From: hickert Date: Thu, 29 Jul 2010 13:19:37 +0000 (+0000) Subject: Updated post handling X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=f244bf68e8f56e416e005e780a971abbc3334571;p=gosa.git Updated post handling git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@19240 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/gosa-core/include/class_acl.inc b/gosa-core/include/class_acl.inc index 82cbdff18..49f9853e4 100644 --- a/gosa-core/include/class_acl.inc +++ b/gosa-core/include/class_acl.inc @@ -23,104 +23,104 @@ /*! \brief ACL management plugin */ class acl extends plugin { - /* Definitions */ - var $plHeadline= "Access control"; - var $plDescription= "Manage access control lists"; - - /* attribute list for save action */ - var $attributes= array('gosaAclEntry'); - var $objectclasses= array('gosaAcl'); - - /* Helpers */ - var $dialogState= "head"; - var $gosaAclEntry= array(); - var $aclType= ""; - var $aclObject= ""; - var $aclContents= array(); - var $target= "group"; - var $aclTypes= array(); - var $aclObjects= array(); - var $aclFilter= ""; - var $aclMyObjects= array(); - var $users= array(); - var $roles= array(); - var $groups= array(); - var $recipients= array(); - var $isContainer= FALSE; - var $currentIndex= 0; - var $wasNewEntry= FALSE; - var $ocMapping= array(); - var $savedAclContents= array(); - var $myAclObjects = array(); - var $acl_category = "acl/"; - - var $list =NULL; - - var $sectionList = NULL; - var $roleList = NULL; - - function acl (&$config, $parent, $dn= NULL) - { - /* Include config object */ - plugin::plugin($config, $dn); - - /* Load ACL's */ - $this->gosaAclEntry= array(); - if (isset($this->attrs['gosaAclEntry'])){ - for ($i= 0; $i<$this->attrs['gosaAclEntry']['count']; $i++){ - $acl= $this->attrs['gosaAclEntry'][$i]; - $this->gosaAclEntry= array_merge($this->gosaAclEntry, acl::explodeACL($acl)); - } - } - ksort($this->gosaAclEntry); + /* Definitions */ + var $plHeadline= "Access control"; + var $plDescription= "Manage access control lists"; + + /* attribute list for save action */ + var $attributes= array('gosaAclEntry'); + var $objectclasses= array('gosaAcl'); + + /* Helpers */ + var $dialogState= "head"; + var $gosaAclEntry= array(); + var $aclType= ""; + var $aclObject= ""; + var $aclContents= array(); + var $target= "group"; + var $aclTypes= array(); + var $aclObjects= array(); + var $aclFilter= ""; + var $aclMyObjects= array(); + var $users= array(); + var $roles= array(); + var $groups= array(); + var $recipients= array(); + var $isContainer= FALSE; + var $currentIndex= 0; + var $wasNewEntry= FALSE; + var $ocMapping= array(); + var $savedAclContents= array(); + var $myAclObjects = array(); + var $acl_category = "acl/"; + + var $list =NULL; + + var $sectionList = NULL; + var $roleList = NULL; + + function acl (&$config, $parent, $dn= NULL) + { + /* Include config object */ + plugin::plugin($config, $dn); + + /* Load ACL's */ + $this->gosaAclEntry= array(); + if (isset($this->attrs['gosaAclEntry'])){ + for ($i= 0; $i<$this->attrs['gosaAclEntry']['count']; $i++){ + $acl= $this->attrs['gosaAclEntry'][$i]; + $this->gosaAclEntry= array_merge($this->gosaAclEntry, acl::explodeACL($acl)); + } + } + ksort($this->gosaAclEntry); - /* Save parent - we've to know more about it than other plugins... */ - $this->parent= &$parent; + /* Save parent - we've to know more about it than other plugins... */ + $this->parent= &$parent; - /* Container? */ - if (preg_match('/^(o|ou|c|l|dc)=/i', $dn)){ - $this->isContainer= TRUE; - } - - /* Users */ - $ui= get_userinfo(); - $tag= $ui->gosaUnitTag; - $ldap= $config->get_ldap_link(); - $ldap->cd($config->current['BASE']); - if ($tag == ""){ - $ldap->search('(objectClass=gosaAccount)', array('uid', 'cn')); - } else { - $ldap->search('(&(objectClass=gosaAccount)(gosaUnitTag='.$tag.'))', array('uid', 'cn')); - } - while ($attrs= $ldap->fetch()){ + /* Container? */ + if (preg_match('/^(o|ou|c|l|dc)=/i', $dn)){ + $this->isContainer= TRUE; + } - // Allow objects without cn to be listed without causing an error. - if(!isset($attrs['cn'][0]) && isset($attrs['uid'][0])){ - $this->users['U:'.$attrs['dn']]= $attrs['uid'][0]; - }elseif(!isset($attrs['uid'][0]) && isset($attrs['cn'][0])){ - $this->users['U:'.$attrs['dn']]= $attrs['cn'][0]; - }elseif(!isset($attrs['uid'][0]) && !isset($attrs['cn'][0])){ - $this->users['U:'.$attrs['dn']]= $attrs['dn']; - }else{ - $this->users['U:'.$attrs['dn']]= $attrs['cn'][0].' ['.$attrs['uid'][0].']'; - } + /* Users */ + $ui= get_userinfo(); + $tag= $ui->gosaUnitTag; + $ldap= $config->get_ldap_link(); + $ldap->cd($config->current['BASE']); + if ($tag == ""){ + $ldap->search('(objectClass=gosaAccount)', array('uid', 'cn')); + } else { + $ldap->search('(&(objectClass=gosaAccount)(gosaUnitTag='.$tag.'))', array('uid', 'cn')); + } + while ($attrs= $ldap->fetch()){ + + // Allow objects without cn to be listed without causing an error. + if(!isset($attrs['cn'][0]) && isset($attrs['uid'][0])){ + $this->users['U:'.$attrs['dn']]= $attrs['uid'][0]; + }elseif(!isset($attrs['uid'][0]) && isset($attrs['cn'][0])){ + $this->users['U:'.$attrs['dn']]= $attrs['cn'][0]; + }elseif(!isset($attrs['uid'][0]) && !isset($attrs['cn'][0])){ + $this->users['U:'.$attrs['dn']]= $attrs['dn']; + }else{ + $this->users['U:'.$attrs['dn']]= $attrs['cn'][0].' ['.$attrs['uid'][0].']'; + } - } - ksort($this->users); + } + ksort($this->users); - /* Groups */ - $ldap->cd($config->current['BASE']); + /* Groups */ + $ldap->cd($config->current['BASE']); # if ($tag == ""){ - $ldap->search('(objectClass=posixGroup)', array('cn', 'description')); + $ldap->search('(objectClass=posixGroup)', array('cn', 'description')); # } else { # $ldap->search('(&(objectClass=posixGroup)(gosaUnitTag='.$tag.'))', array('cn', 'description')); # } while ($attrs= $ldap->fetch()){ - $dsc= ""; - if (isset($attrs['description'][0])){ - $dsc= $attrs['description'][0]; - } - $this->groups['G:'.$attrs['dn']]= $attrs['cn'][0].' ['.$dsc.']'; + $dsc= ""; + if (isset($attrs['description'][0])){ + $dsc= $attrs['description'][0]; + } + $this->groups['G:'.$attrs['dn']]= $attrs['cn'][0].' ['.$dsc.']'; } $this->groups['G:*']= _("All users"); ksort($this->groups); @@ -128,25 +128,25 @@ class acl extends plugin /* Roles */ $ldap->cd($config->current['BASE']); # if ($tag == ""){ - $ldap->search('(objectClass=gosaRole)', array('cn', 'description','gosaAclTemplate','dn')); + $ldap->search('(objectClass=gosaRole)', array('cn', 'description','gosaAclTemplate','dn')); # } else { # $ldap->search('(&(objectClass=gosaRole)(gosaUnitTag='.$tag.'))', array('cn', 'description','gosaAclTemplate','dn')); # } while ($attrs= $ldap->fetch()){ - $dsc= ""; - if (isset($attrs['description'][0])){ - $dsc= $attrs['description'][0]; - } - - $role_id = $attrs['dn']; - - $this->roles[$role_id]['acls'] =array(); - for ($i= 0; $i < $attrs['gosaAclTemplate']['count']; $i++){ - $acl= $attrs['gosaAclTemplate'][$i]; - $this->roles[$role_id]['acls'] = array_merge($this->roles[$role_id]['acls'],acl::explodeACL($acl)); - } - $this->roles[$role_id]['description'] = $dsc; - $this->roles[$role_id]['cn'] = $attrs['cn'][0]; + $dsc= ""; + if (isset($attrs['description'][0])){ + $dsc= $attrs['description'][0]; + } + + $role_id = $attrs['dn']; + + $this->roles[$role_id]['acls'] =array(); + for ($i= 0; $i < $attrs['gosaAclTemplate']['count']; $i++){ + $acl= $attrs['gosaAclTemplate'][$i]; + $this->roles[$role_id]['acls'] = array_merge($this->roles[$role_id]['acls'],acl::explodeACL($acl)); + } + $this->roles[$role_id]['description'] = $dsc; + $this->roles[$role_id]['cn'] = $attrs['cn'][0]; } /* Objects */ @@ -154,68 +154,68 @@ class acl extends plugin $plist= $tmp->info; $cats = array(); if (isset($this->parent) && $this->parent !== NULL){ - $oc= array(); - foreach ($this->parent->by_object as $key => $obj){ - $oc= array_merge($oc, $obj->objectclasses); - if(isset($obj->acl_category)){ - $tmp= str_replace("/","",$obj->acl_category); - $cats[$tmp] = $tmp; + $oc= array(); + foreach ($this->parent->by_object as $key => $obj){ + $oc= array_merge($oc, $obj->objectclasses); + if(isset($obj->acl_category)){ + $tmp= str_replace("/","",$obj->acl_category); + $cats[$tmp] = $tmp; + } + } + if (in_array_ics('organizationalUnit', $oc)){ + $this->isContainer= TRUE; } - } - if (in_array_ics('organizationalUnit', $oc)){ - $this->isContainer= TRUE; - } } else { - $oc= $this->attrs['objectClass']; + $oc= $this->attrs['objectClass']; } /* Extract available categories from plugin info list */ foreach ($plist as $class => $acls){ - /* Only feed categories */ - if (isset($acls['plCategory'])){ + /* Only feed categories */ + if (isset($acls['plCategory'])){ - /* Walk through supplied list and feed only translated categories */ - foreach($acls['plCategory'] as $idx => $data){ + /* Walk through supplied list and feed only translated categories */ + foreach($acls['plCategory'] as $idx => $data){ - /* Non numeric index means -> base object containing more informations */ - if (preg_match('/^[0-9]+$/', $idx)){ + /* Non numeric index means -> base object containing more informations */ + if (preg_match('/^[0-9]+$/', $idx)){ - if (!isset($this->ocMapping[$data])){ - $this->ocMapping[$data]= array(); - $this->ocMapping[$data][]= '0'; - } + if (!isset($this->ocMapping[$data])){ + $this->ocMapping[$data]= array(); + $this->ocMapping[$data][]= '0'; + } - if(isset($cats[$data])){ - $this->myAclObjects[$data.'/'.$class]= $acls['plDescription']; - } - $this->ocMapping[$data][]= $class; - } else { - if (!isset($this->ocMapping[$idx])){ - $this->ocMapping[$idx]= array(); - $this->ocMapping[$idx][]= '0'; - } - $this->ocMapping[$idx][]= $class; - $this->aclObjects[$idx]= $data['description']; - - /* Additionally filter the classes we're interested in in "self edit" mode */ - if(!isset($data['objectClass'])) continue; - if (is_array($data['objectClass'])){ - foreach($data['objectClass'] as $objectClass){ - if (in_array_ics($objectClass, $oc)){ - $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription']; - break; + if(isset($cats[$data])){ + $this->myAclObjects[$data.'/'.$class]= $acls['plDescription']; + } + $this->ocMapping[$data][]= $class; + } else { + if (!isset($this->ocMapping[$idx])){ + $this->ocMapping[$idx]= array(); + $this->ocMapping[$idx][]= '0'; + } + $this->ocMapping[$idx][]= $class; + $this->aclObjects[$idx]= $data['description']; + + /* Additionally filter the classes we're interested in in "self edit" mode */ + if(!isset($data['objectClass'])) continue; + if (is_array($data['objectClass'])){ + foreach($data['objectClass'] as $objectClass){ + if (in_array_ics($objectClass, $oc)){ + $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription']; + break; + } + } + } else { + if (in_array_ics($data['objectClass'], $oc)){ + $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription']; + } + } } - } - } else { - if (in_array_ics($data['objectClass'], $oc)){ - $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription']; - } - } - } + } } - } } /* Sort categories */ @@ -223,15 +223,15 @@ class acl extends plugin /* Fill acl types */ if ($this->isContainer){ - $this->aclTypes= array("reset" => _("Reset ACLs"), - "one" => _("One level"), - "base" => _("Current object"), - "sub" => _("Complete subtree"), - "psub" => _("Complete subtree (permanent)"), - "role" => _("Use ACL defined in role")); + $this->aclTypes= array("reset" => _("Reset ACLs"), + "one" => _("One level"), + "base" => _("Current object"), + "sub" => _("Complete subtree"), + "psub" => _("Complete subtree (permanent)"), + "role" => _("Use ACL defined in role")); } else { - $this->aclTypes= array("base" => _("Current object"), - "role" => _("Use ACL defined in role")); + $this->aclTypes= array("base" => _("Current object"), + "role" => _("Use ACL defined in role")); } asort($this->aclTypes); $this->targets= array("user" => _("Users"), "group" => _("Groups")); @@ -262,1126 +262,1128 @@ class acl extends plugin $this->roleList->setHeader(array(_("Used"),_("Name"),_("Description"))); $this->roleList->setDefaultSortColumn(1); $this->roleList->setAcl('rwcdm'); // All ACLs, we filter on our own here. - } - - - function updateList() - { - if(!$this->list){ - $this->list = new sortableListing($this->gosaAclEntry,array(),TRUE); - $this->list->setDeleteable(true); - $this->list->setEditable(true); - $this->list->setColspecs(array('*')); - $this->list->setWidth("100%"); - $this->list->setHeight("400px"); - $this->list->setAcl("rwcdm"); - $this->list->setHeader(array(_("Member"),_("Permissions"),_("Type"))); - } - - - // Add ACL entries to the listing - $lData = array(); - foreach($this->gosaAclEntry as $id => $entry){ - $lData[] = $this->convertForListing($entry); - } - $this->list->setListData($this->gosaAclEntry, $lData); - } - - - function convertForListing($entry) - { - $member = implode($entry['members'],", "); - if(isset($entry['acl']) && is_array($entry['acl'])){ - $acl = implode(array_keys($entry['acl']),", "); - }else{ - $acl=""; } - return(array('data' => array($member, $acl, $this->aclTypes[$entry['type']]))); - } - - function execute() - { - /* Call parent execute */ - plugin::execute(); + function updateList() + { + if(!$this->list){ + $this->list = new sortableListing($this->gosaAclEntry,array(),TRUE); + $this->list->setDeleteable(true); + $this->list->setEditable(true); + $this->list->setColspecs(array('*')); + $this->list->setWidth("100%"); + $this->list->setHeight("400px"); + $this->list->setAcl("rwcdm"); + $this->list->setHeader(array(_("Member"),_("Permissions"),_("Type"))); + } - $tmp= session::global_get('plist'); - $plist= $tmp->info; - /* Handle posts */ - if (isset($_POST['new_acl'])){ - $this->dialogState= 'create'; - $this->dialog= TRUE; - $this->currentIndex= count($this->gosaAclEntry); - $this->loadAclEntry(TRUE); + // Add ACL entries to the listing + $lData = array(); + foreach($this->gosaAclEntry as $id => $entry){ + $lData[] = $this->convertForListing($entry); + } + $this->list->setListData($this->gosaAclEntry, $lData); } - $new_acl= array(); - $aclDialog= FALSE; - $firstedit= FALSE; - - // Get listing actions. Delete or Edit. - $this->list->save_object(); - $lAction = $this->list->getAction(); - $this->gosaAclEntry = array_values($this->list->getMaintainedData()); - - /* Act on HTML post and gets here. - */ - if($lAction['action'] == "edit"){ - $this->currentIndex = $this->list->getKey($lAction['targets'][0]); - $this->dialogState= 'create'; - $firstedit= TRUE; - $this->dialog= TRUE; - $this->loadAclEntry(); + + function convertForListing($entry) + { + $member = implode($entry['members'],", "); + if(isset($entry['acl']) && is_array($entry['acl'])){ + $acl = implode(array_keys($entry['acl']),", "); + }else{ + $acl=""; + } + return(array('data' => array($member, $acl, $this->aclTypes[$entry['type']]))); } - foreach($_POST as $name => $post){ - - /* Actions... */ - if (preg_match('/^acl_edit_[0-9]*$/', $name)){ - $this->dialogState= 'create'; - $firstedit= TRUE; - $this->dialog= TRUE; - $this->currentIndex= preg_replace('/^acl_edit_([0-9]*)$/', '\1', $name); - $this->loadAclEntry(); - continue; - } - - if (preg_match('/^cat_edit_.*$/', $name)){ - $this->aclObject= preg_replace('/^cat_edit_(.*)$/', '\1', $name); - $this->dialogState= 'edit'; - foreach ($this->ocMapping[$this->aclObject] as $oc){ - if (isset($this->aclContents[$oc])){ - $this->savedAclContents[$oc]= $this->aclContents[$oc]; - } + + + function execute() + { + /* Call parent execute */ + plugin::execute(); + + $tmp= session::global_get('plist'); + $plist= $tmp->info; + + /* Handle posts */ + if (isset($_POST['new_acl'])){ + $this->dialogState= 'create'; + $this->dialog= TRUE; + $this->currentIndex= count($this->gosaAclEntry); + $this->loadAclEntry(TRUE); } - continue; - } - - /* Only handle posts, if we allowed to modify ACLs */ - if(!$this->acl_is_writeable("")){ - continue; - } - - if (preg_match('/^acl_del_[0-9]*$/', $name)){ - unset($this->gosaAclEntry[preg_replace('/^acl_del_([0-9]*)$/', '\1', $name)]); - continue; - } - - if (preg_match('/^cat_del_.*$/', $name)){ - $idx= preg_replace('/^cat_del_(.*)$/', '\1', $name); - foreach ($this->ocMapping[$idx] as $key){ - if(isset($this->aclContents[$idx])) - unset($this->aclContents[$idx]); - if(isset($this->aclContents["$idx/$key"])) - unset($this->aclContents["$idx/$key"]); + + $new_acl= array(); + $aclDialog= FALSE; + $firstedit= FALSE; + + // Get listing actions. Delete or Edit. + $this->list->save_object(); + $lAction = $this->list->getAction(); + $this->gosaAclEntry = array_values($this->list->getMaintainedData()); + + /* Act on HTML post and gets here. + */ + if($lAction['action'] == "edit"){ + $this->currentIndex = $this->list->getKey($lAction['targets'][0]); + $this->dialogState= 'create'; + $firstedit= TRUE; + $this->dialog= TRUE; + $this->loadAclEntry(); } - continue; - } - /* ACL saving... */ - if (preg_match('/^acl_.*_[^xy]$/', $name)){ - list($dummy, $object, $attribute, $value)= explode('_', $name); + foreach($_POST as $name => $post){ - /* Skip for detection entry */ - if ($object == 'dummy') { - continue; - } + $post =get_post($name); - /* Ordinary ACLs */ - if (!isset($new_acl[$object])){ - $new_acl[$object]= array(); + /* Actions... */ + if (preg_match('/^acl_edit_[0-9]*$/', $name)){ + $this->dialogState= 'create'; + $firstedit= TRUE; + $this->dialog= TRUE; + $this->currentIndex= preg_replace('/^acl_edit_([0-9]*)$/', '\1', $name); + $this->loadAclEntry(); + continue; + } + + if (preg_match('/^cat_edit_.*$/', $name)){ + $this->aclObject= preg_replace('/^cat_edit_(.*)$/', '\1', $name); + $this->dialogState= 'edit'; + foreach ($this->ocMapping[$this->aclObject] as $oc){ + if (isset($this->aclContents[$oc])){ + $this->savedAclContents[$oc]= $this->aclContents[$oc]; + } + } + continue; + } + + /* Only handle posts, if we allowed to modify ACLs */ + if(!$this->acl_is_writeable("")){ + continue; + } + + if (preg_match('/^acl_del_[0-9]*$/', $name)){ + unset($this->gosaAclEntry[preg_replace('/^acl_del_([0-9]*)$/', '\1', $name)]); + continue; + } + + if (preg_match('/^cat_del_.*$/', $name)){ + $idx= preg_replace('/^cat_del_(.*)$/', '\1', $name); + foreach ($this->ocMapping[$idx] as $key){ + if(isset($this->aclContents[$idx])) + unset($this->aclContents[$idx]); + if(isset($this->aclContents["$idx/$key"])) + unset($this->aclContents["$idx/$key"]); + } + continue; + } + + /* ACL saving... */ + if (preg_match('/^acl_.*_[^xy]$/', $name)){ + list($dummy, $object, $attribute, $value)= explode('_', $name); + + /* Skip for detection entry */ + if ($object == 'dummy') { + continue; + } + + /* Ordinary ACLs */ + if (!isset($new_acl[$object])){ + $new_acl[$object]= array(); + } + if (isset($new_acl[$object][$attribute])){ + $new_acl[$object][$attribute].= $value; + } else { + $new_acl[$object][$attribute]= $value; + } + } + + // Remember the selected ACL role. + if(isset($_POST['selected_role']) && $_POST['aclType'] == 'role'){ + $this->aclContents = ""; + $this->aclContents = base64_decode(get_post('selected_role')); + }else{ + if(is_string($this->aclContents)) + $this->aclContents = array(); + } } - if (isset($new_acl[$object][$attribute])){ - $new_acl[$object][$attribute].= $value; - } else { - $new_acl[$object][$attribute]= $value; + + if(isset($_POST['acl_dummy_0_0_0'])){ + $aclDialog= TRUE; } - } - - // Remember the selected ACL role. - if(isset($_POST['selected_role']) && $_POST['aclType'] == 'role'){ - $this->aclContents = ""; - $this->aclContents = base64_decode($_POST['selected_role']); - }else{ - if(is_string($this->aclContents)) - $this->aclContents = array(); - } - } - if(isset($_POST['acl_dummy_0_0_0'])){ - $aclDialog= TRUE; - } + if($this->acl_is_writeable("")){ - if($this->acl_is_writeable("")){ - - /* Only be interested in new acl's, if we're in the right _POST place */ - if ($aclDialog && $this->aclObject != "" && is_array($this->ocMapping[$this->aclObject])){ + /* Only be interested in new acl's, if we're in the right _POST place */ + if ($aclDialog && $this->aclObject != "" && is_array($this->ocMapping[$this->aclObject])){ - foreach ($this->ocMapping[$this->aclObject] as $oc){ + foreach ($this->ocMapping[$this->aclObject] as $oc){ - if(isset($this->aclContents[$oc]) && is_array($this->aclContents)){ - unset($this->aclContents[$oc]); - }elseif(isset($this->aclContents[$this->aclObject.'/'.$oc]) && is_array($this->aclContents)){ - unset($this->aclContents[$this->aclObject.'/'.$oc]); - }else{ + if(isset($this->aclContents[$oc]) && is_array($this->aclContents)){ + unset($this->aclContents[$oc]); + }elseif(isset($this->aclContents[$this->aclObject.'/'.$oc]) && is_array($this->aclContents)){ + unset($this->aclContents[$this->aclObject.'/'.$oc]); + }else{ # trigger_error("Huhm?"); - } - if (isset($new_acl[$oc]) && is_array($new_acl)){ - $this->aclContents[$oc]= $new_acl[$oc]; - } - if (isset($new_acl[$this->aclObject.'/'.$oc]) && is_array($new_acl)){ - $this->aclContents[$this->aclObject.'/'.$oc]= $new_acl[$this->aclObject.'/'.$oc]; - } - } - } + } + if (isset($new_acl[$oc]) && is_array($new_acl)){ + $this->aclContents[$oc]= $new_acl[$oc]; + } + if (isset($new_acl[$this->aclObject.'/'.$oc]) && is_array($new_acl)){ + $this->aclContents[$this->aclObject.'/'.$oc]= $new_acl[$this->aclObject.'/'.$oc]; + } + } + } - /* Save new acl in case of base edit mode */ - if ($this->aclType == 'base' && !$firstedit){ - $this->aclContents= $new_acl; - } - } + /* Save new acl in case of base edit mode */ + if ($this->aclType == 'base' && !$firstedit){ + $this->aclContents= $new_acl; + } + } - /* Cancel new acl? */ - if (isset($_POST['cancel_new_acl'])){ - $this->dialogState= 'head'; - $this->dialog= FALSE; - if ($this->wasNewEntry){ - unset ($this->gosaAclEntry[$this->currentIndex]); - } - } + /* Cancel new acl? */ + if (isset($_POST['cancel_new_acl'])){ + $this->dialogState= 'head'; + $this->dialog= FALSE; + if ($this->wasNewEntry){ + unset ($this->gosaAclEntry[$this->currentIndex]); + } + } - /* Save common values */ - if($this->acl_is_writeable("")){ - foreach (array("aclType","aclFilter", "aclObject", "target") as $key){ - if (isset($_POST[$key])){ - $this->$key= validate($_POST[$key]); + /* Save common values */ + if($this->acl_is_writeable("")){ + foreach (array("aclType","aclFilter", "aclObject", "target") as $key){ + if (isset($_POST[$key])){ + $this->$key= get_post($key); + } + } } - } - } - /* Store ACL in main object? */ - if (isset($_POST['submit_new_acl'])){ - $this->gosaAclEntry[$this->currentIndex]['type']= $this->aclType; - $this->gosaAclEntry[$this->currentIndex]['members']= $this->recipients; - $this->gosaAclEntry[$this->currentIndex]['acl']= $this->aclContents; - $this->gosaAclEntry[$this->currentIndex]['filter']= $this->aclFilter; - $this->dialogState= 'head'; - $this->dialog= FALSE; - } + /* Store ACL in main object? */ + if (isset($_POST['submit_new_acl'])){ + $this->gosaAclEntry[$this->currentIndex]['type']= $this->aclType; + $this->gosaAclEntry[$this->currentIndex]['members']= $this->recipients; + $this->gosaAclEntry[$this->currentIndex]['acl']= $this->aclContents; + $this->gosaAclEntry[$this->currentIndex]['filter']= $this->aclFilter; + $this->dialogState= 'head'; + $this->dialog= FALSE; + } - /* Cancel edit acl? */ - if (isset($_POST['cancel_edit_acl'])){ - $this->dialogState= 'create'; - foreach ($this->ocMapping[$this->aclObject] as $oc){ - if (isset($this->savedAclContents[$oc])){ - $this->aclContents[$oc]= $this->savedAclContents[$oc]; + /* Cancel edit acl? */ + if (isset($_POST['cancel_edit_acl'])){ + $this->dialogState= 'create'; + foreach ($this->ocMapping[$this->aclObject] as $oc){ + if (isset($this->savedAclContents[$oc])){ + $this->aclContents[$oc]= $this->savedAclContents[$oc]; + } + } } - } - } - /* Save edit acl? */ - if (isset($_POST['submit_edit_acl'])){ - $this->dialogState= 'create'; - } + /* Save edit acl? */ + if (isset($_POST['submit_edit_acl'])){ + $this->dialogState= 'create'; + } - /* Add acl? */ - if (isset($_POST['add_acl']) && $_POST['aclObject'] != ""){ - $this->dialogState= 'edit'; - $this->savedAclContents= array(); - foreach ($this->ocMapping[$this->aclObject] as $oc){ - if (isset($this->aclContents[$oc])){ - $this->savedAclContents[$oc]= $this->aclContents[$oc]; + /* Add acl? */ + if (isset($_POST['add_acl']) && $_POST['aclObject'] != ""){ + $this->dialogState= 'edit'; + $this->savedAclContents= array(); + foreach ($this->ocMapping[$this->aclObject] as $oc){ + if (isset($this->aclContents[$oc])){ + $this->savedAclContents[$oc]= $this->aclContents[$oc]; + } + } } - } - } - /* Add to list? */ - if (isset($_POST['add']) && isset($_POST['source'])){ - foreach ($_POST['source'] as $key){ - if ($this->target == 'user'){ - $this->recipients[$key]= $this->users[$key]; + /* Add to list? */ + if (isset($_POST['add']) && isset($_POST['source'])){ + foreach ($_POST['source'] as $key){ + if ($this->target == 'user'){ + $this->recipients[$key]= $this->users[$key]; + } + if ($this->target == 'group'){ + $this->recipients[$key]= $this->groups[$key]; + } + } + ksort($this->recipients); } - if ($this->target == 'group'){ - $this->recipients[$key]= $this->groups[$key]; + + /* Remove from list? */ + if (isset($_POST['del']) && isset($_POST['recipient'])){ + foreach ($_POST['recipient'] as $key){ + unset($this->recipients[$key]); + } } - } - ksort($this->recipients); - } - /* Remove from list? */ - if (isset($_POST['del']) && isset($_POST['recipient'])){ - foreach ($_POST['recipient'] as $key){ - unset($this->recipients[$key]); - } - } + /* Create templating instance */ + $smarty= get_smarty(); - /* Create templating instance */ - $smarty= get_smarty(); + $smarty->assign("acl_readable",$this->acl_is_readable("")); + if(!$this->acl_is_readable("")){ + return ($smarty->fetch (get_template_path('acl.tpl'))); + } - $smarty->assign("acl_readable",$this->acl_is_readable("")); - if(!$this->acl_is_readable("")){ - return ($smarty->fetch (get_template_path('acl.tpl'))); - } + if ($this->dialogState == 'head'){ + $this->updateList(); + $smarty->assign("aclList", $this->list->render()); + } - if ($this->dialogState == 'head'){ - $this->updateList(); - $smarty->assign("aclList", $this->list->render()); - } + if ($this->dialogState == 'create'){ + + + if($this->aclType != 'role'){ + + // Create a map of all used sections, this allows us to simply hide the remove button + // if no acl is configured for the given section + // e.g. ';all;department/country;users/user; + $usedList = ";".implode(array_keys($this->aclContents),';').";"; + + /* Add settings for all categories to the (permanent) list */ + $data = $lData = array(); + foreach ($this->aclObjects as $section => $dsc){ + $summary= ""; + foreach($this->ocMapping[$section] as $oc){ + if (isset($this->aclContents[$oc]) && + count($this->aclContents[$oc]) && + isset($this->aclContents[$oc][0]) && + $this->aclContents[$oc][0] != ""){ + + $summary.= "$oc, "; + continue; + } + if (isset($this->aclContents["$section/$oc"]) && + count($this->aclContents["$section/$oc"])){ + $summary.= "$oc, "; + continue; + } + if (isset($this->aclContents[$oc]) && + !isset($this->aclContents[$oc][0]) && + count($this->aclContents[$oc])){ + $summary.= "$oc, "; + } + } - if ($this->dialogState == 'create'){ + /* Set summary... */ + if ($summary == ""){ + $summary= ''._("No ACL settings for this category!").''; + } else { + $summary= trim($summary,", "); + $summary= " ".sprintf(_("ACLs for: %s"), $summary); + } + $actions =""; + if($this->acl_is_readable("")){ + $actions.= image('images/lists/edit.png','cat_edit_'.$section, + msgPool::editButton(_("category ACL"))); + } + if($this->acl_is_removeable() && preg_match("/;".$section."(;|\/)/", $usedList)){ + $actions.= image('images/lists/trash.png','cat_del_'.$section, + msgPool::delButton(_("category ACL"))); + } + $data[] = $section; + $lData[] = array('data'=>array($dsc, $summary, $actions)); + } + $this->sectionList->setListData($data,$lData); + $this->sectionList->update(); + $smarty->assign("aclList", $this->sectionList->render()); + } - if($this->aclType != 'role'){ + $smarty->assign("aclType", set_post($this->aclType)); + $smarty->assign("aclFilter", set_post($this->aclFilter)); + $smarty->assign("aclTypes", set_post($this->aclTypes)); + $smarty->assign("target", set_post($this->target)); + $smarty->assign("targets", set_post($this->targets)); - // Create a map of all used sections, this allows us to simply hide the remove button - // if no acl is configured for the given section - // e.g. ';all;department/country;users/user; - $usedList = ";".implode(array_keys($this->aclContents),';').";"; + /* Assign possible target types */ + $smarty->assign("targets", $this->targets); + foreach ($this->attributes as $attr){ + $smarty->assign($attr, set_post($this->$attr)); + } - /* Add settings for all categories to the (permanent) list */ - $data = $lData = array(); - foreach ($this->aclObjects as $section => $dsc){ - $summary= ""; - foreach($this->ocMapping[$section] as $oc){ - if (isset($this->aclContents[$oc]) && - count($this->aclContents[$oc]) && - isset($this->aclContents[$oc][0]) && - $this->aclContents[$oc][0] != ""){ - $summary.= "$oc, "; - continue; - } - if (isset($this->aclContents["$section/$oc"]) && - count($this->aclContents["$section/$oc"])){ - $summary.= "$oc, "; - continue; - } - if (isset($this->aclContents[$oc]) && - !isset($this->aclContents[$oc][0]) && - count($this->aclContents[$oc])){ - $summary.= "$oc, "; + /* Generate list */ + $tmp= array(); + if ($this->target == "group" && !isset($this->recipients["G:*"])){ + $tmp["G:*"]= _("All users"); + } + foreach (array("user" => "users", "group" => "groups") as $field => $arr){ + if ($this->target == $field){ + foreach ($this->$arr as $key => $value){ + if (!isset($this->recipients[$key])){ + $tmp[$key]= $value; + } } } + } + $smarty->assign('sources', set_post($tmp)); + $smarty->assign('recipients', set_post($this->recipients)); - /* Set summary... */ - if ($summary == ""){ - $summary= ''._("No ACL settings for this category!").''; - } else { - $summary= trim($summary,", "); - $summary= " ".sprintf(_("ACLs for: %s"), $summary); - } + /* Acl selector if scope is base */ + if ($this->aclType == 'base'){ + $smarty->assign('aclSelector', $this->buildAclSelector($this->myAclObjects)); + } - $actions =""; - if($this->acl_is_readable("")){ - $actions.= image('images/lists/edit.png','cat_edit_'.$section, - msgPool::editButton(_("category ACL"))); - } - if($this->acl_is_removeable() && preg_match("/;".$section."(;|\/)/", $usedList)){ - $actions.= image('images/lists/trash.png','cat_del_'.$section, - msgPool::delButton(_("category ACL"))); - } - $data[] = $section; - $lData[] = array('data'=>array($dsc, $summary, $actions)); + /* Role selector if scope is base */ + if ($this->aclType == 'role'){ + $smarty->assign('roleSelector', $this->buildRoleSelector($this->roles)); } - $this->sectionList->setListData($data,$lData); - $this->sectionList->update(); - $smarty->assign("aclList", $this->sectionList->render()); } - - $smarty->assign("aclType", $this->aclType); - $smarty->assign("aclFilter", $this->aclFilter); - $smarty->assign("aclTypes", $this->aclTypes); - $smarty->assign("target", $this->target); - $smarty->assign("targets", $this->targets); - - /* Assign possible target types */ - $smarty->assign("targets", $this->targets); - foreach ($this->attributes as $attr){ - $smarty->assign($attr, $this->$attr); - } - - - /* Generate list */ - $tmp= array(); - if ($this->target == "group" && !isset($this->recipients["G:*"])){ - $tmp["G:*"]= _("All users"); - } - foreach (array("user" => "users", "group" => "groups") as $field => $arr){ - if ($this->target == $field){ - foreach ($this->$arr as $key => $value){ - if (!isset($this->recipients[$key])){ - $tmp[$key]= $value; + + if ($this->dialogState == 'edit'){ + $smarty->assign('headline', sprintf(_("Edit ACL for '%s' with scope '%s'"), $this->aclObjects[$this->aclObject], $this->aclTypes[$this->aclType])); + + /* Collect objects for selected category */ + foreach ($this->ocMapping[$this->aclObject] as $idx => $class){ + if ($idx == 0){ + continue; + } + $aclObjects[$this->aclObject.'/'.$class]= $plist[$class]['plDescription']; + } + + /* Role selector if scope is base */ + if ($this->aclType == 'role'){ + $smarty->assign('roleSelector', $this->buildRoleSelector($this->roles)); + } else { + $smarty->assign('aclSelector', $this->buildAclSelector($aclObjects)); } - } } - } - $smarty->assign('sources', $tmp); - $smarty->assign('recipients', $this->recipients); - - /* Acl selector if scope is base */ - if ($this->aclType == 'base'){ - $smarty->assign('aclSelector', $this->buildAclSelector($this->myAclObjects)); - } - - /* Role selector if scope is base */ - if ($this->aclType == 'role'){ - $smarty->assign('roleSelector', $this->buildRoleSelector($this->roles)); - } + + /* Show main page */ + $smarty->assign("dialogState", $this->dialogState); + + /* Assign acls */ + $smarty->assign("acl_createable",$this->acl_is_createable()); + $smarty->assign("acl_writeable" ,$this->acl_is_writeable("")); + $smarty->assign("acl_readable" ,$this->acl_is_readable("")); + $smarty->assign("acl_removeable",$this->acl_is_removeable()); + + return ($smarty->fetch (get_template_path('acl.tpl'))); } - if ($this->dialogState == 'edit'){ - $smarty->assign('headline', sprintf(_("Edit ACL for '%s' with scope '%s'"), $this->aclObjects[$this->aclObject], $this->aclTypes[$this->aclType])); - /* Collect objects for selected category */ - foreach ($this->ocMapping[$this->aclObject] as $idx => $class){ - if ($idx == 0){ - continue; + function sort_by_priority($list) + { + $tmp= session::global_get('plist'); + $plist= $tmp->info; + asort($plist); + $newSort = array(); + + foreach($list as $name => $translation){ + $na = preg_replace("/^.*\//","",$name); + $prio = 0; + if(isset($plist[$na]['plPriority'])){ + $prio= $plist[$na]['plPriority'] ; + } + + $newSort[$name] = $prio; + } + + asort($newSort); + + $ret = array(); + foreach($newSort as $name => $prio){ + $ret[$name] = $list[$name]; } - $aclObjects[$this->aclObject.'/'.$class]= $plist[$class]['plDescription']; - } - - /* Role selector if scope is base */ - if ($this->aclType == 'role'){ - $smarty->assign('roleSelector', $this->buildRoleSelector($this->roles)); - } else { - $smarty->assign('aclSelector', $this->buildAclSelector($aclObjects)); - } + return($ret); } - /* Show main page */ - $smarty->assign("dialogState", $this->dialogState); - - /* Assign acls */ - $smarty->assign("acl_createable",$this->acl_is_createable()); - $smarty->assign("acl_writeable" ,$this->acl_is_writeable("")); - $smarty->assign("acl_readable" ,$this->acl_is_readable("")); - $smarty->assign("acl_removeable",$this->acl_is_removeable()); - return ($smarty->fetch (get_template_path('acl.tpl'))); - } + function buildRoleSelector($list) + { + $selected = $this->aclContents; + if(!is_string($this->aclContents) || !isset($list[$this->aclContents])){ + $selected = key($list); + } + $data = $lData = array(); + foreach($list as $dn => $values){ + if($dn == $selected){ + $option = ""; + }else{ + $option = ""; + } + $data[] = postEncode($dn); + $lData[] = array('data'=>array($option, $values['cn'], $values['description'])); + } + $this->roleList->setListData($data,$lData); + $this->roleList->update(); + return($this->roleList->render()); + } + + + function buildAclSelector($list) + { + $display= ""; + $cols= 3; + $tmp= session::global_get('plist'); + $plist= $tmp->info; + asort($plist); + + /* Add select all/none buttons */ + $style = "style='width:100px;'"; + + if($this->acl_is_writeable("")){ + $display .= ""; + $display .= ""; + $display .= " - "; + $display .= ""; + $display .= " - "; + + $display .= ""; + $display .= ""; + + $display .= "
"; + + $style = "style='width:50px;'"; + $display .= ""; + $display .= ""; + $display .= ""; + $display .= ""; + $display .= ""; + $display .= " - "; + $display .= ""; + $display .= ""; + $display .= ""; + $display .= " - "; + + $display .= ""; + $display .= ""; + $display .= ""; + $display .= ""; + } - function sort_by_priority($list) - { - $tmp= session::global_get('plist'); - $plist= $tmp->info; - asort($plist); - $newSort = array(); + /* Build general objects */ + $list =$this->sort_by_priority($list); + foreach ($list as $key => $name){ - foreach($list as $name => $translation){ - $na = preg_replace("/^.*\//","",$name); - $prio = 0; - if(isset($plist[$na]['plPriority'])){ - $prio= $plist[$na]['plPriority'] ; - } + /* Create sub acl if it does not exist */ + if (!isset($this->aclContents[$key])){ + $this->aclContents[$key]= array(); + } + if(!isset($this->aclContents[$key][0])){ + $this->aclContents[$key][0]= ''; + } - $newSort[$name] = $prio; - } + $currentAcl= $this->aclContents[$key]; - asort($newSort); + /* Get the overall plugin acls + */ + $overall_acl =""; + if(isset($currentAcl[0])){ + $overall_acl = $currentAcl[0]; + } - $ret = array(); - foreach($newSort as $name => $prio){ - $ret[$name] = $list[$name]; - } - return($ret); - } + // Detect configured plugins + $expand = count($currentAcl) > 1 || $currentAcl[0] != ""; + /* Object header */ + $tname= preg_replace("/[^a-z0-9]/i","_",$name); - function buildRoleSelector($list) - { - $selected = $this->aclContents; - if(!is_string($this->aclContents) || !isset($list[$this->aclContents])){ - $selected = key($list); - } + if($expand){ + $back_color = "#C8C8FF"; + }else{ + $back_color = "#C8C8C8"; + } - $data = $lData = array(); - foreach($list as $dn => $values){ - if($dn == $selected){ - $option = ""; - }else{ - $option = ""; - } - $data[] = postEncode($dn); - $lData[] = array('data'=>array($option, $values['cn'], $values['description'])); - } - $this->roleList->setListData($data,$lData); - $this->roleList->update(); - return($this->roleList->render()); - } + if(isset($_SERVER['HTTP_USER_AGENT']) && + (preg_match("/gecko/i",$_SERVER['HTTP_USER_AGENT'])) || + (preg_match("/presto/i",$_SERVER['HTTP_USER_AGENT']))) { + $display.= "\n". + "\n ". + "\n ". + "\n ". + "\n "; + } else if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/ie/i",$_SERVER['HTTP_USER_AGENT'])) { + $display.= "\n
"._("Object").": $name". + "\n
". + "\n ". + "\n ". + "\n ". + "\n "; + } else { + $display.= "\n
"._("Object").": $name". + "\n
". + "\n ". + "\n ". + "\n "; + } + /* Generate options */ + $spc= "  "; + $options= $this->mkchkbx($key."_0_c", _("Create objects"), preg_match('/c/', $overall_acl)).$spc; + $options.= $this->mkchkbx($key."_0_m", _("Move objects"), preg_match('/m/', $overall_acl)).$spc; + $options.= $this->mkchkbx($key."_0_d", _("Remove objects"), preg_match('/d/', $overall_acl)).$spc; + if ($plist[preg_replace('%^.*/%', '', $key)]['plSelfModify']){ + $options.= $this->mkchkbx($key."_0_s", _("Restrict changes to user's own object"), preg_match('/s/', $overall_acl)).$spc; + } - function buildAclSelector($list) - { - $display= ""; - $cols= 3; - $tmp= session::global_get('plist'); - $plist= $tmp->info; - asort($plist); - - /* Add select all/none buttons */ - $style = "style='width:100px;'"; - - if($this->acl_is_writeable("")){ - $display .= ""; - $display .= ""; - $display .= " - "; - $display .= ""; - $display .= " - "; - - $display .= ""; - $display .= ""; - - $display .= "
"; - - $style = "style='width:50px;'"; - $display .= ""; - $display .= ""; - $display .= ""; - $display .= ""; - $display .= ""; - $display .= " - "; - $display .= ""; - $display .= ""; - $display .= ""; - $display .= " - "; - - $display .= ""; - $display .= ""; - $display .= ""; - $display .= ""; + /* Global options */ + $more_options= $this->mkchkbx($key."_0_r", _("read"), preg_match('/r/', $overall_acl)).$spc; + $more_options.= $this->mkchkbx($key."_0_w", _("write"), preg_match('/w/', $overall_acl)); + + $display.= "\n ". + "\n ". + "\n ". + "\n "; + + /* Walk through the list of attributes */ + $cnt= 1; + $splist= $plist[preg_replace('%^.*/%', '', $key)]['plProvidedAcls']; + if(session::global_get('js')) { + if(isset($_SERVER['HTTP_USER_AGENT']) && + (preg_match("/gecko/i",$_SERVER['HTTP_USER_AGENT'])) || (preg_match("/presto/i",$_SERVER['HTTP_USER_AGENT']))) { + $display.= "\n ". + "\n
"._("Object").": $name
$options "._("Complete object").": $more_options
". + "\n