![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/admin/departments/class_departmentGeneric.inc b/plugins/admin/departments/class_departmentGeneric.inc
index 60d4bc379d3c1ff935ddfa66f79a96cc6dbb9e4c..da4c101b7beeccfc97adc50480725de7ff16889c 100644 (file)
var $telephoneNumber= "";
var $facsimileTelephoneNumber= "";
var $orig_dn= "";
+ var $is_administrational_unit= false;
+ var $gosaUnitTag= "";
var $rec_dst=false; // Destination for recursive move
var $rec_src=false; // Source for recursive move
var $rec_cpy=false; // Is recursive move requested ?
- function am_i_moved()
- {
- return $this->rec_cpy;
- }
-
/* Headpage attributes */
var $last_dep_sorting= "invalid";
var $departments= array();
+ var $must_be_tagged = false;
+
/* attribute list for save action */
var $attributes= array("ou", "description", "businessCategory", "st", "l", "postalAddress",
- "telephoneNumber", "facsimileTelephoneNumber");
+ "telephoneNumber", "facsimileTelephoneNumber", "gosaUnitTag");
var $objectclasses= array("top", "gosaDepartment", "organizationalUnit");
+ var $initially_was_tagged = false;
+
+
+ /* Temporary disable the Unit Tag functionalityi.
+ This is not used anymore, cause of the new acl implementation.
+ Setting this to TRUE will disable
+ all POST / GET activity, "Department tagging" and the checkbox within the generic template.
+ */
+ var $UnitTagDiabled = TRUE;
+ var $orig_base = "";
+ var $orig_ou = "";
function department ($config, $dn)
{
$this->ui= get_userinfo();
$this->dn= $dn;
$this->orig_dn= $dn;
+ $this->orig_ou= $this->ou;
$this->config= $config;
/* Set base */
} else {
$this->base= preg_replace ("/^[^,]+,/", "", $this->dn);
}
- /* set permissions */
- $ui= get_userinfo();
- $acl= get_permissions ($ui->dn, $ui->subtreeACL);
- $this->acl= get_module_permission($acl, "department", $ui->dn);
+
+ $this->orig_base = $this->base;
+
+ /* Is administrational Unit? */
+ if ($dn != "new" && in_array_ics('gosaAdministrativeUnit', $this->attrs['objectClass'])){
+ $this->is_administrational_unit= true;
+ $this->initially_was_tagged = true;
+ }
}
function execute()
plugin::execute();
/* Reload departments */
- $this->config->departments= get_departments($this->dn);
+ $this->config->get_departments($this->dn);
$this->config->make_idepartments();
$smarty= get_smarty();
+ $tmp = $this->plInfo();
+ foreach($tmp['plProvidedAcls'] as $name => $translation){
+ $smarty->assign($name."ACL",$this->getacl($name));
+ }
/* Base select dialog */
$once = true;
foreach($_POST as $name => $value){
- if(preg_match("/^chooseBase/",$name) && $once){
+ if((preg_match("/^chooseBase/",$name) && $once) && ($this->acl_is_moveable())){
$once = false;
- $this->dialog = new baseSelectDialog($this->config);
+ $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
$this->dialog->setCurrentBase($this->base);
}
}
if($this->dialog->isClosed()){
$this->dialog = false;
}elseif($this->dialog->isSelected()){
- $this->base = $this->dialog->isSelected();
+
+ /* A new base was selected, check if it is a valid one */
+ $tmp = $this->get_allowed_bases();
+ if(isset($tmp[$this->dialog->isSelected()])){
+ $this->base = $this->dialog->isSelected();
+ }
+
$this->dialog= false;
}else{
return($this->dialog->execute());
}
/* Hide all departments, that are subtrees of this department */
- $bases = $this->config->idepartments;
+ $bases = $this->get_allowed_bases();
if(($this->dn == "new")||($this->dn == "")){
$tmp = $bases;
}else{
foreach ($this->attributes as $val){
$smarty->assign("$val", $this->$val);
- $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
}
$smarty->assign("base_select", $this->base);
+
+ /* Set admin unit flag */
+ $smarty->assign("UnitTagDiabled",$this->UnitTagDiabled);
+ if(!$this->UnitTagDiabled){
+ if ($this->is_administrational_unit) {
+ $smarty->assign("unitTag", "checked");
+ } else {
+ $smarty->assign("unitTag", "");
+ }
+ }
+
return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
}
function clear_fields()
{
- $this->dn= "";
- $this->base= "";
- $this->acl= "#none#";
+ $this->dn = "";
+ $this->base = "";
foreach ($this->attributes as $val){
$this->$val= "";
}
}
-
function remove_from_parent()
{
$ldap= $this->config->get_ldap_link();
$ldap->cd ($this->dn);
$ldap->recursive_remove();
+ show_ldap_error($ldap->get_error(), sprintf(_("Removing of department with dn '%s' failed."),$this->dn));
/* Optionally execute a command after we're done */
$this->handle_post_events('remove');
}
+ function must_be_tagged()
+ {
+ return $this->must_be_tagged;
+ }
+
+ function am_i_moved()
+ {
+ return $this->rec_cpy;
+ }
+
/* Save data to object */
function save_object()
{
- if (isset($_POST['base'])){
- plugin::save_object();
-
- /* Save base, since this is no LDAP attribute */
- if (chkacl($this->acl, "create") == ""){
- $this->base= $_POST['base'];
- }
- }
+ if (isset($_POST['dep_generic_posted'])){
+
+ /* Create a base backup and reset the
+ base directly after calling plugin::save_object();
+ Base will be set seperatly a few lines below */
+ $base_tmp = $this->base;
+ plugin::save_object();
+ $this->base = $base_tmp;
+
+ /* Set new base if allowed */
+ $tmp = $this->get_allowed_bases();
+ if(isset($_POST['base'])){
+ if(isset($tmp[$_POST['base']])){
+ $this->base= $_POST['base'];
+ }
+ }
+
+ /* Save tagging flag */
+ if(!$this->UnitTagDiabled){
+ if ($this->acl_is_writeable("unitTag")){
+ if (isset($_POST['unitTag'])){
+ $this->is_administrational_unit= true;
+ } else {
+ $this->is_administrational_unit= false;
+ }
+ }
+ }
+ }
}
/* Call common method to give check the hook */
$message= plugin::check();
- /* Permissions for that base? */
- // $this->dn= "ou=$this->ou,".$this->base;
- if (chkacl($this->acl, "create") != ""){
- $message[]= _("You have no permissions to create a department on this 'Base'.");
- }
-
/* Check for presence of this department */
$ldap= $this->config->get_ldap_link();
- $attrs= $ldap->cat ($this->dn);
- if ($this->orig_dn == "new" && !($attrs === FALSE)){
+ $ldap->ls ("(&(ou=".$this->ou.")(objectClass=organizationalUnit))", $this->base, array('dn'));
+ if ($this->orig_dn == "new" && $ldap->count()){
$message[]= _("Department with that 'Name' already exists.");
} elseif ($this->orig_dn != $this->dn && !($attrs === FALSE)){
$message[]= _("Department with that 'Name' already exists.");
$message[]= _("Required field 'Description' is not set.");
}
- /* Validate and modify - or: spaghetti rules! */
- if ($this->ou == "incoming"){
- $message[]= _("The field 'Name' contains the reserved word 'incoming'.".
- " Please choose another name.");
- }
+ if(is_department_name_reserved($this->ou,$this->base)){
+ $message[]= sprintf(_("The field 'Name' contains the reserved word '%s'. Please choose another name."),$this->ou);
+ }
+
if (preg_match ('/[#+:=>\\\\\/]/', $this->ou)){
$message[]= _("The field 'Name' contains invalid characters.");
}
/* Save to LDAP */
function save()
{
+ $ldap= $this->config->get_ldap_link();
+
+ if(!$this->UnitTagDiabled){
+
+ /* Add tag objects if needed */
+ if ($this->is_administrational_unit){
+
+ /* If this wasn't tagged before add oc an reset unit tag */
+ if(!$this->initially_was_tagged){
+ $this->objectclasses[]= "gosaAdministrativeUnit";
+ $this->gosaUnitTag= "";
+
+ /* It seams that this method is called twice,
+ set this to true. to avoid adding this oc twice */
+ $this->initially_was_tagged = true;
+ }
+
+ if ($this->gosaUnitTag == ""){
+
+ /* It's unlikely, but check if already used... */
+ $try= 5;
+ $ldap->cd($this->config->current['BASE']);
+ while ($try--){
+
+ /* Generate microtime stamp as tag */
+ list($usec, $sec)= explode(" ", microtime());
+ $time_stamp= preg_replace("/\./", "", $sec.$usec);
+
+ $ldap->search("(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$time_stamp))",array("gosaUnitTag"));
+ if ($ldap->count() == 0){
+ break;
+ }
+ }
+ if($try == 0) {
+ print_red(_("Fatal error: Can't find an unused tag to mark the administrative unit!"));
+ return;
+ }
+ $this->gosaUnitTag= preg_replace("/\./", "", $sec.$usec);
+ }
+ }
+ }
plugin::save();
+ if(!$this->UnitTagDiabled){
+
+ /* Remove tag information if needed */
+ if (!$this->is_administrational_unit){
+ $tmp= array();
+
+ /* Remove gosaAdministrativeUnit from this plugin */
+ $has_unit_tag= false;
+ foreach($this->attrs['objectClass'] as $oc){
+ if (!preg_match("/^gosaAdministrativeUnit$/i", $oc)){
+ $tmp[]= $oc;
+ }
+ if (preg_match("/^gosaAdministrativeUnitTag$/i", $oc)){
+ $has_unit_tag= true;
+ }
+ }
+ $this->attrs['objectClass']= $tmp;
+
+ if(!$has_unit_tag && isset($this->attrs['gosaUnitTag'])){
+ $this->attrs['gosaUnitTag']= array();
+ }
+ $this->gosaUnitTag = "";
+ }
+ }
+
/* Write back to ldap */
$ldap= $this->config->get_ldap_link();
- $ldap->cat($this->dn);
+ $ldap->cat($this->dn, array('dn'));
$a= $ldap->fetch();
$ldap->cd($this->dn);
+
if (count($a)){
$this->cleanup();
$ldap->modify ($this->attrs);
$ldap->add($this->attrs);
$this->handle_post_events('add');
}
- show_ldap_error($ldap->get_error());
+ show_ldap_error($ldap->get_error(), sprintf(_("Saving of department with dn '%s' failed."),$this->dn));
- /* Optionally execute a command after we're done */
+
+ if(!$this->UnitTagDiabled){
+ /* The parameter forces only to set must_be_tagged, and don't touch any objects
+ This will be done later */
+ $this->tag_objects(true);
+
+ /* Fix tagging if needed */
+ if (!$this->is_administrational_unit){
+ $this->handle_object_tagging();
+ }
+ }
+
+ /* Optionally execute a command after we're done */
$this->postcreate();
+ return(false);
}
+
+ function ShowMoveFrame()
+ {
+ $smarty = get_smarty();
+ $smarty->assign("src","?plug=".$_GET['plug']."&PerformRecMove");
+ $smarty->assign("message","As soon as the move operation has finished, you can scroll down to end of the page and press the 'Continue' button to continue with the department management dialog.");
+ $display= $smarty->fetch(get_template_path("dep_iframe.tpl",TRUE));
+ return($display);
+ }
+
+ function ShowTagFrame()
+ {
+ $smarty = get_smarty();
+ $smarty->assign("src","?plug=".$_GET['plug']."&TagDepartment");
+ $smarty->assign("message","As soon as the tag operation has finished, you can scroll down to end of the page and press the 'Continue' button to continue with the department management dialog.");
+ $display= $smarty->fetch(get_template_path("dep_iframe.tpl",TRUE));
+ return($display);
+ }
+
+ /* Tag objects to have the gosaAdministrativeUnitTag */
+ function tag_objects($OnlySetTagFlag = false)
+ {
+ if(!$OnlySetTagFlag){
+ $smarty= get_smarty();
+ /* Print out html introduction */
+ echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+ <html>
+ <head>
+ <title></title>
+ <style type="text/css">@import url("themes/default/style.css");</style>
+ <script language="javascript" src="include/focus.js" type="text/javascript"></script>
+ </head>
+ <body style="background: none; margin:4px;" id="body" >
+ ';
+ echo "<h3>".sprintf(_("Tagging '%s'."),"<i>".@LDAP::fix($this->dn)."</i>")."</h3>";
+ }
+
+ $add= $this->is_administrational_unit;
+ $len= strlen($this->dn);
+ $ldap= $this->config->get_ldap_link();
+ $ldap->cd($this->dn);
+ if ($add){
+ $ldap->search('(!(&(objectClass=gosaAdministrativeUnitTag)(gosaUnitTag='.
+ $this->gosaUnitTag.')))', array('dn'));
+ } else {
+ $ldap->search('objectClass=gosaAdministrativeUnitTag', array('dn'));
+ }
+
+ while ($attrs= $ldap->fetch()){
+
+ /* Skip self */
+ if ($attrs['dn'] == $this->dn){
+ continue;
+ }
+
+ /* Check for confilicting administrative units */
+ $fix= true;
+ foreach ($this->config->adepartments as $key => $tag){
+ /* This one is shorter than our dn, its not relevant... */
+ if ($len >= strlen($key)){
+ continue;
+ }
+
+ /* This one matches with the latter part. Break and don't fix this entry */
+ if (preg_match('/(^|,)'.normalizePreg($key).'$/', $attrs['dn'])){
+ $fix= false;
+ break;
+ }
+ }
+
+ /* Fix entry if needed */
+ if ($fix){
+ if($OnlySetTagFlag){
+ $this->must_be_tagged =true;
+ return;
+ }
+ $this->handle_object_tagging($attrs['dn'], $this->gosaUnitTag, TRUE );
+ }
+ }
+ if(!$OnlySetTagFlag){
+ echo '<p class="seperator"> </p>';
+ echo "<div style='width:100%;text-align:right;'><form name='form' method='post' action='?plug=".$_GET['plug']."' target='_parent'>
+ <br><input type='submit' name='back' value='"._("Continue")."'>
+ </form></div>";
+ }
+ }
+
+
/* Move/Rename complete trees */
function recursive_move($src_dn, $dst_dn,$force = false)
{
+ /* If force == false prepare to recursive move this object from src to dst
+ on the next call. */
if(!$force){
-
$this->rec_cpy = true;
$this->rec_src = $src_dn;
$this->rec_dst = $dst_dn;
-
- $smarty = get_smarty();
-
- $smarty->assign("src","?plug=".$_GET['plug']."&PerformRecMove");
-
- $display= $smarty->fetch(get_template_path("recursive_move.tpl",TRUE));
- return($display);
- exit();
}else{
+
+ /* If this is called, but not wanted, abort */
if(!$this->rec_cpy){
return;
}
/* Print header to have styles included */
$smarty= get_smarty();
- echo "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
- echo "<body style='background-image:none;margin:3px;color:black'>";
- echo "<h3>".sprintf(_("Moving %s to %s"),"<i>".$src_dn."</i>","<i>".$dst_dn."</i>")."</h3>";
+ echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+ <html>
+ <head>
+ <title></title>
+ <style type="text/css">@import url("themes/default/style.css");</style>
+ <script language="javascript" src="include/focus.js" type="text/javascript"></script>
+ </head>
+ <body style="background: none; margin:4px;" id="body" >
+ ';
+ echo "<h3>".sprintf(_("Moving '%s' to '%s'"),"<i>".@LDAP::fix($src_dn)."</i>","<i>".@LDAP::fix($dst_dn)."</i>")."</h3>";
/* Check if the destination entry exists */
$ldap= $this->config->get_ldap_link();
/* Check if destination exists - abort */
- $ldap->cat($dst_dn);
+ $ldap->cat($dst_dn, array('dn'));
if ($ldap->fetch()){
- trigger_error("Recursive_move $dst_dn already exists.",
+ trigger_error("Recursive_move ".@LDAP::fix($dst_dn)." already exists.",
E_USER_WARNING);
- echo "Recursive_move :$dst_dn already exists.<br>";
+ echo sprintf("Recursive_move: '%s' already exists", @LDAP::fix($dst_dn))."<br>";
return (FALSE);
}
-
+
/* Perform a search for all objects to be moved */
$objects= array();
$ldap->cd($src_dn);
/* Copy objects from small to big indent levels by replacing src_dn by dst_dn */
foreach ($objects as $object => $len){
-
+
$src= str_replace("\\","\\\\",$object);
$dst= preg_replace("/".str_replace("\\","\\\\",$src_dn)."$/", "$dst_dn", $object);
$dst= str_replace($src_dn,$dst_dn,$object);
- echo "<b>"._("Object").":</b> $src<br>";
-
+ echo "<b>"._("Object").":</b> ".@LDAP::fix($src)."<br>";
+
+ $this->update_acls($object, $dst,TRUE);
+
if (!$this->copy($src, $dst)){
- echo "<font color='#FF0000'><br>".sprintf(_("FAILED to copy %s, aborting operation"),$src)."</font>";
+ echo "<font color='#FF0000'><br>".sprintf(_("FAILED to copy %s, aborting operation"),@LDAP::fix($src))."</font>";
return (FALSE);
}
-
+ echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
flush();
}
/* Remove src_dn */
$ldap->cd($src_dn);
$ldap->recursive_remove();
+ $this->dn = $this->rec_dst;
$this->rec_src = $this->rec_dst = "";
$this->rec_cpy =false;
<br><input type='submit' name='back' value='"._("Continue")."'>
</form></div>";
+ echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
echo "</body></html>";
-
+
return (TRUE);
}
}
+ /* Return plugin informations for acl handling */
+ function plInfo()
+ {
+ return (array("plShortName" => _("Generic"),
+ "plDescription" => _("Departments"),
+ "plSelfModify" => FALSE,
+ "plPriority" => 0,
+ "plDepends" => array(),
+ "plSection" => array("admin"),
+ "plCategory" => array("department" => array("objectClass" => "gosaDepartment", "description" => _("Departments"))),
+
+ "plProvidedAcls" => array(
+ "description" => _("Description"),
+ "c" => _("Country"),
+ "base" => _("Base"),
+ "l" => _("Location"),
+ "telephoneNumber" => _("Telephone"),
+ "ou" => _("Department name"),
+ "businessCategory" => _("Category"),
+ "st" => _("State"),
+ "postalAddress" => _("Address"),
+ "gosaUnitTag" => _("Administrative settings"),
+ "facsimileTelephoneNumber" => _("Fax"))
+ ));
+ }
}
-
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>