diff --git a/plugins/admin/groups/class_groupManagement.inc b/plugins/admin/groups/class_groupManagement.inc
index 52b4579330edb6012f00bdc4e71e2974b1c050d1..ff2310b9f860a6cb7b574460c0dee1965799ce33 100644 (file)
var $plDescription= "This does something";
/* Dialog attributes */
- var $grouptab= NULL;
- var $grouplist= array();
- var $ui= NULL;
- var $acl= "";
-
- var $CopyPasteHandler = NULL;
- var $DivListGroup = NULL;
-
- var $ShowPrimaryCheckBox = false;
+ var $grouptab = NULL;
+ var $grouplist = array();
+ var $ui = NULL;
+ var $CopyPasteHandler = NULL;
+ var $DivListGroup = NULL;
+ var $ShowPrimaryCheckBox= false;
function groupManagement ($config, $ui)
{
/* Save configuration for internal use */
- $this->config= $config;
- $this->ui= $ui;
+ $this->config = $config;
+ $this->ui = $ui;
/* Copy & Paste enabled ?*/
if((isset($this->config->data['MAIN']['ENABLECOPYPASTE']))&&(preg_match("/true/i",$this->config->data['MAIN']['ENABLECOPYPASTE']))){
$this->DivListGroup->DisableCheckBox("ShowPrimaryGroups",$this->ShowPrimaryCheckBox);
}
+
function execute()
{
/* Call parent execute */
/* New group? */
if ($s_action=="new"){
- /* By default we set 'dn' to 'new', all relevant plugins will
- react on this. */
- $this->dn= "new";
+ /* Check create permissions */
+ $acl = $this->ui->get_permissions($this->DivListGroup->selectedBase,"groups/group");
+ if(preg_match("/c/",$acl)){
+
+ /* By default we set 'dn' to 'new', all relevant plugins will
+ react on this. */
+ $this->dn= "new";
- /* Create new usertab object */
- $this->grouptab= new grouptabs($this->config, $this->config->data['TABS']['GROUPTABS'], $this->dn);
+ /* Create new usertab object */
+ $this->grouptab= new grouptabs($this->config, $this->config->data['TABS']['GROUPTABS'], $this->dn);
- /* Set up the users ACL's for this 'dn' */
- $acl= get_permissions ($this->DivListGroup->selectedBase, $this->ui->subtreeACL);
- $this->grouptab->set_acl($acl);
+ /* Set up the users ACL's for this 'dn' */
+ $this->grouptab->set_acl_base($this->DivListGroup->selectedBase);
+ }
}
/* Finish group edit is triggered by the tabulator dialog, so
the user wants to save edited data. Check and save at this
point. */
- if ((isset($_POST['edit_finish'])) && (isset($this->grouptab->config)) ){
+ if ((isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && (isset($this->grouptab->config)) ){
/* Check tabs, will feed message array
Save, or display error message? */
/* Save user data to ldap */
$this->grouptab->save();
- gosa_log ("Group object'".$this->dn."' has been saved");
-
- /* Group has been saved successfully, remove lock from LDAP. */
- if ($this->dn != "new"){
- del_lock ($this->dn);
+ gosa_log ("Group object '".$this->dn."' has been saved");
+
+ if (!isset($_POST['edit_apply'])){
+ /* Group has been saved successfully, remove lock from LDAP. */
+ if ($this->dn != "new"){
+ del_lock ($this->dn);
+ }
+
+ /* There's no page reload so we have to read new users at this point. */
+ //$this->reload ();
+ unset ($this->grouptab);
+ $this->grouptab= NULL;
+ unset ($_SESSION['objectinfo']);
}
-
- /* There's no page reload so we have to read new users at this point. */
- //$this->reload ();
- unset ($this->grouptab);
- $this->grouptab= NULL;
- unset ($_SESSION['objectinfo']);
-
} else {
/* Ok. There seem to be errors regarding to the tab data,
show message and continue as usual. */
}
add_lock ($this->dn, $this->ui->dn);
- /* Set up the users ACL's for this 'dn' */
- $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
-
/* Register grouptab to trigger edit dialog */
$this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $this->dn);
- $this->grouptab->set_acl($acl);
+ $this->grouptab->set_acl_base($this->dn);
$_SESSION['objectinfo']= $this->dn;
}
/* Load permissions for selected 'dn' and check if
we're allowed to remove this 'dn' */
- $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
- $this->acl= get_module_permission($acl, "group", $this->dn);
- if (chkacl($this->acl, "delete") == ""){
+ $acl = $this->ui->get_permissions($this->dn,"groups/group");
+ if(preg_match("/d/",$acl)){
/* Check locking, save current plugin in 'back_plugin', so
the dialog knows where to return. */
/* Some nice guy may send this as POST, so we've to check
for the permissions again. */
- if (chkacl($this->acl, "delete") == ""){
+ $acl = $this->ui->get_permissions($this->dn,"groups/group");
+ if(preg_match("/d/",$acl)){
/* Delete request is permitted, perform LDAP action */
$this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $this->dn);
- $this->grouptab->set_acl(array($this->acl));
+ $this->grouptab->set_acl_base($this->dn);
$this->grouptab->delete ();
gosa_log ("Group object'".$this->dn."' has been removed");
unset ($this->grouptab);
/* Cancel dialogs */
if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){
- del_lock ($this->grouptab->dn);
+ if(isset($this->grouptab->dn)){
+ del_lock ($this->grouptab->dn);
+ }
unset ($this->grouptab);
$this->grouptab= NULL;
unset($_SESSION['objectinfo']);
$display= $this->grouptab->execute();
/* Don't show buttons if tab dialog requests this */
- if (!$this->grouptab->by_object[$this->grouptab->current]->dialog){
- $display.= "<p style=\"text-align:right\">\n";
- $display.= "<input type=submit name=\"edit_finish\" value=\""._("Save")."\">\n";
- $display.= " \n";
- $display.= "<input type=submit name=\"edit_cancel\" value=\""._("Cancel")."\">\n";
- $display.= "</p>";
+ if(isset($this->grouptab->by_object)){
+ if (!$this->grouptab->by_object[$this->grouptab->current]->dialog){
+ $display.= "<p style=\"text-align:right\">\n";
+ $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\""._("Ok")."\">\n";
+ $display.= " \n";
+ if ($this->dn != "new"){
+ $display.= "<input type=submit name=\"edit_apply\" value=\""._("Apply")."\">\n";
+ $display.= " \n";
+ }
+ $display.= "<input type=submit name=\"edit_cancel\" value=\""._("Cancel")."\">\n";
+ $display.= "</p>";
+ }
}
return ($display);
}
+
+ /* Check if there is a snapshot dialog open */
+ $base = $this->DivListGroup->selectedBase;
+ if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){
+ return($str);
+ }
+
/* Display dialog with group list */
+ $this->DivListGroup->parent = $this;
$this->DivListGroup->execute();
/* Add departments if subsearch is disabled */
return($this->DivListGroup->Draw());
}
+
+ /* Return departments, that will be included within snapshot detection */
+ function get_used_snapshot_bases()
+ {
+ return(array(get_groups_ou().$this->DivListGroup->selectedBase));
+ }
+
+
+
function reload($CreatePosixsList=false)
{
$this->grouplist = array();
$filter.= "(objectClass=gosaMailAccount)";
}
- /*
- #FIXME Why is "sfilter" or "filter" set ?
- Please verify && add comment
- */
$sfilter= "";
if ($this->config->current['SAMBAVERSION'] == 3){
if (!$ShowPrimaryGroups){
/* Collect primary groupIDs to show primary groups
if this option is enabled in gosa conf && the checkbox is checked */
if ($this->ShowPrimaryCheckBox){
- $res = get_list("(&(uid=$Regex)(!(uid=*$))(objectClass=posixAccount)(gidNumber=*))", $this->ui->subtreeACL,
- $base,array("gidNumber", "cn"), GL_SUBSEARCH);
+ $res = get_list("(&(uid=$Regex)(!(uid=*$))(objectClass=posixAccount)(gidNumber=*))",
+ "groups", $base,array("gidNumber", "cn"), GL_SUBSEARCH);
foreach ($res as $attrs){
$primaries[$attrs['gidNumber'][0]]= $attrs['cn'][0];
}
/* Collect all GroupIDs from those groups which are functional.
Only perfrom this search if ShowFunctionalGroups is unchecked, else leave arre empty */
$ff = "(&(cn=$Regex)(objectClass=posixGroup)(!(|(objectClass=gosaMailAccount)(objectClass=gosaApplicationGroup)$sfilter)))";
- $res = get_list($ff,$this->ui->subtreeACL,$base,array("gidNumber", "cn", "description"), GL_SUBSEARCH);
+ $res = get_list($ff, "groups", $base,array("gidNumber", "cn", "description"), GL_SUBSEARCH);
foreach($res as $attrs){
if (!isset($primaries[$attrs['gidNumber'][0]])){
$functional[$attrs['gidNumber'][0]]= $attrs['gidNumber'][0];
Search for the prepared filter
********************/
+ /* Attributes to search for */
+ $attrs = array("cn", "description", "gidNumber", "objectClass");
+
/* If subsearch is activated search for subobjects too */
- $attrs = array("cn", "description", "gidNumber", "objectClass","FAIrelease");
+ $tmp = search_config($this->config->data,"faiManagement","CLASS");
+ if(!empty($tmp)){
+ $attrs [] = "FAIrelease";
+ }
if ($SubSearch){
- $res= get_list($filter, $this->ui->subtreeACL, $base, $attrs, GL_SIZELIMIT| GL_SUBSEARCH);
+ $res= get_list($filter, "groups", $base, $attrs, GL_SIZELIMIT| GL_SUBSEARCH);
} else {
- $res= get_list($filter, $this->ui->subtreeACL, get_groups_ou().$base, $attrs, GL_SIZELIMIT);
+ $res= get_list($filter, "groups", get_groups_ou().$base, $attrs, GL_SIZELIMIT);
}
/* Sort values into grouplist*/
return( $str);
};
/* Ensure that the new object is shown in the list now */
- $this->relaod();
+ $this->reload();
}
/* Copy current object to CopyHandler
*/
if($s_action == "copy"){
- $this->CopyPasteHandler->Clear();
- $dn = $this->grouplist[trim($s_entry)]['dn'];
- $acl = get_permissions ($dn, $this->ui->subtreeACL);
+ $dn = $this->grouplist[trim($s_entry)]['dn'];
+ $ui = get_userinfo();
+ $acl_all = $ui->has_complete_category_acls($this->DivListGroup->selectedBase,"groups") ;
+ if(preg_match("/(c.*w|w.*c)/",$acl_all)){
- $obj = new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
- $objNew = new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], "new");
- $obj->set_acl($acl);
- $objNew->set_acl($acl);
- $this->CopyPasteHandler->Copy($obj,$objNew);
+ $this->CopyPasteHandler->Clear();
+ $obj = new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
+ $obj->set_acl_base($dn);
+ $objNew = new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], "new");
+ $objNew->set_acl_base($dn);
+
+ $this->CopyPasteHandler->Copy($obj,$objNew);
+ }else{
+ print_red("You are not allowed to copy this entry.");
+ }
}
/* Copy current object to CopyHandler
*/
if($s_action == "cut"){
- $this->CopyPasteHandler->Clear();
+
$dn = $this->grouplist[trim($s_entry)]['dn'];
- $acl= get_permissions ($dn, $this->ui->subtreeACL);
-
- $obj= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
- $obj->set_acl($acl);
-
- $this->CopyPasteHandler->Cut($obj);
+ $acl_all = $ui->has_complete_category_acls($this->selectedBase,"groups") ;
+ if(preg_match("/(c.*w|w.*c)/",$acl_all)){
+
+ $this->CopyPasteHandler->Clear();
+ $obj= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
+ $obj->set_acl_base($dn);
+ $this->CopyPasteHandler->Cut($obj);
+ }else{
+ print_red("You are not allowed to cut this entry.");
+ }
}
}
function check() { }
function adapt_from_template($dn) { }
function password_change_needed() { }
- function show_header($button_text, $text, $disabled= FALSE) { }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>