Liste des groupes pour lesquels on ne force pas la configuration depuis la DB

This commit is contained in:
Daniel Berteaud 2012-09-08 13:13:22 +02:00
parent 217195fd3e
commit 73ebc83d63
4 changed files with 12 additions and 5 deletions

View File

@ -0,0 +1 @@
admins

View File

@ -7,6 +7,12 @@ my $ldapbase = esmith::util::ldapBase ($DomainName);
my $tbpref = ((${'mozilla-mcd'}{'TBEnforce'} || 'disabled') =~ m/^enabled|on|1|yes$/) ? "lockPref":"defaultPref";
my $ffpref = ((${'mozilla-mcd'}{'FFEnforce'} || 'disabled') =~ m/^enabled|on|1|yes$/) ? "lockPref":"defaultPref";
my $url = ${'mozilla-mcd'}{'HomeURL'} || 'https://auth.' . "$DomainName";
my $noenforcegroups = ${'mozilla-mcd'}{'NoEnforceGroups'} || '';
# Format as a PHP array
$noenforcegroups =~ s/^,+|,+$//g;
$noenforcegroups =~ s/^/'/g;
$noenforcegroups =~ s/$/'/g;
$noenforcegroups =~ s/[;,]/','/g;
$OUT .=<<"EOF";
@ -20,7 +26,7 @@ define('LDAP_SERVER', 'localhost');
define('TB_PREF', '$tbpref');
define('FF_PREF', '$ffpref');
define('HOME_URL', '$url');
\$NOENFORCEGROUPS = array($noenforcegroups);
EOF

View File

@ -21,10 +21,10 @@ if(isset($_SERVER['QUERY_STRING']) && preg_match('/^.+@' . DOMAIN . '$/', $_SERV
exit;
}
$pref = FF_PREF;
// Don't lock pref if the user is member of admins
// Don't lock pref if the user is member of some special groups
// regardless of the setting
foreach ($user[0]['posixmemberof'] as $group){
if ($group == 'admins'){
if (in_array($group, $NOENFORCEGROUPS)){
$pref = 'defaultPref';
break;
}

View File

@ -20,10 +20,10 @@ if(isset($_SERVER['QUERY_STRING']) && preg_match('/^.+@' . DOMAIN . '$/', $_SERV
exit;
}
$pref = TB_PREF;
// Don't lock pref if the user is member of admins
// Don't lock pref if the user is member of some special groups
// regardless of the setting
foreach ($user[0]['posixmemberof'] as $group){
if ($group == 'admins'){
if (in_array($group, $NOENFORCEGROUPS)){
$pref = 'defaultPref';
break;
}