![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class group extends plugin
24 {
25 /* Group attributes */
26 var $cn= "";
27 var $description= "";
28 var $gidNumber= "";
29 var $memberUid= array();
30 var $memberUid_used_by_some= array();
32 /* Helpers */
33 var $base= "";
34 var $force_gid= FALSE;
35 var $fon_group= FALSE;
36 var $smbgroup= FALSE;
37 var $groupType= FALSE;
38 var $samba3= FALSE;
39 var $sambaSID= "";
40 var $sambaDomainName= "DEFAULT";
41 var $SID= "";
42 var $ridBase= 0;
43 var $members= array();
44 var $users= array();
45 var $member= array();
46 var $allusers= array();
47 var $saved_gidNumber= "";
48 var $oldgroupType= "";
49 var $orig_dn= "";
50 var $orig_cn= "";
51 var $orig_base= "";
52 var $has_mailAccount= FALSE;
53 var $group_dialog= FALSE;
54 var $nagios_group =FALSE;
55 var $sambaGroupType;
56 var $dialog;
57 var $rfc2307bis= FALSE;
58 var $OnlyShowFirstEntries =200;
59 var $dnMapping= array();
60 var $view_logged = FALSE;
61 var $allowGroupsWithSameNameInOtherSubtrees = true;
63 /* Trustmodel/AccessTo
64 */
65 var $accessTo= array();
66 var $trustModel= "";
67 var $show_ws_dialog = FALSE;
69 /* attribute list for save action */
70 var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID","accessTo","trustModel");
71 var $objectclasses= array("top", "posixGroup");
73 var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType");
75 var $multiple_support = TRUE;
77 function group (&$config, $dn= NULL)
78 {
79 /* Set rfc2307bis flag */
80 if ($config->get_cfg_value("rfc2307bis") == "true"){
81 $this->rfc2307bis= TRUE;
82 $this->attributes[]= "member";
83 $this->objectclasses[]= "groupOfNames";
84 }
86 plugin::plugin ($config, $dn);
88 /* Load attributes depending on the samba version */
89 $this->samba3= ($config->get_cfg_value("sambaversion") == 3);
90 $this->orig_dn= $dn;
91 $this->orig_cn= $this->cn;
93 /* Get member list */
94 if (isset($this->attrs['memberUid'][0])){
95 $tmp= array();
96 for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
97 $tmp[$this->attrs['memberUid'][$i]]= $this->attrs['memberUid'][$i];
98 }
99 $this->memberUid= $tmp;
100 ksort ($this->memberUid);
101 }
103 /* Save gidNumber for later use */
104 if (isset($this->attrs['gidNumber'])){
105 $this->saved_gidNumber= $this->attrs['gidNumber'][0];
106 }
108 /* Is a samba group? */
109 if (isset($this->attrs['objectClass'])){
110 if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == FALSE ){
111 $this->smbgroup= FALSE;
112 } else {
113 $this->smbgroup= TRUE;
114 if (isset($this->attrs['sambaSID'])){
115 $this->sambaSID= $this->attrs['sambaSID'][0];
116 }
117 }
118 if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == FALSE ){
119 $this->fon_group= FALSE;
120 } else {
121 $this->fon_group= TRUE;
122 }
123 if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == FALSE ){
124 $this->nagios_group= FALSE;
125 } else {
126 $this->nagios_group= TRUE;
127 }
128 }
130 /* Set mail flag */
131 if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
132 $this->has_mailAccount= TRUE;
133 }
135 /* Get samba Domain in case of samba 3 */
136 if ($this->samba3 && $this->sambaSID != ""){
137 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
138 $ldap= $this->config->get_ldap_link();
139 $ldap->cd($this->config->current['BASE']);
140 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
141 if ($ldap->count() != 0){
142 $attrs= $ldap->fetch();
143 if(isset($attrs['sambaAlgorithmicRidBase'])){
144 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
145 } else {
146 $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
147 }
149 /* Get domain name for SID */
150 $this->sambaDomainName= "DEFAULT";
151 foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
152 if ($val['SID'] == $this->SID){
153 $this->sambaDomainName= $key;
154 break;
155 }
156 }
157 } else {
158 if ($this->config->get_cfg_value("sambaRidBase") != ""){
159 $this->sambaDomainName= "DEFAULT";
160 $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
161 $this->SID= $this->config->get_cfg_value("sid");
162 } else {
163 msg_dialog::display(_("Configuration error"), _("Cannot find group SID in your configuration!"), ERROR_DIALOG);
164 }
165 }
167 /* Get group type */
168 $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
169 if ($this->groupType < 500 || $this->groupType > 553){
170 $this->groupType= 0;
171 }
172 $this->oldgroupType= $this->groupType;
173 }
175 /* Get global filter config */
176 if (!session::is_set("gufilter")){
177 $ui= get_userinfo();
178 $base= get_base_from_people($ui->dn);
179 $gufilter= array( "dselect" => $base,
180 "regex" => "*");
181 session::set("gufilter", $gufilter);
182 }
183 $gufilter= session::get('gufilter');
184 $gufilter['SubSearchGroup'] = false;
185 session::set('gufilter',$gufilter);
187 if ($this->dn == "new"){
188 if(session::is_set('CurrentMainBase')){
189 $this->base = session::get('CurrentMainBase');
190 }else{
191 $ui= get_userinfo();
192 $this->base= dn2base($ui->dn);
193 }
194 } else {
196 /* Get object base */
197 $this->base =preg_replace ("/^[^,]+,".preg_quote(get_groups_ou(), '/')."/","",$this->dn);
198 }
199 $this->orig_base = $this->base;
201 /* Is this account a trustAccount? */
202 if (isset($this->attrs['trustModel'])){
203 $this->trustModel= $this->attrs['trustModel'][0];
204 $this->was_trust_account= TRUE;
205 } else {
206 $this->was_trust_account= FALSE;
207 $this->trustModel= "";
208 }
210 $this->accessTo = array();
211 if (isset($this->attrs['accessTo'])){
212 for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
213 $tmp= $this->attrs['accessTo'][$i];
214 $this->accessTo[$tmp]= $tmp;
215 }
216 }
218 /* Get global filter config */
219 if (!session::is_set("sysfilter")){
220 $ui= get_userinfo();
221 $base= get_base_from_people($ui->dn);
222 $sysfilter= array( "depselect" => $base,
223 "regex" => "*");
224 session::set("sysfilter", $sysfilter);
225 }
227 /* This is always an account */
228 $this->is_account= TRUE;
229 $this->reload(TRUE);
230 }
232 function execute()
233 {
234 /* Call parent execute */
235 plugin::execute();
237 /* Log view */
238 if($this->is_account && !$this->view_logged){
239 $this->view_logged = TRUE;
240 new log("view","groups/".get_class($this),$this->dn);
241 }
243 /* Do we represent a valid group? */
244 if (!$this->is_account && $this->parent === NULL){
245 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".msgPool::noValidExtension()."</b>";
246 return ($display);
247 }
249 /* Delete user from group */
250 if (isset($_POST['del_users']) && isset($_POST['members']) && preg_match("/w/",$this->getacl("memberUid"))){
251 foreach ($_POST['members'] as $value){
252 unset ($this->members["$value"]);
253 $this->removeUser($value);
254 }
255 $this->reload();
256 }
258 /* Add objects? */
259 if (isset($_POST["edit_membership"]) && preg_match("/w/",$this->getacl("memberUid"))){
260 $this->group_dialog= TRUE;
261 $this->dialog= TRUE;
262 }
264 /* Add objects finished? */
265 if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
266 $this->group_dialog= FALSE;
267 $this->dialog= FALSE;
268 }
270 /* Add user to group */
271 if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
272 foreach ($_POST['users'] as $value){
273 $this->members["$value"]= $this->allusers[$value];
274 asort($this->members);
275 $this->addUser($value);
276 }
277 $this->reload();
278 }
280 /* Base select dialog */
281 $once = true;
282 foreach($_POST as $name => $value){
283 if((preg_match("/^chooseBase/",$name) && $once) && $this->acl_is_writeable("base")){
285 $once = false;
286 $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
287 $this->dialog->setCurrentBase($this->base);
288 }
289 }
291 /* Dialog handling */
292 if(is_object($this->dialog)){
293 /* Must be called before save_object */
294 $this->dialog->save_object();
296 if($this->dialog->isClosed()){
297 $this->dialog = false;
298 }elseif($this->dialog->isSelected()){
300 /* Check if selected base is valid */
301 $tmp = $this->get_allowed_bases();
302 if(isset($tmp[$this->dialog->isSelected()])){
303 $this->base = $this->dialog->isSelected();
304 }
305 $this->dialog= false;
306 }else{
307 return($this->dialog->execute());
308 }
309 }
312 /* Add user workstation? */
313 if (isset($_POST["add_ws"])){
314 $this->show_ws_dialog= TRUE;
315 $this->dialog= TRUE;
316 }
318 /* Add user workstation? */
319 if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
320 foreach($_POST['wslist'] as $ws){
321 $this->accessTo[$ws]= $ws;
322 }
323 ksort($this->accessTo);
324 $this->is_modified= TRUE;
325 }
327 /* Remove user workstations? */
328 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
329 foreach($_POST['workstation_list'] as $name){
330 unset ($this->accessTo[$name]);
331 }
332 $this->is_modified= TRUE;
333 }
335 /* Add user workstation finished? */
336 if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
337 $this->show_ws_dialog= FALSE;
338 $this->dialog= FALSE;
339 }
341 $smarty= get_smarty();
343 /* Show ws dialog */
344 if ($this->show_ws_dialog){
346 /* Save data */
347 $sysfilter= session::get("sysfilter");
348 foreach( array("depselect", "regex") as $type){
349 if (isset($_POST[$type])){
350 $sysfilter[$type]= $_POST[$type];
351 }
352 }
353 if (isset($_GET['search'])){
354 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
355 if ($s == "**"){
356 $s= "*";
357 }
358 $sysfilter['regex']= $s;
359 }
360 session::set("sysfilter", $sysfilter);
362 /* Get workstation list */
363 $exclude= "";
364 foreach($this->accessTo as $ws){
365 $exclude.= "(cn=$ws)";
366 }
367 if ($exclude != ""){
368 $exclude= "(!(|$exclude))";
369 }
370 $regex= $sysfilter['regex'];
372 /* Search for systems
373 */
374 $types = array();
375 $types['server'] = array("OU" => get_ou("serverRDN"), "OC" => "(objectClass=goServer)");
376 $types['workstation'] = array("OU" => get_ou("workstationRDN"),"OC" => "(objectClass=gotoWorkstation)");
377 $types['terminal'] = array("OU" => get_ou("terminalRDN"), "OC" => "(objectClass=gotoTerminal)");
379 $res = array();
380 foreach($types as $acl => $data){
381 $filter= "(&".$data['OC']."$exclude(cn=$regex))";
382 $res= array_merge($res,get_sub_list($filter,array($acl),$data['OU'],get_ou("systemRDN").$sysfilter['depselect'],
383 array("cn"), GL_SUBSEARCH | GL_SIZELIMIT));
384 }
385 $wslist = array();
386 foreach ($res as $attrs){
387 $wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
388 }
390 asort($wslist);
391 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
392 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
393 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
394 $smarty->assign("deplist", $this->config->idepartments);
395 $smarty->assign("alphabet", generate_alphabet());
396 foreach( array("depselect", "regex") as $type){
397 $smarty->assign("$type", $sysfilter[$type]);
398 }
399 $smarty->assign("hint", print_sizelimit_warning());
400 $smarty->assign("wslist", $wslist);
401 $smarty->assign("apply", apply_filter());
402 $display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
403 return ($display);
404 }
406 /* Assign templating stuff */
407 if ($this->samba3){
408 $smarty->assign("samba3", "true");
409 } else {
410 $smarty->assign("samba3", "");
411 }
413 if($this->config->search("nagiosaccount", "CLASS",array('menu'))){
414 $smarty->assign("nagios",true);
415 }else{
416 $smarty->assign("nagios",false);
417 }
419 if($this->config->search("phoneAccount", "CLASS",array('menu'))){
420 $smarty->assign("pickupGroup",true);
421 }else{
422 $smarty->assign("pickupGroup",false);
423 }
425 /* Manage object add dialog */
426 if ($this->group_dialog){
428 /* Save data */
429 $gufilter= session::get("gufilter");
430 foreach( array("dselect", "regex") as $type){
431 if (isset($_POST[$type])){
432 $gufilter[$type]= $_POST[$type];
433 }
434 }
435 if(isset($_POST['regex'])){
436 if(isset($_POST['SubSearchGroup'])){
437 $gufilter['SubSearchGroup'] = true;
438 }else{
439 $gufilter['SubSearchGroup'] = false;
440 }
441 }
443 if (isset($_GET['search'])){
444 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
445 if ($s == "**"){
446 $s= "*";
447 }
448 $gufilter['regex']= $s;
449 }
450 session::set("gufilter", $gufilter);
451 $this->reload();
453 /* Show dialog */
454 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
455 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
456 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
457 $ui = get_userinfo();
458 $tmp = $ui->get_module_departments("users");
459 $deps = array();
460 foreach($this->config->idepartments as $dn => $name){
461 if(in_array($dn,$tmp)){
462 $deps[$dn] = $name;
463 }
464 }
466 $smarty->assign("deplist", $deps);
467 $smarty->assign("alphabet", generate_alphabet());
468 foreach( array("dselect", "regex","SubSearchGroup") as $type){
469 $smarty->assign("$type", $gufilter[$type]);
470 }
471 $smarty->assign("hint", print_sizelimit_warning());
472 $smarty->assign("users", $this->displayUsers);
473 $smarty->assign("apply", apply_filter());
474 $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
475 return ($display);
476 }
478 $smarty->assign("bases", $this->get_allowed_bases());
479 $smarty->assign("base_select", $this->base);
481 if ($this->samba3){
482 $domains= array();
483 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
484 $domains[$name]= $name;
485 }
486 $smarty->assign("sambaDomains", $domains);
487 $smarty->assign("sambaDomainName", $this->sambaDomainName);
488 $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
489 514 => _("Domain guests"));
491 /* Don't loose special groups! If not key'ed above, add it to
492 the combo box... */
493 if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
494 $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
495 }
497 $smarty->assign("groupTypes", $groupTypes);
498 $smarty->assign("groupType", $this->groupType);
499 }
501 /* Members and users */
502 $smarty->assign("members", $this->members);
504 /* Work on trust modes */
505 $smarty->assign("trusthide", " disabled ");
506 $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
507 if ($this->trustModel == "fullaccess"){
508 $trustmode= 1;
509 // pervent double disable tag in html code, this will disturb our clean w3c html
510 $smarty->assign("trustmode", $this->getacl("trustModel"));
512 } elseif ($this->trustModel == "byhost"){
513 $trustmode= 2;
514 $smarty->assign("trusthide", "");
515 } else {
516 // pervent double disable tag in html code, this will disturb our clean w3c html
517 $smarty->assign("trustmode", $this->getacl("trustModel"));
518 $trustmode= 0;
519 }
520 $smarty->assign("trustmode", $trustmode);
521 $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
522 2 => _("allow access to these hosts")));
524 if((count($this->accessTo))==0){
525 $smarty->assign("emptyArrAccess",true);
526 } else{
527 $smarty->assign("emptyArrAccess",false);
529 }
531 $smarty->assign("workstations", $this->accessTo);
535 /* Checkboxes */
536 foreach (array("force_gid", "smbgroup") as $val){
537 if ($this->$val == "1"){
538 $smarty->assign("$val", "checked");
539 } else {
540 $smarty->assign("$val", "");
541 }
542 }
543 if ($this->force_gid != "1"){
544 $smarty->assign("forceMode", "disabled");
545 }else{
546 $smarty->assign("forceMode", "");
547 }
548 if ($this->fon_group){
549 $smarty->assign("fon_group", "checked");
550 } else {
551 $smarty->assign("fon_group", "");
552 }
554 if ($this->nagios_group){
555 $smarty->assign("nagios_group", "checked");
556 } else {
557 $smarty->assign("nagios_group", "");
558 }
560 /* Fields */
561 foreach (array("cn", "description", "gidNumber") as $val){
562 $smarty->assign("$val", $this->$val);
563 }
565 $tmp = $this->plInfo();
566 foreach($tmp['plProvidedAcls'] as $name => $translation){
567 $smarty->assign($name."ACL",$this->getacl($name));
568 }
570 if($this->acl_is_writeable("base")){
571 $smarty->assign("baseSelect",true);
572 }else{
573 $smarty->assign("baseSelect",false);
574 }
576 /* Show main page */
577 $smarty->assign("alphabet", generate_alphabet(10));
578 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
579 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
580 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
581 $smarty->assign("deplist", $this->config->idepartments);
583 /* Multiple edit handling */
584 $smarty->assign("multiple_support",$this->multiple_support_active);
586 $smarty->assign("memberUid_All",$this->memberUid);
587 $smarty->assign("memberUid_Some",$this->memberUid_used_by_some);
589 foreach($this->attributes as $val){
590 if(in_array($val,$this->multi_boxes)){
591 $smarty->assign("use_".$val,TRUE);
592 }else{
593 $smarty->assign("use_".$val,FALSE);
594 }
595 }
596 foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $val){
597 if(in_array($val,$this->multi_boxes)){
598 $smarty->assign("use_".$val,TRUE);
599 }else{
600 $smarty->assign("use_".$val,FALSE);
601 }
602 }
604 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
605 }
607 function addUser($uid)
608 {
609 /* In mutliple edit we have to handle two arrays.
610 * memberUid : Containing users used in all groups
611 * memberUid_used_by_some : Those which are not used in all groups
612 * So we have to remove the given $uid from the ..used_by_some array first.
613 */
614 if($this->multiple_support_active){
615 if(isset($this->memberUid_used_by_some[$uid])){
616 unset($this->memberUid_used_by_some[$uid]);
617 }
618 }
620 /* Ensure that the requested object is known to the group class
621 */
622 if(!isset($this->dnMapping[$uid])){
623 $ldap = $this->config->get_ldap_link();
624 $ldap->cd($this->config->current['BASE']);
625 $ldap->search("(&(objectClass=gosaAccount)(uid=".$uid."))",array("dn", "uid","sn","givenName"));
626 if($ldap->count() == 0 ){
627 msg_dialog::display(_("Error"),
628 sprintf(_("Cannot add uid '%s' to the group '%s'. Could not find matching user object."),
629 $uid,$this->cn),
630 ERROR_DIALOG);
631 return;
632 }elseif($ldap->count() >= 2){
633 msg_dialog::display(_("Error"),
634 sprintf(_("Cannot add uid '%s' to the group '%s'. The uid is used more than once."),
635 $uid,$this->cn),
636 ERROR_DIALOG);
637 return;
638 }else{
639 while($attrs = $ldap->fetch()){
640 $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
641 $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
642 $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
643 }
644 }
645 }
647 $this->memberUid[$uid]= $uid;
648 }
651 function removeUser($uid)
652 {
653 $temp= array();
654 if(isset($this->memberUid[$uid])){
655 unset($this->memberUid[$uid]);
656 }
658 /* We have two array contianing group members in multiple edit.
659 * this->memberUid : Groups used by all currently edited groups
660 * this->memberUid_used_by_some: Used by some
661 * So we have to remove the specified uid from both arrays.
662 */
663 if($this->multiple_support_active){
664 if(isset($this->memberUid_used_by_some[$uid])){
665 unset($this->memberUid_used_by_some[$uid]);
666 }
667 }
668 }
670 /* Reload data */
671 function reload($silent = FALSE)
672 {
673 /* Fix regex string */
674 $gufilter = session::get("gufilter");
675 $regex = normalizeLdap($gufilter['regex']);
676 $MaxUser = $this->OnlyShowFirstEntries;
678 /* Prepare ldap link */
679 $ldap= $this->config->get_ldap_link();
680 $ldap->cd($gufilter['dselect']);
683 /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
684 (Store gathered sn/givenName informations in $this->allusers too,
685 to be prepared when adding/deleting users)
686 */
687 $filter = "";
688 if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
689 count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
690 foreach ($this->memberUid as $value){
691 if(!isset($this->members[$value])){
692 $filter .= "(uid=".normalizeLdap($value).")";
693 }
694 }
695 }
697 if(!empty($filter)){
698 $ldap->cd($this->config->current['BASE']);
699 $ldap->search("(&(objectClass=gosaAccount)(|".$filter."))",array("dn", "uid","sn","givenName"));
700 while($attrs = $ldap->fetch()){
701 $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
702 $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
703 $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
704 }
705 }
707 /* check if all uids are resolved */
708 if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
709 count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
710 foreach ($this->memberUid as $value){
711 if(!isset($this->members[$value])){
712 $this->members[$value] = _("! unknown id")." [".$value."]";
713 }
714 }
715 }else{
716 foreach ($this->memberUid as $value){
717 $this->members[$value] = $value;
718 }
719 }
721 /* Create display list of users matching regex & filter
722 */
723 $this->displayUsers = array();
724 $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
726 /* Search in current tree or within subtrees depending on the checkbox from filter section */
727 if($gufilter['SubSearchGroup']){
728 $flag = GL_SIZELIMIT | GL_SUBSEARCH;
729 $base = $gufilter['dselect'];
730 }else{
731 $flag = GL_SIZELIMIT ;
732 $base = get_people_ou().$gufilter['dselect'];
733 }
734 $i = 0;
737 $res = get_list($filter,"users",$base,array("dn", "uid", "sn", "givenName"),$flag);
739 /* Fetch all users and skip already used users */
740 foreach($res as $attrs){
741 if(in_array($attrs['uid'][0], $this->memberUid)) {
742 continue;
743 }
744 $i ++;
745 if($i > $MaxUser) {
746 break;
747 }
748 $this->dnMapping[$attrs['uid'][0]]= $attrs["dn"];
749 $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
750 $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
751 }
753 /* If more than max users are found, display a message to warn the user */
754 if($i == $MaxUser && !$silent){
755 msg_dialog::display(_("Configuration error"), sprintf(_("Search returned too many results. Not displaying more than %s entries!"), $MaxUser), ERROR_DIALOG);
756 }
758 /* Sort lists */
759 natcasesort($this->members);
760 reset($this->members);
761 natcasesort ($this->displayUsers);
762 reset ($this->displayUsers);
763 }
766 /* Create display name, this was used so often that it is excluded into a seperate function */
767 function createResultName($attrs)
768 {
769 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
770 $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
771 } else {
772 $ret= $attrs['uid'][0];
773 }
774 return($ret);
775 }
778 function remove_from_parent()
779 {
780 plugin::remove_from_parent();
782 $ldap= $this->config->get_ldap_link();
783 $ldap->rmdir($this->dn);
784 if (!$ldap->success()){
785 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_DEL, get_class()));
786 }
788 new log("remove","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
790 /* Delete references to object groups */
791 $ldap->cd ($this->config->current['BASE']);
792 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".LDAP::prepare4filter($this->dn)."))", array("cn"));
793 while ($ldap->fetch()){
794 $og= new ogroup($this->config, $ldap->getDN());
795 unset($og->member[$this->dn]);
796 $og->save ();
797 }
799 /* Remove ACL dependencies too,
800 */
801 $ldap = $this->config->get_ldap_link();
802 $ldap->cd($this->config->current['BASE']);
803 $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($this->dn)."*))",array("gosaAclEntry","dn"));
804 while($attrs = $ldap->fetch()){
805 $acl = new acl($this->config,$this->parent,$attrs['dn']);
806 foreach($acl->gosaAclEntry as $id => $entry){
807 foreach($entry['members'] as $m_id => $member){
808 if($m_id == "G:".$this->dn || $m_id == "U:".$this->dn){
809 unset($acl->gosaAclEntry[$id]['members'][$m_id]);
810 gosa_log("modify","groups/acl",$attrs['dn'],array(),sprintf("Removed acl for %s on object %s.",$this->dn,$attrs['dn']));
811 }
812 }
813 }
814 $acl->save();
815 }
817 /* Remove ACL dependencies too,
818 */
819 $tmp = new acl($this->config,$this->parent,$this->dn);
820 $tmp->remove_acl();
822 /* Send signal to the world that we've done */
823 $this->handle_post_events("remove");
824 }
827 /* Save data to object */
828 function save_object()
829 {
830 /* Save additional values for possible next step */
831 if (isset($_POST['groupedit'])){
833 /* Create a base backup and reset the
834 base directly after calling plugin::save_object();
835 Base will be set seperatly a few lines below */
836 $base_tmp = $this->base;
837 plugin::save_object();
838 $this->base = $base_tmp;
840 $this->force_gid= 0;
842 /* Only reset sambagroup flag if we are able to write this flag */
843 if($this->acl_is_writeable("sambaGroupType")){
844 $this->smbgroup = 0;
845 }
847 /* Get base selection */
848 if(isset($_POST['base'])){
849 $tmp = $this->get_allowed_bases();
850 if(isset($tmp[$_POST['base']])){
851 $this->base = $_POST['base'];
852 }
853 }
855 foreach (array(
856 "force_gid" => "gidNumber",
857 "smbgroup" => "sambaGroupType") as $val => $aclname) {
858 if ($this->acl_is_writeable($aclname) && isset($_POST["$val"])){
859 $this->$val= $_POST["$val"];
860 }
861 }
863 /* Save sambaDomain attribute */
864 if ($this->acl_is_writeable("sambaDomainName") && $this->samba3 && isset ($_POST['sambaDomainName'])){
865 $this->sambaDomainName= $_POST['sambaDomainName'];
866 $this->groupType= $_POST['groupType'];
867 }
869 /* Save fon attribute */
870 if ($this->acl_is_writeable("fonGroup")){
871 if (isset ($_POST['fon_group'])){
872 $this->fon_group= TRUE;
873 } else {
874 $this->fon_group= FALSE;
875 }
876 }
877 if ($this->acl_is_writeable("nagiosGroup")){
878 if (isset ($_POST['nagios_group'])){
879 $this->nagios_group= TRUE;
880 } else {
881 $this->nagios_group= FALSE;
882 }
883 }
884 }
886 /* Trust mode - special handling */
887 if($this->acl_is_writeable("trustModel")){
888 if (isset($_POST['trustmode'])){
889 $saved= $this->trustModel;
890 if ($_POST['trustmode'] == "1"){
891 $this->trustModel= "fullaccess";
892 } elseif ($_POST['trustmode'] == "2"){
893 $this->trustModel= "byhost";
894 } else {
895 $this->trustModel= "";
896 }
897 if ($this->trustModel != $saved){
898 $this->is_modified= TRUE;
899 }
900 }
901 }
903 }
906 /* Save to LDAP */
907 function save()
908 {
910 /* ID handling */
911 if ($this->force_gid == 0){
912 if ($this->saved_gidNumber != ""){
913 $this->gidNumber= $this->saved_gidNumber;
914 } else {
915 /* Calculate new, lock uids */
916 $wait= 10;
917 while (get_lock("uidnumber") != ""){
918 sleep (1);
920 /* timed out? */
921 if ($wait-- == 0){
922 break;
923 }
924 }
925 add_lock ("uidnumber", "gosa");
926 $this->gidNumber= $this->get_next_id("gidNumber", $this->dn);
927 }
928 }
930 plugin::save();
932 /* Trust accounts */
933 $objectclasses= array();
934 foreach ($this->attrs['objectClass'] as $key => $class){
935 if (preg_match('/trustAccount/i', $class)){
936 continue;
937 }
938 $objectclasses[]= $this->attrs['objectClass'][$key];
939 }
940 $this->attrs['objectClass']= $objectclasses;
941 if ($this->trustModel != ""){
942 $this->attrs['objectClass'][]= "trustAccount";
943 $this->attrs['trustModel']= $this->trustModel;
944 $this->attrs['accessTo']= array();
945 if ($this->trustModel == "byhost"){
946 foreach ($this->accessTo as $host){
947 $this->attrs['accessTo'][]= $host;
948 }
949 }
950 } else {
951 if ($this->was_trust_account){
952 $this->attrs['accessTo']= array();
953 $this->attrs['trustModel']= array();
954 }
955 }
959 /* Remove objectClass for samba/phone support */
960 $tmp= array();
961 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
962 if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
963 $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
964 $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
965 $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
966 $tmp[]= $this->attrs['objectClass'][$i];
967 }
968 }
969 $this->attrs['objectClass']= $tmp;
970 $ldap= $this->config->get_ldap_link();
972 /* Add samba group functionality */
973 if ($this->samba3 && $this->smbgroup){
975 /* Fixed undefined index ...
976 */
977 $this->SID = $this->ridBase = "";
978 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
979 $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
980 }else{
981 msg_dialog::display(_("Error"), sprintf(_("Cannot find any SID for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
982 }
983 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
984 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
985 }else{
986 msg_dialog::display(_("Error"), sprintf(_("Cannot find any RIDBASE for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
987 }
989 $this->attrs['objectClass'][]= 'sambaGroupMapping';
990 $this->attrs['sambaGroupType']= "2";
992 /* Check if we need to create a special entry */
993 if ($this->groupType == 0){
995 if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
996 $gidNumber= $this->gidNumber;
997 while(TRUE){
998 $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
999 $ldap->cd($this->config->current['BASE']);
1000 $ldap->search("(sambaSID=$sid)",array("sambaSID"));
1001 if ($ldap->count() == 0){
1002 break;
1003 }
1004 $gidNumber++;
1005 }
1006 $this->attrs['sambaSID']= $sid;
1007 $this->sambaSID= $sid;
1008 }
1010 } else {
1011 $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
1012 }
1014 /* User wants me to fake the idMappings? This is useful for
1015 making winbind resolve the group names in a reasonable amount
1016 of time in combination with larger databases. */
1017 if ($this->config->get_cfg_value("sambaidmapping") == "true"){
1018 $this->attrs['objectClass'][]= "sambaIdmapEntry";
1019 }
1021 }
1023 /* Add phone functionality */
1024 if ($this->fon_group){
1025 $this->attrs['objectClass'][]= "goFonPickupGroup";
1026 }
1028 /* Add nagios functionality */
1029 if ($this->nagios_group){
1030 $this->attrs['objectClass'][]= "nagiosContactGroup";
1031 }
1033 /* Take members array */
1034 if (count ($this->memberUid)){
1035 $this->attrs['memberUid']= array_values(array_unique($this->memberUid));
1036 }
1038 /* New accounts need proper 'dn', propagate it to remaining objects */
1039 if ($this->dn == 'new'){
1040 $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
1041 }
1043 /* Add member dn's for RFC2307bis Support */
1044 if ($this->rfc2307bis){
1045 $this->attrs['member'] = array();
1046 if (count($this->memberUid)){
1047 foreach($this->attrs['memberUid'] as $uid) {
1048 $this->attrs['member'][]= $this->dnMapping[$uid];
1049 }
1050 } else {
1051 $this->attrs['member'][]= $this->dn;
1052 }
1053 }
1055 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
1056 new entries. So do a check first... */
1057 $ldap->cat ($this->dn, array('dn'));
1058 if ($ldap->fetch()){
1059 /* Modify needs array() to remove values :-( */
1060 if (!count ($this->memberUid)){
1061 $this->attrs['memberUid']= array();
1062 }
1063 if ($this->samba3){
1064 if (!$this->smbgroup){
1065 $this->attrs['sambaGroupType']= array();
1066 $this->attrs['sambaSID']= array();
1067 }
1068 }
1069 $mode= "modify";
1070 } else {
1071 $mode= "add";
1072 $ldap->cd($this->config->current['BASE']);
1073 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
1074 }
1077 /* Check generated gidNumber, it may be used by another group.
1078 */
1079 if($this->gidNumber != ""){
1080 $ldap->cd($this->config->current['BASE']);
1081 $ldap->search("(&(!(cn=".$this->orig_cn."))(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))",array("cn"));
1082 if($ldap->count()){
1083 $cns = "";
1084 while($attrs = $ldap->fetch()){
1085 $cns .= $attrs['cn'][0].", ";
1086 }
1087 $cns = rtrim($cns,", ");
1088 msg_dialog::display(_("Warning"),sprintf(_("The gidNumber (%s) used or generated for this group is not uniq! It is already used in the following groups: '%s'."),$this->gidNumber,$cns) , WARNING_DIALOG );
1089 }
1090 }
1092 /* Write back to ldap */
1093 $ldap->cd($this->dn);
1094 $this->cleanup();
1095 $ldap->$mode($this->attrs);
1097 /* Remove ACL dependencies too,
1098 */
1099 if($this->dn != $this->orig_dn && $this->orig_dn != "new"){
1100 $tmp = new acl($this->config,$this->parent,$this->dn);
1101 $tmp->update_acl_membership($this->orig_dn,$this->dn);
1102 }
1104 if($this->initially_was_account){
1105 new log("modify","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1106 }else{
1107 new log("create","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1108 }
1110 $ret= 0;
1111 if (!$ldap->success()){
1112 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
1113 $ret= 1;
1114 }
1116 /* Remove uid lock */
1117 del_lock ("uidnumber");
1119 /* Post that we've done*/
1120 $this->handle_post_events($mode);
1122 return ($ret);
1123 }
1125 function check()
1126 {
1127 /* Call common method to give check the hook */
1128 $message= plugin::check();
1130 /* Permissions for that base? */
1131 if ($this->base != ""){
1132 $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
1133 } else {
1134 $new_dn= $this->dn;
1135 }
1137 /* must: cn */
1138 if ($this->cn == "" && $this->acl_is_writeable("cn")){
1139 $message[]= msgPool::required(_("Name"));
1140 }
1142 /* Check for valid input */
1143 if (!tests::is_uid($this->cn)){
1144 if (strict_uid_mode()){
1145 $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/");
1146 } else {
1147 $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/i");
1148 }
1149 }
1151 if($this->allowGroupsWithSameNameInOtherSubtrees == true){
1153 /* Check for used 'cn' */
1154 $ldap= $this->config->get_ldap_link();
1155 if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
1156 $ldap->cd(get_groups_ou().$this->base);
1157 $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
1158 if ($ldap->count() != 0){
1159 $message[]= msgPool::duplicated(_("Name"));
1160 }
1161 }
1163 }else{
1165 /* Check for used 'cn' */
1166 $ldap= $this->config->get_ldap_link();
1167 $ldap->cd($this->config->current['BASE']);
1168 $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
1169 if ($ldap->count() != 0){
1171 /* New entry? */
1172 if ($this->dn == 'new'){
1173 $message[]= msgPool::duplicated(_("Name"));
1174 }
1176 /* Moved? */
1177 elseif ($new_dn != $this->orig_dn){
1178 $ldap->fetch();
1179 if ($ldap->getDN() != $this->orig_dn){
1180 $message[]= msgPool::duplicated(_("Name"));
1181 }
1182 }
1183 }
1184 }
1186 /* Check ID */
1187 if ($this->force_gid == "1"){
1188 if (!tests::is_id($this->gidNumber)){
1189 $message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
1190 } else {
1191 if ($this->gidNumber < $this->config->get_cfg_value("minId")){
1192 $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("minId"));
1193 }
1195 }
1196 }
1198 /* Check if we are allowed to create or move this object
1199 */
1200 if(!$this->orig_dn == "new" ||
1201 $this->orig_base != $this->base ||
1202 $this->cn != $this->orig_cn){
1204 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
1205 $message[] = msgPool::permCreate();
1206 }elseif($this->orig_dn != "new" && !$this->acl_is_moveable($this->base)){
1207 $message[] = msgPool::permMove();
1208 }
1209 }
1211 return ($message);
1212 }
1214 function get_next_id($attrib, $dn)
1215 {
1216 $ids= array();
1217 $ldap= $this->config->get_ldap_link();
1219 $ldap->cd ($this->config->current['BASE']);
1220 if (preg_match('/gidNumber/i', $attrib)){
1221 $oc= "posixGroup";
1222 } else {
1223 $oc= "posixAccount";
1224 }
1225 $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
1227 /* Get list of ids */
1228 while ($attrs= $ldap->fetch()){
1229 $ids[]= (int)$attrs["$attrib"][0];
1230 }
1232 /* Find out next free id near to UID_BASE */
1233 if ($this->config->get_cfg_value("baseIdHook") == ""){
1234 $base= $this->config->get_cfg_value("uidNumberBase");
1235 } else {
1236 /* Call base hook */
1237 $base= get_base_from_hook($dn, $attrib);
1238 }
1239 for ($id= $base; $id++; $id < pow(2,32)){
1240 if (!in_array($id, $ids)){
1241 return ($id);
1242 }
1243 }
1245 /* Check if id reached maximum */
1246 if ($id >= pow(2,32)){
1247 msg_dialog::display(_("Error"), _("Cannot allocate a free ID!"), ERROR_DIALOG);
1248 exit;
1249 }
1250 }
1252 function getCopyDialog()
1253 {
1254 $vars = array("cn");
1256 if($this ->force_gid){
1257 $used = " checked ";
1258 $dis = "";
1259 }else{
1260 $used = "";
1261 $dis = " disabled ";
1262 }
1264 $smarty = get_smarty();
1265 $smarty->assign("used",$used);
1266 $smarty->assign("dis" ,$dis);
1267 $smarty->assign("cn" ,$this->cn);
1268 $smarty->assign("gidNumber",$this->gidNumber);
1269 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
1270 $ret = array();
1271 $ret['string'] = $str;
1272 $ret['status'] = "";
1273 return($ret);
1274 }
1276 function saveCopyDialog()
1277 {
1278 if(isset($_POST['cn'])){
1279 $this->cn = $_POST['cn'];
1280 }
1281 if(isset($_POST['force_gid'])){
1282 $this->force_gid = 1;
1283 $this->gidNumber= $_POST['gidNumber'];
1284 }else{
1285 $this->force_gid = 0;
1286 $this->gidNumber = false;
1287 }
1288 }
1291 /* Return plugin informations for acl handling */
1292 static function plInfo()
1293 {
1294 return (array(
1295 "plShortName" => _("Generic"),
1296 "plDescription" => _("Generic group settings"),
1297 "plSelfModify" => FALSE,
1298 "plDepends" => array(),
1299 "plPriority" => 0,
1300 "plSection" => array("administration"),
1301 "plCategory" => array("groups" => array("objectClass" => "posixGroup", "description" => _("Groups"))),
1303 "plProvidedAcls" => array(
1304 "cn" => _("Name"),
1305 "description" => _("Description"),
1306 "base" => _("Base"),
1308 "gidNumber" => _("GID"),
1310 "sambaGroupType" => _("Samba group type"),
1311 "sambaDomainName" => _("Samba domain name"),
1312 "trustModel" => _("System trust"),
1313 "fonGroup" => _("Phone pickup group"),
1314 "nagiosGroup" => _("Nagios group"),
1316 "memberUid" => _("Group member"))
1317 ));
1318 }
1321 function multiple_save_object()
1322 {
1323 if(isset($_POST['group_mulitple_edit'])){
1325 /* Create a base backup and reset the
1326 base directly after calling plugin::save_object();
1327 Base will be set seperatly a few lines below */
1328 $base_tmp = $this->base;
1329 plugin::multiple_save_object();
1330 plugin::save_object();
1331 $this->base = $base_tmp;
1333 foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $attr){
1334 if(isset($_POST['use_'.$attr])){
1335 $this->multi_boxes[] = $attr;
1336 }
1337 }
1339 /* Get base selection */
1340 if(isset($_POST['base'])){
1341 $tmp = $this->get_allowed_bases();
1342 if(isset($tmp[$_POST['base']])){
1343 $this->base = $_POST['base'];
1344 }
1345 }
1347 foreach (array( "smbgroup" => "sambaGroupType" ,"nagios_group" => "nagios_group") as $val => $aclname) {
1348 if ($this->acl_is_writeable($aclname)){
1349 if(isset($_POST["$val"])){
1350 $this->$val= TRUE;
1351 }else{
1352 $this->$val= FALSE;
1353 }
1354 }
1355 }
1357 /* Save sambaDomain attribute */
1358 if ($this->acl_is_writeable("sambaDomainName") && $this->samba3 && isset ($_POST['sambaDomainName'])){
1359 $this->sambaDomainName= $_POST['sambaDomainName'];
1360 $this->groupType= $_POST['groupType'];
1361 }
1363 /* Trust mode - special handling */
1364 if($this->acl_is_writeable("trustModel")){
1365 if (isset($_POST['trustmode'])){
1366 $saved= $this->trustModel;
1367 if ($_POST['trustmode'] == "1"){
1368 $this->trustModel= "fullaccess";
1369 } elseif ($_POST['trustmode'] == "2"){
1370 $this->trustModel= "byhost";
1371 } else {
1372 $this->trustModel= "";
1373 }
1374 if ($this->trustModel != $saved){
1375 $this->is_modified= TRUE;
1376 }
1377 }
1378 }
1380 /* Save fon attribute */
1381 if ($this->acl_is_writeable("fonGroup")){
1382 if (isset ($_POST['fon_group'])){
1383 $this->fon_group= TRUE;
1384 } else {
1385 $this->fon_group= FALSE;
1386 }
1387 }
1388 }
1389 }
1392 function get_multi_edit_values()
1393 {
1394 $ret = plugin::get_multi_edit_values();
1396 foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){
1397 if(in_array($attr,$this->multi_boxes)){
1398 $ret[$attr] = $this->$attr;
1399 }
1400 }
1402 if(in_array("trustmode",$this->multi_boxes)){
1403 $ret['trustModel'] = $this->trustModel;
1404 $ret['accessTo'] = $this->accessTo;
1405 }
1407 $ret['memberUid'] = $this->memberUid;
1408 $ret['memberUid_used_by_some'] = $this->memberUid_used_by_some;
1409 return($ret);
1410 }
1412 function multiple_execute()
1413 {
1414 return($this->execute());
1415 }
1418 /* Initialize plugin with given atribute arrays
1419 */
1420 function init_multiple_support($attrs,$all)
1421 {
1422 plugin::init_multiple_support($attrs,$all);
1424 $this->memberUid = array();
1425 $this->memberUid_used_by_some = array();
1426 if (isset($attrs['memberUid'])){
1427 for ($i= 0; $i<$attrs['memberUid']['count']; $i++){
1428 $this->memberUid[$attrs['memberUid'][$i]]= $attrs['memberUid'][$i];
1429 }
1430 ksort($this->memberUid);
1431 }
1433 if (isset($all['memberUid'])){
1434 for ($i= 0; $i<$all['memberUid']['count']; $i++){
1435 if(!in_array($all['memberUid'][$i],$this->memberUid)){
1436 $this->memberUid_used_by_some[$all['memberUid'][$i]]= $all['memberUid'][$i];
1437 }
1438 }
1439 ksort($this->memberUid_used_by_some);
1440 }
1441 }
1444 function PrepareForCopyPaste($source)
1445 {
1446 plugin::PrepareForCopyPaste($source);
1448 $this->memberUid = array();
1449 if(isset($source['memberUid'])){
1450 for($i = 0 ; $i < $source['memberUid']['count']; $i ++){
1451 $this->memberUid[] = $source['memberUid'][$i];
1452 }
1453 }
1454 }
1457 function set_multi_edit_values($attrs)
1458 {
1459 $users = array();
1461 /* Update groupMembership, keep optinal group */
1462 foreach($attrs['memberUid_used_by_some'] as $uid){
1463 if(in_array($uid,$this->memberUid)){
1464 $users[$uid] = $uid;
1465 }
1466 }
1468 /* Update groupMembership, add forced groups */
1469 foreach($attrs['memberUid'] as $uid){
1470 $users[$uid] = $uid;
1471 }
1472 plugin::set_multi_edit_values($attrs);
1473 $this->memberUid = $users;
1474 }
1475 }
1476 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1477 ?>