![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/include/functions.inc b/include/functions.inc
index d6518ba9033fa315b2ae6769663ec4aa3d23fbc7..6eda98aa4bc95f3afb0029a6819c388369b4a30e 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
/* Include required files */
require_once ("class_ldap.inc");
require_once ("class_config.inc");
-require_once ("class_userinfo.inc");
require_once ("class_plugin.inc");
+require_once ("class_acl.inc");
require_once ("class_pluglist.inc");
+require_once ("class_userinfo.inc");
require_once ("class_tabs.inc");
require_once ("class_mail-methods.inc");
-require_once("class_password-methods.inc");
+require_once ("class_password-methods.inc");
require_once ("functions_debug.inc");
require_once ("functions_dns.inc");
require_once ("class_MultiSelectWindow.inc");
/* Sadly we've no proper return values here. Use the error message instead. */
if (!preg_match("/Success/i", $ldap->error)){
- echo sprintf(_("FATAL: Error when connecting the LDAP. Server said '%s'."), $ldap->get_error()));
+ echo sprintf(_("FATAL: Error when connecting the LDAP. Server said '%s'."), $ldap->get_error());
exit();
}
function ldap_expired_account($config, $userdn, $username)
{
- $this->config= $config;
- $ldap= $this->config->get_ldap_link();
+ $ldap= $config->get_ldap_link();
$ldap->cat($userdn);
$attrs= $ldap->fetch();
}
-function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
+function get_list($filter, $category, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
global $config, $ui;
@@ -596,12 +596,6 @@ function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags=
$ldap->cd ($base);
}
- /* Strict filter for administrative units? */
- if ($ui->gosaUnitTag != "" && isset($config->current['STRICT_UNITS']) &&
- preg_match('/TRUE/i', $config->current['STRICT_UNITS'])){
- $filter= "(&(gosaUnitTag=".$ui->gosaUnitTag.")$filter)";
- }
-
/* Perform ONE or SUB scope searches? */
if ($flags & GL_SUBSEARCH) {
$ldap->search ($filter, $attributes);
@@ -617,12 +611,26 @@ function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags=
/* Crawl through reslut entries and perform the migration to the
result array */
$result= array();
+
while($attrs = $ldap->fetch()) {
$dn= $ldap->getDN();
- foreach ($subtreeACL as $key => $value){
- if (preg_match("/$key/", $dn)){
+ /* Sort in every value that fits the permissions */
+ if (is_array($category)){
+ foreach ($category as $o){
+ if ($ui->get_category_permissions($dn, $o) != ""){
+ if ($flags & GL_CONVERT){
+ $attrs["dn"]= convert_department_dn($dn);
+ } else {
+ $attrs["dn"]= $dn;
+ }
+ /* We found what we were looking for, break speeds things up */
+ $result[]= $attrs;
+ }
+ }
+ } else {
+ if ($ui->get_category_permissions($dn, $category) != ""){
if ($flags & GL_CONVERT){
$attrs["dn"]= convert_department_dn($dn);
} else {
@@ -631,7 +639,6 @@ function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags=
/* We found what we were looking for, break speeds things up */
$result[]= $attrs;
- break;
}
}
}
}
}
+
function get_permissions ($dn, $subtreeACL)
{
global $config;
+echo "get_permissions() - to be removed<br>";
$base= $config->current['BASE'];
$tmp= "d,".$dn;
function get_module_permission($acl_array, $module, $dn)
{
global $ui;
+echo "get_module_permissions() - to be removed<br>";
$final= "";
foreach($acl_array as $acl){
{
global $config;
- $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/";
+ $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/i";
$base= preg_replace($pattern, '', $dn);
/* Set to base, if we're not on a correct subtree */
function chkacl($acl, $name)
{
+ echo "chkacl - to be removed<br>";
/* Look for attribute in ACL */
if (preg_match("/#$name#/", $acl) || $acl == "#all#"){
return ("");
/* STRICT adds spaces and case insenstivity to the uid check.
This is dangerous and should not be used. */
- if (isset($config->current['STRICT']) && preg_match('/^no$/i', $config->current['STRICT'])){
+ if (isset($config->current['STRICT']) && preg_match('/^(no|false)$/i', $config->current['STRICT'])){
return preg_match ("/^[a-z0-9 _.-]+$/i", $uid);
} else {
return preg_match ("/^[a-z0-9_-]+$/", $uid);
return preg_match("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $ip);
}
+/* Checks if the given ip address dosen't match
+ "is_ip" because there is also a sub net mask given */
+function is_ip_with_subnetmask($ip)
+{
+ /* Generate list of valid submasks */
+ $res = array();
+ for($e = 0 ; $e <= 32; $e++){
+ $res[$e] = $e;
+ }
+ $i[0] =255;
+ $i[1] =255;
+ $i[2] =255;
+ $i[3] =255;
+ for($a= 3 ; $a >= 0 ; $a --){
+ $c = 1;
+ while($i[$a] > 0 ){
+ $str = $i[0].".".$i[1].".".$i[2].".".$i[3];
+ $res[$str] = $str;
+ $i[$a] -=$c;
+ $c = 2*$c;
+ }
+ }
+ $res["0.0.0.0"] = "0.0.0.0";
+ if(preg_match("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/", $ip)){
+ $mask = preg_replace("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/","",$ip);
+
+ $mask = preg_replace("/^\//","",$mask);
+ if((in_array("$mask",$res)) && preg_match("/^[0-9\.]/",$mask)){
+ return(TRUE);
+ }
+ }
+ return(FALSE);
+}
+
+/* Simple is domain check, it checks if the given string looks like "string(...).string" */
+function is_domain($str)
+{
+ return(preg_match("/^([a-z0-9i\-]*)\.[a-z0-9]*$/i",$str));
+}
+
+
function is_id($id)
{
$remove= false;
+ /* Save variables from LOCK_VARS_TO_USE in session - for further editing */
if((isset($_SESSION['LOCK_VARS_TO_USE']))&&(count($_SESSION['LOCK_VARS_TO_USE']))){
$_SESSION['LOCK_VARS_USED'] =array();
foreach($_SESSION['LOCK_VARS_TO_USE'] as $name){
$ar = false;
exec("lpstat -p", $ar);
foreach($ar as $val){
- list($dummy, $printer, $rest)= split(' ', $val, 3);
+ @list($dummy, $printer, $rest)= split(' ', $val, 3);
if (preg_match('/^[^@]+$/', $printer)){
$res[$printer]= "$printer";
}
/* Merge in printers from LDAP */
$ldap= $config->get_ldap_link();
$ldap->cd ($config->current['BASE']);
- $ldap->search('(objectClass=gotoPrinter)', array('cn'));
- while ($attrs= $ldap->fetch()){
- $res[$attrs["cn"][0]]= $attrs["cn"][0];
+ $ui= get_userinfo();
+ if (preg_match('/TRUE/i', $config->current['STRICT_UNITS']) && $ui->gosaUnitTag != ""){
+ $ldap->search('((objectClass=gotoPrinter)(gosaUnitTag='.$ui->gosaUnitTag.'))', array('cn'));
+ } else {
+ $ldap->search('(objectClass=gotoPrinter)', array('cn'));
}
return $res;
global $config;
if (get_people_ou() != ""){
- $dn= preg_replace('/,'.get_people_ou().'/' , ',', $dn);
+ $dn= preg_replace('/,'.get_people_ou().'/i' , ',', $dn);
}
if (get_groups_ou() != ""){
- $dn= preg_replace('/,'.get_groups_ou().'/' , ',', $dn);
+ $dn= preg_replace('/,'.get_groups_ou().'/i' , ',', $dn);
}
$base= preg_replace ('/^[^,]+,/i', '', $dn);
}
+function get_base_dir()
+{
+ global $BASE_DIR;
+
+ return $BASE_DIR;
+}
+
+
+function obj_is_readable($dn, $object, $attribute)
+{
+ global $ui;
+
+ return preg_match('/r/', $ui->get_permissions($dn, $object, $attribute));
+}
+
+
+function obj_is_writable($dn, $object, $attribute)
+{
+ global $ui;
+
+ return preg_match('/w/', $ui->get_permissions($dn, $object, $attribute));
+}
+
+
+function gosa_ldap_explode_dn($dn,$config = NULL,$verify_in_ldap=false)
+{
+ /* Initialize variables */
+ $ret = array("count" => 0); // Set count to 0
+ $next = true; // if false, then skip next loops and return
+ $cnt = 0; // Current number of loops
+ $max = 100; // Just for security, prevent looops
+ $ldap = NULL; // To check if created result a valid
+ $keep = ""; // save last failed parse string
+
+ /* Check each parsed dn in ldap ? */
+ if($config!=NULL && $verify_in_ldap){
+ $ldap = $config->get_ldap_link();
+ }
+
+ $Diff = ldap_explode_dn($dn,0);
+
+ /* Lets start */
+ $called = false;
+ while(preg_match("/,/",$dn) && $next && $cnt < $max){
+
+ $cnt ++;
+ if(!preg_match("/,/",$dn)){
+ $next = false;
+ }
+ $object = preg_replace("/[,].*$/","",$dn);
+ $dn = preg_replace("/^[^,]+,/","",$dn);
+
+ $called = true;
+
+ /* Check if current dn is valid */
+ if($ldap!=NULL){
+ $ldap->cd($dn);
+ $ldap->cat($dn,array("dn"));
+ if($ldap->count()){
+ $ret[] = $keep.$object;
+ $keep = "";
+ }else{
+ $keep .= $object.",";
+ }
+ }else{
+ $ret[] = $keep.$object;
+ $keep = "";
+ }
+ }
+
+ /* Append the rest */
+ $test = $keep.$dn;
+ if($called && !empty($test)){
+ $ret[] = $keep.$dn;
+ }
+ $ret['count'] = count($ret) - 1;
+
+ $diff = array_diff($ret,$Diff);
+ if($diff){
+ print_a(array("Diff" => $diff,"OLD" => $Diff,"NEW"=> $ret,"DEBUG"=> debug_backtrace()));
+ }
+ return($ret);
+}
+
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>