X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-plugins%2Fgoto%2Fpersonal%2Fenvironment%2Fclass_environment.inc;h=a19bb719f9654600ca2e5c2cbe60a92ee93a0ee2;hb=5ad7d1d4e53d916f9b6312eef95e46084e8f2986;hp=01df57a8bc608be848ac807003cfde2a9cf3ebec;hpb=d5de7346ec39576aa7523ebd5c3281d89f25791e;p=gosa.git diff --git a/gosa-plugins/goto/personal/environment/class_environment.inc b/gosa-plugins/goto/personal/environment/class_environment.inc index 01df57a8b..a19bb719f 100644 --- a/gosa-plugins/goto/personal/environment/class_environment.inc +++ b/gosa-plugins/goto/personal/environment/class_environment.inc @@ -2,11 +2,6 @@ class environment extends plugin { - /* CLI vars */ - var $cli_summary = "Manage server basic objects"; - var $cli_description = "Some longer text\nfor help"; - var $cli_parameters = array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser"); - /* attribute list for save action */ var $ignore_account = FALSE; var $plHeadline = "Environment"; @@ -241,26 +236,55 @@ class environment extends plugin $this->gotoProfileServers= $config->getShareServerList() ; $this->gotoShareSelections= $config->getShareList(true); $this->gotoAvailableShares= $config->getShareList(false); + + /* Ensure that a currently selected server will stay selected, even if the list of profile servers + is empty due to insufficient permissions. + */ + if(count($this->gotoProfileServers) && !empty($this->gotoProfileServer)){ + + /* The currently selected profile server is outdated/no longer available */ + if(!isset($this->gotoProfileServers[$this->gotoProfileServer])){ + }else{ + $c = $this->gotoProfileServers[$this->gotoProfileServer]; + if(!preg_match("/r/",$c['ACL'])){ + + /* We are not allowed to read to currently selected server. + But to ensure that the selection will be kept after saving the account, we + override the current ACL tag. + */ + $this->gotoProfileServers[$this->gotoProfileServer]['ACL'] .= "r"; + } + } + } $this->update_kiosk_profiles(); } function update_kiosk_profiles() { + $this->gotoKioskProfile_Server = preg_replace("/^.*:\/\/([^\/]*).*$/","\\1",$this->gotoKioskProfile); + $this->gotoKioskProfile_Profile= preg_replace("/^.*\//","",$this->gotoKioskProfile); + $tmp1 = array("none" => array(_("disabled"))); $tmp2 = array("none" => _("disabled")); + $tmp3 = array(); $ldap = $this->config->get_ldap_link(); $ldap->cd($this->config->current['BASE']); $ldap->search("(&(objectClass=goEnvironmentServer)(gotoKioskProfile=*)(cn=*))",array("cn","gotoKioskProfile")); $cnt = 0; + $ui = get_userinfo(); while($attrs = $ldap->fetch()){ + $acl = $ui->get_permissions($attrs['dn'],"server/goShareServer",""); for($i = 0 ; $i < $attrs['gotoKioskProfile']['count'] ; $i ++){ - $name = preg_replace("/^.*\//","",$attrs['gotoKioskProfile'][$i]); - $tmp1[$attrs['cn'][0]][] = $name; + if(preg_match("/r/",$acl) || $this->gotoKioskProfile_Server == $attrs['cn'][0]){ + $name = preg_replace("/^.*\//","",$attrs['gotoKioskProfile'][$i]); + $tmp1[$attrs['cn'][0]][] = $name; + $tmp3[$attrs['cn'][0]][$name] = $attrs['gotoKioskProfile'][$i]; + $tmp2[$attrs['cn'][0]]= $attrs['cn'][0]; + $cnt ++; + } } - $tmp2[$attrs['cn'][0]]= $attrs['cn'][0]; - $cnt ++; } if($cnt && $this->config->search("environment","kioskpath",array('menu','tabs'))){ @@ -269,24 +293,21 @@ class environment extends plugin $this->gotoKioskProfiles['BY_SERVER'] = $tmp1; $this->gotoKioskProfiles['SERVERS'] = $tmp2; + $this->gotoKioskProfiles['MAP'] = $tmp3; - $this->gotoKioskProfile_Server = preg_replace("/^.*:\/\/([^\/]*).*$/","\\1",$this->gotoKioskProfile); - $this->gotoKioskProfile_Profile= preg_replace("/^.*\//","",$this->gotoKioskProfile); - $error = false; - if(!in_array($this->gotoKioskProfile_Server, $this->gotoKioskProfiles['SERVERS'])){ - $this->gotoKioskProfile_Server = key($this->gotoKioskProfiles['SERVERS']); + if(!isset($this->gotoKioskProfiles['SERVERS'][$this->gotoKioskProfile_Server])){ $error = true; - } - - if(!in_array($this->gotoKioskProfile_Profile, $this->gotoKioskProfiles['BY_SERVER'][$this->gotoKioskProfile_Server])){ - $this->gotoKioskProfile_Profile = $this->gotoKioskProfiles['BY_SERVER'][$this->gotoKioskProfile_Server][0]; + }elseif(!in_array($this->gotoKioskProfile_Profile, $this->gotoKioskProfiles['BY_SERVER'][$this->gotoKioskProfile_Server])){ $error = true; } if($error && !empty($this->gotoKioskProfile)){ + msg_dialog::display(_("Warning"), sprintf(_("Kiosk profile '%s' located on server '%s' is not available anymore. Kiosk profile will be disabled!"), $this->gotoKioskProfile_Profile, $this->gotoKioskProfile_Server), WARNING_DIALOG); + $this->gotoKioskProfile_Server ="none"; + $this->gotoKioskProfile_Profile=""; + }elseif(empty($this->gotoKioskProfile)){ $this->gotoKioskProfile_Server ="none"; $this->gotoKioskProfile_Profile=""; - msg_dialog::display(_("Warning"), sprintf(_("Kiosk profile '%s' located on server '%s' is not available anymore. Kiosk profile will be disabled!"), $this->gotoKioskProfile_Profile, $this->gotoKioskProfile_Server), WARNING_DIALOG); } } @@ -324,7 +345,10 @@ class environment extends plugin /* Check profile server */ if($this->acl_is_writeable("gotoProfileServer",$WriteOnly)){ + if(!empty($this->gotoProfileServer) && !isset($this->gotoProfileServers[$this->gotoProfileServer])){ + + if(count($this->gotoProfileServers)){ /* Get First Profile */ @@ -404,8 +428,8 @@ class environment extends plugin } /* Group Dialog with enabled environment options */ if ($this->is_account){ - $display= $this->show_enable_header(_("Remove environment extension"), - _("Environment extension enabled. You can disable it by clicking below.")); + $display= $this->show_enable_header(msgPool::removeFeaturesButton(_("Environment")), + msgPool::featuresEnabled(_("Environment"))); } else { /* Environment is disabled @@ -413,14 +437,16 @@ class environment extends plugin environment extensions */ if((isset($this->parent->by_object['group']))||(isset($this->attrs['objectClass']))&&((in_array("posixAccount",$this->attrs['objectClass'])))){ - // 4. There is a PosixAccount - $display= $this->show_enable_header(_("Add environment extension"), - _("Environment extension disabled. You can enable it by clicking below.")); + $display= $this->show_enable_header(msgPool::addFeaturesButton(_("Environment")), + msgPool::featuresDisabled(_("Environment"))); + return $display; + }elseif((isset($this->parent->by_object['ogroup']))){ + $display= $this->show_enable_header(msgPool::addFeaturesButton(_("Environment")), + msgPool::featuresDisabled(_("Environment"))); return $display; }else{ - // 4. There is no PosixAccount - $display= $this->show_enable_header(_("Add environment extension"), - _("Environment extension disabled. You have to setup a posix account before you can enable this feature.")); + $display= $this->show_enable_header(msgPool::addFeaturesButton(_("Environment")), + msgPool::featuresDisabled(_("Environment"), _("POSIX")), TRUE); return $display; } } @@ -442,19 +468,17 @@ class environment extends plugin // 3. Account enabled . Editing from adminmenu if ($this->is_account){ - $display= $this->show_disable_header(_("Remove environment extension"), - _("Environment extension enabled. You can disable it by clicking below.")); + $display= $this->show_enable_header(msgPool::removeFeaturesButton(_("Environment")), + msgPool::featuresEnabled(_("Environment"))); } else { if($this->parent->by_object['posixAccount']->is_account==true){ - // 4. There is a PosixAccount - $display= $this->show_disable_header(_("Add environment extension"), - _("Environment extension disabled. You can enable it by clicking below.")); + $display= $this->show_enable_header(msgPool::addFeaturesButton(_("Environment")), + msgPool::featuresDisabled(_("Environment"))); return $display; }else{ - // 4. There is a PosixAccount - $display= $this->show_disable_header(_("Add environment extension"), - _("Environment extension disabled. You have to setup a posix account before you can enable this feature."),TRUE,TRUE); + $display= $this->show_enable_header(msgPool::addFeaturesButton(_("Environment")), + msgPool::featuresDisabled(_("Environment"), _("POSIX")), TRUE); return $display; } } @@ -537,7 +561,6 @@ class environment extends plugin if(!is_array($this->gotoProfileServers)){ $this->gotoProfileServers =array(); } - $smarty->assign("gotoProfileServerKeys",array_flip($this->gotoProfileServers)); /* Handle kiosk profiles*/ $smarty->assign("kiosk_servers" , $this->gotoKioskProfiles['SERVERS']); @@ -555,7 +578,7 @@ class environment extends plugin if(isset($_POST['LogonSave'])){ if(!$this->acl_is_writeable("gotoLogonScript")){ - msg_dialog::display(_("Permission error"), _("You have no permission to modify logon scripts!"), ERROR_DIALOG); + msg_dialog::display(_("Permission error"), msgPool::permModify(_("Logon scripts")), ERROR_DIALOG); unset($this->dialog); $this->dialog=FALSE; $this->is_dialog=false; @@ -645,11 +668,11 @@ class environment extends plugin /* We assign a share to this user, if we don't know where to mount the share */ if(!isset($_POST['gotoShareSelection']) || get_post('gotoShareSelection') == ""){ - msg_dialog::display(_("Error"), _("Please select a valid share!"), ERROR_DIALOG); + msg_dialog::display(_("Error"), msgPool::invalid(_("Share")), ERROR_DIALOG); }elseif((!isset($_POST['gotoShareMountPoint']))||(empty($_POST['gotoShareMountPoint']))||(preg_match("/[\|]/i",$_POST['gotoShareMountPoint']))){ - msg_dialog::display(_("Error"), _("Please specify a valid mount point!"), ERROR_DIALOG); + msg_dialog::display(_("Error"), msgPool::invalid(_("Mount point")), ERROR_DIALOG); }elseif(preg_match('/ /', $_POST['gotoShareMountPoint'])){ - msg_dialog::display(_("Error"), _("You cannot use spaces in the mount path!"), ERROR_DIALOG); + msg_dialog::display(_("Error"), msgPool::invalid(_("Mount point"), "/[^\s]/"), ERROR_DIALOG); }elseif(!( preg_match("/^\//",$_POST['gotoShareMountPoint']) || preg_match("/^~/",$_POST['gotoShareMountPoint']) || @@ -660,7 +683,7 @@ class environment extends plugin preg_match("/^%/",$_POST['gotoShareMountPoint']) ) ){ - msg_dialog::display(_("Error"), _("Please specify a valid mount point!"), ERROR_DIALOG); + msg_dialog::display(_("Error"), msgPool::invalid(_("Mount point")), ERROR_DIALOG); }else{ $a_share = $this->gotoAvailableShares[$_POST['gotoShareSelection']]; $s_mount = $_POST['gotoShareMountPoint']; @@ -763,7 +786,7 @@ class environment extends plugin title='"._("Reset password hash")."'>"; $img.= " "; } - $img.= ""; $field1 = array("string" => $value , "attach" => "style='".$color."'"); $field2 = array("string" => $img , "attach" => "style='border-right:0px;'"); @@ -1028,7 +1051,9 @@ class environment extends plugin new log("remove","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error()); } - show_ldap_error($ldap->get_error(), sprintf(_("Removing of user/environment account with dn '%s' failed."),$this->dn)); + if (!$ldap->success()){ + msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class())); + } /* Optionally execute a command after we're done */ $this->handle_post_events("remove",array("uid" => $this->uid)); @@ -1110,14 +1135,14 @@ class environment extends plugin $this->detect_grouptype(); if(preg_match("/[^0-9]/",$this->gotoProfileQuota)) { - $message[]=_("Please set a valid profile quota size."); + $message[] = msgPool::invalid(_("Profile quota"),$this->gotoProfileQuota,"/[0-9]/") ; } if(!isset($this->attrs['objectClass'])){ $this->attrs['objectClass']=array(); } if(!$this->is_group){ if((!((in_array("posixAccount",$this->attrs['objectClass']))||($this->parent->by_object['posixAccount']->is_account==true)))&&(!$this->is_group)){ - $message[]=(_("You need to setup a valid posix extension in order to enable evironment features.")); + $message[]= msgPool::featuresDisabled(_("environment"),_("POSIX")); } } return ($message); @@ -1131,11 +1156,7 @@ class environment extends plugin */ /* only save changed variables ....*/ if ($this->gotoKioskProfile_Server != "none"){ - if(preg_match("/https/i",$_SERVER['HTTP_REFERER'])){ - $method="https://".$this->gotoKioskProfile_Server."/kiosk/".$this->gotoKioskProfile_Profile; - }else{ - $method="http://".$this->gotoKioskProfile_Server."/kiosk/".$this->gotoKioskProfile_Profile; - } + $method = $this->gotoKioskProfiles['MAP'][$this->gotoKioskProfile_Server][$this->gotoKioskProfile_Profile]; $this->gotoKioskProfile= $method; }else{ $this->gotoKioskProfile= array(); @@ -1176,6 +1197,7 @@ class environment extends plugin } /* Remove old entries */ + $ldap->cd($this->config->current['BASE']);; $ldap->search("(&(objectClass=gotoPrinter)(goto".$s_suffix."Printer=".$this->$useVar."))",array("*")); while($attr = $ldap->fetch()){ $printerObj = NULL; @@ -1185,6 +1207,7 @@ class environment extends plugin $printerObj->by_object['printgeneric']->save(); } + $ldap->cd($this->config->current['BASE']);; $ldap->search("(&(objectClass=gotoPrinter)(goto".$s_suffix."AdminPrinter=".$this->$useVar."))",array("*")); while($attr = $ldap->fetch()){ $printerObj = NULL; @@ -1285,7 +1308,9 @@ class environment extends plugin new log("create",$cat."/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error()); } - show_ldap_error($ldap->get_error(), sprintf(_("Saving of user/environment account with dn '%s' failed."),$this->dn)); + if (!$ldap->success()){ + msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class())); + } $this->handle_post_events($mode,array("uid"=>$this->uid)); } @@ -1682,7 +1707,7 @@ class environment extends plugin $this->detect_grouptype(); if(preg_match("/[^0-9]/",$this->gotoProfileQuota) && in_array("gotoProfileQuota",$this->multi_boxes)) { - $message[]=_("Please set a valid profile quota size."); + $message[] = msgPool::invalid(_("Profile quota"),$this->gotoProfileQuota,"/[0-9]/") ; } return($message); }