![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
aee8992d20544b59f1b48c7f4682a0a364f514f0
1 <?php
3 /*
4 This code is part of GOsa (https://gosa.gonicus.de)
5 Copyright (C) 2007 Fabian Hickert
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
23 class Step_Migrate extends setup_step
24 {
25 var $languages = array();
26 var $attributes = array();
27 var $header_image = "images/monitoring.png";
28 var $checks = array();
30 /* Department migration attributes */
31 var $dep_migration_dialog = FALSE;
32 var $deps_to_migrate = array();
34 /* Department migration attributes */
35 var $users_migration_dialog= FALSE;
36 var $users_to_migrate = array();
38 /* Create Acl attributes */
39 var $acl_create_dialog = FALSE;
40 var $acl_create_type = "group";
41 var $acl_create_selected= ""; // Currently selected element, that should receive admin rights
42 var $acl_create_changes = ""; // Contains ldif information about changes
43 var $acl_create_confirmed= FALSE;
45 function Step_Migrate()
46 {
47 $this->update_strings();
48 $this->initialize_checks();
49 }
51 function update_strings()
52 {
53 $this->s_title = _("LDAP inspection");
54 $this->s_title_long = _("LDAP inspection");
55 $this->s_info = _("Analyze your current LDAP for GOsa compatibility");
56 }
58 function initialize_checks()
59 {
60 $this->checks = array();
61 $this->checks['root']['TITLE'] = _("Checking for root object");
62 $this->checks['root']['STATUS'] = FALSE;
63 $this->checks['root']['STATUS_MSG']= "";
64 $this->checks['root']['ERROR_MSG'] = "";
65 $this->checkBase();
67 $this->checks['permissions']['TITLE'] = _("Checking permissions on ldap database");
68 $this->checks['permissions']['STATUS'] = FALSE;
69 $this->checks['permissions']['STATUS_MSG']= "";
70 $this->checks['permissions']['ERROR_MSG'] = "";
71 $this->check_ldap_permissions();
73 $this->checks['deps_visible']['TITLE'] = _("Checking for invisible deparmtments");
74 $this->checks['deps_visible']['STATUS'] = FALSE;
75 $this->checks['deps_visible']['STATUS_MSG']= "";
76 $this->checks['deps_visible']['ERROR_MSG'] = "";
77 $this->check_visible_organizationalUnits();
79 $this->checks['users_visible']['TITLE'] = _("Checking for invisible user");
80 $this->checks['users_visible']['STATUS'] = FALSE;
81 $this->checks['users_visible']['STATUS_MSG']= "";
82 $this->checks['users_visible']['ERROR_MSG'] = "";
83 $this->check_invisible_gosaAccounts();
85 $this->checks['acls']['TITLE'] = _("Checking for administrational account");
86 $this->checks['acls']['STATUS'] = FALSE;
87 $this->checks['acls']['STATUS_MSG']= "";
88 $this->checks['acls']['ERROR_MSG'] = "";
89 $this->check_acls();
90 }
93 /* Check Acls if there is at least one object with acls defined
94 */
95 function check_acls()
96 {
97 /* Establish ldap connection */
98 $cv = $this->parent->captured_values;
99 $ldap = new LDAP($cv['admin'],
100 $cv['password'],
101 $cv['connection'],
102 FALSE,
103 $cv['tls']);
105 /* Search for gosaAcls */
106 $ldap->cd($cv['base']);
107 $ldap->search("(&(objectClass=gosaAccount)(|(objectClass=posixAccount)(objectClass=inetOrgPerson)(objectClass=organizationalPerson)))");
109 if($ldap->count() ==0){
110 $this->checks['acls']['STATUS'] = TRUE;
111 $this->checks['acls']['STATUS_MSG']= _("Ok");
112 $this->checks['acls']['ERROR_MSG'] = "<input type='submit' name='retry_acls' value='"._("Retry")."'>";
113 }else{
114 $this->checks['acls']['STATUS'] = FALSE;
115 $this->checks['acls']['STATUS_MSG']= _("Failed");
116 $this->checks['acls']['ERROR_MSG'] = "<input type='submit' name='retry_acls' value='"._("Retry")."'>";
117 $this->checks['acls']['ERROR_MSG'].= "<input type='submit' name='create_acls' value='"._("Create adminitrational account")."'>";
118 }
120 return($ldap->count()>=1);
121 }
124 /* Check ldap accessibility
125 * Create and remove a dummy object,
126 * to ensure that we have the necessary permissions
127 */
128 function check_ldap_permissions()
129 {
130 $cv = $this->parent->captured_values;
131 $ldap = new LDAP($cv['admin'],
132 $cv['password'],
133 $cv['connection'],
134 FALSE,
135 $cv['tls']);
137 /* Create dummy entry
138 */
139 $name = "GOsa_setup_text_entry_".session_id().rand(0,999999);
140 $dn = "ou=".$name.",".$cv['base'];
141 $testEntry= array();
142 $testEntry['objectClass'][]= "top";
143 $testEntry['objectClass'][]= "organizationalUnit";
144 $testEntry['objectClass'][]= "gosaDepartment";
145 $testEntry['description']= "Created by GOsa setup, this object can be removed.";
146 $testEntry['ou'] = $name;
148 /* Try to create dummy object
149 */
150 $ldap->cd ($dn);
151 $ldap->create_missing_trees($dn);
152 $res = $ldap->add($testEntry);
153 if(!$res){
154 gosa_log($ldap->get_error());
155 $this->checks['permissions']['STATUS'] = FALSE;
156 $this->checks['permissions']['STATUS_MSG']= _("Failed");
157 $this->checks['permissions']['ERROR_MSG'] =
158 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
159 $this->checks['permissions']['ERROR_MSG'].=
160 "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
161 return(false);
162 }
164 /* Try to remove created entry
165 */
166 $res = $ldap->rmDir($dn);
167 if(!$res){
168 gosa_log($ldap->get_error());
169 $this->checks['permissions']['STATUS'] = FALSE;
170 $this->checks['permissions']['STATUS_MSG']= _("Failed");
171 $this->checks['permissions']['ERROR_MSG'] =
172 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
173 $this->checks['permissions']['ERROR_MSG'].=
174 "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
175 return(false);
176 }
178 /* Create & remove of dummy object was successful */
179 $this->checks['permissions']['STATUS'] = TRUE;
180 $this->checks['permissions']['STATUS_MSG']= _("Ok");
181 $this->checks['permissions']['ERROR_MSG'] = "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
182 return(true);
183 }
186 /* Check if there are users which will
187 * be invisible for GOsa
188 */
189 function check_invisible_gosaAccounts()
190 {
191 /* Remember old list of ivisible users, to be able to set
192 * the 'html checked' status for the checkboxes again
193 */
194 $cnt_ok = 0;
195 $old = $this->users_to_migrate;
196 $this->users_to_migrate = array();
198 /* Get collected configuration settings */
199 $cv = $this->parent->captured_values;
201 /* Establish ldap connection */
202 $ldap = new LDAP($cv['admin'],
203 $cv['password'],
204 $cv['connection'],
205 FALSE,
206 $cv['tls']);
208 /* Get all invisible users
209 */
210 $ldap->cd($cv['base']);
211 $ldap->search("(&(|(objectClass=posixAccount)(objectClass=inetOrgPerson)(objectClass=organizationalPerson))(!(objectClass=gosaAccount)))",array("sn","givenName","cn","uid"));
212 while($attrs = $ldap->fetch()){
213 if(!preg_match("/,dc=addressbook,/",$attrs['dn'])){
214 $attrs['checked'] = FALSE;
215 $attrs['before'] = "";
216 $attrs['after'] = "";
218 /* Set objects to selected, that were selected before reload */
219 if(isset($old[base64_encode($attrs['dn'])])){
220 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
221 }
222 $this->users_to_migrate[base64_encode($attrs['dn'])] = $attrs;
223 }
224 }
226 /* No invisible */
227 if(count($this->users_to_migrate) == 0){
228 $this->checks['users_visible']['STATUS'] = TRUE;
229 $this->checks['users_visible']['STATUS_MSG']= _("Ok");
230 $this->checks['users_visible']['ERROR_MSG'] = "";
231 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate_refresh' value='"._("Retry")."'>";
232 }else{
233 $this->checks['users_visible']['STATUS'] = FALSE;
234 $this->checks['users_visible']['STATUS_MSG']= "";
235 $this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s users that will not be visible in GOsa."),
236 count($this->users_to_migrate));
237 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate' value='"._("Migrate")."'>";
238 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate_refresh' value='"._("Reload list"). "'>";
239 }
240 }
243 /* Start user account migration
244 */
245 function migrate_gosaAccounts($only_ldif = FALSE)
246 {
247 /* Get collected configuration settings */
248 $cv = $this->parent->captured_values;
250 /* Establish ldap connection */
251 $ldap = new LDAP($cv['admin'],
252 $cv['password'],
253 $cv['connection'],
254 FALSE,
255 $cv['tls']);
257 /* Add gosaAccount objectClass to the selected users
258 */
259 foreach($this->users_to_migrate as $key => $dep){
260 if($dep['checked']){
262 /* Get old objectClasses */
263 $ldap->cat($dep['dn'],array("objectClass"));
264 $attrs = $ldap->fetch();
266 /* Create new objectClass array */
267 $new_attrs = array();
268 $new_attrs['objectClass']= array("gosaAccount","inetOrgPerson","organizationalPerson");
269 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
270 if(!in_array_ics($attrs['objectClass'][$i], $new_attrs['objectClass'])){
271 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
272 }
273 }
275 /* Set info attributes for current object,
276 * or write changes to the ldap database
277 */
278 if($only_ldif){
279 $this->users_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
280 $this->users_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
281 }else{
282 $ldap->cd($attrs['dn']);
283 if(!$ldap->modify($new_attrs)){
284 print_red(sprintf(_("Failed to migrate the department '%s' into GOsa, error message is as follows '%s'."),$attrs['dn'],$ldap->get_error()));
285 return(false);
286 }
287 }
288 }
289 }
290 return(TRUE);
291 }
294 /* Check if there are invisible organizational Units
295 */
296 function check_visible_organizationalUnits()
297 {
298 $cnt_ok = 0;
299 $old = $this->deps_to_migrate;
300 $this->deps_to_migrate = array();
302 /* Get collected configuration settings */
303 $cv = $this->parent->captured_values;
305 /* Establish ldap connection */
306 $ldap = new LDAP($cv['admin'],
307 $cv['password'],
308 $cv['connection'],
309 FALSE,
310 $cv['tls']);
312 /* Skip GOsa internal departments */
313 $skip_dns = array("/^ou=people,/","/^ou=groups,/","/(,|)ou=configs,/","/(,|)ou=systems,/",
314 "/^ou=apps,/","/^ou=mime,/","/^ou=aclroles,/","/^ou=incoming,/",
315 "/ou=snapshots,/","/(,|)dc=addressbook,/","/^(,|)ou=machineaccounts,/",
316 "/(,|)ou=winstations,/");
319 /* Get all invisible departments */
320 $ldap->cd($cv['base']);
321 $ldap->search("(&(objectClass=organizationalUnit)(!(objectClass=gosaDepartment)))",array("ou","description","dn"));
322 while($attrs = $ldap->fetch()){
323 $attrs['checked'] = FALSE;
324 $attrs['before'] = "";
325 $attrs['after'] = "";
327 /* Set objects to selected, that were selected before reload */
328 if(isset($old[base64_encode($attrs['dn'])])){
329 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
330 }
331 $this->deps_to_migrate[base64_encode($attrs['dn'])] = $attrs;
332 }
334 /* Filter returned list of departments and ensure that
335 * GOsa internal departments will not be listed
336 */
337 foreach($this->deps_to_migrate as $key => $attrs){
338 $dn = $attrs['dn'];
339 $skip = false;
340 foreach($skip_dns as $skip_dn){
341 if(preg_match($skip_dn,$dn)){
342 $skip = true;
343 }
344 }
345 if($skip){
346 unset($this->deps_to_migrate[$key]);
347 }
348 }
350 /* If we have no invisible departments found
351 * tell the user that everything is ok
352 */
353 if(count($this->deps_to_migrate) == 0){
354 $this->checks['deps_visible']['STATUS'] = TRUE;
355 $this->checks['deps_visible']['STATUS_MSG']= _("Ok");
356 $this->checks['deps_visible']['ERROR_MSG'] = "";
357 $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate_refresh' value='"._("Retry")."'>";
358 }else{
359 $this->checks['deps_visible']['STATUS'] = FALSE;
360 $this->checks['deps_visible']['STATUS_MSG']= "";//sprintf(_("%s entries found"),count($this->deps_to_migrate));
361 $this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s departments that will not be visible in GOsa."),count($this->deps_to_migrate));
362 $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate' value='"._("Migrate")."'>";
363 $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate_refresh' value='"._("Reload list")."'>";
364 }
365 }
369 /* Start deparmtment migration */
370 function migrate_organizationalUnits($only_ldif = FALSE)
371 {
372 /* Get collected configuration settings */
373 $cv = $this->parent->captured_values;
375 /* Establish ldap connection */
376 $ldap = new LDAP($cv['admin'],
377 $cv['password'],
378 $cv['connection'],
379 FALSE,
380 $cv['tls']);
382 /* Add gosaDepartment objectClass to each selected entry
383 */
384 foreach($this->deps_to_migrate as $key => $dep){
385 if($dep['checked']){
387 /* Get current objectClasses */
388 $ldap->cat($dep['dn'],array("objectClass","description"));
389 $attrs = $ldap->fetch();
391 /* Create new objectClass attribute including gosaDepartment*/
392 $new_attrs = array();
393 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
394 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
395 }
396 $new_attrs['objectClass'][] = "gosaDepartment";
398 /* Append description it is missing */
399 if(!isset($attrs['description'])){
400 $new_attrs['description'][] = "GOsa department";
401 }
403 /* Depending on the parameter >only_diff< we save the changes as ldif
404 * or we write our changes directly to the ldap database
405 */
406 if($only_ldif){
407 $this->deps_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
408 $this->deps_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
409 }else{
410 $ldap->cd($attrs['dn']);
411 if(!$ldap->modify($new_attrs)){
412 print_red(sprintf(_("Failed to migrate the department '%s' into GOsa, error message is as follows '%s'."),$attrs['dn'],$ldap->get_error()));
413 return(false);
414 }
415 }
416 }
417 }
418 return(TRUE);
419 }
422 function get_user_list()
423 {
424 /* Get collected configuration settings */
425 $cv = $this->parent->captured_values;
427 /* Establish ldap connection */
428 $ldap = new LDAP($cv['admin'],
429 $cv['password'],
430 $cv['connection'],
431 FALSE,
432 $cv['tls']);
434 $ldap->cd($cv['base']);
435 $ldap->search("(objectClass=gosaAccount)",array("dn"));
437 $tmp = array();
438 while($attrs = $ldap->fetch()){
439 $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
440 }
442 return($tmp);
443 }
445 function get_group_list()
446 {
447 /* Get collected configuration settings */
448 $cv = $this->parent->captured_values;
450 /* Establish ldap connection */
451 $ldap = new LDAP($cv['admin'],
452 $cv['password'],
453 $cv['connection'],
454 FALSE,
455 $cv['tls']);
457 $ldap->cd($cv['base']);
458 $ldap->search("(objectClass=posixGroup)",array("dn"));
460 $tmp = array();
461 while($attrs = $ldap->fetch()){
462 $tmp[base64_encode($attrs['dn'])] = @LDAP::fix($attrs['dn']);
463 }
465 return($tmp);
466 }
470 function create_admin($only_ldif = FALSE)
471 {
472 /* Reset '' */
473 $this->acl_create_changes="";
475 /* Object that should receive admin acls */
476 $dn = $this->acl_create_selected;
478 /* Get collected configuration settings */
479 $cv = $this->parent->captured_values;
481 /* Establish ldap connection */
482 $ldap = new LDAP($cv['admin'],
483 $cv['password'],
484 $cv['connection'],
485 FALSE,
486 $cv['tls']);
488 /* Get current base attributes */
489 $ldap->cd($cv['base']);
490 $ldap->cat($cv['base'],array("dn","objectClass","gosaAclEntry"));
491 $attrs = $ldap->fetch();
493 /* Add acls for the selcted user to the base */
494 $attrs_new['objectClass'] = array("gosaACL");
496 for($i = 0; $i < $attrs['objectClass']['count']; $i ++){
497 if(!in_array_ics($attrs['objectClass'][$i],$attrs_new['objectClass'])){
498 $attrs_new['objectClass'][] = $attrs['objectClass'][$i];
499 }
500 }
502 $acl = "0:sub:".base64_encode($dn).":all;cmdrw";
503 $attrs_new['gosaAclEntry'][] = $acl;
504 if(isset($attrs['gosaAclEntry'])){
505 for($i = 0 ; $i < $attrs['gosaAclEntry']['count']; $i ++){
507 $prio = preg_replace("/[:].*$/","",$attrs['gosaAclEntry'][$i]);
508 $rest = preg_replace("/^[^:]/","",$attrs['gosaAclEntry'][$i]);
510 $data = ($prio+1).$rest;
511 $attrs_new['gosaAclEntry'][] = $data;
512 }
513 }
515 if($only_ldif){
516 $this->acl_create_changes ="\n".$cv['base']."\n";
517 $this->acl_create_changes.=$this->array_to_ldif($attrs)."\n";
518 $this->acl_create_changes.="\n".$cv['base']."\n";
519 $this->acl_create_changes.=$this->array_to_ldif($attrs_new);
520 }else{
522 $ldap->cd($cv['base']);
523 if(!$ldap->modify($attrs_new)){
524 print_red(sprintf(_("Adding acls for user '%s' failed, ldap says '%s'."),$dn,$ldap->get_error()));
525 }
526 }
527 }
530 function execute()
531 {
532 /* Permission check */
533 $this->check_ldap_permissions();
535 /*************
536 * Root object check
537 *************/
539 if(isset($_POST['retry_root'])) {
540 $this->checkBase();
541 }
543 if(isset($_POST['retry_root_create'])){
544 $this->checkBase(FALSE);
545 }
547 /*************
548 * User Migration handling
549 *************/
551 if(isset($_POST['retry_acls'])){
552 $this->check_acls();
553 }
555 if(isset($_POST['create_acls'])){
556 $this->acl_create_dialog = TRUE;
557 $this->dialog = TRUE;
558 }
560 if(isset($_POST['create_acls_cancel'])){
561 $this->acl_create_dialog = FALSE;
562 $this->dialog = FALSE;
563 }
565 if(isset($_POST['create_acls_create_confirmed'])){
566 $this->create_admin();
567 }
569 if(isset($_POST['create_acls_create'])){
570 $this->create_admin(TRUE);
571 }
573 if($this->acl_create_dialog){
574 $smarty = get_smarty();
575 $smarty->assign("users" ,$this->get_user_list());
576 $smarty->assign("groups",$this->get_group_list());
577 $smarty->assign("type" ,$this->acl_create_type);
578 $smarty->assign("method","create_acls");
579 $smarty->assign("acl_create_selected",$this->acl_create_selected);
580 $smarty->assign("what_will_be_done_now",$this->acl_create_changes);
581 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
582 }
584 /*************
585 * User Migration handling
586 *************/
588 /* Refresh list of deparments */
589 if(isset($_POST['users_visible_migrate_refresh'])){
590 $this->check_invisible_gosaAccounts();
591 }
593 /* Open migration dialog */
594 if(isset($_POST['users_visible_migrate'])){
595 $this->users_migration_dialog = TRUE;
596 $this->dialog =TRUE;
597 }
599 /* Close migration dialog */
600 if(isset($_POST['users_visible_migrate_close'])){
601 $this->users_migration_dialog = FALSE;
602 $this->dialog =FALSE;
603 }
605 /* Start migration */
606 if(isset($_POST['users_visible_migrate_migrate'])){
607 if($this->migrate_gosaAccounts()){
608 $this->check_invisible_gosaAccounts();
609 }
610 }
612 /* Start migration */
613 if(isset($_POST['users_visible_migrate_whatsdone'])){
614 $this->migrate_gosaAccounts(TRUE);
615 }
617 /* Display migration dialog */
618 if($this->users_migration_dialog){
619 $smarty = get_smarty();
620 $smarty->assign("users_to_migrate",$this->users_to_migrate);
621 $smarty->assign("method","migrate_users");
622 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
623 }
626 /*************
627 * Department Migration handling
628 *************/
630 /* Refresh list of deparments */
631 if(isset($_POST['deps_visible_migrate_refresh'])){
632 $this->check_visible_organizationalUnits();
633 }
635 /* Open migration dialog */
636 if(isset($_POST['deps_visible_migrate'])){
637 $this->dep_migration_dialog = TRUE;
638 $this->dialog =TRUE;
639 }
641 /* Close migration dialog */
642 if(isset($_POST['deps_visible_migrate_close'])){
643 $this->dep_migration_dialog = FALSE;
644 $this->dialog =FALSE;
645 }
647 /* Start migration */
648 if(isset($_POST['deps_visible_migrate_migrate'])){
649 if($this->migrate_organizationalUnits()){
650 $this->check_visible_organizationalUnits();
651 }
652 }
654 /* Start migration */
655 if(isset($_POST['deps_visible_migrate_whatsdone'])){
656 $this->migrate_organizationalUnits(TRUE);
657 }
659 /* Display migration dialog */
660 if($this->dep_migration_dialog){
661 $smarty = get_smarty();
662 $smarty->assign("deps_to_migrate",$this->deps_to_migrate);
663 $smarty->assign("method","migrate_deps");
664 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
665 }
667 $smarty = get_smarty();
668 $smarty->assign("checks",$this->checks);
669 $smarty->assign("method","default");
670 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
671 }
674 function save_object()
675 {
676 /* Get "create acl" dialog posts */
677 if($this->acl_create_dialog){
678 if(isset($_POST['create_acls_create'])){
679 if(isset($_POST['create_acls_selected'])){
680 $this->acl_create_selected = base64_decode($_POST['create_acls_selected']);
681 }else{
682 $this->acl_create_selected = "";
683 }
684 }
686 if(isset($_POST['create_acls_create_abort'])){
687 $this->acl_create_selected = "";
688 }
690 if(isset($_POST['acl_create_type'])){
691 $this->acl_create_type = $_POST['acl_create_type'];
692 }
693 }
695 /* Get selected departments */
696 if($this->dep_migration_dialog){
697 foreach($this->deps_to_migrate as $id => $data){
698 if(isset($_POST['migrate_'.$id])){
699 $this->deps_to_migrate[$id]['checked'] = TRUE;
700 }else{
701 $this->deps_to_migrate[$id]['checked'] = FALSE;
702 }
703 }
704 }
706 /* Get selected users */
707 if($this->users_migration_dialog){
708 foreach($this->users_to_migrate as $id => $data){
709 if(isset($_POST['migrate_'.$id])){
710 $this->users_to_migrate[$id]['checked'] = TRUE;
711 }else{
712 $this->users_to_migrate[$id]['checked'] = FALSE;
713 }
714 }
715 }
716 }
719 // checks for valid base entry
720 function checkBase($just_check = TRUE)
721 {
722 /* Get collected setup informations */
723 $cv = $this->parent->captured_values;
725 /* Establish ldap connection */
726 $ldap = new LDAP($cv['admin'],
727 $cv['password'],
728 $cv['connection'],
729 FALSE,
730 $cv['tls']);
732 /* Check if root object exists */
733 $ldap->cd($cv['base']);
734 $res = $ldap->search("(objectClass=*)");
735 $err = ldap_errno($ldap->cid);
737 if( !$res ||
738 $err == 0x20 || # LDAP_NO_SUCH_OBJECT
739 $err == 0x40) { # LDAP_NAMING_VIOLATION
741 /* Root object doesn't exists
742 */
743 if($just_check){
744 $this->checks['root']['STATUS'] = FALSE;
745 $this->checks['root']['STATUS_MSG']= _("Failed");
746 $this->checks['root']['ERROR_MSG'] = "<input type='submit' name='retry_root' value='"._("Retry")."'>";
747 $this->checks['root']['ERROR_MSG'].= "<input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
748 return(FALSE);
749 }else{
751 /* Try to find out which values are necessary */
752 $tmp = $ldap->get_objectclasses();
753 $oc = $tmp['organization'];
754 $must_attrs = array();
755 if(preg_match("/MUST/",$oc)){
756 $must = preg_replace("/^.* MUST/","",$oc);
757 $must = preg_replace("/MAY.*$/","",$must);
758 $must = trim(preg_replace("/[\(\)\$]/","",$must));
759 $must_attrs = split(" ",$must);
760 foreach($must_attrs as $key => $attrs){
761 if(empty($attrs)){
762 unset($must_attrs[$key]);
763 }
764 }
765 }
767 /* Root object does not exists try to create it */
768 $ldapadd["objectclass"][0]="top";
769 $ldapadd["objectclass"][1]="organization";
771 /* Try to fill all collected must attributes */
772 $base_parts = preg_split("/,/",$cv['base']);
773 foreach($must_attrs as $attr){
774 foreach($base_parts as $part){
775 if(preg_match("/^".$attr."=/",$part) && !isset($ldapadd[$attr])){
776 $ldapadd[$attr]= preg_replace("/^[^=]*+=/","",$part);
777 }
778 }
779 }
781 /* Add root object */
782 $ldap->cd($cv['base']);
783 $res = $ldap->add($ldapadd);
785 /* If adding failed, tell the user */
786 if(!$res){
787 $this->checks['root']['STATUS'] = FALSE;
788 $this->checks['root']['STATUS_MSG']= _("Failed");
789 $this->checks['root']['ERROR_MSG'] = _("Root object couldn't be created, you should try it on your own.");
790 $this->checks['root']['ERROR_MSG'].= "<input type='submit' name='retry_root_create' value='"._("Try to create root object")."'>";
791 return($res);;
792 }
793 }
794 }
796 /* Create & remove of dummy object was successful */
797 $this->checks['root']['STATUS'] = TRUE;
798 $this->checks['root']['STATUS_MSG']= _("Ok");
799 $this->checks['root']['ERROR_MSG'] = "<input type='submit' name='retry_root' value='"._("Retry")."'>";
800 }
803 /* Return ldif information for a
804 * given attribute array
805 */
806 function array_to_ldif($atts)
807 {
808 $ret = "";
809 unset($atts['count']);
810 unset($atts['dn']);
811 foreach($atts as $name => $value){
812 if(is_numeric($name)) {
813 continue;
814 }
815 if(is_array($value)){
816 unset($value['count']);
817 foreach($value as $a_val){
818 $ret .= $name.": ". $a_val."\n";
819 }
820 }else{
821 $ret .= $name.": ". $value."\n";
822 }
823 }
824 return(preg_replace("/\n$/","",$ret));
825 }
826 }
828 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
829 ?>