![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-core/plugins/generic/references/class_aclResolver.inc b/gosa-core/plugins/generic/references/class_aclResolver.inc
index c1c1c22789b3dc1a393cdc8bc84e9a4f5aed3f49..51d05a510ddd1482c628245949a72e090263725d 100644 (file)
$tmp= session::global_get('plist');
$plist= $tmp->info;
$map = array();
- $map['all']= _("All categories");
foreach($plist as $class => $plInfo){
if(isset($plInfo['plCategory']) && is_array($plInfo['plCategory'])){
foreach($plInfo['plCategory'] as $category => $desc){
// Autocompleter template
$autocompleter ="
- <input class='filter_textfield' placeholder='"._("Search")."...'
+ <input class='filter_textfield' placeholder='"._("Enter another user name")."...'
id='aclTarget' name='aclTarget' type='text' value=''
onChange=\"\$('aclTargetSubmit').focus();\">
// Base template - each entry start with this
$tpl =
"\n <tr class='acl-viewer-head %s'>".
- "\n <td>%s</td>".
- "\n <td colspan=2><b>%s</b> - %s</td>".
+ "\n <td style='width:20px'>%s</td>".
+ "\n <td colspan=2><b>%s</b><div class='right'>%s</div></td>".
"\n </tr>".
- "\n %s".
- "\n <tr>".
- "\n <td colspan=3><hr></td>".
- "\n </tr>";
+ "\n %s";
// If the acl consists of a user-object-filter then this template is used.
$filter_tpl =
"\n <tr class='%s'>".
"\n <td></td>".
"\n <td><b>"._("Filter")."</b></td>".
- "\n <td><ul><li>%s</li></ul></td>".
+ "\n <td><ul class='acl-viewer-items'><li>%s</li></ul></td>".
"\n </tr>";
// Used to display ACL owner of type "group"
$gmem_tpl =
"\n <tr class='%s'>".
"\n <td></td>".
- "\n <td><b>"._("Group members")."</b></td>".
- "\n <td><ul>%s</ul></td>".
+ "\n <td><b>"._("Groups")."</b></td>".
+ "\n <td><ul class='acl-viewer-items'>%s</ul></td>".
"\n </tr>";
// Used to display ACL owner of type "user"
$umem_tpl =
"\n <tr class='%s'>".
"\n <td></td>".
- "\n <td><b>"._("Members")."</b></td>".
- "\n <td><ul>%s</ul></td>".
+ "\n <td><b>"._("Users")."</b></td>".
+ "\n <td><ul class='acl-viewer-items'>%s</ul></td>".
"\n </tr>";
// Used to display the acl contents, except 'reset' and 'role'
"\n <tr class='%s'>".
"\n <td></td>".
"\n <td><b>"._("Acls")."</b></td>".
- "\n <td><ul>%s</ul></td>".
+ "\n <td><ul class='acl-viewer-items'>%s</ul></td>".
"\n </tr>";
- $user = sprintf(_("ACL from the viewpoint of user '%s'"), "<b>".$this->validateUid."</b>");
+ $user = "<h3>".sprintf(_("List of effective ACLs for '%s'"), $this->validateUid)."</h3>";
$str = "<table summary='"._("Object permissions")."'>";
$str .= " <tr><td>".$user."</td><td>".$autocompleter."</td></tr>";
$str .= "</table>";
- $str .= "<table summary='"._("Object permissions")."' class='acl-viewer'>";
+ $str .= "<div class='acl-viewer-container'>";
+ $str .= "<table summary='"._("Object permissions")."' cellpadding='0' cellspacing='0' class='acl-viewer'>";
$ldap = $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
$ui = get_userinfo();
foreach($this->affectingACLs as $dn => $acls){
foreach($acls as $acl){
- $gmem = $umem = $defs = "";
// Prepare entry icon (department or element?)
$image = (isset($this->config->idepartments[$dn]))? "images/select_department.png":"images/lists/element.png";
}
}
- // Check if we are part of the member list
- if($match){
- $found = FALSE;
- foreach($acl['members'] as $mem => $desc){
- if($mem == "U:{$this->validateDn}"){
+ // Check membership
+ $gmem = $umem = "";
+ $users = $groups = array();
+ $found = FALSE;
+ foreach($acl['members'] as $type => $name){
+
+ // Check if we're part of the members
+ if(preg_match("/^U:/", $type)){
+ if(preg_match("/^U:".preg_quote($this->validateDn,'/')."/", $type)){
+ $users[] = $name;
$found = TRUE;
- break;
+ continue;
}
- if($mem == "G:*"){
+ $users[] = "<span>".$name."</span>";
+ }
+
+ // Check if we're part of the group members
+ if(preg_match("/^G/", $type)){
+ if($type == "G:*"){
$found = TRUE;
- break;
+ $groups[] = $name;
+ continue;
}
- if(preg_match("/^G:/", $mem)){
- $gdn = preg_replace("/^G:/","",$mem);
+ if(preg_match("/^G:/", $type)){
+ $gdn = preg_replace("/^G:/","",$type);
$ldap->cat($gdn,array('memberUid'));
if($ldap->count()){
$attrs = $ldap->fetch();
if(isset($attrs['memberUid']) && in_array($this->validateUid, $attrs['memberUid'])){
$found = TRUE;
+ $groups[] = $name;
+ continue;
}
}
- break;
}
- }
- $match = $found;
- }
- $class = "";
- if(!$match){
- $class = "acl-viewer-blocked";
- }
-
- if(!empty($filter)) $filter =sprintf($filter_tpl,$class,$filter);
-
- foreach($acl['members'] as $type => $name){
- if(preg_match("/^G/", $type))
- $gmem .= "\n <li>".$name."</li>";
- }
- if(!empty($gmem)) $gmem =sprintf($gmem_tpl,$class,$gmem);
-
- foreach($acl['members'] as $type => $name){
- if(!preg_match("/^G/", $type))
- $umem .= "\n <li>".$name."</li>";
+ // Mark groups that doesn't match
+ $groups[] = "<span>".$name."</span>";
+ }
}
- if(!empty($umem)) $umem = sprintf($umem_tpl,$class,$umem);
+ // Build up ACL definition list
+ $defs ="";
if($acl['type']!='reset'){
foreach($acl['acl'] as $type => $acl){
if(isset($this->classMapping[$type])){
$defs .= "<li>".$type.": ".$this->aclToString($acl)."</li>";
}
}
- if(!empty($defs)) $defs = sprintf($acl_tpl, $class,$defs);
}
+
+ // Display the acl block in a special color if its not matching
+ $class="";
+ if(!$found || !$match){
+ $class = "acl-viewer-blocked";
+ }
+ if(!empty($filter)) $filter =sprintf($filter_tpl,$class,$filter);
+ if(!empty($defs)) $defs = sprintf($acl_tpl,$class,$defs);
+ if(count($users)) $umem = sprintf($umem_tpl,$class,"<li>".implode($users,'</li><li>')."</li>");
+ if(count($groups)) $gmem = sprintf($gmem_tpl,$class,"<li>".implode($groups,'</li><li>')."</li>");
$str.= sprintf($tpl,$class, image($image), $dn, $aclType, $filter.$gmem.$umem.$defs);
}
}
$str .= "</table>";
+ $str .= "</div>";
$this->renderedList = $str;
}
return($this->renderedList);
function aclToString($acls)
{
- $str ="<ul>";
+ $str ="<ul class='acl-category-list'>";
foreach($acls as $name => $acl){
if($name == "0") $name = _("All");
- $str .= "<li>".$name;
- $str .= "<ul>";
+ $str .= "<li><i>".$name.":</i> ";
+ $str .= "<ul class='acl-list'>";
if(preg_match("/s/", $acl)){
- $str.="<li>"._("Grant permission to owner").'</li>';
+ $str.="<li><u>"._("Restrict changes to user's own object").'</u></li>';
}
if(preg_match("/r/", $acl)) $str.="<li>"._("read").'</li>';
if(preg_match("/w/", $acl)) $str.="<li>"._("write").'</li>';
- if(preg_match("/c/", $acl)) $str.="<li>"._("Create").'</li>';
- if(preg_match("/d/", $acl)) $str.="<li>"._("Remove").'</li>';
- if(preg_match("/m/", $acl)) $str.="<li>"._("Move").'</li>';
+ if(preg_match("/c/", $acl)) $str.="<li>"._("create").'</li>';
+ if(preg_match("/d/", $acl)) $str.="<li>"._("remove").'</li>';
+ if(preg_match("/m/", $acl)) $str.="<li>"._("move").'</li>';
$str.= "</ul>";
}
return($str."</ul>");