1 <?php
3 class group extends plugin
4 {
5 /* CLI vars */
6 var $cli_summary= "Handling of GOsa's base group object";
7 var $cli_description= "Some longer text\nfor help";
8 var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
10 /* Group attributes */
11 var $cn= "";
12 var $description= "";
13 var $gidNumber= "";
14 var $memberUid= array();
16 /* Helpers */
17 var $base= "";
18 var $force_gid= FALSE;
19 var $fon_group= FALSE;
20 var $smbgroup= FALSE;
21 var $groupType= FALSE;
22 var $samba3= FALSE;
23 var $sambaSID= "";
24 var $sambaDomainName= "DEFAULT";
25 var $SID= "";
26 var $ridBase= 0;
27 var $members= array();
28 var $users= array();
29 var $allusers= array();
30 var $saved_gidNumber= "";
31 var $oldgroupType= "";
32 var $orig_dn= "";
33 var $orig_cn= "";
34 var $has_mailAccount= FALSE;
35 var $group_dialog= FALSE;
36 var $nagios_group =FALSE;
37 var $sambaGroupType;
38 var $dialog;
39 var $OnlyShowFirstEntries =200;
41 var $allowGroupsWithSameNameInOtherSubtrees = true;
43 /* attribute list for save action */
44 var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID");
45 var $objectclasses= array("top", "posixGroup");
47 function group ($config, $dn= NULL)
48 {
49 plugin::plugin ($config, $dn);
51 /* Load attributes depending on the samba version */
52 $this->samba3= ($config->current['SAMBAVERSION'] == 3);
53 $this->orig_dn= $dn;
54 $this->orig_cn= $this->cn;
56 /* Get member list */
57 if (isset($this->attrs['memberUid'][0])){
58 $tmp= array();
59 for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
60 $tmp[]= $this->attrs['memberUid'][$i];
61 }
62 $this->memberUid= $tmp;
63 sort ($this->memberUid);
64 }
66 /* Save gidNumber for later use */
67 if (isset($this->attrs['gidNumber'])){
68 $this->saved_gidNumber= $this->attrs['gidNumber'][0];
69 }
71 /* Is a samba group? */
72 if (isset($this->attrs['objectClass'])){
73 if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == NULL ){
74 $this->smbgroup= FALSE;
75 } else {
76 $this->smbgroup= TRUE;
77 if (isset($this->attrs['sambaSID'])){
78 $this->sambaSID= $this->attrs['sambaSID'][0];
79 }
80 }
81 if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == NULL ){
82 $this->fon_group= FALSE;
83 } else {
84 $this->fon_group= TRUE;
85 }
86 if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == NULL ){
87 $this->nagios_group= FALSE;
88 } else {
89 $this->nagios_group= TRUE;
90 }
91 }
93 /* Set mail flag */
94 if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
95 $this->has_mailAccount= TRUE;
96 }
98 /* Get samba Domain in case of samba 3 */
99 if ($this->samba3 && $this->sambaSID != ""){
100 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
101 $ldap= $this->config->get_ldap_link();
102 $ldap->cd($this->config->current['BASE']);
103 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
104 if ($ldap->count() != 0){
105 $attrs= $ldap->fetch();
106 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
108 /* Get domain name for SID */
109 $this->sambaDomainName= "DEFAULT";
110 foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
111 if ($val['SID'] == $this->SID){
112 $this->sambaDomainName= $key;
113 break;
114 }
115 }
116 } else {
117 if (isset($this->config->current['RIDBASE'])){
118 $this->sambaDomainName= "DEFAULT";
119 $this->ridBase= $this->config->current['RIDBASE'];
120 $this->SID= $this->config->current['SID'];
121 } else {
122 print_red(_("Can't find this groups SID in LDAP or in your configuration file!"));
123 }
124 }
126 /* Get group type */
127 $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
128 if ($this->groupType < 500 || $this->groupType > 553){
129 $this->groupType= 0;
130 }
131 $this->oldgroupType= $this->groupType;
132 }
134 /* Get global filter config */
135 if (!is_global("gufilter")){
136 $ui= get_userinfo();
137 $base= get_base_from_people($ui->dn);
138 $gufilter= array( "dselect" => $base,
139 "regex" => "*");
140 register_global("gufilter", $gufilter);
141 }
142 $gufilter= get_global('gufilter');
144 $gufilter['SubSearchGroup'] = false;
145 $gufilter['dselect'] = $_SESSION['gufilter']['dselect'];
147 register_global('gufilter',$gufilter);
149 if ($this->dn == "new"){
150 if(isset($_SESSION['CurrentMainBase'])){
151 $this->base= $_SESSION['CurrentMainBase'];
152 }else{
153 $ui= get_userinfo();
154 $this->base= dn2base($ui->dn);
155 }
156 } else {
157 $this->base= preg_replace ("/^[^,]+,[^,]+,/", "", $this->dn);
158 }
160 /* This is always an account */
161 $this->is_account= TRUE;
162 $this->reload();
163 }
165 function execute()
166 {
167 /* Call parent execute */
168 plugin::execute();
170 /* Do we represent a valid group? */
171 if (!$this->is_account && $this->parent == NULL){
172 $display= "<img alt=\"\" src=\"images/stop.png\" align=\"middle\"> <b>".
173 _("This 'dn' is no group.")."</b>";
174 return ($display);
175 }
177 /* Delete user from group */
178 if (isset($_POST['del_users']) && isset($_POST['members'])){
179 foreach ($_POST['members'] as $value){
180 unset ($this->members["$value"]);
181 $this->removeUser($value);
182 }
183 $this->reload();
184 }
186 /* Add objects? */
187 if (isset($_POST["edit_membership"])){
188 $this->group_dialog= TRUE;
189 $this->dialog= TRUE;
190 }
192 /* Add objects finished? */
193 if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
194 $this->group_dialog= FALSE;
195 $this->dialog= FALSE;
196 }
198 /* Add user to group */
199 if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
200 foreach ($_POST['users'] as $value){
201 $this->members["$value"]= $this->allusers[$value];
202 asort($this->members);
203 $this->addUser($value);
204 }
205 $this->reload();
206 }
208 /* Only display bases that we are able to read/write */
209 $ui = get_userinfo();
210 $bases = array();
211 if($this->dn == "new") {
212 foreach($this->config->idepartments as $dn => $name){
213 $acl = $ui->get_permissions($dn,"groups/group") ;
214 if(preg_match("/c/",$acl)){
215 $bases[$dn]=$name;
216 }
217 }
218 }else{
219 foreach($this->config->idepartments as $dn => $name){
220 $acl = $ui->get_category_permissions($dn,"groups") ;
221 if(preg_match("/w/",$acl)){
222 $bases[$dn]=$name;
223 }
224 }
225 }
228 /* Base select dialog */
229 $once = true;
230 foreach($_POST as $name => $value){
231 if((preg_match("/^chooseBase/",$name) && $once) && ($this->acl_is_moveable())){
233 $once = false;
234 $this->dialog = new baseSelectDialog($this->config,$this,$bases);
235 $this->dialog->setCurrentBase($this->base);
236 }
237 }
239 /* Dialog handling */
240 if(is_object($this->dialog)){
241 /* Must be called before save_object */
242 $this->dialog->save_object();
244 if($this->dialog->isClosed()){
245 $this->dialog = false;
246 }elseif($this->dialog->isSelected()){
247 if($this->acl_is_moveable()){
248 $this->base = $this->dialog->isSelected();
249 }
250 $this->dialog= false;
251 }else{
252 return($this->dialog->execute());
253 }
254 }
256 /* Assign templating stuff */
257 $smarty= get_smarty();
258 if ($this->samba3){
259 $smarty->assign("samba3", "true");
260 } else {
261 $smarty->assign("samba3", "");
262 }
264 if(search_config($this->config->data['MENU'], "nagiosaccount", "CLASS")){
265 $smarty->assign("nagios",true);
266 }else{
267 $smarty->assign("nagios",false);
268 }
270 if(search_config($this->config->data['MENU'], "phoneAccount", "CLASS")){
271 $smarty->assign("pickupGroup",true);
272 }else{
273 $smarty->assign("pickupGroup",false);
274 }
276 /* Assign base ACL */
277 $baseACL = $this->getacl("base");
278 if(!$this->acl_is_moveable()) {
279 $baseACL = preg_replace("/w/","",$baseACL);
280 }
281 $smarty->assign("baseACL", $baseACL);
283 /* Manage object add dialog */
284 if ($this->group_dialog){
286 /* Save data */
287 $gufilter= get_global("gufilter");
288 foreach( array("dselect", "regex") as $type){
289 if (isset($_POST[$type])){
290 $gufilter[$type]= $_POST[$type];
291 }
292 }
293 if(isset($_POST['regex'])){
294 if(isset($_POST['SubSearchGroup'])){
295 $gufilter['SubSearchGroup'] = true;
296 }else{
297 $gufilter['SubSearchGroup'] = false;
298 }
299 }
301 if (isset($_GET['search'])){
302 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
303 if ($s == "**"){
304 $s= "*";
305 }
306 $gufilter['regex']= $s;
307 }
308 register_global("gufilter", $gufilter);
309 $this->reload();
311 /* Show dialog */
312 $smarty->assign("search_image", get_template_path('images/search.png'));
313 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
314 $smarty->assign("tree_image", get_template_path('images/tree.png'));
316 /* Generate list of bases */
317 $check = $ui->get_module_departments("users");
318 $bases_user_select = array();
319 foreach($check as $dn_allowed){
320 $bases_user_select[$dn_allowed] = $this->config->idepartments[$dn_allowed];
321 }
323 $smarty->assign("deplist", $bases_user_select);
324 $smarty->assign("alphabet", generate_alphabet());
325 foreach( array("dselect", "regex","SubSearchGroup") as $type){
326 $smarty->assign("$type", $gufilter[$type]);
327 }
328 $smarty->assign("hint", print_sizelimit_warning());
329 $smarty->assign("users", $this->displayUsers);
330 $smarty->assign("apply", apply_filter());
331 $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
332 return ($display);
333 }
335 /* Bases / Departments */
336 if (isset($_POST['base'])){
337 $this->base= $_POST['base'];
338 }
340 $smarty->assign("bases", $bases);
341 $smarty->assign("base_select", $this->base);
343 if ($this->samba3){
344 $domains= array();
345 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
346 $domains[$name]= $name;
347 }
348 $smarty->assign("sambaDomains", $domains);
349 $smarty->assign("sambaDomainName", $this->sambaDomainName);
350 $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
351 514 => _("Domain guests"));
353 /* Don't loose special groups! If not key'ed above, add it to
354 the combo box... */
355 if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
356 $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
357 }
359 $smarty->assign("groupTypes", $groupTypes);
360 $smarty->assign("groupType", $this->groupType);
361 }
363 /* Members and users */
364 $smarty->assign("members", $this->members);
366 /* Checkboxes */
367 foreach (array("force_gid", "smbgroup") as $val){
368 if ($this->$val == "1"){
369 $smarty->assign("$val", "checked");
370 } else {
371 $smarty->assign("$val", "");
372 }
373 }
374 if ($this->force_gid != "1"){
375 $smarty->assign("forceMode", "disabled");
376 }else{
377 $smarty->assign("forceMode", "");
378 }
379 if ($this->fon_group){
380 $smarty->assign("fon_group", "checked");
381 } else {
382 $smarty->assign("fon_group", "");
383 }
385 if ($this->nagios_group){
386 $smarty->assign("nagios_group", "checked");
387 } else {
388 $smarty->assign("nagios_group", "");
389 }
391 /* Fields */
392 foreach (array("cn", "description", "gidNumber") as $val){
393 $smarty->assign("$val", $this->$val);
394 }
396 $tmp = $this->plInfo();
397 foreach($tmp['plProvidedAcls'] as $name => $translation){
398 $smarty->assign($name."ACL",$this->getacl($name));
399 }
401 if($this->acl_is_writeable("base")){
402 $smarty->assign("baseSelect",true);
403 }else{
404 $smarty->assign("baseSelect",false);
405 }
407 /* Show main page */
408 $smarty->assign("alphabet", generate_alphabet(10));
409 $smarty->assign("search_image", get_template_path('images/search.png'));
410 $smarty->assign("launchimage", get_template_path('images/small_filter.png'));
411 $smarty->assign("tree_image", get_template_path('images/tree.png'));
412 $smarty->assign("deplist", $this->config->idepartments);
413 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
414 }
416 function addUser($uid)
417 {
418 $this->memberUid[]= $uid;
419 $this->memberUid= array_unique($this->memberUid);
420 }
422 function removeUser($uid)
423 {
424 $temp= array();
425 foreach ($this->memberUid as $value){
426 if ($value != $uid){
427 $temp[]= $value;
428 }
429 }
430 $this->memberUid= $temp;
431 }
434 /* Reload data */
435 function reload()
436 {
437 /* Fix regex string */
438 $gufilter = get_global("gufilter");
439 $regex = normalizeLdap($gufilter['regex']);
440 $MaxUser = $this->OnlyShowFirstEntries;
442 /* Prepare ldap link */
443 $ldap= $this->config->get_ldap_link();
444 $ldap->cd($gufilter['dselect']);
447 /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
448 (Store gathered sn/givenName informations in $this->allusers too,
449 to be prepared when adding/deleting users)
450 */
451 $filter = "";
452 foreach ($this->memberUid as $value){
453 if(!isset($this->members[$value])){
454 $filter .= "(uid=".normalizeLdap($value).")";
455 }
456 }
457 if(!empty($filter)){
458 $ldap->cd($this->config->current['BASE']);
459 $ldap->search("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(|".$filter."))",array("uid","sn","givenName"));
460 while($attrs = $ldap->fetch()){
461 $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
462 $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
463 }
464 }
466 /* check if all uids are resolved */
467 foreach ($this->memberUid as $value){
468 if(!isset($this->members[$value])){
469 $this->members[$value] = _("! unknown id")." [".$value."]";
470 }
471 }
473 /* Create display list of users matching regex & filter
474 */
475 $this->displayUsers = array();
476 $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
478 /* Search in current tree or within subtrees depending on the checkbox from filter section */
479 if($gufilter['SubSearchGroup']){
480 $flag = GL_SIZELIMIT | GL_SUBSEARCH;
481 $base = $gufilter['dselect'];
482 }else{
483 $flag = GL_SIZELIMIT ;
484 $base = get_people_ou().$gufilter['dselect'];
485 }
486 $i = 0;
489 $res = get_list($filter,"users",$base,array("uid", "sn", "givenName"),$flag);
491 /* Fetch all users and skip already used users */
492 foreach($res as $attrs){
493 if(in_array($attrs['uid'][0], $this->memberUid)) {
494 continue;
495 }
496 $i ++;
497 if($i > $MaxUser) {
498 break;
499 }
500 $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
501 $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
502 }
504 /* If more than max users are found, display a message to warn the user */
505 if(($i == $MaxUser)){
506 print_red(sprintf(_("Your search method returned more than '%s' users, only '%s' users are shown.") , $MaxUser,$MaxUser));
507 }
509 /* Sort lists */
510 natcasesort($this->members);
511 reset($this->members);
512 natcasesort ($this->displayUsers);
513 reset ($this->displayUsers);
514 }
517 /* Create display name, this was used so often that it is excluded into a seperate function */
518 function createResultName($attrs)
519 {
520 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
521 $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
522 } else {
523 $ret= $attrs['uid'][0];
524 }
525 return($ret);
526 }
529 function remove_from_parent()
530 {
531 plugin::remove_from_parent();
533 $ldap= $this->config->get_ldap_link();
534 $ldap->rmdir($this->dn);
535 show_ldap_error($ldap->get_error(), sprintf(_("Removing of groups/generic with dn '%s' failed."),$this->dn));
537 /* Delete references to object groups */
538 $ldap->cd ($this->config->current['BASE']);
539 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".$this->dn."))", array("cn"));
540 while ($ldap->fetch()){
541 $og= new ogroup($this->config, $ldap->getDN());
542 unset($og->member[$this->dn]);
543 $og->save ();
544 }
546 /* Send signal to the world that we've done */
547 $this->handle_post_events("remove");
548 }
551 /* Save data to object */
552 function save_object()
553 {
554 /* Save additional values for possible next step */
555 if (isset($_POST['groupedit'])){
557 plugin::save_object();
559 $this->force_gid= 0;
562 /* Only reset sambagroup flag if we are able to write this flag */
563 if($this->acl_is_writeable("sambaGroupType")){
564 $this->smbgroup = 0;
565 }
567 /* Get base selection */
568 if($this->acl_is_moveable() && isset($_POST['base'])){
569 $this->base = $_POST['base'];
570 }
572 foreach (array(
573 "force_gid" => "gidNumber",
574 "smbgroup" => "sambaGroupType") as $val => $aclname) {
575 if ($this->acl_is_writeable($aclname) && isset($_POST["$val"])){
576 $this->$val= $_POST["$val"];
577 }
578 }
580 /* Save sambaDomain attribute */
581 if ($this->acl_is_writeable("sambaDomainName") && $this->samba3 && isset ($_POST['sambaDomainName'])){
582 $this->sambaDomainName= $_POST['sambaDomainName'];
583 $this->groupType= $_POST['groupType'];
584 }
586 /* Save fon attribute */
587 if ($this->acl_is_writeable("fon_group")){
588 if (isset ($_POST['fon_group'])){
589 $this->fon_group= TRUE;
590 } else {
591 $this->fon_group= FALSE;
592 }
593 }
594 if ($this->acl_is_writeable("nagios_group")){
595 if (isset ($_POST['nagios_group'])){
596 $this->nagios_group= TRUE;
597 } else {
598 $this->nagios_group= FALSE;
599 }
600 }
601 }
602 }
605 /* Save to LDAP */
606 function save()
607 {
609 /* ID handling */
610 if ($this->force_gid == 0){
611 if ($this->saved_gidNumber != ""){
612 $this->gidNumber= $this->saved_gidNumber;
613 } else {
614 /* Calculate new, lock uids */
615 $wait= 10;
616 while (get_lock("uidnumber") != ""){
617 sleep (1);
619 /* timed out? */
620 if ($wait-- == 0){
621 break;
622 }
623 }
624 add_lock ("uidnumber", "gosa");
625 $this->gidNumber= $this->get_next_id("gidNumber");
626 }
627 }
629 plugin::save();
631 /* Remove objectClass for samba/phone support */
632 $tmp= array();
633 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
634 if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
635 $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
636 $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
637 $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
638 $tmp[]= $this->attrs['objectClass'][$i];
639 }
640 }
641 $this->attrs['objectClass']= $tmp;
642 $ldap= $this->config->get_ldap_link();
644 /* Add samba group functionality */
645 if ($this->samba3 && $this->smbgroup){
647 /* Fixed undefined index ...
648 */
649 $this->SID = $this->ridBase = "";
650 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
651 $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
652 }else{
653 print_red(sprintf(_("No configured SID found for '%s'."),$this->sambaDomainName));
654 }
655 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
656 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
657 }else{
658 print_red(sprintf(_("No configured RIDBASE found for '%s'."),$this->sambaDomainName));
659 }
661 $this->attrs['objectClass'][]= 'sambaGroupMapping';
662 $this->attrs['sambaGroupType']= "2";
664 /* Check if we need to create a special entry */
665 if ($this->groupType == 0){
667 if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
668 $gidNumber= $this->gidNumber;
669 while(TRUE){
670 $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
671 $ldap->cd($this->config->current['BASE']);
672 $ldap->search("(sambaSID=$sid)",array("sambaSID"));
673 if ($ldap->count() == 0){
674 break;
675 }
676 $gidNumber++;
677 }
678 $this->attrs['sambaSID']= $sid;
679 $this->sambaSID= $sid;
680 }
682 } else {
683 $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
684 }
686 /* User wants me to fake the idMappings? This is useful for
687 making winbind resolve the group names in a reasonable amount
688 of time in combination with larger databases. */
689 if (isset($this->config->current['SAMBAIDMAPPING']) &&
690 preg_match('/true/i', $this->config->current['SAMBAIDMAPPING'])){
691 $this->attrs['objectClass'][]= "sambaIdmapEntry";
692 }
694 }
696 /* Add phone functionality */
697 if ($this->fon_group){
698 $this->attrs['objectClass'][]= "goFonPickupGroup";
699 }
701 /* Add nagios functionality */
702 if ($this->nagios_group){
703 $this->attrs['objectClass'][]= "nagiosContactGroup";
704 }
706 /* Take members array */
707 if (count ($this->memberUid)){
708 $this->attrs['memberUid']= array_unique($this->memberUid);
709 }
711 /* New accounts need proper 'dn', propagate it to remaining objects */
712 if ($this->dn == 'new'){
713 $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
714 }
716 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
717 new entries. So do a check first... */
718 $ldap->cat ($this->dn, array('dn'));
719 if ($ldap->fetch()){
720 /* Modify needs array() to remove values :-( */
721 if (!count ($this->memberUid)){
722 $this->attrs['memberUid']= array();
723 }
724 if ($this->samba3){
725 if (!$this->smbgroup){
726 $this->attrs['sambaGroupType']= array();
727 $this->attrs['sambaSID']= array();
728 }
729 }
730 $mode= "modify";
731 } else {
732 $mode= "add";
733 $ldap->cd($this->config->current['BASE']);
734 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
735 }
737 /* Write back to ldap */
738 $ldap->cd($this->dn);
739 $this->cleanup();
740 $ldap->$mode($this->attrs);
742 $ret= 0;
743 if ( show_ldap_error($ldap->get_error(), sprintf(_("Removing of groups/generic with dn '%s' failed."),$this->dn))){
744 $ret= 1;
745 }
747 /* Remove uid lock */
748 del_lock ("uidnumber");
750 /* Post that we've done*/
751 $this->handle_post_events($mode);
753 return ($ret);
754 }
756 function check()
757 {
758 /* Call common method to give check the hook */
759 $message= plugin::check();
761 /* Permissions for that base? */
762 if ($this->base != ""){
763 $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
764 } else {
765 $new_dn= $this->dn;
766 }
768 if ($this->orig_dn == "new" && !$this->acl_is_createable()){
769 $message[]= _("You have no permissions to create a group on this 'Base'.");
770 }
772 /* must: cn */
773 if ($this->cn == "" && $this->acl_is_writeable("cn")){
774 $message[]= "The required field 'Name' is not set.";
775 }
777 /* Check for valid input */
778 if (!is_uid($this->cn)){
779 $message[]= _("The field 'Name' contains invalid characters. Lowercase, numbers and dashes are allowed.");
780 }
782 if($this->allowGroupsWithSameNameInOtherSubtrees == true){
784 /* Check for used 'cn' */
785 $ldap= $this->config->get_ldap_link();
786 if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
787 $ldap->cd("ou=groups,".$this->base);
788 $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
789 if ($ldap->count() != 0){
790 $message[]= _("Value specified as 'Name' is already used.");
791 }
792 }
794 }else{
796 /* Check for used 'cn' */
797 $ldap= $this->config->get_ldap_link();
798 $ldap->cd($this->config->current['BASE']);
799 $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
800 if ($ldap->count() != 0){
802 /* New entry? */
803 if ($this->dn == 'new'){
804 $message[]= _("Value specified as 'Name' is already used.");
805 }
807 /* Moved? */
808 elseif ($new_dn != $this->orig_dn){
809 $ldap->fetch();
810 if ($ldap->getDN() != $this->orig_dn){
811 $message[]= _("Value specified as 'Name' is already used.");
812 }
813 }
814 }
815 }
817 /* Check ID */
818 if ($this->force_gid == "1"){
819 if (!is_id($this->gidNumber)){
820 $message[]= _("Value specified as 'GID' is not valid.");
821 } else {
822 if ($this->gidNumber < $this->config->current['MINID']){
823 $message[]= _("Value specified as 'GID' is too small.");
824 }
826 }
827 }
829 return ($message);
830 }
832 function get_next_id($attrib)
833 {
834 $ids= array();
835 $ldap= $this->config->get_ldap_link();
837 $ldap->cd ($this->config->current['BASE']);
838 if (preg_match('/gidNumber/i', $attrib)){
839 $oc= "posixGroup";
840 } else {
841 $oc= "posixAccount";
842 }
843 $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
845 /* Get list of ids */
846 while ($attrs= $ldap->fetch()){
847 $ids[]= (int)$attrs["$attrib"][0];
848 }
850 /* Find out next free id near to UID_BASE */
851 for ($id= $this->config->current['UIDBASE']; $id++; $id<65000){
852 if (!in_array($id, $ids)){
853 return ($id);
854 }
855 }
857 /* Should not happen */
858 if ($id == 65000){
859 print_red(_("Too many users, can't allocate a free ID!"));
860 exit;
861 }
862 }
864 function getCopyDialog()
865 {
866 $vars = array("cn");
868 if($this ->force_gid){
869 $used = " checked ";
870 $dis = "";
871 }else{
872 $used = "";
873 $dis = " disabled ";
874 }
876 $smarty = get_smarty();
877 $smarty->assign("used",$used);
878 $smarty->assign("dis" ,$dis);
879 $smarty->assign("cn" ,$this->cn);
880 $smarty->assign("gidNumber",$this->gidNumber);
881 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
882 $ret = array();
883 $ret['string'] = $str;
884 $ret['status'] = "";
885 return($ret);
886 }
888 function saveCopyDialog()
889 {
890 if(isset($_POST['cn'])){
891 $this->cn = $_POST['cn'];
892 }
893 if(isset($_POST['force_gid'])){
894 $this->force_gid = 1;
895 $this->gidNumber= $_POST['gidNumber'];
896 }else{
897 $this->force_gid = 0;
898 $this->gidNumber = false;
899 }
900 }
903 /* Return plugin informations for acl handling */
904 function plInfo()
905 {
906 return (array(
907 "plShortName" => _("Generic"),
908 "plDescription" => _("Generic group settings"),
909 "plSelfModify" => FALSE,
910 "plDepends" => array(),
911 "plPriority" => 0,
912 "plSection" => array("admin"),
913 "plCategory" => array("groups" => array("objectClass" => "posixGroup", "description" => _("Groups"))),
915 "plProvidedAcls" => array(
916 "cn" => _("Name"),
917 "description" => _("Description"),
919 "fonGroup" => _("Phone pickup group"),
920 "nagiosGroup" => _("Nagios group"),
922 "gidNumber" => _("GID"),
923 "memberUid" => _("Group member"),
924 "sambaGroupType" => _("Samba group type"),
925 "sambaDomainName" => _("Samba domain name"),
926 "sambaSID" => _("Samba SID"))
927 ));
928 }
929 }
931 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
932 ?>