1<?php 2/** 3 * ACL administration functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 * @author Anika Henke <anika@selfthinker.org> (concepts) 8 * @author Frank Schubert <frank@schokilade.de> (old version) 9 */ 10 11/** 12 * All DokuWiki plugins to extend the admin function 13 * need to inherit from this class 14 */ 15class admin_plugin_acl extends DokuWiki_Admin_Plugin { 16 var $acl = null; 17 var $ns = null; 18 /** 19 * The currently selected item, associative array with id and type. 20 * Populated from (in this order): 21 * $_REQUEST['current_ns'] 22 * $_REQUEST['current_id'] 23 * $ns 24 * $ID 25 */ 26 var $current_item = null; 27 var $who = ''; 28 var $usersgroups = array(); 29 var $specials = array(); 30 31 /** 32 * return prompt for admin menu 33 */ 34 function getMenuText($language) { 35 return $this->getLang('admin_acl'); 36 } 37 38 /** 39 * return sort order for position in admin menu 40 */ 41 function getMenuSort() { 42 return 1; 43 } 44 45 /** 46 * handle user request 47 * 48 * Initializes internal vars and handles modifications 49 * 50 * @author Andreas Gohr <andi@splitbrain.org> 51 */ 52 function handle() { 53 global $AUTH_ACL; 54 global $ID; 55 global $auth; 56 global $config_cascade; 57 global $INPUT; 58 59 // fresh 1:1 copy without replacements 60 $AUTH_ACL = file($config_cascade['acl']['default']); 61 62 // namespace given? 63 if($INPUT->str('ns') == '*'){ 64 $this->ns = '*'; 65 }else{ 66 $this->ns = cleanID($INPUT->str('ns')); 67 } 68 69 if ($INPUT->str('current_ns')) { 70 $this->current_item = array('id' => cleanID($INPUT->str('current_ns')), 'type' => 'd'); 71 } elseif ($INPUT->str('current_id')) { 72 $this->current_item = array('id' => cleanID($INPUT->str('current_id')), 'type' => 'f'); 73 } elseif ($this->ns) { 74 $this->current_item = array('id' => $this->ns, 'type' => 'd'); 75 } else { 76 $this->current_item = array('id' => $ID, 'type' => 'f'); 77 } 78 79 // user or group choosen? 80 $who = trim($INPUT->str('acl_w')); 81 if($INPUT->str('acl_t') == '__g__' && $who){ 82 $this->who = '@'.ltrim($auth->cleanGroup($who),'@'); 83 }elseif($INPUT->str('acl_t') == '__u__' && $who){ 84 $this->who = ltrim($who,'@'); 85 if($this->who != '%USER%' && $this->who != '%GROUP%'){ #keep wildcard as is 86 $this->who = $auth->cleanUser($this->who); 87 } 88 }elseif($INPUT->str('acl_t') && 89 $INPUT->str('acl_t') != '__u__' && 90 $INPUT->str('acl_t') != '__g__'){ 91 $this->who = $INPUT->str('acl_t'); 92 }elseif($who){ 93 $this->who = $who; 94 } 95 96 // handle modifications 97 if($INPUT->has('cmd') && checkSecurityToken()){ 98 $cmd = $INPUT->extract('cmd')->str('cmd'); 99 100 // scope for modifications 101 if($this->ns){ 102 if($this->ns == '*'){ 103 $scope = '*'; 104 }else{ 105 $scope = $this->ns.':*'; 106 } 107 }else{ 108 $scope = $ID; 109 } 110 111 if($cmd == 'save' && $scope && $this->who && $INPUT->has('acl')){ 112 // handle additions or single modifications 113 $this->_acl_del($scope, $this->who); 114 $this->_acl_add($scope, $this->who, $INPUT->int('acl')); 115 }elseif($cmd == 'del' && $scope && $this->who){ 116 // handle single deletions 117 $this->_acl_del($scope, $this->who); 118 }elseif($cmd == 'update'){ 119 $acl = $INPUT->arr('acl'); 120 121 // handle update of the whole file 122 foreach($INPUT->arr('del') as $where => $names){ 123 // remove all rules marked for deletion 124 foreach($names as $who) 125 unset($acl[$where][$who]); 126 } 127 // prepare lines 128 $lines = array(); 129 // keep header 130 foreach($AUTH_ACL as $line){ 131 if($line{0} == '#'){ 132 $lines[] = $line; 133 }else{ 134 break; 135 } 136 } 137 // re-add all rules 138 foreach($acl as $where => $opt){ 139 foreach($opt as $who => $perm){ 140 if ($who[0]=='@') { 141 if ($who!='@ALL') { 142 $who = '@'.ltrim($auth->cleanGroup($who),'@'); 143 } 144 } elseif ($who != '%USER%' && $who != '%GROUP%'){ #keep wildcard as is 145 $who = $auth->cleanUser($who); 146 } 147 $who = auth_nameencode($who,true); 148 $lines[] = "$where\t$who\t$perm\n"; 149 } 150 } 151 // save it 152 io_saveFile($config_cascade['acl']['default'], join('',$lines)); 153 } 154 155 // reload ACL config 156 $AUTH_ACL = file($config_cascade['acl']['default']); 157 } 158 159 // initialize ACL array 160 $this->_init_acl_config(); 161 } 162 163 /** 164 * ACL Output function 165 * 166 * print a table with all significant permissions for the 167 * current id 168 * 169 * @author Frank Schubert <frank@schokilade.de> 170 * @author Andreas Gohr <andi@splitbrain.org> 171 */ 172 function html() { 173 echo '<div id="acl_manager">'.NL; 174 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL; 175 echo '<div class="level1">'.NL; 176 177 echo '<div id="acl__tree">'.NL; 178 $this->_html_explorer(); 179 echo '</div>'.NL; 180 181 echo '<div id="acl__detail">'.NL; 182 $this->_html_detail(); 183 echo '</div>'.NL; 184 echo '</div>'.NL; 185 186 echo '<div class="clearer"></div>'; 187 echo '<h2>'.$this->getLang('current').'</h2>'.NL; 188 echo '<div class="level2">'.NL; 189 $this->_html_table(); 190 echo '</div>'.NL; 191 192 echo '<div class="footnotes"><div class="fn">'.NL; 193 echo '<sup><a id="fn__1" class="fn_bot" href="#fnt__1">1)</a></sup>'.NL; 194 echo $this->getLang('p_include'); 195 echo '</div></div>'; 196 197 echo '</div>'.NL; 198 } 199 200 /** 201 * returns array with set options for building links 202 * 203 * @author Andreas Gohr <andi@splitbrain.org> 204 */ 205 function _get_opts($addopts=null){ 206 $opts = array( 207 'do'=>'admin', 208 'page'=>'acl', 209 ); 210 if($this->ns) $opts['ns'] = $this->ns; 211 if($this->who) $opts['acl_w'] = $this->who; 212 213 if(is_null($addopts)) return $opts; 214 return array_merge($opts, $addopts); 215 } 216 217 /** 218 * Display a tree menu to select a page or namespace 219 * 220 * @author Andreas Gohr <andi@splitbrain.org> 221 */ 222 function _html_explorer(){ 223 global $conf; 224 global $ID; 225 global $lang; 226 227 $ns = $this->ns; 228 if(empty($ns)){ 229 $ns = dirname(str_replace(':','/',$ID)); 230 if($ns == '.') $ns =''; 231 }elseif($ns == '*'){ 232 $ns =''; 233 } 234 $ns = utf8_encodeFN(str_replace(':','/',$ns)); 235 236 $data = $this->_get_tree($ns); 237 238 // wrap a list with the root level around the other namespaces 239 array_unshift($data, array( 'level' => 0, 'id' => '*', 'type' => 'd', 240 'open' =>'true', 'label' => '['.$lang['mediaroot'].']')); 241 242 echo html_buildlist($data,'acl', 243 array($this,'_html_list_acl'), 244 array($this,'_html_li_acl')); 245 246 } 247 248 /** 249 * get a combined list of media and page files 250 * 251 * @param string $folder an already converted filesystem folder of the current namespace 252 * @param string $limit limit the search to this folder 253 */ 254 function _get_tree($folder,$limit=''){ 255 global $conf; 256 257 // read tree structure from pages and media 258 $data = array(); 259 search($data,$conf['datadir'],'search_index',array('ns' => $folder),$limit); 260 $media = array(); 261 search($media,$conf['mediadir'],'search_index',array('ns' => $folder, 'nofiles' => true),$limit); 262 $data = array_merge($data,$media); 263 unset($media); 264 265 // combine by sorting and removing duplicates 266 usort($data,array($this,'_tree_sort')); 267 $count = count($data); 268 if($count>0) for($i=1; $i<$count; $i++){ 269 if($data[$i-1]['id'] == $data[$i]['id'] && $data[$i-1]['type'] == $data[$i]['type']) { 270 unset($data[$i]); 271 $i++; // duplicate found, next $i can't be a duplicate, so skip forward one 272 } 273 } 274 return $data; 275 } 276 277 /** 278 * usort callback 279 * 280 * Sorts the combined trees of media and page files 281 */ 282 function _tree_sort($a,$b){ 283 // handle the trivial cases first 284 if ($a['id'] == '') return -1; 285 if ($b['id'] == '') return 1; 286 // split up the id into parts 287 $a_ids = explode(':', $a['id']); 288 $b_ids = explode(':', $b['id']); 289 // now loop through the parts 290 while (count($a_ids) && count($b_ids)) { 291 // compare each level from upper to lower 292 // until a non-equal component is found 293 $cur_result = strcmp(array_shift($a_ids), array_shift($b_ids)); 294 if ($cur_result) { 295 // if one of the components is the last component and is a file 296 // and the other one is either of a deeper level or a directory, 297 // the file has to come after the deeper level or directory 298 if (empty($a_ids) && $a['type'] == 'f' && (count($b_ids) || $b['type'] == 'd')) return 1; 299 if (empty($b_ids) && $b['type'] == 'f' && (count($a_ids) || $a['type'] == 'd')) return -1; 300 return $cur_result; 301 } 302 } 303 // The two ids seem to be equal. One of them might however refer 304 // to a page, one to a namespace, the namespace needs to be first. 305 if (empty($a_ids) && empty($b_ids)) { 306 if ($a['type'] == $b['type']) return 0; 307 if ($a['type'] == 'f') return 1; 308 return -1; 309 } 310 // Now the empty part is either a page in the parent namespace 311 // that obviously needs to be after the namespace 312 // Or it is the namespace that contains the other part and should be 313 // before that other part. 314 if (empty($a_ids)) return ($a['type'] == 'd') ? -1 : 1; 315 if (empty($b_ids)) return ($b['type'] == 'd') ? 1 : -1; 316 } 317 318 /** 319 * Display the current ACL for selected where/who combination with 320 * selectors and modification form 321 * 322 * @author Andreas Gohr <andi@splitbrain.org> 323 */ 324 function _html_detail(){ 325 global $ID; 326 327 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 328 329 echo '<div id="acl__user">'; 330 echo $this->getLang('acl_perms').' '; 331 $inl = $this->_html_select(); 332 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL; 333 echo '<button type="submit">'.$this->getLang('btn_select').'</button>'.NL; 334 echo '</div>'.NL; 335 336 echo '<div id="acl__info">'; 337 $this->_html_info(); 338 echo '</div>'; 339 340 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 341 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 342 echo '<input type="hidden" name="do" value="admin" />'.NL; 343 echo '<input type="hidden" name="page" value="acl" />'.NL; 344 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 345 echo '</div></form>'.NL; 346 } 347 348 /** 349 * Print info and editor 350 */ 351 function _html_info(){ 352 global $ID; 353 354 if($this->who){ 355 $current = $this->_get_exact_perm(); 356 357 // explain current permissions 358 $this->_html_explain($current); 359 // load editor 360 $this->_html_acleditor($current); 361 }else{ 362 echo '<p>'; 363 if($this->ns){ 364 printf($this->getLang('p_choose_ns'),hsc($this->ns)); 365 }else{ 366 printf($this->getLang('p_choose_id'),hsc($ID)); 367 } 368 echo '</p>'; 369 370 echo $this->locale_xhtml('help'); 371 } 372 } 373 374 /** 375 * Display the ACL editor 376 * 377 * @author Andreas Gohr <andi@splitbrain.org> 378 */ 379 function _html_acleditor($current){ 380 global $lang; 381 382 echo '<fieldset>'; 383 if(is_null($current)){ 384 echo '<legend>'.$this->getLang('acl_new').'</legend>'; 385 }else{ 386 echo '<legend>'.$this->getLang('acl_mod').'</legend>'; 387 } 388 389 echo $this->_html_checkboxes($current,empty($this->ns),'acl'); 390 391 if(is_null($current)){ 392 echo '<button type="submit" name="cmd[save]">'.$lang['btn_save'].'</button>'.NL; 393 }else{ 394 echo '<button type="submit" name="cmd[save]">'.$lang['btn_update'].'</button>'.NL; 395 echo '<button type="submit" name="cmd[del]">'.$lang['btn_delete'].'</button>'.NL; 396 } 397 398 echo '</fieldset>'; 399 } 400 401 /** 402 * Explain the currently set permissions in plain english/$lang 403 * 404 * @author Andreas Gohr <andi@splitbrain.org> 405 */ 406 function _html_explain($current){ 407 global $ID; 408 global $auth; 409 410 $who = $this->who; 411 $ns = $this->ns; 412 413 // prepare where to check 414 if($ns){ 415 if($ns == '*'){ 416 $check='*'; 417 }else{ 418 $check=$ns.':*'; 419 } 420 }else{ 421 $check = $ID; 422 } 423 424 // prepare who to check 425 if($who{0} == '@'){ 426 $user = ''; 427 $groups = array(ltrim($who,'@')); 428 }else{ 429 $user = $who; 430 $info = $auth->getUserData($user); 431 if($info === false){ 432 $groups = array(); 433 }else{ 434 $groups = $info['grps']; 435 } 436 } 437 438 // check the permissions 439 $perm = auth_aclcheck($check,$user,$groups); 440 441 // build array of named permissions 442 $names = array(); 443 if($perm){ 444 if($ns){ 445 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16'); 446 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8'); 447 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4'); 448 } 449 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2'); 450 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1'); 451 $names = array_reverse($names); 452 }else{ 453 $names[] = $this->getLang('acl_perm0'); 454 } 455 456 // print permission explanation 457 echo '<p>'; 458 if($user){ 459 if($ns){ 460 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names)); 461 }else{ 462 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names)); 463 } 464 }else{ 465 if($ns){ 466 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names)); 467 }else{ 468 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names)); 469 } 470 } 471 echo '</p>'; 472 473 // add note if admin 474 if($perm == AUTH_ADMIN){ 475 echo '<p>'.$this->getLang('p_isadmin').'</p>'; 476 }elseif(is_null($current)){ 477 echo '<p>'.$this->getLang('p_inherited').'</p>'; 478 } 479 } 480 481 482 /** 483 * Item formatter for the tree view 484 * 485 * User function for html_buildlist() 486 * 487 * @author Andreas Gohr <andi@splitbrain.org> 488 */ 489 function _html_list_acl($item){ 490 $ret = ''; 491 // what to display 492 if(!empty($item['label'])){ 493 $base = $item['label']; 494 }else{ 495 $base = ':'.$item['id']; 496 $base = substr($base,strrpos($base,':')+1); 497 } 498 499 // highlight? 500 if( ($item['type']== $this->current_item['type'] && $item['id'] == $this->current_item['id'])) { 501 $cl = ' cur'; 502 } else { 503 $cl = ''; 504 } 505 506 // namespace or page? 507 if($item['type']=='d'){ 508 if($item['open']){ 509 $img = DOKU_BASE.'lib/images/minus.gif'; 510 $alt = '−'; 511 }else{ 512 $img = DOKU_BASE.'lib/images/plus.gif'; 513 $alt = '+'; 514 } 515 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />'; 516 $ret .= '<a href="'. 517 wl('',$this->_get_opts(array('ns'=>$item['id'],'sectok'=>getSecurityToken()))). 518 '" class="idx_dir'.$cl.'">'; 519 $ret .= $base; 520 $ret .= '</a>'; 521 }else{ 522 $ret .= '<a href="'. 523 wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>'','sectok'=>getSecurityToken()))). 524 '" class="wikilink1'.$cl.'">'; 525 $ret .= noNS($item['id']); 526 $ret .= '</a>'; 527 } 528 return $ret; 529 } 530 531 532 function _html_li_acl($item){ 533 return '<li class="level' . $item['level'] . ' ' . 534 ($item['open'] ? 'open' : 'closed') . '">'; 535 } 536 537 538 /** 539 * Get current ACL settings as multidim array 540 * 541 * @author Andreas Gohr <andi@splitbrain.org> 542 */ 543 function _init_acl_config(){ 544 global $AUTH_ACL; 545 global $conf; 546 $acl_config=array(); 547 $usersgroups = array(); 548 549 // get special users and groups 550 $this->specials[] = '@ALL'; 551 $this->specials[] = '@'.$conf['defaultgroup']; 552 if($conf['manager'] != '!!not set!!'){ 553 $this->specials = array_merge($this->specials, 554 array_map('trim', 555 explode(',',$conf['manager']))); 556 } 557 $this->specials = array_filter($this->specials); 558 $this->specials = array_unique($this->specials); 559 sort($this->specials); 560 561 foreach($AUTH_ACL as $line){ 562 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments 563 if(!$line) continue; 564 565 $acl = preg_split('/[ \t]+/',$line); 566 //0 is pagename, 1 is user, 2 is acl 567 568 $acl[1] = rawurldecode($acl[1]); 569 $acl_config[$acl[0]][$acl[1]] = $acl[2]; 570 571 // store non-special users and groups for later selection dialog 572 $ug = $acl[1]; 573 if(in_array($ug,$this->specials)) continue; 574 $usersgroups[] = $ug; 575 } 576 577 $usersgroups = array_unique($usersgroups); 578 sort($usersgroups); 579 ksort($acl_config); 580 581 $this->acl = $acl_config; 582 $this->usersgroups = $usersgroups; 583 } 584 585 /** 586 * Display all currently set permissions in a table 587 * 588 * @author Andreas Gohr <andi@splitbrain.org> 589 */ 590 function _html_table(){ 591 global $lang; 592 global $ID; 593 594 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 595 if($this->ns){ 596 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 597 }else{ 598 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 599 } 600 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL; 601 echo '<input type="hidden" name="do" value="admin" />'.NL; 602 echo '<input type="hidden" name="page" value="acl" />'.NL; 603 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 604 echo '<div class="table">'; 605 echo '<table class="inline">'; 606 echo '<tr>'; 607 echo '<th>'.$this->getLang('where').'</th>'; 608 echo '<th>'.$this->getLang('who').'</th>'; 609 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" href="#fn__1">1)</a></sup></th>'; 610 echo '<th>'.$lang['btn_delete'].'</th>'; 611 echo '</tr>'; 612 foreach($this->acl as $where => $set){ 613 foreach($set as $who => $perm){ 614 echo '<tr>'; 615 echo '<td>'; 616 if(substr($where,-1) == '*'){ 617 echo '<span class="aclns">'.hsc($where).'</span>'; 618 $ispage = false; 619 }else{ 620 echo '<span class="aclpage">'.hsc($where).'</span>'; 621 $ispage = true; 622 } 623 echo '</td>'; 624 625 echo '<td>'; 626 if($who{0} == '@'){ 627 echo '<span class="aclgroup">'.hsc($who).'</span>'; 628 }else{ 629 echo '<span class="acluser">'.hsc($who).'</span>'; 630 } 631 echo '</td>'; 632 633 echo '<td>'; 634 echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']'); 635 echo '</td>'; 636 637 echo '<td class="check">'; 638 echo '<input type="checkbox" name="del['.hsc($where).'][]" value="'.hsc($who).'" />'; 639 echo '</td>'; 640 echo '</tr>'; 641 } 642 } 643 644 echo '<tr>'; 645 echo '<th class="action" colspan="4">'; 646 echo '<button type="submit" name="cmd[update]">'.$lang['btn_update'].'</button>'; 647 echo '</th>'; 648 echo '</tr>'; 649 echo '</table>'; 650 echo '</div>'; 651 echo '</div></form>'.NL; 652 } 653 654 /** 655 * Returns the permission which were set for exactly the given user/group 656 * and page/namespace. Returns null if no exact match is available 657 * 658 * @author Andreas Gohr <andi@splitbrain.org> 659 */ 660 function _get_exact_perm(){ 661 global $ID; 662 if($this->ns){ 663 if($this->ns == '*'){ 664 $check = '*'; 665 }else{ 666 $check = $this->ns.':*'; 667 } 668 }else{ 669 $check = $ID; 670 } 671 672 if(isset($this->acl[$check][$this->who])){ 673 return $this->acl[$check][$this->who]; 674 }else{ 675 return null; 676 } 677 } 678 679 /** 680 * adds new acl-entry to conf/acl.auth.php 681 * 682 * @author Frank Schubert <frank@schokilade.de> 683 */ 684 function _acl_add($acl_scope, $acl_user, $acl_level){ 685 global $config_cascade; 686 $acl_user = auth_nameencode($acl_user,true); 687 688 // max level for pagenames is edit 689 if(strpos($acl_scope,'*') === false) { 690 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT; 691 } 692 693 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n"; 694 695 return io_saveFile($config_cascade['acl']['default'], $new_acl, true); 696 } 697 698 /** 699 * remove acl-entry from conf/acl.auth.php 700 * 701 * @author Frank Schubert <frank@schokilade.de> 702 */ 703 function _acl_del($acl_scope, $acl_user){ 704 global $config_cascade; 705 $acl_user = auth_nameencode($acl_user,true); 706 707 $acl_pattern = '^'.preg_quote($acl_scope,'/').'[ \t]+'.$acl_user.'[ \t]+[0-8].*$'; 708 709 return io_deleteFromFile($config_cascade['acl']['default'], "/$acl_pattern/", true); 710 } 711 712 /** 713 * print the permission radio boxes 714 * 715 * @author Frank Schubert <frank@schokilade.de> 716 * @author Andreas Gohr <andi@splitbrain.org> 717 */ 718 function _html_checkboxes($setperm,$ispage,$name){ 719 global $lang; 720 721 static $label = 0; //number labels 722 $ret = ''; 723 724 if($ispage && $setperm > AUTH_EDIT) $setperm = AUTH_EDIT; 725 726 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ 727 $label += 1; 728 729 //general checkbox attributes 730 $atts = array( 'type' => 'radio', 731 'id' => 'pbox'.$label, 732 'name' => $name, 733 'value' => $perm ); 734 //dynamic attributes 735 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked'; 736 if($ispage && $perm > AUTH_EDIT){ 737 $atts['disabled'] = 'disabled'; 738 $class = ' class="disabled"'; 739 }else{ 740 $class = ''; 741 } 742 743 //build code 744 $ret .= '<label for="pbox'.$label.'"'.$class.'>'; 745 $ret .= '<input '.buildAttributes($atts).' /> '; 746 $ret .= $this->getLang('acl_perm'.$perm); 747 $ret .= '</label>'.NL; 748 } 749 return $ret; 750 } 751 752 /** 753 * Print a user/group selector (reusing already used users and groups) 754 * 755 * @author Andreas Gohr <andi@splitbrain.org> 756 */ 757 function _html_select(){ 758 $inlist = false; 759 $usel = ''; 760 $gsel = ''; 761 762 if($this->who && 763 !in_array($this->who,$this->usersgroups) && 764 !in_array($this->who,$this->specials)){ 765 766 if($this->who{0} == '@'){ 767 $gsel = ' selected="selected"'; 768 }else{ 769 $usel = ' selected="selected"'; 770 } 771 }else{ 772 $inlist = true; 773 } 774 775 echo '<select name="acl_t" class="edit">'.NL; 776 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').'</option>'.NL; 777 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').'</option>'.NL; 778 if (!empty($this->specials)) { 779 echo ' <optgroup label=" ">'.NL; 780 foreach($this->specials as $ug){ 781 if($ug == $this->who){ 782 $sel = ' selected="selected"'; 783 $inlist = true; 784 }else{ 785 $sel = ''; 786 } 787 788 if($ug{0} == '@'){ 789 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 790 }else{ 791 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 792 } 793 } 794 echo ' </optgroup>'.NL; 795 } 796 if (!empty($this->usersgroups)) { 797 echo ' <optgroup label=" ">'.NL; 798 foreach($this->usersgroups as $ug){ 799 if($ug == $this->who){ 800 $sel = ' selected="selected"'; 801 $inlist = true; 802 }else{ 803 $sel = ''; 804 } 805 806 if($ug{0} == '@'){ 807 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 808 }else{ 809 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 810 } 811 } 812 echo ' </optgroup>'.NL; 813 } 814 echo '</select>'.NL; 815 return $inlist; 816 } 817} 818
