From e9926715f8fc2dd5a7461da1138ccc55057daec2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= <clement@oodo.net>
Date: Wed, 21 Aug 2024 19:38:53 +0200
Subject: [PATCH] Use new lockDate function to remove OpenLDAP specific code

---
 conf/config.inc.php   |  2 +-
 htdocs/display.php    |  9 +++------
 templates/display.tpl | 10 ++++++++++
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/conf/config.inc.php b/conf/config.inc.php
index b2d4135..42ca082 100644
--- a/conf/config.inc.php
+++ b/conf/config.inc.php
@@ -107,7 +107,7 @@
 $display_items = array('identifier', 'firstname', 'lastname', 'title', 'businesscategory', 'employeenumber', 'employeetype', 'mail', 'mailquota', 'phone', 'mobile', 'fax', 'postaladdress', 'street', 'postalcode', 'l', 'state', 'organizationalunit', 'organization', 'manager', 'secretary' );
 $display_title = "fullname";
 $display_show_undefined = false;
-$display_password_items = array('pwdchangedtime', 'pwdaccountlockedtime', 'pwdfailuretime','pwdpolicysubentry', 'authtimestamp', 'pwdlastsuccess', 'created', 'modified');
+$display_password_items = array('pwdchangedtime', 'pwdfailuretime','pwdpolicysubentry', 'authtimestamp', 'pwdlastsuccess', 'created', 'modified');
 $display_password_expiration_date = true;
 
 # Features
diff --git a/htdocs/display.php b/htdocs/display.php
index d07f9d6..7969b21 100644
--- a/htdocs/display.php
+++ b/htdocs/display.php
@@ -16,6 +16,7 @@
 $ldapExpirationDate="";
 $canLockAccount="";
 $isAccountEnabled = "";
+$lockDate = "";
 
 if (isset($_GET["dn"]) and $_GET["dn"]) {
     $dn = $_GET["dn"];
@@ -104,13 +105,8 @@
             $edit_link = str_replace("{dn}", urlencode($dn), $display_edit_link);
         }
 
-        # Remove lockout date if special value
-        $lockoutDateAttribute = $attributes_map['pwdaccountlockedtime']['attribute'];
-        if ( isset($entry[0][$lockoutDateAttribute]) and $entry[0][$lockoutDateAttribute][0] === "000001010000Z") {
-            unset($entry[0][$lockoutDateAttribute]);
-        }
-
         $lockoutDuration = $directory->getLockoutDuration($ldap, $dn, array('pwdPolicy' => $pwdPolicy, 'lockoutDuration' => $ldap_lockout_duration));
+        $lockDate = $directory->getLockDate($ldap, $dn);
         $unlockDate = $directory->getUnlockDate($ldap, $dn, array('lockoutDuration' => $lockoutDuration));
         $isLocked = $directory->isLocked($ldap, $dn, array('lockoutDuration'  => $lockoutDuration));
         $canLockAccount = $directory->canLockAccount($ldap, $dn, array('pwdPolicy' => $pwdPolicy));
@@ -136,6 +132,7 @@
 $smarty->assign("show_undef", $display_show_undefined);
 
 $smarty->assign("isLocked", $isLocked);
+$smarty->assign("lockDate", $lockDate);
 $smarty->assign("unlockDate", $unlockDate);
 $smarty->assign("isExpired", $isExpired);
 $smarty->assign("ldapExpirationDate", $expirationDate ? $expirationDate->getTimestamp(): NULL);
diff --git a/templates/display.tpl b/templates/display.tpl
index 51cecae..752a7de 100644
--- a/templates/display.tpl
+++ b/templates/display.tpl
@@ -80,6 +80,16 @@
                         </td>
                     </tr>
                 {/foreach}
+                {if $lockDate}
+                    <tr>
+                        <th class="col-md-6">
+                            {$msg_label_pwdaccountlockedtime}
+                        </th>
+                        <td class="col-md-6">
+                            {$lockDate|date_format:{$date_specifiers}|truncate:10000}
+                        </td>
+                    </tr>
+                {/if}
                 {if {$display_password_expiration_date} and {$ldapExpirationDate}}
                     <tr>
                         <th class="col-md-6">