--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/users.php Tue Jan 08 23:13:29 2013 -0500
@@ -0,0 +1,144 @@
+<?php
+
+require('includes/starthere.php');
+
+// POSTed actions
+if ( !empty($_SERVER['PATH_INFO']) )
+{
+ $pi = explode('/', trim($_SERVER['PATH_INFO'], '/'));
+ switch($pi[0])
+ {
+ case 'disable':
+ if ( !isset($pi[1]) )
+ break;
+
+ $user =& $pi[1];
+ $userinfo = ldap_get_user($user);
+ if ( !$userinfo )
+ break;
+
+ disable_user($user);
+
+ queue_message(E_NOTICE, "{$userinfo['cn']}'s account was disabled.");
+ break;
+ case 'enable':
+ if ( !isset($pi[1]) )
+ break;
+
+ $user =& $pi[1];
+ $userinfo = ldap_get_user($user);
+ if ( !$userinfo )
+ break;
+
+ enable_user($user);
+
+ queue_message(E_NOTICE, "{$userinfo['cn']}'s account was enabled.");
+ break;
+ case 'delete':
+ if ( !isset($pi[1]) )
+ break;
+
+ $user =& $pi[1];
+ $userinfo = ldap_get_user($user);
+ if ( !$userinfo )
+ break;
+
+ delete_user($user);
+
+ queue_message(E_NOTICE, "{$userinfo['cn']}'s account was deleted.");
+ break;
+ case 'create':
+
+ if ( empty($_POST) )
+ {
+ queue_message(E_ERROR, "Bad request");
+ break;
+ }
+
+ // basic re-validation
+ if ( $_POST['password'] !== $_POST['password_confirm'] )
+ {
+ queue_message(E_ERROR, "Passwords do not match");
+ break;
+ }
+
+ if ( empty($_POST['cn']) )
+ $_POST['cn'] = "{$_POST['givenName']} {$_POST['surname']}";
+
+ if ( empty($_POST['uid']) )
+ $_POST['uid'] = sprintf("%s%s", strtolower($_POST['givenName']{0}), strtolower(preg_replace('/[^A-Za-z0-9]/', '', $_POST['surname'])));
+
+ if ( create_user($_POST['uid'], $_POST['password'], $_POST['givenName'], $_POST['surname'], $_POST['cn'], $_POST['title']) )
+ queue_message(E_NOTICE, "{$_POST['cn']}'s account has been created!");
+ else
+ queue_message(E_ERROR, "Failed to create account");
+
+ break;
+ case 'resetpw':
+
+ if ( empty($_POST) )
+ {
+ queue_message(E_ERROR, "Bad request");
+ break;
+ }
+
+ // basic re-validation
+ if ( $_POST['password'] !== $_POST['password_confirm'] || empty($_POST['uid']) )
+ {
+ queue_message(E_ERROR, "Passwords do not match");
+ break;
+ }
+
+ $userinfo = ldap_get_user($_POST['uid']);
+ if ( !$userinfo )
+ break;
+
+ if ( reset_password($_POST['uid'], $_POST['password']) )
+ queue_message(E_NOTICE, "{$userinfo['cn']}'s password has been reset.");
+ else
+ queue_message(E_ERROR, "Failed to reset password");
+
+ break;
+
+ case 'edit':
+ if ( !isset($pi[1]) )
+ break;
+
+ $user =& $pi[1];
+ $userinfo = ldap_get_user($user);
+ if ( !$userinfo )
+ break;
+
+ if ( !empty($_POST) )
+ {
+ if ( ldap_update_user($user, $_POST['entry']) )
+ {
+ queue_message(E_NOTICE, "Updated user \"{$_POST['entry']['cn'][0]}\".");
+ redirect('/users');
+ }
+ }
+
+ display_template('useredit', array(
+ 'this_user' => $userinfo
+ , 'readonly' => $ldap_readonly_attrs
+ , 'field_names' => $ldap_field_names
+ , 'dn' => ldap_make_user_dn($user)
+ ));
+
+ exit;
+ break;
+ }
+}
+
+// list users, and fill with enabled status for the UI
+$users = ldap_list_users();
+foreach ( $users as $username => &$u )
+{
+ $u['enabled'] = is_user_enabled($username);
+}
+unset($u);
+
+// Present the UI
+display_template('users', array(
+ 'users' => $users
+ ));