![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d509da5)
raw | patch | inline | side by side (parent: d509da5)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Fri, 24 Nov 2006 06:06:27 +0000 (06:06 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Fri, 24 Nov 2006 06:06:27 +0000 (06:06 +0000) |
Fixed system Management object remove, copy & paste / snapshot icons & acls
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@5212 594d385d-05f5-0310-b6e9-bd551577e9d8
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@5212 594d385d-05f5-0310-b6e9-bd551577e9d8
| include/class_userinfo.inc | patch | blob | history | |
| plugins/admin/systems/class_divListSystem.inc | patch | blob | history | |
| plugins/admin/systems/class_systemManagement.inc | patch | blob | history |
index b057fd0669c9f365cad69f3418aa6c3e4f2fe8d0..85417cdb150254e873884e716683968338515409 100644 (file)
var $ACL= array();
var $ocMapping= array();
var $groups= array();
+ var $result_cache =array();
/* get acl's an put them into the userinfo object
attr subtreeACL (userdn:components, userdn:component1#sub1#sub2,component2,...) */
$this->ACL= array();
$this->groups= array();
+ $this->result_cache =array();
$ldap= $this->config->get_ldap_link();
$ldap->cd($this->config->current['BASE']);
return ($acl);
}
- function has_complete_category_acls($base,$category)
+
+ /* #FIXME This could be logical wrong or could be optimized in the future
+ Return combined acls for a given category.
+ All acls will be combined like boolean AND
+ As example ('rwcdm' + 'rcd' + 'wrm'= 'r')
+
+ Results will be cached in $this->result_cache.
+ $this->result_cache will be resetted if load_acls is called.
+ */
+ function has_complete_category_acls($dn,$category)
{
- return($this->get_permissions($base,"all/all"));
+ $acl = "rwcdm";
+ $types = "rwcdm";
+
+
+ if(!is_string($category)){
+ trigger_error("category must be string");
+ $acl = "";
+ }else{
+ if(!isset($this->result_cache['has_complete_category_acls'][$dn][$category])) {
+ if (isset($this->ocMapping[$category])){
+ foreach($this->ocMapping[$category] as $oc){
+
+ /* Skip objectClass '0' (e.g. users/0) get_permissions will ever return '' ?? */
+ if($oc == "0") continue;
+ $tmp = $this->get_permissions($dn, $category."/".$oc);
+ for($i = 0 ; $i < strlen($types); $i++) {
+ if(!preg_match("/".$types[$i]."/",$tmp)){
+ $acl = preg_replace("/".$types[$i]."/","",$acl);
+ }
+ }
+ }
+ }else{
+ trigger_error("Invalid type of category ".$category);
+ $acl = "";
+ }
+ $this->result_cache['has_complete_category_acls'][$dn][$category] = $acl;
+ }else{
+ $acl = $this->result_cache['has_complete_category_acls'][$dn][$category];
+ }
+ }
+ return($acl);
}
-
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/plugins/admin/systems/class_divListSystem.inc b/plugins/admin/systems/class_divListSystem.inc
index 7544aceaef882cc5ee5d91f64f64a1b6890a8109..4332d8c83c3facd9c1f4618a877b681b572bc0bd 100644 (file)
$ui= get_userinfo();
$department = array();
foreach($this->module as $module){
-
$d = $ui->get_module_departments($module);
foreach($d as $department){
$departments[$department] = $department;
}
}
+ /* If there is at least one c (Create) and one w (Write) acl in this combination
+ display the snapshot paste icon. BUT check the correct acls in the management plugin */
+ $all_module_acls = "";
+ foreach($this->module as $module){
+ $all_module_acls .= $ui->has_complete_category_acls($this->selectedBase,$module)." | ".$module."<br>";
+ }
+
$listhead = "<div style='background:#F0F0F9;padding:5px;'>".
" <input class='center' type='image' src='images/list_root.png' align='middle'
title='"._("Go to root department")."' name='dep_root' alt='"._("Root")."'> ".
title='"._("Go to users department")."' alt='"._("Home")."' name='dep_home'> ".
" <input class='center' type='image' src='images/list_reload.png' align='middle' title='"._("Reload list")."' name='submit_department' alt='". _("Submit")."'> ".
" <img class='center' src='images/list_seperator.png' align='middle' alt='' height='16' width='1'> ";
- $listhead .= $this->get_snapshot_header($this->selectedBase);
+
+ if(preg_match("/(c.*w|w.*c)/",$all_module_acls)){
+ $listhead .= $this->get_snapshot_header($this->selectedBase);
+ }
$listhead .= " <input class='center' type='image' align='middle' src='images/select_new_terminal.png'
name='newsystem_terminal' alt='"._("New Terminal template")."' title='"._("New Terminal")."'>".
" <input class='center' type='image' align='middle' src='images/select_new_workstation.png'
// User and Template Images
$editlink = "<a href='?plug=".$_GET['plug']."&id=%s&act=edit_entry'>%s</a>";
+ /* ACL mapping */
+ $acl_type = array("server" => "ser");
+ $ui = get_userinfo();
+
// Test Every Entry and generate divlist Array
foreach($terminals as $key => $val){
- $action= "<input class='center' type='image' src='images/edit.png' alt='"._("edit")."' name='user_edit_%KEY%' title='"._("Edit system")."'>";
- $action.= $this->GetSnapShotActions($val['dn']);
- $action.= "<input class='center' type='image' src='images/edittrash.png' alt='"._("delete")."' name='user_del_%KEY%' title='"._("Delete system")."'>";
+ $type = $this->parent->get_system_type($val['objectClass']);
+ $acl_all = $ui->has_complete_category_acls($val['dn'],$type) ;
+
+ $action= "<input class='center' type='image' src='images/edit.png'
+ alt='"._("edit")."' name='user_edit_%KEY%' title='"._("Edit system")."'>";
+ if(preg_match("/(c.*w|w.*c)/",$acl_all)){
+ $action.= $this->GetSnapShotActions($val['dn']);
+ }
+ $action.= "<input class='center' type='image' src='images/edittrash.png'
+ alt='"._("delete")."' name='user_del_%KEY%' title='"._("Delete system")."'>";
/* Generate picture list, which is currently disabled */
if(in_array("goCupsServer" ,$val['objectClass'])) $cups = $img1; else $cups =$empty;
diff --git a/plugins/admin/systems/class_systemManagement.inc b/plugins/admin/systems/class_systemManagement.inc
index 5d655f75e4c88e4724198d0c361c04b157b2eef3..d20bc1766c96cfcdb3eb188a3ceaaddd270c0576 100644 (file)
if ($s_action=="del"){
/* Get 'dn' from posted termlinst */
- $this->dn= $this->terminals[$s_entry]['dn'];
+ $this->dn = $this->terminals[$s_entry]['dn'];
+ $attrs = $this->terminals[$s_entry];
+
+ $type= $this->get_system_type($attrs['objectClass']);
+ $ui = get_userinfo();
+ $tabs = array(
+ "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"),
+ "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"),
+ "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgenric"),
+ "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"),
+ "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"),
+ "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric"));
+
+
+ /* get object type */
+ $tabtype = "termtabs";
+ $tabobj = "TERMTABS";
+ $tabacl = "";
+ if(isset($tabs[$type])){
+ $tabtype = $tabs[$type]['TABCLASS'];
+ $tabobj = $tabs[$type]['CLASS'];
+ $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']);
+ }
/* Load permissions for selected 'dn' and check if
we're allowed to remove this 'dn' */
- $ui = get_userinfo();
- $acl = $ui -> get_category_permissions($this->dn,"terminal");
- if(preg_match("/w/",$acl)){
+ if(preg_match("/d/",$tabacl)){
/* Check locking, save current plugin in 'back_plugin', so
the dialog knows where to return. */
$ui = get_userinfo();
$tabs = array(
- "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal"),
- "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation"),
- "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server"),
- "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer"),
- "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone"),
- "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation"),
- "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component"));
-
-
- /* get object type */
- $tabtype = "termtabs";
- $tabobj = "TERMTABS";
- $tabacl = "";
- if(isset($tabs[$type])){
- $tabtype = $tabs[$type]['TABCLASS'];
- $tabobj = $tabs[$type]['CLASS'];
- $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']);
- }
+ "terminal" => array("CLASS"=>"TERMTABS", "TABCLASS" =>"termtabs", "ACL"=> "terminal/termgeneric"),
+ "workstation" => array("CLASS"=>"WORKTABS", "TABCLASS" =>"worktabs", "ACL"=> "workstation/workgeneric"),
+ "server" => array("CLASS"=>"SERVTABS", "TABCLASS" =>"servtabs", "ACL"=> "server/servgeneric"),
+ "printer" => array("CLASS"=>"PRINTTABS", "TABCLASS" =>"printtabs", "ACL"=> "printer/printgenric"),
+ "phone" => array("CLASS"=>"PHONETABS", "TABCLASS" =>"phonetabs", "ACL"=> "phone/phoneGeneric"),
+ "winstation" => array("CLASS"=>"WINTABS", "TABCLASS" =>"wintabs", "ACL"=> "winworkstation/wingeneric"),
+ "component" => array("CLASS"=>"COMPONENTTABS","TABCLASS" =>"componenttabs", "ACL"=> "component/componentGeneric"));
+
+ /* get object type */
+ $tabtype = "termtabs";
+ $tabobj = "TERMTABS";
+ $tabacl = "";
+ if(isset($tabs[$type])){
+ $tabtype = $tabs[$type]['TABCLASS'];
+ $tabobj = $tabs[$type]['CLASS'];
+ $tabacl = $ui->get_permissions($this->dn,$tabs[$type]['ACL']);
+ }
/* Check if we are allowed to remove this object */
if(preg_match("/d/",$tabacl)){
/* Delete request is permitted, perform LDAP action */
if($tabtype=="phonetabs"){
- $this->systab= new $tabtype($this->config, $this->config->data['TABS'][$tabobj], $this->dn,$tabs[$type]['ACL']);
+ $this->systab= new $tabtype($this->config, $this->config->data['TABS'][$tabobj], $this->dn,$type);
$this->systab->set_acl_base($this->dn);
$this->systab->by_object['phonegeneric']->remove_from_parent ();
}else{
- $this->systab= new $tabtype($this->config,$this->config->data['TABS'][$tabobj], $this->dn,$tabs[$type]['ACL']);
+ $this->systab= new $tabtype($this->config,$this->config->data['TABS'][$tabobj], $this->dn,$type);
$this->systab->set_acl_base($this->dn);
$this->systab->delete();
}