diff --git a/include/class_CopyPasteHandler.inc b/include/class_CopyPasteHandler.inc
index 11f8227c4909d527b0d995ab9d7aa7805be0dd48..12c60ff37d77e9557cf3c29350de1186070cca3e 100644
--- a/include/class_CopyPasteHandler.inc
+++ b/include/class_CopyPasteHandler.inc
@@ -91,9 +91,10 @@ class CopyPasteHandler
$tmp['dn'] = $dn;
$tmp['type'] = $type;
- $infos = objects::infos($type);
- $tmp['tab_acl_category'] = $infos['aclCategory'];
- $tmp['parent'] = NULL;
+ $infos = objects::infos($type);
+ $tmp['aclCategory'] = $infos['aclCategory'];
+ $tmp['mainTab'] = $infos['mainTab'];
+ $tmp['parent'] = NULL;
$this->queue[] = $tmp;
if ($action == 'copy') {
@@ -187,12 +188,9 @@ class CopyPasteHandler
$this->queue[$key] = $entry;
}
- /* To copy an object we require full read access to the object category */
- $copy_acl = preg_match("/r/", $ui->get_complete_category_acls($entry['dn'], $entry['tab_acl_category']));
-
- /* In order to copy an object we require read an delete acls */
- $cut_acl = preg_match("/d/", $ui->get_complete_category_acls($entry['dn'], $entry['tab_acl_category']));
- $cut_acl &= preg_match("/r/", $ui->get_complete_category_acls($entry['dn'], $entry['tab_acl_category']));
+ /* Retrieve ACL infos */
+ $copy_acl = $ui->is_copyable($entry['dn'], $entry['aclCategory']);
+ $cut_acl = $ui->is_cutable($entry['dn'], $entry['aclCategory'], $entry['mainTab']);
/* Check permissions */
if (($entry['method'] == 'copy') && !$copy_acl) {
@@ -208,7 +206,7 @@ class CopyPasteHandler
foreach ($this->disallowed_objects as $entry) {
$dns[] = $entry['dn'];
}
- msg_dialog::display(_("Permission"), msgPool::permCreate($dns), INFO_DIALOG);
+ msg_dialog::display(_('Permission'), msgPool::permCreate($dns), INFO_DIALOG);
}
$this->require_update = FALSE;
}
diff --git a/include/class_userinfo.inc b/include/class_userinfo.inc
index 7d647e6e0e7f1cb895004f49890056d938f70664..016ed6b805ffa1c354f1d8e58efacec5532c0bfa 100644
--- a/include/class_userinfo.inc
+++ b/include/class_userinfo.inc
@@ -320,8 +320,8 @@ class userinfo
*/
function is_cutable($dn, $object, $class)
{
- $remove = preg_match("/d/", $this->get_permissions($dn, $object."/".$class));
- $read = preg_match("/r/", $this->get_complete_category_acls($dn, $object));
+ $remove = preg_match('/d/', $this->get_permissions($dn, $object.'/'.$class));
+ $read = preg_match('/r/', $this->get_complete_category_acls($dn, $object));
return ($remove && $read);
}
@@ -763,7 +763,6 @@ class userinfo
/*!
* \brief Return combined acls for a given category
*
- * #FIXME This could be logical wrong or could be optimized in the future
* Return combined acls for a given category.
* All acls will be combined like boolean AND
* As example ('rwcdm' + 'rcd' + 'wrm'= 'r')
@@ -780,36 +779,35 @@ class userinfo
function get_complete_category_acls($dn, $category)
{
global $config;
- $acl = "rwcdm";
- $types = "rwcdm";
+ $acl = 'rwcdm';
if (!is_string($category)) {
- trigger_error("category must be string");
- $acl = "";
+ trigger_error('category must be string');
+ return '';
} else {
- if (!isset($this->result_cache['get_complete_category_acls'][$dn][$category])) {
- if (isset($config->data['CATEGORIES'][$category])) {
- foreach ($config->data['CATEGORIES'][$category]['classes'] as $oc) {
- if ($oc == '0') {
- /* Skip objectClass '0' (e.g. user/0) get_permissions will ever return '' ?? */
- continue;
- }
- $tmp = $this->get_permissions($dn, $category."/".$oc);
- for ($i = 0, $l = strlen($types); $i < $l; $i++) {
- if (!preg_match("/".$types[$i]."/", $tmp)) {
- $acl = preg_replace("/".$types[$i]."/", "", $acl);
- }
+ if (isset($this->result_cache['get_complete_category_acls'][$dn][$category])) {
+ return $this->result_cache['get_complete_category_acls'][$dn][$category];
+ }
+ if (isset($config->data['CATEGORIES'][$category])) {
+ foreach ($config->data['CATEGORIES'][$category]['classes'] as $oc) {
+ if ($oc == '0') {
+ /* Skip objectClass '0' (e.g. user/0) */
+ continue;
+ }
+ $tmp = $this->get_permissions($dn, $category.'/'.$oc);
+ $types = $acl;
+ for ($i = 0, $l = strlen($types); $i < $l; $i++) {
+ if (!preg_match('/'.$types[$i].'/', $tmp)) {
+ $acl = preg_replace('/'.$types[$i].'/', '', $acl);
}
}
- } else {
- $acl = "";
}
- $this->result_cache['get_complete_category_acls'][$dn][$category] = $acl;
} else {
- $acl = $this->result_cache['get_complete_category_acls'][$dn][$category];
+ $acl = '';
}
+ $this->result_cache['get_complete_category_acls'][$dn][$category] = $acl;
+ return $acl;
}
- return $acl;
}
diff --git a/include/simpleplugin/class_simpleManagement.inc b/include/simpleplugin/class_simpleManagement.inc
index d1f13dc0501f703aa48ec9c55114fe09edc0172c..82066c0178425e67a6b5cf07ba046873f1daa4f0 100644
--- a/include/simpleplugin/class_simpleManagement.inc
+++ b/include/simpleplugin/class_simpleManagement.inc
@@ -845,7 +845,7 @@ class simpleManagement extends management
$this->cpHandler->save_object();
// Add entries to queue
- if ($action == "copy" || $action == "cut") {
+ if (($action == 'copy') || ($action == 'cut')) {
$this->cpHandler->cleanup_queue();
foreach ($target as $dn) {
$type = $this->getType($dn);
@@ -854,13 +854,13 @@ class simpleManagement extends management
}
$infos = objects::infos($type);
- if ($action == "copy" && $ui->is_copyable($dn, $infos['aclCategory'])) {
- $this->cpHandler->add_to_queue($dn, "copy", $type);
- @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $dn, "Entry copied!");
+ if (($action == 'copy') && $ui->is_copyable($dn, $infos['aclCategory'])) {
+ $this->cpHandler->add_to_queue($dn, 'copy', $type);
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $dn, 'Entry copied!');
}
- if ($action == "cut" && $ui->is_cutable($dn, $infos['aclCategory'], $infos['mainTab'])) {
- $this->cpHandler->add_to_queue($dn, "cut", $type);
- @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $dn, "Entry cutted!");
+ if (($action == 'cut') && $ui->is_cutable($dn, $infos['aclCategory'], $infos['mainTab'])) {
+ $this->cpHandler->add_to_queue($dn, 'cut', $type);
+ @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $dn, 'Entry cut!');
}
}
}