Location: PHPKode > projects > LDAP Navigator > ldapnavigator-0.9.6/modules/aci/aci.form.php
<?php
/*
	*** NOTE this ACL stuff is only compatible with iPlanet / Netscape Directory server ***

	here is the ACI syntax
	aci: (<target>)(<version>;acl "<name>";allow(<permissions>)(<binding rule>);)
	the terms used in these pages refers to the syntax above
*/



$pageTitle = "$config->appName > Access permissions for $dn";

/*********************************************************
 * REFERENTIALS CREATION
 *********************************************************/
 
// array of all possible permissions
$aPermissions = array (	
	"all", "read", "search", "compare", "write", "add",  "delete", "selfwrite"
);

// target types : user based and group based 
$aBindingTypes = array( 
	"userdn" => "User",
	"groupdn" => "Group",
	"anyone" => "Anyone",
	"all" => "All authenticated user",
	"self" => "Self access",
);

// type of granting : allow or deny
$aGrants = array (
	"allow" => "Allow ",
	"deny" => "Deny ",
);


/*********************************************************
 * Get the aci(s) from the server
 *********************************************************/

$sr = @ldap_read( $ds, $dn, "objectclass=*" );
if( ! $sr )
	ErrorPage(  "Error",
		"Entry not found : "	. ldap_error($ds) . "<br>Maybe someone has just deleted this entry ?",
		"page.default.php"
	);

// build the list of ACIs for the ACI chooser popup
$aciList = array();
$aciList[-1] = "Enter a new ACI";

if( ! isset($idx) ) 
	$idx = -1;

$tmp = ldap_get_entries( $ds, $sr );
$entry = $tmp[0];
if( $entry['aci'] ) {	
	unset( $entry['aci']['count']);	
	// build the "Edit ACI" popup list. the _new_ item is for creating a new item
	foreach( $entry['aci'] as $i => $acitext ) {
		$aci = parse_aci( $acitext );
		if( $aci ) {
			$aciList[$i] = $aci['name'];
		}
	}
}
	
$wAclList = new Popup( "idx", $idx, $aciList, $sbL );


// The user choose "Crrate a new ACI", we initialize a default aci
if( $idx == -1 ) {
	// the action button is an add button
	$wUpdate = new Button( "Add", "formAction(this.form, 'aci.add' )", $btnM );
	$aci = array(
		"version" => "3.0",
		"permissions" => array( "search", "read" ),
		"bindingdn" => "ldap:///",
	);
	
} else {
	// the action button is an update button
	$wUpdate = new Button( "Modify", "formAction(this.form, 'aci.update' )", $btnM );
	// parse ACI into an information array ( only iPlanet ACI are supported for now )
	$aci = parse_aci( $entry['aci'][$idx], "iplanet" );
}

// echo "<pre>"; print_r($aci); echo "</pre>";


// if the target is missing, we default it with the entry dn (correct)
if( ! $aci['target'] )
	$aci['target'] = "ldap:///$dn";

// initialize special target types if needed
if( strtolower($aci['targetdn']) == "ldap:///anyone" )
	$aci['targettype'] = "anyone";
elseif( strtolower($aci['targetdn']) == "ldap:///self" )
	$aci['targettype'] = "self";


// page start

include_once( "./page.header.php" );


html::form( "submit.php", "post" );
html::hidden( "A", "aci.edit" );
html::hidden( "prevA", $A );
html::hidden( "dn", $dn );
html::hidden( "aci[target]", $aci['target'] );
html::hidden( "aci[version]", $aci['version'] );

FormStart( $pageTitle );

if( $statusMsg ) {
	FormLine( "&nbsp;",   $statusMsg );
}


// autoreload form with the right ACI
$wAclList->addOption( "onChange=\"formAction(this.form,'aci.edit')\"" );

FormLine( 
	"ACI to edit : ", $wAclList
	);



/////////////////////////////////////////// PERMISSIONS 



FormLine( 
	"ACI name", new TextInput( "aci[name]", $aci['name'], $tbL ) 
	);
	
/*FormLine( 
	"version", $aci['version'] 
	);*/

$wPermissions = new CheckboxGroup( "aci[permissions][]", $aci['permissions'], $aPermissions );
$wPermissions->useHash(false);
$wAllowDeny = new Popup( 'aci[grant]', $aci['grant'], $aGrants, $sbS );

FormLine( 
	$wAllowDeny, $wPermissions 
	);


/////////////////////////////////////////// WHO IS CONCERNED

$wBindingType = new Popup( "aci[bindingtype]", $aci['bindingtype'], $aBindingTypes, $sbS );
$wBindingType->addOption( 'onChange="targetDnEnable(this)"' );

$wBindingDn = new TextInput( "aci[bindingdn]", $aci['bindingdn'], $tbL ) ;
if( $aci['bindingtype'] != "groupdn" && $aci['bindingtype'] != "userdn" ) {
	$wBindingDn->addOption( "disabled=1" );
}

FormLine( 
	"For " . $wBindingType->toString(),
	$wBindingDn
);



/////////////////////////////////////////// handle "attributes level" directives
if( isset( $aci['targetattr'] ) )
	$useAttr = 1;
else
	$useAttr = 0;
	
$wUseAttr = new Radio( "useAttr", "1" , $useAttr );
FormLine( 
	$wUseAttr->toString() . " Only on attributes:", 
	new Textarea( "aci[targetattr]", @implode( "\n", $aci['targetattr'] ), $taM ) 
);

// echo "idx=$idx test=", ($idx === "_new_");

// create button bar elements

$wDelete = new Button( "Delete", "formAction(this.form, 'aci.delete' )", $btnM );
$wCancel = new Button( "Cancel", "formAction(this.form, 'entry.properties' )", $btnM );

// display button bar
echo "<tr><td class=form colspan=2 align=right>",
	$wUpdate->toString(),
	$wDelete->toString(),
	$wCancel->toString(),
	"</td></tr>";

echo "</TABLE>\n",
	"</FORM>\n";

// JS invoqued by form buttons

?>
<script language="javascript">
<!--
 
function formAction( formObj, actionStr )
{ 
//	alert( "formAction( " + formObj + "," +  actionStr +") idx=" + formObj.idx.value );
	formObj.A.value = actionStr;
	formObj.submit();
}

function targetDnEnable( widgetSelect )
{
	frm = widgetSelect.form;
	var currentVal = widgetSelect.options[widgetSelect.selectedIndex].value;
//	alert( frm.elements['aci[targetdn]'] );

	// targetdn textinput is editable only if type is userdn or groupdn
	if( currentVal != 'userdn' && currentVal != 'groupdn' )
		frm.elements['aci[bindingdn]'].disabled = true;
	else 
		frm.elements['aci[bindingdn]'].disabled = false;
}

// -->
</script>
<?php



include("./page.footer.php");







?> 
Return current item: LDAP Navigator