Fix the simple ACL configuration

This commit is contained in:
Deon George 2009-07-26 01:17:47 +10:00
parent 196aa00218
commit 5938302012
20 changed files with 134 additions and 234 deletions

View File

@ -79,38 +79,55 @@
/* Command availability ; if you don't authorize a command the command /* Command availability ; if you don't authorize a command the command
links will not be shown and the command action will not be permitted. links will not be shown and the command action will not be permitted.
For better security, set also ACL in your ldap directory. */ For better security, set also ACL in your ldap directory. */
/* /*
$config->custom->commands['all'] = array( $config->custom->commands['cmd'] = array(
'home' => true,
'external_links' => array('feature' => true,
'forum' => true,
'bug' => true,
'donation' => true,
'help' => true,
'credits' => true),
'purge' => true,
'schema' => true,
'import' => true,
'export' => true,
'logout' => true,
'search' => array('simple_search' => true,
'predefined_search' => true,
'advanced_search' => true),
'server_refresh' => true,
'server_info' => true,
'entry_refresh' => true,
'entry_move' => true,
'entry_internal_attributes_show' => true, 'entry_internal_attributes_show' => true,
'entry_delete' => array('simple_delete' => true, 'entry_refresh' => true,
'mass_delete' => false), 'oslinks' => true,
'entry_rename' => true, 'switch_template' => true
'entry_compare' => true, );
'entry_create' => true,
'attribute_add' => true, $config->custom->commands['script'] = array(
'attribute_add_value' => true, 'add_attr_form' => true,
'attribute_delete' => true, 'add_oclass_form' => true,
'attribute_delete_value' => true); 'add_value_form' => true,
'collapse' => true,
'compare' => true,
'compare_form' => true,
'copy' => true,
'copy_form' => true,
'create' => true,
'create_confirm' => true,
'delete' => true,
'delete_attr' => true,
'delete_form' => true,
'draw_tree_node' => true,
'expand' => true,
'export' => true,
'export_form' => true,
'import' => true,
'import_form' => true,
'login' => true,
'logout' => true,
'login_form' => true,
'mass_delete' => true,
'mass_edit' => true,
'mass_update' => true,
'modify_member_form' => true,
'monitor' => true,
'purge_cache' => true,
'query_engine' => true,
'rename' => true,
'rename_form' => true,
'rdelete' => true,
'refresh' => true,
'schema' => true,
'server_info' => true,
'show_cache' => true,
'template_engine' => true,
'update_confirm' => true,
'update' => true
);
*/ */
/*********************************************/ /*********************************************/

View File

@ -31,13 +31,6 @@ $request['template'] = $request['page']->getTemplate();
/* /*
if ($request['attribute']->isReadOnly()) if ($request['attribute']->isReadOnly())
error(sprintf(_('The attribute (%s) is in readonly mode.'),$request['attr']),'error','index.php'); error(sprintf(_('The attribute (%s) is in readonly mode.'),$request['attr']),'error','index.php');
# Check our permissions
if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('add attribute value')),'error','index.php');
if (($request['attribute']->getValueCount() == 0) && ! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('add attribute')),'error','index.php');
*/ */
# Render the form # Render the form

View File

@ -23,9 +23,6 @@ $ldap['SRC'] = $_SESSION[APPCONFIG]->getServer(get_request('server_id_src'));
$ldap['DST'] = $_SESSION[APPCONFIG]->getServer(get_request('server_id_dst')); $ldap['DST'] = $_SESSION[APPCONFIG]->getServer(get_request('server_id_dst'));
# Error checking # Error checking
if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_move'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('copy entry')),'error','index.php');
if (! trim($request['dnDST'])) if (! trim($request['dnDST']))
error(_('You left the destination DN blank.'),'error','index.php'); error(_('You left the destination DN blank.'),'error','index.php');

View File

@ -19,9 +19,6 @@ if (get_request('cancel','REQUEST')) {
die(); die();
} }
if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_create'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('create entry')),'error','index.php');
$request = array(); $request = array();
$request['redirect'] = get_request('redirect','POST',false,false); $request['redirect'] = get_request('redirect','POST',false,false);

View File

@ -13,9 +13,6 @@
require './common.php'; require './common.php';
if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_create'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('create entry')),'error','index.php');
$request = array(); $request = array();
$request['redirect'] = get_request('redirect','POST',false,false); $request['redirect'] = get_request('redirect','POST',false,false);

View File

@ -20,9 +20,6 @@ $request['dn'] = get_request('dn','REQUEST',true);
if (! $app['server']->dnExists($request['dn'])) if (! $app['server']->dnExists($request['dn']))
error(sprintf('%s (%s)',_('No such entry.'),'<b>'.pretty_print_dn($request['dn']).'</b>'),'error','index.php'); error(sprintf('%s (%s)',_('No such entry.'),'<b>'.pretty_print_dn($request['dn']).'</b>'),'error','index.php');
if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_delete','simple_delete'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('delete entry')),'error','index.php');
# Delete the entry. # Delete the entry.
$result = $app['server']->delete($request['dn']); $result = $app['server']->delete($request['dn']);

View File

@ -13,9 +13,6 @@
require './common.php'; require './common.php';
if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('delete attribute')),'error','index.php');
$request = array(); $request = array();
$request['dn'] = get_request('dn','REQUEST',true); $request['dn'] = get_request('dn','REQUEST',true);
$request['attr'] = get_request('attr','REQUEST',true); $request['attr'] = get_request('attr','REQUEST',true);

View File

@ -14,9 +14,6 @@
require './common.php'; require './common.php';
require LIBDIR.'export_functions.php'; require LIBDIR.'export_functions.php';
if (! $_SESSION[APPCONFIG]->isCommandAvailable('export'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('export')),'error','index.php');
# Prevent script from bailing early for long search # Prevent script from bailing early for long search
@set_time_limit(0); @set_time_limit(0);

View File

@ -14,9 +14,6 @@
require './common.php'; require './common.php';
require LIBDIR.'import_functions.php'; require LIBDIR.'import_functions.php';
if (! $_SESSION[APPCONFIG]->isCommandAvailable('import'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('import')),'error','index.php');
$request = array(); $request = array();
$request['importer'] = new Importer($app['server']->getIndex(),'LDIF'); $request['importer'] = new Importer($app['server']->getIndex(),'LDIF');
$request['import'] = $request['importer']->getTemplate(); $request['import'] = $request['importer']->getTemplate();

View File

@ -13,9 +13,6 @@
require './common.php'; require './common.php';
if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_delete','simple_delete'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('delete entry')),'error','index.php');
$request = array(); $request = array();
$request['dn'] = get_request('dn','REQUEST',true); $request['dn'] = get_request('dn','REQUEST',true);

View File

@ -20,9 +20,6 @@ $request['rdnDST'] = get_request('new_rdn','REQUEST');
$request['container'] = $app['server']->getContainer($request['dnSRC']); $request['container'] = $app['server']->getContainer($request['dnSRC']);
# Error checking # Error checking
if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_rename'))
error(sprintf('%s: %s',_('This operation is not permitted by the configuration'),_('rename entry')),'error','index.php');
if (! $app['server']->isBranchRenameEnabled()) { if (! $app['server']->isBranchRenameEnabled()) {
# We search all children, not only the visible children in the tree # We search all children, not only the visible children in the tree
$children = $app['server']->getContainerContents($request['dnSRC'],null,0,'(objectClass=*)',LDAP_DEREF_NEVER); $children = $app['server']->getContainerContents($request['dnSRC'],null,0,'(objectClass=*)',LDAP_DEREF_NEVER);

View File

@ -20,23 +20,10 @@ echo '<br /><br />';
echo _('Use the menu to the left to navigate'); echo _('Use the menu to the left to navigate');
echo '<br /><br />'; echo '<br /><br />';
$links = ''; if ($_SESSION[APPCONFIG]->isCommandAvailable('cmd','oslinks')) {
printf('<a href="%s" target="_blank">%s</a>',get_href('credits'),_('Credits'));
if ($_SESSION[APPCONFIG]->isCommandAvailable('external_links','credits')) printf(' | <a href="%s" target="_blank">%s</a>',get_href('documentation'),_('Documentation'));
$links .= sprintf('<a href="%s" target="_blank">%s</a>',get_href('credits'),_('Credits')); printf(' | <a href="%s" target="_blank">%s</a>',get_href('donate'),_('Donate'));
if ($_SESSION[APPCONFIG]->isCommandAvailable('external_links','help')) {
if ($links) $links .= ' | ';
$links .= sprintf('<a href="%s" target="_blank">%s</a>',get_href('documentation'),_('Documentation'));
}
if ($_SESSION[APPCONFIG]->isCommandAvailable('external_links','donation')) {
if ($links) $links .= ' | ';
$links .= sprintf('<a href="%s" target="_blank">%s</a>',get_href('donate'),_('Donate'));
}
if ($links) {
echo $links;
echo '<br /><br />'; echo '<br /><br />';
} }

View File

@ -207,6 +207,7 @@ class HTMLTree extends Tree {
$menu['title'] = _('View schema for'); $menu['title'] = _('View schema for');
$menu['img'] = 'schema-big.png'; $menu['img'] = 'schema-big.png';
$menu['name'] = _('schema'); $menu['name'] = _('schema');
break; break;
case 'search': case 'search':
@ -219,6 +220,7 @@ class HTMLTree extends Tree {
$menu['title'] = _('Search'); $menu['title'] = _('Search');
$menu['img'] = 'search-big.png'; $menu['img'] = 'search-big.png';
$menu['name'] = _('search'); $menu['name'] = _('search');
break; break;
case 'refresh': case 'refresh':
@ -232,6 +234,7 @@ class HTMLTree extends Tree {
$menu['title'] = _('Refresh'); $menu['title'] = _('Refresh');
$menu['img'] = 'refresh-big.png'; $menu['img'] = 'refresh-big.png';
$menu['name'] = _('refresh'); $menu['name'] = _('refresh');
break; break;
case 'server_info': case 'server_info':
@ -244,6 +247,7 @@ class HTMLTree extends Tree {
$menu['title'] = _('Info'); $menu['title'] = _('Info');
$menu['img'] = 'info-big.png'; $menu['img'] = 'info-big.png';
$menu['name'] = _('info'); $menu['name'] = _('info');
break; break;
case 'monitor': case 'monitor':
@ -260,10 +264,11 @@ class HTMLTree extends Tree {
$menu['title'] = _('Monitor'); $menu['title'] = _('Monitor');
$menu['img'] = 'monitorserver-big.png'; $menu['img'] = 'monitorserver-big.png';
$menu['name'] = _('monitor'); $menu['name'] = _('monitor');
break; break;
case 'import': case 'import':
if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','import') || $server->isReadOnly()) if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','import_form') || ! $_SESSION[APPCONFIG]->isCommandAvailable('script','import') || $server->isReadOnly())
return ''; return '';
$menu['cmd'] = 'import_form'; $menu['cmd'] = 'import_form';
@ -272,10 +277,11 @@ class HTMLTree extends Tree {
$menu['title'] = _('Import'); $menu['title'] = _('Import');
$menu['img'] = 'import-big.png'; $menu['img'] = 'import-big.png';
$menu['name'] = _('import'); $menu['name'] = _('import');
break; break;
case 'export': case 'export':
if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','export')) if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','export_form') || ! $_SESSION[APPCONFIG]->isCommandAvailable('script','export'))
return ''; return '';
$menu['cmd'] = 'export_form'; $menu['cmd'] = 'export_form';
@ -284,10 +290,11 @@ class HTMLTree extends Tree {
$menu['title'] = _('Export'); $menu['title'] = _('Export');
$menu['img'] = 'export-big.png'; $menu['img'] = 'export-big.png';
$menu['name'] = _('export'); $menu['name'] = _('export');
break; break;
case 'logout': case 'logout':
if (in_array($server->getAuthType(),array('config','http','proxy'))) if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','logout') || in_array($server->getAuthType(),array('config','http','proxy')))
return ''; return '';
$href = sprintf('cmd.php?cmd=logout&server_id=%s',$server->getIndex()); $href = sprintf('cmd.php?cmd=logout&server_id=%s',$server->getIndex());

View File

@ -623,7 +623,7 @@ class PageRender extends Visitor {
echo '<br/>'; echo '<br/>';
if (! $attribute->isReadOnly() && $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete')) if (! $attribute->isReadOnly() && $_SESSION[APPCONFIG]->isCommandAvailable('script','delete_attr'))
printf('<a href="javascript:deleteAttribute(\'%s\',\'%s\',\'%s\');" style="color:red;"><img src="%s/trash.png" alt="Trash" /> %s</a>', printf('<a href="javascript:deleteAttribute(\'%s\',\'%s\',\'%s\');" style="color:red;"><img src="%s/trash.png" alt="Trash" /> %s</a>',
$attribute->getName(),$attribute->getFriendlyName(),$i,IMGDIR,_('delete attribute')); $attribute->getName(),$attribute->getFriendlyName(),$i,IMGDIR,_('delete attribute'));

View File

@ -561,7 +561,7 @@ var deon=0;
printf('<td>%s: <b>%s</b><br/><br/><div class="execution_time">(%s %s)</div></td>',_('Entries found'), printf('<td>%s: <b>%s</b><br/><br/><div class="execution_time">(%s %s)</div></td>',_('Entries found'),
number_format($results),$this->template->resultsdata[$base]['time'],_('seconds')); number_format($results),$this->template->resultsdata[$base]['time'],_('seconds'));
if ($_SESSION[APPCONFIG]->isCommandAvailable('export')) { if ($_SESSION[APPCONFIG]->isCommandAvailable('script','export') && $_SESSION[APPCONFIG]->isCommandAvailable('script','export_form')) {
$href = htmlspecialchars(sprintf('cmd.php?cmd=export_form&server_id=%s&scope=%s&dn=%s&filter=%s&attributes=%s', $href = htmlspecialchars(sprintf('cmd.php?cmd=export_form&server_id=%s&scope=%s&dn=%s&filter=%s&attributes=%s',
$server->getIndex(),$this->template->resultsdata[$base]['scope'], $server->getIndex(),$this->template->resultsdata[$base]['scope'],
$base,rawurlencode($this->template->resultsdata[$base]['filter']), $base,rawurlencode($this->template->resultsdata[$base]['filter']),

View File

@ -914,40 +914,43 @@ class TemplateRender extends PageRender {
switch ($i) { switch ($i) {
case 'entryrefresh': case 'entryrefresh':
if ($_SESSION[APPCONFIG]->isCommandAvailable('entry_refresh')) if ($_SESSION[APPCONFIG]->isCommandAvailable('cmd','entry_refresh'))
return $this->getMenuItemRefresh(); return $this->getMenuItemRefresh();
else else
return ''; return '';
case 'switchtemplate': case 'switchtemplate':
if ($_SESSION[APPCONFIG]->isCommandAvailable('cmd','switch_template'))
return $this->getMenuItemSwitchTemplate(); return $this->getMenuItemSwitchTemplate();
else
return '';
case 'entryexport': case 'entryexport':
if ($_SESSION[APPCONFIG]->isCommandAvailable('script','export_form')) if ($_SESSION[APPCONFIG]->isCommandAvailable('script','export_form') && $_SESSION[APPCONFIG]->isCommandAvailable('script','export'))
return $this->getMenuItemExportBase(); return $this->getMenuItemExportBase();
else else
return ''; return '';
case 'entrycopy': case 'entrycopy':
if ($_SESSION[APPCONFIG]->isCommandAvailable('script','copy_form') && ! $this->template->isReadOnly()) if ($_SESSION[APPCONFIG]->isCommandAvailable('script','copy_form') && $_SESSION[APPCONFIG]->isCommandAvailable('script','copy') && ! $this->template->isReadOnly())
return $this->getMenuItemMove(); return $this->getMenuItemMove();
else else
return ''; return '';
case 'showinternal': case 'showinternal':
if ($_SESSION[APPCONFIG]->isCommandAvailable('entry_internal_attributes_show')) if ($_SESSION[APPCONFIG]->isCommandAvailable('cmd','entry_internal_attributes_show'))
return $this->getMenuItemInternalAttributes(); return $this->getMenuItemInternalAttributes();
else else
return ''; return '';
case 'entrydelete': case 'entrydelete':
if ($_SESSION[APPCONFIG]->isCommandAvailable('script','delete_form') && ! $this->template->isReadOnly()) if ($_SESSION[APPCONFIG]->isCommandAvailable('script','delete_form') && $_SESSION[APPCONFIG]->isCommandAvailable('script','delete') && ! $this->template->isReadOnly())
return $this->getMenuItemDelete(); return $this->getMenuItemDelete();
else else
return ''; return '';
case 'entryrename': case 'entryrename':
if ($_SESSION[APPCONFIG]->isCommandAvailable('entry_rename') && ! $this->template->isReadOnly()) { if ($_SESSION[APPCONFIG]->isCommandAvailable('script','rename_form') && $_SESSION[APPCONFIG]->isCommandAvailable('script','rename') && ! $this->template->isReadOnly()) {
# Check if any of the RDN's are read only. # Check if any of the RDN's are read only.
$rdnro = false; $rdnro = false;
@ -968,25 +971,25 @@ class TemplateRender extends PageRender {
case 'msgdel': case 'msgdel':
if ($_SESSION[APPCONFIG]->getValue('appearance','show_hints') if ($_SESSION[APPCONFIG]->getValue('appearance','show_hints')
&& $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete') && ! $this->template->isReadOnly()) && $_SESSION[APPCONFIG]->isCommandAvailable('script','delete_form') && $_SESSION[APPCONFIG]->isCommandAvailable('script','delete') && ! $this->template->isReadOnly())
return array('',$this->getDeleteAttributeMessage()); return array('',$this->getDeleteAttributeMessage());
else else
return ''; return '';
case 'entrycompare': case 'entrycompare':
if ($_SESSION[APPCONFIG]->isCommandAvailable('entry_compare') && ! $this->template->isReadOnly()) if ($_SESSION[APPCONFIG]->isCommandAvailable('script','compare_form') && $_SESSION[APPCONFIG]->isCommandAvailable('script','compare') && ! $this->template->isReadOnly())
return $this->getMenuItemCompare(); return $this->getMenuItemCompare();
else else
return ''; return '';
case 'childcreate': case 'childcreate':
if ($_SESSION[APPCONFIG]->isCommandAvailable('entry_create') && ! $this->template->isReadOnly()) if ($_SESSION[APPCONFIG]->isCommandAvailable('script','create') && ! $this->template->isReadOnly())
return $this->getMenuItemCreate(); return $this->getMenuItemCreate();
else else
return ''; return '';
case 'addattr': case 'addattr':
if ($_SESSION[APPCONFIG]->isCommandAvailable('attribute_add') && ! $this->template->isReadOnly()) if ($_SESSION[APPCONFIG]->isCommandAvailable('script','add_attr_form') && ! $this->template->isReadOnly())
return $this->getMenuItemAddAttribute(); return $this->getMenuItemAddAttribute();
else else
return ''; return '';
@ -1027,7 +1030,7 @@ class TemplateRender extends PageRender {
if ($i == 'childview') if ($i == 'childview')
return $this->getMenuItemShowChildren($children_count); return $this->getMenuItemShowChildren($children_count);
elseif ($i == 'childexport' && $_SESSION[APPCONFIG]->isCommandAvailable('export')) elseif ($i == 'childexport' && $_SESSION[APPCONFIG]->isCommandAvailable('script','export_form') && $_SESSION[APPCONFIG]->isCommandAvailable('script','export'))
return $this->getMenuItemExportSub(); return $this->getMenuItemExportSub();
else else
return ''; return '';
@ -1036,7 +1039,7 @@ class TemplateRender extends PageRender {
return ''; return '';
case 'msgschema': case 'msgschema':
if ($_SESSION[APPCONFIG]->getValue('appearance','show_hints') && $_SESSION[APPCONFIG]->isCommandAvailable('schema')) if ($_SESSION[APPCONFIG]->getValue('appearance','show_hints') && $_SESSION[APPCONFIG]->isCommandAvailable('script','schema'))
return array('',$this->getViewSchemaMessage()); return array('',$this->getViewSchemaMessage());
else else
return array(); return array();
@ -1068,7 +1071,7 @@ class TemplateRender extends PageRender {
protected function getDeleteAttributeMessage() { protected function getDeleteAttributeMessage() {
if (DEBUGTMP) printf('<font size=-2>%s</font><br />',__METHOD__); if (DEBUGTMP) printf('<font size=-2>%s</font><br />',__METHOD__);
if ($_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete_value') && ! $this->template->isReadOnly()) if ($_SESSION[APPCONFIG]->isCommandAvailable('script','delete_attr') && ! $this->template->isReadOnly())
return sprintf($this->layout['hint'],_('Hint: To delete an attribute, empty the text field and click save.')); return sprintf($this->layout['hint'],_('Hint: To delete an attribute, empty the text field and click save.'));
else else
return ''; return '';
@ -1982,7 +1985,7 @@ function fillRec(id,value) {
switch ($action) { switch ($action) {
case 'add': case 'add':
if ($attribute->isVisible() && ! $attribute->isReadOnly() if ($attribute->isVisible() && ! $attribute->isReadOnly()
&& $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value')) { && $_SESSION[APPCONFIG]->isCommandAvailable('script','add_value_form')) {
if ($attribute->haveMoreValues()) if ($attribute->haveMoreValues())
return $this->get('AddValueMenuItem',$attribute); return $this->get('AddValueMenuItem',$attribute);
@ -1993,8 +1996,7 @@ function fillRec(id,value) {
case 'modify': case 'modify':
if (in_array($attribute->getName(),arrayLower($_SESSION[APPCONFIG]->getValue('modify_member','groupattr')))) { if (in_array($attribute->getName(),arrayLower($_SESSION[APPCONFIG]->getValue('modify_member','groupattr')))) {
if ($attribute->isVisible() && ! $attribute->isReadOnly() && ! $attribute->isRDN() if ($attribute->isVisible() && ! $attribute->isReadOnly() && ! $attribute->isRDN()
&& ($_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value') && $_SESSION[APPCONFIG]->isCommandAvailable('script','modify_member_form'))
|| $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete_value')))
return $this->get('ModifyMemberMenuItem',$attribute); return $this->get('ModifyMemberMenuItem',$attribute);
} }
@ -2002,7 +2004,8 @@ function fillRec(id,value) {
case 'rename': case 'rename':
if ($attribute->isVisible() && $attribute->isRDN() && ! $attribute->isReadOnly() if ($attribute->isVisible() && $attribute->isRDN() && ! $attribute->isReadOnly()
&& $_SESSION[APPCONFIG]->isCommandAvailable('entry_rename')) && $_SESSION[APPCONFIG]->isCommandAvailable('script','rename_form')
&& $_SESSION[APPCONFIG]->isCommandAvailable('script','rename'))
return $this->get('RenameMenuItem',$attribute); return $this->get('RenameMenuItem',$attribute);
return ''; return '';

View File

@ -290,6 +290,15 @@ class Config {
* Define command availability ; if the value of a command is true, * Define command availability ; if the value of a command is true,
* the command will be available. * the command will be available.
*/ */
$this->default->commands['cmd'] = array(
'desc'=>'Define command availability',
'default'=> array(
'entry_internal_attributes_show' => true,
'entry_refresh' => true,
'oslinks' => true,
'switch_template' => true
));
$this->default->commands['script'] = array( $this->default->commands['script'] = array(
'desc'=>'Define scripts availability', 'desc'=>'Define scripts availability',
'default'=> array( 'default'=> array(
@ -331,42 +340,7 @@ class Config {
'show_cache' => true, 'show_cache' => true,
'template_engine' => true, 'template_engine' => true,
'update_confirm' => true, 'update_confirm' => true,
'update' => true, 'update' => true
'test' => true
));
$this->default->commands['all'] = array(
'desc'=>'Define command availability',
'default'=> array(
'home' => true,
'external_links' => array('feature' => true,
'forum' => true,
'bug' => true,
'donation' => true,
'help' => true,
'credits' => true),
'purge' => true,
'schema' => true,
'import' => true,
'export' => true,
'logout' => true,
'search' => array('simple_search' => true,
'predefined_search' => true,
'advanced_search' => true),
'server_refresh' => true,
'server_info' => true,
'entry_refresh' => true,
'entry_move' => true,
'entry_internal_attributes_show' => true,
'entry_delete' => array('simple_delete' => true,
'mass_delete' => false),
'entry_rename' => true,
'entry_compare' => true,
'entry_create' => true,
'attribute_add' => true,
'attribute_add_value' => true,
'attribute_delete' => true,
'attribute_delete_value' => true
)); ));
/** Aliases and Referrrals /** Aliases and Referrrals
@ -666,48 +640,20 @@ class Config {
} }
/** /**
* The parameter number is variable. * Simple ACL to see if commands can be run
* For example : isCommandAvailable('search','simple_search')
*/ */
public function isCommandAvailable($index='all') { public function isCommandAvailable($index='cmd') {
$a = func_get_args(); $a = func_get_args();
if (! in_array($index,array('all','script')))
$index = 'all';
else
array_shift($a); array_shift($a);
if (count($a) == 1 && is_array($a[0]))
$a = $a[0]; $a = $a[0];
$i = 0;
# Command availability list # Command availability list
$cmd = $this->getValue('commands',$index); $cmd = $this->getValue('commands',$index);
# Search for the command if (! is_string($a) || ! isset($cmd[$a]))
while ($i < count($a)) { debug_dump(array('Unknown command '=>$a),1);
if (! is_array($cmd))
return $cmd;
if (! isset($cmd[$a[$i]])) return $cmd[$a];
return false;
$cmd = $cmd[$a[$i]];
$i++;
}
# If this is a leaf command, return its availability
if (! is_array($cmd))
return $cmd;
# Else the command is available, if one of its sub-command is available
$a[] = '';
foreach ($cmd as $c => $v) {
$a[$i] = $c;
if ($this->isCommandAvailable($a))
return true;
}
return false;
} }
public function configDefinition($key,$index,$config) { public function configDefinition($key,$index,$config) {

View File

@ -122,31 +122,6 @@ class ldap_pla extends ldap {
} }
/** FUNCTIONS TO BE REWORKED BELOW HERE **/ /** FUNCTIONS TO BE REWORKED BELOW HERE **/
/**
* Returns true if the user has configured the specified server to enable mass deletion.
*
* Mass deletion is enabled in config.php this:
* <code>
* $config->custom->commands['all'] = array('entry_delete' => array('mass_delete' => true));
* </code>
* Notice that mass deletes are not enabled on a per-server basis, but this
* function checks that the server is not in a read-only state as well.
*
* @return boolean
*/
function isMassDeleteEnabled() {
if (DEBUG_ENABLED)
debug_log('Entered with ()',17,__FILE__,__LINE__,__METHOD__);
if ($this->connect(false) && $this->haveAuthInfo() && ! $this->isReadOnly() &&
$_SESSION[APPCONFIG]->isCommandAvailable('entry_delete', 'mass_delete'))
return true;
else
return false;
}
/** /**
* Gets whether the admin has configured phpLDAPadmin to show the "Create New" link in the tree viewer. * Gets whether the admin has configured phpLDAPadmin to show the "Create New" link in the tree viewer.
* <code> * <code>
@ -166,7 +141,7 @@ class ldap_pla extends ldap {
if (DEBUG_ENABLED) if (DEBUG_ENABLED)
debug_log('Entered with ()',17,__FILE__,__LINE__,__METHOD__); debug_log('Entered with ()',17,__FILE__,__LINE__,__METHOD__);
if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_create')) if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','create'))
return false; return false;
else else
return $this->getValue('appearance','show_create'); return $this->getValue('appearance','show_create');

View File

@ -358,50 +358,60 @@ function cmd_control_pane($type) {
return array( return array(
'home'=>array( 'home'=>array(
'title'=>_('Home'), 'title'=>_('Home'),
'enable'=>true,
'link'=>sprintf('href="index.php" title="%s"',_('Home')), 'link'=>sprintf('href="index.php" title="%s"',_('Home')),
'image'=>sprintf('<img src="%s/home-big.png" alt="%s" />',IMGDIR,_('Home'))), 'image'=>sprintf('<img src="%s/home-big.png" alt="%s" />',IMGDIR,_('Home'))),
'purge'=>array( 'purge'=>array(
'title'=>_('Purge caches'), 'title'=>_('Purge caches'),
'enable'=>$_SESSION[APPCONFIG]->isCommandAvailable('script','purge_cache'),
'link'=>sprintf('href="cmd.php?cmd=purge_cache" onclick="return displayAJ(\'BODY\',\'cmd=purge_cache\',\'%s\');" title="%s"', 'link'=>sprintf('href="cmd.php?cmd=purge_cache" onclick="return displayAJ(\'BODY\',\'cmd=purge_cache\',\'%s\');" title="%s"',
_('Clearing cache'),_('Purge caches')), _('Clearing cache'),_('Purge caches')),
'image'=>sprintf('<img src="%s/trash-big.png" alt="%s" />',IMGDIR,_('Purge caches'))), 'image'=>sprintf('<img src="%s/trash-big.png" alt="%s" />',IMGDIR,_('Purge caches'))),
'appearance:hide_debug_info'=>array( 'hide_debug_info'=>array(
'title'=>_('Show Cache'), 'title'=>_('Show Cache'),
'enable'=>$_SESSION[APPCONFIG]->isCommandAvailable('script','show_cache'),
'link'=>sprintf('href="cmd.php?cmd=show_cache" onclick="return displayAJ(\'BODY\',\'cmd=show_cache\',\'%s\');" title="%s"', 'link'=>sprintf('href="cmd.php?cmd=show_cache" onclick="return displayAJ(\'BODY\',\'cmd=show_cache\',\'%s\');" title="%s"',
_('Loading'),_('Show Cache'),_('Show Cache')), _('Loading'),_('Show Cache'),_('Show Cache')),
'image'=>sprintf('<img src="%s/debug-cache.png" alt="%s" />',IMGDIR,_('Show Cache'))), 'image'=>sprintf('<img src="%s/debug-cache.png" alt="%s" />',IMGDIR,_('Show Cache'))),
); );
break; break;
case 'top' : case 'top' :
return array( return array(
'external_links:forum'=>array( 'forum'=>array(
'title'=>_('Forum'), 'title'=>_('Forum'),
'enable'=>$_SESSION[APPCONFIG]->isCommandAvailable('cmd','oslinks'),
'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('forum'),_('Forum')), 'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('forum'),_('Forum')),
'image'=>sprintf('<img src="%s/forum-big.png" alt="%s" />',IMGDIR,_('Forum'))), 'image'=>sprintf('<img src="%s/forum-big.png" alt="%s" />',IMGDIR,_('Forum'))),
'external_links:feature'=>array( 'feature'=>array(
'title'=>_('Request feature'), 'title'=>_('Request feature'),
'enable'=>$_SESSION[APPCONFIG]->isCommandAvailable('cmd','oslinks'),
'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('add_rfe'),_('Request feature')), 'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('add_rfe'),_('Request feature')),
'image'=>sprintf('<img src="%s/request-feature-big.png" alt="%s" />',IMGDIR,_('Request feature'))), 'image'=>sprintf('<img src="%s/request-feature-big.png" alt="%s" />',IMGDIR,_('Request feature'))),
'external_links:bug'=>array( 'bug'=>array(
'title'=>_('Report a bug'), 'title'=>_('Report a bug'),
'enable'=>$_SESSION[APPCONFIG]->isCommandAvailable('cmd','oslinks'),
'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('add_bug'),_('Report a bug')), 'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('add_bug'),_('Report a bug')),
'image'=>sprintf('<img src="%s/bug-big.png" alt="%s" />',IMGDIR,_('Report a bug'))), 'image'=>sprintf('<img src="%s/bug-big.png" alt="%s" />',IMGDIR,_('Report a bug'))),
'external_links:donation'=>array( 'donation'=>array(
'title'=>_('Donate'), 'title'=>_('Donate'),
'enable'=>$_SESSION[APPCONFIG]->isCommandAvailable('cmd','oslinks'),
'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('donate'),_('Donate')), 'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('donate'),_('Donate')),
'image'=>sprintf('<img src="%s/smile-big.png" alt="%s" />',IMGDIR,_('Donate'))), 'image'=>sprintf('<img src="%s/smile-big.png" alt="%s" />',IMGDIR,_('Donate'))),
'external_links:help'=>array( 'help'=>array(
'title'=>_('Help'), 'title'=>_('Help'),
'enable'=>$_SESSION[APPCONFIG]->isCommandAvailable('cmd','oslinks'),
'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('documentation'),_('Help')), 'link'=>sprintf('href="%s" title="%s" target="_blank"',get_href('documentation'),_('Help')),
'image'=>sprintf('<img src="%s/help-big.png" alt="%s" />',IMGDIR,_('Help'))) 'image'=>sprintf('<img src="%s/help-big.png" alt="%s" />',IMGDIR,_('Help')))
); );
break; break;
} }
} }

View File

@ -154,12 +154,8 @@ class page {
echo '<td class="imagetop">'; echo '<td class="imagetop">';
$empty = true; $empty = true;
if (function_exists('cmd_control_pane')) if (function_exists('cmd_control_pane'))
foreach (cmd_control_pane('top') as $cmd => $cmddetails) { foreach (cmd_control_pane('top') as $cmddetails)
$cmds = explode(':',$cmd); if ((isset($cmddetails['enable']) && $cmddetails['enable']) || ! isset($cmddetails['enable'])) {
if (defined('APPCONFIG') && isset($_SESSION[APPCONFIG]) && method_exists($_SESSION[APPCONFIG],'isCommandAvailable'))
if ($_SESSION[APPCONFIG]->isCommandAvailable('all',$cmds)) {
if ((isset($cmddetails['enable']) && trim($cmddetails['enable'])) || ! isset($cmddetails['enable'])) {
if (! $empty) if (! $empty)
echo ' '; echo ' ';
@ -167,11 +163,10 @@ class page {
$empty = false; $empty = false;
} }
}
}
if ($empty) if ($empty)
echo '&nbsp;'; echo '&nbsp;';
echo '</td>'; echo '</td>';
echo '</tr></table></div></td>'; echo '</tr></table></div></td>';
echo '</tr>'; echo '</tr>';
@ -187,11 +182,7 @@ class page {
$empty = true; $empty = true;
if (function_exists('cmd_control_pane')) if (function_exists('cmd_control_pane'))
foreach (cmd_control_pane('main') as $cmd => $cmddetails) { foreach (cmd_control_pane('main') as $cmddetails)
$cmds = explode(':',$cmd);
if (defined('APPCONFIG') && isset($_SESSION[APPCONFIG]) && method_exists($_SESSION[APPCONFIG],'isCommandAvailable'))
if ($_SESSION[APPCONFIG]->isCommandAvailable('all',$cmds)) {
if ((isset($cmddetails['enable']) && trim($cmddetails['enable'])) || ! isset($cmddetails['enable'])) { if ((isset($cmddetails['enable']) && trim($cmddetails['enable'])) || ! isset($cmddetails['enable'])) {
if (! $empty) if (! $empty)
echo ' | '; echo ' | ';
@ -201,8 +192,6 @@ class page {
$empty = false; $empty = false;
} }
}
}
echo '</td>'; echo '</td>';
if ($empty) if ($empty)