I lied earlier...kadmin support now added

author: Timothy Pearson <kb9vqf@pearsoncomputing.net> 2012-05-30 13:57:42 -0500
committer: Timothy Pearson <kb9vqf@pearsoncomputing.net> 2012-05-30 13:57:42 -0500
commit: 93a591d8f0733774cfc62329ef4b9cc5403bd16c (patch)
tree: a524f4bca7e42947217b8d847e3f46e37bccb133 /src/ldapmgr.cpp
parent: 4d66047a3136662532e79d5e41038db246d334dd (diff)
download: kcmldapmanager-93a591d8f0733774cfc62329ef4b9cc5403bd16c.tar.gz
kcmldapmanager-93a591d8f0733774cfc62329ef4b9cc5403bd16c.zip
1 files changed, 138 insertions, 2 deletions
diff --git a/src/ldapmgr.cpp b/src/ldapmgr.cpp
index 6d94a0c..5481b2e 100644
--- a/src/ldapmgr.cpp
+++ b/src/ldapmgr.cpp
@@ -19,6 +19,7 @@
  ***************************************************************************/
 
 #include <tqlayout.h>
+#include <tqapplication.h>
 
 #include <klocale.h>
 #include <kglobal.h>
@@ -38,6 +39,8 @@
 #include <kmessagebox.h>
 #include <klineedit.h>
 
+#include <tdesu/process.h>
+
 #include "ldapmgr.h"
 
 #include "libtdeldap.h"
@@ -148,7 +151,6 @@ void LDAPConfig::save() {
 }
 
 void LDAPConfig::processLockouts() {
-	// RAJA FIXME
 	TQListViewItem* lvi = base->user_list->selectedItem();
 	if (lvi) {
 		base->user_buttonModify->setEnabled(true);
@@ -170,6 +172,19 @@ void LDAPConfig::processLockouts() {
 		base->group_buttonDelete->setEnabled(false);
 	}
 	base->group_buttonAdd->setEnabled(true);
+
+	lvi = base->machine_list->selectedItem();
+	if (lvi) {
+		base->machine_buttonDelete->setEnabled(true);
+	}
+	else {
+		base->machine_buttonDelete->setEnabled(false);
+	}
+	// FIXME
+	// Disable machine add/modify as they are not implemented
+	// In fact, I don't know if I CAN implement them!
+	base->machine_buttonAdd->setEnabled(true);
+	base->machine_buttonModify->setEnabled(true);
 }
 
 void LDAPConfig::connectToRealm(const TQString& realm) {
@@ -431,7 +446,36 @@ void LDAPConfig::addNewUser() {
 			else {
 				user.distinguishedName = "uid=" + user.name + "," + m_ldapmanager->basedn();
 			}
-			m_ldapmanager->addUserInfo(user);
+			if (m_ldapmanager->addUserInfo(user) == 0) {
+				if (user.new_password != "") {
+					// If a new password was set, use Kerberos to set it on the server
+					TQString errorString;
+					if (setPasswordForUser(user, &errorString) != 0) {
+						KMessageBox::error(0, i18n("<qt>Unable to set password for user!<p>%1</qt>").arg(errorString), i18n("Kerberos Failure"));
+					}
+				}
+	
+				// Modify group(s) as needed
+				populateGroups();
+				LDAPGroupInfoList::Iterator it;
+				for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) {
+					LDAPGroupInfo group = *it;
+					if (userconfigdlg.selectedGroups.contains(group.name)) {
+						// Make sure that we are in this group!
+						if (!group.userlist.contains(user.distinguishedName)) {
+							group.userlist.append(user.distinguishedName);
+							m_ldapmanager->updateGroupInfo(group);
+						}
+					}
+					else {
+						// Make sure that we are NOT in this group!
+						if (group.userlist.contains(user.distinguishedName)) {
+							group.userlist.remove(user.distinguishedName);
+							m_ldapmanager->updateGroupInfo(group);
+						}
+					}
+				}
+			}
 		}
 		else {
 			// PEBKAC
@@ -492,6 +536,14 @@ void LDAPConfig::modifySelectedUser() {
 	if (userconfigdlg.exec() == TQDialog::Accepted) {
 		user = userconfigdlg.m_user;
 		if (m_ldapmanager->updateUserInfo(user) == 0) {
+			if (user.new_password != "") {
+				// If a new password was set, use Kerberos to set it on the server
+				TQString errorString;
+				if (setPasswordForUser(user, &errorString) != 0) {
+					KMessageBox::error(0, i18n("<qt>Unable to set password for user!<p>%1</qt>").arg(errorString), i18n("Kerberos Failure"));
+				}
+			}
+
 			// Modify group(s) as needed
 			populateGroups();
 			LDAPGroupInfoList::Iterator it;
@@ -551,6 +603,90 @@ void LDAPConfig::removeSelectedGroup() {
 	updateAllInformation();
 }
 
+TQString readFullLineFromPtyProcess(PtyProcess* proc) {
+	TQString result = "";
+	while ((!result.contains("\n")) && (!result.contains(":")) && (!result.contains(">"))) {
+		result = result + TQString(proc->readLine(false));
+		tqApp->processEvents();
+	}
+	return result;
+}
+
+int LDAPConfig::setPasswordForUser(LDAPUserInfo user, TQString *errstr) {
+	if (user.new_password == "") {
+		return 0;
+	}
+
+	LDAPCredentials admincreds = m_ldapmanager->currentLDAPCredentials();
+
+	TQCString command = "kadmin";
+	QCStringList args;
+	args << TQCString("-p") << TQCString(admincreds.username.lower()+"@"+(admincreds.realm.upper())) << TQCString("-r") << TQCString(admincreds.realm.upper());
+
+	TQString prompt;
+	PtyProcess kadminProc;
+	kadminProc.exec(command, args);
+	prompt = kadminProc.readLine(true);
+	prompt = prompt.stripWhiteSpace();
+	if (prompt == "kadmin>") {
+		kadminProc.writeLine(TQCString("passwd "+user.name), true);
+		prompt = kadminProc.readLine(true);	// Discard our own input
+		prompt = readFullLineFromPtyProcess(&kadminProc);
+		prompt = prompt.stripWhiteSpace();
+		if ((prompt.endsWith(" Password:")) && (!prompt.startsWith(TQString(user.name + "@")))) {
+			kadminProc.writeLine(admincreds.password, true);
+			prompt = kadminProc.readLine(true);	// Discard our own input
+			prompt = kadminProc.readLine(true);
+			prompt = prompt.stripWhiteSpace();
+		}
+		if (prompt.contains("authentication failed")) {
+			if (errstr) *errstr = prompt;
+			kadminProc.writeLine("quit", true);
+			return 1;
+		}
+		else if ((prompt.endsWith(" Password:")) && (prompt.startsWith(TQString(user.name + "@")))) {
+			kadminProc.writeLine(user.new_password, true);
+			prompt = kadminProc.readLine(true);	// Discard our own input
+			prompt = kadminProc.readLine(true);
+			prompt = prompt.stripWhiteSpace();
+			if ((prompt.endsWith(" Password:")) && (prompt.startsWith("Verify"))) {
+				kadminProc.writeLine(user.new_password, true);
+				prompt = kadminProc.readLine(true);	// Discard our own input
+				prompt = kadminProc.readLine(true);
+				prompt = prompt.stripWhiteSpace();
+			}
+			if ((prompt.endsWith(" Password:")) && (!prompt.startsWith(TQString(user.name + "@")))) {
+				kadminProc.writeLine(admincreds.password, true);
+				prompt = kadminProc.readLine(true);	// Discard our own input
+				prompt = kadminProc.readLine(true);
+				prompt = prompt.stripWhiteSpace();
+			}
+			if (prompt != "kadmin>") {
+				if (errstr) *errstr = prompt;
+				kadminProc.writeLine("quit", true);
+				return 1;
+			}
+
+			// Success!
+			kadminProc.writeLine("quit", true);
+			return 0;
+		}
+		else if (prompt == "kadmin>") {
+			// Success!
+			kadminProc.writeLine("quit", true);
+			return 0;
+		}
+
+		// Failure
+		if (errstr) *errstr = prompt;
+		kadminProc.writeLine("quit", true);
+		return 1;
+	}
+
+	if (errstr) *errstr = "Internal error.  Verify that kadmin exists and can be executed.";
+	return 1;	// Failure
+}
+
 int LDAPConfig::buttons() {
 	return KCModule::Apply|KCModule::Help;
 }
author	Timothy Pearson <kb9vqf@pearsoncomputing.net>	2012-05-30 13:57:42 -0500
committer	Timothy Pearson <kb9vqf@pearsoncomputing.net>	2012-05-30 13:57:42 -0500
commit	93a591d8f0733774cfc62329ef4b9cc5403bd16c (patch)
tree	a524f4bca7e42947217b8d847e3f46e37bccb133 /src/ldapmgr.cpp
parent	4d66047a3136662532e79d5e41038db246d334dd (diff)
download	kcmldapmanager-93a591d8f0733774cfc62329ef4b9cc5403bd16c.tar.gz kcmldapmanager-93a591d8f0733774cfc62329ef4b9cc5403bd16c.zip