Fixed daemon data indexing

[gosa.git] / gosa-core / include / class_userinfo.inc
diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc

index 0719927c152b6612030f4ea7fa4a3d14839fad84..9ce014935a932ba0eaad49a9ef035ed63deab054 100644 (file)
--- a/gosa-core/include/class_userinfo.inc
+++ b/gosa-core/include/class_userinfo.inc
@@ -172,7 +172,6 @@ class userinfo
        }
  
      }
-
    }
  
  
@@ -198,6 +197,86 @@ class userinfo
      return ($acl);
    }
  
+  
+  /*! \brief Check if the given object (dn) is copyable
+      @param  String The object dn 
+      @param  String The acl  category (e.g. users) 
+      @param  String The acl  class (e.g. user) 
+      @return Boolean   TRUE if the given object is copyable else FALSE 
+  */
+  function is_copyable($dn, $object, $class)
+  {
+    return(preg_match("/r/",$this->has_complete_category_acls($dn, $object)));
+  }
+
+
+  /*! \brief Check if the given object (dn) is cutable
+      @param  String The object dn 
+      @param  String The acl  category (e.g. users) 
+      @param  String The acl  class (e.g. user) 
+      @return Boolean   TRUE if the given object is cutable else FALSE 
+  */
+  function is_cutable($dn, $object, $class)
+  {
+    $remove = preg_match("/d/",$this->get_permissions($dn,$object."/".$class));
+    $read   = preg_match("/r/",$this->has_complete_category_acls($dn, $object));
+    return($remove && $read);
+  }
+
+
+  /*! \brief  Checks if we are allowed to paste an object to the given destination ($dn)
+      @param  String The destination dn 
+      @param  String The acl  category (e.g. users) 
+      @param  String The acl  class (e.g. user) 
+      @return Boolean   TRUE if we are allowed to paste an object.
+  */
+  function is_pasteable($dn, $object)
+  {
+    return(preg_match("/w/",$this->has_complete_category_acls($dn, $object)));
+  }
+
+
+  /*! \brief  Checks if we are allowed to restore a snapshot for the given dn.
+      @param  String The destination dn 
+      @param  String The acl  category (e.g. users) 
+      @return Boolean   TRUE if we are allowed to restore a snapshot.
+  */
+  function allow_snapshot_restore($dn, $object)
+  {
+    if(!is_array($object)){
+      $object = array($object);
+    }
+    $r = $w = $c = TRUE;
+    foreach($object as $category){
+      $w &= preg_match("/w/",$this->has_complete_category_acls($dn, $category));
+      $c &= preg_match("/c/",$this->has_complete_category_acls($dn, $category));
+      $r &= preg_match("/r/",$this->has_complete_category_acls($dn, $category));
+#     print_a(array($category => array($r.$w.$c)));
+    }
+    return($r && $w ); 
+  }  
+
+
+  /*! \brief  Checks if we are allowed to create a snapshot of the given dn.
+      @param  String The source dn 
+      @param  String The acl category (e.g. users) 
+      @return Boolean   TRUE if we are allowed to restore a snapshot.
+  */
+  function allow_snapshot_create($dn, $object)
+  {
+    if(!is_array($object)){
+      $object = array($object);
+    }
+    $r = $w = $c = TRUE;
+    foreach($object as $category){
+      $w &= preg_match("/w/",$this->has_complete_category_acls($dn, $category));
+      $c &= preg_match("/c/",$this->has_complete_category_acls($dn, $category));
+      $r &= preg_match("/r/",$this->has_complete_category_acls($dn, $category));
+#      print_a(array($category => array($r.$w.$c)));
+    }
+    return($r) ; 
+  }  
+
  
    function get_permissions($dn, $object, $attribute= "", $skip_write= FALSE)
    {
@@ -210,7 +289,7 @@ class userinfo
  
      /* Push cache answer? */
      $ACL_CACHE = &session::get('ACL_CACHE');
-    if (0 && isset($ACL_CACHE["$dn+$object+$attribute"])){
+    if (isset($ACL_CACHE["$dn+$object+$attribute"])){
  
        /* Remove write if needed */
        if ($skip_write){
@@ -259,31 +338,28 @@ class userinfo
              continue;
            }
  
-#         /* With user filter */
-#         $sdn = preg_replace("/^[^,]*+,/","",$dn);
-#         if (isset($subacl['filter']) && !empty($subacl['filter'])){
-#
-#           $ldap->cd($sdn);
-#           $ldap->ls($subacl['filter'],$sdn);
-#           if(!$ldap->count()){
-#             continue;
-#           }else{
-#             $found = FALSE; 
-#             while($attrs = $ldap->fetch()){
-#               echo $attrs['dn']."<br>";
-#               if($attrs['dn'] == $dn){
-#                 $found = TRUE;
-#                 echo $acl."<br>";;
-#                 break;
-#               }
-#             }
-#             if(!$found){
-#               continue;
-#             }
-#           }
-#         }
-
-         /* Per attribute ACL? */
+         /* With user filter */
+         if (isset($subacl['filter']) && !empty($subacl['filter'])){
+           $sdn = preg_replace("/^[^,]*+,/","",$dn);
+           $ldap->cd($sdn);
+           $ldap->ls($subacl['filter'],$sdn);
+           if(!$ldap->count()){
+             continue;
+           }else{
+             $found = FALSE; 
+             while($attrs = $ldap->fetch()){
+               if($attrs['dn'] == $dn){
+                 $found = TRUE;
+                 break;
+               }
+             }
+             if(!$found){
+               continue;
+             }
+           }
+         }
+
+          /* Per attribute ACL? */
            if (isset($subacl['acl'][$object][$attribute])){
              $acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl'][$object][$attribute]);
              continue;
@@ -316,7 +392,7 @@ class userinfo
      /* Assemble string */
      $ret= "";
      foreach ($acl as $key => $value){
-      if ($value != ""){
+      if ($value !== ""){
          $ret.= $key;
        }
      }