From d2292908c6d34683adaa9575b24dc55bcb7261ce Mon Sep 17 00:00:00 2001
From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Fri, 6 Feb 2009 14:17:46 +0000
Subject: [PATCH] Updated Addressbook ACLs. -Fixed acls.

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@13398 594d385d-05f5-0310-b6e9-bd551577e9d8
---
 .../addons/addressbook/class_addressbook.inc  | 35 +++++++++++++------
 1 file changed, 25 insertions(+), 10 deletions(-)

diff --git a/gosa-plugins/addressbook/addons/addressbook/class_addressbook.inc b/gosa-plugins/addressbook/addons/addressbook/class_addressbook.inc
index cd7e499c0..c4d7e393f 100644
--- a/gosa-plugins/addressbook/addons/addressbook/class_addressbook.inc
+++ b/gosa-plugins/addressbook/addons/addressbook/class_addressbook.inc
@@ -780,23 +780,38 @@ class addressbook extends plugin
     }
   }
 
-  
+ 
   /* Return entry acls */
   function get_entry_acls($dn,$attr = "")
   {
     $acls = "";
-  
-    /* Use addressbook acls */
-    if(preg_match("/".preg_quote($this->abobjectclass, '/')."/",$dn))  {
+    $combineACLs = TRUE;
+
+    /* If combineACLs is set to false:
+       Differentiate between user and addressbook acls, thus leads into two object categories.
+        - real GOsa users
+        - and addressbook entries
+       To view addressbook entries (e.g. ou=addressbook,) you just require permissions on the ldap base for 'addressbook'.
+       To view real GOsa users you have to additionally add user permissions.
+
+       You can enable this option, to use only addressbook acls (default).
+     */
+    if($combineACLs){
       $dn = preg_replace("/".preg_quote($this->abobjectclass, '/').",/","",$dn);
       $acls = $this->ui->get_permissions($dn,"addressbook/addressbook",$attr);
-    }
-    
-    /* Use Organizational Person acls */
-    else{
-      $acls = $this->ui->get_permissions($dn,"users/user",$attr);
-    }
+    }else{
+
+      /* Use addressbook acls */
+      if(preg_match("/".preg_quote($this->abobjectclass, '/')."/",$dn))  {
+        $dn = preg_replace("/".preg_quote($this->abobjectclass, '/').",/","",$dn);
+        $acls = $this->ui->get_permissions($dn,"addressbook/addressbook",$attr);
+      }
 
+      /* Use Organizational Person acls */
+      else{
+        $acls = $this->ui->get_permissions($dn,"users/user",$attr);
+      }
+    }
     return($acls);
   }
 
-- 
2.30.2