![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
d36a32fd5370ed5b9f7d62ceda7a1548853cff79
1 <?php
2 /*
3 * This code is part of GOsa (http://www.gosa-project.org)
4 * Copyright (C) 2003-2008 GONICUS GmbH
5 *
6 * ID: $$Id$$
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
23 /* Sort multidimensional arrays for key 'text' */
24 function sort_list($val1, $val2)
25 {
26 $v1= strtolower($val1['text']);
27 $v2= strtolower($val2['text']);
28 if ($v1 > $v2){
29 return 1;
30 }
31 if ($v1 < $v2){
32 return -1;
33 }
34 return 0;
35 }
38 class ogroup extends plugin
39 {
40 /* Variables */
41 var $cn= "";
42 var $description= "";
43 var $base= "";
44 var $gosaGroupObjects= "";
45 var $department= "";
46 var $objects= array();
47 var $objcache= array();
48 var $memberList= array();
49 var $member= array();
50 var $orig_dn= "";
51 var $orig_cn= "";
52 var $orig_base= "";
53 var $group_dialog= FALSE;
54 var $view_logged = FALSE;
56 var $accessTo= array();
57 var $trustModel= "";
58 var $show_ws_dialog = FALSE;
60 var $was_trust_account= FALSE;
62 /* Already assigned Workstations. Will be hidden in selection.
63 */
64 var $used_workstations = array();
66 /* attribute list for save action */
67 var $attributes= array("cn", "description", "gosaGroupObjects","member","accessTo","trustModel");
68 var $objectclasses= array("top", "gosaGroupOfNames");
70 function ogroup (&$config, $dn= NULL)
71 {
72 plugin::plugin ($config, $dn);
73 $this->orig_dn= $dn;
75 $this->member = array();
77 /* Load member objects */
78 if (isset($this->attrs['member'])){
79 foreach ($this->attrs['member'] as $key => $value){
80 if ("$key" != "count"){
81 $value= @LDAP::convert($value);
82 $this->member["$value"]= "$value";
83 }
84 }
85 }
86 $this->is_account= TRUE;
88 /* Get global filter config */
89 if (!session::is_set("ogfilter")){
90 $ui= get_userinfo();
91 $base= get_base_from_people($ui->dn);
92 $ogfilter= array( "dselect" => $base,
93 "regex" => "*");
94 session::set("ogfilter", $ogfilter);
95 }
96 $ogfilter= session::get('ogfilter');
98 /* Adjust flags */
99 foreach( array( "U" => "accounts",
100 "G" => "groups",
101 "A" => "applications",
102 "D" => "departments",
103 "S" => "servers",
104 "W" => "workstations",
105 "O" => "winstations",
106 "T" => "terminals",
107 "F" => "phones",
108 "_" => "subtrees",
109 "P" => "printers") as $key => $val){
111 if (preg_match("/$key/", $this->gosaGroupObjects)){
112 $ogfilter[$val]= "checked";
113 } else {
114 $ogfilter[$val]= "";
115 }
116 }
117 session::set("ogfilter", $ogfilter);
119 if(session::is_set('CurrentMainBase')){
120 $this->base = session::get('CurrentMainBase');
121 }
123 /* Set base */
124 if ($this->dn == "new"){
125 $this->base = session::get('CurrentMainBase');
126 } else {
127 $this->base= preg_replace("/^[^,]+,".preg_quote(get_ou("ogroupRDN"), '/')."/","",$this->dn);
129 /* Is this account a trustAccount? */
130 if ($this->is_account && isset($this->attrs['trustModel'])){
131 $this->trustModel= $this->attrs['trustModel'][0];
132 $this->was_trust_account= TRUE;
133 } else {
134 $this->was_trust_account= FALSE;
135 $this->trustModel= "";
136 }
138 $this->accessTo = array();
139 if ($this->is_account && isset($this->attrs['accessTo'])){
140 for ($i= 0; $i<$this->attrs['accessTo']['count']; $i++){
141 $tmp= $this->attrs['accessTo'][$i];
142 $this->accessTo[$tmp]= $tmp;
143 }
144 }
145 }
147 /* Detect all workstations, which are already assigned to an object group
148 - Those objects will be hidden in the add object dialog.
149 - Check() will complain if such a system is assigned to this object group.
150 */
151 $base = $this->config->current['BASE'];
152 $res = get_list("(|(objectClass=gotoWorkstation)(objectClass=gotoTerminal))","none" ,
153 $base, array("dn"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
154 $ws_dns = array();
155 foreach($res as $data){
156 $ws_dns[] = $data['dn'];
157 }
158 $res=get_list("(&(member=*)(objectClass=gosaGroupOfNames))","none",
159 $base, array("dn","member", "gosaGroupObjects"),GL_NO_ACL_CHECK|GL_SUBSEARCH);
160 $this->used_workstations = array();
161 foreach($res as $og){
162 if($og['dn'] == $this->dn) continue;
163 $test = array_intersect($ws_dns,$og['member']);
164 if(($og['gosaGroupObjects'] == "[W]" || $og['gosaGroupObjects'] == "[T]") && count($test)){
165 $this->used_workstations = array_merge($this->used_workstations,$test);
166 }
167 }
169 $this->orig_cn = $this->cn;
170 $this->orig_base = $this->base;
172 /* Get global filter config */
173 if (!session::is_set("sysfilter")){
174 $ui= get_userinfo();
175 $base= get_base_from_people($ui->dn);
176 $sysfilter= array( "depselect" => $base,
177 "regex" => "*");
178 session::set("sysfilter", $sysfilter);
179 }
181 /* Load member data */
182 $this->reload();
183 }
185 function AddDelMembership($NewMember = false){
187 if($NewMember){
189 /* Add member and force reload */
190 $this->member[$NewMember]= $NewMember;
191 $this->reload();
193 $this->memberList[$NewMember]= $this->objcache[$NewMember];
194 unset ($this->objects[$NewMember]);
195 uasort ($this->memberList, 'sort_list');
196 reset ($this->memberList);
197 }else{
198 /* Delete objects from group */
199 if (isset($_POST['delete_membership']) && isset($_POST['members'])){
200 foreach ($_POST['members'] as $value){
201 $this->objects["$value"]= $this->memberList[$value];
202 unset ($this->memberList["$value"]);
203 unset ($this->member["$value"]);
204 uasort ($this->objects, 'sort_list');
205 reset ($this->objects);
206 }
207 $this->reload();
208 }
210 /* Add objects to group */
211 if (isset($_POST['add_object_finish']) && isset($_POST['objects'])){
213 $tmp = "";
214 foreach($this->memberList as $obj){
215 $tmp .= $obj['type'];
216 }
217 $skipped = FALSE;
218 foreach ($_POST['objects'] as $value){
219 if(preg_match("/T/",$tmp) && $this->objects[$value]['type'] == "W"){
220 $skipped =TRUE;
221 }elseif(preg_match("/W/",$tmp) && $this->objects[$value]['type'] == "T"){
222 $skipped =TRUE;
223 }else{
224 $this->memberList["$value"]= $this->objects[$value];
225 $this->member["$value"]= $value;
226 unset ($this->objects[$value]);
227 uasort ($this->memberList, 'sort_list');
228 reset ($this->memberList);
229 }
230 }
231 if($skipped){
232 msg_dialog::display(_("Information"), _("You cannot combine terminals and workstations in one object group!"), INFO_DIALOG);
233 }
234 $this->reload();
235 }
236 }
237 }
239 function execute()
240 {
241 /* Call parent execute */
242 plugin::execute();
244 if(!$this->view_logged){
245 $this->view_logged = TRUE;
246 new log("view","ogroups/".get_class($this),$this->dn);
247 }
250 /* Do we represent a valid group? */
251 if (!$this->is_account){
252 $display= "<img alt=\"\" src=\"images/small-error.png\" align=\"middle\"> <b>".
253 msgPool::noValidExtension("object group")."</b>";
254 return ($display);
255 }
258 /* Load templating engine */
259 $smarty= get_smarty();
261 $tmp = $this->plInfo();
262 foreach($tmp['plProvidedAcls'] as $name => $translation){
263 $smarty->assign($name."ACL",$this->getacl($name));
264 }
266 /* Base select dialog */
267 $once = true;
268 foreach($_POST as $name => $value){
269 if(preg_match("/^chooseBase/",$name) && $once && $this->acl_is_moveable()){
270 $once = false;
271 $this->dialog = new baseSelectDialog($this->config,$this,$this->get_allowed_bases());
272 $this->dialog->setCurrentBase($this->base);
273 }
274 }
276 /***********
277 * Trusts
278 ***********/
280 /* Add user workstation? */
281 if (isset($_POST["add_ws"])){
282 $this->show_ws_dialog= TRUE;
283 $this->dialog= TRUE;
284 }
286 /* Add user workstation? */
287 if (isset($_POST["add_ws_finish"]) && isset($_POST['wslist'])){
288 foreach($_POST['wslist'] as $ws){
289 $this->accessTo[$ws]= $ws;
290 }
291 ksort($this->accessTo);
292 $this->is_modified= TRUE;
293 }
295 /* Remove user workstations? */
296 if (isset($_POST["delete_ws"]) && isset($_POST['workstation_list'])){
297 foreach($_POST['workstation_list'] as $name){
298 unset ($this->accessTo[$name]);
299 }
300 $this->is_modified= TRUE;
301 }
303 /* Add user workstation finished? */
304 if (isset($_POST["add_ws_finish"]) || isset($_POST["add_ws_cancel"])){
305 $this->show_ws_dialog= FALSE;
306 $this->dialog= FALSE;
307 }
309 /* Show ws dialog */
310 if ($this->show_ws_dialog){
311 /* Save data */
312 $sysfilter= session::get("sysfilter");
313 foreach( array("depselect", "regex") as $type){
314 if (isset($_POST[$type])){
315 $sysfilter[$type]= $_POST[$type];
316 }
317 }
318 if (isset($_GET['search'])){
319 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
320 if ($s == "**"){
321 $s= "*";
322 }
323 $sysfilter['regex']= $s;
324 }
325 session::set("sysfilter", $sysfilter);
327 /* Get workstation list */
328 $exclude= "";
329 foreach($this->accessTo as $ws){
330 $exclude.= "(cn=$ws)";
331 }
332 if ($exclude != ""){
333 $exclude= "(!(|$exclude))";
334 }
335 $regex= $sysfilter['regex'];
336 $filter= "(&(|(objectClass=goServer)(objectClass=gotoWorkstation)(objectClass=gotoTerminal))$exclude(cn=*)(cn=$regex))";
338 $deps_a = array(get_ou("serverRDN"),
339 get_ou("terminalRDN"),
340 get_ou("workstationRDN"));
341 $res= get_sub_list($filter, array("terminal","server","workstation"), $deps_a, get_ou("systemRDN").$sysfilter['depselect'],
342 array("cn"), GL_SUBSEARCH | GL_SIZELIMIT);
343 $wslist= array();
344 foreach ($res as $attrs){
345 $wslist[]= preg_replace('/\$/', '', $attrs['cn'][0]);
346 }
347 asort($wslist);
348 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
349 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
350 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
351 $smarty->assign("deplist", $this->config->idepartments);
352 $smarty->assign("alphabet", generate_alphabet());
353 foreach( array("depselect", "regex") as $type){
354 $smarty->assign("$type", $sysfilter[$type]);
355 }
356 $smarty->assign("hint", print_sizelimit_warning());
357 $smarty->assign("wslist", $wslist);
358 $smarty->assign("apply", apply_filter());
359 $display= $smarty->fetch (get_template_path('trust_machines.tpl', TRUE, dirname(__FILE__)));
360 return ($display);
361 }
363 /***********
364 * Ende - Trusts
365 ***********/
368 /* Dialog handling */
369 if(is_object($this->dialog) && $this->acl_is_moveable()){
370 /* Must be called before save_object */
371 $this->dialog->save_object();
373 if($this->dialog->isClosed()){
374 $this->dialog = false;
375 }elseif($this->dialog->isSelected()){
377 /* A new base was selected, check if it is a valid one */
378 $tmp = $this->get_allowed_bases();
379 if(isset($tmp[$this->dialog->isSelected()])){
380 $this->base = $this->dialog->isSelected();
381 }
382 $this->dialog= false;
383 }else{
384 return($this->dialog->execute());
385 }
386 }
388 /* Add objects? */
389 if (isset($_POST["edit_membership"])){
390 $this->group_dialog= TRUE;
391 $this->dialog= TRUE;
392 }
394 /* Add objects finished? */
395 if (isset($_POST["add_object_finish"]) || isset($_POST["add_object_cancel"])){
396 $this->group_dialog= FALSE;
397 $this->dialog= FALSE;
398 }
400 /* Manage object add dialog */
401 if ($this->group_dialog){
403 /* Save data */
404 $ogfilter= session::get("ogfilter");
405 foreach( array("dselect", "regex") as $type){
406 if (isset($_POST[$type])){
407 $ogfilter[$type]= $_POST[$type];
408 }
409 }
410 if (isset($_POST['dselect'])){
411 foreach( array("accounts", "groups", "applications", "departments",
412 "servers", "workstations", "winstations", "terminals", "printers","subtrees",
413 "phones") as $type){
415 if (isset($_POST[$type])) {
416 $ogfilter[$type]= "checked";
417 } else {
418 $ogfilter[$type]= "";
419 }
420 }
421 }
422 if (isset($_GET['search'])){
423 $s= mb_substr($_GET['search'], 0, 1, "UTF8")."*";
424 if ($s == "**"){
425 $s= "*";
426 }
427 $ogfilter['regex']= $s;
428 }
429 session::set("ogfilter", $ogfilter);
430 $this->reload();
432 /* Calculate actual groups / remove entries that are already inside... */
433 $strippedObjects= array();
434 foreach ($this->objects as $key => $value){
435 if (!isset($this->member[$key])){
436 $strippedObjects[$key]= $value;
437 }
438 }
439 $smarty->assign("objects", $this->convert_list($strippedObjects));
441 /* Show dialog */
442 $smarty->assign("search_image", get_template_path('images/lists/search.png'));
443 $smarty->assign("launchimage", get_template_path('images/lists/action.png'));
444 $smarty->assign("tree_image", get_template_path('images/lists/search-subtree.png'));
445 $smarty->assign("deplist", $this->config->idepartments);
446 $smarty->assign("alphabet", generate_alphabet());
447 foreach( array("dselect", "regex", "subtrees") as $type){
448 $smarty->assign("$type", $ogfilter[$type]);
449 }
450 $smarty->assign("hint", print_sizelimit_warning());
451 $smarty->assign("apply", apply_filter());
453 /* Build up checkboxes
454 */
455 $ar = array(
456 "departments" => array(
457 "T" => msgPool::selectToView(_("departments")),
458 "C" => (isset($ogfilter['departments']) && ($ogfilter['departments'])),
459 "L" => sprintf(_("Show %s"),_("departments"))),
460 "accounts" => array(
461 "T" => msgPool::selectToView(_("people")),
462 "C" => (isset($ogfilter['accounts']) && ($ogfilter['accounts'])),
463 "L" => sprintf(_("Show %s"),_("people"))),
464 "groups"=> array(
465 "T" => msgPool::selectToView(_("groups")),
466 "C" => (isset($ogfilter['groups']) && ($ogfilter['groups'])),
467 "L" => sprintf(_("Show %s"),_("groups"))),
468 "servers"=> array(
469 "T" => msgPool::selectToView(_("servers")),
470 "C" => (isset($ogfilter['servers']) && ($ogfilter['servers'])),
471 "L" => sprintf(_("Show %s"),_("servers"))),
472 "workstations"=> array(
473 "T" => msgPool::selectToView(_("workstations")),
474 "C" => (isset($ogfilter['workstations']) && ($ogfilter['workstations'])),
475 "L" => sprintf(_("Show %s"),_("workstations"))),
476 "terminals"=> array(
477 "T" => msgPool::selectToView(_("terminals")),
478 "C" => (isset($ogfilter['terminals']) && ($ogfilter['terminals'])),
479 "L" => sprintf(_("Show %s"),_("terminals"))),
480 "printers"=> array(
481 "T" => msgPool::selectToView(_("printer")),
482 "C" => (isset($ogfilter['printers']) && ($ogfilter['printers'])),
483 "L" => sprintf(_("Show %s"),_("printers"))),
484 "phones"=> array(
485 "T" => msgPool::selectToView(_("phones")),
486 "C" => (isset($ogfilter['phones']) && ($ogfilter['phones'])),
487 "L" => sprintf(_("Show %s"),_("phones"))));
489 /* Allow selecting applications if we are having a non
490 release managed application storage */
491 if(!$this->IsReleaseManagementActivated()){
492 $ar["applications"] = array(
493 "T" => msgPool::selectToView(_("applications")),
494 "C" => (isset($ogfilter['applications']) && ($ogfilter['applications'])),
495 "L" => sprintf(_("Show %s"),_("applications")));
496 }
498 $smarty->assign("checkboxes",$ar);
499 $display= $smarty->fetch (get_template_path('ogroup_objects.tpl', TRUE, dirname(__FILE__)));
500 return ($display);
501 }
503 /* Bases / Departments */
504 if ((isset($_POST['base'])) && ($this->acl_is_moveable())){
505 $this->base= $_POST['base'];
506 }
508 /* Assemble combine string */
509 if ($this->gosaGroupObjects == "[]"){
510 $smarty->assign("combinedObjects", _("none"));
511 } elseif (strlen($this->gosaGroupObjects) > 4){
512 $smarty->assign("combinedObjects", "<font color=red>"._("too many different objects!")."</font>");
513 } else {
514 $conv= array( "U" => _("users"),
515 "G" => _("groups"),
516 "A" => _("applications"),
517 "D" => _("departments"),
518 "S" => _("servers"),
519 "W" => _("workstations"),
520 "O" => _("winstations"),
521 "T" => _("terminals"),
522 "F" => _("phones"),
523 "P" => _("printers"));
525 $type= preg_replace('/[\[\]]/', '', $this->gosaGroupObjects);
526 $p1= $conv[$type[0]];
527 error_reporting(0);
528 if (isset($type[1]) && preg_match('/[UGADSFOWTP]/', $type[1])){
529 $p2= $conv[$type[1]];
530 $smarty->assign("combinedObjects", sprintf("'%s' and '%s'", $p1, $p2));
531 } else {
532 $smarty->assign("combinedObjects", "$p1");
533 }
534 error_reporting(E_ALL | E_STRICT);
535 }
537 /* Assign variables */
538 $smarty->assign("bases", $this->get_allowed_bases());
539 $smarty->assign("base_select", $this->base);
540 $smarty->assign("department", $this->department);
541 $smarty->assign("members", $this->convert_list($this->memberList));
543 /* Objects have to be tuned... */
544 $smarty->assign("objects", $this->convert_list($this->objects));
546 /* Fields */
547 foreach ($this->attributes as $val){
548 $smarty->assign("$val", $this->$val);
549 }
551 /******
552 Trust account
553 ******/
554 $smarty->assign("trusthide", " disabled ");
555 $smarty->assign("trustmodeACL", $this->getacl("trustModel"));
556 if ($this->trustModel == "fullaccess"){
557 $trustmode= 1;
558 // pervent double disable tag in html code, this will disturb our clean w3c html
559 $smarty->assign("trustmode", $this->getacl("trustModel"));
561 } elseif ($this->trustModel == "byhost"){
562 $trustmode= 2;
563 $smarty->assign("trusthide", "");
564 } else {
565 // pervent double disable tag in html code, this will disturb our clean w3c html
566 $smarty->assign("trustmode", $this->getacl("trustModel"));
567 $trustmode= 0;
568 }
569 $smarty->assign("trustmode", $trustmode);
570 $smarty->assign("trustmodes", array( 0 => _("disabled"), 1 => _("full access"),
571 2 => _("allow access to these hosts")));
573 $smarty->assign("workstations", $this->accessTo);
575 if((count($this->accessTo))==0){
576 $smarty->assign("emptyArrAccess",true);
577 }else{
578 $smarty->assign("emptyArrAccess",false);
579 }
580 /******
581 Ende - Trust account
582 ******/
584 return ($smarty->fetch (get_template_path('generic.tpl', TRUE)));
585 }
588 /* Save data to object */
589 function save_object()
590 {
591 /* Save additional values for possible next step */
592 if (isset($_POST['ogroupedit'])){
594 /******
595 Trust account
596 ******/
598 if($this->acl_is_writeable("trustModel")){
599 if (isset($_POST['trustmode'])){
600 $saved= $this->trustModel;
601 if ($_POST['trustmode'] == "1"){
602 $this->trustModel= "fullaccess";
603 } elseif ($_POST['trustmode'] == "2"){
604 $this->trustModel= "byhost";
605 } else {
606 $this->trustModel= "";
607 }
608 if ($this->trustModel != $saved){
609 $this->is_modified= TRUE;
610 }
611 }
612 }
613 /******
614 Ende Trust account
615 ******/
617 /* Create a base backup and reset the
618 base directly after calling plugin::save_object();
619 Base will be set seperatly a few lines below */
620 $base_tmp = $this->base;
621 plugin::save_object();
622 $this->base = $base_tmp;
624 /* Save base, since this is no LDAP attribute */
625 $tmp = $this->get_allowed_bases();
626 if(isset($_POST['base'])){
627 if(isset($tmp[$_POST['base']])){
628 $this->base= $_POST['base'];
629 }
630 }
631 }
632 }
635 /* (Re-)Load objects */
636 function reload()
637 {
638 /*###########
639 Variable initialisation
640 ###########*/
642 $this->objects = array();
643 $this->ui = get_userinfo();
644 $filter = "";
645 $objectClasses = array();
647 $ogfilter = session::get("ogfilter");
648 $regex = $ogfilter['regex'];
650 $ldap= $this->config->get_ldap_link();
651 $ldap->cd ($ogfilter['dselect']);
654 /*###########
655 Generate Filter
656 ###########*/
658 $p_f= array("accounts"=> array("OBJ"=>"user", "CLASS"=>"gosaAccount" ,
659 "DN"=> get_people_ou() ,"ACL" => "users"),
660 "groups" => array("OBJ"=>"group", "CLASS"=>"posixGroup" ,
661 "DN"=> get_groups_ou('ogroupRDN') ,"ACL" => "groups"),
662 "departments" => array("OBJ"=>"department", "CLASS"=>"gosaDepartment" ,
663 "DN"=> "" ,"ACL" => "department"),
664 "servers" => array("OBJ"=>"servgeneric", "CLASS"=>"goServer" ,
665 "DN"=> get_ou('serverRDN') ,"ACL" => "server"),
666 "workstations" => array("OBJ"=>"workgeneric", "CLASS"=>"gotoWorkstation",
667 "DN"=> get_ou('workstationRDN') ,"ACL" => "workstation"),
668 "winstations" => array("OBJ"=>"wingeneric", "CLASS"=>"opsiClient",
669 "DN"=> get_ou('SAMBAMACHINEACCOUNTRDN') ,"ACL" => "winstation"),
670 "terminals" => array("OBJ"=>"termgeneric", "CLASS"=>"gotoTerminal" ,
671 "DN"=> get_ou('terminalRDN') ,"ACL" => "terminal"),
672 "printers" => array("OBJ"=>"printgeneric", "CLASS"=>"gotoPrinter" ,
673 "DN"=> get_ou('printerRDN') ,"ACL" => "printer"),
674 "phones" => array("OBJ"=>"phoneGeneric", "CLASS"=>"goFonHardware" ,
675 "DN"=> get_ou('phoneRDN') ,"ACL" => "phone"));
678 /* Allow searching for applications, if we are not using release managed applications
679 */
680 if(!$this->IsReleaseManagementActivated()){
681 $p_f[ "applications"] = array("OBJ"=>"application", "CLASS"=>"gosaApplication",
682 "DN"=> get_ou('applicationRDN') ,"ACL" => "application");
683 }
685 /*###########
686 Perform search for selected objectClasses & regex to fill list with objects
687 ###########*/
689 $Get_list_flags = 0;
690 if($ogfilter['subtrees'] == "checked"){
691 $Get_list_flags |= GL_SUBSEARCH;
692 }
694 foreach($p_f as $post_name => $data){
696 if($ogfilter[$post_name] == "checked" && class_available($data['OBJ'])){
698 if($ogfilter['subtrees']){
699 $base = $ogfilter['dselect'];
700 }else{
701 $base = $data['DN'].$ogfilter['dselect'];
702 }
705 $filter = "(&(objectClass=".$data['CLASS'].")(|(uid=$regex)(cn=$regex)(ou=$regex)))";
706 $res = get_list($filter, $data['ACL'] , $base,
707 array("description", "objectClass", "sn", "givenName", "uid","ou","cn"),$Get_list_flags);
709 /* fetch results and append them to the list */
710 foreach($res as $attrs){
712 /* Skip workstations which are already assigned to an object group.
713 */
714 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]"){
715 if(in_array($attrs['dn'],$this->used_workstations)){
716 continue;
717 }
718 }
720 $type= $this->getObjectType($attrs);
721 $name= $this->getObjectName($attrs);
723 /* Fill array */
724 if (isset($attrs["description"][0])){
725 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
726 } elseif (isset($attrs["uid"][0])) {
727 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
728 } else {
729 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
730 }
731 }
732 }
733 }
734 uasort ($this->objects, 'sort_list');
735 reset ($this->objects);
738 /*###########
739 Build member list and try to detect obsolete entries
740 ###########*/
742 $this->memberList = array();
744 /* Walk through all single member entry */
745 foreach($this->member as $dn){
747 /* The dn for the current member can't be resolved
748 it seams that this entry was removed
749 */
750 /* Try to resolv the entry again, if it still fails, display error msg */
751 $ldap->cat($dn, array("cn", "sn", "givenName", "ou", "description", "objectClass", "macAddress"));
753 /* It has failed, add entry with type flag I (Invalid)*/
754 if (!$ldap->success()){
755 $this->memberList[$dn]= array('text' => _("Non existing dn:")." ".LDAP::fix($dn),"type" => "I");
757 } else {
759 /* Append this entry to our all object list */
761 /* Fetch object */
762 $attrs= $ldap->fetch();
764 $type= $this->getObjectType($attrs);
765 $name= $this->getObjectName($attrs);
767 if (isset($attrs["description"][0])){
768 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
769 } elseif (isset($attrs["uid"][0])) {
770 $this->objcache[$attrs["dn"]]= array("text" => "$name [".$attrs["uid"][0]."]", "type" => "$type");
771 } else {
772 $this->objcache[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
773 }
774 $this->objcache[$attrs["dn"]]['objectClass'] = $attrs['objectClass'];
776 if(isset($attrs['macAddress'][0])){
777 $this->objcache[$attrs["dn"]]['macAddress'] = $attrs['macAddress'][0];
778 }else{
779 $this->objcache[$attrs["dn"]]['macAddress'] = "";
780 }
782 if(isset($attrs['uid'])){
783 $this->objcache[$attrs["dn"]]['uid'] = $attrs['uid'];
784 }
786 /* Fill array */
787 if (isset($attrs["description"][0])){
788 $this->objects[$attrs["dn"]]= array("text" => "$name [".$attrs["description"][0]."]", "type" => "$type");
789 } else {
790 $this->objects[$attrs["dn"]]= array("text" => "$name", "type" => "$type");
791 }
793 $this->memberList[$dn]= $this->objects[$attrs["dn"]];
794 }
795 }
796 uasort ($this->memberList, 'sort_list');
797 reset ($this->memberList);
799 /* Assemble types of currently combined objects */
800 $objectTypes= "";
801 foreach ($this->memberList as $dn => $desc){
803 /* Invalid object? */
804 if ($desc['type'] == 'I'){
805 continue;
806 }
808 /* Fine. Add to list. */
809 if (!preg_match('/'.$desc['type'].'/', $objectTypes)){
810 $objectTypes.= $desc['type'];
811 }
812 }
813 $this->gosaGroupObjects= "[$objectTypes]";
814 }
817 function convert_list($input)
818 {
819 $temp= "";
820 $conv= array(
821 "Y" => "plugins/users/images/select_template.png",
822 "U" => "plugins/generic/images/head.png",
823 "G" => "plugins/groups/images/groups.png",
824 "A" => "plugins/ogroups/images/application.png",
825 "D" => "plugins/departments/images/department.png",
826 "S" => "plugins/ogroups/images/server.png",
827 "W" => "plugins/ogroups/images/workstation.png",
828 "O" => "plugins/ogroups/images/winstation.png",
829 "T" => "plugins/ogroups/images/terminal.png",
830 "F" => "plugins/ogroups/images/phone.png",
831 "P" => "plugins/ogroups/images/printer.png",
832 "I" => "images/false.png");
834 foreach ($input as $key => $value){
835 /* Generate output */
836 $temp.= "<option title='".addslashes( $key)."' value=\"$key\" class=\"select\" style=\"background-image:url('".get_template_path($conv[$value['type']])."');\">".$value['text']."</option>\n";
837 }
839 return ($temp);
840 }
843 function getObjectType($attrs)
844 {
845 $type= "I";
847 foreach(array(
848 "Y" => "gosaUserTemplate",
849 "U" => "gosaAccount",
850 "G" => "posixGroup",
851 "A" => "gosaApplication",
852 "D" => "gosaDepartment",
853 "S" => "goServer",
854 "W" => "gotoWorkstation",
855 "O" => "opsiClient",
856 "T" => "gotoTerminal",
857 "F" => "goFonHardware",
858 "P" => "gotoPrinter") as $index => $class){
859 if (in_array($class, $attrs['objectClass'])){
860 $type= $index;
861 break;
862 }
863 }
865 return ($type);
866 }
869 function getObjectName($attrs)
870 {
871 /* Person? */
872 $name ="";
873 if (in_array('gosaAccount', $attrs['objectClass'])){
874 if(isset($attrs['sn']) && isset($attrs['givenName'])){
875 $name= $attrs['sn'][0].", ".$attrs['givenName'][0];
876 } else {
877 $name= $attrs['uid'][0];
878 }
879 } else {
880 if(isset($attrs["cn"][0])) {
881 $name= $attrs['cn'][0];
882 } else {
883 $name= $attrs['ou'][0];
884 }
885 }
887 return ($name);
888 }
891 function check()
892 {
893 /* Call common method to give check the hook */
894 $message= plugin::check();
896 /* Permissions for that base? */
897 if ($this->base != ""){
898 $new_dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
899 } else {
900 $new_dn= $this->dn;
901 }
903 /* Check if we have workstations assigned, that are already assigned to
904 another object group. */
905 if ($this->gosaGroupObjects == "[W]" || $this->gosaGroupObjects == "[T]" ) {
906 $test =array_intersect($this->used_workstations,$this->member);
907 if(count($test)){
908 $str = "";
909 foreach($test as $dn){
910 $str .= "<li>".$dn."</li>";
911 }
912 $message[] = sprintf(_("These systems are already configured by other object groups and cannot be added:")."<br><ul>%s</ul>",$str);
913 }
914 }
916 $ldap = $this->config->get_ldap_link();
917 if(LDAP::fix($this->dn) != LDAP::fix($new_dn)){
918 $ldap->cat ($new_dn, array('dn'));
919 }
921 if($ldap->count() !=0){
922 $message[]= msgPool::duplicated(_("Name"));
923 }
925 /* Set new acl base */
926 if($this->dn == "new") {
927 $this->set_acl_base($this->base);
928 }
930 /* must: cn */
931 if ($this->cn == ""){
932 $message[]= msgPool::required(_("Name"));
933 }
935 if (preg_match('/[=,+<>#;]/', $this->cn)) {
936 $message[] = msgPool::invalid(_("Name"), $this->cn, "/[^=+,<>#;]/");
937 }
939 /* To many different object types? */
940 if (strlen($this->gosaGroupObjects) > 4){
941 $message[]= _("You can combine two different object types at maximum, only!");
942 }
944 /* Check if we are allowed to create or move this object
945 */
946 if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
947 $message[] = msgPool::permCreate();
948 }elseif($this->orig_dn != "new" && $this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
949 $message[] = msgPool::permMove();
950 }
952 return ($message);
953 }
956 /* Save to LDAP */
957 function save()
958 {
959 plugin::save();
961 /* Move members to target array */
962 $this->attrs['member'] =array();
963 foreach ($this->member as $key => $desc){
964 $this->attrs['member'][]= LDAP::fix($key);
965 }
967 $ldap= $this->config->get_ldap_link();
969 /* New accounts need proper 'dn', propagate it to remaining objects */
970 if ($this->dn == 'new'){
971 $this->dn= 'cn='.$this->cn.','.get_ou('ogroupRDN').$this->base;
972 }
974 /* Save data. Using 'modify' implies that the entry is already present, use 'add' for
975 new entries. So do a check first... */
976 $ldap->cat ($this->dn, array('dn'));
977 if ($ldap->fetch()){
978 /* Modify needs array() to remove values :-( */
979 if (!count ($this->member)){
980 $this->attrs['member']= array();
981 }
982 $mode= "modify";
984 } else {
985 $mode= "add";
986 $ldap->cd($this->config->current['BASE']);
987 $ldap->create_missing_trees(preg_replace('/^[^,]+,/', '', $this->dn));
988 }
990 /******
991 Trust accounts
992 ******/
993 $objectclasses= array();
994 foreach ($this->attrs['objectClass'] as $key => $class){
995 if (preg_match('/trustAccount/i', $class)){
996 continue;
997 }
998 $objectclasses[]= $this->attrs['objectClass'][$key];
999 }
1000 $this->attrs['objectClass']= $objectclasses;
1001 if ($this->trustModel != ""){
1002 $this->attrs['objectClass'][]= "trustAccount";
1003 $this->attrs['trustModel']= $this->trustModel;
1004 $this->attrs['accessTo']= array();
1005 if ($this->trustModel == "byhost"){
1006 foreach ($this->accessTo as $host){
1007 $this->attrs['accessTo'][]= $host;
1008 }
1009 }
1010 } else {
1011 if ($this->was_trust_account){
1012 $this->attrs['accessTo']= array();
1013 $this->attrs['trustModel']= array();
1014 }
1015 }
1017 /******
1018 Ende - Trust accounts
1019 ******/
1021 /* Write back to ldap */
1022 $ldap->cd($this->dn);
1023 $this->cleanup();
1024 $ldap->$mode($this->attrs);
1026 if($mode == "add"){
1027 new log("create","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1028 }else{
1029 new log("modify","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1030 }
1032 /* Trigger post signal */
1033 $this->handle_post_events($mode);
1035 $ret= 0;
1036 if (!$ldap->success()){
1037 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
1038 $ret= 1;
1039 }
1041 return ($ret);
1042 }
1044 function remove_from_parent()
1045 {
1046 plugin::remove_from_parent();
1048 $ldap= $this->config->get_ldap_link();
1049 $ldap->rmdir($this->dn);
1050 if (!$ldap->success()){
1051 msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()));
1052 }
1054 new log("remove","ogroups/".get_class($this),$this->dn,array_keys($this->attrs),$ldap->get_error());
1056 /* Trigger remove signal */
1057 $this->handle_post_events("remove");
1058 }
1061 function PrepareForCopyPaste($source)
1062 {
1063 /* Update available object types */
1064 if(isset($source['gosaGroupObjects'][0])){
1065 $this->gosaGroupObjects = $source['gosaGroupObjects'][0];
1066 }
1068 /* Reload tabs */
1069 $this->parent->reload($this->gosaGroupObjects );
1071 /* Reload plugins */
1072 foreach($this->parent->by_object as $name => $class ){
1073 if(get_class($this) != $name) {
1074 $this->parent->by_object[$name]->PrepareForCopyPaste($source);
1075 }
1076 }
1078 /* Load member objects */
1079 if (isset($source['member'])){
1080 foreach ($source['member'] as $key => $value){
1081 if ("$key" != "count"){
1082 $value= @LDAP::convert($value);
1083 $this->member["$value"]= "$value";
1084 }
1085 }
1086 }
1088 }
1091 function getCopyDialog()
1092 {
1093 $smarty = get_smarty();
1094 $smarty->assign("cn", $this->cn);
1095 $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
1096 $ret = array();
1097 $ret['string'] = $str;
1098 $ret['status'] = "";
1099 return($ret);
1100 }
1102 function saveCopyDialog()
1103 {
1104 if(isset($_POST['cn'])){
1105 $this->cn = $_POST['cn'];
1106 }
1107 }
1110 function IsReleaseManagementActivated()
1111 {
1112 /* Check if we should enable the release selection */
1113 $tmp = $this->config->search("faiManagement", "CLASS",array('menu','tabs'));
1114 if(!empty($tmp)){
1115 return(true);
1116 }
1117 return(false);
1118 }
1121 static function plInfo()
1122 {
1123 return (array(
1124 "plShortName" => _("Generic"),
1125 "plDescription" => _("Object group generic"),
1126 "plSelfModify" => FALSE,
1127 "plDepends" => array(),
1128 "plPriority" => 1,
1129 "plSection" => array("administration"),
1130 "plCategory" => array("ogroups" => array("description" => _("Object groups"),
1131 "objectClass" => "gosaGroupOfNames")),
1132 "plProvidedAcls"=> array(
1133 "cn" => _("Name"),
1134 "base" => _("Base"),
1135 "description" => _("Description"),
1136 "trustModel" => _("Sytem trust"),
1137 "member" => _("Member"))
1138 ));
1139 }
1140 }
1142 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1143 ?>