![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2d8a741)
raw | patch | inline | side by side (parent: 2d8a741)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Tue, 2 Mar 2010 11:35:56 +0000 (11:35 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Tue, 2 Mar 2010 11:35:56 +0000 (11:35 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@15838 594d385d-05f5-0310-b6e9-bd551577e9d8
diff --git a/gosa-core/plugins/personal/posix/class_posixAccount.inc b/gosa-core/plugins/personal/posix/class_posixAccount.inc
index 2bd4f5fac4abff81c49ae30ed94df352ee296778..943738a46eae10f4974850f9d973c2abee7245d7 100644 (file)
<?php
/*
- * This code is part of GOsa (http://www.gosa-project.org)
- * Copyright (C) 2003-2008 GONICUS GmbH
- *
- * ID: $$Id$$
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
+* This code is part of GOsa (http://www.gosa-project.org)
+* Copyright (C) 2003-2008 GONICUS GmbH
+*
+* ID: $$Id$$
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program; if not, write to the Free Software
+* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
/*!
- \brief posixAccount plugin
- \author Cajus Pollmeier <pollmeier@gonicus.de>
- \version 2.00
- \date 24.07.2003
+\brief posixAccount plugin
+\author Cajus Pollmeier <pollmeier@gonicus.de>
+\version 2.00
+\date 24.07.2003
- This class provides the functionality to read and write all attributes
- relevant for posixAccounts and shadowAccounts from/to the LDAP. It
- does syntax checking and displays the formulars required.
- */
+This class provides the functionality to read and write all attributes
+relevant for posixAccounts and shadowAccounts from/to the LDAP. It
+does syntax checking and displays the formulars required.
+*/
class posixAccount extends plugin
{
- /* Definitions */
- var $plHeadline= "UNIX";
- var $plDescription= "Edit users POSIX settings";
-
- /* Plugin specific values */
- var $homeDirectory= "";
- var $loginShell= "/bin/bash";
- var $uidNumber= "";
- var $gidNumber= "";
- var $gecos= "";
- var $shadowMin= "0";
- var $shadowMax= "0";
- var $shadowWarning= "0";
- var $shadowLastChange= "0";
- var $shadowInactive= "0";
- var $shadowExpire= "";
- var $gosaDefaultPrinter= "";
- var $accessTo= array();
- var $trustModel= "";
-
- var $glist=array();
- var $status= "";
- var $loginShellList= array();
- var $groupMembership= array();
- var $savedGroupMembership= array();
- var $savedUidNumber= "";
- var $savedGidNumber= "";
- var $activate_shadowMin= "0";
- var $activate_shadowMax= "0";
- var $activate_shadowWarning= "0";
- var $activate_shadowInactive= "0";
- var $activate_shadowExpire= "0";
- var $mustchangepassword= "0";
- var $force_ids= 0;
- var $gotoLastSystemLogin= "";
- var $groupSelect= FALSE;
- var $trustSelect= FALSE;
- var $secondaryGroups= array();
- var $primaryGroup= 0;
- var $was_trust_account= FALSE;
- var $memberGroup= array();
- var $grouplist= array();
- var $ui= array();
- var $ssh= null;
- var $sshAcl= "";
-
- var $GroupRegex= "*";
- var $GroupUserRegex= "*";
- var $SubSearch= false;
-
- var $view_logged= false;
-
- /* attribute list for save action */
- var $CopyPasteVars =
- array("grouplist","groupMembership","activate_shadowMin",
- "activate_shadowMax","activate_shadowWarning","activate_shadowInactive","activate_shadowExpire",
- "must_change_password","printerList","grouplist","savedGidNumber","savedUidNumber");
-
- var $attributes = array("homeDirectory", "loginShell", "uidNumber", "gidNumber", "gecos",
- "shadowMin", "shadowMax", "shadowWarning", "shadowInactive", "shadowLastChange",
- "shadowExpire", "gosaDefaultPrinter", "uid","accessTo","trustModel", "gotoLastSystemLogin");
-
- var $objectclasses= array("posixAccount", "shadowAccount");
-
- var $uid= "";
- var $multiple_support = TRUE;
- var $groupMembership_some = array();
-
- /* constructor, if 'dn' is set, the node loads the given
- 'dn' from LDAP */
- function posixAccount (&$config, $dn= NULL)
- {
- global $class_mapping;
-
- /* Configuration is fine, allways */
- $this->config= $config;
-
- /* Load bases attributes */
- plugin::plugin($config, $dn);
-
- /* If gotoLastSystemLogin is available read it from ldap and create a readable
- date time string, fallback to sambaLogonTime if available.
- */
- if(isset($this->attrs['gotoLastSystemLogin'][0]) && preg_match("/^[0-9]*$/",$this->attrs['gotoLastSystemLogin'][0])){
- $this->gotoLastSystemLogin = date("d.m.Y H:i:s", strtotime($this->attrs['gotoLastSystemLogin'][0]));
- } else if(isset($this->attrs['sambaLogonTime'][0]) && preg_match("/^[0-9]*$/",$this->attrs['sambaLogonTime'][0])){
- $this->gotoLastSystemLogin = date("d.m.Y H:i:s", $this->attrs['sambaLogonTime'][0]);
- }
-
- /* Setting uid to default */
- if(isset($this->attrs['uid'][0])){
- $this->uid = $this->attrs['uid'][0];
- }
-
- $ldap= $this->config->get_ldap_link();
-
- if ($dn !== NULL){
-
- /* Correct is_account. shadowAccount is not required. */
- if (isset($this->attrs['objectClass']) &&
- in_array ('posixAccount', $this->attrs['objectClass'])){
-
- $this->is_account= TRUE;
- }
-
- /* Is this account a trustAccount? */
- if ($this->is_account && isset($this->attrs['trustModel'])){
- $this->trustModel= $this->attrs['trustModel'][0];
- $this->was_trust_account= TRUE;
- } else {
- $this->was_trust_account= FALSE;
- $this->trustModel= "";
- }
-
- $this->accessTo = array();
- if ($this->is_account && isset($this->attrs['accessTo'])){
- for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
- $tmp= $this->attrs['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
- $this->initially_was_account= $this->is_account;
-
- /* Fill group */
- $this->primaryGroup= $this->gidNumber;
-
- /* Generate status text */
- $current= date("U");
-
- $current= floor($current / 60 /60 / 24);
-
- if (($current >= $this->shadowExpire) && $this->shadowExpire){
- $this->status= _("expired");
- if (($current - $this->shadowExpire) < $this->shadowInactive){
- $this->status.= ", "._("grace time active");
- }
- } elseif (($this->shadowLastChange + $this->shadowMin) >= $current){
- $this->status= _("active").", "._("password not changeable");
- } elseif (($this->shadowLastChange + $this->shadowMax) >= $current){
- $this->status= _("active").", "._("password expired");
- } else {
- $this->status= _("active");
- }
-
- /* Get group membership */
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=posixGroup)(memberUid=".$this->uid."))", array("cn", "description"));
-
- while ($attrs= $ldap->fetch()){
- if (!isset($attrs["description"][0])){
- $entry= $attrs["cn"][0];
- } else {
- $entry= $attrs["cn"][0]." [".$attrs["description"][0]."]";
- }
- $this->groupMembership[$ldap->getDN()]= $entry;
- }
- asort($this->groupMembership);
- reset($this->groupMembership);
- $this->savedGroupMembership= $this->groupMembership;
- $this->savedUidNumber= $this->uidNumber;
- $this->savedGidNumber= $this->gidNumber;
-
- // Instanciate SSH object if available
- if (isset($class_mapping["sshPublicKey"])){
- if (empty($this->acl_base)){
- $this->acl_base= $config->current['BASE'];
- }
-
- $this->sshAcl= $this->getacl("sshPublicKey");
- $this->ssh= new sshPublicKey($this->config, $this->dn, $this->sshAcl);
- }
- }
-
- /* Adjust shadow checkboxes */
- foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive",
- "shadowExpire") as $val){
-
- if ($this->$val != 0){
- $oval= "activate_".$val;
- $this->$oval= "1";
- }
- }
-
- /* Convert shadowExpire for usage */
- if ($this->shadowExpire == 0){
- $this->shadowExpire= "";
- } else {
- $this->shadowExpire= date('d.m.Y', $this->shadowExpire * 60 * 60 * 24);
- }
-
-
- /* Generate shell list from CONFIG_DIR./shells */
- if (file_exists(CONFIG_DIR.'/shells')){
- $shells = file (CONFIG_DIR.'/shells');
- foreach ($shells as $line){
- if (!preg_match ("/^#/", $line)){
- $this->loginShellList[]= trim($line);
- }
- }
- } else {
- if ($this->loginShell == ""){
- $this->loginShellList[]= _("unconfigured");
- }
- }
-
- /* Insert possibly missing loginShell */
- if ($this->loginShell != "" && !in_array($this->loginShell, $this->loginShellList)){
- $this->loginShellList[]= $this->loginShell;
- }
-
- /* Generate group list */
- $this->ui = get_userinfo();
- $this->secondaryGroups[]= "- "._("automatic")." -";
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(objectClass=posixGroup)", array("cn", "gidNumber"));
- while($attrs = $ldap->fetch()){
- $this->secondaryGroups[$attrs['gidNumber'][0]]= $attrs['cn'][0];
- }
- asort ($this->secondaryGroups);
-
- /* Get global filter config */
- if (!session::is_set("sysfilter")){
- $ui= get_userinfo();
- $base= get_base_from_people($ui->dn);
- $sysfilter= array( "depselect" => $base,
- "regex" => "*");
- session::set("sysfilter", $sysfilter);
- }
- $this->ui = get_userinfo();
- }
-
-
- /* execute generates the html output for this node */
- function execute($isCopyPaste = false)
- {
- /* Call parent execute */
- plugin::execute();
- $display= "";
-
- /* Log view */
- if($this->is_account && !$this->view_logged){
- $this->view_logged = TRUE;
- new log("view","users/".get_class($this),$this->dn);
- }
-
- /* Department has changed? */
- if(isset($_POST['depselect'])){
- session::set('CurrentMainBase',validate($_POST['depselect']));
- }
-
- if($this->multiple_support_active){
- $this->is_account = TRUE;
- }
-
- if(!$isCopyPaste && ! $this->multiple_support_active){
-
- /* Do we need to flip is_account state? */
- if(isset($_POST['modify_state'])){
- if($this->is_account && $this->acl_is_removeable()){
- $this->is_account= FALSE;
- }elseif(!$this->is_account && $this->acl_is_createable()){
- $this->is_account= TRUE;
- }
- }
-
- /* Do we represent a valid posixAccount? */
- if (!$this->is_account && $this->parent === NULL ){
- $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
- msgPool::noValidExtension(_("POSIX"))."</b>";
- $display.= back_to_main();
- return ($display);
- }
-
-
- /* Show tab dialog headers */
- if ($this->parent !== NULL){
- if ($this->is_account){
- if (isset($this->parent->by_object['sambaAccount'])){
- $obj= $this->parent->by_object['sambaAccount'];
- }
- if (isset($obj) && $obj->is_account == TRUE &&
- ((isset($this->parent->by_object['sambaAccount']))&&($this->parent->by_object['sambaAccount']->is_account))
- ||(isset($this->parent->by_object['environment'] ))&&($this->parent->by_object['environment'] ->is_account)){
-
- /* Samba3 dependency on posix accounts are enabled
- in the moment, because I need to rely on unique
- uidNumbers. There'll be a better solution later
- on. */
- $display= $this->show_disable_header(msgPool::removeFeaturesButton(_("POSIX")), msgPool::featuresEnabled(_("POSIX"), array(_("Samba"), _("Environment"))), TRUE);
- } else {
- $display= $this->show_disable_header(msgPool::removeFeaturesButton(_("POSIX")), msgPool::featuresEnabled(_("POSIX")));
- }
- } else {
- $display= $this->show_enable_header(msgPool::addFeaturesButton(_("POSIX")), msgPool::featuresDisabled(_("POSIX")));
- return($display);
- }
- }
- }
-
- // Display dialog to allow selection of groups
- if (isset($_POST['edit_groupmembership'])){
- $this->groupSelect = new groupSelect($this->config,get_userinfo());
- $this->dialog= TRUE;
- }
-
- // Allow to select trusted machines from a list
- if (isset($_POST["add_ws"])){
- $this->trustSelect= new trustSelect($this->config,get_userinfo());
- $this->dialog= TRUE;
- }
-
- // Cancel trust and group dialog
- if (isset($_POST['add_groups_cancel']) || isset($_POST['add_ws_cancel'])){
- $this->groupSelect= NULL;
- $this->trustSelect= NULL;
- $this->dialog= FALSE;
- }
-
- // Add groups selected in groupSelect dialog to ours.
- if (isset($_POST['add_groups_finish']) && $this->groupSelect){
- $groups = $this->groupSelect->detectPostActions();
- if(isset($groups['targets'])){
- $this->addGroup ($groups['targets']);
- $this->is_modified= TRUE;
- }
- $this->groupSelect= NULL;
- $this->dialog= FALSE;
- }
-
- // Remove groups from currently selected groups.
- if (isset($_POST['delete_groupmembership']) &&
- isset($_POST['group_list']) && count($_POST['group_list'])){
-
- $this->delGroup ($_POST['group_list']);
- }
-
- // Add selected machines to trusted ones.
- if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
- $trusts = $this->trustSelect->detectPostActions();
- if(isset($trusts['targets'])){
-
- $headpage = $this->trustSelect->getHeadpage();
- foreach($trusts['targets'] as $id){
- $attrs = $headpage->getEntry($id);
- $this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
- }
- ksort($this->accessTo);
- $this->is_modified= TRUE;
- }
- $this->trustSelect= NULL;
- $this->dialog= FALSE;
- }
-
- // Remove machine from trusted ones.
- if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
- foreach($_POST['workstation_list'] as $name){
- unset ($this->accessTo[$name]);
- }
- $this->is_modified= TRUE;
- }
-
-
-
- /* Templates now! */
- $smarty= get_smarty();
- $smarty->assign("usePrototype", "true");
-
- /* Show ws dialog */
- if ($this->trustSelect){
-
- // Build up blocklist
- session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
- return($this->trustSelect->execute());
- }
-
- /* Manage group add dialog */
- if ($this->groupSelect){
-
- // Build up blocklist
- session::set('filterBlacklist', array('dn' => array_keys($this->groupMembership)));
- return($this->groupSelect->execute());
- }
-
- // Handle ssh dialog?
- if ($this->ssh instanceOf sshPublicKey && preg_match('/[rw]/', $this->getacl("sshPublicKey"))) {
- $smarty->assign("usePrototype", "false");
- if ($result= $this->ssh->execute()) {
- $this->dialog= true;
- return $result;
- }
- $this->dialog= false;
- }
-
-
- /* Show main page */
- $smarty= get_smarty();
- $smarty->assign("usePrototype", "true");
-
- /* In 'MyAccount' mode, we must remove write acls if we are not in editing mode. */
- $SkipWrite = (!isset($this->parent) || !$this->parent) && !session::is_set('edit');
-
- $smarty->assign("sshPublicKeyACL", $this->getacl("sshPublicKey", $SkipWrite));
-
- /* Depending on pwmode, currently hardcoded because there are no other methods */
- if ( 1 == 1 ){
- $smarty->assign("pwmode", dirname(__FILE__)."/posix_shadow");
-
- $shadowMinACL = $this->getacl("shadowMin",$SkipWrite);
- $smarty->assign("shadowmins", sprintf(_("Password can't be changed up to %s days after last change"),
- "<input name=\"shadowMin\" size=3 maxlength=4 value=\"".$this->shadowMin."\">"));
-
- $shadowMaxACL = $this->getacl("shadowMax",$SkipWrite);
- $smarty->assign("shadowmaxs", sprintf(_("Password must be changed after %s days"),
- "<input name=\"shadowMax\" size=3 maxlength=4 value=\"".$this->shadowMax."\">"));
-
- $shadowInactiveACL= $this->getacl("shadowInactive",$SkipWrite);
- $smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiry"),
- "<input name=\"shadowInactive\" size=3 maxlength=4 value=\"".$this->shadowInactive."\">"));
-
- $shadowWarningACL = $this->getacl("shadowWarning",$SkipWrite);
- $smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiry"),
- "<input name=\"shadowWarning\" size=3 maxlength=4 value=\"".$this->shadowWarning."\">"));
-
- foreach( array("activate_shadowMin", "activate_shadowMax",
- "activate_shadowExpire", "activate_shadowInactive","activate_shadowWarning") as $val){
- if ($this->$val == 1){
- $smarty->assign("$val", "checked");
- } else {
- $smarty->assign("$val", "");
- }
- $smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
- }
-
- $smarty->assign("mustchangepasswordACL", $this->getacl("mustchangepassword",$SkipWrite));
- }
-
- // Set last system login
- $smarty->assign("gotoLastSystemLogin",$this->gotoLastSystemLogin);
-
- /* Fill arrays */
- $smarty->assign("shells", $this->loginShellList);
- $smarty->assign("secondaryGroups", $this->secondaryGroups);
- $smarty->assign("primaryGroup", $this->primaryGroup);
- if(!$this->multiple_support_active){
- if (!count($this->groupMembership)){
- $smarty->assign("groupMembership", array(" "));
- } else {
- $smarty->assign("groupMembership", $this->groupMembership);
- }
- }else{
- $smarty->assign("groupMembership", $this->groupMembership);
- $smarty->assign("groupMembership_some", $this->groupMembership_some);
- }
- if (count($this->groupMembership) > 16){
- $smarty->assign("groups", "too_many_for_nfs");
- } else {
- $smarty->assign("groups", "");
- }
-
- /* Avoid "Undefined index: forceMode" */
- $smarty->assign("forceMode", "");
-
- /* Checkboxes */
- if ($this->force_ids == 1){
- $smarty->assign("force_ids", "checked");
- if (session::get('js')){
- $smarty->assign("forceMode", "");
- }
- } else {
- if (session::get('js')){
- $smarty->assign("forceMode", "disabled");
- }
- $smarty->assign("force_ids", "");
- }
-
- /* Create onClick="" action string for the "Force UID/GID" option
- */
- $onClickIDS ="";
- if(preg_match("/w/",$this->getacl("uidNumber",$SkipWrite))){
- $onClickIDS .= "changeState('uidNumber');";
- }
- if(preg_match("/w/",$this->getacl("gidNumber",$SkipWrite))){
- $onClickIDS .= "changeState('gidNumber');";
- }
- $smarty->assign("onClickIDS", $onClickIDS);
- $smarty->assign("force_idsACL", $this->getacl("uidNumber",$SkipWrite).$this->getacl("gidNumber",$SkipWrite));
-
- foreach(array("primaryGroup","trustmode","activate_shadowWarning","activate_shadowInactive","activate_shadowMin","activate_shadowMax","activate_shadowExpire","mustchangepassword") as $val){
- if(in_array($val,$this->multi_boxes)){
- $smarty->assign("use_".$val,TRUE);
- }else{
- $smarty->assign("use_".$val,FALSE);
- }
- }
-
-
- /* Load attributes and acl's */
- foreach($this->attributes as $val){
- if(in_array($val,$this->multi_boxes)){
- $smarty->assign("use_".$val,TRUE);
- }else{
- $smarty->assign("use_".$val,FALSE);
- }
-
- if((session::get("js"))&&(($val=="uidNumber")||($val=="gidNumber")))
- {
- $smarty->assign("$val"."ACL",$this->getacl($val,$SkipWrite));
- $smarty->assign("$val", $this->$val);
- continue;
- }
- $smarty->assign("$val", $this->$val);
- $smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
- }
- if($SkipWrite){
- $smarty->assign("groupMembershipACL","r");
- }else{
- $smarty->assign("groupMembershipACL","rw");
- }
- $smarty->assign("status", $this->status);
-
- /* Work on trust modes */
- $smarty->assign("trusthide", " disabled ");
- $smarty->assign("trustmodeACL", $this->getacl("trustModel",$SkipWrite));
- if ($this->trustModel == "fullaccess"){
- $trustmode= 1;
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
-
- } elseif ($this->trustModel == "byhost"){
- $trustmode= 2;
- $smarty->assign("trusthide", "");
- } else {
- // pervent double disable tag in html code, this will disturb our clean w3c html
- $smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
- $trustmode= 0;
- }
- $smarty->assign("trustmode", $trustmode);
- $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
- 2 => _("allow access to these hosts")));
-
-
-
- if((count($this->accessTo))==0)
- $smarty->assign("emptyArrAccess",true);
- else
- $smarty->assign("emptyArrAccess",false);
-
- if($this->mustchangepassword){
- $smarty->assign("mustchangepassword", " checked ");
- } else {
- $smarty->assign("mustchangepassword", "");
- }
-
- $smarty->assign("workstations", $this->accessTo);
-
- // Add SSH button if available
- $smarty->assign("sshPublicKey", $this->ssh?1:0);
-
- $smarty->assign("apply", apply_filter());
- $smarty->assign("multiple_support" , $this->multiple_support_active);
- $display.= $smarty->fetch (get_template_path('generic.tpl', TRUE, dirname(__FILE__)));
- return($display);
- }
-
-
- /* remove object from parent */
- function remove_from_parent()
- {
- /* Cancel if there's nothing to do here */
- if ((!$this->initially_was_account) || (!$this->acl_is_removeable())){
- return;
- }
-
-
- /* Remove and write to LDAP */
- plugin::remove_from_parent();
-
- /* Zero out array */
- $this->attrs['gosaHostACL']= array();
-
- /* Keep uid, because we need it for authentification! */
- unset($this->attrs['uid']);
- unset($this->attrs['trustModel']);
-
- @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__,
- /* include global link_info */
- $this->attributes, "Save");
- $ldap= $this->config->get_ldap_link();
- $ldap->cd($this->dn);
- $this->cleanup();
- $ldap->modify ($this->attrs);
-
- new log("remove","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
-
- if (!$ldap->success()){
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_DEL, get_class()));
- }
-
- /* Delete group only if cn is uid and there are no other
- members inside */
- $ldap->cd ($this->config->current['BASE']);
- $ldap->search ("(&(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))", array("cn", "memberUid"));
- if ($ldap->count() != 0){
- $attrs= $ldap->fetch();
- if ($attrs['cn'][0] == $this->uid &&
- !isset($this->attrs['memberUid'])){
-
- $ldap->rmDir($ldap->getDN());
- }
- }
-
- /* Optionally execute a command after we're done */
- $this->handle_post_events("remove",array("uid" => $this->uid));
- }
-
-
- function save_object()
- {
- if (isset($_POST['posixTab'])){
- /* Save values to object */
- plugin::save_object();
-
-
- /* Save force GID checkbox */
- if($this->acl_is_writeable("gidNumber") || $this->acl_is_writeable("uidNumber")){
- if (isset ($_POST['force_ids'])){
- $data= 1;
- } else {
- $data= 0;
- }
- if ($this->force_ids != $data){
- $this->is_modified= TRUE;
- }
- $this->force_ids= $data;
- }
-
- /*Save primary group settings */
- if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
- $data= $_POST['primaryGroup'];
- if ($this->primaryGroup != $data){
- $this->is_modified= TRUE;
- }
- $this->primaryGroup= $_POST['primaryGroup'];
- }
-
- /* Get seelcted shadow checkboxes */
- foreach(array("shadowMin","shadowMax","shadowExpire","shadowInactive","shadowWarning") as $var) {
- if($this->acl_is_writeable($var)){
- $activate_var = "activate_".$var;
- if(isset($_POST['activate_'.$var])){
- $this->$activate_var = true;
- $this->$var = $_POST[$var];
- }else{
- $this->$activate_var = false;
- if ($var != "shadowExpire") {
- $this->$var = 0;
- }
- }
- }
- }
-
- /* Force change password ? */
- if(isset($_POST['mustchangepassword'])){
- $this->mustchangepassword = TRUE;
- }else{
- $this->mustchangepassword = FALSE;
- }
-
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
- }
-
- /* Get regex from alphabet */
- if(isset($_GET['search'])){
- $this->GroupRegex = $_GET['search']."*";
- }
-
- /* Check checkboxes and regexes */
- if(isset($_POST["PosixGroupDialogPosted"])){
-
- if(isset($_POST['SubSearch']) && ($_POST['SubSearch'])){
- $this->SubSearch = true;
- }else{
- $this->SubSearch = false;
- }
- if(isset($_POST['guser'])){
- $this->GroupUserRegex = $_POST['guser'];
- }
- if(isset($_POST['regex'])){
- $this->GroupRegex = $_POST['regex'];
- }
- }
- $this->GroupRegex = preg_replace("/\*\**/","*",$this->GroupRegex);
- $this->GroupUserRegex = preg_replace("/\*\**/","*",$this->GroupUserRegex);
- }
-
-
- /* Save data to LDAP, depending on is_account we save or delete */
- function save()
- {
-
- /* Adapt shadow values */
- if (!$this->activate_shadowExpire){
- $this->shadowExpire= "0";
- } else {
- /* Transform date to days since the beginning */
- list($day, $month, $year)= explode('.', $this->shadowExpire, 3);
- $this->shadowExpire= (int)(mktime(0, 0, 0, $month, $day, $year)/ (60 * 60 * 24)) ;
- }
- if (!$this->activate_shadowMax){
- $this->shadowMax= "0";
- }
- if ($this->mustchangepassword){
- $this->shadowLastChange= (int)(date("U") / 86400) - $this->shadowMax - 1;
- } else {
- $this->shadowLastChange= (int)(date("U") / 86400);
- }
- if (!$this->activate_shadowWarning){
- $this->shadowWarning= "0";
- }
-
- /* Check what to do with ID's
- Nothing forced, so we may have to generate our own IDs, if not done already.
- */
- if ($this->force_ids == 0){
-
- /* Handle uidNumber.
- * - use existing number if possible
- * - if not, try to create a new uniqe one.
- * */
- if ($this->savedUidNumber != ""){
- $this->uidNumber= $this->savedUidNumber;
- } else {
-
- /* Calculate new id's. We need to place a lock before calling get_next_id
- to get real unique values.
- */
- $wait= 10;
- while (get_lock("uidnumber") != ""){
- sleep (1);
-
- /* Oups - timed out */
- if ($wait-- == 0){
- msg_dialog::display(_("Warning"), _("Timeout while waiting for lock. Ignoring lock!"), WARNING_DIALOG);
- break;
- }
- }
- add_lock ("uidnumber", "gosa");
- $this->uidNumber= get_next_id("uidNumber", $this->dn);
- }
- }
-
-
- /* Handle gidNumber
- * - If we do not have a primary group selected (automatic), we will check if there
- * is already a group with the same name and use this as primary.
- * - .. if we couldn't find a group with the same name, we will create a new one,
- * using the users uid as cn and a generated uniqe gidNumber.
- * */
- if ($this->primaryGroup == 0 || $this->force_ids){
-
- /* Search for existing group */
- $ldap = $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
-
- /* Are we forced to use a special gidNumber? */
- if($this->force_ids){
- $ldap->search("(&(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))", array("cn","gidNumber"));
- }else{
- $ldap->search("(&(objectClass=posixGroup)(gidNumber=*)(cn=".$this->uid."))", array("cn","gidNumber"));
- }
-
- /* No primary group found, create a new one */
- if ($ldap->count() == 0){
-
- $groupcn = $this->uid;
- $pri_attr = $this->config->get_cfg_value("accountPrimaryAttribute");
- $groupdn= preg_replace ('/^'.preg_quote($pri_attr,'/').'=[^,]+,'.preg_quote(get_people_ou(),'/').'/i',
- 'cn='.$groupcn.','.get_groups_ou(), $this->dn);
-
- /* Request a new and uniqe gidNumber, if required */
- if(!$this->force_ids){
- $this->gidNumber= get_next_id("gidNumber", $this->dn);
- }
-
- /* If forced gidNumber could not be found, then check if the given group name already exists
- we do not want to modify the gidNumber of an existing group.
- */
- $cnt= 0;
- while($ldap->dn_exists($groupdn) && ($cnt < 100)){
- $cnt ++;
- $groupcn = $this->uid."_".$cnt;
- $groupdn= preg_replace ('/^'.preg_quote($pri_attr,'/').'=[^,]+,'.preg_quote(get_people_ou(),'/').'/i',
- 'cn='.$groupcn.','.get_groups_ou(), $this->dn);
- }
-
- /* Create new primary group and enforce the new gidNumber */
- $g= new group($this->config, $groupdn);
- $g->cn= $groupcn;
- $g->force_gid= 1;
- $g->gidNumber= $this->gidNumber;
- $g->description= _("Group of user")." ".$this->givenName." ".$this->sn;
- $g->save ();
-
- @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
- sprintf("Primary group '%s' created, using gidNumber '%s'.",$groupcn,$this->gidNumber),"");
- }else{
- $attrs = $ldap->fetch();
- $this->gidNumber = $attrs['gidNumber'][0];
- @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
- "Found and used: <i>".$attrs['dn']."</i>",
- sprintf("Primary group '%s' exists, gidNumber is '%s'.",$this->uid,$this->gidNumber));
- }
- }else{
-
- /* Primary group was selected by user
- */
- $this->gidNumber = $this->primaryGroup;
- @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
- sprintf("Primary group '%s' for user '%s' manually selected.",$this->gidNumber,$this->uid),"");
- }
-
- if ($this->activate_shadowMin != "1" ) {
- $this->shadowMin = "";
- }
-
- if (($this->activate_shadowMax != "1") && ($this->mustchangepassword != "1")) {
- $this->shadowMax = "";
- }
-
- if ($this->activate_shadowWarning != "1" ) {
- $this->shadowWarning = "";
- }
-
- if ($this->activate_shadowInactive != "1" ) {
- $this->shadowInactive = "";
- }
-
- if ($this->activate_shadowExpire != "1" ) {
- $this->shadowExpire = "";
- }
-
- /* Fill gecos */
- if (isset($this->parent) && $this->parent !== NULL){
- $this->gecos= rewrite($this->parent->by_object['user']->cn);
- if (!preg_match('/^[a-z0-9 -]+$/i', $this->gecos)){
- $this->gecos= "";
- }
- }
-
- foreach(array("shadowMin","shadowMax","shadowWarning","shadowInactive","shadowExpire") as $attr){
- $this->$attr = (int) $this->$attr;
- }
- /* Call parents save to prepare $this->attrs */
- plugin::save();
-
- /* Trust accounts */
- $objectclasses= array();
- foreach ($this->attrs['objectClass'] as $key => $class){
- if (preg_match('/trustAccount/i', $class)){
- continue;
- }
- $objectclasses[]= $this->attrs['objectClass'][$key];
- }
- $this->attrs['objectClass']= $objectclasses;
- if ($this->trustModel != ""){
- $this->attrs['objectClass'][]= "trustAccount";
- $this->attrs['trustModel']= $this->trustModel;
- $this->attrs['accessTo']= array();
- if ($this->trustModel == "byhost"){
- foreach ($this->accessTo as $host){
- $this->attrs['accessTo'][]= $host;
- }
- }
- } else {
- if ($this->was_trust_account){
- $this->attrs['accessTo']= array();
- $this->attrs['trustModel']= array();
- }
- }
-
- if(empty($this->attrs['gosaDefaultPrinter'])){
- $thid->attrs['gosaDefaultPrinter']=array();
- }
-
-
- /* include global link_info */
- $this->cleanup();
-
- /* This is just a test, we have had duplicated ids
- in the past when copy & paste was used.
- Normaly this should not happen.
- */
- if(isset($this->attrs['uidNumber']) && !$this->force_ids){
- $used = $this->get_used_uid_numbers();
- if(isset($used[$this->attrs['uidNumber']]) && $used[$this->attrs['uidNumber']] != $this->dn){
- msg_dialog::display(_("Warning"),_("A duplicated UID number was written for this user. If this was not intended please verify all used uidNumbers!"), WARNING_DIALOG);
- }
- }
-
- $ldap= $this->config->get_ldap_link();
- $ldap->cd($this->dn);
- unset($this->attrs['uid']);
- $ldap->modify ($this->attrs);
-
- /* Log last action */
- if($this->initially_was_account){
- new log("modify","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
- }else{
- new log("create","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
- }
-
- if (!$ldap->success()){
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_MOD, get_class()));
- }
-
- /* Remove lock needed for unique id generation */
- del_lock ("uidnumber");
-
- // Save ssh stuff if needed
- if ($this->ssh) {
- $this->ssh->setDN($this->dn);
- $this->ssh->save();
- }
-
- /* Take care about groupMembership values: add to groups */
- foreach ($this->groupMembership as $key => $value){
- if (!isset($this->savedGroupMembership[$key])){
- $g= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $key,"groups");
- $g->set_acl_base($key);
- $g->by_object['group']->addUser($this->uid);
- $g->save();
- }
- }
-
- /* Remove groups not listed in groupMembership */
- foreach ($this->savedGroupMembership as $key => $value){
- if (!isset($this->groupMembership[$key])){
- $g= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $key,"groups");
- $g->set_acl_base($key);
- $g->by_object['group']->removeUser ($this->uid);
- $g->save();
- }
- }
-
- /* Optionally execute a command after we're done */
- if ($this->initially_was_account == $this->is_account){
- if ($this->is_modified){
- $this->handle_post_events("modify",array("uid" => $this->uid));
- }
- } else {
- $this->handle_post_events("add" ,array("uid"=> $this->uid));
- }
- }
-
-
- /* Check formular input */
- function check()
- {
- /* Include global link_info */
- $ldap= $this->config->get_ldap_link();
-
- /* Append groups as memberGroup: to check hook
- */
- $tmp_attributes = $this->attributes;
- $this->attributes[] = "memberGroup";
- $this->memberGroup = array();
- foreach($this->groupMembership as $dn => $name){
- $this->memberGroup[] = $name;
- }
-
- /* Call common method to give check the hook */
- $message= plugin::check();
- $this->attributes = $tmp_attributes;
-
- /* must: homeDirectory */
- if ($this->homeDirectory == ""){
- $message[]= msgPool::required(_("Home directory"));
- }
- if (!tests::is_path($this->homeDirectory)){
- $message[]= msgPool::invalid(_("Home directory"), "", "", "/home/yourname" );
- }
-
- /* Check ID's if they are forced by user */
- if ($this->force_ids == "1"){
-
- /* Valid uid/gid? */
- if (!tests::is_id($this->uidNumber)){
- $message[]= msgPool::invalid(_("UID"), $this->uidNumber, "/[0-9]/");
- } else {
- if ($this->uidNumber < $this->config->get_cfg_value("minId")){
- $message[]= msgPool::toosmall(_("UID"), $this->config->get_cfg_value("minId"));
- }
- }
- if (!tests::is_id($this->gidNumber)){
- $message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
- } else {
- if ($this->gidNumber < $this->config->get_cfg_value("minId")){
- $message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("minId"));
- }
- }
- }
-
- /* Check dates */
- if ($this->activate_shadowExpire && ($this->shadowExpire == "" || !tests::is_date($this->shadowExpire))){
- $message[]= msgPool::invalid("shadowExpire", $this->shadowExpire);
- }
-
- /* Check shadow settings, well I like spaghetties... */
- if ($this->activate_shadowMin){
- if (!tests::is_id($this->shadowMin)){
- $message[]= msgPool::invalid(_("shadowMin"), $this->shadowMin, "/[0-9]/");
- }
- }
- if ($this->activate_shadowMax){
- if (!tests::is_id($this->shadowMax)){
- $message[]= msgPool::invalid(_("shadowMax"), $this->shadowMax, "/[0-9]/");
- }
- }
- if ($this->activate_shadowWarning){
- if (!tests::is_id($this->shadowWarning)){
- $message[]= msgPool::invalid(_("shadowWarning"), $this->shadowWarning, "/[0-9]/");
- }
- if (!$this->activate_shadowMax){
- $message[]= msgPool::depends("shadowWarning", "shadowMax");
- }
- if ($this->shadowWarning > $this->shadowMax){
- $message[]= msgPool::toobig("shadowWarning", "shadowMax");
- }
- if ($this->activate_shadowMin && $this->shadowWarning < $this->shadowMin){
- $message[]= msgPool::toosmall("shadowWarning", "shadowMin");
- }
- }
- if ($this->activate_shadowInactive){
- if (!tests::is_id($this->shadowInactive)){
- $message[]= msgPool::invalid(_("shadowInactive"), $this->shadowInactive, "/[0-9]/");
- }
- if (!$this->activate_shadowMax){
- $message[]= msgPool::depends("shadowInactive", "shadowMax");
- }
- }
- if ($this->activate_shadowMin && $this->activate_shadowMax){
- if ($this->shadowMin > $this->shadowMax){
- $message[]= msgPool::toobig("shadowMin", "shadowMax");
- }
- }
-
- return ($message);
- }
-
-
- function multiple_check()
- {
- $message = plugin::multiple_check();
- if ($this->homeDirectory == "" && in_array("homeDirectory",$this->multi_boxes)){
- $message[]= msgPool::required(_("Home directory"));
- }
- if (!tests::is_path($this->homeDirectory) && in_array("homeDirectory",$this->multi_boxes)){
- $message[]= msgPool::invalid(_("Home directory"), "", "", "/home/yourname" );
- }
-
- /* Check shadow settings, well I like spaghetties... */
- if ($this->activate_shadowMin && in_array("activate_shadowMin",$this->multi_boxes)){
- if (!tests::is_id($this->shadowMin)){
- $message[]= msgPool::invalid(_("shadowMin"), $this->shadowMin, "/[0-9]/");
- }
- }
- if ($this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
- if (!tests::is_id($this->shadowMax)){
- $message[]= msgPool::invalid(_("shadowMax"), $this->shadowMax, "/[0-9]/");
- }
- }
- if ($this->activate_shadowWarning && in_array("activate_shadowWarning",$this->multi_boxes)){
- if (!tests::is_id($this->shadowWarning)){
- $message[]= msgPool::invalid(_("shadowWarning"), $this->shadowWarning, "/[0-9]/");
- }
- if (!$this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
- $message[]= msgPool::depends("shadowWarning", "shadowMax");
- }
- if ($this->shadowWarning > $this->shadowMax && in_array("activate_shadowWarning",$this->multi_boxes)){
- $message[]= msgPool::toobig("shadowWarning", "shadowMax");
- }
- if ($this->activate_shadowMin && $this->shadowWarning < $this->shadowMin && in_array("activate_shadowMin",$this->multi_boxes)){
- $message[]= msgPool::tosmall("shadowWarning", "shadowMin");
- }
- }
- if ($this->activate_shadowInactive && in_array("activate_shadowInactive",$this->multi_boxes)){
- if (!tests::is_id($this->shadowInactive)){
- $message[]= msgPool::invalid(_("shadowInactive"), $this->shadowInactive, "/[0-9]/");
- }
- if (!$this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
- $message[]= msgPool::depends("shadowInactive", "shadowMax");
- }
- }
- if ($this->activate_shadowMin && $this->activate_shadowMax && in_array("activate_shadowMin",$this->multi_boxes)){
- if ($this->shadowMin > $this->shadowMax){
- $message[]= msgPool::toobig("shadowMin", "shadowMax");
- }
- }
-
- return($message);
- }
-
-
- function addGroup ($groups)
- {
- /* include global link_info */
- $ldap= $this->config->get_ldap_link();
-
- /* Walk through groups and add the descriptive entry if not exists */
- foreach ($groups as $value){
-
- if (!array_key_exists($value, $this->groupMembership)){
- $ldap->cat($value, array('cn', 'description', 'dn'));
- $attrs= $ldap->fetch();
- error_reporting (0);
- if (!isset($attrs['description'][0])){
- $entry= $attrs["cn"][0];
- } else {
- $dsc= preg_replace ('/^Group of user/', _("Group of user"), $attrs["description"][0]);
- $entry= $attrs["cn"][0]." [$dsc]";
- }
- error_reporting (E_ALL | E_STRICT);
-
- if(obj_is_writable($attrs['dn'],"groups/group","memberUid")){
- $this->groupMembership[$attrs['dn']]= $entry;
- if($this->multiple_support_active && isset($this->groupMembership_some[$attrs['dn']])){
- unset($this->groupMembership_some[$attrs['dn']]);
- }
- }
- }
- }
-
- /* Sort groups */
- asort ($this->groupMembership);
- reset ($this->groupMembership);
- }
-
-
- /* Del posix user from some groups */
- function delGroup ($groups)
- {
- $dest= array();
- foreach($groups as $dn_to_del){
- if(isset($this->groupMembership[$dn_to_del]) && obj_is_writable($dn_to_del,"groups/group","memberUid")){
- unset($this->groupMembership[$dn_to_del]);
- }
- if($this->multiple_support_active){
- if(isset($this->groupMembership_some[$dn_to_del]) && obj_is_writable($dn_to_del,"groups/group","memberUid")){
- unset($this->groupMembership_some[$dn_to_del]);
- }
- }
- }
- }
-
-
- /* Adapt from template, using 'dn' */
- function adapt_from_template($dn, $skip= array())
- {
- /* Include global link_info */
- $ldap= $this->config->get_ldap_link();
-
- plugin::adapt_from_template($dn, $skip);
- $template= $this->attrs['uid'][0];
-
- /* Adapt group membership */
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=posixGroup)(memberUid=".$this->attrs["uid"][0]."))", array("description", "cn"));
-
- while ($this->attrs= $ldap->fetch()){
- if (!isset($this->attrs["description"][0])){
- $entry= $this->attrs["cn"][0];
- } else {
- $entry= $this->attrs["cn"][0]." [".$this->attrs["description"][0]."]";
- }
- $this->groupMembership[$ldap->getDN()]= $entry;
- }
-
- /* Fix primary group settings */
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=posixGroup)(cn=$template)(gidNumber=".$this->gidNumber."))", array("cn"));
- if ($ldap->count() != 1){
- $this->primaryGroup= $this->gidNumber;
- }
-
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=gosaUserTemplate)(uid=".$template.")(accessTo=*))", array("cn","accessTo"));
- while($attr = $ldap->fetch()){
- $tmp = $attr['accessTo'];
- unset ($tmp['count']);
- $this->accessTo = $tmp;
- }
-
- /* Adjust shadow checkboxes */
- foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive") as $val){
- if ($this->$val != 0){
- $oval= "activate_".$val;
- $this->$oval= "1";
- }
- }
-
- /* FIXME: NEED review of this section */
- /* Need to check shadowExpire separately */
-
- /*
- * If shadowExpire is not enabled in the template, it's a UNIX timestamp - so don't convert it to seconds.
- * The check is a hack - if difference between timestamp generated above and here is max 1 day.
- */
- if(abs($this->shadowExpire - time())>86400) {
- $this->shadowExpire= $this->convertToSeconds($this->shadowExpire);
- }
-
- /* Only enable checkbox, if shadowExpire is in the future */
- if($this->shadowExpire > time()) {
- $this->activate_shadowExpire= "1";
- }
- }
-
- function convertToSeconds($val)
- {
- if ($val != 0){
- $val*= 60 * 60 * 24;
- } else {
- $date= getdate();
- $val= floor($date[0] / (60*60*24)) * 60 * 60 * 24;
- }
- return($val);
- }
-
-
- function get_used_uid_numbers()
- {
- $ids= array();
- $ldap= $this->config->get_ldap_link();
-
- $ldap->cd ($this->config->current['BASE']);
- $ldap->search ("(&(objectClass=posixAccount)(uidNumber=*))", array("uidNumber"));
-
- /* Get list of ids */
- while ($attrs= $ldap->fetch()){
- $ids[$attrs['uidNumber'][0]] = $attrs['dn'];
- }
- return($ids);
- }
-
-
- /* Get posts from copy & paste dialog */
- function saveCopyDialog()
- {
- if(isset($_POST['homeDirectory'])){
- $this->homeDirectory = $_POST['homeDirectory'];
- if (isset ($_POST['force_ids'])){
- $data= 1;
- $this->gidNumber = $_POST['gidNumber'];
- $this->uidNumber = $_POST['uidNumber'];
- } else {
- $data= 0;
- }
- if ($this->force_ids != $data){
- $this->is_modified= TRUE;
- }
- $this->force_ids= $data;
- $data= $_POST['primaryGroup'];
- if ($this->primaryGroup != $data){
- $this->is_modified= TRUE;
- }
- $this->primaryGroup= $_POST['primaryGroup'];
- }
- }
-
-
- /* Create the posix dialog part for copy & paste */
- function getCopyDialog()
- {
- /* Skip dialog creation if this is not a valid account*/
- if(!$this->is_account) return("");
- if ($this->force_ids == 1){
- $force_ids = "checked";
- if (session::get('js')){
- $forceMode = "";
- }
- } else {
- if (session::get('js')){
- if($this->acl != "#none#")
- $forceMode ="disabled";
- }
- $force_ids = "";
- }
-
- $sta = "";
-
- /* Open group add dialog */
- if(isset($_POST['edit_groupmembership'])){
- $this->groupSelect = new groupSelect($this->config,get_userinfo());
- $sta = "SubDialog";
- }
-
- /* If the group-add dialog is closed, call execute
- to ensure that the membership is updatd */
- if(isset($_POST['add_groups_finish']) || isset($_POST['add_groups_cancel'])){
- $this->execute();
- $this->groupSelect =NULL;
- }
-
- if($this->groupSelect){
- $str = $this->execute(true);
- $ret = array();
- $ret['string'] = $str;
- $ret['status'] = $sta;
- return($ret);
- }
-
- /* If a group member should be deleted, simply call execute */
- if(isset($_POST['delete_groupmembership'])){
- $this->execute();
- }
-
- /* Assigned informations to smarty */
- $smarty = get_smarty();
- $smarty->assign("homeDirectory",$this->homeDirectory);
- $smarty->assign("secondaryGroups",$this->secondaryGroups);
- $smarty->assign("primaryGroup",$this->primaryGroup);
-
- $smarty->assign("uidNumber",$this->uidNumber);
- $smarty->assign("gidNumber",$this->gidNumber);
- $smarty->assign("forceMode",$forceMode);
- $smarty->assign("force_ids",$force_ids);
- if (!count($this->groupMembership)){
- $smarty->assign("groupMembership", array(" "));
- } else {
- $smarty->assign("groupMembership", $this->groupMembership);
- }
-
- /* Display wars message if there are more than 16 group members */
- if (count($this->groupMembership) > 16){
- $smarty->assign("groups", "too_many_for_nfs");
- } else {
- $smarty->assign("groups", "");
- }
- $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
-
- $ret = array();
- $ret['string'] = $str;
- $ret['status'] = $sta;
- return($ret);
- }
-
-
- function PrepareForCopyPaste($source)
- {
- plugin::PrepareForCopyPaste($source);
-
- /* Avoid using the same gid/uid number as source user
- empty numbers to enforce new ones. */
- $this->savedUidNumber = "";
- $this->savedGidNumber = "";
-
- /* Get group membership */
- $ldap = $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->search("(&(objectClass=posixGroup)(memberUid=".$source['uid'][0]."))", array("cn", "description"));
-
- while ($attrs= $ldap->fetch()){
- if (!isset($attrs["description"][0])){
- $entry= $attrs["cn"][0];
- } else {
- $entry= $attrs["cn"][0]." [".$attrs["description"][0]."]";
- }
- $this->groupMembership[$ldap->getDN()]= $entry;
- }
- asort($this->groupMembership);
- reset($this->groupMembership);
-
- /* Fill group */
- if(isset($source['gidNumber'][0])){
- $this->primaryGroup= $source['gidNumber'][0];
- }
-
- }
-
-
- function multiple_execute()
- {
- return($this->execute());
- }
-
-
- static function plInfo()
- {
- return (array(
- "plDescription" => _("POSIX account"),
- "plSelfModify" => TRUE,
- "plDepends" => array("user"),
- "plPriority" => 2,
- "plSection" => array("personal" => _("My account")),
- "plCategory" => array("users"),
- "plOptions" => array(),
-
- "plProvidedAcls" => array(
-
- "homeDirectory" => _("Home directory"),
- "loginShell" => _("Shell"),
- "uidNumber" => _("User ID"),
- "gidNumber" => _("Group ID"),
-
- "mustchangepassword"=> _("Force password change on login"),
- "shadowMin" => _("Shadow min"),
- "shadowMax" => _("Shadow max"),
- "shadowWarning" => _("Shadow warning"),
- "shadowInactive" => _("Shadow inactive"),
- "shadowExpire" => _("Shadow expire"),
- "sshPublickey" => _("Public SSH key"),
- "trustModel" => _("System trust model")))
- );
- }
-
-
- /* Return selected values for multiple edit */
- function get_multi_edit_values()
- {
- $ret = plugin::get_multi_edit_values();
- $ret['groupMembership'] = $this->groupMembership;
- $ret['groupMembership_some']= $this->groupMembership_some;
-
- if(in_array("primaryGroup",$this->multi_boxes)){
- $ret['primaryGroup'] = $this->primaryGroup;
- }
- if(in_array("trustmode",$this->multi_boxes)){
- $ret['trustModel'] = $this->trustModel;
- $ret['accessTo'] = $this->accessTo;
- }
- foreach(array("shadowWarning","shadowInactive","shadowMin","shadowMax", "shadowExpire") as $entry){
- $active = "activate_".$entry;
- if(in_array($active,$this->multi_boxes)){
- $ret[$entry] = $this->$entry;
- $ret[$active] = $this->$active;
- }
- }
- if(in_array("mustchangepassword",$this->multi_boxes)){
- $ret['mustchangepassword'] = $this->mustchangepassword;
- }
- return($ret);
- }
-
-
- /* Save posts for multiple edit
- */
- function multiple_save_object()
- {
- if(isset($_POST['posix_mulitple_edit'])){
-
- /* Backup expire value */
- $expire_tmp = $this->shadowExpire;
-
- /* Update all values */
- plugin::multiple_save_object();
-
- /* Get selected checkboxes */
- foreach(array("primaryGroup","trustmode","mustchangepassword","activate_shadowWarning","activate_shadowInactive","activate_shadowMin", "activate_shadowMax","activate_shadowExpire") as $val){
- if(isset($_POST["use_".$val])){
- $this->multi_boxes[] = $val;
- }
- }
-
- /* Update special values, checkboxes for posixShadow */
- foreach(array("shadowMin","shadowMax","shadowExpire","shadowInactive","shadowWarning") as $var) {
- if($this->acl_is_writeable($var)){
- $activate_var = "activate_".$var;
- if(in_array($activate_var, $this->multi_boxes)){
- if(isset($_POST['activate_'.$var])){
- $this->$activate_var = true;
- $this->$var = $_POST[$var];
- }else{
- $this->$activate_var = false;
- $this->$var = 0;
- }
- }
- }
- }
-
- /* Restore shadow value, if the shadow attribute isn't used */
- if(!in_array("activate_shadowExpire",$this->multi_boxes)){
- $this->shadowExpire = $expire_tmp;
- }
-
- /* Force change password ? */
- if(isset($_POST['mustchangepassword'])){
- $this->mustchangepassword = TRUE;
- }else{
- $this->mustchangepassword = FALSE;
- }
-
- /* Trust mode - special handling */
- if($this->acl_is_writeable("trustModel")){
- if (isset($_POST['trustmode'])){
- $saved= $this->trustModel;
- if ($_POST['trustmode'] == "1"){
- $this->trustModel= "fullaccess";
- } elseif ($_POST['trustmode'] == "2"){
- $this->trustModel= "byhost";
- } else {
- $this->trustModel= "";
- }
- if ($this->trustModel != $saved){
- $this->is_modified= TRUE;
- }
- }
- }
-
- /* Save primary group settings */
- if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
- $data= $_POST['primaryGroup'];
- if ($this->primaryGroup != $data){
- $this->is_modified= TRUE;
- }
- $this->primaryGroup= $_POST['primaryGroup'];
- }
- }
- }
-
-
- /* Initialize plugin with given atribute arrays
- */
- function init_multiple_support($attrs,$all)
- {
- plugin::init_multiple_support($attrs,$all);
-
- /* Some dummy values */
- $groups_some = array();
- $groups_all = array();
- $groups_uid = array();
- $uids = array();
- $first = TRUE;
-
- /* Get all groups used by currently edited users */
- $uid_filter="";
- for($i =0; $i < $this->multi_attrs_all['uid']['count'] ; $i ++){
- $uid = $this->multi_attrs_all['uid'][$i];
- $uids[] = $uid;
- $uid_filter.= "(memberUid=".$uid.")";
- }
- $uid_filter = "(&(objectClass=posixGroup)(|".$uid_filter."))";
- $ldap = $this->config->get_ldap_link();
- $ldap->cd($this->config->current['BASE']);
- $ldap->search($uid_filter,array("dn","cn","memberUid"));
- while($group = $ldap->fetch()){
- $groups_some[$group['dn']] = $group['cn'][0];
- for($i = 0 ; $i < $group['memberUid']['count'] ; $i++){
- $groups_uid[$group['dn']][] = $group['memberUid'][$i];
- }
- }
-
- /* Create an array, containing all used groups */
- $groups_all = $groups_some;
- foreach($groups_all as $id => $group){
- foreach($uids as $uid){
- if(!in_array($uid,$groups_uid[$id])){
- unset($groups_all[$id]);
- break;
- }
- }
- }
-
- /* Assign group array */
- $this->groupMembership = $groups_all;
-
- /* Create an array of all grouops used by all users */
- foreach( $groups_all as $dn => $cn){
- if(isset($groups_some[$dn])){
- unset($groups_some[$dn]);
- }
- }
- $this->groupMembership_some = $groups_some;
- $this->primaryGroup = $this->gidNumber;
-
- /* Is this account a trustAccount? */
- if (isset($this->multi_attrs['trustModel'])){
- $this->trustModel= $this->multi_attrs['trustModel'][0];
- $this->was_trust_account= TRUE;
- $this->multi_boxes[] = "trustmode";
- } else {
- $this->was_trust_account= FALSE;
- $this->trustModel= "";
- }
-
- /* Create access informations */
- $this->accessTo = array();
- if (isset($this->multi_attrs['accessTo'])){
- for ($i= 0; $i<$this->multi_attrs['accessTo']['count']; $i++){
- $tmp= $this->multi_attrs['accessTo'][$i];
- $this->accessTo[$tmp]= $tmp;
- }
- }
-
- /* Adjust shadow checkboxes */
- foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive",
- "shadowExpire") as $val){
- if ($this->$val != 0){
- $oval= "activate_".$val;
- $this->$oval= "1";
- }
- }
-
- /* Convert to seconds */
- if(isset($this->multi_attrs['shadowExpire'])){
- $this->shadowExpire = $this->convertToSeconds($this->multi_attrs['shadowExpire'][0]);
- }else{
- $this->activate_shadowExpire = FALSE;
- }
- }
-
-
- function set_multi_edit_values($attrs)
- {
- $groups = array();
-
- /* Update groupMembership, keep optinal group */
- foreach($attrs['groupMembership_some'] as $dn => $cn){
- if(isset($this->groupMembership[$dn])){
- $groups[$dn] = $cn;
- }
- }
- /* Update groupMembership, add forced groups */
- foreach($attrs['groupMembership'] as $dn => $cn){
- $groups[$dn] = $cn;
- }
- plugin::set_multi_edit_values($attrs);
- $this->groupMembership = $groups;
- }
+/* Definitions */
+var $plHeadline= "UNIX";
+var $plDescription= "Edit users POSIX settings";
+
+/* Plugin specific values */
+var $homeDirectory= "";
+var $loginShell= "/bin/bash";
+var $uidNumber= "";
+var $gidNumber= "";
+var $gecos= "";
+var $shadowMin= "0";
+var $shadowMax= "0";
+var $shadowWarning= "0";
+var $shadowLastChange= "0";
+var $shadowInactive= "0";
+var $shadowExpire= "";
+var $gosaDefaultPrinter= "";
+var $accessTo= array();
+var $trustModel= "";
+
+var $glist=array();
+var $status= "";
+var $loginShellList= array();
+var $groupMembership= array();
+var $savedGroupMembership= array();
+var $savedUidNumber= "";
+var $savedGidNumber= "";
+var $activate_shadowMin= "0";
+var $activate_shadowMax= "0";
+var $activate_shadowWarning= "0";
+var $activate_shadowInactive= "0";
+var $activate_shadowExpire= "0";
+var $mustchangepassword= "0";
+var $force_ids= 0;
+var $gotoLastSystemLogin= "";
+var $groupSelect= FALSE;
+var $trustSelect= FALSE;
+var $secondaryGroups= array();
+var $primaryGroup= 0;
+var $was_trust_account= FALSE;
+var $memberGroup= array();
+var $grouplist= array();
+var $ui= array();
+var $ssh= null;
+var $sshAcl= "";
+
+var $GroupRegex= "*";
+var $GroupUserRegex= "*";
+var $SubSearch= false;
+
+var $view_logged= false;
+
+/* attribute list for save action */
+var $CopyPasteVars =
+array("grouplist","groupMembership","activate_shadowMin",
+"activate_shadowMax","activate_shadowWarning","activate_shadowInactive","activate_shadowExpire",
+"must_change_password","printerList","grouplist","savedGidNumber","savedUidNumber");
+
+var $attributes = array("homeDirectory", "loginShell", "uidNumber", "gidNumber", "gecos",
+"shadowMin", "shadowMax", "shadowWarning", "shadowInactive", "shadowLastChange",
+"shadowExpire", "gosaDefaultPrinter", "uid","accessTo","trustModel", "gotoLastSystemLogin");
+
+var $objectclasses= array("posixAccount", "shadowAccount");
+
+var $uid= "";
+var $multiple_support = TRUE;
+var $groupMembership_some = array();
+
+/* constructor, if 'dn' is set, the node loads the given
+'dn' from LDAP */
+function posixAccount (&$config, $dn= NULL)
+{
+global $class_mapping;
+
+/* Configuration is fine, allways */
+$this->config= $config;
+
+/* Load bases attributes */
+plugin::plugin($config, $dn);
+
+/* If gotoLastSystemLogin is available read it from ldap and create a readable
+date time string, fallback to sambaLogonTime if available.
+*/
+if(isset($this->attrs['gotoLastSystemLogin'][0]) && preg_match("/^[0-9]*$/",$this->attrs['gotoLastSystemLogin'][0])){
+$this->gotoLastSystemLogin = date("d.m.Y H:i:s", strtotime($this->attrs['gotoLastSystemLogin'][0]));
+} else if(isset($this->attrs['sambaLogonTime'][0]) && preg_match("/^[0-9]*$/",$this->attrs['sambaLogonTime'][0])){
+$this->gotoLastSystemLogin = date("d.m.Y H:i:s", $this->attrs['sambaLogonTime'][0]);
+}
+
+/* Setting uid to default */
+if(isset($this->attrs['uid'][0])){
+$this->uid = $this->attrs['uid'][0];
+}
+
+$ldap= $this->config->get_ldap_link();
+
+if ($dn !== NULL){
+
+/* Correct is_account. shadowAccount is not required. */
+if (isset($this->attrs['objectClass']) &&
+in_array ('posixAccount', $this->attrs['objectClass'])){
+
+$this->is_account= TRUE;
+}
+
+/* Is this account a trustAccount? */
+if ($this->is_account && isset($this->attrs['trustModel'])){
+$this->trustModel= $this->attrs['trustModel'][0];
+$this->was_trust_account= TRUE;
+} else {
+$this->was_trust_account= FALSE;
+$this->trustModel= "";
+}
+
+$this->accessTo = array();
+if ($this->is_account && isset($this->attrs['accessTo'])){
+for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
+$tmp= $this->attrs['accessTo'][$i];
+$this->accessTo[$tmp]= $tmp;
+}
+}
+$this->initially_was_account= $this->is_account;
+
+/* Fill group */
+$this->primaryGroup= $this->gidNumber;
+
+/* Generate status text */
+$current= date("U");
+
+$current= floor($current / 60 /60 / 24);
+
+if (($current >= $this->shadowExpire) && $this->shadowExpire){
+$this->status= _("expired");
+if (($current - $this->shadowExpire) < $this->shadowInactive){
+$this->status.= ", "._("grace time active");
+}
+} elseif (($this->shadowLastChange + $this->shadowMin) >= $current){
+$this->status= _("active").", "._("password not changeable");
+} elseif (($this->shadowLastChange + $this->shadowMax) >= $current){
+$this->status= _("active").", "._("password expired");
+} else {
+$this->status= _("active");
+}
+
+/* Get group membership */
+$ldap->cd($this->config->current['BASE']);
+$ldap->search("(&(objectClass=posixGroup)(memberUid=".$this->uid."))", array("cn", "description"));
+
+while ($attrs= $ldap->fetch()){
+if (!isset($attrs["description"][0])){
+$entry= $attrs["cn"][0];
+} else {
+$entry= $attrs["cn"][0]." [".$attrs["description"][0]."]";
+}
+$this->groupMembership[$ldap->getDN()]= $entry;
+}
+asort($this->groupMembership);
+reset($this->groupMembership);
+$this->savedGroupMembership= $this->groupMembership;
+$this->savedUidNumber= $this->uidNumber;
+$this->savedGidNumber= $this->gidNumber;
+
+// Instanciate SSH object if available
+if (isset($class_mapping["sshPublicKey"])){
+if (empty($this->acl_base)){
+$this->acl_base= $config->current['BASE'];
+}
+
+$this->sshAcl= $this->getacl("sshPublicKey");
+$this->ssh= new sshPublicKey($this->config, $this->dn, $this->sshAcl);
+}
+}
+
+/* Adjust shadow checkboxes */
+foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive",
+"shadowExpire") as $val){
+
+if ($this->$val != 0){
+$oval= "activate_".$val;
+$this->$oval= "1";
+}
+}
+
+/* Convert shadowExpire for usage */
+if ($this->shadowExpire == 0){
+$this->shadowExpire= "";
+} else {
+$this->shadowExpire= date('d.m.Y', $this->shadowExpire * 60 * 60 * 24);
+}
+
+
+/* Generate shell list from CONFIG_DIR./shells */
+if (file_exists(CONFIG_DIR.'/shells')){
+$shells = file (CONFIG_DIR.'/shells');
+foreach ($shells as $line){
+if (!preg_match ("/^#/", $line)){
+$this->loginShellList[]= trim($line);
+}
+}
+} else {
+if ($this->loginShell == ""){
+$this->loginShellList[]= _("unconfigured");
+}
+}
+
+/* Insert possibly missing loginShell */
+if ($this->loginShell != "" && !in_array($this->loginShell, $this->loginShellList)){
+$this->loginShellList[]= $this->loginShell;
+}
+
+/* Generate group list */
+$this->ui = get_userinfo();
+$this->secondaryGroups[]= "- "._("automatic")." -";
+$ldap->cd($this->config->current['BASE']);
+$ldap->search("(objectClass=posixGroup)", array("cn", "gidNumber"));
+while($attrs = $ldap->fetch()){
+$this->secondaryGroups[$attrs['gidNumber'][0]]= $attrs['cn'][0];
+}
+asort ($this->secondaryGroups);
+
+/* Get global filter config */
+if (!session::is_set("sysfilter")){
+$ui= get_userinfo();
+$base= get_base_from_people($ui->dn);
+$sysfilter= array( "depselect" => $base,
+"regex" => "*");
+session::set("sysfilter", $sysfilter);
+}
+$this->ui = get_userinfo();
+}
+
+
+/* execute generates the html output for this node */
+function execute($isCopyPaste = false)
+{
+/* Call parent execute */
+plugin::execute();
+$display= "";
+
+/* Log view */
+if($this->is_account && !$this->view_logged){
+$this->view_logged = TRUE;
+new log("view","users/".get_class($this),$this->dn);
+}
+
+/* Department has changed? */
+if(isset($_POST['depselect'])){
+session::set('CurrentMainBase',validate($_POST['depselect']));
+}
+
+if($this->multiple_support_active){
+$this->is_account = TRUE;
+}
+
+if(!$isCopyPaste && ! $this->multiple_support_active){
+
+/* Do we need to flip is_account state? */
+if(isset($_POST['modify_state'])){
+if($this->is_account && $this->acl_is_removeable()){
+$this->is_account= FALSE;
+}elseif(!$this->is_account && $this->acl_is_createable()){
+$this->is_account= TRUE;
+}
+}
+
+/* Do we represent a valid posixAccount? */
+if (!$this->is_account && $this->parent === NULL ){
+$display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
+msgPool::noValidExtension(_("POSIX"))."</b>";
+$display.= back_to_main();
+return ($display);
+}
+
+
+/* Show tab dialog headers */
+if ($this->parent !== NULL){
+if ($this->is_account){
+if (isset($this->parent->by_object['sambaAccount'])){
+$obj= $this->parent->by_object['sambaAccount'];
+}
+if (isset($obj) && $obj->is_account == TRUE &&
+((isset($this->parent->by_object['sambaAccount']))&&($this->parent->by_object['sambaAccount']->is_account))
+||(isset($this->parent->by_object['environment'] ))&&($this->parent->by_object['environment'] ->is_account)){
+
+/* Samba3 dependency on posix accounts are enabled
+in the moment, because I need to rely on unique
+uidNumbers. There'll be a better solution later
+on. */
+$display= $this->show_disable_header(msgPool::removeFeaturesButton(_("POSIX")), msgPool::featuresEnabled(_("POSIX"), array(_("Samba"), _("Environment"))), TRUE);
+} else {
+$display= $this->show_disable_header(msgPool::removeFeaturesButton(_("POSIX")), msgPool::featuresEnabled(_("POSIX")));
+}
+} else {
+$display= $this->show_enable_header(msgPool::addFeaturesButton(_("POSIX")), msgPool::featuresDisabled(_("POSIX")));
+return($display);
+}
+}
+}
+
+// Display dialog to allow selection of groups
+if (isset($_POST['edit_groupmembership'])){
+$this->groupSelect = new groupSelect($this->config,get_userinfo());
+$this->dialog= TRUE;
+}
+
+// Allow to select trusted machines from a list
+if (isset($_POST["add_ws"])){
+$this->trustSelect= new trustSelect($this->config,get_userinfo());
+$this->dialog= TRUE;
+}
+
+// Cancel trust and group dialog
+if (isset($_POST['add_groups_cancel']) || isset($_POST['add_ws_cancel'])){
+$this->groupSelect= NULL;
+$this->trustSelect= NULL;
+$this->dialog= FALSE;
+}
+
+// Add groups selected in groupSelect dialog to ours.
+if (isset($_POST['add_groups_finish']) && $this->groupSelect){
+$groups = $this->groupSelect->detectPostActions();
+if(isset($groups['targets'])){
+$this->addGroup ($groups['targets']);
+$this->is_modified= TRUE;
+}
+$this->groupSelect= NULL;
+$this->dialog= FALSE;
+}
+
+// Remove groups from currently selected groups.
+if (isset($_POST['delete_groupmembership']) &&
+isset($_POST['group_list']) && count($_POST['group_list'])){
+
+$this->delGroup ($_POST['group_list']);
+}
+
+// Add selected machines to trusted ones.
+if (isset($_POST["add_ws_finish"]) && $this->trustSelect){
+$trusts = $this->trustSelect->detectPostActions();
+if(isset($trusts['targets'])){
+
+$headpage = $this->trustSelect->getHeadpage();
+foreach($trusts['targets'] as $id){
+$attrs = $headpage->getEntry($id);
+$this->accessTo[$attrs['cn'][0]]= $attrs['cn'][0];
+}
+ksort($this->accessTo);
+$this->is_modified= TRUE;
+}
+$this->trustSelect= NULL;
+$this->dialog= FALSE;
+}
+
+// Remove machine from trusted ones.
+if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
+foreach($_POST['workstation_list'] as $name){
+unset ($this->accessTo[$name]);
+}
+$this->is_modified= TRUE;
+}
+
+
+
+/* Templates now! */
+$smarty= get_smarty();
+$smarty->assign("usePrototype", "true");
+
+/* Show ws dialog */
+if ($this->trustSelect){
+
+// Build up blocklist
+session::set('filterBlacklist', array('cn' => array_values($this->accessTo)));
+return($this->trustSelect->execute());
+}
+
+/* Manage group add dialog */
+if ($this->groupSelect){
+
+// Build up blocklist
+session::set('filterBlacklist', array('dn' => array_keys($this->groupMembership)));
+return($this->groupSelect->execute());
+}
+
+// Handle ssh dialog?
+if ($this->ssh instanceOf sshPublicKey && preg_match('/[rw]/', $this->getacl("sshPublicKey"))) {
+$smarty->assign("usePrototype", "false");
+if ($result= $this->ssh->execute()) {
+$this->dialog= true;
+return $result;
+}
+$this->dialog= false;
+}
+
+
+/* Show main page */
+$smarty= get_smarty();
+$smarty->assign("usePrototype", "true");
+
+/* In 'MyAccount' mode, we must remove write acls if we are not in editing mode. */
+$SkipWrite = (!isset($this->parent) || !$this->parent) && !session::is_set('edit');
+
+$smarty->assign("sshPublicKeyACL", $this->getacl("sshPublicKey", $SkipWrite));
+
+/* Depending on pwmode, currently hardcoded because there are no other methods */
+if ( 1 == 1 ){
+$smarty->assign("pwmode", dirname(__FILE__)."/posix_shadow");
+
+$shadowMinACL = $this->getacl("shadowMin",$SkipWrite);
+$smarty->assign("shadowmins", sprintf(_("Password can't be changed up to %s days after last change"),
+"<input name=\"shadowMin\" size=3 maxlength=4 value=\"".$this->shadowMin."\">"));
+
+$shadowMaxACL = $this->getacl("shadowMax",$SkipWrite);
+$smarty->assign("shadowmaxs", sprintf(_("Password must be changed after %s days"),
+"<input name=\"shadowMax\" size=3 maxlength=4 value=\"".$this->shadowMax."\">"));
+
+$shadowInactiveACL= $this->getacl("shadowInactive",$SkipWrite);
+$smarty->assign("shadowinactives", sprintf(_("Disable account after %s days of inactivity after password expiry"),
+"<input name=\"shadowInactive\" size=3 maxlength=4 value=\"".$this->shadowInactive."\">"));
+
+$shadowWarningACL = $this->getacl("shadowWarning",$SkipWrite);
+$smarty->assign("shadowwarnings", sprintf(_("Warn user %s days before password expiry"),
+"<input name=\"shadowWarning\" size=3 maxlength=4 value=\"".$this->shadowWarning."\">"));
+
+foreach( array("activate_shadowMin", "activate_shadowMax",
+"activate_shadowExpire", "activate_shadowInactive","activate_shadowWarning") as $val){
+if ($this->$val == 1){
+$smarty->assign("$val", "checked");
+} else {
+$smarty->assign("$val", "");
+}
+$smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
+}
+
+$smarty->assign("mustchangepasswordACL", $this->getacl("mustchangepassword",$SkipWrite));
+}
+
+// Set last system login
+$smarty->assign("gotoLastSystemLogin",$this->gotoLastSystemLogin);
+
+/* Fill arrays */
+$smarty->assign("shells", $this->loginShellList);
+$smarty->assign("secondaryGroups", $this->secondaryGroups);
+$smarty->assign("primaryGroup", $this->primaryGroup);
+if(!$this->multiple_support_active){
+if (!count($this->groupMembership)){
+$smarty->assign("groupMembership", array(" "));
+} else {
+$smarty->assign("groupMembership", $this->groupMembership);
+}
+}else{
+$smarty->assign("groupMembership", $this->groupMembership);
+$smarty->assign("groupMembership_some", $this->groupMembership_some);
+}
+if (count($this->groupMembership) > 16){
+$smarty->assign("groups", "too_many_for_nfs");
+} else {
+$smarty->assign("groups", "");
+}
+
+/* Avoid "Undefined index: forceMode" */
+$smarty->assign("forceMode", "");
+
+/* Checkboxes */
+if ($this->force_ids == 1){
+$smarty->assign("force_ids", "checked");
+if (session::get('js')){
+$smarty->assign("forceMode", "");
+}
+} else {
+if (session::get('js')){
+$smarty->assign("forceMode", "disabled");
+}
+$smarty->assign("force_ids", "");
+}
+
+/* Create onClick="" action string for the "Force UID/GID" option
+*/
+$onClickIDS ="";
+if(preg_match("/w/",$this->getacl("uidNumber",$SkipWrite))){
+$onClickIDS .= "changeState('uidNumber');";
+}
+if(preg_match("/w/",$this->getacl("gidNumber",$SkipWrite))){
+$onClickIDS .= "changeState('gidNumber');";
+}
+$smarty->assign("onClickIDS", $onClickIDS);
+$smarty->assign("force_idsACL", $this->getacl("uidNumber",$SkipWrite).$this->getacl("gidNumber",$SkipWrite));
+
+foreach(array("primaryGroup","trustmode","activate_shadowWarning","activate_shadowInactive","activate_shadowMin","activate_shadowMax","activate_shadowExpire","mustchangepassword") as $val){
+if(in_array($val,$this->multi_boxes)){
+$smarty->assign("use_".$val,TRUE);
+}else{
+$smarty->assign("use_".$val,FALSE);
+}
+}
+
+
+/* Load attributes and acl's */
+foreach($this->attributes as $val){
+if(in_array($val,$this->multi_boxes)){
+$smarty->assign("use_".$val,TRUE);
+}else{
+$smarty->assign("use_".$val,FALSE);
+}
+
+if((session::get("js"))&&(($val=="uidNumber")||($val=="gidNumber")))
+{
+$smarty->assign("$val"."ACL",$this->getacl($val,$SkipWrite));
+$smarty->assign("$val", $this->$val);
+continue;
+}
+$smarty->assign("$val", $this->$val);
+$smarty->assign("$val"."ACL", $this->getacl($val,$SkipWrite));
+}
+if($SkipWrite){
+$smarty->assign("groupMembershipACL","r");
+}else{
+$smarty->assign("groupMembershipACL","rw");
+}
+$smarty->assign("status", $this->status);
+
+/* Work on trust modes */
+$smarty->assign("trusthide", " disabled ");
+$smarty->assign("trustmodeACL", $this->getacl("trustModel",$SkipWrite));
+if ($this->trustModel == "fullaccess"){
+$trustmode= 1;
+// pervent double disable tag in html code, this will disturb our clean w3c html
+$smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
+
+} elseif ($this->trustModel == "byhost"){
+$trustmode= 2;
+$smarty->assign("trusthide", "");
+} else {
+// pervent double disable tag in html code, this will disturb our clean w3c html
+$smarty->assign("trustmode", $this->getacl("trustModel",$SkipWrite));
+$trustmode= 0;
+}
+$smarty->assign("trustmode", $trustmode);
+$smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
+2 => _("allow access to these hosts")));
+
+
+
+if((count($this->accessTo))==0)
+$smarty->assign("emptyArrAccess",true);
+else
+$smarty->assign("emptyArrAccess",false);
+
+if($this->mustchangepassword){
+$smarty->assign("mustchangepassword", " checked ");
+} else {
+$smarty->assign("mustchangepassword", "");
+}
+
+$smarty->assign("workstations", $this->accessTo);
+
+// Add SSH button if available
+$smarty->assign("sshPublicKey", $this->ssh?1:0);
+
+$smarty->assign("apply", apply_filter());
+$smarty->assign("multiple_support" , $this->multiple_support_active);
+$display.= $smarty->fetch (get_template_path('generic.tpl', TRUE, dirname(__FILE__)));
+return($display);
+}
+
+
+/* remove object from parent */
+function remove_from_parent()
+{
+/* Cancel if there's nothing to do here */
+if ((!$this->initially_was_account) || (!$this->acl_is_removeable())){
+return;
+}
+
+
+/* Remove and write to LDAP */
+plugin::remove_from_parent();
+
+/* Zero out array */
+$this->attrs['gosaHostACL']= array();
+
+/* Keep uid, because we need it for authentification! */
+unset($this->attrs['uid']);
+unset($this->attrs['trustModel']);
+
+@DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__,
+/* include global link_info */
+$this->attributes, "Save");
+$ldap= $this->config->get_ldap_link();
+$ldap->cd($this->dn);
+$this->cleanup();
+$ldap->modify ($this->attrs);
+
+new log("remove","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+
+if (!$ldap->success()){
+msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_DEL, get_class()));
+}
+
+/* Delete group only if cn is uid and there are no other
+members inside */
+$ldap->cd ($this->config->current['BASE']);
+$ldap->search ("(&(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))", array("cn", "memberUid"));
+if ($ldap->count() != 0){
+$attrs= $ldap->fetch();
+if ($attrs['cn'][0] == $this->uid &&
+!isset($this->attrs['memberUid'])){
+
+$ldap->rmDir($ldap->getDN());
+}
+}
+
+/* Optionally execute a command after we're done */
+$this->handle_post_events("remove",array("uid" => $this->uid));
+}
+
+
+function save_object()
+{
+if (isset($_POST['posixTab'])){
+/* Save values to object */
+plugin::save_object();
+
+
+/* Save force GID checkbox */
+if($this->acl_is_writeable("gidNumber") || $this->acl_is_writeable("uidNumber")){
+if (isset ($_POST['force_ids'])){
+$data= 1;
+} else {
+$data= 0;
+}
+if ($this->force_ids != $data){
+$this->is_modified= TRUE;
+}
+$this->force_ids= $data;
+}
+
+/*Save primary group settings */
+if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
+$data= $_POST['primaryGroup'];
+if ($this->primaryGroup != $data){
+$this->is_modified= TRUE;
+}
+$this->primaryGroup= $_POST['primaryGroup'];
+}
+
+/* Get seelcted shadow checkboxes */
+foreach(array("shadowMin","shadowMax","shadowExpire","shadowInactive","shadowWarning") as $var) {
+if($this->acl_is_writeable($var)){
+$activate_var = "activate_".$var;
+if(isset($_POST['activate_'.$var])){
+$this->$activate_var = true;
+$this->$var = $_POST[$var];
+}else{
+$this->$activate_var = false;
+if ($var != "shadowExpire") {
+$this->$var = 0;
+}
+}
+}
+}
+
+/* Force change password ? */
+if(isset($_POST['mustchangepassword'])){
+$this->mustchangepassword = TRUE;
+}else{
+$this->mustchangepassword = FALSE;
+}
+
+/* Trust mode - special handling */
+if($this->acl_is_writeable("trustModel")){
+if (isset($_POST['trustmode'])){
+$saved= $this->trustModel;
+if ($_POST['trustmode'] == "1"){
+$this->trustModel= "fullaccess";
+} elseif ($_POST['trustmode'] == "2"){
+$this->trustModel= "byhost";
+} else {
+$this->trustModel= "";
+}
+if ($this->trustModel != $saved){
+$this->is_modified= TRUE;
+}
+}
+}
+}
+
+/* Get regex from alphabet */
+if(isset($_GET['search'])){
+$this->GroupRegex = $_GET['search']."*";
+}
+
+/* Check checkboxes and regexes */
+if(isset($_POST["PosixGroupDialogPosted"])){
+
+if(isset($_POST['SubSearch']) && ($_POST['SubSearch'])){
+$this->SubSearch = true;
+}else{
+$this->SubSearch = false;
+}
+if(isset($_POST['guser'])){
+$this->GroupUserRegex = $_POST['guser'];
+}
+if(isset($_POST['regex'])){
+$this->GroupRegex = $_POST['regex'];
+}
+}
+$this->GroupRegex = preg_replace("/\*\**/","*",$this->GroupRegex);
+$this->GroupUserRegex = preg_replace("/\*\**/","*",$this->GroupUserRegex);
+}
+
+
+/* Save data to LDAP, depending on is_account we save or delete */
+function save()
+{
+
+/* Adapt shadow values */
+if (!$this->activate_shadowExpire){
+$this->shadowExpire= "0";
+} else {
+/* Transform date to days since the beginning */
+list($day, $month, $year)= explode('.', $this->shadowExpire, 3);
+$this->shadowExpire= (int)(mktime(0, 0, 0, $month, $day, $year)/ (60 * 60 * 24)) ;
+}
+if (!$this->activate_shadowMax){
+$this->shadowMax= "0";
+}
+if ($this->mustchangepassword){
+$this->shadowLastChange= (int)(date("U") / 86400) - $this->shadowMax - 1;
+} else {
+$this->shadowLastChange= (int)(date("U") / 86400);
+}
+if (!$this->activate_shadowWarning){
+$this->shadowWarning= "0";
+}
+
+/* Check what to do with ID's
+Nothing forced, so we may have to generate our own IDs, if not done already.
+*/
+if ($this->force_ids == 0){
+
+/* Handle uidNumber.
+* - use existing number if possible
+* - if not, try to create a new uniqe one.
+* */
+if ($this->savedUidNumber != ""){
+$this->uidNumber= $this->savedUidNumber;
+} else {
+
+/* Calculate new id's. We need to place a lock before calling get_next_id
+to get real unique values.
+*/
+$wait= 10;
+while (get_lock("uidnumber") != ""){
+sleep (1);
+
+/* Oups - timed out */
+if ($wait-- == 0){
+msg_dialog::display(_("Warning"), _("Timeout while waiting for lock. Ignoring lock!"), WARNING_DIALOG);
+break;
+}
+}
+add_lock ("uidnumber", "gosa");
+$this->uidNumber= get_next_id("uidNumber", $this->dn);
+}
+}
+
+
+/* Handle gidNumber
+* - If we do not have a primary group selected (automatic), we will check if there
+* is already a group with the same name and use this as primary.
+* - .. if we couldn't find a group with the same name, we will create a new one,
+* using the users uid as cn and a generated uniqe gidNumber.
+* */
+if ($this->primaryGroup == 0 || $this->force_ids){
+
+/* Search for existing group */
+$ldap = $this->config->get_ldap_link();
+$ldap->cd($this->config->current['BASE']);
+
+/* Are we forced to use a special gidNumber? */
+if($this->force_ids){
+$ldap->search("(&(objectClass=posixGroup)(gidNumber=".$this->gidNumber."))", array("cn","gidNumber"));
+}else{
+$ldap->search("(&(objectClass=posixGroup)(gidNumber=*)(cn=".$this->uid."))", array("cn","gidNumber"));
+}
+
+/* No primary group found, create a new one */
+if ($ldap->count() == 0){
+
+$groupcn = $this->uid;
+$pri_attr = $this->config->get_cfg_value("accountPrimaryAttribute");
+$groupdn= preg_replace ('/^'.preg_quote($pri_attr,'/').'=[^,]+,'.preg_quote(get_people_ou(),'/').'/i',
+'cn='.$groupcn.','.get_groups_ou(), $this->dn);
+
+/* Request a new and uniqe gidNumber, if required */
+if(!$this->force_ids){
+$this->gidNumber= get_next_id("gidNumber", $this->dn);
+}
+
+/* If forced gidNumber could not be found, then check if the given group name already exists
+we do not want to modify the gidNumber of an existing group.
+*/
+$cnt= 0;
+while($ldap->dn_exists($groupdn) && ($cnt < 100)){
+$cnt ++;
+$groupcn = $this->uid."_".$cnt;
+$groupdn= preg_replace ('/^'.preg_quote($pri_attr,'/').'=[^,]+,'.preg_quote(get_people_ou(),'/').'/i',
+'cn='.$groupcn.','.get_groups_ou(), $this->dn);
+}
+
+/* Create new primary group and enforce the new gidNumber */
+$g= new group($this->config, $groupdn);
+$g->cn= $groupcn;
+$g->force_gid= 1;
+$g->gidNumber= $this->gidNumber;
+$g->description= _("Group of user")." ".$this->givenName." ".$this->sn;
+$g->save ();
+
+@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
+sprintf("Primary group '%s' created, using gidNumber '%s'.",$groupcn,$this->gidNumber),"");
+}else{
+$attrs = $ldap->fetch();
+$this->gidNumber = $attrs['gidNumber'][0];
+@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
+"Found and used: <i>".$attrs['dn']."</i>",
+sprintf("Primary group '%s' exists, gidNumber is '%s'.",$this->uid,$this->gidNumber));
+}
+}else{
+
+/* Primary group was selected by user
+*/
+$this->gidNumber = $this->primaryGroup;
+@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,
+sprintf("Primary group '%s' for user '%s' manually selected.",$this->gidNumber,$this->uid),"");
+}
+
+if ($this->activate_shadowMin != "1" ) {
+$this->shadowMin = "";
+}
+
+if (($this->activate_shadowMax != "1") && ($this->mustchangepassword != "1")) {
+$this->shadowMax = "";
+}
+
+if ($this->activate_shadowWarning != "1" ) {
+$this->shadowWarning = "";
+}
+
+if ($this->activate_shadowInactive != "1" ) {
+$this->shadowInactive = "";
+}
+
+if ($this->activate_shadowExpire != "1" ) {
+$this->shadowExpire = "";
+}
+
+/* Fill gecos */
+if (isset($this->parent) && $this->parent !== NULL){
+$this->gecos= rewrite($this->parent->by_object['user']->cn);
+if (!preg_match('/^[a-z0-9 -]+$/i', $this->gecos)){
+$this->gecos= "";
+}
+}
+
+foreach(array("shadowMin","shadowMax","shadowWarning","shadowInactive","shadowExpire") as $attr){
+$this->$attr = (int) $this->$attr;
+}
+/* Call parents save to prepare $this->attrs */
+plugin::save();
+
+/* Trust accounts */
+$objectclasses= array();
+foreach ($this->attrs['objectClass'] as $key => $class){
+if (preg_match('/trustAccount/i', $class)){
+continue;
+}
+$objectclasses[]= $this->attrs['objectClass'][$key];
+}
+$this->attrs['objectClass']= $objectclasses;
+if ($this->trustModel != ""){
+$this->attrs['objectClass'][]= "trustAccount";
+$this->attrs['trustModel']= $this->trustModel;
+$this->attrs['accessTo']= array();
+if ($this->trustModel == "byhost"){
+foreach ($this->accessTo as $host){
+$this->attrs['accessTo'][]= $host;
+}
+}
+} else {
+if ($this->was_trust_account){
+$this->attrs['accessTo']= array();
+$this->attrs['trustModel']= array();
+}
+}
+
+if(empty($this->attrs['gosaDefaultPrinter'])){
+$thid->attrs['gosaDefaultPrinter']=array();
+}
+
+
+/* include global link_info */
+$this->cleanup();
+
+/* This is just a test, we have had duplicated ids
+in the past when copy & paste was used.
+Normaly this should not happen.
+*/
+if(isset($this->attrs['uidNumber']) && !$this->force_ids){
+$used = $this->get_used_uid_numbers();
+if(isset($used[$this->attrs['uidNumber']]) && $used[$this->attrs['uidNumber']] != $this->dn){
+msg_dialog::display(_("Warning"),_("A duplicated UID number was written for this user. If this was not intended please verify all used uidNumbers!"), WARNING_DIALOG);
+}
+}
+
+$ldap= $this->config->get_ldap_link();
+$ldap->cd($this->dn);
+unset($this->attrs['uid']);
+$ldap->modify ($this->attrs);
+
+/* Log last action */
+if($this->initially_was_account){
+new log("modify","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+}else{
+new log("create","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+}
+
+if (!$ldap->success()){
+msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_MOD, get_class()));
+}
+
+/* Remove lock needed for unique id generation */
+del_lock ("uidnumber");
+
+// Save ssh stuff if needed
+if ($this->ssh) {
+$this->ssh->setDN($this->dn);
+$this->ssh->save();
+}
+
+/* Take care about groupMembership values: add to groups */
+foreach ($this->groupMembership as $key => $value){
+if (!isset($this->savedGroupMembership[$key])){
+$g= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $key,"groups");
+$g->set_acl_base($key);
+$g->by_object['group']->addUser($this->uid);
+$g->save();
+}
+}
+
+/* Remove groups not listed in groupMembership */
+foreach ($this->savedGroupMembership as $key => $value){
+if (!isset($this->groupMembership[$key])){
+$g= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $key,"groups");
+$g->set_acl_base($key);
+$g->by_object['group']->removeUser ($this->uid);
+$g->save();
+}
+}
+
+/* Optionally execute a command after we're done */
+if ($this->initially_was_account == $this->is_account){
+if ($this->is_modified){
+$this->handle_post_events("modify",array("uid" => $this->uid));
+}
+} else {
+$this->handle_post_events("add" ,array("uid"=> $this->uid));
+}
+}
+
+
+/* Check formular input */
+function check()
+{
+/* Include global link_info */
+$ldap= $this->config->get_ldap_link();
+
+/* Append groups as memberGroup: to check hook
+*/
+$tmp_attributes = $this->attributes;
+$this->attributes[] = "memberGroup";
+$this->memberGroup = array();
+foreach($this->groupMembership as $dn => $name){
+$this->memberGroup[] = $name;
+}
+
+/* Call common method to give check the hook */
+$message= plugin::check();
+$this->attributes = $tmp_attributes;
+
+/* must: homeDirectory */
+if ($this->homeDirectory == ""){
+$message[]= msgPool::required(_("Home directory"));
+}
+if (!tests::is_path($this->homeDirectory)){
+$message[]= msgPool::invalid(_("Home directory"), "", "", "/home/yourname" );
+}
+
+/* Check ID's if they are forced by user */
+if ($this->force_ids == "1"){
+
+/* Valid uid/gid? */
+if (!tests::is_id($this->uidNumber)){
+$message[]= msgPool::invalid(_("UID"), $this->uidNumber, "/[0-9]/");
+} else {
+if ($this->uidNumber < $this->config->get_cfg_value("minId")){
+$message[]= msgPool::toosmall(_("UID"), $this->config->get_cfg_value("minId"));
+}
+}
+if (!tests::is_id($this->gidNumber)){
+$message[]= msgPool::invalid(_("GID"), $this->gidNumber, "/[0-9]/");
+} else {
+if ($this->gidNumber < $this->config->get_cfg_value("minId")){
+$message[]= msgPool::toosmall(_("GID"), $this->config->get_cfg_value("minId"));
+}
+}
+}
+
+/* Check dates */
+if ($this->activate_shadowExpire && ($this->shadowExpire == "" || !tests::is_date($this->shadowExpire))){
+$message[]= msgPool::invalid("shadowExpire", $this->shadowExpire);
+}
+
+/* Check shadow settings, well I like spaghetties... */
+if ($this->activate_shadowMin){
+if (!tests::is_id($this->shadowMin)){
+$message[]= msgPool::invalid(_("shadowMin"), $this->shadowMin, "/[0-9]/");
+}
+}
+if ($this->activate_shadowMax){
+if (!tests::is_id($this->shadowMax)){
+$message[]= msgPool::invalid(_("shadowMax"), $this->shadowMax, "/[0-9]/");
+}
+}
+if ($this->activate_shadowWarning){
+if (!tests::is_id($this->shadowWarning)){
+$message[]= msgPool::invalid(_("shadowWarning"), $this->shadowWarning, "/[0-9]/");
+}
+if (!$this->activate_shadowMax){
+$message[]= msgPool::depends("shadowWarning", "shadowMax");
+}
+if ($this->shadowWarning > $this->shadowMax){
+$message[]= msgPool::toobig("shadowWarning", "shadowMax");
+}
+if ($this->activate_shadowMin && $this->shadowWarning < $this->shadowMin){
+$message[]= msgPool::toosmall("shadowWarning", "shadowMin");
+}
+}
+if ($this->activate_shadowInactive){
+if (!tests::is_id($this->shadowInactive)){
+$message[]= msgPool::invalid(_("shadowInactive"), $this->shadowInactive, "/[0-9]/");
+}
+if (!$this->activate_shadowMax){
+$message[]= msgPool::depends("shadowInactive", "shadowMax");
+}
+}
+if ($this->activate_shadowMin && $this->activate_shadowMax){
+if ($this->shadowMin > $this->shadowMax){
+$message[]= msgPool::toobig("shadowMin", "shadowMax");
+}
+}
+
+return ($message);
+}
+
+
+function multiple_check()
+{
+$message = plugin::multiple_check();
+if ($this->homeDirectory == "" && in_array("homeDirectory",$this->multi_boxes)){
+$message[]= msgPool::required(_("Home directory"));
+}
+if (!tests::is_path($this->homeDirectory) && in_array("homeDirectory",$this->multi_boxes)){
+$message[]= msgPool::invalid(_("Home directory"), "", "", "/home/yourname" );
+}
+
+/* Check shadow settings, well I like spaghetties... */
+if ($this->activate_shadowMin && in_array("activate_shadowMin",$this->multi_boxes)){
+if (!tests::is_id($this->shadowMin)){
+$message[]= msgPool::invalid(_("shadowMin"), $this->shadowMin, "/[0-9]/");
+}
+}
+if ($this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+if (!tests::is_id($this->shadowMax)){
+$message[]= msgPool::invalid(_("shadowMax"), $this->shadowMax, "/[0-9]/");
+}
+}
+if ($this->activate_shadowWarning && in_array("activate_shadowWarning",$this->multi_boxes)){
+if (!tests::is_id($this->shadowWarning)){
+$message[]= msgPool::invalid(_("shadowWarning"), $this->shadowWarning, "/[0-9]/");
+}
+if (!$this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+$message[]= msgPool::depends("shadowWarning", "shadowMax");
+}
+if ($this->shadowWarning > $this->shadowMax && in_array("activate_shadowWarning",$this->multi_boxes)){
+$message[]= msgPool::toobig("shadowWarning", "shadowMax");
+}
+if ($this->activate_shadowMin && $this->shadowWarning < $this->shadowMin && in_array("activate_shadowMin",$this->multi_boxes)){
+$message[]= msgPool::tosmall("shadowWarning", "shadowMin");
+}
+}
+if ($this->activate_shadowInactive && in_array("activate_shadowInactive",$this->multi_boxes)){
+if (!tests::is_id($this->shadowInactive)){
+$message[]= msgPool::invalid(_("shadowInactive"), $this->shadowInactive, "/[0-9]/");
+}
+if (!$this->activate_shadowMax && in_array("activate_shadowMax",$this->multi_boxes)){
+$message[]= msgPool::depends("shadowInactive", "shadowMax");
+}
+}
+if ($this->activate_shadowMin && $this->activate_shadowMax && in_array("activate_shadowMin",$this->multi_boxes)){
+if ($this->shadowMin > $this->shadowMax){
+$message[]= msgPool::toobig("shadowMin", "shadowMax");
+}
+}
+
+return($message);
+}
+
+
+function addGroup ($groups)
+{
+/* include global link_info */
+$ldap= $this->config->get_ldap_link();
+
+/* Walk through groups and add the descriptive entry if not exists */
+foreach ($groups as $value){
+
+if (!array_key_exists($value, $this->groupMembership)){
+$ldap->cat($value, array('cn', 'description', 'dn'));
+$attrs= $ldap->fetch();
+error_reporting (0);
+if (!isset($attrs['description'][0])){
+$entry= $attrs["cn"][0];
+} else {
+$dsc= preg_replace ('/^Group of user/', _("Group of user"), $attrs["description"][0]);
+$entry= $attrs["cn"][0]." [$dsc]";
+}
+error_reporting (E_ALL | E_STRICT);
+
+if(obj_is_writable($attrs['dn'],"groups/group","memberUid")){
+$this->groupMembership[$attrs['dn']]= $entry;
+if($this->multiple_support_active && isset($this->groupMembership_some[$attrs['dn']])){
+unset($this->groupMembership_some[$attrs['dn']]);
+}
+}
+}
+}
+
+/* Sort groups */
+asort ($this->groupMembership);
+reset ($this->groupMembership);
+}
+
+
+/* Del posix user from some groups */
+function delGroup ($groups)
+{
+$dest= array();
+foreach($groups as $dn_to_del){
+if(isset($this->groupMembership[$dn_to_del]) && obj_is_writable($dn_to_del,"groups/group","memberUid")){
+unset($this->groupMembership[$dn_to_del]);
+}
+if($this->multiple_support_active){
+if(isset($this->groupMembership_some[$dn_to_del]) && obj_is_writable($dn_to_del,"groups/group","memberUid")){
+unset($this->groupMembership_some[$dn_to_del]);
+}
+}
+}
+}
+
+
+/* Adapt from template, using 'dn' */
+function adapt_from_template($dn, $skip= array())
+{
+/* Include global link_info */
+$ldap= $this->config->get_ldap_link();
+
+plugin::adapt_from_template($dn, $skip);
+$template= $this->attrs['uid'][0];
+
+/* Adapt group membership */
+$ldap->cd($this->config->current['BASE']);
+$ldap->search("(&(objectClass=posixGroup)(memberUid=".$this->attrs["uid"][0]."))", array("description", "cn"));
+
+while ($this->attrs= $ldap->fetch()){
+if (!isset($this->attrs["description"][0])){
+$entry= $this->attrs["cn"][0];
+} else {
+$entry= $this->attrs["cn"][0]." [".$this->attrs["description"][0]."]";
+}
+$this->groupMembership[$ldap->getDN()]= $entry;
+}
+
+/* Fix primary group settings */
+$ldap->cd($this->config->current['BASE']);
+$ldap->search("(&(objectClass=posixGroup)(cn=$template)(gidNumber=".$this->gidNumber."))", array("cn"));
+if ($ldap->count() != 1){
+$this->primaryGroup= $this->gidNumber;
+}
+
+$ldap->cd($this->config->current['BASE']);
+$ldap->search("(&(objectClass=gosaUserTemplate)(uid=".$template.")(accessTo=*))", array("cn","accessTo"));
+while($attr = $ldap->fetch()){
+$tmp = $attr['accessTo'];
+unset ($tmp['count']);
+$this->accessTo = $tmp;
+}
+
+/* Adjust shadow checkboxes */
+foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive") as $val){
+if ($this->$val != 0){
+$oval= "activate_".$val;
+$this->$oval= "1";
+}
+}
+
+/* FIXME: NEED review of this section */
+/* Need to check shadowExpire separately */
+
+/*
+* If shadowExpire is not enabled in the template, it's a UNIX timestamp - so don't convert it to seconds.
+* The check is a hack - if difference between timestamp generated above and here is max 1 day.
+*/
+if(abs($this->shadowExpire - time())>86400) {
+$this->shadowExpire= $this->convertToSeconds($this->shadowExpire);
+}
+
+/* Only enable checkbox, if shadowExpire is in the future */
+if($this->shadowExpire > time()) {
+$this->activate_shadowExpire= "1";
+}
+}
+
+function convertToSeconds($val)
+{
+if ($val != 0){
+$val*= 60 * 60 * 24;
+} else {
+$date= getdate();
+$val= floor($date[0] / (60*60*24)) * 60 * 60 * 24;
+}
+return($val);
+}
+
+
+function get_used_uid_numbers()
+{
+$ids= array();
+$ldap= $this->config->get_ldap_link();
+
+$ldap->cd ($this->config->current['BASE']);
+$ldap->search ("(&(objectClass=posixAccount)(uidNumber=*))", array("uidNumber"));
+
+/* Get list of ids */
+while ($attrs= $ldap->fetch()){
+$ids[$attrs['uidNumber'][0]] = $attrs['dn'];
+}
+return($ids);
+}
+
+
+/* Get posts from copy & paste dialog */
+function saveCopyDialog()
+{
+if(isset($_POST['homeDirectory'])){
+$this->homeDirectory = $_POST['homeDirectory'];
+if (isset ($_POST['force_ids'])){
+$data= 1;
+$this->gidNumber = $_POST['gidNumber'];
+$this->uidNumber = $_POST['uidNumber'];
+} else {
+$data= 0;
+}
+if ($this->force_ids != $data){
+$this->is_modified= TRUE;
+}
+$this->force_ids= $data;
+$data= $_POST['primaryGroup'];
+if ($this->primaryGroup != $data){
+$this->is_modified= TRUE;
+}
+$this->primaryGroup= $_POST['primaryGroup'];
+}
+}
+
+
+/* Create the posix dialog part for copy & paste */
+function getCopyDialog()
+{
+/* Skip dialog creation if this is not a valid account*/
+if(!$this->is_account) return("");
+if ($this->force_ids == 1){
+$force_ids = "checked";
+if (session::get('js')){
+$forceMode = "";
+}
+} else {
+if (session::get('js')){
+if($this->acl != "#none#")
+$forceMode ="disabled";
+}
+$force_ids = "";
+}
+
+$sta = "";
+
+/* Open group add dialog */
+if(isset($_POST['edit_groupmembership'])){
+$this->groupSelect = new groupSelect($this->config,get_userinfo());
+$sta = "SubDialog";
+}
+
+/* If the group-add dialog is closed, call execute
+to ensure that the membership is updatd */
+if(isset($_POST['add_groups_finish']) || isset($_POST['add_groups_cancel'])){
+$this->execute();
+$this->groupSelect =NULL;
+}
+
+if($this->groupSelect){
+$str = $this->execute(true);
+$ret = array();
+$ret['string'] = $str;
+$ret['status'] = $sta;
+return($ret);
+}
+
+/* If a group member should be deleted, simply call execute */
+if(isset($_POST['delete_groupmembership'])){
+$this->execute();
+}
+
+/* Assigned informations to smarty */
+$smarty = get_smarty();
+$smarty->assign("homeDirectory",$this->homeDirectory);
+$smarty->assign("secondaryGroups",$this->secondaryGroups);
+$smarty->assign("primaryGroup",$this->primaryGroup);
+
+$smarty->assign("uidNumber",$this->uidNumber);
+$smarty->assign("gidNumber",$this->gidNumber);
+$smarty->assign("forceMode",$forceMode);
+$smarty->assign("force_ids",$force_ids);
+if (!count($this->groupMembership)){
+$smarty->assign("groupMembership", array(" "));
+} else {
+$smarty->assign("groupMembership", $this->groupMembership);
+}
+
+/* Display wars message if there are more than 16 group members */
+if (count($this->groupMembership) > 16){
+$smarty->assign("groups", "too_many_for_nfs");
+} else {
+$smarty->assign("groups", "");
+}
+$str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
+
+$ret = array();
+$ret['string'] = $str;
+$ret['status'] = $sta;
+return($ret);
+}
+
+
+function PrepareForCopyPaste($source)
+{
+plugin::PrepareForCopyPaste($source);
+
+/* Avoid using the same gid/uid number as source user
+empty numbers to enforce new ones. */
+$this->savedUidNumber = "";
+$this->savedGidNumber = "";
+
+/* Get group membership */
+$ldap = $this->config->get_ldap_link();
+$ldap->cd($this->config->current['BASE']);
+$ldap->search("(&(objectClass=posixGroup)(memberUid=".$source['uid'][0]."))", array("cn", "description"));
+
+while ($attrs= $ldap->fetch()){
+if (!isset($attrs["description"][0])){
+$entry= $attrs["cn"][0];
+} else {
+$entry= $attrs["cn"][0]." [".$attrs["description"][0]."]";
+}
+$this->groupMembership[$ldap->getDN()]= $entry;
+}
+asort($this->groupMembership);
+reset($this->groupMembership);
+
+/* Fill group */
+if(isset($source['gidNumber'][0])){
+$this->primaryGroup= $source['gidNumber'][0];
+}
+
+}
+
+
+function multiple_execute()
+{
+return($this->execute());
+}
+
+
+static function plInfo()
+{
+return (array(
+"plDescription" => _("POSIX account"),
+"plSelfModify" => TRUE,
+"plDepends" => array("user"),
+"plPriority" => 2,
+"plSection" => array("personal" => _("My account")),
+"plCategory" => array("users"),
+"plOptions" => array(),
+
+"plProvidedAcls" => array(
+
+"homeDirectory" => _("Home directory"),
+"loginShell" => _("Shell"),
+"uidNumber" => _("User ID"),
+"gidNumber" => _("Group ID"),
+
+"mustchangepassword"=> _("Force password change on login"),
+"shadowMin" => _("Shadow min"),
+"shadowMax" => _("Shadow max"),
+"shadowWarning" => _("Shadow warning"),
+"shadowInactive" => _("Shadow inactive"),
+"shadowExpire" => _("Shadow expire"),
+"sshPublickey" => _("Public SSH key"),
+"trustModel" => _("System trust model")))
+);
+}
+
+
+/* Return selected values for multiple edit */
+function get_multi_edit_values()
+{
+$ret = plugin::get_multi_edit_values();
+$ret['groupMembership'] = $this->groupMembership;
+$ret['groupMembership_some']= $this->groupMembership_some;
+
+if(in_array("primaryGroup",$this->multi_boxes)){
+$ret['primaryGroup'] = $this->primaryGroup;
+}
+if(in_array("trustmode",$this->multi_boxes)){
+$ret['trustModel'] = $this->trustModel;
+$ret['accessTo'] = $this->accessTo;
+}
+foreach(array("shadowWarning","shadowInactive","shadowMin","shadowMax", "shadowExpire") as $entry){
+$active = "activate_".$entry;
+if(in_array($active,$this->multi_boxes)){
+$ret[$entry] = $this->$entry;
+$ret[$active] = $this->$active;
+}
+}
+if(in_array("mustchangepassword",$this->multi_boxes)){
+$ret['mustchangepassword'] = $this->mustchangepassword;
+}
+return($ret);
+}
+
+
+/* Save posts for multiple edit
+*/
+function multiple_save_object()
+{
+if(isset($_POST['posix_mulitple_edit'])){
+
+/* Backup expire value */
+$expire_tmp = $this->shadowExpire;
+
+/* Update all values */
+plugin::multiple_save_object();
+
+/* Get selected checkboxes */
+foreach(array("primaryGroup","trustmode","mustchangepassword","activate_shadowWarning","activate_shadowInactive","activate_shadowMin", "activate_shadowMax","activate_shadowExpire") as $val){
+if(isset($_POST["use_".$val])){
+$this->multi_boxes[] = $val;
+}
+}
+
+/* Update special values, checkboxes for posixShadow */
+foreach(array("shadowMin","shadowMax","shadowExpire","shadowInactive","shadowWarning") as $var) {
+if($this->acl_is_writeable($var)){
+$activate_var = "activate_".$var;
+if(in_array($activate_var, $this->multi_boxes)){
+if(isset($_POST['activate_'.$var])){
+$this->$activate_var = true;
+$this->$var = $_POST[$var];
+}else{
+$this->$activate_var = false;
+$this->$var = 0;
+}
+}
+}
+}
+
+/* Restore shadow value, if the shadow attribute isn't used */
+if(!in_array("activate_shadowExpire",$this->multi_boxes)){
+$this->shadowExpire = $expire_tmp;
+}
+
+/* Force change password ? */
+if(isset($_POST['mustchangepassword'])){
+$this->mustchangepassword = TRUE;
+}else{
+$this->mustchangepassword = FALSE;
+}
+
+/* Trust mode - special handling */
+if($this->acl_is_writeable("trustModel")){
+if (isset($_POST['trustmode'])){
+$saved= $this->trustModel;
+if ($_POST['trustmode'] == "1"){
+$this->trustModel= "fullaccess";
+} elseif ($_POST['trustmode'] == "2"){
+$this->trustModel= "byhost";
+} else {
+$this->trustModel= "";
+}
+if ($this->trustModel != $saved){
+$this->is_modified= TRUE;
+}
+}
+}
+
+/* Save primary group settings */
+if($this->acl_is_writeable("primaryGroup") && isset($_POST['primaryGroup'])){
+$data= $_POST['primaryGroup'];
+if ($this->primaryGroup != $data){
+$this->is_modified= TRUE;
+}
+$this->primaryGroup= $_POST['primaryGroup'];
+}
+}
+}
+
+
+/* Initialize plugin with given atribute arrays
+*/
+function init_multiple_support($attrs,$all)
+{
+plugin::init_multiple_support($attrs,$all);
+
+/* Some dummy values */
+$groups_some = array();
+$groups_all = array();
+$groups_uid = array();
+$uids = array();
+$first = TRUE;
+
+/* Get all groups used by currently edited users */
+$uid_filter="";
+for($i =0; $i < $this->multi_attrs_all['uid']['count'] ; $i ++){
+$uid = $this->multi_attrs_all['uid'][$i];
+$uids[] = $uid;
+$uid_filter.= "(memberUid=".$uid.")";
+}
+$uid_filter = "(&(objectClass=posixGroup)(|".$uid_filter."))";
+$ldap = $this->config->get_ldap_link();
+$ldap->cd($this->config->current['BASE']);
+$ldap->search($uid_filter,array("dn","cn","memberUid"));
+while($group = $ldap->fetch()){
+$groups_some[$group['dn']] = $group['cn'][0];
+for($i = 0 ; $i < $group['memberUid']['count'] ; $i++){
+$groups_uid[$group['dn']][] = $group['memberUid'][$i];
+}
+}
+
+/* Create an array, containing all used groups */
+$groups_all = $groups_some;
+foreach($groups_all as $id => $group){
+foreach($uids as $uid){
+if(!in_array($uid,$groups_uid[$id])){
+unset($groups_all[$id]);
+break;
+}
+}
+}
+
+/* Assign group array */
+$this->groupMembership = $groups_all;
+
+/* Create an array of all grouops used by all users */
+foreach( $groups_all as $dn => $cn){
+if(isset($groups_some[$dn])){
+unset($groups_some[$dn]);
+}
+}
+$this->groupMembership_some = $groups_some;
+$this->primaryGroup = $this->gidNumber;
+
+/* Is this account a trustAccount? */
+if (isset($this->multi_attrs['trustModel'])){
+$this->trustModel= $this->multi_attrs['trustModel'][0];
+$this->was_trust_account= TRUE;
+$this->multi_boxes[] = "trustmode";
+} else {
+$this->was_trust_account= FALSE;
+$this->trustModel= "";
+}
+
+/* Create access informations */
+$this->accessTo = array();
+if (isset($this->multi_attrs['accessTo'])){
+for ($i= 0; $i<$this->multi_attrs['accessTo']['count']; $i++){
+$tmp= $this->multi_attrs['accessTo'][$i];
+$this->accessTo[$tmp]= $tmp;
+}
+}
+
+/* Adjust shadow checkboxes */
+foreach (array("shadowMin", "shadowMax", "shadowWarning", "shadowInactive",
+"shadowExpire") as $val){
+if ($this->$val != 0){
+$oval= "activate_".$val;
+$this->$oval= "1";
+}
+}
+
+/* Convert to seconds */
+if(isset($this->multi_attrs['shadowExpire'])){
+$this->shadowExpire = $this->convertToSeconds($this->multi_attrs['shadowExpire'][0]);
+}else{
+$this->activate_shadowExpire = FALSE;
+}
+}
+
+
+function set_multi_edit_values($attrs)
+{
+$groups = array();
+
+/* Update groupMembership, keep optinal group */
+foreach($attrs['groupMembership_some'] as $dn => $cn){
+if(isset($this->groupMembership[$dn])){
+$groups[$dn] = $cn;
+}
+}
+/* Update groupMembership, add forced groups */
+foreach($attrs['groupMembership'] as $dn => $cn){
+$groups[$dn] = $cn;
+}
+plugin::set_multi_edit_values($attrs);
+$this->groupMembership = $groups;
+}
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/gosa-core/plugins/personal/posix/groupSelect/class_filterLDAPBlacklist.inc b/gosa-core/plugins/personal/posix/groupSelect/class_filterLDAPBlacklist.inc
index b78f2b2871be4d7f4043df69f3c9d79a91455465..a465d0916089fa7f774e84e32240a0c2bd235e7f 100644 (file)
class filterLDAPBlacklist {
- static function query($base, $scope, $filter, $attributes, $category, $objectStorage= "")
- {
- $result = filterLDAP::query($base, $scope, $filter, $attributes, $category, $objectStorage);
- return(filterLDAPBlacklist::filterByBlacklist($result));
- }
+static function query($base, $scope, $filter, $attributes, $category, $objectStorage= "")
+{
+$result = filterLDAP::query($base, $scope, $filter, $attributes, $category, $objectStorage);
+return(filterLDAPBlacklist::filterByBlacklist($result));
+}
- static function filterByBlacklist($entries)
- {
- if(session::is_set('filterBlacklist')){
- $blist = session::get('filterBlacklist');
- foreach($blist as $attr_name => $attr_values){
- foreach($attr_values as $match){
- foreach($entries as $id => $entry){
- if(isset($entry[$attr_name])){
- $test = $entry[$attr_name];
- if(!is_array($test)) $test = array($test);
- if(in_array($match, $test)) unset($entries[$id]);
- }
- }
- }
- }
- }
- return(array_values($entries));
- }
+static function filterByBlacklist($entries)
+{
+if(session::is_set('filterBlacklist')){
+$blist = session::get('filterBlacklist');
+foreach($blist as $attr_name => $attr_values){
+foreach($attr_values as $match){
+foreach($entries as $id => $entry){
+if(isset($entry[$attr_name])){
+$test = $entry[$attr_name];
+if(!is_array($test)) $test = array($test);
+if(in_array($match, $test)) unset($entries[$id]);
+}
+}
+}
+}
+}
+return(array_values($entries));
+}
}
?>
diff --git a/gosa-core/plugins/personal/posix/groupSelect/class_groupSelect.inc b/gosa-core/plugins/personal/posix/groupSelect/class_groupSelect.inc
index 2c98adada43047b617227f3d15ae71251fa518ea..be8cddba1fb7d8cbabf0e9b963ecdd38448cce14 100644 (file)
<?php
/*
- * This code is part of GOsa (http://www.gosa-project.org)
- * Copyright (C) 2003-2008 GONICUS GmbH
- *
- * ID: $$Id: class_groupManagement.inc 14766 2009-11-05 14:30:35Z hickert $$
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
+* This code is part of GOsa (http://www.gosa-project.org)
+* Copyright (C) 2003-2008 GONICUS GmbH
+*
+* ID: $$Id: class_groupManagement.inc 14766 2009-11-05 14:30:35Z hickert $$
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program; if not, write to the Free Software
+* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
class groupSelect extends management
{
- protected $skipFooter = TRUE;
- protected $skipHeader = TRUE;
+protected $skipFooter = TRUE;
+protected $skipHeader = TRUE;
- function __construct($config,$ui)
- {
- $this->config = $config;
- $this->ui = $ui;
+function __construct($config,$ui)
+{
+$this->config = $config;
+$this->ui = $ui;
- $this->storagePoints = array(get_ou("groupRDN"));
+$this->storagePoints = array(get_ou("groupRDN"));
- // Build filter
- if (session::global_is_set(get_class($this)."_filter")){
- $filter= session::global_get(get_class($this)."_filter");
- } else {
- $filter = new filter(get_template_path("group-filter.xml", true, dirname(__FILE__)));
- $filter->setObjectStorage($this->storagePoints);
- }
- $this->setFilter($filter);
+// Build filter
+if (session::global_is_set(get_class($this)."_filter")){
+$filter= session::global_get(get_class($this)."_filter");
+} else {
+$filter = new filter(get_template_path("group-filter.xml", true, dirname(__FILE__)));
+$filter->setObjectStorage($this->storagePoints);
+}
+$this->setFilter($filter);
- // Build headpage
- $headpage = new listing(get_template_path("group-list.xml", true, dirname(__FILE__)));
- $headpage->setFilter($filter);
- parent::__construct($config, $ui, "groups", $headpage);
- }
+// Build headpage
+$headpage = new listing(get_template_path("group-list.xml", true, dirname(__FILE__)));
+$headpage->setFilter($filter);
+parent::__construct($config, $ui, "groups", $headpage);
+}
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>
diff --git a/gosa-core/plugins/personal/posix/groupSelect/group-filter.xml b/gosa-core/plugins/personal/posix/groupSelect/group-filter.xml
index 5a43637b3619a8d1f1ea65ee716aaff111dc6c97..42d6cc1163f2819726f8235921f96ebea22ca240 100644 (file)
<?xml version="1.0" encoding="UTF-8"?>
<filterdef>
- <definition>
- <category>groups</category>
- <template>../plugins/personal/posix/groupSelect/group-filter.tpl</template>
- <initial>true</initial>
- </definition>
+<definition>
+<category>groups</category>
+<template>../plugins/personal/posix/groupSelect/group-filter.tpl</template>
+<initial>true</initial>
+</definition>
- <search>
- <query>
- <backend>LDAPBlacklist</backend>
- <filter>(&(objectClass=posixGroup)$NAME(|$PRIMARY$MAIL$SAMBA))</filter>
- <attribute>dn</attribute>
- <attribute>objectClass</attribute>
- <attribute>cn</attribute>
- <attribute>description</attribute>
- </query>
- <scope>auto</scope>
- </search>
+<search>
+<query>
+<backend>LDAPBlacklist</backend>
+<filter>(&(objectClass=posixGroup)$NAME(|$PRIMARY$MAIL$SAMBA))</filter>
+<attribute>dn</attribute>
+<attribute>objectClass</attribute>
+<attribute>cn</attribute>
+<attribute>description</attribute>
+</query>
+<scope>auto</scope>
+</search>
- <element>
- <type>checkbox</type>
- <tag>PRIMARY</tag>
- <default>true</default>
- <unset></unset>
- <set>(!(objectClass=gosaObject))</set>
- </element>
+<element>
+<type>checkbox</type>
+<tag>PRIMARY</tag>
+<default>true</default>
+<unset></unset>
+<set>(!(objectClass=gosaObject))</set>
+</element>
- <element>
- <type>checkbox</type>
- <tag>MAIL</tag>
- <default>true</default>
- <unset></unset>
- <set>(objectClass=gosaMailAccount)</set>
- </element>
+<element>
+<type>checkbox</type>
+<tag>MAIL</tag>
+<default>true</default>
+<unset></unset>
+<set>(objectClass=gosaMailAccount)</set>
+</element>
- <element>
- <type>checkbox</type>
- <tag>SAMBA</tag>
- <default>true</default>
- <unset></unset>
- <set>(objectClass=sambaGroupMapping)</set>
- </element>
+<element>
+<type>checkbox</type>
+<tag>SAMBA</tag>
+<default>true</default>
+<unset></unset>
+<set>(objectClass=sambaGroupMapping)</set>
+</element>
- <element>
- <type>textfield</type>
- <tag>NAME</tag>
- <size>20</size>
- <maxlength>60</maxlength>
- <default></default>
- <unset></unset>
- <set>(|(cn=*$*)(description=*$*))</set>
- <alphabet>true</alphabet>
- <autocomplete>
- <backend>LDAPBlacklist</backend>
- <filter>(&(objectClass=posixGroup)(|(cn=*$NAME*)(description=*$NAME*)))</filter>
- <attribute>cn</attribute>
- <frequency>0.5</frequency>
- <characters>3</characters>
- </autocomplete>
- </element>
+<element>
+<type>textfield</type>
+<tag>NAME</tag>
+<size>20</size>
+<maxlength>60</maxlength>
+<default></default>
+<unset></unset>
+<set>(|(cn=*$*)(description=*$*))</set>
+<alphabet>true</alphabet>
+<autocomplete>
+<backend>LDAPBlacklist</backend>
+<filter>(&(objectClass=posixGroup)(|(cn=*$NAME*)(description=*$NAME*)))</filter>
+<attribute>cn</attribute>
+<frequency>0.5</frequency>
+<characters>3</characters>
+</autocomplete>
+</element>
</filterdef>
diff --git a/gosa-core/plugins/personal/posix/groupSelect/group-list.xml b/gosa-core/plugins/personal/posix/groupSelect/group-list.xml
index 721a160aac9bd72a2a05cbd7545679f821ef2e3a..91363ff8516e7a8c94929082cc63707cc6d1aa65 100644 (file)
<?xml version="1.0" encoding="UTF-8"?>
<list>
- <definition>
- <departmentBrowser>true</departmentBrowser>
- <departmentRootVisible>false</departmentRootVisible>
- <baseMode>true</baseMode>
- <multiSelect>true</multiSelect>
- <template>../plugins/personal/posix/groupSelect/group-list.tpl</template>
- <module>groups</module>
- <label>Please select the desired entries</label>
- <defaultSortColumn>1</defaultSortColumn>
+<definition>
+<departmentbrowser>true</departmentbrowser>
+<departmentrootvisible>false</departmentrootvisible>
+<basemode>true</basemode>
+<multiselect>true</multiselect>
+<template>../plugins/personal/posix/groupSelect/group-list.tpl</template>
+<module>groups</module>
+<label>Please select the desired entries</label>
+<defaultsortcolumn>1</defaultsortcolumn>
- <objectType>
- <label>Group</label>
- <objectClass>posixGroup</objectClass>
- <category>groups</category>
- <class>group</class>
- <image>plugins/groups/images/groups.png</image>
- </objectType>
+<objecttype>
+<label>Group</label>
+<objectclass>posixGroup</objectclass>
+<category>groups</category>
+<class>group</class>
+<image>plugins/groups/images/groups.png</image>
+</objecttype>
- </definition>
+</definition>
- <table>
- <layout>|20px;c|||</layout>
+<table>
+ <layout>|20px;c|||</layout>
+
+ <department>
+ <value>%{filter:objectType(dn,objectClass)}</value>
+ </department>
+
+ <department>
+ <value>%{filter:departmentLink(row,dn,description)}</value>
+ <span>1</span>
+ </department>
+
+ <column>
+ <value>%{filter:objectType(dn,objectClass)}</value>
+ </column>
+
+ <column>
+ <label>Name</label>
+ <sortattribute>cn</sortattribute>
+ <sorttype>string</sorttype>
+ <value>%{cn}</value>
+ <export>true</export>
+ </column>
+
+ <column>
+ <label>Description</label>
+ <sortattribute>description</sortattribute>
+ <sorttype>string</sorttype>
+ <value>%{description}</value>
+ <export>true</export>
+ </column>
+
+</table>
- <department>
- <value>%{filter:objectType(dn,objectClass)}</value>
- </department>
+<actionmenu>
+</actionmenu>
- <department>
- <value>%{filter:departmentLink(row,dn,description)}</value>
- <span>1</span>
- </department>
-
- <column>
- <value>%{filter:objectType(dn,objectClass)}</value>
- </column>
-
- <column>
- <label>Name</label>
- <sortAttribute>cn</sortAttribute>
- <sortType>string</sortType>
- <value>%{cn}</value>
- <export>true</export>
- </column>
-
- <column>
- <label>Description</label>
- <sortAttribute>description</sortAttribute>
- <sortType>string</sortType>
- <value>%{description}</value>
- <export>true</export>
- </column>
-
- </table>
-
- <actionmenu>
- </actionmenu>
-
- <actiontriggers snapshot="false" copypaste="false">
- </actiontriggers>
+<actiontriggers snapshot="false" copypaste="false">
+</actiontriggers>
</list>
index 5f817c340b214163d2c86e9bb26768c143c58123..c7be54914475a9508aef8b66ff1b3c1659eb3c7c 100644 (file)
<?php
/*
- * This code is part of GOsa (http://www.gosa-project.org)
- * Copyright (C) 2003-2008 GONICUS GmbH
- *
- * ID: $$Id$$
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
+* This code is part of GOsa (http://www.gosa-project.org)
+* Copyright (C) 2003-2008 GONICUS GmbH
+*
+* ID: $$Id$$
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program; if not, write to the Free Software
+* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
/* Remove locks created by this plugin
*/
$lock_msg="";
if ($remove_lock || isset($_POST['edit_cancel'])){
- if(session::is_set('posixAccount') && session::is_set('edit')){
- del_lock($ui->dn);
- }
+if(session::is_set('posixAccount') && session::is_set('edit')){
+del_lock($ui->dn);
+}
}
/* Remove this plugin from session
*/
if ( $cleanup ){
- session::un_set('posixAccount');
- session::un_set('edit');
+session::un_set('posixAccount');
+session::un_set('edit');
+
+}else{
+
+/* Reset requested? */
+if (isset($_POST['edit_cancel'])){
+session::un_set ('edit');
+session::un_set ('posixAccount');
+}
+
+/* Create posixAccount object on demand */
+if (!session::is_set('posixAccount') || (isset($_GET['reset']) && $_GET['reset'] == 1)){
+$posixAccount= new posixAccount ($config, $ui->dn);
+$posixAccount->enable_CSN_check();
+$posixAccount->set_acl_base($ui->dn);
+$posixAccount->set_acl_category("users");
+session::set('posixAccount',$posixAccount);
+}
+$posixAccount = session::get('posixAccount');
+
+/* save changes back to object */
+if (session::is_set('edit')){
+$posixAccount->save_object ();
+}
+
+/* Enter edit mode? */
+if ((isset($_POST['edit'])) && (!session::is_set('edit'))){
+
+/* Check locking */
+if (($username= get_lock($ui->dn)) != ""){
+session::set('back_plugin',$plug);
+session::set('LOCK_VARS_TO_USE',array("/^edit$/","/^plug$/"));
+$lock_msg = gen_locked_message ($username, $ui->dn);
+
+}else{
+
+/* Lock the current entry */
+add_lock ($ui->dn, $ui->dn);
+session::set('edit',TRUE);
+}
+}
+/* save changes to LDAP and disable edit mode */
+$info= "";
+if (isset($_POST['edit_finish'])){
+
+/* Perform checks */
+$message= $posixAccount->check ();
+
+/* No errors, save object */
+if (count ($message) == 0){
+$posixAccount->save ();
+del_lock ($ui->dn);
+session::un_set ('edit');
+
+/* Remove from session */
+session::un_set ('posixAccount');
+} else {
+/* Errors found, show message */
+msg_dialog::displayChecks($message);
+}
+}
+
+/* Execute formular */
+if($lock_msg){
+$display = $lock_msg;
}else{
+$display.= $posixAccount->execute ();
+}
+
+/* Store changes in session */
+if (session::is_set('edit')){
+session::set('posixAccount',$posixAccount);
+}
+
+/* Show page footer depending on the mode */
+if (!$posixAccount->groupSelect && !$posixAccount->trustSelect && $posixAccount->is_account && empty($lock_msg)){
+
+$display.= "<p class=\"plugbottom\">";
+
+/* Are we in edit mode? */
+if (session::is_set('edit')){
+$display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\"".msgPool::okButton()."\">\n";
+$display.= " ";
+$display.= "<input type=submit name=\"edit_cancel\" value=\"".msgPool::cancelButton()."\">\n";
+$info= "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/locked.png').
+"\"> ".$ui->dn." ";
+} else {
+$info= "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/unlocked.png').
+"\"> ".$ui->dn." ";
+
+/* Only display edit button if there is at least one attribute editable */
+if(preg_match("/r/",$ui->get_permissions($ui->dn,"users/posixAccount"))){
+$info.= "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/on.png')."\"> ".
+msgPool::clickEditToChange();
+
+$display.= "<input type=submit name=\"edit\" value=\"".msgPool::editButton()."\">\n";
+}
+$display.= "<input type=\"hidden\" name=\"ignore\">\n";
+}
+$display.= "</p>\n";
+}
- /* Reset requested? */
- if (isset($_POST['edit_cancel'])){
- session::un_set ('edit');
- session::un_set ('posixAccount');
- }
-
- /* Create posixAccount object on demand */
- if (!session::is_set('posixAccount') || (isset($_GET['reset']) && $_GET['reset'] == 1)){
- $posixAccount= new posixAccount ($config, $ui->dn);
- $posixAccount->enable_CSN_check();
- $posixAccount->set_acl_base($ui->dn);
- $posixAccount->set_acl_category("users");
- session::set('posixAccount',$posixAccount);
- }
- $posixAccount = session::get('posixAccount');
-
- /* save changes back to object */
- if (session::is_set('edit')){
- $posixAccount->save_object ();
- }
-
- /* Enter edit mode? */
- if ((isset($_POST['edit'])) && (!session::is_set('edit'))){
-
- /* Check locking */
- if (($username= get_lock($ui->dn)) != ""){
- session::set('back_plugin',$plug);
- session::set('LOCK_VARS_TO_USE',array("/^edit$/","/^plug$/"));
- $lock_msg = gen_locked_message ($username, $ui->dn);
-
- }else{
-
- /* Lock the current entry */
- add_lock ($ui->dn, $ui->dn);
- session::set('edit',TRUE);
- }
- }
-
- /* save changes to LDAP and disable edit mode */
- $info= "";
- if (isset($_POST['edit_finish'])){
-
- /* Perform checks */
- $message= $posixAccount->check ();
-
- /* No errors, save object */
- if (count ($message) == 0){
- $posixAccount->save ();
- del_lock ($ui->dn);
- session::un_set ('edit');
-
- /* Remove from session */
- session::un_set ('posixAccount');
- } else {
- /* Errors found, show message */
- msg_dialog::displayChecks($message);
- }
- }
-
- /* Execute formular */
- if($lock_msg){
- $display = $lock_msg;
- }else{
- $display.= $posixAccount->execute ();
- }
-
- /* Store changes in session */
- if (session::is_set('edit')){
- session::set('posixAccount',$posixAccount);
- }
-
- /* Show page footer depending on the mode */
- if (!$posixAccount->groupSelect && !$posixAccount->trustSelect && $posixAccount->is_account && empty($lock_msg)){
-
- $display.= "<p class=\"plugbottom\">";
-
- /* Are we in edit mode? */
- if (session::is_set('edit')){
- $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\"".msgPool::okButton()."\">\n";
- $display.= " ";
- $display.= "<input type=submit name=\"edit_cancel\" value=\"".msgPool::cancelButton()."\">\n";
- $info= "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/locked.png').
- "\"> ".$ui->dn." ";
- } else {
- $info= "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/unlocked.png').
- "\"> ".$ui->dn." ";
-
- /* Only display edit button if there is at least one attribute editable */
- if(preg_match("/r/",$ui->get_permissions($ui->dn,"users/posixAccount"))){
- $info.= "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/on.png')."\"> ".
- msgPool::clickEditToChange();
-
- $display.= "<input type=submit name=\"edit\" value=\"".msgPool::editButton()."\">\n";
- }
- $display.= "<input type=\"hidden\" name=\"ignore\">\n";
- }
- $display.= "</p>\n";
- }
-
- /* Page header*/
- $display= print_header(get_template_path('plugins/posix/images/plugin.png'),
- _("POSIX settings"), $info).$display;
+/* Page header*/
+$display= print_header(get_template_path('plugins/posix/images/plugin.png'),
+_("POSIX settings"), $info).$display;
}
diff --git a/gosa-core/plugins/personal/posix/posix_shadow.tpl b/gosa-core/plugins/personal/posix/posix_shadow.tpl
index 9c15386f7cbaf588daa78e7c98085bbebc7e23bd..c98cab738dabea2cc28357034ccb64cecf53db0f 100644 (file)
<table summary="" style="width:100%; vertical-align:top; text-align:left;" cellpadding=0 border=0>
<tr>
<td style="width:50%; vertical-align:top;">
-
-<!-- must_change_password -->
-{render acl=$mustchangepasswordACL checkbox=$multiple_support checked=$use_mustchangepassword}
+
+ <!-- must_change_password -->
+ {render acl=$mustchangepasswordACL checkbox=$multiple_support checked=$use_mustchangepassword}
<input type="checkbox" class="center" name="mustchangepassword" value="1" {$mustchangepassword}>
-{/render}
+ {/render}
{t}User must change password on first login{/t}
<br>
-
-<!-- shadowMin -->
-{render acl=$shadowMinACL checkbox=$multiple_support checked=$use_activate_shadowMin}
+
+ <!-- shadowMin -->
+ {render acl=$shadowMinACL checkbox=$multiple_support checked=$use_activate_shadowMin}
<input type="checkbox" class="center" name="activate_shadowMin" value="1" {$activate_shadowMin}>
-{/render}
-{render acl=$shadowMinACL}
+ {/render}
+ {render acl=$shadowMinACL}
{$shadowmins}
-{/render}
+ {/render}
<br>
-
-<!-- activate_shadowMax -->
-{render acl=$shadowMaxACL checkbox=$multiple_support checked=$use_activate_shadowMax}
+
+ <!-- activate_shadowMax -->
+ {render acl=$shadowMaxACL checkbox=$multiple_support checked=$use_activate_shadowMax}
<input type="checkbox" class="center" name="activate_shadowMax" value="1" {$activate_shadowMax}>
-{/render}
-{render acl=$shadowMaxACL}
+ {/render}
+ {render acl=$shadowMaxACL}
{$shadowmaxs}
-{/render}
+ {/render}
<br>
-
-<!-- activate_shadowExpire -->
-{render acl=$shadowExpireACL checkbox=$multiple_support checked=$use_activate_shadowExpire}
+
+ <!-- activate_shadowExpire -->
+ {render acl=$shadowExpireACL checkbox=$multiple_support checked=$use_activate_shadowExpire}
<table border="0" cellpadding="0" cellspacing="0"><tr><td><input type="checkbox" class="center" name="activate_shadowExpire" value="1" {$activate_shadowExpire}>
-{/render}
- {t}Password expires on{/t}
- {render acl=$shadowExpireACL}
- </td><td style='width:130px'>
- <input type="text" id="shadowExpire" name="shadowExpire" class="date" style='width:100px' value="{$shadowExpire}">
- {if $shadowExpireACL|regex_replace:"/[cdmr]/":"" == "w"}
- <script type="text/javascript">
- {literal}
- var datepicker = new DatePicker({ relative : 'shadowExpire', language : '{/literal}{$lang}{literal}',
- keepFieldEmpty : true, enableCloseEffect : false, enableShowEffect : false});
- {/literal}
- </script>
- {/if}
- </td></tr></table>
+ {/render}
+ {t}Password expires on{/t}
+ {render acl=$shadowExpireACL}
+ </td><td style='width:130px'>
+ <input type="text" id="shadowExpire" name="shadowExpire" class="date" style='width:100px' value="{$shadowExpire}">
+ {if $shadowExpireACL|regex_replace:"/[cdmr]/":"" == "w"}
+ <script type="text/javascript">
+ {literal}
+ var datepicker = new DatePicker({ relative : 'shadowExpire', language : '{/literal}{$lang}{literal}',
+ keepFieldEmpty : true, enableCloseEffect : false, enableShowEffect : false});
+ {/literal}
+ </script>
+ {/if}
+ </td></tr></table>
{/render}
-
-<!-- shadowInactive -->
-{render acl=$shadowInactiveACL checkbox=$multiple_support checked=$use_activate_shadowInactive}
+
+ <!-- shadowInactive -->
+ {render acl=$shadowInactiveACL checkbox=$multiple_support checked=$use_activate_shadowInactive}
<input type="checkbox" class="center" name="activate_shadowInactive" value="1" {$activate_shadowInactive}>
-{/render}
-{render acl=$shadowInactiveACL}
+ {/render}
+ {render acl=$shadowInactiveACL}
{$shadowinactives}
-{/render}
+ {/render}
<br>
-
-<!-- activate_shadowWarning -->
-{render acl=$shadowWarningACL checkbox=$multiple_support checked=$use_activate_shadowWarning}
+
+ <!-- activate_shadowWarning -->
+ {render acl=$shadowWarningACL checkbox=$multiple_support checked=$use_activate_shadowWarning}
<input type="checkbox" class="center" name="activate_shadowWarning" value="1" {$activate_shadowWarning}>
-{/render}
-{render acl=$shadowWarningACL}
+ {/render}
+ {render acl=$shadowWarningACL}
{$shadowwarnings}
-{/render}
+ {/render}
</td>
</tr>
</table>
diff --git a/gosa-core/plugins/personal/posix/trustSelect/class_trustSelect.inc b/gosa-core/plugins/personal/posix/trustSelect/class_trustSelect.inc
index 2bcb14806d1981f88c225319529af22926668593..f54620368225dcc88675f5a1e0ab81fb2640677a 100644 (file)
<?php
/*
- * This code is part of GOsa (http://www.gosa-project.org)
- * Copyright (C) 2003-2008 GONICUS GmbH
- *
- * ID: $$Id: class_groupManagement.inc 14766 2009-11-05 14:30:35Z hickert $$
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
+* This code is part of GOsa (http://www.gosa-project.org)
+* Copyright (C) 2003-2008 GONICUS GmbH
+*
+* ID: $$Id: class_groupManagement.inc 14766 2009-11-05 14:30:35Z hickert $$
+*
+* This program is free software; you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation; either version 2 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program; if not, write to the Free Software
+* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
class trustSelect extends management
{
- protected $skipFooter = TRUE;
- protected $skipHeader = TRUE;
+protected $skipFooter = TRUE;
+protected $skipHeader = TRUE;
+
+function __construct($config,$ui)
+{
+$this->config = $config;
+$this->ui = $ui;
+
+$this->storagePoints = array(get_ou("workstationRDN"),get_ou("terminalRDN"),get_ou("serverRDN"),);
- function __construct($config,$ui)
- {
- $this->config = $config;
- $this->ui = $ui;
-
- $this->storagePoints = array(get_ou("workstationRDN"),get_ou("terminalRDN"),get_ou("serverRDN"),);
-
# // Build filter
# if (session::global_is_set(get_class($this)."_filter")){
# $filter= session::global_get(get_class($this)."_filter");
# } else {
- $filter = new filter(get_template_path("trust-filter.xml", true, dirname(__FILE__)));
- $filter->setObjectStorage($this->storagePoints);
+$filter = new filter(get_template_path("trust-filter.xml", true, dirname(__FILE__)));
+$filter->setObjectStorage($this->storagePoints);
# }
- $this->setFilter($filter);
-
- // Build headpage
- $headpage = new listing(get_template_path("trust-list.xml", true, dirname(__FILE__)));
- $headpage->registerElementFilter("filterProperties", "groupManagement::filterProperties");
- $headpage->setFilter($filter);
- parent::__construct($config, $ui, "groups", $headpage);
- }
-
-
- static function filterProperties($row, $classes)
- {
- $result= "";
-
- $map = array(
- "posixGroup" =>
- array(
- "image" => "plugins/groups/images/groups.png",
- "plugin" => "group",
- "alt" => _("Posix"),
- "title" => _("Edit posix properties")
- ),
-
- "gosaMailAccount" =>
- array(
- "image" => "plugins/groups/images/mail.png",
- "plugin" => "mailgroup",
- "alt" => _("Mail"),
- "title" => _("Edit mail properties")
- ),
-
- "sambaGroupMapping" =>
- array(
- "image" => "plugins/groups/images/samba.png",
- "plugin" => "group",
- "alt" => _("Samba"),
- "title" => _("Edit samba properties")
- ),
-
- "goFonPickupGroup" =>
- array(
- "image" => "plugins/groups/images/asterisk.png",
- "plugin" => "group",
- "alt" => _("Phone"),
- "title" => _("Edit phone properties")
- ),
-
- "gotoMenuGroup" =>
- array(
- "image" => "plugins/groups/images/menu.png",
- "plugin" => "appgroup",
- "alt" => _("Menu"),
- "title" => _("Edit start menu properties")
- ),
-
- "gotoEnvironment" =>
- array(
- "image" => "plugins/groups/images/environment.png",
- "plugin" => "environment",
- "alt" => _("Environment"),
- "title" => _("Edit environment properties")
- )
- );
-
-
- // Walk thru map
- foreach ($map as $oc => $properties) {
- if (in_array_ics($oc, $classes)) {
- $result.="<input class='center' type='image' src='".$properties['image']."' ".
- "alt='".$properties['alt']."' title='".$properties['title'].
- "' name='listing_edit_".$properties['plugin']."_$row' style='padding:1px'>";
- } else {
- $result.="<img src='images/empty.png' alt=' ' class='center' style='padding:1px'>";
- }
- }
- return $result;
- }
+$this->setFilter($filter);
+
+// Build headpage
+$headpage = new listing(get_template_path("trust-list.xml", true, dirname(__FILE__)));
+$headpage->registerElementFilter("filterProperties", "groupManagement::filterProperties");
+$headpage->setFilter($filter);
+parent::__construct($config, $ui, "groups", $headpage);
+}
+
+
+static function filterProperties($row, $classes)
+{
+$result= "";
+
+$map = array(
+"posixGroup" =>
+array(
+"image" => "plugins/groups/images/groups.png",
+"plugin" => "group",
+"alt" => _("Posix"),
+"title" => _("Edit posix properties")
+),
+
+"gosaMailAccount" =>
+array(
+"image" => "plugins/groups/images/mail.png",
+"plugin" => "mailgroup",
+"alt" => _("Mail"),
+"title" => _("Edit mail properties")
+),
+
+"sambaGroupMapping" =>
+array(
+"image" => "plugins/groups/images/samba.png",
+"plugin" => "group",
+"alt" => _("Samba"),
+"title" => _("Edit samba properties")
+),
+
+"goFonPickupGroup" =>
+array(
+"image" => "plugins/groups/images/asterisk.png",
+"plugin" => "group",
+"alt" => _("Phone"),
+"title" => _("Edit phone properties")
+),
+
+"gotoMenuGroup" =>
+array(
+"image" => "plugins/groups/images/menu.png",
+"plugin" => "appgroup",
+"alt" => _("Menu"),
+"title" => _("Edit start menu properties")
+),
+
+"gotoEnvironment" =>
+array(
+"image" => "plugins/groups/images/environment.png",
+"plugin" => "environment",
+"alt" => _("Environment"),
+"title" => _("Edit environment properties")
+)
+);
+
+
+// Walk thru map
+foreach ($map as $oc => $properties) {
+if (in_array_ics($oc, $classes)) {
+$result.="<input class='center' type='image' src='".$properties['image']."' ".
+"alt='".$properties['alt']."' title='".$properties['title'].
+"' name='listing_edit_".$properties['plugin']."_$row' style='padding:1px'>";
+} else {
+$result.="<img src='images/empty.png' alt=' ' class='center' style='padding:1px'>";
+}
+}
+return $result;
+}
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>
diff --git a/gosa-core/plugins/personal/posix/trustSelect/trust-filter.xml b/gosa-core/plugins/personal/posix/trustSelect/trust-filter.xml
index 10ea5d554ee75fefe3d8598035d8c0a37f7f03f6..b30118e63e364d778fa4720decb84c2c4be15130 100644 (file)
<?xml version="1.0" encoding="UTF-8"?>
<filterdef>
- <definition>
- <category>groups</category>
- <template>../plugins/personal/posix/trustSelect/trust-filter.tpl</template>
- <initial>true</initial>
- </definition>
+<definition>
+<category>groups</category>
+<template>../plugins/personal/posix/trustSelect/trust-filter.tpl</template>
+<initial>true</initial>
+</definition>
- <search>
- <query>
- <backend>LDAPBlacklist</backend>
- <filter>(&(|$SERVER $WORKSTATION $TERMINAL)$NAME)</filter>
- <attribute>dn</attribute>
- <attribute>objectClass</attribute>
- <attribute>cn</attribute>
- <attribute>description</attribute>
- </query>
- <scope>auto</scope>
- </search>
+<search>
+<query>
+<backend>LDAPBlacklist</backend>
+<filter>(&(|$SERVER $WORKSTATION $TERMINAL)$NAME)</filter>
+<attribute>dn</attribute>
+<attribute>objectClass</attribute>
+<attribute>cn</attribute>
+<attribute>description</attribute>
+</query>
+<scope>auto</scope>
+</search>
- <element>
- <type>textfield</type>
- <tag>NAME</tag>
- <size>20</size>
- <maxlength>60</maxlength>
- <default></default>
- <unset></unset>
- <set>(cn=*$*)</set>
- <alphabet>false</alphabet>
- <autocomplete>
- <backend>LDAPBlacklist</backend>
- <filter>(cn=*$NAME*)</filter>
- <attribute>cn</attribute>
- <frequency>0.5</frequency>
- <characters>3</characters>
- </autocomplete>
- </element>
+<element>
+<type>textfield</type>
+<tag>NAME</tag>
+<size>20</size>
+<maxlength>60</maxlength>
+<default></default>
+<unset></unset>
+<set>(cn=*$*)</set>
+<alphabet>false</alphabet>
+<autocomplete>
+<backend>LDAPBlacklist</backend>
+<filter>(cn=*$NAME*)</filter>
+<attribute>cn</attribute>
+<frequency>0.5</frequency>
+<characters>3</characters>
+</autocomplete>
+</element>
- <element>
- <type>checkbox</type>
- <tag>SERVER</tag>
- <default>true</default>
- <unset></unset>
- <set>(objectClass=goServer)</set>
- </element>
+<element>
+<type>checkbox</type>
+<tag>SERVER</tag>
+<default>true</default>
+<unset></unset>
+<set>(objectClass=goServer)</set>
+</element>
- <element>
- <type>checkbox</type>
- <tag>WORKSTATION</tag>
- <default>true</default>
- <unset></unset>
- <set>(objectClass=gotoWorkstation)</set>
- </element>
+<element>
+<type>checkbox</type>
+<tag>WORKSTATION</tag>
+<default>true</default>
+<unset></unset>
+<set>(objectClass=gotoWorkstation)</set>
+</element>
- <element>
- <type>checkbox</type>
- <tag>TERMINAL</tag>
- <default>true</default>
- <unset></unset>
- <set>(objectClass=gotoTerminal)</set>
- </element>
+<element>
+<type>checkbox</type>
+<tag>TERMINAL</tag>
+<default>true</default>
+<unset></unset>
+<set>(objectClass=gotoTerminal)</set>
+</element>
</filterdef>
diff --git a/gosa-core/plugins/personal/posix/trustSelect/trust-list.xml b/gosa-core/plugins/personal/posix/trustSelect/trust-list.xml
index 584e8b373ae580bf139dca2c571501b3fb01a7fe..a46c30fb912742a71bf54c15952d1e4b97f5397c 100644 (file)
<?xml version="1.0" encoding="UTF-8"?>
<list>
- <definition>
- <departmentBrowser>true</departmentBrowser>
- <departmentRootVisible>false</departmentRootVisible>
- <baseMode>true</baseMode>
- <multiSelect>true</multiSelect>
- <template>../plugins/personal/posix/trustSelect/trust-list.tpl</template>
- <label>Please select the desired entries</label>
- <defaultSortColumn>1</defaultSortColumn>
+<definition>
+<departmentbrowser>true</departmentbrowser>
+<departmentrootvisible>false</departmentrootvisible>
+<basemode>true</basemode>
+<multiselect>true</multiselect>
+<template>../plugins/personal/posix/trustSelect/trust-list.tpl</template>
+<label>Please select the desired entries</label>
+<defaultsortcolumn>1</defaultsortcolumn>
- <objectType>
- <label>Server</label>
- <objectClass>goServer</objectClass>
- <category>server</category>
- <class>servgeneric</class>
- <image>plugins/systems/images/select_server.png</image>
- </objectType>
+<objecttype>
+<label>Server</label>
+<objectclass>goServer</objectclass>
+<category>server</category>
+<class>servgeneric</class>
+<image>plugins/systems/images/select_server.png</image>
+</objecttype>
- <objectType>
- <label>Workstation</label>
- <objectClass>gotoWorkstation</objectClass>
- <category>workstation</category>
- <class>workgeneric</class>
- <image>plugins/systems/images/select_workstation.png</image>
- </objectType>
+<objecttype>
+<label>Workstation</label>
+<objectclass>gotoWorkstation</objectclass>
+<category>workstation</category>
+<class>workgeneric</class>
+<image>plugins/systems/images/select_workstation.png</image>
+</objecttype>
- <objectType>
- <label>Terminal</label>
- <objectClass>gotoTerminal</objectClass>
- <category>terminal</category>
- <class>termgeneric</class>
- <image>plugins/systems/images/select_terminal.png</image>
- </objectType>
+<objecttype>
+<label>Terminal</label>
+<objectclass>gotoTerminal</objectclass>
+<category>terminal</category>
+<class>termgeneric</class>
+<image>plugins/systems/images/select_terminal.png</image>
+</objecttype>
- </definition>
+</definition>
- <table>
- <layout>|20px;c|||</layout>
+<table>
+ <layout>|20px;c|||</layout>
+
+ <department>
+ <value>%{filter:objectType(dn,objectClass)}</value>
+ </department>
+
+ <department>
+ <value>%{filter:departmentLink(row,dn,description)}</value>
+ <span>1</span>
+ </department>
+
+ <column>
+ <value>%{filter:objectType(dn,objectClass)}</value>
+ </column>
+
+ <column>
+ <label>Name</label>
+ <sortattribute>cn</sortattribute>
+ <sorttype>string</sorttype>
+ <value>%{cn}</value>
+ <export>true</export>
+ </column>
+
+ <column>
+ <label>Description</label>
+ <sortattribute>description</sortattribute>
+ <sorttype>string</sorttype>
+ <value>%{description}</value>
+ <export>true</export>
+ </column>
+
+</table>
- <department>
- <value>%{filter:objectType(dn,objectClass)}</value>
- </department>
+<actionmenu>
+</actionmenu>
- <department>
- <value>%{filter:departmentLink(row,dn,description)}</value>
- <span>1</span>
- </department>
-
- <column>
- <value>%{filter:objectType(dn,objectClass)}</value>
- </column>
-
- <column>
- <label>Name</label>
- <sortAttribute>cn</sortAttribute>
- <sortType>string</sortType>
- <value>%{cn}</value>
- <export>true</export>
- </column>
-
- <column>
- <label>Description</label>
- <sortAttribute>description</sortAttribute>
- <sortType>string</sortType>
- <value>%{description}</value>
- <export>true</export>
- </column>
-
- </table>
-
- <actionmenu>
- </actionmenu>
-
- <actiontriggers snapshot="false" copypaste="false">
- </actiontriggers>
+<actiontriggers snapshot="false" copypaste="false">
+</actiontriggers>
</list>