1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id: class_sudo.inc 9975 2008-03-25 14:09:30Z hickert $$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class sudo_options extends plugin
24 {
25 /* Group attributes */
26 var $sudoOption = array();
28 var $attributes = array("sudoOption");
29 var $is_account = TRUE;
31 var $options = array();
33 function sudo_options(&$config, $dn= NULL)
34 {
35 plugin::plugin ($config, $dn);
37 /****
38 Create a list of known options
39 ****/
40 $options = array();
41 $option['long_otp_prompt']= array('NAME' =>'long_otp_prompt' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
42 $option['ignore_dot']= array('NAME' =>'ignore_dot' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
43 $option['mail_always']= array('NAME' =>'mail_always' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
44 $option['mail_badpass']= array('NAME' =>'mail_badpass' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
45 $option['mail_no_user']= array('NAME' =>'mail_no_user' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
46 $option['mail_no_host']= array('NAME' =>'mail_no_host' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
47 $option['mail_no_perms']= array('NAME' =>'mail_no_perms' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
48 $option['tty_tickets']= array('NAME' =>'tty_tickets' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
49 $option['authenticate']= array('NAME' =>'authenticate' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
50 $option['root_sudo']= array('NAME' =>'root_sudo' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
51 $option['log_host']= array('NAME' =>'log_host' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
52 $option['log_year']= array('NAME' =>'log_year' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
53 $option['shell_noargs']= array('NAME' =>'shell_noargs' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
54 $option['set_home']= array('NAME' =>'set_home' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
55 $option['always_set_home']= array('NAME' =>'always_set_home' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
56 $option['path_info']= array('NAME' =>'path_info' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
57 $option['preserve_groups']= array('NAME' =>'preserve_groups' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
58 $option['fqdn']= array('NAME' =>'fqdn' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
59 $option['insults']= array('NAME' =>'insults' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
60 $option['requiretty']= array('NAME' =>'requiretty' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
61 $option['env_editor']= array('NAME' =>'env_editor' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
62 $option['rootpw']= array('NAME' =>'rootpw' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
63 $option['runaspw']= array('NAME' =>'runaspw' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
64 $option['targetpw']= array('NAME' =>'targetpw' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
65 $option['set_logname']= array('NAME' =>'set_logname' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
66 $option['stay_setuid']= array('NAME' =>'stay_setuid' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
67 $option['env_reset']= array('NAME' =>'env_reset' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
68 $option['use_loginclass']= array('NAME' =>'use_loginclass' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
69 $option['noexec']= array('NAME' =>'noexec' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
70 $option['ignore_local_sudoers']= array('NAME' =>'ignore_local_sudoers' , 'TYPE' => 'BOOLEAN' , 'DEFAULT' => '');
71 $option['passwd_tries']= array('NAME' =>'passwd_tries' , 'TYPE' => 'INTEGER' , 'DEFAULT' => '');
72 $option['loglinelen']= array('NAME' =>'loglinelen' , 'TYPE' => 'BOOL_INTEGER' , 'DEFAULT' => '');
73 $option['timestamp_timeout']= array('NAME' =>'timestamp_timeout' , 'TYPE' => 'BOOL_INTEGER' , 'DEFAULT' => '');
74 $option['passwd_timeout']= array('NAME' =>'passwd_timeout' , 'TYPE' => 'BOOL_INTEGER' , 'DEFAULT' => '');
75 $option['umask']= array('NAME' =>'umask' , 'TYPE' => 'BOOL_INTEGER' , 'DEFAULT' => '');
76 $option['mailsub']= array('NAME' =>'mailsub' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
77 $option['badpass_message']= array('NAME' =>'badpass_message' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
78 $option['timestampdir']= array('NAME' =>'timestampdir' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
79 $option['timestampowner']= array('NAME' =>'timestampowner' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
80 $option['passprompt']= array('NAME' =>'passprompt' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
81 $option['runas_default']= array('NAME' =>'runas_default' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
82 $option['syslog_goodpri']= array('NAME' =>'syslog_goodpri' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
83 $option['syslog_badpri']= array('NAME' =>'syslog_badpri' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
84 $option['editor']= array('NAME' =>'editor' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
85 $option['noexec_file']= array('NAME' =>'noexec_file' , 'TYPE' => 'STRING' , 'DEFAULT' => '');
86 $option['lecture']= array('NAME' =>'lecture' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
87 $option['lecture_file']= array('NAME' =>'lecture_file' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
88 $option['logfile']= array('NAME' =>'logfile' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
89 $option['syslog']= array('NAME' =>'syslog' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
90 $option['mailerpath']= array('NAME' =>'mailerpath' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
91 $option['mailerflags']= array('NAME' =>'mailerflags' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
92 $option['mailto']= array('NAME' =>'mailto' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
93 $option['exempt_group']= array('NAME' =>'exempt_group' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
94 $option['verifypw']= array('NAME' =>'verifypw' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
95 $option['listpw']= array('NAME' =>'listpw' , 'TYPE' => 'STRING_BOOL' , 'DEFAULT' => '');
96 $option['env_check']= array('NAME' =>'env_check' , 'TYPE' => 'LISTS' , 'DEFAULT' => '');
97 $option['env_delete']= array('NAME' =>'env_delete' , 'TYPE' => 'LISTS' , 'DEFAULT' => '');
98 $option['env_keep']= array('NAME' =>'env_keep' , 'TYPE' => 'LISTS' , 'DEFAULT' => '');
99 ksort($option);
100 $this->options = $option;
102 /****
103 Parse given sudoOption attributes
104 ****/
105 $this->sudoOption = array();
106 if(isset($this->attrs['sudoOption'])){
107 for($i = 0 ; $i < $this->attrs['sudoOption']['count']; $i++){
109 /****
110 Detect attribute name/value/negation
111 ****/
112 $opt = $this->attrs['sudoOption'][$i];
114 /* Get negation */
115 $negation = FALSE;
116 if(preg_match("/^!/",$opt)){
117 $negation = TRUE;
118 $opt = preg_replace("/^!/","",$opt);
119 }
121 /* Get value / name*/
122 $value = "";
123 if(preg_match("/=/",$opt)){
124 $value = preg_replace("/^[^=]*+=/","",$opt);
125 $opt = preg_replace("/=.*$/","",$opt);
126 }
128 /* Check if the given value is part of our options list.
129 If it is not, add it as type STRING and display a warning.
130 */
131 if(!isset($this->options[$opt])){
132 $this->options[$opt]=array('NAME'=>$opt,'TYPE'=>'STRING','DEFAULT' => '');
133 msg_dialog::display(_("Unknown option"),
134 sprintf(_("The sudo option '%s' is unkown to GOsa, it is now temporarily added as type string."),
135 $opt),WARNING_DIALOG);
136 }
138 /* Create internal sudoOption object */
139 $option = array();
140 $option['NAME'] = $opt;
141 $option['VALUE'] = array($value);
142 $option['NEGATE'] = $negation;
144 /* Special handling for mixed flag types.
145 Some attributes like (BOOL_INTEGER) can be TRUE/FALSE and INTEGER.
146 This means, if the value is empty it is BOOL and $negation defines its boolean value.
147 */
148 if(in_array($this->options[$opt]['TYPE'],array("BOOL_INTEGER","STRING_BOOL"))){
149 if(empty($value)){
150 $option['NEGATE'] = FALSE;
151 if($negation){
152 $option['VALUE'] = array(0 => "FALSE");
153 }else{
154 $option['VALUE'] = array(0 => "TRUE");
155 }
156 }
157 }
159 /* Special handling for BOOLEAN values */
160 if(in_array($this->options[$opt]['TYPE'],array("BOOLEAN"))){
161 $option['NEGATE'] = FALSE;
162 if($negation){
163 $option['VALUE'] = array(0 => "FALSE");
164 }else{
165 $option['VALUE'] = array(0 => "TRUE");
166 }
167 }
169 /* Append values */
170 if(!isset($this->sudoOption[$opt])){
171 $this->sudoOption[$opt] = $option;
172 }else{
173 $this->sudoOption[$opt]['VALUE'][] = $value;
174 }
175 }
176 }
177 }
179 function execute()
180 {
181 /* Call parent execute */
182 plugin::execute();
184 /*****
185 Handle Posts
186 *****/
187 foreach($_POST as $name => $value){
188 if(preg_match("/^negOption_/",$name)){
189 $opt = preg_replace("/^negOption_/","",$name);
190 $opt = preg_replace("/_[^_]*$/","",$opt);
191 if(isset($this->sudoOption[$opt])){
192 $val = $this->sudoOption[$opt]['VALUE'][0];
194 /*****
195 Negate STRING_BOOL && BOOL_INTEGER
196 *****/
197 if(in_array($this->options[$opt]['TYPE'],array('STRING_BOOL','BOOL_INTEGER'))){
198 if(in_array($val, array("TRUE","FALSE"))){
199 if($val == "TRUE"){
200 $this->sudoOption[$opt]['VALUE'][0] = "FALSE";
201 }else{
202 $this->sudoOption[$opt]['VALUE'][0] = "TRUE";
203 }
204 }else{
205 $this->sudoOption[$opt]['NEGATE'] = !$this->sudoOption[$opt]['NEGATE'];
206 }
207 }
209 /*****
210 Negate STRING / INTEGER
211 *****/
212 if(in_array($this->options[$opt]['TYPE'],array('STRING','INTEGER'))){
213 $this->sudoOption[$opt]['NEGATE'] = !$this->sudoOption[$opt]['NEGATE'];
214 }
216 /*****
217 Negate BOOLEAN
218 *****/
219 if(in_array($this->options[$opt]['TYPE'],array('BOOLEAN'))){
220 if($val == "TRUE"){
221 $this->sudoOption[$opt]['VALUE'][0] = "FALSE";
222 }else{
223 $this->sudoOption[$opt]['VALUE'][0] = "TRUE";
224 }
225 }
226 }
227 break;
228 }
230 if(preg_match("/^delOption_/",$name)){
232 /*****
233 Remove options
234 *****/
235 $opt = preg_replace("/^delOption_/","",$name);
236 $opt = preg_replace("/_[^_]*$/","",$opt);
237 if(isset($this->sudoOption[$opt])){
238 unset($this->sudoOption[$opt]);
239 }
240 break;
241 }
242 }
245 $smarty = get_smarty();
246 $smarty->assign("map", array("STRING" => _("string"), "BOOLEAN" => _("bool"),
247 "INTEGER" => _("integer") , "BOOL_INTEGER" => _("integer")."-"._("bool") ,
248 "STRING_BOOL" => _("string")."-"._("bool"),"LISTS" => _("lists")));
249 $smarty->assign("sudoOption",$this->sudoOption);
250 $smarty->assign("options",$this->options);
251 return($smarty->fetch(get_template_path('options.tpl', TRUE)));
252 }
254 function remove_from_parent()
255 {
256 }
258 /* Save data to object */
259 function save_object()
260 {
261 plugin::save_object();
263 if(isset($_POST['add_option']) && isset($_POST['option'])){
264 $opt = get_post("option");
265 if(isset($this->options[$opt]) && !isset($this->sudoOption[$opt])){
266 $type = $this->options[$opt]['TYPE'];
267 $val = array($this->options[$opt]['DEFAULT']);
268 $option = array("NAME" => $opt, "VALUE" => $val , "NEGATE" => FALSE);
269 $this->sudoOption[$opt] = $option;
270 }
271 }
273 foreach($this->sudoOption as $name => $opt){
275 /****
276 Get posted value for BOOLEAN
277 ****/
278 if(in_array($this->options[$name]['TYPE'],array("BOOLEAN"))){
279 if(isset($_POST['option_value__'.$name])){
280 $this->sudoOption[$name]['VALUE'][0] = get_post('option_value__'.$name);
281 }
282 }
284 /****
285 Get posted value for STRING / INTEGER
286 ****/
287 if(in_array($this->options[$name]['TYPE'],array("STRING","INTEGER"))){
288 if(isset($_POST['option_value__'.$name])){
289 $this->sudoOption[$name]['VALUE'][0] = get_post('option_value__'.$name);
290 }
291 }
293 /****
294 Get posted value for STRING_BOOL / BOOL_INTEGER
295 ****/
296 if(in_array($this->options[$name]['TYPE'],array("BOOL_INTEGER","STRING_BOOL"))){
297 if(isset($_POST['option_selection__'.$name])){
298 $sel = get_post('option_selection__'.$name);
299 $val = "";
300 if(isset($_POST['option_value__'.$name])){
301 $val = get_post('option_value__'.$name);
302 }
304 if($sel == "FALSE" || $sel == "TRUE"){
305 $this->sudoOption[$name]['VALUE'] = array($sel);
306 $this->sudoOption[$name]['NEGATE'] = FALSE;
307 }else{
308 $this->sudoOption[$name]['VALUE'] = array($val);
309 }
310 }
311 }
312 }
313 }
315 /* Save to LDAP */
316 function save()
317 {
318 plugin::save();
320 $this->attrs['sudoOption'] = array();
321 foreach($this->sudoOption as $name => $opt){
323 $type = $this->options[$name]['TYPE'];
324 $neg = $opt['NEGATE'];
325 $value = $opt['VALUE'][0];
326 $option = "";
328 /****
329 Save BOOLEAN
330 ****/
331 if(in_array($type,array("BOOLEAN"))){
332 $option = $name;
333 if($value == "FALSE"){
334 $option = "!".$option;
335 }
336 }
338 /****
339 Save STRING / INTEGER
340 ****/
341 if(in_array($type,array("STRING","INTEGER"))){
342 $option = $name."=".$value;
343 if($neg){
344 $option = "!".$option;
345 }
346 }
348 /****
349 Save STRING_BOOL / BOOL_INTEGER
350 ****/
351 if(in_array($type,array("STRING_BOOL","BOOL_INTEGER"))){
352 if($value == "FALSE"){
353 $option = "!".$name;
354 }elseif($value == "TRUE"){
355 $option = $name;
356 }else{
357 $option = $name."=".$value;
358 if($neg){
359 $option = "!".$option;
360 }
361 }
362 }
364 $this->attrs['sudoOption'][] = $option;
365 }
366 $this->cleanup();
367 $ldap = $this->config->get_ldap_link();
368 $ldap->cd($this->dn);
369 $ldap->modify($this->attrs);;
370 }
372 function check()
373 {
374 $message = plugin::check();
375 return ($message);
376 }
377 }
378 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
379 ?>