From: hickert Date: Thu, 30 Aug 2007 08:26:47 +0000 (+0000) Subject: Updated service acls, only allow editing for services we have acls for X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=a7a64fcb62506d095ec99cebbb0f73b98656c24c;p=gosa.git Updated service acls, only allow editing for services we have acls for git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@7167 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/plugins/admin/systems/class_divListSystemService.inc b/plugins/admin/systems/class_divListSystemService.inc index d48a3858d..041f339b1 100644 --- a/plugins/admin/systems/class_divListSystemService.inc +++ b/plugins/admin/systems/class_divListSystemService.inc @@ -79,6 +79,8 @@ class divListSystemService extends MultiSelectWindow $tmp2[$name] = $list[$name]; } + $ui = get_userinfo(); + foreach($tmp2 as $name => $entry){ switch($entry['Status']){ @@ -89,6 +91,12 @@ class divListSystemService extends MultiSelectWindow default: $str= "".$entry["; } + /* Get acls */ + $acl = $ui->get_permissions($this->parent->dn,"server/".$name); + if(preg_match("/w/i",$acl) && !preg_match("/r/i",$acl)){ + continue; + } + $WasAccount = $this->parent->plugins[$name] -> initially_was_account; $field1 = array("string" => $str ,"attach" => "style='width:20px;'"); @@ -113,13 +121,17 @@ class divListSystemService extends MultiSelectWindow }else{ $actions .= " "; } - if($entry['AllowEdit']){ + + /* Check if edit is enabled and allowed for current service */ + if($entry['AllowEdit'] && preg_match("/(r|w)/i",$acl)){ $actions .= " "; }else{ $actions .= " "; } - if($entry['AllowRemove']){ + + /* Check if remove is enabled and allowed for current service */ + if($entry['AllowRemove'] && preg_match("/d/i",$acl)){ $actions .= " "; }else{ diff --git a/plugins/admin/systems/class_servDNSeditZone.inc b/plugins/admin/systems/class_servDNSeditZone.inc index 500739c2d..615ede4bc 100644 --- a/plugins/admin/systems/class_servDNSeditZone.inc +++ b/plugins/admin/systems/class_servDNSeditZone.inc @@ -201,8 +201,11 @@ class servdnseditZone extends plugin plugin::execute(); + /* Fill templating stuff */ $smarty= get_smarty(); + $ui = get_userinfo(); + $smarty->assign("ACLs",$ui->get_permissions($this->dn,"server/servdns")); $display= ""; /* Open Zone Entry Edit Dialog diff --git a/plugins/admin/systems/class_serverService.inc b/plugins/admin/systems/class_serverService.inc index e417b38fe..239a5476e 100644 --- a/plugins/admin/systems/class_serverService.inc +++ b/plugins/admin/systems/class_serverService.inc @@ -167,7 +167,7 @@ class ServerService extends plugin /* Abort dialog Restore vars with values before editing */ - if(isset($_POST['CancelService'])){ + if(isset($_POST['CancelService']) && !empty($this->current)){ if($this->backup == NULL){ $this->plugins[$this->current] = new $this->current($this->config,$this->dn); $this->plugins[$this->current]-> set_acl_base($this->acl_base); diff --git a/plugins/admin/systems/servdnseditzone.tpl b/plugins/admin/systems/servdnseditzone.tpl index 2e7c969be..1136dba53 100644 --- a/plugins/admin/systems/servdnseditzone.tpl +++ b/plugins/admin/systems/servdnseditzone.tpl @@ -6,22 +6,30 @@ {t}Zone name{/t}{$must} - + +{render acl=$ACLs} + +{/render} {t}Network address{/t}{$must} - + +{render acl=$ACLs} + +{/render} {t}Netmask{/t} +{render acl=$ACLs} +{/render} @@ -37,7 +45,9 @@ {/if} +{render acl=$ACLs} +{/render} @@ -53,19 +63,28 @@ {t}Primary dns server for this zone{/t}{$must} - + +{render acl=$ACLs} + +{/render} {t}Mail address{/t}{$must} - + +{render acl=$ACLs} + +{/render} {t}Serial number (automatically incremented){/t}{$must} - + +{render acl=$ACLs} + +{/render} @@ -75,25 +94,37 @@ {t}Refresh{/t}{$must} - + +{render acl=$ACLs} + +{/render} {t}Retry{/t}{$must} - + +{render acl=$ACLs} + +{/render} {t}Expire{/t}{$must} - + +{render acl=$ACLs} + +{/render} {t}TTL{/t}{$must} - + +{render acl=$ACLs} + +{/render} @@ -110,22 +141,32 @@
+{render acl=$ACLs} {$Mxrecords} +{/render} +{render acl=$ACLs} +{/render} +{render acl=$ACLs} +{/render}

{t}Global zone records{/t}

+{render acl=$ACLs} {$records} +{/render}

+{render acl=$ACLs} +{/render}