index 150fda298e06e7e6f310c6ada312674ae2578d2a..c79a7f2876dd4fa1344e67d1abbfa47127236b95 100644 (file)
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+/*! \brief ACL management plugin */
class acl extends plugin
{
/* Definitions */
class acl extends plugin
{
/* Definitions */
$ldap->search('(&(objectClass=gosaAccount)(gosaUnitTag='.$tag.'))', array('uid', 'cn'));
}
while ($attrs= $ldap->fetch()){
$ldap->search('(&(objectClass=gosaAccount)(gosaUnitTag='.$tag.'))', array('uid', 'cn'));
}
while ($attrs= $ldap->fetch()){
- $this->users['U:'.$attrs['dn']]= $attrs['cn'][0].' ['.$attrs['uid'][0].']';
+
+ // Allow objects without cn to be listed without causing an error.
+ if(!isset($attrs['cn'][0]) && isset($attrs['uid'][0])){
+ $this->users['U:'.$attrs['dn']]= $attrs['uid'][0];
+ }elseif(!isset($attrs['uid'][0]) && isset($attrs['cn'][0])){
+ $this->users['U:'.$attrs['dn']]= $attrs['cn'][0];
+ }elseif(!isset($attrs['uid'][0]) && !isset($attrs['cn'][0])){
+ $this->users['U:'.$attrs['dn']]= $attrs['dn'];
+ }else{
+ $this->users['U:'.$attrs['dn']]= $attrs['cn'][0].' ['.$attrs['uid'][0].']';
+ }
+
}
ksort($this->users);
}
ksort($this->users);
}
$this->groups['G:'.$attrs['dn']]= $attrs['cn'][0].' ['.$dsc.']';
}
}
$this->groups['G:'.$attrs['dn']]= $attrs['cn'][0].' ['.$dsc.']';
}
+ $this->groups['G:*']= _("All users");
ksort($this->groups);
/* Roles */
ksort($this->groups);
/* Roles */
foreach($_POST as $name => $post){
/* Actions... */
foreach($_POST as $name => $post){
/* Actions... */
- if (preg_match('/^acl_edit_.*_x/', $name)){
+ if (preg_match('/^acl_edit_[0-9]*$/', $name)){
$this->dialogState= 'create';
$firstedit= TRUE;
$this->dialog= TRUE;
$this->dialogState= 'create';
$firstedit= TRUE;
$this->dialog= TRUE;
- $this->currentIndex= preg_replace('/^acl_edit_([0-9]+).*$/', '\1', $name);
+ $this->currentIndex= preg_replace('/^acl_edit_([0-9]*)$/', '\1', $name);
$this->loadAclEntry();
continue;
}
$this->loadAclEntry();
continue;
}
- if (preg_match('/^cat_edit_.*_x/', $name)){
- $this->aclObject= preg_replace('/^cat_edit_([^_]+)_.*$/', '\1', $name);
+ if (preg_match('/^cat_edit_.*$/', $name)){
+ $this->aclObject= preg_replace('/^cat_edit_(.*)$/', '\1', $name);
$this->dialogState= 'edit';
foreach ($this->ocMapping[$this->aclObject] as $oc){
if (isset($this->aclContents[$oc])){
$this->dialogState= 'edit';
foreach ($this->ocMapping[$this->aclObject] as $oc){
if (isset($this->aclContents[$oc])){
continue;
}
continue;
}
- if (preg_match('/^acl_del_.*_x/', $name)){
- unset($this->gosaAclEntry[preg_replace('/^acl_del_([0-9]+).*$/', '\1', $name)]);
+ if (preg_match('/^acl_del_[0-9]*$/', $name)){
+ unset($this->gosaAclEntry[preg_replace('/^acl_del_([0-9]*)$/', '\1', $name)]);
continue;
}
continue;
}
- if (preg_match('/^cat_del_.*_x/', $name)){
- $idx= preg_replace('/^cat_del_([^_]+)_.*$/', '\1', $name);
+ if (preg_match('/^cat_del_.*$/', $name)){
+ $idx= preg_replace('/^cat_del_(.*)$/', '\1', $name);
foreach ($this->ocMapping[$idx] as $key){
foreach ($this->ocMapping[$idx] as $key){
- unset($this->aclContents["$idx/$key"]);
+ if(isset($this->aclContents[$idx]))
+ unset($this->aclContents[$idx]);
+ if(isset($this->aclContents["$idx/$key"]))
+ unset($this->aclContents["$idx/$key"]);
}
continue;
}
/* Sorting... */
}
continue;
}
/* Sorting... */
- if (preg_match('/^sortup_.*_x/', $name)){
- $index= preg_replace('/^sortup_([0-9]+).*$/', '\1', $name);
+ if (preg_match('/^sortup_[0-9]*$/', $name)){
+ $index= preg_replace('/^sortup_([0-9]*)$/', '\1', $name);
if ($index > 0){
$tmp= $this->gosaAclEntry[$index];
$this->gosaAclEntry[$index]= $this->gosaAclEntry[$index-1];
if ($index > 0){
$tmp= $this->gosaAclEntry[$index];
$this->gosaAclEntry[$index]= $this->gosaAclEntry[$index-1];
}
continue;
}
}
continue;
}
- if (preg_match('/^sortdown_.*_x/', $name)){
- $index= preg_replace('/^sortdown_([0-9]+).*$/', '\1', $name);
+ if (preg_match('/^sortdown_[0-9]*$/', $name)){
+ $index= preg_replace('/^sortdown_([0-9]*)$/', '\1', $name);
if ($index < count($this->gosaAclEntry)-1){
$tmp= $this->gosaAclEntry[$index];
$this->gosaAclEntry[$index]= $this->gosaAclEntry[$index+1];
if ($index < count($this->gosaAclEntry)-1){
$tmp= $this->gosaAclEntry[$index];
$this->gosaAclEntry[$index]= $this->gosaAclEntry[$index+1];
/* ACL saving... */
if (preg_match('/^acl_.*_[^xy]$/', $name)){
/* ACL saving... */
if (preg_match('/^acl_.*_[^xy]$/', $name)){
- list($dummy, $object, $attribute, $value)= split('_', $name);
+ list($dummy, $object, $attribute, $value)= explode('_', $name);
/* Skip for detection entry */
if ($object == 'dummy') {
/* Skip for detection entry */
if ($object == 'dummy') {
}
}
}
}
- if(isset($_POST['selected_role'])){
+ // Remember the selected ACL role.
+ if(isset($_POST['selected_role']) && $_POST['aclType'] == 'role'){
$this->aclContents = "";
$this->aclContents = base64_decode($_POST['selected_role']);
}
$this->aclContents = "";
$this->aclContents = base64_decode($_POST['selected_role']);
}
$field2= array("string" => $link);
if($this->acl_is_writeable("")){
$field2= array("string" => $link);
if($this->acl_is_writeable("")){
- $action.= "<input type='image' name='sortup_$key' alt='up'
- title='"._("Up")."' src='images/lists/sort-up.png' align='top'>";
- $action.= "<input type='image' name='sortdown_$key' alt='down'
- title='"._("Down")."' src='images/lists/sort-down.png'>";
+ $action.= image('images/lists/sort-up.png', 'sortup_'.$key);
+ $action.= image('images/lists/sort-down.png', 'sortdown_'.$key);
}
if($this->acl_is_readable("")){
}
if($this->acl_is_readable("")){
- $action.= "<input class='center' type='image' src='images/lists/edit.png'
- alt='"._("Edit")."' name='acl_edit_$key' title='".msgPool::editButton(_("ACL"))."'>";
+ $action.= image('images/lists/edit.png','acl_edit_'.$key,msgPool::editButton(_("ACL")));
}
if($this->acl_is_removeable("")){
}
if($this->acl_is_removeable("")){
- $action.= "<input class='center' type='image' src='images/lists/trash.png'
- alt='"._("Delete")."' name='acl_del_$key' title='".msgPool::delButton(_("ACL"))."'>";
+ $action.= image('images/lists/trash.png','acl_del_'.$key,msgPool::delButton(_("ACL")));
}
$field3= array("string" => $action, "attach" => "style='border-right:0px;width:50px;text-align:right;'");
}
$field3= array("string" => $action, "attach" => "style='border-right:0px;width:50px;text-align:right;'");
$actions ="";
if($this->acl_is_readable("")){
$actions ="";
if($this->acl_is_readable("")){
- $actions= "<input class='center' type='image' src='images/lists/edit.png'
- alt='"._("Edit")."' name='cat_edit_$section' title='".msgPool::editButton(_("category ACL"))."'>";
+ $actions.= image('images/lists/edit.png','cat_edit_'.$section, msgPool::editButton(_("category ACL")));
}
if($this->acl_is_removeable()){
}
if($this->acl_is_removeable()){
- $actions.= "<input class='center' type='image' src='images/lists/trash.png'
- alt='"._("Delete")."' name='cat_del_$section' title='".msgPool::delButton(_("category ACL"))."'>";
+ $actions.= image('images/lists/trash.png','cat_del_'.$section, msgPool::delButton(_("category ACL")));
}
$field1= array("string" => $dsc, "attach" => "style='width:100px'");
}
$field1= array("string" => $dsc, "attach" => "style='width:100px'");
/* Generate list */
$tmp= array();
/* Generate list */
$tmp= array();
+ if ($this->target == "group" && !isset($this->recipients["G:*"])){
+ $tmp["G:*"]= _("All users");
+ }
foreach (array("user" => "users", "group" => "groups") as $field => $arr){
if ($this->target == $field){
foreach ($this->$arr as $key => $value){
foreach (array("user" => "users", "group" => "groups") as $field => $arr){
if ($this->target == $field){
foreach ($this->$arr as $key => $value){
$style = "style='width:100px;'";
if($this->acl_is_writeable("")){
$style = "style='width:100px;'";
if($this->acl_is_writeable("")){
- $display .= "<input ".$style." type='button' name='toggle_all_create' onClick=\"acl_toggle_all('_0_c$');\" value='Toggle C'>";
- $display .= "<input ".$style." type='button' name='toggle_all_move' onClick=\"acl_toggle_all('_0_m$');\" value='Toggle M'>";
- $display .= "<input ".$style." type='button' name='toggle_all_remove' onClick=\"acl_toggle_all('_0_d$');\" value='Toggle D'> - ";
- $display .= "<input ".$style." type='button' name='toggle_all_read' onClick=\"acl_toggle_all('_0_r$');\" value='Toggle R'>";
- $display .= "<input ".$style." type='button' name='toggle_all_write' onClick=\"acl_toggle_all('_0_w$');\" value='Toggle W'> - ";
+ $display .= "<button type='button' ".$style." name='toggle_all_create' onClick=\"acl_toggle_all('_0_c$');\" >Toggle C</button>";
+ $display .= "<button type='button' ".$style." name='toggle_all_move' onClick=\"acl_toggle_all('_0_m$');\" >Toggle M</button>";
+ $display .= "<button type='button' ".$style." name='toggle_all_remove' onClick=\"acl_toggle_all('_0_d$');\" >Toggle D</button> - ";
+ $display .= "<button type='button' ".$style." name='toggle_all_read' onClick=\"acl_toggle_all('_0_r$');\" >Toggle R</button>";
+ $display .= "<button type='button' ".$style." name='toggle_all_write' onClick=\"acl_toggle_all('_0_w$');\" >Toggle W</button> - ";
- $display .= "<input ".$style." type='button' name='toggle_all_sub_read' onClick=\"acl_toggle_all('[^0]_r$');\" value='R+'>";
- $display .= "<input ".$style." type='button' name='toggle_all_sub_write' onClick=\"acl_toggle_all('[^0]_w$');\" value='W+'>";
+ $display .= "<button type='button' ".$style." name='toggle_all_sub_read' onClick=\"acl_toggle_all('[^0]_r$');\" >R+</button>";
+ $display .= "<button type='button' ".$style." name='toggle_all_sub_write' onClick=\"acl_toggle_all('[^0]_w$');\" >W+</button>";
$display .= "<br>";
$style = "style='width:50px;'";
$display .= "<br>";
$style = "style='width:50px;'";
- $display .= "<input ".$style." type='button' name='set_true_all_create' onClick=\"acl_set_all('_0_c$',true);\" value='C+'>";
- $display .= "<input ".$style." type='button' name='set_false_all_create' onClick=\"acl_set_all('_0_c$',false);\" value='C-'>";
- $display .= "<input ".$style." type='button' name='set_true_all_move' onClick=\"acl_set_all('_0_m$',true);\" value='M+'>";
- $display .= "<input ".$style." type='button' name='set_false_all_move' onClick=\"acl_set_all('_0_m$',false);\" value='M-'>";
- $display .= "<input ".$style." type='button' name='set_true_all_remove' onClick=\"acl_set_all('_0_d$',true);\" value='D+'>";
- $display .= "<input ".$style." type='button' name='set_false_all_remove' onClick=\"acl_set_all('_0_d$',false);\" value='D-'> - ";
- $display .= "<input ".$style." type='button' name='set_true_all_read' onClick=\"acl_set_all('_0_r$',true);\" value='R+'>";
- $display .= "<input ".$style." type='button' name='set_false_all_read' onClick=\"acl_set_all('_0_r$',false);\" value='R-'>";
- $display .= "<input ".$style." type='button' name='set_true_all_write' onClick=\"acl_set_all('_0_w$',true);\" value='W+'>";
- $display .= "<input ".$style." type='button' name='set_false_all_write' onClick=\"acl_set_all('_0_w$',false);\" value='W-'> - ";
-
- $display .= "<input ".$style." type='button' name='set_true_all_read' onClick=\"acl_set_all('[^0]_r$',true);\" value='R+'>";
- $display .= "<input ".$style." type='button' name='set_false_all_read' onClick=\"acl_set_all('[^0]_r$',false);\" value='R-'>";
- $display .= "<input ".$style." type='button' name='set_true_all_write' onClick=\"acl_set_all('[^0]_w$',true);\" value='W+'>";
- $display .= "<input ".$style." type='button' name='set_false_all_write' onClick=\"acl_set_all('[^0]_w$',false);\" value='W-'>";
+ $display .= "<button type='button' ".$style." name='set_true_all_create' onClick=\"acl_set_all('_0_c$',true);\" >C+</button>";
+ $display .= "<button type='button' ".$style." name='set_false_all_create' onClick=\"acl_set_all('_0_c$',false);\" >C-</button>";
+ $display .= "<button type='button' ".$style." name='set_true_all_move' onClick=\"acl_set_all('_0_m$',true);\" >M+</button>";
+ $display .= "<button type='button' ".$style." name='set_false_all_move' onClick=\"acl_set_all('_0_m$',false);\" >M-</button>";
+ $display .= "<button type='button' ".$style." name='set_true_all_remove' onClick=\"acl_set_all('_0_d$',true);\" >D+</button>";
+ $display .= "<button type='button' ".$style." name='set_false_all_remove' onClick=\"acl_set_all('_0_d$',false);\" >D-</button> - ";
+ $display .= "<button type='button' ".$style." name='set_true_all_read' onClick=\"acl_set_all('_0_r$',true);\" >R+</button>";
+ $display .= "<button type='button' ".$style." name='set_false_all_read' onClick=\"acl_set_all('_0_r$',false);\" >R-</button>";
+ $display .= "<button type='button' ".$style." name='set_true_all_write' onClick=\"acl_set_all('_0_w$',true);\" >W+</button>";
+ $display .= "<button type='button' ".$style." name='set_false_all_write' onClick=\"acl_set_all('_0_w$',false);\" >W-</button> - ";
+
+ $display .= "<button type='button' ".$style." name='set_true_all_read' onClick=\"acl_set_all('[^0]_r$',true);\" >R+</button>";
+ $display .= "<button type='button' ".$style." name='set_false_all_read' onClick=\"acl_set_all('[^0]_r$',false);\" >R-</button>";
+ $display .= "<button type='button' ".$style." name='set_true_all_write' onClick=\"acl_set_all('[^0]_w$',true);\" >W+</button>";
+ $display .= "<button type='button' ".$style." name='set_false_all_write' onClick=\"acl_set_all('[^0]_w$',false);\" >W-</button>";
}
/* Build general objects */
}
/* Build general objects */
$back_color = "#C8C8C8";
}
$back_color = "#C8C8C8";
}
- if(session::global_get('js')) {
- if(isset($_SERVER['HTTP_USER_AGENT']) &&
- (preg_match("/gecko/i",$_SERVER['HTTP_USER_AGENT'])) ||
- (preg_match("/presto/i",$_SERVER['HTTP_USER_AGENT']))) {
- $display.= "\n<table style='width:100%;border:1px solid #A0A0A0' cellspacing=0 cellpadding=2>".
- "\n <tr>".
- "\n <td style='background-color:{$back_color};height:1.8em;' colspan=".($cols-1)."><b>"._("Object").": $name</b></td>".
- "\n <td align='right' style='background-color:{$back_color};height:1.8em;'>".
- "\n <input type='button' onclick='divtoggle(\"$tname\");' value='"._("Show/hide advanced settings")."' /></td>".
- "\n </tr>";
- } else if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/ie/i",$_SERVER['HTTP_USER_AGENT'])) {
- $display.= "\n<table style='width:100%;border:1px solid #A0A0A0' cellspacing=0 cellpadding=2>".
- "\n <tr>".
- "\n <td style='background-color:#C8C8C8;height:1.8em;' colspan=".($cols-1)."><b>"._("Object").": $name</b></td>".
- "\n <td align='right' style='background-color:#C8C8C8;height:1.8em;'>".
- "\n <input type='button' onclick='divtoggle(\"$tname\");' value='"._("Show/hide advanced settings")."' /></td>".
- "\n </tr>";
- } else {
- $display.= "\n<table style='width:100%;border:1px solid #A0A0A0' cellspacing=0 cellpadding=2>".
- "\n <tr>".
- "\n <td style='background-color:#C8C8C8;height:1.8em;' colspan=$cols><b>"._("Object").": $name</b></td>".
- "\n </tr>";
- }
+ if(isset($_SERVER['HTTP_USER_AGENT']) &&
+ (preg_match("/gecko/i",$_SERVER['HTTP_USER_AGENT'])) ||
+ (preg_match("/presto/i",$_SERVER['HTTP_USER_AGENT']))) {
+ $display.= "\n<table summary='{$name}' style='width:100%;border:1px solid #A0A0A0' cellspacing=0 cellpadding=2>".
+ "\n <tr>".
+ "\n <td style='background-color:{$back_color};height:1.8em;' colspan=".($cols-1)."><b>"._("Object").": $name</b></td>".
+ "\n <td align='right' style='background-color:{$back_color};height:1.8em;'>".
+ "\n <button type='button' onclick=\"$('{$tname}').toggle();\">"._("Show/hide advanced settings")."</button></td>".
+ "\n </tr>";
+ } else if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/ie/i",$_SERVER['HTTP_USER_AGENT'])) {
+ $display.= "\n<table summary='{$name}' style='width:100%;border:1px solid #A0A0A0' cellspacing=0 cellpadding=2>".
+ "\n <tr>".
+ "\n <td style='background-color:#C8C8C8;height:1.8em;' colspan=".($cols-1)."><b>"._("Object").": $name</b></td>".
+ "\n <td align='right' style='background-color:#C8C8C8;height:1.8em;'>".
+ "\n <button type='button' onclick=\"$('{$tname}').toggle();\">"._("Show/hide advanced settings")."</button></td>".
+ "\n </tr>";
} else {
} else {
- $display.= "\n<table style='width:100%;border:1px solid #A0A0A0' cellspacing=0 cellpadding=2>".
- "\n <tr>".
- "\n <td style='background-color:#C8C8C8;height:1.8em;' colspan=$cols><b>"._("Object").": $name</b></td>".
- "\n </tr>";
+ $display.= "\n<table summary='{$name}' style='width:100%;border:1px solid #A0A0A0' cellspacing=0 cellpadding=2>".
+ "\n <tr>".
+ "\n <td style='background-color:#C8C8C8;height:1.8em;' colspan=$cols><b>"._("Object").": $name</b></td>".
+ "\n </tr>";
}
/* Generate options */
}
/* Generate options */
(preg_match("/gecko/i",$_SERVER['HTTP_USER_AGENT'])) || (preg_match("/presto/i",$_SERVER['HTTP_USER_AGENT']))) {
$display.= "\n <tr id='tr_$tname' style='vertical-align:top;height:0px;'>".
"\n <td colspan=".$cols.">".
(preg_match("/gecko/i",$_SERVER['HTTP_USER_AGENT'])) || (preg_match("/presto/i",$_SERVER['HTTP_USER_AGENT']))) {
$display.= "\n <tr id='tr_$tname' style='vertical-align:top;height:0px;'>".
"\n <td colspan=".$cols.">".
- "\n <div id='$tname' style='overflow:hidden;visibility:hidden;height:0px;vertical-align:top;width:100%;'>".
- "\n <table style='width:100%;'>";
+ "\n <div id='$tname' style='overflow:hidden; display:none;vertical-align:top;width:100%;'>".
+ "\n <table style='width:100%;' summary='{$name}'>";
} else if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/ie/i",$_SERVER['HTTP_USER_AGENT'])) {
$display.= "\n <tr id='tr_$tname' style='vertical-align:top;height:0px;'>".
"\n <td colspan=".$cols.">".
} else if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/ie/i",$_SERVER['HTTP_USER_AGENT'])) {
$display.= "\n <tr id='tr_$tname' style='vertical-align:top;height:0px;'>".
"\n <td colspan=".$cols.">".
- "\n <div id='$tname' style='position:absolute;overflow:hidden;visibility:hidden;height:0px;vertical-align:top;width:100%;'>".
- "\n <table style='width:100%;'>";
+ "\n <div id='$tname' style='position:absolute;overflow:hidden;display:none;;vertical-align:top;width:100%;'>".
+ "\n <table style='width:100%;' summary='{$name}'>";
}else{
}
}
}else{
}
}
static function explodeACL($acl)
{
static function explodeACL($acl)
{
- $list= split(':', $acl);
+ $list= explode(':', $acl);
if(count($list) == 5){
list($index, $type,$member,$permission,$filter)= $list;
$filter = base64_decode($filter);
if(count($list) == 5){
list($index, $type,$member,$permission,$filter)= $list;
$filter = base64_decode($filter);
if ($ms == $acl){
return $a;
}
if ($ms == $acl){
return $a;
}
- $ma= split(',', $ms);
+ $ma= explode(',', $ms);
/* Decode dn's, fill with informations from LDAP */
$ldap= $config->get_ldap_link();
foreach ($ma as $memberdn){
/* Decode dn's, fill with informations from LDAP */
$ldap= $config->get_ldap_link();
foreach ($ma as $memberdn){
+ // Check for wildcard here
$dn= base64_decode($memberdn);
$dn= base64_decode($memberdn);
- $ldap->cat($dn, array('cn', 'objectClass', 'description', 'uid'));
+ if ($dn != "*") {
+ $ldap->cat($dn, array('cn', 'objectClass', 'description', 'uid'));
+
+ /* Found entry... */
+ if ($ldap->count()){
+ $attrs= $ldap->fetch();
+ if (in_array_ics('gosaAccount', $attrs['objectClass'])){
+ $a['U:'.$dn]= $attrs['cn'][0]." [".$attrs['uid'][0]."]";
+ } else {
+ $a['G:'.$dn]= $attrs['cn'][0];
+ if (isset($attrs['description'][0])){
+ $a['G:'.$dn].= " [".$attrs['description'][0]."]";
+ }
+ }
- /* Found entry... */
- if ($ldap->count()){
- $attrs= $ldap->fetch();
- if (in_array_ics('gosaAccount', $attrs['objectClass'])){
- $a['U:'.$dn]= $attrs['cn'][0]." [".$attrs['uid'][0]."]";
+ /* ... or not */
} else {
} else {
- $a['G:'.$dn]= $attrs['cn'][0];
- if (isset($attrs['description'][0])){
- $a['G:'.$dn].= " [".$attrs['description'][0]."]";
- }
+ $a['U:'.$dn]= sprintf(_("Unknown entry '%s'!"), $dn);
}
}
- /* ... or not */
} else {
} else {
- $a['U:'.$dn]= sprintf(_("Unknown entry '%s'!"), $dn);
+ $a['G:*']= sprintf(_("All users"));
}
}
}
}
{
/* Rip acl off the string, seperate by ',' and place it in an array */
$as= preg_replace('/^[^:]+:[^:]+:[^:]*:([^:]*).*$/', '\1', $acl);
{
/* Rip acl off the string, seperate by ',' and place it in an array */
$as= preg_replace('/^[^:]+:[^:]+:[^:]*:([^:]*).*$/', '\1', $acl);
- $aa= split(',', $as);
+ $aa= explode(',', $as);
$a= array();
/* Dis-assemble single ACLs */
foreach($aa as $sacl){
/* Dis-assemble field ACLs */
$a= array();
/* Dis-assemble single ACLs */
foreach($aa as $sacl){
/* Dis-assemble field ACLs */
- $ao= split('#', $sacl);
+ $ao= explode('#', $sacl);
$gobject= "";
foreach($ao as $idx => $ssacl){
$gobject= "";
foreach($ao as $idx => $ssacl){
} else {
/* All other entries get appended... */
} else {
/* All other entries get appended... */
- list($field, $facl)= split(';', $ssacl);
+ list($field, $facl)= explode(';', $ssacl);
$a[$gobject][$field]= $facl;
}
$a[$gobject][$field]= $facl;
}
}
}
}
}
+
/* Summarize members */
/* Summarize members */
- if ($summary != ""){
- $summary.= ", ";
- }
- if (count($entry['members'])){
- $summary.= _("Members").": ";
- foreach ($entry['members'] as $cn){
- $cn= preg_replace('/ \[.*$/', '', $cn);
- $summary.= $cn.", ";
+ if(!($this instanceOf aclrole)){
+ if ($summary != ""){
+ $summary.= ", ";
+ }
+ if (count($entry['members'])){
+ $summary.= _("Members").": ";
+ foreach ($entry['members'] as $cn){
+ $cn= preg_replace('/ \[.*$/', '', $cn);
+ $summary.= $cn.", ";
+ }
+ } else {
+ $summary.= "<font color='red'><i>"._("inactive")." - "._("No members")."</i></font>";
}
}
- } else {
- $summary.= _("ACL takes effect for all users");
}
}
-
return (preg_replace('/, $/', '', $summary));
}
return (preg_replace('/, $/', '', $summary));
}
}
if (!$ldap->success()){
}
if (!$ldap->success()){
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_MOD, get_class()));
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_MOD, get_class()), ERROR_DIALOG);
}
/* Refresh users ACLs */
}
/* Refresh users ACLs */
/* Remove acls defined for $src */
function remove_acl()
{
/* Remove acls defined for $src */
function remove_acl()
{
- $this->remove_acl_for_dn($this->dn);
+ acl::remove_acl_for($this->dn);
}
/* Remove acls defined for $src */
}
/* Remove acls defined for $src */
- function remove_acl_for_dn($src = "")
- {
- if($src == ""){
- $src = $this->dn;
- }
- $ldap = $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($src)."*))",array("gosaAclEntry","dn"));
- while($attrs = $ldap->fetch()){
- $acl = new acl($this->config,$this->parent,$attrs['dn']);
- foreach($acl->gosaAclEntry as $id => $entry){
- foreach($entry['members'] as $m_id => $member){
- if($m_id == "U:".$src){
- unset($acl->gosaAclEntry[$id]['members'][$m_id]);
- gosa_log("modify","users/acl",$attrs['dn'],array(),sprintf("Removed acl for user %s on object %s.",$src,$attrs['dn']));
- }
- if($m_id == "G:".$src){
- unset($acl->gosaAclEntry[$id]['members'][$m_id]);
- gosa_log("modify","groups/acl",$attrs['dn'],array(),sprintf("Removed acl for group %s on object %s.",$src,$attrs['dn']));
- }
- }
+ static function remove_acl_for($dn)
+ {
+ global $config;
+
+ $ldap = $config->get_ldap_link();
+ $ldap->cd($config->current['BASE']);
+ $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($dn)."*))",array("gosaAclEntry","dn"));
+ $new_entries= array();
+ while($attrs = $ldap->fetch()){
+ if (!isset($attrs['gosaAclEntry'])) {
+ continue;
+ }
+ unset($attrs['gosaAclEntry']['count']);
+
+ // Remove entry directly
+ foreach($attrs['gosaAclEntry'] as $id => $entry){
+ $parts= explode(':',$entry);
+ $members= explode(',',$parts[2]);
+ $new_members= array();
+ foreach($members as $member) {
+ if (base64_decode($member) != $dn) {
+ $new_members[]= $member;
+ } else {
+ gosa_log("modify","users/acl",$attrs['dn'],array(),sprintf("Removed acl for %s on object %s.",$dn,$attrs['dn']));
+ }
+ }
+
+ /* We can completely remove the entry if there are no members anymore */
+ if (count($new_members)) {
+ $parts[2]= implode(",", $new_members);
+ $new_entries[]= implode(":", $parts);
+ }
+ }
+
+ // There should be a modification, so write it back
+ $ldap->cd($attrs['dn']);
+ $new_attrs= array("gosaAclEntry" => $new_entries);
+ $ldap->modify($new_attrs);
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, get_class()), ERROR_DIALOG);
}
}
- $acl -> save();
}
}
}
}
+
function update_acl_membership($src,$dst)
{
$ldap = $this->config->get_ldap_link();
function update_acl_membership($src,$dst)
{
$ldap = $this->config->get_ldap_link();