[evolvis-commits] r9667: OO rewrite of system interaction↵
mirabilos at evolvis.org
mirabilos at evolvis.org
Thu Feb 24 17:29:08 CET 2011
Author: mirabilos
Date: 2011-02-24 17:29:08 +0100 (Thu, 24 Feb 2011)
New Revision: 9667
Added:
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/System.class
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/LDAP.class
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/UNIX.class
trunk/gforge_base/evolvisforge-5.1/gforge/db/20040507.sql
trunk/gforge_base/evolvisforge-5.1/gforge/etc/local.d/15system
Removed:
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/ldap.php
Modified:
trunk/gforge_base/evolvisforge-5.1/gforge/ChangeLog
trunk/gforge_base/evolvisforge-5.1/gforge/README.setup
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/User.class
trunk/gforge_base/evolvisforge-5.1/gforge/db/200403252.sql
trunk/gforge_base/evolvisforge-5.1/gforge/deb-specific/db-upgrade.pl
trunk/gforge_base/evolvisforge-5.1/gforge/deb-specific/gforge-config
trunk/gforge_base/evolvisforge-5.1/gforge/debian/changelog
trunk/gforge_base/evolvisforge-5.1/gforge/etc/gforge.conf.example
trunk/gforge_base/evolvisforge-5.1/gforge/etc/local.inc.example
trunk/gforge_base/evolvisforge-5.1/gforge/setup
trunk/gforge_base/evolvisforge-5.1/gforge/www/include/pre.php
Log:
OO rewrite of system interaction
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/ChangeLog
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/ChangeLog 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/ChangeLog 2011-02-24 16:29:08 UTC (rev 9667)
@@ -1,3 +1,28 @@
+2004-05-09 Christian Bayle <bayle at debian.org>
+
+ * Made system management OO (Work in progress)
+ created common/include/system dir that
+ contains UNIX and LDAP implementation
+ Now you have to choose your sys_account_manager_type
+ in local.inc, defaulted to UNIX
+ ldpa.php is removed, the code was moved in LDAP.class
+ sys_use_ldap will be removed shortly and replace by the
+ use of sys_account_manager_type=LDAP
+ Side effect will be the possibility to implement easily your
+ own system account manager do deal, e.g. with your company NIS,or
+ already existing user accounts.
+ The default behaviour stays the same.
+ I also added sys_state columns with db/20040507.sql
+ This is not yet used but will allow faster user creation
+ sys_state will have 5 possible values
+ R=request system account creation
+ S=request system account suppression
+ C=system account created
+ D=system account deleted
+ E=system account creation error
+ F=system account deletion error
+ N=no request
+
2004-05-07 Tom Copeland <tom at infoether.com>
* www/export/rss_sfnewreleases.php: Fixed a couple of
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/README.setup
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/README.setup 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/README.setup 2011-02-24 16:29:08 UTC (rev 9667)
@@ -24,6 +24,7 @@
mv etc/httpd.secrets etc/httpd.secrets.example
mv etc/database.inc etc/database.inc.example
mv etc/local.pl etc/local.pl.example
+rm etc/httpd.vhosts
#
# ./setup -help will give you all available switch
#
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/Group.class 2011-02-24 16:29:08 UTC (rev 9667)
@@ -584,7 +584,7 @@
* @access public.
*/
function setStatus(&$user, $status) {
- global $Language;
+ global $Language,$SYS;
$perm =& $this->getPermission($user);
@@ -631,10 +631,10 @@
if ($status=='A') {
// Activate LDAP group, if not yet
- if (!sf_ldap_check_group($this->getID())) {
+ if (!$SYS->sys_check_group($this->getID())) {
- if (!sf_ldap_create_group($this->getID())) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_create_group($this->getID())) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -647,10 +647,10 @@
/* Otherwise, the group is not active, and make sure that
LDAP group is not active either */
- } else if (sf_ldap_check_group($this->getID())) {
+ } else if ($SYS->sys_check_group($this->getID())) {
- if (!sf_ldap_remove_group($this->getID())) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_remove_group($this->getID())) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -1163,6 +1163,7 @@
* @access public.
*/
function addUser($user_unix_name) {
+ global $Language,$SYS;
/*
Admins can add users to groups
*/
@@ -1211,12 +1212,12 @@
if ( !db_result($res_newuser,0,'unix_uid') ) {
$user=&user_get_object($form_newuid,$res_newuser);
if (!$user->setUpUnixUID()) {
- $this->setError('ERROR: Cannot assign UNIX uid to the user');
+ $this->setError('ERROR: Cannot assign UNIX uid to the user: '.$user->getErrorMessage());
db_rollback();
return false;
}
- if (!sf_ldap_create_user($form_newuid)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_create_user($form_newuid)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -1224,8 +1225,8 @@
//
// User already had unix account
//
- if (!sf_ldap_check_create_user($form_newuid)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_check_create_user($form_newuid)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -1247,8 +1248,8 @@
//
// set up their ldap info
//
- if (!sf_ldap_group_add_user($this->getID(),$form_newuid)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_group_add_user($this->getID(),$form_newuid)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -1261,18 +1262,18 @@
//
$user=&user_get_object($form_newuid,$res_newuser);
if (!$user->setUpUnixUID()) {
- $this->setError('ERROR: could not set up unix_uid for user: '.$user->getErrorMessage());
+ $this->setError('ERROR: Cannot assign UNIX uid to the user: '.$user->getErrorMessage());
db_rollback();
return false;
} else {
$user->fetchData($user->getID());
- if (!sf_ldap_check_create_user($form_newuid)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_check_create_user($form_newuid)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
- if (!sf_ldap_group_add_user($this->getID(),$form_newuid)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_group_add_user($this->getID(),$form_newuid)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -1305,6 +1306,7 @@
* @return boolean success.
*/
function removeUser($user_id) {
+ global $Language,$SYS;
if ($user_id==user_getid()) {
//users can remove themselves
@@ -1343,8 +1345,8 @@
WHERE group_id='".$this->getID()."')
AND user_id='$user_id'");
- if (!sf_ldap_group_remove_user($this->getID(),$user_id)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_group_remove_user($this->getID(),$user_id)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -1371,6 +1373,7 @@
* @return boolean success.
*/
function updateUser($user_id,$admin_flags='',$forum_flags=0,$project_flags=1,$doc_flags=0,$cvs_flags=1,$release_flags=1,$member_role=100,$artifact_flags=0) {
+ global $Language,$SYS;
$perm =& $this->getPermission( session_get_user() );
@@ -1409,14 +1412,14 @@
// else - restricted.
//
if ($cvs_flags>1) {
- if (!sf_ldap_user_set_attribute($user_id,"debGforgeCvsShell","/bin/bash")) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_user_set_attribute($user_id,"debGforgeCvsShell","/bin/bash")) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
} else {
- if (!sf_ldap_user_set_attribute($user_id,"debGforgeCvsShell","/bin/cvssh")) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_user_set_attribute($user_id,"debGforgeCvsShell","/bin/cvssh")) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -1427,14 +1430,14 @@
// one to be promoted to CVS group, else, demoted.
//
if ($cvs_flags>0) {
- if (!sf_ldap_group_add_user($this->getID(),$user_id,1)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_group_add_user($this->getID(),$user_id,1)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
} else {
- if (!sf_ldap_group_remove_user($this->getID(),$user_id,1)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_group_remove_user($this->getID(),$user_id,1)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
Added: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/System.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/System.class (rev 0)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/System.class 2011-02-24 16:29:08 UTC (rev 9667)
@@ -0,0 +1,201 @@
+<?php
+/**
+ * System class
+ *
+ * Class to interact with the system
+ *
+ * @version $Id$
+ * @author Christian Bayle
+ * @date 2004-02-05
+ *
+ * This file is part of GForge.
+ *
+ * GForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GForge is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+/*
+ * Constants
+ */
+
+/**
+ * Value to add to group_id to get unix gid
+ *
+ * @var constant $GID_ADD
+ */
+$GID_ADD = 10000;
+
+/**
+ * Value to add to unix_uid to get unix uid
+ *
+ * @var constant $UID_ADD
+ */
+$UID_ADD = 20000;
+
+/**
+ * Value to add to unix gid to get unix uid of anoncvs special user
+ *
+ * @var constant $ANONCVS_UID_ADD
+ */
+$ANONCVS_UID_ADD = 50000;
+
+class System extends Error {
+ /**
+ * System()
+ *
+ */
+ function System() {
+ $this->Error();
+ return true;
+ }
+
+ /*
+ * User management functions
+ */
+
+ /**
+ * sys_check_user() - Check for the existence of a user
+ *
+ * @param int The user ID of the user to check
+ * @returns true on success/false on error
+ *
+ */
+ function sys_check_user($user_id) {
+ $user =& user_get_object($user_id);
+ if (!$user) {
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * sys_create_user() - Create a user
+ *
+ * @param int The user ID of the user to create
+ * @returns The return status
+ *
+ */
+ function sys_create_user($user_id) {
+ $user = &user_get_object($user_id);
+ if (!$user) {
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * sys_check_create_user() - Check that a user has been created
+ *
+ * @param int The ID of the user to check
+ * @returns true on success/false on error
+ *
+ */
+ function sys_check_create_user($user_id) {
+ return true;
+ }
+
+ /**
+ * sys_remove_user() - Remove a user
+ *
+ * @param int The user ID of the user to remove
+ * @returns true on success/false on failure
+ *
+ */
+ function sys_remove_user($user_id) {
+ return true;
+ }
+
+ /**
+ * sys_user_set_attribute() - Set an attribute for a user
+ *
+ * @param int The user ID
+ * @param string The attribute to set
+ * @param string The new value of the attribute
+ * @returns true on success/false on error
+ *
+ */
+ function sys_user_set_attribute($user_id,$attr,$value) {
+ return true;
+ }
+
+ /*
+ * Group management functions
+ */
+
+ /**
+ * sys_check_group() - Check for the existence of a group
+ *
+ * @param int The ID of the group to check
+ * @returns true on success/false on error
+ *
+ */
+ function sys_check_group($group_id) {
+ return true;
+ }
+
+ /**
+ * sys_create_group() - Create a group
+ *
+ * @param int The ID of the group to create
+ * @returns true on success/false on error
+ *
+ */
+ function sys_create_group($group_id) {
+ return true;
+ }
+
+ /**
+ * sys_remove_group() - Remove a group
+ *
+ * @param int The ID of the group to remove
+ * @returns true on success/false on error
+ *
+ */
+ function sys_remove_group($group_id) {
+ return true;
+ }
+
+ /**
+ * sys_group_add_user() - Add a user to a group
+ *
+ * @param int The ID of the group two which the user will be added
+ * @param int The ID of the user to add
+ * @param bool Only add this user to CVS
+ * @returns true on success/false on error
+ *
+ */
+ function sys_group_add_user($group_id,$user_id,$cvs_only=0) {
+ return true;
+ }
+
+ /**
+ * sys_group_remove_user() - Remove a user from a group
+ *
+ * @param int The ID of the group from which to remove the user
+ * @param int The ID of the user to remove
+ * @param bool Only remove user from CVS group
+ * @returns true on success/false on error
+ *
+ */
+ function sys_group_remove_user($group_id,$user_id,$cvs_only=0) {
+ return true;
+ }
+}
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/User.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/User.class 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/User.class 2011-02-24 16:29:08 UTC (rev 9667)
@@ -544,10 +544,16 @@
/**
* setUnixStatus - Sets status of activation of unix account.
*
- * @param string The unix status.
+ * @param string The unix status.
+ * N no_unix_account
+ * A active
+ * S suspended
+ * D deleted
+ *
* @return boolean success.
*/
function setUnixStatus($status) {
+ global $Language,$SYS;
db_begin();
if ($status != 'N') {
$this->setUpUnixUID () ;
@@ -565,15 +571,15 @@
return false;
} else {
if ($status == 'A') {
- if (!sf_ldap_check_create_user($this->getID())) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_check_create_user($this->getID())) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
} else {
- if (sf_ldap_check_user($this->getID())) {
- if (!sf_ldap_remove_user($this->getID())) {
- $this->setError(sf_ldap_get_error_msg());
+ if ($SYS->sys_check_user($this->getID())) {
+ if (!$SYS->sys_remove_user($this->getID())) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -783,6 +789,7 @@
* @return boolean success.
*/
function setShell($shell) {
+ global $Language,$SYS;
$shells = file('/etc/shells');
$shells[count($shells)] = "/bin/cvssh";
$out_shells = array();
@@ -811,10 +818,10 @@
} else {
// Now change LDAP attribute, but only if corresponding
// entry exists (i.e. if user have shell access)
- if (sf_ldap_check_user($this->getID()))
+ if ($SYS->sys_check_user($this->getID()))
{
- if (!sf_ldap_user_set_attribute($this->getID(),"loginShell",$shell)) {
- $this->setError(sf_ldap_get_error_msg());
+ if (!$SYS->sys_user_set_attribute($this->getID(),"loginShell",$shell)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
@@ -825,11 +832,6 @@
return true;
}
- /**
- * getUnixUid - this user's unix_uid.
- *
- * @return int This user's unix_uid.
- */
function getUnixUID() {
return $this->data_array['unix_uid'];
}
@@ -1105,6 +1107,7 @@
* @return boolean success.
*/
function setPasswd($passwd) {
+ global $Language,$SYS;
if (!account_pwvalid($passwd)) {
$this->setError('Error: '.$GLOBALS['register_error']);
return false;
@@ -1127,9 +1130,9 @@
} else {
// Now change LDAP password, but only if corresponding
// entry exists (i.e. if user have shell access)
- if (sf_ldap_check_user($this->getID())) {
- if (!sf_ldap_user_set_attribute($this->getID(),"userPassword",'{crypt}'.$unix_pw)) {
- $this->setError(sf_ldap_get_error_msg());
+ if ($SYS->sys_check_user($this->getID())) {
+ if (!$SYS->sys_user_set_attribute($this->getID(),"userPassword",'{crypt}'.$unix_pw)) {
+ $this->setError($SYS->getErrorMessage());
db_rollback();
return false;
}
Deleted: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/ldap.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/ldap.php 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/ldap.php 2011-02-24 16:29:08 UTC (rev 9667)
@@ -1,814 +0,0 @@
-<?php
-/**
- * ldap.php - The LDAP library
- *
- * Copyright 1999-2001 (c) VA Linux Systems
- *
- * @version $Id$
- * @author Paul Sokolovsky pfalcon at users.sourceforge.net
- * @date 2000-10-17
- *
- * This file is part of GForge.
- *
- * GForge is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * GForge is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GForge; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-require_once('common/include/account.php');
-
-/*
- * Constants
- */
-
-/**
- * Value to add to group_id to get unix gid
- *
- * @var constant $GID_ADD
- */
-$GID_ADD = 10000;
-
-/**
- * Value to add to unix_uid to get unix uid
- *
- * @var constant $UID_ADD
- */
-$UID_ADD = 20000;
-
-/**
- * Value to add to unix gid to get unix uid of anoncvs special user
- *
- * @var constant $ANONCVS_UID_ADD
- */
-$ANONCVS_UID_ADD = 50000;
-
-/*
- * Auxilary functions
- */
-
-/**
- * asciize() - Replace non-ascii characters with question marks
- *
- * LDAP expects utf-8 encoded character string. Since we cannot
- * know which encoding 8-bit characters in database use, we
- * just replace them with question marks.
- *
- * @param string UTF-8 encoded character string.
- * @return string which contains only ascii characters
- */
-function asciize($str) {
- if (!$str) {
- // LDAP don't allow empty strings for some attributes
- return '?';
- }
-
- return ereg_replace("[\x80-\xff]","?",$str);
-}
-
-/*
- * Error message passing facility
- */
-
-/**
- * sf_ldap_set_error_msg() - Set an LDAP error message
- *
- * @param string The message string to set
- *
- */
-//var $_sf_ldap_error_msg;
-function sf_ldap_set_error_msg($msg) {
- global $_sf_ldap_error_msg;
- $_sf_ldap_error_msg .= $msg;
-}
-
-/**
- * sf_ldap_get_error_msg() - Get an LDAP error message
- *
- * @returns The error message string
- *
- */
-function sf_ldap_get_error_msg() {
- global $_sf_ldap_error_msg;
- return $_sf_ldap_error_msg;
-}
-
-/**
- * sf_ldap_reset_error_msg() - Reset the stored LDAP error message
- *
- */
-function sf_ldap_reset_error_msg() {
- global $_sf_ldap_error_msg;
- $_sf_ldap_error_msg='';
-}
-
-
-/*
- * Wrappers for PHP LDAP functions
- */
-
-/**
- * sf_ldap_connect() - Connect to the LDAP server
- *
- * @returns true on success/false on error
- *
- */
-function sf_ldap_connect() {
- global $sys_ldap_host,$sys_ldap_port;
- global $sys_ldap_bind_dn,$sys_ldap_passwd,$ldap_conn,$sys_ldap_version;
-
- if (!$ldap_conn) {
- sf_ldap_reset_error_msg();
- $ldap_conn = @ldap_connect($sys_ldap_host,$sys_ldap_port);
- if (!$ldap_conn) {
- sf_ldap_set_error_msg('ERROR: Cannot connect to LDAP server<br />');
- return false;
- }
- if ($sys_ldap_version) {
- ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, $sys_ldap_version);
- }
- ldap_bind($ldap_conn,$sys_ldap_bind_dn,$sys_ldap_passwd);
- }
- return true;
-}
-
-/**
- * sf_ldap_add() - Wrapper for ldap_add()
- *
- * @param string dn
- * @param string entry
- *
- */
-function sf_ldap_add($dn, $entry) {
- global $ldap_conn;
- return @ldap_add($ldap_conn,$dn,$entry);
-}
-
-/**
- * sf_ldap_delete() - Wrapper for ldap_delete()
- *
- * @param string dn
- *
- */
-function sf_ldap_delete($dn) {
- global $ldap_conn;
- return @ldap_delete($ldap_conn,$dn);
-}
-
-/**
- * sf_ldap_modify() - Wrapper for ldap_modify()
- *
- * @param string dn
- * @param string entry
- *
- */
-function sf_ldap_modify($dn,$entry) {
- global $ldap_conn;
- return @ldap_modify($ldap_conn,$dn,$entry);
-}
-
-/**
- * sf_ldap_modify_if_exists() - Wrapper for ldap_modify()
- * works like sf_ldap_modify, but returns true if the LDAP entry does not exist
- *
- * @param string dn
- * @param string entry
- *
- */
-function sf_ldap_modify_if_exists($dn,$entry) {
- $res = sf_ldap_modify($dn,$entry);
- if ($res) {
- return true ;
- } else {
- $err = ldap_errno ($ldap_conn) ;
- if ($err == 32) {
- return true ;
- } else {
- return false ;
- }
- };
-}
-
-/**
- * sf_ldap_mod_add() - Wrapper for ldap_mod_add()
- *
- * @param string dn
- * @param string entry
- *
- */
-function sf_ldap_mod_add($dn,$entry) {
- global $ldap_conn;
- return @ldap_mod_add($ldap_conn,$dn,$entry);
-}
-
-/**
- * sf_ldap_mod_del() - Wrapper for ldap_mod_del()
- *
- * @param string dn
- * @param string entry
- *
- */
-function sf_ldap_mod_del($dn,$entry) {
- global $ldap_conn;
- return @ldap_mod_del($ldap_conn,$dn,$entry);
-}
-
-/**
- * sf_ldap_read() - Wrapper for ldap_read()
- *
- * @param string dn
- * @param string filter
- * @param int attrs
- *
- */
-function sf_ldap_read($dn,$filter,$attrs=0) {
- global $ldap_conn;
- return @ldap_read($ldap_conn,$dn,$filter,$attrs);
-}
-
-/**
- * sf_ldap_error() - Wrapper for ldap_error()
- *
- * @see ldap_error()
- *
- */
-function sf_ldap_error() {
- global $ldap_conn;
- return ldap_error($ldap_conn);
-}
-
-/**
- * sf_ldap_errno() - Wrapper for ldap_errno()
- *
- * @see ldap_errno()
- *
- */
-function sf_ldap_errno() {
- global $ldap_conn;
- return ldap_errno($ldap_conn);
-}
-
-/**
- * sf_ldap_already_exists()
- */
-function sf_ldap_already_exists() {
- global $ldap_conn;
- return ldap_errno($ldap_conn)==20;
-}
-
-/**
- * sf_ldap_does_not_exist()
- */
-function sf_ldap_does_not_exist() {
- global $ldap_conn;
- return ldap_errno($ldap_conn)==16;
-}
-
-/*
- * User management functions
- */
-
-/**
- * sf_ldap_check_user() - Check for the existence of a user
- *
- * @param int The user ID of the user to check
- * @returns true on success/false on error
- *
- */
-function sf_ldap_check_user($user_id) {
- $user =& user_get_object($user_id);
- if (!$user) {
- return false;
- }
- return sf_ldap_check_user_by_name($user->getUnixName());
-}
-
-/**
- * sf_ldap_check_user_by_name() - Check for a user by the username
- *
- * @param string The username
- * @returns true on success/false on error
- *
- */
-function sf_ldap_check_user_by_name($user_name) {
- global $ldap_conn;
- global $sys_ldap_base_dn;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- if (!sf_ldap_connect()) {
- return false;
- }
-
- $dn = 'uid='.$user_name.',ou=People,'.$sys_ldap_base_dn;
- $res = sf_ldap_read($dn,"objectClass=*",array("uid"));
- if ($res) {
- ldap_free_result($res);
- return true;
- }
-
- return false;
-}
-
-/**
- * sf_ldap_create_user() - Create a user
- *
- * @param int The user ID of the user to create
- * @returns The return status of sf_ldap_create_user_from_object()
- *
- */
-function sf_ldap_create_user($user_id) {
- $user = &user_get_object($user_id);
- return sf_ldap_create_user_from_object($user);
-}
-
-/**
- * sf_ldap_check_create_user() - Check that a user has been created
- *
- * @param int The ID of the user to check
- * @returns true on success/false on error
- *
- */
-function sf_ldap_check_create_user($user_id) {
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- if (!sf_ldap_check_user($user_id)){
- $user = &user_get_object($user_id);
- return sf_ldap_create_user_from_object($user);
- }
- return true;
-}
-
-/**
- * sf_ldap_create_user_from_object() - Create a user from information contained within an object
- *
- * @param object The user object
- * @returns true on success/false on error
- *
- */
-function sf_ldap_create_user_from_object(&$user) {
- global $sys_ldap_base_dn;
- global $UID_ADD;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
-//echo "sf_ldap_create_user_from_object(".$user->getUnixName().")<br />";
- if (!sf_ldap_connect()) {
- return false;
- }
- $dn = 'uid='.$user->getUnixName().',ou=People,'.$sys_ldap_base_dn;
- $entry['objectClass'][0]='top';
- $entry['objectClass'][1]='account';
- $entry['objectClass'][2]='posixAccount';
- $entry['objectClass'][3]='shadowAccount';
- $entry['objectClass'][4]='debGforgeAccount';
- $entry['uid']=$user->getUnixName();
- $entry['cn']=asciize($user->getRealName());
- $entry['gecos']=asciize($user->getRealName());
- $entry['userPassword']='{crypt}'.$user->getUnixPasswd();
- $entry['homeDirectory'] = account_user_homedir($user->getUnixName());
- $entry['loginShell']=$user->getShell();
- $entry['debGforgeCvsShell']="/bin/cvssh"; // unless explicitly set otherwise, developer has write access
- $entry['debGforgeForwardEmail']=$user->getEmail();
- $entry['uidNumber']=$user->getUnixUID() + $UID_ADD;
- $entry['gidNumber']=$user->getUnixUID() + $UID_ADD; // users as in debian backend
- $entry['shadowLastChange']=1; // We don't have expiration, so any non-0
- $entry['shadowMax']=99999;
- $entry['shadowWarning']=7;
-
- if (!sf_ldap_add($dn,$entry)) {
- sf_ldap_set_error_msg("ERROR: cannot add LDAP user entry '".
- $user->getUnixName()."': ".sf_ldap_error()."<br />");
- return false;
- }
- return true;
-}
-
-/**
- * sf_ldap_create_user_from_props() - Creates an LDAP user from
- *
- * @param string The username
- * @param string ????
- * @param string The encrypted password
- * @returns true on success/false on error
- *
- */
-function sf_ldap_create_user_from_props($username, $cn, $crypt_pw,
- $shell, $cvsshell, $uid, $gid, $email) {
- global $sys_ldap_base_dn;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- if (!sf_ldap_connect()) {
- return false;
- }
- $dn = 'uid='.$username.',ou=People,'.$sys_ldap_base_dn;
- $entry['objectClass'][0]='top';
- $entry['objectClass'][1]='account';
- $entry['objectClass'][2]='posixAccount';
- $entry['objectClass'][3]='shadowAccount';
- $entry['objectClass'][4]='debGforgeAccount';
- $entry['uid']=$username;
- $entry['cn']=asciize($cn);
- $entry['gecos']=asciize($cn);
- $entry['userPassword']='{crypt}'.$crypt_pw;
- $entry['homeDirectory'] = account_user_homedir($username);
- $entry['loginShell']=$shell;
- $entry['debGforgeCvsShell']=$cvsshell;
- $entry['debGforgeForwardEmail']=$email;
- $entry['uidNumber']=$uid;
- $entry['gidNumber']=$gid;
- $entry['shadowLastChange']=1;
- $entry['shadowMax']=99999;
- $entry['shadowWarning']=7;
-
- if (!sf_ldap_add($dn,$entry)) {
- sf_ldap_set_error_msg("ERROR: cannot add LDAP user entry '".
- $username."': ".sf_ldap_error()."<br />");
- return false;
- }
- return true;
-}
-
-/**
- * sf_ldap_remove_user() - Remove an LDAP user
- *
- * @param int The user ID of the user to remove
- * @returns true on success/false on failure
- *
- */
-function sf_ldap_remove_user($user_id) {
- global $sys_ldap_base_dn;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- $user = &user_get_object($user_id);
- if (!sf_ldap_connect()) {
- return false;
- }
- $dn = 'uid='.$user->getUnixName().',ou=People,'.$sys_ldap_base_dn;
-
- if (!sf_ldap_delete($dn)) {
- sf_ldap_set_error_msg("ERROR: cannot delete LDAP user entry '".
- $user->getUnixName()."': ".sf_ldap_error()."<br />");
- return false;
- }
- return true;
-}
-
-/**
- * sf_ldap_user_set_attribute() - Set an attribute for a user
- *
- * @param int The user ID
- * @param string The attribute to set
- * @param string The new value of the attribute
- * @returns true on success/false on error
- *
- */
-function sf_ldap_user_set_attribute($user_id,$attr,$value) {
- global $sys_ldap_base_dn;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- $user = &user_get_object($user_id);
-//echo "sf_ldap_user_set_attribute(".$user->getUnixName().",".$attr.",".$value.")<br />";
- if (!sf_ldap_connect()) {
- return false;
- }
- $dn = 'uid='.$user->getUnixName().',ou=People,'.$sys_ldap_base_dn;
- $entry[$attr]=$value;
-
- if (!sf_ldap_modify_if_exists($dn, $entry)) {
- sf_ldap_set_error_msg("ERROR: cannot change LDAP attribute '$attr' for user '".
- $user->getUnixName()."': ".sf_ldap_error()."<br />");
- return false;
- }
- return true;
-}
-
-/*
- * Group management functions
- */
-
-/**
- * sf_ldap_check_group() - Check for the existence of a group
- *
- * @param int The ID of the group to check
- * @returns true on success/false on error
- *
- */
-function sf_ldap_check_group($group_id) {
- global $ldap_conn;
- global $sys_ldap_base_dn;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return false;
- }
-
- $group = &group_get_object($group_id);
- if (!$group) {
- sf_ldap_set_error_msg("ERROR: Cannot find group [$group_id]<br />");
- return false;
- }
- if (!sf_ldap_connect()) {
- return false;
- }
- $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
- $res=sf_ldap_read($dn, "objectClass=*", array("cn"));
- if ($res) {
- ldap_free_result($res);
- return true;
- }
- return false;
-}
-
-/**
- * sf_ldap_create_group() - Create a group
- *
- * @param int The ID of the group to create
- * @returns true on success/false on error
- *
- */
-function sf_ldap_create_group($group_id) {
- global $sys_ldap_base_dn;
- global $GID_ADD;
- global $ANONCVS_UID_ADD;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- $group = &group_get_object($group_id);
- if (!sf_ldap_connect()) {
- return false;
- }
- $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
- $entry['objectClass'][0]='top';
- $entry['objectClass'][1]='posixGroup';
- $entry['cn']=$group->getUnixName();
- $entry['userPassword']='{crypt}x';
- $entry['gidNumber']=$group->getID() + $GID_ADD;
-
- $i=0; $i_cvs=0;
-
- $ret_val=true;
-
- if (!sf_ldap_add($dn,$entry)) {
- sf_ldap_set_error_msg("ERROR: cannot add LDAP group entry '".
- $group->getUnixName()."': ".sf_ldap_error()."<br />");
- // If there's error, that's bad. But don't stop.
- $ret_val=false;
- }
-
- //
- // Now create CVS group
- //
-
- // Add virtual anoncvs user to CVS group
- $cvs_member_list[$i_cvs++] = 'anoncvs_'.$group->getUnixName();
-
- $dn = 'cn='.$group->getUnixName().',ou=cvsGroup,'.$sys_ldap_base_dn;
-
- if ($cvs_member_list) {
- $entry['memberUid']=$cvs_member_list;
- } else {
- unset($entry['memberUid']);
- }
-
- if (!sf_ldap_add($dn,$entry)) {
- sf_ldap_set_error_msg("ERROR: cannot add LDAP CVS group entry '"
- .$group->getUnixName()."': ".sf_ldap_error()."<br />");
- $ret_val=false;
- }
-
- //
- // Finally, setup AnonCVS virtual user
- //
-
- if (!sf_ldap_check_user_by_name('anoncvs_'.$group->getUnixName())
- && !sf_ldap_create_user_from_props('anoncvs_'.$group->getUnixName(),
- 'anoncvs', 'x',
- '/bin/false', '/bin/false',
- $group_id+$GID_ADD+$ANONCVS_UID_ADD,
- $group_id+$GID_ADD, "/dev/null")) {
- sf_ldap_set_error_msg("ERROR: cannot add LDAP AnonCVS user entry '"
- .$group->getUnixName()."': ".sf_ldap_error()."<br />");
- $ret_val=false;
- }
-
- return $ret_val;
-}
-
-/**
- * sf_ldap_remove_group() - Remove a group
- *
- * @param int The ID of the group to remove
- * @returns true on success/false on error
- *
- */
-function sf_ldap_remove_group($group_id) {
- global $sys_ldap_base_dn;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- $group = &group_get_object($group_id);
- if (!sf_ldap_connect()) {
- return false;
- }
-
- //
- // Remove shell LDAP group
- //
- $ret_val=true;
-
- $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
-
- if (!sf_ldap_delete($dn)) {
- sf_ldap_set_error_msg("ERROR: cannot delete LDAP group entry '".
- $group->getUnixName()."': ".sf_ldap_error()."<br />");
- $ret_val = false;
- }
-
- //
- // Remove CVS LDAP group
- //
-
- $dn = 'cn='.$group->getUnixName().',ou=cvsGroup,'.$sys_ldap_base_dn;
-
- if (!sf_ldap_delete($dn)) {
- sf_ldap_set_error_msg("ERROR: cannot delete LDAP CVS group entry '".
- $group->getUnixName()."': ".sf_ldap_error()."<br />");
- $ret_val = false;
- }
-
- //
- // Remove AnonCVS virtual user
- //
-
- $dn = 'uid=anoncvs_'.$group->getUnixName().',ou=People,'.$sys_ldap_base_dn;
- if (!sf_ldap_delete($dn)) {
- sf_ldap_set_error_msg("ERROR: cannot delete LDAP AnonCVS user entry '".
- $group->getUnixName()."': ".sf_ldap_error()."<br />");
- $ret_val = false;
- }
-
- return $ret_val;
-}
-
-/**
- * sf_ldap_group_add_user() - Add a user to an LDAP group
- *
- * @param int The ID of the group two which the user will be added
- * @param int The ID of the user to add
- * @param bool Only add this user to CVS
- * @returns true on success/false on error
- *
- */
-function sf_ldap_group_add_user($group_id,$user_id,$cvs_only=0) {
- global $ldap_conn;
- global $sys_ldap_base_dn;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- $group = &group_get_object($group_id);
- $user = &user_get_object($user_id);
- if (!sf_ldap_connect()) {
- return false;
- }
- $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
- $cvs_dn = 'cn='.$group->getUnixName().',ou=cvsGroup,'.$sys_ldap_base_dn;
- $entry['memberUid'] = $user->getUnixName();
-
- //
- // Check if user already a member of CVS group
- //
-
- $res=sf_ldap_read($cvs_dn,"memberUid=".$user->getUnixName(),array("cn"));
- if ($res && ldap_count_entries($ldap_conn,$res)>0) {
- //echo "already a member of CVS<br />";
- } else {
- //
- // No, add one
- //
-
- if (!sf_ldap_mod_add($cvs_dn,$entry)) {
- sf_ldap_set_error_msg("ERROR: cannot add member to LDAP CVS group entry '".
- $group->getUnixName()."': ".sf_ldap_error()."<br />");
- return false;
- }
- }
-
- ldap_free_result($res);
-
- if ($cvs_only) {
- return true;
- }
-
- //
- // Check if user already a member of shell group
- //
- $res = sf_ldap_read($dn, "memberUid=".$user->getUnixName(), array("cn"));
-
- if ($res && ldap_count_entries($ldap_conn,$res)>0) {
- //echo "already a member<br />";
- } else {
- //
- // No, add one
- //
-
- if (!sf_ldap_mod_add($dn,$entry)) {
- sf_ldap_set_error_msg("ERROR: cannot add member to LDAP group entry '".
- $group->getUnixName()."': ".sf_ldap_error()."<br />");
- return false;
- }
- }
-
- ldap_free_result($res);
-
- return true;
-}
-
-/**
- * sf_ldap_group_remove_user() - Remove a user from an LDAP group
- *
- * @param int The ID of the group from which to remove the user
- * @param int The ID of the user to remove
- * @param bool Only remove user from CVS group
- * @returns true on success/false on error
- *
- */
-function sf_ldap_group_remove_user($group_id,$user_id,$cvs_only=0) {
- global $sys_ldap_base_dn;
-
- global $sys_use_ldap;
- if (!$sys_use_ldap) {
- return true;
- }
-
- $group = &group_get_object($group_id);
- $user = &user_get_object($user_id);
- if (!sf_ldap_connect()) {
- return false;
- }
-
- $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
- $cvs_dn = 'cn='.$group->getUnixName().',ou=cvsGroup,'.$sys_ldap_base_dn;
- $entry['memberUid'] = $user->getUnixName();
-
- $ret_val=true;
-
- if (!sf_ldap_mod_del($cvs_dn,$entry) && !sf_ldap_does_not_exist()) {
- sf_ldap_set_error_msg("ERROR: cannot remove member from LDAP CVS group entry '".
- $group->getUnixName()."': ".sf_ldap_error()."(".sf_ldap_errno().")"."<br />");
- $ret_val=false;
- }
-
- if ($cvs_only) {
- return $ret_val;
- }
-
- if (!sf_ldap_mod_del($dn,$entry) && !sf_ldap_does_not_exist()) {
- sf_ldap_set_error_msg("ERROR: cannot remove member from LDAP group entry '".
- $group->getUnixName()."': ".sf_ldap_error()."(".sf_ldap_errno().")"."<br />");
- $ret_val=false;
- }
-
- return $ret_val;
-}
-
-?>
Added: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/LDAP.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/LDAP.class (rev 0)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/LDAP.class 2011-02-24 16:29:08 UTC (rev 9667)
@@ -0,0 +1,766 @@
+<?php
+/**
+ * LDAP class
+ *
+ * Class to interact with the system
+ *
+ * @version $Id$
+ * @author Christian Bayle
+ * @date 2004-02-05
+ *
+ * This file is part of GForge.
+ * It's OO version of ancient ldap.php
+ *
+ * GForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GForge is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+require_once('common/include/account.php');
+
+class LDAP extends System {
+ /**
+ * LDAP()
+ *
+ */
+ function LDAP() {
+ $this->System();
+ return true;
+ }
+
+ /*
+ * Auxilary functions
+ */
+
+ /**
+ * asciize() - Replace non-ascii characters with question marks
+ *
+ * LDAP expects utf-8 encoded character string. Since we cannot
+ * know which encoding 8-bit characters in database use, we
+ * just replace them with question marks.
+ *
+ * @param string UTF-8 encoded character string.
+ * @return string which contains only ascii characters
+ */
+ function asciize($str) {
+ if (!$str) {
+ // LDAP don't allow empty strings for some attributes
+ return '?';
+ }
+
+ return ereg_replace("[\x80-\xff]","?",$str);
+ }
+
+ /*
+ * Wrappers for PHP LDAP functions
+ */
+
+ /**
+ * gf_ldap_connect() - Connect to the LDAP server
+ *
+ * @returns true on success/false on error
+ *
+ */
+ function gf_ldap_connect() {
+ global $sys_ldap_host,$sys_ldap_port;
+ global $sys_ldap_bind_dn,$sys_ldap_passwd,$ldap_conn,$sys_ldap_version;
+
+ if (!$ldap_conn) {
+ $this->clearError();
+ $ldap_conn = @ldap_connect($sys_ldap_host,$sys_ldap_port);
+ if (!$ldap_conn) {
+ $this->setError('ERROR: Cannot connect to LDAP server<br />');
+ return false;
+ }
+ if ($sys_ldap_version) {
+ ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, $sys_ldap_version);
+ }
+ ldap_bind($ldap_conn,$sys_ldap_bind_dn,$sys_ldap_passwd);
+ }
+ return true;
+ }
+
+ /**
+ * gf_ldap_add() - Wrapper for ldap_add()
+ *
+ * @param string dn
+ * @param string entry
+ *
+ */
+ function gf_ldap_add($dn, $entry) {
+ global $ldap_conn;
+ return @ldap_add($ldap_conn,$dn,$entry);
+ }
+
+ /**
+ * gf_ldap_delete() - Wrapper for ldap_delete()
+ *
+ * @param string dn
+ *
+ */
+ function gf_ldap_delete($dn) {
+ global $ldap_conn;
+ return @ldap_delete($ldap_conn,$dn);
+ }
+
+ /**
+ * gf_ldap_modify() - Wrapper for ldap_modify()
+ *
+ * @param string dn
+ * @param string entry
+ *
+ */
+ function gf_ldap_modify($dn,$entry) {
+ global $ldap_conn;
+ return @ldap_modify($ldap_conn,$dn,$entry);
+ }
+
+ /**
+ * gf_ldap_modify_if_exists() - Wrapper for ldap_modify()
+ * works like gf_ldap_modify, but returns true if the LDAP entry does not exist
+ *
+ * @param string dn
+ * @param string entry
+ *
+ */
+ function gf_ldap_modify_if_exists($dn,$entry) {
+ $res = $this->gf_ldap_modify($dn,$entry);
+ if ($res) {
+ return true ;
+ } else {
+ $err = ldap_errno ($ldap_conn) ;
+ if ($err == 32) {
+ return true ;
+ } else {
+ return false ;
+ }
+ };
+ }
+
+ /**
+ * gf_ldap_mod_add() - Wrapper for ldap_mod_add()
+ *
+ * @param string dn
+ * @param string entry
+ *
+ */
+ function gf_ldap_mod_add($dn,$entry) {
+ global $ldap_conn;
+ return @ldap_mod_add($ldap_conn,$dn,$entry);
+ }
+
+ /**
+ * gf_ldap_mod_del() - Wrapper for ldap_mod_del()
+ *
+ * @param string dn
+ * @param string entry
+ *
+ */
+ function gf_ldap_mod_del($dn,$entry) {
+ global $ldap_conn;
+ return @ldap_mod_del($ldap_conn,$dn,$entry);
+ }
+
+ /**
+ * gf_ldap_read() - Wrapper for ldap_read()
+ *
+ * @param string dn
+ * @param string filter
+ * @param int attrs
+ *
+ */
+ function gf_ldap_read($dn,$filter,$attrs=0) {
+ global $ldap_conn;
+ return @ldap_read($ldap_conn,$dn,$filter,$attrs);
+ }
+
+ /**
+ * gf_ldap_error() - Wrapper for ldap_error()
+ *
+ * @see ldap_error()
+ *
+ */
+ function gf_ldap_error() {
+ global $ldap_conn;
+ return ldap_error($ldap_conn);
+ }
+
+ /**
+ * gf_ldap_errno() - Wrapper for ldap_errno()
+ *
+ * @see ldap_errno()
+ *
+ */
+ function gf_ldap_errno() {
+ global $ldap_conn;
+ return ldap_errno($ldap_conn);
+ }
+
+ /**
+ * gf_ldap_already_exists()
+ */
+ function gf_ldap_already_exists() {
+ global $ldap_conn;
+ return ldap_errno($ldap_conn)==20;
+ }
+
+ /**
+ * gf_ldap_does_not_exist()
+ */
+ function gf_ldap_does_not_exist() {
+ global $ldap_conn;
+ return ldap_errno($ldap_conn)==16;
+ }
+
+ /*
+ * User management functions
+ */
+
+ /**
+ * sys_check_user() - Check for the existence of a user
+ *
+ * @param int The user ID of the user to check
+ * @returns true on success/false on error
+ *
+ */
+ function sys_check_user($user_id) {
+ $user =& user_get_object($user_id);
+ if (!$user) {
+ return false;
+ }
+ return $this->gf_ldap_check_user_by_name($user->getUnixName());
+ }
+
+ /**
+ * gf_ldap_check_user_by_name() - Check for a user by the username
+ *
+ * @param string The username
+ * @returns true on success/false on error
+ *
+ */
+ function gf_ldap_check_user_by_name($user_name) {
+ global $ldap_conn;
+ global $sys_ldap_base_dn;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+
+ $dn = 'uid='.$user_name.',ou=People,'.$sys_ldap_base_dn;
+ $res = $this->gf_ldap_read($dn,"objectClass=*",array("uid"));
+ if ($res) {
+ ldap_free_result($res);
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * sys_create_user() - Create a user
+ *
+ * @param int The user ID of the user to create
+ * @returns The return status of gf_ldap_create_user_from_object()
+ *
+ */
+ function sys_create_user($user_id) {
+ $user = &user_get_object($user_id);
+ return $this->gf_ldap_create_user_from_object($user);
+ }
+
+ /**
+ * sys_check_create_user() - Check that a user has been created
+ *
+ * @param int The ID of the user to check
+ * @returns true on success/false on error
+ *
+ */
+ function sys_check_create_user($user_id) {
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ if (!$this->sys_check_user($user_id)){
+ $user = &user_get_object($user_id);
+ return $this->gf_ldap_create_user_from_object($user);
+ }
+ return true;
+ }
+
+ /**
+ * gf_ldap_create_user_from_object() - Create a user from information contained within an object
+ *
+ * @param object The user object
+ * @returns true on success/false on error
+ *
+ */
+ function gf_ldap_create_user_from_object(&$user) {
+ global $sys_ldap_base_dn;
+ global $UID_ADD;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+ $dn = 'uid='.$user->getUnixName().',ou=People,'.$sys_ldap_base_dn;
+ $entry['objectClass'][0]='top';
+ $entry['objectClass'][1]='account';
+ $entry['objectClass'][2]='posixAccount';
+ $entry['objectClass'][3]='shadowAccount';
+ $entry['objectClass'][4]='debGforgeAccount';
+ $entry['uid']=$user->getUnixName();
+ $entry['cn']=$this->asciize($user->getRealName());
+ $entry['gecos']=$this->asciize($user->getRealName());
+ $entry['userPassword']='{crypt}'.$user->getUnixPasswd();
+ $entry['homeDirectory'] = account_user_homedir($user->getUnixName());
+ $entry['loginShell']=$user->getShell();
+ $entry['debGforgeCvsShell']="/bin/cvssh"; // unless explicitly set otherwise, developer has write access
+ $entry['debGforgeForwardEmail']=$user->getEmail();
+ $entry['uidNumber']=$user->getUnixUID() + $UID_ADD;
+ $entry['gidNumber']=$user->getUnixUID() + $UID_ADD; // users as in debian backend
+ $entry['shadowLastChange']=1; // We don't have expiration, so any non-0
+ $entry['shadowMax']=99999;
+ $entry['shadowWarning']=7;
+
+ if (!$this->gf_ldap_add($dn,$entry)) {
+ $this->setError("ERROR: cannot add LDAP user entry '".
+ $user->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * gf_ldap_create_user_from_props() - Creates an LDAP user from
+ *
+ * @param string The username
+ * @param string ????
+ * @param string The encrypted password
+ * @returns true on success/false on error
+ *
+ */
+ function gf_ldap_create_user_from_props($username, $cn, $crypt_pw,
+ $shell, $cvsshell, $uid, $gid, $email) {
+ global $sys_ldap_base_dn;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+ $dn = 'uid='.$username.',ou=People,'.$sys_ldap_base_dn;
+ $entry['objectClass'][0]='top';
+ $entry['objectClass'][1]='account';
+ $entry['objectClass'][2]='posixAccount';
+ $entry['objectClass'][3]='shadowAccount';
+ $entry['objectClass'][4]='debGforgeAccount';
+ $entry['uid']=$username;
+ $entry['cn']=$this->asciize($cn);
+ $entry['gecos']=$this->asciize($cn);
+ $entry['userPassword']='{crypt}'.$crypt_pw;
+ $entry['homeDirectory'] = account_user_homedir($username);
+ $entry['loginShell']=$shell;
+ $entry['debGforgeCvsShell']=$cvsshell;
+ $entry['debGforgeForwardEmail']=$email;
+ $entry['uidNumber']=$uid;
+ $entry['gidNumber']=$gid;
+ $entry['shadowLastChange']=1;
+ $entry['shadowMax']=99999;
+ $entry['shadowWarning']=7;
+
+ if (!$this->gf_ldap_add($dn,$entry)) {
+ $this->setError("ERROR: cannot add LDAP user entry '".
+ $username."': ".$this->gf_ldap_error()."<br />");
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * sys_remove_user() - Remove an LDAP user
+ *
+ * @param int The user ID of the user to remove
+ * @returns true on success/false on failure
+ *
+ */
+ function sys_remove_user($user_id) {
+ global $sys_ldap_base_dn;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ $user = &user_get_object($user_id);
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+ $dn = 'uid='.$user->getUnixName().',ou=People,'.$sys_ldap_base_dn;
+
+ if (!$this->gf_ldap_delete($dn)) {
+ $this->setError("ERROR: cannot delete LDAP user entry '".
+ $user->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * sys_user_set_attribute() - Set an attribute for a user
+ *
+ * @param int The user ID
+ * @param string The attribute to set
+ * @param string The new value of the attribute
+ * @returns true on success/false on error
+ *
+ */
+ function sys_user_set_attribute($user_id,$attr,$value) {
+ global $sys_ldap_base_dn;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ $user = &user_get_object($user_id);
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+ $dn = 'uid='.$user->getUnixName().',ou=People,'.$sys_ldap_base_dn;
+ $entry[$attr]=$value;
+
+ if (!$this->gf_ldap_modify_if_exists($dn, $entry)) {
+ $this->setError("ERROR: cannot change LDAP attribute '$attr' for user '".
+ $user->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ return false;
+ }
+ return true;
+ }
+
+ /*
+ * Group management functions
+ */
+
+ /**
+ * sys_check_group() - Check for the existence of a group
+ *
+ * @param int The ID of the group to check
+ * @returns true on success/false on error
+ *
+ */
+ function sys_check_group($group_id) {
+ global $ldap_conn;
+ global $sys_ldap_base_dn;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return false;
+ }
+
+ $group = &group_get_object($group_id);
+ if (!$group) {
+ $this->setError("ERROR: Cannot find group [$group_id]<br />");
+ return false;
+ }
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+ $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
+ $res=$this->gf_ldap_read($dn, "objectClass=*", array("cn"));
+ if ($res) {
+ ldap_free_result($res);
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * sys_create_group() - Create a group
+ *
+ * @param int The ID of the group to create
+ * @returns true on success/false on error
+ *
+ */
+ function sys_create_group($group_id) {
+ global $sys_ldap_base_dn;
+ global $GID_ADD;
+ global $ANONCVS_UID_ADD;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ $group = &group_get_object($group_id);
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+ $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
+ $entry['objectClass'][0]='top';
+ $entry['objectClass'][1]='posixGroup';
+ $entry['cn']=$group->getUnixName();
+ $entry['userPassword']='{crypt}x';
+ $entry['gidNumber']=$group->getID() + $GID_ADD;
+
+ $i=0; $i_cvs=0;
+
+ $ret_val=true;
+
+ if (!$this->gf_ldap_add($dn,$entry)) {
+ $this->setError("ERROR: cannot add LDAP group entry '".
+ $group->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ // If there's error, that's bad. But don't stop.
+ $ret_val=false;
+ }
+
+ //
+ // Now create CVS group
+ //
+
+ // Add virtual anoncvs user to CVS group
+ $cvs_member_list[$i_cvs++] = 'anoncvs_'.$group->getUnixName();
+
+ $dn = 'cn='.$group->getUnixName().',ou=cvsGroup,'.$sys_ldap_base_dn;
+
+ if ($cvs_member_list) {
+ $entry['memberUid']=$cvs_member_list;
+ } else {
+ unset($entry['memberUid']);
+ }
+
+ if (!$this->gf_ldap_add($dn,$entry)) {
+ $this->setError("ERROR: cannot add LDAP CVS group entry '"
+ .$group->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ $ret_val=false;
+ }
+
+ //
+ // Finally, setup AnonCVS virtual user
+ //
+
+ if (!$this->gf_ldap_check_user_by_name('anoncvs_'.$group->getUnixName())
+ && !$this->gf_ldap_create_user_from_props('anoncvs_'.$group->getUnixName(),
+ 'anoncvs', 'x',
+ '/bin/false', '/bin/false',
+ $group_id+$GID_ADD+$ANONCVS_UID_ADD,
+ $group_id+$GID_ADD, "/dev/null")) {
+ $this->setError("ERROR: cannot add LDAP AnonCVS user entry '"
+ .$group->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ $ret_val=false;
+ }
+
+ return $ret_val;
+ }
+
+ /**
+ * sys_remove_group() - Remove a group
+ *
+ * @param int The ID of the group to remove
+ * @returns true on success/false on error
+ *
+ */
+ function sys_remove_group($group_id) {
+ global $sys_ldap_base_dn;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ $group = &group_get_object($group_id);
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+
+ //
+ // Remove shell LDAP group
+ //
+ $ret_val=true;
+
+ $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
+
+ if (!$this->gf_ldap_delete($dn)) {
+ $this->setError("ERROR: cannot delete LDAP group entry '".
+ $group->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ $ret_val = false;
+ }
+
+ //
+ // Remove CVS LDAP group
+ //
+
+ $dn = 'cn='.$group->getUnixName().',ou=cvsGroup,'.$sys_ldap_base_dn;
+
+ if (!$this->gf_ldap_delete($dn)) {
+ $this->setError("ERROR: cannot delete LDAP CVS group entry '".
+ $group->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ $ret_val = false;
+ }
+
+ //
+ // Remove AnonCVS virtual user
+ //
+
+ $dn = 'uid=anoncvs_'.$group->getUnixName().',ou=People,'.$sys_ldap_base_dn;
+ if (!$this->gf_ldap_delete($dn)) {
+ $this->setError("ERROR: cannot delete LDAP AnonCVS user entry '".
+ $group->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ $ret_val = false;
+ }
+
+ return $ret_val;
+ }
+
+ /**
+ * sys_group_add_user() - Add a user to an LDAP group
+ *
+ * @param int The ID of the group two which the user will be added
+ * @param int The ID of the user to add
+ * @param bool Only add this user to CVS
+ * @returns true on success/false on error
+ *
+ */
+ function sys_group_add_user($group_id,$user_id,$cvs_only=0) {
+ global $ldap_conn;
+ global $sys_ldap_base_dn;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ $group = &group_get_object($group_id);
+ $user = &user_get_object($user_id);
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+ $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
+ $cvs_dn = 'cn='.$group->getUnixName().',ou=cvsGroup,'.$sys_ldap_base_dn;
+ $entry['memberUid'] = $user->getUnixName();
+
+ //
+ // Check if user already a member of CVS group
+ //
+
+ $res=$this->gf_ldap_read($cvs_dn,"memberUid=".$user->getUnixName(),array("cn"));
+ if ($res && ldap_count_entries($ldap_conn,$res)>0) {
+ //echo "already a member of CVS<br />";
+ } else {
+ //
+ // No, add one
+ //
+
+ if (!$this->gf_ldap_mod_add($cvs_dn,$entry)) {
+ $this->setError("ERROR: cannot add member to LDAP CVS group entry '".
+ $group->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ return false;
+ }
+ }
+
+ ldap_free_result($res);
+
+ if ($cvs_only) {
+ return true;
+ }
+
+ //
+ // Check if user already a member of shell group
+ //
+ $res = $this->gf_ldap_read($dn, "memberUid=".$user->getUnixName(), array("cn"));
+
+ if ($res && ldap_count_entries($ldap_conn,$res)>0) {
+ //echo "already a member<br />";
+ } else {
+ //
+ // No, add one
+ //
+
+ if (!$this->gf_ldap_mod_add($dn,$entry)) {
+ $this->setError("ERROR: cannot add member to LDAP group entry '".
+ $group->getUnixName()."': ".$this->gf_ldap_error()."<br />");
+ return false;
+ }
+ }
+
+ ldap_free_result($res);
+
+ return true;
+ }
+
+ /**
+ * sys_group_remove_user() - Remove a user from an LDAP group
+ *
+ * @param int The ID of the group from which to remove the user
+ * @param int The ID of the user to remove
+ * @param bool Only remove user from CVS group
+ * @returns true on success/false on error
+ *
+ */
+ function sys_group_remove_user($group_id,$user_id,$cvs_only=0) {
+ global $sys_ldap_base_dn;
+
+ global $sys_use_ldap;
+ if (!$sys_use_ldap) {
+ return true;
+ }
+
+ $group = &group_get_object($group_id);
+ $user = &user_get_object($user_id);
+ if (!$this->gf_ldap_connect()) {
+ return false;
+ }
+
+ $dn = 'cn='.$group->getUnixName().',ou=Group,'.$sys_ldap_base_dn;
+ $cvs_dn = 'cn='.$group->getUnixName().',ou=cvsGroup,'.$sys_ldap_base_dn;
+ $entry['memberUid'] = $user->getUnixName();
+
+ $ret_val=true;
+
+ if (!$this->gf_ldap_mod_del($cvs_dn,$entry) && !$this->gf_ldap_does_not_exist()) {
+ $this->setError("ERROR: cannot remove member from LDAP CVS group entry '".
+ $group->getUnixName()."': ".$this->gf_ldap_error()."(".$this->gf_ldap_errno().")"."<br />");
+ $ret_val=false;
+ }
+
+ if ($cvs_only) {
+ return $ret_val;
+ }
+
+ if (!$this->gf_ldap_mod_del($dn,$entry) && !$this->gf_ldap_does_not_exist()) {
+ $this->setError("ERROR: cannot remove member from LDAP group entry '".
+ $group->getUnixName()."': ".$this->gf_ldap_error()."(".$this->gf_ldap_errno().")"."<br />");
+ $ret_val=false;
+ }
+
+ return $ret_val;
+ }
+}
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>
Added: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/UNIX.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/UNIX.class (rev 0)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/system/UNIX.class 2011-02-24 16:29:08 UTC (rev 9667)
@@ -0,0 +1,44 @@
+<?php
+/**
+ * UNIX class
+ *
+ * Class to interact with the system
+ *
+ * @version $Id$
+ * @author Christian Bayle
+ * @date 2004-02-05
+ *
+ * This file is part of GForge.
+ *
+ * GForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GForge is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+class UNIX extends System {
+ /**
+ * UNIX() - CONSTRUCTOR
+ *
+ */
+ function UNIX() {
+ $this->System();
+ return true;
+ }
+}
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/db/200403252.sql
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/db/200403252.sql 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/db/200403252.sql 2011-02-24 16:29:08 UTC (rev 9667)
@@ -15,3 +15,4 @@
ALTER TABLE users ADD CONSTRAINT users_ccode
FOREIGN KEY (ccode) REFERENCES country_code(ccode) MATCH FULL;
DROP TABLE theme_prefs;
+
Added: trunk/gforge_base/evolvisforge-5.1/gforge/db/20040507.sql
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/db/20040507.sql (rev 0)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/db/20040507.sql 2011-02-24 16:29:08 UTC (rev 9667)
@@ -0,0 +1,8 @@
+ALTER TABLE users ADD COLUMN sys_state char(1) ;
+ALTER TABLE users ALTER COLUMN sys_state SET DEFAULT 'N';
+ALTER TABLE groups ADD COLUMN sys_state char(1) ;
+ALTER TABLE groups ALTER COLUMN sys_state SET DEFAULT 'N';
+ALTER TABLE user_group ADD COLUMN sys_state char(1) ;
+ALTER TABLE user_group ALTER COLUMN sys_state SET DEFAULT 'N';
+ALTER TABLE user_group ADD COLUMN sys_cvs_state char(1) ;
+ALTER TABLE user_group ALTER COLUMN sys_cvs_state SET DEFAULT 'N';
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/deb-specific/db-upgrade.pl
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/deb-specific/db-upgrade.pl 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/deb-specific/db-upgrade.pl 2011-02-24 16:29:08 UTC (rev 9667)
@@ -1515,6 +1515,26 @@
$dbh->commit () ;
}
+ $version = &get_db_version ;
+ $target = "3.3.0-0+3" ;
+ if (is_lesser $version, $target) {
+ debug "Upgrading with 20040507.sql" ;
+
+ @reqlist = @{ &parse_sql_file ("/usr/lib/gforge/db/20040507.sql") } ;
+ foreach my $s (@reqlist) {
+ $query = $s ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+ @reqlist = () ;
+
+ &update_db_version ($target) ;
+ debug "Committing." ;
+ $dbh->commit () ;
+ }
+
debug "It seems your database $action went well and smoothly. That's cool." ;
debug "Please enjoy using Gforge." ;
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/deb-specific/gforge-config
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/deb-specific/gforge-config 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/deb-specific/gforge-config 2011-02-24 16:29:08 UTC (rev 9667)
@@ -12,7 +12,7 @@
# /etc/gforge/templates/${i}.template \
# /etc/gforge/$i
#done
-/usr/lib/gforge/bin/setup -fhs -noapache -dovhost
+/usr/lib/gforge/bin/setup -fhs -noapache -dovhost -system LDAP
[ -f /etc/gforge/local.inc ] && chmod 644 /etc/gforge/local.inc
[ -f /etc/gforge/httpd.conf ] && chmod 644 /etc/gforge/httpd.conf
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/debian/changelog
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/debian/changelog 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/debian/changelog 2011-02-24 16:29:08 UTC (rev 9667)
@@ -1,4 +1,4 @@
-gforge (3.3.0-4woody5) stable; urgency=low
+gforge (3.3.0-4woody9) stable; urgency=low
* [Christian] Added new sql upgrade (2004*.sql)
* [Christian] Stable backbort
@@ -13,8 +13,9 @@
that fix DNS configuration problem
* [Christian] Added default project home page generation
* [Christian] Added get_news_notapproved cron
+ * [Christian] Made system management OO (see Changelog)
- -- Christian Bayle <bayle at debian.org> Tue, 27 Apr 2004 14:45:01 +0200
+ -- Christian Bayle <bayle at debian.org> Sun, 9 May 2004 18:50:43 +0200
gforge (3.2.1-4) experimental; urgency=low
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/etc/gforge.conf.example
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/etc/gforge.conf.example 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/etc/gforge.conf.example 2011-02-24 16:29:08 UTC (rev 9667)
@@ -48,6 +48,7 @@
sys_default_timezone=GMT
sys_default_country_code=US
sys_use_ldap=0
+sys_account_manager_type=UNIX
sys_use_jabber=0
sys_use_auth_ldap=1
sys_ldap_auth_host=localhost
Added: trunk/gforge_base/evolvisforge-5.1/gforge/etc/local.d/15system
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/etc/local.d/15system (rev 0)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/etc/local.d/15system 2011-02-24 16:29:08 UTC (rev 9667)
@@ -0,0 +1,7 @@
+//
+// Account Management
+//
+// UNIX for classic account management
+// LDAP for managing with ldap
+// NIS not implemented
+$sys_account_manager_type={sys_account_manager_type};
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/etc/local.inc.example
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/etc/local.inc.example 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/etc/local.inc.example 2011-02-24 16:29:08 UTC (rev 9667)
@@ -93,6 +93,13 @@
$sys_dbpasswd="";
$sys_ldap_passwd="";
$sys_jabber_pass="";
+//
+// Account Management
+//
+// UNIX for classic account management
+// LDAP for managing with ldap
+// NIS not implemented
+$sys_account_manager_type=UNIX;
//
// LDAP configuration
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/setup
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/setup 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/setup 2011-02-24 16:29:08 UTC (rev 9667)
@@ -55,13 +55,14 @@
DEFAULTsys_show_source=0
DEFAULTsys_force_login=0
DEFAULTsys_session_key=$(dd if=/dev/urandom count=256 bs=1 2> /dev/null | md5sum | cut -b1-32)
- DEFAULTsys_session_expire="60 * 60 * 24 * 7"
+ DEFAULTsys_session_expire='60 * 60 * 24 * 7'
DEFAULTsys_theme=gforge
DEFAULTsys_default_theme_id=1
DEFAULTsys_lang=English
DEFAULTsys_default_timezone=GMT
DEFAULTsys_default_country_code=US
DEFAULTsys_use_ldap=0
+ DEFAULTsys_account_manager_type=$SYSTEM
DEFAULTsys_use_jabber=0
DEFAULTsys_use_auth_ldap=1
DEFAULTsys_ldap_auth_host=localhost
@@ -171,12 +172,12 @@
rm $ETCDIR/httpd.secrets.gforge-new
echo "Creating $LOCALINC"
- for i in $ETCDIR/local.d/01* $ETCDIR/local.d/10database.$database $ETCDIR/local.d/[2-9]*
+ for i in $ETCDIR/local.d/01* $ETCDIR/local.d/10database.$database $ETCDIR/local.d/1[1-9]* $ETCDIR/local.d/[2-9]*
do
$BINDIR/fill-in-the-blanks.pl $i $ETCDIR/`basename $i` $CONFFILEOUT
done
- ls $ETCDIR/01* $ETCDIR/10database.$database $ETCDIR/[2-9]* | sort | xargs cat > $LOCALINC
- rm $ETCDIR/01* $ETCDIR/10database.$database $ETCDIR/[2-9]*
+ ls $ETCDIR/01* $ETCDIR/10database.$database $ETCDIR/1[1-9]* $ETCDIR/[2-9]* | sort | xargs cat > $LOCALINC
+ rm $ETCDIR/01* $ETCDIR/10database.$database $ETCDIR/1[1-9]* $ETCDIR/[2-9]*
echo "Creating other includes"
#for i in $ETCDIR/templates/[a-z]*
@@ -230,7 +231,8 @@
LOCALINC=$ETCDIR/local.inc
HTTPDCONF=$ETCDIR/httpd.conf
HTTPDSECRETS=$ETCDIR/httpd.secrets
-export ETCDIR BINDIR GFGDIR CONFFILEIN CONFFILEOUT LOCALINC HTTPDCONF HTTPDSECRETS DOAPACHE
+SYSTEM=UNIX
+export ETCDIR BINDIR GFGDIR CONFFILEIN CONFFILEOUT LOCALINC HTTPDCONF HTTPDSECRETS DOAPACHE SYSTEM
interact=false
noapache=false
database=env
@@ -266,6 +268,10 @@
shift
CONFFILEOUT=$1
;;
+ -system )
+ shift
+ SYSTEM=$1
+ ;;
-confdir )
shift
CONFFILEIN=$1/gforge.conf
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/include/pre.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/include/pre.php 2011-02-24 16:29:07 UTC (rev 9666)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/include/pre.php 2011-02-24 16:29:08 UTC (rev 9667)
@@ -68,8 +68,10 @@
//security library
require_once('common/include/session.php');
-// LDAP library
-require_once('common/include/ldap.php');
+//system library
+require_once('common/include/System.class');
+require_once('common/include/system/'.$sys_account_manager_type.'.class');
+$SYS=new $sys_account_manager_type();
//user functions like get_name, logged_in, etc
require_once('common/include/User.class');
More information about the evolvis-commits
mailing list