From 78753df76f578a504bcad791e7be73daabfc3b93 Mon Sep 17 00:00:00 2001 From: hickert Date: Tue, 27 May 2008 07:35:52 +0000 Subject: [PATCH] Added correct checks to prevent user creation or movement when not allowed. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11013 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/plugins/personal/generic/class_user.inc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc index 0200dae80..ffef24b70 100644 --- a/gosa-core/plugins/personal/generic/class_user.inc +++ b/gosa-core/plugins/personal/generic/class_user.inc @@ -1160,6 +1160,14 @@ class user extends plugin $this->set_acl_base($this->base); } + /* Check if we are allowed to create/move this user + */ + if($this->dn == "new" && !$this->acl_is_createable($this->base)){ + $message[]= msgPool::permCreate(); + }elseif($this->new_dn != $this->orig_dn && !$this->acl_is_moveable($this->base)){ + $message[]= msgPool::permMove(); + } + /* UID already used? */ $ldap= $this->config->get_ldap_link(); $ldap->cd($this->config->current['BASE']); -- 2.30.2