Added move and create acl checks.

author hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>

Wed, 28 May 2008 08:50:19 +0000 (08:50 +0000)

committer hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>

Wed, 28 May 2008 08:50:19 +0000 (08:50 +0000)
author hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Wed, 28 May 2008 08:50:19 +0000 (08:50 +0000)
committer hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Wed, 28 May 2008 08:50:19 +0000 (08:50 +0000)
diff --git a/gosa-core/plugins/admin/groups/class_groupGeneric.inc b/gosa-core/plugins/admin/groups/class_groupGeneric.inc

index 5c00c8155ee6b4c51ff93c0e3799c870055c5058..2318c29970001245e2b26c59bc6c1c2f616fdb35 100644 (file)
--- a/gosa-core/plugins/admin/groups/class_groupGeneric.inc
+++ b/gosa-core/plugins/admin/groups/class_groupGeneric.inc
@@ -48,6 +48,7 @@ class group extends plugin
    var $oldgroupType= "";
    var $orig_dn= "";
    var $orig_cn= "";
+  var $orig_base= "";
    var $has_mailAccount= FALSE;
    var $group_dialog= FALSE;
    var $nagios_group =FALSE;
@@ -195,6 +196,7 @@ class group extends plugin
        /* Get object base */
        $this->base =preg_replace ("/^[^,]+,".normalizePreg(get_groups_ou())."/","",$this->dn);
      }
+    $this->orig_base = $this->base;
  
      /* Is this account a trustAccount? */
      if (isset($this->attrs['trustModel'])){
@@ -1115,6 +1117,14 @@ class group extends plugin
        }
      }
  
+    /* Check if we are allowed to create or move this object 
+     */
+    if($this->dn == "new" && !$this->acl_is_createable($this->base)){
+      $message[] = msgPool::permCreate();
+    }elseif($this->cn != $this->orig_cn || $this->base != $this->orig_base){
+      $message[] = msgPool::permMove();
+    }
+
      return ($message);
    }
author	hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Wed, 28 May 2008 08:50:19 +0000 (08:50 +0000)
committer	hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Wed, 28 May 2008 08:50:19 +0000 (08:50 +0000)