This commit is mainly as a result of creating DN entries and improves some backend functions:

* Enable creation of new entries, * Change all our ajax frames to go through /frames URI instead of /dn, * Add our frame command to the encrypted DN, * Automatically redirect to root URL when selecting a tree item and currently in another path (as a result of a prior POST activity), * Some validation improvements DNExists/HasStructuralObjectClass
2025-02-23 18:14:41 +11:00 · 2025-02-23 18:14:41 +11:00 · 996d7bb1dc
commit 996d7bb1dc
parent f08fdb1bcd
27 changed files with 687 additions and 147 deletions
--- a/app/Classes/LDAP/Attribute.php
+++ b/app/Classes/LDAP/Attribute.php
@ -145,9 +145,9 @@ class Attribute implements \Countable, \ArrayAccess, \Iterator
 			// Attribute values
 			'values' => $this->values,
 			// Required by Object Classes
-			'required_by' => $this->schema->required_by_object_classes,
+			'required_by' => $this->schema?->required_by_object_classes ?: collect(),
 			// Used in Object Classes
-			'used_in' => $this->schema->used_in_object_classes,
+			'used_in' => $this->schema?->used_in_object_classes ?: collect(),

 			default => throw new \Exception('Unknown key:' . $key),
 		};
--- a/app/Classes/LDAP/Attribute/RDN.php
+++ b/app/Classes/LDAP/Attribute/RDN.php
@ -0,0 +1,49 @@
+<?php
+
+namespace App\Classes\LDAP\Attribute;
+
+use Illuminate\Contracts\View\View;
+use Illuminate\Support\Collection;
+
+use App\Classes\LDAP\Attribute;
+
+/**
+ * Represents the RDN for an Entry
+ */
+final class RDN extends Attribute
+{
+	private string $base;
+	private Collection $attrs;
+
+	public function __get(string $key): mixed
+	{
+		return match ($key) {
+			'base' => $this->base,
+			'attrs' => $this->attrs->pluck('name'),
+			default => parent::__get($key),
+		};
+	}
+
+	public function hints(): array
+	{
+		return [
+			'required' => __('RDN is required')
+		];
+	}
+
+	public function render(bool $edit=FALSE,bool $old=FALSE,bool $new=FALSE): View
+	{
+		return view('components.attribute.rdn')
+			->with('o',$this);
+	}
+
+	public function setAttributes(Collection $attrs): void
+	{
+		$this->attrs = $attrs;
+	}
+
+	public function setBase(string $base): void
+	{
+		$this->base = $base;
+	}
+}
--- a/app/Classes/LDAP/Schema/ObjectClass.php
+++ b/app/Classes/LDAP/Schema/ObjectClass.php
@ -208,7 +208,7 @@ final class ObjectClass extends Base
 	public function __get(string $key): mixed
 	{
 		return match ($key) {
-			'attributes' => $this->getAllAttrs(),
+			'attributes' => $this->getAllAttrs(TRUE),
 			'sup' => $this->sup_classes,
 			'type_name' => match ($this->type) {
 				Server::OC_STRUCTURAL => 'Structural',
@ -223,13 +223,18 @@ final class ObjectClass extends Base
 	/**
 	 * Return a list of attributes that this objectClass provides
 	 *
+	 * @param bool $parents
 	 * @return Collection
 	 * @throws InvalidUsage
 	 */
-	public function getAllAttrs(): Collection
+	public function getAllAttrs(bool $parents=FALSE): Collection
 	{
-		return $this->getMustAttrs()
-			->merge($this->getMayAttrs());
+		return $this->getMustAttrs($parents)
+			->transform(function($item) {
+				$item->required = true;
+				return $item;
+			})
+			->merge($this->getMayAttrs($parents));
 	}

 	/**
--- a/app/Classes/LDAP/Schema/ObjectClassAttribute.php
+++ b/app/Classes/LDAP/Schema/ObjectClassAttribute.php
@ -16,6 +16,7 @@ namespace App\Classes\LDAP\Schema;
 final class ObjectClassAttribute extends Base {
 	// This Attribute's root.
 	private string $source;
+	public bool $required = FALSE;

 	/**
 	 * Creates a new ObjectClassAttribute with specified name and source objectClass.
@ -31,11 +32,9 @@ final class ObjectClassAttribute extends Base {

 	public function __get(string $key): mixed
 	{
-		switch ($key) {
-			case 'source':
-				return $this->source;
-
-			default: return parent::__get($key);
-		}
+		return match ($key) {
+			'source' => $this->source,
+			default => parent::__get($key),
+		};
 	}
 }
--- a/app/Http/Controllers/APIController.php
+++ b/app/Http/Controllers/APIController.php
@ -16,21 +16,21 @@ class APIController extends Controller
 	 * Get the LDAP server BASE DNs
 	 *
 	 * @return Collection
-	 * @throws LdapRecord\Query\ObjectNotFoundException
+	 * @throws \LdapRecord\Query\ObjectNotFoundException
 	 */
 	public function bases(): Collection
 	{
 		$base = Server::baseDNs() ?: collect();

-		return $base->transform(function($item) {
-			return [
-				'title'=>$item->getRdn(),
-				'item'=>$item->getDNSecure(),
-				'lazy'=>TRUE,
-				'icon'=>'fa-fw fas fa-sitemap',
-				'tooltip'=>$item->getDn(),
-			];
-		});
+		return $base
+			->transform(fn($item)=>
+				[
+					'title'=>$item->getRdn(),
+					'item'=>$item->getDNSecure(),
+					'lazy'=>TRUE,
+					'icon'=>'fa-fw fas fa-sitemap',
+					'tooltip'=>$item->getDn(),
+				]);
 	}

 	/**
@ -41,19 +41,31 @@ class APIController extends Controller
 	{
 		$levels = $request->query('depth',1);
 		$dn = Crypt::decryptString($request->query('key'));
+
+		// Sometimes our key has a command, so we'll ignore it
+		if (str_starts_with($dn,'*') && ($x=strpos($dn,'|')))
+			$dn = substr($dn,$x+1);
+
 		Log::debug(sprintf('%s: Query [%s] - Levels [%d]',__METHOD__,$dn,$levels));

 		return (config('server'))
 			->children($dn)
-			->transform(function($item) {
-				return [
+			->transform(fn($item)=>
+				[
 					'title'=>$item->getRdn(),
 					'item'=>$item->getDNSecure(),
 					'icon'=>$item->icon(),
 					'lazy'=>Arr::get($item->getAttribute('hassubordinates'),0) == 'TRUE',
 					'tooltip'=>$item->getDn(),
-				];
-			});
+				])
+			->prepend(
+				[
+					'title'=>sprintf('[%s]',__('Create Entry')),
+					'item'=>Crypt::encryptString(sprintf('*%s|%s','create',$dn)),
+					'lazy'=>FALSE,
+					'icon'=>'fas fa-fw fa-square-plus text-warning',
+					'tooltip'=>__('Create new LDAP item here'),
+				]);
 	}

 	public function schema_view(Request $request)
@ -63,20 +75,20 @@ class APIController extends Controller
 		switch($request->type) {
 			case 'objectclasses':
 				return view('fragment.schema.objectclasses')
-					->with('objectclasses',$server->schema('objectclasses')->sortBy(function($item) { return strtolower($item->name); }));
+					->with('objectclasses',$server->schema('objectclasses')->sortBy(fn($item)=>strtolower($item->name)));

 			case 'attributetypes':
 				return view('fragment.schema.attributetypes')
 					->with('server',$server)
-					->with('attributetypes',$server->schema('attributetypes')->sortBy(function($item) { return strtolower($item->name); }));
+					->with('attributetypes',$server->schema('attributetypes')->sortBy(fn($item)=>strtolower($item->name)));

 			case 'ldapsyntaxes':
 				return view('fragment.schema.ldapsyntaxes')
-					->with('ldapsyntaxes',$server->schema('ldapsyntaxes')->sortBy(function($item) { return strtolower($item->description); }));
+					->with('ldapsyntaxes',$server->schema('ldapsyntaxes')->sortBy(fn($item)=>strtolower($item->description)));

 			case 'matchingrules':
 				return view('fragment.schema.matchingrules')
-					->with('matchingrules',$server->schema('matchingrules')->sortBy(function($item) { return strtolower($item->name); }));
+					->with('matchingrules',$server->schema('matchingrules')->sortBy(fn($item)=>strtolower($item->name)));

 			default:
 				abort(404);
--- a/app/Http/Controllers/HomeController.php
+++ b/app/Http/Controllers/HomeController.php
@ -2,6 +2,7 @@

 namespace App\Http\Controllers;

+use Illuminate\Contracts\View\View;
 use Illuminate\Http\Request;
 use Illuminate\Support\Arr;
 use Illuminate\Support\Collection;
@ -12,20 +13,21 @@ use Illuminate\Support\Facades\Redirect;
 use LdapRecord\Exceptions\InsufficientAccessException;
 use LdapRecord\LdapRecordException;
 use LdapRecord\Query\ObjectNotFoundException;
+use Nette\NotImplementedException;

+use App\Classes\LDAP\Attribute\Factory;
 use App\Classes\LDAP\{Attribute,Server};
 use App\Classes\LDAP\Import\LDIF as LDIFImport;
 use App\Classes\LDAP\Export\LDIF as LDIFExport;
 use App\Exceptions\Import\{GeneralException,VersionException};
 use App\Exceptions\InvalidUsage;
-use App\Http\Requests\{EntryRequest,ImportRequest};
+use App\Http\Requests\{EntryRequest,EntryAddRequest,ImportRequest};
 use App\Ldap\Entry;
 use App\View\Components\AttributeType;
-use Nette\NotImplementedException;

 class HomeController extends Controller
 {
-	private function bases()
+	private function bases(): Collection
 	{
 		$base = Server::baseDNs() ?: collect();

@ -51,21 +53,38 @@ class HomeController extends Controller
 	}

 	/**
-	 * Render a specific DN
+	 * Create a new object in the LDAP server
 	 *
-	 * @param Request $request
+	 * @param EntryAddRequest $request
 	 * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\Contracts\View\View
+	 * @throws InvalidUsage
 	 */
-	public function dn_frame(Request $request)
+	public function entry_add(EntryAddRequest $request)
 	{
-		$dn = Crypt::decryptString($request->post('key'));
+		if (! old('step',$request->validated('step')))
+			abort(404);

-		$page_actions = collect(['edit'=>TRUE,'copy'=>TRUE]);
+		$key = $this->request_key($request,collect(old()));

-		return view('frames.dn')
-			->with('o',config('server')->fetch($dn))
-			->with('dn',$dn)
-			->with('page_actions',$page_actions);
+		$o = new Entry;
+
+		if (count(array_filter($x=old('objectclass',$request->objectclass)))) {
+			$o->objectclass = $x;
+
+			foreach($o->getAvailableAttributes()->filter(fn($item)=>$item->required) as $ao)
+				$o->addAttribute($ao,'');
+
+			$o->setRDNBase($key['dn']);
+		}
+
+		$step = $request->step ? $request->step+1 : old('step');
+
+		return view('frame')
+			->with('subframe','create')
+			->with('bases',$this->bases())
+			->with('o',$o)
+			->with('step',$step)
+			->with('container',old('container',$key['dn']));
 	}

 	/**
@ -75,7 +94,7 @@ class HomeController extends Controller
 	 * @param string $id
 	 * @return \Closure|\Illuminate\Contracts\View\View|string
 	 */
-	public function entry_attr_add(Request $request,string $id)
+	public function entry_attr_add(Request $request,string $id): string
 	{
 		$xx = new \stdClass();
 		$xx->index = 0;
@ -90,6 +109,53 @@ class HomeController extends Controller
 		return $x;
 	}

+	public function entry_create(EntryAddRequest $request)
+	{
+		$key = $this->request_key($request,collect(old()));
+
+		$dn = sprintf('%s=%s,%s',$request->rdn,$request->rdn_value,$key['dn']);
+
+		$o = new Entry;
+		$o->setDn($dn);
+
+		foreach ($request->except(['_token','key','step','rdn','rdn_value']) as $key => $value)
+			$o->{$key} = array_filter($value);
+
+		try {
+			$o->save();
+
+		} catch (InsufficientAccessException $e) {
+			$request->flash();
+
+			switch ($x=$e->getDetailedError()->getErrorCode()) {
+				case 50:
+					return Redirect::to('/')
+						->withInput()
+						->withErrors(sprintf('%s: %s (%s)',__('LDAP Server Error Code'),$x,__($e->getDetailedError()->getErrorMessage())));
+
+				default:
+					abort(599,$e->getDetailedError()->getErrorMessage());
+			}
+
+		// @todo To test and valide this Exception is caught
+		} catch (LdapRecordException $e) {
+			$request->flash();
+
+			switch ($x=$e->getDetailedError()->getErrorCode()) {
+				case 8:
+					return Redirect::to('/')
+						->withInput()
+						->withErrors(sprintf('%s: %s (%s)',__('LDAP Server Error Code'),$x,__($e->getDetailedError()->getErrorMessage())));
+
+				default:
+					abort(599,$e->getDetailedError()->getErrorMessage());
+			}
+		}
+
+		return Redirect::to('/')
+			->withFragment($o->getDNSecure());
+	}
+
 	public function entry_export(Request $request,string $id)
 	{
 		$dn = Crypt::decryptString($id);
@ -112,11 +178,9 @@ class HomeController extends Controller
 	 * @param string $id
 	 * @return mixed
 	 */
-	public function entry_objectclass_add(string $id)
+	public function entry_objectclass_add(Request $request)
 	{
-		$dn = Crypt::decryptString($id);
-		$o = config('server')->fetch($dn);
-		$oc = $o->getObject('objectclass');
+		$oc = Factory::create('objectclass',$request->oc);

 		$ocs = $oc
 			->structural
@ -259,26 +323,51 @@ class HomeController extends Controller
 	}

 	/**
-	 * Application home page
+	 * Render a frame, normally as a result of an AJAX call
+	 * This will render the right frame.
+	 *
+	 * @param Request $request
+	 * @param Collection|null $old
+	 * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|View
 	 */
-	public function home()
+	public function frame(Request $request,?Collection $old=NULL): View
 	{
-		if (old('dn'))
-			return view('frame')
-				->with('subframe','dn')
-				->with('bases',$this->bases())
-				->with('o',config('server')->fetch($dn=Crypt::decryptString(old('dn'))))
-				->with('dn',$dn);
+		// If our index was not render from a root url, then redirect to it
+		if (($request->root().'/' !== url()->previous()) && $request->method() === 'POST')
+			abort(409);

-		elseif (old('frame'))
-			return view('frame')
-				->with('subframe',old('frame'))
+		$key = $this->request_key($request,$old);
+
+		$view = ($old
+			? view('frame')->with('subframe',$key['cmd'])
+			: view('frames.'.$key['cmd']))
+			->with('bases',$this->bases());
+
+		return match ($key['cmd']) {
+			'create' => $view
+				->with('container',old('container',$key['dn']))
+				->with('step',1),
+
+			'dn' => $view
+				->with('dn',$key['dn'])
+				->with('page_actions',collect(['edit'=>TRUE,'copy'=>TRUE])),
+
+			'import' => $view,
+
+			default => abort(404),
+		};
+	}
+
+	/**
+	 * This is the main page render function
+	 */
+	public function home(Request $request)
+	{
+		// Did we come here as a result of a redirect
+		return count(old())
+			? $this->frame($request,collect(old()))
+			: view('home')
 				->with('bases',$this->bases());
-
-		else
-			return view('home')
-				->with('bases',$this->bases())
-				->with('server',config('ldap.connections.default.name'));
 	}

 	/**
@ -334,6 +423,39 @@ class HomeController extends Controller
 			->with('s',config('server'));
 	}

+	/**
+	 * For any incoming request, work out the command and DN involved
+	 *
+	 * @param Request $request
+	 * @param Collection|null $old
+	 * @return array
+	 */
+	private function request_key(Request $request,?Collection $old=NULL): array
+	{
+		// Setup
+		$cmd = NULL;
+		$dn = NULL;
+		$key = $request->get('key',old('key'))
+			? Crypt::decryptString($request->get('key',old('key')))
+			: NULL;
+
+		// Determine if our key has a command
+		if (str_contains($key,'|')) {
+			$m = [];
+
+			if (preg_match('/\*([a-z_]+)\|(.+)$/',$key,$m)) {
+				$cmd = $m[1];
+				$dn = ($m[2] !== '_NOP') ? $m[2] : NULL;
+			}
+
+		} elseif (old('dn',$request->get('key'))) {
+			$cmd = 'dn';
+			$dn = Crypt::decryptString(old('dn',$request->get('key')));
+		}
+
+		return ['cmd'=>$cmd,'dn'=>$dn];
+	}
+
 	/**
 	 * Show the Schema Viewer
 	 *
--- a/app/Http/Requests/EntryAddRequest.php
+++ b/app/Http/Requests/EntryAddRequest.php
@ -0,0 +1,71 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Crypt;
+
+use App\Rules\{DNExists,HasStructuralObjectClass};
+
+class EntryAddRequest extends FormRequest
+{
+	/**
+	 * Get the error messages for the defined validation rules.
+	 *
+	 * @return array<string, string>
+	 */
+	public function messages(): array
+	{
+		return [
+			'rdn' => __('RDN is required.'),
+			'rdn_value' => __('RDN value is required.'),
+		];
+	}
+
+	/**
+	 * Get the validation rules that apply to the request.
+	 *
+	 * @return array<string, mixed>
+	 * @throws \Psr\Container\ContainerExceptionInterface
+	 * @throws \Psr\Container\NotFoundExceptionInterface
+	 */
+	public function rules(): array
+	{
+		if (request()->method() === 'GET')
+			return [];
+
+		return config('server')
+			->schema('attributetypes')
+			->intersectByKeys($this->request)
+			->map(fn($item)=>$item->validation(request()->get('objectclass')))
+			->filter()
+			->flatMap(fn($item)=>$item)
+			->merge([
+				'key' => [
+					'required',
+					new DNExists,
+					function (string $attribute,mixed $value,\Closure $fail) {
+						$cmd = Crypt::decryptString($value);
+
+						// Sometimes our key has a command, so we'll ignore it
+						if (str_starts_with($cmd,'*') && ($x=strpos($cmd,'|')))
+							$cmd = substr($cmd,1,$x-1);
+
+						if ($cmd !== 'create') {
+							$fail(sprintf('Invalid command: %s',$cmd));
+						}
+					},
+				],
+				'rdn' => 'required_if:step,2|string|min:1',
+				'rdn_value' => 'required_if:step,2|string|min:1',
+				'step' => 'int|min:1|max:2',
+				'objectclass'=>[
+					'required',
+					'array',
+					'min:1',
+					new HasStructuralObjectClass,
+				]
+			])
+			->toArray();
+	}
+}
--- a/app/Http/Requests/EntryRequest.php
+++ b/app/Http/Requests/EntryRequest.php
@ -6,27 +6,17 @@ use Illuminate\Foundation\Http\FormRequest;

 class EntryRequest extends FormRequest
 {
-	/**
-	 * Determine if the user is authorized to make this request.
-	 *
-	 * @return bool
-	 */
-	public function authorize()
-	{
-		return TRUE;
-	}
-
 	/**
 	 * Get the validation rules that apply to the request.
 	 *
 	 * @return array<string, mixed>
 	 */
-	public function rules()
+	public function rules(): array
 	{
 		return config('server')
 			->schema('attributetypes')
 			->intersectByKeys($this->request)
-			->map(fn($item)=>$item->validation(request()->get('objectclass')))
+			->map(fn($item)=>$item->validation(request()?->get('objectclass') ?: []))
 			->filter()
 			->flatMap(fn($item)=>$item)
 			->toArray();
--- a/app/Http/Requests/ImportRequest.php
+++ b/app/Http/Requests/ImportRequest.php
@ -6,15 +6,9 @@ use Illuminate\Foundation\Http\FormRequest;

 class ImportRequest extends FormRequest
 {
-	public function authorize()
-	{
-		return TRUE;
-	}
-
-	public function rules()
+	public function rules(): array
 	{
 		return [
-			'frame' => 'required|string|in:import',
 			'file' => 'nullable|extensions:ldif|required_without:text',
 			'text'=> 'nullable|prohibits:file|string|min:16',
 		];
--- a/app/Ldap/Entry.php
+++ b/app/Ldap/Entry.php
@ -12,11 +12,14 @@ use App\Classes\LDAP\Attribute;
 use App\Classes\LDAP\Attribute\Factory;
 use App\Classes\LDAP\Export\LDIF;
 use App\Exceptions\Import\AttributeException;
+use App\Exceptions\InvalidUsage;

 class Entry extends Model
 {
 	private Collection $objects;
 	private bool $noObjectAttributes = FALSE;
+	// For new entries, this is the container that this entry will be stored in
+	private string $rdnbase;

 	/* OVERRIDES */

@ -46,7 +49,7 @@ class Entry extends Model
 	public function getAttributes(): array
 	{
 		return $this->objects
-			->map(fn($item)=>$item->values->toArray())
+			->map(fn($item)=>$item->values)
 			->toArray();
 	}

@ -92,10 +95,7 @@ class Entry extends Model
 		$key = $this->normalizeAttributeKey($key);

 		if ((! $this->objects->get($key)) && $value) {
-			$o = new Attribute($key,[]);
-			$o->value = $value;
-
-			$this->objects->put($key,$o);
+			$this->objects->put($key,Factory::create($key,$value));

 		} elseif ($this->objects->get($key)) {
 			$this->objects->get($key)->value = $this->attributes[$key];
@ -265,8 +265,12 @@ class Entry extends Model
 	 */
 	public function getObject(string $key): Attribute|null
 	{
-		return $this->objects
-			->get($this->normalizeAttributeKey($key));
+		return match ($key) {
+			'rdn' => $this->getRDNObject(),
+
+			default => $this->objects
+				->get($this->normalizeAttributeKey($key))
+		};
 	}

 	public function getObjects(): Collection
@ -289,6 +293,16 @@ class Entry extends Model
 			->filter(fn($a)=>(! $this->getVisibleAttributes()->contains(fn($b)=>($a->name === $b->name))));
 	}

+	private function getRDNObject(): Attribute\RDN
+	{
+		$o = new Attribute\RDN('dn',['']);
+		// @todo for an existing object, return the base.
+		$o->setBase($this->rdnbase);
+		$o->setAttributes($this->getAvailableAttributes()->filter(fn($item)=>$item->required));
+
+		return $o;
+	}
+
 	/**
 	 * Return this list of user attributes
 	 *
@ -413,4 +427,12 @@ class Entry extends Model

 		return $this;
 	}
+
+	public function setRDNBase(string $bdn): void
+	{
+		if ($this->exists)
+			throw new InvalidUsage('Cannot set RDN base on existing entries');
+
+		$this->rdnbase = $bdn;
+	}
 }
--- a/app/Rules/DNExists.php
+++ b/app/Rules/DNExists.php
@ -0,0 +1,27 @@
+<?php
+
+namespace App\Rules;
+
+use Closure;
+use Illuminate\Contracts\Validation\ValidationRule;
+use Illuminate\Support\Facades\Crypt;
+
+class DNExists implements ValidationRule
+{
+    /**
+     * Run the validation rule.
+     *
+     * @param  \Closure(string, ?string=): \Illuminate\Translation\PotentiallyTranslatedString  $fail
+     */
+    public function validate(string $attribute,mixed $value,Closure $fail): void
+    {
+		$dn = Crypt::decryptString($value);
+
+		// Sometimes our key has a command, so we'll ignore it
+		if (str_starts_with($dn,'*') && ($x=strpos($dn,'|')))
+			$dn = substr($dn,$x+1);
+
+		if (! config('server')->fetch($dn))
+			$fail(sprintf('The DN %s doesnt exist.',$dn));
+    }
+}
--- a/app/Rules/HasStructuralObjectClass.php
+++ b/app/Rules/HasStructuralObjectClass.php
@ -0,0 +1,23 @@
+<?php
+
+namespace App\Rules;
+
+use Closure;
+use Illuminate\Contracts\Validation\ValidationRule;
+
+class HasStructuralObjectClass implements ValidationRule
+{
+    /**
+     * Run the validation rule.
+     *
+     * @param  \Closure(string, ?string=): \Illuminate\Translation\PotentiallyTranslatedString  $fail
+     */
+    public function validate(string $attribute,mixed $value,Closure $fail): void
+    {
+		foreach ($value as $item)
+			if ($item && config('server')->schema('objectclasses',$item)->isStructural())
+				return;
+
+		$fail('There isnt a Structural Objectclass.');
+    }
+}
--- a/public/css/custom.css
+++ b/public/css/custom.css
@ -7,9 +7,12 @@ img.jpegphoto {
 /** ensure our userpassword has select is next to the password input */
 div#userPassword .select2-container--bootstrap-5 .select2-selection {
 	font-size: inherit;
-	border-bottom-right-radius: unset;
-	border-top-right-radius: unset;
 	width: 9em;
 	border: #444054 1px solid;
 	background-color: #f0f0f0;
+}
+
+.input-group:first-child .select2-container--bootstrap-5 .select2-selection {
+	border-bottom-right-radius: unset;
+	border-top-right-radius: unset;
 }
--- a/public/css/fixes.css
+++ b/public/css/fixes.css
@ -303,4 +303,8 @@ div#objectClass .input-group-delete {
 	bottom: 30px;
 	right: 10px;
 	height: 5px;
+}
+
+.input-group-text {
+	background-color: #fafafa;
 }
--- a/public/js/custom.js
+++ b/public/js/custom.js
@ -13,32 +13,41 @@ function expandChildren(node) {

 function getNode(item) {
 	$.ajax({
-		url: '/dn',
+		url: '/frame',
 		method: 'POST',
 		data: { key: item },
 		dataType: 'html',
 		beforeSend: function() {
-			content = $('.main-content').contents();
-			$('.main-content').empty().append('<div class="fa-3x"><i class="fas fa-spinner fa-pulse"></i></div>');
+			content = $('.main-content')
+				.contents();
+
+			$('.main-content')
+				.empty()
+				.append('<div class="fa-3x"><i class="fas fa-spinner fa-pulse"></i></div>');
 		}

 	}).done(function(html) {
-		$('.main-content').empty().append(html);
+		$('.main-content')
+			.empty()
+			.append(html);

-	}).fail(function(item) {
-		switch(item.status) {
+	}).fail(function(e) {
+		switch(e.status) {
 			case 404:
-				$('.main-content').empty().append(item.responseText);
+				$('.main-content').empty().append(e.responseText);
+				break;
+			case 409:
+				location.replace('/#'+item);
 				break;
 			case 419:
 				alert('Session has expired, reloading the page and try again...');
 				location.reload();
 				break;
 			case 500:
-				$('.main-content').empty().append(item.responseText);
+				$('.main-content').empty().append(e.responseText);
 				break;
 			default:
-				alert(item.status+': Well that didnt work?');
+				alert('Well that didnt work? Code ['+e.status+']');
 		}
 	});
 }
--- a/resources/views/components/attribute/rdn.blade.php
+++ b/resources/views/components/attribute/rdn.blade.php
@ -0,0 +1,64 @@
+<!-- $o=RDN::class -->
+<x-attribute.layout :edit="$edit ?? FALSE" :new="$new ?? FALSE" :o="$o">
+	@foreach($o->values as $value)
+		@if($edit)
+			<div class="input-group has-validation mb-3">
+				<select class="form-select @error('rdn')is-invalid @enderror" id="rdn" name="rdn">
+					<option value=""></option>
+
+					@foreach($o->attrs->map(fn($item)=>['id'=>$item,'value'=>$item]) as $option)
+						@continue(! Arr::get($option,'value'))
+						<option value="{{ Arr::get($option,'id') }}" @selected(Arr::get($option,'id') == old('rdn',$value ?? ''))>{{ Arr::get($option,'value') }}</option>
+					@endforeach
+				</select>
+
+				<span class="input-group-text">=</span>
+				<input type="text" @class(['form-control','is-invalid'=>$errors->get('rdn_value')]) id="rdn_value" name="rdn_value" value="{{ old('rdn_value') }}" placeholder="rdn">
+				<label class="input-group-text" for="inputGroupSelect02">,{{ $o->base }}</label>
+
+				<div class="invalid-feedback pb-2">
+					@error('rdn')
+						{{ $message }}
+					@enderror
+					@error('rdn_value')
+						{{ $message }}
+					@enderror
+				</div>
+			</div>
+		@else
+			{{ $value }}
+		@endif
+	@endforeach
+</x-attribute.layout>
+
+@section('page-scripts')
+	<script type="text/javascript">
+		$(document).ready(function() {
+			var rdn_value_set = null;
+			var rdn_attr = null;
+
+			function set_rdn_value() {
+				if (rdn_attr && rdn_value_set)
+					$('#'+rdn_attr).find('input').val($('input#rdn_value').val());
+			}
+
+			$('select#rdn').on('change',function() {
+				// if rdn_attr is already set (and its now different), remove read only and clear value
+				if (rdn_attr)
+					$('#'+rdn_attr).find('input').attr('readonly',false).val('');
+
+				// set RDN attribute read-only
+				if (rdn_attr = $(this).val())
+					$('#'+rdn_attr).find('input').attr('readonly',true).val('');
+
+				set_rdn_value();
+			})
+
+			$('input#rdn_value').on('change',function() {
+				rdn_value_set = $(this).val();
+
+				set_rdn_value();
+			})
+		});
+	</script>
+@endsection
--- a/resources/views/components/attribute/widget/options.blade.php
+++ b/resources/views/components/attribute/widget/options.blade.php
@ -46,12 +46,15 @@
 								if (! rendered)
 									$.ajax({
 										type: 'POST',
-										// @todo When this is opened a second time, the data is appended.
+										cache: false,
+										url: '{{ url('entry/objectclass/add') }}',
+										data: {
+											oc: oc,
+										},
 										success: function(data) {
 											$('select#newoc').select2({
 												dropdownParent: $('#new_objectclass-modal'),
 												theme: 'bootstrap-5',
-												allowClear: true,
 												multiple: true,
 												data: data,
 											});
@ -60,8 +63,6 @@
 											if (e.status != 412)
 												alert('That didnt work? Please try again....');
 										},
-										url: '{{ url('entry/objectclass/add') }}/'+dn,
-										cache: false
 									});

 								rendered = true;
--- a/resources/views/components/form/base.blade.php
+++ b/resources/views/components/form/base.blade.php
@ -15,7 +15,7 @@
 		{{ $slot }}
 		@isset($name)
 			<span class="invalid-feedback">
-				@error((! empty($old)) ? $old : $name)
+				@error((! empty($old)) ? $old : ($id ?? $name))
 					{{ $message }}
 				@elseif(isset($feedback))
 					{{ $feedback }}
--- a/resources/views/components/form/select.blade.php
+++ b/resources/views/components/form/select.blade.php
@ -2,7 +2,7 @@
 	@isset($name)
 		<input type="hidden" id="{{ $id ?? $name }}_disabled" name="{{ $name }}" value="" disabled>
 	@endisset
-	<select class="form-select @isset($name)@error((! empty($old)) ? $old : $name) is-invalid @enderror @endisset" id="{{ $id ?? $name }}" @isset($name)name="{{ $name }}"@endisset @required(isset($required) && $required) @disabled(isset($disabled) && $disabled)>
+	<select class="form-select @isset($name)@error((! empty($old)) ? $old : ($id ?? $name)) is-invalid @enderror @endisset" id="{{ $id ?? $name }}" @isset($name)name="{{ $name }}"@endisset @required(isset($required) && $required) @disabled(isset($disabled) && $disabled)>
 		@if((empty($value) && ! empty($options)) || isset($addnew) || isset($choose))
 			<option value=""></option>
 			@isset($addnew)
@ -54,10 +54,24 @@
 				width: 'style',
 				allowClear: {{ $allowclear ?? 'false' }},
 				placeholder: '{{ $placeholder ?? '' }}',
+				multiple: {{ $multiple ?? 'false' }},
 				@isset($addvalues)
 					tags: true,
 				@endisset
 			});
+
+			@if(isset($multiple) && (! $multiple))
+				$('#{{ $id ?? $name }}').val(' ');
+				$('#{{ $id ?? $name }}').trigger('change');
+			@endif
+
+			@isset($options)
+				@if($options->count() === 1)
+					$('#{{ $id ?? $name }}')
+						.val('{{ $options->first()['id'] }}')
+						.trigger("change")
+				@endif
+			@endisset
 		});
 	</script>
@append
--- a/resources/views/fragment/dn/add_attr.blade.php
+++ b/resources/views/fragment/dn/add_attr.blade.php
@ -0,0 +1,22 @@
+<div id="newattrs"></div>
+
+<!-- Add new attributes -->
+<div class="row">
+	<div class="col-12 col-sm-1 col-md-2"></div>
+	<div class="col-12 col-sm-10 col-md-8">
+		<div class="d-none" id="newattr-select">
+			<div class="row">
+				<div class="col-12 bg-dark text-light p-2">
+					<i class="fas fa-plus-circle"></i> Add New Attribute
+				</div>
+			</div>
+
+			<div class="row">
+				<div class="col-12 pt-2">
+					<x-form.select id="newattr" label="Select from..." :options="$o->getMissingAttributes()->sortBy('name')->map(fn($item)=>['id'=>$item->name,'value'=>$item->name_lc])"/>
+				</div>
+			</div>
+		</div>
+	</div>
+	<div class="col-2"></div>
+</div>
--- a/resources/views/fragment/dn/header.blade.php
+++ b/resources/views/fragment/dn/header.blade.php
@ -3,7 +3,7 @@
 		<td class="{{ ($x=$o->getObject('jpegphoto')) ? 'border' : '' }}" rowspan="2">
 			{!! $x ? $x->render(FALSE,TRUE) : sprintf('<div class="page-title-icon f32"><i class="%s"></i></div>',$o->icon() ?? "fas fa-info") !!}
 		</td>
-		<td class="text-end align-text-top p-0 {{ $x ? 'ps-5' : 'pt-2' }}"><strong>{{ $dn }}</strong></td>
+		<td class="text-end align-text-top p-0 {{ $x ? 'ps-5' : 'pt-2' }}"><strong>{{ $o->getDn() }}</strong></td>
 	</tr>
 	<tr>
 		<td class="line-height-1" style="font-size: 55%;vertical-align: bottom;" colspan="2">
--- a/resources/views/frames/create.blade.php
+++ b/resources/views/frames/create.blade.php
@ -0,0 +1,123 @@
+@extends('layouts.dn')
+
+@section('page_title')
+	@include('fragment.dn.header',['o'=>($oo=config('server')->fetch(old('container',$container)))])
+@endsection
+
+@section('main-content')
+	<x-error/>
+
+	<div class="row">
+		<div class="offset-1 col-10">
+			<div class="main-card mb-3 card">
+
+				<div class="card-header">
+					@lang('Create New Entry') - @lang('Step') {{ $step }}
+				</div>
+
+				<div class="card-body">
+					<form id="dn-create" method="POST" class="needs-validation" action="{{ url((int)$step === 2 ? 'entry/create' : 'entry/add') }}" enctype="multipart/form-data" novalidate>
+						@csrf
+
+						<input type="hidden" name="key" value="{{ Crypt::encryptString('*create|'.$container) }}">
+						<input type="hidden" name="step" value="{{ $step }}">
+
+						@switch($step)
+							@case(1)
+								<div class="row">
+									<div class="col-12 col-sm-6">
+										<x-form.select
+											id="objectclass"
+											name="objectclass[]"
+											:label="__('Select a Structural ObjectClass...')"
+											:options="($oc=config('server')->schema('objectclasses'))
+												->filter(fn($item)=>$item->isStructural())
+												->sortBy(fn($item)=>$item->name_lc)
+												->map(fn($item)=>['id'=>$item->name,'value'=>$item->name])"
+											multiple="false"
+										/>
+									</div>
+								</div>
+								@break
+
+							@case(2)
+								<x-attribute-type :edit="true" :o="$o->getObject('rdn')"/>
+
+								@foreach ($o->getVisibleAttributes() as $ao)
+									<x-attribute-type :edit="true" :o="$ao"/>
+								@endforeach
+
+								@include('fragment.dn.add_attr')
+
+								@break;
+						@endswitch
+					</form>
+
+					<div class="row d-none pt-3">
+						<div class="col-12 {{ $step > 1 ? 'offset-sm-2' : '' }} col-sm-4 col-lg-2">
+							<x-form.reset form="dn-create"/>
+							<x-form.submit action="Next" form="dn-create"/>
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+@endsection
+
+@section('page-scripts')
+	<script type="text/javascript">
+		var oc = {!! $oo->getObject('objectclass')->values !!};
+
+		function editmode() {
+			// Find all input items and turn off readonly
+			$('input.form-control').each(function() {
+				// Except for objectClass - @todo show an "X" instead
+				if ($(this)[0].name.match(/^objectclass/))
+					return;
+
+				$(this).attr('readonly',false);
+			});
+
+			// Our password type
+			$('div#userPassword .form-select').each(function() {
+				$(this).prop('disabled',false);
+			})
+
+			$('.row.d-none').removeClass('d-none');
+			$('.addable.d-none').removeClass('d-none');
+			$('.deletable.d-none').removeClass('d-none');
+			$('#newattr-select.d-none').removeClass('d-none');
+		}
+
+		$(document).ready(function() {
+			$('#newattr').on('change',function(item) {
+				$.ajax({
+					type: 'POST',
+					beforeSend: function() {},
+					success: function(data) {
+						$('#newattrs').append(data);
+					},
+					error: function(e) {
+						if (e.status != 412)
+							alert('That didnt work? Please try again....');
+					},
+					url: '{{ url('entry/attr/add') }}/'+item.target.value,
+					data: {
+						objectclasses: oc,
+					},
+					cache: false
+				});
+
+				// Remove the option from the list
+				$(this).find('[value="'+item.target.value+'"]').remove()
+
+				// If there are no more options
+				if ($(this).find("option").length === 1)
+					$('#newattr-select').remove();
+			});
+
+			editmode();
+		});
+	</script>
+@append
--- a/resources/views/frames/dn.blade.php
+++ b/resources/views/frames/dn.blade.php
@ -1,7 +1,7 @@
@extends('layouts.dn')

@section('page_title')
-	@include('fragment.dn.header')
+	@include('fragment.dn.header',['o'=>($o=config('server')->fetch($dn))])
@endsection

@section('main-content')
@ -9,8 +9,6 @@
 	<x-updated/>
 	<x-error/>

-	<!-- @todo If we are redirected here, check old() and add back any attributes that were in the original submission -->
-
 	<div class="main-card mb-3 card">
 		<div class="card-body">
 			<div class="card-header-tabs">
@ -34,31 +32,7 @@
 								<x-attribute-type :edit="true" :o="$ao"/>
 							@endforeach

-							<div id="newattrs"></div>
-
-							<!-- Add new attributes -->
-							<div class="row">
-								<div class="col-12 col-sm-1 col-md-2"></div>
-								<div class="col-12 col-sm-10 col-md-8">
-									<div class="d-none" id="newattr-select">
-
-									@if($o->getMissingAttributes()->count())
-										<div class="row">
-											<div class="col-12 bg-dark text-light p-2">
-												<i class="fas fa-plus-circle"></i> Add New Attribute
-											</div>
-										</div>
-
-										<div class="row">
-											<div class="col-12 pt-2">
-												<x-form.select id="newattr" label="Select from..." :options="$o->getMissingAttributes()->sortBy('name')->map(fn($item)=>['id'=>$item->name,'value'=>$item->name_lc])"/>
-											</div>
-										</div>
-									@endif
-									</div>
-								</div>
-								<div class="col-2"></div>
-							</div>
+							@include('fragment.dn.add_attr')
 						</form>

 						<div class="row d-none pt-3">
--- a/resources/views/frames/import.blade.php
+++ b/resources/views/frames/import.blade.php
@ -15,7 +15,7 @@
 			<div class="main-card mb-3 card">
 				<form id="import-form" action="{{ url('import/process/ldif') }}" method="POST" enctype="multipart/form-data">
 					@csrf
-					<input type="hidden" name="frame" value="import">
+					<input type="hidden" name="key" value="{{ Crypt::encryptString('*import|_NOP') }}">

 					<div class="card-header">
 						@lang('LDIF Import')
--- a/resources/views/frames/schema.blade.php
+++ b/resources/views/frames/schema.blade.php
@ -1,10 +1,11 @@
+@use(App\Classes\LDAP\Server)
@extends('layouts.dn')

@section('page_title')
 	<table class="table table-borderless">
 		<tr>
 			<td style="border-radius: 5px;"><div class="page-title-icon f32"><i class="fas fa-fingerprint"></i></div></td>
-			<td class="top text-end align-text-top p-0 pt-2"><strong>{{ \App\Classes\LDAP\Server::schemaDN() }}</strong></td>
+			<td class="top text-end align-text-top p-0 pt-2"><strong>{{ Server::schemaDN() }}</strong></td>
 		</tr>
 	</table>
@endsection
--- a/resources/views/home.blade.php
+++ b/resources/views/home.blade.php
@ -17,7 +17,7 @@
 			<div class="row">
 				<div class="col-12 col-sm-4">
 					<h3 class="d-inline-block d-sm-none">phpLDAPadmin</h3>
-					<img src="{{ url('/images/logo.png') }}" class="logo-image col-12" alt="PLA Logo">
+					<img src="{{ url('images/logo.png') }}" class="logo-image col-12" alt="PLA Logo">
 				</div>

 				<div class="col-12 col-sm-8">
@ -48,14 +48,23 @@
 		var subpage = window.location.hash;

 		$(document).ready(function() {
-			// Enable navigating to a page via a URL fragment, and that fragment is defined with a server-icon
-			var valid = Object.values($('.server-icon > a').map(function(item) {
-				return $(this).attr('id');
-			})).indexOf(subpage.substring(1));
+			if (subpage) {
+				// Enable navigating to a page via a URL fragment, and that fragment is defined with a server-icon
+				var valid = Object.values($('.server-icon > a').map(function() {
+					return $(this).attr('id');
+				})).indexOf(subpage.substring(1));

-			if (valid !== -1 && subpage) {
-				// The click() event wont have been registered yet, so we need to delay us clicking it
-				setTimeout(function() { $(subpage).click(); },250);
+				if (valid !== -1) {
+					// @todo this condition can probably be removed
+					console.log('teleporting...:'+subpage.substring(1));
+					// The click() event wont have been registered yet, so we need to delay us clicking it
+					setTimeout(function() { $(subpage).click(); },250);
+
+				} else if (valid === -1) {
+					// Clear the hash
+					history.replaceState(null,null,' ');
+					getNode(subpage.substring(1));
+				}
 			}
 		});
 	</script>
--- a/routes/web.php
+++ b/routes/web.php
@ -32,8 +32,8 @@ Route::controller(HomeController::class)->group(function() {
 	Route::middleware(AllowAnonymous::class)->group(function() {
 		Route::get('/','home');
 		Route::get('info','info');
-		Route::post('dn','dn_frame');
 		Route::get('debug','debug');
+		Route::post('frame','frame');
 		Route::get('import','import_frame');
 		Route::get('schema','schema_frame');

@ -41,10 +41,12 @@ Route::controller(HomeController::class)->group(function() {
 			Route::get('image','user_image');
 		});

+		Route::match(['get','post'],'entry/add','entry_add');
+		Route::post('entry/create','entry_create');
 		Route::get('entry/export/{id}','entry_export');
 		Route::post('entry/password/check/','entry_password_check');
 		Route::post('entry/attr/add/{id}','entry_attr_add');
-		Route::post('entry/objectclass/add/{id}','entry_objectclass_add');
+		Route::post('entry/objectclass/add','entry_objectclass_add');
 		Route::post('entry/update/commit','entry_update');
 		Route::post('entry/update/pending','entry_pending_update');