Verified Commit 648eb428 authored by Côme Chilliet's avatar Côme Chilliet
Browse files

feat(systems) Fix %askme% feature in interfaces

Also implemented ACL check for template/webservice

issue #6039
parent cb12ba6c
......@@ -37,19 +37,6 @@ class InterfacesAttribute extends DialogOrderedArrayAttribute
$this->plugin = $plugin;
}
//~ function renderAttribute (array &$attributes, bool $readOnly, bool $readable, bool $writable)
//~ {
//~ }
function renderFormInput (): string
{
$value = $this->getValue();
if (is_array($value)) {
$value = join(', ', $value);
}
return '{literal}'.htmlescape($value).'{/literal}';
}
function getValue ()
{
return $this->plugin->filter->getInterfacesAsArrays();
......@@ -62,25 +49,36 @@ class InterfacesAttribute extends DialogOrderedArrayAttribute
protected function getAttributeArrayValue ($key, $value)
{
/* FIXME Convert text value to displayable array value */
die('Pure virtual method');
return [
$value['cn'][0] ?? '',
$value['macAddress'][0] ?? '',
implode(', ', ($value['ipHostNumber'] ?? [])),
];
}
function addValue (string $dn, $attrs = NULL)
{
/* FIXME */
if ($attrs !== NULL) {
$this->value[] = $attrs;
$this->reIndexValues();
}
throw new FusionDirectoryError('addValue should not be called on InterfacesAttribute');
}
protected function handleEdit ($key)
{
/* FIXME */
$this->editingValue = $this->value[$key];
$this->delPostValue($key);
$this->plugin->openDialog(new $this->dialogClass($this->plugin, $this, $this->editingValue));
$this->plugin->editEntry(['targets' => [$this->getValue()[$key]['dn']], 'action' => 'edit', 'subaction' => NULL]);
}
function delPostValue ($key)
{
$this->plugin->removeRequested(['targets' => [$this->getValue()[$key]['dn']], 'action' => 'remove', 'subaction' => NULL]);
}
function loadPostValue ()
{
if ($this->isVisible()) {
OrderedArrayAttribute::loadPostValue();
if (isset($_POST['add'.$this->getHtmlId().'_dialog'])) {
$this->plugin->newEntry(['targets' => [], 'action' => 'new', 'subaction' => 'NETWORKINTERFACE']);
}
}
}
/* readValue/writeValue? */
......
......@@ -302,7 +302,15 @@ class interfacesManagement extends management implements SimpleTab
*/
function save_object ()
{
// save_object of the dialog is called in management::execute
/* save_object of the dialog is called in management::execute
* and template::save_object when used through a template
*/
/* Useful if called for template::save_object */
if ($this->attrIsWriteable($this->attributesAccess['networkInterfaces'])) {
$this->attributesAccess['networkInterfaces']->loadPostValue();
$this->attributesAccess['networkInterfaces']->applyPostValue();
}
/* Sync base tab fields with interfaces */
$entryIterator = $this->listing->getIterator();
......@@ -495,8 +503,10 @@ class interfacesManagement extends management implements SimpleTab
*/
function attrIsReadable ($attr): bool
{
/* FIXME */
return TRUE;
if (!is_object($attr)) {
$attr = $this->attributesAccess[$attr];
}
return (strpos($this->aclGetPermissions($attr->getAcl()), 'r') !== FALSE);
}
/*! \brief Check if logged in user have enough right to write this attribute value
......@@ -505,8 +515,10 @@ class interfacesManagement extends management implements SimpleTab
*/
function attrIsWriteable ($attr): bool
{
/* FIXME */
return TRUE;
if (!is_object($attr)) {
$attr = $this->attributesAccess[$attr];
}
return (strpos($this->aclGetPermissions($attr->getAcl()), 'w') !== FALSE);
}
/*!
......@@ -526,7 +538,41 @@ class interfacesManagement extends management implements SimpleTab
*/
public function aclGetPermissions ($attribute = '0', string $base = NULL, bool $skipWrite = FALSE): string
{
return '';
global $ui;
if ($attribute !== 'networkInterfaces') {
return '';
}
if (isset($this->parent) && isset($this->parent->ignoreAcls) && $this->parent->ignoreAcls) {
return 'cdmr'.($skipWrite ? '' : 'w');
}
if ($base === NULL) {
$base = $this->getAclBase();
}
$skipWrite |= $this->read_only;
$infos = objects::infos('networkInterface');
return $ui->get_permissions($base, $infos['aclCategory'].'/'.($this->is_template ? 'template' : $infos['mainTab']));
}
/*!
* \brief Get LDAP base to use for ACL checks
*/
function getAclBase (bool $callParent = TRUE): string
{
global $config;
if (($this->parent instanceof simpleTabs) && $callParent) {
return $this->parent->getAclBase();
}
if (isset($this->dn) && ($this->dn != 'new')) {
return $this->dn;
}
if (isset($this->base)) {
return 'new,'.$this->base;
}
return $config->current['BASE'];
}
/*!
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment