From ad87f82499b3973598c353aa8d61ba4ed0ed20a2 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 29 Nov 2006 11:08:54 +0000 Subject: [PATCH] Fixed base selection. Made base selection more secure git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@5246 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../applications/class_applicationGeneric.inc | 36 ++++++++------- .../departments/class_departmentGeneric.inc | 33 +++++++++----- plugins/admin/groups/class_groupGeneric.inc | 29 ++++++------ .../admin/mimetypes/class_mimetypeGeneric.inc | 28 +++++++++--- .../admin/systems/class_componentGeneric.inc | 31 ++++++++----- plugins/admin/systems/class_phoneGeneric.inc | 30 ++++++++----- plugins/admin/systems/class_printGeneric.inc | 45 ++++++++----------- .../admin/systems/class_terminalGeneric.inc | 21 ++++++++- plugins/admin/systems/class_winGeneric.inc | 24 ++++++++-- .../systems/class_workstationGeneric.inc | 34 +++++++------- plugins/personal/generic/class_user.inc | 36 +++++++-------- 11 files changed, 212 insertions(+), 135 deletions(-) diff --git a/plugins/admin/applications/class_applicationGeneric.inc b/plugins/admin/applications/class_applicationGeneric.inc index cbdd26c7a..cf00e07b5 100644 --- a/plugins/admin/applications/class_applicationGeneric.inc +++ b/plugins/admin/applications/class_applicationGeneric.inc @@ -120,11 +120,7 @@ class application extends plugin $smarty->assign($name."ACL",$this->getacl($name)); } - $baseACL = $this->getacl("base"); - if(!$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); + $smarty->assign("baseACL", $this->getacl("base")); /* Do we represent a valid group? */ if (!$this->is_account && $this->parent == NULL){ @@ -186,7 +182,11 @@ class application extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } $this->dialog= false; }else{ return($this->dialog->execute()); @@ -253,12 +253,15 @@ class application extends plugin /* Save data to object */ function save_object() { - if($this->isReleaseApplikation){ - $tmpBase = $this->base; - } - if (isset($_POST['cn'])){ + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; + plugin::save_object(); + $this->base = $base_tmp; + /* Save attributes */ parent::save_object(); @@ -348,14 +351,15 @@ class application extends plugin $this->set_picture($_FILES['picture_file']['tmp_name']); } - if(isset($_POST['base'])){ - $this->base= $_POST['base']; + if(!$this->isReleaseApplikation){ + $tmp = $this->get_allowed_bases(); + if(isset($_POST['base'])){ + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; + } + } } } - - if($this->isReleaseApplikation){ - $this->base = $tmpBase; - } } diff --git a/plugins/admin/departments/class_departmentGeneric.inc b/plugins/admin/departments/class_departmentGeneric.inc index e5e21639c..ae6d5492b 100644 --- a/plugins/admin/departments/class_departmentGeneric.inc +++ b/plugins/admin/departments/class_departmentGeneric.inc @@ -98,12 +98,8 @@ class department extends plugin $smarty= get_smarty(); /* Assign base ACL */ - $baseACL = $this->getacl("base"); - if(!$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); - + $smarty->assign("baseACL", $this->getacl("base")); + $tmp = $this->plInfo(); foreach($tmp['plProvidedAcls'] as $name => $translation){ $smarty->assign($name."ACL",$this->getacl($name)); @@ -127,7 +123,13 @@ class department extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + /* A new base was selected, check if it is a valid one */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } + $this->dialog= false; }else{ return($this->dialog->execute()); @@ -204,11 +206,20 @@ class department extends plugin function save_object() { if (isset($_POST['dep_generic_posted'])){ - plugin::save_object(); - /* Save base, since this is no LDAP attribute */ - if($this->acl_is_moveable() && isset($_POST['base'])){ - $this->base= $_POST['base']; + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; + plugin::save_object(); + $this->base = $base_tmp; + + /* Set new base if allowed */ + $tmp = $this->get_allowed_bases(); + if(isset($_POST['base'])){ + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; + } } /* Save tagging flag */ diff --git a/plugins/admin/groups/class_groupGeneric.inc b/plugins/admin/groups/class_groupGeneric.inc index bca62c1c1..5c933cd65 100644 --- a/plugins/admin/groups/class_groupGeneric.inc +++ b/plugins/admin/groups/class_groupGeneric.inc @@ -228,7 +228,10 @@ class group extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - if($this->acl_is_moveable()){ + + /* Check if selected base is valid */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$_POST['base']])){ $this->base = $this->dialog->isSelected(); } $this->dialog= false; @@ -258,11 +261,7 @@ class group extends plugin } /* Assign base ACL */ - $baseACL = $this->getacl("base"); - if(!$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); + $smarty->assign("baseACL", $this->getacl("base")); /* Manage object add dialog */ if ($this->group_dialog){ @@ -309,11 +308,6 @@ class group extends plugin return ($display); } - /* Bases / Departments */ - if (isset($_POST['base'])){ - $this->base= $_POST['base']; - } - $smarty->assign("bases", $this->get_allowed_bases()); $smarty->assign("base_select", $this->base); @@ -531,19 +525,26 @@ class group extends plugin /* Save additional values for possible next step */ if (isset($_POST['groupedit'])){ + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; plugin::save_object(); + $this->base = $base_tmp; $this->force_gid= 0; - /* Only reset sambagroup flag if we are able to write this flag */ if($this->acl_is_writeable("sambaGroupType")){ $this->smbgroup = 0; } /* Get base selection */ - if($this->acl_is_moveable() && isset($_POST['base'])){ - $this->base = $_POST['base']; + if(isset($_POST['base'])){ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$_POST['base']])){ + $this->base = $_POST['base']; + } } foreach (array( diff --git a/plugins/admin/mimetypes/class_mimetypeGeneric.inc b/plugins/admin/mimetypes/class_mimetypeGeneric.inc index f4bb14f11..ed176f64e 100644 --- a/plugins/admin/mimetypes/class_mimetypeGeneric.inc +++ b/plugins/admin/mimetypes/class_mimetypeGeneric.inc @@ -154,11 +154,7 @@ class mimetype extends plugin } /* Assign base ACL */ - $baseACL = $this->getacl("base"); - if(!$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); + $smarty->assign("baseACL", $this->getacl("base")); /* Base select dialog */ $once = true; @@ -180,7 +176,13 @@ class mimetype extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + /* A new base was selected, check if it is a valid one */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } + $this->dialog= false; }else{ return($this->dialog->execute()); @@ -348,13 +350,25 @@ class mimetype extends plugin function save_object() { if(isset($_POST['MimeGeneric'])){ + + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; plugin::save_object(); + $this->base = $base_tmp; /* Only save base if we are not in release mode */ if(!$this->isReleaseMimeType){ + + /* Set new base if allowed */ + $tmp = $this->get_allowed_bases(); if(isset($_POST['base'])){ - $this->base = $_POST['base']; + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; + } } + } /* Save radio buttons */ diff --git a/plugins/admin/systems/class_componentGeneric.inc b/plugins/admin/systems/class_componentGeneric.inc index cd7004384..d05af5d66 100644 --- a/plugins/admin/systems/class_componentGeneric.inc +++ b/plugins/admin/systems/class_componentGeneric.inc @@ -69,7 +69,13 @@ class componentGeneric extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + /* A new base was selected, check if it is a valid one */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } + $this->dialog= false; }else{ return($this->dialog->execute()); @@ -80,13 +86,6 @@ class componentGeneric extends plugin $smarty= get_smarty(); $smarty->assign("bases", $this->config->idepartments); - /* Create base acls */ - $baseACL = $this->getacl("base"); - if(!$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); - /* Set acls */ $tmp = $this->plInfo(); foreach($tmp['plProvidedAcls'] as $name => $translation){ @@ -95,7 +94,6 @@ class componentGeneric extends plugin $smarty->assign("bases", $this->get_allowed_bases()); - /* Assign attributes */ foreach ($this->attributes as $attr){ $smarty->assign("$attr", $this->$attr); @@ -141,13 +139,22 @@ class componentGeneric extends plugin /* Save data to object */ function save_object() { + + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; plugin::save_object(); + $this->base = $base_tmp; $this->netConfigDNS->save_object(); - /* Save base, since this is no LDAP attribute */ - if (isset($_POST['base']) && $this->acl_is_moveable()){ - $this->base= $_POST['base']; + /* Set new base if allowed */ + $tmp = $this->get_allowed_bases(); + if(isset($_POST['base'])){ + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; + } } } diff --git a/plugins/admin/systems/class_phoneGeneric.inc b/plugins/admin/systems/class_phoneGeneric.inc index 0605974eb..4305e79e2 100644 --- a/plugins/admin/systems/class_phoneGeneric.inc +++ b/plugins/admin/systems/class_phoneGeneric.inc @@ -137,7 +137,13 @@ class phoneGeneric extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + /* A new base was selected, check if it is a valid one */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } + $this->dialog= false; }else{ return($this->dialog->execute()); @@ -206,12 +212,6 @@ class phoneGeneric extends plugin /* Fill templating stuff */ $smarty= get_smarty(); - /* Assign base ACL */ - $baseACL = $this->getacl("base"); - if(!$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); $smarty->assign("bases", $this->get_allowed_bases()); $tmp = $this->plInfo(); @@ -284,11 +284,21 @@ class phoneGeneric extends plugin /* Save data to object */ function save_object() { + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; plugin::save_object(); + $this->base = $base_tmp; + $this->netConfigDNS->save_object(); - /* Save base, since this is no LDAP attribute */ - if (isset($_POST['base']) && $this->acl_is_moveable()){ - $this->base= $_POST['base']; + + /* Set new base if allowed */ + $tmp = $this->get_allowed_bases(); + if(isset($_POST['base'])){ + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; + } } } diff --git a/plugins/admin/systems/class_printGeneric.inc b/plugins/admin/systems/class_printGeneric.inc index a253a2296..021c75f9d 100644 --- a/plugins/admin/systems/class_printGeneric.inc +++ b/plugins/admin/systems/class_printGeneric.inc @@ -288,14 +288,6 @@ class printgeneric extends plugin $smarty->assign($name."ACL", $this->getacl($name)); } - /* Create base acls */ - $baseACL = $this->getacl("base"); - if(!$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); - - $display=""; /* Tell smarty if this is a standalone object or a terminal / WS depending printer */ @@ -371,7 +363,13 @@ class printgeneric extends plugin $this->dialog = false; $this->baseSelection = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + /* A new base was selected, check if it is a valid one */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } + $this->dialog= false; $this->baseSelection = false; }else{ @@ -603,27 +601,22 @@ class printgeneric extends plugin /* Save data to object */ function save_object() { + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; plugin::save_object(); - + $this->base = $base_tmp; + if(is_object($this->netConfigDNS)){ $this->netConfigDNS->save_object(); } - - /* Save base, since this is no LDAP attribute */ - if((isset($_POST['base'])) && ($this->acl_is_moveable()) ) { - $this->set_acl_base('dummy,'.$_POST['base']); - if($this->acl_is_moveable()){ - - if(isset($this->config->idepartments[$_POST['base']])){ - $this->base = $_POST['base']; - if ($_POST['base'] != $this->base){ - $this->is_modified= TRUE; - } - } - }else{ - - print_red(sprintf(_("You are not allowed to move this object to '%s'."),LDAP::fix($_POST['base']))); - $this->set_acl_base('dummy,'.$this->base); + + /* Set new base if allowed */ + $tmp = $this->get_allowed_bases(); + if(isset($_POST['base'])){ + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; } } } diff --git a/plugins/admin/systems/class_terminalGeneric.inc b/plugins/admin/systems/class_terminalGeneric.inc index 8771847a0..b82f778be 100644 --- a/plugins/admin/systems/class_terminalGeneric.inc +++ b/plugins/admin/systems/class_terminalGeneric.inc @@ -229,7 +229,12 @@ class termgeneric extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + /* A new base was selected, check if it is a valid one */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } $this->dialog= false; }else{ return($this->dialog->execute()); @@ -351,7 +356,21 @@ class termgeneric extends plugin /* Save data to object */ function save_object() { + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; plugin::save_object(); + $this->base = $base_tmp; + + /* Set new base if allowed */ + $tmp = $this->get_allowed_bases(); + if(isset($_POST['base'])){ + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; + } + } + $this->netConfigDNS->save_object(); /* Save terminal path to parent since it is used by termstartup, too */ diff --git a/plugins/admin/systems/class_winGeneric.inc b/plugins/admin/systems/class_winGeneric.inc index 844b6795d..fd57c3a64 100644 --- a/plugins/admin/systems/class_winGeneric.inc +++ b/plugins/admin/systems/class_winGeneric.inc @@ -106,7 +106,13 @@ class wingeneric extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + /* A new base was selected, check if it is a valid one */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } + $this->dialog= false; }else{ return($this->dialog->execute()); @@ -153,11 +159,21 @@ class wingeneric extends plugin /* Save data to object */ function save_object() { + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; plugin::save_object(); + $this->base = $base_tmp; + $this->netConfigDNS->save_object(); - /* Save base, since this is no LDAP attribute */ - if (isset($_POST['base']) && $this->acl_is_moveable()){ - $this->base= $_POST['base']; + + /* Set new base if allowed */ + $tmp = $this->get_allowed_bases(); + if(isset($_POST['base'])){ + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; + } } } diff --git a/plugins/admin/systems/class_workstationGeneric.inc b/plugins/admin/systems/class_workstationGeneric.inc index 365456b74..0676dca18 100644 --- a/plugins/admin/systems/class_workstationGeneric.inc +++ b/plugins/admin/systems/class_workstationGeneric.inc @@ -221,6 +221,13 @@ class workgeneric extends plugin $this->dialog = false; }elseif($this->dialog->isSelected()){ $this->base = $this->dialog->isSelected(); + + /* A new base was selected, check if it is a valid one */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } + $this->dialog= false; }else{ return($this->dialog->execute()); @@ -243,11 +250,7 @@ class workgeneric extends plugin $smarty= get_smarty(); /* Create base acls */ - $baseACL = $this->getacl("base"); - if(!$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); + $smarty->assign("baseACL", $this->getacl("base")); /* Set acls */ $tmp = $this->plInfo(); @@ -341,21 +344,22 @@ class workgeneric extends plugin /* Save data to object */ function save_object() { + + /* Create a base backup and reset the + base directly after calling plugin::save_object(); + Base will be set seperatly a few lines below */ + $base_tmp = $this->base; plugin::save_object(); + $this->base = $base_tmp; /* Save base, since this is no LDAP attribute */ - if((isset($_POST['base'])) && ($this->acl_is_moveable())){ - $this->set_acl_base('dummy,'.$_POST['base']); - if($this->acl_is_moveable()){ - - if(isset($this->config->idepartments[$_POST['base']])){ - $this->base = $_POST['base']; - if ($_POST['base'] != $this->base){ - $this->is_modified= TRUE; - } - } + $tmp = $this->get_allowed_bases(); + if(isset($_POST['base'])){ + if(isset($tmp[$_POST['base']])){ + $this->base= $_POST['base']; } } + $this->netConfigDNS->save_object(); /* Set inherit mode */ diff --git a/plugins/personal/generic/class_user.inc b/plugins/personal/generic/class_user.inc index 25ab27052..d2d8e9c25 100644 --- a/plugins/personal/generic/class_user.inc +++ b/plugins/personal/generic/class_user.inc @@ -292,7 +292,12 @@ class user extends plugin if($this->dialog->isClosed()){ $this->dialog = false; }elseif($this->dialog->isSelected()){ - $this->base = $this->dialog->isSelected(); + + /* check if selected base is allowed to move to / create a new object */ + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$this->dialog->isSelected()])){ + $this->base = $this->dialog->isSelected(); + } $this->dialog= false; }else{ return($this->dialog->execute()); @@ -519,13 +524,7 @@ class user extends plugin $smarty->assign("userPicture_is_readable", $this->acl_is_readable("userPicture",(!is_object($this->parent) && !isset($_SESSION['edit'])))); /* Create base acls */ - $baseACL = $this->getacl("base",(!is_object($this->parent) && !isset($_SESSION['edit']))); - if($this->dn == "new" && !$this->acl_is_createable()) { - $baseACL = preg_replace("/w/","",$baseACL); - }elseif($this->dn != "new" && !$this->acl_is_moveable()) { - $baseACL = preg_replace("/w/","",$baseACL); - } - $smarty->assign("baseACL", $baseACL); + $smarty->assign("baseACL",$this->getacl("base",(!is_object($this->parent) && !isset($_SESSION['edit'])))); @$smarty->assign("bases", $this->allowedBasesToMoveTo()); /* Save government mode attributes */ @@ -641,6 +640,9 @@ class user extends plugin { if (isset($_POST['generic'])){ + /* Make a backup of the current selected base */ + $base_tmp = $this->base; + /* Parents save function */ plugin::save_object (); @@ -666,19 +668,15 @@ class user extends plugin /* Save base and pw_storage, since these are no LDAP attributes */ if (isset($_POST['base'])){ - $this->set_acl_base('dummy,'.$_POST['base']); - if($this->acl_is_moveable("base")){ - - foreach(array("base") as $val){ - if(isset($_POST[$val])){ - $data= validate($_POST[$val]); - if ($data != $this->$val){ - $this->is_modified= TRUE; - } - $this->$val= $data; - } + $tmp = $this->get_allowed_bases(); + if(isset($tmp[$_POST['base']])){ + $base= validate($_POST['base']); + if ($base != $this->base){ + $this->is_modified= TRUE; } + $this->base= $base; }else{ + $this->base = $base_tmp; print_red(sprintf(_("You are not allowed to move this object to '%s'."),LDAP::fix($_POST['base']))); $this->set_acl_base('dummy,'.$this->base); } -- 2.30.2