DESC 'Webmin user attribute name=value format'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} )
-attributetype ( 1.3.6.1.4.1.9999.4.1.4 NAME 'webminAcl'
- DESC 'Webmin user ACL module=name=value format'
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} )
-
attributetype ( 1.3.6.1.4.1.9999.4.1.5 NAME 'webminDesc'
DESC 'Webmin group description'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} )
MUST ( cn $ webminDesc )
MAY ( webminAttr $ webminAcl $ webminModule ))
+
+attributetype ( 1.3.6.1.4.1.9999.4.1.4 NAME 'webminAclEntry'
+ DESC 'Webmin ACL entry in name=value format'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} )
+
+objectclass ( 1.3.6.1.4.1.9999.4.2.3 NAME 'webminAcl'
+ DESC 'Webmin user or group module ACL'
+ MUST ( cn )
+ MAY ( webminAclEntry ))
+
my $foundindb = 0;
if ($userdb) {
# Look for this group in the user/group DB
- my ($dbh, $proto) = &connect_userdb($userdb);
+ my ($dbh, $proto, $prefix, $args) = &connect_userdb($userdb);
ref($dbh) || &error(&text('egroupdbacl', $dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Find the group in the SQL DB
}
}
elsif ($proto eq "ldap") {
- # Fetch ACLs from LDAP
- # XXX
+ # Find group in LDAP
+ my $rv = $dbh->search(
+ base => $prefix,
+ filter => '(cn='.$g.')',
+ scope => 'one');
+ if (!$rv || $rv->code) {
+ &error(&text('egroupdbacl',
+ $rv ? $rv->error : "Unknown error"));
+ }
+ my ($group) = $rv->all_entries;
+
+ # Find ACL sub-object for the module
+ if ($group) {
+ my $rv = $dbh->search(
+ base => $group->dn(),
+ filter => '(cn='.$m.')',
+ scope => 'one');
+ if (!$rv || $rv->code) {
+ &error(&text('egroupdbacl',
+ $rv ? $rv->error : "Unknown error"));
+ }
+ my ($acl) = $rv->all_entries;
+ if ($acl) {
+ foreach my $av ($acl->get_value('webminAcl')) {
+ my ($a, $v) = split(/=/, $av, 2);
+ $rv{$a} = $v;
+ }
+ }
+ }
}
&disconnect_userdb($userdb, $dbh);
}