![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class aclManagement extends management
24 {
25 var $plHeadline = "Acl";
26 var $plDescription = "Manage access control lists";
27 var $plIcon = "plugins/acl/images/plugin.png";
29 // Tab definition
30 protected $tabClass = "aclroletab";
31 protected $tabType = NULL;
32 protected $aclCategory = "acl";
33 protected $aclPlugin = "acl";
34 protected $objectName = "acl";
36 function __construct(&$config,$ui)
37 {
38 $this->config = $config;
39 $this->ui = $ui;
41 $this->storagePoints = array(get_ou("aclRoleRDN")); // ACLs are attached to department containers
43 // Build filter
44 if (session::global_is_set(get_class($this)."_filter")){
45 $filter= session::global_get(get_class($this)."_filter");
46 } else {
47 $filter = new filter(get_template_path("acl-filter.xml", true));
48 $filter->setObjectStorage($this->storagePoints);
49 }
50 $this->setFilter($filter);
52 // Build headpage
53 $headpage = new listing(get_template_path("acl-list.xml", true));
54 $headpage->registerElementFilter("filterLabel", "aclManagement::filterLabel");
55 $headpage->setFilter($filter);
57 // Add copy&paste and snapshot handler.
58 if ($this->config->boolValueIsTrue("main", "copyPaste")){
59 $this->cpHandler = new CopyPasteHandler($this->config);
60 }
61 if($this->config->get_cfg_value("enableSnapshots") == "true"){
62 $this->snapHandler = new SnapshotHandler($this->config);
63 }
65 parent::__construct($this->config, $ui, "acl", $headpage);
66 }
68 function removeEntryConfirmed($action="",$target=array(),$all=array(),
69 $altTabClass="",$altTabType="",$altAclCategory="")
70 {
71 $this->config->data['TABS'][$this->tabClass] =NULL;
72 $tabType = $this->tabType;
73 $tabClass = $this->tabClass;
74 $aclCategory = $this->aclCategory;
76 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$target,"Entry removel confirmed!");
78 $headpage = $this->getHeadpage();
79 foreach($this->dns as $key => $dn){
81 // Check permissions, are we allowed to remove this object?
82 $acl = $this->ui->get_permissions($dn, $this->aclCategory."/".$this->aclPlugin);
83 if(preg_match("/d/",$acl)){
85 if($headpage->getType($dn) == "gosaRole"){
86 $tabClass = "aclroletab";
87 }else{
88 $tabClass = "acltab";
89 }
91 // Delete the object
92 $this->dn = $dn;
93 $this->tabObject= new $tabClass($this->config,$this->config->data['TABS'][$tabType], $this->dn, $aclCategory, true, true);
94 $this->tabObject->set_acl_base($this->dn);
95 $this->tabObject->delete ();
96 $this->tabObject->parent = &$this;
98 // Remove the lock for the current object.
99 del_lock($this->dn);
100 } else {
101 msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
102 new log("security","groups/".get_class($this),$dn,array(),"Tried to trick deletion.");
103 }
104 }
106 // Cleanup
107 $this->remove_lock();
108 $this->closeDialogs();
109 }
112 function newEntry($action="",$target=array(),$all=array(), $altTabClass ="", $altTabType = "", $altAclCategory="")
113 {
114 $this->skipFooter = TRUE;
115 $altTabClass = "aclroletab";
116 $altTabType = "ACLROLES";
117 $this->config->data['TABS'][$altTabType] =NULL;
118 management::newEntry($action,$target,$all,$altTabClass,$altTabType,$altAclCategory);
119 }
121 function editEntry($action="",$target=array(),$all=array(), $altTabClass ="", $altTabType = "", $altAclCategory="")
122 {
123 $this->config->data['TABS'][$this->tabClass] =NULL;
124 $this->skipFooter = TRUE;
125 if(count($target) == 1){
127 // Set dummy tab object...
128 $this->dn = array_pop($target);
129 $headpage = $this->getHeadpage();
130 if($headpage->getType($this->dn) == "gosaRole"){
131 $altTabClass = "aclroletab";
132 }else{
133 $altTabClass = "acltab";
134 }
135 management::editEntry($action,array($this->dn),$all,$altTabClass,$altTabType,$altAclCategory);
136 }
137 }
140 function detectPostActions()
141 {
142 $action= management::detectPostActions();
143 if(isset($_POST['edit_acl'])) $action['action'] = "edit_acl";
144 if(isset($_POST['edit_role'])) $action['action'] = "edit_role";
145 return($action);
146 }
149 // A filter which allows to open a department by clicking on the departments name.
150 static function filterLabel($row,$dn,$ou= array(),$pid=0,$base="")
151 {
152 $ou = $ou[0];
153 if($dn == $base){
154 $ou =" . ";
155 }
156 if(!preg_match("/^cn=/",$dn)){
157 $ou.=" ["._("ACL Assignment")."]";
158 }
160 $dn= LDAP::fix(func_get_arg(1));
161 return("<a href='?plug=".$_GET['plug']."&PID=$pid&act=listing_edit_$row' title='$dn'>$ou</a>");
162 }
165 }
166 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
167 ?>