X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Fclass_acl.inc;h=9bf8e623825c0b6f49257a732a9d599cff2689ca;hb=28ae00a52f184c2e0818500fafc38280e44f9efb;hp=6e7044c7dcb4372dc0a59f9e86f7381a3e232984;hpb=77834e27646c6a9e5ee2d4097d004ab0deb1f430;p=gosa.git diff --git a/include/class_acl.inc b/include/class_acl.inc index 6e7044c7d..9bf8e6238 100644 --- a/include/class_acl.inc +++ b/include/class_acl.inc @@ -31,7 +31,7 @@ class acl extends plugin var $savedAclContents= array(); var $myAclObjects = array(); - function acl ($config, $parent, $dn= NULL) + function acl (&$config, $parent, $dn= NULL) { /* Include config object */ plugin::plugin($config, $dn); @@ -47,7 +47,7 @@ class acl extends plugin ksort($this->gosaAclEntry); /* Save parent - we've to know more about it than other plugins... */ - $this->parent= $parent; + $this->parent= &$parent; /* Container? */ if (preg_match('/^(o|ou|c|l|dc)=/i', $dn)){ @@ -112,10 +112,14 @@ class acl extends plugin /* Objects */ $tmp= get_global('plist'); $plist= $tmp->info; - if (isset($this->parent) && $this->parent != NULL){ + $cats = array(); + if (isset($this->parent) && $this->parent !== NULL){ $oc= array(); foreach ($this->parent->by_object as $key => $obj){ $oc= array_merge($oc, $obj->objectclasses); + if(isset($obj->acl_category)){ + $cats[preg_replace("/\//","",$obj->acl_category)] = preg_replace("/\//","",$obj->acl_category); + } } if (in_array_ics('organizationalUnit', $oc)){ $this->isContainer= TRUE; @@ -124,7 +128,6 @@ class acl extends plugin $oc= $this->attrs['objectClass']; } - /* Extract available categories from plugin info list */ foreach ($plist as $class => $acls){ @@ -140,6 +143,10 @@ class acl extends plugin $this->ocMapping[$data]= array(); $this->ocMapping[$data][]= '0'; } + + if(isset($cats[$data])){ + $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription']; + } $this->ocMapping[$data][]= $class; } else { if (!isset($this->ocMapping[$idx])){ @@ -390,7 +397,7 @@ class acl extends plugin if ($this->dialogState == 'head'){ /* Draw list */ - $aclList= new DivSelectBox("aclList"); + $aclList= new divSelectBox("aclList"); $aclList->SetHeight(450); /* Fill in entries */ @@ -411,7 +418,7 @@ class acl extends plugin if ($this->dialogState == 'create'){ /* Draw list */ - $aclList= new DivSelectBox("aclList"); + $aclList= new divSelectBox("aclList"); $aclList->SetHeight(150); /* Add settings for all categories to the (permanent) list */ @@ -547,7 +554,7 @@ class acl extends plugin function buildRoleSelector($list) { - $D_List =new DivSelectBox("Acl_Roles"); + $D_List =new divSelectBox("Acl_Roles"); $selected = $this->aclContents; if(!is_string($this->aclContents) || !isset($list[$this->aclContents])){ @@ -954,6 +961,16 @@ class acl extends plugin return FALSE; } + + function PrepareForCopyPaste($source) + { + plugin::PrepareForCopyPaste($source); + + $dn = $source['dn']; + $acl_c = new acl($this->config, $this->parent,$dn); + $this->gosaAclEntry = $acl_c->gosaAclEntry; + } + function save() { @@ -1062,6 +1079,87 @@ class acl extends plugin $this->handle_post_events("remove",array("uid" => $this->uid)); } + + /* Return plugin informations for acl handling */ + function plInfo() + { + return (array( + "plShortName" => _("ACL"), + "plDescription" => _("ACL")._("Access control list").")", + "plSelfModify" => FALSE, + "plDepends" => array(), + "plPriority" => 0, + "plSection" => array("administration"), + "plCategory" => array("acl" => array("description" => _("ACL")." & "._("ACL roles"), + "objectClass" => array("gosaAcl","gosaRole"))), + "plProvidedAcls"=> array( + "cn" => _("Role name"), + "description" => _("Role description")) + + )); + } + + + /* Remove acls defined for $src */ + function remove_acl() + { + $this->remove_acl_for_dn($this->dn); + } + + + /* Remove acls defined for $src */ + function remove_acl_for_dn($src = "") + { + if($src == ""){ + $src = $this->dn; + } + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($src)."*))",array("gosaAclEntry","dn")); + while($attrs = $ldap->fetch()){ + $acl = new acl($this->config,$this->parent,$attrs['dn']); + foreach($acl->gosaAclEntry as $id => $entry){ + foreach($entry['members'] as $m_id => $member){ + if($m_id == "U:".$src){ + unset($acl->gosaAclEntry[$id]['members'][$m_id]); + gosa_log("modify","users/acl",$attrs['dn'],array(),sprintf("Removed acl for user %s on object %s.",$src,$attrs['dn'])); + } + if($m_id == "G:".$src){ + unset($acl->gosaAclEntry[$id]['members'][$m_id]); + gosa_log("modify","groups/acl",$attrs['dn'],array(),sprintf("Removed acl for group %s on object %s.",$src,$attrs['dn'])); + } + } + } + $acl -> save(); + } + } + + function update_acl_membership($src,$dst) + { + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($src)."*))",array("gosaAclEntry","dn")); + while($attrs = $ldap->fetch()){ + $acl = new acl($this->config,$this->parent,$attrs['dn']); + foreach($acl->gosaAclEntry as $id => $entry){ + foreach($entry['members'] as $m_id => $member){ + if($m_id == "U:".$src){ + unset($acl->gosaAclEntry[$id]['members'][$m_id]); + $new = "U:".$dst; + $acl->gosaAclEntry[$id]['members'][$new] = $new; + gosa_log("modify","users/acl",$attrs['dn'],array(),sprintf("Updated acl for user %s on object %s.",$src,$attrs['dn'])); + } + if($m_id == "G:".$src){ + unset($acl->gosaAclEntry[$id]['members'][$m_id]); + $new = "G:".$dst; + $acl->gosaAclEntry[$id]['members'][$new] = $new; + gosa_log("modify","groups/acl",$attrs['dn'],array(),sprintf("Updated acl for group %s on object %s.",$src,$attrs['dn'])); + } + } + } + $acl -> save(); + } + } } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: