diff --git a/include/class_plugin.inc b/include/class_plugin.inc
deleted file mode 100644
index c88e4ecae08cf25eaaa384c00293575cafce46e3..0000000000000000000000000000000000000000
--- a/include/class_plugin.inc
+++ /dev/null
@@ -1,134 +0,0 @@
-<?php
-/*
- This code is part of FusionDirectory (http://www.fusiondirectory.org/)
- Copyright (C) 2003-2010 Cajus Pollmeier
- Copyright (C) 2011-2016 FusionDirectory
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-*/
-
-/*!
- * \file class_plugin.inc
- * Source code for the class plugin
- */
-
-/*! \brief plugin class, should not be used directly, see simplePlugin instead
- */
-class plugin
-{
- var $acl_base = "";
- var $acl_category = "";
-
- /*!
- * \brief Set acl base
- *
- * \param string $base
- */
- function set_acl_base($base)
- {
- $this->acl_base = $base;
- }
-
- /*!
- * \brief Set acl category
- *
- * \param string $category
- */
- function set_acl_category($category)
- {
- $this->acl_category = "$category/";
- }
-
- /*! \brief Can we write the acl */
- function acl_is_writeable($attribute, $skip_write = FALSE)
- {
- if ($this->readOnly()) {
- return FALSE;
- }
- $ui = get_userinfo();
- return preg_match('/w/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write));
- }
-
- /*!
- * \brief Can we read the acl
- *
- * \param string $attribute
- */
- function acl_is_readable($attribute)
- {
- $ui = get_userinfo();
- return preg_match('/r/', $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute));
- }
-
- /*!
- * \brief Can we create the acl
- *
- * \param string $base Empty string
- */
- function acl_is_createable($base = "")
- {
- if ($this->readOnly()) {
- return FALSE;
- }
- $ui = get_userinfo();
- if ($base == "") {
- $base = $this->acl_base;
- }
- return preg_match('/c/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
- }
-
- /*!
- * \brief Can we remove the acl
- *
- * \param string $base Empty string
- */
- function acl_is_removeable($base = "")
- {
- if ($this->readOnly()) {
- return FALSE;
- }
- $ui = get_userinfo();
- if ($base == "") {
- $base = $this->acl_base;
- }
- return preg_match('/d/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
- }
-
- /*!
- * \brief Can we move the acl
- *
- * \param string $base Empty string
- */
- function acl_is_moveable($base = "")
- {
- if ($this->readOnly()) {
- return FALSE;
- }
- $ui = get_userinfo();
- if ($base == "") {
- $base = $this->acl_base;
- }
- return preg_match('/m/', $ui->get_permissions($base, $this->acl_category.get_class($this), '0'));
- }
-
- /*! \brief get the acl */
- function getacl($attribute, $skip_write = FALSE)
- {
- $ui = get_userinfo();
- $skip_write |= $this->readOnly();
- return $ui->get_permissions($this->acl_base, $this->acl_category.get_class($this), $attribute, $skip_write);
- }
-}
-?>
diff --git a/include/class_template.inc b/include/class_template.inc
index 972d42d2a7b1f469e59a9af12cd1ee8314260ed0..5299a4675fb26af94cf610fb7206d2877a8f90c8 100644
--- a/include/class_template.inc
+++ b/include/class_template.inc
@@ -166,7 +166,7 @@ class template
foreach ($this->attributes[$class] as $attr) {
if ($plugin->attributesAccess[$attr]->getAclInfo() !== FALSE) {
// We assign ACLs so that attributes can use them in their template code
- $smarty->assign($plugin->attributesAccess[$attr]->getAcl().'ACL', $plugin->getacl($plugin->attributesAccess[$attr]->getAcl()));
+ $smarty->assign($plugin->attributesAccess[$attr]->getAcl().'ACL', $plugin->aclGetPermissions($plugin->attributesAccess[$attr]->getAcl()));
}
$plugin->attributesAccess[$attr]->renderAttribute($attributes, FALSE);
}
diff --git a/include/class_userinfo.inc b/include/class_userinfo.inc
index 88acb7b0d105a189a45596328a02a50e1454ea83..7afca956397c790bd9585e7bc269761842ad71e0 100644
--- a/include/class_userinfo.inc
+++ b/include/class_userinfo.inc
@@ -413,7 +413,7 @@ class userinfo
*/
if ($this->ignore_acl_for_current_user()) {
if ($skip_write) {
- return 'rcdm';
+ return 'r';
}
return 'rwcdm';
}
@@ -453,7 +453,7 @@ class userinfo
$ACL_CACHE["$orig_dn+$object+$attribute"] = $ret;
}
if ($skip_write) {
- $ret = str_replace('w', '', $ret);
+ $ret = str_replace(array('w','c','d','m'), '', $ret);
}
return $ret;
}
diff --git a/include/simpleplugin/class_simplePlugin.inc b/include/simpleplugin/class_simplePlugin.inc
index 49c5b466e2bfec11eb5c94058e4f82d14e5c9f45..7a93b6db38cf3de314adefc2d56303399a2e690c 100644
--- a/include/simpleplugin/class_simplePlugin.inc
+++ b/include/simpleplugin/class_simplePlugin.inc
@@ -26,7 +26,7 @@
/*! \brief This class is made for easy plugin creation for editing LDAP attributes
*
*/
-class simplePlugin extends plugin
+class simplePlugin
{
/*! \brief This attribute store all information about attributes */
public $attributesInfo;
@@ -52,6 +52,9 @@ class simplePlugin extends plugin
public $initially_was_account = FALSE;
public $ignore_account = FALSE;
+ public $acl_base = '';
+ public $acl_category = '';
+
/*! \brief dn of the opened object */
public $dn = '';
@@ -538,6 +541,26 @@ class simplePlugin extends plugin
return $deps;
}
+ /*!
+ * \brief Set acl base
+ *
+ * \param string $base
+ */
+ function set_acl_base($base)
+ {
+ $this->acl_base = $base;
+ }
+
+ /*!
+ * \brief Set acl category
+ *
+ * \param string $category
+ */
+ function set_acl_category($category)
+ {
+ $this->acl_category = "$category/";
+ }
+
/*!
* \brief Move ldap entries from one place to another
*
@@ -791,7 +814,7 @@ class simplePlugin extends plugin
foreach ($sectionInfo['attrs'] as $attr) {
if ($attr->getAclInfo() !== FALSE) {
// We assign ACLs so that attributes can use them in their template code
- $smarty->assign($attr->getAcl()."ACL", $this->getacl($attr->getAcl(), $this->acl_skip_write()));
+ $smarty->assign($attr->getAcl()."ACL", $this->aclGetPermissions($attr->getAcl(), NULL, $this->acl_skip_write()));
}
$attr->renderAttribute($attributes, $readOnly);
}
@@ -850,6 +873,63 @@ class simplePlugin extends plugin
return ($this->needEditMode && !session::is_set('edit'));
}
+ /*! \brief Can we write the attribute */
+ function acl_is_writeable($attribute, $skipWrite = FALSE)
+ {
+ return preg_match('/w/', $this->aclGetPermissions($attribute, $skipWrite));
+ }
+
+ /*!
+ * \brief Can we read the acl
+ *
+ * \param string $attribute
+ */
+ function acl_is_readable($attribute)
+ {
+ return preg_match('/r/', $this->aclGetPermissions($attribute));
+ }
+
+ /*!
+ * \brief Can we create the object
+ *
+ * \param string $base Empty string
+ */
+ function acl_is_createable($base = NULL)
+ {
+ return preg_match('/c/', $this->aclGetPermissions('0', $base));
+ }
+
+ /*!
+ * \brief Can we delete the object
+ *
+ * \param string $base Empty string
+ */
+ function acl_is_removeable($base = NULL)
+ {
+ return preg_match('/d/', $this->aclGetPermissions('0', $base));
+ }
+
+ /*!
+ * \brief Can we move the object
+ *
+ * \param string $base Empty string
+ */
+ function acl_is_moveable($base = NULL)
+ {
+ return preg_match('/m/', $this->aclGetPermissions('0', $base));
+ }
+
+ /*! \brief Get the acl permissions for an attribute or the plugin itself */
+ function aclGetPermissions($attribute = '0', $base = NULL, $skipWrite = FALSE)
+ {
+ $ui = get_userinfo();
+ $skipWrite |= $this->readOnly();
+ if ($base === NULL) {
+ $base = $this->acl_base;
+ }
+ return $ui->get_permissions($base, $this->acl_category.get_class($this), $attribute, $skipWrite);
+ }
+
/*! \brief This function removes the object from LDAP
*/
function remove_from_parent()
diff --git a/plugins/admin/departments/class_department.inc b/plugins/admin/departments/class_department.inc
index 4094fcb7cb73eb884850062a4264898afe83aaaf..ba60d428123fa9815005afa1ab139711c2fbfe51 100644
--- a/plugins/admin/departments/class_department.inc
+++ b/plugins/admin/departments/class_department.inc
@@ -195,14 +195,4 @@ class department extends simplePlugin
return parent::prepare_save();
}
}
- /* Hide base selector, if this object represents the base itself
-
- $smarty->assign("is_root_dse", FALSE);
- if ($this->dn == $config->current['BASE']) {
- $smarty->assign("is_root_dse", TRUE);
- $nA = $this->namingAttr."ACL";
- $smarty->assign($nA, $this->getacl($this->namingAttr, TRUE));
- }*/
-
-
?>
diff --git a/setup/class_setupStep_Config.inc b/setup/class_setupStep_Config.inc
index bc5881998a124b13f17075e2a496579fb267a986..8b5c177579eddba3dd6b57f3a08370a2ab1c3e5e 100644
--- a/setup/class_setupStep_Config.inc
+++ b/setup/class_setupStep_Config.inc
@@ -169,7 +169,7 @@ class Step_Config extends configInLdap
{
return TRUE;
}
- function getacl($attribute, $skip_write = FALSE)
+ function aclGetPermissions($attribute = '0', $base = NULL, $skipWrite = FALSE)
{
return 'cmdrw';
}