From 4d862a32a7f82e1c3338a53cce8c29b7a2addd61 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 28 May 2008 09:38:10 +0000 Subject: [PATCH] Fixed copy & paste acls git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11070 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/include/class_CopyPasteHandler.inc | 23 +++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/gosa-core/include/class_CopyPasteHandler.inc b/gosa-core/include/class_CopyPasteHandler.inc index 21a57755e..244f7c7ee 100644 --- a/gosa-core/include/class_CopyPasteHandler.inc +++ b/gosa-core/include/class_CopyPasteHandler.inc @@ -291,7 +291,7 @@ class CopyPasteHandler { /* Put each queued object in one of the above arrays */ foreach($this->queue as $key => $entry){ - + /* Update entries on demand */ if(!isset($entry['object'])){ @@ -300,10 +300,20 @@ class CopyPasteHandler { } $entry= $this->_update_vars($entry); $msgs = $entry['object']->check(); - $acl = $ui->get_category_permissions($entry['dn'], $entry['tab_acl_category']); + + /* To copy an object we require full read access to the object category + */ + $copy_acl = preg_match("/r/",$ui->has_complete_category_acls($entry['dn'], $entry['tab_acl_category'])); + + /* In order to copy an object we require read an delete acls + */ + $cut_acl = preg_match("/d/",$ui->has_complete_category_acls($entry['dn'], $entry['tab_acl_category'])); + $cut_acl &= preg_match("/r/",$ui->has_complete_category_acls($entry['dn'], $entry['tab_acl_category'])); /* Check permissions */ - if(!preg_match("/((c|w)|(w|c))/",$acl)){ + if($entry['method'] == "copy" && !$copy_acl){ + $this->disallowed_objects[$key] = $entry; + }elseif($entry['method'] == "cut" && !$cut_acl){ $this->disallowed_objects[$key] = $entry; }elseif(!count($msgs)){ $this->clean_objects[$key] = $entry; @@ -311,6 +321,13 @@ class CopyPasteHandler { $this->objects_to_fix[$key] = $entry; } } + if(count($this->disallowed_objects)){ + $dns = array(); + foreach($this->disallowed_objects as $entry){ + $dns[] = $entry['dn']; + } +# msg_dialog::display(_("Permission"),msgPool::permCreate($dns),INFO_DIALOG); + } $this->require_update = FALSE; } -- 2.30.2