1 <?php
2 /*
3 This code is part of GOsa (https://gosa.gonicus.de)
4 Copyright (C) 2008 Fabian Hickert
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 */
22 /*! brief The kerberos service class
23 */
24 class goKrbServer extends goService{
26 var $cli_summary = "This pluign is used within the ServerService Pluign \nand indicates that this server supports NTP service.";
27 var $cli_description = "Some longer text\nfor help";
28 var $cli_parameters = array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
30 /* This plugin only writes its objectClass */
31 var $objectclasses = array("goKrbServer");
32 var $attributes = array("goKrbRealm");
33 var $StatusFlag = "goKrbServerStatus";
35 /* This class can't be assigned twice so it conflicts with itsself */
36 var $conflicts = array("goKrbServer");
38 var $DisplayName = "";
39 var $dn = NULL;
40 var $goKrbServerStatus= "";
41 var $cn = "";
42 var $goKrbRealm = "";
43 var $view_logged = FALSE;
45 var $policies = array();
46 var $id = -1;
47 var $macAddress = "" ;
50 /*! \brief Initializes the kerberos service
51 @param Object GOsa configuration object.
52 @param String The object dn we are currently editing.
53 @param Object The parent object.
54 */
55 public function goKrbServer(&$config,$dn,$parent)
56 {
57 goService::goService($config,$dn);
58 $this->DisplayName = _("Kerberos service");
59 $this->parent = $parent;
61 /* Detect macAddress of this device
62 */
63 $this->macAddress = "";
64 if(isset($this->parent->parent->netConfigDNS->macAddress)){
65 $this->macAddress = &$this->parent->parent->netConfigDNS->macAddress;
66 }
68 /* Get configured policies
69 */
70 if(!empty($this->macAddress) && $this->is_account){
71 $o = new gosaSupportDaemon();
72 $tmp = $o->krb5_list_policies($this->macAddress);
73 if($o->is_error()){
74 msg_dialog::display(_("Service infrastructure"),msgPool::siError($o->get_error()),ERROR_DIALOG);
75 }else{
76 $this->policies = array();
77 foreach($tmp as $policy){
78 $this->policies[] = array("NAME" => $policy,"STATUS" => "LOADED","DATA" => array());
79 }
80 }
81 }
82 }
85 /*! \brief Create HTML output
86 @return String HMTL output.
87 */
88 public function execute()
89 {
90 $smarty = get_smarty();
92 if(!$this->view_logged){
93 $this->view_logged = TRUE;
94 new log("view","server/".get_class($this),$this->dn);
95 }
97 /*******
98 Display sub dialogs
99 *******/
101 /* CANCEL Policy dialog
102 */
103 if(isset($_POST['cancel_policy'])){
104 $this->dialog = NULL;
105 }
107 /* SAVE Policy dialog
108 */
109 if($this->dialog instanceof krb5_policy && isset($_POST['save_policy'])){
110 $this->dialog->save_object();
111 $msgs = $this->dialog->check();
112 if(count($msgs)){
113 msg_dialog::displayChecks($msgs);
114 }else{
115 $this->AddPolicy($this->id,$this->dialog->save());
116 $this->dialog = NULL;
117 }
118 }
120 /* DISPLAY policy dialog
121 */
122 if($this->dialog instanceof krb5_policy){
123 $this->dialog->save_object();
124 return($this->dialog->execute());
125 }
127 /*******
128 Create HTML output for this plugin
129 *******/
131 $tmp = $this->plinfo();
132 foreach($tmp['plProvidedAcls'] as $name => $translation){
133 $smarty->assign($name."ACL",$this->getacl($name));
134 }
136 foreach($this->attributes as $attr){
137 $smarty->assign($attr,$this->$attr);
138 }
140 $divlist = new divSelectBox("Kerberos Policies");
141 $action = "<input type='image' src='images/lists/edit.png' class='center' name='policy_edit_%id'>";
142 $action .= "<input type='image' src='images/lists/trash.png' class='center' name='policy_del_%id'>";
143 foreach($this->policies as $key => $policy){
144 if($policy['STATUS'] == "REMOVED") continue;
146 $actions = preg_replace("/%id/",$key,$action);
147 $field1 = array("string" => $policy['NAME']);
148 $field3 = array("string" => $actions,
149 "attach"=>"style='width:40px; text-align:right; border:0px;'");
151 $divlist->AddEntry(array($field1,$field3));
152 }
154 $smarty->assign("divlist",$divlist->DrawList());
155 return($smarty->fetch(get_template_path("goKrbServer.tpl",TRUE,dirname(__FILE__))));
156 }
159 /* \brief Return serice informations, which will be shown in the service overview.
160 @return Array Some service information.
161 */
162 public function getListEntry()
163 {
164 $fields = goService::getListEntry();
165 $fields['Message'] = _("Kerberos service (kadmin access informations)");
166 $fields['AllowEdit'] = true;
167 return($fields);
168 }
171 /*! \brief Checks if all given values are valid
172 @return Array An array containing all error messages.
173 */
174 public function check()
175 {
176 $message = plugin::check();
177 if (empty($this->goKrbRealm)){
178 $message[]= msgPool::required(_("Realm"));
179 }
180 if(count($this->policies) && (empty($this->macAddress) || !tests::is_mac($this->macAddress))){
181 $message[] = _("In order to save policy changes, the server requires a valid mac address.");
182 }
183 return($message);
184 }
187 /*! \brief Adds or updated a given policy.
188 @param Integer ID The policy to update, or -1 if it is a new one.
189 @param Array The policy settings.
190 */
191 public function AddPolicy($id,$policy)
192 {
193 if($id != -1 && $this->policies[$id]['NAME'] == $policy['NAME']){
195 /* Policy was edited
196 */
197 if($this->policies[$id]['STATUS'] == "LOADED"){
198 $policy['STATUS'] = "EDITED";
199 }else{
200 $policy['STATUS'] = $this->policies[$id]['STATUS'];
201 }
202 $this->policies[$this->id] = $policy;
204 }elseif($id != -1 && $this->policies[$id]['NAME'] != $policy['NAME']){
206 /* Policy was renamed, remove old and add new policy
207 */
208 $this->RemovePolicy($id);
209 $this->AddPolicy(-1,$policy);
210 }else{
212 /* Policy was added
213 */
214 $name = $policy['NAME'];
216 /* Check if there is already a policy with this name
217 which was removed before
218 */
219 foreach($this->policies as $pid => $entry){
220 if($entry['NAME'] == $name && $entry['STATUS'] == "REMOVED"){
221 $id = $pid;
222 break;
223 }
224 }
226 /* Update existing policy or create new one
227 */
228 if(isset($this->policies[$id])){
229 $policy['STATUS'] = "EDITED";
230 $this->policies[$id] = $policy;
231 }else{
232 $policy['STATUS'] = "ADDED";
233 $this->policies[] = $policy;
234 }
235 }
236 }
239 /*! \brief Returns all used policy names.
240 @return Array A list of used policy names.
241 */
242 public function getPolicyNames()
243 {
244 $ret = array();
245 foreach($this->policies as $policy){
246 if($policy['STATUS'] == "REMOVED") continue;
247 $ret[] = $policy['NAME'];
248 }
249 return($ret);
250 }
253 /*! \brief Marks a policy as remvoed
254 @param Integer the Id of the policy to remove
255 */
256 public function RemovePolicy($id)
257 {
258 /* Load policy information, if not done before
259 */
260 if($this->policies[$id]['STATUS'] == "LOADED" && empty($this->policies[$id]['DATA'])){
261 $o = new gosaSupportDaemon();
262 $this->policies[$id]['DATA'] = $o->krb5_get_policy($this->macAddress,$this->policies[$id]['NAME']);
263 }
264 if($this->policies[$id]['DATA']['POLICY_REFCNT']){
265 msg_dialog::display(_("Remove"),msgPool::stillInUse(_("Policy")),ERROR_DIALOG) ;
266 }else{
267 if($this->policies[$id]['STATUS'] == "ADDED"){
268 unset($this->policies[$id]);
269 }else{
270 $this->policies[$id]['STATUS'] = "REMOVED";
271 }
272 }
273 }
276 /*! \brief Save POSTed html variables
277 */
278 public function save_object()
279 {
280 if(isset($_POST['goKrbServerPosted'])){
281 plugin::save_object();
283 /* Add new Policy requested
284 */
285 if(isset($_POST['policy_add'])){
286 $this->dialog = new krb5_policy($this->config,array(),$this);
287 $this->id = -1;
288 }
290 /* Walk through POSTs an check for image-button posts
291 */
292 foreach($_POST as $name => $value){
294 /* Remove policy requested
295 */
296 if(preg_match("/^policy_del/",$name)){
297 $id = preg_replace("/^policy_del_([0-9]*)_.*/i","\\1",$name);
298 if(isset($this->policies[$id])){
299 $this->RemovePolicy($id);
300 }
301 break;
302 }
304 /* Edit Policy requested
305 */
306 if(preg_match("/^policy_edit/",$name)){
307 $id = preg_replace("/^policy_edit_([0-9]*)_.*/i","\\1",$name);
308 if(isset($this->policies[$id])){
310 /* Load policy information, if not done before
311 */
312 if($this->policies[$id]['STATUS'] == "LOADED" && empty($this->policies[$id]['DATA'])){
313 $o = new gosaSupportDaemon();
314 $this->policies[$id]['DATA'] = $o->krb5_get_policy($this->macAddress,$this->policies[$id]['NAME']);
315 }
317 /* Open dialog */
318 $this->id = $id;
319 $this->dialog = new krb5_policy($this->config,$this->policies[$id], $this);
320 }
321 break;
322 }
323 }
324 }
325 }
328 /*! \brief Save changes to ldap
329 */
330 public function save()
331 {
332 goService::save();
334 /* Send policy changes back to the si daemon
335 */
336 $actions = array("del" => array(),"add_edit" => array());
337 foreach($this->policies as $policy){
339 /* Unset not used vars */
340 if(isset($policy['DATA']['MASK'])) unset($policy['DATA']['MASK']);
341 if(isset($policy['DATA']['POLICY_REFCNT'])) unset($policy['DATA']['POLICY_REFCNT']);
343 switch($policy['STATUS']){
344 case "REMOVED" : $actions['del'] [] = $policy;break;
345 case "ADDED" :
346 case "EDITED" : $actions['add_edit'] [] = $policy;break;
347 }
348 }
350 $o = new gosaSupportDaemon();
351 $policies = $o->krb5_list_policies($this->macAddress);
353 /* Send remove policy event
354 */
355 foreach($actions['del'] as $policy){
356 if(!in_array_strict($policy['NAME'],$policies)) continue;
357 if(!$o->krb5_del_policy($this->macAddress,$policy['NAME'])){
358 msg_dialog::display(_("Service infrastructure"),msgPool::siError($o->get_error()),ERROR_DIALOG);
359 }
360 }
362 /* Send add new/edit policy event
363 */
364 foreach($actions['add_edit'] as $policy){
365 if(in_array_strict($policy['NAME'],$policies)){
366 if(!$o->krb5_set_policy($this->macAddress,$policy['NAME'],$policy['DATA'])){
367 msg_dialog::display(_("Service infrastructure"),msgPool::siError($o->get_error()),ERROR_DIALOG);
368 }
369 }else{
370 if(!$o->krb5_add_policy($this->macAddress,$policy['NAME'],$policy['DATA'])){
371 msg_dialog::display(_("Service infrastructure"),msgPool::siError($o->get_error()),ERROR_DIALOG);
372 }
373 }
374 }
375 }
378 /*! \brief Return plugin informations for acl handling
379 @return Array ACL infos.
380 */
381 static function plInfo()
382 {
383 return (array(
384 "plShortName" => _("Kerberos"),
385 "plDescription" => _("Kerberos access information")." ("._("Services").")",
386 "plSelfModify" => FALSE,
387 "plDepends" => array(),
388 "plPriority" => 95,
389 "plSection" => array("administration"),
390 "plCategory" => array("server"),
392 "plProvidedAcls"=> array(
393 "goKrbPolicy" => _("Policies"),
394 "goKrbRealm" => _("Realm"))
395 ));
396 }
397 }
398 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
399 ?>