X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fadmin%2Fsystems%2Fclass_systemManagement.inc;h=ac36a2034057729f02f3d917f9962884c62053dd;hb=9695395f399e680d3fbb0c6b7a2df7d8b37d17c8;hp=0cdbb80b8be8f2d81f63561cd0234c001202c9bd;hpb=debae573752557eb5a0d09189ff40eca92c3735b;p=gosa.git
diff --git a/plugins/admin/systems/class_systemManagement.inc b/plugins/admin/systems/class_systemManagement.inc
index 0cdbb80b8..ac36a2034 100644
--- a/plugins/admin/systems/class_systemManagement.inc
+++ b/plugins/admin/systems/class_systemManagement.inc
@@ -54,7 +54,7 @@ class systems extends plugin
/* Call parent execute */
plugin::execute();
- $_SESSION['LOCK_VARS_TO_USE'] = array("/^user_edit_/i","/^user_del_/","/^act/","/^id/");
+ $_SESSION['LOCK_VARS_TO_USE'] = array("/^system_edit_/i","/^system_del_/","/^act/","/^id/");
/********************
Check for functional posts, edit|delete|add|... system devices
@@ -67,21 +67,24 @@ class systems extends plugin
/* Test Posts */
foreach($_POST as $key => $val){
// Post for delete
- if(preg_match("/user_del.*/",$key)){
+ if(preg_match("/system_del.*/",$key)){
$s_action = "del";
- $s_entry = preg_replace("/user_".$s_action."_/i","",$key);
+ $s_entry = preg_replace("/system_del_/i","",$key);
// Post for edit
- }elseif(preg_match("/user_edit_.*/",$key)){
+ }elseif(preg_match("/system_edit_.*/",$key)){
$s_action="edit";
- $s_entry = preg_replace("/user_".$s_action."_/i","",$key);
+ $s_entry = preg_replace("/system_edit_/i","",$key);
// Post for new
- }elseif(preg_match("/user_new.*/",$key)){
+ }elseif(preg_match("/system_new.*/",$key)){
$s_action="new";
- }elseif(preg_match("/user_tplnew.*/i",$key)){
+ }elseif(preg_match("/system_tplnew.*/i",$key)){
$s_action="new_tpl";
- }elseif(preg_match("/user_setpwd_.*/i",$key)){
+ }elseif(preg_match("/system_setpwd_.*/i",$key)){
$s_action="change_pw";
- $s_entry = preg_replace("/user_setpwd_/i","",$key);
+ $s_entry = preg_replace("/system_setpwd_/i","",$key);
+ }elseif(preg_match("/gen_cd_.*/i",$key)){
+ $s_action="gen_cd";
+ $s_entry = preg_replace("/gen_cd_/i","",$key);
}elseif(preg_match("/newsystem_.*/i",$key)){
$s_action="newsystem";
$s_entry = preg_replace("/newsystem_/i","",$key);
@@ -118,6 +121,94 @@ class systems extends plugin
return ($smarty->fetch(get_template_path('chooser.tpl', TRUE)));
}
+
+ /********************
+ Create FAI CD ...
+ ********************/
+ if ($s_action=="gen_cd"){
+ $this->dn= $this->terminals[$s_entry]['dn'];
+ $_SESSION['objectinfo']= $this->dn;
+ return ($smarty->fetch(get_template_path('gencd.tpl', TRUE)));
+ }
+
+
+ /* Start CD-Creation */
+ if ((isset($_POST["cd_create"])) && !empty($this->dn)){
+ $smarty->assign("src", "?plug=".$_GET['plug']."&PerformIsoCreation");
+ return ($smarty->fetch(get_template_path('gencd_frame.tpl', TRUE)));
+ }
+
+
+ if ($this->dn != "" && isset($_GET['PerformIsoCreation'])){
+
+ $return_button = "
";
+
+ $dsc = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
+
+ /* Get and check command */
+ $command= search_config($this->config->data['TABS'], "workgeneric", "ISOCMD");
+ if (check_command($command)){
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
+
+ /* Print out html introduction */
+ echo '
+
+
+
+
+
+
+
+ ';
+
+ /* Open process handle and check if it is a valid process */
+ $process= proc_open($command." '".$this->dn."'", $dsc, $pipes);
+ if (is_resource($process)) {
+ fclose($pipes[0]);
+
+ /* Print out returned lines && write JS to scroll down each line */
+ while (!feof($pipes[1])){
+ $cur_dat = fgets($pipes[1], 1024);
+ echo $cur_dat;
+ echo '' ;
+ flush();
+ }
+ }
+
+ /* Get error string && close streams */
+ $buffer= stream_get_contents($pipes[2]);
+
+ fclose($pipes[1]);
+ fclose($pipes[2]);
+ echo "
";
+
+ /* Check return code */
+ $ret= proc_close($process);
+ if ($ret != 0){
+ echo ""._("Creating the image failed. Please see the report below.")."
";
+ echo "$buffer
";
+ }
+
+
+
+ echo $return_button."
";
+
+ } else {
+ $tmp= "".sprintf(_("Command '%s', specified for ISO creation doesn't seem to exist."), $command)."
";
+ echo $tmp;
+ }
+
+ /* Scroll down completly */
+ echo '' ;
+ echo '';
+ flush();
+ exit;
+ }
+
+
/********************
Create new system ...
********************/
@@ -152,10 +243,19 @@ class systems extends plugin
$tabname = $tabs[$sw]["TABNAME"];
$tabclass = $tabs[$sw]["TABCLASS"];
$acl_cat = $tabs[$sw]["ACL"];
- $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn,$acl_cat);
- $this->systab->set_acl_base($this->DivListSystem->selectedBase);
- $this->systab->by_object[$tabname]->base = $this->DivListSystem->selectedBase;
- $this->systab->base = $this->DivListSystem->selectedBase;
+
+ /* Load permissions for selected 'dn' and check if
+ we're allowed to remove this 'dn' */
+ $ui = get_userinfo();
+ $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname);
+ if(preg_match("/c/",$tabacl)){
+ $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn,$sw);
+ $this->systab->set_acl_base($this->DivListSystem->selectedBase);
+ $this->systab->by_object[$tabname]->base = $this->DivListSystem->selectedBase;
+ $this->systab->base = $this->DivListSystem->selectedBase;
+ }else{
+ print_red(_("You are not allowed to create a new object of this type."));
+ }
}
}
@@ -217,14 +317,29 @@ class systems extends plugin
/* Set terminals root password */
if ($s_action=="change_pw"){
- $this->dn= $this->terminals[$s_entry]['dn'];
- $_SESSION['objectinfo']= $this->dn;
- return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ $tabs = array(
+ "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation"));
+
+ $type = $this->get_system_type($this->terminals[$s_entry]['objectClass']);
+ $class = $tabs[$type]["CLASS"];
+ $tabname = $tabs[$type]["TABNAME"];
+ $acl_cat = $tabs[$type]["ACL"];
+ $tabclass = $tabs[$type]["TABCLASS"];
+ $ui = get_userinfo();
+ $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd");
+ if(preg_match("/w/",$tabacl)){
+ $this->dn= $this->terminals[$s_entry]['dn'];
+ $_SESSION['objectinfo']= $this->dn;
+ return ($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ }else{
+ print_red(_("You are not allowed to change the password for this object."));
+ }
}
/********************
- Password cahnge finish, but check if entered data is ok
+ Password change finish, but check if entered data is ok
********************/
/* Correctly specified? */
@@ -244,23 +359,50 @@ class systems extends plugin
$_POST['new_password'] == $_POST['repeated_password']){
/* Check if user is allowed to set password */
- $ui = get_userinfo();
- $acl = $ui -> get_category_permissions($this->dn,"terminal");
- if(preg_match("/w/",$acl)){
- print_red (_("You are not allowed to set this systems password!"));
- } else {
- $ldap= $this->config->get_ldap_link();
- $ldap->cd($this->dn);
+ $tabs = array(
+ "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation"));
+
+ /* Detect object type */
+ $type = "";
+ foreach($this->terminals as $terminal){
+ if($terminal['dn'] == $this->dn){
+ $type = $this->get_system_type($terminal['objectClass']);
+ break;
+ }
+ }
- $attrs= array();
- if ($_POST['new_password'] == ""){
- $attrs['gotoRootPasswd']= array();
- } else {
- $attrs['gotoRootPasswd']= crypt($_POST['new_password'],
- substr(session_id(),0,2));
+ /* Type detected */
+ if(!empty($type)){
+
+ /* Get infos */
+ $class = $tabs[$type]["CLASS"];
+ $tabname = $tabs[$type]["TABNAME"];
+ $acl_cat = $tabs[$type]["ACL"];
+ $tabclass = $tabs[$type]["TABCLASS"];
+
+ /* Get acls */
+ $ui = get_userinfo();
+ $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd");
+
+ /* Check acls */
+ if(preg_match("/w/",$tabacl)){
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->dn);
+
+ $attrs= array();
+ if ($_POST['new_password'] == ""){
+ $attrs['gotoRootPasswd']= array();
+ } else {
+ $attrs['gotoRootPasswd']= crypt($_POST['new_password'],substr(session_id(),0,2));
+ }
+ $ldap->modify($attrs);
+ gosa_log ("Password for '".$this->dn."' has been changed");
+ }else{
+ print_red(_("You are not allowed to change the password for this object."));
}
- $ldap->modify($attrs);
- gosa_log ("Password for '".$this->dn."' has been changed");
+ }else{
+ print_red(_("Can't detect object to change password."));
}
unset($_SESSION['objectinfo']);
}
@@ -285,13 +427,34 @@ class systems extends plugin
if ($s_action=="del"){
/* Get 'dn' from posted termlinst */
- $this->dn= $this->terminals[$s_entry]['dn'];
+ $this->dn = $this->terminals[$s_entry]['dn'];
+ $attrs = $this->terminals[$s_entry];
+
+ $type= $this->get_system_type($attrs['objectClass']);
+ $ui = get_userinfo();
+ $tabs = array(
+ "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"),
+ "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"),
+ "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"),
+ "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"),
+ "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"),
+ "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric"));
+
+
+ /* get object type */
+ $tabtype = "termtabs";
+ $tabobj = "TERMTABS";
+ $tabacl = "";
+ if(isset($tabs[$type])){
+ $tabtype = $tabs[$type]['TABCLASS'];
+ $tabobj = $tabs[$type]['CLASS'];
+ $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']);
+ }
/* Load permissions for selected 'dn' and check if
we're allowed to remove this 'dn' */
- $ui = get_userinfo();
- $acl = $ui -> get_category_permissions($this->dn,"terminal");
- if(preg_match("/w/",$acl)){
+ if(preg_match("/d/",$tabacl)){
/* Check locking, save current plugin in 'back_plugin', so
the dialog knows where to return. */
@@ -327,35 +490,34 @@ class systems extends plugin
$ui = get_userinfo();
$tabs = array(
- "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal"),
- "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation"),
- "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server"),
- "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer"),
- "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone"),
- "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation"),
- "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component"));
-
-
- /* get object type */
- $tabtype = "termtabs";
- $tabobj = "TERMTABS";
- $tabacl = "";
- if(isset($tabs[$type])){
- $tabtype = $tabs[$type]['TABCLASS'];
- $tabobj = $tabs[$type]['CLASS'];
- $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']);
- }
+ "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"),
+ "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"),
+ "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"),
+ "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"),
+ "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"),
+ "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric"));
+
+ /* get object type */
+ $tabtype = "termtabs";
+ $tabobj = "TERMTABS";
+ $tabacl = "";
+ if(isset($tabs[$type])){
+ $tabtype = $tabs[$type]['TABCLASS'];
+ $tabobj = $tabs[$type]['CLASS'];
+ $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']);
+ }
/* Check if we are allowed to remove this object */
if(preg_match("/d/",$tabacl)){
/* Delete request is permitted, perform LDAP action */
if($tabtype=="phonetabs"){
- $this->systab= new $tabtype($this->config, $this->config->data['TABS'][$tabobj], $this->dn,$tabs[$type]['ACL']);
+ $this->systab= new $tabtype($this->config, $this->config->data['TABS'][$tabobj], $this->dn,$type);
$this->systab->set_acl_base($this->dn);
$this->systab->by_object['phonegeneric']->remove_from_parent ();
}else{
- $this->systab= new $tabtype($this->config,$this->config->data['TABS'][$tabobj], $this->dn,$tabs[$type]['ACL']);
+ $this->systab= new $tabtype($this->config,$this->config->data['TABS'][$tabobj], $this->dn,$type);
$this->systab->set_acl_base($this->dn);
$this->systab->delete();
}
@@ -519,8 +681,25 @@ class systems extends plugin
function get_used_snapshot_bases()
{
$tmp = array();
- foreach(array("phones","servers","printers","terminals","netdevices","workstations") as $ent){
- $tmp[] = "ou=".$ent.",ou=systems,".$this->DivListSystem->selectedBase;
+
+ /* Check acls, if we are not allowed to create and write each plugin tab, skip this object */
+
+ $tabs = array(
+ "terminal" => "ou=terminals,ou=systems,",
+ "workstation" => "ou=workstations,ou=systems,",
+ "server" => "ou=servers,ou=systems,",
+ "printer" => "ou=printers,ou=systems,",
+ "phone" => "ou=phones,ou=systems,",
+ "winworkstation" => get_winstations_ou(),
+ "component" => "ou=netdevices,ou=systems,"
+ );
+
+ foreach($tabs as $acl_cat => $dn){
+
+ $acl_all = $this->ui->has_complete_category_acls($dn.$this->DivListSystem->selectedBase,$acl_cat);
+ if(preg_match("/(c.*w|w.*c)/",$acl_all)){
+ $tmp[] = $dn.$this->DivListSystem->selectedBase;
+ }
}
return($tmp);
}
@@ -594,21 +773,36 @@ class systems extends plugin
$userregex = "(gotoLastUser=".$this->DivListSystem->UserRegex.")";
}
+ /* Attributes to fetch */
+ $sys_attrs = array("cn", "description", "macAddress", "objectClass", "sambaDomainName");
+ $sys_categories = array("terminal", "workstation", "server", "phone" ,"printer");
+
+ /* Add FAIstate to attributes if FAI is activated */
+ $tmp = search_config($this->config->data,"faiManagement","CLASS");
+ if(!empty($tmp)){
+ $sys_attrs[] = "FAIstate";
+ }
+
/* Walk through all possible search combinations, and search for some objects if the checkbox is enabled */
foreach($objs as $checkBox => $oc){
if($this->DivListSystem->$checkBox){
if($this->DivListSystem->SubSearch){
if($oc['CLASS'] != ""){
$filter = "(|(&".$userregex."(objectClass=".$oc['CLASS'].")(cn=".$this->DivListSystem->Regex.")))";
- $res = array_merge($res,get_list($filter, array("terminal", "workstation", "server", "phone" ,"printer"), $base,
- array("cn", "description", "macAddress", "objectClass", "sambaDomainName", "FAIstate"), GL_NONE | GL_SUBSEARCH | GL_SIZELIMIT));
+ $new_res = get_list($filter, $sys_categories , $base,$sys_attrs, GL_NONE | GL_SUBSEARCH | GL_SIZELIMIT);
+
+ /* Remove all objects that are not in the expected sub department */
+ foreach($new_res as $key => $obj){
+ if(preg_match("/^[^,]+,".normalizePreg($oc['TREE'])."/",$obj['dn'])){
+ $res[$obj['dn']] = $obj;
+ }
+ }
}
}else{
/* User filter? */
if($oc['CLASS'] != ""){
$filter = "(|(&".$userregex."(objectClass=".$oc['CLASS'].")(cn=".$this->DivListSystem->Regex.")))";
- $res = array_merge($res,get_list($filter,array("terminal", "workstation", "server", "phone" ,"printer"),$oc['TREE'].$base,
- array("cn", "description", "macAddress", "objectClass", "sambaDomainName", "FAIstate"), GL_NONE | GL_SIZELIMIT));
+ $res = array_merge($res,get_list($filter,$sys_categories,$oc['TREE'].$base, $sys_attrs, GL_NONE | GL_SIZELIMIT));
}
}
}
@@ -616,8 +810,7 @@ class systems extends plugin
/* Search for incoming objects */
$filter = "(|(&".$userregex."(objectClass=goHard)(cn=".$this->DivListSystem->Regex.")))";
- $res = array_merge($res,get_list($filter,array("terminal", "workstation", "server", "phone" ,"printer"),"ou=incoming,".$base,
- array("cn", "description", "macAddress", "objectClass", "sambaDomainName"), GL_NONE | GL_SIZELIMIT));
+ $res = array_merge($res,get_list($filter,$sys_categories,"ou=incoming,".$base,$sys_attrs, GL_NONE | GL_SIZELIMIT));
/* Get all gotoTerminal's */
foreach ($res as $value){
@@ -632,6 +825,12 @@ class systems extends plugin
}
}
+ /* Create a string containing the last part of the department. */
+ $dn_name = preg_replace("#^([^/]+/)*#","",convert_department_dn(@LDAP::fix($tmp)));
+ if(empty($dn_name)){
+ $dn_name = "/";
+ }
+
/* check if current object is a new one */
if (preg_match ("/,ou=incoming,/i", $tmp)){
if (in_array_ics('gotoTerminal', $value['objectClass'])){
@@ -658,7 +857,7 @@ class systems extends plugin
} else {
$terminal = $value;
$terminal['type'] = "D";
- $terminal['message'] = _("Terminal template for");
+ $terminal['message'] = _("Terminal template for")." '".$dn_name."' ";
$terminal['location'] = array_search($tmp, $this->config->departments);
}
}
@@ -674,7 +873,7 @@ class systems extends plugin
$terminal = $value;
$terminal['type'] = "D";
$terminal['location'] = array_search($tmp, $this->config->departments);
- $terminal['message'] = _("Workstation template for");
+ $terminal['message'] = _("Workstation template for")." '".$dn_name."' ";
}
if (isset($value["FAIstate"][0])){
$terminal['type']= $this->getState($terminal['type'], $value["FAIstate"][0]);