From 77fb20d7b32c812472ef161931de4b0c1ef3a2e2 Mon Sep 17 00:00:00 2001 From: zeph Date: Tue, 25 Mar 2008 16:02:48 +0000 Subject: [PATCH] sudo-ldap, now it saves, but with some tricks git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5-plugins@9977 594d385d-05f5-0310-b6e9-bd551577e9d8 --- sudo-ldap/schema/sudo.schema | 66 ++++++++++++------------ sudo-ldap/src/class_sudoldap.inc | 12 +++-- sudo-ldap/src/class_sudoldapEditRole.inc | 37 ++++++------- sudo-ldap/src/sudoldapeditrole.tpl | 8 ++- 4 files changed, 63 insertions(+), 60 deletions(-) diff --git a/sudo-ldap/schema/sudo.schema b/sudo-ldap/schema/sudo.schema index d82761b5f..03338a3ec 100644 --- a/sudo-ldap/schema/sudo.schema +++ b/sudo-ldap/schema/sudo.schema @@ -2,42 +2,42 @@ # schema file for sudo # - attributetype ( 1.3.6.1.4.1.15953.9.1.1 - NAME 'sudoUser' - DESC 'User(s) who may run sudo' - EQUALITY caseExactIA5Match - SUBSTR caseExactIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetype ( 1.3.6.1.4.1.15953.9.1.1 + NAME 'sudoUser' + DESC 'User(s) who may run sudo' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - attributetype ( 1.3.6.1.4.1.15953.9.1.2 - NAME 'sudoHost' - DESC 'Host(s) who may run sudo' - EQUALITY caseExactIA5Match - SUBSTR caseExactIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetype ( 1.3.6.1.4.1.15953.9.1.2 + NAME 'sudoHost' + DESC 'Host(s) who may run sudo' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - attributetype ( 1.3.6.1.4.1.15953.9.1.3 - NAME 'sudoCommand' - DESC 'Command(s) to be executed by sudo' - EQUALITY caseExactIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetype ( 1.3.6.1.4.1.15953.9.1.3 + NAME 'sudoCommand' + DESC 'Command(s) to be executed by sudo' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - attributetype ( 1.3.6.1.4.1.15953.9.1.4 - NAME 'sudoRunAs' - DESC 'User(s) impersonated by sudo' - EQUALITY caseExactIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetype ( 1.3.6.1.4.1.15953.9.1.4 + NAME 'sudoRunAs' + DESC 'User(s) impersonated by sudo' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - attributetype ( 1.3.6.1.4.1.15953.9.1.5 - NAME 'sudoOption' - DESC 'Options(s) followed by sudo' - EQUALITY caseExactIA5Match - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetype ( 1.3.6.1.4.1.15953.9.1.5 + NAME 'sudoOption' + DESC 'Options(s) followed by sudo' + EQUALITY caseExactIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL - DESC 'Sudoer Entries' - MUST ( cn ) - MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoOption $ - description ) - ) +objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL + DESC 'Sudoer Entries' + MUST ( cn ) + MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoOption $ + description ) + ) diff --git a/sudo-ldap/src/class_sudoldap.inc b/sudo-ldap/src/class_sudoldap.inc index 4db97485f..8629e73f3 100644 --- a/sudo-ldap/src/class_sudoldap.inc +++ b/sudo-ldap/src/class_sudoldap.inc @@ -19,7 +19,9 @@ class sudoldap extends plugin var $dialog = NULL; - var $attributes = array("sudoUser", + var $attributes = array("cn", + "description", + "sudoUser", "sudoHost", "sudoCommand", "sudoRunAs", @@ -66,9 +68,9 @@ class sudoldap extends plugin /* add new/edited zone */ $ret = $this->dialog->save(); - if(!$this->dialog->isNew){ - unset($this->Roles[$this->dialog->OldRoleName]); - } + //if(!$this->dialog->isNew){ + // unset($this->Roles[$this->dialog->OldRoleName]); + //} $this->Roles[$ret['roleName']] = $ret; $this->dialog = NULL; } @@ -84,7 +86,7 @@ class sudoldap extends plugin */ //if(isset($_POST['AddRole']) && chkacl($this->acl,"sudoldap") == ""){ if(isset($_POST['AddRole'])){ - $this->dialog = new sudoldapEditRole($this->config,$this->dn); + $this->dialog = new sudoldapEditRole($this->config); } /* Show dialog diff --git a/sudo-ldap/src/class_sudoldapEditRole.inc b/sudo-ldap/src/class_sudoldapEditRole.inc index c048c17bf..acbfeefd7 100644 --- a/sudo-ldap/src/class_sudoldapEditRole.inc +++ b/sudo-ldap/src/class_sudoldapEditRole.inc @@ -3,7 +3,9 @@ class sudoldapEditRole extends plugin { /* Plugin specific values */ - var $attributes = array("sudoUser", + var $attributes = array("cn", + "description", + "sudoUser", "sudoHost", "sudoCommand", "sudoRunAs", @@ -11,18 +13,19 @@ class sudoldapEditRole extends plugin var $objectclasses = array("sudoRole"); - var $roleName = ""; // cn - + var $cn = ""; + var $description = ""; var $sudoUser = ""; var $sudoHost = ""; var $sudoCommand = ""; var $sudoRunAs = ""; var $sudoOption = ""; - function sudoldapEditRole ($config, $dn= NULL,$attrs = array()) + var $isNew = true; + + function sudoldapEditRole ($config, $dn= NULL) { plugin::plugin ($config, $dn); - } function execute() @@ -35,7 +38,8 @@ class sudoldapEditRole extends plugin $smarty= get_smarty(); $display= ""; - $smarty->assign("roleName", $this->roleName); + $smarty->assign("cn", $this->cn); + $smarty->assign("description", $this->description); $smarty->assign("sudoUser", $this->sudoUser); $smarty->assign("sudoHost", $this->sudoHost); $smarty->assign("sudoCommand", $this->sudoCommand); @@ -69,19 +73,18 @@ class sudoldapEditRole extends plugin /* Save to LDAP */ function save() { + plugin::save(); $ldap= $this->config->get_ldap_link(); - /* $dn was posted as parameter */ - //$this->dn = $dn; + $this->dn = "cn=".$this->cn.",ou=SUDOers,".$this->config->current['BASE']; + $this->attrs['objectClass'] = array("sudoRole"); - /* Save */ - plugin::save(); - - echo $this->dn; + echo '
';
+    print_r($this->attrs);
+    echo '
'; - /* Write back to ldap */ + $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn)); $ldap->cd($this->dn); - //$this->cleanup(); $ldap->add($this->attrs); /* Display errors @@ -90,12 +93,6 @@ class sudoldapEditRole extends plugin show_ldap_error("Record:".$ldap->get_error(), _("Saving failed!")); } - //$ret =array(); - //foreach($this->attributes as $name){ - //$ret[$name] = $this->$name; - //} - - //return($ret); } diff --git a/sudo-ldap/src/sudoldapeditrole.tpl b/sudo-ldap/src/sudoldapeditrole.tpl index 8eea267eb..d4f42c61a 100644 --- a/sudo-ldap/src/sudoldapeditrole.tpl +++ b/sudo-ldap/src/sudoldapeditrole.tpl @@ -1,8 +1,12 @@

{t}sudo-ldap role{/t}

- - + + + + + + -- 2.30.2
{t}Role name (cn){/t}{$must} {t}cn{/t}{$must}
{t}description{/t}{$must}
{t}sudoUser{/t}{$must}