Prepared plugins to support "read only" mode. Added third button to the "locked entry...

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@12976 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-core/include/class_plugin.inc b/gosa-core/include/class_plugin.inc
index 56c608c30a72ccbcdc3345f9fbbeaec874c0be84..2c804e967ad20073832cd07e700064cb0fd23e45 100644 (file)
--- a/gosa-core/include/class_plugin.inc
+++ b/gosa-core/include/class_plugin.inc
@@ -113,6 +113,7 @@ class plugin
 
   var $acl_base= "";
   var $acl_category= "";
+  var $read_only = FALSE; // Used when the entry is opened as "readonly" due to locks.
 
   /* This can be set to render the tabulators in another stylesheet */
   var $pl_notify= FALSE;
@@ -149,6 +150,10 @@ class plugin
       return;
     }
 
+    if(isset($_POST['open_readonly'])){
+      $this->read_only = TRUE;
+    }
+
     /* Save current dn as acl_base */
     $this->acl_base= $dn;
 
@@ -1607,6 +1612,7 @@ class plugin
 
   function acl_is_writeable($attribute,$skip_write = FALSE)
   {
+    if($this->read_only) return(FALSE);
     $ui= get_userinfo();
     return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
   }
@@ -1621,6 +1627,7 @@ class plugin
 
   function acl_is_createable($base ="")
   {
+    if($this->read_only) return(FALSE);
     $ui= get_userinfo();
     if($base == "") $base = $this->acl_base;
     return preg_match('/c/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
@@ -1629,6 +1636,7 @@ class plugin
 
   function acl_is_removeable($base ="")
   {
+    if($this->read_only) return(FALSE);
     $ui= get_userinfo();
     if($base == "") $base = $this->acl_base;
     return preg_match('/d/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
@@ -1637,6 +1645,7 @@ class plugin
 
   function acl_is_moveable($base = "")
   {
+    if($this->read_only) return(FALSE);
     $ui= get_userinfo();
     if($base == "") $base = $this->acl_base;
     return preg_match('/m/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
@@ -1651,6 +1660,7 @@ class plugin
   function getacl($attribute,$skip_write= FALSE)
   {
     $ui= get_userinfo();
+    $skip_write |= $this->read_only;
     return  $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
   }
 

diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc
index 2b987ad1ef501ea6cd3d1b124480753e46b23b16..08e232de746e1c7f0b263c45eac5c3995d2d5d5f 100644 (file)
--- a/gosa-core/include/class_userinfo.inc
+++ b/gosa-core/include/class_userinfo.inc
@@ -332,7 +332,7 @@ class userinfo
     if (isset($ACL_CACHE["$dn+$object+$attribute"])){
       $ret = $ACL_CACHE["$dn+$object+$attribute"];
       if($skip_write){
-        $ret = str_replace('w', '',$ret);
+        $ret = str_replace(array('w','c','d','m'), '',$ret);
       }
       return($ret);
     }
@@ -504,7 +504,7 @@ class userinfo
 
     /* Remove write if needed */
     if ($skip_write){
-      $ret= str_replace('w', '', $ret);
+      $ret = str_replace(array('w','c','d','m'), '',$ret);
     }
     return ($ret);
   }

diff --git a/gosa-core/include/functions.inc b/gosa-core/include/functions.inc
index 071ec2903ad26e94a513cbce76bc9d71cb652795..8f4a91aad595ccd8138f7dccbe987170d0010eaf 100644 (file)
--- a/gosa-core/include/functions.inc
+++ b/gosa-core/include/functions.inc
@@ -698,6 +698,9 @@ function get_lock ($object)
     return("");
   }
 
+  /* Allow readonly access, the plugin::plugin will restrict the acls */
+  if(isset($_POST['open_readonly'])) return("");
+
   /* Get LDAP link, check for presence of the lock entry */
   $user= "";
   $ldap= $config->get_ldap_link();