9f92c624b90d15f7ada4db1823710116c196d1c1
1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /*! \brief The plugin base class
22 \author Cajus Pollmeier <pollmeier@gonicus.de>
23 \version 2.00
24 \date 24.07.2003
26 This is the base class for all plugins. It can be used standalone or
27 can be included by the tabs class. All management should be done
28 within this class. Extend your plugins from this class.
29 */
31 class plugin
32 {
33 /*!
34 \brief Reference to parent object
36 This variable is used when the plugin is included in tabs
37 and keeps reference to the tab class. Communication to other
38 tabs is possible by 'name'. So the 'fax' plugin can ask the
39 'userinfo' plugin for the fax number.
41 \sa tab
42 */
43 var $parent= NULL;
45 /*!
46 \brief Configuration container
48 Access to global configuration
49 */
50 var $config= NULL;
52 /*!
53 \brief Mark plugin as account
55 Defines whether this plugin is defined as an account or not.
56 This has consequences for the plugin to be saved from tab
57 mode. If it is set to 'FALSE' the tab will call the delete
58 function, else the save function. Should be set to 'TRUE' if
59 the construtor detects a valid LDAP object.
61 \sa plugin::plugin()
62 */
63 var $is_account= FALSE;
64 var $initially_was_account= FALSE;
66 /*!
67 \brief Mark plugin as template
69 Defines whether we are creating a template or a normal object.
70 Has conseqences on the way execute() shows the formular and how
71 save() puts the data to LDAP.
73 \sa plugin::save() plugin::execute()
74 */
75 var $is_template= FALSE;
76 var $ignore_account= FALSE;
77 var $is_modified= FALSE;
79 /*!
80 \brief Represent temporary LDAP data
82 This is only used internally.
83 */
84 var $attrs= array();
86 /* Keep set of conflicting plugins */
87 var $conflicts= array();
89 /* Save unit tags */
90 var $gosaUnitTag= "";
92 /*!
93 \brief Used standard values
95 dn
96 */
97 var $dn= "";
98 var $uid= "";
99 var $sn= "";
100 var $givenName= "";
101 var $acl= "*none*";
102 var $dialog= FALSE;
103 var $snapDialog = NULL;
105 /* attribute list for save action */
106 var $attributes= array();
107 var $objectclasses= array();
108 var $is_new= TRUE;
109 var $saved_attributes= array();
111 var $acl_base= "";
112 var $acl_category= "";
114 /* Plugin identifier */
115 var $plHeadline= "";
116 var $plDescription= "";
118 /*! \brief plugin constructor
120 If 'dn' is set, the node loads the given 'dn' from LDAP
122 \param dn Distinguished name to initialize plugin from
123 \sa plugin()
124 */
125 function plugin ($config, $dn= NULL, $parent= NULL)
126 {
127 /* Configuration is fine, allways */
128 $this->config= $config;
129 $this->dn= $dn;
131 /* Handle new accounts, don't read information from LDAP */
132 if ($dn == "new"){
133 return;
134 }
136 /* Save current dn as acl_base */
137 $this->acl_base= $dn;
139 /* Get LDAP descriptor */
140 $ldap= $this->config->get_ldap_link();
141 if ($dn != NULL){
143 /* Load data to 'attrs' and save 'dn' */
144 if ($parent != NULL){
145 $this->attrs= $parent->attrs;
146 } else {
147 $ldap->cat ($dn);
148 $this->attrs= $ldap->fetch();
149 }
151 /* Copy needed attributes */
152 foreach ($this->attributes as $val){
153 $found= array_key_ics($val, $this->attrs);
154 if ($found != ""){
155 $this->$val= $this->attrs["$found"][0];
156 }
157 }
159 /* gosaUnitTag loading... */
160 if (isset($this->attrs['gosaUnitTag'][0])){
161 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
162 }
164 /* Set the template flag according to the existence of objectClass
165 gosaUserTemplate */
166 if (isset($this->attrs['objectClass'])){
167 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
168 $this->is_template= TRUE;
169 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
170 "found", "Template check");
171 }
172 }
174 /* Is Account? */
175 error_reporting(0);
176 $found= TRUE;
177 foreach ($this->objectclasses as $obj){
178 if (preg_match('/top/i', $obj)){
179 continue;
180 }
181 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
182 $found= FALSE;
183 break;
184 }
185 }
186 error_reporting(E_ALL);
187 if ($found){
188 $this->is_account= TRUE;
189 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
190 "found", "Object check");
191 }
193 /* Prepare saved attributes */
194 $this->saved_attributes= $this->attrs;
195 foreach ($this->saved_attributes as $index => $value){
196 if (preg_match('/^[0-9]+$/', $index)){
197 unset($this->saved_attributes[$index]);
198 continue;
199 }
200 if (!in_array($index, $this->attributes) && $index != "objectClass"){
201 unset($this->saved_attributes[$index]);
202 continue;
203 }
204 if ($this->saved_attributes[$index]["count"] == 1){
205 $tmp= $this->saved_attributes[$index][0];
206 unset($this->saved_attributes[$index]);
207 $this->saved_attributes[$index]= $tmp;
208 continue;
209 }
211 unset($this->saved_attributes["$index"]["count"]);
212 }
213 }
215 /* Save initial account state */
216 $this->initially_was_account= $this->is_account;
217 }
219 /*! \brief execute plugin
221 Generates the html output for this node
222 */
223 function execute()
224 {
225 gosa_log("ACL ".get_class($this)." - ".$this->acl_category." - ".$this->acl_base);
227 /* This one is empty currently. Fabian - please fill in the docu code */
228 $_SESSION['current_class_for_help'] = get_class($this);
229 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
230 $_SESSION['LOCK_VARS_TO_USE'] =array();
231 }
233 /*! \brief execute plugin
234 Removes object from parent
235 */
236 function remove_from_parent()
237 {
238 /* include global link_info */
239 $ldap= $this->config->get_ldap_link();
241 /* Get current objectClasses in order to add the required ones */
242 $ldap->cat($this->dn);
243 $tmp= $ldap->fetch ();
244 if (isset($tmp['objectClass'])){
245 $oc= $tmp['objectClass'];
246 } else {
247 $oc= array("count" => 0);
248 }
250 /* Remove objectClasses from entry */
251 $ldap->cd($this->dn);
252 $this->attrs= array();
253 $this->attrs['objectClass']= array();
254 for ($i= 0; $i<$oc["count"]; $i++){
255 if (!in_array_ics($oc[$i], $this->objectclasses)){
256 $this->attrs['objectClass'][]= $oc[$i];
257 }
258 }
260 /* Unset attributes from entry */
261 foreach ($this->attributes as $val){
262 $this->attrs["$val"]= array();
263 }
265 /* Unset account info */
266 $this->is_account= FALSE;
268 /* Do not write in plugin base class, this must be done by
269 children, since there are normally additional attribs,
270 lists, etc. */
271 /*
272 $ldap->modify($this->attrs);
273 */
274 }
277 /* Save data to object */
278 function save_object()
279 {
280 /* Save values to object */
281 foreach ($this->attributes as $val){
282 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
283 /* Check for modifications */
284 if (get_magic_quotes_gpc()) {
285 $data= stripcslashes($_POST["$val"]);
286 } else {
287 $data= $this->$val = $_POST["$val"];
288 }
289 if ($this->$val != $data){
290 $this->is_modified= TRUE;
291 }
293 /* Okay, how can I explain this fix ...
294 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
295 * So IE posts these 'unselectable' option, with value = chr(194)
296 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
297 * This was added for W3c compliance, but now causes these ... ldap errors ...
298 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
299 */
300 if(isset($data[0]) && $data[0] == chr(194)) {
301 $data = "";
302 }
303 $this->$val= $data;
304 //echo "<font color='blue'>".$val."</font><br>";
305 }else{
306 //echo "<font color='red'>".$val."</font><br>";
307 }
308 }
309 }
312 /* Save data to LDAP, depending on is_account we save or delete */
313 function save()
314 {
315 /* include global link_info */
316 $ldap= $this->config->get_ldap_link();
318 /* Start with empty array */
319 $this->attrs= array();
321 /* Get current objectClasses in order to add the required ones */
322 $ldap->cat($this->dn);
324 $tmp= $ldap->fetch ();
326 if (isset($tmp['objectClass'])){
327 $oc= $tmp["objectClass"];
328 $this->is_new= FALSE;
329 } else {
330 $oc= array("count" => 0);
331 $this->is_new= TRUE;
332 }
334 /* Load (minimum) attributes, add missing ones */
335 $this->attrs['objectClass']= $this->objectclasses;
336 for ($i= 0; $i<$oc["count"]; $i++){
337 if (!in_array_ics($oc[$i], $this->objectclasses)){
338 $this->attrs['objectClass'][]= $oc[$i];
339 }
340 }
342 /* Copy standard attributes */
343 foreach ($this->attributes as $val){
344 if ($this->$val != ""){
345 $this->attrs["$val"]= $this->$val;
346 } elseif (!$this->is_new) {
347 $this->attrs["$val"]= array();
348 }
349 }
351 }
354 function cleanup()
355 {
356 foreach ($this->attrs as $index => $value){
358 /* Convert arrays with one element to non arrays, if the saved
359 attributes are no array, too */
360 if (is_array($this->attrs[$index]) &&
361 count ($this->attrs[$index]) == 1 &&
362 isset($this->saved_attributes[$index]) &&
363 !is_array($this->saved_attributes[$index])){
365 $tmp= $this->attrs[$index][0];
366 $this->attrs[$index]= $tmp;
367 }
369 /* Remove emtpy arrays if they do not differ */
370 if (is_array($this->attrs[$index]) &&
371 count($this->attrs[$index]) == 0 &&
372 !isset($this->saved_attributes[$index])){
374 unset ($this->attrs[$index]);
375 continue;
376 }
378 /* Remove single attributes that do not differ */
379 if (!is_array($this->attrs[$index]) &&
380 isset($this->saved_attributes[$index]) &&
381 !is_array($this->saved_attributes[$index]) &&
382 $this->attrs[$index] == $this->saved_attributes[$index]){
384 unset ($this->attrs[$index]);
385 continue;
386 }
388 /* Remove arrays that do not differ */
389 if (is_array($this->attrs[$index]) &&
390 isset($this->saved_attributes[$index]) &&
391 is_array($this->saved_attributes[$index])){
393 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
394 unset ($this->attrs[$index]);
395 continue;
396 }
397 }
398 }
399 }
401 /* Check formular input */
402 function check()
403 {
404 $message= array();
406 /* Skip if we've no config object */
407 if (!isset($this->config)){
408 return $message;
409 }
411 /* Find hooks entries for this class */
412 $command= search_config($this->config->data['MENU'], get_class($this), "CHECK");
413 if ($command == "" && isset($this->config->data['TABS'])){
414 $command= search_config($this->config->data['TABS'], get_class($this), "CHECK");
415 }
417 if ($command != ""){
419 if (!check_command($command)){
420 $message[]= sprintf(_("Command '%s', specified as CHECK hook for plugin '%s' doesn't seem to exist."), $command,
421 get_class($this));
422 } else {
424 /* Generate "ldif" for check hook */
425 $ldif= "dn: $this->dn\n";
427 /* ... objectClasses */
428 foreach ($this->objectclasses as $oc){
429 $ldif.= "objectClass: $oc\n";
430 }
432 /* ... attributes */
433 foreach ($this->attributes as $attr){
434 if ($this->$attr == ""){
435 continue;
436 }
437 if (is_array($this->$attr)){
438 foreach ($this->$attr as $val){
439 $ldif.= "$attr: $val\n";
440 }
441 } else {
442 $ldif.= "$attr: ".$this->$attr."\n";
443 }
444 }
446 /* Append empty line */
447 $ldif.= "\n";
449 /* Feed "ldif" into hook and retrieve result*/
450 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
451 $fh= proc_open($command, $descriptorspec, $pipes);
452 if (is_resource($fh)) {
453 fwrite ($pipes[0], $ldif);
454 fclose($pipes[0]);
456 $result= stream_get_contents($pipes[1]);
457 if ($result != ""){
458 $message[]= $result;
459 }
461 fclose($pipes[1]);
462 fclose($pipes[2]);
463 proc_close($fh);
464 }
465 }
467 }
469 return ($message);
470 }
472 /* Adapt from template, using 'dn' */
473 function adapt_from_template($dn)
474 {
475 /* Include global link_info */
476 $ldap= $this->config->get_ldap_link();
478 /* Load requested 'dn' to 'attrs' */
479 $ldap->cat ($dn);
480 $this->attrs= $ldap->fetch();
482 /* Walk through attributes */
483 foreach ($this->attributes as $val){
485 if (isset($this->attrs["$val"][0])){
487 /* If attribute is set, replace dynamic parts:
488 %sn, %givenName and %uid. Fill these in our local variables. */
489 $value= $this->attrs["$val"][0];
491 foreach (array("sn", "givenName", "uid") as $repl){
492 if (preg_match("/%$repl/i", $value)){
493 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
494 }
495 }
496 $this->$val= $value;
497 }
498 }
500 /* Is Account? */
501 $found= TRUE;
502 foreach ($this->objectclasses as $obj){
503 if (preg_match('/top/i', $obj)){
504 continue;
505 }
506 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
507 $found= FALSE;
508 break;
509 }
510 }
511 if ($found){
512 $this->is_account= TRUE;
513 }
514 }
516 /* Indicate whether a password change is needed or not */
517 function password_change_needed()
518 {
519 return FALSE;
520 }
523 /* Show header message for tab dialogs */
524 function show_enable_header($button_text, $text, $disabled= FALSE)
525 {
526 if (($disabled == TRUE) || (!$this->acl_is_createable())){
527 $state= "disabled";
528 } else {
529 $state= "";
530 }
531 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
532 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
533 "><p class=\"seperator\"> </p></td></tr></table>";
535 return($display);
536 }
539 /* Show header message for tab dialogs */
540 function show_disable_header($button_text, $text, $disabled= FALSE)
541 {
542 if (($disabled == TRUE) || !$this->acl_is_removeable()){
543 $state= "disabled";
544 } else {
545 $state= "";
546 }
547 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
548 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
549 "><p class=\"seperator\"> </p></td></tr></table>";
551 return($display);
552 }
555 /* Show header message for tab dialogs */
556 function show_header($button_text, $text, $disabled= FALSE)
557 {
558 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
559 if ($disabled == TRUE){
560 $state= "disabled";
561 } else {
562 $state= "";
563 }
564 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
565 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
566 ($this->acl_is_createable()?'':'disabled')." ".$state.
567 "><p class=\"seperator\"> </p></td></tr></table>";
569 return($display);
570 }
573 function postcreate($add_attrs= array())
574 {
575 /* Find postcreate entries for this class */
576 $command= search_config($this->config->data['MENU'], get_class($this), "POSTCREATE");
577 if ($command == "" && isset($this->config->data['TABS'])){
578 $command= search_config($this->config->data['TABS'], get_class($this), "POSTCREATE");
579 }
581 if ($command != ""){
582 /* Walk through attribute list */
583 foreach ($this->attributes as $attr){
584 if (!is_array($this->$attr)){
585 $command= preg_replace("/%$attr/", $this->$attr, $command);
586 }
587 }
588 $command= preg_replace("/%dn/", $this->dn, $command);
590 /* Additional attributes */
591 foreach ($add_attrs as $name => $value){
592 $command= preg_replace("/%$name/", $value, $command);
593 }
595 if (check_command($command)){
596 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
597 $command, "Execute");
599 exec($command);
600 } else {
601 $message= sprintf(_("Command '%s', specified as POSTCREATE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
602 print_red ($message);
603 }
604 }
605 }
607 function postmodify($add_attrs= array())
608 {
609 /* Find postcreate entries for this class */
610 $command= search_config($this->config->data['MENU'], get_class($this), "POSTMODIFY");
611 if ($command == "" && isset($this->config->data['TABS'])){
612 $command= search_config($this->config->data['TABS'], get_class($this), "POSTMODIFY");
613 }
615 if ($command != ""){
616 /* Walk through attribute list */
617 foreach ($this->attributes as $attr){
618 if (!is_array($this->$attr)){
619 $command= preg_replace("/%$attr/", $this->$attr, $command);
620 }
621 }
622 $command= preg_replace("/%dn/", $this->dn, $command);
624 /* Additional attributes */
625 foreach ($add_attrs as $name => $value){
626 $command= preg_replace("/%$name/", $value, $command);
627 }
629 if (check_command($command)){
630 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
631 $command, "Execute");
633 exec($command);
634 } else {
635 $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, get_class($this));
636 print_red ($message);
637 }
638 }
639 }
641 function postremove($add_attrs= array())
642 {
643 /* Find postremove entries for this class */
644 $command= search_config($this->config->data['MENU'], get_class($this), "POSTREMOVE");
645 if ($command == "" && isset($this->config->data['TABS'])){
646 $command= search_config($this->config->data['TABS'], get_class($this), "POSTREMOVE");
647 }
649 if ($command != ""){
650 /* Walk through attribute list */
651 foreach ($this->attributes as $attr){
652 if (!is_array($this->$attr)){
653 $command= preg_replace("/%$attr/", $this->$attr, $command);
654 }
655 }
656 $command= preg_replace("/%dn/", $this->dn, $command);
658 /* Additional attributes */
659 foreach ($add_attrs as $name => $value){
660 $command= preg_replace("/%$name/", $value, $command);
661 }
663 if (check_command($command)){
664 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
665 $command, "Execute");
667 exec($command);
668 } else {
669 $message= sprintf(_("Command '%s', specified as POSTREMOVE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
670 print_red ($message);
671 }
672 }
673 }
675 /* Create unique DN */
676 function create_unique_dn($attribute, $base)
677 {
678 $ldap= $this->config->get_ldap_link();
679 $base= preg_replace("/^,*/", "", $base);
681 /* Try to use plain entry first */
682 $dn= "$attribute=".$this->$attribute.",$base";
683 $ldap->cat ($dn, array('dn'));
684 if (!$ldap->fetch()){
685 return ($dn);
686 }
688 /* Look for additional attributes */
689 foreach ($this->attributes as $attr){
690 if ($attr == $attribute || $this->$attr == ""){
691 continue;
692 }
694 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
695 $ldap->cat ($dn, array('dn'));
696 if (!$ldap->fetch()){
697 return ($dn);
698 }
699 }
701 /* None found */
702 return ("none");
703 }
705 function rebind($ldap, $referral)
706 {
707 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
708 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
709 $this->error = "Success";
710 $this->hascon=true;
711 $this->reconnect= true;
712 return (0);
713 } else {
714 $this->error = "Could not bind to " . $credentials['ADMIN'];
715 return NULL;
716 }
717 }
719 /* This is a workaround function. */
720 function copy($src_dn, $dst_dn)
721 {
722 /* Rename dn in possible object groups */
723 $ldap= $this->config->get_ldap_link();
724 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($src_dn).'))',
725 array('cn'));
726 while ($attrs= $ldap->fetch()){
727 $og= new ogroup($this->config, $ldap->getDN());
728 unset($og->member[$src_dn]);
729 $og->member[$dst_dn]= $dst_dn;
730 $og->save ();
731 }
733 $ldap->cat($dst_dn);
734 $attrs= $ldap->fetch();
735 if (count($attrs)){
736 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
737 E_USER_WARNING);
738 return (FALSE);
739 }
741 $ldap->cat($src_dn);
742 $attrs= $ldap->fetch();
743 if (!count($attrs)){
744 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
745 E_USER_WARNING);
746 return (FALSE);
747 }
749 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
750 $ds= ldap_connect($this->config->current['SERVER']);
751 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
752 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
753 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
754 }
756 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
757 error_reporting (0);
758 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
760 /* Fill data from LDAP */
761 $new= array();
762 if ($sr) {
763 $ei=ldap_first_entry($ds, $sr);
764 if ($ei) {
765 foreach($attrs as $attr => $val){
766 if ($info = ldap_get_values_len($ds, $ei, $attr)){
767 for ($i= 0; $i<$info['count']; $i++){
768 if ($info['count'] == 1){
769 $new[$attr]= $info[$i];
770 } else {
771 $new[$attr][]= $info[$i];
772 }
773 }
774 }
775 }
776 }
777 }
779 /* close conncetion */
780 error_reporting (E_ALL);
781 ldap_unbind($ds);
783 /* Adapt naming attribute */
784 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
785 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
786 $new[$dst_name]= @LDAP::fix($dst_val);
788 /* Check if this is a department.
789 * If it is a dep. && there is a , override in his ou
790 * change \2C to , again, else this entry can't be saved ...
791 */
792 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
793 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
794 }
796 /* Save copy */
797 $ldap->connect();
798 $ldap->cd($this->config->current['BASE']);
800 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
802 /* FAIvariable=.../..., cn=..
803 could not be saved, because the attribute FAIvariable was different to
804 the dn FAIvariable=..., cn=... */
805 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
806 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
807 }
808 $ldap->cd($dst_dn);
809 $ldap->add($new);
811 if ($ldap->error != "Success"){
812 trigger_error("Trying to save $dst_dn failed.",
813 E_USER_WARNING);
814 return(FALSE);
815 }
817 return (TRUE);
818 }
821 function move($src_dn, $dst_dn)
822 {
823 /* Copy source to destination */
824 if (!$this->copy($src_dn, $dst_dn)){
825 return (FALSE);
826 }
828 /* Delete source */
829 $ldap= $this->config->get_ldap_link();
830 $ldap->rmdir($src_dn);
831 if ($ldap->error != "Success"){
832 trigger_error("Trying to delete $src_dn failed.",
833 E_USER_WARNING);
834 return (FALSE);
835 }
837 return (TRUE);
838 }
841 /* Move/Rename complete trees */
842 function recursive_move($src_dn, $dst_dn)
843 {
844 /* Check if the destination entry exists */
845 $ldap= $this->config->get_ldap_link();
847 /* Check if destination exists - abort */
848 $ldap->cat($dst_dn, array('dn'));
849 if ($ldap->fetch()){
850 trigger_error("recursive_move $dst_dn already exists.",
851 E_USER_WARNING);
852 return (FALSE);
853 }
855 /* Perform a search for all objects to be moved */
856 $objects= array();
857 $ldap->cd($src_dn);
858 $ldap->search("(objectClass=*)", array("dn"));
859 while($attrs= $ldap->fetch()){
860 $dn= $attrs['dn'];
861 $objects[$dn]= strlen($dn);
862 }
864 /* Sort objects by indent level */
865 asort($objects);
866 reset($objects);
868 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
869 foreach ($objects as $object => $len){
870 $src= $object;
871 $dst= preg_replace("/$src_dn$/", "$dst_dn", $object);
872 if (!$this->copy($src, $dst)){
873 return (FALSE);
874 }
875 }
877 /* Remove src_dn */
878 $ldap->cd($src_dn);
879 $ldap->recursive_remove();
880 return (TRUE);
881 }
884 function handle_post_events($mode, $add_attrs= array())
885 {
886 switch ($mode){
887 case "add":
888 $this->postcreate($add_attrs);
889 break;
891 case "modify":
892 $this->postmodify($add_attrs);
893 break;
895 case "remove":
896 $this->postremove($add_attrs);
897 break;
898 }
899 }
902 function saveCopyDialog(){
903 }
906 function getCopyDialog(){
907 return(array("string"=>"","status"=>""));
908 }
911 function PrepareForCopyPaste($source){
912 $todo = $this->attributes;
913 if(isset($this->CopyPasteVars)){
914 $todo = array_merge($todo,$this->CopyPasteVars);
915 }
916 $todo[] = "is_account";
917 foreach($todo as $var){
918 $this->$var = $source->$var;
919 }
920 }
923 function handle_object_tagging($dn= "", $tag= "", $show= false)
924 {
925 //FIXME: How to optimize this? We have at least two
926 // LDAP accesses per object. It would be a good
927 // idea to have it integrated.
929 /* No dn? Self-operation... */
930 if ($dn == ""){
931 $dn= $this->dn;
933 /* No tag? Find it yourself... */
934 if ($tag == ""){
935 $len= strlen($dn);
937 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
938 $relevant= array();
939 foreach ($this->config->adepartments as $key => $ntag){
941 /* This one is bigger than our dn, its not relevant... */
942 if ($len <= strlen($key)){
943 continue;
944 }
946 /* This one matches with the latter part. Break and don't fix this entry */
947 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
948 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
949 $relevant[strlen($key)]= $ntag;
950 continue;
951 }
953 }
955 /* If we've some relevant tags to set, just get the longest one */
956 if (count($relevant)){
957 ksort($relevant);
958 $tmp= array_keys($relevant);
959 $idx= end($tmp);
960 $tag= $relevant[$idx];
961 $this->gosaUnitTag= $tag;
962 }
963 }
964 }
967 /* Set tag? */
968 if ($tag != ""){
969 /* Set objectclass and attribute */
970 $ldap= $this->config->get_ldap_link();
971 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
972 $attrs= $ldap->fetch();
973 if(isset($attrs['gosaUnitTag'][0]) && $attrs['gosaUnitTag'][0] == $tag){
974 if ($show) {
975 echo sprintf(_("Object '%s' is already tagged"), @LDAP::fix($dn))."<br>";
976 flush();
977 }
978 return;
979 }
980 if (count($attrs)){
981 if ($show){
982 echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."<br>";
983 flush();
984 }
985 $nattrs= array("gosaUnitTag" => $tag);
986 $nattrs['objectClass']= array();
987 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
988 $oc= $attrs['objectClass'][$i];
989 if ($oc != "gosaAdministrativeUnitTag"){
990 $nattrs['objectClass'][]= $oc;
991 }
992 }
993 $nattrs['objectClass'][]= "gosaAdministrativeUnitTag";
994 $ldap->cd($dn);
995 $ldap->modify($nattrs);
996 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
997 } else {
998 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging");
999 }
1001 } else {
1002 /* Remove objectclass and attribute */
1003 $ldap= $this->config->get_ldap_link();
1004 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
1005 $attrs= $ldap->fetch();
1006 if (isset($attrs['objectClass']) && !in_array_ics("gosaAdministrativeUnitTag", $attrs['objectClass'])){
1007 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "$dn is not tagged", "Tagging");
1008 return;
1009 }
1010 if (count($attrs)){
1011 if ($show){
1012 echo sprintf(_("Removing tag from object '%s'"), @LDAP::fix($dn))."<br>";
1013 flush();
1014 }
1015 $nattrs= array("gosaUnitTag" => array());
1016 $nattrs['objectClass']= array();
1017 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
1018 $oc= $attrs['objectClass'][$i];
1019 if ($oc != "gosaAdministrativeUnitTag"){
1020 $nattrs['objectClass'][]= $oc;
1021 }
1022 }
1023 $ldap->cd($dn);
1024 $ldap->modify($nattrs);
1025 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
1026 } else {
1027 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging");
1028 }
1029 }
1031 }
1034 /* Add possibility to stop remove process */
1035 function allow_remove()
1036 {
1037 $reason= "";
1038 return $reason;
1039 }
1042 /* Create a snapshot of the current object */
1043 function create_snapshot($type= "snapshot", $description= array())
1044 {
1046 /* Check if snapshot functionality is enabled */
1047 if(!$this->snapshotEnabled()){
1048 return;
1049 }
1051 /* Get configuration from gosa.conf */
1052 $tmp = $this->config->current;
1054 /* Create lokal ldap connection */
1055 $ldap= $this->config->get_ldap_link();
1056 $ldap->cd($this->config->current['BASE']);
1058 /* check if there are special server configurations for snapshots */
1059 if(!isset($tmp['SNAPSHOT_SERVER'])){
1061 /* Source and destination server are both the same, just copy source to dest obj */
1062 $ldap_to = $ldap;
1063 $snapldapbase = $this->config->current['BASE'];
1065 }else{
1066 $server = $tmp['SNAPSHOT_SERVER'];
1067 $user = $tmp['SNAPSHOT_USER'];
1068 $password = $tmp['SNAPSHOT_PASSWORD'];
1069 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1071 $ldap_to = new LDAP($user,$password, $server);
1072 $ldap_to -> cd($snapldapbase);
1073 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1074 }
1076 /* check if the dn exists */
1077 if ($ldap->dn_exists($this->dn)){
1079 /* Extract seconds & mysecs, they are used as entry index */
1080 list($usec, $sec)= explode(" ", microtime());
1082 /* Collect some infos */
1083 $base = $this->config->current['BASE'];
1084 $snap_base = $tmp['SNAPSHOT_BASE'];
1085 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1086 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1088 /* Create object */
1089 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1090 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1091 $newName = preg_replace("/\./", "", $sec."-".$usec);
1092 $target= array();
1093 $target['objectClass'] = array("top", "gosaSnapshotObject");
1094 $target['gosaSnapshotData'] = gzcompress($data, 6);
1095 $target['gosaSnapshotType'] = $type;
1096 $target['gosaSnapshotDN'] = $this->dn;
1097 $target['description'] = $description;
1098 $target['gosaSnapshotTimestamp'] = $newName;
1100 /* Insert the new snapshot
1101 But we have to check first, if the given gosaSnapshotTimestamp
1102 is already used, in this case we should increment this value till there is
1103 an unused value. */
1104 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1105 $ldap_to->cat($new_dn);
1106 while($ldap_to->count()){
1107 $ldap_to->cat($new_dn);
1108 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1109 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1110 $target['gosaSnapshotTimestamp'] = $newName;
1111 }
1113 /* Inset this new snapshot */
1114 $ldap_to->cd($snapldapbase);
1115 $ldap_to->create_missing_trees($new_base);
1116 $ldap_to->cd($new_dn);
1117 $ldap_to->add($target);
1119 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1120 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1121 }
1122 }
1124 function remove_snapshot($dn)
1125 {
1126 $ui = get_userinfo();
1127 $old_dn = $this->dn;
1128 $this->dn = $dn;
1130 if($this->acl_is_removeable() && $this->acl_is_createable()){
1131 $ldap = $this->config->get_ldap_link();
1132 $ldap->cd($this->config->current['BASE']);
1133 $ldap->rmdir_recursive($dn);
1134 }else{
1135 print_red (_("You are not allowed to delete this snapshot!"));
1136 }
1137 $this->dn = $old_dn;
1138 }
1141 /* returns true if snapshots are enabled, and false if it is disalbed
1142 There will also be some errors psoted, if the configuration failed */
1143 function snapshotEnabled()
1144 {
1145 $tmp = $this->config->current;
1146 if(isset($tmp['ENABLE_SNAPSHOT'])){
1147 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1149 /* Check if the snapshot_base is defined */
1150 if(!isset($tmp['SNAPSHOT_BASE'])){
1151 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),$missing));
1152 return(FALSE);
1153 }
1155 /* check if there are special server configurations for snapshots */
1156 if(isset($tmp['SNAPSHOT_SERVER'])){
1158 /* check if all required vars are available to create a new ldap connection */
1159 $missing = "";
1160 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){
1161 if(!isset($tmp[$var])){
1162 $missing .= $var." ";
1163 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing));
1164 return(FALSE);
1165 }
1166 }
1167 }
1168 return(TRUE);
1169 }
1170 }
1171 return(FALSE);
1172 }
1175 /* Return available snapshots for the given base
1176 */
1177 function Available_SnapsShots($dn,$raw = false)
1178 {
1179 if(!$this->snapshotEnabled()) return(array());
1181 /* Create an additional ldap object which
1182 points to our ldap snapshot server */
1183 $ldap= $this->config->get_ldap_link();
1184 $ldap->cd($this->config->current['BASE']);
1185 $tmp = $this->config->current;
1187 /* check if there are special server configurations for snapshots */
1188 if(isset($tmp['SNAPSHOT_SERVER'])){
1189 $server = $tmp['SNAPSHOT_SERVER'];
1190 $user = $tmp['SNAPSHOT_USER'];
1191 $password = $tmp['SNAPSHOT_PASSWORD'];
1192 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1193 $ldap_to = new LDAP($user,$password, $server);
1194 $ldap_to -> cd ($snapldapbase);
1195 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1196 }else{
1197 $ldap_to = $ldap;
1198 }
1200 /* Prepare bases and some other infos */
1201 $base = $this->config->current['BASE'];
1202 $snap_base = $tmp['SNAPSHOT_BASE'];
1203 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1204 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1205 $tmp = array();
1207 /* Fetch all objects with gosaSnapshotDN=$dn */
1208 $ldap_to->cd($new_base);
1209 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1210 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1212 /* Put results into a list and add description if missing */
1213 while($entry = $ldap_to->fetch()){
1214 if(!isset($entry['description'][0])){
1215 $entry['description'][0] = "";
1216 }
1217 $tmp[] = $entry;
1218 }
1220 /* Return the raw array, or format the result */
1221 if($raw){
1222 return($tmp);
1223 }else{
1224 $tmp2 = array();
1225 foreach($tmp as $entry){
1226 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1227 }
1228 }
1229 return($tmp2);
1230 }
1233 function getAllDeletedSnapshots($base_of_object,$raw = false)
1234 {
1235 if(!$this->snapshotEnabled()) return(array());
1237 /* Create an additional ldap object which
1238 points to our ldap snapshot server */
1239 $ldap= $this->config->get_ldap_link();
1240 $ldap->cd($this->config->current['BASE']);
1241 $tmp = $this->config->current;
1243 /* check if there are special server configurations for snapshots */
1244 if(isset($tmp['SNAPSHOT_SERVER'])){
1245 $server = $tmp['SNAPSHOT_SERVER'];
1246 $user = $tmp['SNAPSHOT_USER'];
1247 $password = $tmp['SNAPSHOT_PASSWORD'];
1248 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1249 $ldap_to = new LDAP($user,$password, $server);
1250 $ldap_to->cd ($snapldapbase);
1251 show_ldap_error($ldap->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1252 }else{
1253 $ldap_to = $ldap;
1254 }
1256 /* Prepare bases */
1257 $base = $this->config->current['BASE'];
1258 $snap_base = $tmp['SNAPSHOT_BASE'];
1259 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1261 /* Fetch all objects and check if they do not exist anymore */
1262 $ui = get_userinfo();
1263 $tmp = array();
1264 $ldap_to->cd($new_base);
1265 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1266 while($entry = $ldap_to->fetch()){
1268 $chk = str_replace($new_base,"",$entry['dn']);
1269 if(preg_match("/,ou=/",$chk)) continue;
1271 if(!isset($entry['description'][0])){
1272 $entry['description'][0] = "";
1273 }
1274 $tmp[] = $entry;
1275 }
1277 /* Check if entry still exists */
1278 foreach($tmp as $key => $entry){
1279 $ldap->cat($entry['gosaSnapshotDN'][0]);
1280 if($ldap->count()){
1281 unset($tmp[$key]);
1282 }
1283 }
1285 /* Format result as requested */
1286 if($raw) {
1287 return($tmp);
1288 }else{
1289 $tmp2 = array();
1290 foreach($tmp as $key => $entry){
1291 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1292 }
1293 }
1294 return($tmp2);
1295 }
1298 /* Restore selected snapshot */
1299 function restore_snapshot($dn)
1300 {
1301 if(!$this->snapshotEnabled()) return(array());
1303 $ldap= $this->config->get_ldap_link();
1304 $ldap->cd($this->config->current['BASE']);
1305 $tmp = $this->config->current;
1307 /* check if there are special server configurations for snapshots */
1308 if(isset($tmp['SNAPSHOT_SERVER'])){
1309 $server = $tmp['SNAPSHOT_SERVER'];
1310 $user = $tmp['SNAPSHOT_USER'];
1311 $password = $tmp['SNAPSHOT_PASSWORD'];
1312 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1313 $ldap_to = new LDAP($user,$password, $server);
1314 $ldap_to->cd ($snapldapbase);
1315 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1316 }else{
1317 $ldap_to = $ldap;
1318 }
1320 /* Get the snapshot */
1321 $ldap_to->cat($dn);
1322 $restoreObject = $ldap_to->fetch();
1324 /* Prepare import string */
1325 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1327 /* Import the given data */
1328 $ldap->import_complete_ldif($data,$err,false,false);
1329 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1330 }
1333 function showSnapshotDialog($base,$baseSuffixe)
1334 {
1335 $once = true;
1336 foreach($_POST as $name => $value){
1338 /* Create a new snapshot, display a dialog */
1339 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1340 $once = false;
1341 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1342 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1343 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1344 }
1346 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1347 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1348 $once = false;
1349 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1350 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1351 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1352 $this->snapDialog->display_restore_dialog = true;
1353 }
1355 /* Restore one of the already deleted objects */
1356 if(preg_match("/^RestoreDeletedSnapShot_/",$name) && $once){
1357 $once = false;
1358 $this->snapDialog = new SnapShotDialog($this->config,"",$this);
1359 $this->snapDialog->set_snapshot_bases($baseSuffixe);
1360 $this->snapDialog->display_restore_dialog = true;
1361 $this->snapDialog->display_all_removed_objects = true;
1362 }
1364 /* Restore selected snapshot */
1365 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1366 $once = false;
1367 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1368 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1369 if(!empty($entry)){
1370 $this->restore_snapshot($entry);
1371 $this->snapDialog = NULL;
1372 }
1373 }
1374 }
1376 /* Create a new snapshot requested, check
1377 the given attributes and create the snapshot*/
1378 if(isset($_POST['CreateSnapshot'])){
1379 $this->snapDialog->save_object();
1380 $msgs = $this->snapDialog->check();
1381 if(count($msgs)){
1382 foreach($msgs as $msg){
1383 print_red($msg);
1384 }
1385 }else{
1386 $this->dn = $this->snapDialog->dn;
1387 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1388 $this->snapDialog = NULL;
1389 }
1390 }
1392 /* Restore is requested, restore the object with the posted dn .*/
1393 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1394 }
1396 if(isset($_POST['CancelSnapshot'])){
1397 $this->snapDialog = NULL;
1398 }
1400 if($this->snapDialog){
1401 $this->snapDialog->save_object();
1402 return($this->snapDialog->execute());
1403 }
1404 }
1407 function plInfo()
1408 {
1409 return array();
1410 }
1413 function set_acl_base($base)
1414 {
1415 $this->acl_base= $base;
1416 }
1419 function set_acl_category($category)
1420 {
1421 $this->acl_category= "$category/";
1422 }
1425 function acl_is_writeable($attribute,$skip_write = FALSE)
1426 {
1427 $ui= get_userinfo();
1428 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1429 }
1432 function acl_is_readable($attribute)
1433 {
1434 $ui= get_userinfo();
1435 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1436 }
1439 function acl_is_createable()
1440 {
1441 $ui= get_userinfo();
1442 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1443 }
1446 function acl_is_removeable()
1447 {
1448 $ui= get_userinfo();
1449 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1450 }
1453 function acl_is_moveable()
1454 {
1455 $ui= get_userinfo();
1456 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1457 }
1460 function acl_have_any_permissions()
1461 {
1462 }
1465 function getacl($attribute,$skip_write= FALSE)
1466 {
1467 $ui= get_userinfo();
1468 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1469 }
1471 /* Get all allowed bases to move an object to or to create a new object.
1472 Idepartments also contains all base departments which lead to the allowed bases */
1473 function get_allowed_bases($category = "")
1474 {
1475 $ui = get_userinfo();
1476 $deps = array();
1478 /* Set category */
1479 if(empty($category)){
1480 $category = $this->acl_category.get_class($this);
1481 }
1483 /* Is this a new object ? Or just an edited existing object */
1484 if(!$this->initially_was_account && $this->is_account){
1485 $new = true;
1486 }else{
1487 $new = false;
1488 }
1490 /* Add current base */
1491 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1492 $deps[$this->base] = $this->config->idepartments[$this->base];
1493 }else{
1494 echo "No default base found. ".$this->base."<br> ";
1495 }
1497 $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
1498 foreach($this->config->idepartments as $dn => $name){
1500 if(!in_array_ics($dn,$cat_bases)){
1501 continue;
1502 }
1504 $acl = $ui->get_permissions($dn,$category);
1505 if($new && preg_match("/c/",$acl)){
1506 $deps[$dn] = $name;
1507 }elseif(!$new && preg_match("/m/",$acl)){
1508 $deps[$dn] = $name;
1509 }
1510 }
1511 return($deps);
1512 }
1514 }
1515 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1516 ?>