Merge branch 'master' into indexer_rewrite

Conflicts: inc/fulltext.php inc/indexer.php lib/exe/indexer.php
author: Michael Hamann <michael@content-space.de> 2011-02-24 23:27:24 +0100
committer: Michael Hamann <michael@content-space.de> 2011-02-24 23:27:24 +0100
commit: f77fc90de1e477b721442757cd7413f91cccc044 (patch)
tree: 2abb734dacf39419b96b6b70c65115de57228fc3 /inc/auth
parent: b8c040db1fdc0eee80963e57d95a15fd3813912d (diff)
parent: bd07158f0f2569ae470f980dd49d69b7f1fd2c49 (diff)
download: rpg-f77fc90de1e477b721442757cd7413f91cccc044.tar.gz
rpg-f77fc90de1e477b721442757cd7413f91cccc044.tar.bz2
2 files changed, 54 insertions, 4 deletions
diff --git a/inc/auth/ad.class.php b/inc/auth/ad.class.php
index 5478d64b9..9ffd3e18b 100644
--- a/inc/auth/ad.class.php
+++ b/inc/auth/ad.class.php
@@ -24,6 +24,7 @@
  *   $conf['auth']['ad']['ad_password']        = 'pass';
  *   $conf['auth']['ad']['real_primarygroup']  = 1;
  *   $conf['auth']['ad']['use_ssl']            = 1;
+ *   $conf['auth']['ad']['use_tls']            = 1;
  *   $conf['auth']['ad']['debug']              = 1;
  *
  *   // get additional information to the userinfo array
@@ -51,6 +52,7 @@ class auth_ad extends auth_basic {
         global $conf;
         $this->cnf = $conf['auth']['ad'];
 
+
         // additional information fields
         if (isset($this->cnf['additional'])) {
             $this->cnf['additional'] = str_replace(' ', '', $this->cnf['additional']);
@@ -60,7 +62,7 @@ class auth_ad extends auth_basic {
         // ldap extension is needed
         if (!function_exists('ldap_connect')) {
             if ($this->cnf['debug'])
-                msg("LDAP err: PHP LDAP extension not found.",-1);
+                msg("AD Auth: PHP LDAP extension not found.",-1);
             $this->success = false;
             return;
         }
@@ -97,7 +99,12 @@ class auth_ad extends auth_basic {
         $this->opts['domain_controllers'] = array_map('trim',$this->opts['domain_controllers']);
         $this->opts['domain_controllers'] = array_filter($this->opts['domain_controllers']);
 
-        // we currently just handle authentication, so no capabilities are set
+        // we can change the password if SSL is set
+        if($this->opts['use_ssl'] || $this->opts['use_tls']){
+            $this->cando['modPass'] = true;
+        }
+        $this->cando['modName'] = true;
+        $this->cando['modMail'] = true;
     }
 
     /**
@@ -247,6 +254,49 @@ class auth_ad extends auth_basic {
     }
 
     /**
+     * Modify user data
+     *
+     * @param   $user      nick of the user to be changed
+     * @param   $changes   array of field/value pairs to be changed
+     * @return  bool
+    */
+    function modifyUser($user, $changes) {
+        $return = true;
+
+        // password changing
+        if(isset($changes['pass'])){
+            try {
+                $return = $this->adldap->user_password($user,$changes['pass']);
+            } catch (adLDAPException $e) {
+                if ($this->cnf['debug']) msg('AD Auth: '.$e->getMessage(), -1);
+                $return = false;
+            }
+            if(!$return) msg('AD Auth: failed to change the password. Maybe the password policy was not met?',-1);
+        }
+
+        // changing user data
+        $adchanges = array();
+        if(isset($changes['name'])){
+            // get first and last name
+            $parts = explode(' ',$changes['name']);
+            $adchanges['surname']   = array_pop($parts);
+            $adchanges['firstname'] = join(' ',$parts);
+            $adchanges['display_name'] = $changes['name'];
+        }
+        if(isset($changes['mail'])){
+            $adchanges['email'] = $changes['mail'];
+        }
+        try {
+            $return = $return & $this->adldap->user_modify($user,$adchanges);
+        } catch (adLDAPException $e) {
+            if ($this->cnf['debug']) msg('AD Auth: '.$e->getMessage(), -1);
+            $return = false;
+        }
+
+        return $return;
+    }
+
+    /**
      * Initialize the AdLDAP library and connect to the server
      */
     function _init(){
@@ -261,7 +311,7 @@ class auth_ad extends auth_basic {
             return true;
         } catch (adLDAPException $e) {
             if ($this->cnf['debug']) {
-                msg($e->getMessage(), -1);
+                msg('AD Auth: '.$e->getMessage(), -1);
             }
             $this->success = false;
             $this->adldap  = null;
diff --git a/inc/auth/mysql.class.php b/inc/auth/mysql.class.php
index dbdfe5fda..653c725a3 100644
--- a/inc/auth/mysql.class.php
+++ b/inc/auth/mysql.class.php
@@ -46,7 +46,7 @@ class auth_mysql extends auth_basic {
 
       // set capabilities based upon config strings set
       if (empty($this->cnf['server']) || empty($this->cnf['user']) ||
-          empty($this->cnf['password']) || empty($this->cnf['database'])){
+          !isset($this->cnf['password']) || empty($this->cnf['database'])){
         if ($this->cnf['debug'])
           msg("MySQL err: insufficient configuration.",-1,__LINE__,__FILE__);
         $this->success = false;
author	Michael Hamann <michael@content-space.de>	2011-02-24 23:27:24 +0100
committer	Michael Hamann <michael@content-space.de>	2011-02-24 23:27:24 +0100
commit	f77fc90de1e477b721442757cd7413f91cccc044 (patch)
tree	2abb734dacf39419b96b6b70c65115de57228fc3 /inc/auth
parent	b8c040db1fdc0eee80963e57d95a15fd3813912d (diff)
parent	bd07158f0f2569ae470f980dd49d69b7f1fd2c49 (diff)
download	rpg-f77fc90de1e477b721442757cd7413f91cccc044.tar.gz rpg-f77fc90de1e477b721442757cd7413f91cccc044.tar.bz2