![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
21 /*! \brief The plugin base class
22 \author Cajus Pollmeier <pollmeier@gonicus.de>
23 \version 2.00
24 \date 24.07.2003
26 This is the base class for all plugins. It can be used standalone or
27 can be included by the tabs class. All management should be done
28 within this class. Extend your plugins from this class.
29 */
31 class plugin
32 {
33 /*!
34 \brief Reference to parent object
36 This variable is used when the plugin is included in tabs
37 and keeps reference to the tab class. Communication to other
38 tabs is possible by 'name'. So the 'fax' plugin can ask the
39 'userinfo' plugin for the fax number.
41 \sa tab
42 */
43 var $parent= NULL;
45 /*!
46 \brief Configuration container
48 Access to global configuration
49 */
50 var $config= NULL;
52 /*!
53 \brief Mark plugin as account
55 Defines whether this plugin is defined as an account or not.
56 This has consequences for the plugin to be saved from tab
57 mode. If it is set to 'FALSE' the tab will call the delete
58 function, else the save function. Should be set to 'TRUE' if
59 the construtor detects a valid LDAP object.
61 \sa plugin::plugin()
62 */
63 var $is_account= FALSE;
64 var $initially_was_account= FALSE;
66 /*!
67 \brief Mark plugin as template
69 Defines whether we are creating a template or a normal object.
70 Has conseqences on the way execute() shows the formular and how
71 save() puts the data to LDAP.
73 \sa plugin::save() plugin::execute()
74 */
75 var $is_template= FALSE;
76 var $ignore_account= FALSE;
77 var $is_modified= FALSE;
79 /*!
80 \brief Represent temporary LDAP data
82 This is only used internally.
83 */
84 var $attrs= array();
86 /* Keep set of conflicting plugins */
87 var $conflicts= array();
89 /* Save unit tags */
90 var $gosaUnitTag= "";
92 /*!
93 \brief Used standard values
95 dn
96 */
97 var $dn= "";
98 var $uid= "";
99 var $sn= "";
100 var $givenName= "";
101 var $acl= "*none*";
102 var $dialog= FALSE;
103 var $snapDialog = NULL;
105 /* attribute list for save action */
106 var $attributes= array();
107 var $objectclasses= array();
108 var $is_new= TRUE;
109 var $saved_attributes= array();
111 var $acl_base= "";
112 var $acl_category= "";
114 /* Plugin identifier */
115 var $plHeadline= "";
116 var $plDescription= "";
118 /*! \brief plugin constructor
120 If 'dn' is set, the node loads the given 'dn' from LDAP
122 \param dn Distinguished name to initialize plugin from
123 \sa plugin()
124 */
125 function plugin ($config, $dn= NULL, $parent= NULL)
126 {
127 /* Configuration is fine, allways */
128 $this->config= $config;
129 $this->dn= $dn;
131 /* Handle new accounts, don't read information from LDAP */
132 if ($dn == "new"){
133 return;
134 }
136 /* Save current dn as acl_base */
137 $this->acl_base= $dn;
139 /* Get LDAP descriptor */
140 $ldap= $this->config->get_ldap_link();
141 if ($dn != NULL){
143 /* Load data to 'attrs' and save 'dn' */
144 if ($parent != NULL){
145 $this->attrs= $parent->attrs;
146 } else {
147 $ldap->cat ($dn);
148 $this->attrs= $ldap->fetch();
149 }
151 /* Copy needed attributes */
152 foreach ($this->attributes as $val){
153 $found= array_key_ics($val, $this->attrs);
154 if ($found != ""){
155 $this->$val= $this->attrs["$found"][0];
156 }
157 }
159 /* gosaUnitTag loading... */
160 if (isset($this->attrs['gosaUnitTag'][0])){
161 $this->gosaUnitTag= $this->attrs['gosaUnitTag'][0];
162 }
164 /* Set the template flag according to the existence of objectClass
165 gosaUserTemplate */
166 if (isset($this->attrs['objectClass'])){
167 if (in_array ("gosaUserTemplate", $this->attrs['objectClass'])){
168 $this->is_template= TRUE;
169 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
170 "found", "Template check");
171 }
172 }
174 /* Is Account? */
175 error_reporting(0);
176 $found= TRUE;
177 foreach ($this->objectclasses as $obj){
178 if (preg_match('/top/i', $obj)){
179 continue;
180 }
181 if (!isset($this->attrs['objectClass']) || !in_array_ics ($obj, $this->attrs['objectClass'])){
182 $found= FALSE;
183 break;
184 }
185 }
186 error_reporting(E_ALL);
187 if ($found){
188 $this->is_account= TRUE;
189 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
190 "found", "Object check");
191 }
193 /* Prepare saved attributes */
194 $this->saved_attributes= $this->attrs;
195 foreach ($this->saved_attributes as $index => $value){
196 if (preg_match('/^[0-9]+$/', $index)){
197 unset($this->saved_attributes[$index]);
198 continue;
199 }
200 if (!in_array($index, $this->attributes) && $index != "objectClass"){
201 unset($this->saved_attributes[$index]);
202 continue;
203 }
204 if ($this->saved_attributes[$index]["count"] == 1){
205 $tmp= $this->saved_attributes[$index][0];
206 unset($this->saved_attributes[$index]);
207 $this->saved_attributes[$index]= $tmp;
208 continue;
209 }
211 unset($this->saved_attributes["$index"]["count"]);
212 }
213 }
215 /* Save initial account state */
216 $this->initially_was_account= $this->is_account;
217 }
219 /*! \brief execute plugin
221 Generates the html output for this node
222 */
223 function execute()
224 {
225 /* This one is empty currently. Fabian - please fill in the docu code */
226 $_SESSION['current_class_for_help'] = get_class($this);
227 /* Reset Lock message POST/GET check array, to prevent perg_match errors*/
228 $_SESSION['LOCK_VARS_TO_USE'] =array();
229 }
231 /*! \brief execute plugin
232 Removes object from parent
233 */
234 function remove_from_parent()
235 {
236 /* include global link_info */
237 $ldap= $this->config->get_ldap_link();
239 /* Get current objectClasses in order to add the required ones */
240 $ldap->cat($this->dn);
241 $tmp= $ldap->fetch ();
242 if (isset($tmp['objectClass'])){
243 $oc= $tmp['objectClass'];
244 } else {
245 $oc= array("count" => 0);
246 }
248 /* Remove objectClasses from entry */
249 $ldap->cd($this->dn);
250 $this->attrs= array();
251 $this->attrs['objectClass']= array();
252 for ($i= 0; $i<$oc["count"]; $i++){
253 if (!in_array_ics($oc[$i], $this->objectclasses)){
254 $this->attrs['objectClass'][]= $oc[$i];
255 }
256 }
258 /* Unset attributes from entry */
259 foreach ($this->attributes as $val){
260 $this->attrs["$val"]= array();
261 }
263 /* Unset account info */
264 $this->is_account= FALSE;
266 /* Do not write in plugin base class, this must be done by
267 children, since there are normally additional attribs,
268 lists, etc. */
269 /*
270 $ldap->modify($this->attrs);
271 */
272 }
275 /* Save data to object */
276 function save_object()
277 {
278 /* Save values to object */
279 foreach ($this->attributes as $val){
280 if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
281 /* Check for modifications */
282 if (get_magic_quotes_gpc()) {
283 $data= stripcslashes($_POST["$val"]);
284 } else {
285 $data= $this->$val = $_POST["$val"];
286 }
287 if ($this->$val != $data){
288 $this->is_modified= TRUE;
289 }
291 /* Okay, how can I explain this fix ...
292 * In firefox, disabled option fields aren't selectable ... but in IE you can select these fileds.
293 * So IE posts these 'unselectable' option, with value = chr(194)
294 * chr(194) seems to be the in between the ...option> </option.. because there is no value=".." specified in these option fields
295 * This was added for W3c compliance, but now causes these ... ldap errors ...
296 * So we set these Fields to ""; a normal empty string, and we can check these values in plugin::check() again ...
297 */
298 if(isset($data[0]) && $data[0] == chr(194)) {
299 $data = "";
300 }
301 $this->$val= $data;
302 //echo "<font color='blue'>".$val."</font><br>";
303 }else{
304 //echo "<font color='red'>".$val."</font><br>";
305 }
306 }
307 }
310 /* Save data to LDAP, depending on is_account we save or delete */
311 function save()
312 {
313 /* include global link_info */
314 $ldap= $this->config->get_ldap_link();
316 /* Start with empty array */
317 $this->attrs= array();
319 /* Get current objectClasses in order to add the required ones */
320 $ldap->cat($this->dn);
322 $tmp= $ldap->fetch ();
324 if (isset($tmp['objectClass'])){
325 $oc= $tmp["objectClass"];
326 $this->is_new= FALSE;
327 } else {
328 $oc= array("count" => 0);
329 $this->is_new= TRUE;
330 }
332 /* Load (minimum) attributes, add missing ones */
333 $this->attrs['objectClass']= $this->objectclasses;
334 for ($i= 0; $i<$oc["count"]; $i++){
335 if (!in_array_ics($oc[$i], $this->objectclasses)){
336 $this->attrs['objectClass'][]= $oc[$i];
337 }
338 }
340 /* Copy standard attributes */
341 foreach ($this->attributes as $val){
342 if ($this->$val != ""){
343 $this->attrs["$val"]= $this->$val;
344 } elseif (!$this->is_new) {
345 $this->attrs["$val"]= array();
346 }
347 }
349 }
352 function cleanup()
353 {
354 foreach ($this->attrs as $index => $value){
356 /* Convert arrays with one element to non arrays, if the saved
357 attributes are no array, too */
358 if (is_array($this->attrs[$index]) &&
359 count ($this->attrs[$index]) == 1 &&
360 isset($this->saved_attributes[$index]) &&
361 !is_array($this->saved_attributes[$index])){
363 $tmp= $this->attrs[$index][0];
364 $this->attrs[$index]= $tmp;
365 }
367 /* Remove emtpy arrays if they do not differ */
368 if (is_array($this->attrs[$index]) &&
369 count($this->attrs[$index]) == 0 &&
370 !isset($this->saved_attributes[$index])){
372 unset ($this->attrs[$index]);
373 continue;
374 }
376 /* Remove single attributes that do not differ */
377 if (!is_array($this->attrs[$index]) &&
378 isset($this->saved_attributes[$index]) &&
379 !is_array($this->saved_attributes[$index]) &&
380 $this->attrs[$index] == $this->saved_attributes[$index]){
382 unset ($this->attrs[$index]);
383 continue;
384 }
386 /* Remove arrays that do not differ */
387 if (is_array($this->attrs[$index]) &&
388 isset($this->saved_attributes[$index]) &&
389 is_array($this->saved_attributes[$index])){
391 if (!array_differs($this->attrs[$index],$this->saved_attributes[$index])){
392 unset ($this->attrs[$index]);
393 continue;
394 }
395 }
396 }
397 }
399 /* Check formular input */
400 function check()
401 {
402 $message= array();
404 /* Skip if we've no config object */
405 if (!isset($this->config)){
406 return $message;
407 }
409 /* Find hooks entries for this class */
410 $command= search_config($this->config->data['MENU'], get_class($this), "CHECK");
411 if ($command == "" && isset($this->config->data['TABS'])){
412 $command= search_config($this->config->data['TABS'], get_class($this), "CHECK");
413 }
415 if ($command != ""){
417 if (!check_command($command)){
418 $message[]= sprintf(_("Command '%s', specified as CHECK hook for plugin '%s' doesn't seem to exist."), $command,
419 get_class($this));
420 } else {
422 /* Generate "ldif" for check hook */
423 $ldif= "dn: $this->dn\n";
425 /* ... objectClasses */
426 foreach ($this->objectclasses as $oc){
427 $ldif.= "objectClass: $oc\n";
428 }
430 /* ... attributes */
431 foreach ($this->attributes as $attr){
432 if ($this->$attr == ""){
433 continue;
434 }
435 if (is_array($this->$attr)){
436 foreach ($this->$attr as $val){
437 $ldif.= "$attr: $val\n";
438 }
439 } else {
440 $ldif.= "$attr: ".$this->$attr."\n";
441 }
442 }
444 /* Append empty line */
445 $ldif.= "\n";
447 /* Feed "ldif" into hook and retrieve result*/
448 $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
449 $fh= proc_open($command, $descriptorspec, $pipes);
450 if (is_resource($fh)) {
451 fwrite ($pipes[0], $ldif);
452 fclose($pipes[0]);
454 $result= stream_get_contents($pipes[1]);
455 if ($result != ""){
456 $message[]= $result;
457 }
459 fclose($pipes[1]);
460 fclose($pipes[2]);
461 proc_close($fh);
462 }
463 }
465 }
467 return ($message);
468 }
470 /* Adapt from template, using 'dn' */
471 function adapt_from_template($dn)
472 {
473 /* Include global link_info */
474 $ldap= $this->config->get_ldap_link();
476 /* Load requested 'dn' to 'attrs' */
477 $ldap->cat ($dn);
478 $this->attrs= $ldap->fetch();
480 /* Walk through attributes */
481 foreach ($this->attributes as $val){
483 if (isset($this->attrs["$val"][0])){
485 /* If attribute is set, replace dynamic parts:
486 %sn, %givenName and %uid. Fill these in our local variables. */
487 $value= $this->attrs["$val"][0];
489 foreach (array("sn", "givenName", "uid") as $repl){
490 if (preg_match("/%$repl/i", $value)){
491 $value= preg_replace ("/%$repl/i", $this->parent->$repl, $value);
492 }
493 }
494 $this->$val= $value;
495 }
496 }
498 /* Is Account? */
499 $found= TRUE;
500 foreach ($this->objectclasses as $obj){
501 if (preg_match('/top/i', $obj)){
502 continue;
503 }
504 if (!in_array_ics ($obj, $this->attrs['objectClass'])){
505 $found= FALSE;
506 break;
507 }
508 }
509 if ($found){
510 $this->is_account= TRUE;
511 }
512 }
514 /* Indicate whether a password change is needed or not */
515 function password_change_needed()
516 {
517 return FALSE;
518 }
521 /* Show header message for tab dialogs */
522 function show_enable_header($button_text, $text, $disabled= FALSE)
523 {
524 if (($disabled == TRUE) || (!$this->acl_is_createable())){
525 $state= "disabled";
526 } else {
527 $state= "";
528 }
529 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
530 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
531 "><p class=\"seperator\"> </p></td></tr></table>";
533 return($display);
534 }
537 /* Show header message for tab dialogs */
538 function show_disable_header($button_text, $text, $disabled= FALSE)
539 {
540 if (($disabled == TRUE) || !$this->acl_is_removeable()){
541 $state= "disabled";
542 } else {
543 $state= "";
544 }
545 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
546 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
547 "><p class=\"seperator\"> </p></td></tr></table>";
549 return($display);
550 }
553 /* Show header message for tab dialogs */
554 function show_header($button_text, $text, $disabled= FALSE)
555 {
556 echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
557 if ($disabled == TRUE){
558 $state= "disabled";
559 } else {
560 $state= "";
561 }
562 $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
563 $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
564 ($this->acl_is_createable()?'':'disabled')." ".$state.
565 "><p class=\"seperator\"> </p></td></tr></table>";
567 return($display);
568 }
571 function postcreate($add_attrs= array())
572 {
573 /* Find postcreate entries for this class */
574 $command= search_config($this->config->data['MENU'], get_class($this), "POSTCREATE");
575 if ($command == "" && isset($this->config->data['TABS'])){
576 $command= search_config($this->config->data['TABS'], get_class($this), "POSTCREATE");
577 }
579 if ($command != ""){
580 /* Walk through attribute list */
581 foreach ($this->attributes as $attr){
582 if (!is_array($this->$attr)){
583 $command= preg_replace("/%$attr/", $this->$attr, $command);
584 }
585 }
586 $command= preg_replace("/%dn/", $this->dn, $command);
588 /* Additional attributes */
589 foreach ($add_attrs as $name => $value){
590 $command= preg_replace("/%$name/", $value, $command);
591 }
593 if (check_command($command)){
594 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
595 $command, "Execute");
597 exec($command);
598 } else {
599 $message= sprintf(_("Command '%s', specified as POSTCREATE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
600 print_red ($message);
601 }
602 }
603 }
605 function postmodify($add_attrs= array())
606 {
607 /* Find postcreate entries for this class */
608 $command= search_config($this->config->data['MENU'], get_class($this), "POSTMODIFY");
609 if ($command == "" && isset($this->config->data['TABS'])){
610 $command= search_config($this->config->data['TABS'], get_class($this), "POSTMODIFY");
611 }
613 if ($command != ""){
614 /* Walk through attribute list */
615 foreach ($this->attributes as $attr){
616 if (!is_array($this->$attr)){
617 $command= preg_replace("/%$attr/", $this->$attr, $command);
618 }
619 }
620 $command= preg_replace("/%dn/", $this->dn, $command);
622 /* Additional attributes */
623 foreach ($add_attrs as $name => $value){
624 $command= preg_replace("/%$name/", $value, $command);
625 }
627 if (check_command($command)){
628 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
629 $command, "Execute");
631 exec($command);
632 } else {
633 $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, get_class($this));
634 print_red ($message);
635 }
636 }
637 }
639 function postremove($add_attrs= array())
640 {
641 /* Find postremove entries for this class */
642 $command= search_config($this->config->data['MENU'], get_class($this), "POSTREMOVE");
643 if ($command == "" && isset($this->config->data['TABS'])){
644 $command= search_config($this->config->data['TABS'], get_class($this), "POSTREMOVE");
645 }
647 if ($command != ""){
648 /* Walk through attribute list */
649 foreach ($this->attributes as $attr){
650 if (!is_array($this->$attr)){
651 $command= preg_replace("/%$attr/", $this->$attr, $command);
652 }
653 }
654 $command= preg_replace("/%dn/", $this->dn, $command);
656 /* Additional attributes */
657 foreach ($add_attrs as $name => $value){
658 $command= preg_replace("/%$name/", $value, $command);
659 }
661 if (check_command($command)){
662 @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,
663 $command, "Execute");
665 exec($command);
666 } else {
667 $message= sprintf(_("Command '%s', specified as POSTREMOVE for plugin '%s' doesn't seem to exist."), $command, get_class($this));
668 print_red ($message);
669 }
670 }
671 }
673 /* Create unique DN */
674 function create_unique_dn($attribute, $base)
675 {
676 $ldap= $this->config->get_ldap_link();
677 $base= preg_replace("/^,*/", "", $base);
679 /* Try to use plain entry first */
680 $dn= "$attribute=".$this->$attribute.",$base";
681 $ldap->cat ($dn, array('dn'));
682 if (!$ldap->fetch()){
683 return ($dn);
684 }
686 /* Look for additional attributes */
687 foreach ($this->attributes as $attr){
688 if ($attr == $attribute || $this->$attr == ""){
689 continue;
690 }
692 $dn= "$attribute=".$this->$attribute."+$attr=".$this->$attr.",$base";
693 $ldap->cat ($dn, array('dn'));
694 if (!$ldap->fetch()){
695 return ($dn);
696 }
697 }
699 /* None found */
700 return ("none");
701 }
703 function rebind($ldap, $referral)
704 {
705 $credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
706 if (ldap_bind($ldap, $credentials['ADMIN'], $credentials['PASSWORD'])) {
707 $this->error = "Success";
708 $this->hascon=true;
709 $this->reconnect= true;
710 return (0);
711 } else {
712 $this->error = "Could not bind to " . $credentials['ADMIN'];
713 return NULL;
714 }
715 }
717 /* This is a workaround function. */
718 function copy($src_dn, $dst_dn)
719 {
720 /* Rename dn in possible object groups */
721 $ldap= $this->config->get_ldap_link();
722 $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($src_dn).'))',
723 array('cn'));
724 while ($attrs= $ldap->fetch()){
725 $og= new ogroup($this->config, $ldap->getDN());
726 unset($og->member[$src_dn]);
727 $og->member[$dst_dn]= $dst_dn;
728 $og->save ();
729 }
731 $ldap->cat($dst_dn);
732 $attrs= $ldap->fetch();
733 if (count($attrs)){
734 trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
735 E_USER_WARNING);
736 return (FALSE);
737 }
739 $ldap->cat($src_dn);
740 $attrs= $ldap->fetch();
741 if (!count($attrs)){
742 trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
743 E_USER_WARNING);
744 return (FALSE);
745 }
747 /* Grummble. This really sucks. PHP ldap doesn't support rdn stuff. */
748 $ds= ldap_connect($this->config->current['SERVER']);
749 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
750 if (function_exists("ldap_set_rebind_proc") && isset($this->config->current['REFERRAL'])) {
751 ldap_set_rebind_proc($ds, array(&$this, "rebind"));
752 }
754 $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
755 error_reporting (0);
756 $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
758 /* Fill data from LDAP */
759 $new= array();
760 if ($sr) {
761 $ei=ldap_first_entry($ds, $sr);
762 if ($ei) {
763 foreach($attrs as $attr => $val){
764 if ($info = ldap_get_values_len($ds, $ei, $attr)){
765 for ($i= 0; $i<$info['count']; $i++){
766 if ($info['count'] == 1){
767 $new[$attr]= $info[$i];
768 } else {
769 $new[$attr][]= $info[$i];
770 }
771 }
772 }
773 }
774 }
775 }
777 /* close conncetion */
778 error_reporting (E_ALL);
779 ldap_unbind($ds);
781 /* Adapt naming attribute */
782 $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
783 $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
784 $new[$dst_name]= @LDAP::fix($dst_val);
786 /* Check if this is a department.
787 * If it is a dep. && there is a , override in his ou
788 * change \2C to , again, else this entry can't be saved ...
789 */
790 if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
791 $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
792 }
794 /* Save copy */
795 $ldap->connect();
796 $ldap->cd($this->config->current['BASE']);
798 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $dst_dn));
800 /* FAIvariable=.../..., cn=..
801 could not be saved, because the attribute FAIvariable was different to
802 the dn FAIvariable=..., cn=... */
803 if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
804 $new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
805 }
806 $ldap->cd($dst_dn);
807 $ldap->add($new);
809 if ($ldap->error != "Success"){
810 trigger_error("Trying to save $dst_dn failed.",
811 E_USER_WARNING);
812 return(FALSE);
813 }
815 return (TRUE);
816 }
819 function move($src_dn, $dst_dn)
820 {
821 /* Copy source to destination */
822 if (!$this->copy($src_dn, $dst_dn)){
823 return (FALSE);
824 }
826 /* Delete source */
827 $ldap= $this->config->get_ldap_link();
828 $ldap->rmdir($src_dn);
829 if ($ldap->error != "Success"){
830 trigger_error("Trying to delete $src_dn failed.",
831 E_USER_WARNING);
832 return (FALSE);
833 }
835 return (TRUE);
836 }
839 /* Move/Rename complete trees */
840 function recursive_move($src_dn, $dst_dn)
841 {
842 /* Check if the destination entry exists */
843 $ldap= $this->config->get_ldap_link();
845 /* Check if destination exists - abort */
846 $ldap->cat($dst_dn, array('dn'));
847 if ($ldap->fetch()){
848 trigger_error("recursive_move $dst_dn already exists.",
849 E_USER_WARNING);
850 return (FALSE);
851 }
853 /* Perform a search for all objects to be moved */
854 $objects= array();
855 $ldap->cd($src_dn);
856 $ldap->search("(objectClass=*)", array("dn"));
857 while($attrs= $ldap->fetch()){
858 $dn= $attrs['dn'];
859 $objects[$dn]= strlen($dn);
860 }
862 /* Sort objects by indent level */
863 asort($objects);
864 reset($objects);
866 /* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
867 foreach ($objects as $object => $len){
868 $src= $object;
869 $dst= preg_replace("/$src_dn$/", "$dst_dn", $object);
870 if (!$this->copy($src, $dst)){
871 return (FALSE);
872 }
873 }
875 /* Remove src_dn */
876 $ldap->cd($src_dn);
877 $ldap->recursive_remove();
878 return (TRUE);
879 }
882 function handle_post_events($mode, $add_attrs= array())
883 {
884 switch ($mode){
885 case "add":
886 $this->postcreate($add_attrs);
887 break;
889 case "modify":
890 $this->postmodify($add_attrs);
891 break;
893 case "remove":
894 $this->postremove($add_attrs);
895 break;
896 }
897 }
900 function saveCopyDialog(){
901 }
904 function getCopyDialog(){
905 return(array("string"=>"","status"=>""));
906 }
909 function PrepareForCopyPaste($source){
910 $todo = $this->attributes;
911 if(isset($this->CopyPasteVars)){
912 $todo = array_merge($todo,$this->CopyPasteVars);
913 }
914 $todo[] = "is_account";
915 foreach($todo as $var){
916 $this->$var = $source->$var;
917 }
918 }
921 function handle_object_tagging($dn= "", $tag= "", $show= false)
922 {
923 //FIXME: How to optimize this? We have at least two
924 // LDAP accesses per object. It would be a good
925 // idea to have it integrated.
927 /* No dn? Self-operation... */
928 if ($dn == ""){
929 $dn= $this->dn;
931 /* No tag? Find it yourself... */
932 if ($tag == ""){
933 $len= strlen($dn);
935 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "No tag for $dn - looking for one...", "Tagging");
936 $relevant= array();
937 foreach ($this->config->adepartments as $key => $ntag){
939 /* This one is bigger than our dn, its not relevant... */
940 if ($len <= strlen($key)){
941 continue;
942 }
944 /* This one matches with the latter part. Break and don't fix this entry */
945 if (preg_match('/(^|,)'.normalizePreg($key).'$/', $dn)){
946 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "DEBUG: Possibly relevant: $key", "Tagging");
947 $relevant[strlen($key)]= $ntag;
948 continue;
949 }
951 }
953 /* If we've some relevant tags to set, just get the longest one */
954 if (count($relevant)){
955 ksort($relevant);
956 $tmp= array_keys($relevant);
957 $idx= end($tmp);
958 $tag= $relevant[$idx];
959 $this->gosaUnitTag= $tag;
960 }
961 }
962 }
965 /* Set tag? */
966 if ($tag != ""){
967 /* Set objectclass and attribute */
968 $ldap= $this->config->get_ldap_link();
969 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
970 $attrs= $ldap->fetch();
971 if(isset($attrs['gosaUnitTag'][0]) && $attrs['gosaUnitTag'][0] == $tag){
972 if ($show) {
973 echo sprintf(_("Object '%s' is already tagged"), @LDAP::fix($dn))."<br>";
974 flush();
975 }
976 return;
977 }
978 if (count($attrs)){
979 if ($show){
980 echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."<br>";
981 flush();
982 }
983 $nattrs= array("gosaUnitTag" => $tag);
984 $nattrs['objectClass']= array();
985 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
986 $oc= $attrs['objectClass'][$i];
987 if ($oc != "gosaAdministrativeUnitTag"){
988 $nattrs['objectClass'][]= $oc;
989 }
990 }
991 $nattrs['objectClass'][]= "gosaAdministrativeUnitTag";
992 $ldap->cd($dn);
993 $ldap->modify($nattrs);
994 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
995 } else {
996 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging");
997 }
999 } else {
1000 /* Remove objectclass and attribute */
1001 $ldap= $this->config->get_ldap_link();
1002 $ldap->cat($dn, array('gosaUnitTag', 'objectClass'));
1003 $attrs= $ldap->fetch();
1004 if (isset($attrs['objectClass']) && !in_array_ics("gosaAdministrativeUnitTag", $attrs['objectClass'])){
1005 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "$dn is not tagged", "Tagging");
1006 return;
1007 }
1008 if (count($attrs)){
1009 if ($show){
1010 echo sprintf(_("Removing tag from object '%s'"), @LDAP::fix($dn))."<br>";
1011 flush();
1012 }
1013 $nattrs= array("gosaUnitTag" => array());
1014 $nattrs['objectClass']= array();
1015 for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
1016 $oc= $attrs['objectClass'][$i];
1017 if ($oc != "gosaAdministrativeUnitTag"){
1018 $nattrs['objectClass'][]= $oc;
1019 }
1020 }
1021 $ldap->cd($dn);
1022 $ldap->modify($nattrs);
1023 show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
1024 } else {
1025 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging");
1026 }
1027 }
1029 }
1032 /* Add possibility to stop remove process */
1033 function allow_remove()
1034 {
1035 $reason= "";
1036 return $reason;
1037 }
1040 /* Create a snapshot of the current object */
1041 function create_snapshot($type= "snapshot", $description= array())
1042 {
1044 /* Check if snapshot functionality is enabled */
1045 if(!$this->snapshotEnabled()){
1046 return;
1047 }
1049 /* Get configuration from gosa.conf */
1050 $tmp = $this->config->current;
1052 /* Create lokal ldap connection */
1053 $ldap= $this->config->get_ldap_link();
1054 $ldap->cd($this->config->current['BASE']);
1056 /* check if there are special server configurations for snapshots */
1057 if(!isset($tmp['SNAPSHOT_SERVER'])){
1059 /* Source and destination server are both the same, just copy source to dest obj */
1060 $ldap_to = $ldap;
1061 $snapldapbase = $this->config->current['BASE'];
1063 }else{
1064 $server = $tmp['SNAPSHOT_SERVER'];
1065 $user = $tmp['SNAPSHOT_USER'];
1066 $password = $tmp['SNAPSHOT_PASSWORD'];
1067 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1069 $ldap_to = new LDAP($user,$password, $server);
1070 $ldap_to -> cd($snapldapbase);
1071 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
1072 }
1074 /* check if the dn exists */
1075 if ($ldap->dn_exists($this->dn)){
1077 /* Extract seconds & mysecs, they are used as entry index */
1078 list($usec, $sec)= explode(" ", microtime());
1080 /* Collect some infos */
1081 $base = $this->config->current['BASE'];
1082 $snap_base = $tmp['SNAPSHOT_BASE'];
1083 $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn);
1084 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1086 /* Create object */
1087 #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
1088 $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
1089 $newName = preg_replace("/\./", "", $sec."-".$usec);
1090 $target= array();
1091 $target['objectClass'] = array("top", "gosaSnapshotObject");
1092 $target['gosaSnapshotData'] = gzcompress($data, 6);
1093 $target['gosaSnapshotType'] = $type;
1094 $target['gosaSnapshotDN'] = $this->dn;
1095 $target['description'] = $description;
1096 $target['gosaSnapshotTimestamp'] = $newName;
1098 /* Insert the new snapshot
1099 But we have to check first, if the given gosaSnapshotTimestamp
1100 is already used, in this case we should increment this value till there is
1101 an unused value. */
1102 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1103 $ldap_to->cat($new_dn);
1104 while($ldap_to->count()){
1105 $ldap_to->cat($new_dn);
1106 $newName = preg_replace("/\./", "", $sec."-".($usec++));
1107 $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
1108 $target['gosaSnapshotTimestamp'] = $newName;
1109 }
1111 /* Inset this new snapshot */
1112 $ldap_to->cd($snapldapbase);
1113 $ldap_to->create_missing_trees($new_base);
1114 $ldap_to->cd($new_dn);
1115 $ldap_to->add($target);
1117 show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1118 show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
1119 }
1120 }
1122 function remove_snapshot($dn)
1123 {
1124 $ui = get_userinfo();
1125 $acl = get_permissions ($dn, $ui->subtreeACL);
1126 $acl = get_module_permission($acl, "snapshot", $dn);
1128 if($this->acl_is_removeable())
1129 $ldap = $this->config->get_ldap_link();
1130 $ldap->cd($this->config->current['BASE']);
1131 $ldap->rmdir_recursive($dn);
1132 }else{
1133 print_red (_("You are not allowed to delete this snapshot!"));
1134 }
1135 }
1138 /* returns true if snapshots are enabled, and false if it is disalbed
1139 There will also be some errors psoted, if the configuration failed */
1140 function snapshotEnabled()
1141 {
1142 $tmp = $this->config->current;
1143 if(isset($tmp['ENABLE_SNAPSHOT'])){
1144 if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
1146 /* Check if the snapshot_base is defined */
1147 if(!isset($tmp['SNAPSHOT_BASE'])){
1148 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),$missing));
1149 return(FALSE);
1150 }
1152 /* check if there are special server configurations for snapshots */
1153 if(isset($tmp['SNAPSHOT_SERVER'])){
1155 /* check if all required vars are available to create a new ldap connection */
1156 $missing = "";
1157 foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){
1158 if(!isset($tmp[$var])){
1159 $missing .= $var." ";
1160 print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing));
1161 return(FALSE);
1162 }
1163 }
1164 }
1165 return(TRUE);
1166 }
1167 }
1168 return(FALSE);
1169 }
1172 /* Return available snapshots for the given base
1173 */
1174 function Available_SnapsShots($dn,$raw = false)
1175 {
1176 if(!$this->snapshotEnabled()) return(array());
1178 /* Create an additional ldap object which
1179 points to our ldap snapshot server */
1180 $ldap= $this->config->get_ldap_link();
1181 $ldap->cd($this->config->current['BASE']);
1182 $tmp = $this->config->current;
1184 /* check if there are special server configurations for snapshots */
1185 if(isset($tmp['SNAPSHOT_SERVER'])){
1186 $server = $tmp['SNAPSHOT_SERVER'];
1187 $user = $tmp['SNAPSHOT_USER'];
1188 $password = $tmp['SNAPSHOT_PASSWORD'];
1189 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1190 $ldap_to = new LDAP($user,$password, $server);
1191 $ldap_to -> cd ($snapldapbase);
1192 show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
1193 }else{
1194 $ldap_to = $ldap;
1195 }
1197 /* Prepare bases and some other infos */
1198 $base = $this->config->current['BASE'];
1199 $snap_base = $tmp['SNAPSHOT_BASE'];
1200 $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn);
1201 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1202 $tmp = array();
1204 /* Fetch all objects with gosaSnapshotDN=$dn */
1205 $ldap_to->cd($new_base);
1206 $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
1207 array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1209 /* Put results into a list and add description if missing */
1210 while($entry = $ldap_to->fetch()){
1211 if(!isset($entry['description'][0])){
1212 $entry['description'][0] = "";
1213 }
1214 $tmp[] = $entry;
1215 }
1217 /* Return the raw array, or format the result */
1218 if($raw){
1219 return($tmp);
1220 }else{
1221 $tmp2 = array();
1222 foreach($tmp as $entry){
1223 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1224 }
1225 }
1226 return($tmp2);
1227 }
1230 function getAllDeletedSnapshots($base_of_object,$raw = false)
1231 {
1232 if(!$this->snapshotEnabled()) return(array());
1234 /* Create an additional ldap object which
1235 points to our ldap snapshot server */
1236 $ldap= $this->config->get_ldap_link();
1237 $ldap->cd($this->config->current['BASE']);
1238 $tmp = $this->config->current;
1240 /* check if there are special server configurations for snapshots */
1241 if(isset($tmp['SNAPSHOT_SERVER'])){
1242 $server = $tmp['SNAPSHOT_SERVER'];
1243 $user = $tmp['SNAPSHOT_USER'];
1244 $password = $tmp['SNAPSHOT_PASSWORD'];
1245 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1246 $ldap_to = new LDAP($user,$password, $server);
1247 $ldap_to->cd ($snapldapbase);
1248 show_ldap_error($ldap->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
1249 }else{
1250 $ldap_to = $ldap;
1251 }
1253 /* Prepare bases */
1254 $base = $this->config->current['BASE'];
1255 $snap_base = $tmp['SNAPSHOT_BASE'];
1256 $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
1258 /* Fetch all objects and check if they do not exist anymore */
1259 $ui = get_userinfo();
1260 $tmp = array();
1261 $ldap_to->cd($new_base);
1262 $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
1263 while($entry = $ldap_to->fetch()){
1265 $chk = str_replace($new_base,"",$entry['dn']);
1266 if(preg_match("/,ou=/",$chk)) continue;
1268 if(!isset($entry['description'][0])){
1269 $entry['description'][0] = "";
1270 }
1271 $tmp[] = $entry;
1272 }
1274 /* Check if entry still exists */
1275 foreach($tmp as $key => $entry){
1276 $ldap->cat($entry['gosaSnapshotDN'][0]);
1277 if($ldap->count()){
1278 unset($tmp[$key]);
1279 }
1280 }
1282 /* Format result as requested */
1283 if($raw) {
1284 return($tmp);
1285 }else{
1286 $tmp2 = array();
1287 foreach($tmp as $key => $entry){
1288 $tmp2[base64_encode($entry['dn'])] = $entry['description'][0];
1289 }
1290 }
1291 return($tmp2);
1292 }
1295 /* Restore selected snapshot */
1296 function restore_snapshot($dn)
1297 {
1298 if(!$this->snapshotEnabled()) return(array());
1300 $ldap= $this->config->get_ldap_link();
1301 $ldap->cd($this->config->current['BASE']);
1302 $tmp = $this->config->current;
1304 /* check if there are special server configurations for snapshots */
1305 if(isset($tmp['SNAPSHOT_SERVER'])){
1306 $server = $tmp['SNAPSHOT_SERVER'];
1307 $user = $tmp['SNAPSHOT_USER'];
1308 $password = $tmp['SNAPSHOT_PASSWORD'];
1309 $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
1310 $ldap_to = new LDAP($user,$password, $server);
1311 $ldap_to->cd ($snapldapbase);
1312 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
1313 }else{
1314 $ldap_to = $ldap;
1315 }
1317 /* Get the snapshot */
1318 $ldap_to->cat($dn);
1319 $restoreObject = $ldap_to->fetch();
1321 /* Prepare import string */
1322 $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
1324 /* Import the given data */
1325 $ldap->import_complete_ldif($data,$err,false,false);
1326 show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
1327 }
1330 function showSnapshotDialog($base,$baseSuffixe)
1331 {
1332 $once = true;
1333 foreach($_POST as $name => $value){
1335 /* Create a new snapshot, display a dialog */
1336 if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
1337 $once = false;
1338 $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
1339 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1340 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1341 }
1343 /* Restore a snapshot, display a dialog with all snapshots of the current object */
1344 if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
1345 $once = false;
1346 $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
1347 $entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
1348 $this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
1349 $this->snapDialog->display_restore_dialog = true;
1350 }
1352 /* Restore one of the already deleted objects */
1353 if(preg_match("/^RestoreDeletedSnapShot_/",$name) && $once){
1354 $once = false;
1355 $this->snapDialog = new SnapShotDialog($this->config,$baseSuffixe,$this);
1356 $this->snapDialog->display_restore_dialog = true;
1357 $this->snapDialog->display_all_removed_objects = true;
1358 }
1360 /* Restore selected snapshot */
1361 if(preg_match("/^RestoreSnapShot_/",$name) && $once){
1362 $once = false;
1363 $entry = preg_replace("/^RestoreSnapShot_/","",$name);
1364 $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
1365 if(!empty($entry)){
1366 $this->restore_snapshot($entry);
1367 $this->snapDialog = NULL;
1368 }
1369 }
1370 }
1372 /* Create a new snapshot requested, check
1373 the given attributes and create the snapshot*/
1374 if(isset($_POST['CreateSnapshot'])){
1375 $this->snapDialog->save_object();
1376 $msgs = $this->snapDialog->check();
1377 if(count($msgs)){
1378 foreach($msgs as $msg){
1379 print_red($msg);
1380 }
1381 }else{
1382 $this->dn = $this->snapDialog->dn;
1383 $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription);
1384 $this->snapDialog = NULL;
1385 }
1386 }
1388 /* Restore is requested, restore the object with the posted dn .*/
1389 if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
1390 }
1392 if(isset($_POST['CancelSnapshot'])){
1393 $this->snapDialog = NULL;
1394 }
1396 if($this->snapDialog){
1397 $this->snapDialog->save_object();
1398 return($this->snapDialog->execute());
1399 }
1400 }
1403 function plInfo()
1404 {
1405 return array();
1406 }
1409 function set_acl_base($base)
1410 {
1411 $this->acl_base= $base;
1412 }
1415 function set_acl_category($category)
1416 {
1417 $this->acl_category= "$category/";
1418 }
1421 function acl_is_writeable($attribute,$skip_write = FALSE)
1422 {
1423 $ui= get_userinfo();
1424 return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
1425 }
1428 function acl_is_readable($attribute)
1429 {
1430 $ui= get_userinfo();
1431 return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
1432 }
1435 function acl_is_createable()
1436 {
1437 $ui= get_userinfo();
1438 return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1439 }
1442 function acl_is_removeable()
1443 {
1444 $ui= get_userinfo();
1445 return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1446 }
1449 function acl_is_moveable()
1450 {
1451 $ui= get_userinfo();
1452 return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
1453 }
1456 function acl_have_any_permissions()
1457 {
1458 }
1461 function getacl($attribute,$skip_write= FALSE)
1462 {
1463 $ui= get_userinfo();
1464 return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
1465 }
1467 /* Get all allowed bases to move an object to or to create a new object.
1468 Idepartments also contains all base departments which lead to the allowed bases */
1469 function get_allowed_bases($category = "")
1470 {
1471 $ui = get_userinfo();
1472 $deps = array();
1474 /* Set category */
1475 if(empty($category)){
1476 $category = $this->acl_category.get_class($this);
1477 }
1479 /* Is this a new object ? Or just an edited existing object */
1480 if(!$this->initially_was_account && $this->is_account){
1481 $new = true;
1482 }else{
1483 $new = false;
1484 }
1486 /* Add current base */
1487 if(isset($this->base) && isset($this->config->idepartments[$this->base])){
1488 $deps[$this->base] = $this->config->idepartments[$this->base];
1489 }else{
1490 echo "No default base found. ".$this->base."<br> ";
1491 }
1493 $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
1494 foreach($this->config->idepartments as $dn => $name){
1496 if(!in_array_ics($dn,$cat_bases)){
1497 continue;
1498 }
1500 $acl = $ui->get_permissions($dn,$category);
1501 if($new && preg_match("/c/",$acl)){
1502 $deps[$dn] = $name;
1503 }elseif(!$new && preg_match("/m/",$acl)){
1504 $deps[$dn] = $name;
1505 }
1506 }
1507 return($deps);
1508 }
1510 }
1511 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1512 ?>