Commit 6b4a70df authored by Côme Chilliet's avatar Côme Chilliet
Browse files

Fixes #5153 Fixed ACL checks for user locking

parent 33ac9798
......@@ -139,7 +139,7 @@ class userManagement extends simpleManagement
$disallowed = array();
$allowed = array();
foreach ($entry as $dn) {
if (!preg_match('/w/', $ui->get_permissions($dn, 'user/password'))) {
if (!preg_match('/w/', $ui->get_permissions($dn, 'user/user', 'userPassword'))) {
$disallowed[] = $dn;
} else {
$allowed[] = $dn;
......
......@@ -123,7 +123,7 @@
<name>lockUsers</name>
<type>entry</type>
<image>geticon.php?context=status&amp;icon=object-locked&amp;size=16</image>
<acl>user/password[w]</acl>
<acl>user/user[userPassword:rw]</acl>
<label>Lock users</label>
</action>
......@@ -131,7 +131,7 @@
<name>unlockUsers</name>
<type>entry</type>
<image>geticon.php?context=status&amp;icon=object-unlocked&amp;size=16</image>
<acl>user/password[w]</acl>
<acl>user/user[userPassword:rw]</acl>
<label>Unlock users</label>
</action>
......@@ -195,7 +195,7 @@
<type>entry</type>
<objectclass>!fdTemplate</objectclass>
<image>%{filter:lockImage(userPassword)}</image>
<acl>user/password[w]</acl>
<acl>user/user[userPassword:rw]</acl>
<label>%{filter:lockLabel(userPassword)}</label>
</action>
......
......@@ -232,19 +232,19 @@ class Step_Migrate extends setupStep
'cn' => 'manager',
'description' => _('Give all rights on users in the given branch'),
'objectclass' => array('top', 'gosaRole'),
'gosaAclTemplate' => '0:user/password;cmdrw,user/user;cmdrw,user/posixAccount;cmdrw'
'gosaAclTemplate' => '0:user/user;cmdrw,user/posixAccount;cmdrw'
),
array(
'cn' => 'editowninfos',
'description' => _('Allow users to edit their own information (main tab and posix use only on base)'),
'objectclass' => array('top', 'gosaRole'),
'gosaAclTemplate' => '0:user/posixAccount;srw,user/user;srw'
'gosaAclTemplate' => '0:user/user;srw,user/posixAccount;srw'
),
array(
'cn' => 'editowninfos',
'cn' => 'editownpwd',
'description' => _('Allow users to edit their own password (use only on base)'),
'objectclass' => array('top', 'gosaRole'),
'gosaAclTemplate' => '0:user/password;srw'
'gosaAclTemplate' => '0:user/user;#userPassword;srw'
),
);
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment