Updated class acl.

-Return availabble deps correctly.
-ACL: Allow to set create Flag for non container objects too.

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11016 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-core/include/class_acl.inc b/gosa-core/include/class_acl.inc
index a595b06a428efbe0cc8dfb3901b87a5ab311b0f0..ef05955b53391f0af9a2fbef0ec20f98e2cd89d6 100644 (file)
--- a/gosa-core/include/class_acl.inc
+++ b/gosa-core/include/class_acl.inc
@@ -719,20 +719,20 @@ class acl extends plugin
 
       /* Generate options */
       $spc= "  ";
-      if ($this->isContainer && $this->aclType != 'base'){
+#      if ($this->isContainer && $this->aclType != 'base'){
         $options= $this->mkchkbx($key."_0_c",  _("Create objects"), preg_match('/c/', $overall_acl)).$spc;
         $options.= $this->mkchkbx($key."_0_m", _("Move objects"), preg_match('/m/', $overall_acl)).$spc;
         $options.= $this->mkchkbx($key."_0_d", _("Remove objects"), preg_match('/d/', $overall_acl)).$spc;
         if ($plist[preg_replace('%^.*/%', '', $key)]['plSelfModify']){
           $options.= $this->mkchkbx($key."_0_s", _("Modifyable by owner"), preg_match('/s/', $overall_acl)).$spc;
         }
-      } else {
-        $options= $this->mkchkbx($key."_0_m", _("Move object"), preg_match('/m/', $overall_acl)).$spc;
-        $options.= $this->mkchkbx($key."_0_d", _("Remove object"), preg_match('/d/', $overall_acl)).$spc;
-        if ($plist[preg_replace('%^.*/%', '', $key)]['plSelfModify']){
-          $options.= $this->mkchkbx($key."_0_s", _("Modifyable by owner"), preg_match('/s/', $overall_acl)).$spc;
-        }
-      }
+ #     } else {
+ #       $options= $this->mkchkbx($key."_0_m", _("Move object"), preg_match('/m/', $overall_acl)).$spc;
+ #       $options.= $this->mkchkbx($key."_0_d", _("Remove object"), preg_match('/d/', $overall_acl)).$spc;
+ #       if ($plist[preg_replace('%^.*/%', '', $key)]['plSelfModify']){
+ #         $options.= $this->mkchkbx($key."_0_s", _("Modifyable by owner"), preg_match('/s/', $overall_acl)).$spc;
+ #       }
+ #     }
 
       /* Global options */
       $more_options= $this->mkchkbx($key."_0_r",  _("read"), preg_match('/r/', $overall_acl)).$spc;

diff --git a/gosa-core/include/class_plugin.inc b/gosa-core/include/class_plugin.inc
index 4c78534f9debb7c1b2e7c376bdb6b434983251dd..51d372862f43ae8cb657a5c5096c340b8583e9d7 100644 (file)
--- a/gosa-core/include/class_plugin.inc
+++ b/gosa-core/include/class_plugin.inc
@@ -1614,14 +1614,15 @@ class plugin
   {
     $ui= get_userinfo();
     if($base == "") $base = $this->acl_base;
-    return preg_match('/c/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
+    return preg_match('/c/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
   }
 
 
-  function acl_is_removeable()
+  function acl_is_removeable($base ="")
   {
     $ui= get_userinfo();
-    return preg_match('/d/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), '0'));
+    if($base == "") $base = $this->acl_base;
+    return preg_match('/d/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
   }
 
 
@@ -1644,18 +1645,18 @@ class plugin
     return  $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute,$skip_write);
   }
 
-  /* Get all allowed bases to move an object to or to create a new object.
-     Idepartments also contains all base departments which lead to the allowed bases */
-  function get_allowed_bases($category = "")
+
+  /*! \brief    Returns a list of all available departments for this object.  
+                If this object is new, all departments we are allowed to create a new user in are returned.
+                If this is an existing object, return all deps. we are allowed to move tis object too.
+
+      @return   Array [dn] => "..name"  // All deps. we are allowed to act on.
+  */
+  function get_allowed_bases()
   {
     $ui = get_userinfo();
     $deps = array();
 
-    /* Set category */ 
-    if(empty($category)){
-      $category = $this->acl_category.get_class($this);
-    }
-
     /* Is this a new object ? Or just an edited existing object */
     if(!$this->initially_was_account && $this->is_account){
       $new = true;
@@ -1663,17 +1664,10 @@ class plugin
       $new = false;
     }
 
-    $cat_bases = $ui->get_module_departments(preg_replace("/\/.*$/","",$category));
     foreach($this->config->idepartments as $dn => $name){
-      
-      if(!in_array_ics($dn,$cat_bases)){
-        continue;
-      }
-      
-      $acl = $ui->get_permissions($dn,$category);
-      if($new && preg_match("/c/",$acl)){
+      if($new && $this->acl_is_createable($dn)){
         $deps[$dn] = $name;
-      }elseif(!$new && preg_match("/m/",$acl)){
+      }elseif(!$new && $this->acl_is_moveable($dn)){
         $deps[$dn] = $name;
       }
     }
@@ -1682,7 +1676,7 @@ class plugin
     if(isset($this->base) && isset($this->config->idepartments[$this->base])){
       $deps[$this->base] = $this->config->idepartments[$this->base];
     }else{
-      trigger_error("No default base found in class ".get_class($this).". ".$this->base);
+      trigger_error("Cannot return list of departments, no default base found in class ".get_class($this).". ".$this->base);
     }
     return($deps);
   }

diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc
index 5413cd00ab4c5784a61f26274dee4a6653fa83aa..5f68ac99989044c9f93fe27fa87b582c264b41d0 100644 (file)
--- a/gosa-core/include/class_userinfo.inc
+++ b/gosa-core/include/class_userinfo.inc
@@ -172,7 +172,6 @@ class userinfo
       }
 
     }
-
   }