Commit 9d4c5319 authored by Côme Chilliet's avatar Côme Chilliet

feat(management) Split DN and ACL base in ListingEntry

This will be useful for entries which have no dn, like services or
 Argonaut actions.
They will store their unique id in $dn and the LDAP dn to use for ACL
 checks in aclBase.

issue #5980
parent 4db3de2d
......@@ -235,7 +235,7 @@ class Action
$types = $this->parent->objectTypes;
$template = FALSE;
} else {
$dn = $entry->dn;
$dn = $entry->aclBase;
$types = [$entry->getTemplatedType()];
$template = $entry->isTemplate();
}
......
......@@ -21,9 +21,26 @@
class ListingEntry implements ArrayAccess
{
/*!
* \brief LDAP dn if any, unique id otherwise
*/
public $dn;
/*!
* \brief DN to use for ACL checks, usually the same as $dn
*/
public $aclBase;
/*!
* \brief Row number
*/
public $row;
/*!
* \brief Object type
*/
public $type;
private $attrs;
protected $listing;
......@@ -35,6 +52,7 @@ class ListingEntry implements ArrayAccess
$this->listing = $listing;
$this->type = $type;
$this->dn = $dn;
$this->aclBase = $dn;
$this->attrs = $attrs;
$this->row = $row;
}
......@@ -84,7 +102,7 @@ class ListingEntry implements ArrayAccess
global $ui;
$infos = objects::infos($this->getTemplatedType());
$rights = $ui->get_permissions($this->dn, $infos['aclCategory'].'/'.($this->isTemplate() ? 'template' : $infos['mainTab']));
$rights = $ui->get_permissions($this->aclBase, $infos['aclCategory'].'/'.($this->isTemplate() ? 'template' : $infos['mainTab']));
foreach (str_split($acls) as $acl) {
if (strpos($rights, $acl) === FALSE) {
return FALSE;
......@@ -99,7 +117,7 @@ class ListingEntry implements ArrayAccess
global $ui;
$infos = objects::infos($this->getTemplatedType());
return $ui->allow_snapshot_create($this->dn, $infos['aclCategory']);
return $ui->allow_snapshot_create($this->aclBase, $infos['aclCategory']);
}
public function snapshotRestoreAllowed (): bool
......@@ -107,6 +125,6 @@ class ListingEntry implements ArrayAccess
global $ui;
$infos = objects::infos($this->getTemplatedType());
return $ui->allow_snapshot_restore($this->dn, $infos['aclCategory'], FALSE);
return $ui->allow_snapshot_restore($this->aclBase, $infos['aclCategory'], FALSE);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment