X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Fclass_plugin.inc;h=4440ab7626ead2106a0fb992fa7ef64960921db9;hb=0a6e4edb849c77f68b4276cc7961367de2ce299d;hp=cf8682f84733233f952937e82085a93b19927c3b;hpb=970bbc526d6c9b47d637f442965e544a536791ef;p=gosa.git diff --git a/include/class_plugin.inc b/include/class_plugin.inc index cf8682f84..4440ab762 100644 --- a/include/class_plugin.inc +++ b/include/class_plugin.inc @@ -105,13 +105,27 @@ class plugin /* attribute list for save action */ var $attributes= array(); var $objectclasses= array(); - var $new= TRUE; + var $is_new= TRUE; var $saved_attributes= array(); + var $acl_base= ""; + var $acl_category= ""; + /* Plugin identifier */ var $plHeadline= ""; var $plDescription= ""; + /* This can be set to render the tabulators in another stylesheet */ + var $pl_notify= FALSE; + + + /* This variable indicates that this class can handle multiple dns at once. */ + var $multiple_support = FALSE; + + /* This aviable indicates, that we are currently in multiple edit handle */ + var $multiple_support_active = FALSE; + var $selected_edit_values = array(); + /*! \brief plugin constructor If 'dn' is set, the node loads the given 'dn' from LDAP @@ -119,10 +133,10 @@ class plugin \param dn Distinguished name to initialize plugin from \sa plugin() */ - function plugin ($config, $dn= NULL) + function plugin (&$config, $dn= NULL, $parent= NULL) { /* Configuration is fine, allways */ - $this->config= $config; + $this->config= &$config; $this->dn= $dn; /* Handle new accounts, don't read information from LDAP */ @@ -130,13 +144,20 @@ class plugin return; } + /* Save current dn as acl_base */ + $this->acl_base= $dn; + /* Get LDAP descriptor */ $ldap= $this->config->get_ldap_link(); - if ($dn != NULL){ + if ($dn !== NULL){ /* Load data to 'attrs' and save 'dn' */ - $ldap->cat ($dn); - $this->attrs= $ldap->fetch(); + if ($parent !== NULL){ + $this->attrs= $parent->attrs; + } else { + $ldap->cat ($dn); + $this->attrs= $ldap->fetch(); + } /* Copy needed attributes */ foreach ($this->attributes as $val){ @@ -162,7 +183,6 @@ class plugin } /* Is Account? */ - error_reporting(0); $found= TRUE; foreach ($this->objectclasses as $obj){ if (preg_match('/top/i', $obj)){ @@ -173,7 +193,6 @@ class plugin break; } } - error_reporting(E_ALL); if ($found){ $this->is_account= TRUE; @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, @@ -212,10 +231,11 @@ class plugin */ function execute() { - # This one is empty currently. Fabian - please fill in the docu code + /* This one is empty currently. Fabian - please fill in the docu code */ $_SESSION['current_class_for_help'] = get_class($this); + /* Reset Lock message POST/GET check array, to prevent perg_match errors*/ - $_SESSION['LOCK_VARS_TO_USE'] =array(); + $_SESSION['LOCK_VARS_TO_USE'] = $_SESSION['LOCK_VARS_USED'] =array(); } /*! \brief execute plugin @@ -229,21 +249,16 @@ class plugin /* Get current objectClasses in order to add the required ones */ $ldap->cat($this->dn); $tmp= $ldap->fetch (); + $oc= array(); if (isset($tmp['objectClass'])){ $oc= $tmp['objectClass']; - } else { - $oc= array("count" => 0); + unset($oc['count']); } /* Remove objectClasses from entry */ $ldap->cd($this->dn); $this->attrs= array(); - $this->attrs['objectClass']= array(); - for ($i= 0; $i<$oc["count"]; $i++){ - if (!in_array_ics($oc[$i], $this->objectclasses)){ - $this->attrs['objectClass'][]= $oc[$i]; - } - } + $this->attrs['objectClass']= array_remove_entries($this->objectclasses,$oc); /* Unset attributes from entry */ foreach ($this->attributes as $val){ @@ -265,9 +280,19 @@ class plugin /* Save data to object */ function save_object() { + if($this->multiple_support_active){ + foreach($this->attributes as $attr){ + if(isset($_POST["use_".$attr])){ + $this->selected_edit_values[$attr] = TRUE; + }else{ + $this->selected_edit_values[$attr] = FALSE; + } + } + } + /* Save values to object */ foreach ($this->attributes as $val){ - if ($this->acl_is_writable($val) && isset ($_POST["$val"])){ + if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){ /* Check for modifications */ if (get_magic_quotes_gpc()) { $data= stripcslashes($_POST["$val"]); @@ -289,6 +314,9 @@ class plugin $data = ""; } $this->$val= $data; + //echo "".$val."
"; + }else{ + //echo "".$val."
"; } } } @@ -307,28 +335,24 @@ class plugin $ldap->cat($this->dn); $tmp= $ldap->fetch (); - + + $oc= array(); if (isset($tmp['objectClass'])){ $oc= $tmp["objectClass"]; - $this->new= FALSE; + $this->is_new= FALSE; + unset($oc['count']); } else { - $oc= array("count" => 0); - $this->new= TRUE; + $this->is_new= TRUE; } /* Load (minimum) attributes, add missing ones */ - $this->attrs['objectClass']= $this->objectclasses; - for ($i= 0; $i<$oc["count"]; $i++){ - if (!in_array_ics($oc[$i], $this->objectclasses)){ - $this->attrs['objectClass'][]= $oc[$i]; - } - } + $this->attrs['objectClass']= gosa_array_merge($oc,$this->objectclasses); /* Copy standard attributes */ foreach ($this->attributes as $val){ if ($this->$val != ""){ $this->attrs["$val"]= $this->$val; - } elseif (!$this->new) { + } elseif (!$this->is_new) { $this->attrs["$val"]= array(); } } @@ -381,6 +405,11 @@ class plugin } } } + + /* Update saved attributes and ensure that next cleanups will be successful too */ + foreach($this->attrs as $name => $value){ + $this->saved_attributes[$name] = $value; + } } /* Check formular input */ @@ -389,15 +418,12 @@ class plugin $message= array(); /* Skip if we've no config object */ - if (!isset($this->config)){ + if (!isset($this->config) || !is_object($this->config)){ return $message; } /* Find hooks entries for this class */ - $command= search_config($this->config->data['MENU'], get_class($this), "CHECK"); - if ($command == "" && isset($this->config->data['TABS'])){ - $command= search_config($this->config->data['TABS'], get_class($this), "CHECK"); - } + $command= $this->config->search(get_class($this), "CHECK", array('menu', 'tabs')); if ($command != ""){ @@ -508,14 +534,13 @@ class plugin /* Show header message for tab dialogs */ function show_enable_header($button_text, $text, $disabled= FALSE) { - if ($disabled == TRUE){ + if (($disabled == TRUE) || (!$this->acl_is_createable())){ $state= "disabled"; } else { $state= ""; } $display= "\n

$text

\n"; - $display.= "acl_is_createable()?'':'disabled')." ".$state. + $display.= "

 

"; return($display); @@ -525,14 +550,13 @@ class plugin /* Show header message for tab dialogs */ function show_disable_header($button_text, $text, $disabled= FALSE) { - if ($disabled == TRUE){ + if (($disabled == TRUE) || !$this->acl_is_removeable()){ $state= "disabled"; } else { $state= ""; } $display= "\n

$text

\n"; - $display.= "acl_is_removeable()?'':'disabled')." ".$state. + $display.= "

 

"; return($display); @@ -560,12 +584,15 @@ class plugin function postcreate($add_attrs= array()) { /* Find postcreate entries for this class */ - $command= search_config($this->config->data['MENU'], get_class($this), "POSTCREATE"); - if ($command == "" && isset($this->config->data['TABS'])){ - $command= search_config($this->config->data['TABS'], get_class($this), "POSTCREATE"); - } + $command= $this->config->search(get_class($this), "POSTCREATE",array('menu', 'tabs')); if ($command != ""){ + + /* Additional attributes */ + foreach ($add_attrs as $name => $value){ + $command= preg_replace("/%$name/", $value, $command); + } + /* Walk through attribute list */ foreach ($this->attributes as $attr){ if (!is_array($this->$attr)){ @@ -574,11 +601,6 @@ class plugin } $command= preg_replace("/%dn/", $this->dn, $command); - /* Additional attributes */ - foreach ($add_attrs as $name => $value){ - $command= preg_replace("/%$name/", $value, $command); - } - if (check_command($command)){ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute"); @@ -594,12 +616,15 @@ class plugin function postmodify($add_attrs= array()) { /* Find postcreate entries for this class */ - $command= search_config($this->config->data['MENU'], get_class($this), "POSTMODIFY"); - if ($command == "" && isset($this->config->data['TABS'])){ - $command= search_config($this->config->data['TABS'], get_class($this), "POSTMODIFY"); - } + $command= $this->config->search(get_class($this), "POSTMODIFY",array('menu','tabs')); if ($command != ""){ + + /* Additional attributes */ + foreach ($add_attrs as $name => $value){ + $command= preg_replace("/%$name/", $value, $command); + } + /* Walk through attribute list */ foreach ($this->attributes as $attr){ if (!is_array($this->$attr)){ @@ -608,11 +633,6 @@ class plugin } $command= preg_replace("/%dn/", $this->dn, $command); - /* Additional attributes */ - foreach ($add_attrs as $name => $value){ - $command= preg_replace("/%$name/", $value, $command); - } - if (check_command($command)){ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute"); @@ -628,12 +648,14 @@ class plugin function postremove($add_attrs= array()) { /* Find postremove entries for this class */ - $command= search_config($this->config->data['MENU'], get_class($this), "POSTREMOVE"); - if ($command == "" && isset($this->config->data['TABS'])){ - $command= search_config($this->config->data['TABS'], get_class($this), "POSTREMOVE"); - } - + $command= $this->config->search(get_class($this), "POSTREMOVE",array('menu','tabs')); if ($command != ""){ + + /* Additional attributes */ + foreach ($add_attrs as $name => $value){ + $command= preg_replace("/%$name/", $value, $command); + } + /* Walk through attribute list */ foreach ($this->attributes as $attr){ if (!is_array($this->$attr)){ @@ -741,7 +763,6 @@ class plugin } $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']); - error_reporting (0); $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*"); /* Fill data from LDAP */ @@ -750,7 +771,7 @@ class plugin $ei=ldap_first_entry($ds, $sr); if ($ei) { foreach($attrs as $attr => $val){ - if ($info = ldap_get_values_len($ds, $ei, $attr)){ + if ($info = @ldap_get_values_len($ds, $ei, $attr)){ for ($i= 0; $i<$info['count']; $i++){ if ($info['count'] == 1){ $new[$attr]= $info[$i]; @@ -764,7 +785,6 @@ class plugin } /* close conncetion */ - error_reporting (E_ALL); ldap_unbind($ds); /* Adapt naming attribute */ @@ -895,14 +915,42 @@ class plugin } - function PrepareForCopyPaste($source){ + function PrepareForCopyPaste($source) + { $todo = $this->attributes; if(isset($this->CopyPasteVars)){ $todo = array_merge($todo,$this->CopyPasteVars); } - $todo[] = "is_account"; + + if(count($this->objectclasses)){ + $this->is_account = TRUE; + foreach($this->objectclasses as $class){ + if(!in_array($class,$source['objectClass'])){ + $this->is_account = FALSE; + } + } + } + foreach($todo as $var){ - $this->$var = $source->$var; + if (isset($source[$var])){ + if(isset($source[$var]['count'])){ + if($source[$var]['count'] > 1){ + $this->$var = array(); + $tmp = array(); + for($i = 0 ; $i < $source[$var]['count']; $i++){ + $tmp = $source[$var][$i]; + } + $this->$var = $tmp; +# echo $var."=".$tmp."
"; + }else{ + $this->$var = $source[$var][0]; +# echo $var."=".$source[$var][0]."
"; + } + }else{ + $this->$var= $source[$var]; +# echo $var."=".$source[$var]."
"; + } + } } } @@ -1053,7 +1101,7 @@ class plugin $server = $tmp['SNAPSHOT_SERVER']; $user = $tmp['SNAPSHOT_USER']; $password = $tmp['SNAPSHOT_PASSWORD']; - $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE']; + $snapldapbase = $tmp['SNAPSHOT_BASE']; $ldap_to = new LDAP($user,$password, $server); $ldap_to -> cd($snapldapbase); @@ -1110,18 +1158,13 @@ class plugin function remove_snapshot($dn) { -echo "FIXME: remove_snapshot uses old acl's
"; - $ui = get_userinfo(); - $acl = get_permissions ($dn, $ui->subtreeACL); - $acl = get_module_permission($acl, "snapshot", $dn); - - if (chkacl($this->acl, "delete") == ""){ - $ldap = $this->config->get_ldap_link(); - $ldap->cd($this->config->current['BASE']); - $ldap->rmdir_recursive($dn); - }else{ - print_red (_("You are not allowed to delete this snap shot!")); - } + $ui = get_userinfo(); + $old_dn = $this->dn; + $this->dn = $dn; + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $ldap->rmdir_recursive($dn); + $this->dn = $old_dn; } @@ -1135,7 +1178,7 @@ echo "FIXME: remove_snapshot uses old acl's
"; /* Check if the snapshot_base is defined */ if(!isset($tmp['SNAPSHOT_BASE'])){ - print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),$missing)); + print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),"SNAPSHOT_BASE")); return(FALSE); } @@ -1144,7 +1187,7 @@ echo "FIXME: remove_snapshot uses old acl's
"; /* check if all required vars are available to create a new ldap connection */ $missing = ""; - foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){ + foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_BASE") as $var){ if(!isset($tmp[$var])){ $missing .= $var." "; print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing)); @@ -1169,14 +1212,14 @@ echo "FIXME: remove_snapshot uses old acl's
"; points to our ldap snapshot server */ $ldap= $this->config->get_ldap_link(); $ldap->cd($this->config->current['BASE']); - $tmp = $this->config->current; + $cfg= &$this->config->current; /* check if there are special server configurations for snapshots */ - if(isset($tmp['SNAPSHOT_SERVER'])){ - $server = $tmp['SNAPSHOT_SERVER']; - $user = $tmp['SNAPSHOT_USER']; - $password = $tmp['SNAPSHOT_PASSWORD']; - $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE']; + if(isset($cfg['SNAPSHOT_SERVER'])){ + $server = $cfg['SNAPSHOT_SERVER']; + $user = $cfg['SNAPSHOT_USER']; + $password = $cfg['SNAPSHOT_PASSWORD']; + $snapldapbase = $cfg['SNAPSHOT_BASE']; $ldap_to = new LDAP($user,$password, $server); $ldap_to -> cd ($snapldapbase); show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn)); @@ -1186,7 +1229,7 @@ echo "FIXME: remove_snapshot uses old acl's
"; /* Prepare bases and some other infos */ $base = $this->config->current['BASE']; - $snap_base = $tmp['SNAPSHOT_BASE']; + $snap_base = $cfg['SNAPSHOT_BASE']; $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn); $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base; $tmp = array(); @@ -1225,24 +1268,24 @@ echo "FIXME: remove_snapshot uses old acl's
"; points to our ldap snapshot server */ $ldap= $this->config->get_ldap_link(); $ldap->cd($this->config->current['BASE']); - $tmp = $this->config->current; + $cfg= &$this->config->current; /* check if there are special server configurations for snapshots */ - if(isset($tmp['SNAPSHOT_SERVER'])){ - $server = $tmp['SNAPSHOT_SERVER']; - $user = $tmp['SNAPSHOT_USER']; - $password = $tmp['SNAPSHOT_PASSWORD']; - $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE']; + if(isset($cfg['SNAPSHOT_SERVER'])){ + $server = $cfg['SNAPSHOT_SERVER']; + $user = $cfg['SNAPSHOT_USER']; + $password = $cfg['SNAPSHOT_PASSWORD']; + $snapldapbase = $cfg['SNAPSHOT_BASE']; $ldap_to = new LDAP($user,$password, $server); $ldap_to->cd ($snapldapbase); - show_ldap_error($ldap->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn)); + show_ldap_error($ldap_to->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn)); }else{ $ldap_to = $ldap; } /* Prepare bases */ $base = $this->config->current['BASE']; - $snap_base = $tmp['SNAPSHOT_BASE']; + $snap_base = $cfg['SNAPSHOT_BASE']; $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base; /* Fetch all objects and check if they do not exist anymore */ @@ -1289,14 +1332,14 @@ echo "FIXME: remove_snapshot uses old acl's
"; $ldap= $this->config->get_ldap_link(); $ldap->cd($this->config->current['BASE']); - $tmp = $this->config->current; + $cfg= &$this->config->current; /* check if there are special server configurations for snapshots */ - if(isset($tmp['SNAPSHOT_SERVER'])){ - $server = $tmp['SNAPSHOT_SERVER']; - $user = $tmp['SNAPSHOT_USER']; - $password = $tmp['SNAPSHOT_PASSWORD']; - $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE']; + if(isset($cfg['SNAPSHOT_SERVER'])){ + $server = $cfg['SNAPSHOT_SERVER']; + $user = $cfg['SNAPSHOT_USER']; + $password = $cfg['SNAPSHOT_PASSWORD']; + $snapldapbase = $cfg['SNAPSHOT_BASE']; $ldap_to = new LDAP($user,$password, $server); $ldap_to->cd ($snapldapbase); show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase)); @@ -1340,9 +1383,11 @@ echo "FIXME: remove_snapshot uses old acl's
"; } /* Restore one of the already deleted objects */ - if(preg_match("/^RestoreDeletedSnapShot_/",$name) && $once){ + if(((isset($_POST['menu_action']) && $_POST['menu_action'] == "RestoreDeletedSnapShot") + || preg_match("/^RestoreDeletedSnapShot_/",$name)) && $once){ $once = false; - $this->snapDialog = new SnapShotDialog($this->config,$baseSuffixe,$this); + $this->snapDialog = new SnapShotDialog($this->config,"",$this); + $this->snapDialog->set_snapshot_bases($baseSuffixe); $this->snapDialog->display_restore_dialog = true; $this->snapDialog->display_all_removed_objects = true; } @@ -1361,7 +1406,7 @@ echo "FIXME: remove_snapshot uses old acl's
"; /* Create a new snapshot requested, check the given attributes and create the snapshot*/ - if(isset($_POST['CreateSnapshot'])){ + if(isset($_POST['CreateSnapshot']) && is_object($this->snapDialog)){ $this->snapDialog->save_object(); $msgs = $this->snapDialog->check(); if(count($msgs)){ @@ -1383,46 +1428,237 @@ echo "FIXME: remove_snapshot uses old acl's
"; $this->snapDialog = NULL; } - if($this->snapDialog){ + if(is_object($this->snapDialog )){ $this->snapDialog->save_object(); return($this->snapDialog->execute()); } } - function plInfo() + static function plInfo() { return array(); } - function acl_is_writable($attribute) + function set_acl_base($base) + { + $this->acl_base= $base; + } + + + function set_acl_category($category) + { + $this->acl_category= "$category/"; + } + + + function acl_is_writeable($attribute,$skip_write = FALSE) { $ui= get_userinfo(); - return preg_match('/w/', $ui->get_permissions($this->dn, get_class($this), $attribute)); + return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write)); } function acl_is_readable($attribute) { $ui= get_userinfo(); - return preg_match('/r/', $ui->get_permissions($this->dn, get_class($this), $attribute)); + return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute)); } function acl_is_createable() { $ui= get_userinfo(); - return preg_match('/c/', $ui->get_permissions($this->dn, get_class($this), 'dummy')); + return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0')); + } + + + function acl_is_removeable() + { + $ui= get_userinfo(); + return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0')); + } + + + function acl_is_moveable() + { + $ui= get_userinfo(); + return preg_match('/m/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0')); + } + + + function acl_have_any_permissions() + { } - function acl_is_removable() + function getacl($attribute,$skip_write= FALSE) { $ui= get_userinfo(); - return preg_match('/d/', $ui->get_permissions($this->dn, get_class($this), 'dummy')); + return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write); + } + + /* Get all allowed bases to move an object to or to create a new object. + Idepartments also contains all base departments which lead to the allowed bases */ + function get_allowed_bases($category = "") + { + $ui = get_userinfo(); + $deps = array(); + + /* Set category */ + if(empty($category)){ + $category = $this->acl_category.get_class($this); + } + + /* Is this a new object ? Or just an edited existing object */ + if(!$this->initially_was_account && $this->is_account){ + $new = true; + }else{ + $new = false; + } + + $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category)); + foreach($this->config->idepartments as $dn => $name){ + + if(!in_array_ics($dn,$cat_bases)){ + continue; + } + + $acl = $ui->get_permissions($dn,$category); + if($new && preg_match("/c/",$acl)){ + $deps[$dn] = $name; + }elseif(!$new && preg_match("/m/",$acl)){ + $deps[$dn] = $name; + } + } + + /* Add current base */ + if(isset($this->base) && isset($this->config->idepartments[$this->base])){ + $deps[$this->base] = $this->config->idepartments[$this->base]; + }else{ + echo "No default base found. ".$this->base."
"; + } + + return($deps); + } + + /* This function modifies object acls too, if an object is moved. + * $old_dn specifies the actually used dn + * $new_dn specifies the destiantion dn + */ + function update_acls($old_dn,$new_dn,$output_changes = FALSE) + { + /* Check if old_dn is empty. This should never happen */ + if(empty($old_dn) || empty($new_dn)){ + trigger_error("Failed to check acl dependencies, wrong dn given."); + return; + } + + /* Update userinfo if necessary */ + if($_SESSION['ui']->dn == $old_dn){ + $_SESSION['ui']->dn = $new_dn; + new log("view","acl/".get_class($this),$this->dn,array(),"Updated current user dn from '".$old_dn."' to '".$new_dn."'"); + } + + /* Object was moved, ensure that all acls will be moved too */ + if($new_dn != $old_dn && $old_dn != "new"){ + + /* get_ldap configuration */ + $update = array(); + $ldap = $this->config->get_ldap_link(); + $ldap->cd ($this->config->current['BASE']); + $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry")); + while($attrs = $ldap->fetch()){ + + $acls = array(); + + /* Walk through acls */ + for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){ + + /* Reset vars */ + $found = false; + + /* Get Acl parts */ + $acl_parts = split(":",$attrs['gosaAclEntry'][$i]); + + /* Get every single member for this acl */ + $members = array(); + if(preg_match("/,/",$acl_parts[2])){ + $members = split(",",$acl_parts[2]); + }else{ + $members = array($acl_parts[2]); + } + + /* Check if member match current dn */ + foreach($members as $key => $member){ + $member = base64_decode($member); + if($member == $old_dn){ + $found = true; + $members[$key] = base64_encode($new_dn); + } + } + + /* Create new member string */ + $new_members = ""; + foreach($members as $member){ + $new_members .= $member.","; + } + $new_members = preg_replace("/,$/","",$new_members); + $acl_parts[2] = $new_members; + + /* Reconstruckt acl entry */ + $acl_str =""; + foreach($acl_parts as $t){ + $acl_str .= $t.":"; + } + $acl_str = preg_replace("/:$/","",$acl_str); + } + + /* Acls for this object must be adjusted */ + if($found){ + + if($output_changes){ + echo "". + _("Changing ACL dn")." : 
 -"._("from")."  ". + $old_dn. + "
 -"._("to")." ". + $new_dn. + "
"; + } + $update[$attrs['dn']] =array(); + foreach($acls as $acl){ + $update[$attrs['dn']]['gosaAclEntry'][] = $acl; + } + } + } + + /* Write updated acls */ + foreach($update as $dn => $attrs){ + $ldap->cd($dn); + $ldap->modify($attrs); + } + } + } + + + function get_multi_edit_values() + { + $ret = array(); + foreach($this->selected_edit_values as $attr => $active){ + if($active){ + $ret[$attr] = $this->$attr; + } + } + return($ret); + } + + function set_multi_edit_value() + { + } } + // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>