1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class aclrole extends acl
24 {
25 /* Definitions */
26 var $plHeadline= "Access control roles";
27 var $plDescription= "Edit AC roles";
29 /* attribute list for save action */
30 var $attributes= array('gosaAclTemplate',"cn","description");
31 var $objectclasses= array('top','gosaRole');
33 /* Helpers */
34 var $dialogState= "head";
35 var $aclType= "";
36 var $aclObject= "";
37 var $aclContents= array();
38 var $target= "group";
39 var $aclTypes= array();
40 var $aclObjects= array();
41 var $recipients= array();
42 var $isContainer= TRUE;
43 var $currentIndex= 0;
44 var $wasNewEntry= FALSE;
45 var $ocMapping= array();
46 var $savedAclContents= array();
47 var $myAclObjects = array();
49 /* Role attributes */
50 var $gosaAclTemplate= "";
51 var $cn = "";
52 var $description = "";
53 var $orig_dn;
54 var $orig_base;
55 var $base ="";
57 function aclrole (&$config, $dn= NULL)
58 {
59 /* Include config object */
60 plugin::plugin($config, $dn);
62 if($this->dn == "new"){
63 $this->base = session::get('CurrentMainBase');
64 }else{
65 $this->base = preg_replace("/^[^,]+,[^,]+,/","",$this->dn);
66 new log("view","acl/".get_class($this),$this->dn);
67 }
69 /* Load ACL's */
70 $this->gosaAclTemplate= array();
71 if (isset($this->attrs["gosaAclTemplate"])){
72 for ($i= 0; $i<$this->attrs["gosaAclTemplate"]['count']; $i++){
73 $acl= $this->attrs["gosaAclTemplate"][$i];
74 $this->gosaAclTemplate= array_merge($this->gosaAclTemplate, $this->explodeACL($acl));
75 }
76 }
77 ksort($this->gosaAclTemplate);
79 /* Extract available categories from plugin info list */
80 $tmp= session::get('plist');
81 $plist= $tmp->info;
82 $oc = array();
83 foreach ($plist as $class => $acls){
85 /* Only feed categories */
86 if (isset($acls['plCategory'])){
88 /* Walk through supplied list and feed only translated categories */
89 foreach($acls['plCategory'] as $idx => $data){
91 /* Non numeric index means -> base object containing more informations */
92 if (preg_match('/^[0-9]+$/', $idx)){
93 if (!isset($this->ocMapping[$data])){
94 $this->ocMapping[$data]= array();
95 $this->ocMapping[$data][]= '0';
96 }
97 $this->ocMapping[$data][]= $class;
98 } else {
99 if (!isset($this->ocMapping[$idx])){
100 $this->ocMapping[$idx]= array();
101 $this->ocMapping[$idx][]= '0';
102 }
103 $this->ocMapping[$idx][]= $class;
104 $this->aclObjects[$idx]= $data['description'];
106 /* Additionally filter the classes we're interested in in "self edit" mode */
107 if (is_array($data['objectClass'])){
108 foreach($data['objectClass'] as $objectClass){
109 if (in_array_ics($objectClass, $oc)){
110 $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription'];
111 break;
112 }
113 }
114 } else {
115 if (in_array_ics($data['objectClass'], $oc)){
116 $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription'];
117 }
118 }
119 }
121 }
122 }
123 }
124 $this->aclObjects['all']= '* '._("All categories");
125 $this->ocMapping['all']= array('0' => 'all');
127 /* Sort categories */
128 asort($this->aclObjects);
130 /* Fill acl types */
131 $this->aclTypes= array( "reset" => _("Reset ACL"),
132 "one" => _("One level"),
133 "base" => _("Current object"),
134 "sub" => _("Complete subtree"),
135 "psub" => _("Complete subtree (permanent)"));
136 asort($this->aclTypes);
138 /* Finally - we want to get saved... */
139 $this->is_account= TRUE;
140 $this->orig_base = $this->base;
141 $this->orig_dn = $this->dn;
142 }
145 function execute()
146 {
147 /* Call parent execute */
148 plugin::execute();
150 /* Base select dialog */
151 $once = true;
152 foreach($_POST as $name => $value){
153 if((preg_match("/^chooseBase/",$name) && $once) && ($this->acl_is_moveable())){
154 $once = false;
155 $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
156 $this->dialog->setCurrentBase($this->base);
157 }
158 }
160 /* Dialog handling */
161 if(is_object($this->dialog)){
162 /* Must be called before save_object */
163 $this->dialog->save_object();
165 if($this->dialog->isClosed()){
166 $this->dialog = false;
167 }elseif($this->dialog->isSelected()){
169 /* Check if selected base is valid */
170 $tmp = $this->get_allowed_bases();
171 if(isset($tmp[$this->dialog->isSelected()])){
172 $this->base = $this->dialog->isSelected();
173 }
174 $this->dialog= false;
175 }else{
176 return($this->dialog->execute());
177 }
178 }
180 $tmp= session::get('plist');
181 $plist= $tmp->info;
183 /* Handle posts */
184 if (isset($_POST['new_acl']) && $this->acl_is_writeable("gosaAclEntry")){
185 $this->dialogState= 'create';
186 $this->dialog= TRUE;
187 $this->currentIndex= count($this->gosaAclTemplate);
188 $this->loadAclEntry(TRUE);
189 }
191 $new_acl= array();
192 $aclDialog= FALSE;
193 $firstedit= FALSE;
194 foreach($_POST as $name => $post){
196 /* Actions... */
197 if (preg_match('/^acl_edit_.*_x/', $name)){
198 $this->dialogState= 'create';
199 $firstedit= TRUE;
200 $this->dialog= TRUE;
201 $this->currentIndex= preg_replace('/^acl_edit_([0-9]+).*$/', '\1', $name);
202 $this->loadAclEntry();
203 continue;
204 }
205 if (preg_match('/^cat_edit_.*_x/', $name)){
206 $this->aclObject= preg_replace('/^cat_edit_([^_]+)_.*$/', '\1', $name);
207 $this->dialogState= 'edit';
208 foreach ($this->ocMapping[$this->aclObject] as $oc){
209 if (isset($this->aclContents[$oc])){
210 $this->savedAclContents[$oc]= $this->aclContents[$oc];
211 }
212 }
213 continue;
214 }
216 if(!$this->acl_is_writeable("gosaAclEntry")){
217 continue;
218 }
220 if (preg_match('/^acl_del_.*_x/', $name) && $this->acl_is_writeable("gosaAclEntry")){
221 unset($this->gosaAclTemplate[preg_replace('/^acl_del_([0-9]+).*$/', '\1', $name)]);
222 continue;
223 }
225 if (preg_match('/^cat_del_.*_x/', $name) && $this->acl_is_writeable("gosaAclEntry")){
226 $idx= preg_replace('/^cat_del_([^_]+)_.*$/', '\1', $name);
227 foreach ($this->ocMapping[$idx] as $key){
228 unset($this->aclContents["$idx/$key"]);
229 }
230 continue;
231 }
233 /* Sorting... */
234 if (preg_match('/^sortup_.*_x/', $name) && $this->acl_is_writeable("gosaAclEntry")){
235 $index= preg_replace('/^sortup_([0-9]+).*$/', '\1', $name);
236 if ($index > 0){
237 $tmp= $this->gosaAclTemplate[$index];
238 $this->gosaAclTemplate[$index]= $this->gosaAclTemplate[$index-1];
239 $this->gosaAclTemplate[$index-1]= $tmp;
240 }
241 continue;
242 }
243 if (preg_match('/^sortdown_.*_x/', $name) && $this->acl_is_writeable("gosaAclEntry")){
244 $index= preg_replace('/^sortdown_([0-9]+).*$/', '\1', $name);
245 if ($index < count($this->gosaAclTemplate)-1){
246 $tmp= $this->gosaAclTemplate[$index];
247 $this->gosaAclTemplate[$index]= $this->gosaAclTemplate[$index+1];
248 $this->gosaAclTemplate[$index+1]= $tmp;
249 }
250 continue;
251 }
253 /* ACL saving... */
254 if (preg_match('/^acl_.*_[^xy]$/', $name) && $this->acl_is_writeable("gosaAclEntry")){
255 list($dummy, $object, $attribute, $value)= split('_', $name);
257 /* Skip for detection entry */
258 if ($object == 'dummy') {
259 continue;
260 }
262 /* Ordinary ACL */
263 if (!isset($new_acl[$object])){
264 $new_acl[$object]= array();
265 }
266 if (isset($new_acl[$object][$attribute])){
267 $new_acl[$object][$attribute].= $value;
268 } else {
269 $new_acl[$object][$attribute]= $value;
270 }
271 }
272 }
274 if(isset($_POST['acl_dummy_0_0_0'])){
275 $aclDialog= TRUE;
276 }
278 /* Only be interested in new acl's, if we're in the right _POST place */
279 if ($aclDialog && $this->aclObject != "" && is_array($this->ocMapping[$this->aclObject])){
281 foreach ($this->ocMapping[$this->aclObject] as $oc){
282 unset($this->aclContents[$oc]);
283 unset($this->aclContents[$this->aclObject.'/'.$oc]);
284 if (isset($new_acl[$oc])){
285 $this->aclContents[$oc]= $new_acl[$oc];
286 }
287 if (isset($new_acl[$this->aclObject.'/'.$oc])){
288 $this->aclContents[$this->aclObject.'/'.$oc]= $new_acl[$this->aclObject.'/'.$oc];
289 }
290 }
291 }
293 /* Save new acl in case of base edit mode */
294 if (1 == 0 && $this->aclType == 'base' && !$firstedit){
295 $this->aclContents= $new_acl;
296 }
298 /* Cancel new acl? */
299 if (isset($_POST['cancel_new_acl'])){
300 $this->dialogState= 'head';
301 $this->dialog= FALSE;
302 if ($this->wasNewEntry){
303 unset ($this->gosaAclTemplate[$this->currentIndex]);
304 }
305 }
307 /* Store ACL in main object? */
308 if (isset($_POST['submit_new_acl']) && $this->acl_is_writeable("gosaAclEntry")){
309 $this->gosaAclTemplate[$this->currentIndex]['type']= $this->aclType;
310 $this->gosaAclTemplate[$this->currentIndex]['members']= $this->recipients;
311 $this->gosaAclTemplate[$this->currentIndex]['acl']= $this->aclContents;
312 $this->dialogState= 'head';
313 $this->dialog= FALSE;
314 }
316 /* Cancel edit acl? */
317 if (isset($_POST['cancel_edit_acl'])){
318 $this->dialogState= 'create';
319 foreach ($this->ocMapping[$this->aclObject] as $oc){
320 if (isset($this->savedAclContents[$oc])){
321 $this->aclContents[$oc]= $this->savedAclContents[$oc];
322 }
323 }
324 }
326 /* Save edit acl? */
327 if (isset($_POST['submit_edit_acl']) && $this->acl_is_writeable("gosaAclEntry")){
328 $this->dialogState= 'create';
329 }
331 /* Add acl? */
332 if (isset($_POST['add_acl']) && $_POST['aclObject'] != "" && $this->acl_is_writeable("gosaAclEntry")){
333 $this->dialogState= 'edit';
334 $this->savedAclContents= array();
335 foreach ($this->ocMapping[$this->aclObject] as $oc){
336 if (isset($this->aclContents[$oc])){
337 $this->savedAclContents[$oc]= $this->aclContents[$oc];
338 }
339 }
340 }
342 /* Save common values */
343 foreach (array("aclType", "aclObject", "target") as $key){
344 if (isset($_POST[$key]) && $this->acl_is_writeable("gosaAclEntry")){
345 $this->$key= validate($_POST[$key]);
346 }
347 }
349 /* Create templating instance */
350 $smarty= get_smarty();
352 $smarty->assign("bases", $this->get_allowed_bases());
353 $smarty->assign("base_select", $this->base);
355 $tmp = $this->plInfo();
356 foreach($tmp['plProvidedAcls'] as $name => $translation){
357 $smarty->assign($name."ACL",$this->getacl($name));
358 }
360 if ($this->dialogState == 'head'){
361 /* Draw list */
362 $aclList= new divSelectBox("aclList");
363 $aclList->SetHeight(350);
365 /* Fill in entries */
366 foreach ($this->gosaAclTemplate as $key => $entry){
367 $field1= array("string" => $this->aclTypes[$entry['type']], "attach" => "style='width:100px'");
368 $field2= array("string" => $this->assembleAclSummary($entry));
370 $action ="";
371 if($this->acl_is_writeable("gosaAclEntry")){
372 $action.= "<input type='image' name='sortup_$key' alt='up'
373 title='"._("Up")."' src='images/lists/sort-up.png' align='top'>";
374 $action.= "<input type='image' name='sortdown_$key' alt='down'
375 title='"._("Down")."' src='images/lists/sort-down.png'>";
376 }
377 if($this->acl_is_readable("gosaAclEntry")){
378 $action.= "<input class='center' type='image' src='images/lists/edit.png' alt='"._("Edit")."' name='acl_edit_$key'
379 title='".msgPool::editButton(_("ACL"))."'>";
380 }
381 if($this->acl_is_writeable("gosaAclEntry")){
382 $action.= "<input class='center' type='image' src='images/lists/trash.png' alt='"._("Delete")."' name='acl_del_$key'
383 title='".msgPool::delButton(_("ACL"))."'>";
384 }
386 $field3= array("string" => $action, "attach" => "style='border-right:0px;width:50px;text-align:right;'");
387 $aclList->AddEntry(array($field1, $field2, $field3));
388 }
390 $smarty->assign("aclList", $aclList->DrawList());
391 }
393 if ($this->dialogState == 'create'){
394 /* Draw list */
395 $aclList= new divSelectBox("aclList");
396 $aclList->SetHeight(450);
398 /* Add settings for all categories to the (permanent) list */
399 foreach ($this->aclObjects as $section => $dsc){
400 $summary= "";
401 foreach($this->ocMapping[$section] as $oc){
402 if (isset($this->aclContents[$oc]) && count($this->aclContents[$oc]) && isset($this->aclContents[$oc][0]) &&
403 $this->aclContents[$oc][0] != ""){
405 $summary.= "$oc, ";
406 continue;
407 }
408 if (isset($this->aclContents["$section/$oc"]) && count($this->aclContents["$section/$oc"]) && isset($this->aclContents["$section/$oc"][0]) &&
409 $this->aclContents["$section/$oc"][0] != ""){
411 $summary.= "$oc, ";
412 continue;
413 }
414 if (isset($this->aclContents[$oc]) && !isset($this->aclContents[$oc][0]) && count($this->aclContents[$oc])){
415 $summary.= "$oc, ";
416 }
417 }
419 /* Set summary... */
420 if ($summary == ""){
421 $summary= '<i>'._("No ACL settings for this category").'</i>';
422 } else {
423 $summary= sprintf(_("ACL for these objects: %s"), preg_replace('/, $/', '', $summary));
424 }
426 $action = "";
427 if($this->acl_is_readable("gosaAclEntry")){
428 $action.= "<input class='center' type='image' src='images/lists/edit.png'
429 alt='"._("Edit")."' name='cat_edit_$section' title='"._("Edit category ACL")."'>";
430 }
431 if($this->acl_is_writeable("gosaAclEntry")){
432 $action.= "<input class='center' type='image' src='images/lists/trash.png'
433 alt='"._("Delete")."' name='cat_del_$section' title='"._("Reset category ACL")."'>";
434 }
436 $field1= array("string" => $dsc, "attach" => "style='width:140px'");
437 $field2= array("string" => $summary);
438 $field3= array("string" => $action, "attach" => "style='border-right:0px;width:50px'");
439 $aclList->AddEntry(array($field1, $field2, $field3));
440 }
442 $smarty->assign("aclList", $aclList->DrawList());
443 $smarty->assign("aclType", $this->aclType);
444 $smarty->assign("aclTypes", $this->aclTypes);
445 $smarty->assign("target", $this->target);
447 if ($this->aclType == 'base'){
448 $smarty->assign('aclSelector', $this->buildAclSelector($this->myAclObjects));
449 }
450 }
452 if ($this->dialogState == 'edit'){
453 $smarty->assign('headline', sprintf(_("Edit ACL for '%s', scope is '%s'"), $this->aclObjects[$this->aclObject], $this->aclTypes[$this->aclType]));
455 /* Collect objects for selected category */
456 foreach ($this->ocMapping[$this->aclObject] as $idx => $class){
457 if ($idx == 0){
458 continue;
459 }
460 $aclObjects[$this->aclObject.'/'.$class]= $plist[$class]['plDescription'];
461 }
462 if ($this->aclObject == 'all'){
463 $aclObjects['all']= _("All objects in current subtree");
464 }
465 $smarty->assign('aclSelector', $this->buildAclSelector($aclObjects));
466 }
468 /* Show main page */
469 $smarty->assign("dialogState", $this->dialogState);
471 /* Assign cn and decription if this is a role */
472 foreach(array("cn","description") as $name){
473 $smarty->assign($name,$this->$name);
474 }
475 return ($smarty->fetch (get_template_path('acl_role.tpl',dirname(__FILE__))));
476 }
478 function sort_by_priority($list)
479 {
480 $tmp= session::get('plist');
481 $plist= $tmp->info;
482 asort($plist);
483 $newSort = array();
485 foreach($list as $name => $translation){
486 $na = preg_replace("/^.*\//","",$name);
487 if (!isset($plist[$na]['plPriority'])){
488 $prio= 0;
489 } else {
490 $prio= $plist[$na]['plPriority'] ;
491 }
493 $newSort[$name] = $prio;
494 }
496 asort($newSort);
498 $ret = array();
499 foreach($newSort as $name => $prio){
500 $ret[$name] = $list[$name];
501 }
502 return($ret);
503 }
505 function loadAclEntry($new= FALSE)
506 {
507 /* New entry gets presets... */
508 if ($new){
509 $this->aclType= 'sub';
510 $this->recipients= array();
511 $this->aclContents= array();
512 } else {
513 $acl= $this->gosaAclTemplate[$this->currentIndex];
514 $this->aclType= $acl['type'];
515 $this->recipients= $acl['members'];
516 $this->aclContents= $acl['acl'];
517 }
519 $this->wasNewEntry= $new;
520 }
523 function aclPostHandler()
524 {
525 if (isset($_POST['save_acl']) && $this->acl_is_writeable("gosaAclEntry")){
526 $this->save();
527 return TRUE;
528 }
530 return FALSE;
531 }
534 function save()
535 {
536 /* Assemble ACL's */
537 $tmp_acl= array();
538 foreach ($this->gosaAclTemplate as $prio => $entry){
539 $final= "";
540 $members= "";
541 if (isset($entry['members'])){
542 foreach ($entry['members'] as $key => $dummy){
543 $members.= base64_encode(preg_replace('/^.:/', '', $key)).',';
544 }
545 }
546 $final= $prio.":".$entry['type'].":".preg_replace('/,$/', '', $members);
548 /* ACL's if needed */
549 if ($entry['type'] != "reset" && $entry['type'] != "role"){
550 $acl= ":";
551 if (isset($entry['acl'])){
552 foreach ($entry['acl'] as $object => $contents){
554 /* Only save, if we've some contents in there... */
555 if (count($contents)){
556 $acl.= $object.";";
558 foreach($contents as $attr => $permission){
560 /* First entry? Its the one for global settings... */
561 if ($attr == '0'){
562 $acl.= $permission;
563 } else {
564 $acl.= '#'.$attr.';'.$permission;
565 }
567 }
568 $acl.= ',';
569 }
571 }
572 }
573 $final.= preg_replace('/,$/', '', $acl);
574 }
576 $tmp_acl[]= $final;
577 }
579 /* Call main method */
580 plugin::save();
582 /* Finally (re-)assign it... */
583 $this->attrs["gosaAclTemplate"]= $tmp_acl;
585 /* Remove acl from this entry if it is empty... */
586 if (!count($tmp_acl)){
587 /* Remove attribute */
588 if ($this->initially_was_account){
589 $this->attrs["gosaAclTempalte"]= array();
590 } else {
591 if (isset($this->attrs["gosaAclTemplate"])){
592 unset($this->attrs["gosaAclTemplate"]);
593 }
594 }
595 }
597 /* Do LDAP modifications */
598 $ldap= $this->config->get_ldap_link();
600 /* Check if object already exists */
601 $ldap->cat($this->dn);
602 if($ldap->count()){
603 $ldap->cd($this->dn);
604 $this->cleanup();
605 $ldap->modify ($this->attrs);
606 new log("modify","acl/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
607 }else{
608 $ldap->cd($this->config->current['BASE']);
609 $ldap->create_missing_trees(preg_replace("/^[^,]+,/","",$this->dn));
610 $ldap->cd($this->dn);
611 $ldap->add($this->attrs);
612 new log("create","acl/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
613 }
615 if (!$ldap->success()){
616 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, "", get_class()));
617 }
619 /* Refresh users ACL */
620 $ui= get_userinfo();
621 $ui->loadACL();
622 session::set('ui',$ui);
623 }
626 function remove_from_parent()
627 {
628 $ldap = $this->config->get_ldap_link();
629 $serach_for = "*:role:".base64_encode($this->dn).":*";
630 $ldap->search ("(&(objectClass=gosaACL)(gosaAclEntry=".$serach_for."))",array('dn','cn','sn','givenName','uid'));
631 $all_names = "";
634 $cnt = 3;
635 while(($attrs = $ldap->fetch()) && $cnt){
636 $name = $attrs['dn'];
637 $name = preg_replace("/[ ]/"," ",$name);
638 $name = "<i>'".$name."'</i>";
639 $all_names .= $name.", ";
640 $cnt --;
641 }
643 if(!empty($all_names)){
644 $all_names = preg_replace("/, $/","",$all_names);
645 if(!$cnt){
646 $all_names .= ", ...";
647 }
648 $all_names = "<span style='text-align:left;'>".$all_names."</span>";
649 msg_dialog::display(_("Object in use"), sprintf(_("This role cannot be removed while it is in use by these objects:")."<br><br>%s", $all_names), WARNING_DIALOG);
650 return;
651 }
653 $ldap->rmDir($this->dn);
654 new log("remove","acl/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
655 if (!$ldap->success()){
656 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, "", get_class()));
657 }
659 /* Optionally execute a command after we're done */
660 $this->handle_post_events("remove");
662 /* Delete references to object groups */
663 $ldap->cd ($this->config->current['BASE']);
664 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".LDAP::prepare4filter($this->dn)."))", array("cn"));
665 while ($ldap->fetch()){
666 $og= new ogroup($this->config, $ldap->getDN());
667 unset($og->member[$this->dn]);
668 $og->save ();
669 if (!$ldap->success()){
670 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $og->dn, "", get_class()));
671 }
672 }
673 }
676 function save_object()
677 {
678 plugin::save_object();
679 if(isset($_POST['acl_role_posted'])){
681 /* Get base selection */
682 if(isset($_POST['base'])){
683 $tmp = $this->get_allowed_bases();
684 if(isset($tmp[$_POST['base']])){
685 $this->base = $_POST['base'];
686 }
687 }
688 }
689 }
692 function saveCopyDialog()
693 {
694 if(isset($_POST['cn'])){
695 $this->cn = $_POST['cn'];
696 }
697 }
700 function getCopyDialog()
701 {
702 $smarty = get_smarty();
703 $smarty->assign("cn",$this->cn);
704 $str = $smarty->fetch(get_template_path("paste_role.tpl",TRUE,dirname(__FILE__)));
705 $ret = array();
706 $ret['string'] = $str;
707 $ret['status'] = "";
708 return($ret);
709 }
712 function PrepareForCopyPaste($source)
713 {
714 plugin::PrepareForCopyPaste($source);
716 $source_o = new aclrole($this->config,$source['dn']);
717 $this->gosaAclTemplate = $source_o->gosaAclTemplate;
718 }
721 /* Return plugin informations for acl handling */
722 static function plInfo()
723 {
724 return (array(
725 "plShortName" => _("Role"),
726 "plDescription" => _("Access control roles"),
727 "plSelfModify" => FALSE,
728 "plDepends" => array(),
729 "plPriority" => 0,
730 "plSection" => array("administration"),
731 "plCategory" => array("acl"),
732 "plProvidedAcls" => array(
733 "cn" => _("Name"),
734 "base" => _("Base"),
735 "description" => _("Description"),
736 "gosaAclEntry" => _("Permissions"))
737 ));
738 }
740 function check()
741 {
742 $message = plugin::check();
744 if(empty($this->cn)){
745 $message[] = msgPool::required(_("Name"));
746 }
748 if(!count($this->gosaAclTemplate)){
749 $message[] = msgPool::required(_("ACL"));
750 }
752 /* Check if we are allowed to create or move this object
753 */
754 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
755 $message[] = msgPool::permCreate();
756 }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
757 $message[] = msgPool::permMove();
758 }
760 return($message);
761 }
763 }
765 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
766 ?>