From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Mon, 21 Jul 2008 13:22:40 +0000 (+0000)
Subject: Added krb Service ACLs.
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=688afab9cdf95c4446f9e2611d8cd04411f8b5e9;p=gosa.git

Added krb Service ACLs.


git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11733 594d385d-05f5-0310-b6e9-bd551577e9d8
---

diff --git a/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc b/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc
index 4da99745c..100211c60 100644
--- a/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc
+++ b/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc
@@ -167,7 +167,7 @@ class krbHostKeys extends plugin
   {
     /* Skip if there is no kerberos support available 
      */
-    if(!$this->kerberos_support) return("");
+    if(!$this->kerberos_support || !$this->acl_is_readable("0")) return("");
 
     /* Check if naming context has changed,
        in this case ask user if he wants to update the keys. 
@@ -243,6 +243,12 @@ class krbHostKeys extends plugin
       <input type='image' class='center' name='remove_%ID%'
       alt='{t}Remove key{/t}' title='{t}Remove key{/t}' src='images/lists/trash.png'>";
 
+    /* Check ACLs */
+    if(!$this->acl_is_writeable("0")){
+      $new = $rec = "";
+    }
+    
+
     foreach($this->server_list as $mac => $server){
 
       /* Recreate/Remove actions */
@@ -377,6 +383,8 @@ class krbHostKeys extends plugin
   {
     if(!isset($this->last_list[$prefix])) return; // No posts for us 
 
+    if(!$this->acl_is_writeable("0")) return; // No permissions to change anything
+
     foreach($_POST as $name => $value){
       if(preg_match("/^create_/",$name)){
         $id = preg_replace("/^create_([0-9]*)_.*$/","\\1",$name);