From f0b60737f3cfc885b77bccf5007d89d77ea797ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.bernigaud@opensides.be>
Date: Tue, 19 Apr 2016 10:01:27 +0200
Subject: [PATCH] =?UTF-8?q?Fixes=20#4687=20ACL=20assignments=20can?=
 =?UTF-8?q?=E2=80=99t=20be=20done=20with=20object=20groups?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 include/class_userinfo.inc                               | 8 +++++++-
 include/select/userGroupSelect/class_userGroupSelect.inc | 2 +-
 include/simpleplugin/class_dialogAttributes.inc          | 4 +++-
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/include/class_userinfo.inc b/include/class_userinfo.inc
index e7833755c..7c35f5744 100644
--- a/include/class_userinfo.inc
+++ b/include/class_userinfo.inc
@@ -107,6 +107,12 @@ class userinfo
     $ldap->cd($this->config->current['BASE']);
 
     /* Get member groups... */
+    $ldap->search('(&(objectClass=groupOfNames)(member='.ldap_escape_f($this->dn).'))', array('dn'));
+    while ($attrs = $ldap->fetch()) {
+      $this->groups[$attrs['dn']] = $attrs['dn'];
+    }
+
+    /* Get member POSIX groups... */
     $ldap->search('(&(objectClass=posixGroup)(memberUid='.ldap_escape_f($this->uid).'))', array('dn'));
     while ($attrs = $ldap->fetch()) {
       $this->groups[$attrs['dn']] = $attrs['dn'];
@@ -202,7 +208,7 @@ class userinfo
       }
     }
 
-    /* Create an array which represenet all relevant permissions settings
+    /* Create an array which represent all relevant permissions settings
         per dn.
 
       The array will look like this:
diff --git a/include/select/userGroupSelect/class_userGroupSelect.inc b/include/select/userGroupSelect/class_userGroupSelect.inc
index e1c95f75d..b3941a2b0 100644
--- a/include/select/userGroupSelect/class_userGroupSelect.inc
+++ b/include/select/userGroupSelect/class_userGroupSelect.inc
@@ -26,6 +26,6 @@ class userGroupSelect extends userSelect
 
 class userGroupRoleSelect extends userGroupSelect
 {
-  protected $objectTypes = array('user', 'group', 'role');
+  protected $objectTypes = array('user', 'group', 'role', 'ogroup');
 }
 ?>
diff --git a/include/simpleplugin/class_dialogAttributes.inc b/include/simpleplugin/class_dialogAttributes.inc
index cf68f02ec..eedfeeb43 100644
--- a/include/simpleplugin/class_dialogAttributes.inc
+++ b/include/simpleplugin/class_dialogAttributes.inc
@@ -412,9 +412,11 @@ class UsersGroupsAttribute extends GenericDialogAttribute
       if ($this->display_attr == 'dn') {
         $this->displays[$i] = $attrs['dn'];
       } elseif (in_array('posixGroup', $attrs['objectClass'])) {
-        $this->displays[$i] = sprintf(_('Group %s'), trim($attrs['cn'][0]));
+        $this->displays[$i] = sprintf(_('POSIX group %s'), trim($attrs['cn'][0]));
       } elseif (in_array('organizationalRole', $attrs['objectClass'])) {
         $this->displays[$i] = sprintf(_('Role %s'), trim($attrs['cn'][0]));
+      } elseif (in_array('groupOfNames', $attrs['objectClass'])) {
+        $this->displays[$i] = sprintf(_('Group %s'), trim($attrs['cn'][0]));
       } elseif (isset($attrs['uid'][0])) {
         $this->displays[$i] = trim($attrs['uid'][0]);
       } else {
-- 
GitLab