1<?php 2/** 3 * ACL administration functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 * @author Anika Henke <anika@selfthinker.org> (concepts) 8 * @author Frank Schubert <frank@schokilade.de> (old version) 9 */ 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13/** 14 * All DokuWiki plugins to extend the admin function 15 * need to inherit from this class 16 */ 17class admin_plugin_acl extends DokuWiki_Admin_Plugin { 18 var $acl = null; 19 var $ns = null; 20 /** 21 * The currently selected item, associative array with id and type. 22 * Populated from (in this order): 23 * $_REQUEST['current_ns'] 24 * $_REQUEST['current_id'] 25 * $ns 26 * $ID 27 */ 28 var $current_item = null; 29 var $who = ''; 30 var $usersgroups = array(); 31 var $specials = array(); 32 33 /** 34 * return prompt for admin menu 35 */ 36 function getMenuText($language) { 37 return $this->getLang('admin_acl'); 38 } 39 40 /** 41 * return sort order for position in admin menu 42 */ 43 function getMenuSort() { 44 return 1; 45 } 46 47 /** 48 * handle user request 49 * 50 * Initializes internal vars and handles modifications 51 * 52 * @author Andreas Gohr <andi@splitbrain.org> 53 */ 54 function handle() { 55 global $AUTH_ACL; 56 global $ID; 57 global $auth; 58 global $config_cascade; 59 global $INPUT; 60 61 // fresh 1:1 copy without replacements 62 $AUTH_ACL = file($config_cascade['acl']['default']); 63 64 // namespace given? 65 if($INPUT->str('ns') == '*'){ 66 $this->ns = '*'; 67 }else{ 68 $this->ns = cleanID($INPUT->str('ns')); 69 } 70 71 if ($INPUT->str('current_ns')) { 72 $this->current_item = array('id' => cleanID($INPUT->str('current_ns')), 'type' => 'd'); 73 } elseif ($INPUT->str('current_id')) { 74 $this->current_item = array('id' => cleanID($INPUT->str('current_id')), 'type' => 'f'); 75 } elseif ($this->ns) { 76 $this->current_item = array('id' => $this->ns, 'type' => 'd'); 77 } else { 78 $this->current_item = array('id' => $ID, 'type' => 'f'); 79 } 80 81 // user or group choosen? 82 $who = trim($INPUT->str('acl_w')); 83 if($INPUT->str('acl_t') == '__g__' && $who){ 84 $this->who = '@'.ltrim($auth->cleanGroup($who),'@'); 85 }elseif($INPUT->str('acl_t') == '__u__' && $who){ 86 $this->who = ltrim($who,'@'); 87 if($this->who != '%USER%' && $this->who != '%GROUP%'){ #keep wildcard as is 88 $this->who = $auth->cleanUser($this->who); 89 } 90 }elseif($INPUT->str('acl_t') && 91 $INPUT->str('acl_t') != '__u__' && 92 $INPUT->str('acl_t') != '__g__'){ 93 $this->who = $INPUT->str('acl_t'); 94 }elseif($who){ 95 $this->who = $who; 96 } 97 98 // handle modifications 99 if($INPUT->has('cmd') && checkSecurityToken()){ 100 $cmd = $INPUT->extract('cmd')->str('cmd'); 101 102 // scope for modifications 103 if($this->ns){ 104 if($this->ns == '*'){ 105 $scope = '*'; 106 }else{ 107 $scope = $this->ns.':*'; 108 } 109 }else{ 110 $scope = $ID; 111 } 112 113 if($cmd == 'save' && $scope && $this->who && $INPUT->has('acl')){ 114 // handle additions or single modifications 115 $this->_acl_add($scope, $this->who, $INPUT->int('acl')); 116 }elseif($cmd == 'del' && $scope && $this->who){ 117 // handle single deletions 118 $this->_acl_del($scope, $this->who); 119 }elseif($cmd == 'update'){ 120 $acl = $INPUT->arr('acl'); 121 122 // handle update of the whole file 123 foreach($INPUT->arr('del') as $where => $names){ 124 // remove all rules marked for deletion 125 foreach($names as $who) 126 unset($acl[$where][$who]); 127 } 128 // prepare lines 129 $lines = array(); 130 // keep header 131 foreach($AUTH_ACL as $line){ 132 if($line{0} == '#'){ 133 $lines[] = $line; 134 }else{ 135 break; 136 } 137 } 138 // re-add all rules 139 foreach($acl as $where => $opt){ 140 foreach($opt as $who => $perm){ 141 if ($who[0]=='@') { 142 if ($who!='@ALL') { 143 $who = '@'.ltrim($auth->cleanGroup($who),'@'); 144 } 145 } elseif ($who != '%USER%' && $who != '%GROUP%'){ #keep wildcard as is 146 $who = $auth->cleanUser($who); 147 } 148 $who = auth_nameencode($who,true); 149 $lines[] = "$where\t$who\t$perm\n"; 150 } 151 } 152 // save it 153 io_saveFile($config_cascade['acl']['default'], join('',$lines)); 154 } 155 156 // reload ACL config 157 $AUTH_ACL = file($config_cascade['acl']['default']); 158 } 159 160 // initialize ACL array 161 $this->_init_acl_config(); 162 } 163 164 /** 165 * ACL Output function 166 * 167 * print a table with all significant permissions for the 168 * current id 169 * 170 * @author Frank Schubert <frank@schokilade.de> 171 * @author Andreas Gohr <andi@splitbrain.org> 172 */ 173 function html() { 174 echo '<div id="acl_manager">'.NL; 175 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL; 176 echo '<div class="level1">'.NL; 177 178 echo '<div id="acl__tree">'.NL; 179 $this->_html_explorer(); 180 echo '</div>'.NL; 181 182 echo '<div id="acl__detail">'.NL; 183 $this->_html_detail(); 184 echo '</div>'.NL; 185 echo '</div>'.NL; 186 187 echo '<div class="clearer"></div>'; 188 echo '<h2>'.$this->getLang('current').'</h2>'.NL; 189 echo '<div class="level2">'.NL; 190 $this->_html_table(); 191 echo '</div>'.NL; 192 193 echo '<div class="footnotes"><div class="fn">'.NL; 194 echo '<sup><a id="fn__1" class="fn_bot" href="#fnt__1">1)</a></sup>'.NL; 195 echo '<div class="content">'.$this->getLang('p_include').'</div>'; 196 echo '</div></div>'; 197 198 echo '</div>'.NL; 199 } 200 201 /** 202 * returns array with set options for building links 203 * 204 * @author Andreas Gohr <andi@splitbrain.org> 205 */ 206 function _get_opts($addopts=null){ 207 $opts = array( 208 'do'=>'admin', 209 'page'=>'acl', 210 ); 211 if($this->ns) $opts['ns'] = $this->ns; 212 if($this->who) $opts['acl_w'] = $this->who; 213 214 if(is_null($addopts)) return $opts; 215 return array_merge($opts, $addopts); 216 } 217 218 /** 219 * Display a tree menu to select a page or namespace 220 * 221 * @author Andreas Gohr <andi@splitbrain.org> 222 */ 223 function _html_explorer(){ 224 global $conf; 225 global $ID; 226 global $lang; 227 228 $ns = $this->ns; 229 if(empty($ns)){ 230 $ns = dirname(str_replace(':','/',$ID)); 231 if($ns == '.') $ns =''; 232 }elseif($ns == '*'){ 233 $ns =''; 234 } 235 $ns = utf8_encodeFN(str_replace(':','/',$ns)); 236 237 $data = $this->_get_tree($ns); 238 239 // wrap a list with the root level around the other namespaces 240 array_unshift($data, array( 'level' => 0, 'id' => '*', 'type' => 'd', 241 'open' =>'true', 'label' => '['.$lang['mediaroot'].']')); 242 243 echo html_buildlist($data,'acl', 244 array($this,'_html_list_acl'), 245 array($this,'_html_li_acl')); 246 247 } 248 249 /** 250 * get a combined list of media and page files 251 * 252 * @param string $folder an already converted filesystem folder of the current namespace 253 * @param string $limit limit the search to this folder 254 */ 255 function _get_tree($folder,$limit=''){ 256 global $conf; 257 258 // read tree structure from pages and media 259 $data = array(); 260 search($data,$conf['datadir'],'search_index',array('ns' => $folder),$limit); 261 $media = array(); 262 search($media,$conf['mediadir'],'search_index',array('ns' => $folder, 'nofiles' => true),$limit); 263 $data = array_merge($data,$media); 264 unset($media); 265 266 // combine by sorting and removing duplicates 267 usort($data,array($this,'_tree_sort')); 268 $count = count($data); 269 if($count>0) for($i=1; $i<$count; $i++){ 270 if($data[$i-1]['id'] == $data[$i]['id'] && $data[$i-1]['type'] == $data[$i]['type']) { 271 unset($data[$i]); 272 $i++; // duplicate found, next $i can't be a duplicate, so skip forward one 273 } 274 } 275 return $data; 276 } 277 278 /** 279 * usort callback 280 * 281 * Sorts the combined trees of media and page files 282 */ 283 function _tree_sort($a,$b){ 284 // handle the trivial cases first 285 if ($a['id'] == '') return -1; 286 if ($b['id'] == '') return 1; 287 // split up the id into parts 288 $a_ids = explode(':', $a['id']); 289 $b_ids = explode(':', $b['id']); 290 // now loop through the parts 291 while (count($a_ids) && count($b_ids)) { 292 // compare each level from upper to lower 293 // until a non-equal component is found 294 $cur_result = strcmp(array_shift($a_ids), array_shift($b_ids)); 295 if ($cur_result) { 296 // if one of the components is the last component and is a file 297 // and the other one is either of a deeper level or a directory, 298 // the file has to come after the deeper level or directory 299 if (empty($a_ids) && $a['type'] == 'f' && (count($b_ids) || $b['type'] == 'd')) return 1; 300 if (empty($b_ids) && $b['type'] == 'f' && (count($a_ids) || $a['type'] == 'd')) return -1; 301 return $cur_result; 302 } 303 } 304 // The two ids seem to be equal. One of them might however refer 305 // to a page, one to a namespace, the namespace needs to be first. 306 if (empty($a_ids) && empty($b_ids)) { 307 if ($a['type'] == $b['type']) return 0; 308 if ($a['type'] == 'f') return 1; 309 return -1; 310 } 311 // Now the empty part is either a page in the parent namespace 312 // that obviously needs to be after the namespace 313 // Or it is the namespace that contains the other part and should be 314 // before that other part. 315 if (empty($a_ids)) return ($a['type'] == 'd') ? -1 : 1; 316 if (empty($b_ids)) return ($b['type'] == 'd') ? 1 : -1; 317 } 318 319 /** 320 * Display the current ACL for selected where/who combination with 321 * selectors and modification form 322 * 323 * @author Andreas Gohr <andi@splitbrain.org> 324 */ 325 function _html_detail(){ 326 global $ID; 327 328 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 329 330 echo '<div id="acl__user">'; 331 echo $this->getLang('acl_perms').' '; 332 $inl = $this->_html_select(); 333 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL; 334 echo '<button type="submit">'.$this->getLang('btn_select').'</button>'.NL; 335 echo '</div>'.NL; 336 337 echo '<div id="acl__info">'; 338 $this->_html_info(); 339 echo '</div>'; 340 341 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 342 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 343 echo '<input type="hidden" name="do" value="admin" />'.NL; 344 echo '<input type="hidden" name="page" value="acl" />'.NL; 345 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 346 echo '</div></form>'.NL; 347 } 348 349 /** 350 * Print info and editor 351 */ 352 function _html_info(){ 353 global $ID; 354 355 if($this->who){ 356 $current = $this->_get_exact_perm(); 357 358 // explain current permissions 359 $this->_html_explain($current); 360 // load editor 361 $this->_html_acleditor($current); 362 }else{ 363 echo '<p>'; 364 if($this->ns){ 365 printf($this->getLang('p_choose_ns'),hsc($this->ns)); 366 }else{ 367 printf($this->getLang('p_choose_id'),hsc($ID)); 368 } 369 echo '</p>'; 370 371 echo $this->locale_xhtml('help'); 372 } 373 } 374 375 /** 376 * Display the ACL editor 377 * 378 * @author Andreas Gohr <andi@splitbrain.org> 379 */ 380 function _html_acleditor($current){ 381 global $lang; 382 383 echo '<fieldset>'; 384 if(is_null($current)){ 385 echo '<legend>'.$this->getLang('acl_new').'</legend>'; 386 }else{ 387 echo '<legend>'.$this->getLang('acl_mod').'</legend>'; 388 } 389 390 echo $this->_html_checkboxes($current,empty($this->ns),'acl'); 391 392 if(is_null($current)){ 393 echo '<button type="submit" name="cmd[save]">'.$lang['btn_save'].'</button>'.NL; 394 }else{ 395 echo '<button type="submit" name="cmd[save]">'.$lang['btn_update'].'</button>'.NL; 396 echo '<button type="submit" name="cmd[del]">'.$lang['btn_delete'].'</button>'.NL; 397 } 398 399 echo '</fieldset>'; 400 } 401 402 /** 403 * Explain the currently set permissions in plain english/$lang 404 * 405 * @author Andreas Gohr <andi@splitbrain.org> 406 */ 407 function _html_explain($current){ 408 global $ID; 409 global $auth; 410 411 $who = $this->who; 412 $ns = $this->ns; 413 414 // prepare where to check 415 if($ns){ 416 if($ns == '*'){ 417 $check='*'; 418 }else{ 419 $check=$ns.':*'; 420 } 421 }else{ 422 $check = $ID; 423 } 424 425 // prepare who to check 426 if($who{0} == '@'){ 427 $user = ''; 428 $groups = array(ltrim($who,'@')); 429 }else{ 430 $user = $who; 431 $info = $auth->getUserData($user); 432 if($info === false){ 433 $groups = array(); 434 }else{ 435 $groups = $info['grps']; 436 } 437 } 438 439 // check the permissions 440 $perm = auth_aclcheck($check,$user,$groups); 441 442 // build array of named permissions 443 $names = array(); 444 if($perm){ 445 if($ns){ 446 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16'); 447 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8'); 448 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4'); 449 } 450 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2'); 451 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1'); 452 $names = array_reverse($names); 453 }else{ 454 $names[] = $this->getLang('acl_perm0'); 455 } 456 457 // print permission explanation 458 echo '<p>'; 459 if($user){ 460 if($ns){ 461 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names)); 462 }else{ 463 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names)); 464 } 465 }else{ 466 if($ns){ 467 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names)); 468 }else{ 469 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names)); 470 } 471 } 472 echo '</p>'; 473 474 // add note if admin 475 if($perm == AUTH_ADMIN){ 476 echo '<p>'.$this->getLang('p_isadmin').'</p>'; 477 }elseif(is_null($current)){ 478 echo '<p>'.$this->getLang('p_inherited').'</p>'; 479 } 480 } 481 482 483 /** 484 * Item formatter for the tree view 485 * 486 * User function for html_buildlist() 487 * 488 * @author Andreas Gohr <andi@splitbrain.org> 489 */ 490 function _html_list_acl($item){ 491 $ret = ''; 492 // what to display 493 if(!empty($item['label'])){ 494 $base = $item['label']; 495 }else{ 496 $base = ':'.$item['id']; 497 $base = substr($base,strrpos($base,':')+1); 498 } 499 500 // highlight? 501 if( ($item['type']== $this->current_item['type'] && $item['id'] == $this->current_item['id'])) { 502 $cl = ' cur'; 503 } else { 504 $cl = ''; 505 } 506 507 // namespace or page? 508 if($item['type']=='d'){ 509 if($item['open']){ 510 $img = DOKU_BASE.'lib/images/minus.gif'; 511 $alt = '−'; 512 }else{ 513 $img = DOKU_BASE.'lib/images/plus.gif'; 514 $alt = '+'; 515 } 516 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />'; 517 $ret .= '<a href="'.wl('',$this->_get_opts(array('ns'=>$item['id'],'sectok'=>getSecurityToken()))).'" class="idx_dir'.$cl.'">'; 518 $ret .= $base; 519 $ret .= '</a>'; 520 }else{ 521 $ret .= '<a href="'.wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>'','sectok'=>getSecurityToken()))).'" class="wikilink1'.$cl.'">'; 522 $ret .= noNS($item['id']); 523 $ret .= '</a>'; 524 } 525 return $ret; 526 } 527 528 529 function _html_li_acl($item){ 530 return '<li class="level' . $item['level'] . ' ' . 531 ($item['open'] ? 'open' : 'closed') . '">'; 532 } 533 534 535 /** 536 * Get current ACL settings as multidim array 537 * 538 * @author Andreas Gohr <andi@splitbrain.org> 539 */ 540 function _init_acl_config(){ 541 global $AUTH_ACL; 542 global $conf; 543 $acl_config=array(); 544 $usersgroups = array(); 545 546 // get special users and groups 547 $this->specials[] = '@ALL'; 548 $this->specials[] = '@'.$conf['defaultgroup']; 549 if($conf['manager'] != '!!not set!!'){ 550 $this->specials = array_merge($this->specials, 551 array_map('trim', 552 explode(',',$conf['manager']))); 553 } 554 $this->specials = array_filter($this->specials); 555 $this->specials = array_unique($this->specials); 556 sort($this->specials); 557 558 foreach($AUTH_ACL as $line){ 559 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments 560 if(!$line) continue; 561 562 $acl = preg_split('/[ \t]+/',$line); 563 //0 is pagename, 1 is user, 2 is acl 564 565 $acl[1] = rawurldecode($acl[1]); 566 $acl_config[$acl[0]][$acl[1]] = $acl[2]; 567 568 // store non-special users and groups for later selection dialog 569 $ug = $acl[1]; 570 if(in_array($ug,$this->specials)) continue; 571 $usersgroups[] = $ug; 572 } 573 574 $usersgroups = array_unique($usersgroups); 575 sort($usersgroups); 576 ksort($acl_config); 577 578 $this->acl = $acl_config; 579 $this->usersgroups = $usersgroups; 580 } 581 582 /** 583 * Display all currently set permissions in a table 584 * 585 * @author Andreas Gohr <andi@splitbrain.org> 586 */ 587 function _html_table(){ 588 global $lang; 589 global $ID; 590 591 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 592 if($this->ns){ 593 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 594 }else{ 595 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 596 } 597 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL; 598 echo '<input type="hidden" name="do" value="admin" />'.NL; 599 echo '<input type="hidden" name="page" value="acl" />'.NL; 600 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 601 echo '<div class="table">'; 602 echo '<table class="inline">'; 603 echo '<tr>'; 604 echo '<th>'.$this->getLang('where').'</th>'; 605 echo '<th>'.$this->getLang('who').'</th>'; 606 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" href="#fn__1">1)</a></sup></th>'; 607 echo '<th>'.$lang['btn_delete'].'</th>'; 608 echo '</tr>'; 609 foreach($this->acl as $where => $set){ 610 foreach($set as $who => $perm){ 611 echo '<tr>'; 612 echo '<td>'; 613 if(substr($where,-1) == '*'){ 614 echo '<span class="aclns">'.hsc($where).'</span>'; 615 $ispage = false; 616 }else{ 617 echo '<span class="aclpage">'.hsc($where).'</span>'; 618 $ispage = true; 619 } 620 echo '</td>'; 621 622 echo '<td>'; 623 if($who{0} == '@'){ 624 echo '<span class="aclgroup">'.hsc($who).'</span>'; 625 }else{ 626 echo '<span class="acluser">'.hsc($who).'</span>'; 627 } 628 echo '</td>'; 629 630 echo '<td>'; 631 echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']'); 632 echo '</td>'; 633 634 echo '<td class="check">'; 635 echo '<input type="checkbox" name="del['.hsc($where).'][]" value="'.hsc($who).'" />'; 636 echo '</td>'; 637 echo '</tr>'; 638 } 639 } 640 641 echo '<tr>'; 642 echo '<th class="action" colspan="4">'; 643 echo '<button type="submit" name="cmd[update]">'.$lang['btn_update'].'</button>'; 644 echo '</th>'; 645 echo '</tr>'; 646 echo '</table>'; 647 echo '</div>'; 648 echo '</div></form>'.NL; 649 } 650 651 /** 652 * Returns the permission which were set for exactly the given user/group 653 * and page/namespace. Returns null if no exact match is available 654 * 655 * @author Andreas Gohr <andi@splitbrain.org> 656 */ 657 function _get_exact_perm(){ 658 global $ID; 659 if($this->ns){ 660 if($this->ns == '*'){ 661 $check = '*'; 662 }else{ 663 $check = $this->ns.':*'; 664 } 665 }else{ 666 $check = $ID; 667 } 668 669 if(isset($this->acl[$check][$this->who])){ 670 return $this->acl[$check][$this->who]; 671 }else{ 672 return null; 673 } 674 } 675 676 /** 677 * adds new acl-entry to conf/acl.auth.php 678 * 679 * @author Frank Schubert <frank@schokilade.de> 680 */ 681 function _acl_add($acl_scope, $acl_user, $acl_level){ 682 // first make sure we won't end up with 2 lines matching this user and scope. See issue #1115 683 $this->_acl_del($acl_scope, $acl_user); 684 685 global $config_cascade; 686 687 $acl_user = auth_nameencode($acl_user,true); 688 689 // max level for pagenames is edit 690 if(strpos($acl_scope,'*') === false) { 691 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT; 692 } 693 694 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n"; 695 696 return io_saveFile($config_cascade['acl']['default'], $new_acl, true); 697 } 698 699 /** 700 * remove acl-entry from conf/acl.auth.php 701 * 702 * @author Frank Schubert <frank@schokilade.de> 703 */ 704 function _acl_del($acl_scope, $acl_user){ 705 global $config_cascade; 706 $acl_user = auth_nameencode($acl_user,true); 707 708 $acl_pattern = '^'.preg_quote($acl_scope,'/').'[ \t]+'.$acl_user.'[ \t]+[0-8].*$'; 709 710 return io_deleteFromFile($config_cascade['acl']['default'], "/$acl_pattern/", true); 711 } 712 713 /** 714 * print the permission radio boxes 715 * 716 * @author Frank Schubert <frank@schokilade.de> 717 * @author Andreas Gohr <andi@splitbrain.org> 718 */ 719 function _html_checkboxes($setperm,$ispage,$name){ 720 global $lang; 721 722 static $label = 0; //number labels 723 $ret = ''; 724 725 if($ispage && $setperm > AUTH_EDIT) $setperm = AUTH_EDIT; 726 727 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ 728 $label += 1; 729 730 //general checkbox attributes 731 $atts = array( 'type' => 'radio', 732 'id' => 'pbox'.$label, 733 'name' => $name, 734 'value' => $perm ); 735 //dynamic attributes 736 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked'; 737 if($ispage && $perm > AUTH_EDIT){ 738 $atts['disabled'] = 'disabled'; 739 $class = ' class="disabled"'; 740 }else{ 741 $class = ''; 742 } 743 744 //build code 745 $ret .= '<label for="pbox'.$label.'"'.$class.'>'; 746 $ret .= '<input '.buildAttributes($atts).' /> '; 747 $ret .= $this->getLang('acl_perm'.$perm); 748 $ret .= '</label>'.NL; 749 } 750 return $ret; 751 } 752 753 /** 754 * Print a user/group selector (reusing already used users and groups) 755 * 756 * @author Andreas Gohr <andi@splitbrain.org> 757 */ 758 function _html_select(){ 759 $inlist = false; 760 $usel = ''; 761 $gsel = ''; 762 763 if($this->who && 764 !in_array($this->who,$this->usersgroups) && 765 !in_array($this->who,$this->specials)){ 766 767 if($this->who{0} == '@'){ 768 $gsel = ' selected="selected"'; 769 }else{ 770 $usel = ' selected="selected"'; 771 } 772 }else{ 773 $inlist = true; 774 } 775 776 echo '<select name="acl_t" class="edit">'.NL; 777 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').'</option>'.NL; 778 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').'</option>'.NL; 779 if (!empty($this->specials)) { 780 echo ' <optgroup label=" ">'.NL; 781 foreach($this->specials as $ug){ 782 if($ug == $this->who){ 783 $sel = ' selected="selected"'; 784 $inlist = true; 785 }else{ 786 $sel = ''; 787 } 788 789 if($ug{0} == '@'){ 790 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 791 }else{ 792 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 793 } 794 } 795 echo ' </optgroup>'.NL; 796 } 797 if (!empty($this->usersgroups)) { 798 echo ' <optgroup label=" ">'.NL; 799 foreach($this->usersgroups as $ug){ 800 if($ug == $this->who){ 801 $sel = ' selected="selected"'; 802 $inlist = true; 803 }else{ 804 $sel = ''; 805 } 806 807 if($ug{0} == '@'){ 808 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 809 }else{ 810 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 811 } 812 } 813 echo ' </optgroup>'.NL; 814 } 815 echo '</select>'.NL; 816 return $inlist; 817 } 818} 819
