From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Tue, 31 Oct 2006 07:31:52 +0000 (+0000)
Subject: Added acl check
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=be6a0e4897da0b88b201934fc652e688898885c6;p=gosa.git

Added acl check


git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4969 594d385d-05f5-0310-b6e9-bd551577e9d8
---

diff --git a/html/getxls.php b/html/getxls.php
index ef5acfb9a..ef1ca5b6c 100644
--- a/html/getxls.php
+++ b/html/getxls.php
@@ -28,7 +28,6 @@ function dump_ldap ($mode= 0)
 {
   global $config;
   $ldap= $config->get_ldap_link();
-  error_reporting (E_ALL & ~E_NOTICE);
 
   $display = "";
   if($mode == 2){	// Single Entry Export !
@@ -401,7 +400,6 @@ function dump_ldap ($mode= 0)
 /* Basic setup, remove eventually registered sessions */
 @require_once ("../include/php_setup.inc");
 @require_once ("functions.inc");
-error_reporting (E_ALL);
 session_start ();
 
 /* Logged in? Simple security check */
@@ -410,8 +408,17 @@ if (!isset($_SESSION['ui'])){
   header ("Location: index.php");
   exit;
 }
-$ui= $_SESSION["ui"];
-$config= $_SESSION['config'];
+$ui     = $_SESSION["ui"];
+$config = $_SESSION['config'];
+
+
+/* Check ACL's */
+$dn =  base64_decode($_GET['n']);
+$acl = $ui->get_permissions($dn,"ldapmanager/xlsexport");
+if(!preg_match("/r/",$acl)){
+  echo "insufficient permissions";
+  exit();
+}
 
 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
@@ -421,14 +428,6 @@ header("Cache-Control: post-check=0, pre-check=0");
 
 header("Content-type: text/plain");
 
-/* Check ACL's */
-$acl= get_permissions ($config->current['BASE'], $ui->subtreeACL);
-$acl= get_module_permission($acl, "all", $config->current['BASE']);
-if (chkacl($acl, "all") != ""){
-  header ("Location: index.php");
-  exit;
-}
-
 switch ($_GET['ivbb']){
   case 2: dump_ldap (2);
           break;