Code

Ogroup acl updates
[gosa.git] / plugins / admin / ogroups / class_ogroupManagement.inc
1 <?php
2 /*
3    This code is part of GOsa (https://gosa.gonicus.de)
4    Copyright (C) 2004 Cajus Pollmeier
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License as published by
8    the Free Software Foundation; either version 2 of the License, or
9    (at your option) any later version.
11    This program is distributed in the hope that it will be useful,
12    but WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14    GNU General Public License for more details.
16    You should have received a copy of the GNU General Public License
17    along with this program; if not, write to the Free Software
18    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
19  */
20 require "tabs_ogroups.inc";
22 class ogroupManagement extends plugin
23 {
24   /* Definitions */
25   var $plHeadline= "Object groups";
26   var $plDescription= "This does something";
28   /* attribute list for save action */
29   var $attributes= array();
30   var $objectclasses= array();
31   var $obtypes= array();
32   var $ogroup;
34   var $CopyPasteHandler = NULL;
35   var $DivListOGroup    = NULL;
37   function ogroupManagement ($config, $dn= NULL)
38   {
39     /* Include config object */
40     $this->config= $config;
41     $this->ui= get_userinfo();
43     /* Copy & Paste enabled ?
44      */
45     if((isset($this->config->data['MAIN']['ENABLECOPYPASTE']))&&(preg_match("/true/i",$this->config->data['MAIN']['ENABLECOPYPASTE'] ))){
46       $this->CopyPasteHandler = new CopyPasteHandler($this->config);
47     }
49     /* Div lsit management */
50     $this->DivListOGroup = new divListOGroup($this->config,$this);
51   }
53   function execute()
54   {
55     /* Call parent execute */
56     plugin::execute();
58     /****************
59       Variable intialisation && Check posts for commands  
60      ****************/
62     $_SESSION['LOCK_VARS_TO_USE'] = array("/^act$/","/^id$/","/^group_edit_/","/^group_del_/");
64     $smarty     = get_smarty();
65     $s_action   = "";
66     $s_entry    = "";
68     /* Test Posts */
69     foreach($_POST as $key => $val){
70       // Post for delete
71       if(preg_match("/^group_del.*/",$key)){
72         $s_action = "del";
73         $s_entry  = preg_replace("/^group_".$s_action."_/i","",$key);
74         // Post for edit
75       }elseif(preg_match("/^group_edit_.*/",$key)){
76         $s_action="edit";
77         $s_entry  = preg_replace("/^group_".$s_action."_/i","",$key);
78         // Post for new
79       }elseif(preg_match("/^group_new.*/",$key)){
80         $s_action="new";
81       }elseif(preg_match("/^group_tplnew.*/i",$key)){
82         $s_action="new_tpl";
83       }elseif(preg_match("/^group_chgpw.*/i",$key)){
84         $s_action="change_pw";
85         $s_entry  = preg_replace("/group_chgpw_/i","",$key);
86       }elseif(preg_match("/^editPaste.*/i",$key)){
87         $s_action="editPaste";
88       }elseif(preg_match("/^copy_.*/",$key)){
89         $s_action="copy";
90         $s_entry  = preg_replace("/^copy_/i","",$key);
91       }elseif(preg_match("/^cut_.*/",$key)){
92         $s_action="cut";
93         $s_entry  = preg_replace("/^cut_/i","",$key);
94       }elseif(preg_match("/_group_edit_/",$key)){
95         $type = preg_replace("/_group_edit_.*$/","",$key);
96         $s_action="edit";
97         $s_entry  = preg_replace("/".$type."_group_edit_/i","",$key);
98         $_POST['arg'] = $type;
99       }
100     }
101     $s_entry  = preg_replace("/_.$/","",$s_entry);
103     // Edit if
104     if((isset($_GET['act']))&&($_GET['act']=="edit_entry")){
105       $s_action ="edit";
106       $s_entry  = $_GET['id'];
107     }
110     /****************
111       Copy & Paste handling 
112      ****************/
114     /* Only perform copy / paste if it is enabled
115      */
116     if($this->CopyPasteHandler){
118       /* Paste copied/cutted object in here
119        */
120       if(($s_action == "editPaste") || ($this->CopyPasteHandler->stillOpen())){
121         $this->CopyPasteHandler->save_object();
122         $this->CopyPasteHandler->SetVar("base", $this->DivListOGroup->selectedBase);
123         return($this->CopyPasteHandler->execute());
124       }
126       /* Copy current object to CopyHandler
127        */
128       if($s_action == "copy"){
129         $this->CopyPasteHandler->Clear();
130         $dn       =   $this->ogrouplist[$s_entry]['dn'];
131         $obj      =   new ogrouptabs($this->config, $this->config->data['TABS']['OGROUPTABS'], $dn);
132         $objNew   =   new ogrouptabs($this->config, $this->config->data['TABS']['OGROUPTABS'], "new");
133         $this->CopyPasteHandler->Copy($obj,$objNew);
134       }
136       /* Copy current object to CopyHandler
137        */
138       if($s_action == "cut"){
139         $this->CopyPasteHandler->Clear();
140         $dn       =   $this->ogrouplist[$s_entry]['dn'];
141         $obj      =   new ogrouptabs($this->config, $this->config->data['TABS']['OGROUPTABS'], $dn);
142         $this->CopyPasteHandler->Cut($obj);
143       }
144     }
147     /****************
148       Create a new object group 
149      ****************/
151     /* New group? */
152     if ($s_action=="new"){
154       /* By default we set 'dn' to 'new', all relevant plugins will
155          react on this. */
156       $this->dn= "new";
158       /* Create new usertab object */
159       $this->ogroup= new ogrouptabs($this->config,$this->config->data['TABS']['OGROUPTABS'], $this->dn,"ogroups");
160       $this->ogroup->set_acl_base($this->DivListOGroup->selectedBase);
161     }
164     /****************
165       Delete object group
166      ****************/
168     if ($s_action=="del"){
170       /* Get 'dn' from posted 'uid' */
171       $this->dn= $this->ogrouplist[$s_entry]['dn'];
173       /* Load permissions for selected 'dn' and check if
174          we're allowed to remove this 'dn' */
175       $acl = $this->ui->get_permissions($this->dn,"ogroup");
176       if(preg_match("/d/",$acl)){
178         /* Check locking, save current plugin in 'back_plugin', so
179            the dialog knows where to return. */
180         if (($user= get_lock($this->dn)) != ""){
181           return(gen_locked_message ($user, $this->dn));
182         }
184         /* Lock the current entry, so nobody will edit it during deletion */
185         add_lock ($this->dn, $this->ui->dn);
186         $smarty->assign("info", sprintf(_("You're about to delete the object group '%s'."), @LDAP::fix($this->dn)));
187         return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
188       } else {
190         /* Obviously the user isn't allowed to delete. Show message and
191            clean session. */
192         print_red (_("You are not allowed to delete this object group!"));
193       }
194     }
197     /****************
198       Delete confirmed 
199      ****************/
201     /* Confirmation for deletion has been passed. Group should be deleted. */
202     if (isset($_POST['delete_group_confirm'])){
204       /* Some nice guy may send this as POST, so we've to check
205          for the permissions again. */
206       $acl = $this->ui->get_permissions($this->dn,"groups");
207       if(preg_match("/d/",$acl)){
209         /* Delete request is permitted, perform LDAP action */
210         $this->ogroup= new ogrouptabs($this->config,
211             $this->config->data['TABS']['OGROUPTABS'], $this->dn);
212         $this->ogroup->set_acl(array($this->acl));
213         $this->ogroup->delete ();
214         gosa_log ("Object group'".$this->dn."' has been removed");
215         unset ($this->ogroup);
216         $this->ogroup= NULL;
217       } else {
219         /* Normally this shouldn't be reached, send some extra
220            logs to notify the administrator */
221         print_red (_("You are not allowed to delete this object group!"));
222         gosa_log ("Warning: '".$this->ui->uid."' tried to trick group deletion.");
223       }
225       /* Remove lock file after successfull deletion */
226       del_lock ($this->dn);
227       unset($_SESSION['objectinfo']);
228     }
231     /****************
232       Delete object group Canceled
233      ****************/
235     /* Delete group canceled? */
236     if (isset($_POST['delete_cancel'])){
237       del_lock ($this->dn);
238       unset($_SESSION['objectinfo']);
239     }
242     /****************
243       Edit group
244      ****************/
246     if (($s_action=="edit") && (! isset($this->ogroup->config)) ){
248       /* Get 'dn' from posted 'uid', must be unique */
249       $this->dn= $this->ogrouplist[$s_entry]['dn'];
251       /* Check locking, save current plugin in 'back_plugin', so
252          the dialog knows where to return. */
253       if (($user= get_lock($this->dn)) != ""){
254         return(gen_locked_message ($user, $this->dn));
255       }
257       /* Lock the current entry, so everyone will get the
258          above dialog */
259       add_lock ($this->dn, $this->ui->dn);
261       /* Register grouptab to trigger edit dialog */
262       $this->ogroup= new ogrouptabs($this->config, $this->config->data['TABS']['OGROUPTABS'], $this->dn, "ogroups");
263       $this->ogroup->set_acl_base($this->dn);
264       $_SESSION['objectinfo']= $this->dn;
265     }
268     /****************
269       Edit finished save 
270      ****************/
272     /* Finish button has been pressed */
273     if ((isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && (isset($this->ogroup->config)) ){
275       /* Check tabs, will feed message array */
276       $message= $this->ogroup->check();
278       /* Save, or display error message? */
279       if (count($message) == 0){
281         /* Save user data to ldap */
282         $this->ogroup->save();
283         gosa_log ("Object group'".$this->dn."' has been saved");
285         if (!isset($_POST['edit_apply'])){
286           /* Group has been saved successfully, remove lock from
287              LDAP. */
288           if ($this->dn != "new"){
289             del_lock ($this->dn);
290           }
292           unset ($this->ogroup);
293           $this->ogroup= NULL;
294           unset ($_SESSION['objectinfo']);
295         }
296       } else {
297         /* Ok. There seem to be errors regarding to the tab data,
298            show message and continue as usual. */
299         show_errors($message);
300       }
301     }
304     /****************
305       Cancel edit object group
306      ****************/
308     /* Cancel dialogs */
309     if (isset($_POST['edit_cancel'])){
310       del_lock ($this->ogroup->dn);
311       unset ($this->ogroup);
312       $this->ogroup= NULL;
313       unset($_SESSION['objectinfo']);
314     }
317     /****************
318       Display open dialogs 
319      ****************/
321     /* Show dialog if object is present */
322     if (isset($this->ogroup->config)){
323       $display= $this->ogroup->execute();
325       /* Don't show buttons if tab dialog requests this */
326       if (!$this->ogroup->by_object[$this->ogroup->current]->dialog){
327         $display.= "<p style=\"text-align:right\">\n";
328         $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\""._("Ok")."\">\n";
329         $display.= "&nbsp;\n";
330         if ($this->dn != "new"){
331           $display.= "<input type=submit name=\"edit_apply\" value=\""._("Apply")."\">\n";
332           $display.= "&nbsp;\n";
333         }
334         $display.= "<input type=submit name=\"edit_cancel\" value=\""._("Cancel")."\">\n";
335         $display.= "</p>";
336       }
337       return ($display);
338     }
341     /****************
342       Display list 
343      ****************/
345     /* Check if there is a snapshot dialog open */
346     $base = $this->DivListOGroup->selectedBase;
347     if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){
348       return($str);
349     }
351     /* Display dialog with group list */
352     $this->DivListOGroup->parent = $this;
353     $this->DivListOGroup->execute();
355     /* Add departments if subsearch is disabled */
356     if(!$this->DivListOGroup->SubSearch){
357       $this->DivListOGroup->AddDepartments($this->DivListOGroup->selectedBase,4);
358     }
359     $this->reload ();
360     $this->DivListOGroup->setEntries($this->ogrouplist);
361     return($this->DivListOGroup->Draw());
362   }
365   /* Return departments, that will be included within snapshot detection */
366   function get_used_snapshot_bases()
367   {
368     return(array(get_groups_ou().$this->DivListOGroup->selectedBase));
369   }
371   
373   function convert_list($input)
374   {
375     $temp= "";
377     $conv= array(   
378         "U" => array("select_user.png"        ,_("User")        , "ogroup"),
379         "G" => array("select_groups.png"      ,_("Group")       , "ogroup"),
380         "A" => array("select_application.png" ,_("Application") , "ogroup"),
381         "D" => array("select_department.png"  ,_("Department")  , "ogroup"),
382         "S" => array("select_server.png"      ,_("Server")      , "ogroup"),
383         "F" => array("select_phone.png"       ,_("Phone")       , "phonequeue"),
384         "W" => array("select_workstation.png" ,_("Workstation") , "workstartup"),
385         "T" => array("select_terminal.png"    ,_("Terminal")    , "termgroup"),
386         "P" => array("select_printer.png"     ,_("Printer")     , "ogroup"));
388     /* Assemble picture */
389     $type= $input['gosaGroupObjects'][0];
390     $type= preg_replace("/[^A-Z]/i","",$type);
391     if (isset($type[0])){
392       $p1['pic']= $conv[$type[0]][0];
393       $p1['tit']= $conv[$type[0]][1];
394       $p1['alt']= $type[0];
395       $p1['lnk']= $conv[$type[0]][2];
396     } else {
397       $p1['pic']= "empty.png";
398       $p1['tit']= "";
399       $p1['alt']= "";
400       $p1['lnk']= "";//$conv[$type[0]][2];
401     }
403     if (isset($type[1])){
404       $p2['pic']= $conv[$type[1]][0];
405       $p2['alt']= $type[1];
406       $p2['tit']= $conv[$type[1]][1];
407       $p2['lnk']= $conv[$type[1]][2];
408     } else {
409       $p2['pic']= "empty.png";
410       $p2['alt']= "";
411       $p2['tit']= "";
412       $p2['lnk']= ""; //$conv[$type[0]][2];
413     }
414     $temp = "<input type='image' name='".$p1['lnk']."_group_edit_%KEY' class='center' 
415       src='images/".$p1['pic']."' alt='".$p1['alt']."' title='".$p1['tit']."'>";
416     $temp.= "<input type='image' name='".$p2['lnk']."_group_edit_%KEY'class='center' 
417       src='images/".$p2['pic']."' alt='".$p2['alt']."' title='".$p2['tit']."'>";
418     return ($temp);
419   }
422   function reload()
423   {
424     /* Set base for all searches && initialise some vars */
425     $this->ogrouplist= array();
426     $base     = $this->DivListOGroup->selectedBase;
427     $filter   = "(gosaGroupObjects=[])";
428     $Regex    = $this->DivListOGroup->Regex;
430     $chk = array(
431         "UserGroups"          => "(gosaGroupObjects=*U*)" ,
432         "GroupGroups"         => "(gosaGroupObjects=*G*)" ,
433         "ApplicationGroups"   => "(gosaGroupObjects=*A*)" ,
434         "DepartmentGroups"    => "(gosaGroupObjects=*D*)" ,
435         "ServerGroups"        => "(gosaGroupObjects=*S*)" ,
436         "WorkstationGroups"   => "(gosaGroupObjects=*W*)" ,
437         "TerminalGroups"      => "(gosaGroupObjects=*T*)" ,
438         "PrinterGroups"       => "(gosaGroupObjects=*P*)" ,
439         "PhoneGroups"         => "(gosaGroupObjects=*F*)" );
440     /* Create filter */ 
441     foreach($chk as $chkBox => $FilterPart){
442       if($this->DivListOGroup->$chkBox){
443         $filter .=  $FilterPart;
444       }
445     }
446     $filter= "(&(cn=$Regex)(objectClass=gosaGroupOfNames)(|$filter))";
448     if($this->DivListOGroup->SubSearch){
449       $res= get_list($filter, "ogroups", $base, array("cn","objectClass","gosaGroupObjects"), GL_SIZELIMIT | GL_SUBSEARCH);
450     }else{
451       $res= get_list($filter, "ogroups", get_groups_ou().$base, array("cn","objectClass","gosaGroupObjects"), GL_SIZELIMIT );
452     }
454     $this->ogrouplist= $res;
455     ksort ($this->ogrouplist);
456     reset ($this->ogrouplist);
457     $tmp=array();
458     foreach($this->ogrouplist as $tkey => $val ){
459       $tmp[strtolower($val['cn'][0]).$val['cn'][0]]=$val;
460     }
461     ksort($tmp);
462     $this->ogrouplist=array();
463     foreach($tmp as $val){
464       $this->ogrouplist[]=$val;
465     }
466     reset ($this->ogrouplist);
467   }
469   function save_object()
470   {
471     $this->DivListOGroup->save_object();
472   }
476 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
477 ?>