X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fadmin%2Fgroups%2Fclass_groupAcl.inc;h=3507d91fa73d4d9b3fda4bdc891a9d3e316a35ca;hb=8d25a981707ac7e708aca0ed6216c5379a1228f8;hp=46c4a856b9c6c98921a10a83ee3ad5e6517d03a5;hpb=57312c41e5a4b577c44784f1225f005f30c152f8;p=gosa.git
diff --git a/plugins/admin/groups/class_groupAcl.inc b/plugins/admin/groups/class_groupAcl.inc
index 46c4a856b..3507d91fa 100644
--- a/plugins/admin/groups/class_groupAcl.inc
+++ b/plugins/admin/groups/class_groupAcl.inc
@@ -19,15 +19,19 @@ class acl extends plugin
var $object= "";
var $current_acl= "";
var $selfflag= FALSE;
+ var $tacl= "";
+ var $gosaSubtreeACL;
/* attribute list for save action */
- var $attributes= array();
+ var $attributes= array("gosaSubtreeACL");
var $objectclasses= array("gosaObject");
- function acl ($config, $dn= NULL)
+ var $CopyPasteVars = array("current_acl");
+
+ function acl ($config, $dn= NULL, $parent= NULL)
{
- plugin::plugin($config, $dn);
+ plugin::plugin($config, $dn, $parent);
/* WorkAround */
include "acl_definition.inc";
@@ -49,6 +53,15 @@ class acl extends plugin
function execute()
{
+ if (chkacl($this->acl, 'acl') != ""){
+ $display= ""._("You have no permissions to view and edit ACLs.")."";
+
+ return ($display);
+ }
+
+ /* Call parent execute */
+ plugin::execute();
+
/* Do we represent a valid group? */
if (!$this->is_account && $this->parent == NULL){
$display= "![\"\"](\"images/stop.png\")
".
@@ -77,7 +90,7 @@ class acl extends plugin
$display= $smarty->fetch (get_template_path('acl.tpl', TRUE));
/* Show acl stuff */
- $this->acl= get_module_permission (array($this->current_acl), $this->object, "");
+ $this->tacl= get_module_permission (array($this->current_acl), $this->object, "");
$display.= $this->print_attributes ($this->objects[$this->object]);
return ($display);
}
@@ -91,70 +104,77 @@ class acl extends plugin
$ldap= $this->config->get_ldap_link();
$ldap->cd($this->dn);
- $ldap->modify($this->attrs);
- show_ldap_error($ldap->get_error());
+ $this->cleanup();
+ $ldap->modify ($this->attrs);
+ show_ldap_error($ldap->get_error(), _("Removing ACL information failed"));
}
/* Save data to object */
function save_object()
{
- plugin::save_object();
+ if (chkacl($this->acl, 'acl') == ""){
+ plugin::save_object();
- if (!isset($_POST['object'])){
- return;
- }
+ if (!isset($_POST['object'])){
+ return;
+ }
- /* Strip of old information */
- if ($this->object == "all"){
- $this->current_acl= preg_replace ( "/[,]?all[,]?/", "", $this->current_acl);
- }
- $this->current_acl= preg_replace ( "/[,]?$this->object#[^,]*[,]?/", "", $this->current_acl);
+ /* Strip of old information */
+ if ($this->object == "all"){
+ $this->current_acl= preg_replace ( "/[,]?all[,]?/", "", $this->current_acl);
+ }
+ $this->current_acl= preg_replace ( "/(^|[^a-z0-9A-Z])$this->object#[^,]*[,]?/", ",", $this->current_acl);
- /* assemble new attributes */
- $attrs= "";
- if (isset($_POST['all'])){
- $attrs.= "#all";
- }
- if ($this->object != "all" && !isset($_POST['all']) && $this->object != ""){
- foreach ($this->objects[$this->object] as $key => $val){
- if (is_integer($key)){
- $aname= $val;
- } else {
- $aname= $key;
- }
- if (isset($_POST[$aname])){
- $attrs.= "#$aname";
+ /* assemble new attributes */
+ $attrs= "";
+ if (isset($_POST['all'])){
+ $attrs.= "#all";
+ }
+ if ($this->object != "all" && !isset($_POST['all']) && $this->object != ""){
+ foreach ($this->objects[$this->object] as $key => $val){
+ if (is_integer($key)){
+ $aname= $val;
+ } else {
+ $aname= $key;
+ }
+ if (isset($_POST[$aname])){
+ $attrs.= "#$aname";
+ }
}
}
- }
- /* append information */
- if ($this->current_acl != "" && $attrs != ""){
- $this->current_acl.= ",";
- }
- if ($attrs != ""){
- $tmp= $this->object;
- $attrs= $tmp.$attrs;
- }
- $this->current_acl.= $attrs;
- if (preg_match("/all#all/", $this->current_acl)){
- $this->current_acl= "all";
- }
- if (preg_match("/^all,/", $this->current_acl)){
- $this->current_acl= "all";
- }
+ /* append information */
+ if ($attrs != ""){
+ $tmp= $this->object;
+ $attrs= $tmp.$attrs;
+ }
+ if ($this->current_acl != "" && $attrs != ""){
+ $this->current_acl.= ",";
+ }
+ $this->current_acl.= $attrs;
+ if (preg_match("/all#all/", $this->current_acl)){
+ $this->current_acl= "all";
+ }
+ if (preg_match("/^all,/", $this->current_acl)){
+ $this->current_acl= "all";
+ }
- /* Save current object selection */
- if (isset($_POST['object'])){
- $this->object= $_POST['object'];
- }
- if (isset($_POST['selfflag'])){
- $this->selfflag= TRUE;
- } else {
- $this->selfflag= FALSE;
- }
+ /* Save current object selection */
+ if (isset($_POST['object'])){
+ $this->object= $_POST['object'];
+ }
+ if (isset($_POST['selfflag'])){
+ $this->selfflag= TRUE;
+ } else {
+ $this->selfflag= FALSE;
+ }
+ /* Remove double colons, strip trailing colon... */
+ $this->current_acl= preg_replace("/,,/", ",", $this->current_acl);
+ $this->current_acl= preg_replace("/,$/", "", $this->current_acl);
+ $this->current_acl= preg_replace("/^,/", "", $this->current_acl);
+ }
}
@@ -186,15 +206,17 @@ class acl extends plugin
/* Modify class */
$ldap->cd($this->dn);
- $ldap->modify($this->attrs);
- show_ldap_error($ldap->get_error());
+ $this->cleanup();
+ $ldap->modify ($this->attrs);
+
+ show_ldap_error($ldap->get_error(), _("Saving ACL information failed"));
}
function print_attributes ($name)
{
$display= "acl, "all") == ""){
+ if (chkacl ($this->tacl, "all") == ""){
$display.= " checked";
}
$display.= ">"._("All fields are writeable")."
";
@@ -212,13 +234,13 @@ class acl extends plugin
if (is_integer($key)){
$display.= "acl, "$val") == ""){
+ if (chkacl ($this->tacl, "$val") == ""){
$display.= "checked";
}
$display.= ">$val | ";
} else {
$display.= "acl, "$key") == ""){
+ if (chkacl ($this->tacl, "$key") == ""){
$display.= "checked";
}
$display.= ">"._($val)." | ";