From 74975ea220067c36c9dd9e27fdf454965276478d Mon Sep 17 00:00:00 2001 From: hickert Date: Mon, 20 Oct 2008 06:33:35 +0000 Subject: [PATCH] Updated ACL - acls ;) -Ensure that Posts are only adopted if the user is allowed to modify ACLs. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@12734 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/include/class_acl.inc | 137 +++++++++++++++++--------------- 1 file changed, 71 insertions(+), 66 deletions(-) diff --git a/gosa-core/include/class_acl.inc b/gosa-core/include/class_acl.inc index 1a66ee7e5..e7ff5d079 100644 --- a/gosa-core/include/class_acl.inc +++ b/gosa-core/include/class_acl.inc @@ -242,84 +242,89 @@ class acl extends plugin $new_acl= array(); $aclDialog= FALSE; $firstedit= FALSE; - foreach($_POST as $name => $post){ - - /* Actions... */ - if (preg_match('/^acl_edit_.*_x/', $name)){ - $this->dialogState= 'create'; - $firstedit= TRUE; - $this->dialog= TRUE; - $this->currentIndex= preg_replace('/^acl_edit_([0-9]+).*$/', '\1', $name); - $this->loadAclEntry(); - continue; - } - if (preg_match('/^acl_del_.*_x/', $name)){ - unset($this->gosaAclEntry[preg_replace('/^acl_del_([0-9]+).*$/', '\1', $name)]); - continue; - } - if (preg_match('/^cat_edit_.*_x/', $name)){ - $this->aclObject= preg_replace('/^cat_edit_([^_]+)_.*$/', '\1', $name); - $this->dialogState= 'edit'; - foreach ($this->ocMapping[$this->aclObject] as $oc){ - if (isset($this->aclContents[$oc])){ - $this->savedAclContents[$oc]= $this->aclContents[$oc]; - } + /* Only handle posts, if we allowed to modify ACLs + */ + if($this->acl_is_writeable("")){ + foreach($_POST as $name => $post){ + + /* Actions... */ + if (preg_match('/^acl_edit_.*_x/', $name)){ + $this->dialogState= 'create'; + $firstedit= TRUE; + $this->dialog= TRUE; + $this->currentIndex= preg_replace('/^acl_edit_([0-9]+).*$/', '\1', $name); + $this->loadAclEntry(); + continue; } - continue; - } - if (preg_match('/^cat_del_.*_x/', $name)){ - $idx= preg_replace('/^cat_del_([^_]+)_.*$/', '\1', $name); - foreach ($this->ocMapping[$idx] as $key){ - unset($this->aclContents["$idx/$key"]); + if (preg_match('/^acl_del_.*_x/', $name)){ + unset($this->gosaAclEntry[preg_replace('/^acl_del_([0-9]+).*$/', '\1', $name)]); + continue; } - continue; - } - /* Sorting... */ - if (preg_match('/^sortup_.*_x/', $name)){ - $index= preg_replace('/^sortup_([0-9]+).*$/', '\1', $name); - if ($index > 0){ - $tmp= $this->gosaAclEntry[$index]; - $this->gosaAclEntry[$index]= $this->gosaAclEntry[$index-1]; - $this->gosaAclEntry[$index-1]= $tmp; + if (preg_match('/^cat_edit_.*_x/', $name)){ + $this->aclObject= preg_replace('/^cat_edit_([^_]+)_.*$/', '\1', $name); + $this->dialogState= 'edit'; + foreach ($this->ocMapping[$this->aclObject] as $oc){ + if (isset($this->aclContents[$oc])){ + $this->savedAclContents[$oc]= $this->aclContents[$oc]; + } + } + continue; } - continue; - } - if (preg_match('/^sortdown_.*_x/', $name)){ - $index= preg_replace('/^sortdown_([0-9]+).*$/', '\1', $name); - if ($index < count($this->gosaAclEntry)-1){ - $tmp= $this->gosaAclEntry[$index]; - $this->gosaAclEntry[$index]= $this->gosaAclEntry[$index+1]; - $this->gosaAclEntry[$index+1]= $tmp; + if (preg_match('/^cat_del_.*_x/', $name)){ + $idx= preg_replace('/^cat_del_([^_]+)_.*$/', '\1', $name); + foreach ($this->ocMapping[$idx] as $key){ + unset($this->aclContents["$idx/$key"]); + } + continue; } - continue; - } - /* ACL saving... */ - if (preg_match('/^acl_.*_[^xy]$/', $name)){ - $aclDialog= TRUE; - list($dummy, $object, $attribute, $value)= split('_', $name); - - /* Skip for detection entry */ - if ($object == 'dummy') { + /* Sorting... */ + if (preg_match('/^sortup_.*_x/', $name)){ + $index= preg_replace('/^sortup_([0-9]+).*$/', '\1', $name); + if ($index > 0){ + $tmp= $this->gosaAclEntry[$index]; + $this->gosaAclEntry[$index]= $this->gosaAclEntry[$index-1]; + $this->gosaAclEntry[$index-1]= $tmp; + } continue; } - - /* Ordinary ACLs */ - if (!isset($new_acl[$object])){ - $new_acl[$object]= array(); + if (preg_match('/^sortdown_.*_x/', $name)){ + $index= preg_replace('/^sortdown_([0-9]+).*$/', '\1', $name); + if ($index < count($this->gosaAclEntry)-1){ + $tmp= $this->gosaAclEntry[$index]; + $this->gosaAclEntry[$index]= $this->gosaAclEntry[$index+1]; + $this->gosaAclEntry[$index+1]= $tmp; + } + continue; } - if (isset($new_acl[$object][$attribute])){ - $new_acl[$object][$attribute].= $value; - } else { - $new_acl[$object][$attribute]= $value; + + /* ACL saving... */ + if (preg_match('/^acl_.*_[^xy]$/', $name)){ + $aclDialog= TRUE; + list($dummy, $object, $attribute, $value)= split('_', $name); + + /* Skip for detection entry */ + if ($object == 'dummy') { + continue; + } + + /* Ordinary ACLs */ + if (!isset($new_acl[$object])){ + $new_acl[$object]= array(); + } + if (isset($new_acl[$object][$attribute])){ + $new_acl[$object][$attribute].= $value; + } else { + $new_acl[$object][$attribute]= $value; + } } - } - if(isset($_POST['selected_role'])){ - $this->aclContents = ""; - $this->aclContents = base64_decode($_POST['selected_role']); + if(isset($_POST['selected_role'])){ + $this->aclContents = ""; + $this->aclContents = base64_decode($_POST['selected_role']); + } } } -- 2.30.2