Commit 98a6b9c3 authored by Côme Bernigaud's avatar Côme Bernigaud Committed by Benoit Mortier
Browse files

Fixes: #2670 Using simpleManagement for ACLs

parent 67664882
<div class="contentboxh">
<p class="contentboxh">
<img src="images/launch.png" alt="[F]"/>{t}Filter{/t}
</p>
</div>
<div class="contentboxb">
<table summary="" style="width:100%;border-top:none;">
<tr>
<td>
<label for="NAME">
<img src="images/lists/search.png"/>&nbsp;{t}Name{/t}
</label>
</td>
<td>
{$NAME}
</td>
</tr>
</table>
<table style="width:100%;background:#EEEEEE;border-top:1px solid #B0B0B0;">
<tr>
<td style="width:100%;text-align:right;">
{$APPLY}
</td>
</tr>
</table>
</div>
<?xml version="1.0" encoding="UTF-8"?>
<filterdef>
<definition>
<category>acl</category>
<template>acl-filter.tpl</template>
<initial>true</initial>
</definition>
<search>
<query>
<backend>LDAP</backend>
<filter>(objectClass=gosaAcl)$NAME</filter>
<attribute>dn</attribute>
<attribute>objectClass</attribute>
<attribute>cn</attribute>
<attribute>ou</attribute>
<attribute>description</attribute>
</query>
<scope>sub</scope>
</search>
<element>
<type>textfield</type>
<tag>NAME</tag>
<size>20</size>
<maxlength>60</maxlength>
<default></default>
<unset></unset>
<set>(|(cn=*$*)(ou=*$*)(description=*$*))</set>
<alphabet>true</alphabet>
<autocomplete>
<backend>ACL</backend>
<filter>(&amp;(objectClass=gosaAcl)(|(ou=*$NAME*)(description=*$NAME*)(cn=*$NAME*)))</filter>
<attribute>ou</attribute>
<attribute>cn</attribute>
<frequency>0.5</frequency>
<characters>3</characters>
</autocomplete>
</element>
</filterdef>
<?xml version="1.0" encoding="UTF-8"?>
<list>
<definition>
<departmentBrowser>false</departmentBrowser>
<departmentRootVisible>false</departmentRootVisible>
<baseMode>false</baseMode>
<multiSelect>true</multiSelect>
<template>simple-list.tpl</template>
<module>acl</module>
<label>List of acls</label>
<defaultSortColumn>1</defaultSortColumn>
<objectType>
<label>Acl</label>
<objectClass>top</objectClass>
<category>acl</category>
<class>acl</class>
<image>plugins/acl/images/iconMini.png</image>
</objectType>
</definition>
<table>
<layout>|20px;c|200px||170px;r|</layout>
<column>
<value>%{filter:objectType(dn,objectClass)}</value>
</column>
<column>
<label>Name</label>
<sortAttribute>dn</sortAttribute>
<sortType>string</sortType>
<value>%{filter:filterLabel(row,dn,ou,cn,pid,base)}</value>
<export>true</export>
</column>
<column>
<label>Description</label>
<sortAttribute>description</sortAttribute>
<sortType>string</sortType>
<value>%{filter:link(row,dn,"%s",description)}</value>
<export>true</export>
</column>
<column>
<label>Actions</label>
<value>%{filter:actions(dn,row,objectClass)}</value>
</column>
</table>
<actionmenu>
<action>
<name>remove</name>
<type>entry</type>
<image>images/lists/trash.png</image>
<label>Remove</label>
</action>
</actionmenu>
<actiontriggers snapshot="false" copypaste="false">
<action>
<name>edit</name>
<type>entry</type>
<image>images/lists/edit.png</image>
<label>Edit</label>
</action>
<action>
<name>remove</name>
<type>entry</type>
<image>images/lists/trash.png</image>
<acl>acl/acl[d]</acl>
<label>Remove</label>
</action>
</actiontriggers>
</list>
......@@ -99,12 +99,12 @@ class aclAssignmentDialogWindow extends simplePlugin
$smarty = get_smarty();
$display = parent::execute();
if (!is_object($this->dialog)) {
$display .= $smarty->fetch('string:'.
'<p class="plugbottom">'.
' <input type="submit" name="add_acl_finish" value="{msgPool type=addButton}"/>'.
' &nbsp;'.
' <input type="submit" name="add_acl_cancel" value="{msgPool type=cancelButton}"/>'.
'</p>');
$display .= $smarty->fetch('string:'.
'<p class="plugbottom">'.
' <input type="submit" name="add_acl_finish" value="{msgPool type=addButton}"/>'.
' &nbsp;'.
' <input type="submit" name="add_acl_cancel" value="{msgPool type=cancelButton}"/>'.
'</p>');
}
return $display;
}
......@@ -173,13 +173,12 @@ class ACLsAssignmentDialog extends GenericDialog
class ACLsAssignmentAttribute extends DialogOrderedArrayAttribute
{
protected $order = TRUE;
protected $dialogClass = 'ACLsAssignmentDialog';
protected $order = TRUE;
protected $dialogClass = 'ACLsAssignmentDialog';
protected function getAttributeArrayValue($value)
{
/* Convert text value to displayable array value */
//~ return explode(':', $value);
$value['members'] = join(', ', $value['members']);
return $value;
}
......@@ -225,7 +224,7 @@ class ACLsAssignmentAttribute extends DialogOrderedArrayAttribute
function foreignKeyCheck($oldvalue, $source)
{
foreach ($this->value as $key => $value) {
foreach ($this->value as $value) {
if (($source['CLASS'] == 'aclRole') && ($value['role'] == $oldvalue)) {
return TRUE;
} elseif (($source['CLASS'] == 'user' || $source['CLASS'] == 'group') && in_array($oldvalue, $value['members'])) {
......@@ -253,6 +252,7 @@ class aclAssignment extends simplePlugin
'filter' => 'objectClass=gosaAcl',
'ou' => '',
'icon' => 'plugins/acl/images/iconMini.png',
'tabClass' => 'simpleTabs_noSpecial',
),
'special' => array(
'name' => 'special'
......
......@@ -19,16 +19,18 @@
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
class aclManagement extends management
class aclManagement extends simpleManagement
{
// Tab definition
protected $tabClass = "simpleTabs_noSpecial";
protected $tabType = "ACLASSIGNMENTTABS";
protected $aclCategory = "acl";
protected $aclPlugin = "aclAssignment";
protected $objectName = "ACL";
protected $objectTypes = array('aclAssignment');
protected $autoFilterAttributes = array('dn', 'cn', 'description', 'ou', 'dc');
protected $departmentBrowser = FALSE;
protected $departmentRootVisible = FALSE;
protected $baseMode = FALSE;
protected $skipCpHandler = TRUE;
protected $skipSnapHandler = TRUE;
/* Return plugin informations for acl handling */
static function plInfo()
{
return array(
......@@ -43,60 +45,26 @@ class aclManagement extends management
);
}
function __construct(&$config, $ui)
function configureFilter()
{
$this->config = $config;
$this->ui = $ui;
$this->storagePoints = array(''); // ACLs are attached to department containers
// Build filter
if (session::global_is_set(get_class($this)."_filter")) {
$filter = session::global_get(get_class($this)."_filter");
} else {
$filter = new filter(get_template_path("acl-filter.xml", TRUE));
$filter->setObjectStorage($this->storagePoints);
}
$this->setFilter($filter);
// Build headpage
$headpage = new listing(get_template_path("acl-list.xml", TRUE));
$headpage->registerElementFilter("filterLabel", "aclManagement::filterLabel");
$headpage->setFilter($filter);
parent::__construct($this->config, $ui, "acl", $headpage);
parent::configureFilter();
$this->filter->scope = 'sub';
}
function removeEntryConfirmed ($action = "", $target = array(), $all = array(), $altTabClass = "", $altTabType = "", $altAclCategory = "")
function parseXML ($file)
{
@DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $target, "Entry removal confirmed!");
$headpage = $this->getHeadpage();
foreach ($this->dns as $key => $dn) {
// Check permissions, are we allowed to remove this object?
$acl = $this->ui->get_permissions($dn, $this->aclCategory."/".$this->aclPlugin);
if (preg_match("/d/", $acl)) {
// Delete the object
$this->dn = $dn;
$this->tabObject = new $this->tabClass('aclAssignment', $this->dn);
$this->tabObject->set_acl_base($this->dn);
$this->tabObject->delete();
$this->tabObject->parent = &$this;
// Remove the lock for the current object.
del_lock($this->dn);
} else {
msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
new log("security", "acl/".get_class($this), $dn, array(), "Tried to trick deletion.");
}
}
$data = parent::parseXML($file);
$data['list']['table']['column'][1]['value'] = '%{filter:filterLabel(row,dn,ou,cn,pid,base)}';
$data['list']['table']['column'][1]['sortAttribute'] = 'dn';
return $data;
}
// Cleanup
$this->remove_lock();
$this->closeDialogs();
function configureHeadpage ()
{
$this->headpage->registerElementFilter('filterLabel', 'aclManagement::filterLabel');
parent::configureHeadpage();
}
// A filter which allows to open a department by clicking on the departments name.
static function filterLabel($row, $dn, $ou = array(), $pid = 0, $base = "")
{
$ou = $ou[0];
......@@ -108,5 +76,14 @@ class aclManagement extends management
$dn = LDAP::fix($dn);
return "<a href='?plug=".$_GET['plug']."&amp;PID=$pid&amp;act=listing_edit_$row' title='$dn'>$ou</a>";
}
protected function removeEntryRequested($action = "", $target = array(), $all = array())
{
$result = parent::removeEntryRequested($action, $target, $all);
if ($result != "") {
$smarty = get_smarty();
return $smarty->fetch(get_template_path('remove.tpl', TRUE, dirname(__FILE__)));
}
}
}
?>
<?php
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2003 Cajus Pollmeier
Copyright (C) 2011-2013 FusionDirectory
Copyright (C) 2013 FusionDirectory
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......@@ -20,36 +18,5 @@
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/* Remove locks created by this plugin
*/
if ($remove_lock){
if(session::is_set('aclManagement')){
$macl = session::get('aclManagement');
$macl->remove_lock();
}
}
/* Remove this plugin from session
*/
if ( $cleanup ){
session::un_set('aclManagement');
}else{
/* Reset requested? */
if (isset($_GET['reset']) && $_GET['reset'] == 1){
session::un_set ('aclManagement');
}
/* Create usermanagement object on demand */
if (!session::is_set('aclManagement')){
$aclManagement= new aclManagement ($config, $ui);
session::set('aclManagement',$aclManagement);
}
$aclManagement = session::get('aclManagement');
$display= $aclManagement->execute();
/* Show and save dialog */
session::set('aclManagement',$aclManagement);
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
simpleManagement::mainInc('aclManagement');
?>
<div style="font-size:18px;">
<img alt="Warning icon" src="images/warning.png" class="center"/>&nbsp;{t}Warning{/t}
</div>
<p>
{$info}
{t}This includes all ACL assignments made on this node(s). If you want the list of these assignments, please cancel and open the objects.{/t}
</p>
<p>
{t}Press 'Delete' to continue or 'Cancel' to abort.{/t}
</p>
<div style="padding:5px;">
<div style="font-size:18px;">
<img alt="" src="images/warning.png" class="center"/>&nbsp;{t}Warning{/t}
</div>
<p>
<ul>
{foreach from=$objects item=object}
<li style="list-style-image:url('{$object.icon}');" title="{$object.type}">
{$object.name}&nbsp;(<i>{$object.dn}</i>)
</li>
{/foreach}
</ul>
{t}This includes all ACL assignments made on this node(s). If you want the list of these assignments, please cancel and open the objects.{/t}
</p>
<p class="plugbottom">
<input type="submit" name="delete_confirmed" value="{msgPool type=delButton}"/>
<input type="submit" name="delete_cancel" value="{msgPool type=cancelButton}"/>
</p>
<p>
{t}Press 'Delete' to continue or 'Cancel' to abort.{/t}
</p>
<p class="plugbottom">
<input type="submit" name="delete_confirmed" value="{msgPool type=delButton}"/>
<input type="submit" name="delete_cancel" value="{msgPool type=cancelButton}"/>
</p>
</div>
<?php
/*
This code is part of FusionDirectory (http://www.fusiondirectory.org/)
Copyright (C) 2003 Cajus Pollmeier
Copyright (C) 2011-2013 FusionDirectory
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
class acltab extends tabs
{
function __construct($config, $data, $dn, $cat = "", $copied_object = NULL)
{
$data = array(array("CLASS" => "aclAssignment" , "NAME" => _("ACL")));
parent::__construct($config, $data, $dn, "", $copied_object);
}
}
?>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment