Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:11.4:Update
horde3
horde-finer-grained-admin-privileges.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File horde-finer-grained-admin-privileges.patch of Package horde3
Index: admin/alarms.php =================================================================== --- admin/alarms.php.orig +++ admin/alarms.php @@ -16,7 +16,7 @@ require_once 'Horde/Alarm.php'; require_once 'Horde/Form.php'; require_once 'Horde/Variables.php'; -if (!Auth::isAdmin()) { +if (!Auth::isAdmin() && !$GLOBALS['perms']->hasPermission('horde:administration:admin_alarms', Auth::getAuth(), true)) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/cmdshell.php =================================================================== --- admin/cmdshell.php.orig +++ admin/cmdshell.php @@ -13,7 +13,7 @@ @define('HORDE_BASE', dirname(__FILE__) . '/..'); require_once HORDE_BASE . '/lib/base.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_cmdshell', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/datatree.php =================================================================== --- admin/datatree.php.orig +++ admin/datatree.php @@ -33,7 +33,7 @@ require_once HORDE_BASE . '/lib/base.php require_once 'Horde/Tree.php'; require_once 'Horde/DataTree.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_datatree', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/groups.php =================================================================== --- admin/groups.php.orig +++ admin/groups.php @@ -15,7 +15,7 @@ require_once HORDE_BASE . '/lib/base.php require_once 'Horde/Group.php'; require_once 'Horde/Tree.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_groups', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/perms/addchild.php =================================================================== --- admin/perms/addchild.php.orig +++ admin/perms/addchild.php @@ -14,7 +14,7 @@ @define('HORDE_BASE', dirname(__FILE__) . '/../..'); require_once HORDE_BASE . '/lib/base.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_perms', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/perms/delete.php =================================================================== --- admin/perms/delete.php.orig +++ admin/perms/delete.php @@ -14,7 +14,7 @@ @define('HORDE_BASE', dirname(__FILE__) . '/../..'); require_once HORDE_BASE . '/lib/base.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_perms', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/perms/edit.php =================================================================== --- admin/perms/edit.php.orig +++ admin/perms/edit.php @@ -14,7 +14,7 @@ @define('HORDE_BASE', dirname(__FILE__) . '/../..'); require_once HORDE_BASE . '/lib/base.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && !$GLOBALS['perms']->hasPermission('horde:administration:admin_perms', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/perms/index.php =================================================================== --- admin/perms/index.php.orig +++ admin/perms/index.php @@ -14,7 +14,7 @@ @define('HORDE_BASE', dirname(__FILE__) . '/../..'); require_once HORDE_BASE . '/lib/base.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_perms', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/phpshell.php =================================================================== --- admin/phpshell.php.orig +++ admin/phpshell.php @@ -13,7 +13,7 @@ @define('HORDE_BASE', dirname(__FILE__) . '/..'); require_once HORDE_BASE . '/lib/base.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_phpshell', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/sessions.php =================================================================== --- admin/sessions.php.orig +++ admin/sessions.php @@ -14,7 +14,7 @@ require_once HORDE_BASE . '/lib/base.php'; require_once 'Horde/SessionHandler.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin() && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_sessions', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/setup/config.php =================================================================== --- admin/setup/config.php.orig +++ admin/setup/config.php @@ -18,7 +18,7 @@ require_once 'Horde/Form/Renderer.php'; require_once 'Horde/Config.php'; require_once 'Horde/Variables.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_configuration', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/setup/diff.php =================================================================== --- admin/setup/diff.php.orig +++ admin/setup/diff.php @@ -19,7 +19,7 @@ require_once 'Horde/Template.php'; include_once 'Text/Diff.php'; include_once 'Text/Diff/Renderer.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_configuration', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/setup/index.php =================================================================== --- admin/setup/index.php.orig +++ admin/setup/index.php @@ -15,7 +15,7 @@ require_once HORDE_BASE . '/lib/base.php require_once 'Horde/Template.php'; require_once 'Horde/Form/Renderer.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_configuration', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/sqlshell.php =================================================================== --- admin/sqlshell.php.orig +++ admin/sqlshell.php @@ -14,7 +14,7 @@ require_once HORDE_BASE . '/lib/base.php'; require_once 'DB.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_sqlshell', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } Index: admin/user.php =================================================================== --- admin/user.php.orig +++ admin/user.php @@ -17,9 +17,10 @@ require_once 'Horde/Variables.php'; require_once 'Horde/Form/Renderer.php'; require_once 'Horde/Variables.php'; -if (!Auth::isAdmin()) { +if ((!Auth::isAdmin()) && (!$GLOBALS['perms']->hasPermission('horde:administration:admin_users', Auth::getAuth(), true))) { Horde::fatal('Forbidden.', __FILE__, __LINE__); } + $auth = &Auth::singleton($conf['auth']['driver']); if ($conf['signup']['allow'] && $conf['signup']['approve']) { Index: services/portal/sidebar.php =================================================================== --- services/portal/sidebar.php.orig +++ services/portal/sidebar.php @@ -113,15 +113,13 @@ function buildMenu() $menu[$app] = $params; } - // Add the administration menu if the user is an admin. - if (Auth::isAdmin()) { - $menu['administration'] = array('name' => _("Administration"), - 'icon' => $registry->getImageDir() . '/administration.png', - 'status' => 'heading'); - - $list = $registry->callByPackage('horde', 'admin_list'); - if (!is_a($list, 'PEAR_Error')) { - foreach ($list as $method => $vals) { + // determine which administration modules belong into the list of administration links + $list = $registry->callByPackage('horde', 'admin_list'); + $count_links = 0; + if (!is_a($list, 'PEAR_Error')) { + foreach ($list as $method => $vals) { + if ((Auth::isAdmin()) || ($GLOBALS['perms']->hasPermission('horde:administration:admin_' . $method, Auth::getAuth(), true))) { + $count_links++; $name = Horde::stripAccessKey($vals['name']); $icon = isset($vals['icon']) ? $registry->getImageDir() . '/' . $vals['icon'] : $registry->get('icon'); @@ -135,6 +133,13 @@ function buildMenu() } } } + // only show administration heading when there are links to display (implies isAdmin or user has some admin privilege + if ($count_links) { + $menu['administration'] = array('name' => _("Administration"), + 'icon' => $registry->getImageDir() . '/administration.png', + 'status' => 'heading'); + } + if (Horde::showService('options') && $conf['prefs']['driver'] != '' && $conf['prefs']['driver'] != 'none') { Index: templates/admin/menu.inc =================================================================== --- templates/admin/menu.inc.orig +++ templates/admin/menu.inc @@ -4,9 +4,11 @@ $menu = new Menu(HORDE_MENU_MASK_NONE); $list = $registry->callByPackage('horde', 'admin_list'); if (!is_a($list, 'PEAR_Error')) { - foreach ($list as $vals) { - $img = isset($vals['icon']) ? $registry->getImageDir() . '/' . $vals['icon'] : $registry->get('icon'); - $menu->add(Horde::url($registry->applicationWebPath($vals['link'])), $vals['name'], $img, ''); + foreach ($list as $key => $vals) { + if ((Auth::isAdmin()) || ($GLOBALS['perms']->hasPermission('horde:administration:admin_' . $key, Auth::getAuth(), true))) { + $img = isset($vals['icon']) ? $registry->getImageDir() . '/' . $vals['icon'] : $registry->get('icon'); + $menu->add(Horde::url($registry->applicationWebPath($vals['link'])), $vals['name'], $img, ''); + } } } echo $menu->render();
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor