X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Fplugins%2Fadmin%2Fgroups%2Fclass_group.inc;h=ac7ebe894a93bd2c5cdd5056d139f546868753cb;hb=77208c980a6f8765532aa592fb3e467f731393cd;hp=a2519c1c3052eac498501657497decf8ad79955b;hpb=505a4a8f45eecca5e6a0f5d2410a6bad24d3bba0;p=gosa.git diff --git a/gosa-core/plugins/admin/groups/class_group.inc b/gosa-core/plugins/admin/groups/class_group.inc index a2519c1c3..ac7ebe894 100644 --- a/gosa-core/plugins/admin/groups/class_group.inc +++ b/gosa-core/plugins/admin/groups/class_group.inc @@ -60,14 +60,8 @@ class group extends plugin var $allowGroupsWithSameNameInOtherSubtrees = true; var $baseSelector; - /* Trustmodel/AccessTo - */ - var $accessTo= array(); - var $trustModel= ""; - var $trustSelect = FALSE; - /* attribute list for save action */ - var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID","accessTo","trustModel"); + var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID"); var $objectclasses= array("top", "posixGroup"); var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType"); @@ -85,6 +79,9 @@ class group extends plugin plugin::plugin ($config, $dn); + $this->trustModeDialog = new trustModeDialog($this->config, $this->dn,NULL); + $this->trustModeDialog->setAcl('groups/group'); + /* Load attributes depending on the samba version */ $this->orig_dn= $dn; $this->orig_cn= $this->cn; @@ -171,18 +168,6 @@ class group extends plugin $this->oldgroupType= $this->groupType; } - /* Get global filter config */ - if (!session::is_set("gufilter")){ - $ui= get_userinfo(); - $base= get_base_from_people($ui->dn); - $gufilter= array( "dselect" => $base, - "regex" => "*"); - session::set("gufilter", $gufilter); - } - $gufilter= session::get('gufilter'); - $gufilter['SubSearchGroup'] = false; - session::set('gufilter',$gufilter); - if ($this->dn == "new"){ if(session::is_set('CurrentMainBase')){ $this->base = session::get('CurrentMainBase'); @@ -197,32 +182,6 @@ class group extends plugin } $this->orig_base = $this->base; - /* Is this account a trustAccount? */ - if (isset($this->attrs['trustModel'])){ - $this->trustModel= $this->attrs['trustModel'][0]; - $this->was_trust_account= TRUE; - } else { - $this->was_trust_account= FALSE; - $this->trustModel= ""; - } - - $this->accessTo = array(); - if (isset($this->attrs['accessTo'])){ - for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){ - $tmp= $this->attrs['accessTo'][$i]; - $this->accessTo[$tmp]= $tmp; - } - } - - /* Get global filter config */ - if (!session::is_set("sysfilter")){ - $ui= get_userinfo(); - $base= get_base_from_people($ui->dn); - $sysfilter= array( "depselect" => $base, - "regex" => "*"); - session::set("sysfilter", $sysfilter); - } - /* This is always an account */ $this->is_account= TRUE; @@ -264,13 +223,11 @@ class group extends plugin /* Add objects? */ if (isset($_POST["edit_membership"]) && preg_match("/w/",$this->getacl("memberUid"))){ $this->userSelect= new userSelect($this->config, get_userinfo()); - $this->dialog= TRUE; } /* Add objects finished? */ if (isset($_POST["add_users_cancel"])){ $this->userSelect= NULL; - $this->dialog= FALSE; } /* Add user to group */ @@ -288,98 +245,19 @@ class group extends plugin } } $this->userSelect= NULL; - $this->dialog= FALSE; - } - - /* Base select dialog */ - $once = true; - foreach($_POST as $name => $value){ - if((preg_match("/^chooseBase/",$name) && $once) && $this->acl_is_writeable("base")){ - - $once = false; - $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases()); - $this->dialog->setCurrentBase($this->base); - } - } - - /* Dialog handling */ - if(is_object($this->dialog)){ - /* Must be called before save_object */ - $this->dialog->save_object(); - - if($this->dialog->isClosed()){ - $this->dialog = false; - }elseif($this->dialog->isSelected()){ - - /* Check if selected base is valid */ - $tmp = $this->get_allowed_bases(); - if(isset($tmp[$this->dialog->isSelected()])){ - $this->base = $this->dialog->isSelected(); - } - $this->dialog= false; - }else{ - return($this->dialog->execute()); - } - } - - - /* Add user workstation? */ - if (isset($_POST["add_ws"])){ - $this->trustSelect= new trustSelect($this->config,get_userinfo()); - $this->dialog= TRUE; - } - - // Add selected machines to trusted ones. - if (isset($_POST["add_ws_finish"]) && $this->trustSelect){ - $trusts = $this->trustSelect->detectPostActions(); - if(isset($trusts['targets'])){ - - $headpage = $this->trustSelect->getHeadpage(); - foreach($trusts['targets'] as $id){ - $attrs = $headpage->getEntry($id); - $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0]; - } - ksort($this->accessTo); - $this->is_modified= TRUE; - } - $this->trustSelect= NULL; - $this->dialog= FALSE; - } - - - /* Add user workstation? */ - if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){ - foreach($_POST['wslist'] as $ws){ - $this->accessTo[$ws]= $ws; - } - ksort($this->accessTo); - $this->is_modified= TRUE; - } - - /* Remove user workstations? */ - if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){ - foreach($_POST['workstation_list'] as $name){ - unset ($this->accessTo[$name]); - } - $this->is_modified= TRUE; } - /* Add user workstation finished? */ - if (isset($_POST["add_ws_cancel"])){ - $this->trustSelect= NULL; - $this->dialog= FALSE; - } - - - /* Show ws dialog */ - if ($this->trustSelect){ - - // Build up blocklist - session::set('filterBlacklist', array('cn' => array_values($this->accessTo))); - return($this->trustSelect->execute()); + $smarty= get_smarty(); + + // Handle trust mode dialog + $this->dialog = FALSE; + $trustModeDialog = $this->trustModeDialog->execute(); + if($this->trustModeDialog->trustSelect){ + $this->dialog = TRUE; + return($trustModeDialog); } + $smarty->assign("trustModeDialog" , $trustModeDialog); - $smarty= get_smarty(); $smarty->assign("usePrototype", "true"); if($this->config->search("nagiosaccount", "CLASS",array('menu'))){ @@ -396,6 +274,7 @@ class group extends plugin /* Manage object add dialog */ if ($this->userSelect){ + $this->dialog = TRUE; return($this->userSelect->execute()); } @@ -424,37 +303,6 @@ class group extends plugin /* Members and users */ $smarty->assign("members", $this->members); - /* Work on trust modes */ - $smarty->assign("trusthide", " disabled "); - $smarty->assign("trustmodeACL", $this->getacl("trustModel")); - if ($this->trustModel == "fullaccess"){ - $trustmode= 1; - // pervent double disable tag in html code, this will disturb our clean w3c html - $smarty->assign("trustmode", $this->getacl("trustModel")); - - } elseif ($this->trustModel == "byhost"){ - $trustmode= 2; - $smarty->assign("trusthide", ""); - } else { - // pervent double disable tag in html code, this will disturb our clean w3c html - $smarty->assign("trustmode", $this->getacl("trustModel")); - $trustmode= 0; - } - $smarty->assign("trustmode", $trustmode); - $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"), - 2 => _("allow access to these hosts"))); - - if((count($this->accessTo))==0){ - $smarty->assign("emptyArrAccess",true); - } else{ - $smarty->assign("emptyArrAccess",false); - - } - - $smarty->assign("workstations", $this->accessTo); - - - /* Checkboxes */ foreach (array("force_gid", "smbgroup") as $val){ if ($this->$val == "1"){ @@ -496,16 +344,8 @@ class group extends plugin $smarty->assign("baseSelect",false); } - /* Show main page */ - $smarty->assign("alphabet", generate_alphabet(10)); - $smarty->assign("search_image", get_template_path('images/lists/search.png')); - $smarty->assign("launchimage", get_template_path('images/lists/action.png')); - $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png')); - $smarty->assign("deplist", $this->config->idepartments); - /* Multiple edit handling */ $smarty->assign("multiple_support",$this->multiple_support_active); - $smarty->assign("memberUid_All",$this->memberUid); $smarty->assign("memberUid_Some",$this->memberUid_used_by_some); @@ -516,7 +356,7 @@ class group extends plugin $smarty->assign("use_".$val,FALSE); } } - foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $val){ + foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $val){ if(in_array($val,$this->multi_boxes)){ $smarty->assign("use_".$val,TRUE); }else{ @@ -593,14 +433,9 @@ class group extends plugin /* Reload data */ function reload($silent = FALSE) { - /* Fix regex string */ - $gufilter = session::get("gufilter"); - $regex = normalizeLdap($gufilter['regex']); - $MaxUser = $this->OnlyShowFirstEntries; - /* Prepare ldap link */ $ldap= $this->config->get_ldap_link(); - $ldap->cd($gufilter['dselect']); + $ldap->cd($this->config->current['BASE']); /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes @@ -640,49 +475,10 @@ class group extends plugin $this->members[$value] = $value; } } - - /* Create display list of users matching regex & filter - */ - $this->displayUsers = array(); - $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))"; - - /* Search in current tree or within subtrees depending on the checkbox from filter section */ - if($gufilter['SubSearchGroup']){ - $flag = GL_SIZELIMIT | GL_SUBSEARCH; - $base = $gufilter['dselect']; - }else{ - $flag = GL_SIZELIMIT ; - $base = get_people_ou().$gufilter['dselect']; - } - $i = 0; - - - $res = get_list($filter,"users",$base,array("dn", "uid", "sn", "givenName"),$flag); - - /* Fetch all users and skip already used users */ - foreach($res as $attrs){ - if(in_array($attrs['uid'][0], $this->memberUid)) { - continue; - } - $i ++; - if($i > $MaxUser) { - break; - } - $this->dnMapping[$attrs['uid'][0]]= $attrs["dn"]; - $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs); - $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs); - } - /* If more than max users are found, display a message to warn the user */ - if($i == $MaxUser && !$silent){ - msg_dialog::display(_("Configuration error"), sprintf(_("Search returned too many results. Not displaying more than %s entries!"), $MaxUser), ERROR_DIALOG); - } - /* Sort lists */ natcasesort($this->members); reset($this->members); - natcasesort ($this->displayUsers); - reset ($this->displayUsers); } @@ -748,17 +544,6 @@ class group extends plugin /* Save data to object */ function save_object() { - /* Refresh base */ - if ($this->acl_is_moveable($this->base)){ - if (!$this->baseSelector->update()) { - msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG); - } - if ($this->base != $this->baseSelector->getBase()) { - $this->base= $this->baseSelector->getBase(); - $this->is_modified= TRUE; - } - } - /* Save additional values for possible next step */ if (isset($_POST['groupedit'])){ @@ -767,8 +552,20 @@ class group extends plugin Base will be set seperatly a few lines below */ $base_tmp = $this->base; plugin::save_object(); + $this->trustModeDialog->save_object(); $this->base = $base_tmp; + /* Refresh base */ + if ($this->acl_is_moveable($this->base)){ + if (!$this->baseSelector->update()) { + msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG); + } + if ($this->base != $this->baseSelector->getBase()) { + $this->base= $this->baseSelector->getBase(); + $this->is_modified= TRUE; + } + } + $this->force_gid= 0; /* Only reset sambagroup flag if we are able to write this flag */ @@ -806,24 +603,6 @@ class group extends plugin } } } - - /* Trust mode - special handling */ - if($this->acl_is_writeable("trustModel")){ - if (isset($_POST['trustmode'])){ - $saved= $this->trustModel; - if ($_POST['trustmode'] == "1"){ - $this->trustModel= "fullaccess"; - } elseif ($_POST['trustmode'] == "2"){ - $this->trustModel= "byhost"; - } else { - $this->trustModel= ""; - } - if ($this->trustModel != $saved){ - $this->is_modified= TRUE; - } - } - } - } @@ -853,33 +632,6 @@ class group extends plugin plugin::save(); - /* Trust accounts */ - $objectclasses= array(); - foreach ($this->attrs['objectClass'] as $key => $class){ - if (preg_match('/trustAccount/i', $class)){ - continue; - } - $objectclasses[]= $this->attrs['objectClass'][$key]; - } - $this->attrs['objectClass']= $objectclasses; - if ($this->trustModel != ""){ - $this->attrs['objectClass'][]= "trustAccount"; - $this->attrs['trustModel']= $this->trustModel; - $this->attrs['accessTo']= array(); - if ($this->trustModel == "byhost"){ - foreach ($this->accessTo as $host){ - $this->attrs['accessTo'][]= $host; - } - } - } else { - if ($this->was_trust_account){ - $this->attrs['accessTo']= array(); - $this->attrs['trustModel']= array(); - } - } - - - /* Remove objectClass for samba/phone support */ $tmp= array(); for ($i= 0; $iattrs["objectClass"]); $i++){ @@ -917,16 +669,7 @@ class group extends plugin if ($this->groupType == 0){ if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){ - $gidNumber= $this->gidNumber; - while(TRUE){ - $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1); - $ldap->cd($this->config->current['BASE']); - $ldap->search("(sambaSID=$sid)",array("sambaSID")); - if ($ldap->count() == 0){ - break; - } - $gidNumber++; - } + $sid = $this->getSambaSID(); $this->attrs['sambaSID']= $sid; $this->sambaSID= $sid; } @@ -999,6 +742,8 @@ class group extends plugin $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn)); } + $this->trustModeDialog->dn = $this->dn; + $this->trustModeDialog->save(); /* Check generated gidNumber, it may be used by another group. */ @@ -1065,6 +810,11 @@ class group extends plugin $message[]= msgPool::required(_("Name")); } + // Check if a wrong base was supplied + if(!$this->baseSelector->checkLastBaseUpdate()){ + $message[]= msgPool::check_base();; + } + /* Check for valid input */ if (!tests::is_uid($this->cn)){ if (strict_uid_mode()){ @@ -1074,6 +824,11 @@ class group extends plugin } } + // Check if a wrong base was supplied + if(!$this->baseSelector->checkLastBaseUpdate()){ + $message[]= msgPool::check_base();; + } + if($this->allowGroupsWithSameNameInOtherSubtrees == true){ /* Check for used 'cn' */ @@ -1198,7 +953,7 @@ class group extends plugin "sambaGroupType" => _("Samba group type"), "sambaDomainName" => _("Samba domain name"), - "trustModel" => _("System trust"), + "accessTo" => _("System trust"), "fonGroup" => _("Phone pickup group"), "nagiosGroup" => _("Nagios group"), @@ -1217,9 +972,10 @@ class group extends plugin $base_tmp = $this->base; plugin::multiple_save_object(); plugin::save_object(); + $this->trustModeDialog->multiple_save_object(); $this->base = $base_tmp; - foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $attr){ + foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){ if(isset($_POST['use_'.$attr])){ $this->multi_boxes[] = $attr; } @@ -1252,23 +1008,6 @@ class group extends plugin $this->groupType= $_POST['groupType']; } - /* Trust mode - special handling */ - if($this->acl_is_writeable("trustModel")){ - if (isset($_POST['trustmode'])){ - $saved= $this->trustModel; - if ($_POST['trustmode'] == "1"){ - $this->trustModel= "fullaccess"; - } elseif ($_POST['trustmode'] == "2"){ - $this->trustModel= "byhost"; - } else { - $this->trustModel= ""; - } - if ($this->trustModel != $saved){ - $this->is_modified= TRUE; - } - } - } - /* Save fon attribute */ if ($this->acl_is_writeable("fonGroup")){ if (isset ($_POST['fon_group'])){ @@ -1284,6 +1023,7 @@ class group extends plugin function get_multi_edit_values() { $ret = plugin::get_multi_edit_values(); + $ret = array_merge($ret,$this->trustModeDialog->get_multi_edit_values()); foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){ if(in_array($attr,$this->multi_boxes)){ @@ -1291,11 +1031,6 @@ class group extends plugin } } - if(in_array("trustmode",$this->multi_boxes)){ - $ret['trustModel'] = $this->trustModel; - $ret['accessTo'] = $this->accessTo; - } - $ret['memberUid'] = $this->memberUid; $ret['memberUid_used_by_some'] = $this->memberUid_used_by_some; return($ret); @@ -1312,6 +1047,7 @@ class group extends plugin function init_multiple_support($attrs,$all) { plugin::init_multiple_support($attrs,$all); + $this->trustModeDialog->init_multiple_support($attrs,$all); $this->memberUid = array(); $this->memberUid_used_by_some = array(); @@ -1337,19 +1073,34 @@ class group extends plugin { plugin::PrepareForCopyPaste($source); + $this->trustModeDialog->PrepareForCopyPaste($source); + + if ($this->smbgroup) { + $this->sambaSID = $this->getSambaSID(); + } + $this->memberUid = array(); if(isset($source['memberUid'])){ for($i = 0 ; $i < $source['memberUid']['count']; $i ++){ $this->memberUid[] = $source['memberUid'][$i]; } } - $this->accessTo = array(); - if (isset($source['accessTo'])){ - for ($i= 0; $i<$source['accessTo']['count']; $i++){ - $tmp= $source['accessTo'][$i]; - $this->accessTo[$tmp]= $tmp; - } - } + } + + + function set_acl_base($base) + { + plugin::set_acl_base($base); + $this->trustModeDialog->set_acl_base($base); + } + + + /*! \brief Enables multiple support for this plugin + */ + function enable_multiple_support() + { + plugin::enable_multiple_support(); + $this->trustModeDialog->enable_multiple_support(); } @@ -1369,8 +1120,29 @@ class group extends plugin $users[$uid] = $uid; } plugin::set_multi_edit_values($attrs); + $this->trustModeDialog->set_multi_edit_values($attrs); $this->memberUid = $users; } + + + /*! \brief Get a new SambaSID for a group */ + function getSambaSID() + { + $ldap = $this->config->get_ldap_link(); + $gidNumber= $this->gidNumber; + while(TRUE){ + $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1); + $ldap->cd($this->config->current['BASE']); + $ldap->search("(sambaSID=$sid)",array("sambaSID")); + if ($ldap->count() == 0){ + break; + } + $gidNumber++; + } + + return $sid; + } + } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>