346699bad1097b73fc8fb4655b2598460299b984
1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /*! \brief The plugin base class
22 \author Cajus Pollmeier <pollmeier@gonicus.de>
23 \version 2.00
24 \date 24.07.2003
26 This is the base class for all plugins. It can be used standalone or
27 can be included by the tabs class. All management should be done
28 within this class. Extend your plugins from this class.
29 */
31 class plugin
32 {
33 /*!
34 \brief Reference to parent object
36 This variable is used when the plugin is included in tabs
37 and keeps reference to the tab class. Communication to other
38 tabs is possible by 'name'. So the 'fax' plugin can ask the
39 'userinfo' plugin for the fax number.
41 \sa tab
42 */
43 var $parent= NULL;
45 /*!
46 \brief Configuration container
48 Access to global configuration
49 */
50 var $config= NULL;
52 /*!
53 \brief Mark plugin as account
55 Defines whether this plugin is defined as an account or not.
56 This has consequences for the plugin to be saved from tab
57 mode. If it is set to 'FALSE' the tab will call the delete
58 function, else the save function. Should be set to 'TRUE' if
59 the construtor detects a valid LDAP object.
61 \sa plugin::plugin()
62 */
63 var $is_account= FALSE;
64 var $initially_was_account= FALSE;
66 /*!
67 \brief Mark plugin as template
69 Defines whether we are creating a template or a normal object.
70 Has conseqences on the way execute() shows the formular and how
71 save() puts the data to LDAP.
73 \sa plugin::save() plugin::execute()
74 */
75 var $is_template= FALSE;
76 var $ignore_account= FALSE;
77 var $is_modified= FALSE;
79 /*!
80 \brief Represent temporary LDAP data
82 This is only used internally.
83 */
84 var $attrs= array();
86 /* Keep set of conflicting plugins */
87 var $conflicts= array();
89 /* Save unit tags */
90 var $gosaUnitTag= "";
92 /*!
93 \brief Used standard values
95 dn
96 */
97 var $dn= "";
98 var $uid= "";
99 var $sn= "";
100 var $givenName= "";
101 var $acl= "*none*";
102 var $dialog= FALSE;
103 var $snapDialog = NULL;
105 /* attribute list for save action */
106 var $attributes= array();
107 var $objectclasses= array();
108 var $is_new= TRUE;
109 var $saved_attributes= array();
111 var $acl_base= "";
112 var $acl_category= "";
114 /* Plugin identifier */
115 var $plHeadline= "";
116 var $plDescription= "";
118 /* This can be set to render the tabulators in another stylesheet */
119 var $pl_notify= FALSE;
121 /* Object entry CSN */
122 var $entryCSN = "";
123 var $CSN_check_active = FALSE;
125 /* This variable indicates that this class can handle multiple dns at once. */
126 var $multiple_support = FALSE;
127 var $multi_attrs = array();
128 var $multi_attrs_all = array();
130 /* This aviable indicates, that we are currently in multiple edit handle */
131 var $multiple_support_active = FALSE;
132 var $selected_edit_values = array();
133 var $multi_boxes = array();
135 /*! \brief plugin constructor
137 If 'dn' is set, the node loads the given 'dn' from LDAP
139 \param dn Distinguished name to initialize plugin from
140 \sa plugin()
141 */
142 function plugin (&$config, $dn= NULL, $parent= NULL)
143 {
144 /* Configuration is fine, allways */
145 $this->config= &$config;
146 $this->dn= $dn;
148 /* Handle new accounts, don't read information from LDAP */
149 if ($dn == "new"){
150 return;
151 }
153 /* Save current dn as acl_base */
154 $this->acl_base= $dn;
156 /* Get LDAP descriptor */
157 $ldap= $this->config->get_ldap_link();
158 if ($dn !== NULL){
160 /* Load data to 'attrs' and save 'dn' */
161 if ($parent !== NULL){
162 $this->attrs= $parent->attrs;
163 } else {
164 $ldap->cat ($dn);
165 $this->attrs= $ldap->fetch();
166 }
168 /* Copy needed attributes */
169 foreach ($this->attributes as $val){
170 $found= array_key_ics($val, $this->attrs);
171 if ($found != ""){
172 $this->$val= $this->attrs["$found"][0];
173 }
174 }
176 /* gosaUnitTag loading... */
177 if (isset($this->attrs['gosaUnitTag'][0])){
178 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
179 }
181 /* Set the template flag according to the existence of objectClass
182 gosaUserTemplate */
183 if (isset($this->attrs['objectClass'])){
184 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
185 $this->is_template= TRUE;
186 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
187 "found", "Template check");
188 }
189 }
191 /* Is Account? */
192 $found= TRUE;
193 foreach ($this->objectclasses as $obj){
194 if (preg_match('/top/i', $obj)){
195 continue;
196 }
197 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
198 $found= FALSE;
199 break;
200 }
201 }
202 if ($found){
203 $this->is_account= TRUE;
204 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
205 "found", "Object check");
206 }
208 /* Prepare saved attributes */
209 $this->saved_attributes= $this->attrs;
210 foreach ($this->saved_attributes as $index => $value){
211 if (preg_match('/^[0-9]+$/', $index)){
212 unset($this->saved_attributes[$index]);
213 continue;
214 }
215 if (!in_array($index, $this->attributes) && $index != "objectClass"){
216 unset($this->saved_attributes[$index]);
217 continue;
218 }
219 if ($this->saved_attributes[$index]["count"] == 1){
220 $tmp= $this->saved_attributes[$index][0];
221 unset($this->saved_attributes[$index]);
222 $this->saved_attributes[$index]= $tmp;
223 continue;
224 }
226 unset($this->saved_attributes["$index"]["count"]);
227 }
228 }
230 /* Save initial account state */
231 $this->initially_was_account= $this->is_account;
232 }
235 /*! \brief execute plugin
237 Generates the html output for this node
238 */
239 function execute()
240 {
241 /* This one is empty currently. Fabian - please fill in the docu code */
242 session::set('current_class_for_help',get_class($this));
244 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
245 session::set('LOCK_VARS_TO_USE',array());
246 session::set('LOCK_VARS_USED',array());
247 }
249 /*! \brief execute plugin
250 Removes object from parent
251 */
252 function remove_from_parent()
253 {
254 /* include global link_info */
255 $ldap= $this->config->get_ldap_link();
257 /* Get current objectClasses in order to add the required ones */
258 $ldap->cat($this->dn);
259 $tmp= $ldap->fetch ();
260 $oc= array();
261 if (isset($tmp['objectClass'])){
262 $oc= $tmp['objectClass'];
263 unset($oc['count']);
264 }
266 /* Remove objectClasses from entry */
267 $ldap->cd($this->dn);
268 $this->attrs= array();
269 $this->attrs['objectClass']= array_remove_entries($this->objectclasses,$oc);
271 /* Unset attributes from entry */
272 foreach ($this->attributes as $val){
273 $this->attrs["$val"]= array();
274 }
276 /* Unset account info */
277 $this->is_account= FALSE;
279 /* Do not write in plugin base class, this must be done by
280 children, since there are normally additional attribs,
281 lists, etc. */
282 /*
283 $ldap->modify($this->attrs);
284 */
285 }
288 /*! \brief Save HTML posted data to object
289 */
290 function save_object()
291 {
292 /* Update entry CSN if it is empty. */
293 if(empty($this->entryCSN) && $this->CSN_check_active){
294 $this->entryCSN = getEntryCSN($this->dn);
295 }
297 /* Save values to object */
298 foreach ($this->attributes as $val){
299 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
300 /* Check for modifications */
301 if (get_magic_quotes_gpc()) {
302 $data= stripcslashes($_POST["$val"]);
303 } else {
304 $data= $this->$val = $_POST["$val"];
305 }
306 if ($this->$val != $data){
307 $this->is_modified= TRUE;
308 }
310 /* Okay, how can I explain this fix ...
311 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
312 * So IE posts these 'unselectable' option, with value = chr(194)
313 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
314 * This was added for W3c compliance, but now causes these ... ldap errors ...
315 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
316 */
317 if(isset($data[0]) && $data[0] == chr(194)) {
318 $data = "";
319 }
320 $this->$val= $data;
321 //echo "<font color='blue'>".$val."</font><br>";
322 }else{
323 //echo "<font color='red'>".$val."</font><br>";
324 }
325 }
326 }
329 /* Save data to LDAP, depending on is_account we save or delete */
330 function save()
331 {
332 /* include global link_info */
333 $ldap= $this->config->get_ldap_link();
335 /* Save all plugins */
336 $this->entryCSN = "";
338 /* Start with empty array */
339 $this->attrs= array();
341 /* Get current objectClasses in order to add the required ones */
342 $ldap->cat($this->dn);
344 $tmp= $ldap->fetch ();
346 $oc= array();
347 if (isset($tmp['objectClass'])){
348 $oc= $tmp["objectClass"];
349 $this->is_new= FALSE;
350 unset($oc['count']);
351 } else {
352 $this->is_new= TRUE;
353 }
355 /* Load (minimum) attributes, add missing ones */
356 $this->attrs['objectClass']= gosa_array_merge($oc,$this->objectclasses);
358 /* Copy standard attributes */
359 foreach ($this->attributes as $val){
360 if ($this->$val != ""){
361 $this->attrs["$val"]= $this->$val;
362 } elseif (!$this->is_new) {
363 $this->attrs["$val"]= array();
364 }
365 }
367 /* Handle tagging */
368 $this->tag_attrs(&$this->attrs);
369 }
372 function cleanup()
373 {
374 foreach ($this->attrs as $index => $value){
376 /* Convert arrays with one element to non arrays, if the saved
377 attributes are no array, too */
378 if (is_array($this->attrs[$index]) &&
379 count ($this->attrs[$index]) == 1 &&
380 isset($this->saved_attributes[$index]) &&
381 !is_array($this->saved_attributes[$index])){
383 $tmp= $this->attrs[$index][0];
384 $this->attrs[$index]= $tmp;
385 }
387 /* Remove emtpy arrays if they do not differ */
388 if (is_array($this->attrs[$index]) &&
389 count($this->attrs[$index]) == 0 &&
390 !isset($this->saved_attributes[$index])){
392 unset ($this->attrs[$index]);
393 continue;
394 }
396 /* Remove single attributes that do not differ */
397 if (!is_array($this->attrs[$index]) &&
398 isset($this->saved_attributes[$index]) &&
399 !is_array($this->saved_attributes[$index]) &&
400 $this->attrs[$index] == $this->saved_attributes[$index]){
402 unset ($this->attrs[$index]);
403 continue;
404 }
406 /* Remove arrays that do not differ */
407 if (is_array($this->attrs[$index]) &&
408 isset($this->saved_attributes[$index]) &&
409 is_array($this->saved_attributes[$index])){
411 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
412 unset ($this->attrs[$index]);
413 continue;
414 }
415 }
416 }
418 /* Update saved attributes and ensure that next cleanups will be successful too */
419 foreach($this->attrs as $name => $value){
420 $this->saved_attributes[$name] = $value;
421 }
422 }
424 /* Check formular input */
425 function check()
426 {
427 $message= array();
429 /* Skip if we've no config object */
430 if (!isset($this->config) || !is_object($this->config)){
431 return $message;
432 }
434 /* Find hooks entries for this class */
435 $command= $this->config->search(get_class($this), "CHECK", array('menu', 'tabs'));
437 if ($command != ""){
439 if (!check_command($command)){
440 $message[]= sprintf(_("Command '%s', specified as CHECK hook for plugin '%s' doesn't seem to exist."), $command,
441 get_class($this));
442 } else {
444 /* Generate "ldif" for check hook */
445 $ldif= "dn: $this->dn\n";
447 /* ... objectClasses */
448 foreach ($this->objectclasses as $oc){
449 $ldif.= "objectClass: $oc\n";
450 }
452 /* ... attributes */
453 foreach ($this->attributes as $attr){
454 if ($this->$attr == ""){
455 continue;
456 }
457 if (is_array($this->$attr)){
458 foreach ($this->$attr as $val){
459 $ldif.= "$attr: $val\n";
460 }
461 } else {
462 $ldif.= "$attr: ".$this->$attr."\n";
463 }
464 }
466 /* Append empty line */
467 $ldif.= "\n";
469 /* Feed "ldif" into hook and retrieve result*/
470 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
471 $fh= proc_open($command, $descriptorspec, $pipes);
472 if (is_resource($fh)) {
473 fwrite ($pipes[0], $ldif);
474 fclose($pipes[0]);
476 $result= stream_get_contents($pipes[1]);
477 if ($result != ""){
478 $message[]= $result;
479 }
481 fclose($pipes[1]);
482 fclose($pipes[2]);
483 proc_close($fh);
484 }
485 }
487 }
489 /* Check entryCSN */
490 if($this->CSN_check_active){
491 $current_csn = getEntryCSN($this->dn);
492 if($current_csn != $this->entryCSN && !empty($this->entryCSN) && !empty($current_csn)){
493 $this->entryCSN = $current_csn;
494 $message[] = _("The object has changed since opened in GOsa. Please ensure that nobody has done serious changes that may get lost if you save this entry.");
495 }
496 }
497 return ($message);
498 }
500 /* Adapt from template, using 'dn' */
501 function adapt_from_template($dn)
502 {
503 /* Include global link_info */
504 $ldap= $this->config->get_ldap_link();
506 /* Load requested 'dn' to 'attrs' */
507 $ldap->cat ($dn);
508 $this->attrs= $ldap->fetch();
510 /* Walk through attributes */
511 foreach ($this->attributes as $val){
513 if (isset($this->attrs["$val"][0])){
515 /* If attribute is set, replace dynamic parts:
516 %sn, %givenName and %uid. Fill these in our local variables. */
517 $value= $this->attrs["$val"][0];
519 foreach (array("sn", "givenName", "uid") as $repl){
520 if (preg_match("/%$repl/i", $value)){
521 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
522 }
523 }
524 $this->$val= $value;
525 }
526 }
528 /* Is Account? */
529 $found= TRUE;
530 foreach ($this->objectclasses as $obj){
531 if (preg_match('/top/i', $obj)){
532 continue;
533 }
534 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
535 $found= FALSE;
536 break;
537 }
538 }
539 if ($found){
540 $this->is_account= TRUE;
541 }
542 }
544 /* Indicate whether a password change is needed or not */
545 function password_change_needed()
546 {
547 return FALSE;
548 }
551 /* Show header message for tab dialogs */
552 function show_enable_header($button_text, $text, $disabled= FALSE)
553 {
554 if (($disabled == TRUE) || (!$this->acl_is_createable())){
555 $state= "disabled";
556 } else {
557 $state= "";
558 }
559 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
560 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
561 "><p class=\"seperator\"> </p></td></tr></table>";
563 return($display);
564 }
567 /* Show header message for tab dialogs */
568 function show_disable_header($button_text, $text, $disabled= FALSE)
569 {
570 if (($disabled == TRUE) || !$this->acl_is_removeable()){
571 $state= "disabled";
572 } else {
573 $state= "";
574 }
575 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
576 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
577 "><p class=\"seperator\"> </p></td></tr></table>";
579 return($display);
580 }
583 /* Show header message for tab dialogs */
584 function show_header($button_text, $text, $disabled= FALSE)
585 {
586 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
587 if ($disabled == TRUE){
588 $state= "disabled";
589 } else {
590 $state= "";
591 }
592 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
593 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
594 ($this->acl_is_createable()?'':'disabled')." ".$state.
595 "><p class=\"seperator\"> </p></td></tr></table>";
597 return($display);
598 }
601 function postcreate($add_attrs= array())
602 {
603 /* Find postcreate entries for this class */
604 $command= $this->config->search(get_class($this), "POSTCREATE",array('menu', 'tabs'));
606 if ($command != ""){
608 /* Additional attributes */
609 foreach ($add_attrs as $name => $value){
610 $command= preg_replace("/%$name/", $value, $command);
611 }
613 /* Walk through attribute list */
614 foreach ($this->attributes as $attr){
615 if (!is_array($this->$attr)){
616 $command= preg_replace("/%$attr/", $this->$attr, $command);
617 }
618 }
619 $command= preg_replace("/%dn/", $this->dn, $command);
621 if (check_command($command)){
622 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
623 $command, "Execute");
625 exec($command);
626 } else {
627 $message= sprintf(_("Command '%s', specified as POSTCREATE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
628 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
629 }
630 }
631 }
633 function postmodify($add_attrs= array())
634 {
635 /* Find postcreate entries for this class */
636 $command= $this->config->search(get_class($this), "POSTMODIFY",array('menu','tabs'));
638 if ($command != ""){
640 /* Additional attributes */
641 foreach ($add_attrs as $name => $value){
642 $command= preg_replace("/%$name/", $value, $command);
643 }
645 /* Walk through attribute list */
646 foreach ($this->attributes as $attr){
647 if (!is_array($this->$attr)){
648 $command= preg_replace("/%$attr/", $this->$attr, $command);
649 }
650 }
651 $command= preg_replace("/%dn/", $this->dn, $command);
653 if (check_command($command)){
654 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
655 $command, "Execute");
657 exec($command);
658 } else {
659 $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, get_class($this));
660 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
661 }
662 }
663 }
665 function postremove($add_attrs= array())
666 {
667 /* Find postremove entries for this class */
668 $command= $this->config->search(get_class($this), "POSTREMOVE",array('menu','tabs'));
669 if ($command != ""){
671 /* Additional attributes */
672 foreach ($add_attrs as $name => $value){
673 $command= preg_replace("/%$name/", $value, $command);
674 }
676 /* Walk through attribute list */
677 foreach ($this->attributes as $attr){
678 if (!is_array($this->$attr)){
679 $command= preg_replace("/%$attr/", $this->$attr, $command);
680 }
681 }
682 $command= preg_replace("/%dn/", $this->dn, $command);
684 /* Additional attributes */
685 foreach ($add_attrs as $name => $value){
686 $command= preg_replace("/%$name/", $value, $command);
687 }
689 if (check_command($command)){
690 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
691 $command, "Execute");
693 exec($command);
694 } else {
695 $message= sprintf(_("Command '%s', specified as POSTREMOVE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
696 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
697 }
698 }
699 }
701 /* Create unique DN */
702 function create_unique_dn($attribute, $base)
703 {
704 $ldap= $this->config->get_ldap_link();
705 $base= preg_replace("/^,*/", "", $base);
707 /* Try to use plain entry first */
708 $dn= "$attribute=".$this->$attribute.",$base";
709 $ldap->cat ($dn, array('dn'));
710 if (!$ldap->fetch()){
711 return ($dn);
712 }
714 /* Look for additional attributes */
715 foreach ($this->attributes as $attr){
716 if ($attr == $attribute || $this->$attr == ""){
717 continue;
718 }
720 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
721 $ldap->cat ($dn, array('dn'));
722 if (!$ldap->fetch()){
723 return ($dn);
724 }
725 }
727 /* None found */
728 return ("none");
729 }
731 function rebind($ldap, $referral)
732 {
733 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
734 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
735 $this->error = "Success";
736 $this->hascon=true;
737 $this->reconnect= true;
738 return (0);
739 } else {
740 $this->error = "Could not bind to " . $credentials['ADMIN'];
741 return NULL;
742 }
743 }
746 /* Recursively copy ldap object */
747 function _copy($src_dn,$dst_dn)
748 {
749 $ldap=$this->config->get_ldap_link();
750 $ldap->cat($src_dn);
751 $attrs= $ldap->fetch();
753 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
754 $ds= ldap_connect($this->config->current['SERVER']);
755 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
756 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
757 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
758 }
760 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
761 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
763 /* Fill data from LDAP */
764 $new= array();
765 if ($sr) {
766 $ei=ldap_first_entry($ds, $sr);
767 if ($ei) {
768 foreach($attrs as $attr => $val){
769 if ($info = @ldap_get_values_len($ds, $ei, $attr)){
770 for ($i= 0; $i<$info['count']; $i++){
771 if ($info['count'] == 1){
772 $new[$attr]= $info[$i];
773 } else {
774 $new[$attr][]= $info[$i];
775 }
776 }
777 }
778 }
779 }
780 }
782 /* close conncetion */
783 ldap_unbind($ds);
785 /* Adapt naming attribute */
786 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
787 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
788 $new[$dst_name]= @LDAP::fix($dst_val);
790 /* Check if this is a department.
791 * If it is a dep. && there is a , override in his ou
792 * change \2C to , again, else this entry can't be saved ...
793 */
794 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
795 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
796 }
798 /* Save copy */
799 $ldap->connect();
800 $ldap->cd($this->config->current['BASE']);
802 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
804 /* FAIvariable=.../..., cn=..
805 could not be saved, because the attribute FAIvariable was different to
806 the dn FAIvariable=..., cn=... */
807 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
808 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
809 }
810 $ldap->cd($dst_dn);
811 $ldap->add($new);
813 if ($ldap->error != "Success"){
814 trigger_error("Trying to save $dst_dn failed.",
815 E_USER_WARNING);
816 return(FALSE);
817 }
818 return(TRUE);
819 }
822 /* This is a workaround function. */
823 function copy($src_dn, $dst_dn)
824 {
825 /* Rename dn in possible object groups */
826 $ldap= $this->config->get_ldap_link();
827 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::preapre4filter($src_dn).'))',
828 array('cn'));
829 while ($attrs= $ldap->fetch()){
830 $og= new ogroup($this->config, $ldap->getDN());
831 unset($og->member[$src_dn]);
832 $og->member[$dst_dn]= $dst_dn;
833 $og->save ();
834 }
836 $ldap->cat($dst_dn);
837 $attrs= $ldap->fetch();
838 if (count($attrs)){
839 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
840 E_USER_WARNING);
841 return (FALSE);
842 }
844 $ldap->cat($src_dn);
845 $attrs= $ldap->fetch();
846 if (!count($attrs)){
847 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
848 E_USER_WARNING);
849 return (FALSE);
850 }
852 $ldap->cd($src_dn);
853 $ldap->search("objectClass=*",array("dn"));
854 while($attrs = $ldap->fetch()){
855 $src = $attrs['dn'];
856 $dst = preg_replace("/".normalizePreg($src_dn)."$/",$dst_dn,$attrs['dn']);
857 $this->_copy($src,$dst);
858 }
859 return (TRUE);
860 }
863 function move($src_dn, $dst_dn)
864 {
865 /* Copy source to destination */
866 if (!$this->copy($src_dn, $dst_dn)){
867 return (FALSE);
868 }
870 /* Delete source */
871 $ldap= $this->config->get_ldap_link();
872 $ldap->rmdir_recursive($src_dn);
873 if ($ldap->error != "Success"){
874 trigger_error("Trying to delete $src_dn failed.",
875 E_USER_WARNING);
876 return (FALSE);
877 }
879 return (TRUE);
880 }
883 /* Move/Rename complete trees */
884 function recursive_move($src_dn, $dst_dn)
885 {
886 /* Check if the destination entry exists */
887 $ldap= $this->config->get_ldap_link();
889 /* Check if destination exists - abort */
890 $ldap->cat($dst_dn, array('dn'));
891 if ($ldap->fetch()){
892 trigger_error("recursive_move $dst_dn already exists.",
893 E_USER_WARNING);
894 return (FALSE);
895 }
897 /* Perform a search for all objects to be moved */
898 $objects= array();
899 $ldap->cd($src_dn);
900 $ldap->search("(objectClass=*)", array("dn"));
901 while($attrs= $ldap->fetch()){
902 $dn= $attrs['dn'];
903 $objects[$dn]= strlen($dn);
904 }
906 /* Sort objects by indent level */
907 asort($objects);
908 reset($objects);
910 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
911 foreach ($objects as $object => $len){
912 $src= $object;
913 $dst= preg_replace("/$src_dn$/", "$dst_dn", $object);
914 if (!$this->copy($src, $dst)){
915 return (FALSE);
916 }
917 }
919 /* Remove src_dn */
920 $ldap->cd($src_dn);
921 $ldap->recursive_remove();
922 return (TRUE);
923 }
926 function handle_post_events($mode, $add_attrs= array())
927 {
928 switch ($mode){
929 case "add":
930 $this->postcreate($add_attrs);
931 break;
933 case "modify":
934 $this->postmodify($add_attrs);
935 break;
937 case "remove":
938 $this->postremove($add_attrs);
939 break;
940 }
941 }
944 function saveCopyDialog(){
945 }
948 function getCopyDialog(){
949 return(array("string"=>"","status"=>""));
950 }
953 function PrepareForCopyPaste($source)
954 {
955 $todo = $this->attributes;
956 if(isset($this->CopyPasteVars)){
957 $todo = array_merge($todo,$this->CopyPasteVars);
958 }
960 if(count($this->objectclasses)){
961 $this->is_account = TRUE;
962 foreach($this->objectclasses as $class){
963 if(!in_array($class,$source['objectClass'])){
964 $this->is_account = FALSE;
965 }
966 }
967 }
969 foreach($todo as $var){
970 if (isset($source[$var])){
971 if(isset($source[$var]['count'])){
972 if($source[$var]['count'] > 1){
973 $this->$var = array();
974 $tmp = array();
975 for($i = 0 ; $i < $source[$var]['count']; $i++){
976 $tmp = $source[$var][$i];
977 }
978 $this->$var = $tmp;
979 # echo $var."=".$tmp."<br>";
980 }else{
981 $this->$var = $source[$var][0];
982 # echo $var."=".$source[$var][0]."<br>";
983 }
984 }else{
985 $this->$var= $source[$var];
986 # echo $var."=".$source[$var]."<br>";
987 }
988 }
989 }
990 }
992 function tag_attrs($at, $dn= "", $tag= "", $show= false)
993 {
994 /* No dn? Self-operation... */
995 if ($dn == ""){
996 $dn= $this->dn;
998 /* No tag? Find it yourself... */
999 if ($tag == ""){
1000 $len= strlen($dn);
1002 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
1003 $relevant= array();
1004 foreach ($this->config->adepartments as $key => $ntag){
1006 /* This one is bigger than our dn, its not relevant... */
1007 if ($len <= strlen($key)){
1008 continue;
1009 }
1011 /* This one matches with the latter part. Break and don't fix this entry */
1012 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
1013 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
1014 $relevant[strlen($key)]= $ntag;
1015 continue;
1016 }
1018 }
1020 /* If we've some relevant tags to set, just get the longest one */
1021 if (count($relevant)){
1022 ksort($relevant);
1023 $tmp= array_keys($relevant);
1024 $idx= end($tmp);
1025 $tag= $relevant[$idx];
1026 $this->gosaUnitTag= $tag;
1027 }
1028 }
1029 }
1031 /* Remove tags that may already be here... */
1032 remove_objectClass("gosaAdministrativeUnitTag", &$at);
1033 if (isset($at['gosaUnitTag'])){
1034 unset($at['gosaUnitTag']);
1035 }
1037 /* Set tag? */
1038 if ($tag != ""){
1039 add_objectClass("gosaAdministrativeUnitTag", &$at);
1040 $at['gosaUnitTag']= $tag;
1041 }
1042 }
1045 /* Add possibility to stop remove process */
1046 function allow_remove()
1047 {
1048 $reason= "";
1049 return $reason;
1050 }
1053 /* Create a snapshot of the current object */
1054 function create_snapshot($type= "snapshot", $description= array())
1055 {
1057 /* Check if snapshot functionality is enabled */
1058 if(!$this->snapshotEnabled()){
1059 return;
1060 }
1062 /* Get configuration from gosa.conf */
1063 $tmp = $this->config->current;
1065 /* Create lokal ldap connection */
1066 $ldap= $this->config->get_ldap_link();
1067 $ldap->cd($this->config->current['BASE']);
1069 /* check if there are special server configurations for snapshots */
1070 if(!isset($tmp['SNAPSHOT_SERVER'])){
1072 /* Source and destination server are both the same, just copy source to dest obj */
1073 $ldap_to = $ldap;
1074 $snapldapbase = $this->config->current['BASE'];
1076 }else{
1077 $server = $tmp['SNAPSHOT_SERVER'];
1078 $user = $tmp['SNAPSHOT_USER'];
1079 $password = $tmp['SNAPSHOT_PASSWORD'];
1080 $snapldapbase = $tmp['SNAPSHOT_BASE'];
1082 $ldap_to = new LDAP($user,$password, $server);
1083 $ldap_to -> cd($snapldapbase);
1084 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1085 }
1087 /* check if the dn exists */
1088 if ($ldap->dn_exists($this->dn)){
1090 /* Extract seconds & mysecs, they are used as entry index */
1091 list($usec, $sec)= explode(" ", microtime());
1093 /* Collect some infos */
1094 $base = $this->config->current['BASE'];
1095 $snap_base = $tmp['SNAPSHOT_BASE'];
1096 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1097 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1099 /* Create object */
1100 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1101 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1102 $newName = preg_replace("/\./", "", $sec."-".$usec);
1103 $target= array();
1104 $target['objectClass'] = array("top", "gosaSnapshotObject");
1105 $target['gosaSnapshotData'] = gzcompress($data, 6);
1106 $target['gosaSnapshotType'] = $type;
1107 $target['gosaSnapshotDN'] = $this->dn;
1108 $target['description'] = $description;
1109 $target['gosaSnapshotTimestamp'] = $newName;
1111 /* Insert the new snapshot
1112 But we have to check first, if the given gosaSnapshotTimestamp
1113 is already used, in this case we should increment this value till there is
1114 an unused value. */
1115 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1116 $ldap_to->cat($new_dn);
1117 while($ldap_to->count()){
1118 $ldap_to->cat($new_dn);
1119 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1120 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1121 $target['gosaSnapshotTimestamp'] = $newName;
1122 }
1124 /* Inset this new snapshot */
1125 $ldap_to->cd($snapldapbase);
1126 $ldap_to->create_missing_trees($snapldapbase);
1127 $ldap_to->create_missing_trees($new_base);
1128 $ldap_to->cd($new_dn);
1129 $ldap_to->add($target);
1131 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1132 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1133 }
1134 }
1136 function remove_snapshot($dn)
1137 {
1138 $ui = get_userinfo();
1139 $old_dn = $this->dn;
1140 $this->dn = $dn;
1141 $ldap = $this->config->get_ldap_link();
1142 $ldap->cd($this->config->current['BASE']);
1143 $ldap->rmdir_recursive($dn);
1144 $this->dn = $old_dn;
1145 }
1148 /* returns true if snapshots are enabled, and false if it is disalbed
1149 There will also be some errors psoted, if the configuration failed */
1150 function snapshotEnabled()
1151 {
1152 $tmp = $this->config->current;
1153 if(isset($tmp['ENABLE_SNAPSHOT'])){
1154 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1156 /* Check if the snapshot_base is defined */
1157 if(!isset($tmp['SNAPSHOT_BASE'])){
1158 msg_dialog::display(_("Configuration error"), sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not set."),"SNAPSHOT_BASE"), ERROR_DIALOG);
1159 return(FALSE);
1160 }
1162 /* check if there are special server configurations for snapshots */
1163 if(isset($tmp['SNAPSHOT_SERVER'])){
1165 /* check if all required vars are available to create a new ldap connection */
1166 $missing = "";
1167 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_BASE") as $var){
1168 if(!isset($tmp[$var])){
1169 $missing .= $var." ";
1170 msg_dialog::display(_("Configuration error"), sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not set."), $missing), ERROR_DIALOG);
1171 return(FALSE);
1172 }
1173 }
1174 }
1175 return(TRUE);
1176 }
1177 }
1178 return(FALSE);
1179 }
1182 /* Return available snapshots for the given base
1183 */
1184 function Available_SnapsShots($dn,$raw = false)
1185 {
1186 if(!$this->snapshotEnabled()) return(array());
1188 /* Create an additional ldap object which
1189 points to our ldap snapshot server */
1190 $ldap= $this->config->get_ldap_link();
1191 $ldap->cd($this->config->current['BASE']);
1192 $cfg= &$this->config->current;
1194 /* check if there are special server configurations for snapshots */
1196 if(isset($cfg['SERVER']) && isset($cfg['SNAPSHOT_SERVER']) && $cfg['SERVER'] == $cfg['SNAPSHOT_SERVER']){
1197 $ldap_to = $ldap;
1198 }elseif(isset($cfg['SNAPSHOT_SERVER'])){
1199 $server = $cfg['SNAPSHOT_SERVER'];
1200 $user = $cfg['SNAPSHOT_USER'];
1201 $password = $cfg['SNAPSHOT_PASSWORD'];
1202 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1204 $ldap_to = new LDAP($user,$password, $server);
1205 $ldap_to -> cd ($snapldapbase);
1206 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1207 }else{
1208 $ldap_to = $ldap;
1209 }
1211 /* Prepare bases and some other infos */
1212 $base = $this->config->current['BASE'];
1213 $snap_base = $cfg['SNAPSHOT_BASE'];
1214 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1215 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1216 $tmp = array();
1218 /* Fetch all objects with gosaSnapshotDN=$dn */
1219 $ldap_to->cd($new_base);
1220 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1221 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1223 /* Put results into a list and add description if missing */
1224 while($entry = $ldap_to->fetch()){
1225 if(!isset($entry['description'][0])){
1226 $entry['description'][0] = "";
1227 }
1228 $tmp[] = $entry;
1229 }
1231 /* Return the raw array, or format the result */
1232 if($raw){
1233 return($tmp);
1234 }else{
1235 $tmp2 = array();
1236 foreach($tmp as $entry){
1237 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1238 }
1239 }
1240 return($tmp2);
1241 }
1244 function getAllDeletedSnapshots($base_of_object,$raw = false)
1245 {
1246 if(!$this->snapshotEnabled()) return(array());
1248 /* Create an additional ldap object which
1249 points to our ldap snapshot server */
1250 $ldap= $this->config->get_ldap_link();
1251 $ldap->cd($this->config->current['BASE']);
1252 $cfg= &$this->config->current;
1254 /* check if there are special server configurations for snapshots */
1255 if(isset($cfg['SNAPSHOT_SERVER'])){
1256 $server = $cfg['SNAPSHOT_SERVER'];
1257 $user = $cfg['SNAPSHOT_USER'];
1258 $password = $cfg['SNAPSHOT_PASSWORD'];
1259 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1260 $ldap_to = new LDAP($user,$password, $server);
1261 $ldap_to->cd ($snapldapbase);
1262 show_ldap_error($ldap_to->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1263 }else{
1264 $ldap_to = $ldap;
1265 }
1267 /* Prepare bases */
1268 $base = $this->config->current['BASE'];
1269 $snap_base = $cfg['SNAPSHOT_BASE'];
1270 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1272 /* Fetch all objects and check if they do not exist anymore */
1273 $ui = get_userinfo();
1274 $tmp = array();
1275 $ldap_to->cd($new_base);
1276 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1277 while($entry = $ldap_to->fetch()){
1279 $chk = str_replace($new_base,"",$entry['dn']);
1280 if(preg_match("/,ou=/",$chk)) continue;
1282 if(!isset($entry['description'][0])){
1283 $entry['description'][0] = "";
1284 }
1285 $tmp[] = $entry;
1286 }
1288 /* Check if entry still exists */
1289 foreach($tmp as $key => $entry){
1290 $ldap->cat($entry['gosaSnapshotDN'][0]);
1291 if($ldap->count()){
1292 unset($tmp[$key]);
1293 }
1294 }
1296 /* Format result as requested */
1297 if($raw) {
1298 return($tmp);
1299 }else{
1300 $tmp2 = array();
1301 foreach($tmp as $key => $entry){
1302 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1303 }
1304 }
1305 return($tmp2);
1306 }
1309 /* Restore selected snapshot */
1310 function restore_snapshot($dn)
1311 {
1312 if(!$this->snapshotEnabled()) return(array());
1314 $ldap= $this->config->get_ldap_link();
1315 $ldap->cd($this->config->current['BASE']);
1316 $cfg= &$this->config->current;
1318 /* check if there are special server configurations for snapshots */
1319 if(isset($cfg['SNAPSHOT_SERVER'])){
1320 $server = $cfg['SNAPSHOT_SERVER'];
1321 $user = $cfg['SNAPSHOT_USER'];
1322 $password = $cfg['SNAPSHOT_PASSWORD'];
1323 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1324 $ldap_to = new LDAP($user,$password, $server);
1325 $ldap_to->cd ($snapldapbase);
1326 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1327 }else{
1328 $ldap_to = $ldap;
1329 }
1331 /* Get the snapshot */
1332 $ldap_to->cat($dn);
1333 $restoreObject = $ldap_to->fetch();
1335 /* Prepare import string */
1336 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1338 /* Import the given data */
1339 $ldap->import_complete_ldif($data,$err,false,false);
1340 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1341 }
1344 function showSnapshotDialog($base,$baseSuffixe)
1345 {
1346 $once = true;
1347 foreach($_POST as $name => $value){
1349 /* Create a new snapshot, display a dialog */
1350 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1351 $once = false;
1352 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1353 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1354 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1355 }
1357 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1358 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1359 $once = false;
1360 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1361 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1362 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1363 $this->snapDialog->display_restore_dialog = true;
1364 }
1366 /* Restore one of the already deleted objects */
1367 if(((isset($_POST['menu_action']) && $_POST['menu_action'] == "RestoreDeletedSnapShot")
1368 || preg_match("/^RestoreDeletedSnapShot_/",$name)) && $once){
1369 $once = false;
1370 $this->snapDialog = new SnapShotDialog($this->config,"",$this);
1371 $this->snapDialog->set_snapshot_bases($baseSuffixe);
1372 $this->snapDialog->display_restore_dialog = true;
1373 $this->snapDialog->display_all_removed_objects = true;
1374 }
1376 /* Restore selected snapshot */
1377 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1378 $once = false;
1379 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1380 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1381 if(!empty($entry)){
1382 $this->restore_snapshot($entry);
1383 $this->snapDialog = NULL;
1384 }
1385 }
1386 }
1388 /* Create a new snapshot requested, check
1389 the given attributes and create the snapshot*/
1390 if(isset($_POST['CreateSnapshot']) && is_object($this->snapDialog)){
1391 $this->snapDialog->save_object();
1392 $msgs = $this->snapDialog->check();
1393 if(count($msgs)){
1394 foreach($msgs as $msg){
1395 msg_dialog::display(_("Error"), $msg, ERROR_DIALOG);
1396 }
1397 }else{
1398 $this->dn = $this->snapDialog->dn;
1399 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1400 $this->snapDialog = NULL;
1401 }
1402 }
1404 /* Restore is requested, restore the object with the posted dn .*/
1405 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1406 }
1408 if(isset($_POST['CancelSnapshot'])){
1409 $this->snapDialog = NULL;
1410 }
1412 if(is_object($this->snapDialog )){
1413 $this->snapDialog->save_object();
1414 return($this->snapDialog->execute());
1415 }
1416 }
1419 static function plInfo()
1420 {
1421 return array();
1422 }
1425 function set_acl_base($base)
1426 {
1427 $this->acl_base= $base;
1428 }
1431 function set_acl_category($category)
1432 {
1433 $this->acl_category= "$category/";
1434 }
1437 function acl_is_writeable($attribute,$skip_write = FALSE)
1438 {
1439 $ui= get_userinfo();
1440 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1441 }
1444 function acl_is_readable($attribute)
1445 {
1446 $ui= get_userinfo();
1447 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1448 }
1451 function acl_is_createable()
1452 {
1453 $ui= get_userinfo();
1454 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1455 }
1458 function acl_is_removeable()
1459 {
1460 $ui= get_userinfo();
1461 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1462 }
1465 function acl_is_moveable()
1466 {
1467 $ui= get_userinfo();
1468 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1469 }
1472 function acl_have_any_permissions()
1473 {
1474 }
1477 function getacl($attribute,$skip_write= FALSE)
1478 {
1479 $ui= get_userinfo();
1480 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1481 }
1483 /* Get all allowed bases to move an object to or to create a new object.
1484 Idepartments also contains all base departments which lead to the allowed bases */
1485 function get_allowed_bases($category = "")
1486 {
1487 $ui = get_userinfo();
1488 $deps = array();
1490 /* Set category */
1491 if(empty($category)){
1492 $category = $this->acl_category.get_class($this);
1493 }
1495 /* Is this a new object ? Or just an edited existing object */
1496 if(!$this->initially_was_account && $this->is_account){
1497 $new = true;
1498 }else{
1499 $new = false;
1500 }
1502 $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
1503 foreach($this->config->idepartments as $dn => $name){
1505 if(!in_array_ics($dn,$cat_bases)){
1506 continue;
1507 }
1509 $acl = $ui->get_permissions($dn,$category);
1510 if($new && preg_match("/c/",$acl)){
1511 $deps[$dn] = $name;
1512 }elseif(!$new && preg_match("/m/",$acl)){
1513 $deps[$dn] = $name;
1514 }
1515 }
1517 /* Add current base */
1518 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1519 $deps[$this->base] = $this->config->idepartments[$this->base];
1520 }else{
1521 echo "No default base found. ".$this->base."<br> ";
1522 }
1524 return($deps);
1525 }
1527 /* This function modifies object acls too, if an object is moved.
1528 * $old_dn specifies the actually used dn
1529 * $new_dn specifies the destiantion dn
1530 */
1531 function update_acls($old_dn,$new_dn,$output_changes = FALSE)
1532 {
1533 /* Check if old_dn is empty. This should never happen */
1534 if(empty($old_dn) || empty($new_dn)){
1535 trigger_error("Failed to check acl dependencies, wrong dn given.");
1536 return;
1537 }
1539 /* Update userinfo if necessary */
1540 $ui = session::get('ui');
1541 if($ui->dn == $old_dn){
1542 $ui->dn = $new_dn;
1543 session::set('ui',$ui);
1544 new log("view","acl/".get_class($this),$this->dn,array(),"Updated current user dn from '".$old_dn."' to '".$new_dn."'");
1545 }
1547 /* Object was moved, ensure that all acls will be moved too */
1548 if($new_dn != $old_dn && $old_dn != "new"){
1550 /* get_ldap configuration */
1551 $update = array();
1552 $ldap = $this->config->get_ldap_link();
1553 $ldap->cd ($this->config->current['BASE']);
1554 $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry"));
1555 while($attrs = $ldap->fetch()){
1557 $acls = array();
1559 /* Walk through acls */
1560 for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){
1562 /* Reset vars */
1563 $found = false;
1565 /* Get Acl parts */
1566 $acl_parts = split(":",$attrs['gosaAclEntry'][$i]);
1568 /* Get every single member for this acl */
1569 $members = array();
1570 if(preg_match("/,/",$acl_parts[2])){
1571 $members = split(",",$acl_parts[2]);
1572 }else{
1573 $members = array($acl_parts[2]);
1574 }
1576 /* Check if member match current dn */
1577 foreach($members as $key => $member){
1578 $member = base64_decode($member);
1579 if($member == $old_dn){
1580 $found = true;
1581 $members[$key] = base64_encode($new_dn);
1582 }
1583 }
1585 /* Create new member string */
1586 $new_members = "";
1587 foreach($members as $member){
1588 $new_members .= $member.",";
1589 }
1590 $new_members = preg_replace("/,$/","",$new_members);
1591 $acl_parts[2] = $new_members;
1593 /* Reconstruckt acl entry */
1594 $acl_str ="";
1595 foreach($acl_parts as $t){
1596 $acl_str .= $t.":";
1597 }
1598 $acl_str = preg_replace("/:$/","",$acl_str);
1599 }
1601 /* Acls for this object must be adjusted */
1602 if($found){
1604 if($output_changes){
1605 echo "<font color='green'>".
1606 _("Changing ACL dn")." : <br> -"._("from")." <b> ".
1607 $old_dn.
1608 "</b><br> -"._("to")." <b>".
1609 $new_dn.
1610 "</b></font><br>";
1611 }
1612 $update[$attrs['dn']] =array();
1613 foreach($acls as $acl){
1614 $update[$attrs['dn']]['gosaAclEntry'][] = $acl;
1615 }
1616 }
1617 }
1619 /* Write updated acls */
1620 foreach($update as $dn => $attrs){
1621 $ldap->cd($dn);
1622 $ldap->modify($attrs);
1623 }
1624 }
1625 }
1629 /* This function enables the entry Serial ID check.
1630 * If an entry was edited while we have edited the entry too,
1631 * an error message will be shown.
1632 * To configure this check correctly read the FAQ.
1633 */
1634 function enable_CSN_check()
1635 {
1636 $this->CSN_check_active =TRUE;
1637 $this->entryCSN = getEntryCSN($this->dn);
1638 }
1641 /*! \brief Prepares the plugin to be used for multiple edit
1642 * Update plugin attributes with given array of attribtues.
1643 * @param array Array with attributes that must be updated.
1644 */
1645 function init_multiple_support($attrs,$all)
1646 {
1647 $ldap= $this->config->get_ldap_link();
1648 $this->multi_attrs = $attrs;
1649 $this->multi_attrs_all= $all;
1651 /* Copy needed attributes */
1652 foreach ($this->attributes as $val){
1653 $found= array_key_ics($val, $this->multi_attrs);
1654 if ($found != ""){
1655 if(isset($this->multi_attrs["$found"][0])){
1656 $this->$val= $this->multi_attrs["$found"][0];
1657 }
1658 }
1659 }
1660 }
1663 /*! \brief Enables multiple support for this plugin
1664 */
1665 function enable_multiple_support()
1666 {
1667 $this->ignore_account = TRUE;
1668 $this->multiple_support_active = TRUE;
1669 }
1672 /*! \brief Returns all values that have been modfied in multiple edit mode.
1673 @return array Cotaining all mdofied values.
1674 */
1675 function get_multi_edit_values()
1676 {
1677 $ret = array();
1678 foreach($this->attributes as $attr){
1679 if(in_array($attr,$this->multi_boxes)){
1680 $ret[$attr] = $this->$attr;
1681 }
1682 }
1683 return($ret);
1684 }
1687 /*! \brief Update class variables with values collected by multiple edit.
1688 */
1689 function set_multi_edit_values($attrs)
1690 {
1691 foreach($attrs as $name => $value){
1692 $this->$name = $value;
1693 }
1694 }
1697 /*! \brief execute plugin
1699 Generates the html output for this node
1700 */
1701 function multiple_execute()
1702 {
1703 /* This one is empty currently. Fabian - please fill in the docu code */
1704 session::set('current_class_for_help',get_class($this));
1706 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
1707 session::set('LOCK_VARS_TO_USE',array());
1708 session::set('LOCK_VARS_USED',array());
1710 return("Multiple edit is currently not implemented for this plugin.");
1711 }
1714 /*! \brief Save HTML posted data to object for multiple edit
1715 */
1716 function multiple_save_object()
1717 {
1718 if(empty($this->entryCSN) && $this->CSN_check_active){
1719 $this->entryCSN = getEntryCSN($this->dn);
1720 }
1722 /* Save values to object */
1723 $this->multi_boxes = array();
1724 foreach ($this->attributes as $val){
1726 /* Get selected checkboxes from multiple edit */
1727 if(isset($_POST["use_".$val])){
1728 $this->multi_boxes[] = $val;
1729 }
1731 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
1733 /* Check for modifications */
1734 if (get_magic_quotes_gpc()) {
1735 $data= stripcslashes($_POST["$val"]);
1736 } else {
1737 $data= $this->$val = $_POST["$val"];
1738 }
1739 if ($this->$val != $data){
1740 $this->is_modified= TRUE;
1741 }
1743 /* IE post fix */
1744 if(isset($data[0]) && $data[0] == chr(194)) {
1745 $data = "";
1746 }
1747 $this->$val= $data;
1748 }
1749 }
1750 }
1753 /*! \brief Returns all attributes of this plugin,
1754 to be able to detect multiple used attributes
1755 in multi_plugg::detect_multiple_used_attributes().
1756 @return array Attributes required for intialization of multi_plug
1757 */
1758 public function get_multi_init_values()
1759 {
1760 $attrs = $this->attrs;
1761 return($attrs);
1762 }
1765 /*! \brief Check given values in multiple edit
1766 @return array Error messages
1767 */
1768 function multiple_check()
1769 {
1770 $message = plugin::check();
1771 return($message);
1772 }
1773 }
1775 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1776 ?>