1 <?php
4 /* FIXME: the complete acl stuff will be redesigned to be more intuitive,
5 which will be possible after introducing templates for html pages.
6 just be patient. */
9 class acl extends plugin
10 {
11 /* CLI vars */
12 var $cli_summary= "Manage group ACL's";
13 var $cli_description= "Some longer text\nfor help";
14 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
16 /* Helpers */
17 var $department= "";
18 var $objects= array();
19 var $object= "";
20 var $current_acl= "";
21 var $selfflag= FALSE;
24 /* attribute list for save action */
25 var $attributes= array();
26 var $objectclasses= array("gosaObject");
28 function acl ($config, $dn= NULL)
29 {
30 plugin::plugin($config, $dn);
32 /* WorkAround */
33 include "acl_definition.inc";
34 $this->objects= $ACLD;
35 $tmp= array_keys($this->objects);
36 $this->object= reset($tmp);
38 $this->selfflag= FALSE;
39 if (isset($this->attrs['gosaSubtreeACL'][0])){
40 $this->current_acl= preg_replace("/^[^:]*:/", "", $this->attrs['gosaSubtreeACL'][0]);
41 if (preg_match("/^!:/", $this->attrs['gosaSubtreeACL'][0])){
42 $this->selfflag= TRUE;
43 }
44 }
46 /* This is allways true */
47 $this->is_account= TRUE;
48 }
50 function execute()
51 {
52 /* Do we represent a valid group? */
53 if (!$this->is_account && $this->parent == NULL){
54 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
55 _("This 'dn' is no acl container.")."</b>";
56 return ($display);
57 }
59 /* Show main page */
60 $smarty= get_smarty();
61 if ($_SESSION['js']==FALSE){
62 $smarty->assign("javascript", "false");
63 } else {
64 $smarty->assign("javascript", "true");
65 }
66 $smarty->assign("object", $this->object);
67 $obj= array();
68 foreach($this->objects as $key => $value){
69 $obj[$key]= $key;
70 }
71 if ($this->selfflag){
72 $smarty->assign("selfflag", "checked");
73 } else {
74 $smarty->assign("selfflag", "");
75 }
76 $smarty->assign("objects", $obj);
77 $display= $smarty->fetch (get_template_path('acl.tpl', TRUE));
79 /* Show acl stuff */
80 $this->acl= get_module_permission (array($this->current_acl), $this->object, "");
81 $display.= $this->print_attributes ($this->objects[$this->object]);
82 return ($display);
83 }
86 function remove_from_parent()
87 {
88 plugin::remove_from_parent();
90 $this->attrs['gosaSubtreeACL']= array();
92 $ldap= $this->config->get_ldap_link();
93 $ldap->cd($this->dn);
94 $ldap->modify($this->attrs);
95 show_ldap_error($ldap->get_error());
96 }
99 /* Save data to object */
100 function save_object()
101 {
102 plugin::save_object();
104 if (!isset($_POST['object'])){
105 return;
106 }
108 /* Strip of old information */
109 if ($this->object == "all"){
110 $this->current_acl= preg_replace ( "/[,]?all[,]?/", "", $this->current_acl);
111 }
112 $this->current_acl= preg_replace ( "/[,]?$this->object#[^,]*[,]?/", "", $this->current_acl);
114 /* assemble new attributes */
115 $attrs= "";
116 if (isset($_POST['all'])){
117 $attrs.= "#all";
118 }
119 if ($this->object != "all" && !isset($_POST['all']) && $this->object != ""){
120 foreach ($this->objects[$this->object] as $key => $val){
121 if (is_integer($key)){
122 $aname= $val;
123 } else {
124 $aname= $key;
125 }
126 if (isset($_POST[$aname])){
127 $attrs.= "#$aname";
128 }
129 }
130 }
132 /* append information */
133 if ($this->current_acl != "" && $attrs != ""){
134 $this->current_acl.= ",";
135 }
136 if ($attrs != ""){
137 $tmp= $this->object;
138 $attrs= $tmp.$attrs;
139 }
140 $this->current_acl.= $attrs;
141 if (preg_match("/all#all/", $this->current_acl)){
142 $this->current_acl= "all";
143 }
144 if (preg_match("/^all,/", $this->current_acl)){
145 $this->current_acl= "all";
146 }
148 /* Save current object selection */
149 if (isset($_POST['object'])){
150 $this->object= $_POST['object'];
151 }
152 if (isset($_POST['selfflag'])){
153 $this->selfflag= TRUE;
154 } else {
155 $this->selfflag= FALSE;
156 }
158 }
161 /* Save to LDAP */
162 function save()
163 {
164 /* Write back to LDAP */
165 $ldap= $this->config->get_ldap_link();
167 /* Read stuff and only modify subtreeACL entries */
168 plugin::save();
170 if ($this->current_acl != ""){
171 if ($this->selfflag){
172 $this->attrs['gosaSubtreeACL']= "!:".$this->current_acl;
173 } else {
174 $this->attrs['gosaSubtreeACL']= ":".$this->current_acl;
175 }
176 } else {
177 $objectclasses= array();
178 foreach ($this->attrs['objectClass'] as $oc){
179 if (!preg_match('/gosaObject/i', $oc)){
180 $objectclasses[]= $oc;
181 }
182 }
183 $this->attrs['objectClass']= $objectclasses;
184 $this->attrs['gosaSubtreeACL']= array();
185 }
187 /* Modify class */
188 $ldap->cd($this->dn);
189 $ldap->modify($this->attrs);
190 show_ldap_error($ldap->get_error());
191 }
194 function print_attributes ($name)
195 {
196 $display= "<input type=checkbox name=\"all\" value=\"1\"";
197 if (chkacl ($this->acl, "all") == ""){
198 $display.= " checked";
199 }
200 $display.= "><b>"._("All fields are writeable")."</b><br>";
202 # Put strings in right order
203 asort ($name);
205 # Generate checklist
206 $display.= "<table summary=\"\" style=\"width:100%;\">\n";
207 $switch= 0;
208 foreach ($name as $key => $val){
209 if ($switch == 0){
210 $display.= " <tr>\n";
211 }
213 if (is_integer($key)){
214 $display.= "<td><input type=checkbox name=\"$val\" value=\"1\" ";
215 if (chkacl ($this->acl, "$val") == ""){
216 $display.= "checked";
217 }
218 $display.= ">$val</td>";
219 } else {
220 $display.= "<td><input type=checkbox name=\"$key\" value=\"1\"";
221 if (chkacl ($this->acl, "$key") == ""){
222 $display.= "checked";
223 }
224 $display.= ">"._($val)."</td>";
225 }
227 if ($switch++ == 1){
228 $display.= " </tr>\n";
229 $switch= 0;
230 }
231 }
233 if ($switch == 1){
234 $display.= "<td></td></tr>";
235 }
236 $display.= "</table>\n";
238 return ($display);
239 }
241 }
243 ?>