1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /*! \brief The plugin base class
22 \author Cajus Pollmeier <pollmeier@gonicus.de>
23 \version 2.00
24 \date 24.07.2003
26 This is the base class for all plugins. It can be used standalone or
27 can be included by the tabs class. All management should be done
28 within this class. Extend your plugins from this class.
29 */
31 class plugin
32 {
33 /*!
34 \brief Reference to parent object
36 This variable is used when the plugin is included in tabs
37 and keeps reference to the tab class. Communication to other
38 tabs is possible by 'name'. So the 'fax' plugin can ask the
39 'userinfo' plugin for the fax number.
41 \sa tab
42 */
43 var $parent= NULL;
45 /*!
46 \brief Configuration container
48 Access to global configuration
49 */
50 var $config= NULL;
52 /*!
53 \brief Mark plugin as account
55 Defines whether this plugin is defined as an account or not.
56 This has consequences for the plugin to be saved from tab
57 mode. If it is set to 'FALSE' the tab will call the delete
58 function, else the save function. Should be set to 'TRUE' if
59 the construtor detects a valid LDAP object.
61 \sa plugin::plugin()
62 */
63 var $is_account= FALSE;
64 var $initially_was_account= FALSE;
66 /*!
67 \brief Mark plugin as template
69 Defines whether we are creating a template or a normal object.
70 Has conseqences on the way execute() shows the formular and how
71 save() puts the data to LDAP.
73 \sa plugin::save() plugin::execute()
74 */
75 var $is_template= FALSE;
76 var $ignore_account= FALSE;
77 var $is_modified= FALSE;
79 /*!
80 \brief Represent temporary LDAP data
82 This is only used internally.
83 */
84 var $attrs= array();
86 /* Keep set of conflicting plugins */
87 var $conflicts= array();
89 /* Save unit tags */
90 var $gosaUnitTag= "";
92 /*!
93 \brief Used standard values
95 dn
96 */
97 var $dn= "";
98 var $uid= "";
99 var $sn= "";
100 var $givenName= "";
101 var $acl= "*none*";
102 var $dialog= FALSE;
103 var $snapDialog = NULL;
105 /* attribute list for save action */
106 var $attributes= array();
107 var $objectclasses= array();
108 var $is_new= TRUE;
109 var $saved_attributes= array();
111 var $acl_base= "";
112 var $acl_category= "";
114 /* Plugin identifier */
115 var $plHeadline= "";
116 var $plDescription= "";
118 /* This can be set to render the tabulators in another stylesheet */
119 var $pl_notify= FALSE;
121 /* Object entry CSN */
122 var $entryCSN = "";
123 var $CSN_check_active = FALSE;
125 /* This variable indicates that this class can handle multiple dns at once. */
126 var $multiple_support = FALSE;
128 /* This aviable indicates, that we are currently in multiple edit handle */
129 var $multiple_support_active = FALSE;
130 var $selected_edit_values = array();
132 /*! \brief plugin constructor
134 If 'dn' is set, the node loads the given 'dn' from LDAP
136 \param dn Distinguished name to initialize plugin from
137 \sa plugin()
138 */
139 function plugin (&$config, $dn= NULL, $parent= NULL)
140 {
141 /* Configuration is fine, allways */
142 $this->config= &$config;
143 $this->dn= $dn;
145 /* Handle new accounts, don't read information from LDAP */
146 if ($dn == "new"){
147 return;
148 }
150 /* Save current dn as acl_base */
151 $this->acl_base= $dn;
153 /* Get LDAP descriptor */
154 $ldap= $this->config->get_ldap_link();
155 if ($dn !== NULL){
157 /* Load data to 'attrs' and save 'dn' */
158 if ($parent !== NULL){
159 $this->attrs= $parent->attrs;
160 } else {
161 $ldap->cat ($dn);
162 $this->attrs= $ldap->fetch();
163 }
165 /* Copy needed attributes */
166 foreach ($this->attributes as $val){
167 $found= array_key_ics($val, $this->attrs);
168 if ($found != ""){
169 $this->$val= $this->attrs["$found"][0];
170 }
171 }
173 /* gosaUnitTag loading... */
174 if (isset($this->attrs['gosaUnitTag'][0])){
175 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
176 }
178 /* Set the template flag according to the existence of objectClass
179 gosaUserTemplate */
180 if (isset($this->attrs['objectClass'])){
181 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
182 $this->is_template= TRUE;
183 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
184 "found", "Template check");
185 }
186 }
188 /* Is Account? */
189 $found= TRUE;
190 foreach ($this->objectclasses as $obj){
191 if (preg_match('/top/i', $obj)){
192 continue;
193 }
194 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
195 $found= FALSE;
196 break;
197 }
198 }
199 if ($found){
200 $this->is_account= TRUE;
201 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
202 "found", "Object check");
203 }
205 /* Prepare saved attributes */
206 $this->saved_attributes= $this->attrs;
207 foreach ($this->saved_attributes as $index => $value){
208 if (preg_match('/^[0-9]+$/', $index)){
209 unset($this->saved_attributes[$index]);
210 continue;
211 }
212 if (!in_array($index, $this->attributes) && $index != "objectClass"){
213 unset($this->saved_attributes[$index]);
214 continue;
215 }
216 if ($this->saved_attributes[$index]["count"] == 1){
217 $tmp= $this->saved_attributes[$index][0];
218 unset($this->saved_attributes[$index]);
219 $this->saved_attributes[$index]= $tmp;
220 continue;
221 }
223 unset($this->saved_attributes["$index"]["count"]);
224 }
225 }
227 /* Save initial account state */
228 $this->initially_was_account= $this->is_account;
229 }
232 /*! \brief execute plugin
234 Generates the html output for this node
235 */
236 function execute_multiple()
237 {
238 /* This one is empty currently. Fabian - please fill in the docu code */
239 $_SESSION['current_class_for_help'] = get_class($this);
241 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
242 $_SESSION['LOCK_VARS_TO_USE'] = $_SESSION['LOCK_VARS_USED'] =array();
244 return("Multiple edit is currently not implemented for this plugin.");
245 }
249 /*! \brief execute plugin
251 Generates the html output for this node
252 */
253 function execute()
254 {
255 /* This one is empty currently. Fabian - please fill in the docu code */
256 $_SESSION['current_class_for_help'] = get_class($this);
258 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
259 $_SESSION['LOCK_VARS_TO_USE'] = $_SESSION['LOCK_VARS_USED'] =array();
260 }
262 /*! \brief execute plugin
263 Removes object from parent
264 */
265 function remove_from_parent()
266 {
267 /* include global link_info */
268 $ldap= $this->config->get_ldap_link();
270 /* Get current objectClasses in order to add the required ones */
271 $ldap->cat($this->dn);
272 $tmp= $ldap->fetch ();
273 $oc= array();
274 if (isset($tmp['objectClass'])){
275 $oc= $tmp['objectClass'];
276 unset($oc['count']);
277 }
279 /* Remove objectClasses from entry */
280 $ldap->cd($this->dn);
281 $this->attrs= array();
282 $this->attrs['objectClass']= array_remove_entries($this->objectclasses,$oc);
284 /* Unset attributes from entry */
285 foreach ($this->attributes as $val){
286 $this->attrs["$val"]= array();
287 }
289 /* Unset account info */
290 $this->is_account= FALSE;
292 /* Do not write in plugin base class, this must be done by
293 children, since there are normally additional attribs,
294 lists, etc. */
295 /*
296 $ldap->modify($this->attrs);
297 */
298 }
301 /*! \brief Save HTML posted data to object
302 */
303 function save_object()
304 {
305 /* Update entry CSN if it is empty. */
306 if(empty($this->entryCSN) && $this->CSN_check_active){
307 $this->entryCSN = getEntryCSN($this->dn);
308 }
310 /* MULTIPLE_EDIT
311 Ensures that only selected values will be used.
312 Should be rewritten.
313 */
314 if($this->multiple_support_active){
315 foreach($this->attributes as $attr){
316 if(isset($_POST["use_".$attr])){
317 $this->selected_edit_values[$attr] = TRUE;
318 }else{
319 $this->selected_edit_values[$attr] = FALSE;
320 }
321 }
322 }
324 /* Save values to object */
325 foreach ($this->attributes as $val){
326 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
327 /* Check for modifications */
328 if (get_magic_quotes_gpc()) {
329 $data= stripcslashes($_POST["$val"]);
330 } else {
331 $data= $this->$val = $_POST["$val"];
332 }
333 if ($this->$val != $data){
334 $this->is_modified= TRUE;
335 }
337 /* Okay, how can I explain this fix ...
338 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
339 * So IE posts these 'unselectable' option, with value = chr(194)
340 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
341 * This was added for W3c compliance, but now causes these ... ldap errors ...
342 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
343 */
344 if(isset($data[0]) && $data[0] == chr(194)) {
345 $data = "";
346 }
347 $this->$val= $data;
348 //echo "<font color='blue'>".$val."</font><br>";
349 }else{
350 //echo "<font color='red'>".$val."</font><br>";
351 }
352 }
353 }
356 /* Save data to LDAP, depending on is_account we save or delete */
357 function save()
358 {
359 /* include global link_info */
360 $ldap= $this->config->get_ldap_link();
362 /* Save all plugins */
363 $this->entryCSN = "";
365 /* Start with empty array */
366 $this->attrs= array();
368 /* Get current objectClasses in order to add the required ones */
369 $ldap->cat($this->dn);
371 $tmp= $ldap->fetch ();
373 $oc= array();
374 if (isset($tmp['objectClass'])){
375 $oc= $tmp["objectClass"];
376 $this->is_new= FALSE;
377 unset($oc['count']);
378 } else {
379 $this->is_new= TRUE;
380 }
382 /* Load (minimum) attributes, add missing ones */
383 $this->attrs['objectClass']= gosa_array_merge($oc,$this->objectclasses);
385 /* Copy standard attributes */
386 foreach ($this->attributes as $val){
387 if ($this->$val != ""){
388 $this->attrs["$val"]= $this->$val;
389 } elseif (!$this->is_new) {
390 $this->attrs["$val"]= array();
391 }
392 }
394 }
397 function cleanup()
398 {
399 foreach ($this->attrs as $index => $value){
401 /* Convert arrays with one element to non arrays, if the saved
402 attributes are no array, too */
403 if (is_array($this->attrs[$index]) &&
404 count ($this->attrs[$index]) == 1 &&
405 isset($this->saved_attributes[$index]) &&
406 !is_array($this->saved_attributes[$index])){
408 $tmp= $this->attrs[$index][0];
409 $this->attrs[$index]= $tmp;
410 }
412 /* Remove emtpy arrays if they do not differ */
413 if (is_array($this->attrs[$index]) &&
414 count($this->attrs[$index]) == 0 &&
415 !isset($this->saved_attributes[$index])){
417 unset ($this->attrs[$index]);
418 continue;
419 }
421 /* Remove single attributes that do not differ */
422 if (!is_array($this->attrs[$index]) &&
423 isset($this->saved_attributes[$index]) &&
424 !is_array($this->saved_attributes[$index]) &&
425 $this->attrs[$index] == $this->saved_attributes[$index]){
427 unset ($this->attrs[$index]);
428 continue;
429 }
431 /* Remove arrays that do not differ */
432 if (is_array($this->attrs[$index]) &&
433 isset($this->saved_attributes[$index]) &&
434 is_array($this->saved_attributes[$index])){
436 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
437 unset ($this->attrs[$index]);
438 continue;
439 }
440 }
441 }
443 /* Update saved attributes and ensure that next cleanups will be successful too */
444 foreach($this->attrs as $name => $value){
445 $this->saved_attributes[$name] = $value;
446 }
447 }
449 /* Check formular input */
450 function check()
451 {
452 $message= array();
454 /* Skip if we've no config object */
455 if (!isset($this->config) || !is_object($this->config)){
456 return $message;
457 }
459 /* Find hooks entries for this class */
460 $command= $this->config->search(get_class($this), "CHECK", array('menu', 'tabs'));
462 if ($command != ""){
464 if (!check_command($command)){
465 $message[]= sprintf(_("Command '%s', specified as CHECK hook for plugin '%s' doesn't seem to exist."), $command,
466 get_class($this));
467 } else {
469 /* Generate "ldif" for check hook */
470 $ldif= "dn: $this->dn\n";
472 /* ... objectClasses */
473 foreach ($this->objectclasses as $oc){
474 $ldif.= "objectClass: $oc\n";
475 }
477 /* ... attributes */
478 foreach ($this->attributes as $attr){
479 if ($this->$attr == ""){
480 continue;
481 }
482 if (is_array($this->$attr)){
483 foreach ($this->$attr as $val){
484 $ldif.= "$attr: $val\n";
485 }
486 } else {
487 $ldif.= "$attr: ".$this->$attr."\n";
488 }
489 }
491 /* Append empty line */
492 $ldif.= "\n";
494 /* Feed "ldif" into hook and retrieve result*/
495 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
496 $fh= proc_open($command, $descriptorspec, $pipes);
497 if (is_resource($fh)) {
498 fwrite ($pipes[0], $ldif);
499 fclose($pipes[0]);
501 $result= stream_get_contents($pipes[1]);
502 if ($result != ""){
503 $message[]= $result;
504 }
506 fclose($pipes[1]);
507 fclose($pipes[2]);
508 proc_close($fh);
509 }
510 }
512 }
514 /* Check entryCSN */
515 if($this->CSN_check_active){
516 $current_csn = getEntryCSN($this->dn);
517 if($current_csn != $this->entryCSN && !empty($this->entryCSN) && !empty($current_csn)){
518 $this->entryCSN = $current_csn;
519 $message[] = _("The object has changed since opened in GOsa. Please ensure that nobody has done serious changes that may get lost if you save this entry.");
520 }
521 }
522 return ($message);
523 }
525 /* Adapt from template, using 'dn' */
526 function adapt_from_template($dn)
527 {
528 /* Include global link_info */
529 $ldap= $this->config->get_ldap_link();
531 /* Load requested 'dn' to 'attrs' */
532 $ldap->cat ($dn);
533 $this->attrs= $ldap->fetch();
535 /* Walk through attributes */
536 foreach ($this->attributes as $val){
538 if (isset($this->attrs["$val"][0])){
540 /* If attribute is set, replace dynamic parts:
541 %sn, %givenName and %uid. Fill these in our local variables. */
542 $value= $this->attrs["$val"][0];
544 foreach (array("sn", "givenName", "uid") as $repl){
545 if (preg_match("/%$repl/i", $value)){
546 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
547 }
548 }
549 $this->$val= $value;
550 }
551 }
553 /* Is Account? */
554 $found= TRUE;
555 foreach ($this->objectclasses as $obj){
556 if (preg_match('/top/i', $obj)){
557 continue;
558 }
559 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
560 $found= FALSE;
561 break;
562 }
563 }
564 if ($found){
565 $this->is_account= TRUE;
566 }
567 }
569 /* Indicate whether a password change is needed or not */
570 function password_change_needed()
571 {
572 return FALSE;
573 }
576 /* Show header message for tab dialogs */
577 function show_enable_header($button_text, $text, $disabled= FALSE)
578 {
579 if (($disabled == TRUE) || (!$this->acl_is_createable())){
580 $state= "disabled";
581 } else {
582 $state= "";
583 }
584 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
585 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
586 "><p class=\"seperator\"> </p></td></tr></table>";
588 return($display);
589 }
592 /* Show header message for tab dialogs */
593 function show_disable_header($button_text, $text, $disabled= FALSE)
594 {
595 if (($disabled == TRUE) || !$this->acl_is_removeable()){
596 $state= "disabled";
597 } else {
598 $state= "";
599 }
600 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
601 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
602 "><p class=\"seperator\"> </p></td></tr></table>";
604 return($display);
605 }
608 /* Show header message for tab dialogs */
609 function show_header($button_text, $text, $disabled= FALSE)
610 {
611 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
612 if ($disabled == TRUE){
613 $state= "disabled";
614 } else {
615 $state= "";
616 }
617 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
618 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
619 ($this->acl_is_createable()?'':'disabled')." ".$state.
620 "><p class=\"seperator\"> </p></td></tr></table>";
622 return($display);
623 }
626 function postcreate($add_attrs= array())
627 {
628 /* Find postcreate entries for this class */
629 $command= $this->config->search(get_class($this), "POSTCREATE",array('menu', 'tabs'));
631 if ($command != ""){
633 /* Additional attributes */
634 foreach ($add_attrs as $name => $value){
635 $command= preg_replace("/%$name/", $value, $command);
636 }
638 /* Walk through attribute list */
639 foreach ($this->attributes as $attr){
640 if (!is_array($this->$attr)){
641 $command= preg_replace("/%$attr/", $this->$attr, $command);
642 }
643 }
644 $command= preg_replace("/%dn/", $this->dn, $command);
646 if (check_command($command)){
647 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
648 $command, "Execute");
650 exec($command);
651 } else {
652 $message= sprintf(_("Command '%s', specified as POSTCREATE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
653 print_red ($message);
654 }
655 }
656 }
658 function postmodify($add_attrs= array())
659 {
660 /* Find postcreate entries for this class */
661 $command= $this->config->search(get_class($this), "POSTMODIFY",array('menu','tabs'));
663 if ($command != ""){
665 /* Additional attributes */
666 foreach ($add_attrs as $name => $value){
667 $command= preg_replace("/%$name/", $value, $command);
668 }
670 /* Walk through attribute list */
671 foreach ($this->attributes as $attr){
672 if (!is_array($this->$attr)){
673 $command= preg_replace("/%$attr/", $this->$attr, $command);
674 }
675 }
676 $command= preg_replace("/%dn/", $this->dn, $command);
678 if (check_command($command)){
679 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
680 $command, "Execute");
682 exec($command);
683 } else {
684 $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, get_class($this));
685 print_red ($message);
686 }
687 }
688 }
690 function postremove($add_attrs= array())
691 {
692 /* Find postremove entries for this class */
693 $command= $this->config->search(get_class($this), "POSTREMOVE",array('menu','tabs'));
694 if ($command != ""){
696 /* Additional attributes */
697 foreach ($add_attrs as $name => $value){
698 $command= preg_replace("/%$name/", $value, $command);
699 }
701 /* Walk through attribute list */
702 foreach ($this->attributes as $attr){
703 if (!is_array($this->$attr)){
704 $command= preg_replace("/%$attr/", $this->$attr, $command);
705 }
706 }
707 $command= preg_replace("/%dn/", $this->dn, $command);
709 /* Additional attributes */
710 foreach ($add_attrs as $name => $value){
711 $command= preg_replace("/%$name/", $value, $command);
712 }
714 if (check_command($command)){
715 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
716 $command, "Execute");
718 exec($command);
719 } else {
720 $message= sprintf(_("Command '%s', specified as POSTREMOVE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
721 print_red ($message);
722 }
723 }
724 }
726 /* Create unique DN */
727 function create_unique_dn($attribute, $base)
728 {
729 $ldap= $this->config->get_ldap_link();
730 $base= preg_replace("/^,*/", "", $base);
732 /* Try to use plain entry first */
733 $dn= "$attribute=".$this->$attribute.",$base";
734 $ldap->cat ($dn, array('dn'));
735 if (!$ldap->fetch()){
736 return ($dn);
737 }
739 /* Look for additional attributes */
740 foreach ($this->attributes as $attr){
741 if ($attr == $attribute || $this->$attr == ""){
742 continue;
743 }
745 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
746 $ldap->cat ($dn, array('dn'));
747 if (!$ldap->fetch()){
748 return ($dn);
749 }
750 }
752 /* None found */
753 return ("none");
754 }
756 function rebind($ldap, $referral)
757 {
758 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
759 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
760 $this->error = "Success";
761 $this->hascon=true;
762 $this->reconnect= true;
763 return (0);
764 } else {
765 $this->error = "Could not bind to " . $credentials['ADMIN'];
766 return NULL;
767 }
768 }
771 /* Recursively copy ldap object */
772 function _copy($src_dn,$dst_dn)
773 {
774 $ldap=$this->config->get_ldap_link();
775 $ldap->cat($src_dn);
776 $attrs= $ldap->fetch();
778 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
779 $ds= ldap_connect($this->config->current['SERVER']);
780 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
781 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
782 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
783 }
785 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
786 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
788 /* Fill data from LDAP */
789 $new= array();
790 if ($sr) {
791 $ei=ldap_first_entry($ds, $sr);
792 if ($ei) {
793 foreach($attrs as $attr => $val){
794 if ($info = @ldap_get_values_len($ds, $ei, $attr)){
795 for ($i= 0; $i<$info['count']; $i++){
796 if ($info['count'] == 1){
797 $new[$attr]= $info[$i];
798 } else {
799 $new[$attr][]= $info[$i];
800 }
801 }
802 }
803 }
804 }
805 }
807 /* close conncetion */
808 ldap_unbind($ds);
810 /* Adapt naming attribute */
811 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
812 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
813 $new[$dst_name]= @LDAP::fix($dst_val);
815 /* Check if this is a department.
816 * If it is a dep. && there is a , override in his ou
817 * change \2C to , again, else this entry can't be saved ...
818 */
819 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
820 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
821 }
823 /* Save copy */
824 $ldap->connect();
825 $ldap->cd($this->config->current['BASE']);
827 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
829 /* FAIvariable=.../..., cn=..
830 could not be saved, because the attribute FAIvariable was different to
831 the dn FAIvariable=..., cn=... */
832 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
833 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
834 }
835 $ldap->cd($dst_dn);
836 $ldap->add($new);
838 if ($ldap->error != "Success"){
839 trigger_error("Trying to save $dst_dn failed.",
840 E_USER_WARNING);
841 return(FALSE);
842 }
843 return(TRUE);
844 }
847 /* This is a workaround function. */
848 function copy($src_dn, $dst_dn)
849 {
850 /* Rename dn in possible object groups */
851 $ldap= $this->config->get_ldap_link();
852 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($src_dn).'))',
853 array('cn'));
854 while ($attrs= $ldap->fetch()){
855 $og= new ogroup($this->config, $ldap->getDN());
856 unset($og->member[$src_dn]);
857 $og->member[$dst_dn]= $dst_dn;
858 $og->save ();
859 }
861 $ldap->cat($dst_dn);
862 $attrs= $ldap->fetch();
863 if (count($attrs)){
864 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
865 E_USER_WARNING);
866 return (FALSE);
867 }
869 $ldap->cat($src_dn);
870 $attrs= $ldap->fetch();
871 if (!count($attrs)){
872 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
873 E_USER_WARNING);
874 return (FALSE);
875 }
877 $ldap->cd($src_dn);
878 $ldap->search("objectClass=*",array("dn"));
879 while($attrs = $ldap->fetch()){
880 $src = $attrs['dn'];
881 $dst = preg_replace("/".normalizePreg($src_dn)."$/",$dst_dn,$attrs['dn']);
882 $this->_copy($src,$dst);
883 }
884 return (TRUE);
885 }
888 function move($src_dn, $dst_dn)
889 {
890 /* Copy source to destination */
891 if (!$this->copy($src_dn, $dst_dn)){
892 return (FALSE);
893 }
895 /* Delete source */
896 $ldap= $this->config->get_ldap_link();
897 $ldap->rmdir_recursive($src_dn);
898 if ($ldap->error != "Success"){
899 trigger_error("Trying to delete $src_dn failed.",
900 E_USER_WARNING);
901 return (FALSE);
902 }
904 return (TRUE);
905 }
908 /* Move/Rename complete trees */
909 function recursive_move($src_dn, $dst_dn)
910 {
911 /* Check if the destination entry exists */
912 $ldap= $this->config->get_ldap_link();
914 /* Check if destination exists - abort */
915 $ldap->cat($dst_dn, array('dn'));
916 if ($ldap->fetch()){
917 trigger_error("recursive_move $dst_dn already exists.",
918 E_USER_WARNING);
919 return (FALSE);
920 }
922 /* Perform a search for all objects to be moved */
923 $objects= array();
924 $ldap->cd($src_dn);
925 $ldap->search("(objectClass=*)", array("dn"));
926 while($attrs= $ldap->fetch()){
927 $dn= $attrs['dn'];
928 $objects[$dn]= strlen($dn);
929 }
931 /* Sort objects by indent level */
932 asort($objects);
933 reset($objects);
935 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
936 foreach ($objects as $object => $len){
937 $src= $object;
938 $dst= preg_replace("/$src_dn$/", "$dst_dn", $object);
939 if (!$this->copy($src, $dst)){
940 return (FALSE);
941 }
942 }
944 /* Remove src_dn */
945 $ldap->cd($src_dn);
946 $ldap->recursive_remove();
947 return (TRUE);
948 }
951 function handle_post_events($mode, $add_attrs= array())
952 {
953 switch ($mode){
954 case "add":
955 $this->postcreate($add_attrs);
956 break;
958 case "modify":
959 $this->postmodify($add_attrs);
960 break;
962 case "remove":
963 $this->postremove($add_attrs);
964 break;
965 }
966 }
969 function saveCopyDialog(){
970 }
973 function getCopyDialog(){
974 return(array("string"=>"","status"=>""));
975 }
978 function PrepareForCopyPaste($source)
979 {
980 $todo = $this->attributes;
981 if(isset($this->CopyPasteVars)){
982 $todo = array_merge($todo,$this->CopyPasteVars);
983 }
985 if(count($this->objectclasses)){
986 $this->is_account = TRUE;
987 foreach($this->objectclasses as $class){
988 if(!in_array($class,$source['objectClass'])){
989 $this->is_account = FALSE;
990 }
991 }
992 }
994 foreach($todo as $var){
995 if (isset($source[$var])){
996 if(isset($source[$var]['count'])){
997 if($source[$var]['count'] > 1){
998 $this->$var = array();
999 $tmp = array();
1000 for($i = 0 ; $i < $source[$var]['count']; $i++){
1001 $tmp = $source[$var][$i];
1002 }
1003 $this->$var = $tmp;
1004 # echo $var."=".$tmp."<br>";
1005 }else{
1006 $this->$var = $source[$var][0];
1007 # echo $var."=".$source[$var][0]."<br>";
1008 }
1009 }else{
1010 $this->$var= $source[$var];
1011 # echo $var."=".$source[$var]."<br>";
1012 }
1013 }
1014 }
1015 }
1018 function handle_object_tagging($dn= "", $tag= "", $show= false)
1019 {
1020 //FIXME: How to optimize this? We have at least two
1021 // LDAP accesses per object. It would be a good
1022 // idea to have it integrated.
1024 /* No dn? Self-operation... */
1025 if ($dn == ""){
1026 $dn= $this->dn;
1028 /* No tag? Find it yourself... */
1029 if ($tag == ""){
1030 $len= strlen($dn);
1032 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
1033 $relevant= array();
1034 foreach ($this->config->adepartments as $key => $ntag){
1036 /* This one is bigger than our dn, its not relevant... */
1037 if ($len <= strlen($key)){
1038 continue;
1039 }
1041 /* This one matches with the latter part. Break and don't fix this entry */
1042 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
1043 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
1044 $relevant[strlen($key)]= $ntag;
1045 continue;
1046 }
1048 }
1050 /* If we've some relevant tags to set, just get the longest one */
1051 if (count($relevant)){
1052 ksort($relevant);
1053 $tmp= array_keys($relevant);
1054 $idx= end($tmp);
1055 $tag= $relevant[$idx];
1056 $this->gosaUnitTag= $tag;
1057 }
1058 }
1059 }
1062 /* Set tag? */
1063 if ($tag != ""){
1064 /* Set objectclass and attribute */
1065 $ldap= $this->config->get_ldap_link();
1066 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
1067 $attrs= $ldap->fetch();
1068 if(isset($attrs['gosaUnitTag'][0]) && $attrs['gosaUnitTag'][0] == $tag){
1069 if ($show) {
1070 echo sprintf(_("Object '%s' is already tagged"), @LDAP::fix($dn))."<br>";
1071 flush();
1072 }
1073 return;
1074 }
1075 if (count($attrs)){
1076 if ($show){
1077 echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."<br>";
1078 flush();
1079 }
1080 $nattrs= array("gosaUnitTag" => $tag);
1081 $nattrs['objectClass']= array();
1082 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
1083 $oc= $attrs['objectClass'][$i];
1084 if ($oc != "gosaAdministrativeUnitTag"){
1085 $nattrs['objectClass'][]= $oc;
1086 }
1087 }
1088 $nattrs['objectClass'][]= "gosaAdministrativeUnitTag";
1089 $ldap->cd($dn);
1090 $ldap->modify($nattrs);
1091 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
1092 } else {
1093 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging");
1094 }
1096 } else {
1097 /* Remove objectclass and attribute */
1098 $ldap= $this->config->get_ldap_link();
1099 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
1100 $attrs= $ldap->fetch();
1101 if (isset($attrs['objectClass']) && !in_array_ics("gosaAdministrativeUnitTag", $attrs['objectClass'])){
1102 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "$dn is not tagged", "Tagging");
1103 return;
1104 }
1105 if (count($attrs)){
1106 if ($show){
1107 echo sprintf(_("Removing tag from object '%s'"), @LDAP::fix($dn))."<br>";
1108 flush();
1109 }
1110 $nattrs= array("gosaUnitTag" => array());
1111 $nattrs['objectClass']= array();
1112 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
1113 $oc= $attrs['objectClass'][$i];
1114 if ($oc != "gosaAdministrativeUnitTag"){
1115 $nattrs['objectClass'][]= $oc;
1116 }
1117 }
1118 $ldap->cd($dn);
1119 $ldap->modify($nattrs);
1120 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
1121 } else {
1122 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging");
1123 }
1124 }
1126 }
1129 /* Add possibility to stop remove process */
1130 function allow_remove()
1131 {
1132 $reason= "";
1133 return $reason;
1134 }
1137 /* Create a snapshot of the current object */
1138 function create_snapshot($type= "snapshot", $description= array())
1139 {
1141 /* Check if snapshot functionality is enabled */
1142 if(!$this->snapshotEnabled()){
1143 return;
1144 }
1146 /* Get configuration from gosa.conf */
1147 $tmp = $this->config->current;
1149 /* Create lokal ldap connection */
1150 $ldap= $this->config->get_ldap_link();
1151 $ldap->cd($this->config->current['BASE']);
1153 /* check if there are special server configurations for snapshots */
1154 if(!isset($tmp['SNAPSHOT_SERVER'])){
1156 /* Source and destination server are both the same, just copy source to dest obj */
1157 $ldap_to = $ldap;
1158 $snapldapbase = $this->config->current['BASE'];
1160 }else{
1161 $server = $tmp['SNAPSHOT_SERVER'];
1162 $user = $tmp['SNAPSHOT_USER'];
1163 $password = $tmp['SNAPSHOT_PASSWORD'];
1164 $snapldapbase = $tmp['SNAPSHOT_BASE'];
1166 $ldap_to = new LDAP($user,$password, $server);
1167 $ldap_to -> cd($snapldapbase);
1168 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1169 }
1171 /* check if the dn exists */
1172 if ($ldap->dn_exists($this->dn)){
1174 /* Extract seconds & mysecs, they are used as entry index */
1175 list($usec, $sec)= explode(" ", microtime());
1177 /* Collect some infos */
1178 $base = $this->config->current['BASE'];
1179 $snap_base = $tmp['SNAPSHOT_BASE'];
1180 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1181 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1183 /* Create object */
1184 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1185 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1186 $newName = preg_replace("/\./", "", $sec."-".$usec);
1187 $target= array();
1188 $target['objectClass'] = array("top", "gosaSnapshotObject");
1189 $target['gosaSnapshotData'] = gzcompress($data, 6);
1190 $target['gosaSnapshotType'] = $type;
1191 $target['gosaSnapshotDN'] = $this->dn;
1192 $target['description'] = $description;
1193 $target['gosaSnapshotTimestamp'] = $newName;
1195 /* Insert the new snapshot
1196 But we have to check first, if the given gosaSnapshotTimestamp
1197 is already used, in this case we should increment this value till there is
1198 an unused value. */
1199 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1200 $ldap_to->cat($new_dn);
1201 while($ldap_to->count()){
1202 $ldap_to->cat($new_dn);
1203 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1204 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1205 $target['gosaSnapshotTimestamp'] = $newName;
1206 }
1208 /* Inset this new snapshot */
1209 $ldap_to->cd($snapldapbase);
1210 $ldap_to->create_missing_trees($snapldapbase);
1211 $ldap_to->create_missing_trees($new_base);
1212 $ldap_to->cd($new_dn);
1213 $ldap_to->add($target);
1215 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1216 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1217 }
1218 }
1220 function remove_snapshot($dn)
1221 {
1222 $ui = get_userinfo();
1223 $old_dn = $this->dn;
1224 $this->dn = $dn;
1225 $ldap = $this->config->get_ldap_link();
1226 $ldap->cd($this->config->current['BASE']);
1227 $ldap->rmdir_recursive($dn);
1228 $this->dn = $old_dn;
1229 }
1232 /* returns true if snapshots are enabled, and false if it is disalbed
1233 There will also be some errors psoted, if the configuration failed */
1234 function snapshotEnabled()
1235 {
1236 $tmp = $this->config->current;
1237 if(isset($tmp['ENABLE_SNAPSHOT'])){
1238 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1240 /* Check if the snapshot_base is defined */
1241 if(!isset($tmp['SNAPSHOT_BASE'])){
1242 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),"SNAPSHOT_BASE"));
1243 return(FALSE);
1244 }
1246 /* check if there are special server configurations for snapshots */
1247 if(isset($tmp['SNAPSHOT_SERVER'])){
1249 /* check if all required vars are available to create a new ldap connection */
1250 $missing = "";
1251 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_BASE") as $var){
1252 if(!isset($tmp[$var])){
1253 $missing .= $var." ";
1254 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing));
1255 return(FALSE);
1256 }
1257 }
1258 }
1259 return(TRUE);
1260 }
1261 }
1262 return(FALSE);
1263 }
1266 /* Return available snapshots for the given base
1267 */
1268 function Available_SnapsShots($dn,$raw = false)
1269 {
1270 if(!$this->snapshotEnabled()) return(array());
1272 /* Create an additional ldap object which
1273 points to our ldap snapshot server */
1274 $ldap= $this->config->get_ldap_link();
1275 $ldap->cd($this->config->current['BASE']);
1276 $cfg= &$this->config->current;
1278 /* check if there are special server configurations for snapshots */
1280 if(isset($cfg['SERVER']) && isset($cfg['SNAPSHOT_SERVER']) && $cfg['SERVER'] == $cfg['SNAPSHOT_SERVER']){
1281 $ldap_to = $ldap;
1282 }elseif(isset($cfg['SNAPSHOT_SERVER'])){
1283 $server = $cfg['SNAPSHOT_SERVER'];
1284 $user = $cfg['SNAPSHOT_USER'];
1285 $password = $cfg['SNAPSHOT_PASSWORD'];
1286 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1288 $ldap_to = new LDAP($user,$password, $server);
1289 $ldap_to -> cd ($snapldapbase);
1290 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1291 }else{
1292 $ldap_to = $ldap;
1293 }
1295 /* Prepare bases and some other infos */
1296 $base = $this->config->current['BASE'];
1297 $snap_base = $cfg['SNAPSHOT_BASE'];
1298 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1299 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1300 $tmp = array();
1302 /* Fetch all objects with gosaSnapshotDN=$dn */
1303 $ldap_to->cd($new_base);
1304 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1305 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1307 /* Put results into a list and add description if missing */
1308 while($entry = $ldap_to->fetch()){
1309 if(!isset($entry['description'][0])){
1310 $entry['description'][0] = "";
1311 }
1312 $tmp[] = $entry;
1313 }
1315 /* Return the raw array, or format the result */
1316 if($raw){
1317 return($tmp);
1318 }else{
1319 $tmp2 = array();
1320 foreach($tmp as $entry){
1321 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1322 }
1323 }
1324 return($tmp2);
1325 }
1328 function getAllDeletedSnapshots($base_of_object,$raw = false)
1329 {
1330 if(!$this->snapshotEnabled()) return(array());
1332 /* Create an additional ldap object which
1333 points to our ldap snapshot server */
1334 $ldap= $this->config->get_ldap_link();
1335 $ldap->cd($this->config->current['BASE']);
1336 $cfg= &$this->config->current;
1338 /* check if there are special server configurations for snapshots */
1339 if(isset($cfg['SNAPSHOT_SERVER'])){
1340 $server = $cfg['SNAPSHOT_SERVER'];
1341 $user = $cfg['SNAPSHOT_USER'];
1342 $password = $cfg['SNAPSHOT_PASSWORD'];
1343 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1344 $ldap_to = new LDAP($user,$password, $server);
1345 $ldap_to->cd ($snapldapbase);
1346 show_ldap_error($ldap_to->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1347 }else{
1348 $ldap_to = $ldap;
1349 }
1351 /* Prepare bases */
1352 $base = $this->config->current['BASE'];
1353 $snap_base = $cfg['SNAPSHOT_BASE'];
1354 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1356 /* Fetch all objects and check if they do not exist anymore */
1357 $ui = get_userinfo();
1358 $tmp = array();
1359 $ldap_to->cd($new_base);
1360 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1361 while($entry = $ldap_to->fetch()){
1363 $chk = str_replace($new_base,"",$entry['dn']);
1364 if(preg_match("/,ou=/",$chk)) continue;
1366 if(!isset($entry['description'][0])){
1367 $entry['description'][0] = "";
1368 }
1369 $tmp[] = $entry;
1370 }
1372 /* Check if entry still exists */
1373 foreach($tmp as $key => $entry){
1374 $ldap->cat($entry['gosaSnapshotDN'][0]);
1375 if($ldap->count()){
1376 unset($tmp[$key]);
1377 }
1378 }
1380 /* Format result as requested */
1381 if($raw) {
1382 return($tmp);
1383 }else{
1384 $tmp2 = array();
1385 foreach($tmp as $key => $entry){
1386 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1387 }
1388 }
1389 return($tmp2);
1390 }
1393 /* Restore selected snapshot */
1394 function restore_snapshot($dn)
1395 {
1396 if(!$this->snapshotEnabled()) return(array());
1398 $ldap= $this->config->get_ldap_link();
1399 $ldap->cd($this->config->current['BASE']);
1400 $cfg= &$this->config->current;
1402 /* check if there are special server configurations for snapshots */
1403 if(isset($cfg['SNAPSHOT_SERVER'])){
1404 $server = $cfg['SNAPSHOT_SERVER'];
1405 $user = $cfg['SNAPSHOT_USER'];
1406 $password = $cfg['SNAPSHOT_PASSWORD'];
1407 $snapldapbase = $cfg['SNAPSHOT_BASE'];
1408 $ldap_to = new LDAP($user,$password, $server);
1409 $ldap_to->cd ($snapldapbase);
1410 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1411 }else{
1412 $ldap_to = $ldap;
1413 }
1415 /* Get the snapshot */
1416 $ldap_to->cat($dn);
1417 $restoreObject = $ldap_to->fetch();
1419 /* Prepare import string */
1420 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1422 /* Import the given data */
1423 $ldap->import_complete_ldif($data,$err,false,false);
1424 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1425 }
1428 function showSnapshotDialog($base,$baseSuffixe)
1429 {
1430 $once = true;
1431 foreach($_POST as $name => $value){
1433 /* Create a new snapshot, display a dialog */
1434 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1435 $once = false;
1436 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1437 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1438 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1439 }
1441 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1442 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1443 $once = false;
1444 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1445 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1446 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1447 $this->snapDialog->display_restore_dialog = true;
1448 }
1450 /* Restore one of the already deleted objects */
1451 if(((isset($_POST['menu_action']) && $_POST['menu_action'] == "RestoreDeletedSnapShot")
1452 || preg_match("/^RestoreDeletedSnapShot_/",$name)) && $once){
1453 $once = false;
1454 $this->snapDialog = new SnapShotDialog($this->config,"",$this);
1455 $this->snapDialog->set_snapshot_bases($baseSuffixe);
1456 $this->snapDialog->display_restore_dialog = true;
1457 $this->snapDialog->display_all_removed_objects = true;
1458 }
1460 /* Restore selected snapshot */
1461 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1462 $once = false;
1463 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1464 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1465 if(!empty($entry)){
1466 $this->restore_snapshot($entry);
1467 $this->snapDialog = NULL;
1468 }
1469 }
1470 }
1472 /* Create a new snapshot requested, check
1473 the given attributes and create the snapshot*/
1474 if(isset($_POST['CreateSnapshot']) && is_object($this->snapDialog)){
1475 $this->snapDialog->save_object();
1476 $msgs = $this->snapDialog->check();
1477 if(count($msgs)){
1478 foreach($msgs as $msg){
1479 print_red($msg);
1480 }
1481 }else{
1482 $this->dn = $this->snapDialog->dn;
1483 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1484 $this->snapDialog = NULL;
1485 }
1486 }
1488 /* Restore is requested, restore the object with the posted dn .*/
1489 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1490 }
1492 if(isset($_POST['CancelSnapshot'])){
1493 $this->snapDialog = NULL;
1494 }
1496 if(is_object($this->snapDialog )){
1497 $this->snapDialog->save_object();
1498 return($this->snapDialog->execute());
1499 }
1500 }
1503 static function plInfo()
1504 {
1505 return array();
1506 }
1509 function set_acl_base($base)
1510 {
1511 $this->acl_base= $base;
1512 }
1515 function set_acl_category($category)
1516 {
1517 $this->acl_category= "$category/";
1518 }
1521 function acl_is_writeable($attribute,$skip_write = FALSE)
1522 {
1523 $ui= get_userinfo();
1524 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1525 }
1528 function acl_is_readable($attribute)
1529 {
1530 $ui= get_userinfo();
1531 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1532 }
1535 function acl_is_createable()
1536 {
1537 $ui= get_userinfo();
1538 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1539 }
1542 function acl_is_removeable()
1543 {
1544 $ui= get_userinfo();
1545 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1546 }
1549 function acl_is_moveable()
1550 {
1551 $ui= get_userinfo();
1552 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1553 }
1556 function acl_have_any_permissions()
1557 {
1558 }
1561 function getacl($attribute,$skip_write= FALSE)
1562 {
1563 $ui= get_userinfo();
1564 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1565 }
1567 /* Get all allowed bases to move an object to or to create a new object.
1568 Idepartments also contains all base departments which lead to the allowed bases */
1569 function get_allowed_bases($category = "")
1570 {
1571 $ui = get_userinfo();
1572 $deps = array();
1574 /* Set category */
1575 if(empty($category)){
1576 $category = $this->acl_category.get_class($this);
1577 }
1579 /* Is this a new object ? Or just an edited existing object */
1580 if(!$this->initially_was_account && $this->is_account){
1581 $new = true;
1582 }else{
1583 $new = false;
1584 }
1586 $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
1587 foreach($this->config->idepartments as $dn => $name){
1589 if(!in_array_ics($dn,$cat_bases)){
1590 continue;
1591 }
1593 $acl = $ui->get_permissions($dn,$category);
1594 if($new && preg_match("/c/",$acl)){
1595 $deps[$dn] = $name;
1596 }elseif(!$new && preg_match("/m/",$acl)){
1597 $deps[$dn] = $name;
1598 }
1599 }
1601 /* Add current base */
1602 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1603 $deps[$this->base] = $this->config->idepartments[$this->base];
1604 }else{
1605 echo "No default base found. ".$this->base."<br> ";
1606 }
1608 return($deps);
1609 }
1611 /* This function modifies object acls too, if an object is moved.
1612 * $old_dn specifies the actually used dn
1613 * $new_dn specifies the destiantion dn
1614 */
1615 function update_acls($old_dn,$new_dn,$output_changes = FALSE)
1616 {
1617 /* Check if old_dn is empty. This should never happen */
1618 if(empty($old_dn) || empty($new_dn)){
1619 trigger_error("Failed to check acl dependencies, wrong dn given.");
1620 return;
1621 }
1623 /* Update userinfo if necessary */
1624 if($_SESSION['ui']->dn == $old_dn){
1625 $_SESSION['ui']->dn = $new_dn;
1626 new log("view","acl/".get_class($this),$this->dn,array(),"Updated current user dn from '".$old_dn."' to '".$new_dn."'");
1627 }
1629 /* Object was moved, ensure that all acls will be moved too */
1630 if($new_dn != $old_dn && $old_dn != "new"){
1632 /* get_ldap configuration */
1633 $update = array();
1634 $ldap = $this->config->get_ldap_link();
1635 $ldap->cd ($this->config->current['BASE']);
1636 $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry"));
1637 while($attrs = $ldap->fetch()){
1639 $acls = array();
1641 /* Walk through acls */
1642 for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){
1644 /* Reset vars */
1645 $found = false;
1647 /* Get Acl parts */
1648 $acl_parts = split(":",$attrs['gosaAclEntry'][$i]);
1650 /* Get every single member for this acl */
1651 $members = array();
1652 if(preg_match("/,/",$acl_parts[2])){
1653 $members = split(",",$acl_parts[2]);
1654 }else{
1655 $members = array($acl_parts[2]);
1656 }
1658 /* Check if member match current dn */
1659 foreach($members as $key => $member){
1660 $member = base64_decode($member);
1661 if($member == $old_dn){
1662 $found = true;
1663 $members[$key] = base64_encode($new_dn);
1664 }
1665 }
1667 /* Create new member string */
1668 $new_members = "";
1669 foreach($members as $member){
1670 $new_members .= $member.",";
1671 }
1672 $new_members = preg_replace("/,$/","",$new_members);
1673 $acl_parts[2] = $new_members;
1675 /* Reconstruckt acl entry */
1676 $acl_str ="";
1677 foreach($acl_parts as $t){
1678 $acl_str .= $t.":";
1679 }
1680 $acl_str = preg_replace("/:$/","",$acl_str);
1681 }
1683 /* Acls for this object must be adjusted */
1684 if($found){
1686 if($output_changes){
1687 echo "<font color='green'>".
1688 _("Changing ACL dn")." : <br> -"._("from")." <b> ".
1689 $old_dn.
1690 "</b><br> -"._("to")." <b>".
1691 $new_dn.
1692 "</b></font><br>";
1693 }
1694 $update[$attrs['dn']] =array();
1695 foreach($acls as $acl){
1696 $update[$attrs['dn']]['gosaAclEntry'][] = $acl;
1697 }
1698 }
1699 }
1701 /* Write updated acls */
1702 foreach($update as $dn => $attrs){
1703 $ldap->cd($dn);
1704 $ldap->modify($attrs);
1705 }
1706 }
1707 }
1710 function get_multi_edit_values()
1711 {
1712 $ret = array();
1713 foreach($this->selected_edit_values as $attr => $active){
1714 if($active){
1715 $ret[$attr] = $this->$attr;
1716 }
1717 }
1718 return($ret);
1719 }
1722 /* This function enables the entry Serial ID check.
1723 * If an entry was edited while we have edited the entry too,
1724 * an error message will be shown.
1725 * To configure this check correctly read the FAQ.
1726 */
1727 function enable_CSN_check()
1728 {
1729 $this->CSN_check_active =TRUE;
1730 $this->entryCSN = getEntryCSN($this->dn);
1731 }
1734 function set_multi_edit_value()
1735 {
1737 }
1739 }
1741 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1742 ?>