From 286b07c21cf3405508aacff4b65345d3882adaab Mon Sep 17 00:00:00 2001 From: hickert Date: Thu, 7 Jan 2010 08:34:47 +0000 Subject: [PATCH] Added permission check git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@15094 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-plugins/fai/admin/fai/class_faiManagement.inc | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/gosa-plugins/fai/admin/fai/class_faiManagement.inc b/gosa-plugins/fai/admin/fai/class_faiManagement.inc index 8fd3847eb..141cff98b 100644 --- a/gosa-plugins/fai/admin/fai/class_faiManagement.inc +++ b/gosa-plugins/fai/admin/fai/class_faiManagement.inc @@ -351,9 +351,14 @@ class faiManagement extends management function removeFAIObjects($to_delete) { // Do not allow to remove objects with state freeezed - $errors=array(); + $errors = $disallowed = array(); + foreach($to_delete as $obj){ - if(isset($obj['FAIstate']) && preg_match('/^freeze/', $obj['FAIstate'])){ + $type = $this->get_type($obj); + $acl = $this->ui->get_permissions($obj['dn'],"fai/".$type[1]); + if(!preg_match("/d/",$acl)){ + $disallowed[] = $obj['dn']; + }elseif(isset($obj['FAIstate']) && preg_match('/^freeze/', $obj['FAIstate'])){ $errors[] = $obj['dn']; }else{ $this->dns[] = $obj['dn']; @@ -363,6 +368,9 @@ class faiManagement extends management msg_dialog::display(_("Branch locked"), sprintf(_("The following entries are locked, you can't remove them %s."),msgPool::buildList($errors)),INFO_DIALOG); } + if(count($disallowed)){ + msg_dialog::display(_("Permission error"), msgPool::permDelete($disallowed), ERROR_DIALOG); + } // Check entry locking if(count($this->dns)){ -- 2.30.2