From f5cf1ed1d2ee9237d7950c45d988b10c8f805a5f Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Wed, 13 Sep 2006 04:49:53 +0000 Subject: [PATCH] fixed error in ldap-backend: "Error saving the contact !!! 1" --- addressbook/inc/class.bocontacts.inc.php | 9 --------- addressbook/inc/class.so_ldap.inc.php | 8 ++++++-- 2 files changed, 6 insertions(+), 11 deletions(-) diff --git a/addressbook/inc/class.bocontacts.inc.php b/addressbook/inc/class.bocontacts.inc.php index 21c2c940c04..0da128adae3 100755 --- a/addressbook/inc/class.bocontacts.inc.php +++ b/addressbook/inc/class.bocontacts.inc.php @@ -447,12 +447,6 @@ class bocontacts extends socontacts $contact['n_fn'] = $this->fullname($contact); if (isset($contact['org_name'])) $contact['n_fileas'] = $this->fileas($contact); } - // savegard the account_id against changes not triggered by the accounts-class - if (isset($contact['account_id']) && !$ignore_acl) - { - $account_id = $contact['account_id']; - unset($contact['account_id']); - } // we dont update the content-history, if we run inside setup (admin-account-creation) if(!($this->error = parent::save($contact)) && is_object($GLOBALS['egw']->contenthistory)) { @@ -463,9 +457,6 @@ class bocontacts extends socontacts $GLOBALS['egw']->accounts->cache_invalidate($contact['account_id']); } } - // restoring the unset account_id - if ($account_id) $contact['account_id'] = $acount_id; - return $this->error ? false : $contact['id']; } diff --git a/addressbook/inc/class.so_ldap.inc.php b/addressbook/inc/class.so_ldap.inc.php index cd03921ab1b..9bb3240a43f 100644 --- a/addressbook/inc/class.so_ldap.inc.php +++ b/addressbook/inc/class.so_ldap.inc.php @@ -317,6 +317,7 @@ class so_ldap // group address book if(!($cn = strtolower($GLOBALS['egw']->accounts->id2name((int)$data['owner'])))) { + error_log('Unknown owner'); return true; } $baseDN = 'cn='. ldap::quote($cn) .','.($data['owner'] < 0 ? $this->sharedContactsDN : $this->personalContactsDN); @@ -339,7 +340,8 @@ class so_ldap } else { - return true; // only admin or the user itself is allowd to write accounts! + error_log("Permission denied, to write: data[owner]=$data[owner], data[account_id]=$data[account_id], account_id=".$GLOBALS['egw_info']['user']['account_id']); + return lang('Permission denied !!!'); // only admin or the user itself is allowd to write accounts! } // check if $baseDN exists. If not create it @@ -415,6 +417,8 @@ class so_ldap // update entry $dn = $oldContactInfo[0]['dn']; $needRecreation = false; + // never allow to change the uidNumber (account_id) on update, as it could be misused by eg. xmlrpc or syncml + unset($ldapContact['uidnumber']); // add missing objectclasses if($ldapContact['objectClass'] && array_diff($ldapContact['objectClass'],$oldObjectclasses)) @@ -875,7 +879,7 @@ class so_ldap * check if $baseDN exists. If not create it * * @param string $baseDN cn=xxx,ou=yyy,ou=contacts,$GLOBALS['egw_info']['server']['ldap_contact_context'] - * @return boolean/string fase on success or string with error-message + * @return boolean/string false on success or string with error-message */ function _check_create_dn($baseDN) {