1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 /* Sort multidimensional arrays for key 'text' */
24 function sort_list($val1, $val2)
25 {
26 $v1= strtolower($val1['text']);
27 $v2= strtolower($val2['text']);
28 if ($v1 > $v2){
29 return 1;
30 }
31 if ($v1 < $v2){
32 return -1;
33 }
34 return 0;
35 }
38 class ogroup extends plugin
39 {
40 /* Variables */
41 var $cn= "";
42 var $description= "";
43 var $base= "";
44 var $gosaGroupObjects= "";
45 var $department= "";
46 var $objects= array();
47 var $objcache= array();
48 var $memberList= array();
49 var $member= array();
50 var $orig_dn= "";
51 var $orig_cn= "";
52 var $orig_base= "";
53 var $objectSelect= FALSE;
54 var $view_logged = FALSE;
56 var $accessTo= array();
57 var $trustModel= "";
58 var $trustSelect = FALSE;
60 var $was_trust_account= FALSE;
62 /* Already assigned Workstations. Will be hidden in selection.
63 */
64 var $used_workstations = array();
66 /* attribute list for save action */
67 var $attributes= array("cn", "description", "gosaGroupObjects","member","accessTo","trustModel");
68 var $objectclasses= array("top", "gosaGroupOfNames");
70 function ogroup (&$config, $dn= NULL)
71 {
72 plugin::plugin ($config, $dn);
73 $this->orig_dn= $dn;
75 $this->member = array();
77 /* Load member objects */
78 if (isset($this->attrs['member'])){
79 foreach ($this->attrs['member'] as $key => $value){
80 if ("$key" != "count"){
81 $value= @LDAP::convert($value);
82 $this->member["$value"]= "$value";
83 }
84 }
85 }
86 $this->is_account= TRUE;
88 /* Get global filter config */
89 if (!session::is_set("ogfilter")){
90 $ui= get_userinfo();
91 $base= get_base_from_people($ui->dn);
92 $ogfilter= array( "dselect" => $base,
93 "regex" => "*");
94 session::set("ogfilter", $ogfilter);
95 }
96 $ogfilter= session::get('ogfilter');
98 /* Adjust flags */
99 foreach( array( "U" => "accounts",
100 "G" => "groups",
101 "A" => "applications",
102 "D" => "departments",
103 "S" => "servers",
104 "W" => "workstations",
105 "O" => "winstations",
106 "T" => "terminals",
107 "F" => "phones",
108 "_" => "subtrees",
109 "P" => "printers") as $key => $val){
111 if (preg_match("/$key/", $this->gosaGroupObjects)){
112 $ogfilter[$val]= "checked";
113 } else {
114 $ogfilter[$val]= "";
115 }
116 }
117 session::set("ogfilter", $ogfilter);
119 if(session::is_set('CurrentMainBase')){
120 $this->base = session::get('CurrentMainBase');
121 }
123 /* Set base */
124 if ($this->dn == "new"){
125 $this->base = session::get('CurrentMainBase');
126 } else {
127 $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("ogroupRDN"), '/')."/i","",$this->dn);
129 /* Is this account a trustAccount? */
130 if ($this->is_account && isset($this->attrs['trustModel'])){
131 $this->trustModel= $this->attrs['trustModel'][0];
132 $this->was_trust_account= TRUE;
133 } else {
134 $this->was_trust_account= FALSE;
135 $this->trustModel= "";
136 }
138 $this->accessTo = array();
139 if ($this->is_account && isset($this->attrs['accessTo'])){
140 for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
141 $tmp= $this->attrs['accessTo'][$i];
142 $this->accessTo[$tmp]= $tmp;
143 }
144 }
145 }
147 /* Detect all workstations, which are already assigned to an object group
148 - Those objects will be hidden in the add object dialog.
149 - Check() will complain if such a system is assigned to this object group.
150 */
151 $base = $this->config->current['BASE'];
152 $res = get_list("(|(objectClass=gotoWorkstation)(objectClass=gotoTerminal))","none" ,
153 $base, array("dn"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
154 $ws_dns = array();
155 foreach($res as $data){
156 $ws_dns[] = $data['dn'];
157 }
158 $res=get_list("(&(member=*)(objectClass=gosaGroupOfNames))","none",
159 $base, array("dn","member", "gosaGroupObjects"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
160 $this->used_workstations = array();
161 foreach($res as $og){
162 if($og['dn'] == $this->dn) continue;
163 $test = array_intersect($ws_dns,$og['member']);
164 if(($og['gosaGroupObjects'] == "[W]" || $og['gosaGroupObjects'] == "[T]") && count($test)){
165 $this->used_workstations = array_merge($this->used_workstations,$test);
166 }
167 }
169 $this->orig_cn = $this->cn;
170 $this->orig_base = $this->base;
172 /* Get global filter config */
173 if (!session::is_set("sysfilter")){
174 $ui= get_userinfo();
175 $base= get_base_from_people($ui->dn);
176 $sysfilter= array( "depselect" => $base,
177 "regex" => "*");
178 session::set("sysfilter", $sysfilter);
179 }
181 $this->reload();
182 }
184 function AddDelMembership($NewMember = false){
186 if($NewMember){
188 /* Add member and force reload */
189 $this->member[$NewMember]= $NewMember;
190 $this->reload();
192 $this->memberList[$NewMember]= $this->objcache[$NewMember];
193 unset ($this->objects[$NewMember]);
194 uasort ($this->memberList, 'sort_list');
195 reset ($this->memberList);
196 }else{
197 /* Delete objects from group */
198 if (isset($_POST['delete_membership']) && isset($_POST['members'])){
199 foreach ($_POST['members'] as $value){
200 $this->objects["$value"]= $this->memberList[$value];
201 unset ($this->memberList["$value"]);
202 unset ($this->member["$value"]);
203 uasort ($this->objects, 'sort_list');
204 reset ($this->objects);
205 }
206 $this->reload();
207 }
209 /* Add objects to group */
210 if (isset($_POST['objectSelect_save']) && $this->objectSelect instanceOf objectSelect){
211 $objects = $this->objectSelect->save();
212 $skipped = FALSE;
213 foreach($objects as $object){
215 $tmp = "";
216 foreach($this->memberList as $obj){
217 $tmp .= $obj['type'];
218 }
220 $type = $this->getObjectType($object);
221 $name= $this->getObjectName($object);
222 $dn = $object['dn'];
224 /* Fill array */
225 if (isset($object["description"][0])){
226 $object= array("text" => "$name [".$object["description"][0]."]", "type" => "$type");
227 } elseif (isset($object["uid"][0])) {
228 $object= array("text" => "$name [".$object["uid"][0]."]", "type" => "$type");
229 } else {
230 $object= array("text" => "$name", "type" => "$type");
231 }
233 if(preg_match("/T/",$tmp) && $type == "W"){
234 $skipped =TRUE;
235 }elseif(preg_match("/W/",$tmp) && $type == "T"){
236 $skipped =TRUE;
237 }else{
239 $this->memberList["$dn"]= $object;
240 $this->member["$dn"]= $dn;
241 uasort ($this->memberList, 'sort_list');
242 reset ($this->memberList);
243 }
244 }
245 if($skipped){
246 msg_dialog::display(_("Information"), _("You cannot combine terminals and workstations in one object group!"), INFO_DIALOG);
247 }
248 $this->objectSelect= FALSE;
249 $this->dialog= FALSE;
250 }
251 }
252 }
254 function execute()
255 {
256 /* Call parent execute */
257 plugin::execute();
259 if(!$this->view_logged){
260 $this->view_logged = TRUE;
261 new log("view","ogroups/".get_class($this),$this->dn);
262 }
265 /* Do we represent a valid group? */
266 if (!$this->is_account){
267 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
268 msgPool::noValidExtension("object group")."</b>";
269 return ($display);
270 }
273 /* Load templating engine */
274 $smarty= get_smarty();
276 $tmp = $this->plInfo();
277 foreach($tmp['plProvidedAcls'] as $name => $translation){
278 $smarty->assign($name."ACL",$this->getacl($name));
279 }
281 /* Base select dialog */
282 $once = true;
283 foreach($_POST as $name => $value){
284 if(preg_match("/^chooseBase/",$name) && $once && $this->acl_is_moveable()){
285 $once = false;
286 $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
287 $this->dialog->setCurrentBase($this->base);
288 }
289 }
291 /***********
292 * Trusts
293 ***********/
295 /* Add user workstation? */
296 if (isset($_POST["add_ws"])){
297 $this->trustSelect= new trustSelect($this->config,get_userinfo());
298 $this->dialog= TRUE;
299 }
301 // Add selected machines to trusted ones.
302 if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
303 $trusts = $this->trustSelect->detectPostActions();
304 if(isset($trusts['targets'])){
306 $headpage = $this->trustSelect->getHeadpage();
307 foreach($trusts['targets'] as $id){
308 $attrs = $headpage->getEntry($id);
309 $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
310 }
311 ksort($this->accessTo);
312 $this->is_modified= TRUE;
313 }
314 $this->trustSelect= NULL;
315 $this->dialog= FALSE;
316 }
319 /* Remove user workstations? */
320 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
321 foreach($_POST['workstation_list'] as $name){
322 unset ($this->accessTo[$name]);
323 }
324 $this->is_modified= TRUE;
325 }
327 /* Add user workstation finished? */
328 if (isset($_POST["add_ws_cancel"])){
329 $this->trustSelect= NULL;
330 $this->dialog= FALSE;
331 }
333 /* Show ws dialog */
334 if ($this->trustSelect){
336 // Build up blocklist
337 session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
338 return($this->trustSelect->execute());
339 }
341 /***********
342 * Ende - Trusts
343 ***********/
346 /* Dialog handling */
347 if(is_object($this->dialog) && $this->acl_is_moveable()){
348 /* Must be called before save_object */
349 $this->dialog->save_object();
351 if($this->dialog->isClosed()){
352 $this->dialog = false;
353 }elseif($this->dialog->isSelected()){
355 /* A new base was selected, check if it is a valid one */
356 $tmp = $this->get_allowed_bases();
357 if(isset($tmp[$this->dialog->isSelected()])){
358 $this->base = $this->dialog->isSelected();
359 }
360 $this->dialog= false;
361 }else{
362 return($this->dialog->execute());
363 }
364 }
366 /* Add objects? */
367 if (isset($_POST["edit_membership"])){
368 $this->objectSelect= new objectSelect($this->config, get_userinfo());
369 $this->dialog= TRUE;
370 }
372 /* Add objects finished? */
373 if (isset($_POST["objectSelect_cancel"])){
374 $this->objectSelect= FALSE;
375 $this->dialog= FALSE;
376 }
378 /* Manage object add dialog */
379 if ($this->objectSelect){
380 return($this->objectSelect->execute());
381 }
383 /* Bases / Departments */
384 if ((isset($_POST['base'])) && ($this->acl_is_moveable())){
385 $this->base= $_POST['base'];
386 }
388 /* Assemble combine string */
389 if ($this->gosaGroupObjects == "[]"){
390 $smarty->assign("combinedObjects", _("none"));
391 } elseif (strlen($this->gosaGroupObjects) > 4){
392 $smarty->assign("combinedObjects", "<font color=red>"._("too many different objects!")."</font>");
393 } else {
394 $conv= array( "U" => _("users"),
395 "G" => _("groups"),
396 "A" => _("applications"),
397 "D" => _("departments"),
398 "S" => _("servers"),
399 "W" => _("workstations"),
400 "O" => _("winstations"),
401 "T" => _("terminals"),
402 "F" => _("phones"),
403 "P" => _("printers"));
405 $type= preg_replace('/[\[\]]/', '', $this->gosaGroupObjects);
406 $p1= $conv[$type[0]];
407 error_reporting(0);
408 if (isset($type[1]) && preg_match('/[UGADSFOWTP]/', $type[1])){
409 $p2= $conv[$type[1]];
410 $smarty->assign("combinedObjects", sprintf("'%s' and '%s'", $p1, $p2));
411 } else {
412 $smarty->assign("combinedObjects", "$p1");
413 }
414 error_reporting(E_ALL | E_STRICT);
415 }
417 /* Assign variables */
418 $smarty->assign("bases", $this->get_allowed_bases());
419 $smarty->assign("base_select", $this->base);
420 $smarty->assign("department", $this->department);
421 $smarty->assign("members", $this->convert_list($this->memberList));
423 /* Objects have to be tuned... */
424 $smarty->assign("objects", $this->convert_list($this->objects));
426 /* Fields */
427 foreach ($this->attributes as $val){
428 $smarty->assign("$val", $this->$val);
429 }
431 /******
432 Trust account
433 ******/
434 $smarty->assign("trusthide", " disabled ");
435 $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
436 if ($this->trustModel == "fullaccess"){
437 $trustmode= 1;
438 // pervent double disable tag in html code, this will disturb our clean w3c html
439 $smarty->assign("trustmode", $this->getacl("trustModel"));
441 } elseif ($this->trustModel == "byhost"){
442 $trustmode= 2;
443 $smarty->assign("trusthide", "");
444 } else {
445 // pervent double disable tag in html code, this will disturb our clean w3c html
446 $smarty->assign("trustmode", $this->getacl("trustModel"));
447 $trustmode= 0;
448 }
449 $smarty->assign("trustmode", $trustmode);
450 $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
451 2 => _("allow access to these hosts")));
453 $smarty->assign("workstations", $this->accessTo);
455 if((count($this->accessTo))==0){
456 $smarty->assign("emptyArrAccess",true);
457 }else{
458 $smarty->assign("emptyArrAccess",false);
459 }
460 /******
461 Ende - Trust account
462 ******/
464 return ($smarty->fetch (get_template_path('generic.tpl', TRUE)));
465 }
468 /* Save data to object */
469 function save_object()
470 {
471 /* Save additional values for possible next step */
472 if (isset($_POST['ogroupedit'])){
474 /******
475 Trust account
476 ******/
478 if($this->acl_is_writeable("trustModel")){
479 if (isset($_POST['trustmode'])){
480 $saved= $this->trustModel;
481 if ($_POST['trustmode'] == "1"){
482 $this->trustModel= "fullaccess";
483 } elseif ($_POST['trustmode'] == "2"){
484 $this->trustModel= "byhost";
485 } else {
486 $this->trustModel= "";
487 }
488 if ($this->trustModel != $saved){
489 $this->is_modified= TRUE;
490 }
491 }
492 }
493 /******
494 Ende Trust account
495 ******/
497 /* Create a base backup and reset the
498 base directly after calling plugin::save_object();
499 Base will be set seperatly a few lines below */
500 $base_tmp = $this->base;
501 plugin::save_object();
502 $this->base = $base_tmp;
504 /* Save base, since this is no LDAP attribute */
505 $tmp = $this->get_allowed_bases();
506 if(isset($_POST['base'])){
507 if(isset($tmp[$_POST['base']])){
508 $this->base= $_POST['base'];
509 }
510 }
511 }
512 }
515 /* (Re-)Load objects */
516 function reload()
517 {
518 /*###########
519 Variable initialisation
520 ###########*/
522 $this->objects = array();
523 $this->ui = get_userinfo();
524 $filter = "";
525 $objectClasses = array();
527 $ogfilter = session::get("ogfilter");
528 $regex = $ogfilter['regex'];
530 $ldap= $this->config->get_ldap_link();
531 $ldap->cd ($ogfilter['dselect']);
534 /*###########
535 Generate Filter
536 ###########*/
538 $p_f= array("accounts"=> array("OBJ"=>"user", "CLASS"=>"gosaAccount" ,
539 "DN"=> get_people_ou() ,"ACL" => "users"),
540 "groups" => array("OBJ"=>"group", "CLASS"=>"posixGroup" ,
541 "DN"=> get_groups_ou('ogroupRDN') ,"ACL" => "groups"),
542 "departments" => array("OBJ"=>"department", "CLASS"=>"gosaDepartment" ,
543 "DN"=> "" ,"ACL" => "department"),
544 "servers" => array("OBJ"=>"servgeneric", "CLASS"=>"goServer" ,
545 "DN"=> get_ou('serverRDN') ,"ACL" => "server"),
546 "workstations" => array("OBJ"=>"workgeneric", "CLASS"=>"gotoWorkstation",
547 "DN"=> get_ou('workstationRDN') ,"ACL" => "workstation"),
548 "winstations" => array("OBJ"=>"wingeneric", "CLASS"=>"opsiClient",
549 "DN"=> get_ou('SAMBAMACHINEACCOUNTRDN') ,"ACL" => "winstation"),
550 "terminals" => array("OBJ"=>"termgeneric", "CLASS"=>"gotoTerminal" ,
551 "DN"=> get_ou('terminalRDN') ,"ACL" => "terminal"),
552 "printers" => array("OBJ"=>"printgeneric", "CLASS"=>"gotoPrinter" ,
553 "DN"=> get_ou('printerRDN') ,"ACL" => "printer"),
554 "phones" => array("OBJ"=>"phoneGeneric", "CLASS"=>"goFonHardware" ,
555 "DN"=> get_ou('phoneRDN') ,"ACL" => "phone"));
558 /* Allow searching for applications, if we are not using release managed applications
559 */
560 if(!$this->IsReleaseManagementActivated()){
561 $p_f[ "applications"] = array("OBJ"=>"application", "CLASS"=>"gosaApplication",
562 "DN"=> get_ou('applicationRDN') ,"ACL" => "application");
563 }
565 /*###########
566 Perform search for selected objectClasses & regex to fill list with objects
567 ###########*/
569 $Get_list_flags = 0;
570 if($ogfilter['subtrees'] == "checked"){
571 $Get_list_flags |= GL_SUBSEARCH;
572 }
574 foreach($p_f as $post_name => $data){
576 if($ogfilter[$post_name] == "checked" && class_available($data['OBJ'])){
578 if($ogfilter['subtrees']){
579 $base = $ogfilter['dselect'];
580 }else{
581 $base = $data['DN'].$ogfilter['dselect'];
582 }
585 $filter = "(&(objectClass=".$data['CLASS'].")(|(uid=$regex)(cn=$regex)(ou=$regex)))";
586 $res = get_list($filter, $data['ACL'] , $base,
587 array("description", "objectClass", "sn", "givenName", "uid","ou","cn"),$Get_list_flags);
589 /* fetch results and append them to the list */
590 foreach($res as $attrs){
592 /* Skip workstations which are already assigned to an object group.
593 */
594 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]"){
595 if(in_array($attrs['dn'],$this->used_workstations)){
596 continue;
597 }
598 }
600 $type= $this->getObjectType($attrs);
601 $name= $this->getObjectName($attrs);
603 /* Fill array */
604 if (isset($attrs["description"][0])){
605 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
606 } elseif (isset($attrs["uid"][0])) {
607 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
608 } else {
609 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
610 }
611 }
612 }
613 }
614 uasort ($this->objects, 'sort_list');
615 reset ($this->objects);
618 /*###########
619 Build member list and try to detect obsolete entries
620 ###########*/
622 $this->memberList = array();
624 /* Walk through all single member entry */
625 foreach($this->member as $dn){
627 /* The dn for the current member can't be resolved
628 it seams that this entry was removed
629 */
630 /* Try to resolv the entry again, if it still fails, display error msg */
631 $ldap->cat($dn, array("cn", "sn", "givenName", "ou", "description", "objectClass", "macAddress"));
633 /* It has failed, add entry with type flag I (Invalid)*/
634 if (!$ldap->success()){
635 $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".LDAP::fix($dn),"type" => "I");
637 } else {
639 /* Append this entry to our all object list */
641 /* Fetch object */
642 $attrs= $ldap->fetch();
644 $type= $this->getObjectType($attrs);
645 $name= $this->getObjectName($attrs);
647 if (isset($attrs["description"][0])){
648 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
649 } elseif (isset($attrs["uid"][0])) {
650 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
651 } else {
652 $this->objcache[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
653 }
654 $this->objcache[$attrs["dn"]]['objectClass'] = $attrs['objectClass'];
656 if(isset($attrs['macAddress'][0])){
657 $this->objcache[$attrs["dn"]]['macAddress'] = $attrs['macAddress'][0];
658 }else{
659 $this->objcache[$attrs["dn"]]['macAddress'] = "";
660 }
662 if(isset($attrs['uid'])){
663 $this->objcache[$attrs["dn"]]['uid'] = $attrs['uid'];
664 }
666 /* Fill array */
667 if (isset($attrs["description"][0])){
668 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
669 } else {
670 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
671 }
673 $this->memberList[$dn]= $this->objects[$attrs["dn"]];
674 }
675 }
676 uasort ($this->memberList, 'sort_list');
677 reset ($this->memberList);
679 /* Assemble types of currently combined objects */
680 $objectTypes= "";
681 foreach ($this->memberList as $dn => $desc){
683 /* Invalid object? */
684 if ($desc['type'] == 'I'){
685 continue;
686 }
688 /* Fine. Add to list. */
689 if (!preg_match('/'.$desc['type'].'/', $objectTypes)){
690 $objectTypes.= $desc['type'];
691 }
692 }
693 $this->gosaGroupObjects= "[$objectTypes]";
694 }
697 function convert_list($input)
698 {
699 $temp= "";
700 $conv= array(
701 "Y" => "plugins/users/images/select_template.png",
702 "U" => "plugins/generic/images/head.png",
703 "G" => "plugins/groups/images/groups.png",
704 "A" => "plugins/ogroups/images/application.png",
705 "D" => "plugins/departments/images/department.png",
706 "S" => "plugins/ogroups/images/server.png",
707 "W" => "plugins/ogroups/images/workstation.png",
708 "O" => "plugins/ogroups/images/winstation.png",
709 "T" => "plugins/ogroups/images/terminal.png",
710 "F" => "plugins/ogroups/images/phone.png",
711 "P" => "plugins/ogroups/images/printer.png",
712 "I" => "images/false.png");
714 foreach ($input as $key => $value){
715 /* Generate output */
716 $temp.= "<option title='".addslashes( $key)."' value=\"$key\" class=\"select\" style=\"background-image:url('".get_template_path($conv[$value['type']])."');\">".$value['text']."</option>\n";
717 }
719 return ($temp);
720 }
723 function getObjectType($attrs)
724 {
725 $type= "I";
727 foreach(array(
728 "Y" => "gosaUserTemplate",
729 "U" => "gosaAccount",
730 "G" => "posixGroup",
731 "A" => "gosaApplication",
732 "D" => "gosaDepartment",
733 "S" => "goServer",
734 "W" => "gotoWorkstation",
735 "O" => "opsiClient",
736 "T" => "gotoTerminal",
737 "F" => "goFonHardware",
738 "P" => "gotoPrinter") as $index => $class){
739 if (in_array($class, $attrs['objectClass'])){
740 $type= $index;
741 break;
742 }
743 }
745 return ($type);
746 }
749 function getObjectName($attrs)
750 {
751 /* Person? */
752 $name ="";
753 if (in_array('gosaAccount', $attrs['objectClass'])){
754 if(isset($attrs['sn']) && isset($attrs['givenName'])){
755 $name= $attrs['sn'][0].", ".$attrs['givenName'][0];
756 } else {
757 $name= $attrs['uid'][0];
758 }
759 } else {
760 if(isset($attrs["cn"][0])) {
761 $name= $attrs['cn'][0];
762 } else {
763 $name= $attrs['ou'][0];
764 }
765 }
767 return ($name);
768 }
771 function check()
772 {
773 /* Call common method to give check the hook */
774 $message= plugin::check();
776 /* Permissions for that base? */
777 if ($this->base != ""){
778 $new_dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
779 } else {
780 $new_dn= $this->dn;
781 }
783 /* Check if we have workstations assigned, that are already assigned to
784 another object group. */
785 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]" ) {
786 $test =array_intersect($this->used_workstations,$this->member);
787 if(count($test)){
788 $str = "";
789 foreach($test as $dn){
790 $str .= "<li>".$dn."</li>";
791 }
792 $message[] = sprintf(_("These systems are already configured by other object groups and cannot be added:")."<br><ul>%s</ul>",$str);
793 }
794 }
796 $ldap = $this->config->get_ldap_link();
797 if(LDAP::fix($this->dn) != LDAP::fix($new_dn)){
798 $ldap->cat ($new_dn, array('dn'));
799 }
801 if($ldap->count() !=0){
802 $message[]= msgPool::duplicated(_("Name"));
803 }
805 /* Set new acl base */
806 if($this->dn == "new") {
807 $this->set_acl_base($this->base);
808 }
810 /* must: cn */
811 if ($this->cn == ""){
812 $message[]= msgPool::required(_("Name"));
813 }
815 /* To many different object types? */
816 if (strlen($this->gosaGroupObjects) > 4){
817 $message[]= _("You can combine two different object types at maximum, only!");
818 }
820 /* Check if we are allowed to create or move this object
821 */
822 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
823 $message[] = msgPool::permCreate();
824 }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
825 $message[] = msgPool::permMove();
826 }
828 return ($message);
829 }
832 /* Save to LDAP */
833 function save()
834 {
835 plugin::save();
837 /* Move members to target array */
838 $this->attrs['member'] =array();
839 foreach ($this->member as $key => $desc){
840 $this->attrs['member'][]= LDAP::fix($key);
841 }
843 $ldap= $this->config->get_ldap_link();
845 /* New accounts need proper 'dn', propagate it to remaining objects */
846 if ($this->dn == 'new'){
847 $this->dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
848 }
850 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
851 new entries. So do a check first... */
852 $ldap->cat ($this->dn, array('dn'));
853 if ($ldap->fetch()){
854 /* Modify needs array() to remove values :-( */
855 if (!count ($this->member)){
856 $this->attrs['member']= array();
857 }
858 $mode= "modify";
860 } else {
861 $mode= "add";
862 $ldap->cd($this->config->current['BASE']);
863 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
864 }
866 /******
867 Trust accounts
868 ******/
869 $objectclasses= array();
870 foreach ($this->attrs['objectClass'] as $key => $class){
871 if (preg_match('/trustAccount/i', $class)){
872 continue;
873 }
874 $objectclasses[]= $this->attrs['objectClass'][$key];
875 }
876 $this->attrs['objectClass']= $objectclasses;
877 if ($this->trustModel != ""){
878 $this->attrs['objectClass'][]= "trustAccount";
879 $this->attrs['trustModel']= $this->trustModel;
880 $this->attrs['accessTo']= array();
881 if ($this->trustModel == "byhost"){
882 foreach ($this->accessTo as $host){
883 $this->attrs['accessTo'][]= $host;
884 }
885 }
886 } else {
887 if ($this->was_trust_account){
888 $this->attrs['accessTo']= array();
889 $this->attrs['trustModel']= array();
890 }
891 }
893 /******
894 Ende - Trust accounts
895 ******/
897 /* Write back to ldap */
898 $ldap->cd($this->dn);
899 $this->cleanup();
900 $ldap->$mode($this->attrs);
902 if($mode == "add"){
903 new log("create","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
904 }else{
905 new log("modify","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
906 }
908 /* Trigger post signal */
909 $this->handle_post_events($mode);
911 $ret= 0;
912 if (!$ldap->success()){
913 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
914 $ret= 1;
915 }
917 return ($ret);
918 }
920 function remove_from_parent()
921 {
922 plugin::remove_from_parent();
924 $ldap= $this->config->get_ldap_link();
925 $ldap->rmdir($this->dn);
926 if (!$ldap->success()){
927 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
928 }
930 new log("remove","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
932 /* Trigger remove signal */
933 $this->handle_post_events("remove");
934 }
937 function PrepareForCopyPaste($source)
938 {
939 plugin::PrepareForCopyPaste($source);
941 /* Reload tabs */
942 $this->parent->reload($this->gosaGroupObjects );
944 /* Reload plugins */
945 foreach($this->parent->by_object as $name => $class ){
946 if(get_class($this) != $name) {
947 $this->parent->by_object[$name]->PrepareForCopyPaste($source);
948 }
949 }
951 $source_o = new ogroup ($this->config, $source['dn']);
952 foreach(array("accessTo","member","gosaGroupObjects") as $attr){
953 $this->$attr = $source_o->$attr;
954 }
955 }
958 function getCopyDialog()
959 {
960 $smarty = get_smarty();
961 $smarty->assign("cn", $this->cn);
962 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
963 $ret = array();
964 $ret['string'] = $str;
965 $ret['status'] = "";
966 return($ret);
967 }
969 function saveCopyDialog()
970 {
971 if(isset($_POST['cn'])){
972 $this->cn = $_POST['cn'];
973 }
974 }
977 function IsReleaseManagementActivated()
978 {
979 /* Check if we should enable the release selection */
980 $tmp = $this->config->search("faiManagement", "CLASS",array('menu','tabs'));
981 if(!empty($tmp)){
982 return(true);
983 }
984 return(false);
985 }
988 static function plInfo()
989 {
990 return (array(
991 "plShortName" => _("Generic"),
992 "plDescription" => _("Object group generic"),
993 "plSelfModify" => FALSE,
994 "plDepends" => array(),
995 "plPriority" => 1,
996 "plSection" => array("administration"),
997 "plCategory" => array("ogroups" => array("description" => _("Object groups"),
998 "objectClass" => "gosaGroupOfNames")),
999 "plProvidedAcls"=> array(
1000 "cn" => _("Name"),
1001 "base" => _("Base"),
1002 "description" => _("Description"),
1003 "trustModel" => _("Sytem trust"),
1004 "member" => _("Member"))
1005 ));
1006 }
1007 }
1009 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1010 ?>