Prepared class_acl.inc to use ACL checks.

[gosa.git] / gosa-core / include / class_userinfo.inc

diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc
index c1263330cef07987f05014760159e37de477dae1..5413cd00ab4c5784a61f26274dee4a6653fa83aa 100644 (file)
--- a/gosa-core/include/class_userinfo.inc
+++ b/gosa-core/include/class_userinfo.inc
@@ -221,6 +221,10 @@ class userinfo
       return($ret);
     }
 
+    /* Get ldap object, for later filter checks 
+     */
+    $ldap = $this->config->get_ldap_link();
+
     $acl= array("r" => "", "w" => "", "c" => "", "d" => "", "m" => "", "a" => "");
 
     /* Build dn array */
@@ -255,6 +259,27 @@ class userinfo
             continue;
           }
 
+         /* With user filter */
+         if (isset($subacl['filter']) && !empty($subacl['filter'])){
+           $sdn = preg_replace("/^[^,]*+,/","",$dn);
+           $ldap->cd($sdn);
+           $ldap->ls($subacl['filter'],$sdn);
+           if(!$ldap->count()){
+             continue;
+           }else{
+             $found = FALSE; 
+             while($attrs = $ldap->fetch()){
+               if($attrs['dn'] == $dn){
+                 $found = TRUE;
+                 break;
+               }
+             }
+             if(!$found){
+               continue;
+             }
+           }
+         }
+
           /* Per attribute ACL? */
           if (isset($subacl['acl'][$object][$attribute])){
             $acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl'][$object][$attribute]);
@@ -288,7 +313,7 @@ class userinfo
     /* Assemble string */
     $ret= "";
     foreach ($acl as $key => $value){
-      if ($value != ""){
+      if ($value !== ""){
         $ret.= $key;
       }
     }