![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
3 class group extends plugin
4 {
5 /* CLI vars */
6 var $cli_summary= "Handling of GOsa's base group object";
7 var $cli_description= "Some longer text\nfor help";
8 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
10 /* Group attributes */
11 var $cn= "";
12 var $description= "";
13 var $gidNumber= "";
14 var $memberUid= array();
16 /* Helpers */
17 var $base= "";
18 var $force_gid= FALSE;
19 var $fon_group= FALSE;
20 var $smbgroup= FALSE;
21 var $groupType= FALSE;
22 var $samba3= FALSE;
23 var $sambaSID= "";
24 var $sambaDomainName= "DEFAULT";
25 var $SID= "";
26 var $ridBase= 0;
27 var $members= array();
28 var $users= array();
29 var $member= array();
30 var $allusers= array();
31 var $saved_gidNumber= "";
32 var $oldgroupType= "";
33 var $orig_dn= "";
34 var $orig_cn= "";
35 var $has_mailAccount= FALSE;
36 var $group_dialog= FALSE;
37 var $nagios_group =FALSE;
38 var $sambaGroupType;
39 var $dialog;
40 var $rfc2307bis= FALSE;
41 var $OnlyShowFirstEntries =200;
42 var $dnMapping= array();
44 var $allowGroupsWithSameNameInOtherSubtrees = true;
46 /* attribute list for save action */
47 var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID");
48 var $objectclasses= array("top", "posixGroup");
50 var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType");
52 function group ($config, $dn= NULL)
53 {
54 /* Set rfc2307bis flag */
55 if (isset($config->current['RFC2307BIS']) && ($config->current['RFC2307BIS']== "true")){
56 $this->rfc2307bis= TRUE;
57 $this->attributes[]= "member";
58 $this->objectclasses[]= "groupOfNames";
59 }
61 plugin::plugin ($config, $dn);
63 /* Load attributes depending on the samba version */
64 $this->samba3= ($config->current['SAMBAVERSION'] == 3);
65 $this->orig_dn= $dn;
66 $this->orig_cn= $this->cn;
68 /* Get member list */
69 if (isset($this->attrs['memberUid'][0])){
70 $tmp= array();
71 for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
72 $tmp[]= $this->attrs['memberUid'][$i];
73 }
74 $this->memberUid= $tmp;
75 sort ($this->memberUid);
76 }
78 /* Save gidNumber for later use */
79 if (isset($this->attrs['gidNumber'])){
80 $this->saved_gidNumber= $this->attrs['gidNumber'][0];
81 }
83 /* Is a samba group? */
84 if (isset($this->attrs['objectClass'])){
85 if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == NULL ){
86 $this->smbgroup= FALSE;
87 } else {
88 $this->smbgroup= TRUE;
89 if (isset($this->attrs['sambaSID'])){
90 $this->sambaSID= $this->attrs['sambaSID'][0];
91 }
92 }
93 if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == NULL ){
94 $this->fon_group= FALSE;
95 } else {
96 $this->fon_group= TRUE;
97 }
98 if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == NULL ){
99 $this->nagios_group= FALSE;
100 } else {
101 $this->nagios_group= TRUE;
102 }
103 }
105 /* Set mail flag */
106 if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
107 $this->has_mailAccount= TRUE;
108 }
110 /* Get samba Domain in case of samba 3 */
111 if ($this->samba3 && $this->sambaSID != ""){
112 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
113 $ldap= $this->config->get_ldap_link();
114 $ldap->cd($this->config->current['BASE']);
115 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
116 if ($ldap->count() != 0){
117 $attrs= $ldap->fetch();
118 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
120 /* Get domain name for SID */
121 $this->sambaDomainName= "DEFAULT";
122 foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
123 if ($val['SID'] == $this->SID){
124 $this->sambaDomainName= $key;
125 break;
126 }
127 }
128 } else {
129 if (isset($this->config->current['RIDBASE'])){
130 $this->sambaDomainName= "DEFAULT";
131 $this->ridBase= $this->config->current['RIDBASE'];
132 $this->SID= $this->config->current['SID'];
133 } else {
134 print_red(_("Can't find this groups SID in LDAP or in your configuration file!"));
135 }
136 }
138 /* Get group type */
139 $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
140 if ($this->groupType < 500 || $this->groupType > 553){
141 $this->groupType= 0;
142 }
143 $this->oldgroupType= $this->groupType;
144 }
146 /* Get global filter config */
147 if (!is_global("gufilter")){
148 $ui= get_userinfo();
149 $base= get_base_from_people($ui->dn);
150 $gufilter= array( "dselect" => $base,
151 "regex" => "*");
152 register_global("gufilter", $gufilter);
153 }
154 $gufilter= get_global('gufilter');
156 $gufilter['SubSearchGroup'] = false;
157 $gufilter['dselect'] = $_SESSION['gufilter']['dselect'];
159 register_global('gufilter',$gufilter);
161 if ($this->dn == "new"){
162 if(isset($_SESSION['CurrentMainBase'])){
163 $this->base= $_SESSION['CurrentMainBase'];
164 }else{
165 $ui= get_userinfo();
166 $this->base= dn2base($ui->dn);
167 }
168 } else {
170 /* Get object base */
171 $this->base =preg_replace ("/^[^,]+,".normalizePreg(get_groups_ou())."/","",$this->dn);
172 }
174 if($this->dn != "new"){
175 @log::log("view","groups/".get_class($this),$this->dn);
176 }
178 /* This is always an account */
179 $this->is_account= TRUE;
180 $this->reload();
181 }
183 function execute()
184 {
185 /* Call parent execute */
186 plugin::execute();
188 /* Do we represent a valid group? */
189 if (!$this->is_account && $this->parent == NULL){
190 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
191 _("This 'dn' is no group.")."</b>";
192 return ($display);
193 }
195 /* Delete user from group */
196 if (isset($_POST['del_users']) && isset($_POST['members'])){
197 foreach ($_POST['members'] as $value){
198 unset ($this->members["$value"]);
199 $this->removeUser($value);
200 }
201 $this->reload();
202 }
204 /* Add objects? */
205 if (isset($_POST["edit_membership"])){
206 $this->group_dialog= TRUE;
207 $this->dialog= TRUE;
208 }
210 /* Add objects finished? */
211 if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
212 $this->group_dialog= FALSE;
213 $this->dialog= FALSE;
214 }
216 /* Add user to group */
217 if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
218 foreach ($_POST['users'] as $value){
219 $this->members["$value"]= $this->allusers[$value];
220 asort($this->members);
221 $this->addUser($value);
222 }
223 $this->reload();
224 }
226 /* Base select dialog */
227 $once = true;
228 foreach($_POST as $name => $value){
229 if((preg_match("/^chooseBase/",$name) && $once) && ($this->acl_is_moveable())){
231 $once = false;
232 $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
233 $this->dialog->setCurrentBase($this->base);
234 }
235 }
237 /* Dialog handling */
238 if(is_object($this->dialog)){
239 /* Must be called before save_object */
240 $this->dialog->save_object();
242 if($this->dialog->isClosed()){
243 $this->dialog = false;
244 }elseif($this->dialog->isSelected()){
246 /* Check if selected base is valid */
247 $tmp = $this->get_allowed_bases();
248 if(isset($tmp[$this->dialog->isSelected()])){
249 $this->base = $this->dialog->isSelected();
250 }
251 $this->dialog= false;
252 }else{
253 return($this->dialog->execute());
254 }
255 }
257 /* Assign templating stuff */
258 $smarty= get_smarty();
259 if ($this->samba3){
260 $smarty->assign("samba3", "true");
261 } else {
262 $smarty->assign("samba3", "");
263 }
265 if(search_config($this->config->data['MENU'], "nagiosaccount", "CLASS")){
266 $smarty->assign("nagios",true);
267 }else{
268 $smarty->assign("nagios",false);
269 }
271 if(search_config($this->config->data['MENU'], "phoneAccount", "CLASS")){
272 $smarty->assign("pickupGroup",true);
273 }else{
274 $smarty->assign("pickupGroup",false);
275 }
277 /* Manage object add dialog */
278 if ($this->group_dialog){
280 /* Save data */
281 $gufilter= get_global("gufilter");
282 foreach( array("dselect", "regex") as $type){
283 if (isset($_POST[$type])){
284 $gufilter[$type]= $_POST[$type];
285 }
286 }
287 if(isset($_POST['regex'])){
288 if(isset($_POST['SubSearchGroup'])){
289 $gufilter['SubSearchGroup'] = true;
290 }else{
291 $gufilter['SubSearchGroup'] = false;
292 }
293 }
295 if (isset($_GET['search'])){
296 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
297 if ($s == "**"){
298 $s= "*";
299 }
300 $gufilter['regex']= $s;
301 }
302 register_global("gufilter", $gufilter);
303 $this->reload();
305 /* Show dialog */
306 $smarty->assign("search_image", get_template_path('images/search.png'));
307 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
308 $smarty->assign("tree_image", get_template_path('images/tree.png'));
310 $smarty->assign("deplist", $this->get_allowed_bases("users/user"));
311 $smarty->assign("alphabet", generate_alphabet());
312 foreach( array("dselect", "regex","SubSearchGroup") as $type){
313 $smarty->assign("$type", $gufilter[$type]);
314 }
315 $smarty->assign("hint", print_sizelimit_warning());
316 $smarty->assign("users", $this->displayUsers);
317 $smarty->assign("apply", apply_filter());
318 $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
319 return ($display);
320 }
322 $smarty->assign("bases", $this->get_allowed_bases());
323 $smarty->assign("base_select", $this->base);
325 if ($this->samba3){
326 $domains= array();
327 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
328 $domains[$name]= $name;
329 }
330 $smarty->assign("sambaDomains", $domains);
331 $smarty->assign("sambaDomainName", $this->sambaDomainName);
332 $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
333 514 => _("Domain guests"));
335 /* Don't loose special groups! If not key'ed above, add it to
336 the combo box... */
337 if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
338 $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
339 }
341 $smarty->assign("groupTypes", $groupTypes);
342 $smarty->assign("groupType", $this->groupType);
343 }
345 /* Members and users */
346 $smarty->assign("members", $this->members);
348 /* Checkboxes */
349 foreach (array("force_gid", "smbgroup") as $val){
350 if ($this->$val == "1"){
351 $smarty->assign("$val", "checked");
352 } else {
353 $smarty->assign("$val", "");
354 }
355 }
356 if ($this->force_gid != "1"){
357 $smarty->assign("forceMode", "disabled");
358 }else{
359 $smarty->assign("forceMode", "");
360 }
361 if ($this->fon_group){
362 $smarty->assign("fon_group", "checked");
363 } else {
364 $smarty->assign("fon_group", "");
365 }
367 if ($this->nagios_group){
368 $smarty->assign("nagios_group", "checked");
369 } else {
370 $smarty->assign("nagios_group", "");
371 }
373 /* Fields */
374 foreach (array("cn", "description", "gidNumber") as $val){
375 $smarty->assign("$val", $this->$val);
376 }
378 $tmp = $this->plInfo();
379 foreach($tmp['plProvidedAcls'] as $name => $translation){
380 $smarty->assign($name."ACL",$this->getacl($name));
381 }
383 if($this->acl_is_writeable("base")){
384 $smarty->assign("baseSelect",true);
385 }else{
386 $smarty->assign("baseSelect",false);
387 }
389 /* Show main page */
390 $smarty->assign("alphabet", generate_alphabet(10));
391 $smarty->assign("search_image", get_template_path('images/search.png'));
392 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
393 $smarty->assign("tree_image", get_template_path('images/tree.png'));
394 $smarty->assign("deplist", $this->config->idepartments);
395 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
396 }
398 function addUser($uid)
399 {
400 $this->memberUid[]= $uid;
401 $this->memberUid= array_unique($this->memberUid);
402 }
404 function removeUser($uid)
405 {
406 $temp= array();
407 foreach ($this->memberUid as $value){
408 if ($value != $uid){
409 $temp[]= $value;
410 }
411 }
412 $this->memberUid= $temp;
413 }
416 /* Reload data */
417 function reload()
418 {
419 /* Fix regex string */
420 $gufilter = get_global("gufilter");
421 $regex = normalizeLdap($gufilter['regex']);
422 $MaxUser = $this->OnlyShowFirstEntries;
424 /* Prepare ldap link */
425 $ldap= $this->config->get_ldap_link();
426 $ldap->cd($gufilter['dselect']);
429 /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
430 (Store gathered sn/givenName informations in $this->allusers too,
431 to be prepared when adding/deleting users)
432 */
433 $filter = "";
434 foreach ($this->memberUid as $value){
435 if(!isset($this->members[$value])){
436 $filter .= "(uid=".normalizeLdap($value).")";
437 }
438 }
439 if(!empty($filter)){
440 $ldap->cd($this->config->current['BASE']);
441 $ldap->search("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(|".$filter."))",array("dn", "uid","sn","givenName"));
442 while($attrs = $ldap->fetch()){
443 $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
444 $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
445 $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
446 }
447 }
449 /* check if all uids are resolved */
450 foreach ($this->memberUid as $value){
451 if(!isset($this->members[$value])){
452 $this->members[$value] = _("! unknown id")." [".$value."]";
453 }
454 }
456 /* Create display list of users matching regex & filter
457 */
458 $this->displayUsers = array();
459 $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
461 /* Search in current tree or within subtrees depending on the checkbox from filter section */
462 if($gufilter['SubSearchGroup']){
463 $flag = GL_SIZELIMIT | GL_SUBSEARCH;
464 $base = $gufilter['dselect'];
465 }else{
466 $flag = GL_SIZELIMIT ;
467 $base = get_people_ou().$gufilter['dselect'];
468 }
469 $i = 0;
472 $res = get_list($filter,"users",$base,array("dn", "uid", "sn", "givenName"),$flag);
474 /* Fetch all users and skip already used users */
475 foreach($res as $attrs){
476 if(in_array($attrs['uid'][0], $this->memberUid)) {
477 continue;
478 }
479 $i ++;
480 if($i > $MaxUser) {
481 break;
482 }
483 $this->dnMapping[$attrs['uid'][0]]= $attrs["dn"];
484 $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
485 $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
486 }
488 /* If more than max users are found, display a message to warn the user */
489 if(($i == $MaxUser)){
490 print_red(sprintf(_("Your search method returned more than '%s' users, only '%s' users are shown.") , $MaxUser,$MaxUser));
491 }
493 /* Sort lists */
494 natcasesort($this->members);
495 reset($this->members);
496 natcasesort ($this->displayUsers);
497 reset ($this->displayUsers);
498 }
501 /* Create display name, this was used so often that it is excluded into a seperate function */
502 function createResultName($attrs)
503 {
504 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
505 $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
506 } else {
507 $ret= $attrs['uid'][0];
508 }
509 return($ret);
510 }
513 function remove_from_parent()
514 {
515 plugin::remove_from_parent();
517 $ldap= $this->config->get_ldap_link();
518 $ldap->rmdir($this->dn);
519 show_ldap_error($ldap->get_error(), sprintf(_("Removing of groups/generic with dn '%s' failed."),$this->dn));
521 @log::log("remove","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
523 /* Delete references to object groups */
524 $ldap->cd ($this->config->current['BASE']);
525 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".$this->dn."))", array("cn"));
526 while ($ldap->fetch()){
527 $og= new ogroup($this->config, $ldap->getDN());
528 unset($og->member[$this->dn]);
529 $og->save ();
530 }
532 /* Send signal to the world that we've done */
533 $this->handle_post_events("remove");
534 }
537 /* Save data to object */
538 function save_object()
539 {
540 /* Save additional values for possible next step */
541 if (isset($_POST['groupedit'])){
543 /* Create a base backup and reset the
544 base directly after calling plugin::save_object();
545 Base will be set seperatly a few lines below */
546 $base_tmp = $this->base;
547 plugin::save_object();
548 $this->base = $base_tmp;
550 $this->force_gid= 0;
552 /* Only reset sambagroup flag if we are able to write this flag */
553 if($this->acl_is_writeable("sambaGroupType")){
554 $this->smbgroup = 0;
555 }
557 /* Get base selection */
558 if(isset($_POST['base'])){
559 $tmp = $this->get_allowed_bases();
560 if(isset($tmp[$_POST['base']])){
561 $this->base = $_POST['base'];
562 }
563 }
565 foreach (array(
566 "force_gid" => "gidNumber",
567 "smbgroup" => "sambaGroupType") as $val => $aclname) {
568 if ($this->acl_is_writeable($aclname) && isset($_POST["$val"])){
569 $this->$val= $_POST["$val"];
570 }
571 }
573 /* Save sambaDomain attribute */
574 if ($this->acl_is_writeable("sambaDomainName") && $this->samba3 && isset ($_POST['sambaDomainName'])){
575 $this->sambaDomainName= $_POST['sambaDomainName'];
576 $this->groupType= $_POST['groupType'];
577 }
579 /* Save fon attribute */
580 if ($this->acl_is_writeable("fon_group")){
581 if (isset ($_POST['fon_group'])){
582 $this->fon_group= TRUE;
583 } else {
584 $this->fon_group= FALSE;
585 }
586 }
587 if ($this->acl_is_writeable("nagios_group")){
588 if (isset ($_POST['nagios_group'])){
589 $this->nagios_group= TRUE;
590 } else {
591 $this->nagios_group= FALSE;
592 }
593 }
594 }
595 }
598 /* Save to LDAP */
599 function save()
600 {
602 /* ID handling */
603 if ($this->force_gid == 0){
604 if ($this->saved_gidNumber != ""){
605 $this->gidNumber= $this->saved_gidNumber;
606 } else {
607 /* Calculate new, lock uids */
608 $wait= 10;
609 while (get_lock("uidnumber") != ""){
610 sleep (1);
612 /* timed out? */
613 if ($wait-- == 0){
614 break;
615 }
616 }
617 add_lock ("uidnumber", "gosa");
618 $this->gidNumber= $this->get_next_id("gidNumber", $this->dn);
619 }
620 }
622 plugin::save();
624 /* Remove objectClass for samba/phone support */
625 $tmp= array();
626 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
627 if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
628 $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
629 $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
630 $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
631 $tmp[]= $this->attrs['objectClass'][$i];
632 }
633 }
634 $this->attrs['objectClass']= $tmp;
635 $ldap= $this->config->get_ldap_link();
637 /* Add samba group functionality */
638 if ($this->samba3 && $this->smbgroup){
640 /* Fixed undefined index ...
641 */
642 $this->SID = $this->ridBase = "";
643 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
644 $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
645 }else{
646 print_red(sprintf(_("No configured SID found for '%s'."),$this->sambaDomainName));
647 }
648 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
649 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
650 }else{
651 print_red(sprintf(_("No configured RIDBASE found for '%s'."),$this->sambaDomainName));
652 }
654 $this->attrs['objectClass'][]= 'sambaGroupMapping';
655 $this->attrs['sambaGroupType']= "2";
657 /* Check if we need to create a special entry */
658 if ($this->groupType == 0){
660 if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
661 $gidNumber= $this->gidNumber;
662 while(TRUE){
663 $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
664 $ldap->cd($this->config->current['BASE']);
665 $ldap->search("(sambaSID=$sid)",array("sambaSID"));
666 if ($ldap->count() == 0){
667 break;
668 }
669 $gidNumber++;
670 }
671 $this->attrs['sambaSID']= $sid;
672 $this->sambaSID= $sid;
673 }
675 } else {
676 $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
677 }
679 /* User wants me to fake the idMappings? This is useful for
680 making winbind resolve the group names in a reasonable amount
681 of time in combination with larger databases. */
682 if (isset($this->config->current['SAMBAIDMAPPING']) &&
683 preg_match('/true/i', $this->config->current['SAMBAIDMAPPING'])){
684 $this->attrs['objectClass'][]= "sambaIdmapEntry";
685 }
687 }
689 /* Add phone functionality */
690 if ($this->fon_group){
691 $this->attrs['objectClass'][]= "goFonPickupGroup";
692 }
694 /* Add nagios functionality */
695 if ($this->nagios_group){
696 $this->attrs['objectClass'][]= "nagiosContactGroup";
697 }
699 /* Take members array */
700 if (count ($this->memberUid)){
701 $this->attrs['memberUid']= array_unique($this->memberUid);
702 }
704 /* New accounts need proper 'dn', propagate it to remaining objects */
705 if ($this->dn == 'new'){
706 $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
707 }
709 /* Add member dn's for RFC2307bis Support */
710 if ($this->rfc2307bis){
711 if (count($this->memberUid)){
712 $this->attrs['member'] = array();
713 foreach($this->attrs['memberUid'] as $uid) {
714 $this->attrs['member'][]= $this->dnMapping[$uid];
715 }
716 } else {
717 $this->attrs['member'][]= $this->dn;
718 }
719 }
721 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
722 new entries. So do a check first... */
723 $ldap->cat ($this->dn, array('dn'));
724 if ($ldap->fetch()){
725 /* Modify needs array() to remove values :-( */
726 if (!count ($this->memberUid)){
727 $this->attrs['memberUid']= array();
728 }
729 if ($this->samba3){
730 if (!$this->smbgroup){
731 $this->attrs['sambaGroupType']= array();
732 $this->attrs['sambaSID']= array();
733 }
734 }
735 $mode= "modify";
736 } else {
737 $mode= "add";
738 $ldap->cd($this->config->current['BASE']);
739 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
740 }
742 /* Write back to ldap */
743 $ldap->cd($this->dn);
744 $this->cleanup();
745 $ldap->$mode($this->attrs);
747 if($this->initially_was_account){
748 @log::log("modify","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
749 }else{
750 @log::log("create","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
751 }
753 $ret= 0;
754 if ( show_ldap_error($ldap->get_error(), sprintf(_("Removing of groups/generic with dn '%s' failed."),$this->dn))){
755 $ret= 1;
756 }
758 /* Remove uid lock */
759 del_lock ("uidnumber");
761 /* Post that we've done*/
762 $this->handle_post_events($mode);
764 return ($ret);
765 }
767 function check()
768 {
769 /* Call common method to give check the hook */
770 $message= plugin::check();
772 /* Permissions for that base? */
773 if ($this->base != ""){
774 $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
775 } else {
776 $new_dn= $this->dn;
777 }
779 /* must: cn */
780 if ($this->cn == "" && $this->acl_is_writeable("cn")){
781 $message[]= "The required field 'Name' is not set.";
782 }
784 /* Check for valid input */
785 if (!is_uid($this->cn)){
786 $message[]= _("The field 'Name' contains invalid characters. Lowercase, numbers and dashes are allowed.");
787 }
789 if($this->allowGroupsWithSameNameInOtherSubtrees == true){
791 /* Check for used 'cn' */
792 $ldap= $this->config->get_ldap_link();
793 if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
794 $ldap->cd("ou=groups,".$this->base);
795 $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
796 if ($ldap->count() != 0){
797 $message[]= _("Value specified as 'Name' is already used.");
798 }
799 }
801 }else{
803 /* Check for used 'cn' */
804 $ldap= $this->config->get_ldap_link();
805 $ldap->cd($this->config->current['BASE']);
806 $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
807 if ($ldap->count() != 0){
809 /* New entry? */
810 if ($this->dn == 'new'){
811 $message[]= _("Value specified as 'Name' is already used.");
812 }
814 /* Moved? */
815 elseif ($new_dn != $this->orig_dn){
816 $ldap->fetch();
817 if ($ldap->getDN() != $this->orig_dn){
818 $message[]= _("Value specified as 'Name' is already used.");
819 }
820 }
821 }
822 }
824 /* Check ID */
825 if ($this->force_gid == "1"){
826 if (!is_id($this->gidNumber)){
827 $message[]= _("Value specified as 'GID' is not valid.");
828 } else {
829 if ($this->gidNumber < $this->config->current['MINID']){
830 $message[]= _("Value specified as 'GID' is too small.");
831 }
833 }
834 }
836 return ($message);
837 }
839 function get_next_id($attrib, $dn)
840 {
841 $ids= array();
842 $ldap= $this->config->get_ldap_link();
844 $ldap->cd ($this->config->current['BASE']);
845 if (preg_match('/gidNumber/i', $attrib)){
846 $oc= "posixGroup";
847 } else {
848 $oc= "posixAccount";
849 }
850 $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
852 /* Get list of ids */
853 while ($attrs= $ldap->fetch()){
854 $ids[]= (int)$attrs["$attrib"][0];
855 }
857 /* Find out next free id near to UID_BASE */
858 if (!isset($this->config->current['BASE_HOOK'])){
859 $base= $this->config->current['UIDBASE'];
860 } else {
861 /* Call base hook */
862 $base= get_base_from_hook($dn, $attrib);
863 }
864 for ($id= $base; $id++; $id < pow(2,32)){
865 if (!in_array($id, $ids)){
866 return ($id);
867 }
868 }
870 /* Check if id reached maximum */
871 if ($id >= pow(2,32)){
872 print_red(_("Too many users, can't allocate a free ID!"));
873 exit;
874 }
875 }
877 function getCopyDialog()
878 {
879 $vars = array("cn");
881 if($this ->force_gid){
882 $used = " checked ";
883 $dis = "";
884 }else{
885 $used = "";
886 $dis = " disabled ";
887 }
889 $smarty = get_smarty();
890 $smarty->assign("used",$used);
891 $smarty->assign("dis" ,$dis);
892 $smarty->assign("cn" ,$this->cn);
893 $smarty->assign("gidNumber",$this->gidNumber);
894 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
895 $ret = array();
896 $ret['string'] = $str;
897 $ret['status'] = "";
898 return($ret);
899 }
901 function saveCopyDialog()
902 {
903 if(isset($_POST['cn'])){
904 $this->cn = $_POST['cn'];
905 }
906 if(isset($_POST['force_gid'])){
907 $this->force_gid = 1;
908 $this->gidNumber= $_POST['gidNumber'];
909 }else{
910 $this->force_gid = 0;
911 $this->gidNumber = false;
912 }
913 }
916 /* Return plugin informations for acl handling */
917 function plInfo()
918 {
919 return (array(
920 "plShortName" => _("Generic"),
921 "plDescription" => _("Generic group settings"),
922 "plSelfModify" => FALSE,
923 "plDepends" => array(),
924 "plPriority" => 0,
925 "plSection" => array("admin"),
926 "plCategory" => array("groups" => array("objectClass" => "posixGroup", "description" => _("Groups"))),
928 "plProvidedAcls" => array(
929 "cn" => _("Name"),
930 "base" => _("Base"),
931 "description" => _("Description"),
933 "fonGroup" => _("Phone pickup group"),
934 "nagiosGroup" => _("Nagios group"),
936 "gidNumber" => _("GID"),
937 "memberUid" => _("Group member"),
938 "sambaGroupType" => _("Samba group type"),
939 "sambaDomainName" => _("Samba domain name"),
940 "sambaSID" => _("Samba SID"))
941 ));
942 }
943 }
945 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
946 ?>