From: hickert Date: Thu, 29 May 2008 09:55:03 +0000 (+0000) Subject: Updated snap shot acls X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=76b4d57077969473f81d0aab71bc734c2009a8d7;p=gosa.git Updated snap shot acls git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11102 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/gosa-core/include/class_SnapShotDialog.inc b/gosa-core/include/class_SnapShotDialog.inc index fb7cb1f79..50b3ae29b 100644 --- a/gosa-core/include/class_SnapShotDialog.inc +++ b/gosa-core/include/class_SnapShotDialog.inc @@ -76,33 +76,26 @@ class SnapShotDialog extends plugin $entry = preg_replace("/^RemoveSnapShot_/","",$name); $entry = base64_decode(preg_replace("/_[xy]$/","",$entry)); - /* Check if we are allowed to handle snapshots - */ - if($ui->allow_snapshot_restore($entry,$this->parent->acl_module)){ - - $found = false; - foreach($this->last_list as $t_stamp => $obj){ - if($obj['dn'] == $entry){ - $found = true; - break; - } + $found = false; + foreach($this->last_list as $t_stamp => $obj){ + if($obj['dn'] == $entry){ + $found = true; + break; } + } - if($found){ - $this->del_dn = $entry; - $smarty= get_smarty(); - $smarty->assign("intro", sprintf(_("You're about to delete the snapshot '%s'."), @LDAP::fix($this->del_dn))); - return($smarty->fetch (get_template_path('remove.tpl'))); - } + if($found){ + $this->del_dn = $entry; + $smarty= get_smarty(); + $smarty->assign("intro", sprintf(_("You're about to delete the snapshot '%s'."), @LDAP::fix($this->del_dn))); + return($smarty->fetch (get_template_path('remove.tpl'))); } } } /* Remove snapshot */ if(isset($_POST['delete_confirm']) && !empty($this->del_dn)){ - if($ui->allow_snapshot_restore($this->del_dn,$this->parent->acl_module)){ - $this->remove_snapshot($this->del_dn); - } + $this->remove_snapshot($this->del_dn); $this->del_dn = ""; } @@ -135,10 +128,8 @@ class SnapShotDialog extends plugin foreach($tmp as $key => $entry){ /* Check permissions */ - if($ui->allow_snapshot_restore($entry['dn'],$this->parent->acl_module)){ - $TimeStamp = $entry['gosaSnapshotTimestamp'][0]; - $list_of_elements[$TimeStamp] = $entry; - } + $TimeStamp = $entry['gosaSnapshotTimestamp'][0]; + $list_of_elements[$TimeStamp] = $entry; } /* Sort generated list */ diff --git a/gosa-core/include/class_plugin.inc b/gosa-core/include/class_plugin.inc index f038fbf56..1c7b2d87c 100644 --- a/gosa-core/include/class_plugin.inc +++ b/gosa-core/include/class_plugin.inc @@ -1503,9 +1503,16 @@ class plugin } - function showSnapshotDialog($base,$baseSuffixe) + function showSnapshotDialog($base,$baseSuffixe,&$parent) { $once = true; + $ui = get_userinfo(); + $this->parent = $parent; + + if(!isset($this->acl_module)){ + return("VERDAMMT"); + } + foreach($_POST as $name => $value){ /* Create a new snapshot, display a dialog */ @@ -1513,26 +1520,40 @@ class plugin $once = false; $entry = preg_replace("/^CreateSnapShotDialog_/","",$name); $entry = base64_decode(preg_replace("/_[xy]$/","",$entry)); - $this->snapDialog = new SnapShotDialog($this->config,$entry,$this); - } + if(!empty($entry) && $ui->allow_snapshot_create($entry,$this->parent->acl_module)){ + $this->snapDialog = new SnapShotDialog($this->config,$entry,$this); + }else{ + msg_dialog::display(_("Permission"),sprintf(_("You are not allowed to create a snapshot for %s."),$entry),ERROR_DIALOG); + } + } + /* Restore a snapshot, display a dialog with all snapshots of the current object */ if(preg_match("/^RestoreSnapShotDialog_/",$name) && $once){ $once = false; $entry = preg_replace("/^RestoreSnapShotDialog_/","",$name); $entry = base64_decode(preg_replace("/_[xy]$/","",$entry)); - $this->snapDialog = new SnapShotDialog($this->config,$entry,$this); - $this->snapDialog->display_restore_dialog = true; + if(!empty($entry) && $ui->allow_snapshot_restore($entry,$this->parent->acl_module)){ + $this->snapDialog = new SnapShotDialog($this->config,$entry,$this); + $this->snapDialog->display_restore_dialog = true; + }else{ + msg_dialog::display(_("Permission"),sprintf(_("You are not allowed to restore a snapshot for %s."),$entry),ERROR_DIALOG); + } } /* Restore one of the already deleted objects */ if(((isset($_POST['menu_action']) && $_POST['menu_action'] == "RestoreDeletedSnapShot") || preg_match("/^RestoreDeletedSnapShot_/",$name)) && $once){ $once = false; - $this->snapDialog = new SnapShotDialog($this->config,"",$this); - $this->snapDialog->set_snapshot_bases($baseSuffixe); - $this->snapDialog->display_restore_dialog = true; - $this->snapDialog->display_all_removed_objects = true; + + if($ui->allow_snapshot_restore($base,$this->parent->acl_module)){ + $this->snapDialog = new SnapShotDialog($this->config,"",$this); + $this->snapDialog->set_snapshot_bases($baseSuffixe); + $this->snapDialog->display_restore_dialog = true; + $this->snapDialog->display_all_removed_objects = true; + }else{ + msg_dialog::display(_("Permission"),sprintf(_("You are not allowed to restore a snapshot for %s."),$base),ERROR_DIALOG); + } } /* Restore selected snapshot */ @@ -1540,9 +1561,11 @@ class plugin $once = false; $entry = preg_replace("/^RestoreSnapShot_/","",$name); $entry = base64_decode(trim(preg_replace("/_[xy]$/","",$entry))); - if(!empty($entry)){ + if(!empty($entry) && $ui->allow_snapshot_restore($entry,$this->parent->acl_module)){ $this->restore_snapshot($entry); $this->snapDialog = NULL; + }else{ + msg_dialog::display(_("Permission"),sprintf(_("You are not allowed to restore a snapshot for %s."),$entry),ERROR_DIALOG); } } } diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc index 3c9d363cb..25d0d3265 100644 --- a/gosa-core/include/class_userinfo.inc +++ b/gosa-core/include/class_userinfo.inc @@ -248,12 +248,12 @@ class userinfo } $r = $w = $c = TRUE; foreach($object as $category){ - $w |= preg_match("/w/",$this->has_complete_category_acls($dn, $category)); - $c |= preg_match("/c/",$this->has_complete_category_acls($dn, $category)); - $r |= preg_match("/r/",$this->has_complete_category_acls($dn, $category)); -# print_a(array($category => $w.$c.$r)); + $w &= preg_match("/w/",$this->has_complete_category_acls($dn, $category)); + $c &= preg_match("/c/",$this->has_complete_category_acls($dn, $category)); + $r &= preg_match("/r/",$this->has_complete_category_acls($dn, $category)); +# print_a(array($category => array($r.$w.$c))); } - return($r); + return($r && $w && $c); } @@ -264,11 +264,17 @@ class userinfo */ function allow_snapshot_create($dn, $object) { - $w = preg_match("/w/",$this->has_complete_category_acls($dn, $object)); - $c = preg_match("/c/",$this->has_complete_category_acls($dn, $object)); - $r = preg_match("/r/",$this->has_complete_category_acls($dn, $object)); -# print_a(array($object => $w.$c.$r)); - return($r && $w && $c) ; + if(!is_array($object)){ + $object = array($object); + } + $r = $w = $c = TRUE; + foreach($object as $category){ + $w &= preg_match("/w/",$this->has_complete_category_acls($dn, $category)); + $c &= preg_match("/c/",$this->has_complete_category_acls($dn, $category)); + $r &= preg_match("/r/",$this->has_complete_category_acls($dn, $category)); +# print_a(array($category => array($r.$w.$c))); + } + return($r) ; }