![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-core/plugins/admin/sudo/class_sudoManagement.inc b/gosa-core/plugins/admin/sudo/class_sudoManagement.inc
index 19db54eb494043a8c7cc554320da3bacb5918312..fe78bd12ac9b7109827cf647af314b378dcfb422 100644 (file)
/* Save configuration for internal use */
$this->config = &$config;
$this->ui = &$ui;
- $this->base = get_ou("sudoou");
-
- if(empty($this->base)){
- //FIXME Optimize this message, maybe with msgPool
- msg_dialog::display(_("Configuration"),sprintf(_("The sudo object path is not configured.")));
- }
+ $this->base = sudo::get_sudoers_ou($this->config);
/* Create dialog object */
$this->DivListSudo = new divListSudo($this->config,$this);
function execute()
{
- /* Call parent execute */
- plugin::execute();
+ /* Call parent execute */
+ plugin::execute();
/********************
Handle Posts
"/^act$/","/^id$/","/^sudo_edit_/",
"/^sudo_del_/","/^item_selected/","/menu_action/"));
- /* Save data */
+
+ /* Get html posts */
$s_action = "";
$s_entry = "";
-
foreach($_POST as $name => $value){
if(preg_match("/^sudo_edit_/",$name)){
$s_action = "edit_role";
$s_entry = preg_replace("/^sudo_del_([0-9]*).*$/","\\1",$name);
}
}
-
+
if(isset($_GET['act']) && isset($_GET['id']) && $_GET['act'] == "edit_entry"){
$id = trim($_GET['id']);
if(isset($this->list[$id])){
$s_entry = $id;
}
}
-
- /* handle C&P from layers menu */
- if(isset($_POST['menu_action']) && in_array($_POST['menu_action'],array("new_role","remove_multiple"))){
+
+ if(isset($_POST['menu_action']) && in_array($_POST['menu_action'],array("new_role","del_role"))){
$s_action = $_POST['menu_action'];
}
$smarty= get_smarty();
+
/********************
Create a new sudo ...
********************/
if ($s_action=="new_role"){
/* Check create permissions */
- $acl = $this->ui->get_permissions($this->DivListSudo->selectedBase,"sudo/sudo");
+ $acl = $this->ui->get_permissions($this->base,"sudo/sudo");
if(preg_match("/c/",$acl)){
/* By default we set 'dn' to 'new', all relevant plugins will
Save Sudo Tab/Object Changes
********************/
- /* Finish sudo edit is triggered by the tabulator dialog, so
- the user wants to save edited data. Check and save at this
- point. */
+ /* Save changes */
if ((isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && is_object($this->sudotabs)){
/* Check tabs, will feed message array
$this->sudotabs->save();
if (!isset($_POST['edit_apply'])){
+
/* Sudo has been saved successfully, remove lock from LDAP. */
if ($this->dn != "new"){
del_lock ($this->dn);
}
- /* There's no page reload so we have to read new sudos at this point. */
- //$this->reload ();
unset ($this->sudotabs);
$this->sudotabs= NULL;
session::un_set('objectinfo');
/********************
- Delete MULTIPLE entries requested, display confirm dialog
+ Delete entries requested, display confirm dialog
********************/
- if ($s_action=="del_multiple"){
+ if ($s_action=="del_role"){
+
$ids = $this->list_get_selected_items();
+ if(!count($ids) && $s_entry!=""){
+ $ids = array($s_entry);
+ }
+
if(count($ids)){
+ $this->dns = array();
foreach($ids as $id){
$dn = $this->list[$id]['dn'];
if (($user= get_lock($dn)) != ""){
/* Lock the current entry, so nobody will edit it during deletion */
$smarty->assign("info", msgPool::deleteInfo($dns_names,_("sudo role")));
- $smarty->assign("multiple", true);
return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
}
}
/********************
- Delete MULTIPLE entries confirmed
+ Delete entries confirmed
********************/
- /* Confirmation for deletion has been passed. Sudo should be deleted. */
- if (isset($_POST['delete_multiple_sudos_confirmed'])){
+ /* Confirmation for deletion has been passed. Sudo should be deleted. */
+ if (isset($_POST['delete_sudos_confirmed'])){
- /* Remove user by user and check acls before removeing them */
- foreach($this->dns as $key => $dn){
+ /* Remove user by user and check acls before removeing them */
+ foreach($this->dns as $key => $dn){
- /* Load permissions for selected 'dn' and check if
- we're allowed to remove this 'dn' */
- $acl = $this->ui->get_permissions($dn,"sudo/sudo");
- if(preg_match("/d/",$acl)){
+ /* Load permissions for selected 'dn' and check if
+ we're allowed to remove this 'dn' */
+ $acl = $this->ui->get_permissions($dn,"sudo/sudo");
+ if(preg_match("/d/",$acl)){
- /* Delete request is permitted, perform LDAP action */
- $this->sudotabs= new sudotabs($this->config,$this->config->data['TABS']['SUDOTABS'], $dn);
- $this->sudotabs->set_acl_base($dn);
- $this->sudotabs->delete ();
- unset ($this->sudotabs);
- $this->sudotabs= NULL;
+ /* Delete request is permitted, perform LDAP action */
+ $this->sudotabs= new sudotabs($this->config,$this->config->data['TABS']['SUDOTABS'], $dn);
+ $this->sudotabs->set_acl_base($dn);
+ $this->sudotabs->delete ();
+ unset ($this->sudotabs);
+ $this->sudotabs= NULL;
- } else {
+ } else {
- /* Normally this shouldn't be reached, send some extra
- logs to notify the administrator */
- msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
- new log("security","sudo/".get_class($this),$dn,array(),"Tried to trick deletion.");
- }
- /* Remove lock file after successfull deletion */
- del_lock ($dn);
- unset($this->dns[$key]);
+ /* Normally this shouldn't be reached, send some extra
+ logs to notify the administrator */
+ msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
+ new log("security","sudo/".get_class($this),$dn,array(),"Tried to trick deletion.");
}
- }
-
-
- /********************
- Delete MULTIPLE entries Canceled
- ********************/
-
- /* Remove lock */
- if(isset($_POST['delete_multiple_user_cancel'])){
- foreach($this->dns as $key => $dn){
+ /* Remove lock file after successfull deletion */
del_lock ($dn);
unset($this->dns[$key]);
}
/********************
- Delete sudo role
+ Delete entries Canceled
********************/
- /* Remove sudo was requested */
- if ($s_action=="del_role"){
-
- /* Get 'dn' from posted 'uid' */
- $this->dn= $this->list[trim($s_entry)]['dn'];
-
- /* Load permissions for selected 'dn' and check if
- we're allowed to remove this 'dn' */
- $acl = $this->ui->get_permissions($this->dn,"sudo/sudo");
- if(preg_match("/d/",$acl)){
-
- /* Check locking, save current plugin in 'back_plugin', so
- the dialog knows where to return. */
- if (($user= get_lock($this->dn)) != ""){
- return(gen_locked_message ($user, $this->dn));
- }
-
- /* Lock the current entry, so nobody will edit it during deletion */
- add_lock ($this->dn, $this->ui->dn);
- $smarty->assign("info", msgPool::deleteInfo(@LDAP::fix($this->dn),_("sudo role")));
- $smarty->assign("multiple", false);
- return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
-
- } else {
-
- /* Obviously the user isn't allowed to delete. Show message and clean session. */
- msg_dialog::display(_("Permission error"), msgPool::permDelete());
- }
- }
-
-
- /********************
- Delete sudo confirmed
- ********************/
-
- /* Confirmation for deletion has been passed. Sudo should be deleted. */
- if (isset($_POST['delete_sudo_confirmed'])){
-
- /* Some nice guy may send this as POST, so we've to check
- for the permissions again. */
- $acl = $this->ui->get_permissions($this->dn,"sudo/sudo");
- if(preg_match("/d/",$acl)){
-
- /* Delete request is permitted, perform LDAP action */
- $this->sudotabs= new sudotabs($this->config,$this->config->data['TABS']['SUDOTABS'], $this->dn);
- $this->sudotabs->set_acl_base($this->dn);
- $this->sudotabs->delete ();
- unset ($this->sudotabs);
- $this->sudotabs= NULL;
-
- /* Sudo list has changed, reload it. */
- //$this->reload ();
-
- } else {
-
- /* Normally this shouldn't be reached, send some extra
- logs to notify the administrator */
- msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
- new log("security","sudo/".get_class($this),$dn,array(),"Tried to trick deletion.");
+ /* Remove lock */
+ if(isset($_POST['delete_sudo_cancel'])){
+ foreach($this->dns as $key => $dn){
+ del_lock ($dn);
+ unset($this->dns[$key]);
}
-
- /* Remove lock file after successfull deletion */
- del_lock ($this->dn);
- session::un_set('objectinfo');
- }
-
-
- /********************
- Delete sudo canceled
- ********************/
-
- /* Delete sudo canceled? */
- if (isset($_POST['delete_cancel'])){
- del_lock ($this->dn);
- session::un_set('objectinfo');
}
-
/********************
A dialog was canceled