X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Fclass_acl.inc;h=f3fed5371fa5cb4c5be52d753228c1f99e93d815;hb=87a10c71fc4a79af78f6648f0dc25df415baf892;hp=63f507622bd12441a1a6fc2bbf976b707f025070;hpb=ffb2f8eb18239a1d48ebd7f89d9d5557d97e6c6c;p=gosa.git diff --git a/include/class_acl.inc b/include/class_acl.inc index 63f507622..f3fed5371 100644 --- a/include/class_acl.inc +++ b/include/class_acl.inc @@ -87,7 +87,7 @@ class acl extends plugin /* Objects */ $tmp= get_global('plist'); $plist= $tmp->info; - if (isset($this->parent)){ + if (isset($this->parent) && $this->parent != NULL){ $oc= array(); foreach ($this->parent->by_object as $key => $obj){ $oc= array_merge($oc, $obj->objectclasses); @@ -98,31 +98,55 @@ class acl extends plugin } else { $oc= $this->attrs['objectClass']; } + + + /* Extract available categories from plugin info list */ foreach ($plist as $class => $acls){ - if (isset($acls['plDescription'])){ - /* Only feed categories */ - if (isset($acls['plDepends']['description'])){ - $this->aclObjects[$acls['plDepends']['objectClass']]= $acls['plDepends']['description']; - } - /* Additionally filter the classes we're interested in in "self edit" mode */ - if (in_array_ics($acls['plDepends']['objectClass'], $oc)){ - $this->myAclObjects[$class]= $acls['plDescription']; - } - } - } - asort($this->aclObjects); + /* Only feed categories */ + if (isset($acls['plCategory'])){ + + /* Walk through supplied list and feed only translated categories */ + foreach($acls['plCategory'] as $idx => $data){ + + /* Non numeric index means -> base object containing more informations */ + if (preg_match('/^[0-9]+$/', $idx)){ + if (!isset($this->ocMapping[$data])){ + $this->ocMapping[$data]= array(); + $this->ocMapping[$data][]= '0'; + } + $this->ocMapping[$data][]= $class; + } else { + if (!isset($this->ocMapping[$idx])){ + $this->ocMapping[$idx]= array(); + $this->ocMapping[$idx][]= '0'; + } + $this->ocMapping[$idx][]= $class; + $this->aclObjects[$idx]= $data['description']; + + /* Additionally filter the classes we're interested in in "self edit" mode */ + if (is_array($data['objectClass'])){ + foreach($data['objectClass'] as $objectClass){ + if (in_array_ics($objectClass, $oc)){ + $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription']; + break; + } + } + } else { + if (in_array_ics($data['objectClass'], $oc)){ + $this->myAclObjects[$idx.'/'.$class]= $acls['plDescription']; + } + } + } - /* Generate mapping object */ - foreach ($plist as $oc => $pl){ - if (isset($pl['plDepends']['objectClass'])){ - $class= $pl['plDepends']['objectClass']; - if (!isset($this->ocMapping[$class])){ - $this->ocMapping[$class]= array(); } - $this->ocMapping[$class][]= $oc; } } + $this->aclObjects['all']= '* '._("All categories"); + $this->ocMapping['all']= array('0' => 'all'); + + /* Sort categories */ + asort($this->aclObjects); /* Fill acl types */ if ($this->isContainer){ @@ -130,8 +154,8 @@ class acl extends plugin "one" => _("One level"), "base" => _("Current object"), "sub" => _("Complete subtree"), - "psub" => _("Complete subtree (permanent)"), - "role" => _("Use ACL defined in role")); + "psub" => _("Complete subtree (permanent)")); + //"role" => _("Use ACL defined in role")); } else { $this->aclTypes= array("base" => _("Current object"), "role" => _("Use ACL defined in role")); @@ -231,19 +255,27 @@ class acl extends plugin $new_acl[$object][$attribute]= $value; } } - } /* Only be interested in new acl's, if we're in the right _POST place */ if ($aclDialog && isset($this->ocMapping[$this->aclObject])){ foreach ($this->ocMapping[$this->aclObject] as $oc){ unset($this->aclContents[$oc]); + unset($this->aclContents[$this->aclObject.'/'.$oc]); if (isset($new_acl[$oc])){ $this->aclContents[$oc]= $new_acl[$oc]; } + if (isset($new_acl[$this->aclObject.'/'.$oc])){ + $this->aclContents[$this->aclObject.'/'.$oc]= $new_acl[$this->aclObject.'/'.$oc]; + } } } + /* Save new acl in case of base edit mode */ + if ($this->aclType == 'base'){ + $this->aclContents= $new_acl; + } + /* Cancel new acl? */ if (isset($_POST['cancel_new_acl'])){ $this->dialogState= 'head'; @@ -253,7 +285,7 @@ class acl extends plugin } } - /* Store ACL in mail object? */ + /* Store ACL in main object? */ if (isset($_POST['submit_new_acl'])){ $this->gosaAclEntry[$this->currentIndex]['type']= $this->aclType; $this->gosaAclEntry[$this->currentIndex]['members']= $this->recipients; @@ -345,29 +377,37 @@ class acl extends plugin $aclList->SetHeight(150); /* Add settings for all categories to the (permanent) list */ - foreach ($this->aclObjects as $oc => $dsc){ + foreach ($this->aclObjects as $section => $dsc){ $summary= ""; - foreach ($plist as $key => $plugin){ - if (isset($plugin['plDepends']['objectClass']) && $plugin['plDepends']['objectClass'] == $oc && - isset($this->aclContents[$key])){ - if (count($this->aclContents[$key]) && isset($this->aclContents[$key][0]) && - $this->aclContents[$key][0] != ""){ - $summary.= "$key, "; - } + foreach($this->ocMapping[$section] as $oc){ + if (isset($this->aclContents[$oc]) && count($this->aclContents[$oc]) && isset($this->aclContents[$oc][0]) && + $this->aclContents[$oc][0] != ""){ + + $summary.= "$oc, "; + continue; + } + if (isset($this->aclContents["$section/$oc"]) && count($this->aclContents["$section/$oc"]) && isset($this->aclContents["$section/$oc"][0]) && + $this->aclContents["$section/$oc"][0] != ""){ + + $summary.= "$oc, "; + continue; + } + if (isset($this->aclContents[$oc]) && !isset($this->aclContents[$oc][0]) && count($this->aclContents[$oc])){ + $summary.= "$oc, "; } } /* Set summary... */ if ($summary == ""){ - $summary= _("No ACL settings for this category"); + $summary= ''._("No ACL settings for this category").''; } else { $summary= sprintf(_("Contains ACLs for these objects: %s"), preg_replace('/, $/', '', $summary)); } $field1= array("string" => $dsc, "attach" => "style='width:100px'"); $field2= array("string" => $summary); - $action= ""; - $action.= ""; + $action= ""; + $action.= ""; $field3= array("string" => $action, "attach" => "style='border-right:0px;width:50px'"); $aclList->AddEntry(array($field1, $field2, $field3)); } @@ -409,18 +449,21 @@ class acl extends plugin $smarty->assign('headline', sprintf(_("Edit ACL for '%s', scope is '%s'"), $this->aclObjects[$this->aclObject], $this->aclTypes[$this->aclType])); /* Collect objects for selected category */ - $aclObjects= array(); - foreach ($plist as $class => $acls){ - if (isset($acls['plDepends']['objectClass']) && $acls['plDepends']['objectClass'] == $this->aclObject){ - $aclObjects[$class]= $acls['plDescription']; + foreach ($this->ocMapping[$this->aclObject] as $idx => $class){ + if ($idx == 0){ + continue; } + $aclObjects[$this->aclObject.'/'.$class]= $plist[$class]['plDescription']; + } + if ($this->aclObject == 'all'){ + $aclObjects['all']= _("All objects in current subtree"); } - $smarty->assign('aclSelector', $this->buildAclSelector($aclObjects)); } /* Show main page */ $smarty->assign("dialogState", $this->dialogState); + return ($smarty->fetch (get_template_path('acl.tpl'))); } @@ -428,24 +471,31 @@ class acl extends plugin function buildAclSelector($list) { $display= ""; - $cols= 4; + $cols= 3; $tmp= get_global('plist'); $plist= $tmp->info; asort($plist); + /* Build general objects */ foreach ($list as $key => $name){ /* Create sub acl if it does not exist */ if (!isset($this->aclContents[$key])){ $this->aclContents[$key]= array(); - } - if (!isset($this->aclContents[$key][0])){ $this->aclContents[$key][0]= ''; } $currentAcl= $this->aclContents[$key]; /* Object header */ - $display.= ""; + if($_SESSION['js']) { + if(isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/firefox/i",$_SERVER['HTTP_USER_AGENT'])) { + $display.= "
"._("Object").": $name
"; + } else { + $display.= "
"._("Object").": $name
"; + } + } else { + $display.= "
"._("Object").": $name
"; + } /* Generate options */ $spc= "  "; @@ -453,23 +503,32 @@ class acl extends plugin $options= $this->mkchkbx($key."_0_c", _("Create objects"), preg_match('/c/', $currentAcl[0])).$spc; $options.= $this->mkchkbx($key."_0_m", _("Move objects"), preg_match('/m/', $currentAcl[0])).$spc; $options.= $this->mkchkbx($key."_0_d", _("Remove objects"), preg_match('/d/', $currentAcl[0])).$spc; - if ($plist[$key]['plSelfModify']){ + if ($plist[preg_replace('%^.*/%', '', $key)]['plSelfModify']){ $options.= $this->mkchkbx($key."_0_s", _("Modifyable by owner"), preg_match('/s/', $currentAcl[0])).$spc; } } else { $options= $this->mkchkbx($key."_0_m", _("Move object"), preg_match('/m/', $currentAcl[0])).$spc; $options.= $this->mkchkbx($key."_0_d", _("Remove object"), preg_match('/d/', $currentAcl[0])).$spc; - if ($plist[$key]['plSelfModify']){ + if ($plist[preg_replace('%^.*/%', '', $key)]['plSelfModify']){ $options.= $this->mkchkbx($key."_0_s", _("Modifyable by owner"), preg_match('/s/', $currentAcl[0])).$spc; } } - $display.= ""; + /* Global options */ + $more_options= $this->mkchkbx($key."_0_r", _("read"), preg_match('/r/', $currentAcl[0])).$spc; + $more_options.= $this->mkchkbx($key."_0_w", _("write"), preg_match('/w/', $currentAcl[0])); + + $display.= ""; /* Walk through the list of attributes */ $cnt= 1; - $splist= $plist[$key]; + $splist= $plist[preg_replace('%^.*/%', '', $key)]['plProvidedAcls']; asort($splist); + if($_SESSION['js']) { + if(isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/firefox/i",$_SERVER['HTTP_USER_AGENT'])) { + $display.= "
"._("Object").": $name
$options
$options ".("Complete object:")." $more_options
"; + } + } + + $display.= "
"; } return ($display); @@ -604,7 +669,7 @@ class acl extends plugin function extractACL($acl) { /* Rip acl off the string, seperate by ',' and place it in an array */ - $as= preg_replace('/^[^:]+:[^:]+:[^:]+:(.*)$/', '\1', $acl); + $as= preg_replace('/^[^:]+:[^:]+:[^:]*:(.*)$/', '\1', $acl); $aa= split(',', $as); $a= array(); @@ -650,7 +715,9 @@ class acl extends plugin if (isset($entry['acl'])){ $acl= ""; foreach ($entry['acl'] as $name => $object){ - $acl.= "$name, "; + if (count($object)){ + $acl.= "$name, "; + } } $summary.= sprintf(_("Contains settings for these objects: %s"), preg_replace('/, $/', '', $acl)); } @@ -666,7 +733,7 @@ class acl extends plugin $summary.= $cn.", "; } } else { - $summary.= _("ACLs is valid for all users"); + $summary.= _("ACL is valid for all users"); } return (preg_replace('/, $/', '', $summary)); @@ -721,19 +788,23 @@ class acl extends plugin $acl= ":"; if (isset($entry['acl'])){ foreach ($entry['acl'] as $object => $contents){ - $acl.= $object.";"; - - foreach($contents as $attr => $permission){ - /* First entry? Its the one for global settings... */ - if ($attr == '0'){ - $acl.= $permission; - } else { - $acl.= '#'.$attr.';'.$permission; - } + /* Only save, if we've some contents in there... */ + if (count($contents)){ + $acl.= $object.";"; + foreach($contents as $attr => $permission){ + + /* First entry? Its the one for global settings... */ + if ($attr == '0'){ + $acl.= $permission; + } else { + $acl.= '#'.$attr.';'.$permission; + } + + } + $acl.= ','; } - $acl.= ','; } } @@ -765,18 +836,22 @@ class acl extends plugin } /* Do LDAP modifications */ - $ldap= $config->get_ldap_link(); + $ldap= $this->config->get_ldap_link(); $ldap->cd($this->dn); $this->cleanup(); $ldap->modify ($this->attrs); show_ldap_error($ldap->get_error(), sprintf(_("Saving ACLs with dn '%s' failed."),$this->dn)); + + /* Refresh users ACLs */ + $ui= get_userinfo(); + $ui->loadACL(); + $_SESSION['ui']= $ui; } function remove_from_parent() { - echo "remove_from_parent() called"; } }