#!/usr/bin/perl -w #---------------------------------------------------------------------- # $Id: useraccounts1.pm,v 1.98 2003/06/02 14:28:59 apc Exp $ #---------------------------------------------------------------------- # copyright (C) 1999-2003 Mitel Networks Corporation # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # Technical support for this program is available from Mitel Networks # Please visit our web site www.mitel.com/sme/ for details. #---------------------------------------------------------------------- package esmith::FormMagick::Panel::useraccounts1; #use strict; use esmith::FormMagick; use esmith::AccountsDB; use esmith::ConfigDB; use esmith::cgi; use esmith::util; use File::Basename; use Exporter; use Carp qw(verbose); our @ISA = qw(esmith::FormMagick Exporter); our @EXPORT = qw( print_user_table print_acctName_field print_groupMemberships_field print_page_description get_ldap_value username_clash pseudonym_clash checkMaxUsers handle_user_accounts modify_admin emailforward verifyPasswords lock_account remove_account reset_password check_password print_save_or_add_button get_pptp_value print_ipsec_client_section system_password_compare system_valid_password system_change_password system_check_password system_authenticate_password ); our $VERSION = sprintf '%d.%03d', q$Revision: 1.98 $ =~ /: (\d+).(\d+)/; our $accountdb = esmith::AccountsDB->open(); our $configdb = esmith::ConfigDB->open(); sub get_ldap_value { my ($fm, $field) = @_; # don't do the lookup if this is a modification of an existing user if ($fm->{cgi}->param('acctName')) { return $fm->{cgi}->param($field); } my %CGIParam2DBfield = ( Dept => 'defaultDepartment', Company => 'defaultCompany', Street => 'defaultStreet', City => 'defaultCity', Phone => 'defaultPhoneNumber' ); return $configdb->get('ldap')->prop($CGIParam2DBfield{$field}); } sub get_pptp_value { return $configdb->get('pptpd')->prop('AccessDefault') || 'no'; } =head2 create_user Adds a user to the accounts db. =cut sub create_user { my $fm = shift; my $q = $fm->{cgi}; #my $acctName = $q->param('acctName'); my ($acctName, $firstName, $lastName, $phone, $company, $dept, $city, $street) = @_; my $msg = $fm->validate_acctName($acctName); unless ($msg eq "OK") { return $msg; } $msg = $fm->validate_acctName_length($acctName); unless ($msg eq "OK") { return $msg; } $msg = $fm->validate_acctName_conflict($acctName); unless ($msg eq "OK") { return $msg; } my %userprops; print "hola\n"; $userprops{'FirstName'} = $firstName; $userprops{'LastName'} = $lastName; $userprops{'Phone'} = $phone; $userprops{'Company'} = $company; $userprops{'Dept'} = $dept; $userprops{'City'} = $city; $userprops{'Street'} = $street; $userprops{'EmailForward'} = "local"; $userprops{'ForwardAddress'} = ""; $userprops{'VPNClientAccess'} = "no"; $userprops{'PasswordSet'} = "no"; $userprops{'type'} = 'user'; my $acct = $accountdb->new_record($acctName) or warn "Can't create new account for $acctName (does it already exist?)\n"; $acct->reset_props(%userprops); $accountdb->create_user_auto_pseudonyms($acctName); #my @groups = $fm->{cgi}->param("groupMemberships"); my @groups = ""; $accountdb->add_user_to_groups($acctName, @groups); undef $accountdb; if (system ("/sbin/e-smith/signal-event", "user-create", $acctName)) { $accountdb = esmith::AccountsDB->open(); return $fm->localise("ERR_OCCURRED_CREATING"); } $accountdb = esmith::AccountsDB->open(); $fm->set_groups($acctName); return $fm->localise('USER_CREATED'); } =head2 set_groups Sets a user's groups in the accounts db. This is called as part of the create_user() routine. =cut sub set_groups { my $fm = shift; my $q = $fm->{cgi}; #my $acctName = $q->param('acctName'); my ($acctName) = @_; #my @groups = $q->param('groupMemberships'); my @groups = ""; $accountdb->set_user_groups($acctName, @groups); } =head2 lock_account() =cut sub lock_account { my ($fm) = @_; my $acctName = $fm->{cgi}->param('acctName'); my $acct = $accountdb->get($acctName); if ($acct->prop('type') eq "user") { undef $accountdb; if (system("/sbin/e-smith/signal-event", "user-lock", $acctName)) { $accountdb = esmith::AccountsDB->open(); return $fm->localise("ERR_OCCURRED_LOCKING"); } $accountdb = esmith::AccountsDB->open(); $fm->set_status_message($fm->localise('LOCKED_ACCOUNT', { acctName => $acctName})); } else { $fm->set_status_message($fm->localise('NO_SUCH_USER', { acctName => $acctName})); } $fm->{cgi}->param(-name => 'wherenext', -value => 'FirstPage'); } =head2 validate_acctName Checks that the name supplied does not contain any unacceptable chars. Returns OK on success or a localised error message otherwise. =for testing is($panel->validate_acctName('foo'), 'OK', 'validate_acctName'); isnt($panel->validate_acctName('3amigos'), 'OK', ' .. cannot start with number'); isnt($panel->validate_acctName('betty ford'), 'OK', ' .. cannot contain space'); =cut sub validate_acctName { my ($fm, $acctName) = @_; unless ($accountdb->validate_account_name($acctName)) { return $fm->localise('ACCT_NAME_HAS_INVALID_CHARS', {acctName => $acctName}); } return "OK"; } =head2 validate_account_length FM ACCOUNTNAME returns 'OK' if the account name is shorter than the maximum account name length returns 'ACCOUNT_TOO_LONG' otherwise =begin testing ok(($panel->validate_acctName_length('foo') eq 'OK'), "a short account name passes"); ok(($panel->validate_acctName_length('fooooooooooooooooo') eq 'ACCOUNT_TOO_LONG'), "a long account name fails"); =end testing =cut sub validate_acctName_length { my $fm = shift; my $acctName = shift; my $maxAcctNameLength = ($configdb->get('maxAcctNameLength') ? $configdb->get('maxAcctNameLength')->prop('type') : "") || 12; if ( length $acctName > $maxAcctNameLength ) { return $fm->localise('ACCOUNT_TOO_LONG', {maxLength => $maxAcctNameLength}); } else { return ('OK'); } } =head2 validate_acctName_conflict Returns 'OK' if the account name doesn't yet exist. Returns a localised error otherwise. =cut sub validate_acctName_conflict { my $fm = shift; my $acctName = shift; my $account = $accountdb->get($acctName); my $type; if (defined $account) { $type = $account->prop('type'); } elsif (defined getpwnam($acctName) || defined getgrnam($acctName)) { $type = "system"; } else { return('OK'); } return $fm->localise('ACCOUNT_CONFLICT', { account => $acctName, type => $type, }); } =head1 RESETTING THE PASSWORD =head2 reset_password() =cut sub reset_password { my ($fm) = @_; #my $acctName = $fm->{cgi}->param('acctName'); my ($appName, $acctName, $password1) = @_; #$fm->{cgi}->param(-name => 'wherenext', -value => 'FirstPage'); unless (($acctName) = ($acctName =~ /^(\w[\-\w]+)$/)) { $fm->set_status_message('TAINTED_USER'); return; } my $acct = $accountdb->get($acctName); if ( $acct->prop('type') eq "user") { #esmith::util::setUserPassword ($acctName, $fm->{cgi}->param('password1')); esmith::util::setUserPassword ($acctName, $password1); $acct->set_prop("PasswordSet", "yes"); undef $accountdb; if (system("/sbin/e-smith/signal-event", "password-modify", $acctName)) { $accountdb = esmith::AccountsDB->open(); #$fm->set_status_message ($fm->localise("ERR_OCCURRED_MODIFYING_PASSWORD")); return; } $accountdb = esmith::AccountsDB->open(); #$fm->set_status_message($fm->localise('PASSWORD_CHANGE_SUCCEEDED', #{ acctName => $acctName})); } #else #{ # $fm->set_status_message($fm->localise('NO_SUCH_USER', { acctName => $acctName})); #} }