X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Fclass_plugin.inc;h=97130eaf36da69dd6d5531a106f042e6c1903e33;hb=4ea9cc15e45b3194cd91eddf1d5c62ecb616f855;hp=f9ffda6793430a61e48c062829d0b29626b92acb;hpb=bc20009de19955b6b0e592fa1b849e827665c04f;p=gosa.git diff --git a/include/class_plugin.inc b/include/class_plugin.inc index f9ffda679..97130eaf3 100644 --- a/include/class_plugin.inc +++ b/include/class_plugin.inc @@ -83,6 +83,9 @@ class plugin */ var $attrs= array(); + /* Keep set of conflicting plugins */ + var $conflicts= array(); + /* Save unit tags */ var $gosaUnitTag= ""; @@ -97,6 +100,7 @@ class plugin var $givenName= ""; var $acl= "*none*"; var $dialog= FALSE; + var $snapDialog = NULL; /* attribute list for save action */ var $attributes= array(); @@ -104,6 +108,10 @@ class plugin var $new= TRUE; var $saved_attributes= array(); + /* Plugin identifier */ + var $plHeadline= ""; + var $plDescription= ""; + /*! \brief plugin constructor If 'dn' is set, the node loads the given 'dn' from LDAP @@ -259,7 +267,7 @@ class plugin { /* Save values to object */ foreach ($this->attributes as $val){ - if (chkacl ($this->acl, "$val") == "" && isset ($_POST["$val"])){ + if ($this->acl_is_writeable($val) && isset ($_POST["$val"])){ /* Check for modifications */ if (get_magic_quotes_gpc()) { $data= stripcslashes($_POST["$val"]); @@ -281,6 +289,9 @@ class plugin $data = ""; } $this->$val= $data; + echo "".$val."
"; + }else{ + echo "".$val."
"; } } } @@ -496,9 +507,45 @@ class plugin return FALSE; } + + /* Show header message for tab dialogs */ + function show_enable_header($button_text, $text, $disabled= FALSE) + { + if ($disabled == TRUE){ + $state= "disabled"; + } else { + $state= ""; + } + $display= "\n

$text

\n"; + $display.= "acl_is_createable()?'':'disabled')." ".$state. + ">

 

"; + + return($display); + } + + + /* Show header message for tab dialogs */ + function show_disable_header($button_text, $text, $disabled= FALSE) + { + if ($disabled == TRUE){ + $state= "disabled"; + } else { + $state= ""; + } + $display= "\n

$text

\n"; + $display.= "acl_is_removeable()?'':'disabled')." ".$state. + ">

 

"; + + return($display); + } + + /* Show header message for tab dialogs */ function show_header($button_text, $text, $disabled= FALSE) { + echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header
"; if ($disabled == TRUE){ $state= "disabled"; } else { @@ -506,12 +553,13 @@ class plugin } $display= "\n

$text

\n"; $display.= "acl, "all")." ".$state. + ($this->acl_is_createable()?'':'disabled')." ".$state. ">

 

"; return($display); } + function postcreate($add_attrs= array()) { /* Find postcreate entries for this class */ @@ -663,7 +711,7 @@ class plugin { /* Rename dn in possible object groups */ $ldap= $this->config->get_ldap_link(); - $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.$src_dn.'))', + $ldap->search('(&(objectClass=gosaGroupOfNames)(member='.@LDAP::fix($src_dn).'))', array('cn')); while ($attrs= $ldap->fetch()){ $og= new ogroup($this->config, $ldap->getDN()); @@ -675,7 +723,7 @@ class plugin $ldap->cat($dst_dn); $attrs= $ldap->fetch(); if (count($attrs)){ - trigger_error("Trying to overwrite $dst_dn, which already exists.", + trigger_error("Trying to overwrite ".@LDAP::fix($dst_dn).", which already exists.", E_USER_WARNING); return (FALSE); } @@ -683,7 +731,7 @@ class plugin $ldap->cat($src_dn); $attrs= $ldap->fetch(); if (!count($attrs)){ - trigger_error("Trying to move $src_dn, which does not seem to exist.", + trigger_error("Trying to move ".@LDAP::fix($src_dn).", which does not seem to exist.", E_USER_WARNING); return (FALSE); } @@ -697,7 +745,7 @@ class plugin $r=ldap_bind($ds,$this->config->current['ADMIN'], $this->config->current['PASSWORD']); error_reporting (0); - $sr=ldap_read($ds, $ldap->fix($src_dn), "objectClass=*"); + $sr=ldap_read($ds, @LDAP::fix($src_dn), "objectClass=*"); /* Fill data from LDAP */ $new= array(); @@ -725,14 +773,14 @@ class plugin /* Adapt naming attribute */ $dst_name= preg_replace("/^([^=]+)=.*$/", "\\1", $dst_dn); $dst_val = preg_replace("/^[^=]+=([^,+]+).*,.*$/", "\\1", $dst_dn); - $new[$dst_name]= $dst_val; + $new[$dst_name]= @LDAP::fix($dst_val); /* Check if this is a department. * If it is a dep. && there is a , override in his ou * change \2C to , again, else this entry can't be saved ... */ - if((isset($new['ou'])) &&( preg_match("/\\\\2C/",$new['ou']))){ - $new['ou'] = preg_replace("/\\\\2C/",",",$new['ou']); + if((isset($new['ou'])) &&( preg_match("/\\,/",$new['ou']))){ + $new['ou'] = preg_replace("/\\\\,/",",",$new['ou']); } /* Save copy */ @@ -867,11 +915,11 @@ class plugin //FIXME: How to optimize this? We have at least two // LDAP accesses per object. It would be a good // idea to have it integrated. - + /* No dn? Self-operation... */ if ($dn == ""){ $dn= $this->dn; - + /* No tag? Find it yourself... */ if ($tag == ""){ $len= strlen($dn); @@ -904,7 +952,7 @@ class plugin } } } - + /* Set tag? */ if ($tag != ""){ @@ -924,7 +972,7 @@ class plugin echo sprintf(_("Adding tag (%s) to object '%s'"), $tag, @LDAP::fix($dn))."
"; flush(); } - $nattrs= array("gosaUnitTag" => $this->gosaUnitTag); + $nattrs= array("gosaUnitTag" => $tag); $nattrs['objectClass']= array(); for ($i= 0; $i<$attrs['objectClass']['count']; $i++){ $oc= $attrs['objectClass'][$i]; @@ -935,10 +983,11 @@ class plugin $nattrs['objectClass'][]= "gosaAdministrativeUnitTag"; $ldap->cd($dn); $ldap->modify($nattrs); + show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn)); } else { @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not tagging ($tag) $dn - seems to have moved away", "Tagging"); } - + } else { /* Remove objectclass and attribute */ $ldap= $this->config->get_ldap_link(); @@ -963,14 +1012,433 @@ class plugin } $ldap->cd($dn); $ldap->modify($nattrs); - show_ldap_error($ldap->get_error(), _("Handle object tagging failed")); + show_ldap_error($ldap->get_error(), sprintf(_("Handle object tagging with dn '%s' failed."),$dn)); } else { @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, "Not removing tag ($tag) $dn - seems to have moved away", "Tagging"); } } - + + } + + + /* Add possibility to stop remove process */ + function allow_remove() + { + $reason= ""; + return $reason; + } + + + /* Create a snapshot of the current object */ + function create_snapshot($type= "snapshot", $description= array()) + { + + /* Check if snapshot functionality is enabled */ + if(!$this->snapshotEnabled()){ + return; + } + + /* Get configuration from gosa.conf */ + $tmp = $this->config->current; + + /* Create lokal ldap connection */ + $ldap= $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + + /* check if there are special server configurations for snapshots */ + if(!isset($tmp['SNAPSHOT_SERVER'])){ + + /* Source and destination server are both the same, just copy source to dest obj */ + $ldap_to = $ldap; + $snapldapbase = $this->config->current['BASE']; + + }else{ + $server = $tmp['SNAPSHOT_SERVER']; + $user = $tmp['SNAPSHOT_USER']; + $password = $tmp['SNAPSHOT_PASSWORD']; + $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE']; + + $ldap_to = new LDAP($user,$password, $server); + $ldap_to -> cd($snapldapbase); + show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$snapldapbase)); + } + + /* check if the dn exists */ + if ($ldap->dn_exists($this->dn)){ + + /* Extract seconds & mysecs, they are used as entry index */ + list($usec, $sec)= explode(" ", microtime()); + + /* Collect some infos */ + $base = $this->config->current['BASE']; + $snap_base = $tmp['SNAPSHOT_BASE']; + $base_of_object = preg_replace ('/^[^,]+,/i', '', $this->dn); + $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base; + + /* Create object */ +#$data = preg_replace('/^dn:.*\n/', '', $ldap->gen_ldif($this->dn,"(!(objectClass=gosaDepartment))")); + $data = $ldap->gen_ldif($this->dn,"(&(!(objectClass=gosaDepartment))(!(objectClass=FAIclass)))"); + $newName = preg_replace("/\./", "", $sec."-".$usec); + $target= array(); + $target['objectClass'] = array("top", "gosaSnapshotObject"); + $target['gosaSnapshotData'] = gzcompress($data, 6); + $target['gosaSnapshotType'] = $type; + $target['gosaSnapshotDN'] = $this->dn; + $target['description'] = $description; + $target['gosaSnapshotTimestamp'] = $newName; + + /* Insert the new snapshot + But we have to check first, if the given gosaSnapshotTimestamp + is already used, in this case we should increment this value till there is + an unused value. */ + $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base; + $ldap_to->cat($new_dn); + while($ldap_to->count()){ + $ldap_to->cat($new_dn); + $newName = preg_replace("/\./", "", $sec."-".($usec++)); + $new_dn = "gosaSnapshotTimestamp=".$newName.",".$new_base; + $target['gosaSnapshotTimestamp'] = $newName; + } + + /* Inset this new snapshot */ + $ldap_to->cd($snapldapbase); + $ldap_to->create_missing_trees($new_base); + $ldap_to->cd($new_dn); + $ldap_to->add($target); + + show_ldap_error($ldap->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base)); + show_ldap_error($ldap_to->get_error(), sprintf(_("Saving object snapshot with dn '%s' failed."),$new_base)); + } + } + + function remove_snapshot($dn) + { +echo "FIXME: remove_snapshot uses old acl's
"; + $ui = get_userinfo(); + $acl = get_permissions ($dn, $ui->subtreeACL); + $acl = get_module_permission($acl, "snapshot", $dn); + + if (chkacl($this->acl, "delete") == ""){ + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $ldap->rmdir_recursive($dn); + }else{ + print_red (_("You are not allowed to delete this snapshot!")); + } + } + + + /* returns true if snapshots are enabled, and false if it is disalbed + There will also be some errors psoted, if the configuration failed */ + function snapshotEnabled() + { + $tmp = $this->config->current; + if(isset($tmp['ENABLE_SNAPSHOT'])){ + if (preg_match("/^true$/i", $tmp['ENABLE_SNAPSHOT']) || preg_match("/yes/i", $tmp['ENABLE_SNAPSHOT'])){ + + /* Check if the snapshot_base is defined */ + if(!isset($tmp['SNAPSHOT_BASE'])){ + print_red(sprintf(_("The snapshot functionality is enabled, but the required variable '%s' is not configured in your gosa.conf."),$missing)); + return(FALSE); + } + + /* check if there are special server configurations for snapshots */ + if(isset($tmp['SNAPSHOT_SERVER'])){ + + /* check if all required vars are available to create a new ldap connection */ + $missing = ""; + foreach(array("SNAPSHOT_SERVER","SNAPSHOT_USER","SNAPSHOT_PASSWORD","SNAPSHOT_LDAP_BASE") as $var){ + if(!isset($tmp[$var])){ + $missing .= $var." "; + print_red(sprintf(_("The snapshot functionality is enabled, but the required variable(s) '%s' is not configured in your gosa.conf."),$missing)); + return(FALSE); + } + } + } + return(TRUE); + } + } + return(FALSE); + } + + + /* Return available snapshots for the given base + */ + function Available_SnapsShots($dn,$raw = false) + { + if(!$this->snapshotEnabled()) return(array()); + + /* Create an additional ldap object which + points to our ldap snapshot server */ + $ldap= $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $tmp = $this->config->current; + + /* check if there are special server configurations for snapshots */ + if(isset($tmp['SNAPSHOT_SERVER'])){ + $server = $tmp['SNAPSHOT_SERVER']; + $user = $tmp['SNAPSHOT_USER']; + $password = $tmp['SNAPSHOT_PASSWORD']; + $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE']; + $ldap_to = new LDAP($user,$password, $server); + $ldap_to -> cd ($snapldapbase); + show_ldap_error($ldap->get_error(), sprintf(_("Method get available snapshots with dn '%s' failed."),$this->dn)); + }else{ + $ldap_to = $ldap; + } + + /* Prepare bases and some other infos */ + $base = $this->config->current['BASE']; + $snap_base = $tmp['SNAPSHOT_BASE']; + $base_of_object = preg_replace ('/^[^,]+,/i', '', $dn); + $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base; + $tmp = array(); + + /* Fetch all objects with gosaSnapshotDN=$dn */ + $ldap_to->cd($new_base); + $ldap_to->ls("(&(objectClass=gosaSnapshotObject)(gosaSnapshotDN=".$dn."))",$new_base, + array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description")); + + /* Put results into a list and add description if missing */ + while($entry = $ldap_to->fetch()){ + if(!isset($entry['description'][0])){ + $entry['description'][0] = ""; + } + $tmp[] = $entry; + } + + /* Return the raw array, or format the result */ + if($raw){ + return($tmp); + }else{ + $tmp2 = array(); + foreach($tmp as $entry){ + $tmp2[base64_encode($entry['dn'])] = $entry['description'][0]; + } + } + return($tmp2); + } + + + function getAllDeletedSnapshots($base_of_object,$raw = false) + { + if(!$this->snapshotEnabled()) return(array()); + + /* Create an additional ldap object which + points to our ldap snapshot server */ + $ldap= $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $tmp = $this->config->current; + + /* check if there are special server configurations for snapshots */ + if(isset($tmp['SNAPSHOT_SERVER'])){ + $server = $tmp['SNAPSHOT_SERVER']; + $user = $tmp['SNAPSHOT_USER']; + $password = $tmp['SNAPSHOT_PASSWORD']; + $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE']; + $ldap_to = new LDAP($user,$password, $server); + $ldap_to->cd ($snapldapbase); + show_ldap_error($ldap->get_error(), sprintf(_("Method get deleted snapshots with dn '%s' failed."),$this->dn)); + }else{ + $ldap_to = $ldap; + } + + /* Prepare bases */ + $base = $this->config->current['BASE']; + $snap_base = $tmp['SNAPSHOT_BASE']; + $new_base = preg_replace("/".normalizePreg($base)."$/","",$base_of_object).$snap_base; + + /* Fetch all objects and check if they do not exist anymore */ + $ui = get_userinfo(); + $tmp = array(); + $ldap_to->cd($new_base); + $ldap_to->ls("(objectClass=gosaSnapshotObject)",$new_base,array("gosaSnapshotType","gosaSnapshotTimestamp","gosaSnapshotDN","description")); + while($entry = $ldap_to->fetch()){ + + $chk = str_replace($new_base,"",$entry['dn']); + if(preg_match("/,ou=/",$chk)) continue; + + if(!isset($entry['description'][0])){ + $entry['description'][0] = ""; + } + $tmp[] = $entry; + } + + /* Check if entry still exists */ + foreach($tmp as $key => $entry){ + $ldap->cat($entry['gosaSnapshotDN'][0]); + if($ldap->count()){ + unset($tmp[$key]); + } + } + + /* Format result as requested */ + if($raw) { + return($tmp); + }else{ + $tmp2 = array(); + foreach($tmp as $key => $entry){ + $tmp2[base64_encode($entry['dn'])] = $entry['description'][0]; + } + } + return($tmp2); + } + + + /* Restore selected snapshot */ + function restore_snapshot($dn) + { + if(!$this->snapshotEnabled()) return(array()); + + $ldap= $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $tmp = $this->config->current; + + /* check if there are special server configurations for snapshots */ + if(isset($tmp['SNAPSHOT_SERVER'])){ + $server = $tmp['SNAPSHOT_SERVER']; + $user = $tmp['SNAPSHOT_USER']; + $password = $tmp['SNAPSHOT_PASSWORD']; + $snapldapbase = $tmp['SNAPSHOT_LDAP_BASE']; + $ldap_to = new LDAP($user,$password, $server); + $ldap_to->cd ($snapldapbase); + show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$snapldapbase)); + }else{ + $ldap_to = $ldap; + } + + /* Get the snapshot */ + $ldap_to->cat($dn); + $restoreObject = $ldap_to->fetch(); + + /* Prepare import string */ + $data = gzuncompress($ldap_to->get_attribute($dn,'gosaSnapshotData')); + + /* Import the given data */ + $ldap->import_complete_ldif($data,$err,false,false); + show_ldap_error($ldap->get_error(), sprintf(_("Restore snapshot with dn '%s' failed."),$dn)); } + + function showSnapshotDialog($base,$baseSuffixe) + { + $once = true; + foreach($_POST as $name => $value){ + + /* Create a new snapshot, display a dialog */ + if(preg_match("/^CreateSnapShotDialog_/",$name) && $once){ + $once = false; + $entry = preg_replace("/^CreateSnapShotDialog_/","",$name); + $entry = base64_decode(preg_replace("/_[xy]$/","",$entry)); + $this->snapDialog = new SnapShotDialog($this->config,$entry,$this); + } + + /* Restore a snapshot, display a dialog with all snapshots of the current object */ + if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){ + $once = false; + $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name); + $entry = base64_decode(preg_replace("/_[xy]$/","",$entry)); + $this->snapDialog = new SnapShotDialog($this->config,$entry,$this); + $this->snapDialog->display_restore_dialog = true; + } + + /* Restore one of the already deleted objects */ + if(preg_match("/^RestoreDeletedSnapShot_/",$name) && $once){ + $once = false; + $this->snapDialog = new SnapShotDialog($this->config,$baseSuffixe,$this); + $this->snapDialog->display_restore_dialog = true; + $this->snapDialog->display_all_removed_objects = true; + } + + /* Restore selected snapshot */ + if(preg_match("/^RestoreSnapShot_/",$name) && $once){ + $once = false; + $entry = preg_replace("/^RestoreSnapShot_/","",$name); + $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry))); + if(!empty($entry)){ + $this->restore_snapshot($entry); + $this->snapDialog = NULL; + } + } + } + + /* Create a new snapshot requested, check + the given attributes and create the snapshot*/ + if(isset($_POST['CreateSnapshot'])){ + $this->snapDialog->save_object(); + $msgs = $this->snapDialog->check(); + if(count($msgs)){ + foreach($msgs as $msg){ + print_red($msg); + } + }else{ + $this->dn = $this->snapDialog->dn; + $this->create_snapshot("snapshot",$this->snapDialog->CurrentDescription); + $this->snapDialog = NULL; + } + } + + /* Restore is requested, restore the object with the posted dn .*/ + if((isset($_POST['RestoreSnapshot'])) && (isset($_POST['SnapShot']))){ + } + + if(isset($_POST['CancelSnapshot'])){ + $this->snapDialog = NULL; + } + + if($this->snapDialog){ + $this->snapDialog->save_object(); + return($this->snapDialog->execute()); + } + } + + + function plInfo() + { + return array(); + } + + + function acl_is_writeable($attribute) + { + $ui= get_userinfo(); + return preg_match('/w/', $ui->get_permissions($this->dn, get_class($this), $attribute)); + } + + + function acl_is_readable($attribute) + { + $ui= get_userinfo(); + return preg_match('/r/', $ui->get_permissions($this->dn, get_class($this), $attribute)); + } + + + function acl_is_createable() + { + $ui= get_userinfo(); + return preg_match('/c/', $ui->get_permissions($this->dn, get_class($this), '0')); + } + + + function acl_is_removeable() + { + $ui= get_userinfo(); + return preg_match('/d/', $ui->get_permissions($this->dn, get_class($this), '0')); + } + + + function acl_is_moveable() + { + $ui= get_userinfo(); + return preg_match('/m/', $ui->get_permissions($this->dn, get_class($this), '0')); + } + + + function getacl($attribute) + { + $ui= get_userinfo(); + return $ui->get_permissions($this->dn, get_class($this), $attribute); + } } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>