X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fadmin%2Fusers%2Fclass_userManagement.inc;h=c0042797a60a184c1b8ec58f9e99d9cff82d85f2;hb=4b45577aa0d449c2d36417afa256441f9dcb503f;hp=828f5cf0dbb8e46e0db37a2f4c069e33e0be8819;hpb=9661305ec872b58877cee3ac6b772134dcf7282c;p=gosa.git diff --git a/plugins/admin/users/class_userManagement.inc b/plugins/admin/users/class_userManagement.inc index 828f5cf0d..c0042797a 100644 --- a/plugins/admin/users/class_userManagement.inc +++ b/plugins/admin/users/class_userManagement.inc @@ -29,18 +29,16 @@ class userManagement extends plugin var $plDescription= "This does something"; /* Dialog attributes */ - var $usertab= NULL; - var $ui= NULL; - var $acl= ""; - var $templates= array(); - var $got_uid= false; - var $departments= array(); - var $CopyPasteHandler = NULL; - var $CPPasswordChange = ""; // Contains the entry id which should get a new password + var $usertab = NULL; + var $ui = NULL; + var $templates = array(); + var $got_uid = false; + var $CopyPasteHandler = NULL; + var $CPPasswordChange = ""; // Contains the entry id which should get a new password + var $DivListUsers; function userManagement($config, $ui) { - /* Save configuration for internal use */ $this->config= $config; $this->ui= $ui; @@ -50,53 +48,23 @@ class userManagement extends plugin $this->CopyPasteHandler= new CopyPasteHandler($this->config); } - /* Get global filter config */ - if (!isset($_SESSION["userfilter"])){ - $base= get_base_from_people($ui->dn); - $userfilter= array( "mailusers" => "checked", - "unixusers" => "checked", - "templates" => "", - "subsearch" => "", - "proxyusers" => "checked", - "sambausers" => "checked", - "faxusers" => "checked", - "functionalusers" => "checked", - "regex" => "*"); - $_SESSION["userfilter"]= $userfilter; - } - - /* Transfer global base to dialogs people base */ - if(!isset($_SESSION['CurrentMainBase'])){ - $base= get_base_from_people($ui->dn); - $_SESSION['CurrentMainBase']= $base; - } + /* Creat dialog object */ + $this->DivListUsers = new divListUsers($this->config,$this); - /* LOCK MESSAGE Vars */ - $_SESSION['LOCK_VARS_TO_USE'] = array("/^act$/","/^id$/","/^user_edit_/","/^user_del_/"); } function execute() { - //FIXME: This function lacks structure! It's dammn spaghetti code. - /* Call parent execute */ plugin::execute(); - $smarty= get_smarty(); // Smarty instance - $userfilter= get_global("userfilter"); // contains Filter Settings - $s_action= ""; // Contains the action to be taken - $s_entry= ""; // The value for s_action - $base_back= ""; // The Link for Backbutton - - /* Department folder change requested? */ - if( isset($_GET['act']) && $_GET['act'] == "dep_open" ){ - $s_action= "open"; - $s_entry= base64_decode($_GET['dep_id']); + /* LOCK MESSAGE Vars */ + $_SESSION['LOCK_VARS_TO_USE'] = array("/^act$/","/^id$/","/^user_edit_/","/^user_del_/"); - /* Set current main base to the requested department DN */ - $_SESSION['CurrentMainBase']= $this->config->departments[trim($s_entry)]; - } + $smarty = get_smarty(); // Smarty instance + $s_action = ""; // Contains the action to be taken + $s_entry = ""; // The value for s_action /* Edit entry button pressed? */ if( isset($_GET['act']) && $_GET['act'] == "edit_entry" ){ @@ -109,9 +77,10 @@ class userManagement extends plugin /* Get every possible POST combination and set s_action/s_entry accordingly */ foreach(array("del" => "user_del", "edit" => "user_edit", - "back" => "dep_back", "new" => "user_new", - "home" => "dep_home", "new_tpl" => "user_tplnew", - "change_pw" => "user_chgpw", "root" => "dep_root", + "new" => "user_new", + "new_tpl" => "user_tplnew", + "create_user_from_tpl" => "userfrom_tpl", + "change_pw" => "user_chgpw", "editPaste" => "editPaste", "copy" => "copy", "cut" => "cut") as $act => $name){ @@ -135,87 +104,54 @@ class userManagement extends plugin $s_tab= "user"; } - /* Department has changed? */ - if(isset($_POST['CurrentMainBase'])){ - $_SESSION['CurrentMainBase']= validate($_POST['CurrentMainBase']); - } - - /* Home-button is pressed, move to users home DN */ - if($s_action == "home"){ - $_SESSION['CurrentMainBase']= preg_replace('/^[^,]+,'.normalizePreg(get_people_ou()).'/', "", $this->ui->dn); - } - - /* Root-button is pressed, move to root DN */ - if($s_action == "root"){ - $_SESSION['CurrentMainBase']= $this->config->current['BASE']; - } - - /* If Back-button is pressed, move back one step in DN */ - if($s_action == "back"){ - //FIXME: This is not 100% correct. We'll only display ou's, but there may be - // a step between. You'll stumble in a "hidden" department in this case. - $base_back= preg_replace("/^[^,]+,/", "", $_SESSION['CurrentMainBase']); - - /* The department array keeps non DN entries as index. We need to convert - it before checking the existance. */ - $base_back= trim(convert_department_dn($base_back)); - - /* Check if the department exists, otherwise revert to the configure base DN */ - if(isset($this->config->departments[$base_back])){ - $_SESSION['CurrentMainBase']= $this->config->departments[$base_back]; - }else{ - $_SESSION['CurrentMainBase']= $this->config->departments['/']; - } + if(!search_config($this->config->data['TABS'], $s_tab , "CLASS")){ + $s_tab = "user"; } + /* Display the copy & paste dialog, if it is currently open */ $ret = $this->copyPasteHandling($s_action,$s_entry); if($ret){ return($ret); } - /* Save filter data if we are in the headpage */ - if(!isset($this->usertab)){ - $values= array("functionalusers", "unixusers", "mailusers", "sambausers", - "proxyusers", "faxusers", "templates", "subsearch"); - $userfilter= saveFilter($userfilter, $values); - register_global("userfilter", $userfilter); - } - /* React on user interaction here */ - if (($_SERVER["REQUEST_METHOD"] == "POST")||($_SERVER["REQUEST_METHOD"]== "GET")){ + /******************** + Edit existing entry + ********************/ - /* User wants to edit data? */ - if (($s_action=="edit") && (!isset($this->usertab->config))){ + /* User wants to edit data? */ + if (($s_action=="edit") && (!isset($this->usertab->config))){ - /* Get 'dn' from posted 'uid', must be unique */ - $this->dn= $this->list[trim($s_entry)]['dn']; + /* Get 'dn' from posted 'uid', must be unique */ + $this->dn= $this->list[trim($s_entry)]['dn']; - /* Check locking, save current plugin in 'back_plugin', so - the dialog knows where to return. */ - if (($user= get_lock($this->dn)) != ""){ - return(gen_locked_message ($user, $this->dn)); - } + /* Check locking, save current plugin in 'back_plugin', so + the dialog knows where to return. */ + if (($user= get_lock($this->dn)) != ""){ + return(gen_locked_message ($user, $this->dn)); + } - /* Lock the current entry, so everyone will get the - above dialog */ - add_lock ($this->dn, $this->ui->dn); + /* Lock the current entry, so everyone will get the + above dialog */ + add_lock ($this->dn, $this->ui->dn); - /* Set up the users ACL's for this 'dn' */ - $acl= get_permissions ($this->dn, $this->ui->subtreeACL); + /* Register usertab to trigger edit dialog */ + $this->usertab= new usertabs($this->config, + $this->config->data['TABS']['USERTABS'], $this->dn); - /* Register usertab to trigger edit dialog */ - $this->usertab= new usertabs($this->config, - $this->config->data['TABS']['USERTABS'], $this->dn); + /* Switch tab, if it was requested by the user */ + $this->usertab->current = $s_tab; - /* Switch tab, in case that was requested by the user */ - $this->usertab->current = $s_tab; - - /* Set ACL and move DN to the headline */ - $this->usertab->set_acl($acl); - $_SESSION['objectinfo']= $this->dn; - } + /* Set ACL and move DN to the headline */ + $this->usertab->set_acl_base($this->dn); + $_SESSION['objectinfo']= $this->dn; } + + /******************** + Edit canceled + ********************/ + /* Reset all relevant data, if we get a _cancel request */ if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){ if (isset($this->usertab)){ @@ -230,6 +166,11 @@ class userManagement extends plugin unset ($_SESSION['objectinfo']); } + + /******************** + Change password requested + ********************/ + /* Password change requested */ if (($s_action == "change_pw") || (!empty($this->CPPasswordChange))){ @@ -243,13 +184,10 @@ class userManagement extends plugin /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ - $acl= get_permissions ($this->dn, $this->ui->subtreeACL); - $acl= get_module_permission($acl, "user", $this->dn); - if (chkacl($acl, "password") == ""){ + if (preg_match("/w/",$this->ui->get_permissions($this->dn,"users/password"))){ /* User is allowed to change passwords, save 'dn' and 'acl' for next dialog. */ - $this->acl= $acl; $_SESSION['objectinfo']= $this->dn; return ($smarty->fetch(get_template_path('password.tpl', TRUE))); @@ -259,11 +197,20 @@ class userManagement extends plugin } } + + /******************** + Change password confirmed + ********************/ + /* Perform password change */ if (isset($_POST['password_finish'])){ /* For security reasons, check if user is allowed to set password again */ - if (chkacl($this->acl, "password") == "" || chkacl($this->acl, "create")){ + $dn = $this->dn; + $acl = $this->ui->get_permissions($dn, "users/password"); + $cacl= $this->ui->get_permissions($dn, "users/user"); + + if (preg_match('/w/', $acl) || preg_match('/c/', $cacl)){ /* Check input and feed errors into 'message' */ $message= array(); @@ -292,10 +239,10 @@ class userManagement extends plugin $config= $this->config; $ldap_ui= $this->config->get_ldap_link(); if(isset($this->usertab->dn)){ - $ldap_ui->cat($this->usertab->dn, array('uid')); + $ldap_ui->cat($this->usertab->dn,array("uid")); $user = $ldap_ui->fetch(); }else{ - $ldap_ui->cat($this->dn, array('uid')); + $ldap_ui->cat($this->dn,array("uid")); $user = $ldap_ui->fetch(); } if((is_array($user))&&(isset($user['uid']))){ @@ -306,8 +253,7 @@ class userManagement extends plugin if ($this->usertab){ if ($this->usertab->password_change_needed()){ $obj= $this->usertab->by_object['user']; - change_password ($this->usertab->dn, $_POST['new_password'], - 0, $obj->pw_storage); + change_password ($this->usertab->dn, $_POST['new_password'],0, $obj->pw_storage); if (isset($config->data['MAIN']['EXTERNALPWDHOOK'])){ exec($config->data['MAIN']['EXTERNALPWDHOOK']." ".$username." ".$_POST['new_password'], $resarr); } @@ -329,10 +275,8 @@ class userManagement extends plugin /* Missing permissions, show message */ print_red (_("You are not allowed to set this users password!")); } - /* Clean session, delete lock */ del_lock ($this->dn); - $this->reload(); unset ($this->usertab); $this->usertab= NULL; $this->lognames= array();; @@ -342,6 +286,11 @@ class userManagement extends plugin unset ($_SESSION['objectinfo']); } + + /******************** + Delete entry requested, display confirm dialog + ********************/ + /* Remove user was requested */ if ($s_action=="del"){ @@ -350,46 +299,41 @@ class userManagement extends plugin /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ - $acl= get_permissions ($this->dn, $this->ui->subtreeACL); - $this->acl= get_module_permission($acl, "user", $this->dn); - if (chkacl($this->acl, "delete") == ""){ - - /* Check locking, save current plugin in 'back_plugin', so - the dialog knows where to return. */ - if (($user= get_lock($this->dn)) != ""){ - return(gen_locked_message ($user, $this->dn)); - } - - /* Lock the current entry, so nobody will edit it during deletion */ - add_lock ($this->dn, $this->ui->dn); - $smarty->assign("info", sprintf(_("You're about to delete the user %s."), @LDAP::fix($this->dn))); - return($smarty->fetch(get_template_path('remove.tpl', TRUE))); - } else { - /* Obviously the user isn't allowed to delete. Show message and - clean session. */ - print_red (_("You are not allowed to delete this user!")); + /* Check locking, save current plugin in 'back_plugin', so + the dialog knows where to return. */ + if (($user= get_lock($this->dn)) != ""){ + return(gen_locked_message ($user, $this->dn)); } + + /* Lock the current entry, so nobody will edit it during deletion */ + add_lock ($this->dn, $this->ui->dn); + $smarty->assign("info", sprintf(_("You're about to delete the user %s."), @LDAP::fix($this->dn))); + return($smarty->fetch(get_template_path('remove.tpl', TRUE))); } + + /******************** + Delete entry confirmed + ********************/ + /* Confirmation for deletion has been passed. User should be deleted. */ if (isset($_POST['delete_user_confirm'])){ /* Some nice guy may send this as POST, so we've to check for the permissions again. */ - if (chkacl($this->acl, "delete") == ""){ + + $acl = $this->ui->get_permissions($this->dn, "users/user"); + + if (preg_match('/d/', $acl)){ /* Delete request is permitted, perform LDAP action */ - $this->usertab= new usertabs($this->config, $this->config->data['TABS']['USERTABS'], - $this->dn); - $this->usertab->set_acl(array($this->acl)); + $this->usertab= new usertabs($this->config, $this->config->data['TABS']['USERTABS'],$this->dn); + $this->usertab->set_acl_base(); $this->usertab->delete (); gosa_log ("User object '".$this->dn."' has been removed"); unset ($this->usertab); $this->usertab= NULL; - - /* User list has changed, reload it. */ - $this->reload (); } else { /* Normally this shouldn't be reached, send some extra @@ -405,6 +349,10 @@ class userManagement extends plugin del_lock ($this->dn); } + + /******************** + Delete entry Canceled + ********************/ /* Delete user canceled? */ if (isset($_POST['delete_cancel'])){ @@ -412,10 +360,14 @@ class userManagement extends plugin } + /******************** + Edit entry finished (Save) + ********************/ + /* Finish user edit is triggered by the tabulator dialog, so the user wants to save edited data. Check and save at this point. */ - if ((isset($_POST['edit_finish'])) && (isset($this->usertab->config))){ + if ((isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && (isset($this->usertab->config))){ /* Check tabs, will feed message array */ $this->usertab->last= $this->usertab->current; @@ -441,26 +393,22 @@ class userManagement extends plugin } gosa_log ("User object '".$this->dn."' has been saved"); - /* User has been saved successfully, remove lock from - LDAP. */ - if ($this->dn != "new"){ - del_lock ($this->dn); - } + if (!isset($_POST['edit_apply'])){ + /* User has been saved successfully, remove lock from LDAP. */ + if ($this->dn != "new"){ + del_lock ($this->dn); + } - /* In case of new users, ask for a password */ - if (($set_pass || $this->usertab->password_change_needed()) && - !$this->is_template){ + /* In case of new users, ask for a password, skip this for templates */ + if (($set_pass || $this->usertab->password_change_needed()) && !$this->is_template){ + $this->dn = $this->usertab->dn; + return($smarty->fetch(get_template_path('password.tpl', TRUE))); + } - return($smarty->fetch(get_template_path('password.tpl', TRUE))); + unset ($this->usertab); + $this->usertab= NULL; + unset ($_SESSION['objectinfo']); } - - /* There's no page reload so we have to read new users at - this point. */ - $this->reload (); - unset ($this->usertab); - $this->usertab= NULL; - unset ($_SESSION['objectinfo']); - } else { /* Ok. There seem to be errors regarding to the tab data, show message and continue as usual. */ @@ -468,22 +416,25 @@ class userManagement extends plugin } } + + /******************** + We want to create a new user, so fetch all available user templates + ********************/ + /* Generate template list */ if (($s_action=="new")||($s_action=="create_user_from_tpl")){ $this->templates= array(); - $ldap= $this->config->get_ldap_link(); - /* Create list of tempaltes */ + /* Create list of templates */ foreach ($this->config->departments as $key => $value){ /* Get acls from different ou's */ - $acl= get_permissions (get_people_ou().$value, $this->ui->subtreeACL); - $acl= get_module_permission($acl, "user", get_people_ou().$value); - + $acl = $this->ui->get_permissions("cn=dummy,".get_people_ou().$value,"users/user") ; + /* If creation of a new user is allowed, append this template */ - if (chkacl($acl, "create") == ""){ + if (preg_match("/c/",$acl)){ /* Search all templates from the current dn */ $ldap->cd (get_people_ou().$value); @@ -505,11 +456,49 @@ class userManagement extends plugin reset ($this->templates); } + + /******************** + Create a new user,template, user from template + ********************/ + + /* Check selected options for template */ + if (isset($_POST['template_continue'])){ + $message = array(); + if(!isset($_POST['template']) || (empty($_POST['template']))){ + $message[] = _("Please select a valid template."); + } + if(!isset($_POST['sn']) || (empty($_POST['sn']))){ + $message[]= _("The required field 'Name' is not set."); + } + if(!isset($_POST['givenName']) || (empty($_POST['givenName']))){ + $message[]= _("The required field 'Given name' is not set."); + } + + /* Show error message / continue editing */ + if (count($message) > 0){ + show_errors ($message); + + foreach(array("sn", "givenName", "uid", "template") as $attr){ + if(isset($_POST[$attr])){ + $smarty->assign("$attr", $_POST[$attr]); + }else{ + $smarty->assign("$attr", ""); + } + } + $smarty->assign("templates",$this->templates); + $smarty->assign("got_uid",$this->got_uid); + $smarty->assign("edit_uid",false); + return($smarty->fetch(get_template_path('template.tpl', TRUE))); + + } + } + /* New user/template request */ if (($s_action=="create_user_from_tpl")||($s_action=="new") || ($s_action=="new_tpl")){ /* By default we set 'dn' to 'new', all relevant plugins will react on this. */ $this->dn= "new"; + if (isset($this->config->current['IDGEN'])){ $this->got_uid= false; } else { @@ -517,10 +506,9 @@ class userManagement extends plugin } /* Create new usertab object */ - $this->usertab= new usertabs($this->config, - $this->config->data['TABS']['USERTABS'], $this->dn); - $this->usertab->set_acl(array(':all')); - $this->usertab->by_object['user']->base= $_SESSION['CurrentMainBase']; + $this->usertab= new usertabs($this->config,$this->config->data['TABS']['USERTABS'], $this->dn); + $this->usertab->by_object['user']->base= $this->DivListUsers->selectedBase; + $this->usertab->set_acl_base('dummy,'.$this->DivListUsers->selectedBase); /* Take care about templates */ if ($s_action=="new_tpl"){ @@ -545,10 +533,15 @@ class userManagement extends plugin } } + /******************** + Template selected continue edit + ********************/ + /* Continue template editing */ - if ((isset($_POST['template_continue']) && $_POST['template'] != 'none' && !isset($_POST['uid']))){ - $this->sn= $_POST['sn']; - $this->givenName= $_POST['givenName']; + if ((isset($_POST['template_continue'])) && ($_POST['template'] != 'none') && (!isset($_POST['uid']))){ + + $this->sn = $_POST['sn']; + $this->givenName = $_POST['givenName']; /* Check for requred values */ $message= array(); @@ -597,6 +590,10 @@ class userManagement extends plugin return($smarty->fetch(get_template_path('template.tpl', TRUE))); } + /******************** + No template selected continue edit + ********************/ + /* No template. Ok. Lets fill data into the normal user dialog */ if (isset($_POST['template_continue']) && $_POST['template'] == 'none'){ foreach(array("sn", "givenName", "uid") as $attr){ @@ -606,6 +603,11 @@ class userManagement extends plugin } } + + /******************** + Template selected continue edit + ********************/ + /* Finish template preamble */ if (isset($_POST['template_continue']) && $_POST['template'] != 'none' && (isset($_POST['uid']))){ @@ -622,372 +624,86 @@ class userManagement extends plugin $this->usertab->adapt_from_template($template_dn); $template_base = preg_replace("/^[^,]+,".normalizePreg(get_people_ou())."/", '', $template_dn); $this->usertab->by_object['user']->base= $template_base; - - /* Set up the users ACL's for this 'dn' */ - $acl= get_permissions ($template_base, $this->ui->subtreeACL); - $this->usertab->set_acl($acl); } - + + + /******************** + If no template was selected set base + ********************/ + if (isset($_POST['template_continue']) && ($_POST['template'] == 'none')){ - $this->usertab->by_object['user']->base= $_SESSION['CurrentMainBase']; + $this->usertab->by_object['user']->base= $this->DivListUsers->selectedBase; } + + /******************** + Display subdialog + ********************/ + /* Show tab dialog if object is present */ if(isset($this->usertab->config)){ $display= $this->usertab->execute(); /* Don't show buttons if tab dialog requests this */ - if (!$this->usertab->by_object[$this->usertab->current]->dialog){ - $display.= "
\n"; - $display.= "\n"; - $display.= " \n"; - $display.= "\n"; - $display.= "
"; + if(isset($this->usertab->by_object)){ + if (!$this->usertab->by_object[$this->usertab->current]->dialog){ + $display.= "\n"; + $display.= "\n"; + $display.= " \n"; + if ($this->dn != "new"){ + $display.= "\n"; + $display.= " \n"; + } + $display.= "\n"; + $display.= "
"; + } } return ($display); } - - /* Reload if we need a reload... */ - if (!isset($this->usertab) && - !isset($_POST['new_user']) && - !isset($_POST['new_template']) && - !isset($_POST['delete_user']) && - !isset($_POST['setpass_user']) && - !isset($_POST['select_user'])){ - $this->reload(); - } - - /* Check for exeeded sizelimit */ - if (($message= check_sizelimit()) != ""){ - return($message); - } - - /* Prepare departments */ - $options= ""; - foreach ($this->config->idepartments as $key => $value){ - if ($_SESSION['CurrentMainBase'] == $key){ - $options.= ""; - } else { - $options.= ""; - } - } - - /* Choose correct paste icon */ - if($this->CopyPasteHandler){ - $Copy_Paste= $this->CopyPasteHandler->generatePasteIcon(); - }else{ - $Copy_Paste= ""; - } - -#------------------------------------------------------------------------ Review mark - //FIXME: Hmm. I spent some hours in the past to get rid of HTML inside the - // PHP code. The section from here until the end of the execute() function - // is not what I'd call a good solution. It works, but its somewhat ugly. - // Currently I've no idea to make it better. HERE docs can help to make - // the code more readable. Smarty templates would be the best solution. - // Just not sure how to do it right now. - - /* NEW LIST MANAGMENT */ - //FIXME: Who cares? The old one is not present, and the big letters don't - // make clear that it's still spaghetti code... - //FIXME: Variable naming - field1.... - $listhead = "