![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 87283e4)
raw | patch | inline | side by side (parent: 87283e4)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Fri, 20 Jun 2008 13:56:12 +0000 (13:56 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Fri, 20 Jun 2008 13:56:12 +0000 (13:56 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11399 594d385d-05f5-0310-b6e9-bd551577e9d8
| gosa-core/include/class_userinfo.inc | patch | blob | history |
index cbac37f14ce58e952c54d715a8e0ddd6fb086acc..34634669f6820a9cc018ef91773df2f297b9f89b 100644 (file)
$path= split(',', $dn);
$path= array_reverse($path);
+
/* Walk along the path to evaluate the acl */
$cpath= "";
foreach ($path as $element){
continue;
}
- /* With user filter */
- if (isset($subacl['filter']) && !empty($subacl['filter'])){
- $sdn = preg_replace("/^[^,]*+,/","",$dn);
- $ldap->cd($sdn);
- $ldap->ls($subacl['filter'],$sdn);
- if(!$ldap->count()){
- continue;
- }else{
- $found = FALSE;
- while($attrs = $ldap->fetch()){
- if($attrs['dn'] == $dn){
- $found = TRUE;
- break;
- }
- }
- if(!$found){
- continue;
- }
- }
- }
+ /* With user filter */
+ if (isset($subacl['filter']) && !empty($subacl['filter'])){
+ $sdn = preg_replace("/^[^,]*+,/","",$dn);
+ $ldap->cd($sdn);
+ $ldap->ls($subacl['filter'],$sdn);
+ if(!$ldap->count()){
+ continue;
+ }else{
+ $found = FALSE;
+ while($attrs = $ldap->fetch()){
+ if($attrs['dn'] == $dn){
+ $found = TRUE;
+ break;
+ }
+ }
+ if(!$found){
+ continue;
+ }
+ }
+ }
+
+ /* Self ACLs?
+ */
+ if(isset($subacl['acl'][$object][0]) && preg_match("/s/",$subacl['acl'][$object][0]) && $dn != $this->dn){
+ continue;
+ }
+
+ /* If attribute is "", we want to know, if we've *any* permissions here... */
+ if ($attribute == "" && isset($subacl['acl'][$object])){
+ foreach($subacl['acl'][$object] as $attr => $dummy){
+ $acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl'][$object][$attr]);
+ }
+ continue;
+ }
/* Per attribute ACL? */
if (isset($subacl['acl'][$object][$attribute])){
$acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl']['all'][0]);
continue;
}
-
- /* If attribute is "", we want to know, if we've *any* permissions here... */
- if ($attribute == "" && isset($subacl['acl'][$object])){
- foreach($subacl['acl'][$object] as $attr => $dummy){
- $acl= $this->mergeACL($acl, $subacl['type'], $subacl['acl'][$object][$attr]);
- }
- continue;
- }
-
}
}
}
}
}
}
-
+
$ACL_CACHE = &session::get('ACL_CACHE');
$ACL_CACHE['MODULE_DEPARTMENTS'][serialize($module)] = $deps;
return ($deps);