From 3a954a269b754d5e7cdd2619f8fe8a87dfd06e71 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 2 Apr 2008 09:05:07 +0000 Subject: [PATCH] Added sudo classes. -Currently not working ! git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@10105 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../plugins/admin/sudo/class_divListSudo.inc | 218 ++++++++ .../plugins/admin/sudo/class_sudoGeneric.inc | 107 ++++ .../admin/sudo/class_sudoManagement.inc | 469 ++++++++++++++++++ gosa-core/plugins/admin/sudo/generic.tpl | 246 +++++++++ gosa-core/plugins/admin/sudo/main.inc | 62 +++ gosa-core/plugins/admin/sudo/remove.tpl | 27 + gosa-core/plugins/admin/sudo/tabs_sudo.inc | 66 +++ 7 files changed, 1195 insertions(+) create mode 100644 gosa-core/plugins/admin/sudo/class_divListSudo.inc create mode 100644 gosa-core/plugins/admin/sudo/class_sudoGeneric.inc create mode 100644 gosa-core/plugins/admin/sudo/class_sudoManagement.inc create mode 100644 gosa-core/plugins/admin/sudo/generic.tpl create mode 100644 gosa-core/plugins/admin/sudo/main.inc create mode 100644 gosa-core/plugins/admin/sudo/remove.tpl create mode 100644 gosa-core/plugins/admin/sudo/tabs_sudo.inc diff --git a/gosa-core/plugins/admin/sudo/class_divListSudo.inc b/gosa-core/plugins/admin/sudo/class_divListSudo.inc new file mode 100644 index 000000000..a52c22f19 --- /dev/null +++ b/gosa-core/plugins/admin/sudo/class_divListSudo.inc @@ -0,0 +1,218 @@ +parent = &$parent; + $this->ui = get_userinfo(); + + /* Set list strings */ + $this->SetTitle(_("List of sudo roles")); + $this->SetSummary(_("List of sudo roles")); + $this->EnableAplhabet(true); + + /* Result page will look like a headpage */ + $this->SetHeadpageMode(); + + /* Disable buttonsm */ + $this->EnableCloseButton(false); + $this->EnableSaveButton (false); + + /* Dynamic action col, depending on snapshot icons */ + $action_col_size = 80; + if($this->parent->snapshotEnabled()){ + $action_col_size += 38; + } + + /* Toggle all selected / deselected */ + $chk = ""; + + /* set Page header */ + $this->AddHeader(array("string"=> $chk, "attach"=>"style='width:20px;'")); + $this->AddHeader(array("string"=>" ","attach"=>"style='width:20px;'")); + $this->AddHeader(array("string"=>_("Name")." / "._("Department"))); + $this->AddHeader(array("string"=>_("Properties"),"attach"=>"style='width:136px;'")); + $this->AddHeader(array("string"=>_("Actions"),"attach"=>"style='width:".$action_col_size."px;border-right:0px;'")); + + /* Add SubSearch checkbox */ + $this->AddCheckBox("SubSearch", msgPool::selectToView("","subsearch"),msgPool::selectToView("","subsearch_small"), false); + $this->AddRegex ("Regex" , _("Regular expression for matching role names") , + "*" , true); + $this->AddRegex ("UserRegex", _("Regular expression for matching role member names"), + "*" , FALSE,"images/search_user.png"); + } + + + function GenHeader() + { + /* Prepare departments, + which are shown in the listbox on top of the listbox + */ + $base = $this->parent->base; + + $acl = $this->ui->get_category_permissions($base,"sudo"); + + /* Add default header */ + $listhead = MultiSelectWindow::get_default_header(); + + /* Create Layers menu */ + $s = ".|"._("Actions")."|\n"; + $s .= "..|". + " "._("Create")."|\n"; + + + /* Append create options */ + if(preg_match("/c/",$acl)) { + $s.= "...| "._("Role")."|new_role|\n"; + } + +# /* Add multiple copy & cut icons */ +# if(is_object($this->parent->CopyPasteHandler) && preg_match("/(c.*w|w.*c)/",$acl_all)){ +# $s.= "..|---|\n"; +# $s.= "..|". +# " "._("Copy")."|"."multiple_copy_systems|\n"; +# $s.= "..|". +# " "._("Cut")."|"."multiple_cut_systems|\n"; +# +# if($this->parent->CopyPasteHandler->entries_queued()){ +# $img = ""; +# $s.="..|".$img." "._("Paste")."|editPaste|\n"; +# }else{ +# $img = ""; +# $s.="..|".$img." "._("Paste")."\n"; +# } +# } +# +# /* Add snapshot icons */ +# if(preg_match("/(c.*w|w.*c)/",$acl_all)){ +# $s .= "..|---|\n"; +# $s .= $this->get_snapshot_header(TRUE); +# } + + $this->SetDropDownHeaderMenu($s); + + $this->SetListHeader($listhead); + } + + function execute() + { + $this->ClearElementsList(); + $this->GenHeader(); + } + + function setEntries($list) + { + /* Prepare links */ + $editlink = "%s"; + $userimg = "Sudo"; + $ui = get_userinfo(); + + $action_col_size = 80; + + // Test Every Entry and generate divlist Array + foreach($list as $key => $val){ + + /* Create action icons - copy & paste icons */ + $acl = $ui->get_permissions($val['dn'],"sudo/sudo"); + + /* Add edit icon */ + $actions = ""; + $actions.= ""; + + if(preg_match("/d/",$acl)){ + $actions.= ""; + } + + $title = "title='".preg_replace('/ /', ' ', @LDAP::fix($val['dn']))."'"; + + if(!isset($val['description'][0])){ + $desc = ""; + }else{ + $desc = " - [ ".$val['description'][0]." ]"; + } + + $display = $val['cn'][0].$desc; + + $field0 = array("string" => "" , + "attach" => "style='width:20px;'"); + $field1 = array("string" => sprintf($userimg,$val['dn']), "attach" => "style='text-align:center;width:20px;'"); + $field2 = array("string" => sprintf($editlink,$key,$display), "attach" => "style='' ".$title); + $field3 = array("string" => preg_replace("/%KEY%/", $key, $posix." ".$enviro." ".$mail." ".$samba." ".$appl." ".$phone), "attach" => "style='width:136px;'"); + $field4 = array("string" => preg_replace("/%KEY%/", $key, $actions), "attach" => "style='width:".$action_col_size."px;border-right:0px;text-align:right;'"); + + $this->AddElement(array($field0,$field1,$field2,$field3,$field4)); + } + + /* Create summary string for list footer */ + $num_deps=0; + if(!$this->SubSearch){ + $num_deps = count($this->Added_Departments); + } + $num_grps = count($groups); + + $num_grp_str = _("Number of listed groups"); + $num_dep_str = _("Number of listed departments"); + + $str = "".$num_grp_str." ".$num_grps."    "; + $str.= "".$num_dep_str." ".$num_deps."    "; + + $this->set_List_Bottom_Info($str); + + } + + function Save() + { + MultiSelectWindow :: Save(); + } + + function save_object() + { + /* Save automatic created POSTs like regex, checkboxes */ + MultiSelectWindow::save_object(); + } +} +// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: +?> diff --git a/gosa-core/plugins/admin/sudo/class_sudoGeneric.inc b/gosa-core/plugins/admin/sudo/class_sudoGeneric.inc new file mode 100644 index 000000000..1e52d9653 --- /dev/null +++ b/gosa-core/plugins/admin/sudo/class_sudoGeneric.inc @@ -0,0 +1,107 @@ +fetch(get_template_path('generic.tpl', TRUE))); + } + + function remove_from_parent() + { + plugin::remove_from_parent(); + + /* Send signal to the world that we've done */ + $this->handle_post_events("remove"); + } + + /* Save data to object */ + function save_object() + { + plugin::save_object(); + } + + /* Save to LDAP */ + function save() + { + plugin::save(); + } + + function check() + { + $message = plugin::check(); + return ($message); + } + + function getCopyDialog() + { + echo "NIY"; + } + + function saveCopyDialog() + { + echo "NIY"; + } + + /* Return plugin informations for acl handling */ + static function plInfo() + { + return (array( + "plShortName" => _("Sudo"), + "plDescription" => _("Sudo role"), + "plSelfModify" => FALSE, + "plDepends" => array(), + "plPriority" => 0, + "plSection" => array("admin"), + "plCategory" => array("sudo" => array("objectClass" => "sudoRole", "description" => _("Sudo role"))), + + "plProvidedAcls" => array( + "cn" => _("Name"), + "description" => _("Description"), + "sudoUser" => _("Users"), + "sudoHost" => _("Host"), + "sudoCommand" => _("Command"), + "sudoRunas" => _("Run as user"), + "sudoOption" => _("Flags")) + )); + } +} +// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: +?> diff --git a/gosa-core/plugins/admin/sudo/class_sudoManagement.inc b/gosa-core/plugins/admin/sudo/class_sudoManagement.inc new file mode 100644 index 000000000..ece30b29a --- /dev/null +++ b/gosa-core/plugins/admin/sudo/class_sudoManagement.inc @@ -0,0 +1,469 @@ +config = &$config; + $this->ui = &$ui; + $this->base = get_ou("sudoou"); + + echo "base checks, maybe it is not set, or it do not exists";; + + /* Copy & Paste enabled ?*/ + if((isset($this->config->data['MAIN']['ENABLECOPYPASTE']))&& + (preg_match("/true/i",$this->config->data['MAIN']['ENABLECOPYPASTE']))){ + $this->CopyPasteHandler = new CopyPasteHandler($this->config); + } + + /* Create dialog object */ + $this->DivListSudo = new divListSudo($this->config,$this); + } + + + function execute() + { + /* Call parent execute */ + plugin::execute(); + + /* Store these posts if the current object is locked (used by somebody else)*/ + session::set('LOCK_VARS_TO_USE',array("/^act$/","/^id$/","/^group_edit_/","/^group_del_/","/^item_selected/","/^remove_multiple_sudos/","/^multiple_edit/","/menu_action/")); + + /* Save data */ + $s_action = ""; + $s_entry = ""; + + $s_entry = preg_replace("/_.$/","",$s_entry); + + /* handle C&P from layers menu */ + if(isset($_POST['menu_action']) && preg_match("/^multiple_copy_systems/",$_POST['menu_action'])){ + $s_action = "copy_multiple"; + } + + $smarty= get_smarty(); + + /******************** + Create notification event + ********************/ + + /******************** + Create a new group ... + ********************/ + + /* New group? */ + if ($s_action=="new"){ + + /* Check create permissions */ + $acl = $this->ui->get_permissions($this->DivListSudo->selectedBase,"sudos/group"); + if(preg_match("/c/",$acl)){ + + /* By default we set 'dn' to 'new', all relevant plugins will + react on this. */ + $this->dn= "new"; + + /* Create new grouptab object */ + $this->grouptab= new grouptabs($this->config, $this->config->data['TABS']['GROUPTABS'], $this->dn); + + /* Set up the group ACL's for this 'dn' */ + $this->grouptab->set_acl_base($this->DivListSudo->selectedBase); + } + } + + + /******************** + Save Group Tab/Object Changes + ********************/ + + /* Finish group edit is triggered by the tabulator dialog, so + the user wants to save edited data. Check and save at this + point. */ + if ((isset($_POST['edit_finish']) || isset($_POST['edit_apply'])) && (isset($this->grouptab->config)) ){ + + /* Check tabs, will feed message array + Save, or display error message? */ + $message= $this->grouptab->check(); + if (count($message) == 0){ + + /* Save user data to ldap */ + $this->grouptab->save(); + + if (!isset($_POST['edit_apply'])){ + /* Group has been saved successfully, remove lock from LDAP. */ + if ($this->dn != "new"){ + del_lock ($this->dn); + } + + /* There's no page reload so we have to read new sudos at this point. */ + //$this->reload (); + unset ($this->grouptab); + $this->grouptab= NULL; + session::un_set('objectinfo'); + } + } else { + /* Ok. There seem to be errors regarding to the tab data, + show message and continue as usual. */ + msg_dialog::displayChecks($message); + } + } + + + /******************** + Edit multiple entries + ********************/ + + /* User wants to edit data? */ + if ($s_action == "multiple_edit" && !isset($this->grouptab->config)){ + + $this->dn = array(); + foreach($this->list_get_selected_items() as $id){ + $this->dn[] = $this->list[$id]['dn'];; + } + $tmp = new multi_plug($this->config,"grouptabs",$this->config->data['TABS']['GROUPTABS'], + $this->dn,$this->DivListSudo->selectedBase,"groups"); + if ($tmp->entries_locked()){ + return($tmp->display_lock_message()); + } + $tmp->lock_entries($this->ui->dn); + if($tmp->multiple_available()){ + $this->grouptab = $tmp; + session::set('objectinfo',$this->grouptab->get_object_info()); + } + } + + + /******************** + Edit existing group + ********************/ + + /* User wants to edit data? */ + if (($s_action=="edit") && (!isset($this->grouptab-> config))){ + + /* Get 'dn' from posted 'uid', must be unique */ + $this->dn= $this->list[trim($s_entry)]['dn']; + + /* Check locking & lock entry if required */ + $user = get_lock($this->dn); + if ($user != ""){ + return(gen_locked_message ($user, $this->dn)); + } + add_lock ($this->dn, $this->ui->dn); + + /* Register grouptab to trigger edit dialog */ + $this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $this->dn); + $this->grouptab->set_acl_base($this->dn); + session::set('objectinfo',$this->dn); + } + + + /******************** + Delete MULTIPLE entries requested, display confirm dialog + ********************/ + + if ($s_action=="del_multiple"){ + $ids = $this->list_get_selected_items(); + + if(count($ids)){ + + foreach($ids as $id){ + $dn = $this->list[$id]['dn']; + if (($user= get_lock($dn)) != ""){ + return(gen_locked_message ($user, $dn)); + } + $this->dns[$id] = $dn; + } + + $dns_names = array(); + foreach($this->dns as $dn){ + add_lock ($dn, $this->ui->dn); + $dns_names[] =@LDAP::fix($dn); + } + + /* Lock the current entry, so nobody will edit it during deletion */ + $smarty->assign("info", msgPool::deleteInfo($dns_names,_("group"))); + $smarty->assign("multiple", true); + return($smarty->fetch(get_template_path('remove.tpl', TRUE))); + } + } + + + /******************** + Delete MULTIPLE entries confirmed + ********************/ + + /* Confirmation for deletion has been passed. Groups should be deleted. */ + if (isset($_POST['delete_multiple_groups_confirm'])){ + + /* Remove user by user and check acls before removeing them */ + foreach($this->dns as $key => $dn){ + + /* Load permissions for selected 'dn' and check if + we're allowed to remove this 'dn' */ + $acl = $this->ui->get_permissions($dn,"groups/group"); + if(preg_match("/d/",$acl)){ + + /* Delete request is permitted, perform LDAP action */ + $this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn); + $this->grouptab->set_acl_base($dn); + $this->grouptab->delete (); + unset ($this->grouptab); + $this->grouptab= NULL; + + } else { + + /* Normally this shouldn't be reached, send some extra + logs to notify the administrator */ + msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG); + new log("security","groups/".get_class($this),$dn,array(),"Tried to trick deletion."); + } + /* Remove lock file after successfull deletion */ + del_lock ($dn); + unset($this->dns[$key]); + } + } + + + /******************** + Delete MULTIPLE entries Canceled + ********************/ + + /* Remove lock */ + if(isset($_POST['delete_multiple_user_cancel'])){ + foreach($this->dns as $key => $dn){ + del_lock ($dn); + unset($this->dns[$key]); + } + } + + + /******************** + Delete group + ********************/ + + /* Remove group was requested */ + if ($s_action=="del"){ + + /* Get 'dn' from posted 'uid' */ + $this->dn= $this->list[trim($s_entry)]['dn']; + + /* Load permissions for selected 'dn' and check if + we're allowed to remove this 'dn' */ + $acl = $this->ui->get_permissions($this->dn,"groups/group"); + if(preg_match("/d/",$acl)){ + + /* Check locking, save current plugin in 'back_plugin', so + the dialog knows where to return. */ + if (($user= get_lock($this->dn)) != ""){ + return(gen_locked_message ($user, $this->dn)); + } + + /* Lock the current entry, so nobody will edit it during deletion */ + add_lock ($this->dn, $this->ui->dn); + $smarty->assign("info", msgPool::deleteInfo(@LDAP::fix($this->dn),_("group"))); + $smarty->assign("multiple", false); + return($smarty->fetch(get_template_path('remove.tpl', TRUE))); + + } else { + + /* Obviously the user isn't allowed to delete. Show message and clean session. */ + msg_dialog::display(_("Permission error"), msgPool::permDelete()); + } + } + + + /******************** + Delete group confirmed + ********************/ + + /* Confirmation for deletion has been passed. Group should be deleted. */ + if (isset($_POST['delete_group_confirm'])){ + + /* Some nice guy may send this as POST, so we've to check + for the permissions again. */ + $acl = $this->ui->get_permissions($this->dn,"groups/group"); + if(preg_match("/d/",$acl)){ + + /* Delete request is permitted, perform LDAP action */ + $this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $this->dn); + $this->grouptab->set_acl_base($this->dn); + $this->grouptab->delete (); + unset ($this->grouptab); + $this->grouptab= NULL; + + /* Group list has changed, reload it. */ + //$this->reload (); + + } else { + + /* Normally this shouldn't be reached, send some extra + logs to notify the administrator */ + msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG); + new log("security","groups/".get_class($this),$dn,array(),"Tried to trick deletion."); + } + + /* Remove lock file after successfull deletion */ + del_lock ($this->dn); + session::un_set('objectinfo'); + } + + + /******************** + Delete group canceled + ********************/ + + /* Delete group canceled? */ + if (isset($_POST['delete_cancel'])){ + del_lock ($this->dn); + session::un_set('objectinfo'); + } + + + /******************** + A dialog was canceled + ********************/ + + /* Cancel dialogs */ + if (isset($_POST['edit_cancel']) || isset($_POST['password_cancel'])){ + if(isset($this->grouptab->dn)){ + del_lock ($this->grouptab->dn); + } + unset ($this->grouptab); + $this->grouptab= NULL; + session::un_set('objectinfo'); + } + + + /******************** + If there is currently a dialog open, display it + ********************/ + + /* Show tab dialog if object is present */ + if (isset($this->grouptab->config)){ + $display= $this->grouptab->execute(); + + /* Don't show buttons if tab dialog requests this */ + if(isset($this->grouptab->by_object)){ + if (!$this->grouptab->by_object[$this->grouptab->current]->dialog){ + $display.= "

\n"; + $display.= "\n"; + $display.= " \n"; + if ($this->dn != "new"){ + $display.= "\n"; + $display.= " \n"; + } + $display.= "\n"; + $display.= "

"; + } + } + return ($display); + } + + /* Display dialog with group list */ + $this->DivListSudo->parent = &$this; + $this->DivListSudo->execute(); + $this->reload (); + $this->DivListSudo->setEntries($this->list); + return($this->DivListSudo->Draw()); + } + + + function list_get_selected_items() + { + $ids = array(); + foreach($_POST as $name => $value){ + if(preg_match("/^item_selected_[0-9]*$/",$name)){ + $id = preg_replace("/^item_selected_/","",$name); + $ids[$id] = $id; + } + } + return($ids); + } + + + function reload($CreatePosixsList=false) + { + $this->list = array(); + $base = $this->base; + + $Regex = $this->DivListSudo->Regex; + $UserRegex = $this->DivListSudo->UserRegex; + $SubSearch = $this->DivListSudo->SubSearch; + + /******************** + Create filter depending on selected checkboxes + ********************/ + $values = array("cn","description","sudoUser","sudoCommand","sudoOption"); + $ff = "(&(|(cn=".$Regex.")(description=".$Regex.")(sudoUser=".$UserRegex.")(objectClass=sudoRole)))"; + $res = get_list($ff, "sudo",$base,$values, GL_SUBSEARCH); + $tmp = array(); + foreach($res as $attrs){ + $tmp[$attrs['cn'][0]] = $attrs; + } + uksort($tmp, 'strnatcasecmp'); + $this->list = $tmp; + } + + + /* Save data to object */ + function save_object() + { + $this->DivListSudo->save_object(); + } + + + function remove_lock() + { + if (isset($this->grouptab->dn)){ + del_lock ($this->grouptab->dn); + } + } + + + function remove_from_parent() + { + /* Optionally execute a command after we're done */ + $this->postremove(); + } + + + /* Save to LDAP */ + function save() + { + /* Optionally execute a command after we're done */ + $this->postcreate(); + } + + /* Unused functions */ + function check() { } + function adapt_from_template($dn, $skip= array()) { } + function password_change_needed() { } +} +// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: +?> diff --git a/gosa-core/plugins/admin/sudo/generic.tpl b/gosa-core/plugins/admin/sudo/generic.tpl new file mode 100644 index 000000000..2c965ef0f --- /dev/null +++ b/gosa-core/plugins/admin/sudo/generic.tpl @@ -0,0 +1,246 @@ +{if $multiple_support} + +{/if } + + + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + + + + +{if $multiple_support} + +{else} + + + +{/if} + +{if $samba3 ne ""} + +{if $multiple_support} + + + + + + + +{else} + + + + {/if} +{/if} + + {if $pickupGroup == "true"} + + + + + + + + + + {/if} + {if $nagios == "true"} + + + + + + + + + + {/if} + + + + + + + + + +
{$must} +{if $multiple_support} + +{else} +{render acl=$cnACL} + +{/render} +{/if} +
+ + +{render acl=$descriptionACL checkbox=$multiple_support checked=$use_description} + +{/render} +
+
+
+ {$must} + +{render acl=$baseACL checkbox=$multiple_support checked=$use_base} + +{/render} + +{render acl=$baseACL disable_picture='images/folder_gray.png'} + +{/render} +
+{render acl=$gidNumberACL} + +{/render} + +   +{render acl=$gidNumberACL} + +{/render} +
+ {render acl=$sambaGroupTypeACL checkbox=$multiple_support checked=$use_smbgroup} + {t}Select to create a samba conform group{/t} + {/render} +
+ {render acl=$sambaGroupTypeACL checkbox=$multiple_support checked=$use_groupType} + + {/render} +   + +   + + {render acl=$sambaDomainNameACL checkbox=$multiple_support checked=$use_sambaDomainName} + + {/render} +
+{render acl=$sambaGroupTypeACL} + +{/render} +{render acl=$sambaGroupTypeACL} + +{/render} +   + +   +{render acl=$sambaDomainNameACL} + +{/render} +
+{render acl=$fonGroupACL checkbox=$multiple_support checked=$use_fon_group} + {t}Members are in a phone pickup group{/t} +{/render} +
+{render acl=$nagiosGroupACL} + {t}Members are in a nagios group{/t} +{/render} +
+ {t}Trust mode{/t}  + {render acl=$trustmodeACL} + + {/render} + {render acl=$trustmodeACL} + + {/render} +
+ {render acl=$trustmodeACL} +   + {/render} + {render acl=$trustmodeACL} + + {/render} + +
+ +
+   + + + + + + +
+ +
+{render acl=$memberUidACL} + + {if $multiple_support} + + {else} + + {/if} +{/render} +
+ +   + +
+
+ + + + + diff --git a/gosa-core/plugins/admin/sudo/main.inc b/gosa-core/plugins/admin/sudo/main.inc new file mode 100644 index 000000000..baf378560 --- /dev/null +++ b/gosa-core/plugins/admin/sudo/main.inc @@ -0,0 +1,62 @@ +remove_lock(); + del_lock ($ui->dn); + session::un_set ('sudoManagement'); + } +} else { + /* Create sudoManagement object on demand */ + if (!session::is_set('sudoManagement') || (isset($_GET['reset']) && $_GET['reset'] == 1)){ + session::set('sudoManagement',new sudoManagement ($config, $ui)); + } + $sudoManagement = session::get('sudoManagement'); + $sudoManagement->save_object(); + $output= $sudoManagement->execute(); + + /* Page header*/ + if (session::is_set('objectinfo')){ + $display= print_header(get_template_path('images/group.png'), + _("Group administration"), "\"\" ". + @LDAP::fix(session::get('objectinfo'))); + } else { + $display= print_header(get_template_path('images/group.png'), _("Group administration")); + } + + $display.= $output; + + /* Reset requested? */ + if (isset($_GET['reset']) && $_GET['reset'] == 1){ + del_lock ($ui->dn); + session::un_set ('sudoManagement'); + } + + /* Show and save dialog */ + session::set('sudoManagement',$sudoManagement); +} + +// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: +?> diff --git a/gosa-core/plugins/admin/sudo/remove.tpl b/gosa-core/plugins/admin/sudo/remove.tpl new file mode 100644 index 000000000..c4405a19e --- /dev/null +++ b/gosa-core/plugins/admin/sudo/remove.tpl @@ -0,0 +1,27 @@ +
+  {t}Warning{/t} +
+

+ {$info} + {t}This may be a primary user group. Please double check if you really want to do this since there is no way for GOsa to get your data back.{/t} +

+ +

+ {t}So - if you're sure - press 'Delete' to continue or 'Cancel' to abort.{/t} +

+ +

+ + {if $multiple} + +   + + {else} + +   + + {/if} + + +

+ diff --git a/gosa-core/plugins/admin/sudo/tabs_sudo.inc b/gosa-core/plugins/admin/sudo/tabs_sudo.inc new file mode 100644 index 000000000..f4f51ed9c --- /dev/null +++ b/gosa-core/plugins/admin/sudo/tabs_sudo.inc @@ -0,0 +1,66 @@ +addSpecialTabs(); + } + + function save_object($save_current= FALSE) + { + tabs::save_object($save_current); + } + + function save($ignore_account= FALSE) + { + echo "nope"; + $baseobject= $this->by_object['group']; + + /* Check for new 'dn', in order to propagate the + 'dn' to all plugins */ + $new_dn= 'cn='.$baseobject->cn.','.get_groups_ou().$baseobject->base; + + + /* Move group? */ + if ($this->dn != $new_dn){ + + /* Write entry on new 'dn' */ + if ($this->dn != "new"){ + $baseobject->update_acls($this->dn,$new_dn); + $baseobject->move($this->dn, $new_dn); + $this->by_object['group']= $baseobject; + } + + /* Happen to use the new one */ + $this->dn= $new_dn; + } + + $ret= tabs::save(); + + return $ret; + } +} +// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: +?> -- 2.30.2