[tokkee]

tokkee.org

Code

projects / gosa.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f86907b)
Updated ACL check for categories.
authorhickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Tue, 4 Nov 2008 09:24:51 +0000 (09:24 +0000)
committerhickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Tue, 4 Nov 2008 09:24:51 +0000 (09:24 +0000)
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@12891 594d385d-05f5-0310-b6e9-bd551577e9d8

gosa-core/include/class_userinfo.inc patch | blob | history

diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc
index 71f7ea9935cd8a135a9549a14ad54e4e4a2ab008..9f1ab2b8e6b70a582fc63a33345f72e12374350e 100644 (file)
--- a/gosa-core/include/class_userinfo.inc
+++ b/gosa-core/include/class_userinfo.inc
@@ -203,7 +203,7 @@ class userinfo
 
   function get_category_permissions($dn, $category, $any_acl = FALSE)
   {
-    return(@$this->get_permissions($dn,$category.'/0'));
+    return(@$this->get_permissions($dn,$category.'/0',""));
   }
 
   
@@ -421,13 +421,28 @@ class userinfo
             continue;
           }
 
-          /* Category ACLs */
+          /* Category ACLs    (e.g. $object = "user/0")
+           */
           if(strstr($object,"/0")){
             $ocs = preg_replace("/\/0$/","",$object);
-            if(isset($this->ocMapping[$ocs]))
-            foreach($this->ocMapping[$ocs] as $oc){
-              if(isset($subacl['acl'][$ocs.'/'.$oc][0])){
-                $acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl'][$ocs.'/'.$oc][0]);
+            if(isset($this->ocMapping[$ocs])){
+
+              /* if $attribute is "", then check every single attribute for this object.
+                 if it is 0, then just check the object category ACL.
+               */
+              if($attribute == ""){    
+                foreach($this->ocMapping[$ocs] as $oc){
+                  if (isset($subacl['acl'][$ocs.'/'.$oc])){
+                    foreach($subacl['acl'][$ocs.'/'.$oc] as $attr => $dummy){
+                      $acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl'][$ocs.'/'.$oc][$attr]);
+                    }
+                    continue;
+                  }
+                }
+              }else{
+                if(isset($subacl['acl'][$ocs.'/'.$oc][0])){
+                  $acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl'][$ocs.'/'.$oc][0]);
+                }
               }
             }
             continue;
@@ -550,7 +565,7 @@ class userinfo
     foreach(str_split($newACL) as $char){
 
       /* Skip permanent and subtree entries */
-      if (!isset($acl[$char]) || preg_match('/[sp]/', $acl[$char])){
+      if (preg_match('/[sp]/', $acl[$char])){
         continue;
       }
 
GONICUS system administrator (SVN clone)