[tokkee]

tokkee.org

Code

projects / gosa.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8309a8b)
Updated acl checks.
authorhickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Wed, 28 May 2008 06:27:53 +0000 (06:27 +0000)
committerhickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Wed, 28 May 2008 06:27:53 +0000 (06:27 +0000)
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11058 594d385d-05f5-0310-b6e9-bd551577e9d8

gosa-core/plugins/admin/acl/class_aclManagement.inc patch | blob | history

diff --git a/gosa-core/plugins/admin/acl/class_aclManagement.inc b/gosa-core/plugins/admin/acl/class_aclManagement.inc
index fdaedf7035c1ce3ca9bfe40d1c495ebf0403e335..1eded9773625814ff23d2a4bfaa232f6a4a2a033 100644 (file)
--- a/gosa-core/plugins/admin/acl/class_aclManagement.inc
+++ b/gosa-core/plugins/admin/acl/class_aclManagement.inc
@@ -155,7 +155,7 @@ class aclManagement extends plugin
       $this->dn= "new";
 
       /* Check permissions */
-      if(preg_match("/c/",$this->ui->get_permissions($this->DivListACL->selectedBase,"acl/acl"))){
+      if(preg_match("/c/",$this->ui->get_permissions($this->DivListACL->selectedBase,"aclroles/aclrole"))){
 
         /* Register acltabs to trigger edit dialog */
         $this->acltabs= new aclroletab($this->config, NULL,$this->dn);
@@ -174,8 +174,14 @@ class aclManagement extends plugin
       /* Get 'dn' from posted acl, must be unique */
       $this->dn= $this->list[trim($s_entry)]['dn'];
 
+      if(in_array("gosaRole",$this->list[trim($s_entry)]['objectClass'])){
+        $acl = "aclroles/aclrole";
+      }else{
+        $acl = "acl/acl";
+      }
+
       /* Check permissions */
-      if(preg_match("/r/",$this->ui->get_permissions($this->dn,"acl/acl"))){
+      if(preg_match("/r/",$this->ui->get_permissions($this->dn,$acl))){
       
         /* Check locking, save current plugin in 'back_plugin', so
            the dialog knows where to return. */
@@ -325,7 +331,7 @@ class aclManagement extends plugin
         foreach($this->dns as $key => $dn){
 
           /* Check permissions */
-          if(!preg_match("/d/",$this->ui->get_permissions($dn,"acl/acl"))){
+          if(!preg_match("/d/",$this->ui->get_permissions($dn,"aclroles/aclrole"))){
 
             /* Obviously the acl isn't allowed to delete. Show message and
                clean session. */
@@ -355,7 +361,7 @@ class aclManagement extends plugin
     if (isset($_POST['delete_acl_confirm'])){
 
       /* Check permissions */
-      if(preg_match("/d/",$this->ui->get_permissions($this->dn,"acl/acl"))){
+      if(preg_match("/d/",$this->ui->get_permissions($this->dn,"aclroles/aclrole"))){
 
         /* Delete request is permitted, perform LDAP action */
         $this->acltabs= new acl($this->config, NULL,$this->dn);
GONICUS system administrator (SVN clone)