entry['accountstatus'] = $info['user_enabled']; if (isset($info['password']) && !empty($info['password'])) { // FIXME: Allow choice of hash $entry['userPassword'] = Horde_Auth::getCryptedPassword($info['password'], '', 'ssha', true); } if (isset($objectClassData)) { array_shift($objectClassData); $entry['objectclass'] = $objectClassData; } else { $entry['objectclass'] = array('top', 'person', 'organizationalPerson', 'inetOrgPerson', 'hordePerson', 'qmailUser'); } // Stir in any site-local custom LDAP attributes. try { $entry = Horde::callHook('getLDAPAttrs', array($entry), 'vilma'); } catch (Horde_Exception_HookNotSet $e) { } $rdn = 'mail=' . $entry['mail']; $dn = $rdn . ',' . $this->_params['ldap']['basedn']; $res = @ldap_modify($this->_ldap, $dn, $entry); if ($res === false) { throw new Vilma_Exception(sprintf(_("Error modifying account: %s"), @ldap_error($this->_ldap))); } return $dn; }