|
Lines 34-44
Link Here
|
| 34 |
|
34 |
|
| 35 |
eval "$(ucr shell ldap/base)" |
35 |
eval "$(ucr shell ldap/base)" |
| 36 |
|
36 |
|
| 37 |
BIND_ARGS="$@" |
37 |
_quote () { # escaoe any single quote in an argument |
|
|
38 |
echo "$1" | sed -e "s,','\\\\'',g" |
| 39 |
} |
| 40 |
# save up a propery quoted/escaped version of "$@" |
| 41 |
_udm_args= |
| 42 |
for arg in "$@" |
| 43 |
do |
| 44 |
_udm_agrs="${_udm_args:+$_udm_args }'$(_quote "$arg")'" |
| 45 |
done |
| 46 |
_udm () { # internal wrapper for univention-directory-manager to build $cmd |
| 47 |
local arg |
| 48 |
cmd="univention-directory-manager '$(_quote "$1")' '$(_quote "$2")' $_udm_args" |
| 49 |
shift 2 |
| 50 |
for arg in "$@" |
| 51 |
do |
| 52 |
cmd="$cmd '$(_quote "$arg")'" |
| 53 |
done |
| 54 |
} |
| 55 |
udm () { # wrapper for univention-directory-manager |
| 56 |
local cmd |
| 57 |
_udm "$@" |
| 58 |
eval "$cmd" |
| 59 |
} |
| 38 |
|
60 |
|
| 39 |
umc_frontend_new_hash () { |
61 |
umc_frontend_new_hash () { |
| 40 |
# create new timestamps for index.html and debug.html in order to |
62 |
# create new timestamps for index.html and debug.html in order to |
| 41 |
# avoid caching problems in browsers |
63 |
# avoid caching problems in browsers |
|
|
64 |
local timestamp ifile f idir |
| 42 |
timestamp=$(date +'%Y%d%m%H%M%S') |
65 |
timestamp=$(date +'%Y%d%m%H%M%S') |
| 43 |
for ifile in index.html debug.html js/umc/login.html; do |
66 |
for ifile in index.html debug.html js/umc/login.html; do |
| 44 |
f="/usr/share/univention-management-console-frontend/$ifile" |
67 |
f="/usr/share/univention-management-console-frontend/$ifile" |
|
Lines 56-108
umc_frontend_new_hash () {
Link Here
|
| 56 |
|
79 |
|
| 57 |
umc_init () { |
80 |
umc_init () { |
| 58 |
# containers |
81 |
# containers |
| 59 |
udm container/cn create $BIND_ARGS --ignore_exists --position cn=univention,$ldap_base --set name=UMC || exit $? |
82 |
udm container/cn create --ignore_exists --position "cn=univention,$ldap_base" --set name=UMC || exit $? |
| 60 |
udm container/cn create $BIND_ARGS --ignore_exists --position cn=policies,$ldap_base --set name=UMC --set policyPath=1 || exit $? |
83 |
udm container/cn create --ignore_exists --position "cn=policies,$ldap_base" --set name=UMC --set policyPath=1 || exit $? |
| 61 |
udm container/cn create $BIND_ARGS --ignore_exists --position cn=UMC,cn=univention,$ldap_base --set name=operations || exit $? |
84 |
udm container/cn create --ignore_exists --position "cn=UMC,cn=univention,$ldap_base" --set name=operations || exit $? |
| 62 |
|
85 |
|
| 63 |
# default policies |
86 |
# default policies |
| 64 |
udm policies/umc create $BIND_ARGS --ignore_exists --set name=default-umc-all \ |
87 |
udm policies/umc create --ignore_exists --set name=default-umc-all \ |
| 65 |
--position cn=UMC,cn=policies,$ldap_base || exit $? |
88 |
--position "cn=UMC,cn=policies,$ldap_base" || exit $? |
| 66 |
|
89 |
|
| 67 |
# link default admin policy to the domain admins |
90 |
# link default admin policy to the domain admins |
| 68 |
udm groups/group modify $BIND_ARGS --ignore_exists --dn "cn=Domain Admins,cn=groups,$ldap_base" \ |
91 |
udm groups/group modify --ignore_exists --dn "cn=Domain Admins,cn=groups,$ldap_base" \ |
| 69 |
--policy-reference="cn=default-umc-all,cn=UMC,cn=policies,$ldap_base" || exit $? |
92 |
--policy-reference="cn=default-umc-all,cn=UMC,cn=policies,$ldap_base" || exit $? |
| 70 |
} |
93 |
} |
| 71 |
|
94 |
|
| 72 |
_umc_remove_old () { |
95 |
_umc_remove_old () { |
| 73 |
# removes an object and ignores all errors |
96 |
# removes an object and ignores all errors |
| 74 |
name=$1; shift |
97 |
local name="$1" module="$2" container="$3" |
| 75 |
module=$1; shift |
98 |
udm "$module" remove --dn "cn=$name,$container,$ldap_base" 2>/dev/null || true |
| 76 |
container=$1 |
|
|
| 77 |
|
| 78 |
udm $module remove $BIND_ARGS --dn "cn=$name,$container,$ldap_base" 2>/dev/null || true |
| 79 |
} |
99 |
} |
| 80 |
|
100 |
|
| 81 |
umc_operation_create () { |
101 |
umc_operation_create () { |
| 82 |
# example: umc_operation_create "udm" "UDM" "users/user" "udm/*:objectType=users/*" |
102 |
# example: umc_operation_create "udm" "UDM" "users/user" "udm/*:objectType=users/*" |
| 83 |
name=$1; shift |
103 |
local name="$1" description="$2" flavor="$3" oper cmd |
| 84 |
description=$1; shift |
104 |
shift 3 |
| 85 |
flavor=$1; shift |
105 |
_udm settings/umc_operationset create --ignore_exists \ |
| 86 |
operations="" |
106 |
--position "cn=operations,cn=UMC,cn=univention,$ldap_base" \ |
| 87 |
for oper in "$@"; do |
|
|
| 88 |
operations="$operations --append operation=$oper " |
| 89 |
done |
| 90 |
udm settings/umc_operationset create $BIND_ARGS --ignore_exists \ |
| 91 |
--position cn=operations,cn=UMC,cn=univention,$ldap_base \ |
| 92 |
--set name="$name" \ |
107 |
--set name="$name" \ |
| 93 |
--set description="$description" \ |
108 |
--set description="$description" \ |
| 94 |
--set flavor="$flavor" $operations || exit $? |
109 |
--set flavor="$flavor" |
|
|
110 |
for oper in "$@" |
| 111 |
do |
| 112 |
cmd="$cmd --append operation='$(_quote "$oper")'" |
| 113 |
done |
| 114 |
eval "$cmd || exit \$?" |
| 95 |
} |
115 |
} |
| 96 |
|
116 |
|
| 97 |
umc_policy_append () { |
117 |
umc_policy_append () { |
| 98 |
# example: umc_policy_append "default-umc-all" "udm-all" "udm-users" |
118 |
# example: umc_policy_append "default-umc-all" "udm-all" "udm-users" |
| 99 |
policy="$1"; shift |
119 |
local policy="$1" op cmd |
| 100 |
|
120 |
shift |
| 101 |
ops="" |
121 |
_udm policies/umc modify --ignore_exists \ |
| 102 |
for op in "$@"; do |
122 |
--dn "cn=$policy,cn=UMC,cn=policies,$ldap_base" |
| 103 |
ops="$ops --append allow=cn=$op,cn=operations,cn=UMC,cn=univention,$ldap_base " |
123 |
for op in "$@" |
|
|
124 |
do |
| 125 |
cmd="$cmd --append allow='$(_quote "cn=$op,cn=operations,cn=UMC,cn=univention,$ldap_base")'" |
| 104 |
done |
126 |
done |
| 105 |
|
127 |
eval "$cmd || exit \$?" |
| 106 |
udm policies/umc modify $BIND_ARGS --ignore_exists \ |
|
|
| 107 |
--dn "cn=$policy,cn=UMC,cn=policies,$ldap_base" $ops || exit $? |
| 108 |
} |
128 |
} |