![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /*! \brief The plugin base class
22 \author Cajus Pollmeier <pollmeier@gonicus.de>
23 \version 2.00
24 \date 24.07.2003
26 This is the base class for all plugins. It can be used standalone or
27 can be included by the tabs class. All management should be done
28 within this class. Extend your plugins from this class.
29 */
31 class plugin
32 {
33 /*!
34 \brief Reference to parent object
36 This variable is used when the plugin is included in tabs
37 and keeps reference to the tab class. Communication to other
38 tabs is possible by 'name'. So the 'fax' plugin can ask the
39 'userinfo' plugin for the fax number.
41 \sa tab
42 */
43 var $parent= NULL;
45 /*!
46 \brief Configuration container
48 Access to global configuration
49 */
50 var $config= NULL;
52 /*!
53 \brief Mark plugin as account
55 Defines whether this plugin is defined as an account or not.
56 This has consequences for the plugin to be saved from tab
57 mode. If it is set to 'FALSE' the tab will call the delete
58 function, else the save function. Should be set to 'TRUE' if
59 the construtor detects a valid LDAP object.
61 \sa plugin::plugin()
62 */
63 var $is_account= FALSE;
64 var $initially_was_account= FALSE;
66 /*!
67 \brief Mark plugin as template
69 Defines whether we are creating a template or a normal object.
70 Has conseqences on the way execute() shows the formular and how
71 save() puts the data to LDAP.
73 \sa plugin::save() plugin::execute()
74 */
75 var $is_template= FALSE;
76 var $ignore_account= FALSE;
77 var $is_modified= FALSE;
79 /*!
80 \brief Represent temporary LDAP data
82 This is only used internally.
83 */
84 var $attrs= array();
86 /* Keep set of conflicting plugins */
87 var $conflicts= array();
89 /* Save unit tags */
90 var $gosaUnitTag= "";
92 /*!
93 \brief Used standard values
95 dn
96 */
97 var $dn= "";
98 var $uid= "";
99 var $sn= "";
100 var $givenName= "";
101 var $acl= "*none*";
102 var $dialog= FALSE;
103 var $snapDialog = NULL;
105 /* attribute list for save action */
106 var $attributes= array();
107 var $objectclasses= array();
108 var $is_new= TRUE;
109 var $saved_attributes= array();
111 var $acl_base= "";
112 var $acl_category= "";
114 /* Plugin identifier */
115 var $plHeadline= "";
116 var $plDescription= "";
118 /*! \brief plugin constructor
120 If 'dn' is set, the node loads the given 'dn' from LDAP
122 \param dn Distinguished name to initialize plugin from
123 \sa plugin()
124 */
125 function plugin ($config, $dn= NULL, $parent= NULL)
126 {
127 /* Configuration is fine, allways */
128 $this->config= $config;
129 $this->dn= $dn;
131 /* Handle new accounts, don't read information from LDAP */
132 if ($dn == "new"){
133 return;
134 }
136 /* Save current dn as acl_base */
137 $this->acl_base= $dn;
139 /* Get LDAP descriptor */
140 $ldap= $this->config->get_ldap_link();
141 if ($dn != NULL){
143 /* Load data to 'attrs' and save 'dn' */
144 if ($parent != NULL){
145 $this->attrs= $parent->attrs;
146 } else {
147 $ldap->cat ($dn);
148 $this->attrs= $ldap->fetch();
149 }
151 /* Copy needed attributes */
152 foreach ($this->attributes as $val){
153 $found= array_key_ics($val, $this->attrs);
154 if ($found != ""){
155 $this->$val= $this->attrs["$found"][0];
156 }
157 }
159 /* gosaUnitTag loading... */
160 if (isset($this->attrs['gosaUnitTag'][0])){
161 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
162 }
164 /* Set the template flag according to the existence of objectClass
165 gosaUserTemplate */
166 if (isset($this->attrs['objectClass'])){
167 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
168 $this->is_template= TRUE;
169 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
170 "found", "Template check");
171 }
172 }
174 /* Is Account? */
175 error_reporting(0);
176 $found= TRUE;
177 foreach ($this->objectclasses as $obj){
178 if (preg_match('/top/i', $obj)){
179 continue;
180 }
181 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
182 $found= FALSE;
183 break;
184 }
185 }
186 error_reporting(E_ALL);
187 if ($found){
188 $this->is_account= TRUE;
189 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
190 "found", "Object check");
191 }
193 /* Prepare saved attributes */
194 $this->saved_attributes= $this->attrs;
195 foreach ($this->saved_attributes as $index => $value){
196 if (preg_match('/^[0-9]+$/', $index)){
197 unset($this->saved_attributes[$index]);
198 continue;
199 }
200 if (!in_array($index, $this->attributes) && $index != "objectClass"){
201 unset($this->saved_attributes[$index]);
202 continue;
203 }
204 if ($this->saved_attributes[$index]["count"] == 1){
205 $tmp= $this->saved_attributes[$index][0];
206 unset($this->saved_attributes[$index]);
207 $this->saved_attributes[$index]= $tmp;
208 continue;
209 }
211 unset($this->saved_attributes["$index"]["count"]);
212 }
213 }
215 /* Save initial account state */
216 $this->initially_was_account= $this->is_account;
217 }
219 /*! \brief execute plugin
221 Generates the html output for this node
222 */
223 function execute()
224 {
225 $_SESSION['errors'] .= "<div><b>".get_class($this)."</b> - ";
226 $_SESSION['errors'] .= "<font face='courier' color='red' >ACL BASE: ".$this->acl_base."</font>";
227 $_SESSION['errors'] .= "<font face='courier' color='blue'>ACL CAT: ".$this->acl_category."</font></div>";
229 /* This one is empty currently. Fabian - please fill in the docu code */
230 $_SESSION['current_class_for_help'] = get_class($this);
231 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
232 $_SESSION['LOCK_VARS_TO_USE'] =array();
233 }
235 /*! \brief execute plugin
236 Removes object from parent
237 */
238 function remove_from_parent()
239 {
240 /* include global link_info */
241 $ldap= $this->config->get_ldap_link();
243 /* Get current objectClasses in order to add the required ones */
244 $ldap->cat($this->dn);
245 $tmp= $ldap->fetch ();
246 if (isset($tmp['objectClass'])){
247 $oc= $tmp['objectClass'];
248 } else {
249 $oc= array("count" => 0);
250 }
252 /* Remove objectClasses from entry */
253 $ldap->cd($this->dn);
254 $this->attrs= array();
255 $this->attrs['objectClass']= array();
256 for ($i= 0; $i<$oc["count"]; $i++){
257 if (!in_array_ics($oc[$i], $this->objectclasses)){
258 $this->attrs['objectClass'][]= $oc[$i];
259 }
260 }
262 /* Unset attributes from entry */
263 foreach ($this->attributes as $val){
264 $this->attrs["$val"]= array();
265 }
267 /* Unset account info */
268 $this->is_account= FALSE;
270 /* Do not write in plugin base class, this must be done by
271 children, since there are normally additional attribs,
272 lists, etc. */
273 /*
274 $ldap->modify($this->attrs);
275 */
276 }
279 /* Save data to object */
280 function save_object()
281 {
282 /* Save values to object */
283 foreach ($this->attributes as $val){
284 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
285 /* Check for modifications */
286 if (get_magic_quotes_gpc()) {
287 $data= stripcslashes($_POST["$val"]);
288 } else {
289 $data= $this->$val = $_POST["$val"];
290 }
291 if ($this->$val != $data){
292 $this->is_modified= TRUE;
293 }
295 /* Okay, how can I explain this fix ...
296 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
297 * So IE posts these 'unselectable' option, with value = chr(194)
298 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
299 * This was added for W3c compliance, but now causes these ... ldap errors ...
300 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
301 */
302 if(isset($data[0]) && $data[0] == chr(194)) {
303 $data = "";
304 }
305 $this->$val= $data;
306 //echo "<font color='blue'>".$val."</font><br>";
307 }else{
308 //echo "<font color='red'>".$val."</font><br>";
309 }
310 }
311 }
314 /* Save data to LDAP, depending on is_account we save or delete */
315 function save()
316 {
317 /* include global link_info */
318 $ldap= $this->config->get_ldap_link();
320 /* Start with empty array */
321 $this->attrs= array();
323 /* Get current objectClasses in order to add the required ones */
324 $ldap->cat($this->dn);
326 $tmp= $ldap->fetch ();
328 if (isset($tmp['objectClass'])){
329 $oc= $tmp["objectClass"];
330 $this->is_new= FALSE;
331 } else {
332 $oc= array("count" => 0);
333 $this->is_new= TRUE;
334 }
336 /* Load (minimum) attributes, add missing ones */
337 $this->attrs['objectClass']= $this->objectclasses;
338 for ($i= 0; $i<$oc["count"]; $i++){
339 if (!in_array_ics($oc[$i], $this->objectclasses)){
340 $this->attrs['objectClass'][]= $oc[$i];
341 }
342 }
344 /* Copy standard attributes */
345 foreach ($this->attributes as $val){
346 if ($this->$val != ""){
347 $this->attrs["$val"]= $this->$val;
348 } elseif (!$this->is_new) {
349 $this->attrs["$val"]= array();
350 }
351 }
353 }
356 function cleanup()
357 {
358 foreach ($this->attrs as $index => $value){
360 /* Convert arrays with one element to non arrays, if the saved
361 attributes are no array, too */
362 if (is_array($this->attrs[$index]) &&
363 count ($this->attrs[$index]) == 1 &&
364 isset($this->saved_attributes[$index]) &&
365 !is_array($this->saved_attributes[$index])){
367 $tmp= $this->attrs[$index][0];
368 $this->attrs[$index]= $tmp;
369 }
371 /* Remove emtpy arrays if they do not differ */
372 if (is_array($this->attrs[$index]) &&
373 count($this->attrs[$index]) == 0 &&
374 !isset($this->saved_attributes[$index])){
376 unset ($this->attrs[$index]);
377 continue;
378 }
380 /* Remove single attributes that do not differ */
381 if (!is_array($this->attrs[$index]) &&
382 isset($this->saved_attributes[$index]) &&
383 !is_array($this->saved_attributes[$index]) &&
384 $this->attrs[$index] == $this->saved_attributes[$index]){
386 unset ($this->attrs[$index]);
387 continue;
388 }
390 /* Remove arrays that do not differ */
391 if (is_array($this->attrs[$index]) &&
392 isset($this->saved_attributes[$index]) &&
393 is_array($this->saved_attributes[$index])){
395 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
396 unset ($this->attrs[$index]);
397 continue;
398 }
399 }
400 }
401 }
403 /* Check formular input */
404 function check()
405 {
406 $message= array();
408 /* Skip if we've no config object */
409 if (!isset($this->config)){
410 return $message;
411 }
413 /* Find hooks entries for this class */
414 $command= search_config($this->config->data['MENU'], get_class($this), "CHECK");
415 if ($command == "" && isset($this->config->data['TABS'])){
416 $command= search_config($this->config->data['TABS'], get_class($this), "CHECK");
417 }
419 if ($command != ""){
421 if (!check_command($command)){
422 $message[]= sprintf(_("Command '%s', specified as CHECK hook for plugin '%s' doesn't seem to exist."), $command,
423 get_class($this));
424 } else {
426 /* Generate "ldif" for check hook */
427 $ldif= "dn: $this->dn\n";
429 /* ... objectClasses */
430 foreach ($this->objectclasses as $oc){
431 $ldif.= "objectClass: $oc\n";
432 }
434 /* ... attributes */
435 foreach ($this->attributes as $attr){
436 if ($this->$attr == ""){
437 continue;
438 }
439 if (is_array($this->$attr)){
440 foreach ($this->$attr as $val){
441 $ldif.= "$attr: $val\n";
442 }
443 } else {
444 $ldif.= "$attr: ".$this->$attr."\n";
445 }
446 }
448 /* Append empty line */
449 $ldif.= "\n";
451 /* Feed "ldif" into hook and retrieve result*/
452 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
453 $fh= proc_open($command, $descriptorspec, $pipes);
454 if (is_resource($fh)) {
455 fwrite ($pipes[0], $ldif);
456 fclose($pipes[0]);
458 $result= stream_get_contents($pipes[1]);
459 if ($result != ""){
460 $message[]= $result;
461 }
463 fclose($pipes[1]);
464 fclose($pipes[2]);
465 proc_close($fh);
466 }
467 }
469 }
471 return ($message);
472 }
474 /* Adapt from template, using 'dn' */
475 function adapt_from_template($dn)
476 {
477 /* Include global link_info */
478 $ldap= $this->config->get_ldap_link();
480 /* Load requested 'dn' to 'attrs' */
481 $ldap->cat ($dn);
482 $this->attrs= $ldap->fetch();
484 /* Walk through attributes */
485 foreach ($this->attributes as $val){
487 if (isset($this->attrs["$val"][0])){
489 /* If attribute is set, replace dynamic parts:
490 %sn, %givenName and %uid. Fill these in our local variables. */
491 $value= $this->attrs["$val"][0];
493 foreach (array("sn", "givenName", "uid") as $repl){
494 if (preg_match("/%$repl/i", $value)){
495 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
496 }
497 }
498 $this->$val= $value;
499 }
500 }
502 /* Is Account? */
503 $found= TRUE;
504 foreach ($this->objectclasses as $obj){
505 if (preg_match('/top/i', $obj)){
506 continue;
507 }
508 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
509 $found= FALSE;
510 break;
511 }
512 }
513 if ($found){
514 $this->is_account= TRUE;
515 }
516 }
518 /* Indicate whether a password change is needed or not */
519 function password_change_needed()
520 {
521 return FALSE;
522 }
525 /* Show header message for tab dialogs */
526 function show_enable_header($button_text, $text, $disabled= FALSE)
527 {
528 if (($disabled == TRUE) || (!$this->acl_is_createable())){
529 $state= "disabled";
530 } else {
531 $state= "";
532 }
533 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
534 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
535 "><p class=\"seperator\"> </p></td></tr></table>";
537 return($display);
538 }
541 /* Show header message for tab dialogs */
542 function show_disable_header($button_text, $text, $disabled= FALSE)
543 {
544 if (($disabled == TRUE) || !$this->acl_is_removeable()){
545 $state= "disabled";
546 } else {
547 $state= "";
548 }
549 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
550 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
551 "><p class=\"seperator\"> </p></td></tr></table>";
553 return($display);
554 }
557 /* Show header message for tab dialogs */
558 function show_header($button_text, $text, $disabled= FALSE)
559 {
560 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
561 if ($disabled == TRUE){
562 $state= "disabled";
563 } else {
564 $state= "";
565 }
566 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
567 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
568 ($this->acl_is_createable()?'':'disabled')." ".$state.
569 "><p class=\"seperator\"> </p></td></tr></table>";
571 return($display);
572 }
575 function postcreate($add_attrs= array())
576 {
577 /* Find postcreate entries for this class */
578 $command= search_config($this->config->data['MENU'], get_class($this), "POSTCREATE");
579 if ($command == "" && isset($this->config->data['TABS'])){
580 $command= search_config($this->config->data['TABS'], get_class($this), "POSTCREATE");
581 }
583 if ($command != ""){
584 /* Walk through attribute list */
585 foreach ($this->attributes as $attr){
586 if (!is_array($this->$attr)){
587 $command= preg_replace("/%$attr/", $this->$attr, $command);
588 }
589 }
590 $command= preg_replace("/%dn/", $this->dn, $command);
592 /* Additional attributes */
593 foreach ($add_attrs as $name => $value){
594 $command= preg_replace("/%$name/", $value, $command);
595 }
597 if (check_command($command)){
598 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
599 $command, "Execute");
601 exec($command);
602 } else {
603 $message= sprintf(_("Command '%s', specified as POSTCREATE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
604 print_red ($message);
605 }
606 }
607 }
609 function postmodify($add_attrs= array())
610 {
611 /* Find postcreate entries for this class */
612 $command= search_config($this->config->data['MENU'], get_class($this), "POSTMODIFY");
613 if ($command == "" && isset($this->config->data['TABS'])){
614 $command= search_config($this->config->data['TABS'], get_class($this), "POSTMODIFY");
615 }
617 if ($command != ""){
618 /* Walk through attribute list */
619 foreach ($this->attributes as $attr){
620 if (!is_array($this->$attr)){
621 $command= preg_replace("/%$attr/", $this->$attr, $command);
622 }
623 }
624 $command= preg_replace("/%dn/", $this->dn, $command);
626 /* Additional attributes */
627 foreach ($add_attrs as $name => $value){
628 $command= preg_replace("/%$name/", $value, $command);
629 }
631 if (check_command($command)){
632 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
633 $command, "Execute");
635 exec($command);
636 } else {
637 $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, get_class($this));
638 print_red ($message);
639 }
640 }
641 }
643 function postremove($add_attrs= array())
644 {
645 /* Find postremove entries for this class */
646 $command= search_config($this->config->data['MENU'], get_class($this), "POSTREMOVE");
647 if ($command == "" && isset($this->config->data['TABS'])){
648 $command= search_config($this->config->data['TABS'], get_class($this), "POSTREMOVE");
649 }
651 if ($command != ""){
652 /* Walk through attribute list */
653 foreach ($this->attributes as $attr){
654 if (!is_array($this->$attr)){
655 $command= preg_replace("/%$attr/", $this->$attr, $command);
656 }
657 }
658 $command= preg_replace("/%dn/", $this->dn, $command);
660 /* Additional attributes */
661 foreach ($add_attrs as $name => $value){
662 $command= preg_replace("/%$name/", $value, $command);
663 }
665 if (check_command($command)){
666 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
667 $command, "Execute");
669 exec($command);
670 } else {
671 $message= sprintf(_("Command '%s', specified as POSTREMOVE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
672 print_red ($message);
673 }
674 }
675 }
677 /* Create unique DN */
678 function create_unique_dn($attribute, $base)
679 {
680 $ldap= $this->config->get_ldap_link();
681 $base= preg_replace("/^,*/", "", $base);
683 /* Try to use plain entry first */
684 $dn= "$attribute=".$this->$attribute.",$base";
685 $ldap->cat ($dn, array('dn'));
686 if (!$ldap->fetch()){
687 return ($dn);
688 }
690 /* Look for additional attributes */
691 foreach ($this->attributes as $attr){
692 if ($attr == $attribute || $this->$attr == ""){
693 continue;
694 }
696 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
697 $ldap->cat ($dn, array('dn'));
698 if (!$ldap->fetch()){
699 return ($dn);
700 }
701 }
703 /* None found */
704 return ("none");
705 }
707 function rebind($ldap, $referral)
708 {
709 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
710 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
711 $this->error = "Success";
712 $this->hascon=true;
713 $this->reconnect= true;
714 return (0);
715 } else {
716 $this->error = "Could not bind to " . $credentials['ADMIN'];
717 return NULL;
718 }
719 }
721 /* This is a workaround function. */
722 function copy($src_dn, $dst_dn)
723 {
724 /* Rename dn in possible object groups */
725 $ldap= $this->config->get_ldap_link();
726 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($src_dn).'))',
727 array('cn'));
728 while ($attrs= $ldap->fetch()){
729 $og= new ogroup($this->config, $ldap->getDN());
730 unset($og->member[$src_dn]);
731 $og->member[$dst_dn]= $dst_dn;
732 $og->save ();
733 }
735 $ldap->cat($dst_dn);
736 $attrs= $ldap->fetch();
737 if (count($attrs)){
738 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
739 E_USER_WARNING);
740 return (FALSE);
741 }
743 $ldap->cat($src_dn);
744 $attrs= $ldap->fetch();
745 if (!count($attrs)){
746 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
747 E_USER_WARNING);
748 return (FALSE);
749 }
751 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
752 $ds= ldap_connect($this->config->current['SERVER']);
753 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
754 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
755 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
756 }
758 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
759 error_reporting (0);
760 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
762 /* Fill data from LDAP */
763 $new= array();
764 if ($sr) {
765 $ei=ldap_first_entry($ds, $sr);
766 if ($ei) {
767 foreach($attrs as $attr => $val){
768 if ($info = ldap_get_values_len($ds, $ei, $attr)){
769 for ($i= 0; $i<$info['count']; $i++){
770 if ($info['count'] == 1){
771 $new[$attr]= $info[$i];
772 } else {
773 $new[$attr][]= $info[$i];
774 }
775 }
776 }
777 }
778 }
779 }
781 /* close conncetion */
782 error_reporting (E_ALL);
783 ldap_unbind($ds);
785 /* Adapt naming attribute */
786 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
787 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
788 $new[$dst_name]= @LDAP::fix($dst_val);
790 /* Check if this is a department.
791 * If it is a dep. && there is a , override in his ou
792 * change \2C to , again, else this entry can't be saved ...
793 */
794 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
795 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
796 }
798 /* Save copy */
799 $ldap->connect();
800 $ldap->cd($this->config->current['BASE']);
802 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
804 /* FAIvariable=.../..., cn=..
805 could not be saved, because the attribute FAIvariable was different to
806 the dn FAIvariable=..., cn=... */
807 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
808 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
809 }
810 $ldap->cd($dst_dn);
811 $ldap->add($new);
813 if ($ldap->error != "Success"){
814 trigger_error("Trying to save $dst_dn failed.",
815 E_USER_WARNING);
816 return(FALSE);
817 }
819 return (TRUE);
820 }
823 function move($src_dn, $dst_dn)
824 {
825 /* Copy source to destination */
826 if (!$this->copy($src_dn, $dst_dn)){
827 return (FALSE);
828 }
830 /* Delete source */
831 $ldap= $this->config->get_ldap_link();
832 $ldap->rmdir($src_dn);
833 if ($ldap->error != "Success"){
834 trigger_error("Trying to delete $src_dn failed.",
835 E_USER_WARNING);
836 return (FALSE);
837 }
839 return (TRUE);
840 }
843 /* Move/Rename complete trees */
844 function recursive_move($src_dn, $dst_dn)
845 {
846 /* Check if the destination entry exists */
847 $ldap= $this->config->get_ldap_link();
849 /* Check if destination exists - abort */
850 $ldap->cat($dst_dn, array('dn'));
851 if ($ldap->fetch()){
852 trigger_error("recursive_move $dst_dn already exists.",
853 E_USER_WARNING);
854 return (FALSE);
855 }
857 /* Perform a search for all objects to be moved */
858 $objects= array();
859 $ldap->cd($src_dn);
860 $ldap->search("(objectClass=*)", array("dn"));
861 while($attrs= $ldap->fetch()){
862 $dn= $attrs['dn'];
863 $objects[$dn]= strlen($dn);
864 }
866 /* Sort objects by indent level */
867 asort($objects);
868 reset($objects);
870 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
871 foreach ($objects as $object => $len){
872 $src= $object;
873 $dst= preg_replace("/$src_dn$/", "$dst_dn", $object);
874 if (!$this->copy($src, $dst)){
875 return (FALSE);
876 }
877 }
879 /* Remove src_dn */
880 $ldap->cd($src_dn);
881 $ldap->recursive_remove();
882 return (TRUE);
883 }
886 function handle_post_events($mode, $add_attrs= array())
887 {
888 switch ($mode){
889 case "add":
890 $this->postcreate($add_attrs);
891 break;
893 case "modify":
894 $this->postmodify($add_attrs);
895 break;
897 case "remove":
898 $this->postremove($add_attrs);
899 break;
900 }
901 }
904 function saveCopyDialog(){
905 }
908 function getCopyDialog(){
909 return(array("string"=>"","status"=>""));
910 }
913 function PrepareForCopyPaste($source){
914 $todo = $this->attributes;
915 if(isset($this->CopyPasteVars)){
916 $todo = array_merge($todo,$this->CopyPasteVars);
917 }
918 $todo[] = "is_account";
919 foreach($todo as $var){
920 $this->$var = $source->$var;
921 }
922 }
925 function handle_object_tagging($dn= "", $tag= "", $show= false)
926 {
927 //FIXME: How to optimize this? We have at least two
928 // LDAP accesses per object. It would be a good
929 // idea to have it integrated.
931 /* No dn? Self-operation... */
932 if ($dn == ""){
933 $dn= $this->dn;
935 /* No tag? Find it yourself... */
936 if ($tag == ""){
937 $len= strlen($dn);
939 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
940 $relevant= array();
941 foreach ($this->config->adepartments as $key => $ntag){
943 /* This one is bigger than our dn, its not relevant... */
944 if ($len <= strlen($key)){
945 continue;
946 }
948 /* This one matches with the latter part. Break and don't fix this entry */
949 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
950 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
951 $relevant[strlen($key)]= $ntag;
952 continue;
953 }
955 }
957 /* If we've some relevant tags to set, just get the longest one */
958 if (count($relevant)){
959 ksort($relevant);
960 $tmp= array_keys($relevant);
961 $idx= end($tmp);
962 $tag= $relevant[$idx];
963 $this->gosaUnitTag= $tag;
964 }
965 }
966 }
969 /* Set tag? */
970 if ($tag != ""){
971 /* Set objectclass and attribute */
972 $ldap= $this->config->get_ldap_link();
973 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
974 $attrs= $ldap->fetch();
975 if(isset($attrs['gosaUnitTag'][0]) && $attrs['gosaUnitTag'][0] == $tag){
976 if ($show) {
977 echo sprintf(_("Object '%s' is already tagged"), @LDAP::fix($dn))."<br>";
978 flush();
979 }
980 return;
981 }
982 if (count($attrs)){
983 if ($show){
984 echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."<br>";
985 flush();
986 }
987 $nattrs= array("gosaUnitTag" => $tag);
988 $nattrs['objectClass']= array();
989 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
990 $oc= $attrs['objectClass'][$i];
991 if ($oc != "gosaAdministrativeUnitTag"){
992 $nattrs['objectClass'][]= $oc;
993 }
994 }
995 $nattrs['objectClass'][]= "gosaAdministrativeUnitTag";
996 $ldap->cd($dn);
997 $ldap->modify($nattrs);
998 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
999 } else {
1000 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging");
1001 }
1003 } else {
1004 /* Remove objectclass and attribute */
1005 $ldap= $this->config->get_ldap_link();
1006 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
1007 $attrs= $ldap->fetch();
1008 if (isset($attrs['objectClass']) && !in_array_ics("gosaAdministrativeUnitTag", $attrs['objectClass'])){
1009 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "$dn is not tagged", "Tagging");
1010 return;
1011 }
1012 if (count($attrs)){
1013 if ($show){
1014 echo sprintf(_("Removing tag from object '%s'"), @LDAP::fix($dn))."<br>";
1015 flush();
1016 }
1017 $nattrs= array("gosaUnitTag" => array());
1018 $nattrs['objectClass']= array();
1019 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
1020 $oc= $attrs['objectClass'][$i];
1021 if ($oc != "gosaAdministrativeUnitTag"){
1022 $nattrs['objectClass'][]= $oc;
1023 }
1024 }
1025 $ldap->cd($dn);
1026 $ldap->modify($nattrs);
1027 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
1028 } else {
1029 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging");
1030 }
1031 }
1033 }
1036 /* Add possibility to stop remove process */
1037 function allow_remove()
1038 {
1039 $reason= "";
1040 return $reason;
1041 }
1044 /* Create a snapshot of the current object */
1045 function create_snapshot($type= "snapshot", $description= array())
1046 {
1048 /* Check if snapshot functionality is enabled */
1049 if(!$this->snapshotEnabled()){
1050 return;
1051 }
1053 /* Get configuration from gosa.conf */
1054 $tmp = $this->config->current;
1056 /* Create lokal ldap connection */
1057 $ldap= $this->config->get_ldap_link();
1058 $ldap->cd($this->config->current['BASE']);
1060 /* check if there are special server configurations for snapshots */
1061 if(!isset($tmp['SNAPSHOT_SERVER'])){
1063 /* Source and destination server are both the same, just copy source to dest obj */
1064 $ldap_to = $ldap;
1065 $snapldapbase = $this->config->current['BASE'];
1067 }else{
1068 $server = $tmp['SNAPSHOT_SERVER'];
1069 $user = $tmp['SNAPSHOT_USER'];
1070 $password = $tmp['SNAPSHOT_PASSWORD'];
1071 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1073 $ldap_to = new LDAP($user,$password, $server);
1074 $ldap_to -> cd($snapldapbase);
1075 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1076 }
1078 /* check if the dn exists */
1079 if ($ldap->dn_exists($this->dn)){
1081 /* Extract seconds & mysecs, they are used as entry index */
1082 list($usec, $sec)= explode(" ", microtime());
1084 /* Collect some infos */
1085 $base = $this->config->current['BASE'];
1086 $snap_base = $tmp['SNAPSHOT_BASE'];
1087 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1088 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1090 /* Create object */
1091 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1092 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1093 $newName = preg_replace("/\./", "", $sec."-".$usec);
1094 $target= array();
1095 $target['objectClass'] = array("top", "gosaSnapshotObject");
1096 $target['gosaSnapshotData'] = gzcompress($data, 6);
1097 $target['gosaSnapshotType'] = $type;
1098 $target['gosaSnapshotDN'] = $this->dn;
1099 $target['description'] = $description;
1100 $target['gosaSnapshotTimestamp'] = $newName;
1102 /* Insert the new snapshot
1103 But we have to check first, if the given gosaSnapshotTimestamp
1104 is already used, in this case we should increment this value till there is
1105 an unused value. */
1106 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1107 $ldap_to->cat($new_dn);
1108 while($ldap_to->count()){
1109 $ldap_to->cat($new_dn);
1110 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1111 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1112 $target['gosaSnapshotTimestamp'] = $newName;
1113 }
1115 /* Inset this new snapshot */
1116 $ldap_to->cd($snapldapbase);
1117 $ldap_to->create_missing_trees($new_base);
1118 $ldap_to->cd($new_dn);
1119 $ldap_to->add($target);
1121 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1122 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1123 }
1124 }
1126 function remove_snapshot($dn)
1127 {
1128 $ui = get_userinfo();
1130 if($this->acl_is_removeable()){
1131 $ldap = $this->config->get_ldap_link();
1132 $ldap->cd($this->config->current['BASE']);
1133 $ldap->rmdir_recursive($dn);
1134 }else{
1135 print_red (_("You are not allowed to delete this snapshot!"));
1136 }
1137 }
1140 /* returns true if snapshots are enabled, and false if it is disalbed
1141 There will also be some errors psoted, if the configuration failed */
1142 function snapshotEnabled()
1143 {
1144 $tmp = $this->config->current;
1145 if(isset($tmp['ENABLE_SNAPSHOT'])){
1146 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1148 /* Check if the snapshot_base is defined */
1149 if(!isset($tmp['SNAPSHOT_BASE'])){
1150 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),$missing));
1151 return(FALSE);
1152 }
1154 /* check if there are special server configurations for snapshots */
1155 if(isset($tmp['SNAPSHOT_SERVER'])){
1157 /* check if all required vars are available to create a new ldap connection */
1158 $missing = "";
1159 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){
1160 if(!isset($tmp[$var])){
1161 $missing .= $var." ";
1162 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing));
1163 return(FALSE);
1164 }
1165 }
1166 }
1167 return(TRUE);
1168 }
1169 }
1170 return(FALSE);
1171 }
1174 /* Return available snapshots for the given base
1175 */
1176 function Available_SnapsShots($dn,$raw = false)
1177 {
1178 if(!$this->snapshotEnabled()) return(array());
1180 /* Create an additional ldap object which
1181 points to our ldap snapshot server */
1182 $ldap= $this->config->get_ldap_link();
1183 $ldap->cd($this->config->current['BASE']);
1184 $tmp = $this->config->current;
1186 /* check if there are special server configurations for snapshots */
1187 if(isset($tmp['SNAPSHOT_SERVER'])){
1188 $server = $tmp['SNAPSHOT_SERVER'];
1189 $user = $tmp['SNAPSHOT_USER'];
1190 $password = $tmp['SNAPSHOT_PASSWORD'];
1191 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1192 $ldap_to = new LDAP($user,$password, $server);
1193 $ldap_to -> cd ($snapldapbase);
1194 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1195 }else{
1196 $ldap_to = $ldap;
1197 }
1199 /* Prepare bases and some other infos */
1200 $base = $this->config->current['BASE'];
1201 $snap_base = $tmp['SNAPSHOT_BASE'];
1202 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1203 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1204 $tmp = array();
1206 /* Fetch all objects with gosaSnapshotDN=$dn */
1207 $ldap_to->cd($new_base);
1208 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1209 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1211 /* Put results into a list and add description if missing */
1212 while($entry = $ldap_to->fetch()){
1213 if(!isset($entry['description'][0])){
1214 $entry['description'][0] = "";
1215 }
1216 $tmp[] = $entry;
1217 }
1219 /* Return the raw array, or format the result */
1220 if($raw){
1221 return($tmp);
1222 }else{
1223 $tmp2 = array();
1224 foreach($tmp as $entry){
1225 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1226 }
1227 }
1228 return($tmp2);
1229 }
1232 function getAllDeletedSnapshots($base_of_object,$raw = false)
1233 {
1234 if(!$this->snapshotEnabled()) return(array());
1236 /* Create an additional ldap object which
1237 points to our ldap snapshot server */
1238 $ldap= $this->config->get_ldap_link();
1239 $ldap->cd($this->config->current['BASE']);
1240 $tmp = $this->config->current;
1242 /* check if there are special server configurations for snapshots */
1243 if(isset($tmp['SNAPSHOT_SERVER'])){
1244 $server = $tmp['SNAPSHOT_SERVER'];
1245 $user = $tmp['SNAPSHOT_USER'];
1246 $password = $tmp['SNAPSHOT_PASSWORD'];
1247 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1248 $ldap_to = new LDAP($user,$password, $server);
1249 $ldap_to->cd ($snapldapbase);
1250 show_ldap_error($ldap->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1251 }else{
1252 $ldap_to = $ldap;
1253 }
1255 /* Prepare bases */
1256 $base = $this->config->current['BASE'];
1257 $snap_base = $tmp['SNAPSHOT_BASE'];
1258 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1260 /* Fetch all objects and check if they do not exist anymore */
1261 $ui = get_userinfo();
1262 $tmp = array();
1263 $ldap_to->cd($new_base);
1264 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1265 while($entry = $ldap_to->fetch()){
1267 $chk = str_replace($new_base,"",$entry['dn']);
1268 if(preg_match("/,ou=/",$chk)) continue;
1270 if(!isset($entry['description'][0])){
1271 $entry['description'][0] = "";
1272 }
1273 $tmp[] = $entry;
1274 }
1276 /* Check if entry still exists */
1277 foreach($tmp as $key => $entry){
1278 $ldap->cat($entry['gosaSnapshotDN'][0]);
1279 if($ldap->count()){
1280 unset($tmp[$key]);
1281 }
1282 }
1284 /* Format result as requested */
1285 if($raw) {
1286 return($tmp);
1287 }else{
1288 $tmp2 = array();
1289 foreach($tmp as $key => $entry){
1290 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1291 }
1292 }
1293 return($tmp2);
1294 }
1297 /* Restore selected snapshot */
1298 function restore_snapshot($dn)
1299 {
1300 if(!$this->snapshotEnabled()) return(array());
1302 $ldap= $this->config->get_ldap_link();
1303 $ldap->cd($this->config->current['BASE']);
1304 $tmp = $this->config->current;
1306 /* check if there are special server configurations for snapshots */
1307 if(isset($tmp['SNAPSHOT_SERVER'])){
1308 $server = $tmp['SNAPSHOT_SERVER'];
1309 $user = $tmp['SNAPSHOT_USER'];
1310 $password = $tmp['SNAPSHOT_PASSWORD'];
1311 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1312 $ldap_to = new LDAP($user,$password, $server);
1313 $ldap_to->cd ($snapldapbase);
1314 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1315 }else{
1316 $ldap_to = $ldap;
1317 }
1319 /* Get the snapshot */
1320 $ldap_to->cat($dn);
1321 $restoreObject = $ldap_to->fetch();
1323 /* Prepare import string */
1324 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1326 /* Import the given data */
1327 $ldap->import_complete_ldif($data,$err,false,false);
1328 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1329 }
1332 function showSnapshotDialog($base,$baseSuffixe)
1333 {
1334 $once = true;
1335 foreach($_POST as $name => $value){
1337 /* Create a new snapshot, display a dialog */
1338 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1339 $once = false;
1340 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1341 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1342 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1343 }
1345 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1346 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1347 $once = false;
1348 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1349 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1350 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1351 $this->snapDialog->display_restore_dialog = true;
1352 }
1354 /* Restore one of the already deleted objects */
1355 if(preg_match("/^RestoreDeletedSnapShot_/",$name) && $once){
1356 $once = false;
1357 $this->snapDialog = new SnapShotDialog($this->config,$baseSuffixe,$this);
1358 $this->snapDialog->display_restore_dialog = true;
1359 $this->snapDialog->display_all_removed_objects = true;
1360 }
1362 /* Restore selected snapshot */
1363 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1364 $once = false;
1365 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1366 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1367 if(!empty($entry)){
1368 $this->restore_snapshot($entry);
1369 $this->snapDialog = NULL;
1370 }
1371 }
1372 }
1374 /* Create a new snapshot requested, check
1375 the given attributes and create the snapshot*/
1376 if(isset($_POST['CreateSnapshot'])){
1377 $this->snapDialog->save_object();
1378 $msgs = $this->snapDialog->check();
1379 if(count($msgs)){
1380 foreach($msgs as $msg){
1381 print_red($msg);
1382 }
1383 }else{
1384 $this->dn = $this->snapDialog->dn;
1385 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1386 $this->snapDialog = NULL;
1387 }
1388 }
1390 /* Restore is requested, restore the object with the posted dn .*/
1391 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1392 }
1394 if(isset($_POST['CancelSnapshot'])){
1395 $this->snapDialog = NULL;
1396 }
1398 if($this->snapDialog){
1399 $this->snapDialog->save_object();
1400 return($this->snapDialog->execute());
1401 }
1402 }
1405 function plInfo()
1406 {
1407 return array();
1408 }
1411 function set_acl_base($base)
1412 {
1413 $this->acl_base= $base;
1414 }
1417 function set_acl_category($category)
1418 {
1419 $this->acl_category= "$category/";
1420 }
1423 function acl_is_writeable($attribute,$skip_write = FALSE)
1424 {
1425 $ui= get_userinfo();
1426 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1427 }
1430 function acl_is_readable($attribute)
1431 {
1432 $ui= get_userinfo();
1433 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1434 }
1437 function acl_is_createable()
1438 {
1439 $ui= get_userinfo();
1440 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1441 }
1444 function acl_is_removeable()
1445 {
1446 $ui= get_userinfo();
1447 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1448 }
1451 function acl_is_moveable()
1452 {
1453 $ui= get_userinfo();
1454 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1455 }
1458 function acl_have_any_permissions()
1459 {
1460 }
1463 function getacl($attribute,$skip_write= FALSE)
1464 {
1465 $ui= get_userinfo();
1466 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1467 }
1469 /* Get all allowed bases to move an object to or to create a new object.
1470 Idepartments also contains all base departments which lead to the allowed bases */
1471 function get_allowed_bases($category = "")
1472 {
1473 $ui = get_userinfo();
1474 $deps = array();
1476 /* Set category */
1477 if(empty($category)){
1478 $category = $this->acl_category.get_class($this);
1479 }
1481 /* Is this a new object ? Or just an edited existing object */
1482 if(!$this->initially_was_account && $this->is_account){
1483 $new = true;
1484 }else{
1485 $new = false;
1486 }
1488 /* Add current base */
1489 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1490 $deps[$this->base] = $this->config->idepartments[$this->base];
1491 }else{
1492 echo "No default base found. ".$this->base."<br> ";
1493 }
1495 $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
1496 foreach($this->config->idepartments as $dn => $name){
1498 if(!in_array_ics($dn,$cat_bases)){
1499 continue;
1500 }
1502 $acl = $ui->get_permissions($dn,$category);
1503 if($new && preg_match("/c/",$acl)){
1504 $deps[$dn] = $name;
1505 }elseif(!$new && preg_match("/m/",$acl)){
1506 $deps[$dn] = $name;
1507 }
1508 }
1509 return($deps);
1510 }
1512 }
1513 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1514 ?>