LDAP Account Manager

posixGroup extends baseModule
in package
implements passwordService

Manages the object class "posixGroup" for groups.

Interfaces, Classes, Traits and Enums

passwordService
This interface needs to be implemented by all account modules which manage passwords.

Table of Contents

ATTRIBUTES_TO_IGNORE_ON_COPY_DEFAULT  = array('uid', 'uidNumber', 'gid', 'gidNumber', 'cn', 'userpassword', 'sn', 'givenName', 'initials', 'telephoneNumber', 'homePhone', 'mobile', 'facsimileTelephoneNumber', 'pager', 'mail', 'employeeNumber', 'userCertificate;binary', 'userCertificate', 'homeDirectory', 'unixHomeDirectory', 'jpegPhoto')
These attributes will be ignored by default if a new account is copied from an existing one.
$attributes  : mixed
contains all ldap attributes which should be written
$autoAddObjectClasses  : mixed
if true, managed object classes are added when an account is created or loaded (default: true)
$changegids  : mixed
change GIDs of users and hosts?
$messages  : mixed
contains all error messages of a module
$meta  : mixed
includes all meta data provided by the sub class
$moduleSettings  : mixed
configuration settings of all modules
$orig  : mixed
contains all ldap attributes which are loaded from ldap
$passwordAttrName  : mixed
password attribute
$selfServiceSettings  : selfServiceProfile
self service profile with settings of all modules
$base  : mixed
name of parent accountContainer ($_SESSION[$base])
$cachedGIDList  : mixed
cache for existing GID numbers
$cachedGroupNameList  : mixed
cache for existing groups
$cachedUserToGIDList  : mixed
cache for existing users and their GIDs
$scope  : mixed
the account type of this module (user, group, host)
__construct()  : mixed
Creates a new base module class
addPasswordQuickChangeAccountDetails()  : void
Adds account details such as first/last name for the current account.
addPDFImage()  : mixed
Adds an image to the PDF.
addPDFKeyValue()  : mixed
Adds a simple PDF entry with the given key and value.
addPDFTable()  : mixed
Adds a table entry to the PDF.
build_uploadAccounts()  : array<string|int, mixed>
In this function the LDAP accounts are built.
can_manage()  : bool
Returns true if this module can manage accounts of the current type, otherwise false.
canSelfServiceFieldBeReadOnly()  : bool
Returns if a given self service field can be set in read-only mode.
canSelfServiceFieldBeRelabeled()  : bool
Returns if a self service field can be relabeled.
check_configOptions()  : array<string|int, mixed>
Checks input values of module settings.
check_profileOptions()  : array<string|int, mixed>
Checks input values of account profiles.
checkGlobalConfigOptions()  : void
Checks the global config options.
checkSelfServiceOptions()  : array<string|int, mixed>
Checks if all input values are correct and returns the LDAP attributes which should be changed.
checkSelfServiceSettings()  : array<string|int, mixed>
Checks if the self service settings are valid.
delete_attributes()  : array<string|int, mixed>
This function returns an array with the same syntax as save_attributes().
display_html_attributes()  : array<string|int, mixed>
Returns the HTML meta data for the main account page.
display_html_delete()  : htmlElement
This function creates meta HTML code which will be displayed when an account should be deleted.
display_html_user()  : array<string|int, mixed>
Displays selections to add or remove users from current group.
displaySpecialSelfServicePage()  : htmlElement
This function creates meta HTML code to display the module specific page for the self service.
doUploadPostActions()  : array<string|int, mixed>
This function is responsible to do additional tasks after the account has been created in LDAP (e.g. modifying group memberships, adding Quota etc..).
doUploadPreActions()  : array<string|int, mixed>
Runs any actions that need to be done before an LDAP entry is created.
get_alias()  : string
Returns an alias name for the module.
get_configOptions()  : mixed
Returns a list of configuration options.
get_dependencies()  : array<string|int, mixed>
This function returns a list with all depending and conflicting modules.
get_help()  : array<string|int, mixed>
This function returns the help entry array for a specific help id.
get_ldap_filter()  : string
Returns an LDAP filter for the account lists
get_metaData()  : array<string|int, mixed>
Returns meta data that is interpreted by parent class
get_pdfEntries()  : array<string|int, PDFEntry>
Returns the PDF entries for this module.
get_pdfFields()  : array<string|int, mixed>
Returns a hashtable with all entries that may be printed out in the PDF.
get_profileOptions()  : htmlElement
This function defines what attributes will be used in the account profiles and their appearance in the profile editor.
get_RDNAttributes()  : array<string|int, mixed>
Returns a hash array containing a list of possible LDAP attributes that can be used to form the RDN (Relative Distinguished Name).
get_scope()  : string
Returns the account type of this module (user, group, host)
get_uploadColumns()  : array<string|int, mixed>
Returns an array containing all input columns for the file upload.
get_uploadPreDepends()  : array<string|int, mixed>
Returns a list of module names which must be processed in building the account before this module.
getAttributes()  : array<string|int, mixed>
Returns the LDAP attributes which are managed in this module.
getButtonStatus()  : string
Controls if the module button the account page is visible and activated.
getGlobalConfigOptions()  : array<string|int, htmlElement>
Returns a list of config options for LAM's main configuration.
getIcon()  : unknown
Returns the path to the module icon.
getLDAPAliases()  : array<string|int, mixed>
Returns a list of aliases for LDAP attributes.
getLinkToSpecialSelfServicePage()  : string
This allows modules to create a link to a module specific page for the self service.
getListAttributeDescriptions()  : array<string|int, mixed>
Returns a list of attribute descriptions for the account list.
getListFilterFunction()  : callable|null
Returns a callable if there should be a custom filtering for the given attribute name.
getListRenderFunction()  : callable|null
Returns a callable if there should be a custom display for the given attribute name.
getManagedAttributes()  : array<string|int, mixed>
Returns a list of LDAP attributes which are managed by this module.
getManagedHiddenAttributes()  : array<string|int, mixed>
Returns a list of operational LDAP attributes which are managed by this module and need to be explicitly set for LDAP search.
getManagedObjectClasses()  : array<string|int, mixed>
Returns a list of managed object classes for this module.
getNextGIDs()  : mixed
Returns one or more free GID numbers.
getOriginalAttributes()  : array<string|int, mixed>
Returns the LDAP attributes which are managed in this module (with unchanged values).
getPasswordQuickChangeChanges()  : array<string|int, mixed>
Returns a list of LDAP attribute changes to perform.
getPasswordQuickChangeIsPasswordInHistory()  : bool
Returns if the password is not same as an old password from history.
getPasswordQuickChangeOptions()  : array<string|int, PasswordQuickChangeOption>
Returns a list of password quick change options.
getPasswordQuickChangePasswordStrengthAttributes()  : array<string|int, mixed>
Returns additional attribute values to check when password strength is validated.
getPasswordQuickChangePasswordStrengthUserName()  : string|null
Returns the user name if known to be validated for password strength.
getRequiredExtensions()  : array<string|int, mixed>
This function returns a list of PHP extensions (e.g. hash) which are needed by this module.
getSelfServiceFields()  : array<string|int, mixed>
Returns a list of possible input fields and their descriptions.
getSelfServiceOptions()  : array<string|int, mixed>
Returns the meta HTML code for each input field.
getSelfServiceSearchAttributes()  : array<string|int, mixed>
This function returns a list of possible LDAP attributes (e.g. uid, cn, ...) which can be used to search for LDAP objects.
getSelfServiceSettings()  : htmlElement
Returns a list of self service configuration settings.
getSupportedJobs()  : mixed
Returns a list of jobs that can be run.
getWildCardReplacements()  : array<string|int, mixed>
Returns a list of wildcards that can be replaced in input fields.
handleAjaxRequest()  : mixed
Manages AJAX requests.
hasOnlyVirtualChildren()  : bool
Defines if the LDAP entry has only virtual child entries. This is the case for e.g. LDAP views.
init()  : mixed
This function will be called when the module will be loaded
is_base_module()  : bool
Returns true if your module is a base module and otherwise false.
load_attributes()  : mixed
This function loads the LDAP attributes when an account should be loaded.
load_Messages()  : mixed
This function fills the $messages variable with output messages from this module.
load_profile()  : mixed
Loads the values of an account profile into internal variables.
loadAttributesFromAccountCopy()  : void
Loads the LDAP data from an account to copy.
managesPasswordAttributes()  : bool
This method specifies if a module manages password attributes.
module_complete()  : bool
This functions is used to check if all settings for this module have been made.
module_ready()  : bool
This function is used to check if this module page can be displayed.
passwordChangeRequested()  : array<string|int, mixed>
This function is called whenever the password should be changed. Account modules must change their password attributes only if the modules list contains their module name.
postDeleteActions()  : array<string|int, mixed>
Allows the module to run commands after the LDAP entry is deleted.
postModifyActions()  : array<string|int, mixed>
Allows the module to run commands after the LDAP entry is changed or created.
postModifySelfService()  : bool
Allows the module to run commands after the LDAP entry is changed or created.
preDeleteActions()  : array<string|int, mixed>
Allows the module to run commands before the LDAP entry is deleted.
preModifyActions()  : array<string|int, mixed>
Allows the module to run commands before the LDAP entry is changed or created.
preModifySelfService()  : bool
Allows the module to run commands before the LDAP entry is changed or created.
process_attributes()  : array<string|int, mixed>
Processes user input of the primary module page.
process_user()  : array<string|int, mixed>
Processes user input of the user selection page.
runGlobalCronActions()  : void
Runs any global cron actions.
save_attributes()  : array<string|int, mixed>
Returns a list of modifications which have to be made to the LDAP account.
supportsAdminInterface()  : bool
Specifies if this module supports the LAM admin interface.
supportsForcePasswordChange()  : bool
Specifies if this module supports to force that a user must change his password on next login.
supportsGlobalCronJob()  : bool
Specifies if the module supports global cron job actions.
supportsPasswordQuickChangePage()  : bool
Specifies if the module support password quick change for the current account.
addAccountSpecificConfigOptions()  : mixed
Adds the account specific options to the config container.
addDoubleSelectionArea()  : mixed
Adds an area with two multi-select fields with buttons to move items from right to left and vice-versa.
addMultiValueInputTextField()  : mixed
Adds a text input field that may contain multiple values to the given htmlResponsiveRow.
addMultiValueSelectField()  : mixed
Adds a select field type that may contain multiple values to the given htmlTable.
addMultiValueSelfServiceTextField()  : mixed
Adds a simple text input field for the self service.
addSimpleInputTextField()  : mixed
Adds a simple text input field to the given htmlResponsiveRow.
addSimplePDFField()  : mixed
Adds a simple PDF entry to the given array.
addSimpleReadOnlyField()  : mixed
Adds a simple read-only field to the given container.
addSimpleSelfServiceTextField()  : mixed
Adds a simple text input field for the self service.
checkMultiValueSelfServiceTextField()  : mixed
Checks the input value of a self service multi-value text field.
checkSimpleSelfServiceTextField()  : mixed
Checks the input value of a self service text field.
getAccountContainer()  : accountContainer|null
Returns the {@link accountContainer} object.
getSelfServiceLabel()  : string
Returns the field label. This can be either the given default label or an override value from profile.
getUsers()  : array<string|int, mixed>
Returns a list of existing users and their GID numbers and cn.
isBooleanConfigOptionSet()  : bool
Returns if the given configuration option is set.
manageCnAndDescription()  : bool
Returns if cn and description attributes should be managed.
mapSimpleUploadField()  : mixed
Maps simple upload fields directly to LDAP attribute values.
processMultiValueInputTextField()  : mixed
Validates a multi-value text field.
processMultiValueSelectField()  : mixed
Validates a multi-value select field.
processSimpleTextInput()  : mixed
Validates a text field.
syncGon()  : array<string|int, mixed>
Syncs with group of names members.
syncWindows()  : array<string|int, mixed>
Syncs with Windows.
checkUploadRegex()  : value
Checks the upload value against a list of regular expressions.
getGIDs()  : array<string|int, mixed>
Returns a list of existing GID numbers.
getGroupNames()  : array<string|int, mixed>
Returns a list of all group names in LDAP.
getNextDomainInfoGIDs()  : mixed
Gets the free GID numbers from an Windows domain info entry in LDAP.
getNextSambaPoolGIDs()  : mixed
Gets the free GID numbers from an Samba pool entry in LDAP.
groupNameExists()  : bool
Checks if the given group name already exists in LDAP.
isWindows()  : bool
Returns if the Windows module is active.

Constants

ATTRIBUTES_TO_IGNORE_ON_COPY_DEFAULT

These attributes will be ignored by default if a new account is copied from an existing one.

public mixed ATTRIBUTES_TO_IGNORE_ON_COPY_DEFAULT = array('uid', 'uidNumber', 'gid', 'gidNumber', 'cn', 'userpassword', 'sn', 'givenName', 'initials', 'telephoneNumber', 'homePhone', 'mobile', 'facsimileTelephoneNumber', 'pager', 'mail', 'employeeNumber', 'userCertificate;binary', 'userCertificate', 'homeDirectory', 'unixHomeDirectory', 'jpegPhoto')

Properties

$attributes

contains all ldap attributes which should be written

protected mixed $attributes

$autoAddObjectClasses

if true, managed object classes are added when an account is created or loaded (default: true)

protected mixed $autoAddObjectClasses = \true

$changegids

change GIDs of users and hosts?

protected mixed $changegids

$messages

contains all error messages of a module

protected mixed $messages

$meta

includes all meta data provided by the sub class

protected mixed $meta

$moduleSettings

configuration settings of all modules

protected mixed $moduleSettings

$orig

contains all ldap attributes which are loaded from ldap

protected mixed $orig

$passwordAttrName

password attribute

protected mixed $passwordAttrName = 'userPassword'

$base

name of parent accountContainer ($_SESSION[$base])

private mixed $base

$cachedGIDList

cache for existing GID numbers

private mixed $cachedGIDList

$cachedGroupNameList

cache for existing groups

private mixed $cachedGroupNameList

$cachedUserToGIDList

cache for existing users and their GIDs

private mixed $cachedUserToGIDList

$scope

the account type of this module (user, group, host)

private mixed $scope

Methods

__construct()

Creates a new base module class

public __construct(string $scope) : mixed
Parameters
$scope : string

the account type (user, group, host)

Return values
mixed

addPasswordQuickChangeAccountDetails()

Adds account details such as first/last name for the current account.

public addPasswordQuickChangeAccountDetails(htmlResponsiveRow $row) : void
Parameters
$row : htmlResponsiveRow

row where to add content

Tags
inheritDoc
Return values
void

addPDFImage()

Adds an image to the PDF.

public addPDFImage(array<string|int, mixed> &$result, string $attrName) : mixed
Parameters
$result : array<string|int, mixed>

result array (entry will be added here)

$attrName : string

attribute name

Return values
mixed

addPDFKeyValue()

Adds a simple PDF entry with the given key and value.

public addPDFKeyValue(array<string|int, mixed> &$result, string $name, string $label, mixed $value[, string $delimiter = ', ' ]) : mixed
Parameters
$result : array<string|int, mixed>

result array (entry will be added here)

$name : string

ID

$label : string

label name

$value : mixed

value as String or array

$delimiter : string = ', '

delimiter if value is array (default: ", ")

Return values
mixed

addPDFTable()

Adds a table entry to the PDF.

public addPDFTable(array<string|int, mixed> &$result, string $name, PDFTable $table) : mixed
Parameters
$result : array<string|int, mixed>

result array (entry will be added here)

$name : string

ID

$table : PDFTable

table

Return values
mixed

build_uploadAccounts()

In this function the LDAP accounts are built.

public build_uploadAccounts(mixed $rawAccounts, mixed $ids, mixed &$partialAccounts, mixed $selectedModules, mixed &$type) : array<string|int, mixed>
Parameters
$rawAccounts : mixed

the user input data, contains one subarray for each account.

$ids : mixed

list of IDs for column position (e.g. "posixAccount_uid" => 5)

$partialAccounts : mixed

list of hash arrays (name => value) which are later added to LDAP

$selectedModules : mixed

list of selected account modules

$type : mixed

account type

Tags
see
baseModule::build_uploadAccounts()
Return values
array<string|int, mixed>

list of error messages if any

can_manage()

Returns true if this module can manage accounts of the current type, otherwise false.

public can_manage() : bool
Return values
bool

true if module fits

canSelfServiceFieldBeReadOnly()

Returns if a given self service field can be set in read-only mode.

public canSelfServiceFieldBeReadOnly(string $fieldID, selfServiceProfile $profile) : bool
Parameters
$fieldID : string

field identifier

$profile : selfServiceProfile

currently edited profile

Return values
bool

may be set read-only

canSelfServiceFieldBeRelabeled()

Returns if a self service field can be relabeled.

public canSelfServiceFieldBeRelabeled(string $fieldID, selfServiceProfile $profile) : bool
Parameters
$fieldID : string

field ID

$profile : selfServiceProfile

currently edited profile

Return values
bool

may be relabeled

check_configOptions()

Checks input values of module settings.

public check_configOptions(mixed $typeIds, mixed &$options) : array<string|int, mixed>
Parameters
$typeIds : mixed

list of account type ids which are used

$options : mixed

hash array (option name => value) that contains the input. The option values are all arrays containing one or more elements.

Tags
see
baseModule::check_configOptions()
Return values
array<string|int, mixed>

list of error messages

check_profileOptions()

Checks input values of account profiles.

public check_profileOptions(array<string|int, mixed> $options, string $typeId) : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

$options is an hash array (option name => value) that contains the user input. The option values are all arrays containing one or more elements.
If the input data is invalid the return value is an array that contains arrays to build StatusMessages (message type, message head, message text). If no errors occurred the function returns an empty array.

Parameters
$options : array<string|int, mixed>

a hash array (name => value) containing the user input

$typeId : string

type id (user, group, host)

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

list of error messages (array(type, title, text)) to generate StatusMessages, if any

checkGlobalConfigOptions()

Checks the global config options.

public checkGlobalConfigOptions(array<string|int, mixed> &$options, array<string|int, string> &$messages, array<string|int, string> &$errors) : void
Parameters
$options : array<string|int, mixed>

config options

$messages : array<string|int, string>

info messages can be added here

$errors : array<string|int, string>

error messages can be added here

Return values
void

checkSelfServiceOptions()

Checks if all input values are correct and returns the LDAP attributes which should be changed.

public checkSelfServiceOptions(string $fields, array<string|int, mixed> $attributes, bool $passwordChangeOnly, array<string|int, mixed> $readOnlyFields) : array<string|int, mixed>


Return values:
messages: array of parameters to create status messages
add: array of attributes to add
del: array of attributes to remove
mod: array of attributes to modify
info: array of values with informational value (e.g. to be used later by pre/postModify actions)

Calling this method does not require the existence of an enclosing .

Parameters
$fields : string

input fields

$attributes : array<string|int, mixed>

LDAP attributes

$passwordChangeOnly : bool

indicates that the user is only allowed to change his password and no LDAP content is readable

$readOnlyFields : array<string|int, mixed>

list of read-only fields

Return values
array<string|int, mixed>

messages and attributes (array('messages' => [], 'add' => array('mail' => array('test@test.com')), 'del' => [], 'mod' => [], 'info' => []))

checkSelfServiceSettings()

Checks if the self service settings are valid.

public checkSelfServiceSettings(array<string|int, mixed> &$options, selfServiceProfile &$profile) : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

If the input data is invalid the return value is an array that contains arrays to build StatusMessages (message type, message head, message text). If no errors occurred the function returns an empty array.

Parameters
$options : array<string|int, mixed>

hash array (option name => value) that contains the input. The option values are all arrays containing one or more elements.

$profile : selfServiceProfile

self service profile

Return values
array<string|int, mixed>

error messages

delete_attributes()

This function returns an array with the same syntax as save_attributes().

public delete_attributes() : array<string|int, mixed>
Tags
see
baseModule::delete_attributes()
Return values
array<string|int, mixed>

of LDAP operations, same as for save_attributes()

display_html_attributes()

Returns the HTML meta data for the main account page.

public display_html_attributes() : array<string|int, mixed>
Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

HTML meta data

display_html_delete()

This function creates meta HTML code which will be displayed when an account should be deleted.

public display_html_delete() : htmlElement

Calling this method requires the existence of an enclosing .

This can be used to interact with the user, e.g. should the home directory be deleted? The output of all modules is displayed on a single page.

Tags
see
htmlElement
Return values
htmlElement

meta HTML object

display_html_user()

Displays selections to add or remove users from current group.

public display_html_user() : array<string|int, mixed>
Return values
array<string|int, mixed>

meta HTML output

doUploadPostActions()

This function is responsible to do additional tasks after the account has been created in LDAP (e.g. modifying group memberships, adding Quota etc..).

public doUploadPostActions(array<string|int, mixed> &$data, array<string|int, mixed> $ids, array<string|int, mixed> $failed, array<string|int, mixed> &$temp, array<string|int, mixed> &$accounts, array<string|int, string> $selectedModules, ConfiguredType $type) : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

This function is called as long as the returned status is 'finished'. Please make sure that one function call lasts no longer than 3-4 seconds. Otherwise the upload may fail because the time limit is exceeded. You should not make more than one LDAP operation in each call.

Parameters
$data : array<string|int, mixed>

array containing one account in each element

$ids : array<string|int, mixed>

maps the column names to keys for the sub arrays (array(<column_name> => ))

$failed : array<string|int, mixed>

list of account numbers which could not be successfully uploaded to LDAP

$temp : array<string|int, mixed>

variable to store temporary data between two post actions

$accounts : array<string|int, mixed>

list of LDAP entries

$selectedModules : array<string|int, string>

selected account modules

$type : ConfiguredType

account type

Return values
array<string|int, mixed>

current status
array (
'status' => 'finished' | 'inProgress' // defines if all operations are complete
'progress' => 0..100 // the progress of the operations in percent
'errors' => array // list of arrays which are used to generate StatusMessages
)

doUploadPreActions()

Runs any actions that need to be done before an LDAP entry is created.

public doUploadPreActions(array<string|int, mixed> $attributes, ConfiguredType $type) : array<string|int, mixed>
Parameters
$attributes : array<string|int, mixed>

LDAP attributes of this entry (attributes are provided as reference, handle modifications of $attributes with care)

$type : ConfiguredType

account type

Return values
array<string|int, mixed>

array which contains status messages. Each entry is an array containing the status message parameters.

get_alias()

Returns an alias name for the module.

public get_alias() : string

Calling this method does not require the existence of an enclosing .

This function returns a more descriptive string than the class name. Alias names are used for the buttons on the account pages and the module selection in the configuration wizard.
Please take care that your alias name is not too long. It may contain any character but should not include parts that may be interpreted by the browser (e.g. '<' or '>'). If you use different aliases dependent on the account type please make sure that there is a general alias for unknown types.

Tags
see
baseModule::get_metaData()
Return values
string

alias name

get_configOptions()

Returns a list of configuration options.

public get_configOptions(mixed $scopes, mixed $allScopes) : mixed
Parameters
$scopes : mixed

account types (user, group, host)

$allScopes : mixed

list of all active account modules and their account type id (module => array(type id))

Tags
see
baseModule::get_configOptions()
Return values
mixed

htmlElement or array of htmlElement

get_dependencies()

This function returns a list with all depending and conflicting modules.

public get_dependencies() : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

The return value is an array with two sub arrays, "depends" and "conflicts". All values of the conflict array are string values with module names. All values of the depends array are either string values with module names or arrays which include only string values with module names.
If an element of the depends array is itself an array, this means that your module depends on one of these modules.

Example: return array("depends" => array("posixAccount", array("qmail", "sendmail")), "conflicts" => array("exim"))

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

list of dependencies and conflicts

get_help()

This function returns the help entry array for a specific help id.

public get_help(string $id) : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

The result is an hashtable with the following keys:

  • Headline (required)
    The headline of this help entry. Can consist of any alphanumeric characters. No HTML/CSS elements are allowed.
  • Text (required)
    The text of the help entry which may contain any alphanumeric characters.
  • SeeAlso (optional)
    A reference to another related web site. It must be an array containing a field called "text" with the link text that should be displayed and a field called "link" which is the link target.

Example:

array('Headline' => 'This is the head line', 'Text' => 'Help content', 'SeeAlso' => array('text' => 'LAM homepage', 'link' => 'http://www.ldap-account-manager.org/'))
Parameters
$id : string

The id string for the help entry needed.

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

The desired help entry.

get_ldap_filter()

Returns an LDAP filter for the account lists

public get_ldap_filter(string $typeId) : string

Calling this method does not require the existence of an enclosing .

Returns an array('or' => '...', 'and' => '...') that is used to build the LDAP filter. Usually, this is used to filter object classes. All "or" filter parts of the base modules are combined with OR and then combined with the "and" parts.
The resulting LDAP filter will look like this: (&(|(OR1)(OR2)(OR3))(AND1)(AND2)(AND3))

Example: return array('or' => '(objectClass=posixAccount)', 'and' => '(!(uid=*$))')

Parameters
$typeId : string

account type id

Tags
see
baseModule::get_metaData()
Return values
string

LDAP filter

get_metaData()

Returns meta data that is interpreted by parent class

public get_metaData() : array<string|int, mixed>
Return values
array<string|int, mixed>

array with meta data

get_pdfEntries()

Returns the PDF entries for this module.

public get_pdfEntries(mixed $pdfKeys, mixed $typeId) : array<string|int, PDFEntry>
Parameters
$pdfKeys : mixed

list of PDF keys that are included in document

$typeId : mixed

type id (user, group, host)

Tags
see
baseModule::get_pdfEntries()
Return values
array<string|int, PDFEntry>

list of key => PDFEntry

get_pdfFields()

Returns a hashtable with all entries that may be printed out in the PDF.

public get_pdfFields(mixed $typeId) : array<string|int, mixed>
Parameters
$typeId : mixed

type id (user, group, host)

Tags
see
baseModule::get_pdfFields()
Return values
array<string|int, mixed>

PDF entries as key => label

get_profileOptions()

This function defines what attributes will be used in the account profiles and their appearance in the profile editor.

public get_profileOptions(string $typeId) : htmlElement

Calling this method does not require the existence of an enclosing .

The return value is an object implementing htmlElement.
The field name are used as keywords to load and save profiles. We recommend to use the module name as prefix for them (e.g. posixAccount_homeDirectory) to avoid naming conflicts.

Parameters
$typeId : string

type id (user, group, host, ...)

Tags
see
baseModule::get_metaData()
see
htmlElement
Return values
htmlElement

meta HTML object

get_RDNAttributes()

Returns a hash array containing a list of possible LDAP attributes that can be used to form the RDN (Relative Distinguished Name).

public get_RDNAttributes(string $typeId) : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

The returned elements have this form: =>
is the name of the LDAP attribute
defines the priority of the attribute (can be "low", "normal", "high")

Example: return array('uid' => 'normal', 'cn' => 'low')

Parameters
$typeId : string

account type

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

list of attributes

get_scope()

Returns the account type of this module (user, group, host)

public get_scope() : string
Return values
string

account type

get_uploadColumns()

Returns an array containing all input columns for the file upload.

public get_uploadColumns(mixed $selectedModules, mixed &$type) : array<string|int, mixed>
Parameters
$selectedModules : mixed

list of selected account modules

$type : mixed

account type

Tags
see
baseModule::getManagedAttributes()
Return values
array<string|int, mixed>

column list

get_uploadPreDepends()

Returns a list of module names which must be processed in building the account before this module.

public get_uploadPreDepends() : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

The named modules may not be active, LAM will check this automatically.

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

list of module names

getAttributes()

Returns the LDAP attributes which are managed in this module.

public getAttributes() : array<string|int, mixed>
Return values
array<string|int, mixed>

attributes

getButtonStatus()

Controls if the module button the account page is visible and activated.

public getButtonStatus() : string
Return values
string

status ("enabled", "disabled", "hidden")

getGlobalConfigOptions()

Returns a list of config options for LAM's main configuration.

public getGlobalConfigOptions(array<string|int, mixed> $currentSettings) : array<string|int, htmlElement>
Parameters
$currentSettings : array<string|int, mixed>

current settings

Return values
array<string|int, htmlElement>

config options

getIcon()

Returns the path to the module icon.

public getIcon() : unknown

The path must be relative to graphics (e.g. key.png) or an URL (/icons/icon.png or http://server/icon.png). You can also set $this->meta['icon']. The preferred size is 32x32px.

Tags
see
baseModule::get_metaData()
Return values
unknown

getLDAPAliases()

Returns a list of aliases for LDAP attributes.

public getLDAPAliases(string $typeId) : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

All alias attributes will be renamed to the given attribute names.

Parameters
$typeId : string

type id (user, group, host)

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

list of aliases like array("alias name" => "attribute name")

getLinkToSpecialSelfServicePage()

This allows modules to create a link to a module specific page for the self service.

public getLinkToSpecialSelfServicePage(array<string|int, mixed> $settings) : string

The link is shown on the login page of the self service. You can use this to provide e.g. a page to reset passwords.

Parameters
$settings : array<string|int, mixed>

self service settings

Return values
string

link text (null if no special page used)

getListAttributeDescriptions()

Returns a list of attribute descriptions for the account list.

public getListAttributeDescriptions(ConfiguredType $type) : array<string|int, mixed>
Parameters
$type : ConfiguredType

type

Tags
inheritDoc
Return values
array<string|int, mixed>

attribute name => description label

getListFilterFunction()

Returns a callable if there should be a custom filtering for the given attribute name.

public getListFilterFunction(string $attributeName) : callable|null
Parameters
$attributeName : string

attribute name

Return values
callable|null

custom function for filtering (?array $values, ?string $filterValue)

getListRenderFunction()

Returns a callable if there should be a custom display for the given attribute name.

public getListRenderFunction(string $attributeName) : callable|null
Parameters
$attributeName : string

attribute name

Return values
callable|null

custom function for rendering (array $entry, string $attribute)

getManagedAttributes()

Returns a list of LDAP attributes which are managed by this module.

public getManagedAttributes(mixed $typeId) : array<string|int, mixed>
Parameters
$typeId : mixed

type id (user, group, host)

Tags
see
baseModule::getManagedAttributes()
Return values
array<string|int, mixed>

list of attributes

getManagedHiddenAttributes()

Returns a list of operational LDAP attributes which are managed by this module and need to be explicitly set for LDAP search.

public getManagedHiddenAttributes(string $typeId) : array<string|int, mixed>
Parameters
$typeId : string

account type id

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

list of hidden attributes

getManagedObjectClasses()

Returns a list of managed object classes for this module.

public getManagedObjectClasses(string $typeId) : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

This is used to fix spelling errors in LDAP-Entries (e.g. if "posixACCOUNT" is read instead of "posixAccount" from LDAP).

Example: return array('posixAccount')

Parameters
$typeId : string

type id (user, group, host)

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

list of object classes

getNextGIDs()

Returns one or more free GID numbers.

public getNextGIDs(int $count, array<string|int, mixed> &$errors, ConfiguredType $type) : mixed
Parameters
$count : int

Number of needed free GIDs.

$errors : array<string|int, mixed>

list of error messages where errors can be added

$type : ConfiguredType

account type

Return values
mixed

Null if no GIDs are free else an array of free GIDs.

getOriginalAttributes()

Returns the LDAP attributes which are managed in this module (with unchanged values).

public getOriginalAttributes() : array<string|int, mixed>
Return values
array<string|int, mixed>

attributes

getPasswordQuickChangeChanges()

Returns a list of LDAP attribute changes to perform.

public getPasswordQuickChangeChanges(string $password) : array<string|int, mixed>
Parameters
$password : string

new password

Tags
inheritDoc
Return values
array<string|int, mixed>

LDAP attribute values (attr_name => array(attr_value))

getPasswordQuickChangeIsPasswordInHistory()

Returns if the password is not same as an old password from history.

public getPasswordQuickChangeIsPasswordInHistory(string $password) : bool
Parameters
$password : string

new password

Tags
inheritDoc
Return values
bool

is in history

getPasswordQuickChangePasswordStrengthAttributes()

Returns additional attribute values to check when password strength is validated.

public getPasswordQuickChangePasswordStrengthAttributes() : array<string|int, mixed>
Tags
inheritDoc
Return values
array<string|int, mixed>

attribute values

getPasswordQuickChangePasswordStrengthUserName()

Returns the user name if known to be validated for password strength.

public getPasswordQuickChangePasswordStrengthUserName() : string|null
Tags
inheritDoc
Return values
string|null

user name

getRequiredExtensions()

This function returns a list of PHP extensions (e.g. hash) which are needed by this module.

public getRequiredExtensions() : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

extensions

getSelfServiceFields()

Returns a list of possible input fields and their descriptions.

public getSelfServiceFields() : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

Format: array( => )

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

fields

getSelfServiceOptions()

Returns the meta HTML code for each input field.

public getSelfServiceOptions(array<string|int, mixed> $fields, array<string|int, mixed> $attributes, bool $passwordChangeOnly, array<string|int, mixed> $readOnlyFields) : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

It is not possible to display help links.

Parameters
$fields : array<string|int, mixed>

list of active fields

$attributes : array<string|int, mixed>

attributes of LDAP account

$passwordChangeOnly : bool

indicates that the user is only allowed to change his password and no LDAP content is readable

$readOnlyFields : array<string|int, mixed>

list of read-only fields

Tags
see
htmlElement
Return values
array<string|int, mixed>

list of meta HTML elements (field name => htmlResponsiveRow)

getSelfServiceSearchAttributes()

This function returns a list of possible LDAP attributes (e.g. uid, cn, ...) which can be used to search for LDAP objects.

public getSelfServiceSearchAttributes() : array<string|int, mixed>

Calling this method does not require the existence of an enclosing .

Tags
see
baseModule::get_metaData()
Return values
array<string|int, mixed>

attributes

getSelfServiceSettings()

Returns a list of self service configuration settings.

public getSelfServiceSettings(selfServiceProfile $profile) : htmlElement

Calling this method does not require the existence of an enclosing .

The name attributes are used as keywords to load and save settings. We recommend to use the module name as prefix for them (e.g. posixAccount_homeDirectory) to avoid naming conflicts.

Parameters
$profile : selfServiceProfile

currently edited profile

Tags
see
baseModule::get_metaData()
see
htmlElement
Return values
htmlElement

meta HTML object

getSupportedJobs()

Returns a list of jobs that can be run.

public getSupportedJobs(LAMConfig &$config) : mixed
Parameters
$config : LAMConfig

configuration

Return values
mixed

getWildCardReplacements()

Returns a list of wildcards that can be replaced in input fields.

public getWildCardReplacements() : array<string|int, mixed>

E.g. "$firstname" is replaced with "givenName" attribute value.

Return values
array<string|int, mixed>

replacements as wildcard => value

handleAjaxRequest()

Manages AJAX requests.

public handleAjaxRequest() : mixed

This function may be called with or without an account container.

Return values
mixed

hasOnlyVirtualChildren()

Defines if the LDAP entry has only virtual child entries. This is the case for e.g. LDAP views.

public hasOnlyVirtualChildren() : bool
Return values
bool

has only virtual children

init()

This function will be called when the module will be loaded

public init(string $base) : mixed
Parameters
$base : string

the name of the object ($_SESSION[$base])

Return values
mixed

is_base_module()

Returns true if your module is a base module and otherwise false.

public is_base_module() : bool

Calling this method does not require the existence of an enclosing .

Every account type needs exactly one base module. A base module manages a structural object class. E.g. the inetOrgPerson module is a base module since its object class is structural.

Tags
see
baseModule::get_metaData()
Return values
bool

true if base module (defaults to false if no meta data is provided)

load_attributes()

This function loads the LDAP attributes when an account should be loaded.

public load_attributes(array<string|int, mixed> $attributes) : mixed

Calling this method requires the existence of an enclosing .

By default this method loads the object classes and accounts which are specified in and .

Parameters
$attributes : array<string|int, mixed>

array like the array returned by get_ldap_attributes(dn of account) but without count indices

Return values
mixed

load_Messages()

This function fills the $messages variable with output messages from this module.

public load_Messages() : mixed
Return values
mixed

load_profile()

Loads the values of an account profile into internal variables.

public load_profile(array<string|int, mixed> $profile) : mixed
Parameters
$profile : array<string|int, mixed>

hash array with profile values (identifier => value)

Return values
mixed

loadAttributesFromAccountCopy()

Loads the LDAP data from an account to copy.

public loadAttributesFromAccountCopy(array<string|int, mixed> $ldapAttributes[, array<string|int, mixed> $attributesToIgnore = [] ]) : void
Parameters
$ldapAttributes : array<string|int, mixed>

LDAP attributes of copy

$attributesToIgnore : array<string|int, mixed> = []

list of attributes to ignore during load (defaults to self::ATTRIBUTES_TO_IGNORE_ON_COPY_DEFAULT)

Return values
void

managesPasswordAttributes()

This method specifies if a module manages password attributes.

public managesPasswordAttributes() : bool
Tags
see
passwordService::managesPasswordAttributes
Return values
bool

true if this module manages password attributes

module_complete()

This functions is used to check if all settings for this module have been made.

public module_complete() : bool
Return values
bool

true, if settings are complete

module_ready()

This function is used to check if this module page can be displayed.

public module_ready() : bool

Calling this method requires the existence of an enclosing .

Your module might depend on input of other modules. This function determines if the user can change to your module page or not. The return value is true if your module accepts input, otherwise false.
This method's return value defaults to true.

Return values
bool

true, if page can be displayed

passwordChangeRequested()

This function is called whenever the password should be changed. Account modules must change their password attributes only if the modules list contains their module name.

public passwordChangeRequested(string $password, array<string|int, mixed> $modules, bool $forcePasswordChange) : array<string|int, mixed>
Parameters
$password : string

new password

$modules : array<string|int, mixed>

list of modules for which the password should be changed

$forcePasswordChange : bool

force the user to change his password at next login

Tags
see
passwordService::passwordChangeRequested
Return values
array<string|int, mixed>

list of error messages if any as parameter array for StatusMessage e.g. return array(array('ERROR', 'Password change failed.'))

postDeleteActions()

Allows the module to run commands after the LDAP entry is deleted.

public postDeleteActions() : array<string|int, mixed>

Calling this method requires the existence of an enclosing .

Return values
array<string|int, mixed>

Array which contains status messages. Each entry is an array containing the status message parameters.

postModifyActions()

Allows the module to run commands after the LDAP entry is changed or created.

public postModifyActions(bool $newAccount, array<string|int, mixed> $attributes) : array<string|int, mixed>

Calling this method requires the existence of an enclosing .

Parameters
$newAccount : bool

new account

$attributes : array<string|int, mixed>

LDAP attributes of this entry

Return values
array<string|int, mixed>

array which contains status messages. Each entry is an array containing the status message parameters.

postModifySelfService()

Allows the module to run commands after the LDAP entry is changed or created.

public postModifySelfService(bool $newAccount, array<string|int, mixed> $attributes) : bool
Parameters
$newAccount : bool

is new account or existing one

$attributes : array<string|int, mixed>

LDAP attributes of this entry

Return values
bool

true, if no problems occurred

preDeleteActions()

Allows the module to run commands before the LDAP entry is deleted.

public preDeleteActions() : array<string|int, mixed>

Calling this method requires the existence of an enclosing .

Return values
array<string|int, mixed>

Array which contains status messages. Each entry is an array containing the status message parameters.

preModifyActions()

Allows the module to run commands before the LDAP entry is changed or created.

public preModifyActions(bool $newAccount, array<string|int, mixed> &$attributes) : array<string|int, mixed>

Calling this method requires the existence of an enclosing .

The modification is aborted if an error message is returned.

Parameters
$newAccount : bool

new account

$attributes : array<string|int, mixed>

LDAP attributes of this entry (added/modified attributes are provided as reference, handle modifications of $attributes with care)

Return values
array<string|int, mixed>

array which contains status messages. Each entry is an array containing the status message parameters.

preModifySelfService()

Allows the module to run commands before the LDAP entry is changed or created.

public preModifySelfService(bool $newAccount, array<string|int, mixed> $attributes) : bool

An error message should be printed if the function returns false.

Parameters
$newAccount : bool

is new account or existing one

$attributes : array<string|int, mixed>

LDAP attributes of this entry

Return values
bool

true, if no problems occurred

process_attributes()

Processes user input of the primary module page.

public process_attributes() : array<string|int, mixed>

It checks if all input values are correct and updates the associated LDAP attributes.

Return values
array<string|int, mixed>

list of info/error messages

process_user()

Processes user input of the user selection page.

public process_user() : array<string|int, mixed>

It checks if all input values are correct and updates the associated LDAP attributes.

Return values
array<string|int, mixed>

list of info/error messages

runGlobalCronActions()

Runs any global cron actions.

public runGlobalCronActions(bool $isDryRun) : void
Parameters
$isDryRun : bool

dry-run active

Tags
throws
LAMException

error during execution

Return values
void

save_attributes()

Returns a list of modifications which have to be made to the LDAP account.

public save_attributes() : array<string|int, mixed>
Return values
array<string|int, mixed>

list of modifications
This function returns an array with 3 entries:
array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
DN is the DN to change. It may be possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
"add" are attributes which have to be added to LDAP entry
"remove" are attributes which have to be removed from LDAP entry
"modify" are attributes which have to been modified in LDAP entry
"info" are values with informational value (e.g. to be used later by pre/postModify actions)

supportsAdminInterface()

Specifies if this module supports the LAM admin interface.

public supportsAdminInterface() : bool

The LAM admin interface are the pages that allow to manage e.g. users and groups. In contrast there is also the LAM self service interface. Most modules support the admin interface.

Return values
bool

support admin interface

supportsForcePasswordChange()

Specifies if this module supports to force that a user must change his password on next login.

public supportsForcePasswordChange() : bool
Return values
bool

force password change supported

supportsGlobalCronJob()

Specifies if the module supports global cron job actions.

public supportsGlobalCronJob() : bool
Return values
bool

supports cron

supportsPasswordQuickChangePage()

Specifies if the module support password quick change for the current account.

public supportsPasswordQuickChangePage() : bool
Tags
inheritDoc
Return values
bool

password quick change page supported

addAccountSpecificConfigOptions()

Adds the account specific options to the config container.

protected addAccountSpecificConfigOptions(htmlResponsiveRow &$configContainer, string $typeId) : mixed
Parameters
$configContainer : htmlResponsiveRow

container

$typeId : string

type ID

Return values
mixed

addDoubleSelectionArea()

Adds an area with two multi-select fields with buttons to move items from right to left and vice-versa.

protected addDoubleSelectionArea(htmlResponsiveRow &$container, string $labelFirst, string $labelSecond, array<string|int, string> $optionsFirst, array<string|int, string> $selectedFirst, array<string|int, string> $optionsSecond, array<string|int, string> $selectedSecond, string $namePrefix[, bool $rightToLeftText = false ][, bool $showFilter = false ]) : mixed

The options of the selects must be presorted.
Names:

  • First select: $namePrefix_1
  • Second select: $namePrefix_2
  • Button move left: $namePrefix_left
  • Button move right: $namePrefix_right
Parameters
$container : htmlResponsiveRow

row

$labelFirst : string

label of first select

$labelSecond : string

label of second select

$optionsFirst : array<string|int, string>

options of first select ('label' => 'value')

$selectedFirst : array<string|int, string>

selected options of first select

$optionsSecond : array<string|int, string>

options of first select ('label' => 'value')

$selectedSecond : array<string|int, string>

selected options of second select

$namePrefix : string

prefix for select field and button names

$rightToLeftText : bool = false

sets the text direction in select to right to left

$showFilter : bool = false

displays a live filter

Return values
mixed

addMultiValueInputTextField()

Adds a text input field that may contain multiple values to the given htmlResponsiveRow.

protected addMultiValueInputTextField(htmlResponsiveRow &$container, string $attrName, string $label[, bool $required = false ][, int $length = null ][, bool $isTextArea = false ][, array<string|int, mixed> $autoCompleteValues = null ][, int $fieldSize = null ][, array<string|int, mixed> &$htmlIDs = null ][, string $cssClasses = '' ]) : mixed

The field name will be the same as the attribute name plus a counting number (e.g. street_0). The last field will be followed by a button to add a new value. This is named add_{attribute name} (e.g. add_street). There must be a help entry with the attribute name as ID. A new line will also be added after this entry so multiple calls will show the fields one below the other.

Parameters
$container : htmlResponsiveRow

parent container

$attrName : string

attribute name

$label : string

label name

$required : bool = false

this is a required field (default false)

$length : int = null

field length

$isTextArea : bool = false

show as text area (default false)

$autoCompleteValues : array<string|int, mixed> = null

values for auto-completion

$fieldSize : int = null

field size

$htmlIDs : array<string|int, mixed> = null

reference to array where to add the generated HTML IDs of the input fields

$cssClasses : string = ''

additional CSS classes of input fields

Return values
mixed

addMultiValueSelectField()

Adds a select field type that may contain multiple values to the given htmlTable.

protected addMultiValueSelectField(htmlResponsiveRow &$container, string $attrName, string $label, array<string|int, mixed> $options[, bool $hasDescriptiveOptions = false ][, bool $required = false ][, int $fieldSize = 1 ][, array<string|int, mixed> &$htmlIDs = null ]) : mixed

The field name will be the same as the attribute name plus a counting number (e.g. street_0). The last field will be followed by a button to add a new value. This is named add_{attribute name} (e.g. add_street). There must be a help entry with the attribute name as ID. A new line will also be added after this entry so multiple calls will show the fields one below the other.

Parameters
$container : htmlResponsiveRow

parent container

$attrName : string

attribute name

$label : string

label name

$options : array<string|int, mixed>

options for the selects

$hasDescriptiveOptions : bool = false

has descriptive options

$required : bool = false

this is a required field (default false)

$fieldSize : int = 1

field size

$htmlIDs : array<string|int, mixed> = null

reference to array where to add the generated HTML IDs of the input fields

Return values
mixed

addMultiValueSelfServiceTextField()

Adds a simple text input field for the self service.

protected addMultiValueSelfServiceTextField(array<string|int, mixed> &$container, string $name, string $label, array<string|int, mixed> &$fields, array<string|int, mixed> &$attributes, array<string|int, mixed> &$readOnlyFields[, bool $required = false ][, bool $isTextArea = false ][, string $attributeName = null ]) : mixed

The field name will be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn).

Parameters
$container : array<string|int, mixed>

array that is used as return value for getSelfServiceOptions()

$name : string

attribute name (== field name)

$label : string

label to display in front of input field

$fields : array<string|int, mixed>

list of active fields

$attributes : array<string|int, mixed>

attributes of LDAP account

$readOnlyFields : array<string|int, mixed>

list of read-only fields

$required : bool = false

field is required

$isTextArea : bool = false

display as text area

$attributeName : string = null

attribute name (defaults to $name)

Return values
mixed

addSimpleInputTextField()

Adds a simple text input field to the given htmlResponsiveRow.

protected & addSimpleInputTextField(htmlResponsiveRow &$container, string $attrName, string $label[, bool $required = false ][, int $length = null ][, bool $isTextArea = false ][, array<string|int, mixed> $autoCompleteValues = null ]) : mixed

The field name will be the same as the attribute name. There must also be a help entry with the attribute name as ID. A new line will also be added after this entry so multiple calls will show the fields one below the other.

Parameters
$container : htmlResponsiveRow

parent container

$attrName : string

attribute name

$label : string

label name

$required : bool = false

this is a required field (default false)

$length : int = null

field length

$isTextArea : bool = false

show as text area (default false)

$autoCompleteValues : array<string|int, mixed> = null

values for auto-completion

Return values
mixed

reference to htmlResponsiveInputField/htmlResponsiveInputTextarea

addSimplePDFField()

Adds a simple PDF entry to the given array.

protected addSimplePDFField(array<string|int, mixed> &$result, string $name, string $label[, string $attrName = null ][, string $delimiter = ', ' ]) : mixed
Parameters
$result : array<string|int, mixed>

result array (entry will be added here)

$name : string

ID

$label : string

label name

$attrName : string = null

attribute name (default: =$name)

$delimiter : string = ', '

delimiter if multiple attribute values exist (default: ", ")

Return values
mixed

addSimpleReadOnlyField()

Adds a simple read-only field to the given container.

protected addSimpleReadOnlyField(htmlResponsiveRow &$container, string $attrName, string $label) : mixed
Parameters
$container : htmlResponsiveRow

parent container

$attrName : string

attribute name

$label : string

field label

Return values
mixed

addSimpleSelfServiceTextField()

Adds a simple text input field for the self service.

protected addSimpleSelfServiceTextField(array<string|int, mixed> &$container, string $name, string $label, array<string|int, mixed> &$fields, array<string|int, mixed> &$attributes, array<string|int, mixed> &$readOnlyFields[, bool $required = false ][, bool $isTextArea = false ][, string $attributeName = null ]) : mixed

The field name will be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn).

Parameters
$container : array<string|int, mixed>

array that is used as return value for getSelfServiceOptions()

$name : string

attribute name (== field name)

$label : string

label to display in front of input field

$fields : array<string|int, mixed>

list of active fields

$attributes : array<string|int, mixed>

attributes of LDAP account

$readOnlyFields : array<string|int, mixed>

list of read-only fields

$required : bool = false

field is required

$isTextArea : bool = false

display as text area

$attributeName : string = null

attribute name (defaults to $name)

Return values
mixed

checkMultiValueSelfServiceTextField()

Checks the input value of a self service multi-value text field.

protected checkMultiValueSelfServiceTextField(array<string|int, mixed> &$container, string $name, array<string|int, mixed> &$attributes, string $fields, array<string|int, mixed> &$readOnlyFields[, string $validationID = null ][, array<string|int, mixed> $validationMessage = null ][, array<string|int, mixed> $requiredMessage = null ][, string $attributeName = null ]) : mixed

The field name must be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn). If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).

Parameters
$container : array<string|int, mixed>

return value of checkSelfServiceOptions()

$name : string

attribute name

$attributes : array<string|int, mixed>

LDAP attributes

$fields : string

input fields

$readOnlyFields : array<string|int, mixed>

list of read-only fields

$validationID : string = null

validation ID for get_preg()

$validationMessage : array<string|int, mixed> = null

validation message data (defaults to $this->messages[$name][0])

$requiredMessage : array<string|int, mixed> = null

message data when no value is set by user (no check if null)

$attributeName : string = null

attribute name (defaults to $name)

Return values
mixed

checkSimpleSelfServiceTextField()

Checks the input value of a self service text field.

protected checkSimpleSelfServiceTextField(array<string|int, mixed> &$container, string $name, array<string|int, mixed> &$attributes, string $fields, array<string|int, mixed> &$readOnlyFields[, string $validationID = null ][, array<string|int, mixed> $validationMessage = null ][, array<string|int, mixed> $requiredMessage = null ][, string $attributeName = null ]) : mixed

The field name must be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn). If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).

Parameters
$container : array<string|int, mixed>

return value of checkSelfServiceOptions()

$name : string

attribute name

$attributes : array<string|int, mixed>

LDAP attributes

$fields : string

input fields

$readOnlyFields : array<string|int, mixed>

list of read-only fields

$validationID : string = null

validation ID for get_preg()

$validationMessage : array<string|int, mixed> = null

validation message data (defaults to $this->messages[$name][0])

$requiredMessage : array<string|int, mixed> = null

message data when no value is set by user (no check if null)

$attributeName : string = null

attribute name (defaults to $name)

Return values
mixed

getSelfServiceLabel()

Returns the field label. This can be either the given default label or an override value from profile.

protected getSelfServiceLabel(string $fieldID, string $defaultLabel) : string
Parameters
$fieldID : string

field ID

$defaultLabel : string

default label text

Return values
string

label

getUsers()

Returns a list of existing users and their GID numbers and cn.

protected getUsers() : array<string|int, mixed>
Return values
array<string|int, mixed>

list in format array(uid => array('gid' => 123, 'cn' => 'Some user'))

isBooleanConfigOptionSet()

Returns if the given configuration option is set.

protected isBooleanConfigOptionSet(string $optionName[, bool $default = false ]) : bool

This function returns false if the configuration options cannot be read.

Parameters
$optionName : string

name of the option

$default : bool = false

default value if config option is not set at all (default: false)

Return values
bool

true if option is set

manageCnAndDescription()

Returns if cn and description attributes should be managed.

protected manageCnAndDescription(array<string|int, string> $modules) : bool
Parameters
$modules : array<string|int, string>

modules

Return values
bool

manage cn+description

mapSimpleUploadField()

Maps simple upload fields directly to LDAP attribute values.

protected mapSimpleUploadField(array<string|int, mixed> &$rawAccounts, array<string|int, mixed> &$ids, array<string|int, mixed> &$partialAccounts, string $position, string $colName, string $attrName[, string|array<string|int, string> $regex = null ][, array<string|int, mixed> $message = [] ][, array<string|int, mixed> &$errors = [] ][, string $regexSplit = null ]) : mixed
Parameters
$rawAccounts : array<string|int, mixed>

the user input data, contains one subarray for each account.

$ids : array<string|int, mixed>

list of IDs for column position (e.g. "posixAccount_uid" => 5)

$partialAccounts : array<string|int, mixed>

list of hash arrays (name => value) which are later added to LDAP

$position : string

current position in CSV

$colName : string

column name

$attrName : string

LDAP attribute name

$regex : string|array<string|int, string> = null

for get_preg() (e.g. 'ascii')

$message : array<string|int, mixed> = []

error message to add if regex does not match

$errors : array<string|int, mixed> = []

list of error messages if any

$regexSplit : string = null

multiple values are separated and can be split with this preg_split expression (e.g. "/;[ ]?/")

Return values
mixed

processMultiValueInputTextField()

Validates a multi-value text field.

protected processMultiValueInputTextField(string $attrName, array<string|int, mixed> &$errors[, string $validationID = null ][, bool $required = false ]) : mixed

The input fields must be created with function addMultiValueInputTextField(). If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).

Parameters
$attrName : string

attribute name

$errors : array<string|int, mixed>

errors array where to put validation errors

$validationID : string = null

validation ID for function get_preg() (default: null, null means no validation)

$required : bool = false

the field is required (default: false)

Return values
mixed

processMultiValueSelectField()

Validates a multi-value select field.

protected processMultiValueSelectField(string $attrName) : mixed

The select fields must be created with function addMultiValueSelectField().

Parameters
$attrName : string

attribute name

Return values
mixed

processSimpleTextInput()

Validates a text field.

protected processSimpleTextInput(string $attrName, array<string|int, mixed> &$errors[, bool $required = false ][, string $validationID = null ]) : mixed

If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).

Parameters
$attrName : string

attribute name

$errors : array<string|int, mixed>

errors array where to put validation errors

$required : bool = false

value required

$validationID : string = null

validation ID for function get_preg() (default: null, null means no validation)

Return values
mixed

syncGon()

Syncs with group of names members.

protected syncGon([bool $forceDelete = false ]) : array<string|int, mixed>
Parameters
$forceDelete : bool = false

force deletion of members

Return values
array<string|int, mixed>

list of status messages

syncWindows()

Syncs with Windows.

protected syncWindows() : array<string|int, mixed>
Return values
array<string|int, mixed>

list of status messages

checkUploadRegex()

Checks the upload value against a list of regular expressions.

private checkUploadRegex(array<string|int, string> $regexIDs, string $value, array<string|int, mixed> $message, int $position, array<string|int, mixed> &$errors) : value
Parameters
$regexIDs : array<string|int, string>

regular expression IDs for get_preg()

$value : string

value to check

$message : array<string|int, mixed>

error message array if not matching

$position : int

upload position

$errors : array<string|int, mixed>

error messages

Tags
see
get_preg()
Return values
value

is ok

getGIDs()

Returns a list of existing GID numbers.

private getGIDs(ConfiguredType $type) : array<string|int, mixed>
Parameters
$type : ConfiguredType

account type

Return values
array<string|int, mixed>

list of GID numbers

getGroupNames()

Returns a list of all group names in LDAP.

private getGroupNames() : array<string|int, mixed>
Return values
array<string|int, mixed>

group names

getNextDomainInfoGIDs()

Gets the free GID numbers from an Windows domain info entry in LDAP.

private getNextDomainInfoGIDs(int $count, string $typeId) : mixed
Parameters
$count : int

number of needed free GIDs.

$typeId : string

account type id

Return values
mixed

null if no GIDs are free else an array of free GIDs

getNextSambaPoolGIDs()

Gets the free GID numbers from an Samba pool entry in LDAP.

private getNextSambaPoolGIDs(int $count, string $typeId) : mixed
Parameters
$count : int

number of needed free GIDs.

$typeId : string

account type id

Return values
mixed

null if no GIDs are free else an array of free GIDs

groupNameExists()

Checks if the given group name already exists in LDAP.

private groupNameExists(string $groupName) : bool
Parameters
$groupName : string

group name

Return values
bool

true if already exists

isWindows()

Returns if the Windows module is active.

private isWindows() : bool
Return values
bool

is Windows

Search results