1 <?php
4 /* FIXME: the complete acl stuff will be redesigned to be more intuitive,
5 which will be possible after introducing templates for html pages.
6 just be patient. */
9 class acl extends plugin
10 {
11 /* CLI vars */
12 var $cli_summary= "Manage group ACL's";
13 var $cli_description= "Some longer text\nfor help";
14 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
16 /* Helpers */
17 var $department= "";
18 var $objects= array();
19 var $object= "";
20 var $current_acl= "";
21 var $selfflag= FALSE;
23 var $gosaSubtreeACL;
25 /* attribute list for save action */
26 var $attributes= array("gosaSubtreeACL");
27 var $objectclasses= array("gosaObject");
29 var $CopyPasteVars = array("current_acl");
31 function acl ($config, $dn= NULL, $parent= NULL)
32 {
33 plugin::plugin($config, $dn, $parent);
35 /* WorkAround */
36 include "acl_definition.inc";
37 $this->objects= $ACLD;
38 $tmp= array_keys($this->objects);
39 $this->object= reset($tmp);
41 $this->selfflag= FALSE;
42 if (isset($this->attrs['gosaSubtreeACL'][0])){
43 $this->current_acl= preg_replace("/^[^:]*:/", "", $this->attrs['gosaSubtreeACL'][0]);
44 if (preg_match("/^!:/", $this->attrs['gosaSubtreeACL'][0])){
45 $this->selfflag= TRUE;
46 }
47 }
49 /* This is allways true */
50 $this->is_account= TRUE;
51 }
53 function execute()
54 {
55 echo "Pre: $this->current_acl<br>";
56 /* Call parent execute */
57 plugin::execute();
59 /* Do we represent a valid group? */
60 if (!$this->is_account && $this->parent == NULL){
61 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
62 _("This 'dn' is no acl container.")."</b>";
63 return ($display);
64 }
66 /* Show main page */
67 $smarty= get_smarty();
68 if ($_SESSION['js']==FALSE){
69 $smarty->assign("javascript", "false");
70 } else {
71 $smarty->assign("javascript", "true");
72 }
73 $smarty->assign("object", $this->object);
74 $obj= array();
75 foreach($this->objects as $key => $value){
76 $obj[$key]= $key;
77 }
78 if ($this->selfflag){
79 $smarty->assign("selfflag", "checked");
80 } else {
81 $smarty->assign("selfflag", "");
82 }
83 $smarty->assign("objects", $obj);
84 $display= $smarty->fetch (get_template_path('acl.tpl', TRUE));
86 /* Show acl stuff */
87 $this->acl= get_module_permission (array($this->current_acl), $this->object, "");
88 $display.= $this->print_attributes ($this->objects[$this->object]);
89 return ($display);
90 }
93 function remove_from_parent()
94 {
95 plugin::remove_from_parent();
97 $this->attrs['gosaSubtreeACL']= array();
99 $ldap= $this->config->get_ldap_link();
100 $ldap->cd($this->dn);
101 $this->cleanup();
102 $ldap->modify ($this->attrs);
103 show_ldap_error($ldap->get_error(), _("Removing ACL information failed"));
104 }
107 /* Save data to object */
108 function save_object()
109 {
110 plugin::save_object();
112 if (!isset($_POST['object'])){
113 return;
114 }
116 /* Strip of old information */
117 if ($this->object == "all"){
118 $this->current_acl= preg_replace ( "/[,]?all[,]?/", "", $this->current_acl);
119 }
120 $this->current_acl= preg_replace ( "/(^|[^a-z0-9A-Z])$this->object#[^,]*[,]?/", ",", $this->current_acl);
122 /* assemble new attributes */
123 $attrs= "";
124 if (isset($_POST['all'])){
125 $attrs.= "#all";
126 }
127 if ($this->object != "all" && !isset($_POST['all']) && $this->object != ""){
128 foreach ($this->objects[$this->object] as $key => $val){
129 if (is_integer($key)){
130 $aname= $val;
131 } else {
132 $aname= $key;
133 }
134 if (isset($_POST[$aname])){
135 $attrs.= "#$aname";
136 }
137 }
138 }
140 /* append information */
141 if ($attrs != ""){
142 $tmp= $this->object;
143 $attrs= $tmp.$attrs;
144 }
145 if ($this->current_acl != "" && $attrs != ""){
146 $this->current_acl.= ",";
147 }
148 $this->current_acl.= $attrs;
149 if (preg_match("/all#all/", $this->current_acl)){
150 $this->current_acl= "all";
151 }
152 if (preg_match("/^all,/", $this->current_acl)){
153 $this->current_acl= "all";
154 }
156 /* Save current object selection */
157 if (isset($_POST['object'])){
158 $this->object= $_POST['object'];
159 }
160 if (isset($_POST['selfflag'])){
161 $this->selfflag= TRUE;
162 } else {
163 $this->selfflag= FALSE;
164 }
166 /* Strip trailing colon... */
167 $this->current_acl= preg_replace("/,$/", "", $this->current_acl);
168 }
171 /* Save to LDAP */
172 function save()
173 {
174 /* Write back to LDAP */
175 $ldap= $this->config->get_ldap_link();
177 /* Read stuff and only modify subtreeACL entries */
178 plugin::save();
180 if ($this->current_acl != ""){
181 if ($this->selfflag){
182 $this->attrs['gosaSubtreeACL']= "!:".$this->current_acl;
183 } else {
184 $this->attrs['gosaSubtreeACL']= ":".$this->current_acl;
185 }
186 } else {
187 $objectclasses= array();
188 foreach ($this->attrs['objectClass'] as $oc){
189 if (!preg_match('/gosaObject/i', $oc)){
190 $objectclasses[]= $oc;
191 }
192 }
193 $this->attrs['objectClass']= $objectclasses;
194 $this->attrs['gosaSubtreeACL']= array();
195 }
197 /* Modify class */
198 $ldap->cd($this->dn);
199 $this->cleanup();
200 $ldap->modify ($this->attrs);
202 show_ldap_error($ldap->get_error(), _("Saving ACL information failed"));
203 }
206 function print_attributes ($name)
207 {
208 $display= "<input type=checkbox name=\"all\" value=\"1\"";
209 if (chkacl ($this->acl, "all") == ""){
210 $display.= " checked";
211 }
212 $display.= "><b>"._("All fields are writeable")."</b><br>";
214 # Put strings in right order
215 asort ($name);
217 # Generate checklist
218 $display.= "<table summary=\"\" style=\"width:100%;\">\n";
219 $switch= 0;
220 foreach ($name as $key => $val){
221 if ($switch == 0){
222 $display.= " <tr>\n";
223 }
225 if (is_integer($key)){
226 $display.= "<td><input type=checkbox name=\"$val\" value=\"1\" ";
227 if (chkacl ($this->acl, "$val") == ""){
228 $display.= "checked";
229 }
230 $display.= ">$val</td>";
231 } else {
232 $display.= "<td><input type=checkbox name=\"$key\" value=\"1\"";
233 if (chkacl ($this->acl, "$key") == ""){
234 $display.= "checked";
235 }
236 $display.= ">"._($val)."</td>";
237 }
239 if ($switch++ == 1){
240 $display.= " </tr>\n";
241 $switch= 0;
242 }
243 }
245 if ($switch == 1){
246 $display.= "<td></td></tr>";
247 }
248 $display.= "</table>\n";
250 return ($display);
251 }
253 }
255 ?>