/**
* @see CommonDBTM::doSpecificMassiveActions()
**/
function doSpecificMassiveActions($input = array())
{
$res = array('ok' => 0, 'ko' => 0, 'noright' => 0);
switch ($input['action']) {
case "add_user_group":
$gu = new Group_User();
return $gu->doSpecificMassiveActions($input);
case "force_user_ldap_update":
if (Session::haveRight("user", "w")) {
$ids = array();
foreach ($input["item"] as $key => $val) {
if ($val == 1) {
if ($this->getFromDB($key)) {
if ($this->fields["authtype"] == Auth::LDAP || $this->fields["authtype"] == Auth::EXTERNAL) {
if (AuthLdap::ldapImportUserByServerId(array('method' => AuthLDAP::IDENTIFIER_LOGIN, 'value' => $this->fields["name"]), 1, $this->fields["auths_id"])) {
$res['ok']++;
} else {
$res['ko']++;
}
}
} else {
$res['ko']++;
}
}
}
} else {
$res['noright']++;
}
break;
case "change_authtype":
if (!isset($input["authtype"]) || !isset($input["auths_id"])) {
return false;
}
if (Session::haveRight("user_authtype", "w")) {
$ids = array();
foreach ($input["item"] as $key => $val) {
if ($val == 1) {
$ids[] = $key;
}
}
if (User::changeAuthMethod($ids, $input["authtype"], $input["auths_id"])) {
$res['ok']++;
} else {
$res['ko']++;
}
} else {
$res['noright']++;
}
break;
case "add_userprofile":
$right = new Profile_User();
if (isset($input['profiles_id']) && $input['profiles_id'] > 0 && isset($input['entities_id']) && $input['entities_id'] >= 0) {
$input2 = array();
$input2['entities_id'] = $input['entities_id'];
$input2['profiles_id'] = $input['profiles_id'];
$input2['is_recursive'] = $input['is_recursive'];
foreach ($input["item"] as $key => $val) {
if ($val == 1) {
$input2['users_id'] = $key;
if ($right->can(-1, 'w', $input2)) {
if ($right->add($input2)) {
$res['ok']++;
} else {
$res['ko']++;
}
} else {
$res['noright']++;
}
}
}
}
break;
default:
return parent::doSpecificMassiveActions($input);
}
return $res;
}
GLPI is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
GLPI is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GLPI. If not, see <http://www.gnu.org/licenses/>.
--------------------------------------------------------------------------
*/
/** @file
* @brief
*/
include '../inc/includes.php';
Session::checkCentralAccess();
$profile = new Profile();
$right = new Profile_User();
$user = new User();
if (isset($_POST["add"])) {
$right->check(-1, CREATE, $_POST);
if ($right->add($_POST)) {
Event::log($_POST["users_id"], "users", 4, "setup", sprintf(__('%s adds a user to an entity'), $_SESSION["glpiname"]));
}
Html::back();
}
Html::displayErrorAndDie("lost");
/**
* Apply rules to determine dynamic rights of the user
*
* @return boolean : true if we play the Rule Engine
**/
function applyRightRules()
{
global $DB;
$return = false;
if ((isset($this->fields['_ruleright_process']) || isset($this->input['_ruleright_process'])) && isset($this->fields["authtype"]) && ($this->fields["authtype"] == Auth::LDAP || $this->fields["authtype"] == Auth::MAIL || Auth::isAlternateAuth($this->fields["authtype"]))) {
$dynamic_profiles = Profile_User::getForUser($this->fields["id"], true);
if (isset($this->fields["id"]) && $this->fields["id"] > 0 && isset($this->input["_ldap_rules"]) && count($this->input["_ldap_rules"])) {
//and add/update/delete only if it's necessary !
if (isset($this->input["_ldap_rules"]["rules_entities_rights"])) {
$entities_rules = $this->input["_ldap_rules"]["rules_entities_rights"];
} else {
$entities_rules = array();
}
if (isset($this->input["_ldap_rules"]["rules_entities"])) {
$entities = $this->input["_ldap_rules"]["rules_entities"];
} else {
$entities = array();
}
if (isset($this->input["_ldap_rules"]["rules_rights"])) {
$rights = $this->input["_ldap_rules"]["rules_rights"];
} else {
$rights = array();
}
$retrieved_dynamic_profiles = array();
//For each affectation -> write it in DB
foreach ($entities_rules as $entity) {
//Multiple entities assignation
if (is_array($entity[0])) {
foreach ($entity[0] as $tmp => $ent) {
$affectation['entities_id'] = $ent;
$affectation['profiles_id'] = $entity[1];
$affectation['is_recursive'] = $entity[2];
$affectation['users_id'] = $this->fields['id'];
$affectation['is_dynamic'] = 1;
$retrieved_dynamic_profiles[] = $affectation;
}
} else {
$affectation['entities_id'] = $entity[0];
$affectation['profiles_id'] = $entity[1];
$affectation['is_recursive'] = $entity[2];
$affectation['users_id'] = $this->fields['id'];
$affectation['is_dynamic'] = 1;
$retrieved_dynamic_profiles[] = $affectation;
}
}
if (count($entities) > 0 && count($rights) == 0) {
if ($def_prof = Profile::getDefault()) {
$rights[] = $def_prof;
}
}
if (count($rights) > 0 && count($entities) > 0) {
foreach ($rights as $right) {
foreach ($entities as $entity) {
$affectation['entities_id'] = $entity[0];
$affectation['profiles_id'] = $right;
$affectation['users_id'] = $this->fields['id'];
$affectation['is_recursive'] = $entity[1];
$affectation['is_dynamic'] = 1;
$retrieved_dynamic_profiles[] = $affectation;
}
}
}
// Compare retrived profiles to existing ones : clean arrays to do purge and add
if (count($retrieved_dynamic_profiles)) {
foreach ($retrieved_dynamic_profiles as $keyretr => $retr_profile) {
$found = false;
foreach ($dynamic_profiles as $keydb => $db_profile) {
// Found existing profile : unset values in array
if (!$found && $db_profile['entities_id'] == $retr_profile['entities_id'] && $db_profile['profiles_id'] == $retr_profile['profiles_id'] && $db_profile['is_recursive'] == $retr_profile['is_recursive']) {
unset($retrieved_dynamic_profiles[$keyretr]);
unset($dynamic_profiles[$keydb]);
}
}
}
}
// Add new dynamic profiles
if (count($retrieved_dynamic_profiles)) {
$right = new Profile_User();
foreach ($retrieved_dynamic_profiles as $keyretr => $retr_profile) {
$right->add($retr_profile);
}
}
//Unset all the temporary tables
unset($this->input["_ldap_rules"]);
$return = true;
}
// Delete old dynamic profiles
if (count($dynamic_profiles)) {
$right = new Profile_User();
foreach ($dynamic_profiles as $keydb => $db_profile) {
$right->delete($db_profile);
}
}
}
return $return;
}
if ($groupuser->can(-1, 'w', $input)) {
$groupuser->add($input);
}
}
}
break;
case "add_userprofile":
$right = new Profile_User();
if (isset($_POST['profiles_id']) && $_POST['profiles_id'] > 0 && isset($_POST['entities_id']) && $_POST['entities_id'] >= 0) {
$input['entities_id'] = $_POST['entities_id'];
$input['profiles_id'] = $_POST['profiles_id'];
$input['is_recursive'] = $_POST['is_recursive'];
foreach ($_POST["item"] as $key => $val) {
if ($val == 1) {
$input['users_id'] = $key;
$right->add($input);
}
}
}
break;
case "add_document":
$documentitem = new Document_Item();
foreach ($_POST["item"] as $key => $val) {
$input = array('itemtype' => $_POST["itemtype"], 'items_id' => $key, 'documents_id' => $_POST['docID']);
if ($documentitem->can(-1, 'w', $input)) {
$documentitem->add($input);
}
}
break;
case "add_contact":
if ($_POST["itemtype"] == 'Supplier') {
