![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
0c22986aa62fdabb39359201b547b82b33b219c6
1 <?php
4 /* FIXME: the complete acl stuff will be redesigned to be more intuitive,
5 which will be possible after introducing templates for html pages.
6 just be patient. */
9 class acl extends plugin
10 {
11 /* CLI vars */
12 var $cli_summary= "Manage group ACL's";
13 var $cli_description= "Some longer text\nfor help";
14 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
16 /* Helpers */
17 var $department= "";
18 var $objects= array();
19 var $object= "";
20 var $current_acl= "";
21 var $selfflag= FALSE;
24 /* attribute list for save action */
25 var $attributes= array();
26 var $objectclasses= array("gosaObject");
28 function acl ($config, $dn= NULL)
29 {
30 plugin::plugin($config, $dn);
32 /* WorkAround */
33 include "acl_definition.inc";
34 $this->objects= $ACLD;
35 $tmp= array_keys($this->objects);
36 $this->object= reset($tmp);
38 $this->selfflag= FALSE;
39 if (isset($this->attrs['gosaSubtreeACL'][0])){
40 $this->current_acl= preg_replace("/^[^:]*:/", "", $this->attrs['gosaSubtreeACL'][0]);
41 if (preg_match("/^!:/", $this->attrs['gosaSubtreeACL'][0])){
42 $this->selfflag= TRUE;
43 }
44 }
46 /* This is allways true */
47 $this->is_account= TRUE;
48 }
50 function execute()
51 {
52 /* Call parent execute */
53 plugin::execute();
54 /* Do we represent a valid group? */
55 if (!$this->is_account && $this->parent == NULL){
56 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
57 _("This 'dn' is no acl container.")."</b>";
58 return ($display);
59 }
61 /* Show main page */
62 $smarty= get_smarty();
63 if ($_SESSION['js']==FALSE){
64 $smarty->assign("javascript", "false");
65 } else {
66 $smarty->assign("javascript", "true");
67 }
68 $smarty->assign("object", $this->object);
69 $obj= array();
70 foreach($this->objects as $key => $value){
71 $obj[$key]= $key;
72 }
73 if ($this->selfflag){
74 $smarty->assign("selfflag", "checked");
75 } else {
76 $smarty->assign("selfflag", "");
77 }
78 $smarty->assign("objects", $obj);
79 $display= $smarty->fetch (get_template_path('acl.tpl', TRUE));
81 /* Show acl stuff */
82 $this->acl= get_module_permission (array($this->current_acl), $this->object, "");
83 $display.= $this->print_attributes ($this->objects[$this->object]);
84 return ($display);
85 }
88 function remove_from_parent()
89 {
90 plugin::remove_from_parent();
92 $this->attrs['gosaSubtreeACL']= array();
94 $ldap= $this->config->get_ldap_link();
95 $ldap->cd($this->dn);
96 $ldap->modify($this->attrs);
97 show_ldap_error($ldap->get_error());
98 }
101 /* Save data to object */
102 function save_object()
103 {
104 plugin::save_object();
106 if (!isset($_POST['object'])){
107 return;
108 }
110 /* Strip of old information */
111 if ($this->object == "all"){
112 $this->current_acl= preg_replace ( "/[,]?all[,]?/", "", $this->current_acl);
113 }
114 $this->current_acl= preg_replace ( "/[,]?$this->object#[^,]*[,]?/", "", $this->current_acl);
116 /* assemble new attributes */
117 $attrs= "";
118 if (isset($_POST['all'])){
119 $attrs.= "#all";
120 }
121 if ($this->object != "all" && !isset($_POST['all']) && $this->object != ""){
122 foreach ($this->objects[$this->object] as $key => $val){
123 if (is_integer($key)){
124 $aname= $val;
125 } else {
126 $aname= $key;
127 }
128 if (isset($_POST[$aname])){
129 $attrs.= "#$aname";
130 }
131 }
132 }
134 /* append information */
135 if ($this->current_acl != "" && $attrs != ""){
136 $this->current_acl.= ",";
137 }
138 if ($attrs != ""){
139 $tmp= $this->object;
140 $attrs= $tmp.$attrs;
141 }
142 $this->current_acl.= $attrs;
143 if (preg_match("/all#all/", $this->current_acl)){
144 $this->current_acl= "all";
145 }
146 if (preg_match("/^all,/", $this->current_acl)){
147 $this->current_acl= "all";
148 }
150 /* Save current object selection */
151 if (isset($_POST['object'])){
152 $this->object= $_POST['object'];
153 }
154 if (isset($_POST['selfflag'])){
155 $this->selfflag= TRUE;
156 } else {
157 $this->selfflag= FALSE;
158 }
160 }
163 /* Save to LDAP */
164 function save()
165 {
166 /* Write back to LDAP */
167 $ldap= $this->config->get_ldap_link();
169 /* Read stuff and only modify subtreeACL entries */
170 plugin::save();
172 if ($this->current_acl != ""){
173 if ($this->selfflag){
174 $this->attrs['gosaSubtreeACL']= "!:".$this->current_acl;
175 } else {
176 $this->attrs['gosaSubtreeACL']= ":".$this->current_acl;
177 }
178 } else {
179 $objectclasses= array();
180 foreach ($this->attrs['objectClass'] as $oc){
181 if (!preg_match('/gosaObject/i', $oc)){
182 $objectclasses[]= $oc;
183 }
184 }
185 $this->attrs['objectClass']= $objectclasses;
186 $this->attrs['gosaSubtreeACL']= array();
187 }
189 /* Modify class */
190 $ldap->cd($this->dn);
191 $ldap->modify($this->attrs);
192 show_ldap_error($ldap->get_error());
193 }
196 function print_attributes ($name)
197 {
198 $display= "<input type=checkbox name=\"all\" value=\"1\"";
199 if (chkacl ($this->acl, "all") == ""){
200 $display.= " checked";
201 }
202 $display.= "><b>"._("All fields are writeable")."</b><br>";
204 # Put strings in right order
205 asort ($name);
207 # Generate checklist
208 $display.= "<table summary=\"\" style=\"width:100%;\">\n";
209 $switch= 0;
210 foreach ($name as $key => $val){
211 if ($switch == 0){
212 $display.= " <tr>\n";
213 }
215 if (is_integer($key)){
216 $display.= "<td><input type=checkbox name=\"$val\" value=\"1\" ";
217 if (chkacl ($this->acl, "$val") == ""){
218 $display.= "checked";
219 }
220 $display.= ">$val</td>";
221 } else {
222 $display.= "<td><input type=checkbox name=\"$key\" value=\"1\"";
223 if (chkacl ($this->acl, "$key") == ""){
224 $display.= "checked";
225 }
226 $display.= ">"._($val)."</td>";
227 }
229 if ($switch++ == 1){
230 $display.= " </tr>\n";
231 $switch= 0;
232 }
233 }
235 if ($switch == 1){
236 $display.= "<td></td></tr>";
237 }
238 $display.= "</table>\n";
240 return ($display);
241 }
243 }
245 ?>