1 <?php
3 /*
4 This code is part of GOsa (https://gosa.gonicus.de)
5 Copyright (C) 2007 Fabian Hickert
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
23 class Step_Migrate extends setup_step
24 {
25 var $languages = array();
26 var $attributes = array();
27 var $header_image = "images/monitoring.png";
28 var $checks = array();
30 /* Department migration attributes */
31 var $dep_migration_dialog = FALSE;
32 var $deps_to_migrate = array();
34 /* Department migration attributes */
35 var $users_migration_dialog= FALSE;
36 var $users_to_migrate = array();
38 function Step_Migrate()
39 {
40 $this->update_strings();
41 $this->initialize_checks();
42 }
44 function update_strings()
45 {
46 $this->s_title = _("LDAP inspection");
47 $this->s_title_long = _("LDAP inspection");
48 $this->s_info = _("Analyze your current LDAP for GOsa compatibility");
49 }
51 function initialize_checks()
52 {
53 $this->checks = array();
54 $this->checks['permissions']['TITLE'] = _("Checking permissions on ldap database");
55 $this->checks['permissions']['STATUS'] = FALSE;
56 $this->checks['permissions']['STATUS_MSG']= "";
57 $this->checks['permissions']['ERROR_MSG'] = "";
58 $this->check_ldap_permissions();
60 $this->checks['deps_visible']['TITLE'] = _("Checking for invisible deparmtments");
61 $this->checks['deps_visible']['STATUS'] = FALSE;
62 $this->checks['deps_visible']['STATUS_MSG']= "";
63 $this->checks['deps_visible']['ERROR_MSG'] = "";
64 $this->check_visible_organizationalUnits();
66 $this->checks['users_visible']['TITLE'] = _("Checking for invisible user");
67 $this->checks['users_visible']['STATUS'] = FALSE;
68 $this->checks['users_visible']['STATUS_MSG']= "";
69 $this->checks['users_visible']['ERROR_MSG'] = "";
70 $this->check_visible_gosaAccounts();
71 }
74 /* Check ldap accessibility
75 * Create and remove a dummy object,
76 * to ensure that we have the necessary permissions
77 */
78 function check_ldap_permissions()
79 {
80 $cv = $this->parent->captured_values;
81 $ldap = new LDAP($cv['admin'],
82 $cv['password'],
83 $cv['connection'],
84 FALSE,
85 $cv['tls']);
86 $name = "GOsa_setup_text_entry_".session_id().rand(0,999999);
87 $dn = "ou=".$name.",".$cv['base'];
88 $testEntry= array();
89 $testEntry['objectClass'][]= "top";
90 $testEntry['objectClass'][]= "organizationalUnit";
91 $testEntry['objectClass'][]= "gosaDepartment";
92 $testEntry['description']= "Created by GOsa setup, this object can be removed.";
93 $testEntry['ou'] = $name;
95 $ldap->cd ($dn);
96 $res = $ldap->add($testEntry);
97 if(!$res){
98 $this->checks['permissions']['STATUS'] = FALSE;
99 $this->checks['permissions']['STATUS_MSG']= _("Failed");
100 $this->checks['permissions']['ERROR_MSG'] =
101 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
102 $this->checks['permissions']['ERROR_MSG'].=
103 "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
104 return(false);
105 }
107 $res = $ldap->rmDir($dn);
108 if(!$res){
109 $this->checks['permissions']['STATUS'] = FALSE;
110 $this->checks['permissions']['STATUS_MSG']= _("Failed");
111 $this->checks['permissions']['ERROR_MSG'] =
112 sprintf(_("The specified user '%s' does not have full access to your ldap database."),$cv['admin']);
113 $this->checks['permissions']['ERROR_MSG'].=
114 "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
115 return(false);
116 }
118 $this->checks['permissions']['STATUS'] = TRUE;
119 $this->checks['permissions']['STATUS_MSG']= _("Ok");
120 $this->checks['permissions']['ERROR_MSG'] = "<input type='submit' name='retry_permissions' value='"._("Retry")."'>";
121 return(true);
122 }
126 function check_visible_gosaAccounts()
127 {
128 $old = $this->users_to_migrate;
129 $this->users_to_migrate = array();
130 $cnt_ok = 0;
132 /* Get collected configuration settings */
133 $cv = $this->parent->captured_values;
135 /* Establish ldap connection */
136 $ldap = new LDAP($cv['admin'],
137 $cv['password'],
138 $cv['connection'],
139 FALSE,
140 $cv['tls']);
142 /* Get all invisible departments */
143 $ldap->cd($cv['base']);
144 $ldap->search("(&(|(objectClass=posixAccount)(objectClass=inetOrgPerson)(objectClass=organizationalPerson))(!(objectClass=gosaAccount)))",array("sn","givenName","cn","uid"));
145 while($attrs = $ldap->fetch()){
147 if(!preg_match("/,dc=addressbook,/",$attrs['dn'])){
149 $attrs['checked'] = FALSE;
150 $attrs['before'] = "";
151 $attrs['after'] = "";
153 /* Set objects to selected, that were selected before reload */
154 if(isset($old[base64_encode($attrs['dn'])])){
155 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
156 }
157 $this->users_to_migrate[base64_encode($attrs['dn'])] = $attrs;
158 }
159 }
161 /* No invisible */
162 if(count($this->users_to_migrate) == 0){
163 $this->checks['users_visible']['STATUS'] = TRUE;
164 $this->checks['users_visible']['STATUS_MSG']= _("Ok");
165 $this->checks['users_visible']['ERROR_MSG'] = "";
166 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate_refresh' value='"._("Retry")."'>";
167 }else{
168 $this->checks['users_visible']['STATUS'] = FALSE;
169 $this->checks['users_visible']['STATUS_MSG']= "";
170 $this->checks['users_visible']['ERROR_MSG'] = sprintf(_("Found %s users that will not be visible in GOsa."),
171 count($this->users_to_migrate));
172 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate' value='"._("Migrate")."'>";
173 $this->checks['users_visible']['ERROR_MSG'] .= "<input type='submit' name='users_visible_migrate_refresh' value='"._("Reload list"). "'>";
174 }
176 }
178 /* Start deparmtment migration */
179 function migrate_gosaAccounts($only_ldif = FALSE)
180 {
181 /* Get collected configuration settings */
182 $cv = $this->parent->captured_values;
184 /* Establish ldap connection */
185 $ldap = new LDAP($cv['admin'],
186 $cv['password'],
187 $cv['connection'],
188 FALSE,
189 $cv['tls']);
191 foreach($this->users_to_migrate as $key => $dep){
192 if($dep['checked']){
194 $ldap->cat($dep['dn'],array("objectClass"));
195 $attrs = $ldap->fetch();
196 $new_attrs = array();
198 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
199 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
200 }
201 $new_attrs['objectClass'][] = "gosaAccount";
203 if($only_ldif){
204 $this->users_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
205 $this->users_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
206 }else{
207 $ldap->cd($attrs['dn']);
208 if(!$ldap->modify($new_attrs)){
209 print_red(sprintf(_("Failed to migrate the department '%s' into GOsa, error message is as follows '%s'."),$attrs['dn'],$ldap->get_error()));
210 return(false);
211 }
212 }
213 }
214 }
215 return(TRUE);
216 }
219 function check_visible_organizationalUnits()
220 {
221 $old = $this->deps_to_migrate;
222 $this->deps_to_migrate = array();
223 $cnt_ok = 0;
225 /* Get collected configuration settings */
226 $cv = $this->parent->captured_values;
228 /* Establish ldap connection */
229 $ldap = new LDAP($cv['admin'],
230 $cv['password'],
231 $cv['connection'],
232 FALSE,
233 $cv['tls']);
235 /* Skip GOsa internal departments */
236 $skip_dns = array("/^ou=people,/","/^ou=groups,/","/(,|)ou=configs,/","/(,|)ou=systems,/",
237 "/^ou=apps,/","/^ou=mime,/","/^ou=aclroles,/","/^ou=incoming,/",
238 "/ou=snapshots,/","/(,|)dc=addressbook,/","/^(,|)ou=machineaccounts,/",
239 "/(,|)ou=winstations,/");
242 /* Get all invisible departments */
243 $ldap->cd($cv['base']);
244 $ldap->search("(&(objectClass=organizationalUnit)(!(objectClass=gosaDepartment)))",array("ou","description","dn"));
245 while($attrs = $ldap->fetch()){
246 $attrs['checked'] = FALSE;
247 $attrs['before'] = "";
248 $attrs['after'] = "";
250 /* Set objects to selected, that were selected before reload */
251 if(isset($old[base64_encode($attrs['dn'])])){
252 $attrs['checked'] = $old[base64_encode($attrs['dn'])]['checked'];
253 }
254 $this->deps_to_migrate[base64_encode($attrs['dn'])] = $attrs;
255 }
257 /* Filter returned list of departments */
258 foreach($this->deps_to_migrate as $key => $attrs){
259 $dn = $attrs['dn'];
260 $skip = false;
261 foreach($skip_dns as $skip_dn){
262 if(preg_match($skip_dn,$dn)){
263 $skip = true;
264 }
265 }
266 if($skip){
267 unset($this->deps_to_migrate[$key]);
268 }
269 }
271 /* No invisible */
272 if(count($this->deps_to_migrate) == 0){
273 $this->checks['deps_visible']['STATUS'] = TRUE;
274 $this->checks['deps_visible']['STATUS_MSG']= _("Ok");
275 $this->checks['deps_visible']['ERROR_MSG'] = "";
276 $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate_refresh' value='"._("Retry")."'>";
277 }else{
278 $this->checks['deps_visible']['STATUS'] = FALSE;
279 $this->checks['deps_visible']['STATUS_MSG']= "";//sprintf(_("%s entries found"),count($this->deps_to_migrate));
280 $this->checks['deps_visible']['ERROR_MSG'] = sprintf(_("Found %s departments that will not be visible in GOsa."),count($this->deps_to_migrate));
281 $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate' value='"._("Migrate")."'>";
282 $this->checks['deps_visible']['ERROR_MSG'] .= "<input type='submit' name='deps_visible_migrate_refresh' value='"._("Reload list")."'>";
283 }
285 }
289 /* Start deparmtment migration */
290 function migrate_organizationalUnits($only_ldif = FALSE)
291 {
292 /* Get collected configuration settings */
293 $cv = $this->parent->captured_values;
295 /* Establish ldap connection */
296 $ldap = new LDAP($cv['admin'],
297 $cv['password'],
298 $cv['connection'],
299 FALSE,
300 $cv['tls']);
302 foreach($this->deps_to_migrate as $key => $dep){
303 if($dep['checked']){
305 $ldap->cat($dep['dn'],array("objectClass","description"));
306 $attrs = $ldap->fetch();
307 $new_attrs = array();
309 for($i = 0 ; $i < $attrs['objectClass']['count']; $i ++ ){
310 $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
311 }
312 $new_attrs['objectClass'][] = "gosaDepartment";
314 if(!isset($attrs['description'])){
315 $new_attrs['description'][] = "GOsa department";
316 }
320 if($only_ldif){
321 $this->deps_to_migrate[$key]['before'] = $this->array_to_ldif($attrs);
322 $this->deps_to_migrate[$key]['after'] = $this->array_to_ldif($new_attrs);
323 }else{
324 $ldap->cd($attrs['dn']);
325 if(!$ldap->modify($new_attrs)){
326 print_red(sprintf(_("Failed to migrate the department '%s' into GOsa, error message is as follows '%s'."),$attrs['dn'],$ldap->get_error()));
327 return(false);
328 }
329 }
330 }
331 }
332 return(TRUE);
333 }
337 function execute()
338 {
339 /* Permission check */
340 $this->check_ldap_permissions();
342 /* User Migration
343 */
345 /* Refresh list of deparments */
346 if(isset($_POST['users_visible_migrate_refresh'])){
347 $this->check_visible_gosaAccounts();
348 }
350 /* Open migration dialog */
351 if(isset($_POST['users_visible_migrate'])){
352 $this->users_migration_dialog = TRUE;
353 $this->dialog =TRUE;
354 }
356 /* Close migration dialog */
357 if(isset($_POST['users_visible_migrate_close'])){
358 $this->users_migration_dialog = FALSE;
359 $this->dialog =FALSE;
360 }
362 /* Start migration */
363 if(isset($_POST['users_visible_migrate_migrate'])){
364 if($this->migrate_gosaAccounts()){
365 $this->check_visible_gosaAccounts();
366 }
367 }
369 /* Start migration */
370 if(isset($_POST['users_visible_migrate_whatsdone'])){
371 $this->migrate_gosaAccounts(TRUE);
372 }
374 /* Display migration dialog */
375 if($this->users_migration_dialog){
376 $smarty = get_smarty();
377 $smarty->assign("users_to_migrate",$this->users_to_migrate);
378 $smarty->assign("method","migrate_users");
379 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
380 }
383 /* Department migration options
384 */
386 /* Refresh list of deparments */
387 if(isset($_POST['deps_visible_migrate_refresh'])){
388 $this->check_visible_organizationalUnits();
389 }
391 /* Open migration dialog */
392 if(isset($_POST['deps_visible_migrate'])){
393 $this->dep_migration_dialog = TRUE;
394 $this->dialog =TRUE;
395 }
397 /* Close migration dialog */
398 if(isset($_POST['deps_visible_migrate_close'])){
399 $this->dep_migration_dialog = FALSE;
400 $this->dialog =FALSE;
401 }
403 /* Start migration */
404 if(isset($_POST['deps_visible_migrate_migrate'])){
405 if($this->migrate_organizationalUnits()){
406 $this->check_visible_organizationalUnits();
407 }
408 }
410 /* Start migration */
411 if(isset($_POST['deps_visible_migrate_whatsdone'])){
412 $this->migrate_organizationalUnits(TRUE);
413 }
415 /* Display migration dialog */
416 if($this->dep_migration_dialog){
417 $smarty = get_smarty();
418 $smarty->assign("deps_to_migrate",$this->deps_to_migrate);
419 $smarty->assign("method","migrate_deps");
420 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
421 }
423 $smarty = get_smarty();
424 $smarty->assign("checks",$this->checks);
425 $smarty->assign("method","default");
426 return($smarty->fetch(get_template_path("setup_migrate.tpl",TRUE,dirname(__FILE__))));
427 }
429 function save_object()
430 {
431 if($this->dep_migration_dialog){
432 foreach($this->deps_to_migrate as $id => $data){
433 if(isset($_POST['migrate_'.$id])){
434 $this->deps_to_migrate[$id]['checked'] = TRUE;
435 }else{
436 $this->deps_to_migrate[$id]['checked'] = FALSE;
437 }
438 }
439 }
440 if($this->users_migration_dialog){
441 foreach($this->users_to_migrate as $id => $data){
442 if(isset($_POST['migrate_'.$id])){
443 $this->users_to_migrate[$id]['checked'] = TRUE;
444 }else{
445 $this->users_to_migrate[$id]['checked'] = FALSE;
446 }
447 }
448 }
450 }
452 function array_to_ldif($atts)
453 {
454 $ret = "";
455 unset($atts['count']);
456 unset($atts['dn']);
457 foreach($atts as $name => $value){
459 if(is_numeric($name)) {
460 continue;
461 }
463 if(is_array($value)){
464 unset($value['count']);
465 foreach($value as $a_val){
466 if(!preg_match('/^[a-z0-9+@#.=, \/ -]+$/i', $a_val)){
467 $ret .= $name.":: ". base64_encode($a_val)."\n";
468 }else{
469 $ret .= $name.": ". $a_val."\n";
470 }
471 }
472 }else{
473 if(!preg_match('/^[a-z0-9+@#.=, \/ -]+$/i', $value)){
474 $ret .= $name.": ". base64_encode($value)."\n";
475 }else{
476 $ret .= $name.": ". $value."\n";
477 }
478 }
479 }
480 return(preg_replace("/\n$/","",$ret));
481 }
483 }
485 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
486 ?>