X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Finclude%2Fclass_userinfo.inc;h=4045821ba85e0d5311ce31f6360678db2e522c6c;hb=46e5854a4fc9e9ed72276149b64ee8399abdb7d9;hp=68df16329fc379e91c59f7e48d215c1d9feda283;hpb=4ea7e02cd2a1b03466af25f87cf1ff4ff463f386;p=gosa.git diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc index 68df16329..4045821ba 100644 --- a/gosa-core/include/class_userinfo.inc +++ b/gosa-core/include/class_userinfo.inc @@ -368,7 +368,9 @@ class userinfo continue; } - /* If attribute is "", we want to know, if we've *any* permissions here... */ + /* If attribute is "", we want to know, if we've *any* permissions here... + Merge global class ACLs [0] with attributes specific ACLs [attribute]. + */ if ($attribute == "" && isset($subacl['acl'][$object])){ foreach($subacl['acl'][$object] as $attr => $dummy){ $acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl'][$object][$attr]); @@ -424,7 +426,7 @@ class userinfo /* Extract all departments that are accessible (direct or 'on the way' to an accessible department) */ - function get_module_departments($module) + function get_module_departments($module, $skip_self_acls = FALSE ) { /* If we are forced to skip ACLs checks for the current user @@ -472,6 +474,10 @@ class userinfo foreach($infos as $info){ $found = FALSE; foreach($info['acl'] as $cat => $data){ + + /* Skip self acls? */ + if($skip_self_acls && isset($data['0']) && preg_match("//s",$data['0'])) continue; + if(is_array($module)){ foreach($module as $mod){ if(preg_match("/^".normalizePreg($mod)."/",$cat)){ @@ -506,7 +512,7 @@ class userinfo $acl = ""; foreach($module as $mod){ if(preg_match("/\//",$mod)){ - $acl.= $this->get_permissions($dn,$mod,"0"); + $acl.= $this->get_permissions($dn,$mod); }else{ $acl.= $this->get_category_permissions($dn,$mod); }