From c317fdbcb9079a644fdd1461d8272fff90d18473 Mon Sep 17 00:00:00 2001
From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Wed, 15 Oct 2008 07:12:58 +0000
Subject: [PATCH] Updated opsi -Added ACLs to opsiGeneric, opsiProperties

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@12697 594d385d-05f5-0310-b6e9-bd551577e9d8
---
 gosa-plugins/opsi/admin/opsi/class_opsi.inc   | 11 +++-
 .../opsi/admin/opsi/class_opsiProperties.inc  |  2 +-
 .../opsi/admin/opsi/class_opsigeneric.inc     | 65 ++++++++++++++-----
 gosa-plugins/opsi/admin/opsi/generic.tpl      | 44 +++++++++++--
 4 files changed, 95 insertions(+), 27 deletions(-)

diff --git a/gosa-plugins/opsi/admin/opsi/class_opsi.inc b/gosa-plugins/opsi/admin/opsi/class_opsi.inc
index 73154219d..194297a80 100644
--- a/gosa-plugins/opsi/admin/opsi/class_opsi.inc
+++ b/gosa-plugins/opsi/admin/opsi/class_opsi.inc
@@ -89,6 +89,7 @@ class opsi extends gosaSupportDaemon
   {
     $res = $this->list_clients();
     $data = array();
+    $ui = get_userinfo();
     foreach($res as $entry){
       if(!isset($entry['MAC'][0]['VALUE'])) $entry['MAC'][0]['VALUE'] = "";
       $obj = array(
@@ -98,10 +99,14 @@ class opsi extends gosaSupportDaemon
         "macAddress"  => array(0 => $entry['MAC'][0]['VALUE']),
         "opsi_notes"  => array(0 => $entry['NOTES'][0]['VALUE']));
 
-      if(!empty($entry['DESCRIPTION'][0]['VALUE'])){ 
-        $obj["description"] =$entry['DESCRIPTION'][0]['VALUE'];
+      /* Check permissions */
+      $opsi_acl = $ui->get_permissions($obj['dn'],"opsi/opsiGeneric");
+      if(preg_match("/r/",$opsi_acl)){
+        if(!empty($entry['DESCRIPTION'][0]['VALUE'])){ 
+          $obj["description"] =$entry['DESCRIPTION'][0]['VALUE'];
+        }
+        $data[] = $obj;
       }
-      $data[] = $obj;
     }
     return($data);
   }
diff --git a/gosa-plugins/opsi/admin/opsi/class_opsiProperties.inc b/gosa-plugins/opsi/admin/opsi/class_opsiProperties.inc
index fee1b8746..f44cce8bf 100644
--- a/gosa-plugins/opsi/admin/opsi/class_opsiProperties.inc
+++ b/gosa-plugins/opsi/admin/opsi/class_opsiProperties.inc
@@ -8,7 +8,7 @@ class opsiProperties extends plugin
   private $product;
   private $cfg;
   private $hostId;
-
+  public $config;
 
   /*! \brief  Initializes the class.
       @param  Object  The gosa configuration object
diff --git a/gosa-plugins/opsi/admin/opsi/class_opsigeneric.inc b/gosa-plugins/opsi/admin/opsi/class_opsigeneric.inc
index dc2195a77..fc66b2997 100644
--- a/gosa-plugins/opsi/admin/opsi/class_opsigeneric.inc
+++ b/gosa-plugins/opsi/admin/opsi/class_opsigeneric.inc
@@ -51,11 +51,12 @@ class opsiGeneric extends plugin
       @param  String    The Id of the host that we want to edit.
       @param  Object    The parent object. (in case of samba)
    */
-  public function __construct($config,$hostId,&$parent = NULL)
+  public function __construct(&$config,$hostId,&$parent = NULL)
   {
     /* Create opsi handle
      */
     $this->opsi = new opsi($config); 
+    $this->config = $config;
     
     /* Check if we are are part of a windows workstation 
      */
@@ -245,15 +246,18 @@ class opsiGeneric extends plugin
       return($smarty->fetch(get_template_path("generic.tpl",TRUE,dirname(__FILE__))));
     }  
 
+
     /* If we are not a stand alone opsi client, we must be a samba client 
        which has the opsi tab enabled.
        Check if the opsi is added or removed and display state buttons.
      */
     if(!$this->standalone ){
+
+      /* Do we need to flip is_account state? */
       if(isset($_POST['modify_state'])){
-        if($this->is_account){
+        if($this->is_account && $this->acl_is_removeable()){
           $this->is_account= FALSE;
-        }elseif(!$this->is_account){
+        }elseif(!$this->is_account && $this->acl_is_createable()){
           $this->is_account= TRUE;
         }
       }
@@ -281,6 +285,13 @@ class opsiGeneric extends plugin
     foreach($this->attributes as $attr){
       $smarty->assign($attr,$this->$attr);
     }
+
+    /* Assign ACLs */    
+    $tmp = $this->plInfo();
+    foreach($tmp['plProvidedAcls'] as $name => $translated){
+      $smarty->assign($name."ACL",$this->getacl($name));
+    }
+
     $smarty->assign("is_installed", $this->is_installed);
     $smarty->assign("init_failed",FALSE);
     $divSLP = new divSelectBox();
@@ -295,7 +306,12 @@ class opsiGeneric extends plugin
       $name_tab = array("string"   => $name);
       $desc_tab = array("string"   => "<div style='height: 14px;overflow:hidden;'>".$data['DESC']."</div>",
           "attach"   => "title='".$data['DESC']."' style='border-right:0px;'");
-      $divALP->AddEntry(array($add_tab,$name_tab,$desc_tab));
+
+      if($this->acl_is_writeable("localProduct")){
+        $divALP->AddEntry(array($add_tab,$name_tab,$desc_tab));
+      }else{
+        $divALP->AddEntry(array($name_tab,$desc_tab));
+      }
     }
 
     /* Create list of selected local products 
@@ -318,7 +334,12 @@ class opsiGeneric extends plugin
 
       $opt_tab  = array("string" => $edit.$del,
           "attach" => "style='border-right:0px; width: 40px; text-align:right;'");
-      $divSLP->AddEntry(array($name_tab,$desc_tab,$opt_tab));
+
+      if($this->acl_is_writeable("localProduct")){
+        $divSLP->AddEntry(array($name_tab,$desc_tab,$opt_tab));
+      }else{
+        $divSLP->AddEntry(array($name_tab,$desc_tab));
+      }
     }
 
     /* Check if netboot product is configurable 
@@ -326,6 +347,7 @@ class opsiGeneric extends plugin
     $cfg_able =FALSE;
     if(isset($this->a_availableNetbootProducts[$this->s_selectedNetbootProduct]['CFG'])){
       $cfg_able = count($this->a_availableNetbootProducts[$this->s_selectedNetbootProduct]['CFG']);
+      $cfg_able &= $this->acl_is_readable("netbootProduct");
     }
 
     $smarty->assign("netboot_configurable",$cfg_able);
@@ -552,13 +574,16 @@ class opsiGeneric extends plugin
 
       /* Get hostId 
        */
-      if(isset($_POST['hostId']) && $this->standalone ){
+      if(isset($_POST['hostId']) && $this->standalone && $this->acl_is_writeable("hostId")){
         $this->hostId = get_post('hostId');
       }
 
       /* Send actions like 'install' or 'wake' to the si server 
        */
-      if(isset($_POST['opsi_action']) && isset($_POST['opsi_trigger_action']) && $this->standalone ){
+      if($this->acl_is_writeable("triggerAction") && 
+          isset($_POST['opsi_action']) && 
+          isset($_POST['opsi_trigger_action']) && 
+          $this->standalone ){
         $action = $_POST['opsi_action'];
         if($action == "install"){
           $this->install_client(); 
@@ -567,10 +592,9 @@ class opsiGeneric extends plugin
 
       /* Get selected netboot product.
        */
-      if(isset($_POST['opsi_netboot_product'])){
+      if(isset($_POST['opsi_netboot_product']) && $this->acl_is_writeable("netbootProduct")){
         $SNP = trim($_POST['opsi_netboot_product']);
         if(isset($this->a_availableNetbootProducts[$SNP])){
-
           if(!isset($this->a_availableNetbootProducts[$SNP]['CFG'])){
             $CFG = $this->opsi->get_product_properties($SNP);
             $this->a_availableNetbootProducts[$SNP]['CFG'] = $CFG;
@@ -589,7 +613,7 @@ class opsiGeneric extends plugin
 
         /* Check if netboot product configuration is requested 
          */
-        if(preg_match("/^configure_netboot/",$name)){
+        if(preg_match("/^configure_netboot/",$name) && $this->acl_is_readable("netbootProduct")){
           $pro = $this->s_selectedNetbootProduct;
           $cfg = $this->a_availableNetbootProducts[$pro]['CFG'];
           $this->dialog = new opsiProperties($this->config,$pro,$cfg,$this->hostId);
@@ -598,7 +622,7 @@ class opsiGeneric extends plugin
       
         /* Add product 
          */
-        if(preg_match("/^add_lp_/",$name)){
+        if(preg_match("/^add_lp_/",$name) && $this->acl_is_writeable("localProduct")){
           $product = preg_replace("/^add_lp_(.*)_.$/","\\1",$name);
           if(isset($this->a_availableLocalProducts[$product]) && !isset($this->a_selectedLocalProducts[$product])){
             $this->a_selectedLocalProducts[$product] = $this->a_availableLocalProducts[$product];
@@ -614,7 +638,7 @@ class opsiGeneric extends plugin
   
         /* Delete product 
          */
-        if(preg_match("/^del_lp_/",$name)){
+        if(preg_match("/^del_lp_/",$name) && $this->acl_is_writeable("localProduct")){
           $product = preg_replace("/^del_lp_(.*)_.$/","\\1",$name);
           if(isset($this->a_selectedLocalProducts[$product])){
             unset($this->a_selectedLocalProducts[$product]);
@@ -624,7 +648,7 @@ class opsiGeneric extends plugin
       
         /* Edit a product  
          */
-        if(preg_match("/^edit_lp_/",$name)){
+        if(preg_match("/^edit_lp_/",$name) && $this->acl_is_readable("localProduct")){
           $product = preg_replace("/^edit_lp_(.*)_.$/","\\1",$name);
           $this->dialog = new opsiProperties($this->config,
               $product,$this->a_selectedLocalProducts[$product]['CFG'],$this->hostId);
@@ -656,12 +680,19 @@ class opsiGeneric extends plugin
           "plDepends"     => array(),
           "plPriority"    => 1,
           "plSection"     => array("administration"),
-          "plCategory"    => array("opsi" => array("description"  => _("OPSI client"),
-                                                     "objectClass"  => "dummy_class_opsi")),
-          "plProvidedAcls"=> array()
+          "plCategory"    => array("opsi" => array("description"  => _("Opsi"),
+              "objectClass"  => "dummy_class_opsi")),
+
+          "plProvidedAcls"=> array(
+            "hostId"          => _("Name"),
+            "mac"             => _("MAC address"),
+            "description"     => _("Description"),
+            "note"            => _("Note"),
+            "netbootProduct"  => _("Netboot product"),
+            "localProduct"    => _("Local product"),
+            "triggerAction"   => _("Action"))
           ));
   }
-
 }
 
 
diff --git a/gosa-plugins/opsi/admin/opsi/generic.tpl b/gosa-plugins/opsi/admin/opsi/generic.tpl
index 9c6fb58cf..3e8780157 100644
--- a/gosa-plugins/opsi/admin/opsi/generic.tpl
+++ b/gosa-plugins/opsi/admin/opsi/generic.tpl
@@ -16,30 +16,48 @@
     {if $standalone}
     <tr>
      <td>{t}Name{/t}</td>
-     <td><input style='width:300px;' type='text' name='hostId' value='{$hostId}'></td>
+     <td>
+{render acl=$hostIdACL}
+		<input style='width:300px;' type='text' name='hostId' value='{$hostId}'>
+{/render}
+	 </td>
     </tr>
     <tr>
      <td>{t}MAC address{/t}{$must}</td>
-     <td><input type='text' name="mac" value="{$mac}"></td>
+     <td>
+{render acl=$macACL}
+		<input type='text' name="mac" value="{$mac}">
+{/render}
+	 </td>
 	</tr>
 	{else}
     <tr>
      <td>{t}Name{/t}</td>
-     <td><input style='width:300px;' type='text' disabled value="{$hostId}"></td>
+     <td>
+{render acl=$hostIdACL}
+		<input style='width:300px;' type='text' disabled value="{$hostId}">
+{/render}
+	 </td>
     </tr>
     <tr>
      <td>{t}MAC address{/t}{$must}</td>
-     <td><input type='text' name="mac" value="{$mac}"></td>
+     <td>
+{render acl=$macACL}
+		<input type='text' name="mac" value="{$mac}">
+{/render}
+	 </td>
     </tr>
     {/if}
     <tr>
      <td>{t}Netboot product{/t}</td>
      <td>
+{render acl=$netbootProductACL }
       <select name="opsi_netboot_product" onChange="document.mainform.submit();">
 		{foreach from=$ANP item=item key=key}
 			<option {if $key == $SNP} selected {/if} value="{$key}">{$key}</option>
 		{/foreach}
       </select>
+{/render}
       &nbsp;
       {if $netboot_configurable}
 		  <input type='image' name='configure_netboot' src='images/lists/edit.png'
@@ -56,11 +74,19 @@
    <table>
     <tr>
      <td>{t}Description{/t}</td>
-     <td><input type='text' name='description' value='{$description}'></td>
+     <td>
+{render acl=$descriptionACL}
+		<input type='text' name='description' value='{$description}'>
+{/render}
+	 </td>
     </tr>
     <tr>
      <td>{t}Notes{/t}</td>
-     <td><input type='text' name='note' value='{$note}'></td>
+     <td>
+{render acl=$descriptionACL}
+		<input type='text' name='note' value='{$note}'>
+{/render}
+	 </td>
     </tr>
    </table>
   </td>
@@ -73,10 +99,14 @@
  <tr>
   <td style="width:50%;"><h2><img class='center' src='plugins/opsi/images/product.png' 
 		alt=' '>&nbsp;{t}Installed products{/t}</h2>
+{render acl=$localProductACL}
 	{$divSLP}
+{/render}
   </td>
   <td style="width:50%;"><h2>{t}Available products{/t}</h2>
+{render acl=$localProductACL}
 	{$divALP}
+{/render}
   </td>
  </tr>
  <tr>
@@ -92,7 +122,9 @@
 		<option value="install">{t}Install{/t}</option>
 		{/if}
 	</select>
+{render acl=$triggerActionACL}
 	<input type='submit' name='opsi_trigger_action' value="{t}Execute{/t}">
+{/render}
    {/if}
   </td>
  </tr>
-- 
2.30.2