From: hickert Date: Thu, 11 Jan 2007 11:34:02 +0000 (+0000) Subject: Fixed application acls X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=c7e77393c473e9fa42cd79827933bad25eb294b3;p=gosa.git Fixed application acls git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5536 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/plugins/admin/applications/class_applicationGeneric.inc b/plugins/admin/applications/class_applicationGeneric.inc index a2f7acccf..746dbd117 100644 --- a/plugins/admin/applications/class_applicationGeneric.inc +++ b/plugins/admin/applications/class_applicationGeneric.inc @@ -132,7 +132,7 @@ class application extends plugin $head = $this->generateTemplate(); $this->gotoLogonScript= $this->generateTemplate().preg_replace('/.*### END HEADER ###/s', '', $this->gotoLogonScript); - if((isset($_POST['upLoad']))&&(isset($_FILES['ScriptFile']))){ + if((isset($_POST['upLoad']))&&(isset($_FILES['ScriptFile'])) && chkacl($this->acl,"gotoLogonScript") == ""){ $str = file_get_contents($_FILES['ScriptFile']['tmp_name']); $this->gotoLogonScript = $str; } @@ -151,7 +151,7 @@ class application extends plugin /* Base select dialog */ $once = true; foreach($_POST as $name => $value){ - if(preg_match("/^chooseBase/",$name) && $once){ + if(preg_match("/^chooseBase/",$name) && $once && chkacl($this->acl,"base") == ""){ $once = false; $this->dialog = new baseSelectDialog($this->config); $this->dialog->setCurrentBase($this->base); @@ -267,7 +267,7 @@ class application extends plugin } /* Check for picture upload */ - if (isset($_FILES['picture_file']['name']) && $_FILES['picture_file']['name'] != ""){ + if (isset($_FILES['picture_file']['name']) && $_FILES['picture_file']['name'] != "" && chkacl($this->acl,"gosaApplicationIcon") == ""){ if (!is_uploaded_file($_FILES['picture_file']['tmp_name'])) { print_red (_("The specified picture has not been uploaded correctly.")); } diff --git a/plugins/admin/applications/class_applicationParameters.inc b/plugins/admin/applications/class_applicationParameters.inc index a1655a78f..f72339f96 100644 --- a/plugins/admin/applications/class_applicationParameters.inc +++ b/plugins/admin/applications/class_applicationParameters.inc @@ -15,6 +15,7 @@ class applicationParameters extends plugin var $CopyPasteVars = array("option_name","option_value"); var $attributes= array("gosaApplicationParameter"); var $objectclasses= array(); +var $ui; function applicationParameters ($config, $dn= NULL, $parent= NULL) { @@ -35,6 +36,7 @@ class applicationParameters extends plugin } else { $this->is_account= FALSE; } + $this->ui = get_userinfo(); } function execute() @@ -42,8 +44,11 @@ class applicationParameters extends plugin /* Call parent execute */ plugin::execute(); + $acl= get_permissions ($this->dn, $this->ui->subtreeACL); + $this->acl= get_module_permission($acl, "application", $this->dn); + /* Do we need to flip is_account state? */ - if (isset($_POST['modify_state'])){ + if (isset($_POST['modify_state']) && chkacl($this->acl,"gotoLogonScript")==""){ $this->is_account= !$this->is_account; } @@ -68,22 +73,25 @@ class applicationParameters extends plugin $this->option_value[$i]= ""; } - /* Remove value from list */ - for ($i= 0; $ioption_name); $i++){ - if (isset($_POST["remove$i"])){ - $k= 0; - $on= array(); - $ov= array(); - for ($j= 0; $joption_name); $j++){ - if ($j != $i){ - $on[$k]= $this->option_name[$j]; - $ov[$k]= $this->option_value[$j]; - $k++; + if(chkacl($this->acl,"gotoLogonScript") == ""){ + + /* Remove value from list */ + for ($i= 0; $ioption_name); $i++){ + if (isset($_POST["remove$i"])){ + $k= 0; + $on= array(); + $ov= array(); + for ($j= 0; $joption_name); $j++){ + if ($j != $i){ + $on[$k]= $this->option_name[$j]; + $ov[$k]= $this->option_value[$j]; + $k++; + } } + $this->option_name= $on; + $this->option_value= $ov; + break; } - $this->option_name= $on; - $this->option_value= $ov; - break; } } @@ -146,15 +154,17 @@ class applicationParameters extends plugin /* Save data to object */ function save_object() { - if (isset($_POST['option0'])){ - for ($i= 0; $ioption_name); $i++){ - $this->option_name[$i]= $_POST["option$i"]; - $this->option_value[$i]= ""; - if ($_POST["value$i"] != ""){ - $this->option_value[$i]= $_POST["value$i"]; - } - } - } + if(chkacl($this->acl,"gotoLogonScript") == ""){ + if (isset($_POST['option0'])){ + for ($i= 0; $ioption_name); $i++){ + $this->option_name[$i]= $_POST["option$i"]; + $this->option_value[$i]= ""; + if ($_POST["value$i"] != ""){ + $this->option_value[$i]= $_POST["value$i"]; + } + } + } + } } diff --git a/plugins/admin/applications/class_divListApplication.inc b/plugins/admin/applications/class_divListApplication.inc index 834b097e9..4676a4bb7 100755 --- a/plugins/admin/applications/class_divListApplication.inc +++ b/plugins/admin/applications/class_divListApplication.inc @@ -126,6 +126,9 @@ class divListApplication extends MultiSelectWindow foreach($list as $key => $val){ + $acl= get_permissions ($val['dn'], $this->ui->subtreeACL); + $acl= get_module_permission($acl, "application", $val['dn']); + /* Get state */ $state = ""; if(isset($val['FAIstate'])){ @@ -137,20 +140,28 @@ class divListApplication extends MultiSelectWindow /* Create action icons */ $actions = ""; - if(($this->parent->CopyPasteHandler) && (!$is_freezed)){ - $actions.= " "; + + if($acl == "#all#"){ + if(($this->parent->CopyPasteHandler) && (!$is_freezed)){ + $actions.= " "; + } + if($this->parent->CopyPasteHandler){ + $actions.= " "; + } } - $actions.= " "; $actions.= ""; if($is_freezed){ $actions.= " "; }else{ - $actions.= ""; + + if(chkacl($acl,"delete") == ""){ + $actions.= ""; + } } diff --git a/plugins/admin/groups/acl_definition.inc b/plugins/admin/groups/acl_definition.inc index 51288bdc3..158c80521 100644 --- a/plugins/admin/groups/acl_definition.inc +++ b/plugins/admin/groups/acl_definition.inc @@ -429,8 +429,14 @@ $ACLD['mailqueue'] = array("mailqueue","unhold_all","hold_all","del_all","reque $ACLD['ldapmanager']= array("ldapmanager","import","export","xlsexport","csvimport"); $ACLD['FAIclass'] = array( - // Allow displaying of FAI menu element + +$ACLD['phonequeue'] = array( "create","goFonTimeOut","goFonMaxLen","goFonAnnounceFrequency","goFonDialOption_t","goFonDialOption_T", + "goFonDialOption_h","goFonDialOption_r","cn","goFonHomeServer", + "goFonDialOption_H","goFonMusiconHold","goFonWelcomeMusic","goFonQueueReportHold","goFonQueueYouAreNext", + "goFonQueueThereAre","goFonQueueCallsWaiting","goFonQueueThankYou","goFonQueueMinutes","goFonQueueSeconds","goFonQueueLessThan", + "telephoneNumber","goFonQueueLanguage","goFonQueueStrategy","goFonQueueAnnounceHoldtime","goFonQueueAnnounce","goFonDialOption","goFonQueueRetry"); // Allow displaying of FAI menu element "FAIclass" => "FAI management enabled"); $ACLD['goFonMacro'] =array("goFonMacro","edit","delete"); +$ACLD['mailogroup'] = array("create"); ?>