Update permissions in the role.ser file, which is where Ajaxplorer looks for permissions since v5

2013-09-26 19:25:25 +02:00 · 2013-09-26 19:25:25 +02:00 · b027fe7a3e
parent 971e3c4abd
commit b027fe7a3e
1 changed files with 35 additions and 0 deletions
--- a/root/etc/e-smith/events/actions/ajaxplorer-user-rights
+++ b/root/etc/e-smith/events/actions/ajaxplorer-user-rights
@ -24,6 +24,7 @@ use esmith::templates;
 use esmith::ConfigDB;
 use esmith::AccountsDB;
 use File::Path qw(mkpath rmtree);
+use PHP::Serialization qw(serialize unserialize);

 my $c = esmith::ConfigDB->open_ro;
 my $a = esmith::AccountsDB->open_ro;
@ -49,6 +50,40 @@ foreach my $user (($a->users),$a->get('admin')){
            MORE_DATA => {KEY=>$name},
            OUTPUT_FILENAME => "/var/lib/ajaxplorer/plugins/auth.serial/$name/rights.ser",
        });
+
+    if (-s "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"){
+        open RROLE, "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser";
+        my $data = <RROLE>;
+        close RROLE;
+        $data = unserialize($data);
+        delete $data->{"\0*\0acls"} if (defined $data->{"\0*\0acls"});
+        foreach my $share ($a->get_all_by_prop(type => 'share')){
+            my $sharename = $share->key;
+            my $access = $share->prop('Ajaxplorer') || 'disabled';
+            next unless ($access eq 'enabled');
+            my @readgroups = split(/[;,]/, $share->prop('ReadGroups') || '');
+            my @writegroups = split(/[;,]/, $share->prop('WriteGroups') || '');
+            my @readusers = split(/[;,]/, $share->prop('ReadUsers') || '');
+            my @writeusers = split(/[;,]/, $share->prop('WriteUsers') || '');
+
+           foreach (@readgroups){
+                $data->{"\0*\0acls"}->{$sharename} = 'r' if ( $a->is_user_in_group($name,$_) );
+            }
+            foreach (@writegroups){
+                $data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $a->is_user_in_group($name,$_) );
+            }
+            foreach (@readusers){
+                $data->{"\0*\0acls"}->{$sharename} = 'r' if ( $_ eq $name );
+            }
+            foreach (@writeusers){
+                $data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $_ eq $name );
+            }
+        }
+
+        open WROLE, '+>', "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser";
+        print WROLE serialize($data);
+        close WROLE;
+    }
 }

 my $ajxp = $c->get('ajaxplorer') || die "Couldn't find ajaxplorer entry in ConfigDB\n";