From bb90ef84e0099df25b8dd77b3a0a8cca15745511 Mon Sep 17 00:00:00 2001 From: hickert Date: Thu, 11 Jan 2007 09:36:26 +0000 Subject: [PATCH] Fixed acls for nagios && netatalk extension in user plugins git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5531 594d385d-05f5-0310-b6e9-bd551577e9d8 --- plugins/admin/groups/acl_definition.inc | 35 ++++++++++--------- .../personal/nagios/class_nagiosAccount.inc | 8 ++++- plugins/personal/netatalk/class_netatalk.inc | 15 ++++++-- 3 files changed, 39 insertions(+), 19 deletions(-) diff --git a/plugins/admin/groups/acl_definition.inc b/plugins/admin/groups/acl_definition.inc index 19e7305f5..651c2dd30 100644 --- a/plugins/admin/groups/acl_definition.inc +++ b/plugins/admin/groups/acl_definition.inc @@ -328,6 +328,7 @@ $ACLD['sambaAccount']= ) ; $ACLD['netatalk']= array( + "create", "netatalkShare", "netatalkUserHomepath"); @@ -392,22 +393,24 @@ $ACLD['FAIclass'] =array("FAIclass" ); $ACLD['phoneAccount'] = array("create","goFonDeliveryMode","goFonHomeServer", "goFonHardware","goFonPIN","goFonVoicemailPIN","telephoneNumber", "goFonMacro"); -$ACLD['nagiosAccount'] = array("NagiosAlias" -, "NagiosPager" -, "NagiosMail" -, "HostNotificationPeriod" -, "ServiceNotificationPeriod" -, "HostNotificationCommands" -, "ServiceNotificationCommands" -, "HostNotificationOptions" -, "ServiceNotificationOptions" -, "AuthorizedAllHosts" -, "AuthorizedAllServices" -, "AuthorizedSystemCommands" -, "AuthorizedAllHostCommands" -, "AuthorizedAllServiceCommands" -, "AuthorizedConfigurationInformation" -, "AuthorizedSystemInformation"); +$ACLD['nagiosAccount'] = array( + "create", + "NagiosAlias", + "NagiosPager", + "NagiosMail", + "HostNotificationPeriod", + "ServiceNotificationPeriod", + "HostNotificationCommands", + "ServiceNotificationCommands", + "HostNotificationOptions", + "ServiceNotificationOptions", + "AuthorizedAllHosts", + "AuthorizedAllServices", + "AuthorizedSystemCommands", + "AuthorizedAllHostCommands", + "AuthorizedAllServiceCommands", + "AuthorizedConfigurationInformation", + "AuthorizedSystemInformation"); $ACLD['addressbook']= array("addressbook","add", "delete", "sn", "givenName", "mail", "title", diff --git a/plugins/personal/nagios/class_nagiosAccount.inc b/plugins/personal/nagios/class_nagiosAccount.inc index ac489538a..768483f1a 100644 --- a/plugins/personal/nagios/class_nagiosAccount.inc +++ b/plugins/personal/nagios/class_nagiosAccount.inc @@ -90,7 +90,13 @@ class nagiosAccount extends plugin /* Do we need to flip is_account state? */ if (isset($_POST['modify_state'])){ - $this->is_account= !$this->is_account; + + /* Onyl change account state if allowed */ + if($this->is_account && $this->acl == "#all#"){ + $this->is_account= !$this->is_account; + }elseif(!$this->is_account && chkacl($this->acl,"create") == ""){ + $this->is_account= !$this->is_account; + } } /* Do we represent a valid account? */ diff --git a/plugins/personal/netatalk/class_netatalk.inc b/plugins/personal/netatalk/class_netatalk.inc index 57edb1464..c2122330d 100644 --- a/plugins/personal/netatalk/class_netatalk.inc +++ b/plugins/personal/netatalk/class_netatalk.inc @@ -157,9 +157,20 @@ class netatalk extends plugin { $smarty = get_smarty(); $display = ""; + + /* Check if all dependencies are solved */ + $all_ok = (isset($this->parent->by_object['posixAccount']) && $this->parent->by_object['posixAccount']->is_account) && + (count($this->shares)); + /* Do we need to flip is_account state? */ - if (isset ($_POST['modify_state'])) { - $this->is_account = !$this->is_account; + if (isset($_POST['modify_state'])){ + + /* Onyl change account state if allowed */ + if($this->is_account && $this->acl == "#all#" && !$this->accountDelegationsConfigured()){ + $this->is_account= !$this->is_account; + }elseif(!$this->is_account && chkacl($this->acl,"create") == "" && $all_ok){ + $this->is_account= !$this->is_account; + } } /* Do we represent a valid account? */ -- 2.30.2