From 8309a8be472e8b3152013638f9fa4222a7be9529 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 28 May 2008 06:25:01 +0000 Subject: [PATCH] Updated acl acls git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11057 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../plugins/admin/acl/class_aclManagement.inc | 73 +++++++++++++------ .../plugins/admin/acl/class_divListACL.inc | 32 ++++---- 2 files changed, 62 insertions(+), 43 deletions(-) diff --git a/gosa-core/plugins/admin/acl/class_aclManagement.inc b/gosa-core/plugins/admin/acl/class_aclManagement.inc index 72a2bf35c..fdaedf703 100644 --- a/gosa-core/plugins/admin/acl/class_aclManagement.inc +++ b/gosa-core/plugins/admin/acl/class_aclManagement.inc @@ -300,32 +300,49 @@ class aclManagement extends plugin } } - /* Display lock messages */ - if ($user= get_multiple_locks($this->dns)){ - return(gen_locked_message($user,$this->dns)); - } - - $dns_names = array(); + $disallowed = array(); foreach($this->dns as $key => $dn){ - - /* Check permissions */ - if(!preg_match("/d/",$this->ui->get_permissions($dn,"acl/acl"))){ - - /* Obviously the acl isn't allowed to delete. Show message and - clean session. */ - msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG); + $acl = $this->ui->get_permissions($dn, "aclroles/aclrole"); + if(!preg_match("/d/",$acl)){ unset($this->dns[$key]); - continue; + $disallowed[] = $dn; } + } - $dns_names[] = LDAP::fix($dn); + if(count($disallowed)){ + msg_dialog::display(_("Permission"),msgPool::permDelete($disallowed),INFO_DIALOG); } if(count($this->dns)){ - add_lock($this->dns,$this->ui->dn); - $smarty->assign("info", msgPool::deleteInfo($dns_names)); - $smarty->assign("is_role",false); - return($smarty->fetch(get_template_path('remove.tpl', TRUE))); + + + /* Display lock messages */ + if ($user= get_multiple_locks($this->dns)){ + return(gen_locked_message($user,$this->dns)); + } + + $dns_names = array(); + foreach($this->dns as $key => $dn){ + + /* Check permissions */ + if(!preg_match("/d/",$this->ui->get_permissions($dn,"acl/acl"))){ + + /* Obviously the acl isn't allowed to delete. Show message and + clean session. */ + msg_dialog::display(_("Permission error"), msgPool::permDelete(), ERROR_DIALOG); + unset($this->dns[$key]); + continue; + } + + $dns_names[] = LDAP::fix($dn); + } + + if(count($this->dns)){ + add_lock($this->dns,$this->ui->dn); + $smarty->assign("info", msgPool::deleteInfo($dns_names)); + $smarty->assign("is_role",false); + return($smarty->fetch(get_template_path('remove.tpl', TRUE))); + } } } @@ -555,15 +572,23 @@ class aclManagement extends plugin return(""); } + $ui = get_userinfo(); + /* Add a single entry to queue */ if($s_action == "cut" || $s_action == "copy"){ /* Cleanup object queue */ $this->CopyPasteHandler->cleanup_queue(); $dn = $this->list[$s_entry]['dn']; - - if(isset($this->list[$s_entry]['objectClass']) && in_array("gosaRole",$this->list[$s_entry]['objectClass'])){ - $this->CopyPasteHandler->add_to_queue($dn,$s_action,"aclroletab","ACLROLETAB","aclroles"); + + /* We can only copy & cut roles */ + if(isset($this->list[$id]['objectClass']) && in_array("gosaRole",$this->list[$s_entry]['objectClass'])){ + if($s_action == "copy" && preg_match("/r/",$ui->has_complete_category_acls($dn,"aclroles"))){ + $this->CopyPasteHandler->add_to_queue($dn,$s_action,"aclroletab","ACLROLETAB","aclroles"); + } + if($s_action == "cut" && preg_match("/(r.*d|d.*r)/",$ui->has_complete_category_acls($dn,"aclroles"))){ + $this->CopyPasteHandler->add_to_queue($dn,$s_action,"aclroletab","ACLROLETAB","aclroles"); + } } } @@ -579,10 +604,10 @@ class aclManagement extends plugin if(isset($this->list[$id]['objectClass']) && in_array("gosaRole",$this->list[$id]['objectClass'])){ - if($s_action == "copy_multiple"){ + if($s_action == "copy_multiple" && preg_match("/r/",$ui->has_complete_category_acls($dn,"aclroles"))){ $this->CopyPasteHandler->add_to_queue($dn,"copy","aclroletab","ACLROLETAB","aclroles"); } - if($s_action == "cut_multiple"){ + if($s_action == "cut_multiple" && preg_match("/(r.*d|d.*r)/",$ui->has_complete_category_acls($dn,"aclroles"))){ $this->CopyPasteHandler->add_to_queue($dn,"cut","aclroletab","ACLROLETAB","aclroles"); } } diff --git a/gosa-core/plugins/admin/acl/class_divListACL.inc b/gosa-core/plugins/admin/acl/class_divListACL.inc index 26389456d..99c07ced4 100644 --- a/gosa-core/plugins/admin/acl/class_divListACL.inc +++ b/gosa-core/plugins/admin/acl/class_divListACL.inc @@ -157,44 +157,38 @@ class divListACL extends MultiSelectWindow /* Create Layers menu */ $s = ".|"._("Actions")."|\n"; - $s .= "..|". - " "._("Create")."|\n"; - /* Append create options */ if(preg_match("/c/",$acl)) { + $s .= "..|". + " "._("Create")."|\n"; $s.= "...|". " "._("Role")."|new_acl_role|\n"; } - /* Multiple options */ - $s.= "..|---|\n"; $s.= "..|". " "._("Remove")."|"."remove_multiple|\n"; - /* Add multiple copy & cut icons */ - if(is_object($this->parent->CopyPasteHandler)){ + if(is_object($this->parent->CopyPasteHandler) && preg_match("/r/",$acl_all)){ $s.= "..|---|\n"; $s.= "..|". " "._("Copy")."|"."multiple_copy_systems|\n"; $s.= "..|". " "._("Cut")."|"."multiple_cut_systems|\n"; + } - if($this->parent->CopyPasteHandler->entries_queued()){ - $img = ""; - $s.="..|".$img." "._("Paste")."|editPaste|\n"; - }else{ - $img = ""; - $s.="..|".$img." "._("Paste")."\n"; - } + /* Copy & paste icons */ + if(is_object($this->parent->CopyPasteHandler) && $this->parent->CopyPasteHandler->entries_queued()){ + $img = ""; + $s.="..|".$img." "._("Paste")."|editPaste|\n"; + }else{ + $img = ""; + $s.="..|".$img." "._("Paste")."\n"; } /* Add snapshot icons */ if(preg_match("/(c.*w|w.*c)/",$acl_all)){ - $str = $this->get_snapshot_header(TRUE) ; - if(!empty($str)){ - $s .= "..|---|\n"; - $s .= $str; - } + $s .= "..|---|\n"; + $s .= $this->get_snapshot_header(TRUE); } $this->SetDropDownHeaderMenu($s); -- 2.30.2