Hooks

All plugins can run external scripts when an action is triggered for creating, modifying or deleting. You can use pre and post events depending when you want to run the script.

Pre Hooks

  • precreate: Execute the script before creation.
  • premodify: Execute the script before editing.
  • preremove: Execute the script before removing.

The hook work well and not display information if it return 0 On error, prevent save and display error.

Post Hooks

  • postcreate: Execute the script after creation.
  • postmodify: Execute the script after editing.
  • postremove: Execute the script after removing.

The hook work well and not display information if it return 0 On error, display command output.

Check Hooks

  • Execute the script in the check step (before saving), if it outputs anything, prevent save and show output as an error

The hook is considered to have passed if it returns 0 and does not display any message. (If it outputs anything it appears as a check failure, if it returns anything other than 0 it is considered a script error, for instance if the script was not able to do the check for some reason).

ldap attributes

You can use ldap attributes as command line options. Use the Placeholder syntax.

ldap arrays

If you put a var that is an array in the args of the hook, gosaAlternateMailAddress for instance, only the first value will be returned unless you use a modifier: placeholder

special variables

  • %callerDN% give the DN of the author of the modification
  • %callerCN% give the CN of the author of the modification
  • %callerUID% give the UID of the author of the modification
  • %callerSN% give the SN of the author of the modification
  • %callerGIVENNAME% give the GIVENNAME of the author of the modification
  • %dn% give the dn of the modified object
  • %location% give the name of the location of the LDAP

On users you get these extra variables available:

  • %userPassword% to get password hash
  • %passwordMethod% to get password method (usually ssha)
  • %passwordClear% to get clear password
  • %userLocked% to get user lock status (0 or 1)

How can use it

You can access to hooks management via the 'Configuration' icon or entry in the 'Addons' section of the main page of FD GUI:

Access is read-only. If you need to make changes, then you must press the 'Edit' button at the bottom right of the window.

In Miscellaneous section you can define all your hooks:

  • tab : on which action is based the hook.
  • mode: when you will have to run the hook.
  • cmd: command line to execute.

/!\ The arguments are automatically escape and surrounds by quote so you may not use quote in cmd /!\

Example

The line :

posixAccount     postcreate 	/usr/bin/sudo /script/useradd.sh %homeDirectory% %loginShell% %uidNumber% %gidNumber% %uid%

execute script 'useradd.sh', passing him ldap attributes (%homeDirectory%, %loginShell%, …), when we 'Add Unix settings' in an 'Unix' user tab.

For example, if content of 'useradd.sh' is:

groupadd --gid $4 $5
useradd --home $1 --shell $2 --uid $3 --gid $4 $5
mkdir $1
chown $5.$5 $1 
chmod 770 $1

when we 'add unix settings' like in the following screenshot:

the hook will create group, user and home directory of the user at the server, using ldap attributes.

The line :

posixAccount     postremove 	/usr/bin/sudo /script/userdel.sh %uid% %homeDirectory%

execute script 'userdel.sh', passing him ldap attributes (%uid% and %homeDirectory%), when we 'Remove Unix settings' in an 'Unix' user tab.

For example, if content of 'userdel.sh' is:

userdel $1
groupdel $1
rm -rf $2

the hook will remove user, group and home directory of the user at the server, using ldap attributes.

Most done mistakes

Nothing happens, the script seems not to be called

  • Check the sudoers entry for the webserver user (www-data, wwwrun, ..) and don't forget to use “NOPASSWD”
  • Try to run the script as webserver user, use the complete command used in fusiondirectory configuration(/usr/bin/sudo …).
  • Ensure that you have placed the post event correctly in the fusiondirectory configuration.

Example

%www-data ALL=(ALL:ALL) NOPASSWD:/usr/local/bin/hook.sh
en/documentation/how_to/use/hooks.txt · Last modified: 2018/09/20 17:27 by Côme Chilliet
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0