Added acls for password change

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4445 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/plugins/personal/password/class_password.inc b/plugins/personal/password/class_password.inc
index f53289adafec03d6def838129c5048f14b0dd3e0..28215b037b923489c4e1f6f8d40e228d83e8293d 100644 (file)
--- a/plugins/personal/password/class_password.inc
+++ b/plugins/personal/password/class_password.inc
@@ -4,6 +4,23 @@ class password
   /* Definitions */
   var $plHeadline= "Password";
   var $plDescription= "This does something";
+
+  
+  function plInfo()
+  {
+    return (array(
+          "plDescription"     => _("User password"),
+          "plSelfModify"      => TRUE,
+          "plDepends"         => array("user"),
+          "plPriority"        => 10,
+          "plSection"         => "personal",
+          "plCategory"        => array("users"),
+          "plOptions"         => array(),
+
+          "plProvidedAcls"  => array())
+            );
+  }
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:

diff --git a/plugins/personal/password/main.inc b/plugins/personal/password/main.inc
index df07d11623bc9e282028dcf0dd2f26f28a0751be..5b9eac61549cbbc60ea2a6960bcd02efb656cb77 100644 (file)
--- a/plugins/personal/password/main.inc
+++ b/plugins/personal/password/main.inc
@@ -24,6 +24,11 @@ if (!$remove_lock){
   $smarty->assign ('headimage', get_template_path('images/password.png'));
   $display= "";
 
+  $password_ACLS = $ui->get_permissions($ui->dn,"users/password");
+  $password_ACLS = "cmdr";
+  $smarty->assign("ChangeACL" ,  $password_ACLS);   
+  $smarty->assign("NotAllowed" , !preg_match("/w/i",$password_ACLS));   
+
   /* Check for interaction */
   if ($_SERVER["REQUEST_METHOD"] == "POST"){
     if (isset($_POST['password_finish'])){
@@ -65,9 +70,7 @@ if (!$remove_lock){
         }
       }
 
-      $ca= get_permissions ($ui->dn, $ui->subtreeACL);
-      $ca= get_module_permission($ca, "user", $ui->dn);
-      if (chkacl($ca, "password") != ""){
+      if(!preg_match("/w/i",$password_ACLS)){
         $message[]= _("You have no permissions to change your password.");
       }
 
@@ -105,7 +108,7 @@ if (!$remove_lock){
       $display= $smarty->fetch(get_template_path("password.tpl", TRUE));
     }else{
       $expired= ldap_expired_account($config, $ui->dn, $ui->username);
-      
+     
       if($expired == 4){
         $display= $smarty->fetch(get_template_path("nochange.tpl", TRUE));
       }else{

diff --git a/plugins/personal/password/password.tpl b/plugins/personal/password/password.tpl
index ebd11d35041c7e2b9869f7dd0f5cc09cb069893b..ef813db5e38f16cfd1b3eee5f5a0b982ec56f6b9 100644 (file)
--- a/plugins/personal/password/password.tpl
+++ b/plugins/personal/password/password.tpl
@@ -7,33 +7,50 @@
 </p>
 
 <p>
+{if $NotAllowed}  
+ <b>{t}You have no permissions to change your password.{/t}</b>
+{else}
   {t}Changing the password affects your authentification on mail, proxy, samba and unix services.{/t}
+{/if}
 </p>
 
 <table summary="" style="vertical-align:top; text-align:left;" cellpadding=4 border=0>
   <tr>
     <td><b><LABEL for="current_password">{t}Current password{/t}</LABEL></b></td>
-    <td><input id="current_password" type="password" name="current_password" size="30" maxlength="40"
-               onFocus="nextfield= 'new_password';"></td>
+    <td>
+{render acl=$ChangeACL}
+       <input id="current_password" type="password" name="current_password" size="30" maxlength="40" onFocus="nextfield= 'new_password';">
+{/render}
+    </td>
   </tr>
   <tr>
     <td><b><LABEL for="new_password">{t}New password{/t}</LABEL></b></td>
-    <td><input id="new_password" type="password" name="new_password" size="30" maxlength="40"
-               onFocus="nextfield= 'repeated_password';"></td>
+    <td>
+{render acl=$ChangeACL}
+       <input id="new_password" type="password" name="new_password" size="30" maxlength="40" onFocus="nextfield= 'repeated_password';">
+{/render}
+    </td>
   </tr>
   <tr>
     <td><b><LABEL for="repeated_password">{t}Repeat new password{/t}</LABEL></b></td>
-    <td><input id="repeated_password" type="password" name="repeated_password" size="30" maxlength="40"
-               onFocus="nextfield= 'password_finish';"></td>
+    <td>
+{render acl=$ChangeACL}
+       <input id="repeated_password" type="password" name="repeated_password" size="30" maxlength="40" onFocus="nextfield= 'password_finish';">
+{/render}
+    </td>
   </tr>
 </table>
 
 <br>
 
 <p class="plugbottom">
+{render acl=$ChangeACL}
   <input type=submit name="password_finish" value="{t}Set password{/t}">
+{/render}
   &nbsp;
+{render acl=$ChangeACL}
   <input type=reset id="password_cancel" name="password_cancel" value="{t}Clear fields{/t}">
+{/render}
 </p>
 
 <input type="hidden" name="ignore">