lib/baseModule.inc
Properties
Description
This is the parent class for all account modules.It implements the complete module interface and uses meta-data provided by the account modules for its functions.
Classes
baseModule
Description
Parent class of all account modules.It implements the complete module interface and uses meta-data provided by the account modules for its functions.
Location and naming of modules
All LAM modules are placed in lib/modules/ and are named "
You can avoid to override many functions by using {@link get_metaData()}.
All module classes should extend the baseModule class.
Methods
__construct, addMultiValueInputTextField, addSimpleInputTextField, addSimplePDFField, addSimpleSelfServiceTextField, build_uploadAccounts, canSelfServiceFieldBeReadOnly, canSelfServiceFieldBeRelabeled, can_manage, checkSelfServiceOptions, checkSelfServiceSettings, checkSimpleSelfServiceTextField, check_configOptions, check_profileOptions, delete_attributes, displaySpecialSelfServicePage, display_html_attributes, display_html_delete, doUploadPostActions, doUploadPreActions, getAccountContainer, getAttributes, getButtonStatus, getIcon, getLDAPAliases, getLinkToSpecialSelfServicePage, getManagedAttributes, getManagedObjectClasses, getOriginalAttributes, getRequiredExtensions, getSelfServiceFields, getSelfServiceLabel, getSelfServiceOptions, getSelfServiceSearchAttributes, getSelfServiceSettings, get_RDNAttributes, get_alias, get_configOptions, get_dependencies, get_help, get_ldap_filter, get_metaData, get_pdfEntries, get_pdfFields, get_profileOptions, get_scope, get_uploadColumns, get_uploadPreDepends, handleAjaxRequest, init, isBooleanConfigOptionSet, is_base_module, load_Messages, load_attributes, load_profile, module_complete, module_ready, postDeleteActions, postModifyActions, postModifySelfService, preDeleteActions, preModifyActions, preModifySelfService, processMultiValueInputTextField, process_attributes, save_attributes, supportsAdminInterface,__construct( string $scope, ) : n/a
Description
Creates a new base module classArguments
Name | Type | Description | Default |
---|---|---|---|
$scope | string | the account type (user, group, host) |
Return value
Type | Description |
---|---|
n/a | n/a |
addMultiValueInputTextField( \htmlTable $container, String $attrName, String $label, boolean $required = false, integer $length = null, boolean $isTextArea = false, array $autoCompleteValues = null, integer $fieldSize = null, ) : n/a
Description
Adds a text input field that may contain multiple values to the given htmlTable.The field name will be the same as the attribute name plus a counting number (e.g. street_0). The last field will be followed by a button to add a new value. This is named add_{attribute name} (e.g. add_street). There must be a help entry with the attribute name as ID. A new line will also be added after this entry so multiple calls will show the fields one below the other.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$container | \htmlTable | parent container |
|
$attrName | String | attribute name |
|
$label | String | label name |
|
$required | boolean | this is a required field (default false) |
false |
$length | integer | field length |
null |
$isTextArea | boolean | show as text area (default false) |
false |
$autoCompleteValues | array | values for auto-completion |
null |
$fieldSize | integer | field size |
null |
Return value
Type | Description |
---|---|
n/a | n/a |
addSimpleInputTextField( \htmlTable $container, String $attrName, String $label, boolean $required = false, integer $length = null, boolean $isTextArea = false, array $autoCompleteValues = null, ) : mixed
Description
Adds a simple text input field to the given htmlTable.The field name will be the same as the attribute name. There must also be a help entry with the attribute name as ID. A new line will also be added after this entry so multiple calls will show the fields one below the other.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$container | \htmlTable | parent container |
|
$attrName | String | attribute name |
|
$label | String | label name |
|
$required | boolean | this is a required field (default false) |
false |
$length | integer | field length |
null |
$isTextArea | boolean | show as text area (default false) |
false |
$autoCompleteValues | array | values for auto-completion |
null |
Return value
Type | Description |
---|---|
mixed | reference to htmlTableExtendedInputField/htmlTableExtendedInputTextarea |
addSimplePDFField( array $result, String $name, String $label, String $attrName = null, String $delimiter = ', ', ) : n/a
Description
Adds a simple PDF entry to the given array.Arguments
Name | Type | Description | Default |
---|---|---|---|
$result | array | result array (entry will be added here) |
|
$name | String | ID |
|
$label | String | label name |
|
$attrName | String | attribute name (default: =$name) |
null |
$delimiter | String | delimiter if multiple attribute values exist (default: ", ") |
', ' |
Return value
Type | Description |
---|---|
n/a | n/a |
addSimpleSelfServiceTextField( array $container, String $name, String $label, array $fields, array $attributes, array $readOnlyFields, boolean $required = false, boolean $isTextArea = false, ) : n/a
Description
Adds a simple text input field for the self service.The field name will be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn).
Arguments
Name | Type | Description | Default |
---|---|---|---|
$container | array | array that is used as return value for getSelfServiceOptions() |
|
$name | String | attribute name (== field name) |
|
$label | String | label to display in front of input field |
|
$fields | array | list of active fields |
|
$attributes | array | attributes of LDAP account |
|
$readOnlyFields | array | list of read-only fields |
|
$required | boolean | field is required |
false |
$isTextArea | boolean | display as text area |
false |
Return value
Type | Description |
---|---|
n/a | n/a |
build_uploadAccounts( array $rawAccounts, array $ids, array $partialAccounts, array $selectedModules, ) : array
Description
In this function the LDAP accounts are built.Calling this method does not require the existence of an enclosing {@link accountContainer}.
Returns an array which contains subarrays to generate StatusMessages if any errors occured.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$rawAccounts | array | the user input data, contains one subarray for each account. |
|
$ids | array | list of IDs for column position (e.g. "posixAccount_uid" => 5) |
|
$partialAccounts | array | list of hash arrays (name => value) which are later added to LDAP |
|
$selectedModules | array | list of selected account modules |
Return value
Type | Description |
---|---|
array | list of error messages if any |
canSelfServiceFieldBeReadOnly( String $fieldID, \selfServiceProfile $profile, ) : boolean
Description
Returns if a given self service field can be set in read-only mode.Arguments
Name | Type | Description | Default |
---|---|---|---|
$fieldID | String | field identifier |
|
$profile | \selfServiceProfile | currently edited profile |
Return value
Type | Description |
---|---|
boolean | may be set read-only |
canSelfServiceFieldBeRelabeled( String $fieldID, \selfServiceProfile $profile, ) : boolean
Description
Returns if a self service field can be relabeled.Arguments
Name | Type | Description | Default |
---|---|---|---|
$fieldID | String | field ID |
|
$profile | \selfServiceProfile | currently edited profile |
Return value
Type | Description |
---|---|
boolean | may be relabeled |
can_manage( ) : boolean
Description
Returns true if this module can manage accounts of the current type, otherwise false.Calling this method does not require the existence of an enclosing {@link accountContainer}.
Return value
Type | Description |
---|---|
boolean | true if module fits |
Tags
Name | Description |
---|---|
see |
checkSelfServiceOptions( string $fields, array $attributes, boolean $passwordChangeOnly, array $readOnlyFields, ) : array
Description
Checks if all input values are correct and returns the LDAP attributes which should be changed.Return values:
messages: array of parameters to create status messages
add: array of attributes to add
del: array of attributes to remove
mod: array of attributes to modify
info: array of values with informational value (e.g. to be used later by pre/postModify actions) Calling this method does not require the existence of an enclosing {@link accountContainer}.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$fields | string | input fields |
|
$attributes | array | LDAP attributes |
|
$passwordChangeOnly | boolean | indicates that the user is only allowed to change his password and no LDAP content is readable |
|
$readOnlyFields | array | list of read-only fields |
Return value
Type | Description |
---|---|
array | messages and attributes (array('messages' => array(), 'add' => array('mail' => array('test@test.com')), 'del' => array(), 'mod' => array(), 'info' => array())) |
checkSelfServiceSettings( array $options, \selfServiceProfile $profile, ) : array
Description
Checks if the self service settings are valid.Calling this method does not require the existence of an enclosing {@link accountContainer}.
If the input data is invalid the return value is an array that contains arrays to build StatusMessages (message type, message head, message text). If no errors occured the function returns an empty array.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$options | array | hash array (option name => value) that contains the input. The option values are all arrays containing one or more elements. |
|
$profile | \selfServiceProfile | self service profile |
Return value
Type | Description |
---|---|
array | error messages |
checkSimpleSelfServiceTextField( array $container, String $name, array $attributes, string $fields, array $readOnlyFields, String $validationID = null, ) : n/a
Description
Checks the input value of a self service text field.The field name must be the same as the class name plus "_" plus attribute name (e.g. posixAccount_cn). If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).
Arguments
Name | Type | Description | Default |
---|---|---|---|
$container | array | return value of checkSelfServiceOptions() |
|
$name | String | attribute name |
|
$attributes | array | LDAP attributes |
|
$fields | string | input fields |
|
$readOnlyFields | array | list of read-only fields |
|
$validationID | String | validation ID for get_preg() |
null |
Return value
Type | Description |
---|---|
n/a | n/a |
check_configOptions( array $scopes, array $options, ) : array
Description
Checks input values of module settings.Calling this method does not require the existence of an enclosing {@link accountContainer}.
If the input data is invalid the return value is an array that contains subarrays to build StatusMessages ('message type', 'message head', 'message text').
If no errors occured the function returns an empty array.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$scopes | array | list of account types which are used |
|
$options | array | hash array (option name => value) that contains the input. The option values are all arrays containing one or more elements. |
Return value
Type | Description |
---|---|
array | list of error messages |
Tags
Name | Description |
---|---|
see |
check_profileOptions( array $options, ) : array
Description
Checks input values of account profiles.Calling this method does not require the existence of an enclosing {@link accountContainer}.
$options is an hash array (option name => value) that contains the user input. The option values are all arrays containing one or more elements.
If the input data is invalid the return value is an array that contains arrays to build StatusMessages (message type, message head, message text). If no errors occured the function returns an empty array.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$options | array | a hash array (name => value) containing the user input |
Return value
Type | Description |
---|---|
array | list of error messages (array(type, title, text)) to generate StatusMessages, if any |
Tags
Name | Description |
---|---|
see |
delete_attributes( ) : \List
Description
This function returns an array with the same syntax as save_attributes().Calling this method requires the existence of an enclosing {@link accountContainer}.
It allows additional LDAP changes when an account is deleted.
Return value
Type | Description |
---|---|
\List | of LDAP operations, same as for save_attributes() |
displaySpecialSelfServicePage( \selfServiceProfile $profile, ) : \htmlElement
Description
This function creates meta HTML code to display the module specific page for the self service.Arguments
Name | Type | Description | Default |
---|---|---|---|
$profile | \selfServiceProfile | self service settings |
Return value
Type | Description |
---|---|
\htmlElement | meta HTML object |
Tags
Name | Description |
---|---|
see |
display_html_attributes( ) : \htmlElement
Description
This function creates meta HTML code to display the module page.Calling this method requires the existence of an enclosing {@link accountContainer}.
Return value
Type | Description |
---|---|
\htmlElement | meta HTML object |
Tags
Name | Description |
---|---|
see |
display_html_delete( ) : \htmlElement
Description
This function creates meta HTML code which will be displayed when an account should be deleted.Calling this method requires the existence of an enclosing {@link accountContainer}.
This can be used to interact with the user, e.g. should the home directory be deleted? The output of all modules is displayed on a single page.
Return value
Type | Description |
---|---|
\htmlElement | meta HTML object |
Tags
Name | Description |
---|---|
see |
doUploadPostActions( array $data, array $ids, array $failed, array $temp, array $accounts, ) : array
Description
This function is responsible to do additional tasks after the account has been created in LDAP (e.g. modifying group memberships, adding Quota etc..). Calling this method does not require the existence of an enclosing {@link accountContainer}.
This function is called as long as the returned status is 'finished'. Please make sure that one function call lasts no longer than 3-4 seconds. Otherwise the upload may fail because the time limit is exceeded. You should not make more than one LDAP operation in each call.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$data | array | array containing one account in each element |
|
$ids | array | maps the column names to keys for the sub arrays (array( |
|
$failed | array | list of account numbers which could not be successfully uploaded to LDAP |
|
$temp | array | variable to store temporary data between two post actions |
|
$accounts | array | list of LDAP entries |
Return value
Type | Description |
---|---|
array | current status <br> array ( <br> 'status' => 'finished' | 'inProgress' // defines if all operations are complete <br> 'progress' => 0..100 // the progress of the operations in percent <br> 'errors' => array // list of arrays which are used to generate StatusMessages <br> ) |
doUploadPreActions( array $attributes, ) : array
Description
Runs any actions that need to be done before an LDAP entry is created.Arguments
Name | Type | Description | Default |
---|---|---|---|
$attributes | array | LDAP attributes of this entry (attributes are provided as reference, handle modifications of $attributes with care) |
Return value
Type | Description |
---|---|
array | array which contains status messages. Each entry is an array containing the status message parameters. |
getAccountContainer( ) : \accountContainer
Description
Returns the {@link accountContainer} object.Return value
Type | Description |
---|---|
\accountContainer | accountContainer object |
Tags
Name | Description |
---|---|
see |
getAttributes( ) : array
Description
Returns the LDAP attributes which are managed in this module.Return value
Type | Description |
---|---|
array | attributes |
getButtonStatus( ) : string
Description
Controls if the module button the account page is visible and activated.Calling this method requires the existence of an enclosing {@link accountContainer}.
Possible return values:
- enabled: button is visible and active
- disabled: button is visible and deactivated (greyed)
- hidden: no button will be shown
Return value
Type | Description |
---|---|
string | status ("enabled", "disabled", "hidden") |
getIcon( ) : \unknown
Description
Returns the path to the module icon.The path must be releative to graphics (e.g. key.png) or an URL (/icons/icon.png or http://server/icon.png). You can also set $this->meta['icon']. The preferred size is 32x32px.
Return value
Type | Description |
---|---|
\unknown |
Tags
Name | Description |
---|---|
see |
getLDAPAliases( ) : array
Description
Returns a list of aliases for LDAP attributes.Calling this method does not require the existence of an enclosing {@link accountContainer}.
All alias attributes will be renamed to the given attribute names.
Return value
Type | Description |
---|---|
array | list of aliases like array("alias name" => "attribute name") |
Tags
Name | Description |
---|---|
see |
getLinkToSpecialSelfServicePage( array $settings, ) : String
Description
This allows modules to create a link to a module specific page for the self service.The link is shown on the login page of the self service. You can use this to provide e.g. a page to reset passwords.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$settings | array | self service settings |
Return value
Type | Description |
---|---|
String | link text (null if no special page used) |
getManagedAttributes( ) : array
Description
Returns a list of LDAP attributes which are managed by this module.All attribute names will be renamed to match the given spelling.
Return value
Type | Description |
---|---|
array | list of attributes |
Tags
Name | Description |
---|---|
see |
getManagedObjectClasses( ) : array
Description
Returns a list of managed object classes for this module.Calling this method does not require the existence of an enclosing {@link accountContainer}.
This is used to fix spelling errors in LDAP-Entries (e.g. if "posixACCOUNT" is read instead of "posixAccount" from LDAP).
Example: return array('posixAccount')
Return value
Type | Description |
---|---|
array | list of object classes |
Tags
Name | Description |
---|---|
see |
getOriginalAttributes( ) : array
Description
Returns the LDAP attributes which are managed in this module (with unchanged values).Return value
Type | Description |
---|---|
array | attributes |
getRequiredExtensions( ) : array
Description
This function returns a list of PHP extensions (e.g. hash) which are needed by this module.Calling this method does not require the existence of an enclosing {@link accountContainer}.
Return value
Type | Description |
---|---|
array | extensions |
Tags
Name | Description |
---|---|
see |
getSelfServiceFields( ) : array
Description
Returns a list of possible input fields and their descriptions.Calling this method does not require the existence of an enclosing {@link accountContainer}.
Format: array(
Return value
Type | Description |
---|---|
array | fields |
Tags
Name | Description |
---|---|
see |
getSelfServiceLabel( String $fieldID, String $defaultLabel, ) : String
Description
Returns the field label. This can be either the given default label or an override value from profile.Arguments
Name | Type | Description | Default |
---|---|---|---|
$fieldID | String | field ID |
|
$defaultLabel | String | default label text |
Return value
Type | Description |
---|---|
String | label |
getSelfServiceOptions( array $fields, array $attributes, boolean $passwordChangeOnly, array $readOnlyFields, ) : array
Description
Returns the meta HTML code for each input field.Calling this method does not require the existence of an enclosing {@link accountContainer}.
It is not possible to display help links.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$fields | array | list of active fields |
|
$attributes | array | attributes of LDAP account |
|
$passwordChangeOnly | boolean | indicates that the user is only allowed to change his password and no LDAP content is readable |
|
$readOnlyFields | array | list of read-only fields |
Return value
Type | Description |
---|---|
array | list of meta HTML elements (field name => htmlTableRow) |
Tags
Name | Description |
---|---|
see |
getSelfServiceSearchAttributes( ) : array
Description
This function returns a list of possible LDAP attributes (e.g. uid, cn, ...) which can be used to search for LDAP objects. Calling this method does not require the existence of an enclosing {@link accountContainer}.
Return value
Type | Description |
---|---|
array | attributes |
Tags
Name | Description |
---|---|
see |
getSelfServiceSettings( \selfServiceProfile $profile, ) : \htmlElement
Description
Returns a list of self service configuration settings.Calling this method does not require the existence of an enclosing {@link accountContainer}.
The name attributes are used as keywords to load and save settings. We recommend to use the module name as prefix for them (e.g. posixAccount_homeDirectory) to avoid naming conflicts.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$profile | \selfServiceProfile | currently edited profile |
Return value
Type | Description |
---|---|
\htmlElement | meta HTML object |
Tags
Name | Description |
---|---|
see | |
see |
get_RDNAttributes( ) : array
Description
Returns a hash array containing a list of possible LDAP attributes that can be used to form the RDN (Relative Distinguished Name).Calling this method does not require the existence of an enclosing {@link accountContainer}.
The returned elements have this form:
Example: return array('uid' => 'normal', 'cn' => 'low')
Return value
Type | Description |
---|---|
array | list of attributes |
Tags
Name | Description |
---|---|
see |
get_alias( ) : string
Description
Returns an alias name for the module.Calling this method does not require the existence of an enclosing {@link accountContainer}.
This function returns a more descriptive string than the class name. Alias names are used for the buttons on the account pages and the module selection in the configuration wizard.
Please take care that your alias name is not too long. It may contain any character but should not include parts that may be interpreted by the browser (e.g. '<' or '>'). If you use different aliases dependent on the account type please make sure that there is a general alias for unknown types.
Return value
Type | Description |
---|---|
string | alias name |
Tags
Name | Description |
---|---|
see |
get_configOptions( array $scopes, array $allScopes, ) : mixed
Description
Returns a list of configuration options.Calling this method does not require the existence of an enclosing {@link accountContainer}.
The field names are used as keywords to load and save settings. We recommend to use the module name as prefix for them (e.g. posixAccount_homeDirectory) to avoid naming conflicts.
Arguments
Name | Type | Description | Default |
---|---|---|---|
$scopes | array | account types (user, group, host) |
|
$allScopes | array | list of all active account modules and their scopes (module => array(scopes)) |
Return value
Type | Description |
---|---|
mixed | htmlElement or array of htmlElement |
Tags
Name | Description |
---|---|
see | |
see |
get_dependencies( ) : array
Description
This function returns a list with all depending and conflicting modules.Calling this method does not require the existence of an enclosing {@link accountContainer}.
The return value is an array with two sub arrays, "depends" and "conflicts". All values of the conflict array are string values with module names. All values of the depends array are either string values with module names or arrays which include only string values with module names.
If an element of the depends array is itself an array, this means that your module depends on one of these modules.
Example: return array("depends" => array("posixAccount", array("qmail", "sendmail")), "conflicts" => array("exim"))
Return value
Type | Description |
---|---|
array | list of dependencies and conflicts |
Tags
Name | Description |
---|---|
see |
get_help( string $id, ) : array
Description
This function returns the help entry array for a specific help id.Calling this method does not require the existence of an enclosing {@link accountContainer}.
The result is an hashtable with the following keys:
- Headline (required)
The headline of this help entry. Can consist of any alpha-numeric characters. No HTML/CSS elements are allowed. - Text (required)
The text of the help entry which may contain any alpha-numeric characters. - SeeAlso (optional)
A reference to anonther related web site. It must be an array containing a field called "text" with the link text that should be displayed and a field called "link" which is the link target.
Example:
array('Headline' => 'This is the head line', 'Text' => 'Help content', 'SeeAlso' => array('text' => 'LAM homepage', 'link' => 'http://www.ldap-account-manager.org/'))
Arguments
Name | Type | Description | Default |
---|---|---|---|
$id | string | The id string for the help entry needed. |
Return value
Type | Description |
---|---|
array | The desired help entry. |
Tags
Name | Description |
---|---|
see |
get_ldap_filter( ) : string
Description
Returns an LDAP filter for the account listsCalling this method does not require the existence of an enclosing {@link accountContainer}.
Returns an array('or' => '...', 'and' => '...') that is used to build the LDAP filter. Usually, this is used to filter object classes. All "or" filter parts of the base modules are combined with OR and then combined with the "and" parts.
The resulting LDAP filter will look like this: (&(|(OR1)(OR2)(OR3))(AND1)(AND2)(AND3))
Example: return array('or' => '(objectClass=posixAccount)', 'and' => '(!(uid=*$))')
Return value
Type | Description |
---|---|
string | LDAP filter |
Tags
Name | Description |
---|---|
see |
get_metaData( ) : array
Description
This function provides meta data which is interpreted by baseModule.Only subclasses will return real data.
The aim of the meta data is to reduce the number of functions in the subclasses. All major data is centralized in one place.
The returned array contains a list of key-value pairs for the different functions.
- {@link can_manage()}
Key: account_types
Value: array of account types
Example: "account_types" => array("user", "host")
- {@link is_base_module()}
Key: is_base
Value: boolean
Example: "is_base" => true
- {@link get_ldap_filter()}
Key: ldap_filter
Value: array of filters
Example: "ldap_filter" => array('or' => 'objectClass=posixAccount', 'and' => '(!(uid=*$))')
- {@link getManagedObjectClasses()}
Key: objectClasses
Value: array of object classes
Example: "objectClasses" => array('posixAccount')
- {@link getLDAPAliases()}
Key: LDAPaliases
Value: array of aliases
Example: "LDAPaliases" => array('commonName' => 'cn')
- {@link get_RDNAttributes()}
Key: RDN
Value: array of RDNs
Example: "RDN" => array('uid' => 'normal', 'cn' => 'low')
- {@link get_dependencies()}
Key: dependencies
Value: array of dependencies
Example: "dependencies" => array("depends" => array("posixAccount", array("qmail", "sendmail")), "conflicts" => array("exim"))
- {@link get_profileOptions()}
Key: profile_options
Value: array of profile options
The syntax for the value array is the same as for the return value of get_profileOptions().
- {@link check_profileOptions()}
Key: profile_checks
Value: array of checks (array("optionName" => array()))
The "optionName" keys of the value array are the names of the option identifiers.
Each array element is an array itself containing these values:- type: determines how to check input
Possible values:- regex: check with regular expression from regex variable, case sensitive
- regex_i: check with regular expression from regex variable, case insensitive
- int_greater: integer value of cmp_name1 must be greater than the integer value from the option cmp_name2
- int_greaterOrEqual: integer value of cmp_name1 must be greater or equal than the integer value from the option cmp_name2
- error_message: message that is displayed if input value was syntactically incorrect
error_message is an array to build StatusMessages (message type, message head, message text, additional variables) - regex: regular expression string (only if type is regex/regex_i)
- cmp_name1: name of first input variable that is used for comparison (only if type is int_greater/int_greaterOrEqual)
- cmp_name2: name of second input variable that is used for comparison (only if type is int_greater/int_greaterOrEqual)
- required: true or false, if this input field must be filled set to true (optional)
- required_message: message that is displayed if no input value was given (only if required == true)
required_message is an array to build StatusMessages (message type, message head, message text, additional variables)
- type: determines how to check input
- {@link load_profile()}
Key: profile_mappings
Value: array('profile_identifier1' => 'LDAP_attribute1', 'profile_identifier2' => 'LDAP_attribute2')
The mapped values are stored directly in $this->attributes.
Example: "profile_mappings" => array('inetOrgPerson_title' => 'title')
- {@link get_configOptions()}
Key: config_options
Value: array('user' => array, 'host' => array, 'all' => array)
The values from 'all' are always returned, the other values only if they are inside the $scopes array.
The syntax for sub arrays is the same as for the return value of {@link get_configOptions()}.
- {@link check_configOptions()}
Key: config_checks
Value: array('user' => array, 'host' => 'array', 'all' => array)
The values from 'all' are always used for checking, the other values only if they are inside the $scopes array. The syntax for sub arrays is the same as for {@link check_configOptions()}.
- {@link get_uploadColumns()}
Key: upload_columns
Value: array
The syntax for array is the same as for the return value of {@link get_uploadColumns()}.
- {@link get_uploadPreDepends()}
Key: upload_preDepends
Value: array
The syntax for array is the same as for the return value of {@link get_uploadPreDepends()}.
- {@link getRequiredExtensions()}
Key: extensions
Value: array of extension names
Example: "extensions" => array('hash')
- {@link get_help()}
Key: help
Value: hashtable of help entries
The hashtable is an array which maps help IDs to help entries.
Example: 'help' => array('myEntry' => array('Headline' => 'This is the head line', 'Text' => 'Help content'))
- {@link getSelfServiceSearchAttributes()}
Key: selfServiceSearchAttributes
Value: array of attribute names
Example: "selfServiceSearchAttributes" => array('uid')
- {@link getSelfServiceFields()}
Key: selfServiceFieldSettings
Value: array of self service fields
Example: "selfServiceFieldSettings" => array('pwd' => 'Password')
Return value
Type | Description |
---|---|
array | meta data |
get_pdfEntries( ) : array
Description
Returns the PDF entries for this module.Return value
Type | Description |
---|---|
array | list of possible PDF entries |
get_pdfFields( ) : array
Description
Returns a hashtable with all entries that may be printed out in the PDF.Calling this method does not require the existence of an enclosing {@link accountContainer}.
This method must be overwritten in case that there are non static values to be returned. The $this->meta['PDF_fields'] array may be used for static content.
Format of returned hashtable:
This function uses XML formatted commands to define the PDF output. Each part in the PDF document is surrounded by "
Inside the
- simple line with attribute name and value:
attribute name attribute value - table:
attribute name value value value value
- Alignment in
: You can specify the alignment in tags with align=(L|R|C) (e.g. ) - Cell width:
allows an attribute "width" to set the cell width (e.g. or ). - Line breaks: Line breaks can be specified by adding a <
> tag. The new line will start at the left border of the PDF document.
Examples:
Simple name+value lines:
In most cases you will just want to display a single line per attribute with its name and value.
'myAttribute' => ' 'AttrName 12345
This will give the following PDF output:
Attribute name: 12345
Multiline values:
Sometimes you have multivalued attributes where it is not applicable to write all values in one line but where you want to list your values one below the other or show a table. This can be done by using thetag.
This example only uses one column but you can just use moretags per tag to display more columns.
'myAttribute' => 'AttrName 123 456 '789 Return value
Type Description array PDF entries Tags
Name Description see get_profileOptions( ) : \htmlElement
Description
This function defines what attributes will be used in the account profiles and their appearance in the profile editor.
Calling this method does not require the existence of an enclosing {@link accountContainer}.
The return value is an object implementing htmlElement.
The field name are used as keywords to load and save profiles. We recommend to use the module name as prefix for them (e.g. posixAccount_homeDirectory) to avoid naming conflicts.Return value
Type Description \htmlElement meta HTML object Tags
Name Description see see get_scope( ) : string
Description
Returns the account type of this module (user, group, host)Return value
Type Description string account type get_uploadColumns( array $selectedModules, ) : array
Description
Returns an array containing all input columns for the file upload.
Calling this method does not require the existence of an enclosing {@link accountContainer}.
This funtion returns an array which contains subarrays which represent an upload column. Syntax of column arrays:
array(
string: name, // fixed non-translated name which is used as column name (should be of format:_ )
string: description, // short descriptive name
string: help, // help ID
string: example, // example value
string: values, // possible input values (optional)
string: default, // default value (optional)
boolean: required // true, if user must set a value for this column
boolean: unique // true if all values of this column must be different values (optional, default: "false")
)Arguments
Name Type Description Default $selectedModules array list of selected account modules
Return value
Type Description array column list Tags
Name Description see get_uploadPreDepends( ) : array
Description
Returns a list of module names which must be processed in building the account befor this module.
Calling this method does not require the existence of an enclosing {@link accountContainer}.
The named modules may not be active, LAM will check this automatically.Return value
Type Description array list of module names Tags
Name Description see handleAjaxRequest( ) : n/a
Description
Manages AJAX requests.
This function may be called with or without an account container.Return value
Type Description n/a n/a init( string $base, ) : n/a
Description
Initializes the module after it became part of an {@link accountContainer}
Calling this method requires the existence of an enclosing {@link accountContainer}.Arguments
Name Type Description Default $base string the name of the {@link accountContainer} object ($_SESSION[$base])
Return value
Type Description n/a n/a isBooleanConfigOptionSet( String $optionName, boolean $default = false, ) : boolean
Description
Returns if the given configuration option is set.
This function returns false if the configuration options cannot be read.Arguments
Name Type Description Default $optionName String name of the option
$default boolean default value if config option is not set at all (default: false)
false Return value
Type Description boolean true if option is set is_base_module( ) : boolean
Description
Returns true if your module is a base module and otherwise false.
Calling this method does not require the existence of an enclosing {@link accountContainer}.
Every account type needs exactly one base module. A base module manages a structural object class. E.g. the inetOrgPerson module is a base module since its object class is structural.Return value
Type Description boolean true if base module (defaults to false if no meta data is provided) Tags
Name Description see load_Messages( ) : n/a
Description
This function fills the $messages variable with output messages from this module.
Calling this method requires the existence of an enclosing {@link accountContainer}.Return value
Type Description n/a n/a load_attributes( array $attributes, ) : n/a
Description
This function loads the LDAP attributes when an account should be loaded.
Calling this method requires the existence of an enclosing {@link accountContainer}.
By default this method loads the object classes and accounts which are specified in {@link getManagedObjectClasses()} and {@link getManagedAttributes()}.Arguments
Name Type Description Default $attributes array array like the array returned by get_ldap_attributes(dn of account) but without count indices
Return value
Type Description n/a n/a load_profile( array $profile, ) : n/a
Description
This function loads the values from an account profile to the module's internal data structures.
Calling this method does not require the existence of an enclosing {@link accountContainer}.Arguments
Name Type Description Default $profile array hash array with profile values (identifier => value)
Return value
Type Description n/a n/a Tags
Name Description see module_complete( ) : boolean
Description
This function is used to check if all settings for this module have been made.
Calling this method requires the existence of an enclosing {@link accountContainer}.
This function tells LAM if it can create/modify the LDAP account. If your module needs any additional input then set this to false. The user will be notified that your module needs more input.
This method's return value defaults to true.Return value
Type Description boolean true, if settings are complete module_ready( ) : boolean
Description
This function is used to check if this module page can be displayed.
Calling this method requires the existence of an enclosing {@link accountContainer}.
Your module might depend on input of other modules. This function determines if the user can change to your module page or not. The return value is true if your module accepts input, otherwise false.
This method's return value defaults to true.Return value
Type Description boolean true, if page can be displayed postDeleteActions( ) : array
Description
Allows the module to run commands after the LDAP entry is deleted.
Calling this method requires the existence of an enclosing {@link accountContainer}.Return value
Type Description array Array which contains status messages. Each entry is an array containing the status message parameters. postModifyActions( boolean $newAccount, array $attributes, ) : array
Description
Allows the module to run commands after the LDAP entry is changed or created.
Calling this method requires the existence of an enclosing {@link accountContainer}.Arguments
Name Type Description Default $newAccount boolean new account
$attributes array LDAP attributes of this entry
Return value
Type Description array array which contains status messages. Each entry is an array containing the status message parameters. postModifySelfService( boolean $newAccount, array $attributes, ) : boolean
Description
Allows the module to run commands after the LDAP entry is changed or created.Arguments
Name Type Description Default $newAccount boolean is new account or existing one
$attributes array LDAP attributes of this entry
Return value
Type Description boolean true, if no problems occured preDeleteActions( ) : array
Description
Allows the module to run commands before the LDAP entry is deleted.
Calling this method requires the existence of an enclosing {@link accountContainer}.Return value
Type Description array Array which contains status messages. Each entry is an array containing the status message parameters. preModifyActions( boolean $newAccount, array $attributes, ) : array
Description
Allows the module to run commands before the LDAP entry is changed or created.
Calling this method requires the existence of an enclosing {@link accountContainer}.
The modification is aborted if an error message is returned.Arguments
Name Type Description Default $newAccount boolean new account
$attributes array LDAP attributes of this entry (added/modified attributes are provided as reference, handle modifications of $attributes with care)
Return value
Type Description array array which contains status messages. Each entry is an array containing the status message parameters. preModifySelfService( boolean $newAccount, array $attributes, ) : boolean
Description
Allows the module to run commands before the LDAP entry is changed or created.
An error message should be printed if the function returns false.Arguments
Name Type Description Default $newAccount boolean is new account or existing one
$attributes array LDAP attributes of this entry
Return value
Type Description boolean true, if no problems occured processMultiValueInputTextField( String $attrName, array $errors, String $validationID = null, ) : n/a
Description
Validates a multi-value text field.
The input fields must be created with function addMultiValueInputTextField(). If validation is used then there must exist a message named [{attribute name}][0] (e.g. $this->messages['street'][0]).Arguments
Name Type Description Default $attrName String attribute name
$errors array errors array where to put validation errors
$validationID String validation ID for function get_preg() (default: null, null means no validation)
null Return value
Type Description n/a n/a process_attributes( ) : array
Description
This function processes user input.
Calling this method requires the existence of an enclosing {@link accountContainer}.
It checks the user input and saves changes in the module's data structures.
Example: return array(array('ERROR', 'Invalid input!', 'This is not allowed here.'));Return value
Type Description array Array which contains status messages. Each entry is an array containing the status message parameters. save_attributes( ) : array
Description
Returns a list of modifications which have to be made to the LDAP account.
Calling this method requires the existence of an enclosing {@link accountContainer}.
This function returns an array with 3 entries:
array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
DN is the DN to change. It is possible to change several DNs (e.g. create a new user and add him to some groups via attribute memberUid)
"add" are attributes which have to be added to the LDAP entry
"remove" are attributes which have to be removed from the LDAP entry
"modify" are attributes which have to be modified in the LDAP entry
"notchanged" are attributes which stay unchanged
"info" values with informational value (e.g. to be used later by pre/postModify actions)
This builds the required comands from $this-attributes and $this->orig.Return value
Type Description array list of modifications supportsAdminInterface( ) : boolean
Description
Specifies if this module supports the LAM admin interface.
The LAM admin interface are the pages that allow to manage e.g. users and groups. In contrast there is also the LAM self service interface. Most modules support the admin interface.Return value
Type Description boolean support admin interface Properties
$attributes, $autoAddObjectClasses, $base, $messages, $meta, $moduleSettings, $orig, $scope, $selfServiceSettings,Namespaces
-
global
Packages
-
Crypt_AES
- Crypt_AES
Pure-PHP implementation of AES.
- Crypt_AES
-
Crypt_DES
- Crypt_DES
Pure-PHP implementation of DES.
- Crypt_DES
-
Crypt_Hash
- Crypt_Hash
Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions.
- Crypt_Hash
-
Crypt_RC4
- Crypt_RC4
Pure-PHP implementation of RC4.
- Crypt_RC4
-
Crypt_RSA
- Crypt_RSA
Pure-PHP PKCS#1 compliant implementation of RSA.
- Crypt_RSA
-
Crypt_Random
-
Crypt_Rijndael
- Crypt_Rijndael
Pure-PHP implementation of Rijndael.
- Crypt_Rijndael
-
Crypt_TerraDES
- Crypt_TripleDES
Pure-PHP implementation of Triple DES.
- Crypt_TripleDES
-
Crypt_TripleDES
-
Help
-
LDAP
- Ldap
Ldap manages connection to LDAP and includes several helper functions.
- Ldap
-
Math_BigInteger
- Math_BigInteger
Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256 numbers.
- Math_BigInteger
-
Net_SFTP
- Net_SFTP
Pure-PHP implementations of SFTP.
- Net_SFTP
-
Net_SSH1
- Net_SSH1
Pure-PHP implementation of SSHv1.
- Net_SSH1
-
Net_SSH2
- Net_SSH2
Pure-PHP implementation of SSHv2.
- Net_SSH2
-
PHP_Compat
-
configuration
- LAMCfgMain
This class manages config.cfg. - LAMConfig
This class manages .conf files.
- LAMCfgMain
- horde.cipher
-
lam
- smbHash
Calculates NT and LM hashes.
- smbHash
-
lib
- AttributeType
Represents an LDAP AttributeType - MatchingRule
Represents an LDAP MatchingRule - MatchingRuleUse
Represents an LDAP schema matchingRuleUse entry - ObjectClass
Represents an LDAP objectClass - ObjectClassAttribute
A simple class for representing AttributeTypes used only by the ObjectClass class. - SchemaItem
Generic parent class for all schema items. A schema item is an ObjectClass, an AttributeBype, a MatchingRule, or a Syntax. - Syntax
Represents an LDAP Syntax
- AttributeType
-
lists
- kolabSharedFolderTypeList
Generates the list view. - lamAsteriskExtList
Generates the list view. - lamBooleanListOption
Boolean option for list configuration. - lamDHCPList
Generates the list view. - lamGroupList
Generates the list view. - lamHostList
Generates the list view. - lamList
Generates the list view. - lamListOption
Represents a list configuration option. - lamListTool
Represents a tool which can be included in the account lists. - lamMailAliasList
Generates the list view. - lamNetgroupList
Generates the list view. - lamPykotaBillingCodeTypeList
Generates the list view. - lamPykotaPrinterTypeList
Generates the list view. - lamSelectListOption
Boolean option for list configuration. - lamSmbDomainList
Generates the list view. - lamUserList
Generates the list view.
- kolabSharedFolderTypeList
-
main
-
metaHTML
- htmlAccountPageButton
Prints a button for the account pages. - htmlButton
Simple button. - htmlDiv
Creates a simple DIV element. - htmlElement
Represents a HTML element. - htmlEqualHeight
Sets all given elements to the same height. - htmlEqualWidth
Sets all given elements to the same width. - htmlFieldset
Generates a fieldset. - htmlGroup
Groups multiple htmlElements. - htmlHelpLink
Renders a help link. - htmlHiddenInput
Generates a hidden input field. - htmlHorizontalLine
Prints a horizontal line. - htmlImage
Prints the HTML code for an image. - htmlInputCheckbox
Prints the HTML code for a checkbox. - htmlInputField
A standard input field. - htmlInputFileUpload
Prints the HTML code for a file upload field. - htmlInputTextarea
Prints the HTML code for a textarea. - htmlJavaScript
Creates a JavaScript element. - htmlLink
Generates a link. - htmlOutputText
Prints the text and escapes contained HTML code by default. - htmlRadio
Represents a radio selection. - htmlSelect
Represents a select box. - htmlSortableList
Creates a list of elements that can be sorted by the user via drag'n'drop. - htmlSpacer
Adds an empty space with given width and height. - htmlStatusMessage
Prints a status message (e.g. error message). - htmlSubTitle
Generates a subtitle line. This is used to group multiple fields. - htmlTable
Structures elements using a table. - htmlTableExtendedInputCheckbox
Checkbox with descriptive label and help link. - htmlTableExtendedInputField
An extended input field that combines label, input field and help. - htmlTableExtendedInputFileUpload
File upload with descriptive label and help link. - htmlTableExtendedInputTextarea
Text area with label and help link. - htmlTableExtendedRadio
Radio list with descriptive label and help link. - htmlTableExtendedSelect
Select with label and help link. - htmlTableRow
A row inside a htmlTable. - htmlTitle
Generates a title line. This is used for page titles.
- htmlAccountPageButton
-
modules
- account
Manages the object class "account" for users and hosts. - accountContainer
This class includes all modules and attributes of an account. - asteriskAccount
Manages the Asterisk extension of user accounts. - asteriskExtension
Manages Asterisk extensions. - asteriskVoicemail
Manages the Asterisk extension of user accounts. - authorizedServiceObject
Provides Authorized Service for accounts. - baseModule
Parent class of all account modules. - ddns
Manages DDNS entries. - dhcp_settings
Manages DHCP entries. - eduPerson
Manages the eduPerson extension for user accounts. - fixed_ip
Manages DHCP host entries. - freeRadius
Manages FreeRadius accounts. - generalInformation
Shows general information like the creation time of an account. - hostObject
Manages the hosts to which a user may login. - ieee802device
Provides MAC addresses for hosts. - imapAccess
Manages mailboxes on an IMAP server. - inetLocalMailRecipient
Provides mail routing for users. - inetOrgPerson
This module manages LDAP attributes of the object class inetOrgPerson (e.g. name and address). - kolabGroup
Manages Kolab group accounts. - kolabSharedFolder
Manages Kolab shared folders. - kolabUser
Manages Kolab user accounts. - ldapPublicKey
Manages SSH public keys. - nisMailAlias
Provides NIS mail alias management. - nisnetgroup
Manages entries based on the object class nisNetgroup. - passwordService
This interface needs to be implemented by all account modules which manage passwords. - posixAccount
Manages the object class "posixAccount" for users and hosts. - posixGroup
Manages the object class "posixGroup" for groups. - puppetClient
Manages Puppet configuration options. - pykotaBillingCode
Manages PyKota billing codes. - pykotaGroup
Manages PyKota group accounts. - pykotaGroupStructural
Manages PyKota group accounts. - pykotaPrinter
Manages PyKota printers. - pykotaUser
Manages PyKota user accounts. - pykotaUserStructural
Manages PyKota user accounts. - quota
Manages quotas for users and groups. - range
Manages DHCP ranges for DHCP server. - samba3domain
Represents a Samba 3 domain entry - sambaDomain
Manages Samba 3 domain entries. - sambaGroupMapping
Manages the object class "sambaGroupMapping" for groups. - sambaMungedDial
Manages terminal server settings for Samba 3. - sambaSamAccount
Manages the object class "sambaSamAccount" for users and hosts. - shadowAccount
Manages the object class "shadowAccount" for users. - smbHash
Calculates NT and LM hashes. - systemQuotas
Manages user quotas with the object class systemQuotas. - windowsGroup
Manages Windows AD (e.g. Samba 4) groups. - windowsHost
Manages Windows AD (e.g. Samba 4) hosts. - windowsPosixGroup
Manages Unix groups in Windows LDAP schema. - windowsUser
Manages Windows AD (e.g. Samba 4) users.
- account
-
phpLDAPadmin
-
profiles
-
selfService
- selfServiceProfile
Includes all settings of a self service profile.
- selfServiceProfile
-
tools
- LAMSubTool
Represents a subtool. - LAMTool
Represents a tool. - toolFileUpload
File upload - toolMultiEdit
Multi edit tool that allows LDAP operations on multiple entries. - toolOUEditor
OU editor - toolPDFEditor
PDF editor - toolProfileEditor
Profile editor - toolSchemaBrowser
Schema browser - toolServerInformation
Server information - toolTests
Tests page
- LAMSubTool
-
types
- asteriskExt
The account type for Asterisk extensions. - baseType
This is the parent class of all account types. - dhcp
The account type for DHCP - group
The account type for group accounts (e.g. Unix and Samba). - host
The account type for host accounts (e.g. Samba). - kolabSharedFolderType
The account type for Kolab shared folders. - mailAlias
The account type for mail aliases. - netgroup
The account type for NIS netgroups. - pykotaBillingCodeType
The account type for PyKota billing codes. - pykotaPrinterType
The account type for PyKota printers. - smbDomain
The account type for Samba domains. - user
The account type for user accounts (e.g. Unix, Samba and Kolab).
- asteriskExt
- Cell width: