From 5948ba909d1a2541865fcb2b52f76a7719f72f3e Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Tue, 29 May 2012 15:33:39 -0500 Subject: User editor dialog is now working in RO mode --- src/ldaplogindlg.cpp | 5 +- src/ldaplogindlgbase.ui | 60 ++---------- src/ldapmgr.cpp | 127 ++++++++++++++++++++++++- src/ldapmgr.h | 15 ++- src/ldappasswddlg.cpp | 3 - src/ldappasswddlg.h | 1 + src/libtdeldap.cpp | 248 ++++++++++++++++++++++++++++++++++++++++-------- src/libtdeldap.h | 5 +- src/userconfigbase.ui | 6 +- src/userconfigdlg.cpp | 120 ++++++++++++++++++++++- src/userconfigdlg.h | 7 +- 11 files changed, 486 insertions(+), 111 deletions(-) (limited to 'src') diff --git a/src/ldaplogindlg.cpp b/src/ldaplogindlg.cpp index f9ca3b5..7bd9147 100644 --- a/src/ldaplogindlg.cpp +++ b/src/ldaplogindlg.cpp @@ -30,12 +30,13 @@ #include #include #include +#include #include "ldaplogindlg.h" LDAPLogin::LDAPLogin(TQWidget *parent, const char *name ) : LDAPLoginDlg(parent,name) { - - px_introSidebar->setPixmap(UserIcon("step3.png")); + px_icon->setPixmap(SmallIcon("password.png")); + ldapAdminRealm->setEditable(true); } LDAPLogin::~LDAPLogin(){ diff --git a/src/ldaplogindlgbase.ui b/src/ldaplogindlgbase.ui index 1b3b600..43ac9b4 100644 --- a/src/ldaplogindlgbase.ui +++ b/src/ldaplogindlgbase.ui @@ -8,9 +8,9 @@ unnamed - + - px_introSidebar + px_icon @@ -20,17 +20,11 @@ 0 - - - 170 - 430 - - - Panel + NoFrame - Sunken + Plain true @@ -39,23 +33,15 @@ 0 - - - yad_string - - - <h3>You're almost done!</h3> - - passprompt - Please provide LDAP realm administrator credentials below to complete the bonding process + Please provide appropriate LDAP credentials below - + unnamed @@ -68,7 +54,7 @@ ldapAdminUsername - + unnamed @@ -81,7 +67,7 @@ ldapAdminPassword - + unnamed @@ -89,39 +75,11 @@ LDAP Realm - + ldapAdminRealm - - - Spacer6 - - - Vertical - - - Fixed - - - - 20 - 30 - - - - - - Spacer5 - - - Vertical - - - Expanding - - diff --git a/src/ldapmgr.cpp b/src/ldapmgr.cpp index b853684..70df49a 100644 --- a/src/ldapmgr.cpp +++ b/src/ldapmgr.cpp @@ -77,8 +77,11 @@ LDAPConfig::LDAPConfig(TQWidget *parent, const char *name, const TQStringList&) base->user_status->setEnabled(false); base->user_secondaryGroups->setEnabled(false); - connect(base->user_ldapRealm, TQT_SIGNAL(highlighted(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&))); + connect(base->user_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&))); + connect(base->group_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&))); + connect(base->machine_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&))); connect(base->user_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(userHighlighted())); + connect(base->group_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(groupHighlighted())); connect(base->user_buttonModify, TQT_SIGNAL(clicked()), this, TQT_SLOT(modifySelectedUser())); @@ -137,6 +140,11 @@ void LDAPConfig::processLockouts() { } void LDAPConfig::connectToRealm(const TQString& realm) { + // Update all drop down lists + base->user_ldapRealm->setCurrentItem(realm, false, -1); + base->group_ldapRealm->setCurrentItem(realm, false, -1); + base->machine_ldapRealm->setCurrentItem(realm, false, -1); + if (m_ldapmanager) { if (m_ldapmanager->realm() == realm) { return; @@ -149,13 +157,22 @@ void LDAPConfig::connectToRealm(const TQString& realm) { m_ldapmanager = new LDAPManager(realm, host); populateUsers(); + populateGroups(); + // RAJA FIXME + // Machines?? + + updateUsersList(); + updateGroupsList(); // RAJA FIXME - // Groups?? Machines?? + // Machines?? } void LDAPConfig::populateUsers() { m_userInfoList = m_ldapmanager->users(); - updateUsersList(); +} + +void LDAPConfig::populateGroups() { + m_groupInfoList = m_ldapmanager->groups(); } void LDAPConfig::updateUsersList() { @@ -168,6 +185,16 @@ void LDAPConfig::updateUsersList() { processLockouts(); } +void LDAPConfig::updateGroupsList() { + base->group_list->clear(); + LDAPGroupInfoList::Iterator it; + for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) { + LDAPGroupInfo group = *it; + (void)new TQListViewItem(base->group_list, group.name, TQString("%1").arg(group.gid)); + } + processLockouts(); +} + LDAPUserInfo LDAPConfig::findUserInfoByNameAndUID(TQString name, TQString uid) { // Figure out which user is selected LDAPUserInfoList::Iterator it; @@ -180,6 +207,30 @@ LDAPUserInfo LDAPConfig::findUserInfoByNameAndUID(TQString name, TQString uid) { return LDAPUserInfo(); } +LDAPGroupInfo LDAPConfig::findGroupInfoByNameAndGID(TQString name, TQString gid) { + // Figure out which group is selected + LDAPGroupInfoList::Iterator it; + for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) { + LDAPGroupInfo group = *it; + if ((group.name == name) && (TQString("%1").arg(group.gid) == gid)) { + return group; + } + } + return LDAPGroupInfo(); +} + +LDAPGroupInfo LDAPConfig::findGroupInfoByGID(TQString gid) { + // Figure out which group is selected + LDAPGroupInfoList::Iterator it; + for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) { + LDAPGroupInfo group = *it; + if (TQString("%1").arg(group.gid) == gid) { + return group; + } + } + return LDAPGroupInfo(); +} + LDAPUserInfo LDAPConfig::selectedUser() { TQListViewItem* lvi = base->user_list->currentItem(); if (!lvi) { @@ -188,16 +239,81 @@ LDAPUserInfo LDAPConfig::selectedUser() { return findUserInfoByNameAndUID(lvi->text(0), lvi->text(2)); } +LDAPGroupInfo LDAPConfig::selectedGroup() { + TQListViewItem* lvi = base->group_list->currentItem(); + if (!lvi) { + return LDAPGroupInfo(); + } + return findGroupInfoByNameAndGID(lvi->text(0), lvi->text(1)); +} + +LDAPUserInfo LDAPConfig::findUserByDistinguishedName(TQString dn) { + LDAPUserInfoList::Iterator it; + for (it = m_userInfoList.begin(); it != m_userInfoList.end(); ++it) { + LDAPUserInfo user = *it; + if (user.distinguishedName == dn) { + return user; + } + } + return LDAPUserInfo(); +} + +LDAPGroupInfoList LDAPConfig::findGroupsForUserByDistinguishedName(TQString dn) { + LDAPGroupInfoList groups; + + LDAPGroupInfoList::Iterator it; + for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) { + LDAPGroupInfo group = *it; + if (group.userlist.contains(dn)) { + groups.append(group); + } + } + + return groups; +} + +LDAPUserInfoList LDAPConfig::userList() { + return m_userInfoList; +} + +LDAPGroupInfoList LDAPConfig::groupList() { + return m_groupInfoList; +} + void LDAPConfig::userHighlighted() { // Show information in the quick view area LDAPUserInfo user = selectedUser(); base->user_loginName->setText(user.name); base->user_uid->setText(TQString("%1").arg(user.uid)); - base->user_primaryGroup->setText(TQString("%1").arg(user.primary_gid)); + base->user_primaryGroup->setText(findGroupInfoByGID(TQString("%1").arg(user.primary_gid)).name); base->user_realName->setText(user.commonName); base->user_status->setText((user.status == KRB5_DISABLED_ACCOUNT)?"Disabled":"Enabled"); - base->user_secondaryGroups->setText("RAJA FIXME"); + LDAPGroupInfoList groupsForUser = findGroupsForUserByDistinguishedName(user.distinguishedName); + TQString groupsForUserText; + LDAPGroupInfoList::Iterator it; + for (it = groupsForUser.begin(); it != groupsForUser.end(); ++it) { + if (it != groupsForUser.begin()) { + groupsForUserText.append(","); + } + groupsForUserText.append((*it).name); + } + base->user_secondaryGroups->setText(groupsForUserText); + + processLockouts(); +} + +void LDAPConfig::groupHighlighted() { + // Show information in the quick view area + LDAPGroupInfo group = selectedGroup(); + + base->group_memberList->clear(); + for ( TQStringList::Iterator it = group.userlist.begin(); it != group.userlist.end(); ++it ) { + LDAPUserInfo user = findUserByDistinguishedName(*it); + (void)new TQListViewItem(base->group_memberList, user.name, user.commonName, TQString("%1").arg(user.uid)); + } + + // RAJA FIXME processLockouts(); } @@ -207,6 +323,7 @@ void LDAPConfig::modifySelectedUser() { LDAPUserInfo user = selectedUser(); // RAJA FIXME + // Reload user data from LDAP before launching dialog!!!! Otherwise people who leave the LDAP manager open for days at a time (admins) will end up inserting stale data into the LDAP database!!! UserConfigDialog userconfigdlg(user, this); if (userconfigdlg.exec() == TQDialog::Accepted) { } diff --git a/src/ldapmgr.h b/src/ldapmgr.h index 46b69de..b875c3a 100644 --- a/src/ldapmgr.h +++ b/src/ldapmgr.h @@ -54,13 +54,25 @@ class LDAPConfig: public KCModule void processLockouts(); void connectToRealm(const TQString&); void populateUsers(); + void populateGroups(); void updateUsersList(); + void updateGroupsList(); void userHighlighted(); + void groupHighlighted(); void modifySelectedUser(); - private: + public: LDAPUserInfo findUserInfoByNameAndUID(TQString name, TQString uid); + LDAPGroupInfo findGroupInfoByNameAndGID(TQString name, TQString gid); + LDAPGroupInfo findGroupInfoByGID(TQString gid); + LDAPUserInfo findUserByDistinguishedName(TQString dn); + LDAPGroupInfoList findGroupsForUserByDistinguishedName(TQString dn); + LDAPUserInfoList userList(); + LDAPGroupInfoList groupList(); + + private: LDAPUserInfo selectedUser(); + LDAPGroupInfo selectedGroup(); private: KAboutData *myAboutData; @@ -70,6 +82,7 @@ class LDAPConfig: public KCModule LDAPManager *m_ldapmanager; LDAPUserInfoList m_userInfoList; + LDAPGroupInfoList m_groupInfoList; }; #endif diff --git a/src/ldappasswddlg.cpp b/src/ldappasswddlg.cpp index 43d2764..054f9dc 100644 --- a/src/ldappasswddlg.cpp +++ b/src/ldappasswddlg.cpp @@ -36,9 +36,6 @@ LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name) { m_base = new LDAPLogin(this); - m_base->px_introSidebar->hide(); - m_base->yad_string->hide(); - setMainWidget(m_base); } diff --git a/src/ldappasswddlg.h b/src/ldappasswddlg.h index 1869392..2c3c060 100644 --- a/src/ldappasswddlg.h +++ b/src/ldappasswddlg.h @@ -22,6 +22,7 @@ #define _LDAPPASSWORDDIALOG_H_ #include +#include #include "ldaplogindlg.h" diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index f6f7466..80a037f 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -82,7 +82,7 @@ int LDAPManager::bind() { TQString errorString; LDAPPasswordDialog passdlg(0); passdlg.m_base->ldapAdminRealm->setEnabled(false); - passdlg.m_base->ldapAdminRealm->setText(m_realm); + passdlg.m_base->ldapAdminRealm->insertItem(m_realm); if (passdlg.exec() == TQDialog::Accepted) { char* mechanism = NULL; struct berval cred; @@ -210,22 +210,27 @@ printf("[RAJA DEBUG 100.2] The number of entries returned was %d\n\n", ldap_coun LDAPMessage* entry; int i; for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) { + LDAPUserInfo userinfo; + if((dn = ldap_get_dn(m_ldap, entry)) != NULL) { printf("Returned dn: %s\n", dn); + userinfo.distinguishedName = dn; + TQStringList dnParts = TQStringList::split(",", dn); + TQString id = dnParts[0]; + if (id.startsWith("uid=")) { + id = id.remove(0, 4); + userinfo.name = id; + } ldap_memfree(dn); } - LDAPUserInfo userinfo; for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) { if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) { -printf("%s: %s\n\r", attr, vals[i]->bv_val); +printf("[RAJA DEBUG 100.3] %s: %s\n\r", attr, vals[i]->bv_val); userinfo.informationValid = true; TQString ldap_field = attr; i=0; - if (ldap_field == "uid") { - userinfo.name = vals[i]->bv_val; - } - else if (ldap_field == "uidNumber") { + if (ldap_field == "uidNumber") { userinfo.uid = atoi(vals[i]->bv_val); } else if (ldap_field == "loginShell") { @@ -241,17 +246,38 @@ printf("%s: %s\n\r", attr, vals[i]->bv_val); userinfo.status = (LDAPKRB5Flags)(atoi(vals[i]->bv_val)); } else if (ldap_field == "createTimestamp") { // YYYYMMDD000000Z - userinfo.account_created = TQDateTime::fromString(vals[i]->bv_val); + TQString formattedDate = vals[i]->bv_val; + formattedDate.insert(4,"-"); + formattedDate.insert(7,"-"); + formattedDate.insert(10,"T"); + formattedDate.insert(13,":"); + formattedDate.insert(16,":"); + formattedDate.remove(19, 1); + userinfo.account_created = TQDateTime::fromString(formattedDate, TQt::ISODate); } else if (ldap_field == "modifyTimestamp") { // YYYYMMDD000000Z - userinfo.account_modified = TQDateTime::fromString(vals[i]->bv_val); + TQString formattedDate = vals[i]->bv_val; + formattedDate.insert(4,"-"); + formattedDate.insert(7,"-"); + formattedDate.insert(10,"T"); + formattedDate.insert(13,":"); + formattedDate.insert(16,":"); + formattedDate.remove(19, 1); + userinfo.account_modified = TQDateTime::fromString(formattedDate, TQt::ISODate); } // FIXME // These two attributes do not seem to be available with a Heimdal KDC // userinfo.password_last_changed = vals[i]->bv_val; // userinfo.password_expires = vals[i]->bv_val; else if (ldap_field == "krb5PasswordEnd") { // YYYYMMDD000000Z - userinfo.password_expiration = TQDateTime::fromString(vals[i]->bv_val); + TQString formattedDate = vals[i]->bv_val; + formattedDate.insert(4,"-"); + formattedDate.insert(7,"-"); + formattedDate.insert(10,"T"); + formattedDate.insert(13,":"); + formattedDate.insert(16,":"); + formattedDate.remove(19, 1); + userinfo.password_expiration = TQDateTime::fromString(formattedDate, TQt::ISODate); } // FIXME // These six(!) attributes do not seem to be available with a Heimdal KDC @@ -306,40 +332,85 @@ printf("%s: %s\n\r", attr, vals[i]->bv_val); // FIXME // This attribute is not present in my current LDAP schema // userinfo.website = vals[i]->bv_val; - - // RAJA FIXME - // Populate these fields! -// userinfo.poBox = vals[i]->bv_val; -// userinfo.street = vals[i]->bv_val; -// userinfo.address = vals[i]->bv_val; -// userinfo.state = vals[i]->bv_val; -// userinfo.postcode = vals[i]->bv_val; -// userinfo.registeredAddress = vals[i]->bv_val; -// userinfo.homeAddress = vals[i]->bv_val; -// userinfo.seeAlso = vals[i]->bv_val; -// userinfo.deliveryOffice = vals[i]->bv_val; -// userinfo.department = vals[i]->bv_val; -// userinfo.roomNumber = vals[i]->bv_val; -// userinfo.employeeType = vals[i]->bv_val; -// userinfo.employeeNumber = vals[i]->bv_val; + else if (ldap_field == "postOfficeBox") { + userinfo.poBox = vals[i]->bv_val; + } + else if (ldap_field == "street") { + userinfo.street = vals[i]->bv_val; + } + else if (ldap_field == "postalAddress") { + userinfo.address = vals[i]->bv_val; + } + else if (ldap_field == "st") { + userinfo.state = vals[i]->bv_val; + } + else if (ldap_field == "postalCode") { + userinfo.postcode = vals[i]->bv_val; + } + else if (ldap_field == "registeredAddress") { + userinfo.registeredAddress = vals[i]->bv_val; + } + else if (ldap_field == "homePostalAddress") { + userinfo.homeAddress = vals[i]->bv_val; + } + else if (ldap_field == "seeAlso") { + userinfo.seeAlso = vals[i]->bv_val; + } + else if (ldap_field == "physicalDeliveryOfficeName") { + userinfo.deliveryOffice = vals[i]->bv_val; + } + else if (ldap_field == "departmentNumber") { + userinfo.department = vals[i]->bv_val; + } + else if (ldap_field == "roomNumber") { + userinfo.roomNumber = vals[i]->bv_val; + } + else if (ldap_field == "employeeType") { + userinfo.employeeType = vals[i]->bv_val; + } + else if (ldap_field == "employeeNumber") { + userinfo.employeeNumber = vals[i]->bv_val; + } + // FIXME + // These two attributes are not present in my current LDAP schema // userinfo.manager = vals[i]->bv_val; // userinfo.secretary = vals[i]->bv_val; -// userinfo.isdnNumber = vals[i]->bv_val; + else if (ldap_field == "internationaliSDNNumber") { + userinfo.isdnNumber = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema // userinfo.teletexID = vals[i]->bv_val; -// userinfo.telexNumber = vals[i]->bv_val; + else if (ldap_field == "telexNumber") { + userinfo.telexNumber = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema // userinfo.preferredDelivery = vals[i]->bv_val; -// userinfo.destinationIndicator = vals[i]->bv_val; -// userinfo.x121Address = vals[i]->bv_val; -// userinfo.displayName = vals[i]->bv_val; -// userinfo.preferredLanguage = vals[i]->bv_val; + else if (ldap_field == "destinationIndicator") { + userinfo.destinationIndicator = vals[i]->bv_val; + } + else if (ldap_field == "x121Address") { + userinfo.x121Address = vals[i]->bv_val; + } + else if (ldap_field == "displayName") { + userinfo.displayName = vals[i]->bv_val; + } + else if (ldap_field == "preferredLanguage") { + userinfo.preferredLanguage = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema // userinfo.uniqueIdentifier = vals[i]->bv_val; -// userinfo.businessCategory = vals[i]->bv_val; -// userinfo.carLicense = vals[i]->bv_val; + else if (ldap_field == "preferredLanguage") { + userinfo.businessCategory = vals[i]->bv_val; + } + else if (ldap_field == "carLicense") { + userinfo.carLicense = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema // userinfo.notes = vals[i]->bv_val; - -// for(i = 0; vals[i] != NULL; i++) { -// printf("%s: %s\n", attr, vals[i]->bv_val); -// } ldap_value_free_len(vals); } ldap_memfree(attr); @@ -363,6 +434,99 @@ printf("%s: %s\n\r", attr, vals[i]->bv_val); return LDAPUserInfoList(); } +LDAPGroupInfoList LDAPManager::groups() { + int retcode; + LDAPGroupInfoList groups; +printf("[RAJA DEBUG 110.0] In LDAPManager::groups()\n\r"); fflush(stdout); + + if (bind() < 0) { + return LDAPGroupInfoList(); + } + else { +printf("[RAJA DEBUG 110.1] In LDAPManager::groups() bind was OK\n\r"); fflush(stdout); + LDAPMessage* msg; + TQString ldap_base_dn = m_basedc; + TQString ldap_filter = "(objectClass=posixGroup)"; + struct timeval timeout; + timeout.tv_sec = 10; // 10 second timeout + retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("LDAP search failure

Reason: [%3] %4").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return LDAPGroupInfoList(); + } + +printf("[RAJA DEBUG 110.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg)); + + // Iterate through the returned entries + char* dn = NULL; + char* attr; + struct berval **vals; + BerElement* ber; + LDAPMessage* entry; + int i; + for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) { + LDAPGroupInfo groupinfo; + + if((dn = ldap_get_dn(m_ldap, entry)) != NULL) { + printf("Returned dn: %s\n", dn); + groupinfo.distinguishedName = dn; + TQStringList dnParts = TQStringList::split(",", dn); + TQString id = dnParts[0]; + if (id.startsWith("cn=")) { + id = id.remove(0, 3); + groupinfo.name = id; + } + else { + continue; + } + ldap_memfree(dn); + } + + for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) { + if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) { +for(i = 0; vals[i] != NULL; i++) { + printf("[RAJA DEBUG 110.3] %s: %s\n\r", attr, vals[i]->bv_val); +} + groupinfo.informationValid = true; + TQString ldap_field = attr; + i=0; + if (ldap_field == "member") { + TQStringList members; + for(i = 0; vals[i] != NULL; i++) { + TQString userdn = vals[i]->bv_val; + if (userdn.startsWith("cn=placeholder,dc=")) { + continue; + } + members.append(userdn); + } + groupinfo.userlist = members; + } + else if (ldap_field == "gidNumber") { + groupinfo.gid = atoi(vals[i]->bv_val); + } + ldap_value_free_len(vals); + } + ldap_memfree(attr); + } + groups.append(groupinfo); + + if (ber != NULL) { + ber_free(ber, 0); + } + + printf("\n\r"); + } + + // clean up + ldap_msgfree(msg); + + // RAJA FIXME + return groups; + } + + return LDAPGroupInfoList(); +} + // =============================================================================================================== // // DATA CLASS CONSTRUCTORS AND DESTRUCTORS @@ -376,11 +540,11 @@ LDAPUserInfo::LDAPUserInfo() { uid = -1; primary_gid = -1; status = (LDAPKRB5Flags)0; - account_created = TQDateTime::fromString("01-01-1970 00:00:00"); - account_modified = TQDateTime::fromString("01-01-1970 00:00:00"); - password_last_changed = TQDateTime::fromString("01-01-1970 00:00:00"); + account_created = TQDateTime::fromString("1970-01-01T00:00:00", TQt::ISODate); + account_modified = TQDateTime::fromString("1970-01-01T00:00:00", TQt::ISODate); + password_last_changed = TQDateTime::fromString("1970-01-01T00:00:00", TQt::ISODate); password_expires = false; - password_expiration = TQDateTime::fromString("01-01-1970 00:00:00"); + password_expiration = TQDateTime::fromString("1970-01-01T00:00:00", TQt::ISODate); password_ages = false; new_password_interval = -1; new_password_warn_interval = -1; diff --git a/src/libtdeldap.h b/src/libtdeldap.h index 1281ec3..2a06ae9 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -74,6 +74,7 @@ class LDAPUserInfo public: bool informationValid; + TQString distinguishedName; TQString name; uid_t uid; @@ -150,10 +151,11 @@ class LDAPGroupInfo public: bool informationValid; + TQString distinguishedName; TQString name; gid_t gid; - UserList userlist; + TQStringList userlist; }; typedef TQValueList LDAPUserInfoList; @@ -170,6 +172,7 @@ class LDAPManager : public TQObject { int bind(); int unbind(bool force); LDAPUserInfoList users(); + LDAPGroupInfoList groups(); private: TQString m_realm; diff --git a/src/userconfigbase.ui b/src/userconfigbase.ui index 03c2690..662240e 100644 --- a/src/userconfigbase.ui +++ b/src/userconfigbase.ui @@ -406,7 +406,7 @@ - userStatusEnabled + passwordExpireDisabled @@ -419,10 +419,10 @@ - userStatusDisabled + passwordExpireEnabled - + expirationDate diff --git a/src/userconfigdlg.cpp b/src/userconfigdlg.cpp index 477585d..48724fa 100644 --- a/src/userconfigdlg.cpp +++ b/src/userconfigdlg.cpp @@ -28,20 +28,136 @@ #include #include #include +#include +#include +#include +#include +#include +#include "ldapmgr.h" #include "userconfigdlg.h" -UserConfigDialog::UserConfigDialog(LDAPUserInfo user, TQWidget* parent, const char* name) - : KDialogBase(parent, name, true, i18n("LDAP User Properties"), Ok|Cancel, Ok, true), m_user(user) +UserConfigDialog::UserConfigDialog(LDAPUserInfo user, LDAPConfig* parent, const char* name) + : KDialogBase(parent, name, true, i18n("LDAP User Properties"), Ok|Cancel, Ok, true), m_user(user), m_ldapconfig(parent) { m_base = new LDAPUserConfigBase(this); setMainWidget(m_base); + + TQStringList availableShells = TQStringList::split(" ", AVAILABLE_SHELLS); + for ( TQStringList::Iterator it = availableShells.begin(); it != availableShells.end(); ++it ) { + m_base->shell->insertItem(*it, -1); + } + m_base->loginName->setEnabled(false); + m_base->lastChanged->setEnabled(false); + + connect(m_base->passwordExpireEnabled, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); + connect(m_base->passwordExpireDisabled, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); + connect(m_base->requirePasswordAging, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); + connect(m_base->requirePasswordMinAge, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); + connect(m_base->primaryGroup, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(processLockouts())); + + // Update fields +// KPasswordEdit* passwordEntry; + + if (m_user.status == KRB5_DISABLED_ACCOUNT) { + m_base->userStatusEnabled->setChecked(false); + m_base->userStatusDisabled->setChecked(true); + } + else { + m_base->userStatusEnabled->setChecked(true); + m_base->userStatusDisabled->setChecked(false); + } + m_base->loginName->setText(m_user.name); + m_base->realName->setText(m_user.commonName); + m_base->UID->setValue(m_user.uid); + + LDAPGroupInfoList groupList = m_ldapconfig->groupList(); + LDAPGroupInfoList::Iterator it; + for (it = groupList.begin(); it != groupList.end(); ++it) { + m_base->primaryGroup->insertItem((*it).name, -1); + } + m_base->primaryGroup->setCurrentItem(m_ldapconfig->findGroupInfoByGID(TQString("%1").arg(m_user.primary_gid)).name, false, -1); + m_prevPrimaryGroup = m_base->primaryGroup->currentText(); + + m_base->homeDirectory->setURL(m_user.homedir); + m_base->shell->setEditText(m_user.shell); + + for (it = groupList.begin(); it != groupList.end(); ++it) { + LDAPGroupInfo group = *it; + TQCheckListItem* item = new TQCheckListItem(m_base->secondary_group_list, group.name, TQCheckListItem::CheckBox); + item->setOn(group.userlist.contains(m_user.distinguishedName)); + } + +// m_base->passwordEntry; + m_base->lastChanged->setText(m_user.password_last_changed.toString(TQt::TextDate)); + if (m_user.password_expires) { + m_base->passwordExpireEnabled->setChecked(true); + m_base->passwordExpireDisabled->setChecked(false); + } + else { + m_base->passwordExpireEnabled->setChecked(false); + m_base->passwordExpireDisabled->setChecked(true); + } + m_base->expirationDate->setDateTime(m_user.password_expiration); + m_base->requirePasswordAging->setChecked(m_user.password_ages); + m_base->requirePasswordInterval->setValue(m_user.new_password_interval/24); + m_base->warnPasswordExpireInterval->setValue(m_user.new_password_warn_interval/24); + m_base->disablePasswordDelay->setValue(m_user.new_password_lockout_delay/24); + m_base->requirePasswordMinAge->setChecked(m_user.password_has_minimum_age); + m_base->passwordMinAge->setValue(m_user.password_minimum_age/24); + + processLockouts(); } void UserConfigDialog::slotOk() { accept(); } +void UserConfigDialog::processLockouts() { + if (m_base->passwordExpireEnabled->isChecked()) { + m_base->expirationDate->setEnabled(true); + } + else { + m_base->expirationDate->setEnabled(false); + } + + if (m_base->requirePasswordAging->isChecked()) { + m_base->requirePasswordInterval->setEnabled(true); + m_base->warnPasswordExpireInterval->setEnabled(true); + m_base->disablePasswordDelay->setEnabled(true); + } + else { + m_base->requirePasswordInterval->setEnabled(false); + m_base->warnPasswordExpireInterval->setEnabled(false); + m_base->disablePasswordDelay->setEnabled(false); + } + + if (m_base->requirePasswordMinAge->isChecked()) { + m_base->passwordMinAge->setEnabled(true); + } + else { + m_base->passwordMinAge->setEnabled(false); + } + + // Disable the primary group checkbox in the group list + TQListViewItemIterator it(m_base->secondary_group_list); + while (it.current()) { + if (it.current()->text(0) == m_base->primaryGroup->currentText()) { + dynamic_cast(it.current())->setOn(true); + it.current()->setEnabled(false); + } + else { + it.current()->setEnabled(true); + if (it.current()->text(0) == m_prevPrimaryGroup) { + dynamic_cast(it.current())->setOn(false); + } + } + ++it; + } + + m_prevPrimaryGroup = m_base->primaryGroup->currentText(); +} + LDAPUserInfo UserConfigDialog::userProperties() { return m_user; } diff --git a/src/userconfigdlg.h b/src/userconfigdlg.h index 6ab3033..909dd16 100644 --- a/src/userconfigdlg.h +++ b/src/userconfigdlg.h @@ -26,22 +26,27 @@ #include "libtdeldap.h" #include "userconfigbase.h" +#define AVAILABLE_SHELLS "/bin/bash /bin/sh /bin/dash /bin/rbash /usr/bin/screen" + class UserConfigDialog : public KDialogBase { Q_OBJECT public: - UserConfigDialog(LDAPUserInfo user, TQWidget* parent = 0, const char* name = 0); + UserConfigDialog(LDAPUserInfo user, LDAPConfig* parent = 0, const char* name = 0); LDAPUserInfo userProperties(); public slots: void slotOk(); + void processLockouts(); public: LDAPUserConfigBase *m_base; private: LDAPUserInfo m_user; + LDAPConfig* m_ldapconfig; + TQString m_prevPrimaryGroup; }; #endif // _USERCONFIGDIALOG_H_ -- cgit v1.2.1