From f6976e6b57e32376cb76179380fefcb1ac62389f Mon Sep 17 00:00:00 2001
From: hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Wed, 6 Sep 2006 06:46:04 +0000
Subject: [PATCH] Initial commit for department acls

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@4601 594d385d-05f5-0310-b6e9-bd551577e9d8
---
 .../departments/class_departmentGeneric.inc   | 42 ++++++++------
 .../class_departmentManagement.inc            | 16 ++----
 plugins/admin/departments/generic.tpl         | 57 ++++++++++++++-----
 3 files changed, 76 insertions(+), 39 deletions(-)

diff --git a/plugins/admin/departments/class_departmentGeneric.inc b/plugins/admin/departments/class_departmentGeneric.inc
index cb42e5d27..58052612e 100644
--- a/plugins/admin/departments/class_departmentGeneric.inc
+++ b/plugins/admin/departments/class_departmentGeneric.inc
@@ -72,11 +72,6 @@ class department extends plugin
 			$this->base= preg_replace ("/^[^,]+,/", "", $this->dn);
 		}
 
-		/* set permissions */
-		$ui= get_userinfo();
-		$acl= get_permissions ($ui->dn, $ui->subtreeACL);
-		$this->acl= get_module_permission($acl, "department", $ui->dn);
-
 		/* Is administrational Unit? */
 		if ($dn != "new" && in_array_ics('gosaAdministrativeUnit', $this->attrs['objectClass'])){
 			$this->is_administrational_unit= true;
@@ -94,12 +89,32 @@ class department extends plugin
 		$this->config->make_idepartments();
 		$smarty= get_smarty();
 
+    /* Assign base ACL */
+    $baseACL = $this->getacl("base");
+    if(!$this->acl_is_moveable()) {
+      $baseACL = preg_replace("/w/","",$baseACL);
+    }
+    $smarty->assign("baseACL",          $baseACL);
+
+    $tmp = $this->plInfo();
+    foreach($tmp['plProvidedAcls'] as $name => $translation){
+      $smarty->assign($name."ACL",$this->getacl($name));
+    }
+
+    /* Get bases */
+    $ui = get_userinfo();
+    $check = $ui->get_module_departments("groups");
+    $bases = array();
+    foreach($check as $dn_allowed){
+      $bases[$dn_allowed] = $this->config->idepartments[$dn_allowed];
+    }
+
 		/* Base select dialog */
 		$once = true;
 		foreach($_POST as $name => $value){
 			if(preg_match("/^chooseBase/",$name) && $once){
 				$once = false;
-				$this->dialog = new baseSelectDialog($this->config,$this);
+				$this->dialog = new baseSelectDialog($this->config,$this,$bases);
 				$this->dialog->setCurrentBase($this->base);
 			}
 		}
@@ -120,7 +135,6 @@ class department extends plugin
 		}
 
 		/* Hide all departments, that are subtrees of this department */
-		$bases 	= $this->config->idepartments;
 		if(($this->dn == "new")||($this->dn == "")){
 			$tmp = $bases;
 		}else{
@@ -137,9 +151,7 @@ class department extends plugin
 
 		foreach ($this->attributes as $val){
 			$smarty->assign("$val", $this->$val);
-			$smarty->assign("$val"."ACL", chkacl($this->acl, "$val"));
 		}
-    $smarty->assign("baseACL", chkacl($this->acl,"base"));
 		$smarty->assign("base_select", $this->base);
 
 		/* Set admin unit flag */
@@ -148,16 +160,14 @@ class department extends plugin
 		} else {
 			$smarty->assign("unitTag", "");
 		}
-		$smarty->assign("unitTag"."ACL", chkacl($this->acl, "unitTag"));
 
 		return($smarty->fetch (get_template_path('generic.tpl', TRUE)));
 	}
 
 	function clear_fields()
 	{
-		$this->dn= "";
-		$this->base= "";
-		$this->acl= "#none#";
+		$this->dn   = "";
+		$this->base = "";
 
 		foreach ($this->attributes as $val){
 			$this->$val= "";
@@ -189,16 +199,16 @@ class department extends plugin
 	/* Save data to object */
 	function save_object()
 	{
-		if (isset($_POST['base'])){
+		if (isset($_POST['dep_generic_posted'])){
 			plugin::save_object();
 
 			/* Save base, since this is no LDAP attribute */
-			if (chkacl($this->acl, "create") == ""){
+      if($this->acl_is_moveable() && isset($_POST['base'])){
 				$this->base= $_POST['base'];
 			}
 
 			/* Save tagging flag */
-			if (chkacl($this->acl, "unitTag") == ""){
+			if ($this->acl_is_writeable("unitTag")){
 				if (isset($_POST['unitTag'])){
 					$this->is_administrational_unit= true;
 				} else {
diff --git a/plugins/admin/departments/class_departmentManagement.inc b/plugins/admin/departments/class_departmentManagement.inc
index 42fefdfcb..608d6298a 100644
--- a/plugins/admin/departments/class_departmentManagement.inc
+++ b/plugins/admin/departments/class_departmentManagement.inc
@@ -107,8 +107,8 @@ class departmentManagement extends plugin
      */
     if ($s_action=="new"){
       $this->dn= "new";
-      $this->deptabs= new deptabs($this->config,
-          $this->config->data['TABS']['DEPTABS'], $this->dn);
+      $this->deptabs= new deptabs($this->config,$this->config->data['TABS']['DEPTABS'], $this->dn,"department");
+      $this->deptabs->set_acl_base($this->DivListDepartment->selectedBase);
     }
 
 
@@ -129,12 +129,10 @@ class departmentManagement extends plugin
       /* Lock the current entry, so everyone will get the  above dialog */
       add_lock ($this->dn, $this->ui->dn);
 
-      /* Set up the users ACL's for this 'dn' */
-      $this->acl= get_permissions ($this->dn, $this->ui->subtreeACL);
-
       /* Register deptabs to trigger edit dialog */
-      $this->deptabs= new deptabs($this->config,$this->config->data['TABS']['DEPTABS'], $this->dn);
-      $this->deptabs->set_acl($this->acl);
+      $this->deptabs= new deptabs($this->config,$this->config->data['TABS']['DEPTABS'], $this->dn,"department");
+      $this->deptabs->set_acl_base($this->dn);
+
       $_SESSION['objectinfo']= $this->dn;
     }
 
@@ -170,9 +168,7 @@ class departmentManagement extends plugin
      * Finally delete department 
      */
     if (isset($_POST['delete_department_confirm'])){
-      $acl= get_permissions ($this->dn, $this->ui->subtreeACL);
-      $acl= get_module_permission($acl, "department", $this->dn);
-      if (chkacl($acl, "delete") == ""){
+      if($this->acl_is_removeable()){
         $this->remove_from_parent();
         gosa_log ("Department object'".$this->dn."' has been removed");
       } else {
diff --git a/plugins/admin/departments/generic.tpl b/plugins/admin/departments/generic.tpl
index 44677a567..96ada1954 100644
--- a/plugins/admin/departments/generic.tpl
+++ b/plugins/admin/departments/generic.tpl
@@ -6,18 +6,26 @@
      <table summary="">
       <tr>
        <td><LABEL for="ou">{t}Name of department{/t}</LABEL>{$must}</td>
-       <td><input id="ou" name="ou" size=25 maxlength=60 value="{$ou}" title="{t}Name of subtree to create{/t}" {$ouACL}></td>
+       <td>
+{render acl=$ouACL}
+	<input id="ou" name="ou" size=25 maxlength=60 value="{$ou}" title="{t}Name of subtree to create{/t}" {$ouACL}>
+{/render}
+       </td>
       </tr>
       <tr>
        <td><LABEL for="description">{t}Description{/t}</LABEL>{$must}</td>
        <td>
+{render acl=$descriptionACL}
         <input id="description" name="description" size=25 maxlength=80 {$descriptionACL} value="{$description}" title="{t}Descriptive text for department{/t}">
+{/render}
        </td>
       </tr>
       <tr>
        <td><LABEL for="businessCategory">{t}Category{/t}</LABEL></td>
        <td>
+{render acl=$businessCategoryACL}
         <input id="businessCategory" name="businessCategory" size=25 maxlength=80 {$businessCategoryACL} value="{$businessCategory}" title="{t}Category for this subtree{/t}">
+{/render}
        </td>
       </tr>
       <tr>
@@ -27,14 +35,15 @@
         <td><LABEL for="base">{t}Base{/t}</LABEL>{$must}</td>
 
         <td>
+{render acl=$baseACL}
          <select id="base" size="1" name="base" title="{t}Choose subtree to place department in{/t}"> 
           {html_options options=$bases selected=$base_select}
          </select>
-		{if $baseACL == ""}
-            <input type="image" name="chooseBase" src="images/folder.png" class="center" title="{t}Select a base{/t}">
-        {else}
-            <img src="images/folder_gray.png" class="center" title="{t}Select a base{/t}">
-        {/if}
+{/render}
+
+{render acl=$baseACL disable_picture='images/folder_gray.png'}
+        <input type="image" name="chooseBase" src="images/folder.png" class="center" title="{t}Select a base{/t}">
+{/render}
 	</td>
        </tr>
      </table>
@@ -49,23 +58,43 @@
      <table summary="" style="width:100%">
       <tr>
        <td><LABEL for="st">{t}State{/t}</LABEL></td>
-       <td><input id="st" name="st" size=25 maxlength=60 {$stACL} value="{$st}" title="{t}State where this subtree is located{/t}"></td>
+       <td>
+{render acl=$stACL}
+	<input id="st" name="st" size=25 maxlength=60 {$stACL} value="{$st}" title="{t}State where this subtree is located{/t}">
+{/render}
+       </td>
       </tr>
       <tr>
        <td><LABEL for="l">{t}Location{/t}</LABEL></td>
-       <td><input id="l" name="l" size=25 maxlength=60 {$lACL} value="{$l}" title="{t}Location of this subtree{/t}"></td>
+       <td>
+{render acl=$lACL}
+	<input id="l" name="l" size=25 maxlength=60 {$lACL} value="{$l}" title="{t}Location of this subtree{/t}">
+{/render}
+       </td>
       </tr>
       <tr>
        <td style="vertical-align:top;"><LABEL for="postalAddress">{t}Address{/t}</LABEL></td>
-       <td><textarea id="postalAddress" name="postalAddress" style="width:100%" rows=3 cols=22 {$postalAddressACL} title="{t}Postal address of this subtree{/t}">{$postalAddress}</textarea>
+       <td>
+{render acl=$postalAddressACL}
+	<textarea id="postalAddress" name="postalAddress" style="width:100%" rows=3 cols=22 {$postalAddressACL} title="{t}Postal address of this subtree{/t}">{$postalAddress}
+        </textarea>
+{/render}
       </tr>
       <tr>
        <td><LABEL for="telephoneNumber">{t}Phone{/t}</LABEL></td>
-       <td><input id="telephoneNumber" name="telephoneNumber" size=25 maxlength=60 {$telephoneNumberACL} value="{$telephoneNumber}" title="{t}Base telephone number of this subtree{/t}"></td>
+       <td>
+{render acl=$telephoneNumberACL}
+	<input id="telephoneNumber" name="telephoneNumber" size=25 maxlength=60 {$telephoneNumberACL} value="{$telephoneNumber}" title="{t}Base telephone number of this subtree{/t}">
+{/render}
+       </td>
       </tr>
       <tr>
        <td><LABEL for="facsimileTelephoneNumber">{t}Fax{/t}</LABEL></td>
-       <td><input id="facsimileTelephoneNumber" name="facsimileTelephoneNumber" size=25 maxlength=60 {$facsimileTelephoneNumberACL} value="{$facsimileTelephoneNumber}" title="{t}Base facsimile telephone number of this subtree{/t}"></td>
+       <td>
+{render acl=$facsimileTelephoneNumberACL}
+	<input id="facsimileTelephoneNumber" name="facsimileTelephoneNumber" size=25 maxlength=60 {$facsimileTelephoneNumberACL} value="{$facsimileTelephoneNumber}" title="{t}Base facsimile telephone number of this subtree{/t}">
+{/render}
+       </td>
       </tr>
      </table>
 
@@ -79,13 +108,15 @@
  <tr>
    <td style="vertical-align:top; width:100%">
      <h2><img class="center" alt="" align="middle" src="images/closedlock.png"> {t}Administrative settings{/t}</h2>
-
-     <input id="unitTag" type=checkbox name="unitTag" value="1" {$unitTag} {$unitTagACL}><label for="unitTag">{t}Tag department as an independent administrative unit{/t}</label>
+{render acl=$gosaUnitTagACL}
+     <input id="unitTag" type=checkbox name="unitTag" value="1" {$unitTag} {$gosaUnitTagACL}><label for="unitTag">{t}Tag department as an independent administrative unit{/t}</label>
+{/render}
    </td>
   </tr>
 </table>
 
 <!-- Place cursor -->
+<input type='hidden' name='dep_generic_posted' value='1'>
 <script language="JavaScript" type="text/javascript">
   <!-- // First input field on page
   document.mainform.ou.focus();
-- 
2.30.2