1 <?php
2 class group extends plugin
3 {
4 /* CLI vars */
5 var $cli_summary= "Handling of GOsa's base group object";
6 var $cli_description= "Some longer text\nfor help";
7 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
9 /* Group attributes */
10 var $cn= "";
11 var $description= "";
12 var $gidNumber= "";
13 var $memberUid= array();
15 /* Helpers */
16 var $base= "";
17 var $force_gid= FALSE;
18 var $fon_group= FALSE;
19 var $smbgroup= FALSE;
20 var $groupType= FALSE;
21 var $samba3= FALSE;
22 var $sambaSID= "";
23 var $sambaDomainName= "DEFAULT";
24 var $SID= "";
25 var $ridBase= 0;
26 var $members= array();
27 var $users= array();
28 var $allusers= array();
29 var $department= "";
30 var $saved_gidNumber= "";
31 var $oldgroupType= "";
32 var $orig_dn= "";
33 var $orig_cn= "";
34 var $has_mailAccount= FALSE;
35 var $group_dialog= FALSE;
36 var $nagios_group =FALSE;
37 var $sambaGroupType;
38 var $dialog;
39 var $OnlyShowFirstEntries =200;
41 var $allowGroupsWithSameNameInOtherSubtrees = true;
43 /* attribute list for save action */
44 var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID");
45 var $objectclasses= array("top", "posixGroup");
47 function group ($config, $dn= NULL)
48 {
49 plugin::plugin ($config, $dn);
51 /* remove Release Tag if we have release management enabled
52 */
53 $tmp = search_config($config->data,"faiManagement","CLASS");
54 if(!empty($tmp)){
55 $this->description = preg_replace("/\(.*\)$/","",$this->description);
56 }
58 /* Load attributes depending on the samba version */
59 $this->samba3= ($config->current['SAMBAVERSION'] == 3);
60 $this->orig_dn= $dn;
61 $this->orig_cn= $this->cn;
63 /* Get member list */
64 if (isset($this->attrs['memberUid'][0])){
65 $tmp= array();
66 for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
67 $tmp[]= $this->attrs['memberUid'][$i];
68 }
69 $this->memberUid= $tmp;
70 sort ($this->memberUid);
71 }
73 /* Save gidNumber for later use */
74 if (isset($this->attrs['gidNumber'])){
75 $this->saved_gidNumber= $this->attrs['gidNumber'][0];
76 }
78 /* Is a samba group? */
79 if (isset($this->attrs['objectClass'])){
80 if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == NULL ){
81 $this->smbgroup= FALSE;
82 } else {
83 $this->smbgroup= TRUE;
84 if (isset($this->attrs['sambaSID'])){
85 $this->sambaSID= $this->attrs['sambaSID'][0];
86 }
87 }
88 if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == NULL ){
89 $this->fon_group= FALSE;
90 } else {
91 $this->fon_group= TRUE;
92 }
93 if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == NULL ){
94 $this->nagios_group= FALSE;
95 } else {
96 $this->nagios_group= TRUE;
97 }
98 }
100 /* Set mail flag */
101 if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
102 $this->has_mailAccount= TRUE;
103 }
105 /* Get samba Domain in case of samba 3 */
106 if ($this->samba3 && $this->sambaSID != ""){
107 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
108 $ldap= $this->config->get_ldap_link();
109 $ldap->cd($this->config->current['BASE']);
110 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
111 if ($ldap->count() != 0){
112 $attrs= $ldap->fetch();
113 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
115 /* Get domain name for SID */
116 $this->sambaDomainName= "DEFAULT";
117 foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
118 if ($val['SID'] == $this->SID){
119 $this->sambaDomainName= $key;
120 break;
121 }
122 }
123 } else {
124 if (isset($this->config->current['RIDBASE'])){
125 $this->sambaDomainName= "DEFAULT";
126 $this->ridBase= $this->config->current['RIDBASE'];
127 $this->SID= $this->config->current['SID'];
128 } else {
129 print_red(_("Can't find this groups SID in LDAP or in your configuration file!"));
130 }
131 }
133 /* Get group type */
134 $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
135 if ($this->groupType < 500 || $this->groupType > 553){
136 $this->groupType= 0;
137 }
138 $this->oldgroupType= $this->groupType;
139 }
141 /* Get global filter config */
142 if (!is_global("gufilter")){
143 $ui= get_userinfo();
144 $base= get_base_from_people($ui->dn);
145 $gufilter= array( "dselect" => $base,
146 "regex" => "*");
147 register_global("gufilter", $gufilter);
148 }
149 $gufilter= get_global('gufilter');
151 $gufilter['SubSearchGroup'] = false;
152 $gufilter['dselect'] = $_SESSION['gufilter']['dselect'];
154 register_global('gufilter',$gufilter);
156 /* Bases / Departments */
158 if(isset($_SESSION['groupfilter']['depselect'])){
159 $this->base = $_SESSION['groupfilter']['depselect'];
160 }else{
161 if ($this->dn == "new"){
162 $ui= get_userinfo();
163 $this->base= dn2base($ui->dn);
164 } else {
165 $this->base= preg_replace ("/^[^,]+,[^,]+,/", "", $this->dn);
166 }
167 }
170 /* This is always an account */
171 $this->is_account= TRUE;
172 $this->reload();
173 }
175 function execute()
176 {
177 /* Call parent execute */
178 plugin::execute();
180 $ui= get_userinfo();
181 $acla= get_permissions ($ui->dn, $ui->subtreeACL);
182 $this->acl= get_module_permission($acla, "group", $ui->dn);
183 /* Do we represent a valid group? */
184 if (!$this->is_account && $this->parent == NULL){
185 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
186 _("This 'dn' is no group.")."</b>";
187 return ($display);
188 }
190 /* Delete user from group */
191 if (isset($_POST['del_users']) && isset($_POST['members'])){
192 foreach ($_POST['members'] as $value){
193 unset ($this->members["$value"]);
194 $this->removeUser($value);
195 }
196 $this->reload();
197 }
199 /* Add objects? */
200 if (isset($_POST["edit_membership"])){
201 $this->group_dialog= TRUE;
202 $this->dialog= TRUE;
203 }
205 /* Add objects finished? */
206 if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
207 $this->group_dialog= FALSE;
208 $this->dialog= FALSE;
209 }
211 /* Add user to group */
212 if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
213 foreach ($_POST['users'] as $value){
214 $this->members["$value"]= $this->allusers[$value];
215 asort($this->members);
216 $this->addUser($value);
217 }
218 $this->reload();
219 }
221 /* Base select dialog */
222 $once = true;
223 foreach($_POST as $name => $value){
224 if(preg_match("/^chooseBase/",$name) && $once){
225 $once = false;
226 $this->dialog = new baseSelectDialog($this->config);
227 $this->dialog->setCurrentBase($this->base);
228 }
229 }
231 /* Dialog handling */
232 if(is_object($this->dialog)){
233 /* Must be called before save_object */
234 $this->dialog->save_object();
236 if($this->dialog->isClosed()){
237 $this->dialog = false;
238 }elseif($this->dialog->isSelected()){
239 $this->base = $this->dialog->isSelected();
240 $this->dialog= false;
241 }else{
242 return($this->dialog->execute());
243 }
244 }
246 /* Assign templating stuff */
247 $smarty= get_smarty();
248 if ($this->samba3){
249 $smarty->assign("samba3", "true");
250 } else {
251 $smarty->assign("samba3", "");
252 }
254 if(search_config($this->config->data['MENU'], "nagiosaccount", "CLASS")){
255 $smarty->assign("nagios",true);
256 }else{
257 $smarty->assign("nagios",false);
258 }
260 if(search_config($this->config->data['MENU'], "phoneAccount", "CLASS")){
261 $smarty->assign("pickupGroup",true);
262 }else{
263 $smarty->assign("pickupGroup",false);
264 }
266 /* Manage object add dialog */
267 if ($this->group_dialog){
269 /* Save data */
270 $gufilter= get_global("gufilter");
271 foreach( array("dselect", "regex") as $type){
272 if (isset($_POST[$type])){
273 $gufilter[$type]= $_POST[$type];
274 }
275 }
276 if(isset($_POST['regex'])){
277 if(isset($_POST['SubSearchGroup'])){
278 $gufilter['SubSearchGroup'] = true;
279 }else{
280 $gufilter['SubSearchGroup'] = false;
281 }
282 }
284 if (isset($_GET['search'])){
285 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
286 if ($s == "**"){
287 $s= "*";
288 }
289 $gufilter['regex']= $s;
290 }
291 $regex= preg_replace('/[*]/', ".*", $gufilter['regex']);
292 register_global("gufilter", $gufilter);
293 $this->reload();
295 /* Show dialog */
296 $smarty->assign("search_image", get_template_path('images/search.png'));
297 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
298 $smarty->assign("tree_image", get_template_path('images/tree.png'));
299 $smarty->assign("deplist", $this->config->idepartments);
300 $smarty->assign("alphabet", generate_alphabet());
301 foreach( array("dselect", "regex","SubSearchGroup") as $type){
302 $smarty->assign("$type", $gufilter[$type]);
303 }
304 $smarty->assign("hint", print_sizelimit_warning());
306 $users= array();
307 foreach ($this->allusers as $key => $value){
308 if (!array_key_exists($key, $this->members)){
309 if (preg_match("/^$regex/i", $key)){
310 $users[$key]= $value;
311 }
312 }
313 }
314 $smarty->assign("users", $users);
315 $smarty->assign("apply", apply_filter());
316 $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
317 return ($display);
318 }
320 /* Bases / Departments */
321 if (isset($_POST['base'])){
322 $this->base= $_POST['base'];
323 }
325 $smarty->assign("bases", $this->config->idepartments);
326 $smarty->assign("base_select", $this->base);
327 $smarty->assign("department", $this->department);
329 if ($this->samba3){
330 $domains= array();
331 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
332 $domains[$name]= $name;
333 }
334 $smarty->assign("sambaDomains", $domains);
335 $smarty->assign("sambaDomainName", $this->sambaDomainName);
336 $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
337 514 => _("Domain guests"));
339 /* Don't loose special groups! If not key'ed above, add it to
340 the combo box... */
341 if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
342 $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
343 }
345 $smarty->assign("groupTypes", $groupTypes);
346 $smarty->assign("groupType", $this->groupType);
347 }
349 /* Members and users */
350 $smarty->assign("members", $this->members);
352 /* Checkboxes */
353 foreach (array("force_gid", "smbgroup") as $val){
354 if ($this->$val == "1"){
355 $smarty->assign("$val", "checked");
356 } else {
357 $smarty->assign("$val", "");
358 }
359 }
360 if ($this->force_gid != "1"){
361 $smarty->assign("forceMode", "disabled");
362 }else{
363 $smarty->assign("forceMode", "");
364 }
365 $smarty->assign("force_gidACL", chkacl($this->acl, "gidNumber"));
366 $smarty->assign("sambaDomainNameACL", chkacl($this->acl, "sambaDomainName"));
367 if ($this->fon_group){
368 $smarty->assign("fon_group", "checked");
369 } else {
370 $smarty->assign("fon_group", "");
371 }
372 $smarty->assign("fon_groupACL", chkacl($this->acl, "fon_group"));
374 if ($this->nagios_group){
375 $smarty->assign("nagios_group", "checked");
376 } else {
377 $smarty->assign("nagios_group", "");
378 }
379 $smarty->assign("nagios_groupACL", chkacl($this->acl, "nagios_group"));
381 /* Fields */
382 foreach (array("cn", "description", "gidNumber") as $val){
383 $smarty->assign("$val", $this->$val);
384 $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
385 }
387 /* Missing ACL's */
388 foreach (array("base", "smbgroup", "members") as $val){
389 $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
390 }
392 /* Show main page */
393 $smarty->assign("alphabet", generate_alphabet(10));
394 $smarty->assign("search_image", get_template_path('images/search.png'));
395 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
396 $smarty->assign("tree_image", get_template_path('images/tree.png'));
397 $smarty->assign("deplist", $this->config->idepartments);
398 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
399 }
401 function addUser($uid)
402 {
403 $this->memberUid[]= $uid;
404 $this->memberUid= array_unique($this->memberUid);
405 }
407 function removeUser($uid)
408 {
409 $temp= array();
410 foreach ($this->memberUid as $value){
411 if ($value != $uid){
412 $temp[]= $value;
413 }
414 }
415 $this->memberUid= $temp;
416 }
419 /* Reload data */
420 function reload()
421 {
422 /* Generate userlists */
423 $this->last_sorting= "invalid";
424 $this->users= array();
425 $ldap= $this->config->get_ldap_link();
427 $MaxUser = $this->OnlyShowFirstEntries;
429 $gufilter= get_global("gufilter");
430 $ldap->cd ($this->config->current['BASE']);
431 if($gufilter['SubSearchGroup']){
432 $ldap->cd ($gufilter['dselect']);
433 $ldap->search("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$)))",array("uid", "sn","givenName"));
434 }else{
435 $ldap->cd (get_people_ou().$gufilter['dselect']);
436 $ldap->ls ("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$)))",get_people_ou().$gufilter['dselect'],array("uid", "sn", "givenName"));
437 }
438 $this->allusers= array();
440 $i = 0 ;
441 while (($attrs= $ldap->fetch()) && ($i < $MaxUser)){
442 $i ++;
443 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
444 $this->allusers[$attrs["uid"][0]]= $attrs["sn"][0].", ".
445 $attrs["givenName"][0]." [".$attrs["uid"][0]."]";
446 } else {
447 $this->allusers[$attrs["uid"][0]]= $attrs['uid'][0];
448 }
449 }
451 if(($i == $MaxUser)){
452 print_red(sprintf(_("Your search method returned more than '%s' users, only '%s' users are shown.") , $MaxUser,$MaxUser));
453 }
455 natcasesort ($this->allusers);
456 reset ($this->allusers);
458 /* Fill memberlist */
459 $this->members= array();
460 foreach ($this->memberUid as $value){
461 if (isset($this->allusers[$value])){
462 $this->members[$value]= $this->allusers[$value];
463 } else {
464 $ldap->cd($this->config->current['BASE']);
465 $ldap->search("(&(objectClass=gosaAccount)(uid=".$value."))",array("uid", "sn","givenName"));
466 $attrs = $ldap->fetch();
468 if(!$attrs){
469 $this->members[$value] = _("! unknown id")." [".$value."]";
470 }else{
472 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
473 $this->allusers[$attrs["uid"][0]]= $attrs["sn"][0].", ".
474 $attrs["givenName"][0]." [".$attrs["uid"][0]."]";
475 } else {
476 $this->allusers[$attrs["uid"][0]]= $attrs['uid'][0];
477 }
478 if (isset($this->allusers[$value])){
479 $this->members[$value]= $this->allusers[$value];
480 } else {
481 $this->members[$value] = "[".$value."]";
482 }
483 }
484 }
485 }
486 asort($this->members);
487 reset($this->members);
488 }
492 function remove_from_parent()
493 {
494 plugin::remove_from_parent();
496 $ldap= $this->config->get_ldap_link();
497 $ldap->rmdir($this->dn);
498 show_ldap_error($ldap->get_error());
500 /* Delete references to object groups */
501 $ldap->cd ($this->config->current['BASE']);
502 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".$this->dn."))", array("cn"));
503 while ($ldap->fetch()){
504 $og= new ogroup($this->config, $ldap->getDN());
505 unset($og->member[$this->dn]);
506 $og->save ();
507 }
509 /* Send signal to the world that we've done */
510 $this->handle_post_events("remove");
511 }
514 /* Save data to object */
515 function save_object()
516 {
517 /* Save additional values for possible next step */
518 if (isset($_POST['groupedit'])){
520 plugin::save_object();
522 $this->force_gid= 0;
523 $this->smbgroup= 0;
524 foreach (array("force_gid", "department", "base", "smbgroup") as $val) {
525 if (chkacl ($this->acl, "$val") == "" && isset($_POST["$val"])){
526 $this->$val= $_POST["$val"];
527 }
528 }
530 /* Save sambaDomain attribute */
531 if (chkacl ($this->acl, "sambaDomainName") == "" && $this->samba3 &&
532 isset ($_POST['sambaDomainName'])){
534 $this->sambaDomainName= $_POST['sambaDomainName'];
535 $this->groupType= $_POST['groupType'];
536 }
538 /* Save fon attribute */
539 if (chkacl ($this->acl, "fon_group") == ""){
540 if (isset ($_POST['fon_group'])){
541 $this->fon_group= TRUE;
542 } else {
543 $this->fon_group= FALSE;
544 }
545 }
546 if (chkacl ($this->acl, "nagios_group") == ""){
547 if (isset ($_POST['nagios_group'])){
548 $this->nagios_group= TRUE;
549 } else {
550 $this->nagios_group= FALSE;
551 }
552 }
553 }
554 }
557 /* Save to LDAP */
558 function save()
559 {
561 /* ID handling */
562 if ($this->force_gid == 0){
563 if ($this->saved_gidNumber != ""){
564 $this->gidNumber= $this->saved_gidNumber;
565 } else {
566 /* Calculate new, lock uids */
567 $wait= 10;
568 while (get_lock("uidnumber") != ""){
569 sleep (1);
571 /* timed out? */
572 if ($wait-- == 0){
573 break;
574 }
575 }
576 add_lock ("uidnumber", "gosa");
577 $this->gidNumber= $this->get_next_id("gidNumber");
578 }
579 }
581 /* If release management is enabled ....
582 Append release name to description tag ..
583 #FIXME release name within description is a very bad solution, use ldap attribute instead
584 */
585 $tmp = search_config($this->config->data,"faiManagement","CLASS");
586 if(!empty($tmp)){
587 if(isset($this->parent)){
588 if(isset($this->parent->by_object['appgroup'])){
589 $baseObj = $this->parent->by_object['appgroup'];
590 if($baseObj->is_account){
591 if(isset($baseObj->Release)){
592 $this->description .= " (".trim($baseObj->Release).")";
593 }
594 }
595 }
596 }
597 }
599 plugin::save();
601 /* Remove objectClass for samba/phone support */
602 $tmp= array();
603 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
604 if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
605 $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
606 $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
607 $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
608 $tmp[]= $this->attrs['objectClass'][$i];
609 }
610 }
611 $this->attrs['objectClass']= $tmp;
612 $ldap= $this->config->get_ldap_link();
614 /* Add samba group functionality */
615 if ($this->samba3 && $this->smbgroup){
617 /* Fixed undefined index ...
618 */
619 $this->SID = $this->ridBase = "";
620 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
621 $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
622 }else{
623 print_red(sprintf(_("No configured SID found for '%s'."),$this->sambaDomainName));
624 }
625 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
626 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
627 }else{
628 print_red(sprintf(_("No configured RIDBASE found for '%s'."),$this->sambaDomainName));
629 }
631 $this->attrs['objectClass'][]= 'sambaGroupMapping';
632 $this->attrs['sambaGroupType']= "2";
634 /* Check if we need to create a special entry */
635 if ($this->groupType == 0){
637 if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
638 $gidNumber= $this->gidNumber;
639 while(TRUE){
640 $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
641 $ldap->cd($this->config->current['BASE']);
642 $ldap->search("(sambaSID=$sid)",array("sambaSID"));
643 if ($ldap->count() == 0){
644 break;
645 }
646 $gidNumber++;
647 }
648 $this->attrs['sambaSID']= $sid;
649 $this->sambaSID= $sid;
650 }
652 } else {
653 $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
654 }
656 /* User wants me to fake the idMappings? This is useful for
657 making winbind resolve the group names in a reasonable amount
658 of time in combination with larger databases. */
659 if (isset($this->config->current['SAMBAIDMAPPING']) &&
660 preg_match('/true/i', $this->config->current['SAMBAIDMAPPING'])){
661 $this->attrs['objectClass'][]= "sambaIdmapEntry";
662 }
664 }
666 /* Add phone functionality */
667 if ($this->fon_group){
668 $this->attrs['objectClass'][]= "goFonPickupGroup";
669 }
671 /* Add nagios functionality */
672 if ($this->nagios_group){
673 $this->attrs['objectClass'][]= "nagiosContactGroup";
674 }
676 /* Take members array */
677 if (count ($this->memberUid)){
678 $this->attrs['memberUid']= array_unique($this->memberUid);
679 }
681 /* New accounts need proper 'dn', propagate it to remaining objects */
682 if ($this->dn == 'new'){
683 $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
684 }
686 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
687 new entries. So do a check first... */
688 $ldap->cat ($this->dn);
689 if ($ldap->fetch()){
690 /* Modify needs array() to remove values :-( */
691 if (!count ($this->memberUid)){
692 $this->attrs['memberUid']= array();
693 }
694 if ($this->samba3){
695 if (!$this->smbgroup){
696 $this->attrs['sambaGroupType']= array();
697 $this->attrs['sambaSID']= array();
698 }
699 }
700 $mode= "modify";
701 } else {
702 $mode= "add";
703 $ldap->cd($this->config->current['BASE']);
704 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
705 }
707 /* Write back to ldap */
708 $ldap->cd($this->dn);
709 $this->cleanup();
710 $ldap->$mode($this->attrs);
712 $ret= 0;
713 if (show_ldap_error($ldap->get_error())){
714 $ret= 1;
715 }
717 /* Remove uid lock */
718 del_lock ("uidnumber");
720 /* Post that we've done*/
721 $this->handle_post_events($mode);
723 return ($ret);
724 }
726 function check()
727 {
728 /* Call common method to give check the hook */
729 $message= plugin::check();
731 /* Permissions for that base? */
732 if ($this->base != ""){
733 $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
734 } else {
735 $new_dn= $this->dn;
736 }
738 $ui= get_userinfo();
739 $acl= get_permissions ($ui->dn, $ui->subtreeACL);
740 $acl= get_module_permission($acl, "group", $ui->dn);
741 if (chkacl($this->acl, "create") != ""){
742 $message[]= _("You have no permissions to create a group on this 'Base'.");
743 }
745 /* must: cn */
746 if ($this->cn == "" && chkacl ($this->acl, "cn") == ""){
747 $message[]= "The required field 'Name' is not set.";
748 }
750 /* Check for valid input */
751 if (!is_uid($this->cn)){
752 $message[]= _("The field 'Name' contains invalid characters. Lowercase, numbers and dashes are allowed.");
753 }
756 if($this->allowGroupsWithSameNameInOtherSubtrees == true){
758 /* Check for used 'cn' */
759 $ldap= $this->config->get_ldap_link();
760 if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
761 $ldap->cd("ou=groups,".$this->base);
762 $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))","ou=groups,".$this->base,array("cn"));
763 if ($ldap->count() != 0){
764 $message[]= _("Value specified as 'Name' is already used.");
765 }
766 }
768 }else{
770 /* Check for used 'cn' */
771 $ldap= $this->config->get_ldap_link();
772 $ldap->cd($this->config->current['BASE']);
773 $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
774 if ($ldap->count() != 0){
776 /* New entry? */
777 if ($this->dn == 'new'){
778 $message[]= _("Value specified as 'Name' is already used.");
779 }
781 /* Moved? */
782 elseif ($new_dn != $this->orig_dn){
783 $ldap->fetch();
784 if ($ldap->getDN() != $this->orig_dn){
785 $message[]= _("Value specified as 'Name' is already used.");
786 }
787 }
788 }
789 }
791 /* Check ID */
792 if ($this->force_gid == "1"){
793 if (!is_id($this->gidNumber)){
794 $message[]= _("Value specified as 'GID' is not valid.");
795 } else {
796 if ($this->gidNumber < $this->config->current['MINID']){
797 $message[]= _("Value specified as 'GID' is too small.");
798 }
800 }
801 }
803 return ($message);
804 }
806 function get_next_id($attrib)
807 {
808 $ids= array();
809 $ldap= $this->config->get_ldap_link();
811 $ldap->cd ($this->config->current['BASE']);
812 if (preg_match('/gidNumber/i', $attrib)){
813 $oc= "posixGroup";
814 } else {
815 $oc= "posixAccount";
816 }
817 $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
819 /* Get list of ids */
820 while ($attrs= $ldap->fetch()){
821 $ids[]= (int)$attrs["$attrib"][0];
822 }
824 /* Find out next free id near to UID_BASE */
825 for ($id= $this->config->current['UIDBASE']; $id++; $id<65000){
826 if (!in_array($id, $ids)){
827 return ($id);
828 }
829 }
831 /* Should not happen */
832 if ($id == 65000){
833 print_red(_("Too many users, can't allocate a free ID!"));
834 exit;
835 }
836 }
838 function getCopyDialog()
839 {
840 $vars = array("cn");
842 if($this ->force_gid){
843 $used = " checked ";
844 $dis = "";
845 }else{
846 $used = "";
847 $dis = " disabled ";
848 }
850 $smarty = get_smarty();
851 $smarty->assign("used",$used);
852 $smarty->assign("dis" ,$dis);
853 $smarty->assign("cn" ,$this->cn);
854 $smarty->assign("gidNumber",$this->gidNumber);
855 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
856 $ret = array();
857 $ret['string'] = $str;
858 $ret['status'] = "";
859 return($ret);
860 }
862 function saveCopyDialog()
863 {
864 if(isset($_POST['cn'])){
865 $this->cn = $_POST['cn'];
866 }
867 if(isset($_POST['force_gid'])){
868 $this->force_gid = 1;
869 $this->gidNumber= $_POST['gidNumber'];
870 }else{
871 $this->force_gid = 0;
872 $this->gidNumber = false;
873 }
874 }
875 }
877 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
878 ?>