* Updated ACL loading - new acl's are still not used!

* Fixed problem in workstation service

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4103 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/include/class_acl.inc b/include/class_acl.inc
index 63f507622bd12441a1a6fc2bbf976b707f025070..2d15c901ac8ad4b0ad459b0018f4ee0ec39b85d3 100644 (file)
--- a/include/class_acl.inc
+++ b/include/class_acl.inc
@@ -765,7 +765,7 @@ class acl extends plugin
     }    
 
     /* Do LDAP modifications */
-    $ldap= $config->get_ldap_link();
+    $ldap= $this->config->get_ldap_link();
     $ldap->cd($this->dn);
     $this->cleanup();
     $ldap->modify ($this->attrs);

diff --git a/include/class_userinfo.inc b/include/class_userinfo.inc
index af3103c0c4e2984f2d30f45ac70382c9dca65301..f110833ca2c6c88a171f70514399cc91d7ccb078 100644 (file)
--- a/include/class_userinfo.inc
+++ b/include/class_userinfo.inc
@@ -89,7 +89,7 @@ class userinfo
       }
     }
 
-#    echo "NEW ACL LOADING --------------------------------------------------------------------------------------------<br>";
+#echo "NEW ACL LOADING --------------------------------------------------------------------------------------------<br>";
     $this->ACL= array();    
     $this->groups= array();    
     $ldap= $this->config->get_ldap_link();
@@ -108,29 +108,57 @@ class userinfo
     while ($attrs= $ldap->fetch()){
 
       /* Insert links in ACL array */
-      $tree= split(',', $attrs['dn']);
-      $tree= array_reverse($tree);
-
-      $interresting= FALSE;
-      $t= acl::explodeAcl($attrs['gosaAclEntry'][0]);
-#      print_a($t);
-
-      /* We're interested in ACLs apply for *all* users... */
-
-      /* ... for groups we're member in... */
-
-      /* and for our DN as member. */
-
-
       $aclp[$attrs['dn']]= substr_count($attrs['dn'], ',');
-      $aclc[$attrs['dn']]= $attrs['gosaAclEntry'];
-
+      $aclc[$attrs['dn']]= array();
+      $ol= array();
+      for($i= 0; $i<$attrs['gosaAclEntry']['count']; $i++){
+        $ol= array_merge($ol, acl::explodeAcl($attrs['gosaAclEntry'][$i]));
+      }
+      $aclc[$attrs['dn']]= $ol;
     }
 
     /* ACL's read, sort for tree depth */
     asort($aclp);
 
-#print_a($aclp);
+    /* Sort in tree order */
+    foreach ($aclp as $dn => $acl){
+      /* Check if we need to keep this ACL */
+      foreach($aclc[$dn] as $idx => $type){
+        $interresting= FALSE;
+        
+        /* No members? This is good for all users... */
+        if (!count($type['members'])){
+          $interresting= TRUE;
+        }
+
+        /* Inspect members... */
+        foreach ($type['members'] as $grp => $grpdsc){
+          /* Some group inside the members that is relevant for us? */
+          if (in_array_ics(preg_replace('/^G:/', '', $grp), $this->groups)){
+            $interresting= TRUE;
+          }
+
+          /* User inside the members? */
+          if (preg_replace('/^U:/', '', $grp) == $this->dn){
+            $interresting= TRUE;
+          }
+        }
+
+        if ($interresting){
+          if (!isset($this->ACL[$dn])){
+            $this->ACL[$dn]= array();
+          }
+          $this->ACL[$dn][$idx]= $type;
+        }
+      }
+
+    }
+  }
+
+
+  function get_permissions($dn, $object= "", $attribute= "")
+  {
+    echo "Evaluating permissions for $dn, object $object/$attribute<br>";
   }
 
 }

diff --git a/plugins/admin/systems/class_workstationService.inc b/plugins/admin/systems/class_workstationService.inc
index 53ba105080665014329fcedc34fa1883945f0395..6225cbe33e74da9d4ce2a049d859a48977db4c7d 100644 (file)
--- a/plugins/admin/systems/class_workstationService.inc
+++ b/plugins/admin/systems/class_workstationService.inc
@@ -198,25 +198,25 @@ class workservice extends plugin
         
         switch ($name){
           case 'gotoXResolution':
-            $this->XResolutions= array_merge(array('default' => _("inherited").' ['.$attrs[$name][0].']' ), $this->XResolutions);
+            $this->XResolutions= array('default' => _("inherited").' ['.$attrs[$name][0].']' ) + $this->XResolutions;
             break;
           case 'gotoXColordepth':
-            $this->XColordepths= array_merge(array('default' => _("inherited").' ['.$attrs[$name][0].' '._('Bit').']'), $this->XColordepths);
+            $this->XColordepths= array('default' => _("inherited").' ['.$attrs[$name][0].' '._('Bit').']') + $this->XColordepths;
             break;
           case 'gotoXKbModel':
-            $this->XKbModels= array_merge(array('default' => _("inherited").' ['.$attrs[$name][0].']'), $this->XKbModels);
+            $this->XKbModels= array('default' => _("inherited").' ['.$attrs[$name][0].']') + $this->XKbModels;
             break;
           case 'gotoXKbLayout':
-            $this->XKbLayouts= array_merge(array('default' => _("inherited").' ['.$attrs[$name][0].']' ), $this->XKbLayouts);
+            $this->XKbLayouts= array('default' => _("inherited").' ['.$attrs[$name][0].']' ) + $this->XKbLayouts;
             break;
           case 'gotoXKbVariant':
-            $this->XKbVariants= array_merge(array('default' => _("inherited").' ['.$attrs[$name][0].']' ), $this->XKbVariants);
+            $this->XKbVariants= array('default' => _("inherited").' ['.$attrs[$name][0].']' ) + $this->XKbVariants;
             break;
           case 'gotoXMouseType':
-            $this->MouseTypes= array_merge(array('AUTO' => _("inherited").' ['.$attrs[$name][0].']' ), $this->MouseTypes);
+            $this->MouseTypes= array('AUTO' => _("inherited").' ['.$attrs[$name][0].']' ) + $this->MouseTypes;
             break;
           case 'gotoXMouseport':
-            $this->MousePorts= array_merge(array('AUTO' => _("inherited").' ['.$attrs[$name][0].']' ), $this->MousePorts);
+            $this->MousePorts= array('AUTO' => _("inherited").' ['.$attrs[$name][0].']' ) + $this->MousePorts;
             break;
         }