From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Thu, 7 Jan 2010 08:34:47 +0000 (+0000)
Subject: Added permission check
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=286b07c21cf3405508aacff4b65345d3882adaab;p=gosa.git

Added permission check


git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@15094 594d385d-05f5-0310-b6e9-bd551577e9d8
---

diff --git a/gosa-plugins/fai/admin/fai/class_faiManagement.inc b/gosa-plugins/fai/admin/fai/class_faiManagement.inc
index 8fd3847eb..141cff98b 100644
--- a/gosa-plugins/fai/admin/fai/class_faiManagement.inc
+++ b/gosa-plugins/fai/admin/fai/class_faiManagement.inc
@@ -351,9 +351,14 @@ class faiManagement extends management
   function removeFAIObjects($to_delete)
   {
     // Do not allow to remove objects with state freeezed
-    $errors=array();
+    $errors = $disallowed = array();
+  
     foreach($to_delete as $obj){
-      if(isset($obj['FAIstate']) && preg_match('/^freeze/', $obj['FAIstate'])){
+      $type = $this->get_type($obj);
+      $acl  = $this->ui->get_permissions($obj['dn'],"fai/".$type[1]);
+      if(!preg_match("/d/",$acl)){
+        $disallowed[] = $obj['dn'];
+      }elseif(isset($obj['FAIstate']) && preg_match('/^freeze/', $obj['FAIstate'])){
         $errors[] = $obj['dn'];
       }else{
         $this->dns[] = $obj['dn'];
@@ -363,6 +368,9 @@ class faiManagement extends management
       msg_dialog::display(_("Branch locked"),
           sprintf(_("The following entries are locked, you can't remove them %s."),msgPool::buildList($errors)),INFO_DIALOG);
     }
+    if(count($disallowed)){ 
+      msg_dialog::display(_("Permission error"), msgPool::permDelete($disallowed), ERROR_DIALOG);
+    }
 
     // Check entry locking
     if(count($this->dns)){