From 7804e017336c08d6fed58d51940faf3a16ccbe5c Mon Sep 17 00:00:00 2001 From: hickert Date: Thu, 29 May 2008 09:36:20 +0000 Subject: [PATCH] Updated snapshot stuff, check acls here too. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11100 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/include/class_SnapShotDialog.inc | 61 ++++++++++++------- .../plugins/admin/acl/class_aclManagement.inc | 4 +- .../class_departmentManagement.inc | 2 + .../admin/groups/class_groupManagement.inc | 4 +- .../admin/ogroups/class_ogroupManagement.inc | 3 +- .../admin/users/class_userManagement.inc | 6 +- .../fai/admin/fai/class_faiManagement.inc | 4 +- .../blocklists/class_blocklistManagement.inc | 4 +- .../class_phoneConferenceManagment.inc | 4 +- .../macro/class_gofonMacroManagement.inc | 4 +- .../class_applicationManagement.inc | 3 +- .../admin/devices/class_deviceManagement.inc | 4 +- .../mimetypes/class_mimetypeManagement.inc | 3 +- .../sudo/admin/sudo/class_sudoManagement.inc | 4 +- .../admin/systems/class_systemManagement.inc | 4 +- 15 files changed, 77 insertions(+), 37 deletions(-) diff --git a/gosa-core/include/class_SnapShotDialog.inc b/gosa-core/include/class_SnapShotDialog.inc index 4941c34ec..fb7cb1f79 100644 --- a/gosa-core/include/class_SnapShotDialog.inc +++ b/gosa-core/include/class_SnapShotDialog.inc @@ -61,38 +61,53 @@ class SnapShotDialog extends plugin plugin::execute(); $smarty = get_smarty(); + if(!isset($this->parent->acl_module) || !count($this->parent->acl_module)){ + trigger_error("Could not detect acl_module in parent object (".get_class($this->parent).")."); + return(""); + } + + $ui = get_userinfo(); + $once = true; foreach($_POST as $name => $value){ if((preg_match("/^RemoveSnapShot_/",$name)) && ($once)){ $once = false; - $entry = preg_replace("/^RemoveSnapShot_/","",$name); - $entry = base64_decode(preg_replace("/_[xy]$/","",$entry)); - - $found = false; - foreach($this->last_list as $t_stamp => $obj){ - if($obj['dn'] == $entry){ - $found = true; - break; + $entry = preg_replace("/^RemoveSnapShot_/","",$name); + $entry = base64_decode(preg_replace("/_[xy]$/","",$entry)); + + /* Check if we are allowed to handle snapshots + */ + if($ui->allow_snapshot_restore($entry,$this->parent->acl_module)){ + + $found = false; + foreach($this->last_list as $t_stamp => $obj){ + if($obj['dn'] == $entry){ + $found = true; + break; + } } - } - if($found){ - $this->del_dn = $entry; - $smarty= get_smarty(); - $smarty->assign("intro", sprintf(_("You're about to delete the snapshot '%s'."), @LDAP::fix($this->del_dn))); - return($smarty->fetch (get_template_path('remove.tpl'))); + if($found){ + $this->del_dn = $entry; + $smarty= get_smarty(); + $smarty->assign("intro", sprintf(_("You're about to delete the snapshot '%s'."), @LDAP::fix($this->del_dn))); + return($smarty->fetch (get_template_path('remove.tpl'))); + } } } } /* Remove snapshot */ if(isset($_POST['delete_confirm']) && !empty($this->del_dn)){ - $this->remove_snapshot($this->del_dn); + if($ui->allow_snapshot_restore($this->del_dn,$this->parent->acl_module)){ + $this->remove_snapshot($this->del_dn); + } $this->del_dn = ""; } /* We must restore a snapshot */ + if($this->display_restore_dialog){ /* Should we only display all snapshots of already deleted objects @@ -118,8 +133,12 @@ class SnapShotDialog extends plugin /* Walk through all entries and setup the display text */ foreach($tmp as $key => $entry){ - $TimeStamp = $entry['gosaSnapshotTimestamp'][0]; - $list_of_elements[$TimeStamp] = $entry; + + /* Check permissions */ + if($ui->allow_snapshot_restore($entry['dn'],$this->parent->acl_module)){ + $TimeStamp = $entry['gosaSnapshotTimestamp'][0]; + $list_of_elements[$TimeStamp] = $entry; + } } /* Sort generated list */ @@ -129,10 +148,10 @@ class SnapShotDialog extends plugin $this->last_list = $list_of_elements; foreach($list_of_elements as $entry){ - $actions= " "; - $actions.= " "; + $actions= " "; + $actions.= " "; $time_stamp = date(_("Y-m-d, H:i:s"),preg_replace("/\-.*$/","",$entry['gosaSnapshotTimestamp'][0])); $display_data = $entry['description'][0]; diff --git a/gosa-core/plugins/admin/acl/class_aclManagement.inc b/gosa-core/plugins/admin/acl/class_aclManagement.inc index 7bf405a50..8aed5f6b0 100644 --- a/gosa-core/plugins/admin/acl/class_aclManagement.inc +++ b/gosa-core/plugins/admin/acl/class_aclManagement.inc @@ -36,6 +36,8 @@ class aclManagement extends plugin var $start_pasting_copied_objects = FALSE; var $dns = array(); + var $acl_module = array("acl","aclroles"); + function aclManagement(&$config, &$ui) { /* Save configuration for internal use */ @@ -471,7 +473,7 @@ class aclManagement extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListACL->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-core/plugins/admin/departments/class_departmentManagement.inc b/gosa-core/plugins/admin/departments/class_departmentManagement.inc index 131a3b3e6..bd6d36e1b 100644 --- a/gosa-core/plugins/admin/departments/class_departmentManagement.inc +++ b/gosa-core/plugins/admin/departments/class_departmentManagement.inc @@ -40,6 +40,8 @@ class departmentManagement extends plugin var $ObjectInSaveMode = false; // Is true, if current object wasn't saved right now var $dns = array(); + var $acl_module = array("department"); + function departmentManagement (&$config, &$ui) { $this->ui= &$ui; diff --git a/gosa-core/plugins/admin/groups/class_groupManagement.inc b/gosa-core/plugins/admin/groups/class_groupManagement.inc index 70ae8ef62..4137ca8f9 100644 --- a/gosa-core/plugins/admin/groups/class_groupManagement.inc +++ b/gosa-core/plugins/admin/groups/class_groupManagement.inc @@ -34,7 +34,7 @@ class groupManagement extends plugin var $DivListGroup = NULL; var $ShowPrimaryCheckBox= false; var $start_pasting_copied_objects = FALSE; - + var $acl_module = "groups"; var $dns = array(); function groupManagement (&$config, &$ui) @@ -555,7 +555,7 @@ class groupManagement extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListGroup->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-core/plugins/admin/ogroups/class_ogroupManagement.inc b/gosa-core/plugins/admin/ogroups/class_ogroupManagement.inc index 6fe2d6ea2..9d5cdf107 100644 --- a/gosa-core/plugins/admin/ogroups/class_ogroupManagement.inc +++ b/gosa-core/plugins/admin/ogroups/class_ogroupManagement.inc @@ -37,6 +37,7 @@ class ogroupManagement extends plugin var $start_pasting_copied_objects = FALSE; var $dns = array(); + var $acl_module = array("ogroups"); function ogroupManagement (&$config, $dn= NULL) { @@ -491,7 +492,7 @@ class ogroupManagement extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListOGroup->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-core/plugins/admin/users/class_userManagement.inc b/gosa-core/plugins/admin/users/class_userManagement.inc index 2b84bfc2b..6cd576433 100644 --- a/gosa-core/plugins/admin/users/class_userManagement.inc +++ b/gosa-core/plugins/admin/users/class_userManagement.inc @@ -39,8 +39,8 @@ class userManagement extends plugin var $start_pasting_copied_objects = FALSE; var $msg_dialog= NULL; - - var $dns =array(); + var $acl_module = array("users"); + var $dns = array(); function userManagement(&$config, $ui) { @@ -971,7 +971,7 @@ class userManagement extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListUsers->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/fai/admin/fai/class_faiManagement.inc b/gosa-plugins/fai/admin/fai/class_faiManagement.inc index b5b335cab..e739f5220 100644 --- a/gosa-plugins/fai/admin/fai/class_faiManagement.inc +++ b/gosa-plugins/fai/admin/fai/class_faiManagement.inc @@ -53,6 +53,8 @@ class faiManagement extends plugin var $fai_base =""; var $fai_release =""; + var $acl_module = array("fai"); + /* construction/reconstruction */ function faiManagement (&$config, $ui) @@ -948,7 +950,7 @@ class faiManagement extends plugin /* Check if there is a snapshot dialog open */ $base = $this->fai_base; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/gofax/gofax/blocklists/class_blocklistManagement.inc b/gosa-plugins/gofax/gofax/blocklists/class_blocklistManagement.inc index 93987e404..649ae89f9 100644 --- a/gosa-plugins/gofax/gofax/blocklists/class_blocklistManagement.inc +++ b/gosa-plugins/gofax/gofax/blocklists/class_blocklistManagement.inc @@ -10,6 +10,8 @@ class blocklist extends plugin var $CopyPasteHandler = NULL; var $dns = array(); var $start_pasting_copied_objects = FALSE; + + var $acl_module = array("gofaxlist"); function blocklist (&$config, $ui) { @@ -331,7 +333,7 @@ class blocklist extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListBlocklist->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/gofon/gofon/conference/class_phoneConferenceManagment.inc b/gosa-plugins/gofon/gofon/conference/class_phoneConferenceManagment.inc index 3cf6ec65d..f41ea11ad 100644 --- a/gosa-plugins/gofon/gofon/conference/class_phoneConferenceManagment.inc +++ b/gosa-plugins/gofon/gofon/conference/class_phoneConferenceManagment.inc @@ -37,6 +37,8 @@ class phoneConferenceManagment extends plugin var $start_pasting_copied_objects = FALSE; var $dns = array(); + var $acl_module = array("gofonconference"); + /* Initialise Class */ function phoneConferenceManagment (&$config, $ui) { @@ -398,7 +400,7 @@ class phoneConferenceManagment extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListConference->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/gofon/gofon/macro/class_gofonMacroManagement.inc b/gosa-plugins/gofon/gofon/macro/class_gofonMacroManagement.inc index 46f9d5144..e5e7f3934 100644 --- a/gosa-plugins/gofon/gofon/macro/class_gofonMacroManagement.inc +++ b/gosa-plugins/gofon/gofon/macro/class_gofonMacroManagement.inc @@ -35,6 +35,8 @@ class goFonMacro extends plugin var $dns = array(); + var $acl_module = array("gofonmacro"); + function gofonMacro(&$config, $ui) { /* Save configuration for internal use */ @@ -429,7 +431,7 @@ class goFonMacro extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListMacro->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/goto/admin/applications/class_applicationManagement.inc b/gosa-plugins/goto/admin/applications/class_applicationManagement.inc index b00a8d29c..b4f83907f 100644 --- a/gosa-plugins/goto/admin/applications/class_applicationManagement.inc +++ b/gosa-plugins/goto/admin/applications/class_applicationManagement.inc @@ -35,6 +35,7 @@ class applicationManagement extends plugin var $app_base =""; var $app_release =""; + var $acl_module = array("application"); var $dns = array(); @@ -514,7 +515,7 @@ class applicationManagement extends plugin }else{ $base = $this->app_base; } - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/goto/admin/devices/class_deviceManagement.inc b/gosa-plugins/goto/admin/devices/class_deviceManagement.inc index 5cb193a08..7b3f750f6 100644 --- a/gosa-plugins/goto/admin/devices/class_deviceManagement.inc +++ b/gosa-plugins/goto/admin/devices/class_deviceManagement.inc @@ -18,6 +18,8 @@ class deviceManagement extends plugin var $dn =""; var $dns = array(); + var $acl_module = array("devices"); + function deviceManagement(&$config, $dn= NULL) { plugin::plugin ($config, $dn); @@ -421,7 +423,7 @@ class deviceManagement extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListDevices->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/goto/admin/mimetypes/class_mimetypeManagement.inc b/gosa-plugins/goto/admin/mimetypes/class_mimetypeManagement.inc index d911448dc..c8f4adb73 100644 --- a/gosa-plugins/goto/admin/mimetypes/class_mimetypeManagement.inc +++ b/gosa-plugins/goto/admin/mimetypes/class_mimetypeManagement.inc @@ -36,6 +36,7 @@ class mimetypeManagement extends plugin var $mime_base = ""; var $mime_release = ""; + var $acl_module = array("mimetypes"); function IsReleaseManagementActivated() { @@ -518,7 +519,7 @@ class mimetypeManagement extends plugin }else{ $base = $this->mime_base; } - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/sudo/admin/sudo/class_sudoManagement.inc b/gosa-plugins/sudo/admin/sudo/class_sudoManagement.inc index 8ce2d16a5..624a6029c 100644 --- a/gosa-plugins/sudo/admin/sudo/class_sudoManagement.inc +++ b/gosa-plugins/sudo/admin/sudo/class_sudoManagement.inc @@ -36,6 +36,8 @@ class sudoManagement extends plugin private $base = ""; private $start_pasting_copied_objects = FALSE; + + public $acl_module = array("sudo"); /*! \brief */ public function __construct(&$config, &$ui) @@ -347,7 +349,7 @@ class sudoManagement extends plugin } /* Check if there is a snapshot dialog open */ - if($str = $this->showSnapshotDialog(sudo::get_sudoers_ou($this->config),$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog(sudo::get_sudoers_ou($this->config),$this->get_used_snapshot_bases(),$this)){ return($str); } diff --git a/gosa-plugins/systems/admin/systems/class_systemManagement.inc b/gosa-plugins/systems/admin/systems/class_systemManagement.inc index 1f115d806..7377c5f0a 100644 --- a/gosa-plugins/systems/admin/systems/class_systemManagement.inc +++ b/gosa-plugins/systems/admin/systems/class_systemManagement.inc @@ -44,6 +44,8 @@ class systems extends plugin var $system_activation_object = ""; // The object to activate (NewDevice) var $fai_activated = FALSE; + var $acl_module = array("incoming","terminal","workstation","server","printer","phone","winworkstation","component"); + function systems (&$config, $ui) { /* Save configuration for internal use */ @@ -1167,7 +1169,7 @@ class systems extends plugin /* Check if there is a snapshot dialog open */ $base = $this->DivListSystem->selectedBase; - if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases())){ + if($str = $this->showSnapshotDialog($base,$this->get_used_snapshot_bases(),$this)){ return($str); } -- 2.30.2