1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id: class_roleManagement.inc 13520 2009-03-09 14:54:13Z hickert $$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
24 class roleGeneric extends plugin {
26 // The variables this plugin takes care of.
27 var $cn = "";
28 var $description ="";
29 var $telephoneNumber = "";
30 var $facsimileTelephoneNumber = "";
32 // The objects base
33 var $base = "";
35 // Keep track if possible ng aming modifications
36 var $orig_dn = "";
37 var $orig_cn = "";
38 var $orig_base = "";
40 // The object classes written by this plugin
41 var $objectclasses = array("top","organizationalRole");
43 // The list of occupants ([dn])
44 var $roleOccupant = array();
46 // The roleOccupant cache, dn=>attrs
47 var $roleOccCache = array();
49 // A list of attributes managed by this plugin
50 var $attributes = array("cn","description",
51 "telephoneNumber","facsimileTelephoneNumber","roleOccupant");
53 //
54 var $objCacheLoaded = FALSE;
55 var $baseSelector;
57 /* Initialize the class
58 */
59 function __construct($config,$dn){
60 plugin::plugin($config,$dn);
61 $this->is_account = TRUE;
63 // Initialize list of occupants
64 $this->roleOccupant = array();
65 if(isset($this->attrs['roleOccupant'])){
66 for($i=0;$i<$this->attrs['roleOccupant']['count']; $i++){
67 $this->roleOccupant[] = $this->attrs['roleOccupant'][$i];
68 }
69 }
71 // Detect the objects base
72 if ($this->dn == "new"){
73 $ui = get_userinfo();
74 $this->base= dn2base(session::global_is_set("CurrentMainBase")?"cn=dummy,".session::global_get("CurrentMainBase"):$ui->dn);
75 } else {
76 $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("roleRDN"), '/i')."/","",$this->dn);
77 }
79 // Keep track of naming attribute modifications
80 $this->orig_base = $this->base;
81 $this->orig_dn = $dn;
82 $this->orig_cn = $this->cn;
84 /* Instanciate base selector */
85 $this->baseSelector= new baseSelector($this->get_allowed_bases(), $this->base);
86 $this->baseSelector->setSubmitButton(false);
87 $this->baseSelector->setHeight(300);
88 $this->baseSelector->update(true);
90 // Prepare lists
91 $this->memberList = new sortableListing();
92 $this->memberList->setDeleteable(true);
93 $this->memberList->setInstantDelete(true);
94 $this->memberList->setEditable(false);
95 $this->memberList->setWidth("100%");
96 $this->memberList->setHeight("300px");
97 $this->memberList->setHeader(array("~",_("Name"),_("Uid")));
98 $this->memberList->setColspecs(array('20px','*','*','20px'));
99 $this->memberList->setDefaultSortColumn(1);
100 }
103 /* Keep occupant cache up to date.
104 * Else, we may have entries we can't display.
105 */
106 function reload()
107 {
108 // Entries can't be added twice.
109 $attrs = array("description", "objectClass", "uid","cn");
110 $this->roleOccupant = array_unique($this->roleOccupant);
111 $this->roleOccupant = array_values($this->roleOccupant);
113 $ldap = $this->config->get_ldap_link();
114 foreach($this->roleOccupant as $dn){
115 if(!isset($this->roleOccCache[$dn])){
116 if($ldap->dn_exists($dn)){
117 $ldap->cat($dn, $attrs);
119 $tmp = $ldap->fetch();
120 if(!isset($tmp['cn'])){
122 // Extract the namingAttribute out of the dn.
123 $cn = preg_replace("/^[^=]*+=([^,]*).*$/","\\1",$tmp['dn']);
124 if(isset($tmp['uid'])){
125 $cn = $tmp['uid'][0];
126 }
127 if(isset($tmp['description'])){
128 $cn.= " [".$tmp['description'][0]."]";
129 }
130 $tmp['cn'][0] = $cn;
131 }
133 $this->roleOccCache[$dn] = $tmp;
134 }
135 }
136 }
138 }
141 function getOccupants(){
142 return($this->roleOccupant);
143 }
145 /* Generate HTML output of this plugin.
146 */
147 function execute()
148 {
149 plugin::execute();
150 // Get list of possible ldap bases, will be selectable in the ui.
151 $tmp = $this->allowedBasesToMoveTo();
153 // Reload the occupant cache.
154 if(!$this->objCacheLoaded){
155 $this->reload();
156 $this->objCacheLoaded = TRUE;
157 }
159 /***************
160 * Dialog handling
161 ***************/
163 if(isset($_POST['edit_membership']) && !$this->dialog instanceOf userSelect){
164 $this->dialog = new userSelect($this->config,get_userinfo());
165 }
166 $this->memberList->save_object();
167 $action = $this->memberList->getAction();
168 if($action['action'] == 'delete'){
169 $this->roleOccupant = $this->memberList->getMaintainedData();
170 }
172 if(isset($_POST['delete_membership']) && !$this->dialog instanceOf userSelect){
173 if(isset($_POST['members'])){
174 foreach($_POST['members'] as $id){
175 if(isset($this->roleOccupant[$id])){
176 unset($this->roleOccupant[$id]);
177 }
178 }
179 $this->reload();
180 }
181 }
183 if(isset($_POST['add_users_cancel']) && $this->dialog instanceOf userSelect){
184 $this->dialog = NULL;
185 }
186 if(isset($_POST['add_users_finish']) && $this->dialog instanceOf userSelect){
187 $users = $this->dialog->detectPostActions();
188 if(isset($users['targets'])){
189 $headpage = $this->dialog->getHeadpage();
190 foreach($users['targets'] as $dn){
191 $attrs = $headpage->getEntry($dn);
192 $this->roleOccupant[] = $dn;
193 $this->roleOccCache[$dn] = $attrs;
194 }
195 }
196 $this->dialog= FALSE;
197 }
199 if($this->dialog instanceOf userSelect){
201 // Build up blocklist
202 session::set('filterBlacklist', array('dn' => $this->roleOccupant));
203 return($this->dialog->execute());
204 }
207 /***************
208 * Template handling
209 ***************/
211 $this->memberList->setAcl($this->getacl("roleOccupant"));
213 $data = $lData = array();
214 foreach ($this->roleOccupant as $key => $dn){
215 $data[$key] = $dn;
216 if(isset($this->roleOccCache[$dn])){
217 $icon = image('plugins/users/images/select_user.png');
218 $entry = $this->roleOccCache[$dn];
219 $name = $entry['cn']['0'];
220 $uid = $entry['uid']['0'];
221 if(isset($entry['description'][0])){
222 $name .= " [".$entry['description'][0]."]";
223 }
224 }else{
225 $name = _("Unknown")." ".$dn;
226 $uid = " ";
227 $icon = image('images/false.png');
228 }
229 $lData[$key] = array('data' => array($icon, $name, $uid));
230 }
232 $this->memberList->setListData($data,$lData);
233 $this->memberList->update();
235 // Get smarty instance and assign required variables.
236 $smarty = get_smarty();
237 $smarty->assign("usePrototype", "true");
238 $smarty->assign("base", $this->baseSelector->render());
239 $smarty->assign("memberList",$this->memberList->render());
240 foreach($this->attributes as $attr){
241 $smarty->assign($attr,$this->$attr);
242 }
244 // Assign current permissions for each attribute.
245 $tmp = $this->plInfo();
246 foreach($tmp['plProvidedAcls'] as $attr => $desc){
247 $smarty->assign($attr."ACL",$this->getacl($attr));
248 }
249 return($smarty->fetch(get_template_path('roleGeneric.tpl',TRUE,dirname(__FILE__))));
250 }
253 /* Check user input and return a list of 'invalid input' messages.
254 */
255 function check()
256 {
257 $message = plugin::check();
259 // Set the new acl base
260 if($this->dn == "new") {
261 $this->set_acl_base($this->base);
262 }
264 // Check if we are allowed to create/move this user
265 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
266 $message[]= msgPool::permCreate();
267 }elseif($this->orig_dn != "new" &&
268 !$this->acl_is_moveable($this->base) &&
269 ($this->orig_base != $this->base || $this->orig_cn != $this->cn )){
270 $message[]= msgPool::permMove();
271 }
273 // Check if a wrong base was supplied
274 if(!$this->baseSelector->checkLastBaseUpdate()){
275 $message[]= msgPool::check_base();;
276 }
278 /* must: cn */
279 if ($this->cn == ""){
280 $message[]= msgPool::required(_("Name"));
281 }
283 // Check if this name is uniq for roles.
284 $ldap= $this->config->get_ldap_link();
285 $ldap->cd($this->config->current['BASE']);
286 $ldap->search("(&(objectClass=organizationalRole)(cn=$this->cn))", array("cn"));
287 $ldap->fetch();
288 if ($ldap->count() != 0 && ( $this->dn == 'new' || $this->cn != $this->orig_cn)){
289 $message[]= msgPool::duplicated(_("Name"));
290 }
292 return($message);
293 }
296 /* Removes the object from the ldap database
297 */
298 function remove_from_parent()
299 {
300 plugin::remove_from_parent();
302 // Remove this object.
303 $ldap= $this->config->get_ldap_link();
304 $ldap->rmdir($this->dn);
305 if (!$ldap->success()){
306 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
307 }
309 // Log action.
310 new log("remove","roles/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
312 // Trigger remove signal
313 $this->handle_post_events("remove");
314 }
317 /* Saves object modifications
318 */
319 function save()
320 {
322 // Ensure that we've added objects only once.
323 $this->roleOccupant = array_unique($this->roleOccupant);
324 $this->roleOccupant = array_values($this->roleOccupant);
326 plugin::save();
328 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
329 new entries. So do a check first... */
330 $ldap = $this->config->get_ldap_link();
331 $ldap->cat ($this->dn, array('dn'));
332 if ($ldap->fetch()){
333 $mode= "modify";
334 } else {
335 $mode= "add";
336 $ldap->cd($this->config->current['BASE']);
337 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
338 }
339 @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__,$this->attributes, "Save via $mode");
341 // Finally write data with selected 'mode'
342 $this->cleanup();
343 $ldap->cd ($this->dn);
346 $ldap->$mode ($this->attrs);
347 if (!$ldap->success()){
348 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(),
349 $this->dn, LDAP_MOD, get_class()));
350 return (1);
351 }
353 // Send modify/add events
354 $this->handle_post_events($mode);
356 // Update ACL dependencies too
357 if($this->dn != $this->orig_dn && $this->orig_dn != "new"){
358 $tmp = new acl($this->config,$this->parent,$this->dn);
359 $tmp->update_acl_membership($this->orig_dn,$this->dn);
360 }
362 // Log action
363 if($mode == "modify"){
364 new log("modify","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
365 }else{
366 new log("create","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
367 }
369 return 0;
370 }
373 /* This avoids that users move themselves out of their rights.
374 */
375 function allowedBasesToMoveTo()
376 {
377 $bases = $this->get_allowed_bases();
378 return($bases);
379 }
382 /* Save HTML inputs
383 */
384 function save_object()
385 {
386 plugin::save_object();
388 /* Refresh base */
389 if ($this->acl_is_moveable($this->base)){
390 if (!$this->baseSelector->update()) {
391 msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
392 }
393 if ($this->base != $this->baseSelector->getBase()) {
394 $this->base= $this->baseSelector->getBase();
395 $this->is_modified= TRUE;
396 }
397 }
398 }
401 function PrepareForCopyPaste($source)
402 {
403 plugin::PrepareForCopyPaste($source);
405 /* Load member objects */
406 $this->roleOccupant = array();
407 if (isset($source['roleOccupant'])){
408 foreach ($source['roleOccupant'] as $key => $value){
409 if ("$key" != "count"){
410 $value= @LDAP::convert($value);
411 $this->roleOccupant["$value"]= "$value";
412 }
413 }
414 }
415 $this->reload();
416 }
419 function getCopyDialog()
420 {
421 $smarty = get_smarty();
422 $smarty->assign("cn", $this->cn);
423 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
424 $ret = array();
425 $ret['string'] = $str;
426 $ret['status'] = "";
427 return($ret);
428 }
430 function saveCopyDialog()
431 {
432 if(isset($_POST['cn'])){
433 $this->cn = $_POST['cn'];
434 }
435 }
438 static function plInfo()
439 {
440 return (array(
441 "plShortName" => _("Generic"),
442 "plDescription" => _("Role generic"),
443 "plSelfModify" => FALSE,
444 "plDepends" => array(),
445 "plPriority" => 1,
446 "plSection" => array("administration"),
447 "plCategory" => array("roles" => array("description" => _("Roles"),
448 "objectClass" => "organizationalRole")),
449 "plProvidedAcls"=> array(
450 "cn" => _("Name"),
451 "description" => _("Description"),
452 "base" => _("Base"),
453 "telephoneNumber" => _("Telefon number"),
454 "facsimileTelephoneNumber" => _("Fax number"),
455 "roleOccupant" => _("Occupants"))
456 ));
457 }
458 }
461 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
462 ?>