1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /*! \brief The plugin base class
22 \author Cajus Pollmeier <pollmeier@gonicus.de>
23 \version 2.00
24 \date 24.07.2003
26 This is the base class for all plugins. It can be used standalone or
27 can be included by the tabs class. All management should be done
28 within this class. Extend your plugins from this class.
29 */
31 class plugin
32 {
33 /*!
34 \brief Reference to parent object
36 This variable is used when the plugin is included in tabs
37 and keeps reference to the tab class. Communication to other
38 tabs is possible by 'name'. So the 'fax' plugin can ask the
39 'userinfo' plugin for the fax number.
41 \sa tab
42 */
43 var $parent= NULL;
45 /*!
46 \brief Configuration container
48 Access to global configuration
49 */
50 var $config= NULL;
52 /*!
53 \brief Mark plugin as account
55 Defines whether this plugin is defined as an account or not.
56 This has consequences for the plugin to be saved from tab
57 mode. If it is set to 'FALSE' the tab will call the delete
58 function, else the save function. Should be set to 'TRUE' if
59 the construtor detects a valid LDAP object.
61 \sa plugin::plugin()
62 */
63 var $is_account= FALSE;
64 var $initially_was_account= FALSE;
66 /*!
67 \brief Mark plugin as template
69 Defines whether we are creating a template or a normal object.
70 Has conseqences on the way execute() shows the formular and how
71 save() puts the data to LDAP.
73 \sa plugin::save() plugin::execute()
74 */
75 var $is_template= FALSE;
76 var $ignore_account= FALSE;
77 var $is_modified= FALSE;
79 /*!
80 \brief Represent temporary LDAP data
82 This is only used internally.
83 */
84 var $attrs= array();
86 /* Keep set of conflicting plugins */
87 var $conflicts= array();
89 /* Save unit tags */
90 var $gosaUnitTag= "";
92 /*!
93 \brief Used standard values
95 dn
96 */
97 var $dn= "";
98 var $uid= "";
99 var $sn= "";
100 var $givenName= "";
101 var $acl= "*none*";
102 var $dialog= FALSE;
103 var $snapDialog = NULL;
105 /* attribute list for save action */
106 var $attributes= array();
107 var $objectclasses= array();
108 var $is_new= TRUE;
109 var $saved_attributes= array();
111 var $acl_base= "";
112 var $acl_category= "";
114 /* This can be set to render the tabulators in another stylesheet */
115 var $pl_notify= FALSE;
117 /* Object entry CSN */
118 var $entryCSN = "";
119 var $CSN_check_active = FALSE;
121 /* This variable indicates that this class can handle multiple dns at once. */
122 var $multiple_support = FALSE;
123 var $multi_attrs = array();
124 var $multi_attrs_all = array();
126 /* This aviable indicates, that we are currently in multiple edit handle */
127 var $multiple_support_active = FALSE;
128 var $selected_edit_values = array();
129 var $multi_boxes = array();
131 /*! \brief plugin constructor
133 If 'dn' is set, the node loads the given 'dn' from LDAP
135 \param dn Distinguished name to initialize plugin from
136 \sa plugin()
137 */
138 function plugin (&$config, $dn= NULL, $parent= NULL)
139 {
140 /* Configuration is fine, allways */
141 $this->config= &$config;
142 $this->dn= $dn;
144 /* Handle new accounts, don't read information from LDAP */
145 if ($dn == "new"){
146 return;
147 }
149 /* Save current dn as acl_base */
150 $this->acl_base= $dn;
152 /* Get LDAP descriptor */
153 $ldap= $this->config->get_ldap_link();
154 if ($dn !== NULL){
156 /* Load data to 'attrs' and save 'dn' */
157 if ($parent !== NULL){
158 $this->attrs= $parent->attrs;
159 } else {
160 $ldap->cat ($dn);
161 $this->attrs= $ldap->fetch();
162 }
164 /* Copy needed attributes */
165 foreach ($this->attributes as $val){
166 $found= array_key_ics($val, $this->attrs);
167 if ($found != ""){
168 $this->$val= $this->attrs["$found"][0];
169 }
170 }
172 /* gosaUnitTag loading... */
173 if (isset($this->attrs['gosaUnitTag'][0])){
174 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
175 }
177 /* Set the template flag according to the existence of objectClass
178 gosaUserTemplate */
179 if (isset($this->attrs['objectClass'])){
180 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
181 $this->is_template= TRUE;
182 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
183 "found", "Template check");
184 }
185 }
187 /* Is Account? */
188 $found= TRUE;
189 foreach ($this->objectclasses as $obj){
190 if (preg_match('/top/i', $obj)){
191 continue;
192 }
193 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
194 $found= FALSE;
195 break;
196 }
197 }
198 if ($found){
199 $this->is_account= TRUE;
200 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
201 "found", "Object check");
202 }
204 /* Prepare saved attributes */
205 $this->saved_attributes= $this->attrs;
206 foreach ($this->saved_attributes as $index => $value){
207 if (preg_match('/^[0-9]+$/', $index)){
208 unset($this->saved_attributes[$index]);
209 continue;
210 }
211 if (!in_array($index, $this->attributes) && $index != "objectClass"){
212 unset($this->saved_attributes[$index]);
213 continue;
214 }
215 if (isset($this->saved_attributes[$index][0]) || $this->saved_attributes[$index]["count"] == 1){
216 $tmp= $this->saved_attributes[$index][0];
217 unset($this->saved_attributes[$index]);
218 $this->saved_attributes[$index]= $tmp;
219 continue;
220 }
222 unset($this->saved_attributes["$index"]["count"]);
223 }
224 }
226 /* Save initial account state */
227 $this->initially_was_account= $this->is_account;
228 }
231 /*! \brief execute plugin
233 Generates the html output for this node
234 */
235 function execute()
236 {
237 /* This one is empty currently. Fabian - please fill in the docu code */
238 session::set('current_class_for_help',get_class($this));
240 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
241 session::set('LOCK_VARS_TO_USE',array());
242 session::set('LOCK_VARS_USED',array());
243 }
245 /*! \brief execute plugin
246 Removes object from parent
247 */
248 function remove_from_parent()
249 {
250 /* include global link_info */
251 $ldap= $this->config->get_ldap_link();
253 /* Get current objectClasses in order to add the required ones */
254 $ldap->cat($this->dn);
255 $tmp= $ldap->fetch ();
256 $oc= array();
257 if (isset($tmp['objectClass'])){
258 $oc= $tmp['objectClass'];
259 unset($oc['count']);
260 }
262 /* Remove objectClasses from entry */
263 $ldap->cd($this->dn);
264 $this->attrs= array();
265 $this->attrs['objectClass']= array_remove_entries($this->objectclasses,$oc);
267 /* Unset attributes from entry */
268 foreach ($this->attributes as $val){
269 $this->attrs["$val"]= array();
270 }
272 /* Unset account info */
273 $this->is_account= FALSE;
275 /* Do not write in plugin base class, this must be done by
276 children, since there are normally additional attribs,
277 lists, etc. */
278 /*
279 $ldap->modify($this->attrs);
280 */
281 }
284 /*! \brief Save HTML posted data to object
285 */
286 function save_object()
287 {
288 /* Update entry CSN if it is empty. */
289 if(empty($this->entryCSN) && $this->CSN_check_active){
290 $this->entryCSN = getEntryCSN($this->dn);
291 }
293 /* Save values to object */
294 foreach ($this->attributes as $val){
295 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
296 /* Check for modifications */
297 if (get_magic_quotes_gpc()) {
298 $data= stripcslashes($_POST["$val"]);
299 } else {
300 $data= $this->$val = $_POST["$val"];
301 }
302 if ($this->$val != $data){
303 $this->is_modified= TRUE;
304 }
306 /* Okay, how can I explain this fix ...
307 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
308 * So IE posts these 'unselectable' option, with value = chr(194)
309 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
310 * This was added for W3c compliance, but now causes these ... ldap errors ...
311 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
312 */
313 if(isset($data[0]) && $data[0] == chr(194)) {
314 $data = "";
315 }
316 $this->$val= $data;
317 }
318 }
319 }
322 /* Save data to LDAP, depending on is_account we save or delete */
323 function save()
324 {
325 /* include global link_info */
326 $ldap= $this->config->get_ldap_link();
328 /* Save all plugins */
329 $this->entryCSN = "";
331 /* Start with empty array */
332 $this->attrs= array();
334 /* Get current objectClasses in order to add the required ones */
335 $ldap->cat($this->dn);
337 $tmp= $ldap->fetch ();
339 $oc= array();
340 if (isset($tmp['objectClass'])){
341 $oc= $tmp["objectClass"];
342 $this->is_new= FALSE;
343 unset($oc['count']);
344 } else {
345 $this->is_new= TRUE;
346 }
348 /* Load (minimum) attributes, add missing ones */
349 $this->attrs['objectClass']= gosa_array_merge($oc,$this->objectclasses);
351 /* Copy standard attributes */
352 foreach ($this->attributes as $val){
353 if ($this->$val != ""){
354 $this->attrs["$val"]= $this->$val;
355 } elseif (!$this->is_new) {
356 $this->attrs["$val"]= array();
357 }
358 }
360 /* Handle tagging */
361 $this->tag_attrs(&$this->attrs);
362 }
365 function cleanup()
366 {
367 foreach ($this->attrs as $index => $value){
369 /* Convert arrays with one element to non arrays, if the saved
370 attributes are no array, too */
371 if (is_array($this->attrs[$index]) &&
372 count ($this->attrs[$index]) == 1 &&
373 isset($this->saved_attributes[$index]) &&
374 !is_array($this->saved_attributes[$index])){
376 $tmp= $this->attrs[$index][0];
377 $this->attrs[$index]= $tmp;
378 }
380 /* Remove emtpy arrays if they do not differ */
381 if (is_array($this->attrs[$index]) &&
382 count($this->attrs[$index]) == 0 &&
383 !isset($this->saved_attributes[$index])){
385 unset ($this->attrs[$index]);
386 continue;
387 }
389 /* Remove single attributes that do not differ */
390 if (!is_array($this->attrs[$index]) &&
391 isset($this->saved_attributes[$index]) &&
392 !is_array($this->saved_attributes[$index]) &&
393 $this->attrs[$index] == $this->saved_attributes[$index]){
395 unset ($this->attrs[$index]);
396 continue;
397 }
399 /* Remove arrays that do not differ */
400 if (is_array($this->attrs[$index]) &&
401 isset($this->saved_attributes[$index]) &&
402 is_array($this->saved_attributes[$index])){
404 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
405 unset ($this->attrs[$index]);
406 continue;
407 }
408 }
409 }
411 /* Update saved attributes and ensure that next cleanups will be successful too */
412 foreach($this->attrs as $name => $value){
413 $this->saved_attributes[$name] = $value;
414 }
415 }
417 /* Check formular input */
418 function check()
419 {
420 $message= array();
422 /* Skip if we've no config object */
423 if (!isset($this->config) || !is_object($this->config)){
424 return $message;
425 }
427 /* Find hooks entries for this class */
428 $command= $this->config->search(get_class($this), "CHECK", array('menu', 'tabs'));
430 if ($command != ""){
432 if (!check_command($command)){
433 $message[]= sprintf(_("Command '%s', specified as CHECK hook for plugin '%s' doesn't seem to exist."), $command,
434 get_class($this));
435 } else {
437 /* Generate "ldif" for check hook */
438 $ldif= "dn: $this->dn\n";
440 /* ... objectClasses */
441 foreach ($this->objectclasses as $oc){
442 $ldif.= "objectClass: $oc\n";
443 }
445 /* ... attributes */
446 foreach ($this->attributes as $attr){
447 if ($this->$attr == ""){
448 continue;
449 }
450 if (is_array($this->$attr)){
451 foreach ($this->$attr as $val){
452 $ldif.= "$attr: $val\n";
453 }
454 } else {
455 $ldif.= "$attr: ".$this->$attr."\n";
456 }
457 }
459 /* Append empty line */
460 $ldif.= "\n";
462 /* Feed "ldif" into hook and retrieve result*/
463 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
464 $fh= proc_open($command, $descriptorspec, $pipes);
465 if (is_resource($fh)) {
466 fwrite ($pipes[0], $ldif);
467 fclose($pipes[0]);
469 $result= stream_get_contents($pipes[1]);
470 if ($result != ""){
471 $message[]= $result;
472 }
474 fclose($pipes[1]);
475 fclose($pipes[2]);
476 proc_close($fh);
477 }
478 }
480 }
482 /* Check entryCSN */
483 if($this->CSN_check_active){
484 $current_csn = getEntryCSN($this->dn);
485 if($current_csn != $this->entryCSN && !empty($this->entryCSN) && !empty($current_csn)){
486 $this->entryCSN = $current_csn;
487 $message[] = _("The object has changed since opened in GOsa. Please ensure that nobody has done serious changes that may get lost if you save this entry.");
488 }
489 }
490 return ($message);
491 }
493 /* Adapt from template, using 'dn' */
494 function adapt_from_template($dn)
495 {
496 /* Include global link_info */
497 $ldap= $this->config->get_ldap_link();
499 /* Load requested 'dn' to 'attrs' */
500 $ldap->cat ($dn);
501 $this->attrs= $ldap->fetch();
503 /* Walk through attributes */
504 foreach ($this->attributes as $val){
506 if (isset($this->attrs["$val"][0])){
508 /* If attribute is set, replace dynamic parts:
509 %sn, %givenName and %uid. Fill these in our local variables. */
510 $value= $this->attrs["$val"][0];
512 foreach (array("sn", "givenName", "uid") as $repl){
513 if (preg_match("/%$repl/i", $value)){
514 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
515 }
516 }
517 $this->$val= $value;
518 }
519 }
521 /* Is Account? */
522 $found= TRUE;
523 foreach ($this->objectclasses as $obj){
524 if (preg_match('/top/i', $obj)){
525 continue;
526 }
527 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
528 $found= FALSE;
529 break;
530 }
531 }
532 if ($found){
533 $this->is_account= TRUE;
534 }
535 }
537 /* Indicate whether a password change is needed or not */
538 function password_change_needed()
539 {
540 return FALSE;
541 }
544 /* Show header message for tab dialogs */
545 function show_enable_header($button_text, $text, $disabled= FALSE)
546 {
547 if (($disabled == TRUE) || (!$this->acl_is_createable())){
548 $state= "disabled";
549 } else {
550 $state= "";
551 }
552 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
553 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
554 "><p class=\"seperator\"> </p></td></tr></table>";
556 return($display);
557 }
560 /* Show header message for tab dialogs */
561 function show_disable_header($button_text, $text, $disabled= FALSE)
562 {
563 if (($disabled == TRUE) || !$this->acl_is_removeable()){
564 $state= "disabled";
565 } else {
566 $state= "";
567 }
568 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
569 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
570 "><p class=\"seperator\"> </p></td></tr></table>";
572 return($display);
573 }
576 /* Show header message for tab dialogs */
577 function show_header($button_text, $text, $disabled= FALSE)
578 {
579 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
580 if ($disabled == TRUE){
581 $state= "disabled";
582 } else {
583 $state= "";
584 }
585 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
586 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
587 ($this->acl_is_createable()?'':'disabled')." ".$state.
588 "><p class=\"seperator\"> </p></td></tr></table>";
590 return($display);
591 }
594 function postcreate($add_attrs= array())
595 {
596 /* Find postcreate entries for this class */
597 $command= $this->config->search(get_class($this), "POSTCREATE",array('menu', 'tabs'));
599 if ($command != ""){
601 /* Additional attributes */
602 foreach ($add_attrs as $name => $value){
603 $command= preg_replace("/%$name/", $value, $command);
604 }
606 /* Walk through attribute list */
607 foreach ($this->attributes as $attr){
608 if (!is_array($this->$attr)){
609 $command= preg_replace("/%$attr/", $this->$attr, $command);
610 }
611 }
612 $command= preg_replace("/%dn/", $this->dn, $command);
614 if (check_command($command)){
615 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
616 $command, "Execute");
618 exec($command);
619 } else {
620 $message= sprintf(_("Command '%s', specified as POSTCREATE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
621 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
622 }
623 }
624 }
626 function postmodify($add_attrs= array())
627 {
628 /* Find postcreate entries for this class */
629 $command= $this->config->search(get_class($this), "POSTMODIFY",array('menu','tabs'));
631 if ($command != ""){
633 /* Additional attributes */
634 foreach ($add_attrs as $name => $value){
635 $command= preg_replace("/%$name/", $value, $command);
636 }
638 /* Walk through attribute list */
639 foreach ($this->attributes as $attr){
640 if (!is_array($this->$attr)){
641 $command= preg_replace("/%$attr/", $this->$attr, $command);
642 }
643 }
644 $command= preg_replace("/%dn/", $this->dn, $command);
646 if (check_command($command)){
647 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
648 $command, "Execute");
650 exec($command);
651 } else {
652 $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, get_class($this));
653 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
654 }
655 }
656 }
658 function postremove($add_attrs= array())
659 {
660 /* Find postremove entries for this class */
661 $command= $this->config->search(get_class($this), "POSTREMOVE",array('menu','tabs'));
662 if ($command != ""){
664 /* Additional attributes */
665 foreach ($add_attrs as $name => $value){
666 $command= preg_replace("/%$name/", $value, $command);
667 }
669 /* Walk through attribute list */
670 foreach ($this->attributes as $attr){
671 if (!is_array($this->$attr)){
672 $command= preg_replace("/%$attr/", $this->$attr, $command);
673 }
674 }
675 $command= preg_replace("/%dn/", $this->dn, $command);
677 /* Additional attributes */
678 foreach ($add_attrs as $name => $value){
679 $command= preg_replace("/%$name/", $value, $command);
680 }
682 if (check_command($command)){
683 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
684 $command, "Execute");
686 exec($command);
687 } else {
688 $message= sprintf(_("Command '%s', specified as POSTREMOVE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
689 msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
690 }
691 }
692 }
694 /* Create unique DN */
695 function create_unique_dn($attribute, $base)
696 {
697 $ldap= $this->config->get_ldap_link();
698 $base= preg_replace("/^,*/", "", $base);
700 /* Try to use plain entry first */
701 $dn= "$attribute=".$this->$attribute.",$base";
702 $ldap->cat ($dn, array('dn'));
703 if (!$ldap->fetch()){
704 return ($dn);
705 }
707 /* Look for additional attributes */
708 foreach ($this->attributes as $attr){
709 if ($attr == $attribute || $this->$attr == ""){
710 continue;
711 }
713 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
714 $ldap->cat ($dn, array('dn'));
715 if (!$ldap->fetch()){
716 return ($dn);
717 }
718 }
720 /* None found */
721 return ("none");
722 }
724 function rebind($ldap, $referral)
725 {
726 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
727 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
728 $this->error = "Success";
729 $this->hascon=true;
730 $this->reconnect= true;
731 return (0);
732 } else {
733 $this->error = "Could not bind to " . $credentials['ADMIN'];
734 return NULL;
735 }
736 }
739 /* Recursively copy ldap object */
740 function _copy($src_dn,$dst_dn)
741 {
742 $ldap=$this->config->get_ldap_link();
743 $ldap->cat($src_dn);
744 $attrs= $ldap->fetch();
746 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
747 $ds= ldap_connect($this->config->current['SERVER']);
748 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
749 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
750 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
751 }
753 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
754 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
756 /* Fill data from LDAP */
757 $new= array();
758 if ($sr) {
759 $ei=ldap_first_entry($ds, $sr);
760 if ($ei) {
761 foreach($attrs as $attr => $val){
762 if ($info = @ldap_get_values_len($ds, $ei, $attr)){
763 for ($i= 0; $i<$info['count']; $i++){
764 if ($info['count'] == 1){
765 $new[$attr]= $info[$i];
766 } else {
767 $new[$attr][]= $info[$i];
768 }
769 }
770 }
771 }
772 }
773 }
775 /* close conncetion */
776 ldap_unbind($ds);
778 /* Adapt naming attribute */
779 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
780 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
781 $new[$dst_name]= @LDAP::fix($dst_val);
783 /* Check if this is a department.
784 * If it is a dep. && there is a , override in his ou
785 * change \2C to , again, else this entry can't be saved ...
786 */
787 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
788 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
789 }
791 /* Save copy */
792 $ldap->connect();
793 $ldap->cd($this->config->current['BASE']);
795 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
797 /* FAIvariable=.../..., cn=..
798 could not be saved, because the attribute FAIvariable was different to
799 the dn FAIvariable=..., cn=... */
800 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
801 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
802 }
803 $ldap->cd($dst_dn);
804 $ldap->add($new);
806 if ($ldap->error != "Success"){
807 trigger_error("Trying to save $dst_dn failed.",
808 E_USER_WARNING);
809 return(FALSE);
810 }
811 return(TRUE);
812 }
815 /* This is a workaround function. */
816 function copy($src_dn, $dst_dn)
817 {
818 /* Rename dn in possible object groups */
819 $ldap= $this->config->get_ldap_link();
820 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::prepare4filter($src_dn).'))',
821 array('cn'));
822 while ($attrs= $ldap->fetch()){
823 $og= new ogroup($this->config, $ldap->getDN());
824 unset($og->member[$src_dn]);
825 $og->member[$dst_dn]= $dst_dn;
826 $og->save ();
827 }
829 $ldap->cat($dst_dn);
830 $attrs= $ldap->fetch();
831 if (count($attrs)){
832 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
833 E_USER_WARNING);
834 return (FALSE);
835 }
837 $ldap->cat($src_dn);
838 $attrs= $ldap->fetch();
839 if (!count($attrs)){
840 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
841 E_USER_WARNING);
842 return (FALSE);
843 }
845 $ldap->cd($src_dn);
846 $ldap->search("objectClass=*",array("dn"));
847 while($attrs = $ldap->fetch()){
848 $src = $attrs['dn'];
849 $dst = preg_replace("/".normalizePreg($src_dn)."$/",$dst_dn,$attrs['dn']);
850 $this->_copy($src,$dst);
851 }
852 return (TRUE);
853 }
856 function move($src_dn, $dst_dn)
857 {
858 /* Do not copy if only upper- lowercase has changed */
859 if(strtolower($src_dn) == strtolower($dst_dn)){
860 return(TRUE);
861 }
863 /* Copy source to destination */
864 if (!$this->copy($src_dn, $dst_dn)){
865 return (FALSE);
866 }
868 /* Delete source */
869 $ldap= $this->config->get_ldap_link();
870 $ldap->rmdir_recursive($src_dn);
871 if ($ldap->error != "Success"){
872 trigger_error("Trying to delete $src_dn failed.",
873 E_USER_WARNING);
874 return (FALSE);
875 }
877 return (TRUE);
878 }
881 /* Move/Rename complete trees */
882 function recursive_move($src_dn, $dst_dn)
883 {
884 /* Check if the destination entry exists */
885 $ldap= $this->config->get_ldap_link();
887 /* Check if destination exists - abort */
888 $ldap->cat($dst_dn, array('dn'));
889 if ($ldap->fetch()){
890 trigger_error("recursive_move $dst_dn already exists.",
891 E_USER_WARNING);
892 return (FALSE);
893 }
895 /* Perform a search for all objects to be moved */
896 $objects= array();
897 $ldap->cd($src_dn);
898 $ldap->search("(objectClass=*)", array("dn"));
899 while($attrs= $ldap->fetch()){
900 $dn= $attrs['dn'];
901 $objects[$dn]= strlen($dn);
902 }
904 /* Sort objects by indent level */
905 asort($objects);
906 reset($objects);
908 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
909 foreach ($objects as $object => $len){
910 $src= $object;
911 $dst= preg_replace("/$src_dn$/", "$dst_dn", $object);
912 if (!$this->copy($src, $dst)){
913 return (FALSE);
914 }
915 }
917 /* Remove src_dn */
918 $ldap->cd($src_dn);
919 $ldap->recursive_remove();
920 return (TRUE);
921 }
924 function handle_post_events($mode, $add_attrs= array())
925 {
926 switch ($mode){
927 case "add":
928 $this->postcreate($add_attrs);
929 break;
931 case "modify":
932 $this->postmodify($add_attrs);
933 break;
935 case "remove":
936 $this->postremove($add_attrs);
937 break;
938 }
939 }
942 function saveCopyDialog(){
943 }
946 function getCopyDialog(){
947 return(array("string"=>"","status"=>""));
948 }
951 function PrepareForCopyPaste($source)
952 {
953 $todo = $this->attributes;
954 if(isset($this->CopyPasteVars)){
955 $todo = array_merge($todo,$this->CopyPasteVars);
956 }
958 if(count($this->objectclasses)){
959 $this->is_account = TRUE;
960 foreach($this->objectclasses as $class){
961 if(!in_array($class,$source['objectClass'])){
962 $this->is_account = FALSE;
963 }
964 }
965 }
967 foreach($todo as $var){
968 if (isset($source[$var])){
969 if(isset($source[$var]['count'])){
970 if($source[$var]['count'] > 1){
971 $this->$var = array();
972 $tmp = array();
973 for($i = 0 ; $i < $source[$var]['count']; $i++){
974 $tmp = $source[$var][$i];
975 }
976 $this->$var = $tmp;
977 }else{
978 $this->$var = $source[$var][0];
979 }
980 }else{
981 $this->$var= $source[$var];
982 }
983 }
984 }
985 }
987 function tag_attrs($at, $dn= "", $tag= "", $show= false)
988 {
989 /* No dn? Self-operation... */
990 if ($dn == ""){
991 $dn= $this->dn;
993 /* No tag? Find it yourself... */
994 if ($tag == ""){
995 $len= strlen($dn);
997 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
998 $relevant= array();
999 foreach ($this->config->adepartments as $key => $ntag){
1001 /* This one is bigger than our dn, its not relevant... */
1002 if ($len <= strlen($key)){
1003 continue;
1004 }
1006 /* This one matches with the latter part. Break and don't fix this entry */
1007 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
1008 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
1009 $relevant[strlen($key)]= $ntag;
1010 continue;
1011 }
1013 }
1015 /* If we've some relevant tags to set, just get the longest one */
1016 if (count($relevant)){
1017 ksort($relevant);
1018 $tmp= array_keys($relevant);
1019 $idx= end($tmp);
1020 $tag= $relevant[$idx];
1021 $this->gosaUnitTag= $tag;
1022 }
1023 }
1024 }
1026 /* Remove tags that may already be here... */
1027 remove_objectClass("gosaAdministrativeUnitTag", &$at);
1028 if (isset($at['gosaUnitTag'])){
1029 unset($at['gosaUnitTag']);
1030 }
1032 /* Set tag? */
1033 if ($tag != ""){
1034 add_objectClass("gosaAdministrativeUnitTag", &$at);
1035 $at['gosaUnitTag']= $tag;
1036 }
1037 }
1040 /* Add possibility to stop remove process */
1041 function allow_remove()
1042 {
1043 $reason= "";
1044 return $reason;
1045 }
1048 /* Create a snapshot of the current object */
1049 function create_snapshot($type= "snapshot", $description= array())
1050 {
1052 /* Check if snapshot functionality is enabled */
1053 if(!$this->snapshotEnabled()){
1054 return;
1055 }
1057 /* Get configuration from gosa.conf */
1058 $tmp = $this->config->current;
1060 /* Create lokal ldap connection */
1061 $ldap= $this->config->get_ldap_link();
1062 $ldap->cd($this->config->current['BASE']);
1064 /* check if there are special server configurations for snapshots */
1065 if(!isset($tmp['SNAPSHOT_SERVER'])){
1067 /* Source and destination server are both the same, just copy source to dest obj */
1068 $ldap_to = $ldap;
1069 $snapldapbase = $this->config->current['BASE'];
1071 }else{
1072 $server = $tmp['SNAPSHOT_SERVER'];
1073 $user = $tmp['SNAPSHOT_USER'];
1074 $password = $tmp['SNAPSHOT_PASSWORD'];
1075 $snapldapbase = $tmp['SNAPSHOT_BASE'];
1077 $ldap_to = new LDAP($user,$password, $server);
1078 $ldap_to -> cd($snapldapbase);
1079 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1080 }
1082 /* check if the dn exists */
1083 if ($ldap->dn_exists($this->dn)){
1085 /* Extract seconds & mysecs, they are used as entry index */
1086 list($usec, $sec)= explode(" ", microtime());
1088 /* Collect some infos */
1089 $base = $this->config->current['BASE'];
1090 $snap_base = $tmp['SNAPSHOT_BASE'];
1091 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1092 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1094 /* Create object */
1095 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1096 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1097 $newName = preg_replace("/\./", "", $sec."-".$usec);
1098 $target= array();
1099 $target['objectClass'] = array("top", "gosaSnapshotObject");
1100 $target['gosaSnapshotData'] = gzcompress($data, 6);
1101 $target['gosaSnapshotType'] = $type;
1102 $target['gosaSnapshotDN'] = $this->dn;
1103 $target['description'] = $description;
1104 $target['gosaSnapshotTimestamp'] = $newName;
1106 /* Insert the new snapshot
1107 But we have to check first, if the given gosaSnapshotTimestamp
1108 is already used, in this case we should increment this value till there is
1109 an unused value. */
1110 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1111 $ldap_to->cat($new_dn);
1112 while($ldap_to->count()){
1113 $ldap_to->cat($new_dn);
1114 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1115 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1116 $target['gosaSnapshotTimestamp'] = $newName;
1117 }
1119 /* Inset this new snapshot */
1120 $ldap_to->cd($snapldapbase);
1121 $ldap_to->create_missing_trees($snapldapbase);
1122 $ldap_to->create_missing_trees($new_base);
1123 $ldap_to->cd($new_dn);
1124 $ldap_to->add($target);
1126 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1127 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1128 }
1129 }
1131 function remove_snapshot($dn)
1132 {
1133 $ui = get_userinfo();
1134 $old_dn = $this->dn;
1135 $this->dn = $dn;
1136 $ldap = $this->config->get_ldap_link();
1137 $ldap->cd($this->config->current['BASE']);
1138 $ldap->rmdir_recursive($dn);
1139 $this->dn = $old_dn;
1140 }
1143 /* returns true if snapshots are enabled, and false if it is disalbed
1144 There will also be some errors psoted, if the configuration failed */
1145 function snapshotEnabled()
1146 {
1147 $tmp = $this->config->current;
1148 if(isset($tmp['ENABLE_SNAPSHOT'])){
1149 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1151 /* Check if the snapshot_base is defined */
1152 if(!isset($tmp['SNAPSHOT_BASE'])){
1153 msg_dialog::display(_("Configuration error"), sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not set."),"SNAPSHOT_BASE"), ERROR_DIALOG);
1154 return(FALSE);
1155 }
1157 /* check if there are special server configurations for snapshots */
1158 if(isset($tmp['SNAPSHOT_SERVER'])){
1160 /* check if all required vars are available to create a new ldap connection */
1161 $missing = "";
1162 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_BASE") as $var){
1163 if(!isset($tmp[$var])){
1164 $missing .= $var." ";
1165 msg_dialog::display(_("Configuration error"), sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not set."), $missing), ERROR_DIALOG);
1166 return(FALSE);
1167 }
1168 }
1169 }
1170 return(TRUE);
1171 }
1172 }
1173 return(FALSE);
1174 }
1177 /* Return available snapshots for the given base
1178 */
1179 function Available_SnapsShots($dn,$raw = false)
1180 {
1181 if(!$this->snapshotEnabled()) return(array());
1183 /* Create an additional ldap object which
1184 points to our ldap snapshot server */
1185 $ldap= $this->config->get_ldap_link();
1186 $ldap->cd($this->config->current['BASE']);
1187 $cfg= &$this->config->current;
1189 /* check if there are special server configurations for snapshots */
1191 if(isset($cfg['SERVER']) && isset($cfg['SNAPSHOT_SERVER']) && $cfg['SERVER'] == $cfg['SNAPSHOT_SERVER']){
1192 $ldap_to = $ldap;
1193 }elseif(isset($cfg['SNAPSHOT_SERVER'])){
1194 $server = $cfg['SNAPSHOT_SERVER'];
1195 $user = $cfg['SNAPSHOT_USER'];
1196 $password = $cfg['SNAPSHOT_PASSWORD'];
1197 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1199 $ldap_to = new LDAP($user,$password, $server);
1200 $ldap_to -> cd ($snapldapbase);
1201 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1202 }else{
1203 $ldap_to = $ldap;
1204 }
1206 /* Prepare bases and some other infos */
1207 $base = $this->config->current['BASE'];
1208 $snap_base = $cfg['SNAPSHOT_BASE'];
1209 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1210 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1211 $tmp = array();
1213 /* Fetch all objects with gosaSnapshotDN=$dn */
1214 $ldap_to->cd($new_base);
1215 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1216 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1218 /* Put results into a list and add description if missing */
1219 while($entry = $ldap_to->fetch()){
1220 if(!isset($entry['description'][0])){
1221 $entry['description'][0] = "";
1222 }
1223 $tmp[] = $entry;
1224 }
1226 /* Return the raw array, or format the result */
1227 if($raw){
1228 return($tmp);
1229 }else{
1230 $tmp2 = array();
1231 foreach($tmp as $entry){
1232 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1233 }
1234 }
1235 return($tmp2);
1236 }
1239 function getAllDeletedSnapshots($base_of_object,$raw = false)
1240 {
1241 if(!$this->snapshotEnabled()) return(array());
1243 /* Create an additional ldap object which
1244 points to our ldap snapshot server */
1245 $ldap= $this->config->get_ldap_link();
1246 $ldap->cd($this->config->current['BASE']);
1247 $cfg= &$this->config->current;
1249 /* check if there are special server configurations for snapshots */
1250 if(isset($cfg['SNAPSHOT_SERVER'])){
1251 $server = $cfg['SNAPSHOT_SERVER'];
1252 $user = $cfg['SNAPSHOT_USER'];
1253 $password = $cfg['SNAPSHOT_PASSWORD'];
1254 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1255 $ldap_to = new LDAP($user,$password, $server);
1256 $ldap_to->cd ($snapldapbase);
1257 show_ldap_error($ldap_to->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1258 }else{
1259 $ldap_to = $ldap;
1260 }
1262 /* Prepare bases */
1263 $base = $this->config->current['BASE'];
1264 $snap_base = $cfg['SNAPSHOT_BASE'];
1265 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1267 /* Fetch all objects and check if they do not exist anymore */
1268 $ui = get_userinfo();
1269 $tmp = array();
1270 $ldap_to->cd($new_base);
1271 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1272 while($entry = $ldap_to->fetch()){
1274 $chk = str_replace($new_base,"",$entry['dn']);
1275 if(preg_match("/,ou=/",$chk)) continue;
1277 if(!isset($entry['description'][0])){
1278 $entry['description'][0] = "";
1279 }
1280 $tmp[] = $entry;
1281 }
1283 /* Check if entry still exists */
1284 foreach($tmp as $key => $entry){
1285 $ldap->cat($entry['gosaSnapshotDN'][0]);
1286 if($ldap->count()){
1287 unset($tmp[$key]);
1288 }
1289 }
1291 /* Format result as requested */
1292 if($raw) {
1293 return($tmp);
1294 }else{
1295 $tmp2 = array();
1296 foreach($tmp as $key => $entry){
1297 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1298 }
1299 }
1300 return($tmp2);
1301 }
1304 /* Restore selected snapshot */
1305 function restore_snapshot($dn)
1306 {
1307 if(!$this->snapshotEnabled()) return(array());
1309 $ldap= $this->config->get_ldap_link();
1310 $ldap->cd($this->config->current['BASE']);
1311 $cfg= &$this->config->current;
1313 /* check if there are special server configurations for snapshots */
1314 if(isset($cfg['SNAPSHOT_SERVER'])){
1315 $server = $cfg['SNAPSHOT_SERVER'];
1316 $user = $cfg['SNAPSHOT_USER'];
1317 $password = $cfg['SNAPSHOT_PASSWORD'];
1318 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1319 $ldap_to = new LDAP($user,$password, $server);
1320 $ldap_to->cd ($snapldapbase);
1321 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1322 }else{
1323 $ldap_to = $ldap;
1324 }
1326 /* Get the snapshot */
1327 $ldap_to->cat($dn);
1328 $restoreObject = $ldap_to->fetch();
1330 /* Prepare import string */
1331 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1333 /* Import the given data */
1334 $ldap->import_complete_ldif($data,$err,false,false);
1335 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1336 }
1339 function showSnapshotDialog($base,$baseSuffixe)
1340 {
1341 $once = true;
1342 foreach($_POST as $name => $value){
1344 /* Create a new snapshot, display a dialog */
1345 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1346 $once = false;
1347 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1348 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1349 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1350 }
1352 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1353 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1354 $once = false;
1355 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1356 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1357 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1358 $this->snapDialog->display_restore_dialog = true;
1359 }
1361 /* Restore one of the already deleted objects */
1362 if(((isset($_POST['menu_action']) && $_POST['menu_action'] == "RestoreDeletedSnapShot")
1363 || preg_match("/^RestoreDeletedSnapShot_/",$name)) && $once){
1364 $once = false;
1365 $this->snapDialog = new SnapShotDialog($this->config,"",$this);
1366 $this->snapDialog->set_snapshot_bases($baseSuffixe);
1367 $this->snapDialog->display_restore_dialog = true;
1368 $this->snapDialog->display_all_removed_objects = true;
1369 }
1371 /* Restore selected snapshot */
1372 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1373 $once = false;
1374 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1375 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1376 if(!empty($entry)){
1377 $this->restore_snapshot($entry);
1378 $this->snapDialog = NULL;
1379 }
1380 }
1381 }
1383 /* Create a new snapshot requested, check
1384 the given attributes and create the snapshot*/
1385 if(isset($_POST['CreateSnapshot']) && is_object($this->snapDialog)){
1386 $this->snapDialog->save_object();
1387 $msgs = $this->snapDialog->check();
1388 if(count($msgs)){
1389 foreach($msgs as $msg){
1390 msg_dialog::display(_("Error"), $msg, ERROR_DIALOG);
1391 }
1392 }else{
1393 $this->dn = $this->snapDialog->dn;
1394 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1395 $this->snapDialog = NULL;
1396 }
1397 }
1399 /* Restore is requested, restore the object with the posted dn .*/
1400 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1401 }
1403 if(isset($_POST['CancelSnapshot'])){
1404 $this->snapDialog = NULL;
1405 }
1407 if(is_object($this->snapDialog )){
1408 $this->snapDialog->save_object();
1409 return($this->snapDialog->execute());
1410 }
1411 }
1414 static function plInfo()
1415 {
1416 return array();
1417 }
1420 function set_acl_base($base)
1421 {
1422 $this->acl_base= $base;
1423 }
1426 function set_acl_category($category)
1427 {
1428 $this->acl_category= "$category/";
1429 }
1432 function acl_is_writeable($attribute,$skip_write = FALSE)
1433 {
1434 $ui= get_userinfo();
1435 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1436 }
1439 function acl_is_readable($attribute)
1440 {
1441 $ui= get_userinfo();
1442 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1443 }
1446 function acl_is_createable()
1447 {
1448 $ui= get_userinfo();
1449 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1450 }
1453 function acl_is_removeable()
1454 {
1455 $ui= get_userinfo();
1456 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1457 }
1460 function acl_is_moveable()
1461 {
1462 $ui= get_userinfo();
1463 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1464 }
1467 function acl_have_any_permissions()
1468 {
1469 }
1472 function getacl($attribute,$skip_write= FALSE)
1473 {
1474 $ui= get_userinfo();
1475 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1476 }
1478 /* Get all allowed bases to move an object to or to create a new object.
1479 Idepartments also contains all base departments which lead to the allowed bases */
1480 function get_allowed_bases($category = "")
1481 {
1482 $ui = get_userinfo();
1483 $deps = array();
1485 /* Set category */
1486 if(empty($category)){
1487 $category = $this->acl_category.get_class($this);
1488 }
1490 /* Is this a new object ? Or just an edited existing object */
1491 if(!$this->initially_was_account && $this->is_account){
1492 $new = true;
1493 }else{
1494 $new = false;
1495 }
1497 $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
1498 foreach($this->config->idepartments as $dn => $name){
1500 if(!in_array_ics($dn,$cat_bases)){
1501 continue;
1502 }
1504 $acl = $ui->get_permissions($dn,$category);
1505 if($new && preg_match("/c/",$acl)){
1506 $deps[$dn] = $name;
1507 }elseif(!$new && preg_match("/m/",$acl)){
1508 $deps[$dn] = $name;
1509 }
1510 }
1512 /* Add current base */
1513 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1514 $deps[$this->base] = $this->config->idepartments[$this->base];
1515 }else{
1516 trigger_error("No default base found in class ".get_class($this).". ".$this->base);
1517 }
1518 return($deps);
1519 }
1522 /* This function modifies object acls too, if an object is moved.
1523 * $old_dn specifies the actually used dn
1524 * $new_dn specifies the destiantion dn
1525 */
1526 function update_acls($old_dn,$new_dn,$output_changes = FALSE)
1527 {
1528 /* Check if old_dn is empty. This should never happen */
1529 if(empty($old_dn) || empty($new_dn)){
1530 trigger_error("Failed to check acl dependencies, wrong dn given.");
1531 return;
1532 }
1534 /* Update userinfo if necessary */
1535 $ui = session::get('ui');
1536 if($ui->dn == $old_dn){
1537 $ui->dn = $new_dn;
1538 session::set('ui',$ui);
1539 new log("view","acl/".get_class($this),$this->dn,array(),"Updated current user dn from '".$old_dn."' to '".$new_dn."'");
1540 }
1542 /* Object was moved, ensure that all acls will be moved too */
1543 if($new_dn != $old_dn && $old_dn != "new"){
1545 /* get_ldap configuration */
1546 $update = array();
1547 $ldap = $this->config->get_ldap_link();
1548 $ldap->cd ($this->config->current['BASE']);
1549 $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry"));
1550 while($attrs = $ldap->fetch()){
1552 $acls = array();
1554 /* Walk through acls */
1555 for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){
1557 /* Reset vars */
1558 $found = false;
1560 /* Get Acl parts */
1561 $acl_parts = split(":",$attrs['gosaAclEntry'][$i]);
1563 /* Get every single member for this acl */
1564 $members = array();
1565 if(preg_match("/,/",$acl_parts[2])){
1566 $members = split(",",$acl_parts[2]);
1567 }else{
1568 $members = array($acl_parts[2]);
1569 }
1571 /* Check if member match current dn */
1572 foreach($members as $key => $member){
1573 $member = base64_decode($member);
1574 if($member == $old_dn){
1575 $found = true;
1576 $members[$key] = base64_encode($new_dn);
1577 }
1578 }
1580 /* Create new member string */
1581 $new_members = "";
1582 foreach($members as $member){
1583 $new_members .= $member.",";
1584 }
1585 $new_members = preg_replace("/,$/","",$new_members);
1586 $acl_parts[2] = $new_members;
1588 /* Reconstruckt acl entry */
1589 $acl_str ="";
1590 foreach($acl_parts as $t){
1591 $acl_str .= $t.":";
1592 }
1593 $acl_str = preg_replace("/:$/","",$acl_str);
1594 }
1596 /* Acls for this object must be adjusted */
1597 if($found){
1599 $debug_info= _("Changing ACL dn")." : <br> -"._("from")." <b> ".
1600 $old_dn."</b><br> -"._("to")." <b>".$new_dn."</b><br>";
1601 @DEBUG (DEBUG_ACL, __LINE__, __FUNCTION__, __FILE__,$debug_info,"ACL");
1603 $update[$attrs['dn']] =array();
1604 foreach($acls as $acl){
1605 $update[$attrs['dn']]['gosaAclEntry'][] = $acl;
1606 }
1607 }
1608 }
1610 /* Write updated acls */
1611 foreach($update as $dn => $attrs){
1612 $ldap->cd($dn);
1613 $ldap->modify($attrs);
1614 }
1615 }
1616 }
1620 /* This function enables the entry Serial ID check.
1621 * If an entry was edited while we have edited the entry too,
1622 * an error message will be shown.
1623 * To configure this check correctly read the FAQ.
1624 */
1625 function enable_CSN_check()
1626 {
1627 $this->CSN_check_active =TRUE;
1628 $this->entryCSN = getEntryCSN($this->dn);
1629 }
1632 /*! \brief Prepares the plugin to be used for multiple edit
1633 * Update plugin attributes with given array of attribtues.
1634 * @param array Array with attributes that must be updated.
1635 */
1636 function init_multiple_support($attrs,$all)
1637 {
1638 $ldap= $this->config->get_ldap_link();
1639 $this->multi_attrs = $attrs;
1640 $this->multi_attrs_all= $all;
1642 /* Copy needed attributes */
1643 foreach ($this->attributes as $val){
1644 $found= array_key_ics($val, $this->multi_attrs);
1645 if ($found != ""){
1646 if(isset($this->multi_attrs["$found"][0])){
1647 $this->$val= $this->multi_attrs["$found"][0];
1648 }
1649 }
1650 }
1651 }
1654 /*! \brief Enables multiple support for this plugin
1655 */
1656 function enable_multiple_support()
1657 {
1658 $this->ignore_account = TRUE;
1659 $this->multiple_support_active = TRUE;
1660 }
1663 /*! \brief Returns all values that have been modfied in multiple edit mode.
1664 @return array Cotaining all mdofied values.
1665 */
1666 function get_multi_edit_values()
1667 {
1668 $ret = array();
1669 foreach($this->attributes as $attr){
1670 if(in_array($attr,$this->multi_boxes)){
1671 $ret[$attr] = $this->$attr;
1672 }
1673 }
1674 return($ret);
1675 }
1678 /*! \brief Update class variables with values collected by multiple edit.
1679 */
1680 function set_multi_edit_values($attrs)
1681 {
1682 foreach($attrs as $name => $value){
1683 $this->$name = $value;
1684 }
1685 }
1688 /*! \brief execute plugin
1690 Generates the html output for this node
1691 */
1692 function multiple_execute()
1693 {
1694 /* This one is empty currently. Fabian - please fill in the docu code */
1695 session::set('current_class_for_help',get_class($this));
1697 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
1698 session::set('LOCK_VARS_TO_USE',array());
1699 session::set('LOCK_VARS_USED',array());
1701 return("Multiple edit is currently not implemented for this plugin.");
1702 }
1705 /*! \brief Save HTML posted data to object for multiple edit
1706 */
1707 function multiple_save_object()
1708 {
1709 if(empty($this->entryCSN) && $this->CSN_check_active){
1710 $this->entryCSN = getEntryCSN($this->dn);
1711 }
1713 /* Save values to object */
1714 $this->multi_boxes = array();
1715 foreach ($this->attributes as $val){
1717 /* Get selected checkboxes from multiple edit */
1718 if(isset($_POST["use_".$val])){
1719 $this->multi_boxes[] = $val;
1720 }
1722 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
1724 /* Check for modifications */
1725 if (get_magic_quotes_gpc()) {
1726 $data= stripcslashes($_POST["$val"]);
1727 } else {
1728 $data= $this->$val = $_POST["$val"];
1729 }
1730 if ($this->$val != $data){
1731 $this->is_modified= TRUE;
1732 }
1734 /* IE post fix */
1735 if(isset($data[0]) && $data[0] == chr(194)) {
1736 $data = "";
1737 }
1738 $this->$val= $data;
1739 }
1740 }
1741 }
1744 /*! \brief Returns all attributes of this plugin,
1745 to be able to detect multiple used attributes
1746 in multi_plugg::detect_multiple_used_attributes().
1747 @return array Attributes required for intialization of multi_plug
1748 */
1749 public function get_multi_init_values()
1750 {
1751 $attrs = $this->attrs;
1752 return($attrs);
1753 }
1756 /*! \brief Check given values in multiple edit
1757 @return array Error messages
1758 */
1759 function multiple_check()
1760 {
1761 $message = plugin::check();
1762 return($message);
1763 }
1764 }
1766 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1767 ?>