1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class group extends plugin
24 {
25 /* Group attributes */
26 var $cn= "";
27 var $description= "";
28 var $gidNumber= "";
29 var $memberUid= array();
30 var $memberUid_used_by_some= array();
32 /* Helpers */
33 var $base= "";
34 var $force_gid= FALSE;
35 var $fon_group= FALSE;
36 var $smbgroup= FALSE;
37 var $groupType= FALSE;
38 var $samba3= FALSE;
39 var $sambaSID= "";
40 var $sambaDomainName= "DEFAULT";
41 var $SID= "";
42 var $ridBase= 0;
43 var $members= array();
44 var $users= array();
45 var $member= array();
46 var $allusers= array();
47 var $saved_gidNumber= "";
48 var $oldgroupType= "";
49 var $orig_dn= "";
50 var $orig_cn= "";
51 var $orig_base= "";
52 var $has_mailAccount= FALSE;
53 var $group_dialog= FALSE;
54 var $nagios_group =FALSE;
55 var $sambaGroupType;
56 var $dialog;
57 var $rfc2307bis= FALSE;
58 var $OnlyShowFirstEntries =200;
59 var $dnMapping= array();
60 var $view_logged = FALSE;
61 var $allowGroupsWithSameNameInOtherSubtrees = true;
63 /* Trustmodel/AccessTo
64 */
65 var $accessTo= array();
66 var $trustModel= "";
67 var $show_ws_dialog = FALSE;
69 /* attribute list for save action */
70 var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID","accessTo","trustModel");
71 var $objectclasses= array("top", "posixGroup");
73 var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group");
75 var $multiple_support = TRUE;
77 function group (&$config, $dn= NULL)
78 {
79 /* Set rfc2307bis flag */
80 if ($config->get_cfg_value("rfc2307bis") == "true"){
81 $this->rfc2307bis= TRUE;
82 $this->attributes[]= "member";
83 $this->objectclasses[]= "groupOfNames";
84 }
86 plugin::plugin ($config, $dn);
88 /* Load attributes depending on the samba version */
89 $this->samba3= ($config->get_cfg_value("sambaversion") == 3);
90 $this->orig_dn= $dn;
91 $this->orig_cn= $this->cn;
93 /* Read configuration option for $this->allowGroupsWithSameNameInOtherSubtrees */
94 if ($config->get_cfg_value("allowGroupsWithSameNameInOtherSubtrees") == "false") {
95 $this->allowGroupsWithSameNameInOtherSubtrees = FALSE;
96 }
98 /* Get member list */
99 if (isset($this->attrs['memberUid'][0])){
100 $tmp= array();
101 for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
102 $tmp[$this->attrs['memberUid'][$i]]= $this->attrs['memberUid'][$i];
103 }
104 $this->memberUid= $tmp;
105 ksort ($this->memberUid);
106 }
108 /* Save gidNumber for later use */
109 if (isset($this->attrs['gidNumber'])){
110 $this->saved_gidNumber= $this->attrs['gidNumber'][0];
111 }
113 /* Is a samba group? */
114 if (isset($this->attrs['objectClass'])){
115 if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == FALSE ){
116 $this->smbgroup= FALSE;
117 } else {
118 $this->smbgroup= TRUE;
119 if (isset($this->attrs['sambaSID'])){
120 $this->sambaSID= $this->attrs['sambaSID'][0];
121 }
122 }
123 if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == FALSE ){
124 $this->fon_group= FALSE;
125 } else {
126 $this->fon_group= TRUE;
127 }
128 if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == FALSE ){
129 $this->nagios_group= FALSE;
130 } else {
131 $this->nagios_group= TRUE;
132 }
133 }
135 /* Set mail flag */
136 if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
137 $this->has_mailAccount= TRUE;
138 }
140 /* Get samba Domain in case of samba 3 */
141 if ($this->samba3 && $this->sambaSID != ""){
142 $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
143 $ldap= $this->config->get_ldap_link();
144 $ldap->cd($this->config->current['BASE']);
145 $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
146 if ($ldap->count() != 0){
147 $attrs= $ldap->fetch();
148 if(isset($attrs['sambaAlgorithmicRidBase'])){
149 $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
150 } else {
151 $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
152 }
154 /* Get domain name for SID */
155 $this->sambaDomainName= "DEFAULT";
156 foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
157 if ($val['SID'] == $this->SID){
158 $this->sambaDomainName= $key;
159 break;
160 }
161 }
162 } else {
163 if ($this->config->get_cfg_value("sambaRidBase") != ""){
164 $this->sambaDomainName= "DEFAULT";
165 $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
166 $this->SID= $this->config->get_cfg_value("sid");
167 } else {
168 msg_dialog::display(_("Configuration error"), _("Cannot find group SID in your configuration!"), ERROR_DIALOG);
169 }
170 }
172 /* Get group type */
173 $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
174 if ($this->groupType < 500 || $this->groupType > 553){
175 $this->groupType= 0;
176 }
177 $this->oldgroupType= $this->groupType;
179 }
181 /* Get global filter config */
182 if (!session::is_set("gufilter")){
183 $ui= get_userinfo();
184 $base= get_base_from_people($ui->dn);
185 $gufilter= array( "dselect" => $base,
186 "regex" => "*");
187 session::set("gufilter", $gufilter);
188 }
189 $gufilter= session::get('gufilter');
190 $gufilter['SubSearchGroup'] = false;
191 session::set('gufilter',$gufilter);
193 if ($this->dn == "new"){
194 if(session::is_set('CurrentMainBase')){
195 $this->base = session::get('CurrentMainBase');
196 }else{
197 $ui= get_userinfo();
198 $this->base= dn2base($ui->dn);
199 }
200 } else {
202 /* Get object base */
203 $this->base =preg_replace ("/^[^,]+,".preg_quote(get_groups_ou(), '/')."/","",$this->dn);
204 }
205 $this->orig_base = $this->base;
207 /* Is this account a trustAccount? */
208 if (isset($this->attrs['trustModel'])){
209 $this->trustModel= $this->attrs['trustModel'][0];
210 $this->was_trust_account= TRUE;
211 } else {
212 $this->was_trust_account= FALSE;
213 $this->trustModel= "";
214 }
216 $this->accessTo = array();
217 if (isset($this->attrs['accessTo'])){
218 for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
219 $tmp= $this->attrs['accessTo'][$i];
220 $this->accessTo[$tmp]= $tmp;
221 }
222 }
224 /* Get global filter config */
225 if (!session::is_set("sysfilter")){
226 $ui= get_userinfo();
227 $base= get_base_from_people($ui->dn);
228 $sysfilter= array( "depselect" => $base,
229 "regex" => "*");
230 session::set("sysfilter", $sysfilter);
231 }
233 /* This is always an account */
234 $this->is_account= TRUE;
235 $this->reload(TRUE);
236 }
238 function execute()
239 {
240 /* Call parent execute */
241 plugin::execute();
243 /* Log view */
244 if($this->is_account && !$this->view_logged){
245 $this->view_logged = TRUE;
246 new log("view","groups/".get_class($this),$this->dn);
247 }
249 /* Do we represent a valid group? */
250 if (!$this->is_account && $this->parent === NULL){
251 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".msgPool::noValidExtension()."</b>";
252 return ($display);
253 }
255 /* Delete user from group */
256 if (isset($_POST['del_users']) && isset($_POST['members']) && preg_match("/w/",$this->getacl("memberUid"))){
257 foreach ($_POST['members'] as $value){
258 unset ($this->members["$value"]);
259 $this->removeUser($value);
260 }
261 $this->reload();
262 }
264 /* Add objects? */
265 if (isset($_POST["edit_membership"]) && preg_match("/w/",$this->getacl("memberUid"))){
266 $this->group_dialog= TRUE;
267 $this->dialog= TRUE;
268 }
270 /* Add objects finished? */
271 if (isset($_POST["add_users_finish"]) || isset($_POST["add_users_cancel"])){
272 $this->group_dialog= FALSE;
273 $this->dialog= FALSE;
274 }
276 /* Add user to group */
277 if (isset($_POST['add_users_finish']) && isset($_POST['users'])){
278 foreach ($_POST['users'] as $value){
279 $this->members["$value"]= $this->allusers[$value];
280 asort($this->members);
281 $this->addUser($value);
282 }
283 $this->reload();
284 }
286 /* Base select dialog */
287 $once = true;
288 foreach($_POST as $name => $value){
289 if((preg_match("/^chooseBase/",$name) && $once) && $this->acl_is_writeable("base")){
291 $once = false;
292 $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
293 $this->dialog->setCurrentBase($this->base);
294 }
295 }
297 /* Dialog handling */
298 if(is_object($this->dialog)){
299 /* Must be called before save_object */
300 $this->dialog->save_object();
302 if($this->dialog->isClosed()){
303 $this->dialog = false;
304 }elseif($this->dialog->isSelected()){
306 /* Check if selected base is valid */
307 $tmp = $this->get_allowed_bases();
308 if(isset($tmp[$this->dialog->isSelected()])){
309 $this->base = $this->dialog->isSelected();
310 }
311 $this->dialog= false;
312 }else{
313 return($this->dialog->execute());
314 }
315 }
318 /* Add user workstation? */
319 if (isset($_POST["add_ws"])){
320 $this->show_ws_dialog= TRUE;
321 $this->dialog= TRUE;
322 }
324 /* Add user workstation? */
325 if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
326 foreach($_POST['wslist'] as $ws){
327 $this->accessTo[$ws]= $ws;
328 }
329 ksort($this->accessTo);
330 $this->is_modified= TRUE;
331 }
333 /* Remove user workstations? */
334 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
335 foreach($_POST['workstation_list'] as $name){
336 unset ($this->accessTo[$name]);
337 }
338 $this->is_modified= TRUE;
339 }
341 /* Add user workstation finished? */
342 if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
343 $this->show_ws_dialog= FALSE;
344 $this->dialog= FALSE;
345 }
347 $smarty= get_smarty();
349 /* Show ws dialog */
350 if ($this->show_ws_dialog){
352 /* Save data */
353 $sysfilter= session::get("sysfilter");
354 foreach( array("depselect", "regex") as $type){
355 if (isset($_POST[$type])){
356 $sysfilter[$type]= $_POST[$type];
357 }
358 }
359 if (isset($_GET['search'])){
360 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
361 if ($s == "**"){
362 $s= "*";
363 }
364 $sysfilter['regex']= $s;
365 }
366 session::set("sysfilter", $sysfilter);
368 /* Get workstation list */
369 $exclude= "";
370 foreach($this->accessTo as $ws){
371 $exclude.= "(cn=$ws)";
372 }
373 if ($exclude != ""){
374 $exclude= "(!(|$exclude))";
375 }
376 $regex= $sysfilter['regex'];
378 /* Search for systems
379 */
380 $types = array();
381 $types['server'] = array("OU" => get_ou("serverRDN"), "OC" => "(objectClass=goServer)");
382 $types['workstation'] = array("OU" => get_ou("workstationRDN"),"OC" => "(objectClass=gotoWorkstation)");
383 $types['terminal'] = array("OU" => get_ou("terminalRDN"), "OC" => "(objectClass=gotoTerminal)");
385 $res = array();
386 foreach($types as $acl => $data){
387 $filter= "(&".$data['OC']."$exclude(cn=$regex))";
388 $res= array_merge($res,get_sub_list($filter,array($acl),$data['OU'],get_ou("systemRDN").$sysfilter['depselect'],
389 array("cn"), GL_SUBSEARCH | GL_SIZELIMIT));
390 }
391 $wslist = array();
392 foreach ($res as $attrs){
393 $wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
394 }
396 asort($wslist);
397 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
398 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
399 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
400 $smarty->assign("deplist", $this->config->idepartments);
401 $smarty->assign("alphabet", generate_alphabet());
402 foreach( array("depselect", "regex") as $type){
403 $smarty->assign("$type", $sysfilter[$type]);
404 }
405 $smarty->assign("hint", print_sizelimit_warning());
406 $smarty->assign("wslist", $wslist);
407 $smarty->assign("apply", apply_filter());
408 $display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
409 return ($display);
410 }
412 /* Assign templating stuff */
413 if ($this->samba3){
414 $smarty->assign("samba3", "true");
415 } else {
416 $smarty->assign("samba3", "");
417 }
419 if($this->config->search("nagiosaccount", "CLASS",array('menu'))){
420 $smarty->assign("nagios",true);
421 }else{
422 $smarty->assign("nagios",false);
423 }
425 if($this->config->search("phoneAccount", "CLASS",array('menu'))){
426 $smarty->assign("pickupGroup",true);
427 }else{
428 $smarty->assign("pickupGroup",false);
429 }
431 /* Manage object add dialog */
432 if ($this->group_dialog){
434 /* Save data */
435 $gufilter= session::get("gufilter");
436 foreach( array("dselect", "regex") as $type){
437 if (isset($_POST[$type])){
438 $gufilter[$type]= $_POST[$type];
439 }
440 }
441 if(isset($_POST['regex'])){
442 if(isset($_POST['SubSearchGroup'])){
443 $gufilter['SubSearchGroup'] = true;
444 }else{
445 $gufilter['SubSearchGroup'] = false;
446 }
447 }
449 if (isset($_GET['search'])){
450 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
451 if ($s == "**"){
452 $s= "*";
453 }
454 $gufilter['regex']= $s;
455 }
456 session::set("gufilter", $gufilter);
457 $this->reload();
459 /* Show dialog */
460 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
461 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
462 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
463 $ui = get_userinfo();
464 $tmp = $ui->get_module_departments("users");
465 $deps = array();
466 foreach($this->config->idepartments as $dn => $name){
467 if(in_array($dn,$tmp)){
468 $deps[$dn] = $name;
469 }
470 }
472 $smarty->assign("deplist", $deps);
473 $smarty->assign("alphabet", generate_alphabet());
474 foreach( array("dselect", "regex","SubSearchGroup") as $type){
475 $smarty->assign("$type", $gufilter[$type]);
476 }
477 $smarty->assign("hint", print_sizelimit_warning());
478 $smarty->assign("users", $this->displayUsers);
479 $smarty->assign("apply", apply_filter());
480 $display= $smarty->fetch (get_template_path('group_objects.tpl', TRUE, dirname(__FILE__)));
481 return ($display);
482 }
484 $smarty->assign("bases", $this->get_allowed_bases());
485 $smarty->assign("base_select", $this->base);
487 if ($this->samba3){
488 $domains= array();
489 foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
490 $domains[$name]= $name;
491 }
492 $smarty->assign("sambaDomains", $domains);
493 $smarty->assign("sambaDomainName", $this->sambaDomainName);
494 $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
495 514 => _("Domain guests"));
497 /* Don't loose special groups! If not key'ed above, add it to
498 the combo box... */
499 if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
500 $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
501 }
503 $smarty->assign("groupTypes", $groupTypes);
504 $smarty->assign("groupType", $this->groupType);
505 }
507 /* Members and users */
508 $smarty->assign("members", $this->members);
510 /* Work on trust modes */
511 $smarty->assign("trusthide", " disabled ");
512 $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
513 if ($this->trustModel == "fullaccess"){
514 $trustmode= 1;
515 // pervent double disable tag in html code, this will disturb our clean w3c html
516 $smarty->assign("trustmode", $this->getacl("trustModel"));
518 } elseif ($this->trustModel == "byhost"){
519 $trustmode= 2;
520 $smarty->assign("trusthide", "");
521 } else {
522 // pervent double disable tag in html code, this will disturb our clean w3c html
523 $smarty->assign("trustmode", $this->getacl("trustModel"));
524 $trustmode= 0;
525 }
526 $smarty->assign("trustmode", $trustmode);
527 $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
528 2 => _("allow access to these hosts")));
530 if((count($this->accessTo))==0){
531 $smarty->assign("emptyArrAccess",true);
532 } else{
533 $smarty->assign("emptyArrAccess",false);
535 }
537 $smarty->assign("workstations", $this->accessTo);
541 /* Checkboxes */
542 foreach (array("force_gid", "smbgroup") as $val){
543 if ($this->$val == "1"){
544 $smarty->assign("$val", "checked");
545 } else {
546 $smarty->assign("$val", "");
547 }
548 }
549 if ($this->force_gid != "1"){
550 $smarty->assign("forceMode", "disabled");
551 }else{
552 $smarty->assign("forceMode", "");
553 }
554 if ($this->fon_group){
555 $smarty->assign("fon_group", "checked");
556 } else {
557 $smarty->assign("fon_group", "");
558 }
560 if ($this->nagios_group){
561 $smarty->assign("nagios_group", "checked");
562 } else {
563 $smarty->assign("nagios_group", "");
564 }
566 /* Fields */
567 foreach (array("cn", "description", "gidNumber") as $val){
568 $smarty->assign("$val", $this->$val);
569 }
571 $tmp = $this->plInfo();
572 foreach($tmp['plProvidedAcls'] as $name => $translation){
573 $smarty->assign($name."ACL",$this->getacl($name));
574 }
576 if($this->acl_is_writeable("base")){
577 $smarty->assign("baseSelect",true);
578 }else{
579 $smarty->assign("baseSelect",false);
580 }
582 /* Show main page */
583 $smarty->assign("alphabet", generate_alphabet(10));
584 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
585 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
586 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
587 $smarty->assign("deplist", $this->config->idepartments);
589 /* Multiple edit handling */
590 $smarty->assign("multiple_support",$this->multiple_support_active);
592 $smarty->assign("memberUid_All",$this->memberUid);
593 $smarty->assign("memberUid_Some",$this->memberUid_used_by_some);
595 foreach($this->attributes as $val){
596 if(in_array($val,$this->multi_boxes)){
597 $smarty->assign("use_".$val,TRUE);
598 }else{
599 $smarty->assign("use_".$val,FALSE);
600 }
601 }
602 foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $val){
603 if(in_array($val,$this->multi_boxes)){
604 $smarty->assign("use_".$val,TRUE);
605 }else{
606 $smarty->assign("use_".$val,FALSE);
607 }
608 }
610 return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
611 }
613 function addUser($uid)
614 {
615 /* In mutliple edit we have to handle two arrays.
616 * memberUid : Containing users used in all groups
617 * memberUid_used_by_some : Those which are not used in all groups
618 * So we have to remove the given $uid from the ..used_by_some array first.
619 */
620 if($this->multiple_support_active){
621 if(isset($this->memberUid_used_by_some[$uid])){
622 unset($this->memberUid_used_by_some[$uid]);
623 }
624 }
626 $this->memberUid[$uid]= $uid;
627 }
630 function removeUser($uid)
631 {
632 $temp= array();
633 if(isset($this->memberUid[$uid])){
634 unset($this->memberUid[$uid]);
635 }
637 /* We have two array contianing group members in multiple edit.
638 * this->memberUid : Groups used by all currently edited groups
639 * this->memberUid_used_by_some: Used by some
640 * So we have to remove the specified uid from both arrays.
641 */
642 if($this->multiple_support_active){
643 if(isset($this->memberUid_used_by_some[$uid])){
644 unset($this->memberUid_used_by_some[$uid]);
645 }
646 }
647 }
649 /* Reload data */
650 function reload($silent = FALSE)
651 {
652 /* Fix regex string */
653 $gufilter = session::get("gufilter");
654 $regex = normalizeLdap($gufilter['regex']);
655 $MaxUser = $this->OnlyShowFirstEntries;
657 /* Prepare ldap link */
658 $ldap= $this->config->get_ldap_link();
659 $ldap->cd($gufilter['dselect']);
662 /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
663 (Store gathered sn/givenName informations in $this->allusers too,
664 to be prepared when adding/deleting users)
665 */
666 $filter = "";
667 if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
668 count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
669 foreach ($this->memberUid as $value){
670 if(!isset($this->members[$value])){
671 $filter .= "(uid=".normalizeLdap($value).")";
672 }
673 }
674 }
676 if(!empty($filter)){
677 $ldap->cd($this->config->current['BASE']);
678 $ldap->search("(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(|".$filter."))",array("dn", "uid","sn","givenName"));
679 while($attrs = $ldap->fetch()){
680 $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
681 $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
682 $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
683 }
684 }
686 /* check if all uids are resolved */
687 if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
688 count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
689 foreach ($this->memberUid as $value){
690 if(!isset($this->members[$value])){
691 $this->members[$value] = _("! unknown id")." [".$value."]";
692 }
693 }
694 }else{
695 foreach ($this->memberUid as $value){
696 $this->members[$value] = $value;
697 }
698 }
700 /* Create display list of users matching regex & filter
701 */
702 $this->displayUsers = array();
703 $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
705 /* Search in current tree or within subtrees depending on the checkbox from filter section */
706 if($gufilter['SubSearchGroup']){
707 $flag = GL_SIZELIMIT | GL_SUBSEARCH;
708 $base = $gufilter['dselect'];
709 }else{
710 $flag = GL_SIZELIMIT ;
711 $base = get_people_ou().$gufilter['dselect'];
712 }
713 $i = 0;
716 $res = get_list($filter,"users",$base,array("dn", "uid", "sn", "givenName"),$flag);
718 /* Fetch all users and skip already used users */
719 foreach($res as $attrs){
720 if(in_array($attrs['uid'][0], $this->memberUid)) {
721 continue;
722 }
723 $i ++;
724 if($i > $MaxUser) {
725 break;
726 }
727 $this->dnMapping[$attrs['uid'][0]]= $attrs["dn"];
728 $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
729 $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
730 }
732 /* If more than max users are found, display a message to warn the user */
733 if($i == $MaxUser && !$silent){
734 msg_dialog::display(_("Configuration error"), sprintf(_("Search returned too many results. Not displaying more than %s entries!"), $MaxUser), ERROR_DIALOG);
735 }
737 /* Sort lists */
738 natcasesort($this->members);
739 reset($this->members);
740 natcasesort ($this->displayUsers);
741 reset ($this->displayUsers);
742 }
745 /* Create display name, this was used so often that it is excluded into a seperate function */
746 function createResultName($attrs)
747 {
748 if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
749 $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
750 } else {
751 $ret= $attrs['uid'][0];
752 }
753 return($ret);
754 }
757 function remove_from_parent()
758 {
759 plugin::remove_from_parent();
761 $ldap= $this->config->get_ldap_link();
762 $ldap->rmdir($this->dn);
763 if (!$ldap->success()){
764 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_DEL, get_class()));
765 }
767 new log("remove","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
769 /* Delete references to object groups */
770 $ldap->cd ($this->config->current['BASE']);
771 $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".LDAP::prepare4filter($this->dn)."))", array("cn"));
772 while ($ldap->fetch()){
773 $og= new ogroup($this->config, $ldap->getDN());
774 unset($og->member[$this->dn]);
775 $og->save ();
776 }
778 /* Remove ACL dependencies too,
779 */
780 $ldap = $this->config->get_ldap_link();
781 $ldap->cd($this->config->current['BASE']);
782 $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($this->dn)."*))",array("gosaAclEntry","dn"));
783 while($attrs = $ldap->fetch()){
784 $acl = new acl($this->config,$this->parent,$attrs['dn']);
785 foreach($acl->gosaAclEntry as $id => $entry){
786 foreach($entry['members'] as $m_id => $member){
787 if($m_id == "G:".$this->dn || $m_id == "U:".$this->dn){
788 unset($acl->gosaAclEntry[$id]['members'][$m_id]);
789 gosa_log("modify","groups/acl",$attrs['dn'],array(),sprintf("Removed acl for %s on object %s.",$this->dn,$attrs['dn']));
790 }
791 }
792 }
793 $acl->save();
794 }
796 /* Remove ACL dependencies too,
797 */
798 $tmp = new acl($this->config,$this->parent,$this->dn);
799 $tmp->remove_acl();
801 /* Send signal to the world that we've done */
802 $this->handle_post_events("remove");
803 }
806 /* Save data to object */
807 function save_object()
808 {
809 /* Save additional values for possible next step */
810 if (isset($_POST['groupedit'])){
812 /* Create a base backup and reset the
813 base directly after calling plugin::save_object();
814 Base will be set seperatly a few lines below */
815 $base_tmp = $this->base;
816 plugin::save_object();
817 $this->base = $base_tmp;
819 $this->force_gid= 0;
821 /* Only reset sambagroup flag if we are able to write this flag */
822 if($this->acl_is_writeable("sambaGroupType")){
823 $this->smbgroup = 0;
824 }
826 /* Get base selection */
827 if(isset($_POST['base'])){
828 $tmp = $this->get_allowed_bases();
829 if(isset($tmp[$_POST['base']])){
830 $this->base = $_POST['base'];
831 }
832 }
834 foreach (array(
835 "force_gid" => "gidNumber",
836 "smbgroup" => "sambaGroupType") as $val => $aclname) {
837 if ($this->acl_is_writeable($aclname) && isset($_POST["$val"])){
838 $this->$val= $_POST["$val"];
839 }
840 }
842 /* Save sambaDomain attribute */
843 if ($this->acl_is_writeable("sambaDomainName") && $this->samba3 && isset ($_POST['sambaDomainName'])){
844 $this->sambaDomainName= $_POST['sambaDomainName'];
845 $this->groupType= $_POST['groupType'];
846 }
848 /* Save fon attribute */
849 if ($this->acl_is_writeable("fonGroup")){
850 if (isset ($_POST['fon_group'])){
851 $this->fon_group= TRUE;
852 } else {
853 $this->fon_group= FALSE;
854 }
855 }
856 if ($this->acl_is_writeable("nagiosGroup")){
857 if (isset ($_POST['nagios_group'])){
858 $this->nagios_group= TRUE;
859 } else {
860 $this->nagios_group= FALSE;
861 }
862 }
863 }
865 /* Trust mode - special handling */
866 if($this->acl_is_writeable("trustModel")){
867 if (isset($_POST['trustmode'])){
868 $saved= $this->trustModel;
869 if ($_POST['trustmode'] == "1"){
870 $this->trustModel= "fullaccess";
871 } elseif ($_POST['trustmode'] == "2"){
872 $this->trustModel= "byhost";
873 } else {
874 $this->trustModel= "";
875 }
876 if ($this->trustModel != $saved){
877 $this->is_modified= TRUE;
878 }
879 }
880 }
882 }
885 /* Save to LDAP */
886 function save()
887 {
889 /* ID handling */
890 if ($this->force_gid == 0){
891 if ($this->saved_gidNumber != ""){
892 $this->gidNumber= $this->saved_gidNumber;
893 } else {
894 /* Calculate new, lock uids */
895 $wait= 10;
896 while (get_lock("uidnumber") != ""){
897 sleep (1);
899 /* timed out? */
900 if ($wait-- == 0){
901 break;
902 }
903 }
904 add_lock ("uidnumber", "gosa");
905 $this->gidNumber= $this->get_next_id("gidNumber", $this->dn);
906 }
907 }
909 plugin::save();
911 /* Trust accounts */
912 $objectclasses= array();
913 foreach ($this->attrs['objectClass'] as $key => $class){
914 if (preg_match('/trustAccount/i', $class)){
915 continue;
916 }
917 $objectclasses[]= $this->attrs['objectClass'][$key];
918 }
919 $this->attrs['objectClass']= $objectclasses;
920 if ($this->trustModel != ""){
921 $this->attrs['objectClass'][]= "trustAccount";
922 $this->attrs['trustModel']= $this->trustModel;
923 $this->attrs['accessTo']= array();
924 if ($this->trustModel == "byhost"){
925 foreach ($this->accessTo as $host){
926 $this->attrs['accessTo'][]= $host;
927 }
928 }
929 } else {
930 if ($this->was_trust_account){
931 $this->attrs['accessTo']= array();
932 $this->attrs['trustModel']= array();
933 }
934 }
938 /* Remove objectClass for samba/phone support */
939 $tmp= array();
940 for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
941 if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
942 $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
943 $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
944 $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
945 $tmp[]= $this->attrs['objectClass'][$i];
946 }
947 }
948 $this->attrs['objectClass']= $tmp;
949 $ldap= $this->config->get_ldap_link();
951 /* Add samba group functionality */
952 if ($this->samba3 && $this->smbgroup){
954 /* Fixed undefined index ...
955 */
956 $this->SID = $this->ridBase = "";
957 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
958 $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
959 }else{
960 msg_dialog::display(_("Error"), sprintf(_("Cannot find any SID for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
961 }
962 if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
963 $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
964 }else{
965 msg_dialog::display(_("Error"), sprintf(_("Cannot find any RIDBASE for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
966 }
968 $this->attrs['objectClass'][]= 'sambaGroupMapping';
969 $this->attrs['sambaGroupType']= "2";
971 /* Check if we need to create a special entry */
972 if ($this->groupType == 0){
974 if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
975 $gidNumber= $this->gidNumber;
976 while(TRUE){
977 $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
978 $ldap->cd($this->config->current['BASE']);
979 $ldap->search("(sambaSID=$sid)",array("sambaSID"));
980 if ($ldap->count() == 0){
981 break;
982 }
983 $gidNumber++;
984 }
985 $this->attrs['sambaSID']= $sid;
986 $this->sambaSID= $sid;
987 }
989 } else {
990 $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
991 }
993 /* User wants me to fake the idMappings? This is useful for
994 making winbind resolve the group names in a reasonable amount
995 of time in combination with larger databases. */
996 if ($this->config->get_cfg_value("sambaidmapping") == "true"){
997 $this->attrs['objectClass'][]= "sambaIdmapEntry";
998 }
1000 }
1002 /* Add phone functionality */
1003 if ($this->fon_group){
1004 $this->attrs['objectClass'][]= "goFonPickupGroup";
1005 }
1007 /* Add nagios functionality */
1008 if ($this->nagios_group){
1009 $this->attrs['objectClass'][]= "nagiosContactGroup";
1010 }
1012 /* Take members array */
1013 if (count ($this->memberUid)){
1014 $this->attrs['memberUid']= array_values(array_unique($this->memberUid));
1015 }
1017 /* New accounts need proper 'dn', propagate it to remaining objects */
1018 if ($this->dn == 'new'){
1019 $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
1020 }
1022 /* Add member dn's for RFC2307bis Support */
1023 if ($this->rfc2307bis){
1024 $this->attrs['member'] = array();
1025 if (count($this->memberUid)){
1026 foreach($this->attrs['memberUid'] as $uid) {
1027 $this->attrs['member'][]= $this->dnMapping[$uid];
1028 }
1029 } else {
1030 $this->attrs['member'][]= $this->dn;
1031 }
1032 }
1034 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
1035 new entries. So do a check first... */
1036 $ldap->cat ($this->dn, array('dn'));
1037 if ($ldap->fetch()){
1038 /* Modify needs array() to remove values :-( */
1039 if (!count ($this->memberUid)){
1040 $this->attrs['memberUid']= array();
1041 }
1042 if ($this->samba3){
1043 if (!$this->smbgroup){
1044 $this->attrs['sambaGroupType']= array();
1045 $this->attrs['sambaSID']= array();
1046 }
1047 }
1048 $mode= "modify";
1049 } else {
1050 $mode= "add";
1051 $ldap->cd($this->config->current['BASE']);
1052 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
1053 }
1055 /* Write back to ldap */
1056 $ldap->cd($this->dn);
1057 $this->cleanup();
1058 $ldap->$mode($this->attrs);
1060 /* Remove ACL dependencies too,
1061 */
1062 if($this->dn != $this->orig_dn && $this->orig_dn != "new"){
1063 $tmp = new acl($this->config,$this->parent,$this->dn);
1064 $tmp->update_acl_membership($this->orig_dn,$this->dn);
1065 }
1067 if($this->initially_was_account){
1068 new log("modify","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1069 }else{
1070 new log("create","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1071 }
1073 $ret= 0;
1074 if (!$ldap->success()){
1075 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
1076 $ret= 1;
1077 }
1079 /* Remove uid lock */
1080 del_lock ("uidnumber");
1082 /* Post that we've done*/
1083 $this->handle_post_events($mode);
1085 return ($ret);
1086 }
1088 function check()
1089 {
1090 /* Call common method to give check the hook */
1091 $message= plugin::check();
1093 /* Permissions for that base? */
1094 if ($this->base != ""){
1095 $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
1096 } else {
1097 $new_dn= $this->dn;
1098 }
1100 /* must: cn */
1101 if ($this->cn == "" && $this->acl_is_writeable("cn")){
1102 $message[]= msgPool::required(_("Name"));
1103 }
1105 /* Check for valid input */
1106 if (!tests::is_uid($this->cn)){
1107 if (strict_uid_mode()){
1108 $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/");
1109 } else {
1110 $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/i");
1111 }
1112 }
1114 if($this->allowGroupsWithSameNameInOtherSubtrees == true){
1116 /* Check for used 'cn' */
1117 $ldap= $this->config->get_ldap_link();
1118 if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new") || ($new_dn != $this->orig_dn)){
1119 $ldap->cd(get_groups_ou().$this->base);
1120 $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
1121 if ($ldap->count() != 0){
1122 $message[]= msgPool::duplicated(_("Name"));
1123 }
1124 }
1125 }else{
1126 /* Check for used 'cn' */
1127 $ldap= $this->config->get_ldap_link();
1128 $ldap->cd($this->config->current['BASE']);
1129 $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn", "gosaUnitTag"));
1130 if ($ldap->count() != 0){
1131 while ($entry = $ldap->fetch()) {
1132 if ($this->gosaUnitTag == '' || ($this->orig_dn != $new_dn)) {
1133 $tag = $this->get_gosaUnitTag($new_dn);
1134 }
1135 else {
1136 $tag = $this->gosaUnitTag;
1137 }
1138 if ($entry['gosaUnitTag'][0] == $tag) {
1139 if ($ldap->getDN() != $this->orig_dn){
1140 $message[]= _("Another group of the same name already exists, saving or creating this group is not allowed. Please rename the group or remove the other group.");
1141 break;
1142 }
1143 }
1144 }
1145 }
1146 }
1148 /* Check ID */
1149 if ($this->force_gid == "1"){
1150 if (!tests::is_id($this->gidNumber)){
1151 $message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
1152 } else {
1153 if ($this->gidNumber < $this->config->get_cfg_value("minId")){
1154 $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("minId"));
1155 }
1157 }
1158 }
1160 /* Check if we are allowed to create or move this object
1161 */
1162 if(!$this->orig_dn == "new" ||
1163 $this->orig_base != $this->base ||
1164 $this->cn != $this->orig_cn){
1166 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
1167 $message[] = msgPool::permCreate();
1168 }elseif($this->orig_dn != "new" && !$this->acl_is_moveable($this->base)){
1169 $message[] = msgPool::permMove();
1170 }
1171 }
1173 return ($message);
1174 }
1176 function get_next_id($attrib, $dn)
1177 {
1178 $ids= array();
1179 $ldap= $this->config->get_ldap_link();
1181 $ldap->cd ($this->config->current['BASE']);
1182 if (preg_match('/gidNumber/i', $attrib)){
1183 $oc= "posixGroup";
1184 } else {
1185 $oc= "posixAccount";
1186 }
1187 $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
1189 /* Get list of ids */
1190 while ($attrs= $ldap->fetch()){
1191 $ids[]= (int)$attrs["$attrib"][0];
1192 }
1194 /* Find out next free id near to UID_BASE */
1195 if ($this->config->get_cfg_value("baseIdHook") == ""){
1196 $base= $this->config->get_cfg_value("uidNumberBase");
1197 } else {
1198 /* Call base hook */
1199 $base= get_base_from_hook($dn, $attrib);
1200 }
1201 for ($id= $base; $id++; $id < pow(2,32)){
1202 if (!in_array($id, $ids)){
1203 return ($id);
1204 }
1205 }
1207 /* Check if id reached maximum */
1208 if ($id >= pow(2,32)){
1209 msg_dialog::display(_("Error"), _("Cannot allocate a free ID!"), ERROR_DIALOG);
1210 exit;
1211 }
1212 }
1214 function getCopyDialog()
1215 {
1216 $vars = array("cn");
1218 if($this ->force_gid){
1219 $used = " checked ";
1220 $dis = "";
1221 }else{
1222 $used = "";
1223 $dis = " disabled ";
1224 }
1226 $smarty = get_smarty();
1227 $smarty->assign("used",$used);
1228 $smarty->assign("dis" ,$dis);
1229 $smarty->assign("cn" ,$this->cn);
1230 $smarty->assign("gidNumber",$this->gidNumber);
1231 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
1232 $ret = array();
1233 $ret['string'] = $str;
1234 $ret['status'] = "";
1235 return($ret);
1236 }
1238 function saveCopyDialog()
1239 {
1240 if(isset($_POST['cn'])){
1241 $this->cn = $_POST['cn'];
1242 }
1243 if(isset($_POST['force_gid'])){
1244 $this->force_gid = 1;
1245 $this->gidNumber= $_POST['gidNumber'];
1246 }else{
1247 $this->force_gid = 0;
1248 $this->gidNumber = false;
1249 }
1250 }
1253 /* Return plugin informations for acl handling */
1254 static function plInfo()
1255 {
1256 return (array(
1257 "plShortName" => _("Generic"),
1258 "plDescription" => _("Generic group settings"),
1259 "plSelfModify" => FALSE,
1260 "plDepends" => array(),
1261 "plPriority" => 0,
1262 "plSection" => array("administration"),
1263 "plCategory" => array("groups" => array("objectClass" => "posixGroup", "description" => _("Groups"))),
1265 "plProvidedAcls" => array(
1266 "cn" => _("Name"),
1267 "description" => _("Description"),
1268 "base" => _("Base"),
1270 "gidNumber" => _("GID"),
1272 "sambaGroupType" => _("Samba group type"),
1273 "sambaDomainName" => _("Samba domain name"),
1274 "trustModel" => _("System trust"),
1275 "fonGroup" => _("Phone pickup group"),
1276 "nagiosGroup" => _("Nagios group"),
1278 "memberUid" => _("Group member"))
1279 ));
1280 }
1283 function multiple_save_object()
1284 {
1285 if(isset($_POST['group_mulitple_edit'])){
1287 /* Create a base backup and reset the
1288 base directly after calling plugin::save_object();
1289 Base will be set seperatly a few lines below */
1290 $base_tmp = $this->base;
1291 plugin::multiple_save_object();
1292 plugin::save_object();
1293 $this->base = $base_tmp;
1295 foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $attr){
1296 if(isset($_POST['use_'.$attr])){
1297 $this->multi_boxes[] = $attr;
1298 }
1299 }
1301 /* Get base selection */
1302 if(isset($_POST['base'])){
1303 $tmp = $this->get_allowed_bases();
1304 if(isset($tmp[$_POST['base']])){
1305 $this->base = $_POST['base'];
1306 }
1307 }
1309 foreach (array( "smbgroup" => "sambaGroupType" ,"nagios_group" => "nagios_group") as $val => $aclname) {
1310 if ($this->acl_is_writeable($aclname)){
1311 if(isset($_POST["$val"])){
1312 $this->$val= TRUE;
1313 }else{
1314 $this->$val= FALSE;
1315 }
1316 }
1317 }
1319 /* Save sambaDomain attribute */
1320 if ($this->acl_is_writeable("sambaDomainName") && $this->samba3 && isset ($_POST['sambaDomainName'])){
1321 $this->sambaDomainName= $_POST['sambaDomainName'];
1322 $this->groupType= $_POST['groupType'];
1323 }
1325 /* Trust mode - special handling */
1326 if($this->acl_is_writeable("trustModel")){
1327 if (isset($_POST['trustmode'])){
1328 $saved= $this->trustModel;
1329 if ($_POST['trustmode'] == "1"){
1330 $this->trustModel= "fullaccess";
1331 } elseif ($_POST['trustmode'] == "2"){
1332 $this->trustModel= "byhost";
1333 } else {
1334 $this->trustModel= "";
1335 }
1336 if ($this->trustModel != $saved){
1337 $this->is_modified= TRUE;
1338 }
1339 }
1340 }
1342 /* Save fon attribute */
1343 if ($this->acl_is_writeable("fonGroup")){
1344 if (isset ($_POST['fon_group'])){
1345 $this->fon_group= TRUE;
1346 } else {
1347 $this->fon_group= FALSE;
1348 }
1349 }
1350 }
1351 }
1354 function get_multi_edit_values()
1355 {
1356 $ret = plugin::get_multi_edit_values();
1358 foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){
1359 if(in_array($attr,$this->multi_boxes)){
1360 $ret[$attr] = $this->$attr;
1361 }
1362 }
1364 if(in_array("trustmode",$this->multi_boxes)){
1365 $ret['trustModel'] = $this->trustModel;
1366 $ret['accessTo'] = $this->accessTo;
1367 }
1369 $ret['memberUid'] = $this->memberUid;
1370 $ret['memberUid_used_by_some'] = $this->memberUid_used_by_some;
1371 return($ret);
1372 }
1374 function multiple_execute()
1375 {
1376 return($this->execute());
1377 }
1380 /* Initialize plugin with given atribute arrays
1381 */
1382 function init_multiple_support($attrs,$all)
1383 {
1384 plugin::init_multiple_support($attrs,$all);
1386 $this->memberUid = array();
1387 $this->memberUid_used_by_some = array();
1388 if (isset($attrs['memberUid'])){
1389 for ($i= 0; $i<$attrs['memberUid']['count']; $i++){
1390 $this->memberUid[$attrs['memberUid'][$i]]= $attrs['memberUid'][$i];
1391 }
1392 ksort($this->memberUid);
1393 }
1395 if (isset($all['memberUid'])){
1396 for ($i= 0; $i<$all['memberUid']['count']; $i++){
1397 if(!in_array($all['memberUid'][$i],$this->memberUid)){
1398 $this->memberUid_used_by_some[$all['memberUid'][$i]]= $all['memberUid'][$i];
1399 }
1400 }
1401 ksort($this->memberUid_used_by_some);
1402 }
1403 }
1406 function PrepareForCopyPaste($source)
1407 {
1408 plugin::PrepareForCopyPaste($source);
1410 $source_o = new group($this->config, $source['dn']);
1411 foreach($this->CopyPasteVars as $var) {
1412 $this->$var = $source_o->$var;
1413 }
1415 $this->memberUid = array();
1416 if(isset($source['memberUid'])){
1417 for($i = 0 ; $i < $source['memberUid']['count']; $i ++){
1418 $this->memberUid[] = $source['memberUid'][$i];
1419 }
1420 }
1421 }
1424 function set_multi_edit_values($attrs)
1425 {
1426 $users = array();
1428 /* Update groupMembership, keep optinal group */
1429 foreach($attrs['memberUid_used_by_some'] as $uid){
1430 if(in_array($uid,$this->memberUid)){
1431 $users[$uid] = $uid;
1432 }
1433 }
1435 /* Update groupMembership, add forced groups */
1436 foreach($attrs['memberUid'] as $uid){
1437 $users[$uid] = $uid;
1438 }
1439 plugin::set_multi_edit_values($attrs);
1440 $this->memberUid = $users;
1441 }
1442 }
1443 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1444 ?>