1 <?php
3 /*
4 This code is part of GOsa (https://gosa.gonicus.de)
5 Copyright (C) 2007 Fabian Hickert
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
24 /****************
25 * FUNCTIONS
27 Step_Migrate - Constructor.
28 update_strings - Used to update the displayed step informations.
29 initialize_checks - Initialize migration steps.
30 check_ldap_permissions - Check if the used admin account has full access to the ldap database.
31 check_gosaAccounts - Check if there are users without the required objectClasses.
32 migrate_gosaAccounts - Migrate selected users to GOsa user accounts.
33 check_organizationalUnits - Check if there are departments, that are not visible for GOsa
34 migrate_organizationalUnits - Migrate selected departments
35 check_administrativeAccount - Check if there is at least one acl entry available
36 checkBase - Check if there is a root object available
38 get_user_list - Get list of available users
39 get_group_list - Get list of groups
41 create_admin
42 create_admin_user
44 execute - Generate html output of this plugin
45 save_object - Save posts
46 array_to_ldif - Create ldif output of an ldap result array
48 ****************/
52 class Step_Migrate extends setup_step
53 {
54 var $languages = array();
55 var $attributes = array();
56 var $header_image = "images/monitoring.png";
57 var $checks = array();
59 /* Department migration attributes */
60 var $dep_migration_dialog = FALSE;
61 var $deps_to_migrate = array();
62 var $show_details = FALSE;
64 /* Department migration attributes */
65 var $users_migration_dialog= FALSE;
66 var $users_to_migrate = array();
68 /* Create Acl attributes */
69 var $acl_create_dialog = FALSE;
70 var $acl_create_selected= ""; // Currently selected element, that should receive admin rights
71 var $acl_create_changes = ""; // Contains ldif information about changes
72 var $acl_create_confirmed= FALSE;
74 /* Checks initialised ? */
75 var $checks_initialised = FALSE;
77 /* Users outside to people ou */
78 var $outside_users = array();
79 var $outside_users_dialog = FALSE;
81 /* Users outside to groups ou */
82 var $outside_groups = array();
83 var $outside_groups_dialog = FALSE;
85 /* Device migration */
86 var $device_dialog = FALSE;
87 var $device = array();
89 /* Service migration */
90 var $service_dialog = FALSE;
91 var $service = array();
93 /* Group menus */
94 var $menu_dialog = FALSE;
95 var $menu = array();
97 /* Win-Workstations outside to reserved ou */
98 var $outside_winstations = array();
99 var $outside_winstations_dialog = FALSE;
101 /* check for multiple use of same uidNumber */
102 var $check_uidNumbers = array();
103 var $check_uidNumbers_dialog = FALSE;
105 /* check for multiple use of same gidNumber */
106 var $check_gidNumbers = array();
107 var $check_gidNumbers_dialog = FALSE;
109 var $group_list = array();
111 function Step_Migrate()
112 {
113 $this->update_strings();
114 }
116 function update_strings()
117 {
118 $this->s_title = _("LDAP inspection");
119 $this->s_title_long = _("LDAP inspection");
120 $this->s_info = _("Analyze your current LDAP for GOsa compatibility");
121 }
123 function initialize_checks()
124 {
125 $this->checks = array();
126 $this->checks['root']['TITLE'] = _("Checking for root object");
127 $this->checks['root']['STATUS'] = FALSE;
128 $this->checks['root']['STATUS_MSG']= "";
129 $this->checks['root']['ERROR_MSG'] = "";
130 $this->checkBase();
132 $this->checks['permissions']['TITLE'] = _("Checking permissions on LDAP database");
133 $this->checks['permissions']['STATUS'] = FALSE;
134 $this->checks['permissions']['STATUS_MSG']= "";
135 $this->checks['permissions']['ERROR_MSG'] = "";
136 $this->check_ldap_permissions();
138 $this->checks['deps_visible']['TITLE'] = _("Checking for invisible departments");
139 $this->checks['deps_visible']['STATUS'] = FALSE;
140 $this->checks['deps_visible']['STATUS_MSG']= "";
141 $this->checks['deps_visible']['ERROR_MSG'] = "";
143 $this->checks['users_visible']['TITLE'] = _("Checking for invisible users");
144 $this->checks['users_visible']['STATUS'] = FALSE;
145 $this->checks['users_visible']['STATUS_MSG']= "";
146 $this->checks['users_visible']['ERROR_MSG'] = "";
147 $this->check_gosaAccounts();
149 $this->checks['acls']['TITLE'] = _("Checking for super administrator");
150 $this->checks['acls']['STATUS'] = FALSE;
151 $this->checks['acls']['STATUS_MSG']= "";
152 $this->checks['acls']['ERROR_MSG'] = "";
153 $this->check_administrativeAccount();
155 $this->checks['outside_users']['TITLE'] = _("Checking for users outside the people tree");
156 $this->checks['outside_users']['STATUS'] = FALSE;
157 $this->checks['outside_users']['STATUS_MSG']= "";
158 $this->checks['outside_users']['ERROR_MSG'] = "";
159 $this->search_outside_users();
161 $this->checks['outside_groups']['TITLE'] = _("Checking for groups outside the groups tree");
162 $this->checks['outside_groups']['STATUS'] = FALSE;
163 $this->checks['outside_groups']['STATUS_MSG']= "";
164 $this->checks['outside_groups']['ERROR_MSG'] = "";
165 $this->search_outside_groups();
166 $this->check_organizationalUnits();
168 $this->checks['outside_winstations']['TITLE'] = _("Checking for windows workstations outside the winstation tree");
169 $this->checks['outside_winstations']['STATUS'] = FALSE;
170 $this->checks['outside_winstations']['STATUS_MSG']= "";
171 $this->checks['outside_winstations']['ERROR_MSG'] = "";
172 $this->search_outside_winstations();
174 $this->checks['uidNumber_usage']['TITLE'] = _("Checking for duplicated UID numbers");
175 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
176 $this->checks['uidNumber_usage']['STATUS_MSG']= "";
177 $this->checks['uidNumber_usage']['ERROR_MSG'] = "";
178 $this->check_uidNumber();
180 $this->checks['gidNumber_usage']['TITLE'] = _("Checking for duplicate GID numbers");
181 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
182 $this->checks['gidNumber_usage']['STATUS_MSG']= "";
183 $this->checks['gidNumber_usage']['ERROR_MSG'] = "";
184 $this->check_gidNumber();
186 $this->checks['old_style_devices']['TITLE'] = _("Checking for old style USB devices");
187 $this->checks['old_style_devices']['STATUS'] = FALSE;
188 $this->checks['old_style_devices']['STATUS_MSG']= "";
189 $this->checks['old_style_devices']['ERROR_MSG'] = "";
190 $this->check_usb_devices();
192 $this->checks['old_style_services']['TITLE'] = _("Checking for old services that have to be migrated");
193 $this->checks['old_style_services']['STATUS'] = FALSE;
194 $this->checks['old_style_services']['STATUS_MSG']= "";
195 $this->checks['old_style_services']['ERROR_MSG'] = "";
196 $this->check_services();
198 $this->checks['old_style_menus']['TITLE'] = _("Checking for old style application menus");
199 $this->checks['old_style_menus']['STATUS'] = FALSE;
200 $this->checks['old_style_menus']['STATUS_MSG']= "";
201 $this->checks['old_style_menus']['ERROR_MSG'] = "";
202 $this->check_menus();
203 }
206 /* Check if there are uidNumbers which are used more than once.
207 */
208 function check_uidNumber()
209 {
210 /* Establish ldap connection */
211 $cv = $this->parent->captured_values;
212 $ldap_l = new LDAP($cv['admin'],
213 $cv['password'],
214 $cv['connection'],
215 FALSE,
216 $cv['tls']);
218 $ldap = new ldapMultiplexer($ldap_l);
220 $ldap->cd($cv['base']);
221 $res = $ldap->search("(&(objectClass=posixAccount)(uidNumber=*))",array("dn","uidNumber"));
222 if(!$res){
223 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
224 $this->checks['uidNumber_usage']['STATUS_MSG']= _("LDAP query failed");
225 $this->checks['uidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
226 return(false);
227 }
229 $this->check_uidNumbers= array();
230 $tmp = array();
231 while($attrs = $ldap->fetch()){
232 $tmp[$attrs['uidNumber'][0]][] = $attrs;
233 }
235 foreach($tmp as $id => $entries){
236 if(count($entries) > 1){
237 foreach($entries as $entry){
238 $this->check_uidNumbers[base64_encode($entry['dn'])] = $entry;
239 }
240 }
241 }
243 if($this->check_uidNumbers){
244 $this->checks['uidNumber_usage']['STATUS'] = FALSE;
245 $this->checks['uidNumber_usage']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
246 $this->checks['uidNumber_usage']['ERROR_MSG'] =
247 sprintf(_("Found %s duplicate values for attribute 'uidNumber'."),count($this->check_uidNumbers));
248 return(false);
249 }else{
250 $this->checks['uidNumber_usage']['STATUS'] = TRUE;
251 $this->checks['uidNumber_usage']['STATUS_MSG']= _("Ok");
252 $this->checks['uidNumber_usage']['ERROR_MSG'] = "";
253 return(TRUE);
254 }
255 }
258 /* Check if there are duplicated gidNumbers present in ldap
259 */
260 function check_gidNumber()
261 {
262 /* Establish ldap connection */
263 $cv = $this->parent->captured_values;
264 $ldap_l = new LDAP($cv['admin'],
265 $cv['password'],
266 $cv['connection'],
267 FALSE,
268 $cv['tls']);
270 $ldap = new ldapMultiplexer($ldap_l);
272 $ldap->cd($cv['base']);
273 $res = $ldap->search("(&(objectClass=posixGroup)(gidNumber=*))",array("dn","gidNumber"));
274 if(!$res){
275 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
276 $this->checks['gidNumber_usage']['STATUS_MSG']= _("LDAP query failed");
277 $this->checks['gidNumber_usage']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
278 return(false);
279 }
281 $this->check_gidNumbers= array();
282 $tmp = array();
283 while($attrs = $ldap->fetch()){
284 $tmp[$attrs['gidNumber'][0]][] = $attrs;
285 }
287 foreach($tmp as $id => $entries){
288 if(count($entries) > 1){
289 foreach($entries as $entry){
290 $this->check_gidNumbers[base64_encode($entry['dn'])] = $entry;
291 }
292 }
293 }
295 if($this->check_gidNumbers){
296 $this->checks['gidNumber_usage']['STATUS'] = FALSE;
297 $this->checks['gidNumber_usage']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
298 $this->checks['gidNumber_usage']['ERROR_MSG'] =
299 sprintf(_("Found %s duplicate values for attribute 'gidNumber'."),count($this->check_gidNumbers));
300 return(false);
301 }else{
302 $this->checks['gidNumber_usage']['STATUS'] = TRUE;
303 $this->checks['gidNumber_usage']['STATUS_MSG']= _("Ok");
304 $this->checks['gidNumber_usage']['ERROR_MSG'] = "";
305 return(TRUE);
306 }
307 }
310 /* Search for winstations outside the winstation ou
311 */
312 function search_outside_winstations()
313 {
314 /* Establish ldap connection */
315 $cv = $this->parent->captured_values;
316 $ldap_l = new LDAP($cv['admin'],
317 $cv['password'],
318 $cv['connection'],
319 FALSE,
320 $cv['tls']);
322 $ldap = new ldapMultiplexer($ldap_l);
324 /* Get winstation ou */
325 if($cv['generic_settings']['wws_ou_active']) {
326 $winstation_ou = $cv['generic_settings']['wws_ou'];
327 }else{
328 $winstation_ou = "ou=winstations";
329 }
331 if($cv['samba_version'] == 3){
332 $oc = "sambaSamAccount";
333 }else{
334 $oc = "sambaAccount";
335 }
337 $ldap->cd($cv['base']);
338 $res = $ldap->search("(&(objectClass=".$oc.")(uid=*$))",array("dn","sambaSID"));
339 if(!$res){
340 $this->checks['outside_winstations']['STATUS'] = FALSE;
341 $this->checks['outside_winstations']['STATUS_MSG']= _("LDAP query failed");
342 $this->checks['outside_winstations']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
343 return(false);
344 }
346 $this->outside_winstations = array();
347 while($attrs = $ldap->fetch()){
348 if((!preg_match("/^[^,]+,".normalizePreg($winstation_ou)."/",$attrs['dn'])) && !preg_match("/,dc=addressbook,/",$attrs['dn'])){
349 $attrs['selected'] = FALSE;
350 $attrs['ldif'] = "";
351 $this->outside_winstations[base64_encode($attrs['dn'])] = $attrs;
352 }
353 }
355 if(count($this->outside_winstations)){
356 $this->checks['outside_winstations']['STATUS'] = FALSE;
357 $this->checks['outside_winstations']['STATUS_MSG']= _("Failed");
358 $this->checks['outside_winstations']['ERROR_MSG'] =
359 sprintf(_("Found %s winstations outside the predefined winstation department ou '%s'."),count($this->outside_winstations),$winstation_ou);
360 $this->checks['outside_winstations']['ERROR_MSG'].= "<input type='submit' name='outside_winstations_dialog' value='"._("Migrate")."...'>";
361 return(false);
362 }else{
363 $this->checks['outside_winstations']['STATUS'] = TRUE;
364 $this->checks['outside_winstations']['STATUS_MSG']= _("Ok");
365 $this->checks['outside_winstations']['ERROR_MSG'] = "";
366 return(TRUE);
367 }
368 }
371 /* Search for groups outside the group ou
372 */
373 function search_outside_groups()
374 {
375 /* Establish ldap connection */
376 $cv = $this->parent->captured_values;
377 $ldap_l = new LDAP($cv['admin'],
378 $cv['password'],
379 $cv['connection'],
380 FALSE,
381 $cv['tls']);
383 $ldap = new ldapMultiplexer($ldap_l);
385 $group_ou = $cv['groupou'];
386 $ldap->cd($cv['base']);
388 /***********
389 * Get all gosaDepartments to be able to
390 * validate correct ldap tree position of every single user
391 ***********/
392 $valid_deps = array();
393 $valid_deps['/'] = $cv['base'];
394 $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn","ou"));
395 while($attrs = $ldap->fetch()){
396 $valid_deps[] = $attrs['dn'];
397 }
399 /***********
400 * Get all groups
401 ***********/
402 $res = $ldap->search("(objectClass=posixGroup)",array("dn"));
403 if(!$res){
404 $this->checks['outside_groups']['STATUS'] = FALSE;
405 $this->checks['outside_groups']['STATUS_MSG']= _("LDAP query failed");
406 $this->checks['outside_groups']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
407 return(false);
408 }
410 $this->outside_groups = array();
411 $this->groups_list = array();;
412 while($attrs = $ldap->fetch()){
413 $group_db_base = preg_replace("/^[^,]+,".normalizePreg($group_ou)."+,/i","",$attrs['dn']);
415 /* Check if entry is not an addressbook only user
416 * and verify that he is in a valid department
417 */
418 if( !preg_match("/".normalizePreg("dc=addressbook,")."/",$group_db_base) &&
419 !in_array($group_db_base,$valid_deps)
420 ){
421 $attrs['selected'] = FALSE;
422 $attrs['ldif'] = "";
423 $this->outside_groups[base64_encode($attrs['dn'])] = $attrs;
424 }
425 $this->group_list[] = $attrs['dn'];
426 }
428 if(count($this->outside_groups)){
429 $this->checks['outside_groups']['STATUS'] = FALSE;
430 $this->checks['outside_groups']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
431 $this->checks['outside_groups']['ERROR_MSG'] =
432 sprintf(_("Found %s groups outside the configured tree '%s'."),count($this->outside_groups),$group_ou);
433 $this->checks['outside_groups']['ERROR_MSG'].= " <input type='submit' name='outside_groups_dialog' value='"._("Move")."...'>";
434 return(false);
435 }else{
436 $this->checks['outside_groups']['STATUS'] = TRUE;
437 $this->checks['outside_groups']['STATUS_MSG']= _("Ok");
438 $this->checks['outside_groups']['ERROR_MSG'] = "";
439 return(TRUE);
440 }
441 }
443 /* Search for users outside the people ou
444 */
445 function search_outside_users()
446 {
447 /* Establish ldap connection */
448 $cv = $this->parent->captured_values;
449 $ldap_l = new LDAP($cv['admin'],
450 $cv['password'],
451 $cv['connection'],
452 FALSE,
453 $cv['tls']);
455 $ldap = new ldapMultiplexer($ldap_l);
456 $ldap->cd($cv['base']);
459 /***********
460 * Get all gosaDepartments to be able to
461 * validate correct ldap tree position of every single user
462 ***********/
463 $valid_deps = array();
464 $valid_deps['/'] = $cv['base'];
465 $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn","ou"));
466 while($attrs = $ldap->fetch()){
467 $valid_deps[] = $attrs['dn'];
468 }
470 /***********
471 * Search for all users
472 ***********/
473 $res = $ldap->search("(&(objectClass=gosaAccount)(!(uid=*$)))",array("dn"));
474 if(!$res){
475 $this->checks['outside_users']['STATUS'] = FALSE;
476 $this->checks['outside_users']['STATUS_MSG']= _("LDAP query failed");
477 $this->checks['outside_users']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
478 return(false);
479 }
481 /***********
482 * Check if returned users are within a valid GOsa deparmtment. (peopleou,gosaDepartment,base)
483 ***********/
484 $this->outside_users = array();
485 $people_ou = trim($cv['peopleou']);
486 if(!empty($people_ou)){
487 $people_ou = $people_ou.",";
488 }
490 while($attrs = $ldap->fetch()){
491 $people_db_base = preg_replace("/^[^,]+,".normalizePreg($people_ou)."/i","",$attrs['dn']);
493 /* Check if entry is not an addressbook only user
494 * and verify that he is in a valid department
495 */
496 if( !preg_match("/".normalizePreg("dc=addressbook,")."/",$people_db_base) &&
497 !in_array($people_db_base,$valid_deps)
498 ){
499 $attrs['selected'] = FALSE;
500 $attrs['ldif'] = "";
501 $this->outside_users[base64_encode($attrs['dn'])] = $attrs;
502 }
503 }
505 if(count($this->outside_users)){
506 $this->checks['outside_users']['STATUS'] = FALSE;
507 $this->checks['outside_users']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
508 $this->checks['outside_users']['ERROR_MSG'] =
509 sprintf(_("Found %s user(s) outside the configured tree '%s'."),count($this->outside_users),$people_ou);
510 $this->checks['outside_users']['ERROR_MSG'].= "<input type='submit' name='outside_users_dialog' value='"._("Move")."...'>";
511 return(false);
512 }else{
513 $this->checks['outside_users']['STATUS'] = TRUE;
514 $this->checks['outside_users']['STATUS_MSG']= _("Ok");
515 $this->checks['outside_users']['ERROR_MSG'] = "";
516 return(TRUE);
517 }
518 }
521 /* Check ldap accessibility
522 * Create and remove a dummy object,
523 * to ensure that we have the necessary permissions
524 */
525 function check_ldap_permissions()
526 {
527 /* Establish ldap connection */
528 $cv = $this->parent->captured_values;
529 $ldap_l = new LDAP($cv['admin'],
530 $cv['password'],
531 $cv['connection'],
532 FALSE,
533 $cv['tls']);
535 $ldap = new ldapMultiplexer($ldap_l);
537 /* Create dummy entry
538 */
539 $name = "GOsa_setup_text_entry_".session_id().rand(0,999999);
540 $dn = "ou=".$name.",".$cv['base'];
541 $testEntry= array();
542 $testEntry['objectClass'][]= "top";
543 $testEntry['objectClass'][]= "organizationalUnit";
544 $testEntry['objectClass'][]= "gosaDepartment";
545 $testEntry['description']= "Created by GOsa setup, this object can be removed.";
546 $testEntry['ou'] = $name;
548 /* check if simple ldap cat will be successful
549 */
550 $res = $ldap->cat($cv['base']);
551 if(!$res){
552 $this->checks['permissions']['STATUS'] = FALSE;
553 $this->checks['permissions']['STATUS_MSG']= _("LDAP query failed");
554 $this->checks['permissions']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
555 return(false);
556 }
558 /* Try to create dummy object
559 */
560 $ldap->cd ($dn);
561 $ldap->create_missing_trees($dn);
562 $res = $ldap->add($testEntry);
563 $ldap->cat($dn);
564 if(!$ldap->count()){
565 new log("view","setup/".get_class($this),$dn,array(),$ldap->get_error());
567 $this->checks['permissions']['STATUS'] = FALSE;
568 $this->checks['permissions']['STATUS_MSG']= _("Failed");
569 $this->checks['permissions']['ERROR_MSG'] =
570 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
571 return(false);
572 }
574 /* Try to remove created entry
575 */
576 $res = $ldap->rmDir($dn);
577 $ldap->cat($dn);
578 if($ldap->count()){
579 new log("view","setup/".get_class($this),$dn,array(),$ldap->get_error());
580 $this->checks['permissions']['STATUS'] = FALSE;
581 $this->checks['permissions']['STATUS_MSG']= _("Failed");
582 $this->checks['permissions']['ERROR_MSG'] =
583 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
584 return(false);
585 }
587 /* Create & remove of dummy object was successful */
588 $this->checks['permissions']['STATUS'] = TRUE;
589 $this->checks['permissions']['STATUS_MSG']= _("Ok");
590 $this->checks['permissions']['ERROR_MSG'] = "";
591 return(true);
592 }
595 /* Check if there are users which will
596 * be invisible for GOsa
597 */
598 function check_gosaAccounts()
599 {
600 /* Remember old list of ivisible users, to be able to set
601 * the 'html checked' status for the checkboxes again
602 */
603 $cnt_ok = 0;
604 $old = $this->users_to_migrate;
605 $this->users_to_migrate = array();
607 /* Establish ldap connection */
608 $cv = $this->parent->captured_values;
609 $ldap_l = new LDAP($cv['admin'],
610 $cv['password'],
611 $cv['connection'],
612 FALSE,
613 $cv['tls']);
615 $ldap = new ldapMultiplexer($ldap_l);
617 /* Get all invisible users
618 */
619 $ldap->cd($cv['base']);
620 $res =$ldap->search("(&(|(objectClass=posixAccount)(&(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))(!(objectClass=gosaAccount))(uid=*))",array("sn","givenName","cn","uid"));
621 while($attrs = $ldap->fetch()){
622 if(!preg_match("/,dc=addressbook,/",$attrs['dn'])){
623 $attrs['checked'] = FALSE;
624 $attrs['before'] = "";
625 $attrs['after'] = "";
627 /* Set objects to selected, that were selected before reload */
628 if(isset($old[base64_encode($attrs['dn'])])){
629 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
630 }
631 $this->users_to_migrate[base64_encode($attrs['dn'])] = $attrs;
632 }
633 }
635 /* No invisible */
636 if(!$res){
637 $this->checks['users_visible']['STATUS'] = FALSE;
638 $this->checks['users_visible']['STATUS_MSG']= _("LDAP query failed");
639 $this->checks['users_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
640 }elseif(count($this->users_to_migrate) == 0){
641 $this->checks['users_visible']['STATUS'] = TRUE;
642 $this->checks['users_visible']['STATUS_MSG']= _("Ok");
643 $this->checks['users_visible']['ERROR_MSG'] = "";
644 }else{
645 $this->checks['users_visible']['STATUS'] = FALSE;
646 $this->checks['users_visible']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
647 $this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s user(s) that will not be visible in GOsa."),
648 count($this->users_to_migrate));
649 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate' value='"._("Migrate")."...'>";
650 }
651 }
654 /* Start user account migration
655 */
656 function migrate_gosaAccounts($only_ldif = FALSE)
657 {
658 $this->show_details= $only_ldif;
660 /* Establish ldap connection */
661 $cv = $this->parent->captured_values;
662 $ldap_l = new LDAP($cv['admin'],
663 $cv['password'],
664 $cv['connection'],
665 FALSE,
666 $cv['tls']);
668 $ldap = new ldapMultiplexer($ldap_l);
670 /* Add gosaAccount objectClass to the selected users
671 */
672 foreach($this->users_to_migrate as $key => $dep){
673 if($dep['checked']){
675 /* Get old objectClasses */
676 $ldap->cat($dep['dn'],array("objectClass"));
677 $attrs = $ldap->fetch();
679 /* Create new objectClass array */
680 $new_attrs = array();
681 $new_attrs['objectClass']= array("gosaAccount","inetOrgPerson","organizationalPerson");
682 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
683 if(!in_array_ics($attrs['objectClass'][$i], $new_attrs['objectClass'])){
684 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
685 }
686 }
688 /* Set info attributes for current object,
689 * or write changes to the ldap database
690 */
691 if($only_ldif){
692 $this->users_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
693 $this->users_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
694 }else{
695 $ldap->cd($attrs['dn']);
696 if(!$ldap->modify($new_attrs)){
697 msg_dialog::display(_("Migration error"), sprintf(_("Cannot migrate department '%s':")."<br><br><i>%s</i>",LDAP::fix($attrs['dn']),$ldap->get_error()), ERROR_DIALOG);
698 return(false);
699 }
700 }
701 }
702 }
703 return(TRUE);
704 }
707 /* Check if there are invisible organizational Units
708 */
709 function check_organizationalUnits()
710 {
711 $cnt_ok = 0;
712 $old = $this->deps_to_migrate;
713 $this->deps_to_migrate = array();
715 /* Establish ldap connection */
716 $cv = $this->parent->captured_values;
717 $ldap_l = new LDAP($cv['admin'],
718 $cv['password'],
719 $cv['connection'],
720 FALSE,
721 $cv['tls']);
723 $ldap = new ldapMultiplexer($ldap_l);
725 /* Skip GOsa internal departments */
726 $skip_dns = array("/".$cv['peopleou']."/","/".$cv['groupou']."/","/^ou=people,/","/^ou=groups,/","/^ou=sudoers,/",
727 "/(,|)ou=configs,/","/(,|)ou=systems,/",
728 "/(,|)ou=apps,/","/(,|)ou=mime,/","/(,|)ou=devices/","/^ou=aclroles,/","/^ou=incoming,/",
729 "/ou=snapshots,/","/(,|)dc=addressbook,/","/^(,|)ou=machineaccounts,/",
730 "/(,|)ou=winstations,/");
732 /* Get all invisible departments */
733 $ldap->cd($cv['base']);
734 $res = $ldap->search("(&(objectClass=organizationalUnit)(!(objectClass=gosaDepartment)))",array("ou","description","dn"));
735 while($attrs = $ldap->fetch()){
736 $attrs['checked'] = FALSE;
737 $attrs['before'] = "";
738 $attrs['after'] = "";
740 /* Set objects to selected, that were selected before reload */
741 if(isset($old[base64_encode($attrs['dn'])])){
742 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
743 }
744 $this->deps_to_migrate[base64_encode($attrs['dn'])] = $attrs;
745 }
747 /* Filter returned list of departments and ensure that
748 * GOsa internal departments will not be listed
749 */
750 foreach($this->deps_to_migrate as $key => $attrs){
751 $dn = $attrs['dn'];
752 $skip = false;;
754 /* Check if this object is an application release object
755 e.g. groups-> application menus.
756 */
757 if(preg_match("/^.*,[ ]*cn=/",$dn)){
758 $cn_dn = preg_replace("/^.*,[ ]*cn=/","cn=",$dn);
759 if(in_array($cn_dn,$this->group_list)){
760 $skip = true;
761 }
762 }
764 foreach($skip_dns as $skip_dn){
765 if(preg_match($skip_dn,$dn)){
766 $skip = true;
767 }
768 }
769 if($skip){
770 unset($this->deps_to_migrate[$key]);
771 }
772 }
774 /* If we have no invisible departments found
775 * tell the user that everything is ok
776 */
777 if(!$res){
778 $this->checks['deps_visible']['STATUS'] = FALSE;
779 $this->checks['deps_visible']['STATUS_MSG']= _("LDAP query failed");
780 $this->checks['deps_visible']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
781 }elseif(count($this->deps_to_migrate) == 0 ){
782 $this->checks['deps_visible']['STATUS'] = TRUE;
783 $this->checks['deps_visible']['STATUS_MSG']= _("Ok");
784 $this->checks['deps_visible']['ERROR_MSG'] = "";
785 }else{
786 $this->checks['deps_visible']['STATUS'] = TRUE;
787 $this->checks['deps_visible']['STATUS_MSG']= '<font style="color:#FFA500">'._("Warning").'</font>';
788 $this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s department(s) that will not be visible in GOsa."),count($this->deps_to_migrate));
789 $this->checks['deps_visible']['ERROR_MSG'] .= " <input type='submit' name='deps_visible_migrate' value='"._("Migrate")."...'>";
790 }
791 }
795 /* Start deparmtment migration */
796 function migrate_organizationalUnits($only_ldif = FALSE)
797 {
798 $this->show_details= $only_ldif;
800 /* Establish ldap connection */
801 $cv = $this->parent->captured_values;
802 $ldap_l = new LDAP($cv['admin'],
803 $cv['password'],
804 $cv['connection'],
805 FALSE,
806 $cv['tls']);
808 $ldap = new ldapMultiplexer($ldap_l);
810 /* Add gosaDepartment objectClass to each selected entry
811 */
812 foreach($this->deps_to_migrate as $key => $dep){
813 if($dep['checked']){
815 /* Get current objectClasses */
816 $ldap->cat($dep['dn'],array("objectClass","description"));
817 $attrs = $ldap->fetch();
819 /* Create new objectClass attribute including gosaDepartment*/
820 $new_attrs = array();
821 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
822 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
823 }
824 $new_attrs['objectClass'][] = "gosaDepartment";
826 /* Append description it is missing */
827 if(!isset($attrs['description'])){
828 $new_attrs['description'][] = "GOsa department";
829 }
831 /* Depending on the parameter >only_diff< we save the changes as ldif
832 * or we write our changes directly to the ldap database
833 */
834 if($only_ldif){
835 $this->deps_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
836 $this->deps_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
837 }else{
838 $ldap->cd($attrs['dn']);
839 if(!$ldap->modify($new_attrs)){
840 msg_dialog::display(_("Migration error"), sprintf(_("Cannot migrate department '%s':")."<br><br><i>%s</i>",LDAP::fix($attrs['dn']), $ldap->get_error()), ERROR_DIALOG);
841 return(false);
842 }
843 }
844 }
845 }
846 return(TRUE);
847 }
850 /* Check Acls if there is at least one object with acls defined
851 */
852 function check_administrativeAccount()
853 {
854 /* Establish ldap connection */
855 $cv = $this->parent->captured_values;
856 $ldap_l = new LDAP($cv['admin'],
857 $cv['password'],
858 $cv['connection'],
859 FALSE,
860 $cv['tls']);
862 $ldap = new ldapMultiplexer($ldap_l);
863 $ldap->cd($cv['base']);
864 $res = $ldap->cat($cv['base']);
866 if(!$res){
867 $this->checks['acls']['STATUS'] = FALSE;
868 $this->checks['acls']['STATUS_MSG']= _("LDAP query failed");
869 $this->checks['acls']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
870 }else{
871 $found = false;
872 $username = "";
873 $attrs = $ldap->fetch();
874 if(isset($attrs['gosaAclEntry'])){
875 $acls = $attrs['gosaAclEntry'];
876 for($i = 0 ; $i < $acls['count'] ; $i++){
877 $acl = $acls[$i];
878 $tmp = split(":",$acl);
879 if($tmp[1] == "psub"){
880 $members = split(",",$tmp[2]);
881 foreach($members as $member){
882 $member = base64_decode($member);
884 /* Check if acl owner is a valid GOsa user account */
885 $ldap->cat($member,array("objectClass","uid","cn"));
886 $ret = $ldap->fetch();
888 if(isset($ret['objectClass']) && in_array("posixGroup",$ret['objectClass'])){
889 $found = TRUE;
890 $username .= "ACL-Group: ".$ret['cn'][0]."<br>";
891 }elseif(isset($ret['objectClass']) && in_array("gosaAccount",$ret['objectClass']) &&
892 in_array("organizationalPerson",$ret['objectClass']) &&
893 in_array("inetOrgPerson",$ret['objectClass'])){
894 $found = TRUE;
895 $username .= "ACL: ".$ret['uid'][0]."<br>";
896 }
897 }
898 }elseif($tmp[1] == "role"){
900 /* Check if acl owner is a valid GOsa user account */
901 $ldap->cat(base64_decode($tmp[2]),array("gosaAclTemplate"));
902 $ret = $ldap->fetch();
904 if(isset($ret['gosaAclTemplate'])){
905 $cnt = $ret['gosaAclTemplate']['count'];
906 for($e = 0 ; $e < $cnt ; $e++){
908 $a_str = $ret['gosaAclTemplate'][$e];
909 if(preg_match("/^[0-9]*:psub:/",$a_str) && preg_match("/:all;cmdrw$/",$a_str)){
911 $members = split(",",$tmp[3]);
912 foreach($members as $member){
913 $member = base64_decode($member);
915 /* Check if acl owner is a valid GOsa user account */
916 $ldap->cat($member,array("objectClass","uid"));
917 $ret = $ldap->fetch();
919 if(isset($ret['objectClass']) && in_array("gosaAccount",$ret['objectClass']) &&
920 in_array("organizationalPerson",$ret['objectClass']) &&
921 in_array("inetOrgPerson",$ret['objectClass'])){
922 $found = TRUE;
923 $username .= "ACL Role: ".$ret['uid'][0]."<br>";
924 }
925 }
926 }
927 }
928 }
929 }
930 }
931 }
933 # For debugging
934 #echo $username;
936 if($found){
937 $this->checks['acls']['STATUS'] = TRUE;
938 $this->checks['acls']['STATUS_MSG']= _("Ok");
939 $this->checks['acls']['ERROR_MSG'] = "";
940 }else{
941 $this->checks['acls']['STATUS'] = FALSE;
942 $this->checks['acls']['STATUS_MSG']= _("Failed");
943 $this->checks['acls']['ERROR_MSG']= _("There is no GOsa administrator account inside your LDAP.")." ";
944 $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create")."'>";
945 }
946 }
947 return($ldap->count()>=1);
948 }
952 function create_admin($only_ldif = FALSE)
953 {
954 /* Reset '' */
955 $this->acl_create_changes="";
957 /* Object that should receive admin acls */
958 $dn = $this->acl_create_selected;
960 /* Get collected configuration settings */
961 $cv = $this->parent->captured_values;
963 /* On first call check for rid/sid base */
964 $ldap_l = new LDAP($cv['admin'],
965 $cv['password'],
966 $cv['connection'],
967 FALSE,
968 $cv['tls']);
970 $ldap = new ldapMultiplexer($ldap_l);
972 /* Get current base attributes */
973 $ldap->cd($cv['base']);
974 $ldap->cat($cv['base'],array("dn","objectClass","gosaAclEntry"));
975 $attrs = $ldap->fetch();
977 /* Add acls for the selcted user to the base */
978 $attrs_new = array();
979 $attrs_new['objectClass'] = array("gosaACL");
981 for($i = 0; $i < $attrs['objectClass']['count']; $i ++){
982 if(!in_array_ics($attrs['objectClass'][$i],$attrs_new['objectClass'])){
983 $attrs_new['objectClass'][] = $attrs['objectClass'][$i];
984 }
985 }
987 $acl = "0:psub:".base64_encode($dn).":all;cmdrw";
988 $attrs_new['gosaAclEntry'][] = $acl;
989 if(isset($attrs['gosaAclEntry'])){
990 for($i = 0 ; $i < $attrs['gosaAclEntry']['count']; $i ++){
992 $prio = preg_replace("/[:].*$/","",$attrs['gosaAclEntry'][$i]);
993 $rest = preg_replace("/^[^:]/","",$attrs['gosaAclEntry'][$i]);
995 $data = ($prio+1).$rest;
996 $attrs_new['gosaAclEntry'][] = $data;
997 }
998 }
1000 if($only_ldif){
1001 $this->acl_create_changes ="\n".($ldap->fix($cv['base']))."\n";
1002 $this->acl_create_changes.=$this->array_to_ldif($attrs)."\n";
1003 $this->acl_create_changes.="\n".($ldap->fix($cv['base']))."\n";
1004 $this->acl_create_changes.=$this->array_to_ldif($attrs_new);
1005 }else{
1007 $ldap->cd($cv['base']);
1008 if(!$ldap->modify($attrs_new)){
1009 msg_dialog::display(_("Migration error"), sprintf(_("Cannot add ACL for user '%s':")."<br><br><i>%s</i>", LDAP::fix($dn), $ldap->get_error()), ERROR_DIALOG);
1010 return(FALSE);
1011 }else{
1012 return(TRUE);
1013 }
1014 }
1015 }
1018 function create_admin_user()
1019 {
1020 $pw1 = $pw2 = "";
1021 $uid = "";
1023 /* On first call check for rid/sid base */
1024 $cv = $this->parent->captured_values;
1025 $ldap_l = new LDAP($cv['admin'],
1026 $cv['password'],
1027 $cv['connection'],
1028 FALSE,
1029 $cv['tls']);
1031 $ldap = new ldapMultiplexer($ldap_l);
1033 if(isset($_POST['new_user_uid'])){
1034 $uid = $_POST['new_user_uid'];
1035 }
1036 if(isset($_POST['new_user_password'])){
1037 $pw1 = $_POST['new_user_password'];
1038 }
1039 if(isset($_POST['new_user_password2'])){
1040 $pw2 = $_POST['new_user_password2'];
1041 }
1044 $ldap->cd($cv['base']);
1045 $ldap->search("(uid=".$uid.")");
1046 if($ldap->count()){
1047 msg_dialog::display(_("Input error"),msgPool::duplicated(_("Uid")), ERROR_DIALOG);
1048 return false;
1049 }
1051 if(empty($pw1) || empty($pw2) | ($pw1 != $pw2)){
1052 msg_dialog::display(_("Password error"), _("Provided passwords do not match!"), ERROR_DIALOG);
1053 return false;
1054 }
1056 if(!tests::is_uid($uid) || empty($uid)){
1057 msg_dialog::display(_("Input error"), _("Specify a valid user ID!"), ERROR_DIALOG);
1058 return false;
1059 }
1062 /* Get current base attributes */
1063 $ldap->cd($cv['base']);
1065 $people_ou = trim($cv['peopleou']);
1066 if(!empty($people_ou)){
1067 $people_ou = trim($people_ou).",";
1068 }
1070 if($cv['peopledn'] == "cn"){
1071 $dn = "cn=System Administrator-".$uid.",".$people_ou.$cv['base'];
1072 }else{
1073 $dn = "uid=".$uid.",".$people_ou.$cv['base'];
1074 }
1076 $hash = passwordMethod::make_hash($pw2, $cv['encryption']);
1078 $new_user=array();
1079 $new_user['objectClass']= array("top","person","gosaAccount","organizationalPerson","inetOrgPerson");
1080 $new_user['givenName'] = "System";
1081 $new_user['sn'] = "Administrator";
1082 $new_user['cn'] = "System Administrator-".$uid;
1083 $new_user['uid'] = $uid;
1084 $new_user['userPassword'] = $hash;
1086 $ldap->cd($cv['base']);
1088 $ldap->cat($dn,array("dn"));
1089 if($ldap->count()){
1090 msg_dialog::display(_("Error"), sprintf(_("Adding an administrative user failed: object '%s' already exists!"), LDAP::fix($dn)), ERROR_DIALOG);
1091 return(FALSE);
1092 }
1094 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$dn));
1095 $ldap->cd($dn);
1096 $res = $ldap->add($new_user);
1097 $this->acl_create_selected = $dn;
1098 $this->create_admin();
1100 if(!$res){
1101 msg_dialog::display(_("LDAP error"), $ldap->get_error(), ERROR_DIALOG);
1102 return(FALSE);
1103 }
1105 $this->acl_create_dialog=FALSE;
1106 $this->check_administrativeAccount();
1107 return(TRUE);
1108 }
1111 function migrate_outside_winstations($perform = FALSE)
1112 {
1113 /* Establish ldap connection */
1114 $cv = $this->parent->captured_values;
1115 $ldap_l = new LDAP($cv['admin'],
1116 $cv['password'],
1117 $cv['connection'],
1118 FALSE,
1119 $cv['tls']);
1121 $ldap = new ldapMultiplexer($ldap_l);
1123 $ldap->cd($cv['base']);
1125 /* Check if there was a destination department posted */
1126 if(isset($_POST['move_winstation_to'])){
1127 $destination_dep = $_POST['move_winstation_to'];
1128 }else{
1129 msg_dialog::display(_("LDAP error"), _("Cannot move users to the requested department!"), ERROR_DIALOG);
1130 return(false);
1131 }
1133 foreach($this->outside_winstations as $b_dn => $data){
1134 $this->outside_winstations[$b_dn]['ldif'] ="";
1135 if($data['selected']){
1136 $dn = base64_decode($b_dn);
1137 $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
1138 if(!$perform){
1139 $this->outside_winstations[$b_dn]['ldif'] = _("Winstation will be moved from").":<br>\t".($ldap->fix($dn))."<br>"._("to").":<br>\t".($ldap->fix($d_dn));
1142 /* Check if there are references to this object */
1143 $ldap->search("(&(member=".LDAP::prepare4filter($dn).")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
1144 $refs = "";
1145 while($attrs = $ldap->fetch()){
1146 $ref_dn = $attrs['dn'];
1147 $refs .= "<br />\t".$ref_dn;
1148 }
1149 if(!empty($refs)){
1150 $this->outside_winstations[$b_dn]['ldif'] .= "<br /><br /><i>"._("Updating following references too").":</i>".$refs;
1151 }
1153 }else{
1154 $this->move($dn,$d_dn);
1155 }
1156 }
1157 }
1158 }
1161 function migrate_outside_groups($perform = FALSE)
1162 {
1163 /* Establish ldap connection */
1164 $cv = $this->parent->captured_values;
1165 $ldap_l = new LDAP($cv['admin'],
1166 $cv['password'],
1167 $cv['connection'],
1168 FALSE,
1169 $cv['tls']);
1171 $ldap = new ldapMultiplexer($ldap_l);
1172 $ldap->cd($cv['base']);
1174 /* Check if there was a destination department posted */
1175 if(isset($_POST['move_group_to'])){
1176 $destination_dep = $_POST['move_group_to'];
1177 }else{
1178 msg_dialog::display(_("LDAP error"), _("Cannot move users to the requested department!"), ERROR_DIALOG);
1179 return(false);
1180 }
1182 foreach($this->outside_groups as $b_dn => $data){
1183 $this->outside_groups[$b_dn]['ldif'] ="";
1184 if($data['selected']){
1185 $dn = base64_decode($b_dn);
1186 $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
1187 if(!$perform){
1189 $this->outside_groups[$b_dn]['ldif'] = _("Group will be moved from").":<br>\t".($ldap->fix($dn))."<br>"._("to").":<br>\t".($ldap->fix($d_dn));
1191 /* Check if there are references to this object */
1192 $ldap->search("(&(member=".LDAP::prepare4filter($dn).")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
1193 $refs = "";
1194 while($attrs = $ldap->fetch()){
1195 $ref_dn = $attrs['dn'];
1196 $refs .= "<br />\t".$ref_dn;
1197 }
1198 if(!empty($refs)){
1199 $this->outside_groups[$b_dn]['ldif'] .= "<br /><br /><i>"._("Updating following references too").":</i>".$refs;
1200 }
1202 }else{
1203 $this->move($dn,$d_dn);
1204 }
1205 }
1206 }
1207 }
1210 function migrate_outside_users($perform = FALSE)
1211 {
1212 /* Establish ldap connection */
1213 $cv = $this->parent->captured_values;
1214 $ldap_l = new LDAP($cv['admin'],
1215 $cv['password'],
1216 $cv['connection'],
1217 FALSE,
1218 $cv['tls']);
1220 $ldap = new ldapMultiplexer($ldap_l);
1221 $ldap->cd($cv['base']);
1223 /* Check if there was a destination department posted */
1224 if(isset($_POST['move_user_to'])){
1225 $destination_dep = $_POST['move_user_to'];
1226 }else{
1227 msg_dialog::display(_("LDAP error"), _("Cannot move users to the requested department!"), ERROR_DIALOG);
1228 return(false);
1229 }
1231 foreach($this->outside_users as $b_dn => $data){
1232 $this->outside_users[$b_dn]['ldif'] ="";
1233 if($data['selected']){
1234 $dn = base64_decode($b_dn);
1235 $d_dn = preg_replace("/,.*$/",",".base64_decode($destination_dep),$dn);
1236 if(!$perform){
1237 $this->outside_users[$b_dn]['ldif'] = _("User will be moved from").":<br>\t".($ldap->fix($dn))."<br>"._("to").":<br>\t".($ldap->fix($d_dn));
1239 /* Check if there are references to this object */
1240 $ldap->search("(&(member=".LDAP::prepare4filter($dn).")(|(objectClass=gosaGroupOfNames)(objectClass=groupOfNames)))",array('dn'));
1241 $refs = "";
1242 while($attrs = $ldap->fetch()){
1243 $ref_dn = $attrs['dn'];
1244 $refs .= "<br />\t".$ref_dn;
1245 }
1246 if(!empty($refs)){
1247 $this->outside_users[$b_dn]['ldif'] .= "<br /><br /><i>"._("The following references will be updated").":</i>".$refs;
1248 }
1250 }else{
1251 $this->move($dn,$d_dn);
1252 }
1253 }
1254 }
1255 }
1258 function execute()
1259 {
1260 /* Initialise checks if this is the first call */
1261 if(!$this->checks_initialised || isset($_POST['reload'])){
1262 $this->initialize_checks();
1263 $this->checks_initialised = TRUE;
1264 }
1266 /*************
1267 * Winstations outside the group ou
1268 *************/
1270 if(isset($_POST['outside_winstations_dialog_cancel'])){
1271 $this->outside_winstations_dialog = FALSE;
1272 $this->dialog = FALSE;
1273 $this->show_details = FALSE;
1274 }
1276 if(isset($_POST['outside_winstations_dialog_whats_done'])){
1277 $this->migrate_outside_winstations(FALSE);
1278 }
1280 if(isset($_POST['outside_winstations_dialog_perform'])){
1281 $this->migrate_outside_winstations(TRUE);
1282 $this->search_outside_winstations();
1283 $this->dialog = FALSE;
1284 $this->show_details = FALSE;
1285 $this->outside_winstations_dialog = FALSE;
1286 }
1288 if(isset($_POST['outside_winstations_dialog'])){
1289 $this->outside_winstations_dialog = TRUE;
1290 $this->dialog = TRUE;
1291 }
1293 if($this->outside_winstations_dialog){
1295 /* Fix displayed dn syntax */
1296 $tmp = $this->outside_winstations;
1297 foreach($tmp as $key => $data){
1298 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1299 }
1301 $smarty = get_smarty();
1302 $smarty->assign("ous",$this->get_all_winstation_ous());
1303 $smarty->assign("method","outside_winstations");
1304 $smarty->assign("outside_winstations",$tmp);
1305 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1306 }
1307 /*************
1308 * Groups outside the group ou
1309 *************/
1311 if(isset($_POST['outside_groups_dialog_cancel'])){
1312 $this->outside_groups_dialog = FALSE;
1313 $this->show_details = FALSE;
1314 $this->dialog = FALSE;
1315 }
1317 if(isset($_POST['outside_groups_dialog_whats_done'])){
1318 $this->show_details= TRUE;
1319 $this->migrate_outside_groups(FALSE);
1320 }
1322 if(isset($_POST['outside_groups_dialog_refresh'])){
1323 $this->show_details= FALSE;
1324 }
1326 if(isset($_POST['outside_groups_dialog_perform'])){
1327 $this->migrate_outside_groups(TRUE);
1328 $this->dialog = FALSE;
1329 $this->show_details = FALSE;
1330 $this->outside_groups_dialog = FALSE;
1331 $this->initialize_checks();
1332 }
1334 if(isset($_POST['outside_groups_dialog'])){
1335 $this->outside_groups_dialog = TRUE;
1336 $this->dialog = TRUE;
1337 }
1339 if($this->outside_groups_dialog){
1341 /* Fix displayed dn syntax */
1342 $tmp = $this->outside_groups;
1343 foreach($tmp as $key => $data){
1344 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1345 }
1347 $smarty = get_smarty();
1348 $smarty->assign("ous",$this->get_all_group_ous());
1349 $smarty->assign("method","outside_groups");
1350 $smarty->assign("outside_groups",$tmp);
1351 $smarty->assign("group_details", $this->show_details);
1352 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1353 }
1355 /*************
1356 * User outside the people ou
1357 *************/
1359 if(isset($_POST['outside_users_dialog_cancel'])){
1360 $this->outside_users_dialog = FALSE;
1361 $this->dialog = FALSE;
1362 $this->show_details = FALSE;
1363 }
1365 if(isset($_POST['outside_users_dialog_whats_done'])){
1366 $this->show_details= TRUE;
1367 $this->migrate_outside_users(FALSE);
1368 }
1370 if(isset($_POST['outside_users_dialog_perform'])){
1371 $this->migrate_outside_users(TRUE);
1372 $this->initialize_checks();
1373 $this->dialog = FALSE;
1374 $this->show_details = FALSE;
1375 $this->outside_users_dialog = FALSE;
1376 }
1378 if (isset($_POST['outside_users_dialog_refresh'])){
1379 $this->show_details= FALSE;
1380 }
1382 if(isset($_POST['outside_users_dialog'])){
1383 $this->outside_users_dialog = TRUE;
1384 $this->dialog = TRUE;
1385 }
1387 if($this->outside_users_dialog){
1389 /* Fix displayed dn syntax */
1390 $tmp = $this->outside_users;
1391 foreach($tmp as $key => $data){
1392 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1393 }
1395 $smarty = get_smarty();
1396 $smarty->assign("ous",$this->get_all_people_ous());
1397 $smarty->assign("method","outside_users");
1398 $smarty->assign("outside_users",$tmp);
1399 $smarty->assign("user_details", $this->show_details);
1400 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1401 }
1403 /*************
1404 * Root object check
1405 *************/
1407 if(isset($_POST['retry_root_create'])){
1409 $state = $this->checks['root']['STATUS'];
1410 $this->checkBase(FALSE);
1411 if($state != $this->checks['root']['STATUS']){
1412 $this->initialize_checks();
1413 }
1414 }
1416 /*************
1417 * User Migration handling
1418 *************/
1420 if(isset($_POST['retry_acls'])){
1421 $this->check_administrativeAccount();
1422 }
1424 if(isset($_POST['create_acls'])){
1425 $this->acl_create_dialog = TRUE;
1426 $this->dialog = TRUE;
1427 }
1429 if(isset($_POST['create_acls_cancel'])){
1430 $this->acl_create_dialog = FALSE;
1431 $this->dialog = FALSE;
1432 $this->show_details = FALSE;
1433 }
1435 # if(isset($_POST['create_acls_create_confirmed'])){
1436 # if($this->create_admin()){
1437 # $this->acl_create_dialog = FALSE;
1438 # $this->dialog = FALSE;
1439 # $this->show_details = FALSE;
1440 # $this->initialize_checks();
1441 # }
1442 # }
1444 if(isset($_POST['create_acls_create'])){
1445 $this->create_admin(TRUE);
1446 }
1448 if(isset($_POST['create_admin_user'])){
1449 if($this->create_admin_user()){
1450 $this->dialog = FALSE;
1451 $this->show_details = FALSE;
1452 }
1453 }
1455 if($this->acl_create_dialog){
1456 $smarty = get_smarty();
1458 $uid = "admin";
1459 if(isset($_POST['new_user_uid'])){
1460 $uid = $_POST['new_user_uid'];
1461 }
1463 $smarty->assign("new_user_uid",$uid);
1464 $smarty->assign("new_user_password",@$_POST['new_user_password']);
1465 $smarty->assign("new_user_password2",@$_POST['new_user_password2']);
1466 $smarty->assign("method","create_acls");
1467 $smarty->assign("acl_create_selected",$this->acl_create_selected);
1468 $smarty->assign("what_will_be_done_now",$this->acl_create_changes);
1469 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1470 }
1472 /*************
1473 * User Migration handling
1474 *************/
1476 /* Refresh list of deparments */
1477 if(isset($_POST['users_visible_migrate_refresh'])){
1478 $this->check_gosaAccounts();
1479 }
1481 /* Open migration dialog */
1482 if(isset($_POST['users_visible_migrate'])){
1483 $this->show_details= FALSE;
1484 $this->users_migration_dialog = TRUE;
1485 $this->dialog =TRUE;
1486 }
1488 /* Close migration dialog */
1489 if(isset($_POST['users_visible_migrate_close'])){
1490 $this->users_migration_dialog = FALSE;
1491 $this->dialog =FALSE;
1492 $this->show_details = FALSE;
1493 }
1495 /* Start migration */
1496 if(isset($_POST['users_visible_migrate_migrate'])){
1497 if($this->migrate_gosaAccounts()){
1498 $this->initialize_checks();
1499 $this->dialog = FALSE;
1500 $this->show_details = FALSE;
1501 $this->users_migration_dialog = FALSE;
1502 }
1503 }
1505 /* Start migration */
1506 if(isset($_POST['users_visible_migrate_whatsdone'])){
1507 $this->migrate_gosaAccounts(TRUE);
1508 }
1510 /* Display migration dialog */
1511 if($this->users_migration_dialog){
1513 /* Fix displayed dn syntax */
1514 $tmp = $this->users_to_migrate;
1515 foreach($tmp as $key => $data){
1516 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1517 }
1519 $smarty = get_smarty();
1520 $smarty->assign("users_to_migrate",$tmp);
1521 $smarty->assign("method","migrate_users");
1522 $smarty->assign("user_details", $this->show_details);
1523 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1524 }
1527 /*************
1528 * Department Migration handling
1529 *************/
1531 /* Refresh list of deparments */
1532 if(isset($_POST['deps_visible_migrate_refresh'])){
1533 $this->check_organizationalUnits();
1534 $this->show_details= FALSE;
1535 }
1537 /* Open migration dialog */
1538 if(isset($_POST['deps_visible_migrate'])){
1539 $this->dep_migration_dialog = TRUE;
1540 $this->dialog =TRUE;
1541 }
1543 /* Close migration dialog */
1544 if(isset($_POST['deps_visible_migrate_close'])){
1545 $this->dep_migration_dialog = FALSE;
1546 $this->dialog =FALSE;
1547 $this->show_details = FALSE;
1548 }
1550 /* Start migration */
1551 if(isset($_POST['deps_visible_migrate_migrate'])){
1552 if($this->migrate_organizationalUnits()){
1553 $this->show_details= FALSE;
1554 $this->check_organizationalUnits();
1555 $this->dialog = FALSE;
1556 $this->dep_migration_dialog = FALSE;
1557 }
1558 }
1560 /* Start migration */
1561 if(isset($_POST['deps_visible_migrate_whatsdone'])){
1562 $this->migrate_organizationalUnits(TRUE);
1563 }
1565 /* Display migration dialog */
1566 if($this->dep_migration_dialog){
1567 $smarty = get_smarty();
1569 /* Fix displayed dn syntax */
1570 $tmp = $this->deps_to_migrate;
1571 foreach($tmp as $key => $data){
1572 $tmp[$key]['dn'] = @LDAP::fix($data['dn']);
1573 }
1575 $smarty->assign("deps_to_migrate",$tmp);
1576 $smarty->assign("method","migrate_deps");
1577 $smarty->assign("deps_details", $this->show_details);
1578 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1579 }
1582 /*************
1583 * Device migration
1584 *************/
1586 if($this->device_dialog) {
1587 $this->check_device_posts();
1588 }
1590 if(isset($_POST['device_dialog_cancel'])){
1591 $this->device_dialog = FALSE;
1592 $this->show_details = FALSE;
1593 $this->dialog = FALSE;
1594 }
1596 if(isset($_POST['device_dialog_whats_done'])){
1597 $this->show_details= TRUE;
1598 }
1600 if(isset($_POST['device_dialog_refresh'])){
1601 $this->show_details= FALSE;
1602 }
1604 if(isset($_POST['migrate_devices'])){
1605 $this->migrate_usb_devices();
1606 # $this->dialog = FALSE;
1607 # $this->show_details = FALSE;
1608 # $this->device_dialog = FALSE;
1609 # $this->initialize_checks();
1610 }
1612 if(isset($_POST['device_dialog'])){
1613 $this->device_dialog = TRUE;
1614 $this->dialog = TRUE;
1615 }
1617 if($this->device_dialog){
1618 $smarty = get_smarty();
1619 $smarty->assign("method","devices");
1620 $smarty->assign("devices",$this->device);
1621 $smarty->assign("device_details", $this->show_details);
1622 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1623 }
1626 /*************
1627 * Service migration
1628 *************/
1630 if($this->service_dialog) {
1631 $this->check_service_posts();
1632 }
1634 if(isset($_POST['service_dialog_cancel'])){
1635 $this->service_dialog = FALSE;
1636 $this->show_details = FALSE;
1637 $this->dialog = FALSE;
1638 }
1640 if(isset($_POST['service_dialog_whats_done'])){
1641 $this->show_details= TRUE;
1642 }
1644 if(isset($_POST['service_dialog_refresh'])){
1645 $this->show_details= FALSE;
1646 }
1648 if(isset($_POST['migrate_services'])){
1649 $this->migrate_services();
1650 # $this->dialog = FALSE;
1651 # $this->show_details = FALSE;
1652 # $this->service_dialog = FALSE;
1653 # $this->initialize_checks();
1654 }
1656 if(isset($_POST['service_dialog'])){
1657 $this->service_dialog = TRUE;
1658 $this->dialog = TRUE;
1659 }
1661 if($this->service_dialog){
1662 $smarty = get_smarty();
1663 $smarty->assign("method","services");
1664 $smarty->assign("services",$this->service);
1665 $smarty->assign("service_details", $this->show_details);
1666 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1667 }
1670 /*************
1671 * Menu migration
1672 *************/
1674 if($this->menu_dialog) {
1675 $this->check_menu_posts();
1676 }
1678 if(isset($_POST['menu_dialog_cancel'])){
1679 $this->menu_dialog = FALSE;
1680 $this->show_details = FALSE;
1681 $this->dialog = FALSE;
1682 }
1684 if(isset($_POST['menu_dialog_whats_done'])){
1685 $this->show_details= TRUE;
1686 }
1688 if(isset($_POST['menu_dialog_refresh'])){
1689 $this->show_details= FALSE;
1690 }
1692 if(isset($_POST['migrate_menus'])){
1693 $this->migrate_menus();
1694 # $this->dialog = FALSE;
1695 # $this->show_details = FALSE;
1696 # $this->menu_dialog = FALSE;
1697 # $this->initialize_checks();
1698 }
1700 if(isset($_POST['menu_dialog'])){
1701 $this->menu_dialog = TRUE;
1702 $this->dialog = TRUE;
1703 }
1705 if($this->menu_dialog){
1706 $smarty = get_smarty();
1707 $smarty->assign("method","menus");
1708 $smarty->assign("menus",$this->menu);
1709 $smarty->assign("menu_details", $this->show_details);
1710 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1711 }
1713 $smarty = get_smarty();
1714 $smarty->assign("checks",$this->checks);
1715 $smarty->assign("method","default");
1716 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
1717 }
1720 function save_object()
1721 {
1722 $this->is_completed= TRUE;
1724 /* Capture all selected winstations from outside_winstations_dialog */
1725 if($this->outside_winstations_dialog){
1726 foreach($this->outside_winstations as $dn => $data){
1727 if(isset($_POST['select_winstation_'.$dn])){
1728 $this->outside_winstations[$dn]['selected'] = TRUE;
1729 }else{
1730 $this->outside_winstations[$dn]['selected'] = FALSE;
1731 }
1732 }
1733 }
1735 /* Capture all selected groups from outside_groups_dialog */
1736 if($this->outside_groups_dialog){
1737 foreach($this->outside_groups as $dn => $data){
1738 if(isset($_POST['select_group_'.$dn])){
1739 $this->outside_groups[$dn]['selected'] = TRUE;
1740 }else{
1741 $this->outside_groups[$dn]['selected'] = FALSE;
1742 }
1743 }
1744 }
1746 /* Capture all selected users from outside_users_dialog */
1747 if($this->outside_users_dialog){
1748 foreach($this->outside_users as $dn => $data){
1749 if(isset($_POST['select_user_'.$dn])){
1750 $this->outside_users[$dn]['selected'] = TRUE;
1751 }else{
1752 $this->outside_users[$dn]['selected'] = FALSE;
1753 }
1754 }
1755 }
1757 /* Get "create acl" dialog posts */
1758 if($this->acl_create_dialog){
1760 if(isset($_POST['create_acls_create_abort'])){
1761 $this->acl_create_selected = "";
1762 }
1763 }
1765 /* Get selected departments */
1766 if($this->dep_migration_dialog){
1767 foreach($this->deps_to_migrate as $id => $data){
1768 if(isset($_POST['migrate_'.$id])){
1769 $this->deps_to_migrate[$id]['checked'] = TRUE;
1770 }else{
1771 $this->deps_to_migrate[$id]['checked'] = FALSE;
1772 }
1773 }
1774 }
1776 /* Get selected users */
1777 if($this->users_migration_dialog){
1778 foreach($this->users_to_migrate as $id => $data){
1779 if(isset($_POST['migrate_'.$id])){
1780 $this->users_to_migrate[$id]['checked'] = TRUE;
1781 }else{
1782 $this->users_to_migrate[$id]['checked'] = FALSE;
1783 }
1784 }
1785 }
1786 }
1789 /* Check if the root object exists.
1790 * If the parameter just_check is true, then just check if the
1791 * root object is missing and update the info messages.
1792 * If the Parameter is false, try to create a new root object.
1793 */
1794 function checkBase($just_check = TRUE)
1795 {
1796 /* Establish ldap connection */
1797 $cv = $this->parent->captured_values;
1798 $ldap_l = new LDAP($cv['admin'],
1799 $cv['password'],
1800 $cv['connection'],
1801 FALSE,
1802 $cv['tls']);
1804 $ldap = new ldapMultiplexer($ldap_l);
1806 /* Check if root object exists */
1807 $ldap->cd($cv['base']);
1808 $ldap->set_size_limit(1);
1809 $res = $ldap->search("(objectClass=*)");
1810 $ldap->set_size_limit(0);
1811 $err = ldap_errno($ldap->cid);
1813 if( !$res ||
1814 $err == 0x20 || # LDAP_NO_SUCH_OBJECT
1815 $err == 0x40) { # LDAP_NAMING_VIOLATION
1817 /* Root object doesn't exists
1818 */
1819 if($just_check){
1820 $this->checks['root']['STATUS'] = FALSE;
1821 $this->checks['root']['STATUS_MSG']= _("Failed");
1822 $this->checks['root']['ERROR_MSG'] = _("The LDAP root object is missing. It is required to use your LDAP service.").' ';
1823 $this->checks['root']['ERROR_MSG'].= "<input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
1824 return(FALSE);
1825 }else{
1827 /* Add root object */
1828 $ldap->cd($cv['base']);
1829 $res = $ldap->create_missing_trees($cv['base']);
1831 /* If adding failed, tell the user */
1832 if(!$res){
1833 $this->checks['root']['STATUS'] = FALSE;
1834 $this->checks['root']['STATUS_MSG']= _("Failed");
1835 $this->checks['root']['ERROR_MSG'] = _("Root object couldn't be created, you should try it on your own.");
1836 $this->checks['root']['ERROR_MSG'].= " <input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
1837 return($res);;
1838 }
1839 }
1840 }
1842 /* Create & remove of dummy object was successful */
1843 $this->checks['root']['STATUS'] = TRUE;
1844 $this->checks['root']['STATUS_MSG']= _("Ok");
1845 }
1848 /* Return ldif information for a
1849 * given attribute array
1850 */
1851 function array_to_ldif($atts)
1852 {
1853 $ret = "";
1854 unset($atts['count']);
1855 unset($atts['dn']);
1856 foreach($atts as $name => $value){
1857 if(is_numeric($name)) {
1858 continue;
1859 }
1860 if(is_array($value)){
1861 unset($value['count']);
1862 foreach($value as $a_val){
1863 $ret .= $name.": ". $a_val."\n";
1864 }
1865 }else{
1866 $ret .= $name.": ". $value."\n";
1867 }
1868 }
1869 return(preg_replace("/\n$/","",$ret));
1870 }
1873 function get_user_list()
1874 {
1875 /* Establish ldap connection */
1876 $cv = $this->parent->captured_values;
1877 $ldap_l = new LDAP($cv['admin'],
1878 $cv['password'],
1879 $cv['connection'],
1880 FALSE,
1881 $cv['tls']);
1883 $ldap = new ldapMultiplexer($ldap_l);
1884 $ldap->cd($cv['base']);
1885 $ldap->search("(objectClass=gosaAccount)",array("dn"));
1887 $tmp = array();
1888 while($attrs = $ldap->fetch()){
1889 $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
1890 }
1891 return($tmp);
1892 }
1895 function get_all_people_ous()
1896 {
1897 /* Get collected configuration settings */
1898 $cv = $this->parent->captured_values;
1899 $people_ou = trim($cv['peopleou']);
1901 /* Establish ldap connection */
1902 $cv = $this->parent->captured_values;
1903 $ldap_l = new LDAP($cv['admin'],
1904 $cv['password'],
1905 $cv['connection'],
1906 FALSE,
1907 $cv['tls']);
1909 $ldap = new ldapMultiplexer($ldap_l);
1911 /*****************
1912 * If people ou is NOT empty
1913 * search for for all objects matching the given container
1914 *****************/
1915 if(!empty($people_ou)){
1916 $ldap->search("(".$people_ou.")",array("dn"));
1918 /* Create people ou if there is currently none */
1919 if($ldap->count() == 0 ){
1920 $add_dn = $cv['peopleou'].",".$cv['base'];
1921 $naming_attr = preg_replace("/=.*$/","",$add_dn);
1922 $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
1923 $add = array();
1924 $add['objectClass'] = array("organizationalUnit");
1925 $add[$naming_attr] = $naming_value;
1926 $ldap->cd($cv['base']);
1927 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
1928 $ldap->cd($add_dn);
1929 $ldap->add($add);
1930 }
1932 /* Create result */
1933 $ldap->search("(".$cv['peopleou'].")",array("dn"));
1934 $tmp = array();
1935 while($attrs= $ldap->fetch()){
1936 if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
1937 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
1938 }
1939 }
1940 } else{
1942 /************
1943 * If people ou is empty
1944 * Get all valid gosaDepartments
1945 ************/
1946 $ldap->cd($cv['base']);
1947 $tmp = array();
1948 $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn"));
1949 $tmp[base64_encode($cv['base'])] = $ldap->fix($cv['base']);
1950 while($attrs = $ldap->fetch()){
1951 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);;
1952 }
1953 }
1954 return($tmp);
1955 }
1958 function get_all_winstation_ous()
1959 {
1960 /* Establish ldap connection */
1961 $cv = $this->parent->captured_values;
1962 $ldap_l = new LDAP($cv['admin'],
1963 $cv['password'],
1964 $cv['connection'],
1965 FALSE,
1966 $cv['tls']);
1968 $ldap = new ldapMultiplexer($ldap_l);
1970 /* Get winstation ou */
1971 if($cv['generic_settings']['wws_ou_active']) {
1972 $winstation_ou = $cv['generic_settings']['wws_ou'];
1973 }else{
1974 $winstation_ou = "ou=winstations";
1975 }
1977 $ldap->cd($cv['base']);
1978 $ldap->search("(".$winstation_ou.")",array("dn"));
1980 if($ldap->count() == 0 ){
1981 $add_dn = $winstation_ou.",ou=systems,".$cv['base'];
1982 $naming_attr = preg_replace("/=.*$/","",$add_dn);
1983 $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
1984 $add = array();
1985 $add['objectClass'] = array("organizationalUnit");
1986 $add[$naming_attr] = $naming_value;
1988 $ldap->cd($cv['base']);
1989 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
1990 $ldap->cd($add_dn);
1991 $ldap->add($add);
1992 }
1994 $ldap->search("(".$winstation_ou.")",array("dn"));
1995 $tmp = array();
1996 while($attrs= $ldap->fetch()){
1997 if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
1998 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
1999 }
2000 }
2001 return($tmp);
2002 }
2005 function get_all_group_ous()
2006 {
2007 /* Establish ldap connection */
2008 $cv = $this->parent->captured_values;
2009 $ldap_l = new LDAP($cv['admin'],
2010 $cv['password'],
2011 $cv['connection'],
2012 FALSE,
2013 $cv['tls']);
2015 $ldap = new ldapMultiplexer($ldap_l);
2017 $group_ou = trim($cv['groupou']);
2018 if(!empty($group_ou)){
2019 $group_ou = trim($group_ou);
2020 }
2022 /************
2023 * If group ou is NOT empty
2024 * Get all valid group ous, create one if necessary
2025 ************/
2026 $ldap->cd($cv['base']);
2027 if(!empty($group_ou)){
2028 $ldap->search("(".$group_ou.")",array("dn"));
2029 if($ldap->count() == 0 ){
2030 $add_dn = $group_ou.$cv['base'];
2031 $naming_attr = preg_replace("/=.*$/","",$add_dn);
2032 $naming_value = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$add_dn);
2033 $add = array();
2034 $add['objectClass'] = array("organizationalUnit");
2035 $add[$naming_attr] = $naming_value;
2037 $ldap->cd($cv['base']);
2038 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$add_dn));
2039 $ldap->cd($add_dn);
2040 $ldap->add($add);
2041 }
2042 $ldap->search("(".$group_ou.")",array("dn"));
2043 $tmp = array();
2044 while($attrs= $ldap->fetch()){
2045 if(!preg_match("/ou=snapshots,/",$attrs['dn'])){
2046 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);
2047 }
2048 }
2049 }else{
2050 /************
2051 * If group ou is empty
2052 * Get all valid gosaDepartments
2053 ************/
2054 $ldap->cd($cv['base']);
2055 $tmp = array();
2056 $ldap->search("(&(objectClass=gosaDepartment)(ou=*))",array("dn"));
2057 $tmp[base64_encode($cv['base'])] = $ldap->fix($cv['base']);
2058 while($attrs = $ldap->fetch()){
2059 $tmp[base64_encode($attrs['dn'])] = $ldap->fix($attrs['dn']);;
2060 }
2061 }
2062 return($tmp);
2063 }
2066 function get_group_list()
2067 {
2068 /* Establish ldap connection */
2069 $cv = $this->parent->captured_values;
2070 $ldap_l = new LDAP($cv['admin'],
2071 $cv['password'],
2072 $cv['connection'],
2073 FALSE,
2074 $cv['tls']);
2076 $ldap = new ldapMultiplexer($ldap_l);
2078 $ldap->cd($cv['base']);
2079 $ldap->search("(objectClass=posixGroup)",array("dn"));
2081 $tmp = array();
2082 while($attrs = $ldap->fetch()){
2083 $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
2084 }
2085 return($tmp);
2086 }
2089 function move($source,$destination)
2090 {
2091 /* Establish ldap connection */
2092 $cv = $this->parent->captured_values;
2093 $ldap_l = new LDAP($cv['admin'],
2094 $cv['password'],
2095 $cv['connection'],
2096 FALSE,
2097 $cv['tls']);
2099 $ldap = new ldapMultiplexer($ldap_l);
2101 /* Update object references in gosaGroupOfNames */
2102 $ogs_to_fix = array();
2103 $ldap->cd($cv['base']);
2104 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::prepare4filter($source).'))', array('cn','member'));
2105 while ($attrs= $ldap->fetch()){
2106 $dn = $attrs['dn'];
2107 $attrs = $this->cleanup_array($attrs);
2108 $member_new = array($destination);
2109 foreach($attrs['member'] as $member){
2110 if($member != $source){
2111 $member_new[] = $member;
2112 }
2113 }
2114 $attrs['member'] = $member_new;
2115 $ogs_to_fix[$dn] = $attrs;
2116 }
2118 /* Copy source to destination dn */
2119 $ldap->cat($source);
2120 $new_data = $this->cleanup_array($ldap->fetch());
2121 $ldap->cd($destination);
2122 $res = $ldap->add($new_data);
2124 /* Display warning if copy failed */
2125 if(!$res){
2126 msg_dialog::display(_("LDAP error"), sprintf(_("Copy '%s' to '%s' failed:")."<br><br><i>%s</i>", LDAP::fix($source), LDAP::fix($destination), $ldap->get_error()), ERROR_DIALOG);
2127 }else{
2128 $res = $ldap->rmDir($source);
2129 if (!$ldap->success()){
2130 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $source, LDAP_DEL, get_class()));
2131 }
2133 /* Object is copied, so update its references */
2134 foreach($ogs_to_fix as $dn => $data){
2135 $ldap->cd($dn);
2136 $ldap->modify($data);
2137 }
2138 }
2139 }
2142 /* Cleanup ldap result to be able to write it be to ldap */
2143 function cleanup_array($attrs)
2144 {
2145 foreach($attrs as $key => $value) {
2146 if(is_numeric($key) || in_array($key,array("count","dn"))){
2147 unset($attrs[$key]);
2148 }
2149 if(is_array($value) && isset($value['count'])){
2150 unset($attrs[$key]['count']);
2151 }
2152 }
2153 return($attrs);
2154 }
2157 /*! \brief Act in posts from the device migration dialog
2158 */
2159 function check_device_posts()
2160 {
2161 foreach($this->device as $key => $device){
2162 if(isset($_POST["migrate_".$key])){
2163 $this->device[$key]['DETAILS'] =TRUE;
2164 }else{
2165 $this->device[$key]['DETAILS'] =FALSE;
2166 }
2167 }
2168 }
2171 /*! \brief Check for old style (gosa-2.5) devices.
2172 Save readable informations and a list of migratable devices
2173 in $this->devices.
2174 */
2175 function check_usb_devices ()
2176 {
2177 /* Establish ldap connection */
2178 $cv = $this->parent->captured_values;
2179 $ldap_l = new LDAP($cv['admin'],
2180 $cv['password'],
2181 $cv['connection'],
2182 FALSE,
2183 $cv['tls']);
2185 $ldap = new ldapMultiplexer($ldap_l);
2186 $ldap->cd($cv['base']);
2187 $res = $ldap->search("(&(|(objectClass=posixAccount)(objectClass=posixGroup))(gotoHotplugDevice=*))",
2188 array("cn","gotoHotplugDevice","gosaUnitTag"));
2190 if(!$res){
2191 $this->checks['old_style_devices']['STATUS'] = FALSE;
2192 $this->checks['old_style_devices']['STATUS_MSG']= _("LDAP query failed");
2193 $this->checks['old_style_devices']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
2194 return;
2195 }
2198 /* If adding failed, tell the user */
2199 if($ldap->count()){
2201 $this->device = array();
2202 while($attrs = $ldap->fetch()){
2204 for ($j= 0; $j < $attrs['gotoHotplugDevice']['count']; $j++){
2206 $after = "";
2207 $current= "";
2209 $entry= $attrs['gotoHotplugDevice'][$j];
2211 @list($name,$desc,$serial,$vendor,$product) = explode('|', $entry);
2213 $add = 1;
2214 $new_name = $name;
2215 while(isset($dest[$new_name])){
2216 $new_name = $name."_".$add;
2217 $add ++;
2218 }
2219 $name = $new_name;
2220 $newdn= "cn=$name,ou=devices,".preg_replace('/^[^,]+,/', '', $attrs['dn']);
2222 if (!isset($dest[$name])){
2223 $dest[$name]= $newdn;
2225 $current.= "dn: ".$attrs['dn']."\n";
2227 for ($c= 0; $c < $attrs['gotoHotplugDevice']['count']; $c++){
2228 if($c == $j){
2229 $current.= "<b>gotoHotplugDevice: ".$attrs['gotoHotplugDevice'][$c]."</b>\n";
2230 }else{
2231 $current.= "gotoHotplugDevice: ".$attrs['gotoHotplugDevice'][$c]."\n";
2232 }
2233 }
2235 $after.= "dn: $newdn\n";
2236 $after.= "changetype: add\n";
2237 $after.= "objectClass: top\n";
2238 $after.= "objectClass: gotoDevice\n";
2239 if (isset($attrs['gosaunittag'][0])){
2240 $after.= "objectClass: gosaAdminiafter\n";
2241 $after.= "gosaUnitTag: ".$attrs['gosaunittag'][0]."\n";
2242 }
2243 $after.= "cn: $name\n";
2244 $after.= "gotoHotplugDevice: $desc|$serial|$vendor|$product\n\n";
2246 $this->device[] = array(
2247 'CURRENT' => $current,
2248 'AFTER' => $after,
2249 'OLD_DEVICE' => $entry,
2250 'DN' => $attrs['dn'],
2251 'NEW_DN' => $newdn,
2252 'DEVICE_NAME' => $name,
2253 'DETAILS' => FALSE);
2254 }
2255 }
2256 }
2258 $this->checks['old_style_devices']['STATUS'] = FALSE;
2259 $this->checks['old_style_devices']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
2260 $this->checks['old_style_devices']['ERROR_MSG'] =
2261 sprintf(_("There are %s devices that need to be migrated."),count($this->device)).
2262 "<input type='submit' name='device_dialog' value='"._("Migrate")."'>";
2263 }else{
2264 $this->checks['old_style_devices']['STATUS'] = TRUE;
2265 $this->checks['old_style_devices']['STATUS_MSG']= _("Ok");
2266 $this->checks['old_style_devices']['ERROR_MSG'] = "";
2267 }
2268 }
2271 /*! \brief Migrate all selected devices.
2272 Execute all required ldap actions to migrate the
2273 selected devices.
2274 */
2275 function migrate_usb_devices ()
2276 {
2277 /* Establish ldap connection */
2278 $cv = $this->parent->captured_values;
2279 $ldap_l = new LDAP($cv['admin'],
2280 $cv['password'],
2281 $cv['connection'],
2282 FALSE,
2283 $cv['tls']);
2285 $ldap = new ldapMultiplexer($ldap_l);
2287 /* Walk through migrateable devices and initiate migration for all
2288 devices that are checked (DETAILS==TRUE)
2289 */
2290 foreach($this->device as $key => $device){
2291 if($device['DETAILS']){
2293 /* Get source object and verify that the specified device is a
2294 member attribute of it.
2295 */
2296 $ldap->cd($cv['base']);
2297 $ldap->cat($device['DN']);
2298 $attrs = $ldap->fetch();
2299 if(in_array($device['OLD_DEVICE'],$attrs['gotoHotplugDevice'])){
2301 /* Create new hotplug device object 'gotoDevice'
2302 */
2303 @list($name,$desc,$serial,$vendor,$product) = explode('|', $device['OLD_DEVICE']);
2304 $newdn = $device['NEW_DN'];
2305 $new_attr = array();
2306 $new_attr['cn'] = $device['DEVICE_NAME'];
2307 $new_attr['objectClass'] = array('top','gotoDevice');
2308 $new_attr['gotoHotplugDevice'] = "$desc|$serial|$vendor|$product";
2310 /* Add new object
2311 */
2312 $ldap->cd($cv['base']);
2313 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$newdn));
2314 $ldap->cd($newdn);
2315 $ldap->add($new_attr);
2317 /* Throw an error message if the action failed.
2318 */
2319 if(!$ldap->success()){
2320 msg_dialog::display(_("LDAP error"),
2321 sprintf(_("Adding '%s' to the LDAP failed: %s"),
2322 "<b>".LDAP::fix($newdn)."</b>",
2323 "<br><br><i>".$ldap->get_error()."</i>"), ERROR_DIALOG);
2324 }else{
2326 /* Remove old style device definition from source object.
2327 */
2328 $update['gotoHotplugDevice'] = array();
2329 for($i = 0 ; $i < $attrs['gotoHotplugDevice']['count'] ; $i++){
2330 if($attrs['gotoHotplugDevice'][$i] == $device['OLD_DEVICE']){
2331 continue;
2332 }
2333 $update['gotoHotplugDevice'][] = $attrs['gotoHotplugDevice'][$i];
2334 }
2336 $ldap->cd($device['DN']);
2337 $ldap->modify($update);
2338 $ldap->cat($device['DN'],array("gotoHotplugDevice"));
2339 if(!$ldap->success()){
2340 msg_dialog::display(_("LDAP error"),
2341 sprintf(_("Updating '%s' failed: %s"),
2342 "<b>".LDAP::fix($device['DN'])."</b>",
2343 "<br><br><i>".$ldap->get_error()."</b>"), ERROR_DIALOG);
2344 }else{
2345 unset($this->device[$key]);
2346 }
2347 }
2348 }
2349 }
2350 }
2351 $this->check_usb_devices();
2352 }
2355 /*! \brief Check for old style (gosa-2.5) services that have to be migrated
2356 to be useable in gosa-2.6.
2357 All required changes are stored in $this->service, also some
2358 readable informations describing the actions required
2359 to migrate the service
2360 */
2361 function check_services()
2362 {
2363 /* Establish ldap connection */
2364 $cv = $this->parent->captured_values;
2365 $ldap_l = new LDAP($cv['admin'],
2366 $cv['password'],
2367 $cv['connection'],
2368 FALSE,
2369 $cv['tls']);
2371 $ldap = new ldapMultiplexer($ldap_l);
2372 $this->service = array();
2374 /* Check for Ldap services that must be migrated
2375 */
2376 $ldap->cd($cv['base']);
2377 $res = $ldap->search("(objectClass=goLdapServer)", array("goLdapBase", "cn"));
2379 /* Check if we were able to query the ldap server
2380 */
2381 if(!$res){
2382 $this->checks['old_style_services']['STATUS'] = FALSE;
2383 $this->checks['old_style_services']['STATUS_MSG']= _("LDAP query failed");
2384 $this->checks['old_style_services']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
2385 return;
2386 }
2388 /* Walk through each configured ldap server
2389 and check if it is configured correctly.
2390 */
2391 while($attrs = $ldap->fetch()){
2392 $dn= $attrs['dn'];
2393 $uri= $attrs['goLdapBase'][0];
2394 if (! preg_match("!^ldaps?://!", $uri)){
2395 $this->service[] = array(
2396 "TYPE" => "modify" ,
2397 "DN" => $dn,
2398 "DETAILS" => FALSE,
2399 "ATTRS" => array("goLdapBase" => "ldap://".$attrs['cn'][0]."/$uri"),
2400 "CURRENT" => "goLdapBase: ".$uri,
2401 "AFTER" => "goLdapBase: "."ldap://".$attrs['cn'][0]."/$uri");
2402 }
2403 }
2405 /* Other sevices following here later ...maybe
2406 */
2408 /* Update status message
2409 */
2410 if(count($this->service)){
2411 $this->checks['old_style_services']['STATUS'] = FALSE;
2412 $this->checks['old_style_services']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
2413 $this->checks['old_style_services']['ERROR_MSG'] =
2414 sprintf(_("There are %s services that need to be migrated."),
2415 count($this->service)).
2416 "<input type='submit' name='service_dialog' value='"._("Migrate")."'>";
2417 }else{
2418 $this->checks['old_style_services']['STATUS'] = TRUE;
2419 $this->checks['old_style_services']['STATUS_MSG']= _("Ok");
2420 $this->checks['old_style_services']['ERROR_MSG'] = "";
2421 }
2422 }
2426 /*! \brief Migrate selected services.
2427 This function executes the commands collected by the
2428 service_check() function.
2429 */
2430 function migrate_services()
2431 {
2432 /* Establish ldap connection
2433 */
2434 $cv = $this->parent->captured_values;
2435 $ldap_l = new LDAP($cv['admin'],
2436 $cv['password'],
2437 $cv['connection'],
2438 FALSE,
2439 $cv['tls']);
2441 $ldap = new ldapMultiplexer($ldap_l);
2443 /* Handle each service
2444 */
2445 foreach($this->service as $key => $service){
2446 if($service['DETAILS']){
2448 /* Handle modify requests
2449 */
2450 if($service['TYPE'] == "modify"){
2451 $ldap->cd($service['DN']);
2452 $ldap->modify($service['ATTRS']);
2454 /* Check if everything done was successful
2455 */
2456 if(!$ldap->success()){
2457 msg_dialog::display(_("LDAP error"),
2458 sprintf(_("Updating '%s' failed: %s"),
2459 "<b>".LDAP::fix($service['DN'])."</b>",
2460 "<br><br><i>".$ldap->get_error()."</b>"), ERROR_DIALOG);
2461 }else{
2463 /* Remove action from list
2464 */
2465 unset($this->service[$key]);
2466 }
2467 }
2468 }
2469 }
2471 /* Update the service migration status
2472 */
2473 $this->check_services();
2474 }
2477 /*! \brief Ensure that posts made on the service migration dialog
2478 are processed.
2479 */
2480 function check_service_posts()
2481 {
2482 foreach($this->service as $key => $service){
2483 if(isset($_POST["migrate_".$key])){
2484 $this->service[$key]['DETAILS'] =TRUE;
2485 }else{
2486 $this->service[$key]['DETAILS'] =FALSE;
2487 }
2488 }
2489 }
2492 /*! \brief This function checks the given ldap for old style (gosa-2.5)
2493 menu entries and will prepare a list of actions that are required
2494 to migrate them to gosa-2.6.
2495 All required actions and some readable informations are stored in
2496 $this->menu.
2497 */
2498 function check_menus()
2499 {
2500 /* Establish ldap connection
2501 */
2502 $cv = $this->parent->captured_values;
2503 $ldap_l = new LDAP($cv['admin'],
2504 $cv['password'],
2505 $cv['connection'],
2506 FALSE,
2507 $cv['tls']);
2509 $ldap = new ldapMultiplexer($ldap_l);
2511 /* First detect all release names
2512 */
2513 $ldap->cd($cv['base']);
2514 $res = $ldap->search("(&(objectClass=organizational)(objectClass=FAIbranch))",array("ou","objectClass"));
2516 /* Check if we were able to query the ldap server
2517 */
2518 if(!$res){
2519 $this->checks['old_style_menus']['STATUS'] = FALSE;
2520 $this->checks['old_style_menus']['STATUS_MSG']= _("LDAP query failed");
2521 $this->checks['old_style_menus']['ERROR_MSG'] = _("Possibly the 'root object' is missing.");
2522 return;
2523 }
2525 /* Create application -> parameter mapping, used later to detect
2526 which configured parameter belongs to which application entry.
2527 */
2528 $amap= array();
2529 $todo = array();
2530 $ldap->cd($cv['base']);
2531 $ldap->search("(objectClass=gosaApplication)", array("cn", "gosaApplicationParameter"));
2532 while($info = $ldap->fetch()){
2533 if (isset($info['gosaApplicationParameter']['count'])){
2534 for ($j= 0; $j < $info['gosaApplicationParameter']['count']; $j++){
2535 $p= preg_replace("/^([^:]+):.*$/", "$1", $info['gosaApplicationParameter'][$j]);
2537 if(!isset($amap[$info['cn'][0]]) || !in_array($p, $amap[$info['cn'][0]])){
2538 $amap[$info['cn'][0]][]= $p;
2539 }
2540 }
2541 } else {
2542 $amap[$info['cn'][0]]= array();
2543 }
2544 }
2546 /* Search for all groups that have an old style application menu configured.
2547 */
2548 $appgroups = array();
2549 $ldap->cd($cv['base']);
2550 $ldap->search("(&(objectClass=gosaApplicationGroup)(objectClass=posixGroup)(FAIrelease=*))",
2551 array("gosaMemberApplication","gosaApplicationParameter","FAIrelease","objectClass","gosaUnitTag"));
2553 /* Create readable prefix for "What will be done" infos
2554 */
2555 $s_add = "<i>"._("Add")."</i>\t";
2556 $s_del = "<i>"._("Remove")."</i>\t";
2558 /* Walk through all found old-style menu configurations.
2559 -Prepare ldap update list $data
2560 -Prepare printable changes $after/$current
2561 */
2562 while($info = $ldap->fetch()){
2564 $data = array();
2565 $current = "";
2566 $after ="";
2568 /* Get unit tag
2569 */
2570 $tag ="";
2571 if(isset($info['gosaUnitTag'])){
2572 $tag = $info['gosaUnitTag'][0];
2573 }
2575 /* Collect application parameter for this group
2576 */
2577 $params= array();
2578 if(isset($info['gosaApplicationParameter'])){
2579 for ($i= 0; $i < $info['gosaApplicationParameter']['count']; $i++){
2580 $name= preg_replace("/^([^:]+):.*$/", "$1", $info['gosaApplicationParameter'][$i]);
2581 $params[$name]= $info['gosaApplicationParameter'][$i];
2582 }
2583 }
2585 /* Create release container for each release/subrelease.
2586 eg. "sisa/1.0.0":
2587 . "ou=siga, ..."
2588 . "ou=1.0.0,ou=siga, .."
2589 */
2590 $release = "";
2591 $r = $info['FAIrelease'][0];
2592 $z = split("/",$r);
2593 foreach($z as $part){
2595 if(!empty($part)){
2596 $release = "ou=".$part.",".$release;
2598 /* Append release department information to "What will be done" info
2599 */
2600 $release_dn = $release.$info['dn'];
2601 $after .= $s_add."dn: $release_dn\n";
2602 $after .= $s_add."objectClass: top\n";
2603 $after .= $s_add."objectClass: FAIbranch\n";
2604 $after .= $s_add."objectClass: organizationalUnit\n";
2606 /* Append UnitTag
2607 */
2608 if($tag != ""){
2609 $after .= $s_add."objectClass: gosaAdministrativeUnitTag\n";
2610 $after .= $s_add."gosaUnitTag: $tag\n";
2611 }
2612 $after .= $s_add."ou: $part\n";
2614 /* Append release data to ldap actions
2615 */
2616 $d = array();
2617 $d['objectClass'] = array("top","FAIbranch","organizationalUnit");
2618 if(!empty($tag)){
2619 $d['objectClass'][] = "gosaAdministrativeUnitTag";
2620 $d['gosaUnitTag'] = $tag;
2621 }
2622 $d['ou'] = $part;
2623 $data['ADD'][$release_dn]= $d;
2624 }
2625 }
2627 /* Add member applications to the array.
2628 */
2629 $current .= "dn: ".$info['dn']."\n";
2630 $menu_structure = array();
2631 for ($i= 0; $i < $info['gosaMemberApplication']['count']; $i++){
2632 list($name, $location, $priority)= explode("|", $info['gosaMemberApplication'][$i]);
2634 /* Create location dn
2635 */
2636 $location_dn ="";
2637 if(!empty($location)){
2638 $location_dn ="cn=".$location.",";
2639 }
2641 /* Append old style element to current detail informations
2642 */
2643 $current .= $s_del."gosaMemberApplication: ".$info['gosaMemberApplication'][$i]."\n";
2645 /* Append ldap update action to remove the old menu entry attributes
2646 */
2647 unset($info['objectClass']['count']);
2648 $d = array();
2649 $d['gosaMemberApplication'] = array();
2650 $d['gosaApplicationParameter'] = array();
2651 if(isset($info['FAIrelease'])){
2652 $d['FAIrelease'] = array();
2653 }
2654 $d['objectClass'] = array_remove_entries(array("gosaApplicationGroup","FAIreleaseTag"),$info['objectClass']);
2655 $data['MODIFY'][$info['dn']] = $d;
2657 /* Create new application menu structure
2658 */
2659 if (isset($amap[$name])){
2661 /* Append missing menu structure to "What is done info"
2662 */
2663 if(!isset($menu_structure[$location]) && !empty($location)){
2664 $menu_structure[$location] = TRUE;
2665 $after .= "\n";
2666 $after .= $s_add."dn: $location_dn$release_dn\n";
2667 $after .= $s_add."objectClass: gotoSubmenuEntry\n";
2669 /* Append UnitTag
2670 */
2671 if($tag != ""){
2672 $after .= $s_add."objectClass: gosaAdministrativeUnitTag\n";
2673 $after .= $s_add."gosaUnitTag: $tag\n";
2674 }
2675 $after .= $s_add."cn: $location\n";
2677 /* Create ldap entry to append
2678 */
2679 $d = array();
2680 $d['cn'] = $location;
2681 $d['objectClass'] = array("gotoSubmenuEntry");
2682 if(!empty($tag)){
2683 $d['objectClass'][] = "gosaAdministrativeUnitTag";
2684 $d['gosaUnitTag'] = $tag;
2685 }
2686 $data['ADD'][$location_dn.$release_dn] = $d;
2687 }
2690 /* Append missing menu entry for "What is done info".
2691 */
2692 if(!empty($name)){
2693 $after .= "\n";
2694 $after .= $s_add."dn: cn=$name,$location_dn$release_dn\n";
2695 $after .= $s_add."objectClass: gotoMenuEntry\n";
2696 if($tag != ""){
2697 $after .= $s_add."objectClass: gosaAdministrativeUnitTag\n";
2698 $after .= $s_add."gosaUnitTag: $tag\n";
2699 }
2700 $after .= $s_add."cn: $name\n";
2701 $after .= $s_add."gosaApplicationPriority: $priority\n";
2703 /* Create ldap entry
2704 */
2705 $d= array();
2706 $d['objectClass'] = array("gotoMenuEntry");
2707 if(!empty($tag)){
2708 $d['objectClass'][] = "gosaAdministrativeUnitTag";
2709 $d['gosaUnitTag'] = $tag;
2710 }
2711 $d['cn'] = $name;
2712 $d['gosaApplicationPriority'] = $priority;
2714 foreach ($amap[$name] as $n){
2715 if (isset($params[$n])){
2716 $after .= $s_add."gosaApplicationParameter: ".$params[$n]."\n";
2717 $d['gosaApplicationParameter'][] = $params[$n];
2718 }
2719 }
2720 $data['ADD']["cn=$name,$location_dn$release_dn"] = $d;
2721 }
2722 }
2723 }
2725 /* Updated todo list
2726 */
2727 $todo[] = array(
2728 "DETAILS" => FALSE,
2729 "DN" => $info['dn'],
2730 "AFTER" => $after,
2731 "CURRENT" => $current,
2732 "TODO" => $data
2733 );
2734 }
2736 /* Remember checks.
2737 */
2738 $this->menu = $todo;
2740 /* Check if we were able to query the ldap server
2741 */
2742 if(count($this->menu)){
2743 $this->checks['old_style_menus']['STATUS'] = FALSE;
2744 $this->checks['old_style_menus']['STATUS_MSG']= "<font style='color:#F0A500'>"._("Warning")."</font>";
2745 $this->checks['old_style_menus']['ERROR_MSG'] = sprintf(_("There are %s application menus which have to be migrated."),
2746 count($this->menu))."<input type='submit' name='menu_dialog' value='"._("Migrate")."'>";
2747 }else{
2748 $this->checks['old_style_menus']['STATUS'] = TRUE;
2749 $this->checks['old_style_menus']['STATUS_MSG']= _("Ok");
2750 $this->checks['old_style_menus']['ERROR_MSG'] = "";
2751 }
2752 }
2755 /*! \brief Handle posts for the menu_dialog
2756 Ensure that checked checkboxes stay checked.
2757 */
2758 function check_menu_posts()
2759 {
2760 foreach($this->menu as $key => $menu){
2761 if(isset($_POST["migrate_".$key])){
2762 $this->menu[$key]['DETAILS'] =TRUE;
2763 }else{
2764 $this->menu[$key]['DETAILS'] =FALSE;
2765 }
2766 }
2767 }
2770 /*! \brief This function updates old-style application menus to
2771 valid 2.6 application menus.
2772 All selected menus will be converted (DETAILS = TRUE).
2773 The ldap actions collected by check_menus() will be executed.
2774 */
2775 function migrate_menus()
2776 {
2778 /* Establish ldap connection
2779 */
2780 $cv = $this->parent->captured_values;
2781 $ldap_l = new LDAP($cv['admin'],
2782 $cv['password'],
2783 $cv['connection'],
2784 FALSE,
2785 $cv['tls']);
2787 $ldap = new ldapMultiplexer($ldap_l);
2788 $ldap->cd($cv['base']);
2790 /* Walk through menus and detect selected menu
2791 */
2792 foreach($this->menu as $key => $menu){
2793 if($menu['DETAILS']) {
2795 /* Excute all LDAP-ADD actions
2796 */
2797 $success = TRUE;
2798 foreach($menu['TODO']['ADD'] as $dn => $data){
2799 $ldap->cd($cv['base']);
2800 if(!$ldap->dn_exists($dn)){
2801 $ldap->cd($dn);
2802 $ldap->add($data);
2803 if (!$ldap->success()){
2804 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_ADD, get_class()));
2805 $success = FALSE;
2806 }
2807 }
2808 }
2810 /* Execute all LDAP-MODIFY actions
2811 */
2812 foreach($menu['TODO']['MODIFY'] as $dn => $data){
2813 $ldap->cd($cv['base']);
2814 if($ldap->dn_exists($dn)){
2815 $ldap->cd($dn);
2816 $ldap->modify($data);
2817 if (!$ldap->success()){
2818 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, get_class()));
2819 $success = FALSE;
2820 }
2821 }
2822 }
2824 /* If every action was successful, remove this entry from the list
2825 */
2826 if($success){
2827 unset($this->menu[$key]);
2828 }
2829 }
2830 }
2832 /* Udpate migration status for application menus
2833 */
2834 $this->check_menus();
2835 }
2836 }
2838 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
2839 ?>