steffen: server/kolab-webadmin/kolab-webadmin/www/admin/sharedfolder sf.php, 1.3, 1.4
cvs at intevation.de
cvs at intevation.de
Wed Jul 7 13:45:49 CEST 2004
Author: steffen
Update of /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/sharedfolder
In directory doto:/tmp/cvs-serv25058/kolab-webadmin/www/admin/sharedfolder
Modified Files:
sf.php
Log Message:
fix for issue215
Index: sf.php
===================================================================
RCS file: /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/sharedfolder/sf.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- sf.php 28 Jun 2004 14:00:06 -0000 1.3
+++ sf.php 7 Jul 2004 11:45:47 -0000 1.4
@@ -37,21 +37,55 @@
foreach( $ldap_object['acl'] as $key => $acl ) {
if( $key === 'count' ) continue;
list($u, $p ) = split( ' ', $acl );
+ if( !strncmp( "group:", $u, 6 ) ) $u = substr( $u, 6 );
//debug( "u=$u, p=$p" );
- $form->entries['acl_'.$aclcount] = array( 'name' => 'Permission for UID',
+ $form->entries['acl_'.$aclcount] = array( 'name' => 'Permission for UID/GID',
'type' => 'aclselect',
'user' => $u,
'perm' => $p
);
$aclcount++;
}
- $form->entries['acl_'.$aclcount] = array( 'name' => 'Permission for UID',
+ $form->entries['acl_'.$aclcount] = array( 'name' => 'Permission for UID/GID',
'type' => 'aclselect',
'user' => '',
'perm' => 'all'
);
}
+// Check uid/gid and perm and massage into cyrus ACL
+function process_acl( $uid, $perm )
+{
+ global $ldap;
+ global $errors;
+ debug("process_acl( $uid, $perm )");
+ $res = $ldap->search( $_SESSION['base_dn'], '(&(uid='.$ldap->escape($uid).')(objectClass=kInetOrgPerson))',
+ array('dn') );
+ if( $ldap->count($res) == 1 ) {
+ // Ok, we have a regular user
+ $ldap->freeSearchResult();
+ return "$uid $perm";
+ }
+
+ $regs = array();
+ if( ereg('(.*)@(.*)', $uid, &$regs ) ) {
+ $cn = $regs[1];
+ $res = $ldap->search( $_SESSION['base_dn'], '(&(cn='.$ldap->escape($cn).')(objectClass=groupOfNames))',
+ array('dn') );
+ if( $ldap->count($res) == 1 ) {
+ $objects = $ldap->getEntries();
+ $dcs = array_filter( split(',', $objects[0]['dn']), create_function( '$str', 'return !strncmp( "dc=", $str, 3 );') );
+ $dcs = array_map( create_function( '$str', 'return substr($str,3);'), $dcs );
+ $domain = join( '.', $dcs );
+ if( $domain == $regs[2] ) {
+ // All OK, we have a group
+ return "group:$uid $perm";
+ }
+ }
+ }
+ $errors[] = "No UID or GID $uid";
+ return false;
+}
/**** Submenu for current page ***/
$menuitems[$sidx]['selected'] = 'selected';
@@ -77,7 +111,7 @@
'value' => $_SESSION['fqhostname'] ),
'userquota' => array( 'name' => 'Quota Limit',
'comment' => 'KBytes (empty for unlimited)' ),
- 'acl_0' => array( 'name' => 'Permission for UID',
+ 'acl_0' => array( 'name' => 'Permission for UID/GID',
'type' => 'aclselect',
'user' => 'anyone',
'perm' => 'all' ));
@@ -130,7 +164,12 @@
$aclcount = 0;
while( $_POST['user_acl_'.$aclcount] ) {
if( !empty( $_POST['user_acl_'.$aclcount] ) ) {
- $ldap_object['acl'][] = $_POST['user_acl_'.$aclcount].' '.$_POST['perm_acl_'.$aclcount];
+ $acl = process_acl( $_POST['user_acl_'.$aclcount], $_POST['perm_acl_'.$aclcount] );
+ if( $acl ) {
+ $ldap_object['acl'][] = $acl;
+ } else {
+ break;
+ }
}
$aclcount++;
}
More information about the commits
mailing list