Added checks && permssion checks to acl roles

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11075 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-core/plugins/admin/acl/class_aclRole.inc b/gosa-core/plugins/admin/acl/class_aclRole.inc
index f77c9361fce4477f9a9809151174c614f27b954e..809d057c5ba87b29860ddd33153c9511c53384ba 100644 (file)
--- a/gosa-core/plugins/admin/acl/class_aclRole.inc
+++ b/gosa-core/plugins/admin/acl/class_aclRole.inc
@@ -51,6 +51,7 @@ class aclrole extends acl
   var $cn = "";
   var $description = "";
   var $orig_dn;
+  var $orig_base;
   var $base ="";
 
   function aclrole (&$config,  $dn= NULL)
@@ -136,6 +137,8 @@ class aclrole extends acl
 
     /* Finally - we want to get saved... */
     $this->is_account= TRUE;
+    $this->orig_base = $this->base;
+    $this->orig_dn = $this->dn;
   }
 
 
@@ -706,6 +709,29 @@ class aclrole extends acl
         ));
   }
 
+  function check()
+  {
+    $message = plugin::check();
+
+    if(empty($this->cn)){
+      $message[] = msgPool::required(_("Name"));
+    }
+   
+    if(!count($this->gosaAclTemplate)){
+      $message[] = msgPool::required(_("ACL"));
+    }
+ 
+    /* Check if we are allowed to create or move this object
+     */
+    if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
+      $message[] = msgPool::permCreate();
+    }elseif($this->base != $this->orig_base && !$this->acl_is_moveable($this->base)){
+      $message[] = msgPool::permMove();
+    }
+
+    return($message);
+  }
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: