X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fadmin%2Fsystems%2Fclass_systemManagement.inc;h=ac36a2034057729f02f3d917f9962884c62053dd;hb=9695395f399e680d3fbb0c6b7a2df7d8b37d17c8;hp=6c9483be6cf10ffac9db2da256efe8b7c8708bc7;hpb=e646d1b091e3d40c67039125dae867faa6fdd402;p=gosa.git diff --git a/plugins/admin/systems/class_systemManagement.inc b/plugins/admin/systems/class_systemManagement.inc index 6c9483be6..ac36a2034 100644 --- a/plugins/admin/systems/class_systemManagement.inc +++ b/plugins/admin/systems/class_systemManagement.inc @@ -54,7 +54,7 @@ class systems extends plugin /* Call parent execute */ plugin::execute(); - $_SESSION['LOCK_VARS_TO_USE'] = array("/^user_edit_/i","/^user_del_/","/^act/","/^id/"); + $_SESSION['LOCK_VARS_TO_USE'] = array("/^system_edit_/i","/^system_del_/","/^act/","/^id/"); /******************** Check for functional posts, edit|delete|add|... system devices @@ -67,21 +67,24 @@ class systems extends plugin /* Test Posts */ foreach($_POST as $key => $val){ // Post for delete - if(preg_match("/user_del.*/",$key)){ + if(preg_match("/system_del.*/",$key)){ $s_action = "del"; - $s_entry = preg_replace("/user_".$s_action."_/i","",$key); + $s_entry = preg_replace("/system_del_/i","",$key); // Post for edit - }elseif(preg_match("/user_edit_.*/",$key)){ + }elseif(preg_match("/system_edit_.*/",$key)){ $s_action="edit"; - $s_entry = preg_replace("/user_".$s_action."_/i","",$key); + $s_entry = preg_replace("/system_edit_/i","",$key); // Post for new - }elseif(preg_match("/user_new.*/",$key)){ + }elseif(preg_match("/system_new.*/",$key)){ $s_action="new"; - }elseif(preg_match("/user_tplnew.*/i",$key)){ + }elseif(preg_match("/system_tplnew.*/i",$key)){ $s_action="new_tpl"; - }elseif(preg_match("/user_setpwd_.*/i",$key)){ + }elseif(preg_match("/system_setpwd_.*/i",$key)){ $s_action="change_pw"; - $s_entry = preg_replace("/user_setpwd_/i","",$key); + $s_entry = preg_replace("/system_setpwd_/i","",$key); + }elseif(preg_match("/gen_cd_.*/i",$key)){ + $s_action="gen_cd"; + $s_entry = preg_replace("/gen_cd_/i","",$key); }elseif(preg_match("/newsystem_.*/i",$key)){ $s_action="newsystem"; $s_entry = preg_replace("/newsystem_/i","",$key); @@ -118,6 +121,94 @@ class systems extends plugin return ($smarty->fetch(get_template_path('chooser.tpl', TRUE))); } + + /******************** + Create FAI CD ... + ********************/ + if ($s_action=="gen_cd"){ + $this->dn= $this->terminals[$s_entry]['dn']; + $_SESSION['objectinfo']= $this->dn; + return ($smarty->fetch(get_template_path('gencd.tpl', TRUE))); + } + + + /* Start CD-Creation */ + if ((isset($_POST["cd_create"])) && !empty($this->dn)){ + $smarty->assign("src", "?plug=".$_GET['plug']."&PerformIsoCreation"); + return ($smarty->fetch(get_template_path('gencd_frame.tpl', TRUE))); + } + + + if ($this->dn != "" && isset($_GET['PerformIsoCreation'])){ + + $return_button = "
+ + +
"; + + $dsc = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); + + /* Get and check command */ + $command= search_config($this->config->data['TABS'], "workgeneric", "ISOCMD"); + if (check_command($command)){ + @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute"); + + /* Print out html introduction */ + echo ' + + + + + + + + 
';
+
+        /* Open process handle and check if it is a valid process */
+        $process= proc_open($command." '".$this->dn."'", $dsc, $pipes);
+        if (is_resource($process)) {
+          fclose($pipes[0]);
+
+          /* Print out returned lines && write JS to scroll down each line */
+          while (!feof($pipes[1])){
+            $cur_dat = fgets($pipes[1], 1024);
+            echo $cur_dat;
+            echo '' ;
+            flush();
+          }
+        }
+
+        /* Get error string && close streams */
+        $buffer= stream_get_contents($pipes[2]);
+
+        fclose($pipes[1]);
+        fclose($pipes[2]);
+        echo "
"; + + /* Check return code */ + $ret= proc_close($process); + if ($ret != 0){ + echo "

"._("Creating the image failed. Please see the report below.")."

"; + echo "
$buffer
"; + } + + + + echo $return_button."
"; + + } else { + $tmp= "

".sprintf(_("Command '%s', specified for ISO creation doesn't seem to exist."), $command)."

"; + echo $tmp; + } + + /* Scroll down completly */ + echo '' ; + echo ''; + flush(); + exit; + } + + /******************** Create new system ... ********************/ @@ -152,10 +243,19 @@ class systems extends plugin $tabname = $tabs[$sw]["TABNAME"]; $tabclass = $tabs[$sw]["TABCLASS"]; $acl_cat = $tabs[$sw]["ACL"]; - $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn,$acl_cat); - $this->systab->set_acl_base($this->base); - $this->systab->by_object[$tabname]->base = $this->DivListSystem->selectedBase; - $this->systab->base = $this->DivListSystem->selectedBase; + + /* Load permissions for selected 'dn' and check if + we're allowed to remove this 'dn' */ + $ui = get_userinfo(); + $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname); + if(preg_match("/c/",$tabacl)){ + $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn,$sw); + $this->systab->set_acl_base($this->DivListSystem->selectedBase); + $this->systab->by_object[$tabname]->base = $this->DivListSystem->selectedBase; + $this->systab->base = $this->DivListSystem->selectedBase; + }else{ + print_red(_("You are not allowed to create a new object of this type.")); + } } } @@ -217,14 +317,29 @@ class systems extends plugin /* Set terminals root password */ if ($s_action=="change_pw"){ - $this->dn= $this->terminals[$s_entry]['dn']; - $_SESSION['objectinfo']= $this->dn; - return ($smarty->fetch(get_template_path('password.tpl', TRUE))); + $tabs = array( + "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"), + "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation")); + + $type = $this->get_system_type($this->terminals[$s_entry]['objectClass']); + $class = $tabs[$type]["CLASS"]; + $tabname = $tabs[$type]["TABNAME"]; + $acl_cat = $tabs[$type]["ACL"]; + $tabclass = $tabs[$type]["TABCLASS"]; + $ui = get_userinfo(); + $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd"); + if(preg_match("/w/",$tabacl)){ + $this->dn= $this->terminals[$s_entry]['dn']; + $_SESSION['objectinfo']= $this->dn; + return ($smarty->fetch(get_template_path('password.tpl', TRUE))); + }else{ + print_red(_("You are not allowed to change the password for this object.")); + } } /******************** - Password cahnge finish, but check if entered data is ok + Password change finish, but check if entered data is ok ********************/ /* Correctly specified? */ @@ -244,23 +359,50 @@ class systems extends plugin $_POST['new_password'] == $_POST['repeated_password']){ /* Check if user is allowed to set password */ - $ui = get_userinfo(); - $acl = $ui -> get_category_permissions($this->dn,"terminal"); - if(preg_match("/w/",$acl)){ - print_red (_("You are not allowed to set this systems password!")); - } else { - $ldap= $this->config->get_ldap_link(); - $ldap->cd($this->dn); + $tabs = array( + "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"), + "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation")); + + /* Detect object type */ + $type = ""; + foreach($this->terminals as $terminal){ + if($terminal['dn'] == $this->dn){ + $type = $this->get_system_type($terminal['objectClass']); + break; + } + } - $attrs= array(); - if ($_POST['new_password'] == ""){ - $attrs['gotoRootPasswd']= array(); - } else { - $attrs['gotoRootPasswd']= crypt($_POST['new_password'], - substr(session_id(),0,2)); + /* Type detected */ + if(!empty($type)){ + + /* Get infos */ + $class = $tabs[$type]["CLASS"]; + $tabname = $tabs[$type]["TABNAME"]; + $acl_cat = $tabs[$type]["ACL"]; + $tabclass = $tabs[$type]["TABCLASS"]; + + /* Get acls */ + $ui = get_userinfo(); + $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd"); + + /* Check acls */ + if(preg_match("/w/",$tabacl)){ + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->dn); + + $attrs= array(); + if ($_POST['new_password'] == ""){ + $attrs['gotoRootPasswd']= array(); + } else { + $attrs['gotoRootPasswd']= crypt($_POST['new_password'],substr(session_id(),0,2)); + } + $ldap->modify($attrs); + gosa_log ("Password for '".$this->dn."' has been changed"); + }else{ + print_red(_("You are not allowed to change the password for this object.")); } - $ldap->modify($attrs); - gosa_log ("Password for '".$this->dn."' has been changed"); + }else{ + print_red(_("Can't detect object to change password.")); } unset($_SESSION['objectinfo']); } @@ -285,13 +427,34 @@ class systems extends plugin if ($s_action=="del"){ /* Get 'dn' from posted termlinst */ - $this->dn= $this->terminals[$s_entry]['dn']; + $this->dn = $this->terminals[$s_entry]['dn']; + $attrs = $this->terminals[$s_entry]; + + $type= $this->get_system_type($attrs['objectClass']); + $ui = get_userinfo(); + $tabs = array( + "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"), + "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"), + "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"), + "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"), + "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"), + "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"), + "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric")); + + + /* get object type */ + $tabtype = "termtabs"; + $tabobj = "TERMTABS"; + $tabacl = ""; + if(isset($tabs[$type])){ + $tabtype = $tabs[$type]['TABCLASS']; + $tabobj = $tabs[$type]['CLASS']; + $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']); + } /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ - $ui = get_userinfo(); - $acl = $ui -> get_category_permissions($this->dn,"terminal"); - if(preg_match("/w/",$acl)){ + if(preg_match("/d/",$tabacl)){ /* Check locking, save current plugin in 'back_plugin', so the dialog knows where to return. */ @@ -327,35 +490,34 @@ class systems extends plugin $ui = get_userinfo(); $tabs = array( - "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal"), - "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation"), - "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server"), - "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer"), - "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone"), - "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation"), - "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component")); - - - /* get object type */ - $tabtype = "termtabs"; - $tabobj = "TERMTABS"; - $tabacl = ""; - if(isset($tabs[$type])){ - $tabtype = $tabs[$type]['TABCLASS']; - $tabobj = $tabs[$type]['CLASS']; - $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']); - } + "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"), + "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"), + "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"), + "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"), + "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"), + "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"), + "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric")); + + /* get object type */ + $tabtype = "termtabs"; + $tabobj = "TERMTABS"; + $tabacl = ""; + if(isset($tabs[$type])){ + $tabtype = $tabs[$type]['TABCLASS']; + $tabobj = $tabs[$type]['CLASS']; + $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']); + } /* Check if we are allowed to remove this object */ if(preg_match("/d/",$tabacl)){ /* Delete request is permitted, perform LDAP action */ if($tabtype=="phonetabs"){ - $this->systab= new $tabtype($this->config, $this->config->data['TABS'][$tabobj], $this->dn,$tabs[$type]['ACL']); + $this->systab= new $tabtype($this->config, $this->config->data['TABS'][$tabobj], $this->dn,$type); $this->systab->set_acl_base($this->dn); $this->systab->by_object['phonegeneric']->remove_from_parent (); }else{ - $this->systab= new $tabtype($this->config,$this->config->data['TABS'][$tabobj], $this->dn,$tabs[$type]['ACL']); + $this->systab= new $tabtype($this->config,$this->config->data['TABS'][$tabobj], $this->dn,$type); $this->systab->set_acl_base($this->dn); $this->systab->delete(); } @@ -519,8 +681,25 @@ class systems extends plugin function get_used_snapshot_bases() { $tmp = array(); - foreach(array("phones","servers","printers","terminals","netdevices","workstations") as $ent){ - $tmp[] = "ou=".$ent.",ou=systems,".$this->DivListSystem->selectedBase; + + /* Check acls, if we are not allowed to create and write each plugin tab, skip this object */ + + $tabs = array( + "terminal" => "ou=terminals,ou=systems,", + "workstation" => "ou=workstations,ou=systems,", + "server" => "ou=servers,ou=systems,", + "printer" => "ou=printers,ou=systems,", + "phone" => "ou=phones,ou=systems,", + "winworkstation" => get_winstations_ou(), + "component" => "ou=netdevices,ou=systems," + ); + + foreach($tabs as $acl_cat => $dn){ + + $acl_all = $this->ui->has_complete_category_acls($dn.$this->DivListSystem->selectedBase,$acl_cat); + if(preg_match("/(c.*w|w.*c)/",$acl_all)){ + $tmp[] = $dn.$this->DivListSystem->selectedBase; + } } return($tmp); } @@ -594,21 +773,36 @@ class systems extends plugin $userregex = "(gotoLastUser=".$this->DivListSystem->UserRegex.")"; } + /* Attributes to fetch */ + $sys_attrs = array("cn", "description", "macAddress", "objectClass", "sambaDomainName"); + $sys_categories = array("terminal", "workstation", "server", "phone" ,"printer"); + + /* Add FAIstate to attributes if FAI is activated */ + $tmp = search_config($this->config->data,"faiManagement","CLASS"); + if(!empty($tmp)){ + $sys_attrs[] = "FAIstate"; + } + /* Walk through all possible search combinations, and search for some objects if the checkbox is enabled */ foreach($objs as $checkBox => $oc){ if($this->DivListSystem->$checkBox){ if($this->DivListSystem->SubSearch){ if($oc['CLASS'] != ""){ $filter = "(|(&".$userregex."(objectClass=".$oc['CLASS'].")(cn=".$this->DivListSystem->Regex.")))"; - $res = array_merge($res,get_list($filter, array("terminal", "workstation", "server", "phone" ,"printer"), $base, - array("cn", "description", "macAddress", "objectClass", "sambaDomainName", "FAIstate"), GL_NONE | GL_SUBSEARCH | GL_SIZELIMIT)); + $new_res = get_list($filter, $sys_categories , $base,$sys_attrs, GL_NONE | GL_SUBSEARCH | GL_SIZELIMIT); + + /* Remove all objects that are not in the expected sub department */ + foreach($new_res as $key => $obj){ + if(preg_match("/^[^,]+,".normalizePreg($oc['TREE'])."/",$obj['dn'])){ + $res[$obj['dn']] = $obj; + } + } } }else{ /* User filter? */ if($oc['CLASS'] != ""){ $filter = "(|(&".$userregex."(objectClass=".$oc['CLASS'].")(cn=".$this->DivListSystem->Regex.")))"; - $res = array_merge($res,get_list($filter,array("terminal", "workstation", "server", "phone" ,"printer"),$oc['TREE'].$base, - array("cn", "description", "macAddress", "objectClass", "sambaDomainName", "FAIstate"), GL_NONE | GL_SIZELIMIT)); + $res = array_merge($res,get_list($filter,$sys_categories,$oc['TREE'].$base, $sys_attrs, GL_NONE | GL_SIZELIMIT)); } } } @@ -616,8 +810,7 @@ class systems extends plugin /* Search for incoming objects */ $filter = "(|(&".$userregex."(objectClass=goHard)(cn=".$this->DivListSystem->Regex.")))"; - $res = array_merge($res,get_list($filter,array("terminal", "workstation", "server", "phone" ,"printer"),"ou=incoming,".$base, - array("cn", "description", "macAddress", "objectClass", "sambaDomainName"), GL_NONE | GL_SIZELIMIT)); + $res = array_merge($res,get_list($filter,$sys_categories,"ou=incoming,".$base,$sys_attrs, GL_NONE | GL_SIZELIMIT)); /* Get all gotoTerminal's */ foreach ($res as $value){ @@ -632,6 +825,12 @@ class systems extends plugin } } + /* Create a string containing the last part of the department. */ + $dn_name = preg_replace("#^([^/]+/)*#","",convert_department_dn(@LDAP::fix($tmp))); + if(empty($dn_name)){ + $dn_name = "/"; + } + /* check if current object is a new one */ if (preg_match ("/,ou=incoming,/i", $tmp)){ if (in_array_ics('gotoTerminal', $value['objectClass'])){ @@ -658,7 +857,7 @@ class systems extends plugin } else { $terminal = $value; $terminal['type'] = "D"; - $terminal['message'] = _("Terminal template for"); + $terminal['message'] = _("Terminal template for")." '".$dn_name."' "; $terminal['location'] = array_search($tmp, $this->config->departments); } } @@ -674,7 +873,7 @@ class systems extends plugin $terminal = $value; $terminal['type'] = "D"; $terminal['location'] = array_search($tmp, $this->config->departments); - $terminal['message'] = _("Workstation template for"); + $terminal['message'] = _("Workstation template for")." '".$dn_name."' "; } if (isset($value["FAIstate"][0])){ $terminal['type']= $this->getState($terminal['type'], $value["FAIstate"][0]);