diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc
index 1ef80329..837df79c 100644
--- a/lam/lib/modules.inc
+++ b/lam/lib/modules.inc
@@ -875,7 +875,7 @@ class accountContainer {
exit;
}
// module actions
- if (sizeof($_POST) > 0) {
+ if ((sizeof($_POST) > 0) && checkIfWriteAccessIsAllowed()) {
$result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'process_'.$this->subpage));
if (is_array($result)) { // messages were returned, check for errors
for ($i = 0; $i < sizeof($result); $i++) {
diff --git a/lam/lib/tree.inc b/lam/lib/tree.inc
index adf2707d..b8302dfa 100644
--- a/lam/lib/tree.inc
+++ b/lam/lib/tree.inc
@@ -86,9 +86,12 @@ function draw_server_tree()
echo '';
echo '( ';
echo '' . _('Refresh') . ' | ';
- echo '' . _('Create new entry') . '';
+ ' href="' . $refresh_href . '">' . _('Refresh') . '';
+ if (checkIfWriteAccessIsAllowed()) {
+ echo ' | ';
+ echo '' . _('Create new entry') . '';
+ }
echo ' )';
// Fetch and display the base DN for this server
@@ -147,13 +150,15 @@ function draw_server_tree()
if( isset( $tree[$base_dn] ) && is_array( $tree[$base_dn] ) ) {
foreach( $tree[ $base_dn ] as $child_dn )
draw_tree_html( $child_dn, 0 );
- echo '
| ';
- echo ' | ';
- echo '' . _('Create new entry') . ' |
';
+ if (checkIfWriteAccessIsAllowed()) {
+ echo ' | ';
+ echo ' | ';
+ echo '' . _('Create new entry') . ' |
';
+ }
}
}
diff --git a/lam/templates/tree/add_attr.php b/lam/templates/tree/add_attr.php
index 183bc029..a6d504bc 100644
--- a/lam/templates/tree/add_attr.php
+++ b/lam/templates/tree/add_attr.php
@@ -59,6 +59,9 @@ include_once('../../lib/account.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
$attr = $_POST['attr'];
diff --git a/lam/templates/tree/add_oclass.php b/lam/templates/tree/add_oclass.php
index 6bce3b10..987b0e7e 100644
--- a/lam/templates/tree/add_oclass.php
+++ b/lam/templates/tree/add_oclass.php
@@ -59,6 +59,9 @@ include_once('../../lib/status.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
$dn = rawurldecode( $_POST['dn'] );
diff --git a/lam/templates/tree/add_oclass_form.php b/lam/templates/tree/add_oclass_form.php
index 1881c314..4fb0b8d1 100644
--- a/lam/templates/tree/add_oclass_form.php
+++ b/lam/templates/tree/add_oclass_form.php
@@ -60,6 +60,9 @@ include_once('../../lib/status.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
$dn = rawurldecode( $_POST['dn'] );
diff --git a/lam/templates/tree/add_value.php b/lam/templates/tree/add_value.php
index e1ca3e8b..97bb169d 100644
--- a/lam/templates/tree/add_value.php
+++ b/lam/templates/tree/add_value.php
@@ -59,6 +59,9 @@ include_once('../../lib/status.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
$dn = rawurldecode( $_POST['dn'] );
diff --git a/lam/templates/tree/create.php b/lam/templates/tree/create.php
index 76c311ea..48fe062a 100644
--- a/lam/templates/tree/create.php
+++ b/lam/templates/tree/create.php
@@ -59,6 +59,9 @@ include_once('../../lib/status.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
$new_dn = isset( $_POST['new_dn'] ) ? $_POST['new_dn'] : null;
diff --git a/lam/templates/tree/delete.php b/lam/templates/tree/delete.php
index ae72a423..68345d72 100644
--- a/lam/templates/tree/delete.php
+++ b/lam/templates/tree/delete.php
@@ -54,6 +54,9 @@ include_once('../../lib/status.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
echo $_SESSION['header'];
diff --git a/lam/templates/tree/delete_attr.php b/lam/templates/tree/delete_attr.php
index 9095f5b5..16cad44d 100644
--- a/lam/templates/tree/delete_attr.php
+++ b/lam/templates/tree/delete_attr.php
@@ -54,6 +54,9 @@ include_once('../../lib/status.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
$dn = $_POST['dn'] ;
diff --git a/lam/templates/tree/edit.php b/lam/templates/tree/edit.php
index 4f37047d..8c3bb270 100644
--- a/lam/templates/tree/edit.php
+++ b/lam/templates/tree/edit.php
@@ -109,13 +109,16 @@ echo "\n";
+
|
|
+
|
|
+
|
|
@@ -126,6 +129,7 @@ echo "\n";
|
"> |
+
@@ -483,7 +487,7 @@ foreach( $attrs as $attr => $vals ) {
/* Draw the "add value" link under the list of values for this attributes */
if( ( $schema_attr = get_schema_attribute( $attr, $dn ) ) &&
- ! $schema_attr->getIsSingleValue() )
+ ! $schema_attr->getIsSingleValue() && checkIfWriteAccessIsAllowed() )
{
$add_href = "add_value_form.php?dn=$encoded_dn&attr=" . rawurlencode( $attr );
echo "(
" .
@@ -504,8 +508,10 @@ foreach( $attrs as $attr => $vals ) {
flush();
} /* End foreach( $attrs as $attr => $vals ) */ ?>
-
- |
+
+ |
+
+
diff --git a/lam/templates/tree/rdelete.php b/lam/templates/tree/rdelete.php
index d68315ca..52a97f0a 100644
--- a/lam/templates/tree/rdelete.php
+++ b/lam/templates/tree/rdelete.php
@@ -53,6 +53,9 @@ include_once('../../lib/status.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
echo $_SESSION['header'];
diff --git a/lam/templates/tree/tree.php b/lam/templates/tree/tree.php
index 69293c82..b6dd0819 100644
--- a/lam/templates/tree/tree.php
+++ b/lam/templates/tree/tree.php
@@ -174,6 +174,9 @@ function draw_tree_html( $dn, $level = 0 )
function draw_create_link( $rdn, $level, $encoded_dn )
{
+ if (!checkIfWriteAccessIsAllowed()) {
+ return;
+ }
// print the "Create New object" link.
$create_html = "";
$create_href = "create_form.php?container=$encoded_dn";
diff --git a/lam/templates/tree/update.php b/lam/templates/tree/update.php
index 9be7d656..a90fe3f4 100644
--- a/lam/templates/tree/update.php
+++ b/lam/templates/tree/update.php
@@ -65,6 +65,9 @@ include_once('../../lib/ldap.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
$dn = $_POST['dn'];
diff --git a/lam/templates/tree/update_confirm.php b/lam/templates/tree/update_confirm.php
index 4592b84a..ffe5336f 100644
--- a/lam/templates/tree/update_confirm.php
+++ b/lam/templates/tree/update_confirm.php
@@ -55,6 +55,9 @@ include_once('../../lib/account.inc');
// start session
startSecureSession();
+// die if no write access
+if (!checkIfWriteAccessIsAllowed()) die();
+
setlanguage();
$dn = $_POST['dn'];