X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-plugins%2Ffai%2Fadmin%2Ffai%2Fclass_faiManagement.inc;h=72031cfd93868a7ad1b093cc8cfdd541170052f9;hb=8f7080e4d548a1257a13753c0881a2baf4ff45ed;hp=1719e82c3c599acca4263b48117057f5aa8afb50;hpb=95b36034dc041a4fd6eea9a7dc84018dd558f16a;p=gosa.git diff --git a/gosa-plugins/fai/admin/fai/class_faiManagement.inc b/gosa-plugins/fai/admin/fai/class_faiManagement.inc index 1719e82c3..72031cfd9 100644 --- a/gosa-plugins/fai/admin/fai/class_faiManagement.inc +++ b/gosa-plugins/fai/admin/fai/class_faiManagement.inc @@ -3,7 +3,7 @@ * This code is part of GOsa (http://www.gosa-project.org) * Copyright (C) 2003-2008 GONICUS GmbH * - * ID: $$Id: class_roleManagement.inc 14742 2009-11-04 13:18:33Z hickert $$ + * ID: $$Id: class_faiManagement.inc 14742 2009-11-04 13:18:33Z hickert $$ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -27,14 +27,14 @@ class faiManagement extends management var $plIcon = "plugins/fai/images/plugin.png"; // Tab definition - protected $tabClass = "roletabs"; - protected $tabType = "ROLETABS"; - protected $aclCategory = "roles"; - protected $aclPlugin = "role"; - protected $objectName = "role"; + protected $tabClass = ""; + protected $tabType = ""; + protected $aclCategory = ""; + protected $aclPlugin = ""; + protected $objectName = "FAI object"; // Attributes Managed by this plugin can be used in post events - protected $attributes = array("lock_type","lock_name","lock_dn"); + public $attributes = array("lock_type","lock_name","lock_dn"); var $dispNewBranch=false; var $dispNewFreeze=false; @@ -68,6 +68,11 @@ class faiManagement extends management $this->fai_release = $this->fai_base; } + $releases = $this->getReleaseList(); + if(!isset($releases[$this->fai_release])){ + $this->fai_release = $this->fai_base; + } + $this->acl_base = $this->config->current['BASE']; $this->ui = $ui; $this->storagePoints = array( @@ -86,6 +91,7 @@ class faiManagement extends management $filter = new filter(get_template_path("fai-filter.xml", true)); $filter->setObjectStorage($this->storagePoints); } + $filter->elementValues['RELEASE'] = $this->fai_release; $this->setFilter($filter); // Build headpage @@ -117,7 +123,7 @@ class faiManagement extends management $this->registerAction("saveBranch","saveBranch"); $this->registerAction("PerformBranch","PerformBranch"); - parent::__construct($config, $ui, "roles", $headpage); + parent::__construct($config, $ui, "FAI object", $headpage); } @@ -128,15 +134,33 @@ class faiManagement extends management // Collect real dns, the listed objects are grouped by their cn $headpage = $this->getHeadpage(); if($action == "copy"){ - foreach($target as $t){ - $entry = $headpage->getEntry($t); - // Check for valid FAI objects - if(in_array('FAKE_OC_FAI', $entry['objectClass'])){ - foreach($entry['GROUPS'] as $g){ - $type = $this->get_type($g); - $this->cpHandler->add_to_queue($g['dn'],"copy",$type[0],$type[2],'fai',$this); - @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$dn,"Entry copied!"); + if(count($target) == 1){ + + // We just want to copy a single FAI object, let the user choose entries from the FAI-Group + $entry = $headpage->getEntry($target[0]); + if(count($entry['GROUPS']) == 1){ + $data = array_pop($entry['GROUPS']); + $type = $this->get_type($data); + $this->cpHandler->add_to_queue($g['dn'],"copy",$type[0],$type[2],'fai',$this); + @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$g['dn'],"Entry copied!"); + }else{ + $this->dialogObject = new faiGroupHandle($entry['GROUPS'],"copy"); + } + + }else{ + + // More than one group was selected, expect that the user wants to copy the complete groups. + foreach($target as $t){ + $entry = $headpage->getEntry($t); + + // Check for valid FAI objects + if(in_array('FAKE_OC_FAI', $entry['objectClass'])){ + foreach($entry['GROUPS'] as $g){ + $type = $this->get_type($g); + $this->cpHandler->add_to_queue($g['dn'],"copy",$type[0],$type[2],'fai',$this); + @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$g['dn'],"Entry copied!"); + } } } } @@ -158,7 +182,7 @@ class faiManagement extends management } // Automatically disable pasting process since there is no entry left to paste. - if(!$this->cpHandler->entries_queued()){ + if(isset($this->cpHandler) && !$this->cpHandler->entries_queued()){ $this->cpPastingStarted = FALSE; } return(""); @@ -350,10 +374,18 @@ class faiManagement extends management */ function removeFAIObjects($to_delete) { + // Close dialogs and remove locks for currently handled dns + $this->cancelEdit(); + // Do not allow to remove objects with state freeezed - $errors=array(); + $errors = $disallowed = array(); + foreach($to_delete as $obj){ - if(isset($obj['FAIstate']) && preg_match('/^freeze/', $obj['FAIstate'])){ + $type = $this->get_type($obj); + $acl = $this->ui->get_permissions($obj['dn'],"fai/".$type[1]); + if(!preg_match("/d/",$acl)){ + $disallowed[] = $obj['dn']; + }elseif(isset($obj['FAIstate']) && preg_match('/^freeze/', $obj['FAIstate'])){ $errors[] = $obj['dn']; }else{ $this->dns[] = $obj['dn']; @@ -363,22 +395,40 @@ class faiManagement extends management msg_dialog::display(_("Branch locked"), sprintf(_("The following entries are locked, you can't remove them %s."),msgPool::buildList($errors)),INFO_DIALOG); } + if(count($disallowed)){ + msg_dialog::display(_("Permission error"), msgPool::permDelete($disallowed), ERROR_DIALOG); + } // Check entry locking + $smarty = get_smarty(); if(count($this->dns)){ if ($user= get_multiple_locks($this->dns)){ return(gen_locked_message($user,$this->dns)); } if(count($this->dns)){ - $smarty = get_smarty(); + + // Add locks $dns_names = array(); + $types = array(); + $h = $this->getHeadpage(); + + // Build list of object -labels + foreach($h->objectTypes as $type){ + $map[$type['objectClass']]= $type['label']; + } + foreach($this->dns as $dn){ - add_lock ($dn, $this->ui->dn); - $dns_names[] = LDAP::fix($dn); + $tmp = $h->getType($dn); + if(isset($map[$tmp])){ + $dns_names[] = '('._($map[$tmp]).') - '.LDAP::fix($dn); + }else{ + $dns_names[] =LDAP::fix($dn); + } } - $smarty->assign("info",msgPool::deleteInfo($dns_names,_("FAI object"))); - $smarty->assign("multiple", true); - return($smarty->fetch(get_template_path('remove.tpl', TRUE))); + add_lock ($this->dns, $this->ui->dn); + + $smarty->assign("info",msgPool::deleteInfo($dns_names)); + return($smarty->fetch(get_template_path('removeEntries.tpl', TRUE))); } } } @@ -392,22 +442,37 @@ class faiManagement extends management $ldap = $this->config->get_ldap_link(); $ldap->cd($this->config->current['BASE']); + $disallowed = array(); foreach($this->dns as $key => $dn){ $ldap->cat($dn); if($ldap->count()){ $attrs = $ldap->fetch(); $type= $this->get_type($attrs); - $str = management::removeEntryConfirmed($action,array($dn),$all,$type[0],$type[2],$type[1]); - if($str) return($str); - // Now save changes - FAI::save_release_changes_now(); - $to_del = FAI::clean_up_releases($dn); - foreach($to_del as $dn){ - $ldap->rmdir_recursive($dn); + $acl = $this->ui->get_permissions($dn,"fai/".$type[1]); + if(preg_match("/d/",$acl)){ + + // Now save changes + $str = management::removeEntryConfirmed($action,array($dn),$all,$type[0],$type[2],$type[1]); + if(!empty($str)) return($str); + FAI::save_release_changes_now(); + $to_del = FAI::clean_up_releases($dn); + foreach($to_del as $dn){ + $ldap->rmdir_recursive($dn); + } + + } else { + $disallowed[] = $dn; + new log("security","fai/".get_class($this),$dn,array(),"Tried to trick deletion."); } } } + + /* Normally this shouldn't be reached, send some extra + logs to notify the administrator */ + if(count($disallowed)){ + msg_dialog::display(_("Permission error"), msgPool::permDelete($disallowed), ERROR_DIALOG); + } } @@ -430,7 +495,19 @@ class faiManagement extends management }elseif($this->dialogObject instanceOf faiGroupHandle && $this->dialogObject->get_mode() == "remove"){ $this->dialogObject->save_object(); $to_delete = $entry = $this->dialogObject->get_selected(); + if(count($to_delete)) $this->closeDialogs(); return($this->removeFAIObjects($to_delete)); + }elseif($this->dialogObject instanceOf faiGroupHandle && $this->dialogObject->get_mode() == "copy"){ + $this->dialogObject->save_object(); + $entries = $entry = $this->dialogObject->get_selected(); + if(count($entries)){ + foreach($entries as $entry){ + $type = $this->get_type($entry); + $this->cpHandler->add_to_queue($entry['dn'],"copy",$type[0],$type[2],'fai',$this); + @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$entry['dn'],"Entry copied!"); + } + $this->closeDialogs(); + } } } @@ -445,6 +522,7 @@ class faiManagement extends management // Now save changes FAI::save_release_changes_now(); $to_del = FAI::clean_up_releases($this->last_dn); + $ldap= $this->config->get_ldap_link(); foreach($to_del as $dn){ $ldap->rmdir_recursive($dn); } @@ -558,7 +636,7 @@ class faiManagement extends management $this->fai_release = $this->fai_base; $this->lock_name = $name; $this->lock_dn = $bb; - $this->postremove(); + $this->handle_post_events('remove'); $fai_filter = session::get("fai_filter"); $fai_filter['fai_release'] = $this->fai_release; @@ -575,33 +653,45 @@ class faiManagement extends management */ function createBranch() { - $smarty = get_smarty(); - $this->dispNewBranch=true; - $this->dispNewFreeze=false; - $smarty->assign("iframe",false); - if(isset($_POST['BranchName'])){ - $smarty->assign("BranchName", $_POST['BranchName']); + if($this->config->search("faiManagement", "POSTCREATE",array('menu','tabs')) == ""){ + msg_dialog::display(_("Configuration"), msgPool::cmdnotfound("POSTCREATE", get_class()), ERROR_DIALOG); + }elseif(!preg_match("/c/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){ + msg_dialog::display(_("Permission error"), msgPool::permCreate(_("Branch")), ERROR_DIALOG); }else{ - $smarty->assign("BranchName",""); + $smarty = get_smarty(); + $this->dispNewBranch=true; + $this->dispNewFreeze=false; + $smarty->assign("iframe",false); + if(isset($_POST['BranchName'])){ + $smarty->assign("BranchName", $_POST['BranchName']); + }else{ + $smarty->assign("BranchName",""); + } + return($smarty->fetch(get_template_path('faiNewBranch.tpl', TRUE, dirname(__FILE__)))); } - return($smarty->fetch(get_template_path('faiNewBranch.tpl', TRUE, dirname(__FILE__)))); } /*! \brief Initiates release creation */ function createFreeze() - { - $smarty = get_smarty(); - $this->dispNewFreeze=true; - $this->dispNewBranch=false; - $smarty->assign("iframe",false); - if(isset($_POST['BranchName'])){ - $smarty->assign("BranchName", $_POST['BranchName']); + { + if($this->config->search("faiManagement", "POSTCREATE",array('menu','tabs')) == ""){ + msg_dialog::display(_("Configuration"), msgPool::cmdnotfound("POSTCREATE", get_class()), ERROR_DIALOG); + }elseif(!preg_match("/c/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){ + msg_dialog::display(_("Permission error"), msgPool::permCreate(_("Branch")), ERROR_DIALOG); }else{ - $smarty->assign("BranchName",""); + $smarty = get_smarty(); + $this->dispNewFreeze=true; + $this->dispNewBranch=false; + $smarty->assign("iframe",false); + if(isset($_POST['BranchName'])){ + $smarty->assign("BranchName", $_POST['BranchName']); + }else{ + $smarty->assign("BranchName",""); + } + return($smarty->fetch(get_template_path('faiNewBranch.tpl', TRUE, dirname(__FILE__)))); } - return($smarty->fetch(get_template_path('faiNewBranch.tpl', TRUE, dirname(__FILE__)))); } @@ -727,13 +817,11 @@ class faiManagement extends management $this->dispNewFreeze = false; - /* Postcreate */ - /* Assign possible attributes */ $this->lock_type = $type; $this->lock_name = $name; $this->lock_dn = $baseToUse; - $this->postcreate(); + $this->handle_post_events('add'); /* Send daemon event to reload the fai release database */ @@ -992,7 +1080,7 @@ class faiManagement extends management $headpage->update(); $smarty = get_smarty(); $smarty->assign("fai_release", $this->fai_release); - $smarty->assign("opsi_available", is_object($this->opsi)); + $smarty->assign("opsi_available", (is_object($this->opsi) && $this->opsi->enabled())); $smarty->assign("fai_base", $this->fai_base); $r = $this->config->search("faiManagement", "POSTREMOVE",array('menu','tabs')); $c = $this->config->search("faiManagement", "POSTCREATE",array('menu','tabs'));