inetOrgPerson
extends baseModule
in package
implements
passwordService, AccountStatusProvider
This module manages LDAP attributes of the object class inetOrgPerson (e.g. name and address).
Interfaces, Classes, Traits and Enums
- passwordService
- This interface needs to be implemented by all account modules which manage passwords.
- AccountStatusProvider
- Provides module information about the status of an LDAP account.
Table of Contents
- ATTRIBUTES_TO_IGNORE_ON_COPY_DEFAULT = array('uid', 'uidNumber', 'gid', 'gidNumber', 'cn', 'userpassword', 'sn', 'givenName', 'initials', 'telephoneNumber', 'homePhone', 'mobile', 'facsimileTelephoneNumber', 'pager', 'mail', 'employeeNumber', 'userCertificate;binary', 'userCertificate', 'homeDirectory', 'unixHomeDirectory', 'jpegPhoto')
- These attributes will be ignored by default if a new account is copied from an existing one.
- SESS_CERTIFICATES_LIST = 'inetOrgPerson_certificatesList'
- session variable for existing user certificates in self service
- SESS_PHOTO = 'inetOrgPerson_jpegPhoto'
- session variable for existing user certificates in self service
- STATUS_PASSWORD_LOCKED = "INETORG_PERSON_PASSWORD_LOCKED"
- ID for locked password status.
- $attributes : mixed
- contains all ldap attributes which should be written
- $autoAddObjectClasses : mixed
- if true, managed object classes are added when an account is created or loaded (default: true)
- $messages : mixed
- contains all error messages of a module
- $meta : mixed
- includes all meta data provided by the sub class
- $moduleSettings : mixed
- configuration settings of all modules
- $orig : mixed
- contains all ldap attributes which are loaded from ldap
- $selfServiceSettings : selfServiceProfile
- self service profile with settings of all modules
- $base : mixed
- name of parent accountContainer ($_SESSION[$base])
- $businessCategoryCache : mixed
- business category cache
- $clearTextPassword : mixed
- clear text password
- $departmentCache : mixed
- cache for departments
- $emailCheckCache : mixed
- email cache
- $employeeTypeCache : mixed
- employee type cache
- $oCache : mixed
- organization cache
- $ouCache : mixed
- organizational unit cache
- $scope : mixed
- the account type of this module (user, group, host)
- $titleCache : mixed
- title cache
- __construct() : mixed
- Creates a new base module class
- accountStatusPerformLock() : void
- Locks the account with the given lock IDs.
- accountStatusPerformUnlock() : void
- Unlocks the account with the given lock IDs.
- addPasswordQuickChangeAccountDetails() : void
- Adds account details such as first/last name for the current account.
- addPDFImage() : mixed
- Adds an image to the PDF.
- addPDFKeyValue() : mixed
- Adds a simple PDF entry with the given key and value.
- addPDFTable() : mixed
- Adds a table entry to the PDF.
- build_uploadAccounts() : array<string|int, mixed>
- In this function the LDAP accounts are built.
- can_manage() : bool
- Returns true if this module can manage accounts of the current type, otherwise false.
- canSelfServiceFieldBeReadOnly() : bool
- Returns if a given self service field can be set in read-only mode.
- canSelfServiceFieldBeRelabeled() : bool
- Returns if a self service field can be relabeled.
- check_configOptions() : array<string|int, mixed>
- Checks input values of module settings.
- check_profileOptions() : array<string|int, mixed>
- Checks input values of account profiles.
- checkGlobalConfigOptions() : void
- Checks the global config options.
- checkSelfServiceOptions() : array<string|int, mixed>
- Checks if all input values are correct and returns the LDAP attributes which should be changed.
- checkSelfServiceSettings() : array<string|int, mixed>
- Checks if the self service settings are valid.
- delete_attributes() : array<string|int, mixed>
- This function returns an array with the same syntax as save_attributes().
- display_html_attributes() : array<string|int, mixed>
- Returns the HTML meta data for the main account page.
- display_html_delete() : htmlElement
- This function creates meta HTML code which will be displayed when an account should be deleted.
- display_html_manager() : htmlElement
- This function will create the meta HTML code to show a page to change the manager attribute.
- display_html_photo() : array<string|int, mixed>
- Displays the photo upload page.
- display_html_userCertificate() : array<string|int, mixed>
- Displays the certificate upload page.
- displaySpecialSelfServicePage() : htmlElement
- This function creates meta HTML code to display the module specific page for the self service.
- doUploadPostActions() : array<string|int, mixed>
- This function is responsible to do additional tasks after the account has been created in LDAP (e.g. modifying group memberships, adding Quota etc..).
- doUploadPreActions() : array<string|int, mixed>
- Runs any actions that need to be done before an LDAP entry is created.
- get_alias() : string
- Returns an alias name for the module.
- get_configOptions() : mixed
- Returns a list of configuration options.
- get_dependencies() : array<string|int, mixed>
- This function returns a list with all depending and conflicting modules.
- get_help() : array<string|int, mixed>
- This function returns the help entry array for a specific help id.
- get_ldap_filter() : string
- Returns an LDAP filter for the account lists
- get_metaData() : array<string|int, mixed>
- Returns meta data that is interpreted by parent class
- get_pdfEntries() : array<string|int, PDFEntry>
- Returns the PDF entries for this module.
- get_pdfFields() : array<string|int, mixed>
- Returns a hashtable with all entries that may be printed out in the PDF.
- get_profileOptions() : htmlElement
- This function defines what attributes will be used in the account profiles and their appearance in the profile editor.
- get_RDNAttributes() : array<string|int, mixed>
- Returns a hash array containing a list of possible LDAP attributes that can be used to form the RDN (Relative Distinguished Name).
- get_scope() : string
- Returns the account type of this module (user, group, host)
- get_uploadColumns() : array<string|int, mixed>
- Returns an array containing all input columns for the file upload.
- get_uploadPreDepends() : array<string|int, mixed>
- Returns a list of module names which must be processed in building the account before this module.
- getAccountStatusDetails() : array<string|int, AccountStatusDetails>
- Returns the list of account status detail lines.
- getAccountStatusPossibleLockOptions() : array<string|int, AccountStatusDetails>
- Returns a list of options how the account could be locked.
- getAccountStatusRequiredAttributes() : array<string|int, mixed>
- Returns the list of LDAP attributes that must be read to get the account status.
- getAttributes() : array<string|int, mixed>
- Returns the LDAP attributes which are managed in this module.
- getButtonStatus() : string
- Controls if the module button the account page is visible and activated.
- getGlobalConfigOptions() : array<string|int, htmlElement>
- Returns a list of config options for LAM's main configuration.
- getIcon() : unknown
- Returns the path to the module icon.
- getLDAPAliases() : array<string|int, mixed>
- Returns a list of aliases for LDAP attributes.
- getLinkToSpecialSelfServicePage() : string
- This allows modules to create a link to a module specific page for the self service.
- getListAttributeDescriptions() : array<string|int, mixed>
- Returns a list of attribute descriptions for the account list.
- getListFilterFunction() : callable|null
- Returns a callable if there should be a custom filtering for the given attribute name.
- getListRenderFunction() : callable|null
- Returns a callable if there should be a custom display for the given attribute name.
- getManagedAttributes() : array<string|int, mixed>
- Returns a list of LDAP attributes which are managed by this module.
- getManagedHiddenAttributes() : array<string|int, mixed>
- Returns a list of operational LDAP attributes which are managed by this module and need to be explicitly set for LDAP search.
- getManagedObjectClasses() : array<string|int, mixed>
- Returns a list of managed object classes for this module.
- getOriginalAttributes() : array<string|int, mixed>
- Returns the LDAP attributes which are managed in this module (with unchanged values).
- getPasswordQuickChangeChanges() : array<string|int, mixed>
- Returns a list of LDAP attribute changes to perform.
- getPasswordQuickChangeIsPasswordInHistory() : bool
- Returns if the password is not same as an old password from history.
- getPasswordQuickChangeOptions() : array<string|int, PasswordQuickChangeOption>
- Returns a list of password quick change options.
- getPasswordQuickChangePasswordStrengthAttributes() : array<string|int, mixed>
- Returns additional attribute values to check when password strength is validated.
- getPasswordQuickChangePasswordStrengthUserName() : string|null
- Returns the user name if known to be validated for password strength.
- getRequiredExtensions() : array<string|int, mixed>
- This function returns a list of PHP extensions (e.g. hash) which are needed by this module.
- getSelfServiceFields() : array<string|int, mixed>
- Returns a list of possible input fields and their descriptions.
- getSelfServiceOptions() : array<string|int, mixed>
- Returns the meta HTML code for each input field.
- getSelfServiceSearchAttributes() : array<string|int, mixed>
- This function returns a list of possible LDAP attributes (e.g. uid, cn, ...) which can be used to search for LDAP objects.
- getSelfServiceSettings() : htmlElement
- Returns a list of self service configuration settings.
- getSupportedJobs() : mixed
- Returns a list of jobs that can be run.
- getWildCardReplacements() : array<string|int, mixed>
- Returns a list of wildcards that can be replaced in input fields.
- handleAjaxRequest() : mixed
- Manages AJAX requests.
- hasOnlyVirtualChildren() : bool
- Defines if the LDAP entry has only virtual child entries. This is the case for e.g. LDAP views.
- init() : mixed
- Initializes the module after it became part of an {@link accountContainer}
- invalidAjaxRequest() : mixed
- Invalid AJAX request received.
- is_base_module() : bool
- Returns true if your module is a base module and otherwise false.
- isLocked() : bool
- Returns if the password of the current account is locked.
- load_attributes() : mixed
- This function loads the LDAP attributes when an account should be loaded.
- load_Messages() : mixed
- This function fills the message array.
- load_profile() : mixed
- Loads the values of an account profile into internal variables.
- loadAttributesFromAccountCopy() : void
- Loads the LDAP data from an account to copy.
- managesPasswordAttributes() : bool
- This method specifies if a module manages password attributes.
- module_complete() : bool
- This functions return true if all needed settings are done.
- module_ready() : bool
- This function is used to check if this module page can be displayed.
- passwordChangeRequested() : array<string|int, mixed>
- This function is called whenever the password should be changed. Account modules must change their password attributes only if the modules list contains their module name.
- postDeleteActions() : array<string|int, mixed>
- Allows the module to run commands after the LDAP entry is deleted.
- postModifyActions() : array<string|int, mixed>
- Runs the postmodify actions.
- postModifySelfService() : bool
- Allows the module to run commands after the LDAP entry is changed or created.
- preDeleteActions() : array<string|int, mixed>
- Allows the module to run commands before the LDAP entry is deleted.
- preModifyActions() : array<string|int, mixed>
- Allows the module to run commands before the LDAP entry is changed or created.
- preModifySelfService() : bool
- Allows the module to run commands before the LDAP entry is changed or created.
- process_attributes() : array<string|int, mixed>
- Processes user input of the primary module page.
- process_manager() : array<string|int, mixed>
- Processes user input of the manager page.
- process_photo() : array<string|int, mixed>
- Sets a new photo.
- process_userCertificate() : array<string|int, mixed>
- Sets a new certificate or deletes old ones.
- runGlobalCronActions() : void
- Runs any global cron actions.
- save_attributes() : array<string|int, mixed>
- Returns a list of modifications which have to be made to the LDAP account.
- supportsAdminInterface() : bool
- Specifies if this module supports the LAM admin interface.
- supportsForcePasswordChange() : bool
- Specifies if this module supports to force that a user must change his password on next login.
- supportsGlobalCronJob() : bool
- Specifies if the module supports global cron job actions.
- supportsPasswordQuickChangePage() : bool
- Specifies if the module support password quick change for the current account.
- addDoubleSelectionArea() : mixed
- Adds an area with two multi-select fields with buttons to move items from right to left and vice-versa.
- addMultiValueInputTextField() : mixed
- Adds a text input field that may contain multiple values to the given htmlResponsiveRow.
- addMultiValueSelectField() : mixed
- Adds a select field type that may contain multiple values to the given htmlTable.
- addMultiValueSelfServiceTextField() : mixed
- Adds a simple text input field for the self service.
- addSimpleInputTextField() : mixed
- Adds a simple text input field to the given htmlResponsiveRow.
- addSimplePDFField() : mixed
- Adds a simple PDF entry to the given array.
- addSimpleReadOnlyField() : mixed
- Adds a simple read-only field to the given container.
- addSimpleSelfServiceTextField() : mixed
- Adds a simple text input field for the self service.
- checkMultiValueSelfServiceTextField() : mixed
- Checks the input value of a self service multi-value text field.
- checkSimpleSelfServiceTextField() : mixed
- Checks the input value of a self service text field.
- getAccountContainer() : accountContainer|null
- Returns the {@link accountContainer} object.
- getSelfServiceLabel() : string
- Returns the field label. This can be either the given default label or an override value from profile.
- isBooleanConfigOptionSet() : bool
- Returns if the given configuration option is set.
- mapSimpleUploadField() : mixed
- Maps simple upload fields directly to LDAP attribute values.
- processMultiValueInputTextField() : mixed
- Validates a multi-value text field.
- processMultiValueSelectField() : mixed
- Validates a multi-value select field.
- processSimpleTextInput() : mixed
- Validates a text field.
- ajaxDeleteSelfServicePhoto() : mixed
- Manages the deletion of a photo.
- ajaxDeleteSelfServiceUserCertificate() : mixed
- Manages the deletion of a certificate.
- ajaxUploadCert() : mixed
- Handles an AJAX certificate file upload and prints the JSON result.
- ajaxUploadPhoto() : mixed
- Handles an AJAX photo file upload and prints the JSON result.
- checkUploadRegex() : value
- Checks the upload value against a list of regular expressions.
- emailExists() : bool
- Checks if the given email address already exists in LDAP.
- getSelfServicePhoto() : htmlResponsiveRow
- Renders the photo area for self service.
- getSelfServicePhotoJS() : htmlJavaScript
- Returns the Java Script functions to manage the photo.
- getSelfServiceUserCertificates() : htmlTable
- Returns the meta HTML code to display the certificate area.
- getSelfServiceUserCertificatesJSBlock() : htmlJavaScript
- Returns the Java Script functions to manage the certificates.
- initCache() : mixed
- Loads cached data from LDAP such as departmets etc.
- isAdminReadOnly() : bool
- Returns if the attribute is read-only in admin interface.
- isSamba3Active() : bool
- Returns if the Samba 3 module is also active.
- isUnixActive() : bool
- Returns if the Unix module is also active.
- resizeAndConvertImage() : array<string|int, mixed>
- Resizes the given image data to the settings provided.
- setExopPassword() : array<string|int, mixed>
- Sets the password via ldap_exop if configured.
- uploadPhoto() : array<string|int, mixed>
- Uploads the photo file.
Constants
ATTRIBUTES_TO_IGNORE_ON_COPY_DEFAULT
These attributes will be ignored by default if a new account is copied from an existing one.
public
mixed
ATTRIBUTES_TO_IGNORE_ON_COPY_DEFAULT
= array('uid', 'uidNumber', 'gid', 'gidNumber', 'cn', 'userpassword', 'sn', 'givenName', 'initials', 'telephoneNumber', 'homePhone', 'mobile', 'facsimileTelephoneNumber', 'pager', 'mail', 'employeeNumber', 'userCertificate;binary', 'userCertificate', 'homeDirectory', 'unixHomeDirectory', 'jpegPhoto')
SESS_CERTIFICATES_LIST
session variable for existing user certificates in self service
public
mixed
SESS_CERTIFICATES_LIST
= 'inetOrgPerson_certificatesList'
SESS_PHOTO
session variable for existing user certificates in self service
public
mixed
SESS_PHOTO
= 'inetOrgPerson_jpegPhoto'
STATUS_PASSWORD_LOCKED
ID for locked password status.
public
mixed
STATUS_PASSWORD_LOCKED
= "INETORG_PERSON_PASSWORD_LOCKED"
Properties
$attributes
contains all ldap attributes which should be written
protected
mixed
$attributes
$autoAddObjectClasses
if true, managed object classes are added when an account is created or loaded (default: true)
protected
mixed
$autoAddObjectClasses
= \true
$messages
contains all error messages of a module
protected
mixed
$messages
$meta
includes all meta data provided by the sub class
protected
mixed
$meta
$moduleSettings
configuration settings of all modules
protected
mixed
$moduleSettings
$orig
contains all ldap attributes which are loaded from ldap
protected
mixed
$orig
$selfServiceSettings
self service profile with settings of all modules
protected
selfServiceProfile
$selfServiceSettings
profile
$base
name of parent accountContainer ($_SESSION[$base])
private
mixed
$base
$businessCategoryCache
business category cache
private
mixed
$businessCategoryCache
$clearTextPassword
clear text password
private
mixed
$clearTextPassword
$departmentCache
cache for departments
private
mixed
$departmentCache
$emailCheckCache
email cache
private
mixed
$emailCheckCache
$employeeTypeCache
employee type cache
private
mixed
$employeeTypeCache
$oCache
organization cache
private
mixed
$oCache
$ouCache
organizational unit cache
private
mixed
$ouCache
$scope
the account type of this module (user, group, host)
private
mixed
$scope
$titleCache
title cache
private
mixed
$titleCache
Methods
__construct()
Creates a new base module class
public
__construct(string $scope) : mixed
Parameters
- $scope : string
-
the account type (user, group, host)
Return values
mixed —accountStatusPerformLock()
Locks the account with the given lock IDs.
public
accountStatusPerformLock(ConfiguredType $type, array<string|int, mixed>|null &$attributes, array<string|int, mixed> $lockIds) : void
Parameters
- $type : ConfiguredType
-
type
- $attributes : array<string|int, mixed>|null
-
LDAP attributes
- $lockIds : array<string|int, mixed>
-
IDs from AccountStatusDetails
Tags
Return values
void —accountStatusPerformUnlock()
Unlocks the account with the given lock IDs.
public
accountStatusPerformUnlock(ConfiguredType $type, array<string|int, mixed>|null &$attributes, array<string|int, mixed> $lockIds) : void
Parameters
- $type : ConfiguredType
-
type
- $attributes : array<string|int, mixed>|null
-
LDAP attributes
- $lockIds : array<string|int, mixed>
-
IDs from AccountStatusDetails
Tags
Return values
void —addPasswordQuickChangeAccountDetails()
Adds account details such as first/last name for the current account.
public
addPasswordQuickChangeAccountDetails(htmlResponsiveRow $row) : void
Parameters
- $row : htmlResponsiveRow
-
row where to add content
Tags
Return values
void —addPDFImage()
Adds an image to the PDF.
public
addPDFImage(array<string|int, mixed> &$result, string $attrName) : mixed
Parameters
- $result : array<string|int, mixed>
-
result array (entry will be added here)
- $attrName : string
-
attribute name
Return values
mixed —addPDFKeyValue()
Adds a simple PDF entry with the given key and value.
public
addPDFKeyValue(array<string|int, mixed> &$result, string $name, string $label, mixed $value[, string $delimiter = ', ' ]) : mixed
Parameters
- $result : array<string|int, mixed>
-
result array (entry will be added here)
- $name : string
-
ID
- $label : string
-
label name
- $value : mixed
-
value as String or array
- $delimiter : string = ', '
-
delimiter if value is array (default: ", ")
Return values
mixed —addPDFTable()
Adds a table entry to the PDF.
public
addPDFTable(array<string|int, mixed> &$result, string $name, PDFTable $table) : mixed
Parameters
- $result : array<string|int, mixed>
-
result array (entry will be added here)
- $name : string
-
ID
- $table : PDFTable
-
table
Return values
mixed —build_uploadAccounts()
In this function the LDAP accounts are built.
public
build_uploadAccounts(mixed $rawAccounts, mixed $ids, mixed &$partialAccounts, mixed $selectedModules, mixed &$type) : array<string|int, mixed>
Parameters
- $rawAccounts : mixed
-
the user input data, contains one subarray for each account.
- $ids : mixed
-
list of IDs for column position (e.g. "posixAccount_uid" => 5)
- $partialAccounts : mixed
-
list of hash arrays (name => value) which are later added to LDAP
- $selectedModules : mixed
-
list of selected account modules
- $type : mixed
-
account type
Tags
Return values
array<string|int, mixed> —list of error messages if any
can_manage()
Returns true if this module can manage accounts of the current type, otherwise false.
public
can_manage() : bool
Return values
bool —true if module fits
canSelfServiceFieldBeReadOnly()
Returns if a given self service field can be set in read-only mode.
public
canSelfServiceFieldBeReadOnly(string $fieldID, selfServiceProfile $profile) : bool
Parameters
- $fieldID : string
-
field identifier
- $profile : selfServiceProfile
-
currently edited profile
Return values
bool —may be set read-only
canSelfServiceFieldBeRelabeled()
Returns if a self service field can be relabeled.
public
canSelfServiceFieldBeRelabeled(string $fieldID, selfServiceProfile $profile) : bool
Parameters
- $fieldID : string
-
field ID
- $profile : selfServiceProfile
-
currently edited profile
Return values
bool —may be relabeled
check_configOptions()
Checks input values of module settings.
public
check_configOptions(array<string|int, mixed> $typeIds, array<string|int, mixed> &$options) : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
If the input data is invalid the return value is an array that contains subarrays to build StatusMessages ('message type', 'message head', 'message text').
If no errors occurred the function returns an empty array.
Parameters
- $typeIds : array<string|int, mixed>
-
list of account type ids which are used
- $options : array<string|int, mixed>
-
hash array (option name => value) that contains the input. The option values are all arrays containing one or more elements.
Tags
Return values
array<string|int, mixed> —list of error messages
check_profileOptions()
Checks input values of account profiles.
public
check_profileOptions(mixed $options, mixed $typeId) : array<string|int, mixed>
Parameters
- $options : mixed
-
a hash array (name => value) containing the user input
- $typeId : mixed
-
type id (user, group, host)
Return values
array<string|int, mixed> —list of error messages (array(type, title, text)) to generate StatusMessages, if any
checkGlobalConfigOptions()
Checks the global config options.
public
checkGlobalConfigOptions(array<string|int, mixed> &$options, array<string|int, string> &$messages, array<string|int, string> &$errors) : void
Parameters
- $options : array<string|int, mixed>
-
config options
- $messages : array<string|int, string>
-
info messages can be added here
- $errors : array<string|int, string>
-
error messages can be added here
Return values
void —checkSelfServiceOptions()
Checks if all input values are correct and returns the LDAP attributes which should be changed.
public
checkSelfServiceOptions(string $fields, array<string|int, mixed> $attributes, bool $passwordChangeOnly, array<string|int, mixed> $readOnlyFields) : array<string|int, mixed>
Return values:
messages: array of parameters to create status messages
add: array of attributes to add
del: array of attributes to remove
mod: array of attributes to modify
info: array of values with informational value (e.g. to be used later by pre/postModify actions)
Calling this method does not require the existence of an enclosing .
Parameters
- $fields : string
-
input fields
- $attributes : array<string|int, mixed>
-
LDAP attributes
- $passwordChangeOnly : bool
-
indicates that the user is only allowed to change his password and no LDAP content is readable
- $readOnlyFields : array<string|int, mixed>
-
list of read-only fields
Return values
array<string|int, mixed> —messages and attributes (array('messages' => [], 'add' => array('mail' => array('test@test.com')), 'del' => [], 'mod' => [], 'info' => []))
checkSelfServiceSettings()
Checks if the self service settings are valid.
public
checkSelfServiceSettings(array<string|int, mixed> &$options, selfServiceProfile &$profile) : array<string|int, mixed>
If the input data is invalid the return value is an array that contains arrays to build StatusMessages (message type, message head, message text). If no errors occurred the function returns an empty array.
Parameters
- $options : array<string|int, mixed>
-
hash array (option name => value) that contains the input. The option values are all arrays containing one or more elements.
- $profile : selfServiceProfile
-
self service profile
Return values
array<string|int, mixed> —error messages
delete_attributes()
This function returns an array with the same syntax as save_attributes().
public
delete_attributes() : array<string|int, mixed>
Calling this method requires the existence of an enclosing .
It allows additional LDAP changes when an account is deleted.
Return values
array<string|int, mixed> —of LDAP operations, same as for save_attributes()
display_html_attributes()
Returns the HTML meta data for the main account page.
public
display_html_attributes() : array<string|int, mixed>
Return values
array<string|int, mixed> —HTML meta data
display_html_delete()
This function creates meta HTML code which will be displayed when an account should be deleted.
public
display_html_delete() : htmlElement
Calling this method requires the existence of an enclosing .
This can be used to interact with the user, e.g. should the home directory be deleted? The output
of all modules is displayed on a single page.
Tags
Return values
htmlElement —meta HTML object
display_html_manager()
This function will create the meta HTML code to show a page to change the manager attribute.
public
display_html_manager() : htmlElement
Return values
htmlElement —HTML meta data
display_html_photo()
Displays the photo upload page.
public
display_html_photo() : array<string|int, mixed>
Return values
array<string|int, mixed> —meta HTML code
display_html_userCertificate()
Displays the certificate upload page.
public
display_html_userCertificate() : array<string|int, mixed>
Return values
array<string|int, mixed> —meta HTML code
displaySpecialSelfServicePage()
This function creates meta HTML code to display the module specific page for the self service.
public
displaySpecialSelfServicePage(selfServiceProfile $profile) : htmlElement
Parameters
- $profile : selfServiceProfile
-
self service settings
Tags
Return values
htmlElement —meta HTML object
doUploadPostActions()
This function is responsible to do additional tasks after the account has been created in LDAP (e.g. modifying group memberships, adding Quota etc..).
public
doUploadPostActions(mixed &$data, mixed $ids, mixed $failed, mixed &$temp, mixed &$accounts, mixed $selectedModules, mixed $type) : array<string|int, mixed>
Parameters
- $data : mixed
-
array containing one account in each element
- $ids : mixed
-
maps the column names to keys for the sub arrays (array(<column_name> =>
)) - $failed : mixed
-
list of account numbers which could not be successfully uploaded to LDAP
- $temp : mixed
-
variable to store temporary data between two post actions
- $accounts : mixed
-
list of LDAP entries
- $selectedModules : mixed
-
selected account modules
- $type : mixed
-
account type
Tags
Return values
array<string|int, mixed> —current status
array (
'status' => 'finished' | 'inProgress' // defines if all operations are complete
'progress' => 0..100 // the progress of the operations in percent
'errors' => array // list of arrays which are used to generate StatusMessages
)
doUploadPreActions()
Runs any actions that need to be done before an LDAP entry is created.
public
doUploadPreActions(array<string|int, mixed> $attributes, ConfiguredType $type) : array<string|int, mixed>
Parameters
- $attributes : array<string|int, mixed>
-
LDAP attributes of this entry (attributes are provided as reference, handle modifications of $attributes with care)
- $type : ConfiguredType
-
account type
Return values
array<string|int, mixed> —array which contains status messages. Each entry is an array containing the status message parameters.
get_alias()
Returns an alias name for the module.
public
get_alias() : string
Calling this method does not require the existence of an enclosing .
This function returns a more descriptive string than the class name. Alias names are used for the buttons on the account pages and the module selection in the configuration wizard.
Please take care that your alias name is not too long. It may contain any character but should not include parts that may be interpreted by the browser (e.g. '<' or '>').
If you use different aliases dependent on the account type please make sure that there is a general alias for unknown types.
Tags
Return values
string —alias name
get_configOptions()
Returns a list of configuration options.
public
get_configOptions(mixed $scopes, mixed $allScopes) : mixed
Parameters
- $scopes : mixed
-
account types (user, group, host)
- $allScopes : mixed
-
list of all active account modules and their account type id (module => array(type id))
Tags
Return values
mixed —htmlElement or array of htmlElement
get_dependencies()
This function returns a list with all depending and conflicting modules.
public
get_dependencies() : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
The return value is an array with two sub arrays, "depends" and "conflicts".
All values of the conflict array are string values with module names. All values of the depends
array are either string values with module names or arrays which include only string values with
module names.
If an element of the depends array is itself an array, this means that your module
depends on one of these modules.
Example: return array("depends" => array("posixAccount", array("qmail", "sendmail")), "conflicts" => array("exim"))
Tags
Return values
array<string|int, mixed> —list of dependencies and conflicts
get_help()
This function returns the help entry array for a specific help id.
public
get_help(string $id) : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
The result is an hashtable with the following keys:
- Headline (required)
The headline of this help entry. Can consist of any alphanumeric characters. No HTML/CSS elements are allowed. - Text (required)
The text of the help entry which may contain any alphanumeric characters. - SeeAlso (optional)
A reference to another related web site. It must be an array containing a field called "text" with the link text that should be displayed and a field called "link" which is the link target.
Example:
array('Headline' => 'This is the head line', 'Text' => 'Help content', 'SeeAlso' => array('text' => 'LAM homepage', 'link' => 'http://www.ldap-account-manager.org/'))
Parameters
- $id : string
-
The id string for the help entry needed.
Tags
Return values
array<string|int, mixed> —The desired help entry.
get_ldap_filter()
Returns an LDAP filter for the account lists
public
get_ldap_filter(string $typeId) : string
Calling this method does not require the existence of an enclosing .
Returns an array('or' => '...', 'and' => '...') that is used to build the LDAP filter. Usually, this is used to filter object classes.
All "or" filter parts of the base modules are combined with OR and then combined with the "and" parts.
The resulting LDAP filter will look like this: (&(|(OR1)(OR2)(OR3))(AND1)(AND2)(AND3))
Example: return array('or' => '(objectClass=posixAccount)', 'and' => '(!(uid=*$))')
Parameters
- $typeId : string
-
account type id
Tags
Return values
string —LDAP filter
get_metaData()
Returns meta data that is interpreted by parent class
public
get_metaData() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed> —array with meta data
get_pdfEntries()
Returns the PDF entries for this module.
public
get_pdfEntries(mixed $pdfKeys, mixed $typeId) : array<string|int, PDFEntry>
Parameters
- $pdfKeys : mixed
-
list of PDF keys that are included in document
- $typeId : mixed
-
type id (user, group, host)
Tags
Return values
array<string|int, PDFEntry> —list of key => PDFEntry
get_pdfFields()
Returns a hashtable with all entries that may be printed out in the PDF.
public
get_pdfFields(mixed $typeId) : array<string|int, mixed>
Parameters
- $typeId : mixed
-
type id (user, group, host)
Tags
Return values
array<string|int, mixed> —PDF entries as key => label
get_profileOptions()
This function defines what attributes will be used in the account profiles and their appearance in the profile editor.
public
get_profileOptions(mixed $typeId) : htmlElement
Parameters
- $typeId : mixed
-
type id (user, group, host, ...)
Tags
Return values
htmlElement —meta HTML object
get_RDNAttributes()
Returns a hash array containing a list of possible LDAP attributes that can be used to form the RDN (Relative Distinguished Name).
public
get_RDNAttributes(string $typeId) : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
The returned elements have this form:
Example: return array('uid' => 'normal', 'cn' => 'low')
Parameters
- $typeId : string
-
account type
Tags
Return values
array<string|int, mixed> —list of attributes
get_scope()
Returns the account type of this module (user, group, host)
public
get_scope() : string
Return values
string —account type
get_uploadColumns()
Returns an array containing all input columns for the file upload.
public
get_uploadColumns(mixed $selectedModules, mixed &$type) : array<string|int, mixed>
Parameters
- $selectedModules : mixed
-
list of selected account modules
- $type : mixed
-
account type
Tags
Return values
array<string|int, mixed> —column list
get_uploadPreDepends()
Returns a list of module names which must be processed in building the account before this module.
public
get_uploadPreDepends() : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
The named modules may not be active, LAM will check this automatically.
Tags
Return values
array<string|int, mixed> —list of module names
getAccountStatusDetails()
Returns the list of account status detail lines.
public
getAccountStatusDetails(ConfiguredType $type, array<string|int, mixed>|null &$attributes) : array<string|int, AccountStatusDetails>
Parameters
- $type : ConfiguredType
-
account type
- $attributes : array<string|int, mixed>|null
-
LDAP attributes (use account container attributes if not provided)
Tags
Return values
array<string|int, AccountStatusDetails> —status details
getAccountStatusPossibleLockOptions()
Returns a list of options how the account could be locked.
public
getAccountStatusPossibleLockOptions(ConfiguredType $type, array<string|int, mixed>|null &$attributes) : array<string|int, AccountStatusDetails>
Parameters
- $type : ConfiguredType
-
type
- $attributes : array<string|int, mixed>|null
-
LDAP attributes
Tags
Return values
array<string|int, AccountStatusDetails> —lock options
getAccountStatusRequiredAttributes()
Returns the list of LDAP attributes that must be read to get the account status.
public
getAccountStatusRequiredAttributes(ConfiguredType $type) : array<string|int, mixed>
Parameters
- $type : ConfiguredType
-
type
Tags
Return values
array<string|int, mixed> —attribute names
getAttributes()
Returns the LDAP attributes which are managed in this module.
public
getAttributes() : array<string|int, mixed>
Return values
array<string|int, mixed> —attributes
getButtonStatus()
Controls if the module button the account page is visible and activated.
public
getButtonStatus() : string
Return values
string —status ("enabled", "disabled", "hidden")
getGlobalConfigOptions()
Returns a list of config options for LAM's main configuration.
public
getGlobalConfigOptions(array<string|int, mixed> $currentSettings) : array<string|int, htmlElement>
Parameters
- $currentSettings : array<string|int, mixed>
-
current settings
Return values
array<string|int, htmlElement> —config options
getIcon()
Returns the path to the module icon.
public
getIcon() : unknown
The path must be relative to graphics (e.g. key.png) or an URL (/icons/icon.png or http://server/icon.png). You can also set $this->meta['icon']. The preferred size is 32x32px.
Tags
Return values
unknown —getLDAPAliases()
Returns a list of aliases for LDAP attributes.
public
getLDAPAliases(string $typeId) : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
All alias attributes will be renamed to the given attribute names.
Parameters
- $typeId : string
-
type id (user, group, host)
Tags
Return values
array<string|int, mixed> —list of aliases like array("alias name" => "attribute name")
getLinkToSpecialSelfServicePage()
This allows modules to create a link to a module specific page for the self service.
public
getLinkToSpecialSelfServicePage(array<string|int, mixed> $settings) : string
The link is shown on the login page of the self service. You can use this to provide e.g. a page to reset passwords.
Parameters
- $settings : array<string|int, mixed>
-
self service settings
Return values
string —link text (null if no special page used)
getListAttributeDescriptions()
Returns a list of attribute descriptions for the account list.
public
getListAttributeDescriptions(ConfiguredType $type) : array<string|int, mixed>
Parameters
- $type : ConfiguredType
-
type
Tags
Return values
array<string|int, mixed> —attribute name => description label
getListFilterFunction()
Returns a callable if there should be a custom filtering for the given attribute name.
public
getListFilterFunction(string $attributeName) : callable|null
Parameters
- $attributeName : string
-
attribute name
Return values
callable|null —custom function for filtering (?array $values, ?string $filterValue)
getListRenderFunction()
Returns a callable if there should be a custom display for the given attribute name.
public
getListRenderFunction(string $attributeName) : callable|null
Parameters
- $attributeName : string
-
attribute name
Tags
Return values
callable|null —custom function for rendering (array $entry, string $attribute)
getManagedAttributes()
Returns a list of LDAP attributes which are managed by this module.
public
getManagedAttributes(mixed $typeId) : array<string|int, mixed>
Parameters
- $typeId : mixed
-
type id (user, group, host)
Tags
Return values
array<string|int, mixed> —list of attributes
getManagedHiddenAttributes()
Returns a list of operational LDAP attributes which are managed by this module and need to be explicitly set for LDAP search.
public
getManagedHiddenAttributes(string $typeId) : array<string|int, mixed>
Parameters
- $typeId : string
-
account type id
Tags
Return values
array<string|int, mixed> —list of hidden attributes
getManagedObjectClasses()
Returns a list of managed object classes for this module.
public
getManagedObjectClasses(string $typeId) : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
This is used to fix spelling errors in LDAP-Entries (e.g. if "posixACCOUNT" is read instead of "posixAccount" from LDAP).
Example: return array('posixAccount')
Parameters
- $typeId : string
-
type id (user, group, host)
Tags
Return values
array<string|int, mixed> —list of object classes
getOriginalAttributes()
Returns the LDAP attributes which are managed in this module (with unchanged values).
public
getOriginalAttributes() : array<string|int, mixed>
Return values
array<string|int, mixed> —attributes
getPasswordQuickChangeChanges()
Returns a list of LDAP attribute changes to perform.
public
getPasswordQuickChangeChanges(string $password) : array<string|int, mixed>
Parameters
- $password : string
-
new password
Tags
Return values
array<string|int, mixed> —LDAP attribute values (attr_name => array(attr_value))
getPasswordQuickChangeIsPasswordInHistory()
Returns if the password is not same as an old password from history.
public
getPasswordQuickChangeIsPasswordInHistory(string $password) : bool
Parameters
- $password : string
-
new password
Tags
Return values
bool —is in history
getPasswordQuickChangeOptions()
Returns a list of password quick change options.
public
getPasswordQuickChangeOptions() : array<string|int, PasswordQuickChangeOption>
Tags
Return values
array<string|int, PasswordQuickChangeOption> —options
getPasswordQuickChangePasswordStrengthAttributes()
Returns additional attribute values to check when password strength is validated.
public
getPasswordQuickChangePasswordStrengthAttributes() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed> —attribute values
getPasswordQuickChangePasswordStrengthUserName()
Returns the user name if known to be validated for password strength.
public
getPasswordQuickChangePasswordStrengthUserName() : string|null
Tags
Return values
string|null —user name
getRequiredExtensions()
This function returns a list of PHP extensions (e.g. hash) which are needed by this module.
public
getRequiredExtensions() : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
Tags
Return values
array<string|int, mixed> —extensions
getSelfServiceFields()
Returns a list of possible input fields and their descriptions.
public
getSelfServiceFields() : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
Format: array(
Tags
Return values
array<string|int, mixed> —fields
getSelfServiceOptions()
Returns the meta HTML code for each input field.
public
getSelfServiceOptions(array<string|int, mixed> $fields, array<string|int, mixed> $attributes, bool $passwordChangeOnly, array<string|int, mixed> $readOnlyFields) : array<string|int, mixed>
format: array(
Parameters
- $fields : array<string|int, mixed>
-
list of active fields
- $attributes : array<string|int, mixed>
-
attributes of LDAP account
- $passwordChangeOnly : bool
-
indicates that the user is only allowed to change his password and no LDAP content is readable
- $readOnlyFields : array<string|int, mixed>
-
list of read-only fields
Return values
array<string|int, mixed> —list of meta HTML elements (field name => htmlResponsiveRow)
getSelfServiceSearchAttributes()
This function returns a list of possible LDAP attributes (e.g. uid, cn, ...) which can be used to search for LDAP objects.
public
getSelfServiceSearchAttributes() : array<string|int, mixed>
Calling this method does not require the existence of an enclosing .
Tags
Return values
array<string|int, mixed> —attributes
getSelfServiceSettings()
Returns a list of self service configuration settings.
public
getSelfServiceSettings(selfServiceProfile $profile) : htmlElement
Parameters
- $profile : selfServiceProfile
-
currently edited profile
Return values
htmlElement —meta HTML object
getSupportedJobs()
Returns a list of jobs that can be run.
public
getSupportedJobs(LAMConfig &$config) : mixed
Parameters
- $config : LAMConfig
-
configuration
Return values
mixed —getWildCardReplacements()
Returns a list of wildcards that can be replaced in input fields.
public
getWildCardReplacements() : array<string|int, mixed>
Return values
array<string|int, mixed> —replacements as wildcard => value
handleAjaxRequest()
Manages AJAX requests.
public
handleAjaxRequest() : mixed
This function may be called with or without an account container.
Return values
mixed —hasOnlyVirtualChildren()
Defines if the LDAP entry has only virtual child entries. This is the case for e.g. LDAP views.
public
hasOnlyVirtualChildren() : bool
Return values
bool —has only virtual children
init()
Initializes the module after it became part of an {@link accountContainer}
public
init(string $base) : mixed
Calling this method requires the existence of an enclosing .
Parameters
Return values
mixed —invalidAjaxRequest()
Invalid AJAX request received.
public
static invalidAjaxRequest([string $message = null ]) : mixed
Parameters
- $message : string = null
-
error message
Return values
mixed —is_base_module()
Returns true if your module is a base module and otherwise false.
public
is_base_module() : bool
Calling this method does not require the existence of an enclosing .
Every account type needs exactly one base module. A base module manages a structural object class.
E.g. the inetOrgPerson module is a base module since its object class is structural.
Tags
Return values
bool —true if base module (defaults to false if no meta data is provided)
isLocked()
Returns if the password of the current account is locked.
public
isLocked([array<string|int, mixed>|null $attributes = null ]) : bool
Parameters
- $attributes : array<string|int, mixed>|null = null
-
LDAP attribute data
Return values
bool —password is locked
load_attributes()
This function loads the LDAP attributes when an account should be loaded.
public
load_attributes(array<string|int, mixed> $attributes) : mixed
Calling this method requires the existence of an enclosing .
By default this method loads the object classes and accounts which are specified in
and .
Parameters
- $attributes : array<string|int, mixed>
-
array like the array returned by get_ldap_attributes(dn of account) but without count indices
Return values
mixed —load_Messages()
This function fills the message array.
public
load_Messages() : mixed
Return values
mixed —load_profile()
Loads the values of an account profile into internal variables.
public
load_profile(array<string|int, mixed> $profile) : mixed
Parameters
- $profile : array<string|int, mixed>
-
hash array with profile values (identifier => value)
Return values
mixed —loadAttributesFromAccountCopy()
Loads the LDAP data from an account to copy.
public
loadAttributesFromAccountCopy(array<string|int, mixed> $ldapAttributes[, array<string|int, mixed> $attributesToIgnore = [] ]) : void
Parameters
- $ldapAttributes : array<string|int, mixed>
-
LDAP attributes of copy
- $attributesToIgnore : array<string|int, mixed> = []
-
list of attributes to ignore during load (defaults to self::ATTRIBUTES_TO_IGNORE_ON_COPY_DEFAULT)
Return values
void —managesPasswordAttributes()
This method specifies if a module manages password attributes.
public
managesPasswordAttributes() : bool
Tags
Return values
bool —true if this module manages password attributes
module_complete()
This functions return true if all needed settings are done.
public
module_complete() : bool
Return values
bool —true, if all is ok
module_ready()
This function is used to check if this module page can be displayed.
public
module_ready() : bool
Calling this method requires the existence of an enclosing .
Your module might depend on input of other modules. This function determines if the user
can change to your module page or not. The return value is true if your module accepts
input, otherwise false.
This method's return value defaults to true.
Return values
bool —true, if page can be displayed
passwordChangeRequested()
This function is called whenever the password should be changed. Account modules must change their password attributes only if the modules list contains their module name.
public
passwordChangeRequested(string $password, array<string|int, mixed> $modules, bool $forcePasswordChange) : array<string|int, mixed>
Parameters
- $password : string
-
new password
- $modules : array<string|int, mixed>
-
list of modules for which the password should be changed
- $forcePasswordChange : bool
-
force the user to change his password at next login
Tags
Return values
array<string|int, mixed> —list of error messages if any as parameter array for StatusMessage e.g. return array(array('ERROR', 'Password change failed.'))
postDeleteActions()
Allows the module to run commands after the LDAP entry is deleted.
public
postDeleteActions() : array<string|int, mixed>
Calling this method requires the existence of an enclosing .
Return values
array<string|int, mixed> —Array which contains status messages. Each entry is an array containing the status message parameters.
postModifyActions()
Runs the postmodify actions.
public
postModifyActions(bool $newAccount, array<string|int, mixed> $attributes) : array<string|int, mixed>
Parameters
- $newAccount : bool
- $attributes : array<string|int, mixed>
-
LDAP attributes of this entry
Tags
Return values
array<string|int, mixed> —array which contains status messages. Each entry is an array containing the status message parameters.
postModifySelfService()
Allows the module to run commands after the LDAP entry is changed or created.
public
postModifySelfService(bool $newAccount, array<string|int, mixed> $attributes) : bool
Parameters
- $newAccount : bool
-
is new account or existing one
- $attributes : array<string|int, mixed>
-
LDAP attributes of this entry
Return values
bool —true, if no problems occurred
preDeleteActions()
Allows the module to run commands before the LDAP entry is deleted.
public
preDeleteActions() : array<string|int, mixed>
Calling this method requires the existence of an enclosing .
Return values
array<string|int, mixed> —Array which contains status messages. Each entry is an array containing the status message parameters.
preModifyActions()
Allows the module to run commands before the LDAP entry is changed or created.
public
preModifyActions(bool $newAccount, array<string|int, mixed> &$attributes) : array<string|int, mixed>
Calling this method requires the existence of an enclosing .
The modification is aborted if an error message is returned.
Parameters
- $newAccount : bool
-
new account
- $attributes : array<string|int, mixed>
-
LDAP attributes of this entry (added/modified attributes are provided as reference, handle modifications of $attributes with care)
Return values
array<string|int, mixed> —array which contains status messages. Each entry is an array containing the status message parameters.
preModifySelfService()
Allows the module to run commands before the LDAP entry is changed or created.
public
preModifySelfService(bool $newAccount, array<string|int, mixed> $attributes) : bool
An error message should be printed if the function returns false.
Parameters
- $newAccount : bool
-
is new account or existing one
- $attributes : array<string|int, mixed>
-
LDAP attributes of this entry
Return values
bool —true, if no problems occurred
process_attributes()
Processes user input of the primary module page.
public
process_attributes() : array<string|int, mixed>
It checks if all input values are correct and updates the associated LDAP attributes.
Return values
array<string|int, mixed> —list of info/error messages
process_manager()
Processes user input of the manager page.
public
process_manager() : array<string|int, mixed>
It checks if all input values are correct and updates the associated LDAP attributes.
Return values
array<string|int, mixed> —list of info/error messages
process_photo()
Sets a new photo.
public
process_photo() : array<string|int, mixed>
Return values
array<string|int, mixed> —list of error messages if any
process_userCertificate()
Sets a new certificate or deletes old ones.
public
process_userCertificate() : array<string|int, mixed>
Return values
array<string|int, mixed> —list of info/error messages
runGlobalCronActions()
Runs any global cron actions.
public
runGlobalCronActions(bool $isDryRun) : void
Parameters
- $isDryRun : bool
-
dry-run active
Tags
Return values
void —save_attributes()
Returns a list of modifications which have to be made to the LDAP account.
public
save_attributes() : array<string|int, mixed>
Return values
array<string|int, mixed> —list of modifications
This function returns an array with 3 entries:
array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
"add" are attributes which have to be added to LDAP entry
"remove" are attributes which have to be removed from LDAP entry
"modify" are attributes which have to been modified in LDAP entry
"info" are values with informational value (e.g. to be used later by pre/postModify actions)
supportsAdminInterface()
Specifies if this module supports the LAM admin interface.
public
supportsAdminInterface() : bool
The LAM admin interface are the pages that allow to manage e.g. users and groups. In contrast there is also the LAM self service interface. Most modules support the admin interface.
Return values
bool —support admin interface
supportsForcePasswordChange()
Specifies if this module supports to force that a user must change his password on next login.
public
supportsForcePasswordChange() : bool
Return values
bool —force password change supported
supportsGlobalCronJob()
Specifies if the module supports global cron job actions.
public
supportsGlobalCronJob() : bool
Return values
bool —supports cron
supportsPasswordQuickChangePage()
Specifies if the module support password quick change for the current account.
public
supportsPasswordQuickChangePage() : bool
Tags
Return values
bool —password quick change page supported
addDoubleSelectionArea()
Adds an area with two multi-select fields with buttons to move items from right to left and vice-versa.
protected
addDoubleSelectionArea(htmlResponsiveRow &$container, string $labelFirst, string $labelSecond, array<string|int, string> $optionsFirst, array<string|int, string> $selectedFirst, array<string|int, string> $optionsSecond, array<string|int, string> $selectedSecond, string $namePrefix[, bool $rightToLeftText = false ][, bool $showFilter = false ]) : mixed
The options of the selects must be presorted.
Names:
- First select: $namePrefix_1
- Second select: $namePrefix_2
- Button move left: $namePrefix_left
- Button move right: $namePrefix_right
Parameters
- $container : htmlResponsiveRow
-
row
- $labelFirst : string
-
label of first select
- $labelSecond : string
-
label of second select
- $optionsFirst : array<string|int, string>
-
options of first select ('label' => 'value')
- $selectedFirst : array<string|int, string>
-
selected options of first select
- $optionsSecond : array<string|int, string>
-
options of first select ('label' => 'value')
- $selectedSecond : array<string|int, string>
-
selected options of second select
- $namePrefix : string
-
prefix for select field and button names
- $rightToLeftText : bool = false
-
sets the text direction in select to right to left
- $showFilter : bool = false
-
displays a live filter
Return values
mixed —addMultiValueInputTextField()
Adds a text input field that may contain multiple values to the given htmlResponsiveRow.
protected
addMultiValueInputTextField(htmlResponsiveRow &$container, string $attrName, string $label[, bool $required = false ][, int $length = null ][, bool $isTextArea = false ][, array<string|int, mixed> $autoCompleteValues = null ][, int $fieldSize = null ][, array<string|int, mixed> &$htmlIDs = null ][, string $cssClasses = '' ]) : mixed
The field name will be the same as the attribute name plus a counting number (e.g. street_0). The last field will be followed by a button to add a new value. This is named add_{attribute name} (e.g. add_street). There must be a help entry with the attribute name as ID. A new line will also be added after this entry so multiple calls will show the fields one below the other.
Parameters
- $container : htmlResponsiveRow
-
parent container
- $attrName : string
-
attribute name
- $label : string
-
label name
- $required : bool = false
-
this is a required field (default false)
- $length : int = null
-
field length
- $isTextArea : bool = false
-
show as text area (default false)
- $autoCompleteValues : array<string|int, mixed> = null
-
values for auto-completion
- $fieldSize : int = null
-
field size
- $htmlIDs : array<string|int, mixed> = null
-
reference to array where to add the generated HTML IDs of the input fields
- $cssClasses : string = ''
-
additional CSS classes of input fields
Return values
mixed —addMultiValueSelectField()
Adds a select field type that may contain multiple values to the given htmlTable.
protected
addMultiValueSelectField(htmlResponsiveRow &$container, string $attrName, string $label, array<string|int, mixed> $options[, bool $hasDescriptiveOptions = false ][, bool $required = false ][, int $fieldSize = 1 ][, array<string|int, mixed> &$htmlIDs = null ]) : mixed
The field name will be the same as the attribute name plus a counting number (e.g. street_0). The last field will be followed by a button to add a new value. This is named add_{attribute name} (e.g. add_street). There must be a help entry with the attribute name as ID. A new line will also be added after this entry so multiple calls will show the fields one below the other.
Parameters
- $container : htmlResponsiveRow
-
parent container
- $attrName : string
-
attribute name
- $label : string
-
label name
- $options : array<string|int, mixed>
-
options for the selects
- $hasDescriptiveOptions : bool = false
-
has descriptive options
- $required : bool = false
-
this is a required field (default false)
- $fieldSize : int = 1
-
field size
- $htmlIDs : array<string|int, mixed> = null
-
reference to array where to add the generated HTML IDs of the input fields
Return values
mixed —addMultiValueSelfServiceTextField()
Adds a simple text input field for the self service.
protected
addMultiValueSelfServiceTextField(array<string|int, mixed> &$container, string $name, string $label, array<string|int, mixed> &$fields, array<string|int, mixed> &$attributes, array<string|int, mixed> &$readOnlyFields[, bool $required = false ][, bool $isTextArea = false ][, string $attributeName = null ]) : mixed
The field name will be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn).
Parameters
- $container : array<string|int, mixed>
-
array that is used as return value for getSelfServiceOptions()
- $name : string
-
attribute name (== field name)
- $label : string
-
label to display in front of input field
- $fields : array<string|int, mixed>
-
list of active fields
- $attributes : array<string|int, mixed>
-
attributes of LDAP account
- $readOnlyFields : array<string|int, mixed>
-
list of read-only fields
- $required : bool = false
-
field is required
- $isTextArea : bool = false
-
display as text area
- $attributeName : string = null
-
attribute name (defaults to $name)
Return values
mixed —addSimpleInputTextField()
Adds a simple text input field to the given htmlResponsiveRow.
protected
& addSimpleInputTextField(htmlResponsiveRow &$container, string $attrName, string $label[, bool $required = false ][, int $length = null ][, bool $isTextArea = false ][, array<string|int, mixed> $autoCompleteValues = null ]) : mixed
The field name will be the same as the attribute name. There must also be a help entry with the attribute name as ID. A new line will also be added after this entry so multiple calls will show the fields one below the other.
Parameters
- $container : htmlResponsiveRow
-
parent container
- $attrName : string
-
attribute name
- $label : string
-
label name
- $required : bool = false
-
this is a required field (default false)
- $length : int = null
-
field length
- $isTextArea : bool = false
-
show as text area (default false)
- $autoCompleteValues : array<string|int, mixed> = null
-
values for auto-completion
Return values
mixed —reference to htmlResponsiveInputField/htmlResponsiveInputTextarea
addSimplePDFField()
Adds a simple PDF entry to the given array.
protected
addSimplePDFField(array<string|int, mixed> &$result, string $name, string $label[, string $attrName = null ][, string $delimiter = ', ' ]) : mixed
Parameters
- $result : array<string|int, mixed>
-
result array (entry will be added here)
- $name : string
-
ID
- $label : string
-
label name
- $attrName : string = null
-
attribute name (default: =$name)
- $delimiter : string = ', '
-
delimiter if multiple attribute values exist (default: ", ")
Return values
mixed —addSimpleReadOnlyField()
Adds a simple read-only field to the given container.
protected
addSimpleReadOnlyField(htmlResponsiveRow &$container, string $attrName, string $label) : mixed
Parameters
- $container : htmlResponsiveRow
-
parent container
- $attrName : string
-
attribute name
- $label : string
-
field label
Return values
mixed —addSimpleSelfServiceTextField()
Adds a simple text input field for the self service.
protected
addSimpleSelfServiceTextField(array<string|int, mixed> &$container, string $name, string $label, array<string|int, mixed> &$fields, array<string|int, mixed> &$attributes, array<string|int, mixed> &$readOnlyFields[, bool $required = false ][, bool $isTextArea = false ][, string $attributeName = null ]) : mixed
The field name will be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn).
Parameters
- $container : array<string|int, mixed>
-
array that is used as return value for getSelfServiceOptions()
- $name : string
-
attribute name (== field name)
- $label : string
-
label to display in front of input field
- $fields : array<string|int, mixed>
-
list of active fields
- $attributes : array<string|int, mixed>
-
attributes of LDAP account
- $readOnlyFields : array<string|int, mixed>
-
list of read-only fields
- $required : bool = false
-
field is required
- $isTextArea : bool = false
-
display as text area
- $attributeName : string = null
-
attribute name (defaults to $name)
Return values
mixed —checkMultiValueSelfServiceTextField()
Checks the input value of a self service multi-value text field.
protected
checkMultiValueSelfServiceTextField(array<string|int, mixed> &$container, string $name, array<string|int, mixed> &$attributes, string $fields, array<string|int, mixed> &$readOnlyFields[, string $validationID = null ][, array<string|int, mixed> $validationMessage = null ][, array<string|int, mixed> $requiredMessage = null ][, string $attributeName = null ]) : mixed
The field name must be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn). If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).
Parameters
- $container : array<string|int, mixed>
-
return value of checkSelfServiceOptions()
- $name : string
-
attribute name
- $attributes : array<string|int, mixed>
-
LDAP attributes
- $fields : string
-
input fields
- $readOnlyFields : array<string|int, mixed>
-
list of read-only fields
- $validationID : string = null
-
validation ID for get_preg()
- $validationMessage : array<string|int, mixed> = null
-
validation message data (defaults to $this->messages[$name][0])
- $requiredMessage : array<string|int, mixed> = null
-
message data when no value is set by user (no check if null)
- $attributeName : string = null
-
attribute name (defaults to $name)
Return values
mixed —checkSimpleSelfServiceTextField()
Checks the input value of a self service text field.
protected
checkSimpleSelfServiceTextField(array<string|int, mixed> &$container, string $name, array<string|int, mixed> &$attributes, string $fields, array<string|int, mixed> &$readOnlyFields[, string $validationID = null ][, array<string|int, mixed> $validationMessage = null ][, array<string|int, mixed> $requiredMessage = null ][, string $attributeName = null ]) : mixed
The field name must be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn). If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).
Parameters
- $container : array<string|int, mixed>
-
return value of checkSelfServiceOptions()
- $name : string
-
attribute name
- $attributes : array<string|int, mixed>
-
LDAP attributes
- $fields : string
-
input fields
- $readOnlyFields : array<string|int, mixed>
-
list of read-only fields
- $validationID : string = null
-
validation ID for get_preg()
- $validationMessage : array<string|int, mixed> = null
-
validation message data (defaults to $this->messages[$name][0])
- $requiredMessage : array<string|int, mixed> = null
-
message data when no value is set by user (no check if null)
- $attributeName : string = null
-
attribute name (defaults to $name)
Return values
mixed —getAccountContainer()
Returns the {@link accountContainer} object.
protected
getAccountContainer() : accountContainer|null
Tags
Return values
accountContainer|null —accountContainer object
getSelfServiceLabel()
Returns the field label. This can be either the given default label or an override value from profile.
protected
getSelfServiceLabel(string $fieldID, string $defaultLabel) : string
Parameters
- $fieldID : string
-
field ID
- $defaultLabel : string
-
default label text
Return values
string —label
isBooleanConfigOptionSet()
Returns if the given configuration option is set.
protected
isBooleanConfigOptionSet(string $optionName[, bool $default = false ]) : bool
This function returns false if the configuration options cannot be read.
Parameters
- $optionName : string
-
name of the option
- $default : bool = false
-
default value if config option is not set at all (default: false)
Return values
bool —true if option is set
mapSimpleUploadField()
Maps simple upload fields directly to LDAP attribute values.
protected
mapSimpleUploadField(array<string|int, mixed> &$rawAccounts, array<string|int, mixed> &$ids, array<string|int, mixed> &$partialAccounts, string $position, string $colName, string $attrName[, string|array<string|int, string> $regex = null ][, array<string|int, mixed> $message = [] ][, array<string|int, mixed> &$errors = [] ][, string $regexSplit = null ]) : mixed
Parameters
- $rawAccounts : array<string|int, mixed>
-
the user input data, contains one subarray for each account.
- $ids : array<string|int, mixed>
-
list of IDs for column position (e.g. "posixAccount_uid" => 5)
- $partialAccounts : array<string|int, mixed>
-
list of hash arrays (name => value) which are later added to LDAP
- $position : string
-
current position in CSV
- $colName : string
-
column name
- $attrName : string
-
LDAP attribute name
- $regex : string|array<string|int, string> = null
-
for get_preg() (e.g. 'ascii')
- $message : array<string|int, mixed> = []
-
error message to add if regex does not match
- $errors : array<string|int, mixed> = []
-
list of error messages if any
- $regexSplit : string = null
-
multiple values are separated and can be split with this preg_split expression (e.g. "/;[ ]?/")
Return values
mixed —processMultiValueInputTextField()
Validates a multi-value text field.
protected
processMultiValueInputTextField(string $attrName, array<string|int, mixed> &$errors[, string $validationID = null ][, bool $required = false ]) : mixed
The input fields must be created with function addMultiValueInputTextField(). If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).
Parameters
- $attrName : string
-
attribute name
- $errors : array<string|int, mixed>
-
errors array where to put validation errors
- $validationID : string = null
-
validation ID for function get_preg() (default: null, null means no validation)
- $required : bool = false
-
the field is required (default: false)
Return values
mixed —processMultiValueSelectField()
Validates a multi-value select field.
protected
processMultiValueSelectField(string $attrName) : mixed
The select fields must be created with function addMultiValueSelectField().
Parameters
- $attrName : string
-
attribute name
Return values
mixed —processSimpleTextInput()
Validates a text field.
protected
processSimpleTextInput(string $attrName, array<string|int, mixed> &$errors[, bool $required = false ][, string $validationID = null ]) : mixed
If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).
Parameters
- $attrName : string
-
attribute name
- $errors : array<string|int, mixed>
-
errors array where to put validation errors
- $required : bool = false
-
value required
- $validationID : string = null
-
validation ID for function get_preg() (default: null, null means no validation)
Return values
mixed —ajaxDeleteSelfServicePhoto()
Manages the deletion of a photo.
private
ajaxDeleteSelfServicePhoto() : mixed
Return values
mixed —ajaxDeleteSelfServiceUserCertificate()
Manages the deletion of a certificate.
private
ajaxDeleteSelfServiceUserCertificate(array<string|int, mixed> $data) : mixed
Parameters
- $data : array<string|int, mixed>
-
JSON data
Return values
mixed —ajaxUploadCert()
Handles an AJAX certificate file upload and prints the JSON result.
private
ajaxUploadCert() : mixed
Return values
mixed —ajaxUploadPhoto()
Handles an AJAX photo file upload and prints the JSON result.
private
ajaxUploadPhoto() : mixed
Return values
mixed —checkUploadRegex()
Checks the upload value against a list of regular expressions.
private
checkUploadRegex(array<string|int, string> $regexIDs, string $value, array<string|int, mixed> $message, int $position, array<string|int, mixed> &$errors) : value
Parameters
- $regexIDs : array<string|int, string>
-
regular expression IDs for get_preg()
- $value : string
-
value to check
- $message : array<string|int, mixed>
-
error message array if not matching
- $position : int
-
upload position
- $errors : array<string|int, mixed>
-
error messages
Tags
Return values
value —is ok
emailExists()
Checks if the given email address already exists in LDAP.
private
emailExists(string $mail) : bool
Parameters
- $mail : string
-
email address
Return values
bool —true if already exists
getSelfServicePhoto()
Renders the photo area for self service.
private
getSelfServicePhoto(bool $readOnly, bool $crop) : htmlResponsiveRow
Parameters
- $readOnly : bool
-
content is read-only
- $crop : bool
-
enable cropping
Tags
Return values
htmlResponsiveRow —content
getSelfServicePhotoJS()
Returns the Java Script functions to manage the photo.
private
static getSelfServicePhotoJS(bool $readOnly) : htmlJavaScript
Parameters
- $readOnly : bool
-
content is read-only
Return values
htmlJavaScript —JS block
getSelfServiceUserCertificates()
Returns the meta HTML code to display the certificate area.
private
getSelfServiceUserCertificates() : htmlTable
This also includes the file upload.
Tags
Return values
htmlTable —certificate content
getSelfServiceUserCertificatesJSBlock()
Returns the Java Script functions to manage the certificates.
private
static getSelfServiceUserCertificatesJSBlock() : htmlJavaScript
Return values
htmlJavaScript —JS block
initCache()
Loads cached data from LDAP such as departmets etc.
private
initCache() : mixed
Return values
mixed —isAdminReadOnly()
Returns if the attribute is read-only in admin interface.
private
isAdminReadOnly(string $attrName) : bool
Parameters
- $attrName : string
-
attribute name
Return values
bool —attribute is read-only
isSamba3Active()
Returns if the Samba 3 module is also active.
private
isSamba3Active([array<string|int, string> $modules = null ]) : bool
Parameters
- $modules : array<string|int, string> = null
-
active account modules
Return values
bool —Samba 3 is active
isUnixActive()
Returns if the Unix module is also active.
private
isUnixActive([array<string|int, string> $modules = null ]) : bool
Parameters
- $modules : array<string|int, string> = null
-
active account modules
Return values
bool —Unix is active
resizeAndConvertImage()
Resizes the given image data to the settings provided.
private
static resizeAndConvertImage(array<string|int, mixed> $data, array<string|int, mixed> $settings) : array<string|int, mixed>
Parameters
- $data : array<string|int, mixed>
-
binary image data
- $settings : array<string|int, mixed>
-
settings
Return values
array<string|int, mixed> —binary image data
setExopPassword()
Sets the password via ldap_exop if configured.
private
setExopPassword(array<string|int, mixed> $settings) : array<string|int, mixed>
Parameters
- $settings : array<string|int, mixed>
-
settings
Return values
array<string|int, mixed> —error message parameters if any
uploadPhoto()
Uploads the photo file.
private
uploadPhoto() : array<string|int, mixed>
Return values
array<string|int, mixed> —error messages if any