if ($in{'delete'}) {
# Just take out of access list
- @access = grep { $_ me $acl } @access;
+ @access = grep { $_ ne $acl } @access;
}
else {
# Validate and store inputs, starting with object
}
# Each granted user
+ @by = ( );
+ for($i=0; defined($in{"wmode_$i"}); $i++) {
+ next if ($in{"wmode_$i"} eq "");
+ local $by = { };
+
+ # Who are we granting
+ if ($in{"wmode_$i"} eq "other") {
+ # Other DN
+ $in{"who_$i"} =~ /^\S+=\S+$/ ||
+ &error(&text('eacl_ewho', $i+1));
+ $by->{'who'} = $in{"who_$i"};
+ }
+ else {
+ # Just selected
+ $by->{'who'} = $in{"wmode_$i"};
+ }
+
+ # Access level
+ $in{"access_$i"} =~ /^\S+$/ ||
+ &error(&text('eacl_eaccess', $i+1));
+ $by->{'access'} = $in{"access_$i"};
+
+ # Additional attributes
+ $by->{'control'} = [ &split_quoted_string($in{"control_$i"}) ];
+ push(@by, $by);
+ }
+ $p->{'by'} = \@by;
# XXX
# Add to access directive list
if ($in{'new'}) {
$acl = { 'name' => 'access',
'values' => [ ] };
- push(@access);
+ push(@access, $acl);
}
&store_ldap_access($acl, $p);
}
eacl_edn=Missing or invalid DN - should be like <tt>uid=joe,dc=my-domain,dc=com</tt>
eacl_efilter=Missing or invalid filter - should be like <tt>(objectClass=posixAccount)</tt>
eacl_eattrs=Missing or invalid comma-separated list of attributes
-
+eacl_ewho=Missing or invalid-looking DN in row $1
+eacl_eaccess=Missing or invalid access level in row $1
# Functions for configuring and talking to an LDAP server
# XXX help pages
# XXX acl section
+# XXX make sure ACLs work!
+# XXX eline not respected when updating/deleting
do '../web-lib.pl';
&init_config();
# Found a directive
local $dir = { 'name' => $1,
'line' => $lnum,
+ 'eline' => $lnum,
'file' => $file };
local $value = $2;
$dir->{'values'} = [ &split_quoted_string($value) ];
# Found a continuation line, with extra values
local $value = $1;
push(@{$rv[$#rv]->{'values'}}, &split_quoted_string($value));
+ $rv[$#rv]->{'eline'} = $lnum;
}
$lnum++;
}