![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/admin/systems/class_systemManagement.inc b/plugins/admin/systems/class_systemManagement.inc
index d20bc1766c96cfcdb3eb188a3ceaaddd270c0576..ac36a2034057729f02f3d917f9962884c62053dd 100644 (file)
/* Call parent execute */
plugin::execute();
- $_SESSION['LOCK_VARS_TO_USE'] = array("/^user_edit_/i","/^user_del_/","/^act/","/^id/");
+ $_SESSION['LOCK_VARS_TO_USE'] = array("/^system_edit_/i","/^system_del_/","/^act/","/^id/");
/********************
Check for functional posts, edit|delete|add|... system devices
/* Test Posts */
foreach($_POST as $key => $val){
// Post for delete
- if(preg_match("/user_del.*/",$key)){
+ if(preg_match("/system_del.*/",$key)){
$s_action = "del";
- $s_entry = preg_replace("/user_".$s_action."_/i","",$key);
+ $s_entry = preg_replace("/system_del_/i","",$key);
// Post for edit
- }elseif(preg_match("/user_edit_.*/",$key)){
+ }elseif(preg_match("/system_edit_.*/",$key)){
$s_action="edit";
- $s_entry = preg_replace("/user_".$s_action."_/i","",$key);
+ $s_entry = preg_replace("/system_edit_/i","",$key);
// Post for new
- }elseif(preg_match("/user_new.*/",$key)){
+ }elseif(preg_match("/system_new.*/",$key)){
$s_action="new";
- }elseif(preg_match("/user_tplnew.*/i",$key)){
+ }elseif(preg_match("/system_tplnew.*/i",$key)){
$s_action="new_tpl";
- }elseif(preg_match("/user_setpwd_.*/i",$key)){
+ }elseif(preg_match("/system_setpwd_.*/i",$key)){
$s_action="change_pw";
- $s_entry = preg_replace("/user_setpwd_/i","",$key);
+ $s_entry = preg_replace("/system_setpwd_/i","",$key);
}elseif(preg_match("/gen_cd_.*/i",$key)){
$s_action="gen_cd";
$s_entry = preg_replace("/gen_cd_/i","",$key);
return ($smarty->fetch(get_template_path('chooser.tpl', TRUE)));
}
-
+
/********************
Create FAI CD ...
********************/
}
+ /* Start CD-Creation */
+ if ((isset($_POST["cd_create"])) && !empty($this->dn)){
+ $smarty->assign("src", "?plug=".$_GET['plug']."&PerformIsoCreation");
+ return ($smarty->fetch(get_template_path('gencd_frame.tpl', TRUE)));
+ }
+
+
+ if ($this->dn != "" && isset($_GET['PerformIsoCreation'])){
+
+ $return_button = "<form method='get' action='main.php' target='_parent'>
+ <input type='submit' value='"._("Back")."'>
+ <input type='hidden' name='plug' value='".$_GET['plug']."'/>
+ </form>";
+
+ $dsc = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
+
+ /* Get and check command */
+ $command= search_config($this->config->data['TABS'], "workgeneric", "ISOCMD");
+ if (check_command($command)){
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
+
+ /* Print out html introduction */
+ echo ' <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+ <html>
+ <head>
+ <title></title>
+ <style type="text/css">@import url("themes/default/style.css");</style>
+ <script language="javascript" src="include/focus.js" type="text/javascript"></script>
+ </head>
+ <body style="background: none; margin:4px;" id="body" >
+ <pre>';
+
+ /* Open process handle and check if it is a valid process */
+ $process= proc_open($command." '".$this->dn."'", $dsc, $pipes);
+ if (is_resource($process)) {
+ fclose($pipes[0]);
+
+ /* Print out returned lines && write JS to scroll down each line */
+ while (!feof($pipes[1])){
+ $cur_dat = fgets($pipes[1], 1024);
+ echo $cur_dat;
+ echo '<script language="javascript" type="text/javascript">scrollDown2();</script>' ;
+ flush();
+ }
+ }
+
+ /* Get error string && close streams */
+ $buffer= stream_get_contents($pipes[2]);
+
+ fclose($pipes[1]);
+ fclose($pipes[2]);
+ echo "</pre>";
+
+ /* Check return code */
+ $ret= proc_close($process);
+ if ($ret != 0){
+ echo "<h1 style='color:red'>"._("Creating the image failed. Please see the report below.")."</h1>";
+ echo "<pre style='color:red'>$buffer</pre>";
+ }
+
+
+
+ echo $return_button."<br>";
+
+ } else {
+ $tmp= "<h1 style='color:red'>".sprintf(_("Command '%s', specified for ISO creation doesn't seem to exist."), $command)."</h1>";
+ echo $tmp;
+ }
+
+ /* Scroll down completly */
+ echo '<script language="javascript" type="text/javascript">scrollDown2();</script>' ;
+ echo '</body></html>';
+ flush();
+ exit;
+ }
+
+
/********************
Create new system ...
********************/
$tabname = $tabs[$sw]["TABNAME"];
$tabclass = $tabs[$sw]["TABCLASS"];
$acl_cat = $tabs[$sw]["ACL"];
- $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn,$acl_cat);
- $this->systab->set_acl_base($this->DivListSystem->selectedBase);
- $this->systab->by_object[$tabname]->base = $this->DivListSystem->selectedBase;
- $this->systab->base = $this->DivListSystem->selectedBase;
+
+ /* Load permissions for selected 'dn' and check if
+ we're allowed to remove this 'dn' */
+ $ui = get_userinfo();
+ $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname);
+ if(preg_match("/c/",$tabacl)){
+ $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn,$sw);
+ $this->systab->set_acl_base($this->DivListSystem->selectedBase);
+ $this->systab->by_object[$tabname]->base = $this->DivListSystem->selectedBase;
+ $this->systab->base = $this->DivListSystem->selectedBase;
+ }else{
+ print_red(_("You are not allowed to create a new object of this type."));
+ }
}
}
/* Set terminals root password */
if ($s_action=="change_pw"){
- $this->dn= $this->terminals[$s_entry]['dn'];
- $_SESSION['objectinfo']= $this->dn;
- return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ $tabs = array(
+ "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation"));
+
+ $type = $this->get_system_type($this->terminals[$s_entry]['objectClass']);
+ $class = $tabs[$type]["CLASS"];
+ $tabname = $tabs[$type]["TABNAME"];
+ $acl_cat = $tabs[$type]["ACL"];
+ $tabclass = $tabs[$type]["TABCLASS"];
+ $ui = get_userinfo();
+ $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd");
+ if(preg_match("/w/",$tabacl)){
+ $this->dn= $this->terminals[$s_entry]['dn'];
+ $_SESSION['objectinfo']= $this->dn;
+ return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ }else{
+ print_red(_("You are not allowed to change the password for this object."));
+ }
}
/********************
- Password cahnge finish, but check if entered data is ok
+ Password change finish, but check if entered data is ok
********************/
/* Correctly specified? */
$_POST['new_password'] == $_POST['repeated_password']){
/* Check if user is allowed to set password */
- $ui = get_userinfo();
- $acl = $ui -> get_category_permissions($this->dn,"terminal");
- if(preg_match("/w/",$acl)){
- print_red (_("You are not allowed to set this systems password!"));
- } else {
- $ldap= $this->config->get_ldap_link();
- $ldap->cd($this->dn);
+ $tabs = array(
+ "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation"));
+
+ /* Detect object type */
+ $type = "";
+ foreach($this->terminals as $terminal){
+ if($terminal['dn'] == $this->dn){
+ $type = $this->get_system_type($terminal['objectClass']);
+ break;
+ }
+ }
- $attrs= array();
- if ($_POST['new_password'] == ""){
- $attrs['gotoRootPasswd']= array();
- } else {
- $attrs['gotoRootPasswd']= crypt($_POST['new_password'],
- substr(session_id(),0,2));
+ /* Type detected */
+ if(!empty($type)){
+
+ /* Get infos */
+ $class = $tabs[$type]["CLASS"];
+ $tabname = $tabs[$type]["TABNAME"];
+ $acl_cat = $tabs[$type]["ACL"];
+ $tabclass = $tabs[$type]["TABCLASS"];
+
+ /* Get acls */
+ $ui = get_userinfo();
+ $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd");
+
+ /* Check acls */
+ if(preg_match("/w/",$tabacl)){
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->dn);
+
+ $attrs= array();
+ if ($_POST['new_password'] == ""){
+ $attrs['gotoRootPasswd']= array();
+ } else {
+ $attrs['gotoRootPasswd']= crypt($_POST['new_password'],substr(session_id(),0,2));
+ }
+ $ldap->modify($attrs);
+ gosa_log ("Password for '".$this->dn."' has been changed");
+ }else{
+ print_red(_("You are not allowed to change the password for this object."));
}
- $ldap->modify($attrs);
- gosa_log ("Password for '".$this->dn."' has been changed");
+ }else{
+ print_red(_("Can't detect object to change password."));
}
unset($_SESSION['objectinfo']);
}
"terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"),
"workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"),
"server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"),
- "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgenric"),
+ "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"),
"phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"),
"winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"),
"component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric"));
"terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"),
"workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"),
"server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"),
- "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgenric"),
+ "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"),
"phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"),
"winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"),
"component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric"));
function get_used_snapshot_bases()
{
$tmp = array();
- foreach(array("phones","servers","printers","terminals","netdevices","workstations") as $ent){
- $tmp[] = "ou=".$ent.",ou=systems,".$this->DivListSystem->selectedBase;
+
+ /* Check acls, if we are not allowed to create and write each plugin tab, skip this object */
+
+ $tabs = array(
+ "terminal" => "ou=terminals,ou=systems,",
+ "workstation" => "ou=workstations,ou=systems,",
+ "server" => "ou=servers,ou=systems,",
+ "printer" => "ou=printers,ou=systems,",
+ "phone" => "ou=phones,ou=systems,",
+ "winworkstation" => get_winstations_ou(),
+ "component" => "ou=netdevices,ou=systems,"
+ );
+
+ foreach($tabs as $acl_cat => $dn){
+
+ $acl_all = $this->ui->has_complete_category_acls($dn.$this->DivListSystem->selectedBase,$acl_cat);
+ if(preg_match("/(c.*w|w.*c)/",$acl_all)){
+ $tmp[] = $dn.$this->DivListSystem->selectedBase;
+ }
}
return($tmp);
}
$userregex = "(gotoLastUser=".$this->DivListSystem->UserRegex.")";
}
+ /* Attributes to fetch */
+ $sys_attrs = array("cn", "description", "macAddress", "objectClass", "sambaDomainName");
+ $sys_categories = array("terminal", "workstation", "server", "phone" ,"printer");
+
+ /* Add FAIstate to attributes if FAI is activated */
+ $tmp = search_config($this->config->data,"faiManagement","CLASS");
+ if(!empty($tmp)){
+ $sys_attrs[] = "FAIstate";
+ }
+
/* Walk through all possible search combinations, and search for some objects if the checkbox is enabled */
foreach($objs as $checkBox => $oc){
if($this->DivListSystem->$checkBox){
if($this->DivListSystem->SubSearch){
if($oc['CLASS'] != ""){
$filter = "(|(&".$userregex."(objectClass=".$oc['CLASS'].")(cn=".$this->DivListSystem->Regex.")))";
- $res = array_merge($res,get_list($filter, array("terminal", "workstation", "server", "phone" ,"printer"), $base,
- array("cn", "description", "macAddress", "objectClass", "sambaDomainName", "FAIstate"), GL_NONE | GL_SUBSEARCH | GL_SIZELIMIT));
+ $new_res = get_list($filter, $sys_categories , $base,$sys_attrs, GL_NONE | GL_SUBSEARCH | GL_SIZELIMIT);
+
+ /* Remove all objects that are not in the expected sub department */
+ foreach($new_res as $key => $obj){
+ if(preg_match("/^[^,]+,".normalizePreg($oc['TREE'])."/",$obj['dn'])){
+ $res[$obj['dn']] = $obj;
+ }
+ }
}
}else{
/* User filter? */
if($oc['CLASS'] != ""){
$filter = "(|(&".$userregex."(objectClass=".$oc['CLASS'].")(cn=".$this->DivListSystem->Regex.")))";
- $res = array_merge($res,get_list($filter,array("terminal", "workstation", "server", "phone" ,"printer"),$oc['TREE'].$base,
- array("cn", "description", "macAddress", "objectClass", "sambaDomainName", "FAIstate"), GL_NONE | GL_SIZELIMIT));
+ $res = array_merge($res,get_list($filter,$sys_categories,$oc['TREE'].$base, $sys_attrs, GL_NONE | GL_SIZELIMIT));
}
}
}
/* Search for incoming objects */
$filter = "(|(&".$userregex."(objectClass=goHard)(cn=".$this->DivListSystem->Regex.")))";
- $res = array_merge($res,get_list($filter,array("terminal", "workstation", "server", "phone" ,"printer"),"ou=incoming,".$base,
- array("cn", "description", "macAddress", "objectClass", "sambaDomainName"), GL_NONE | GL_SIZELIMIT));
+ $res = array_merge($res,get_list($filter,$sys_categories,"ou=incoming,".$base,$sys_attrs, GL_NONE | GL_SIZELIMIT));
/* Get all gotoTerminal's */
foreach ($res as $value){