X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fadmin%2Fogroups%2Fclass_ogroup.inc;h=6d51281be825dd86dd73c3b1f3c93f870af80187;hb=0eebfd3829749fcdcc5d9995ca9675d99f81888a;hp=b32c91fcf419d4b4e1d8ef96ae65542912b19c0c;hpb=e1be3ed4c97e75d7fe7f88594827b2a1ccedb18a;p=gosa.git diff --git a/plugins/admin/ogroups/class_ogroup.inc b/plugins/admin/ogroups/class_ogroup.inc index b32c91fcf..6d51281be 100644 --- a/plugins/admin/ogroups/class_ogroup.inc +++ b/plugins/admin/ogroups/class_ogroup.inc @@ -32,7 +32,7 @@ class ogroup extends plugin var $group_dialog= FALSE; /* attribute list for save action */ - var $attributes= array("cn", "description", "gosaGroupObjects"); + var $attributes= array("cn", "description", "gosaGroupObjects","member"); var $objectclasses= array("top", "gosaGroupOfNames"); function ogroup ($config, $dn= NULL) @@ -40,6 +40,8 @@ class ogroup extends plugin plugin::plugin ($config, $dn); $this->orig_dn= $dn; + $this->member = array(); + /* Load member objects */ if (isset($this->attrs['member'])){ foreach ($this->attrs['member'] as $key => $value){ @@ -79,43 +81,47 @@ class ogroup extends plugin } register_global("ogfilter", $ogfilter); - if(isset($_SESSION['ogroupfilter']['depselect'])){ - $this->base = $_SESSION['ogroupfilter']['depselect']; + if(isset($_SESSION['CurrentMainBase'])){ + $this->base = $_SESSION['CurrentMainBase']; } - /* set permissions */ - $ui= get_userinfo(); - $acl= get_permissions ($ui->dn, $ui->subtreeACL); - $this->acl= get_module_permission($acl, "ogroup", $ui->dn); - - /* Load member data */ $this->reload(); } - function AddDelMembership(){ - /* Delete objects from group */ - if (isset($_POST['delete_membership']) && isset($_POST['members'])){ - foreach ($_POST['members'] as $value){ - $this->objects["$value"]= $this->memberList[$value]; - unset ($this->memberList["$value"]); - unset ($this->member["$value"]); - uasort ($this->objects, 'sort_list'); - reset ($this->objects); - } + function AddDelMembership($NewMember = false){ + + if($NewMember){ + $this->memberList[$NewMember]= $this->allobjects[$NewMember]; + $this->member[$NewMember]= $NewMember; + unset ($this->objects[$NewMember]); + uasort ($this->memberList, 'sort_list'); + reset ($this->memberList); $this->reload(); - } + }else{ + /* Delete objects from group */ + if (isset($_POST['delete_membership']) && isset($_POST['members'])){ + foreach ($_POST['members'] as $value){ + $this->objects["$value"]= $this->memberList[$value]; + unset ($this->memberList["$value"]); + unset ($this->member["$value"]); + uasort ($this->objects, 'sort_list'); + reset ($this->objects); + } + $this->reload(); + } - /* Add objects to group */ - if (isset($_POST['add_object_finish']) && isset($_POST['objects'])){ - foreach ($_POST['objects'] as $value){ - $this->memberList["$value"]= $this->objects[$value]; - $this->member["$value"]= $value; - unset ($this->objects[$value]); - uasort ($this->memberList, 'sort_list'); - reset ($this->memberList); + /* Add objects to group */ + if (isset($_POST['add_object_finish']) && isset($_POST['objects'])){ + foreach ($_POST['objects'] as $value){ + $this->memberList["$value"]= $this->objects[$value]; + $this->member["$value"]= $value; + unset ($this->objects[$value]); + uasort ($this->memberList, 'sort_list'); + reset ($this->memberList); + } + $this->reload(); } - $this->reload(); } } @@ -124,7 +130,7 @@ class ogroup extends plugin /* Call parent execute */ plugin::execute(); - $this->reload(); +// $this->reload(); /* Do we represent a valid group? */ if (!$this->is_account){ @@ -164,6 +170,52 @@ class ogroup extends plugin /* Load templating engine */ $smarty= get_smarty(); + $tmp = $this->plInfo(); + foreach($tmp['plProvidedAcls'] as $name => $translation){ + $smarty->assign($name."ACL",$this->getacl($name)); + } + + /* Create base acls */ + $baseACL = $this->getacl("base",(!is_object($this->parent) && !isset($_SESSION['edit']))); + if(!$this->acl_is_moveable()) { + $baseACL = preg_replace("/w/","",$baseACL); + } + $smarty->assign("baseACL", $baseACL); + + + /* Get bases */ + $ui = get_userinfo(); + $check = $ui->get_module_departments("ogroups"); + $bases = array(); + foreach($check as $dn_allowed){ + $bases[$dn_allowed] = $this->config->idepartments[$dn_allowed]; + } + + /* Base select dialog */ + $once = true; + foreach($_POST as $name => $value){ + if(preg_match("/^chooseBase/",$name) && $once && $this->acl_is_moveable()){ + $once = false; + $this->dialog = new baseSelectDialog($this->config,$this,$bases); + $this->dialog->setCurrentBase($this->base); + } + } + + /* Dialog handling */ + if(is_object($this->dialog) && $this->acl_is_moveable()){ + /* Must be called before save_object */ + $this->dialog->save_object(); + + if($this->dialog->isClosed()){ + $this->dialog = false; + }elseif($this->dialog->isSelected()){ + $this->base = $this->dialog->isSelected(); + $this->dialog= false; + }else{ + return($this->dialog->execute()); + } + } + /* Add objects? */ if (isset($_POST["edit_membership"])){ $this->group_dialog= TRUE; @@ -230,8 +282,7 @@ class ogroup extends plugin } /* Bases / Departments */ - - if (isset($_POST['base'])){ + if ((isset($_POST['base'])) && ($this->acl_is_moveable())){ $this->base= $_POST['base']; } @@ -264,7 +315,7 @@ class ogroup extends plugin } /* Assign variables */ - $smarty->assign("bases", $this->config->idepartments); + $smarty->assign("bases", $bases); $smarty->assign("base_select", $this->base); $smarty->assign("department", $this->department); $smarty->assign("members", $this->convert_list($this->memberList)); @@ -275,12 +326,6 @@ class ogroup extends plugin /* Fields */ foreach ($this->attributes as $val){ $smarty->assign("$val", $this->$val); - $smarty->assign("$val"."ACL", chkacl($this->acl, "$val")); - } - - /* Assign ACL's */ - foreach (array("base", "members") as $val){ - $smarty->assign("$val"."ACL", chkacl($this->acl, "$val")); } return ($smarty->fetch (get_template_path('generic.tpl', TRUE))); @@ -293,11 +338,7 @@ class ogroup extends plugin /* Save additional values for possible next step */ if (isset($_POST['ogroupedit'])){ plugin::save_object(); - - if (chkacl ($this->acl, "base") == "" && isset($_POST["base"])){ - $this->base= $_POST["base"]; - } - + } } @@ -305,123 +346,199 @@ class ogroup extends plugin /* (Re-)Load objects */ function reload() { - /* Generate object list */ - $this->objects= array(); - $this->allobjects= array(); + /*########### + Variable initialisation + ###########*/ + + $this->objects = array(); + $this->ui = get_userinfo(); + $filter = ""; + $objectClasses = array(); + + $ogfilter = get_global("ogfilter"); + $regex = $ogfilter['regex']; + + /* Get ldap connection */ $ldap= $this->config->get_ldap_link(); + $ldap->cd ($ogfilter['dselect']); - /* Assemble filter */ - $ogfilter= get_global("ogfilter"); - $ldap->cd ($ogfilter['dselect']); + /*########### + Generate Filter + ###########*/ - $filter= ""; + /* Assemble filter */ if ($ogfilter['accounts'] == "checked"){ $filter.= "(objectClass=gosaAccount)"; + $objectClasses["gosaAccount"] = get_people_ou(); } if ($ogfilter['groups'] == "checked"){ $filter.= "(objectClass=posixGroup)"; + $objectClasses["posixGroup"] = get_groups_ou(); } if ($ogfilter['applications'] == "checked"){ $filter.= "(objectClass=gosaApplication)"; + $objectClasses["gosaApplication"] = "ou=apps,"; } if ($ogfilter['departments'] == "checked"){ $filter.= "(objectClass=gosaDepartment)"; + $objectClasses["gosaDepartment"] = ""; } if ($ogfilter['servers'] == "checked"){ $filter.= "(objectClass=goServer)"; + $objectClasses["goServer"] = "ou=servers,ou=systems,"; } if ($ogfilter['workstations'] == "checked"){ $filter.= "(objectClass=gotoWorkstation)"; + $objectClasses["gotoWorkstation"] = "ou=workstations,ou=systems,"; } if ($ogfilter['terminals'] == "checked"){ $filter.= "(objectClass=gotoTerminal)"; + $objectClasses["gotoTerminal"] = "ou=terminals,ou=systems,"; } if ($ogfilter['printers'] == "checked"){ $filter.= "(objectClass=gotoPrinter)"; + + $objectClasses["gotoPrinter"] = "ou=printers,ou=systems,"; } if ($ogfilter['phones'] == "checked"){ $filter.= "(objectClass=goFonHardware)"; + $objectClasses["goFonHardware"] = "ou=phones,ou=systems,"; } - $regex= $ogfilter['regex']; - $ldap->search ("(&(|$filter)(|(uid=$regex)(cn=$regex)(ou=$regex)))", array("dn", "cn", "ou", "description", "objectClass", "sn", "givenName", "uid")); - while ($attrs= $ldap->fetch()){ - /* Get type */ - $type= $this->getObjectType($attrs); - $name= $this->getObjectName($attrs); + /*########### + Perform search for selected objectClasses & regex to fill list with objects + ###########*/ - /* Fill array */ - if (isset($attrs["description"][0])){ - $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type"); - } elseif (isset($attrs["uid"][0])) { - $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type"); - } else { - $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type"); + /* Perform search for selected objectClasses */ + foreach($objectClasses as $class=> $basedn){ + $ldap->ls("(&(objectClass=".$class.")(|(uid=$regex)(cn=$regex)(ou=$regex)))",$basedn.$ogfilter['dselect'] , + array("dn", "cn", "description", "objectClass", "sn", "givenName", "uid","ou")); + + /* fetch results and append them to the list */ + while($attrs = $ldap->fetch()){ + + $type= $this->getObjectType($attrs); + $name= $this->getObjectName($attrs); + + /* Fill array */ + if (isset($attrs["description"][0])){ + $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type"); + } elseif (isset($attrs["uid"][0])) { + $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type"); + } else { + $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type"); + } } } uasort ($this->objects, 'sort_list'); reset ($this->objects); - $ldap->cd ($this->config->current['BASE']); - $filter= "(objectClass=gosaAccount)(objectClass=posixGroup)(objectClass=gosaApplication)(objectClass=gosaDepartment)(objectClass=goServer)(objectClass=gotoWorkstation)(objectClass=gotoTerminal)(objectClass=gotoPrinter)(objectClass=goFonHardware)"; - $regex= "*"; - - $ldap->search ("(&(|$filter)(|(uid=$regex)(cn=$regex)(ou=$regex)))", array("dn", "cn", "ou", "description", "objectClass", "sn", "givenName", "uid")); - while ($attrs= $ldap->fetch()){ - - /* Get type */ - $type= $this->getObjectType($attrs); - $name= $this->getObjectName($attrs); - - /* Fill array */ - if (isset($attrs["description"][0])){ - $this->allobjects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type"); - } elseif (isset($attrs["uid"][0])) { - $this->allobjects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type"); - } else { - $this->allobjects[$attrs["dn"]]= array("text" => "$name", "type" => "$type"); - } - $this->allobjects[$attrs["dn"]]['objectClass'] = $attrs['objectClass']; - if(isset($attrs['uid'])){ - $this->allobjects[$attrs["dn"]]['uid'] = $attrs['uid']; + /*########### + Get a list with all possible objects, to detect objects which doesn't exists anymore ... + ###########*/ + + /* Only do this, if this wasn't already done */ + if(count($this->allobjects) == 0){ + $ldap->cd ($this->config->current['BASE']); + $filter="(objectClass=gosaAccount)". + "(objectClass=posixGroup)". + "(objectClass=gosaApplication)". + "(objectClass=gosaDepartment)". + "(objectClass=goServer)". + "(objectClass=gotoWorkstation)". + "(objectClass=gotoTerminal)". + "(objectClass=gotoPrinter)". + "(objectClass=goFonHardware)"; + $regex= "*"; + + $ldap->search ("(&(|$filter)(|(uid=$regex)(cn=$regex)(ou=$regex)))", array("dn", "cn", "ou", "description", "objectClass", "sn", "givenName", "uid")); + while ($attrs= $ldap->fetch()){ + + $type= $this->getObjectType($attrs); + $name= $this->getObjectName($attrs); + + if (isset($attrs["description"][0])){ + $this->allobjects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type"); + } elseif (isset($attrs["uid"][0])) { + $this->allobjects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type"); + } else { + $this->allobjects[$attrs["dn"]]= array("text" => "$name", "type" => "$type"); + } + $this->allobjects[$attrs["dn"]]['objectClass'] = $attrs['objectClass']; + if(isset($attrs['uid'])){ + $this->allobjects[$attrs["dn"]]['uid'] = $attrs['uid']; + } } - } - uasort ($this->allobjects, 'sort_list'); - reset ($this->allobjects); + uasort ($this->allobjects, 'sort_list'); + reset ($this->allobjects); + } + + + /*########### + Build member list and try to detect obsolete entries + ###########*/ - /* Build member list */ - $this->memberList= array(); + $this->memberList = array(); + + /* Walk through all single member entry */ foreach($this->member as $dn){ /* Object in object list? */ if (isset($this->allobjects[$dn])){ + + /* Add this entry to member list, its dn is in allobjects + this means it still exists + */ $this->memberList[$dn]= $this->allobjects[$dn]; + + /* Remove this from selectable entries */ if (isset ($this->objects[$dn])){ unset ($this->objects[$dn]); } + } else { - /* No, try to ge informations from LDAP */ + /* The dn for the current member can't be resolved + it seams that this entry was removed + */ + /* Try to resolv the entry again, if it still fails, display error msg */ $ldap->cat($dn, array("cn", "sn", "givenName", "ou", "description", "objectClass")); + + /* It has failed, add entry with type flag I (Invalid)*/ if ($ldap->error != "success"){ - $this->memberList[$dn]= array('text' => _("Non existing dn: ")."$dn", - "type" => "I"); + $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".@LDAP::fix($dn),"type" => "I"); + } else { - $ldap->cat($dn); + + /* Append this entry to our all object list */ + + /* Fetch object */ $attrs= $ldap->fetch(); + $type= $this->getObjectType($attrs); $name= $this->getObjectName($attrs); + if (isset($attrs["description"][0])){ + $this->allobjects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type"); + } elseif (isset($attrs["uid"][0])) { + $this->allobjects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type"); + } else { + $this->allobjects[$attrs["dn"]]= array("text" => "$name", "type" => "$type"); + } + $this->allobjects[$attrs["dn"]]['objectClass'] = $attrs['objectClass']; + if(isset($attrs['uid'])){ + $this->allobjects[$attrs["dn"]]['uid'] = $attrs['uid']; + } + /* Fill array */ if (isset($attrs["description"][0])){ $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type"); } else { $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type"); } - } } } @@ -495,6 +612,7 @@ class ogroup extends plugin function getObjectName($attrs) { /* Person? */ + $name =""; if (in_array('gosaAccount', $attrs['objectClass'])){ if(isset($attrs['sn']) && isset($attrs['givenName'])){ $name= $attrs['sn'][0].", ".$attrs['givenName'][0]; @@ -515,7 +633,8 @@ class ogroup extends plugin function check() { - $message= array(); + /* Call common method to give check the hook */ + $message= plugin::check(); /* Permissions for that base? */ if ($this->base != ""){ @@ -524,15 +643,22 @@ class ogroup extends plugin $new_dn= $this->dn; } - $ui= get_userinfo(); - $acl= get_permissions ($new_dn, $ui->subtreeACL); - $acl= get_module_permission($acl, "group", $new_dn); - if (chkacl($acl, "create") != ""){ + + $ldap = $this->config->get_ldap_link(); + if($this->dn != $new_dn){ + $ldap->cat ($new_dn, array('dn')); + } + + if($ldap->count() !=0){ + $message[]= _("There is already an object with this cn."); + } + + if ($this->orig_dn == "new" && !$this->acl_is_createable()){ $message[]= _("You have no permissions to create a group on this 'Base'."); } /* must: cn */ - if ($this->cn == "" && chkacl ($this->acl, "cn") == ""){ + if ($this->cn == "" && $this->acl_is_writeable("cn")){ $message[]= "The required field 'Name' is not set."; } @@ -551,8 +677,9 @@ class ogroup extends plugin plugin::save(); /* Move members to target array */ + $this->attrs['member'] =array(); foreach ($this->member as $key => $desc){ - $this->attrs['member'][]= $key; + $this->attrs['member'][]= @LDAP::fix($key); } $ldap= $this->config->get_ldap_link(); @@ -564,7 +691,7 @@ class ogroup extends plugin /* Save data. Using 'modify' implies that the entry is already present, use 'add' for new entries. So do a check first... */ - $ldap->cat ($this->dn); + $ldap->cat ($this->dn, array('dn')); if ($ldap->fetch()){ /* Modify needs array() to remove values :-( */ if (!count ($this->member)){ @@ -579,13 +706,14 @@ class ogroup extends plugin /* Write back to ldap */ $ldap->cd($this->dn); + $this->cleanup(); $ldap->$mode($this->attrs); /* Trigger post signal */ $this->handle_post_events($mode); $ret= 0; - if (show_ldap_error($ldap->get_error())){ + if (show_ldap_error($ldap->get_error(), sprintf(_("Saving of object group/generic with dn '%s' failed."),$this->dn))){ $ret= 1; } @@ -598,12 +726,46 @@ class ogroup extends plugin $ldap= $this->config->get_ldap_link(); $ldap->rmdir($this->dn); - show_ldap_error($ldap->get_error()); + show_ldap_error($ldap->get_error(), sprintf(_("Removing of object group/generic with dn '%s' failed."),$this->dn)); /* Trigger remove signal */ $this->handle_post_events("remove"); } + function getCopyDialog() + { + $str = ""; + $str .= _("Group name"); + $str .= " "; + return($str); + } + + function saveCopyDialog() + { + if(isset($_POST['cn'])){ + $this->cn = $_POST['cn']; + } + } + + + function plInfo() + { + return (array( + "plShortName" => _("Generic"), + "plDescription" => _("Object group generic"), + "plSelfModify" => FALSE, + "plDepends" => array(), + "plPriority" => 0, + "plSection" => array("administration"), + "plCategory" => array("ogroups" => array("description" => _("Object groups"), + "objectClass" => "gosaGroupOfNames")), + "plProvidedAcls"=> array( + "cn" => _("Name"), + "base" => _("Base"), + "description" => _("Description"), + "member" => _("Member")) + )); + } } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: