diff --git a/www/import/index.php b/www/import/index.php new file mode 100644 index 0000000..0c879f5 --- /dev/null +++ b/www/import/index.php @@ -0,0 +1,182 @@ + +
+

You can import users from a CSV file.
CSV format/file must be : utf8, using ; as fields separator, and | character for multi-valued fields.

+

First line is ignored : it contains headers, each column is a LDAP account attribue. These are the available options :

+ +

Except 'cn' and 'password', there are all mandatory fields. If password is blank or missing, a random one will be created.

+

You can add a "groups" column. Each Group Name is separated by a "|" character. Group names are lowercased and trimmed. If the group does not exist, it is created.

+
+ +
+
+ + +
+
+ $value) { + $attribute = $headings[$k]; + + // Special treatements + if("password" == $attribute) { + if(!$value) { + continue; // if empty we'll deal with password later on + } + } + + // Todo : chek emails, etc .. + $new_account_r[$attribute] = [$value]; + } + + // Check uid / email + if(!isset($new_account_r['uid'])) { + render_alert_banner("Line $i : uid is a mandatory field.", "danger"); + continue; + } else { + $uid = reset($new_account_r['uid']); + } + if(!isset($new_account_r['mail'])) { + render_alert_banner("Line $i : email is a mandatory field.", "danger"); + continue; + } + if(!isset($new_account_r['givenname'])) { + render_alert_banner("Line $i : givenname is a mandatory field.", "danger"); + continue; + } + if(!isset($new_account_r['sn'])) { + render_alert_banner("Line $i : sn is a mandatory field.", "danger"); + continue; + } + + // CN ? + if(!isset($new_account_r['cn'])) { + $separator = " "; + if ($ENFORCE_SAFE_SYSTEM_NAMES == TRUE) { + $separator = ""; + } + $new_account_r['cn'] = [$new_account_r['givenname'][0] . $separator . $new_account_r['sn'][0]]; + } + + // Is password there ? + if(!isset($new_account_r['password'])) { + $generated_pwd = true; + $new_account_r['password'] = [generatePassword(16)]; + } + + // Groups ? + if(isset($new_account_r['groups'])) { + $groups_str = $new_account_r['groups'][0]; + unset($new_account_r['groups']); + $groups = explode('|',$groups_str); + foreach($groups as $key => $group) { + $groups[$key] = mb_strtolower(trim($group)); + } + } else { + $groups = []; + } + + // Creation + $new_account = ldap_new_account($ldap_connection, $new_account_r); + if($new_account) { + $suffix = ""; + if($generated_pwd) { + $suffix = " Password is : " . $new_account_r['password'][0]; + } + render_alert_banner("User uid : " . $uid . " has been created." . $suffix); + + // Group creation + _create_group($ldap_connection, $uid, $groups); + $ok++; + } else { + render_alert_banner("ERROR when processing uid :" . $uid . ".", "danger"); + } + } + + // Récap + $done = $i - 1; + if($ok == $done) { + render_alert_banner("Every $ok users have been succesfully created."); + } else { + render_alert_banner("Only $ok users out of $done have been successfully created.", "danger"); + } +} + +/** + * Create Groups for uid + */ +function _create_group($ldap_connection, $uid, $groups) { + if(count($groups) == 0) { + return NULL; + } + foreach($groups as $group) { + if(!ldap_get_group_entry($ldap_connection, $group)) { + ldap_new_group($ldap_connection, $group, $uid); + } else { + ldap_add_member_to_group($ldap_connection, $group, $uid); + } + } +} +?> diff --git a/www/includes/modules.inc.php b/www/includes/modules.inc.php index a07ef2b..4042178 100644 --- a/www/includes/modules.inc.php +++ b/www/includes/modules.inc.php @@ -11,6 +11,7 @@ 'log_in' => 'hidden_on_login', 'change_password' => 'auth', 'account_manager' => 'admin', + 'import' => 'admin', ); if ($ACCOUNT_REQUESTS_ENABLED == TRUE) { diff --git a/www/includes/web_functions.inc.php b/www/includes/web_functions.inc.php index dc606b1..6151738 100644 --- a/www/includes/web_functions.inc.php +++ b/www/includes/web_functions.inc.php @@ -731,6 +731,22 @@ function render_alert_banner($message,$alert_class="success",$timeout=4000) {