1<?php
2
3use dokuwiki\Extension\ActionPlugin;
4use dokuwiki\Extension\EventHandler;
5use dokuwiki\Extension\Event;
6
7/**
8 * AJAX call handler for ACL plugin
9 *
10 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
11 * @author     Andreas Gohr <andi@splitbrain.org>
12 */
13/**
14 * Register handler
15 */
16class action_plugin_acl extends ActionPlugin
17{
18    /**
19     * Registers a callback function for a given event
20     *
21     * @param EventHandler $controller DokuWiki's event controller object
22     * @return void
23     */
24    public function register(EventHandler $controller)
25    {
26
27        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleAjaxCallAcl');
28    }
29
30    /**
31     * AJAX call handler for ACL plugin
32     *
33     * @param Event $event  event object by reference
34     * @param mixed $param  empty
35     * @return void
36     */
37    public function handleAjaxCallAcl(Event $event, $param)
38    {
39        if ($event->data !== 'plugin_acl') {
40            return;
41        }
42        $event->stopPropagation();
43        $event->preventDefault();
44
45        global $ID;
46        global $INPUT;
47
48        /** @var $acl admin_plugin_acl */
49        $acl = plugin_load('admin', 'acl');
50        if (!$acl->isAccessibleByCurrentUser()) {
51            echo 'for admins only';
52            return;
53        }
54        if (!checkSecurityToken()) {
55            echo 'CRSF Attack';
56            return;
57        }
58
59        $ID = getID();
60        $acl->handle();
61
62        $ajax = $INPUT->str('ajax');
63        header('Content-Type: text/html; charset=utf-8');
64
65        if ($ajax == 'info') {
66            $acl->printInfo();
67        } elseif ($ajax == 'tree') {
68            $ns = $INPUT->str('ns');
69            if ($ns == '*') {
70                $ns = '';
71            }
72            $ns = cleanID($ns);
73            $lvl = count(explode(':', $ns));
74            $ns = utf8_encodeFN(str_replace(':', '/', $ns));
75
76            $data = $acl->makeTree($ns, $ns);
77
78            foreach (array_keys($data) as $item) {
79                $data[$item]['level'] = $lvl + 1;
80            }
81            echo html_buildlist(
82                $data,
83                'acl',
84                [$acl, 'makeTreeItem'],
85                [$acl, 'makeListItem']
86            );
87        }
88    }
89}
90