summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 06e8920)
raw | patch | inline | side by side (parent: 06e8920)
author | cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Fri, 19 May 2006 06:56:15 +0000 (06:56 +0000) | ||
committer | cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Fri, 19 May 2006 06:56:15 +0000 (06:56 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@3444 594d385d-05f5-0310-b6e9-bd551577e9d8
FAQ | patch | blob | history | |
include/class_userinfo.inc | patch | blob | history | |
include/functions.inc | patch | blob | history |
index 690b07478c22793d22a66b3086bccaf3953773e4..402938da687b27aaef86a436e3658f78b946aafe 100644 (file)
--- a/FAQ
+++ b/FAQ
to STDOUT. Note, that the supplied ldif may NOT be the original target ldif due
to technical reasons.
to STDOUT. Note, that the supplied ldif may NOT be the original target ldif due
to technical reasons.
+
+Q: Is there a way to use ACL independet filtering when using administrative units?
+
+A: Yes. Set STRICT_UNITS to TRUE in your gosa.conf's main section.
index 5ac469a8434828c5e447cc63276c437259928507..77003f9e706d8bfeb1571e87f51aba54d3808492 100644 (file)
var $gidNumber= -1;
var $language= "";
var $config;
var $gidNumber= -1;
var $language= "";
var $config;
+ var $gosaUnitTag= "";
var $subtreeACL= array();
/* get acl's an put them into the userinfo object
var $subtreeACL= array();
/* get acl's an put them into the userinfo object
function userinfo($config, $userdn){
$this->config= $config;
$ldap= $this->config->get_ldap_link();
function userinfo($config, $userdn){
$this->config= $config;
$ldap= $this->config->get_ldap_link();
- $ldap->cat($userdn,array('sn', 'givenName', 'uid', 'gidNumber', 'preferredLanguage'));
+ $ldap->cat($userdn,array('sn', 'givenName', 'uid', 'gidNumber', 'preferredLanguage', 'gosaUnitTag'));
$attrs= $ldap->fetch();
if (isset($attrs['givenName'][0]) && isset($attrs['sn'][0])){
$attrs= $ldap->fetch();
if (isset($attrs['givenName'][0]) && isset($attrs['sn'][0])){
$this->language= $attrs['preferredLanguage'][0];
}
$this->language= $attrs['preferredLanguage'][0];
}
+ if (isset($attrs['gosaUnitTag'][0])){
+ $this->gosaUnitTag= $attrs['gosaUnitTag'][0];
+ }
+
$this->dn= $userdn;
$this->ip= $_SERVER['REMOTE_ADDR'];
}
$this->dn= $userdn;
$this->ip= $_SERVER['REMOTE_ADDR'];
}
diff --git a/include/functions.inc b/include/functions.inc
index c9c50058124e47f6ea7917fbe03e0f95fe42b47c..0cb50d54baef4386113ee88aef4807ff8d92f4bb 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
- global $config;
+ global $config, $ui;
/* Get LDAP link */
$ldap= $config->get_ldap_link($flags & GL_SIZELIMIT);
/* Get LDAP link */
$ldap= $config->get_ldap_link($flags & GL_SIZELIMIT);
@@ -504,6 +504,12 @@ function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags=
$ldap->cd ($base);
}
$ldap->cd ($base);
}
+ /* Strict filter for administrative units? */
+ if ($ui->gosaUnitTag != "" && isset($config->current['STRICT_UNITS']) &&
+ preg_match('/TRUE/i', $config->current['STRICT_UNITS'])){
+ $filter= "(&(gosaUnitTag=".$ui->gosaUnitTag.")$filter)";
+ }
+
/* Perform ONE or SUB scope searches? */
if ($flags & GL_SUBSEARCH) {
$ldap->search ($filter, $attributes);
/* Perform ONE or SUB scope searches? */
if ($flags & GL_SUBSEARCH) {
$ldap->search ($filter, $attributes);