![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 class aclManagement extends management
24 {
25 var $plHeadline = "Acl";
26 var $plDescription = "Manage access control lists";
27 var $plIcon = "plugins/acl/images/plugin.png";
29 // Tab definition
30 protected $tabClass = "aclroletab";
31 protected $tabType = "ACLROLETAB";
32 protected $aclCategory = "acl";
33 protected $aclPlugin = "acl";
34 protected $objectName = "acl";
36 function __construct(&$config,$ui)
37 {
38 $this->config = $config;
39 $this->ui = $ui;
41 $this->storagePoints = array(get_ou("aclRoleRDN")); // ACLs are attached to department containers
43 // Build filter
44 if (session::global_is_set(get_class($this)."_filter")){
45 $filter= session::global_get(get_class($this)."_filter");
46 } else {
47 $filter = new filter(get_template_path("acl-filter.xml", true));
48 $filter->setObjectStorage($this->storagePoints);
49 }
50 $this->setFilter($filter);
52 // Build headpage
53 $headpage = new listing(get_template_path("acl-list.xml", true));
54 $headpage->registerElementFilter("filterLabel", "aclManagement::filterLabel");
55 $headpage->setFilter($filter);
57 // Add copy&paste and snapshot handler.
58 if ($this->config->boolValueIsTrue("main", "copyPaste")){
59 $this->cpHandler = new CopyPasteHandler($this->config);
60 }
61 if($this->config->get_cfg_value("enableSnapshots") == "true"){
62 $this->snapHandler = new SnapshotHandler($this->config);
63 }
65 parent::__construct($this->config, $ui, "acl", $headpage);
66 }
68 function removeEntryConfirmed($action="",$target=array(),$all=array(),
69 $altTabClass="",$altTabType="",$altAclCategory="")
70 {
71 @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__,$target,"Entry removel confirmed!");
73 $headpage = $this->getHeadpage();
74 foreach($this->dns as $key => $dn){
76 // Check permissions, are we allowed to remove this object?
77 $acl = $this->ui->get_permissions($dn, $this->aclCategory."/".$this->aclPlugin);
78 if(preg_match("/d/",$acl)){
80 if($headpage->getType($dn) == "gosaRole"){
81 $tabClass = "aclroletab";
82 $tabType = "ACLROLETAB";
83 }else{
84 $tabClass = "acltab";
85 $tabType = "ACLTAB";
86 }
88 // Delete the object
89 $this->dn = $dn;
90 $this->tabObject= new $tabClass($this->config,$this->config->data['TABS'][$tabType], $this->dn, $aclCategory, true, true);
91 $this->tabObject->set_acl_base($this->dn);
92 $this->tabObject->delete ();
93 $this->tabObject->parent = &$this;
95 // Remove the lock for the current object.
96 del_lock($this->dn);
97 } else {
98 msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
99 new log("security","groups/".get_class($this),$dn,array(),"Tried to trick deletion.");
100 }
101 }
103 // Cleanup
104 $this->remove_lock();
105 $this->closeDialogs();
106 }
109 function newEntry($action="",$target=array(),$all=array(), $altTabClass ="", $altTabType = "", $altAclCategory="")
110 {
111 $this->skipFooter = TRUE;
112 $altTabClass = "aclroletab";
113 $altTabType = "ACLROLETAB";
114 return(management::newEntry($action,$target,$all,$altTabClass,$altTabType,$altAclCategory));
115 }
117 function editEntry($action="",$target=array(),$all=array(), $altTabClass ="", $altTabType = "", $altAclCategory="")
118 {
119 $this->skipFooter = TRUE;
120 if(count($target) == 1){
122 // Set dummy tab object...
123 $this->dn = array_pop($target);
124 $headpage = $this->getHeadpage();
125 if($headpage->getType($this->dn) == "gosaRole"){
126 $altTabClass = "aclroletab";
127 $altTabType = "ACLROLETAB";
128 }else{
129 $altTabClass = "acltab";
130 $altTabType = "ACLTAB";
131 }
132 return(management::editEntry($action,array($this->dn),$all,$altTabClass,$altTabType,$altAclCategory));
133 }
134 }
137 function detectPostActions()
138 {
139 $action= management::detectPostActions();
140 if(isset($_POST['edit_acl'])) $action['action'] = "edit_acl";
141 if(isset($_POST['edit_role'])) $action['action'] = "edit_role";
142 return($action);
143 }
146 // A filter which allows to open a department by clicking on the departments name.
147 static function filterLabel($row,$dn,$ou= array(),$pid=0,$base="")
148 {
149 $ou = $ou[0];
150 if($dn == $base){
151 $ou =" . ";
152 }
153 if(!preg_match("/^cn=/",$dn)){
154 $ou.=" ["._("ACL Assignment")."]";
155 }
157 $dn= LDAP::fix(func_get_arg(1));
158 return("<a href='?plug=".$_GET['plug']."&PID=$pid&act=listing_edit_$row' title='$dn'>$ou</a>");
159 }
162 }
163 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
164 ?>