![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
3 class group extends plugin
4 {
5 /* CLI vars */
6 var $cli_summary= "Handling of GOsa's base group object";
7 var $cli_description= "Some longer text\nfor help";
8 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
10 /* Group attributes */
11 var $cn= "";
12 var $description= "";
13 var $gidNumber= "";
14 var $memberUid= array();
16 /* Helpers */
17 var $base= "";
18 var $force_gid= FALSE;
19 var $fon_group= FALSE;
20 var $smbgroup= FALSE;
21 var $groupType= FALSE;
22 var $samba3= FALSE;
23 var $sambaSID= "";
24 var $sambaDomainName= "DEFAULT";
25 var $SID= "";
26 var $ridBase= 0;
27 var $members= array();
28 var $users= array();
29 var $allusers= array();
30 var $department= "";
31 var $saved_gidNumber= "";
32 var $oldgroupType= "";
33 var $orig_dn= "";
34 var $orig_cn= "";
35 var $has_mailAccount= FALSE;
36 var $group_dialog= FALSE;
37 var $nagios_group =FALSE;
38 var $sambaGroupType;
39 var $dialog;
40 var $OnlyShowFirstEntries =200;
42 var $allowGroupsWithSameNameInOtherSubtrees = true;
44 var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType");
46 /* attribute list for save action */
47 var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID");
48 var $objectclasses= array("top", "posixGroup");
50 function group ($config, $dn= NULL, $parent= NULL)
51 {
52 plugin::plugin ($config, $dn, $parent);
54 /* Load attributes depending on the samba version */
55 $this->samba3= ($config->current['SAMBAVERSION'] == 3);
56 $this->orig_dn= $dn;
57 $this->orig_cn= $this->cn;
59 /* Get member list */
60 if (isset($this->attrs['memberUid'][0])){
61 $tmp= array();
62 for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
63 $tmp[]= $this->attrs['memberUid'][$i];
64 }
65 $this->memberUid= $tmp;
66 sort ($this->memberUid);
67 }
69 /* Save gidNumber for later use */
70 if (isset($this->attrs['gidNumber'])){
71 $this->saved_gidNumber= $this->attrs['gidNumber'][0];
72 }
74 /* Is a samba group? */
75 if (isset($this->attrs['objectClass'])){
76 if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == NULL ){
77 $this->smbgroup= FALSE;
78 } else {
79 $this->smbgroup= TRUE;
80 if (isset($this->attrs['sambaSID'])){
81 $this->sambaSID= $this->attrs['sambaSID'][0];
82 }
83 }
84 if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == NULL ){
85 $this->fon_group= FALSE;
86 } else {
87 $this->fon_group= TRUE;
88 }
89 if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == NULL ){
90 $this->nagios_group= FALSE;
91 } else {
92 $this->nagios_group= TRUE;
93 }
94 }
96 /* Set mail flag */
97 if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
98 $this->has_mailAccount= TRUE;
99 }
101 /* Get samba Domain in case of samba 3 */
102 if ($this->samba3 && $this->sambaSID != ""){
103 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
104 $ldap= $this->config->get_ldap_link();
105 $ldap->cd($this->config->current['BASE']);
106 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
107 if ($ldap->count() != 0){
108 $attrs= $ldap->fetch();
109 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
111 /* Get domain name for SID */
112 $this->sambaDomainName= "DEFAULT";
113 foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
114 if ($val['SID'] == $this->SID){
115 $this->sambaDomainName= $key;
116 break;
117 }
118 }
119 } else {
120 if (isset($this->config->current['RIDBASE'])){
121 $this->sambaDomainName= "DEFAULT";
122 $this->ridBase= $this->config->current['RIDBASE'];
123 $this->SID= $this->config->current['SID'];
124 } else {
125 print_red(_("Can't find this groups SID in LDAP or in your configuration file!"));
126 }
127 }
129 /* Get group type */
130 $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
131 if ($this->groupType < 500 || $this->groupType > 553){
132 $this->groupType= 0;
133 }
134 $this->oldgroupType= $this->groupType;
135 }
137 /* Get global filter config */
138 if (!is_global("gufilter")){
139 $ui= get_userinfo();
140 $base= get_base_from_people($ui->dn);
141 $gufilter= array( "dselect" => $base,
142 "regex" => "*");
143 register_global("gufilter", $gufilter);
144 }
145 $gufilter= get_global('gufilter');
147 $gufilter['SubSearchGroup'] = false;
148 $gufilter['dselect'] = $_SESSION['gufilter']['dselect'];
150 register_global('gufilter',$gufilter);
152 if ($this->dn == "new"){
153 if(isset($_SESSION['CurrentMainBase'])){
154 $this->base= $_SESSION['CurrentMainBase'];
155 }else{
156 $ui= get_userinfo();
157 $this->base= dn2base($ui->dn);
158 }
159 } else {
161 /* Get object base */
162 $this->base =preg_replace ("/^[^,]+,".normalizePreg(get_groups_ou())."/","",$this->dn);
163 }
165 /* This is always an account */
166 $this->is_account= TRUE;
167 $this->reload();
168 }
170 function execute()
171 {
172 /* Call parent execute */
173 plugin::execute();
175 $ui= get_userinfo();
176 $acla= get_permissions ($ui->dn, $ui->subtreeACL);
177 $this->acl= get_module_permission($acla, "group", $ui->dn);
178 /* Do we represent a valid group? */
179 if (!$this->is_account && $this->parent == NULL){
180 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
181 _("This 'dn' is no group.")."</b>";
182 return ($display);
183 }
185 /* Delete user from group */
186 if (isset($_POST['del_users']) && isset($_POST['members'])){
187 foreach ($_POST['members'] as $value){
188 unset ($this->members["$value"]);
189 $this->removeUser($value);
190 }
191 $this->reload();
192 }
194 /* Add objects? */
195 if (isset($_POST["edit_membership"])){
196 $this->group_dialog= TRUE;
197 $this->dialog= TRUE;
198 }
200 /* Add objects finished? */
201 if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
202 $this->group_dialog= FALSE;
203 $this->dialog= FALSE;
204 }
206 /* Add user to group */
207 if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
208 foreach ($_POST['users'] as $value){
209 $this->members["$value"]= $this->allusers[$value];
210 asort($this->members);
211 $this->addUser($value);
212 }
213 $this->reload();
214 }
216 /* Base select dialog */
217 $once = true;
218 foreach($_POST as $name => $value){
219 if(preg_match("/^chooseBase/",$name) && $once){
220 $once = false;
221 $this->dialog = new baseSelectDialog($this->config);
222 $this->dialog->setCurrentBase($this->base);
223 }
224 }
226 /* Dialog handling */
227 if(is_object($this->dialog)){
228 /* Must be called before save_object */
229 $this->dialog->save_object();
231 if($this->dialog->isClosed()){
232 $this->dialog = false;
233 }elseif($this->dialog->isSelected()){
234 $this->base = $this->dialog->isSelected();
235 $this->dialog= false;
236 }else{
237 return($this->dialog->execute());
238 }
239 }
241 /* Assign templating stuff */
242 $smarty= get_smarty();
243 if ($this->samba3){
244 $smarty->assign("samba3", "true");
245 } else {
246 $smarty->assign("samba3", "");
247 }
249 if(search_config($this->config->data['MENU'], "nagiosaccount", "CLASS")){
250 $smarty->assign("nagios",true);
251 }else{
252 $smarty->assign("nagios",false);
253 }
255 if(search_config($this->config->data['MENU'], "phoneAccount", "CLASS")){
256 $smarty->assign("pickupGroup",true);
257 }else{
258 $smarty->assign("pickupGroup",false);
259 }
261 /* Manage object add dialog */
262 if ($this->group_dialog){
264 /* Save data */
265 $gufilter= get_global("gufilter");
266 foreach( array("dselect", "regex") as $type){
267 if (isset($_POST[$type])){
268 $gufilter[$type]= $_POST[$type];
269 }
270 }
271 if(isset($_POST['regex'])){
272 if(isset($_POST['SubSearchGroup'])){
273 $gufilter['SubSearchGroup'] = true;
274 }else{
275 $gufilter['SubSearchGroup'] = false;
276 }
277 }
279 if (isset($_GET['search'])){
280 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
281 if ($s == "**"){
282 $s= "*";
283 }
284 $gufilter['regex']= $s;
285 }
286 register_global("gufilter", $gufilter);
287 $this->reload();
289 /* Show dialog */
290 $smarty->assign("search_image", get_template_path('images/search.png'));
291 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
292 $smarty->assign("tree_image", get_template_path('images/tree.png'));
293 $smarty->assign("deplist", $this->config->idepartments);
294 $smarty->assign("alphabet", generate_alphabet());
295 foreach( array("dselect", "regex","SubSearchGroup") as $type){
296 $smarty->assign("$type", $gufilter[$type]);
297 }
298 $smarty->assign("hint", print_sizelimit_warning());
299 $smarty->assign("users", $this->displayUsers);
300 $smarty->assign("apply", apply_filter());
301 $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
302 return ($display);
303 }
305 /* Bases / Departments */
306 if (isset($_POST['base'])){
307 $this->base= $_POST['base'];
308 }
310 $smarty->assign("bases", $this->config->idepartments);
311 $smarty->assign("base_select", $this->base);
312 $smarty->assign("department", $this->department);
314 if ($this->samba3){
315 $domains= array();
316 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
317 $domains[$name]= $name;
318 }
319 $smarty->assign("sambaDomains", $domains);
320 $smarty->assign("sambaDomainName", $this->sambaDomainName);
321 $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
322 514 => _("Domain guests"));
324 /* Don't loose special groups! If not key'ed above, add it to
325 the combo box... */
326 if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
327 $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
328 }
330 $smarty->assign("groupTypes", $groupTypes);
331 $smarty->assign("groupType", $this->groupType);
332 }
334 /* Members and users */
335 $smarty->assign("members", $this->members);
337 /* Checkboxes */
338 foreach (array("force_gid", "smbgroup") as $val){
339 if ($this->$val == "1"){
340 $smarty->assign("$val", "checked");
341 } else {
342 $smarty->assign("$val", "");
343 }
344 }
345 if ($this->force_gid != "1"){
346 $smarty->assign("forceMode", "disabled");
347 }else{
348 $smarty->assign("forceMode", "");
349 }
350 $smarty->assign("force_gidACL", chkacl($this->acl, "gidNumber"));
351 $smarty->assign("sambaDomainNameACL", chkacl($this->acl, "sambaDomainName"));
352 if ($this->fon_group){
353 $smarty->assign("fon_group", "checked");
354 } else {
355 $smarty->assign("fon_group", "");
356 }
357 $smarty->assign("fon_groupACL", chkacl($this->acl, "fon_group"));
359 if ($this->nagios_group){
360 $smarty->assign("nagios_group", "checked");
361 } else {
362 $smarty->assign("nagios_group", "");
363 }
364 $smarty->assign("nagios_groupACL", chkacl($this->acl, "nagios_group"));
366 /* Fields */
367 foreach (array("cn", "description", "gidNumber") as $val){
368 $smarty->assign("$val", $this->$val);
369 $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
370 }
372 /* Missing ACL's */
373 foreach (array("base", "smbgroup", "members") as $val){
374 $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
375 }
377 /* Show main page */
378 $smarty->assign("alphabet", generate_alphabet(10));
379 $smarty->assign("search_image", get_template_path('images/search.png'));
380 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
381 $smarty->assign("tree_image", get_template_path('images/tree.png'));
382 $smarty->assign("deplist", $this->config->idepartments);
383 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
384 }
386 function addUser($uid)
387 {
388 $this->memberUid[]= $uid;
389 $this->memberUid= array_unique($this->memberUid);
390 }
392 function removeUser($uid)
393 {
394 $temp= array();
395 foreach ($this->memberUid as $value){
396 if ($value != $uid){
397 $temp[]= $value;
398 }
399 }
400 $this->memberUid= $temp;
401 }
404 /* Reload data */
405 function reload()
406 {
407 /* Fix regex string */
408 $gufilter = get_global("gufilter");
409 $regex = normalizeLdap($gufilter['regex']);
410 $MaxUser = $this->OnlyShowFirstEntries;
412 /* Prepare ldap link */
413 $ldap= $this->config->get_ldap_link();
414 $ldap->cd($gufilter['dselect']);
417 /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
418 (Store gathered sn/givenName informations in $this->allusers too,
419 to be prepared when adding/deleting users)
420 */
421 $filter = "";
422 foreach ($this->memberUid as $value){
423 if(!isset($this->members[$value])){
424 $filter .= "(uid=".normalizeLdap($value).")";
425 }
426 }
427 if(!empty($filter)){
428 $ldap->cd($this->config->current['BASE']);
429 $ldap->search("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(|".$filter."))",array("uid","sn","givenName"));
430 while($attrs = $ldap->fetch()){
431 $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
432 $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
433 }
434 }
436 /* check if all uids are resolved */
437 foreach ($this->memberUid as $value){
438 if(!isset($this->members[$value])){
439 $this->members[$value] = _("! unknown id")." [".$value."]";
440 }
441 }
443 /* Create display list of users matching regex & filter
444 */
445 $this->displayUsers = array();
447 /* Set tag attribute if we've tagging activated */
448 $tag= "";
449 $ui= get_userinfo();
450 if ($ui->gosaUnitTag != "" && isset($this->config->current['STRICT_UNITS']) &&
451 preg_match('/TRUE/i', $this->config->current['STRICT_UNITS'])){
452 $tag= "(gosaUnitTag=".$ui->gosaUnitTag.")";
453 }
455 $filter = "(&(objectClass=gosaAccount)$tag(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
457 /* Search in current tree or within subtrees depending on the checkbox from filter section */
458 if($gufilter['SubSearchGroup']){
459 $ldap->search($filter, array("uid", "sn","givenName"));
460 }else{
461 $ldap->ls ($filter, get_people_ou().$gufilter['dselect'],array("uid", "sn", "givenName"));
462 }
463 $i = 0;
465 /* Fetch all users and skip already used users */
466 while($attrs = $ldap->fetch()){
467 if(in_array($attrs['uid'][0], $this->memberUid)) {
468 continue;
469 }
470 $i ++;
471 if($i > $MaxUser) {
472 break;
473 }
474 $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
475 $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
476 }
478 /* If more than max users are found, display a message to warn the user */
479 if(($i == $MaxUser)){
480 print_red(sprintf(_("Your search method returned more than '%s' users, only '%s' users are shown.") , $MaxUser,$MaxUser));
481 }
483 /* Sort lists */
484 natcasesort($this->members);
485 reset($this->members);
486 natcasesort ($this->displayUsers);
487 reset ($this->displayUsers);
488 }
491 /* Create display name, this was used so often that it is excluded into a seperate function */
492 function createResultName($attrs)
493 {
494 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
495 $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
496 } else {
497 $ret= $attrs['uid'][0];
498 }
499 return($ret);
500 }
503 function remove_from_parent()
504 {
505 plugin::remove_from_parent();
507 $ldap= $this->config->get_ldap_link();
508 $ldap->rmdir($this->dn);
509 show_ldap_error($ldap->get_error(), _("Removing group failed"));
511 /* Delete references to object groups */
512 $ldap->cd ($this->config->current['BASE']);
513 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".$this->dn."))", array("cn"));
514 while ($ldap->fetch()){
515 $og= new ogroup($this->config, $ldap->getDN());
516 unset($og->member[$this->dn]);
517 $og->save ();
518 }
520 /* Send signal to the world that we've done */
521 $this->handle_post_events("remove");
522 }
525 /* Save data to object */
526 function save_object()
527 {
528 /* Save additional values for possible next step */
529 if (isset($_POST['groupedit'])){
531 plugin::save_object();
533 $this->force_gid= 0;
534 $this->smbgroup= 0;
535 foreach (array("force_gid", "department", "base", "smbgroup") as $val) {
536 if (chkacl ($this->acl, "$val") == "" && isset($_POST["$val"])){
537 $this->$val= $_POST["$val"];
538 }
539 }
541 /* Save sambaDomain attribute */
542 if (chkacl ($this->acl, "sambaDomainName") == "" && $this->samba3 &&
543 isset ($_POST['sambaDomainName'])){
545 $this->sambaDomainName= $_POST['sambaDomainName'];
546 $this->groupType= $_POST['groupType'];
547 }
549 /* Save fon attribute */
550 if (chkacl ($this->acl, "fon_group") == ""){
551 if (isset ($_POST['fon_group'])){
552 $this->fon_group= TRUE;
553 } else {
554 $this->fon_group= FALSE;
555 }
556 }
557 if (chkacl ($this->acl, "nagios_group") == ""){
558 if (isset ($_POST['nagios_group'])){
559 $this->nagios_group= TRUE;
560 } else {
561 $this->nagios_group= FALSE;
562 }
563 }
564 }
565 }
568 /* Save to LDAP */
569 function save()
570 {
572 /* ID handling */
573 if ($this->force_gid == 0){
574 if ($this->saved_gidNumber != ""){
575 $this->gidNumber= $this->saved_gidNumber;
576 } else {
577 /* Calculate new, lock uids */
578 $wait= 10;
579 while (get_lock("uidnumber") != ""){
580 sleep (1);
582 /* timed out? */
583 if ($wait-- == 0){
584 break;
585 }
586 }
587 add_lock ("uidnumber", "gosa");
588 $this->gidNumber= $this->get_next_id("gidNumber");
589 }
590 }
592 plugin::save();
594 /* Remove objectClass for samba/phone support */
595 $tmp= array();
596 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
597 if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
598 $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
599 $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
600 $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
601 $tmp[]= $this->attrs['objectClass'][$i];
602 }
603 }
604 $this->attrs['objectClass']= $tmp;
605 $ldap= $this->config->get_ldap_link();
607 /* Add samba group functionality */
608 if ($this->samba3 && $this->smbgroup){
610 /* Fixed undefined index ...
611 */
612 $this->SID = $this->ridBase = "";
613 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
614 $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
615 }else{
616 print_red(sprintf(_("No configured SID found for '%s'."),$this->sambaDomainName));
617 }
618 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
619 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
620 }else{
621 print_red(sprintf(_("No configured RIDBASE found for '%s'."),$this->sambaDomainName));
622 }
624 $this->attrs['objectClass'][]= 'sambaGroupMapping';
625 $this->attrs['sambaGroupType']= "2";
627 /* Check if we need to create a special entry */
628 if ($this->groupType == 0){
630 if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
631 $gidNumber= $this->gidNumber;
632 while(TRUE){
633 $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
634 $ldap->cd($this->config->current['BASE']);
635 $ldap->search("(sambaSID=$sid)",array("sambaSID"));
636 if ($ldap->count() == 0){
637 break;
638 }
639 $gidNumber++;
640 }
641 $this->attrs['sambaSID']= $sid;
642 $this->sambaSID= $sid;
643 }
645 } else {
646 $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
647 }
649 /* User wants me to fake the idMappings? This is useful for
650 making winbind resolve the group names in a reasonable amount
651 of time in combination with larger databases. */
652 if (isset($this->config->current['SAMBAIDMAPPING']) &&
653 preg_match('/true/i', $this->config->current['SAMBAIDMAPPING'])){
654 $this->attrs['objectClass'][]= "sambaIdmapEntry";
655 }
657 }
659 /* Add phone functionality */
660 if ($this->fon_group){
661 $this->attrs['objectClass'][]= "goFonPickupGroup";
662 }
664 /* Add nagios functionality */
665 if ($this->nagios_group){
666 $this->attrs['objectClass'][]= "nagiosContactGroup";
667 }
669 /* Take members array */
670 if (count ($this->memberUid)){
671 $this->attrs['memberUid']= array_unique($this->memberUid);
672 }
674 /* New accounts need proper 'dn', propagate it to remaining objects */
675 if ($this->dn == 'new'){
676 $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
677 }
679 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
680 new entries. So do a check first... */
681 $ldap->cat ($this->dn, array('dn'));
682 if ($ldap->fetch()){
683 /* Modify needs array() to remove values :-( */
684 if (!count ($this->memberUid)){
685 $this->attrs['memberUid']= array();
686 }
687 if ($this->samba3){
688 if (!$this->smbgroup){
689 $this->attrs['sambaGroupType']= array();
690 $this->attrs['sambaSID']= array();
691 }
692 }
693 $mode= "modify";
694 } else {
695 $mode= "add";
696 $ldap->cd($this->config->current['BASE']);
697 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
698 }
700 /* Write back to ldap */
701 $ldap->cd($this->dn);
702 $this->cleanup();
703 $ldap->$mode($this->attrs);
705 $ret= 0;
706 if (show_ldap_error($ldap->get_error(), _("Saving group failed"))){
707 $ret= 1;
708 }
710 /* Remove uid lock */
711 del_lock ("uidnumber");
713 /* Post that we've done*/
714 $this->handle_post_events($mode);
716 return ($ret);
717 }
719 function check()
720 {
721 /* Call common method to give check the hook */
722 $message= plugin::check();
724 /* Permissions for that base? */
725 if ($this->base != ""){
726 $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
727 } else {
728 $new_dn= $this->dn;
729 }
731 $ui= get_userinfo();
732 $acl= get_permissions ($ui->dn, $ui->subtreeACL);
733 $acl= get_module_permission($acl, "group", $ui->dn);
734 if (chkacl($this->acl, "create") != ""){
735 $message[]= _("You have no permissions to create a group on this 'Base'.");
736 }
738 /* must: cn */
739 if ($this->cn == "" && chkacl ($this->acl, "cn") == ""){
740 $message[]= "The required field 'Name' is not set.";
741 }
743 /* Check for valid input */
744 if (!is_uid($this->cn)){
745 $message[]= _("The field 'Name' contains invalid characters. Lowercase, numbers and dashes are allowed.");
746 }
749 if($this->allowGroupsWithSameNameInOtherSubtrees == true){
751 /* Check for used 'cn' */
752 $ldap= $this->config->get_ldap_link();
753 if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
754 $ldap->cd("ou=groups,".$this->base);
755 $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
756 if ($ldap->count() != 0){
757 $message[]= _("Value specified as 'Name' is already used.");
758 }
759 }
761 }else{
763 /* Check for used 'cn' */
764 $ldap= $this->config->get_ldap_link();
765 $ldap->cd($this->config->current['BASE']);
766 $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
767 if ($ldap->count() != 0){
769 /* New entry? */
770 if ($this->dn == 'new'){
771 $message[]= _("Value specified as 'Name' is already used.");
772 }
774 /* Moved? */
775 elseif ($new_dn != $this->orig_dn){
776 $ldap->fetch();
777 if ($ldap->getDN() != $this->orig_dn){
778 $message[]= _("Value specified as 'Name' is already used.");
779 }
780 }
781 }
782 }
784 /* Check ID */
785 if ($this->force_gid == "1"){
786 if (!is_id($this->gidNumber)){
787 $message[]= _("Value specified as 'GID' is not valid.");
788 } else {
789 if ($this->gidNumber < $this->config->current['MINID']){
790 $message[]= _("Value specified as 'GID' is too small.");
791 }
793 }
794 }
796 return ($message);
797 }
799 function get_next_id($attrib)
800 {
801 $ids= array();
802 $ldap= $this->config->get_ldap_link();
804 $ldap->cd ($this->config->current['BASE']);
805 if (preg_match('/gidNumber/i', $attrib)){
806 $oc= "posixGroup";
807 } else {
808 $oc= "posixAccount";
809 }
810 $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
812 /* Get list of ids */
813 while ($attrs= $ldap->fetch()){
814 $ids[]= (int)$attrs["$attrib"][0];
815 }
817 /* Find out next free id near to UID_BASE */
818 for ($id= $this->config->current['UIDBASE']; $id++; $id < pow(2,32)){
819 if (!in_array($id, $ids)){
820 return ($id);
821 }
822 }
824 /* check if id reached maximum of 32 bit*/
825 if ($id >= pow(2,32)){
826 echo _("Too many users, can't allocate a free ID!");
827 exit;
828 }
829 }
831 function getCopyDialog()
832 {
833 $vars = array("cn");
835 if($this ->force_gid){
836 $used = " checked ";
837 $dis = "";
838 }else{
839 $used = "";
840 $dis = " disabled ";
841 }
843 $smarty = get_smarty();
844 $smarty->assign("used",$used);
845 $smarty->assign("dis" ,$dis);
846 $smarty->assign("cn" ,$this->cn);
847 $smarty->assign("gidNumber",$this->gidNumber);
848 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
849 $ret = array();
850 $ret['string'] = $str;
851 $ret['status'] = "";
852 return($ret);
853 }
855 function saveCopyDialog()
856 {
857 if(isset($_POST['cn'])){
858 $this->cn = $_POST['cn'];
859 }
860 if(isset($_POST['force_gid'])){
861 $this->force_gid = 1;
862 $this->gidNumber= $_POST['gidNumber'];
863 }else{
864 $this->force_gid = 0;
865 $this->gidNumber = false;
866 }
867 }
868 }
870 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
871 ?>