Branch 'kolab-webadmin-3.1' - 2 commits - lib/Auth lib/kolab_client_task.php public_html/js

Aleksander Machniak machniak at kolabsys.com
Mon Dec 16 13:52:48 CET 2013


 lib/Auth/LDAP.php             |    2 +-
 lib/kolab_client_task.php     |   15 ++++++++++++---
 public_html/js/kolab_admin.js |    3 ++-
 3 files changed, 15 insertions(+), 5 deletions(-)

New commits:
commit 0e4c76872236be7db4599aeabef27fe6352a90f7
Author: Aleksander Machniak <alec at alec.pl>
Date:   Mon Dec 16 13:40:30 2013 +0100

    Skip regenerate request for auto-fields that are readonly (by ACL)

diff --git a/lib/kolab_client_task.php b/lib/kolab_client_task.php
index c845126..20c4bc0 100644
--- a/lib/kolab_client_task.php
+++ b/lib/kolab_client_task.php
@@ -1063,6 +1063,7 @@ class kolab_client_task
         $admin_auto_fields_rw = $this->config_get('admin_auto_fields_rw', false, Conf::BOOL);
 
         foreach ($fields as $idx => $field) {
+            $readonly = null;
             if (!array_key_exists($idx, $attribute_rights)) {
                 // If the entry level rights contain 'add' and 'delete', well, you're an admin
                 if (in_array('add', $entry_rights) && in_array('delete', $entry_rights)) {
@@ -1071,7 +1072,7 @@ class kolab_client_task
                     }
                 }
                 else {
-                    $fields[$idx]['readonly'] = true;
+                    $fields[$idx]['readonly'] = $readonly = true;
                 }
             }
             else {
@@ -1081,10 +1082,18 @@ class kolab_client_task
                     }
                 }
                 // Explicit attribute level rights, check for 'write'
-                elseif (!in_array('write', $attribute_rights[$idx])) {
-                    $fields[$idx]['readonly'] = true;
+                else if (!in_array('write', $attribute_rights[$idx])) {
+                    $fields[$idx]['readonly'] = $readonly = true;
                 }
             }
+
+            // disable auto-fields updates, user has no rights to modify them anyway
+            if (is_bool($readonly) && $readonly) {
+                if (($s_idx = array_search($idx, $auto_attribs)) !== false) {
+                    unset($auto_attribs[$s_idx]);
+                }
+                unset($auto_fields[$idx]);
+            }
         }
 
         // Register list of auto-generated fields
diff --git a/public_html/js/kolab_admin.js b/public_html/js/kolab_admin.js
index 4df6339..659645c 100644
--- a/public_html/js/kolab_admin.js
+++ b/public_html/js/kolab_admin.js
@@ -1328,7 +1328,8 @@ function kolab_admin()
       }
     }
 
-    this.api_post('form_value.generate', data, 'form_value_response');
+    if (data.attributes.length)
+      this.api_post('form_value.generate', data, 'form_value_response');
     this.set_busy(false);
   };
 


commit 0dd7805c9a3136e134e701138a7a1b089849b755
Author: Aleksander Machniak <alec at alec.pl>
Date:   Mon Dec 16 13:20:52 2013 +0100

    Fix possible PHP warning

diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 7736fd3..a7dfe1c 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -1286,7 +1286,7 @@ class LDAP extends Net_LDAP3 {
 
         $subject    = $subject->entries(true);
         $attributes = $this->attributes_allowed($subject[$subject_dn]['objectclass']);
-        $attributes = array_merge($attributes['may'], $attributes['must']);
+        $attributes = array_merge((array)$attributes['may'], (array)$attributes['must']);
 
         foreach ($attributes as $attribute) {
             $rights['attributeLevelRights'][$attribute] = $standard_rights;




More information about the commits mailing list