![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index ddd00c55ad105ea00426d63af68816b305e349f9..42e2a4422d4e681d823eac55fb15557aa98c0126 100644 (file)
\param dn Distinguished name to initialize plugin from
\sa plugin()
*/
- function plugin (&$config, $dn= NULL, $parent= NULL)
+ function plugin (&$config, $dn= NULL, $object= NULL)
{
/* Configuration is fine, allways */
$this->config= &$config;
$this->dn= $dn;
+ // Ensure that we've a valid acl_category set.
+ if(empty($this->acl_category)){
+ $tmp = $this->plInfo();
+ if (isset($tmp['plCategory'])) {
+ $c = key($tmp['plCategory']);
+ if(is_numeric($c)){
+ $c = $tmp['plCategory'][0];
+ }
+ $this->acl_category = $c."/";
+ }
+ }
+
/* Handle new accounts, don't read information from LDAP */
if ($dn == "new"){
return;
if ($dn !== NULL){
/* Load data to 'attrs' and save 'dn' */
- if ($parent !== NULL){
- $this->attrs= $parent->attrs;
+ if ($object !== NULL){
+ $this->attrs= $object->attrs;
} else {
$ldap= $this->config->get_ldap_link();
$ldap->cat ($dn);
}
- /*! \brief execute plugin
-
- Generates the html output for this node
+ /*! \brief Generates the html output for this node
*/
function execute()
{
session::set('LOCK_VARS_USED_REQUEST',array());
}
- /*! \brief execute plugin
- Removes object from parent
+ /*! \brief Removes object from parent
*/
function remove_from_parent()
{
$this->attrs["$val"]= array();
}
- /* Unset account info */
- $this->is_account= FALSE;
-
/* Do not write in plugin base class, this must be done by
children, since there are normally additional attribs,
lists, etc. */
/*
$ldap->modify($this->attrs);
*/
+ if($this->initially_was_account){
+ $this->handle_pre_events('remove');
+ }
}
- /*! \brief Save HTML posted data to object
+ /*! \brief Save HTML posted data to object
*/
function save_object()
{
}
- /* Save data to LDAP, depending on is_account we save or delete */
+ /*! \brief Save data to LDAP, depending on is_account we save or delete */
function save()
{
/* include global link_info */
/* Handle tagging */
$this->tag_attrs($this->attrs);
+
+ if($this->is_new){
+ $this->handle_pre_events('add');
+ }else{
+ $this->handle_pre_events('modify');
+ }
}
}
}
- /* Check formular input */
+ /*! \brief Check formular input */
function check()
{
$message= array();
}
}
- /* Indicate whether a password change is needed or not */
+ /* \brief Indicate whether a password change is needed or not */
function password_change_needed()
{
return FALSE;
}
- /* Show header message for tab dialogs */
+ /*! \brief Show header message for tab dialogs */
function show_enable_header($button_text, $text, $disabled= FALSE)
{
if (($disabled == TRUE) || (!$this->acl_is_createable())){
}
- /* Show header message for tab dialogs */
+ /*! \brief Show header message for tab dialogs */
function show_disable_header($button_text, $text, $disabled= FALSE)
{
if (($disabled == TRUE) || !$this->acl_is_removeable()){
}
- /* Show header message for tab dialogs */
+ /*! \brief Show header message for tab dialogs */
function show_header($button_text, $text, $disabled= FALSE)
{
echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
return($display);
}
-
+ /*! \brief Executes commands after an object has been created */
function postcreate($add_attrs= array())
{
/* Find postcreate entries for this class */
$add_attrs[$attr] = $this->$attr;
}
}
+ $ui = get_userinfo();
$add_attrs['dn']=$this->dn;
+ $add_attrs['callerDN']=$ui->dn;
+ $add_attrs['location']=$this->config->current['NAME'];
$tmp = array();
foreach($add_attrs as $name => $value){
/* Additional attributes */
foreach ($tmp as $name => $len){
$value = $add_attrs[$name];
- $command= str_replace("%$name", "$value", $command);
+ $command= str_replace("%$name", escapeshellarg($value), $command);
}
if (check_command($command)){
}
}
+ /*! \brief Execute commands after an object has been modified */
function postmodify($add_attrs= array())
{
/* Find postcreate entries for this class */
$add_attrs[$attr] = $this->$attr;
}
}
+ $ui = get_userinfo();
$add_attrs['dn']=$this->dn;
+ $add_attrs['callerDN']=$ui->dn;
+ $add_attrs['location']=$this->config->current['NAME'];
$tmp = array();
foreach($add_attrs as $name => $value){
/* Additional attributes */
foreach ($tmp as $name => $len){
$value = $add_attrs[$name];
- $command= str_replace("%$name", "$value", $command);
+ $command= str_replace("%$name", escapeshellarg($value), $command);
}
if (check_command($command)){
}
}
+ /*! \brief Executes a command after an object has been removed */
function postremove($add_attrs= array())
{
/* Find postremove entries for this class */
$add_attrs[$attr] = $this->$attr;
}
}
+ $ui = get_userinfo();
$add_attrs['dn']=$this->dn;
+ $add_attrs['callerDN']=$ui->dn;
+ $add_attrs['location']=$this->config->current['NAME'];
$tmp = array();
foreach($add_attrs as $name => $value){
/* Additional attributes */
foreach ($tmp as $name => $len){
$value = $add_attrs[$name];
- $command= str_replace("%$name", "$value", $command);
+ $command= str_replace("%$name", escapeshellarg($value), $command);
}
if (check_command($command)){
}
}
+
/* Create unique DN */
+ function create_unique_dn2($data, $base)
+ {
+ $ldap= $this->config->get_ldap_link();
+ $base= preg_replace("/^,*/", "", $base);
+
+ /* Try to use plain entry first */
+ $dn= "$data,$base";
+ $attribute= preg_replace('/=.*$/', '', $data);
+ $ldap->cat ($dn, array('dn'));
+ if (!$ldap->fetch()){
+ return ($dn);
+ }
+
+ /* Look for additional attributes */
+ foreach ($this->attributes as $attr){
+ if ($attr == $attribute || $this->$attr == ""){
+ continue;
+ }
+
+ $dn= "$data+$attr=".$this->$attr.",$base";
+ $ldap->cat ($dn, array('dn'));
+ if (!$ldap->fetch()){
+ return ($dn);
+ }
+ }
+
+ /* None found */
+ return ("none");
+ }
+
+
+ /*! \brief Create unique DN */
function create_unique_dn($attribute, $base)
{
$ldap= $this->config->get_ldap_link();
return ("none");
}
+
function rebind($ldap, $referral)
{
$credentials= LDAP::get_credentials($referral, $this->config->current['REFERRAL']);
/* FAIvariable=.../..., cn=..
could not be saved, because the attribute FAIvariable was different to
the dn FAIvariable=..., cn=... */
+
+ if(!is_array($new['objectClass'])) $new['objectClass'] = array($new['objectClass']);
+
if(in_array_ics("FAIdebconfInfo",$new['objectClass'])){
$new['FAIvariable'] = $ldap->fix($new['FAIvariable']);
}
- /*! \brief Move a given ldap object indentified by $src_dn \
- to the given destination $dst_dn \
- * Ensure that all references are updated (ogroups) \
- * Update ACLs \
- * Update accessTo \
- @param String The source dn.
- @param String The destination dn.
- @return Boolean TRUE on success else FALSE.
+ /*! \brief Rename/Move a given src_dn to the given dest_dn
+ *
+ * Move a given ldap object indentified by $src_dn to the
+ * given destination $dst_dn
+ *
+ * - Ensure that all references are updated (ogroups)
+ * - Update ACLs
+ * - Update accessTo
+ *
+ * \param string 'src_dn' the source DN.
+ * \param string 'dst_dn' the destination DN.
+ * \return boolean TRUE on success else FALSE.
*/
function rename($src_dn, $dst_dn)
{
array("dn","objectClass"),GL_SUBSEARCH | GL_NO_ACL_CHECK);
foreach($leaf_objs as $obj){
$new_dn = $obj['dn'];
- $old_dn = preg_replace("/".preg_quote($dst_dn, '/')."$/i",$src_dn,$new_dn);
+ $old_dn = preg_replace("/".preg_quote(LDAP::convert($dst_dn), '/')."$/i",$src_dn,LDAP::convert($new_dn));
$this->update_acls($old_dn,$new_dn);
}
// Migrate objectgroups if needed
- $ogroups = get_sub_list("(&(objectClass=gosaGroupOfNames)(member=".LDAP::prepare4filter(LDAP::fix($src_dn))."))","ogroups", array(get_ou("ogroupRDN")),$this->config->current['BASE'],array("dn"), GL_SUBSEARCH | GL_NO_ACL_CHECK);
+ $ogroups = get_sub_list("(&(objectClass=gosaGroupOfNames)(member=".LDAP::prepare4filter(LDAP::fix($src_dn))."))",
+ "ogroups", array(get_ou("ogroupRDN")),$this->config->current['BASE'],array("dn"), GL_SUBSEARCH | GL_NO_ACL_CHECK);
// Walk through all objectGroups
foreach($ogroups as $ogroup){
// Migrate old to new dn
$o_ogroup= new ogroup($this->config,$ogroup['dn']);
- unset($o_ogroup->member[$src_dn]);
+ if (isset($o_ogroup->member[$src_dn])) {
+ unset($o_ogroup->member[$src_dn]);
+ }
$o_ogroup->member[$dst_dn]= $dst_dn;
// Save object group
}
// Migrate rfc groups if needed
- $groups = get_sub_list("(&(objectClass=posixGroups)(member=".LDAP::prepare4filter(LDAP::fix($src_dn))."))","groups", array(get_ou("groupRDN")),$this->config->current['BASE'],array("dn"), GL_SUBSEARCH | GL_NO_ACL_CHECK);
+ $groups = get_sub_list("(&(objectClass=posixGroup)(member=".LDAP::prepare4filter(LDAP::fix($src_dn))."))","groups", array(get_ou("groupRDN")),$this->config->current['BASE'],array("dn"), GL_SUBSEARCH | GL_NO_ACL_CHECK);
// Walk through all POSIX groups
foreach($groups as $group){
+
// Migrate old to new dn
$o_group= new group($this->config,$group['dn']);
- unset($o_group->member[$src_dn]);
- $o_group->member[$dst_dn]= $dst_dn;
-
- // Save object group
$o_group->save();
}
$role->save();
}
}
+
+ // Update 'manager' attributes from gosaDepartment and inetOrgPerson
+ $filter = "(&(objectClass=inetOrgPerson)(manager=".LDAP::prepare4filter(LDAP::fix($src_dn))."))";
+ $ocs = $ldap->get_objectclasses();
+ if(isset($ocs['gosaDepartment']['MAY']) && in_array('manager', $ocs['gosaDepartment']['MAY'])){
+ $filter = "(|".$filter."(&(objectClass=gosaDepartment)(manager=".LDAP::prepare4filter(LDAP::fix($src_dn)).")))";
+ }
+ $leaf_deps= get_list($filter,array("all"),$this->config->current['BASE'],
+ array("manager","dn","objectClass"),GL_SUBSEARCH | GL_NO_ACL_CHECK);
+ foreach($leaf_deps as $entry){
+ $update = array('manager' => $dst_dn);
+ $ldap->cd($entry['dn']);
+ $ldap->modify($update);
+ if(!$ldap->success()){
+ trigger_error(sprintf("Failed to update manager for '%s', error was '%s'", $entry['dn'], $ldap->get_error()));
+ }
+ }
/* Check if there are gosa departments moved.
If there were deps moved, the force reload of config->deps.
}
-
+
function move($src_dn, $dst_dn)
{
/* Do not copy if only upper- lowercase has changed */
}
- /* Move/Rename complete trees */
+ /* \brief Move/Rename complete trees */
function recursive_move($src_dn, $dst_dn)
{
/* Check if the destination entry exists */
}
- function handle_post_events($mode, $add_attrs= array())
+ /*! \brief Forward command execution requests
+ * to the hook execution method.
+ */
+ function handle_post_events($mode, $addAttrs= array())
{
+ if(!in_array($mode, array('add','remove','modify'))){
+ trigger_error(sprintf("Invalid post event type given %s! Valid types are [add,modify,remove].", $mode));
+ return;
+ }
+ switch ($mode){
+ case "add":
+ plugin::callHook($this,"POSTCREATE", $addAttrs);
+ break;
+
+ case "modify":
+ plugin::callHook($this,"POSTMODIFY", $addAttrs);
+ break;
+
+ case "remove":
+ plugin::callHook($this,"POSTREMOVE", $addAttrs);
+ break;
+ }
+ }
+
+
+ /*! \brief Forward command execution requests
+ * to the hook execution method.
+ */
+ function handle_pre_events($mode, $addAttrs= array())
+ {
+ if(!in_array($mode, array('add','remove','modify'))){
+ trigger_error(sprintf("Invalid pre event type given %s! Valid types are [add,modify,remove].", $mode));
+ return;
+ }
switch ($mode){
case "add":
- $this->postcreate($add_attrs);
+ plugin::callHook($this,"PRECREATE", $addAttrs);
break;
case "modify":
- $this->postmodify($add_attrs);
+ plugin::callHook($this,"PREMODIFY", $addAttrs);
break;
case "remove":
- $this->postremove($add_attrs);
+ plugin::callHook($this,"PREREMOVE", $addAttrs);
break;
}
}
+ /*! \brief Calls external hooks which are defined for this plugin (gosa.conf)
+ * Replaces placeholder by class values of this plugin instance.
+ * @param Allows to a add special replacements.
+ */
+ static function callHook($plugin, $cmd, $addAttrs= array(), &$returnOutput = array(), &$returnCode = NULL)
+ {
+ global $config;
+ $command= $config->search(get_class($plugin), $cmd ,array('menu', 'tabs'));
+ if ($command != ""){
+
+ // Walk trough attributes list and add the plugins attributes.
+ foreach ($plugin->attributes as $attr){
+ if (!is_array($plugin->$attr)){
+ $addAttrs[$attr] = $plugin->$attr;
+ }
+ }
+ $ui = get_userinfo();
+ $addAttrs['callerDN']=$ui->dn;
+ $addAttrs['dn']=$plugin->dn;
+ $addAttrs['location']=$config->current['NAME'];
+
+ // Sort attributes by length, ensures correct replacement
+ $tmp = array();
+ foreach($addAttrs as $name => $value){
+ $tmp[$name] = strlen($name);
+ }
+ arsort($tmp);
+
+ // Now replace the placeholder
+ foreach ($tmp as $name => $len){
+ $value = $addAttrs[$name];
+ $command= str_replace("%$name", "$value", $command);
+ }
+ // If there are still some %.. in our command, try to fill these with some other class vars
+ if(preg_match("/%/",$command)){
+ $attrs = get_object_vars($plugin);
+ foreach($attrs as $name => $value){
+ if(is_array($value)){
+ $s = "";
+ foreach($value as $val){
+ if(is_string($val) || is_int($val) || is_float($val) || is_bool($val)){
+ $s .= '"'.$val.'",';
+ }
+ }
+ $value = '['.trim($s,',').']';
+ }
+ if(!is_string($value) && !is_int($value) && !is_float($value) && !is_bool($value)){
+ continue;
+ }
+ $command= preg_replace("/%$name/", escapeshellarg($value), $command);
+ }
+ }
+
+ if (check_command($command)){
+
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__,$command,"Execute");
+ exec($command, $arr, $returnCode);
+ $returnOutput = $arr;
+
+ if($returnCode != 0){
+ $str = implode("\n",$arr);
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execution failed code: ".$returnCode);
+ $message= msgPool::cmdexecfailed($cmd,$command, get_class($plugin));
+ msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
+ }elseif(is_array($arr)){
+ $str = implode("\n",$arr);
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Result: ".$str);
+ }
+ } else {
+ $message= msgPool::cmdinvalid($cmd,$command, get_class($plugin));
+ msg_dialog::display(_("Error"), $message, ERROR_DIALOG);
+ }
+ }
+ }
+
+
function saveCopyDialog(){
}
}
+ /*! \brief Prepare for Copy & Paste */
function PrepareForCopyPaste($source)
{
$todo = $this->attributes;
if (isset($source[$var])){
if(isset($source[$var]['count'])){
if($source[$var]['count'] > 1){
- $this->$var = array();
- $tmp = array();
- for($i = 0 ; $i < $source[$var]['count']; $i++){
- $tmp = $source[$var][$i];
- }
+ $tmp= $source[$var];
+ unset($tmp['count']);
$this->$var = $tmp;
}else{
$this->$var = $source[$var][0];
}
}
- function tag_attrs(&$at, $dn= "", $tag= "", $show= false)
- {
- /* Skip tagging?
+ /*! \brief Get gosaUnitTag for the given DN
If this is called from departmentGeneric, we have to skip this
tagging procedure.
- */
+ */
+ function tag_attrs(&$at, $dn= "", $tag= "", $show= false)
+ {
+ /* Skip tagging? */
if($this->skipTagging){
return;
}
}
}
}
-
+
+ /*! \brief Add unit tag */
/* Remove tags that may already be here... */
remove_objectClass("gosaAdministrativeUnitTag", $at);
if (isset($at['gosaUnitTag'])){
}
- /* Add possibility to stop remove process */
+ /*! \brief Test for removability of the object
+ *
+ * Allows testing of conditions for removal of object. If removal should be aborted
+ * the function needs to remove an error message.
+ * */
function allow_remove()
{
$reason= "";
}
- /* Create a snapshot of the current object */
+ /*! \brief Create a snapshot of the current object */
function create_snapshot($type= "snapshot", $description= array())
{
$new_base = preg_replace("/".preg_quote($base, '/')."$/","",$base_of_object).$snap_base;
/* Create object */
-#$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
- $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
+ $data = $ldap->generateLdif(LDAP::fix($dn),
+ "(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))",array(),'base');
+
$newName = str_replace(".", "", $sec."-".$usec);
$target= array();
$target['objectClass'] = array("top", "gosaSnapshotObject");
}
}
+ /*! \brief Remove a snapshot */
function remove_snapshot($dn)
{
$ui = get_userinfo();
}
- /* returns true if snapshots are enabled, and false if it is disalbed
- There will also be some errors psoted, if the configuration failed */
+ /*! \brief Test if snapshotting is enabled
+ *
+ * Test weither snapshotting is enabled or not. There will also be some errors posted,
+ * if the configuration failed
+ * \return TRUE if snapshots are enabled, and FALSE if it is disabled
+ */
function snapshotEnabled()
{
return $this->config->snapshotEnabled();
}
- /* Return available snapshots for the given base
- */
+ /* \brief Return available snapshots for the given base */
function Available_SnapsShots($dn,$raw = false)
{
if(!$this->snapshotEnabled()) return(array());
}
- /* Restore selected snapshot */
+ /* \brief Restore selected snapshot */
function restore_snapshot($dn)
{
if(!$this->snapshotEnabled()) return(array());
}
+ /*! \brief Return plugin informations for acl handling */
static function plInfo()
{
return array();
}
- /*! \brief Returns a list of all available departments for this object.
- If this object is new, all departments we are allowed to create a new user in are returned.
- If this is an existing object, return all deps. we are allowed to move tis object too.
-
- @return Array [dn] => "..name" // All deps. we are allowed to act on.
+ /*! \brief Returns a list of all available departments for this object.
+ *
+ * If this object is new, all departments we are allowed to create a new user in
+ * are returned. If this is an existing object, return all deps.
+ * We are allowed to move tis object too.
+ * \return array [dn] => "..name" // All deps. we are allowed to act on.
*/
function get_allowed_bases()
{
/* This function updates ACL settings if $old_dn was used.
- * $old_dn specifies the actually used dn
- * $new_dn specifies the destiantion dn
+ * \param string 'old_dn' specifies the actually used dn
+ * \param string 'new_dn' specifies the destiantion dn
*/
function update_acls($old_dn,$new_dn,$output_changes = FALSE)
{
$acls = array();
$found = false;
for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){
- $acl_parts = split(":",$attrs['gosaAclEntry'][$i]);
+ $acl_parts = explode(":",$attrs['gosaAclEntry'][$i]);
/* Roles uses antoher data storage order, members are stored int the third part,
while the members in direct ACL assignments are stored in the second part.
- /* This function enables the entry Serial ID check.
- * If an entry was edited while we have edited the entry too,
- * an error message will be shown.
+ /*! \brief Enable the Serial ID check
+ *
+ * This function enables the entry Serial ID check. If an entry was edited while
+ * we have edited the entry too, an error message will be shown.
* To configure this check correctly read the FAQ.
*/
function enable_CSN_check()
/*! \brief Prepares the plugin to be used for multiple edit
* Update plugin attributes with given array of attribtues.
- * @param array Array with attributes that must be updated.
+ * \param array Array with attributes that must be updated.
*/
function init_multiple_support($attrs,$all)
{
/*! \brief Returns all values that have been modfied in multiple edit mode.
- @return array Cotaining all mdofied values.
+ \return array Cotaining all modified values.
*/
function get_multi_edit_values()
{
}
- /*! \brief execute plugin
-
- Generates the html output for this node
- */
+ /*! \brief Generates the html output for this node for multi edit*/
function multiple_execute()
{
/* This one is empty currently. Fabian - please fill in the docu code */
}
- /*! \brief Save HTML posted data to object for multiple edit
+ /*! \brief Save HTML posted data to object for multiple edit
*/
function multiple_save_object()
{
}
- /*! \brief Returns all attributes of this plugin,
+ /*! \brief Returns all attributes of this plugin,
to be able to detect multiple used attributes
in multi_plugg::detect_multiple_used_attributes().
@return array Attributes required for intialization of multi_plug
/*! \brief Check given values in multiple edit
- @return array Error messages
+ \return array Error messages
*/
function multiple_check()
{
/*! \brief Returns the snapshot header part for "Actions" menu in management dialogs
- @param $layer_menu
+ \param $layer_menu
*/
function get_snapshot_header($base,$category)
{