Commit b88dab84 authored by Côme Bernigaud's avatar Côme Bernigaud
Browse files

Fixes #3384 We need to remove manual handling of foreignKeys

Conflicts:
	include/class_acl.inc
	plugins/personal/generic/class_user.inc
parent 6f9a9936
......@@ -282,7 +282,6 @@ class acl extends plugin
$this->handle_post_events('remove');
}
/*
* \brief Return plugin informations for acl handling
*/
......@@ -300,94 +299,6 @@ class acl extends plugin
'plProvidedAcls' => array()
);
}
/*!
* \brief Remove acls defined for $src
*
* \param String $dn The DN
*
* FIXME
*/
static function remove_acl_for($dn)
{
global $config;
$ldap = $config->get_ldap_link();
$ldap->cd($config->current['BASE']);
$ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($dn)."*))", array("gosaAclEntry","dn"));
$new_entries = array();
while ($attrs = $ldap->fetch()) {
if (!isset($attrs['gosaAclEntry'])) {
continue;
}
unset($attrs['gosaAclEntry']['count']);
// Remove entry directly
foreach ($attrs['gosaAclEntry'] as $entry) {
$parts = explode(':', $entry);
$members = explode(',', $parts[2]);
$new_members = array();
foreach ($members as $member) {
if (base64_decode($member) != $dn) {
$new_members[] = $member;
} else {
fusiondirectory_log("modify", "user/acl", $attrs['dn'], array(), sprintf("Removed acl for %s on object %s.", $dn, $attrs['dn']));
}
}
/* We can completely remove the entry if there are no members anymore */
if (count($new_members)) {
$parts[2] = implode(",", $new_members);
$new_entries[] = implode(":", $parts);
}
}
// There should be a modification, so write it back
$ldap->cd($attrs['dn']);
$new_attrs = array("gosaAclEntry" => $new_entries);
$ldap->modify($new_attrs);
if (!$ldap->success()) {
msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, get_class()), ERROR_DIALOG);
}
}
}
/*!
* \brief Update the acl membership
*
* \param String $src The source
*
* \param String $dst The destination
*/
static function update_acl_membership($src, $dst)
{
global $config;
$ldap = $config->get_ldap_link();
$ldap->cd($config->current['BASE']);
$ldap->search("(&(objectClass=gosaAcl)(gosaAclEntry=*".base64_encode($src)."*))", array("gosaAclEntry","dn"));
while ($attrs = $ldap->fetch()) {
$acl = new acl($config, $attrs['dn']);
foreach ($acl->gosaAclEntry as $id => $entry) {
foreach ($entry['members'] as $m_id => $member) {
if ($m_id == "U:".$src) {
unset($acl->gosaAclEntry[$id]['members'][$m_id]);
$new = "U:".$dst;
$acl->gosaAclEntry[$id]['members'][$new] = $new;
fusiondirectory_log("modify", "user/acl", $attrs['dn'], array(), sprintf("Updated acl for user %s on object %s.", $src, $attrs['dn']));
}
if ($m_id == "G:".$src) {
unset($acl->gosaAclEntry[$id]['members'][$m_id]);
$new = "G:".$dst;
$acl->gosaAclEntry[$id]['members'][$new] = $new;
fusiondirectory_log("modify", "group/acl", $attrs['dn'], array(), sprintf("Updated acl for group %s on object %s.", $src, $attrs['dn']));
}
}
}
$acl->save();
}
}
}
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment