![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-plugins/sudo/admin/sudo/class_sudoGeneric.inc b/gosa-plugins/sudo/admin/sudo/class_sudoGeneric.inc
index a7697f1bb08eb766918476d5bd80f423c85eaa6f..0544cf64d8223392a86a218b44192937efdb96df 100644 (file)
var $sudoHost = array("ALL");
var $sudoRunAs = array("ALL");
- var $accessTo = array();
- var $trustModel = "";
- var $show_ws_dialog = FALSE;
+ var $accessTo = array();
+ var $trustModel = "";
+ var $show_ws_dialog = FALSE;
+ var $was_trust_account= FALSE;
var $objectclasses = array("top","sudoRole");
var $attributes = array("cn","description","sudoUser","sudoCommand","sudoHost","sudoRunAs","accessTo","trustModel");
var $is_account = TRUE;
-
+ var $is_default = FALSE;
var $dialog;
/*! \brief Returns to the base department for sudo roles.
}
}
+
+ if(preg_match("/^default$/i",$this->cn)){
+ $this->is_default = TRUE;
+ }
+
+ /* Get global filter config */
+ if (!session::is_set("sysfilter")){
+ $ui= get_userinfo();
+ $base= get_base_from_people($ui->dn);
+ $sysfilter= array( "depselect" => $base,
+ "regex" => "*");
+ session::set("sysfilter", $sysfilter);
+ }
}
/* Show ws dialog */
if ($this->show_ws_dialog){
- $this->display_trust_add_dialog();
+ return($this->display_trust_add_dialog());
}
if(isset($_POST['SaveMultiSelectWindow']) && $this->dialog instanceof target_list_users){
if($this->acl_is_writeable("sudoUser")){
foreach($this->dialog->save() as $entry){
- $cn = trim($entry['uid'][0]);
- if(!in_array($cn,$this->sudoUser) && !in_array("!".$cn,$this->sudoUser)){
- $this->sudoUser[] = $cn;
+ if(in_array("posixGroup",$entry['objectClass'])){
+ $name = trim("%".$entry['cn'][0]);
+ }else{
+ $name = trim($entry['uid'][0]);
+ }
+ if(!in_array($name,$this->sudoUser) && !in_array("!".$name,$this->sudoUser)){
+ $this->sudoUser[] = $name;
}
}
}
*********************/
$smarty = get_smarty();
+ $smarty->assign("is_default",$this->is_default);
foreach($this->attributes as $attr){
$smarty->assign($attr,$this->$attr);
$smarty->assign($attr."ACL",$this->getacl($attr));
$neg_img= "<img src='images/negate.png' alt='!' class='center'>";
$option = "<input type='image' src='images/negate.png' name='neg_%ATTR%_%KEY%' class='center'>";
$option.= "<input type='image' src='images/edittrash.png' name='del_%ATTR%_%KEY%' class='center'>";
- foreach(array("sudoUser","sudoCommand","sudoHost","sudoRunAs") as $attr){
+ foreach(array("sudoCommand","sudoHost","sudoRunAs") as $attr){
+ if($this->acl_is_readable($attr)){
+ foreach($this->$attr as $key => $entry){
+ $neg = "";
+ if(preg_match("/^!/",$entry)){
+ $neg = $neg_img;
+ }
+ $entry = preg_replace("/^!/","",$entry);
+ $list_name = "divlist_".$attr;
+ $$list_name->AddEntry(
+ array(
+ array("string" => $neg,"attach" => "style='width:18px;'"),
+ array("string" => $entry),
+ array("string" => preg_replace(array("/%KEY%/","/%ATTR%/"),array($key,$attr),$option),
+ "attach" => "style='width:40px; border-right: 0px;'")));
+ }
+ }
+ }
+
+ foreach(array("sudoUser") as $attr){
+ $img1 = "<img src='images/select_user.png' alt='"._("User")."' class='center'>";
+ $img2 = "<img src='images/select_groups.png' alt='"._("Group")."' class='center'>";
if($this->acl_is_readable($attr)){
foreach($this->$attr as $key => $entry){
- $entry = preg_replace("/^!/",$neg_img,$entry);
+ $neg = "";
+ if(preg_match("/^!/",$entry)){
+ $neg = $neg_img;
+ }
+ $entry = preg_replace("/^!/","",$entry);
+
+ $img = $img1;
+ if(preg_match("/^%/",$entry)){
+ $img = $img2;
+ }
+ $entry = preg_replace("/^%/","",$entry);
+
$list_name = "divlist_".$attr;
$$list_name->AddEntry(
array(
+ array("string" => $neg,"attach" => "style='width:18px;'"),
+ array("string" => $img,"attach" => "style='width:18px;'"),
array("string" => $entry),
array("string" => preg_replace(array("/%KEY%/","/%ATTR%/"),array($key,$attr),$option),
"attach" => "style='width:40px; border-right: 0px;'")));
}
}
+
+
+
/* Tell smarty about our divlists
*/
$smarty->assign("divlist_sudoUser", $divlist_sudoUser->DrawList());
function save_object()
{
plugin::save_object();
+
+ if($this->is_default){
+ $this->cn = "default";
+ }
if(is_object($this->dialog)){
$this->dialog->save_object();
$this->attrs['sudoRunAs'] = array_values($this->attrs['sudoRunAs']);
$this->attrs['sudoUser'] = array_values($this->attrs['sudoUser']);
$this->attrs['sudoCommand'] = array_values($this->attrs['sudoCommand']);
- print_a($this->attrs);
- $this->cleanup();
- print_a($this->attrs);
+ $this->cleanup();
$ldap = $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
function check()
{
$message = plugin::check();
+
+ /* Is a name given? */
+ if(empty($this->cn)){
+ $message[] = msgPool::required(_("Name"));
+ }
+
+ /* Check if name is reserved */
+ if(!$this->is_default && preg_match("/^default$/i",$this->cn)){
+ $message[] = msgPool::reserved(_("Name"));
+ }
+
+ /* Check name */
+ if(!preg_match("/^[a-z]*$/i",$this->cn)){
+ $message[] = msgPool::invalid(_("Name"),$this->cn,"/[a-z]/i");
+ }
+
+ /* Check if this entry will cause duplicated ldap entries */
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->get_sudoers_ou($this->config));
+ $ldap->search("(&(objectClass=sudoRole)(cn=".$this->cn."))");
+ while($attrs = $ldap->fetch()){
+ if($attrs['dn'] != $this->dn){
+ $message[] = msgPool::duplicated(_("Name"));
+ }
+ }
+
return ($message);
}
$regex= $sysfilter['regex'];
$filter= "(&(|(objectClass=goServer)(objectClass=gotoWorkstation)(objectClass=gotoTerminal))$exclude(cn=*)(cn=$regex))";
- $deps_a = array(get_ou("serverou"),
- get_ou("terminalou"),
- get_ou("workstationou"));
+ $res = array();
+ $res= array_merge($res,get_sub_list($filter, array("terminal"), get_ou("terminalou"),
+ get_ou("systemsou").$sysfilter['depselect'], array("cn"), GL_SUBSEARCH | GL_SIZELIMIT));
+ $res= array_merge($res,get_sub_list($filter, array("server"), get_ou("serverou"),
+ get_ou("systemsou").$sysfilter['depselect'], array("cn"), GL_SUBSEARCH | GL_SIZELIMIT));
+ $res= array_merge($res,get_sub_list($filter, array("workstation"), get_ou("workstationou"),
+ get_ou("systemsou").$sysfilter['depselect'], array("cn"), GL_SUBSEARCH | GL_SIZELIMIT));
- $res= get_sub_list($filter, array("terminal","server","workstation"), $deps_a,
- get_ou("systemsou").$sysfilter['depselect'], array("cn"), GL_SUBSEARCH | GL_SIZELIMIT);
$wslist= array();
foreach ($res as $attrs){
$wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
}
+ public function set_default($state)
+ {
+ $this->is_default = TRUE;
+ $this->cn = "default";
+ }
+
+
/*! \brief Add ACL object
@return Returns the ACL object.
*/
"sudoUser" => _("Users"),
"sudoHost" => _("Host"),
"sudoCommand" => _("Command"),
- "sudoRunAs" => _("Run as user"))
+ "sudoRunAs" => _("Run as user"),
+ "trustModel" => _("Access control list"))
));
}
}