![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bb90ef8)
raw | patch | inline | side by side (parent: bb90ef8)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Thu, 11 Jan 2007 10:10:49 +0000 (10:10 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Thu, 11 Jan 2007 10:10:49 +0000 (10:10 +0000) |
- You can't add members without acls.
- You can't use copy & paste without all acls.
- Delete of group is only possible if delete acl is given
- groupMail was updated to use new account toggle
- groupApplication too
git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5532 594d385d-05f5-0310-b6e9-bd551577e9d8
- You can't use copy & paste without all acls.
- Delete of group is only possible if delete acl is given
- groupMail was updated to use new account toggle
- groupApplication too
git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5532 594d385d-05f5-0310-b6e9-bd551577e9d8
index 651c2dd307702b6d9314e57b105040ab889f7864..51288bdc339d2598ea7be217e6726ea42d94cdac 100644 (file)
"goFaxBlocklist");
$ACLD['ogroup']= array("ogroup","create","delete","cn", "description", "gosaGroupObjects","base");
$ACLD['group']= array("cn",
+ "memberUid",
"create",
"delete",
"description",
"force_gid",
"password",
"gidNumber");
-$ACLD['appgroup']= array();
+$ACLD['appgroup']= array("create");
$ACLD['all']= array();
$ACLD['acl']= array('acl');
-$ACLD['mailgroup']= array("default_permission",
+$ACLD['mailgroup']= array(
+ "create",
+ "default_permission",
"imap_perms",
"member_permissions",
"mail",
diff --git a/plugins/admin/groups/class_divListGroup.inc b/plugins/admin/groups/class_divListGroup.inc
index b2feee42e4dac16f822aca4e4e556f89a6e25ff0..505985fa6bd70991d6450221a9d2581020bac942 100644 (file)
// Space
$empty = "<img class='center' src='images/empty.png' style='width:16px;height:16px;' alt=''>";
- /* Create action icons - copy & paste icons */
- $actions = "";
- if($this->parent->CopyPasteHandler){
- $actions.= "<input class='center' type='image'
- src='images/editcut.png' alt='"._("cut")."' name='cut_%KEY%' title='"._("Cut this entry")."'> ";
- $actions.= "<input class='center' type='image'
- src='images/editcopy.png' alt='"._("copy")."' name='copy_%KEY%' title='"._("Copy this entry")."'> ";
- }
- $actions.= "<input class='center' type='image'
- src='images/edit.png' alt='"._("edit")."' name='group_edit_%KEY%' title='"._("Edit this entry")."'>";
- $actions.= "<input class='center' type='image'
- src='images/edittrash.png' alt='"._("delete")."' name='group_del_%KEY%' title='"._("Delete this entry")."'>";
-
// User and Template Images
$editlink = "<a href='?plug=".$_GET['plug']."&id=%s&act=edit_entry'>%s</a>";
// Test Every Entry and generate divlist Array
foreach($groups as $key => $val){
+ $acl= get_permissions ($val['dn'], $this->ui->subtreeACL);
+ $acl= get_module_permission($acl, "user", $val['dn']);
+
+
+
+ /* Create action icons - copy & paste icons */
+ $actions = "";
+ if($this->parent->CopyPasteHandler && $acl == "#all#"){
+ $actions.= "<input class='center' type='image'
+ src='images/editcut.png' alt='"._("cut")."' name='cut_%KEY%' title='"._("Cut this entry")."'> ";
+ $actions.= "<input class='center' type='image'
+ src='images/editcopy.png' alt='"._("copy")."' name='copy_%KEY%' title='"._("Copy this entry")."'> ";
+ }
+ $actions.= "<input class='center' type='image'
+ src='images/edit.png' alt='"._("edit")."' name='group_edit_%KEY%' title='"._("Edit this entry")."'>";
+
+ if(chkacl($acl,"delete") == ""){
+ $actions.= "<input class='center' type='image'
+ src='images/edittrash.png' alt='"._("delete")."' name='group_del_%KEY%' title='"._("Delete this entry")."'>";
+ }
+
+
+
+
$posix=$mail=$samba=$appl=$phone=$enviro=$empty;
if(isset($val['objectClass'])){
diff --git a/plugins/admin/groups/class_groupApplication.inc b/plugins/admin/groups/class_groupApplication.inc
index 064b94e6bf79bb58c4735456090e50df220699b6..f6512315e1ff7fc4185d868452c147b8394dc3ac 100644 (file)
/* Do we need to flip is_account state? */
if (isset($_POST['modify_state'])){
- $this->is_account= !$this->is_account;
+
+ /* Onyl change account state if allowed */
+ if($this->is_account && $this->acl == "#all#"){
+ $this->is_account= !$this->is_account;
+ }elseif(!$this->is_account && chkacl($this->acl,"create") == ""){
+ $this->is_account= !$this->is_account;
+ }
}
/* Do we represent a valid group? */
diff --git a/plugins/admin/groups/class_groupGeneric.inc b/plugins/admin/groups/class_groupGeneric.inc
index dba7c496a53745fb9410f59249b686eb368ce143..9f1e5f31f421e2e5d574119a72816cb6ced7a40e 100644 (file)
}
/* Delete user from group */
- if (isset($_POST['del_users']) && isset($_POST['members'])){
+ if (isset($_POST['del_users']) && isset($_POST['members']) && chkacl($this->acl,"memberUid") ==""){
foreach ($_POST['members'] as $value){
unset ($this->members["$value"]);
$this->removeUser($value);
}
/* Add objects? */
- if (isset($_POST["edit_membership"])){
+ if (isset($_POST["edit_membership"]) && chkacl($this->acl,"memberUid") ==""){
$this->group_dialog= TRUE;
$this->dialog= TRUE;
}
$ui= get_userinfo();
$acl= get_permissions ($ui->dn, $ui->subtreeACL);
$acl= get_module_permission($acl, "group", $ui->dn);
- if (chkacl($this->acl, "create") != ""){
+ if ($this-> dn == "new" && chkacl($this->acl, "create") != ""){
$message[]= _("You have no permissions to create a group on this 'Base'.");
}
index b4bdc2962562fe5a5a8d1c9cd3ae86f04cccd983..cb0559b8f8bd57008e80e70ab7188d11a686cd23 100644 (file)
/* Do we need to flip is_account state? */
if (isset($_POST['modify_state'])){
- $this->is_account= !$this->is_account;
- }
+ /* Onyl change account state if allowed */
+ if($this->is_account && $this->acl == "#all#"){
+ $this->is_account= !$this->is_account;
+ }elseif(!$this->is_account && chkacl($this->acl,"create") == ""){
+ $this->is_account= !$this->is_account;
+ }
+ }
+
/* Do we represent a valid account? */
if (!$this->is_account && $this->parent == NULL){
diff --git a/plugins/admin/groups/class_groupManagement.inc b/plugins/admin/groups/class_groupManagement.inc
index 002cbb788a4c16979e36474dc60226344778122d..33fe9dfd6eb6d5f25664760c3aa0fd8629644ceb 100644 (file)
/* Only perform copy&paste requests if it is enabled
*/
- if($this->CopyPasteHandler){
- if($str = $this->copyPasteHandling($s_action,$s_entry)){
- return $str;
+ /* Get 'dn' from posted 'uid' */
+ if(in_array_ics($s_action,array("editPaste","cut","copy"))){
+
+ if(isset($this->grouplist[trim($s_entry)]['dn'])){
+ $dn= $this->grouplist[trim($s_entry)]['dn'];
+ }else{
+ $dn = $this->DivListGroup->selectedBase;
+ }
+
+ $acl= get_permissions ($dn, $this->ui->subtreeACL);
+ $acl= get_module_permission($acl, "group", $dn);
+
+ if($acl != "#all#"){
+ print_red (_("You are not allowed to execute this method!"));
+ }else{
+ /* Display the copy & paste dialog, if it is currently open */
+ $ret = $this->copyPasteHandling($s_action,$s_entry);
+ if($ret){
+ return($ret);
+ }
}
}
diff --git a/plugins/admin/users/class_userManagement.inc b/plugins/admin/users/class_userManagement.inc
index a7034846f8a1dce02c449f4be2914623982e0e87..b1c2c1b2b519ec1cef8151cc422d19733a23ea76 100644 (file)
/* Get 'dn' from posted 'uid' */
if(in_array_ics($s_action,array("editPaste","cut","copy"))){
- $dn= $this->list[trim($s_entry)]['dn'];
+
+ if(isset($this->list[trim($s_entry)]['dn'])){
+ $dn= $this->list[trim($s_entry)]['dn'];
+ }else{
+ $dn = $this->DivListUsers->selectedBase;
+ }
+
$acl= get_permissions ($dn, $this->ui->subtreeACL);
$acl= get_module_permission($acl, "user", $dn);