![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index 4e83bf9dde8bce43fcbd2f918e64affe4c8ea9fc..24863ac16eb744738e38fdaea9bd1db22f7c90e1 100644 (file)
--- a/include/class_plugin.inc
+++ b/include/class_plugin.inc
/* attribute list for save action */
var $attributes= array();
var $objectclasses= array();
- var $new= TRUE;
+ var $is_new= TRUE;
var $saved_attributes= array();
+ var $acl_base= "";
+ var $acl_category= "";
+
+ /* Plugin identifier */
+ var $plHeadline= "";
+ var $plDescription= "";
+
/*! \brief plugin constructor
If 'dn' is set, the node loads the given 'dn' from LDAP
return;
}
+ /* Save current dn as acl_base */
+ $this->acl_base= $dn;
+
/* Get LDAP descriptor */
$ldap= $this->config->get_ldap_link();
if ($dn != NULL){
*/
function execute()
{
- # This one is empty currently. Fabian - please fill in the docu code
+ /* This one is empty currently. Fabian - please fill in the docu code */
$_SESSION['current_class_for_help'] = get_class($this);
/* Reset Lock message POST/GET check array, to prevent perg_match errors*/
$_SESSION['LOCK_VARS_TO_USE'] =array();
{
/* Save values to object */
foreach ($this->attributes as $val){
- if (chkacl ($this->acl, "$val") == "" && isset ($_POST["$val"])){
+ if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){
/* Check for modifications */
if (get_magic_quotes_gpc()) {
$data= stripcslashes($_POST["$val"]);
$data = "";
}
$this->$val= $data;
+ //echo "<font color='blue'>".$val."</font><br>";
+ }else{
+ //echo "<font color='red'>".$val."</font><br>";
}
}
}
if (isset($tmp['objectClass'])){
$oc= $tmp["objectClass"];
- $this->new= FALSE;
+ $this->is_new= FALSE;
} else {
$oc= array("count" => 0);
- $this->new= TRUE;
+ $this->is_new= TRUE;
}
/* Load (minimum) attributes, add missing ones */
foreach ($this->attributes as $val){
if ($this->$val != ""){
$this->attrs["$val"]= $this->$val;
- } elseif (!$this->new) {
+ } elseif (!$this->is_new) {
$this->attrs["$val"]= array();
}
}
return FALSE;
}
+
+ /* Show header message for tab dialogs */
+ function show_enable_header($button_text, $text, $disabled= FALSE)
+ {
+ if (($disabled == TRUE) || (!$this->acl_is_createable())){
+ $state= "disabled";
+ } else {
+ $state= "";
+ }
+ $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
+ $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
+ "><p class=\"seperator\"> </p></td></tr></table>";
+
+ return($display);
+ }
+
+
+ /* Show header message for tab dialogs */
+ function show_disable_header($button_text, $text, $disabled= FALSE)
+ {
+ if (($disabled == TRUE) || !$this->acl_is_removeable()){
+ $state= "disabled";
+ } else {
+ $state= "";
+ }
+ $display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
+ $display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".$state.
+ "><p class=\"seperator\"> </p></td></tr></table>";
+
+ return($display);
+ }
+
+
/* Show header message for tab dialogs */
function show_header($button_text, $text, $disabled= FALSE)
{
+ echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header<br>";
if ($disabled == TRUE){
$state= "disabled";
} else {
}
$display= "<table summary=\"\" width=\"100%\"><tr>\n<td colspan=2><p><b>$text</b></p>\n";
$display.= "<input type=submit value=\"$button_text\" name=\"modify_state\" ".
- chkacl($this->acl, "all")." ".$state.
+ ($this->acl_is_createable()?'':'disabled')." ".$state.
"><p class=\"seperator\"> </p></td></tr></table>";
return($display);
}
+
function postcreate($add_attrs= array())
{
/* Find postcreate entries for this class */
{
/* Rename dn in possible object groups */
$ldap= $this->config->get_ldap_link();
- $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.$src_dn.'))',
+ $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($src_dn).'))',
array('cn'));
while ($attrs= $ldap->fetch()){
$og= new ogroup($this->config, $ldap->getDN());
$ldap->cat($dst_dn);
$attrs= $ldap->fetch();
if (count($attrs)){
- trigger_error("Trying to overwrite $dst_dn, which already exists.",
+ trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.",
E_USER_WARNING);
return (FALSE);
}
$ldap->cat($src_dn);
$attrs= $ldap->fetch();
if (!count($attrs)){
- trigger_error("Trying to move $src_dn, which does not seem to exist.",
+ trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.",
E_USER_WARNING);
return (FALSE);
}
$r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']);
error_reporting (0);
- $sr=ldap_read($ds, $ldap->fix($src_dn), "objectClass=*");
+ $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*");
/* Fill data from LDAP */
$new= array();
/* Adapt naming attribute */
$dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn);
$dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn);
- $new[$dst_name]= $dst_val;
+ $new[$dst_name]= @LDAP::fix($dst_val);
/* Check if this is a department.
* If it is a dep. && there is a , override in his ou
* change \2C to , again, else this entry can't be saved ...
*/
- if((isset($new['ou'])) &&( preg_match("/\\\\2C/",$new['ou']))){
- $new['ou'] = preg_replace("/\\\\2C/",",",$new['ou']);
+ if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){
+ $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']);
}
/* Save copy */
//FIXME: How to optimize this? We have at least two
// LDAP accesses per object. It would be a good
// idea to have it integrated.
-
+
/* No dn? Self-operation... */
if ($dn == ""){
$dn= $this->dn;
-
+
/* No tag? Find it yourself... */
if ($tag == ""){
$len= strlen($dn);
}
}
}
-
+
/* Set tag? */
if ($tag != ""){
echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."<br>";
flush();
}
- $nattrs= array("gosaUnitTag" => $this->gosaUnitTag);
+ $nattrs= array("gosaUnitTag" => $tag);
$nattrs['objectClass']= array();
for ($i= 0; $i<$attrs['objectClass']['count']; $i++){
$oc= $attrs['objectClass'][$i];
$nattrs['objectClass'][]= "gosaAdministrativeUnitTag";
$ldap->cd($dn);
$ldap->modify($nattrs);
- show_ldap_error($ldap->get_error(), _("Handle object tagging failed"));
+ show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
} else {
@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging");
}
-
+
} else {
/* Remove objectclass and attribute */
$ldap= $this->config->get_ldap_link();
}
$ldap->cd($dn);
$ldap->modify($nattrs);
- show_ldap_error($ldap->get_error(), _("Handle object tagging failed"));
+ show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn));
} else {
@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging");
}
}
-
+
}
/* Check if snapshot functionality is enabled */
if(!$this->snapshotEnabled()){
- return;
- }
-
- /* Get configuration from gosa.conf */
- $tmp = $this->config->data['MAIN'];
-
- /* Check if the snapshot_base is defined */
- if(!isset($tmp['SNAPSHOT_BASE'])){
- print_red(_("Can't create a new snapshot, the required variable SNAPSHOT_BASE in not configured in your gosa.conf."));
return;
}
- /* Check if the undo level is specified */
- if(isset($tmp['SNAPSHOT_UNDO_LEVEL'])){
- $UndoLvl = $tmp['SNAPSHOT_UNDO_LEVEL'];
- }else{
- $UndoLvl = 5;
- }
+ /* Get configuration from gosa.conf */
+ $tmp = $this->config->current;
/* Create lokal ldap connection */
$ldap= $this->config->get_ldap_link();
if(!isset($tmp['SNAPSHOT_SERVER'])){
/* Source and destination server are both the same, just copy source to dest obj */
- $ldap_to = $ldap;
+ $ldap_to = $ldap;
+ $snapldapbase = $this->config->current['BASE'];
}else{
+ $server = $tmp['SNAPSHOT_SERVER'];
+ $user = $tmp['SNAPSHOT_USER'];
+ $password = $tmp['SNAPSHOT_PASSWORD'];
+ $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
- /* check if all required vars are available to create a new ldap connection */
- $missing = "";
- foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){
- if(!isset($tmp[$var])){
- $missing .= $var." ";
- }
- }
-
- /* All vars are available, create a seperate ldap connection to store snapshots */
- if($missing == ""){
- $server = $tmp['SNAPSHOT_SERVER'];
- $user = $tmp['SNAPSHOT_USER'];
- $password = $tmp['SNAPSHOT_PASSWORD'];
- $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
-
- $ldap_to = new LDAP($user,$password, $server);
- $ldap_to -> cd($snapldapbase);
- show_ldap_error($ldap_to->get_error(), _("Snapshot failed."));
-
- }else{
- print_red(sprintf(_("Can't create a new snapshot the following variables are not configured in your gosa.conf '%s'."),$missing));
- return;
- }
+ $ldap_to = new LDAP($user,$password, $server);
+ $ldap_to -> cd($snapldapbase);
+ show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase));
}
-
/* check if the dn exists */
if ($ldap->dn_exists($this->dn)){
$new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base;
/* Create object */
- #$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
+#$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))"));
$data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))");
$newName = preg_replace("/\./", "", $sec."-".$usec);
$target= array();
$target['gosaSnapshotTimestamp'] = $newName;
/* Insert the new snapshot
- But we have to check first, if the given gosaSnapshotTimestamp
- is already used, in this case we should increment this value till there is
- an unused value. */
+ But we have to check first, if the given gosaSnapshotTimestamp
+ is already used, in this case we should increment this value till there is
+ an unused value. */
$new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base;
$ldap_to->cat($new_dn);
while($ldap_to->count()){
$target['gosaSnapshotTimestamp'] = $newName;
}
-
/* Inset this new snapshot */
+ $ldap_to->cd($snapldapbase);
$ldap_to->create_missing_trees($new_base);
$ldap_to->cd($new_dn);
$ldap_to->add($target);
- show_ldap_error($ldap_to->get_error(), _("Create snapshot failed."));
- show_ldap_error($ldap->get_error(), _("Create snapshot failed."));
-
- /* Check amount of used snapshots, and remove old ones if necessary */
- $test = $this->Available_SnapsShots($this->dn,true);
- if(count($test) > $UndoLvl){
- $toDel = array();
- foreach($test as $entry){
- $toDel[preg_replace("/-/","",$entry['gosaSnapshotTimestamp'][0])] = $entry['dn'];
- }
- krsort($toDel);
- $i = 0 ;
- foreach($toDel as $entryID => $entry){
- $i ++ ;
- if($i > $UndoLvl){
- $ldap_to->rmdir_recursive($entry);
- }
- }
- }
+
+ show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
+ show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base));
}
}
-
- /* returns true if snapshots are enabled */
+ function remove_snapshot($dn)
+ {
+echo "FIXME: remove_snapshot uses old acl's<br>";
+ $ui = get_userinfo();
+ $acl = get_permissions ($dn, $ui->subtreeACL);
+ $acl = get_module_permission($acl, "snapshot", $dn);
+
+ if (chkacl($this->acl, "delete") == ""){
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->rmdir_recursive($dn);
+ }else{
+ print_red (_("You are not allowed to delete this snapshot!"));
+ }
+ }
+
+
+ /* returns true if snapshots are enabled, and false if it is disalbed
+ There will also be some errors psoted, if the configuration failed */
function snapshotEnabled()
{
- $tmp = $this->config->data['MAIN'];
+ $tmp = $this->config->current;
if(isset($tmp['ENABLE_SNAPSHOT'])){
if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){
+
+ /* Check if the snapshot_base is defined */
+ if(!isset($tmp['SNAPSHOT_BASE'])){
+ print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),$missing));
+ return(FALSE);
+ }
+
+ /* check if there are special server configurations for snapshots */
+ if(isset($tmp['SNAPSHOT_SERVER'])){
+
+ /* check if all required vars are available to create a new ldap connection */
+ $missing = "";
+ foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){
+ if(!isset($tmp[$var])){
+ $missing .= $var." ";
+ print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing));
+ return(FALSE);
+ }
+ }
+ }
return(TRUE);
}
}
- return(false);
+ return(FALSE);
}
-
+
/* Return available snapshots for the given base
- */
+ */
function Available_SnapsShots($dn,$raw = false)
{
if(!$this->snapshotEnabled()) return(array());
/* Create an additional ldap object which
- points to our ldap snapshot server */
+ points to our ldap snapshot server */
$ldap= $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
- $tmp = $this->config->data['MAIN'];
-
- if(!isset($tmp['SNAPSHOT_BASE'])){
- print_red(_("Please specify the attribute SNAPSHOT_BASE in your gosa.conf."));
- return(array());
- }
+ $tmp = $this->config->current;
/* check if there are special server configurations for snapshots */
if(isset($tmp['SNAPSHOT_SERVER'])){
$snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
$ldap_to = new LDAP($user,$password, $server);
$ldap_to -> cd ($snapldapbase);
- show_ldap_error($ldap_to->get_error(), _("Snapshot failed."));
+ show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
}else{
$ldap_to = $ldap;
}
/* Fetch all objects with gosaSnapshotDN=$dn */
$ldap_to->cd($new_base);
$ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base,
- array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
-
+ array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description"));
+
/* Put results into a list and add description if missing */
while($entry = $ldap_to->fetch()){
if(!isset($entry['description'][0])){
function getAllDeletedSnapshots($base_of_object,$raw = false)
{
if(!$this->snapshotEnabled()) return(array());
-
+
/* Create an additional ldap object which
- points to our ldap snapshot server */
+ points to our ldap snapshot server */
$ldap= $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
- $tmp = $this->config->data['MAIN'];
+ $tmp = $this->config->current;
/* check if there are special server configurations for snapshots */
if(isset($tmp['SNAPSHOT_SERVER'])){
$snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
$ldap_to = new LDAP($user,$password, $server);
$ldap_to->cd ($snapldapbase);
- show_ldap_error($ldap_to->get_error(), _("Snapshot failed."));
+ show_ldap_error($ldap->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
}else{
$ldap_to = $ldap;
}
}
}
-
-
/* Format result as requested */
if($raw) {
return($tmp);
$ldap= $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
- $tmp = $this->config->data['MAIN'];
+ $tmp = $this->config->current;
/* check if there are special server configurations for snapshots */
if(isset($tmp['SNAPSHOT_SERVER'])){
$snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
$ldap_to = new LDAP($user,$password, $server);
$ldap_to->cd ($snapldapbase);
- show_ldap_error($ldap_to->get_error(), _("Snapshot failed."));
+ show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
}else{
$ldap_to = $ldap;
}
-
+
/* Get the snapshot */
$ldap_to->cat($dn);
$restoreObject = $ldap_to->fetch();
-
+
/* Prepare import string */
$data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData'));
-// $data = "dn: ".$restoreObject['gosaSnapshotDN'][0]."\n".$data;
-
+
/* Import the given data */
- $ldap->import_complete_ldif($data,$err,true,true);
- show_ldap_error($ldap_to->get_error().$err, _("Restore snapshot failed."));
+ $ldap->import_complete_ldif($data,$err,false,false);
+ show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn));
}
foreach($_POST as $name => $value){
/* Create a new snapshot, display a dialog */
- if(preg_match("/^CreateSnapShot_/",$name) && $once){
+ if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){
$once = false;
- $entry = preg_replace("/^CreateSnapShot_/","",$name);
+ $entry = preg_replace("/^CreateSnapShotDialog_/","",$name);
$entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
$this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
}
/* Restore a snapshot, display a dialog with all snapshots of the current object */
- if(preg_match("/^RestoreSnapShot_/",$name) && $once){
+ if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){
$once = false;
- $entry = preg_replace("/^RestoreSnapShot_/","",$name);
+ $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name);
$entry = base64_decode(preg_replace("/_[xy]$/","",$entry));
$this->snapDialog = new SnapShotDialog($this->config,$entry,$this);
- $this->snapDialog->Restore = true;
+ $this->snapDialog->display_restore_dialog = true;
}
/* Restore one of the already deleted objects */
if(preg_match("/^RestoreDeletedSnapShot_/",$name) && $once){
$once = false;
$this->snapDialog = new SnapShotDialog($this->config,$baseSuffixe,$this);
- $this->snapDialog->Restore = true;
- $this->snapDialog->DeletedOnes = true;
+ $this->snapDialog->display_restore_dialog = true;
+ $this->snapDialog->display_all_removed_objects = true;
+ }
+
+ /* Restore selected snapshot */
+ if(preg_match("/^RestoreSnapShot_/",$name) && $once){
+ $once = false;
+ $entry = preg_replace("/^RestoreSnapShot_/","",$name);
+ $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry)));
+ if(!empty($entry)){
+ $this->restore_snapshot($entry);
+ $this->snapDialog = NULL;
+ }
}
}
/* Restore is requested, restore the object with the posted dn .*/
if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){
- $entry =trim($_POST['SnapShot']);
- if(!empty($entry)){
- $entry = base64_decode($entry);
- $this->restore_snapshot($entry);
- $this->snapDialog = NULL;
- }
}
-
+
if(isset($_POST['CancelSnapshot'])){
$this->snapDialog = NULL;
}
-
+
if($this->snapDialog){
$this->snapDialog->save_object();
return($this->snapDialog->execute());
}
+ }
+
+
+ function plInfo()
+ {
+ return array();
+ }
+
+ function set_acl_base($base)
+ {
+ $this->acl_base= $base;
}
+
+
+ function set_acl_category($category)
+ {
+ $this->acl_category= "$category/";
+ }
+
+
+ function acl_is_writeable($attribute,$skip_write = FALSE)
+ {
+ $ui= get_userinfo();
+ return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
+ }
+
+
+ function acl_is_readable($attribute)
+ {
+ $ui= get_userinfo();
+ return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
+ }
+
+
+ function acl_is_createable()
+ {
+ $ui= get_userinfo();
+ return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
+ }
+
+
+ function acl_is_removeable()
+ {
+ $ui= get_userinfo();
+ return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
+ }
+
+
+ function acl_is_moveable()
+ {
+ $ui= get_userinfo();
+ return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
+ }
+
+
+ function acl_have_any_permissions()
+ {
+ }
+
+
+ function getacl($attribute,$skip_write= FALSE)
+ {
+ $ui= get_userinfo();
+ return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
+ }
+
+
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>