GNOME.org
 

mango r175 - in trunk: . lib www

Author: ovitters
Date: Sat May 31 23:39:30 2008
New Revision: 175
URL: http://svn.gnome.org/viewvc/mango?rev=175&view=rev

Log:
	* www/update_user.xsl: Ignore individual key additions and removals.
	* lib/user.php: Add _update_sshkey function and use it for SSH key
	removals and additions.



Modified:
   trunk/ChangeLog
   trunk/lib/user.php
   trunk/www/update_user.xsl

Modified: trunk/lib/user.php
==============================================================================
--- trunk/lib/user.php	(original)
+++ trunk/lib/user.php	Sat May 31 23:39:30 2008
@@ -255,49 +255,13 @@
 
         // What's changed with the SSH keys?
         $removedkeys = array_diff($olduser->authorizedKeys, $this->authorizedKeys);
-        if(is_array($removedkeys) && count($removedkeys) > 0) {
-            $keychanges = array();
-            foreach($removedkeys as $key) {
-                $keychanges['authorizedKey'][] = $key;
-            }
-            if ($this->pubkeyauthenticationuser
-                && count($this->authorizedKeys) == 0)
-            {
-                $keychanges['objectclass'][] = "pubkeyAuthenticationUser";
-                $changes[] = array('id'=>"pubkeyauthdisabled");
-            }
+        $result = $this->_update_sshkey($ldap, $dn, $olduser, $user, false, $removedkeys, $changes, 'key-del', 'keysremoved');
+        if(PEAR::isError($result)) return $result;
 
-            $result = ldap_mod_del($ldap, $dn, $keychanges);
-            if(!$result) {
-                $pe = PEAR::raiseError("LDAP (user keys) delete failed: ".ldap_error($ldap));
-                return $pe;
-            }
-            $changes[] = array('id'=>"keysremoved");
-        }
         $newkeys = array_diff($this->authorizedKeys, $olduser->authorizedKeys);
-        if(is_array($newkeys) && count($newkeys) > 0) {
-            $keychanges = array();
-            foreach($newkeys as $key) {
-                $keychanges['authorizedKey'][] = $key;
-
-                $fingerprint = is_valid_ssh_pub_key($key, False, True);
-                if ($fingerprint !== false) {
-                    $changes[] = array('id'=>'key-add', "key"=>$key, "fingerprint"=>$fingerprint);
-                } else {
-                    $changes[] = array('id'=>'key-add', "key"=>$key);
-                }
-            }
-            if (!$olduser->pubkeyauthenticationuser) {
-                $keychanges['objectclass'][] = "pubkeyAuthenticationUser";
-                $changes[] = array('id'=>"pubkeyauthenabled");
-            }
-            $result = ldap_mod_add($ldap, $dn, $keychanges);
-            if(!$result) {
-                $pe = PEAR::raiseError("LDAP (user keys) add failed: ".ldap_error($ldap));
-                return $pe;
-            }
-            $changes[] = array('id'=>"keysadded");
-        }
+        $result = $this->_update_sshkey($ldap, $dn, $olduser, $user, true, $newkeys, $changes, 'key-add', 'keysadded');
+        if(PEAR::isError($result)) return $result;
+
 
         // What groups are we dropping out of?
         $removedgroups = array_diff($olduser->groups, $this->groups);
@@ -334,6 +298,40 @@
         return $changes;
     }
 
+    function _update_sshkey($ldap, $dn, $olduser, $user, $is_add, $keys, &$changes, $desc_key, $desc_change) {
+        if(!is_array($keys) || count($keys) == 0)
+            return false;
+
+        $keychanges = array();
+        foreach($keys as $key) {
+            $keychanges['authorizedKey'][] = $key;
+
+            $fingerprint = is_valid_ssh_pub_key($key, False, True);
+            if ($fingerprint !== false) {
+                $changes[] = array('id'=>$desc_key, "key"=>$key, "fingerprint"=>$fingerprint);
+            } else {
+                $changes[] = array('id'=>$desc_key, "key"=>$key);
+            }
+        }
+
+        $change_object = $is_add ? !$olduser->pubkeyauthenticationuser
+                                 : ($olduser->pubkeyauthenticationuser
+                                    && count($this->authorizedKeys) == 0);
+
+        if ($change_object) {
+            $keychanges['objectclass'][] = "pubkeyAuthenticationUser";
+        }
+
+        $result = $is_add ? ldap_mod_add($ldap, $dn, $keychanges)
+                          : ldap_mod_del($ldap, $dn, $keychanges);
+
+        if(!$result) {
+            $pe = PEAR::raiseError("LDAP (SSH keys) $desc_key failed: ".ldap_error($ldap));
+            return $pe;
+        }
+        $changes[] = array('id'=>$desc_change);
+    }
+
     function inform_user(&$changes) {
         global $config;
 

Modified: trunk/www/update_user.xsl
==============================================================================
--- trunk/www/update_user.xsl	(original)
+++ trunk/www/update_user.xsl	Sat May 31 23:39:30 2008
@@ -324,6 +324,7 @@
     <xsl:when test="@id='welcomesent'">
      <p>Welcome message sent</p>
     </xsl:when>
+    <xsl:when test="@id='key-del' or @id='key-add'"></xsl:when>
     <xsl:otherwise>
      <p>Change '<xsl:value-of select="@id"/>'</p>
     </xsl:otherwise>
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]