/**
* Updates a user in the backend.
*
* @param array $info The user information to save.
*
* @return array The user information.
* @throws Vilma_Exception
*/
protected function _updateUser($info)
{
$address = $info['address'];
if (empty($address)) {
$user_name = $info['user_name'];
$domain = $info['domain'];
if (empty($user_name)) {
throw new Vilma_Exception(_("Unable to acquire handle on address."));
}
$address = $info['user_name'] . $info['domain'];
}
$addrinfo = $this->getAddressInfo($address);
$type = $addrinfo['type'];
if ($type != 'user') {
throw new Vilma_Exception(sprintf(_("Unable to save account of type \"%s\""), $type));
}
$user_info = $this->_searchForUser($address);
if ($res['count'] === 0) {
throw new Vilma_Exception(_("Error reading address information from backend."));
}
$objectClassData = null;
if (isset($user_info[0]['objectclass'])) {
$objectClassData = $user_info[0]['objectclass'];
}
// Don't want to save this to LDAP.
unset($info['mode']);
// Special case for the password: If it was provided, it needs
// to be crypted. Otherwise, ignore it.
if (isset($info['password'])) {
if (!empty($user['password'])) {
// FIXME: Allow choice of hash
$info['user_password'] = Horde_Auth::getCryptedPassowrd($info['password'], '', 'ssha', true);
}
unset($info['password']);
}
$tmp['dn'] = $addrinfo['id'];
foreach ($info as $key => $val) {
$attr = $this->_fieldmap[$key];
$tmp[$attr] = $val;
}
// Bind with appropriate dn to give update access.
$res = ldap_bind($this->_ldap, $this->_params['ldap']['binddn'], $this->_params['ldap']['bindpw']);
if (!$res) {
throw new Vilma_Exception(_("Unable to bind to the LDAP server. Check authentication credentials."));
}
// Prepare data.
$entry['cn'] = $info['user_full_name'];
// sn is not used operationally but we make an effort to be
// something sensical. No guarantees, though.
$entry['sn'] = array_pop(explode(' ', $info['user_full_name']));
$entry['mail'] = $info['user_name'] . $info['domain'];
$entry['uid'] = $entry['mail'];
$entry['homeDirectory'] = '/srv/vhost/mail/' . $info['domain'] . '/' . $info['user_name'];
if ($type != 'group' && $type != 'forward') {
$entry['qmailUID'] = $entry['qmailGID'] = 8;
}
$entry['accountstatus'] = $info['user_enabled'];
if (isset($info['password']) && !empty($info['password'])) {
// FIXME: Allow choice of hash
$entry['userPassword'] = Horde_Auth::getCryptedPassword($info['password'], '', 'ssha', true);
}
if (isset($objectClassData)) {
array_shift($objectClassData);
$entry['objectclass'] = $objectClassData;
} else {
$entry['objectclass'] = array('top', 'person', 'organizationalPerson', 'inetOrgPerson', 'hordePerson', 'qmailUser');
}
// Stir in any site-local custom LDAP attributes.
try {
$entry = Horde::callHook('getLDAPAttrs', array($entry), 'vilma');
} catch (Horde_Exception_HookNotSet $e) {
}
$rdn = 'mail=' . $entry['mail'];
$dn = $rdn . ',' . $this->_params['ldap']['basedn'];
$res = @ldap_modify($this->_ldap, $dn, $entry);
if ($res === false) {
throw new Vilma_Exception(sprintf(_("Error modifying account: %s"), @ldap_error($this->_ldap)));
}
return $dn;
}
