![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
[gosa.git] / branches / old / gosa-plugins / mit-krb5 / admin / systems / services / kerberos / class_goKrbServer.inc
diff --git a/branches/old/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_goKrbServer.inc b/branches/old/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_goKrbServer.inc
--- /dev/null
@@ -0,0 +1,400 @@
+<?php
+/*
+ This code is part of GOsa (https://gosa.gonicus.de)
+ Copyright (C) 2008 Fabian Hickert
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+/*! brief The kerberos service class
+ */
+class goKrbServer extends goService{
+
+ var $cli_summary = "This pluign is used within the ServerService Pluign \nand indicates that this server supports NTP service.";
+ var $cli_description = "Some longer text\nfor help";
+ var $cli_parameters = array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");
+
+ /* This plugin only writes its objectClass */
+ var $objectclasses = array("goKrbServer");
+ var $attributes = array("goKrbRealm");
+ var $StatusFlag = "goKrbServerStatus";
+
+ /* This class can't be assigned twice so it conflicts with itsself */
+ var $conflicts = array("goKrbServer");
+
+ var $DisplayName = "";
+ var $dn = NULL;
+ var $goKrbServerStatus= "";
+ var $cn = "";
+ var $goKrbRealm = "";
+ var $view_logged = FALSE;
+
+ var $policies = array();
+ var $id = -1;
+ var $macAddress = "" ;
+
+
+ /*! \brief Initializes the kerberos service
+ @param Object GOsa configuration object.
+ @param String The object dn we are currently editing.
+ @param Object The parent object.
+ */
+ public function goKrbServer(&$config,$dn,$parent)
+ {
+ goService::goService($config,$dn);
+ $this->DisplayName = _("Kerberos service");
+ $this->parent = $parent;
+
+ /* Detect macAddress of this device
+ */
+ $this->macAddress = "";
+ if(isset($this->parent->parent->netConfigDNS->macAddress)){
+ $this->macAddress = &$this->parent->parent->netConfigDNS->macAddress;
+ }
+
+ /* Get configured policies
+ */
+ if(!empty($this->macAddress) && $this->is_account){
+ $o = new gosaSupportDaemon();
+ $tmp = $o->krb5_list_policies($this->macAddress);
+ if($o->is_error()){
+ msg_dialog::display(_("Service infrastructure"),msgPool::siError($o->get_error()),ERROR_DIALOG);
+ }else{
+ $this->policies = array();
+ foreach($tmp as $policy){
+ $this->policies[] = array("NAME" => $policy,"STATUS" => "LOADED","DATA" => array());
+ }
+ }
+ }
+ }
+
+
+ /*! \brief Create HTML output
+ @return String HMTL output.
+ */
+ public function execute()
+ {
+ $smarty = get_smarty();
+ $smarty->assign("MIT_KRB", class_available("passwordMethodMIT"));
+
+ if(!$this->view_logged){
+ $this->view_logged = TRUE;
+ new log("view","server/".get_class($this),$this->dn);
+ }
+
+ /*******
+ Display sub dialogs
+ *******/
+
+ /* CANCEL Policy dialog
+ */
+ if(isset($_POST['cancel_policy'])){
+ $this->dialog = NULL;
+ }
+
+ /* SAVE Policy dialog
+ */
+ if($this->dialog instanceof krb5_policy && isset($_POST['save_policy'])){
+ $this->dialog->save_object();
+ $msgs = $this->dialog->check();
+ if(count($msgs)){
+ msg_dialog::displayChecks($msgs);
+ }else{
+ $this->AddPolicy($this->id,$this->dialog->save());
+ $this->dialog = NULL;
+ }
+ }
+
+ /* DISPLAY policy dialog
+ */
+ if($this->dialog instanceof krb5_policy){
+ $this->dialog->save_object();
+ return($this->dialog->execute());
+ }
+
+ /*******
+ Create HTML output for this plugin
+ *******/
+
+ $tmp = $this->plinfo();
+ foreach($tmp['plProvidedAcls'] as $name => $translation){
+ $smarty->assign($name."ACL",$this->getacl($name));
+ }
+
+ foreach($this->attributes as $attr){
+ $smarty->assign($attr,$this->$attr);
+ }
+
+ $divlist = new divSelectBox("Kerberos Policies");
+ $action = "<input type='image' src='images/lists/edit.png' class='center' name='policy_edit_%id'>";
+ $action .= "<input type='image' src='images/lists/trash.png' class='center' name='policy_del_%id'>";
+ foreach($this->policies as $key => $policy){
+ if($policy['STATUS'] == "REMOVED") continue;
+
+ $actions = preg_replace("/%id/",$key,$action);
+ $field1 = array("string" => $policy['NAME']);
+ $field3 = array("string" => $actions,
+ "attach"=>"style='width:40px; text-align:right; border:0px;'");
+
+ $divlist->AddEntry(array($field1,$field3));
+ }
+
+ $smarty->assign("divlist",$divlist->DrawList());
+ return($smarty->fetch(get_template_path("goKrbServer.tpl",TRUE,dirname(__FILE__))));
+ }
+
+
+ /* \brief Return serice informations, which will be shown in the service overview.
+ @return Array Some service information.
+ */
+ public function getListEntry()
+ {
+ $fields = goService::getListEntry();
+ $fields['Message'] = _("Kerberos service (kadmin access informations)");
+ #$fields['AllowEdit'] = true;
+ return($fields);
+ }
+
+
+ /*! \brief Checks if all given values are valid
+ @return Array An array containing all error messages.
+ */
+ public function check()
+ {
+ $message = plugin::check();
+ if (empty($this->goKrbRealm)){
+ $message[]= msgPool::required(_("Realm"));
+ }
+ if(count($this->policies) && (empty($this->macAddress) || !tests::is_mac($this->macAddress))){
+ $message[] = _("Cannot apply policy changes! The defined kerberos server has no mac address.");
+ }
+ return($message);
+ }
+
+
+ /*! \brief Adds or updated a given policy.
+ @param Integer ID The policy to update, or -1 if it is a new one.
+ @param Array The policy settings.
+ */
+ public function AddPolicy($id,$policy)
+ {
+ if($id != -1 && $this->policies[$id]['NAME'] == $policy['NAME']){
+
+ /* Policy was edited
+ */
+ if($this->policies[$id]['STATUS'] == "LOADED"){
+ $policy['STATUS'] = "EDITED";
+ }else{
+ $policy['STATUS'] = $this->policies[$id]['STATUS'];
+ }
+ $this->policies[$this->id] = $policy;
+
+ }elseif($id != -1 && $this->policies[$id]['NAME'] != $policy['NAME']){
+
+ /* Policy was renamed, remove old and add new policy
+ */
+ $this->RemovePolicy($id);
+ $this->AddPolicy(-1,$policy);
+ }else{
+
+ /* Policy was added
+ */
+ $name = $policy['NAME'];
+
+ /* Check if there is already a policy with this name
+ which was removed before
+ */
+ foreach($this->policies as $pid => $entry){
+ if($entry['NAME'] == $name && $entry['STATUS'] == "REMOVED"){
+ $id = $pid;
+ break;
+ }
+ }
+
+ /* Update existing policy or create new one
+ */
+ if(isset($this->policies[$id])){
+ $policy['STATUS'] = "EDITED";
+ $this->policies[$id] = $policy;
+ }else{
+ $policy['STATUS'] = "ADDED";
+ $this->policies[] = $policy;
+ }
+ }
+ }
+
+
+ /*! \brief Returns all used policy names.
+ @return Array A list of used policy names.
+ */
+ public function getPolicyNames()
+ {
+ $ret = array();
+ foreach($this->policies as $policy){
+ if($policy['STATUS'] == "REMOVED") continue;
+ $ret[] = $policy['NAME'];
+ }
+ return($ret);
+ }
+
+
+ /*! \brief Marks a policy as remvoed
+ @param Integer the Id of the policy to remove
+ */
+ public function RemovePolicy($id)
+ {
+ /* Load policy information, if not done before
+ */
+ if($this->policies[$id]['STATUS'] == "LOADED" && empty($this->policies[$id]['DATA'])){
+ $o = new gosaSupportDaemon();
+ $this->policies[$id]['DATA'] = $o->krb5_get_policy($this->macAddress,$this->policies[$id]['NAME']);
+ }
+ if($this->policies[$id]['DATA']['POLICY_REFCNT']){
+ msg_dialog::display(_("Remove"),msgPool::stillInUse(_("Policy")),ERROR_DIALOG) ;
+ }else{
+ if($this->policies[$id]['STATUS'] == "ADDED"){
+ unset($this->policies[$id]);
+ }else{
+ $this->policies[$id]['STATUS'] = "REMOVED";
+ }
+ }
+ }
+
+
+ /*! \brief Save POSTed html variables
+ */
+ public function save_object()
+ {
+ if(isset($_POST['goKrbServerPosted'])){
+ plugin::save_object();
+
+ /* Add new Policy requested
+ */
+ if(isset($_POST['policy_add']) && class_available("krb5_policy")){
+ $this->dialog = new krb5_policy($this->config,array(),$this);
+ $this->id = -1;
+ }
+
+ /* Walk through POSTs an check for image-button posts
+ */
+ foreach($_POST as $name => $value){
+
+ /* Remove policy requested
+ */
+ if(preg_match("/^policy_del/",$name)){
+ $id = preg_replace("/^policy_del_([0-9]*)_.*/i","\\1",$name);
+ if(isset($this->policies[$id])){
+ $this->RemovePolicy($id);
+ }
+ break;
+ }
+
+ /* Edit Policy requested
+ */
+ if(preg_match("/^policy_edit/",$name)){
+ $id = preg_replace("/^policy_edit_([0-9]*)_.*/i","\\1",$name);
+ if(isset($this->policies[$id])){
+
+ /* Load policy information, if not done before
+ */
+ if($this->policies[$id]['STATUS'] == "LOADED" && empty($this->policies[$id]['DATA'])){
+ $o = new gosaSupportDaemon();
+ $this->policies[$id]['DATA'] = $o->krb5_get_policy($this->macAddress,$this->policies[$id]['NAME']);
+ }
+
+ /* Open dialog */
+ $this->id = $id;
+ $this->dialog = new krb5_policy($this->config,$this->policies[$id], $this);
+ }
+ break;
+ }
+ }
+ }
+ }
+
+
+ /*! \brief Save changes to ldap
+ */
+ public function save()
+ {
+ goService::save();
+
+ /* Send policy changes back to the si daemon
+ */
+ $actions = array("del" => array(),"add_edit" => array());
+ foreach($this->policies as $policy){
+
+ /* Unset not used vars */
+ if(isset($policy['DATA']['MASK'])) unset($policy['DATA']['MASK']);
+ if(isset($policy['DATA']['POLICY_REFCNT'])) unset($policy['DATA']['POLICY_REFCNT']);
+
+ switch($policy['STATUS']){
+ case "REMOVED" : $actions['del'] [] = $policy;break;
+ case "ADDED" :
+ case "EDITED" : $actions['add_edit'] [] = $policy;break;
+ }
+ }
+
+ $o = new gosaSupportDaemon();
+ $policies = $o->krb5_list_policies($this->macAddress);
+
+ /* Send remove policy event
+ */
+ foreach($actions['del'] as $policy){
+ if(!in_array($policy['NAME'],$policies)) continue;
+ if(!$o->krb5_del_policy($this->macAddress,$policy['NAME'])){
+ msg_dialog::display(_("Service infrastructure"),msgPool::siError($o->get_error()),ERROR_DIALOG);
+ }
+ }
+
+ /* Send add new/edit policy event
+ */
+ foreach($actions['add_edit'] as $policy){
+ if(in_array($policy['NAME'],$policies)){
+ if(!$o->krb5_set_policy($this->macAddress,$policy['NAME'],$policy['DATA'])){
+ msg_dialog::display(_("Service infrastructure"),msgPool::siError($o->get_error()),ERROR_DIALOG);
+ }
+ }else{
+ if(!$o->krb5_add_policy($this->macAddress,$policy['NAME'],$policy['DATA'])){
+ msg_dialog::display(_("Service infrastructure"),msgPool::siError($o->get_error()),ERROR_DIALOG);
+ }
+ }
+ }
+ }
+
+
+ /*! \brief Return plugin informations for acl handling
+ @return Array ACL infos.
+ */
+ static function plInfo()
+ {
+ return (array(
+ "plShortName" => _("Kerberos"),
+ "plDescription" => _("Kerberos access information")." ("._("Services").")",
+ "plSelfModify" => FALSE,
+ "plDepends" => array(),
+ "plPriority" => 95,
+ "plSection" => array("administration"),
+ "plCategory" => array("server"),
+
+ "plProvidedAcls"=> array(
+ "goKrbPolicy" => _("Policies"),
+ "goKrbRealm" => _("Realm"))
+ ));
+ }
+}
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>