From b027fe7a3ecc1bb2d42d0a75d83022c360100680 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 26 Sep 2013 19:25:25 +0200 Subject: [PATCH] Update permissions in the role.ser file, which is where Ajaxplorer looks for permissions since v5 --- .../e-smith/events/actions/ajaxplorer-user-rights | 35 ++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/root/etc/e-smith/events/actions/ajaxplorer-user-rights b/root/etc/e-smith/events/actions/ajaxplorer-user-rights index 0d62cf9..1ab3d99 100644 --- a/root/etc/e-smith/events/actions/ajaxplorer-user-rights +++ b/root/etc/e-smith/events/actions/ajaxplorer-user-rights @@ -24,6 +24,7 @@ use esmith::templates; use esmith::ConfigDB; use esmith::AccountsDB; use File::Path qw(mkpath rmtree); +use PHP::Serialization qw(serialize unserialize); my $c = esmith::ConfigDB->open_ro; my $a = esmith::AccountsDB->open_ro; @@ -49,6 +50,40 @@ foreach my $user (($a->users),$a->get('admin')){ MORE_DATA => {KEY=>$name}, OUTPUT_FILENAME => "/var/lib/ajaxplorer/plugins/auth.serial/$name/rights.ser", }); + + if (-s "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"){ + open RROLE, "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; + my $data = ; + close RROLE; + $data = unserialize($data); + delete $data->{"\0*\0acls"} if (defined $data->{"\0*\0acls"}); + foreach my $share ($a->get_all_by_prop(type => 'share')){ + my $sharename = $share->key; + my $access = $share->prop('Ajaxplorer') || 'disabled'; + next unless ($access eq 'enabled'); + my @readgroups = split(/[;,]/, $share->prop('ReadGroups') || ''); + my @writegroups = split(/[;,]/, $share->prop('WriteGroups') || ''); + my @readusers = split(/[;,]/, $share->prop('ReadUsers') || ''); + my @writeusers = split(/[;,]/, $share->prop('WriteUsers') || ''); + + foreach (@readgroups){ + $data->{"\0*\0acls"}->{$sharename} = 'r' if ( $a->is_user_in_group($name,$_) ); + } + foreach (@writegroups){ + $data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $a->is_user_in_group($name,$_) ); + } + foreach (@readusers){ + $data->{"\0*\0acls"}->{$sharename} = 'r' if ( $_ eq $name ); + } + foreach (@writeusers){ + $data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $_ eq $name ); + } + } + + open WROLE, '+>', "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; + print WROLE serialize($data); + close WROLE; + } } my $ajxp = $c->get('ajaxplorer') || die "Couldn't find ajaxplorer entry in ConfigDB\n";