diff --git a/gosa-core/plugins/admin/groups/class_group.inc b/gosa-core/plugins/admin/groups/class_group.inc
index a2519c1c3052eac498501657497decf8ad79955b..ac7ebe894a93bd2c5cdd5056d139f546868753cb 100644 (file)
var $allowGroupsWithSameNameInOtherSubtrees = true;
var $baseSelector;
var $allowGroupsWithSameNameInOtherSubtrees = true;
var $baseSelector;
- /* Trustmodel/AccessTo
- */
- var $accessTo= array();
- var $trustModel= "";
- var $trustSelect = FALSE;
-
/* attribute list for save action */
/* attribute list for save action */
- var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID","accessTo","trustModel");
+ var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID");
var $objectclasses= array("top", "posixGroup");
var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType");
var $objectclasses= array("top", "posixGroup");
var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType");
plugin::plugin ($config, $dn);
plugin::plugin ($config, $dn);
+ $this->trustModeDialog = new trustModeDialog($this->config, $this->dn,NULL);
+ $this->trustModeDialog->setAcl('groups/group');
+
/* Load attributes depending on the samba version */
$this->orig_dn= $dn;
$this->orig_cn= $this->cn;
/* Load attributes depending on the samba version */
$this->orig_dn= $dn;
$this->orig_cn= $this->cn;
$this->oldgroupType= $this->groupType;
}
$this->oldgroupType= $this->groupType;
}
- /* Get global filter config */
- if (!session::is_set("gufilter")){
- $ui= get_userinfo();
- $base= get_base_from_people($ui->dn);
- $gufilter= array( "dselect" => $base,
- "regex" => "*");
- session::set("gufilter", $gufilter);
- }
- $gufilter= session::get('gufilter');
- $gufilter['SubSearchGroup'] = false;
- session::set('gufilter',$gufilter);
-
if ($this->dn == "new"){
if(session::is_set('CurrentMainBase')){
$this->base = session::get('CurrentMainBase');
if ($this->dn == "new"){
if(session::is_set('CurrentMainBase')){
$this->base = session::get('CurrentMainBase');
}
$this->orig_base = $this->base;
}
$this->orig_base = $this->base;
- /* Is this account a trustAccount? */
- if (isset($this->attrs['trustModel'])){
- $this->trustModel= $this->attrs['trustModel'][0];
- $this->was_trust_account= TRUE;
- } else {
- $this->was_trust_account= FALSE;
- $this->trustModel= "";
- }
-
- $this->accessTo = array();
- if (isset($this->attrs['accessTo'])){
- for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
- $tmp= $this->attrs['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
-
- /* Get global filter config */
- if (!session::is_set("sysfilter")){
- $ui= get_userinfo();
- $base= get_base_from_people($ui->dn);
- $sysfilter= array( "depselect" => $base,
- "regex" => "*");
- session::set("sysfilter", $sysfilter);
- }
-
/* This is always an account */
$this->is_account= TRUE;
/* This is always an account */
$this->is_account= TRUE;
/* Add objects? */
if (isset($_POST["edit_membership"]) && preg_match("/w/",$this->getacl("memberUid"))){
$this->userSelect= new userSelect($this->config, get_userinfo());
/* Add objects? */
if (isset($_POST["edit_membership"]) && preg_match("/w/",$this->getacl("memberUid"))){
$this->userSelect= new userSelect($this->config, get_userinfo());
- $this->dialog= TRUE;
}
/* Add objects finished? */
if (isset($_POST["add_users_cancel"])){
$this->userSelect= NULL;
}
/* Add objects finished? */
if (isset($_POST["add_users_cancel"])){
$this->userSelect= NULL;
- $this->dialog= FALSE;
}
/* Add user to group */
}
/* Add user to group */
}
}
$this->userSelect= NULL;
}
}
$this->userSelect= NULL;
- $this->dialog= FALSE;
- }
-
- /* Base select dialog */
- $once = true;
- foreach($_POST as $name => $value){
- if((preg_match("/^chooseBase/",$name) && $once) && $this->acl_is_writeable("base")){
-
- $once = false;
- $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
- $this->dialog->setCurrentBase($this->base);
- }
- }
-
- /* Dialog handling */
- if(is_object($this->dialog)){
- /* Must be called before save_object */
- $this->dialog->save_object();
-
- if($this->dialog->isClosed()){
- $this->dialog = false;
- }elseif($this->dialog->isSelected()){
-
- /* Check if selected base is valid */
- $tmp = $this->get_allowed_bases();
- if(isset($tmp[$this->dialog->isSelected()])){
- $this->base = $this->dialog->isSelected();
- }
- $this->dialog= false;
- }else{
- return($this->dialog->execute());
- }
- }
-
-
- /* Add user workstation? */
- if (isset($_POST["add_ws"])){
- $this->trustSelect= new trustSelect($this->config,get_userinfo());
- $this->dialog= TRUE;
- }
-
- // Add selected machines to trusted ones.
- if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
- $trusts = $this->trustSelect->detectPostActions();
- if(isset($trusts['targets'])){
-
- $headpage = $this->trustSelect->getHeadpage();
- foreach($trusts['targets'] as $id){
- $attrs = $headpage->getEntry($id);
- $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
- }
- ksort($this->accessTo);
- $this->is_modified= TRUE;
- }
- $this->trustSelect= NULL;
- $this->dialog= FALSE;
- }
-
-
- /* Add user workstation? */
- if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
- foreach($_POST['wslist'] as $ws){
- $this->accessTo[$ws]= $ws;
- }
- ksort($this->accessTo);
- $this->is_modified= TRUE;
- }
-
- /* Remove user workstations? */
- if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
- foreach($_POST['workstation_list'] as $name){
- unset ($this->accessTo[$name]);
- }
- $this->is_modified= TRUE;
}
}
- /* Add user workstation finished? */
- if (isset($_POST["add_ws_cancel"])){
- $this->trustSelect= NULL;
- $this->dialog= FALSE;
- }
-
-
- /* Show ws dialog */
- if ($this->trustSelect){
-
- // Build up blocklist
- session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
- return($this->trustSelect->execute());
+ $smarty= get_smarty();
+
+ // Handle trust mode dialog
+ $this->dialog = FALSE;
+ $trustModeDialog = $this->trustModeDialog->execute();
+ if($this->trustModeDialog->trustSelect){
+ $this->dialog = TRUE;
+ return($trustModeDialog);
}
}
+ $smarty->assign("trustModeDialog" , $trustModeDialog);
- $smarty= get_smarty();
$smarty->assign("usePrototype", "true");
if($this->config->search("nagiosaccount", "CLASS",array('menu'))){
$smarty->assign("usePrototype", "true");
if($this->config->search("nagiosaccount", "CLASS",array('menu'))){
/* Manage object add dialog */
if ($this->userSelect){
/* Manage object add dialog */
if ($this->userSelect){
+ $this->dialog = TRUE;
return($this->userSelect->execute());
}
return($this->userSelect->execute());
}
/* Members and users */
$smarty->assign("members", $this->members);
/* Members and users */
$smarty->assign("members", $this->members);
- /* Work on trust modes */
- $smarty->assign("trusthide", " disabled ");
- $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
- if ($this->trustModel == "fullaccess"){
- $trustmode= 1;
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel"));
-
- } elseif ($this->trustModel == "byhost"){
- $trustmode= 2;
- $smarty->assign("trusthide", "");
- } else {
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel"));
- $trustmode= 0;
- }
- $smarty->assign("trustmode", $trustmode);
- $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
- 2 => _("allow access to these hosts")));
-
- if((count($this->accessTo))==0){
- $smarty->assign("emptyArrAccess",true);
- } else{
- $smarty->assign("emptyArrAccess",false);
-
- }
-
- $smarty->assign("workstations", $this->accessTo);
-
-
-
/* Checkboxes */
foreach (array("force_gid", "smbgroup") as $val){
if ($this->$val == "1"){
/* Checkboxes */
foreach (array("force_gid", "smbgroup") as $val){
if ($this->$val == "1"){
$smarty->assign("baseSelect",false);
}
$smarty->assign("baseSelect",false);
}
- /* Show main page */
- $smarty->assign("alphabet", generate_alphabet(10));
- $smarty->assign("search_image", get_template_path('images/lists/search.png'));
- $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
- $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
- $smarty->assign("deplist", $this->config->idepartments);
-
/* Multiple edit handling */
$smarty->assign("multiple_support",$this->multiple_support_active);
/* Multiple edit handling */
$smarty->assign("multiple_support",$this->multiple_support_active);
-
$smarty->assign("memberUid_All",$this->memberUid);
$smarty->assign("memberUid_Some",$this->memberUid_used_by_some);
$smarty->assign("memberUid_All",$this->memberUid);
$smarty->assign("memberUid_Some",$this->memberUid_used_by_some);
$smarty->assign("use_".$val,FALSE);
}
}
$smarty->assign("use_".$val,FALSE);
}
}
- foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $val){
+ foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $val){
if(in_array($val,$this->multi_boxes)){
$smarty->assign("use_".$val,TRUE);
}else{
if(in_array($val,$this->multi_boxes)){
$smarty->assign("use_".$val,TRUE);
}else{
/* Reload data */
function reload($silent = FALSE)
{
/* Reload data */
function reload($silent = FALSE)
{
- /* Fix regex string */
- $gufilter = session::get("gufilter");
- $regex = normalizeLdap($gufilter['regex']);
- $MaxUser = $this->OnlyShowFirstEntries;
-
/* Prepare ldap link */
$ldap= $this->config->get_ldap_link();
/* Prepare ldap link */
$ldap= $this->config->get_ldap_link();
- $ldap->cd($gufilter['dselect']);
+ $ldap->cd($this->config->current['BASE']);
/* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
/* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
$this->members[$value] = $value;
}
}
$this->members[$value] = $value;
}
}
-
- /* Create display list of users matching regex & filter
- */
- $this->displayUsers = array();
- $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
-
- /* Search in current tree or within subtrees depending on the checkbox from filter section */
- if($gufilter['SubSearchGroup']){
- $flag = GL_SIZELIMIT | GL_SUBSEARCH;
- $base = $gufilter['dselect'];
- }else{
- $flag = GL_SIZELIMIT ;
- $base = get_people_ou().$gufilter['dselect'];
- }
- $i = 0;
-
-
- $res = get_list($filter,"users",$base,array("dn", "uid", "sn", "givenName"),$flag);
-
- /* Fetch all users and skip already used users */
- foreach($res as $attrs){
- if(in_array($attrs['uid'][0], $this->memberUid)) {
- continue;
- }
- $i ++;
- if($i > $MaxUser) {
- break;
- }
- $this->dnMapping[$attrs['uid'][0]]= $attrs["dn"];
- $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
- $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
- }
- /* If more than max users are found, display a message to warn the user */
- if($i == $MaxUser && !$silent){
- msg_dialog::display(_("Configuration error"), sprintf(_("Search returned too many results. Not displaying more than %s entries!"), $MaxUser), ERROR_DIALOG);
- }
-
/* Sort lists */
natcasesort($this->members);
reset($this->members);
/* Sort lists */
natcasesort($this->members);
reset($this->members);
- natcasesort ($this->displayUsers);
- reset ($this->displayUsers);
}
}
/* Save data to object */
function save_object()
{
/* Save data to object */
function save_object()
{
- /* Refresh base */
- if ($this->acl_is_moveable($this->base)){
- if (!$this->baseSelector->update()) {
- msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
- }
- if ($this->base != $this->baseSelector->getBase()) {
- $this->base= $this->baseSelector->getBase();
- $this->is_modified= TRUE;
- }
- }
-
/* Save additional values for possible next step */
if (isset($_POST['groupedit'])){
/* Save additional values for possible next step */
if (isset($_POST['groupedit'])){
Base will be set seperatly a few lines below */
$base_tmp = $this->base;
plugin::save_object();
Base will be set seperatly a few lines below */
$base_tmp = $this->base;
plugin::save_object();
+ $this->trustModeDialog->save_object();
$this->base = $base_tmp;
$this->base = $base_tmp;
+ /* Refresh base */
+ if ($this->acl_is_moveable($this->base)){
+ if (!$this->baseSelector->update()) {
+ msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
+ }
+ if ($this->base != $this->baseSelector->getBase()) {
+ $this->base= $this->baseSelector->getBase();
+ $this->is_modified= TRUE;
+ }
+ }
+
$this->force_gid= 0;
/* Only reset sambagroup flag if we are able to write this flag */
$this->force_gid= 0;
/* Only reset sambagroup flag if we are able to write this flag */
}
}
}
}
}
}
-
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
-
}
}
plugin::save();
plugin::save();
- /* Trust accounts */
- $objectclasses= array();
- foreach ($this->attrs['objectClass'] as $key => $class){
- if (preg_match('/trustAccount/i', $class)){
- continue;
- }
- $objectclasses[]= $this->attrs['objectClass'][$key];
- }
- $this->attrs['objectClass']= $objectclasses;
- if ($this->trustModel != ""){
- $this->attrs['objectClass'][]= "trustAccount";
- $this->attrs['trustModel']= $this->trustModel;
- $this->attrs['accessTo']= array();
- if ($this->trustModel == "byhost"){
- foreach ($this->accessTo as $host){
- $this->attrs['accessTo'][]= $host;
- }
- }
- } else {
- if ($this->was_trust_account){
- $this->attrs['accessTo']= array();
- $this->attrs['trustModel']= array();
- }
- }
-
-
-
/* Remove objectClass for samba/phone support */
$tmp= array();
for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
/* Remove objectClass for samba/phone support */
$tmp= array();
for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
if ($this->groupType == 0){
if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
if ($this->groupType == 0){
if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
- $gidNumber= $this->gidNumber;
- while(TRUE){
- $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(sambaSID=$sid)",array("sambaSID"));
- if ($ldap->count() == 0){
- break;
- }
- $gidNumber++;
- }
+ $sid = $this->getSambaSID();
$this->attrs['sambaSID']= $sid;
$this->sambaSID= $sid;
}
$this->attrs['sambaSID']= $sid;
$this->sambaSID= $sid;
}
$ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
}
$ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
}
+ $this->trustModeDialog->dn = $this->dn;
+ $this->trustModeDialog->save();
/* Check generated gidNumber, it may be used by another group.
*/
/* Check generated gidNumber, it may be used by another group.
*/
$message[]= msgPool::required(_("Name"));
}
$message[]= msgPool::required(_("Name"));
}
+ // Check if a wrong base was supplied
+ if(!$this->baseSelector->checkLastBaseUpdate()){
+ $message[]= msgPool::check_base();;
+ }
+
/* Check for valid input */
if (!tests::is_uid($this->cn)){
if (strict_uid_mode()){
/* Check for valid input */
if (!tests::is_uid($this->cn)){
if (strict_uid_mode()){
}
}
}
}
+ // Check if a wrong base was supplied
+ if(!$this->baseSelector->checkLastBaseUpdate()){
+ $message[]= msgPool::check_base();;
+ }
+
if($this->allowGroupsWithSameNameInOtherSubtrees == true){
/* Check for used 'cn' */
if($this->allowGroupsWithSameNameInOtherSubtrees == true){
/* Check for used 'cn' */
"sambaGroupType" => _("Samba group type"),
"sambaDomainName" => _("Samba domain name"),
"sambaGroupType" => _("Samba group type"),
"sambaDomainName" => _("Samba domain name"),
- "trustModel" => _("System trust"),
+ "accessTo" => _("System trust"),
"fonGroup" => _("Phone pickup group"),
"nagiosGroup" => _("Nagios group"),
"fonGroup" => _("Phone pickup group"),
"nagiosGroup" => _("Nagios group"),
$base_tmp = $this->base;
plugin::multiple_save_object();
plugin::save_object();
$base_tmp = $this->base;
plugin::multiple_save_object();
plugin::save_object();
+ $this->trustModeDialog->multiple_save_object();
$this->base = $base_tmp;
$this->base = $base_tmp;
- foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $attr){
+ foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){
if(isset($_POST['use_'.$attr])){
$this->multi_boxes[] = $attr;
}
if(isset($_POST['use_'.$attr])){
$this->multi_boxes[] = $attr;
}
$this->groupType= $_POST['groupType'];
}
$this->groupType= $_POST['groupType'];
}
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
-
/* Save fon attribute */
if ($this->acl_is_writeable("fonGroup")){
if (isset ($_POST['fon_group'])){
/* Save fon attribute */
if ($this->acl_is_writeable("fonGroup")){
if (isset ($_POST['fon_group'])){
function get_multi_edit_values()
{
$ret = plugin::get_multi_edit_values();
function get_multi_edit_values()
{
$ret = plugin::get_multi_edit_values();
+ $ret = array_merge($ret,$this->trustModeDialog->get_multi_edit_values());
foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){
if(in_array($attr,$this->multi_boxes)){
foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){
if(in_array($attr,$this->multi_boxes)){
}
}
}
}
- if(in_array("trustmode",$this->multi_boxes)){
- $ret['trustModel'] = $this->trustModel;
- $ret['accessTo'] = $this->accessTo;
- }
-
$ret['memberUid'] = $this->memberUid;
$ret['memberUid_used_by_some'] = $this->memberUid_used_by_some;
return($ret);
$ret['memberUid'] = $this->memberUid;
$ret['memberUid_used_by_some'] = $this->memberUid_used_by_some;
return($ret);
function init_multiple_support($attrs,$all)
{
plugin::init_multiple_support($attrs,$all);
function init_multiple_support($attrs,$all)
{
plugin::init_multiple_support($attrs,$all);
+ $this->trustModeDialog->init_multiple_support($attrs,$all);
$this->memberUid = array();
$this->memberUid_used_by_some = array();
$this->memberUid = array();
$this->memberUid_used_by_some = array();
{
plugin::PrepareForCopyPaste($source);
{
plugin::PrepareForCopyPaste($source);
+ $this->trustModeDialog->PrepareForCopyPaste($source);
+
+ if ($this->smbgroup) {
+ $this->sambaSID = $this->getSambaSID();
+ }
+
$this->memberUid = array();
if(isset($source['memberUid'])){
for($i = 0 ; $i < $source['memberUid']['count']; $i ++){
$this->memberUid[] = $source['memberUid'][$i];
}
}
$this->memberUid = array();
if(isset($source['memberUid'])){
for($i = 0 ; $i < $source['memberUid']['count']; $i ++){
$this->memberUid[] = $source['memberUid'][$i];
}
}
- $this->accessTo = array();
- if (isset($source['accessTo'])){
- for ($i= 0; $i<$source['accessTo']['count']; $i++){
- $tmp= $source['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
+ }
+
+
+ function set_acl_base($base)
+ {
+ plugin::set_acl_base($base);
+ $this->trustModeDialog->set_acl_base($base);
+ }
+
+
+ /*! \brief Enables multiple support for this plugin
+ */
+ function enable_multiple_support()
+ {
+ plugin::enable_multiple_support();
+ $this->trustModeDialog->enable_multiple_support();
}
}
$users[$uid] = $uid;
}
plugin::set_multi_edit_values($attrs);
$users[$uid] = $uid;
}
plugin::set_multi_edit_values($attrs);
+ $this->trustModeDialog->set_multi_edit_values($attrs);
$this->memberUid = $users;
}
$this->memberUid = $users;
}
+
+
+ /*! \brief Get a new SambaSID for a group */
+ function getSambaSID()
+ {
+ $ldap = $this->config->get_ldap_link();
+ $gidNumber= $this->gidNumber;
+ while(TRUE){
+ $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(sambaSID=$sid)",array("sambaSID"));
+ if ($ldap->count() == 0){
+ break;
+ }
+ $gidNumber++;
+ }
+
+ return $sid;
+ }
+
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>