index b4384cf748ab5a1d27564fdaf4b66a41a868ae11..7090d93a88b23ceb2d90ea3baaf13024acff9017 100644 (file)
class sudoldap extends plugin
{
/* Definitions */
- var $plHeadline= "sudo-ldap";
- var $plDescription= "This does something";
+ var $plHeadline = "sudo-ldap";
+ var $plDescription = "This does something";
/* Plugin specific values */
-
- var $dialog = NULL;
-
- var $attributes = array("sudoUser",
- "sudoHost",
- "sudoCommand",
- "sudoRunAs",
- "sudoOption");
+ var $attributes = array( "cn",
+ "description",
+ "sudoUser",
+ "sudoHost",
+ "sudoCommand",
+ "sudoRunAs",
+ "sudoOption");
- var $objectclasses = array("sudoRole");
+ var $objectclasses = array("sudoRole");
+ var $Roles = array();
+ var $dialog = NULL;
/* constructor, if 'dn' is set, the node loads the given
'dn' from LDAP */
- function sudoldap ($config, $dn= NULL, $parent= NULL)
- {
+ function sudoldap ($config, $dn= NULL, $parent= NULL){
/* Configuration is fine, allways */
$this->config= $config;
-
/* Load bases attributes */
plugin::plugin($config, $dn, $parent);
-
$ldap= $this->config->get_ldap_link();
+ } // function
+
+ /* execute generates the html output for this node */
+ function execute($isCopyPaste = false){
+ /* Call parent execute */
+ plugin::execute();
+ $display= "";
+ $smarty= get_smarty();
+ $this->Roles = $this->getRoles();
+
+ /* Edited or Added zone
+ */
+ if((isset($_POST['SaveRoleChanges'])) && is_object($this->dialog)){
+ $this->dialog->save_object();
+
+ /* Check for errors
+ */
+ if(count($this->dialog->check())){
+ foreach($this->dialog->check() as $msgs){
+ print_red($msgs);
+ }
+ }else{
+ /* add new/edited zone
+ */
+ $ret = $this->dialog->save();
+ //if(!$this->dialog->isNew){
+ // unset($this->Roles[$this->dialog->OldRoleName]);
+ //}
+ $this->Roles[$ret['cn']] = $ret;
+ $this->dialog = NULL;
+ }
+ }
+
+ /* Cancel zone edit / new
+ */
+ if(isset($_POST['CancelRoleChanges'])){
+ $this->dialog = NULL;
+ }
+
+ /* Add empty new zone
+ */
+ //if(isset($_POST['AddRole']) && chkacl($this->acl,"sudoldap") == ""){
+ if(isset($_POST['AddRole'])){
+ $this->dialog = new sudoldapEditRole($this->config);
+ }
+
+ /* Check for edit role request
+ */
+ $once = false;
+ foreach( $_POST as $name => $value){
+
+ /* check all post for edit request
+ */
+
+ //if(preg_match("/^editRole_/",$name)&&!$once
+ // && chkacl($this->acl,"sudoldap") == ""){
+ if(preg_match("/^editRole_/",$name)&&!$once){
+ $once =true;
+ $tmp = preg_replace("/^editRole_/","",$name);
+ $tmp = base64_decode(preg_replace("/_.*$/","",$tmp));
+ $this->dialog= new sudoldapeditRole($this->config,
+ $this->dn,
+ $this->Roles[$tmp]);
+ } // if ()
+
+ /* check posts for delete zone
+ */
+
+ //if(preg_match("/^delRole_/",$name)&&!$once
+ // && chkacl($this->acl,"sudoldap") == ""){
+ if(preg_match("/^delRole_/",$name)&&!$once){
+ $once =true;
+ $tmp = preg_replace("/^delRole_/","",$name);
+ $tmp = base64_decode(preg_replace("/_.*$/","",$tmp));
+
+ /* Initiate deletion
+ */
+
+ $this->RemoveRole($tmp);
+ } // if ()
+
+ } // foreach()
+
+ /* Show dialog
+ */
+ if($this->dialog!= NULL){
+ $this->dialog->save_object();
+ $this->dialog->parent = $this;
+ return($this->dialog->execute());
+ }
+
+ $RoleList = new divSelectBox("sudoRoles");
+ $RoleList->SetHeight(300);
+ $editImg = "<input type='image' src='images/edit.png' name='editRole_%s'>
+ <input type='image' src='images/edittrash.png' name='delRole_%s'>";
+
+ foreach($this->Roles as $role => $values ){
+ $link = "<a href='?plug=".$_GET['plug']."&act=edit&id=%s'>%s</a>";
+ $RoleList->AddEntry(
+ array(
+ array("string" => sprintf($link,base64_encode($role),$role)),
+ array("string" => str_replace("%s",base64_encode($role),$editImg))
+ )
+ );
+ } // foreach()
+
+ $smarty->assign("sudoldapACL",chkacl($this->acl,"sudoldap"));
+ $smarty->assign("RoleList",$RoleList->DrawList());
- }
+ $display.= $smarty->fetch(get_template_path('sudoldap.tpl', TRUE));
+
+ return($display);
+ } // function
+ function getRoles(){
+ $ret = array();
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(objectClass=sudoRole)",$this->attributes);
+ while ($attrs= $ldap->fetch()){
+ $cn= $attrs['cn'][0];
+ foreach($this->attributes as $value){
+ if(isset($attrs[$value])){
+ $ret[$cn][$value] = $attrs[$value][0];
+ } // if()
+ } // foreach()
+ } // while()
+ return($ret);
+ }
- /* execute generates the html output for this node */
- function execute($isCopyPaste = false)
- {
- /* Call parent execute */
- plugin::execute();
- $display= "";
- $smarty= get_smarty();
-
- /* Add empty new zone
- */
- if(isset($_POST['AddRole']) && chkacl($this->acl,"sudoldap") == ""){
- $this->dialog = new sudoldapEditRole($this->config,$this->dn);
- }
-
- /* Show dialog
- */
- if($this->dialog!= NULL){
- $this->dialog->save_object();
- $this->dialog->parent = $this;
- return($this->dialog->execute());
- }
-
- $RoleList = new divSelectBox("sudoRoles");
- $RoleList -> SetHeight(300);
- $editImg = "<input type='image' src='images/edit.png' name='editZone_%s'>
- <input type='image' src='images/edittrash.png' name='delZone_%s'>";
- /*
- foreach($this->Zones as $zone => $values ){
- $link = "<a href='?plug=".$_GET['plug']."&act=edit&id=%s'>%s</a>";
- $ZoneList->AddEntry(array(
- array("string" => sprintf($link,base64_encode($zone),getNameFromMix($zone))),
- array("string" => sprintf($link,base64_encode($zone),_("Reverse zone")." : ".getNameFromMix($values['ReverseZone']))),
- array("string" => _("TTL")." : ".$values['sOAttl']),
- array("string" => _("Class")." : ".$values['dNSClass']),
- array("string" => str_replace("%s",base64_encode($zone),$editImg))
- ));
- }
- */
-
- $smarty->assign("sudoldapACL",chkacl($this->acl,"sudoldap"));
-
- $smarty->assign("RoleList",$RoleList->DrawList());
- $display.= $smarty->fetch(get_template_path('sudoldap.tpl', TRUE));
- return($display);
- }
+ function RemoveRole($cn){
+ if($cn!=""){
+ $ldap= $this->config->get_ldap_link();
+ $dn = "cn=".$cn.",ou=SUDOers,".$this->config->current['BASE'];
+ $ldap->cd($dn);
+ $ldap->rmdir_recursive($dn);
+ show_ldap_error($ldap->get_error(), _("Removing DNS entries failed"));
+ unset($this->Roles[$cn]);
+ } // if()
+ } // function
}