1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 /* Sort multidimensional arrays for key 'text' */
24 function sort_list($val1, $val2)
25 {
26 $v1= strtolower($val1['text']);
27 $v2= strtolower($val2['text']);
28 if ($v1 > $v2){
29 return 1;
30 }
31 if ($v1 < $v2){
32 return -1;
33 }
34 return 0;
35 }
38 class ogroup extends plugin
39 {
40 /* Variables */
41 var $cn= "";
42 var $description= "";
43 var $base= "";
44 var $gosaGroupObjects= "";
45 var $objects= array();
46 var $objcache= array();
47 var $memberList= array();
48 var $member= array();
49 var $orig_dn= "";
50 var $orig_cn= "";
51 var $orig_base= "";
52 var $objectSelect= FALSE;
53 var $view_logged = FALSE;
55 var $accessTo= array();
56 var $trustModel= "";
57 var $trustSelect = FALSE;
59 var $was_trust_account= FALSE;
60 var $baseSelector;
62 /* Already assigned Workstations. Will be hidden in selection.
63 */
64 var $used_workstations = array();
66 /* attribute list for save action */
67 var $attributes= array("cn", "description", "gosaGroupObjects","member","accessTo","trustModel");
68 var $objectclasses= array("top", "gosaGroupOfNames");
70 function ogroup (&$config, $dn= NULL)
71 {
72 plugin::plugin ($config, $dn);
73 $this->orig_dn= $dn;
75 $this->member = array();
77 /* Load member objects */
78 if (isset($this->attrs['member'])){
79 foreach ($this->attrs['member'] as $key => $value){
80 if ("$key" != "count"){
81 $value= @LDAP::convert($value);
82 $this->member["$value"]= "$value";
83 }
84 }
85 }
86 $this->is_account= TRUE;
88 /* Set base */
89 if ($this->dn == "new"){
90 $ui = get_userinfo();
91 $this->base= dn2base(session::global_is_set("CurrentMainBase")?"cn=dummy,".session::global_get("CurrentMainBase"):$ui->dn);
92 } else {
93 $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("ogroupRDN"), '/')."/i","",$this->dn);
95 /* Is this account a trustAccount? */
96 if ($this->is_account && isset($this->attrs['trustModel'])){
97 $this->trustModel= $this->attrs['trustModel'][0];
98 $this->was_trust_account= TRUE;
99 } else {
100 $this->was_trust_account= FALSE;
101 $this->trustModel= "";
102 }
104 $this->accessTo = array();
105 if ($this->is_account && isset($this->attrs['accessTo'])){
106 for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
107 $tmp= $this->attrs['accessTo'][$i];
108 $this->accessTo[$tmp]= $tmp;
109 }
110 }
111 }
113 /* Detect all workstations, which are already assigned to an object group
114 - Those objects will be hidden in the add object dialog.
115 - Check() will complain if such a system is assigned to this object group.
116 */
117 $base = $this->config->current['BASE'];
118 $res = get_list("(|(objectClass=gotoWorkstation)(objectClass=gotoTerminal))","none" ,
119 $base, array("dn"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
120 $ws_dns = array();
121 foreach($res as $data){
122 $ws_dns[] = $data['dn'];
123 }
124 $res=get_list("(&(member=*)(objectClass=gosaGroupOfNames))","none",
125 $base, array("dn","member", "gosaGroupObjects"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
126 $this->used_workstations = array();
127 foreach($res as $og){
128 if($og['dn'] == $this->dn) continue;
129 $test = array_intersect($ws_dns,$og['member']);
130 if(($og['gosaGroupObjects'] == "[W]" || $og['gosaGroupObjects'] == "[T]") && count($test)){
131 $this->used_workstations = array_merge($this->used_workstations,$test);
132 }
133 }
135 $this->orig_cn = $this->cn;
136 $this->orig_base = $this->base;
138 /* Get global filter config */
139 if (!session::is_set("sysfilter")){
140 $ui= get_userinfo();
141 $base= get_base_from_people($ui->dn);
142 $sysfilter= array( "depselect" => $base,
143 "regex" => "*");
144 session::set("sysfilter", $sysfilter);
145 }
147 /* Instanciate base selector */
148 $this->baseSelector= new baseSelector($this->get_allowed_bases(), $this->base);
149 $this->baseSelector->setSubmitButton(false);
150 $this->baseSelector->setHeight(300);
151 $this->baseSelector->update(true);
153 $this->reload();
154 }
156 function AddDelMembership($NewMember = false){
158 if($NewMember){
160 /* Add member and force reload */
161 $this->member[$NewMember]= $NewMember;
163 $this->memberList[$NewMember]= $this->objcache[$NewMember];
164 unset ($this->objects[$NewMember]);
165 uasort ($this->memberList, 'sort_list');
166 reset ($this->memberList);
167 $this->reload();
168 }else{
169 /* Delete objects from group */
170 if (isset($_POST['delete_membership']) && isset($_POST['members'])){
171 foreach ($_POST['members'] as $value){
172 $this->objects["$value"]= $this->memberList[$value];
173 unset ($this->memberList["$value"]);
174 unset ($this->member["$value"]);
175 uasort ($this->objects, 'sort_list');
176 reset ($this->objects);
177 }
178 $this->reload();
179 }
181 /* Add objects to group */
182 if (isset($_POST['objectSelect_save']) && $this->objectSelect instanceOf objectSelect){
183 $objects = $this->objectSelect->save();
184 $skipped = FALSE;
185 foreach($objects as $object){
187 $tmp = "";
188 foreach($this->memberList as $obj){
189 $tmp .= $obj['type'];
190 }
192 $type = $this->getObjectType($object);
193 $name= $this->getObjectName($object);
194 $dn = $object['dn'];
196 /* Fill array */
197 if (isset($object["description"][0])){
198 $object= array("text" => "$name [".$object["description"][0]."]", "type" => "$type");
199 } elseif (isset($object["uid"][0])) {
200 $object= array("text" => "$name [".$object["uid"][0]."]", "type" => "$type");
201 } else {
202 $object= array("text" => "$name", "type" => "$type");
203 }
205 if(preg_match("/T/",$tmp) && $type == "W"){
206 $skipped =TRUE;
207 }elseif(preg_match("/W/",$tmp) && $type == "T"){
208 $skipped =TRUE;
209 }else{
211 $this->memberList["$dn"]= $object;
212 $this->member["$dn"]= $dn;
213 uasort ($this->memberList, 'sort_list');
214 reset ($this->memberList);
215 }
216 }
217 if($skipped){
218 msg_dialog::display(_("Information"), _("You cannot combine terminals and workstations in one object group!"), INFO_DIALOG);
219 }
220 $this->objectSelect= FALSE;
221 $this->dialog= FALSE;
222 $this->reload();
223 }
224 }
225 }
227 function execute()
228 {
229 /* Call parent execute */
230 plugin::execute();
232 if(!$this->view_logged){
233 $this->view_logged = TRUE;
234 new log("view","ogroups/".get_class($this),$this->dn);
235 }
238 /* Do we represent a valid group? */
239 if (!$this->is_account){
240 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
241 msgPool::noValidExtension("object group")."</b>";
242 return ($display);
243 }
246 /* Load templating engine */
247 $smarty= get_smarty();
248 $smarty->assign("usePrototype", "true");
250 $tmp = $this->plInfo();
251 foreach($tmp['plProvidedAcls'] as $name => $translation){
252 $smarty->assign($name."ACL",$this->getacl($name));
253 }
255 /***********
256 * Trusts
257 ***********/
259 /* Add user workstation? */
260 if (isset($_POST["add_ws"])){
261 $this->trustSelect= new trustSelect($this->config,get_userinfo());
262 $this->dialog= TRUE;
263 }
265 // Add selected machines to trusted ones.
266 if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
267 $trusts = $this->trustSelect->detectPostActions();
268 if(isset($trusts['targets'])){
270 $headpage = $this->trustSelect->getHeadpage();
271 foreach($trusts['targets'] as $id){
272 $attrs = $headpage->getEntry($id);
273 $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
274 }
275 ksort($this->accessTo);
276 $this->is_modified= TRUE;
277 }
278 $this->trustSelect= NULL;
279 $this->dialog= FALSE;
280 }
283 /* Remove user workstations? */
284 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
285 foreach($_POST['workstation_list'] as $name){
286 unset ($this->accessTo[$name]);
287 }
288 $this->is_modified= TRUE;
289 }
291 /* Add user workstation finished? */
292 if (isset($_POST["add_ws_cancel"])){
293 $this->trustSelect= NULL;
294 $this->dialog= FALSE;
295 }
297 /* Show ws dialog */
298 if ($this->trustSelect){
300 // Build up blocklist
301 session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
302 return($this->trustSelect->execute());
303 }
305 /***********
306 * Ende - Trusts
307 ***********/
310 /* Dialog handling */
311 if(is_object($this->dialog) && $this->acl_is_moveable()){
312 /* Must be called before save_object */
313 $this->dialog->save_object();
315 if($this->dialog->isClosed()){
316 $this->dialog = false;
317 }elseif($this->dialog->isSelected()){
319 /* A new base was selected, check if it is a valid one */
320 $tmp = $this->get_allowed_bases();
321 if(isset($tmp[$this->dialog->isSelected()])){
322 $this->base = $this->dialog->isSelected();
323 }
324 $this->dialog= false;
325 }else{
326 return($this->dialog->execute());
327 }
328 }
330 /* Add objects? */
331 if (isset($_POST["edit_membership"])){
332 $this->objectSelect= new objectSelect($this->config, get_userinfo());
333 $this->dialog= TRUE;
334 }
336 /* Add objects finished? */
337 if (isset($_POST["objectSelect_cancel"])){
338 $this->objectSelect= FALSE;
339 $this->dialog= FALSE;
340 }
342 /* Manage object add dialog */
343 if ($this->objectSelect){
344 session::set('filterBlacklist', array('dn'=> $this->member));
345 return($this->objectSelect->execute());
346 }
348 /* Bases / Departments */
349 if ((isset($_POST['base'])) && ($this->acl_is_moveable())){
350 $this->base= $_POST['base'];
351 }
353 /* Assemble combine string */
354 if ($this->gosaGroupObjects == "[]"){
355 $smarty->assign("combinedObjects", _("none"));
356 } elseif (strlen($this->gosaGroupObjects) > 4){
357 $smarty->assign("combinedObjects", "<font color=red>"._("too many different objects!")."</font>");
358 } else {
359 $conv= array( "U" => _("users"),
360 "G" => _("groups"),
361 "A" => _("applications"),
362 "D" => _("departments"),
363 "S" => _("servers"),
364 "W" => _("workstations"),
365 "O" => _("winstations"),
366 "T" => _("terminals"),
367 "F" => _("phones"),
368 "P" => _("printers"));
370 $type= preg_replace('/[\[\]]/', '', $this->gosaGroupObjects);
371 $p1= $conv[$type[0]];
372 error_reporting(0);
373 if (isset($type[1]) && preg_match('/[UGADSFOWTP]/', $type[1])){
374 $p2= $conv[$type[1]];
375 $smarty->assign("combinedObjects", sprintf("'%s' and '%s'", $p1, $p2));
376 } else {
377 $smarty->assign("combinedObjects", "$p1");
378 }
379 error_reporting(E_ALL | E_STRICT);
380 }
382 /* Assign variables */
383 $smarty->assign("base", $this->baseSelector->render());
384 $smarty->assign("members", $this->convert_list($this->memberList));
386 /* Objects have to be tuned... */
387 $smarty->assign("objects", $this->convert_list($this->objects));
389 /* Fields */
390 foreach ($this->attributes as $val){
391 $smarty->assign("$val", $this->$val);
392 }
394 /******
395 Trust account
396 ******/
397 $smarty->assign("trusthide", " disabled ");
398 $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
399 if ($this->trustModel == "fullaccess"){
400 $trustmode= 1;
401 // pervent double disable tag in html code, this will disturb our clean w3c html
402 $smarty->assign("trustmode", $this->getacl("trustModel"));
404 } elseif ($this->trustModel == "byhost"){
405 $trustmode= 2;
406 $smarty->assign("trusthide", "");
407 } else {
408 // pervent double disable tag in html code, this will disturb our clean w3c html
409 $smarty->assign("trustmode", $this->getacl("trustModel"));
410 $trustmode= 0;
411 }
412 $smarty->assign("trustmode", $trustmode);
413 $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
414 2 => _("allow access to these hosts")));
416 $smarty->assign("workstations", $this->accessTo);
418 if((count($this->accessTo))==0){
419 $smarty->assign("emptyArrAccess",true);
420 }else{
421 $smarty->assign("emptyArrAccess",false);
422 }
423 /******
424 Ende - Trust account
425 ******/
427 return ($smarty->fetch (get_template_path('generic.tpl', TRUE)));
428 }
431 /* Save data to object */
432 function save_object()
433 {
434 /* Save additional values for possible next step */
435 if (isset($_POST['ogroupedit'])){
437 /******
438 Trust account
439 ******/
441 if($this->acl_is_writeable("trustModel")){
442 if (isset($_POST['trustmode'])){
443 $saved= $this->trustModel;
444 if ($_POST['trustmode'] == "1"){
445 $this->trustModel= "fullaccess";
446 } elseif ($_POST['trustmode'] == "2"){
447 $this->trustModel= "byhost";
448 } else {
449 $this->trustModel= "";
450 }
451 if ($this->trustModel != $saved){
452 $this->is_modified= TRUE;
453 }
454 }
455 }
456 /******
457 Ende Trust account
458 ******/
460 /* Create a base backup and reset the
461 base directly after calling plugin::save_object();
462 Base will be set seperatly a few lines below */
463 $base_tmp = $this->base;
464 plugin::save_object();
465 $this->base = $base_tmp;
467 /* Refresh base */
468 if ($this->acl_is_moveable($this->base)){
469 if (!$this->baseSelector->update()) {
470 msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
471 }
472 if ($this->base != $this->baseSelector->getBase()) {
473 $this->base= $this->baseSelector->getBase();
474 $this->is_modified= TRUE;
475 }
476 }
478 }
479 }
482 /* (Re-)Load objects */
483 function reload()
484 {
485 /*###########
486 Variable initialisation
487 ###########*/
489 $this->objects = array();
490 $this->ui = get_userinfo();
491 $filter = "";
492 $objectClasses = array();
494 $ogfilter = session::get("ogfilter");
495 $regex = $ogfilter['regex'];
497 $ldap= $this->config->get_ldap_link();
498 $ldap->cd ($ogfilter['dselect']);
501 /*###########
502 Generate Filter
503 ###########*/
505 $p_f= array("accounts"=> array("OBJ"=>"user", "CLASS"=>"gosaAccount" ,
506 "DN"=> get_people_ou() ,"ACL" => "users"),
507 "groups" => array("OBJ"=>"group", "CLASS"=>"posixGroup" ,
508 "DN"=> get_groups_ou('ogroupRDN') ,"ACL" => "groups"),
509 "departments" => array("OBJ"=>"department", "CLASS"=>"gosaDepartment" ,
510 "DN"=> "" ,"ACL" => "department"),
511 "servers" => array("OBJ"=>"servgeneric", "CLASS"=>"goServer" ,
512 "DN"=> get_ou('serverRDN') ,"ACL" => "server"),
513 "workstations" => array("OBJ"=>"workgeneric", "CLASS"=>"gotoWorkstation",
514 "DN"=> get_ou('workstationRDN') ,"ACL" => "workstation"),
515 "winstations" => array("OBJ"=>"wingeneric", "CLASS"=>"opsiClient",
516 "DN"=> get_ou('SAMBAMACHINEACCOUNTRDN') ,"ACL" => "winstation"),
517 "terminals" => array("OBJ"=>"termgeneric", "CLASS"=>"gotoTerminal" ,
518 "DN"=> get_ou('terminalRDN') ,"ACL" => "terminal"),
519 "printers" => array("OBJ"=>"printgeneric", "CLASS"=>"gotoPrinter" ,
520 "DN"=> get_ou('printerRDN') ,"ACL" => "printer"),
521 "phones" => array("OBJ"=>"phoneGeneric", "CLASS"=>"goFonHardware" ,
522 "DN"=> get_ou('phoneRDN') ,"ACL" => "phone"));
525 /* Allow searching for applications, if we are not using release managed applications
526 */
527 if(!$this->IsReleaseManagementActivated()){
528 $p_f[ "applications"] = array("OBJ"=>"application", "CLASS"=>"gosaApplication",
529 "DN"=> get_ou('applicationRDN') ,"ACL" => "application");
530 }
532 /*###########
533 Perform search for selected objectClasses & regex to fill list with objects
534 ###########*/
536 $Get_list_flags = 0;
537 if($ogfilter['subtrees'] == "checked"){
538 $Get_list_flags |= GL_SUBSEARCH;
539 }
541 foreach($p_f as $post_name => $data){
543 if($ogfilter[$post_name] == "checked" && class_available($data['OBJ'])){
545 if($ogfilter['subtrees']){
546 $base = $ogfilter['dselect'];
547 }else{
548 $base = $data['DN'].$ogfilter['dselect'];
549 }
552 $filter = "(&(objectClass=".$data['CLASS'].")(|(uid=$regex)(cn=$regex)(ou=$regex)))";
553 $res = get_list($filter, $data['ACL'] , $base,
554 array("description", "objectClass", "sn", "givenName", "uid","ou","cn"),$Get_list_flags);
556 /* fetch results and append them to the list */
557 foreach($res as $attrs){
559 /* Skip workstations which are already assigned to an object group.
560 */
561 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]"){
562 if(in_array($attrs['dn'],$this->used_workstations)){
563 continue;
564 }
565 }
567 $type= $this->getObjectType($attrs);
568 $name= $this->getObjectName($attrs);
570 /* Fill array */
571 if (isset($attrs["description"][0])){
572 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
573 } elseif (isset($attrs["uid"][0])) {
574 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
575 } else {
576 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
577 }
578 }
579 }
580 }
581 uasort ($this->objects, 'sort_list');
582 reset ($this->objects);
585 /*###########
586 Build member list and try to detect obsolete entries
587 ###########*/
589 $this->memberList = array();
591 /* Walk through all single member entry */
592 foreach($this->member as $dn){
594 /* The dn for the current member can't be resolved
595 it seams that this entry was removed
596 */
597 /* Try to resolv the entry again, if it still fails, display error msg */
598 $ldap->cat($dn, array("cn", "sn", "givenName", "ou", "description", "objectClass", "macAddress"));
600 /* It has failed, add entry with type flag I (Invalid)*/
601 if (!$ldap->success()){
602 $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".LDAP::fix($dn),"type" => "I");
604 } else {
606 /* Append this entry to our all object list */
608 /* Fetch object */
609 $attrs= $ldap->fetch();
611 $type= $this->getObjectType($attrs);
612 $name= $this->getObjectName($attrs);
614 if (isset($attrs["description"][0])){
615 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
616 } elseif (isset($attrs["uid"][0])) {
617 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
618 } else {
619 $this->objcache[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
620 }
621 $this->objcache[$attrs["dn"]]['objectClass'] = $attrs['objectClass'];
623 if(isset($attrs['macAddress'][0])){
624 $this->objcache[$attrs["dn"]]['macAddress'] = $attrs['macAddress'][0];
625 }else{
626 $this->objcache[$attrs["dn"]]['macAddress'] = "";
627 }
629 if(isset($attrs['uid'])){
630 $this->objcache[$attrs["dn"]]['uid'] = $attrs['uid'];
631 }
633 /* Fill array */
634 if (isset($attrs["description"][0])){
635 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
636 } else {
637 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
638 }
640 $this->memberList[$dn]= $this->objects[$attrs["dn"]];
641 }
642 }
643 uasort ($this->memberList, 'sort_list');
644 reset ($this->memberList);
646 /* Assemble types of currently combined objects */
647 $objectTypes= "";
648 foreach ($this->memberList as $dn => $desc){
650 /* Invalid object? */
651 if ($desc['type'] == 'I'){
652 continue;
653 }
655 /* Fine. Add to list. */
656 if (!preg_match('/'.$desc['type'].'/', $objectTypes)){
657 $objectTypes.= $desc['type'];
658 }
659 }
660 $this->gosaGroupObjects= "[$objectTypes]";
661 }
664 function convert_list($input)
665 {
666 $temp= "";
667 $conv= array(
668 "Y" => "plugins/users/images/select_template.png",
669 "U" => "plugins/generic/images/head.png",
670 "G" => "plugins/groups/images/select_group.png",
671 "A" => "plugins/ogroups/images/application.png",
672 "D" => "plugins/departments/images/department.png",
673 "S" => "plugins/ogroups/images/server.png",
674 "W" => "plugins/ogroups/images/workstation.png",
675 "O" => "plugins/ogroups/images/winstation.png",
676 "T" => "plugins/ogroups/images/terminal.png",
677 "F" => "plugins/ogroups/images/phone.png",
678 "P" => "plugins/ogroups/images/printer.png",
679 "I" => "images/false.png");
681 foreach ($input as $key => $value){
682 /* Generate output */
683 $temp.= "<option title='".addslashes( $key)."' value=\"$key\" class=\"select\" style=\"background-image:url('".get_template_path($conv[$value['type']])."');\">".$value['text']."</option>\n";
684 }
686 return ($temp);
687 }
690 function getObjectType($attrs)
691 {
692 $type= "I";
694 foreach(array(
695 "Y" => "gosaUserTemplate",
696 "U" => "gosaAccount",
697 "G" => "posixGroup",
698 "A" => "gosaApplication",
699 "D" => "gosaDepartment",
700 "S" => "goServer",
701 "W" => "gotoWorkstation",
702 "O" => "opsiClient",
703 "T" => "gotoTerminal",
704 "F" => "goFonHardware",
705 "P" => "gotoPrinter") as $index => $class){
706 if (in_array($class, $attrs['objectClass'])){
707 $type= $index;
708 break;
709 }
710 }
712 return ($type);
713 }
716 function getObjectName($attrs)
717 {
718 /* Person? */
719 $name ="";
720 if (in_array('gosaAccount', $attrs['objectClass'])){
721 if(isset($attrs['sn']) && isset($attrs['givenName'])){
722 $name= $attrs['sn'][0].", ".$attrs['givenName'][0];
723 } else {
724 $name= $attrs['uid'][0];
725 }
726 } else {
727 if(isset($attrs["cn"][0])) {
728 $name= $attrs['cn'][0];
729 } else {
730 $name= $attrs['ou'][0];
731 }
732 }
734 return ($name);
735 }
738 function check()
739 {
740 /* Call common method to give check the hook */
741 $message= plugin::check();
743 /* Permissions for that base? */
744 if ($this->base != ""){
745 $new_dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
746 } else {
747 $new_dn= $this->dn;
748 }
750 /* Check if we have workstations assigned, that are already assigned to
751 another object group. */
752 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]" ) {
753 $test =array_intersect($this->used_workstations,$this->member);
754 if(count($test)){
755 $str = "";
756 foreach($test as $dn){
757 $str .= "<li>".$dn."</li>";
758 }
759 $message[] = sprintf(_("These systems are already configured by other object groups and cannot be added:")."<br><ul>%s</ul>",$str);
760 }
761 }
763 $ldap = $this->config->get_ldap_link();
764 if(LDAP::fix($this->dn) != LDAP::fix($new_dn)){
765 $ldap->cat ($new_dn, array('dn'));
766 }
768 if($ldap->count() !=0){
769 $message[]= msgPool::duplicated(_("Name"));
770 }
772 // Check if a wrong base was supplied
773 if(!$this->baseSelector->checkLastBaseUpdate()){
774 $message[]= msgPool::check_base();;
775 }
777 /* Set new acl base */
778 if($this->dn == "new") {
779 $this->set_acl_base($this->base);
780 }
782 /* must: cn */
783 if ($this->cn == ""){
784 $message[]= msgPool::required(_("Name"));
785 }
787 if (preg_match('/[=,+<>#;]/', $this->cn)) {
788 $message[] = msgPool::invalid(_("Name"), $this->cn, "/[^=+,<>#;]/");
789 }
791 /* To many different object types? */
792 if (strlen($this->gosaGroupObjects) > 4){
793 $message[]= _("You can combine two different object types at maximum, only!");
794 }
796 /* Check if we are allowed to create or move this object
797 */
798 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
799 $message[] = msgPool::permCreate();
800 }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
801 $message[] = msgPool::permMove();
802 }
804 return ($message);
805 }
808 /* Save to LDAP */
809 function save()
810 {
811 plugin::save();
813 /* Move members to target array */
814 $this->attrs['member'] =array();
815 foreach ($this->member as $key => $desc){
816 $this->attrs['member'][]= LDAP::fix($key);
817 }
819 $ldap= $this->config->get_ldap_link();
821 /* New accounts need proper 'dn', propagate it to remaining objects */
822 if ($this->dn == 'new'){
823 $this->dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
824 }
826 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
827 new entries. So do a check first... */
828 $ldap->cat ($this->dn, array('dn'));
829 if ($ldap->fetch()){
830 /* Modify needs array() to remove values :-( */
831 if (!count ($this->member)){
832 $this->attrs['member']= array();
833 }
834 $mode= "modify";
836 } else {
837 $mode= "add";
838 $ldap->cd($this->config->current['BASE']);
839 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
840 }
842 /******
843 Trust accounts
844 ******/
845 $objectclasses= array();
846 foreach ($this->attrs['objectClass'] as $key => $class){
847 if (preg_match('/trustAccount/i', $class)){
848 continue;
849 }
850 $objectclasses[]= $this->attrs['objectClass'][$key];
851 }
852 $this->attrs['objectClass']= $objectclasses;
853 if ($this->trustModel != ""){
854 $this->attrs['objectClass'][]= "trustAccount";
855 $this->attrs['trustModel']= $this->trustModel;
856 $this->attrs['accessTo']= array();
857 if ($this->trustModel == "byhost"){
858 foreach ($this->accessTo as $host){
859 $this->attrs['accessTo'][]= $host;
860 }
861 }
862 } else {
863 if ($this->was_trust_account){
864 $this->attrs['accessTo']= array();
865 $this->attrs['trustModel']= array();
866 }
867 }
869 /******
870 Ende - Trust accounts
871 ******/
873 /* Write back to ldap */
874 $ldap->cd($this->dn);
875 $this->cleanup();
876 $ldap->$mode($this->attrs);
878 if($mode == "add"){
879 new log("create","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
880 }else{
881 new log("modify","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
882 }
884 /* Trigger post signal */
885 $this->handle_post_events($mode);
887 $ret= 0;
888 if (!$ldap->success()){
889 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
890 $ret= 1;
891 }
893 return ($ret);
894 }
896 function remove_from_parent()
897 {
898 plugin::remove_from_parent();
900 $ldap= $this->config->get_ldap_link();
901 $ldap->rmdir($this->dn);
902 if (!$ldap->success()){
903 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
904 }
906 new log("remove","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
908 /* Trigger remove signal */
909 $this->handle_post_events("remove");
910 }
913 function PrepareForCopyPaste($source)
914 {
915 plugin::PrepareForCopyPaste($source);
917 /* Reload tabs */
918 $this->parent->reload($this->gosaGroupObjects );
920 /* Reload plugins */
921 foreach($this->parent->by_object as $name => $class ){
922 if(get_class($this) != $name) {
923 $this->parent->by_object[$name]->PrepareForCopyPaste($source);
924 }
925 }
927 $source_o = new ogroup ($this->config, $source['dn']);
928 foreach(array("accessTo","member","gosaGroupObjects") as $attr){
929 $this->$attr = $source_o->$attr;
930 }
931 }
934 function getCopyDialog()
935 {
936 $smarty = get_smarty();
937 $smarty->assign("cn", $this->cn);
938 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
939 $ret = array();
940 $ret['string'] = $str;
941 $ret['status'] = "";
942 return($ret);
943 }
945 function saveCopyDialog()
946 {
947 if(isset($_POST['cn'])){
948 $this->cn = $_POST['cn'];
949 }
950 }
953 function IsReleaseManagementActivated()
954 {
955 /* Check if we should enable the release selection */
956 $tmp = $this->config->search("faiManagement", "CLASS",array('menu','tabs'));
957 if(!empty($tmp)){
958 return(true);
959 }
960 return(false);
961 }
964 static function plInfo()
965 {
966 return (array(
967 "plShortName" => _("Generic"),
968 "plDescription" => _("Object group generic"),
969 "plSelfModify" => FALSE,
970 "plDepends" => array(),
971 "plPriority" => 1,
972 "plSection" => array("administration"),
973 "plCategory" => array("ogroups" => array("description" => _("Object groups"),
974 "objectClass" => "gosaGroupOfNames")),
975 "plProvidedAcls"=> array(
976 "cn" => _("Name"),
977 "base" => _("Base"),
978 "description" => _("Description"),
979 "trustModel" => _("Sytem trust"),
980 "member" => _("Member"))
981 ));
982 }
983 }
985 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
986 ?>