Updated role handling

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@13866 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-core/include/functions.inc b/gosa-core/include/functions.inc
index ce88fdc4b41900a8d7c495d48bb8c91e798f6b88..5ff19c6396f2adacf3cac5e3073e08bdbab46795 100644 (file)
--- a/gosa-core/include/functions.inc
+++ b/gosa-core/include/functions.inc
@@ -1164,6 +1164,7 @@ function get_ou($name)
   global $config;
 
   $map = array( 
+                "roleRDN"      => "ou=roles,",
                 "ogroupRDN"      => "ou=groups,",
                 "applicationRDN" => "ou=apps,",
                 "systemRDN"     => "ou=systems,",

diff --git a/gosa-plugins/roleManagement/admin/roleManagement/class_divListRole.inc b/gosa-plugins/roleManagement/admin/roleManagement/class_divListRole.inc
index bc76d0e8819abd160209e4be46679c2cb4b3179b..22c7f1d0ac03f55c910eb0935aa05e42f6464206 100644 (file)
--- a/gosa-plugins/roleManagement/admin/roleManagement/class_divListRole.inc
+++ b/gosa-plugins/roleManagement/admin/roleManagement/class_divListRole.inc
@@ -118,8 +118,8 @@ class divListRole extends MultiSelectWindow
     if(preg_match("/c/",$acls)) {
       $s .= "..|<img src='images/lists/new.png' alt='' border='0' class='center'>".
         "&nbsp;"._("Create")."|\n";
-      $s.= "...|<input class='center' type='image' src='plugins/roles/images/new.png' alt=''>".
-        "&nbsp;"._("Roles")."|role_new|\n";
+      $s.= "...|<input class='center' type='image' src='plugins/roleManagement/images/new.png' alt=''>".
+        "&nbsp;"._("Role")."|role_new|\n";
     }
 
     /* Multiple options */
@@ -194,7 +194,7 @@ class divListRole extends MultiSelectWindow
       $field0 = array("string" => "<input type='checkbox' id='item_selected_".$key."' 
           name='item_selected_".$key."'>" ,
           "attach" => "style='width:20px;'");
-      $field1 = array("string" => "<img src='plugins/roles/images/role.png' 
+      $field1 = array("string" => "<img src='plugins/roleManagement/images/role.png' 
           alt='"._("Role")."' ".$title.">", 
           "attach" => "style='text-align:center;width: 20px;'");
       $field2 = array("string" => sprintf($editlink,$key,$display), 

diff --git a/gosa-plugins/roleManagement/admin/roleManagement/class_roleGeneric.inc b/gosa-plugins/roleManagement/admin/roleManagement/class_roleGeneric.inc
index 098215732e8d7abf2672d12cc6324a02e0cf5d88..48c6c7570687702db120135210ac547c78bc1eb1 100644 (file)
--- a/gosa-plugins/roleManagement/admin/roleManagement/class_roleGeneric.inc
+++ b/gosa-plugins/roleManagement/admin/roleManagement/class_roleGeneric.inc
@@ -23,20 +23,123 @@
 
 class roleGeneric extends plugin {
 
-  var $cn ="";
+  var $cn = "";
+  var $description ="";
+  var $telephoneNumber = "";
+  var $facsimileTelephoneNumber = "";
+  var $x121Address = "";
+  var $roleOccupant = array();
+
+  var $base = "";
+  var $orig_dn = "";
+
+  var $objectclasses = array("top","organizationalRole");
+  var $attributes = array("cn","x121Address","description",
+    "telephoneNumber","facsimileTelephoneNumber","roleOccupant");
   
   function __construct($config,$dn){
     plugin::plugin($config,$dn);
+    $this->is_account = TRUE;
+    $this->orig_dn = $dn;
+
+    /* Set base */
+    if ($this->dn == "new"){
+      $this->base = session::get('CurrentMainBase');
+    } else {
+      $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("roleRDN"), '/')."/","",$this->dn);
+    }
   }
 
 
   function execute(){
     $smarty = get_smarty();
 
-
+    /* Create base acls */
+    $tmp = $this->allowedBasesToMoveTo();
+    $smarty->assign("bases", $tmp);
+    $smarty->assign("base_select",$this->base);
+    foreach($this->attributes as $attr){
+      $smarty->assign($attr,$this->$attr);
+    }
+    $tmp = $this->plInfo();
+    foreach($tmp['plProvidedAcls'] as $attr => $desc){
+      $smarty->assign($attr."ACL",$this->getacl($attr));
+    }
     return($smarty->fetch(get_template_path('roleGeneric.tpl',TRUE,dirname(__FILE__))));
   }
 
+
+  function save(){
+    plugin::save();
+
+    /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
+       new entries. So do a check first... */
+    $ldap = $this->config->get_ldap_link();
+    $ldap->cat ($this->dn, array('dn'));
+    if ($ldap->fetch()){
+      $mode= "modify";
+    } else {
+      $mode= "add";
+      $ldap->cd($this->config->current['BASE']);
+      $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
+    }
+    @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__,$this->attributes, "Save via $mode");
+
+    /* Finally write data with selected 'mode' */
+    $this->cleanup();
+    $ldap->cd ($this->dn);
+    $ldap->$mode ($this->attrs);
+    if (!$ldap->success()){
+      msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), 
+        $this->dn, LDAP_DEL,            get_class()));
+      return (1);
+    }
+
+    /* Remove ACL dependencies too */
+    if($this->dn != $this->orig_dn && $this->orig_dn != "new"){
+      $tmp = new acl($this->config,$this->parent,$this->dn);
+      $tmp->update_acl_membership($this->orig_dn,$this->dn);
+    }
+
+    if($mode == "modify"){
+      new log("modify","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+    }else{
+      new log("create","users/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
+    }
+  }
+
+
+  /* This avoids that users move themselves out of their rights.
+   */
+  function allowedBasesToMoveTo()
+  {
+    /* Get bases */
+    $bases  = $this->get_allowed_bases();
+    return($bases);
+  }
+
+  
+  static function plInfo()
+  {
+    return (array(
+          "plShortName"   => _("Generic"),
+          "plDescription" => _("Role generic"),
+          "plSelfModify"  => FALSE,
+          "plDepends"     => array(),
+          "plPriority"    => 1,
+          "plSection"     => array("administration"),
+          "plCategory"    => array("roles" => array("description"  => _("Roles"),
+              "objectClass"  => "organizationalRole")),
+          "plProvidedAcls"=> array(
+            "cn"                => _("Name"),
+            "description" => _("Description"),
+            "base" => _("Base"),
+            "telephoneNumber" => _("Telefon number"),
+            "facsimileTelephoneNumber" => _("Fax number"),
+            "roleOccupant" => _("Occupants"),
+            "x121Address" => _("X.121 Address"))
+          ));
+  }
 }
 
 

diff --git a/gosa-plugins/roleManagement/admin/roleManagement/class_roleManagement.inc b/gosa-plugins/roleManagement/admin/roleManagement/class_roleManagement.inc
index 6752cde431e0237d78ad4ec99fec724a92d16ed2..598dcf80f5389ffedf68a3882d3bc5b7e1da4659 100644 (file)
--- a/gosa-plugins/roleManagement/admin/roleManagement/class_roleManagement.inc
+++ b/gosa-plugins/roleManagement/admin/roleManagement/class_roleManagement.inc
@@ -115,6 +115,7 @@ class roleManagement extends plugin
 
     if($s_action == "new"){
       $this->dialog = new roletabs($this->config, $this->config->data['TABS']['ROLETABS'], "new");
+      $this->dialog->set_acl_base($this->DivListRoles->selectedBase);
     }
     
     /***************
@@ -126,7 +127,7 @@ class roleManagement extends plugin
         trigger_error("Unknown entry!"); 
       }else{
         $entry = $this->roles[$s_entry];
-        print_a($entry);
+        $this->dialog = new roletabs($this->config, $this->config->data['TABS']['ROLETABS'], $entry['dn']);
       }
     }
 
@@ -134,7 +135,22 @@ class roleManagement extends plugin
      * Dialog handling
      ***************/
 
-    if (isset($_POST['edit_cancel'])){
+    if (isset($_POST['edit_finish']) && $this->dialog instanceOf tabs){
+      $this->dialog->save_object();
+      $msgs = $this->dialog->check();
+      if(count($msgs)){
+        msg_dialog::displayChecks($msgs);
+      }else{
+        $this->dialog->save();
+        if(isset($this->grouptab->dn)){
+          $this->remove_lock();
+        }
+        $this->dialog= NULL;
+        set_object_info();
+      }
+    }
+
+    if (isset($_POST['edit_cancel']) && $this->dialog instanceOf tabs){
       if(isset($this->grouptab->dn)){
         $this->remove_lock();
       }
@@ -198,9 +214,17 @@ class roleManagement extends plugin
     // Search and fetch all matching role objects.
     $this->roles = array();
     $ldap = $this->config->get_ldap_link();
-    $ldap->search("(objectClass=gosaGroupOfNames)",array("cn","description"));
+    $filter= "(&(objectClass=organizationalRole)(cn=$Regex))";
+    $attrs = array("cn","description","objectClass");
+
+    if($this->DivListRoles->SubSearch){
+      $res= get_sub_list($filter, "roles",get_ou('roleRDN'), $base, $attrs, GL_SIZELIMIT | GL_SUBSEARCH);
+    }else{
+      $res= get_sub_list($filter, "roles",get_ou('roleRDN'), get_ou('roleRDN').$base, $attrs, GL_SIZELIMIT );
+    }
+
     $tmp = array();
-    while($attrs = $ldap->fetch()){
+    foreach($res as $attrs){
       $tmp[$attrs['cn'][0].$attrs['dn']] = $attrs;
     }
     

diff --git a/gosa-plugins/roleManagement/admin/roleManagement/main.inc b/gosa-plugins/roleManagement/admin/roleManagement/main.inc
index 28c548c68fd5b2a3f72289b292bc4819ff7b3639..72c5ae1fc454d6e849807accb268d74e75590c6e 100644 (file)
--- a/gosa-plugins/roleManagement/admin/roleManagement/main.inc
+++ b/gosa-plugins/roleManagement/admin/roleManagement/main.inc
@@ -54,7 +54,7 @@ if ( $cleanup ){
         "<img alt=\"\" align=\"middle\" src=\"".get_template_path('images/lists/locked.png')."\"> ".
         LDAP::fix(get_object_info()));
   } else {
-    $display= print_header(get_template_path('plugins/roleManagement/images/plugin.png'), _("roleManagement"));
+    $display= print_header(get_template_path('plugins/roleManagement/images/plugin.png'), _("Role management"));
   }
 
   $display.= $output;

diff --git a/gosa-plugins/roleManagement/admin/roleManagement/roleGeneric.tpl b/gosa-plugins/roleManagement/admin/roleManagement/roleGeneric.tpl
index 45f95e2f0680fd66124212756f2fe592e8657b07..ca1fc0c226fbd7ef0e88dfc73f7b8a1f179e0a4f 100644 (file)
--- a/gosa-plugins/roleManagement/admin/roleManagement/roleGeneric.tpl
+++ b/gosa-plugins/roleManagement/admin/roleManagement/roleGeneric.tpl
@@ -1,48 +1,43 @@
+<table>
        <tr>
-               <td>{t}x121Address{/t}:</td>
-               <td>
-                       {render acl=$x121AddressACL}
-                        <input type='text' value='{$x121Address}' name='x121Address'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}registeredAddress{/t}:</td>
+               <td>{t}cn{/t}:</td>
                <td>
-                       {render acl=$registeredAddressACL}
-                        <input type='text' value='{$registeredAddress}' name='registeredAddress'>
+                       {render acl=$cnACL}
+                        <input type='text' value='{$cn}' name='cn'>
                        {/render}
                </td>
        </tr>
        <tr>
-               <td>{t}destinationIndicator{/t}:</td>
-               <td>
-                       {render acl=$destinationIndicatorACL}
-                        <input type='text' value='{$destinationIndicator}' name='destinationIndicator'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}preferredDeliveryMethod{/t}:</td>
-               <td>
-                       {render acl=$preferredDeliveryMethodACL}
-                        <input type='text' value='{$preferredDeliveryMethod}' name='preferredDeliveryMethod'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}telexNumber{/t}:</td>
+               <td>{t}description{/t}:</td>
                <td>
-                       {render acl=$telexNumberACL}
-                        <input type='text' value='{$telexNumber}' name='telexNumber'>
+                       {render acl=$descriptionACL}
+                        <input type='text' value='{$description}' name='description'>
                        {/render}
                </td>
        </tr>
+  <tr>
+    <td>
+      <div style="height:10px;"></div>
+      <label for="base">{t}Base{/t}</label>
+    </td>
+    <td>
+      <div style="height:10px;"></div>
+{render acl=$baseACL}
+      <select id="base" size="1" name="base" title="{t}Choose subtree to place user in{/t}">
+        {html_options options=$bases selected=$base_select}
+      </select>
+{/render}
+{render acl=$baseACL disable_picture='images/lists/folder_grey.png'}
+      <input type="image" name="chooseBase" src="images/lists/folder.png" class="center" 
+        title="{t}Select a base{/t}">
+{/render}
+    </td>
+  </tr>
        <tr>
-               <td>{t}teletexTerminalIdentifier{/t}:</td>
+               <td>{t}x121Address{/t}:</td>
                <td>
-                       {render acl=$teletexTerminalIdentifierACL}
-                        <input type='text' value='{$teletexTerminalIdentifier}' name='teletexTerminalIdentifier'>
+                       {render acl=$x121AddressACL}
+                        <input type='text' value='{$x121Address}' name='x121Address'>
                        {/render}
                </td>
        </tr>
@@ -54,14 +49,6 @@
                        {/render}
                </td>
        </tr>
-       <tr>
-               <td>{t}internationaliSDNNumber{/t}:</td>
-               <td>
-                       {render acl=$internationaliSDNNumberACL}
-                        <input type='text' value='{$internationaliSDNNumber}' name='internationaliSDNNumber'>
-                       {/render}
-               </td>
-       </tr>
        <tr>
                <td>{t}facsimileTelephoneNumber{/t}:</td>
                <td>
@@ -70,100 +57,4 @@
                        {/render}
                </td>
        </tr>
-       <tr>
-               <td>{t}seeAlso{/t}:</td>
-               <td>
-                       {render acl=$seeAlsoACL}
-                        <input type='text' value='{$seeAlso}' name='seeAlso'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}roleOccupant{/t}:</td>
-               <td>
-                       {render acl=$roleOccupantACL}
-                        <input type='text' value='{$roleOccupant}' name='roleOccupant'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}preferredDeliveryMethod{/t}:</td>
-               <td>
-                       {render acl=$preferredDeliveryMethodACL}
-                        <input type='text' value='{$preferredDeliveryMethod}' name='preferredDeliveryMethod'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}street{/t}:</td>
-               <td>
-                       {render acl=$streetACL}
-                        <input type='text' value='{$street}' name='street'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}postOfficeBox{/t}:</td>
-               <td>
-                       {render acl=$postOfficeBoxACL}
-                        <input type='text' value='{$postOfficeBox}' name='postOfficeBox'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}postalCode{/t}:</td>
-               <td>
-                       {render acl=$postalCodeACL}
-                        <input type='text' value='{$postalCode}' name='postalCode'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}postalAddress{/t}:</td>
-               <td>
-                       {render acl=$postalAddressACL}
-                        <input type='text' value='{$postalAddress}' name='postalAddress'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}physicalDeliveryOfficeName{/t}:</td>
-               <td>
-                       {render acl=$physicalDeliveryOfficeNameACL}
-                        <input type='text' value='{$physicalDeliveryOfficeName}' name='physicalDeliveryOfficeName'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}ou{/t}:</td>
-               <td>
-                       {render acl=$ouACL}
-                        <input type='text' value='{$ou}' name='ou'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}st{/t}:</td>
-               <td>
-                       {render acl=$stACL}
-                        <input type='text' value='{$st}' name='st'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}l{/t}:</td>
-               <td>
-                       {render acl=$lACL}
-                        <input type='text' value='{$l}' name='l'>
-                       {/render}
-               </td>
-       </tr>
-       <tr>
-               <td>{t}description{/t}:</td>
-               <td>
-                       {render acl=$descriptionACL}
-                        <input type='text' value='{$description}' name='description'>
-                       {/render}
-               </td>
-       </tr>
-
+</table>

diff --git a/gosa-plugins/roleManagement/admin/roleManagement/tabs_roles.inc b/gosa-plugins/roleManagement/admin/roleManagement/tabs_roles.inc
index fc660f0a244b1c5404517a4690b5f8164364dc0d..e0c64754a5e794351b265faf5816d9fd2b74aef8 100644 (file)
--- a/gosa-plugins/roleManagement/admin/roleManagement/tabs_roles.inc
+++ b/gosa-plugins/roleManagement/admin/roleManagement/tabs_roles.inc
@@ -26,6 +26,7 @@ class roletabs extends tabs
        function __construct($config, $data, $dn)
        {
                tabs::tabs($config, $data, $dn,"roles");
+               $this->base = $baseobject= $this->by_object['roleGeneric']->base;
                $this->addSpecialTabs();
        }