![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7094184)
raw | patch | inline | side by side (parent: 7094184)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Wed, 12 Jul 2006 04:13:29 +0000 (04:13 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Wed, 12 Jul 2006 04:13:29 +0000 (04:13 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4107 594d385d-05f5-0310-b6e9-bd551577e9d8
| plugins/admin/acl/class_aclManagement.inc | [new file with mode: 0644] | patch | blob |
| plugins/admin/acl/class_divListACL.inc | [new file with mode: 0644] | patch | blob |
| plugins/admin/acl/main.inc | patch | blob | history | |
| plugins/admin/acl/remove.tpl | [new file with mode: 0755] | patch | blob |
diff --git a/plugins/admin/acl/class_aclManagement.inc b/plugins/admin/acl/class_aclManagement.inc
--- /dev/null
@@ -0,0 +1,375 @@
+<?php
+/*
+ This code is part of GOsa (https://gosa.gonicus.de)
+ Copyright (C) 2003-2006 - Cajus Pollmeier <pollmeier@gonicus.de>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+class aclManagement extends plugin
+{
+ /* Plugin definitions */
+ var $plHeadline = "ACLs";
+ var $plDescription = "This does something";
+
+ /* Dialog attributes */
+ var $acltabs = NULL;
+ var $ui = NULL;
+ var $acl = "";
+ var $DivListACL = NULL;
+
+ function aclManagement($config, $ui)
+ {
+ /* Save configuration for internal use */
+ $this->config = $config;
+ $this->ui = $ui;
+
+ /* Creat dialog object */
+ $this->DivListACL = new divListACL($this->config,$this);
+ }
+
+
+ function execute()
+ {
+ /* Call parent execute */
+ plugin::execute();
+
+ $smarty = get_smarty(); // Smarty instance
+ $s_action = ""; // Contains the action to be taken
+ $s_entry = ""; // The value for s_action
+
+ /* Edit entry button pressed? */
+ if( isset($_GET['act']) && $_GET['act'] == "edit_entry" ){
+ $s_action= "edit";
+ $s_entry= validate($_GET['id']);
+ }
+
+ $types = array("del"=>"acl_del","edit"=>"acl_edit");
+
+ /* Test relevant POST values */
+ foreach($_POST as $key => $val){
+
+ /* Get every possible POST combination and set s_action/s_entry accordingly */
+ foreach($types as $act => $name){
+
+ if (preg_match("/".$name.".*/", $key)){
+ $s_action= $act;
+ $s_entry= preg_replace("/".$name."_/i", "", $key);
+ }
+ }
+ }
+
+ /* Remove coordinate prefix from POST, required by some browsers */
+ $s_entry= preg_replace("/_.$/", "", $s_entry);
+
+ /* Seperate possibly encoded tab and entry, default to tab "acl" */
+ if(preg_match("/.*-.*/", $s_entry)){
+ $s_tab= preg_replace("/^[^-]*-/i", "" ,$s_entry);
+ $s_entry= preg_replace("/-[^-]*$/i", "", $s_entry);
+ }else{
+ $s_tab= "generic";
+ }
+
+ /********************
+ Edit existing entry
+ ********************/
+
+ if (($s_action=="edit") && (!isset($this->acltabs->config))){
+
+ /* Get 'dn' from posted acl, must be unique */
+ $this->dn= $this->list[trim($s_entry)]['dn'];
+
+ /* Check locking, save current plugin in 'back_plugin', so
+ the dialog knows where to return. */
+ if (($acl= get_lock($this->dn)) != ""){
+ $_SESSION['LOCK_VARS_TO_USE'] = array("/^acl_edit/","/^acl_del/","/^id_/");
+ return(gen_locked_message ($acl, $this->dn));
+ }
+
+ /* Lock the current entry, so everyone will get the above dialog */
+ add_lock ($this->dn, $this->ui->dn);
+
+ /* Set up the ACL's for this 'dn' */
+ $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
+
+ /* Register acltabs to trigger edit dialog */
+ $this->acltabs= new acl($this->config, $this->dn);
+
+ /* Switch tab, if it was requested by user */
+ $this->acltabs->current = $s_tab;
+
+ /* Set ACL and move DN to the headline */
+ $_SESSION['objectinfo']= $this->dn;
+ }
+
+
+ /********************
+ Edit canceled
+ ********************/
+
+ /* Reset all relevant data, if we get a _cancel request */
+ if (isset($_POST['edit_cancel']) || isset($_POST['cancel_new_acl'])){
+ if (isset($this->acltabs)){
+ del_lock ($this->dn);
+ unset ($this->acltabs);
+ }
+ $this->acltabs= NULL;
+ unset ($_SESSION['objectinfo']);
+ }
+
+
+ /********************
+ Delete entry requested, display confirm dialog
+ ********************/
+
+ /* Remove acl was requested */
+ if ($s_action=="del"){
+
+ /* Get 'dn' from posted acl */
+ $this->dn= $this->list[trim($s_entry)]['dn'];
+
+ /* Load permissions for selected 'dn' and check if
+ we're allowed to remove this 'dn' */
+ $acl = get_permissions ($this->dn, $this->ui->subtreeACL);
+ $this->acl= get_module_permission($acl, "acl", $this->dn);
+ if (chkacl($this->acl, "delete") == ""){
+
+ /* Check locking, save current plugin in 'back_plugin', so
+ the dialog knows where to return. */
+ if (($acl= get_lock($this->dn)) != ""){
+ $_SESSION['LOCK_VARS_TO_USE'] = array("/^acl_edit/","/^acl_del/","/^id_/");
+ return(gen_locked_message ($acl, $this->dn));
+ }
+
+ /* Lock the current entry, so nobody will edit it during deletion */
+ add_lock ($this->dn, $this->ui->dn);
+ $smarty->assign("info", sprintf(_("You're about to delete the acl %s."), @LDAP::fix($this->dn)));
+ return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ } else {
+
+ /* Obviously the acl isn't allowed to delete. Show message and
+ clean session. */
+ print_red (_("You are not allowed to delete this acl!"));
+ }
+ }
+
+
+ /********************
+ Delete entry confirmed
+ ********************/
+
+ /* Confirmation for deletion has been passed. Acl should be deleted. */
+ if (isset($_POST['delete_acl_confirmed'])){
+
+ /* Some nice guy may send this as POST, so we've to check
+ for the permissions again. */
+ if (chkacl($this->acl, "delete") == ""){
+
+ /* Delete request is permitted, perform LDAP action */
+ $this->acltabs= new acl($this->config, $this->dn);
+ $this->acltabs->delete ();
+ gosa_log ("ACL object '".$this->dn."' has been removed");
+ unset ($this->acltabs);
+ $this->acltabs= NULL;
+ } else {
+
+ /* Normally this shouldn't be reached, send some extra
+ logs to notify the administrator */
+ print_red (_("You are not allowed to delete this acl!"));
+
+ if(isset($this->ui->uid)){
+ gosa_log ("Warning: '".$this->ui->uid."' tried to trick acl deletion.");
+ }
+ }
+
+ /* Remove lock file after successfull deletion */
+ del_lock ($this->dn);
+ }
+
+
+ /********************
+ Delete entry Canceled
+ ********************/
+
+ /* Delete acl canceled? */
+ if (isset($_POST['delete_cancel'])){
+ del_lock ($this->dn);
+ }
+
+
+ /********************
+ Edit entry finished (Save)
+ ********************/
+
+ /* Finish acl edit is triggered by the tabulator dialog, so
+ the acl wants to save edited data. Check and save at this
+ point. */
+ if ((isset($_POST['submit_new_acl']) || isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && (isset($this->acltabs->config))){
+
+ /* Check tabs, will feed message array */
+ $this->acltabs->last= $this->acltabs->current;
+ $this->acltabs->save_object();
+ $message= $this->acltabs->check();
+
+ /* Save, or display error message? */
+ if (count($message) == 0){
+
+ /* No errors. Go ahead and prepare to ask for a password
+ in case we're creating a new acl. 'dn' will be 'new'
+ in this case. It is set to the correct value later. */
+ if ($this->dn == "new"){
+ $set_pass= 1;
+ } else {
+ $set_pass= 0;
+ }
+
+ /* Save acl data to ldap */
+ if($this->acltabs->save() == 1){
+ gosa_log ("ACL object '".$this->dn."' saving failed.");
+ return;
+ }
+ gosa_log ("ACL object '".$this->dn."' has been saved");
+
+ if (!isset($_POST['edit_apply'])){
+
+ /* ACl has been saved successfully, remove lock from LDAP. */
+ if ($this->dn != "new"){
+ del_lock ($this->dn);
+ }
+
+ unset ($this->acltabs);
+ $this->acltabs= NULL;
+ unset ($_SESSION['objectinfo']);
+ }
+ } else {
+ /* Ok. There seem to be errors regarding to the tab data,
+ show message and continue as usual. */
+ show_errors($message);
+ }
+ }
+
+
+ /********************
+ Display subdialog
+ ********************/
+
+ /* Show tab dialog if object is present */
+ if(isset($this->acltabs->config)){
+ $display= $this->acltabs->execute();
+
+ /* Don't show buttons if tab dialog requests this */
+# if(isset($this->acltabs->by_object)){
+# if (!$this->acltabs->dialog){
+# $display.= "<p style=\"text-align:right\">\n";
+# $display.= "<input type=submit name=\"edit_finish\" style=\"width:80px\" value=\""._("Ok")."\">\n";
+# $display.= " \n";
+# if ($this->dn != "new"){
+# $display.= "<input type=submit name=\"edit_apply\" value=\""._("Apply")."\">\n";
+# $display.= " \n";
+# }
+# $display.= "<input type=submit name=\"edit_cancel\" value=\""._("Cancel")."\">\n";
+# $display.= "</p>";
+# }
+# }
+ return ($display);
+ }
+
+ /* Check if there is a snapshot dialog open */
+ $base = $this->DivListACL->selectedBase;
+ if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){
+ return($str);
+ }
+
+ /* Return rendered main page */
+ /* Display dialog with system list */
+ $this->DivListACL->parent = $this;
+ $this->DivListACL->execute();
+
+ /* Add departments if subsearch is disabled */
+ if(!$this->DivListACL->SubSearch){
+ $this->DivListACL->AddDepartments($this->DivListACL->selectedBase,3);
+ }
+ $this->reload();
+ $this->DivListACL->setEntries($this->list);
+ return($this->DivListACL->Draw());
+ }
+
+
+ /* Return departments, that will be included within snapshot detection */
+ function get_used_snapshot_bases()
+ {
+ return(array(get_people_ou().$this->DivListACL->selectedBase));
+ }
+
+
+ function reload()
+ {
+ #FIXME Implement regex objectClass and so on ...
+ /* Get divlist informations from filter part */
+ $Regex = $this->DivListACL -> Regex;
+ $SubSearch = $this->DivListACL -> SubSearch;
+ $base = $_SESSION['CurrentMainBase'];
+ $Attrs = array("ou","gosaAclEntry","objectClass");
+
+ /* Get ldap connection */
+ $ldap = $this->config->get_ldap_link();
+ $ldap->cd($base);
+
+ /* Create filter */
+ $Filter = "objectClass=gosaACL";
+ $Flags = GL_SIZELIMIT;
+
+ /* Subserach ? */
+ if($SubSearch){
+ $Flags |= GL_SUBSEARCH;
+ }
+
+ /* Get objects */
+ $res= get_list($Filter, $this->ui->subtreeACL,$base, $Attrs, $Flags);
+
+ $this->list = $res;
+ }
+
+
+ function remove_lock()
+ {
+ /* Remove acl lock if a DN is marked as "currently edited" */
+ if (isset($this->acltabs->dn)){
+ del_lock ($this->acltabs->dn);
+ }
+ }
+
+
+ function save_object()
+ {
+ /* Handle divlist filter && department selection*/
+ if(!is_object($this->acltabs)){
+ $this->DivListACL->save_object();
+ }
+ }
+
+ /* A set of disabled and therefore overloaded functions. They are
+ not needed in this class. */
+ function remove_from_parent() { }
+ function check() { }
+ function save() { }
+ function adapt_from_template($dn) { }
+ function password_change_needed() { }
+ function show_header($button_text, $text, $disabled= FALSE) { }
+
+}
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
diff --git a/plugins/admin/acl/class_divListACL.inc b/plugins/admin/acl/class_divListACL.inc
--- /dev/null
@@ -0,0 +1,131 @@
+<?php
+
+class divListACL extends MultiSelectWindow
+{
+
+ /* Current base */
+ var $selectedBase = "";
+ var $departments = array();
+
+ /* Regex */
+ var $Regex = "*";
+
+ /* CheckBoxes */
+
+ /* Subsearch checkbox */
+ var $SubSearch = false;
+
+ var $parent ;
+ var $ui ;
+
+ function divListACL ($config,$parent)
+ {
+ MultiSelectWindow::MultiSelectWindow($config,"ACLs");
+
+ $this->parent = $parent;
+ $this->ui = get_userinfo();
+
+ /* Set list strings */
+ $this->SetTitle(_("List of acl"));
+ $this->SetSummary(_("List of acls"));
+
+ /* Result page will look like a headpage */
+ $this->SetHeadpageMode();
+ $this->SetInformation(_("This menu allows you to edit and delete selected acls."));
+
+ $this->EnableAplhabet (true);
+
+ /* Disable buttonsm */
+ $this->EnableCloseButton(false);
+ $this->EnableSaveButton (false);
+
+ /* Dynamic action col, depending on snapshot icons */
+ $action_col_size = 80;
+
+ /* set Page header */
+ $this->AddHeader(array("string"=>" ", "attach"=>"style='width:20px;'"));
+ $this->AddHeader(array("string"=>_("Summary")));
+ $this->AddHeader(array("string"=>_("Actions"), "attach" => "style='width:".$action_col_size."px;border-right:0px;text-align:right;'"));
+
+ /* Add SubSearch checkbox */
+// $this->AddCheckBox(SEPERATOR);
+ $this->AddCheckBox("SubSearch", _("Select to search within subtrees"), _("Ignore subtrees"), false);
+
+ /* Name ,Text ,Default , Connect with alphabet */
+ $this->AddRegex ("Regex", _("Display acls matching"),"Not implemented yet" , true);
+ }
+
+
+ function GenHeader()
+ {
+ /* Prepare departments,
+ which are shown in the listbox on top of the listbox
+ */
+ $options= "";
+ foreach ($this->config->idepartments as $key => $value){
+ if ($this->selectedBase == $key){
+ $options.= "<option selected='selected' value='$key'>$value</option>";
+ } else {
+ $options.= "<option value='$key'>$value</option>";
+ }
+ }
+
+ /* Create header with selected base */
+ $listhead = "<div style='background:#F0F0F9;padding:5px;'>".
+ " <input class='center' type='image' src='images/list_root.png' align='middle'
+ title='"._("Go to root department")."' name='dep_root' alt='"._("Root")."'> ".
+ " <input class='center' type='image' align='middle' src='images/list_back.png'
+ title='"._("Go up one department")."' alt='"._("Up")."' name='dep_back'> ".
+ " <input class='center' type='image' align='middle' src='images/list_home.png'
+ title='"._("Go to users department")."' alt='"._("Home")."' name='dep_home'> ".
+ " <input class='center' type='image' src='images/list_reload.png' align='middle'
+ title='"._("Reload list")."' name='submit_department' alt='". _("Submit")."'> ".
+ " <img class='center' src='images/list_seperator.png' align='middle' alt='' height='16' width='1'> ";
+ $listhead .= $this->get_snapshot_header($this->selectedBase);
+ $listhead .=
+ _("Base")." <select name='CurrentMainBase' onChange='mainform.submit()' class='center'>$options</select>".
+ " <input class='center' type='image' src='images/list_submit.png' align='middle'
+ title='"._("Submit department")."' name='submit_department' alt='". _("Submit")."'> ".
+ "</div>";
+
+ $this->SetListHeader($listhead);
+ }
+
+ /* so some basic settings */
+ function execute()
+ {
+ $this->ClearElementsList();
+ $this->GenHeader();
+ }
+
+ function setEntries($list)
+ {
+ $list_left_icon = "<img src='images/select_acl.png' alt='"._("Acl")."'>";
+
+ foreach($list as $key => $acl_entry){
+
+ $action = "<input class='center' type='image' src='images/edit.png' alt='"._("edit")."' name='acl_edit_%KEY%' title='"._("Edit system")."'>";
+ $action.= $this->GetSnapShotActions($acl_entry['dn']);
+ $action.= "<input class='center' type='image' src='images/edittrash.png' alt='"._("delete")."' name='acl_del_%KEY%' title='"._("Delete system")."'>";
+
+ $field1 = array("string" => $list_left_icon, "attach"=> "style='text-align:center;width:20px;'");
+ $field2 = array("string" => htmlentities(utf8_decode($acl_entry['dn'])),"attach" => "");
+ $field3 = array("string" => preg_replace("/%KEY%/",$key,$action), "attach"=> "style='text-align:center;width:80px;border-right:0px;'");
+
+ $this->AddElement(array($field1,$field2,$field3));
+ }
+ }
+
+ function Save()
+ {
+ MultiSelectWindow :: Save();
+ }
+
+ function save_object()
+ {
+ /* Save automatic created POSTs like regex, checkboxes */
+ MultiSelectWindow::save_object();
+ }
+}
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
index a1c2296f652151f7f1035d501bcbc8d52768997d..b02543c41845d7da4516ba87ceef9e6716d2f713 100644 (file)
} else {
$display= "No headpage yet for this module";
-# /* Create usermanagement object on demand */
-# if (!isset($_SESSION['macl']) || (isset($_GET['reset']) && $_GET['reset'] == 1)){
-# $_SESSION['macl']= new aclManagement($config, $ui);
-# }
-# $macl= $_SESSION['macl'];
-#
-# /* Show and save dialog */
-# $macl->save_object();
-# $output= $macl->execute();
-#
-# /* Page header*/
-# if (isset($_SESSION['objectinfo'])){
-# $display= print_header(get_template_path('images/acl.png'), _("ACL management"), "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/closedlock.png')."\"> ".@LDAP::fix($_SESSION['objectinfo']));
-# } else {
-# $display= print_header(get_template_path('images/acl.png'), _("ACL management"));
-# }
-#
-# /* Reset requested? */
-# if (isset($_GET['reset']) && $_GET['reset'] == 1){
-# del_lock ($ui->dn);
-# sess_del ('macl');
-# }
-#
-# $display.= $output;
-# $_SESSION['macl']= $macl;
+ /* Create usermanagement object on demand */
+if (!isset($_SESSION['macl']) || (isset($_GET['reset']) && $_GET['reset'] == 1)){
+ $_SESSION['macl']= new aclManagement($config, $ui);
+ }
+ $macl= $_SESSION['macl'];
+
+ /* Show and save dialog */
+ $macl->save_object();
+ $output= $macl->execute();
+
+ /* Page header*/
+ if (isset($_SESSION['objectinfo'])){
+ $display= print_header(get_template_path('images/acl.png'), _("ACL management"), "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/closedlock.png')."\"> ".@LDAP::fix($_SESSION['objectinfo']));
+ } else {
+ $display= print_header(get_template_path('images/acl.png'), _("ACL management"));
+ }
+
+ /* Reset requested? */
+ if (isset($_GET['reset']) && $_GET['reset'] == 1){
+ del_lock ($ui->dn);
+ sess_del ('macl');
+ }
+
+ $display.= $output;
+ $_SESSION['macl']= $macl;
}
?>
diff --git a/plugins/admin/acl/remove.tpl b/plugins/admin/acl/remove.tpl
--- /dev/null
@@ -0,0 +1,17 @@
+<div style="font-size:18px;">
+<img alt="" src="images/button_cancel.png" align=top> {t}Warning{/t}
+</div>
+<p>
+ {$info}
+ {t}This includes all system and setup informations. Please double check if your really want to do this since there is no way for GOsa to get your data back.{/t}
+</p>
+
+<p>
+ {t}Best thing to do before performing this action would be to save the current contents of your LDAP tree in a file. So - if you've done so - press 'Delete' to continue or 'Cancel' to abort.{/t}
+</p>
+
+<p class="plugbottom">
+<!-- <input type=submit name="delete_terminal_confirm" value="{t}Delete{/t}">-->
+
+ <input type=submit name="delete_cancel" value="{t}Cancel{/t}">
+</p>