![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-plugins/sudo/admin/sudo/class_sudoManagement.inc b/gosa-plugins/sudo/admin/sudo/class_sudoManagement.inc
index 4a082c1d0a74dde93abb61b8d9b5050560fd1a8a..624a6029c4fcac68f4bd126f79dda6da6bbe3473 100644 (file)
class sudoManagement extends plugin
{
/* Definitions */
- public $plHeadline = "Sudo";
+ public $plHeadline = "Sudo roles";
public $plDescription = "Manage sudo roles";
private $DivListSudo = NULL;
private $sudotabs = NULL;
private $base = "";
-
-
+ private $start_pasting_copied_objects = FALSE;
+
+ public $acl_module = array("sudo");
+
+ /*! \brief */
public function __construct(&$config, &$ui)
{
/* Save configuration for internal use */
$this->ui = &$ui;
$this->base = sudo::get_sudoers_ou($this->config);
+ /* Copy & Paste enabled ?*/
+ if((isset($this->config->data['MAIN']['ENABLECOPYPASTE']))&&(preg_match("/true/i",$this->config->data['MAIN']['ENABLECOPYPASTE']))){
+ $this->CopyPasteHandler = new CopyPasteHandler($this->config);
+ }
+
/* Create dialog object */
$this->DivListSudo = new divListSudo($this->config,$this);
}
+ /*! \brief Generate && Display HTML content
+ */
public function execute()
{
/* Call parent execute */
/* Store these posts if the current object is locked (used by somebody else)*/
session::set('LOCK_VARS_TO_USE',array(
- "/^act$/","/^id$/","/^sudo_edit_/",
+ "/^act$/","/^id$/","/^sudo_edit_/","/^cut_/","/^copy_/",
"/^sudo_del_/","/^item_selected/","/menu_action/"));
if(preg_match("/^sudo_del_/",$name)){
$s_action = "del_role";
$s_entry = preg_replace("/^sudo_del_([0-9]*).*$/","\\1",$name);
+ }elseif(preg_match("/^editPaste.*/i",$name)){
+ $s_action="editPaste";
+ }elseif(preg_match("/^copy_.*/",$name)){
+ $s_action="copy";
+ $s_entry = preg_replace("/^copy_([0-9]*).*$/i","\\1",$name);
+# }elseif(preg_match("/^cut_.*/",$name)){
+# $s_action="cut";
+# $s_entry = preg_replace("/^cut_([0-9]*).*$/i","\\1",$name);
}
}
}
}
- if(isset($_POST['menu_action']) && in_array($_POST['menu_action'],array("new_role","del_role"))){
+ if(isset($_POST['menu_action']) && in_array($_POST['menu_action'],array("new_role","del_role","new_default","editPaste"))){
$s_action = $_POST['menu_action'];
}
+ /* handle C&P from layers menu */
+ if(isset($_POST['menu_action']) && preg_match("/^multiple_copy_systems/",$_POST['menu_action'])){
+ $s_action = "copy_multiple";
+ }
+
$smarty= get_smarty();
+ /********************
+ Copy & Paste Handling ...
+ ********************/
+
+ /* Display the copy & paste dialog, if it is currently open */
+ $ret = $this->copyPasteHandling_from_queue($s_action,$s_entry);
+ if($ret){
+ return($ret);
+ }
+
/********************
Create a new sudo ...
********************/
/* New sudo? */
- if ($s_action=="new_role"){
+ if ($s_action=="new_role" || $s_action == "new_default"){
/* Check create permissions */
$acl = $this->ui->get_permissions($this->base,"sudo/sudo");
/* Set up the sudo ACL's for this 'dn' */
$this->sudotabs->set_acl_base($this->base);
+
+ /* This entry will become the default entry */
+ if($s_action == "new_default"){
+ $this->sudotabs->set_default(TRUE);
+ }
}
}
/* Sudo has been saved successfully, remove lock from LDAP. */
if ($this->dn != "new"){
- del_lock ($this->dn);
+ $this->remove_lock();
}
-
unset ($this->sudotabs);
$this->sudotabs= NULL;
session::un_set('objectinfo');
}else{
- $this->dn = $this->sudotabs->dn;
- $this->sudotabs= new sudotabs($this->config, $this->config->data['TABS']['SUDOTABS'], $this->dn);
- session::set('objectinfo',$this->dn);
+
+ /* Reinitialize tab */
+ if($this->sudotabs instanceof tabs){
+ $this->sudotabs->re_init();
+ }
}
} else {
/* Ok. There seem to be errors regarding to the tab data,
********************/
if ($s_action=="del_role"){
-
$ids = $this->list_get_selected_items();
-
if(!count($ids) && $s_entry!=""){
$ids = array($s_entry);
}
+ $this->dns = array();
if(count($ids)){
- $this->dns = array();
+ $disallowed = array();
foreach($ids as $id){
$dn = $this->list[$id]['dn'];
- if (($user= get_lock($dn)) != ""){
- return(gen_locked_message ($user, $dn));
+ $acl = $this->ui->get_permissions($dn, "sudo/sudo");
+ if(preg_match("/d/",$acl)){
+ $this->dns[$id] = $dn;
+ }else{
+ $disallowed[] = $dn;
}
- $this->dns[$id] = $dn;
}
- $dns_names = array();
- foreach($this->dns as $dn){
- add_lock ($dn, $this->ui->dn);
- $dns_names[] =@LDAP::fix($dn);
+ if(count($disallowed)){
+ msg_dialog::display(_("Permission"),msgPool::permDelete($disallowed),INFO_DIALOG);
}
- /* Lock the current entry, so nobody will edit it during deletion */
- $smarty->assign("info", msgPool::deleteInfo($dns_names,_("sudo role")));
- return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ if(count($this->dns)){
+
+ /* Check locking of entries */
+ $users = get_multiple_locks($this->dns);
+ if(count($users)){
+ return(gen_locked_message($users,$this->dns));
+ }
+
+ /* Add locks */
+ add_lock($this->dns,$this->ui->dn);
+
+ /* Lock the current entry, so nobody will edit it during deletion */
+ $smarty->assign("info", msgPool::deleteInfo($this->dns,_("Sudo role")));
+ return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ }
}
}
msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
new log("security","sudo/".get_class($this),$dn,array(),"Tried to trick deletion.");
}
- /* Remove lock file after successfull deletion */
- del_lock ($dn);
- unset($this->dns[$key]);
}
+
+ /* Remove lock file after successfull deletion */
+ $this->remove_lock();
+ $this->dns = array();
}
/* Remove lock */
if(isset($_POST['delete_sudo_cancel'])){
- foreach($this->dns as $key => $dn){
- del_lock ($dn);
- unset($this->dns[$key]);
- }
+ $this->remove_lock();
+ $this->dns = array();
}
/********************
********************/
/* Cancel dialogs */
- if (isset($_POST['edit_cancel'])){
- if(isset($this->sudotabs->dn)){
- del_lock ($this->sudotabs->dn);
- }
- unset ($this->sudotabs);
+ if (isset($_POST['edit_cancel']) && is_object($this->sudotabs)){
+ $this->remove_lock();
$this->sudotabs= NULL;
session::un_set('objectinfo');
}
********************/
/* Show tab dialog if object is present */
- if (isset($this->sudotabs->config)){
+ if (is_object($this->sudotabs)){
$display= $this->sudotabs->execute();
/* Don't show buttons if tab dialog requests this */
return ($display);
}
+ /* Check if there is a snapshot dialog open */
+ if($str = $this->showSnapshotDialog(sudo::get_sudoers_ou($this->config),$this->get_used_snapshot_bases(),$this)){
+ return($str);
+ }
+
/* Display dialog with sudo list */
- $this->DivListSudo->parent = &$this;
$this->DivListSudo->execute();
$this->reload ();
$this->DivListSudo->setEntries($this->list);
return($this->DivListSudo->Draw());
}
-
+
+ /*! \brief Return all selected elements from HTML list
+ @return Array List of all selected list elements
+ */
private function list_get_selected_items()
{
$ids = array();
}
+ /*! \brief Reload the list of sudo roles.
+ */
private function reload($CreatePosixsList=false)
{
$this->list = array();
}
- /* Save data to object */
+ /*! \brief Save HTML post data to object
+ */
public function save_object()
{
$this->DivListSudo->save_object();
+ if(is_object($this->CopyPasteHandler)){
+ $this->CopyPasteHandler->save_object();
+ }
}
+
+ /*! \brief Remove this account
+ */
public function remove_from_parent()
{
/* Optionally execute a command after we're done */
}
- /* Save to LDAP */
+ /*! \brief Save to LDAP
+ */
public function save()
{
/* Optionally execute a command after we're done */
$this->postcreate();
}
+
+
+ /*! \brief Remove lock from entry
+ */
+ public function remove_lock()
+ {
+ if (is_object($this->sudotabs) && $this->sudotabs->dn != "new"){
+ del_lock ($this->sudotabs->dn);
+ }
+ if(isset($this->dns) && is_array($this->dns) && count($this->dns)){
+ del_lock($this->dns);
+ }
+ }
+
+ function get_used_snapshot_bases()
+ {
+ return(array(sudo::get_sudoers_ou($this->config)));
+ }
+
+
+ function copyPasteHandling_from_queue($s_action,$s_entry)
+ {
+ /* Check if Copy & Paste is disabled */
+ if(!is_object($this->CopyPasteHandler)){
+ return("");
+ }
+
+ $ui = get_userinfo();
+
+ /* Add a single entry to queue */
+ if($s_action == "cut" || $s_action == "copy"){
+
+ /* Cleanup object queue */
+ $this->CopyPasteHandler->cleanup_queue();
+ $dn = $this->list[$s_entry]['dn'];
+
+ if($s_action == "copy" && $ui->is_copyable($dn,"sudo","sudo")){
+ $this->CopyPasteHandler->add_to_queue($dn,$s_action,"sudotabs","SUDOTABS","sudo");
+ }
+# if($s_action == "cut" && $ui->is_cutable($dn,"sudo","sudo")){
+# $this->CopyPasteHandler->add_to_queue($dn,$s_action,"sudotabs","SUDOTABS","sudo");
+# }
+ }
+
+ /* Add entries to queue */
+ if($s_action == "copy_multiple" || $s_action == "cut_multiple"){
+
+ /* Cleanup object queue */
+ $this->CopyPasteHandler->cleanup_queue();
+
+ /* Add new entries to CP queue */
+ foreach($this->list_get_selected_items() as $id){
+ $dn = $this->list[$id]['dn'];
+
+ if($s_action == "copy_multiple" && $ui->is_copyable($dn,"sudo","sudo")){
+ $this->CopyPasteHandler->add_to_queue($dn,"copy","sudotabs","SUDOTABS","sudo");
+ }
+# if($s_action == "cut_multiple" && $ui->is_cutable($dn,"sudo","sudo")){
+# $this->CopyPasteHandler->add_to_queue($dn,"cut","sudotabs","SUDOTABS","sudo");
+# }
+ }
+ }
+
+ /* Start pasting entries */
+ if($s_action == "editPaste"){
+ $this->start_pasting_copied_objects = TRUE;
+ }
+
+ /* Return C&P dialog */
+ if($this->start_pasting_copied_objects && $this->CopyPasteHandler->entries_queued()){
+
+ /* Get dialog */
+ $this->CopyPasteHandler->SetVar("base",$this->DivListSudo->selectedBase);
+ $data = $this->CopyPasteHandler->execute();
+
+ /* Return dialog data */
+ if(!empty($data)){
+ return($data);
+ }
+ }
+
+ /* Automatically disable status for pasting */
+ if(!$this->CopyPasteHandler->entries_queued()){
+ $this->start_pasting_copied_objects = FALSE;
+ }
+ return("");
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>