added new security model
This commit is contained in:
Roland Gruber
parent
f8aec0f1a8
commit
93d4c1417e
|
|
@ -462,9 +462,11 @@ class lamList {
|
|||
echo "<img src=\"../../graphics/edit.png\" alt=\"" . _("Edit") . "\" title=\"" . _("Edit") . "\">";
|
||||
echo "</a>\n ";
|
||||
// delete image
|
||||
echo "<a href=\"deletelink.php?type=" . $this->type . "&DN='" . $account['dn'] . "'\">";
|
||||
echo "<img src=\"../../graphics/delete.png\" alt=\"" . _("Delete") . "\" title=\"" . _("Delete") . "\">";
|
||||
echo "</a>\n ";
|
||||
if (checkIfWriteAccessIsAllowed()) {
|
||||
echo "<a href=\"deletelink.php?type=" . $this->type . "&DN='" . $account['dn'] . "'\">";
|
||||
echo "<img src=\"../../graphics/delete.png\" alt=\"" . _("Delete") . "\" title=\"" . _("Delete") . "\">";
|
||||
echo "</a>\n ";
|
||||
}
|
||||
// pdf image
|
||||
echo "<input type=\"image\" style=\"background:transparent;\" name=\"createPDF_" . $id . "\" src=\"../../graphics/pdf.png\" title=\"" . _('Create PDF') . "\">\n ";
|
||||
// additional tools
|
||||
|
|
@ -504,6 +506,9 @@ class lamList {
|
|||
private function listDoPost() {
|
||||
// check if button was pressed and if we have to add/delete an account
|
||||
if (isset($_POST['new']) || isset($_POST['del'])){
|
||||
if (!checkIfWriteAccessIsAllowed()) {
|
||||
die();
|
||||
}
|
||||
// add new account
|
||||
if (isset($_POST['new'])){
|
||||
metaRefresh("../account/edit.php?type=" . $this->type . "&suffix=" . $this->suffix);
|
||||
|
|
@ -703,12 +708,14 @@ class lamList {
|
|||
echo "<table border=0 width=\"100%\">\n";
|
||||
echo "<tr>\n";
|
||||
echo "<td align=\"left\">\n";
|
||||
// add/delete buttons
|
||||
echo ("<input class=\"" . $this->type . "\" type=\"submit\" name=\"new\" value=\"" . $this->labels['newEntry'] . "\">\n");
|
||||
if (!$createOnly) {
|
||||
echo ("<input class=\"" . $this->type . "\" type=\"submit\" name=\"del\" value=\"" . $this->labels['deleteEntry'] . "\">\n");
|
||||
if (checkIfWriteAccessIsAllowed()) {
|
||||
// add/delete buttons
|
||||
echo ("<input class=\"" . $this->type . "\" type=\"submit\" name=\"new\" value=\"" . $this->labels['newEntry'] . "\">\n");
|
||||
if (!$createOnly) {
|
||||
echo ("<input class=\"" . $this->type . "\" type=\"submit\" name=\"del\" value=\"" . $this->labels['deleteEntry'] . "\">\n");
|
||||
}
|
||||
echo " ";
|
||||
}
|
||||
echo " ";
|
||||
$this->listShowOUSelection();
|
||||
echo "</td>\n";
|
||||
echo "<td align=\"right\">\n";
|
||||
|
|
|
|||
|
|
@ -961,6 +961,43 @@ class accountContainer {
|
|||
return;
|
||||
}
|
||||
}
|
||||
if (checkIfWriteAccessIsAllowed()) {
|
||||
$this->printCommonControls();
|
||||
}
|
||||
echo "<br>\n";
|
||||
// create module menu
|
||||
echo "<table class=\"".$this->type."list\" border=0 width=\"100%\" style=\"border-collapse: collapse;\">\n";
|
||||
echo "<tr class=\"".$this->type."list\" valign=\"top\"><td style=\"border-bottom: 1px solid;padding:0px;\" colspan=2>";
|
||||
// tab menu
|
||||
$this->printModuleTabs();
|
||||
echo "</td></tr>\n";
|
||||
// content header
|
||||
echo "<tr class=\"" . $this->type . "list\">\n";
|
||||
echo "<td style=\"padding:10px;\">\n";
|
||||
$this->printContentHeader();
|
||||
echo "</td>\n";
|
||||
echo "</tr>\n";
|
||||
echo "<tr class=\"" . $this->type . "list\">\n";
|
||||
// content area
|
||||
echo "<td width=\"100%\" style=\"padding:10px;\">";
|
||||
// display html-code from modules
|
||||
$return = array();
|
||||
|
||||
$return = call_user_func(array($this->module[$this->order[$this->current_page]], 'display_html_'.$this->subpage));
|
||||
|
||||
$y = 5000;
|
||||
$z = 10000;
|
||||
parseHtml($this->order[$this->current_page], $return, array(), false, $y, $z, $this->type);
|
||||
// Display rest of html-page
|
||||
echo "<br>*" . _('required');
|
||||
echo "</td></tr></table>\n";
|
||||
$this->printPageFooter();
|
||||
}
|
||||
|
||||
/**
|
||||
* Prints common controls like the save button and the ou selection.
|
||||
*/
|
||||
private function printCommonControls() {
|
||||
echo "<table class=\"".$this->type."list\" style=\"border-width:0px;\" width=\"100%\"><tr>";
|
||||
echo "<td align=\"left\">";
|
||||
// save button
|
||||
|
|
@ -990,35 +1027,7 @@ class accountContainer {
|
|||
echo "</a>\n";
|
||||
}
|
||||
echo "</td>";
|
||||
echo "</tr></table>";
|
||||
echo "<br>\n";
|
||||
// create module menu
|
||||
echo "<table class=\"".$this->type."list\" border=0 width=\"100%\" style=\"border-collapse: collapse;\">\n";
|
||||
echo "<tr class=\"".$this->type."list\" valign=\"top\"><td style=\"border-bottom: 1px solid;padding:0px;\" colspan=2>";
|
||||
// tab menu
|
||||
$this->printModuleTabs();
|
||||
echo "</td></tr>\n";
|
||||
// content header
|
||||
echo "<tr class=\"" . $this->type . "list\">\n";
|
||||
echo "<td style=\"padding:10px;\">\n";
|
||||
$this->printContentHeader();
|
||||
echo "</td>\n";
|
||||
echo "</tr>\n";
|
||||
echo "<tr class=\"" . $this->type . "list\">\n";
|
||||
// content area
|
||||
echo "<td width=\"100%\" style=\"padding:10px;\">";
|
||||
// display html-code from modules
|
||||
$return = array();
|
||||
|
||||
$return = call_user_func(array($this->module[$this->order[$this->current_page]], 'display_html_'.$this->subpage));
|
||||
|
||||
$y = 5000;
|
||||
$z = 10000;
|
||||
parseHtml($this->order[$this->current_page], $return, array(), false, $y, $z, $this->type);
|
||||
// Display rest of html-page
|
||||
echo "<br>*" . _('required');
|
||||
echo "</td></tr></table>\n";
|
||||
$this->printPageFooter();
|
||||
echo "</tr></table>";
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -1439,6 +1448,9 @@ class accountContainer {
|
|||
* @return array list of status messages if any errors occured
|
||||
*/
|
||||
function save_account() {
|
||||
if (!checkIfWriteAccessIsAllowed()) {
|
||||
die();
|
||||
}
|
||||
$finalDN = $this->dn;
|
||||
$errors = array();
|
||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
||||
|
|
|
|||
|
|
@ -1521,6 +1521,9 @@ class posixAccount extends baseModule {
|
|||
* <br> )
|
||||
*/
|
||||
function doUploadPostActions($data, $ids, $failed, &$temp) {
|
||||
if (!checkIfWriteAccessIsAllowed()) {
|
||||
die();
|
||||
}
|
||||
// on first call generate list of ldap operations
|
||||
if (!isset($temp['counter'])) {
|
||||
$temp['groups'] = array();
|
||||
|
|
|
|||
|
|
@ -225,7 +225,7 @@ class lamUserList extends lamList {
|
|||
if (!isLAMProVersion()) {
|
||||
return array();
|
||||
}
|
||||
else {
|
||||
elseif (checkIfPasswordChangeIsAllowed()) {
|
||||
$passwordTool = new lamListTool(_('Change password'), 'key.png', 'changePassword.php');
|
||||
return array($passwordTool);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -49,6 +49,10 @@ include_once('../lib/modules.inc');
|
|||
// Start session
|
||||
startSecureSession();
|
||||
|
||||
if (!checkIfWriteAccessIsAllowed()) {
|
||||
die();
|
||||
}
|
||||
|
||||
// Redirect to startpage if user is not loged in
|
||||
if (!isset($_SESSION['loggedIn'])) {
|
||||
metaRefresh("login.php");
|
||||
|
|
|
|||
|
|
@ -40,6 +40,10 @@ include_once("../lib/status.inc");
|
|||
// start session
|
||||
startSecureSession();
|
||||
|
||||
if (!checkIfWriteAccessIsAllowed()) {
|
||||
die();
|
||||
}
|
||||
|
||||
setlanguage();
|
||||
|
||||
// check if user already pressed button
|
||||
|
|
|
|||
|
|
@ -71,8 +71,9 @@ echo ("</head>\n");
|
|||
echo ("<frameset rows=\"150,*\">\n");
|
||||
echo ("<frame src=\"./main_header.php\" name=\"head\" frameborder=\"0\">\n");
|
||||
// display page to add suffixes, if needed
|
||||
if (sizeof($new_suffs) > 0) echo ("<frame src=\"initsuff.php?suffs='" . implode(";", $new_suffs) .
|
||||
"'\" name=\"mainpart\" frameborder=\"0\">\n");
|
||||
if ((sizeof($new_suffs) > 0) && checkIfWriteAccessIsAllowed()) {
|
||||
echo ("<frame src=\"initsuff.php?suffs='" . implode(";", $new_suffs) . "'\" name=\"mainpart\" frameborder=\"0\">\n");
|
||||
}
|
||||
else {
|
||||
if (sizeof($types) > 0) {
|
||||
echo ("<frame src=\"./lists/list.php?type=" . $types[0] . "\" name=\"mainpart\" frameborder=\"0\" scrolling=\"yes\">\n");
|
||||
|
|
|
|||
Loading…
Reference in New Issue