1 <?php
3 class group extends plugin
4 {
5 /* CLI vars */
6 var $cli_summary= "Handling of GOsa's base group object";
7 var $cli_description= "Some longer text\nfor help";
8 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
10 /* Group attributes */
11 var $cn= "";
12 var $description= "";
13 var $gidNumber= "";
14 var $memberUid= array();
16 /* Helpers */
17 var $base= "";
18 var $force_gid= FALSE;
19 var $fon_group= FALSE;
20 var $smbgroup= FALSE;
21 var $groupType= FALSE;
22 var $samba3= FALSE;
23 var $sambaSID= "";
24 var $sambaDomainName= "DEFAULT";
25 var $SID= "";
26 var $ridBase= 0;
27 var $members= array();
28 var $users= array();
29 var $allusers= array();
30 var $department= "";
31 var $saved_gidNumber= "";
32 var $oldgroupType= "";
33 var $orig_dn= "";
34 var $orig_cn= "";
35 var $has_mailAccount= FALSE;
36 var $group_dialog= FALSE;
37 var $nagios_group =FALSE;
38 var $sambaGroupType;
39 var $dialog;
40 var $OnlyShowFirstEntries =200;
42 var $allowGroupsWithSameNameInOtherSubtrees = true;
44 /* attribute list for save action */
45 var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID");
46 var $objectclasses= array("top", "posixGroup");
48 function group ($config, $dn= NULL, $parent= NULL)
49 {
50 plugin::plugin ($config, $dn, $parent);
52 /* Load attributes depending on the samba version */
53 $this->samba3= ($config->current['SAMBAVERSION'] == 3);
54 $this->orig_dn= $dn;
55 $this->orig_cn= $this->cn;
57 /* Get member list */
58 if (isset($this->attrs['memberUid'][0])){
59 $tmp= array();
60 for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
61 $tmp[]= $this->attrs['memberUid'][$i];
62 }
63 $this->memberUid= $tmp;
64 sort ($this->memberUid);
65 }
67 /* Save gidNumber for later use */
68 if (isset($this->attrs['gidNumber'])){
69 $this->saved_gidNumber= $this->attrs['gidNumber'][0];
70 }
72 /* Is a samba group? */
73 if (isset($this->attrs['objectClass'])){
74 if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == NULL ){
75 $this->smbgroup= FALSE;
76 } else {
77 $this->smbgroup= TRUE;
78 if (isset($this->attrs['sambaSID'])){
79 $this->sambaSID= $this->attrs['sambaSID'][0];
80 }
81 }
82 if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == NULL ){
83 $this->fon_group= FALSE;
84 } else {
85 $this->fon_group= TRUE;
86 }
87 if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == NULL ){
88 $this->nagios_group= FALSE;
89 } else {
90 $this->nagios_group= TRUE;
91 }
92 }
94 /* Set mail flag */
95 if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
96 $this->has_mailAccount= TRUE;
97 }
99 /* Get samba Domain in case of samba 3 */
100 if ($this->samba3 && $this->sambaSID != ""){
101 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
102 $ldap= $this->config->get_ldap_link();
103 $ldap->cd($this->config->current['BASE']);
104 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
105 if ($ldap->count() != 0){
106 $attrs= $ldap->fetch();
107 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
109 /* Get domain name for SID */
110 $this->sambaDomainName= "DEFAULT";
111 foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
112 if ($val['SID'] == $this->SID){
113 $this->sambaDomainName= $key;
114 break;
115 }
116 }
117 } else {
118 if (isset($this->config->current['RIDBASE'])){
119 $this->sambaDomainName= "DEFAULT";
120 $this->ridBase= $this->config->current['RIDBASE'];
121 $this->SID= $this->config->current['SID'];
122 } else {
123 print_red(_("Can't find this groups SID in LDAP or in your configuration file!"));
124 }
125 }
127 /* Get group type */
128 $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
129 if ($this->groupType < 500 || $this->groupType > 553){
130 $this->groupType= 0;
131 }
132 $this->oldgroupType= $this->groupType;
133 }
135 /* Get global filter config */
136 if (!is_global("gufilter")){
137 $ui= get_userinfo();
138 $base= get_base_from_people($ui->dn);
139 $gufilter= array( "dselect" => $base,
140 "regex" => "*");
141 register_global("gufilter", $gufilter);
142 }
143 $gufilter= get_global('gufilter');
145 $gufilter['SubSearchGroup'] = false;
146 $gufilter['dselect'] = $_SESSION['gufilter']['dselect'];
148 register_global('gufilter',$gufilter);
150 if ($this->dn == "new"){
151 if(isset($_SESSION['CurrentMainBase'])){
152 $this->base= $_SESSION['CurrentMainBase'];
153 }else{
154 $ui= get_userinfo();
155 $this->base= dn2base($ui->dn);
156 }
157 } else {
158 $this->base= preg_replace ("/^[^,]+,[^,]+,/", "", $this->dn);
159 }
161 /* This is always an account */
162 $this->is_account= TRUE;
163 $this->reload();
164 }
166 function execute()
167 {
168 /* Call parent execute */
169 plugin::execute();
171 $ui= get_userinfo();
172 $acla= get_permissions ($ui->dn, $ui->subtreeACL);
173 $this->acl= get_module_permission($acla, "group", $ui->dn);
174 /* Do we represent a valid group? */
175 if (!$this->is_account && $this->parent == NULL){
176 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
177 _("This 'dn' is no group.")."</b>";
178 return ($display);
179 }
181 /* Delete user from group */
182 if (isset($_POST['del_users']) && isset($_POST['members'])){
183 foreach ($_POST['members'] as $value){
184 unset ($this->members["$value"]);
185 $this->removeUser($value);
186 }
187 $this->reload();
188 }
190 /* Add objects? */
191 if (isset($_POST["edit_membership"])){
192 $this->group_dialog= TRUE;
193 $this->dialog= TRUE;
194 }
196 /* Add objects finished? */
197 if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
198 $this->group_dialog= FALSE;
199 $this->dialog= FALSE;
200 }
202 /* Add user to group */
203 if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
204 foreach ($_POST['users'] as $value){
205 $this->members["$value"]= $this->allusers[$value];
206 asort($this->members);
207 $this->addUser($value);
208 }
209 $this->reload();
210 }
212 /* Base select dialog */
213 $once = true;
214 foreach($_POST as $name => $value){
215 if(preg_match("/^chooseBase/",$name) && $once){
216 $once = false;
217 $this->dialog = new baseSelectDialog($this->config);
218 $this->dialog->setCurrentBase($this->base);
219 }
220 }
222 /* Dialog handling */
223 if(is_object($this->dialog)){
224 /* Must be called before save_object */
225 $this->dialog->save_object();
227 if($this->dialog->isClosed()){
228 $this->dialog = false;
229 }elseif($this->dialog->isSelected()){
230 $this->base = $this->dialog->isSelected();
231 $this->dialog= false;
232 }else{
233 return($this->dialog->execute());
234 }
235 }
237 /* Assign templating stuff */
238 $smarty= get_smarty();
239 if ($this->samba3){
240 $smarty->assign("samba3", "true");
241 } else {
242 $smarty->assign("samba3", "");
243 }
245 if(search_config($this->config->data['MENU'], "nagiosaccount", "CLASS")){
246 $smarty->assign("nagios",true);
247 }else{
248 $smarty->assign("nagios",false);
249 }
251 if(search_config($this->config->data['MENU'], "phoneAccount", "CLASS")){
252 $smarty->assign("pickupGroup",true);
253 }else{
254 $smarty->assign("pickupGroup",false);
255 }
257 /* Manage object add dialog */
258 if ($this->group_dialog){
260 /* Save data */
261 $gufilter= get_global("gufilter");
262 foreach( array("dselect", "regex") as $type){
263 if (isset($_POST[$type])){
264 $gufilter[$type]= $_POST[$type];
265 }
266 }
267 if(isset($_POST['regex'])){
268 if(isset($_POST['SubSearchGroup'])){
269 $gufilter['SubSearchGroup'] = true;
270 }else{
271 $gufilter['SubSearchGroup'] = false;
272 }
273 }
275 if (isset($_GET['search'])){
276 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
277 if ($s == "**"){
278 $s= "*";
279 }
280 $gufilter['regex']= $s;
281 }
282 register_global("gufilter", $gufilter);
283 $this->reload();
285 /* Show dialog */
286 $smarty->assign("search_image", get_template_path('images/search.png'));
287 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
288 $smarty->assign("tree_image", get_template_path('images/tree.png'));
289 $smarty->assign("deplist", $this->config->idepartments);
290 $smarty->assign("alphabet", generate_alphabet());
291 foreach( array("dselect", "regex","SubSearchGroup") as $type){
292 $smarty->assign("$type", $gufilter[$type]);
293 }
294 $smarty->assign("hint", print_sizelimit_warning());
295 $smarty->assign("users", $this->displayUsers);
296 $smarty->assign("apply", apply_filter());
297 $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
298 return ($display);
299 }
301 /* Bases / Departments */
302 if (isset($_POST['base'])){
303 $this->base= $_POST['base'];
304 }
306 $smarty->assign("bases", $this->config->idepartments);
307 $smarty->assign("base_select", $this->base);
308 $smarty->assign("department", $this->department);
310 if ($this->samba3){
311 $domains= array();
312 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
313 $domains[$name]= $name;
314 }
315 $smarty->assign("sambaDomains", $domains);
316 $smarty->assign("sambaDomainName", $this->sambaDomainName);
317 $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
318 514 => _("Domain guests"));
320 /* Don't loose special groups! If not key'ed above, add it to
321 the combo box... */
322 if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
323 $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
324 }
326 $smarty->assign("groupTypes", $groupTypes);
327 $smarty->assign("groupType", $this->groupType);
328 }
330 /* Members and users */
331 $smarty->assign("members", $this->members);
333 /* Checkboxes */
334 foreach (array("force_gid", "smbgroup") as $val){
335 if ($this->$val == "1"){
336 $smarty->assign("$val", "checked");
337 } else {
338 $smarty->assign("$val", "");
339 }
340 }
341 if ($this->force_gid != "1"){
342 $smarty->assign("forceMode", "disabled");
343 }else{
344 $smarty->assign("forceMode", "");
345 }
346 $smarty->assign("force_gidACL", chkacl($this->acl, "gidNumber"));
347 $smarty->assign("sambaDomainNameACL", chkacl($this->acl, "sambaDomainName"));
348 if ($this->fon_group){
349 $smarty->assign("fon_group", "checked");
350 } else {
351 $smarty->assign("fon_group", "");
352 }
353 $smarty->assign("fon_groupACL", chkacl($this->acl, "fon_group"));
355 if ($this->nagios_group){
356 $smarty->assign("nagios_group", "checked");
357 } else {
358 $smarty->assign("nagios_group", "");
359 }
360 $smarty->assign("nagios_groupACL", chkacl($this->acl, "nagios_group"));
362 /* Fields */
363 foreach (array("cn", "description", "gidNumber") as $val){
364 $smarty->assign("$val", $this->$val);
365 $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
366 }
368 /* Missing ACL's */
369 foreach (array("base", "smbgroup", "members") as $val){
370 $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
371 }
373 /* Show main page */
374 $smarty->assign("alphabet", generate_alphabet(10));
375 $smarty->assign("search_image", get_template_path('images/search.png'));
376 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
377 $smarty->assign("tree_image", get_template_path('images/tree.png'));
378 $smarty->assign("deplist", $this->config->idepartments);
379 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
380 }
382 function addUser($uid)
383 {
384 $this->memberUid[]= $uid;
385 $this->memberUid= array_unique($this->memberUid);
386 }
388 function removeUser($uid)
389 {
390 $temp= array();
391 foreach ($this->memberUid as $value){
392 if ($value != $uid){
393 $temp[]= $value;
394 }
395 }
396 $this->memberUid= $temp;
397 }
400 /* Reload data */
401 function reload()
402 {
403 /* Fix regex string */
404 $gufilter = get_global("gufilter");
405 $regex = normalizeLdap($gufilter['regex']);
406 $MaxUser = $this->OnlyShowFirstEntries;
408 /* Prepare ldap link */
409 $ldap= $this->config->get_ldap_link();
410 $ldap->cd($gufilter['dselect']);
413 /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
414 (Store gathered sn/givenName informations in $this->allusers too,
415 to be prepared when adding/deleting users)
416 */
417 $filter = "";
418 foreach ($this->memberUid as $value){
419 if(!isset($this->members[$value])){
420 $filter .= "(uid=".normalizeLdap($value).")";
421 }
422 }
423 if(!empty($filter)){
424 $ldap->cd($this->config->current['BASE']);
425 $ldap->search("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(|".$filter."))",array("uid","sn","givenName"));
426 while($attrs = $ldap->fetch()){
427 $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
428 $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
429 }
430 }
432 /* check if all uids are resolved */
433 foreach ($this->memberUid as $value){
434 if(!isset($this->members[$value])){
435 $this->members[$value] = _("! unknown id")." [".$value."]";
436 }
437 }
439 /* Create display list of users matching regex & filter
440 */
441 $this->displayUsers = array();
443 /* Set tag attribute if we've tagging activated */
444 $tag= "";
445 $ui= get_userinfo();
446 if ($ui->gosaUnitTag != "" && isset($this->config->current['STRICT_UNITS']) &&
447 preg_match('/TRUE/i', $this->config->current['STRICT_UNITS'])){
448 $tag= "(gosaUnitTag=".$ui->gosaUnitTag.")";
449 }
451 $filter = "(&(objectClass=gosaAccount)$tag(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
453 /* Search in current tree or within subtrees depending on the checkbox from filter section */
454 if($gufilter['SubSearchGroup']){
455 $ldap->search($filter, array("uid", "sn","givenName"));
456 }else{
457 $ldap->ls ($filter, get_people_ou().$gufilter['dselect'],array("uid", "sn", "givenName"));
458 }
459 $i = 0;
461 /* Fetch all users and skip already used users */
462 while($attrs = $ldap->fetch()){
463 if(in_array($attrs['uid'][0], $this->memberUid)) {
464 continue;
465 }
466 $i ++;
467 if($i > $MaxUser) {
468 break;
469 }
470 $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
471 $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
472 }
474 /* If more than max users are found, display a message to warn the user */
475 if(($i == $MaxUser)){
476 print_red(sprintf(_("Your search method returned more than '%s' users, only '%s' users are shown.") , $MaxUser,$MaxUser));
477 }
479 /* Sort lists */
480 natcasesort($this->members);
481 reset($this->members);
482 natcasesort ($this->displayUsers);
483 reset ($this->displayUsers);
484 }
487 /* Create display name, this was used so often that it is excluded into a seperate function */
488 function createResultName($attrs)
489 {
490 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
491 $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
492 } else {
493 $ret= $attrs['uid'][0];
494 }
495 return($ret);
496 }
499 function remove_from_parent()
500 {
501 plugin::remove_from_parent();
503 $ldap= $this->config->get_ldap_link();
504 $ldap->rmdir($this->dn);
505 show_ldap_error($ldap->get_error(), _("Removing group failed"));
507 /* Delete references to object groups */
508 $ldap->cd ($this->config->current['BASE']);
509 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".$this->dn."))", array("cn"));
510 while ($ldap->fetch()){
511 $og= new ogroup($this->config, $ldap->getDN());
512 unset($og->member[$this->dn]);
513 $og->save ();
514 }
516 /* Send signal to the world that we've done */
517 $this->handle_post_events("remove");
518 }
521 /* Save data to object */
522 function save_object()
523 {
524 /* Save additional values for possible next step */
525 if (isset($_POST['groupedit'])){
527 plugin::save_object();
529 $this->force_gid= 0;
530 $this->smbgroup= 0;
531 foreach (array("force_gid", "department", "base", "smbgroup") as $val) {
532 if (chkacl ($this->acl, "$val") == "" && isset($_POST["$val"])){
533 $this->$val= $_POST["$val"];
534 }
535 }
537 /* Save sambaDomain attribute */
538 if (chkacl ($this->acl, "sambaDomainName") == "" && $this->samba3 &&
539 isset ($_POST['sambaDomainName'])){
541 $this->sambaDomainName= $_POST['sambaDomainName'];
542 $this->groupType= $_POST['groupType'];
543 }
545 /* Save fon attribute */
546 if (chkacl ($this->acl, "fon_group") == ""){
547 if (isset ($_POST['fon_group'])){
548 $this->fon_group= TRUE;
549 } else {
550 $this->fon_group= FALSE;
551 }
552 }
553 if (chkacl ($this->acl, "nagios_group") == ""){
554 if (isset ($_POST['nagios_group'])){
555 $this->nagios_group= TRUE;
556 } else {
557 $this->nagios_group= FALSE;
558 }
559 }
560 }
561 }
564 /* Save to LDAP */
565 function save()
566 {
568 /* ID handling */
569 if ($this->force_gid == 0){
570 if ($this->saved_gidNumber != ""){
571 $this->gidNumber= $this->saved_gidNumber;
572 } else {
573 /* Calculate new, lock uids */
574 $wait= 10;
575 while (get_lock("uidnumber") != ""){
576 sleep (1);
578 /* timed out? */
579 if ($wait-- == 0){
580 break;
581 }
582 }
583 add_lock ("uidnumber", "gosa");
584 $this->gidNumber= $this->get_next_id("gidNumber");
585 }
586 }
588 plugin::save();
590 /* Remove objectClass for samba/phone support */
591 $tmp= array();
592 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
593 if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
594 $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
595 $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
596 $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
597 $tmp[]= $this->attrs['objectClass'][$i];
598 }
599 }
600 $this->attrs['objectClass']= $tmp;
601 $ldap= $this->config->get_ldap_link();
603 /* Add samba group functionality */
604 if ($this->samba3 && $this->smbgroup){
606 /* Fixed undefined index ...
607 */
608 $this->SID = $this->ridBase = "";
609 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
610 $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
611 }else{
612 print_red(sprintf(_("No configured SID found for '%s'."),$this->sambaDomainName));
613 }
614 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
615 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
616 }else{
617 print_red(sprintf(_("No configured RIDBASE found for '%s'."),$this->sambaDomainName));
618 }
620 $this->attrs['objectClass'][]= 'sambaGroupMapping';
621 $this->attrs['sambaGroupType']= "2";
623 /* Check if we need to create a special entry */
624 if ($this->groupType == 0){
626 if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
627 $gidNumber= $this->gidNumber;
628 while(TRUE){
629 $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
630 $ldap->cd($this->config->current['BASE']);
631 $ldap->search("(sambaSID=$sid)",array("sambaSID"));
632 if ($ldap->count() == 0){
633 break;
634 }
635 $gidNumber++;
636 }
637 $this->attrs['sambaSID']= $sid;
638 $this->sambaSID= $sid;
639 }
641 } else {
642 $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
643 }
645 /* User wants me to fake the idMappings? This is useful for
646 making winbind resolve the group names in a reasonable amount
647 of time in combination with larger databases. */
648 if (isset($this->config->current['SAMBAIDMAPPING']) &&
649 preg_match('/true/i', $this->config->current['SAMBAIDMAPPING'])){
650 $this->attrs['objectClass'][]= "sambaIdmapEntry";
651 }
653 }
655 /* Add phone functionality */
656 if ($this->fon_group){
657 $this->attrs['objectClass'][]= "goFonPickupGroup";
658 }
660 /* Add nagios functionality */
661 if ($this->nagios_group){
662 $this->attrs['objectClass'][]= "nagiosContactGroup";
663 }
665 /* Take members array */
666 if (count ($this->memberUid)){
667 $this->attrs['memberUid']= array_unique($this->memberUid);
668 }
670 /* New accounts need proper 'dn', propagate it to remaining objects */
671 if ($this->dn == 'new'){
672 $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
673 }
675 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
676 new entries. So do a check first... */
677 $ldap->cat ($this->dn, array('dn'));
678 if ($ldap->fetch()){
679 /* Modify needs array() to remove values :-( */
680 if (!count ($this->memberUid)){
681 $this->attrs['memberUid']= array();
682 }
683 if ($this->samba3){
684 if (!$this->smbgroup){
685 $this->attrs['sambaGroupType']= array();
686 $this->attrs['sambaSID']= array();
687 }
688 }
689 $mode= "modify";
690 } else {
691 $mode= "add";
692 $ldap->cd($this->config->current['BASE']);
693 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
694 }
696 /* Write back to ldap */
697 $ldap->cd($this->dn);
698 $this->cleanup();
699 $ldap->$mode($this->attrs);
701 $ret= 0;
702 if (show_ldap_error($ldap->get_error(), _("Saving group failed"))){
703 $ret= 1;
704 }
706 /* Remove uid lock */
707 del_lock ("uidnumber");
709 /* Post that we've done*/
710 $this->handle_post_events($mode);
712 return ($ret);
713 }
715 function check()
716 {
717 /* Call common method to give check the hook */
718 $message= plugin::check();
720 /* Permissions for that base? */
721 if ($this->base != ""){
722 $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
723 } else {
724 $new_dn= $this->dn;
725 }
727 $ui= get_userinfo();
728 $acl= get_permissions ($ui->dn, $ui->subtreeACL);
729 $acl= get_module_permission($acl, "group", $ui->dn);
730 if (chkacl($this->acl, "create") != ""){
731 $message[]= _("You have no permissions to create a group on this 'Base'.");
732 }
734 /* must: cn */
735 if ($this->cn == "" && chkacl ($this->acl, "cn") == ""){
736 $message[]= "The required field 'Name' is not set.";
737 }
739 /* Check for valid input */
740 if (!is_uid($this->cn)){
741 $message[]= _("The field 'Name' contains invalid characters. Lowercase, numbers and dashes are allowed.");
742 }
745 if($this->allowGroupsWithSameNameInOtherSubtrees == true){
747 /* Check for used 'cn' */
748 $ldap= $this->config->get_ldap_link();
749 if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
750 $ldap->cd("ou=groups,".$this->base);
751 $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
752 if ($ldap->count() != 0){
753 $message[]= _("Value specified as 'Name' is already used.");
754 }
755 }
757 }else{
759 /* Check for used 'cn' */
760 $ldap= $this->config->get_ldap_link();
761 $ldap->cd($this->config->current['BASE']);
762 $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
763 if ($ldap->count() != 0){
765 /* New entry? */
766 if ($this->dn == 'new'){
767 $message[]= _("Value specified as 'Name' is already used.");
768 }
770 /* Moved? */
771 elseif ($new_dn != $this->orig_dn){
772 $ldap->fetch();
773 if ($ldap->getDN() != $this->orig_dn){
774 $message[]= _("Value specified as 'Name' is already used.");
775 }
776 }
777 }
778 }
780 /* Check ID */
781 if ($this->force_gid == "1"){
782 if (!is_id($this->gidNumber)){
783 $message[]= _("Value specified as 'GID' is not valid.");
784 } else {
785 if ($this->gidNumber < $this->config->current['MINID']){
786 $message[]= _("Value specified as 'GID' is too small.");
787 }
789 }
790 }
792 return ($message);
793 }
795 function get_next_id($attrib)
796 {
797 $ids= array();
798 $ldap= $this->config->get_ldap_link();
800 $ldap->cd ($this->config->current['BASE']);
801 if (preg_match('/gidNumber/i', $attrib)){
802 $oc= "posixGroup";
803 } else {
804 $oc= "posixAccount";
805 }
806 $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
808 /* Get list of ids */
809 while ($attrs= $ldap->fetch()){
810 $ids[]= (int)$attrs["$attrib"][0];
811 }
813 /* Find out next free id near to UID_BASE */
814 for ($id= $this->config->current['UIDBASE']; $id++; $id<65000){
815 if (!in_array($id, $ids)){
816 return ($id);
817 }
818 }
820 /* Should not happen */
821 if ($id == 65000){
822 print_red(_("Too many users, can't allocate a free ID!"));
823 exit;
824 }
825 }
827 function getCopyDialog()
828 {
829 $vars = array("cn");
831 if($this ->force_gid){
832 $used = " checked ";
833 $dis = "";
834 }else{
835 $used = "";
836 $dis = " disabled ";
837 }
839 $smarty = get_smarty();
840 $smarty->assign("used",$used);
841 $smarty->assign("dis" ,$dis);
842 $smarty->assign("cn" ,$this->cn);
843 $smarty->assign("gidNumber",$this->gidNumber);
844 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
845 $ret = array();
846 $ret['string'] = $str;
847 $ret['status'] = "";
848 return($ret);
849 }
851 function saveCopyDialog()
852 {
853 if(isset($_POST['cn'])){
854 $this->cn = $_POST['cn'];
855 }
856 if(isset($_POST['force_gid'])){
857 $this->force_gid = 1;
858 $this->gidNumber= $_POST['gidNumber'];
859 }else{
860 $this->force_gid = 0;
861 $this->gidNumber = false;
862 }
863 }
864 }
866 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
867 ?>