1<?php 2/** 3 * ACL administration functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 * @author Anika Henke <anika@selfthinker.org> (concepts) 8 * @author Frank Schubert <frank@schokilade.de> (old version) 9 */ 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13/** 14 * All DokuWiki plugins to extend the admin function 15 * need to inherit from this class 16 */ 17class admin_plugin_acl extends DokuWiki_Admin_Plugin { 18 var $acl = null; 19 var $ns = null; 20 /** 21 * The currently selected item, associative array with id and type. 22 * Populated from (in this order): 23 * $_REQUEST['current_ns'] 24 * $_REQUEST['current_id'] 25 * $ns 26 * $ID 27 */ 28 var $current_item = null; 29 var $who = ''; 30 var $usersgroups = array(); 31 var $specials = array(); 32 33 /** 34 * return prompt for admin menu 35 */ 36 function getMenuText($language) { 37 return $this->getLang('admin_acl'); 38 } 39 40 /** 41 * return sort order for position in admin menu 42 */ 43 function getMenuSort() { 44 return 1; 45 } 46 47 /** 48 * handle user request 49 * 50 * Initializes internal vars and handles modifications 51 * 52 * @author Andreas Gohr <andi@splitbrain.org> 53 */ 54 function handle() { 55 global $AUTH_ACL; 56 global $ID; 57 global $auth; 58 global $config_cascade; 59 global $INPUT; 60 61 // fresh 1:1 copy without replacements 62 $AUTH_ACL = file($config_cascade['acl']['default']); 63 64 // namespace given? 65 if($INPUT->str('ns') == '*'){ 66 $this->ns = '*'; 67 }else{ 68 $this->ns = cleanID($INPUT->str('ns')); 69 } 70 71 if ($INPUT->str('current_ns')) { 72 $this->current_item = array('id' => cleanID($INPUT->str('current_ns')), 'type' => 'd'); 73 } elseif ($INPUT->str('current_id')) { 74 $this->current_item = array('id' => cleanID($INPUT->str('current_id')), 'type' => 'f'); 75 } elseif ($this->ns) { 76 $this->current_item = array('id' => $this->ns, 'type' => 'd'); 77 } else { 78 $this->current_item = array('id' => $ID, 'type' => 'f'); 79 } 80 81 // user or group choosen? 82 $who = trim($INPUT->str('acl_w')); 83 if($INPUT->str('acl_t') == '__g__' && $who){ 84 $this->who = '@'.ltrim($auth->cleanGroup($who),'@'); 85 }elseif($INPUT->str('acl_t') == '__u__' && $who){ 86 $this->who = ltrim($who,'@'); 87 if($this->who != '%USER%' && $this->who != '%GROUP%'){ #keep wildcard as is 88 $this->who = $auth->cleanUser($this->who); 89 } 90 }elseif($INPUT->str('acl_t') && 91 $INPUT->str('acl_t') != '__u__' && 92 $INPUT->str('acl_t') != '__g__'){ 93 $this->who = $INPUT->str('acl_t'); 94 }elseif($who){ 95 $this->who = $who; 96 } 97 98 // handle modifications 99 if($INPUT->has('cmd') && checkSecurityToken()){ 100 $cmd = $INPUT->extract('cmd')->str('cmd'); 101 102 // scope for modifications 103 if($this->ns){ 104 if($this->ns == '*'){ 105 $scope = '*'; 106 }else{ 107 $scope = $this->ns.':*'; 108 } 109 }else{ 110 $scope = $ID; 111 } 112 113 if($cmd == 'save' && $scope && $this->who && $INPUT->has('acl')){ 114 // handle additions or single modifications 115 $this->_acl_del($scope, $this->who); 116 $this->_acl_add($scope, $this->who, $INPUT->int('acl')); 117 }elseif($cmd == 'del' && $scope && $this->who){ 118 // handle single deletions 119 $this->_acl_del($scope, $this->who); 120 }elseif($cmd == 'update'){ 121 $acl = $INPUT->arr('acl'); 122 123 // handle update of the whole file 124 foreach($INPUT->arr('del') as $where => $names){ 125 // remove all rules marked for deletion 126 foreach($names as $who) 127 unset($acl[$where][$who]); 128 } 129 // prepare lines 130 $lines = array(); 131 // keep header 132 foreach($AUTH_ACL as $line){ 133 if($line{0} == '#'){ 134 $lines[] = $line; 135 }else{ 136 break; 137 } 138 } 139 // re-add all rules 140 foreach($acl as $where => $opt){ 141 foreach($opt as $who => $perm){ 142 if ($who[0]=='@') { 143 if ($who!='@ALL') { 144 $who = '@'.ltrim($auth->cleanGroup($who),'@'); 145 } 146 } elseif ($who != '%USER%' && $who != '%GROUP%'){ #keep wildcard as is 147 $who = $auth->cleanUser($who); 148 } 149 $who = auth_nameencode($who,true); 150 $lines[] = "$where\t$who\t$perm\n"; 151 } 152 } 153 // save it 154 io_saveFile($config_cascade['acl']['default'], join('',$lines)); 155 } 156 157 // reload ACL config 158 $AUTH_ACL = file($config_cascade['acl']['default']); 159 } 160 161 // initialize ACL array 162 $this->_init_acl_config(); 163 } 164 165 /** 166 * ACL Output function 167 * 168 * print a table with all significant permissions for the 169 * current id 170 * 171 * @author Frank Schubert <frank@schokilade.de> 172 * @author Andreas Gohr <andi@splitbrain.org> 173 */ 174 function html() { 175 echo '<div id="acl_manager">'.NL; 176 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL; 177 echo '<div class="level1">'.NL; 178 179 echo '<div id="acl__tree">'.NL; 180 $this->_html_explorer(); 181 echo '</div>'.NL; 182 183 echo '<div id="acl__detail">'.NL; 184 $this->_html_detail(); 185 echo '</div>'.NL; 186 echo '</div>'.NL; 187 188 echo '<div class="clearer"></div>'; 189 echo '<h2>'.$this->getLang('current').'</h2>'.NL; 190 echo '<div class="level2">'.NL; 191 $this->_html_table(); 192 echo '</div>'.NL; 193 194 echo '<div class="footnotes"><div class="fn">'.NL; 195 echo '<sup><a id="fn__1" class="fn_bot" href="#fnt__1">1)</a></sup>'.NL; 196 echo $this->getLang('p_include'); 197 echo '</div></div>'; 198 199 echo '</div>'.NL; 200 } 201 202 /** 203 * returns array with set options for building links 204 * 205 * @author Andreas Gohr <andi@splitbrain.org> 206 */ 207 function _get_opts($addopts=null){ 208 $opts = array( 209 'do'=>'admin', 210 'page'=>'acl', 211 ); 212 if($this->ns) $opts['ns'] = $this->ns; 213 if($this->who) $opts['acl_w'] = $this->who; 214 215 if(is_null($addopts)) return $opts; 216 return array_merge($opts, $addopts); 217 } 218 219 /** 220 * Display a tree menu to select a page or namespace 221 * 222 * @author Andreas Gohr <andi@splitbrain.org> 223 */ 224 function _html_explorer(){ 225 global $conf; 226 global $ID; 227 global $lang; 228 229 $ns = $this->ns; 230 if(empty($ns)){ 231 $ns = dirname(str_replace(':','/',$ID)); 232 if($ns == '.') $ns =''; 233 }elseif($ns == '*'){ 234 $ns =''; 235 } 236 $ns = utf8_encodeFN(str_replace(':','/',$ns)); 237 238 $data = $this->_get_tree($ns); 239 240 // wrap a list with the root level around the other namespaces 241 array_unshift($data, array( 'level' => 0, 'id' => '*', 'type' => 'd', 242 'open' =>'true', 'label' => '['.$lang['mediaroot'].']')); 243 244 echo html_buildlist($data,'acl', 245 array($this,'_html_list_acl'), 246 array($this,'_html_li_acl')); 247 248 } 249 250 /** 251 * get a combined list of media and page files 252 * 253 * @param string $folder an already converted filesystem folder of the current namespace 254 * @param string $limit limit the search to this folder 255 */ 256 function _get_tree($folder,$limit=''){ 257 global $conf; 258 259 // read tree structure from pages and media 260 $data = array(); 261 search($data,$conf['datadir'],'search_index',array('ns' => $folder),$limit); 262 $media = array(); 263 search($media,$conf['mediadir'],'search_index',array('ns' => $folder, 'nofiles' => true),$limit); 264 $data = array_merge($data,$media); 265 unset($media); 266 267 // combine by sorting and removing duplicates 268 usort($data,array($this,'_tree_sort')); 269 $count = count($data); 270 if($count>0) for($i=1; $i<$count; $i++){ 271 if($data[$i-1]['id'] == $data[$i]['id'] && $data[$i-1]['type'] == $data[$i]['type']) unset($data[$i]); 272 } 273 return $data; 274 } 275 276 /** 277 * usort callback 278 * 279 * Sorts the combined trees of media and page files 280 */ 281 function _tree_sort($a,$b){ 282 // handle the trivial cases first 283 if ($a['id'] == '') return -1; 284 if ($b['id'] == '') return 1; 285 // split up the id into parts 286 $a_ids = explode(':', $a['id']); 287 $b_ids = explode(':', $b['id']); 288 // now loop through the parts 289 while (count($a_ids) && count($b_ids)) { 290 // compare each level from upper to lower 291 // until a non-equal component is found 292 $cur_result = strcmp(array_shift($a_ids), array_shift($b_ids)); 293 if ($cur_result) { 294 // if one of the components is the last component and is a file 295 // and the other one is either of a deeper level or a directory, 296 // the file has to come after the deeper level or directory 297 if (empty($a_ids) && $a['type'] == 'f' && (count($b_ids) || $b['type'] == 'd')) return 1; 298 if (empty($b_ids) && $b['type'] == 'f' && (count($a_ids) || $a['type'] == 'd')) return -1; 299 return $cur_result; 300 } 301 } 302 // The two ids seem to be equal. One of them might however refer 303 // to a page, one to a namespace, the namespace needs to be first. 304 if (empty($a_ids) && empty($b_ids)) { 305 if ($a['type'] == $b['type']) return 0; 306 if ($a['type'] == 'f') return 1; 307 return -1; 308 } 309 // Now the empty part is either a page in the parent namespace 310 // that obviously needs to be after the namespace 311 // Or it is the namespace that contains the other part and should be 312 // before that other part. 313 if (empty($a_ids)) return ($a['type'] == 'd') ? -1 : 1; 314 if (empty($b_ids)) return ($b['type'] == 'd') ? 1 : -1; 315 } 316 317 /** 318 * Display the current ACL for selected where/who combination with 319 * selectors and modification form 320 * 321 * @author Andreas Gohr <andi@splitbrain.org> 322 */ 323 function _html_detail(){ 324 global $ID; 325 326 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 327 328 echo '<div id="acl__user">'; 329 echo $this->getLang('acl_perms').' '; 330 $inl = $this->_html_select(); 331 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL; 332 echo '<input type="submit" value="'.$this->getLang('btn_select').'" class="button" />'.NL; 333 echo '</div>'.NL; 334 335 echo '<div id="acl__info">'; 336 $this->_html_info(); 337 echo '</div>'; 338 339 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 340 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 341 echo '<input type="hidden" name="do" value="admin" />'.NL; 342 echo '<input type="hidden" name="page" value="acl" />'.NL; 343 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 344 echo '</div></form>'.NL; 345 } 346 347 /** 348 * Print info and editor 349 */ 350 function _html_info(){ 351 global $ID; 352 353 if($this->who){ 354 $current = $this->_get_exact_perm(); 355 356 // explain current permissions 357 $this->_html_explain($current); 358 // load editor 359 $this->_html_acleditor($current); 360 }else{ 361 echo '<p>'; 362 if($this->ns){ 363 printf($this->getLang('p_choose_ns'),hsc($this->ns)); 364 }else{ 365 printf($this->getLang('p_choose_id'),hsc($ID)); 366 } 367 echo '</p>'; 368 369 echo $this->locale_xhtml('help'); 370 } 371 } 372 373 /** 374 * Display the ACL editor 375 * 376 * @author Andreas Gohr <andi@splitbrain.org> 377 */ 378 function _html_acleditor($current){ 379 global $lang; 380 381 echo '<fieldset>'; 382 if(is_null($current)){ 383 echo '<legend>'.$this->getLang('acl_new').'</legend>'; 384 }else{ 385 echo '<legend>'.$this->getLang('acl_mod').'</legend>'; 386 } 387 388 echo $this->_html_checkboxes($current,empty($this->ns),'acl'); 389 390 if(is_null($current)){ 391 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_save'].'" />'.NL; 392 }else{ 393 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_update'].'" />'.NL; 394 echo '<input type="submit" name="cmd[del]" class="button" value="'.$lang['btn_delete'].'" />'.NL; 395 } 396 397 echo '</fieldset>'; 398 } 399 400 /** 401 * Explain the currently set permissions in plain english/$lang 402 * 403 * @author Andreas Gohr <andi@splitbrain.org> 404 */ 405 function _html_explain($current){ 406 global $ID; 407 global $auth; 408 409 $who = $this->who; 410 $ns = $this->ns; 411 412 // prepare where to check 413 if($ns){ 414 if($ns == '*'){ 415 $check='*'; 416 }else{ 417 $check=$ns.':*'; 418 } 419 }else{ 420 $check = $ID; 421 } 422 423 // prepare who to check 424 if($who{0} == '@'){ 425 $user = ''; 426 $groups = array(ltrim($who,'@')); 427 }else{ 428 $user = $who; 429 $info = $auth->getUserData($user); 430 if($info === false){ 431 $groups = array(); 432 }else{ 433 $groups = $info['grps']; 434 } 435 } 436 437 // check the permissions 438 $perm = auth_aclcheck($check,$user,$groups); 439 440 // build array of named permissions 441 $names = array(); 442 if($perm){ 443 if($ns){ 444 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16'); 445 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8'); 446 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4'); 447 } 448 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2'); 449 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1'); 450 $names = array_reverse($names); 451 }else{ 452 $names[] = $this->getLang('acl_perm0'); 453 } 454 455 // print permission explanation 456 echo '<p>'; 457 if($user){ 458 if($ns){ 459 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names)); 460 }else{ 461 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names)); 462 } 463 }else{ 464 if($ns){ 465 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names)); 466 }else{ 467 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names)); 468 } 469 } 470 echo '</p>'; 471 472 // add note if admin 473 if($perm == AUTH_ADMIN){ 474 echo '<p>'.$this->getLang('p_isadmin').'</p>'; 475 }elseif(is_null($current)){ 476 echo '<p>'.$this->getLang('p_inherited').'</p>'; 477 } 478 } 479 480 481 /** 482 * Item formatter for the tree view 483 * 484 * User function for html_buildlist() 485 * 486 * @author Andreas Gohr <andi@splitbrain.org> 487 */ 488 function _html_list_acl($item){ 489 $ret = ''; 490 // what to display 491 if($item['label']){ 492 $base = $item['label']; 493 }else{ 494 $base = ':'.$item['id']; 495 $base = substr($base,strrpos($base,':')+1); 496 } 497 498 // highlight? 499 if( ($item['type']== $this->current_item['type'] && $item['id'] == $this->current_item['id'])) 500 $cl = ' cur'; 501 502 // namespace or page? 503 if($item['type']=='d'){ 504 if($item['open']){ 505 $img = DOKU_BASE.'lib/images/minus.gif'; 506 $alt = '−'; 507 }else{ 508 $img = DOKU_BASE.'lib/images/plus.gif'; 509 $alt = '+'; 510 } 511 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />'; 512 $ret .= '<a href="'.wl('',$this->_get_opts(array('ns'=>$item['id'],'sectok'=>getSecurityToken()))).'" class="idx_dir'.$cl.'">'; 513 $ret .= $base; 514 $ret .= '</a>'; 515 }else{ 516 $ret .= '<a href="'.wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>'','sectok'=>getSecurityToken()))).'" class="wikilink1'.$cl.'">'; 517 $ret .= noNS($item['id']); 518 $ret .= '</a>'; 519 } 520 return $ret; 521 } 522 523 524 function _html_li_acl($item){ 525 return '<li class="level' . $item['level'] . ' ' . 526 ($item['open'] ? 'open' : 'closed') . '">'; 527 } 528 529 530 /** 531 * Get current ACL settings as multidim array 532 * 533 * @author Andreas Gohr <andi@splitbrain.org> 534 */ 535 function _init_acl_config(){ 536 global $AUTH_ACL; 537 global $conf; 538 $acl_config=array(); 539 $usersgroups = array(); 540 541 // get special users and groups 542 $this->specials[] = '@ALL'; 543 $this->specials[] = '@'.$conf['defaultgroup']; 544 if($conf['manager'] != '!!not set!!'){ 545 $this->specials = array_merge($this->specials, 546 array_map('trim', 547 explode(',',$conf['manager']))); 548 } 549 $this->specials = array_filter($this->specials); 550 $this->specials = array_unique($this->specials); 551 sort($this->specials); 552 553 foreach($AUTH_ACL as $line){ 554 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments 555 if(!$line) continue; 556 557 $acl = preg_split('/[ \t]+/',$line); 558 //0 is pagename, 1 is user, 2 is acl 559 560 $acl[1] = rawurldecode($acl[1]); 561 $acl_config[$acl[0]][$acl[1]] = $acl[2]; 562 563 // store non-special users and groups for later selection dialog 564 $ug = $acl[1]; 565 if(in_array($ug,$this->specials)) continue; 566 $usersgroups[] = $ug; 567 } 568 569 $usersgroups = array_unique($usersgroups); 570 sort($usersgroups); 571 ksort($acl_config); 572 573 $this->acl = $acl_config; 574 $this->usersgroups = $usersgroups; 575 } 576 577 /** 578 * Display all currently set permissions in a table 579 * 580 * @author Andreas Gohr <andi@splitbrain.org> 581 */ 582 function _html_table(){ 583 global $lang; 584 global $ID; 585 586 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 587 if($this->ns){ 588 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 589 }else{ 590 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 591 } 592 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL; 593 echo '<input type="hidden" name="do" value="admin" />'.NL; 594 echo '<input type="hidden" name="page" value="acl" />'.NL; 595 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 596 echo '<div class="table">'; 597 echo '<table class="inline">'; 598 echo '<tr>'; 599 echo '<th>'.$this->getLang('where').'</th>'; 600 echo '<th>'.$this->getLang('who').'</th>'; 601 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" href="#fn__1">1)</a></sup></th>'; 602 echo '<th>'.$lang['btn_delete'].'</th>'; 603 echo '</tr>'; 604 foreach($this->acl as $where => $set){ 605 foreach($set as $who => $perm){ 606 echo '<tr>'; 607 echo '<td>'; 608 if(substr($where,-1) == '*'){ 609 echo '<span class="aclns">'.hsc($where).'</span>'; 610 $ispage = false; 611 }else{ 612 echo '<span class="aclpage">'.hsc($where).'</span>'; 613 $ispage = true; 614 } 615 echo '</td>'; 616 617 echo '<td>'; 618 if($who{0} == '@'){ 619 echo '<span class="aclgroup">'.hsc($who).'</span>'; 620 }else{ 621 echo '<span class="acluser">'.hsc($who).'</span>'; 622 } 623 echo '</td>'; 624 625 echo '<td>'; 626 echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']'); 627 echo '</td>'; 628 629 echo '<td class="check">'; 630 echo '<input type="checkbox" name="del['.hsc($where).'][]" value="'.hsc($who).'" />'; 631 echo '</td>'; 632 echo '</tr>'; 633 } 634 } 635 636 echo '<tr>'; 637 echo '<th class="action" colspan="4">'; 638 echo '<input type="submit" value="'.$lang['btn_update'].'" name="cmd[update]" class="button" />'; 639 echo '</th>'; 640 echo '</tr>'; 641 echo '</table>'; 642 echo '</div>'; 643 echo '</div></form>'.NL; 644 } 645 646 647 /** 648 * Returns the permission which were set for exactly the given user/group 649 * and page/namespace. Returns null if no exact match is available 650 * 651 * @author Andreas Gohr <andi@splitbrain.org> 652 */ 653 function _get_exact_perm(){ 654 global $ID; 655 if($this->ns){ 656 if($this->ns == '*'){ 657 $check = '*'; 658 }else{ 659 $check = $this->ns.':*'; 660 } 661 }else{ 662 $check = $ID; 663 } 664 665 if(isset($this->acl[$check][$this->who])){ 666 return $this->acl[$check][$this->who]; 667 }else{ 668 return null; 669 } 670 } 671 672 /** 673 * adds new acl-entry to conf/acl.auth.php 674 * 675 * @author Frank Schubert <frank@schokilade.de> 676 */ 677 function _acl_add($acl_scope, $acl_user, $acl_level){ 678 global $config_cascade; 679 $acl_config = file_get_contents($config_cascade['acl']['default']); 680 $acl_user = auth_nameencode($acl_user,true); 681 682 // max level for pagenames is edit 683 if(strpos($acl_scope,'*') === false) { 684 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT; 685 } 686 687 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n"; 688 689 $new_config = $acl_config.$new_acl; 690 691 return io_saveFile($config_cascade['acl']['default'], $new_config); 692 } 693 694 /** 695 * remove acl-entry from conf/acl.auth.php 696 * 697 * @author Frank Schubert <frank@schokilade.de> 698 */ 699 function _acl_del($acl_scope, $acl_user){ 700 global $config_cascade; 701 $acl_config = file($config_cascade['acl']['default']); 702 $acl_user = auth_nameencode($acl_user,true); 703 704 $acl_pattern = '^'.preg_quote($acl_scope,'/').'[ \t]+'.$acl_user.'[ \t]+[0-8].*$'; 705 706 // save all non!-matching 707 $new_config = preg_grep("/$acl_pattern/", $acl_config, PREG_GREP_INVERT); 708 709 return io_saveFile($config_cascade['acl']['default'], join('',$new_config)); 710 } 711 712 /** 713 * print the permission radio boxes 714 * 715 * @author Frank Schubert <frank@schokilade.de> 716 * @author Andreas Gohr <andi@splitbrain.org> 717 */ 718 function _html_checkboxes($setperm,$ispage,$name){ 719 global $lang; 720 721 static $label = 0; //number labels 722 $ret = ''; 723 724 if($ispage && $setperm > AUTH_EDIT) $setperm = AUTH_EDIT; 725 726 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ 727 $label += 1; 728 729 //general checkbox attributes 730 $atts = array( 'type' => 'radio', 731 'id' => 'pbox'.$label, 732 'name' => $name, 733 'value' => $perm ); 734 //dynamic attributes 735 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked'; 736 if($ispage && $perm > AUTH_EDIT){ 737 $atts['disabled'] = 'disabled'; 738 $class = ' class="disabled"'; 739 }else{ 740 $class = ''; 741 } 742 743 //build code 744 $ret .= '<label for="pbox'.$label.'"'.$class.'>'; 745 $ret .= '<input '.buildAttributes($atts).' /> '; 746 $ret .= $this->getLang('acl_perm'.$perm); 747 $ret .= '</label>'.NL; 748 } 749 return $ret; 750 } 751 752 /** 753 * Print a user/group selector (reusing already used users and groups) 754 * 755 * @author Andreas Gohr <andi@splitbrain.org> 756 */ 757 function _html_select(){ 758 $inlist = false; 759 760 if($this->who && 761 !in_array($this->who,$this->usersgroups) && 762 !in_array($this->who,$this->specials)){ 763 764 if($this->who{0} == '@'){ 765 $gsel = ' selected="selected"'; 766 }else{ 767 $usel = ' selected="selected"'; 768 } 769 }else{ 770 $usel = ''; 771 $gsel = ''; 772 $inlist = true; 773 } 774 775 echo '<select name="acl_t" class="edit">'.NL; 776 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').':</option>'.NL; 777 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').':</option>'.NL; 778 if (!empty($this->specials)) { 779 echo ' <optgroup label=" ">'.NL; 780 foreach($this->specials as $ug){ 781 if($ug == $this->who){ 782 $sel = ' selected="selected"'; 783 $inlist = true; 784 }else{ 785 $sel = ''; 786 } 787 788 if($ug{0} == '@'){ 789 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 790 }else{ 791 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 792 } 793 } 794 echo ' </optgroup>'.NL; 795 } 796 if (!empty($this->usersgroups)) { 797 echo ' <optgroup label=" ">'.NL; 798 foreach($this->usersgroups as $ug){ 799 if($ug == $this->who){ 800 $sel = ' selected="selected"'; 801 $inlist = true; 802 }else{ 803 $sel = ''; 804 } 805 806 if($ug{0} == '@'){ 807 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 808 }else{ 809 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 810 } 811 } 812 echo ' </optgroup>'.NL; 813 } 814 echo '</select>'.NL; 815 return $inlist; 816 } 817} 818
