Skip to content
GitLab
Select Git revision
  • dev default
  • 6378-orcid-test-method-is-wrong-and-break-orcid-saving
  • core-php8
  • master
  • 6342-update-the-locales-for-1-5
  • 6344-template-issue-when-creating-a-template-with-empty-password-error-message-should-not-be-seen
  • 6365-core-locking-mechanism-is-not-changing-the-mail-ressource-it-does-lock-the-mail-account
  • 6365-core-when-lock-mechanism-is-trigger-the-user-should-not-be-editable-if-not-unlock
  • fusiondirectory-1.5
  • fusiondirectory-1.4
  • fusiondirectory-1.3.1
  • fusiondirectory-1.3
  • fusiondirectory-1.2.3
  • fusiondirectory-1.2.2
  • fusiondirectory-1.2.1
  • fusiondirectory-1.2
  • fusiondirectory-1.1.1
  • fusiondirectory-1.1
  • fusiondirectory-1.0.20
  • fusiondirectory-1.0.19
  • fusiondirectory-1.0.18
  • fusiondirectory-1.0.17
  • fusiondirectory-1.0.16
  • fusiondirectory-1.0.15
  • fusiondirectory-1.0.14
  • fusiondirectory-1.0.13
  • fusiondirectory-1.0.12
  • fusiondirectory-1.0.11
Find file BlameHistoryPermalink
class_ogroup.inc 11.86 KiB
1 
<?php
2 
/*
3 
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
4 
  Copyright (C) 2003  Cajus Pollmeier
5 
  Copyright (C) 2011-2016  FusionDirectory
6
7 
  This program is free software; you can redistribute it and/or modify
8 
  it under the terms of the GNU General Public License as published by
9 
  the Free Software Foundation; either version 2 of the License, or
10 
  (at your option) any later version.
11
12 
  This program is distributed in the hope that it will be useful,
13 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
14 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 
  GNU General Public License for more details.
16
17 
  You should have received a copy of the GNU General Public License
18 
  along with this program; if not, write to the Free Software
19 
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
20 
*/
21
22 
class ObjectsAttribute extends GenericDialogAttribute
23 
{
24 
  protected $dialogClass  = 'ObjectSelectDialog';
25 
  protected $types        = array();
26
27 
  function getFilterBlackList ()
28 
  {
29 
    return array(
30 
      'dn' => array_merge($this->getValue(), $this->plugin->used_workstations, array($this->plugin->dn))
31 
    );
32 
  }
33
34 
  protected function fillDisplayValueFrom ($i, $attrs)
35 
  {
36 
    if ($attrs) {
37 
      foreach (ogroup::$objectTypes as $code => $objectType) {
38 
        try {
39 
          if (objects::isOfType($attrs, $objectType)) {
40 
            $infos = objects::infos($objectType);
41 
            $this->types[$i]    = $code;
42 
            $this->displays[$i] = $attrs[$infos['nameAttr']][0];
43 
            if (strtolower($objectType) == 'user') {
44 
              if (isset($attrs['description'][0])) {
45 
                $this->displays[$i] .= ' ['.$attrs['uid'][0].' - '.$attrs['description'][0].']';
46 
              } else {
47 
                $this->displays[$i] .= ' ['.$attrs['uid'][0].']';
48 
              }
49 
            } elseif (isset($attrs['description'][0])) {
50 
              $this->displays[$i] .= ' ['.$attrs['description'][0].']';
51 
            }
52 
            break;
53 
          }
54 
        } catch (NonExistingObjectTypeException $e) {
55 
          @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $e->getMessage(), "Objecttype");
56 
          unset(ogroup::$objectTypes[$code]);
57 
        }
58 
      }
59 
      if (!isset($this->displays[$i])) {
60 
        trigger_error('Unkown type for "'.$this->value[$i].'"');
61 
        $this->displays[$i] = sprintf(_('Unknown type : %s'), $this->value[$i]);
62 
        $this->types[$i]    = 'I';
63 
      }
64 
    } else {
65 
      if (($attrs === NULL) && $this->isTemplate()) {
66 
        $this->displays[$i] = $this->value[$i];
67 
        $this->types[$i]    = 'I';
68 
      } else {
69 
        $this->displays[$i] = sprintf(_('Non existing dn: %s'), $this->value[$i]);
70 
        $this->types[$i]    = 'I';
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
} } } function renderOnlyFormInput() { if (($this->size < 15) && ($this->size < count($this->value))) { $this->size = min(15, count($this->value)); } $id = $this->getHtmlId(); $display = '<select multiple="multiple" name="row'.$id.'[]" id="row'.$id.'" size="'.$this->size.'"'. ($this->disabled ? ' disabled="disabled"' : ''). ' >'."\n"; foreach ($this->getDisplayValues() as $key => $value) { try { $infos = array(); if ($this->types[$key] !== 'I') { $infos = objects::infos(ogroup::$objectTypes[$this->types[$key]]); } } catch (NonExistingObjectTypeException $e) { die('No type for '.$key.' '.$value); } if (isset($infos['icon'])) { $img = $infos['icon']; } else { $img = 'images/empty.png'; } $display .= '<option value="'.$key.'" class="select"'. ' style="background-image:url(\''.get_template_path($img).'\');"'. '>'.$value."</option>\n"; } $display .= '</select><br/>'."\n"; return $display; } function ldapAttributesToGet() { return array( 'objectClass', 'cn', 'sn', 'ou', 'uid', 'givenName', 'description', ); } function listObjectTypes() { /* Refresh types and displays */ $this->getDisplayValues(); return '['.join(array_unique($this->types)).']'; } function getTypedValues () { $values = $this->getValue(); $ret = array(); foreach ($values as $i => $v) { if (!isset($ret[$this->types[$i]])) { $ret[$this->types[$i]] = array(); } $ret[$this->types[$i]][] = $v; } return $ret; } protected function removeValue ($row)
141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
{ parent::removeValue($row); unset($this->types[$row]); } } class ObjectSelectDialog extends GenericSelectDialog { protected $dialogClass = 'objectSelect'; } class ogroup extends simplePlugin { var $objectclasses = array('groupOfNames', 'gosaGroupOfNames'); var $used_workstations = array(); protected $savedTypedMembers; static $objectTypes = array( 'U' => 'user', 'G' => 'ogroup', 'A' => 'application', 'S' => 'server', 'W' => 'workstation', 'T' => 'terminal', 'F' => 'phone', 'P' => 'printer', 'D' => 'simpleSecurityObject', ); static function plInfo() { return array( 'plShortName' => _('Object group'), 'plDescription' => _('Object group information'), 'plSelfModify' => FALSE, 'plPriority' => 1, 'plObjectType' => array('ogroup' => array( 'name' => _('Group'), 'description' => _('Group'), 'ou' => get_ou('ogroupRDN'), 'filter' => 'objectClass=groupOfNames', 'icon' => 'geticon.php?context=types&icon=resource-group&size=16', 'tabClass' => 'ogrouptabs', )), 'plForeignKeys' => array( 'member' => array( array('user'), array('ogroup'), array('application'), array('serverGeneric'), array('workstationGeneric'), array('terminalGeneric'), array('phoneGeneric'), array('printGeneric'), ), 'owner' => array( array('user'), ) ), 'plProvidedAcls' => parent::generatePlProvidedAcls(static::getAttributesInfo()) ); } static function getAttributesInfo () { return array( 'main' => array(
211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280
'name' => _('Properties'), 'attrs' => array( new BaseSelectorAttribute(get_ou('ogroupRDN')), new StringAttribute( _('Name'), _('Name of this group'), 'cn', TRUE, '', '', (strict_uid_mode() ? '/^[a-z0-9_-]+$/' : '/^[a-z0-9_.-]+$/i') ), new TextAreaAttribute( _('Description'), _('Short description of this group'), 'description', FALSE ), new HiddenAttribute('gosaGroupObjects'), new UserAttribute( _('Owner'), _('Owner'), 'owner', FALSE ), ) ), 'members' => array( 'name' => _('Member objects'), 'attrs' => array( new ObjectsAttribute( '', _('Objects member of this group'), 'member', TRUE, array(), 'dn' ) ) ), 'system_trust' => array( 'name' => _('System trust'), 'icon' => 'geticon.php?context=status&icon=locked&size=16', 'attrs' => array( new SelectAttribute( _('Trust mode'), _('Type of authorization for those hosts'), 'trustMode', FALSE, array('', 'fullaccess', 'byhost'), '', array(_('disabled'), _('full access'), _('allow access to these hosts')) ), new SystemsAttribute( '', _('Only allow this group to connect to this list of hosts'), 'host', FALSE ) ) ) ); } function __construct ($dn = NULL, $object = NULL, $parent = NULL, $mainTab = FALSE) { parent::__construct($dn, $object, $parent, $mainTab); $this->attributesAccess['trustMode']->setInLdap(FALSE); $this->attributesAccess['trustMode']->setManagedAttributes( array( 'multiplevalues' => array('notbyhost' => array('','fullaccess')), 'erase' => array( 'notbyhost' => array('host') ) ) ); if ((count($this->host) == 1) && ($this->host[0] == '*')) { $this->trustMode = 'fullaccess'; } elseif (count($this->host) > 0) { $this->trustMode = 'byhost'; } /* Detect all workstations, which are already assigned to an object group - Those objects will be hidden in the add object dialog.
281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350
- Check() will complain if such a system is assigned to this object group.*/ $this->used_workstations = array(); try { $ws_dns = array_keys(objects::ls(array('workstation','terminal'))); $res = objects::ls('ogroup', array('member' => '*'), NULL, '(&(member=*)(|(gosaGroupObjects=[W])(gosaGroupObjects=[T])))'); } catch (NonExistingObjectTypeException $e) { /* If workstation/terminal objectType is not existing, systems plugin is missing so there are no systems */ $ws_dns = array(); $res = array(); } foreach ($res as $odn => $og) { if ($odn == $this->dn) { continue; } $this->used_workstations = array_merge($this->used_workstations, array_intersect($ws_dns, $og['member'])); } $this->reload(); $this->savedTypedMembers = $this->attributesAccess['member']->getTypedValues(); } /*! \brief This function returns an LDAP filter for this plugin object classes */ function getObjectClassFilter () { return '(objectClass=groupOfNames)'; } function is_this_account($attrs) { $this->objectclasses = array('groupOfNames'); $found = parent::is_this_account($attrs); $this->objectclasses = array('groupOfNames', 'gosaGroupOfNames'); return $found; } function prepare_save() { $this->reload(); $errors = parent::prepare_save(); if ($this->trustMode == 'fullaccess') { $this->attrs['host'] = array('*'); } /* Trust accounts */ if (($this->trustMode != "") && !in_array('hostObject', $this->attrs['objectClass'])) { $this->attrs['objectClass'][] = 'hostObject'; } elseif (($this->trustMode == "") && (($key = array_search('hostObject', $this->attrs['objectClass'])) !== FALSE)) { unset($this->attrs['objectClass'][$key]); } return $errors; } function reload() { $this->gosaGroupObjects = $this->attributesAccess['member']->listObjectTypes(); } function check() { $message = parent::check(); $this->reload(); if (preg_match('/W/', $this->gosaGroupObjects) && preg_match('/T/', $this->gosaGroupObjects)) { $message[] = _('Putting both workstations and terminals in the same group is not allowed'); } return $message; }
351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396
function ldap_save() { global $ui; $errors = array(); if (isset($this->attrs['member'])) { $userMembers = array(); $savedMembers = array(); $members = $this->attributesAccess['member']->getTypedValues(); if (isset($members['U'])) { $userMembers = $members['U']; } if (isset($this->savedTypedMembers['U'])) { $savedMembers = $this->savedTypedMembers['U']; } $addingMembers = array_diff($userMembers, $savedMembers); $removingMembers = array_diff($savedMembers, $userMembers); foreach ($addingMembers as $dn) { if (strpos($ui->get_permissions($dn, 'user/user', 'groupsMembership', $this->acl_skip_write()), 'w') === FALSE) { $errors[] = msgPool::permModify($dn, 'groupsMembership'); } } foreach ($removingMembers as $dn) { if (strpos($ui->get_permissions($dn, 'user/user', 'groupsMembership', $this->acl_skip_write()), 'w') === FALSE) { $errors[] = msgPool::permModify($dn, 'groupsMembership'); } } } if (!empty($errors)) { return $errors; } return parent::ldap_save(); } function getGroupObjectTypes() { $this->reload(); return $this->gosaGroupObjects; } } ?>