<?php
	/************************************************************************************\
	* Expresso Administração                 										     *
	* by Joao Alfredo Knopik Junior (joao.alfredo@gmail.com, jakjr@celepar.pr.gov.br)  	 *
	* -----------------------------------------------------------------------------------*
	*  This program is free software; you can redistribute it and/or modify it			 *
	*  under the terms of the GNU General Public License as published by the			 *
	*  Free Software Foundation; either version 2 of the License, or (at your			 *
	*  option) any later version.														 *
	\************************************************************************************/

	class bosectors
	{
		var $public_functions = array(
			'create_sector'	=> True,
			'save_sector'	=> True,
			'delete_sector'	=> True
		);
	
		var $so;
		var $functions;

		function bosectors()
		{
			$this->so = createobject('expressoAdmin1_2.sosectors');
			$this->functions = $this->so->functions;
			$this->soaccounts = createobject('expressoAdmin1_2.soaccounts');
			$this->sogroups = createobject('expressoAdmin1_2.sogroups');
		}

		function create_sector()
		{
			// Verifica o acesso do gerente
			if (!$this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'create_sectors'))
			{
				$return['status'] = false;
				$return['msg'] = 'Você não tem acesso para criar setores.';
				return $return;
			}

			// Cria array para incluir no LDAP
			$dn = 'ou=' . $_POST['sector'] . ',' . $_POST['context'];			
			$sector_info = array();
			$sector_info['ou']				= $_POST['sector'];  
			$sector_info['objectClass'][0]	= 'top';
			$sector_info['objectClass'][1]	= 'organizationalUnit';
			$sector_info['objectClass'][2]	= 'phpgwAccount';
			
			if ($_POST['sector_visible'])
				$sector_info['phpgwaccountvisible'] = '-1';
			
			// Chama funcao para escrever no OpenLDAP, case de erro, volta com msg de erro.
			if (!$this->so->write_ldap($dn, $sector_info))
			{
				$_POST['error_messages'] = lang('Error in OpenLDAP recording.');
				ExecMethod('expressoAdmin1_2.uisectors.add_sector');
				return false;
			}
			
			//Escreve no log
			$this->functions->write_log2('Sector created', '','','',$dn);
			
			// Volta para o ListSectors
			$url = ($GLOBALS['phpgw']->link('/index.php','menuaction=expressoAdmin1_2.uisectors.list_sectors'));
			$GLOBALS['phpgw']->redirect($url);
		}

		function save_sector()
		{
			$sector_info = $this->so->get_info($_POST['context']);
			
			if (($_POST['sector_visible'] == 'on') && ($sector_info['phpgwaccountvisible'] != '-1'))
			{
				foreach ($sector_info[0]['objectclass'] as $objectClass)
				{
					if ($objectClass == 'phpgwAccount')
						$phpgwAccount = true;
					else
						$phpgwAccount = false;
				}
				
				if (!$phpgwAccount)
				{
					$ldap_mod_add['objectClass'][] = 'phpgwAccount';
				}
				
				$ldap_mod_add['phpgwaccountvisible'] = '-1';
				$this->so->add_attribute($sector_info[0]['dn'], $ldap_mod_add);
			}
			else
			{
				$ldap_mod_del['phpgwaccountvisible'] = array();
				$this->so->remove_attribute($sector_info[0]['dn'], $ldap_mod_del);
			}
				
			// Volta para o ListSectors
			ExecMethod('expressoAdmin1_2.uisectors.list_sectors');
		}

		function delete_sector()
		{
			// Verifica o acesso do gerente
			if (!$this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'delete_sectors'))
			{
				$return['status'] = false;
				$return['msg'] = 'Você não tem acesso para deletar setores.';
				return $return;
			}

			$sector_dn = $_POST['dn'];
			$manager_context = $_POST['manager_context'];

			$sector_users = $this->so->get_sector_users($sector_dn);
			
			for ($i=0; $i<count($sector_users)-1; $i++)
			{
				//_debug_array($user);
				// Pega o UID e os grupos que o usuario fz parte.
				$uid = $sector_users[$i]['uid'][0];
				$account_id = $sector_users[$i]['uidnumber'][0];
				$dn = $sector_users[$i]['dn'];

				$memberships = $this->soaccounts->get_user_memberships($account_id, $manager_context);
				$memberships = explode("|", $memberships);
				
				// Deleta os memberUid dos grupos que o usuario pertence.
				foreach ($memberships as $group_dn)
					$this->soaccounts->delete_memberuid($group_dn, $uid);
			
				// Deleta o cn do usuarios no ldap.
				$this->soaccounts->delete_user_ldap($dn);
			
				// Deleta user dos grupos no BD
				$this->soaccounts->delete_group_user_pgsql($account_id);
			
				// Deleta apps do user
				$this->soaccounts->delete_apps_pgsql($account_id);
		
				// Deleta permissao para alterar senha no pgsql
				$this->soaccounts->delete_changepassword_pgsql($account_id);

				// Deleta conta imap-cyrus do usuarios.
				$this->soaccounts->delete_account_imap($uid);
			}


			$sector_groups = $this->so->get_sector_groups($sector_dn);
			for ($i=0; $i<count($sector_groups)-1; $i++)
			{
 				$dn = $sector_groups[$i]['dn'];
 				$gidnumber = $sector_groups[$i]['gidnumber'][0];

				//Delete cn of the group from ldap.
				if (!$this->sogroups->delete_group_ldap($dn))
				{
					$_POST['error_messages'] = lang('Error delete Group in OpenLDAP.');
					ExecMethod('expressoAdmin1_2.uisectors.list_sectors');
					return false;
				}
			
				//Delete all users of the group from BD.
				$this->sogroups->delete_all_users_pgsql($gidnumber);
			
				//Delete all apps of the group from BD.
				$this->sogroups->delete_all_apps_pgsql($gidnumber);
			}
			
			$connection = $GLOBALS['phpgw']->common->ldapConnect();
			$this->so->delete_sector_ldap_recursively($connection, $sector_dn);
			ldap_close($connection);
			
			// Volta para o ListGroups
			$url = ($GLOBALS['phpgw']->link('/index.php','menuaction=expressoAdmin1_2.uisectors.list_sectors'));
			$GLOBALS['phpgw']->redirect($url);
		}
	}
?>