![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-core/plugins/admin/ogroups/class_ogroup.inc b/gosa-core/plugins/admin/ogroups/class_ogroup.inc
index 34464dcdc3af8470b25fe2a9499554b8babfe9a9..5c51363c5701aa5c4d97fe80e5319ea3b654dd83 100644 (file)
var $orig_dn= "";
var $orig_cn= "";
var $orig_base= "";
- var $group_dialog= FALSE;
+ var $objectSelect= FALSE;
var $view_logged = FALSE;
var $accessTo= array();
var $trustModel= "";
- var $show_ws_dialog = FALSE;
+ var $trustSelect = FALSE;
var $was_trust_account= FALSE;
+ var $baseSelector;
+
+ /* Already assigned Workstations. Will be hidden in selection.
+ */
+ var $used_workstations = array();
/* attribute list for save action */
var $attributes= array("cn", "description", "gosaGroupObjects","member","accessTo","trustModel");
if ($this->dn == "new"){
$this->base = session::get('CurrentMainBase');
} else {
- $this->base= preg_replace("/^[^,]+,".normalizePreg(get_ou("ogroupou"))."/","",$this->dn);
+ $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("ogroupRDN"), '/')."/i","",$this->dn);
/* Is this account a trustAccount? */
if ($this->is_account && isset($this->attrs['trustModel'])){
}
}
+ /* Detect all workstations, which are already assigned to an object group
+ - Those objects will be hidden in the add object dialog.
+ - Check() will complain if such a system is assigned to this object group.
+ */
+ $base = $this->config->current['BASE'];
+ $res = get_list("(|(objectClass=gotoWorkstation)(objectClass=gotoTerminal))","none" ,
+ $base, array("dn"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
+ $ws_dns = array();
+ foreach($res as $data){
+ $ws_dns[] = $data['dn'];
+ }
+ $res=get_list("(&(member=*)(objectClass=gosaGroupOfNames))","none",
+ $base, array("dn","member", "gosaGroupObjects"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
+ $this->used_workstations = array();
+ foreach($res as $og){
+ if($og['dn'] == $this->dn) continue;
+ $test = array_intersect($ws_dns,$og['member']);
+ if(($og['gosaGroupObjects'] == "[W]" || $og['gosaGroupObjects'] == "[T]") && count($test)){
+ $this->used_workstations = array_merge($this->used_workstations,$test);
+ }
+ }
+
$this->orig_cn = $this->cn;
$this->orig_base = $this->base;
- /* Load member data */
+ /* Get global filter config */
+ if (!session::is_set("sysfilter")){
+ $ui= get_userinfo();
+ $base= get_base_from_people($ui->dn);
+ $sysfilter= array( "depselect" => $base,
+ "regex" => "*");
+ session::set("sysfilter", $sysfilter);
+ }
+
+ /* Instanciate base selector */
+ $this->baseSelector= new baseSelector($this->get_allowed_bases(), $this->base);
+ $this->baseSelector->setSubmitButton(false);
+ $this->baseSelector->setHeight(300);
+ $this->baseSelector->update(true);
+
$this->reload();
}
}
/* Add objects to group */
- if (isset($_POST['add_object_finish']) && isset($_POST['objects'])){
-
- $tmp = "";
- foreach($this->memberList as $obj){
- $tmp .= $obj['type'];
- }
+ if (isset($_POST['objectSelect_save']) && $this->objectSelect instanceOf objectSelect){
+ $objects = $this->objectSelect->save();
$skipped = FALSE;
- foreach ($_POST['objects'] as $value){
- if(preg_match("/T/",$tmp) && $this->objects[$value]['type'] == "W"){
+ foreach($objects as $object){
+
+ $tmp = "";
+ foreach($this->memberList as $obj){
+ $tmp .= $obj['type'];
+ }
+
+ $type = $this->getObjectType($object);
+ $name= $this->getObjectName($object);
+ $dn = $object['dn'];
+
+ /* Fill array */
+ if (isset($object["description"][0])){
+ $object= array("text" => "$name [".$object["description"][0]."]", "type" => "$type");
+ } elseif (isset($object["uid"][0])) {
+ $object= array("text" => "$name [".$object["uid"][0]."]", "type" => "$type");
+ } else {
+ $object= array("text" => "$name", "type" => "$type");
+ }
+
+ if(preg_match("/T/",$tmp) && $type == "W"){
$skipped =TRUE;
- }elseif(preg_match("/W/",$tmp) && $this->objects[$value]['type'] == "T"){
+ }elseif(preg_match("/W/",$tmp) && $type == "T"){
$skipped =TRUE;
}else{
- $this->memberList["$value"]= $this->objects[$value];
- $this->member["$value"]= $value;
- unset ($this->objects[$value]);
+
+ $this->memberList["$dn"]= $object;
+ $this->member["$dn"]= $dn;
uasort ($this->memberList, 'sort_list');
reset ($this->memberList);
}
if($skipped){
msg_dialog::display(_("Information"), _("You cannot combine terminals and workstations in one object group!"), INFO_DIALOG);
}
- $this->reload();
+ $this->objectSelect= FALSE;
+ $this->dialog= FALSE;
}
}
}
/* Load templating engine */
$smarty= get_smarty();
+ $smarty->assign("usePrototype", "true");
$tmp = $this->plInfo();
foreach($tmp['plProvidedAcls'] as $name => $translation){
$smarty->assign($name."ACL",$this->getacl($name));
}
- /* Base select dialog */
- $once = true;
- foreach($_POST as $name => $value){
- if(preg_match("/^chooseBase/",$name) && $once && $this->acl_is_moveable()){
- $once = false;
- $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
- $this->dialog->setCurrentBase($this->base);
- }
- }
-
/***********
* Trusts
***********/
/* Add user workstation? */
if (isset($_POST["add_ws"])){
- $this->show_ws_dialog= TRUE;
+ $this->trustSelect= new trustSelect($this->config,get_userinfo());
$this->dialog= TRUE;
}
- /* Add user workstation? */
- if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
- foreach($_POST['wslist'] as $ws){
- $this->accessTo[$ws]= $ws;
+ // Add selected machines to trusted ones.
+ if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
+ $trusts = $this->trustSelect->detectPostActions();
+ if(isset($trusts['targets'])){
+
+ $headpage = $this->trustSelect->getHeadpage();
+ foreach($trusts['targets'] as $id){
+ $attrs = $headpage->getEntry($id);
+ $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
+ }
+ ksort($this->accessTo);
+ $this->is_modified= TRUE;
}
- ksort($this->accessTo);
- $this->is_modified= TRUE;
+ $this->trustSelect= NULL;
+ $this->dialog= FALSE;
}
+
/* Remove user workstations? */
if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
foreach($_POST['workstation_list'] as $name){
}
/* Add user workstation finished? */
- if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
- $this->show_ws_dialog= FALSE;
+ if (isset($_POST["add_ws_cancel"])){
+ $this->trustSelect= NULL;
$this->dialog= FALSE;
}
/* Show ws dialog */
- if ($this->show_ws_dialog){
- /* Save data */
- $sysfilter= session::get("sysfilter");
- foreach( array("depselect", "regex") as $type){
- if (isset($_POST[$type])){
- $sysfilter[$type]= $_POST[$type];
- }
- }
- if (isset($_GET['search'])){
- $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
- if ($s == "**"){
- $s= "*";
- }
- $sysfilter['regex']= $s;
- }
- session::set("sysfilter", $sysfilter);
-
- /* Get workstation list */
- $exclude= "";
- foreach($this->accessTo as $ws){
- $exclude.= "(cn=$ws)";
- }
- if ($exclude != ""){
- $exclude= "(!(|$exclude))";
- }
- $regex= $sysfilter['regex'];
- $filter= "(&(|(objectClass=goServer)(objectClass=gotoWorkstation)(objectClass=gotoTerminal))$exclude(cn=*)(cn=$regex))";
-
- $deps_a = array(get_ou("serverou"),
- get_ou("terminalou"),
- get_ou("workstationou"));
- $res= get_sub_list($filter, array("terminal","server","workstation"), $deps_a, get_ou("systemsou").$sysfilter['depselect'],
- array("cn"), GL_SUBSEARCH | GL_SIZELIMIT);
- $wslist= array();
- foreach ($res as $attrs){
- $wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
- }
- asort($wslist);
- $smarty->assign("search_image", get_template_path('images/lists/search.png'));
- $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
- $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
- $smarty->assign("deplist", $this->config->idepartments);
- $smarty->assign("alphabet", generate_alphabet());
- foreach( array("depselect", "regex") as $type){
- $smarty->assign("$type", $sysfilter[$type]);
- }
- $smarty->assign("hint", print_sizelimit_warning());
- $smarty->assign("wslist", $wslist);
- $smarty->assign("apply", apply_filter());
- $display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
- return ($display);
+ if ($this->trustSelect){
+
+ // Build up blocklist
+ session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
+ return($this->trustSelect->execute());
}
/***********
/* Add objects? */
if (isset($_POST["edit_membership"])){
- $this->group_dialog= TRUE;
+ $this->objectSelect= new objectSelect($this->config, get_userinfo());
$this->dialog= TRUE;
}
/* Add objects finished? */
- if (isset($_POST["add_object_finish"]) || isset($_POST["add_object_cancel"])){
- $this->group_dialog= FALSE;
+ if (isset($_POST["objectSelect_cancel"])){
+ $this->objectSelect= FALSE;
$this->dialog= FALSE;
}
/* Manage object add dialog */
- if ($this->group_dialog){
-
- /* Save data */
- $ogfilter= session::get("ogfilter");
- foreach( array("dselect", "regex") as $type){
- if (isset($_POST[$type])){
- $ogfilter[$type]= $_POST[$type];
- }
- }
- if (isset($_POST['dselect'])){
- foreach( array("accounts", "groups", "applications", "departments",
- "servers", "workstations", "winstations", "terminals", "printers","subtrees",
- "phones") as $type){
-
- if (isset($_POST[$type])) {
- $ogfilter[$type]= "checked";
- } else {
- $ogfilter[$type]= "";
- }
- }
- }
- if (isset($_GET['search'])){
- $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
- if ($s == "**"){
- $s= "*";
- }
- $ogfilter['regex']= $s;
- }
- session::set("ogfilter", $ogfilter);
- $this->reload();
-
- /* Calculate actual groups */
- $smarty->assign("objects", $this->convert_list($this->objects));
-
- /* Show dialog */
- $smarty->assign("search_image", get_template_path('images/lists/search.png'));
- $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
- $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
- $smarty->assign("deplist", $this->config->idepartments);
- $smarty->assign("alphabet", generate_alphabet());
- foreach( array("dselect", "regex", "subtrees") as $type){
- $smarty->assign("$type", $ogfilter[$type]);
- }
- $smarty->assign("hint", print_sizelimit_warning());
- $smarty->assign("apply", apply_filter());
-
- /* Build up checkboxes
- */
- $ar = array(
- "departments" => array(
- "T" => msgPool::selectToView(_("departments")),
- "C" => (isset($ogfilter['departments']) && ($ogfilter['departments'])),
- "L" => sprintf(_("Show %s"),_("departments"))),
- "accounts" => array(
- "T" => msgPool::selectToView(_("people")),
- "C" => (isset($ogfilter['accounts']) && ($ogfilter['accounts'])),
- "L" => sprintf(_("Show %s"),_("people"))),
- "groups"=> array(
- "T" => msgPool::selectToView(_("groups")),
- "C" => (isset($ogfilter['groups']) && ($ogfilter['groups'])),
- "L" => sprintf(_("Show %s"),_("groups"))),
- "servers"=> array(
- "T" => msgPool::selectToView(_("servers")),
- "C" => (isset($ogfilter['servers']) && ($ogfilter['servers'])),
- "L" => sprintf(_("Show %s"),_("servers"))),
- "workstations"=> array(
- "T" => msgPool::selectToView(_("workstations")),
- "C" => (isset($ogfilter['workstations']) && ($ogfilter['workstations'])),
- "L" => sprintf(_("Show %s"),_("workstations"))),
- "terminals"=> array(
- "T" => msgPool::selectToView(_("terminals")),
- "C" => (isset($ogfilter['terminals']) && ($ogfilter['terminals'])),
- "L" => sprintf(_("Show %s"),_("terminals"))),
- "printers"=> array(
- "T" => msgPool::selectToView(_("printer")),
- "C" => (isset($ogfilter['printers']) && ($ogfilter['printers'])),
- "L" => sprintf(_("Show %s"),_("printers"))),
- "phones"=> array(
- "T" => msgPool::selectToView(_("phones")),
- "C" => (isset($ogfilter['phones']) && ($ogfilter['phones'])),
- "L" => sprintf(_("Show %s"),_("phones"))));
-
- /* Allow selecting applications if we are having a non
- release managed application storage */
- if(!$this->IsReleaseManagementActivated()){
- $ar["applications"] = array(
- "T" => msgPool::selectToView(_("applications")),
- "C" => (isset($ogfilter['applications']) && ($ogfilter['applications'])),
- "L" => sprintf(_("Show %s"),_("applications")));
- }
-
- $smarty->assign("checkboxes",$ar);
- $display= $smarty->fetch (get_template_path('ogroup_objects.tpl', TRUE, dirname(__FILE__)));
- return ($display);
+ if ($this->objectSelect){
+ session::set('filterBlacklist', array('dn'=> $this->member));
+ return($this->objectSelect->execute());
}
/* Bases / Departments */
}
/* Assign variables */
- $smarty->assign("bases", $this->get_allowed_bases());
- $smarty->assign("base_select", $this->base);
+ $smarty->assign("base", $this->baseSelector->render());
$smarty->assign("department", $this->department);
$smarty->assign("members", $this->convert_list($this->memberList));
/* Save data to object */
function save_object()
{
+ /* Refresh base */
+ if ($this->acl_is_moveable($this->base)){
+ if (!$this->baseSelector->update()) {
+ msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
+ }
+ if ($this->base != $this->baseSelector->getBase()) {
+ $this->base= $this->baseSelector->getBase();
+ $this->is_modified= TRUE;
+ }
+ }
+
/* Save additional values for possible next step */
if (isset($_POST['ogroupedit'])){
$base_tmp = $this->base;
plugin::save_object();
$this->base = $base_tmp;
-
- /* Save base, since this is no LDAP attribute */
- $tmp = $this->get_allowed_bases();
- if(isset($_POST['base'])){
- if(isset($tmp[$_POST['base']])){
- $this->base= $_POST['base'];
- }
- }
}
}
$p_f= array("accounts"=> array("OBJ"=>"user", "CLASS"=>"gosaAccount" ,
"DN"=> get_people_ou() ,"ACL" => "users"),
"groups" => array("OBJ"=>"group", "CLASS"=>"posixGroup" ,
- "DN"=> get_groups_ou('ogroupou') ,"ACL" => "groups"),
+ "DN"=> get_groups_ou('ogroupRDN') ,"ACL" => "groups"),
"departments" => array("OBJ"=>"department", "CLASS"=>"gosaDepartment" ,
"DN"=> "" ,"ACL" => "department"),
"servers" => array("OBJ"=>"servgeneric", "CLASS"=>"goServer" ,
- "DN"=> get_ou('serverou') ,"ACL" => "server"),
+ "DN"=> get_ou('serverRDN') ,"ACL" => "server"),
"workstations" => array("OBJ"=>"workgeneric", "CLASS"=>"gotoWorkstation",
- "DN"=> get_ou('workstationou') ,"ACL" => "workstation"),
+ "DN"=> get_ou('workstationRDN') ,"ACL" => "workstation"),
"winstations" => array("OBJ"=>"wingeneric", "CLASS"=>"opsiClient",
- "DN"=> get_ou('WINSTATIONS') ,"ACL" => "winstation"),
+ "DN"=> get_ou('SAMBAMACHINEACCOUNTRDN') ,"ACL" => "winstation"),
"terminals" => array("OBJ"=>"termgeneric", "CLASS"=>"gotoTerminal" ,
- "DN"=> get_ou('terminalou') ,"ACL" => "terminal"),
+ "DN"=> get_ou('terminalRDN') ,"ACL" => "terminal"),
"printers" => array("OBJ"=>"printgeneric", "CLASS"=>"gotoPrinter" ,
- "DN"=> get_ou('printerou') ,"ACL" => "printer"),
+ "DN"=> get_ou('printerRDN') ,"ACL" => "printer"),
"phones" => array("OBJ"=>"phoneGeneric", "CLASS"=>"goFonHardware" ,
- "DN"=> get_ou('phoneou') ,"ACL" => "phone"));
+ "DN"=> get_ou('phoneRDN') ,"ACL" => "phone"));
/* Allow searching for applications, if we are not using release managed applications
*/
if(!$this->IsReleaseManagementActivated()){
$p_f[ "applications"] = array("OBJ"=>"application", "CLASS"=>"gosaApplication",
- "DN"=> get_ou('applicationou') ,"ACL" => "application");
+ "DN"=> get_ou('applicationRDN') ,"ACL" => "application");
}
/*###########
/* fetch results and append them to the list */
foreach($res as $attrs){
+ /* Skip workstations which are already assigned to an object group.
+ */
+ if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]"){
+ if(in_array($attrs['dn'],$this->used_workstations)){
+ continue;
+ }
+ }
+
$type= $this->getObjectType($attrs);
$name= $this->getObjectName($attrs);
/* It has failed, add entry with type flag I (Invalid)*/
if (!$ldap->success()){
- $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".@LDAP::fix($dn),"type" => "I");
+ $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".LDAP::fix($dn),"type" => "I");
} else {
function convert_list($input)
{
$temp= "";
- $conv= array( "U" => "select_user.png",
+ $conv= array(
+ "Y" => "plugins/users/images/select_template.png",
+ "U" => "plugins/generic/images/head.png",
"G" => "plugins/groups/images/groups.png",
"A" => "plugins/ogroups/images/application.png",
"D" => "plugins/departments/images/department.png",
"O" => "plugins/ogroups/images/winstation.png",
"T" => "plugins/ogroups/images/terminal.png",
"F" => "plugins/ogroups/images/phone.png",
- "I" => "images/lists/flag.png",
- "P" => "plugins/ogroups/images/printer.png");
+ "P" => "plugins/ogroups/images/printer.png",
+ "I" => "images/false.png");
foreach ($input as $key => $value){
/* Generate output */
{
$type= "I";
- foreach(array( "U" => "gosaAccount",
+ foreach(array(
+ "Y" => "gosaUserTemplate",
+ "U" => "gosaAccount",
"G" => "posixGroup",
"A" => "gosaApplication",
"D" => "gosaDepartment",
/* Permissions for that base? */
if ($this->base != ""){
- $new_dn= 'cn='.$this->cn.','.get_ou('ogroupou').$this->base;
+ $new_dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
} else {
$new_dn= $this->dn;
}
+ /* Check if we have workstations assigned, that are already assigned to
+ another object group. */
+ if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]" ) {
+ $test =array_intersect($this->used_workstations,$this->member);
+ if(count($test)){
+ $str = "";
+ foreach($test as $dn){
+ $str .= "<li>".$dn."</li>";
+ }
+ $message[] = sprintf(_("These systems are already configured by other object groups and cannot be added:")."<br><ul>%s</ul>",$str);
+ }
+ }
$ldap = $this->config->get_ldap_link();
- if($this->dn != $new_dn){
+ if(LDAP::fix($this->dn) != LDAP::fix($new_dn)){
$ldap->cat ($new_dn, array('dn'));
}
/* Check if we are allowed to create or move this object
*/
- if($this->dn == "new" && !$this->acl_is_createable($this->base)){
+ if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
$message[] = msgPool::permCreate();
- }elseif($this->cn != $this->orig_cn || $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
+ }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
$message[] = msgPool::permMove();
}
/* Move members to target array */
$this->attrs['member'] =array();
foreach ($this->member as $key => $desc){
- $this->attrs['member'][]= @LDAP::fix($key);
+ $this->attrs['member'][]= LDAP::fix($key);
}
$ldap= $this->config->get_ldap_link();
/* New accounts need proper 'dn', propagate it to remaining objects */
if ($this->dn == 'new'){
- $this->dn= 'cn='.$this->cn.','.get_ou('ogroupou').$this->base;
+ $this->dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
}
/* Save data. Using 'modify' implies that the entry is already present, use 'add' for
function PrepareForCopyPaste($source)
{
- /* Update available object types */
- if(isset($source['gosaGroupObjects'][0])){
- $this->gosaGroupObjects = $source['gosaGroupObjects'][0];
- }
+ plugin::PrepareForCopyPaste($source);
/* Reload tabs */
$this->parent->reload($this->gosaGroupObjects );
}
}
- /* Load member objects */
- if (isset($source['member'])){
- foreach ($source['member'] as $key => $value){
- if ("$key" != "count"){
- $value= @LDAP::convert($value);
- $this->member["$value"]= "$value";
- }
- }
+ $source_o = new ogroup ($this->config, $source['dn']);
+ foreach(array("accessTo","member","gosaGroupObjects") as $attr){
+ $this->$attr = $source_o->$attr;
}
-
}
"cn" => _("Name"),
"base" => _("Base"),
"description" => _("Description"),
+ "trustModel" => _("Sytem trust"),
"member" => _("Member"))
));
}