![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index 72793b3c75ef87e45c321b900f6129c13d6e94d5..e613f4db9753c1a1498842c3e22943ac32f766fe 100644 (file)
--- a/include/class_plugin.inc
+++ b/include/class_plugin.inc
*/
function execute()
{
- gosa_log("ACL ".get_class($this)." - ".$this->acl_category." - ".$this->acl_base);
-
/* This one is empty currently. Fabian - please fill in the docu code */
$_SESSION['current_class_for_help'] = get_class($this);
+
/* Reset Lock message POST/GET check array, to prevent perg_match errors*/
- $_SESSION['LOCK_VARS_TO_USE'] =array();
+ $_SESSION['LOCK_VARS_TO_USE'] = $_SESSION['LOCK_VARS_USED'] =array();
}
/*! \brief execute plugin
}
- function PrepareForCopyPaste($source){
+ function PrepareForCopyPaste($source)
+ {
$todo = $this->attributes;
if(isset($this->CopyPasteVars)){
$todo = array_merge($todo,$this->CopyPasteVars);
}
- $todo[] = "is_account";
+
+ if(count($this->objectclasses)){
+ $this->is_account = TRUE;
+ foreach($this->objectclasses as $class){
+ if(!in_array($class,$source['objectClass'])){
+ $this->is_account = FALSE;
+ }
+ }
+ }
+
foreach($todo as $var){
- if (isset($source->$var)){
- $this->$var= $source->$var;
+ if (isset($source[$var])){
+ if(isset($source[$var]['count'])){
+ if($source[$var]['count'] > 1){
+ $this->$var = array();
+ $tmp = array();
+ for($i = 0 ; $i < $source[$var]['count']; $i++){
+ $tmp = $source[$var][$i];
+ }
+ $this->$var = $tmp;
+# echo $var."=".$tmp."<br>";
+ }else{
+ $this->$var = $source[$var][0];
+# echo $var."=".$source[$var][0]."<br>";
+ }
+ }else{
+ $this->$var= $source[$var];
+# echo $var."=".$source[$var]."<br>";
+ }
}
}
}
$server = $tmp['SNAPSHOT_SERVER'];
$user = $tmp['SNAPSHOT_USER'];
$password = $tmp['SNAPSHOT_PASSWORD'];
- $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
+ $snapldapbase = $tmp['SNAPSHOT_BASE'];
$ldap_to = new LDAP($user,$password, $server);
$ldap_to -> cd($snapldapbase);
$ui = get_userinfo();
$old_dn = $this->dn;
$this->dn = $dn;
-
- if($this->acl_is_removeable() && $this->acl_is_createable()){
- $ldap = $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->rmdir_recursive($dn);
- }else{
- print_red (_("You are not allowed to delete this snapshot!"));
- }
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->rmdir_recursive($dn);
$this->dn = $old_dn;
}
/* check if all required vars are available to create a new ldap connection */
$missing = "";
- foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){
+ foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_BASE") as $var){
if(!isset($tmp[$var])){
$missing .= $var." ";
print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing));
$server = $tmp['SNAPSHOT_SERVER'];
$user = $tmp['SNAPSHOT_USER'];
$password = $tmp['SNAPSHOT_PASSWORD'];
- $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
+ $snapldapbase = $tmp['SNAPSHOT_BASE'];
$ldap_to = new LDAP($user,$password, $server);
$ldap_to -> cd ($snapldapbase);
show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn));
$server = $tmp['SNAPSHOT_SERVER'];
$user = $tmp['SNAPSHOT_USER'];
$password = $tmp['SNAPSHOT_PASSWORD'];
- $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
+ $snapldapbase = $tmp['SNAPSHOT_BASE'];
$ldap_to = new LDAP($user,$password, $server);
$ldap_to->cd ($snapldapbase);
show_ldap_error($ldap->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn));
$server = $tmp['SNAPSHOT_SERVER'];
$user = $tmp['SNAPSHOT_USER'];
$password = $tmp['SNAPSHOT_PASSWORD'];
- $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE'];
+ $snapldapbase = $tmp['SNAPSHOT_BASE'];
$ldap_to = new LDAP($user,$password, $server);
$ldap_to->cd ($snapldapbase);
show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase));
$new = false;
}
- /* Add current base */
- if(isset($this->base) && isset($this->config->idepartments[$this->base])){
- $deps[$this->base] = $this->config->idepartments[$this->base];
- }else{
- echo "No default base found. ".$this->base."<br> ";
- }
-
$cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
foreach($this->config->idepartments as $dn => $name){
$deps[$dn] = $name;
}
}
+
+ /* Add current base */
+ if(isset($this->base) && isset($this->config->idepartments[$this->base])){
+ $deps[$this->base] = $this->config->idepartments[$this->base];
+ }else{
+ echo "No default base found. ".$this->base."<br> ";
+ }
+
return($deps);
}
+ /* This function modifies object acls too, if an object is moved.
+ * $old_dn specifies the actually used dn
+ * $new_dn specifies the destiantion dn
+ */
+ function update_acls($old_dn,$new_dn,$output_changes = FALSE)
+ {
+ global $config;
+
+ /* Check if old_dn is empty. This should never happen */
+ if(empty($old_dn) || empty($new_dn)){
+ trigger_error("Failed to check acl dependencies, wrong dn given.");
+ return;
+ }
+
+ /* Update userinfo if necessary */
+ if($_SESSION['ui']->dn == $old_dn){
+ $_SESSION['ui']->dn = $new_dn;
+ new log("view","acl/".get_class($this),$this->dn,array(),"Updated current user dn from '".$old_dn."' to '".$new_dn."'");
+ }
+
+ /* Object was moved, ensure that all acls will be moved too */
+ if($new_dn != $old_dn && $old_dn != "new"){
+
+ /* get_ldap configuration */
+ $update = array();
+ $ldap = $config->get_ldap_link();
+ $ldap->cd ($config->current['BASE']);
+ $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry"));
+ while($attrs = $ldap->fetch()){
+
+ $acls = array();
+
+ /* Walk through acls */
+ for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){
+
+ /* Reset vars */
+ $found = false;
+
+ /* Get Acl parts */
+ $acl_parts = split(":",$attrs['gosaAclEntry'][$i]);
+
+ /* Get every single member for this acl */
+ $members = array();
+ if(preg_match("/,/",$acl_parts[2])){
+ $members = split(",",$acl_parts[2]);
+ }else{
+ $members = array($acl_parts[2]);
+ }
+
+ /* Check if member match current dn */
+ foreach($members as $key => $member){
+ $member = base64_decode($member);
+ if($member == $old_dn){
+ $found = true;
+ $members[$key] = base64_encode($new_dn);
+ }
+ }
+
+ /* Create new member string */
+ $new_members = "";
+ foreach($members as $member){
+ $new_members .= $member.",";
+ }
+ $new_members = preg_replace("/,$/","",$new_members);
+ $acl_parts[2] = $new_members;
+
+ /* Reconstruckt acl entry */
+ $acl_str ="";
+ foreach($acl_parts as $t){
+ $acl_str .= $t.":";
+ }
+ $acl_str = preg_replace("/:$/","",$acl_str);
+ }
+
+ /* Acls for this object must be adjusted */
+ if($found){
+
+ if($output_changes){
+ echo "<font color='green'>".
+ _("Changing ACL dn")." : <br> -"._("from")." <b> ".
+ $old_dn.
+ "</b><br> -"._("to")." <b>".
+ $new_dn.
+ "</b></font><br>";
+ }
+ $update[$attrs['dn']] =array();
+ foreach($acls as $acl){
+ $update[$attrs['dn']]['gosaAclEntry'][] = $acl;
+ }
+ }
+ }
+
+ /* Write updated acls */
+ foreach($update as $dn => $attrs){
+ $ldap->cd($dn);
+ $ldap->modify($attrs);
+ }
+ }
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>