Updated user ACL

-Updated user move permission handling.
-The user is now moved, but the userinfo object isn't updated correspondingly.

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@19517 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc
index 50d0fd538eead3e273849f84841d649a7288bbb2..eb83980adf297ff30a4707f3f853270e5d3d9a60 100644 (file)
--- a/gosa-core/plugins/personal/generic/class_user.inc
+++ b/gosa-core/plugins/personal/generic/class_user.inc
@@ -1313,8 +1313,19 @@ class user extends plugin
     /* Check if we are allowed to create/move this user */
     if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){
       $message[]= msgPool::permCreate();
-    }elseif($this->orig_dn != "new" && $this->new_dn != $this->orig_dn && !$this->acl_is_moveable($this->base)){
-      $message[]= msgPool::permMove();
+    }elseif($this->orig_dn != "new" && $this->new_dn != $this->orig_dn){
+
+        /* Check if the objects dn has changed while the base was left unchanged. 
+         * In this case we've to check move permissions for the object itself.
+         * 
+         * If the base has changed then we've to check the permission for the destination
+         *  base.
+         */
+        if($this->orig_base == $this->base && !$this->acl_is_moveable($this->dn)){
+            $message[]= msgPool::permMove();
+        }elseif($this->orig_base != $this->base && !$this->acl_is_moveable($this->base)){
+            $message[]= msgPool::permMove();
+        }
     }
 
     /* UID already used? */