From 33a3fc1372d42e796846cbfb52d00c00cfcceee0 Mon Sep 17 00:00:00 2001 From: hickert Date: Thu, 6 Nov 2008 10:31:22 +0000 Subject: [PATCH] Updated ACL checks in FAI management -Couldn't create new objects if user filter settings were used. git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.6-lhm@12934 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../fai/admin/fai/class_divListFai.inc | 8 +++---- .../fai/admin/fai/class_faiManagement.inc | 21 +++++++++++-------- 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/gosa-plugins/fai/admin/fai/class_divListFai.inc b/gosa-plugins/fai/admin/fai/class_divListFai.inc index 3b57ea41d..453f4e06d 100644 --- a/gosa-plugins/fai/admin/fai/class_divListFai.inc +++ b/gosa-plugins/fai/admin/fai/class_divListFai.inc @@ -129,7 +129,7 @@ class divListFai extends MultiSelectWindow $add_sep = false; /* Get complete fai acls, to be able to check if we must show or hide the snapshot abilities */ - $acl_all = $ui->has_complete_category_acls($this->parent->fai_base,$this->module); + $acl_all = $ui->has_complete_category_acls($this->parent->acl_base,$this->module); /* Add default header */ $listhead = MultiSelectWindow::get_default_header(false); @@ -143,7 +143,7 @@ class divListFai extends MultiSelectWindow $s .= "..|". " "._("Create")."|\n"; - $acl = $ui->get_permissions($this->parent->fai_base,"fai/faiProfile"); + $acl = $ui->get_permissions($this->parent->acl_base,"fai/faiProfile"); if($this->parent->lock_type == "freeze" && !$this->parent->allow_freeze_object_attach){ $s.= "...|". " "._("Freezed")."|\n"; @@ -169,7 +169,7 @@ class divListFai extends MultiSelectWindow "Create_package" , _("PK") , "faiPackage")); foreach($arr as $ar){ - $acl = $ui->get_permissions($this->parent->fai_base,"fai/".$ar[4]); + $acl = $ui->get_permissions($this->parent->acl_base,"fai/".$ar[4]); if(preg_match("/c/",$acl)){ $s.= "...|". " ".$ar[1]."|".$ar[2]."|\n"; @@ -269,7 +269,7 @@ class divListFai extends MultiSelectWindow /* Add copy & cut icons */ $ui = get_userinfo(); $action =""; - $acl_all = $ui->has_complete_category_acls($this->parent->fai_base,$this->module); + $acl_all = $ui->has_complete_category_acls($this->parent->acl_base,$this->module); if(preg_match("/^opsi_/",$type)){ $editlink ="%NAME%"; diff --git a/gosa-plugins/fai/admin/fai/class_faiManagement.inc b/gosa-plugins/fai/admin/fai/class_faiManagement.inc index 6f39cfdb1..6c02e1ae5 100644 --- a/gosa-plugins/fai/admin/fai/class_faiManagement.inc +++ b/gosa-plugins/fai/admin/fai/class_faiManagement.inc @@ -51,6 +51,7 @@ class faiManagement extends plugin var $allow_freeze_object_attach = TRUE; var $no_save; + var $acl_base =""; var $fai_base =""; var $fai_release =""; @@ -83,6 +84,7 @@ class faiManagement extends plugin /* Set default release */ $this->fai_base = get_ou("faiou").$this->config->current['BASE']; + $this->acl_base = $this->config->current['BASE']; if(!session::is_set("fai_filter")){ @@ -448,7 +450,7 @@ class faiManagement extends plugin Delete confirmed ****************/ - /* Deltetion was confirmed, so delete this entry + /* Deletion was confirmed, so delete this entry */ if (isset($_POST['delete_terminal_confirm'])){ @@ -538,7 +540,7 @@ class faiManagement extends plugin if("" != $this->config->search("faiManagement", "POSTREMOVE",array('menu','tabs'))){ /* Load permissions for selected 'dn' and check if we're allowed to remove this 'dn' */ - if($this->acl_is_removeable()){ + if(preg_match("/d/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){ $smarty->assign("release_hidden",base64_encode($this->fai_release)); $smarty->assign("info", msgPool::deleteInfo(@LDAP::fix($this->fai_release),_("FAI branch/freeze"))); return($smarty->fetch(get_template_path('remove_branch.tpl',TRUE))); @@ -571,7 +573,7 @@ class faiManagement extends plugin $br = $this->getBranches(); - if(isset($br[$bb]) && $this->acl_is_removeable()){ + if(isset($br[$bb]) && preg_match("/d/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){ $name = $br[$bb]; $ldap->cd($bb); @@ -689,7 +691,7 @@ class faiManagement extends plugin if(isset($_GET['PerformBranch'])){ - if(!$this->acl_is_createable()){ + if(!preg_match("/c/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){ msg_dialog::display(_("Permission error"), msgPool::permCreate(_("Branch")), ERROR_DIALOG); }else{ @@ -799,6 +801,7 @@ class faiManagement extends plugin echo "

+
"; echo "" ; @@ -850,8 +853,8 @@ class faiManagement extends plugin */ if("" != $this->config->search("faiManagement", "POSTCREATE",array('menu','tabs'))){ if(($s_action == "branch_branch")||($this->dispNewBranch)){ - if(!$this->acl_is_createable()){ - msg_dialog::display(_("Permission error"), msgPool::permCreate(_("Branch")), ERROR_DIALOG); + if(!preg_match("/c/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){ + msg_dialog::display(_("Permission error"), msgPool::permCreate(_("Branch")), ERROR_DIALOG); }else{ $this->dispNewBranch=true; $smarty->assign("iframe",false); @@ -871,7 +874,7 @@ class faiManagement extends plugin */ if("" != $this->config->search("faiManagement", "POSTCREATE",array('menu','tabs'))){ if(($s_action == "freeze_branch")||($this->dispNewFreeze)){ - if(!$this->acl_is_createable()){ + if(!preg_match("/c/",$this->ui->get_permissions($this->acl_base,"fai/faiManagement"))){ msg_dialog::display(_("Permission error"), msgPool::permCreate(_("Branch")), ERROR_DIALOG); }else{ $this->dispNewFreeze = true; @@ -901,7 +904,7 @@ class faiManagement extends plugin "new_package" => _("package list")); if(isset($types[$s_action])){ - $acl = $this->ui->get_permissions($this->fai_base,"fai/".$type_acl_mapping[$types[$s_action]]); + $acl = $this->ui->get_permissions($this->acl_base,"fai/".$type_acl_mapping[$types[$s_action]]); if(preg_match("/c/",$acl)){ $this->dialog = new askClassName($this->config,$this->dn,$this->ui,$types[$s_action]); $this->dialog->parent = &$this; @@ -1130,7 +1133,7 @@ class faiManagement extends plugin } } $this->base = $base; - $this->set_acl_base($this->base); + $this->set_acl_base($this->acl_base); $this->lock_type = FAI::get_release_tag(FAI::get_release_dn($base)); -- 2.30.2