1<?php 2/** 3 * ACL administration functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 * @author Anika Henke <anika@selfthinker.org> (concepts) 8 * @author Frank Schubert <frank@schokilade.de> (old version) 9 */ 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13/** 14 * All DokuWiki plugins to extend the admin function 15 * need to inherit from this class 16 */ 17class admin_plugin_acl extends DokuWiki_Admin_Plugin { 18 var $acl = null; 19 var $ns = null; 20 /** 21 * The currently selected item, associative array with id and type. 22 * Populated from (in this order): 23 * $_REQUEST['current_ns'] 24 * $_REQUEST['current_id'] 25 * $ns 26 * $ID 27 */ 28 var $current_item = null; 29 var $who = ''; 30 var $usersgroups = array(); 31 var $specials = array(); 32 33 /** 34 * return some info 35 */ 36 function getInfo(){ 37 return array( 38 'author' => 'Andreas Gohr', 39 'email' => 'andi@splitbrain.org', 40 'date' => '2010-01-17', 41 'name' => 'ACL Manager', 42 'desc' => 'Manage Page Access Control Lists', 43 'url' => 'http://dokuwiki.org/plugin:acl', 44 ); 45 } 46 47 /** 48 * return prompt for admin menu 49 */ 50 function getMenuText($language) { 51 return $this->getLang('admin_acl'); 52 } 53 54 /** 55 * return sort order for position in admin menu 56 */ 57 function getMenuSort() { 58 return 1; 59 } 60 61 /** 62 * handle user request 63 * 64 * Initializes internal vars and handles modifications 65 * 66 * @author Andreas Gohr <andi@splitbrain.org> 67 */ 68 function handle() { 69 global $AUTH_ACL; 70 global $ID; 71 global $auth; 72 73 // fresh 1:1 copy without replacements 74 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php'); 75 76 77 // namespace given? 78 if($_REQUEST['ns'] == '*'){ 79 $this->ns = '*'; 80 }else{ 81 $this->ns = cleanID($_REQUEST['ns']); 82 } 83 84 if ($_REQUEST['current_ns']) { 85 $this->current_item = array('id' => cleanID($_REQUEST['current_ns']), 'type' => 'd'); 86 } elseif ($_REQUEST['current_id']) { 87 $this->current_item = array('id' => cleanID($_REQUEST['current_id']), 'type' => 'f'); 88 } elseif ($this->ns) { 89 $this->current_item = array('id' => $this->ns, 'type' => 'd'); 90 } else { 91 $this->current_item = array('id' => $ID, 'type' => 'f'); 92 } 93 94 // user or group choosen? 95 $who = trim($_REQUEST['acl_w']); 96 if($_REQUEST['acl_t'] == '__g__' && $who){ 97 $this->who = '@'.ltrim($auth->cleanGroup($who),'@'); 98 }elseif($_REQUEST['acl_t'] == '__u__' && $who){ 99 $this->who = ltrim($auth->cleanUser($who),'@'); 100 }elseif($_REQUEST['acl_t'] && 101 $_REQUEST['acl_t'] != '__u__' && 102 $_REQUEST['acl_t'] != '__g__'){ 103 $this->who = $_REQUEST['acl_t']; 104 }elseif($who){ 105 $this->who = $who; 106 } 107 108 // handle modifications 109 if(isset($_REQUEST['cmd']) && checkSecurityToken()){ 110 111 // scope for modifications 112 if($this->ns){ 113 if($this->ns == '*'){ 114 $scope = '*'; 115 }else{ 116 $scope = $this->ns.':*'; 117 } 118 }else{ 119 $scope = $ID; 120 } 121 122 if(isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])){ 123 // handle additions or single modifications 124 $this->_acl_del($scope, $this->who); 125 $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']); 126 }elseif(isset($_REQUEST['cmd']['del']) && $scope && $this->who){ 127 // handle single deletions 128 $this->_acl_del($scope, $this->who); 129 }elseif(isset($_REQUEST['cmd']['update'])){ 130 // handle update of the whole file 131 foreach((array) $_REQUEST['del'] as $where => $names){ 132 // remove all rules marked for deletion 133 foreach($names as $who) 134 unset($_REQUEST['acl'][$where][$who]); 135 } 136 // prepare lines 137 $lines = array(); 138 // keep header 139 foreach($AUTH_ACL as $line){ 140 if($line{0} == '#'){ 141 $lines[] = $line; 142 }else{ 143 break; 144 } 145 } 146 // re-add all rules 147 foreach((array) $_REQUEST['acl'] as $where => $opt){ 148 foreach($opt as $who => $perm){ 149 if ($who[0]=='@') { 150 if ($who!='@ALL') { 151 $who = '@'.ltrim($auth->cleanGroup($who),'@'); 152 } 153 } else { 154 $who = $auth->cleanUser($who); 155 } 156 $who = auth_nameencode($who,true); 157 $lines[] = "$where\t$who\t$perm\n"; 158 } 159 } 160 // save it 161 io_saveFile(DOKU_CONF.'acl.auth.php', join('',$lines)); 162 } 163 164 // reload ACL config 165 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php'); 166 } 167 168 // initialize ACL array 169 $this->_init_acl_config(); 170 } 171 172 /** 173 * ACL Output function 174 * 175 * print a table with all significant permissions for the 176 * current id 177 * 178 * @author Frank Schubert <frank@schokilade.de> 179 * @author Andreas Gohr <andi@splitbrain.org> 180 */ 181 function html() { 182 global $ID; 183 184 echo '<div id="acl_manager">'.NL; 185 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL; 186 echo '<div class="level1">'.NL; 187 188 echo '<div id="acl__tree">'.NL; 189 $this->_html_explorer(); 190 echo '</div>'.NL; 191 192 echo '<div id="acl__detail">'.NL; 193 $this->_html_detail(); 194 echo '</div>'.NL; 195 echo '</div>'.NL; 196 197 echo '<div class="clearer"></div>'; 198 echo '<h2>'.$this->getLang('current').'</h2>'.NL; 199 echo '<div class="level2">'.NL; 200 $this->_html_table(); 201 echo '</div>'.NL; 202 203 echo '<div class="footnotes"><div class="fn">'.NL; 204 echo '<sup><a id="fn__1" class="fn_bot" name="fn__1" href="#fnt__1">1)</a></sup>'.NL; 205 echo $this->getLang('p_include'); 206 echo '</div></div>'; 207 208 echo '</div>'.NL; 209 } 210 211 /** 212 * returns array with set options for building links 213 * 214 * @author Andreas Gohr <andi@splitbrain.org> 215 */ 216 function _get_opts($addopts=null){ 217 global $ID; 218 $opts = array( 219 'do'=>'admin', 220 'page'=>'acl', 221 ); 222 if($this->ns) $opts['ns'] = $this->ns; 223 if($this->who) $opts['acl_w'] = $this->who; 224 225 if(is_null($addopts)) return $opts; 226 return array_merge($opts, $addopts); 227 } 228 229 /** 230 * Display a tree menu to select a page or namespace 231 * 232 * @author Andreas Gohr <andi@splitbrain.org> 233 */ 234 function _html_explorer(){ 235 global $conf; 236 global $ID; 237 global $lang; 238 239 $dir = $conf['datadir']; 240 $ns = $this->ns; 241 if(empty($ns)){ 242 $ns = dirname(str_replace(':','/',$ID)); 243 if($ns == '.') $ns =''; 244 }elseif($ns == '*'){ 245 $ns =''; 246 } 247 $ns = utf8_encodeFN(str_replace(':','/',$ns)); 248 249 $data = $this->_get_tree($ns); 250 251 // wrap a list with the root level around the other namespaces 252 $item = array( 'level' => 0, 'id' => '*', 'type' => 'd', 253 'open' =>'true', 'label' => '['.$lang['mediaroot'].']'); 254 255 echo '<ul class="acltree">'; 256 echo $this->_html_li_acl($item); 257 echo '<div class="li">'; 258 echo $this->_html_list_acl($item); 259 echo '</div>'; 260 echo html_buildlist($data,'acl', 261 array($this,'_html_list_acl'), 262 array($this,'_html_li_acl')); 263 echo '</li>'; 264 echo '</ul>'; 265 266 } 267 268 /** 269 * get a combined list of media and page files 270 * 271 * @param string $folder an already converted filesystem folder of the current namespace 272 * @param string $limit limit the search to this folder 273 */ 274 function _get_tree($folder,$limit=''){ 275 global $conf; 276 277 // read tree structure from pages and media 278 $data = array(); 279 search($data,$conf['datadir'],'search_index',array('ns' => $folder),$limit); 280 $media = array(); 281 search($media,$conf['mediadir'],'search_index',array('ns' => $folder, 'nofiles' => true),$limit); 282 $data = array_merge($data,$media); 283 unset($media); 284 285 // combine by sorting and removing duplicates 286 usort($data,array($this,'_tree_sort')); 287 $count = count($data); 288 if($count>0) for($i=1; $i<$count; $i++){ 289 if($data[$i-1]['id'] == $data[$i]['id'] && $data[$i-1]['type'] == $data[$i]['type']) unset($data[$i]); 290 } 291 return $data; 292 } 293 294 /** 295 * usort callback 296 * 297 * Sorts the combined trees of media and page files 298 */ 299 function _tree_sort($a,$b){ 300 // handle the trivial cases first 301 if ($a['id'] == '') return -1; 302 if ($b['id'] == '') return 1; 303 // split up the id into parts 304 $a_ids = explode(':', $a['id']); 305 $b_ids = explode(':', $b['id']); 306 // now loop through the parts 307 while (count($a_ids) && count($b_ids)) { 308 // compare each level from upper to lower 309 // until a non-equal component is found 310 $cur_result = strcmp(array_shift($a_ids), array_shift($b_ids)); 311 if ($cur_result) { 312 // if one of the components is the last component and is a file 313 // and the other one is either of a deeper level or a directory, 314 // the file has to come after the deeper level or directory 315 if (empty($a_ids) && $a['type'] == 'f' && (count($b_ids) || $b['type'] == 'd')) return 1; 316 if (empty($b_ids) && $b['type'] == 'f' && (count($a_ids) || $a['type'] == 'd')) return -1; 317 return $cur_result; 318 } 319 } 320 // The two ids seem to be equal. One of them might however refer 321 // to a page, one to a namespace, the namespace needs to be first. 322 if (empty($a_ids) && empty($b_ids)) { 323 if ($a['type'] == $b['type']) return 0; 324 if ($a['type'] == 'f') return 1; 325 return -1; 326 } 327 // Now the empty part is either a page in the parent namespace 328 // that obviously needs to be after the namespace 329 // Or it is the namespace that contains the other part and should be 330 // before that other part. 331 if (empty($a_ids)) return ($a['type'] == 'd') ? -1 : 1; 332 if (empty($b_ids)) return ($b['type'] == 'd') ? 1 : -1; 333 } 334 335 /** 336 * Display the current ACL for selected where/who combination with 337 * selectors and modification form 338 * 339 * @author Andreas Gohr <andi@splitbrain.org> 340 */ 341 function _html_detail(){ 342 global $conf; 343 global $ID; 344 345 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 346 347 echo '<div id="acl__user">'; 348 echo $this->getLang('acl_perms').' '; 349 $inl = $this->_html_select(); 350 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL; 351 echo '<input type="submit" value="'.$this->getLang('btn_select').'" class="button" />'.NL; 352 echo '</div>'.NL; 353 354 echo '<div id="acl__info">'; 355 $this->_html_info(); 356 echo '</div>'; 357 358 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 359 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 360 echo '<input type="hidden" name="do" value="admin" />'.NL; 361 echo '<input type="hidden" name="page" value="acl" />'.NL; 362 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 363 echo '</div></form>'.NL; 364 } 365 366 /** 367 * Print infos and editor 368 */ 369 function _html_info(){ 370 global $ID; 371 372 if($this->who){ 373 $current = $this->_get_exact_perm(); 374 375 // explain current permissions 376 $this->_html_explain($current); 377 // load editor 378 $this->_html_acleditor($current); 379 }else{ 380 echo '<p>'; 381 if($this->ns){ 382 printf($this->getLang('p_choose_ns'),hsc($this->ns)); 383 }else{ 384 printf($this->getLang('p_choose_id'),hsc($ID)); 385 } 386 echo '</p>'; 387 388 echo $this->locale_xhtml('help'); 389 } 390 } 391 392 /** 393 * Display the ACL editor 394 * 395 * @author Andreas Gohr <andi@splitbrain.org> 396 */ 397 function _html_acleditor($current){ 398 global $lang; 399 400 echo '<fieldset>'; 401 if(is_null($current)){ 402 echo '<legend>'.$this->getLang('acl_new').'</legend>'; 403 }else{ 404 echo '<legend>'.$this->getLang('acl_mod').'</legend>'; 405 } 406 407 408 echo $this->_html_checkboxes($current,empty($this->ns),'acl'); 409 410 if(is_null($current)){ 411 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_save'].'" />'.NL; 412 }else{ 413 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_update'].'" />'.NL; 414 echo '<input type="submit" name="cmd[del]" class="button" value="'.$lang['btn_delete'].'" />'.NL; 415 } 416 417 echo '</fieldset>'; 418 } 419 420 /** 421 * Explain the currently set permissions in plain english/$lang 422 * 423 * @author Andreas Gohr <andi@splitbrain.org> 424 */ 425 function _html_explain($current){ 426 global $ID; 427 global $auth; 428 429 $who = $this->who; 430 $ns = $this->ns; 431 432 // prepare where to check 433 if($ns){ 434 if($ns == '*'){ 435 $check='*'; 436 }else{ 437 $check=$ns.':*'; 438 } 439 }else{ 440 $check = $ID; 441 } 442 443 // prepare who to check 444 if($who{0} == '@'){ 445 $user = ''; 446 $groups = array(ltrim($who,'@')); 447 }else{ 448 $user = auth_nameencode($who); 449 $info = $auth->getUserData($user); 450 if($info === false){ 451 $groups = array(); 452 }else{ 453 $groups = $info['grps']; 454 } 455 } 456 457 // check the permissions 458 $perm = auth_aclcheck($check,$user,$groups); 459 460 // build array of named permissions 461 $names = array(); 462 if($perm){ 463 if($ns){ 464 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16'); 465 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8'); 466 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4'); 467 } 468 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2'); 469 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1'); 470 $names = array_reverse($names); 471 }else{ 472 $names[] = $this->getLang('acl_perm0'); 473 } 474 475 // print permission explanation 476 echo '<p>'; 477 if($user){ 478 if($ns){ 479 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names)); 480 }else{ 481 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names)); 482 } 483 }else{ 484 if($ns){ 485 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names)); 486 }else{ 487 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names)); 488 } 489 } 490 echo '</p>'; 491 492 // add note if admin 493 if($perm == AUTH_ADMIN){ 494 echo '<p>'.$this->getLang('p_isadmin').'</p>'; 495 }elseif(is_null($current)){ 496 echo '<p>'.$this->getLang('p_inherited').'</p>'; 497 } 498 } 499 500 501 /** 502 * Item formatter for the tree view 503 * 504 * User function for html_buildlist() 505 * 506 * @author Andreas Gohr <andi@splitbrain.org> 507 */ 508 function _html_list_acl($item){ 509 global $ID; 510 $ret = ''; 511 // what to display 512 if($item['label']){ 513 $base = $item['label']; 514 }else{ 515 $base = ':'.$item['id']; 516 $base = substr($base,strrpos($base,':')+1); 517 } 518 519 // highlight? 520 if( ($item['type']== $this->current_item['type'] && $item['id'] == $this->current_item['id'])) 521 $cl = ' cur'; 522 523 // namespace or page? 524 if($item['type']=='d'){ 525 if($item['open']){ 526 $img = DOKU_BASE.'lib/images/minus.gif'; 527 $alt = '−'; 528 }else{ 529 $img = DOKU_BASE.'lib/images/plus.gif'; 530 $alt = '+'; 531 } 532 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />'; 533 $ret .= '<a href="'.wl('',$this->_get_opts(array('ns'=>$item['id'],'sectok'=>getSecurityToken()))).'" class="idx_dir'.$cl.'">'; 534 $ret .= $base; 535 $ret .= '</a>'; 536 }else{ 537 $ret .= '<a href="'.wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>'','sectok'=>getSecurityToken()))).'" class="wikilink1'.$cl.'">'; 538 $ret .= noNS($item['id']); 539 $ret .= '</a>'; 540 } 541 return $ret; 542 } 543 544 545 function _html_li_acl($item){ 546 return '<li class="level'.$item['level'].'">'; 547 } 548 549 550 /** 551 * Get current ACL settings as multidim array 552 * 553 * @author Andreas Gohr <andi@splitbrain.org> 554 */ 555 function _init_acl_config(){ 556 global $AUTH_ACL; 557 global $conf; 558 $acl_config=array(); 559 $usersgroups = array(); 560 561 // get special users and groups 562 $this->specials[] = '@ALL'; 563 $this->specials[] = '@'.$conf['defaultgroup']; 564 if($conf['manager'] != '!!not set!!'){ 565 $this->specials = array_merge($this->specials, 566 array_map('trim', 567 explode(',',$conf['manager']))); 568 } 569 $this->specials = array_filter($this->specials); 570 $this->specials = array_unique($this->specials); 571 sort($this->specials); 572 573 foreach($AUTH_ACL as $line){ 574 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments 575 if(!$line) continue; 576 577 $acl = preg_split('/\s+/',$line); 578 //0 is pagename, 1 is user, 2 is acl 579 580 $acl[1] = rawurldecode($acl[1]); 581 $acl_config[$acl[0]][$acl[1]] = $acl[2]; 582 583 // store non-special users and groups for later selection dialog 584 $ug = $acl[1]; 585 if(in_array($ug,$this->specials)) continue; 586 $usersgroups[] = $ug; 587 } 588 589 $usersgroups = array_unique($usersgroups); 590 sort($usersgroups); 591 ksort($acl_config); 592 593 $this->acl = $acl_config; 594 $this->usersgroups = $usersgroups; 595 } 596 597 /** 598 * Display all currently set permissions in a table 599 * 600 * @author Andreas Gohr <andi@splitbrain.org> 601 */ 602 function _html_table(){ 603 global $lang; 604 global $ID; 605 606 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 607 if($this->ns){ 608 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 609 }else{ 610 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 611 } 612 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL; 613 echo '<input type="hidden" name="do" value="admin" />'.NL; 614 echo '<input type="hidden" name="page" value="acl" />'.NL; 615 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 616 echo '<table class="inline">'; 617 echo '<tr>'; 618 echo '<th>'.$this->getLang('where').'</th>'; 619 echo '<th>'.$this->getLang('who').'</th>'; 620 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" name="fnt__1" href="#fn__1">1)</a></sup></th>'; 621 echo '<th>'.$lang['btn_delete'].'</th>'; 622 echo '</tr>'; 623 foreach($this->acl as $where => $set){ 624 foreach($set as $who => $perm){ 625 echo '<tr>'; 626 echo '<td>'; 627 if(substr($where,-1) == '*'){ 628 echo '<span class="aclns">'.hsc($where).'</span>'; 629 $ispage = false; 630 }else{ 631 echo '<span class="aclpage">'.hsc($where).'</span>'; 632 $ispage = true; 633 } 634 echo '</td>'; 635 636 echo '<td>'; 637 if($who{0} == '@'){ 638 echo '<span class="aclgroup">'.hsc($who).'</span>'; 639 }else{ 640 echo '<span class="acluser">'.hsc($who).'</span>'; 641 } 642 echo '</td>'; 643 644 echo '<td>'; 645 echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']'); 646 echo '</td>'; 647 648 echo '<td align="center">'; 649 echo '<input type="checkbox" name="del['.hsc($where).'][]" value="'.hsc($who).'" />'; 650 echo '</td>'; 651 echo '</tr>'; 652 } 653 } 654 655 echo '<tr>'; 656 echo '<th align="right" colspan="4">'; 657 echo '<input type="submit" value="'.$lang['btn_update'].'" name="cmd[update]" class="button" />'; 658 echo '</th>'; 659 echo '</tr>'; 660 echo '</table>'; 661 echo '</div></form>'.NL; 662 } 663 664 665 /** 666 * Returns the permission which were set for exactly the given user/group 667 * and page/namespace. Returns null if no exact match is available 668 * 669 * @author Andreas Gohr <andi@splitbrain.org> 670 */ 671 function _get_exact_perm(){ 672 global $ID; 673 if($this->ns){ 674 if($this->ns == '*'){ 675 $check = '*'; 676 }else{ 677 $check = $this->ns.':*'; 678 } 679 }else{ 680 $check = $ID; 681 } 682 683 if(isset($this->acl[$check][$this->who])){ 684 return $this->acl[$check][$this->who]; 685 }else{ 686 return null; 687 } 688 } 689 690 /** 691 * adds new acl-entry to conf/acl.auth.php 692 * 693 * @author Frank Schubert <frank@schokilade.de> 694 */ 695 function _acl_add($acl_scope, $acl_user, $acl_level){ 696 $acl_config = file_get_contents(DOKU_CONF.'acl.auth.php'); 697 $acl_user = auth_nameencode($acl_user,true); 698 699 // max level for pagenames is edit 700 if(strpos($acl_scope,'*') === false) { 701 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT; 702 } 703 704 705 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n"; 706 707 $new_config = $acl_config.$new_acl; 708 709 return io_saveFile(DOKU_CONF.'acl.auth.php', $new_config); 710 } 711 712 /** 713 * remove acl-entry from conf/acl.auth.php 714 * 715 * @author Frank Schubert <frank@schokilade.de> 716 */ 717 function _acl_del($acl_scope, $acl_user){ 718 $acl_config = file(DOKU_CONF.'acl.auth.php'); 719 $acl_user = auth_nameencode($acl_user,true); 720 721 $acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$'; 722 723 // save all non!-matching 724 $new_config = preg_grep("/$acl_pattern/", $acl_config, PREG_GREP_INVERT); 725 726 return io_saveFile(DOKU_CONF.'acl.auth.php', join('',$new_config)); 727 } 728 729 /** 730 * print the permission radio boxes 731 * 732 * @author Frank Schubert <frank@schokilade.de> 733 * @author Andreas Gohr <andi@splitbrain.org> 734 */ 735 function _html_checkboxes($setperm,$ispage,$name){ 736 global $lang; 737 738 static $label = 0; //number labels 739 $ret = ''; 740 741 if($ispage && $setperm > AUTH_EDIT) $perm = AUTH_EDIT; 742 743 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ 744 $label += 1; 745 746 //general checkbox attributes 747 $atts = array( 'type' => 'radio', 748 'id' => 'pbox'.$label, 749 'name' => $name, 750 'value' => $perm ); 751 //dynamic attributes 752 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked'; 753 if($ispage && $perm > AUTH_EDIT){ 754 $atts['disabled'] = 'disabled'; 755 $class = ' class="disabled"'; 756 }else{ 757 $class = ''; 758 } 759 760 //build code 761 $ret .= '<label for="pbox'.$label.'" title="'.$this->getLang('acl_perm'.$perm).'"'.$class.'>'; 762 $ret .= '<input '.html_attbuild($atts).' /> '; 763 $ret .= $this->getLang('acl_perm'.$perm); 764 $ret .= '</label>'.NL; 765 } 766 return $ret; 767 } 768 769 /** 770 * Print a user/group selector (reusing already used users and groups) 771 * 772 * @author Andreas Gohr <andi@splitbrain.org> 773 */ 774 function _html_select(){ 775 global $conf; 776 $inlist = false; 777 778 if($this->who && 779 !in_array($this->who,$this->usersgroups) && 780 !in_array($this->who,$this->specials)){ 781 782 if($this->who{0} == '@'){ 783 $gsel = ' selected="selected"'; 784 }else{ 785 $usel = ' selected="selected"'; 786 } 787 }else{ 788 $usel = ''; 789 $gsel = ''; 790 $inlist = true; 791 } 792 793 794 echo '<select name="acl_t" class="edit">'.NL; 795 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').':</option>'.NL; 796 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').':</option>'.NL; 797 echo ' <optgroup label=" ">'.NL; 798 foreach($this->specials as $ug){ 799 if($ug == $this->who){ 800 $sel = ' selected="selected"'; 801 $inlist = true; 802 }else{ 803 $sel = ''; 804 } 805 806 if($ug{0} == '@'){ 807 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 808 }else{ 809 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 810 } 811 } 812 echo ' </optgroup>'.NL; 813 echo ' <optgroup label=" ">'.NL; 814 foreach($this->usersgroups as $ug){ 815 if($ug == $this->who){ 816 $sel = ' selected="selected"'; 817 $inlist = true; 818 }else{ 819 $sel = ''; 820 } 821 822 if($ug{0} == '@'){ 823 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 824 }else{ 825 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 826 } 827 } 828 echo ' </optgroup>'.NL; 829 echo '</select>'.NL; 830 return $inlist; 831 } 832} 833
