1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2003 Cajus Pollmeier
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
20 require "tabs_group.inc";
22 class groupManagement extends plugin
23 {
24 /* Definitions */
25 var $plHeadline= "Groups";
26 var $plDescription= "This does something";
27 var $departments = array();
29 /* Dialog attributes */
30 var $grouptab= NULL;
31 var $grouplist= array();
32 var $ui= NULL;
33 var $acl= "";
35 function groupManagement ($config, $ui)
36 {
37 /* Save configuration for internal use */
38 $this->config= $config;
39 $this->ui= $ui;
41 /* Get global filter config */
42 if (!is_global("groupfilter")){
43 $base= get_base_from_people($ui->dn);
44 $groupfilter= array("primarygroups" => "checked",
45 "mailgroups" => "checked",
46 "sambagroups" => "checked",
47 "appgroups" => "checked",
48 "functionalgroups" => "checked",
49 "guser" => "*",
50 "subsearch" => "",
51 "depselect" => $base,
52 "regex" => "*");
53 register_global("groupfilter", $groupfilter);
54 }
55 }
57 function execute()
58 {
59 /* Call parent execute */
60 plugin::execute();
62 /* Save data */
63 $groupfilter= get_global("groupfilter");
64 $s_action = "";
65 $s_entry = "";
68 if (!isset($this->grouptab)){
69 foreach( array("depselect", "guser", "regex") as $type){
70 if (isset($_POST[$type])){
71 $groupfilter[$type]= $_POST[$type];
72 }
73 }
74 if (isset($_POST['regex'])){
75 foreach( array("primarygroups", "sambagroups", "mailgroups", "appgroups",
76 "functionalgroups", "subsearch") as $type){
78 if (isset($_POST[$type])) {
79 $groupfilter[$type]= "checked";
80 } else {
81 $groupfilter[$type]= "";
82 }
83 }
84 }
85 if (isset($_GET['search'])){
86 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
87 if ($s == "**"){
88 $s= "*";
89 }
90 $groupfilter['regex']= $s;
91 }
92 register_global("groupfilter", $groupfilter);
93 }
96 /* Test Posts */
97 foreach($_POST as $key => $val){
98 // Post for delete
99 if(preg_match("/group_del.*/",$key)){
100 $s_action = "del";
101 $s_entry = preg_replace("/group_".$s_action."_/i","",$key);
102 // Post for edit
103 }elseif(preg_match("/group_edit_.*/",$key)){
104 $s_action="edit";
105 $s_entry = preg_replace("/group_".$s_action."_/i","",$key);
106 // Post for new
107 }elseif(preg_match("/dep_back.*/i",$key)){
108 $s_action="back";
109 }elseif(preg_match("/group_new.*/",$key)){
110 $s_action="new";
111 }elseif(preg_match("/dep_home.*/i",$key)){
112 $s_action="home";
113 }elseif(preg_match("/group_tplnew.*/i",$key)){
114 $s_action="new_tpl";
115 }elseif(preg_match("/group_chgpw.*/i",$key)){
116 $s_action="change_pw";
117 $s_entry = preg_replace("/group_chgpw_/i","",$key);
118 }elseif(preg_match("/dep_root.*/i",$key)){
119 $s_action="root";
120 }
121 }
122 $s_entry = preg_replace("/_.$/","",$s_entry);
124 /* Start for New List Managment */
125 if(isset($_GET['act'])&&($_GET['act']=="dep_open")){
126 $s_action="open";
127 $s_entry = base64_decode($_GET['dep_id']);
128 $groupfilter['depselect']= "".$this->config->departments[trim($s_entry)];
129 }
131 // Edit if
132 if((isset($_GET['act']))&&($_GET['act']=="edit_entry")){
133 $s_action ="edit";
134 $s_entry = $_GET['id'];
135 }
137 /* Department changed? */
138 if(isset($_POST['depselect']) && $_POST['depselect']){
139 $groupfilter['depselect']= $_POST['depselect'];
140 }
142 /* Homebutton is posted */
143 if($s_action=="home"){
144 $groupfilter['depselect']= (preg_replace("/^[^,]+,/","",$this->ui->dn));
145 $groupfilter['depselect']= (preg_replace("/^[^,]+,/","",$groupfilter['depselect']));
146 }
148 if($s_action=="root"){
149 $groupfilter['depselect']=($this->config->current['BASE']);
150 }
152 /* If Backbutton is Posted */
153 if($s_action == "back"){
154 $base_back= preg_replace("/^[^,]+,/","",$groupfilter['depselect']);
155 $base_back= convert_department_dn($base_back);
157 if(isset($this->config->departments[trim($base_back)])){
158 $groupfilter['depselect']= $this->config->departments[trim($base_back)];
159 }else{
160 $groupfilter['depselect']= $this->config->departments["/"];
161 }
162 }
163 register_global("groupfilter", $groupfilter);
165 $smarty= get_smarty();
167 /* Prepare formular */
168 $this->reload();
170 /* Check for exeeded sizelimit */
171 if (($message= check_sizelimit()) != ""){
172 return($message);
173 }
175 /* New group? */
176 if ($s_action=="new"){
178 /* By default we set 'dn' to 'new', all relevant plugins will
179 react on this. */
180 $this->dn= "new";
182 /* Create new usertab object */
183 $this->grouptab= new grouptabs($this->config,
184 $this->config->data['TABS']['GROUPTABS'], $this->dn);
185 /* Set up the users ACL's for this 'dn' */
186 $acl= get_permissions ($groupfilter['depselect'], $this->ui->subtreeACL);
187 $this->grouptab->set_acl($acl);
188 }
190 /* Cancel dialogs */
191 if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){
192 del_lock ($this->grouptab->dn);
193 unset ($this->grouptab);
194 $this->grouptab= NULL;
195 unset($_SESSION['objectinfo']);
196 }
198 /* Finish group edit is triggered by the tabulator dialog, so
199 the user wants to save edited data. Check and save at this
200 point. */
201 if (isset($_POST['edit_finish'])){
203 /* Check tabs, will feed message array */
204 $message= $this->grouptab->check();
206 /* Save, or display error message? */
207 if (count($message) == 0){
209 /* Save user data to ldap */
210 $this->grouptab->save();
211 gosa_log ("Group object'".$this->dn."' has been saved");
213 /* Group has been saved successfully, remove lock from
214 LDAP. */
215 if ($this->dn != "new"){
216 del_lock ($this->dn);
217 }
219 /* There's no page reload so we have to read new users at
220 this point. */
221 $this->reload ();
222 unset ($this->grouptab);
223 $this->grouptab= NULL;
224 unset ($_SESSION['objectinfo']);
226 } else {
227 /* Ok. There seem to be errors regarding to the tab data,
228 show message and continue as usual. */
229 show_errors($message);
230 }
231 }
233 /* User wants to edit data? */
234 if ($s_action=="edit"){
236 /* Get 'dn' from posted 'uid', must be unique */
237 $this->dn= $this->grouplist[trim($s_entry)]['dn'];
239 /* Check locking, save current plugin in 'back_plugin', so
240 the dialog knows where to return. */
242 $user = get_lock($this->dn);
244 if ($user != ""){
245 return(gen_locked_message ($user, $this->dn));
246 }
248 /* Lock the current entry, so everyone will get the
249 above dialog */
250 add_lock ($this->dn, $this->ui->dn);
252 /* Set up the users ACL's for this 'dn' */
253 $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
255 /* Register grouptab to trigger edit dialog */
256 $this->grouptab= new grouptabs($this->config,
257 $this->config->data['TABS']['GROUPTABS'], $this->dn);
258 $this->grouptab->set_acl($acl);
259 $_SESSION['objectinfo']= $this->dn;
260 }
262 /* Remove user was requested */
263 if ($s_action=="del"){
264 /* Get 'dn' from posted 'uid' */
265 $this->dn= $this->grouplist[trim($s_entry)]['dn'];
267 /* Load permissions for selected 'dn' and check if
268 we're allowed to remove this 'dn' */
269 $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
270 $this->acl= get_module_permission($acl, "group", $this->dn);
271 if (chkacl($this->acl, "delete") == ""){
273 /* Check locking, save current plugin in 'back_plugin', so
274 the dialog knows where to return. */
275 if (($user= get_lock($this->dn)) != ""){
276 return(gen_locked_message ($user, $this->dn));
277 }
279 /* Lock the current entry, so nobody will edit it during deletion */
280 add_lock ($this->dn, $this->ui->dn);
281 $smarty->assign("info", sprintf(_("You're about to delete the group '%s'."), $this->dn));
282 return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
283 } else {
285 /* Obviously the user isn't allowed to delete. Show message and
286 clean session. */
287 print_red (_("You are not allowed to delete this group!"));
288 }
289 }
291 /* Confirmation for deletion has been passed. Group should be deleted. */
292 if (isset($_POST['delete_group_confirm'])){
294 /* Some nice guy may send this as POST, so we've to check
295 for the permissions again. */
296 if (chkacl($this->acl, "delete") == ""){
298 /* Delete request is permitted, perform LDAP action */
299 $this->grouptab= new grouptabs($this->config,
300 $this->config->data['TABS']['GROUPTABS'], $this->dn);
301 $this->grouptab->set_acl(array($this->acl));
302 $this->grouptab->delete ();
303 gosa_log ("Group object'".$this->dn."' has been removed");
304 unset ($this->grouptab);
305 $this->grouptab= NULL;
307 /* Group list has changed, reload it. */
308 $this->reload ();
309 } else {
311 /* Normally this shouldn't be reached, send some extra
312 logs to notify the administrator */
313 print_red (_("You are not allowed to delete this group!"));
314 gosa_log ("Warning: '".$this->ui->uid."' tried to trick group deletion.");
315 }
317 /* Remove lock file after successfull deletion */
318 del_lock ($this->dn);
319 unset($_SESSION['objectinfo']);
320 }
323 /* Delete group canceled? */
324 if (isset($_POST['delete_cancel'])){
325 del_lock ($this->dn);
326 unset($_SESSION['objectinfo']);
327 }
329 /* Show tab dialog if object is present */
330 if ($this->grouptab){
331 $display= $this->grouptab->execute();
333 /* Don't show buttons if tab dialog requests this */
334 if (!$this->grouptab->by_object[$this->grouptab->current]->dialog){
335 $display.= "<p style=\"text-align:right\">\n";
336 $display.= "<input type=submit name=\"edit_finish\" value=\""._("Finish")."\">\n";
337 $display.= " \n";
338 $display.= "<input type=submit name=\"edit_cancel\" value=\""._("Cancel")."\">\n";
339 $display.= "</p>";
340 }
341 return ($display);
342 }
344 /* Prepare departments */
345 $options= "";
346 foreach ($this->config->idepartments as $key => $value){
347 if ($groupfilter['depselect'] == $key){
348 $options.= "<option selected value='$key'>$value</option>";
349 } else {
350 $options.= "<option value='$key'>$value</option>";
351 }
352 }
354 // Managment
355 $listhead = "<div style='background:#F0F0F9;padding:5px;'>".
356 " <input type='image' class='center' src='images/list_back.png' title='"._("Go up one department")."' alt='"._("Up")."' name='dep_back'> ".
357 " <input type='image' class='center' src='images/list_root.png' title='"._("Go to root department")."' name='dep_root' alt='"._("Root")."'> ".
358 " <input type='image' class='center' src='images/list_home.png' title='"._("Go to users department")."' alt='"._("Home")."' name='dep_home'> ".
359 " <img class='center' src='images/list_seperator.png' alt='' height='16' width='1'> ".
360 " <input type='image' class='center' src='images/list_new_group.png' title='"._("Create new group")."' alt='"._("New")."' name='group_new'> ".
361 " <img class='center' src='images/list_seperator.png' alt='' height='16' width='1'> ".
362 _("Base")." <select name='depselect' onChange='mainform.submit()' class='center'>$options</select>".
363 " <input type='image' class='center' src='images/list_submit.png' title='"._("Submit department")."' name='submit_department' alt='"._("Submit")."'> ".
364 "</div>";
367 $actions = "<input class='center' type='image' src='images/edit.png' alt='"._("edit")."' name='group_edit_%KEY%' title='"._("Edit this entry")."'>";
368 $actions.= "<input class='center' type='image' src='images/edittrash.png' alt='"._("delete")."' name='group_del_%KEY%' title='"._("Delete this entry")."'>";
370 // Defining Links
371 $linkopen = "<a href='?plug=".$_GET['plug']."&act=dep_open&dep_id=%s'>%s</a>";
373 // image Buttons
374 $editlink = "<a href='?plug=".$_GET['plug']."&id=%s&act=edit_entry'>%s</a>";
375 $userimg = "<img class='center' src='images/select_groups.png' alt='User' title='%s'>";
377 // Extension images
378 $posiximg = "<img class='center' src='images/select_groups.png' alt='P' title='"._("Posix") ."'>";
379 $mailimg = "<img class='center' src='images/mailto.png' alt='M' title='"._("Mail") ."'>";
380 $sambaimg = "<img class='center' src='images/select_winstation.png' alt='S' title='"._("Samba") ."'>";
381 $applimg = "<img class='center' src='images/select_application.png' alt='A' title='"._("Application")."'>";
382 $phoneimg = "<img class='center' src='images/select_phone.png' alt='Ph' title='"._("Phone") ."'>";
383 $envimg = "<img class='center' src='images/smallenv.png' alt='E' title='"._("Environment") ."'>";
384 // Space
385 $empty = "<img class='center' src='images/empty.png' style='width:16px;height:16px;' alt=''>";
388 $divlist = new divlist("groupstab");
389 $divlist->SetHeader(array(
390 array("string" => " ", "attach" => "style='text-align:center;width:20px;'"),
391 array("string" => _("Groupname")." / "._("Department"), "attach" => "style=''"),
392 array("string" => _("Properties"), "attach" => "style='width:136px;'"),
393 array("string" => _("Actions"), "attach" => "style='width:60px;border-right:0px;text-align:right;'")
394 ));
396 $divlist->SetSummary(_("This table displays all groups, in the selected tree."));
397 $divlist->SetEntriesPerPage(0);
399 foreach($this->departments as $key=> $val){
401 if(!isset($this->config->departments[trim($key)])){
402 $this->config->departments[trim($key)]="";
403 }
405 $non_empty="";
406 $keys= str_replace("/","\/",$key);
407 foreach($this->config->departments as $keyd=>$vald ){
408 if(preg_match("/".$keys."\/.*/",$keyd)){
409 $non_empty="full";
410 }
411 }
414 $field1 = array("string" => "<img src='images/".$non_empty."folder.png' alt='department'>", "attach" => "style='text-align:center;width:20px;'");
415 $field2 = array("string" => sprintf($linkopen,base64_encode($key),$val), "attach" => "style=''");
416 $field3 = array("string" => " ", "attach" => "style='width:136px;'");
417 $field4 = array("string" => " ", "attach" => "style='width:60px;border-right:0px;text-align:right;'");
419 $divlist->AddEntry(array($field1,$field2,$field3,$field4));
420 }
422 foreach($this->grouplist as $key => $val){
424 if(isset($val['objectClass'])){
425 if(in_array("posixGroup", $val['objectClass'])) $posix = $posiximg; else $posix = $empty;
426 if(in_array("gosaMailAccount", $val['objectClass'])) $mail = $mailimg; else $mail = $empty;
427 if(in_array("sambaGroupMapping", $val['objectClass'])) $samba = $sambaimg; else $samba = $empty;
428 if(in_array("gosaApplicationGroup", $val['objectClass'])) $appl = $applimg; else $appl = $empty;
429 if(in_array("goFonPickupGroup", $val['objectClass'])) $phone = $phoneimg; else $phone = $empty;
430 if(in_array("gotoEnvironment", $val['objectClass'])) $enviro= $envimg; else $enviro = $empty;
431 }else{
432 $posix=$mail=$samba=$appl=$phone=$empty;
433 }
435 $title = "title='gid : ".$key." - dn : ".$val['dn']."'";
437 if(!isset($val['description'][0])){
438 $desc = "";
439 }else{
440 $desc = " - [ ".$val['description'][0]." ]";
441 }
442 $field1 = array("string" => sprintf($userimg,$val['dn']), "attach" => "style='text-align:center;width:20px;'");
443 $field2 = array("string" => sprintf($editlink,$key,($val['cn']['0'].$desc)), "attach" => "style='' ".$title);
444 $field3 = array("string" => $posix." ".$enviro." ".$mail." ".$samba." ".$appl." ".$phone, "attach" => "style='width:136px;'");
445 $field4 = array("string" => preg_replace("/%KEY%/", $key, $actions), "attach" => "style='width:60px;border-right:0px;text-align:right;'");
447 $divlist->AddEntry(array($field1,$field2,$field3,$field4));
448 }
450 /* Show main page */
451 $smarty->assign("grouplisthead", $listhead);
452 $smarty->assign("grouplist", $divlist->DrawList());
453 $smarty->assign("search_image", get_template_path('images/search.png'));
454 $smarty->assign("searchu_image", get_template_path('images/search_user.png'));
455 $smarty->assign("tree_image", get_template_path('images/tree.png'));
456 $smarty->assign("infoimage", get_template_path('images/info.png'));
457 $smarty->assign("launchimage", get_template_path('images/launch.png'));
458 $smarty->assign("deplist", $this->config->idepartments);
459 foreach( array("depselect", "guser", "regex", "primarygroups", "mailgroups","appgroups", "sambagroups", "functionalgroups", "subsearch") as $type){
460 $smarty->assign("$type", $groupfilter[$type]);
461 }
463 /* Extend if we are not using javascript */
464 $smarty->assign("apply", apply_filter());
465 $smarty->assign("alphabet", generate_alphabet());
466 $smarty->assign("hint", print_sizelimit_warning());
468 return($smarty->fetch(get_template_path('headpage.tpl', TRUE)));
469 }
471 function reload($CreatePosixsList=false)
472 {
473 /* Get config */
474 $groupfilter= get_global('groupfilter');
476 /* Set base for all searches */
477 $base= $groupfilter['depselect'];
479 /* Regex filter? */
480 if ($groupfilter['regex'] != ""){
481 $regex= $groupfilter['regex'];
482 } else {
483 $regex= "*";
484 }
486 /* User filter? */
487 $filter= "(objectclass=posixGroup)";
488 $error= "";
489 $error2= "";
490 $this->grouplist= array();
492 /* What are primary groups? */
493 $primaries= array();
494 $ldap= $this->config->get_ldap_link();
495 $ldap->cd($base);
496 $ldap->search("(&(uid=$regex)(!(uid=*$))(objectClass=posixAccount)(gidNumber=*))", array("gidNumber", "cn"));
497 show_ldap_error($ldap->get_error());
498 while ($attrs= $ldap->fetch()){
499 $primaries[$attrs['gidNumber'][0]]= $attrs['cn'][0];
500 }
502 /* Set filter depending on selection */
503 $sfilter= "";
504 if ($groupfilter['appgroups'] == "checked"){
505 $filter.= "(objectClass=gosaApplicationGroup)";
506 }
507 if ($this->config->current['SAMBAVERSION'] == 3){
508 if ($groupfilter['primarygroups'] != "checked"){
509 $sfilter= "(objectClass=sambaGroupMapping)";
510 } elseif ($groupfilter['sambagroups'] == "checked"){
511 $filter.= "(objectClass=sambaGroupMapping)";
512 }
513 }
515 if ($groupfilter['mailgroups'] == "checked"){
516 $filter.= "(objectClass=gosaMailAccount)";
517 }
518 $functional= array();
519 $ldap->cd(get_groups_ou().$base);
520 $ldap->set_size_limit($_SESSION['size_limit']);
521 $ldap->search("(&(cn=$regex)(objectClass=posixGroup)(!(|(objectClass=gosaMailAccount)(objectClass=gosaApplicationGroup)$sfilter)))", array("cn", "gidNumber", "description"));
522 $error2= $ldap->error;
523 while ($attrs= $ldap->fetch()){
524 if (!isset($primaries[$attrs['gidNumber'][0]])){
525 $functional[$attrs['gidNumber'][0]]= $attrs['gidNumber'][0];
526 }
527 }
529 /*
530 * We also need to search for the departments
531 * So we are able to navigate like in konquerer
532 */
534 $res3 = get_list2($this->ui->subtreeACL, "(&(|(ou=$regex)(description=$regex))(objectClass=gosaDepartment))",
535 FALSE, $base, array("ou", "description"), TRUE);
536 $this->departments= array();
537 $tmp = array();
538 foreach ($res3 as $value){
539 $tmp[strtolower($value['dn']).$value['dn']]=$value;
540 }
541 ksort($tmp);
542 foreach($tmp as $value){
543 if(isset($value["description"][0])){
544 $this->departments[$value['dn']]=convert_department_dn2($value['dn'])." - [".$value["description"][0]."]";
545 }else{
546 $this->departments[$value['dn']]= convert_department_dn2($value['dn']);//$value["description"][0];
547 }
548 }
549 /* Ende department generation
550 */
552 /* Generate grouplist */
553 if ($filter != ""){
554 $filter= "(&(cn=$regex)(objectClass=posixGroup)(|$filter))";
555 if ($groupfilter['guser'] != ""){
556 $filter= "(&(|(memberUID=" . $groupfilter['guser'] . ")(cn=" . $groupfilter['guser'] . "))$filter)";
557 }
558 }
560 /* Depending on $CreatePosixsList we have to create different lists */
562 if ($groupfilter['subsearch'] == "checked"){
563 $res= get_list($this->ui->subtreeACL, "$filter", FALSE, $base, array("cn", "description", "gidNumber"), TRUE);
564 } else {
565 $base= get_groups_ou().$base;
566 $res= get_list($this->ui->subtreeACL, "$filter", FALSE, $base, array("cn", "description", "gidNumber"), TRUE);
567 }
568 if (preg_match("/size limit/i", $error) || preg_match("/size limit/i", $error2)){
569 $_SESSION['limit_exceeded']= TRUE;
570 }
572 foreach ($res as $value){
573 if ($groupfilter['functionalgroups'] != "checked" && isset($functional[$value['gidNumber'][0]])){
574 continue;
575 }
576 if ($groupfilter['primarygroups'] == "checked"){
577 $this->grouplist[$value['gidNumber'][0]]= $value;
578 } else {
579 if (!isset($primaries[$value['gidNumber'][0]])){
580 $this->grouplist[$value['gidNumber'][0]]= $value;
581 }
582 }
583 }
585 $tmp=array();
587 /* Create result for group management listbox*/
588 foreach($this->grouplist as $tkey => $val ){
589 $tmp[strtolower($val['cn'][0]).$val['cn'][0]]=$val;
590 }
591 ksort($tmp);
592 $this->grouplist=array();
593 foreach($tmp as $val){
594 $this->grouplist[]=$val;
595 }
596 reset ($this->grouplist);
597 }
599 function remove_from_parent()
600 {
601 /* Optionally execute a command after we're done */
602 $this->postremove();
603 }
606 /* Save data to object */
607 function save_object()
608 {
609 }
612 /* Check values */
613 function check()
614 {
615 }
618 /* Save to LDAP */
619 function save()
620 {
621 /* Optionally execute a command after we're done */
622 $this->postcreate();
623 }
625 function adapt_from_template($dn)
626 {
627 }
629 function password_change_needed()
630 {
631 }
633 function show_header($button_text, $text, $disabled= FALSE)
634 {
635 }
637 function remove_lock()
638 {
639 if (isset($this->grouptab->dn)){
640 del_lock ($this->grouptab->dn);
641 }
642 }
644 }
646 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
647 ?>