diff --git a/plugins/admin/groups/class_groupManagement.inc b/plugins/admin/groups/class_groupManagement.inc
index 4f6c74ad222822e01c7820524aa91fd97e63713e..ff2310b9f860a6cb7b574460c0dee1965799ce33 100644 (file)
var $plDescription= "This does something";
/* Dialog attributes */
- var $grouptab= NULL;
- var $grouplist= array();
- var $ui= NULL;
- var $acl= "";
-
- var $CopyPasteHandler = NULL;
- var $DivListGroup = NULL;
-
- var $ShowPrimaryCheckBox = false;
+ var $grouptab = NULL;
+ var $grouplist = array();
+ var $ui = NULL;
+ var $CopyPasteHandler = NULL;
+ var $DivListGroup = NULL;
+ var $ShowPrimaryCheckBox= false;
function groupManagement ($config, $ui)
{
/* Save configuration for internal use */
- $this->config= $config;
- $this->ui= $ui;
+ $this->config = $config;
+ $this->ui = $ui;
/* Copy & Paste enabled ?*/
if((isset($this->config->data['MAIN']['ENABLECOPYPASTE']))&&(preg_match("/true/i",$this->config->data['MAIN']['ENABLECOPYPASTE']))){
$this->DivListGroup->DisableCheckBox("ShowPrimaryGroups",$this->ShowPrimaryCheckBox);
}
+
function execute()
{
/* Call parent execute */
/* New group? */
if ($s_action=="new"){
- /* By default we set 'dn' to 'new', all relevant plugins will
- react on this. */
- $this->dn= "new";
+ /* Check create permissions */
+ $acl = $this->ui->get_permissions($this->DivListGroup->selectedBase,"groups/group");
+ if(preg_match("/c/",$acl)){
+
+ /* By default we set 'dn' to 'new', all relevant plugins will
+ react on this. */
+ $this->dn= "new";
- /* Create new usertab object */
- $this->grouptab= new grouptabs($this->config, $this->config->data['TABS']['GROUPTABS'], $this->dn);
+ /* Create new usertab object */
+ $this->grouptab= new grouptabs($this->config, $this->config->data['TABS']['GROUPTABS'], $this->dn);
- /* Set up the users ACL's for this 'dn' */
- $acl= get_permissions ($this->DivListGroup->selectedBase, $this->ui->subtreeACL);
- $this->grouptab->set_acl($acl);
+ /* Set up the users ACL's for this 'dn' */
+ $this->grouptab->set_acl_base($this->DivListGroup->selectedBase);
+ }
}
/* Save user data to ldap */
$this->grouptab->save();
- gosa_log ("Group object'".$this->dn."' has been saved");
+ gosa_log ("Group object '".$this->dn."' has been saved");
if (!isset($_POST['edit_apply'])){
/* Group has been saved successfully, remove lock from LDAP. */
}
add_lock ($this->dn, $this->ui->dn);
- /* Set up the users ACL's for this 'dn' */
- $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
-
/* Register grouptab to trigger edit dialog */
$this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $this->dn);
- $this->grouptab->set_acl($acl);
+ $this->grouptab->set_acl_base($this->dn);
$_SESSION['objectinfo']= $this->dn;
}
/* Load permissions for selected 'dn' and check if
we're allowed to remove this 'dn' */
- $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
- $this->acl= get_module_permission($acl, "group", $this->dn);
- if (chkacl($this->acl, "delete") == ""){
+ $acl = $this->ui->get_permissions($this->dn,"groups/group");
+ if(preg_match("/d/",$acl)){
/* Check locking, save current plugin in 'back_plugin', so
the dialog knows where to return. */
/* Some nice guy may send this as POST, so we've to check
for the permissions again. */
- if (chkacl($this->acl, "delete") == ""){
+ $acl = $this->ui->get_permissions($this->dn,"groups/group");
+ if(preg_match("/d/",$acl)){
/* Delete request is permitted, perform LDAP action */
$this->grouptab= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $this->dn);
- $this->grouptab->set_acl(array($this->acl));
+ $this->grouptab->set_acl_base($this->dn);
$this->grouptab->delete ();
gosa_log ("Group object'".$this->dn."' has been removed");
unset ($this->grouptab);
Search for the prepared filter
********************/
+ /* Attributes to search for */
+ $attrs = array("cn", "description", "gidNumber", "objectClass");
+
/* If subsearch is activated search for subobjects too */
- $attrs = array("cn", "description", "gidNumber", "objectClass","FAIrelease");
+ $tmp = search_config($this->config->data,"faiManagement","CLASS");
+ if(!empty($tmp)){
+ $attrs [] = "FAIrelease";
+ }
if ($SubSearch){
$res= get_list($filter, "groups", $base, $attrs, GL_SIZELIMIT| GL_SUBSEARCH);
/* Copy current object to CopyHandler
*/
if($s_action == "copy"){
- $this->CopyPasteHandler->Clear();
- $dn = $this->grouplist[trim($s_entry)]['dn'];
- $acl = get_permissions ($dn, $this->ui->subtreeACL);
+ $dn = $this->grouplist[trim($s_entry)]['dn'];
+ $ui = get_userinfo();
+ $acl_all = $ui->has_complete_category_acls($this->DivListGroup->selectedBase,"groups") ;
+ if(preg_match("/(c.*w|w.*c)/",$acl_all)){
- $obj = new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
- $objNew = new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], "new");
- $obj->set_acl($acl);
- $objNew->set_acl($acl);
- $this->CopyPasteHandler->Copy($obj,$objNew);
+ $this->CopyPasteHandler->Clear();
+ $obj = new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
+ $obj->set_acl_base($dn);
+ $objNew = new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], "new");
+ $objNew->set_acl_base($dn);
+
+ $this->CopyPasteHandler->Copy($obj,$objNew);
+ }else{
+ print_red("You are not allowed to copy this entry.");
+ }
}
/* Copy current object to CopyHandler
*/
if($s_action == "cut"){
- $this->CopyPasteHandler->Clear();
+
$dn = $this->grouplist[trim($s_entry)]['dn'];
- $acl= get_permissions ($dn, $this->ui->subtreeACL);
-
- $obj= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
- $obj->set_acl($acl);
-
- $this->CopyPasteHandler->Cut($obj);
+ $acl_all = $ui->has_complete_category_acls($this->selectedBase,"groups") ;
+ if(preg_match("/(c.*w|w.*c)/",$acl_all)){
+
+ $this->CopyPasteHandler->Clear();
+ $obj= new grouptabs($this->config,$this->config->data['TABS']['GROUPTABS'], $dn);
+ $obj->set_acl_base($dn);
+ $this->CopyPasteHandler->Cut($obj);
+ }else{
+ print_red("You are not allowed to cut this entry.");
+ }
}
}