From 01f1692764d4fc5fc47b04706d23da7d5814d965 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 23 Jul 2008 05:51:35 +0000 Subject: [PATCH] Updated Post checks in dhcp service plugin. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11753 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../services/dhcp/class_dhcpAdvanced.inc | 10 ++++--- .../systems/services/dhcp/class_dhcpGroup.inc | 2 +- .../systems/services/dhcp/class_dhcpHost.inc | 2 +- .../services/dhcp/class_dhcpNetwork.inc | 12 +++++--- .../services/dhcp/class_dhcpService.inc | 29 +++++++++---------- .../services/dhcp/class_dhcpSharedNetwork.inc | 7 ++++- .../services/dhcp/class_dhcpSubnet.inc | 14 +++++++-- 7 files changed, 47 insertions(+), 29 deletions(-) diff --git a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpAdvanced.inc b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpAdvanced.inc index 9f9df65fc..755214411 100644 --- a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpAdvanced.inc +++ b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpAdvanced.inc @@ -42,13 +42,15 @@ class dhcpAdvanced extends plugin function execute() { + $acl_writeable = preg_match("/w/",$this->parent->getacl("")); + /* Check for interaction */ - if (isset($_POST['add_statement']) && $_POST['addstatement'] != ""){ + if ($acl_writeable && isset($_POST['add_statement']) && $_POST['addstatement'] != ""){ $key= preg_replace('/^([a-z0-9-]+)\s(.*)$/', '\\1', get_post('addstatement')); $val= preg_replace("/^$key\s*/", '', get_post('addstatement')); $this->statements[$key]= $val; } - if (isset($_POST['delete_statement']) && isset($_POST['dhcpstatements'])){ + if ($acl_writeable && isset($_POST['delete_statement']) && isset($_POST['dhcpstatements'])){ $key= preg_replace('/([a-z0-9-]+)\s(.*)$/', '\\1', get_post('dhcpstatements')); if (in_array($key, $this->autoStatements)){ msg_dialog::display(_("Error"), _("Cannot delete automatic statements!"), ERROR_DIALOG); @@ -56,12 +58,12 @@ class dhcpAdvanced extends plugin unset($this->statements[$key]); } } - if (isset($_POST['add_option']) && $_POST['addoption'] != ""){ + if ($acl_writeable && isset($_POST['add_option']) && $_POST['addoption'] != ""){ $key= preg_replace('/^([a-z0-9-]+)\s(.*)$/', '\\1', get_post('addoption')); $val= preg_replace("/^$key\s*/", '', get_post('addoption')); $this->options[$key]= $val; } - if (isset($_POST['delete_option']) && isset($_POST['dhcpoptions'])){ + if ($acl_writeable && isset($_POST['delete_option']) && isset($_POST['dhcpoptions'])){ $key= preg_replace('/([a-z0-9-]+)\s(.*)$/', '\\1', get_post('dhcpoptions')); if (in_array($key, $this->autoOptions)){ msg_dialog::display(_("Error"), _("Cannot delete automatic statements!"), ERROR_DIALOG); diff --git a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpGroup.inc b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpGroup.inc index 10978700b..6a0d78b00 100644 --- a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpGroup.inc +++ b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpGroup.inc @@ -75,7 +75,7 @@ class dhcpGroup extends dhcpPlugin function save_object() { /* Save cn */ - if (isset($_POST['cn'])){ + if (preg_match("/w/",$this->parent->getacl("")) && isset($_POST['cn'])){ $this->cn= validate(get_post('cn')); } diff --git a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpHost.inc b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpHost.inc index 26fabb20f..776a3e6c1 100644 --- a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpHost.inc +++ b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpHost.inc @@ -102,7 +102,7 @@ class dhcpHost extends dhcpPlugin function save_object() { /* Save remaining attributes */ - if (isset($_POST['dhcp_host_posted'])){ + if (isset($_POST['dhcp_host_posted']) && preg_match("/w/",$this->parent->getacl(""))){ /* Assemble hwAddress */ if (isset($_POST['dhcpHWAddress'])){ diff --git a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpNetwork.inc b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpNetwork.inc index 6054eb696..0f99ce23b 100644 --- a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpNetwork.inc +++ b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpNetwork.inc @@ -36,10 +36,14 @@ class dhcpNetwork extends plugin function execute() { + + $acl_writeable = preg_match("/w/",$this->parent->getacl("")); + /* Check for iteraction */ - if (isset($_POST['add_dns']) && $_POST['addserver'] != ""){ + if ($acl_writeable && isset($_POST['add_dns']) && $_POST['addserver'] != ""){ if (!preg_match('/^[0-9a-z.-]+$/', get_post('addserver'))){ - msg_dialog::display(_("Error"), msgPool::invalid(_("Name"),htmlentities(get_post('addserver')),"/[0-9a-z.-]/"), ERROR_DIALOG); + msg_dialog::display(_("Error"), msgPool::invalid(_("Name"), + htmlentities(get_post('addserver')),"/[0-9a-z.-]/"), ERROR_DIALOG); } else { $servers= array(); if (isset($this->options['domain-name-servers'])){ @@ -56,7 +60,7 @@ class dhcpNetwork extends plugin $this->options['domain-name-servers']= preg_replace('/,$/', '', $tmp); } } - if (isset($_POST['delete_dns']) && isset($_POST['dnsserver'])){ + if ($acl_writeable && isset($_POST['delete_dns']) && isset($_POST['dnsserver'])){ $tmp= preg_replace("/(\s*,\s*)?".get_post('dnsserver')."/i", '', $this->options['domain-name-servers']); $tmp= preg_replace("/(\s*)?,(\s*)?$/", '', $tmp); @@ -151,7 +155,7 @@ class dhcpNetwork extends plugin function save_object() { /* Only save, if we are "active" */ - if (isset($_POST['routers'])){ + if (isset($_POST['routers']) && preg_match("/w/",$this->parent->getacl(""))){ /* * Assemble options diff --git a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpService.inc b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpService.inc index c50641649..5260b743f 100644 --- a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpService.inc +++ b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpService.inc @@ -114,24 +114,23 @@ class dhcpService extends dhcpPlugin function save_object() { /* No need to save in the first time */ - if (!isset($_POST['ddns_update_style'])){ - return; - } - - /* Save remaining attributes */ - foreach (array('max_lease_time', 'default_lease_time', 'ddns_update_style') as $val){ - $tval= preg_replace('/_/', '-', $val); - if ($_POST[$val] != ""){ - $this->statements[$tval]= validate(get_post($val)); + if (isset($_POST['ddns_update_style']) && preg_match("/w/",$this->parent->getacl(""))){ + + /* Save remaining attributes */ + foreach (array('max_lease_time', 'default_lease_time', 'ddns_update_style') as $val){ + $tval= preg_replace('/_/', '-', $val); + if ($_POST[$val] != ""){ + $this->statements[$tval]= validate(get_post($val)); + } else { + unset ($this->statements[$tval]); + } + } + if (isset($_POST['authoritative'])){ + $this->statements['authoritative']= ""; } else { - unset ($this->statements[$tval]); + unset($this->statements['authoritative']); } } - if (isset($_POST['authoritative'])){ - $this->statements['authoritative']= ""; - } else { - unset($this->statements['authoritative']); - } dhcpPlugin::save_object(); } diff --git a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpSharedNetwork.inc b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpSharedNetwork.inc index 93b0330d1..15ead8eeb 100644 --- a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpSharedNetwork.inc +++ b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpSharedNetwork.inc @@ -107,7 +107,12 @@ class dhcpSharedNetwork extends dhcpPlugin /* Save data to object */ function save_object() { - if (isset($_POST['cn'])){ + /* Check permissions, don't touch anything if we do not have write permissions + */ + if (!preg_match("/w/",$this->parent->getacl(""))){ + dhcpPlugin::save_object(); + }elseif(isset($_POST['cn'])){ + $this->cn= validate(get_post('cn')); dhcpPlugin::save_object(); diff --git a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpSubnet.inc b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpSubnet.inc index c0bf218d1..2227e14f4 100644 --- a/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpSubnet.inc +++ b/gosa-plugins/dhcp/admin/systems/services/dhcp/class_dhcpSubnet.inc @@ -110,7 +110,11 @@ class dhcpSubnet extends dhcpPlugin /* Save data to object */ function save_object() { - if(isset($_POST['dhcp_subnet_posted'])){ + + /* Skip here if do not have write permissions here + Still executed at bottom - dhcpPlugin::save_object(); + */ + if(isset($_POST['dhcp_subnet_posted']) && preg_match("/w/",$this->parent->getacl(""))){ if (isset($_POST['cn'])){ $this->cn= validate(get_post('cn')); } @@ -127,8 +131,8 @@ class dhcpSubnet extends dhcpPlugin /* Move range to internal variable */ $this->dhcpRange= $this->range_start." ".$this->range_stop; - dhcpPlugin::save_object(); } + dhcpPlugin::save_object(); } @@ -159,7 +163,11 @@ class dhcpSubnet extends dhcpPlugin } /* IP's? */ - foreach(array('dhcpNetMask' => _("Netmask"), 'cn' => _("Network address"), 'range_start' => _("Range"), 'range_stop' => _("Range")) as $attr => $str){ + foreach(array( + 'dhcpNetMask' => _("Netmask"), + 'cn' => _("Network address"), + 'range_start' => _("Range"), + 'range_stop' => _("Range")) as $attr => $str){ if ($this->$attr != "" && !tests::is_ip($this->$attr)){ $message[]= msgPool::invalid($str,"","","192.168.0.23"); } -- 2.30.2