diff --git a/root/etc/e-smith/events/actions/ajaxplorer-user-rights b/root/etc/e-smith/events/actions/ajaxplorer-user-rights index eeb98ff..25ddb19 100644 --- a/root/etc/e-smith/events/actions/ajaxplorer-user-rights +++ b/root/etc/e-smith/events/actions/ajaxplorer-user-rights @@ -41,43 +41,54 @@ unlink(); foreach my $user (($a->users),$a->get('admin')){ my $name = $user->key; + my $data; mkpath('/var/lib/ajaxplorer/plugins/auth.serial/' . $name); chmod 0770, "/var/lib/ajaxplorer/plugins/auth.serial/$name"; chown '0', '102', "/var/lib/ajaxplorer/plugins/auth.serial/$name"; - if (-s "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"){ open RROLE, "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; - my $data = ; + $data = ; close RROLE; $data = unserialize($data); delete $data->{"\0*\0acls"} if (defined $data->{"\0*\0acls"}); - foreach my $share ($a->get_all_by_prop(type => 'share')){ - my $sharename = $share->key; - my $access = $share->prop('Ajaxplorer') || 'disabled'; - next unless ($access eq 'enabled'); - my @readgroups = split(/[;,]/, $share->prop('ReadGroups') || ''); - my @writegroups = split(/[;,]/, $share->prop('WriteGroups') || ''); - my @readusers = split(/[;,]/, $share->prop('ReadUsers') || ''); - my @writeusers = split(/[;,]/, $share->prop('WriteUsers') || ''); + } + # No role yet ? lets create it + else{ + $data->{"\0*\0groupPath"} = undef; + $data->{"\0*\0autoApplies"} = []; + $data->{"\0*\0parameters"} = []; + $data->{"\0*\0roleLabel"} = undef; + $data->{"\0*\0actions"} = []; + $data->{"\0*\0roleId"} = "AJXP_USR_/$name"; + $data = bless $data, 'PHP::Serialization::Object::AJXP_Role'; + } + # In any case, re-compute the effective permissions + foreach my $share ($a->get_all_by_prop(type => 'share')){ + my $sharename = $share->key; + my $access = $share->prop('Ajaxplorer') || 'disabled'; + next unless ($access eq 'enabled'); + my @readgroups = split(/[;,]/, $share->prop('ReadGroups') || ''); + my @writegroups = split(/[;,]/, $share->prop('WriteGroups') || ''); + my @readusers = split(/[;,]/, $share->prop('ReadUsers') || ''); + my @writeusers = split(/[;,]/, $share->prop('WriteUsers') || ''); - foreach (@readgroups){ - $data->{"\0*\0acls"}->{$sharename} = 'r' if ( $a->is_user_in_group($name,$_) ); - } - foreach (@writegroups){ - $data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $a->is_user_in_group($name,$_) ); - } - foreach (@readusers){ - $data->{"\0*\0acls"}->{$sharename} = 'r' if ( $_ eq $name ); - } - foreach (@writeusers){ - $data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $_ eq $name ); - } + foreach (@readgroups){ + $data->{"\0*\0acls"}->{$sharename} = 'r' if ( $a->is_user_in_group($name,$_) ); + } + foreach (@writegroups){ + $data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $a->is_user_in_group($name,$_) ); + } + foreach (@readusers){ + $data->{"\0*\0acls"}->{$sharename} = 'r' if ( $_ eq $name ); + } + foreach (@writeusers){ + $data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $_ eq $name ); } - - open WROLE, '+>', "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; - print WROLE serialize($data); - close WROLE; } + + open WROLE, '+>', "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; + print WROLE serialize($data); + close WROLE; } my $ajxp = $c->get('ajaxplorer') || die "Couldn't find ajaxplorer entry in ConfigDB\n";