1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 /* Sort multidimensional arrays for key 'text' */
24 function sort_list($val1, $val2)
25 {
26 $v1= strtolower($val1['text']);
27 $v2= strtolower($val2['text']);
28 if ($v1 > $v2){
29 return 1;
30 }
31 if ($v1 < $v2){
32 return -1;
33 }
34 return 0;
35 }
38 class ogroup extends plugin
39 {
40 /* Variables */
41 var $cn= "";
42 var $description= "";
43 var $base= "";
44 var $gosaGroupObjects= "";
45 var $department= "";
46 var $objects= array();
47 var $objcache= array();
48 var $memberList= array();
49 var $member= array();
50 var $orig_dn= "";
51 var $orig_cn= "";
52 var $orig_base= "";
53 var $group_dialog= FALSE;
54 var $view_logged = FALSE;
56 var $accessTo= array();
57 var $trustModel= "";
58 var $show_ws_dialog = FALSE;
60 var $was_trust_account= FALSE;
62 /* Already assigned Workstations. Will be hidden in selection.
63 */
64 var $used_workstations = array();
66 /* attribute list for save action */
67 var $attributes= array("cn", "description", "gosaGroupObjects","member","accessTo","trustModel");
68 var $objectclasses= array("top", "gosaGroupOfNames");
70 var $copyMembers = TRUE;
72 function ogroup (&$config, $dn= NULL)
73 {
74 plugin::plugin ($config, $dn);
75 $this->orig_dn= $dn;
77 $this->member = array();
79 /* Load member objects */
80 if (isset($this->attrs['member'])){
81 foreach ($this->attrs['member'] as $key => $value){
82 if ("$key" != "count"){
83 $value= @LDAP::convert($value);
84 $this->member["$value"]= "$value";
85 }
86 }
87 }
88 $this->is_account= TRUE;
90 /* Get global filter config */
91 if (!session::is_set("ogfilter")){
92 $ui= get_userinfo();
93 $base= get_base_from_people($ui->dn);
94 $ogfilter= array( "dselect" => $base,
95 "regex" => "*");
96 session::set("ogfilter", $ogfilter);
97 }
98 $ogfilter= session::get('ogfilter');
100 /* Adjust flags */
101 foreach( array( "U" => "accounts",
102 "G" => "groups",
103 "A" => "applications",
104 "D" => "departments",
105 "S" => "servers",
106 "W" => "workstations",
107 "O" => "winstations",
108 "T" => "terminals",
109 "F" => "phones",
110 "_" => "subtrees",
111 "P" => "printers") as $key => $val){
113 if (preg_match("/$key/", $this->gosaGroupObjects)){
114 $ogfilter[$val]= "checked";
115 } else {
116 $ogfilter[$val]= "";
117 }
118 }
119 session::set("ogfilter", $ogfilter);
121 if(session::is_set('CurrentMainBase')){
122 $this->base = session::get('CurrentMainBase');
123 }
125 /* Set base */
126 if ($this->dn == "new"){
127 $this->base = session::get('CurrentMainBase');
128 } else {
129 $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("ogroupRDN"), '/')."/","",$this->dn);
131 /* Is this account a trustAccount? */
132 if ($this->is_account && isset($this->attrs['trustModel'])){
133 $this->trustModel= $this->attrs['trustModel'][0];
134 $this->was_trust_account= TRUE;
135 } else {
136 $this->was_trust_account= FALSE;
137 $this->trustModel= "";
138 }
140 $this->accessTo = array();
141 if ($this->is_account && isset($this->attrs['accessTo'])){
142 for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
143 $tmp= $this->attrs['accessTo'][$i];
144 $this->accessTo[$tmp]= $tmp;
145 }
146 }
147 }
149 /* Detect all workstations, which are already assigned to an object group
150 - Those objects will be hidden in the add object dialog.
151 - Check() will complain if such a system is assigned to this object group.
152 */
153 $base = $this->config->current['BASE'];
154 $res = get_list("(|(objectClass=gotoWorkstation)(objectClass=gotoTerminal))","none" ,
155 $base, array("dn"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
156 $ws_dns = array();
157 foreach($res as $data){
158 $ws_dns[] = $data['dn'];
159 }
160 $res=get_list("(&(member=*)(objectClass=gosaGroupOfNames))","none",
161 $base, array("dn","member", "gosaGroupObjects"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
162 $this->used_workstations = array();
163 foreach($res as $og){
164 if($og['dn'] == $this->dn) continue;
165 $test = array_intersect($ws_dns,$og['member']);
166 if(($og['gosaGroupObjects'][0] == "[W]" || $og['gosaGroupObjects'][0] == "[T]") && count($test)){
167 $this->used_workstations = array_merge($this->used_workstations,$test);
168 }
169 }
171 $this->orig_cn = $this->cn;
172 $this->orig_base = $this->base;
174 /* Get global filter config */
175 if (!session::is_set("sysfilter")){
176 $ui= get_userinfo();
177 $base= get_base_from_people($ui->dn);
178 $sysfilter= array( "depselect" => $base,
179 "regex" => "*");
180 session::set("sysfilter", $sysfilter);
181 }
183 /* Load member data */
184 $this->reload();
185 }
187 function AddDelMembership($NewMember = false){
189 if($NewMember){
191 /* Add member and force reload */
192 $this->member[$NewMember]= $NewMember;
193 $this->reload();
195 $this->memberList[$NewMember]= $this->objcache[$NewMember];
196 unset ($this->objects[$NewMember]);
197 uasort ($this->memberList, 'sort_list');
198 reset ($this->memberList);
199 }else{
200 /* Delete objects from group */
201 if (isset($_POST['delete_membership']) && isset($_POST['members'])){
202 foreach ($_POST['members'] as $value){
203 $this->objects["$value"]= $this->memberList[$value];
204 unset ($this->memberList["$value"]);
205 unset ($this->member["$value"]);
206 uasort ($this->objects, 'sort_list');
207 reset ($this->objects);
208 }
209 $this->reload();
210 }
212 /* Add objects to group */
213 if (isset($_POST['add_object_finish']) && isset($_POST['objects'])){
214 $test = array_unique(array_intersect($this->used_workstations, $_POST['objects']));
215 if(count($test)) {
216 $str = "";
217 foreach($test as $dn) {
218 $str .= "<li>".$dn."</li>";
219 }
220 msg_dialog::display(_("Error"), sprintf(_("These systems are already configured by other object groups and cannot be added:")."<br><ul>%s</ul>", $str), ERROR_DIALOG);
221 }
222 $tmp = "";
223 foreach($this->memberList as $obj){
224 $tmp .= $obj['type'];
225 }
226 $skipped = FALSE;
227 foreach ($_POST['objects'] as $value){
228 if(preg_match("/T/",$tmp) && $this->objects[$value]['type'] == "W"){
229 $skipped =TRUE;
230 }elseif(preg_match("/W/",$tmp) && $this->objects[$value]['type'] == "T"){
231 $skipped =TRUE;
232 }elseif(in_array($value, $this->used_workstations)) {
233 continue;
234 }else{
235 $this->memberList["$value"]= $this->objects[$value];
236 $this->member["$value"]= $value;
237 unset ($this->objects[$value]);
238 uasort ($this->memberList, 'sort_list');
239 reset ($this->memberList);
240 }
241 }
242 if($skipped){
243 msg_dialog::display(_("Information"), _("You cannot combine terminals and workstations in one object group!"), INFO_DIALOG);
244 }
245 $this->reload();
246 }
247 }
248 }
250 function execute()
251 {
252 /* Call parent execute */
253 plugin::execute();
255 if(!$this->view_logged){
256 $this->view_logged = TRUE;
257 new log("view","ogroups/".get_class($this),$this->dn);
258 }
261 /* Do we represent a valid group? */
262 if (!$this->is_account){
263 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
264 msgPool::noValidExtension("object group")."</b>";
265 return ($display);
266 }
269 /* Load templating engine */
270 $smarty= get_smarty();
272 $tmp = $this->plInfo();
273 foreach($tmp['plProvidedAcls'] as $name => $translation){
274 $smarty->assign($name."ACL",$this->getacl($name));
275 }
277 /* Base select dialog */
278 $once = true;
279 foreach($_POST as $name => $value){
280 if(preg_match("/^chooseBase/",$name) && $once && $this->acl_is_moveable()){
281 $once = false;
282 $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
283 $this->dialog->setCurrentBase($this->base);
284 }
285 }
287 /***********
288 * Trusts
289 ***********/
291 /* Add user workstation? */
292 if (isset($_POST["add_ws"])){
293 $this->show_ws_dialog= TRUE;
294 $this->dialog= TRUE;
295 }
297 /* Add user workstation? */
298 if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
299 foreach($_POST['wslist'] as $ws){
300 $this->accessTo[$ws]= $ws;
301 }
302 ksort($this->accessTo);
303 $this->is_modified= TRUE;
304 }
306 /* Remove user workstations? */
307 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
308 foreach($_POST['workstation_list'] as $name){
309 unset ($this->accessTo[$name]);
310 }
311 $this->is_modified= TRUE;
312 }
314 /* Add user workstation finished? */
315 if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
316 $this->show_ws_dialog= FALSE;
317 $this->dialog= FALSE;
318 }
320 /* Show ws dialog */
321 if ($this->show_ws_dialog){
322 /* Save data */
323 $sysfilter= session::get("sysfilter");
324 foreach( array("depselect", "regex") as $type){
325 if (isset($_POST[$type])){
326 $sysfilter[$type]= $_POST[$type];
327 }
328 }
329 if (isset($_GET['search'])){
330 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
331 if ($s == "**"){
332 $s= "*";
333 }
334 $sysfilter['regex']= $s;
335 }
336 session::set("sysfilter", $sysfilter);
338 /* Get workstation list */
339 $exclude= "";
340 foreach($this->accessTo as $ws){
341 $exclude.= "(cn=$ws)";
342 }
343 if ($exclude != ""){
344 $exclude= "(!(|$exclude))";
345 }
346 $regex= $sysfilter['regex'];
347 $filter= "(&(|(objectClass=goServer)(objectClass=gotoWorkstation)(objectClass=gotoTerminal))$exclude(cn=*)(cn=$regex))";
349 $deps_a = array(get_ou("serverRDN"),
350 get_ou("terminalRDN"),
351 get_ou("workstationRDN"));
352 $res= get_sub_list($filter, array("terminal","server","workstation"), $deps_a, get_ou("systemRDN").$sysfilter['depselect'],
353 array("cn"), GL_SUBSEARCH | GL_SIZELIMIT);
354 $wslist= array();
355 foreach ($res as $attrs){
356 $wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
357 }
358 asort($wslist);
359 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
360 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
361 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
362 $smarty->assign("deplist", $this->config->idepartments);
363 $smarty->assign("alphabet", generate_alphabet());
364 foreach( array("depselect", "regex") as $type){
365 $smarty->assign("$type", $sysfilter[$type]);
366 }
367 $smarty->assign("hint", print_sizelimit_warning());
368 $smarty->assign("wslist", $wslist);
369 $smarty->assign("apply", apply_filter());
370 $display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
371 return ($display);
372 }
374 /***********
375 * Ende - Trusts
376 ***********/
379 /* Dialog handling */
380 if(is_object($this->dialog) && $this->acl_is_moveable()){
381 /* Must be called before save_object */
382 $this->dialog->save_object();
384 if($this->dialog->isClosed()){
385 $this->dialog = false;
386 }elseif($this->dialog->isSelected()){
388 /* A new base was selected, check if it is a valid one */
389 $tmp = $this->get_allowed_bases();
390 if(isset($tmp[$this->dialog->isSelected()])){
391 $this->base = $this->dialog->isSelected();
392 }
393 $this->dialog= false;
394 }else{
395 return($this->dialog->execute());
396 }
397 }
399 /* Add objects? */
400 if (isset($_POST["edit_membership"])){
401 $this->group_dialog= TRUE;
402 $this->dialog= TRUE;
403 }
405 /* Add objects finished? */
406 if (isset($_POST["add_object_finish"]) || isset($_POST["add_object_cancel"])){
407 $this->group_dialog= FALSE;
408 $this->dialog= FALSE;
409 }
411 /* Manage object add dialog */
412 if ($this->group_dialog){
414 /* Save data */
415 $ogfilter= session::get("ogfilter");
416 foreach( array("dselect", "regex") as $type){
417 if (isset($_POST[$type])){
418 $ogfilter[$type]= $_POST[$type];
419 }
420 }
421 if (isset($_POST['dselect'])){
422 foreach( array("accounts", "groups", "applications", "departments",
423 "servers", "workstations", "winstations", "terminals", "printers","subtrees",
424 "phones") as $type){
426 if (isset($_POST[$type])) {
427 $ogfilter[$type]= "checked";
428 } else {
429 $ogfilter[$type]= "";
430 }
431 }
432 }
433 if (isset($_GET['search'])){
434 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
435 if ($s == "**"){
436 $s= "*";
437 }
438 $ogfilter['regex']= $s;
439 }
440 session::set("ogfilter", $ogfilter);
441 $this->reload();
443 /* Calculate actual groups / remove entries that are already inside... */
444 $strippedObjects= array();
445 foreach ($this->objects as $key => $value){
446 if (!isset($this->member[$key])){
447 $strippedObjects[$key]= $value;
448 }
449 }
450 $smarty->assign("objects", $this->convert_list($strippedObjects));
452 /* Show dialog */
453 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
454 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
455 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
456 $smarty->assign("deplist", $this->config->idepartments);
457 $smarty->assign("alphabet", generate_alphabet());
458 foreach( array("dselect", "regex", "subtrees") as $type){
459 $smarty->assign("$type", $ogfilter[$type]);
460 }
461 $smarty->assign("hint", print_sizelimit_warning());
462 $smarty->assign("apply", apply_filter());
464 /* Build up checkboxes
465 */
466 $ar = array(
467 "departments" => array(
468 "T" => msgPool::selectToView(_("departments")),
469 "C" => (isset($ogfilter['departments']) && ($ogfilter['departments'])),
470 "L" => sprintf(_("Show %s"),_("departments"))),
471 "accounts" => array(
472 "T" => msgPool::selectToView(_("people")),
473 "C" => (isset($ogfilter['accounts']) && ($ogfilter['accounts'])),
474 "L" => sprintf(_("Show %s"),_("people"))),
475 "groups"=> array(
476 "T" => msgPool::selectToView(_("groups")),
477 "C" => (isset($ogfilter['groups']) && ($ogfilter['groups'])),
478 "L" => sprintf(_("Show %s"),_("groups"))),
479 "servers"=> array(
480 "T" => msgPool::selectToView(_("servers")),
481 "C" => (isset($ogfilter['servers']) && ($ogfilter['servers'])),
482 "L" => sprintf(_("Show %s"),_("servers"))),
483 "workstations"=> array(
484 "T" => msgPool::selectToView(_("workstations")),
485 "C" => (isset($ogfilter['workstations']) && ($ogfilter['workstations'])),
486 "L" => sprintf(_("Show %s"),_("workstations"))),
487 "terminals"=> array(
488 "T" => msgPool::selectToView(_("terminals")),
489 "C" => (isset($ogfilter['terminals']) && ($ogfilter['terminals'])),
490 "L" => sprintf(_("Show %s"),_("terminals"))),
491 "printers"=> array(
492 "T" => msgPool::selectToView(_("printer")),
493 "C" => (isset($ogfilter['printers']) && ($ogfilter['printers'])),
494 "L" => sprintf(_("Show %s"),_("printers"))),
495 "phones"=> array(
496 "T" => msgPool::selectToView(_("phones")),
497 "C" => (isset($ogfilter['phones']) && ($ogfilter['phones'])),
498 "L" => sprintf(_("Show %s"),_("phones"))));
500 /* Allow selecting applications if we are having a non
501 release managed application storage */
502 if(!$this->IsReleaseManagementActivated()){
503 $ar["applications"] = array(
504 "T" => msgPool::selectToView(_("applications")),
505 "C" => (isset($ogfilter['applications']) && ($ogfilter['applications'])),
506 "L" => sprintf(_("Show %s"),_("applications")));
507 }
509 $smarty->assign("checkboxes",$ar);
510 $display= $smarty->fetch (get_template_path('ogroup_objects.tpl', TRUE, dirname(__FILE__)));
511 return ($display);
512 }
514 /* Bases / Departments */
515 if ((isset($_POST['base'])) && ($this->acl_is_moveable())){
516 $this->base= $_POST['base'];
517 }
519 /* Assemble combine string */
520 if ($this->gosaGroupObjects == "[]"){
521 $smarty->assign("combinedObjects", _("none"));
522 } elseif (strlen($this->gosaGroupObjects) > 4){
523 $smarty->assign("combinedObjects", "<font color=red>"._("too many different objects!")."</font>");
524 } else {
525 $conv= array( "U" => _("users"),
526 "G" => _("groups"),
527 "A" => _("applications"),
528 "D" => _("departments"),
529 "S" => _("servers"),
530 "W" => _("workstations"),
531 "O" => _("winstations"),
532 "T" => _("terminals"),
533 "F" => _("phones"),
534 "P" => _("printers"));
536 $type= preg_replace('/[\[\]]/', '', $this->gosaGroupObjects);
537 $p1= $conv[$type[0]];
538 error_reporting(0);
539 if (isset($type[1]) && preg_match('/[UGADSFOWTP]/', $type[1])){
540 $p2= $conv[$type[1]];
541 $smarty->assign("combinedObjects", sprintf("'%s' and '%s'", $p1, $p2));
542 } else {
543 $smarty->assign("combinedObjects", "$p1");
544 }
545 error_reporting(E_ALL | E_STRICT);
546 }
548 /* Assign variables */
549 $smarty->assign("bases", $this->get_allowed_bases());
550 $smarty->assign("base_select", $this->base);
551 $smarty->assign("department", $this->department);
552 $smarty->assign("members", $this->convert_list($this->memberList));
554 /* Objects have to be tuned... */
555 $smarty->assign("objects", $this->convert_list($this->objects));
557 /* Fields */
558 foreach ($this->attributes as $val){
559 $smarty->assign("$val", $this->$val);
560 }
562 /******
563 Trust account
564 ******/
565 $smarty->assign("trusthide", " disabled ");
566 $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
567 if ($this->trustModel == "fullaccess"){
568 $trustmode= 1;
569 // pervent double disable tag in html code, this will disturb our clean w3c html
570 $smarty->assign("trustmode", $this->getacl("trustModel"));
572 } elseif ($this->trustModel == "byhost"){
573 $trustmode= 2;
574 $smarty->assign("trusthide", "");
575 } else {
576 // pervent double disable tag in html code, this will disturb our clean w3c html
577 $smarty->assign("trustmode", $this->getacl("trustModel"));
578 $trustmode= 0;
579 }
580 $smarty->assign("trustmode", $trustmode);
581 $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
582 2 => _("allow access to these hosts")));
584 $smarty->assign("workstations", $this->accessTo);
586 if((count($this->accessTo))==0){
587 $smarty->assign("emptyArrAccess",true);
588 }else{
589 $smarty->assign("emptyArrAccess",false);
590 }
591 /******
592 Ende - Trust account
593 ******/
595 return ($smarty->fetch (get_template_path('generic.tpl', TRUE)));
596 }
599 /* Save data to object */
600 function save_object()
601 {
602 /* Save additional values for possible next step */
603 if (isset($_POST['ogroupedit'])){
605 /******
606 Trust account
607 ******/
609 if($this->acl_is_writeable("trustModel")){
610 if (isset($_POST['trustmode'])){
611 $saved= $this->trustModel;
612 if ($_POST['trustmode'] == "1"){
613 $this->trustModel= "fullaccess";
614 } elseif ($_POST['trustmode'] == "2"){
615 $this->trustModel= "byhost";
616 } else {
617 $this->trustModel= "";
618 }
619 if ($this->trustModel != $saved){
620 $this->is_modified= TRUE;
621 }
622 }
623 }
624 /******
625 Ende Trust account
626 ******/
628 /* Create a base backup and reset the
629 base directly after calling plugin::save_object();
630 Base will be set seperatly a few lines below */
631 $base_tmp = $this->base;
632 plugin::save_object();
633 $this->base = $base_tmp;
635 /* Save base, since this is no LDAP attribute */
636 $tmp = $this->get_allowed_bases();
637 if(isset($_POST['base'])){
638 if(isset($tmp[$_POST['base']])){
639 $this->base= $_POST['base'];
640 }
641 }
642 }
643 }
646 /* (Re-)Load objects */
647 function reload()
648 {
649 /*###########
650 Variable initialisation
651 ###########*/
653 $this->objects = array();
654 $this->ui = get_userinfo();
655 $filter = "";
656 $objectClasses = array();
658 $ogfilter = session::get("ogfilter");
659 $regex = $ogfilter['regex'];
661 $ldap= $this->config->get_ldap_link();
662 $ldap->cd ($ogfilter['dselect']);
665 /*###########
666 Generate Filter
667 ###########*/
669 $p_f= array("accounts"=> array("OBJ"=>"user", "CLASS"=>"gosaAccount" ,
670 "DN"=> get_people_ou() ,"ACL" => "users"),
671 "groups" => array("OBJ"=>"group", "CLASS"=>"posixGroup" ,
672 "DN"=> get_groups_ou('ogroupRDN') ,"ACL" => "groups"),
673 "departments" => array("OBJ"=>"department", "CLASS"=>"gosaDepartment" ,
674 "DN"=> "" ,"ACL" => "department"),
675 "servers" => array("OBJ"=>"servgeneric", "CLASS"=>"goServer" ,
676 "DN"=> get_ou('serverRDN') ,"ACL" => "server"),
677 "workstations" => array("OBJ"=>"workgeneric", "CLASS"=>"gotoWorkstation",
678 "DN"=> get_ou('workstationRDN') ,"ACL" => "workstation"),
679 "winstations" => array("OBJ"=>"wingeneric", "CLASS"=>"opsiClient",
680 "DN"=> get_ou('SAMBAMACHINEACCOUNTRDN') ,"ACL" => "winstation"),
681 "terminals" => array("OBJ"=>"termgeneric", "CLASS"=>"gotoTerminal" ,
682 "DN"=> get_ou('terminalRDN') ,"ACL" => "terminal"),
683 "printers" => array("OBJ"=>"printgeneric", "CLASS"=>"gotoPrinter" ,
684 "DN"=> get_ou('printerRDN') ,"ACL" => "printer"),
685 "phones" => array("OBJ"=>"phoneGeneric", "CLASS"=>"goFonHardware" ,
686 "DN"=> get_ou('phoneRDN') ,"ACL" => "phone"));
689 /* Allow searching for applications, if we are not using release managed applications
690 */
691 if(!$this->IsReleaseManagementActivated()){
692 $p_f[ "applications"] = array("OBJ"=>"application", "CLASS"=>"gosaApplication",
693 "DN"=> get_ou('applicationRDN') ,"ACL" => "application");
694 }
696 /*###########
697 Perform search for selected objectClasses & regex to fill list with objects
698 ###########*/
700 $Get_list_flags = 0;
701 if($ogfilter['subtrees'] == "checked"){
702 $Get_list_flags |= GL_SUBSEARCH;
703 }
705 foreach($p_f as $post_name => $data){
707 if($ogfilter[$post_name] == "checked" && class_available($data['OBJ'])){
709 if($ogfilter['subtrees']){
710 $base = $ogfilter['dselect'];
711 }else{
712 $base = $data['DN'].$ogfilter['dselect'];
713 }
716 $filter = "(&(objectClass=".$data['CLASS'].")(|(uid=$regex)(cn=$regex)(ou=$regex)))";
717 $res = get_list($filter, $data['ACL'] , $base,
718 array("description", "objectClass", "sn", "givenName", "uid","ou","cn"),$Get_list_flags);
720 /* fetch results and append them to the list */
721 foreach($res as $attrs){
723 /* Skip workstations which are already assigned to an object group.
724 */
725 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]"){
726 if(in_array($attrs['dn'],$this->used_workstations)){
727 continue;
728 }
729 }
731 $type= $this->getObjectType($attrs);
732 $name= $this->getObjectName($attrs);
734 /* Fill array */
735 if (isset($attrs["description"][0])){
736 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
737 } elseif (isset($attrs["uid"][0])) {
738 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
739 } else {
740 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
741 }
742 }
743 }
744 }
745 uasort ($this->objects, 'sort_list');
746 reset ($this->objects);
749 /*###########
750 Build member list and try to detect obsolete entries
751 ###########*/
753 $this->memberList = array();
755 /* Walk through all single member entry */
756 foreach($this->member as $dn){
758 /* The dn for the current member can't be resolved
759 it seams that this entry was removed
760 */
761 /* Try to resolv the entry again, if it still fails, display error msg */
762 $ldap->cat($dn, array("cn", "sn", "givenName", "ou", "description", "objectClass", "macAddress"));
764 /* It has failed, add entry with type flag I (Invalid)*/
765 if (!$ldap->success()){
766 $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".LDAP::fix($dn),"type" => "I");
768 } else {
770 /* Append this entry to our all object list */
772 /* Fetch object */
773 $attrs= $ldap->fetch();
775 $type= $this->getObjectType($attrs);
776 $name= $this->getObjectName($attrs);
778 if (isset($attrs["description"][0])){
779 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
780 } elseif (isset($attrs["uid"][0])) {
781 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
782 } else {
783 $this->objcache[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
784 }
785 $this->objcache[$attrs["dn"]]['objectClass'] = $attrs['objectClass'];
787 if(isset($attrs['macAddress'][0])){
788 $this->objcache[$attrs["dn"]]['macAddress'] = $attrs['macAddress'][0];
789 }else{
790 $this->objcache[$attrs["dn"]]['macAddress'] = "";
791 }
793 if(isset($attrs['uid'])){
794 $this->objcache[$attrs["dn"]]['uid'] = $attrs['uid'];
795 }
797 /* Fill array */
798 if (isset($attrs["description"][0])){
799 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
800 } else {
801 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
802 }
804 $this->memberList[$dn]= $this->objects[$attrs["dn"]];
805 }
806 }
807 uasort ($this->memberList, 'sort_list');
808 reset ($this->memberList);
810 /* Assemble types of currently combined objects */
811 $objectTypes= "";
812 foreach ($this->memberList as $dn => $desc){
814 /* Invalid object? */
815 if ($desc['type'] == 'I'){
816 continue;
817 }
819 /* Fine. Add to list. */
820 if (!preg_match('/'.$desc['type'].'/', $objectTypes)){
821 $objectTypes.= $desc['type'];
822 }
823 }
824 $this->gosaGroupObjects= "[$objectTypes]";
825 }
828 function convert_list($input)
829 {
830 $temp= "";
831 $conv= array(
832 "Y" => "plugins/users/images/select_template.png",
833 "U" => "plugins/generic/images/head.png",
834 "G" => "plugins/groups/images/groups.png",
835 "A" => "plugins/ogroups/images/application.png",
836 "D" => "plugins/departments/images/department.png",
837 "S" => "plugins/ogroups/images/server.png",
838 "W" => "plugins/ogroups/images/workstation.png",
839 "O" => "plugins/ogroups/images/winstation.png",
840 "T" => "plugins/ogroups/images/terminal.png",
841 "F" => "plugins/ogroups/images/phone.png",
842 "P" => "plugins/ogroups/images/printer.png",
843 "I" => "images/false.png");
845 foreach ($input as $key => $value){
846 /* Generate output */
847 $temp.= "<option title='".addslashes( $key)."' value=\"$key\" class=\"select\" style=\"background-image:url('".get_template_path($conv[$value['type']])."');\">".$value['text']."</option>\n";
848 }
850 return ($temp);
851 }
854 function getObjectType($attrs)
855 {
856 $type= "I";
858 foreach(array(
859 "Y" => "gosaUserTemplate",
860 "U" => "gosaAccount",
861 "G" => "posixGroup",
862 "A" => "gosaApplication",
863 "D" => "gosaDepartment",
864 "S" => "goServer",
865 "W" => "gotoWorkstation",
866 "O" => "opsiClient",
867 "T" => "gotoTerminal",
868 "F" => "goFonHardware",
869 "P" => "gotoPrinter") as $index => $class){
870 if (in_array($class, $attrs['objectClass'])){
871 $type= $index;
872 break;
873 }
874 }
876 return ($type);
877 }
880 function getObjectName($attrs)
881 {
882 /* Person? */
883 $name ="";
884 if (in_array('gosaAccount', $attrs['objectClass'])){
885 if(isset($attrs['sn']) && isset($attrs['givenName'])){
886 $name= $attrs['sn'][0].", ".$attrs['givenName'][0];
887 } else {
888 $name= $attrs['uid'][0];
889 }
890 } else {
891 if(isset($attrs["cn"][0])) {
892 $name= $attrs['cn'][0];
893 } else {
894 $name= $attrs['ou'][0];
895 }
896 }
898 return ($name);
899 }
902 function check()
903 {
904 /* Call common method to give check the hook */
905 $message= plugin::check();
907 /* Permissions for that base? */
908 if ($this->base != ""){
909 $new_dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
910 } else {
911 $new_dn= $this->dn;
912 }
914 $ldap = $this->config->get_ldap_link();
915 if(LDAP::fix($this->dn) != LDAP::fix($new_dn)){
916 $ldap->cat ($new_dn, array('dn'));
917 }
919 if($ldap->count() !=0){
920 $message[]= msgPool::duplicated(_("Name"));
921 }
923 /* Set new acl base */
924 if($this->dn == "new") {
925 $this->set_acl_base($this->base);
926 }
928 /* must: cn */
929 if ($this->cn == ""){
930 $message[]= msgPool::required(_("Name"));
931 }
933 if (preg_match('/[\\\\=\",+<>#;]/', $this->cn)) {
934 $message[] = msgPool::invalid(_("Name"), $this->cn, "/[^\\\\=\"+,<>#;]/");
935 }
937 /* To many different object types? */
938 if (strlen($this->gosaGroupObjects) > 4){
939 $message[]= _("You can combine two different object types at maximum, only!");
940 }
942 /* Check if we are allowed to create or move this object
943 */
944 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
945 $message[] = msgPool::permCreate();
946 }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
947 $message[] = msgPool::permMove();
948 }
950 return ($message);
951 }
954 /* Save to LDAP */
955 function save()
956 {
957 plugin::save();
959 /* Move members to target array */
960 $this->attrs['member'] =array();
961 foreach ($this->member as $key => $desc){
962 $this->attrs['member'][]= LDAP::fix($key);
963 }
965 $ldap= $this->config->get_ldap_link();
967 /* New accounts need proper 'dn', propagate it to remaining objects */
968 if ($this->dn == 'new'){
969 $this->dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
970 }
972 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
973 new entries. So do a check first... */
974 $ldap->cat ($this->dn, array('dn'));
975 if ($ldap->fetch()){
976 /* Modify needs array() to remove values :-( */
977 if (!count ($this->member)){
978 $this->attrs['member']= array();
979 }
980 $mode= "modify";
982 } else {
983 $mode= "add";
984 $ldap->cd($this->config->current['BASE']);
985 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
986 }
988 /******
989 Trust accounts
990 ******/
991 $objectclasses= array();
992 foreach ($this->attrs['objectClass'] as $key => $class){
993 if (preg_match('/trustAccount/i', $class)){
994 continue;
995 }
996 $objectclasses[]= $this->attrs['objectClass'][$key];
997 }
998 $this->attrs['objectClass']= $objectclasses;
999 if ($this->trustModel != ""){
1000 $this->attrs['objectClass'][]= "trustAccount";
1001 $this->attrs['trustModel']= $this->trustModel;
1002 $this->attrs['accessTo']= array();
1003 if ($this->trustModel == "byhost"){
1004 foreach ($this->accessTo as $host){
1005 $this->attrs['accessTo'][]= $host;
1006 }
1007 }
1008 } else {
1009 if ($this->was_trust_account){
1010 $this->attrs['accessTo']= array();
1011 $this->attrs['trustModel']= array();
1012 }
1013 }
1015 /******
1016 Ende - Trust accounts
1017 ******/
1019 /* Write back to ldap */
1020 $ldap->cd($this->dn);
1021 $this->cleanup();
1022 $ldap->$mode($this->attrs);
1024 if($mode == "add"){
1025 new log("create","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1026 }else{
1027 new log("modify","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1028 }
1030 /* Trigger post signal */
1031 $this->handle_post_events($mode);
1033 $ret= 0;
1034 if (!$ldap->success()){
1035 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
1036 $ret= 1;
1037 }
1039 return ($ret);
1040 }
1042 function remove_from_parent()
1043 {
1044 plugin::remove_from_parent();
1046 $ldap= $this->config->get_ldap_link();
1047 $ldap->rmdir($this->dn);
1048 if (!$ldap->success()){
1049 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
1050 }
1052 new log("remove","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1054 /* Trigger remove signal */
1055 $this->handle_post_events("remove");
1056 }
1059 function PrepareForCopyPaste($source)
1060 {
1061 /* Update available object types */
1062 if(isset($source['gosaGroupObjects'][0])){
1063 $this->gosaGroupObjects = $source['gosaGroupObjects'][0];
1064 }
1066 if (preg_match("/[STW]/", $this->gosaGroupObjects) || !isset($source['member'])) {
1067 $this->copyMembers = false;
1068 } else {
1069 $this->copyMembers = true;
1070 }
1072 /* Reload tabs */
1073 $this->parent->reload($this->gosaGroupObjects );
1075 /* Reload plugins */
1076 foreach($this->parent->by_object as $name => $class ){
1077 if(get_class($this) != $name) {
1078 $this->parent->by_object[$name]->PrepareForCopyPaste($source);
1079 }
1080 }
1082 /* Load member objects */
1083 if (isset($source['member'])){
1084 foreach ($source['member'] as $key => $value){
1085 if ("$key" != "count"){
1086 $value= @LDAP::convert($value);
1087 $this->member["$value"]= "$value";
1088 }
1089 }
1090 }
1092 }
1095 function getCopyDialog()
1096 {
1097 $smarty = get_smarty();
1098 $smarty->assign("cn", $this->cn);
1099 $smarty->assign("copyMembers", $this->copyMembers);
1100 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
1101 $ret = array();
1102 $ret['string'] = $str;
1103 $ret['status'] = "";
1104 return($ret);
1105 }
1107 function saveCopyDialog()
1108 {
1109 if(isset($_POST['cn'])){
1110 $this->cn = $_POST['cn'];
1111 }
1112 if(!isset($_POST['copyMembers'])){
1113 $this->member = array();
1114 }
1115 }
1118 function IsReleaseManagementActivated()
1119 {
1120 /* Check if we should enable the release selection */
1121 $tmp = $this->config->search("faiManagement", "CLASS",array('menu','tabs'));
1122 if(!empty($tmp)){
1123 return(true);
1124 }
1125 return(false);
1126 }
1129 static function plInfo()
1130 {
1131 return (array(
1132 "plShortName" => _("Generic"),
1133 "plDescription" => _("Object group generic"),
1134 "plSelfModify" => FALSE,
1135 "plDepends" => array(),
1136 "plPriority" => 1,
1137 "plSection" => array("administration"),
1138 "plCategory" => array("ogroups" => array("description" => _("Object groups"),
1139 "objectClass" => "gosaGroupOfNames")),
1140 "plProvidedAcls"=> array(
1141 "cn" => _("Name"),
1142 "base" => _("Base"),
1143 "description" => _("Description"),
1144 "trustModel" => _("Sytem trust"),
1145 "member" => _("Member"))
1146 ));
1147 }
1148 }
1150 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1151 ?>