1 | package LATMOS::Accounts::Bases::Sql::User; |
---|
2 | |
---|
3 | use 5.010000; |
---|
4 | use strict; |
---|
5 | use warnings; |
---|
6 | use overload '""' => 'stringify'; |
---|
7 | |
---|
8 | use LATMOS::Accounts::Utils; |
---|
9 | use LATMOS::Accounts::Log; |
---|
10 | use POSIX qw(strftime); |
---|
11 | use Date::Parse qw(str2time); |
---|
12 | use DateTime; |
---|
13 | use DateTime::TimeZone; |
---|
14 | use base qw(LATMOS::Accounts::Bases::Sql::objects); |
---|
15 | use LATMOS::Accounts::I18N; |
---|
16 | use Date::Calc; |
---|
17 | use LATMOS::Accounts::Mail; |
---|
18 | |
---|
19 | our $VERSION = (q$Rev$ =~ /^Rev: (\d+) /)[0]; |
---|
20 | |
---|
21 | =head1 NAME |
---|
22 | |
---|
23 | LATMOS::Ad - Perl extension for blah blah blah |
---|
24 | |
---|
25 | =head1 DESCRIPTION |
---|
26 | |
---|
27 | Account base access over standard unix file format. |
---|
28 | |
---|
29 | =head1 FUNCTIONS |
---|
30 | |
---|
31 | =cut |
---|
32 | |
---|
33 | =head2 new(%config) |
---|
34 | |
---|
35 | Create a new LATMOS::Ad object for windows AD $domain. |
---|
36 | |
---|
37 | domain / server: either the Ad domain or directly the server |
---|
38 | |
---|
39 | ldap_args is an optionnal list of arguments to pass to L<Net::LDAP>. |
---|
40 | |
---|
41 | =cut |
---|
42 | |
---|
43 | sub _object_table { 'user' } |
---|
44 | |
---|
45 | sub _key_field { 'name' } |
---|
46 | |
---|
47 | sub _has_extended_attributes { 1 } |
---|
48 | |
---|
49 | sub stringify { |
---|
50 | my ($self) = @_; |
---|
51 | |
---|
52 | return join(' ', grep { $_ } |
---|
53 | ( |
---|
54 | $self->get_field('givenName'), |
---|
55 | $self->get_field('sn') |
---|
56 | ) |
---|
57 | ) |
---|
58 | || $self->get_field('description') |
---|
59 | || $self->id; |
---|
60 | } |
---|
61 | |
---|
62 | sub _get_attr_schema { |
---|
63 | my ($class, $base) = @_; |
---|
64 | |
---|
65 | my $subsetaddress = sub { |
---|
66 | my ($self, $data) = @_; |
---|
67 | my $fmainaddress = $self->object->_get_c_field('mainaddress'); |
---|
68 | |
---|
69 | # set address attribute => create address object on the fly |
---|
70 | # except if attr is empty ! |
---|
71 | if (!$fmainaddress && $data) { |
---|
72 | $fmainaddress = $self->object->id . '-' . join('', map { ('a'..'z')[rand(26)] } |
---|
73 | (0..4)); |
---|
74 | $self->base->_create_c_object( |
---|
75 | 'address', $fmainaddress, |
---|
76 | user => $self->object->id, |
---|
77 | isMainAddress => 1, ) or do { |
---|
78 | $self->base->log(LA_ERR, |
---|
79 | "Cannot create main address for user %s", $self->object->id); |
---|
80 | return; |
---|
81 | }; |
---|
82 | } |
---|
83 | if ($fmainaddress && |
---|
84 | (my $address = $self->base->get_object('address', $fmainaddress))) { |
---|
85 | if ($address->attribute($self->name) && |
---|
86 | !$address->attribute($self->name)->ro) { |
---|
87 | return $address->set_c_fields($self->name => $data) ||0; |
---|
88 | } |
---|
89 | } |
---|
90 | }; |
---|
91 | |
---|
92 | my $attrs = { |
---|
93 | exported => { |
---|
94 | post => sub { |
---|
95 | my ($self, $value) = @_; |
---|
96 | my $attr = $self->name; |
---|
97 | |
---|
98 | if (my $obj = $self->base-> |
---|
99 | get_object('revaliases', $self->object->id)) { |
---|
100 | my $ares = $obj->set_c_fields( |
---|
101 | ($attr eq 'exported' ? 'exported' : 'unexported') => $value |
---|
102 | ); |
---|
103 | if (!defined($ares)) { |
---|
104 | $self->base->log(LA_ERR, |
---|
105 | 'Cannot set revaliases exported attribute for user %s', |
---|
106 | $self->object->id); |
---|
107 | } |
---|
108 | } |
---|
109 | my $must_expire = $self->name eq 'exported' |
---|
110 | ? ($value ? 0 : 1 ) |
---|
111 | : ($value ? 1 : 0 ); |
---|
112 | |
---|
113 | foreach my $al (grep { $_ } $self->object->get_attributes('aliases'), $self->object->id) { |
---|
114 | my $obj = $self->base->get_object('aliases', $al) or next; |
---|
115 | $obj->_set_c_fields( |
---|
116 | exported => $value, |
---|
117 | ); |
---|
118 | } |
---|
119 | foreach my $al ($self->object->get_attributes('otheraddress')) { |
---|
120 | my $obj = $self->base->get_object('address', $al) or next; |
---|
121 | $obj->_set_c_fields( |
---|
122 | exported => $value, |
---|
123 | ); |
---|
124 | } |
---|
125 | }, |
---|
126 | }, |
---|
127 | uidNumber => { |
---|
128 | inline => 1, |
---|
129 | iname => 'uidnumber', |
---|
130 | uniq => 1, |
---|
131 | mandatory => 1, |
---|
132 | formopts => { length => 7 }, |
---|
133 | label => l('UID'), |
---|
134 | }, |
---|
135 | uidnumber => { inline => 1, hide => 1, monitored => 1 }, |
---|
136 | gidNumber => { |
---|
137 | inline => 1, |
---|
138 | iname => 'gidnumber', |
---|
139 | mandatory => 1, |
---|
140 | can_values => sub { |
---|
141 | map { $_->id, $_->get_attributes('gidNumber') } |
---|
142 | map { $base->get_object('group', $_) } |
---|
143 | $base->list_objects('group') |
---|
144 | }, |
---|
145 | can_values => sub { |
---|
146 | my $sth = $base->db->prepare_cached( |
---|
147 | q{ |
---|
148 | select name, gidnumber from "group" where exported = true |
---|
149 | } |
---|
150 | ); |
---|
151 | $sth->execute(); |
---|
152 | my @res; |
---|
153 | while (my $res = $sth->fetchrow_hashref) { |
---|
154 | push(@res, $res->{name}); |
---|
155 | push(@res, $res->{gidnumber}); |
---|
156 | } |
---|
157 | return @res; |
---|
158 | }, |
---|
159 | display => sub { |
---|
160 | my ($self, $val) = @_; |
---|
161 | my ($gr) = $self->base->search_objects('group', "gidNumber=$val") |
---|
162 | or return; |
---|
163 | return $gr; |
---|
164 | }, |
---|
165 | input => sub { |
---|
166 | my ($val) = @_; |
---|
167 | $val =~ /^\d+$/ and return $val; |
---|
168 | my ($gr) = $base->search_objects('group', "name=$val") or return; |
---|
169 | return $base->get_object('group', $gr)->get_attributes('gidNumber'); |
---|
170 | }, |
---|
171 | reference => 'group', |
---|
172 | label => l('GID'), |
---|
173 | }, |
---|
174 | loginShell => { |
---|
175 | mandatory => 1, |
---|
176 | label => l('Shell'), |
---|
177 | }, |
---|
178 | gidnumber => { inline => 1, hide => 1, |
---|
179 | can_values => sub { |
---|
180 | map { $_->id, $_->get_attributes('gidNumber') } |
---|
181 | map { $base->get_object('group', $_) } |
---|
182 | $base->list_objects('group') |
---|
183 | }, |
---|
184 | display => sub { |
---|
185 | my ($self, $val) = @_; |
---|
186 | my ($gr) = $self->base->search_objects('group', "gidNumber=$val") |
---|
187 | or return; |
---|
188 | return $gr; |
---|
189 | }, |
---|
190 | input => sub { |
---|
191 | my ($val) = @_; |
---|
192 | $val =~ /^\d+$/ and return $val; |
---|
193 | my ($gr) = $base->search_objects('group', "name=$val") or return; |
---|
194 | return $base->get_object('group', $gr)->get_attributes('gidNumber'); |
---|
195 | }, |
---|
196 | mandatory => 1, |
---|
197 | reference => 'group', |
---|
198 | monitored => 1, |
---|
199 | }, |
---|
200 | locked => { |
---|
201 | formtype => 'CHECKBOX', |
---|
202 | formopts => { rawvalue => 1, }, |
---|
203 | monitored => 1, |
---|
204 | label => l('Locked'), |
---|
205 | }, |
---|
206 | expire => { |
---|
207 | inline => 1, |
---|
208 | formtype => 'DATETIME', |
---|
209 | monitored => 1, |
---|
210 | label => l('Expire on'), |
---|
211 | }, |
---|
212 | endcircuit => { |
---|
213 | inline => 1, |
---|
214 | formtype => 'DATE', |
---|
215 | monitored => 1, |
---|
216 | label => l('End of entrance'), |
---|
217 | }, |
---|
218 | _endEmployment => { |
---|
219 | formtype => 'DATETIME', |
---|
220 | managed => 1, |
---|
221 | ro => 1, |
---|
222 | hide => 1, |
---|
223 | get => sub { |
---|
224 | my ($attr) = @_; |
---|
225 | my $self = $attr->object; |
---|
226 | $self->_computeEndEmployment($self->base->config('employment_delay') || 0); |
---|
227 | }, |
---|
228 | label => l('End of employment'), |
---|
229 | }, |
---|
230 | endEmployment => { |
---|
231 | formtype => 'DATETIME', |
---|
232 | ro => 1, |
---|
233 | label => l('End of employment'), |
---|
234 | }, |
---|
235 | _departure => { |
---|
236 | formtype => 'DATETIME', |
---|
237 | managed => 1, |
---|
238 | ro => 1, |
---|
239 | hide => 1, |
---|
240 | get => sub { |
---|
241 | my ($attr) = @_; |
---|
242 | my $self = $attr->object; |
---|
243 | $self->_computeEndEmployment($self->base->config('employment_delay') || 0, 1, 1); |
---|
244 | }, |
---|
245 | label => l('Start of employment'), |
---|
246 | }, |
---|
247 | departure => { |
---|
248 | formtype => 'DATETIME', |
---|
249 | ro => 1, |
---|
250 | label => l('Leaving'), |
---|
251 | }, |
---|
252 | _endStrictEmployment => { |
---|
253 | formtype => 'DATETIME', |
---|
254 | managed => 1, |
---|
255 | ro => 1, |
---|
256 | hide => 1, |
---|
257 | get => sub { |
---|
258 | my ($attr) = @_; |
---|
259 | my $self = $attr->object; |
---|
260 | $self->_computeEndEmployment(); |
---|
261 | }, |
---|
262 | }, |
---|
263 | endStrictEmployment => { |
---|
264 | formtype => 'DATETIME', |
---|
265 | ro => 1, |
---|
266 | }, |
---|
267 | _endCurrentEmployment => { |
---|
268 | formtype => 'DATETIME', |
---|
269 | managed => 1, |
---|
270 | ro => 1, |
---|
271 | hide => 1, |
---|
272 | get => sub { |
---|
273 | my ($attr) = @_; |
---|
274 | my $self = $attr->object; |
---|
275 | |
---|
276 | my $list_empl = $self->base->db->prepare_cached(q{ |
---|
277 | SELECT * FROM employment WHERE "user" = ? and |
---|
278 | firstday <= now() and |
---|
279 | (lastday is null or lastday >= now() - '1 days'::interval) |
---|
280 | order by firstday asc |
---|
281 | }); |
---|
282 | $list_empl->execute($self->id); |
---|
283 | my $end; |
---|
284 | while (my $res = $list_empl->fetchrow_hashref) { |
---|
285 | if (!$res->{lastday}) { |
---|
286 | # Ultimate employment. |
---|
287 | $list_empl->finish; |
---|
288 | return undef; |
---|
289 | } else { |
---|
290 | $end = DateTime->from_epoch(epoch => str2time($res->{lastday})); |
---|
291 | $end->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
292 | $end->add(hours => 23, minutes => 59, seconds => 59); |
---|
293 | } |
---|
294 | last; |
---|
295 | } |
---|
296 | $list_empl->finish; |
---|
297 | |
---|
298 | return $end ? $end->iso8601 : undef |
---|
299 | }, |
---|
300 | }, |
---|
301 | endCurrentEmployment => { |
---|
302 | formtype => 'DATETIME', |
---|
303 | ro => 1, |
---|
304 | }, |
---|
305 | _endLastEmployment => { |
---|
306 | formtype => 'DATETIME', |
---|
307 | managed => 1, |
---|
308 | ro => 1, |
---|
309 | hide => 1, |
---|
310 | get => sub { |
---|
311 | my ($attr) = @_; |
---|
312 | my $self = $attr->object; |
---|
313 | |
---|
314 | my $list_empl = $self->base->db->prepare_cached(q{ |
---|
315 | SELECT * FROM employment WHERE "user" = ? |
---|
316 | order by lastday desc nulls first |
---|
317 | }); |
---|
318 | $list_empl->execute($self->id); |
---|
319 | my $res = $list_empl->fetchrow_hashref; |
---|
320 | $list_empl->finish; |
---|
321 | my $end; |
---|
322 | if ($res && $res->{lastday}) { |
---|
323 | $end = DateTime->from_epoch(epoch => str2time($res->{lastday})); |
---|
324 | $end->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
325 | $end->add(hours => 23, minutes => 59, seconds => 59); |
---|
326 | } |
---|
327 | return $end ? $end->iso8601 : undef |
---|
328 | }, |
---|
329 | label => l('End of any employment'), |
---|
330 | }, |
---|
331 | endLastEmployment => { |
---|
332 | formtype => 'DATETIME', |
---|
333 | ro => 1, |
---|
334 | label => l('End of any employment'), |
---|
335 | }, |
---|
336 | _startEmployment => { |
---|
337 | formtype => 'DATETIME', |
---|
338 | managed => 1, |
---|
339 | ro => 1, |
---|
340 | hide => 1, |
---|
341 | get => sub { |
---|
342 | my ($attr) = @_; |
---|
343 | my $self = $attr->object; |
---|
344 | $self->_computeStartEmployment($self->base->config('employment_delay') || 0); |
---|
345 | }, |
---|
346 | label => l('Start of employment'), |
---|
347 | }, |
---|
348 | startEmployment => { |
---|
349 | formtype => 'DATETIME', |
---|
350 | ro => 1, |
---|
351 | label => l('Start of employment'), |
---|
352 | }, |
---|
353 | _arrival => { |
---|
354 | formtype => 'DATETIME', |
---|
355 | managed => 1, |
---|
356 | ro => 1, |
---|
357 | hide => 1, |
---|
358 | get => sub { |
---|
359 | my ($attr) = @_; |
---|
360 | my $self = $attr->object; |
---|
361 | $self->_computeStartEmployment($self->base->config('employment_delay') || 0, 1, 1); |
---|
362 | }, |
---|
363 | label => l('Start of employment'), |
---|
364 | }, |
---|
365 | arrival => { |
---|
366 | formtype => 'DATETIME', |
---|
367 | ro => 1, |
---|
368 | label => l('Arrival'), |
---|
369 | }, |
---|
370 | _startStrictEmployment => { |
---|
371 | formtype => 'DATETIME', |
---|
372 | managed => 1, |
---|
373 | ro => 1, |
---|
374 | hide => 1, |
---|
375 | get => sub { |
---|
376 | my ($attr) = @_; |
---|
377 | my $self = $attr->object; |
---|
378 | $self->_computeStartEmployment(); |
---|
379 | }, |
---|
380 | }, |
---|
381 | startStrictEmployment => { |
---|
382 | formtype => 'DATETIME', |
---|
383 | ro => 1, |
---|
384 | }, |
---|
385 | _startCurrentEmployment => { |
---|
386 | formtype => 'DATETIME', |
---|
387 | managed => 1, |
---|
388 | ro => 1, |
---|
389 | hide => 1, |
---|
390 | get => sub { |
---|
391 | my ($attr) = @_; |
---|
392 | my $self = $attr->object; |
---|
393 | |
---|
394 | my $list_empl = $self->base->db->prepare_cached(q{ |
---|
395 | SELECT * FROM employment WHERE "user" = ? and |
---|
396 | firstday <= now() and |
---|
397 | (lastday is null or lastday >= now() - '1 days'::interval) |
---|
398 | order by firstday asc |
---|
399 | }); |
---|
400 | $list_empl->execute($self->id); |
---|
401 | my $start; |
---|
402 | while (my $res = $list_empl->fetchrow_hashref) { |
---|
403 | $start = DateTime->from_epoch(epoch => str2time($res->{firstday})); |
---|
404 | $start->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
405 | last; |
---|
406 | } |
---|
407 | $list_empl->finish; |
---|
408 | |
---|
409 | return $start ? $start->iso8601 : undef |
---|
410 | }, |
---|
411 | }, |
---|
412 | startCurrentEmployment => { |
---|
413 | formtype => 'DATETIME', |
---|
414 | ro => 1, |
---|
415 | }, |
---|
416 | _startFirstEmployment => { |
---|
417 | formtype => 'DATETIME', |
---|
418 | managed => 1, |
---|
419 | ro => 1, |
---|
420 | hide => 1, |
---|
421 | get => sub { |
---|
422 | my ($attr) = @_; |
---|
423 | my $self = $attr->object; |
---|
424 | |
---|
425 | my $list_empl = $self->base->db->prepare_cached(q{ |
---|
426 | SELECT * FROM employment WHERE "user" = ? |
---|
427 | order by firstday asc |
---|
428 | }); |
---|
429 | $list_empl->execute($self->id); |
---|
430 | my $res = $list_empl->fetchrow_hashref; |
---|
431 | $list_empl->finish; |
---|
432 | my $start; |
---|
433 | if ($res && $res->{firstday}) { |
---|
434 | $start = DateTime->from_epoch(epoch => str2time($res->{firstday})); |
---|
435 | $start->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
436 | } |
---|
437 | return $start ? $start->iso8601 : undef |
---|
438 | }, |
---|
439 | label => l('Start of any employment'), |
---|
440 | }, |
---|
441 | startFirstEmployment => { |
---|
442 | formtype => 'DATETIME', |
---|
443 | ro => 1, |
---|
444 | label => l('Start of any employment'), |
---|
445 | }, |
---|
446 | employmentLength => { |
---|
447 | ro => 1, |
---|
448 | managed => 1, |
---|
449 | get => sub { |
---|
450 | my ($self) = @_; |
---|
451 | my $lastday = $self->object->get_attributes('endEmployment') || DateTime->now->ymd('-'); |
---|
452 | my $firstday = $self->object->get_attributes('startEmployment') or return; |
---|
453 | |
---|
454 | my @fd = split('-', DateTime->from_epoch(epoch => str2time($firstday))->ymd('-')); |
---|
455 | my @ld = split('-', DateTime->from_epoch(epoch => str2time($lastday))->ymd('-')); |
---|
456 | |
---|
457 | return Date::Calc::Delta_Days(@fd, @ld) +1; |
---|
458 | }, |
---|
459 | label => l('Work duration'), |
---|
460 | }, |
---|
461 | employmentLengthText => { |
---|
462 | ro => 1, |
---|
463 | managed => 1, |
---|
464 | get => sub { |
---|
465 | my ($self) = @_; |
---|
466 | my $firstday = $self->object->get_attributes('startEmployment') or return; |
---|
467 | my $lastday = $self->object->get_attributes('endEmployment')|| DateTime->now->ymd('-'); |
---|
468 | { |
---|
469 | my $dtlast = DateTime->from_epoch(epoch => str2time($lastday)); |
---|
470 | $dtlast->add(days => 1); |
---|
471 | $lastday = $dtlast->ymd('-'); |
---|
472 | } |
---|
473 | |
---|
474 | my @fd = split('-', DateTime->from_epoch(epoch => str2time($firstday))->ymd('-')); |
---|
475 | my @ld = split('-', DateTime->from_epoch(epoch => str2time($lastday))->ymd('-')); |
---|
476 | |
---|
477 | my ($Dy,$Dm,$Dd) = Date::Calc::N_Delta_YMD(@fd, @ld); |
---|
478 | return join(', ', |
---|
479 | ($Dy ? l('%d years', $Dy) : ()), |
---|
480 | ($Dm ? l('%d months', $Dm) : ()), |
---|
481 | ($Dd ? l('%d days', $Dd) : ()), |
---|
482 | ); |
---|
483 | }, |
---|
484 | label => l('Work duration'), |
---|
485 | }, |
---|
486 | cn => { |
---|
487 | inline => 1, ro => 1, |
---|
488 | get => sub { |
---|
489 | my ($self) = @_; |
---|
490 | return join(' ', grep { $_ } |
---|
491 | ( |
---|
492 | $self->object->_get_c_field('givenName'), |
---|
493 | $self->object->_get_c_field('sn') |
---|
494 | ) |
---|
495 | ) |
---|
496 | || $self->object->_get_c_field('description') |
---|
497 | || $self->object->id; |
---|
498 | }, |
---|
499 | }, |
---|
500 | memberOf => { |
---|
501 | reference => 'group', |
---|
502 | multiple => 1, delayed => 1, |
---|
503 | get => sub { |
---|
504 | my ($self) = @_; |
---|
505 | my $obj = $self->object; |
---|
506 | my $sth = $obj->db->prepare_cached( |
---|
507 | q{ |
---|
508 | select name from "group" join |
---|
509 | group_attributes on group_attributes.okey = "group".ikey |
---|
510 | where value = ? and attr = ? and internobject = false |
---|
511 | } . ($self->base->{wexported} ? '' : ' and "group".exported = true') |
---|
512 | ); |
---|
513 | $sth->execute($obj->id, 'memberUID'); |
---|
514 | my @res; |
---|
515 | while (my $res = $sth->fetchrow_hashref) { |
---|
516 | push(@res, $res->{name}); |
---|
517 | } |
---|
518 | return \@res; |
---|
519 | }, |
---|
520 | set => sub { |
---|
521 | my ($self, $values) = @_; |
---|
522 | my %old = map { $_ => 'o' } @{ $self->get }; |
---|
523 | foreach my $group (grep { $_ } ref $values ? @{ $values } : $values) { |
---|
524 | if ($old{$group}) { |
---|
525 | $old{$group} = undef; # no change |
---|
526 | } else { |
---|
527 | $old{$group} = 'n'; |
---|
528 | } |
---|
529 | } |
---|
530 | |
---|
531 | my $res = 0; |
---|
532 | foreach my $group (keys %old) { |
---|
533 | $old{$group} or next; # no change |
---|
534 | |
---|
535 | my $ogroup = $self->base->get_object('group', $group) or next; |
---|
536 | ($ogroup->_get_c_field('sutype') || '') =~ /^(jobtype|contrattype)$/ and next; |
---|
537 | |
---|
538 | if ($old{$group} eq 'n') { |
---|
539 | $res += $ogroup->_addAttributeValue('memberUID', $self->object->id); |
---|
540 | } else { |
---|
541 | if (($self->object->_get_c_field('department') || '') eq $ogroup->id) { |
---|
542 | $self->base->log(LA_WARN, |
---|
543 | "Don't removing user %s from group %s: is its department", |
---|
544 | $self->object->id, $ogroup->id); |
---|
545 | next; |
---|
546 | } |
---|
547 | $res += $ogroup->_delAttributeValue('memberUID', $self->object->id); |
---|
548 | } |
---|
549 | } |
---|
550 | return $res; |
---|
551 | }, |
---|
552 | label => l('Member of'), |
---|
553 | }, |
---|
554 | forward => { |
---|
555 | managed => 1, |
---|
556 | multiple => 1, |
---|
557 | get => sub { |
---|
558 | my ($self) = @_; |
---|
559 | my $sth = $self->base->db->prepare(q{ |
---|
560 | select forward from aliases where name = ? and internobject = false |
---|
561 | } . ($self->base->{wexported} ? '' : ' and exported = true')); |
---|
562 | $sth->execute($self->object->id); |
---|
563 | my $res = $sth->fetchrow_hashref; |
---|
564 | $sth->finish; |
---|
565 | return $res->{forward} |
---|
566 | }, |
---|
567 | set => sub { |
---|
568 | my ($self, $data) = @_; |
---|
569 | if ($data) { |
---|
570 | my @datas = ref $data ? @$data : split(/\s*,\s*/, $data); |
---|
571 | if (my $f = $self->base->get_object('aliases', $self->object->id)) { |
---|
572 | return $f->_set_c_fields( |
---|
573 | forward => \@datas, |
---|
574 | comment => undef, |
---|
575 | description => 'Forward for user ' . $self->object->id, |
---|
576 | ); |
---|
577 | } else { |
---|
578 | if ($self->base->_create_c_object( |
---|
579 | 'aliases', $self->object->id, |
---|
580 | forward => \@datas, |
---|
581 | description => 'automatically created for ' . $self->object->id, |
---|
582 | )) { |
---|
583 | return 1; |
---|
584 | } else { |
---|
585 | $self->base->log(LA_ERR, "Cannot add forward for %s", |
---|
586 | $self->object->id); |
---|
587 | } |
---|
588 | } |
---|
589 | } elsif ($self->base->get_object('aliases', $self->object->id)) { |
---|
590 | if (my $res = $self->base->_delete_object('aliases', $self->object->id)) { |
---|
591 | return $res; |
---|
592 | } else { |
---|
593 | $self->base->log(LA_ERR, "Cannot remove forward for %s", |
---|
594 | $self->object->id); |
---|
595 | } |
---|
596 | } else { |
---|
597 | return 1; |
---|
598 | } |
---|
599 | return; |
---|
600 | }, |
---|
601 | label => l('Forward'), |
---|
602 | }, |
---|
603 | aliases => { |
---|
604 | #reference => 'aliases', |
---|
605 | delayed => 1, |
---|
606 | formtype => 'TEXT', |
---|
607 | multiple => 1, |
---|
608 | get => sub { |
---|
609 | my ($self) = @_; |
---|
610 | my $sth = $self->base->db->prepare(q{ |
---|
611 | select name from aliases where internobject = false and lower($1) = |
---|
612 | lower(array_to_string("forward", ',')) |
---|
613 | } . ($self->base->{wexported} ? '' : 'and exported = true')); |
---|
614 | $sth->execute($self->object->id); |
---|
615 | my @values; |
---|
616 | while (my $res = $sth->fetchrow_hashref) { |
---|
617 | push(@values, $res->{name}); |
---|
618 | } |
---|
619 | return \@values; |
---|
620 | }, |
---|
621 | set => sub { |
---|
622 | my ($self, $data) = @_; |
---|
623 | |
---|
624 | my $res = 0; |
---|
625 | my %aliases = map { $_ => 1 } grep { $_ } (ref $data ? @{$data} : $data); |
---|
626 | foreach ($self->object->_get_attributes('aliases')) { |
---|
627 | $aliases{$_} ||= 0; |
---|
628 | $aliases{$_} +=2; |
---|
629 | } |
---|
630 | foreach (keys %aliases) { |
---|
631 | if ($aliases{$_} == 2) { |
---|
632 | if ($self->base->_delete_object('aliases', $_)) { |
---|
633 | $res++ |
---|
634 | } else { |
---|
635 | $self->base->log(LA_ERR, |
---|
636 | "Cannot remove aliases %s from user %s", $_, |
---|
637 | $self->object->id); |
---|
638 | } |
---|
639 | } elsif ($aliases{$_} == 1) { |
---|
640 | if ($self->base->_create_c_object( |
---|
641 | 'aliases', $_, |
---|
642 | forward => [ $self->object->id ], |
---|
643 | description => 'automatically created for ' . $self->object->id, |
---|
644 | )) { |
---|
645 | $res++ |
---|
646 | } else { |
---|
647 | $self->base->log(LA_ERR, 'Cannot set forward %s to user %s', |
---|
648 | $_, $self->object->id); |
---|
649 | return; |
---|
650 | } |
---|
651 | } # 3 no change |
---|
652 | } |
---|
653 | $res |
---|
654 | }, |
---|
655 | label => l('Aliases'), |
---|
656 | }, |
---|
657 | revaliases => { |
---|
658 | formtype => 'TEXT', |
---|
659 | get => sub { |
---|
660 | my ($self) = @_; |
---|
661 | |
---|
662 | if (my $obj = $self->base-> |
---|
663 | get_object('revaliases', $self->object->id)) { |
---|
664 | return $obj->get_attributes('as'); |
---|
665 | } else { |
---|
666 | return; |
---|
667 | } |
---|
668 | }, |
---|
669 | set => sub { |
---|
670 | my ($self, $data) = @_; |
---|
671 | |
---|
672 | my $res = 0; |
---|
673 | if ($data) { |
---|
674 | if (my $obj = $self->base-> |
---|
675 | get_object('revaliases', $self->object->id)) { |
---|
676 | my $ares = $obj->set_c_fields( |
---|
677 | 'as' => $data, |
---|
678 | 'exported' => ($self->object->get_attributes('exported') || 0), |
---|
679 | ); |
---|
680 | if (defined($ares)) { |
---|
681 | $res+=$ares; |
---|
682 | } else { |
---|
683 | $self->base->log(LA_ERR, 'Cannot set revaliases for user %s', |
---|
684 | $self->object->id); |
---|
685 | } |
---|
686 | } else { |
---|
687 | if ($self->base->_create_c_object( |
---|
688 | 'revaliases', |
---|
689 | $self->object->id, as => $data, |
---|
690 | 'exported' => ($self->object->get_attributes('exported') || 0), |
---|
691 | description => 'automatically created for ' . $self->object->id, |
---|
692 | )) { |
---|
693 | $res++; |
---|
694 | } else { |
---|
695 | $self->base->log(LA_ERR, 'Cannot set revaliases for user %s', |
---|
696 | $self->object->id); |
---|
697 | } |
---|
698 | } |
---|
699 | } else { |
---|
700 | $self->base->_delete_object('revaliases', $self->object->id); |
---|
701 | $res++; |
---|
702 | } |
---|
703 | |
---|
704 | $res |
---|
705 | }, |
---|
706 | }, |
---|
707 | manager => { |
---|
708 | reference => 'user', |
---|
709 | ro => 1, |
---|
710 | get => sub { |
---|
711 | my ($self) = @_; |
---|
712 | if (my $manager = $self->object->_get_c_field('managerContact')) { |
---|
713 | return $manager; |
---|
714 | } elsif (my $department = $self->object->_get_c_field('department')) { |
---|
715 | my $obj = $self->base->get_object('group', $department); |
---|
716 | return $obj->_get_c_field('managedBy'); |
---|
717 | } else { |
---|
718 | return; |
---|
719 | } |
---|
720 | }, |
---|
721 | label => l('Responsible'), |
---|
722 | }, |
---|
723 | department => { |
---|
724 | reference => 'group', |
---|
725 | can_values => sub { |
---|
726 | $base->search_objects('group', 'sutype=dpmt') |
---|
727 | }, |
---|
728 | monitored => 1, |
---|
729 | label => l('Department'), |
---|
730 | }, |
---|
731 | contratType => { |
---|
732 | reference => 'group', |
---|
733 | can_values => sub { |
---|
734 | $base->search_objects('group', 'sutype=contrattype') |
---|
735 | }, |
---|
736 | monitored => 1, |
---|
737 | label => l('Type of contract'), |
---|
738 | }, |
---|
739 | site => { |
---|
740 | reference => 'site', |
---|
741 | can_values => sub { |
---|
742 | $base->search_objects('site') |
---|
743 | }, |
---|
744 | get => sub { |
---|
745 | my ($self) = @_; |
---|
746 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
747 | $self->base->get_object('address', $fmainaddress) |
---|
748 | ->_get_c_field($self->name); |
---|
749 | } else { |
---|
750 | return; |
---|
751 | } |
---|
752 | }, |
---|
753 | set => $subsetaddress, |
---|
754 | label => l('Site'), |
---|
755 | }, |
---|
756 | co => { |
---|
757 | get => sub { |
---|
758 | my ($self) = @_; |
---|
759 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
760 | $self->base->get_object('address', $fmainaddress) |
---|
761 | ->_get_c_field($self->name); |
---|
762 | } else { |
---|
763 | return; |
---|
764 | } |
---|
765 | }, |
---|
766 | set => $subsetaddress, |
---|
767 | }, |
---|
768 | l => { |
---|
769 | get => sub { |
---|
770 | my ($self) = @_; |
---|
771 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
772 | $self->base->get_object('address', $fmainaddress) |
---|
773 | ->_get_c_field($self->name); |
---|
774 | } else { |
---|
775 | return; |
---|
776 | } |
---|
777 | }, |
---|
778 | set => $subsetaddress, |
---|
779 | label => l('City'), |
---|
780 | }, |
---|
781 | postalCode => { |
---|
782 | get => sub { |
---|
783 | my ($self) = @_; |
---|
784 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
785 | $self->base->get_object('address', $fmainaddress) |
---|
786 | ->_get_c_field($self->name); |
---|
787 | } else { |
---|
788 | return; |
---|
789 | } |
---|
790 | }, |
---|
791 | set => $subsetaddress, |
---|
792 | label => l('Postal code'), |
---|
793 | }, |
---|
794 | streetAddress => { |
---|
795 | formtype => 'TEXTAREA', |
---|
796 | get => sub { |
---|
797 | my ($self) = @_; |
---|
798 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
799 | $self->base->get_object('address', $fmainaddress) |
---|
800 | ->_get_c_field($self->name); |
---|
801 | } else { |
---|
802 | return; |
---|
803 | } |
---|
804 | }, |
---|
805 | set => $subsetaddress, |
---|
806 | label => l('Street'), |
---|
807 | }, |
---|
808 | postOfficeBox => { |
---|
809 | get => sub { |
---|
810 | my ($self) = @_; |
---|
811 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
812 | $self->base->get_object('address', $fmainaddress) |
---|
813 | ->_get_c_field($self->name); |
---|
814 | } else { |
---|
815 | return; |
---|
816 | } |
---|
817 | }, |
---|
818 | set => $subsetaddress, |
---|
819 | label => l('Post office box'), |
---|
820 | }, |
---|
821 | st => { |
---|
822 | get => sub { |
---|
823 | my ($self) = @_; |
---|
824 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
825 | $self->base->get_object('address', $fmainaddress) |
---|
826 | ->_get_c_field($self->name); |
---|
827 | } else { |
---|
828 | return; |
---|
829 | } |
---|
830 | }, |
---|
831 | set => $subsetaddress, |
---|
832 | }, |
---|
833 | facsimileTelephoneNumber => { |
---|
834 | get => sub { |
---|
835 | my ($self) = @_; |
---|
836 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
837 | $self->base->get_object('address', $fmainaddress) |
---|
838 | ->_get_c_field($self->name); |
---|
839 | } else { |
---|
840 | return; |
---|
841 | } |
---|
842 | }, |
---|
843 | set => $subsetaddress, |
---|
844 | label => l('Fax number'), |
---|
845 | }, |
---|
846 | o => { |
---|
847 | ro => 1, |
---|
848 | iname => 'company', |
---|
849 | label => l('Company'), |
---|
850 | }, |
---|
851 | ou => { |
---|
852 | iname => 'department', |
---|
853 | ro => 1, |
---|
854 | label => l('Department'), |
---|
855 | }, |
---|
856 | telephoneNumber => { |
---|
857 | get => sub { |
---|
858 | my ($self) = @_; |
---|
859 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
860 | $self->base->get_object('address', $fmainaddress) |
---|
861 | ->_get_c_field($self->name); |
---|
862 | } else { |
---|
863 | return; |
---|
864 | } |
---|
865 | }, |
---|
866 | set => $subsetaddress, |
---|
867 | label => l('Phone number'), |
---|
868 | }, |
---|
869 | physicalDeliveryOfficeName => { |
---|
870 | get => sub { |
---|
871 | my ($self) = @_; |
---|
872 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
873 | $self->base->get_object('address', $fmainaddress) |
---|
874 | ->_get_c_field($self->name); |
---|
875 | } else { |
---|
876 | return; |
---|
877 | } |
---|
878 | }, |
---|
879 | set => $subsetaddress, |
---|
880 | label => l('Office'), |
---|
881 | }, |
---|
882 | uid => { |
---|
883 | iname => 'name', |
---|
884 | ro => 1, |
---|
885 | label => l('Login'), |
---|
886 | }, |
---|
887 | cn => { iname => 'name', ro => 1 }, |
---|
888 | gecos => { |
---|
889 | managed => 1, |
---|
890 | ro => 1, |
---|
891 | get => sub { |
---|
892 | my ($self) = @_; |
---|
893 | my $obj = $self->object; |
---|
894 | |
---|
895 | my $ec = $obj->_get_c_field('endcircuit') || ''; |
---|
896 | |
---|
897 | my $date = $ec |
---|
898 | ? sprintf('%s (%s)', $obj->_get_c_field('expireTextEC'), $obj->_get_c_field('expireText')) |
---|
899 | : $obj->_get_c_field('expireText'); |
---|
900 | |
---|
901 | $date ||= ''; |
---|
902 | |
---|
903 | my $gecos = sprintf("%s,%s,%s,%s", |
---|
904 | join(' ', grep { $_ } |
---|
905 | ($obj->_get_c_field('givenName'), |
---|
906 | ($obj->_get_c_field('sn')))) |
---|
907 | || $obj->_get_c_field('description') || '', |
---|
908 | join(' - ', grep { $_ } (($obj->_get_c_field('site') || |
---|
909 | $obj->_get_c_field('l')), |
---|
910 | $obj->_get_c_field('physicalDeliveryOfficeName'))) || '', |
---|
911 | $obj->_get_c_field('telephoneNumber') || '', |
---|
912 | $date, |
---|
913 | ); |
---|
914 | $gecos =~ s/:/ /g; |
---|
915 | return to_ascii($gecos); |
---|
916 | }, |
---|
917 | label => l('GECOS'), |
---|
918 | }, |
---|
919 | displayName => { |
---|
920 | ro => 1, managed => 1, |
---|
921 | get => sub { |
---|
922 | my ($self) = @_; |
---|
923 | return join(' ', grep { $_ } |
---|
924 | ( |
---|
925 | $self->object->_get_c_field('givenName'), |
---|
926 | $self->object->_get_c_field('sn') |
---|
927 | ) |
---|
928 | ) |
---|
929 | || $self->object->_get_c_field('description') |
---|
930 | || $self->object->id; |
---|
931 | }, |
---|
932 | label => l('Name'), |
---|
933 | }, |
---|
934 | sAMAccountName => { |
---|
935 | ro => 1, |
---|
936 | managed => 1, |
---|
937 | iname => 'name', |
---|
938 | }, |
---|
939 | accountExpires => { |
---|
940 | ro => 1, |
---|
941 | managed => 1, |
---|
942 | get => sub { |
---|
943 | my ($self) = @_; |
---|
944 | my $obj = $self->object; |
---|
945 | my $sth = $obj->db->prepare_cached( |
---|
946 | sprintf( |
---|
947 | q{select extract(epoch from COALESCE(endcircuit, expire)) + 11644474161 as expire |
---|
948 | from %s where %s = ?}, |
---|
949 | $obj->db->quote_identifier($obj->_object_table), |
---|
950 | $obj->db->quote_identifier($obj->_key_field), |
---|
951 | ) |
---|
952 | ); |
---|
953 | $sth->execute($obj->id); |
---|
954 | my $res = $sth->fetchrow_hashref; |
---|
955 | $sth->finish; |
---|
956 | return $res->{expire} ? sprintf("%.f", $res->{expire} * 1E7) : '9223372036854775807'; |
---|
957 | } |
---|
958 | }, |
---|
959 | shadowExpire => { |
---|
960 | ro => 1, |
---|
961 | managed => 1, |
---|
962 | get => sub { |
---|
963 | my ($self) = @_; |
---|
964 | my $obj = $self->object; |
---|
965 | my $sth = $obj->db->prepare_cached( |
---|
966 | sprintf( |
---|
967 | q{select justify_hours(COALESCE(endcircuit, expire) - '1/1/1970'::timestamp) as expire |
---|
968 | from %s where %s = ?}, |
---|
969 | $obj->db->quote_identifier($obj->_object_table), |
---|
970 | $obj->db->quote_identifier($obj->_key_field), |
---|
971 | ) |
---|
972 | ); |
---|
973 | $sth->execute($obj->id); |
---|
974 | my $res = $sth->fetchrow_hashref; |
---|
975 | $sth->finish; |
---|
976 | return -1 unless($res->{expire}); |
---|
977 | $res->{expire} =~ /(\d+) days\s*(\w)?/; |
---|
978 | # Add one day is time is not 00H00 |
---|
979 | return $1 + ($2 ? 1 : 0); |
---|
980 | } |
---|
981 | }, |
---|
982 | directReports => { |
---|
983 | reference => 'user', |
---|
984 | ro => 1, |
---|
985 | delayed => 1, |
---|
986 | get => sub { |
---|
987 | my ($self) = @_; |
---|
988 | my $obj = $self->object; |
---|
989 | my $sth = $obj->db->prepare_cached( |
---|
990 | q{ |
---|
991 | SELECT |
---|
992 | "user".name FROM |
---|
993 | public."user", |
---|
994 | public.user_attributes_groups, |
---|
995 | public.group_attributes_users, |
---|
996 | public.group_attributes_base gb, |
---|
997 | public."group" |
---|
998 | WHERE |
---|
999 | "user".ikey = user_attributes_groups.okey AND |
---|
1000 | user_attributes_groups.value = "group".name AND |
---|
1001 | group_attributes_users.okey = gb.okey AND |
---|
1002 | "group".ikey = group_attributes_users.okey AND |
---|
1003 | gb.attr = 'sutype' AND |
---|
1004 | gb.value = 'dpmt' AND |
---|
1005 | group_attributes_users.attr = 'managedBy' AND |
---|
1006 | group_attributes_users.value = ? |
---|
1007 | } . ($self->base->{wexported} ? '' : ' and "user".exported = true') . q{ |
---|
1008 | and "user".ikey not in |
---|
1009 | (select okey from user_attributes_users |
---|
1010 | where attr = 'manager' and value != ? ) |
---|
1011 | union |
---|
1012 | select "user".name FROM public."user", |
---|
1013 | user_attributes_users where |
---|
1014 | user_attributes_users.attr = 'manager' and user_attributes_users.value = ? |
---|
1015 | and "user".ikey = user_attributes_users.okey |
---|
1016 | } . ($self->base->{wexported} ? '' : ' and "user".exported = true') |
---|
1017 | ); |
---|
1018 | $sth->execute($obj->id, $obj->id, $obj->id); |
---|
1019 | my @res; |
---|
1020 | while (my $res = $sth->fetchrow_hashref) { |
---|
1021 | push(@res, $res->{name}); |
---|
1022 | } |
---|
1023 | return \@res; |
---|
1024 | }, |
---|
1025 | }, |
---|
1026 | managedObjects => { ro => 1, reference => 'group', }, |
---|
1027 | otheraddress => { |
---|
1028 | ro => 1, |
---|
1029 | reference => 'address', |
---|
1030 | get => sub { |
---|
1031 | my ($self) = @_; |
---|
1032 | my $sth = $self->base->db->prepare_cached(q{ |
---|
1033 | select name from address left join address_attributes |
---|
1034 | on address.ikey = address_attributes.okey and |
---|
1035 | address_attributes.attr = 'isMainAddress' |
---|
1036 | where "user" = ? |
---|
1037 | order by address_attributes.attr |
---|
1038 | }); |
---|
1039 | $sth->execute($self->object->id); |
---|
1040 | my @values; |
---|
1041 | while (my $res = $sth->fetchrow_hashref) { |
---|
1042 | push(@values, $res->{name}); |
---|
1043 | } |
---|
1044 | return \@values; |
---|
1045 | }, |
---|
1046 | }, |
---|
1047 | mainaddress => { |
---|
1048 | ro => 1, |
---|
1049 | reference => 'address', |
---|
1050 | get => sub { |
---|
1051 | my ($self) = @_; |
---|
1052 | my $sth = $self->base->db->prepare_cached(q{ |
---|
1053 | select name from address join address_attributes on ikey = okey |
---|
1054 | where "user" = ? and attr = 'isMainAddress' |
---|
1055 | }); |
---|
1056 | $sth->execute($self->object->id); |
---|
1057 | my $res = $sth->fetchrow_hashref; |
---|
1058 | $sth->finish; |
---|
1059 | return $res->{name}; |
---|
1060 | }, |
---|
1061 | }, |
---|
1062 | postalAddress => { |
---|
1063 | ro => 1, |
---|
1064 | get => sub { |
---|
1065 | my ($self) = @_; |
---|
1066 | if (my $fmainaddress = $self->object->_get_c_field('mainaddress')) { |
---|
1067 | $self->base->get_object('address', $fmainaddress) |
---|
1068 | ->_get_c_field($self->name); |
---|
1069 | } else { |
---|
1070 | return; |
---|
1071 | } |
---|
1072 | }, |
---|
1073 | label => l('Postal Address'), |
---|
1074 | }, |
---|
1075 | facsimileTelephoneNumber => { |
---|
1076 | ro => 1, |
---|
1077 | label => l('Fax number'), |
---|
1078 | }, |
---|
1079 | allsite => { |
---|
1080 | ro => 1, |
---|
1081 | reference => 'site', |
---|
1082 | }, |
---|
1083 | managerContact => { |
---|
1084 | delayed => 1, |
---|
1085 | can_values => sub { |
---|
1086 | my %uniq = map { $_ => 1 } grep { $_ } |
---|
1087 | ($_[1] ? $_[1]->get_attributes('managerContact') : ()), |
---|
1088 | $base->search_objects('user', 'active=1'); |
---|
1089 | sort keys %uniq; |
---|
1090 | }, |
---|
1091 | reference => 'user', |
---|
1092 | monitored => 1, |
---|
1093 | iname => 'manager', |
---|
1094 | label => l('Manager'), |
---|
1095 | }, |
---|
1096 | expireTextEC => { |
---|
1097 | ro => 1, |
---|
1098 | managed => 1, |
---|
1099 | get => sub { |
---|
1100 | my ($self) = @_; |
---|
1101 | my $obj = $self->object; |
---|
1102 | my $sth = $obj->db->prepare_cached( |
---|
1103 | sprintf( |
---|
1104 | q{select to_char(COALESCE(endcircuit, expire), 'YYYY/MM/DD') as expire |
---|
1105 | from %s where %s = ?}, |
---|
1106 | $obj->db->quote_identifier($obj->_object_table), |
---|
1107 | $obj->db->quote_identifier($obj->_key_field), |
---|
1108 | ) |
---|
1109 | ); |
---|
1110 | $sth->execute($obj->id) or $obj->db->rollback; |
---|
1111 | my $res = $sth->fetchrow_hashref; |
---|
1112 | $sth->finish; |
---|
1113 | return $res->{expire} |
---|
1114 | }, |
---|
1115 | }, |
---|
1116 | expireText => { |
---|
1117 | ro => 1, |
---|
1118 | managed => 1, |
---|
1119 | get => sub { |
---|
1120 | my ($self) = @_; |
---|
1121 | my $obj = $self->object; |
---|
1122 | my $sth = $obj->db->prepare_cached( |
---|
1123 | sprintf( |
---|
1124 | q{select to_char(expire, 'YYYY/MM/DD') as expire |
---|
1125 | from %s where %s = ?}, |
---|
1126 | $obj->db->quote_identifier($obj->_object_table), |
---|
1127 | $obj->db->quote_identifier($obj->_key_field), |
---|
1128 | ) |
---|
1129 | ); |
---|
1130 | $sth->execute($obj->id) or $obj->db->rollback; |
---|
1131 | my $res = $sth->fetchrow_hashref; |
---|
1132 | $sth->finish; |
---|
1133 | return $res->{expire} |
---|
1134 | }, |
---|
1135 | }, |
---|
1136 | krb5ValidEnd => { |
---|
1137 | ro => 1, |
---|
1138 | managed => 1, |
---|
1139 | get => sub { |
---|
1140 | my ($self) = @_; |
---|
1141 | my $sth = $self->object->db->prepare_cached( |
---|
1142 | sprintf( |
---|
1143 | q{select date_part('epoch', COALESCE(endcircuit, expire))::int as expire |
---|
1144 | from %s where %s = ?}, |
---|
1145 | $self->object->db->quote_identifier($self->object->_object_table), |
---|
1146 | $self->object->db->quote_identifier($self->object->_key_field), |
---|
1147 | ) |
---|
1148 | ); |
---|
1149 | $sth->execute($self->object->id) or $self->object->db->rollback; |
---|
1150 | my $res = $sth->fetchrow_hashref; |
---|
1151 | $sth->finish; |
---|
1152 | return $res->{expire} |
---|
1153 | }, |
---|
1154 | }, |
---|
1155 | cells => { |
---|
1156 | ro => 1, |
---|
1157 | reference => 'group', |
---|
1158 | }, |
---|
1159 | departments => { |
---|
1160 | reference => 'group', |
---|
1161 | delayed => 1, |
---|
1162 | ro => 1, |
---|
1163 | label => l('Departments'), |
---|
1164 | }, |
---|
1165 | arrivalDate => { }, |
---|
1166 | expired => { |
---|
1167 | ro => 1, |
---|
1168 | label => l('Expired'), |
---|
1169 | }, |
---|
1170 | active => { |
---|
1171 | ro => 1, |
---|
1172 | label => l('Active'), |
---|
1173 | }, |
---|
1174 | status => { |
---|
1175 | ro => 1, |
---|
1176 | label => l('Statut du compte'), |
---|
1177 | }, |
---|
1178 | pwdAccountLockedTime => { |
---|
1179 | managed => 1, |
---|
1180 | ro => 1, |
---|
1181 | get => sub { |
---|
1182 | my ($self) = @_; |
---|
1183 | my $obj = $self->object; |
---|
1184 | if ($obj->_get_c_field('locked')) { |
---|
1185 | return '000001010000Z'; |
---|
1186 | } else { |
---|
1187 | my $sth = $obj->db->prepare_cached( |
---|
1188 | sprintf( |
---|
1189 | q{select to_char(COALESCE(endcircuit, expire) AT TIME ZONE 'Z', 'YYYYMMDDHH24MISSZ') as expire |
---|
1190 | from %s where %s = ? and expire < now()}, |
---|
1191 | $obj->db->quote_identifier($obj->_object_table), |
---|
1192 | $obj->db->quote_identifier($obj->_key_field), |
---|
1193 | ) |
---|
1194 | ); |
---|
1195 | $sth->execute($obj->id); |
---|
1196 | my $res = $sth->fetchrow_hashref; |
---|
1197 | $sth->finish; |
---|
1198 | return $res->{expire} |
---|
1199 | } |
---|
1200 | }, |
---|
1201 | }, |
---|
1202 | userPassword => { readable => 0, }, |
---|
1203 | wWWHomePage => { |
---|
1204 | label => l('Web Page'), |
---|
1205 | }, |
---|
1206 | title => { }, |
---|
1207 | snNative => { |
---|
1208 | label => l('Native name'), |
---|
1209 | }, |
---|
1210 | givenNameNative => { |
---|
1211 | label => l('Native first name'), |
---|
1212 | }, |
---|
1213 | sn => { |
---|
1214 | label => l('Name'), |
---|
1215 | }, |
---|
1216 | shadowWarning => { }, |
---|
1217 | shadowMin => { }, |
---|
1218 | shadowMax => { }, |
---|
1219 | shadowLastChange => { }, |
---|
1220 | shadowInactive => { }, |
---|
1221 | shadowFlag => { }, |
---|
1222 | otherTelephone => { }, |
---|
1223 | nickname => { |
---|
1224 | label => l('Nickname'), |
---|
1225 | }, |
---|
1226 | mobile => { }, |
---|
1227 | mail => { |
---|
1228 | label => l('Email'), |
---|
1229 | }, |
---|
1230 | otherEmail => { |
---|
1231 | label => l('External mail'), |
---|
1232 | }, |
---|
1233 | labeledURI => { }, |
---|
1234 | jobType => { }, |
---|
1235 | ipPhone => { }, |
---|
1236 | initials => { |
---|
1237 | label => l('Initials'), |
---|
1238 | }, |
---|
1239 | homePhone => { }, |
---|
1240 | homeDirectory => { |
---|
1241 | label => l('Home directory'), |
---|
1242 | }, |
---|
1243 | halReference => { |
---|
1244 | label => l('HAL id'), |
---|
1245 | }, |
---|
1246 | grade => { }, |
---|
1247 | givenName => { |
---|
1248 | label => l('First name'), |
---|
1249 | }, |
---|
1250 | encryptedPassword => { }, |
---|
1251 | description => { |
---|
1252 | label => l('Description'), |
---|
1253 | }, |
---|
1254 | company => { |
---|
1255 | label => l('Company'), |
---|
1256 | }, |
---|
1257 | employer => { |
---|
1258 | label => l('Employer'), |
---|
1259 | }, |
---|
1260 | comment => { |
---|
1261 | label => l('Comment'), |
---|
1262 | }, |
---|
1263 | college => { }, |
---|
1264 | passwordLastSet => { |
---|
1265 | ro => 1, |
---|
1266 | label => l('Password set'), |
---|
1267 | }, |
---|
1268 | oldPassword => { |
---|
1269 | multiple => 1, |
---|
1270 | }, |
---|
1271 | bannedPassword => { |
---|
1272 | multiple => 1, |
---|
1273 | }, |
---|
1274 | currentEmployment => { |
---|
1275 | managed => 1, |
---|
1276 | ro => 1, |
---|
1277 | reference => 'employment', |
---|
1278 | get => sub { |
---|
1279 | my ($attr) = @_; |
---|
1280 | my $self = $attr->object; |
---|
1281 | |
---|
1282 | my $sth = $self->base->db->prepare_cached( |
---|
1283 | q{ |
---|
1284 | select name from employment where firstday <= now() and |
---|
1285 | (lastday is null or lastday >= now() - '1 days'::interval) and "user" = ? |
---|
1286 | limit 1 |
---|
1287 | } |
---|
1288 | ); |
---|
1289 | $sth->execute($self->id); |
---|
1290 | my $res = $sth->fetchrow_hashref; |
---|
1291 | $sth->finish; |
---|
1292 | if ($res) { |
---|
1293 | return $res->{name} |
---|
1294 | } else { |
---|
1295 | return; |
---|
1296 | } |
---|
1297 | }, |
---|
1298 | }, |
---|
1299 | nextEmployment => { |
---|
1300 | managed => 1, |
---|
1301 | ro => 1, |
---|
1302 | reference => 'employment', |
---|
1303 | get => sub { |
---|
1304 | my ($attr) = @_; |
---|
1305 | my $self = $attr->object; |
---|
1306 | |
---|
1307 | my $sth = $self->base->db->prepare_cached( |
---|
1308 | q{ |
---|
1309 | select name from employment where firstday > now() and "user" = ? |
---|
1310 | order by firstday asc |
---|
1311 | limit 1 |
---|
1312 | } |
---|
1313 | ); |
---|
1314 | $sth->execute($self->id); |
---|
1315 | my $res = $sth->fetchrow_hashref; |
---|
1316 | $sth->finish; |
---|
1317 | if ($res) { |
---|
1318 | return $res->{name} |
---|
1319 | } else { |
---|
1320 | return; |
---|
1321 | } |
---|
1322 | } |
---|
1323 | }, |
---|
1324 | prevEmployment => { |
---|
1325 | managed => 1, |
---|
1326 | ro => 1, |
---|
1327 | reference => 'employment', |
---|
1328 | get => sub { |
---|
1329 | my ($attr) = @_; |
---|
1330 | my $self = $attr->object; |
---|
1331 | |
---|
1332 | my $sth = $self->base->db->prepare_cached( |
---|
1333 | q{ |
---|
1334 | select name from employment where |
---|
1335 | (lastday is not null and lastday <= now() - '1 days'::interval) and "user" = ? |
---|
1336 | order by firstday desc |
---|
1337 | limit 1 |
---|
1338 | } |
---|
1339 | ); |
---|
1340 | $sth->execute($self->id); |
---|
1341 | my $res = $sth->fetchrow_hashref; |
---|
1342 | $sth->finish; |
---|
1343 | if ($res) { |
---|
1344 | return $res->{name} |
---|
1345 | } else { |
---|
1346 | return; |
---|
1347 | } |
---|
1348 | } |
---|
1349 | }, |
---|
1350 | appliedEmployement => { |
---|
1351 | hide => 1, |
---|
1352 | reference => 'employment', |
---|
1353 | }, |
---|
1354 | contratTypeHistory => { |
---|
1355 | reference => 'group', |
---|
1356 | can_values => sub { |
---|
1357 | $base->search_objects('group', 'sutype=contrattype') |
---|
1358 | }, |
---|
1359 | multiple => 1, |
---|
1360 | }, |
---|
1361 | employmentHistory => { |
---|
1362 | reference => 'employment', |
---|
1363 | multiple => 1, |
---|
1364 | ro => 1, |
---|
1365 | }, |
---|
1366 | hosted => { |
---|
1367 | formtype => 'CHECKBOX', |
---|
1368 | label => l('Hosted'), |
---|
1369 | }, |
---|
1370 | |
---|
1371 | }; |
---|
1372 | |
---|
1373 | my $employmentro = sub { |
---|
1374 | my $setting = $base->config('employment_lock_user') || 'any'; |
---|
1375 | |
---|
1376 | for ($setting) { |
---|
1377 | /^always$/ and return 1; |
---|
1378 | /^never$/ and return 0; |
---|
1379 | |
---|
1380 | $_[0] or return 0; |
---|
1381 | |
---|
1382 | /^any$/i and return $_[0]->listEmployment ? 1 : 0; |
---|
1383 | /^active/i and do { |
---|
1384 | return $_[0]->_get_c_field('currentEmployment') |
---|
1385 | ? 1 |
---|
1386 | : $_[0]->_get_c_field('nextEmployment') ? 1 : 0; |
---|
1387 | }; |
---|
1388 | /(\S+)=(\S+)/ and do { |
---|
1389 | my $attr = $_[0]->_get_c_field($1); |
---|
1390 | if (defined($attr)) { |
---|
1391 | if ($2 eq '*') { |
---|
1392 | return 1; |
---|
1393 | } elsif($2 eq $attr) { |
---|
1394 | return 1; |
---|
1395 | } else { |
---|
1396 | return 0; |
---|
1397 | } |
---|
1398 | } else { |
---|
1399 | return 0; |
---|
1400 | } |
---|
1401 | }; |
---|
1402 | } |
---|
1403 | return $_[0]->listEmployment ? 1 : 0; # default is any! |
---|
1404 | }; |
---|
1405 | |
---|
1406 | foreach (qw(contratType managerContact company endcircuit department hosted |
---|
1407 | contratTypeHistory employer)) { |
---|
1408 | $attrs->{$_}{ro} = $employmentro; |
---|
1409 | } |
---|
1410 | |
---|
1411 | $attrs->{expire}{ro} = sub { |
---|
1412 | my $expireOn = $base->config('expireOn') || ''; |
---|
1413 | if ($expireOn eq 'never') { |
---|
1414 | return 0; |
---|
1415 | } |
---|
1416 | |
---|
1417 | $employmentro->($_[0]); |
---|
1418 | }; |
---|
1419 | |
---|
1420 | $class->SUPER::_get_attr_schema($base, $attrs) |
---|
1421 | } |
---|
1422 | |
---|
1423 | sub CreateAlias { |
---|
1424 | my ($class, $base, $name, $for) = @_; |
---|
1425 | |
---|
1426 | my $stAddAlias = $base->db->prepare_cached( |
---|
1427 | q{INSERT INTO "user" (name, uidnumber, gidnumber, oalias) values |
---|
1428 | (?, -nextval('ikey_seq'), ?, ?)} |
---|
1429 | ); |
---|
1430 | |
---|
1431 | my $res = $stAddAlias->execute($name, -1, $for); |
---|
1432 | return $res ? 1 : 0; |
---|
1433 | } |
---|
1434 | |
---|
1435 | sub _get_state { |
---|
1436 | my ($self, $state) = @_; |
---|
1437 | for ($state) { |
---|
1438 | /^expired$/ and do { |
---|
1439 | my $attribute = $self->attribute('expire'); |
---|
1440 | $attribute->check_acl('r') or return; |
---|
1441 | my $sth = $self->db->prepare_cached( |
---|
1442 | q{ select coalesce(expire < now(), false) as exp from "user" |
---|
1443 | where "user".name = ?} |
---|
1444 | ); |
---|
1445 | $sth->execute($self->id); |
---|
1446 | my $res = $sth->fetchrow_hashref; |
---|
1447 | $sth->finish; |
---|
1448 | return $res->{exp} ? 1 : 0; |
---|
1449 | }; |
---|
1450 | } |
---|
1451 | } |
---|
1452 | |
---|
1453 | sub set_fields { |
---|
1454 | my ($self, %data) = @_; |
---|
1455 | |
---|
1456 | my $old; |
---|
1457 | if (exists($data{department})) { |
---|
1458 | $old = $self->_get_attributes('department'); |
---|
1459 | } |
---|
1460 | if (($data{department} || '') eq ($old || '')) { |
---|
1461 | # We do not remove the group, there is no change |
---|
1462 | $old = undef; |
---|
1463 | } |
---|
1464 | |
---|
1465 | my $res = $self->SUPER::set_fields(%data) or return; |
---|
1466 | |
---|
1467 | if ($self->base->config('remove_old_dpmt') && $old) { |
---|
1468 | $self->base->log(LA_DEBUG, |
---|
1469 | "Removing %s from group %s (department change to %s)", |
---|
1470 | $self->id, |
---|
1471 | $old, |
---|
1472 | $data{department} || ''); |
---|
1473 | $self->_delAttributeValue('memberOf', $old) or return; |
---|
1474 | $res++; |
---|
1475 | } |
---|
1476 | |
---|
1477 | $res |
---|
1478 | } |
---|
1479 | |
---|
1480 | =head2 listEmployment |
---|
1481 | |
---|
1482 | Return the ordered list of contract |
---|
1483 | |
---|
1484 | =cut |
---|
1485 | |
---|
1486 | sub listEmployment { |
---|
1487 | my ($self) = @_; |
---|
1488 | |
---|
1489 | my $sth = $self->base->db->prepare_cached( |
---|
1490 | q{ |
---|
1491 | select name from employment where "user" = ? |
---|
1492 | order by lastday desc NULLS first |
---|
1493 | } |
---|
1494 | ); |
---|
1495 | $sth->execute($self->id); |
---|
1496 | my @list = (); |
---|
1497 | while (my $res = $sth->fetchrow_hashref) { |
---|
1498 | push(@list, $res->{name}); |
---|
1499 | } |
---|
1500 | |
---|
1501 | @list |
---|
1502 | } |
---|
1503 | |
---|
1504 | =head2 computeEmploymentDate |
---|
1505 | |
---|
1506 | Compute and copy to user start and end employment date |
---|
1507 | |
---|
1508 | =cut |
---|
1509 | |
---|
1510 | sub computeEmploymentDate { |
---|
1511 | my ($self) = @_; |
---|
1512 | |
---|
1513 | my $currentemployment = $self->get_attributes('currentEmployment') || ''; |
---|
1514 | |
---|
1515 | my $expire = str2time($self->_get_attributes('expire') || '1970-01-01T00:00:00'); |
---|
1516 | |
---|
1517 | my %changes; |
---|
1518 | my @employmentDate = qw( |
---|
1519 | endEmployment endStrictEmployment endCurrentEmployment endLastEmployment |
---|
1520 | startEmployment startStrictEmployment startCurrentEmployment startFirstEmployment |
---|
1521 | arrival departure |
---|
1522 | ); |
---|
1523 | foreach (@employmentDate) { |
---|
1524 | my $old = $self->_get_attributes($_) || ''; |
---|
1525 | my $new = $self->_get_attributes("_$_") || ''; |
---|
1526 | if ($old ne $new) { |
---|
1527 | $changes{$_} = $new || undef; |
---|
1528 | } |
---|
1529 | } |
---|
1530 | |
---|
1531 | # If there is no current employment we try to find any to not let expire |
---|
1532 | # unset |
---|
1533 | |
---|
1534 | my $expireOn = $self->base->config('expireOn') || ''; |
---|
1535 | if (!grep { $_ eq $expireOn } (@employmentDate, '', 'never')) { |
---|
1536 | $self->base->log(LA_ERR, "expireOn set to invalid parameter %s, using endEmployment instead", $expireOn); |
---|
1537 | $expireOn = undef; |
---|
1538 | } |
---|
1539 | $expireOn ||= 'endEmployment'; |
---|
1540 | |
---|
1541 | # We check if matching start exists to know if using end* for expiration is |
---|
1542 | # safe, even undef |
---|
1543 | my %end2start = ( |
---|
1544 | endEmployment => 'startEmployment', |
---|
1545 | endStrictEmployment => 'startStrictEmployment', |
---|
1546 | endCurrentEmployment => 'startCurrentEmployment', |
---|
1547 | endLastEmployment => 'startFirstEmployment', |
---|
1548 | ); |
---|
1549 | |
---|
1550 | # TODO rework this working code but bloat |
---|
1551 | if ($expireOn ne 'never') { |
---|
1552 | my $endemploy = ''; |
---|
1553 | if ($self->_get_attributes("_$end2start{$expireOn}")) { |
---|
1554 | $endemploy = $self->_get_attributes("_$expireOn") || ''; |
---|
1555 | $endemploy ||= 'UNCHANGED' unless($currentemployment); |
---|
1556 | } elsif (($self->base->config('unemployed_expire') ||'') eq 'no') { |
---|
1557 | $endemploy = ''; |
---|
1558 | } else { |
---|
1559 | # due to time zone, 0 is never 0 |
---|
1560 | if ($expire > 86400 && $expire < time) { |
---|
1561 | $endemploy = 'UNCHANGED'; |
---|
1562 | } else { |
---|
1563 | $endemploy = $self->_get_attributes('create'); |
---|
1564 | } |
---|
1565 | } |
---|
1566 | |
---|
1567 | if ($endemploy ne 'UNCHANGED') { |
---|
1568 | my $nextexpire = str2time( $endemploy || '1970-01-01T00:00:00' ); |
---|
1569 | |
---|
1570 | if ($expire != $nextexpire) { |
---|
1571 | $changes{expire} = $endemploy; |
---|
1572 | } |
---|
1573 | } |
---|
1574 | } |
---|
1575 | |
---|
1576 | if (keys %changes) { |
---|
1577 | $self->ReportChange('Update', 'Update %s to match employment', join(', ', sort keys %changes)); |
---|
1578 | $self->ReportChange('Update', 'Expire update to %s to match employment', ($changes{expire} || '(none)')) |
---|
1579 | if (exists($changes{expire})); |
---|
1580 | $self->set_fields(%changes); |
---|
1581 | } |
---|
1582 | |
---|
1583 | $self->_computeEmploymentHistory(); |
---|
1584 | |
---|
1585 | return 1; |
---|
1586 | } |
---|
1587 | |
---|
1588 | sub _computeStartEmployment { |
---|
1589 | my ($self, $delay, $any, $workday) = @_; |
---|
1590 | |
---|
1591 | $delay ||= 0; |
---|
1592 | my $start; |
---|
1593 | my $nstart; |
---|
1594 | |
---|
1595 | if (my $next = $self->_get_attributes('nextEmployment')) { |
---|
1596 | my $onext = $self->base->get_object('employment', $next); |
---|
1597 | $nstart = DateTime->from_epoch(epoch => str2time($onext->_get_attributes('firstday'))); |
---|
1598 | $nstart->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
1599 | } |
---|
1600 | |
---|
1601 | my $list_empl = $self->base->db->prepare_cached(q{ |
---|
1602 | SELECT *, (lastday is null or lastday >= now() - '1days'::interval) as "current" FROM employment |
---|
1603 | WHERE "user" = ? and firstday < now() |
---|
1604 | order by firstday desc |
---|
1605 | }); |
---|
1606 | $list_empl->execute($self->id); |
---|
1607 | |
---|
1608 | while (my $res = $list_empl->fetchrow_hashref) { |
---|
1609 | if ($res->{current}) { |
---|
1610 | } elsif ($nstart) { |
---|
1611 | my $prevend = DateTime->from_epoch(epoch => str2time($res->{lastday})); |
---|
1612 | $prevend->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
1613 | my $tstart = $nstart->clone; |
---|
1614 | $tstart->subtract(days => $delay + 1); |
---|
1615 | if ($tstart->ymd gt $prevend->ymd) { |
---|
1616 | last; |
---|
1617 | } |
---|
1618 | } elsif ((!$res->{current}) && (!$any)) { |
---|
1619 | last; |
---|
1620 | } |
---|
1621 | $nstart = DateTime->from_epoch(epoch => str2time($res->{firstday})); |
---|
1622 | $nstart->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
1623 | $start = $nstart->clone; |
---|
1624 | } |
---|
1625 | $list_empl->finish; |
---|
1626 | |
---|
1627 | $start ||= $nstart if ($any); |
---|
1628 | |
---|
1629 | if ($start) { |
---|
1630 | if ($workday) { |
---|
1631 | my $day_of_week = $start->day_of_week; |
---|
1632 | $start->add(days => |
---|
1633 | $day_of_week == 6 ? 2 : |
---|
1634 | $day_of_week == 7 ? 1 : 0 |
---|
1635 | ); |
---|
1636 | } |
---|
1637 | } |
---|
1638 | |
---|
1639 | return $start ? $start->iso8601 : undef |
---|
1640 | } |
---|
1641 | |
---|
1642 | sub _computeEndEmployment { |
---|
1643 | my ($self, $delay, $any, $workday) = @_; |
---|
1644 | |
---|
1645 | $delay ||= 0; |
---|
1646 | my $end; |
---|
1647 | my $pend; |
---|
1648 | |
---|
1649 | if (my $prev = $self->_get_attributes('prevEmployment')) { |
---|
1650 | my $oprev = $self->base->get_object('employment', $prev); |
---|
1651 | $pend = DateTime->from_epoch(epoch => str2time($oprev->_get_attributes('lastday'))); |
---|
1652 | $pend->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
1653 | $pend->add(hours => 23, minutes => 59, seconds => 59); |
---|
1654 | } |
---|
1655 | |
---|
1656 | my $list_empl = $self->base->db->prepare_cached(q{ |
---|
1657 | SELECT *, firstday <= now() as "current" FROM employment WHERE "user" = ? and |
---|
1658 | (lastday is null or lastday >= now() - '1 days'::interval) |
---|
1659 | order by firstday asc |
---|
1660 | }); |
---|
1661 | $list_empl->execute($self->id); |
---|
1662 | while (my $res = $list_empl->fetchrow_hashref) { |
---|
1663 | if (!$res->{lastday}) { |
---|
1664 | # Ultimate employment. |
---|
1665 | $list_empl->finish; |
---|
1666 | return undef; |
---|
1667 | } |
---|
1668 | if ($res->{current}) { |
---|
1669 | } elsif ($end) { |
---|
1670 | my $nextstart = DateTime->from_epoch(epoch => str2time($res->{firstday})); |
---|
1671 | $nextstart->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
1672 | my $tend = $end->clone; |
---|
1673 | $tend->add(days => $delay + 1); |
---|
1674 | if ($tend->ymd lt $nextstart->ymd) { |
---|
1675 | last; |
---|
1676 | } |
---|
1677 | } elsif ($pend) { |
---|
1678 | my $nextstart = DateTime->from_epoch(epoch => str2time($res->{firstday})); |
---|
1679 | $nextstart->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
1680 | my $tend = $pend->clone; |
---|
1681 | $tend->add(days => $delay + 1); |
---|
1682 | if ($tend->ymd lt $nextstart->ymd) { |
---|
1683 | last; |
---|
1684 | } |
---|
1685 | $end = $tend |
---|
1686 | } elsif ((!$res->{current}) && (!$any)) { |
---|
1687 | last; |
---|
1688 | } |
---|
1689 | $end = DateTime->from_epoch(epoch => str2time($res->{lastday})); |
---|
1690 | $end->set_time_zone( DateTime::TimeZone->new( name => 'local' ) ); |
---|
1691 | $end->add(hours => 23, minutes => 59, seconds => 59); |
---|
1692 | } |
---|
1693 | $list_empl->finish; |
---|
1694 | |
---|
1695 | $end ||= $pend if($any); |
---|
1696 | |
---|
1697 | if ($end) { |
---|
1698 | if ($workday) { |
---|
1699 | my $day_of_week = $end->day_of_week; |
---|
1700 | $end->subtract(days => |
---|
1701 | $day_of_week == 7 ? 2 : |
---|
1702 | $day_of_week == 6 ? 1 : 0 |
---|
1703 | ); |
---|
1704 | } |
---|
1705 | } |
---|
1706 | |
---|
1707 | return $end ? $end->iso8601 : undef |
---|
1708 | } |
---|
1709 | |
---|
1710 | # Compute a summary of employement and store the value |
---|
1711 | # into an attribute |
---|
1712 | |
---|
1713 | sub _computeEmploymentHistory { |
---|
1714 | my ($self) = @_; |
---|
1715 | |
---|
1716 | my %changes; |
---|
1717 | |
---|
1718 | { |
---|
1719 | my $sth = $self->db->prepare_cached(q{ |
---|
1720 | select employment.name from employment |
---|
1721 | where "user" = ? and employment.firstday < now() |
---|
1722 | }); |
---|
1723 | $sth->execute($self->id); |
---|
1724 | my @values; |
---|
1725 | while (my $res = $sth->fetchrow_hashref) { |
---|
1726 | push(@values, $res->{name}); |
---|
1727 | } |
---|
1728 | $changes{"employmentHistory"} = \@values; |
---|
1729 | } |
---|
1730 | |
---|
1731 | foreach my $attribute (qw(contratType)) { |
---|
1732 | my $sth = $self->db->prepare_cached(q{ |
---|
1733 | select employment_attributes.value from employment |
---|
1734 | join employment_attributes |
---|
1735 | on employment.ikey = employment_attributes.okey |
---|
1736 | where "user" = ? and employment_attributes.attr = ? |
---|
1737 | and employment.firstday < now() |
---|
1738 | group by employment_attributes.value |
---|
1739 | }); |
---|
1740 | $sth->execute($self->id, $attribute); |
---|
1741 | my @values; |
---|
1742 | while (my $res = $sth->fetchrow_hashref) { |
---|
1743 | push(@values, $res->{value}); |
---|
1744 | } |
---|
1745 | $changes{$attribute . "History"} = \@values; |
---|
1746 | } |
---|
1747 | |
---|
1748 | $self->set_fields(%changes); |
---|
1749 | } |
---|
1750 | |
---|
1751 | =head2 storeBannedPassword($epassword) |
---|
1752 | |
---|
1753 | Add an encrypted password to untrust list |
---|
1754 | |
---|
1755 | =cut |
---|
1756 | |
---|
1757 | sub storeBannedPassword { |
---|
1758 | my ($self, $EncPass) = @_; |
---|
1759 | |
---|
1760 | my @banned = sort { $b cmp $a } $self->_get_attributes('bannedPassword'); |
---|
1761 | my $now = DateTime->now; |
---|
1762 | unshift(@banned, $now->iso8601 . ';' . $EncPass); |
---|
1763 | $self->set_fields('bannedPassword', [ grep { $_ } @banned ]); |
---|
1764 | |
---|
1765 | } |
---|
1766 | |
---|
1767 | =head2 banCurrentPassword |
---|
1768 | |
---|
1769 | Store the current password as banned |
---|
1770 | |
---|
1771 | =cut |
---|
1772 | |
---|
1773 | sub banCurrentPassword { |
---|
1774 | my ($self) = @_; |
---|
1775 | |
---|
1776 | my $old = $self->get_field('userPassword') or return; |
---|
1777 | $self->storeBannedPassword($old); |
---|
1778 | } |
---|
1779 | |
---|
1780 | sub check_password { |
---|
1781 | my ( $self, $password ) = @_; |
---|
1782 | |
---|
1783 | my $res = $self->SUPER::check_password($password); |
---|
1784 | if ($res !~ /^ok$/) { |
---|
1785 | return $res; |
---|
1786 | } |
---|
1787 | |
---|
1788 | foreach my $banned ($self->_get_attributes('bannedPassword')) { |
---|
1789 | my ($date, $oldPassword) = $banned =~ /^([^;]*);(.*)/; |
---|
1790 | if (crypt($password, $oldPassword) eq $oldPassword) { |
---|
1791 | return "Banned password, cannot be used anymore"; |
---|
1792 | } |
---|
1793 | } |
---|
1794 | |
---|
1795 | return 'ok'; |
---|
1796 | } |
---|
1797 | |
---|
1798 | sub _set_password { |
---|
1799 | my ($self, $clear_pass) = @_; |
---|
1800 | if (my $attr = $self->base->attribute($self->type, 'userPassword')) { |
---|
1801 | my $field = $attr->iname; |
---|
1802 | |
---|
1803 | # Storing as old password |
---|
1804 | my @olds = sort { $b cmp $a } $self->_get_attributes('oldPassword'); |
---|
1805 | if (my $old = $self->get_field('userPassword')) { |
---|
1806 | my $now = DateTime->now; |
---|
1807 | unshift(@olds, $now->iso8601 . ';' . $old); |
---|
1808 | $self->set_fields('oldPassword', [ grep { $_ } @olds[0 .. 14] ]); |
---|
1809 | } |
---|
1810 | |
---|
1811 | my @salt_char = (('a' .. 'z'), ('A' .. 'Z'), (0 .. 9), '/', '.'); |
---|
1812 | my $salt = join('', map { $salt_char[rand(scalar(@salt_char))] } (1 .. 8)); |
---|
1813 | my $res = $self->set_fields($field, crypt($clear_pass, '$1$' . $salt)); |
---|
1814 | if ($res) { |
---|
1815 | if ($self->base->get_global_value('rsa_public_key')) { |
---|
1816 | $self->setCryptPassword($clear_pass) or return; |
---|
1817 | } |
---|
1818 | } |
---|
1819 | |
---|
1820 | $self->set_fields('passwordLastSet', DateTime->now->datetime); |
---|
1821 | $self->base->log(LA_NOTICE, |
---|
1822 | 'Mot de passe changé pour %s', |
---|
1823 | $self->id |
---|
1824 | ); |
---|
1825 | |
---|
1826 | |
---|
1827 | return $res; |
---|
1828 | } else { |
---|
1829 | $self->log(LA_WARN, |
---|
1830 | "Cannot set password: userPassword attributes is unsupported"); |
---|
1831 | } |
---|
1832 | } |
---|
1833 | |
---|
1834 | =head2 setCryptPassword($clear_pass) |
---|
1835 | |
---|
1836 | Store password encrypted using RSA encryption. |
---|
1837 | |
---|
1838 | =cut |
---|
1839 | |
---|
1840 | sub setCryptPassword { |
---|
1841 | my ($self, $clear_pass) = @_; |
---|
1842 | if (my $serialize = $self->base->get_global_value('rsa_public_key')) { |
---|
1843 | my $public = Crypt::RSA::Key::Public->new; |
---|
1844 | $public = $public->deserialize(String => [ $serialize ]); |
---|
1845 | my $rsa = new Crypt::RSA ES => 'PKCS1v15'; |
---|
1846 | my $rsa_password = $rsa->encrypt ( |
---|
1847 | Message => $clear_pass, |
---|
1848 | Key => $public, |
---|
1849 | Armour => 1, |
---|
1850 | ) || die $rsa->errstr(); |
---|
1851 | if (!$self->_set_c_fields('encryptedPassword', $rsa_password)) { |
---|
1852 | $self->log(LA_ERR, |
---|
1853 | "Cannot set 'encryptedPassword' attribute for object %s/%s", |
---|
1854 | $self->type, $self->id, |
---|
1855 | ); |
---|
1856 | return; |
---|
1857 | } |
---|
1858 | } |
---|
1859 | $self->ReportChange('Password', 'Password stored using internal key'); |
---|
1860 | return 1; |
---|
1861 | } |
---|
1862 | |
---|
1863 | |
---|
1864 | =head2 GenPasswordResetId |
---|
1865 | |
---|
1866 | Return a new id allowing passowrd reset |
---|
1867 | |
---|
1868 | =cut |
---|
1869 | |
---|
1870 | sub GenPasswordResetId { |
---|
1871 | my ($self) = @_; |
---|
1872 | |
---|
1873 | my $id = LATMOS::Accounts::Utils::genpassword(length => 32); |
---|
1874 | |
---|
1875 | my $sth = $self->base->db->prepare_cached(q{ |
---|
1876 | INSERT INTO passwordreset (id, "user") values (?,?) |
---|
1877 | }); |
---|
1878 | |
---|
1879 | if ($sth->execute($id, $self->id)) { |
---|
1880 | return $id; |
---|
1881 | } else { |
---|
1882 | return; |
---|
1883 | } |
---|
1884 | } |
---|
1885 | |
---|
1886 | =head2 SendPasswordReset($url) |
---|
1887 | |
---|
1888 | Generate a password reset Id and the to the user. |
---|
1889 | |
---|
1890 | C<$url> is the URL where the password can changed (printf forward, the %s is |
---|
1891 | replaced by the request id) |
---|
1892 | |
---|
1893 | =cut |
---|
1894 | |
---|
1895 | sub SendPasswordReset { |
---|
1896 | my ($self, $url) = @_; |
---|
1897 | |
---|
1898 | my $id = $self->GenPasswordResetId; |
---|
1899 | |
---|
1900 | my $mail = $self->_get_attributes('mail') or do { |
---|
1901 | $self->base->log(LA_ERR, "Cannot sent reset password mail: no mail found"); |
---|
1902 | return; |
---|
1903 | }; |
---|
1904 | |
---|
1905 | my %mail = ( |
---|
1906 | Subject => 'LATMOS: pasword reset', |
---|
1907 | 'X-LATMOS-Reason' => 'Account destruction', |
---|
1908 | to => $mail, |
---|
1909 | ); |
---|
1910 | |
---|
1911 | if (my $otherEmail = $self->_get_attributes('otherEmail')) { |
---|
1912 | $mail{cc} = $otherEmail; |
---|
1913 | } |
---|
1914 | |
---|
1915 | my $vars = { |
---|
1916 | url => sprintf($url, $id), |
---|
1917 | }; |
---|
1918 | $vars->{id} = $id; |
---|
1919 | $vars->{obj} = $self; |
---|
1920 | |
---|
1921 | my $lamail = LATMOS::Accounts::Mail->new( |
---|
1922 | $self->base->la, |
---|
1923 | 'passwordreset.mail', |
---|
1924 | ); |
---|
1925 | |
---|
1926 | if ($lamail->process(\%mail, $vars)) { |
---|
1927 | $self->base->log(LA_NOTICE, |
---|
1928 | "Reset password sent to %s for user %s", |
---|
1929 | $mail{to}, |
---|
1930 | $self->id, |
---|
1931 | ); |
---|
1932 | return 1; |
---|
1933 | } else { |
---|
1934 | return; |
---|
1935 | } |
---|
1936 | |
---|
1937 | } |
---|
1938 | |
---|
1939 | =head2 CheckPasswordResetId($id) |
---|
1940 | |
---|
1941 | Return True if the reset password ID can be found and is less than one day old |
---|
1942 | |
---|
1943 | =cut |
---|
1944 | |
---|
1945 | sub CheckPasswordResetId { |
---|
1946 | my ($self, $id) = @_; |
---|
1947 | |
---|
1948 | my $sth = $self->base->db->prepare_cached(q{ |
---|
1949 | SELECT * FROM passwordreset WHERE |
---|
1950 | "user" = ? and |
---|
1951 | id = ? and |
---|
1952 | "create" >= now() - '1 days'::interval |
---|
1953 | }); |
---|
1954 | $sth->execute($self->id, $id); |
---|
1955 | |
---|
1956 | my $res = $sth->fetchrow_hashref; |
---|
1957 | $sth->finish; |
---|
1958 | |
---|
1959 | return $res ? 1 : 0; |
---|
1960 | } |
---|
1961 | |
---|
1962 | =head2 DeletePasswordId($id) |
---|
1963 | |
---|
1964 | Delete password reset C<$id> and all expired request |
---|
1965 | |
---|
1966 | =cut |
---|
1967 | |
---|
1968 | sub DeletePasswordId { |
---|
1969 | my ($self, $id) = @_; |
---|
1970 | |
---|
1971 | my $sth = $self->base->db->prepare_cached(q{ |
---|
1972 | DELETE FROM passwordreset WHERE |
---|
1973 | "user" = ? AND (id = ? or "create" < now() - '1 days'::interval) |
---|
1974 | }); |
---|
1975 | |
---|
1976 | $sth->execute($self->id, $id); |
---|
1977 | } |
---|
1978 | |
---|
1979 | 1; |
---|
1980 | |
---|
1981 | __END__ |
---|
1982 | |
---|
1983 | =head1 SEE ALSO |
---|
1984 | |
---|
1985 | =head1 AUTHOR |
---|
1986 | |
---|
1987 | Olivier Thauvin, E<lt>olivier.thauvin@latmos.ipsl.frE<gt> |
---|
1988 | |
---|
1989 | =head1 COPYRIGHT AND LICENSE |
---|
1990 | |
---|
1991 | Copyright (C) 2008, 2009 CNRS SA/CETP/LATMOS |
---|
1992 | |
---|
1993 | This library is free software; you can redistribute it and/or modify |
---|
1994 | it under the same terms as Perl itself, either Perl version 5.10.0 or, |
---|
1995 | at your option, any later version of Perl 5 you may have available. |
---|
1996 | |
---|
1997 | =cut |
---|