Code

Followup commit for r13825
[gosa.git] / trunk / gosa-core / plugins / admin / groups / class_groupGeneric.inc
1 <?php
2 /*
3  * This code is part of GOsa (http://www.gosa-project.org)
4  * Copyright (C) 2003-2008 GONICUS GmbH
5  *
6  * ID: $$Id$$
7  *
8  * This program is free software; you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 2 of the License, or
11  * (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program; if not, write to the Free Software
20  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
21  */
23 class group extends plugin
24 {
25   /* Group attributes */
26   var $cn= "";
27   var $description= "";
28   var $gidNumber= "";
29   var $memberUid= array();
30   var $memberUid_used_by_some= array();
32   /* Helpers */
33   var $base= "";
34   var $force_gid= FALSE;
35   var $fon_group= FALSE;
36   var $smbgroup= FALSE;
37   var $groupType= FALSE;
38   var $samba3= FALSE;
39   var $sambaSID= "";
40   var $sambaDomainName= "DEFAULT";
41   var $SID= "";
42   var $ridBase= 0;
43   var $members= array();
44   var $users= array();
45   var $member= array();
46   var $allusers= array();
47   var $saved_gidNumber= "";
48   var $oldgroupType= "";
49   var $orig_dn= "";
50   var $orig_cn= "";
51   var $orig_base= "";
52   var $has_mailAccount= FALSE;
53   var $group_dialog= FALSE;
54   var $nagios_group =FALSE;
55   var $sambaGroupType;
56   var $dialog;
57   var $rfc2307bis= FALSE;
58   var $OnlyShowFirstEntries =200;
59   var $dnMapping= array();
60   var $view_logged = FALSE;
61   var $allowGroupsWithSameNameInOtherSubtrees = true;
63   /* Trustmodel/AccessTo 
64    */
65   var $accessTo= array();
66   var $trustModel= "";
67   var $show_ws_dialog = FALSE;
69   /* attribute list for save action */
70   var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID","accessTo","trustModel");
71   var $objectclasses= array("top", "posixGroup");
73   var $CopyPasteVars  = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group");
75   var $multiple_support = TRUE;
77   function group (&$config, $dn= NULL)
78   {
79      /* Set rfc2307bis flag */
80      if ($config->get_cfg_value("rfc2307bis") == "true"){
81        $this->rfc2307bis= TRUE;
82        $this->attributes[]= "member";
83        $this->objectclasses[]= "groupOfNames";
84      }
86     plugin::plugin ($config, $dn);
88     /* Load attributes depending on the samba version */
89     $this->samba3= ($config->get_cfg_value("sambaversion") == 3);
90     $this->orig_dn= $dn;
91     $this->orig_cn= $this->cn;
93     /* Read configuration option for $this->allowGroupsWithSameNameInOtherSubtrees */
94     if ($config->get_cfg_value("allowGroupsWithSameNameInOtherSubtrees") == "false") {
95         $this->allowGroupsWithSameNameInOtherSubtrees = FALSE;
96     }
98     /* Get member list */
99     if (isset($this->attrs['memberUid'][0])){
100       $tmp= array();
101       for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
102         $tmp[$this->attrs['memberUid'][$i]]= $this->attrs['memberUid'][$i];
103       }
104       $this->memberUid= $tmp;
105       ksort ($this->memberUid);
106     }
108     /* Save gidNumber for later use */
109     if (isset($this->attrs['gidNumber'])){
110       $this->saved_gidNumber= $this->attrs['gidNumber'][0];
111     }
113     /* Is a samba group? */
114     if (isset($this->attrs['objectClass'])){
115       if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == FALSE ){
116         $this->smbgroup= FALSE;
117       } else {
118         $this->smbgroup= TRUE;
119         if (isset($this->attrs['sambaSID'])){
120           $this->sambaSID= $this->attrs['sambaSID'][0];
121         }
122       }
123       if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == FALSE ){
124         $this->fon_group= FALSE;
125       } else {
126         $this->fon_group= TRUE;
127       }
128       if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == FALSE ){
129         $this->nagios_group= FALSE;
130       } else {
131         $this->nagios_group= TRUE;
132       }
133     }
135     /* Set mail flag */
136     if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
137       $this->has_mailAccount= TRUE;
138     }
140     /* Get samba Domain in case of samba 3 */
141     if ($this->samba3 && $this->sambaSID != ""){
142       $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
143       $ldap= $this->config->get_ldap_link();
144       $ldap->cd($this->config->current['BASE']);
145       $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
146       if ($ldap->count() != 0){
147         $attrs= $ldap->fetch();
148         if(isset($attrs['sambaAlgorithmicRidBase'])){  
149           $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];  
150         } else {  
151           $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
152         } 
154         /* Get domain name for SID */
155         $this->sambaDomainName= "DEFAULT";
156         foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
157           if ($val['SID'] == $this->SID){
158             $this->sambaDomainName= $key;
159             break;
160           }
161         }
162       } else {
163         if ($this->config->get_cfg_value("sambaRidBase") != ""){
164           $this->sambaDomainName= "DEFAULT";
165           $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
166           $this->SID= $this->config->get_cfg_value("sid");
167         } else {
168           msg_dialog::display(_("Configuration error"), _("Cannot find group SID in your configuration!"), ERROR_DIALOG);
169         }
170       }
172       /* Get group type */
173       $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
174       if ($this->groupType < 500 || $this->groupType > 553){
175         $this->groupType= 0;
176       }
177       $this->oldgroupType= $this->groupType;
179     }
181     /* Get global filter config */
182     if (!session::is_set("gufilter")){
183       $ui= get_userinfo();
184       $base= get_base_from_people($ui->dn);
185       $gufilter= array( "dselect"       => $base,
186           "regex"           => "*");
187       session::set("gufilter", $gufilter);
188     }
189     $gufilter= session::get('gufilter');
190     $gufilter['SubSearchGroup'] = false;
191     session::set('gufilter',$gufilter);
192   
193     if ($this->dn == "new"){
194       if(session::is_set('CurrentMainBase')){
195         $this->base = session::get('CurrentMainBase');
196       }else{
197         $ui= get_userinfo();
198         $this->base= dn2base($ui->dn);
199       }
200     } else {
202       /* Get object base */
203       $this->base =preg_replace ("/^[^,]+,".preg_quote(get_groups_ou(), '/')."/","",$this->dn);
204     }
205     $this->orig_base = $this->base;
207     /* Is this account a trustAccount? */
208     if (isset($this->attrs['trustModel'])){
209       $this->trustModel= $this->attrs['trustModel'][0];
210       $this->was_trust_account= TRUE;
211     } else {
212       $this->was_trust_account= FALSE;
213       $this->trustModel= "";
214     }
216     $this->accessTo = array();
217     if (isset($this->attrs['accessTo'])){
218       for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
219         $tmp= $this->attrs['accessTo'][$i];
220         $this->accessTo[$tmp]= $tmp;
221       }
222     }
224     /* Get global filter config */
225     if (!session::is_set("sysfilter")){
226       $ui= get_userinfo();
227       $base= get_base_from_people($ui->dn);
228       $sysfilter= array( "depselect"       => $base,
229           "regex"           => "*");
230       session::set("sysfilter", $sysfilter);
231     }
233     /* This is always an account */
234     $this->is_account= TRUE;
235     $this->reload(TRUE);
236   }
238   function execute()
239   {
240     /* Call parent execute */
241     plugin::execute();
243     /* Log view */
244     if($this->is_account && !$this->view_logged){
245       $this->view_logged = TRUE;
246       new log("view","groups/".get_class($this),$this->dn);
247     }
249     /* Do we represent a valid group? */
250     if (!$this->is_account && $this->parent === NULL){
251       $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\">&nbsp;<b>".msgPool::noValidExtension()."</b>";
252       return ($display);
253     }
255     /* Delete user from group */
256     if (isset($_POST['del_users']) && isset($_POST['members']) && preg_match("/w/",$this->getacl("memberUid"))){
257       foreach ($_POST['members'] as $value){
258         unset ($this->members["$value"]);
259         $this->removeUser($value);
260       }
261       $this->reload();
262     }
264     /* Add objects? */
265     if (isset($_POST["edit_membership"]) && preg_match("/w/",$this->getacl("memberUid"))){
266       $this->group_dialog= TRUE;
267       $this->dialog= TRUE;
268     }
270     /* Add objects finished? */
271     if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
272       $this->group_dialog= FALSE;
273       $this->dialog= FALSE;
274     }
276     /* Add user to group */
277     if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
278       foreach ($_POST['users'] as $value){
279         $this->members["$value"]= $this->allusers[$value];
280         asort($this->members);
281         $this->addUser($value);
282       }
283       $this->reload();
284     }
286     /* Base select dialog */
287     $once = true;
288     foreach($_POST as $name => $value){
289       if((preg_match("/^chooseBase/",$name) && $once) && $this->acl_is_writeable("base")){
290           
291         $once = false;
292         $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
293         $this->dialog->setCurrentBase($this->base);
294       }
295     }
297     /* Dialog handling */
298     if(is_object($this->dialog)){
299       /* Must be called before save_object */
300       $this->dialog->save_object();
302       if($this->dialog->isClosed()){
303         $this->dialog = false;
304       }elseif($this->dialog->isSelected()){
306         /* Check if selected base is valid */
307         $tmp = $this->get_allowed_bases();
308         if(isset($tmp[$this->dialog->isSelected()])){
309           $this->base = $this->dialog->isSelected();
310         }
311         $this->dialog= false;
312       }else{
313         return($this->dialog->execute());
314       }
315     }
318     /* Add user workstation? */
319     if (isset($_POST["add_ws"])){
320       $this->show_ws_dialog= TRUE;
321       $this->dialog= TRUE;
322     }
324     /* Add user workstation? */
325     if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
326       foreach($_POST['wslist'] as $ws){
327         $this->accessTo[$ws]= $ws;
328       }
329       ksort($this->accessTo);
330       $this->is_modified= TRUE;
331     }
333     /* Remove user workstations? */
334     if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
335       foreach($_POST['workstation_list'] as $name){
336         unset ($this->accessTo[$name]);
337       }
338       $this->is_modified= TRUE;
339     }
341     /* Add user workstation finished? */
342     if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
343       $this->show_ws_dialog= FALSE;
344       $this->dialog= FALSE;
345     }
347     $smarty= get_smarty();
349     /* Show ws dialog */
350     if ($this->show_ws_dialog){
352       /* Save data */
353       $sysfilter= session::get("sysfilter");
354       foreach( array("depselect", "regex") as $type){
355         if (isset($_POST[$type])){
356           $sysfilter[$type]= $_POST[$type];
357         }
358       }
359       if (isset($_GET['search'])){
360         $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
361         if ($s == "**"){
362           $s= "*";
363         }
364         $sysfilter['regex']= $s;
365       }
366       session::set("sysfilter", $sysfilter);
368       /* Get workstation list */
369       $exclude= "";
370       foreach($this->accessTo as $ws){
371         $exclude.= "(cn=$ws)";
372       }
373       if ($exclude != ""){
374         $exclude= "(!(|$exclude))";
375       }
376       $regex= $sysfilter['regex'];
378       /* Search for systems 
379        */
380       $types = array();
381       $types['server']      = array("OU" => get_ou("serverRDN"),     "OC" => "(objectClass=goServer)");
382       $types['workstation'] = array("OU" => get_ou("workstationRDN"),"OC" => "(objectClass=gotoWorkstation)");
383       $types['terminal']    = array("OU" => get_ou("terminalRDN"),   "OC" => "(objectClass=gotoTerminal)");
384       
385       $res = array();
386       foreach($types as $acl => $data){
387         $filter= "(&".$data['OC']."$exclude(cn=$regex))";
388         $res= array_merge($res,get_sub_list($filter,array($acl),$data['OU'],get_ou("systemRDN").$sysfilter['depselect'],
389           array("cn"), GL_SUBSEARCH | GL_SIZELIMIT));
390       }
391       $wslist = array();
392       foreach ($res as $attrs){
393         $wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
394       }
396       asort($wslist);
397       $smarty->assign("search_image", get_template_path('images/lists/search.png'));
398       $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
399       $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
400       $smarty->assign("deplist", $this->config->idepartments);
401       $smarty->assign("alphabet", generate_alphabet());
402       foreach( array("depselect", "regex") as $type){
403         $smarty->assign("$type", $sysfilter[$type]);
404       }
405       $smarty->assign("hint", print_sizelimit_warning());
406       $smarty->assign("wslist", $wslist);
407       $smarty->assign("apply", apply_filter());
408       $display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
409       return ($display);
410     }
412     /* Assign templating stuff */
413     if ($this->samba3){
414       $smarty->assign("samba3", "true");
415     } else {
416       $smarty->assign("samba3", "");
417     }
419     if($this->config->search("nagiosaccount", "CLASS",array('menu'))){
420       $smarty->assign("nagios",true);
421     }else{
422       $smarty->assign("nagios",false);
423     }
424     
425     if($this->config->search("phoneAccount", "CLASS",array('menu'))){
426       $smarty->assign("pickupGroup",true);
427     }else{
428       $smarty->assign("pickupGroup",false);
429     }
431     /* Manage object add dialog */
432     if ($this->group_dialog){
434       /* Save data */
435       $gufilter= session::get("gufilter");
436       foreach( array("dselect", "regex") as $type){
437         if (isset($_POST[$type])){
438           $gufilter[$type]= $_POST[$type];
439         }
440       }
441       if(isset($_POST['regex'])){
442         if(isset($_POST['SubSearchGroup'])){
443           $gufilter['SubSearchGroup'] = true;
444         }else{
445           $gufilter['SubSearchGroup'] = false;
446         }
447       }
449       if (isset($_GET['search'])){
450         $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
451         if ($s == "**"){
452           $s= "*";
453         }
454         $gufilter['regex']= $s;
455       }
456       session::set("gufilter", $gufilter);
457       $this->reload();
459       /* Show dialog */
460       $smarty->assign("search_image", get_template_path('images/lists/search.png'));
461       $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
462       $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
463       $ui = get_userinfo();
464       $tmp = $ui->get_module_departments("users");
465       $deps = array();
466       foreach($this->config->idepartments as $dn => $name){
467         if(in_array($dn,$tmp)){
468           $deps[$dn] = $name;
469         }
470       }  
471  
472       $smarty->assign("deplist", $deps);
473       $smarty->assign("alphabet", generate_alphabet());
474       foreach( array("dselect", "regex","SubSearchGroup") as $type){
475         $smarty->assign("$type", $gufilter[$type]);
476       }
477       $smarty->assign("hint", print_sizelimit_warning());
478       $smarty->assign("users", $this->displayUsers);
479       $smarty->assign("apply", apply_filter());
480       $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
481       return ($display);
482     }
484     $smarty->assign("bases", $this->get_allowed_bases());
485     $smarty->assign("base_select", $this->base);
487     if ($this->samba3){
488       $domains= array();
489       foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
490         $domains[$name]= $name;
491       }
492       $smarty->assign("sambaDomains", $domains);
493       $smarty->assign("sambaDomainName", $this->sambaDomainName);
494       $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
495           514 => _("Domain guests"));
497       /* Don't loose special groups! If not key'ed above, add it to
498          the combo box... */    
499       if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
500         $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
501       }
503       $smarty->assign("groupTypes", $groupTypes);
504       $smarty->assign("groupType", $this->groupType);
505     }
507     /* Members and users */
508     $smarty->assign("members", $this->members);
510     /* Work on trust modes */
511     $smarty->assign("trusthide", " disabled ");
512     $smarty->assign("trustmodeACL",  $this->getacl("trustModel"));
513     if ($this->trustModel == "fullaccess"){
514       $trustmode= 1;
515       // pervent double disable tag in html code, this will disturb our clean w3c html
516       $smarty->assign("trustmode",  $this->getacl("trustModel"));
518     } elseif ($this->trustModel == "byhost"){
519       $trustmode= 2;
520       $smarty->assign("trusthide", "");
521     } else {
522       // pervent double disable tag in html code, this will disturb our clean w3c html
523       $smarty->assign("trustmode",  $this->getacl("trustModel"));
524       $trustmode= 0;
525     }
526     $smarty->assign("trustmode", $trustmode);
527     $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
528           2 => _("allow access to these hosts")));
530     if((count($this->accessTo))==0){
531       $smarty->assign("emptyArrAccess",true);
532     } else{
533       $smarty->assign("emptyArrAccess",false);
535     }
537     $smarty->assign("workstations", $this->accessTo);
541     /* Checkboxes */
542     foreach (array("force_gid", "smbgroup") as $val){
543       if ($this->$val == "1"){
544         $smarty->assign("$val", "checked");
545       } else {
546         $smarty->assign("$val", "");
547       }
548     }
549     if ($this->force_gid != "1"){
550       $smarty->assign("forceMode", "disabled");
551     }else{
552       $smarty->assign("forceMode", "");
553     }
554     if ($this->fon_group){
555       $smarty->assign("fon_group", "checked");
556     } else {
557       $smarty->assign("fon_group", "");
558     }
560     if ($this->nagios_group){
561       $smarty->assign("nagios_group", "checked");
562     } else {
563       $smarty->assign("nagios_group", "");
564     }
566     /* Fields */
567     foreach (array("cn", "description", "gidNumber") as $val){
568       $smarty->assign("$val", $this->$val);
569     }
571     $tmp = $this->plInfo();
572     foreach($tmp['plProvidedAcls'] as $name => $translation){
573       $smarty->assign($name."ACL",$this->getacl($name));
574     }
575     
576     if($this->acl_is_writeable("base")){
577       $smarty->assign("baseSelect",true);
578     }else{
579       $smarty->assign("baseSelect",false);
580     }
582     /* Show main page */
583     $smarty->assign("alphabet", generate_alphabet(10));
584     $smarty->assign("search_image", get_template_path('images/lists/search.png'));
585     $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
586     $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
587     $smarty->assign("deplist", $this->config->idepartments);
589     /* Multiple edit handling */
590     $smarty->assign("multiple_support",$this->multiple_support_active);
592     $smarty->assign("memberUid_All",$this->memberUid);
593     $smarty->assign("memberUid_Some",$this->memberUid_used_by_some);
595     foreach($this->attributes as $val){
596       if(in_array($val,$this->multi_boxes)){
597         $smarty->assign("use_".$val,TRUE);
598       }else{
599         $smarty->assign("use_".$val,FALSE);
600       }
601     }
602     foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $val){
603       if(in_array($val,$this->multi_boxes)){
604         $smarty->assign("use_".$val,TRUE);
605       }else{
606         $smarty->assign("use_".$val,FALSE);
607       }
608     }
610     return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
611   }
613   function addUser($uid)
614   {
615     /* In mutliple edit we have to handle two arrays.
616      *  memberUid               : Containing users used in all groups
617      *  memberUid_used_by_some  : Those which are not used in all groups
618      * So we have to remove the given $uid from the ..used_by_some array first.
619      */
620     if($this->multiple_support_active){
621       if(isset($this->memberUid_used_by_some[$uid])){
622         unset($this->memberUid_used_by_some[$uid]);
623       }
624     }  
626     $this->memberUid[$uid]= $uid;
627   }
630   function removeUser($uid)
631   {
632     $temp= array();
633     if(isset($this->memberUid[$uid])){
634       unset($this->memberUid[$uid]);
635     }
637     /* We have two array contianing group members in multiple edit.
638      *  this->memberUid             : Groups used by all currently edited groups 
639      *  this->memberUid_used_by_some: Used by some 
640      * So we have to remove the specified uid from both arrays.
641      */
642     if($this->multiple_support_active){
643       if(isset($this->memberUid_used_by_some[$uid])){
644         unset($this->memberUid_used_by_some[$uid]);
645       }
646     }
647   }
649   /* Reload data */
650   function reload($silent = FALSE)
651   {
652     /* Fix regex string */
653     $gufilter = session::get("gufilter");
654     $regex    = normalizeLdap($gufilter['regex']);
655     $MaxUser  = $this->OnlyShowFirstEntries;
657     /* Prepare ldap link */
658     $ldap= $this->config->get_ldap_link();
659     $ldap->cd($gufilter['dselect']);
662     /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes 
663         (Store gathered sn/givenName informations in $this->allusers too, 
664          to be prepared when adding/deleting users)
665      */    
666     $filter = "";
667     if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
668         count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
669       foreach ($this->memberUid as $value){
670         if(!isset($this->members[$value])){
671           $filter .= "(uid=".normalizeLdap($value).")";
672         }
673       }
674     }
676     if(!empty($filter)){    
677       $ldap->cd($this->config->current['BASE']);
678       $ldap->search("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(|".$filter."))",array("dn", "uid","sn","givenName"));
679       while($attrs = $ldap->fetch()){
680         $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
681         $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
682         $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
683       } 
684     }
685   
686     /* check if all uids are resolved */
687     if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
688         count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
689       foreach ($this->memberUid as $value){
690         if(!isset($this->members[$value])){
691           $this->members[$value] =  _("! unknown id")." [".$value."]"; 
692         }
693       }  
694     }else{
695       foreach ($this->memberUid as $value){
696         $this->members[$value] = $value; 
697       }  
698     }
700     /* Create display list of users matching regex & filter 
701      */
702     $this->displayUsers = array();
703     $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
705     /* Search in current tree or within subtrees depending on the checkbox from filter section */
706     if($gufilter['SubSearchGroup']){
707       $flag = GL_SIZELIMIT | GL_SUBSEARCH;
708       $base = $gufilter['dselect'];
709     }else{
710       $flag = GL_SIZELIMIT ;
711       $base = get_people_ou().$gufilter['dselect'];
712     }
713     $i = 0;
714   
716     $res = get_list($filter,"users",$base,array("dn", "uid", "sn", "givenName"),$flag);
718     /* Fetch all users and skip already used users */
719     foreach($res as $attrs){
720       if(in_array($attrs['uid'][0], $this->memberUid)) {
721         continue;
722       }
723       $i ++;
724       if($i > $MaxUser) {
725         break;
726       }
727       $this->dnMapping[$attrs['uid'][0]]= $attrs["dn"];
728       $this->allusers[$attrs['uid'][0]]     = $this->createResultName($attrs);
729       $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
730     }
731   
732     /* If more than max users are found, display a message to warn the user */
733     if($i == $MaxUser && !$silent){
734       msg_dialog::display(_("Configuration error"), sprintf(_("Search returned too many results. Not displaying more than %s entries!"), $MaxUser), ERROR_DIALOG);
735     }
736     
737     /* Sort lists */
738     natcasesort($this->members);
739     reset($this->members);
740     natcasesort ($this->displayUsers);
741     reset ($this->displayUsers);
742   }
745   /* Create display name, this was used so often that it is excluded into a seperate function */
746   function createResultName($attrs)
747   {
748     if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
749       $ret =  $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
750     } else {
751       $ret= $attrs['uid'][0];
752     }
753     return($ret);
754   }
757   function remove_from_parent()
758   {
759     plugin::remove_from_parent();
761     $ldap= $this->config->get_ldap_link();
762     $ldap->rmdir($this->dn);
763     if (!$ldap->success()){
764       msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_DEL, get_class()));
765     }
767     new log("remove","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
769     /* Delete references to object groups */
770     $ldap->cd ($this->config->current['BASE']);
771     $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".LDAP::prepare4filter($this->dn)."))", array("cn"));
772     while ($ldap->fetch()){
773       $og= new ogroup($this->config, $ldap->getDN());
774       unset($og->member[$this->dn]);
775       $og->save ();
776     }
778     /* Remove ACL dependencies too,
779      */
780     $ldap = $this->config->get_ldap_link();
781     $ldap->cd($this->config->current['BASE']);
782     $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($this->dn)."*))",array("gosaAclEntry","dn"));
783     while($attrs = $ldap->fetch()){
784       $acl = new acl($this->config,$this->parent,$attrs['dn']);
785       foreach($acl->gosaAclEntry as $id => $entry){
786         foreach($entry['members'] as $m_id => $member){
787           if($m_id == "G:".$this->dn || $m_id == "U:".$this->dn){
788             unset($acl->gosaAclEntry[$id]['members'][$m_id]);
789             gosa_log("modify","groups/acl",$attrs['dn'],array(),sprintf("Removed acl for %s on object %s.",$this->dn,$attrs['dn']));
790           }
791         }
792       }
793       $acl->save();
794     }
796     /* Remove ACL dependencies too,
797      */
798     $tmp = new acl($this->config,$this->parent,$this->dn);
799     $tmp->remove_acl();
801     /* Send signal to the world that we've done */
802     $this->handle_post_events("remove");
803   }
806   /* Save data to object */
807   function save_object()
808   {
809     /* Save additional values for possible next step */
810     if (isset($_POST['groupedit'])){
812       /* Create a base backup and reset the 
813           base directly after calling plugin::save_object();  
814          Base will be set seperatly a few lines below */
815       $base_tmp = $this->base;
816       plugin::save_object();
817       $this->base = $base_tmp;
819       $this->force_gid= 0;
821       /* Only reset sambagroup flag if we are able to write this flag */
822       if($this->acl_is_writeable("sambaGroupType")){
823         $this->smbgroup = 0;
824       }
826       /* Get base selection */
827       if(isset($_POST['base'])){
828         $tmp = $this->get_allowed_bases();
829         if(isset($tmp[$_POST['base']])){
830           $this->base = $_POST['base'];
831         }
832       }
834       foreach (array(
835             "force_gid"  => "gidNumber", 
836             "smbgroup"   => "sambaGroupType") as $val => $aclname) {
837         if ($this->acl_is_writeable($aclname)  && isset($_POST["$val"])){
838           $this->$val= $_POST["$val"];
839         }
840       }
842       /* Save sambaDomain attribute */
843       if ($this->acl_is_writeable("sambaDomainName") && $this->samba3 && isset ($_POST['sambaDomainName'])){
844         $this->sambaDomainName= $_POST['sambaDomainName'];
845         $this->groupType= $_POST['groupType'];
846       }
848       /* Save fon attribute */
849       if ($this->acl_is_writeable("fonGroup")){
850         if (isset ($_POST['fon_group'])){
851           $this->fon_group= TRUE;
852         } else {
853           $this->fon_group= FALSE;
854         }
855       }
856       if ($this->acl_is_writeable("nagiosGroup")){
857         if (isset ($_POST['nagios_group'])){
858           $this->nagios_group= TRUE;
859         } else {
860           $this->nagios_group= FALSE;
861         }
862       }
863     }
865     /* Trust mode - special handling */
866     if($this->acl_is_writeable("trustModel")){
867       if (isset($_POST['trustmode'])){
868         $saved= $this->trustModel;
869         if ($_POST['trustmode'] == "1"){
870           $this->trustModel= "fullaccess";
871         } elseif ($_POST['trustmode'] == "2"){
872           $this->trustModel= "byhost";
873         } else {
874           $this->trustModel= "";
875         }
876         if ($this->trustModel != $saved){
877           $this->is_modified= TRUE;
878         }
879       }
880     }
882   }
885   /* Save to LDAP */
886   function save()
887   {
889     /* ID handling */
890     if ($this->force_gid == 0){
891       if ($this->saved_gidNumber != ""){
892         $this->gidNumber= $this->saved_gidNumber;
893       } else {
894         /* Calculate new, lock uids */
895         $wait= 10;
896         while (get_lock("uidnumber") != ""){
897           sleep (1);
899           /* timed out? */
900           if ($wait-- == 0){
901             break;
902           }
903         }
904         add_lock ("uidnumber", "gosa");
905         $this->gidNumber= $this->get_next_id("gidNumber", $this->dn);
906       }
907     }
908   
909     plugin::save(); 
911  /* Trust accounts */
912     $objectclasses= array();
913     foreach ($this->attrs['objectClass'] as $key => $class){
914       if (preg_match('/trustAccount/i', $class)){
915         continue;
916       }
917       $objectclasses[]= $this->attrs['objectClass'][$key];
918     }
919     $this->attrs['objectClass']= $objectclasses;
920     if ($this->trustModel != ""){
921       $this->attrs['objectClass'][]= "trustAccount";
922       $this->attrs['trustModel']= $this->trustModel;
923       $this->attrs['accessTo']= array();
924       if ($this->trustModel == "byhost"){
925         foreach ($this->accessTo as $host){
926           $this->attrs['accessTo'][]= $host;
927         }
928       }
929     } else {
930       if ($this->was_trust_account){
931         $this->attrs['accessTo']= array();
932         $this->attrs['trustModel']= array();
933       }
934     }
938     /* Remove objectClass for samba/phone support */
939     $tmp= array();
940     for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
941       if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
942           $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
943           $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
944          $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
945         $tmp[]= $this->attrs['objectClass'][$i];
946       }
947     }
948     $this->attrs['objectClass']= $tmp;
949     $ldap= $this->config->get_ldap_link();
951     /* Add samba group functionality */
952     if ($this->samba3 && $this->smbgroup){
953   
954       /* Fixed undefined index ... 
955        */ 
956       $this->SID = $this->ridBase = "";
957       if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
958         $this->SID    = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
959       }else{
960         msg_dialog::display(_("Error"), sprintf(_("Cannot find any SID for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
961       }
962       if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
963         $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE']; 
964       }else{
965         msg_dialog::display(_("Error"), sprintf(_("Cannot find any RIDBASE for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
966       }
968       $this->attrs['objectClass'][]= 'sambaGroupMapping';
969       $this->attrs['sambaGroupType']= "2";
971       /* Check if we need to create a special entry */
972       if ($this->groupType == 0){
974         if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
975           $gidNumber= $this->gidNumber;
976           while(TRUE){
977             $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
978             $ldap->cd($this->config->current['BASE']);
979             $ldap->search("(sambaSID=$sid)",array("sambaSID"));
980             if ($ldap->count() == 0){
981               break;
982             }
983             $gidNumber++;
984           }
985           $this->attrs['sambaSID']= $sid;
986           $this->sambaSID= $sid;
987         }
989       } else {
990         $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
991       }
993       /* User wants me to fake the idMappings? This is useful for
994          making winbind resolve the group names in a reasonable amount
995          of time in combination with larger databases. */
996       if ($this->config->get_cfg_value("sambaidmapping") == "true"){
997         $this->attrs['objectClass'][]= "sambaIdmapEntry";
998       }
1000     }
1002     /* Add phone functionality */
1003     if ($this->fon_group){
1004       $this->attrs['objectClass'][]= "goFonPickupGroup";
1005     }
1007     /* Add nagios functionality */
1008     if ($this->nagios_group){
1009       $this->attrs['objectClass'][]= "nagiosContactGroup";
1010     }
1012     /* Take members array */
1013     if (count ($this->memberUid)){
1014       $this->attrs['memberUid']= array_values(array_unique($this->memberUid));
1015     }
1017     /* New accounts need proper 'dn', propagate it to remaining objects */
1018     if ($this->dn == 'new'){
1019       $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
1020     }
1022     /* Add member dn's for RFC2307bis Support */
1023     if ($this->rfc2307bis){
1024       $this->attrs['member'] = array();
1025       if (count($this->memberUid)){
1026         foreach($this->attrs['memberUid'] as $uid) {
1027           $this->attrs['member'][]= $this->dnMapping[$uid];
1028         }
1029       } else {
1030         $this->attrs['member'][]= $this->dn;
1031       }
1032     }
1034     /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
1035        new entries. So do a check first... */
1036     $ldap->cat ($this->dn, array('dn'));
1037     if ($ldap->fetch()){
1038       /* Modify needs array() to remove values :-( */
1039       if (!count ($this->memberUid)){
1040         $this->attrs['memberUid']= array();
1041       }
1042       if ($this->samba3){
1043         if (!$this->smbgroup){
1044           $this->attrs['sambaGroupType']= array();
1045           $this->attrs['sambaSID']= array();
1046         }
1047       }
1048       $mode= "modify";
1049     } else {
1050       $mode= "add";
1051       $ldap->cd($this->config->current['BASE']);
1052       $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
1053     }
1055     /* Write back to ldap */
1056     $ldap->cd($this->dn);
1057     $this->cleanup();
1058     $ldap->$mode($this->attrs);
1060     /* Remove ACL dependencies too,
1061      */
1062     if($this->dn != $this->orig_dn && $this->orig_dn != "new"){
1063       $tmp = new acl($this->config,$this->parent,$this->dn);
1064       $tmp->update_acl_membership($this->orig_dn,$this->dn);
1065     }
1067     if($this->initially_was_account){
1068       new log("modify","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1069     }else{
1070       new log("create","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1071     }
1073     $ret= 0;
1074     if (!$ldap->success()){
1075       msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
1076       $ret= 1;
1077     }
1079     /* Remove uid lock */
1080     del_lock ("uidnumber");
1082     /* Post that we've done*/
1083     $this->handle_post_events($mode);
1085     return ($ret);
1086   }
1088   function check()
1089   {
1090     /* Call common method to give check the hook */
1091     $message= plugin::check();
1093     /* Permissions for that base? */
1094     if ($this->base != ""){
1095       $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
1096     } else {
1097       $new_dn= $this->dn;
1098     }
1100     /* must: cn */
1101     if ($this->cn == "" && $this->acl_is_writeable("cn")){
1102       $message[]= msgPool::required(_("Name"));
1103     }
1105     /* Check for valid input */
1106     if (!tests::is_uid($this->cn)){
1107       if (strict_uid_mode()){
1108         $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/");
1109       } else {
1110         $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/i");
1111       }
1112     }
1114     if($this->allowGroupsWithSameNameInOtherSubtrees == true){
1116       /* Check for used 'cn' */
1117       $ldap= $this->config->get_ldap_link();
1118       if(($this->cn  != $this->orig_cn) || ($this->orig_dn == "new") || ($new_dn != $this->orig_dn)){
1119         $ldap->cd(get_groups_ou().$this->base);
1120         $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
1121         if ($ldap->count() != 0){
1122           $message[]= msgPool::duplicated(_("Name"));
1123         }
1124       }
1125     }else{
1126         /* Check for used 'cn' */
1127         $ldap= $this->config->get_ldap_link();
1128         $ldap->cd($this->config->current['BASE']);
1129         $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn", "gosaUnitTag"));
1130         if ($ldap->count() != 0){
1131           while ($entry = $ldap->fetch()) {
1132             if ($this->gosaUnitTag == '' || ($this->orig_dn != $new_dn)) {
1133                   $tag = $this->get_gosaUnitTag($new_dn);
1134             }
1135             else {
1136                   $tag = $this->gosaUnitTag;
1137             }
1138             if ($entry['gosaUnitTag'][0] == $tag) {
1139                     if ($ldap->getDN() != $this->orig_dn){
1140                     $message[]= _("Another group of the same name already exists, saving or creating this group is not allowed. Please rename the group or remove the other group.");
1141                     break;
1142                     }
1143                 }
1144           }
1145         }
1146     }   
1148     /* Check ID */
1149     if ($this->force_gid == "1"){
1150       if (!tests::is_id($this->gidNumber)){
1151         $message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
1152       } else {
1153         if ($this->gidNumber < $this->config->get_cfg_value("minId")){
1154           $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("minId"));
1155         }
1157       }
1158     }
1159     
1160     /* Check if we are allowed to create or move this object 
1161      */
1162     if(!$this->orig_dn == "new" || 
1163         $this->orig_base != $this->base || 
1164         $this->cn != $this->orig_cn){
1166       if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
1167         $message[] = msgPool::permCreate();
1168       }elseif($this->orig_dn != "new" && !$this->acl_is_moveable($this->base)){
1169         $message[] = msgPool::permMove();
1170       }
1171     }
1173     return ($message);
1174   }
1176   function get_next_id($attrib, $dn)
1177   {
1178     $ids= array();
1179     $ldap= $this->config->get_ldap_link();
1181     $ldap->cd ($this->config->current['BASE']);
1182     if (preg_match('/gidNumber/i', $attrib)){
1183       $oc= "posixGroup";
1184     } else {
1185       $oc= "posixAccount";
1186     }
1187     $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
1189     /* Get list of ids */
1190     while ($attrs= $ldap->fetch()){
1191       $ids[]= (int)$attrs["$attrib"][0];
1192     }
1194     /* Find out next free id near to UID_BASE */
1195     if ($this->config->get_cfg_value("baseIdHook") == ""){
1196       $base= $this->config->get_cfg_value("uidNumberBase");
1197     } else {
1198       /* Call base hook */
1199       $base= get_base_from_hook($dn, $attrib);
1200     }
1201     for ($id= $base; $id++; $id < pow(2,32)){
1202       if (!in_array($id, $ids)){
1203         return ($id);
1204       }
1205     }
1207     /* Check if id reached maximum */
1208     if ($id >= pow(2,32)){
1209       msg_dialog::display(_("Error"), _("Cannot allocate a free ID!"), ERROR_DIALOG);
1210       exit;
1211     }
1212   }
1214   function getCopyDialog()
1215   {
1216     $vars = array("cn");
1217   
1218     if($this ->force_gid){
1219       $used = " checked ";
1220       $dis  = "";
1221     }else{
1222       $used = "";
1223       $dis  = " disabled ";
1224     }
1226     $smarty = get_smarty();
1227     $smarty->assign("used",$used);
1228     $smarty->assign("dis" ,$dis);
1229     $smarty->assign("cn" ,$this->cn);
1230     $smarty->assign("gidNumber",$this->gidNumber);
1231     $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
1232     $ret = array();
1233     $ret['string'] = $str;
1234     $ret['status'] = "";
1235     return($ret);
1236   }
1238   function saveCopyDialog()
1239   {
1240     if(isset($_POST['cn'])){
1241       $this->cn = $_POST['cn'];
1242     }
1243     if(isset($_POST['force_gid'])){
1244       $this->force_gid  = 1;
1245       $this->gidNumber= $_POST['gidNumber'];
1246     }else{
1247       $this->force_gid  = 0;
1248       $this->gidNumber  = false;
1249     }
1250   }
1252   
1253   /* Return plugin informations for acl handling  */ 
1254   static function plInfo()
1255   {
1256     return (array(  
1257           "plShortName" => _("Generic"),
1258           "plDescription" => _("Generic group settings"),
1259           "plSelfModify"  => FALSE,
1260           "plDepends"     => array(),
1261           "plPriority"    => 0,
1262           "plSection"     => array("administration"),
1263           "plCategory"    => array("groups" => array("objectClass" => "posixGroup", "description" => _("Groups"))),
1265           "plProvidedAcls"    => array(
1266             "cn"                => _("Name"),
1267             "description"       => _("Description"),
1268             "base"              => _("Base"),
1270             "gidNumber"         => _("GID"),
1272             "sambaGroupType"    => _("Samba group type"),
1273             "sambaDomainName"   => _("Samba domain name"),
1274             "trustModel"        => _("System trust"),
1275             "fonGroup"          => _("Phone pickup group"),
1276             "nagiosGroup"       => _("Nagios group"),
1278             "memberUid"         => _("Group member"))
1279         ));
1280   }
1283   function multiple_save_object()
1284   {
1285     if(isset($_POST['group_mulitple_edit'])){
1287       /* Create a base backup and reset the
1288          base directly after calling plugin::save_object();
1289          Base will be set seperatly a few lines below */
1290       $base_tmp = $this->base;
1291       plugin::multiple_save_object();
1292       plugin::save_object();
1293       $this->base = $base_tmp;
1295       foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $attr){
1296         if(isset($_POST['use_'.$attr])){
1297           $this->multi_boxes[] = $attr;
1298         }
1299       }
1301       /* Get base selection */
1302       if(isset($_POST['base'])){
1303         $tmp = $this->get_allowed_bases();
1304         if(isset($tmp[$_POST['base']])){
1305           $this->base = $_POST['base'];
1306         }
1307       }
1309       foreach (array( "smbgroup"   => "sambaGroupType" ,"nagios_group" => "nagios_group") as $val => $aclname) {
1310         if ($this->acl_is_writeable($aclname)){
1311           if(isset($_POST["$val"])){
1312             $this->$val=  TRUE;
1313           }else{
1314             $this->$val=  FALSE;
1315           }
1316         }
1317       }
1319       /* Save sambaDomain attribute */
1320       if ($this->acl_is_writeable("sambaDomainName") && $this->samba3 && isset ($_POST['sambaDomainName'])){
1321         $this->sambaDomainName= $_POST['sambaDomainName'];
1322         $this->groupType= $_POST['groupType'];
1323       }
1325       /* Trust mode - special handling */
1326       if($this->acl_is_writeable("trustModel")){
1327         if (isset($_POST['trustmode'])){
1328           $saved= $this->trustModel;
1329           if ($_POST['trustmode'] == "1"){
1330             $this->trustModel= "fullaccess";
1331           } elseif ($_POST['trustmode'] == "2"){
1332             $this->trustModel= "byhost";
1333           } else {
1334             $this->trustModel= "";
1335           }
1336           if ($this->trustModel != $saved){
1337             $this->is_modified= TRUE;
1338           }
1339         }
1340       }
1342       /* Save fon attribute */
1343       if ($this->acl_is_writeable("fonGroup")){
1344         if (isset ($_POST['fon_group'])){
1345           $this->fon_group= TRUE;
1346         } else {
1347           $this->fon_group= FALSE;
1348         }
1349       }
1350     }
1351   }
1354   function get_multi_edit_values()
1355   {
1356     $ret = plugin::get_multi_edit_values();
1358     foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){    
1359       if(in_array($attr,$this->multi_boxes)){
1360         $ret[$attr] = $this->$attr;
1361       }
1362     }
1364     if(in_array("trustmode",$this->multi_boxes)){
1365       $ret['trustModel'] = $this->trustModel;
1366       $ret['accessTo'] = $this->accessTo;
1367     }
1369     $ret['memberUid'] = $this->memberUid;
1370     $ret['memberUid_used_by_some'] = $this->memberUid_used_by_some;
1371     return($ret);
1372   }
1374   function multiple_execute()
1375   {
1376     return($this->execute());
1377   }
1380   /* Initialize plugin with given atribute arrays
1381    */
1382   function init_multiple_support($attrs,$all)
1383   {
1384     plugin::init_multiple_support($attrs,$all);
1386     $this->memberUid = array();
1387     $this->memberUid_used_by_some = array();
1388     if (isset($attrs['memberUid'])){
1389       for ($i= 0; $i<$attrs['memberUid']['count']; $i++){
1390         $this->memberUid[$attrs['memberUid'][$i]]= $attrs['memberUid'][$i];
1391       }
1392       ksort($this->memberUid);
1393     }
1395     if (isset($all['memberUid'])){
1396       for ($i= 0; $i<$all['memberUid']['count']; $i++){
1397         if(!in_array($all['memberUid'][$i],$this->memberUid)){
1398           $this->memberUid_used_by_some[$all['memberUid'][$i]]= $all['memberUid'][$i];
1399         }
1400       }
1401       ksort($this->memberUid_used_by_some);
1402     }
1403   }
1406   function PrepareForCopyPaste($source)
1407   {
1408     plugin::PrepareForCopyPaste($source);
1409     
1410     $source_o = new group($this->config, $source['dn']);
1411     foreach($this->CopyPasteVars as $var) {
1412         $this->$var = $source_o->$var;
1413     }
1415     $this->memberUid = array();
1416     if(isset($source['memberUid'])){
1417       for($i = 0 ; $i < $source['memberUid']['count']; $i ++){
1418         $this->memberUid[] = $source['memberUid'][$i];
1419       }
1420     }
1421   }
1424   function set_multi_edit_values($attrs)
1425   {
1426     $users = array();
1428     /* Update groupMembership, keep optinal group */
1429     foreach($attrs['memberUid_used_by_some'] as $uid){
1430       if(in_array($uid,$this->memberUid)){
1431         $users[$uid] = $uid;
1432       }
1433     }
1435     /* Update groupMembership, add forced groups */
1436     foreach($attrs['memberUid'] as $uid){
1437       $users[$uid] = $uid;
1438     }
1439     plugin::set_multi_edit_values($attrs);
1440     $this->memberUid = $users;
1441   }
1443 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1444 ?>