1 <?php
4 /* FIXME: the complete acl stuff will be redesigned to be more intuitive,
5 which will be possible after introducing templates for html pages.
6 just be patient. */
9 class acl extends plugin
10 {
11 /* CLI vars */
12 var $cli_summary= "Manage group ACL's";
13 var $cli_description= "Some longer text\nfor help";
14 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
16 /* Helpers */
17 var $department= "";
18 var $objects= array();
19 var $object= "";
20 var $current_acl= "";
21 var $selfflag= FALSE;
24 /* attribute list for save action */
25 var $attributes= array();
26 var $objectclasses= array("gosaObject");
28 function acl ($config, $dn= NULL)
29 {
30 plugin::plugin($config, $dn);
32 /* WorkAround */
33 include "acl_definition.inc";
34 $this->objects= $ACLD;
35 $this->object= reset(array_keys($this->objects));
37 $this->selfflag= FALSE;
38 if (isset($this->attrs['gosaSubtreeACL'][0])){
39 $this->current_acl= preg_replace("/^[^:]*:/", "", $this->attrs['gosaSubtreeACL'][0]);
40 if (preg_match("/^!:/", $this->attrs['gosaSubtreeACL'][0])){
41 $this->selfflag= TRUE;
42 }
43 }
45 /* This is allways true */
46 $this->is_account= TRUE;
47 }
49 function execute()
50 {
51 /* Do we represent a valid group? */
52 if (!$this->is_account && $this->parent == NULL){
53 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
54 _("This 'dn' is no acl container.")."</b>";
55 return ($display);
56 }
58 /* Show main page */
59 $smarty= get_smarty();
60 if ($_SESSION['js']==FALSE){
61 $smarty->assign("javascript", "false");
62 } else {
63 $smarty->assign("javascript", "true");
64 }
65 $smarty->assign("object", $this->object);
66 $obj= array();
67 foreach($this->objects as $key => $value){
68 $obj[$key]= $key;
69 }
70 if ($this->selfflag){
71 $smarty->assign("selfflag", "checked");
72 } else {
73 $smarty->assign("selfflag", "");
74 }
75 $smarty->assign("objects", $obj);
76 $display= $smarty->fetch (get_template_path('acl.tpl', TRUE));
78 /* Show acl stuff */
79 $this->acl= get_module_permission (array($this->current_acl), $this->object, "");
80 $display.= $this->print_attributes ($this->objects[$this->object]);
81 return ($display);
82 }
85 function remove_from_parent()
86 {
87 plugin::remove_from_parent();
89 $this->attrs['gosaSubtreeACL']= array();
91 $ldap= $this->config->get_ldap_link();
92 $ldap->cd($this->dn);
93 $ldap->modify($this->attrs);
94 show_ldap_error($ldap->get_error());
95 }
98 /* Save data to object */
99 function save_object()
100 {
101 plugin::save_object();
103 if (!isset($_POST['object'])){
104 return;
105 }
107 /* Strip of old information */
108 if ($this->object == "all"){
109 $this->current_acl= preg_replace ( "/[,]?all[,]?/", "", $this->current_acl);
110 }
111 $this->current_acl= preg_replace ( "/[,]?$this->object#[^,]*[,]?/", "", $this->current_acl);
113 /* assemble new attributes */
114 $attrs= "";
115 if (isset($_POST['all'])){
116 $attrs.= "#all";
117 }
118 if ($this->object != "all" && !isset($_POST['all']) && $this->object != ""){
119 foreach ($this->objects[$this->object] as $key => $val){
120 if (is_integer($key)){
121 $aname= $val;
122 } else {
123 $aname= $key;
124 }
125 if (isset($_POST[$aname])){
126 $attrs.= "#$aname";
127 }
128 }
129 }
131 /* append information */
132 if ($this->current_acl != "" && $attrs != ""){
133 $this->current_acl.= ",";
134 }
135 if ($attrs != ""){
136 $tmp= $this->object;
137 $attrs= $tmp.$attrs;
138 }
139 $this->current_acl.= $attrs;
140 if (preg_match("/all#all/", $this->current_acl)){
141 $this->current_acl= "all";
142 }
143 if (preg_match("/^all,/", $this->current_acl)){
144 $this->current_acl= "all";
145 }
147 /* Save current object selection */
148 if (isset($_POST['object'])){
149 $this->object= $_POST['object'];
150 }
151 if (isset($_POST['selfflag'])){
152 $this->selfflag= TRUE;
153 } else {
154 $this->selfflag= FALSE;
155 }
157 }
160 /* Save to LDAP */
161 function save()
162 {
163 /* Write back to LDAP */
164 $ldap= $this->config->get_ldap_link();
166 /* Read stuff and only modify subtreeACL entries */
167 plugin::save();
169 if ($this->current_acl != ""){
170 if ($this->selfflag){
171 $this->attrs['gosaSubtreeACL']= "!:".$this->current_acl;
172 } else {
173 $this->attrs['gosaSubtreeACL']= ":".$this->current_acl;
174 }
175 } else {
176 $objectclasses= array();
177 foreach ($this->attrs['objectClass'] as $oc){
178 if (!preg_match('/gosaObject/i', $oc)){
179 $objectclasses[]= $oc;
180 }
181 }
182 $this->attrs['objectClass']= $objectclasses;
183 $this->attrs['gosaSubtreeACL']= array();
184 }
186 /* Modify class */
187 $ldap->cd($this->dn);
188 $ldap->modify($this->attrs);
189 show_ldap_error($ldap->get_error());
190 }
193 function print_attributes ($name)
194 {
195 $display= "<input type=checkbox name=\"all\" value=\"1\"";
196 if (chkacl ($this->acl, "all") == ""){
197 $display.= " checked";
198 }
199 $display.= "><b>"._("All fields are writeable")."</b><br>";
201 # Put strings in right order
202 asort ($name);
204 # Generate checklist
205 $display.= "<table style=\"width:100%;\">\n";
206 $switch= 0;
207 foreach ($name as $key => $val){
208 if ($switch == 0){
209 $display.= " <tr>\n";
210 }
212 if (is_integer($key)){
213 $display.= "<td><input type=checkbox name=\"$val\" value=\"1\" ";
214 if (chkacl ($this->acl, "$val") == ""){
215 $display.= "checked";
216 }
217 $display.= ">$val</td>";
218 } else {
219 $display.= "<td><input type=checkbox name=\"$key\" value=\"1\"";
220 if (chkacl ($this->acl, "$key") == ""){
221 $display.= "checked";
222 }
223 $display.= ">"._($val)."</td>";
224 }
226 if ($switch++ == 1){
227 $display.= " </tr>\n";
228 $switch= 0;
229 }
230 }
232 if ($switch == 1){
233 $display.= "<td></td></tr>";
234 }
235 $display.= "</table>\n";
237 return ($display);
238 }
240 }
242 ?>