![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/admin/departments/class_departmentGeneric.inc b/plugins/admin/departments/class_departmentGeneric.inc
index df8c51e78fba7c40606b8c74a0adce06897cbea5..36e960663e8258605d55d19bf7465cf03dd0644d 100644 (file)
var $attributes= array("ou", "description", "businessCategory", "st", "l", "postalAddress",
"telephoneNumber", "facsimileTelephoneNumber", "gosaUnitTag");
var $objectclasses= array("top", "gosaDepartment", "organizationalUnit");
+ var $initially_was_tagged = false;
function department ($config, $dn)
{
$this->base= preg_replace ("/^[^,]+,/", "", $this->dn);
}
- /* set permissions */
- $ui= get_userinfo();
- $acl= get_permissions ($ui->dn, $ui->subtreeACL);
- $this->acl= get_module_permission($acl, "department", $ui->dn);
-
/* Is administrational Unit? */
if ($dn != "new" && in_array_ics('gosaAdministrativeUnit', $this->attrs['objectClass'])){
$this->is_administrational_unit= true;
+ $this->initially_was_tagged = true;
}
}
$this->config->make_idepartments();
$smarty= get_smarty();
+ /* Assign base ACL */
+ $baseACL = $this->getacl("base");
+ if(!$this->acl_is_moveable()) {
+ $baseACL = preg_replace("/w/","",$baseACL);
+ }
+ $smarty->assign("baseACL", $baseACL);
+
+ $tmp = $this->plInfo();
+ foreach($tmp['plProvidedAcls'] as $name => $translation){
+ $smarty->assign($name."ACL",$this->getacl($name));
+ }
+
/* Base select dialog */
$once = true;
foreach($_POST as $name => $value){
- if(preg_match("/^chooseBase/",$name) && $once){
+ if((preg_match("/^chooseBase/",$name) && $once) && ($this->acl_is_moveable())){
$once = false;
- $this->dialog = new baseSelectDialog($this->config);
+ $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
$this->dialog->setCurrentBase($this->base);
}
}
}
/* Hide all departments, that are subtrees of this department */
- $bases = $this->config->idepartments;
+ $bases = $this->get_allowed_bases();
if(($this->dn == "new")||($this->dn == "")){
$tmp = $bases;
}else{
foreach ($this->attributes as $val){
$smarty->assign("$val", $this->$val);
- $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
}
- $smarty->assign("baseACL", chkacl($this->acl,"base"));
$smarty->assign("base_select", $this->base);
/* Set admin unit flag */
} else {
$smarty->assign("unitTag", "");
}
- $smarty->assign("unitTag"."ACL", chkacl($this->acl, "unitTag"));
return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
}
function clear_fields()
{
- $this->dn= "";
- $this->base= "";
- $this->acl= "#none#";
+ $this->dn = "";
+ $this->base = "";
foreach ($this->attributes as $val){
$this->$val= "";
$ldap= $this->config->get_ldap_link();
$ldap->cd ($this->dn);
$ldap->recursive_remove();
- show_ldap_error($ldap->get_error(), _("Removing department failed"));
+ show_ldap_error($ldap->get_error(), sprintf(_("Removing of department with dn '%s' failed."),$this->dn));
/* Optionally execute a command after we're done */
$this->handle_post_events('remove');
/* Save data to object */
function save_object()
{
- if (isset($_POST['base'])){
+ if (isset($_POST['dep_generic_posted'])){
plugin::save_object();
/* Save base, since this is no LDAP attribute */
- if (chkacl($this->acl, "create") == ""){
+ if($this->acl_is_moveable() && isset($_POST['base'])){
$this->base= $_POST['base'];
}
/* Save tagging flag */
- if (chkacl($this->acl, "unitTag") == ""){
+ if ($this->acl_is_writeable("unitTag")){
if (isset($_POST['unitTag'])){
$this->is_administrational_unit= true;
} else {
/* Call common method to give check the hook */
$message= plugin::check();
+
+ /* Set new acl base */
+ if($this->dn == "new") {
+ $this->set_acl_base($this->base);
+ }
+
/* Permissions for that base? */
// $this->dn= "ou=$this->ou,".$this->base;
- if (chkacl($this->acl, "create") != ""){
+ if (!$this->acl_is_createable() && $this->dn == "new"){
$message[]= _("You have no permissions to create a department on this 'Base'.");
}
/* Check for presence of this department */
$ldap= $this->config->get_ldap_link();
- $attrs= $ldap->cat ($this->dn, array('dn'));
- if ($this->orig_dn == "new" && !($attrs === FALSE)){
+ $ldap->ls ("(&(ou=".$this->ou.")(objectClass=organizationalUnit))", $this->base, array('dn'));
+ if ($this->orig_dn == "new" && $ldap->count()){
$message[]= _("Department with that 'Name' already exists.");
} elseif ($this->orig_dn != $this->dn && !($attrs === FALSE)){
$message[]= _("Department with that 'Name' already exists.");
$message[]= _("Required field 'Description' is not set.");
}
- /* Validate and modify - or: spaghetti rules! */
- $SkipNames = array( "incoming","apps","systems","fai","config",
- preg_replace("/ou=(.*),/","\\1",get_people_ou()),
- preg_replace("/ou=(.*),/","\\1",get_groups_ou())
- );
- foreach($SkipNames as $name){
- if ($this->ou == $name){
- $message[]= sprintf(_("The field 'Name' contains the reserved word '%s'. Please choose another name."),$name);
- }
- }
-
+ if(is_department_name_reserved($this->ou,$this->base)){
+ $message[]= sprintf(_("The field 'Name' contains the reserved word '%s'. Please choose another name."),$this->ou);
+ }
if (preg_match ('/[#+:=>\\\\\/]/', $this->ou)){
$message[]= _("The field 'Name' contains invalid characters.");
/* Add tag objects if needed */
if ($this->is_administrational_unit){
- if(!in_array_ics("gosaAdministrativeUnit",$this->objectclasses)){
+
+ /* If this wasn't tagged before add oc an reset unit tag */
+ if(!$this->initially_was_tagged){
$this->objectclasses[]= "gosaAdministrativeUnit";
+ $this->gosaUnitTag= "";
+
+ /* It seams that this method is called twice,
+ set this to true. to avoid adding this oc twice */
+ $this->initially_was_tagged = true;
}
+
if ($this->gosaUnitTag == ""){
/* It's unlikely, but check if already used... */
}
$this->gosaUnitTag= preg_replace("/\./", "", $sec.$usec);
}
- } else {
- $this->gosaUnitTag= "";
}
plugin::save();
$tmp= array();
/* Remove gosaAdministrativeUnit from this plugin */
+ $has_unit_tag= false;
foreach($this->attrs['objectClass'] as $oc){
if (!preg_match("/^gosaAdministrativeUnit$/i", $oc)){
$tmp[]= $oc;
}
+ if (preg_match("/^gosaAdministrativeUnitTag$/i", $oc)){
+ $has_unit_tag= true;
+ }
}
$this->attrs['objectClass']= $tmp;
- if(isset($this->attrs['gosaUnitTag'])){
+
+ if(!$has_unit_tag && isset($this->attrs['gosaUnitTag'])){
$this->attrs['gosaUnitTag']= array();
}
+ $this->gosaUnitTag = "";
}
/* Write back to ldap */
$ldap->add($this->attrs);
$this->handle_post_events('add');
}
- show_ldap_error($ldap->get_error(), _("Saving department failed"));
+ show_ldap_error($ldap->get_error(), sprintf(_("Saving of department with dn '%s' failed."),$this->dn));
/* The parameter forces only to set must_be_tagged, and don't touch any objects
This will be done later */
$this->tag_objects(true);
+
+ /* Fix tagging if needed */
+ if (!$this->is_administrational_unit){
+ $this->handle_object_tagging();
+ }
/* Optionally execute a command after we're done */
$this->postcreate();
- return(true);
+ return(false);
}
} else {
$ldap->search('objectClass=gosaAdministrativeUnitTag', array('dn'));
}
+
while ($attrs= $ldap->fetch()){
/* Skip self */
echo "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
echo "<body style='background-image:none;margin:3px;color:black'>";
- echo "<h3>".sprintf(_("Moving '%s' to '%s'"),"<i>".$src_dn."</i>","<i>".$dst_dn."</i>")."</h3>";
+ echo "<h3>".sprintf(_("Moving '%s' to '%s'"),"<i>".@LDAP::fix($src_dn)."</i>","<i>".@LDAP::fix($dst_dn)."</i>")."</h3>";
/* Check if the destination entry exists */
/* Check if destination exists - abort */
$ldap->cat($dst_dn, array('dn'));
if ($ldap->fetch()){
- trigger_error("Recursive_move $dst_dn already exists.",
+ trigger_error("Recursive_move ".@LDAP::fix($dst_dn)." already exists.",
E_USER_WARNING);
- echo sprintf("Recursive_move: '%s' already exists", $dst_dn)."<br>";
+ echo sprintf("Recursive_move: '%s' already exists", @LDAP::fix($dst_dn))."<br>";
return (FALSE);
}
$dst= preg_replace("/".str_replace("\\","\\\\",$src_dn)."$/", "$dst_dn", $object);
$dst= str_replace($src_dn,$dst_dn,$object);
- echo "<b>"._("Object").":</b> $src<br>";
+ echo "<b>"._("Object").":</b> ".@LDAP::fix($src)."<br>";
if (!$this->copy($src, $dst)){
- echo "<font color='#FF0000'><br>".sprintf(_("FAILED to copy %s, aborting operation"),$src)."</font>";
+ echo "<font color='#FF0000'><br>".sprintf(_("FAILED to copy %s, aborting operation"),@LDAP::fix($src))."</font>";
return (FALSE);
}
return (TRUE);
}
}
+
+
+ /* Return plugin informations for acl handling */
+ function plInfo()
+ {
+ return (array("plShortName" => _("Generic"),
+ "plDescription" => _("Departments"),
+ "plSelfModify" => FALSE,
+ "plPriority" => 0,
+ "plDepends" => array(),
+ "plSection" => array("admin"),
+ "plCategory" => array("department" => array("objectClass" => "gosaDepartment", "description" => _("Departments"))),
+
+ "plProvidedAcls" => array(
+ "description" => _("Description"),
+ "c" => _("Country"),
+ "base" => _("Base"),
+ "l" => _("Location"),
+ "telephoneNumber" => _("Telephone"),
+ "ou" => _("Department name"),
+ "businessCategory" => _("Category"),
+ "st" => _("State"),
+ "postalAddress" => _("Address"),
+ "gosaUnitTag" => _("Administrative settings"),
+ "facsimileTelephoneNumber" => _("Fax"))
+ ));
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>