![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 /*! \brief The plugin base class
24 \author Cajus Pollmeier <pollmeier@gonicus.de>
25 \version 2.00
26 \date 24.07.2003
28 This is the base class for all plugins. It can be used standalone or
29 can be included by the tabs class. All management should be done
30 within this class. Extend your plugins from this class.
31 */
33 class plugin
34 {
35 /*!
36 \brief Reference to parent object
38 This variable is used when the plugin is included in tabs
39 and keeps reference to the tab class. Communication to other
40 tabs is possible by 'name'. So the 'fax' plugin can ask the
41 'userinfo' plugin for the fax number.
43 \sa tab
44 */
45 var $parent= NULL;
47 /*!
48 \brief Configuration container
50 Access to global configuration
51 */
52 var $config= NULL;
54 /*!
55 \brief Mark plugin as account
57 Defines whether this plugin is defined as an account or not.
58 This has consequences for the plugin to be saved from tab
59 mode. If it is set to 'FALSE' the tab will call the delete
60 function, else the save function. Should be set to 'TRUE' if
61 the construtor detects a valid LDAP object.
63 \sa plugin::plugin()
64 */
65 var $is_account= FALSE;
66 var $initially_was_account= FALSE;
68 /*!
69 \brief Mark plugin as template
71 Defines whether we are creating a template or a normal object.
72 Has conseqences on the way execute() shows the formular and how
73 save() puts the data to LDAP.
75 \sa plugin::save() plugin::execute()
76 */
77 var $is_template= FALSE;
78 var $ignore_account= FALSE;
79 var $is_modified= FALSE;
81 /*!
82 \brief Represent temporary LDAP data
84 This is only used internally.
85 */
86 var $attrs= array();
88 /* Keep set of conflicting plugins */
89 var $conflicts= array();
91 /* Save unit tags */
92 var $gosaUnitTag= "";
93 var $skipTagging= FALSE;
95 /*!
96 \brief Used standard values
98 dn
99 */
100 var $dn= "";
101 var $uid= "";
102 var $sn= "";
103 var $givenName= "";
104 var $acl= "*none*";
105 var $dialog= FALSE;
106 var $snapDialog = NULL;
108 /* attribute list for save action */
109 var $attributes= array();
110 var $objectclasses= array();
111 var $is_new= TRUE;
112 var $saved_attributes= array();
114 var $acl_base= "";
115 var $acl_category= "";
117 /* This can be set to render the tabulators in another stylesheet */
118 var $pl_notify= FALSE;
120 /* Object entry CSN */
121 var $entryCSN = "";
122 var $CSN_check_active = FALSE;
124 /* This variable indicates that this class can handle multiple dns at once. */
125 var $multiple_support = FALSE;
126 var $multi_attrs = array();
127 var $multi_attrs_all = array();
129 /* This aviable indicates, that we are currently in multiple edit handle */
130 var $multiple_support_active = FALSE;
131 var $selected_edit_values = array();
132 var $multi_boxes = array();
134 /*! \brief plugin constructor
136 If 'dn' is set, the node loads the given 'dn' from LDAP
138 \param dn Distinguished name to initialize plugin from
139 \sa plugin()
140 */
141 function plugin (&$config, $dn= NULL, $parent= NULL)
142 {
143 /* Configuration is fine, allways */
144 $this->config= &$config;
145 $this->dn= $dn;
147 /* Handle new accounts, don't read information from LDAP */
148 if ($dn == "new"){
149 return;
150 }
152 /* Save current dn as acl_base */
153 $this->acl_base= $dn;
155 /* Get LDAP descriptor */
156 if ($dn !== NULL){
158 /* Load data to 'attrs' and save 'dn' */
159 if ($parent !== NULL){
160 $this->attrs= $parent->attrs;
161 } else {
162 $ldap= $this->config->get_ldap_link();
163 $ldap->cat ($dn);
164 $this->attrs= $ldap->fetch();
165 }
167 /* Copy needed attributes */
168 foreach ($this->attributes as $val){
169 $found= array_key_ics($val, $this->attrs);
170 if ($found != ""){
171 $this->$val= $this->attrs["$found"][0];
172 }
173 }
175 /* gosaUnitTag loading... */
176 if (isset($this->attrs['gosaUnitTag'][0])){
177 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
178 }
180 /* Set the template flag according to the existence of objectClass
181 gosaUserTemplate */
182 if (isset($this->attrs['objectClass'])){
183 if (in_array_ics ("gosaUserTemplate", $this->attrs['objectClass'])){
184 $this->is_template= TRUE;
185 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
186 "found", "Template check");
187 }
188 }
190 /* Is Account? */
191 $found= TRUE;
192 foreach ($this->objectclasses as $obj){
193 if (preg_match('/top/i', $obj)){
194 continue;
195 }
196 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
197 $found= FALSE;
198 break;
199 }
200 }
201 if ($found){
202 $this->is_account= TRUE;
203 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
204 "found", "Object check");
205 }
207 /* Prepare saved attributes */
208 $this->saved_attributes= $this->attrs;
209 foreach ($this->saved_attributes as $index => $value){
210 if (preg_match('/^[0-9]+$/', $index)){
211 unset($this->saved_attributes[$index]);
212 continue;
213 }
214 if (!in_array($index, $this->attributes) && $index != "objectClass"){
215 unset($this->saved_attributes[$index]);
216 continue;
217 }
219 if (isset($this->saved_attributes[$index][0])){
220 if(!isset($this->saved_attributes[$index]["count"])){
221 $this->saved_attributes[$index]["count"] = count($this->saved_attributes[$index]);
222 }
223 if($this->saved_attributes[$index]["count"] == 1){
224 $tmp= $this->saved_attributes[$index][0];
225 unset($this->saved_attributes[$index]);
226 $this->saved_attributes[$index]= $tmp;
227 continue;
228 }
229 }
230 unset($this->saved_attributes["$index"]["count"]);
231 }
232 if(isset($this->attrs['gosaUnitTag'])){
233 $this->saved_attributes['gosaUnitTag'] = $this->attrs['gosaUnitTag'][0];
234 }
235 }
237 /* Save initial account state */
238 $this->initially_was_account= $this->is_account;
239 }
242 /*! \brief execute plugin
244 Generates the html output for this node
245 */
246 function execute()
247 {
248 /* This one is empty currently. Fabian - please fill in the docu code */
249 session::set('current_class_for_help',get_class($this));
251 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
252 session::set('LOCK_VARS_TO_USE',array());
253 session::set('LOCK_VARS_USED',array());
254 }
256 /*! \brief execute plugin
257 Removes object from parent
258 */
259 function remove_from_parent()
260 {
261 /* include global link_info */
262 $ldap= $this->config->get_ldap_link();
264 /* Get current objectClasses in order to add the required ones */
265 $ldap->cat($this->dn);
266 $tmp= $ldap->fetch ();
267 $oc= array();
268 if (isset($tmp['objectClass'])){
269 $oc= $tmp['objectClass'];
270 unset($oc['count']);
271 }
273 /* Remove objectClasses from entry */
274 $ldap->cd($this->dn);
275 $this->attrs= array();
276 $this->attrs['objectClass']= array_remove_entries_ics($this->objectclasses,$oc);
278 /* Unset attributes from entry */
279 foreach ($this->attributes as $val){
280 $this->attrs["$val"]= array();
281 }
283 /* Unset account info */
284 $this->is_account= FALSE;
286 /* Do not write in plugin base class, this must be done by
287 children, since there are normally additional attribs,
288 lists, etc. */
289 /*
290 $ldap->modify($this->attrs);
291 */
292 }
295 /*! \brief Save HTML posted data to object
296 */
297 function save_object()
298 {
299 /* Update entry CSN if it is empty. */
300 if(empty($this->entryCSN) && $this->CSN_check_active){
301 $this->entryCSN = getEntryCSN($this->dn);
302 }
304 /* Save values to object */
305 foreach ($this->attributes as $val){
306 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
307 /* Check for modifications */
308 if (get_magic_quotes_gpc()) {
309 $data= stripcslashes($_POST["$val"]);
310 } else {
311 $data= $this->$val = $_POST["$val"];
312 }
313 if ($this->$val != $data){
314 $this->is_modified= TRUE;
315 }
317 /* Okay, how can I explain this fix ...
318 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
319 * So IE posts these 'unselectable' option, with value = chr(194)
320 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
321 * This was added for W3c compliance, but now causes these ... ldap errors ...
322 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
323 */
324 if(isset($data[0]) && $data[0] == chr(194)) {
325 $data = "";
326 }
327 $this->$val= $data;
328 }
329 }
330 }
333 /* Save data to LDAP, depending on is_account we save or delete */
334 function save()
335 {
336 /* include global link_info */
337 $ldap= $this->config->get_ldap_link();
339 /* Save all plugins */
340 $this->entryCSN = "";
342 /* Start with empty array */
343 $this->attrs= array();
345 /* Get current objectClasses in order to add the required ones */
346 $ldap->cat($this->dn);
348 $tmp= $ldap->fetch ();
350 $oc= array();
351 if (isset($tmp['objectClass'])){
352 $oc= $tmp["objectClass"];
353 $this->is_new= FALSE;
354 unset($oc['count']);
355 } else {
356 $this->is_new= TRUE;
357 }
359 /* Load (minimum) attributes, add missing ones */
360 $this->attrs['objectClass']= gosa_array_merge($oc,$this->objectclasses);
362 /* Copy standard attributes */
363 foreach ($this->attributes as $val){
364 if ($this->$val != ""){
365 $this->attrs["$val"]= $this->$val;
366 } elseif (!$this->is_new) {
367 $this->attrs["$val"]= array();
368 }
369 }
371 /* Handle tagging */
372 $this->tag_attrs($this->attrs);
373 }
376 function cleanup()
377 {
378 foreach ($this->attrs as $index => $value){
380 /* Convert arrays with one element to non arrays, if the saved
381 attributes are no array, too */
382 if (is_array($this->attrs[$index]) &&
383 count ($this->attrs[$index]) == 1 &&
384 isset($this->saved_attributes[$index]) &&
385 !is_array($this->saved_attributes[$index])){
387 $tmp= $this->attrs[$index][0];
388 $this->attrs[$index]= $tmp;
389 }
391 /* Remove emtpy arrays if they do not differ */
392 if (is_array($this->attrs[$index]) &&
393 count($this->attrs[$index]) == 0 &&
394 !isset($this->saved_attributes[$index])){
396 unset ($this->attrs[$index]);
397 continue;
398 }
400 /* Remove single attributes that do not differ */
401 if (!is_array($this->attrs[$index]) &&
402 isset($this->saved_attributes[$index]) &&
403 !is_array($this->saved_attributes[$index]) &&
404 $this->attrs[$index] == $this->saved_attributes[$index]){
406 unset ($this->attrs[$index]);
407 continue;
408 }
410 /* Remove arrays that do not differ */
411 if (is_array($this->attrs[$index]) &&
412 isset($this->saved_attributes[$index]) &&
413 is_array($this->saved_attributes[$index])){
415 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
416 unset ($this->attrs[$index]);
417 continue;
418 }
419 }
420 }
422 /* Update saved attributes and ensure that next cleanups will be successful too */
423 foreach($this->attrs as $name => $value){
424 $this->saved_attributes[$name] = $value;
425 }
426 }
428 /* Check formular input */
429 function check()
430 {
431 $message= array();
433 /* Skip if we've no config object */
434 if (!isset($this->config) || !is_object($this->config)){
435 return $message;
436 }
438 /* Find hooks entries for this class */
439 $command= $this->config->search(get_class($this), "CHECK", array('menu', 'tabs'));
441 if ($command != ""){
443 if (!check_command($command)){
444 $message[]= msgPool::cmdnotfound("CHECK", get_class($this));
445 } else {
447 /* Generate "ldif" for check hook */
448 $ldif= "dn: $this->dn\n";
450 /* ... objectClasses */
451 foreach ($this->objectclasses as $oc){
452 $ldif.= "objectClass: $oc\n";
453 }
455 /* ... attributes */
456 foreach ($this->attributes as $attr){
457 if ($this->$attr == ""){
458 continue;
459 }
460 if (is_array($this->$attr)){
461 foreach ($this->$attr as $val){
462 $ldif.= "$attr: $val\n";
463 }
464 } else {
465 $ldif.= "$attr: ".$this->$attr."\n";
466 }
467 }
469 /* Append empty line */
470 $ldif.= "\n";
472 /* Feed "ldif" into hook and retrieve result*/
473 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
474 $fh= proc_open($command, $descriptorspec, $pipes);
475 if (is_resource($fh)) {
476 fwrite ($pipes[0], $ldif);
477 fclose($pipes[0]);
479 $result= stream_get_contents($pipes[1]);
480 if ($result != ""){
481 $message[]= $result;
482 }
484 fclose($pipes[1]);
485 fclose($pipes[2]);
486 proc_close($fh);
487 }
488 }
490 }
492 /* Check entryCSN */
493 if($this->CSN_check_active){
494 $current_csn = getEntryCSN($this->dn);
495 if($current_csn != $this->entryCSN && !empty($this->entryCSN) && !empty($current_csn)){
496 $this->entryCSN = $current_csn;
497 $message[] = _("The object has changed since opened in GOsa. All changes that may be done by others get lost if you save this entry!");
498 }
499 }
500 return ($message);
501 }
503 /* Adapt from template, using 'dn' */
504 function adapt_from_template($dn, $skip= array())
505 {
506 /* Include global link_info */
507 $ldap= $this->config->get_ldap_link();
509 /* Load requested 'dn' to 'attrs' */
510 $ldap->cat ($dn);
511 $this->attrs= $ldap->fetch();
513 /* Walk through attributes */
514 foreach ($this->attributes as $val){
516 /* Skip the ones in skip list */
517 if (in_array($val, $skip)){
518 continue;
519 }
521 if (isset($this->attrs["$val"][0])){
523 /* If attribute is set, replace dynamic parts:
524 %sn, %givenName and %uid. Fill these in our local variables. */
525 $value= $this->attrs["$val"][0];
527 foreach (array("sn", "givenName", "uid") as $repl){
528 if (preg_match("/%$repl/i", $value)){
529 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
530 }
531 }
532 $this->$val= $value;
533 }
534 }
536 /* Is Account? */
537 $found= TRUE;
538 foreach ($this->objectclasses as $obj){
539 if (preg_match('/top/i', $obj)){
540 continue;
541 }
542 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
543 $found= FALSE;
544 break;
545 }
546 }
547 if ($found){
548 $this->is_account= TRUE;
549 }
550 }
552 /* Indicate whether a password change is needed or not */
553 function password_change_needed()
554 {
555 return FALSE;
556 }
559 /* Show header message for tab dialogs */
560 function show_enable_header($button_text, $text, $disabled= FALSE)
561 {
562 if (($disabled == TRUE) || (!$this->acl_is_createable())){
563 $state= "disabled";
564 } else {
565 $state= "";
566 }
567 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
568 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
569 "><p class=\"seperator\"> </p></td></tr></table>";
571 return($display);
572 }
575 /* Show header message for tab dialogs */
576 function show_disable_header($button_text, $text, $disabled= FALSE)
577 {
578 if (($disabled == TRUE) || !$this->acl_is_removeable()){
579 $state= "disabled";
580 } else {
581 $state= "";
582 }
583 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
584 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
585 "><p class=\"seperator\"> </p></td></tr></table>";
587 return($display);
588 }
591 /* Show header message for tab dialogs */
592 function show_header($button_text, $text, $disabled= FALSE)
593 {
594 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
595 if ($disabled == TRUE){
596 $state= "disabled";
597 } else {
598 $state= "";
599 }
600 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
601 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
602 ($this->acl_is_createable()?'':'disabled')." ".$state.
603 "><p class=\"seperator\"> </p></td></tr></table>";
605 return($display);
606 }
609 function postcreate($add_attrs= array())
610 {
611 /* Find postcreate entries for this class */
612 $command= $this->config->search(get_class($this), "POSTCREATE",array('menu', 'tabs'));
614 if ($command != ""){
616 /* Walk through attribute list */
617 foreach ($this->attributes as $attr){
618 if (!is_array($this->$attr)){
619 $add_attrs[$attr] = $this->$attr;
620 }
621 }
622 $add_attrs['dn']=$this->dn;
624 $tmp = array();
625 foreach($add_attrs as $name => $value){
626 $tmp[$name] = strlen($name);
627 }
628 arsort($tmp);
630 /* Additional attributes */
631 foreach ($tmp as $name => $len){
632 $value = $add_attrs[$name];
633 $command= preg_replace("/%$name/", "$value", $command);
634 }
636 if (check_command($command)){
637 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
638 $command, "Execute");
639 exec($command,$arr);
640 foreach($arr as $str){
641 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
642 $command, "Result: ".$str);
643 }
644 } else {
645 $message= msgPool::cmdnotfound("POSTCREATE", get_class($this));
646 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
647 }
648 }
649 }
651 function postmodify($add_attrs= array())
652 {
653 /* Find postcreate entries for this class */
654 $command= $this->config->search(get_class($this), "POSTMODIFY",array('menu','tabs'));
656 if ($command != ""){
658 /* Walk through attribute list */
659 foreach ($this->attributes as $attr){
660 if (!is_array($this->$attr)){
661 $add_attrs[$attr] = $this->$attr;
662 }
663 }
664 $add_attrs['dn']=$this->dn;
666 $tmp = array();
667 foreach($add_attrs as $name => $value){
668 $tmp[$name] = strlen($name);
669 }
670 arsort($tmp);
672 /* Additional attributes */
673 foreach ($tmp as $name => $len){
674 $value = $add_attrs[$name];
675 $command= preg_replace("/%$name/", "$value", $command);
676 }
678 if (check_command($command)){
679 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,$command, "Execute");
680 exec($command,$arr);
681 foreach($arr as $str){
682 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
683 $command, "Result: ".$str);
684 }
685 } else {
686 $message= msgPool::cmdnotfound("POSTMODIFY", get_class($this));
687 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
688 }
689 }
690 }
692 function postremove($add_attrs= array())
693 {
694 /* Find postremove entries for this class */
695 $command= $this->config->search(get_class($this), "POSTREMOVE",array('menu','tabs'));
696 if ($command != ""){
698 /* Walk through attribute list */
699 foreach ($this->attributes as $attr){
700 if (!is_array($this->$attr)){
701 $add_attrs[$attr] = $this->$attr;
702 }
703 }
704 $add_attrs['dn']=$this->dn;
706 $tmp = array();
707 foreach($add_attrs as $name => $value){
708 $tmp[$name] = strlen($name);
709 }
710 arsort($tmp);
712 /* Additional attributes */
713 foreach ($tmp as $name => $len){
714 $value = $add_attrs[$name];
715 $command= preg_replace("/%$name/", "$value", $command);
716 }
718 if (check_command($command)){
719 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
720 $command, "Execute");
722 exec($command,$arr);
723 foreach($arr as $str){
724 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
725 $command, "Result: ".$str);
726 }
727 } else {
728 $message= msgPool::cmdnotfound("POSTREMOVE", get_class($this));
729 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
730 }
731 }
732 }
734 /* Create unique DN */
735 function create_unique_dn($attribute, $base)
736 {
737 $ldap= $this->config->get_ldap_link();
738 $base= preg_replace("/^,*/", "", $base);
740 /* Try to use plain entry first */
741 $dn= "$attribute=".$this->$attribute.",$base";
742 $ldap->cat ($dn, array('dn'));
743 if (!$ldap->fetch()){
744 return ($dn);
745 }
747 /* Look for additional attributes */
748 foreach ($this->attributes as $attr){
749 if ($attr == $attribute || $this->$attr == ""){
750 continue;
751 }
753 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
754 $ldap->cat ($dn, array('dn'));
755 if (!$ldap->fetch()){
756 return ($dn);
757 }
758 }
760 /* None found */
761 return ("none");
762 }
764 function rebind($ldap, $referral)
765 {
766 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
767 if (ldap_bind($ldap, $credentials['ADMIN'], $this->config->get_credentials($credentials['PASSWORD']))) {
768 $this->error = "Success";
769 $this->hascon=true;
770 $this->reconnect= true;
771 return (0);
772 } else {
773 $this->error = "Could not bind to " . $credentials['ADMIN'];
774 return NULL;
775 }
776 }
779 /* Recursively copy ldap object */
780 function _copy($src_dn,$dst_dn)
781 {
782 $ldap=$this->config->get_ldap_link();
783 $ldap->cat($src_dn);
784 $attrs= $ldap->fetch();
786 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
787 $ds= ldap_connect($this->config->current['SERVER']);
788 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
789 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
790 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
791 }
793 $r=ldap_bind($ds,$this->config->current['ADMINDN'], $this->config->current['ADMINPASSWORD']);
794 $sr=ldap_read($ds, LDAP::fix($src_dn), "objectClass=*");
796 /* Fill data from LDAP */
797 $new= array();
798 if ($sr) {
799 $ei=ldap_first_entry($ds, $sr);
800 if ($ei) {
801 foreach($attrs as $attr => $val){
802 if ($info = @ldap_get_values_len($ds, $ei, $attr)){
803 for ($i= 0; $i<$info['count']; $i++){
804 if ($info['count'] == 1){
805 $new[$attr]= $info[$i];
806 } else {
807 $new[$attr][]= $info[$i];
808 }
809 }
810 }
811 }
812 }
813 }
815 /* close conncetion */
816 ldap_unbind($ds);
818 /* Adapt naming attribute */
819 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
820 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
821 $new[$dst_name]= LDAP::fix($dst_val);
823 /* Check if this is a department.
824 * If it is a dep. && there is a , override in his ou
825 * change \2C to , again, else this entry can't be saved ...
826 */
827 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
828 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
829 }
831 /* Save copy */
832 $ldap->connect();
833 $ldap->cd($this->config->current['BASE']);
835 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
837 /* FAIvariable=.../..., cn=..
838 could not be saved, because the attribute FAIvariable was different to
839 the dn FAIvariable=..., cn=... */
840 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
841 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
842 }
843 $ldap->cd($dst_dn);
844 $ldap->add($new);
846 if (!$ldap->success()){
847 trigger_error("Trying to save $dst_dn failed.",
848 E_USER_WARNING);
849 return(FALSE);
850 }
851 return(TRUE);
852 }
855 /* This is a workaround function. */
856 function copy($src_dn, $dst_dn)
857 {
858 /* Rename dn in possible object groups */
859 $ldap= $this->config->get_ldap_link();
860 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::prepare4filter($src_dn).'))',
861 array('cn'));
862 while ($attrs= $ldap->fetch()){
863 $og= new ogroup($this->config, $ldap->getDN());
864 unset($og->member[$src_dn]);
865 $og->member[$dst_dn]= $dst_dn;
866 $og->save ();
867 }
869 $ldap->cat($dst_dn);
870 $attrs= $ldap->fetch();
871 if (count($attrs)){
872 trigger_error("Trying to overwrite ".LDAP::fix($dst_dn).", which already exists.",
873 E_USER_WARNING);
874 return (FALSE);
875 }
877 $ldap->cat($src_dn);
878 $attrs= $ldap->fetch();
879 if (!count($attrs)){
880 trigger_error("Trying to move ".LDAP::fix($src_dn).", which does not seem to exist.",
881 E_USER_WARNING);
882 return (FALSE);
883 }
885 $ldap->cd($src_dn);
886 $ldap->search("objectClass=*",array("dn"));
887 while($attrs = $ldap->fetch()){
888 $src = $attrs['dn'];
889 $dst = preg_replace("/".preg_quote($src_dn, '/')."$/",$dst_dn,$attrs['dn']);
890 $this->_copy($src,$dst);
891 }
892 return (TRUE);
893 }
897 /*! \brief Move a given ldap object indentified by $src_dn \
898 to the given destination $dst_dn \
899 * Ensure that all references are updated (ogroups) \
900 * Update ACLs \
901 * Update accessTo \
902 @param String The source dn.
903 @param String The destination dn.
904 @return Boolean TRUE on success else FALSE.
905 */
906 function rename($src_dn, $dst_dn)
907 {
908 $start = microtime(1);
910 /* Try to move the source entry to the destination position */
911 $ldap = $this->config->get_ldap_link();
912 $ldap->cd($this->config->current['BASE']);
913 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$dst_dn));
915 if (!$ldap->rename_dn($src_dn,$dst_dn)){
916 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $src_dn, "", get_class()));
917 return(FALSE);
918 }
920 /* Get list of groups within this tree,
921 maybe we have to update ACL references.
922 */
923 $leaf_groups = get_list("(objectClass=posixGroup)",array("all"),$dst_dn,
924 array("dn","objectClass"),GL_SUBSEARCH | GL_NO_ACL_CHECK);
926 /* Get list of users within this tree,
927 maybe we have to update ACL references.
928 */
929 $leaf_users= get_list("(objectClass=gosaAccount)",array("all"),$dst_dn,
930 array("dn","objectClass"),GL_SUBSEARCH | GL_NO_ACL_CHECK);
933 /* Updated acls set for this groups */
934 foreach($leaf_groups as $group){
935 $new_dn = $group['dn'];
936 $old_dn = preg_replace("/".preg_quote($dst_dn, '/')."$/i",$src_dn,$new_dn);
937 $this->update_acls($old_dn,$new_dn);
938 }
940 /* Updated acls set for this users */
941 foreach($leaf_users as $user){
942 $new_dn = $user['dn'];
943 $old_dn = preg_replace("/".preg_quote($dst_dn, '/')."$/i",$src_dn,$new_dn);
944 $this->update_acls($old_dn,$new_dn);
945 }
947 /* Get all objectGroups defined in this database.
948 and check if there is an entry matching the source dn,
949 if this is the case, then update this objectgroup to use the new dn.
950 */
951 $ogroups = get_sub_list("(&(objectClass=gosaGroupOfNames)(member=*))","ogroups",
952 array(get_ou("ogroupRDN")),$this->config->current['BASE'],array("member"),
953 GL_SUBSEARCH | GL_NO_ACL_CHECK) ;
955 /* Walk through all objectGroups and check if there are
956 members matching the source dn
957 */
958 foreach($ogroups as $ogroup){
959 if(isset($ogroup['member'])){
961 /* Reset class object, this will be initialized with class_ogroup on demand
962 */
963 $o_ogroup = NULL;
964 for($i = 0 ; $i < $ogroup['member']['count'] ; $i ++){
966 $c_mem = $ogroup['member'][$i];
968 if(preg_match("/".preg_quote($src_dn, '/')."$/i",$c_mem)){
970 $d_mem = preg_replace("/".preg_quote($src_dn, '/')."$/i",$dst_dn,$ogroup['member'][$i]);
972 if($o_ogroup == NULL){
973 $o_ogroup = new ogroup($this->config,$ogroup['dn']);
974 }
976 unset($o_ogroup->member[$c_mem]);
977 $o_ogroup->member[$d_mem]= $d_mem;
978 }
979 }
981 /* Save object group if there were changes made on the membership */
982 if($o_ogroup != NULL){
983 $o_ogroup->save();
984 }
985 }
986 }
988 /* Check if there are gosa departments moved.
989 If there were deps moved, the force reload of config->deps.
990 */
991 $leaf_deps= get_list("(objectClass=gosaDepartment)",array("all"),$dst_dn,
992 array("dn","objectClass"),GL_SUBSEARCH | GL_NO_ACL_CHECK);
994 if(count($leaf_deps)){
995 $this->config->get_departments();
996 $this->config->make_idepartments();
997 session::set("config",$this->config);
998 $ui =get_userinfo();
999 $ui->reset_acl_cache();
1000 }
1002 return(TRUE);
1003 }
1007 function move($src_dn, $dst_dn)
1008 {
1009 /* Do not copy if only upper- lowercase has changed */
1010 if(strtolower($src_dn) == strtolower($dst_dn)){
1011 return(TRUE);
1012 }
1015 /* Try to move the entry instead of copy & delete
1016 */
1017 if(TRUE){
1019 /* Try to move with ldap routines, if this was not successfull
1020 fall back to the old style copy & remove method
1021 */
1022 if($this->rename($src_dn, $dst_dn)){
1023 return(TRUE);
1024 }else{
1025 // See code below.
1026 }
1027 }
1029 /* Copy source to destination */
1030 if (!$this->copy($src_dn, $dst_dn)){
1031 return (FALSE);
1032 }
1034 /* Delete source */
1035 $ldap= $this->config->get_ldap_link();
1036 $ldap->rmdir_recursive($src_dn);
1037 if (!$ldap->success()){
1038 trigger_error("Trying to delete $src_dn failed.",
1039 E_USER_WARNING);
1040 return (FALSE);
1041 }
1043 return (TRUE);
1044 }
1047 /* Move/Rename complete trees */
1048 function recursive_move($src_dn, $dst_dn)
1049 {
1050 /* Check if the destination entry exists */
1051 $ldap= $this->config->get_ldap_link();
1053 /* Check if destination exists - abort */
1054 $ldap->cat($dst_dn, array('dn'));
1055 if ($ldap->fetch()){
1056 trigger_error("recursive_move $dst_dn already exists.",
1057 E_USER_WARNING);
1058 return (FALSE);
1059 }
1061 $this->copy($src_dn, $dst_dn);
1063 /* Remove src_dn */
1064 $ldap->cd($src_dn);
1065 $ldap->recursive_remove($src_dn);
1066 return (TRUE);
1067 }
1070 function handle_post_events($mode, $add_attrs= array())
1071 {
1072 switch ($mode){
1073 case "add":
1074 $this->postcreate($add_attrs);
1075 break;
1077 case "modify":
1078 $this->postmodify($add_attrs);
1079 break;
1081 case "remove":
1082 $this->postremove($add_attrs);
1083 break;
1084 }
1085 }
1088 function saveCopyDialog(){
1089 }
1092 function getCopyDialog(){
1093 return(array("string"=>"","status"=>""));
1094 }
1097 function PrepareForCopyPaste($source)
1098 {
1099 $todo = $this->attributes;
1100 if(isset($this->CopyPasteVars)){
1101 $todo = array_merge($todo,$this->CopyPasteVars);
1102 }
1104 if(count($this->objectclasses)){
1105 $this->is_account = TRUE;
1106 foreach($this->objectclasses as $class){
1107 if(!in_array($class,$source['objectClass'])){
1108 $this->is_account = FALSE;
1109 }
1110 }
1111 }
1113 foreach($todo as $var){
1114 if (isset($source[$var])){
1115 if(isset($source[$var]['count'])){
1116 if($source[$var]['count'] > 1){
1117 $this->$var = array();
1118 $tmp = array();
1119 for($i = 0 ; $i < $source[$var]['count']; $i++){
1120 $tmp = $source[$var][$i];
1121 }
1122 $this->$var = $tmp;
1123 }else{
1124 $this->$var = $source[$var][0];
1125 }
1126 }else{
1127 $this->$var= $source[$var];
1128 }
1129 }
1130 }
1131 }
1133 function tag_attrs(&$at, $dn= "", $tag= "", $show= false)
1134 {
1135 /* Skip tagging?
1136 If this is called from departmentGeneric, we have to skip this
1137 tagging procedure.
1138 */
1139 if($this->skipTagging){
1140 return;
1141 }
1143 /* No dn? Self-operation... */
1144 if ($dn == ""){
1145 $dn= $this->dn;
1147 /* No tag? Find it yourself... */
1148 if ($tag == ""){
1149 $len= strlen($dn);
1151 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
1152 $relevant= array();
1153 foreach ($this->config->adepartments as $key => $ntag){
1155 /* This one is bigger than our dn, its not relevant... */
1156 if ($len < strlen($key)){
1157 continue;
1158 }
1160 /* This one matches with the latter part. Break and don't fix this entry */
1161 if (preg_match('/(^|,)'.preg_quote($key, '/').'$/', $dn)){
1162 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
1163 $relevant[strlen($key)]= $ntag;
1164 continue;
1165 }
1167 }
1169 /* If we've some relevant tags to set, just get the longest one */
1170 if (count($relevant)){
1171 ksort($relevant);
1172 $tmp= array_keys($relevant);
1173 $idx= end($tmp);
1174 $tag= $relevant[$idx];
1175 $this->gosaUnitTag= $tag;
1176 }
1177 }
1178 }
1180 /* Remove tags that may already be here... */
1181 remove_objectClass("gosaAdministrativeUnitTag", $at);
1182 if (isset($at['gosaUnitTag'])){
1183 unset($at['gosaUnitTag']);
1184 }
1186 /* Set tag? */
1187 if ($tag != ""){
1188 add_objectClass("gosaAdministrativeUnitTag", $at);
1189 $at['gosaUnitTag']= $tag;
1190 }
1192 /* Initially this object was tagged.
1193 - But now, it is no longer inside a tagged department.
1194 So force the remove of the tag.
1195 (objectClass was already removed obove)
1196 */
1197 if($tag == "" && $this->gosaUnitTag){
1198 $at['gosaUnitTag'] = array();
1199 }
1200 }
1203 /* Add possibility to stop remove process */
1204 function allow_remove()
1205 {
1206 $reason= "";
1207 return $reason;
1208 }
1211 /* Create a snapshot of the current object */
1212 function create_snapshot($type= "snapshot", $description= array())
1213 {
1215 /* Check if snapshot functionality is enabled */
1216 if(!$this->snapshotEnabled()){
1217 return;
1218 }
1220 /* Get configuration from gosa.conf */
1221 $config = $this->config;
1223 /* Create lokal ldap connection */
1224 $ldap= $this->config->get_ldap_link();
1225 $ldap->cd($this->config->current['BASE']);
1227 /* check if there are special server configurations for snapshots */
1228 if($config->get_cfg_value("snapshotURI") == ""){
1230 /* Source and destination server are both the same, just copy source to dest obj */
1231 $ldap_to = $ldap;
1232 $snapldapbase = $this->config->current['BASE'];
1234 }else{
1235 $server = $config->get_cfg_value("snapshotURI");
1236 $user = $config->get_cfg_value("snapshotAdminDn");
1237 $password = $config->get_cfg_value("snapshotAdminPassword");
1238 $snapldapbase = $config->get_cfg_value("snapshotBase");
1240 $ldap_to = new ldapMultiplexer(new LDAP($user,$password, $server));
1241 $ldap_to -> cd($snapldapbase);
1243 if (!$ldap_to->success()){
1244 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap_to->get_error(), $snapldapbase, "", get_class()));
1245 }
1247 }
1249 /* check if the dn exists */
1250 if ($ldap->dn_exists($this->dn)){
1252 /* Extract seconds & mysecs, they are used as entry index */
1253 list($usec, $sec)= explode(" ", microtime());
1255 /* Collect some infos */
1256 $base = $this->config->current['BASE'];
1257 $snap_base = $config->get_cfg_value("snapshotBase");
1258 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1259 $new_base = preg_replace("/".preg_quote($base, '/')."$/","",$base_of_object).$snap_base;
1261 /* Create object */
1262 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1263 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1264 $newName = preg_replace("/\./", "", $sec."-".$usec);
1265 $target= array();
1266 $target['objectClass'] = array("top", "gosaSnapshotObject");
1267 $target['gosaSnapshotData'] = gzcompress($data, 6);
1268 $target['gosaSnapshotType'] = $type;
1269 $target['gosaSnapshotDN'] = $this->dn;
1270 $target['description'] = $description;
1271 $target['gosaSnapshotTimestamp'] = $newName;
1273 /* Insert the new snapshot
1274 But we have to check first, if the given gosaSnapshotTimestamp
1275 is already used, in this case we should increment this value till there is
1276 an unused value. */
1277 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1278 $ldap_to->cat($new_dn);
1279 while($ldap_to->count()){
1280 $ldap_to->cat($new_dn);
1281 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1282 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1283 $target['gosaSnapshotTimestamp'] = $newName;
1284 }
1286 /* Inset this new snapshot */
1287 $ldap_to->cd($snapldapbase);
1288 $ldap_to->create_missing_trees($snapldapbase);
1289 $ldap_to->create_missing_trees($new_base);
1290 $ldap_to->cd($new_dn);
1291 $ldap_to->add($target);
1292 if (!$ldap_to->success()){
1293 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap_to->get_error(), $new_dn, LDAP_ADD, get_class()));
1294 }
1296 if (!$ldap->success()){
1297 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $new_base, "", get_class()));
1298 }
1300 }
1301 }
1303 function remove_snapshot($dn)
1304 {
1305 $ui = get_userinfo();
1306 $old_dn = $this->dn;
1307 $this->dn = $dn;
1308 $ldap = $this->config->get_ldap_link();
1309 $ldap->cd($this->config->current['BASE']);
1310 $ldap->rmdir_recursive($dn);
1311 $this->dn = $old_dn;
1312 }
1315 /* returns true if snapshots are enabled, and false if it is disalbed
1316 There will also be some errors psoted, if the configuration failed */
1317 function snapshotEnabled()
1318 {
1319 $config = $this->config;
1320 if($config->get_cfg_value("enableSnapshots") == "true"){
1321 /* Check if the snapshot_base is defined */
1322 if ($config->get_cfg_value("snapshotBase") == ""){
1323 msg_dialog::display(_("Configuration error"), sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not set."),"snapshotBase"), ERROR_DIALOG);
1324 return(FALSE);
1325 }
1327 /* check if there are special server configurations for snapshots */
1328 if ($config->get_cfg_value("snapshotURI") != ""){
1330 /* check if all required vars are available to create a new ldap connection */
1331 $missing = "";
1332 foreach(array("snapshotURI","snapshotAdminDn","snapshotAdminPassword","snapshotBase") as $var){
1333 if($config->get_cfg_value($var) == ""){
1334 $missing .= $var." ";
1335 msg_dialog::display(_("Configuration error"), sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not set."), $missing), ERROR_DIALOG);
1336 return(FALSE);
1337 }
1338 }
1339 }
1340 return(TRUE);
1341 }
1342 return(FALSE);
1343 }
1346 /* Return available snapshots for the given base
1347 */
1348 function Available_SnapsShots($dn,$raw = false)
1349 {
1350 if(!$this->snapshotEnabled()) return(array());
1352 /* Create an additional ldap object which
1353 points to our ldap snapshot server */
1354 $ldap= $this->config->get_ldap_link();
1355 $ldap->cd($this->config->current['BASE']);
1356 $cfg= &$this->config->current;
1358 /* check if there are special server configurations for snapshots */
1359 if($this->config->get_cfg_value("snapshotURI") == ""){
1360 $ldap_to = $ldap;
1361 }else{
1362 $server = $this->config->get_cfg_value("snapshotURI");
1363 $user = $this->config->get_cfg_value("snapshotAdminDn");
1364 $password = $this->config->get_cfg_value("snapshotAdminPassword");
1365 $snapldapbase = $this->config->get_cfg_value("snapshotBase");
1366 $ldap_to = new ldapMultiplexer(new LDAP($user,$password, $server));
1367 $ldap_to -> cd($snapldapbase);
1368 if (!$ldap_to->success()){
1369 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap_to->get_error(), $snapldapbase, "", get_class()));
1370 }
1371 }
1373 /* Prepare bases and some other infos */
1374 $base = $this->config->current['BASE'];
1375 $snap_base = $this->config->get_cfg_value("snapshotBase");
1376 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1377 $new_base = preg_replace("/".preg_quote($base, '/')."$/","",$base_of_object).$snap_base;
1378 $tmp = array();
1380 /* Fetch all objects with gosaSnapshotDN=$dn */
1381 $ldap_to->cd($new_base);
1382 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1383 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1385 /* Put results into a list and add description if missing */
1386 while($entry = $ldap_to->fetch()){
1387 if(!isset($entry['description'][0])){
1388 $entry['description'][0] = "";
1389 }
1390 $tmp[] = $entry;
1391 }
1393 /* Return the raw array, or format the result */
1394 if($raw){
1395 return($tmp);
1396 }else{
1397 $tmp2 = array();
1398 foreach($tmp as $entry){
1399 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1400 }
1401 }
1402 return($tmp2);
1403 }
1406 function getAllDeletedSnapshots($base_of_object,$raw = false)
1407 {
1408 if(!$this->snapshotEnabled()) return(array());
1410 /* Create an additional ldap object which
1411 points to our ldap snapshot server */
1412 $ldap= $this->config->get_ldap_link();
1413 $ldap->cd($this->config->current['BASE']);
1414 $cfg= &$this->config->current;
1416 /* check if there are special server configurations for snapshots */
1417 if($this->config->get_cfg_value("snapshotURI") == ""){
1418 $ldap_to = $ldap;
1419 }else{
1420 $server = $this->config->get_cfg_value("snapshotURI");
1421 $user = $this->config->get_cfg_value("snapshotAdminDn");
1422 $password = $this->config->get_cfg_value("snapshotAdminPassword");
1423 $snapldapbase = $this->config->get_cfg_value("snapshotBase");
1424 $ldap_to = new ldapMultiplexer(new LDAP($user,$password, $server));
1425 $ldap_to -> cd($snapldapbase);
1426 if (!$ldap_to->success()){
1427 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap_to->get_error(), $snapldapbase, "", get_class()));
1428 }
1429 }
1431 /* Prepare bases */
1432 $base = $this->config->current['BASE'];
1433 $snap_base = $this->config->get_cfg_value("snapshotBase");
1434 $new_base = preg_replace("/".preg_quote($base, '/')."$/","",$base_of_object).$snap_base;
1436 /* Fetch all objects and check if they do not exist anymore */
1437 $ui = get_userinfo();
1438 $tmp = array();
1439 $ldap_to->cd($new_base);
1440 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1441 while($entry = $ldap_to->fetch()){
1443 $chk = str_replace($new_base,"",$entry['dn']);
1444 if(preg_match("/,ou=/",$chk)) continue;
1446 if(!isset($entry['description'][0])){
1447 $entry['description'][0] = "";
1448 }
1449 $tmp[] = $entry;
1450 }
1452 /* Check if entry still exists */
1453 foreach($tmp as $key => $entry){
1454 $ldap->cat($entry['gosaSnapshotDN'][0]);
1455 if($ldap->count()){
1456 unset($tmp[$key]);
1457 }
1458 }
1460 /* Format result as requested */
1461 if($raw) {
1462 return($tmp);
1463 }else{
1464 $tmp2 = array();
1465 foreach($tmp as $key => $entry){
1466 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1467 }
1468 }
1469 return($tmp2);
1470 }
1473 /* Restore selected snapshot */
1474 function restore_snapshot($dn)
1475 {
1476 if(!$this->snapshotEnabled()) return(array());
1478 $ldap= $this->config->get_ldap_link();
1479 $ldap->cd($this->config->current['BASE']);
1480 $cfg= &$this->config->current;
1482 /* check if there are special server configurations for snapshots */
1483 if($this->config->get_cfg_value("snapshotURI") == ""){
1484 $ldap_to = $ldap;
1485 }else{
1486 $server = $this->config->get_cfg_value("snapshotURI");
1487 $user = $this->config->get_cfg_value("snapshotAdminDn");
1488 $password = $this->config->get_cfg_value("snapshotAdminPassword");
1489 $snapldapbase = $this->config->get_cfg_value("snapshotBase");
1490 $ldap_to = new ldapMultiplexer(new LDAP($user,$password, $server));
1491 $ldap_to -> cd($snapldapbase);
1492 if (!$ldap_to->success()){
1493 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap_to->get_error(), $snapldapbase, "", get_class()));
1494 }
1495 }
1497 /* Get the snapshot */
1498 $ldap_to->cat($dn);
1499 $restoreObject = $ldap_to->fetch();
1501 /* Prepare import string */
1502 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1504 /* Import the given data */
1505 $err = "";
1506 $ldap->import_complete_ldif($data,$err,false,false);
1507 if (!$ldap->success()){
1508 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, "", get_class()));
1509 }
1510 }
1513 function showSnapshotDialog($base,$baseSuffixe,&$parent)
1514 {
1515 $once = true;
1516 $ui = get_userinfo();
1517 $this->parent = $parent;
1519 foreach($_POST as $name => $value){
1521 /* Create a new snapshot, display a dialog */
1522 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1523 $once = false;
1524 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1525 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1527 if(!empty($entry) && $ui->allow_snapshot_create($entry,$this->parent->acl_module)){
1528 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1529 }else{
1530 msg_dialog::display(_("Permission"),sprintf(_("You are not allowed to create a snapshot for %s."),$entry),ERROR_DIALOG);
1531 }
1532 }
1534 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1535 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1536 $once = false;
1537 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1538 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1539 if(!empty($entry) && $ui->allow_snapshot_restore($entry,$this->parent->acl_module)){
1540 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1541 $this->snapDialog->display_restore_dialog = true;
1542 }else{
1543 msg_dialog::display(_("Permission"),sprintf(_("You are not allowed to restore a snapshot for %s."),$entry),ERROR_DIALOG);
1544 }
1545 }
1547 /* Restore one of the already deleted objects */
1548 if(((isset($_POST['menu_action']) && $_POST['menu_action'] == "RestoreDeletedSnapShot")
1549 || preg_match("/^RestoreDeletedSnapShot_/",$name)) && $once){
1550 $once = false;
1552 if($ui->allow_snapshot_restore($base,$this->parent->acl_module)){
1553 $this->snapDialog = new SnapShotDialog($this->config,"",$this);
1554 $this->snapDialog->set_snapshot_bases($baseSuffixe);
1555 $this->snapDialog->display_restore_dialog = true;
1556 $this->snapDialog->display_all_removed_objects = true;
1557 }else{
1558 msg_dialog::display(_("Permission"),sprintf(_("You are not allowed to restore a snapshot for %s."),$base),ERROR_DIALOG);
1559 }
1560 }
1562 /* Restore selected snapshot */
1563 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1564 $once = false;
1565 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1566 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1567 if(!empty($entry) && $ui->allow_snapshot_restore($entry,$this->parent->acl_module)){
1568 $this->restore_snapshot($entry);
1569 $this->snapDialog = NULL;
1570 }else{
1571 msg_dialog::display(_("Permission"),sprintf(_("You are not allowed to restore a snapshot for %s."),$entry),ERROR_DIALOG);
1572 }
1573 }
1574 }
1576 /* Create a new snapshot requested, check
1577 the given attributes and create the snapshot*/
1578 if(isset($_POST['CreateSnapshot']) && is_object($this->snapDialog)){
1579 $this->snapDialog->save_object();
1580 $msgs = $this->snapDialog->check();
1581 if(count($msgs)){
1582 foreach($msgs as $msg){
1583 msg_dialog::display(_("Error"), $msg, ERROR_DIALOG);
1584 }
1585 }else{
1586 $this->dn = $this->snapDialog->dn;
1587 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1588 $this->snapDialog = NULL;
1589 }
1590 }
1592 /* Restore is requested, restore the object with the posted dn .*/
1593 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1594 }
1596 if(isset($_POST['CancelSnapshot'])){
1597 $this->snapDialog = NULL;
1598 }
1600 if(is_object($this->snapDialog )){
1601 $this->snapDialog->save_object();
1602 return($this->snapDialog->execute());
1603 }
1604 }
1607 static function plInfo()
1608 {
1609 return array();
1610 }
1613 function set_acl_base($base)
1614 {
1615 $this->acl_base= $base;
1616 }
1619 function set_acl_category($category)
1620 {
1621 $this->acl_category= "$category/";
1622 }
1625 function acl_is_writeable($attribute,$skip_write = FALSE)
1626 {
1627 $ui= get_userinfo();
1628 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1629 }
1632 function acl_is_readable($attribute)
1633 {
1634 $ui= get_userinfo();
1635 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1636 }
1639 function acl_is_createable($base ="")
1640 {
1641 $ui= get_userinfo();
1642 if($base == "") $base = $this->acl_base;
1643 return preg_match('/c/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
1644 }
1647 function acl_is_removeable($base ="")
1648 {
1649 $ui= get_userinfo();
1650 if($base == "") $base = $this->acl_base;
1651 return preg_match('/d/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
1652 }
1655 function acl_is_moveable($base = "")
1656 {
1657 $ui= get_userinfo();
1658 if($base == "") $base = $this->acl_base;
1659 return preg_match('/m/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
1660 }
1663 function acl_have_any_permissions()
1664 {
1665 }
1668 function getacl($attribute,$skip_write= FALSE)
1669 {
1670 $ui= get_userinfo();
1671 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1672 }
1675 /*! \brief Returns a list of all available departments for this object.
1676 If this object is new, all departments we are allowed to create a new user in are returned.
1677 If this is an existing object, return all deps. we are allowed to move tis object too.
1679 @return Array [dn] => "..name" // All deps. we are allowed to act on.
1680 */
1681 function get_allowed_bases()
1682 {
1683 $ui = get_userinfo();
1684 $deps = array();
1686 /* Is this a new object ? Or just an edited existing object */
1687 if(!$this->initially_was_account && $this->is_account){
1688 $new = true;
1689 }else{
1690 $new = false;
1691 }
1693 foreach($this->config->idepartments as $dn => $name){
1694 if($new && $this->acl_is_createable($dn)){
1695 $deps[$dn] = $name;
1696 }elseif(!$new && $this->acl_is_moveable($dn)){
1697 $deps[$dn] = $name;
1698 }
1699 }
1701 /* Add current base */
1702 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1703 $deps[$this->base] = $this->config->idepartments[$this->base];
1704 }elseif(strtolower($this->dn) == strtolower($this->config->current['BASE'])){
1706 }else{
1707 trigger_error("Cannot return list of departments, no default base found in class ".get_class($this).". ".$this->base);
1708 }
1709 return($deps);
1710 }
1713 /* This function modifies object acls too, if an object is moved.
1714 * $old_dn specifies the actually used dn
1715 * $new_dn specifies the destiantion dn
1716 */
1717 function update_acls($old_dn,$new_dn,$output_changes = FALSE)
1718 {
1719 /* Check if old_dn is empty. This should never happen */
1720 if(empty($old_dn) || empty($new_dn)){
1721 trigger_error("Failed to check acl dependencies, wrong dn given.");
1722 return;
1723 }
1725 /* Update userinfo if necessary */
1726 $ui = session::get('ui');
1727 if($ui->dn == $old_dn){
1728 $ui->dn = $new_dn;
1729 session::set('ui',$ui);
1730 new log("view","acl/".get_class($this),$this->dn,array(),"Updated current user dn from '".$old_dn."' to '".$new_dn."'");
1731 }
1733 /* Object was moved, ensure that all acls will be moved too */
1734 if($new_dn != $old_dn && $old_dn != "new"){
1736 /* get_ldap configuration */
1737 $update = array();
1738 $ldap = $this->config->get_ldap_link();
1739 $ldap->cd ($this->config->current['BASE']);
1740 $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry"));
1741 while($attrs = $ldap->fetch()){
1743 $acls = array();
1745 /* Reset vars */
1746 $found = false;
1748 /* Walk through acls */
1749 for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){
1751 /* Get Acl parts */
1752 $acl_parts = split(":",$attrs['gosaAclEntry'][$i]);
1754 /* Get every single member for this acl */
1755 $members = array();
1756 if(preg_match("/,/",$acl_parts[2])){
1757 $members = split(",",$acl_parts[2]);
1758 }else{
1759 $members = array($acl_parts[2]);
1760 }
1762 /* Check if member match current dn */
1763 foreach($members as $key => $member){
1764 $member = base64_decode($member);
1765 if($member == $old_dn){
1766 $found = true;
1767 $members[$key] = base64_encode($new_dn);
1768 }
1769 }
1771 /* Create new member string */
1772 $new_members = "";
1773 foreach($members as $member){
1774 $new_members .= $member.",";
1775 }
1776 $new_members = preg_replace("/,$/","",$new_members);
1777 $acl_parts[2] = $new_members;
1779 /* Reconstruckt acl entry */
1780 $acl_str ="";
1781 foreach($acl_parts as $t){
1782 $acl_str .= $t.":";
1783 }
1784 $acl_str = preg_replace("/:$/","",$acl_str);
1785 $acls[] = $acl_str;
1786 }
1788 /* Acls for this object must be adjusted */
1789 if($found){
1791 $debug_info= _("Changing ACL dn")." : <br> -"._("from")." <b> ".
1792 $old_dn."</b><br> -"._("to")." <b>".$new_dn."</b><br>";
1793 @DEBUG (DEBUG_ACL, __LINE__, __FUNCTION__, __FILE__,$debug_info,"ACL");
1795 $update[$attrs['dn']] =array();
1796 foreach($acls as $acl){
1797 $update[$attrs['dn']]['gosaAclEntry'][] = $acl;
1798 }
1799 }
1800 }
1802 /* Write updated acls */
1803 foreach($update as $dn => $attrs){
1804 $ldap->cd($dn);
1805 $ldap->modify($attrs);
1806 }
1807 }
1808 }
1812 /* This function enables the entry Serial ID check.
1813 * If an entry was edited while we have edited the entry too,
1814 * an error message will be shown.
1815 * To configure this check correctly read the FAQ.
1816 */
1817 function enable_CSN_check()
1818 {
1819 $this->CSN_check_active =TRUE;
1820 $this->entryCSN = getEntryCSN($this->dn);
1821 }
1824 /*! \brief Prepares the plugin to be used for multiple edit
1825 * Update plugin attributes with given array of attribtues.
1826 * @param array Array with attributes that must be updated.
1827 */
1828 function init_multiple_support($attrs,$all)
1829 {
1830 $ldap= $this->config->get_ldap_link();
1831 $this->multi_attrs = $attrs;
1832 $this->multi_attrs_all= $all;
1834 /* Copy needed attributes */
1835 foreach ($this->attributes as $val){
1836 $found= array_key_ics($val, $this->multi_attrs);
1837 if ($found != ""){
1838 if(isset($this->multi_attrs["$found"][0])){
1839 $this->$val= $this->multi_attrs["$found"][0];
1840 }
1841 }
1842 }
1843 }
1846 /*! \brief Enables multiple support for this plugin
1847 */
1848 function enable_multiple_support()
1849 {
1850 $this->ignore_account = TRUE;
1851 $this->multiple_support_active = TRUE;
1852 }
1855 /*! \brief Returns all values that have been modfied in multiple edit mode.
1856 @return array Cotaining all mdofied values.
1857 */
1858 function get_multi_edit_values()
1859 {
1860 $ret = array();
1861 foreach($this->attributes as $attr){
1862 if(in_array($attr,$this->multi_boxes)){
1863 $ret[$attr] = $this->$attr;
1864 }
1865 }
1866 return($ret);
1867 }
1870 /*! \brief Update class variables with values collected by multiple edit.
1871 */
1872 function set_multi_edit_values($attrs)
1873 {
1874 foreach($attrs as $name => $value){
1875 $this->$name = $value;
1876 }
1877 }
1880 /*! \brief execute plugin
1882 Generates the html output for this node
1883 */
1884 function multiple_execute()
1885 {
1886 /* This one is empty currently. Fabian - please fill in the docu code */
1887 session::set('current_class_for_help',get_class($this));
1889 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
1890 session::set('LOCK_VARS_TO_USE',array());
1891 session::set('LOCK_VARS_USED',array());
1893 return("Multiple edit is currently not implemented for this plugin.");
1894 }
1897 /*! \brief Save HTML posted data to object for multiple edit
1898 */
1899 function multiple_save_object()
1900 {
1901 if(empty($this->entryCSN) && $this->CSN_check_active){
1902 $this->entryCSN = getEntryCSN($this->dn);
1903 }
1905 /* Save values to object */
1906 $this->multi_boxes = array();
1907 foreach ($this->attributes as $val){
1909 /* Get selected checkboxes from multiple edit */
1910 if(isset($_POST["use_".$val])){
1911 $this->multi_boxes[] = $val;
1912 }
1914 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
1916 /* Check for modifications */
1917 if (get_magic_quotes_gpc()) {
1918 $data= stripcslashes($_POST["$val"]);
1919 } else {
1920 $data= $this->$val = $_POST["$val"];
1921 }
1922 if ($this->$val != $data){
1923 $this->is_modified= TRUE;
1924 }
1926 /* IE post fix */
1927 if(isset($data[0]) && $data[0] == chr(194)) {
1928 $data = "";
1929 }
1930 $this->$val= $data;
1931 }
1932 }
1933 }
1936 /*! \brief Returns all attributes of this plugin,
1937 to be able to detect multiple used attributes
1938 in multi_plugg::detect_multiple_used_attributes().
1939 @return array Attributes required for intialization of multi_plug
1940 */
1941 public function get_multi_init_values()
1942 {
1943 $attrs = $this->attrs;
1944 return($attrs);
1945 }
1948 /*! \brief Check given values in multiple edit
1949 @return array Error messages
1950 */
1951 function multiple_check()
1952 {
1953 $message = plugin::check();
1954 return($message);
1955 }
1958 /*! \brief Returns the snapshot header part for "Actions" menu in management dialogs
1959 @param $layer_menu
1960 */
1961 function get_snapshot_header($base,$category)
1962 {
1963 $str = "";
1964 $ui = get_userinfo();
1965 if($this->snapshotEnabled() && $ui->allow_snapshot_restore($base,$category)){
1967 $ok = false;
1968 foreach($this->get_used_snapshot_bases() as $base){
1969 $ok |= count($this->getAllDeletedSnapshots($base)) >= 1 ;
1970 }
1972 if($ok){
1973 $str = "..|<img class='center' src='images/lists/restore.png' ".
1974 "alt='"._("Restore")."'> "._("Restore"). "|RestoreDeletedSnapShot|\n";
1975 }else{
1976 $str = "..|<img class='center' src='images/lists/restore_grey.png' alt=''> "._("Restore")."||\n";
1977 }
1978 }
1979 return($str);
1980 }
1983 function get_snapshot_action($base,$category)
1984 {
1985 $str= "";
1986 $ui = get_userinfo();
1987 if($this->snapshotEnabled()){
1988 if ($ui->allow_snapshot_restore($base,$category)){
1990 if(count($this->Available_SnapsShots($base))){
1991 $str.= "<input class='center' type='image' src='images/lists/restore.png'
1992 alt='"._("Restore snapshot")."' name='RestoreSnapShotDialog_".base64_encode($base)."' title='"._("Restore snapshot")."'> ";
1993 } else {
1994 $str = "<img class='center' src='images/lists/restore_grey.png' alt=''> ";
1995 }
1996 }
1997 if($ui->allow_snapshot_create($base,$category)){
1998 $str.= "<input class='center' type='image' src='images/snapshot.png'
1999 alt='"._("Create snapshot")."' name='CreateSnapShotDialog_".base64_encode($base)."'
2000 title='"._("Create a new snapshot from this object")."'> ";
2001 }else{
2002 $str = "<img class='center' src='images/empty.png' alt=' '> ";
2003 }
2004 }
2006 return($str);
2007 }
2010 function get_copypaste_action($base,$category,$class,$copy = TRUE, $cut = TRUE)
2011 {
2012 $ui = get_userinfo();
2013 $action = "";
2014 if($this->CopyPasteHandler){
2015 if($cut){
2016 if($ui->is_cutable($base,$category,$class)){
2017 $action .= "<input class='center' type='image'
2018 src='images/lists/cut.png' alt='"._("cut")."' name='cut_%KEY%' title='"._("Cut this entry")."'> ";
2019 }else{
2020 $action.="<img src='images/empty.png' alt=' ' class='center'> ";
2021 }
2022 }
2023 if($copy){
2024 if($ui->is_copyable($base,$category,$class)){
2025 $action.= "<input class='center' type='image'
2026 src='images/lists/copy.png' alt='"._("copy")."' name='copy_%KEY%' title='"._("Copy this entry")."'> ";
2027 }else{
2028 $action.="<img src='images/empty.png' alt=' ' class='center'> ";
2029 }
2030 }
2031 }
2033 return($action);
2034 }
2037 function get_copypaste_header($base,$category,$copy = TRUE, $cut = TRUE)
2038 {
2039 $s = "";
2040 $ui =get_userinfo();
2042 if(!is_array($category)){
2043 $category = array($category);
2044 }
2046 /* Check permissions for each category, if there is at least one category which
2047 support read or paste permissions for the given base, then display the specific actions.
2048 */
2049 $readable = $pasteable = TRUE;
2050 foreach($category as $cat){
2051 $readable |= $ui->get_category_permissions($base,$cat);
2052 $pasteable|= $ui->is_pasteable($base,$cat);
2053 }
2055 if(($cut || $copy) && isset($this->CopyPasteHandler) && is_object($this->CopyPasteHandler)){
2056 if($readable){
2057 $s.= "..|---|\n";
2058 if($copy){
2059 $s.= "..|<img src='images/lists/copy.png' alt='' border='0' class='center'>".
2060 " "._("Copy")."|"."multiple_copy_systems|\n";
2061 }
2062 if($cut){
2063 $s.= "..|<img src='images/lists/cut.png' alt='' border='0' class='center'>".
2064 " "._("Cut")."|"."multiple_cut_systems|\n";
2065 }
2066 }
2068 if($pasteable){
2069 if($this->CopyPasteHandler->entries_queued()){
2070 $img = "<img border='0' class='center' src='images/lists/paste.png' alt=''>";
2071 $s.="..|".$img." "._("Paste")."|editPaste|\n";
2072 }else{
2073 $img = "<img border='0' class='center' src='images/lists/paste-grey.png' alt=''>";
2074 $s.="..|".$img." "._("Paste")."\n";
2075 }
2076 }
2077 }
2078 return($s);
2079 }
2082 function get_used_snapshot_bases()
2083 {
2084 return(array());
2085 }
2086 }
2088 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
2089 ?>