Updated acl acls

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11057 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-core/plugins/admin/acl/class_aclManagement.inc b/gosa-core/plugins/admin/acl/class_aclManagement.inc
index 72a2bf35cde8e153dd6b954a75724bdac051f8f8..fdaedf7035c1ce3ca9bfe40d1c495ebf0403e335 100644 (file)
--- a/gosa-core/plugins/admin/acl/class_aclManagement.inc
+++ b/gosa-core/plugins/admin/acl/class_aclManagement.inc
@@ -300,32 +300,49 @@ class aclManagement extends plugin
         }
       }
 
-      /* Display lock messages */
-      if ($user= get_multiple_locks($this->dns)){
-        return(gen_locked_message($user,$this->dns));
-      }
-
-      $dns_names = array();
+      $disallowed = array();
       foreach($this->dns as $key => $dn){
-
-        /* Check permissions */
-        if(!preg_match("/d/",$this->ui->get_permissions($dn,"acl/acl"))){
-
-          /* Obviously the acl isn't allowed to delete. Show message and
-             clean session. */
-          msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
+        $acl = $this->ui->get_permissions($dn, "aclroles/aclrole");
+        if(!preg_match("/d/",$acl)){
           unset($this->dns[$key]);
-          continue;
+          $disallowed[] = $dn;
         }
+      }
 
-        $dns_names[] = LDAP::fix($dn);
+      if(count($disallowed)){
+        msg_dialog::display(_("Permission"),msgPool::permDelete($disallowed),INFO_DIALOG);
       }
 
       if(count($this->dns)){
-        add_lock($this->dns,$this->ui->dn);  
-        $smarty->assign("info", msgPool::deleteInfo($dns_names));
-        $smarty->assign("is_role",false);
-        return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+
+
+        /* Display lock messages */
+        if ($user= get_multiple_locks($this->dns)){
+          return(gen_locked_message($user,$this->dns));
+        }
+
+        $dns_names = array();
+        foreach($this->dns as $key => $dn){
+
+          /* Check permissions */
+          if(!preg_match("/d/",$this->ui->get_permissions($dn,"acl/acl"))){
+
+            /* Obviously the acl isn't allowed to delete. Show message and
+               clean session. */
+            msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG);
+            unset($this->dns[$key]);
+            continue;
+          }
+
+          $dns_names[] = LDAP::fix($dn);
+        }
+
+        if(count($this->dns)){
+          add_lock($this->dns,$this->ui->dn);  
+          $smarty->assign("info", msgPool::deleteInfo($dns_names));
+          $smarty->assign("is_role",false);
+          return($smarty->fetch(get_template_path('remove.tpl', TRUE)));
+        }
       }
     }
 
@@ -555,15 +572,23 @@ class aclManagement extends plugin
       return("");
     }
 
+    $ui = get_userinfo();
+
     /* Add a single entry to queue */
     if($s_action == "cut" || $s_action == "copy"){
 
       /* Cleanup object queue */
       $this->CopyPasteHandler->cleanup_queue();
       $dn = $this->list[$s_entry]['dn'];
-  
-      if(isset($this->list[$s_entry]['objectClass']) && in_array("gosaRole",$this->list[$s_entry]['objectClass'])){
-        $this->CopyPasteHandler->add_to_queue($dn,$s_action,"aclroletab","ACLROLETAB","aclroles");
+
+      /* We can only copy & cut roles */ 
+      if(isset($this->list[$id]['objectClass']) && in_array("gosaRole",$this->list[$s_entry]['objectClass'])){
+        if($s_action == "copy" && preg_match("/r/",$ui->has_complete_category_acls($dn,"aclroles"))){
+          $this->CopyPasteHandler->add_to_queue($dn,$s_action,"aclroletab","ACLROLETAB","aclroles");
+        }
+        if($s_action == "cut" && preg_match("/(r.*d|d.*r)/",$ui->has_complete_category_acls($dn,"aclroles"))){
+          $this->CopyPasteHandler->add_to_queue($dn,$s_action,"aclroletab","ACLROLETAB","aclroles");
+        }
       }
     }
 
@@ -579,10 +604,10 @@ class aclManagement extends plugin
 
         if(isset($this->list[$id]['objectClass']) && in_array("gosaRole",$this->list[$id]['objectClass'])){
 
-          if($s_action == "copy_multiple"){
+          if($s_action == "copy_multiple" && preg_match("/r/",$ui->has_complete_category_acls($dn,"aclroles"))){
             $this->CopyPasteHandler->add_to_queue($dn,"copy","aclroletab","ACLROLETAB","aclroles");
           }
-          if($s_action == "cut_multiple"){
+          if($s_action == "cut_multiple" && preg_match("/(r.*d|d.*r)/",$ui->has_complete_category_acls($dn,"aclroles"))){
             $this->CopyPasteHandler->add_to_queue($dn,"cut","aclroletab","ACLROLETAB","aclroles");
           }
         }

diff --git a/gosa-core/plugins/admin/acl/class_divListACL.inc b/gosa-core/plugins/admin/acl/class_divListACL.inc
index 26389456d7ed79a92732b50f00e034a1e260e073..99c07ced49346b8a360e4b3ff21e4bfd688d5066 100644 (file)
--- a/gosa-core/plugins/admin/acl/class_divListACL.inc
+++ b/gosa-core/plugins/admin/acl/class_divListACL.inc
@@ -157,44 +157,38 @@ class divListACL extends MultiSelectWindow
 
     /* Create Layers menu */
     $s  = ".|"._("Actions")."|\n";
-    $s .= "..|<img src='images/lists/new.png' alt='' border='0' class='center'>".
-      "&nbsp;"._("Create")."|\n";
-
     /* Append create options */
     if(preg_match("/c/",$acl)) {
+      $s .= "..|<img src='images/lists/new.png' alt='' border='0' class='center'>".
+        "&nbsp;"._("Create")."|\n";
       $s.= "...|<input class='center' type='image' src='plugins/acl/images/new-role.png' alt=''>".
         "&nbsp;"._("Role")."|new_acl_role|\n";
     }
 
-    /* Multiple options */
-    $s.= "..|---|\n";
     $s.= "..|<img src='images/lists/trash.png' alt='' border='0' class='center'>".
       "&nbsp;"._("Remove")."|"."remove_multiple|\n";
 
-    /* Add multiple copy & cut icons */
-    if(is_object($this->parent->CopyPasteHandler)){
+    if(is_object($this->parent->CopyPasteHandler) && preg_match("/r/",$acl_all)){
       $s.= "..|---|\n";
       $s.= "..|<img src='images/lists/copy.png' alt='' border='0' class='center'>".
         "&nbsp;"._("Copy")."|"."multiple_copy_systems|\n";
       $s.= "..|<img src='images/lists/cut.png' alt='' border='0' class='center'>".
         "&nbsp;"._("Cut")."|"."multiple_cut_systems|\n";
+    }
 
-      if($this->parent->CopyPasteHandler->entries_queued()){
-        $img = "<img border='0' class='center' src='images/lists/paste.png' alt=''>";
-        $s.="..|".$img."&nbsp;"._("Paste")."|editPaste|\n";
-      }else{
-        $img = "<img border='0' class='center' src='images/lists/paste.png' alt=''>";
-        $s.="..|".$img."&nbsp;"._("Paste")."\n";
-      }
+    /* Copy & paste icons */
+    if(is_object($this->parent->CopyPasteHandler) && $this->parent->CopyPasteHandler->entries_queued()){
+      $img = "<img border='0' class='center' src='images/lists/paste.png' alt=''>";
+      $s.="..|".$img."&nbsp;"._("Paste")."|editPaste|\n";
+    }else{
+      $img = "<img border='0' class='center' src='images/lists/paste-grey.png' alt=''>";
+      $s.="..|".$img."&nbsp;"._("Paste")."\n";
     }
 
     /* Add snapshot icons */
     if(preg_match("/(c.*w|w.*c)/",$acl_all)){
-      $str = $this->get_snapshot_header(TRUE) ;
-      if(!empty($str)){
-        $s .= "..|---|\n";
-        $s .= $str;
-      }
+      $s .= "..|---|\n";
+      $s .= $this->get_snapshot_header(TRUE);
     }
 
     $this->SetDropDownHeaderMenu($s);