Updated sudo checks

[gosa.git] / gosa-plugins / sudo / admin / sudo / class_sudoGeneric.inc

diff --git a/gosa-plugins/sudo/admin/sudo/class_sudoGeneric.inc b/gosa-plugins/sudo/admin/sudo/class_sudoGeneric.inc
index 1b044fa1840bf129425750237aa7de9e84cf6ae1..1f5f1413e8022fd45003023d97708766cd716ff3 100644 (file)
--- a/gosa-plugins/sudo/admin/sudo/class_sudoGeneric.inc
+++ b/gosa-plugins/sudo/admin/sudo/class_sudoGeneric.inc
@@ -26,26 +26,27 @@
  */
 class sudo extends plugin
 {
-  /* Group attributes */
-  var $cn= "";
-  var $description= "";
 
-  var $sudoUser   = array("ALL");
-  var $sudoCommand= array();
-  var $sudoHost   = array("ALL");
-  var $sudoRunAs  = array("ALL");
+  protected $cn= "";
+  protected $description= "";
 
-  var $accessTo         = array();
-  var $trustModel       = "";
-  var $show_ws_dialog   = FALSE;
-  var $was_trust_account= FALSE;
+  protected $sudoUser   = array("ALL");
+  protected $sudoCommand= array();
+  protected $sudoHost   = array("ALL");
+  protected $sudoRunAs  = array("ALL");
+  protected $accessTo         = array();
+  protected $trustModel       = "";
 
-  var $objectclasses = array("top","sudoRole");
-  var $attributes    = array("cn","description","sudoUser","sudoCommand","sudoHost","sudoRunAs","accessTo","trustModel");
+  private $is_default = FALSE;
+  private $show_ws_dialog   = FALSE;
+  private $was_trust_account= FALSE;
 
-  var $is_account = TRUE;
-  var $is_default = FALSE;
-  var $dialog;
+  public $objectclasses = array("top","sudoRole");
+  public $attributes    = array("cn","description","sudoUser","sudoCommand","sudoHost","sudoRunAs","accessTo","trustModel");
+
+  public $ignore_account = TRUE;
+
+  public $orig_dn;
 
   /*! \brief  Returns to the base department for sudo roles.
               This department is then used to store new roles.
@@ -97,7 +98,7 @@ class sudo extends plugin
       }
 
       /* Is this account a trustAccount? */
-      if ($this->is_account && isset($this->attrs['trustModel'])){
+      if (isset($this->attrs['trustModel'])){
         $this->trustModel= $this->attrs['trustModel'][0];
         $this->was_trust_account= TRUE;
       } else {
@@ -106,7 +107,7 @@ class sudo extends plugin
       }
 
       $this->accessTo = array();
-      if ($this->is_account && isset($this->attrs['accessTo'])){
+      if (isset($this->attrs['accessTo'])){
         for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
           $tmp= $this->attrs['accessTo'][$i];
           $this->accessTo[$tmp]= $tmp;
@@ -127,6 +128,8 @@ class sudo extends plugin
           "regex"           => "*");
       session::set("sysfilter", $sysfilter);
     }
+
+    $this->orig_dn = $this->dn;
   }
 
 
@@ -373,9 +376,9 @@ class sudo extends plugin
 
     /* Fill divlists
      */
-    $neg_img= "<img src='images/negate.png' alt='!' class='center'>"; 
-    $option = "<input type='image' src='images/negate.png'     name='neg_%ATTR%_%KEY%' class='center'>"; 
-    $option.= "<input type='image' src='images/edittrash.png'  name='del_%ATTR%_%KEY%' class='center'>"; 
+    $neg_img= "<img src='plugins/sudo/images/negate.png' alt='!' class='center'>"; 
+    $option = "<input type='image' src='plugins/sudo/images/negate.png'     name='neg_%ATTR%_%KEY%' class='center'>"; 
+    $option.= "<input type='image' src='images/lists/trash.png'  name='del_%ATTR%_%KEY%' class='center'>"; 
     foreach(array("sudoCommand","sudoHost","sudoRunAs") as $attr){
       if($this->acl_is_readable($attr)){
         foreach($this->$attr as $key => $entry){
@@ -396,8 +399,8 @@ class sudo extends plugin
     }
 
     foreach(array("sudoUser") as $attr){
-      $img1 = "<img src='images/select_user.png'   alt='"._("User")."' class='center'>";
-      $img2 = "<img src='images/select_groups.png' alt='"._("Group")."' class='center'>";
+      $img1 = "<img src='plugins/users/images/select_user.png'   alt='"._("User")."' class='center'>";
+      $img2 = "<img src='plugins/groups/images/groups.png' alt='"._("Group")."' class='center'>";
       if($this->acl_is_readable($attr)){
         foreach($this->$attr as $key => $entry){
           $neg = "";
@@ -528,6 +531,7 @@ class sudo extends plugin
 
     $ldap = $this->config->get_ldap_link();
     $ldap->cd($this->config->current['BASE']);
+
     if($this->is_new){
       $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
       $ldap->cd($this->dn);
@@ -557,7 +561,7 @@ class sudo extends plugin
     $message = plugin::check();
 
     /* Is a name given? */
-    if(empty($this->cn)){
+    if($this->cn == ""){
       $message[] = msgPool::required(_("Name"));
     }
 
@@ -581,6 +585,12 @@ class sudo extends plugin
       }
     }
 
+    /* Check if we are allowed to create or move this object
+     */
+    if($this->orig_dn == "new" && !$this->acl_is_createable($this->get_sudoers_ou($this->config))){
+      $message[] = msgPool::permCreate();
+    }
+
     return ($message);
   }
 
@@ -636,9 +646,9 @@ class sudo extends plugin
     foreach( array("depselect","regex") as $type){
       $smarty->assign("$type", $sysfilter[$type]);
     }
-    $smarty->assign("search_image", get_template_path('images/search.png'));
-    $smarty->assign("launchimage",  get_template_path('images/small_filter.png'));
-    $smarty->assign("tree_image",   get_template_path('images/tree.png'));
+    $smarty->assign("search_image", get_template_path('images/lists/search.png'));
+    $smarty->assign("launchimage",  get_template_path('images/lists/action.png'));
+    $smarty->assign("tree_image",   get_template_path('images/lists/search-subtree.png'));
     $smarty->assign("deplist",      $this->config->idepartments);
     $smarty->assign("alphabet",     generate_alphabet());
     $smarty->assign("hint",         print_sizelimit_warning());
@@ -739,6 +749,12 @@ class sudo extends plugin
   }
 
 
+  public function get_cn()
+  {
+    return($this->cn);
+  }
+
+
   /*! \brief  Used for copy & paste.
               Some entries must be renamed to avaoid duplicate entries.
    */