[tokkee]

tokkee.org

Code

projects / gosa.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 145099f)
Base selection
authorhickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Mon, 7 Nov 2005 09:20:16 +0000 (09:20 +0000)
committerhickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Mon, 7 Nov 2005 09:20:16 +0000 (09:20 +0000)
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@1846 594d385d-05f5-0310-b6e9-bd551577e9d8

plugins/personal/generic/class_user.inc patch | blob | history

diff --git a/plugins/personal/generic/class_user.inc b/plugins/personal/generic/class_user.inc
index d45ab8c7cb33ca61b70660c5db0269d33acd3f57..94444d1f2ce796c5d604db67d4b1d8c1b605ef22 100644 (file)
--- a/plugins/personal/generic/class_user.inc
+++ b/plugins/personal/generic/class_user.inc
@@ -437,11 +437,12 @@ class user extends plugin
     }
 
     /* Show us the edit screen */
-    $smarty->assign("bases", $this->config->idepartments);
+    $smarty->assign("bases", $this->allowedBasesToMoveTo());
+//  $smarty->assign("bases", $this->config->idepartments);
     $smarty->assign("base_select", $this->base);
-    $smarty->assign("selectmode", chkacl($this->acl, "create"));
-    $smarty->assign("certificatesACL", chkacl($this->acl, "certificates"));
-    $smarty->assign("jpegPhotoACL", chkacl($this->acl, "jpegPhoto"));
+    $smarty->assign("selectmode",       chkacl($this->acl, "create"));
+    $smarty->assign("certificatesACL",  chkacl($this->acl, "certificates"));
+    $smarty->assign("jpegPhotoACL",     chkacl($this->acl, "jpegPhoto"));
 
     /* Prepare password hashes */
     if ($this->pw_storage == ""){
@@ -499,9 +500,8 @@ class user extends plugin
         $smarty->assign("has_phoneaccount", "false");
       }
     } else {
-        $smarty->assign("has_phoneaccount", "false");
+      $smarty->assign("has_phoneaccount", "false");
     }
-
     return($smarty->fetch (get_template_path('generic.tpl', TRUE, dirname(__FILE__))));
   }
 
@@ -1145,6 +1145,42 @@ class user extends plugin
     }
   }
 
+  /* This avoids that users move themselves out of their rights. 
+   */
+  function allowedBasesToMoveTo()
+  {
+    $allowed = array();
+    $ret_all = false;
+    if($this->uid == $_SESSION['ui']->username){
+      $ldap= $this->config->get_ldap_link(); 
+      $ldap->cd($this->config->current['BASE']); 
+      $ldap->search("(&(objectClass=posixGroup)(memberUid=".$_SESSION['ui']->username."))",array("gosaSubtreeACL"));
+       
+      while($attrs = $ldap->fetch()){
+        foreach($attrs['gosaSubtreeACL'] as $attr){
+          if((preg_match("/:user#/",$attr))||(preg_match("/:all/",$attr))){
+            $s =  preg_replace("/^.*ou=groups,/","",$attrs['dn']);
+
+            foreach($this->config->idepartments as $key => $dep) {
+              if(preg_match("/".$s."/i",$key)){
+                $allowed[$key] = $dep;
+              }
+            }
+          }
+        }
+      }
+      return($allowed);
+    }else{
+      return($this->config->idepartments);
+    }
+  } 
+
+
+
+
+
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
GONICUS system administrator (SVN clone)