Commit 868136ca authored by Côme Chilliet's avatar Côme Chilliet
Browse files

Fixes #5363 Moved POSIX to a plugin and adapted code to this

parent 0e2732d6
......@@ -2228,12 +2228,14 @@ function check_schema($cfg)
$checks['template-fd']['IS_MUST_HAVE'] = FALSE;
$checks['template-fd']['INFO'] = _('Used to store templates.');
/* nis */
$checks['nis'] = $def_check;
$checks['nis']['SCHEMA_FILE'] = 'nis.schema';
$checks['nis']['CLASSES_REQUIRED'] = array('posixAccount');
$checks['nis']['IS_MUST_HAVE'] = FALSE;
$checks['nis']['INFO'] = _('Used to store POSIX information.');
if (class_available('posixAccount')) {
/* nis */
$checks['nis'] = $def_check;
$checks['nis']['SCHEMA_FILE'] = 'nis.schema';
$checks['nis']['CLASSES_REQUIRED'] = array('posixAccount');
$checks['nis']['IS_MUST_HAVE'] = FALSE;
$checks['nis']['INFO'] = _('Used to store POSIX information.');
}
foreach ($checks as $name => $value) {
foreach ($value['CLASSES_REQUIRED'] as $class) {
......
......@@ -217,7 +217,7 @@ class ACLsAssignmentAttribute extends DialogOrderedArrayAttribute
} else {
$value['role'] = $newvalue;
}
} elseif (in_array($source['CLASS'], array('user','group','roleGeneric')) && (($member_key = array_search($oldvalue, $value['members'])) !== FALSE)) {
} elseif (in_array($source['CLASS'], array('user','posixGroup','roleGeneric')) && (($member_key = array_search($oldvalue, $value['members'])) !== FALSE)) {
if ($newvalue === NULL) {
unset($value['members'][$member_key]);
} elseif ($source['MODE'] == 'move') {
......@@ -225,7 +225,7 @@ class ACLsAssignmentAttribute extends DialogOrderedArrayAttribute
} elseif ($source['MODE'] == 'copy') {
$value['members'][] = $newvalue;
}
} elseif (!in_array($source['CLASS'], array('aclRole','user','group','roleGeneric'))) {
} elseif (!in_array($source['CLASS'], array('aclRole','user','posixGroup','roleGeneric'))) {
trigger_error('unknown source '.$source['CLASS']);
}
}
......@@ -237,9 +237,9 @@ class ACLsAssignmentAttribute extends DialogOrderedArrayAttribute
foreach ($this->value as $value) {
if (($source['CLASS'] == 'aclRole') && ($value['role'] == $oldvalue)) {
return TRUE;
} elseif (in_array($source['CLASS'], array('user','group','roleGeneric')) && in_array($oldvalue, $value['members'])) {
} elseif (in_array($source['CLASS'], array('user','posixGroup','roleGeneric')) && in_array($oldvalue, $value['members'])) {
return TRUE;
} elseif (!in_array($source['CLASS'], array('aclRole','user','group','roleGeneric'))) {
} elseif (!in_array($source['CLASS'], array('aclRole','user','posixGroup','roleGeneric'))) {
trigger_error('unknown source '.$source['CLASS']);
}
}
......@@ -277,7 +277,7 @@ class aclAssignment extends simplePlugin
'gosaAclEntry' => array(
array('aclRole', 'dn', 'gosaAclEntry=*:*:%b|oldvalue%:*'),
array('user', 'dn', 'gosaAclEntry=*:*:*:*%b|oldvalue%*'),
array('group', 'dn', 'gosaAclEntry=*:*:*:*%b|oldvalue%*'),
array('posixGroup', 'dn', 'gosaAclEntry=*:*:*:*%b|oldvalue%*'),
array('roleGeneric', 'dn', 'gosaAclEntry=*:*:*:*%b|oldvalue%*'),
)
),
......
<?php
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2003 Cajus Pollmeier
Copyright (C) 2011-2016 FusionDirectory
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
class group extends simplePlugin
{
var $objectclasses = array('posixGroup');
protected $locks = array();
static function plInfo()
{
if (class_available('mixedGroup')) {
return array();
}
return array(
'plShortName' => _('Group'),
'plDescription' => _('POSIX group information'),
'plSelfModify' => FALSE,
'plObjectType' => array('group' => array(
'name' => _('POSIX group'),
'description' => _('POSIX user group'),
'ou' => get_ou('groupRDN'),
'filter' => 'objectClass=posixGroup',
'icon' => 'geticon.php?context=types&icon=user-group&size=16',
'mainAttr' => 'cn',
)),
'plForeignKeys' => array(
'memberUid' => array('user','uid')
),
'plProvidedAcls' => parent::generatePlProvidedAcls(static::getAttributesInfo())
);
}
static function getAttributesInfo ()
{
return array(
'main' => array(
'name' => _('Properties'),
'attrs' => array(
new BaseSelectorAttribute(get_ou('groupRDN')),
new StringAttribute(
_('Name'), _('Name of this group'),
'cn', TRUE,
'', '', (strict_uid_mode() ? '/^[a-z0-9_-]+$/' : '/^[a-z0-9_.-]+$/i')
),
new TextAreaAttribute(
_('Description'), _('Short description of this group'),
'description', FALSE
),
new BooleanAttribute(
_('Force GID'), _('Force GID value for this group'),
'force_id', FALSE
),
new IntAttribute(
_('GID'), _('GID value for this group'),
'gidNumber', FALSE,
0, FALSE, ''
)
)
),
'members' => array(
'name' => _('Group members'),
'attrs' => array(
new UsersAttribute(
'', _('Group members'),
'memberUid', FALSE,
array(), 'uid'
)
)
),
'system_trust' => array(
'name' => _('System trust'),
'icon' => 'geticon.php?context=status&icon=locked&size=16',
'attrs' => array(
new SelectAttribute(
_('Trust mode'), _('Type of authorization for those hosts'),
'trustMode', FALSE,
array('', 'fullaccess', 'byhost'),
'',
array(_('disabled'), _('full access'), _('allow access to these hosts'))
),
new SystemsAttribute(
'', _('Only allow this group to connect to this list of hosts'),
'host', FALSE
)
)
)
);
}
function __construct ($dn = NULL, $object = NULL, $parent = NULL, $mainTab = FALSE)
{
parent::__construct($dn, $object, $parent, $mainTab);
$this->attributesAccess['trustMode']->setInLdap(FALSE);
$this->attributesAccess['trustMode']->setManagedAttributes(
array(
'multiplevalues' => array('notbyhost' => array('','fullaccess')),
'erase' => array(
'notbyhost' => array('host')
)
)
);
if ((count($this->host) == 1) && ($this->host[0] == '*')) {
$this->trustMode = 'fullaccess';
} elseif (count($this->host) > 0) {
$this->trustMode = 'byhost';
}
$this->attributesAccess['gidNumber']->setUnique(TRUE);
$this->attributesAccess['force_id']->setInLdap(FALSE);
$this->attributesAccess['force_id']->setManagedAttributes(
array(
'disable' => array (
FALSE => array (
'gidNumber',
)
)
)
);
}
function check()
{
global $config;
$message = parent::check();
/* Check ID's if they are forced by user */
if ($this->force_id) {
if ($this->gidNumber < $config->get_cfg_value("minId")) {
$message[] = msgPool::toosmall(_("GID"), $config->get_cfg_value("minId"));
}
}
return $message;
}
function resetCopyInfos()
{
parent::resetCopyInfos();
$this->force_id = FALSE;
$this->attributesAccess['gidNumber']->setInitialValue("");
$this->gidNumber = "";
}
function prepare_save()
{
if (!$this->force_id) {
/* Handle gidNumber */
if ($this->attributesAccess['gidNumber']->getInitialValue() != "") {
$this->gidNumber = $this->attributesAccess['gidNumber']->getInitialValue();
} else {
$this->gidNumber = get_next_id_lock('gidNumber', $this->dn);
$this->locks[] = 'gidNumber';
}
}
parent::prepare_save();
if ($this->trustMode == 'fullaccess') {
$this->attrs['host'] = array('*');
}
/* Trust accounts */
if (($this->trustMode != "") && !in_array('hostObject', $this->attrs['objectClass'])) {
$this->attrs['objectClass'][] = 'hostObject';
} elseif (($this->trustMode == "") && (($key = array_search('hostObject', $this->attrs['objectClass'])) !== FALSE)) {
unset($this->attrs['objectClass'][$key]);
}
}
function save()
{
$errors = parent::save();
foreach ($this->locks as $lock) {
del_lock($lock);
}
$this->locks = array();
return $errors;
}
function addUser($dn, $uid)
{
$this->attributesAccess['memberUid']->addValue($dn,
array(
'dn' => $dn,
'uid' => array($uid),
'cn' => array($uid)
)
);
}
function removeUser($uid)
{
$this->attributesAccess['memberUid']->searchAndRemove($uid);
}
}
?>
......@@ -49,6 +49,25 @@ class groupManagement extends simpleManagement
$this->headpage->registerElementFilter('filterProperties', 'groupManagement::filterProperties');
}
function configureFilter ()
{
parent::configureFilter();
if (!class_available('posixGroup')) {
/* If posix plugin is not installed, ignore posix filter */
$this->filter->elements['PRIMARY']['unset'] = '';
$this->filter->elements['PRIMARY']['set'] = '';
}
if (!class_available('mailAccount') || !class_available('posixGroup')) {
$this->filter->elements['MAIL']['unset'] = '';
$this->filter->elements['MAIL']['set'] = '';
}
if (!class_available('sambaAccount') || !class_available('posixGroup')) {
$this->filter->elements['SAMBA']['unset'] = '';
$this->filter->elements['SAMBA']['set'] = '';
}
}
static function filterProperties($row, $dn, $objectType, $attrs, $gosaGroupObjects = NULL)
{
global $config;
......@@ -71,7 +90,7 @@ class groupManagement extends simpleManagement
}
if (empty($grouptabs)) {
foreach ($config->data['TABS']['GROUPTABS'] as $plug) {
if ($plug['CLASS'] == 'group') {
if ($plug['CLASS'] == 'posixGroup') {
continue;
}
if (class_available($plug['CLASS'])) {
......@@ -126,19 +145,21 @@ class groupManagement extends simpleManagement
$smarty = get_smarty();
$filters = array(
array('id' => 'USER', 'label' => _('Show user groups')),
array('id' => 'PRIMARY', 'label' => _('Show primary groups')),
array('id' => 'ROLE', 'label' => _('Show organizational roles')),
array('id' => 'APPLICATION', 'label' => _('Show application groups')),
array('id' => 'UNKNOWN', 'label' => _('Show unidentified groups')),
);
if (class_available('mailAccount')) {
$filters[]= array('id' => 'MAIL', 'label' => _('Show mail groups'));
}
if (class_available('sambaAccount')) {
$filters[]= array('id' => 'SAMBA', 'label' => _('Show samba groups'));
if (class_available('posixGroup')) {
$filters[] = array('id' => 'PRIMARY', 'label' => _('Show primary groups'));
if (class_available('mailAccount')) {
$filters[] = array('id' => 'MAIL', 'label' => _('Show mail groups'));
}
if (class_available('sambaAccount')) {
$filters[] = array('id' => 'SAMBA', 'label' => _('Show samba groups'));
}
}
if (class_available('simpleSecurityObject')) {
$filters[]= array('id' => 'SIMPLESECURITYOBJECT', 'label' => _('Show DSA entries'));
$filters[] = array('id' => 'SIMPLESECURITYOBJECT', 'label' => _('Show DSA entries'));
}
if (class_available('systemManagement')) {
$filters = array_merge(
......
......@@ -167,7 +167,7 @@ class ogroup extends simplePlugin
'plForeignKeys' => array(
'member' => array(
array('user'),
array('group'),
array('posixGroup'),
array('applicationGeneric'),
array('serverGeneric'),
array('workstationGeneric'),
......
......@@ -10,7 +10,7 @@
<search>
<query>
<backend>LDAP</backend>
<filter>(&amp;(|(&amp;(objectClass=posixGroup)(|$PRIMARY$MAIL$SAMBA))$ROLE(&amp;(objectClass=groupOfNames)(|(gosaGroupObjects=[])$USER$GROUP$APPLICATION$SERVER$WORKSTATION$WINDOWS$TERMINAL$PRINTER$PHONE$SIMPLESECURITYOBJECT$UNKNOWN)))$NAME)</filter>
<filter>(&amp;(|$PRIMARY$MAIL$SAMBA$ROLE(&amp;(objectClass=groupOfNames)(|(gosaGroupObjects=[])$USER$GROUP$APPLICATION$SERVER$WORKSTATION$WINDOWS$TERMINAL$PRINTER$PHONE$SIMPLESECURITYOBJECT$UNKNOWN)))$NAME)</filter>
<attribute>*</attribute>
</query>
<scope>auto</scope>
......@@ -29,7 +29,7 @@
<tag>MAIL</tag>
<default>true</default>
<unset></unset>
<set>(objectClass=gosaMailAccount)</set>
<set>(&amp;(objectClass=posixGroup)(objectClass=gosaMailAccount))</set>
</element>
<element>
......@@ -37,7 +37,7 @@
<tag>SAMBA</tag>
<default>true</default>
<unset></unset>
<set>(objectClass=sambaGroupMapping)</set>
<set>(&amp;(objectClass=posixGroup)(objectClass=sambaGroupMapping))</set>
</element>
<element>
......
This diff is collapsed.
<?php
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2012-2016 FusionDirectory
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
posixAccount::mainInc('posixAccount', $ui->dn);
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment