From 696799f3844811693e78b4a77acbc5772f2b6a96 Mon Sep 17 00:00:00 2001
From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Thu, 11 Jan 2007 03:39:03 +0000
Subject: [PATCH] Hide not allowed user operations, like 'remove' or
 'copy&paste' if this operations are not allowed. Skip Copy&Paste if acl !=
 "#all#"

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5518 594d385d-05f5-0310-b6e9-bd551577e9d8
---
 plugins/admin/users/class_divListUsers.inc   | 46 +++++++++++++-------
 plugins/admin/users/class_userManagement.inc | 21 ++++++---
 2 files changed, 47 insertions(+), 20 deletions(-)

diff --git a/plugins/admin/users/class_divListUsers.inc b/plugins/admin/users/class_divListUsers.inc
index 3182de791..f35e099dc 100644
--- a/plugins/admin/users/class_divListUsers.inc
+++ b/plugins/admin/users/class_divListUsers.inc
@@ -124,21 +124,6 @@ class divListUsers extends MultiSelectWindow
     $tplimg     = "<img class='center' src='images/select_template.png' alt='Template' title='%s'>";
     $editlink   = "<a href='?plug=".validate($_GET['plug'])."&amp;id=%s&amp;act=edit_entry'>%s</a>";
 
-    /* Create action icons */
-    $action = "";
-    if($this->parent->CopyPasteHandler){
-      $action .= "<input class='center' type='image'
-        src='images/editcut.png' alt='"._("cut")."' name='cut_%KEY%' title='"._("Cut this entry")."'>&nbsp;";
-      $action.= "<input class='center' type='image'
-        src='images/editcopy.png' alt='"._("copy")."' name='copy_%KEY%' title='"._("Copy this entry")."'>&nbsp;";
-    }
-    $action.= "<input class='center' type='image' src='images/edit.png' alt='"._("edit")."'
-      name='user_edit_%KEY%' title='"._("Edit user")."'>";
-    $action.= "<input class='center' type='image' src='images/list_password.png' alt='"._("password")."'
-      name='user_chgpw_%KEY%' title='"._("Change password")."'>";
-    $action.= "<input class='center' type='image' src='images/edittrash.png' alt='"._("delete")."'
-      name='user_del_%KEY%' title='"._("Delete user")."'>";
-    
     /* Possilbe objectClass image combinations */  
     $possibleAccounts = array(
             "posixAccount"    => array("VAR"=>"posix"     ,"IMG"=>"posiximg"),
@@ -180,6 +165,37 @@ class divListUsers extends MultiSelectWindow
     // Test Every Entry and generate divlist Array
     foreach($list as $key => $val){
 
+      /* Create action icons */
+      $action = "";
+
+      $dn= $val['dn'];
+      $acl= get_permissions ($dn, $this->ui->subtreeACL);
+      $acl= get_module_permission($acl, "user", $dn);
+
+      /* Append copy&paste icons if allowed */
+      if($acl == "#all#" && $this->parent->CopyPasteHandler){
+        $action .= "<input class='center' type='image'
+          src='images/editcut.png' alt='"._("cut")."' name='cut_%KEY%' title='"._("Cut this entry")."'>&nbsp;";
+        $action.= "<input class='center' type='image'
+          src='images/editcopy.png' alt='"._("copy")."' name='copy_%KEY%' title='"._("Copy this entry")."'>&nbsp;";
+      }
+
+      /* Add edit icon */
+      $action.= "<input class='center' type='image' src='images/edit.png' alt='"._("edit")."'
+        name='user_edit_%KEY%' title='"._("Edit user")."'>";
+
+      /* Add passowrd change icon if allowed */
+      if (chkacl($acl, "password") == ""){
+        $action.= "<input class='center' type='image' src='images/list_password.png' alt='"._("password")."'
+          name='user_chgpw_%KEY%' title='"._("Change password")."'>";
+      }
+
+      /* Add delete icon if delete user is allowed */
+      if (chkacl($acl, "delete") == ""){
+        $action.= "<input class='center' type='image' src='images/edittrash.png' alt='"._("delete")."'
+          name='user_del_%KEY%' title='"._("Delete user")."'>";
+      }
+
       /* Create phonaccopunt informationm, if conencted && is phoneAccount */ 
       if((in_array("goFonAccount"    ,$val['objectClass']))){
 
diff --git a/plugins/admin/users/class_userManagement.inc b/plugins/admin/users/class_userManagement.inc
index f76950cf4..a7034846f 100644
--- a/plugins/admin/users/class_userManagement.inc
+++ b/plugins/admin/users/class_userManagement.inc
@@ -110,12 +110,23 @@ class userManagement extends plugin
       $s_tab = "user";
     }
 
-    /* Display the copy & paste dialog, if it is currently open */
-    $ret = $this->copyPasteHandling($s_action,$s_entry);
-    if($ret){
-      return($ret);
+    /* Get 'dn' from posted 'uid' */
+    if(in_array_ics($s_action,array("editPaste","cut","copy"))){
+      $dn= $this->list[trim($s_entry)]['dn'];
+      $acl= get_permissions ($dn, $this->ui->subtreeACL);
+      $acl= get_module_permission($acl, "user", $dn);
+
+      if($acl != "#all#"){
+        print_red (_("You are not allowed to execute this method!")); 
+      }else{
+        /* Display the copy & paste dialog, if it is currently open */
+        $ret = $this->copyPasteHandling($s_action,$s_entry);
+        if($ret){
+          return($ret);
+        }
+      }
     }
-
+  
 
     /********************
       Edit existing entry 
-- 
2.30.2