![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/admin/departments/class_departmentGeneric.inc b/plugins/admin/departments/class_departmentGeneric.inc
index df8c51e78fba7c40606b8c74a0adce06897cbea5..da4c101b7beeccfc97adc50480725de7ff16889c 100644 (file)
var $attributes= array("ou", "description", "businessCategory", "st", "l", "postalAddress",
"telephoneNumber", "facsimileTelephoneNumber", "gosaUnitTag");
var $objectclasses= array("top", "gosaDepartment", "organizationalUnit");
+ var $initially_was_tagged = false;
+
+
+ /* Temporary disable the Unit Tag functionalityi.
+ This is not used anymore, cause of the new acl implementation.
+ Setting this to TRUE will disable
+ all POST / GET activity, "Department tagging" and the checkbox within the generic template.
+ */
+ var $UnitTagDiabled = TRUE;
+ var $orig_base = "";
+ var $orig_ou = "";
function department ($config, $dn)
{
$this->ui= get_userinfo();
$this->dn= $dn;
$this->orig_dn= $dn;
+ $this->orig_ou= $this->ou;
$this->config= $config;
/* Set base */
$this->base= preg_replace ("/^[^,]+,/", "", $this->dn);
}
- /* set permissions */
- $ui= get_userinfo();
- $acl= get_permissions ($ui->dn, $ui->subtreeACL);
- $this->acl= get_module_permission($acl, "department", $ui->dn);
+ $this->orig_base = $this->base;
/* Is administrational Unit? */
if ($dn != "new" && in_array_ics('gosaAdministrativeUnit', $this->attrs['objectClass'])){
$this->is_administrational_unit= true;
+ $this->initially_was_tagged = true;
}
}
$this->config->make_idepartments();
$smarty= get_smarty();
+ $tmp = $this->plInfo();
+ foreach($tmp['plProvidedAcls'] as $name => $translation){
+ $smarty->assign($name."ACL",$this->getacl($name));
+ }
+
/* Base select dialog */
$once = true;
foreach($_POST as $name => $value){
- if(preg_match("/^chooseBase/",$name) && $once){
+ if((preg_match("/^chooseBase/",$name) && $once) && ($this->acl_is_moveable())){
$once = false;
- $this->dialog = new baseSelectDialog($this->config);
+ $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
$this->dialog->setCurrentBase($this->base);
}
}
if($this->dialog->isClosed()){
$this->dialog = false;
}elseif($this->dialog->isSelected()){
- $this->base = $this->dialog->isSelected();
+
+ /* A new base was selected, check if it is a valid one */
+ $tmp = $this->get_allowed_bases();
+ if(isset($tmp[$this->dialog->isSelected()])){
+ $this->base = $this->dialog->isSelected();
+ }
+
$this->dialog= false;
}else{
return($this->dialog->execute());
}
/* Hide all departments, that are subtrees of this department */
- $bases = $this->config->idepartments;
+ $bases = $this->get_allowed_bases();
if(($this->dn == "new")||($this->dn == "")){
$tmp = $bases;
}else{
foreach ($this->attributes as $val){
$smarty->assign("$val", $this->$val);
- $smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
}
- $smarty->assign("baseACL", chkacl($this->acl,"base"));
$smarty->assign("base_select", $this->base);
- /* Set admin unit flag */
- if ($this->is_administrational_unit) {
- $smarty->assign("unitTag", "checked");
- } else {
- $smarty->assign("unitTag", "");
- }
- $smarty->assign("unitTag"."ACL", chkacl($this->acl, "unitTag"));
+ /* Set admin unit flag */
+ $smarty->assign("UnitTagDiabled",$this->UnitTagDiabled);
+ if(!$this->UnitTagDiabled){
+ if ($this->is_administrational_unit) {
+ $smarty->assign("unitTag", "checked");
+ } else {
+ $smarty->assign("unitTag", "");
+ }
+ }
return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
}
function clear_fields()
{
- $this->dn= "";
- $this->base= "";
- $this->acl= "#none#";
+ $this->dn = "";
+ $this->base = "";
foreach ($this->attributes as $val){
$this->$val= "";
$ldap= $this->config->get_ldap_link();
$ldap->cd ($this->dn);
$ldap->recursive_remove();
- show_ldap_error($ldap->get_error(), _("Removing department failed"));
+ show_ldap_error($ldap->get_error(), sprintf(_("Removing of department with dn '%s' failed."),$this->dn));
/* Optionally execute a command after we're done */
$this->handle_post_events('remove');
/* Save data to object */
function save_object()
{
- if (isset($_POST['base'])){
- plugin::save_object();
-
- /* Save base, since this is no LDAP attribute */
- if (chkacl($this->acl, "create") == ""){
- $this->base= $_POST['base'];
- }
+ if (isset($_POST['dep_generic_posted'])){
+
+ /* Create a base backup and reset the
+ base directly after calling plugin::save_object();
+ Base will be set seperatly a few lines below */
+ $base_tmp = $this->base;
+ plugin::save_object();
+ $this->base = $base_tmp;
+
+ /* Set new base if allowed */
+ $tmp = $this->get_allowed_bases();
+ if(isset($_POST['base'])){
+ if(isset($tmp[$_POST['base']])){
+ $this->base= $_POST['base'];
+ }
+ }
- /* Save tagging flag */
- if (chkacl($this->acl, "unitTag") == ""){
- if (isset($_POST['unitTag'])){
- $this->is_administrational_unit= true;
- } else {
- $this->is_administrational_unit= false;
- }
- }
- }
+ /* Save tagging flag */
+ if(!$this->UnitTagDiabled){
+ if ($this->acl_is_writeable("unitTag")){
+ if (isset($_POST['unitTag'])){
+ $this->is_administrational_unit= true;
+ } else {
+ $this->is_administrational_unit= false;
+ }
+ }
+ }
+ }
}
/* Call common method to give check the hook */
$message= plugin::check();
- /* Permissions for that base? */
- // $this->dn= "ou=$this->ou,".$this->base;
- if (chkacl($this->acl, "create") != ""){
- $message[]= _("You have no permissions to create a department on this 'Base'.");
- }
-
/* Check for presence of this department */
$ldap= $this->config->get_ldap_link();
- $attrs= $ldap->cat ($this->dn, array('dn'));
- if ($this->orig_dn == "new" && !($attrs === FALSE)){
+ $ldap->ls ("(&(ou=".$this->ou.")(objectClass=organizationalUnit))", $this->base, array('dn'));
+ if ($this->orig_dn == "new" && $ldap->count()){
$message[]= _("Department with that 'Name' already exists.");
} elseif ($this->orig_dn != $this->dn && !($attrs === FALSE)){
$message[]= _("Department with that 'Name' already exists.");
$message[]= _("Required field 'Description' is not set.");
}
- /* Validate and modify - or: spaghetti rules! */
- $SkipNames = array( "incoming","apps","systems","fai","config",
- preg_replace("/ou=(.*),/","\\1",get_people_ou()),
- preg_replace("/ou=(.*),/","\\1",get_groups_ou())
- );
- foreach($SkipNames as $name){
- if ($this->ou == $name){
- $message[]= sprintf(_("The field 'Name' contains the reserved word '%s'. Please choose another name."),$name);
- }
- }
-
+ if(is_department_name_reserved($this->ou,$this->base)){
+ $message[]= sprintf(_("The field 'Name' contains the reserved word '%s'. Please choose another name."),$this->ou);
+ }
if (preg_match ('/[#+:=>\\\\\/]/', $this->ou)){
$message[]= _("The field 'Name' contains invalid characters.");
{
$ldap= $this->config->get_ldap_link();
- /* Add tag objects if needed */
- if ($this->is_administrational_unit){
- if(!in_array_ics("gosaAdministrativeUnit",$this->objectclasses)){
- $this->objectclasses[]= "gosaAdministrativeUnit";
- }
- if ($this->gosaUnitTag == ""){
+ if(!$this->UnitTagDiabled){
- /* It's unlikely, but check if already used... */
- $try= 5;
- $ldap->cd($this->config->current['BASE']);
- while ($try--){
+ /* Add tag objects if needed */
+ if ($this->is_administrational_unit){
- /* Generate microtime stamp as tag */
- list($usec, $sec)= explode(" ", microtime());
- $time_stamp= preg_replace("/\./", "", $sec.$usec);
+ /* If this wasn't tagged before add oc an reset unit tag */
+ if(!$this->initially_was_tagged){
+ $this->objectclasses[]= "gosaAdministrativeUnit";
+ $this->gosaUnitTag= "";
- $ldap->search("(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$time_stamp))",array("gosaUnitTag"));
- if ($ldap->count() == 0){
- break;
- }
- }
- if($try == 0) {
- print_red(_("Fatal error: Can't find an unused tag to mark the administrative unit!"));
- return;
- }
- $this->gosaUnitTag= preg_replace("/\./", "", $sec.$usec);
- }
- } else {
- $this->gosaUnitTag= "";
- }
+ /* It seams that this method is called twice,
+ set this to true. to avoid adding this oc twice */
+ $this->initially_was_tagged = true;
+ }
+ if ($this->gosaUnitTag == ""){
+
+ /* It's unlikely, but check if already used... */
+ $try= 5;
+ $ldap->cd($this->config->current['BASE']);
+ while ($try--){
+
+ /* Generate microtime stamp as tag */
+ list($usec, $sec)= explode(" ", microtime());
+ $time_stamp= preg_replace("/\./", "", $sec.$usec);
+
+ $ldap->search("(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$time_stamp))",array("gosaUnitTag"));
+ if ($ldap->count() == 0){
+ break;
+ }
+ }
+ if($try == 0) {
+ print_red(_("Fatal error: Can't find an unused tag to mark the administrative unit!"));
+ return;
+ }
+ $this->gosaUnitTag= preg_replace("/\./", "", $sec.$usec);
+ }
+ }
+ }
plugin::save();
- /* Remove tag information if needed */
- if (!$this->is_administrational_unit){
- $tmp= array();
+ if(!$this->UnitTagDiabled){
+
+ /* Remove tag information if needed */
+ if (!$this->is_administrational_unit){
+ $tmp= array();
+
+ /* Remove gosaAdministrativeUnit from this plugin */
+ $has_unit_tag= false;
+ foreach($this->attrs['objectClass'] as $oc){
+ if (!preg_match("/^gosaAdministrativeUnit$/i", $oc)){
+ $tmp[]= $oc;
+ }
+ if (preg_match("/^gosaAdministrativeUnitTag$/i", $oc)){
+ $has_unit_tag= true;
+ }
+ }
+ $this->attrs['objectClass']= $tmp;
- /* Remove gosaAdministrativeUnit from this plugin */
- foreach($this->attrs['objectClass'] as $oc){
- if (!preg_match("/^gosaAdministrativeUnit$/i", $oc)){
- $tmp[]= $oc;
- }
- }
- $this->attrs['objectClass']= $tmp;
- if(isset($this->attrs['gosaUnitTag'])){
- $this->attrs['gosaUnitTag']= array();
- }
- }
+ if(!$has_unit_tag && isset($this->attrs['gosaUnitTag'])){
+ $this->attrs['gosaUnitTag']= array();
+ }
+ $this->gosaUnitTag = "";
+ }
+ }
/* Write back to ldap */
$ldap= $this->config->get_ldap_link();
$ldap->add($this->attrs);
$this->handle_post_events('add');
}
- show_ldap_error($ldap->get_error(), _("Saving department failed"));
+ show_ldap_error($ldap->get_error(), sprintf(_("Saving of department with dn '%s' failed."),$this->dn));
+
+
+ if(!$this->UnitTagDiabled){
+ /* The parameter forces only to set must_be_tagged, and don't touch any objects
+ This will be done later */
+ $this->tag_objects(true);
- /* The parameter forces only to set must_be_tagged, and don't touch any objects
- This will be done later */
- $this->tag_objects(true);
+ /* Fix tagging if needed */
+ if (!$this->is_administrational_unit){
+ $this->handle_object_tagging();
+ }
+ }
/* Optionally execute a command after we're done */
$this->postcreate();
- return(true);
+ return(false);
}
function ShowMoveFrame()
{
$smarty = get_smarty();
- $smarty->assign("src","?plug=".$_GET['plug']."&PerformRecMove");
+ $smarty->assign("src","?plug=".$_GET['plug']."&PerformRecMove");
$smarty->assign("message","As soon as the move operation has finished, you can scroll down to end of the page and press the 'Continue' button to continue with the department management dialog.");
$display= $smarty->fetch(get_template_path("dep_iframe.tpl",TRUE));
return($display);
{
if(!$OnlySetTagFlag){
$smarty= get_smarty();
- echo "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
- echo "<body style='background-image:none;margin:3px;color:black'>";
+ /* Print out html introduction */
+ echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+ <html>
+ <head>
+ <title></title>
+ <style type="text/css">@import url("themes/default/style.css");</style>
+ <script language="javascript" src="include/focus.js" type="text/javascript"></script>
+ </head>
+ <body style="background: none; margin:4px;" id="body" >
+ ';
echo "<h3>".sprintf(_("Tagging '%s'."),"<i>".@LDAP::fix($this->dn)."</i>")."</h3>";
}
} else {
$ldap->search('objectClass=gosaAdministrativeUnitTag', array('dn'));
}
+
while ($attrs= $ldap->fetch()){
/* Skip self */
/* Print header to have styles included */
$smarty= get_smarty();
- echo "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
- echo "<body style='background-image:none;margin:3px;color:black'>";
- echo "<h3>".sprintf(_("Moving '%s' to '%s'"),"<i>".$src_dn."</i>","<i>".$dst_dn."</i>")."</h3>";
+ echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+ <html>
+ <head>
+ <title></title>
+ <style type="text/css">@import url("themes/default/style.css");</style>
+ <script language="javascript" src="include/focus.js" type="text/javascript"></script>
+ </head>
+ <body style="background: none; margin:4px;" id="body" >
+ ';
+ echo "<h3>".sprintf(_("Moving '%s' to '%s'"),"<i>".@LDAP::fix($src_dn)."</i>","<i>".@LDAP::fix($dst_dn)."</i>")."</h3>";
/* Check if the destination entry exists */
/* Check if destination exists - abort */
$ldap->cat($dst_dn, array('dn'));
if ($ldap->fetch()){
- trigger_error("Recursive_move $dst_dn already exists.",
+ trigger_error("Recursive_move ".@LDAP::fix($dst_dn)." already exists.",
E_USER_WARNING);
- echo sprintf("Recursive_move: '%s' already exists", $dst_dn)."<br>";
+ echo sprintf("Recursive_move: '%s' already exists", @LDAP::fix($dst_dn))."<br>";
return (FALSE);
}
$dst= preg_replace("/".str_replace("\\","\\\\",$src_dn)."$/", "$dst_dn", $object);
$dst= str_replace($src_dn,$dst_dn,$object);
- echo "<b>"._("Object").":</b> $src<br>";
+ echo "<b>"._("Object").":</b> ".@LDAP::fix($src)."<br>";
+
+ $this->update_acls($object, $dst,TRUE);
if (!$this->copy($src, $dst)){
- echo "<font color='#FF0000'><br>".sprintf(_("FAILED to copy %s, aborting operation"),$src)."</font>";
+ echo "<font color='#FF0000'><br>".sprintf(_("FAILED to copy %s, aborting operation"),@LDAP::fix($src))."</font>";
return (FALSE);
}
-
+ echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
flush();
}
/* Remove src_dn */
$ldap->cd($src_dn);
$ldap->recursive_remove();
+ $this->dn = $this->rec_dst;
$this->rec_src = $this->rec_dst = "";
$this->rec_cpy =false;
<br><input type='submit' name='back' value='"._("Continue")."'>
</form></div>";
+ echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
echo "</body></html>";
return (TRUE);
}
}
+
+
+ /* Return plugin informations for acl handling */
+ function plInfo()
+ {
+ return (array("plShortName" => _("Generic"),
+ "plDescription" => _("Departments"),
+ "plSelfModify" => FALSE,
+ "plPriority" => 0,
+ "plDepends" => array(),
+ "plSection" => array("admin"),
+ "plCategory" => array("department" => array("objectClass" => "gosaDepartment", "description" => _("Departments"))),
+
+ "plProvidedAcls" => array(
+ "description" => _("Description"),
+ "c" => _("Country"),
+ "base" => _("Base"),
+ "l" => _("Location"),
+ "telephoneNumber" => _("Telephone"),
+ "ou" => _("Department name"),
+ "businessCategory" => _("Category"),
+ "st" => _("State"),
+ "postalAddress" => _("Address"),
+ "gosaUnitTag" => _("Administrative settings"),
+ "facsimileTelephoneNumber" => _("Fax"))
+ ));
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>