lib/modules/posixGroup.inc

Properties

Description

Manages Unix accounts for groups.

Classes

posixGroup

Properties

 
\passwordService
 
modules  
No 
No 

Description

Manages the object class "posixGroup" for groups.
It implements the complete module interface and uses meta-data provided by the account modules for its functions.

Location and naming of modules
All LAM modules are placed in lib/modules/ and are named ".inc". E.g. if you create a new module and its class name is "qmail" then the filename would be "qmail.inc". The class name of a module must contain only a-z, A-Z, 0-9, -, and _.

You can avoid to override many functions by using {@link get_metaData()}.

All module classes should extend the baseModule class.

Methods

build_uploadAccounts, check_configOptions, delete_attributes, display_html_attributes, display_html_user, getButtonStatus, getGIDs, getGroupNames, getNextGIDs, getNextSambaPoolGIDs, getUsers, get_configOptions, get_metaData, get_pdfEntries, groupNameExists, init, load_Messages, load_profile, managesPasswordAttributes, module_complete, passwordChangeRequested, process_attributes, process_user, save_attributes, supportsForcePasswordChange,

build_uploadAccounts( array   $rawAccounts, array   $ids, array   $partialAccounts, array   $selectedModules, ) : array

Description

In this function the LDAP account is built up.

Arguments

Name Type Description Default
$rawAccounts array

list of hash arrays (name => value) from user input

$ids array

list of IDs for column position (e.g. "posixAccount_uid" => 5)

$partialAccounts array

list of hash arrays (name => value) which are later added to LDAP

$selectedModules array

list of selected account modules

Return value

Type Description
array list of error messages if any

check_configOptions( array   $scopes, array   $options, ) : array

Description

Checks input values of module settings.
Calling this method does not require the existence of an enclosing {@link accountContainer}.

If the input data is invalid the return value is an array that contains subarrays to build StatusMessages ('message type', 'message head', 'message text').
If no errors occured the function returns an empty array.

Arguments

Name Type Description Default
$scopes array

list of account types which are used

$options array

hash array (option name => value) that contains the input. The option values are all arrays containing one or more elements.

Return value

Type Description
array list of error messages

Tags

Name Description
see

delete_attributes( ) : \List

Description

Checks if the group which should be deleted is still used as primary group.

Return value

Type Description
\List of LDAP operations, same as for save_attributes()

display_html_attributes( ) : array

Description

Returns the HTML meta data for the main account page.

Return value

Type Description
array HTML meta data

Tags

Name Description
see

display_html_user( ) : array

Description

Displays selections to add or remove users from current group.

Return value

Type Description
array meta HTML output

getButtonStatus( ) : string

Description

Controls if the module button the account page is visible and activated.

Return value

Type Description
string status ("enabled", "disabled", "hidden")

getGIDs( ) : array

Description

Returns a list of existing GID numbers.

Return value

Type Description
array list of GID numbers

getGroupNames( ) : array

Description

Returns a list of all group names in LDAP.

Return value

Type Description
array group names

getNextGIDs( integer   $count, array   $errors, ) : mixed

Description

Returns one or more free GID numbers.

Arguments

Name Type Description Default
$count integer

Number of needed free GIDs.

$errors array

list of error messages where errors can be added

Return value

Type Description
mixed Null if no GIDs are free else an array of free GIDs.

getNextSambaPoolGIDs( integer   $count, array   $errors, ) : mixed

Description

Gets the free GID numbers from an Samba pool entry in LDAP.

Arguments

Name Type Description Default
$count integer

number of needed free GIDs.

$errors array

list of error messages where errors can be added

Return value

Type Description
mixed null if no GIDs are free else an array of free GIDs

getUsers( ) : array

Description

Returns a list of existing users and their GID numbers and cn.

Return value

Type Description
array list in format array(uid => array('gid' => 123, 'cn' => 'Some user'))

get_configOptions( array   $scopes, array   $allScopes, ) : array

Description

Returns a list of elements for the configuration.

Arguments

Name Type Description Default
$scopes array

account types (user, group, host)

$allScopes array

list of all modules and active scopes

Return value

Type Description
array configuration elements

get_metaData( ) : array

Description

Returns meta data that is interpreted by parent class

Return value

Type Description
array array with meta data

get_pdfEntries( ) : array

Description

Returns the PDF entries for this module.

Return value

Type Description
array list of possible PDF entries

groupNameExists( String   $groupName, ) : boolean

Description

Checks if the given group name already exists in LDAP.

Arguments

Name Type Description Default
$groupName String

group name

Return value

Type Description
boolean true if already exists

init( String   $base, ) : n/a

Description

This functin will be called when the module will be loaded

Arguments

Name Type Description Default
$base String

the name of the {@link accountContainer} object ($_SESSION[$base])

Return value

Type Description
n/a n/a

load_Messages( ) : n/a

Description

This function fills the $messages variable with output messages from this module.

Return value

Type Description
n/a n/a

load_profile( array   $profile, ) : n/a

Description

Loads the values of an account profile into internal variables.

Arguments

Name Type Description Default
$profile array

hash array with profile values (identifier => value)

Return value

Type Description
n/a n/a

managesPasswordAttributes( ) : boolean

Description

This method specifies if a module manages password attributes.

Return value

Type Description
boolean true if this module manages password attributes

Tags

Name Description
see

module_complete( ) : boolean

Description

This functions is used to check if all settings for this module have been made.

Return value

Type Description
boolean true, if settings are complete

passwordChangeRequested( String   $password,   $modules, boolean   $forcePasswordChange, ) : array

Description

This function is called whenever the password should be changed. Account modules must change their password attributes only if the modules list contains their module name.

Arguments

Name Type Description Default
$password String

new password

$modules n/a

list of modules for which the password should be changed

$forcePasswordChange boolean

force the user to change his password at next login

Return value

Type Description
array list of error messages if any as parameter array for StatusMessage e.g. return arrray(array('ERROR', 'Password change failed.'))

Tags

Name Description
see

process_attributes( ) : array

Description

Processes user input of the primary module page.
It checks if all input values are correct and updates the associated LDAP attributes.

Return value

Type Description
array list of info/error messages

process_user( ) : array

Description

Processes user input of the user selection page.
It checks if all input values are correct and updates the associated LDAP attributes.

Return value

Type Description
array list of info/error messages

save_attributes( ) : array

Description

Returns a list of modifications which have to be made to the LDAP account.

Return value

Type Description
array list of modifications <br>This function returns an array with 3 entries: <br>array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... ) <br>DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid) <br>"add" are attributes which have to be added to LDAP entry <br>"remove" are attributes which have to be removed from LDAP entry <br>"modify" are attributes which have to been modified in LDAP entry <br>"info" are values with informational value (e.g. to be used later by pre/postModify actions)

supportsForcePasswordChange( ) : boolean

Description

Specifies if this module supports to force that a user must change his password on next login.

Return value

Type Description
boolean force password change supported

Properties

$cachedGIDList, $cachedGroupNameList, $cachedUserToGIDList, $changegids, $manageCnAttribute, $manageDescriptionAttribute,

  private  $cachedGIDList = null

cache for existing GID numbers


  private  $cachedGroupNameList = null

cache for existing groups


  private  $cachedUserToGIDList = null

cache for existing users and their GIDs


  private  $changegids =

change GIDs of users and hosts?


  protected  $manageCnAttribute = true

specifies if the cn attribute should be managed by this module


  protected  $manageDescriptionAttribute = true

specifies if the description attribute should be managed by this module


Documentation was generated by phpDocumentor 2.0.1 .

Namespaces

  • global

    Packages