summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9379f58)
raw | patch | inline | side by side (parent: 9379f58)
author | cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Fri, 29 Jan 2010 14:44:51 +0000 (14:44 +0000) | ||
committer | cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Fri, 29 Jan 2010 14:44:51 +0000 (14:44 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@15451 594d385d-05f5-0310-b6e9-bd551577e9d8
index ff9c44acef216e9ac57fd7e1bc44e043f3501e7f..bb6c765d71fd49676c6b2e54e0e38650f3d48718 100644 (file)
// Autocompleter
$this->tree.= "<div id='autocomplete_".$this->pid."' class='autocomplete'></div>".
"<script type='text/javascript'>".
- "new Ajax.Autocompleter('bs_input_".$this->pid."', 'autocomplete_".$this->pid."', 'autocomplete.php?type=base', { minChars: 3, frequency: 0.5 });".
- "$('bs_input_".$this->pid."').observe('keypress', function(event) { if(event.keyCode == Event.KEY_RETURN) { $('submit_base_".$this->pid."').click(); } });".
- "</script>";
+ "new Ajax.Autocompleter('bs_input_".$this->pid."', 'autocomplete_".$this->pid."', 'autocomplete.php?type=base', { minChars: 3, frequency: 0.5 });";
+ if ($this->submitButton) {
+ $this->tree.= "$('bs_input_".$this->pid."').observe('keypress', function(event) { if(event.keyCode == Event.KEY_RETURN) { $('submit_base_".$this->pid."').click(); } });";
+ }
+ $this->tree.= "</script>";
$selected= $this->base == $config->current['BASE']?"Selected":"";
$this->tree.= "<div class='treeList' style='display:none;max-height:".$this->height."px' id='bs_".$this->pid."' onmouseover=\"window.clearTimeout(rtimer);\" onmouseout=\"rtimer= Element.hide.delay(0.25, 'bs_".$this->pid."')\"><a class='treeList$selected' $link>/ ["._("Root")."]</a><ul class='treeList'>\n";
diff --git a/gosa-core/plugins/admin/groups/class_group.inc b/gosa-core/plugins/admin/groups/class_group.inc
--- /dev/null
@@ -0,0 +1,1376 @@
+<?php
+/*
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id$$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+class group extends plugin
+{
+ /* Group attributes */
+ var $cn= "";
+ var $description= "";
+ var $gidNumber= "";
+ var $memberUid= array();
+ var $memberUid_used_by_some= array();
+
+ /* Helpers */
+ var $base= "";
+ var $force_gid= FALSE;
+ var $fon_group= FALSE;
+ var $smbgroup= FALSE;
+ var $groupType= FALSE;
+ var $sambaSID= "";
+ var $sambaDomainName= "DEFAULT";
+ var $SID= "";
+ var $ridBase= 0;
+ var $members= array();
+ var $users= array();
+ var $member= array();
+ var $allusers= array();
+ var $saved_gidNumber= "";
+ var $oldgroupType= "";
+ var $orig_dn= "";
+ var $orig_cn= "";
+ var $orig_base= "";
+ var $has_mailAccount= FALSE;
+ var $userSelect= FALSE;
+ var $nagios_group =FALSE;
+ var $sambaGroupType;
+ var $dialog;
+ var $rfc2307bis= FALSE;
+ var $OnlyShowFirstEntries =200;
+ var $dnMapping= array();
+ var $view_logged = FALSE;
+ var $allowGroupsWithSameNameInOtherSubtrees = true;
+ var $baseSelector;
+
+ /* Trustmodel/AccessTo
+ */
+ var $accessTo= array();
+ var $trustModel= "";
+ var $trustSelect = FALSE;
+
+ /* attribute list for save action */
+ var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID","accessTo","trustModel");
+ var $objectclasses= array("top", "posixGroup");
+
+ var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType");
+
+ var $multiple_support = TRUE;
+
+ function group (&$config, $dn= NULL)
+ {
+ /* Set rfc2307bis flag */
+ if ($config->get_cfg_value("rfc2307bis") == "true"){
+ $this->rfc2307bis= TRUE;
+ $this->attributes[]= "member";
+ $this->objectclasses[]= "groupOfNames";
+ }
+
+ plugin::plugin ($config, $dn);
+
+ /* Load attributes depending on the samba version */
+ $this->orig_dn= $dn;
+ $this->orig_cn= $this->cn;
+
+ /* Get member list */
+ if (isset($this->attrs['memberUid'][0])){
+ $tmp= array();
+ for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
+ $tmp[$this->attrs['memberUid'][$i]]= $this->attrs['memberUid'][$i];
+ }
+ $this->memberUid= $tmp;
+ ksort ($this->memberUid);
+ }
+
+ /* Save gidNumber for later use */
+ if (isset($this->attrs['gidNumber'])){
+ $this->saved_gidNumber= $this->attrs['gidNumber'][0];
+ }
+
+ /* Is a samba group? */
+ if (isset($this->attrs['objectClass'])){
+ if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == FALSE ){
+ $this->smbgroup= FALSE;
+ } else {
+ $this->smbgroup= TRUE;
+ if (isset($this->attrs['sambaSID'])){
+ $this->sambaSID= $this->attrs['sambaSID'][0];
+ }
+ }
+ if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == FALSE ){
+ $this->fon_group= FALSE;
+ } else {
+ $this->fon_group= TRUE;
+ }
+ if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == FALSE ){
+ $this->nagios_group= FALSE;
+ } else {
+ $this->nagios_group= TRUE;
+ }
+ }
+
+ /* Set mail flag */
+ if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
+ $this->has_mailAccount= TRUE;
+ }
+
+ /* Get samba Domain in case of samba 3 */
+ if ($this->sambaSID != ""){
+ $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
+ $ldap= $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
+ if ($ldap->count() != 0){
+ $attrs= $ldap->fetch();
+ if(isset($attrs['sambaAlgorithmicRidBase'])){
+ $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
+ } else {
+ $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
+ }
+
+ /* Get domain name for SID */
+ $this->sambaDomainName= "DEFAULT";
+ foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
+ if ($val['SID'] == $this->SID){
+ $this->sambaDomainName= $key;
+ break;
+ }
+ }
+ } else {
+ if ($this->config->get_cfg_value("sambaRidBase") != ""){
+ $this->sambaDomainName= "DEFAULT";
+ $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
+ $this->SID= $this->config->get_cfg_value("sid");
+ } else {
+ msg_dialog::display(_("Configuration error"), _("Cannot find group SID in your configuration!"), ERROR_DIALOG);
+ }
+ }
+
+ /* Get group type */
+ $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
+ if ($this->groupType < 500 || $this->groupType > 553){
+ $this->groupType= 0;
+ }
+ $this->oldgroupType= $this->groupType;
+ }
+
+ /* Get global filter config */
+ if (!session::is_set("gufilter")){
+ $ui= get_userinfo();
+ $base= get_base_from_people($ui->dn);
+ $gufilter= array( "dselect" => $base,
+ "regex" => "*");
+ session::set("gufilter", $gufilter);
+ }
+ $gufilter= session::get('gufilter');
+ $gufilter['SubSearchGroup'] = false;
+ session::set('gufilter',$gufilter);
+
+ if ($this->dn == "new"){
+ if(session::is_set('CurrentMainBase')){
+ $this->base = session::get('CurrentMainBase');
+ }else{
+ $ui= get_userinfo();
+ $this->base= dn2base($ui->dn);
+ }
+ } else {
+
+ /* Get object base */
+ $this->base =preg_replace ("/^[^,]+,".preg_quote(get_groups_ou(), '/')."/i","",$this->dn);
+ }
+ $this->orig_base = $this->base;
+
+ /* Is this account a trustAccount? */
+ if (isset($this->attrs['trustModel'])){
+ $this->trustModel= $this->attrs['trustModel'][0];
+ $this->was_trust_account= TRUE;
+ } else {
+ $this->was_trust_account= FALSE;
+ $this->trustModel= "";
+ }
+
+ $this->accessTo = array();
+ if (isset($this->attrs['accessTo'])){
+ for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
+ $tmp= $this->attrs['accessTo'][$i];
+ $this->accessTo[$tmp]= $tmp;
+ }
+ }
+
+ /* Get global filter config */
+ if (!session::is_set("sysfilter")){
+ $ui= get_userinfo();
+ $base= get_base_from_people($ui->dn);
+ $sysfilter= array( "depselect" => $base,
+ "regex" => "*");
+ session::set("sysfilter", $sysfilter);
+ }
+
+ /* This is always an account */
+ $this->is_account= TRUE;
+
+ /* Instanciate base selector */
+ $this->baseSelector= new baseSelector($this->get_allowed_bases(), $this->base);
+ $this->baseSelector->setSubmitButton(false);
+ $this->baseSelector->setHeight(300);
+ $this->baseSelector->update(true);
+
+ $this->reload(TRUE);
+ }
+
+ function execute()
+ {
+ /* Call parent execute */
+ plugin::execute();
+
+ /* Log view */
+ if($this->is_account && !$this->view_logged){
+ $this->view_logged = TRUE;
+ new log("view","groups/".get_class($this),$this->dn);
+ }
+
+ /* Do we represent a valid group? */
+ if (!$this->is_account && $this->parent === NULL){
+ $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".msgPool::noValidExtension()."</b>";
+ return ($display);
+ }
+
+ /* Delete user from group */
+ if (isset($_POST['del_users']) && isset($_POST['members']) && preg_match("/w/",$this->getacl("memberUid"))){
+ foreach ($_POST['members'] as $value){
+ unset ($this->members["$value"]);
+ $this->removeUser($value);
+ }
+ $this->reload();
+ }
+
+ /* Add objects? */
+ if (isset($_POST["edit_membership"]) && preg_match("/w/",$this->getacl("memberUid"))){
+ $this->userSelect= new userSelect($this->config, get_userinfo());
+ $this->dialog= TRUE;
+ }
+
+ /* Add objects finished? */
+ if (isset($_POST["add_users_cancel"])){
+ $this->userSelect= NULL;
+ $this->dialog= FALSE;
+ }
+
+ /* Add user to group */
+ if (isset($_POST['add_users_finish']) && $this->userSelect){
+
+ $users = $this->userSelect->detectPostActions();
+ if(isset($users['targets'])){
+ $headpage = $this->userSelect->getHeadpage();
+ foreach($users['targets'] as $dn){
+ $attrs = $headpage->getEntry($dn);
+ $value = $attrs['uid'][0];
+ $this->addUser($value);
+ $this->members["$value"]= $this->allusers[$value];
+ $this->reload();
+ }
+ }
+ $this->userSelect= NULL;
+ $this->dialog= FALSE;
+ }
+
+ /* Base select dialog */
+ $once = true;
+ foreach($_POST as $name => $value){
+ if((preg_match("/^chooseBase/",$name) && $once) && $this->acl_is_writeable("base")){
+
+ $once = false;
+ $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
+ $this->dialog->setCurrentBase($this->base);
+ }
+ }
+
+ /* Dialog handling */
+ if(is_object($this->dialog)){
+ /* Must be called before save_object */
+ $this->dialog->save_object();
+
+ if($this->dialog->isClosed()){
+ $this->dialog = false;
+ }elseif($this->dialog->isSelected()){
+
+ /* Check if selected base is valid */
+ $tmp = $this->get_allowed_bases();
+ if(isset($tmp[$this->dialog->isSelected()])){
+ $this->base = $this->dialog->isSelected();
+ }
+ $this->dialog= false;
+ }else{
+ return($this->dialog->execute());
+ }
+ }
+
+
+ /* Add user workstation? */
+ if (isset($_POST["add_ws"])){
+ $this->trustSelect= new trustSelect($this->config,get_userinfo());
+ $this->dialog= TRUE;
+ }
+
+ // Add selected machines to trusted ones.
+ if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
+ $trusts = $this->trustSelect->detectPostActions();
+ if(isset($trusts['targets'])){
+
+ $headpage = $this->trustSelect->getHeadpage();
+ foreach($trusts['targets'] as $id){
+ $attrs = $headpage->getEntry($id);
+ $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
+ }
+ ksort($this->accessTo);
+ $this->is_modified= TRUE;
+ }
+ $this->trustSelect= NULL;
+ $this->dialog= FALSE;
+ }
+
+
+ /* Add user workstation? */
+ if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
+ foreach($_POST['wslist'] as $ws){
+ $this->accessTo[$ws]= $ws;
+ }
+ ksort($this->accessTo);
+ $this->is_modified= TRUE;
+ }
+
+ /* Remove user workstations? */
+ if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
+ foreach($_POST['workstation_list'] as $name){
+ unset ($this->accessTo[$name]);
+ }
+ $this->is_modified= TRUE;
+ }
+
+ /* Add user workstation finished? */
+ if (isset($_POST["add_ws_cancel"])){
+ $this->trustSelect= NULL;
+ $this->dialog= FALSE;
+ }
+
+
+ /* Show ws dialog */
+ if ($this->trustSelect){
+
+ // Build up blocklist
+ session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
+ return($this->trustSelect->execute());
+ }
+
+ $smarty= get_smarty();
+ $smarty->assign("usePrototype", "true");
+
+ if($this->config->search("nagiosaccount", "CLASS",array('menu'))){
+ $smarty->assign("nagios",true);
+ }else{
+ $smarty->assign("nagios",false);
+ }
+
+ if($this->config->search("phoneAccount", "CLASS",array('menu'))){
+ $smarty->assign("pickupGroup",true);
+ }else{
+ $smarty->assign("pickupGroup",false);
+ }
+
+ /* Manage object add dialog */
+ if ($this->userSelect){
+ return($this->userSelect->execute());
+ }
+
+ /* Create base acls */
+ $smarty->assign("base", $this->baseSelector->render());
+
+ $domains= array();
+ foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
+ $domains[$name]= $name;
+ }
+ $smarty->assign("sambaDomains", $domains);
+ $smarty->assign("sambaDomainName", $this->sambaDomainName);
+ $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
+ 514 => _("Domain guests"));
+
+ /* Don't loose special groups! If not key'ed above, add it to
+ the combo box... */
+ if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
+ $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
+ }
+
+ $smarty->assign("groupTypes", $groupTypes);
+ $smarty->assign("groupType", $this->groupType);
+
+
+ /* Members and users */
+ $smarty->assign("members", $this->members);
+
+ /* Work on trust modes */
+ $smarty->assign("trusthide", " disabled ");
+ $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
+ if ($this->trustModel == "fullaccess"){
+ $trustmode= 1;
+ // pervent double disable tag in html code, this will disturb our clean w3c html
+ $smarty->assign("trustmode", $this->getacl("trustModel"));
+
+ } elseif ($this->trustModel == "byhost"){
+ $trustmode= 2;
+ $smarty->assign("trusthide", "");
+ } else {
+ // pervent double disable tag in html code, this will disturb our clean w3c html
+ $smarty->assign("trustmode", $this->getacl("trustModel"));
+ $trustmode= 0;
+ }
+ $smarty->assign("trustmode", $trustmode);
+ $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
+ 2 => _("allow access to these hosts")));
+
+ if((count($this->accessTo))==0){
+ $smarty->assign("emptyArrAccess",true);
+ } else{
+ $smarty->assign("emptyArrAccess",false);
+
+ }
+
+ $smarty->assign("workstations", $this->accessTo);
+
+
+
+ /* Checkboxes */
+ foreach (array("force_gid", "smbgroup") as $val){
+ if ($this->$val == "1"){
+ $smarty->assign("$val", "checked");
+ } else {
+ $smarty->assign("$val", "");
+ }
+ }
+ if ($this->force_gid != "1"){
+ $smarty->assign("forceMode", "disabled");
+ }else{
+ $smarty->assign("forceMode", "");
+ }
+ if ($this->fon_group){
+ $smarty->assign("fon_group", "checked");
+ } else {
+ $smarty->assign("fon_group", "");
+ }
+
+ if ($this->nagios_group){
+ $smarty->assign("nagios_group", "checked");
+ } else {
+ $smarty->assign("nagios_group", "");
+ }
+
+ /* Fields */
+ foreach (array("cn", "description", "gidNumber") as $val){
+ $smarty->assign("$val", $this->$val);
+ }
+
+ $tmp = $this->plInfo();
+ foreach($tmp['plProvidedAcls'] as $name => $translation){
+ $smarty->assign($name."ACL",$this->getacl($name));
+ }
+
+ if($this->acl_is_writeable("base")){
+ $smarty->assign("baseSelect",true);
+ }else{
+ $smarty->assign("baseSelect",false);
+ }
+
+ /* Show main page */
+ $smarty->assign("alphabet", generate_alphabet(10));
+ $smarty->assign("search_image", get_template_path('images/lists/search.png'));
+ $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
+ $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
+ $smarty->assign("deplist", $this->config->idepartments);
+
+ /* Multiple edit handling */
+ $smarty->assign("multiple_support",$this->multiple_support_active);
+
+ $smarty->assign("memberUid_All",$this->memberUid);
+ $smarty->assign("memberUid_Some",$this->memberUid_used_by_some);
+
+ foreach($this->attributes as $val){
+ if(in_array($val,$this->multi_boxes)){
+ $smarty->assign("use_".$val,TRUE);
+ }else{
+ $smarty->assign("use_".$val,FALSE);
+ }
+ }
+ foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $val){
+ if(in_array($val,$this->multi_boxes)){
+ $smarty->assign("use_".$val,TRUE);
+ }else{
+ $smarty->assign("use_".$val,FALSE);
+ }
+ }
+
+ return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
+ }
+
+ function addUser($uid)
+ {
+ /* In mutliple edit we have to handle two arrays.
+ * memberUid : Containing users used in all groups
+ * memberUid_used_by_some : Those which are not used in all groups
+ * So we have to remove the given $uid from the ..used_by_some array first.
+ */
+ if($this->multiple_support_active){
+ if(isset($this->memberUid_used_by_some[$uid])){
+ unset($this->memberUid_used_by_some[$uid]);
+ }
+ }
+
+ /* Ensure that the requested object is known to the group class
+ */
+ if(!isset($this->dnMapping[$uid])){
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(&(objectClass=gosaAccount)(uid=".$uid."))",array("dn", "uid","sn","givenName"));
+ if($ldap->count() == 0 ){
+ msg_dialog::display(_("Error"),
+ sprintf(_("Adding UID '%s' to group '%s' failed: cannot find user object!"),
+ $uid,$this->cn),
+ ERROR_DIALOG);
+ return;
+ }elseif($ldap->count() >= 2){
+ msg_dialog::display(_("Error"),
+ sprintf(_("Add UID '%s' to group '%s' failed: UID is used more than once!"),
+ $uid,$this->cn),
+ ERROR_DIALOG);
+ return;
+ }else{
+ while($attrs = $ldap->fetch()){
+ $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
+ $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
+ $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
+ }
+ }
+ }
+
+ $this->memberUid[$uid]= $uid;
+ }
+
+
+ function removeUser($uid)
+ {
+ $temp= array();
+ if(isset($this->memberUid[$uid])){
+ unset($this->memberUid[$uid]);
+ }
+
+ /* We have two array contianing group members in multiple edit.
+ * this->memberUid : Groups used by all currently edited groups
+ * this->memberUid_used_by_some: Used by some
+ * So we have to remove the specified uid from both arrays.
+ */
+ if($this->multiple_support_active){
+ if(isset($this->memberUid_used_by_some[$uid])){
+ unset($this->memberUid_used_by_some[$uid]);
+ }
+ }
+ }
+
+ /* Reload data */
+ function reload($silent = FALSE)
+ {
+ /* Fix regex string */
+ $gufilter = session::get("gufilter");
+ $regex = normalizeLdap($gufilter['regex']);
+ $MaxUser = $this->OnlyShowFirstEntries;
+
+ /* Prepare ldap link */
+ $ldap= $this->config->get_ldap_link();
+ $ldap->cd($gufilter['dselect']);
+
+
+ /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
+ (Store gathered sn/givenName informations in $this->allusers too,
+ to be prepared when adding/deleting users)
+ */
+ $filter = "";
+ if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
+ count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
+ foreach ($this->memberUid as $value){
+ if(!isset($this->members[$value])){
+ $filter .= "(uid=".normalizeLdap($value).")";
+ }
+ }
+ }
+
+ if(!empty($filter)){
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(&(objectClass=gosaAccount)(|".$filter."))",array("dn", "uid","sn","givenName"));
+ while($attrs = $ldap->fetch()){
+ $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
+ $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
+ $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
+ }
+ }
+
+ /* check if all uids are resolved */
+ if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
+ count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
+ foreach ($this->memberUid as $value){
+ if(!isset($this->members[$value])){
+ $this->members[$value] = _("! unknown UID")." [".$value."]";
+ }
+ }
+ }else{
+ foreach ($this->memberUid as $value){
+ $this->members[$value] = $value;
+ }
+ }
+
+ /* Create display list of users matching regex & filter
+ */
+ $this->displayUsers = array();
+ $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
+
+ /* Search in current tree or within subtrees depending on the checkbox from filter section */
+ if($gufilter['SubSearchGroup']){
+ $flag = GL_SIZELIMIT | GL_SUBSEARCH;
+ $base = $gufilter['dselect'];
+ }else{
+ $flag = GL_SIZELIMIT ;
+ $base = get_people_ou().$gufilter['dselect'];
+ }
+ $i = 0;
+
+
+ $res = get_list($filter,"users",$base,array("dn", "uid", "sn", "givenName"),$flag);
+
+ /* Fetch all users and skip already used users */
+ foreach($res as $attrs){
+ if(in_array($attrs['uid'][0], $this->memberUid)) {
+ continue;
+ }
+ $i ++;
+ if($i > $MaxUser) {
+ break;
+ }
+ $this->dnMapping[$attrs['uid'][0]]= $attrs["dn"];
+ $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
+ $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
+ }
+
+ /* If more than max users are found, display a message to warn the user */
+ if($i == $MaxUser && !$silent){
+ msg_dialog::display(_("Configuration error"), sprintf(_("Search returned too many results. Not displaying more than %s entries!"), $MaxUser), ERROR_DIALOG);
+ }
+
+ /* Sort lists */
+ natcasesort($this->members);
+ reset($this->members);
+ natcasesort ($this->displayUsers);
+ reset ($this->displayUsers);
+ }
+
+
+ /* Create display name, this was used so often that it is excluded into a seperate function */
+ function createResultName($attrs)
+ {
+ if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
+ $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
+ } else {
+ $ret= $attrs['uid'][0];
+ }
+ return($ret);
+ }
+
+
+ function remove_from_parent()
+ {
+ plugin::remove_from_parent();
+
+ $ldap= $this->config->get_ldap_link();
+ $ldap->rmdir($this->dn);
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_DEL, get_class()));
+ }
+
+ new log("remove","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+
+ /* Delete references to object groups */
+ $ldap->cd ($this->config->current['BASE']);
+ $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".LDAP::prepare4filter($this->dn)."))", array("cn"));
+ while ($ldap->fetch()){
+ $og= new ogroup($this->config, $ldap->getDN());
+ unset($og->member[$this->dn]);
+ $og->save ();
+ }
+
+ /* Remove ACL dependencies too,
+ */
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($this->dn)."*))",array("gosaAclEntry","dn"));
+ while($attrs = $ldap->fetch()){
+ $acl = new acl($this->config,$this->parent,$attrs['dn']);
+ foreach($acl->gosaAclEntry as $id => $entry){
+ foreach($entry['members'] as $m_id => $member){
+ if($m_id == "G:".$this->dn || $m_id == "U:".$this->dn){
+ unset($acl->gosaAclEntry[$id]['members'][$m_id]);
+ gosa_log("modify","groups/acl",$attrs['dn'],array(),sprintf("Removed acl for %s on object %s.",$this->dn,$attrs['dn']));
+ }
+ }
+ }
+ $acl->save();
+ }
+
+ /* Remove ACL dependencies, too */
+ acl::remove_acl_for($this->dn);
+
+ /* Send signal to the world that we've done */
+ $this->handle_post_events("remove");
+ }
+
+
+ /* Save data to object */
+ function save_object()
+ {
+ /* Refresh base */
+ if ($this->acl_is_moveable($this->base)){
+ if (!$this->baseSelector->update()) {
+ msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
+ }
+ if ($this->base != $this->baseSelector->getBase()) {
+ $this->base= $this->baseSelector->getBase();
+ $this->is_modified= TRUE;
+ }
+ }
+
+ /* Save additional values for possible next step */
+ if (isset($_POST['groupedit'])){
+
+ /* Create a base backup and reset the
+ base directly after calling plugin::save_object();
+ Base will be set seperatly a few lines below */
+ $base_tmp = $this->base;
+ plugin::save_object();
+ $this->base = $base_tmp;
+
+ $this->force_gid= 0;
+
+ /* Only reset sambagroup flag if we are able to write this flag */
+ if($this->acl_is_writeable("sambaGroupType")){
+ $this->smbgroup = 0;
+ }
+
+ foreach (array(
+ "force_gid" => "gidNumber",
+ "smbgroup" => "sambaGroupType") as $val => $aclname) {
+ if ($this->acl_is_writeable($aclname) && isset($_POST["$val"])){
+ $this->$val= $_POST["$val"];
+ }
+ }
+
+ /* Save sambaDomain attribute */
+ if ($this->acl_is_writeable("sambaDomainName") && isset ($_POST['sambaDomainName'])){
+ $this->sambaDomainName= $_POST['sambaDomainName'];
+ $this->groupType= $_POST['groupType'];
+ }
+
+ /* Save fon attribute */
+ if ($this->acl_is_writeable("fonGroup")){
+ if (isset ($_POST['fon_group'])){
+ $this->fon_group= TRUE;
+ } else {
+ $this->fon_group= FALSE;
+ }
+ }
+ if ($this->acl_is_writeable("nagiosGroup")){
+ if (isset ($_POST['nagios_group'])){
+ $this->nagios_group= TRUE;
+ } else {
+ $this->nagios_group= FALSE;
+ }
+ }
+ }
+
+ /* Trust mode - special handling */
+ if($this->acl_is_writeable("trustModel")){
+ if (isset($_POST['trustmode'])){
+ $saved= $this->trustModel;
+ if ($_POST['trustmode'] == "1"){
+ $this->trustModel= "fullaccess";
+ } elseif ($_POST['trustmode'] == "2"){
+ $this->trustModel= "byhost";
+ } else {
+ $this->trustModel= "";
+ }
+ if ($this->trustModel != $saved){
+ $this->is_modified= TRUE;
+ }
+ }
+ }
+
+ }
+
+
+ /* Save to LDAP */
+ function save()
+ {
+
+ /* ID handling */
+ if ($this->force_gid == 0){
+ if ($this->saved_gidNumber != ""){
+ $this->gidNumber= $this->saved_gidNumber;
+ } else {
+ /* Calculate new, lock uids */
+ $wait= 10;
+ while (get_lock("gidnumber") != ""){
+ sleep (1);
+
+ /* timed out? */
+ if ($wait-- == 0){
+ break;
+ }
+ }
+ add_lock ("gidnumber", "gosa");
+ $this->gidNumber= get_next_id("gidNumber", $this->dn);
+ }
+ }
+
+ plugin::save();
+
+ /* Trust accounts */
+ $objectclasses= array();
+ foreach ($this->attrs['objectClass'] as $key => $class){
+ if (preg_match('/trustAccount/i', $class)){
+ continue;
+ }
+ $objectclasses[]= $this->attrs['objectClass'][$key];
+ }
+ $this->attrs['objectClass']= $objectclasses;
+ if ($this->trustModel != ""){
+ $this->attrs['objectClass'][]= "trustAccount";
+ $this->attrs['trustModel']= $this->trustModel;
+ $this->attrs['accessTo']= array();
+ if ($this->trustModel == "byhost"){
+ foreach ($this->accessTo as $host){
+ $this->attrs['accessTo'][]= $host;
+ }
+ }
+ } else {
+ if ($this->was_trust_account){
+ $this->attrs['accessTo']= array();
+ $this->attrs['trustModel']= array();
+ }
+ }
+
+
+
+ /* Remove objectClass for samba/phone support */
+ $tmp= array();
+ for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
+ if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
+ $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
+ $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
+ $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
+ $tmp[]= $this->attrs['objectClass'][$i];
+ }
+ }
+ $this->attrs['objectClass']= $tmp;
+ $ldap= $this->config->get_ldap_link();
+
+ /* Add samba group functionality */
+ if ($this->smbgroup){
+
+ /* Fixed undefined index ...
+ */
+ $this->SID = $this->ridBase = "";
+ if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
+ $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
+ }else{
+ msg_dialog::display(_("Error"), sprintf(_("Cannot find any SID for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
+ }
+ if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
+ $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
+ }else{
+ msg_dialog::display(_("Error"), sprintf(_("Cannot find any RIDBASE for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
+ }
+
+ $this->attrs['objectClass'][]= 'sambaGroupMapping';
+ $this->attrs['sambaGroupType']= "2";
+
+ /* Check if we need to create a special entry */
+ if ($this->groupType == 0){
+
+ if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
+ $gidNumber= $this->gidNumber;
+ while(TRUE){
+ $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(sambaSID=$sid)",array("sambaSID"));
+ if ($ldap->count() == 0){
+ break;
+ }
+ $gidNumber++;
+ }
+ $this->attrs['sambaSID']= $sid;
+ $this->sambaSID= $sid;
+ }
+
+ } else {
+ $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
+ }
+
+ /* User wants me to fake the idMappings? This is useful for
+ making winbind resolve the group names in a reasonable amount
+ of time in combination with larger databases. */
+ if ($this->config->get_cfg_value("sambaidmapping") == "true"){
+ $this->attrs['objectClass'][]= "sambaIdmapEntry";
+ }
+
+ }
+
+ /* Add phone functionality */
+ if ($this->fon_group){
+ $this->attrs['objectClass'][]= "goFonPickupGroup";
+ }
+
+ /* Add nagios functionality */
+ if ($this->nagios_group){
+ $this->attrs['objectClass'][]= "nagiosContactGroup";
+ }
+
+ /* Take members array */
+ if (count ($this->memberUid)){
+ $this->attrs['memberUid']= array_values(array_unique($this->memberUid));
+ }
+
+ /* New accounts need proper 'dn', propagate it to remaining objects */
+ if ($this->dn == 'new'){
+ $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
+ }
+
+ /* Add member dn's for RFC2307bis Support */
+ if ($this->rfc2307bis){
+ $this->attrs['member'] = array();
+ if (count($this->memberUid)){
+ foreach($this->attrs['memberUid'] as $uid) {
+
+ if(isset($this->dnMapping[$uid])){
+ $this->attrs['member'][]= $this->dnMapping[$uid];
+ }
+ }
+ } else {
+ $this->attrs['member'][]= $this->dn;
+ }
+ }
+
+ /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
+ new entries. So do a check first... */
+ $ldap->cat ($this->dn, array('dn'));
+ if ($ldap->fetch()){
+ /* Modify needs array() to remove values :-( */
+ if (!count ($this->memberUid)){
+ $this->attrs['memberUid']= array();
+ }
+ if (!$this->smbgroup){
+ $this->attrs['sambaGroupType']= array();
+ $this->attrs['sambaSID']= array();
+ }
+
+ $mode= "modify";
+ } else {
+ $mode= "add";
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
+ }
+
+
+ /* Check generated gidNumber, it may be used by another group.
+ */
+ if($this->gidNumber != ""){
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(&(!(cn=".$this->orig_cn."))(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))",array("cn"));
+ if($ldap->count()){
+ $cns = "";
+ while($attrs = $ldap->fetch()){
+ $cns .= $attrs['cn'][0].", ";
+ }
+ $cns = rtrim($cns,", ");
+ msg_dialog::display(_("Warning"),sprintf(_("The gidNumber '%s' is already in use by %s!"),$this->gidNumber,$cns) , WARNING_DIALOG );
+ }
+ }
+
+ /* Write back to ldap */
+ $ldap->cd($this->dn);
+ $this->cleanup();
+ $ldap->$mode($this->attrs);
+
+ /* Remove ACL dependencies too,
+ */
+ if($this->dn != $this->orig_dn && $this->orig_dn != "new"){
+ $tmp = new acl($this->config,$this->parent,$this->dn);
+ $tmp->update_acl_membership($this->orig_dn,$this->dn);
+ }
+
+ if($this->initially_was_account){
+ new log("modify","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+ }else{
+ new log("create","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+ }
+
+ $ret= 0;
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
+ $ret= 1;
+ }
+
+ /* Remove uid lock */
+ del_lock ("gidnumber");
+
+ /* Post that we've done*/
+ $this->handle_post_events($mode);
+
+ return ($ret);
+ }
+
+ function check()
+ {
+ /* Call common method to give check the hook */
+ $message= plugin::check();
+
+ /* Permissions for that base? */
+ if ($this->base != ""){
+ $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
+ } else {
+ $new_dn= $this->dn;
+ }
+
+ /* must: cn */
+ if ($this->cn == "" && $this->acl_is_writeable("cn")){
+ $message[]= msgPool::required(_("Name"));
+ }
+
+ /* Check for valid input */
+ if (!tests::is_uid($this->cn)){
+ if (strict_uid_mode()){
+ $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/");
+ } else {
+ $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/i");
+ }
+ }
+
+ if($this->allowGroupsWithSameNameInOtherSubtrees == true){
+
+ /* Check for used 'cn' */
+ $ldap= $this->config->get_ldap_link();
+ if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
+ $ldap->cd(get_groups_ou().$this->base);
+ $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
+ if ($ldap->count() != 0){
+ $message[]= msgPool::duplicated(_("Name"));
+ }
+ }
+
+ }else{
+
+ /* Check for used 'cn' */
+ $ldap= $this->config->get_ldap_link();
+ $ldap->cd($this->config->current['BASE']);
+ $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
+ if ($ldap->count() != 0){
+
+ /* New entry? */
+ if ($this->dn == 'new'){
+ $message[]= msgPool::duplicated(_("Name"));
+ }
+
+ /* Moved? */
+ elseif ($new_dn != $this->orig_dn){
+ $ldap->fetch();
+ if ($ldap->getDN() != $this->orig_dn){
+ $message[]= msgPool::duplicated(_("Name"));
+ }
+ }
+ }
+ }
+
+ /* Check ID */
+ if ($this->force_gid == "1"){
+ if (!tests::is_id($this->gidNumber)){
+ $message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
+ } else {
+ if ($this->gidNumber < $this->config->get_cfg_value("minId")){
+ $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("minId"));
+ }
+
+ }
+ }
+
+ /* Check if we are allowed to create or move this object
+ */
+ if(!$this->orig_dn == "new" ||
+ $this->orig_base != $this->base ||
+ $this->cn != $this->orig_cn){
+
+ if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
+ $message[] = msgPool::permCreate();
+ }elseif($this->orig_dn != "new" && !$this->acl_is_moveable($this->base)){
+ $message[] = msgPool::permMove();
+ }
+ }
+
+ return ($message);
+ }
+
+
+ function getCopyDialog()
+ {
+ $vars = array("cn");
+
+ if($this ->force_gid){
+ $used = " checked ";
+ $dis = "";
+ }else{
+ $used = "";
+ $dis = " disabled ";
+ }
+
+ $smarty = get_smarty();
+ $smarty->assign("used",$used);
+ $smarty->assign("dis" ,$dis);
+ $smarty->assign("cn" ,$this->cn);
+ $smarty->assign("gidNumber",$this->gidNumber);
+ $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
+ $ret = array();
+ $ret['string'] = $str;
+ $ret['status'] = "";
+ return($ret);
+ }
+
+ function saveCopyDialog()
+ {
+ if(isset($_POST['cn'])){
+ $this->cn = $_POST['cn'];
+ }
+ if(isset($_POST['force_gid'])){
+ $this->force_gid = 1;
+ $this->gidNumber= $_POST['gidNumber'];
+ }else{
+ $this->force_gid = 0;
+ $this->gidNumber = false;
+ }
+ }
+
+
+ /* Return plugin informations for acl handling */
+ static function plInfo()
+ {
+ return (array(
+ "plShortName" => _("Generic"),
+ "plDescription" => _("Generic group settings"),
+ "plSelfModify" => FALSE,
+ "plDepends" => array(),
+ "plPriority" => 0,
+ "plSection" => array("administration"),
+ "plCategory" => array("groups" => array("objectClass" => "posixGroup", "description" => _("Groups"))),
+
+ "plProvidedAcls" => array(
+ "cn" => _("Name"),
+ "description" => _("Description"),
+ "base" => _("Base"),
+
+ "gidNumber" => _("GID"),
+
+ "sambaGroupType" => _("Samba group type"),
+ "sambaDomainName" => _("Samba domain name"),
+ "trustModel" => _("System trust"),
+ "fonGroup" => _("Phone pickup group"),
+ "nagiosGroup" => _("Nagios group"),
+
+ "memberUid" => _("Group member"))
+ ));
+ }
+
+
+ function multiple_save_object()
+ {
+ if(isset($_POST['group_mulitple_edit'])){
+
+ /* Create a base backup and reset the
+ base directly after calling plugin::save_object();
+ Base will be set seperatly a few lines below */
+ $base_tmp = $this->base;
+ plugin::multiple_save_object();
+ plugin::save_object();
+ $this->base = $base_tmp;
+
+ foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $attr){
+ if(isset($_POST['use_'.$attr])){
+ $this->multi_boxes[] = $attr;
+ }
+ }
+
+ /* Refresh base */
+ if ($this->acl_is_moveable($this->base)){
+ if (!$this->baseSelector->update()) {
+ msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
+ }
+ if ($this->base != $this->baseSelector->getBase()) {
+ $this->base= $this->baseSelector->getBase();
+ $this->is_modified= TRUE;
+ }
+ }
+
+ foreach (array( "smbgroup" => "sambaGroupType" ,"nagios_group" => "nagios_group") as $val => $aclname) {
+ if ($this->acl_is_writeable($aclname)){
+ if(isset($_POST["$val"])){
+ $this->$val= TRUE;
+ }else{
+ $this->$val= FALSE;
+ }
+ }
+ }
+
+ /* Save sambaDomain attribute */
+ if ($this->acl_is_writeable("sambaDomainName") && isset ($_POST['sambaDomainName'])){
+ $this->sambaDomainName= $_POST['sambaDomainName'];
+ $this->groupType= $_POST['groupType'];
+ }
+
+ /* Trust mode - special handling */
+ if($this->acl_is_writeable("trustModel")){
+ if (isset($_POST['trustmode'])){
+ $saved= $this->trustModel;
+ if ($_POST['trustmode'] == "1"){
+ $this->trustModel= "fullaccess";
+ } elseif ($_POST['trustmode'] == "2"){
+ $this->trustModel= "byhost";
+ } else {
+ $this->trustModel= "";
+ }
+ if ($this->trustModel != $saved){
+ $this->is_modified= TRUE;
+ }
+ }
+ }
+
+ /* Save fon attribute */
+ if ($this->acl_is_writeable("fonGroup")){
+ if (isset ($_POST['fon_group'])){
+ $this->fon_group= TRUE;
+ } else {
+ $this->fon_group= FALSE;
+ }
+ }
+ }
+ }
+
+
+ function get_multi_edit_values()
+ {
+ $ret = plugin::get_multi_edit_values();
+
+ foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){
+ if(in_array($attr,$this->multi_boxes)){
+ $ret[$attr] = $this->$attr;
+ }
+ }
+
+ if(in_array("trustmode",$this->multi_boxes)){
+ $ret['trustModel'] = $this->trustModel;
+ $ret['accessTo'] = $this->accessTo;
+ }
+
+ $ret['memberUid'] = $this->memberUid;
+ $ret['memberUid_used_by_some'] = $this->memberUid_used_by_some;
+ return($ret);
+ }
+
+ function multiple_execute()
+ {
+ return($this->execute());
+ }
+
+
+ /* Initialize plugin with given atribute arrays
+ */
+ function init_multiple_support($attrs,$all)
+ {
+ plugin::init_multiple_support($attrs,$all);
+
+ $this->memberUid = array();
+ $this->memberUid_used_by_some = array();
+ if (isset($attrs['memberUid'])){
+ for ($i= 0; $i<$attrs['memberUid']['count']; $i++){
+ $this->memberUid[$attrs['memberUid'][$i]]= $attrs['memberUid'][$i];
+ }
+ ksort($this->memberUid);
+ }
+
+ if (isset($all['memberUid'])){
+ for ($i= 0; $i<$all['memberUid']['count']; $i++){
+ if(!in_array($all['memberUid'][$i],$this->memberUid)){
+ $this->memberUid_used_by_some[$all['memberUid'][$i]]= $all['memberUid'][$i];
+ }
+ }
+ ksort($this->memberUid_used_by_some);
+ }
+ }
+
+
+ function PrepareForCopyPaste($source)
+ {
+ plugin::PrepareForCopyPaste($source);
+
+ $this->memberUid = array();
+ if(isset($source['memberUid'])){
+ for($i = 0 ; $i < $source['memberUid']['count']; $i ++){
+ $this->memberUid[] = $source['memberUid'][$i];
+ }
+ }
+ $this->accessTo = array();
+ if (isset($source['accessTo'])){
+ for ($i= 0; $i<$source['accessTo']['count']; $i++){
+ $tmp= $source['accessTo'][$i];
+ $this->accessTo[$tmp]= $tmp;
+ }
+ }
+ }
+
+
+ function set_multi_edit_values($attrs)
+ {
+ $users = array();
+
+ /* Update groupMembership, keep optinal group */
+ foreach($attrs['memberUid_used_by_some'] as $uid){
+ if(in_array($uid,$this->memberUid)){
+ $users[$uid] = $uid;
+ }
+ }
+
+ /* Update groupMembership, add forced groups */
+ foreach($attrs['memberUid'] as $uid){
+ $users[$uid] = $uid;
+ }
+ plugin::set_multi_edit_values($attrs);
+ $this->memberUid = $users;
+ }
+}
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
diff --git a/gosa-core/plugins/admin/groups/class_groupGeneric.inc b/gosa-core/plugins/admin/groups/class_groupGeneric.inc
+++ /dev/null
@@ -1,1360 +0,0 @@
-<?php
-/*
- * This code is part of GOsa (http://www.gosa-project.org)
- * Copyright (C) 2003-2008 GONICUS GmbH
- *
- * ID: $$Id$$
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-class group extends plugin
-{
- /* Group attributes */
- var $cn= "";
- var $description= "";
- var $gidNumber= "";
- var $memberUid= array();
- var $memberUid_used_by_some= array();
-
- /* Helpers */
- var $base= "";
- var $force_gid= FALSE;
- var $fon_group= FALSE;
- var $smbgroup= FALSE;
- var $groupType= FALSE;
- var $sambaSID= "";
- var $sambaDomainName= "DEFAULT";
- var $SID= "";
- var $ridBase= 0;
- var $members= array();
- var $users= array();
- var $member= array();
- var $allusers= array();
- var $saved_gidNumber= "";
- var $oldgroupType= "";
- var $orig_dn= "";
- var $orig_cn= "";
- var $orig_base= "";
- var $has_mailAccount= FALSE;
- var $userSelect= FALSE;
- var $nagios_group =FALSE;
- var $sambaGroupType;
- var $dialog;
- var $rfc2307bis= FALSE;
- var $OnlyShowFirstEntries =200;
- var $dnMapping= array();
- var $view_logged = FALSE;
- var $allowGroupsWithSameNameInOtherSubtrees = true;
-
- /* Trustmodel/AccessTo
- */
- var $accessTo= array();
- var $trustModel= "";
- var $trustSelect = FALSE;
-
- /* attribute list for save action */
- var $attributes= array("cn", "description", "gidNumber","memberUid","sambaGroupType","sambaSID","accessTo","trustModel");
- var $objectclasses= array("top", "posixGroup");
-
- var $CopyPasteVars = array("force_gid","fon_group","smbgroup","groupType","sambaSID","sambaDomainName","SID","nagios_group","sambaGroupType");
-
- var $multiple_support = TRUE;
-
- function group (&$config, $dn= NULL)
- {
- /* Set rfc2307bis flag */
- if ($config->get_cfg_value("rfc2307bis") == "true"){
- $this->rfc2307bis= TRUE;
- $this->attributes[]= "member";
- $this->objectclasses[]= "groupOfNames";
- }
-
- plugin::plugin ($config, $dn);
-
- /* Load attributes depending on the samba version */
- $this->orig_dn= $dn;
- $this->orig_cn= $this->cn;
-
- /* Get member list */
- if (isset($this->attrs['memberUid'][0])){
- $tmp= array();
- for ($i= 0; $i<$this->attrs['memberUid']['count']; $i++){
- $tmp[$this->attrs['memberUid'][$i]]= $this->attrs['memberUid'][$i];
- }
- $this->memberUid= $tmp;
- ksort ($this->memberUid);
- }
-
- /* Save gidNumber for later use */
- if (isset($this->attrs['gidNumber'])){
- $this->saved_gidNumber= $this->attrs['gidNumber'][0];
- }
-
- /* Is a samba group? */
- if (isset($this->attrs['objectClass'])){
- if (array_search ('sambaGroupMapping', $this->attrs['objectClass']) == FALSE ){
- $this->smbgroup= FALSE;
- } else {
- $this->smbgroup= TRUE;
- if (isset($this->attrs['sambaSID'])){
- $this->sambaSID= $this->attrs['sambaSID'][0];
- }
- }
- if (array_search ('goFonPickupGroup', $this->attrs['objectClass']) == FALSE ){
- $this->fon_group= FALSE;
- } else {
- $this->fon_group= TRUE;
- }
- if (array_search ('nagiosContactGroup', $this->attrs['objectClass']) == FALSE ){
- $this->nagios_group= FALSE;
- } else {
- $this->nagios_group= TRUE;
- }
- }
-
- /* Set mail flag */
- if (isset($this->attrs['objectClass']) && in_array('gosaMailAccount', $this->attrs['objectClass'])){
- $this->has_mailAccount= TRUE;
- }
-
- /* Get samba Domain in case of samba 3 */
- if ($this->sambaSID != ""){
- $this->SID= preg_replace ("/-[^-]+$/", "", $this->sambaSID);
- $ldap= $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->search ("(&(objectClass=sambaDomain)(sambaSID=$this->SID))",array("sambaAlgorithmicRidBase"));
- if ($ldap->count() != 0){
- $attrs= $ldap->fetch();
- if(isset($attrs['sambaAlgorithmicRidBase'])){
- $this->ridBase= $attrs['sambaAlgorithmicRidBase'][0];
- } else {
- $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
- }
-
- /* Get domain name for SID */
- $this->sambaDomainName= "DEFAULT";
- foreach ($this->config->data['SERVERS']['SAMBA'] as $key => $val){
- if ($val['SID'] == $this->SID){
- $this->sambaDomainName= $key;
- break;
- }
- }
- } else {
- if ($this->config->get_cfg_value("sambaRidBase") != ""){
- $this->sambaDomainName= "DEFAULT";
- $this->ridBase= $this->config->get_cfg_value("sambaRidBase");
- $this->SID= $this->config->get_cfg_value("sid");
- } else {
- msg_dialog::display(_("Configuration error"), _("Cannot find group SID in your configuration!"), ERROR_DIALOG);
- }
- }
-
- /* Get group type */
- $this->groupType= (int)substr(strrchr($this->sambaSID, "-"), 1);
- if ($this->groupType < 500 || $this->groupType > 553){
- $this->groupType= 0;
- }
- $this->oldgroupType= $this->groupType;
- }
-
- /* Get global filter config */
- if (!session::is_set("gufilter")){
- $ui= get_userinfo();
- $base= get_base_from_people($ui->dn);
- $gufilter= array( "dselect" => $base,
- "regex" => "*");
- session::set("gufilter", $gufilter);
- }
- $gufilter= session::get('gufilter');
- $gufilter['SubSearchGroup'] = false;
- session::set('gufilter',$gufilter);
-
- if ($this->dn == "new"){
- if(session::is_set('CurrentMainBase')){
- $this->base = session::get('CurrentMainBase');
- }else{
- $ui= get_userinfo();
- $this->base= dn2base($ui->dn);
- }
- } else {
-
- /* Get object base */
- $this->base =preg_replace ("/^[^,]+,".preg_quote(get_groups_ou(), '/')."/i","",$this->dn);
- }
- $this->orig_base = $this->base;
-
- /* Is this account a trustAccount? */
- if (isset($this->attrs['trustModel'])){
- $this->trustModel= $this->attrs['trustModel'][0];
- $this->was_trust_account= TRUE;
- } else {
- $this->was_trust_account= FALSE;
- $this->trustModel= "";
- }
-
- $this->accessTo = array();
- if (isset($this->attrs['accessTo'])){
- for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
- $tmp= $this->attrs['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
-
- /* Get global filter config */
- if (!session::is_set("sysfilter")){
- $ui= get_userinfo();
- $base= get_base_from_people($ui->dn);
- $sysfilter= array( "depselect" => $base,
- "regex" => "*");
- session::set("sysfilter", $sysfilter);
- }
-
- /* This is always an account */
- $this->is_account= TRUE;
- $this->reload(TRUE);
- }
-
- function execute()
- {
- /* Call parent execute */
- plugin::execute();
-
- /* Log view */
- if($this->is_account && !$this->view_logged){
- $this->view_logged = TRUE;
- new log("view","groups/".get_class($this),$this->dn);
- }
-
- /* Do we represent a valid group? */
- if (!$this->is_account && $this->parent === NULL){
- $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".msgPool::noValidExtension()."</b>";
- return ($display);
- }
-
- /* Delete user from group */
- if (isset($_POST['del_users']) && isset($_POST['members']) && preg_match("/w/",$this->getacl("memberUid"))){
- foreach ($_POST['members'] as $value){
- unset ($this->members["$value"]);
- $this->removeUser($value);
- }
- $this->reload();
- }
-
- /* Add objects? */
- if (isset($_POST["edit_membership"]) && preg_match("/w/",$this->getacl("memberUid"))){
- $this->userSelect= new userSelect($this->config, get_userinfo());
- $this->dialog= TRUE;
- }
-
- /* Add objects finished? */
- if (isset($_POST["add_users_cancel"])){
- $this->userSelect= NULL;
- $this->dialog= FALSE;
- }
-
- /* Add user to group */
- if (isset($_POST['add_users_finish']) && $this->userSelect){
-
- $users = $this->userSelect->detectPostActions();
- if(isset($users['targets'])){
- $headpage = $this->userSelect->getHeadpage();
- foreach($users['targets'] as $dn){
- $attrs = $headpage->getEntry($dn);
- $value = $attrs['uid'][0];
- $this->addUser($value);
- $this->members["$value"]= $this->allusers[$value];
- $this->reload();
- }
- }
- $this->userSelect= NULL;
- $this->dialog= FALSE;
- }
-
- /* Base select dialog */
- $once = true;
- foreach($_POST as $name => $value){
- if((preg_match("/^chooseBase/",$name) && $once) && $this->acl_is_writeable("base")){
-
- $once = false;
- $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
- $this->dialog->setCurrentBase($this->base);
- }
- }
-
- /* Dialog handling */
- if(is_object($this->dialog)){
- /* Must be called before save_object */
- $this->dialog->save_object();
-
- if($this->dialog->isClosed()){
- $this->dialog = false;
- }elseif($this->dialog->isSelected()){
-
- /* Check if selected base is valid */
- $tmp = $this->get_allowed_bases();
- if(isset($tmp[$this->dialog->isSelected()])){
- $this->base = $this->dialog->isSelected();
- }
- $this->dialog= false;
- }else{
- return($this->dialog->execute());
- }
- }
-
-
- /* Add user workstation? */
- if (isset($_POST["add_ws"])){
- $this->trustSelect= new trustSelect($this->config,get_userinfo());
- $this->dialog= TRUE;
- }
-
- // Add selected machines to trusted ones.
- if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
- $trusts = $this->trustSelect->detectPostActions();
- if(isset($trusts['targets'])){
-
- $headpage = $this->trustSelect->getHeadpage();
- foreach($trusts['targets'] as $id){
- $attrs = $headpage->getEntry($id);
- $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
- }
- ksort($this->accessTo);
- $this->is_modified= TRUE;
- }
- $this->trustSelect= NULL;
- $this->dialog= FALSE;
- }
-
-
- /* Add user workstation? */
- if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
- foreach($_POST['wslist'] as $ws){
- $this->accessTo[$ws]= $ws;
- }
- ksort($this->accessTo);
- $this->is_modified= TRUE;
- }
-
- /* Remove user workstations? */
- if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
- foreach($_POST['workstation_list'] as $name){
- unset ($this->accessTo[$name]);
- }
- $this->is_modified= TRUE;
- }
-
- /* Add user workstation finished? */
- if (isset($_POST["add_ws_cancel"])){
- $this->trustSelect= NULL;
- $this->dialog= FALSE;
- }
-
-
- /* Show ws dialog */
- if ($this->trustSelect){
-
- // Build up blocklist
- session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
- return($this->trustSelect->execute());
- }
-
- $smarty= get_smarty();
- if($this->config->search("nagiosaccount", "CLASS",array('menu'))){
- $smarty->assign("nagios",true);
- }else{
- $smarty->assign("nagios",false);
- }
-
- if($this->config->search("phoneAccount", "CLASS",array('menu'))){
- $smarty->assign("pickupGroup",true);
- }else{
- $smarty->assign("pickupGroup",false);
- }
-
- /* Manage object add dialog */
- if ($this->userSelect){
- return($this->userSelect->execute());
- }
-
- $smarty->assign("bases", $this->get_allowed_bases());
- $smarty->assign("base_select", $this->base);
-
- $domains= array();
- foreach($this->config->data['SERVERS']['SAMBA'] as $name => $content){
- $domains[$name]= $name;
- }
- $smarty->assign("sambaDomains", $domains);
- $smarty->assign("sambaDomainName", $this->sambaDomainName);
- $groupTypes= array(0 => _("Samba group"), 512 => _("Domain admins"), 513 => _("Domain users"),
- 514 => _("Domain guests"));
-
- /* Don't loose special groups! If not key'ed above, add it to
- the combo box... */
- if ($this->groupType >= 500 && $this->groupType <= 553 && !isset($groupTypes[$this->groupType])){
- $groupTypes[$this->groupType]= sprintf(_("Special group (%d)"), $this->groupType);
- }
-
- $smarty->assign("groupTypes", $groupTypes);
- $smarty->assign("groupType", $this->groupType);
-
-
- /* Members and users */
- $smarty->assign("members", $this->members);
-
- /* Work on trust modes */
- $smarty->assign("trusthide", " disabled ");
- $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
- if ($this->trustModel == "fullaccess"){
- $trustmode= 1;
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel"));
-
- } elseif ($this->trustModel == "byhost"){
- $trustmode= 2;
- $smarty->assign("trusthide", "");
- } else {
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel"));
- $trustmode= 0;
- }
- $smarty->assign("trustmode", $trustmode);
- $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
- 2 => _("allow access to these hosts")));
-
- if((count($this->accessTo))==0){
- $smarty->assign("emptyArrAccess",true);
- } else{
- $smarty->assign("emptyArrAccess",false);
-
- }
-
- $smarty->assign("workstations", $this->accessTo);
-
-
-
- /* Checkboxes */
- foreach (array("force_gid", "smbgroup") as $val){
- if ($this->$val == "1"){
- $smarty->assign("$val", "checked");
- } else {
- $smarty->assign("$val", "");
- }
- }
- if ($this->force_gid != "1"){
- $smarty->assign("forceMode", "disabled");
- }else{
- $smarty->assign("forceMode", "");
- }
- if ($this->fon_group){
- $smarty->assign("fon_group", "checked");
- } else {
- $smarty->assign("fon_group", "");
- }
-
- if ($this->nagios_group){
- $smarty->assign("nagios_group", "checked");
- } else {
- $smarty->assign("nagios_group", "");
- }
-
- /* Fields */
- foreach (array("cn", "description", "gidNumber") as $val){
- $smarty->assign("$val", $this->$val);
- }
-
- $tmp = $this->plInfo();
- foreach($tmp['plProvidedAcls'] as $name => $translation){
- $smarty->assign($name."ACL",$this->getacl($name));
- }
-
- if($this->acl_is_writeable("base")){
- $smarty->assign("baseSelect",true);
- }else{
- $smarty->assign("baseSelect",false);
- }
-
- /* Show main page */
- $smarty->assign("alphabet", generate_alphabet(10));
- $smarty->assign("search_image", get_template_path('images/lists/search.png'));
- $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
- $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
- $smarty->assign("deplist", $this->config->idepartments);
-
- /* Multiple edit handling */
- $smarty->assign("multiple_support",$this->multiple_support_active);
-
- $smarty->assign("memberUid_All",$this->memberUid);
- $smarty->assign("memberUid_Some",$this->memberUid_used_by_some);
-
- foreach($this->attributes as $val){
- if(in_array($val,$this->multi_boxes)){
- $smarty->assign("use_".$val,TRUE);
- }else{
- $smarty->assign("use_".$val,FALSE);
- }
- }
- foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $val){
- if(in_array($val,$this->multi_boxes)){
- $smarty->assign("use_".$val,TRUE);
- }else{
- $smarty->assign("use_".$val,FALSE);
- }
- }
-
- return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
- }
-
- function addUser($uid)
- {
- /* In mutliple edit we have to handle two arrays.
- * memberUid : Containing users used in all groups
- * memberUid_used_by_some : Those which are not used in all groups
- * So we have to remove the given $uid from the ..used_by_some array first.
- */
- if($this->multiple_support_active){
- if(isset($this->memberUid_used_by_some[$uid])){
- unset($this->memberUid_used_by_some[$uid]);
- }
- }
-
- /* Ensure that the requested object is known to the group class
- */
- if(!isset($this->dnMapping[$uid])){
- $ldap = $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=gosaAccount)(uid=".$uid."))",array("dn", "uid","sn","givenName"));
- if($ldap->count() == 0 ){
- msg_dialog::display(_("Error"),
- sprintf(_("Adding UID '%s' to group '%s' failed: cannot find user object!"),
- $uid,$this->cn),
- ERROR_DIALOG);
- return;
- }elseif($ldap->count() >= 2){
- msg_dialog::display(_("Error"),
- sprintf(_("Add UID '%s' to group '%s' failed: UID is used more than once!"),
- $uid,$this->cn),
- ERROR_DIALOG);
- return;
- }else{
- while($attrs = $ldap->fetch()){
- $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
- $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
- $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
- }
- }
- }
-
- $this->memberUid[$uid]= $uid;
- }
-
-
- function removeUser($uid)
- {
- $temp= array();
- if(isset($this->memberUid[$uid])){
- unset($this->memberUid[$uid]);
- }
-
- /* We have two array contianing group members in multiple edit.
- * this->memberUid : Groups used by all currently edited groups
- * this->memberUid_used_by_some: Used by some
- * So we have to remove the specified uid from both arrays.
- */
- if($this->multiple_support_active){
- if(isset($this->memberUid_used_by_some[$uid])){
- unset($this->memberUid_used_by_some[$uid]);
- }
- }
- }
-
- /* Reload data */
- function reload($silent = FALSE)
- {
- /* Fix regex string */
- $gufilter = session::get("gufilter");
- $regex = normalizeLdap($gufilter['regex']);
- $MaxUser = $this->OnlyShowFirstEntries;
-
- /* Prepare ldap link */
- $ldap= $this->config->get_ldap_link();
- $ldap->cd($gufilter['dselect']);
-
-
- /* Resolve still unresolved memberuids to fill the list with sn/giveName attributes
- (Store gathered sn/givenName informations in $this->allusers too,
- to be prepared when adding/deleting users)
- */
- $filter = "";
- if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
- count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
- foreach ($this->memberUid as $value){
- if(!isset($this->members[$value])){
- $filter .= "(uid=".normalizeLdap($value).")";
- }
- }
- }
-
- if(!empty($filter)){
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=gosaAccount)(|".$filter."))",array("dn", "uid","sn","givenName"));
- while($attrs = $ldap->fetch()){
- $this->dnMapping[$attrs['uid'][0]] = $attrs['dn'];
- $this->members[$attrs['uid'][0]] = $this->createResultName($attrs);
- $this->allusers[$attrs['uid'][0]]= $this->createResultName($attrs);
- }
- }
-
- /* check if all uids are resolved */
- if ($this->config->get_cfg_value("ldapFilterNestingLimit") == "" ||
- count($this->memberUid) < $this->config->get_cfg_value("ldapFilterNestingLimit")){
- foreach ($this->memberUid as $value){
- if(!isset($this->members[$value])){
- $this->members[$value] = _("! unknown UID")." [".$value."]";
- }
- }
- }else{
- foreach ($this->memberUid as $value){
- $this->members[$value] = $value;
- }
- }
-
- /* Create display list of users matching regex & filter
- */
- $this->displayUsers = array();
- $filter = "(&(objectClass=gosaAccount)(!(objectClass=gosaUserTemplate))(!(uid=*$))(|(uid=".$regex.")(sn=".$regex.")(givenName=".$regex.")))";
-
- /* Search in current tree or within subtrees depending on the checkbox from filter section */
- if($gufilter['SubSearchGroup']){
- $flag = GL_SIZELIMIT | GL_SUBSEARCH;
- $base = $gufilter['dselect'];
- }else{
- $flag = GL_SIZELIMIT ;
- $base = get_people_ou().$gufilter['dselect'];
- }
- $i = 0;
-
-
- $res = get_list($filter,"users",$base,array("dn", "uid", "sn", "givenName"),$flag);
-
- /* Fetch all users and skip already used users */
- foreach($res as $attrs){
- if(in_array($attrs['uid'][0], $this->memberUid)) {
- continue;
- }
- $i ++;
- if($i > $MaxUser) {
- break;
- }
- $this->dnMapping[$attrs['uid'][0]]= $attrs["dn"];
- $this->allusers[$attrs['uid'][0]] = $this->createResultName($attrs);
- $this->displayUsers[$attrs['uid'][0]] = $this->createResultName($attrs);
- }
-
- /* If more than max users are found, display a message to warn the user */
- if($i == $MaxUser && !$silent){
- msg_dialog::display(_("Configuration error"), sprintf(_("Search returned too many results. Not displaying more than %s entries!"), $MaxUser), ERROR_DIALOG);
- }
-
- /* Sort lists */
- natcasesort($this->members);
- reset($this->members);
- natcasesort ($this->displayUsers);
- reset ($this->displayUsers);
- }
-
-
- /* Create display name, this was used so often that it is excluded into a seperate function */
- function createResultName($attrs)
- {
- if (isset($attrs["givenName"][0]) && isset($attrs["sn"][0])){
- $ret = $attrs["sn"][0].", ".$attrs["givenName"][0]." [".$attrs["uid"][0]."]";
- } else {
- $ret= $attrs['uid'][0];
- }
- return($ret);
- }
-
-
- function remove_from_parent()
- {
- plugin::remove_from_parent();
-
- $ldap= $this->config->get_ldap_link();
- $ldap->rmdir($this->dn);
- if (!$ldap->success()){
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_DEL, get_class()));
- }
-
- new log("remove","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
-
- /* Delete references to object groups */
- $ldap->cd ($this->config->current['BASE']);
- $ldap->search ("(&(objectClass=gosaGroupOfNames)(member=".LDAP::prepare4filter($this->dn)."))", array("cn"));
- while ($ldap->fetch()){
- $og= new ogroup($this->config, $ldap->getDN());
- unset($og->member[$this->dn]);
- $og->save ();
- }
-
- /* Remove ACL dependencies too,
- */
- $ldap = $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($this->dn)."*))",array("gosaAclEntry","dn"));
- while($attrs = $ldap->fetch()){
- $acl = new acl($this->config,$this->parent,$attrs['dn']);
- foreach($acl->gosaAclEntry as $id => $entry){
- foreach($entry['members'] as $m_id => $member){
- if($m_id == "G:".$this->dn || $m_id == "U:".$this->dn){
- unset($acl->gosaAclEntry[$id]['members'][$m_id]);
- gosa_log("modify","groups/acl",$attrs['dn'],array(),sprintf("Removed acl for %s on object %s.",$this->dn,$attrs['dn']));
- }
- }
- }
- $acl->save();
- }
-
- /* Remove ACL dependencies, too */
- acl::remove_acl_for($this->dn);
-
- /* Send signal to the world that we've done */
- $this->handle_post_events("remove");
- }
-
-
- /* Save data to object */
- function save_object()
- {
- /* Save additional values for possible next step */
- if (isset($_POST['groupedit'])){
-
- /* Create a base backup and reset the
- base directly after calling plugin::save_object();
- Base will be set seperatly a few lines below */
- $base_tmp = $this->base;
- plugin::save_object();
- $this->base = $base_tmp;
-
- $this->force_gid= 0;
-
- /* Only reset sambagroup flag if we are able to write this flag */
- if($this->acl_is_writeable("sambaGroupType")){
- $this->smbgroup = 0;
- }
-
- /* Get base selection */
- if(isset($_POST['base'])){
- $tmp = $this->get_allowed_bases();
- if(isset($tmp[$_POST['base']])){
- $this->base = $_POST['base'];
- }
- }
-
- foreach (array(
- "force_gid" => "gidNumber",
- "smbgroup" => "sambaGroupType") as $val => $aclname) {
- if ($this->acl_is_writeable($aclname) && isset($_POST["$val"])){
- $this->$val= $_POST["$val"];
- }
- }
-
- /* Save sambaDomain attribute */
- if ($this->acl_is_writeable("sambaDomainName") && isset ($_POST['sambaDomainName'])){
- $this->sambaDomainName= $_POST['sambaDomainName'];
- $this->groupType= $_POST['groupType'];
- }
-
- /* Save fon attribute */
- if ($this->acl_is_writeable("fonGroup")){
- if (isset ($_POST['fon_group'])){
- $this->fon_group= TRUE;
- } else {
- $this->fon_group= FALSE;
- }
- }
- if ($this->acl_is_writeable("nagiosGroup")){
- if (isset ($_POST['nagios_group'])){
- $this->nagios_group= TRUE;
- } else {
- $this->nagios_group= FALSE;
- }
- }
- }
-
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
-
- }
-
-
- /* Save to LDAP */
- function save()
- {
-
- /* ID handling */
- if ($this->force_gid == 0){
- if ($this->saved_gidNumber != ""){
- $this->gidNumber= $this->saved_gidNumber;
- } else {
- /* Calculate new, lock uids */
- $wait= 10;
- while (get_lock("gidnumber") != ""){
- sleep (1);
-
- /* timed out? */
- if ($wait-- == 0){
- break;
- }
- }
- add_lock ("gidnumber", "gosa");
- $this->gidNumber= get_next_id("gidNumber", $this->dn);
- }
- }
-
- plugin::save();
-
- /* Trust accounts */
- $objectclasses= array();
- foreach ($this->attrs['objectClass'] as $key => $class){
- if (preg_match('/trustAccount/i', $class)){
- continue;
- }
- $objectclasses[]= $this->attrs['objectClass'][$key];
- }
- $this->attrs['objectClass']= $objectclasses;
- if ($this->trustModel != ""){
- $this->attrs['objectClass'][]= "trustAccount";
- $this->attrs['trustModel']= $this->trustModel;
- $this->attrs['accessTo']= array();
- if ($this->trustModel == "byhost"){
- foreach ($this->accessTo as $host){
- $this->attrs['accessTo'][]= $host;
- }
- }
- } else {
- if ($this->was_trust_account){
- $this->attrs['accessTo']= array();
- $this->attrs['trustModel']= array();
- }
- }
-
-
-
- /* Remove objectClass for samba/phone support */
- $tmp= array();
- for ($i= 0; $i<count($this->attrs["objectClass"]); $i++){
- if ($this->attrs['objectClass'][$i] != 'sambaGroupMapping' &&
- $this->attrs['objectClass'][$i] != 'sambaIdmapEntry' &&
- $this->attrs['objectClass'][$i] != 'goFonPickupGroup' &&
- $this->attrs['objectClass'][$i] != 'nagiosContactGroup'){
- $tmp[]= $this->attrs['objectClass'][$i];
- }
- }
- $this->attrs['objectClass']= $tmp;
- $ldap= $this->config->get_ldap_link();
-
- /* Add samba group functionality */
- if ($this->smbgroup){
-
- /* Fixed undefined index ...
- */
- $this->SID = $this->ridBase = "";
- if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'])){
- $this->SID = $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['SID'];
- }else{
- msg_dialog::display(_("Error"), sprintf(_("Cannot find any SID for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
- }
- if(isset($this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'])){
- $this->ridBase= $this->config->data['SERVERS']['SAMBA'][$this->sambaDomainName]['RIDBASE'];
- }else{
- msg_dialog::display(_("Error"), sprintf(_("Cannot find any RIDBASE for '%s'!"), $this->sambaDomainName), ERROR_DIALOG);
- }
-
- $this->attrs['objectClass'][]= 'sambaGroupMapping';
- $this->attrs['sambaGroupType']= "2";
-
- /* Check if we need to create a special entry */
- if ($this->groupType == 0){
-
- if ($this->sambaSID == "" || $this->oldgroupType != $this->groupType){
- $gidNumber= $this->gidNumber;
- while(TRUE){
- $sid= $this->SID."-".($gidNumber*2 + $this->ridBase+1);
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(sambaSID=$sid)",array("sambaSID"));
- if ($ldap->count() == 0){
- break;
- }
- $gidNumber++;
- }
- $this->attrs['sambaSID']= $sid;
- $this->sambaSID= $sid;
- }
-
- } else {
- $this->attrs['sambaSID']=$this->SID."-".$this->groupType;
- }
-
- /* User wants me to fake the idMappings? This is useful for
- making winbind resolve the group names in a reasonable amount
- of time in combination with larger databases. */
- if ($this->config->get_cfg_value("sambaidmapping") == "true"){
- $this->attrs['objectClass'][]= "sambaIdmapEntry";
- }
-
- }
-
- /* Add phone functionality */
- if ($this->fon_group){
- $this->attrs['objectClass'][]= "goFonPickupGroup";
- }
-
- /* Add nagios functionality */
- if ($this->nagios_group){
- $this->attrs['objectClass'][]= "nagiosContactGroup";
- }
-
- /* Take members array */
- if (count ($this->memberUid)){
- $this->attrs['memberUid']= array_values(array_unique($this->memberUid));
- }
-
- /* New accounts need proper 'dn', propagate it to remaining objects */
- if ($this->dn == 'new'){
- $this->dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
- }
-
- /* Add member dn's for RFC2307bis Support */
- if ($this->rfc2307bis){
- $this->attrs['member'] = array();
- if (count($this->memberUid)){
- foreach($this->attrs['memberUid'] as $uid) {
-
- if(isset($this->dnMapping[$uid])){
- $this->attrs['member'][]= $this->dnMapping[$uid];
- }
- }
- } else {
- $this->attrs['member'][]= $this->dn;
- }
- }
-
- /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
- new entries. So do a check first... */
- $ldap->cat ($this->dn, array('dn'));
- if ($ldap->fetch()){
- /* Modify needs array() to remove values :-( */
- if (!count ($this->memberUid)){
- $this->attrs['memberUid']= array();
- }
- if (!$this->smbgroup){
- $this->attrs['sambaGroupType']= array();
- $this->attrs['sambaSID']= array();
- }
-
- $mode= "modify";
- } else {
- $mode= "add";
- $ldap->cd($this->config->current['BASE']);
- $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
- }
-
-
- /* Check generated gidNumber, it may be used by another group.
- */
- if($this->gidNumber != ""){
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(!(cn=".$this->orig_cn."))(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))",array("cn"));
- if($ldap->count()){
- $cns = "";
- while($attrs = $ldap->fetch()){
- $cns .= $attrs['cn'][0].", ";
- }
- $cns = rtrim($cns,", ");
- msg_dialog::display(_("Warning"),sprintf(_("The gidNumber '%s' is already in use by %s!"),$this->gidNumber,$cns) , WARNING_DIALOG );
- }
- }
-
- /* Write back to ldap */
- $ldap->cd($this->dn);
- $this->cleanup();
- $ldap->$mode($this->attrs);
-
- /* Remove ACL dependencies too,
- */
- if($this->dn != $this->orig_dn && $this->orig_dn != "new"){
- $tmp = new acl($this->config,$this->parent,$this->dn);
- $tmp->update_acl_membership($this->orig_dn,$this->dn);
- }
-
- if($this->initially_was_account){
- new log("modify","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
- }else{
- new log("create","groups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
- }
-
- $ret= 0;
- if (!$ldap->success()){
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
- $ret= 1;
- }
-
- /* Remove uid lock */
- del_lock ("gidnumber");
-
- /* Post that we've done*/
- $this->handle_post_events($mode);
-
- return ($ret);
- }
-
- function check()
- {
- /* Call common method to give check the hook */
- $message= plugin::check();
-
- /* Permissions for that base? */
- if ($this->base != ""){
- $new_dn= 'cn='.$this->cn.','.get_groups_ou().$this->base;
- } else {
- $new_dn= $this->dn;
- }
-
- /* must: cn */
- if ($this->cn == "" && $this->acl_is_writeable("cn")){
- $message[]= msgPool::required(_("Name"));
- }
-
- /* Check for valid input */
- if (!tests::is_uid($this->cn)){
- if (strict_uid_mode()){
- $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/");
- } else {
- $message[]= msgPool::invalid(_("Name"), $this->cn, "/[a-z0-9_-]/i");
- }
- }
-
- if($this->allowGroupsWithSameNameInOtherSubtrees == true){
-
- /* Check for used 'cn' */
- $ldap= $this->config->get_ldap_link();
- if(($this->cn != $this->orig_cn) || ($this->orig_dn == "new")){
- $ldap->cd(get_groups_ou().$this->base);
- $ldap->ls("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",get_groups_ou().$this->base,array("cn"));
- if ($ldap->count() != 0){
- $message[]= msgPool::duplicated(_("Name"));
- }
- }
-
- }else{
-
- /* Check for used 'cn' */
- $ldap= $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(|(objectClass=gosaGroupOfNames)(objectClass=posixGroup))(cn=$this->cn))",array("cn"));
- if ($ldap->count() != 0){
-
- /* New entry? */
- if ($this->dn == 'new'){
- $message[]= msgPool::duplicated(_("Name"));
- }
-
- /* Moved? */
- elseif ($new_dn != $this->orig_dn){
- $ldap->fetch();
- if ($ldap->getDN() != $this->orig_dn){
- $message[]= msgPool::duplicated(_("Name"));
- }
- }
- }
- }
-
- /* Check ID */
- if ($this->force_gid == "1"){
- if (!tests::is_id($this->gidNumber)){
- $message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
- } else {
- if ($this->gidNumber < $this->config->get_cfg_value("minId")){
- $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("minId"));
- }
-
- }
- }
-
- /* Check if we are allowed to create or move this object
- */
- if(!$this->orig_dn == "new" ||
- $this->orig_base != $this->base ||
- $this->cn != $this->orig_cn){
-
- if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
- $message[] = msgPool::permCreate();
- }elseif($this->orig_dn != "new" && !$this->acl_is_moveable($this->base)){
- $message[] = msgPool::permMove();
- }
- }
-
- return ($message);
- }
-
-
- function getCopyDialog()
- {
- $vars = array("cn");
-
- if($this ->force_gid){
- $used = " checked ";
- $dis = "";
- }else{
- $used = "";
- $dis = " disabled ";
- }
-
- $smarty = get_smarty();
- $smarty->assign("used",$used);
- $smarty->assign("dis" ,$dis);
- $smarty->assign("cn" ,$this->cn);
- $smarty->assign("gidNumber",$this->gidNumber);
- $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE));
- $ret = array();
- $ret['string'] = $str;
- $ret['status'] = "";
- return($ret);
- }
-
- function saveCopyDialog()
- {
- if(isset($_POST['cn'])){
- $this->cn = $_POST['cn'];
- }
- if(isset($_POST['force_gid'])){
- $this->force_gid = 1;
- $this->gidNumber= $_POST['gidNumber'];
- }else{
- $this->force_gid = 0;
- $this->gidNumber = false;
- }
- }
-
-
- /* Return plugin informations for acl handling */
- static function plInfo()
- {
- return (array(
- "plShortName" => _("Generic"),
- "plDescription" => _("Generic group settings"),
- "plSelfModify" => FALSE,
- "plDepends" => array(),
- "plPriority" => 0,
- "plSection" => array("administration"),
- "plCategory" => array("groups" => array("objectClass" => "posixGroup", "description" => _("Groups"))),
-
- "plProvidedAcls" => array(
- "cn" => _("Name"),
- "description" => _("Description"),
- "base" => _("Base"),
-
- "gidNumber" => _("GID"),
-
- "sambaGroupType" => _("Samba group type"),
- "sambaDomainName" => _("Samba domain name"),
- "trustModel" => _("System trust"),
- "fonGroup" => _("Phone pickup group"),
- "nagiosGroup" => _("Nagios group"),
-
- "memberUid" => _("Group member"))
- ));
- }
-
-
- function multiple_save_object()
- {
- if(isset($_POST['group_mulitple_edit'])){
-
- /* Create a base backup and reset the
- base directly after calling plugin::save_object();
- Base will be set seperatly a few lines below */
- $base_tmp = $this->base;
- plugin::multiple_save_object();
- plugin::save_object();
- $this->base = $base_tmp;
-
- foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group","trustmode") as $attr){
- if(isset($_POST['use_'.$attr])){
- $this->multi_boxes[] = $attr;
- }
- }
-
- /* Get base selection */
- if(isset($_POST['base'])){
- $tmp = $this->get_allowed_bases();
- if(isset($tmp[$_POST['base']])){
- $this->base = $_POST['base'];
- }
- }
-
- foreach (array( "smbgroup" => "sambaGroupType" ,"nagios_group" => "nagios_group") as $val => $aclname) {
- if ($this->acl_is_writeable($aclname)){
- if(isset($_POST["$val"])){
- $this->$val= TRUE;
- }else{
- $this->$val= FALSE;
- }
- }
- }
-
- /* Save sambaDomain attribute */
- if ($this->acl_is_writeable("sambaDomainName") && isset ($_POST['sambaDomainName'])){
- $this->sambaDomainName= $_POST['sambaDomainName'];
- $this->groupType= $_POST['groupType'];
- }
-
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
-
- /* Save fon attribute */
- if ($this->acl_is_writeable("fonGroup")){
- if (isset ($_POST['fon_group'])){
- $this->fon_group= TRUE;
- } else {
- $this->fon_group= FALSE;
- }
- }
- }
- }
-
-
- function get_multi_edit_values()
- {
- $ret = plugin::get_multi_edit_values();
-
- foreach(array("base","smbgroup","groupType","sambaDomainName","fon_group","nagios_group") as $attr){
- if(in_array($attr,$this->multi_boxes)){
- $ret[$attr] = $this->$attr;
- }
- }
-
- if(in_array("trustmode",$this->multi_boxes)){
- $ret['trustModel'] = $this->trustModel;
- $ret['accessTo'] = $this->accessTo;
- }
-
- $ret['memberUid'] = $this->memberUid;
- $ret['memberUid_used_by_some'] = $this->memberUid_used_by_some;
- return($ret);
- }
-
- function multiple_execute()
- {
- return($this->execute());
- }
-
-
- /* Initialize plugin with given atribute arrays
- */
- function init_multiple_support($attrs,$all)
- {
- plugin::init_multiple_support($attrs,$all);
-
- $this->memberUid = array();
- $this->memberUid_used_by_some = array();
- if (isset($attrs['memberUid'])){
- for ($i= 0; $i<$attrs['memberUid']['count']; $i++){
- $this->memberUid[$attrs['memberUid'][$i]]= $attrs['memberUid'][$i];
- }
- ksort($this->memberUid);
- }
-
- if (isset($all['memberUid'])){
- for ($i= 0; $i<$all['memberUid']['count']; $i++){
- if(!in_array($all['memberUid'][$i],$this->memberUid)){
- $this->memberUid_used_by_some[$all['memberUid'][$i]]= $all['memberUid'][$i];
- }
- }
- ksort($this->memberUid_used_by_some);
- }
- }
-
-
- function PrepareForCopyPaste($source)
- {
- plugin::PrepareForCopyPaste($source);
-
- $this->memberUid = array();
- if(isset($source['memberUid'])){
- for($i = 0 ; $i < $source['memberUid']['count']; $i ++){
- $this->memberUid[] = $source['memberUid'][$i];
- }
- }
- $this->accessTo = array();
- if (isset($source['accessTo'])){
- for ($i= 0; $i<$source['accessTo']['count']; $i++){
- $tmp= $source['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
- }
-
-
- function set_multi_edit_values($attrs)
- {
- $users = array();
-
- /* Update groupMembership, keep optinal group */
- foreach($attrs['memberUid_used_by_some'] as $uid){
- if(in_array($uid,$this->memberUid)){
- $users[$uid] = $uid;
- }
- }
-
- /* Update groupMembership, add forced groups */
- foreach($attrs['memberUid'] as $uid){
- $users[$uid] = $uid;
- }
- plugin::set_multi_edit_values($attrs);
- $this->memberUid = $users;
- }
-}
-// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
-?>
diff --git a/gosa-core/plugins/admin/groups/generic.tpl b/gosa-core/plugins/admin/groups/generic.tpl
index bda8985edae4e9b516209c036565775f79a7cbc6..544e8d3810e1b937e9c19e2b9059ceadf9a1c16e 100644 (file)
</td>
<td>
{render acl=$baseACL checkbox=$multiple_support checked=$use_base}
- <select id="base" size="1" name="base" title="{t}Choose subtree to place group in{/t}">
- {html_options options=$bases selected=$base_select}
- </select>
-{/render}
-
-{render acl=$baseACL disable_picture='images/lists/folder_grey.png'}
- <input type="image" name="chooseBase" src="images/lists/folder.png" class="center" title="{t}Select a base{/t}">
+ {$base}
{/render}
</td>
</tr>
diff --git a/gosa-core/plugins/admin/ogroups/class_ogroup.inc b/gosa-core/plugins/admin/ogroups/class_ogroup.inc
index bbee66f04c22dcc7bd7692fb7cf4d688a56f0084..d6ff10d0af586821f125dc3fc8b2b1d9a0cfaa47 100644 (file)
var $trustSelect = FALSE;
var $was_trust_account= FALSE;
+ var $baseSelector;
/* Already assigned Workstations. Will be hidden in selection.
*/
session::set("sysfilter", $sysfilter);
}
+ /* Instanciate base selector */
+ $this->baseSelector= new baseSelector($this->get_allowed_bases(), $this->base);
+ $this->baseSelector->setSubmitButton(false);
+ $this->baseSelector->setHeight(300);
+ $this->baseSelector->update(true);
+
$this->reload();
}
/* Load templating engine */
$smarty= get_smarty();
+ $smarty->assign("usePrototype", "true");
$tmp = $this->plInfo();
foreach($tmp['plProvidedAcls'] as $name => $translation){
}
/* Assign variables */
- $smarty->assign("bases", $this->get_allowed_bases());
- $smarty->assign("base_select", $this->base);
+ $smarty->assign("base", $this->baseSelector->render());
$smarty->assign("department", $this->department);
$smarty->assign("members", $this->convert_list($this->memberList));
/* Save data to object */
function save_object()
{
+ /* Refresh base */
+ if ($this->acl_is_moveable($this->base)){
+ if (!$this->baseSelector->update()) {
+ msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
+ }
+ if ($this->base != $this->baseSelector->getBase()) {
+ $this->base= $this->baseSelector->getBase();
+ $this->is_modified= TRUE;
+ }
+ }
+
/* Save additional values for possible next step */
if (isset($_POST['ogroupedit'])){
Ende Trust account
******/
- /* Create a base backup and reset the
- base directly after calling plugin::save_object();
- Base will be set seperatly a few lines below */
- $base_tmp = $this->base;
plugin::save_object();
- $this->base = $base_tmp;
-
- /* Save base, since this is no LDAP attribute */
- $tmp = $this->get_allowed_bases();
- if(isset($_POST['base'])){
- if(isset($tmp[$_POST['base']])){
- $this->base= $_POST['base'];
- }
- }
}
}
diff --git a/gosa-core/plugins/admin/ogroups/generic.tpl b/gosa-core/plugins/admin/ogroups/generic.tpl
index 1836e9d3adc3e0c347ac97aacb7efd119795fd0a..199fd195b7317e4fac3de857ce563f70285f9cdf 100644 (file)
<td><LABEL for="base">{t}Base{/t}</LABEL>{$must}</td>
<td>
{render acl=$baseACL}
- <select size="1" id="base" name="base" title="{t}Choose subtree to place group in{/t}">
- {html_options options=$bases selected=$base_select}
- </select>
-{/render}
-{render acl=$baseACL disable_picture='images/lists/folder_grey.png'}
- <input type="image" name="chooseBase" src="images/lists/folder.png" class="center" title="{t}Select a base{/t}">
+ {$base}
{/render}
</td>
</tr>
diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc
index 94f23a194be1ed74f4a782732e89dee53b915ec5..7c3d548460670122cbe5d85c1fac5b4f3ca380f6 100644 (file)
var $use_dob= "0";
var $gender="0";
var $preferredLanguage="0";
+ var $baseSelector;
var $jpegPhoto= "*removed*";
var $photoData= "";
$this->gosaLoginRestrictionWidget->setHeight("70px");
$this->orig_base = $this->base;
+ $this->baseSelector= new baseSelector($this->allowedBasesToMoveTo(), $this->base);
+ $this->baseSelector->setSubmitButton(false);
+ $this->baseSelector->setHeight(300);
+ $this->baseSelector->update(true);
}
$smarty->assign("pwmode_select", $this->pw_storage);
$smarty->assign("pw_configurable", $is_configurable);
$smarty->assign("passwordStorageACL", $this->getacl("userPassword",(!is_object($this->parent) && !session::is_set('edit'))));
- $smarty->assign("base_select", $this->base);
if(!session::is_set('edit')){
$smarty->assign("CertificatesACL","");
$smarty->assign("userPicture_is_readable", $this->acl_is_readable("userPicture",(!is_object($this->parent) && !session::is_set('edit'))));
/* Create base acls */
- $tmp = @$this->allowedBasesToMoveTo();
- $smarty->assign("bases", $tmp);
+ $smarty->assign("base", $this->baseSelector->render());
/* Save government mode attributes */
if($this->governmentmode){
/* Save data to object */
function save_object()
{
+ /* Refresh base */
+ if ($this->acl_is_moveable($this->base)){
+ if (!$this->baseSelector->update()) {
+ msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
+ }
+ if ($this->base != $this->baseSelector->getBase()) {
+ $this->base= $this->baseSelector->getBase();
+ $this->is_modified= TRUE;
+ }
+ }
+
if(isset($_POST['generic']) || isset($_POST['multiple_user_posted'])){
/* Make a backup of the current selected base */
$this->givenName= $this->sn;
}
- /* Save base - its no no LDAP attribute */
- if (isset($_POST['base'])){
- $base= get_post('base');
- if ($base != $this->base){
- $tmp = $this->get_allowed_bases();
- if(isset($tmp[$base])){
- if ($base != $this->base){
- $this->is_modified= TRUE;
- }
- $this->base= $base;
- }else{
- $this->base = $base_tmp;
- msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
- }
- }
- }
-
/* Get pw_storage mode */
if (isset($_POST['pw_storage'])){
foreach(array("pw_storage") as $val){
}
}
}
- if(isset($_POST['base'])){
- $this->base = get_post('base');
+
+ /* Refresh base */
+ if ($this->acl_is_moveable($this->base)){
+ if (!$this->baseSelector->update()) {
+ msg_dialog::display(_("Error"), msgPool::permMove(), ERROR_DIALOG);
+ }
+ if ($this->base != $this->baseSelector->getBase()) {
+ $this->base= $this->baseSelector->getBase();
+ }
}
if(isset($_POST['user_mulitple_edit'])){
diff --git a/gosa-core/plugins/personal/generic/generic.tpl b/gosa-core/plugins/personal/generic/generic.tpl
index 96555fbd196e7171083b3bfb9b288adc9c72a2e7..afecb253ed7443710c757e8f701d3ea1bce0a8a7 100644 (file)
<td>
<div style="height:10px;"></div>
{render acl=$baseACL checkbox=$multiple_support checked=$use_base}
- <select id="base" size="1" name="base" title="{t}Choose subtree to place user in{/t}">
- {html_options options=$bases selected=$base_select}
- </select>
-{/render}
-{render acl=$baseACL disable_picture='images/lists/folder_grey.png'}
- <input type="image" name="chooseBase" src="images/lists/folder.png" class="center" title="{t}Select a base{/t}">
+ {$base}
{/render}
</td>
</tr>