![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /*! \brief The plugin base class
22 \author Cajus Pollmeier <pollmeier@gonicus.de>
23 \version 2.00
24 \date 24.07.2003
26 This is the base class for all plugins. It can be used standalone or
27 can be included by the tabs class. All management should be done
28 within this class. Extend your plugins from this class.
29 */
31 class plugin
32 {
33 /*!
34 \brief Reference to parent object
36 This variable is used when the plugin is included in tabs
37 and keeps reference to the tab class. Communication to other
38 tabs is possible by 'name'. So the 'fax' plugin can ask the
39 'userinfo' plugin for the fax number.
41 \sa tab
42 */
43 var $parent= NULL;
45 /*!
46 \brief Configuration container
48 Access to global configuration
49 */
50 var $config= NULL;
52 /*!
53 \brief Mark plugin as account
55 Defines whether this plugin is defined as an account or not.
56 This has consequences for the plugin to be saved from tab
57 mode. If it is set to 'FALSE' the tab will call the delete
58 function, else the save function. Should be set to 'TRUE' if
59 the construtor detects a valid LDAP object.
61 \sa plugin::plugin()
62 */
63 var $is_account= FALSE;
64 var $initially_was_account= FALSE;
66 /*!
67 \brief Mark plugin as template
69 Defines whether we are creating a template or a normal object.
70 Has conseqences on the way execute() shows the formular and how
71 save() puts the data to LDAP.
73 \sa plugin::save() plugin::execute()
74 */
75 var $is_template= FALSE;
76 var $ignore_account= FALSE;
77 var $is_modified= FALSE;
79 /*!
80 \brief Represent temporary LDAP data
82 This is only used internally.
83 */
84 var $attrs= array();
86 /* Keep set of conflicting plugins */
87 var $conflicts= array();
89 /* Save unit tags */
90 var $gosaUnitTag= "";
92 /*!
93 \brief Used standard values
95 dn
96 */
97 var $dn= "";
98 var $uid= "";
99 var $sn= "";
100 var $givenName= "";
101 var $acl= "*none*";
102 var $dialog= FALSE;
103 var $snapDialog = NULL;
105 /* attribute list for save action */
106 var $attributes= array();
107 var $objectclasses= array();
108 var $is_new= TRUE;
109 var $saved_attributes= array();
111 var $acl_base= "";
112 var $acl_category= "";
114 /* Plugin identifier */
115 var $plHeadline= "";
116 var $plDescription= "";
118 /*! \brief plugin constructor
120 If 'dn' is set, the node loads the given 'dn' from LDAP
122 \param dn Distinguished name to initialize plugin from
123 \sa plugin()
124 */
125 function plugin ($config, $dn= NULL)
126 {
127 /* Configuration is fine, allways */
128 $this->config= $config;
129 $this->dn= $dn;
131 /* Handle new accounts, don't read information from LDAP */
132 if ($dn == "new"){
133 return;
134 }
136 /* Save current dn as acl_base */
137 $this->acl_base= $dn;
139 /* Get LDAP descriptor */
140 $ldap= $this->config->get_ldap_link();
141 if ($dn != NULL){
143 /* Load data to 'attrs' and save 'dn' */
144 $ldap->cat ($dn);
145 $this->attrs= $ldap->fetch();
147 /* Copy needed attributes */
148 foreach ($this->attributes as $val){
149 $found= array_key_ics($val, $this->attrs);
150 if ($found != ""){
151 $this->$val= $this->attrs["$found"][0];
152 }
153 }
155 /* gosaUnitTag loading... */
156 if (isset($this->attrs['gosaUnitTag'][0])){
157 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
158 }
160 /* Set the template flag according to the existence of objectClass
161 gosaUserTemplate */
162 if (isset($this->attrs['objectClass'])){
163 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
164 $this->is_template= TRUE;
165 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
166 "found", "Template check");
167 }
168 }
170 /* Is Account? */
171 error_reporting(0);
172 $found= TRUE;
173 foreach ($this->objectclasses as $obj){
174 if (preg_match('/top/i', $obj)){
175 continue;
176 }
177 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
178 $found= FALSE;
179 break;
180 }
181 }
182 error_reporting(E_ALL);
183 if ($found){
184 $this->is_account= TRUE;
185 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
186 "found", "Object check");
187 }
189 /* Prepare saved attributes */
190 $this->saved_attributes= $this->attrs;
191 foreach ($this->saved_attributes as $index => $value){
192 if (preg_match('/^[0-9]+$/', $index)){
193 unset($this->saved_attributes[$index]);
194 continue;
195 }
196 if (!in_array($index, $this->attributes) && $index != "objectClass"){
197 unset($this->saved_attributes[$index]);
198 continue;
199 }
200 if ($this->saved_attributes[$index]["count"] == 1){
201 $tmp= $this->saved_attributes[$index][0];
202 unset($this->saved_attributes[$index]);
203 $this->saved_attributes[$index]= $tmp;
204 continue;
205 }
207 unset($this->saved_attributes["$index"]["count"]);
208 }
209 }
211 /* Save initial account state */
212 $this->initially_was_account= $this->is_account;
213 }
215 /*! \brief execute plugin
217 Generates the html output for this node
218 */
219 function execute()
220 {
221 /* This one is empty currently. Fabian - please fill in the docu code */
222 $_SESSION['current_class_for_help'] = get_class($this);
223 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
224 $_SESSION['LOCK_VARS_TO_USE'] =array();
225 }
227 /*! \brief execute plugin
228 Removes object from parent
229 */
230 function remove_from_parent()
231 {
232 /* include global link_info */
233 $ldap= $this->config->get_ldap_link();
235 /* Get current objectClasses in order to add the required ones */
236 $ldap->cat($this->dn);
237 $tmp= $ldap->fetch ();
238 if (isset($tmp['objectClass'])){
239 $oc= $tmp['objectClass'];
240 } else {
241 $oc= array("count" => 0);
242 }
244 /* Remove objectClasses from entry */
245 $ldap->cd($this->dn);
246 $this->attrs= array();
247 $this->attrs['objectClass']= array();
248 for ($i= 0; $i<$oc["count"]; $i++){
249 if (!in_array_ics($oc[$i], $this->objectclasses)){
250 $this->attrs['objectClass'][]= $oc[$i];
251 }
252 }
254 /* Unset attributes from entry */
255 foreach ($this->attributes as $val){
256 $this->attrs["$val"]= array();
257 }
259 /* Unset account info */
260 $this->is_account= FALSE;
262 /* Do not write in plugin base class, this must be done by
263 children, since there are normally additional attribs,
264 lists, etc. */
265 /*
266 $ldap->modify($this->attrs);
267 */
268 }
271 /* Save data to object */
272 function save_object()
273 {
274 /* Save values to object */
275 foreach ($this->attributes as $val){
276 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
277 /* Check for modifications */
278 if (get_magic_quotes_gpc()) {
279 $data= stripcslashes($_POST["$val"]);
280 } else {
281 $data= $this->$val = $_POST["$val"];
282 }
283 if ($this->$val != $data){
284 $this->is_modified= TRUE;
285 }
287 /* Okay, how can I explain this fix ...
288 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
289 * So IE posts these 'unselectable' option, with value = chr(194)
290 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
291 * This was added for W3c compliance, but now causes these ... ldap errors ...
292 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
293 */
294 if(isset($data[0]) && $data[0] == chr(194)) {
295 $data = "";
296 }
297 $this->$val= $data;
298 //echo "<font color='blue'>".$val."</font><br>";
299 }else{
300 //echo "<font color='red'>".$val."</font><br>";
301 }
302 }
303 }
306 /* Save data to LDAP, depending on is_account we save or delete */
307 function save()
308 {
309 /* include global link_info */
310 $ldap= $this->config->get_ldap_link();
312 /* Start with empty array */
313 $this->attrs= array();
315 /* Get current objectClasses in order to add the required ones */
316 $ldap->cat($this->dn);
318 $tmp= $ldap->fetch ();
320 if (isset($tmp['objectClass'])){
321 $oc= $tmp["objectClass"];
322 $this->is_new= FALSE;
323 } else {
324 $oc= array("count" => 0);
325 $this->is_new= TRUE;
326 }
328 /* Load (minimum) attributes, add missing ones */
329 $this->attrs['objectClass']= $this->objectclasses;
330 for ($i= 0; $i<$oc["count"]; $i++){
331 if (!in_array_ics($oc[$i], $this->objectclasses)){
332 $this->attrs['objectClass'][]= $oc[$i];
333 }
334 }
336 /* Copy standard attributes */
337 foreach ($this->attributes as $val){
338 if ($this->$val != ""){
339 $this->attrs["$val"]= $this->$val;
340 } elseif (!$this->is_new) {
341 $this->attrs["$val"]= array();
342 }
343 }
345 }
348 function cleanup()
349 {
350 foreach ($this->attrs as $index => $value){
352 /* Convert arrays with one element to non arrays, if the saved
353 attributes are no array, too */
354 if (is_array($this->attrs[$index]) &&
355 count ($this->attrs[$index]) == 1 &&
356 isset($this->saved_attributes[$index]) &&
357 !is_array($this->saved_attributes[$index])){
359 $tmp= $this->attrs[$index][0];
360 $this->attrs[$index]= $tmp;
361 }
363 /* Remove emtpy arrays if they do not differ */
364 if (is_array($this->attrs[$index]) &&
365 count($this->attrs[$index]) == 0 &&
366 !isset($this->saved_attributes[$index])){
368 unset ($this->attrs[$index]);
369 continue;
370 }
372 /* Remove single attributes that do not differ */
373 if (!is_array($this->attrs[$index]) &&
374 isset($this->saved_attributes[$index]) &&
375 !is_array($this->saved_attributes[$index]) &&
376 $this->attrs[$index] == $this->saved_attributes[$index]){
378 unset ($this->attrs[$index]);
379 continue;
380 }
382 /* Remove arrays that do not differ */
383 if (is_array($this->attrs[$index]) &&
384 isset($this->saved_attributes[$index]) &&
385 is_array($this->saved_attributes[$index])){
387 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
388 unset ($this->attrs[$index]);
389 continue;
390 }
391 }
392 }
393 }
395 /* Check formular input */
396 function check()
397 {
398 $message= array();
400 /* Skip if we've no config object */
401 if (!isset($this->config)){
402 return $message;
403 }
405 /* Find hooks entries for this class */
406 $command= search_config($this->config->data['MENU'], get_class($this), "CHECK");
407 if ($command == "" && isset($this->config->data['TABS'])){
408 $command= search_config($this->config->data['TABS'], get_class($this), "CHECK");
409 }
411 if ($command != ""){
413 if (!check_command($command)){
414 $message[]= sprintf(_("Command '%s', specified as CHECK hook for plugin '%s' doesn't seem to exist."), $command,
415 get_class($this));
416 } else {
418 /* Generate "ldif" for check hook */
419 $ldif= "dn: $this->dn\n";
421 /* ... objectClasses */
422 foreach ($this->objectclasses as $oc){
423 $ldif.= "objectClass: $oc\n";
424 }
426 /* ... attributes */
427 foreach ($this->attributes as $attr){
428 if ($this->$attr == ""){
429 continue;
430 }
431 if (is_array($this->$attr)){
432 foreach ($this->$attr as $val){
433 $ldif.= "$attr: $val\n";
434 }
435 } else {
436 $ldif.= "$attr: ".$this->$attr."\n";
437 }
438 }
440 /* Append empty line */
441 $ldif.= "\n";
443 /* Feed "ldif" into hook and retrieve result*/
444 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
445 $fh= proc_open($command, $descriptorspec, $pipes);
446 if (is_resource($fh)) {
447 fwrite ($pipes[0], $ldif);
448 fclose($pipes[0]);
450 $result= stream_get_contents($pipes[1]);
451 if ($result != ""){
452 $message[]= $result;
453 }
455 fclose($pipes[1]);
456 fclose($pipes[2]);
457 proc_close($fh);
458 }
459 }
461 }
463 return ($message);
464 }
466 /* Adapt from template, using 'dn' */
467 function adapt_from_template($dn)
468 {
469 /* Include global link_info */
470 $ldap= $this->config->get_ldap_link();
472 /* Load requested 'dn' to 'attrs' */
473 $ldap->cat ($dn);
474 $this->attrs= $ldap->fetch();
476 /* Walk through attributes */
477 foreach ($this->attributes as $val){
479 if (isset($this->attrs["$val"][0])){
481 /* If attribute is set, replace dynamic parts:
482 %sn, %givenName and %uid. Fill these in our local variables. */
483 $value= $this->attrs["$val"][0];
485 foreach (array("sn", "givenName", "uid") as $repl){
486 if (preg_match("/%$repl/i", $value)){
487 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
488 }
489 }
490 $this->$val= $value;
491 }
492 }
494 /* Is Account? */
495 $found= TRUE;
496 foreach ($this->objectclasses as $obj){
497 if (preg_match('/top/i', $obj)){
498 continue;
499 }
500 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
501 $found= FALSE;
502 break;
503 }
504 }
505 if ($found){
506 $this->is_account= TRUE;
507 }
508 }
510 /* Indicate whether a password change is needed or not */
511 function password_change_needed()
512 {
513 return FALSE;
514 }
517 /* Show header message for tab dialogs */
518 function show_enable_header($button_text, $text, $disabled= FALSE)
519 {
520 if ($disabled == TRUE){
521 $state= "disabled";
522 } else {
523 $state= "";
524 }
525 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
526 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
527 ($this->acl_is_createable()?'':'disabled')." ".$state.
528 "><p class=\"seperator\"> </p></td></tr></table>";
530 return($display);
531 }
534 /* Show header message for tab dialogs */
535 function show_disable_header($button_text, $text, $disabled= FALSE)
536 {
537 if ($disabled == TRUE){
538 $state= "disabled";
539 } else {
540 $state= "";
541 }
542 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
543 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
544 ($this->acl_is_removeable()?'':'disabled')." ".$state.
545 "><p class=\"seperator\"> </p></td></tr></table>";
547 return($display);
548 }
551 /* Show header message for tab dialogs */
552 function show_header($button_text, $text, $disabled= FALSE)
553 {
554 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
555 if ($disabled == TRUE){
556 $state= "disabled";
557 } else {
558 $state= "";
559 }
560 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
561 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
562 ($this->acl_is_createable()?'':'disabled')." ".$state.
563 "><p class=\"seperator\"> </p></td></tr></table>";
565 return($display);
566 }
569 function postcreate($add_attrs= array())
570 {
571 /* Find postcreate entries for this class */
572 $command= search_config($this->config->data['MENU'], get_class($this), "POSTCREATE");
573 if ($command == "" && isset($this->config->data['TABS'])){
574 $command= search_config($this->config->data['TABS'], get_class($this), "POSTCREATE");
575 }
577 if ($command != ""){
578 /* Walk through attribute list */
579 foreach ($this->attributes as $attr){
580 if (!is_array($this->$attr)){
581 $command= preg_replace("/%$attr/", $this->$attr, $command);
582 }
583 }
584 $command= preg_replace("/%dn/", $this->dn, $command);
586 /* Additional attributes */
587 foreach ($add_attrs as $name => $value){
588 $command= preg_replace("/%$name/", $value, $command);
589 }
591 if (check_command($command)){
592 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
593 $command, "Execute");
595 exec($command);
596 } else {
597 $message= sprintf(_("Command '%s', specified as POSTCREATE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
598 print_red ($message);
599 }
600 }
601 }
603 function postmodify($add_attrs= array())
604 {
605 /* Find postcreate entries for this class */
606 $command= search_config($this->config->data['MENU'], get_class($this), "POSTMODIFY");
607 if ($command == "" && isset($this->config->data['TABS'])){
608 $command= search_config($this->config->data['TABS'], get_class($this), "POSTMODIFY");
609 }
611 if ($command != ""){
612 /* Walk through attribute list */
613 foreach ($this->attributes as $attr){
614 if (!is_array($this->$attr)){
615 $command= preg_replace("/%$attr/", $this->$attr, $command);
616 }
617 }
618 $command= preg_replace("/%dn/", $this->dn, $command);
620 /* Additional attributes */
621 foreach ($add_attrs as $name => $value){
622 $command= preg_replace("/%$name/", $value, $command);
623 }
625 if (check_command($command)){
626 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
627 $command, "Execute");
629 exec($command);
630 } else {
631 $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, get_class($this));
632 print_red ($message);
633 }
634 }
635 }
637 function postremove($add_attrs= array())
638 {
639 /* Find postremove entries for this class */
640 $command= search_config($this->config->data['MENU'], get_class($this), "POSTREMOVE");
641 if ($command == "" && isset($this->config->data['TABS'])){
642 $command= search_config($this->config->data['TABS'], get_class($this), "POSTREMOVE");
643 }
645 if ($command != ""){
646 /* Walk through attribute list */
647 foreach ($this->attributes as $attr){
648 if (!is_array($this->$attr)){
649 $command= preg_replace("/%$attr/", $this->$attr, $command);
650 }
651 }
652 $command= preg_replace("/%dn/", $this->dn, $command);
654 /* Additional attributes */
655 foreach ($add_attrs as $name => $value){
656 $command= preg_replace("/%$name/", $value, $command);
657 }
659 if (check_command($command)){
660 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
661 $command, "Execute");
663 exec($command);
664 } else {
665 $message= sprintf(_("Command '%s', specified as POSTREMOVE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
666 print_red ($message);
667 }
668 }
669 }
671 /* Create unique DN */
672 function create_unique_dn($attribute, $base)
673 {
674 $ldap= $this->config->get_ldap_link();
675 $base= preg_replace("/^,*/", "", $base);
677 /* Try to use plain entry first */
678 $dn= "$attribute=".$this->$attribute.",$base";
679 $ldap->cat ($dn, array('dn'));
680 if (!$ldap->fetch()){
681 return ($dn);
682 }
684 /* Look for additional attributes */
685 foreach ($this->attributes as $attr){
686 if ($attr == $attribute || $this->$attr == ""){
687 continue;
688 }
690 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
691 $ldap->cat ($dn, array('dn'));
692 if (!$ldap->fetch()){
693 return ($dn);
694 }
695 }
697 /* None found */
698 return ("none");
699 }
701 function rebind($ldap, $referral)
702 {
703 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
704 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
705 $this->error = "Success";
706 $this->hascon=true;
707 $this->reconnect= true;
708 return (0);
709 } else {
710 $this->error = "Could not bind to " . $credentials['ADMIN'];
711 return NULL;
712 }
713 }
715 /* This is a workaround function. */
716 function copy($src_dn, $dst_dn)
717 {
718 /* Rename dn in possible object groups */
719 $ldap= $this->config->get_ldap_link();
720 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($src_dn).'))',
721 array('cn'));
722 while ($attrs= $ldap->fetch()){
723 $og= new ogroup($this->config, $ldap->getDN());
724 unset($og->member[$src_dn]);
725 $og->member[$dst_dn]= $dst_dn;
726 $og->save ();
727 }
729 $ldap->cat($dst_dn);
730 $attrs= $ldap->fetch();
731 if (count($attrs)){
732 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
733 E_USER_WARNING);
734 return (FALSE);
735 }
737 $ldap->cat($src_dn);
738 $attrs= $ldap->fetch();
739 if (!count($attrs)){
740 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
741 E_USER_WARNING);
742 return (FALSE);
743 }
745 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
746 $ds= ldap_connect($this->config->current['SERVER']);
747 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
748 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
749 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
750 }
752 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
753 error_reporting (0);
754 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
756 /* Fill data from LDAP */
757 $new= array();
758 if ($sr) {
759 $ei=ldap_first_entry($ds, $sr);
760 if ($ei) {
761 foreach($attrs as $attr => $val){
762 if ($info = ldap_get_values_len($ds, $ei, $attr)){
763 for ($i= 0; $i<$info['count']; $i++){
764 if ($info['count'] == 1){
765 $new[$attr]= $info[$i];
766 } else {
767 $new[$attr][]= $info[$i];
768 }
769 }
770 }
771 }
772 }
773 }
775 /* close conncetion */
776 error_reporting (E_ALL);
777 ldap_unbind($ds);
779 /* Adapt naming attribute */
780 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
781 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
782 $new[$dst_name]= @LDAP::fix($dst_val);
784 /* Check if this is a department.
785 * If it is a dep. && there is a , override in his ou
786 * change \2C to , again, else this entry can't be saved ...
787 */
788 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
789 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
790 }
792 /* Save copy */
793 $ldap->connect();
794 $ldap->cd($this->config->current['BASE']);
796 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
798 /* FAIvariable=.../..., cn=..
799 could not be saved, because the attribute FAIvariable was different to
800 the dn FAIvariable=..., cn=... */
801 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
802 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
803 }
804 $ldap->cd($dst_dn);
805 $ldap->add($new);
807 if ($ldap->error != "Success"){
808 trigger_error("Trying to save $dst_dn failed.",
809 E_USER_WARNING);
810 return(FALSE);
811 }
813 return (TRUE);
814 }
817 function move($src_dn, $dst_dn)
818 {
819 /* Copy source to destination */
820 if (!$this->copy($src_dn, $dst_dn)){
821 return (FALSE);
822 }
824 /* Delete source */
825 $ldap= $this->config->get_ldap_link();
826 $ldap->rmdir($src_dn);
827 if ($ldap->error != "Success"){
828 trigger_error("Trying to delete $src_dn failed.",
829 E_USER_WARNING);
830 return (FALSE);
831 }
833 return (TRUE);
834 }
837 /* Move/Rename complete trees */
838 function recursive_move($src_dn, $dst_dn)
839 {
840 /* Check if the destination entry exists */
841 $ldap= $this->config->get_ldap_link();
843 /* Check if destination exists - abort */
844 $ldap->cat($dst_dn, array('dn'));
845 if ($ldap->fetch()){
846 trigger_error("recursive_move $dst_dn already exists.",
847 E_USER_WARNING);
848 return (FALSE);
849 }
851 /* Perform a search for all objects to be moved */
852 $objects= array();
853 $ldap->cd($src_dn);
854 $ldap->search("(objectClass=*)", array("dn"));
855 while($attrs= $ldap->fetch()){
856 $dn= $attrs['dn'];
857 $objects[$dn]= strlen($dn);
858 }
860 /* Sort objects by indent level */
861 asort($objects);
862 reset($objects);
864 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
865 foreach ($objects as $object => $len){
866 $src= $object;
867 $dst= preg_replace("/$src_dn$/", "$dst_dn", $object);
868 if (!$this->copy($src, $dst)){
869 return (FALSE);
870 }
871 }
873 /* Remove src_dn */
874 $ldap->cd($src_dn);
875 $ldap->recursive_remove();
876 return (TRUE);
877 }
880 function handle_post_events($mode, $add_attrs= array())
881 {
882 switch ($mode){
883 case "add":
884 $this->postcreate($add_attrs);
885 break;
887 case "modify":
888 $this->postmodify($add_attrs);
889 break;
891 case "remove":
892 $this->postremove($add_attrs);
893 break;
894 }
895 }
898 function saveCopyDialog(){
899 }
902 function getCopyDialog(){
903 return(array("string"=>"","status"=>""));
904 }
907 function PrepareForCopyPaste($source){
908 $todo = $this->attributes;
909 if(isset($this->CopyPasteVars)){
910 $todo = array_merge($todo,$this->CopyPasteVars);
911 }
912 $todo[] = "is_account";
913 foreach($todo as $var){
914 $this->$var = $source->$var;
915 }
916 }
919 function handle_object_tagging($dn= "", $tag= "", $show= false)
920 {
921 //FIXME: How to optimize this? We have at least two
922 // LDAP accesses per object. It would be a good
923 // idea to have it integrated.
925 /* No dn? Self-operation... */
926 if ($dn == ""){
927 $dn= $this->dn;
929 /* No tag? Find it yourself... */
930 if ($tag == ""){
931 $len= strlen($dn);
933 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
934 $relevant= array();
935 foreach ($this->config->adepartments as $key => $ntag){
937 /* This one is bigger than our dn, its not relevant... */
938 if ($len <= strlen($key)){
939 continue;
940 }
942 /* This one matches with the latter part. Break and don't fix this entry */
943 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
944 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
945 $relevant[strlen($key)]= $ntag;
946 continue;
947 }
949 }
951 /* If we've some relevant tags to set, just get the longest one */
952 if (count($relevant)){
953 ksort($relevant);
954 $tmp= array_keys($relevant);
955 $idx= end($tmp);
956 $tag= $relevant[$idx];
957 $this->gosaUnitTag= $tag;
958 }
959 }
960 }
963 /* Set tag? */
964 if ($tag != ""){
965 /* Set objectclass and attribute */
966 $ldap= $this->config->get_ldap_link();
967 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
968 $attrs= $ldap->fetch();
969 if(isset($attrs['gosaUnitTag'][0]) && $attrs['gosaUnitTag'][0] == $tag){
970 if ($show) {
971 echo sprintf(_("Object '%s' is already tagged"), @LDAP::fix($dn))."<br>";
972 flush();
973 }
974 return;
975 }
976 if (count($attrs)){
977 if ($show){
978 echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."<br>";
979 flush();
980 }
981 $nattrs= array("gosaUnitTag" => $tag);
982 $nattrs['objectClass']= array();
983 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
984 $oc= $attrs['objectClass'][$i];
985 if ($oc != "gosaAdministrativeUnitTag"){
986 $nattrs['objectClass'][]= $oc;
987 }
988 }
989 $nattrs['objectClass'][]= "gosaAdministrativeUnitTag";
990 $ldap->cd($dn);
991 $ldap->modify($nattrs);
992 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
993 } else {
994 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging");
995 }
997 } else {
998 /* Remove objectclass and attribute */
999 $ldap= $this->config->get_ldap_link();
1000 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
1001 $attrs= $ldap->fetch();
1002 if (isset($attrs['objectClass']) && !in_array_ics("gosaAdministrativeUnitTag", $attrs['objectClass'])){
1003 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "$dn is not tagged", "Tagging");
1004 return;
1005 }
1006 if (count($attrs)){
1007 if ($show){
1008 echo sprintf(_("Removing tag from object '%s'"), @LDAP::fix($dn))."<br>";
1009 flush();
1010 }
1011 $nattrs= array("gosaUnitTag" => array());
1012 $nattrs['objectClass']= array();
1013 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
1014 $oc= $attrs['objectClass'][$i];
1015 if ($oc != "gosaAdministrativeUnitTag"){
1016 $nattrs['objectClass'][]= $oc;
1017 }
1018 }
1019 $ldap->cd($dn);
1020 $ldap->modify($nattrs);
1021 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
1022 } else {
1023 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging");
1024 }
1025 }
1027 }
1030 /* Add possibility to stop remove process */
1031 function allow_remove()
1032 {
1033 $reason= "";
1034 return $reason;
1035 }
1038 /* Create a snapshot of the current object */
1039 function create_snapshot($type= "snapshot", $description= array())
1040 {
1042 /* Check if snapshot functionality is enabled */
1043 if(!$this->snapshotEnabled()){
1044 return;
1045 }
1047 /* Get configuration from gosa.conf */
1048 $tmp = $this->config->current;
1050 /* Create lokal ldap connection */
1051 $ldap= $this->config->get_ldap_link();
1052 $ldap->cd($this->config->current['BASE']);
1054 /* check if there are special server configurations for snapshots */
1055 if(!isset($tmp['SNAPSHOT_SERVER'])){
1057 /* Source and destination server are both the same, just copy source to dest obj */
1058 $ldap_to = $ldap;
1059 $snapldapbase = $this->config->current['BASE'];
1061 }else{
1062 $server = $tmp['SNAPSHOT_SERVER'];
1063 $user = $tmp['SNAPSHOT_USER'];
1064 $password = $tmp['SNAPSHOT_PASSWORD'];
1065 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1067 $ldap_to = new LDAP($user,$password, $server);
1068 $ldap_to -> cd($snapldapbase);
1069 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1070 }
1072 /* check if the dn exists */
1073 if ($ldap->dn_exists($this->dn)){
1075 /* Extract seconds & mysecs, they are used as entry index */
1076 list($usec, $sec)= explode(" ", microtime());
1078 /* Collect some infos */
1079 $base = $this->config->current['BASE'];
1080 $snap_base = $tmp['SNAPSHOT_BASE'];
1081 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1082 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1084 /* Create object */
1085 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1086 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1087 $newName = preg_replace("/\./", "", $sec."-".$usec);
1088 $target= array();
1089 $target['objectClass'] = array("top", "gosaSnapshotObject");
1090 $target['gosaSnapshotData'] = gzcompress($data, 6);
1091 $target['gosaSnapshotType'] = $type;
1092 $target['gosaSnapshotDN'] = $this->dn;
1093 $target['description'] = $description;
1094 $target['gosaSnapshotTimestamp'] = $newName;
1096 /* Insert the new snapshot
1097 But we have to check first, if the given gosaSnapshotTimestamp
1098 is already used, in this case we should increment this value till there is
1099 an unused value. */
1100 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1101 $ldap_to->cat($new_dn);
1102 while($ldap_to->count()){
1103 $ldap_to->cat($new_dn);
1104 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1105 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1106 $target['gosaSnapshotTimestamp'] = $newName;
1107 }
1109 /* Inset this new snapshot */
1110 $ldap_to->cd($snapldapbase);
1111 $ldap_to->create_missing_trees($new_base);
1112 $ldap_to->cd($new_dn);
1113 $ldap_to->add($target);
1115 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1116 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1117 }
1118 }
1120 function remove_snapshot($dn)
1121 {
1122 echo "FIXME: remove_snapshot uses old acl's<br>";
1123 $ui = get_userinfo();
1124 $acl = get_permissions ($dn, $ui->subtreeACL);
1125 $acl = get_module_permission($acl, "snapshot", $dn);
1127 if (chkacl($this->acl, "delete") == ""){
1128 $ldap = $this->config->get_ldap_link();
1129 $ldap->cd($this->config->current['BASE']);
1130 $ldap->rmdir_recursive($dn);
1131 }else{
1132 print_red (_("You are not allowed to delete this snapshot!"));
1133 }
1134 }
1137 /* returns true if snapshots are enabled, and false if it is disalbed
1138 There will also be some errors psoted, if the configuration failed */
1139 function snapshotEnabled()
1140 {
1141 $tmp = $this->config->current;
1142 if(isset($tmp['ENABLE_SNAPSHOT'])){
1143 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1145 /* Check if the snapshot_base is defined */
1146 if(!isset($tmp['SNAPSHOT_BASE'])){
1147 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),$missing));
1148 return(FALSE);
1149 }
1151 /* check if there are special server configurations for snapshots */
1152 if(isset($tmp['SNAPSHOT_SERVER'])){
1154 /* check if all required vars are available to create a new ldap connection */
1155 $missing = "";
1156 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){
1157 if(!isset($tmp[$var])){
1158 $missing .= $var." ";
1159 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing));
1160 return(FALSE);
1161 }
1162 }
1163 }
1164 return(TRUE);
1165 }
1166 }
1167 return(FALSE);
1168 }
1171 /* Return available snapshots for the given base
1172 */
1173 function Available_SnapsShots($dn,$raw = false)
1174 {
1175 if(!$this->snapshotEnabled()) return(array());
1177 /* Create an additional ldap object which
1178 points to our ldap snapshot server */
1179 $ldap= $this->config->get_ldap_link();
1180 $ldap->cd($this->config->current['BASE']);
1181 $tmp = $this->config->current;
1183 /* check if there are special server configurations for snapshots */
1184 if(isset($tmp['SNAPSHOT_SERVER'])){
1185 $server = $tmp['SNAPSHOT_SERVER'];
1186 $user = $tmp['SNAPSHOT_USER'];
1187 $password = $tmp['SNAPSHOT_PASSWORD'];
1188 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1189 $ldap_to = new LDAP($user,$password, $server);
1190 $ldap_to -> cd ($snapldapbase);
1191 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1192 }else{
1193 $ldap_to = $ldap;
1194 }
1196 /* Prepare bases and some other infos */
1197 $base = $this->config->current['BASE'];
1198 $snap_base = $tmp['SNAPSHOT_BASE'];
1199 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1200 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1201 $tmp = array();
1203 /* Fetch all objects with gosaSnapshotDN=$dn */
1204 $ldap_to->cd($new_base);
1205 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1206 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1208 /* Put results into a list and add description if missing */
1209 while($entry = $ldap_to->fetch()){
1210 if(!isset($entry['description'][0])){
1211 $entry['description'][0] = "";
1212 }
1213 $tmp[] = $entry;
1214 }
1216 /* Return the raw array, or format the result */
1217 if($raw){
1218 return($tmp);
1219 }else{
1220 $tmp2 = array();
1221 foreach($tmp as $entry){
1222 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1223 }
1224 }
1225 return($tmp2);
1226 }
1229 function getAllDeletedSnapshots($base_of_object,$raw = false)
1230 {
1231 if(!$this->snapshotEnabled()) return(array());
1233 /* Create an additional ldap object which
1234 points to our ldap snapshot server */
1235 $ldap= $this->config->get_ldap_link();
1236 $ldap->cd($this->config->current['BASE']);
1237 $tmp = $this->config->current;
1239 /* check if there are special server configurations for snapshots */
1240 if(isset($tmp['SNAPSHOT_SERVER'])){
1241 $server = $tmp['SNAPSHOT_SERVER'];
1242 $user = $tmp['SNAPSHOT_USER'];
1243 $password = $tmp['SNAPSHOT_PASSWORD'];
1244 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1245 $ldap_to = new LDAP($user,$password, $server);
1246 $ldap_to->cd ($snapldapbase);
1247 show_ldap_error($ldap->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1248 }else{
1249 $ldap_to = $ldap;
1250 }
1252 /* Prepare bases */
1253 $base = $this->config->current['BASE'];
1254 $snap_base = $tmp['SNAPSHOT_BASE'];
1255 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1257 /* Fetch all objects and check if they do not exist anymore */
1258 $ui = get_userinfo();
1259 $tmp = array();
1260 $ldap_to->cd($new_base);
1261 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1262 while($entry = $ldap_to->fetch()){
1264 $chk = str_replace($new_base,"",$entry['dn']);
1265 if(preg_match("/,ou=/",$chk)) continue;
1267 if(!isset($entry['description'][0])){
1268 $entry['description'][0] = "";
1269 }
1270 $tmp[] = $entry;
1271 }
1273 /* Check if entry still exists */
1274 foreach($tmp as $key => $entry){
1275 $ldap->cat($entry['gosaSnapshotDN'][0]);
1276 if($ldap->count()){
1277 unset($tmp[$key]);
1278 }
1279 }
1281 /* Format result as requested */
1282 if($raw) {
1283 return($tmp);
1284 }else{
1285 $tmp2 = array();
1286 foreach($tmp as $key => $entry){
1287 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1288 }
1289 }
1290 return($tmp2);
1291 }
1294 /* Restore selected snapshot */
1295 function restore_snapshot($dn)
1296 {
1297 if(!$this->snapshotEnabled()) return(array());
1299 $ldap= $this->config->get_ldap_link();
1300 $ldap->cd($this->config->current['BASE']);
1301 $tmp = $this->config->current;
1303 /* check if there are special server configurations for snapshots */
1304 if(isset($tmp['SNAPSHOT_SERVER'])){
1305 $server = $tmp['SNAPSHOT_SERVER'];
1306 $user = $tmp['SNAPSHOT_USER'];
1307 $password = $tmp['SNAPSHOT_PASSWORD'];
1308 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1309 $ldap_to = new LDAP($user,$password, $server);
1310 $ldap_to->cd ($snapldapbase);
1311 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1312 }else{
1313 $ldap_to = $ldap;
1314 }
1316 /* Get the snapshot */
1317 $ldap_to->cat($dn);
1318 $restoreObject = $ldap_to->fetch();
1320 /* Prepare import string */
1321 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1323 /* Import the given data */
1324 $ldap->import_complete_ldif($data,$err,false,false);
1325 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1326 }
1329 function showSnapshotDialog($base,$baseSuffixe)
1330 {
1331 $once = true;
1332 foreach($_POST as $name => $value){
1334 /* Create a new snapshot, display a dialog */
1335 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1336 $once = false;
1337 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1338 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1339 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1340 }
1342 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1343 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1344 $once = false;
1345 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1346 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1347 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1348 $this->snapDialog->display_restore_dialog = true;
1349 }
1351 /* Restore one of the already deleted objects */
1352 if(preg_match("/^RestoreDeletedSnapShot_/",$name) && $once){
1353 $once = false;
1354 $this->snapDialog = new SnapShotDialog($this->config,$baseSuffixe,$this);
1355 $this->snapDialog->display_restore_dialog = true;
1356 $this->snapDialog->display_all_removed_objects = true;
1357 }
1359 /* Restore selected snapshot */
1360 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1361 $once = false;
1362 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1363 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1364 if(!empty($entry)){
1365 $this->restore_snapshot($entry);
1366 $this->snapDialog = NULL;
1367 }
1368 }
1369 }
1371 /* Create a new snapshot requested, check
1372 the given attributes and create the snapshot*/
1373 if(isset($_POST['CreateSnapshot'])){
1374 $this->snapDialog->save_object();
1375 $msgs = $this->snapDialog->check();
1376 if(count($msgs)){
1377 foreach($msgs as $msg){
1378 print_red($msg);
1379 }
1380 }else{
1381 $this->dn = $this->snapDialog->dn;
1382 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1383 $this->snapDialog = NULL;
1384 }
1385 }
1387 /* Restore is requested, restore the object with the posted dn .*/
1388 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1389 }
1391 if(isset($_POST['CancelSnapshot'])){
1392 $this->snapDialog = NULL;
1393 }
1395 if($this->snapDialog){
1396 $this->snapDialog->save_object();
1397 return($this->snapDialog->execute());
1398 }
1399 }
1402 function plInfo()
1403 {
1404 return array();
1405 }
1408 function set_acl_base($base)
1409 {
1410 $this->acl_base= $base;
1411 }
1414 function set_acl_category($category)
1415 {
1416 $this->acl_category= "$category/";
1417 }
1420 function acl_is_writeable($attribute,$skip_write = FALSE)
1421 {
1422 $ui= get_userinfo();
1423 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1424 }
1427 function acl_is_readable($attribute)
1428 {
1429 $ui= get_userinfo();
1430 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1431 }
1434 function acl_is_createable()
1435 {
1436 $ui= get_userinfo();
1437 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1438 }
1441 function acl_is_removeable()
1442 {
1443 $ui= get_userinfo();
1444 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1445 }
1448 function acl_is_moveable()
1449 {
1450 $ui= get_userinfo();
1451 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1452 }
1455 function acl_have_any_permissions()
1456 {
1457 }
1460 function getacl($attribute,$skip_write= FALSE)
1461 {
1462 $ui= get_userinfo();
1463 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1464 }
1467 }
1468 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1469 ?>