Added correct checks to prevent user creation or movement when not allowed.

author hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>

Tue, 27 May 2008 07:35:52 +0000 (07:35 +0000)

committer hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>

Tue, 27 May 2008 07:35:52 +0000 (07:35 +0000)
author hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Tue, 27 May 2008 07:35:52 +0000 (07:35 +0000)
committer hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Tue, 27 May 2008 07:35:52 +0000 (07:35 +0000)
diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc

index 0200dae80cd2de5b089b482766064583762b92a5..ffef24b70779c2791a15b2a8aff15d1579dbe917 100644 (file)
--- a/gosa-core/plugins/personal/generic/class_user.inc
+++ b/gosa-core/plugins/personal/generic/class_user.inc
@@ -1160,6 +1160,14 @@ class user extends plugin
        $this->set_acl_base($this->base);
      }
  
+    /* Check if we are allowed to create/move this user 
+     */
+    if($this->dn == "new" && !$this->acl_is_createable($this->base)){
+      $message[]= msgPool::permCreate();
+    }elseif($this->new_dn != $this->orig_dn && !$this->acl_is_moveable($this->base)){
+      $message[]= msgPool::permMove();
+    }
+
      /* UID already used? */
      $ldap= $this->config->get_ldap_link();
      $ldap->cd($this->config->current['BASE']);
author	hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Tue, 27 May 2008 07:35:52 +0000 (07:35 +0000)
committer	hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Tue, 27 May 2008 07:35:52 +0000 (07:35 +0000)