![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-plugins/sudo/admin/sudo/class_sudoManagement.inc b/gosa-plugins/sudo/admin/sudo/class_sudoManagement.inc
index dd69ef212672992b2b5ee71db66946e096920e56..624a6029c4fcac68f4bd126f79dda6da6bbe3473 100644 (file)
private $base = "";
private $start_pasting_copied_objects = FALSE;
+
+ public $acl_module = array("sudo");
/*! \brief */
public function __construct(&$config, &$ui)
}
/* handle C&P from layers menu */
- if(isset($_POST['menu_action']) && preg_match("/^multiple_copy_sudo/",$_POST['menu_action'])){
+ if(isset($_POST['menu_action']) && preg_match("/^multiple_copy_systems/",$_POST['menu_action'])){
$s_action = "copy_multiple";
}
/* Sudo has been saved successfully, remove lock from LDAP. */
if ($this->dn != "new"){
- del_lock ($this->dn);
+ $this->remove_lock();
}
unset ($this->sudotabs);
$this->sudotabs= NULL;
$ids = array($s_entry);
}
+ $this->dns = array();
if(count($ids)){
-
- /* Create list of entries to delete */
- $this->dns = array();
- $dns_names = array();
+ $disallowed = array();
foreach($ids as $id){
$dn = $this->list[$id]['dn'];
- $this->dns[$id] = $dn;
- $dns_names[] =@LDAP::fix($dn);
+ $acl = $this->ui->get_permissions($dn, "sudo/sudo");
+ if(preg_match("/d/",$acl)){
+ $this->dns[$id] = $dn;
+ }else{
+ $disallowed[] = $dn;
+ }
}
-
- /* Check locking of entries */
- $users = get_multiple_locks($this->dns);
- if(count($users)){
- return(gen_locked_message($users,$this->dns));
+
+ if(count($disallowed)){
+ msg_dialog::display(_("Permission"),msgPool::permDelete($disallowed),INFO_DIALOG);
}
-
- /* Add locks */
- add_lock($this->dns,$this->ui->dn);
- /* Lock the current entry, so nobody will edit it during deletion */
- $smarty->assign("info", msgPool::deleteInfo($dns_names,_("Sudo role")));
- return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ if(count($this->dns)){
+
+ /* Check locking of entries */
+ $users = get_multiple_locks($this->dns);
+ if(count($users)){
+ return(gen_locked_message($users,$this->dns));
+ }
+
+ /* Add locks */
+ add_lock($this->dns,$this->ui->dn);
+
+ /* Lock the current entry, so nobody will edit it during deletion */
+ $smarty->assign("info", msgPool::deleteInfo($this->dns,_("Sudo role")));
+ return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+ }
}
}
msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
new log("security","sudo/".get_class($this),$dn,array(),"Tried to trick deletion.");
}
- /* Remove lock file after successfull deletion */
- del_lock ($dn);
- unset($this->dns[$key]);
}
+
+ /* Remove lock file after successfull deletion */
+ $this->remove_lock();
+ $this->dns = array();
}
/* Remove lock */
if(isset($_POST['delete_sudo_cancel'])){
- del_lock ($this->dns);
- unset($this->dns);
+ $this->remove_lock();
+ $this->dns = array();
}
/********************
/* Cancel dialogs */
if (isset($_POST['edit_cancel']) && is_object($this->sudotabs)){
- if(isset($this->sudotabs->dn)){
- del_lock ($this->sudotabs->dn);
- }
- unset ($this->sudotabs);
+ $this->remove_lock();
$this->sudotabs= NULL;
session::un_set('objectinfo');
}
}
/* Check if there is a snapshot dialog open */
- if($str = $this->showSnapshotDialog(sudo::get_sudoers_ou($this->config),$this->get_used_snapshot_bases())){
+ if($str = $this->showSnapshotDialog(sudo::get_sudoers_ou($this->config),$this->get_used_snapshot_bases(),$this)){
return($str);
}
return("");
}
+ $ui = get_userinfo();
+
/* Add a single entry to queue */
if($s_action == "cut" || $s_action == "copy"){
/* Cleanup object queue */
$this->CopyPasteHandler->cleanup_queue();
$dn = $this->list[$s_entry]['dn'];
- $this->CopyPasteHandler->add_to_queue($dn,$s_action,"sudotabs","SUDOTABS","sudo");
+
+ if($s_action == "copy" && $ui->is_copyable($dn,"sudo","sudo")){
+ $this->CopyPasteHandler->add_to_queue($dn,$s_action,"sudotabs","SUDOTABS","sudo");
+ }
+# if($s_action == "cut" && $ui->is_cutable($dn,"sudo","sudo")){
+# $this->CopyPasteHandler->add_to_queue($dn,$s_action,"sudotabs","SUDOTABS","sudo");
+# }
}
/* Add entries to queue */
foreach($this->list_get_selected_items() as $id){
$dn = $this->list[$id]['dn'];
- if($s_action == "copy_multiple"){
+ if($s_action == "copy_multiple" && $ui->is_copyable($dn,"sudo","sudo")){
$this->CopyPasteHandler->add_to_queue($dn,"copy","sudotabs","SUDOTABS","sudo");
}
- if($s_action == "cut_multiple"){
- $this->CopyPasteHandler->add_to_queue($dn,"cut","sudotabs","SUDOTABS","sudo");
- }
+# if($s_action == "cut_multiple" && $ui->is_cutable($dn,"sudo","sudo")){
+# $this->CopyPasteHandler->add_to_queue($dn,"cut","sudotabs","SUDOTABS","sudo");
+# }
}
}
if($this->start_pasting_copied_objects && $this->CopyPasteHandler->entries_queued()){
/* Get dialog */
- $data = $this->CopyPasteHandler->execute();
$this->CopyPasteHandler->SetVar("base",$this->DivListSudo->selectedBase);
+ $data = $this->CopyPasteHandler->execute();
/* Return dialog data */
if(!empty($data)){