X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fadmin%2Fsystems%2Fclass_systemManagement.inc;h=ac36a2034057729f02f3d917f9962884c62053dd;hb=9695395f399e680d3fbb0c6b7a2df7d8b37d17c8;hp=ac7f6efbf261a77539c4fa5ebeba1046de86e31a;hpb=47f45f247c547999858874eac073796ce4d6e30b;p=gosa.git diff --git a/plugins/admin/systems/class_systemManagement.inc b/plugins/admin/systems/class_systemManagement.inc index ac7f6efbf..ac36a2034 100644 --- a/plugins/admin/systems/class_systemManagement.inc +++ b/plugins/admin/systems/class_systemManagement.inc @@ -29,15 +29,14 @@ require "tabs_winstation.inc"; class systems extends plugin { /* Definitions */ - var $plHeadline= "Systems"; - var $plDescription= "This does something"; - var $departments=array(); + var $plHeadline = "Systems"; + var $plDescription = "This does something"; + var $departments = array(); /* Dialog attributes */ - var $systab= NULL; + var $systab = NULL; var $terminals= array(); - var $ui= NULL; - var $acl= ""; + var $ui = NULL; var $DivListSystem; function systems ($config, $ui) @@ -55,7 +54,7 @@ class systems extends plugin /* Call parent execute */ plugin::execute(); - $_SESSION['LOCK_VARS_TO_USE'] = array("/^user_edit_/i","/^user_del_/","/^act/","/^id/"); + $_SESSION['LOCK_VARS_TO_USE'] = array("/^system_edit_/i","/^system_del_/","/^act/","/^id/"); /******************** Check for functional posts, edit|delete|add|... system devices @@ -68,21 +67,24 @@ class systems extends plugin /* Test Posts */ foreach($_POST as $key => $val){ // Post for delete - if(preg_match("/user_del.*/",$key)){ + if(preg_match("/system_del.*/",$key)){ $s_action = "del"; - $s_entry = preg_replace("/user_".$s_action."_/i","",$key); + $s_entry = preg_replace("/system_del_/i","",$key); // Post for edit - }elseif(preg_match("/user_edit_.*/",$key)){ + }elseif(preg_match("/system_edit_.*/",$key)){ $s_action="edit"; - $s_entry = preg_replace("/user_".$s_action."_/i","",$key); + $s_entry = preg_replace("/system_edit_/i","",$key); // Post for new - }elseif(preg_match("/user_new.*/",$key)){ + }elseif(preg_match("/system_new.*/",$key)){ $s_action="new"; - }elseif(preg_match("/user_tplnew.*/i",$key)){ + }elseif(preg_match("/system_tplnew.*/i",$key)){ $s_action="new_tpl"; - }elseif(preg_match("/user_setpwd_.*/i",$key)){ + }elseif(preg_match("/system_setpwd_.*/i",$key)){ $s_action="change_pw"; - $s_entry = preg_replace("/user_setpwd_/i","",$key); + $s_entry = preg_replace("/system_setpwd_/i","",$key); + }elseif(preg_match("/gen_cd_.*/i",$key)){ + $s_action="gen_cd"; + $s_entry = preg_replace("/gen_cd_/i","",$key); }elseif(preg_match("/newsystem_.*/i",$key)){ $s_action="newsystem"; $s_entry = preg_replace("/newsystem_/i","",$key); @@ -119,6 +121,94 @@ class systems extends plugin return ($smarty->fetch(get_template_path('chooser.tpl', TRUE))); } + + /******************** + Create FAI CD ... + ********************/ + if ($s_action=="gen_cd"){ + $this->dn= $this->terminals[$s_entry]['dn']; + $_SESSION['objectinfo']= $this->dn; + return ($smarty->fetch(get_template_path('gencd.tpl', TRUE))); + } + + + /* Start CD-Creation */ + if ((isset($_POST["cd_create"])) && !empty($this->dn)){ + $smarty->assign("src", "?plug=".$_GET['plug']."&PerformIsoCreation"); + return ($smarty->fetch(get_template_path('gencd_frame.tpl', TRUE))); + } + + + if ($this->dn != "" && isset($_GET['PerformIsoCreation'])){ + + $return_button = ""; + + $dsc = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); + + /* Get and check command */ + $command= search_config($this->config->data['TABS'], "workgeneric", "ISOCMD"); + if (check_command($command)){ + @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute"); + + /* Print out html introduction */ + echo ' + + + + + + + +

';
+
+        /* Open process handle and check if it is a valid process */
+        $process= proc_open($command." '".$this->dn."'", $dsc, $pipes);
+        if (is_resource($process)) {
+          fclose($pipes[0]);
+
+          /* Print out returned lines && write JS to scroll down each line */
+          while (!feof($pipes[1])){
+            $cur_dat = fgets($pipes[1], 1024);
+            echo $cur_dat;
+            echo '' ;
+            flush();
+          }
+        }
+
+        /* Get error string && close streams */
+        $buffer= stream_get_contents($pipes[2]);
+
+        fclose($pipes[1]);
+        fclose($pipes[2]);
+        echo "

"; + + /* Check return code */ + $ret= proc_close($process); + if ($ret != 0){ + echo "

"._("Creating the image failed. Please see the report below.")."

"; + echo "

$buffer

"; + } + + + + echo $return_button."
"; + + } else { + $tmp= "

".sprintf(_("Command '%s', specified for ISO creation doesn't seem to exist."), $command)."

"; + echo $tmp; + } + + /* Scroll down completly */ + echo '' ; + echo ''; + flush(); + exit; + } + + /******************** Create new system ... ********************/ @@ -140,23 +230,32 @@ class systems extends plugin } $this->dn= "new"; } - $this->acl= array(":all"); $tabs = array( - "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs"), - "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs"), - "server" => array("CLASS"=>"SERVTABS", "TABNAME"=>"servgeneric", "TABCLASS" =>"servtabs"), - "printer" => array("CLASS"=>"PRINTTABS", "TABNAME"=>"printgeneric", "TABCLASS" =>"printtabs"), - "phone" => array("CLASS"=>"PHONETABS", "TABNAME"=>"phonegeneric", "TABCLASS" =>"phonetabs"), - "component" => array("CLASS"=>"COMPONENTTABS","TABNAME"=>"componentgeneric","TABCLASS" =>"componenttabs")); + "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"), + "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation"), + "server" => array("CLASS"=>"SERVTABS", "TABNAME"=>"servgeneric", "TABCLASS" =>"servtabs", "ACL"=> "server"), + "printer" => array("CLASS"=>"PRINTTABS", "TABNAME"=>"printgeneric", "TABCLASS" =>"printtabs", "ACL"=> "printer"), + "phone" => array("CLASS"=>"PHONETABS", "TABNAME"=>"phonegeneric", "TABCLASS" =>"phonetabs", "ACL"=> "phone"), + "component" => array("CLASS"=>"COMPONENTTABS","TABNAME"=>"componentgeneric","TABCLASS" =>"componenttabs", "ACL"=> "component")); if(isset($tabs[$sw])){ $class = $tabs[$sw]["CLASS"]; $tabname = $tabs[$sw]["TABNAME"]; $tabclass = $tabs[$sw]["TABCLASS"]; - $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn); - $this->systab->set_acl ($this->acl); - $this->systab->by_object[$tabname]->base = $this->DivListSystem->selectedBase; - $this->systab->base = $this->DivListSystem->selectedBase; + $acl_cat = $tabs[$sw]["ACL"]; + + /* Load permissions for selected 'dn' and check if + we're allowed to remove this 'dn' */ + $ui = get_userinfo(); + $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname); + if(preg_match("/c/",$tabacl)){ + $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn,$sw); + $this->systab->set_acl_base($this->DivListSystem->selectedBase); + $this->systab->by_object[$tabname]->base = $this->DivListSystem->selectedBase; + $this->systab->base = $this->DivListSystem->selectedBase; + }else{ + print_red(_("You are not allowed to create a new object of this type.")); + } } } @@ -175,9 +274,6 @@ class systems extends plugin return(gen_locked_message ($user, $this->dn)); } - /* Set up the users ACL's for this 'dn' */ - $acl= get_permissions ($this->dn, $this->ui->subtreeACL); - /* Find out more about the object type */ $ldap= $this->config->get_ldap_link(); $ldap->cat($this->dn, array('objectClass')); @@ -187,13 +283,13 @@ class systems extends plugin /* Lock the current entry, so everyone will get the above dialog */ $tabs = array( - "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs"), - "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs"), - "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs"), - "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs"), - "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs"), - "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs"), - "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs")); + "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal"), + "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation"), + "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server"), + "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer"), + "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone"), + "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation"), + "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component")); if($type == "NewDevice"){ @@ -201,10 +297,11 @@ class systems extends plugin }elseif(isset($tabs[$type])){ $class = $tabs[$type]["CLASS"]; + $acl_cat = $tabs[$type]["ACL"]; $tabclass = $tabs[$type]["TABCLASS"]; - $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn); - $this->systab->set_acl($acl); + $this->systab= new $tabclass($this->config, $this->config->data['TABS'][$class], $this->dn,$acl_cat); + $this->systab->set_acl_base($this->dn); $_SESSION['objectinfo']= $this->dn; add_lock ($this->dn, $this->ui->dn); }else{ @@ -220,14 +317,29 @@ class systems extends plugin /* Set terminals root password */ if ($s_action=="change_pw"){ - $this->dn= $this->terminals[$s_entry]['dn']; - $_SESSION['objectinfo']= $this->dn; - return ($smarty->fetch(get_template_path('password.tpl', TRUE))); + $tabs = array( + "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"), + "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation")); + + $type = $this->get_system_type($this->terminals[$s_entry]['objectClass']); + $class = $tabs[$type]["CLASS"]; + $tabname = $tabs[$type]["TABNAME"]; + $acl_cat = $tabs[$type]["ACL"]; + $tabclass = $tabs[$type]["TABCLASS"]; + $ui = get_userinfo(); + $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd"); + if(preg_match("/w/",$tabacl)){ + $this->dn= $this->terminals[$s_entry]['dn']; + $_SESSION['objectinfo']= $this->dn; + return ($smarty->fetch(get_template_path('password.tpl', TRUE))); + }else{ + print_red(_("You are not allowed to change the password for this object.")); + } } /******************** - Password cahnge finish, but check if entered data is ok + Password change finish, but check if entered data is ok ********************/ /* Correctly specified? */ @@ -247,23 +359,50 @@ class systems extends plugin $_POST['new_password'] == $_POST['repeated_password']){ /* Check if user is allowed to set password */ - $acl= get_permissions ($this->dn, $this->ui->subtreeACL); - $acl= get_module_permission($acl, "terminal", $this->dn); - if (chkacl($acl, "password") != ""){ - print_red (_("You are not allowed to set this systems password!")); - } else { - $ldap= $this->config->get_ldap_link(); - $ldap->cd($this->dn); + $tabs = array( + "terminal" => array("CLASS"=>"TERMTABS", "TABNAME"=>"termgeneric", "TABCLASS" =>"termtabs", "ACL"=> "terminal"), + "workstation" => array("CLASS"=>"WORKTABS", "TABNAME"=>"workgeneric", "TABCLASS" =>"worktabs", "ACL"=> "workstation")); + + /* Detect object type */ + $type = ""; + foreach($this->terminals as $terminal){ + if($terminal['dn'] == $this->dn){ + $type = $this->get_system_type($terminal['objectClass']); + break; + } + } - $attrs= array(); - if ($_POST['new_password'] == ""){ - $attrs['gotoRootPasswd']= array(); - } else { - $attrs['gotoRootPasswd']= crypt($_POST['new_password'], - substr(session_id(),0,2)); + /* Type detected */ + if(!empty($type)){ + + /* Get infos */ + $class = $tabs[$type]["CLASS"]; + $tabname = $tabs[$type]["TABNAME"]; + $acl_cat = $tabs[$type]["ACL"]; + $tabclass = $tabs[$type]["TABCLASS"]; + + /* Get acls */ + $ui = get_userinfo(); + $tabacl = $ui->get_permissions($this->DivListSystem->selectedBase,$acl_cat."/".$tabname,"gotoRootPasswd"); + + /* Check acls */ + if(preg_match("/w/",$tabacl)){ + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->dn); + + $attrs= array(); + if ($_POST['new_password'] == ""){ + $attrs['gotoRootPasswd']= array(); + } else { + $attrs['gotoRootPasswd']= crypt($_POST['new_password'],substr(session_id(),0,2)); + } + $ldap->modify($attrs); + gosa_log ("Password for '".$this->dn."' has been changed"); + }else{ + print_red(_("You are not allowed to change the password for this object.")); } - $ldap->modify($attrs); - gosa_log ("Password for '".$this->dn."' has been changed"); + }else{ + print_red(_("Can't detect object to change password.")); } unset($_SESSION['objectinfo']); } @@ -288,13 +427,34 @@ class systems extends plugin if ($s_action=="del"){ /* Get 'dn' from posted termlinst */ - $this->dn= $this->terminals[$s_entry]['dn']; + $this->dn = $this->terminals[$s_entry]['dn']; + $attrs = $this->terminals[$s_entry]; + + $type= $this->get_system_type($attrs['objectClass']); + $ui = get_userinfo(); + $tabs = array( + "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"), + "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"), + "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"), + "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"), + "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"), + "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"), + "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric")); + + + /* get object type */ + $tabtype = "termtabs"; + $tabobj = "TERMTABS"; + $tabacl = ""; + if(isset($tabs[$type])){ + $tabtype = $tabs[$type]['TABCLASS']; + $tabobj = $tabs[$type]['CLASS']; + $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']); + } /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ - $acl= get_permissions ($this->dn, $this->ui->subtreeACL); - $this->acl= get_module_permission($acl, "terminal", $this->dn); - if (chkacl($this->acl, "delete") == ""){ + if(preg_match("/d/",$tabacl)){ /* Check locking, save current plugin in 'back_plugin', so the dialog knows where to return. */ @@ -321,45 +481,45 @@ class systems extends plugin /* Confirmation for deletion has been passed. Terminal should be deleted. */ if (isset($_POST['delete_terminal_confirm'])){ - /* Some nice guy may send this as POST, so we've to check - for the permissions again. */ - if (chkacl($this->acl, "delete") == ""){ - - /* Find out more about the object type */ - $ldap= $this->config->get_ldap_link(); - $ldap->cat($this->dn, array('objectClass')); - $attrs= $ldap->fetch(); - $type= $this->get_system_type($attrs['objectClass']); - - $tabs = array( - "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs"), - "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs"), - "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs"), - "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs"), - "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs"), - "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs"), - "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs")); - - /* get object type */ - $tabtype = "termtabs"; - $tabobj = "TERMTABS"; - if(isset($tabs[$type])){ - $tabtype = $tabs[$type]['TABCLASS']; - $tabobj = $tabs[$type]['CLASS']; - } + /* Find out more about the object type */ + $ldap= $this->config->get_ldap_link(); + $ldap->cat($this->dn, array('objectClass')); + $attrs= $ldap->fetch(); + $type= $this->get_system_type($attrs['objectClass']); + + $ui = get_userinfo(); + + $tabs = array( + "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"), + "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"), + "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"), + "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgeneric"), + "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"), + "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"), + "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric")); + + /* get object type */ + $tabtype = "termtabs"; + $tabobj = "TERMTABS"; + $tabacl = ""; + if(isset($tabs[$type])){ + $tabtype = $tabs[$type]['TABCLASS']; + $tabobj = $tabs[$type]['CLASS']; + $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']); + } + + /* Check if we are allowed to remove this object */ + if(preg_match("/d/",$tabacl)){ /* Delete request is permitted, perform LDAP action */ if($tabtype=="phonetabs"){ - $this->systab= new $tabtype($this->config, - $this->config->data['TABS'][$tabobj], $this->dn); - $this->systab->set_acl(array($this->acl)); + $this->systab= new $tabtype($this->config, $this->config->data['TABS'][$tabobj], $this->dn,$type); + $this->systab->set_acl_base($this->dn); $this->systab->by_object['phonegeneric']->remove_from_parent (); }else{ - $this->systab= new $tabtype($this->config, - $this->config->data['TABS'][$tabobj], $this->dn); - $this->systab->set_acl(array($this->acl)); + $this->systab= new $tabtype($this->config,$this->config->data['TABS'][$tabobj], $this->dn,$type); + $this->systab->set_acl_base($this->dn); $this->systab->delete(); -#$this->systab->by_object['termgeneric']->remove_from_parent (); } unset ($this->systab); gosa_log ("System object'".$this->dn."' has been removed"); @@ -521,8 +681,25 @@ class systems extends plugin function get_used_snapshot_bases() { $tmp = array(); - foreach(array("phones","servers","printers","terminals","netdevices","workstations") as $ent){ - $tmp[] = "ou=".$ent.",ou=systems,".$this->DivListSystem->selectedBase; + + /* Check acls, if we are not allowed to create and write each plugin tab, skip this object */ + + $tabs = array( + "terminal" => "ou=terminals,ou=systems,", + "workstation" => "ou=workstations,ou=systems,", + "server" => "ou=servers,ou=systems,", + "printer" => "ou=printers,ou=systems,", + "phone" => "ou=phones,ou=systems,", + "winworkstation" => get_winstations_ou(), + "component" => "ou=netdevices,ou=systems," + ); + + foreach($tabs as $acl_cat => $dn){ + + $acl_all = $this->ui->has_complete_category_acls($dn.$this->DivListSystem->selectedBase,$acl_cat); + if(preg_match("/(c.*w|w.*c)/",$acl_all)){ + $tmp[] = $dn.$this->DivListSystem->selectedBase; + } } return($tmp); } @@ -563,16 +740,8 @@ class systems extends plugin function reload() { - /* Load terminal shortcuts */ - $responsible= array(); - foreach ($this->config->departments as $key => $value){ - if (get_module_permission(get_permissions ($value, $this->ui->subtreeACL), - "terminal", $value) == "#all#"){ - $responsible[$key]= $value; - } - } - /* some var init */ + $ui = get_userinfo(); $res = array(); $this->terminals = array(); $userregex = ""; @@ -592,7 +761,7 @@ class systems extends plugin /* This array represents the combination between checkboxes and search filters */ $objs = array( "ShowServers" => array("CLASS" => "goServer" ,"TREE" => "ou=servers,ou=systems," ), - "ShowTerminals" => array("CLASS" => "goHard" ,"TREE" => "ou=terminals,ou=systems,"), + "ShowTerminals" => array("CLASS" => "gotoTerminal" ,"TREE" => "ou=terminals,ou=systems,"), "ShowPrinters" => array("CLASS" => "gotoPrinter" ,"TREE" => "ou=printers,ou=systems," ), "ShowDevices" => array("CLASS" => "ieee802Device" ,"TREE" => "ou=netdevices,ou=systems," ), "ShowPhones" => array("CLASS" => "goFonHardware" ,"TREE" => "ou=phones,ou=systems," ), @@ -604,21 +773,36 @@ class systems extends plugin $userregex = "(gotoLastUser=".$this->DivListSystem->UserRegex.")"; } + /* Attributes to fetch */ + $sys_attrs = array("cn", "description", "macAddress", "objectClass", "sambaDomainName"); + $sys_categories = array("terminal", "workstation", "server", "phone" ,"printer"); + + /* Add FAIstate to attributes if FAI is activated */ + $tmp = search_config($this->config->data,"faiManagement","CLASS"); + if(!empty($tmp)){ + $sys_attrs[] = "FAIstate"; + } + /* Walk through all possible search combinations, and search for some objects if the checkbox is enabled */ foreach($objs as $checkBox => $oc){ if($this->DivListSystem->$checkBox){ if($this->DivListSystem->SubSearch){ if($oc['CLASS'] != ""){ $filter = "(|(&".$userregex."(objectClass=".$oc['CLASS'].")(cn=".$this->DivListSystem->Regex.")))"; - $res = array_merge($res,get_list($filter, array("terminal", "workstation", "server", "phone" ,"printer"), $base, - array("cn", "description", "macAddress", "objectClass", "sambaDomainName", "FAIstate"), GL_NONE | GL_SUBSEARCH | GL_SIZELIMIT)); + $new_res = get_list($filter, $sys_categories , $base,$sys_attrs, GL_NONE | GL_SUBSEARCH | GL_SIZELIMIT); + + /* Remove all objects that are not in the expected sub department */ + foreach($new_res as $key => $obj){ + if(preg_match("/^[^,]+,".normalizePreg($oc['TREE'])."/",$obj['dn'])){ + $res[$obj['dn']] = $obj; + } + } } }else{ /* User filter? */ if($oc['CLASS'] != ""){ $filter = "(|(&".$userregex."(objectClass=".$oc['CLASS'].")(cn=".$this->DivListSystem->Regex.")))"; - $res = array_merge($res,get_list($filter,array("terminal", "workstation", "server", "phone" ,"printer"),$oc['TREE'].$base, - array("cn", "description", "macAddress", "objectClass", "sambaDomainName", "FAIstate"), GL_NONE | GL_SIZELIMIT)); + $res = array_merge($res,get_list($filter,$sys_categories,$oc['TREE'].$base, $sys_attrs, GL_NONE | GL_SIZELIMIT)); } } } @@ -626,8 +810,7 @@ class systems extends plugin /* Search for incoming objects */ $filter = "(|(&".$userregex."(objectClass=goHard)(cn=".$this->DivListSystem->Regex.")))"; - $res = array_merge($res,get_list($filter,array("terminal", "workstation", "server", "phone" ,"printer"),"ou=incoming,".$base, - array("cn", "description", "macAddress", "objectClass", "sambaDomainName"), GL_NONE | GL_SIZELIMIT)); + $res = array_merge($res,get_list($filter,$sys_categories,"ou=incoming,".$base,$sys_attrs, GL_NONE | GL_SIZELIMIT)); /* Get all gotoTerminal's */ foreach ($res as $value){ @@ -642,6 +825,12 @@ class systems extends plugin } } + /* Create a string containing the last part of the department. */ + $dn_name = preg_replace("#^([^/]+/)*#","",convert_department_dn(@LDAP::fix($tmp))); + if(empty($dn_name)){ + $dn_name = "/"; + } + /* check if current object is a new one */ if (preg_match ("/,ou=incoming,/i", $tmp)){ if (in_array_ics('gotoTerminal', $value['objectClass'])){ @@ -655,8 +844,12 @@ class systems extends plugin /* Detect type of object and create an entry for $this->terminals */ $terminal = array(); - if ((in_array ($tmp, $responsible)) || ($add != "")){ - if (in_array_ics('gotoTerminal', $value["objectClass"])){ + + if (in_array_ics('gotoTerminal', $value["objectClass"])){ + + /* check acl */ + $acl = $ui->get_permissions($value['dn'],"terminal/termgeneric"); + if($add != "" || preg_match("/r/",$acl)) { if (isset($value["macAddress"][0]) && $value["macAddress"][0] != "-"){ $terminal = $value; $terminal['type'] = "T"; @@ -664,10 +857,14 @@ class systems extends plugin } else { $terminal = $value; $terminal['type'] = "D"; - $terminal['message'] = _("Terminal template for"); + $terminal['message'] = _("Terminal template for")." '".$dn_name."' "; $terminal['location'] = array_search($tmp, $this->config->departments); } - } elseif (in_array_ics('gotoWorkstation', $value["objectClass"])){ + } + } elseif (in_array_ics('gotoWorkstation', $value["objectClass"])){ + + $acl = $ui->get_permissions($value['dn'],"workstation/workgeneric"); + if($add != "" || preg_match("/r/",$acl)) { if (isset($value["macAddress"][0]) && $value["macAddress"][0] != "-"){ $terminal = $value; $terminal['type'] = "L"; @@ -676,41 +873,73 @@ class systems extends plugin $terminal = $value; $terminal['type'] = "D"; $terminal['location'] = array_search($tmp, $this->config->departments); - $terminal['message'] = _("Workstation template for"); + $terminal['message'] = _("Workstation template for")." '".$dn_name."' "; } if (isset($value["FAIstate"][0])){ $terminal['type']= $this->getState($terminal['type'], $value["FAIstate"][0]); } - } elseif (in_array_ics('gotoPrinter', $value["objectClass"])){ + } + } elseif (in_array_ics('gotoPrinter', $value["objectClass"])){ + + + $acl = $ui->get_permissions($value['dn'],"printer/printgeneric"); + if($add != "" || preg_match("/r/",$acl)) { + $terminal = $value; $terminal['type'] = "P"; - } elseif (in_array_ics('goServer', $value["objectClass"])){ + } + } elseif (in_array_ics('goServer', $value["objectClass"])){ + + $acl = $ui->get_permissions($value['dn'],"server/servgeneric"); + if($add != "" || preg_match("/r/",$acl)) { + $terminal = $value; $terminal['type'] = "S"; if (isset($value["FAIstate"][0])){ $terminal['type']= $this->getState($terminal['type'], $value["FAIstate"][0]); } - } elseif (in_array_ics('goFonHardware', $value["objectClass"])){ + } + } elseif (in_array_ics('goFonHardware', $value["objectClass"])){ + + $acl = $ui->get_permissions($value['dn'],"phone/phoneGeneric"); + if($add != "" || preg_match("/r/",$acl)) { + $terminal = $value; $terminal['type'] = "F"; - }elseif (in_array_ics("GOhard",$value['objectClass'])){ + } + }elseif (in_array_ics("GOhard",$value['objectClass'])){ + + $acl = $ui->get_permissions($value['dn'],"server/servgeneric"). + $ui->get_permissions($value['dn'],"terminal/termgeneric"). + $ui->get_permissions($value['dn'],"workstation/workgeneric"); + if($add != "" || preg_match("/r/",$acl)) { + $terminal = $value; $terminal['type'] = "Q"; $terminal['is_new'] = $add; - } elseif (in_array_ics('ieee802Device', $value["objectClass"])){ + } + } elseif (in_array_ics('ieee802Device', $value["objectClass"])){ + + $acl = $ui->get_permissions($value['dn'],"component/componentGeneric"); + if($add != "" || preg_match("/r/",$acl)) { + $terminal = $value; $terminal['type'] = "C"; - } else{ - $name= preg_replace('/\$$/', '', $value['cn'][0]); - if (isset($value['sambaDomainName'])){ - $domain= " [".$value['sambaDomainName'][0]."]"; - } else { - $domain= ""; - } - $terminal=$value; - $terminal['type'] ="W"; - $terminal['domain'] = $name.$domain; } + } else{ + + $name= preg_replace('/\$$/', '', $value['cn'][0]); + if (isset($value['sambaDomainName'])){ + $domain= " [".$value['sambaDomainName'][0]."]"; + } else { + $domain= ""; + } + $terminal=$value; + $terminal['type'] ="W"; + $terminal['domain'] = $name.$domain; + } + + if(count($terminal)){ $this->terminals[]=$terminal; } }