From: hickert Date: Fri, 2 Feb 2007 06:08:39 +0000 (+0000) Subject: Added acl fix. X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=da7bf1a88d7f0c6f83dc788fa52834ac66815ec3;p=gosa.git Added acl fix. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@5678 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/include/class_plugin.inc b/include/class_plugin.inc index 92cd6ae7c..0b50f3fd3 100644 --- a/include/class_plugin.inc +++ b/include/class_plugin.inc @@ -1510,6 +1510,94 @@ class plugin return($deps); } + /* This function modifies object acls too, if an object is moved. + * $old_dn specifies the actually used dn + * $new_dn specifies the destiantion dn + */ + function update_acls($old_dn,$new_dn) + { + global $config; + + /* Check if old_dn is empty. This should never happen */ + if(empty($old_dn) || empty($new_dn)){ + trigger_error("Failed to check acl dependencies, wrong dn given."); + return; + } + + /* Object was moved, ensure that all acls will be moved too */ + if($new_dn != $old_dn && $old_dn != "new"){ + + /* get_ldap configuration */ + $update = array(); + $ldap = $config->get_ldap_link(); + $ldap->cd ($config->current['BASE']); + $ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*))",array("cn","gosaAclEntry")); + while($attrs = $ldap->fetch()){ + + $acls = array(); + + /* Walk through acls */ + for($i = 0 ; $i < $attrs['gosaAclEntry']['count'] ; $i ++ ){ + + /* Reset vars */ + $found = false; + + /* Get Acl parts */ + $acl_parts = split(":",$attrs['gosaAclEntry'][$i]); + + /* Get every single member for this acl */ + $members = array(); + if(preg_match("/,/",$acl_parts[2])){ + $members = split(",",$acl_parts[2]); + }else{ + $members = array($acl_parts[2]); + } + + /* Check if member match current dn */ + foreach($members as $key => $member){ + + $member = base64_decode($member); + if($member == $old_dn){ + $found = true; + $members[$key] = base64_encode($new_dn); + } + } + + $new_members = ""; + foreach($members as $member){ + $new_members .= $member.","; + } + $new_members = preg_replace("/,$/","",$new_members); + $acl_parts[2] = $new_members; + + $acl_str =""; + foreach($acl_parts as $t){ + $acl_str .= $t.":"; + } + $acl_str = preg_replace("/:$/","",$acl_str); + + $acls[] = $acl_str; + + } + /* Acls for this object must be adjusted */ + if($found){ + + echo "Changing ACL dn from :
 -  to".$old_dn."
 - ".$new_dn."
"; + + $update[$attrs['dn']] =array(); + foreach($acls as $acl){ + $update[$attrs['dn']]['gosaAclEntry'][] = $acl; + } + } + } + + /* Write updated acls */ + foreach($update as $dn => $attrs){ + $ldap->cd($dn); + $ldap->modify($attrs); + } + } + } } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?> diff --git a/plugins/admin/groups/tabs_group.inc b/plugins/admin/groups/tabs_group.inc index bcf4e3f09..7800319c5 100644 --- a/plugins/admin/groups/tabs_group.inc +++ b/plugins/admin/groups/tabs_group.inc @@ -62,6 +62,7 @@ class grouptabs extends tabs /* Write entry on new 'dn' */ if ($this->dn != "new"){ + $baseobject->update_acls($this->dn,$new_dn); $baseobject->move($this->dn, $new_dn); $this->by_object['group']= $baseobject; } diff --git a/plugins/admin/users/tabs_user.inc b/plugins/admin/users/tabs_user.inc index e5f4c3a81..25dfee8c2 100644 --- a/plugins/admin/users/tabs_user.inc +++ b/plugins/admin/users/tabs_user.inc @@ -134,6 +134,9 @@ class usertabs extends tabs /* Write entry on new 'dn' */ $baseobject->cn= $pt.$baseobject->givenName." ".$baseobject->sn; + + /* Udpate acls */ + $baseobject->update_acls($this->dn,$new_dn); $baseobject->move($this->dn, $new_dn); $this->by_object['user']= $baseobject; diff --git a/plugins/personal/connectivity/class_oxchangeAccount.inc b/plugins/personal/connectivity/class_oxchangeAccount.inc index 8553e16ff..ca660a8ac 100644 --- a/plugins/personal/connectivity/class_oxchangeAccount.inc +++ b/plugins/personal/connectivity/class_oxchangeAccount.inc @@ -714,15 +714,15 @@ class oxchangeAccount extends plugin isset($this->oxconf["PGPASSWD"])){ $pgcon = @pg_connect("host=".$this->oxconf["PGHOST"]." user=".$this->oxconf["PGUSER"]." password=".$this->oxconf["PGPASSWD"]." dbname=".$this->oxconf["PGDBNAME"]); if (! $pgcon){ - print_red(_("Couldn't connect to postgresql database!")); + print_red(_("Connectivity")." "._("Openexchange")." :"._("Couldn't connect to postgresql database!")); return; } }else{ - print_red(_("Needed parameters for openexchange connectivity plugin are missing!")); + print_red(_("Connectivity")." "._("Openexchange")." :"._("Needed parameters for openexchange connectivity plugin are missing!")); return; } }else{ - print_red(_("PHP4 module for postgresql database is missing!")); + print_red(_("Connectivity")." "._("Openexchange")." :"._("PHP4 module for postgresql database is missing!")); return; } diff --git a/plugins/personal/generic/class_user.inc b/plugins/personal/generic/class_user.inc index cdea64d37..54254ed79 100644 --- a/plugins/personal/generic/class_user.inc +++ b/plugins/personal/generic/class_user.inc @@ -906,6 +906,7 @@ class user extends plugin if ($this->dn != $new_dn){ /* Write entry on new 'dn' */ + $this->update_acls($this->dn,$new_dn); $this->move($this->dn, $new_dn); /* Happen to use the new one */