🚑 fix(ACL) Add ACLs for createTimestamp and modifyTimestamp

We consider that if a tab has a "base" attribute it should add ACLs for
 those operational fields.
This is because we do not have other easy way to test if we are the main
 tab in generatePlProvidedAcls.
It may also avoid adding ACLs for this fields on objects which are not
 stored in LDAP since they are less likely to have a base attribute.

issue #6027
parent 36d7108a
......@@ -2077,6 +2077,11 @@ class simplePlugin implements SimpleTab
$plProvidedAcls = [];
foreach ($attributesInfo as $sectionInfo) {
foreach ($sectionInfo['attrs'] as $attr) {
if ($attr->getLdapName() === 'base') {
/* If we handle base, we also handle LDAP operational attributes */
$plProvidedAcls['createTimestamp'] = _('The time the entry was added');
$plProvidedAcls['modifyTimestamp'] = _('The time the entry was last modified');
}
$aclInfo = $attr->getAclInfo();
if ($aclInfo !== FALSE) {
$plProvidedAcls[$aclInfo['name']] = $aclInfo['desc'];
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment