From bffe4d818079874f82a064ad1f1cafd035ab3a4d Mon Sep 17 00:00:00 2001 From: hickert Date: Mon, 6 Sep 2010 08:24:29 +0000 Subject: [PATCH] Updated user ACL -Updated user move permission handling. -The user is now moved, but the userinfo object isn't updated correspondingly. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@19517 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/plugins/personal/generic/class_user.inc | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc index 50d0fd538..eb83980ad 100644 --- a/gosa-core/plugins/personal/generic/class_user.inc +++ b/gosa-core/plugins/personal/generic/class_user.inc @@ -1313,8 +1313,19 @@ class user extends plugin /* Check if we are allowed to create/move this user */ if($this->orig_dn == "new" && !$this->acl_is_createable($this->base)){ $message[]= msgPool::permCreate(); - }elseif($this->orig_dn != "new" && $this->new_dn != $this->orig_dn && !$this->acl_is_moveable($this->base)){ - $message[]= msgPool::permMove(); + }elseif($this->orig_dn != "new" && $this->new_dn != $this->orig_dn){ + + /* Check if the objects dn has changed while the base was left unchanged. + * In this case we've to check move permissions for the object itself. + * + * If the base has changed then we've to check the permission for the destination + * base. + */ + if($this->orig_base == $this->base && !$this->acl_is_moveable($this->dn)){ + $message[]= msgPool::permMove(); + }elseif($this->orig_base != $this->base && !$this->acl_is_moveable($this->base)){ + $message[]= msgPool::permMove(); + } } /* UID already used? */ -- 2.30.2