Updated plugin handling.

author hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>

Wed, 2 Jul 2008 12:02:39 +0000 (12:02 +0000)

committer hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>

Wed, 2 Jul 2008 12:02:39 +0000 (12:02 +0000)
author hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Wed, 2 Jul 2008 12:02:39 +0000 (12:02 +0000)
committer hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Wed, 2 Jul 2008 12:02:39 +0000 (12:02 +0000)
diff --git a/gosa-core/html/main.php b/gosa-core/html/main.php

index 68941ebfa48a6f871031e715c21cbd71b539fd88..2e415ce94f7824770209cc9dbca94c979a7c2641 100644 (file)
--- a/gosa-core/html/main.php
+++ b/gosa-core/html/main.php
@@ -184,7 +184,7 @@ if (session::is_set('plugin_dir')){
  } else {
    $old_plugin_dir= "";
  }
-if (isset($_GET['plug'])){
+if (isset($_GET['plug']) && $plist->plugin_access_allowed($_GET['plug'])){
    $plug= validate($_GET['plug']);
    $plugin_dir= $plist->get_path($plug);
    session::set('plugin_dir',$plugin_dir);
diff --git a/gosa-core/include/class_pluglist.inc b/gosa-core/include/class_pluglist.inc

index ecc77a18c519e517eadcab801409b3fa4e24bd3f..8c47f218a97be8d9c53e26e529363e69a9588056 100644 (file)
--- a/gosa-core/include/class_pluglist.inc
+++ b/gosa-core/include/class_pluglist.inc
@@ -31,6 +31,7 @@ class pluglist {
         var $current= "";
         var $info= array();
         var $headlines = array();
+  var $allowed_plugins = array();
  
         function pluglist(&$config, &$ui)
         {
@@ -186,6 +187,8 @@ class pluglist {
  
                                         if ($this->check_access($info['ACL'])){
  
+            $this->allowed_plugins[$index] = $index;
+ 
                                                 $entries= $entries."<p class=\"menuitem\" ".
                                                         "onClick='return question(\""._("You are currently editing a database entry. Do you want to dismiss the changes?")."\", \"$href\");'>";
                                                 if(session::get('js')){
@@ -377,6 +380,15 @@ class pluglist {
                  return (0);
  
         }
+
+  /*! \brief  This function checks if we are allowed to view the plugin with the given id 
+      @param  $plug_id  Integer  The ID of the plugin.
+      @return Boolean   TRUE if we are allowed to view the plugin else FASLE
+   */
+  function plugin_access_allowed($plug_id)
+  {
+    return(isset($this->allowed_plugins[$plug_id]));
+  }
  }
  // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
  ?>
author	hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Wed, 2 Jul 2008 12:02:39 +0000 (12:02 +0000)
committer	hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
	Wed, 2 Jul 2008 12:02:39 +0000 (12:02 +0000)
gosa-core/html/main.php		patch \| blob \| history
gosa-core/include/class_pluglist.inc		patch \| blob \| history