![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 099fb79)
raw | patch | inline | side by side (parent: 099fb79)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Wed, 23 Dec 2009 09:32:00 +0000 (09:32 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Wed, 23 Dec 2009 09:32:00 +0000 (09:32 +0000) |
-Still not working completely
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@14927 594d385d-05f5-0310-b6e9-bd551577e9d8
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@14927 594d385d-05f5-0310-b6e9-bd551577e9d8
| gosa-core/plugins/admin/acl/acl-filter.tpl | [new file with mode: 0644] | patch | blob |
| gosa-core/plugins/admin/acl/acl-filter.xml | [new file with mode: 0644] | patch | blob |
| gosa-core/plugins/admin/acl/acl-list.tpl | [new file with mode: 0644] | patch | blob |
| gosa-core/plugins/admin/acl/acl-list.xml | [new file with mode: 0644] | patch | blob |
| gosa-core/plugins/admin/acl/class_aclManagement.inc | patch | blob | history | |
| gosa-core/plugins/admin/acl/class_divListACL.inc | [deleted file] | patch | blob | history |
| gosa-core/plugins/admin/acl/main.inc | patch | blob | history |
diff --git a/gosa-core/plugins/admin/acl/acl-filter.tpl b/gosa-core/plugins/admin/acl/acl-filter.tpl
--- /dev/null
@@ -0,0 +1,37 @@
+<div class="contentboxh">
+ <p class="contentboxh">
+ <img src="images/launch.png" align="right" alt="[F]">{t}Filter{/t}
+ </p>
+</div>
+
+<div class="contentboxb">
+
+<div style="border-top:1px solid #AAAAAA"></div>
+
+{$ACL} <LABEL for='MAIL'>{t}Show access control lists{/t}</LABEL><br>
+{$ROLE} <LABEL for='SAMBA'>{t}Show roles{/t}</LABEL><br>
+
+ <div style="border-top:1px solid #AAAAAA"></div>
+ {$SCOPE}
+
+ <table summary="" style="width:100%;border-top:1px solid #B0B0B0;">
+ <tr>
+ <td>
+ <label for="NAME">
+ <img src="images/lists/search.png" align=middle> Name
+ </label>
+ </td>
+ <td>
+ {$NAME}
+ </td>
+ </tr>
+ </table>
+
+ <table summary="" width="100%" style="background:#EEEEEE;border-top:1px solid #B0B0B0;">
+ <tr>
+ <td width="100%" align="right">
+ {$APPLY}
+ </td>
+ </tr>
+ </table>
+</div>
diff --git a/gosa-core/plugins/admin/acl/acl-filter.xml b/gosa-core/plugins/admin/acl/acl-filter.xml
--- /dev/null
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<filterdef>
+ <definition>
+ <category>acl</category>
+ <template>acl-filter.tpl</template>
+ <initial>true</initial>
+ </definition>
+
+ <search>
+ <query>
+ <backend>LDAP</backend>
+ <filter>(|$ACL$ROLE)$NAME</filter>
+ <method>cat</method>
+ <attribute>dn</attribute>
+ <attribute>objectClass</attribute>
+ <attribute>cn</attribute>
+ <attribute>description</attribute>
+ </query>
+ <query>
+ <backend>LDAP</backend>
+ <filter>(|$ACL$ROLE)$NAME</filter>
+ <attribute>dn</attribute>
+ <attribute>objectClass</attribute>
+ <attribute>cn</attribute>
+ <attribute>description</attribute>
+ </query>
+ <scope>auto</scope>
+ </search>
+
+ <element>
+ <type>textfield</type>
+ <tag>NAME</tag>
+ <size>20</size>
+ <maxlength>60</maxlength>
+ <default></default>
+ <unset></unset>
+ <set>(|(cn=*$*)(description=*$*))</set>
+ <alphabet>true</alphabet>
+ <autocomplete>
+ <backend>LDAP</backend>
+ <filter>(&(objectClass=gosaACL)(|(cn=*$NAME*)(description=*$NAME*)))</filter>
+ <attribute>cn</attribute>
+ <attribute>description</attribute>
+ <frequency>0.5</frequency>
+ <characters>3</characters>
+ </autocomplete>
+ </element>
+
+ <element>
+ <type>checkbox</type>
+ <tag>ACL</tag>
+ <default>true</default>
+ <set>(objectClass=gosaAcl)</set>
+ <unset></unset>
+ </element>
+
+ <element>
+ <type>checkbox</type>
+ <tag>ROLE</tag>
+ <default>true</default>
+ <unset></unset>
+ <set>(objectClass=gosaAclRole)</set>
+ </element>
+
+</filterdef>
diff --git a/gosa-core/plugins/admin/acl/acl-list.tpl b/gosa-core/plugins/admin/acl/acl-list.tpl
--- /dev/null
@@ -0,0 +1,31 @@
+<input type='image' src='images/empty.png' name='no_action_posted' value='do_nothing' alt='' style='width:2px;height:2px;'>
+
+<table summary="" style="width:100%; vertical-align:top; text-align:left;" cellpadding=2>
+ <tr>
+ <td style="vertical-align:top; width:50%;">
+ <div class="contentboxh">
+ <p class="contentboxh"> {$HEADLINE} {$SIZELIMIT}</p>
+ </div>
+
+ <div class="contentboxb">
+ <div style='background:white;padding:0px;padding:3px;'>
+ <table><tr>
+ <td>{$ROOT} </td><td>{$BACK} </td><td>{$HOME} </td><td>{$RELOAD} </td><td>{$SEPARATOR} </td><td>{t}Base{/t} {$BASE} <input class='center' type='image' src='images/lists/submit.png' align='middle' title='{t}Update{/t}' name='submit_department' alt='{t}Submit{/t}'> </td><td>{$SEPARATOR} </td><td><img src='images/rocket.png' alt='' class='center'></td><td> {$ACTIONS}</td>
+ </tr></table>
+ </div>
+ </div>
+
+ <div style='height:4px;'>
+ </div>
+
+ <input type="hidden" id="d_save" value="450">
+ <input type="hidden" id="d_space" value="760">
+ {$LIST}
+ </td>
+ <td style='vertical-align:top'>
+ {$FILTER}
+ </td>
+ </tr>
+</table>
+
+<input type="hidden" name="ignore">
diff --git a/gosa-core/plugins/admin/acl/acl-list.xml b/gosa-core/plugins/admin/acl/acl-list.xml
--- /dev/null
@@ -0,0 +1,155 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<list>
+ <definition>
+ <departmentBrowser>true</departmentBrowser>
+ <departmentRootVisible>true</departmentRootVisible>
+ <baseMode>true</baseMode>
+ <multiSelect>true</multiSelect>
+ <template>acl-list.tpl</template>
+ <module>acl</module>
+ <label>List of acls</label>
+ <defaultSortColumn>1</defaultSortColumn>
+
+ <objectType>
+ <label>Acl</label>
+ <objectClass>gosaAcl</objectClass>
+ <category>acl</category>
+ <class>acl</class>
+ <image>plugins/users/images/select_template.png</image>
+ </objectType>
+
+ <objectType>
+ <label>Role</label>
+ <objectClass>gosaAclRole</objectClass>
+ <category>acl</category>
+ <class>acl</class>
+ <image>plugins/users/images/select_user.png</image>
+ </objectType>
+
+ </definition>
+
+ <table>
+ <layout>|16px||150px|170px;r|</layout>
+
+ <department>
+ <value>%{filter:objectType(dn,objectClass)}</value>
+ </department>
+
+ <department>
+ <value>%{filter:departmentLink(row,dn,description)}</value>
+ <span>1</span>
+ </department>
+
+ <column>
+ <value>%{filter:objectType(dn,objectClass)}</value>
+ </column>
+
+ <column>
+ <label>Name</label>
+ <sortAttribute>cn</sortAttribute>
+ <sortType>string</sortType>
+ <value>%{filter:link(row,dn,"%s",cn)}</value>
+ <export>true</export>
+ </column>
+
+ <column>
+ <label>Description</label>
+ <sortAttribute>description</sortAttribute>
+ <sortType>string</sortType>
+ <value>%{filter:link(row,dn,"%s",description)}</value>
+ <export>true</export>
+ </column>
+
+ <column>
+ <label>Actions</label>
+ <value>%{filter:actions(dn,row,objectClass)}</value>
+ </column>
+
+ </table>
+
+ <actionmenu>
+
+ <action>
+ <type>sub</type>
+ <image>images/lists/new.png</image>
+ <label>Create</label>
+
+ <action>
+ <name>new</name>
+ <type>entry</type>
+ <image>plugins/users/images/list_new_user.png</image>
+ <label>Acl</label>
+ </action>
+
+ <action>
+ <name>new_role</name>
+ <type>entry</type>
+ <image>plugins/users/images/select_template.png</image>
+ <label>Role</label>
+ </action>
+ </action>
+
+ <action>
+ <type>separator</type>
+ </action>
+
+ <action>
+ <name>remove</name>
+ <type>entry</type>
+ <image>images/lists/trash.png</image>
+ <label>Remove</label>
+ </action>
+
+ <action>
+ <type>separator</type>
+ </action>
+
+ <action>
+ <type>exporter</type>
+ </action>
+
+ <action>
+ <type>separator</type>
+ </action>
+
+ <action>
+ <type>copypaste</type>
+ </action>
+
+ <action>
+ <type>snapshot</type>
+ </action>
+
+ </actionmenu>
+
+ <actiontriggers snapshot="true" copypaste="true">
+
+ <action>
+ <name>cp</name>
+ <type>copypaste</type>
+ </action>
+
+ <action>
+ <name>edit</name>
+ <type>entry</type>
+ <image>images/lists/edit.png</image>
+ <label>Edit</label>
+ </action>
+
+ <action>
+ <name>snapshot</name>
+ <type>snapshot</type>
+ </action>
+
+ <action>
+ <name>remove</name>
+ <type>entry</type>
+ <image>images/lists/trash.png</image>
+ <acl>acl/acl[d]</acl>
+ <label>Remove</label>
+ </action>
+
+ </actiontriggers>
+
+</list>
diff --git a/gosa-core/plugins/admin/acl/class_aclManagement.inc b/gosa-core/plugins/admin/acl/class_aclManagement.inc
index 1044660a3f2914c191b71b2a87d33311674b7eaf..ad6c316538f7d1e5c204616a00f26cfce93b3b1e 100644 (file)
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-class aclManagement extends plugin
+class aclManagement extends management
{
- /* Plugin definitions */
- var $plHeadline = "ACL";
+ var $plHeadline = "Acl";
var $plDescription = "Manage access control lists";
+ var $plIcon = "plugins/acl/images/plugin.png";
- /* Dialog attributes */
- var $acltabs = NULL;
- var $ui = NULL;
- var $acl = "";
- var $DivListACL = NULL;
+ // Tab definition
+ protected $tabClass = "acltab";
+ protected $tabType = "ACLTABS";
+ protected $aclCategory = "acl";
+ protected $aclPlugin = "acl";
+ protected $objectName = "acl";
- var $CopyPasteHandler;
- var $start_pasting_copied_objects = FALSE;
- var $dns = array();
-
- var $acl_module = array("acl");
-
- function aclManagement(&$config, &$ui)
- {
- /* Save configuration for internal use */
- $this->config = &$config;
- $this->ui = &$ui;
-
- /* Copy & Paste enabled ?*/
- if ($this->config->get_cfg_value("copyPaste") == "true"){
- $this->CopyPasteHandler = new CopyPasteHandler($this->config);
- }
-
- /* Creat dialog object */
- $this->DivListACL = new divListACL($this->config,$this);
- }
-
-
- function execute()
+ function __construct($config,$ui)
{
- /* Call parent execute */
- plugin::execute();
-
- session::set('LOCK_VARS_TO_USE',array("/^item_selected/","/^menu_action/",
- "/^list/","/^id_/","/^menu_action/","/^act$/","/^id$/"));
-
- $smarty = get_smarty(); // Smarty instance
- $s_action = ""; // Contains the action to be taken
- $s_entry = ""; // The value for s_action
-
- /* Edit entry button pressed? */
- if( isset($_GET['act']) && $_GET['act'] == "list_edit_entry" ){
- $s_action= "edit";
- $s_entry= validate($_GET['id']);
- }
-
- /* Edit entry button pressed? */
- if( isset($_GET['act']) && $_GET['act'] == "list_edit_role" ){
- $s_action= "edit_role";
- $s_entry= validate($_GET['id']);
- }
-
- $types = array(
- "del" =>"^list_acl_del",
- "edit" =>"^list_acl_edit",
- "edit_role" =>"^list_acl_role_edit",
- "copy" =>"^copy",
- "cut" =>"^cut",
- "copy_multiple"=> "^multiple_copy_objects",
- "cut_multiple" => "^multiple_cut_objects",
- "editPaste" =>"^editPaste",
- "addrole" =>"^new_acl_role");
-
- /* Test relevant POST values */
- foreach($_POST as $key => $val){
-
- /* Get every possible POST combination and set s_action/s_entry accordingly */
- foreach($types as $act => $name){
-
- if (preg_match("/".$name.".*/", $key)){
- $s_action= $act;
- $s_entry= preg_replace("/".$name."_/i", "", $key);
- }
- }
- }
-
- /* Remove coordinate prefix from POST, required by some browsers */
- $s_entry= preg_replace("/_.$/", "", $s_entry);
-
- /* Seperate possibly encoded tab and entry, default to tab "acl" */
- if(preg_match("/.*-.*/", $s_entry)){
- $s_tab= preg_replace("/^[^-]*-/i", "" ,$s_entry);
- $s_entry= preg_replace("/-[^-]*$/i", "", $s_entry);
- }else{
- $s_tab= "generic";
- }
+ $this->config = $config;
+ $this->ui = $ui;
-
- /* handle C&P from layers menu */
- if(isset($_POST['menu_action']) && preg_match("/^multiple_copy_systems/",$_POST['menu_action'])){
- $s_action = "copy_multiple";
- }
- if(isset($_POST['menu_action']) && preg_match("/^multiple_cut_systems/",$_POST['menu_action'])){
- $s_action = "cut_multiple";
- }
- if(isset($_POST['menu_action']) && preg_match("/^editPaste/",$_POST['menu_action'])){
- $s_action = "editPaste";
- }
-
- /* Create options */
- if(isset($_POST['menu_action']) && $_POST['menu_action'] == "new_acl_role"){
- $s_action = "new";
- }
-
- /* handle remove from layers menu */
- if(isset($_POST['menu_action']) && preg_match("/^remove_multiple/",$_POST['menu_action'])){
- $s_action = "del_multiple";
- }
-
+ $this->storagePoints = array(); // ACLs are attached to department containers
- /********************
- Copy & Paste Handling ...
- ********************/
-
- /* Display the copy & paste dialog, if it is currently open */
- $ret = $this->copyPasteHandling_from_queue($s_action,$s_entry);
- if($ret){
- return($ret);
- }
-
-
- /********************
- * Add new Role entry
- ********************/
-
- if(($s_action == "new") && (!isset($this->acltabs->config))){
-
- /* Get 'dn' from posted acl, must be unique */
- $this->dn= "new";
-
- /* Check permissions */
- if(preg_match("/c/",$this->ui->get_permissions($this->DivListACL->selectedBase,"acl/aclrole"))){
-
- /* Register acltabs to trigger edit dialog */
- $this->acltabs= new aclroletab($this->config, NULL,$this->dn);
- $this->acltabs->set_acl_base($this->DivListACL->selectedBase);
- }else{
- msg_dialog::display(_("Permission error"), msgPool::permCreate(), ERROR_DIALOG);
- }
- }
-
- /********************
- Edit existing entry
- ********************/
-
- if (($s_action=="edit" || $s_action=="edit_role") && (!isset($this->acltabs->config))){
-
- /* Get 'dn' from posted acl, must be unique */
- $this->dn= $this->list[trim($s_entry)]['dn'];
-
- if(in_array("gosaRole",$this->list[trim($s_entry)]['objectClass'])){
- $acl = "acl/aclrole";
- }else{
- $acl = "acl/acl";
- }
-
- /* Check permissions */
- if(preg_match("/r/",$this->ui->get_permissions($this->dn,$acl))){
-
- /* Check locking, save current plugin in 'back_plugin', so
- the dialog knows where to return. */
- if (($acl= get_lock($this->dn)) != ""){
- return(gen_locked_message ($acl, $this->dn,TRUE));
- }
-
- /* Lock the current entry, so everyone will get the above dialog */
- add_lock ($this->dn, $this->ui->dn);
-
- /* Register acltabs to trigger edit dialog */
- if($s_action=="edit_role"){
- $this->acltabs= new aclroletab($this->config, NULL,$this->dn);
- $this->acltabs-> set_acl_base($this->dn);
- }else{
- $this->acltabs= new acltab($this->config, NULL,$this->dn);
- $this->acltabs-> set_acl_base($this->dn);
- }
-
- /* Set ACL and move DN to the headline */
- set_object_info($this->dn);
- }else{
- msg_dialog::display(_("Permission error"), msgPool::permModify(), ERROR_DIALOG);
- }
- }
+ // Build filter
+# if (session::global_is_set(get_class($this)."_filter")){
+# $filter= session::global_get(get_class($this)."_filter");
+# } else {
+ $filter = new filter(get_template_path("acl-filter.xml", true));
+# $filter->setObjectStorage($this->storagePoints);
+# }
+ $this->setFilter($filter);
+ // Build headpage
+ $headpage = new listing(get_template_path("acl-list.xml", true));
+ $headpage->setFilter($filter);
- /********************
- Edit canceled
- ********************/
- if(isset($_POST['delete_lock'])){
- $this->remove_lock();
- set_object_info();
+ // Add copy&paste and snapshot handler.
+ if ($this->config->boolValueIsTrue("main", "copyPaste")){
+ $this->cpHandler = new CopyPasteHandler($this->config);
}
-
- /* Reset all relevant data, if we get a _cancel request */
- if (isset($_POST['edit_cancel'])){
- $this->remove_lock();
- $this->acltabs= NULL;
- set_object_info();
+ if($this->config->get_cfg_value("enableSnapshots") == "true"){
+ $this->snapHandler = new SnapshotHandler($this->config);
}
+ parent::__construct($config, $ui, "acl", $headpage);
- /********************
- Delete entry requested, display confirm dialog
- ********************/
-
- /* Remove acl was requested */
- if ($s_action=="del" || $s_action == "del_multiple"){
-
- /* Collect entries to delete
- */
- if($s_action == "del"){
- $ids = array(trim($s_entry));
- }else{
- $ids = $this->list_get_selected_items();
- }
-
- /* Check ACLs and collect removeable entries.
- */
- $this->ids = array();
- $this->dns = array();
- $disallowed = array();
- foreach($ids as $id){
- $dn = $this->list[$id]['dn'];
- if(in_array("gosaRole",$this->list[$id]['objectClass'])){
- $acl = $this->ui->get_permissions($dn, "acl/aclrole");
- }else{
- $acl = $this->ui->get_permissions($dn, "acl/acl");
- }
- if(!preg_match("/d/",$acl)){
- $disallowed[] = $dn;
- }else{
- $this->ids[$id] = $id;
- $this->dns[$id] = $dn;
- }
- }
-
- /* Display a message box containing all entries that we are not allowed to remove.
- */
- if(count($disallowed)){
- msg_dialog::display(_("Permission"),msgPool::permDelete($disallowed),INFO_DIALOG);
- }
-
- /* We have at least one entry that can be removed
- */
- if(count($this->ids)){
-
- /* Display lock messages */
- if ($user= get_multiple_locks($this->dns)){
- return(gen_locked_message($user,$this->dns));
- }
-
- /* Create a readable string about what will be done.
- */
- $dns_names = array();
- foreach($this->ids as $id){
-
- /* Check permissions depending on the acl object type
- */
- $dn = $this->list[$id]['dn'];
- if(in_array("gosaRole",$this->list[$id]['objectClass'])){
- $acl = $this->ui->get_permissions($dn,"acl/aclrole");
- $name = _("ACL role");
- }else{
- $acl = $this->ui->get_permissions($dn,"acl/acl");
- $name = _("ACL");
- }
- $name = str_pad($name,10," ");
- $name = preg_replace("/ /"," ",$name);
-
- /* Append each entry to the displayed information dialog,
- if we are allowed to remove the entry.
- */
- if(!preg_match("/d/",$acl)){
- msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
- unset($this->dns[$id]);
- unset($this->ids[$id]);
- continue;
- }
- $dns_names[] = "</i><font style='font-weight:bold; font-family: courier;'>".$name."</font><i> ".LDAP::fix($dn);
- }
- if(count($this->dns)){
- add_lock($this->dns,$this->ui->dn);
- $smarty->assign("info", msgPool::deleteInfo($dns_names));
- $smarty->assign("is_role",false);
- return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
- }
- }
- }
-
-
- /********************
- Delete entry confirmed
- ********************/
-
- /* Confirmation for deletion has been passed. Acl should be deleted. */
- if (isset($_POST['delete_acl_confirm'])){
-
- foreach($this->ids as $id){
-
- /* Depending on the type of acl we want to remove
- create a new acl or a new gosaRole object
- */
- $dn = $this->list[$id]['dn'];
- $this->dn = $dn;
- if(in_array("gosaRole",$this->list[$id]['objectClass'])){
- $acl = $this->ui->get_permissions($dn,"acl/aclrole");
- $this->acltabs= new aclroletab($this->config,NULL, $this->dn);
- }else{
- $acl = $this->ui->get_permissions($dn,"acl/acl");
- $this->acltabs= new acltab($this->config,NULL, $this->dn);
- }
-
- /* Check permissions */
- if(preg_match("/d/",$acl)){
- $this->acltabs->delete();
- unset ($this->acltabs);
- $this->acltabs= NULL;
- } else {
- msg_dialog::display(_("Permission error"),msgPool::permDelete(), ERROR_DIALOG);
- if(isset($this->ui->uid)){
- new log("security","acl/".get_class($this),$this->dn,array(),
- "Warning: '".$this->ui->uid."' tried to trick acl role deletion.");
- }
- }
- }
-
- /* Remove lock file after successfull deletion */
- $this->remove_lock();
- }
-
-
- /********************
- Delete entry Canceled
- ********************/
-
- /* Delete acl canceled? */
- if (isset($_POST['delete_acl_cancel'])){
- $this->remove_lock();
- }
-
-
- /********************
- Edit entry finished (Save)
- ********************/
-
- /* Finish acl edit is triggered by the tabulator dialog, so
- the acl wants to save edited data. Check and save at this
- point. */
- if ((isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && (isset($this->acltabs->config))){
-
- /* Check tabs, will feed message array */
- $this->acltabs->save_object();
- $message= $this->acltabs->check();
-
- /* Save, or display error message? */
- if (count($message) == 0){
-
- /* Save acl data to ldap */
- if($this->acltabs->save() == 1){
- return;
- }
-
- if (!isset($_POST['edit_apply'])){
-
- /* ACl has been saved successfully, remove lock from LDAP. */
- if ($this->dn != "new"){
- $this->remove_lock();
- }
-
- unset ($this->acltabs);
- $this->acltabs= NULL;
- set_object_info();
- }
- } else {
- /* Ok. There seem to be errors regarding to the tab data,
- show message and continue as usual. */
- msg_dialog::displayChecks($message);
- }
- }
-
-
- /********************
- Display subdialog
- ********************/
-
-
- /* Show tab dialog if object is present */
- if(isset($this->acltabs->config)){
-
- /* Save object */
- $this->acltabs->save_object();
- $display= $this->acltabs->execute();
-
- /* Don't show buttons if tab dialog requests this */
- if(isset($this->acltabs)){
-
- /* Skip displaying save/cancel if there is a sub dialog open */
- if (!isset($this->acltabs->dialog) || !$this->acltabs->dialog){
- $display.= "<p style=\"text-align:right\">\n";
-// $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\"".msgPool::okButton()."\">\n";
- $display.= " \n";
-
- /* Skip Apply if it is a new entry */
- #if ($this->dn != "new"){
- # $display.= "<input type=submit name=\"edit_apply\" value=\"".msgPool::applyButton()."\">\n";
- # $display.= " \n";
- #}
-
- // $display.= "<input type=submit name=\"edit_cancel\" value=\"".msgPool::cancelButton()."\">\n";
- $display.= "</p>";
- }
- }
- return ($display);
- }
-
- /* Check if there is a snapshot dialog open */
- $base = $this->DivListACL->selectedBase;
- if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){
- return($str);
- }
-
- /* Return rendered main page */
- /* Display dialog with system list */
- $this->DivListACL->parent = $this;
- $this->DivListACL->execute();
-
- /* Add departments if subsearch is disabled */
- if(!$this->DivListACL->SubSearch){
- $this->DivListACL->AddDepartments($this->DivListACL->selectedBase,3,1);
- }
- $this->reload();
- $this->DivListACL->setEntries($this->list);
- return($this->DivListACL->Draw());
}
-
-
- function reload()
- {
- /* Get divlist informations from filter part */
- $Regex = $this->DivListACL -> Regex;
- $SubSearch = $this->DivListACL -> SubSearch;
- $base = $this->DivListACL -> selectedBase;
- $Attrs = array("ou","cn","description","gosaAclEntry","objectClass");
- $res = array();
- $tmp = array(); // Will contain temporary results
- $ldap = $this->config->get_ldap_link();
- $Filter = "(&(objectClass=gosaACL)(gosaAclEntry=*)(|(cn=".$Regex.")(ou=".$Regex.")))";
- $FilterRoles= "(&(objectClass=gosaRole)(|(cn=".$Regex.")(ou=".$Regex.")))";
-
- /* Fetch following structures, this will be used if !$SubSearch */
- $fetch_this = array(
- "ME" => array("TYPE" => "cat" , "FLAGS" => GL_SIZELIMIT ,"BASE"=>""),
- "SYSTEMS" => array("TYPE" => "search" , "FLAGS" => GL_SIZELIMIT | GL_SUBSEARCH ,"BASE"=>get_ou('systemRDN')),
- "APPS" => array("TYPE" => "search" , "FLAGS" => GL_SIZELIMIT | GL_SUBSEARCH ,"BASE"=>get_ou('applicationRDN')),
- "PEOPLE" => array("TYPE" => "search" , "FLAGS" => GL_SIZELIMIT | GL_SUBSEARCH ,"BASE"=>get_people_ou()),
- "GROUPS" => array("TYPE" => "search" , "FLAGS" => GL_SIZELIMIT | GL_SUBSEARCH ,"BASE"=>get_groups_ou()));
-
- /* Append the ldap base to be able to set alcs if there were currently no acls set
- */
- if($base == $this->config->current['BASE']){
- $res[$base] = array("dn"=>$this->config->current["BASE"],"ou"=>".","objectClass"=>array("gosaACL"));
- }
-
- /* Subsearch ? */
- if($SubSearch){
-
- /* Get all object in this base */
- $Flags = GL_SIZELIMIT | GL_SUBSEARCH;
- $fetch_base = $base;
- $tmp = get_list($Filter, "acl", $fetch_base, $Attrs, $Flags);
- $tmp2 = get_list($FilterRoles, "acl", $fetch_base, $Attrs, $Flags);
- foreach($tmp as $entry){
- $res[] = $entry;
- }
- foreach($tmp2 as $entry){
- $res[] = $entry;
- }
-
- }else{
-
- $tmp_roles = get_list($FilterRoles, "acl", get_ou('aclRoleRDN').$base, $Attrs,GL_SIZELIMIT);
-
- foreach($tmp_roles as $entry){
- $res[] = $entry;
- }
-
- /* Walk through all possible bases */
- foreach($fetch_this as $type => $data){
-
- /* Get requried attributes */
- $Flags = $data['FLAGS'];
- $fetch_base = $data['BASE'].$base;
- $Type = $data['TYPE'];
-
- /* Check if method is cat or search */
- if($Type == "search"){
- $tmp = get_list($Filter, "acl", $fetch_base, $Attrs, $Flags);
- foreach($tmp as $entry){
- $res[$entry['dn']] = $entry;
- }
- }else{
- $ldap->cat($fetch_base,$Attrs);
- $attrs = $ldap->fetch();
- if($attrs && isset($attrs['gosaAclEntry'])){
- $re2 = preg_replace("/\*/",".*",$Regex);
-
- if(!isset($attrs['ou']) && !isset($attrs['cn'])){
- $namingAttr= preg_replace("/^[^=]*+=([^,]*),.*$/","\\1",$fetch_base);
- if(preg_match("/".$re2."/i",$namingAttr)){
- $res[$attrs['dn']] = $attrs;
- }
- }elseif( (isset($attrs['cn'][0]) && preg_match("/".$re2."/i",$attrs['cn'][0]))
- ||(isset($attrs['ou'][0]) && preg_match("/".$re2."/i",$attrs['ou'][0]))){
- $res[$attrs['dn']] = $attrs;
- }
- }
- }
- }
- }
- $this->list = array_values($res);
- }
-
-
- function copyPasteHandling_from_queue($s_action,$s_entry)
- {
- /* Check if Copy & Paste is disabled */
- if(!is_object($this->CopyPasteHandler)){
- return("");
- }
-
- $ui = get_userinfo();
-
- /* Add a single entry to queue */
- if($s_action == "cut" || $s_action == "copy"){
-
- /* Cleanup object queue */
- $this->CopyPasteHandler->cleanup_queue();
- $dn = $this->list[$s_entry]['dn'];
-
- /* We can only copy & cut roles */
- if(isset($this->list[$s_entry]['objectClass']) && in_array("gosaRole",$this->list[$s_entry]['objectClass'])){
- if($s_action == "copy" && $ui->is_copyable($dn,"acl","aclrole")){
- $this->CopyPasteHandler->add_to_queue($dn,$s_action,"aclroletab","ACLROLETAB","acl");
- }
- if($s_action == "cut" && $ui->is_cutable($dn,"acl","aclrole")){
- $this->CopyPasteHandler->add_to_queue($dn,$s_action,"aclroletab","ACLROLETAB","acl");
- }
- }
- }
-
- /* Add entries to queue */
- if($s_action == "copy_multiple" || $s_action == "cut_multiple"){
-
- /* Cleanup object queue */
- $this->CopyPasteHandler->cleanup_queue();
-
- /* Add new entries to CP queue */
- foreach($this->list_get_selected_items() as $id){
- $dn = $this->list[$id]['dn'];
-
- if(isset($this->list[$id]['objectClass']) && in_array("gosaRole",$this->list[$id]['objectClass'])){
-
- if($s_action == "copy_multiple" && $ui->is_copyable($dn,"acl","aclrole")){
- $this->CopyPasteHandler->add_to_queue($dn,"copy","aclroletab","ACLROLETAB","acl");
- }
- if($s_action == "cut_multiple" && $ui->is_cutable($dn,"acl","aclrole")){
- $this->CopyPasteHandler->add_to_queue($dn,"cut","aclroletab","ACLROLETAB","acl");
- }
- }
- }
- }
-
- /* Start pasting entries */
- if($s_action == "editPaste"){
- $this->start_pasting_copied_objects = TRUE;
- }
- /* Return C&P dialog */
- if($this->start_pasting_copied_objects && $this->CopyPasteHandler->entries_queued()){
-
- /* Get dialog */
- $this->CopyPasteHandler->SetVar("base",$this->DivListACL->selectedBase);
- $data = $this->CopyPasteHandler->execute();
-
- /* Return dialog data */
- if(!empty($data)){
- return($data);
- }
- }
-
- /* Automatically disable status for pasting */
- if(!$this->CopyPasteHandler->entries_queued()){
- $this->start_pasting_copied_objects = FALSE;
- }
- return("");
- }
-
-
- function list_get_selected_items()
- {
- $ids = array();
- foreach($_POST as $name => $value){
- if(preg_match("/^item_selected_[0-9]*$/",$name)){
- $id = preg_replace("/^item_selected_/","",$name);
- $ids[$id] = $id;
- }
- }
- return($ids);
- }
-
-
- function remove_lock()
- {
- /* Remove acl lock if a DN is marked as "currently edited" */
- if (isset($this->acltabs->dn)){
- del_lock ($this->acltabs->dn);
- }elseif(!empty($this->dn)){
- del_lock ($this->dn);
- }elseif(count($this->dns)){
- del_lock ($this->dns);
- }
- }
-
-
- function save_object()
- {
- /* Handle divlist filter && department selection*/
- if(!is_object($this->acltabs)){
- $this->DivListACL->save_object();
- }
- if(is_object($this->CopyPasteHandler)){
- $this->CopyPasteHandler->save_object();
- }
- }
-
- /* A set of disabled and therefore overloaded functions. They are
- not needed in this class. */
- function remove_from_parent() { }
- function check() { }
-
- function save() {
- echo "SAVE ACL";
- }
-
- function adapt_from_template($dn, $skip= array()) { }
- function password_change_needed() { }
-
-
- /* Return departments, that will be included within snapshot detection */
- function get_used_snapshot_bases()
- {
- return(array());
- }
-
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>
diff --git a/gosa-core/plugins/admin/acl/class_divListACL.inc b/gosa-core/plugins/admin/acl/class_divListACL.inc
+++ /dev/null
@@ -1,249 +0,0 @@
-<?php
-/*
- * This code is part of GOsa (http://www.gosa-project.org)
- * Copyright (C) 2003-2008 GONICUS GmbH
- *
- * ID: $$Id$$
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-class divListACL extends MultiSelectWindow
-{
-
- /* Current base */
- var $selectedBase = "";
- var $departments = array();
-
- /* Regex */
- var $Regex = "*";
-
- /* CheckBoxes */
-
- /* Subsearch checkbox */
- var $SubSearch = false;
-
- var $parent ;
- var $ui ;
- var $action_col_size;
-
-
- function divListACL (&$config, &$parent)
- {
- MultiSelectWindow::MultiSelectWindow($config, "ACL", array("acl","acl"));
-
- $this->parent = &$parent;
- $this->ui = get_userinfo();
-
- /* Set list strings */
- $this->SetTitle(_("List of acls"));
- $this->SetSummary(_("List of acls"));
-
- /* Result page will look like a headpage */
- $this->SetHeadpageMode();
-
- $this->EnableAplhabet (true);
-
- /* Disable buttonsm */
- $this->EnableCloseButton(false);
- $this->EnableSaveButton (false);
-
- /* Dynamic action col */
- $this->action_col_size = 120;
-
- /* Toggle all selected / deselected */
- $chk = "<input type='checkbox' id='select_all' name='select_all' title='"._("Select all")."'
- onClick='toggle_all_(\"^item_selected_[0-9]*$\",\"select_all\");' >";
-
- /* set Page header */
- $this->AddHeader(array("string"=> $chk, "attach"=>"style='width:20px;'"));
- $this->AddHeader(array("string"=>" ", "attach"=>"style='width:20px;'"));
- $this->AddHeader(array("string"=>_("Summary")));
- $this->AddHeader(array("string"=>_("Actions"), "attach" => "style='width:".$this->action_col_size."px;border-right:0px;text-align:right;'"));
-
- /* Set dynamically filter checkboxes */
- $this->set_filter_objectclasses();
-
- /* Add SubSearch checkbox */
- $this->AddCheckBox("SubSearch", msgPool::selectToView("","subsearch"), msgPool::selectToView("","subsearch_small"), false);
-
-
- /* Name ,Text ,Default , Connect with alphabet */
- $this->AddRegex ("Regex", _("Display acls matching"),"*" , true);
- }
-
-
- function GenHeader()
- {
- /* Get all departments within this subtree */
- $ui= get_userinfo();
- $base = $this->config->current['BASE'];
- $options = $this->create_department_list($this->module);
-
- /* Allow copy & paste for roles */
- $acl_all = $ui->has_complete_category_acls($this->selectedBase,"acl");
- $acl = $ui->get_permissions($this->selectedBase,"acl/acl");
-
- /* Add default header */
- $listhead = MultiSelectWindow::get_default_header();
- $listhead .=
- _("Base")." <select name='CurrentMainBase' onChange='mainform.submit()' class='center'>$options</select>".
- " <input class='center' type='image' src='images/lists/submit.png' align='middle'
- title='"._("Submit department")."' name='submit_department' alt='". _("Submit")."'> ";
-
-
- /* Create Layers menu */
- $s = ".|"._("Actions")."|\n";
- /* Append create options */
- if(preg_match("/c/",$acl)) {
- $s .= "..|<img src='images/lists/new.png' alt='' border='0' class='center'>".
- " "._("Create")."|\n";
- $s.= "...|<input class='center' type='image' src='plugins/acl/images/new-role.png' alt=''>".
- " "._("Role")."|new_acl_role|\n";
- }
-
- $s.= "..|<img src='images/lists/trash.png' alt='' border='0' class='center'>".
- " "._("Remove")."|"."remove_multiple|\n";
-
-
- /* Add Copy & Paste header */
- $s .= $this->parent->get_copypaste_header($this->selectedBase,$this->module);
-
- $s .= $this->parent->get_snapshot_header($this->selectedBase,$this->module);
-
- $this->SetDropDownHeaderMenu($s);
- $this->SetListHeader($listhead);
- }
-
- /* so some basic settings */
- function execute()
- {
- $this->ClearElementsList();
- $this->GenHeader();
- }
-
- function setEntries($list)
- {
- $ui = get_userinfo();
- foreach($list as $key => $acl_entry){
-
- $action = "";
-
- /* Handle ACL role entries
- */
- if(in_array("gosaRole",$acl_entry['objectClass'])){
-
- $acl = $this->ui->get_permissions($acl_entry['dn'],"acl/aclrole");
- $acl_all = $this->ui->has_complete_category_acls($acl_entry['dn'],"acl");
-
- $editlink = "<a href='?plug=".$_GET['plug']."&id=%s&act=list_edit_role'>%s</a>";
- $list_left_icon = "<img src='plugins/acl/images/role.png' alt='"._("Role")."'>";
- $cn = htmlentities(utf8_decode($acl_entry['cn'][0])) ;
-
- if(isset($acl_entry['description'][0])){
- $cn .= " [".$acl_entry['description'][0]."]";
- }
-
- /* Add copy & cut functionality */
- $action.= $this->parent->get_copypaste_action($acl_entry['dn'],"acl","aclRole");
-
- /* Add actions depending on acls */
- if(preg_match("/r/", $acl)){
- $action.= "<input class='center' type='image' src='images/lists/edit.png' alt='"._("edit")."'
- name='list_acl_role_edit_%KEY%' title='"._("Edit acl role")."'>";
- }
-
- /* Add snapshot functionality */
- $action.= $this->parent->get_snapshot_action($acl_entry['dn'],"acl");
-
- }else{
-
- /* Handle non-role ACL entries */
- $acl = $this->ui->get_permissions($acl_entry['dn'],"acl/acl");
- $acl_all = $this->ui->has_complete_category_acls($acl_entry['dn'],"acl");
-
- /* Acl handling */
- $editlink = "<a href='?plug=".$_GET['plug']."&id=%s&act=list_edit_entry'>%s</a>";
- $list_left_icon = "<img src='images/lists/locked.png' alt='"._("ACL")."'>";
- $cn = preg_replace('/\\\\,/', ',', LDAP::fix($acl_entry['dn']));
-
- /* Add actions depending on acls */
- if(preg_match("/r/", $acl)){
- $action.= "<input class='center' type='image' src='images/lists/edit.png' alt='"._("edit")."'
- name='list_acl_edit_%KEY%' title='"._("Edit acl")."'>";
- }
- }
-
- /* Add delete actions */
- if(preg_match("/d/", $acl)){
- $action.= "<input class='center' type='image' src='images/lists/trash.png' alt='"._("delete")."'
- name='list_acl_del_%KEY%' title='"._("Delete acl")."'>";
- }
-
- /* Add a checkbox in front of each entry
- */
- $field0 = array("string" => "<input type='checkbox' id='item_selected_".$key."' name='item_selected_".$key."'>" ,
- "attach" => "style='width:20px;'");
-
- /* Cutted objects should be displayed in light grey */
- $display = $cn;
- if($this->parent->CopyPasteHandler){
- foreach($this->parent->CopyPasteHandler->queue as $queue_key => $queue_data){
- if($queue_data['dn'] == $acl_entry['dn']) {
- $display = "<font color='#999999'>".$display."</font>";
- break;
- }
- }
- }
-
- $field1 = array("string" => $list_left_icon,
- "attach"=> "style='text-align:center;width:20px;'");
- $field2 = array("string" => sprintf($editlink,$key,$display)." ",
- "attach" => "");
- $field3 = array("string" => preg_replace("/%KEY%/",$key,$action),
- "attach"=> "style='text-align:right;width:".$this->action_col_size."px;border-right:0px;'");
- $this->AddElement(array($field0,$field1,$field2,$field3));
- }
- }
-
-
- function Save()
- {
- MultiSelectWindow :: Save();
- }
-
- function save_object()
- {
- /* Save automatic created POSTs like regex, checkboxes */
- MultiSelectWindow::save_object();
- }
-
-
- /* Add some additional checkboxes to the filter part, this should be generated dynamically. */
- function set_filter_objectclasses()
- {
- }
-
- /* Return objectClass names used in filter part */
- function get_filter_objectclasses()
- {
- return(array("gosaAccount","gosaDepartment"));
- }
-
-
-
-}
-// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
-?>
index 82fb5b003f8e46eb52d339fc048c97462b36ec23..0b9182f99770bcac5ae8689cfca20c1b409b43d2 100644 (file)
/* Remove locks created by this plugin
*/
if ($remove_lock){
- if(session::is_set('macl')){
- $macl = session::get('macl');
- $macl->remove_lock();
+ if(session::is_set('aclManagement')){
+ $macl = session::get('aclManagement');
+ $macl->remove_lock();
}
}
/* Remove this plugin from session
*/
if ( $cleanup ){
- session::un_set('macl');
+ session::un_set('aclManagement');
}else{
- $display= "No headpage yet for this module";
-
- /* Create usermanagement object on demand */
- if (!session::is_set('macl')){
- session::set('macl',new aclManagement($config, $ui));
- }
- $macl = session::get('macl');
-
- /* Show and save dialog */
- $macl->save_object();
- $output= $macl->execute();
-
- /* Page header*/
- if (get_object_info() != ""){
- $display= print_header(get_template_path('plugins/acl/images/plugin.png'), _("ACL management"), "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/locked.png')."\"> ".LDAP::fix(get_object_info()));
- } else {
- $display= print_header(get_template_path('plugins/acl/images/plugin.png'), _("ACL management"));
- }
+ /* Create usermanagement object on demand */
+ if (!session::is_set('aclManagement')){
+ $aclManagement= new aclManagement ($config, $ui);
+ session::set('aclManagement',$aclManagement);
+ }
+ $aclManagement = session::get('aclManagement');
+ $display= $aclManagement->execute();
- /* Reset requested? */
- if (isset($_GET['reset']) && $_GET['reset'] == 1){
- session::un_set ('macl');
- }
+ /* Reset requested? */
+ if (isset($_GET['reset']) && $_GET['reset'] == 1){
+ session::un_set ('aclManagement');
+ }
- $display.= $output;
- session::set('macl',$macl);
+ /* Show and save dialog */
+ session::set('aclManagement',$aclManagement);
}
+
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>