X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fadmin%2Fusers%2Fclass_userManagement.inc;h=c0042797a60a184c1b8ec58f9e99d9cff82d85f2;hb=4b45577aa0d449c2d36417afa256441f9dcb503f;hp=8987b6a76919080739e7b11a7e59406276ed186a;hpb=2ffcd03c161da598b61e11da1b5bf676a088262a;p=gosa.git diff --git a/plugins/admin/users/class_userManagement.inc b/plugins/admin/users/class_userManagement.inc index 8987b6a76..c0042797a 100644 --- a/plugins/admin/users/class_userManagement.inc +++ b/plugins/admin/users/class_userManagement.inc @@ -31,7 +31,6 @@ class userManagement extends plugin /* Dialog attributes */ var $usertab = NULL; var $ui = NULL; - var $acl = ""; var $templates = array(); var $got_uid = false; var $CopyPasteHandler = NULL; @@ -52,8 +51,6 @@ class userManagement extends plugin /* Creat dialog object */ $this->DivListUsers = new divListUsers($this->config,$this); - /* LOCK MESSAGE Vars */ - $_SESSION['LOCK_VARS_TO_USE'] = array("/^act$/","/^id$/","/^user_edit_/","/^user_del_/"); } @@ -62,6 +59,9 @@ class userManagement extends plugin /* Call parent execute */ plugin::execute(); + /* LOCK MESSAGE Vars */ + $_SESSION['LOCK_VARS_TO_USE'] = array("/^act$/","/^id$/","/^user_edit_/","/^user_del_/"); + $smarty = get_smarty(); // Smarty instance $s_action = ""; // Contains the action to be taken $s_entry = ""; // The value for s_action @@ -104,6 +104,10 @@ class userManagement extends plugin $s_tab= "user"; } + if(!search_config($this->config->data['TABS'], $s_tab , "CLASS")){ + $s_tab = "user"; + } + /* Display the copy & paste dialog, if it is currently open */ $ret = $this->copyPasteHandling($s_action,$s_entry); if($ret){ @@ -139,7 +143,7 @@ class userManagement extends plugin $this->usertab->current = $s_tab; /* Set ACL and move DN to the headline */ - $this->usertab->set_acl_base(); + $this->usertab->set_acl_base($this->dn); $_SESSION['objectinfo']= $this->dn; } @@ -180,8 +184,7 @@ class userManagement extends plugin /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ - $ui = get_userinfo(); - if (preg_match("/w/",$ui->get_permissions($this->dn,"users/password"))){ + if (preg_match("/w/",$this->ui->get_permissions($this->dn,"users/password"))){ /* User is allowed to change passwords, save 'dn' and 'acl' for next dialog. */ @@ -203,9 +206,9 @@ class userManagement extends plugin if (isset($_POST['password_finish'])){ /* For security reasons, check if user is allowed to set password again */ - $ui= get_userinfo(); - $acl= $ui->get_permissions($this->dn, "users/user", 'userPassword'); - $cacl= $ui->get_permissions($this->dn, "users/all"); + $dn = $this->dn; + $acl = $this->ui->get_permissions($dn, "users/password"); + $cacl= $this->ui->get_permissions($dn, "users/user"); if (preg_match('/w/', $acl) || preg_match('/c/', $cacl)){ @@ -272,7 +275,6 @@ class userManagement extends plugin /* Missing permissions, show message */ print_red (_("You are not allowed to set this users password!")); } - /* Clean session, delete lock */ del_lock ($this->dn); unset ($this->usertab); @@ -321,8 +323,7 @@ class userManagement extends plugin /* Some nice guy may send this as POST, so we've to check for the permissions again. */ - $ui = get_userinfo(); - $acl = $ui->get_permissions($this->dn, "users/all"); + $acl = $this->ui->get_permissions($this->dn, "users/user"); if (preg_match('/d/', $acl)){ @@ -400,6 +401,7 @@ class userManagement extends plugin /* In case of new users, ask for a password, skip this for templates */ if (($set_pass || $this->usertab->password_change_needed()) && !$this->is_template){ + $this->dn = $this->usertab->dn; return($smarty->fetch(get_template_path('password.tpl', TRUE))); } @@ -429,11 +431,10 @@ class userManagement extends plugin foreach ($this->config->departments as $key => $value){ /* Get acls from different ou's */ - $ui = get_userinfo(); - $acl = $ui->get_permissions("cn=dummy,".$this->DivListUsers->selectedBase,"users/user") ; + $acl = $this->ui->get_permissions("cn=dummy,".get_people_ou().$value,"users/user") ; /* If creation of a new user is allowed, append this template */ - if (preg_match("/r/",$acl)){ + if (preg_match("/c/",$acl)){ /* Search all templates from the current dn */ $ldap->cd (get_people_ou().$value); @@ -802,6 +803,9 @@ class userManagement extends plugin /* Use the last dn to search for it's ID in the newly generated list. */ $dn= $this->CopyPasteHandler->lastdn; + + /* Get new user list */ + $this->reload(); foreach($this->list as $id => $entry){ if($entry['dn'] == $dn){ $s_entry= $id; @@ -821,9 +825,19 @@ class userManagement extends plugin if($s_action == "copy"){ $this->CopyPasteHandler->Clear(); $dn= $this->list[trim($s_entry)]['dn']; - $obj = new usertabs($this->config, $this->config->data['TABS']['USERTABS'], $dn); - $objNew = new usertabs($this->config, $this->config->data['TABS']['USERTABS'], "new"); - $this->CopyPasteHandler->Copy($obj,$objNew); + + /* Check acl */ + $acl_all = $ui->has_complete_category_acls($this->selectedBase,"users") ; + if(preg_match("/(c.*w|w.*c)/",$acl_all)){ + $obj = new usertabs($this->config, $this->config->data['TABS']['USERTABS'], $dn); + $obj->set_acl_base($dn); + $objNew = new usertabs($this->config, $this->config->data['TABS']['USERTABS'], "new"); + $objNew->set_acl_base($dn); + + $this->CopyPasteHandler->Copy($obj,$objNew); + }else{ + print_red("You are not allowed to copy this entry."); + } } /* Cut selected object. @@ -831,8 +845,16 @@ class userManagement extends plugin if($s_action == "cut"){ $this->CopyPasteHandler->Clear(); $dn= $this->list[trim($s_entry)]['dn']; - $obj= new usertabs($this->config, $this->config->data['TABS']['USERTABS'], $dn); - $this->CopyPasteHandler->Cut($obj); + + /* Check acl */ + $acl_all = $ui->has_complete_category_acls($this->selectedBase,"users") ; + if(preg_match("/(c.*w|w.*c)/",$acl_all)){ + $obj= new usertabs($this->config, $this->config->data['TABS']['USERTABS'], $dn); + $obj->set_acl_base($dn); + $this->CopyPasteHandler->Cut($obj); + }else{ + print_red("You are not allowed to cut this entry."); + } } } }