77
80
// managed object classes
78
81
$return['objectClasses'] = array('radiusprofile');
79
82
// managed attributes
80
$return['attributes'] = array('radiusFramedIPAddress', 'radiusFramedIPNetmask', 'radiusRealm', 'radiusGroupName', 'radiusExpiration', 'radiusIdleTimeout');
83
$return['attributes'] = array('radiusFramedIPAddress', 'radiusFramedIPNetmask', 'radiusRealm', 'radiusGroupName',
84
'radiusExpiration', 'radiusIdleTimeout', 'dialupAccess', 'radiusProfileDn');
82
86
$return['help'] = array(
83
87
'radiusFramedIPAddress' => array(
108
112
"Headline" => _("Idle timeout"), 'attr' => 'radiusIdleTimeout',
109
113
"Text" => _("Specifies the maximum number of seconds that a connection can be idle before the session is terminated.")
115
'dialupAccess' => array(
116
"Headline" => _("Enabled"), 'attr' => 'dialupAccess',
117
"Text" => _("Specifies if the user may authenticate with FreeRadius.")
119
'profileDN' => array(
120
"Headline" => _("Profile DN"), 'attr' => 'radiusProfileDn',
121
"Text" => _('DN where Radius profile templates are stored.')
123
'radiusProfileDn' => array(
124
"Headline" => _("Profile"), 'attr' => 'radiusProfileDn',
125
"Text" => _('Radius profile for this user.')
111
127
'hiddenOptions' => array(
112
128
"Headline" => _("Hidden options"),
113
129
"Text" => _("The selected options will not be managed inside LAM. You can use this to reduce the number of displayed input fields.")
115
// configuration settings
116
$configContainer = new htmlTable();
117
$configContainerHead = new htmlTable();
118
$configContainerHead->addElement(new htmlOutputText(_('Hidden options')));
119
$configContainerHead->addElement(new htmlHelpLink('hiddenOptions'));
120
$configContainerOptions = new htmlTable();
121
$configContainer->addElement($configContainerHead, true);
122
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusFramedIPAddress', false, _('IP address'), null, false));
123
$configContainerOptions->addElement(new htmlOutputText(' '));
124
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusFramedIPNetmask', false, _('Net mask'), null, false));
125
$configContainerOptions->addElement(new htmlOutputText(' '));
126
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusRealm', false, _('Realm'), null, false));
127
$configContainerOptions->addElement(new htmlOutputText(' '));
128
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusGroupName', false, _('Group names'), null, false));
129
$configContainerOptions->addElement(new htmlOutputText(' '));
130
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusExpiration', false, _('Expiration date'), null, false));
131
$configContainerOptions->addNewLine();
132
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusIdleTimeout', false, _('Idle timeout'), null, false));
133
$configContainer->addElement($configContainerOptions, true);
134
$return['config_options']['all'] = $configContainer;
135
131
// profile settings
136
132
$profileElements = array();
137
133
if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusFramedIPNetmask')) {
161
157
'error_message' => $this->messages['radiusIdleTimeout'][0]);
162
158
$return['profile_mappings']['freeRadius_radiusIdleTimeout'] = 'radiusIdleTimeout';
160
if (!$this->isBooleanConfigOptionSet('freeRadius_hideDialupAccess')) {
161
$enabledOptions = array('-' => '', _('Yes') => 'true', _('No') => 'false');
162
$dialupAccessSelect = new htmlTableExtendedSelect('freeRadius_dialupAccess', $enabledOptions, array('true'), _('Enabled'), 'dialupAccess');
163
$dialupAccessSelect->setHasDescriptiveElements(true);
164
$profileElements[] = $dialupAccessSelect;
165
$return['profile_mappings']['freeRadius_dialupAccess'] = 'dialupAccess';
167
if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusProfileDn') && isLoggedIn()) {
168
$profileOptions = array('-' => '');
169
foreach ($this->getProfiles() as $dn) {
170
$profileOptions[getAbstractDN($dn)] = $dn;
172
$profileSelect = new htmlTableExtendedSelect('freeRadius_radiusProfileDn', $profileOptions, array(''), _('Profile'), 'radiusProfileDn');
173
$profileSelect->setHasDescriptiveElements(true);
174
$profileElements[] = $profileSelect;
175
$return['profile_mappings']['freeRadius_radiusProfileDn'] = 'radiusProfileDn';
164
177
if (sizeof($profileElements) > 0) {
165
178
$profileContainer = new htmlTable();
166
179
for ($i = 0; $i < sizeof($profileElements); $i++) {
219
232
'example' => '3600'
235
if (!$this->isBooleanConfigOptionSet('freeRadius_hideDialupAccess')) {
236
$return['upload_columns'][] = array(
237
'name' => 'freeRadius_dialupAccess',
238
'description' => _('Enabled'),
239
'help' => 'dialupAccess',
241
'values' => 'true, false'
244
if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusProfileDn')) {
245
$return['upload_columns'][] = array(
246
'name' => 'freeRadius_radiusProfileDn',
247
'description' => _('Profile'),
248
'help' => 'radiusProfileDn',
249
'example' => 'cn=profile,ou=radiusProfile,dc=example,dc=com'
222
252
// available PDF fields
223
253
$return['PDF_fields'] = array();
224
254
if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusFramedIPAddress')) {
239
269
if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusIdleTimeout')) {
240
270
$return['PDF_fields']['radiusIdleTimeout'] = _('Idle timeout');
272
if (!$this->isBooleanConfigOptionSet('freeRadius_hideDialupAccess')) {
273
$return['PDF_fields']['dialupAccess'] = _('Enabled');
275
if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusProfileDn')) {
276
$return['PDF_fields']['radiusProfileDn'] = _('Profile');
282
* Returns a list of configuration options.
284
* Calling this method does not require the existence of an enclosing {@link accountContainer}.<br>
286
* The field names are used as keywords to load and save settings.
287
* We recommend to use the module name as prefix for them (e.g. posixAccount_homeDirectory) to avoid naming conflicts.
289
* @param array $scopes account types (user, group, host)
290
* @param array $allScopes list of all active account modules and their scopes (module => array(scopes))
291
* @return mixed htmlElement or array of htmlElement
295
public function get_configOptions($scopes, $allScopes) {
296
$configContainer = new htmlTable();
297
$configContainer->addElement(new htmlTableExtendedInputField(_('Profile DN'), 'freeRadius_profileDN', '', 'profileDN'), true);
298
$configContainer->addVerticalSpace('10px');
299
$configContainerHead = new htmlTable();
300
$configContainerHead->colspan = 5;
301
$configContainerHead->addElement(new htmlOutputText(_('Hidden options')));
302
$configContainerHead->addElement(new htmlHelpLink('hiddenOptions'));
303
$configContainerOptions = new htmlTable();
304
$configContainerOptions->colspan = 5;
305
$configContainer->addElement($configContainerHead, true);
306
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusFramedIPAddress', false, _('IP address'), null, false));
307
$configContainerOptions->addElement(new htmlOutputText(' '));
308
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusFramedIPNetmask', false, _('Net mask'), null, false));
309
$configContainerOptions->addElement(new htmlOutputText(' '));
310
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusRealm', false, _('Realm'), null, false));
311
$configContainerOptions->addElement(new htmlOutputText(' '));
312
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusGroupName', false, _('Group names'), null, false));
313
$configContainerOptions->addElement(new htmlOutputText(' '));
314
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusExpiration', false, _('Expiration date'), null, false));
315
$configContainerOptions->addNewLine();
316
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusIdleTimeout', false, _('Idle timeout'), null, false));
317
$configContainerOptions->addElement(new htmlOutputText(' '));
318
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideRadiusProfileDn', false, _('Profile'), null, false));
319
$configContainerOptions->addElement(new htmlOutputText(' '));
320
$configContainerOptions->addElement(new htmlTableExtendedInputCheckbox('freeRadius_hideDialupAccess', false, _('Enabled'), null, false));
321
$configContainer->addElement($configContainerOptions, true);
322
return $configContainer;
246
326
* This function fills the error message array with messages
258
338
$this->messages['radiusExpiration'][1] = array('ERROR', _('Account %s:') . ' freeRadius_radiusExpiration', _('The expiration date must be in format DD.MM.YYYY HH:MM.'));
259
339
$this->messages['radiusIdleTimeout'][0] = array('ERROR', _('Please enter a numeric value for the idle timeout.'));
260
340
$this->messages['radiusIdleTimeout'][1] = array('ERROR', _('Account %s:') . ' freeRadius_radiusIdleTimeout', _('Please enter a numeric value for the idle timeout.'));
341
$this->messages['dialupAccess'][0] = array('ERROR', _('Account %s:') . ' freeRadius_dialupAccess', _('This value can only be "true" or "false".'));
342
$this->messages['radiusProfileDn'][0] = array('ERROR', _('Account %s:') . ' freeRadius_radiusProfileDn', _('This is not a valid DN!'));
302
384
$return->addElement($radiusExpirationList);
303
385
$return->addElement(new htmlHelpLink('radiusExpiration'), true);
388
if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusProfileDn')) {
389
$profiles = array('-' => '-');
390
foreach ($this->getProfiles() as $dn) {
391
$profiles[getAbstractDN($dn)] = $dn;
394
if (!empty($this->attributes['radiusProfileDn'][0])) {
395
$profile = $this->attributes['radiusProfileDn'];
396
if (!in_array($this->attributes['radiusProfileDn'][0], $profiles)) {
397
$profiles[getAbstractDN($this->attributes['radiusProfileDn'][0])] = $this->attributes['radiusProfileDn'][0];
400
$profileSelect = new htmlTableExtendedSelect('radiusProfileDn', $profiles, $profile, _('Profile'), 'radiusProfileDn');
401
$profileSelect->setHasDescriptiveElements(true);
402
$return->addElement($profileSelect, true);
405
if (!$this->isBooleanConfigOptionSet('freeRadius_hideDialupAccess')) {
406
$enabled = array('');
407
if (!empty($this->attributes['dialupAccess'][0])) {
408
$enabled = array($this->attributes['dialupAccess'][0]);
409
// value in LDAP may be anything other than "false" to count as "true"
410
if (!in_array($this->attributes['dialupAccess'][0], array('true', 'false', 'TRUE', 'FALSE'))) {
411
$enabled = array('true');
414
$enabledOptions = array('-' => '', _('Yes') => 'true', _('No') => 'false');
415
$enabledSelect = new htmlTableExtendedSelect('dialupAccess', $enabledOptions, $enabled, _('Enabled'), 'dialupAccess');
416
$enabledSelect->setHasDescriptiveElements(true);
417
$return->addElement($enabledSelect, true);
305
419
// button to remove extension
306
420
$return->addElement(new htmlSpacer(null, '10px'), true);
307
421
$remButton = new htmlButton('remObjectClass', _('Remove FreeRadius extension'));
371
485
$errors[] = $this->messages['radiusIdleTimeout'][0];
489
if (!$this->isBooleanConfigOptionSet('freeRadius_hideDialupAccess')) {
490
if (!empty($this->attributes['dialupAccess']) && ($_POST['dialupAccess'] === '')) {
491
unset($this->attributes['dialupAccess']);
493
elseif ($_POST['dialupAccess'] === 'false') {
494
$this->attributes['dialupAccess'][0] = 'false';
496
elseif ($_POST['dialupAccess'] === 'true') {
497
$this->attributes['dialupAccess'][0] = 'true';
501
if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusProfileDn')) {
502
if (($_POST['radiusProfileDn'] == '-') && !empty($this->attributes['radiusProfileDn'])) {
503
unset($this->attributes['radiusProfileDn']);
505
elseif ($_POST['radiusProfileDn'] != '-') {
506
$this->attributes['radiusProfileDn'][0] = $_POST['radiusProfileDn'];
524
659
$this->mapSimpleUploadField($rawAccounts, $ids, $partialAccounts, $i, 'freeRadius_radiusIdleTimeout', 'radiusIdleTimeout',
525
660
'digit', $this->messages['radiusIdleTimeout'][1], $errors);
662
if (!empty($rawAccounts[$i][$ids['freeRadius_dialupAccess']])) {
663
if (in_array($rawAccounts[$i][$ids['freeRadius_dialupAccess']], array('true', 'false'))) {
664
$partialAccounts[$i]['dialupAccess'] = $rawAccounts[$i][$ids['freeRadius_dialupAccess']];
667
$errMsg = $this->messages['dialupAccess'][0];
668
array_push($errMsg, array($i));
673
if (!empty($rawAccounts[$i][$ids['freeRadius_radiusProfileDn']])) {
674
if (get_preg($rawAccounts[$i][$ids['freeRadius_radiusProfileDn']], 'dn')) {
675
$partialAccounts[$i]['radiusProfileDn'] = $rawAccounts[$i][$ids['freeRadius_radiusProfileDn']];
678
$errMsg = $this->messages['radiusProfileDn'][0];
679
array_push($errMsg, array($i));
531
* Returns the PDF entries for this module.
533
* @return array list of possible PDF entries
535
function get_pdfEntries() {
688
* Returns a list of possible PDF entries for this account.
690
* @param array $pdfKeys list of PDF keys that are included in document
691
* @return list of PDF entries (array(<PDF key> => <PDF lines>))
693
function get_pdfEntries($pdfKeys) {
536
694
$return = array();
537
695
$this->addSimplePDFField($return, 'radiusFramedIPAddress', _('IP address'));
538
696
$this->addSimplePDFField($return, 'radiusFramedIPNetmask', _('Net mask'));
539
697
$this->addSimplePDFField($return, 'radiusRealm', _('Realm'));
540
698
$this->addSimplePDFField($return, 'radiusGroupName', _('Group names'));
541
699
$this->addSimplePDFField($return, 'radiusIdleTimeout', _('Idle timeout'));
700
$this->addSimplePDFField($return, 'radiusProfileDn', _('Profile'));
542
701
if (isset($this->attributes['radiusExpiration'][0])) {
543
$return[get_class($this) . '_radiusExpiration'][0] = '<block><key>' . _('Expiration date') . '</key><value>' . $this->formatExpirationDate($this->attributes['radiusExpiration'][0]) . '</value></block>';
702
$this->addPDFKeyValue($return, 'radiusExpiration', _('Expiration date'), $this->formatExpirationDate($this->attributes['radiusExpiration'][0]));
704
if (isset($this->attributes['dialupAccess'][0])) {
706
if (in_array($this->attributes['dialupAccess'][0], array('false', 'FALSE'))) {
709
$this->addPDFKeyValue($return, 'dialupAccess', _('Enabled'), $enabled);
774
* Returns a list of possible profile DNs.
776
* @return array list of profile DNs
778
private function getProfiles() {
779
if ($this->profileCache != null) {
780
return $this->profileCache;
782
if (empty($this->moduleSettings['freeRadius_profileDN'][0])) {
785
$list = searchLDAP($this->moduleSettings['freeRadius_profileDN'][0], '(objectClass=radiusProfile)', array('dn'));
786
foreach ($list as $attr) {
787
$this->profileCache[] = $attr['dn'];
789
usort($this->profileCache, 'compareDN');
790
return $this->profileCache;