diff options
author | Timothy Pearson <[email protected]> | 2012-05-30 13:21:40 -0500 |
---|---|---|
committer | Timothy Pearson <[email protected]> | 2012-05-30 13:21:40 -0500 |
commit | 4d66047a3136662532e79d5e41038db246d334dd (patch) | |
tree | 6f7c32698d61d8187b8df97d84ce4f47ad0c0b0b /src | |
parent | a890828d5269f6535567dcb3498eba62d5335ee1 (diff) | |
download | kcmldapmanager-4d66047a3136662532e79d5e41038db246d334dd.tar.gz kcmldapmanager-4d66047a3136662532e79d5e41038db246d334dd.zip |
Basic user editing, and full group editing, support now in place
Diffstat (limited to 'src')
-rw-r--r-- | src/ldapconfigbase.ui | 12 | ||||
-rw-r--r-- | src/ldapmgr.cpp | 136 | ||||
-rw-r--r-- | src/ldapmgr.h | 2 | ||||
-rw-r--r-- | src/libtdeldap.cpp | 226 | ||||
-rw-r--r-- | src/libtdeldap.h | 5 | ||||
-rw-r--r-- | src/userconfigbase.ui | 80 | ||||
-rw-r--r-- | src/userconfigdlg.cpp | 67 | ||||
-rw-r--r-- | src/userconfigdlg.h | 1 |
8 files changed, 457 insertions, 72 deletions
diff --git a/src/ldapconfigbase.ui b/src/ldapconfigbase.ui index a95763a..aa3af07 100644 --- a/src/ldapconfigbase.ui +++ b/src/ldapconfigbase.ui @@ -133,7 +133,7 @@ <property name="name"> <cstring>unnamed_grid3</cstring> </property> - <widget class="TQPushButton" row="0" column="0" colspan="0"> + <widget class="TQPushButton" row="0" column="1" colspan="0"> <property name="name"> <cstring>user_buttonModify</cstring> </property> @@ -141,7 +141,7 @@ <string>Modify</string> </property> </widget> - <widget class="TQPushButton" row="0" column="1" colspan="0"> + <widget class="TQPushButton" row="0" column="0" colspan="0"> <property name="name"> <cstring>user_buttonAdd</cstring> </property> @@ -389,7 +389,7 @@ <property name="name"> <cstring>unnamed_grid6</cstring> </property> - <widget class="TQPushButton" row="0" column="0" colspan="0"> + <widget class="TQPushButton" row="0" column="1" colspan="0"> <property name="name"> <cstring>group_buttonModify</cstring> </property> @@ -397,7 +397,7 @@ <string>Modify</string> </property> </widget> - <widget class="TQPushButton" row="0" column="1" colspan="0"> + <widget class="TQPushButton" row="0" column="0" colspan="0"> <property name="name"> <cstring>group_buttonAdd</cstring> </property> @@ -579,7 +579,7 @@ <property name="name"> <cstring>unnamed</cstring> </property> - <widget class="TQPushButton" row="0" column="0" colspan="0"> + <widget class="TQPushButton" row="0" column="1" colspan="0"> <property name="name"> <cstring>user_buttonModify</cstring> </property> @@ -587,7 +587,7 @@ <string>Modify</string> </property> </widget> - <widget class="TQPushButton" row="0" column="1" colspan="0"> + <widget class="TQPushButton" row="0" column="0" colspan="0"> <property name="name"> <cstring>user_buttonAdd</cstring> </property> diff --git a/src/ldapmgr.cpp b/src/ldapmgr.cpp index d506902..6d94a0c 100644 --- a/src/ldapmgr.cpp +++ b/src/ldapmgr.cpp @@ -84,9 +84,11 @@ LDAPConfig::LDAPConfig(TQWidget *parent, const char *name, const TQStringList&) connect(base->user_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(userHighlighted())); connect(base->group_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(groupHighlighted())); + connect(base->user_buttonAdd, TQT_SIGNAL(clicked()), this, TQT_SLOT(addNewUser())); connect(base->group_buttonAdd, TQT_SIGNAL(clicked()), this, TQT_SLOT(addNewGroup())); connect(base->user_buttonModify, TQT_SIGNAL(clicked()), this, TQT_SLOT(modifySelectedUser())); connect(base->group_buttonModify, TQT_SIGNAL(clicked()), this, TQT_SLOT(modifySelectedGroup())); + connect(base->user_buttonDelete, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeSelectedUser())); connect(base->group_buttonDelete, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeSelectedGroup())); load(); @@ -138,15 +140,36 @@ void LDAPConfig::load() { } void LDAPConfig::defaults() { - + // } void LDAPConfig::save() { - + // } void LDAPConfig::processLockouts() { - // + // RAJA FIXME + TQListViewItem* lvi = base->user_list->selectedItem(); + if (lvi) { + base->user_buttonModify->setEnabled(true); + base->user_buttonDelete->setEnabled(true); + } + else { + base->user_buttonModify->setEnabled(false); + base->user_buttonDelete->setEnabled(false); + } + base->user_buttonAdd->setEnabled(true); + + lvi = base->group_list->selectedItem(); + if (lvi) { + base->group_buttonModify->setEnabled(true); + base->group_buttonDelete->setEnabled(true); + } + else { + base->group_buttonModify->setEnabled(false); + base->group_buttonDelete->setEnabled(false); + } + base->group_buttonAdd->setEnabled(true); } void LDAPConfig::connectToRealm(const TQString& realm) { @@ -190,21 +213,44 @@ void LDAPConfig::populateGroups() { } void LDAPConfig::updateUsersList() { + TQListViewItem* itm = base->user_list->selectedItem(); + TQString prevSelectedItemText; + if (itm) { + prevSelectedItemText = itm->text(0); + } + base->user_list->clear(); LDAPUserInfoList::Iterator it; for (it = m_userInfoList.begin(); it != m_userInfoList.end(); ++it) { LDAPUserInfo user = *it; - (void)new TQListViewItem(base->user_list, user.name, user.commonName, TQString("%1").arg(user.uid)); + itm = new TQListViewItem(base->user_list, user.name, user.commonName, TQString("%1").arg(user.uid)); + if (prevSelectedItemText != "") { + if (user.name == prevSelectedItemText) { + base->user_list->setSelected(itm, true); + } + } } + processLockouts(); } void LDAPConfig::updateGroupsList() { + TQListViewItem* itm = base->group_list->selectedItem(); + TQString prevSelectedItemText; + if (itm) { + prevSelectedItemText = itm->text(0); + } + base->group_list->clear(); LDAPGroupInfoList::Iterator it; for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) { LDAPGroupInfo group = *it; - (void)new TQListViewItem(base->group_list, group.name, TQString("%1").arg(group.gid)); + itm = new TQListViewItem(base->group_list, group.name, TQString("%1").arg(group.gid)); + if (prevSelectedItemText != "") { + if (group.name == prevSelectedItemText) { + base->group_list->setSelected(itm, true); + } + } } processLockouts(); } @@ -270,7 +316,7 @@ LDAPGroupInfo LDAPConfig::findGroupInfoByGID(TQString gid) { } LDAPUserInfo LDAPConfig::selectedUser() { - TQListViewItem* lvi = base->user_list->currentItem(); + TQListViewItem* lvi = base->user_list->selectedItem(); if (!lvi) { return LDAPUserInfo(); } @@ -278,7 +324,7 @@ LDAPUserInfo LDAPConfig::selectedUser() { } LDAPGroupInfo LDAPConfig::selectedGroup() { - TQListViewItem* lvi = base->group_list->currentItem(); + TQListViewItem* lvi = base->group_list->selectedItem(); if (!lvi) { return LDAPGroupInfo(); } @@ -354,6 +400,47 @@ void LDAPConfig::groupHighlighted() { processLockouts(); } +void LDAPConfig::addNewUser() { + // Launch a dialog to add the user + LDAPUserInfo user; + + // Find the next available, reasonable UID + uid_t uid = 100; + LDAPUserInfoList::Iterator it; + for (it = m_userInfoList.begin(); it != m_userInfoList.end(); ++it) { + LDAPUserInfo user = *it; + if (user.uid >= uid) { + uid = user.uid + 1; + } + } + user.uid = uid; + + UserConfigDialog userconfigdlg(user, this); + if (userconfigdlg.exec() == TQDialog::Accepted) { + user = userconfigdlg.m_user; + if (user.name != "") { + // Try to find a reasonable place to stuff the new entry + // Do any users exist right now? + if (m_userInfoList.begin() != m_userInfoList.end()) { + user.distinguishedName = (*m_userInfoList.begin()).distinguishedName; + int eqpos = user.distinguishedName.find("=")+1; + int cmpos = user.distinguishedName.find(",", eqpos); + user.distinguishedName.remove(eqpos, cmpos-eqpos); + user.distinguishedName.insert(eqpos, user.name); + } + else { + user.distinguishedName = "uid=" + user.name + "," + m_ldapmanager->basedn(); + } + m_ldapmanager->addUserInfo(user); + } + else { + // PEBKAC + KMessageBox::error(0, i18n("<qt>Unable to add new user with no name!<p>Enter a name and try again</qt>"), i18n("Illegal Operation")); + } + } + updateAllInformation(); +} + void LDAPConfig::addNewGroup() { // Launch a dialog to add the group LDAPGroupInfo group; @@ -403,7 +490,29 @@ void LDAPConfig::modifySelectedUser() { user = m_ldapmanager->getUserByDistinguishedName(user.distinguishedName); UserConfigDialog userconfigdlg(user, this); if (userconfigdlg.exec() == TQDialog::Accepted) { - // RAJA FIXME + user = userconfigdlg.m_user; + if (m_ldapmanager->updateUserInfo(user) == 0) { + // Modify group(s) as needed + populateGroups(); + LDAPGroupInfoList::Iterator it; + for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) { + LDAPGroupInfo group = *it; + if (userconfigdlg.selectedGroups.contains(group.name)) { + // Make sure that we are in this group! + if (!group.userlist.contains(user.distinguishedName)) { + group.userlist.append(user.distinguishedName); + m_ldapmanager->updateGroupInfo(group); + } + } + else { + // Make sure that we are NOT in this group! + if (group.userlist.contains(user.distinguishedName)) { + group.userlist.remove(user.distinguishedName); + m_ldapmanager->updateGroupInfo(group); + } + } + } + } } updateAllInformation(); } @@ -422,11 +531,20 @@ void LDAPConfig::modifySelectedGroup() { updateAllInformation(); } +void LDAPConfig::removeSelectedUser() { + LDAPUserInfo user = selectedUser(); + + if (KMessageBox::warningYesNo(this, i18n("<qt><b>You are about to delete the user %1</b><br>This action cannot be undone<p>Are you sure you want to proceed?</qt>").arg(user.name), i18n("Confirmation Required")) == KMessageBox::Yes) { + m_ldapmanager->deleteUserInfo(user); + } + + updateAllInformation(); +} + void LDAPConfig::removeSelectedGroup() { LDAPGroupInfo group = selectedGroup(); if (KMessageBox::warningYesNo(this, i18n("<qt><b>You are about to delete the group %1</b><br>This action cannot be undone<p>Are you sure you want to proceed?</qt>").arg(group.name), i18n("Confirmation Required")) == KMessageBox::Yes) { - // RAJA FIXME m_ldapmanager->deleteGroupInfo(group); } diff --git a/src/ldapmgr.h b/src/ldapmgr.h index 6d88ecc..a007b87 100644 --- a/src/ldapmgr.h +++ b/src/ldapmgr.h @@ -59,9 +59,11 @@ class LDAPConfig: public KCModule void updateGroupsList(); void userHighlighted(); void groupHighlighted(); + void addNewUser(); void addNewGroup(); void modifySelectedUser(); void modifySelectedGroup(); + void removeSelectedUser(); void removeSelectedGroup(); void updateAllInformation(); diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index b9ffdf4..2f834e9 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -384,7 +384,7 @@ printf("[RAJA DEBUG 100.3] %s: %s\n\r", attr, vals[i]->bv_val); // FIXME // This attribute is not present in my current LDAP schema // userinfo.uniqueIdentifier = vals[i]->bv_val; - else if (ldap_field == "preferredLanguage") { + else if (ldap_field == "businessCategory") { userinfo.businessCategory = vals[i]->bv_val; } else if (ldap_field == "carLicense") { @@ -420,9 +420,7 @@ printf("[RAJA DEBUG 100.1] In LDAPManager::users() bind was OK\n\r"); fflush(std LDAPMessage* msg; TQString ldap_base_dn = m_basedc; TQString ldap_filter = "(objectClass=posixAccount)"; - struct timeval timeout; - timeout.tv_sec = 10; // 10 second timeout - retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg); + retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, NULL, 0, &msg); if (retcode != LDAP_SUCCESS) { KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); return LDAPUserInfoList(); @@ -510,21 +508,25 @@ LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn) { } void create_single_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQString value) { - char **values = (char**)malloc(2*sizeof(char*)); - values[0] = strdup(value.ascii()); - values[1] = NULL; - mods[*i]->mod_op = LDAP_MOD_ADD; - mods[*i]->mod_type = strdup(attr.ascii()); - mods[*i]->mod_values = values; - (*i)++; + if (value != "") { + char **values = (char**)malloc(2*sizeof(char*)); + values[0] = strdup(value.ascii()); + values[1] = NULL; + mods[*i]->mod_op = LDAP_MOD_ADD; + mods[*i]->mod_type = strdup(attr.ascii()); + mods[*i]->mod_values = values; + (*i)++; + } } void create_multiple_attributes_operation(LDAPMod **mods, int *i, TQString attr, TQStringList strings) { int j=0; char **values = (char**)malloc((strings.count()+1)*sizeof(char*)); for ( TQStringList::Iterator it = strings.begin(); it != strings.end(); ++it ) { - values[j] = strdup((*it).ascii()); - j++; + if ((*it) != "") { + values[j] = strdup((*it).ascii()); + j++; + } } values[j] = NULL; mods[*i]->mod_op = LDAP_MOD_ADD; @@ -534,34 +536,28 @@ void create_multiple_attributes_operation(LDAPMod **mods, int *i, TQString attr, } void add_single_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQString value) { - mods[*i]->mod_op = LDAP_MOD_DELETE; - mods[*i]->mod_type = strdup(attr.ascii()); - mods[*i]->mod_values = NULL; - (*i)++; - - char **values = (char**)malloc(2*sizeof(char*)); - values[0] = strdup(value.ascii()); - values[1] = NULL; - mods[*i]->mod_op = LDAP_MOD_ADD; - mods[*i]->mod_type = strdup(attr.ascii()); - mods[*i]->mod_values = values; - (*i)++; + if (value != "") { + char **values = (char**)malloc(2*sizeof(char*)); + values[0] = strdup(value.ascii()); + values[1] = NULL; + mods[*i]->mod_op = LDAP_MOD_REPLACE; + mods[*i]->mod_type = strdup(attr.ascii()); + mods[*i]->mod_values = values; + (*i)++; + } } void add_multiple_attributes_operation(LDAPMod **mods, int *i, TQString attr, TQStringList strings) { - mods[*i]->mod_op = LDAP_MOD_DELETE; - mods[*i]->mod_type = strdup(attr.ascii()); - mods[*i]->mod_values = NULL; - (*i)++; - int j=0; char **values = (char**)malloc((strings.count()+1)*sizeof(char*)); for ( TQStringList::Iterator it = strings.begin(); it != strings.end(); ++it ) { - values[j] = strdup((*it).ascii()); - j++; + if ((*it) != "") { + values[j] = strdup((*it).ascii()); + j++; + } } values[j] = NULL; - mods[*i]->mod_op = LDAP_MOD_ADD; + mods[*i]->mod_op = LDAP_MOD_REPLACE; mods[*i]->mod_type = strdup(attr.ascii()); mods[*i]->mod_values = values; (*i)++; @@ -577,9 +573,8 @@ int LDAPManager::updateUserInfo(LDAPUserInfo user) { } else { // Assemble the LDAPMod structure - // We will replace attributes by first deleting them, then adding them back with their new values - int number_of_parameters = 43; // 43 primary attributes - number_of_parameters = (number_of_parameters * 2); // MODIFY/DELETE + // We will replace any existing attributes with the new values + int number_of_parameters = 40; // 40 primary attributes LDAPMod *mods[number_of_parameters+1]; for (i=0;i<number_of_parameters;i++) { mods[i] = new LDAPMod; @@ -591,13 +586,68 @@ int LDAPManager::updateUserInfo(LDAPUserInfo user) { // Load LDAP modification requests from provided data structure i=0; add_single_attribute_operation(mods, &i, "uidNumber", TQString("%1").arg(user.uid)); - // RAJA FIXME - // Add the other 42 primary attributes! + add_single_attribute_operation(mods, &i, "loginShell", user.shell); + add_single_attribute_operation(mods, &i, "homeDirectory", user.homedir); + add_single_attribute_operation(mods, &i, "gidNumber", TQString("%1").arg(user.primary_gid)); + add_single_attribute_operation(mods, &i, "krb5KDCFlags", TQString("%1").arg(user.status)); // Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT] +// add_single_attribute_operation(mods, &i, "", user.password_expires); +// add_single_attribute_operation(mods, &i, "", user.password_expiration); +// add_single_attribute_operation(mods, &i, "", user.password_ages); +// add_single_attribute_operation(mods, &i, "", user.new_password_interval); +// add_single_attribute_operation(mods, &i, "", user.new_password_warn_interval); +// add_single_attribute_operation(mods, &i, "", user.new_password_lockout_delay); +// add_single_attribute_operation(mods, &i, "", user.password_has_minimum_age); +// add_single_attribute_operation(mods, &i, "", user.password_minimum_age); + add_single_attribute_operation(mods, &i, "krb5MaxLife", TQString("%1").arg(user.maximum_ticket_lifetime)); + add_single_attribute_operation(mods, &i, "cn", user.commonName); + add_single_attribute_operation(mods, &i, "givenName", user.givenName); + add_single_attribute_operation(mods, &i, "sn", user.surName); + add_single_attribute_operation(mods, &i, "initials", user.initials); + add_single_attribute_operation(mods, &i, "title", user.title); + add_single_attribute_operation(mods, &i, "mail", user.email); + add_single_attribute_operation(mods, &i, "description", user.description); + add_single_attribute_operation(mods, &i, "l", user.locality); + add_single_attribute_operation(mods, &i, "telephoneNumber", user.telephoneNumber); + add_single_attribute_operation(mods, &i, "facsimileTelephoneNumber", user.faxNumber); + add_single_attribute_operation(mods, &i, "homePhone", user.homePhone); + add_single_attribute_operation(mods, &i, "mobile", user.mobilePhone); + add_single_attribute_operation(mods, &i, "pager", user.pagerNumber); +// add_single_attribute_operation(mods, &i, "", user.website); + add_single_attribute_operation(mods, &i, "postOfficeBox", user.poBox); + add_single_attribute_operation(mods, &i, "street", user.street); + add_single_attribute_operation(mods, &i, "postalAddress", user.address); + add_single_attribute_operation(mods, &i, "st", user.state); + add_single_attribute_operation(mods, &i, "postalCode", user.postcode); + add_single_attribute_operation(mods, &i, "registeredAddress", user.registeredAddress); + add_single_attribute_operation(mods, &i, "homePostalAddress", user.homeAddress); + add_single_attribute_operation(mods, &i, "seeAlso", user.seeAlso); + add_single_attribute_operation(mods, &i, "physicalDeliveryOfficeName", user.deliveryOffice); + add_single_attribute_operation(mods, &i, "departmentNumber", user.department); + add_single_attribute_operation(mods, &i, "roomNumber", user.roomNumber); + add_single_attribute_operation(mods, &i, "employeeType", user.employeeType); + add_single_attribute_operation(mods, &i, "employeeNumber", user.employeeNumber); +// add_single_attribute_operation(mods, &i, "", user.manager); +// add_single_attribute_operation(mods, &i, "", user.secretary); + add_single_attribute_operation(mods, &i, "internationaliSDNNumber", user.isdnNumber); +// add_single_attribute_operation(mods, &i, "", user.teletexID); + add_single_attribute_operation(mods, &i, "telexNumber", user.telexNumber); +// add_single_attribute_operation(mods, &i, "", user.preferredDelivery); + add_single_attribute_operation(mods, &i, "destinationIndicator", user.destinationIndicator); + add_single_attribute_operation(mods, &i, "x121Address", user.x121Address); + add_single_attribute_operation(mods, &i, "displayName", user.displayName); + add_single_attribute_operation(mods, &i, "preferredLanguage", user.preferredLanguage); +// add_single_attribute_operation(mods, &i, "", user.uniqueIdentifier); + add_single_attribute_operation(mods, &i, "businessCategory", user.businessCategory); + add_single_attribute_operation(mods, &i, "carLicense", user.carLicense); +// add_single_attribute_operation(mods, &i, "", user.notes); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; // Perform LDAP update retcode = ldap_modify_ext_s(m_ldap, user.distinguishedName.ascii(), mods, NULL, NULL); // Clean up + mods[i] = prevterm; for (i=0;i<number_of_parameters;i++) { if (mods[i]->mod_type != NULL) { free(mods[i]->mod_type); @@ -633,9 +683,8 @@ int LDAPManager::updateGroupInfo(LDAPGroupInfo group) { } else { // Assemble the LDAPMod structure - // We will replace attributes by first deleting them, then adding them back with their new values + // We will replace any existing attributes with the new values int number_of_parameters = 2; // 2 primary attributes - number_of_parameters = (number_of_parameters * 2); // MODIFY/DELETE LDAPMod *mods[number_of_parameters+1]; for (i=0;i<number_of_parameters;i++) { mods[i] = new LDAPMod; @@ -653,11 +702,14 @@ int LDAPManager::updateGroupInfo(LDAPGroupInfo group) { completeGroupList.prepend(placeholderGroup); } add_multiple_attributes_operation(mods, &i, "member", completeGroupList); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; // Perform LDAP update retcode = ldap_modify_ext_s(m_ldap, group.distinguishedName.ascii(), mods, NULL, NULL); // Clean up + mods[i] = prevterm; for (i=0;i<number_of_parameters;i++) { if (mods[i]->mod_type != NULL) { free(mods[i]->mod_type); @@ -683,6 +735,75 @@ int LDAPManager::updateGroupInfo(LDAPGroupInfo group) { } } +int LDAPManager::addUserInfo(LDAPUserInfo user) { + int retcode; + int i; + LDAPUserInfo userinfo; + + if (bind() < 0) { + return -1; + } + else { + // Create the base DN entry + int number_of_parameters = 13; // 13 primary attributes + LDAPMod *mods[number_of_parameters+1]; + for (i=0;i<number_of_parameters;i++) { + mods[i] = new LDAPMod; + mods[i]->mod_type = NULL; + mods[i]->mod_values = NULL; + } + mods[number_of_parameters] = NULL; + + // Load initial required LDAP object attributes + i=0; + create_single_attribute_operation(mods, &i, "uidNumber", TQString("%1").arg(user.uid)); + create_single_attribute_operation(mods, &i, "gidNumber", TQString("%1").arg(user.primary_gid)); + create_multiple_attributes_operation(mods, &i, "objectClass", TQStringList::split(" ", "inetOrgPerson krb5Realm krb5Principal krb5KDCEntry emsUser posixAccount")); + create_single_attribute_operation(mods, &i, "uid", user.name); + create_single_attribute_operation(mods, &i, "cn", user.commonName); + create_single_attribute_operation(mods, &i, "sn", user.surName); + create_single_attribute_operation(mods, &i, "homeDirectory", user.homedir); + // Kerberos + create_single_attribute_operation(mods, &i, "krb5KeyVersionNumber", "1"); + create_single_attribute_operation(mods, &i, "krb5PrincipalName", TQString(user.name.lower()) + "@" + m_realm.upper()); + create_single_attribute_operation(mods, &i, "krb5RealmName", m_realm.upper()); + // Zivios specific + create_single_attribute_operation(mods, &i, "emsdescription", "None"); + create_single_attribute_operation(mods, &i, "emsprimarygroupdn", "None"); + create_single_attribute_operation(mods, &i, "emstype", "UserEntry"); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; + + // Add new object + retcode = ldap_add_ext_s(m_ldap, user.distinguishedName.ascii(), mods, NULL, NULL); + + // Clean up + mods[i] = prevterm; + for (i=0;i<number_of_parameters;i++) { + if (mods[i]->mod_type != NULL) { + free(mods[i]->mod_type); + } + if (mods[i]->mod_values != NULL) { + int j = 0; + while (mods[i]->mod_values[j] != NULL) { + free(mods[i]->mod_values[j]); + j++; + } + free(mods[i]->mod_values); + } + delete mods[i]; + } + + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP addition failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return updateUserInfo(user); + } + } +} + int LDAPManager::addGroupInfo(LDAPGroupInfo group) { int retcode; int i; @@ -693,7 +814,7 @@ int LDAPManager::addGroupInfo(LDAPGroupInfo group) { } else { // Create the base DN entry - int number_of_parameters = 6; // 3 primary attributes + int number_of_parameters = 6; // 6 primary attributes LDAPMod *mods[number_of_parameters+1]; for (i=0;i<number_of_parameters;i++) { mods[i] = new LDAPMod; @@ -713,11 +834,14 @@ int LDAPManager::addGroupInfo(LDAPGroupInfo group) { // Zivios specific create_single_attribute_operation(mods, &i, "emsdescription", "None"); create_single_attribute_operation(mods, &i, "emstype", "GroupEntry"); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; // Add new object retcode = ldap_add_ext_s(m_ldap, group.distinguishedName.ascii(), mods, NULL, NULL); // Clean up + mods[i] = prevterm; for (i=0;i<number_of_parameters;i++) { if (mods[i]->mod_type != NULL) { free(mods[i]->mod_type); @@ -743,6 +867,26 @@ int LDAPManager::addGroupInfo(LDAPGroupInfo group) { } } +int LDAPManager::deleteUserInfo(LDAPUserInfo user) { + int retcode; + LDAPUserInfo userinfo; + + if (bind() < 0) { + return -1; + } + else { + // Delete the base DN entry + retcode = ldap_delete_ext_s(m_ldap, user.distinguishedName.ascii(), NULL, NULL); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP deletion failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return 0; + } + } +} + int LDAPManager::deleteGroupInfo(LDAPGroupInfo group) { int retcode; LDAPGroupInfo groupinfo; diff --git a/src/libtdeldap.h b/src/libtdeldap.h index b49393b..eaba974 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -82,6 +82,7 @@ class LDAPUserInfo TQString homedir; gid_t primary_gid; LDAPKRB5Flags status; // Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT] + TQCString new_password; TQDateTime account_created; TQDateTime account_modified; TQDateTime password_last_changed; @@ -176,9 +177,11 @@ class LDAPManager : public TQObject { LDAPGroupInfoList groups(); LDAPUserInfo getUserByDistinguishedName(TQString dn); LDAPGroupInfo getGroupByDistinguishedName(TQString dn); - int updateUserInfo(LDAPUserInfo group); + int updateUserInfo(LDAPUserInfo user); int updateGroupInfo(LDAPGroupInfo group); + int addUserInfo(LDAPUserInfo user); int addGroupInfo(LDAPGroupInfo group); + int deleteUserInfo(LDAPUserInfo user); int deleteGroupInfo(LDAPGroupInfo group); private: diff --git a/src/userconfigbase.ui b/src/userconfigbase.ui index 662240e..f76d243 100644 --- a/src/userconfigbase.ui +++ b/src/userconfigbase.ui @@ -128,7 +128,7 @@ <cstring>unnamed</cstring> </property> <property name="text"> - <string>Login Name</string> + <string>Login Name*</string> </property> </widget> <widget class="KLineEdit" row="1" column="2" colspan="3"> @@ -141,7 +141,7 @@ <cstring>unnamed</cstring> </property> <property name="text"> - <string>Real Name</string> + <string>Real Name*</string> </property> </widget> <widget class="KLineEdit" row="2" column="2" colspan="3"> @@ -149,7 +149,7 @@ <cstring>realName</cstring> </property> </widget> - <widget class="TQLabel" row="2" column="0" colspan="2"> + <widget class="TQLabel" row="3" column="0" colspan="2"> <property name="name"> <cstring>unnamed</cstring> </property> @@ -157,7 +157,7 @@ <string>User ID</string> </property> </widget> - <widget class="KIntNumInput" row="2" column="2" colspan="3"> + <widget class="KIntNumInput" row="3" column="2" colspan="3"> <property name="name"> <cstring>UID</cstring> </property> @@ -168,7 +168,7 @@ <number>99999</number> </property> </widget> - <widget class="TQLabel" row="3" column="0" colspan="2"> + <widget class="TQLabel" row="4" column="0" colspan="2"> <property name="name"> <cstring>unnamed</cstring> </property> @@ -176,20 +176,20 @@ <string>Primary Group</string> </property> </widget> - <widget class="KComboBox" row="3" column="2" colspan="3"> + <widget class="KComboBox" row="4" column="2" colspan="3"> <property name="name"> <cstring>primaryGroup</cstring> </property> </widget> - <widget class="TQLabel" row="4" column="0" colspan="2"> + <widget class="TQLabel" row="5" column="0" colspan="2"> <property name="name"> <cstring>unnamed</cstring> </property> <property name="text"> - <string>Home Directory</string> + <string>Home Directory*</string> </property> </widget> - <widget class="KURLRequester" row="4" column="2" colspan="3"> + <widget class="KURLRequester" row="5" column="2" colspan="3"> <property name="name"> <cstring>homeDirectory</cstring> </property> @@ -197,15 +197,15 @@ <number>18</number> </property> </widget> - <widget class="TQLabel" row="5" column="0" colspan="2"> + <widget class="TQLabel" row="6" column="0" colspan="2"> <property name="name"> <cstring>unnamed</cstring> </property> <property name="text"> - <string>Shell</string> + <string>Shell*</string> </property> </widget> - <widget class="KComboBox" row="5" column="2" colspan="3"> + <widget class="KComboBox" row="6" column="2" colspan="3"> <property name="name"> <cstring>shell</cstring> </property> @@ -234,6 +234,62 @@ </widget> <widget class="TQWidget"> <property name="name"> + <cstring>userTab</cstring> + </property> + <attribute name="title"> + <string>User Information</string> + </attribute> + <grid> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <widget class="TQLabel" row="0" column="0" colspan="1"> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <property name="text"> + <string>Given Name</string> + </property> + </widget> + <widget class="KLineEdit" row="0" column="1" colspan="1"> + <property name="name"> + <cstring>givenName</cstring> + </property> + </widget> + <widget class="TQLabel" row="0" column="2" colspan="1"> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <property name="text"> + <string>Surname*</string> + </property> + </widget> + <widget class="KLineEdit" row="0" column="3" colspan="1"> + <property name="name"> + <cstring>surName</cstring> + </property> + </widget> + <spacer row="10" column="0"> + <property name="name" stdset="0"> + <cstring>Spacer20</cstring> + </property> + <property name="orientation"> + <enum>Vertical</enum> + </property> + <property name="sizeType"> + <enum>Expanding</enum> + </property> + <property name="sizeHint"> + <size> + <width>20</width> + <height>20</height> + </size> + </property> + </spacer> + </grid> + </widget> + <widget class="TQWidget"> + <property name="name"> <cstring>groupsTab</cstring> </property> <attribute name="title"> diff --git a/src/userconfigdlg.cpp b/src/userconfigdlg.cpp index 3487b01..c49c8ae 100644 --- a/src/userconfigdlg.cpp +++ b/src/userconfigdlg.cpp @@ -33,6 +33,7 @@ #include <tqradiobutton.h> #include <tqcheckbox.h> #include <kdatetimewidget.h> +#include <kpassdlg.h> #include "ldapmgr.h" #include "userconfigdlg.h" @@ -53,6 +54,9 @@ UserConfigDialog::UserConfigDialog(LDAPUserInfo user, LDAPConfig* parent, const m_base->lastChanged->setEnabled(false); connect(m_base->loginName, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); + connect(m_base->realName, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); + connect(m_base->surName, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); + connect(m_base->homeDirectory, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); connect(m_base->passwordExpireEnabled, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); connect(m_base->passwordExpireDisabled, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); connect(m_base->requirePasswordAging, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); @@ -109,12 +113,60 @@ UserConfigDialog::UserConfigDialog(LDAPUserInfo user, LDAPConfig* parent, const m_base->requirePasswordMinAge->setChecked(m_user.password_has_minimum_age); m_base->passwordMinAge->setValue(m_user.password_minimum_age/24); + // User information + m_base->givenName->setText(m_user.givenName); + m_base->surName->setText(m_user.surName); + processLockouts(); } void UserConfigDialog::slotOk() { // Update data // RAJA FIXME + if (m_base->userStatusEnabled->isOn() == true) { + m_user.status = KRB5_ACTIVE_DEFAULT; + } + else { + m_user.status = KRB5_DISABLED_ACCOUNT; + } + m_user.commonName = m_base->realName->text(); + m_user.uid = m_base->UID->value(); + m_user.primary_gid = m_ldapconfig->findGroupInfoByName(m_base->primaryGroup->currentText()).gid; + m_user.homedir = m_base->homeDirectory->url(); + m_user.shell = m_base->shell->currentText(); + + m_user.new_password = m_base->passwordEntry->password(); + if (m_base->passwordExpireEnabled->isOn() == true) { + m_user.password_expires = true; + } + else { + m_user.password_expires = false; + } + + m_user.password_expiration = m_base->expirationDate->dateTime(); + m_user.password_ages = m_base->requirePasswordAging->isOn(); + m_user.new_password_interval = m_base->requirePasswordInterval->value()*24; + m_user.new_password_warn_interval = m_base->warnPasswordExpireInterval->value()*24; + m_user.new_password_lockout_delay = m_base->disablePasswordDelay->value()*24; + m_user.password_has_minimum_age = m_base->requirePasswordMinAge->isOn(); + m_user.password_minimum_age = m_base->passwordMinAge->value()*24; + + selectedGroups.clear(); + TQListViewItemIterator it(m_base->secondary_group_list); + while ( it.current() ) { + TQCheckListItem* itm = dynamic_cast<TQCheckListItem*>(it.current()); + if (itm) { + if (itm->isOn()) { + selectedGroups.append(itm->text()); + } + } + ++it; + } + + + // User information + m_user.givenName = m_base->givenName->text(); + m_user.surName = m_base->surName->text(); // Special handler for new group if (m_user.distinguishedName == "") { @@ -166,13 +218,22 @@ void UserConfigDialog::processLockouts() { ++it; } + bool ok_enabled = true; + // Special handler for new group if ((m_user.distinguishedName == "") && (m_base->loginName->text() == "")) { - enableButton(KDialogBase::Ok, false); + ok_enabled = false; } - else { - enableButton(KDialogBase::Ok, true); + if (m_base->realName->text() == "") { + ok_enabled = false; + } + if (m_base->surName->text() == "") { + ok_enabled = false; + } + if (m_base->homeDirectory->url() == "") { + ok_enabled = false; } + enableButton(KDialogBase::Ok, ok_enabled); m_prevPrimaryGroup = m_base->primaryGroup->currentText(); } diff --git a/src/userconfigdlg.h b/src/userconfigdlg.h index a900c0e..de5be1c 100644 --- a/src/userconfigdlg.h +++ b/src/userconfigdlg.h @@ -43,6 +43,7 @@ public slots: public: LDAPUserConfigBase *m_base; LDAPUserInfo m_user; + TQStringList selectedGroups; private: LDAPConfig* m_ldapconfig; |