From cf2981a45ea2b8aa0f602c120ff136467c0097b2 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 29 Oct 2008 16:12:24 +0000 Subject: [PATCH] updated userinfo git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@12811 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/include/class_userinfo.inc | 111 +++++++++++---------------- 1 file changed, 45 insertions(+), 66 deletions(-) diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc index b1ad949d4..cb1d28122 100644 --- a/gosa-core/include/class_userinfo.inc +++ b/gosa-core/include/class_userinfo.inc @@ -178,7 +178,7 @@ class userinfo } - function get_category_permissions($dn, $category) + function get_category_permissions($dn, $category, $any_acl = FALSE) { /* If we are forced to skip ACLs checks for the current user then return all permissions. @@ -192,6 +192,7 @@ class userinfo if (isset($this->ocMapping[$category])){ foreach($this->ocMapping[$category] as $oc){ $acl.= $this->get_permissions($dn, $category."/".$oc); + if($any_acl && !empty($acl)) return($acl); } }else{ trigger_error("ACL request for an invalid category (".$category.")."); @@ -430,90 +431,68 @@ class userinfo /* Use cached results if possilbe */ $ACL_CACHE = session::get('ACL_CACHE'); - if(isset($ACL_CACHE['MODULE_DEPARTMENTS'][serialize($module)])){ - return($ACL_CACHE['MODULE_DEPARTMENTS'][serialize($module)]); - } - global $plist; - $objects= array(); - $deps= array(); + if(!is_array($module)){ + $module = array($module); + } - /* Extract all relevant objects for this module from plist */ - foreach ($plist->info as $object => $info){ - if (!isset($info['plCategory'])){ + global $plist; + $res = array(); + foreach($module as $mod){ + if(isset($ACL_CACHE['MODULE_DEPARTMENTS'][$mod])){ + $res = array_merge($res,$ACL_CACHE['MODULE_DEPARTMENTS'][$mod]); continue; } - foreach ($info['plCategory'] as $idx => $data){ - if (preg_match('/^[0-9]+$/', $idx)){ - if ($data == $module){ - $objects[$object]= $object; - } - } else { - if ($idx == $module){ - $objects[$object]= $object; - } - } - } - } - /* Search for per object ACLs. - */ - $this->config->get_departments(); - $this->config->make_idepartments(); - - foreach($this->ACL as $dn => $infos){ - foreach($infos as $info){ - $found = FALSE; - foreach($info['acl'] as $cat => $data){ - - /* Skip self acls? */ - if($skip_self_acls && isset($data['0']) && strpos($data['0'], "s")) continue; - - if(is_array($module)){ - foreach($module as $mod){ - if(preg_match("/^".normalizePreg($mod)."/",$cat)){ - $found =TRUE; - break; - } - } - }else{ - if(preg_match("/^".normalizePreg($module)."/",$cat)){ + $deps = array(); + +# /* Search for per object ACLs. +# */ +# $this->config->get_departments(); +# $this->config->make_idepartments(); + + foreach($this->ACL as $dn => $infos){ + foreach($infos as $info){ + $found = FALSE; + foreach($info['acl'] as $cat => $data){ + + /* Skip self acls? */ + if($skip_self_acls && isset($data['0']) && strpos($data['0'], "s")) continue; + if(preg_match("/^".normalizePreg($mod)."/",$cat)){ $found =TRUE; break; } - } - } + } - if($found && !isset($this->config->idepartments[$dn])){ - while(!isset($this->config->idepartments[$dn]) && strpos($dn, ",")){ - $dn = preg_replace("/^[^,]+,/","",$dn); - } - if(isset($this->config->idepartments[$dn])){ - $deps[] = $dn; + if($found && !isset($this->config->idepartments[$dn])){ + while(!isset($this->config->idepartments[$dn]) && strpos($dn, ",")){ + $dn = preg_replace("/^[^,]+,/","",$dn); + } + if(isset($this->config->idepartments[$dn])){ + $deps[] = $dn; + } } } } - } - /* For all gosaDepartments */ - foreach ($this->config->departments as $dn){ - if(!is_array($module)){ - $module = array($module); - } - $acl = ""; - foreach($module as $mod){ + /* For all gosaDepartments */ + foreach ($this->config->departments as $dn){ + if(in_array($dn,$deps)) continue; + $acl = ""; if(strpos($mod, '/')){ $acl.= $this->get_permissions($dn,$mod); }else{ - $acl.= $this->get_category_permissions($dn,$mod); + $acl.= $this->get_category_permissions($dn,$mod,TRUE); + } + if(!empty($acl)) { + $deps[] = $dn; } } - if($acl !== "") $deps[] = $dn; - } - - $ACL_CACHE = &session::get('ACL_CACHE'); - $ACL_CACHE['MODULE_DEPARTMENTS'][serialize($module)] = $deps; + + $ACL_CACHE['MODULE_DEPARTMENTS'][$mod] = $deps; + $res = array_merge($res,$deps); + } return ($deps); } -- 2.30.2