summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c47067b)
raw | patch | inline | side by side (parent: c47067b)
author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Wed, 2 Apr 2008 09:05:07 +0000 (09:05 +0000) | ||
committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Wed, 2 Apr 2008 09:05:07 +0000 (09:05 +0000) |
-Currently not working !
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@10105 594d385d-05f5-0310-b6e9-bd551577e9d8
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@10105 594d385d-05f5-0310-b6e9-bd551577e9d8
gosa-core/plugins/admin/sudo/class_divListSudo.inc | [new file with mode: 0644] | patch | blob |
gosa-core/plugins/admin/sudo/class_sudoGeneric.inc | [new file with mode: 0644] | patch | blob |
gosa-core/plugins/admin/sudo/class_sudoManagement.inc | [new file with mode: 0644] | patch | blob |
gosa-core/plugins/admin/sudo/generic.tpl | [new file with mode: 0644] | patch | blob |
gosa-core/plugins/admin/sudo/main.inc | [new file with mode: 0644] | patch | blob |
gosa-core/plugins/admin/sudo/remove.tpl | [new file with mode: 0644] | patch | blob |
gosa-core/plugins/admin/sudo/tabs_sudo.inc | [new file with mode: 0644] | patch | blob |
diff --git a/gosa-core/plugins/admin/sudo/class_divListSudo.inc b/gosa-core/plugins/admin/sudo/class_divListSudo.inc
--- /dev/null
@@ -0,0 +1,218 @@
+<?php
+/*
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id: class_divListSudSudo.inc 9934 2008-03-18 20:26:47Z cajus $$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+class divListSudo extends MultiSelectWindow
+{
+
+ /* Current base */
+ var $selectedBase = "";
+ var $departments = array();
+
+ /* Regex */
+ var $Regex = "*";
+ var $UserRegex = "*";
+
+ /* Subsearch checkbox */
+ var $SubSearch = FALSE;
+
+ var $parent ;
+ var $ui ;
+
+ function divListSudo (&$config, &$parent)
+ {
+ MultiSelectWindow::MultiSelectWindow($config, "sudo", "sudo");
+
+ $this->parent = &$parent;
+ $this->ui = get_userinfo();
+
+ /* Set list strings */
+ $this->SetTitle(_("List of sudo roles"));
+ $this->SetSummary(_("List of sudo roles"));
+ $this->EnableAplhabet(true);
+
+ /* Result page will look like a headpage */
+ $this->SetHeadpageMode();
+
+ /* Disable buttonsm */
+ $this->EnableCloseButton(false);
+ $this->EnableSaveButton (false);
+
+ /* Dynamic action col, depending on snapshot icons */
+ $action_col_size = 80;
+ if($this->parent->snapshotEnabled()){
+ $action_col_size += 38;
+ }
+
+ /* Toggle all selected / deselected */
+ $chk = "<input type='checkbox' id='select_all' name='select_all'
+ onClick='toggle_all_(\"^item_selected_[0-9]*$\",\"select_all\");' >";
+
+ /* set Page header */
+ $this->AddHeader(array("string"=> $chk, "attach"=>"style='width:20px;'"));
+ $this->AddHeader(array("string"=>" ","attach"=>"style='width:20px;'"));
+ $this->AddHeader(array("string"=>_("Name")." / "._("Department")));
+ $this->AddHeader(array("string"=>_("Properties"),"attach"=>"style='width:136px;'"));
+ $this->AddHeader(array("string"=>_("Actions"),"attach"=>"style='width:".$action_col_size."px;border-right:0px;'"));
+
+ /* Add SubSearch checkbox */
+ $this->AddCheckBox("SubSearch", msgPool::selectToView("","subsearch"),msgPool::selectToView("","subsearch_small"), false);
+ $this->AddRegex ("Regex" , _("Regular expression for matching role names") ,
+ "*" , true);
+ $this->AddRegex ("UserRegex", _("Regular expression for matching role member names"),
+ "*" , FALSE,"images/search_user.png");
+ }
+
+
+ function GenHeader()
+ {
+ /* Prepare departments,
+ which are shown in the listbox on top of the listbox
+ */
+ $base = $this->parent->base;
+
+ $acl = $this->ui->get_category_permissions($base,"sudo");
+
+ /* Add default header */
+ $listhead = MultiSelectWindow::get_default_header();
+
+ /* Create Layers menu */
+ $s = ".|"._("Actions")."|\n";
+ $s .= "..|<img src='images/list_new.png' alt='' border='0' class='center'>".
+ " "._("Create")."|\n";
+
+
+ /* Append create options */
+ if(preg_match("/c/",$acl)) {
+ $s.= "...|<input class='center' type='image' src='images/list_new_sudo.png' alt=''> "._("Role")."|new_role|\n";
+ }
+
+# /* Add multiple copy & cut icons */
+# if(is_object($this->parent->CopyPasteHandler) && preg_match("/(c.*w|w.*c)/",$acl_all)){
+# $s.= "..|---|\n";
+# $s.= "..|<img src='images/editcopy.png' alt='' border='0' class='center'>".
+# " "._("Copy")."|"."multiple_copy_systems|\n";
+# $s.= "..|<img src='images/editcut.png' alt='' border='0' class='center'>".
+# " "._("Cut")."|"."multiple_cut_systems|\n";
+#
+# if($this->parent->CopyPasteHandler->entries_queued()){
+# $img = "<img border='0' class='center' src='images/editpaste.png' alt=''>";
+# $s.="..|".$img." "._("Paste")."|editPaste|\n";
+# }else{
+# $img = "<img border='0' class='center' src='images/cant_editpaste.png' alt=''>";
+# $s.="..|".$img." "._("Paste")."\n";
+# }
+# }
+#
+# /* Add snapshot icons */
+# if(preg_match("/(c.*w|w.*c)/",$acl_all)){
+# $s .= "..|---|\n";
+# $s .= $this->get_snapshot_header(TRUE);
+# }
+
+ $this->SetDropDownHeaderMenu($s);
+
+ $this->SetListHeader($listhead);
+ }
+
+ function execute()
+ {
+ $this->ClearElementsList();
+ $this->GenHeader();
+ }
+
+ function setEntries($list)
+ {
+ /* Prepare links */
+ $editlink = "<a href='?plug=".$_GET['plug']."&id=%s&act=edit_entry'>%s</a>";
+ $userimg = "<img class='center' src='images/select_sudo.png' alt='Sudo' title='%s'>";
+ $ui = get_userinfo();
+
+ $action_col_size = 80;
+
+ // Test Every Entry and generate divlist Array
+ foreach($list as $key => $val){
+
+ /* Create action icons - copy & paste icons */
+ $acl = $ui->get_permissions($val['dn'],"sudo/sudo");
+
+ /* Add edit icon */
+ $actions = "";
+ $actions.= "<input class='center' type='image'
+ src='images/edit.png' alt='"._("edit")."' name='sudo_edit_%KEY%' title='"._("Edit this entry")."'>";
+
+ if(preg_match("/d/",$acl)){
+ $actions.= "<input class='center' type='image'
+ src='images/edittrash.png' alt='"._("delete")."' name='sudo_del_%KEY%' title='"._("Delete this entry")."'>";
+ }
+
+ $title = "title='".preg_replace('/ /', ' ', @LDAP::fix($val['dn']))."'";
+
+ if(!isset($val['description'][0])){
+ $desc = "";
+ }else{
+ $desc = " - [ ".$val['description'][0]." ]";
+ }
+
+ $display = $val['cn'][0].$desc;
+
+ $field0 = array("string" => "<input type='checkbox' id='item_selected_".$key."' name='item_selected_".$key."'>" ,
+ "attach" => "style='width:20px;'");
+ $field1 = array("string" => sprintf($userimg,$val['dn']), "attach" => "style='text-align:center;width:20px;'");
+ $field2 = array("string" => sprintf($editlink,$key,$display), "attach" => "style='' ".$title);
+ $field3 = array("string" => preg_replace("/%KEY%/", $key, $posix." ".$enviro." ".$mail." ".$samba." ".$appl." ".$phone), "attach" => "style='width:136px;'");
+ $field4 = array("string" => preg_replace("/%KEY%/", $key, $actions), "attach" => "style='width:".$action_col_size."px;border-right:0px;text-align:right;'");
+
+ $this->AddElement(array($field0,$field1,$field2,$field3,$field4));
+ }
+
+ /* Create summary string for list footer */
+ $num_deps=0;
+ if(!$this->SubSearch){
+ $num_deps = count($this->Added_Departments);
+ }
+ $num_grps = count($groups);
+
+ $num_grp_str = _("Number of listed groups");
+ $num_dep_str = _("Number of listed departments");
+
+ $str = "<img class='center' src='images/select_groups.png'
+ title='".$num_grp_str."' alt='".$num_grp_str."'> ".$num_grps." ";
+ $str.= "<img class='center' src='images/folder.png'
+ title='".$num_dep_str."' alt='".$num_dep_str."'> ".$num_deps." ";
+
+ $this->set_List_Bottom_Info($str);
+
+ }
+
+ function Save()
+ {
+ MultiSelectWindow :: Save();
+ }
+
+ function save_object()
+ {
+ /* Save automatic created POSTs like regex, checkboxes */
+ MultiSelectWindow::save_object();
+ }
+}
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
diff --git a/gosa-core/plugins/admin/sudo/class_sudoGeneric.inc b/gosa-core/plugins/admin/sudo/class_sudoGeneric.inc
--- /dev/null
@@ -0,0 +1,107 @@
+<?php
+/*
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id: class_sudo.inc 9975 2008-03-25 14:09:30Z hickert $$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+class sudo extends plugin
+{
+ /* Group attributes */
+ var $cn= "";
+ var $description= "";
+
+ var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType");
+
+ var $multiple_support = TRUE;
+
+
+ function sudo(&$config, $dn= NULL)
+ {
+ plugin::plugin ($config, $dn);
+ }
+
+ function execute()
+ {
+ /* Call parent execute */
+ plugin::execute();
+ $smarty = get_smarty();
+ return($smarty->fetch(get_template_path('generic.tpl', TRUE)));
+ }
+
+ function remove_from_parent()
+ {
+ plugin::remove_from_parent();
+
+ /* Send signal to the world that we've done */
+ $this->handle_post_events("remove");
+ }
+
+ /* Save data to object */
+ function save_object()
+ {
+ plugin::save_object();
+ }
+
+ /* Save to LDAP */
+ function save()
+ {
+ plugin::save();
+ }
+
+ function check()
+ {
+ $message = plugin::check();
+ return ($message);
+ }
+
+ function getCopyDialog()
+ {
+ echo "NIY";
+ }
+
+ function saveCopyDialog()
+ {
+ echo "NIY";
+ }
+
+ /* Return plugin informations for acl handling */
+ static function plInfo()
+ {
+ return (array(
+ "plShortName" => _("Sudo"),
+ "plDescription" => _("Sudo role"),
+ "plSelfModify" => FALSE,
+ "plDepends" => array(),
+ "plPriority" => 0,
+ "plSection" => array("admin"),
+ "plCategory" => array("sudo" => array("objectClass" => "sudoRole", "description" => _("Sudo role"))),
+
+ "plProvidedAcls" => array(
+ "cn" => _("Name"),
+ "description" => _("Description"),
+ "sudoUser" => _("Users"),
+ "sudoHost" => _("Host"),
+ "sudoCommand" => _("Command"),
+ "sudoRunas" => _("Run as user"),
+ "sudoOption" => _("Flags"))
+ ));
+ }
+}
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
diff --git a/gosa-core/plugins/admin/sudo/class_sudoManagement.inc b/gosa-core/plugins/admin/sudo/class_sudoManagement.inc
--- /dev/null
@@ -0,0 +1,469 @@
+<?php
+/*
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id: class_sudoManagement.inc 10099 2008-04-01 12:52:01Z hickert $$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+class sudoManagement extends plugin
+{
+ /* Definitions */
+ var $plHeadline = "Sudo";
+ var $plDescription = "Manage sudo roles";
+
+ var $DivListSudo = NULL;
+ var $base = "";
+
+ function sudoManagement (&$config, &$ui)
+ {
+ /* Save configuration for internal use */
+ $this->config = &$config;
+ $this->ui = &$ui;
+ $this->base = get_ou("sudoou");
+
+ echo "base checks, maybe it is not set, or it do not exists";;
+
+ /* Copy & Paste enabled ?*/
+ if((isset($this->config->data['MAIN']['ENABLECOPYPASTE']))&&
+ (preg_match("/true/i",$this->config->data['MAIN']['ENABLECOPYPASTE']))){
+ $this->CopyPasteHandler = new CopyPasteHandler($this->config);
+ }
+
+ /* Create dialog object */
+ $this->DivListSudo = new divListSudo($this->config,$this);
+ }
+
+
+ function execute()
+ {
+ /* Call parent execute */
+ plugin::execute();
+
+ /* Store these posts if the current object is locked (used by somebody else)*/
+ session::set('LOCK_VARS_TO_USE',array("/^act$/","/^id$/","/^group_edit_/","/^group_del_/","/^item_selected/","/^remove_multiple_sudos/","/^multiple_edit/","/menu_action/"));
+
+ /* Save data */
+ $s_action = "";
+ $s_entry = "";
+
+ $s_entry = preg_replace("/_.$/","",$s_entry);
+
+ /* handle C&P from layers menu */
+ if(isset($_POST['menu_action']) && preg_match("/^multiple_copy_systems/",$_POST['menu_action'])){
+ $s_action = "copy_multiple";
+ }
+
+ $smarty= get_smarty();
+
+ /********************
+ Create notification event
+ ********************/
+
+ /********************
+ Create a new group ...
+ ********************/
+
+ /* New group? */
+ if ($s_action=="new"){
+
+ /* Check create permissions */
+ $acl = $this->ui->get_permissions($this->DivListSudo->selectedBase,"sudos/group");
+ if(preg_match("/c/",$acl)){
+
+ /* By default we set 'dn' to 'new', all relevant plugins will
+ react on this. */
+ $this->dn= "new";
+
+ /* Create new grouptab object */
+ $this->grouptab= new grouptabs($this->config, $this->config->data['TABS']['GROUPTABS'], $this->dn);
+
+ /* Set up the group ACL's for this 'dn' */
+ $this->grouptab->set_acl_base($this->DivListSudo->selectedBase);
+ }
+ }
+
+
+ /********************
+ Save Group Tab/Object Changes
+ ********************/
+
+ /* Finish group edit is triggered by the tabulator dialog, so
+ the user wants to save edited data. Check and save at this
+ point. */
+ if ((isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && (isset($this->grouptab->config)) ){
+
+ /* Check tabs, will feed message array
+ Save, or display error message? */
+ $message= $this->grouptab->check();
+ if (count($message) == 0){
+
+ /* Save user data to ldap */
+ $this->grouptab->save();
+
+ if (!isset($_POST['edit_apply'])){
+ /* Group has been saved successfully, remove lock from LDAP. */
+ if ($this->dn != "new"){
+ del_lock ($this->dn);
+ }
+
+ /* There's no page reload so we have to read new sudos at this point. */
+ //$this->reload ();
+ unset ($this->grouptab);
+ $this->grouptab= NULL;
+ session::un_set('objectinfo');
+ }
+ } else {
+ /* Ok. There seem to be errors regarding to the tab data,
+ show message and continue as usual. */
+ msg_dialog::displayChecks($message);
+ }
+ }
+
+
+ /********************
+ Edit multiple entries
+ ********************/
+
+ /* User wants to edit data? */
+ if ($s_action == "multiple_edit" && !isset($this->grouptab->config)){
+
+ $this->dn = array();
+ foreach($this->list_get_selected_items() as $id){
+ $this->dn[] = $this->list[$id]['dn'];;
+ }
+ $tmp = new multi_plug($this->config,"grouptabs",$this->config->data['TABS']['GROUPTABS'],
+ $this->dn,$this->DivListSudo->selectedBase,"groups");
+ if ($tmp->entries_locked()){
+ return($tmp->display_lock_message());
+ }
+ $tmp->lock_entries($this->ui->dn);
+ if($tmp->multiple_available()){
+ $this->grouptab = $tmp;
+ session::set('objectinfo',$this->grouptab->get_object_info());
+ }
+ }
+
+
+ /********************
+ Edit existing group
+ ********************/
+
+ /* User wants to edit data? */
+ if (($s_action=="edit") && (!isset($this->grouptab-> config))){
+
+ /* Get 'dn' from posted 'uid', must be unique */
+ $this->dn= $this->list[trim($s_entry)]['dn'];
+
+ /* Check locking & lock entry if required */
+ $user = get_lock($this->dn);
+ if ($user != ""){
+ return(gen_locked_message ($user, $this->dn));
+ }
+ add_lock ($this->dn, $this->ui->dn);
+
+ /* Register grouptab to trigger edit dialog */
+ $this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $this->dn);
+ $this->grouptab->set_acl_base($this->dn);
+ session::set('objectinfo',$this->dn);
+ }
+
+
+ /********************
+ Delete MULTIPLE entries requested, display confirm dialog
+ ********************/
+
+ if ($s_action=="del_multiple"){
+ $ids = $this->list_get_selected_items();
+
+ if(count($ids)){
+
+ foreach($ids as $id){
+ $dn = $this->list[$id]['dn'];
+ if (($user= get_lock($dn)) != ""){
+ return(gen_locked_message ($user, $dn));
+ }
+ $this->dns[$id] = $dn;
+ }
+
+ $dns_names = array();
+ foreach($this->dns as $dn){
+ add_lock ($dn, $this->ui->dn);
+ $dns_names[] =@LDAP::fix($dn);
+ }
+
+ /* Lock the current entry, so nobody will edit it during deletion */
+ $smarty->assign("info", msgPool::deleteInfo($dns_names,_("group")));
+ $smarty->assign("multiple", true);
+ return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ }
+ }
+
+
+ /********************
+ Delete MULTIPLE entries confirmed
+ ********************/
+
+ /* Confirmation for deletion has been passed. Groups should be deleted. */
+ if (isset($_POST['delete_multiple_groups_confirm'])){
+
+ /* Remove user by user and check acls before removeing them */
+ foreach($this->dns as $key => $dn){
+
+ /* Load permissions for selected 'dn' and check if
+ we're allowed to remove this 'dn' */
+ $acl = $this->ui->get_permissions($dn,"groups/group");
+ if(preg_match("/d/",$acl)){
+
+ /* Delete request is permitted, perform LDAP action */
+ $this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
+ $this->grouptab->set_acl_base($dn);
+ $this->grouptab->delete ();
+ unset ($this->grouptab);
+ $this->grouptab= NULL;
+
+ } else {
+
+ /* Normally this shouldn't be reached, send some extra
+ logs to notify the administrator */
+ msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
+ new log("security","groups/".get_class($this),$dn,array(),"Tried to trick deletion.");
+ }
+ /* Remove lock file after successfull deletion */
+ del_lock ($dn);
+ unset($this->dns[$key]);
+ }
+ }
+
+
+ /********************
+ Delete MULTIPLE entries Canceled
+ ********************/
+
+ /* Remove lock */
+ if(isset($_POST['delete_multiple_user_cancel'])){
+ foreach($this->dns as $key => $dn){
+ del_lock ($dn);
+ unset($this->dns[$key]);
+ }
+ }
+
+
+ /********************
+ Delete group
+ ********************/
+
+ /* Remove group was requested */
+ if ($s_action=="del"){
+
+ /* Get 'dn' from posted 'uid' */
+ $this->dn= $this->list[trim($s_entry)]['dn'];
+
+ /* Load permissions for selected 'dn' and check if
+ we're allowed to remove this 'dn' */
+ $acl = $this->ui->get_permissions($this->dn,"groups/group");
+ if(preg_match("/d/",$acl)){
+
+ /* Check locking, save current plugin in 'back_plugin', so
+ the dialog knows where to return. */
+ if (($user= get_lock($this->dn)) != ""){
+ return(gen_locked_message ($user, $this->dn));
+ }
+
+ /* Lock the current entry, so nobody will edit it during deletion */
+ add_lock ($this->dn, $this->ui->dn);
+ $smarty->assign("info", msgPool::deleteInfo(@LDAP::fix($this->dn),_("group")));
+ $smarty->assign("multiple", false);
+ return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+
+ } else {
+
+ /* Obviously the user isn't allowed to delete. Show message and clean session. */
+ msg_dialog::display(_("Permission error"), msgPool::permDelete());
+ }
+ }
+
+
+ /********************
+ Delete group confirmed
+ ********************/
+
+ /* Confirmation for deletion has been passed. Group should be deleted. */
+ if (isset($_POST['delete_group_confirm'])){
+
+ /* Some nice guy may send this as POST, so we've to check
+ for the permissions again. */
+ $acl = $this->ui->get_permissions($this->dn,"groups/group");
+ if(preg_match("/d/",$acl)){
+
+ /* Delete request is permitted, perform LDAP action */
+ $this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $this->dn);
+ $this->grouptab->set_acl_base($this->dn);
+ $this->grouptab->delete ();
+ unset ($this->grouptab);
+ $this->grouptab= NULL;
+
+ /* Group list has changed, reload it. */
+ //$this->reload ();
+
+ } else {
+
+ /* Normally this shouldn't be reached, send some extra
+ logs to notify the administrator */
+ msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
+ new log("security","groups/".get_class($this),$dn,array(),"Tried to trick deletion.");
+ }
+
+ /* Remove lock file after successfull deletion */
+ del_lock ($this->dn);
+ session::un_set('objectinfo');
+ }
+
+
+ /********************
+ Delete group canceled
+ ********************/
+
+ /* Delete group canceled? */
+ if (isset($_POST['delete_cancel'])){
+ del_lock ($this->dn);
+ session::un_set('objectinfo');
+ }
+
+
+ /********************
+ A dialog was canceled
+ ********************/
+
+ /* Cancel dialogs */
+ if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){
+ if(isset($this->grouptab->dn)){
+ del_lock ($this->grouptab->dn);
+ }
+ unset ($this->grouptab);
+ $this->grouptab= NULL;
+ session::un_set('objectinfo');
+ }
+
+
+ /********************
+ If there is currently a dialog open, display it
+ ********************/
+
+ /* Show tab dialog if object is present */
+ if (isset($this->grouptab->config)){
+ $display= $this->grouptab->execute();
+
+ /* Don't show buttons if tab dialog requests this */
+ if(isset($this->grouptab->by_object)){
+ if (!$this->grouptab->by_object[$this->grouptab->current]->dialog){
+ $display.= "<p style=\"text-align:right\">\n";
+ $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\"".msgPool::okButton()."\">\n";
+ $display.= " \n";
+ if ($this->dn != "new"){
+ $display.= "<input type=submit name=\"edit_apply\" value=\"".msgPool::applyButton()."\">\n";
+ $display.= " \n";
+ }
+ $display.= "<input type=submit name=\"edit_cancel\" value=\"".msgPool::cancelButton()."\">\n";
+ $display.= "</p>";
+ }
+ }
+ return ($display);
+ }
+
+ /* Display dialog with group list */
+ $this->DivListSudo->parent = &$this;
+ $this->DivListSudo->execute();
+ $this->reload ();
+ $this->DivListSudo->setEntries($this->list);
+ return($this->DivListSudo->Draw());
+ }
+
+
+ function list_get_selected_items()
+ {
+ $ids = array();
+ foreach($_POST as $name => $value){
+ if(preg_match("/^item_selected_[0-9]*$/",$name)){
+ $id = preg_replace("/^item_selected_/","",$name);
+ $ids[$id] = $id;
+ }
+ }
+ return($ids);
+ }
+
+
+ function reload($CreatePosixsList=false)
+ {
+ $this->list = array();
+ $base = $this->base;
+
+ $Regex = $this->DivListSudo->Regex;
+ $UserRegex = $this->DivListSudo->UserRegex;
+ $SubSearch = $this->DivListSudo->SubSearch;
+
+ /********************
+ Create filter depending on selected checkboxes
+ ********************/
+ $values = array("cn","description","sudoUser","sudoCommand","sudoOption");
+ $ff = "(&(|(cn=".$Regex.")(description=".$Regex.")(sudoUser=".$UserRegex.")(objectClass=sudoRole)))";
+ $res = get_list($ff, "sudo",$base,$values, GL_SUBSEARCH);
+ $tmp = array();
+ foreach($res as $attrs){
+ $tmp[$attrs['cn'][0]] = $attrs;
+ }
+ uksort($tmp, 'strnatcasecmp');
+ $this->list = $tmp;
+ }
+
+
+ /* Save data to object */
+ function save_object()
+ {
+ $this->DivListSudo->save_object();
+ }
+
+
+ function remove_lock()
+ {
+ if (isset($this->grouptab->dn)){
+ del_lock ($this->grouptab->dn);
+ }
+ }
+
+
+ function remove_from_parent()
+ {
+ /* Optionally execute a command after we're done */
+ $this->postremove();
+ }
+
+
+ /* Save to LDAP */
+ function save()
+ {
+ /* Optionally execute a command after we're done */
+ $this->postcreate();
+ }
+
+ /* Unused functions */
+ function check() { }
+ function adapt_from_template($dn, $skip= array()) { }
+ function password_change_needed() { }
+}
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
diff --git a/gosa-core/plugins/admin/sudo/generic.tpl b/gosa-core/plugins/admin/sudo/generic.tpl
--- /dev/null
@@ -0,0 +1,246 @@
+{if $multiple_support}
+<input type="hidden" value="1" name="group_mulitple_edit">
+{/if }
+
+
+<table summary="" style="width:100%;">
+ <tr>
+ <td style="width:50%; vertical-align:top;">
+ <table summary="" style="width:100%">
+ <tr>
+ <td><LABEL for="cn">{t}Group name{/t}</LABEL>{$must}</td>
+ <td>
+{if $multiple_support}
+ <input id="dummy1" name="dummy1" size=25 maxlength=60 value="{t}Multiple edit{/t}" disabled>
+{else}
+{render acl=$cnACL}
+ <input id="cn" name="cn" size=25 maxlength=60 value="{$cn}" title="{t}Posix name of the group{/t}">
+{/render}
+{/if}
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <LABEL for="description">{t}Description{/t}</LABEL>
+ </td>
+ <td>
+{render acl=$descriptionACL checkbox=$multiple_support checked=$use_description}
+ <input id="description" name="description" size=40 maxlength=80 value="{$description}" title="{t}Descriptive text for this group{/t}">
+{/render}
+ </td>
+ </tr>
+ <tr>
+ <td colspan=2>
+ <div style="height:15px;"></div>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <LABEL for="base">{t}Base{/t}</LABEL>{$must}
+ </td>
+ <td>
+{render acl=$baseACL checkbox=$multiple_support checked=$use_base}
+ <select id="base" size="1" name="base" title="{t}Choose subtree to place group in{/t}">
+ {html_options options=$bases selected=$base_select}
+ </select>
+{/render}
+
+{render acl=$baseACL disable_picture='images/folder_gray.png'}
+ <input type="image" name="chooseBase" src="images/folder.png" class="center" title="{t}Select a base{/t}">
+{/render}
+ </td>
+ </tr>
+ <tr>
+ <td colspan=2> <div style="height:15px; width:100%; border-bottom:1px solid #909090;"></div> </td>
+ </tr>
+ <tr>
+ <td colspan=2> <div style="height:15px; width:100%;"></div> </td>
+ </tr>
+{if $multiple_support}
+
+{else}
+ <tr>
+ <td colspan=2>
+{render acl=$gidNumberACL}
+ <input type=checkbox name="force_gid" value="1" title="{t}Normally IDs are autogenerated, select to specify manually{/t}"
+ {$force_gid} onclick="changeState('gidNumber')">
+{/render}
+ <LABEL for="gidNumber">{t}Force GID{/t}</LABEL>
+
+{render acl=$gidNumberACL}
+ <input name="gidNumber" size=9 maxlength=9 id="gidNumber" {$forceMode} value="{$gidNumber}" title="{t}Forced ID number{/t}">
+{/render}
+ </td>
+ </tr>
+{/if}
+
+{if $samba3 ne ""}
+
+{if $multiple_support}
+ <tr>
+ <td colspan=2>
+ {render acl=$sambaGroupTypeACL checkbox=$multiple_support checked=$use_smbgroup}
+ <input class="center" type=checkbox name="smbgroup" value="1" {$smbgroup}>{t}Select to create a samba conform group{/t}
+ {/render}
+ </td>
+ </tr>
+ <tr>
+ <td colspan=2>
+ {render acl=$sambaGroupTypeACL checkbox=$multiple_support checked=$use_groupType}
+ <select size="1" name="groupType">
+ {html_options options=$groupTypes selected=$groupType}
+ </select>
+ {/render}
+
+ <LABEL for="">{t}in domain{/t}</LABEL>
+
+
+ {render acl=$sambaDomainNameACL checkbox=$multiple_support checked=$use_sambaDomainName}
+ <select id="sambaDomainName" size="1" name="sambaDomainName">
+ {html_options values=$sambaDomains output=$sambaDomains selected=$sambaDomainName}
+ </select>
+ {/render}
+ </td>
+ </tr>
+
+{else}
+ <tr>
+ <td colspan=2>
+{render acl=$sambaGroupTypeACL}
+ <input type=checkbox name="smbgroup" value="1" {$smbgroup} title="{t}Select to create a samba conform group{/t}">
+{/render}
+{render acl=$sambaGroupTypeACL}
+ <select size="1" name="groupType">
+ {html_options options=$groupTypes selected=$groupType}
+ </select>
+{/render}
+
+ <LABEL for="">{t}in domain{/t}</LABEL>
+
+{render acl=$sambaDomainNameACL}
+ <select id="sambaDomainName" size="1" name="sambaDomainName">
+ {html_options values=$sambaDomains output=$sambaDomains selected=$sambaDomainName}
+ </select>
+{/render}
+ </td>
+ </tr>
+ {/if}
+{/if}
+
+ {if $pickupGroup == "true"}
+ <tr>
+ <td colspan=2> <div style="height:15px; width:100%; border-bottom:1px solid #909090;"></div> </td>
+ </tr>
+ <tr>
+ <td colspan=2> <div style="height:15px; width:100%;"></div> </td>
+ </tr>
+ <tr>
+ <td colspan=2>
+{render acl=$fonGroupACL checkbox=$multiple_support checked=$use_fon_group}
+ <input class="center" type=checkbox name="fon_group" value="1" {$fon_group}>{t}Members are in a phone pickup group{/t}
+{/render}
+ </td>
+ </tr>
+ {/if}
+ {if $nagios == "true"}
+ <tr>
+ <td colspan=2> <div style="height:15px; width:100%; border-bottom:1px solid #909090;"></div> </td>
+ </tr>
+ <tr>
+ <td colspan=2> <div style="height:15px; width:100%;"></div> </td>
+ </tr>
+ <tr>
+ <td colspan=2>
+{render acl=$nagiosGroupACL}
+ <input type=checkbox name="nagios_group" value="1" {$nagios_group}>{t}Members are in a nagios group{/t}
+{/render}
+ </td>
+ </tr>
+ {/if}
+ <tr>
+ <td colspan=2> <div style="height:15px; width:100%; border-bottom:1px solid #909090;"></div> </td>
+ </tr>
+ <tr>
+ <td colspan=2> <div style="height:15px; width:100%;"></div> </td>
+ </tr>
+ <tr>
+ <td colspan="2">
+ {t}Trust mode{/t}
+ {render acl=$trustmodeACL}
+ <select name="trustmode" id="trustmode" size=1
+ onChange="changeSelectState('trustmode', 'wslist');
+ changeSelectState('trustmode', 'add_ws');
+ changeSelectState('trustmode', 'del_ws');">
+ {html_options options=$trustmodes selected=$trustmode}
+ </select>
+ {/render}
+ {render acl=$trustmodeACL}
+ <select style="width:100%" id="wslist" name="workstation_list[]" size=8 multiple {$trusthide}>
+ {html_options values=$workstations output=$workstations}
+ {if $emptyArrAccess}
+ <option disabled> </option>
+ {/if}
+ </select>
+ {/render}
+ <br>
+ {render acl=$trustmodeACL}
+ <input type="submit" id="add_ws" value="{msgPool type=addButton}" name="add_ws" {$trusthide}>
+ {/render}
+ {render acl=$trustmodeACL}
+ <input type="submit" id="del_ws" value="{msgPool type=delButton}" name="delete_ws" {$trusthide}>
+ {/render}
+
+ </td>
+ </tr>
+ </table>
+
+ </td>
+ <td style="border-left:1px solid #A0A0A0">
+
+ </td>
+
+ <td style="vertical-align:top;">
+
+ <table summary="" style="width:100%">
+ <tr>
+ <td style="vertical-align:top; width:50%">
+ <b><LABEL for="members">{t}Group members{/t}</LABEL></b>
+ <br>
+{render acl=$memberUidACL}
+
+ {if $multiple_support}
+ <select style="width:100%; height:380px;" id="members" name="members[]" size=15 multiple>
+ {foreach from=$memberUid_All item=name key=key}
+ <option value="{$key}">{$name} ({t}In all groups{/t})</option>
+ {/foreach}
+ {foreach from=$memberUid_Some item=name key=key}
+ <option value="{$key}" style='color: #888888; background: #DDDDDD;background-color: #DDDDDD;'>{$name} ({t}Not in all groups{/t})</option>
+ {/foreach}
+ </select>
+ {else}
+ <select style="width:100%; height:380px;" id="members" name="members[]" size=15 multiple>
+ {html_options options=$members}
+ <option disabled> </option>
+ </select>
+ {/if}
+{/render}
+ <br>
+ <input type=submit name="edit_membership" value="{msgPool type=addButton}">
+
+ <input type=submit name="del_users" value="{msgPool type=delButton}">
+ </td>
+ </tr>
+ </table>
+ </td>
+
+ </tr>
+</table>
+
+<input type="hidden" name="groupedit" value="1">
+
+<!-- Place cursor -->
+<script language="JavaScript" type="text/javascript">
+ <!-- // First input field on page
+ focus_field('cn');
+ -->
+</script>
diff --git a/gosa-core/plugins/admin/sudo/main.inc b/gosa-core/plugins/admin/sudo/main.inc
--- /dev/null
@@ -0,0 +1,62 @@
+<?php
+/*
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id: main.inc 9275 2008-03-04 07:29:22Z cajus $$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+if ($remove_lock){
+ if(session::is_set('sudoManagement')){
+ $sudoManagement = session::get('sudoManagement');
+ $sudoManagement->remove_lock();
+ del_lock ($ui->dn);
+ session::un_set ('sudoManagement');
+ }
+} else {
+ /* Create sudoManagement object on demand */
+ if (!session::is_set('sudoManagement') || (isset($_GET['reset']) && $_GET['reset'] == 1)){
+ session::set('sudoManagement',new sudoManagement ($config, $ui));
+ }
+ $sudoManagement = session::get('sudoManagement');
+ $sudoManagement->save_object();
+ $output= $sudoManagement->execute();
+
+ /* Page header*/
+ if (session::is_set('objectinfo')){
+ $display= print_header(get_template_path('images/group.png'),
+ _("Group administration"), "<img alt=\"\" align=\"middle\" src=\"".
+ get_template_path('images/closedlock.png')."\"> ".
+ @LDAP::fix(session::get('objectinfo')));
+ } else {
+ $display= print_header(get_template_path('images/group.png'), _("Group administration"));
+ }
+
+ $display.= $output;
+
+ /* Reset requested? */
+ if (isset($_GET['reset']) && $_GET['reset'] == 1){
+ del_lock ($ui->dn);
+ session::un_set ('sudoManagement');
+ }
+
+ /* Show and save dialog */
+ session::set('sudoManagement',$sudoManagement);
+}
+
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
diff --git a/gosa-core/plugins/admin/sudo/remove.tpl b/gosa-core/plugins/admin/sudo/remove.tpl
--- /dev/null
@@ -0,0 +1,27 @@
+<div style="font-size:18px;">
+ <img alt="" src="images/button_cancel.png" align=top> {t}Warning{/t}
+</div>
+<p>
+ {$info}
+ {t}This may be a primary user group. Please double check if you really want to do this since there is no way for GOsa to get your data back.{/t}
+</p>
+
+<p>
+ {t}So - if you're sure - press 'Delete' to continue or 'Cancel' to abort.{/t}
+</p>
+
+<p class="plugbottom">
+
+ {if $multiple}
+ <input type=submit name="delete_multiple_groups_confirm" value="{msgPool type=delButton}">
+
+ <input type=submit name="delete_multiple_group_cancel" value="{msgPool type=cancelButton}">
+ {else}
+ <input type=submit name="delete_group_confirm" value="{msgPool type=delButton}">
+
+ <input type=submit name="delete_cancel" value="{msgPool type=cancelButton}">
+ {/if}
+
+
+</p>
+
diff --git a/gosa-core/plugins/admin/sudo/tabs_sudo.inc b/gosa-core/plugins/admin/sudo/tabs_sudo.inc
--- /dev/null
@@ -0,0 +1,66 @@
+<?php
+/*
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id: tabs_group.inc 9275 2008-03-04 07:29:22Z cajus $$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+class sudotabs extends tabs
+{
+ function sudotabs($config, $data, $dn)
+ {
+ tabs::tabs($config, $data, $dn,"sudo");
+ $this->addSpecialTabs();
+ }
+
+ function save_object($save_current= FALSE)
+ {
+ tabs::save_object($save_current);
+ }
+
+ function save($ignore_account= FALSE)
+ {
+ echo "nope";
+ $baseobject= $this->by_object['group'];
+
+ /* Check for new 'dn', in order to propagate the
+ 'dn' to all plugins */
+ $new_dn= 'cn='.$baseobject->cn.','.get_groups_ou().$baseobject->base;
+
+
+ /* Move group? */
+ if ($this->dn != $new_dn){
+
+ /* Write entry on new 'dn' */
+ if ($this->dn != "new"){
+ $baseobject->update_acls($this->dn,$new_dn);
+ $baseobject->move($this->dn, $new_dn);
+ $this->by_object['group']= $baseobject;
+ }
+
+ /* Happen to use the new one */
+ $this->dn= $new_dn;
+ }
+
+ $ret= tabs::save();
+
+ return $ret;
+ }
+}
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>