X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Fclass_acl.inc;h=a8fd374e1f7abacb20e811909ad1b3014abfc88b;hb=4e21fc2c719f4175c9b0e72ee9fbc95249a16ddf;hp=41082b3106b9f17b2e92c18561030ced671d004b;hpb=737d18edfe81212c42a6975f9690fce09c3d919d;p=gosa.git
diff --git a/include/class_acl.inc b/include/class_acl.inc
index 41082b310..a8fd374e1 100644
--- a/include/class_acl.inc
+++ b/include/class_acl.inc
@@ -21,6 +21,7 @@ class acl extends plugin
var $aclObjects= array();
var $aclMyObjects= array();
var $users= array();
+ var $roles= array();
var $groups= array();
var $recipients= array();
var $isContainer= FALSE;
@@ -49,7 +50,7 @@ class acl extends plugin
$this->parent= $parent;
/* Container? */
- if (preg_match('/^(ou|c|l|dc)=/i', $dn)){
+ if (preg_match('/^(o|ou|c|l|dc)=/i', $dn)){
$this->isContainer= TRUE;
}
@@ -84,6 +85,30 @@ class acl extends plugin
}
ksort($this->groups);
+ /* Roles */
+ $ldap->cd($config->current['BASE']);
+ if ($tag == ""){
+ $ldap->search('(objectClass=gosaRole)', array('cn', 'description','gosaAclTemplate','dn'));
+ } else {
+ $ldap->search('(&(objectClass=gosaRole)(gosaUnitTag='.$tag.'))', array('cn', 'description','gosaAclTemplate','dn'));
+ }
+ while ($attrs= $ldap->fetch()){
+ $dsc= "";
+ if (isset($attrs['description'][0])){
+ $dsc= $attrs['description'][0];
+ }
+
+ $role_id = $attrs['dn'];
+
+ $this->roles[$role_id]['acls'] =array();
+ for ($i= 0; $i < $attrs['gosaAclTemplate']['count']; $i++){
+ $acl= $attrs['gosaAclTemplate'][$i];
+ $this->roles[$role_id]['acls'] = array_merge($this->roles[$role_id]['acls'],$this->explodeACL($acl));
+ }
+ $this->roles[$role_id]['description'] = $dsc;
+ $this->roles[$role_id]['cn'] = $attrs['cn'][0];
+ }
+
/* Objects */
$tmp= get_global('plist');
$plist= $tmp->info;
@@ -173,7 +198,7 @@ class acl extends plugin
{
/* Call parent execute */
plugin::execute();
-
+
$tmp= get_global('plist');
$plist= $tmp->info;
@@ -262,6 +287,11 @@ class acl extends plugin
$new_acl[$object][$attribute]= $value;
}
}
+
+ if(isset($_POST['selected_role'])){
+ $this->aclContents = "";
+ $this->aclContents = base64_decode($_POST['selected_role']);
+ }
}
/* Only be interested in new acl's, if we're in the right _POST place */
@@ -365,7 +395,7 @@ class acl extends plugin
/* Fill in entries */
foreach ($this->gosaAclEntry as $key => $entry){
- $field1= array("string" => $this->aclTypes[$entry['type']], "attach" => "style='width:100px'");
+ $field1= array("string" => $this->aclTypes[$entry['type']], "attach" => "style='width:150px'");
$field2= array("string" => $this->assembleAclSummary($entry));
$action= "";
$action.= "";
@@ -455,6 +485,7 @@ class acl extends plugin
/* Role selector if scope is base */
if ($this->aclType == 'role'){
$smarty->assign('roleSelector', "Role selector");#, $this->buildRoleSelector($this->myAclObjects));
+ $smarty->assign('roleSelector', $this->buildRoleSelector($this->roles));
}
}
@@ -474,7 +505,7 @@ class acl extends plugin
/* Role selector if scope is base */
if ($this->aclType == 'role'){
- $smarty->assign('roleSelector', "Role selector");#, $this->buildRoleSelector($this->myAclObjects));
+ $smarty->assign('roleSelector', $this->buildRoleSelector($this->roles));
} else {
$smarty->assign('aclSelector', $this->buildAclSelector($aclObjects));
}
@@ -486,6 +517,7 @@ class acl extends plugin
return ($smarty->fetch (get_template_path('acl.tpl')));
}
+
function sort_by_priority($list)
{
$tmp= get_global('plist');
@@ -512,6 +544,35 @@ class acl extends plugin
return($ret);
}
+
+ function buildRoleSelector($list)
+ {
+ $D_List =new DivSelectBox("Acl_Roles");
+
+ $selected = $this->aclContents;
+ if(!is_string($this->aclContents) || !isset($list[$this->aclContents])){
+ $selected = key($list);
+ }
+
+ $str ="";
+ foreach($list as $dn => $values){
+
+ if($dn == $selected){
+ $option = "";
+ }else{
+ $option = "";
+ }
+
+ $field1 = array("string" => $option) ;
+ $field2 = array("string" => $values['cn'], "attach" => "style='width:200px;'") ;
+ $field3 = array("string" => $values['description'],"attach" => "style='border-right:0px;'") ;
+
+ $D_List->AddEntry(array($field1,$field2,$field3));
+ }
+ return($D_List->DrawList());
+ }
+
+
function buildAclSelector($list)
{
$display= "";
@@ -691,7 +752,7 @@ class acl extends plugin
{
$state= $state?"checked":"";
return "\n ".
- "\n ";
+ "\n ";
}
@@ -700,9 +761,9 @@ class acl extends plugin
$rstate= preg_match('/r/', $state)?'checked':'';
$wstate= preg_match('/w/', $state)?'checked':'';
return ("\n ".
- "\n ".
+ "\n ".
"\n ".
- "\n ");
+ "\n ");
}
@@ -710,8 +771,8 @@ class acl extends plugin
{
list($index, $type)= split(':', $acl);
$a= array( $index => array("type" => $type,
- "members" => acl::extractMembers($acl)));
-
+ "members" => acl::extractMembers($acl,$type == "role")));
+
/* Handle different types */
switch ($type){
@@ -723,7 +784,7 @@ class acl extends plugin
break;
case 'role':
- echo "Role: $acl";
+ $a[$index]['acl']= base64_decode(preg_replace('/^[^:]+:[^:]+:([^:]+).*$/', '\1', $acl));
break;
case 'reset':
@@ -733,18 +794,21 @@ class acl extends plugin
print_red(sprintf(_("Unkown ACL type '%s'. Don't know how to handle it."), $type));
$a= array();
}
-
return ($a);
}
- function extractMembers($acl)
+ function extractMembers($acl,$role = FALSE)
{
global $config;
$a= array();
/* Rip acl off the string, seperate by ',' and place it in an array */
- $ms= preg_replace('/^[^:]+:[^:]+:([^:]+).*$/', '\1', $acl);
+ if($role){
+ $ms= preg_replace('/^[^:]+:[^:]+:[^:]+:([^:]+).*$/', '\1', $acl);
+ }else{
+ $ms= preg_replace('/^[^:]+:[^:]+:([^:]+).*$/', '\1', $acl);
+ }
if ($ms == $acl){
return $a;
}
@@ -826,12 +890,22 @@ class acl extends plugin
/* Summarize ACL */
if (isset($entry['acl'])){
$acl= "";
- foreach ($entry['acl'] as $name => $object){
- if (count($object)){
- $acl.= "$name, ";
+
+ if($entry['type'] == "role"){
+
+ if(isset($this->roles[$entry['acl']])){
+ $summary.= sprintf(_("Role: %s"), $this->roles[$entry['acl']]['cn']);
+ }else{
+ $summary.= sprintf(_("Role: %s"), ""._("Unknown role, possibly removed")."");
}
+ }else{
+ foreach ($entry['acl'] as $name => $object){
+ if (count($object)){
+ $acl.= "$name, ";
+ }
+ }
+ $summary.= sprintf(_("Contains settings for these objects: %s"), preg_replace('/, $/', '', $acl));
}
- $summary.= sprintf(_("Contains settings for these objects: %s"), preg_replace('/, $/', '', $acl));
}
/* Summarize members */
@@ -893,7 +967,12 @@ class acl extends plugin
$members.= base64_encode(preg_replace('/^.:/', '', $key)).',';
}
}
- $final= $prio.":".$entry['type'].":".preg_replace('/,$/', '', $members);
+
+ if($entry['type'] != "role"){
+ $final= $prio.":".$entry['type'].":".preg_replace('/,$/', '', $members);
+ }else{
+ $final= $prio.":".$entry['type'].":".base64_encode($entry['acl']).":".preg_replace('/,$/', '', $members);
+ }
/* ACL's if needed */
if ($entry['type'] != "reset" && $entry['type'] != "role"){
@@ -964,6 +1043,17 @@ class acl extends plugin
function remove_from_parent()
{
+ plugin::remove_from_parent();
+
+ /* include global link_info */
+ $ldap= $this->config->get_ldap_link();
+
+ $ldap->cd($this->dn);
+ $this->cleanup();
+ $ldap->modify ($this->attrs);
+
+ /* Optionally execute a command after we're done */
+ $this->handle_post_events("remove",array("uid" => $this->uid));
}
}