![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 /* Sort multidimensional arrays for key 'text' */
24 function sort_list($val1, $val2)
25 {
26 $v1= strtolower($val1['text']);
27 $v2= strtolower($val2['text']);
28 if ($v1 > $v2){
29 return 1;
30 }
31 if ($v1 < $v2){
32 return -1;
33 }
34 return 0;
35 }
38 class ogroup extends plugin
39 {
40 /* Variables */
41 var $cn= "";
42 var $description= "";
43 var $base= "";
44 var $gosaGroupObjects= "";
45 var $objects= array();
46 var $objcache= array();
47 var $memberList= array();
48 var $member= array();
49 var $orig_dn= "";
50 var $orig_cn= "";
51 var $orig_base= "";
52 var $objectSelect= FALSE;
53 var $view_logged = FALSE;
55 var $accessTo= array();
56 var $trustModel= "";
57 var $trustSelect = FALSE;
59 var $was_trust_account= FALSE;
60 var $baseSelector;
62 /* Already assigned Workstations. Will be hidden in selection.
63 */
64 var $used_workstations = array();
66 /* attribute list for save action */
67 var $attributes= array("cn", "description", "gosaGroupObjects","member","accessTo","trustModel");
68 var $objectclasses= array("top", "gosaGroupOfNames");
70 function ogroup (&$config, $dn= NULL)
71 {
72 plugin::plugin ($config, $dn);
73 $this->orig_dn= $dn;
75 $this->member = array();
77 /* Load member objects */
78 if (isset($this->attrs['member'])){
79 foreach ($this->attrs['member'] as $key => $value){
80 if ("$key" != "count"){
81 $value= @LDAP::convert($value);
82 $this->member["$value"]= "$value";
83 }
84 }
85 }
86 $this->is_account= TRUE;
88 /* Get global filter config */
89 if (!session::is_set("ogfilter")){
90 $ui= get_userinfo();
91 $base= get_base_from_people($ui->dn);
92 $ogfilter= array( "dselect" => $base,
93 "regex" => "*");
94 session::set("ogfilter", $ogfilter);
95 }
96 $ogfilter= session::get('ogfilter');
98 /* Adjust flags */
99 foreach( array( "U" => "accounts",
100 "G" => "groups",
101 "A" => "applications",
102 "D" => "departments",
103 "S" => "servers",
104 "W" => "workstations",
105 "O" => "winstations",
106 "T" => "terminals",
107 "F" => "phones",
108 "_" => "subtrees",
109 "P" => "printers") as $key => $val){
111 if (preg_match("/$key/", $this->gosaGroupObjects)){
112 $ogfilter[$val]= "checked";
113 } else {
114 $ogfilter[$val]= "";
115 }
116 }
117 session::set("ogfilter", $ogfilter);
119 /* Set base */
120 if ($this->dn == "new"){
121 $ui = get_userinfo();
122 $this->base= dn2base(session::global_is_set("CurrentMainBase")?"cn=dummy,".session::global_get("CurrentMainBase"):$ui->dn);
123 } else {
124 $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("ogroupRDN"), '/')."/i","",$this->dn);
126 /* Is this account a trustAccount? */
127 if ($this->is_account && isset($this->attrs['trustModel'])){
128 $this->trustModel= $this->attrs['trustModel'][0];
129 $this->was_trust_account= TRUE;
130 } else {
131 $this->was_trust_account= FALSE;
132 $this->trustModel= "";
133 }
135 $this->accessTo = array();
136 if ($this->is_account && isset($this->attrs['accessTo'])){
137 for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
138 $tmp= $this->attrs['accessTo'][$i];
139 $this->accessTo[$tmp]= $tmp;
140 }
141 }
142 }
144 /* Detect all workstations, which are already assigned to an object group
145 - Those objects will be hidden in the add object dialog.
146 - Check() will complain if such a system is assigned to this object group.
147 */
148 $base = $this->config->current['BASE'];
149 $res = get_list("(|(objectClass=gotoWorkstation)(objectClass=gotoTerminal))","none" ,
150 $base, array("dn"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
151 $ws_dns = array();
152 foreach($res as $data){
153 $ws_dns[] = $data['dn'];
154 }
155 $res=get_list("(&(member=*)(objectClass=gosaGroupOfNames))","none",
156 $base, array("dn","member", "gosaGroupObjects"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
157 $this->used_workstations = array();
158 foreach($res as $og){
159 if($og['dn'] == $this->dn) continue;
160 $test = array_intersect($ws_dns,$og['member']);
161 if(($og['gosaGroupObjects'] == "[W]" || $og['gosaGroupObjects'] == "[T]") && count($test)){
162 $this->used_workstations = array_merge($this->used_workstations,$test);
163 }
164 }
166 $this->orig_cn = $this->cn;
167 $this->orig_base = $this->base;
169 /* Get global filter config */
170 if (!session::is_set("sysfilter")){
171 $ui= get_userinfo();
172 $base= get_base_from_people($ui->dn);
173 $sysfilter= array( "depselect" => $base,
174 "regex" => "*");
175 session::set("sysfilter", $sysfilter);
176 }
178 /* Instanciate base selector */
179 $this->baseSelector= new baseSelector($this->get_allowed_bases(), $this->base);
180 $this->baseSelector->setSubmitButton(false);
181 $this->baseSelector->setHeight(300);
182 $this->baseSelector->update(true);
184 $this->reload();
185 }
187 function AddDelMembership($NewMember = false){
189 if($NewMember){
191 /* Add member and force reload */
192 $this->member[$NewMember]= $NewMember;
193 $this->reload();
195 $this->memberList[$NewMember]= $this->objcache[$NewMember];
196 unset ($this->objects[$NewMember]);
197 uasort ($this->memberList, 'sort_list');
198 reset ($this->memberList);
199 }else{
200 /* Delete objects from group */
201 if (isset($_POST['delete_membership']) && isset($_POST['members'])){
202 foreach ($_POST['members'] as $value){
203 $this->objects["$value"]= $this->memberList[$value];
204 unset ($this->memberList["$value"]);
205 unset ($this->member["$value"]);
206 uasort ($this->objects, 'sort_list');
207 reset ($this->objects);
208 }
209 $this->reload();
210 }
212 /* Add objects to group */
213 if (isset($_POST['objectSelect_save']) && $this->objectSelect instanceOf objectSelect){
214 $objects = $this->objectSelect->save();
215 $skipped = FALSE;
216 foreach($objects as $object){
218 $tmp = "";
219 foreach($this->memberList as $obj){
220 $tmp .= $obj['type'];
221 }
223 $type = $this->getObjectType($object);
224 $name= $this->getObjectName($object);
225 $dn = $object['dn'];
227 /* Fill array */
228 if (isset($object["description"][0])){
229 $object= array("text" => "$name [".$object["description"][0]."]", "type" => "$type");
230 } elseif (isset($object["uid"][0])) {
231 $object= array("text" => "$name [".$object["uid"][0]."]", "type" => "$type");
232 } else {
233 $object= array("text" => "$name", "type" => "$type");
234 }
236 if(preg_match("/T/",$tmp) && $type == "W"){
237 $skipped =TRUE;
238 }elseif(preg_match("/W/",$tmp) && $type == "T"){
239 $skipped =TRUE;
240 }else{
242 $this->memberList["$dn"]= $object;
243 $this->member["$dn"]= $dn;
244 uasort ($this->memberList, 'sort_list');
245 reset ($this->memberList);
246 }
247 }
248 if($skipped){
249 msg_dialog::display(_("Information"), _("You cannot combine terminals and workstations in one object group!"), INFO_DIALOG);
250 }
251 $this->objectSelect= FALSE;
252 $this->dialog= FALSE;
253 }
254 }
255 }
257 function execute()
258 {
259 /* Call parent execute */
260 plugin::execute();
262 if(!$this->view_logged){
263 $this->view_logged = TRUE;
264 new log("view","ogroups/".get_class($this),$this->dn);
265 }
268 /* Do we represent a valid group? */
269 if (!$this->is_account){
270 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
271 msgPool::noValidExtension("object group")."</b>";
272 return ($display);
273 }
276 /* Load templating engine */
277 $smarty= get_smarty();
278 $smarty->assign("usePrototype", "true");
280 $tmp = $this->plInfo();
281 foreach($tmp['plProvidedAcls'] as $name => $translation){
282 $smarty->assign($name."ACL",$this->getacl($name));
283 }
285 /***********
286 * Trusts
287 ***********/
289 /* Add user workstation? */
290 if (isset($_POST["add_ws"])){
291 $this->trustSelect= new trustSelect($this->config,get_userinfo());
292 $this->dialog= TRUE;
293 }
295 // Add selected machines to trusted ones.
296 if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
297 $trusts = $this->trustSelect->detectPostActions();
298 if(isset($trusts['targets'])){
300 $headpage = $this->trustSelect->getHeadpage();
301 foreach($trusts['targets'] as $id){
302 $attrs = $headpage->getEntry($id);
303 $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
304 }
305 ksort($this->accessTo);
306 $this->is_modified= TRUE;
307 }
308 $this->trustSelect= NULL;
309 $this->dialog= FALSE;
310 }
313 /* Remove user workstations? */
314 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
315 foreach($_POST['workstation_list'] as $name){
316 unset ($this->accessTo[$name]);
317 }
318 $this->is_modified= TRUE;
319 }
321 /* Add user workstation finished? */
322 if (isset($_POST["add_ws_cancel"])){
323 $this->trustSelect= NULL;
324 $this->dialog= FALSE;
325 }
327 /* Show ws dialog */
328 if ($this->trustSelect){
330 // Build up blocklist
331 session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
332 return($this->trustSelect->execute());
333 }
335 /***********
336 * Ende - Trusts
337 ***********/
340 /* Dialog handling */
341 if(is_object($this->dialog) && $this->acl_is_moveable()){
342 /* Must be called before save_object */
343 $this->dialog->save_object();
345 if($this->dialog->isClosed()){
346 $this->dialog = false;
347 }elseif($this->dialog->isSelected()){
349 /* A new base was selected, check if it is a valid one */
350 $tmp = $this->get_allowed_bases();
351 if(isset($tmp[$this->dialog->isSelected()])){
352 $this->base = $this->dialog->isSelected();
353 }
354 $this->dialog= false;
355 }else{
356 return($this->dialog->execute());
357 }
358 }
360 /* Add objects? */
361 if (isset($_POST["edit_membership"])){
362 $this->objectSelect= new objectSelect($this->config, get_userinfo());
363 $this->dialog= TRUE;
364 }
366 /* Add objects finished? */
367 if (isset($_POST["objectSelect_cancel"])){
368 $this->objectSelect= FALSE;
369 $this->dialog= FALSE;
370 }
372 /* Manage object add dialog */
373 if ($this->objectSelect){
374 session::set('filterBlacklist', array('dn'=> $this->member));
375 return($this->objectSelect->execute());
376 }
378 /* Bases / Departments */
379 if ((isset($_POST['base'])) && ($this->acl_is_moveable())){
380 $this->base= $_POST['base'];
381 }
383 /* Assemble combine string */
384 if ($this->gosaGroupObjects == "[]"){
385 $smarty->assign("combinedObjects", _("none"));
386 } elseif (strlen($this->gosaGroupObjects) > 4){
387 $smarty->assign("combinedObjects", "<font color=red>"._("too many different objects!")."</font>");
388 } else {
389 $conv= array( "U" => _("users"),
390 "G" => _("groups"),
391 "A" => _("applications"),
392 "D" => _("departments"),
393 "S" => _("servers"),
394 "W" => _("workstations"),
395 "O" => _("winstations"),
396 "T" => _("terminals"),
397 "F" => _("phones"),
398 "P" => _("printers"));
400 $type= preg_replace('/[\[\]]/', '', $this->gosaGroupObjects);
401 $p1= $conv[$type[0]];
402 error_reporting(0);
403 if (isset($type[1]) && preg_match('/[UGADSFOWTP]/', $type[1])){
404 $p2= $conv[$type[1]];
405 $smarty->assign("combinedObjects", sprintf("'%s' and '%s'", $p1, $p2));
406 } else {
407 $smarty->assign("combinedObjects", "$p1");
408 }
409 error_reporting(E_ALL | E_STRICT);
410 }
412 /* Assign variables */
413 $smarty->assign("base", $this->baseSelector->render());
414 $smarty->assign("members", $this->convert_list($this->memberList));
416 /* Objects have to be tuned... */
417 $smarty->assign("objects", $this->convert_list($this->objects));
419 /* Fields */
420 foreach ($this->attributes as $val){
421 $smarty->assign("$val", $this->$val);
422 }
424 /******
425 Trust account
426 ******/
427 $smarty->assign("trusthide", " disabled ");
428 $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
429 if ($this->trustModel == "fullaccess"){
430 $trustmode= 1;
431 // pervent double disable tag in html code, this will disturb our clean w3c html
432 $smarty->assign("trustmode", $this->getacl("trustModel"));
434 } elseif ($this->trustModel == "byhost"){
435 $trustmode= 2;
436 $smarty->assign("trusthide", "");
437 } else {
438 // pervent double disable tag in html code, this will disturb our clean w3c html
439 $smarty->assign("trustmode", $this->getacl("trustModel"));
440 $trustmode= 0;
441 }
442 $smarty->assign("trustmode", $trustmode);
443 $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
444 2 => _("allow access to these hosts")));
446 $smarty->assign("workstations", $this->accessTo);
448 if((count($this->accessTo))==0){
449 $smarty->assign("emptyArrAccess",true);
450 }else{
451 $smarty->assign("emptyArrAccess",false);
452 }
453 /******
454 Ende - Trust account
455 ******/
457 return ($smarty->fetch (get_template_path('generic.tpl', TRUE)));
458 }
461 /* Save data to object */
462 function save_object()
463 {
464 /* Save additional values for possible next step */
465 if (isset($_POST['ogroupedit'])){
467 /******
468 Trust account
469 ******/
471 if($this->acl_is_writeable("trustModel")){
472 if (isset($_POST['trustmode'])){
473 $saved= $this->trustModel;
474 if ($_POST['trustmode'] == "1"){
475 $this->trustModel= "fullaccess";
476 } elseif ($_POST['trustmode'] == "2"){
477 $this->trustModel= "byhost";
478 } else {
479 $this->trustModel= "";
480 }
481 if ($this->trustModel != $saved){
482 $this->is_modified= TRUE;
483 }
484 }
485 }
486 /******
487 Ende Trust account
488 ******/
490 /* Create a base backup and reset the
491 base directly after calling plugin::save_object();
492 Base will be set seperatly a few lines below */
493 $base_tmp = $this->base;
494 plugin::save_object();
495 $this->base = $base_tmp;
497 /* Refresh base */
498 if ($this->acl_is_moveable($this->base)){
499 if (!$this->baseSelector->update()) {
500 msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
501 }
502 if ($this->base != $this->baseSelector->getBase()) {
503 $this->base= $this->baseSelector->getBase();
504 $this->is_modified= TRUE;
505 }
506 }
508 }
509 }
512 /* (Re-)Load objects */
513 function reload()
514 {
515 /*###########
516 Variable initialisation
517 ###########*/
519 $this->objects = array();
520 $this->ui = get_userinfo();
521 $filter = "";
522 $objectClasses = array();
524 $ogfilter = session::get("ogfilter");
525 $regex = $ogfilter['regex'];
527 $ldap= $this->config->get_ldap_link();
528 $ldap->cd ($ogfilter['dselect']);
531 /*###########
532 Generate Filter
533 ###########*/
535 $p_f= array("accounts"=> array("OBJ"=>"user", "CLASS"=>"gosaAccount" ,
536 "DN"=> get_people_ou() ,"ACL" => "users"),
537 "groups" => array("OBJ"=>"group", "CLASS"=>"posixGroup" ,
538 "DN"=> get_groups_ou('ogroupRDN') ,"ACL" => "groups"),
539 "departments" => array("OBJ"=>"department", "CLASS"=>"gosaDepartment" ,
540 "DN"=> "" ,"ACL" => "department"),
541 "servers" => array("OBJ"=>"servgeneric", "CLASS"=>"goServer" ,
542 "DN"=> get_ou('serverRDN') ,"ACL" => "server"),
543 "workstations" => array("OBJ"=>"workgeneric", "CLASS"=>"gotoWorkstation",
544 "DN"=> get_ou('workstationRDN') ,"ACL" => "workstation"),
545 "winstations" => array("OBJ"=>"wingeneric", "CLASS"=>"opsiClient",
546 "DN"=> get_ou('SAMBAMACHINEACCOUNTRDN') ,"ACL" => "winstation"),
547 "terminals" => array("OBJ"=>"termgeneric", "CLASS"=>"gotoTerminal" ,
548 "DN"=> get_ou('terminalRDN') ,"ACL" => "terminal"),
549 "printers" => array("OBJ"=>"printgeneric", "CLASS"=>"gotoPrinter" ,
550 "DN"=> get_ou('printerRDN') ,"ACL" => "printer"),
551 "phones" => array("OBJ"=>"phoneGeneric", "CLASS"=>"goFonHardware" ,
552 "DN"=> get_ou('phoneRDN') ,"ACL" => "phone"));
555 /* Allow searching for applications, if we are not using release managed applications
556 */
557 if(!$this->IsReleaseManagementActivated()){
558 $p_f[ "applications"] = array("OBJ"=>"application", "CLASS"=>"gosaApplication",
559 "DN"=> get_ou('applicationRDN') ,"ACL" => "application");
560 }
562 /*###########
563 Perform search for selected objectClasses & regex to fill list with objects
564 ###########*/
566 $Get_list_flags = 0;
567 if($ogfilter['subtrees'] == "checked"){
568 $Get_list_flags |= GL_SUBSEARCH;
569 }
571 foreach($p_f as $post_name => $data){
573 if($ogfilter[$post_name] == "checked" && class_available($data['OBJ'])){
575 if($ogfilter['subtrees']){
576 $base = $ogfilter['dselect'];
577 }else{
578 $base = $data['DN'].$ogfilter['dselect'];
579 }
582 $filter = "(&(objectClass=".$data['CLASS'].")(|(uid=$regex)(cn=$regex)(ou=$regex)))";
583 $res = get_list($filter, $data['ACL'] , $base,
584 array("description", "objectClass", "sn", "givenName", "uid","ou","cn"),$Get_list_flags);
586 /* fetch results and append them to the list */
587 foreach($res as $attrs){
589 /* Skip workstations which are already assigned to an object group.
590 */
591 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]"){
592 if(in_array($attrs['dn'],$this->used_workstations)){
593 continue;
594 }
595 }
597 $type= $this->getObjectType($attrs);
598 $name= $this->getObjectName($attrs);
600 /* Fill array */
601 if (isset($attrs["description"][0])){
602 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
603 } elseif (isset($attrs["uid"][0])) {
604 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
605 } else {
606 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
607 }
608 }
609 }
610 }
611 uasort ($this->objects, 'sort_list');
612 reset ($this->objects);
615 /*###########
616 Build member list and try to detect obsolete entries
617 ###########*/
619 $this->memberList = array();
621 /* Walk through all single member entry */
622 foreach($this->member as $dn){
624 /* The dn for the current member can't be resolved
625 it seams that this entry was removed
626 */
627 /* Try to resolv the entry again, if it still fails, display error msg */
628 $ldap->cat($dn, array("cn", "sn", "givenName", "ou", "description", "objectClass", "macAddress"));
630 /* It has failed, add entry with type flag I (Invalid)*/
631 if (!$ldap->success()){
632 $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".LDAP::fix($dn),"type" => "I");
634 } else {
636 /* Append this entry to our all object list */
638 /* Fetch object */
639 $attrs= $ldap->fetch();
641 $type= $this->getObjectType($attrs);
642 $name= $this->getObjectName($attrs);
644 if (isset($attrs["description"][0])){
645 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
646 } elseif (isset($attrs["uid"][0])) {
647 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
648 } else {
649 $this->objcache[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
650 }
651 $this->objcache[$attrs["dn"]]['objectClass'] = $attrs['objectClass'];
653 if(isset($attrs['macAddress'][0])){
654 $this->objcache[$attrs["dn"]]['macAddress'] = $attrs['macAddress'][0];
655 }else{
656 $this->objcache[$attrs["dn"]]['macAddress'] = "";
657 }
659 if(isset($attrs['uid'])){
660 $this->objcache[$attrs["dn"]]['uid'] = $attrs['uid'];
661 }
663 /* Fill array */
664 if (isset($attrs["description"][0])){
665 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
666 } else {
667 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
668 }
670 $this->memberList[$dn]= $this->objects[$attrs["dn"]];
671 }
672 }
673 uasort ($this->memberList, 'sort_list');
674 reset ($this->memberList);
676 /* Assemble types of currently combined objects */
677 $objectTypes= "";
678 foreach ($this->memberList as $dn => $desc){
680 /* Invalid object? */
681 if ($desc['type'] == 'I'){
682 continue;
683 }
685 /* Fine. Add to list. */
686 if (!preg_match('/'.$desc['type'].'/', $objectTypes)){
687 $objectTypes.= $desc['type'];
688 }
689 }
690 $this->gosaGroupObjects= "[$objectTypes]";
691 }
694 function convert_list($input)
695 {
696 $temp= "";
697 $conv= array(
698 "Y" => "plugins/users/images/select_template.png",
699 "U" => "plugins/generic/images/head.png",
700 "G" => "plugins/groups/images/groups.png",
701 "A" => "plugins/ogroups/images/application.png",
702 "D" => "plugins/departments/images/department.png",
703 "S" => "plugins/ogroups/images/server.png",
704 "W" => "plugins/ogroups/images/workstation.png",
705 "O" => "plugins/ogroups/images/winstation.png",
706 "T" => "plugins/ogroups/images/terminal.png",
707 "F" => "plugins/ogroups/images/phone.png",
708 "P" => "plugins/ogroups/images/printer.png",
709 "I" => "images/false.png");
711 foreach ($input as $key => $value){
712 /* Generate output */
713 $temp.= "<option title='".addslashes( $key)."' value=\"$key\" class=\"select\" style=\"background-image:url('".get_template_path($conv[$value['type']])."');\">".$value['text']."</option>\n";
714 }
716 return ($temp);
717 }
720 function getObjectType($attrs)
721 {
722 $type= "I";
724 foreach(array(
725 "Y" => "gosaUserTemplate",
726 "U" => "gosaAccount",
727 "G" => "posixGroup",
728 "A" => "gosaApplication",
729 "D" => "gosaDepartment",
730 "S" => "goServer",
731 "W" => "gotoWorkstation",
732 "O" => "opsiClient",
733 "T" => "gotoTerminal",
734 "F" => "goFonHardware",
735 "P" => "gotoPrinter") as $index => $class){
736 if (in_array($class, $attrs['objectClass'])){
737 $type= $index;
738 break;
739 }
740 }
742 return ($type);
743 }
746 function getObjectName($attrs)
747 {
748 /* Person? */
749 $name ="";
750 if (in_array('gosaAccount', $attrs['objectClass'])){
751 if(isset($attrs['sn']) && isset($attrs['givenName'])){
752 $name= $attrs['sn'][0].", ".$attrs['givenName'][0];
753 } else {
754 $name= $attrs['uid'][0];
755 }
756 } else {
757 if(isset($attrs["cn"][0])) {
758 $name= $attrs['cn'][0];
759 } else {
760 $name= $attrs['ou'][0];
761 }
762 }
764 return ($name);
765 }
768 function check()
769 {
770 /* Call common method to give check the hook */
771 $message= plugin::check();
773 /* Permissions for that base? */
774 if ($this->base != ""){
775 $new_dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
776 } else {
777 $new_dn= $this->dn;
778 }
780 /* Check if we have workstations assigned, that are already assigned to
781 another object group. */
782 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]" ) {
783 $test =array_intersect($this->used_workstations,$this->member);
784 if(count($test)){
785 $str = "";
786 foreach($test as $dn){
787 $str .= "<li>".$dn."</li>";
788 }
789 $message[] = sprintf(_("These systems are already configured by other object groups and cannot be added:")."<br><ul>%s</ul>",$str);
790 }
791 }
793 $ldap = $this->config->get_ldap_link();
794 if(LDAP::fix($this->dn) != LDAP::fix($new_dn)){
795 $ldap->cat ($new_dn, array('dn'));
796 }
798 if($ldap->count() !=0){
799 $message[]= msgPool::duplicated(_("Name"));
800 }
802 // Check if a wrong base was supplied
803 if(!$this->baseSelector->checkLastBaseUpdate()){
804 $message[]= msgPool::check_base();;
805 }
807 /* Set new acl base */
808 if($this->dn == "new") {
809 $this->set_acl_base($this->base);
810 }
812 /* must: cn */
813 if ($this->cn == ""){
814 $message[]= msgPool::required(_("Name"));
815 }
817 /* To many different object types? */
818 if (strlen($this->gosaGroupObjects) > 4){
819 $message[]= _("You can combine two different object types at maximum, only!");
820 }
822 /* Check if we are allowed to create or move this object
823 */
824 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
825 $message[] = msgPool::permCreate();
826 }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
827 $message[] = msgPool::permMove();
828 }
830 return ($message);
831 }
834 /* Save to LDAP */
835 function save()
836 {
837 plugin::save();
839 /* Move members to target array */
840 $this->attrs['member'] =array();
841 foreach ($this->member as $key => $desc){
842 $this->attrs['member'][]= LDAP::fix($key);
843 }
845 $ldap= $this->config->get_ldap_link();
847 /* New accounts need proper 'dn', propagate it to remaining objects */
848 if ($this->dn == 'new'){
849 $this->dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
850 }
852 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
853 new entries. So do a check first... */
854 $ldap->cat ($this->dn, array('dn'));
855 if ($ldap->fetch()){
856 /* Modify needs array() to remove values :-( */
857 if (!count ($this->member)){
858 $this->attrs['member']= array();
859 }
860 $mode= "modify";
862 } else {
863 $mode= "add";
864 $ldap->cd($this->config->current['BASE']);
865 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
866 }
868 /******
869 Trust accounts
870 ******/
871 $objectclasses= array();
872 foreach ($this->attrs['objectClass'] as $key => $class){
873 if (preg_match('/trustAccount/i', $class)){
874 continue;
875 }
876 $objectclasses[]= $this->attrs['objectClass'][$key];
877 }
878 $this->attrs['objectClass']= $objectclasses;
879 if ($this->trustModel != ""){
880 $this->attrs['objectClass'][]= "trustAccount";
881 $this->attrs['trustModel']= $this->trustModel;
882 $this->attrs['accessTo']= array();
883 if ($this->trustModel == "byhost"){
884 foreach ($this->accessTo as $host){
885 $this->attrs['accessTo'][]= $host;
886 }
887 }
888 } else {
889 if ($this->was_trust_account){
890 $this->attrs['accessTo']= array();
891 $this->attrs['trustModel']= array();
892 }
893 }
895 /******
896 Ende - Trust accounts
897 ******/
899 /* Write back to ldap */
900 $ldap->cd($this->dn);
901 $this->cleanup();
902 $ldap->$mode($this->attrs);
904 if($mode == "add"){
905 new log("create","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
906 }else{
907 new log("modify","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
908 }
910 /* Trigger post signal */
911 $this->handle_post_events($mode);
913 $ret= 0;
914 if (!$ldap->success()){
915 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
916 $ret= 1;
917 }
919 return ($ret);
920 }
922 function remove_from_parent()
923 {
924 plugin::remove_from_parent();
926 $ldap= $this->config->get_ldap_link();
927 $ldap->rmdir($this->dn);
928 if (!$ldap->success()){
929 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
930 }
932 new log("remove","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
934 /* Trigger remove signal */
935 $this->handle_post_events("remove");
936 }
939 function PrepareForCopyPaste($source)
940 {
941 plugin::PrepareForCopyPaste($source);
943 /* Reload tabs */
944 $this->parent->reload($this->gosaGroupObjects );
946 /* Reload plugins */
947 foreach($this->parent->by_object as $name => $class ){
948 if(get_class($this) != $name) {
949 $this->parent->by_object[$name]->PrepareForCopyPaste($source);
950 }
951 }
953 $source_o = new ogroup ($this->config, $source['dn']);
954 foreach(array("accessTo","member","gosaGroupObjects") as $attr){
955 $this->$attr = $source_o->$attr;
956 }
957 }
960 function getCopyDialog()
961 {
962 $smarty = get_smarty();
963 $smarty->assign("cn", $this->cn);
964 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
965 $ret = array();
966 $ret['string'] = $str;
967 $ret['status'] = "";
968 return($ret);
969 }
971 function saveCopyDialog()
972 {
973 if(isset($_POST['cn'])){
974 $this->cn = $_POST['cn'];
975 }
976 }
979 function IsReleaseManagementActivated()
980 {
981 /* Check if we should enable the release selection */
982 $tmp = $this->config->search("faiManagement", "CLASS",array('menu','tabs'));
983 if(!empty($tmp)){
984 return(true);
985 }
986 return(false);
987 }
990 static function plInfo()
991 {
992 return (array(
993 "plShortName" => _("Generic"),
994 "plDescription" => _("Object group generic"),
995 "plSelfModify" => FALSE,
996 "plDepends" => array(),
997 "plPriority" => 1,
998 "plSection" => array("administration"),
999 "plCategory" => array("ogroups" => array("description" => _("Object groups"),
1000 "objectClass" => "gosaGroupOfNames")),
1001 "plProvidedAcls"=> array(
1002 "cn" => _("Name"),
1003 "base" => _("Base"),
1004 "description" => _("Description"),
1005 "trustModel" => _("Sytem trust"),
1006 "member" => _("Member"))
1007 ));
1008 }
1009 }
1011 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1012 ?>