diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc index 1ef80329..837df79c 100644 --- a/lam/lib/modules.inc +++ b/lam/lib/modules.inc @@ -875,7 +875,7 @@ class accountContainer { exit; } // module actions - if (sizeof($_POST) > 0) { + if ((sizeof($_POST) > 0) && checkIfWriteAccessIsAllowed()) { $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'process_'.$this->subpage)); if (is_array($result)) { // messages were returned, check for errors for ($i = 0; $i < sizeof($result); $i++) { diff --git a/lam/lib/tree.inc b/lam/lib/tree.inc index adf2707d..b8302dfa 100644 --- a/lam/lib/tree.inc +++ b/lam/lib/tree.inc @@ -86,9 +86,12 @@ function draw_server_tree() echo ''; echo '( '; echo '' . _('Refresh') . ' | '; - echo '' . _('Create new entry') . ''; + ' href="' . $refresh_href . '">' . _('Refresh') . ''; + if (checkIfWriteAccessIsAllowed()) { + echo ' | '; + echo '' . _('Create new entry') . ''; + } echo ' )'; // Fetch and display the base DN for this server @@ -147,13 +150,15 @@ function draw_server_tree() if( isset( $tree[$base_dn] ) && is_array( $tree[$base_dn] ) ) { foreach( $tree[ $base_dn ] as $child_dn ) draw_tree_html( $child_dn, 0 ); - echo ''; - echo '' . 
-						_('Create new entry') . ''; - echo '' . _('Create new entry') . ''; + if (checkIfWriteAccessIsAllowed()) { + echo ''; + echo '' . 
+							_('Create new entry') . ''; + echo '' . _('Create new entry') . ''; + } } } diff --git a/lam/templates/tree/add_attr.php b/lam/templates/tree/add_attr.php index 183bc029..a6d504bc 100644 --- a/lam/templates/tree/add_attr.php +++ b/lam/templates/tree/add_attr.php @@ -59,6 +59,9 @@ include_once('../../lib/account.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); $attr = $_POST['attr']; diff --git a/lam/templates/tree/add_oclass.php b/lam/templates/tree/add_oclass.php index 6bce3b10..987b0e7e 100644 --- a/lam/templates/tree/add_oclass.php +++ b/lam/templates/tree/add_oclass.php @@ -59,6 +59,9 @@ include_once('../../lib/status.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); $dn = rawurldecode( $_POST['dn'] ); diff --git a/lam/templates/tree/add_oclass_form.php b/lam/templates/tree/add_oclass_form.php index 1881c314..4fb0b8d1 100644 --- a/lam/templates/tree/add_oclass_form.php +++ b/lam/templates/tree/add_oclass_form.php @@ -60,6 +60,9 @@ include_once('../../lib/status.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); $dn = rawurldecode( $_POST['dn'] ); diff --git a/lam/templates/tree/add_value.php b/lam/templates/tree/add_value.php index e1ca3e8b..97bb169d 100644 --- a/lam/templates/tree/add_value.php +++ b/lam/templates/tree/add_value.php @@ -59,6 +59,9 @@ include_once('../../lib/status.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); $dn = rawurldecode( $_POST['dn'] ); diff --git a/lam/templates/tree/create.php b/lam/templates/tree/create.php index 76c311ea..48fe062a 100644 --- a/lam/templates/tree/create.php +++ b/lam/templates/tree/create.php @@ -59,6 +59,9 @@ include_once('../../lib/status.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); $new_dn = isset( $_POST['new_dn'] ) ? $_POST['new_dn'] : null; diff --git a/lam/templates/tree/delete.php b/lam/templates/tree/delete.php index ae72a423..68345d72 100644 --- a/lam/templates/tree/delete.php +++ b/lam/templates/tree/delete.php @@ -54,6 +54,9 @@ include_once('../../lib/status.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); echo $_SESSION['header']; diff --git a/lam/templates/tree/delete_attr.php b/lam/templates/tree/delete_attr.php index 9095f5b5..16cad44d 100644 --- a/lam/templates/tree/delete_attr.php +++ b/lam/templates/tree/delete_attr.php @@ -54,6 +54,9 @@ include_once('../../lib/status.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); $dn = $_POST['dn'] ; diff --git a/lam/templates/tree/edit.php b/lam/templates/tree/edit.php index 4f37047d..8c3bb270 100644 --- a/lam/templates/tree/edit.php +++ b/lam/templates/tree/edit.php @@ -109,13 +109,16 @@ echo "\n"; + + + @@ -126,6 +129,7 @@ echo "\n"; "> + @@ -483,7 +487,7 @@ foreach( $attrs as $attr => $vals ) { /* Draw the "add value" link under the list of values for this attributes */ if( ( $schema_attr = get_schema_attribute( $attr, $dn ) ) && - ! $schema_attr->getIsSingleValue() ) + ! $schema_attr->getIsSingleValue() && checkIfWriteAccessIsAllowed() ) { $add_href = "add_value_form.php?dn=$encoded_dn&attr=" . rawurlencode( $attr ); echo "
(" . @@ -504,8 +508,10 @@ foreach( $attrs as $attr => $vals ) { flush(); } /* End foreach( $attrs as $attr => $vals ) */ ?> - -
+ +
+ + diff --git a/lam/templates/tree/rdelete.php b/lam/templates/tree/rdelete.php index d68315ca..52a97f0a 100644 --- a/lam/templates/tree/rdelete.php +++ b/lam/templates/tree/rdelete.php @@ -53,6 +53,9 @@ include_once('../../lib/status.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); echo $_SESSION['header']; diff --git a/lam/templates/tree/tree.php b/lam/templates/tree/tree.php index 69293c82..b6dd0819 100644 --- a/lam/templates/tree/tree.php +++ b/lam/templates/tree/tree.php @@ -174,6 +174,9 @@ function draw_tree_html( $dn, $level = 0 ) function draw_create_link( $rdn, $level, $encoded_dn ) { + if (!checkIfWriteAccessIsAllowed()) { + return; + } // print the "Create New object" link. $create_html = ""; $create_href = "create_form.php?container=$encoded_dn"; diff --git a/lam/templates/tree/update.php b/lam/templates/tree/update.php index 9be7d656..a90fe3f4 100644 --- a/lam/templates/tree/update.php +++ b/lam/templates/tree/update.php @@ -65,6 +65,9 @@ include_once('../../lib/ldap.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); $dn = $_POST['dn']; diff --git a/lam/templates/tree/update_confirm.php b/lam/templates/tree/update_confirm.php index 4592b84a..ffe5336f 100644 --- a/lam/templates/tree/update_confirm.php +++ b/lam/templates/tree/update_confirm.php @@ -55,6 +55,9 @@ include_once('../../lib/account.inc'); // start session startSecureSession(); +// die if no write access +if (!checkIfWriteAccessIsAllowed()) die(); + setlanguage(); $dn = $_POST['dn'];