added new security model
This commit is contained in:
parent
461b53efbd
commit
6e324a83f6
|
@ -875,7 +875,7 @@ class accountContainer {
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
// module actions
|
// module actions
|
||||||
if (sizeof($_POST) > 0) {
|
if ((sizeof($_POST) > 0) && checkIfWriteAccessIsAllowed()) {
|
||||||
$result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'process_'.$this->subpage));
|
$result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'process_'.$this->subpage));
|
||||||
if (is_array($result)) { // messages were returned, check for errors
|
if (is_array($result)) { // messages were returned, check for errors
|
||||||
for ($i = 0; $i < sizeof($result); $i++) {
|
for ($i = 0; $i < sizeof($result); $i++) {
|
||||||
|
|
|
@ -86,9 +86,12 @@ function draw_server_tree()
|
||||||
echo '<nobr>';
|
echo '<nobr>';
|
||||||
echo '( ';
|
echo '( ';
|
||||||
echo '<a title="' . _('Refresh') . '"'.
|
echo '<a title="' . _('Refresh') . '"'.
|
||||||
' href="' . $refresh_href . '">' . _('Refresh') . '</a> | ';
|
' href="' . $refresh_href . '">' . _('Refresh') . '</a>';
|
||||||
|
if (checkIfWriteAccessIsAllowed()) {
|
||||||
|
echo ' | ';
|
||||||
echo '<a title="' . _('Create new entry') . '"'.
|
echo '<a title="' . _('Create new entry') . '"'.
|
||||||
' href="' . $create_href . '" target="right_frame">' . _('Create new entry') . '</a>';
|
' href="' . $create_href . '" target="right_frame">' . _('Create new entry') . '</a>';
|
||||||
|
}
|
||||||
echo ' )</nobr></td></tr>';
|
echo ' )</nobr></td></tr>';
|
||||||
|
|
||||||
// Fetch and display the base DN for this server
|
// Fetch and display the base DN for this server
|
||||||
|
@ -147,6 +150,7 @@ function draw_server_tree()
|
||||||
if( isset( $tree[$base_dn] ) && is_array( $tree[$base_dn] ) ) {
|
if( isset( $tree[$base_dn] ) && is_array( $tree[$base_dn] ) ) {
|
||||||
foreach( $tree[ $base_dn ] as $child_dn )
|
foreach( $tree[ $base_dn ] as $child_dn )
|
||||||
draw_tree_html( $child_dn, 0 );
|
draw_tree_html( $child_dn, 0 );
|
||||||
|
if (checkIfWriteAccessIsAllowed()) {
|
||||||
echo '<tr><td class="spacer"></td>';
|
echo '<tr><td class="spacer"></td>';
|
||||||
echo '<td class="icon"><a href="' . $create_href .
|
echo '<td class="icon"><a href="' . $create_href .
|
||||||
'" target="right_frame"><img src="../../graphics/star.png" alt="' .
|
'" target="right_frame"><img src="../../graphics/star.png" alt="' .
|
||||||
|
@ -155,6 +159,7 @@ function draw_server_tree()
|
||||||
. '" target="right_frame" title="' . _('Create new entry')
|
. '" target="right_frame" title="' . _('Create new entry')
|
||||||
. ' ' . $base_dn.'">' . _('Create new entry') . '</a></td></tr>';
|
. ' ' . $base_dn.'">' . _('Create new entry') . '</a></td></tr>';
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -59,6 +59,9 @@ include_once('../../lib/account.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
$attr = $_POST['attr'];
|
$attr = $_POST['attr'];
|
||||||
|
|
|
@ -59,6 +59,9 @@ include_once('../../lib/status.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
$dn = rawurldecode( $_POST['dn'] );
|
$dn = rawurldecode( $_POST['dn'] );
|
||||||
|
|
|
@ -60,6 +60,9 @@ include_once('../../lib/status.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
$dn = rawurldecode( $_POST['dn'] );
|
$dn = rawurldecode( $_POST['dn'] );
|
||||||
|
|
|
@ -59,6 +59,9 @@ include_once('../../lib/status.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
$dn = rawurldecode( $_POST['dn'] );
|
$dn = rawurldecode( $_POST['dn'] );
|
||||||
|
|
|
@ -59,6 +59,9 @@ include_once('../../lib/status.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
$new_dn = isset( $_POST['new_dn'] ) ? $_POST['new_dn'] : null;
|
$new_dn = isset( $_POST['new_dn'] ) ? $_POST['new_dn'] : null;
|
||||||
|
|
|
@ -54,6 +54,9 @@ include_once('../../lib/status.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
echo $_SESSION['header'];
|
echo $_SESSION['header'];
|
||||||
|
|
|
@ -54,6 +54,9 @@ include_once('../../lib/status.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
$dn = $_POST['dn'] ;
|
$dn = $_POST['dn'] ;
|
||||||
|
|
|
@ -109,13 +109,16 @@ echo "</head>\n";
|
||||||
</tr>
|
</tr>
|
||||||
|
|
||||||
<tr>
|
<tr>
|
||||||
|
<?php if (checkIfWriteAccessIsAllowed()) { ?>
|
||||||
<td class="icon"><img src="../../graphics/delete.gif" /></td>
|
<td class="icon"><img src="../../graphics/delete.gif" /></td>
|
||||||
<td><a style="color: red" href="delete_form.php?dn=<?php echo $encoded_dn; ?>">
|
<td><a style="color: red" href="delete_form.php?dn=<?php echo $encoded_dn; ?>">
|
||||||
<?php echo _('Delete'); ?></a></td>
|
<?php echo _('Delete'); ?></a></td>
|
||||||
|
<?php } ?>
|
||||||
<td class="icon"><img src="../../graphics/save.png" /></td>
|
<td class="icon"><img src="../../graphics/save.png" /></td>
|
||||||
<td><a href="export_form.php?dn=<?php echo $encoded_dn; ?>">
|
<td><a href="export_form.php?dn=<?php echo $encoded_dn; ?>">
|
||||||
<?php echo _('Export'); ?></a></td>
|
<?php echo _('Export'); ?></a></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php if (checkIfWriteAccessIsAllowed()) { ?>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="icon"><img src="../../graphics/light.png" /></td>
|
<td class="icon"><img src="../../graphics/light.png" /></td>
|
||||||
<td colspan="3"><span class="tree_hint"><?php echo _('Hint: To delete an attribute, empty the text field and click save.'); ?></span></td>
|
<td colspan="3"><span class="tree_hint"><?php echo _('Hint: To delete an attribute, empty the text field and click save.'); ?></span></td>
|
||||||
|
@ -126,6 +129,7 @@ echo "</head>\n";
|
||||||
<td class="icon"><img src="../../graphics/add.png" /></td>
|
<td class="icon"><img src="../../graphics/add.png" /></td>
|
||||||
<td><a href="<?php echo "add_attr_form.php?dn=$encoded_dn"; ?>"><?php echo _('Add new attribute'); ?></a></td>
|
<td><a href="<?php echo "add_attr_form.php?dn=$encoded_dn"; ?>"><?php echo _('Add new attribute'); ?></a></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
<?php } ?>
|
||||||
|
|
||||||
|
|
||||||
<?php flush(); ?>
|
<?php flush(); ?>
|
||||||
|
@ -483,7 +487,7 @@ foreach( $attrs as $attr => $vals ) {
|
||||||
/* Draw the "add value" link under the list of values for this attributes */
|
/* Draw the "add value" link under the list of values for this attributes */
|
||||||
|
|
||||||
if( ( $schema_attr = get_schema_attribute( $attr, $dn ) ) &&
|
if( ( $schema_attr = get_schema_attribute( $attr, $dn ) ) &&
|
||||||
! $schema_attr->getIsSingleValue() )
|
! $schema_attr->getIsSingleValue() && checkIfWriteAccessIsAllowed() )
|
||||||
{
|
{
|
||||||
$add_href = "add_value_form.php?dn=$encoded_dn&attr=" . rawurlencode( $attr );
|
$add_href = "add_value_form.php?dn=$encoded_dn&attr=" . rawurlencode( $attr );
|
||||||
echo "<div class=\"add_value\">(<a href=\"$add_href\">" .
|
echo "<div class=\"add_value\">(<a href=\"$add_href\">" .
|
||||||
|
@ -504,8 +508,10 @@ foreach( $attrs as $attr => $vals ) {
|
||||||
flush();
|
flush();
|
||||||
|
|
||||||
} /* End foreach( $attrs as $attr => $vals ) */ ?>
|
} /* End foreach( $attrs as $attr => $vals ) */ ?>
|
||||||
|
<?php if (checkIfWriteAccessIsAllowed()) { ?>
|
||||||
<tr><td colspan="2"><center><input type="submit" value="<?php echo _('Save'); ?>" /></center></td></tr></form>
|
<tr><td colspan="2"><center><input type="submit" value="<?php echo _('Save'); ?>" /></center></td></tr>
|
||||||
|
<?php } ?>
|
||||||
|
</form>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -53,6 +53,9 @@ include_once('../../lib/status.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
echo $_SESSION['header'];
|
echo $_SESSION['header'];
|
||||||
|
|
|
@ -174,6 +174,9 @@ function draw_tree_html( $dn, $level = 0 )
|
||||||
|
|
||||||
function draw_create_link( $rdn, $level, $encoded_dn )
|
function draw_create_link( $rdn, $level, $encoded_dn )
|
||||||
{
|
{
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
// print the "Create New object" link.
|
// print the "Create New object" link.
|
||||||
$create_html = "";
|
$create_html = "";
|
||||||
$create_href = "create_form.php?container=$encoded_dn";
|
$create_href = "create_form.php?container=$encoded_dn";
|
||||||
|
|
|
@ -65,6 +65,9 @@ include_once('../../lib/ldap.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
$dn = $_POST['dn'];
|
$dn = $_POST['dn'];
|
||||||
|
|
|
@ -55,6 +55,9 @@ include_once('../../lib/account.inc');
|
||||||
// start session
|
// start session
|
||||||
startSecureSession();
|
startSecureSession();
|
||||||
|
|
||||||
|
// die if no write access
|
||||||
|
if (!checkIfWriteAccessIsAllowed()) die();
|
||||||
|
|
||||||
setlanguage();
|
setlanguage();
|
||||||
|
|
||||||
$dn = $_POST['dn'];
|
$dn = $_POST['dn'];
|
||||||
|
|
Loading…
Reference in New Issue