Updated cfg management

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@20876 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-plugins/goto-ng/admin/newConfigManagement/class_ConfigManagement.inc b/gosa-plugins/goto-ng/admin/newConfigManagement/class_ConfigManagement.inc
index 20cbecf3356905198205dd550a6605b19cf13833..7c696be5c867dad4c03ce078b7d6f153d06549fb 100644 (file)
--- a/gosa-plugins/goto-ng/admin/newConfigManagement/class_ConfigManagement.inc
+++ b/gosa-plugins/goto-ng/admin/newConfigManagement/class_ConfigManagement.inc
@@ -30,7 +30,7 @@ class ConfigManagement extends plugin
     function __construct($config, $dn)
     {
         $this->config = &$config;
-        $this->listing = new cfgMgmtMangement($this->config, get_userinfo(), $this);
+        $this->listing = new cfgMgmtManagement($this->config, get_userinfo(), $this);
 
         // Load the template engine and tell her what template
         //  to use for the HTML it produces.
@@ -512,7 +512,7 @@ class ConfigManagement extends plugin
 
 
     /*! \brief  Acts on open requests.
-     *          (This action is received from the cfgMgmtMangement class.)
+     *          (This action is received from the cfgMgmtManagement class.)
      *  @param  Array   The items ids. (May contain multiple ids)
      *  @return
      */
@@ -530,12 +530,22 @@ class ConfigManagement extends plugin
      */
     function removeEntry($ids)
     {
-        $this->ids = $ids;
-       
+        $this->ids = array();
         $names = array();
+        $ui = get_userinfo();
         foreach($ids as $id){
             $item = $this->dataModel->getItemByDn($id);
-            $names["({$item['type']}) {$item['path']})"] = $item['name'];
+            $dn = $item['dn'];
+            $acl = $ui->get_permissions($dn, "ConfigManagement/ConfigManagement", "cfgItem");
+
+            // Check permissions, are we allowed to remove this object?
+            if(preg_match("/d/",$acl)){
+                $names["({$item['type']}) {$item['path']})"] = $item['name'];
+                $this->ids[] = $id;
+            } else {
+                msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
+                new log("security","ConfigManagement/".get_class($this),$dn,array(),"Tried to trick deletion.");
+            }
         }
 
         $smarty = get_smarty();

diff --git a/gosa-plugins/goto-ng/admin/newConfigManagement/class_cfgMgmtMangement.inc b/gosa-plugins/goto-ng/admin/newConfigManagement/class_cfgMgmtMangement.inc
index 3ea534deb44eab8a1c8926d0e776e6d2f9a5bdb6..2c4b523f78ac5d6b0d213f250b60196ab1bc964a 100644 (file)
--- a/gosa-plugins/goto-ng/admin/newConfigManagement/class_cfgMgmtMangement.inc
+++ b/gosa-plugins/goto-ng/admin/newConfigManagement/class_cfgMgmtMangement.inc
@@ -1,6 +1,6 @@
 <?php
 
-class cfgMgmtMangement extends management
+class cfgMgmtManagement extends management
 {
 
     private $base = "";