1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 /* Sort multidimensional arrays for key 'text' */
24 function sort_list($val1, $val2)
25 {
26 $v1= strtolower($val1['text']);
27 $v2= strtolower($val2['text']);
28 if ($v1 > $v2){
29 return 1;
30 }
31 if ($v1 < $v2){
32 return -1;
33 }
34 return 0;
35 }
38 class ogroup extends plugin
39 {
40 /* Variables */
41 var $cn= "";
42 var $description= "";
43 var $base= "";
44 var $gosaGroupObjects= "";
45 var $department= "";
46 var $objects= array();
47 var $objcache= array();
48 var $memberList= array();
49 var $member= array();
50 var $orig_dn= "";
51 var $orig_cn= "";
52 var $orig_base= "";
53 var $objectSelect= FALSE;
54 var $view_logged = FALSE;
56 var $accessTo= array();
57 var $trustModel= "";
58 var $trustSelect = FALSE;
60 var $was_trust_account= FALSE;
61 var $baseSelector;
63 /* Already assigned Workstations. Will be hidden in selection.
64 */
65 var $used_workstations = array();
67 /* attribute list for save action */
68 var $attributes= array("cn", "description", "gosaGroupObjects","member","accessTo","trustModel");
69 var $objectclasses= array("top", "gosaGroupOfNames");
71 function ogroup (&$config, $dn= NULL)
72 {
73 plugin::plugin ($config, $dn);
74 $this->orig_dn= $dn;
76 $this->member = array();
78 /* Load member objects */
79 if (isset($this->attrs['member'])){
80 foreach ($this->attrs['member'] as $key => $value){
81 if ("$key" != "count"){
82 $value= @LDAP::convert($value);
83 $this->member["$value"]= "$value";
84 }
85 }
86 }
87 $this->is_account= TRUE;
89 /* Get global filter config */
90 if (!session::is_set("ogfilter")){
91 $ui= get_userinfo();
92 $base= get_base_from_people($ui->dn);
93 $ogfilter= array( "dselect" => $base,
94 "regex" => "*");
95 session::set("ogfilter", $ogfilter);
96 }
97 $ogfilter= session::get('ogfilter');
99 /* Adjust flags */
100 foreach( array( "U" => "accounts",
101 "G" => "groups",
102 "A" => "applications",
103 "D" => "departments",
104 "S" => "servers",
105 "W" => "workstations",
106 "O" => "winstations",
107 "T" => "terminals",
108 "F" => "phones",
109 "_" => "subtrees",
110 "P" => "printers") as $key => $val){
112 if (preg_match("/$key/", $this->gosaGroupObjects)){
113 $ogfilter[$val]= "checked";
114 } else {
115 $ogfilter[$val]= "";
116 }
117 }
118 session::set("ogfilter", $ogfilter);
120 if(session::is_set('CurrentMainBase')){
121 $this->base = session::get('CurrentMainBase');
122 }
124 /* Set base */
125 if ($this->dn == "new"){
126 $this->base = session::get('CurrentMainBase');
127 } else {
128 $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("ogroupRDN"), '/')."/i","",$this->dn);
130 /* Is this account a trustAccount? */
131 if ($this->is_account && isset($this->attrs['trustModel'])){
132 $this->trustModel= $this->attrs['trustModel'][0];
133 $this->was_trust_account= TRUE;
134 } else {
135 $this->was_trust_account= FALSE;
136 $this->trustModel= "";
137 }
139 $this->accessTo = array();
140 if ($this->is_account && isset($this->attrs['accessTo'])){
141 for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
142 $tmp= $this->attrs['accessTo'][$i];
143 $this->accessTo[$tmp]= $tmp;
144 }
145 }
146 }
148 /* Detect all workstations, which are already assigned to an object group
149 - Those objects will be hidden in the add object dialog.
150 - Check() will complain if such a system is assigned to this object group.
151 */
152 $base = $this->config->current['BASE'];
153 $res = get_list("(|(objectClass=gotoWorkstation)(objectClass=gotoTerminal))","none" ,
154 $base, array("dn"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
155 $ws_dns = array();
156 foreach($res as $data){
157 $ws_dns[] = $data['dn'];
158 }
159 $res=get_list("(&(member=*)(objectClass=gosaGroupOfNames))","none",
160 $base, array("dn","member", "gosaGroupObjects"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
161 $this->used_workstations = array();
162 foreach($res as $og){
163 if($og['dn'] == $this->dn) continue;
164 $test = array_intersect($ws_dns,$og['member']);
165 if(($og['gosaGroupObjects'] == "[W]" || $og['gosaGroupObjects'] == "[T]") && count($test)){
166 $this->used_workstations = array_merge($this->used_workstations,$test);
167 }
168 }
170 $this->orig_cn = $this->cn;
171 $this->orig_base = $this->base;
173 /* Get global filter config */
174 if (!session::is_set("sysfilter")){
175 $ui= get_userinfo();
176 $base= get_base_from_people($ui->dn);
177 $sysfilter= array( "depselect" => $base,
178 "regex" => "*");
179 session::set("sysfilter", $sysfilter);
180 }
182 /* Instanciate base selector */
183 $this->baseSelector= new baseSelector($this->get_allowed_bases(), $this->base);
184 $this->baseSelector->setSubmitButton(false);
185 $this->baseSelector->setHeight(300);
186 $this->baseSelector->update(true);
188 $this->reload();
189 }
191 function AddDelMembership($NewMember = false){
193 if($NewMember){
195 /* Add member and force reload */
196 $this->member[$NewMember]= $NewMember;
197 $this->reload();
199 $this->memberList[$NewMember]= $this->objcache[$NewMember];
200 unset ($this->objects[$NewMember]);
201 uasort ($this->memberList, 'sort_list');
202 reset ($this->memberList);
203 }else{
204 /* Delete objects from group */
205 if (isset($_POST['delete_membership']) && isset($_POST['members'])){
206 foreach ($_POST['members'] as $value){
207 $this->objects["$value"]= $this->memberList[$value];
208 unset ($this->memberList["$value"]);
209 unset ($this->member["$value"]);
210 uasort ($this->objects, 'sort_list');
211 reset ($this->objects);
212 }
213 $this->reload();
214 }
216 /* Add objects to group */
217 if (isset($_POST['objectSelect_save']) && $this->objectSelect instanceOf objectSelect){
218 $objects = $this->objectSelect->save();
219 $skipped = FALSE;
220 foreach($objects as $object){
222 $tmp = "";
223 foreach($this->memberList as $obj){
224 $tmp .= $obj['type'];
225 }
227 $type = $this->getObjectType($object);
228 $name= $this->getObjectName($object);
229 $dn = $object['dn'];
231 /* Fill array */
232 if (isset($object["description"][0])){
233 $object= array("text" => "$name [".$object["description"][0]."]", "type" => "$type");
234 } elseif (isset($object["uid"][0])) {
235 $object= array("text" => "$name [".$object["uid"][0]."]", "type" => "$type");
236 } else {
237 $object= array("text" => "$name", "type" => "$type");
238 }
240 if(preg_match("/T/",$tmp) && $type == "W"){
241 $skipped =TRUE;
242 }elseif(preg_match("/W/",$tmp) && $type == "T"){
243 $skipped =TRUE;
244 }else{
246 $this->memberList["$dn"]= $object;
247 $this->member["$dn"]= $dn;
248 uasort ($this->memberList, 'sort_list');
249 reset ($this->memberList);
250 }
251 }
252 if($skipped){
253 msg_dialog::display(_("Information"), _("You cannot combine terminals and workstations in one object group!"), INFO_DIALOG);
254 }
255 $this->objectSelect= FALSE;
256 $this->dialog= FALSE;
257 }
258 }
259 }
261 function execute()
262 {
263 /* Call parent execute */
264 plugin::execute();
266 if(!$this->view_logged){
267 $this->view_logged = TRUE;
268 new log("view","ogroups/".get_class($this),$this->dn);
269 }
272 /* Do we represent a valid group? */
273 if (!$this->is_account){
274 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
275 msgPool::noValidExtension("object group")."</b>";
276 return ($display);
277 }
280 /* Load templating engine */
281 $smarty= get_smarty();
282 $smarty->assign("usePrototype", "true");
284 $tmp = $this->plInfo();
285 foreach($tmp['plProvidedAcls'] as $name => $translation){
286 $smarty->assign($name."ACL",$this->getacl($name));
287 }
289 /***********
290 * Trusts
291 ***********/
293 /* Add user workstation? */
294 if (isset($_POST["add_ws"])){
295 $this->trustSelect= new trustSelect($this->config,get_userinfo());
296 $this->dialog= TRUE;
297 }
299 // Add selected machines to trusted ones.
300 if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
301 $trusts = $this->trustSelect->detectPostActions();
302 if(isset($trusts['targets'])){
304 $headpage = $this->trustSelect->getHeadpage();
305 foreach($trusts['targets'] as $id){
306 $attrs = $headpage->getEntry($id);
307 $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
308 }
309 ksort($this->accessTo);
310 $this->is_modified= TRUE;
311 }
312 $this->trustSelect= NULL;
313 $this->dialog= FALSE;
314 }
317 /* Remove user workstations? */
318 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
319 foreach($_POST['workstation_list'] as $name){
320 unset ($this->accessTo[$name]);
321 }
322 $this->is_modified= TRUE;
323 }
325 /* Add user workstation finished? */
326 if (isset($_POST["add_ws_cancel"])){
327 $this->trustSelect= NULL;
328 $this->dialog= FALSE;
329 }
331 /* Show ws dialog */
332 if ($this->trustSelect){
334 // Build up blocklist
335 session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
336 return($this->trustSelect->execute());
337 }
339 /***********
340 * Ende - Trusts
341 ***********/
344 /* Dialog handling */
345 if(is_object($this->dialog) && $this->acl_is_moveable()){
346 /* Must be called before save_object */
347 $this->dialog->save_object();
349 if($this->dialog->isClosed()){
350 $this->dialog = false;
351 }elseif($this->dialog->isSelected()){
353 /* A new base was selected, check if it is a valid one */
354 $tmp = $this->get_allowed_bases();
355 if(isset($tmp[$this->dialog->isSelected()])){
356 $this->base = $this->dialog->isSelected();
357 }
358 $this->dialog= false;
359 }else{
360 return($this->dialog->execute());
361 }
362 }
364 /* Add objects? */
365 if (isset($_POST["edit_membership"])){
366 $this->objectSelect= new objectSelect($this->config, get_userinfo());
367 $this->dialog= TRUE;
368 }
370 /* Add objects finished? */
371 if (isset($_POST["objectSelect_cancel"])){
372 $this->objectSelect= FALSE;
373 $this->dialog= FALSE;
374 }
376 /* Manage object add dialog */
377 if ($this->objectSelect){
378 session::set('filterBlacklist', array('dn'=> $this->member));
379 return($this->objectSelect->execute());
380 }
382 /* Bases / Departments */
383 if ((isset($_POST['base'])) && ($this->acl_is_moveable())){
384 $this->base= $_POST['base'];
385 }
387 /* Assemble combine string */
388 if ($this->gosaGroupObjects == "[]"){
389 $smarty->assign("combinedObjects", _("none"));
390 } elseif (strlen($this->gosaGroupObjects) > 4){
391 $smarty->assign("combinedObjects", "<font color=red>"._("too many different objects!")."</font>");
392 } else {
393 $conv= array( "U" => _("users"),
394 "G" => _("groups"),
395 "A" => _("applications"),
396 "D" => _("departments"),
397 "S" => _("servers"),
398 "W" => _("workstations"),
399 "O" => _("winstations"),
400 "T" => _("terminals"),
401 "F" => _("phones"),
402 "P" => _("printers"));
404 $type= preg_replace('/[\[\]]/', '', $this->gosaGroupObjects);
405 $p1= $conv[$type[0]];
406 error_reporting(0);
407 if (isset($type[1]) && preg_match('/[UGADSFOWTP]/', $type[1])){
408 $p2= $conv[$type[1]];
409 $smarty->assign("combinedObjects", sprintf("'%s' and '%s'", $p1, $p2));
410 } else {
411 $smarty->assign("combinedObjects", "$p1");
412 }
413 error_reporting(E_ALL | E_STRICT);
414 }
416 /* Assign variables */
417 $smarty->assign("base", $this->baseSelector->render());
418 $smarty->assign("department", $this->department);
419 $smarty->assign("members", $this->convert_list($this->memberList));
421 /* Objects have to be tuned... */
422 $smarty->assign("objects", $this->convert_list($this->objects));
424 /* Fields */
425 foreach ($this->attributes as $val){
426 $smarty->assign("$val", $this->$val);
427 }
429 /******
430 Trust account
431 ******/
432 $smarty->assign("trusthide", " disabled ");
433 $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
434 if ($this->trustModel == "fullaccess"){
435 $trustmode= 1;
436 // pervent double disable tag in html code, this will disturb our clean w3c html
437 $smarty->assign("trustmode", $this->getacl("trustModel"));
439 } elseif ($this->trustModel == "byhost"){
440 $trustmode= 2;
441 $smarty->assign("trusthide", "");
442 } else {
443 // pervent double disable tag in html code, this will disturb our clean w3c html
444 $smarty->assign("trustmode", $this->getacl("trustModel"));
445 $trustmode= 0;
446 }
447 $smarty->assign("trustmode", $trustmode);
448 $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
449 2 => _("allow access to these hosts")));
451 $smarty->assign("workstations", $this->accessTo);
453 if((count($this->accessTo))==0){
454 $smarty->assign("emptyArrAccess",true);
455 }else{
456 $smarty->assign("emptyArrAccess",false);
457 }
458 /******
459 Ende - Trust account
460 ******/
462 return ($smarty->fetch (get_template_path('generic.tpl', TRUE)));
463 }
466 /* Save data to object */
467 function save_object()
468 {
469 /* Refresh base */
470 if ($this->acl_is_moveable($this->base)){
471 if (!$this->baseSelector->update()) {
472 msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
473 }
474 if ($this->base != $this->baseSelector->getBase()) {
475 $this->base= $this->baseSelector->getBase();
476 $this->is_modified= TRUE;
477 }
478 }
480 /* Save additional values for possible next step */
481 if (isset($_POST['ogroupedit'])){
483 /******
484 Trust account
485 ******/
487 if($this->acl_is_writeable("trustModel")){
488 if (isset($_POST['trustmode'])){
489 $saved= $this->trustModel;
490 if ($_POST['trustmode'] == "1"){
491 $this->trustModel= "fullaccess";
492 } elseif ($_POST['trustmode'] == "2"){
493 $this->trustModel= "byhost";
494 } else {
495 $this->trustModel= "";
496 }
497 if ($this->trustModel != $saved){
498 $this->is_modified= TRUE;
499 }
500 }
501 }
502 /******
503 Ende Trust account
504 ******/
506 /* Create a base backup and reset the
507 base directly after calling plugin::save_object();
508 Base will be set seperatly a few lines below */
509 $base_tmp = $this->base;
510 plugin::save_object();
511 $this->base = $base_tmp;
512 }
513 }
516 /* (Re-)Load objects */
517 function reload()
518 {
519 /*###########
520 Variable initialisation
521 ###########*/
523 $this->objects = array();
524 $this->ui = get_userinfo();
525 $filter = "";
526 $objectClasses = array();
528 $ogfilter = session::get("ogfilter");
529 $regex = $ogfilter['regex'];
531 $ldap= $this->config->get_ldap_link();
532 $ldap->cd ($ogfilter['dselect']);
535 /*###########
536 Generate Filter
537 ###########*/
539 $p_f= array("accounts"=> array("OBJ"=>"user", "CLASS"=>"gosaAccount" ,
540 "DN"=> get_people_ou() ,"ACL" => "users"),
541 "groups" => array("OBJ"=>"group", "CLASS"=>"posixGroup" ,
542 "DN"=> get_groups_ou('ogroupRDN') ,"ACL" => "groups"),
543 "departments" => array("OBJ"=>"department", "CLASS"=>"gosaDepartment" ,
544 "DN"=> "" ,"ACL" => "department"),
545 "servers" => array("OBJ"=>"servgeneric", "CLASS"=>"goServer" ,
546 "DN"=> get_ou('serverRDN') ,"ACL" => "server"),
547 "workstations" => array("OBJ"=>"workgeneric", "CLASS"=>"gotoWorkstation",
548 "DN"=> get_ou('workstationRDN') ,"ACL" => "workstation"),
549 "winstations" => array("OBJ"=>"wingeneric", "CLASS"=>"opsiClient",
550 "DN"=> get_ou('SAMBAMACHINEACCOUNTRDN') ,"ACL" => "winstation"),
551 "terminals" => array("OBJ"=>"termgeneric", "CLASS"=>"gotoTerminal" ,
552 "DN"=> get_ou('terminalRDN') ,"ACL" => "terminal"),
553 "printers" => array("OBJ"=>"printgeneric", "CLASS"=>"gotoPrinter" ,
554 "DN"=> get_ou('printerRDN') ,"ACL" => "printer"),
555 "phones" => array("OBJ"=>"phoneGeneric", "CLASS"=>"goFonHardware" ,
556 "DN"=> get_ou('phoneRDN') ,"ACL" => "phone"));
559 /* Allow searching for applications, if we are not using release managed applications
560 */
561 if(!$this->IsReleaseManagementActivated()){
562 $p_f[ "applications"] = array("OBJ"=>"application", "CLASS"=>"gosaApplication",
563 "DN"=> get_ou('applicationRDN') ,"ACL" => "application");
564 }
566 /*###########
567 Perform search for selected objectClasses & regex to fill list with objects
568 ###########*/
570 $Get_list_flags = 0;
571 if($ogfilter['subtrees'] == "checked"){
572 $Get_list_flags |= GL_SUBSEARCH;
573 }
575 foreach($p_f as $post_name => $data){
577 if($ogfilter[$post_name] == "checked" && class_available($data['OBJ'])){
579 if($ogfilter['subtrees']){
580 $base = $ogfilter['dselect'];
581 }else{
582 $base = $data['DN'].$ogfilter['dselect'];
583 }
586 $filter = "(&(objectClass=".$data['CLASS'].")(|(uid=$regex)(cn=$regex)(ou=$regex)))";
587 $res = get_list($filter, $data['ACL'] , $base,
588 array("description", "objectClass", "sn", "givenName", "uid","ou","cn"),$Get_list_flags);
590 /* fetch results and append them to the list */
591 foreach($res as $attrs){
593 /* Skip workstations which are already assigned to an object group.
594 */
595 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]"){
596 if(in_array($attrs['dn'],$this->used_workstations)){
597 continue;
598 }
599 }
601 $type= $this->getObjectType($attrs);
602 $name= $this->getObjectName($attrs);
604 /* Fill array */
605 if (isset($attrs["description"][0])){
606 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
607 } elseif (isset($attrs["uid"][0])) {
608 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
609 } else {
610 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
611 }
612 }
613 }
614 }
615 uasort ($this->objects, 'sort_list');
616 reset ($this->objects);
619 /*###########
620 Build member list and try to detect obsolete entries
621 ###########*/
623 $this->memberList = array();
625 /* Walk through all single member entry */
626 foreach($this->member as $dn){
628 /* The dn for the current member can't be resolved
629 it seams that this entry was removed
630 */
631 /* Try to resolv the entry again, if it still fails, display error msg */
632 $ldap->cat($dn, array("cn", "sn", "givenName", "ou", "description", "objectClass", "macAddress"));
634 /* It has failed, add entry with type flag I (Invalid)*/
635 if (!$ldap->success()){
636 $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".LDAP::fix($dn),"type" => "I");
638 } else {
640 /* Append this entry to our all object list */
642 /* Fetch object */
643 $attrs= $ldap->fetch();
645 $type= $this->getObjectType($attrs);
646 $name= $this->getObjectName($attrs);
648 if (isset($attrs["description"][0])){
649 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
650 } elseif (isset($attrs["uid"][0])) {
651 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
652 } else {
653 $this->objcache[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
654 }
655 $this->objcache[$attrs["dn"]]['objectClass'] = $attrs['objectClass'];
657 if(isset($attrs['macAddress'][0])){
658 $this->objcache[$attrs["dn"]]['macAddress'] = $attrs['macAddress'][0];
659 }else{
660 $this->objcache[$attrs["dn"]]['macAddress'] = "";
661 }
663 if(isset($attrs['uid'])){
664 $this->objcache[$attrs["dn"]]['uid'] = $attrs['uid'];
665 }
667 /* Fill array */
668 if (isset($attrs["description"][0])){
669 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
670 } else {
671 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
672 }
674 $this->memberList[$dn]= $this->objects[$attrs["dn"]];
675 }
676 }
677 uasort ($this->memberList, 'sort_list');
678 reset ($this->memberList);
680 /* Assemble types of currently combined objects */
681 $objectTypes= "";
682 foreach ($this->memberList as $dn => $desc){
684 /* Invalid object? */
685 if ($desc['type'] == 'I'){
686 continue;
687 }
689 /* Fine. Add to list. */
690 if (!preg_match('/'.$desc['type'].'/', $objectTypes)){
691 $objectTypes.= $desc['type'];
692 }
693 }
694 $this->gosaGroupObjects= "[$objectTypes]";
695 }
698 function convert_list($input)
699 {
700 $temp= "";
701 $conv= array(
702 "Y" => "plugins/users/images/select_template.png",
703 "U" => "plugins/generic/images/head.png",
704 "G" => "plugins/groups/images/groups.png",
705 "A" => "plugins/ogroups/images/application.png",
706 "D" => "plugins/departments/images/department.png",
707 "S" => "plugins/ogroups/images/server.png",
708 "W" => "plugins/ogroups/images/workstation.png",
709 "O" => "plugins/ogroups/images/winstation.png",
710 "T" => "plugins/ogroups/images/terminal.png",
711 "F" => "plugins/ogroups/images/phone.png",
712 "P" => "plugins/ogroups/images/printer.png",
713 "I" => "images/false.png");
715 foreach ($input as $key => $value){
716 /* Generate output */
717 $temp.= "<option title='".addslashes( $key)."' value=\"$key\" class=\"select\" style=\"background-image:url('".get_template_path($conv[$value['type']])."');\">".$value['text']."</option>\n";
718 }
720 return ($temp);
721 }
724 function getObjectType($attrs)
725 {
726 $type= "I";
728 foreach(array(
729 "Y" => "gosaUserTemplate",
730 "U" => "gosaAccount",
731 "G" => "posixGroup",
732 "A" => "gosaApplication",
733 "D" => "gosaDepartment",
734 "S" => "goServer",
735 "W" => "gotoWorkstation",
736 "O" => "opsiClient",
737 "T" => "gotoTerminal",
738 "F" => "goFonHardware",
739 "P" => "gotoPrinter") as $index => $class){
740 if (in_array($class, $attrs['objectClass'])){
741 $type= $index;
742 break;
743 }
744 }
746 return ($type);
747 }
750 function getObjectName($attrs)
751 {
752 /* Person? */
753 $name ="";
754 if (in_array('gosaAccount', $attrs['objectClass'])){
755 if(isset($attrs['sn']) && isset($attrs['givenName'])){
756 $name= $attrs['sn'][0].", ".$attrs['givenName'][0];
757 } else {
758 $name= $attrs['uid'][0];
759 }
760 } else {
761 if(isset($attrs["cn"][0])) {
762 $name= $attrs['cn'][0];
763 } else {
764 $name= $attrs['ou'][0];
765 }
766 }
768 return ($name);
769 }
772 function check()
773 {
774 /* Call common method to give check the hook */
775 $message= plugin::check();
777 /* Permissions for that base? */
778 if ($this->base != ""){
779 $new_dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
780 } else {
781 $new_dn= $this->dn;
782 }
784 /* Check if we have workstations assigned, that are already assigned to
785 another object group. */
786 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]" ) {
787 $test =array_intersect($this->used_workstations,$this->member);
788 if(count($test)){
789 $str = "";
790 foreach($test as $dn){
791 $str .= "<li>".$dn."</li>";
792 }
793 $message[] = sprintf(_("These systems are already configured by other object groups and cannot be added:")."<br><ul>%s</ul>",$str);
794 }
795 }
797 $ldap = $this->config->get_ldap_link();
798 if(LDAP::fix($this->dn) != LDAP::fix($new_dn)){
799 $ldap->cat ($new_dn, array('dn'));
800 }
802 if($ldap->count() !=0){
803 $message[]= msgPool::duplicated(_("Name"));
804 }
806 /* Set new acl base */
807 if($this->dn == "new") {
808 $this->set_acl_base($this->base);
809 }
811 /* must: cn */
812 if ($this->cn == ""){
813 $message[]= msgPool::required(_("Name"));
814 }
816 /* To many different object types? */
817 if (strlen($this->gosaGroupObjects) > 4){
818 $message[]= _("You can combine two different object types at maximum, only!");
819 }
821 /* Check if we are allowed to create or move this object
822 */
823 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
824 $message[] = msgPool::permCreate();
825 }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
826 $message[] = msgPool::permMove();
827 }
829 return ($message);
830 }
833 /* Save to LDAP */
834 function save()
835 {
836 plugin::save();
838 /* Move members to target array */
839 $this->attrs['member'] =array();
840 foreach ($this->member as $key => $desc){
841 $this->attrs['member'][]= LDAP::fix($key);
842 }
844 $ldap= $this->config->get_ldap_link();
846 /* New accounts need proper 'dn', propagate it to remaining objects */
847 if ($this->dn == 'new'){
848 $this->dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
849 }
851 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
852 new entries. So do a check first... */
853 $ldap->cat ($this->dn, array('dn'));
854 if ($ldap->fetch()){
855 /* Modify needs array() to remove values :-( */
856 if (!count ($this->member)){
857 $this->attrs['member']= array();
858 }
859 $mode= "modify";
861 } else {
862 $mode= "add";
863 $ldap->cd($this->config->current['BASE']);
864 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
865 }
867 /******
868 Trust accounts
869 ******/
870 $objectclasses= array();
871 foreach ($this->attrs['objectClass'] as $key => $class){
872 if (preg_match('/trustAccount/i', $class)){
873 continue;
874 }
875 $objectclasses[]= $this->attrs['objectClass'][$key];
876 }
877 $this->attrs['objectClass']= $objectclasses;
878 if ($this->trustModel != ""){
879 $this->attrs['objectClass'][]= "trustAccount";
880 $this->attrs['trustModel']= $this->trustModel;
881 $this->attrs['accessTo']= array();
882 if ($this->trustModel == "byhost"){
883 foreach ($this->accessTo as $host){
884 $this->attrs['accessTo'][]= $host;
885 }
886 }
887 } else {
888 if ($this->was_trust_account){
889 $this->attrs['accessTo']= array();
890 $this->attrs['trustModel']= array();
891 }
892 }
894 /******
895 Ende - Trust accounts
896 ******/
898 /* Write back to ldap */
899 $ldap->cd($this->dn);
900 $this->cleanup();
901 $ldap->$mode($this->attrs);
903 if($mode == "add"){
904 new log("create","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
905 }else{
906 new log("modify","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
907 }
909 /* Trigger post signal */
910 $this->handle_post_events($mode);
912 $ret= 0;
913 if (!$ldap->success()){
914 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
915 $ret= 1;
916 }
918 return ($ret);
919 }
921 function remove_from_parent()
922 {
923 plugin::remove_from_parent();
925 $ldap= $this->config->get_ldap_link();
926 $ldap->rmdir($this->dn);
927 if (!$ldap->success()){
928 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
929 }
931 new log("remove","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
933 /* Trigger remove signal */
934 $this->handle_post_events("remove");
935 }
938 function PrepareForCopyPaste($source)
939 {
940 plugin::PrepareForCopyPaste($source);
942 /* Reload tabs */
943 $this->parent->reload($this->gosaGroupObjects );
945 /* Reload plugins */
946 foreach($this->parent->by_object as $name => $class ){
947 if(get_class($this) != $name) {
948 $this->parent->by_object[$name]->PrepareForCopyPaste($source);
949 }
950 }
952 $source_o = new ogroup ($this->config, $source['dn']);
953 foreach(array("accessTo","member","gosaGroupObjects") as $attr){
954 $this->$attr = $source_o->$attr;
955 }
956 }
959 function getCopyDialog()
960 {
961 $smarty = get_smarty();
962 $smarty->assign("cn", $this->cn);
963 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
964 $ret = array();
965 $ret['string'] = $str;
966 $ret['status'] = "";
967 return($ret);
968 }
970 function saveCopyDialog()
971 {
972 if(isset($_POST['cn'])){
973 $this->cn = $_POST['cn'];
974 }
975 }
978 function IsReleaseManagementActivated()
979 {
980 /* Check if we should enable the release selection */
981 $tmp = $this->config->search("faiManagement", "CLASS",array('menu','tabs'));
982 if(!empty($tmp)){
983 return(true);
984 }
985 return(false);
986 }
989 static function plInfo()
990 {
991 return (array(
992 "plShortName" => _("Generic"),
993 "plDescription" => _("Object group generic"),
994 "plSelfModify" => FALSE,
995 "plDepends" => array(),
996 "plPriority" => 1,
997 "plSection" => array("administration"),
998 "plCategory" => array("ogroups" => array("description" => _("Object groups"),
999 "objectClass" => "gosaGroupOfNames")),
1000 "plProvidedAcls"=> array(
1001 "cn" => _("Name"),
1002 "base" => _("Base"),
1003 "description" => _("Description"),
1004 "trustModel" => _("Sytem trust"),
1005 "member" => _("Member"))
1006 ));
1007 }
1008 }
1010 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1011 ?>