![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
cb719055c989632e07a5c4f0f0aaeae6bc304644
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class ogroup extends plugin
24 {
25 var $typeToClass = array(
26 "Y" => "gosaUserTemplate",
27 "U" => "gosaAccount",
28 "G" => "posixGroup",
29 "A" => "gosaApplication",
30 "D" => "gosaDepartment",
31 "S" => "goServer",
32 "W" => "gotoWorkstation",
33 "O" => "opsiClient",
34 "T" => "gotoTerminal",
35 "F" => "goFonHardware",
36 "P" => "gotoPrinter");
38 var $typeToImage = array(
39 "Y" => "plugins/users/images/select_template.png",
40 "U" => "plugins/users/images/select_user.png",
41 "G" => "plugins/groups/images/select_group.png",
42 "A" => "plugins/ogroups/images/application.png",
43 "D" => "plugins/departments/images/department.png",
44 "S" => "plugins/ogroups/images/server.png",
45 "W" => "plugins/ogroups/images/workstation.png",
46 "O" => "plugins/ogroups/images/winstation.png",
47 "T" => "plugins/ogroups/images/terminal.png",
48 "F" => "plugins/ogroups/images/phone.png",
49 "P" => "plugins/ogroups/images/printer.png",
50 "I" => "images/false.png");
53 /* Variables */
54 var $cn= "";
55 var $description= "";
56 var $base= "";
57 var $gosaGroupObjects= "";
58 var $objects= array();
59 var $objcache= array();
60 var $memberList= array();
61 var $member= array();
62 var $orig_dn= "";
63 var $orig_cn= "";
64 var $orig_base= "";
65 var $objectSelect= FALSE;
66 var $view_logged = FALSE;
68 var $copyMembers = TRUE;
69 var $wasDyGroup = FALSE;
70 var $baseSelector;
72 /* Already assigned Workstations. Will be hidden in selection.
73 */
74 var $used_workstations = array();
76 /* attribute list for save action */
77 var $attributes= array("cn", "description", "gosaGroupObjects","member");
78 var $objectclasses= array("top", "gosaGroupOfNames");
80 function ogroup (&$config, $dn= NULL)
81 {
82 plugin::plugin ($config, $dn);
84 $this->trustModeDialog = new trustModeDialog($this->config, $this->dn,NULL);
85 $this->trustModeDialog->setAcl('ogroups/ogroup');
87 $this->orig_dn= $dn;
89 $this->member = array();
91 /* Load member objects */
92 if (isset($this->attrs['member'])){
93 foreach ($this->attrs['member'] as $key => $value){
94 if ("$key" != "count"){
95 $value= @LDAP::convert($value);
96 $this->member["$value"]= "$value";
97 }
98 }
99 }
100 $this->is_account= TRUE;
102 /* Set base */
103 if ($this->dn == "new"){
104 $ui = get_userinfo();
105 $this->base= dn2base(session::global_is_set("CurrentMainBase")?"cn=dummy,".session::global_get("CurrentMainBase"):$ui->dn);
106 } else {
107 $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("group", "ogroupRDN"), '/')."/i","",$this->dn);
108 }
110 /* Detect all workstations, which are already assigned to an object group
111 - Those objects will be hidden in the add object dialog.
112 - Check() will complain if such a system is assigned to this object group.
113 */
114 $base = $this->config->current['BASE'];
115 $res = get_list("(|(objectClass=gotoWorkstation)(objectClass=gotoTerminal))","none" ,
116 $base, array("dn"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
117 $ws_dns = array();
118 foreach($res as $data){
119 $ws_dns[] = $data['dn'];
120 }
121 $res=get_list("(&(member=*)(objectClass=gosaGroupOfNames))","none",
122 $base, array("dn","member", "gosaGroupObjects"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
123 $this->used_workstations = array();
124 foreach($res as $og){
125 if($og['dn'] == $this->dn) continue;
126 $test = array_intersect($ws_dns,LDAP::convert($og['member']));
127 if(($og['gosaGroupObjects'] == "[W]" || $og['gosaGroupObjects'] == "[T]") && count($test)){
128 $this->used_workstations = array_merge($this->used_workstations,$test);
129 }
130 }
132 $this->orig_cn = $this->cn;
133 $this->orig_base = $this->base;
135 /* Get global filter config */
136 if (!session::is_set("sysfilter")){
137 $ui= get_userinfo();
138 $base= get_base_from_people($ui->dn);
139 $sysfilter= array( "depselect" => $base,
140 "regex" => "*");
141 session::set("sysfilter", $sysfilter);
142 }
144 /* Instanciate base selector */
145 $this->baseSelector= new baseSelector($this->get_allowed_bases(), $this->base);
146 $this->baseSelector->setSubmitButton(false);
147 $this->baseSelector->setHeight(300);
148 $this->baseSelector->update(true);
150 // Prepare lists
151 $this->memberListing = new sortableListing();
152 $this->memberListing->setDeleteable(true);
153 $this->memberListing->setInstantDelete(true);
154 $this->memberListing->setEditable(false);
155 $this->memberListing->setWidth("100%");
156 $this->memberListing->setHeight("300px");
157 $this->memberListing->setHeader(array("~",_("Name")));
158 $this->memberListing->setColspecs(array('20px','*','20px'));
159 $this->memberListing->setDefaultSortColumn(1);
161 $this->reload();
162 }
164 function AddDelMembership($NewMember = false){
166 if($NewMember){
168 // Ensure that we definitely know the new members attributes.
169 // - Fetch unknown objects here.
170 if(!isset($this->memberList[$NewMember])){
172 $ldap = $this->config->get_ldap_link();
173 $ldap->cd($this->config->current['BASE']);
174 $ldap->cat($NewMember);
175 $attrs = $ldap->fetch();
176 $this->objcache[$NewMember] = $attrs;
177 }
179 /* Add member and force reload */
180 $this->member[$NewMember]= $NewMember;
183 $this->memberList[$NewMember]= $this->objcache[$NewMember];
184 unset ($this->objects[$NewMember]);
185 reset ($this->memberList);
186 $this->reload();
187 }else{
189 // Act on list modifications
190 $this->memberListing->save_object();
191 $action = $this->memberListing->getAction();
192 if($action['action'] == 'delete'){
193 foreach($action['targets'] as $id){
194 $value = $this->memberListing->getKey($id);
195 $this->objects["$value"]= $this->memberList[$value];
196 unset ($this->memberList["$value"]);
197 unset ($this->member["$value"]);
198 }
199 $this->reload();
200 }
203 /* Add objects to group */
204 if (isset($_POST['objectSelect_save']) && $this->objectSelect instanceOf objectSelect){
205 $objects = $this->objectSelect->save();
206 $skipped = FALSE;
207 foreach($objects as $object){
208 $dn = $object['dn'];
210 // Do not add existing members twice!
211 if(isset($this->member["$dn"])){
212 continue;
213 }
215 $tmp = "";
216 foreach($this->memberList as $obj){
217 $tmp .= $obj['type'];
218 }
220 $type = $this->getObjectType($object);
221 $name= $this->getObjectName($object);
223 /* Fill array */
224 if (isset($object["description"][0])){
225 $object= array("text" => "$name [".$object["description"][0]."]", "type" => "$type");
226 } elseif (isset($object["uid"][0])) {
227 $object= array("text" => "$name [".$object["uid"][0]."]", "type" => "$type");
228 } else {
229 $object= array("text" => "$name", "type" => "$type");
230 }
232 if(preg_match("/T/",$tmp) && $type == "W"){
233 $skipped =TRUE;
234 }elseif(preg_match("/W/",$tmp) && $type == "T"){
235 $skipped =TRUE;
236 }else{
238 $this->memberList["$dn"]= $object;
239 $this->member["$dn"]= $dn;
240 reset ($this->memberList);
241 }
242 }
243 if($skipped){
244 msg_dialog::display(_("Information"), _("You cannot combine terminals and workstations in one object group!"), INFO_DIALOG);
245 }
246 $this->objectSelect= FALSE;
247 $this->dialog= FALSE;
248 $this->reload();
249 }
250 }
251 }
253 function execute()
254 {
255 /* Call parent execute */
256 plugin::execute();
258 if(!$this->view_logged){
259 $this->view_logged = TRUE;
260 new log("view","ogroups/".get_class($this),$this->dn);
261 }
264 /* Do we represent a valid group? */
265 if (!$this->is_account){
266 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
267 msgPool::noValidExtension("object group")."</b>";
268 return ($display);
269 }
272 /* Load templating engine */
273 $smarty= get_smarty();
276 $tmp = $this->plInfo();
277 foreach($tmp['plProvidedAcls'] as $name => $translation){
278 $smarty->assign($name."ACL",$this->getacl($name));
279 }
281 /***********
282 * Trusts
283 ***********/
285 // Handle trust mode dialog
286 $this->dialog = FALSE;
287 $trustModeDialog = $this->trustModeDialog->execute();
288 if($this->trustModeDialog->trustSelect){
289 $this->dialog = TRUE;
290 return($trustModeDialog);
291 }
292 $smarty->assign("trustModeDialog",$trustModeDialog);
294 /***********
295 * Ende - Trusts
296 ***********/
299 /* Add objects? */
300 if (isset($_POST["edit_membership"])){
301 $this->objectSelect= new objectSelect($this->config, get_userinfo());
302 }
304 /* Add objects finished? */
305 if (isset($_POST["objectSelect_cancel"])){
306 $this->objectSelect= FALSE;
307 }
309 /* Manage object add dialog */
310 if ($this->objectSelect){
311 session::set('filterBlacklist', array('dn'=> $this->member));
312 $this->dialog= TRUE;
313 return($this->objectSelect->execute());
314 }
316 /* Assemble combine string */
317 if ($this->gosaGroupObjects == "[]"){
318 $smarty->assign("combinedObjects", _("none"));
319 } elseif (strlen($this->gosaGroupObjects) > 4){
320 $smarty->assign("combinedObjects", "<font color=red>"._("too many different objects!")."</font>");
321 } else {
322 $conv= array( "U" => _("users"),
323 "G" => _("groups"),
324 "A" => _("applications"),
325 "D" => _("departments"),
326 "S" => _("servers"),
327 "W" => _("workstations"),
328 "O" => _("Windows workstations"),
329 "T" => _("terminals"),
330 "F" => _("phones"),
331 "P" => _("printers"));
333 $type= preg_replace('/[\[\]]/', '', $this->gosaGroupObjects);
334 $p1= $conv[$type[0]];
335 error_reporting(0);
336 if (isset($type[1]) && preg_match('/[UGADSFOWTP]/', $type[1])){
337 $p2= $conv[$type[1]];
338 $smarty->assign("combinedObjects", sprintf("'%s' and '%s'", $p1, $p2));
339 } else {
340 $smarty->assign("combinedObjects", "$p1");
341 }
342 error_reporting(E_ALL | E_STRICT);
343 }
345 /* Assign variables */
346 $smarty->assign("base", $this->baseSelector->render());
350 $this->memberListing->setAcl($this->getacl("member"));
351 $data = $lData = array();
352 foreach($this->member as $key => $dn){
353 $image = 'images/lists/element.png';
354 $name = $dn;
355 if(isset($this->memberList[$dn])){
356 $name = $this->memberList[$dn]['text'];
357 if(isset($this->typeToImage[$this->memberList[$dn]['type']])){
358 $image = $this->typeToImage[$this->memberList[$dn]['type']];
359 }
360 }
361 $data[$key] = $dn;
362 $lData[$key] = array('data'=> array(image($image),$name));
363 }
365 if($this->isRestrictedByDynGroup()){
366 $this->memberListing->setDeleteable(false);
367 $smarty->assign("memberACL", preg_replace("/[^r]/", "", $this->getacl("member")));
368 $smarty->assign("isRestrictedByDynGroup", TRUE);
370 }else{
371 $this->memberListing->setDeleteable(true);
372 $smarty->assign("isRestrictedByDynGroup", FALSE);
373 }
375 $this->memberListing->setListData($data,$lData);
376 $this->memberListing->update();
377 $smarty->assign("memberList",$this->memberListing->render());
379 /* Fields */
380 foreach ($this->attributes as $val){
381 $smarty->assign("$val", set_post($this->$val));
382 }
384 return ($smarty->fetch (get_template_path('generic.tpl', TRUE)));
385 }
388 function isRestrictedByDynGroup()
389 {
390 $bool = FALSE;
391 if(isset($this->parent->by_object['DynamicLdapGroup'])){
392 $bool = $this->parent->by_object['DynamicLdapGroup']->isAttributeDynamic('member');
393 }
394 $this->wasDyGroup |= $bool;
395 return($bool);
396 }
399 function set_acl_base($base)
400 {
401 plugin::set_acl_base($base);
402 $this->trustModeDialog->set_acl_base($base);
403 }
406 /* Save data to object */
407 function save_object()
408 {
409 /* Save additional values for possible next step */
410 if (isset($_POST['ogroupedit'])){
412 $this->trustModeDialog->save_object();
414 /* Create a base backup and reset the
415 base directly after calling plugin::save_object();
416 Base will be set seperatly a few lines below */
417 $base_tmp = $this->base;
418 plugin::save_object();
419 $this->base = $base_tmp;
421 /* Refresh base */
422 if ($this->acl_is_moveable($this->base)){
423 if (!$this->baseSelector->update()) {
424 msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
425 }
426 if ($this->base != $this->baseSelector->getBase()) {
427 $this->base= $this->baseSelector->getBase();
428 $this->is_modified= TRUE;
429 }
430 }
432 }
433 }
436 /* (Re-)Load objects */
437 function reload()
438 {
439 /*###########
440 Variable initialisation
441 ###########*/
443 $this->objects = array();
444 $this->ui = get_userinfo();
445 $filter = "";
446 $objectClasses = array();
448 $ogfilter = session::get("ogfilter");
449 $regex = $ogfilter['regex'];
451 $ldap= $this->config->get_ldap_link();
452 $ldap->cd ($ogfilter['dselect']);
455 /*###########
456 Generate Filter
457 ###########*/
459 $p_f= array("accounts"=> array("OBJ"=>"user", "CLASS"=>"gosaAccount" ,
460 "DN"=> get_people_ou() ,"ACL" => "users"),
461 "groups" => array("OBJ"=>"group", "CLASS"=>"posixGroup" ,
462 "DN"=> get_groups_ou('ogroupRDN') ,"ACL" => "groups"),
463 "departments" => array("OBJ"=>"department", "CLASS"=>"gosaDepartment" ,
464 "DN"=> "" ,"ACL" => "department"),
465 "servers" => array("OBJ"=>"servgeneric", "CLASS"=>"goServer" ,
466 "DN"=> get_ou("servgeneric", "serverRDN") ,"ACL" => "server"),
467 "workstations" => array("OBJ"=>"workgeneric", "CLASS"=>"gotoWorkstation",
468 "DN"=> get_ou("workgeneric", "workstationRDN") ,"ACL" => "workstation"),
469 "winstations" => array("OBJ"=>"wingeneric", "CLASS"=>"opsiClient",
470 "DN"=> get_ou("wingeneric", 'sambaMachineAccountRDN') ,"ACL" => "winstation"),
471 "terminals" => array("OBJ"=>"termgeneric", "CLASS"=>"gotoTerminal" ,
472 "DN"=> get_ou("termgeneric", "terminalRDN") ,"ACL" => "terminal"),
473 "printers" => array("OBJ"=>"printgeneric", "CLASS"=>"gotoPrinter" ,
474 "DN"=> get_ou("printgeneric", "printerRDN") ,"ACL" => "printer"),
475 "phones" => array("OBJ"=>"phoneGeneric", "CLASS"=>"goFonHardware" ,
476 "DN"=> get_ou("phoneGeneric", "phoneRDN") ,"ACL" => "phone"));
479 /* Allow searching for applications, if we are not using release managed applications
480 */
481 if(!$this->IsReleaseManagementActivated()){
482 $p_f[ "applications"] = array("OBJ"=>"application", "CLASS"=>"gosaApplication",
483 "DN"=> get_ou("application", "applicationRDN") ,"ACL" => "application");
484 }
486 /*###########
487 Perform search for selected objectClasses & regex to fill list with objects
488 ###########*/
490 $Get_list_flags = 0;
491 if($ogfilter['subtrees'] == "checked"){
492 $Get_list_flags |= GL_SUBSEARCH;
493 }
495 foreach($p_f as $post_name => $data){
497 if($ogfilter[$post_name] == "checked" && class_available($data['OBJ'])){
499 if($ogfilter['subtrees']){
500 $base = $ogfilter['dselect'];
501 }else{
502 $base = $data['DN'].$ogfilter['dselect'];
503 }
506 $filter = "(&(objectClass=".$data['CLASS'].")(|(uid=$regex)(cn=$regex)(ou=$regex)))";
507 $res = get_list($filter, $data['ACL'] , $base,
508 array("description", "objectClass", "sn", "givenName", "uid","ou","cn"),$Get_list_flags);
510 /* fetch results and append them to the list */
511 foreach($res as $attrs){
513 /* Skip workstations which are already assigned to an object group.
514 */
515 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]"){
516 if(in_array_strict($attrs['dn'],$this->used_workstations)){
517 continue;
518 }
519 }
521 $type= $this->getObjectType($attrs);
522 $name= $this->getObjectName($attrs);
524 /* Fill array */
525 if (isset($attrs["description"][0])){
526 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
527 } elseif (isset($attrs["uid"][0])) {
528 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
529 } else {
530 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
531 }
532 }
533 }
534 }
535 reset ($this->objects);
538 /*###########
539 Build member list and try to detect obsolete entries
540 ###########*/
542 $this->memberList = array();
544 /* Walk through all single member entry */
545 foreach($this->member as $dn){
547 /* The dn for the current member can't be resolved
548 it seams that this entry was removed
549 */
550 /* Try to resolv the entry again, if it still fails, display error msg */
551 $ldap->cat($dn, array("cn", "sn", "givenName", "ou", "description", "objectClass", "macAddress"));
553 /* It has failed, add entry with type flag I (Invalid)*/
554 if (!$ldap->success()){
555 $this->memberList[$dn]= array('text' => _("Non existing DN:")." ".LDAP::fix($dn),"type" => "I");
557 } else {
559 /* Append this entry to our all object list */
561 /* Fetch object */
562 $attrs= $ldap->fetch();
564 $type= $this->getObjectType($attrs);
565 $name= $this->getObjectName($attrs);
567 if (isset($attrs["description"][0])){
568 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
569 } elseif (isset($attrs["uid"][0])) {
570 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
571 } else {
572 $this->objcache[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
573 }
574 $this->objcache[$attrs["dn"]]['objectClass'] = $attrs['objectClass'];
576 if(isset($attrs['macAddress'][0])){
577 $this->objcache[$attrs["dn"]]['macAddress'] = $attrs['macAddress'][0];
578 }else{
579 $this->objcache[$attrs["dn"]]['macAddress'] = "";
580 }
582 if(isset($attrs['uid'])){
583 $this->objcache[$attrs["dn"]]['uid'] = $attrs['uid'];
584 }
586 /* Fill array */
587 if (isset($attrs["description"][0])){
588 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
589 } else {
590 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
591 }
593 $this->memberList[$dn]= $this->objects[$attrs["dn"]];
594 }
595 }
596 reset ($this->memberList);
598 /* Assemble types of currently combined objects */
599 $objectTypes= "";
600 foreach ($this->memberList as $dn => $desc){
602 /* Invalid object? */
603 if ($desc['type'] == 'I'){
604 continue;
605 }
607 /* Fine. Add to list. */
608 if (!preg_match('/'.$desc['type'].'/', $objectTypes)){
609 $objectTypes.= $desc['type'];
610 }
611 }
612 $this->gosaGroupObjects= "[$objectTypes]";
613 }
616 function getObjectType($attrs)
617 {
618 $type= "I";
620 foreach($this->typeToClass as $index => $class){
621 if (in_array_strict($class, $attrs['objectClass'])){
622 $type= $index;
623 break;
624 }
625 }
626 return ($type);
627 }
630 function getObjectName($attrs)
631 {
632 /* Person? */
633 $name ="";
634 if (in_array_strict('gosaAccount', $attrs['objectClass'])){
635 if(isset($attrs['sn']) && isset($attrs['givenName'])){
636 $name= $attrs['sn'][0].", ".$attrs['givenName'][0];
637 } else {
638 $name= $attrs['uid'][0];
639 }
640 } else {
641 if(isset($attrs["cn"][0])) {
642 $name= $attrs['cn'][0];
643 } else {
644 $name= $attrs['ou'][0];
645 }
646 }
648 return ($name);
649 }
652 function check()
653 {
654 /* Call common method to give check the hook */
655 $message= plugin::check();
657 /* Permissions for that base? */
658 if ($this->base != ""){
659 $new_dn= 'cn='.$this->cn.','.get_ou("group", "ogroupRDN").$this->base;
660 } else {
661 $new_dn= $this->dn;
662 }
664 /* Check if we have workstations assigned, that are already assigned to
665 another object group. */
666 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]" ) {
667 $test =array_intersect($this->used_workstations,$this->member);
668 if(count($test)){
669 $str = "";
670 foreach($test as $dn){
671 $str .= "<li>".$dn."</li>";
672 }
673 $message[] = sprintf(_("These systems are already configured by other object groups and cannot be added:")."<br><ul>%s</ul>",$str);
674 }
675 }
677 $ldap = $this->config->get_ldap_link();
678 if(LDAP::fix($this->dn) != LDAP::fix($new_dn)){
679 $ldap->cat ($new_dn, array('dn'));
680 }
682 if($ldap->count() !=0){
683 $message[]= msgPool::duplicated(_("Name"));
684 }
686 // Check if a wrong base was supplied
687 if(!$this->baseSelector->checkLastBaseUpdate()){
688 $message[]= msgPool::check_base();;
689 }
691 /* Set new acl base */
692 if($this->dn == "new") {
693 $this->set_acl_base($this->base);
694 }
696 /* must: cn */
697 if ($this->cn == ""){
698 $message[]= msgPool::required(_("Name"));
699 }
701 if (preg_match('/[=,+<>#;]/', $this->cn)) {
702 $message[] = msgPool::invalid(_("Name"), $this->cn, "/[^=+,<>#;]/");
703 }
705 /* To many different object types? */
706 if (strlen($this->gosaGroupObjects) > 4){
707 $message[]= _("You can combine two different object types at maximum, only!");
708 }
710 /* Check if we are allowed to create or move this object
711 */
712 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
713 $message[] = msgPool::permCreate();
714 }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
715 $message[] = msgPool::permMove();
716 }
718 return ($message);
719 }
722 /* Save to LDAP */
723 function save()
724 {
725 // Do not save members if we don't want to.
726 // This may be the case if we've copied an ogroup containing systems!
727 if(!$this->copyMembers){
728 $this->member = array();
729 $this->reload();
730 }
732 plugin::save();
734 /* Move members to target array */
735 if(!$this->wasDyGroup && !$this->isRestrictedByDynGroup()){
736 $this->attrs['member'] =array();
737 foreach ($this->member as $key => $desc){
738 $this->attrs['member'][]= LDAP::fix($key);
739 }
740 }
742 $ldap= $this->config->get_ldap_link();
744 /* New accounts need proper 'dn', propagate it to remaining objects */
745 if ($this->dn == 'new'){
746 $this->dn= 'cn='.$this->cn.','.get_ou("group", "ogroupRDN").$this->base;
747 }
749 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
750 new entries. So do a check first... */
751 $ldap->cat ($this->dn, array('dn'));
752 if ($ldap->fetch()){
753 /* Modify needs array() to remove values :-( */
754 if (!count ($this->member)){
755 $this->attrs['member']= array();
756 }
757 $mode= "modify";
759 } else {
760 $mode= "add";
761 $ldap->cd($this->config->current['BASE']);
762 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
763 }
766 /* Write back to ldap */
767 $ldap->cd($this->dn);
768 $this->cleanup();
769 $ldap->$mode($this->attrs);
771 if($mode == "add"){
772 new log("create","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
773 }else{
774 new log("modify","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
775 }
777 /* Trigger post signal */
778 $this->handle_post_events($mode);
780 $ret= 0;
781 if (!$ldap->success()){
782 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
783 $ret= 1;
784 }else{
785 $this->trustModeDialog->dn = $this->dn;
786 $this->trustModeDialog->save();
787 }
789 return ($ret);
790 }
792 function remove_from_parent()
793 {
794 plugin::remove_from_parent();
796 $ldap= $this->config->get_ldap_link();
797 $ldap->rmdir($this->dn);
798 if (!$ldap->success()){
799 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
800 }
802 new log("remove","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
804 /* Trigger remove signal */
805 $this->handle_post_events("remove");
806 }
809 function PrepareForCopyPaste($source)
810 {
811 plugin::PrepareForCopyPaste($source);
813 // Preselect "Copy members" state.
814 // If we've terminals, workstations or servers in our members list,
815 // then disable this option by default, to avoid problems with
816 // inheritance of ogroup values.
817 if (preg_match("/[STW]/", $this->gosaGroupObjects) || !isset($source['member'])) {
818 $this->copyMembers = FALSE;
819 } else {
820 $this->copyMembers = TRUE;
821 }
823 /* Reload tabs */
824 $this->parent->reload($this->gosaGroupObjects );
826 $this->trustModeDialog->PrepareForCopyPaste($source);
828 /* Reload plugins */
829 foreach($this->parent->by_object as $name => $class ){
830 if(get_class($this) != $name) {
831 $this->parent->by_object[$name]->PrepareForCopyPaste($source);
832 }
833 }
835 $source_o = new ogroup ($this->config, $source['dn']);
836 foreach(array("member","gosaGroupObjects") as $attr){
837 $this->$attr = $source_o->$attr;
838 }
839 }
842 function getCopyDialog()
843 {
844 $smarty = get_smarty();
845 $smarty->assign("cn", set_post($this->cn));
846 $smarty->assign("copyMembers", $this->copyMembers);
847 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
848 $ret = array();
849 $ret['string'] = $str;
850 $ret['status'] = "";
851 return($ret);
852 }
854 function saveCopyDialog()
855 {
856 if(isset($_POST['cn'])){
857 $this->cn = get_post('cn');
858 }
859 $this->copyMembers = isset($_POST['copyMembers']);
860 }
863 function IsReleaseManagementActivated()
864 {
865 return($this->config->pluginEnabled("faiManagement"));
866 }
869 static function plInfo()
870 {
871 return (array(
872 "plShortName" => _("Generic"),
873 "plDescription" => _("Object group generic"),
874 "plSelfModify" => FALSE,
875 "plDepends" => array(),
876 "plPriority" => 1,
877 "plSection" => array("administration"),
878 "plRequirements"=> array(
879 'ldapSchema' => array('gosaGroupOfNames' => '>=2.7'),
880 'onFailureDisablePlugin' => array(get_class(), 'ogroupManagement')
881 ),
882 "plCategory" => array("ogroups" => array("description" => _("Object groups"),
883 "objectClass" => "gosaGroupOfNames")),
884 "plProvidedAcls"=> array(
885 "cn" => _("Name"),
886 "base" => _("Base"),
887 "description" => _("Description"),
888 "accessTo" => _("System trust"),
889 "member" => _("Member"))
890 ));
891 }
892 }
894 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
895 ?>