From: hickert Date: Thu, 31 Aug 2006 09:32:40 +0000 (+0000) Subject: Ogroup acl updates X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=8bc427075722dbf4a29020ba64cb4d4effb5dd99;p=gosa.git Ogroup acl updates git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4554 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/plugins/admin/ogroups/class_mailogroup.inc b/plugins/admin/ogroups/class_mailogroup.inc index 0fb270913..33aaf0120 100644 --- a/plugins/admin/ogroups/class_mailogroup.inc +++ b/plugins/admin/ogroups/class_mailogroup.inc @@ -48,9 +48,13 @@ class mailogroup extends plugin /* Initialize templating engine */ $smarty= get_smarty(); + $tmp = $this->plInfo(); + foreach($tmp['plProvidedAcls'] as $name => $translation){ + $smarty->assign($name."ACL",$this->getacl("mail")); + } + /* Assign mail attribute */ $smarty->assign("mail", $this->mail); - $smarty->assign("mailACL", chkacl($this->acl, "mail")); /* Show main page */ return ($display.$smarty->fetch (get_template_path('mail.tpl', TRUE))); @@ -149,7 +153,7 @@ class mailogroup extends plugin } - function plInfo() + function plInfo() { return (array( "plShortName" => _("Mail"), diff --git a/plugins/admin/ogroups/class_ogroup.inc b/plugins/admin/ogroups/class_ogroup.inc index 3243c5855..5867d460d 100644 --- a/plugins/admin/ogroups/class_ogroup.inc +++ b/plugins/admin/ogroups/class_ogroup.inc @@ -638,8 +638,7 @@ class ogroup extends plugin $message[]= _("There is already an object with this cn."); } - print_a($this); - if ($this->acl_is_createable()){ + if ($this->orig_dn == "new" && $this->acl_is_createable()){ $message[]= _("You have no permissions to create a group on this 'Base'."); } diff --git a/plugins/admin/ogroups/class_ogroupManagement.inc b/plugins/admin/ogroups/class_ogroupManagement.inc index 0c64897d7..a852876df 100644 --- a/plugins/admin/ogroups/class_ogroupManagement.inc +++ b/plugins/admin/ogroups/class_ogroupManagement.inc @@ -172,9 +172,8 @@ class ogroupManagement extends plugin /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ - $acl= get_permissions ($this->dn, $this->ui->subtreeACL); - $this->acl= get_module_permission($acl, "ogroup", $this->dn); - if (chkacl($this->acl, "delete") == ""){ + $acl = $this->ui->get_permissions($this->dn,"ogroup"); + if(preg_match("/d/",$acl)){ /* Check locking, save current plugin in 'back_plugin', so the dialog knows where to return. */ @@ -204,7 +203,8 @@ class ogroupManagement extends plugin /* Some nice guy may send this as POST, so we've to check for the permissions again. */ - if (chkacl($this->acl, "delete") == ""){ + $acl = $this->ui->get_permissions($this->dn,"groups"); + if(preg_match("/d/",$acl)){ /* Delete request is permitted, perform LDAP action */ $this->ogroup= new ogrouptabs($this->config, @@ -258,13 +258,9 @@ class ogroupManagement extends plugin above dialog */ add_lock ($this->dn, $this->ui->dn); - /* Set up the users ACL's for this 'dn' */ - $acl= get_permissions ($this->dn, $this->ui->subtreeACL); - /* Register grouptab to trigger edit dialog */ - $this->ogroup= new ogrouptabs($this->config, $this->config->data['TABS']['OGROUPTABS'], - $this->dn); - $this->ogroup->set_acl($acl); + $this->ogroup= new ogrouptabs($this->config, $this->config->data['TABS']['OGROUPTABS'], $this->dn, "ogroups"); + $this->ogroup->set_acl_base($this->dn); $_SESSION['objectinfo']= $this->dn; } diff --git a/plugins/admin/ogroups/class_termgroup.inc b/plugins/admin/ogroups/class_termgroup.inc index b6a505cb9..2d3d5e942 100644 --- a/plugins/admin/ogroups/class_termgroup.inc +++ b/plugins/admin/ogroups/class_termgroup.inc @@ -14,7 +14,6 @@ class termgroup extends plugin var $gotoNtpServers = array(); var $modes = array(); var $inheritTimeServer = true; - var $acl ; var $is_account = true; var $orig_dn = ""; var $didAction = FALSE; @@ -38,10 +37,6 @@ class termgroup extends plugin $ldap= $config->get_ldap_link(); $this->is_account = true; - $ui = get_userinfo(); - $acl = get_permissions ($this->dn, $ui->subtreeACL); - $this->acl = get_module_permission($acl, "group", $this->dn); - $this->modes["active"]= _("Activated"); $this->modes["locked"]= _("Locked"); // $this->modes["memcheck"]= _("Memory test"); @@ -109,7 +104,7 @@ class termgroup extends plugin /* Call common method to give check the hook */ $message= plugin::check(); - if (chkacl($this->acl, "create") != ""){ + if ($this->acl_is_createable()){ $message[]= _("You have no permissions to create a workstation on this 'Base'."); } @@ -235,15 +230,18 @@ class termgroup extends plugin /* Set government mode */ $smarty= get_smarty(); + $tmp = $this->plInfo(); + foreach($tmp['plProvidedAcls'] as $name => $translated) { + $smarty->assign($name."ACL",$this->getacl($name)); + } + foreach($this->attributes as $attr){ $smarty->assign($attr, $this->$attr); - $smarty->assign($attr."ACL",chkacl($this->acl,$this->$attr)); } /* Variables */ foreach(array("gotoMode","gotoNtpServer") as $val){ $smarty->assign($val."_select", $this->$val); - $smarty->assign($val."ACL", chkacl($this->acl, $val)); } $smarty->assign("actions", array("halt" => _("Switch off"), "reboot" => _("Reboot"), @@ -256,7 +254,6 @@ class termgroup extends plugin $smarty->assign("inheritTimeServer",$this->inheritTimeServer); $smarty->assign("modes", $this->modes); - $smarty->assign("actionACL", chkacl($this->acl, 'action')); $tmp = array(); foreach($this->gotoNtpServers as $server){ diff --git a/plugins/admin/ogroups/mail.tpl b/plugins/admin/ogroups/mail.tpl index 8039ab992..6dd9d7504 100644 --- a/plugins/admin/ogroups/mail.tpl +++ b/plugins/admin/ogroups/mail.tpl @@ -8,7 +8,11 @@ - +
{$must} +{render acl=$mailACL} + +{/render} +
diff --git a/plugins/admin/ogroups/tabs_ogroups.inc b/plugins/admin/ogroups/tabs_ogroups.inc index a8944ce26..35d19c4ff 100644 --- a/plugins/admin/ogroups/tabs_ogroups.inc +++ b/plugins/admin/ogroups/tabs_ogroups.inc @@ -3,7 +3,8 @@ class ogrouptabs extends tabs { var $base= ""; - + var $acl_category; + function reload($dd){ $objects= preg_replace('/[\[\]]/', '', $dd); @@ -117,6 +118,12 @@ class ogrouptabs extends tabs unset($this->by_name['reference']); $this->by_name['reference'] = $tmp; } + + /* Reset acls */ + $this->set_acl_base($this->base); + foreach($this->by_object as $name => $obj){ + $this->by_object[$name]->set_acl_category($this->acl_category); + } } function execute(){ @@ -133,6 +140,7 @@ class ogrouptabs extends tabs tabs::tabs($config, $data, $dn, $category); $this->base= $this->by_object['ogroup']->base; + $this->acl_category = $category; /* Insert extra tabs for several object types - if present */ diff --git a/plugins/admin/ogroups/termgroup.tpl b/plugins/admin/ogroups/termgroup.tpl index 009d9a51f..b35458c99 100644 --- a/plugins/admin/ogroups/termgroup.tpl +++ b/plugins/admin/ogroups/termgroup.tpl @@ -12,18 +12,27 @@

+{render acl=$gotoNtpServerACL} +{/render}
- {html_options output=$gotoNtpServers values=$gotoNtpServers} - - +{/render}
@@ -37,18 +46,22 @@ {t}Mode{/t} - {html_options options=$modes selected=$gotoMode_select} +{/render}   - {html_options values=$syslogservers output=$syslogservers selected=$gotoSyslogServer_select} +{/render} @@ -76,13 +89,17 @@
- {html_options options=$actions} +{/render} +{render acl=$FAIstateACL} +{/render}