![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index 30659151b34c89540d88a7d4283cf1ced0fd1f97..629b0190d77383bd51a939402e5a36d1b5a42e09 100644 (file)
}
+ $type_acl_mapping = array(
+ "FAIpartitionTable" => "faiPartitionTable",
+ "FAIpackageList" => "faiPackage",
+ "FAIscript" => "faiScript",
+ "FAIvariable" => "faiVariable",
+ "FAIhook" => "faiHook",
+ "FAIprofile" => "faiProfile",
+ "FAItemplate" => "faiTemplate");
+
/****************
Delete confirme dialog
****************/
if ($s_action=="delete"){
- /* Get 'dn' from posted termlinst */
- $this->dn= $this->objects[$s_entry]['dn'];
+ /* Get 'dn' from posted termlinst */
+ $this->dn= $this->objects[$s_entry]['dn'];
/* Load permissions for selected 'dn' and check if
we're allowed to remove this 'dn' */
- $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
- $this->acl= get_module_permission($acl, "FAIclass", $this->dn);
- if (chkacl($this->acl, "delete") == ""){
+ $acl = $this->ui->get_permissions($this->dn,"fai/".$type_acl_mapping[$this->objects[$s_entry]['type']]);
+ if(preg_match("/d/",$acl)){
/* Check locking, save current plugin in 'back_plugin', so the dialog knows where to return. */
if (($user= get_lock($this->dn)) != ""){
/* Some nice guy may send this as POST, so we've to check
for the permissions again. */
- if (chkacl($this->acl, "delete") == ""){
-
- /* Find out more about the object type */
- $ldap = $this->config->get_ldap_link();
- $ldap->cat($this->dn, array('objectClass'));
- $attrs = $ldap->fetch();
- $type = $this->get_type($attrs);
- $this->dialog = new $type[0]($this->config, $this->config->data['TABS'][$type[2]], $this->dn);
- $this->dialog->set_acl(array($this->acl));
-
- $this->dialog->by_object[$type[1]]->remove_from_parent ();
- unset ($this->dialog);
- gosa_log ("FAI class '".$this->dn."' has been tagged as removed");
- $this->dialog= NULL;
+
+ /* Find out more about the object type */
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cat($this->dn, array('objectClass'));
+ $attrs = $ldap->fetch();
+ $type = $this->get_type($attrs);
+
+ $acl = $this->ui->get_permissions($this->dn,"fai/".$type[1]);
+ if(preg_match("/d/",$acl)){
+
+ $this->dialog = new $type[0]($this->config, $this->config->data['TABS'][$type[2]], $this->dn,"fai");
+ $this->dialog->set_acl_base($this->dn);
+ $this->dialog->by_object[$type[1]]->remove_from_parent ();
+ unset ($this->dialog);
+ gosa_log ("FAI class '".$this->dn."' has been tagged as removed");
+ $this->dialog= NULL;
$to_del = clean_up_releases($this->dn);
save_release_changes_now();
gosa_log(sprintf(_("Release cleanup : Removing object (tagged as remvoed) that is no longer in use '%s'."),$dn));
}
- } else {
+ } else {
- /* Normally this shouldn't be reached, send some extra
- logs to notify the administrator */
- print_red (_("You are not allowed to delete this component!"));
- gosa_log ("Warning: '".$this->ui->uid."' tried to trick system ".
- "deletion.");
- }
+ /* Normally this shouldn't be reached, send some extra
+ logs to notify the administrator */
+ print_red (_("You are not allowed to delete this component!"));
+ gosa_log ("Warning: '".$this->ui->uid."' tried to trick system ".
+ "deletion.");
+ }
- /* Remove lock file after successfull deletion */
- del_lock ($this->dn);
- }
+ /* Remove lock file after successfull deletion */
+ del_lock ($this->dn);
+ }
/****************
}
add_lock ($this->dn, $this->ui->dn);
- $this->dialog = new $a_setup[0]($this->config,$this->config->data['TABS'][$a_setup[2]],$this->dn);
+ $this->dialog = new $a_setup[0]($this->config,$this->config->data['TABS'][$a_setup[2]],$this->dn,"fai");
+ $this->dialog->set_acl_base($this->dn);
$this->is_dialog = true;
if($entry['FAIstate'] == "freeze"){
- $this->dialog->set_acl(array("*none*")) ;
+ #$this->dialog->set_acl(array("*none*")) ;
+ echo "Dawn it is freezed.";
}
$_SESSION['objectinfo'] = $this->dn;
}
/* Load permissions for selected 'dn' and check if
we're allowed to remove this 'dn' */
- $acl= get_permissions ($this->DivListFai->selectedBase, $this->ui->subtreeACL);
- $this->acl= get_module_permission($acl, "FAIclass", $base);
- if (chkacl($this->acl, "delete") == ""){
+ $this->set_acl_base($base);
+ if($this->acl_is_removeable()){
+
$smarty->assign("info", sprintf(_("You're about to delete a fai branch / freeze '%s'."), $this->DivListFai->selectedBranch));
return($smarty->fetch(get_template_path('remove_branch.tpl',TRUE)));
} else {
$br = $this->getBranches();
- if(isset($br[$bb])){
+ if(isset($br[$bb]) && $this->acl_is_removeable()){
$name = $br[$bb];
$ldap->cd($bb);
$ldap->recursive_remove();
****************/
if(isset($_GET['PerformBranch'])){
- /* Create it know */
- $this->dispNewBranch = false;
- $this->dispNewFreeze = false;
- $base = $_SESSION['LASTPOST']['base'];
- $_POST = $_SESSION['LASTPOST'];
- $name = $_POST['BranchName'];
- $type = $_SESSION['LASTPOST']['type'];
- $ldap = $this->config->get_ldap_link();
+ if(!$this->acl_is_createable()){
+ print_red(_("You are not allowed to create a new branch."));
+ }else{
- $baseToUse = $base;
- if($this->DivListFai->selectedBranch != "main" ){
- $baseToUse = $this->DivListFai->selectedBranch;
- }
-
- /* Create new Release name to be able to set faidebianRelease for FAIpackageList */
-
- $CurrentReleases = $this->getBranches();
- $NewReleaseName = $name;
- if(isset($CurrentReleases[$this->DivListFai->selectedBranch])) {
- if($this->DivListFai->selectedBranch != "main"){
- $NewReleaseName = $CurrentReleases[$this->DivListFai->selectedBranch]."/".$name;
- $NewReleaseName = preg_replace("#\/#","/",$NewReleaseName);
- }else{
- $NewReleaseName = $name;
+ /* Create it know */
+ $this->dispNewBranch = false;
+ $this->dispNewFreeze = false;
+ $base = $_SESSION['LASTPOST']['base'];
+ $_POST = $_SESSION['LASTPOST'];
+ $name = $_POST['BranchName'];
+
+ $type = $_SESSION['LASTPOST']['type'];
+ $ldap = $this->config->get_ldap_link();
+
+ $baseToUse = $base;
+ if($this->DivListFai->selectedBranch != "main" ){
+ $baseToUse = $this->DivListFai->selectedBranch;
}
- }
- $appsrc = preg_replace("/ou=fai,ou=configs,ou=systems,/","ou=apps,",$baseToUse);
- $appdst = preg_replace("/ou=fai,ou=configs,ou=systems,/","ou=apps,","ou=".$name.",".$baseToUse) ;
+ /* Create new Release name to be able to set faidebianRelease for FAIpackageList */
- $mimesrc = preg_replace("/ou=fai,ou=configs,ou=systems,/","ou=mime,",$baseToUse);
- $mimedst = preg_replace("/ou=fai,ou=configs,ou=systems,/","ou=mime,","ou=".$name.",".$baseToUse) ;
+ $CurrentReleases = $this->getBranches();
+ $NewReleaseName = $name;
+ if(isset($CurrentReleases[$this->DivListFai->selectedBranch])) {
+ if($this->DivListFai->selectedBranch != "main"){
+ $NewReleaseName = $CurrentReleases[$this->DivListFai->selectedBranch]."/".$name;
+ $NewReleaseName = preg_replace("#\/#","/",$NewReleaseName);
+ }else{
+ $NewReleaseName = $name;
+ }
+ }
- /* Print header to have styles included */
- echo "<!-- headers.tpl-->".$smarty->fetch(get_template_path('headers.tpl'));
- echo "<body style='background-image:none;margin:3px;color:black'>";
+ $appsrc = preg_replace("/ou=fai,ou=configs,ou=systems,/","ou=apps,",$baseToUse);
+ $appdst = preg_replace("/ou=fai,ou=configs,ou=systems,/","ou=apps,","ou=".$name.",".$baseToUse) ;
+
+ $mimesrc = preg_replace("/ou=fai,ou=configs,ou=systems,/","ou=mime,",$baseToUse);
+ $mimedst = preg_replace("/ou=fai,ou=configs,ou=systems,/","ou=mime,","ou=".$name.",".$baseToUse) ;
+
+ /* Print header to have styles included */
+ echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+ <html>
+ <head>
+ <title></title>
+ <style type="text/css">@import url("themes/default/style.css");</style>
+ <script language="javascript" src="include/focus.js" type="text/javascript"></script>
+ </head>
+ <body style="background: none;margin:3px;color:black">
+ ';
+
+
+ /* Duplicate applications
+ */
+ $ldap->cat($appsrc,array("dn")) ;
+ if($ldap->count()){
+ $ldap->cd ($appdst);
+ $ldap->recursive_remove();
+ $ldap->cd ($this->config->current['BASE']);
+ $ldap->copy_FAI_resource_recursive($appsrc,$appdst,$NewReleaseName,$type,true);
+ }
- /* Duplicate applications
- */
- $ldap->cat($appsrc,array("dn")) ;
- if($ldap->count()){
- $ldap->cd ($appdst);
- $ldap->recursive_remove();
- $ldap->cd ($this->config->current['BASE']);
- $ldap->copy_FAI_resource_recursive($appsrc,$appdst,$NewReleaseName,$type,true);
- }
-
- /* Duplicate mime types
- */
- $ldap->cat($mimesrc,array("dn")) ;
- if($ldap->count()){
- $ldap->cd ($appdst);
- $ldap->recursive_remove();
- $ldap->cd ($this->config->current['BASE']);
- $ldap->copy_FAI_resource_recursive($mimesrc,$mimedst,$NewReleaseName,$type,true);
- }
+ /* Duplicate mime types
+ */
+ $ldap->cat($mimesrc,array("dn")) ;
+ if($ldap->count()){
+ $ldap->cd ($appdst);
+ $ldap->recursive_remove();
+ $ldap->cd ($this->config->current['BASE']);
+ $ldap->copy_FAI_resource_recursive($mimesrc,$mimedst,$NewReleaseName,$type,true);
+ }
- $attr = array();
- $attr['objectClass'] = array("organizationalUnit","FAIbranch");
- $attr['ou'] = $name;
- $attr['FAIstate'] = $type;
- $ldap->cd($this->config->current['BASE']);
- $ldap->cd("ou=".$name.",".$baseToUse);
- $ldap->cat("ou=".$name.",".$baseToUse);
- if($ldap->count()){
- $ldap->modify($attr);
- }else{
- $ldap->add($attr);
- }
+ $attr = array();
+ $attr['objectClass'] = array("organizationalUnit","FAIbranch");
+ $attr['ou'] = $name;
+ $attr['FAIstate'] = $type;
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->cd("ou=".$name.",".$baseToUse);
+ $ldap->cat("ou=".$name.",".$baseToUse);
+ if($ldap->count()){
+ $ldap->modify($attr);
+ }else{
+ $ldap->add($attr);
+ }
- /* Duplicate fai objects
- */
-// $ldap->cd ("ou=".$name.",".$baseToUse);
-// $ldap->recursive_remove();
-// $ldap->cd ($this->config->current['BASE']);
-// $ldap->copy_FAI_resource_recursive($baseToUse,"ou=".$name.",".$baseToUse,$NewReleaseName,$type,true);
+ /* Duplicate fai objects
+ */
+ // $ldap->cd ("ou=".$name.",".$baseToUse);
+ // $ldap->recursive_remove();
+ // $ldap->cd ($this->config->current['BASE']);
+ // $ldap->copy_FAI_resource_recursive($baseToUse,"ou=".$name.",".$baseToUse,$NewReleaseName,$type,true);
- echo "<div style='width:100%;text-align:right;'><form name='form' method='post' action='?plug=".$_GET['plug']."' target='_parent'>
- <br><input type='submit' name='CloseIFrame' value='"._("Continue")."'>
- </form></div>";
+ echo "<div style='width:100%;text-align:right;'><form name='form' method='post' action='?plug=".$_GET['plug']."' target='_parent'>
+ <br><input type='submit' name='CloseIFrame' value='"._("Continue")."'>
+ </form></div>";
- /* Print footer to have valid html */
- echo "</body></html>";
+ echo "<script language=\"javascript\" type=\"text/javascript\">scrollDown2();</script>" ;
- $this->dispNewFreeze = false;
+ /* Print footer to have valid html */
+ echo "</body></html>";
- /* Postcreate */
+ $this->dispNewFreeze = false;
- /* Assign possible attributes */
- $this->lock_type = $type;
- $this->lock_name = $name;
- $this->lock_dn = $baseToUse;
- $this->postcreate();
- exit();
- }
+ /* Postcreate */
+ /* Assign possible attributes */
+ $this->lock_type = $type;
+ $this->lock_name = $name;
+ $this->lock_dn = $baseToUse;
+ $this->postcreate();
+ exit();
+ }
+ }
/****************
Display dialog to enter new Branch name
"new_package" => "FAIpackageList");
if(isset($types[$s_action])){
- $this->dialog = new askClassName($this->config,$this->dn,$this->ui,$types[$s_action]);
+ $acl = $this->ui->get_permissions($this->DivListFai->selectedBase,"fai/".$type_acl_mapping[$types[$s_action]]);
+ if(preg_match("/c/",$acl)){
+ $this->dialog = new askClassName($this->config,$this->dn,$this->ui,$types[$s_action]);
+ }else{
+ print_red(sprintf(_("You are not allowed to create a new '%s' object."),$types[$s_action]));
+ }
}
/* New Profile */
if($s_action == "new_profile"){
$this->dn = "new" ;
- $a_setup= $this->get_type(array("objectClass"=>array("FAIprofile")));
- $this->dialog = new $a_setup[0]($this->config,
- $this->config->data['TABS'][$a_setup[2]],$this->dn);
- $this->is_dialog = true;
+ $acl = $this->ui->get_permissions($this->DivListFai->selectedBase,"fai/faiProfile");
+ if(preg_match("/c/",$acl)){
+ $a_setup= $this->get_type(array("objectClass"=>array("FAIprofile")));
+ $this->dialog = new $a_setup[0]($this->config,$this->config->data['TABS'][$a_setup[2]],$this->dn,"fai");
+ $this->dialog->set_acl_base($_SESSION['CurrentMainBase']);
+
+ $this->is_dialog = false;
+ }else{
+ print_red(sprintf(_("You are not allowed to create a new '%s' object."),"FAIprofile"));
+ }
}
$a_setup= $this->get_type(array("objectClass"=>array($this->dialog->objectClass)));
$name = $this->dialog->save();
- $this->dialog = new $a_setup[0]($this->config,
- $this->config->data['TABS'][$a_setup[2]],$this->dn,$name);
+ $this->dialog = new $a_setup[0]($this->config,$this->config->data['TABS'][$a_setup[2]],$this->dn,"fai");
+ $this->dialog->set_acl_base($_SESSION['CurrentMainBase']);
$this->dialog->by_object[$a_setup[1]]->cn = $name;
$this->is_dialog = true;
}
$display.= "<input type=\"submit\" name=\"edit_cancel\" value=\""._("Cancel")."\">\n";
$display.= "</p>";
}
+ }else{
+ $display.= "<p style=\"text-align:right\">\n";
+ $display.= "<input type=\"submit\" name=\"edit_continue\" value=\""._("Continue")."\"> ";
+ $display.= "<input type=\"submit\" name=\"edit_cancel\" value=\""._("Cancel")."\">\n";
+ $display.= "</p>";
+
}
- return($display);
+ return($display);
}
$this->lock_type = get_release_tag(get_release_dn($base));
- /* Get resolved release dependencies */
- $tmp = get_all_objects_for_given_base($base,"(&(|(objectClass=FAIpartitionTable)(objectClass=FAIpackageList)(objectClass=FAIscript)
- (objectClass=FAIvariable)(objectClass=FAIhook)(objectClass=FAIprofile)(objectClass=FAItemplate))(cn=$Regex))");
-
/* Create a new list of FAI object
* Generate List of Partitions,Hooks,Scripts,Templates,Profiles ...
*/
$ObjectTypes = array(
- "FAIpartitionTable" => array("OU"=>"ou=disk," , "CHKBOX"=>"ShowPartitions"),
- "FAIpackageList" => array("OU"=>"ou=packages," , "CHKBOX"=>"ShowPackages"),
- "FAIscript" => array("OU"=>"ou=scripts," , "CHKBOX"=>"ShowScripts"),
- "FAIvariable" => array("OU"=>"ou=variables," , "CHKBOX"=>"ShowVariables"),
- "FAIhook" => array("OU"=>"ou=hooks," , "CHKBOX"=>"ShowHooks"),
- "FAIprofile" => array("OU"=>"ou=profiles," , "CHKBOX"=>"ShowProfiles"),
- "FAItemplate" => array("OU"=>"ou=templates," , "CHKBOX"=>"ShowTemplates"));
+ "FAIpartitionTable" => array("OU"=>"ou=disk," , "CHKBOX"=>"ShowPartitions" ,"ACL" => "faiPartitionTable"),
+ "FAIpackageList" => array("OU"=>"ou=packages," , "CHKBOX"=>"ShowPackages" ,"ACL" => "faiPackage"),
+ "FAIscript" => array("OU"=>"ou=scripts," , "CHKBOX"=>"ShowScripts" ,"ACL" => "faiScript"),
+ "FAIvariable" => array("OU"=>"ou=variables," , "CHKBOX"=>"ShowVariables" ,"ACL" => "faiVariable"),
+ "FAIhook" => array("OU"=>"ou=hooks," , "CHKBOX"=>"ShowHooks" ,"ACL" => "faiHook"),
+ "FAIprofile" => array("OU"=>"ou=profiles," , "CHKBOX"=>"ShowProfiles" ,"ACL" => "faiProfile"),
+ "FAItemplate" => array("OU"=>"ou=templates," , "CHKBOX"=>"ShowTemplates" ,"ACL" => "faiTemplate"));
+
+ $filter = "";
+ foreach($ObjectTypes as $key => $data){
+ if($this->DivListFai->$data['CHKBOX']){
+ $filter.= "(objectClass=".$key.")";
+ }
+ }
+ $filter = "(&(|".$filter.")(cn=$Regex))";
+
+ /* Get resolved release dependencies */
+ $tmp = get_all_objects_for_given_base($base,$filter);
/* Ge listed ldap objects */
$ldap = $this->config->get_ldap_link();
/* Walk through possible types */
foreach($ObjectTypes as $type => $rest){
- /* Skip all unchecked types */
- if(! $this->DivListFai->$rest['CHKBOX']){
- continue;
- }
+ $acl = $this->ui->get_permissions($object['dn'],"fai/".$rest ['ACL']);
- if(in_array($type,$object['objectClass'])){
+ if(in_array($type,$object['objectClass']) && preg_match("/r/",$acl)){
/* Prepare object */
unset($object['objectClass']['count']);
$obj = array();
$obj['cn'] = $object['cn'][0];
$obj['dn'] = $object['dn'];
+ $obj['acl'] = $acl;
$obj['description'] = $object['description'][0];
$obj['objectClass'] = $object['objectClass'];
function plInfo()
{
return (array(
- "plShortName" => _("Management"),
- "plDescription" => _("FAI management"),
+ "plShortName" => _("FAI releases"),
+ "plDescription" => _("FAI release management"),
"plSelfModify" => FALSE,
"plDepends" => array(),
"plPriority" => 0,
"plSection" => array("administration"),
"plCategory" => array("fai"=> array("description" => _("FAI"),
"objectClass" => "FAIclass")),
- "plProvidedAcls"=> array());
+ "plProvidedAcls"=> array()));
}
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: