From c317fdbcb9079a644fdd1461d8272fff90d18473 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 15 Oct 2008 07:12:58 +0000 Subject: [PATCH] Updated opsi -Added ACLs to opsiGeneric, opsiProperties git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@12697 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-plugins/opsi/admin/opsi/class_opsi.inc | 11 +++- .../opsi/admin/opsi/class_opsiProperties.inc | 2 +- .../opsi/admin/opsi/class_opsigeneric.inc | 65 ++++++++++++++----- gosa-plugins/opsi/admin/opsi/generic.tpl | 44 +++++++++++-- 4 files changed, 95 insertions(+), 27 deletions(-) diff --git a/gosa-plugins/opsi/admin/opsi/class_opsi.inc b/gosa-plugins/opsi/admin/opsi/class_opsi.inc index 73154219d..194297a80 100644 --- a/gosa-plugins/opsi/admin/opsi/class_opsi.inc +++ b/gosa-plugins/opsi/admin/opsi/class_opsi.inc @@ -89,6 +89,7 @@ class opsi extends gosaSupportDaemon { $res = $this->list_clients(); $data = array(); + $ui = get_userinfo(); foreach($res as $entry){ if(!isset($entry['MAC'][0]['VALUE'])) $entry['MAC'][0]['VALUE'] = ""; $obj = array( @@ -98,10 +99,14 @@ class opsi extends gosaSupportDaemon "macAddress" => array(0 => $entry['MAC'][0]['VALUE']), "opsi_notes" => array(0 => $entry['NOTES'][0]['VALUE'])); - if(!empty($entry['DESCRIPTION'][0]['VALUE'])){ - $obj["description"] =$entry['DESCRIPTION'][0]['VALUE']; + /* Check permissions */ + $opsi_acl = $ui->get_permissions($obj['dn'],"opsi/opsiGeneric"); + if(preg_match("/r/",$opsi_acl)){ + if(!empty($entry['DESCRIPTION'][0]['VALUE'])){ + $obj["description"] =$entry['DESCRIPTION'][0]['VALUE']; + } + $data[] = $obj; } - $data[] = $obj; } return($data); } diff --git a/gosa-plugins/opsi/admin/opsi/class_opsiProperties.inc b/gosa-plugins/opsi/admin/opsi/class_opsiProperties.inc index fee1b8746..f44cce8bf 100644 --- a/gosa-plugins/opsi/admin/opsi/class_opsiProperties.inc +++ b/gosa-plugins/opsi/admin/opsi/class_opsiProperties.inc @@ -8,7 +8,7 @@ class opsiProperties extends plugin private $product; private $cfg; private $hostId; - + public $config; /*! \brief Initializes the class. @param Object The gosa configuration object diff --git a/gosa-plugins/opsi/admin/opsi/class_opsigeneric.inc b/gosa-plugins/opsi/admin/opsi/class_opsigeneric.inc index dc2195a77..fc66b2997 100644 --- a/gosa-plugins/opsi/admin/opsi/class_opsigeneric.inc +++ b/gosa-plugins/opsi/admin/opsi/class_opsigeneric.inc @@ -51,11 +51,12 @@ class opsiGeneric extends plugin @param String The Id of the host that we want to edit. @param Object The parent object. (in case of samba) */ - public function __construct($config,$hostId,&$parent = NULL) + public function __construct(&$config,$hostId,&$parent = NULL) { /* Create opsi handle */ $this->opsi = new opsi($config); + $this->config = $config; /* Check if we are are part of a windows workstation */ @@ -245,15 +246,18 @@ class opsiGeneric extends plugin return($smarty->fetch(get_template_path("generic.tpl",TRUE,dirname(__FILE__)))); } + /* If we are not a stand alone opsi client, we must be a samba client which has the opsi tab enabled. Check if the opsi is added or removed and display state buttons. */ if(!$this->standalone ){ + + /* Do we need to flip is_account state? */ if(isset($_POST['modify_state'])){ - if($this->is_account){ + if($this->is_account && $this->acl_is_removeable()){ $this->is_account= FALSE; - }elseif(!$this->is_account){ + }elseif(!$this->is_account && $this->acl_is_createable()){ $this->is_account= TRUE; } } @@ -281,6 +285,13 @@ class opsiGeneric extends plugin foreach($this->attributes as $attr){ $smarty->assign($attr,$this->$attr); } + + /* Assign ACLs */ + $tmp = $this->plInfo(); + foreach($tmp['plProvidedAcls'] as $name => $translated){ + $smarty->assign($name."ACL",$this->getacl($name)); + } + $smarty->assign("is_installed", $this->is_installed); $smarty->assign("init_failed",FALSE); $divSLP = new divSelectBox(); @@ -295,7 +306,12 @@ class opsiGeneric extends plugin $name_tab = array("string" => $name); $desc_tab = array("string" => "
".$data['DESC']."
", "attach" => "title='".$data['DESC']."' style='border-right:0px;'"); - $divALP->AddEntry(array($add_tab,$name_tab,$desc_tab)); + + if($this->acl_is_writeable("localProduct")){ + $divALP->AddEntry(array($add_tab,$name_tab,$desc_tab)); + }else{ + $divALP->AddEntry(array($name_tab,$desc_tab)); + } } /* Create list of selected local products @@ -318,7 +334,12 @@ class opsiGeneric extends plugin $opt_tab = array("string" => $edit.$del, "attach" => "style='border-right:0px; width: 40px; text-align:right;'"); - $divSLP->AddEntry(array($name_tab,$desc_tab,$opt_tab)); + + if($this->acl_is_writeable("localProduct")){ + $divSLP->AddEntry(array($name_tab,$desc_tab,$opt_tab)); + }else{ + $divSLP->AddEntry(array($name_tab,$desc_tab)); + } } /* Check if netboot product is configurable @@ -326,6 +347,7 @@ class opsiGeneric extends plugin $cfg_able =FALSE; if(isset($this->a_availableNetbootProducts[$this->s_selectedNetbootProduct]['CFG'])){ $cfg_able = count($this->a_availableNetbootProducts[$this->s_selectedNetbootProduct]['CFG']); + $cfg_able &= $this->acl_is_readable("netbootProduct"); } $smarty->assign("netboot_configurable",$cfg_able); @@ -552,13 +574,16 @@ class opsiGeneric extends plugin /* Get hostId */ - if(isset($_POST['hostId']) && $this->standalone ){ + if(isset($_POST['hostId']) && $this->standalone && $this->acl_is_writeable("hostId")){ $this->hostId = get_post('hostId'); } /* Send actions like 'install' or 'wake' to the si server */ - if(isset($_POST['opsi_action']) && isset($_POST['opsi_trigger_action']) && $this->standalone ){ + if($this->acl_is_writeable("triggerAction") && + isset($_POST['opsi_action']) && + isset($_POST['opsi_trigger_action']) && + $this->standalone ){ $action = $_POST['opsi_action']; if($action == "install"){ $this->install_client(); @@ -567,10 +592,9 @@ class opsiGeneric extends plugin /* Get selected netboot product. */ - if(isset($_POST['opsi_netboot_product'])){ + if(isset($_POST['opsi_netboot_product']) && $this->acl_is_writeable("netbootProduct")){ $SNP = trim($_POST['opsi_netboot_product']); if(isset($this->a_availableNetbootProducts[$SNP])){ - if(!isset($this->a_availableNetbootProducts[$SNP]['CFG'])){ $CFG = $this->opsi->get_product_properties($SNP); $this->a_availableNetbootProducts[$SNP]['CFG'] = $CFG; @@ -589,7 +613,7 @@ class opsiGeneric extends plugin /* Check if netboot product configuration is requested */ - if(preg_match("/^configure_netboot/",$name)){ + if(preg_match("/^configure_netboot/",$name) && $this->acl_is_readable("netbootProduct")){ $pro = $this->s_selectedNetbootProduct; $cfg = $this->a_availableNetbootProducts[$pro]['CFG']; $this->dialog = new opsiProperties($this->config,$pro,$cfg,$this->hostId); @@ -598,7 +622,7 @@ class opsiGeneric extends plugin /* Add product */ - if(preg_match("/^add_lp_/",$name)){ + if(preg_match("/^add_lp_/",$name) && $this->acl_is_writeable("localProduct")){ $product = preg_replace("/^add_lp_(.*)_.$/","\\1",$name); if(isset($this->a_availableLocalProducts[$product]) && !isset($this->a_selectedLocalProducts[$product])){ $this->a_selectedLocalProducts[$product] = $this->a_availableLocalProducts[$product]; @@ -614,7 +638,7 @@ class opsiGeneric extends plugin /* Delete product */ - if(preg_match("/^del_lp_/",$name)){ + if(preg_match("/^del_lp_/",$name) && $this->acl_is_writeable("localProduct")){ $product = preg_replace("/^del_lp_(.*)_.$/","\\1",$name); if(isset($this->a_selectedLocalProducts[$product])){ unset($this->a_selectedLocalProducts[$product]); @@ -624,7 +648,7 @@ class opsiGeneric extends plugin /* Edit a product */ - if(preg_match("/^edit_lp_/",$name)){ + if(preg_match("/^edit_lp_/",$name) && $this->acl_is_readable("localProduct")){ $product = preg_replace("/^edit_lp_(.*)_.$/","\\1",$name); $this->dialog = new opsiProperties($this->config, $product,$this->a_selectedLocalProducts[$product]['CFG'],$this->hostId); @@ -656,12 +680,19 @@ class opsiGeneric extends plugin "plDepends" => array(), "plPriority" => 1, "plSection" => array("administration"), - "plCategory" => array("opsi" => array("description" => _("OPSI client"), - "objectClass" => "dummy_class_opsi")), - "plProvidedAcls"=> array() + "plCategory" => array("opsi" => array("description" => _("Opsi"), + "objectClass" => "dummy_class_opsi")), + + "plProvidedAcls"=> array( + "hostId" => _("Name"), + "mac" => _("MAC address"), + "description" => _("Description"), + "note" => _("Note"), + "netbootProduct" => _("Netboot product"), + "localProduct" => _("Local product"), + "triggerAction" => _("Action")) )); } - } diff --git a/gosa-plugins/opsi/admin/opsi/generic.tpl b/gosa-plugins/opsi/admin/opsi/generic.tpl index 9c6fb58cf..3e8780157 100644 --- a/gosa-plugins/opsi/admin/opsi/generic.tpl +++ b/gosa-plugins/opsi/admin/opsi/generic.tpl @@ -16,30 +16,48 @@ {if $standalone} {t}Name{/t} - + +{render acl=$hostIdACL} + +{/render} + {t}MAC address{/t}{$must} - + +{render acl=$macACL} + +{/render} + {else} {t}Name{/t} - + +{render acl=$hostIdACL} + +{/render} + {t}MAC address{/t}{$must} - + +{render acl=$macACL} + +{/render} + {/if} {t}Netboot product{/t} +{render acl=$netbootProductACL } +{/render}   {if $netboot_configurable} {t}Description{/t} - + +{render acl=$descriptionACL} + +{/render} + {t}Notes{/t} - + +{render acl=$descriptionACL} + +{/render} + @@ -73,10 +99,14 @@

  {t}Installed products{/t}

+{render acl=$localProductACL} {$divSLP} +{/render}

{t}Available products{/t}

+{render acl=$localProductACL} {$divALP} +{/render} @@ -92,7 +122,9 @@ {/if} +{render acl=$triggerActionACL} +{/render} {/if} -- 2.30.2