1 <?php
4 /* FIXME: the complete acl stuff will be redesigned to be more intuitive,
5 which will be possible after introducing templates for html pages.
6 just be patient. */
9 class acl extends plugin
10 {
11 /* CLI vars */
12 var $cli_summary= "Manage group ACL's";
13 var $cli_description= "Some longer text\nfor help";
14 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
16 /* Helpers */
17 var $department= "";
18 var $objects= array();
19 var $object= "";
20 var $current_acl= "";
21 var $selfflag= FALSE;
22 var $tacl= "";
24 var $gosaSubtreeACL;
26 /* attribute list for save action */
27 var $attributes= array("gosaSubtreeACL");
28 var $objectclasses= array("gosaObject");
30 var $CopyPasteVars = array("current_acl");
32 function acl ($config, $dn= NULL, $parent= NULL)
33 {
34 plugin::plugin($config, $dn, $parent);
36 /* WorkAround */
37 include "acl_definition.inc";
38 $this->objects= $ACLD;
39 $tmp= array_keys($this->objects);
40 $this->object= reset($tmp);
42 $this->selfflag= FALSE;
43 if (isset($this->attrs['gosaSubtreeACL'][0])){
44 $this->current_acl= preg_replace("/^[^:]*:/", "", $this->attrs['gosaSubtreeACL'][0]);
45 if (preg_match("/^!:/", $this->attrs['gosaSubtreeACL'][0])){
46 $this->selfflag= TRUE;
47 }
48 }
50 /* This is allways true */
51 $this->is_account= TRUE;
52 }
54 function execute()
55 {
56 if (chkacl($this->acl, 'acl') != ""){
57 $display= "<b>"._("You have no permissions to view and edit ACLs.")."</b>";
59 return ($display);
60 }
62 /* Call parent execute */
63 plugin::execute();
65 /* Do we represent a valid group? */
66 if (!$this->is_account && $this->parent == NULL){
67 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
68 _("This 'dn' is no acl container.")."</b>";
69 return ($display);
70 }
72 /* Show main page */
73 $smarty= get_smarty();
74 if ($_SESSION['js']==FALSE){
75 $smarty->assign("javascript", "false");
76 } else {
77 $smarty->assign("javascript", "true");
78 }
79 $smarty->assign("object", $this->object);
80 $obj= array();
81 foreach($this->objects as $key => $value){
82 $obj[$key]= $key;
83 }
84 if ($this->selfflag){
85 $smarty->assign("selfflag", "checked");
86 } else {
87 $smarty->assign("selfflag", "");
88 }
89 $smarty->assign("objects", $obj);
90 $display= $smarty->fetch (get_template_path('acl.tpl', TRUE));
92 /* Show acl stuff */
93 $this->tacl= get_module_permission (array($this->current_acl), $this->object, "");
94 $display.= $this->print_attributes ($this->objects[$this->object]);
95 return ($display);
96 }
99 function remove_from_parent()
100 {
101 plugin::remove_from_parent();
103 $this->attrs['gosaSubtreeACL']= array();
105 $ldap= $this->config->get_ldap_link();
106 $ldap->cd($this->dn);
107 $this->cleanup();
108 $ldap->modify ($this->attrs);
109 show_ldap_error($ldap->get_error(), _("Removing ACL information failed"));
110 }
113 /* Save data to object */
114 function save_object()
115 {
116 if (chkacl($this->acl, 'acl') == ""){
117 plugin::save_object();
119 if (!isset($_POST['object'])){
120 return;
121 }
123 /* Strip of old information */
124 if ($this->object == "all"){
125 $this->current_acl= preg_replace ( "/[,]?all[,]?/", "", $this->current_acl);
126 }
127 $this->current_acl= preg_replace ( "/(^|[^a-z0-9A-Z])$this->object#[^,]*[,]?/", ",", $this->current_acl);
129 /* assemble new attributes */
130 $attrs= "";
131 if (isset($_POST['all'])){
132 $attrs.= "#all";
133 }
134 if ($this->object != "all" && !isset($_POST['all']) && $this->object != ""){
135 foreach ($this->objects[$this->object] as $key => $val){
136 if (is_integer($key)){
137 $aname= $val;
138 } else {
139 $aname= $key;
140 }
141 if (isset($_POST[$aname])){
142 $attrs.= "#$aname";
143 }
144 }
145 }
147 /* append information */
148 if ($attrs != ""){
149 $tmp= $this->object;
150 $attrs= $tmp.$attrs;
151 }
152 if ($this->current_acl != "" && $attrs != ""){
153 $this->current_acl.= ",";
154 }
155 $this->current_acl.= $attrs;
156 if (preg_match("/all#all/", $this->current_acl)){
157 $this->current_acl= "all";
158 }
159 if (preg_match("/^all,/", $this->current_acl)){
160 $this->current_acl= "all";
161 }
163 /* Save current object selection */
164 if (isset($_POST['object'])){
165 $this->object= $_POST['object'];
166 }
167 if (isset($_POST['selfflag'])){
168 $this->selfflag= TRUE;
169 } else {
170 $this->selfflag= FALSE;
171 }
173 /* Remove double colons, strip trailing colon... */
174 $this->current_acl= preg_replace("/,,/", ",", $this->current_acl);
175 $this->current_acl= preg_replace("/,$/", "", $this->current_acl);
176 $this->current_acl= preg_replace("/^,/", "", $this->current_acl);
177 }
178 }
181 /* Save to LDAP */
182 function save()
183 {
184 /* Write back to LDAP */
185 $ldap= $this->config->get_ldap_link();
187 /* Read stuff and only modify subtreeACL entries */
188 plugin::save();
190 if ($this->current_acl != ""){
191 if ($this->selfflag){
192 $this->attrs['gosaSubtreeACL']= "!:".$this->current_acl;
193 } else {
194 $this->attrs['gosaSubtreeACL']= ":".$this->current_acl;
195 }
196 } else {
197 $objectclasses= array();
198 foreach ($this->attrs['objectClass'] as $oc){
199 if (!preg_match('/gosaObject/i', $oc)){
200 $objectclasses[]= $oc;
201 }
202 }
203 $this->attrs['objectClass']= $objectclasses;
204 $this->attrs['gosaSubtreeACL']= array();
205 }
207 /* Modify class */
208 $ldap->cd($this->dn);
209 $this->cleanup();
210 $ldap->modify ($this->attrs);
212 show_ldap_error($ldap->get_error(), _("Saving ACL information failed"));
213 }
216 function print_attributes ($name)
217 {
218 $display= "<input type=checkbox name=\"all\" value=\"1\"";
219 if (chkacl ($this->tacl, "all") == ""){
220 $display.= " checked";
221 }
222 $display.= "><b>"._("All fields are writeable")."</b><br>";
224 # Put strings in right order
225 asort ($name);
227 # Generate checklist
228 $display.= "<table summary=\"\" style=\"width:100%;\">\n";
229 $switch= 0;
230 foreach ($name as $key => $val){
231 if ($switch == 0){
232 $display.= " <tr>\n";
233 }
235 if (is_integer($key)){
236 $display.= "<td><input type=checkbox name=\"$val\" value=\"1\" ";
237 if (chkacl ($this->tacl, "$val") == ""){
238 $display.= "checked";
239 }
240 $display.= ">$val</td>";
241 } else {
242 $display.= "<td><input type=checkbox name=\"$key\" value=\"1\"";
243 if (chkacl ($this->tacl, "$key") == ""){
244 $display.= "checked";
245 }
246 $display.= ">"._($val)."</td>";
247 }
249 if ($switch++ == 1){
250 $display.= " </tr>\n";
251 $switch= 0;
252 }
253 }
255 if ($switch == 1){
256 $display.= "<td></td></tr>";
257 }
258 $display.= "</table>\n";
260 return ($display);
261 }
263 }
265 ?>