Added krb Service ACLs.

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11733 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc b/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc
index 4da99745cd239257479ad4871195e2b9487a81d7..100211c600341561d33544094c0c055bdfddea34 100644 (file)
--- a/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc
+++ b/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc
@@ -167,7 +167,7 @@ class krbHostKeys extends plugin
   {
     /* Skip if there is no kerberos support available 
      */
-    if(!$this->kerberos_support) return("");
+    if(!$this->kerberos_support || !$this->acl_is_readable("0")) return("");
 
     /* Check if naming context has changed,
        in this case ask user if he wants to update the keys. 
@@ -243,6 +243,12 @@ class krbHostKeys extends plugin
       <input type='image' class='center' name='remove_%ID%'
       alt='{t}Remove key{/t}' title='{t}Remove key{/t}' src='images/lists/trash.png'>";
 
+    /* Check ACLs */
+    if(!$this->acl_is_writeable("0")){
+      $new = $rec = "";
+    }
+    
+
     foreach($this->server_list as $mac => $server){
 
       /* Recreate/Remove actions */
@@ -377,6 +383,8 @@ class krbHostKeys extends plugin
   {
     if(!isset($this->last_list[$prefix])) return; // No posts for us 
 
+    if(!$this->acl_is_writeable("0")) return; // No permissions to change anything
+
     foreach($_POST as $name => $value){
       if(preg_match("/^create_/",$name)){
         $id = preg_replace("/^create_([0-9]*)_.*$/","\\1",$name);