diff --git a/gosa-plugins/fai/admin/fai/class_faiManagement.inc b/gosa-plugins/fai/admin/fai/class_faiManagement.inc
index 1719e82c3c599acca4263b48117057f5aa8afb50..72031cfd93868a7ad1b093cc8cfdd541170052f9 100644 (file)
* This code is part of GOsa (http://www.gosa-project.org)
* Copyright (C) 2003-2008 GONICUS GmbH
*
* This code is part of GOsa (http://www.gosa-project.org)
* Copyright (C) 2003-2008 GONICUS GmbH
*
- * ID: $$Id: class_roleManagement.inc 14742 2009-11-04 13:18:33Z hickert $$
+ * ID: $$Id: class_faiManagement.inc 14742 2009-11-04 13:18:33Z hickert $$
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
var $plIcon = "plugins/fai/images/plugin.png";
// Tab definition
var $plIcon = "plugins/fai/images/plugin.png";
// Tab definition
- protected $tabClass = "roletabs";
- protected $tabType = "ROLETABS";
- protected $aclCategory = "roles";
- protected $aclPlugin = "role";
- protected $objectName = "role";
+ protected $tabClass = "";
+ protected $tabType = "";
+ protected $aclCategory = "";
+ protected $aclPlugin = "";
+ protected $objectName = "FAI object";
// Attributes Managed by this plugin can be used in post events
// Attributes Managed by this plugin can be used in post events
- protected $attributes = array("lock_type","lock_name","lock_dn");
+ public $attributes = array("lock_type","lock_name","lock_dn");
var $dispNewBranch=false;
var $dispNewFreeze=false;
var $dispNewBranch=false;
var $dispNewFreeze=false;
$this->fai_release = $this->fai_base;
}
$this->fai_release = $this->fai_base;
}
+ $releases = $this->getReleaseList();
+ if(!isset($releases[$this->fai_release])){
+ $this->fai_release = $this->fai_base;
+ }
+
$this->acl_base = $this->config->current['BASE'];
$this->ui = $ui;
$this->storagePoints = array(
$this->acl_base = $this->config->current['BASE'];
$this->ui = $ui;
$this->storagePoints = array(
$filter = new filter(get_template_path("fai-filter.xml", true));
$filter->setObjectStorage($this->storagePoints);
}
$filter = new filter(get_template_path("fai-filter.xml", true));
$filter->setObjectStorage($this->storagePoints);
}
+ $filter->elementValues['RELEASE'] = $this->fai_release;
$this->setFilter($filter);
// Build headpage
$this->setFilter($filter);
// Build headpage
$this->registerAction("saveBranch","saveBranch");
$this->registerAction("PerformBranch","PerformBranch");
$this->registerAction("saveBranch","saveBranch");
$this->registerAction("PerformBranch","PerformBranch");
- parent::__construct($config, $ui, "roles", $headpage);
+ parent::__construct($config, $ui, "FAI object", $headpage);
}
}
// Collect real dns, the listed objects are grouped by their cn
$headpage = $this->getHeadpage();
if($action == "copy"){
// Collect real dns, the listed objects are grouped by their cn
$headpage = $this->getHeadpage();
if($action == "copy"){
- foreach($target as $t){
- $entry = $headpage->getEntry($t);
- // Check for valid FAI objects
- if(in_array('FAKE_OC_FAI', $entry['objectClass'])){
- foreach($entry['GROUPS'] as $g){
- $type = $this->get_type($g);
- $this->cpHandler->add_to_queue($g['dn'],"copy",$type[0],$type[2],'fai',$this);
- @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$dn,"Entry copied!");
+ if(count($target) == 1){
+
+ // We just want to copy a single FAI object, let the user choose entries from the FAI-Group
+ $entry = $headpage->getEntry($target[0]);
+ if(count($entry['GROUPS']) == 1){
+ $data = array_pop($entry['GROUPS']);
+ $type = $this->get_type($data);
+ $this->cpHandler->add_to_queue($g['dn'],"copy",$type[0],$type[2],'fai',$this);
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$g['dn'],"Entry copied!");
+ }else{
+ $this->dialogObject = new faiGroupHandle($entry['GROUPS'],"copy");
+ }
+
+ }else{
+
+ // More than one group was selected, expect that the user wants to copy the complete groups.
+ foreach($target as $t){
+ $entry = $headpage->getEntry($t);
+
+ // Check for valid FAI objects
+ if(in_array('FAKE_OC_FAI', $entry['objectClass'])){
+ foreach($entry['GROUPS'] as $g){
+ $type = $this->get_type($g);
+ $this->cpHandler->add_to_queue($g['dn'],"copy",$type[0],$type[2],'fai',$this);
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$g['dn'],"Entry copied!");
+ }
}
}
}
}
}
}
}
// Automatically disable pasting process since there is no entry left to paste.
}
// Automatically disable pasting process since there is no entry left to paste.
- if(!$this->cpHandler->entries_queued()){
+ if(isset($this->cpHandler) && !$this->cpHandler->entries_queued()){
$this->cpPastingStarted = FALSE;
}
return("");
$this->cpPastingStarted = FALSE;
}
return("");
*/
function removeFAIObjects($to_delete)
{
*/
function removeFAIObjects($to_delete)
{
+ // Close dialogs and remove locks for currently handled dns
+ $this->cancelEdit();
+
// Do not allow to remove objects with state freeezed
// Do not allow to remove objects with state freeezed
- $errors=array();
+ $errors = $disallowed = array();
+
foreach($to_delete as $obj){
foreach($to_delete as $obj){
- if(isset($obj['FAIstate']) && preg_match('/^freeze/', $obj['FAIstate'])){
+ $type = $this->get_type($obj);
+ $acl = $this->ui->get_permissions($obj['dn'],"fai/".$type[1]);
+ if(!preg_match("/d/",$acl)){
+ $disallowed[] = $obj['dn'];
+ }elseif(isset($obj['FAIstate']) && preg_match('/^freeze/', $obj['FAIstate'])){
$errors[] = $obj['dn'];
}else{
$this->dns[] = $obj['dn'];
$errors[] = $obj['dn'];
}else{
$this->dns[] = $obj['dn'];
msg_dialog::display(_("Branch locked"),
sprintf(_("The following entries are locked, you can't remove them %s."),msgPool::buildList($errors)),INFO_DIALOG);
}
msg_dialog::display(_("Branch locked"),
sprintf(_("The following entries are locked, you can't remove them %s."),msgPool::buildList($errors)),INFO_DIALOG);
}
+ if(count($disallowed)){
+ msg_dialog::display(_("Permission error"), msgPool::permDelete($disallowed), ERROR_DIALOG);
+ }
// Check entry locking
// Check entry locking
+ $smarty = get_smarty();
if(count($this->dns)){
if ($user= get_multiple_locks($this->dns)){
return(gen_locked_message($user,$this->dns));
}
if(count($this->dns)){
if(count($this->dns)){
if ($user= get_multiple_locks($this->dns)){
return(gen_locked_message($user,$this->dns));
}
if(count($this->dns)){
- $smarty = get_smarty();
+
+ // Add locks
$dns_names = array();
$dns_names = array();
+ $types = array();
+ $h = $this->getHeadpage();
+
+ // Build list of object -labels
+ foreach($h->objectTypes as $type){
+ $map[$type['objectClass']]= $type['label'];
+ }
+
foreach($this->dns as $dn){
foreach($this->dns as $dn){
- add_lock ($dn, $this->ui->dn);
- $dns_names[] = LDAP::fix($dn);
+ $tmp = $h->getType($dn);
+ if(isset($map[$tmp])){
+ $dns_names[] = '('._($map[$tmp]).') - '.LDAP::fix($dn);
+ }else{
+ $dns_names[] =LDAP::fix($dn);
+ }
}
}
- $smarty->assign("info",msgPool::deleteInfo($dns_names,_("FAI object")));
- $smarty->assign("multiple", true);
- return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ add_lock ($this->dns, $this->ui->dn);
+
+ $smarty->assign("info",msgPool::deleteInfo($dns_names));
+ return($smarty->fetch(get_template_path('removeEntries.tpl', TRUE)));
}
}
}
}
}
}
$ldap = $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
$ldap = $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
+ $disallowed = array();
foreach($this->dns as $key => $dn){
$ldap->cat($dn);
if($ldap->count()){
$attrs = $ldap->fetch();
$type= $this->get_type($attrs);
foreach($this->dns as $key => $dn){
$ldap->cat($dn);
if($ldap->count()){
$attrs = $ldap->fetch();
$type= $this->get_type($attrs);
- $str = management::removeEntryConfirmed($action,array($dn),$all,$type[0],$type[2],$type[1]);
- if($str) return($str);
- // Now save changes
- FAI::save_release_changes_now();
- $to_del = FAI::clean_up_releases($dn);
- foreach($to_del as $dn){
- $ldap->rmdir_recursive($dn);
+ $acl = $this->ui->get_permissions($dn,"fai/".$type[1]);
+ if(preg_match("/d/",$acl)){
+
+ // Now save changes
+ $str = management::removeEntryConfirmed($action,array($dn),$all,$type[0],$type[2],$type[1]);
+ if(!empty($str)) return($str);
+ FAI::save_release_changes_now();
+ $to_del = FAI::clean_up_releases($dn);
+ foreach($to_del as $dn){
+ $ldap->rmdir_recursive($dn);
+ }
+
+ } else {
+ $disallowed[] = $dn;
+ new log("security","fai/".get_class($this),$dn,array(),"Tried to trick deletion.");
}
}
}
}
}
}
+
+ /* Normally this shouldn't be reached, send some extra
+ logs to notify the administrator */
+ if(count($disallowed)){
+ msg_dialog::display(_("Permission error"), msgPool::permDelete($disallowed), ERROR_DIALOG);
+ }
}
}
}elseif($this->dialogObject instanceOf faiGroupHandle && $this->dialogObject->get_mode() == "remove"){
$this->dialogObject->save_object();
$to_delete = $entry = $this->dialogObject->get_selected();
}elseif($this->dialogObject instanceOf faiGroupHandle && $this->dialogObject->get_mode() == "remove"){
$this->dialogObject->save_object();
$to_delete = $entry = $this->dialogObject->get_selected();
+ if(count($to_delete)) $this->closeDialogs();
return($this->removeFAIObjects($to_delete));
return($this->removeFAIObjects($to_delete));
+ }elseif($this->dialogObject instanceOf faiGroupHandle && $this->dialogObject->get_mode() == "copy"){
+ $this->dialogObject->save_object();
+ $entries = $entry = $this->dialogObject->get_selected();
+ if(count($entries)){
+ foreach($entries as $entry){
+ $type = $this->get_type($entry);
+ $this->cpHandler->add_to_queue($entry['dn'],"copy",$type[0],$type[2],'fai',$this);
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$entry['dn'],"Entry copied!");
+ }
+ $this->closeDialogs();
+ }
}
}
}
}
// Now save changes
FAI::save_release_changes_now();
$to_del = FAI::clean_up_releases($this->last_dn);
// Now save changes
FAI::save_release_changes_now();
$to_del = FAI::clean_up_releases($this->last_dn);
+ $ldap= $this->config->get_ldap_link();
foreach($to_del as $dn){
$ldap->rmdir_recursive($dn);
}
foreach($to_del as $dn){
$ldap->rmdir_recursive($dn);
}
$this->fai_release = $this->fai_base;
$this->lock_name = $name;
$this->lock_dn = $bb;
$this->fai_release = $this->fai_base;
$this->lock_name = $name;
$this->lock_dn = $bb;
- $this->postremove();
+ $this->handle_post_events('remove');
$fai_filter = session::get("fai_filter");
$fai_filter['fai_release'] = $this->fai_release;
$fai_filter = session::get("fai_filter");
$fai_filter['fai_release'] = $this->fai_release;
*/
function createBranch()
{
*/
function createBranch()
{
- $smarty = get_smarty();
- $this->dispNewBranch=true;
- $this->dispNewFreeze=false;
- $smarty->assign("iframe",false);
- if(isset($_POST['BranchName'])){
- $smarty->assign("BranchName", $_POST['BranchName']);
+ if($this->config->search("faiManagement", "POSTCREATE",array('menu','tabs')) == ""){
+ msg_dialog::display(_("Configuration"), msgPool::cmdnotfound("POSTCREATE", get_class()), ERROR_DIALOG);
+ }elseif(!preg_match("/c/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){
+ msg_dialog::display(_("Permission error"), msgPool::permCreate(_("Branch")), ERROR_DIALOG);
}else{
}else{
- $smarty->assign("BranchName","");
+ $smarty = get_smarty();
+ $this->dispNewBranch=true;
+ $this->dispNewFreeze=false;
+ $smarty->assign("iframe",false);
+ if(isset($_POST['BranchName'])){
+ $smarty->assign("BranchName", $_POST['BranchName']);
+ }else{
+ $smarty->assign("BranchName","");
+ }
+ return($smarty->fetch(get_template_path('faiNewBranch.tpl', TRUE, dirname(__FILE__))));
}
}
- return($smarty->fetch(get_template_path('faiNewBranch.tpl', TRUE, dirname(__FILE__))));
}
/*! \brief Initiates release creation
*/
function createFreeze()
}
/*! \brief Initiates release creation
*/
function createFreeze()
- {
- $smarty = get_smarty();
- $this->dispNewFreeze=true;
- $this->dispNewBranch=false;
- $smarty->assign("iframe",false);
- if(isset($_POST['BranchName'])){
- $smarty->assign("BranchName", $_POST['BranchName']);
+ {
+ if($this->config->search("faiManagement", "POSTCREATE",array('menu','tabs')) == ""){
+ msg_dialog::display(_("Configuration"), msgPool::cmdnotfound("POSTCREATE", get_class()), ERROR_DIALOG);
+ }elseif(!preg_match("/c/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){
+ msg_dialog::display(_("Permission error"), msgPool::permCreate(_("Branch")), ERROR_DIALOG);
}else{
}else{
- $smarty->assign("BranchName","");
+ $smarty = get_smarty();
+ $this->dispNewFreeze=true;
+ $this->dispNewBranch=false;
+ $smarty->assign("iframe",false);
+ if(isset($_POST['BranchName'])){
+ $smarty->assign("BranchName", $_POST['BranchName']);
+ }else{
+ $smarty->assign("BranchName","");
+ }
+ return($smarty->fetch(get_template_path('faiNewBranch.tpl', TRUE, dirname(__FILE__))));
}
}
- return($smarty->fetch(get_template_path('faiNewBranch.tpl', TRUE, dirname(__FILE__))));
}
}
$this->dispNewFreeze = false;
$this->dispNewFreeze = false;
- /* Postcreate */
-
/* Assign possible attributes */
$this->lock_type = $type;
$this->lock_name = $name;
$this->lock_dn = $baseToUse;
/* Assign possible attributes */
$this->lock_type = $type;
$this->lock_name = $name;
$this->lock_dn = $baseToUse;
- $this->postcreate();
+ $this->handle_post_events('add');
/* Send daemon event to reload the fai release database
*/
/* Send daemon event to reload the fai release database
*/
$headpage->update();
$smarty = get_smarty();
$smarty->assign("fai_release", $this->fai_release);
$headpage->update();
$smarty = get_smarty();
$smarty->assign("fai_release", $this->fai_release);
- $smarty->assign("opsi_available", is_object($this->opsi));
+ $smarty->assign("opsi_available", (is_object($this->opsi) && $this->opsi->enabled()));
$smarty->assign("fai_base", $this->fai_base);
$r = $this->config->search("faiManagement", "POSTREMOVE",array('menu','tabs'));
$c = $this->config->search("faiManagement", "POSTCREATE",array('menu','tabs'));
$smarty->assign("fai_base", $this->fai_base);
$r = $this->config->search("faiManagement", "POSTREMOVE",array('menu','tabs'));
$c = $this->config->search("faiManagement", "POSTCREATE",array('menu','tabs'));