Fixed ACL problem with non ALL ACL's

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5270 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/Changelog b/Changelog
index 3b0aaff43f156c09a4315288e2d9a0948c2c2f00..f80b743dd0729b14d47c5bc25e855b7481911082 100644 (file)
--- a/Changelog
+++ b/Changelog
@@ -6,6 +6,8 @@ GOsa2 changelog
   - Added function to remove PPD's from disc
   - Removed old cups dependencies
   - Fixed saving of terminals printer service attribute
+  - Fixed a ACL naming bug, that avoids that an admin with non "all" ACLs
+    can edit specified objects.
 
 * gosa 2.5.6
   - Copy & paste implemented into FAI

diff --git a/plugins/admin/groups/acl_definition.inc b/plugins/admin/groups/acl_definition.inc
index 608415c574b635adc2950f7db16ebdc821129898..660456aec91eb61557ead35b6dd1012b5eaef43d 100644 (file)
--- a/plugins/admin/groups/acl_definition.inc
+++ b/plugins/admin/groups/acl_definition.inc
@@ -143,7 +143,7 @@ $ACLD['user']=       array("academicTitle",
                        "telephoneNumber",
                        "uid",
                        "vocation");
-$ACLD['mail']=       array(
+$ACLD['mailAccount']=       array(
                        "custom_sieve",
                        "gosaMailAlternateAddress",
 #                      "gosaMailDeliveryMode",
@@ -157,7 +157,7 @@ $ACLD['mail']=       array(
                         "drop_own_mails",
                        "mail",
                        "only_local");
-$ACLD['posix']=      array("allowedHosts",
+$ACLD['posixAccount']=      array("allowedHosts",
                        "force_ids",
                        "gidNumber",
                        "gosaDefaultLanguage",
@@ -176,7 +176,7 @@ $ACLD['posix']=      array("allowedHosts",
                        "shadowMin",
                        "shadowWarning",
                        "uidNumber");
-$ACLD['samba']=      
+$ACLD['sambaAccount']=      
                        array("acctFlags" => "samba2:acctFlags", 
                        "allow_pwchange" => "samba2:allow_pwchange",
                        "homeDrive"     => "samba2:homeDrive",

diff --git a/plugins/personal/mail/main.inc b/plugins/personal/mail/main.inc
index 160ce5841766915fbfca1d0c8de5071b5f8e2e8a..79075eee2087f9efafee13e58dec6ea24058d10c 100644 (file)
--- a/plugins/personal/mail/main.inc
+++ b/plugins/personal/mail/main.inc
@@ -57,10 +57,10 @@ if (!$remove_lock){
   /* Adjust acl's to mode */
   if (isset($_SESSION['edit'])){
     $acl= get_permissions ($ui->dn, $ui->subtreeACL);
-    $mailAccount->acl= get_module_permission($acl, "mail", $ui->dn);
+    $mailAccount->acl= get_module_permission($acl, "mailAccount", $ui->dn);
   } else {
     $acl= get_permissions ($ui->dn, $ui->subtreeACL);
-    $editacl= get_module_permission($acl, "mail", $ui->dn);
+    $editacl= get_module_permission($acl, "mailAccount", $ui->dn);
     $mailAccount->acl= "#none#";
   }
 
@@ -75,7 +75,7 @@ if (!$remove_lock){
       $mailAccount->save ();
       gosa_log ("User/mail object'".$ui->dn."' has been saved");
       $mailAccount->acl= "#none#";
-      $editacl= get_module_permission($acl, "mail", $ui->dn);
+      $editacl= get_module_permission($acl, "mailAccount", $ui->dn);
       del_lock ($ui->dn);
       sess_del ('edit');
 

diff --git a/plugins/personal/posix/main.inc b/plugins/personal/posix/main.inc
index 4ce234561022957331375d97d9255fc4f61f8c9f..af72302056084397db3173ed79d6716096a0bffb 100644 (file)
--- a/plugins/personal/posix/main.inc
+++ b/plugins/personal/posix/main.inc
@@ -62,10 +62,10 @@ if (!$remove_lock){
   /* Adjust acl's to mode */
   if (isset($_SESSION['edit'])){
     $acl= get_permissions ($ui->dn, $ui->subtreeACL);
-    $posixAccount->acl= get_module_permission($acl, "posix", $ui->dn);
+    $posixAccount->acl= get_module_permission($acl, "posixAccount", $ui->dn);
   } else {
     $acl= get_permissions ($ui->dn, $ui->subtreeACL);
-    $editacl= get_module_permission($acl, "posix", $ui->dn);
+    $editacl= get_module_permission($acl, "posixAccount", $ui->dn);
     $posixAccount->acl= "#none#";
   }
 
@@ -81,7 +81,7 @@ if (!$remove_lock){
       $posixAccount->save ();
       gosa_log ("User/posix object'".$ui->dn."' has been saved");
       $posixAccount->acl= "#none#";
-      $editacl= get_module_permission($acl, "posix", $ui->dn);
+      $editacl= get_module_permission($acl, "posixAccount", $ui->dn);
       del_lock ($ui->dn);
       sess_del ('edit');
 

diff --git a/plugins/personal/samba/main.inc b/plugins/personal/samba/main.inc
index 5a78b651a78891ea1d09dc82b42f634d4e008b36..c17d7d5c6ee212db07db59303cba0cada5bf6f63 100644 (file)
--- a/plugins/personal/samba/main.inc
+++ b/plugins/personal/samba/main.inc
@@ -58,10 +58,10 @@ if (!$remove_lock){
   /* Adjust acl's to mode */
   if (isset($_SESSION['edit'])){
     $acl= get_permissions ($ui->dn, $ui->subtreeACL);
-    $sambaAccount->acl= get_module_permission($acl, "samba", $ui->dn);
+    $sambaAccount->acl= get_module_permission($acl, "sambaAccount", $ui->dn);
   } else {
     $acl= get_permissions ($ui->dn, $ui->subtreeACL);
-    $editacl= get_module_permission($acl, "samba", $ui->dn);
+    $editacl= get_module_permission($acl, "sambaAccount", $ui->dn);
     $sambaAccount->acl= "#none#";
   }
 
@@ -76,7 +76,7 @@ if (!$remove_lock){
       $sambaAccount->save ();
       gosa_log ("User/samba object'".$ui->dn."' has been saved");
       $sambaAccount->acl= "#none#";
-      $editacl= get_module_permission($acl, "samba", $ui->dn);
+      $editacl= get_module_permission($acl, "sambaAccount", $ui->dn);
       del_lock ($ui->dn);
       sess_del ('edit');