From 970bbc526d6c9b47d637f442965e544a536791ef Mon Sep 17 00:00:00 2001 From: cajus Date: Tue, 18 Jul 2006 06:10:37 +0000 Subject: [PATCH] Added a set of functions to simplify acl handling git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4185 594d385d-05f5-0310-b6e9-bd551577e9d8 --- include/class_plugin.inc | 87 ++++++++++++++++++++++++++++++++-------- 1 file changed, 71 insertions(+), 16 deletions(-) diff --git a/include/class_plugin.inc b/include/class_plugin.inc index 4e45a8631..cf8682f84 100644 --- a/include/class_plugin.inc +++ b/include/class_plugin.inc @@ -267,7 +267,7 @@ class plugin { /* Save values to object */ foreach ($this->attributes as $val){ - if (obj_is_writable($this->dn,get_class($this),$val) && isset ($_POST["$val"])){ + if ($this->acl_is_writable($val) && isset ($_POST["$val"])){ /* Check for modifications */ if (get_magic_quotes_gpc()) { $data= stripcslashes($_POST["$val"]); @@ -504,9 +504,45 @@ class plugin return FALSE; } + + /* Show header message for tab dialogs */ + function show_enable_header($button_text, $text, $disabled= FALSE) + { + if ($disabled == TRUE){ + $state= "disabled"; + } else { + $state= ""; + } + $display= "\n

$text

\n"; + $display.= "acl_is_createable()?'':'disabled')." ".$state. + ">

 

"; + + return($display); + } + + + /* Show header message for tab dialogs */ + function show_disable_header($button_text, $text, $disabled= FALSE) + { + if ($disabled == TRUE){ + $state= "disabled"; + } else { + $state= ""; + } + $display= "\n

$text

\n"; + $display.= "acl_is_removeable()?'':'disabled')." ".$state. + ">

 

"; + + return($display); + } + + /* Show header message for tab dialogs */ function show_header($button_text, $text, $disabled= FALSE) { + echo "FIXME: show_header should be replaced by show_disable_header and show_enable_header
"; if ($disabled == TRUE){ $state= "disabled"; } else { @@ -514,12 +550,13 @@ class plugin } $display= "\n

$text

\n"; $display.= "acl, "all")." ".$state. + ($this->acl_is_createable()?'':'disabled')." ".$state. ">

 

"; return($display); } + function postcreate($add_attrs= array()) { /* Find postcreate entries for this class */ @@ -1073,14 +1110,15 @@ class plugin function remove_snapshot($dn) { +echo "FIXME: remove_snapshot uses old acl's
"; $ui = get_userinfo(); $acl = get_permissions ($dn, $ui->subtreeACL); $acl = get_module_permission($acl, "snapshot", $dn); if (chkacl($this->acl, "delete") == ""){ - $ldap = $this->config->get_ldap_link(); - $ldap->cd($this->config->current['BASE']); - $ldap->rmdir_recursive($dn); + $ldap = $this->config->get_ldap_link(); + $ldap->cd($this->config->current['BASE']); + $ldap->rmdir_recursive($dn); }else{ print_red (_("You are not allowed to delete this snap shot!")); } @@ -1354,20 +1392,37 @@ class plugin function plInfo() { - #var $plObject_name= ""; - #var $plProvidedAcls= array(); - #var $plSelfModify= FALSE; - #var $plOptions= array(); - #var $plSection= ""; - #var $plProvidedCategory= array(); - #var $plCategory= array(); - #var $plTask= array(); - #var $plPriority= 0; - #var $plDepends= array(); - #var $plConflicts= array(); return array(); } + + function acl_is_writable($attribute) + { + $ui= get_userinfo(); + return preg_match('/w/', $ui->get_permissions($this->dn, get_class($this), $attribute)); + } + + + function acl_is_readable($attribute) + { + $ui= get_userinfo(); + return preg_match('/r/', $ui->get_permissions($this->dn, get_class($this), $attribute)); + } + + + function acl_is_createable() + { + $ui= get_userinfo(); + return preg_match('/c/', $ui->get_permissions($this->dn, get_class($this), 'dummy')); + } + + + function acl_is_removable() + { + $ui= get_userinfo(); + return preg_match('/d/', $ui->get_permissions($this->dn, get_class($this), 'dummy')); + } + } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?> -- 2.30.2