1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /*! \brief The plugin base class
22 \author Cajus Pollmeier <pollmeier@gonicus.de>
23 \version 2.00
24 \date 24.07.2003
26 This is the base class for all plugins. It can be used standalone or
27 can be included by the tabs class. All management should be done
28 within this class. Extend your plugins from this class.
29 */
31 class plugin
32 {
33 /*!
34 \brief Reference to parent object
36 This variable is used when the plugin is included in tabs
37 and keeps reference to the tab class. Communication to other
38 tabs is possible by 'name'. So the 'fax' plugin can ask the
39 'userinfo' plugin for the fax number.
41 \sa tab
42 */
43 var $parent= NULL;
45 /*!
46 \brief Configuration container
48 Access to global configuration
49 */
50 var $config= NULL;
52 /*!
53 \brief Mark plugin as account
55 Defines whether this plugin is defined as an account or not.
56 This has consequences for the plugin to be saved from tab
57 mode. If it is set to 'FALSE' the tab will call the delete
58 function, else the save function. Should be set to 'TRUE' if
59 the construtor detects a valid LDAP object.
61 \sa plugin::plugin()
62 */
63 var $is_account= FALSE;
64 var $initially_was_account= FALSE;
66 /*!
67 \brief Mark plugin as template
69 Defines whether we are creating a template or a normal object.
70 Has conseqences on the way execute() shows the formular and how
71 save() puts the data to LDAP.
73 \sa plugin::save() plugin::execute()
74 */
75 var $is_template= FALSE;
76 var $ignore_account= FALSE;
77 var $is_modified= FALSE;
79 /*!
80 \brief Represent temporary LDAP data
82 This is only used internally.
83 */
84 var $attrs= array();
86 /* Keep set of conflicting plugins */
87 var $conflicts= array();
89 /* Save unit tags */
90 var $gosaUnitTag= "";
92 /*!
93 \brief Used standard values
95 dn
96 */
97 var $dn= "";
98 var $uid= "";
99 var $sn= "";
100 var $givenName= "";
101 var $acl= "*none*";
102 var $dialog= FALSE;
103 var $snapDialog = NULL;
105 /* attribute list for save action */
106 var $attributes= array();
107 var $objectclasses= array();
108 var $is_new= TRUE;
109 var $saved_attributes= array();
111 var $acl_base= "";
112 var $acl_category= "";
114 /* Plugin identifier */
115 var $plHeadline= "";
116 var $plDescription= "";
118 /* This can be set to render the tabulators in another stylesheet */
119 var $pl_notify= FALSE;
121 /* Object entry CSN */
122 var $entryCSN = "";
123 var $CSN_check_active = FALSE;
125 /* This variable indicates that this class can handle multiple dns at once. */
126 var $multiple_support = FALSE;
128 /* This aviable indicates, that we are currently in multiple edit handle */
129 var $multiple_support_active = FALSE;
130 var $selected_edit_values = array();
132 /*! \brief plugin constructor
134 If 'dn' is set, the node loads the given 'dn' from LDAP
136 \param dn Distinguished name to initialize plugin from
137 \sa plugin()
138 */
139 function plugin (&$config, $dn= NULL, $parent= NULL)
140 {
141 /* Configuration is fine, allways */
142 $this->config= &$config;
143 $this->dn= $dn;
145 /* Handle new accounts, don't read information from LDAP */
146 if ($dn == "new"){
147 return;
148 }
150 /* Save current dn as acl_base */
151 $this->acl_base= $dn;
153 /* Get LDAP descriptor */
154 $ldap= $this->config->get_ldap_link();
155 if ($dn !== NULL){
157 /* Load data to 'attrs' and save 'dn' */
158 if ($parent !== NULL){
159 $this->attrs= $parent->attrs;
160 } else {
161 $ldap->cat ($dn);
162 $this->attrs= $ldap->fetch();
163 }
165 /* Copy needed attributes */
166 foreach ($this->attributes as $val){
167 $found= array_key_ics($val, $this->attrs);
168 if ($found != ""){
169 $this->$val= $this->attrs["$found"][0];
170 }
171 }
173 /* gosaUnitTag loading... */
174 if (isset($this->attrs['gosaUnitTag'][0])){
175 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
176 }
178 /* Set the template flag according to the existence of objectClass
179 gosaUserTemplate */
180 if (isset($this->attrs['objectClass'])){
181 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
182 $this->is_template= TRUE;
183 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
184 "found", "Template check");
185 }
186 }
188 /* Is Account? */
189 $found= TRUE;
190 foreach ($this->objectclasses as $obj){
191 if (preg_match('/top/i', $obj)){
192 continue;
193 }
194 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
195 $found= FALSE;
196 break;
197 }
198 }
199 if ($found){
200 $this->is_account= TRUE;
201 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
202 "found", "Object check");
203 }
205 /* Prepare saved attributes */
206 $this->saved_attributes= $this->attrs;
207 foreach ($this->saved_attributes as $index => $value){
208 if (preg_match('/^[0-9]+$/', $index)){
209 unset($this->saved_attributes[$index]);
210 continue;
211 }
212 if (!in_array($index, $this->attributes) && $index != "objectClass"){
213 unset($this->saved_attributes[$index]);
214 continue;
215 }
216 if ($this->saved_attributes[$index]["count"] == 1){
217 $tmp= $this->saved_attributes[$index][0];
218 unset($this->saved_attributes[$index]);
219 $this->saved_attributes[$index]= $tmp;
220 continue;
221 }
223 unset($this->saved_attributes["$index"]["count"]);
224 }
225 }
227 /* Save initial account state */
228 $this->initially_was_account= $this->is_account;
229 }
231 /*! \brief execute plugin
233 Generates the html output for this node
234 */
235 function execute()
236 {
237 /* This one is empty currently. Fabian - please fill in the docu code */
238 $_SESSION['current_class_for_help'] = get_class($this);
240 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
241 $_SESSION['LOCK_VARS_TO_USE'] = $_SESSION['LOCK_VARS_USED'] =array();
242 }
244 /*! \brief execute plugin
245 Removes object from parent
246 */
247 function remove_from_parent()
248 {
249 /* include global link_info */
250 $ldap= $this->config->get_ldap_link();
252 /* Get current objectClasses in order to add the required ones */
253 $ldap->cat($this->dn);
254 $tmp= $ldap->fetch ();
255 $oc= array();
256 if (isset($tmp['objectClass'])){
257 $oc= $tmp['objectClass'];
258 unset($oc['count']);
259 }
261 /* Remove objectClasses from entry */
262 $ldap->cd($this->dn);
263 $this->attrs= array();
264 $this->attrs['objectClass']= array_remove_entries($this->objectclasses,$oc);
266 /* Unset attributes from entry */
267 foreach ($this->attributes as $val){
268 $this->attrs["$val"]= array();
269 }
271 /* Unset account info */
272 $this->is_account= FALSE;
274 /* Do not write in plugin base class, this must be done by
275 children, since there are normally additional attribs,
276 lists, etc. */
277 /*
278 $ldap->modify($this->attrs);
279 */
280 }
283 /* Save data to object */
284 function save_object()
285 {
286 /* Update entry CSN if it is empty. */
287 if(empty($this->entryCSN) && $this->CSN_check_active){
288 $this->entryCSN = getEntryCSN($this->dn);
289 }
291 if($this->multiple_support_active){
292 foreach($this->attributes as $attr){
293 if(isset($_POST["use_".$attr])){
294 $this->selected_edit_values[$attr] = TRUE;
295 }else{
296 $this->selected_edit_values[$attr] = FALSE;
297 }
298 }
299 }
301 /* Save values to object */
302 foreach ($this->attributes as $val){
303 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
304 /* Check for modifications */
305 if (get_magic_quotes_gpc()) {
306 $data= stripcslashes($_POST["$val"]);
307 } else {
308 $data= $this->$val = $_POST["$val"];
309 }
310 if ($this->$val != $data){
311 $this->is_modified= TRUE;
312 }
314 /* Okay, how can I explain this fix ...
315 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
316 * So IE posts these 'unselectable' option, with value = chr(194)
317 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
318 * This was added for W3c compliance, but now causes these ... ldap errors ...
319 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
320 */
321 if(isset($data[0]) && $data[0] == chr(194)) {
322 $data = "";
323 }
324 $this->$val= $data;
325 //echo "<font color='blue'>".$val."</font><br>";
326 }else{
327 //echo "<font color='red'>".$val."</font><br>";
328 }
329 }
330 }
333 /* Save data to LDAP, depending on is_account we save or delete */
334 function save()
335 {
336 /* include global link_info */
337 $ldap= $this->config->get_ldap_link();
339 /* Save all plugins */
340 $this->entryCSN = "";
342 /* Start with empty array */
343 $this->attrs= array();
345 /* Get current objectClasses in order to add the required ones */
346 $ldap->cat($this->dn);
348 $tmp= $ldap->fetch ();
350 $oc= array();
351 if (isset($tmp['objectClass'])){
352 $oc= $tmp["objectClass"];
353 $this->is_new= FALSE;
354 unset($oc['count']);
355 } else {
356 $this->is_new= TRUE;
357 }
359 /* Load (minimum) attributes, add missing ones */
360 $this->attrs['objectClass']= gosa_array_merge($oc,$this->objectclasses);
362 /* Copy standard attributes */
363 foreach ($this->attributes as $val){
364 if ($this->$val != ""){
365 $this->attrs["$val"]= $this->$val;
366 } elseif (!$this->is_new) {
367 $this->attrs["$val"]= array();
368 }
369 }
371 }
374 function cleanup()
375 {
376 foreach ($this->attrs as $index => $value){
378 /* Convert arrays with one element to non arrays, if the saved
379 attributes are no array, too */
380 if (is_array($this->attrs[$index]) &&
381 count ($this->attrs[$index]) == 1 &&
382 isset($this->saved_attributes[$index]) &&
383 !is_array($this->saved_attributes[$index])){
385 $tmp= $this->attrs[$index][0];
386 $this->attrs[$index]= $tmp;
387 }
389 /* Remove emtpy arrays if they do not differ */
390 if (is_array($this->attrs[$index]) &&
391 count($this->attrs[$index]) == 0 &&
392 !isset($this->saved_attributes[$index])){
394 unset ($this->attrs[$index]);
395 continue;
396 }
398 /* Remove single attributes that do not differ */
399 if (!is_array($this->attrs[$index]) &&
400 isset($this->saved_attributes[$index]) &&
401 !is_array($this->saved_attributes[$index]) &&
402 $this->attrs[$index] == $this->saved_attributes[$index]){
404 unset ($this->attrs[$index]);
405 continue;
406 }
408 /* Remove arrays that do not differ */
409 if (is_array($this->attrs[$index]) &&
410 isset($this->saved_attributes[$index]) &&
411 is_array($this->saved_attributes[$index])){
413 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
414 unset ($this->attrs[$index]);
415 continue;
416 }
417 }
418 }
420 /* Update saved attributes and ensure that next cleanups will be successful too */
421 foreach($this->attrs as $name => $value){
422 $this->saved_attributes[$name] = $value;
423 }
424 }
426 /* Check formular input */
427 function check()
428 {
429 $message= array();
431 /* Skip if we've no config object */
432 if (!isset($this->config) || !is_object($this->config)){
433 return $message;
434 }
436 /* Find hooks entries for this class */
437 $command= $this->config->search(get_class($this), "CHECK", array('menu', 'tabs'));
439 if ($command != ""){
441 if (!check_command($command)){
442 $message[]= sprintf(_("Command '%s', specified as CHECK hook for plugin '%s' doesn't seem to exist."), $command,
443 get_class($this));
444 } else {
446 /* Generate "ldif" for check hook */
447 $ldif= "dn: $this->dn\n";
449 /* ... objectClasses */
450 foreach ($this->objectclasses as $oc){
451 $ldif.= "objectClass: $oc\n";
452 }
454 /* ... attributes */
455 foreach ($this->attributes as $attr){
456 if ($this->$attr == ""){
457 continue;
458 }
459 if (is_array($this->$attr)){
460 foreach ($this->$attr as $val){
461 $ldif.= "$attr: $val\n";
462 }
463 } else {
464 $ldif.= "$attr: ".$this->$attr."\n";
465 }
466 }
468 /* Append empty line */
469 $ldif.= "\n";
471 /* Feed "ldif" into hook and retrieve result*/
472 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
473 $fh= proc_open($command, $descriptorspec, $pipes);
474 if (is_resource($fh)) {
475 fwrite ($pipes[0], $ldif);
476 fclose($pipes[0]);
478 $result= stream_get_contents($pipes[1]);
479 if ($result != ""){
480 $message[]= $result;
481 }
483 fclose($pipes[1]);
484 fclose($pipes[2]);
485 proc_close($fh);
486 }
487 }
489 }
491 /* Check entryCSN */
492 if($this->CSN_check_active){
493 $current_csn = getEntryCSN($this->dn);
494 if($current_csn != $this->entryCSN && !empty($this->entryCSN) && !empty($current_csn)){
495 $this->entryCSN = $current_csn;
496 $message[] = _("The object has changed since opened in GOsa. Please ensure that nobody has done serious changes that may get lost if you save this entry.");
497 }
498 }
499 return ($message);
500 }
502 /* Adapt from template, using 'dn' */
503 function adapt_from_template($dn)
504 {
505 /* Include global link_info */
506 $ldap= $this->config->get_ldap_link();
508 /* Load requested 'dn' to 'attrs' */
509 $ldap->cat ($dn);
510 $this->attrs= $ldap->fetch();
512 /* Walk through attributes */
513 foreach ($this->attributes as $val){
515 if (isset($this->attrs["$val"][0])){
517 /* If attribute is set, replace dynamic parts:
518 %sn, %givenName and %uid. Fill these in our local variables. */
519 $value= $this->attrs["$val"][0];
521 foreach (array("sn", "givenName", "uid") as $repl){
522 if (preg_match("/%$repl/i", $value)){
523 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
524 }
525 }
526 $this->$val= $value;
527 }
528 }
530 /* Is Account? */
531 $found= TRUE;
532 foreach ($this->objectclasses as $obj){
533 if (preg_match('/top/i', $obj)){
534 continue;
535 }
536 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
537 $found= FALSE;
538 break;
539 }
540 }
541 if ($found){
542 $this->is_account= TRUE;
543 }
544 }
546 /* Indicate whether a password change is needed or not */
547 function password_change_needed()
548 {
549 return FALSE;
550 }
553 /* Show header message for tab dialogs */
554 function show_enable_header($button_text, $text, $disabled= FALSE)
555 {
556 if (($disabled == TRUE) || (!$this->acl_is_createable())){
557 $state= "disabled";
558 } else {
559 $state= "";
560 }
561 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
562 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
563 "><p class=\"seperator\"> </p></td></tr></table>";
565 return($display);
566 }
569 /* Show header message for tab dialogs */
570 function show_disable_header($button_text, $text, $disabled= FALSE)
571 {
572 if (($disabled == TRUE) || !$this->acl_is_removeable()){
573 $state= "disabled";
574 } else {
575 $state= "";
576 }
577 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
578 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
579 "><p class=\"seperator\"> </p></td></tr></table>";
581 return($display);
582 }
585 /* Show header message for tab dialogs */
586 function show_header($button_text, $text, $disabled= FALSE)
587 {
588 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
589 if ($disabled == TRUE){
590 $state= "disabled";
591 } else {
592 $state= "";
593 }
594 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
595 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
596 ($this->acl_is_createable()?'':'disabled')." ".$state.
597 "><p class=\"seperator\"> </p></td></tr></table>";
599 return($display);
600 }
603 function postcreate($add_attrs= array())
604 {
605 /* Find postcreate entries for this class */
606 $command= $this->config->search(get_class($this), "POSTCREATE",array('menu', 'tabs'));
608 if ($command != ""){
610 /* Additional attributes */
611 foreach ($add_attrs as $name => $value){
612 $command= preg_replace("/%$name/", $value, $command);
613 }
615 /* Walk through attribute list */
616 foreach ($this->attributes as $attr){
617 if (!is_array($this->$attr)){
618 $command= preg_replace("/%$attr/", $this->$attr, $command);
619 }
620 }
621 $command= preg_replace("/%dn/", $this->dn, $command);
623 if (check_command($command)){
624 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
625 $command, "Execute");
627 exec($command);
628 } else {
629 $message= sprintf(_("Command '%s', specified as POSTCREATE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
630 print_red ($message);
631 }
632 }
633 }
635 function postmodify($add_attrs= array())
636 {
637 /* Find postcreate entries for this class */
638 $command= $this->config->search(get_class($this), "POSTMODIFY",array('menu','tabs'));
640 if ($command != ""){
642 /* Additional attributes */
643 foreach ($add_attrs as $name => $value){
644 $command= preg_replace("/%$name/", $value, $command);
645 }
647 /* Walk through attribute list */
648 foreach ($this->attributes as $attr){
649 if (!is_array($this->$attr)){
650 $command= preg_replace("/%$attr/", $this->$attr, $command);
651 }
652 }
653 $command= preg_replace("/%dn/", $this->dn, $command);
655 if (check_command($command)){
656 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
657 $command, "Execute");
659 exec($command);
660 } else {
661 $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, get_class($this));
662 print_red ($message);
663 }
664 }
665 }
667 function postremove($add_attrs= array())
668 {
669 /* Find postremove entries for this class */
670 $command= $this->config->search(get_class($this), "POSTREMOVE",array('menu','tabs'));
671 if ($command != ""){
673 /* Additional attributes */
674 foreach ($add_attrs as $name => $value){
675 $command= preg_replace("/%$name/", $value, $command);
676 }
678 /* Walk through attribute list */
679 foreach ($this->attributes as $attr){
680 if (!is_array($this->$attr)){
681 $command= preg_replace("/%$attr/", $this->$attr, $command);
682 }
683 }
684 $command= preg_replace("/%dn/", $this->dn, $command);
686 /* Additional attributes */
687 foreach ($add_attrs as $name => $value){
688 $command= preg_replace("/%$name/", $value, $command);
689 }
691 if (check_command($command)){
692 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
693 $command, "Execute");
695 exec($command);
696 } else {
697 $message= sprintf(_("Command '%s', specified as POSTREMOVE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
698 print_red ($message);
699 }
700 }
701 }
703 /* Create unique DN */
704 function create_unique_dn($attribute, $base)
705 {
706 $ldap= $this->config->get_ldap_link();
707 $base= preg_replace("/^,*/", "", $base);
709 /* Try to use plain entry first */
710 $dn= "$attribute=".$this->$attribute.",$base";
711 $ldap->cat ($dn, array('dn'));
712 if (!$ldap->fetch()){
713 return ($dn);
714 }
716 /* Look for additional attributes */
717 foreach ($this->attributes as $attr){
718 if ($attr == $attribute || $this->$attr == ""){
719 continue;
720 }
722 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
723 $ldap->cat ($dn, array('dn'));
724 if (!$ldap->fetch()){
725 return ($dn);
726 }
727 }
729 /* None found */
730 return ("none");
731 }
733 function rebind($ldap, $referral)
734 {
735 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
736 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
737 $this->error = "Success";
738 $this->hascon=true;
739 $this->reconnect= true;
740 return (0);
741 } else {
742 $this->error = "Could not bind to " . $credentials['ADMIN'];
743 return NULL;
744 }
745 }
748 /* Recursively copy ldap object */
749 function _copy($src_dn,$dst_dn)
750 {
751 $ldap=$this->config->get_ldap_link();
752 $ldap->cat($src_dn);
753 $attrs= $ldap->fetch();
755 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
756 $ds= ldap_connect($this->config->current['SERVER']);
757 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
758 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
759 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
760 }
762 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
763 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
765 /* Fill data from LDAP */
766 $new= array();
767 if ($sr) {
768 $ei=ldap_first_entry($ds, $sr);
769 if ($ei) {
770 foreach($attrs as $attr => $val){
771 if ($info = @ldap_get_values_len($ds, $ei, $attr)){
772 for ($i= 0; $i<$info['count']; $i++){
773 if ($info['count'] == 1){
774 $new[$attr]= $info[$i];
775 } else {
776 $new[$attr][]= $info[$i];
777 }
778 }
779 }
780 }
781 }
782 }
784 /* close conncetion */
785 ldap_unbind($ds);
787 /* Adapt naming attribute */
788 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
789 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
790 $new[$dst_name]= @LDAP::fix($dst_val);
792 /* Check if this is a department.
793 * If it is a dep. && there is a , override in his ou
794 * change \2C to , again, else this entry can't be saved ...
795 */
796 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
797 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
798 }
800 /* Save copy */
801 $ldap->connect();
802 $ldap->cd($this->config->current['BASE']);
804 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
806 /* FAIvariable=.../..., cn=..
807 could not be saved, because the attribute FAIvariable was different to
808 the dn FAIvariable=..., cn=... */
809 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
810 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
811 }
812 $ldap->cd($dst_dn);
813 $ldap->add($new);
815 if ($ldap->error != "Success"){
816 trigger_error("Trying to save $dst_dn failed.",
817 E_USER_WARNING);
818 return(FALSE);
819 }
820 return(TRUE);
821 }
824 /* This is a workaround function. */
825 function copy($src_dn, $dst_dn)
826 {
827 /* Rename dn in possible object groups */
828 $ldap= $this->config->get_ldap_link();
829 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($src_dn).'))',
830 array('cn'));
831 while ($attrs= $ldap->fetch()){
832 $og= new ogroup($this->config, $ldap->getDN());
833 unset($og->member[$src_dn]);
834 $og->member[$dst_dn]= $dst_dn;
835 $og->save ();
836 }
838 $ldap->cat($dst_dn);
839 $attrs= $ldap->fetch();
840 if (count($attrs)){
841 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
842 E_USER_WARNING);
843 return (FALSE);
844 }
846 $ldap->cat($src_dn);
847 $attrs= $ldap->fetch();
848 if (!count($attrs)){
849 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
850 E_USER_WARNING);
851 return (FALSE);
852 }
854 $ldap->cd($src_dn);
855 $ldap->search("objectClass=*",array("dn"));
856 while($attrs = $ldap->fetch()){
857 $src = $attrs['dn'];
858 $dst = preg_replace("/".normalizePreg($src_dn)."$/",$dst_dn,$attrs['dn']);
859 $this->_copy($src,$dst);
860 }
861 return (TRUE);
862 }
865 function move($src_dn, $dst_dn)
866 {
867 /* Copy source to destination */
868 if (!$this->copy($src_dn, $dst_dn)){
869 return (FALSE);
870 }
872 /* Delete source */
873 $ldap= $this->config->get_ldap_link();
874 $ldap->rmdir_recursive($src_dn);
875 if ($ldap->error != "Success"){
876 trigger_error("Trying to delete $src_dn failed.",
877 E_USER_WARNING);
878 return (FALSE);
879 }
881 return (TRUE);
882 }
885 /* Move/Rename complete trees */
886 function recursive_move($src_dn, $dst_dn)
887 {
888 /* Check if the destination entry exists */
889 $ldap= $this->config->get_ldap_link();
891 /* Check if destination exists - abort */
892 $ldap->cat($dst_dn, array('dn'));
893 if ($ldap->fetch()){
894 trigger_error("recursive_move $dst_dn already exists.",
895 E_USER_WARNING);
896 return (FALSE);
897 }
899 /* Perform a search for all objects to be moved */
900 $objects= array();
901 $ldap->cd($src_dn);
902 $ldap->search("(objectClass=*)", array("dn"));
903 while($attrs= $ldap->fetch()){
904 $dn= $attrs['dn'];
905 $objects[$dn]= strlen($dn);
906 }
908 /* Sort objects by indent level */
909 asort($objects);
910 reset($objects);
912 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
913 foreach ($objects as $object => $len){
914 $src= $object;
915 $dst= preg_replace("/$src_dn$/", "$dst_dn", $object);
916 if (!$this->copy($src, $dst)){
917 return (FALSE);
918 }
919 }
921 /* Remove src_dn */
922 $ldap->cd($src_dn);
923 $ldap->recursive_remove();
924 return (TRUE);
925 }
928 function handle_post_events($mode, $add_attrs= array())
929 {
930 switch ($mode){
931 case "add":
932 $this->postcreate($add_attrs);
933 break;
935 case "modify":
936 $this->postmodify($add_attrs);
937 break;
939 case "remove":
940 $this->postremove($add_attrs);
941 break;
942 }
943 }
946 function saveCopyDialog(){
947 }
950 function getCopyDialog(){
951 return(array("string"=>"","status"=>""));
952 }
955 function PrepareForCopyPaste($source)
956 {
957 $todo = $this->attributes;
958 if(isset($this->CopyPasteVars)){
959 $todo = array_merge($todo,$this->CopyPasteVars);
960 }
962 if(count($this->objectclasses)){
963 $this->is_account = TRUE;
964 foreach($this->objectclasses as $class){
965 if(!in_array($class,$source['objectClass'])){
966 $this->is_account = FALSE;
967 }
968 }
969 }
971 foreach($todo as $var){
972 if (isset($source[$var])){
973 if(isset($source[$var]['count'])){
974 if($source[$var]['count'] > 1){
975 $this->$var = array();
976 $tmp = array();
977 for($i = 0 ; $i < $source[$var]['count']; $i++){
978 $tmp = $source[$var][$i];
979 }
980 $this->$var = $tmp;
981 # echo $var."=".$tmp."<br>";
982 }else{
983 $this->$var = $source[$var][0];
984 # echo $var."=".$source[$var][0]."<br>";
985 }
986 }else{
987 $this->$var= $source[$var];
988 # echo $var."=".$source[$var]."<br>";
989 }
990 }
991 }
992 }
995 function handle_object_tagging($dn= "", $tag= "", $show= false)
996 {
997 //FIXME: How to optimize this? We have at least two
998 // LDAP accesses per object. It would be a good
999 // idea to have it integrated.
1001 /* No dn? Self-operation... */
1002 if ($dn == ""){
1003 $dn= $this->dn;
1005 /* No tag? Find it yourself... */
1006 if ($tag == ""){
1007 $len= strlen($dn);
1009 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
1010 $relevant= array();
1011 foreach ($this->config->adepartments as $key => $ntag){
1013 /* This one is bigger than our dn, its not relevant... */
1014 if ($len <= strlen($key)){
1015 continue;
1016 }
1018 /* This one matches with the latter part. Break and don't fix this entry */
1019 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
1020 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
1021 $relevant[strlen($key)]= $ntag;
1022 continue;
1023 }
1025 }
1027 /* If we've some relevant tags to set, just get the longest one */
1028 if (count($relevant)){
1029 ksort($relevant);
1030 $tmp= array_keys($relevant);
1031 $idx= end($tmp);
1032 $tag= $relevant[$idx];
1033 $this->gosaUnitTag= $tag;
1034 }
1035 }
1036 }
1039 /* Set tag? */
1040 if ($tag != ""){
1041 /* Set objectclass and attribute */
1042 $ldap= $this->config->get_ldap_link();
1043 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
1044 $attrs= $ldap->fetch();
1045 if(isset($attrs['gosaUnitTag'][0]) && $attrs['gosaUnitTag'][0] == $tag){
1046 if ($show) {
1047 echo sprintf(_("Object '%s' is already tagged"), @LDAP::fix($dn))."<br>";
1048 flush();
1049 }
1050 return;
1051 }
1052 if (count($attrs)){
1053 if ($show){
1054 echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."<br>";
1055 flush();
1056 }
1057 $nattrs= array("gosaUnitTag" => $tag);
1058 $nattrs['objectClass']= array();
1059 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
1060 $oc= $attrs['objectClass'][$i];
1061 if ($oc != "gosaAdministrativeUnitTag"){
1062 $nattrs['objectClass'][]= $oc;
1063 }
1064 }
1065 $nattrs['objectClass'][]= "gosaAdministrativeUnitTag";
1066 $ldap->cd($dn);
1067 $ldap->modify($nattrs);
1068 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
1069 } else {
1070 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging");
1071 }
1073 } else {
1074 /* Remove objectclass and attribute */
1075 $ldap= $this->config->get_ldap_link();
1076 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
1077 $attrs= $ldap->fetch();
1078 if (isset($attrs['objectClass']) && !in_array_ics("gosaAdministrativeUnitTag", $attrs['objectClass'])){
1079 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "$dn is not tagged", "Tagging");
1080 return;
1081 }
1082 if (count($attrs)){
1083 if ($show){
1084 echo sprintf(_("Removing tag from object '%s'"), @LDAP::fix($dn))."<br>";
1085 flush();
1086 }
1087 $nattrs= array("gosaUnitTag" => array());
1088 $nattrs['objectClass']= array();
1089 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
1090 $oc= $attrs['objectClass'][$i];
1091 if ($oc != "gosaAdministrativeUnitTag"){
1092 $nattrs['objectClass'][]= $oc;
1093 }
1094 }
1095 $ldap->cd($dn);
1096 $ldap->modify($nattrs);
1097 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
1098 } else {
1099 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging");
1100 }
1101 }
1103 }
1106 /* Add possibility to stop remove process */
1107 function allow_remove()
1108 {
1109 $reason= "";
1110 return $reason;
1111 }
1114 /* Create a snapshot of the current object */
1115 function create_snapshot($type= "snapshot", $description= array())
1116 {
1118 /* Check if snapshot functionality is enabled */
1119 if(!$this->snapshotEnabled()){
1120 return;
1121 }
1123 /* Get configuration from gosa.conf */
1124 $tmp = $this->config->current;
1126 /* Create lokal ldap connection */
1127 $ldap= $this->config->get_ldap_link();
1128 $ldap->cd($this->config->current['BASE']);
1130 /* check if there are special server configurations for snapshots */
1131 if(!isset($tmp['SNAPSHOT_SERVER'])){
1133 /* Source and destination server are both the same, just copy source to dest obj */
1134 $ldap_to = $ldap;
1135 $snapldapbase = $this->config->current['BASE'];
1137 }else{
1138 $server = $tmp['SNAPSHOT_SERVER'];
1139 $user = $tmp['SNAPSHOT_USER'];
1140 $password = $tmp['SNAPSHOT_PASSWORD'];
1141 $snapldapbase = $tmp['SNAPSHOT_BASE'];
1143 $ldap_to = new LDAP($user,$password, $server);
1144 $ldap_to -> cd($snapldapbase);
1145 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1146 }
1148 /* check if the dn exists */
1149 if ($ldap->dn_exists($this->dn)){
1151 /* Extract seconds & mysecs, they are used as entry index */
1152 list($usec, $sec)= explode(" ", microtime());
1154 /* Collect some infos */
1155 $base = $this->config->current['BASE'];
1156 $snap_base = $tmp['SNAPSHOT_BASE'];
1157 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1158 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1160 /* Create object */
1161 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1162 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1163 $newName = preg_replace("/\./", "", $sec."-".$usec);
1164 $target= array();
1165 $target['objectClass'] = array("top", "gosaSnapshotObject");
1166 $target['gosaSnapshotData'] = gzcompress($data, 6);
1167 $target['gosaSnapshotType'] = $type;
1168 $target['gosaSnapshotDN'] = $this->dn;
1169 $target['description'] = $description;
1170 $target['gosaSnapshotTimestamp'] = $newName;
1172 /* Insert the new snapshot
1173 But we have to check first, if the given gosaSnapshotTimestamp
1174 is already used, in this case we should increment this value till there is
1175 an unused value. */
1176 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1177 $ldap_to->cat($new_dn);
1178 while($ldap_to->count()){
1179 $ldap_to->cat($new_dn);
1180 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1181 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1182 $target['gosaSnapshotTimestamp'] = $newName;
1183 }
1185 /* Inset this new snapshot */
1186 $ldap_to->cd($snapldapbase);
1187 $ldap_to->create_missing_trees($snapldapbase);
1188 $ldap_to->create_missing_trees($new_base);
1189 $ldap_to->cd($new_dn);
1190 $ldap_to->add($target);
1192 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1193 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1194 }
1195 }
1197 function remove_snapshot($dn)
1198 {
1199 $ui = get_userinfo();
1200 $old_dn = $this->dn;
1201 $this->dn = $dn;
1202 $ldap = $this->config->get_ldap_link();
1203 $ldap->cd($this->config->current['BASE']);
1204 $ldap->rmdir_recursive($dn);
1205 $this->dn = $old_dn;
1206 }
1209 /* returns true if snapshots are enabled, and false if it is disalbed
1210 There will also be some errors psoted, if the configuration failed */
1211 function snapshotEnabled()
1212 {
1213 $tmp = $this->config->current;
1214 if(isset($tmp['ENABLE_SNAPSHOT'])){
1215 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1217 /* Check if the snapshot_base is defined */
1218 if(!isset($tmp['SNAPSHOT_BASE'])){
1219 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),"SNAPSHOT_BASE"));
1220 return(FALSE);
1221 }
1223 /* check if there are special server configurations for snapshots */
1224 if(isset($tmp['SNAPSHOT_SERVER'])){
1226 /* check if all required vars are available to create a new ldap connection */
1227 $missing = "";
1228 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_BASE") as $var){
1229 if(!isset($tmp[$var])){
1230 $missing .= $var." ";
1231 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing));
1232 return(FALSE);
1233 }
1234 }
1235 }
1236 return(TRUE);
1237 }
1238 }
1239 return(FALSE);
1240 }
1243 /* Return available snapshots for the given base
1244 */
1245 function Available_SnapsShots($dn,$raw = false)
1246 {
1247 if(!$this->snapshotEnabled()) return(array());
1249 /* Create an additional ldap object which
1250 points to our ldap snapshot server */
1251 $ldap= $this->config->get_ldap_link();
1252 $ldap->cd($this->config->current['BASE']);
1253 $cfg= &$this->config->current;
1255 /* check if there are special server configurations for snapshots */
1257 if(isset($cfg['SERVER']) && isset($cfg['SNAPSHOT_SERVER']) && $cfg['SERVER'] == $cfg['SNAPSHOT_SERVER']){
1258 $ldap_to = $ldap;
1259 }elseif(isset($cfg['SNAPSHOT_SERVER'])){
1260 $server = $cfg['SNAPSHOT_SERVER'];
1261 $user = $cfg['SNAPSHOT_USER'];
1262 $password = $cfg['SNAPSHOT_PASSWORD'];
1263 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1265 $ldap_to = new LDAP($user,$password, $server);
1266 $ldap_to -> cd ($snapldapbase);
1267 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1268 }else{
1269 $ldap_to = $ldap;
1270 }
1272 /* Prepare bases and some other infos */
1273 $base = $this->config->current['BASE'];
1274 $snap_base = $cfg['SNAPSHOT_BASE'];
1275 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1276 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1277 $tmp = array();
1279 /* Fetch all objects with gosaSnapshotDN=$dn */
1280 $ldap_to->cd($new_base);
1281 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1282 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1284 /* Put results into a list and add description if missing */
1285 while($entry = $ldap_to->fetch()){
1286 if(!isset($entry['description'][0])){
1287 $entry['description'][0] = "";
1288 }
1289 $tmp[] = $entry;
1290 }
1292 /* Return the raw array, or format the result */
1293 if($raw){
1294 return($tmp);
1295 }else{
1296 $tmp2 = array();
1297 foreach($tmp as $entry){
1298 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1299 }
1300 }
1301 return($tmp2);
1302 }
1305 function getAllDeletedSnapshots($base_of_object,$raw = false)
1306 {
1307 if(!$this->snapshotEnabled()) return(array());
1309 /* Create an additional ldap object which
1310 points to our ldap snapshot server */
1311 $ldap= $this->config->get_ldap_link();
1312 $ldap->cd($this->config->current['BASE']);
1313 $cfg= &$this->config->current;
1315 /* check if there are special server configurations for snapshots */
1316 if(isset($cfg['SNAPSHOT_SERVER'])){
1317 $server = $cfg['SNAPSHOT_SERVER'];
1318 $user = $cfg['SNAPSHOT_USER'];
1319 $password = $cfg['SNAPSHOT_PASSWORD'];
1320 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1321 $ldap_to = new LDAP($user,$password, $server);
1322 $ldap_to->cd ($snapldapbase);
1323 show_ldap_error($ldap_to->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1324 }else{
1325 $ldap_to = $ldap;
1326 }
1328 /* Prepare bases */
1329 $base = $this->config->current['BASE'];
1330 $snap_base = $cfg['SNAPSHOT_BASE'];
1331 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1333 /* Fetch all objects and check if they do not exist anymore */
1334 $ui = get_userinfo();
1335 $tmp = array();
1336 $ldap_to->cd($new_base);
1337 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1338 while($entry = $ldap_to->fetch()){
1340 $chk = str_replace($new_base,"",$entry['dn']);
1341 if(preg_match("/,ou=/",$chk)) continue;
1343 if(!isset($entry['description'][0])){
1344 $entry['description'][0] = "";
1345 }
1346 $tmp[] = $entry;
1347 }
1349 /* Check if entry still exists */
1350 foreach($tmp as $key => $entry){
1351 $ldap->cat($entry['gosaSnapshotDN'][0]);
1352 if($ldap->count()){
1353 unset($tmp[$key]);
1354 }
1355 }
1357 /* Format result as requested */
1358 if($raw) {
1359 return($tmp);
1360 }else{
1361 $tmp2 = array();
1362 foreach($tmp as $key => $entry){
1363 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1364 }
1365 }
1366 return($tmp2);
1367 }
1370 /* Restore selected snapshot */
1371 function restore_snapshot($dn)
1372 {
1373 if(!$this->snapshotEnabled()) return(array());
1375 $ldap= $this->config->get_ldap_link();
1376 $ldap->cd($this->config->current['BASE']);
1377 $cfg= &$this->config->current;
1379 /* check if there are special server configurations for snapshots */
1380 if(isset($cfg['SNAPSHOT_SERVER'])){
1381 $server = $cfg['SNAPSHOT_SERVER'];
1382 $user = $cfg['SNAPSHOT_USER'];
1383 $password = $cfg['SNAPSHOT_PASSWORD'];
1384 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1385 $ldap_to = new LDAP($user,$password, $server);
1386 $ldap_to->cd ($snapldapbase);
1387 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1388 }else{
1389 $ldap_to = $ldap;
1390 }
1392 /* Get the snapshot */
1393 $ldap_to->cat($dn);
1394 $restoreObject = $ldap_to->fetch();
1396 /* Prepare import string */
1397 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1399 /* Import the given data */
1400 $ldap->import_complete_ldif($data,$err,false,false);
1401 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1402 }
1405 function showSnapshotDialog($base,$baseSuffixe)
1406 {
1407 $once = true;
1408 foreach($_POST as $name => $value){
1410 /* Create a new snapshot, display a dialog */
1411 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1412 $once = false;
1413 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1414 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1415 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1416 }
1418 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1419 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1420 $once = false;
1421 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1422 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1423 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1424 $this->snapDialog->display_restore_dialog = true;
1425 }
1427 /* Restore one of the already deleted objects */
1428 if(((isset($_POST['menu_action']) && $_POST['menu_action'] == "RestoreDeletedSnapShot")
1429 || preg_match("/^RestoreDeletedSnapShot_/",$name)) && $once){
1430 $once = false;
1431 $this->snapDialog = new SnapShotDialog($this->config,"",$this);
1432 $this->snapDialog->set_snapshot_bases($baseSuffixe);
1433 $this->snapDialog->display_restore_dialog = true;
1434 $this->snapDialog->display_all_removed_objects = true;
1435 }
1437 /* Restore selected snapshot */
1438 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1439 $once = false;
1440 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1441 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1442 if(!empty($entry)){
1443 $this->restore_snapshot($entry);
1444 $this->snapDialog = NULL;
1445 }
1446 }
1447 }
1449 /* Create a new snapshot requested, check
1450 the given attributes and create the snapshot*/
1451 if(isset($_POST['CreateSnapshot']) && is_object($this->snapDialog)){
1452 $this->snapDialog->save_object();
1453 $msgs = $this->snapDialog->check();
1454 if(count($msgs)){
1455 foreach($msgs as $msg){
1456 print_red($msg);
1457 }
1458 }else{
1459 $this->dn = $this->snapDialog->dn;
1460 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1461 $this->snapDialog = NULL;
1462 }
1463 }
1465 /* Restore is requested, restore the object with the posted dn .*/
1466 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1467 }
1469 if(isset($_POST['CancelSnapshot'])){
1470 $this->snapDialog = NULL;
1471 }
1473 if(is_object($this->snapDialog )){
1474 $this->snapDialog->save_object();
1475 return($this->snapDialog->execute());
1476 }
1477 }
1480 static function plInfo()
1481 {
1482 return array();
1483 }
1486 function set_acl_base($base)
1487 {
1488 $this->acl_base= $base;
1489 }
1492 function set_acl_category($category)
1493 {
1494 $this->acl_category= "$category/";
1495 }
1498 function acl_is_writeable($attribute,$skip_write = FALSE)
1499 {
1500 $ui= get_userinfo();
1501 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1502 }
1505 function acl_is_readable($attribute)
1506 {
1507 $ui= get_userinfo();
1508 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1509 }
1512 function acl_is_createable()
1513 {
1514 $ui= get_userinfo();
1515 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1516 }
1519 function acl_is_removeable()
1520 {
1521 $ui= get_userinfo();
1522 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1523 }
1526 function acl_is_moveable()
1527 {
1528 $ui= get_userinfo();
1529 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1530 }
1533 function acl_have_any_permissions()
1534 {
1535 }
1538 function getacl($attribute,$skip_write= FALSE)
1539 {
1540 $ui= get_userinfo();
1541 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1542 }
1544 /* Get all allowed bases to move an object to or to create a new object.
1545 Idepartments also contains all base departments which lead to the allowed bases */
1546 function get_allowed_bases($category = "")
1547 {
1548 $ui = get_userinfo();
1549 $deps = array();
1551 /* Set category */
1552 if(empty($category)){
1553 $category = $this->acl_category.get_class($this);
1554 }
1556 /* Is this a new object ? Or just an edited existing object */
1557 if(!$this->initially_was_account && $this->is_account){
1558 $new = true;
1559 }else{
1560 $new = false;
1561 }
1563 $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
1564 foreach($this->config->idepartments as $dn => $name){
1566 if(!in_array_ics($dn,$cat_bases)){
1567 continue;
1568 }
1570 $acl = $ui->get_permissions($dn,$category);
1571 if($new && preg_match("/c/",$acl)){
1572 $deps[$dn] = $name;
1573 }elseif(!$new && preg_match("/m/",$acl)){
1574 $deps[$dn] = $name;
1575 }
1576 }
1578 /* Add current base */
1579 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1580 $deps[$this->base] = $this->config->idepartments[$this->base];
1581 }else{
1582 echo "No default base found. ".$this->base."<br> ";
1583 }
1585 return($deps);
1586 }
1588 /* This function modifies object acls too, if an object is moved.
1589 * $old_dn specifies the actually used dn
1590 * $new_dn specifies the destiantion dn
1591 */
1592 function update_acls($old_dn,$new_dn,$output_changes = FALSE)
1593 {
1594 /* Check if old_dn is empty. This should never happen */
1595 if(empty($old_dn) || empty($new_dn)){
1596 trigger_error("Failed to check acl dependencies, wrong dn given.");
1597 return;
1598 }
1600 /* Update userinfo if necessary */
1601 if($_SESSION['ui']->dn == $old_dn){
1602 $_SESSION['ui']->dn = $new_dn;
1603 new log("view","acl/".get_class($this),$this->dn,array(),"Updated current user dn from '".$old_dn."' to '".$new_dn."'");
1604 }
1606 /* Object was moved, ensure that all acls will be moved too */
1607 if($new_dn != $old_dn && $old_dn != "new"){
1609 /* get_ldap configuration */
1610 $update = array();
1611 $ldap = $this->config->get_ldap_link();
1612 $ldap->cd ($this->config->current['BASE']);
1613 $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry"));
1614 while($attrs = $ldap->fetch()){
1616 $acls = array();
1618 /* Walk through acls */
1619 for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){
1621 /* Reset vars */
1622 $found = false;
1624 /* Get Acl parts */
1625 $acl_parts = split(":",$attrs['gosaAclEntry'][$i]);
1627 /* Get every single member for this acl */
1628 $members = array();
1629 if(preg_match("/,/",$acl_parts[2])){
1630 $members = split(",",$acl_parts[2]);
1631 }else{
1632 $members = array($acl_parts[2]);
1633 }
1635 /* Check if member match current dn */
1636 foreach($members as $key => $member){
1637 $member = base64_decode($member);
1638 if($member == $old_dn){
1639 $found = true;
1640 $members[$key] = base64_encode($new_dn);
1641 }
1642 }
1644 /* Create new member string */
1645 $new_members = "";
1646 foreach($members as $member){
1647 $new_members .= $member.",";
1648 }
1649 $new_members = preg_replace("/,$/","",$new_members);
1650 $acl_parts[2] = $new_members;
1652 /* Reconstruckt acl entry */
1653 $acl_str ="";
1654 foreach($acl_parts as $t){
1655 $acl_str .= $t.":";
1656 }
1657 $acl_str = preg_replace("/:$/","",$acl_str);
1658 }
1660 /* Acls for this object must be adjusted */
1661 if($found){
1663 if($output_changes){
1664 echo "<font color='green'>".
1665 _("Changing ACL dn")." : <br> -"._("from")." <b> ".
1666 $old_dn.
1667 "</b><br> -"._("to")." <b>".
1668 $new_dn.
1669 "</b></font><br>";
1670 }
1671 $update[$attrs['dn']] =array();
1672 foreach($acls as $acl){
1673 $update[$attrs['dn']]['gosaAclEntry'][] = $acl;
1674 }
1675 }
1676 }
1678 /* Write updated acls */
1679 foreach($update as $dn => $attrs){
1680 $ldap->cd($dn);
1681 $ldap->modify($attrs);
1682 }
1683 }
1684 }
1687 function get_multi_edit_values()
1688 {
1689 $ret = array();
1690 foreach($this->selected_edit_values as $attr => $active){
1691 if($active){
1692 $ret[$attr] = $this->$attr;
1693 }
1694 }
1695 return($ret);
1696 }
1699 /* This function enables the entry Serial ID check.
1700 * If an entry was edited while we have edited the entry too,
1701 * an error message will be shown.
1702 * To configure this check correctly read the FAQ.
1703 */
1704 function enable_CSN_check()
1705 {
1706 $this->CSN_check_active =TRUE;
1707 $this->entryCSN = getEntryCSN($this->dn);
1708 }
1711 function set_multi_edit_value()
1712 {
1714 }
1716 }
1718 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1719 ?>