1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 /*! \brief The plugin base class
24 \author Cajus Pollmeier <pollmeier@gonicus.de>
25 \version 2.00
26 \date 24.07.2003
28 This is the base class for all plugins. It can be used standalone or
29 can be included by the tabs class. All management should be done
30 within this class. Extend your plugins from this class.
31 */
33 class plugin
34 {
35 /*!
36 \brief Reference to parent object
38 This variable is used when the plugin is included in tabs
39 and keeps reference to the tab class. Communication to other
40 tabs is possible by 'name'. So the 'fax' plugin can ask the
41 'userinfo' plugin for the fax number.
43 \sa tab
44 */
45 var $parent= NULL;
47 /*!
48 \brief Configuration container
50 Access to global configuration
51 */
52 var $config= NULL;
54 /*!
55 \brief Mark plugin as account
57 Defines whether this plugin is defined as an account or not.
58 This has consequences for the plugin to be saved from tab
59 mode. If it is set to 'FALSE' the tab will call the delete
60 function, else the save function. Should be set to 'TRUE' if
61 the construtor detects a valid LDAP object.
63 \sa plugin::plugin()
64 */
65 var $is_account= FALSE;
66 var $initially_was_account= FALSE;
68 /*!
69 \brief Mark plugin as template
71 Defines whether we are creating a template or a normal object.
72 Has conseqences on the way execute() shows the formular and how
73 save() puts the data to LDAP.
75 \sa plugin::save() plugin::execute()
76 */
77 var $is_template= FALSE;
78 var $ignore_account= FALSE;
79 var $is_modified= FALSE;
81 /*!
82 \brief Represent temporary LDAP data
84 This is only used internally.
85 */
86 var $attrs= array();
88 /* Keep set of conflicting plugins */
89 var $conflicts= array();
91 /* Save unit tags */
92 var $gosaUnitTag= "";
93 var $skipTagging= FALSE;
95 /*!
96 \brief Used standard values
98 dn
99 */
100 var $dn= "";
101 var $uid= "";
102 var $sn= "";
103 var $givenName= "";
104 var $acl= "*none*";
105 var $dialog= FALSE;
106 var $snapDialog = NULL;
108 /* attribute list for save action */
109 var $attributes= array();
110 var $objectclasses= array();
111 var $is_new= TRUE;
112 var $saved_attributes= array();
114 var $acl_base= "";
115 var $acl_category= "";
117 /* This can be set to render the tabulators in another stylesheet */
118 var $pl_notify= FALSE;
120 /* Object entry CSN */
121 var $entryCSN = "";
122 var $CSN_check_active = FALSE;
124 /* This variable indicates that this class can handle multiple dns at once. */
125 var $multiple_support = FALSE;
126 var $multi_attrs = array();
127 var $multi_attrs_all = array();
129 /* This aviable indicates, that we are currently in multiple edit handle */
130 var $multiple_support_active = FALSE;
131 var $selected_edit_values = array();
132 var $multi_boxes = array();
134 /*! \brief plugin constructor
136 If 'dn' is set, the node loads the given 'dn' from LDAP
138 \param dn Distinguished name to initialize plugin from
139 \sa plugin()
140 */
141 function plugin (&$config, $dn= NULL, $parent= NULL)
142 {
143 /* Configuration is fine, allways */
144 $this->config= &$config;
145 $this->dn= $dn;
147 /* Handle new accounts, don't read information from LDAP */
148 if ($dn == "new"){
149 return;
150 }
152 /* Save current dn as acl_base */
153 $this->acl_base= $dn;
155 /* Get LDAP descriptor */
156 $ldap= $this->config->get_ldap_link();
157 if ($dn !== NULL){
159 /* Load data to 'attrs' and save 'dn' */
160 if ($parent !== NULL){
161 $this->attrs= $parent->attrs;
162 } else {
163 $ldap->cat ($dn);
164 $this->attrs= $ldap->fetch();
165 }
167 /* Copy needed attributes */
168 foreach ($this->attributes as $val){
169 $found= array_key_ics($val, $this->attrs);
170 if ($found != ""){
171 $this->$val= $this->attrs["$found"][0];
172 }
173 }
175 /* gosaUnitTag loading... */
176 if (isset($this->attrs['gosaUnitTag'][0])){
177 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
178 }
180 /* Set the template flag according to the existence of objectClass
181 gosaUserTemplate */
182 if (isset($this->attrs['objectClass'])){
183 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
184 $this->is_template= TRUE;
185 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
186 "found", "Template check");
187 }
188 }
190 /* Is Account? */
191 $found= TRUE;
192 foreach ($this->objectclasses as $obj){
193 if (preg_match('/top/i', $obj)){
194 continue;
195 }
196 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
197 $found= FALSE;
198 break;
199 }
200 }
201 if ($found){
202 $this->is_account= TRUE;
203 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
204 "found", "Object check");
205 }
207 /* Prepare saved attributes */
208 $this->saved_attributes= $this->attrs;
209 foreach ($this->saved_attributes as $index => $value){
210 if (preg_match('/^[0-9]+$/', $index)){
211 unset($this->saved_attributes[$index]);
212 continue;
213 }
214 if (!in_array($index, $this->attributes) && $index != "objectClass"){
215 unset($this->saved_attributes[$index]);
216 continue;
217 }
218 if (isset($this->saved_attributes[$index][0]) || $this->saved_attributes[$index]["count"] == 1){
219 $tmp= $this->saved_attributes[$index][0];
220 unset($this->saved_attributes[$index]);
221 $this->saved_attributes[$index]= $tmp;
222 continue;
223 }
225 unset($this->saved_attributes["$index"]["count"]);
226 }
227 }
229 /* Save initial account state */
230 $this->initially_was_account= $this->is_account;
231 }
234 /*! \brief execute plugin
236 Generates the html output for this node
237 */
238 function execute()
239 {
240 /* This one is empty currently. Fabian - please fill in the docu code */
241 session::set('current_class_for_help',get_class($this));
243 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
244 session::set('LOCK_VARS_TO_USE',array());
245 session::set('LOCK_VARS_USED',array());
246 }
248 /*! \brief execute plugin
249 Removes object from parent
250 */
251 function remove_from_parent()
252 {
253 /* include global link_info */
254 $ldap= $this->config->get_ldap_link();
256 /* Get current objectClasses in order to add the required ones */
257 $ldap->cat($this->dn);
258 $tmp= $ldap->fetch ();
259 $oc= array();
260 if (isset($tmp['objectClass'])){
261 $oc= $tmp['objectClass'];
262 unset($oc['count']);
263 }
265 /* Remove objectClasses from entry */
266 $ldap->cd($this->dn);
267 $this->attrs= array();
268 $this->attrs['objectClass']= array_remove_entries($this->objectclasses,$oc);
270 /* Unset attributes from entry */
271 foreach ($this->attributes as $val){
272 $this->attrs["$val"]= array();
273 }
275 /* Unset account info */
276 $this->is_account= FALSE;
278 /* Do not write in plugin base class, this must be done by
279 children, since there are normally additional attribs,
280 lists, etc. */
281 /*
282 $ldap->modify($this->attrs);
283 */
284 }
287 /*! \brief Save HTML posted data to object
288 */
289 function save_object()
290 {
291 /* Update entry CSN if it is empty. */
292 if(empty($this->entryCSN) && $this->CSN_check_active){
293 $this->entryCSN = getEntryCSN($this->dn);
294 }
296 /* Save values to object */
297 foreach ($this->attributes as $val){
298 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
299 /* Check for modifications */
300 if (get_magic_quotes_gpc()) {
301 $data= stripcslashes($_POST["$val"]);
302 } else {
303 $data= $this->$val = $_POST["$val"];
304 }
305 if ($this->$val != $data){
306 $this->is_modified= TRUE;
307 }
309 /* Okay, how can I explain this fix ...
310 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
311 * So IE posts these 'unselectable' option, with value = chr(194)
312 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
313 * This was added for W3c compliance, but now causes these ... ldap errors ...
314 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
315 */
316 if(isset($data[0]) && $data[0] == chr(194)) {
317 $data = "";
318 }
319 $this->$val= $data;
320 }
321 }
322 }
325 /* Save data to LDAP, depending on is_account we save or delete */
326 function save()
327 {
328 /* include global link_info */
329 $ldap= $this->config->get_ldap_link();
331 /* Save all plugins */
332 $this->entryCSN = "";
334 /* Start with empty array */
335 $this->attrs= array();
337 /* Get current objectClasses in order to add the required ones */
338 $ldap->cat($this->dn);
340 $tmp= $ldap->fetch ();
342 $oc= array();
343 if (isset($tmp['objectClass'])){
344 $oc= $tmp["objectClass"];
345 $this->is_new= FALSE;
346 unset($oc['count']);
347 } else {
348 $this->is_new= TRUE;
349 }
351 /* Load (minimum) attributes, add missing ones */
352 $this->attrs['objectClass']= gosa_array_merge($oc,$this->objectclasses);
354 /* Copy standard attributes */
355 foreach ($this->attributes as $val){
356 if ($this->$val != ""){
357 $this->attrs["$val"]= $this->$val;
358 } elseif (!$this->is_new) {
359 $this->attrs["$val"]= array();
360 }
361 }
363 /* Handle tagging */
364 $this->tag_attrs($this->attrs);
365 }
368 function cleanup()
369 {
370 foreach ($this->attrs as $index => $value){
372 /* Convert arrays with one element to non arrays, if the saved
373 attributes are no array, too */
374 if (is_array($this->attrs[$index]) &&
375 count ($this->attrs[$index]) == 1 &&
376 isset($this->saved_attributes[$index]) &&
377 !is_array($this->saved_attributes[$index])){
379 $tmp= $this->attrs[$index][0];
380 $this->attrs[$index]= $tmp;
381 }
383 /* Remove emtpy arrays if they do not differ */
384 if (is_array($this->attrs[$index]) &&
385 count($this->attrs[$index]) == 0 &&
386 !isset($this->saved_attributes[$index])){
388 unset ($this->attrs[$index]);
389 continue;
390 }
392 /* Remove single attributes that do not differ */
393 if (!is_array($this->attrs[$index]) &&
394 isset($this->saved_attributes[$index]) &&
395 !is_array($this->saved_attributes[$index]) &&
396 $this->attrs[$index] == $this->saved_attributes[$index]){
398 unset ($this->attrs[$index]);
399 continue;
400 }
402 /* Remove arrays that do not differ */
403 if (is_array($this->attrs[$index]) &&
404 isset($this->saved_attributes[$index]) &&
405 is_array($this->saved_attributes[$index])){
407 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
408 unset ($this->attrs[$index]);
409 continue;
410 }
411 }
412 }
414 /* Update saved attributes and ensure that next cleanups will be successful too */
415 foreach($this->attrs as $name => $value){
416 $this->saved_attributes[$name] = $value;
417 }
418 }
420 /* Check formular input */
421 function check()
422 {
423 $message= array();
425 /* Skip if we've no config object */
426 if (!isset($this->config) || !is_object($this->config)){
427 return $message;
428 }
430 /* Find hooks entries for this class */
431 $command= $this->config->search(get_class($this), "CHECK", array('menu', 'tabs'));
433 if ($command != ""){
435 if (!check_command($command)){
436 $message[]= msgPool::cmdnotfound("CHECK", get_class($this));
437 } else {
439 /* Generate "ldif" for check hook */
440 $ldif= "dn: $this->dn\n";
442 /* ... objectClasses */
443 foreach ($this->objectclasses as $oc){
444 $ldif.= "objectClass: $oc\n";
445 }
447 /* ... attributes */
448 foreach ($this->attributes as $attr){
449 if ($this->$attr == ""){
450 continue;
451 }
452 if (is_array($this->$attr)){
453 foreach ($this->$attr as $val){
454 $ldif.= "$attr: $val\n";
455 }
456 } else {
457 $ldif.= "$attr: ".$this->$attr."\n";
458 }
459 }
461 /* Append empty line */
462 $ldif.= "\n";
464 /* Feed "ldif" into hook and retrieve result*/
465 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
466 $fh= proc_open($command, $descriptorspec, $pipes);
467 if (is_resource($fh)) {
468 fwrite ($pipes[0], $ldif);
469 fclose($pipes[0]);
471 $result= stream_get_contents($pipes[1]);
472 if ($result != ""){
473 $message[]= $result;
474 }
476 fclose($pipes[1]);
477 fclose($pipes[2]);
478 proc_close($fh);
479 }
480 }
482 }
484 /* Check entryCSN */
485 if($this->CSN_check_active){
486 $current_csn = getEntryCSN($this->dn);
487 if($current_csn != $this->entryCSN && !empty($this->entryCSN) && !empty($current_csn)){
488 $this->entryCSN = $current_csn;
489 $message[] = _("The object has changed since opened in GOsa. All changes that may be done by others get lost if you save this entry!");
490 }
491 }
492 return ($message);
493 }
495 /* Adapt from template, using 'dn' */
496 function adapt_from_template($dn)
497 {
498 /* Include global link_info */
499 $ldap= $this->config->get_ldap_link();
501 /* Load requested 'dn' to 'attrs' */
502 $ldap->cat ($dn);
503 $this->attrs= $ldap->fetch();
505 /* Walk through attributes */
506 foreach ($this->attributes as $val){
508 if (isset($this->attrs["$val"][0])){
510 /* If attribute is set, replace dynamic parts:
511 %sn, %givenName and %uid. Fill these in our local variables. */
512 $value= $this->attrs["$val"][0];
514 foreach (array("sn", "givenName", "uid") as $repl){
515 if (preg_match("/%$repl/i", $value)){
516 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
517 }
518 }
519 $this->$val= $value;
520 }
521 }
523 /* Is Account? */
524 $found= TRUE;
525 foreach ($this->objectclasses as $obj){
526 if (preg_match('/top/i', $obj)){
527 continue;
528 }
529 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
530 $found= FALSE;
531 break;
532 }
533 }
534 if ($found){
535 $this->is_account= TRUE;
536 }
537 }
539 /* Indicate whether a password change is needed or not */
540 function password_change_needed()
541 {
542 return FALSE;
543 }
546 /* Show header message for tab dialogs */
547 function show_enable_header($button_text, $text, $disabled= FALSE)
548 {
549 if (($disabled == TRUE) || (!$this->acl_is_createable())){
550 $state= "disabled";
551 } else {
552 $state= "";
553 }
554 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
555 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
556 "><p class=\"seperator\"> </p></td></tr></table>";
558 return($display);
559 }
562 /* Show header message for tab dialogs */
563 function show_disable_header($button_text, $text, $disabled= FALSE)
564 {
565 if (($disabled == TRUE) || !$this->acl_is_removeable()){
566 $state= "disabled";
567 } else {
568 $state= "";
569 }
570 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
571 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
572 "><p class=\"seperator\"> </p></td></tr></table>";
574 return($display);
575 }
578 /* Show header message for tab dialogs */
579 function show_header($button_text, $text, $disabled= FALSE)
580 {
581 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
582 if ($disabled == TRUE){
583 $state= "disabled";
584 } else {
585 $state= "";
586 }
587 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
588 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
589 ($this->acl_is_createable()?'':'disabled')." ".$state.
590 "><p class=\"seperator\"> </p></td></tr></table>";
592 return($display);
593 }
596 function postcreate($add_attrs= array())
597 {
598 /* Find postcreate entries for this class */
599 $command= $this->config->search(get_class($this), "POSTCREATE",array('menu', 'tabs'));
601 if ($command != ""){
603 /* Additional attributes */
604 foreach ($add_attrs as $name => $value){
605 $command= preg_replace("/%$name( |$)/", "$value ", $command);
606 }
608 /* Walk through attribute list */
609 foreach ($this->attributes as $attr){
610 if (!is_array($this->$attr)){
611 $command= preg_replace("/%$attr( |$)/", $this->$attr." ", $command);
612 }
613 }
614 $command= preg_replace("/%dn( |$)/", $this->dn." ", $command);
616 if (check_command($command)){
617 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
618 $command, "Execute");
620 exec($command);
621 } else {
622 $message[]= msgPool::cmdnotfound("POSTCREATE", get_class($this));
623 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
624 }
625 }
626 }
628 function postmodify($add_attrs= array())
629 {
630 /* Find postcreate entries for this class */
631 $command= $this->config->search(get_class($this), "POSTMODIFY",array('menu','tabs'));
633 if ($command != ""){
635 /* Additional attributes */
636 foreach ($add_attrs as $name => $value){
637 $command= preg_replace("/%$name( |$)/", "$value ", $command);
638 }
640 /* Walk through attribute list */
641 foreach ($this->attributes as $attr){
642 if (!is_array($this->$attr)){
643 $command= preg_replace("/%$attr( |$)/", $this->$attr." ", $command);
644 }
645 }
646 $command= preg_replace("/%dn( |$)/", $this->dn." ", $command);
648 if (check_command($command)){
649 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
650 $command, "Execute");
652 exec($command);
653 } else {
654 $message[]= msgPool::cmdnotfound("POSTMODIFY", get_class($this));
655 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
656 }
657 }
658 }
660 function postremove($add_attrs= array())
661 {
662 /* Find postremove entries for this class */
663 $command= $this->config->search(get_class($this), "POSTREMOVE",array('menu','tabs'));
664 if ($command != ""){
666 /* Additional attributes */
667 foreach ($add_attrs as $name => $value){
668 $command= preg_replace("/%$name( |$)/", "$value ", $command);
669 }
671 /* Walk through attribute list */
672 foreach ($this->attributes as $attr){
673 if (!is_array($this->$attr)){
674 $command= preg_replace("/%$attr( |$)/", $this->$attr." ", $command);
675 }
676 }
677 $command= preg_replace("/%dn( |$)/", $this->dn." ", $command);
679 if (check_command($command)){
680 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
681 $command, "Execute");
683 exec($command);
684 } else {
685 $message[]= msgPool::cmdnotfound("POSTREMOVE", get_class($this));
686 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
687 }
688 }
689 }
691 /* Create unique DN */
692 function create_unique_dn($attribute, $base)
693 {
694 $ldap= $this->config->get_ldap_link();
695 $base= preg_replace("/^,*/", "", $base);
697 /* Try to use plain entry first */
698 $dn= "$attribute=".$this->$attribute.",$base";
699 $ldap->cat ($dn, array('dn'));
700 if (!$ldap->fetch()){
701 return ($dn);
702 }
704 /* Look for additional attributes */
705 foreach ($this->attributes as $attr){
706 if ($attr == $attribute || $this->$attr == ""){
707 continue;
708 }
710 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
711 $ldap->cat ($dn, array('dn'));
712 if (!$ldap->fetch()){
713 return ($dn);
714 }
715 }
717 /* None found */
718 return ("none");
719 }
721 function rebind($ldap, $referral)
722 {
723 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
724 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
725 $this->error = "Success";
726 $this->hascon=true;
727 $this->reconnect= true;
728 return (0);
729 } else {
730 $this->error = "Could not bind to " . $credentials['ADMIN'];
731 return NULL;
732 }
733 }
736 /* Recursively copy ldap object */
737 function _copy($src_dn,$dst_dn)
738 {
739 $ldap=$this->config->get_ldap_link();
740 $ldap->cat($src_dn);
741 $attrs= $ldap->fetch();
743 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
744 $ds= ldap_connect($this->config->current['SERVER']);
745 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
746 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
747 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
748 }
750 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
751 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
753 /* Fill data from LDAP */
754 $new= array();
755 if ($sr) {
756 $ei=ldap_first_entry($ds, $sr);
757 if ($ei) {
758 foreach($attrs as $attr => $val){
759 if ($info = @ldap_get_values_len($ds, $ei, $attr)){
760 for ($i= 0; $i<$info['count']; $i++){
761 if ($info['count'] == 1){
762 $new[$attr]= $info[$i];
763 } else {
764 $new[$attr][]= $info[$i];
765 }
766 }
767 }
768 }
769 }
770 }
772 /* close conncetion */
773 ldap_unbind($ds);
775 /* Adapt naming attribute */
776 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
777 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
778 $new[$dst_name]= @LDAP::fix($dst_val);
780 /* Check if this is a department.
781 * If it is a dep. && there is a , override in his ou
782 * change \2C to , again, else this entry can't be saved ...
783 */
784 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
785 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
786 }
788 /* Save copy */
789 $ldap->connect();
790 $ldap->cd($this->config->current['BASE']);
792 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
794 /* FAIvariable=.../..., cn=..
795 could not be saved, because the attribute FAIvariable was different to
796 the dn FAIvariable=..., cn=... */
797 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
798 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
799 }
800 $ldap->cd($dst_dn);
801 $ldap->add($new);
803 if ($ldap->error != "Success"){
804 trigger_error("Trying to save $dst_dn failed.",
805 E_USER_WARNING);
806 return(FALSE);
807 }
808 return(TRUE);
809 }
812 /* This is a workaround function. */
813 function copy($src_dn, $dst_dn)
814 {
815 /* Rename dn in possible object groups */
816 $ldap= $this->config->get_ldap_link();
817 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::prepare4filter($src_dn).'))',
818 array('cn'));
819 while ($attrs= $ldap->fetch()){
820 $og= new ogroup($this->config, $ldap->getDN());
821 unset($og->member[$src_dn]);
822 $og->member[$dst_dn]= $dst_dn;
823 $og->save ();
824 }
826 $ldap->cat($dst_dn);
827 $attrs= $ldap->fetch();
828 if (count($attrs)){
829 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
830 E_USER_WARNING);
831 return (FALSE);
832 }
834 $ldap->cat($src_dn);
835 $attrs= $ldap->fetch();
836 if (!count($attrs)){
837 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
838 E_USER_WARNING);
839 return (FALSE);
840 }
842 $ldap->cd($src_dn);
843 $ldap->search("objectClass=*",array("dn"));
844 while($attrs = $ldap->fetch()){
845 $src = $attrs['dn'];
846 $dst = preg_replace("/".normalizePreg($src_dn)."$/",$dst_dn,$attrs['dn']);
847 $this->_copy($src,$dst);
848 }
849 return (TRUE);
850 }
853 function move($src_dn, $dst_dn)
854 {
855 /* Do not copy if only upper- lowercase has changed */
856 if(strtolower($src_dn) == strtolower($dst_dn)){
857 return(TRUE);
858 }
860 /* Copy source to destination */
861 if (!$this->copy($src_dn, $dst_dn)){
862 return (FALSE);
863 }
865 /* Delete source */
866 $ldap= $this->config->get_ldap_link();
867 $ldap->rmdir_recursive($src_dn);
868 if ($ldap->error != "Success"){
869 trigger_error("Trying to delete $src_dn failed.",
870 E_USER_WARNING);
871 return (FALSE);
872 }
874 return (TRUE);
875 }
878 /* Move/Rename complete trees */
879 function recursive_move($src_dn, $dst_dn)
880 {
881 /* Check if the destination entry exists */
882 $ldap= $this->config->get_ldap_link();
884 /* Check if destination exists - abort */
885 $ldap->cat($dst_dn, array('dn'));
886 if ($ldap->fetch()){
887 trigger_error("recursive_move $dst_dn already exists.",
888 E_USER_WARNING);
889 return (FALSE);
890 }
892 $this->copy($src_dn, $dst_dn);
894 /* Remove src_dn */
895 $ldap->cd($src_dn);
896 $ldap->recursive_remove($src_dn);
897 return (TRUE);
898 }
901 function handle_post_events($mode, $add_attrs= array())
902 {
903 switch ($mode){
904 case "add":
905 $this->postcreate($add_attrs);
906 break;
908 case "modify":
909 $this->postmodify($add_attrs);
910 break;
912 case "remove":
913 $this->postremove($add_attrs);
914 break;
915 }
916 }
919 function saveCopyDialog(){
920 }
923 function getCopyDialog(){
924 return(array("string"=>"","status"=>""));
925 }
928 function PrepareForCopyPaste($source)
929 {
930 $todo = $this->attributes;
931 if(isset($this->CopyPasteVars)){
932 $todo = array_merge($todo,$this->CopyPasteVars);
933 }
935 if(count($this->objectclasses)){
936 $this->is_account = TRUE;
937 foreach($this->objectclasses as $class){
938 if(!in_array($class,$source['objectClass'])){
939 $this->is_account = FALSE;
940 }
941 }
942 }
944 foreach($todo as $var){
945 if (isset($source[$var])){
946 if(isset($source[$var]['count'])){
947 if($source[$var]['count'] > 1){
948 $this->$var = array();
949 $tmp = array();
950 for($i = 0 ; $i < $source[$var]['count']; $i++){
951 $tmp = $source[$var][$i];
952 }
953 $this->$var = $tmp;
954 }else{
955 $this->$var = $source[$var][0];
956 }
957 }else{
958 $this->$var= $source[$var];
959 }
960 }
961 }
962 }
964 function tag_attrs(&$at, $dn= "", $tag= "", $show= false)
965 {
966 /* Skip tagging?
967 If this is called from departmentGeneric, we have to skip this
968 tagging procedure.
969 */
970 if($this->skipTagging){
971 return;
972 }
974 /* No dn? Self-operation... */
975 if ($dn == ""){
976 $dn= $this->dn;
978 /* No tag? Find it yourself... */
979 if ($tag == ""){
980 $len= strlen($dn);
982 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
983 $relevant= array();
984 foreach ($this->config->adepartments as $key => $ntag){
986 /* This one is bigger than our dn, its not relevant... */
987 if ($len <= strlen($key)){
988 continue;
989 }
991 /* This one matches with the latter part. Break and don't fix this entry */
992 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
993 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
994 $relevant[strlen($key)]= $ntag;
995 continue;
996 }
998 }
1000 /* If we've some relevant tags to set, just get the longest one */
1001 if (count($relevant)){
1002 ksort($relevant);
1003 $tmp= array_keys($relevant);
1004 $idx= end($tmp);
1005 $tag= $relevant[$idx];
1006 $this->gosaUnitTag= $tag;
1007 }
1008 }
1009 }
1011 /* Remove tags that may already be here... */
1012 remove_objectClass("gosaAdministrativeUnitTag", $at);
1013 if (isset($at['gosaUnitTag'])){
1014 unset($at['gosaUnitTag']);
1015 }
1017 /* Set tag? */
1018 if ($tag != ""){
1019 add_objectClass("gosaAdministrativeUnitTag", $at);
1020 $at['gosaUnitTag']= $tag;
1021 }
1022 }
1025 /* Add possibility to stop remove process */
1026 function allow_remove()
1027 {
1028 $reason= "";
1029 return $reason;
1030 }
1033 /* Create a snapshot of the current object */
1034 function create_snapshot($type= "snapshot", $description= array())
1035 {
1037 /* Check if snapshot functionality is enabled */
1038 if(!$this->snapshotEnabled()){
1039 return;
1040 }
1042 /* Get configuration from gosa.conf */
1043 $tmp = $this->config->current;
1045 /* Create lokal ldap connection */
1046 $ldap= $this->config->get_ldap_link();
1047 $ldap->cd($this->config->current['BASE']);
1049 /* check if there are special server configurations for snapshots */
1050 if(!isset($tmp['SNAPSHOT_SERVER'])){
1052 /* Source and destination server are both the same, just copy source to dest obj */
1053 $ldap_to = $ldap;
1054 $snapldapbase = $this->config->current['BASE'];
1056 }else{
1057 $server = $tmp['SNAPSHOT_SERVER'];
1058 $user = $tmp['SNAPSHOT_USER'];
1059 $password = $tmp['SNAPSHOT_PASSWORD'];
1060 $snapldapbase = $tmp['SNAPSHOT_BASE'];
1062 $ldap_to = new LDAP($user,$password, $server);
1063 $ldap_to -> cd($snapldapbase);
1064 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1065 }
1067 /* check if the dn exists */
1068 if ($ldap->dn_exists($this->dn)){
1070 /* Extract seconds & mysecs, they are used as entry index */
1071 list($usec, $sec)= explode(" ", microtime());
1073 /* Collect some infos */
1074 $base = $this->config->current['BASE'];
1075 $snap_base = $tmp['SNAPSHOT_BASE'];
1076 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1077 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1079 /* Create object */
1080 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1081 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1082 $newName = preg_replace("/\./", "", $sec."-".$usec);
1083 $target= array();
1084 $target['objectClass'] = array("top", "gosaSnapshotObject");
1085 $target['gosaSnapshotData'] = gzcompress($data, 6);
1086 $target['gosaSnapshotType'] = $type;
1087 $target['gosaSnapshotDN'] = $this->dn;
1088 $target['description'] = $description;
1089 $target['gosaSnapshotTimestamp'] = $newName;
1091 /* Insert the new snapshot
1092 But we have to check first, if the given gosaSnapshotTimestamp
1093 is already used, in this case we should increment this value till there is
1094 an unused value. */
1095 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1096 $ldap_to->cat($new_dn);
1097 while($ldap_to->count()){
1098 $ldap_to->cat($new_dn);
1099 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1100 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1101 $target['gosaSnapshotTimestamp'] = $newName;
1102 }
1104 /* Inset this new snapshot */
1105 $ldap_to->cd($snapldapbase);
1106 $ldap_to->create_missing_trees($snapldapbase);
1107 $ldap_to->create_missing_trees($new_base);
1108 $ldap_to->cd($new_dn);
1109 $ldap_to->add($target);
1111 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1112 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1113 }
1114 }
1116 function remove_snapshot($dn)
1117 {
1118 $ui = get_userinfo();
1119 $old_dn = $this->dn;
1120 $this->dn = $dn;
1121 $ldap = $this->config->get_ldap_link();
1122 $ldap->cd($this->config->current['BASE']);
1123 $ldap->rmdir_recursive($dn);
1124 $this->dn = $old_dn;
1125 }
1128 /* returns true if snapshots are enabled, and false if it is disalbed
1129 There will also be some errors psoted, if the configuration failed */
1130 function snapshotEnabled()
1131 {
1132 $tmp = $this->config->current;
1133 if(isset($tmp['ENABLE_SNAPSHOT'])){
1134 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1136 /* Check if the snapshot_base is defined */
1137 if(!isset($tmp['SNAPSHOT_BASE'])){
1138 msg_dialog::display(_("Configuration error"), sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not set."),"SNAPSHOT_BASE"), ERROR_DIALOG);
1139 return(FALSE);
1140 }
1142 /* check if there are special server configurations for snapshots */
1143 if(isset($tmp['SNAPSHOT_SERVER'])){
1145 /* check if all required vars are available to create a new ldap connection */
1146 $missing = "";
1147 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_BASE") as $var){
1148 if(!isset($tmp[$var])){
1149 $missing .= $var." ";
1150 msg_dialog::display(_("Configuration error"), sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not set."), $missing), ERROR_DIALOG);
1151 return(FALSE);
1152 }
1153 }
1154 }
1155 return(TRUE);
1156 }
1157 }
1158 return(FALSE);
1159 }
1162 /* Return available snapshots for the given base
1163 */
1164 function Available_SnapsShots($dn,$raw = false)
1165 {
1166 if(!$this->snapshotEnabled()) return(array());
1168 /* Create an additional ldap object which
1169 points to our ldap snapshot server */
1170 $ldap= $this->config->get_ldap_link();
1171 $ldap->cd($this->config->current['BASE']);
1172 $cfg= &$this->config->current;
1174 /* check if there are special server configurations for snapshots */
1176 if(isset($cfg['SERVER']) && isset($cfg['SNAPSHOT_SERVER']) && $cfg['SERVER'] == $cfg['SNAPSHOT_SERVER']){
1177 $ldap_to = $ldap;
1178 }elseif(isset($cfg['SNAPSHOT_SERVER'])){
1179 $server = $cfg['SNAPSHOT_SERVER'];
1180 $user = $cfg['SNAPSHOT_USER'];
1181 $password = $cfg['SNAPSHOT_PASSWORD'];
1182 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1184 $ldap_to = new LDAP($user,$password, $server);
1185 $ldap_to -> cd ($snapldapbase);
1186 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1187 }else{
1188 $ldap_to = $ldap;
1189 }
1191 /* Prepare bases and some other infos */
1192 $base = $this->config->current['BASE'];
1193 $snap_base = $cfg['SNAPSHOT_BASE'];
1194 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1195 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1196 $tmp = array();
1198 /* Fetch all objects with gosaSnapshotDN=$dn */
1199 $ldap_to->cd($new_base);
1200 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1201 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1203 /* Put results into a list and add description if missing */
1204 while($entry = $ldap_to->fetch()){
1205 if(!isset($entry['description'][0])){
1206 $entry['description'][0] = "";
1207 }
1208 $tmp[] = $entry;
1209 }
1211 /* Return the raw array, or format the result */
1212 if($raw){
1213 return($tmp);
1214 }else{
1215 $tmp2 = array();
1216 foreach($tmp as $entry){
1217 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1218 }
1219 }
1220 return($tmp2);
1221 }
1224 function getAllDeletedSnapshots($base_of_object,$raw = false)
1225 {
1226 if(!$this->snapshotEnabled()) return(array());
1228 /* Create an additional ldap object which
1229 points to our ldap snapshot server */
1230 $ldap= $this->config->get_ldap_link();
1231 $ldap->cd($this->config->current['BASE']);
1232 $cfg= &$this->config->current;
1234 /* check if there are special server configurations for snapshots */
1235 if(isset($cfg['SNAPSHOT_SERVER'])){
1236 $server = $cfg['SNAPSHOT_SERVER'];
1237 $user = $cfg['SNAPSHOT_USER'];
1238 $password = $cfg['SNAPSHOT_PASSWORD'];
1239 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1240 $ldap_to = new LDAP($user,$password, $server);
1241 $ldap_to->cd ($snapldapbase);
1242 show_ldap_error($ldap_to->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1243 }else{
1244 $ldap_to = $ldap;
1245 }
1247 /* Prepare bases */
1248 $base = $this->config->current['BASE'];
1249 $snap_base = $cfg['SNAPSHOT_BASE'];
1250 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1252 /* Fetch all objects and check if they do not exist anymore */
1253 $ui = get_userinfo();
1254 $tmp = array();
1255 $ldap_to->cd($new_base);
1256 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1257 while($entry = $ldap_to->fetch()){
1259 $chk = str_replace($new_base,"",$entry['dn']);
1260 if(preg_match("/,ou=/",$chk)) continue;
1262 if(!isset($entry['description'][0])){
1263 $entry['description'][0] = "";
1264 }
1265 $tmp[] = $entry;
1266 }
1268 /* Check if entry still exists */
1269 foreach($tmp as $key => $entry){
1270 $ldap->cat($entry['gosaSnapshotDN'][0]);
1271 if($ldap->count()){
1272 unset($tmp[$key]);
1273 }
1274 }
1276 /* Format result as requested */
1277 if($raw) {
1278 return($tmp);
1279 }else{
1280 $tmp2 = array();
1281 foreach($tmp as $key => $entry){
1282 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1283 }
1284 }
1285 return($tmp2);
1286 }
1289 /* Restore selected snapshot */
1290 function restore_snapshot($dn)
1291 {
1292 if(!$this->snapshotEnabled()) return(array());
1294 $ldap= $this->config->get_ldap_link();
1295 $ldap->cd($this->config->current['BASE']);
1296 $cfg= &$this->config->current;
1298 /* check if there are special server configurations for snapshots */
1299 if(isset($cfg['SNAPSHOT_SERVER'])){
1300 $server = $cfg['SNAPSHOT_SERVER'];
1301 $user = $cfg['SNAPSHOT_USER'];
1302 $password = $cfg['SNAPSHOT_PASSWORD'];
1303 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1304 $ldap_to = new LDAP($user,$password, $server);
1305 $ldap_to->cd ($snapldapbase);
1306 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1307 }else{
1308 $ldap_to = $ldap;
1309 }
1311 /* Get the snapshot */
1312 $ldap_to->cat($dn);
1313 $restoreObject = $ldap_to->fetch();
1315 /* Prepare import string */
1316 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1318 /* Import the given data */
1319 $ldap->import_complete_ldif($data,$err,false,false);
1320 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1321 }
1324 function showSnapshotDialog($base,$baseSuffixe)
1325 {
1326 $once = true;
1327 foreach($_POST as $name => $value){
1329 /* Create a new snapshot, display a dialog */
1330 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1331 $once = false;
1332 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1333 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1334 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1335 }
1337 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1338 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1339 $once = false;
1340 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1341 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1342 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1343 $this->snapDialog->display_restore_dialog = true;
1344 }
1346 /* Restore one of the already deleted objects */
1347 if(((isset($_POST['menu_action']) && $_POST['menu_action'] == "RestoreDeletedSnapShot")
1348 || preg_match("/^RestoreDeletedSnapShot_/",$name)) && $once){
1349 $once = false;
1350 $this->snapDialog = new SnapShotDialog($this->config,"",$this);
1351 $this->snapDialog->set_snapshot_bases($baseSuffixe);
1352 $this->snapDialog->display_restore_dialog = true;
1353 $this->snapDialog->display_all_removed_objects = true;
1354 }
1356 /* Restore selected snapshot */
1357 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1358 $once = false;
1359 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1360 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1361 if(!empty($entry)){
1362 $this->restore_snapshot($entry);
1363 $this->snapDialog = NULL;
1364 }
1365 }
1366 }
1368 /* Create a new snapshot requested, check
1369 the given attributes and create the snapshot*/
1370 if(isset($_POST['CreateSnapshot']) && is_object($this->snapDialog)){
1371 $this->snapDialog->save_object();
1372 $msgs = $this->snapDialog->check();
1373 if(count($msgs)){
1374 foreach($msgs as $msg){
1375 msg_dialog::display(_("Error"), $msg, ERROR_DIALOG);
1376 }
1377 }else{
1378 $this->dn = $this->snapDialog->dn;
1379 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1380 $this->snapDialog = NULL;
1381 }
1382 }
1384 /* Restore is requested, restore the object with the posted dn .*/
1385 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1386 }
1388 if(isset($_POST['CancelSnapshot'])){
1389 $this->snapDialog = NULL;
1390 }
1392 if(is_object($this->snapDialog )){
1393 $this->snapDialog->save_object();
1394 return($this->snapDialog->execute());
1395 }
1396 }
1399 static function plInfo()
1400 {
1401 return array();
1402 }
1405 function set_acl_base($base)
1406 {
1407 $this->acl_base= $base;
1408 }
1411 function set_acl_category($category)
1412 {
1413 $this->acl_category= "$category/";
1414 }
1417 function acl_is_writeable($attribute,$skip_write = FALSE)
1418 {
1419 $ui= get_userinfo();
1420 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1421 }
1424 function acl_is_readable($attribute)
1425 {
1426 $ui= get_userinfo();
1427 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1428 }
1431 function acl_is_createable()
1432 {
1433 $ui= get_userinfo();
1434 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1435 }
1438 function acl_is_removeable()
1439 {
1440 $ui= get_userinfo();
1441 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1442 }
1445 function acl_is_moveable()
1446 {
1447 $ui= get_userinfo();
1448 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1449 }
1452 function acl_have_any_permissions()
1453 {
1454 }
1457 function getacl($attribute,$skip_write= FALSE)
1458 {
1459 $ui= get_userinfo();
1460 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1461 }
1463 /* Get all allowed bases to move an object to or to create a new object.
1464 Idepartments also contains all base departments which lead to the allowed bases */
1465 function get_allowed_bases($category = "")
1466 {
1467 $ui = get_userinfo();
1468 $deps = array();
1470 /* Set category */
1471 if(empty($category)){
1472 $category = $this->acl_category.get_class($this);
1473 }
1475 /* Is this a new object ? Or just an edited existing object */
1476 if(!$this->initially_was_account && $this->is_account){
1477 $new = true;
1478 }else{
1479 $new = false;
1480 }
1482 $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
1483 foreach($this->config->idepartments as $dn => $name){
1485 if(!in_array_ics($dn,$cat_bases)){
1486 continue;
1487 }
1489 $acl = $ui->get_permissions($dn,$category);
1490 if($new && preg_match("/c/",$acl)){
1491 $deps[$dn] = $name;
1492 }elseif(!$new && preg_match("/m/",$acl)){
1493 $deps[$dn] = $name;
1494 }
1495 }
1497 /* Add current base */
1498 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1499 $deps[$this->base] = $this->config->idepartments[$this->base];
1500 }else{
1501 trigger_error("No default base found in class ".get_class($this).". ".$this->base);
1502 }
1503 return($deps);
1504 }
1507 /* This function modifies object acls too, if an object is moved.
1508 * $old_dn specifies the actually used dn
1509 * $new_dn specifies the destiantion dn
1510 */
1511 function update_acls($old_dn,$new_dn,$output_changes = FALSE)
1512 {
1513 /* Check if old_dn is empty. This should never happen */
1514 if(empty($old_dn) || empty($new_dn)){
1515 trigger_error("Failed to check acl dependencies, wrong dn given.");
1516 return;
1517 }
1519 /* Update userinfo if necessary */
1520 $ui = session::get('ui');
1521 if($ui->dn == $old_dn){
1522 $ui->dn = $new_dn;
1523 session::set('ui',$ui);
1524 new log("view","acl/".get_class($this),$this->dn,array(),"Updated current user dn from '".$old_dn."' to '".$new_dn."'");
1525 }
1527 /* Object was moved, ensure that all acls will be moved too */
1528 if($new_dn != $old_dn && $old_dn != "new"){
1530 /* get_ldap configuration */
1531 $update = array();
1532 $ldap = $this->config->get_ldap_link();
1533 $ldap->cd ($this->config->current['BASE']);
1534 $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry"));
1535 while($attrs = $ldap->fetch()){
1537 $acls = array();
1539 /* Walk through acls */
1540 for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){
1542 /* Reset vars */
1543 $found = false;
1545 /* Get Acl parts */
1546 $acl_parts = split(":",$attrs['gosaAclEntry'][$i]);
1548 /* Get every single member for this acl */
1549 $members = array();
1550 if(preg_match("/,/",$acl_parts[2])){
1551 $members = split(",",$acl_parts[2]);
1552 }else{
1553 $members = array($acl_parts[2]);
1554 }
1556 /* Check if member match current dn */
1557 foreach($members as $key => $member){
1558 $member = base64_decode($member);
1559 if($member == $old_dn){
1560 $found = true;
1561 $members[$key] = base64_encode($new_dn);
1562 }
1563 }
1565 /* Create new member string */
1566 $new_members = "";
1567 foreach($members as $member){
1568 $new_members .= $member.",";
1569 }
1570 $new_members = preg_replace("/,$/","",$new_members);
1571 $acl_parts[2] = $new_members;
1573 /* Reconstruckt acl entry */
1574 $acl_str ="";
1575 foreach($acl_parts as $t){
1576 $acl_str .= $t.":";
1577 }
1578 $acl_str = preg_replace("/:$/","",$acl_str);
1579 }
1581 /* Acls for this object must be adjusted */
1582 if($found){
1584 $debug_info= _("Changing ACL dn")." : <br> -"._("from")." <b> ".
1585 $old_dn."</b><br> -"._("to")." <b>".$new_dn."</b><br>";
1586 @DEBUG (DEBUG_ACL, __LINE__, __FUNCTION__, __FILE__,$debug_info,"ACL");
1588 $update[$attrs['dn']] =array();
1589 foreach($acls as $acl){
1590 $update[$attrs['dn']]['gosaAclEntry'][] = $acl;
1591 }
1592 }
1593 }
1595 /* Write updated acls */
1596 foreach($update as $dn => $attrs){
1597 $ldap->cd($dn);
1598 $ldap->modify($attrs);
1599 }
1600 }
1601 }
1605 /* This function enables the entry Serial ID check.
1606 * If an entry was edited while we have edited the entry too,
1607 * an error message will be shown.
1608 * To configure this check correctly read the FAQ.
1609 */
1610 function enable_CSN_check()
1611 {
1612 $this->CSN_check_active =TRUE;
1613 $this->entryCSN = getEntryCSN($this->dn);
1614 }
1617 /*! \brief Prepares the plugin to be used for multiple edit
1618 * Update plugin attributes with given array of attribtues.
1619 * @param array Array with attributes that must be updated.
1620 */
1621 function init_multiple_support($attrs,$all)
1622 {
1623 $ldap= $this->config->get_ldap_link();
1624 $this->multi_attrs = $attrs;
1625 $this->multi_attrs_all= $all;
1627 /* Copy needed attributes */
1628 foreach ($this->attributes as $val){
1629 $found= array_key_ics($val, $this->multi_attrs);
1630 if ($found != ""){
1631 if(isset($this->multi_attrs["$found"][0])){
1632 $this->$val= $this->multi_attrs["$found"][0];
1633 }
1634 }
1635 }
1636 }
1639 /*! \brief Enables multiple support for this plugin
1640 */
1641 function enable_multiple_support()
1642 {
1643 $this->ignore_account = TRUE;
1644 $this->multiple_support_active = TRUE;
1645 }
1648 /*! \brief Returns all values that have been modfied in multiple edit mode.
1649 @return array Cotaining all mdofied values.
1650 */
1651 function get_multi_edit_values()
1652 {
1653 $ret = array();
1654 foreach($this->attributes as $attr){
1655 if(in_array($attr,$this->multi_boxes)){
1656 $ret[$attr] = $this->$attr;
1657 }
1658 }
1659 return($ret);
1660 }
1663 /*! \brief Update class variables with values collected by multiple edit.
1664 */
1665 function set_multi_edit_values($attrs)
1666 {
1667 foreach($attrs as $name => $value){
1668 $this->$name = $value;
1669 }
1670 }
1673 /*! \brief execute plugin
1675 Generates the html output for this node
1676 */
1677 function multiple_execute()
1678 {
1679 /* This one is empty currently. Fabian - please fill in the docu code */
1680 session::set('current_class_for_help',get_class($this));
1682 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
1683 session::set('LOCK_VARS_TO_USE',array());
1684 session::set('LOCK_VARS_USED',array());
1686 return("Multiple edit is currently not implemented for this plugin.");
1687 }
1690 /*! \brief Save HTML posted data to object for multiple edit
1691 */
1692 function multiple_save_object()
1693 {
1694 if(empty($this->entryCSN) && $this->CSN_check_active){
1695 $this->entryCSN = getEntryCSN($this->dn);
1696 }
1698 /* Save values to object */
1699 $this->multi_boxes = array();
1700 foreach ($this->attributes as $val){
1702 /* Get selected checkboxes from multiple edit */
1703 if(isset($_POST["use_".$val])){
1704 $this->multi_boxes[] = $val;
1705 }
1707 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
1709 /* Check for modifications */
1710 if (get_magic_quotes_gpc()) {
1711 $data= stripcslashes($_POST["$val"]);
1712 } else {
1713 $data= $this->$val = $_POST["$val"];
1714 }
1715 if ($this->$val != $data){
1716 $this->is_modified= TRUE;
1717 }
1719 /* IE post fix */
1720 if(isset($data[0]) && $data[0] == chr(194)) {
1721 $data = "";
1722 }
1723 $this->$val= $data;
1724 }
1725 }
1726 }
1729 /*! \brief Returns all attributes of this plugin,
1730 to be able to detect multiple used attributes
1731 in multi_plugg::detect_multiple_used_attributes().
1732 @return array Attributes required for intialization of multi_plug
1733 */
1734 public function get_multi_init_values()
1735 {
1736 $attrs = $this->attrs;
1737 return($attrs);
1738 }
1741 /*! \brief Check given values in multiple edit
1742 @return array Error messages
1743 */
1744 function multiple_check()
1745 {
1746 $message = plugin::check();
1747 return($message);
1748 }
1749 }
1751 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1752 ?>