current['BASE'];
}else{
/* Append base to given sudoers ou if missing */
if(!preg_match("/".normalizePreg($config->current['BASE'])."$/i",$base)){
if(!preg_match("/,$/",$base)){
$base = $base.",".$config->current['BASE'];
}else{
$base = $base.$config->current['BASE'];
}
}
}
return($base);
}
function sudo(&$config, $dn= NULL)
{
plugin::plugin ($config, $dn);
foreach(array("sudoUser","sudoCommand","sudoHost","sudoRunas") as $attr){
$this->$attr = array();
if(isset($this->attrs[$attr])){
$tmp = array();
for($i = 0 ; $i < $this->attrs[$attr]['count']; $i++){
$tmp[] = $this->attrs[$attr][$i];
}
$this->$attr = $tmp;
}
}
/*******
Prepare Flags
*******/
$options = array();
// BOOLEAN
$options[]=array("NAME"=>"long_otp_prompt" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"ignore_dot" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"mail_always" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"mail_badpass" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"mail_no_user" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"mail_no_host" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"mail_no_perms" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"tty_tickets" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"authenticate" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"root_sudo" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"log_host" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"log_year" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"shell_noargs" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"set_home" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"always_set_home" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"path_info" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"preserve_groups" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"fqdn" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"insults" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"requiretty" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"env_editor" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"rootpw" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"runaspw" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"targetpw" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"set_logname" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"stay_setuid" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"env_reset" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"use_loginclass" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"noexec" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
$options[]=array("NAME"=>"ignore_local_sudoers" , "TYPE"=>"BOOLEAN", "VALUE" => "1");
//STRINGS
}
function execute()
{
/* Call parent execute */
plugin::execute();
/*********************
NEGATE values
*********************/
foreach($_POST as $name => $value){
if(preg_match("/^neg_/",$name)){
$attr = preg_replace("/^neg_([^_]*)_.*$/","\\1",$name);
$value= preg_replace("/^neg_[^_]*_([0-9]*)_.*$/","\\1",$name);
$attrs = $this->$attr;
if(isset( $attrs[$value])){
$v = $attrs[$value];
if(preg_match("/^!/",$v)){
$attrs[$value] = preg_replace("/^!/","",$v);
}else{
$attrs[$value] = "!".$v;
}
$this->$attr = $attrs;
}
break; // Do it once, image inputs will be posted twice
}
}
/*********************
Delete values
*********************/
foreach($_POST as $name => $value){
if(preg_match("/^del_/",$name)){
$attr = preg_replace("/^del_([^_]*)_.*$/","\\1",$name);
$value= preg_replace("/^del_[^_]*_([0-9]*)_.*$/","\\1",$name);
$attrs = $this->$attr;
if(isset( $attrs[$value])){
unset($attrs[$value]);
$this->$attr = $attrs;
}
break; // Do it once, image inputs will be posted twice
}
}
/*********************
ADD values
*********************/
foreach(array("sudoUser","sudoHost","sudoRunas") as $attr){
if(isset($_POST["add_".$attr]) && isset($_POST['new_'.$attr]) && !empty($_POST['new_'.$attr])){
if(preg_match("/^[a-z\.0-9]*$/i",$_POST['new_'.$attr])){
$attrs = $this->$attr;
$attrs[] = trim($_POST['new_'.$attr]);
$this->$attr = $attrs;
}else{
msg_dialog::display(_("Error"),msgPool::invalid($attr,$_POST['new_'.$attr],"/[a-z0-9]/"));
}
}
}
foreach(array("sudoCommand") as $attr){
if(isset($_POST["add_".$attr]) && isset($_POST['new_'.$attr])){
$attrs = $this->$attr;
$attrs[] = trim($_POST['new_'.$attr]);
$this->$attr = $attrs;
}
}
$smarty = get_smarty();
foreach($this->attributes as $attr){
$smarty->assign($attr,$this->$attr);
}
$divlist_sudoUser = new divSelectBox("divlist_sudoUser");
$divlist_sudoUser->SetHeight("90");
$divlist_sudoHost = new divSelectBox("divlist_sudoHost");
$divlist_sudoHost->Setheight("90");
$divlist_sudoRunas = new divSelectBox("divlist_sudoRunas");
$divlist_sudoRunas->Setheight("90");
$divlist_sudoCommand = new divSelectBox("divlist_sudoCommand");
$divlist_sudoCommand->Setheight("90");
$neg_img= "";
$option = "";
$option.= "";
foreach(array("sudoUser","sudoCommand","sudoHost","sudoRunas") as $attr){
foreach($this->$attr as $key => $entry){
$entry = preg_replace("/^!/",$neg_img,$entry);
$list_name = "divlist_".$attr;
$$list_name->AddEntry(
array(
array("string" => $entry),
array("string" => preg_replace(array("/%KEY%/","/%ATTR%/"),array($key,$attr),$option),
"attach" => "style='width:40px; border-right: 0px;'")));
}
}
$smarty->assign("divlist_sudoUser",$divlist_sudoUser->DrawList());
$smarty->assign("divlist_sudoHost",$divlist_sudoHost->DrawList());
$smarty->assign("divlist_sudoRunas",$divlist_sudoRunas->DrawList());
$smarty->assign("divlist_sudoCommand",$divlist_sudoCommand->DrawList());
return($smarty->fetch(get_template_path('generic.tpl', TRUE)));
}
function remove_from_parent()
{
plugin::remove_from_parent();
$ldap = $this->config->get_ldap_link();
$ldap->cd($this->dn);
$ldap->rmdir($this->dn);
/* Send signal to the world that we've done */
$this->handle_post_events("remove");
}
/* Save data to object */
function save_object()
{
plugin::save_object();
}
/* Save to LDAP */
function save()
{
plugin::save();
$this->cleanup();
$ldap = $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
if($this->is_new){
$ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
$ldap->cd($this->dn);
$ldap->add($this->attrs);
/* Send signal to the world that we've done */
$this->handle_post_events("create");
}else{
$ldap->cd($this->dn);
$ldap->modify($this->attrs);;
/* Send signal to the world that we've done */
$this->handle_post_events("modify");
}
}
function check()
{
$message = plugin::check();
return ($message);
}
/* Return plugin informations for acl handling */
static function plInfo()
{
return (array(
"plShortName" => _("Sudo"),
"plDescription" => _("Sudo role"),
"plSelfModify" => FALSE,
"plDepends" => array(),
"plPriority" => 0,
"plSection" => array("admin"),
"plCategory" => array("sudo" => array("objectClass" => "sudoRole", "description" => _("Sudo role"))),
"plProvidedAcls" => array(
"cn" => _("Name"),
"description" => _("Description"),
"sudoUser" => _("Users"),
"sudoHost" => _("Host"),
"sudoCommand" => _("Command"),
"sudoRunas" => _("Run as user"))
));
}
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>