Updated application acls

[gosa.git] / gosa-plugins / goto / admin / applications / class_applicationManagement.inc

diff --git a/gosa-plugins/goto/admin/applications/class_applicationManagement.inc b/gosa-plugins/goto/admin/applications/class_applicationManagement.inc
index d93f167fbc143c9554490f780205fe3b417aa97e..b2a9cd44340de905b79c5de595ce65ce067154b6 100644 (file)
--- a/gosa-plugins/goto/admin/applications/class_applicationManagement.inc
+++ b/gosa-plugins/goto/admin/applications/class_applicationManagement.inc
@@ -316,25 +316,40 @@ class applicationManagement extends plugin
       $ids = $this->list_get_selected_items();
 
       if(count($ids)){
+        $this->dns = array();
 
+        $disallowed = array();
         foreach($ids as $id){
           $dn = $this->applications[$id]['dn'];
-          $this->dns[$id] = $dn;
-        }
-        if ($user= get_multiple_locks($this->dns)){
-          return(gen_locked_message($user,$this->dns));
+          $acl = $this->ui->get_permissions($dn, "application/application");
+          if(preg_match("/d/",$acl)){
+            $this->dns[$id] = $dn;
+          }else{
+            $disallowed[] = $dn;
+          }
         }
 
-        $dns_names = array();
-        foreach($this->dns as $dn){
-          add_lock ($dn, $this->ui->dn);
-          $dns_names[] =@LDAP::fix($dn);
+        if(count($disallowed)){
+          msg_dialog::display(_("Permission"),msgPool::permDelete($disallowed),INFO_DIALOG);
         }
 
-        /* Lock the current entry, so nobody will edit it during deletion */
-        $smarty->assign("intro",  msgPool::deleteInfo($dns_names,_("application")));
-        $smarty->assign("multiple", true);
-        return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+        if(count($this->dns)){
+
+          if ($user= get_multiple_locks($this->dns)){
+            return(gen_locked_message($user,$this->dns));
+          }
+
+          $dns_names = array();
+          foreach($this->dns as $dn){
+            add_lock ($dn, $this->ui->dn);
+            $dns_names[] =@LDAP::fix($dn);
+          }
+
+          /* Lock the current entry, so nobody will edit it during deletion */
+          $smarty->assign("intro",  msgPool::deleteInfo($dns_names,_("application")));
+          $smarty->assign("multiple", true);
+          return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+        }
       }
     }
 
@@ -580,13 +595,20 @@ class applicationManagement extends plugin
       return("");
     }
 
+    $ui = get_userinfo();
+
     /* Add a single entry to queue */
     if($s_action == "cut" || $s_action == "copy"){
 
       /* Cleanup object queue */
       $this->CopyPasteHandler->cleanup_queue();
       $dn = $this->applications[$s_entry]['dn'];
-      $this->CopyPasteHandler->add_to_queue($dn,$s_action,"apptabs","APPSTABS","application");
+      if($s_action == "copy" && preg_match("/r/",$ui->has_complete_category_acls($dn,"application"))){
+        $this->CopyPasteHandler->add_to_queue($dn,$s_action,"apptabs","APPSTABS","application");
+      }
+      if($s_action == "cut" && preg_match("/(r.*d|d.*r)/",$ui->has_complete_category_acls($dn,"application"))){
+        $this->CopyPasteHandler->add_to_queue($dn,$s_action,"apptabs","APPSTABS","application");
+      }
     }
 
 
@@ -600,10 +622,10 @@ class applicationManagement extends plugin
       foreach($this->list_get_selected_items() as $id){
         $dn = $this->applications[$id]['dn'];
 
-        if($s_action == "copy_multiple"){
+        if($s_action == "copy_multiple" && preg_match("/r/",$ui->has_complete_category_acls($dn,"application"))){
           $this->CopyPasteHandler->add_to_queue($dn,"copy","apptabs","APPSTABS","application");
         }
-        if($s_action == "cut_multiple"){
+        if($s_action == "cut_multiple" && preg_match("/(r.*d|d.*r)/",$ui->has_complete_category_acls($dn,"application"))){
           $this->CopyPasteHandler->add_to_queue($dn,"cut","apptabs","APPSTABS","application");
         }
       }