![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index de0d89715c2a9209eef6a6e2d74a08abee6f88a6..c1263330cef07987f05014760159e37de477dae1 100644 (file)
<?php
/*
- This code is part of GOsa (https://gosa.gonicus.de)
- Copyright (C) 2003-2005 Cajus Pollmeier
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id$$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
class userinfo
}
}
+
}
function get_category_permissions($dn, $category)
{
+ /* If we are forced to skip ACLs checks for the current user
+ then return all permissions.
+ */
+ if($this->ignore_acl_for_current_user()){
+ return("rwcdm");
+ }
+
/* Get list of objectClasses and get the permissions for it */
$acl= "";
if (isset($this->ocMapping[$category])){
foreach($this->ocMapping[$category] as $oc){
$acl.= $this->get_permissions($dn, $category."/".$oc);
}
+ }else{
+ trigger_error("ACL request for an invalid category (".$category.").");
}
return ($acl);
function get_permissions($dn, $object, $attribute= "", $skip_write= FALSE)
{
+ /* If we are forced to skip ACLs checks for the current user
+ then return all permissions.
+ */
+ if($this->ignore_acl_for_current_user()){
+ return("rwcdm");
+ }
+
/* Push cache answer? */
- $ACL_CACHE = session::get('ACL_CACHE');
+ $ACL_CACHE = &session::get('ACL_CACHE');
if (isset($ACL_CACHE["$dn+$object+$attribute"])){
/* Remove write if needed */
}
}
- $ACL_CACHE = session::get('ACL_CACHE');
$ACL_CACHE["$dn+$object+$attribute"]= $ret;
- session::set('ACL_CACHE',$ACL_CACHE);
/* Remove write if needed */
if ($skip_write){
accessible department) */
function get_module_departments($module)
{
+
+ /* If we are forced to skip ACLs checks for the current user
+ then return all departments as valid.
+ */
+ if($this->ignore_acl_for_current_user()){
+ return(array_keys($this->config->idepartments));
+ }
+
/* Use cached results if possilbe */
$ACL_CACHE = session::get('ACL_CACHE');
if(isset($ACL_CACHE['MODULE_DEPARTMENTS'][serialize($module)])){
}
}
- $ACL_CACHE = session::get('ACL_CACHE');
+ $ACL_CACHE = &session::get('ACL_CACHE');
$ACL_CACHE['MODULE_DEPARTMENTS'][serialize($module)] = $deps;
- session::set('ACL_CACHE',$ACL_CACHE);
return ($deps);
}
}
return($acl);
}
+
+
+ /*! \brief Returns TRUE if the current user is configured in IGNORE_ACL=".." in your gosa.conf
+ @param Return Boolean TRUE if we have to skip ACL checks else FALSE.
+ */
+ function ignore_acl_for_current_user()
+ {
+ return(isset($this->config->current['IGNORE_ACL']) && $this->config->current['IGNORE_ACL'] == $this->dn);
+ }
+
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: