96d45536125d8bde222bd23ae24a4a4271a10963
1 <?php
2 class group extends plugin
3 {
4 /* CLI vars */
5 var $cli_summary= "Handling of GOsa's base group object";
6 var $cli_description= "Some longer text\nfor help";
7 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
9 /* Group attributes */
10 var $cn= "";
11 var $description= "";
12 var $gidNumber= "";
13 var $memberUid= array();
15 /* Helpers */
16 var $base= "";
17 var $force_gid= FALSE;
18 var $fon_group= FALSE;
19 var $smbgroup= FALSE;
20 var $groupType= FALSE;
21 var $samba3= FALSE;
22 var $sambaSID= "";
23 var $sambaDomainName= "DEFAULT";
24 var $SID= "";
25 var $ridBase= 0;
26 var $members= array();
27 var $users= array();
28 var $allusers= array();
29 var $department= "";
30 var $saved_gidNumber= "";
31 var $oldgroupType= "";
32 var $orig_dn= "";
33 var $orig_cn= "";
34 var $has_mailAccount= FALSE;
35 var $group_dialog= FALSE;
36 var $nagios_group =FALSE;
37 var $sambaGroupType;
38 var $dialog;
39 var $OnlyShowFirstEntries =200;
41 var $allowGroupsWithSameNameInOtherSubtrees = true;
43 /* attribute list for save action */
44 var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID");
45 var $objectclasses= array("top", "posixGroup");
47 function group ($config, $dn= NULL)
48 {
49 plugin::plugin ($config, $dn);
51 /* remove Release Tag if we have release management enabled
52 */
53 $tmp = search_config($config->data,"faiManagement","CLASS");
54 if(!empty($tmp)){
55 $this->description = preg_replace("/\(.*\)$/","",$this->description);
56 }
58 /* Load attributes depending on the samba version */
59 $this->samba3= ($config->current['SAMBAVERSION'] == 3);
60 $this->orig_dn= $dn;
61 $this->orig_cn= $this->cn;
63 /* Get member list */
64 if (isset($this->attrs['memberUid'][0])){
65 $tmp= array();
66 for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
67 $tmp[]= $this->attrs['memberUid'][$i];
68 }
69 $this->memberUid= $tmp;
70 sort ($this->memberUid);
71 }
73 /* Save gidNumber for later use */
74 if (isset($this->attrs['gidNumber'])){
75 $this->saved_gidNumber= $this->attrs['gidNumber'][0];
76 }
78 /* Is a samba group? */
79 if (isset($this->attrs['objectClass'])){
80 if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == NULL ){
81 $this->smbgroup= FALSE;
82 } else {
83 $this->smbgroup= TRUE;
84 if (isset($this->attrs['sambaSID'])){
85 $this->sambaSID= $this->attrs['sambaSID'][0];
86 }
87 }
88 if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == NULL ){
89 $this->fon_group= FALSE;
90 } else {
91 $this->fon_group= TRUE;
92 }
93 if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == NULL ){
94 $this->nagios_group= FALSE;
95 } else {
96 $this->nagios_group= TRUE;
97 }
98 }
100 /* Set mail flag */
101 if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
102 $this->has_mailAccount= TRUE;
103 }
105 /* Get samba Domain in case of samba 3 */
106 if ($this->samba3 && $this->sambaSID != ""){
107 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
108 $ldap= $this->config->get_ldap_link();
109 $ldap->cd($this->config->current['BASE']);
110 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
111 if ($ldap->count() != 0){
112 $attrs= $ldap->fetch();
113 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
115 /* Get domain name for SID */
116 $this->sambaDomainName= "DEFAULT";
117 foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
118 if ($val['SID'] == $this->SID){
119 $this->sambaDomainName= $key;
120 break;
121 }
122 }
123 } else {
124 if (isset($this->config->current['RIDBASE'])){
125 $this->sambaDomainName= "DEFAULT";
126 $this->ridBase= $this->config->current['RIDBASE'];
127 $this->SID= $this->config->current['SID'];
128 } else {
129 print_red(_("Can't find this groups SID in LDAP or in your configuration file!"));
130 }
131 }
133 /* Get group type */
134 $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
135 if ($this->groupType < 500 || $this->groupType > 553){
136 $this->groupType= 0;
137 }
138 $this->oldgroupType= $this->groupType;
139 }
141 /* Get global filter config */
142 if (!is_global("gufilter")){
143 $ui= get_userinfo();
144 $base= get_base_from_people($ui->dn);
145 $gufilter= array( "dselect" => $base,
146 "regex" => "*");
147 register_global("gufilter", $gufilter);
148 }
149 $gufilter= get_global('gufilter');
151 $gufilter['SubSearchGroup'] = false;
152 $gufilter['dselect'] = $_SESSION['gufilter']['dselect'];
154 register_global('gufilter',$gufilter);
156 if ($this->dn == "new"){
157 if(isset($_SESSION['CurrentMainBase'])){
158 $this->base= $_SESSION['CurrentMainBase'];
159 }else{
160 $ui= get_userinfo();
161 $this->base= dn2base($ui->dn);
162 }
163 } else {
164 $this->base= preg_replace ("/^[^,]+,[^,]+,/", "", $this->dn);
165 }
167 /* This is always an account */
168 $this->is_account= TRUE;
169 $this->reload();
170 }
172 function execute()
173 {
174 /* Call parent execute */
175 plugin::execute();
177 $ui= get_userinfo();
178 $acla= get_permissions ($ui->dn, $ui->subtreeACL);
179 $this->acl= get_module_permission($acla, "group", $ui->dn);
180 /* Do we represent a valid group? */
181 if (!$this->is_account && $this->parent == NULL){
182 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
183 _("This 'dn' is no group.")."</b>";
184 return ($display);
185 }
187 /* Delete user from group */
188 if (isset($_POST['del_users']) && isset($_POST['members'])){
189 foreach ($_POST['members'] as $value){
190 unset ($this->members["$value"]);
191 $this->removeUser($value);
192 }
193 $this->reload();
194 }
196 /* Add objects? */
197 if (isset($_POST["edit_membership"])){
198 $this->group_dialog= TRUE;
199 $this->dialog= TRUE;
200 }
202 /* Add objects finished? */
203 if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
204 $this->group_dialog= FALSE;
205 $this->dialog= FALSE;
206 }
208 /* Add user to group */
209 if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
210 foreach ($_POST['users'] as $value){
211 $this->members["$value"]= $this->allusers[$value];
212 asort($this->members);
213 $this->addUser($value);
214 }
215 $this->reload();
216 }
218 /* Base select dialog */
219 $once = true;
220 foreach($_POST as $name => $value){
221 if(preg_match("/^chooseBase/",$name) && $once){
222 $once = false;
223 $this->dialog = new baseSelectDialog($this->config);
224 $this->dialog->setCurrentBase($this->base);
225 }
226 }
228 /* Dialog handling */
229 if(is_object($this->dialog)){
230 /* Must be called before save_object */
231 $this->dialog->save_object();
233 if($this->dialog->isClosed()){
234 $this->dialog = false;
235 }elseif($this->dialog->isSelected()){
236 $this->base = $this->dialog->isSelected();
237 $this->dialog= false;
238 }else{
239 return($this->dialog->execute());
240 }
241 }
243 /* Assign templating stuff */
244 $smarty= get_smarty();
245 if ($this->samba3){
246 $smarty->assign("samba3", "true");
247 } else {
248 $smarty->assign("samba3", "");
249 }
251 if(search_config($this->config->data['MENU'], "nagiosaccount", "CLASS")){
252 $smarty->assign("nagios",true);
253 }else{
254 $smarty->assign("nagios",false);
255 }
257 if(search_config($this->config->data['MENU'], "phoneAccount", "CLASS")){
258 $smarty->assign("pickupGroup",true);
259 }else{
260 $smarty->assign("pickupGroup",false);
261 }
263 /* Manage object add dialog */
264 if ($this->group_dialog){
266 /* Save data */
267 $gufilter= get_global("gufilter");
268 foreach( array("dselect", "regex") as $type){
269 if (isset($_POST[$type])){
270 $gufilter[$type]= $_POST[$type];
271 }
272 }
273 if(isset($_POST['regex'])){
274 if(isset($_POST['SubSearchGroup'])){
275 $gufilter['SubSearchGroup'] = true;
276 }else{
277 $gufilter['SubSearchGroup'] = false;
278 }
279 }
281 if (isset($_GET['search'])){
282 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
283 if ($s == "**"){
284 $s= "*";
285 }
286 $gufilter['regex']= $s;
287 }
288 register_global("gufilter", $gufilter);
289 $this->reload();
291 /* Show dialog */
292 $smarty->assign("search_image", get_template_path('images/search.png'));
293 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
294 $smarty->assign("tree_image", get_template_path('images/tree.png'));
295 $smarty->assign("deplist", $this->config->idepartments);
296 $smarty->assign("alphabet", generate_alphabet());
297 foreach( array("dselect", "regex","SubSearchGroup") as $type){
298 $smarty->assign("$type", $gufilter[$type]);
299 }
300 $smarty->assign("hint", print_sizelimit_warning());
301 $smarty->assign("users", $this->displayUsers);
302 $smarty->assign("apply", apply_filter());
303 $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
304 return ($display);
305 }
307 /* Bases / Departments */
308 if (isset($_POST['base'])){
309 $this->base= $_POST['base'];
310 }
312 $smarty->assign("bases", $this->config->idepartments);
313 $smarty->assign("base_select", $this->base);
314 $smarty->assign("department", $this->department);
316 if ($this->samba3){
317 $domains= array();
318 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
319 $domains[$name]= $name;
320 }
321 $smarty->assign("sambaDomains", $domains);
322 $smarty->assign("sambaDomainName", $this->sambaDomainName);
323 $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
324 514 => _("Domain guests"));
326 /* Don't loose special groups! If not key'ed above, add it to
327 the combo box... */
328 if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
329 $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
330 }
332 $smarty->assign("groupTypes", $groupTypes);
333 $smarty->assign("groupType", $this->groupType);
334 }
336 /* Members and users */
337 $smarty->assign("members", $this->members);
339 /* Checkboxes */
340 foreach (array("force_gid", "smbgroup") as $val){
341 if ($this->$val == "1"){
342 $smarty->assign("$val", "checked");
343 } else {
344 $smarty->assign("$val", "");
345 }
346 }
347 if ($this->force_gid != "1"){
348 $smarty->assign("forceMode", "disabled");
349 }else{
350 $smarty->assign("forceMode", "");
351 }
352 $smarty->assign("force_gidACL", chkacl($this->acl, "gidNumber"));
353 $smarty->assign("sambaDomainNameACL", chkacl($this->acl, "sambaDomainName"));
354 if ($this->fon_group){
355 $smarty->assign("fon_group", "checked");
356 } else {
357 $smarty->assign("fon_group", "");
358 }
359 $smarty->assign("fon_groupACL", chkacl($this->acl, "fon_group"));
361 if ($this->nagios_group){
362 $smarty->assign("nagios_group", "checked");
363 } else {
364 $smarty->assign("nagios_group", "");
365 }
366 $smarty->assign("nagios_groupACL", chkacl($this->acl, "nagios_group"));
368 /* Fields */
369 foreach (array("cn", "description", "gidNumber") as $val){
370 $smarty->assign("$val", $this->$val);
371 $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
372 }
374 /* Missing ACL's */
375 foreach (array("base", "smbgroup", "members") as $val){
376 $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
377 }
379 /* Show main page */
380 $smarty->assign("alphabet", generate_alphabet(10));
381 $smarty->assign("search_image", get_template_path('images/search.png'));
382 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
383 $smarty->assign("tree_image", get_template_path('images/tree.png'));
384 $smarty->assign("deplist", $this->config->idepartments);
385 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
386 }
388 function addUser($uid)
389 {
390 $this->memberUid[]= $uid;
391 $this->memberUid= array_unique($this->memberUid);
392 }
394 function removeUser($uid)
395 {
396 $temp= array();
397 foreach ($this->memberUid as $value){
398 if ($value != $uid){
399 $temp[]= $value;
400 }
401 }
402 $this->memberUid= $temp;
403 }
406 /* Reload data */
407 function reload()
408 {
409 /* Fix regex string */
410 $gufilter = get_global("gufilter");
411 $regex = normalizeLdap($gufilter['regex']);
412 $MaxUser = $this->OnlyShowFirstEntries;
414 /* Prepare ldap link */
415 $ldap= $this->config->get_ldap_link();
416 $ldap->cd($gufilter['dselect']);
419 /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
420 (Store gathered sn/givenName informations in $this->allusers too,
421 to be prepared when adding/deleting users)
422 */
423 $filter = "";
424 foreach ($this->memberUid as $value){
425 if(!isset($this->members[$value])){
426 $filter .= "(uid=".normalizeLdap($value).")";
427 }
428 }
429 if(!empty($filter)){
430 $ldap->search("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(|".$filter."))",array("uid","sn","givenName"));
431 while($attrs = $ldap->fetch()){
432 $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
433 $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
434 }
435 }
437 /* check if all uids are resolved */
438 foreach ($this->memberUid as $value){
439 if(!isset($this->members[$value])){
440 $this->members[$value] = _("! unknown id")." [".$value."]";
441 }
442 }
444 /* Create display list of users matching regex & filter
445 */
446 $this->displayUsers = array();
447 $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
449 /* Search in current tree or within subtrees depending on the checkbox from filter section */
450 if($gufilter['SubSearchGroup']){
451 $ldap->search($filter, array("uid", "sn","givenName"));
452 }else{
453 $ldap->ls ($filter, get_people_ou().$gufilter['dselect'],array("uid", "sn", "givenName"));
454 }
455 $i = 0;
457 /* Fetch all users and skip already used users */
458 while($attrs = $ldap->fetch()){
459 if(in_array($attrs['uid'][0], $this->memberUid)) {
460 continue;
461 }
462 $i ++;
463 if($i > $MaxUser) {
464 break;
465 }
466 $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
467 $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
468 }
470 /* If more than max users are found, display a message to warn the user */
471 if(($i == $MaxUser)){
472 print_red(sprintf(_("Your search method returned more than '%s' users, only '%s' users are shown.") , $MaxUser,$MaxUser));
473 }
475 /* Sort lists */
476 natcasesort($this->members);
477 reset($this->members);
478 natcasesort ($this->displayUsers);
479 reset ($this->displayUsers);
480 }
483 /* Create display name, this was used so often that it is excluded into a seperate function */
484 function createResultName($attrs)
485 {
486 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
487 $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
488 } else {
489 $ret= $attrs['uid'][0];
490 }
491 return($ret);
492 }
495 function remove_from_parent()
496 {
497 plugin::remove_from_parent();
499 $ldap= $this->config->get_ldap_link();
500 $ldap->rmdir($this->dn);
501 show_ldap_error($ldap->get_error());
503 /* Delete references to object groups */
504 $ldap->cd ($this->config->current['BASE']);
505 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".$this->dn."))", array("cn"));
506 while ($ldap->fetch()){
507 $og= new ogroup($this->config, $ldap->getDN());
508 unset($og->member[$this->dn]);
509 $og->save ();
510 }
512 /* Send signal to the world that we've done */
513 $this->handle_post_events("remove");
514 }
517 /* Save data to object */
518 function save_object()
519 {
520 /* Save additional values for possible next step */
521 if (isset($_POST['groupedit'])){
523 plugin::save_object();
525 $this->force_gid= 0;
526 $this->smbgroup= 0;
527 foreach (array("force_gid", "department", "base", "smbgroup") as $val) {
528 if (chkacl ($this->acl, "$val") == "" && isset($_POST["$val"])){
529 $this->$val= $_POST["$val"];
530 }
531 }
533 /* Save sambaDomain attribute */
534 if (chkacl ($this->acl, "sambaDomainName") == "" && $this->samba3 &&
535 isset ($_POST['sambaDomainName'])){
537 $this->sambaDomainName= $_POST['sambaDomainName'];
538 $this->groupType= $_POST['groupType'];
539 }
541 /* Save fon attribute */
542 if (chkacl ($this->acl, "fon_group") == ""){
543 if (isset ($_POST['fon_group'])){
544 $this->fon_group= TRUE;
545 } else {
546 $this->fon_group= FALSE;
547 }
548 }
549 if (chkacl ($this->acl, "nagios_group") == ""){
550 if (isset ($_POST['nagios_group'])){
551 $this->nagios_group= TRUE;
552 } else {
553 $this->nagios_group= FALSE;
554 }
555 }
556 }
557 }
560 /* Save to LDAP */
561 function save()
562 {
564 /* ID handling */
565 if ($this->force_gid == 0){
566 if ($this->saved_gidNumber != ""){
567 $this->gidNumber= $this->saved_gidNumber;
568 } else {
569 /* Calculate new, lock uids */
570 $wait= 10;
571 while (get_lock("uidnumber") != ""){
572 sleep (1);
574 /* timed out? */
575 if ($wait-- == 0){
576 break;
577 }
578 }
579 add_lock ("uidnumber", "gosa");
580 $this->gidNumber= $this->get_next_id("gidNumber");
581 }
582 }
584 /* If release management is enabled ....
585 Append release name to description tag ..
586 #FIXME release name within description is a very bad solution, use ldap attribute instead
587 */
588 $tmp = search_config($this->config->data,"faiManagement","CLASS");
589 if(!empty($tmp)){
590 if(isset($this->parent)){
591 if(isset($this->parent->by_object['appgroup'])){
592 $baseObj = $this->parent->by_object['appgroup'];
593 if($baseObj->is_account){
594 if(isset($baseObj->Release)){
595 $this->description .= " (".trim($baseObj->Release).")";
596 }
597 }
598 }
599 }
600 }
602 plugin::save();
604 /* Remove objectClass for samba/phone support */
605 $tmp= array();
606 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
607 if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
608 $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
609 $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
610 $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
611 $tmp[]= $this->attrs['objectClass'][$i];
612 }
613 }
614 $this->attrs['objectClass']= $tmp;
615 $ldap= $this->config->get_ldap_link();
617 /* Add samba group functionality */
618 if ($this->samba3 && $this->smbgroup){
620 /* Fixed undefined index ...
621 */
622 $this->SID = $this->ridBase = "";
623 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
624 $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
625 }else{
626 print_red(sprintf(_("No configured SID found for '%s'."),$this->sambaDomainName));
627 }
628 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
629 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
630 }else{
631 print_red(sprintf(_("No configured RIDBASE found for '%s'."),$this->sambaDomainName));
632 }
634 $this->attrs['objectClass'][]= 'sambaGroupMapping';
635 $this->attrs['sambaGroupType']= "2";
637 /* Check if we need to create a special entry */
638 if ($this->groupType == 0){
640 if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
641 $gidNumber= $this->gidNumber;
642 while(TRUE){
643 $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
644 $ldap->cd($this->config->current['BASE']);
645 $ldap->search("(sambaSID=$sid)",array("sambaSID"));
646 if ($ldap->count() == 0){
647 break;
648 }
649 $gidNumber++;
650 }
651 $this->attrs['sambaSID']= $sid;
652 $this->sambaSID= $sid;
653 }
655 } else {
656 $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
657 }
659 /* User wants me to fake the idMappings? This is useful for
660 making winbind resolve the group names in a reasonable amount
661 of time in combination with larger databases. */
662 if (isset($this->config->current['SAMBAIDMAPPING']) &&
663 preg_match('/true/i', $this->config->current['SAMBAIDMAPPING'])){
664 $this->attrs['objectClass'][]= "sambaIdmapEntry";
665 }
667 }
669 /* Add phone functionality */
670 if ($this->fon_group){
671 $this->attrs['objectClass'][]= "goFonPickupGroup";
672 }
674 /* Add nagios functionality */
675 if ($this->nagios_group){
676 $this->attrs['objectClass'][]= "nagiosContactGroup";
677 }
679 /* Take members array */
680 if (count ($this->memberUid)){
681 $this->attrs['memberUid']= array_unique($this->memberUid);
682 }
684 /* New accounts need proper 'dn', propagate it to remaining objects */
685 if ($this->dn == 'new'){
686 $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
687 }
689 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
690 new entries. So do a check first... */
691 $ldap->cat ($this->dn);
692 if ($ldap->fetch()){
693 /* Modify needs array() to remove values :-( */
694 if (!count ($this->memberUid)){
695 $this->attrs['memberUid']= array();
696 }
697 if ($this->samba3){
698 if (!$this->smbgroup){
699 $this->attrs['sambaGroupType']= array();
700 $this->attrs['sambaSID']= array();
701 }
702 }
703 $mode= "modify";
704 } else {
705 $mode= "add";
706 $ldap->cd($this->config->current['BASE']);
707 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
708 }
710 /* Write back to ldap */
711 $ldap->cd($this->dn);
712 $this->cleanup();
713 $ldap->$mode($this->attrs);
715 $ret= 0;
716 if (show_ldap_error($ldap->get_error())){
717 $ret= 1;
718 }
720 /* Remove uid lock */
721 del_lock ("uidnumber");
723 /* Post that we've done*/
724 $this->handle_post_events($mode);
726 return ($ret);
727 }
729 function check()
730 {
731 /* Call common method to give check the hook */
732 $message= plugin::check();
734 /* Permissions for that base? */
735 if ($this->base != ""){
736 $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
737 } else {
738 $new_dn= $this->dn;
739 }
741 $ui= get_userinfo();
742 $acl= get_permissions ($ui->dn, $ui->subtreeACL);
743 $acl= get_module_permission($acl, "group", $ui->dn);
744 if (chkacl($this->acl, "create") != ""){
745 $message[]= _("You have no permissions to create a group on this 'Base'.");
746 }
748 /* must: cn */
749 if ($this->cn == "" && chkacl ($this->acl, "cn") == ""){
750 $message[]= "The required field 'Name' is not set.";
751 }
753 /* Check for valid input */
754 if (!is_uid($this->cn)){
755 $message[]= _("The field 'Name' contains invalid characters. Lowercase, numbers and dashes are allowed.");
756 }
759 if($this->allowGroupsWithSameNameInOtherSubtrees == true){
761 /* Check for used 'cn' */
762 $ldap= $this->config->get_ldap_link();
763 if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
764 $ldap->cd("ou=groups,".$this->base);
765 //FIXME: hardcoded ou=groups,
766 $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))","ou=groups,".$this->base,array("cn"));
767 if ($ldap->count() != 0){
768 $message[]= _("Value specified as 'Name' is already used.");
769 }
770 }
772 }else{
774 /* Check for used 'cn' */
775 $ldap= $this->config->get_ldap_link();
776 $ldap->cd($this->config->current['BASE']);
777 $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
778 if ($ldap->count() != 0){
780 /* New entry? */
781 if ($this->dn == 'new'){
782 $message[]= _("Value specified as 'Name' is already used.");
783 }
785 /* Moved? */
786 elseif ($new_dn != $this->orig_dn){
787 $ldap->fetch();
788 if ($ldap->getDN() != $this->orig_dn){
789 $message[]= _("Value specified as 'Name' is already used.");
790 }
791 }
792 }
793 }
795 /* Check ID */
796 if ($this->force_gid == "1"){
797 if (!is_id($this->gidNumber)){
798 $message[]= _("Value specified as 'GID' is not valid.");
799 } else {
800 if ($this->gidNumber < $this->config->current['MINID']){
801 $message[]= _("Value specified as 'GID' is too small.");
802 }
804 }
805 }
807 return ($message);
808 }
810 function get_next_id($attrib)
811 {
812 $ids= array();
813 $ldap= $this->config->get_ldap_link();
815 $ldap->cd ($this->config->current['BASE']);
816 if (preg_match('/gidNumber/i', $attrib)){
817 $oc= "posixGroup";
818 } else {
819 $oc= "posixAccount";
820 }
821 $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
823 /* Get list of ids */
824 while ($attrs= $ldap->fetch()){
825 $ids[]= (int)$attrs["$attrib"][0];
826 }
828 /* Find out next free id near to UID_BASE */
829 for ($id= $this->config->current['UIDBASE']; $id++; $id<65000){
830 if (!in_array($id, $ids)){
831 return ($id);
832 }
833 }
835 /* Should not happen */
836 if ($id == 65000){
837 print_red(_("Too many users, can't allocate a free ID!"));
838 exit;
839 }
840 }
842 function getCopyDialog()
843 {
844 $vars = array("cn");
846 if($this ->force_gid){
847 $used = " checked ";
848 $dis = "";
849 }else{
850 $used = "";
851 $dis = " disabled ";
852 }
854 $smarty = get_smarty();
855 $smarty->assign("used",$used);
856 $smarty->assign("dis" ,$dis);
857 $smarty->assign("cn" ,$this->cn);
858 $smarty->assign("gidNumber",$this->gidNumber);
859 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
860 $ret = array();
861 $ret['string'] = $str;
862 $ret['status'] = "";
863 return($ret);
864 }
866 function saveCopyDialog()
867 {
868 if(isset($_POST['cn'])){
869 $this->cn = $_POST['cn'];
870 }
871 if(isset($_POST['force_gid'])){
872 $this->force_gid = 1;
873 $this->gidNumber= $_POST['gidNumber'];
874 }else{
875 $this->force_gid = 0;
876 $this->gidNumber = false;
877 }
878 }
879 }
881 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
882 ?>