1<?php 2/** 3 * ACL administration functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 * @author Anika Henke <anika@selfthinker.org> (concepts) 8 * @author Frank Schubert <frank@schokilade.de> (old version) 9 */ 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13/** 14 * All DokuWiki plugins to extend the admin function 15 * need to inherit from this class 16 */ 17class admin_plugin_acl extends DokuWiki_Admin_Plugin { 18 var $acl = null; 19 var $ns = null; 20 var $who = ''; 21 var $usersgroups = array(); 22 var $specials = array(); 23 24 /** 25 * return some info 26 */ 27 function getInfo(){ 28 return array( 29 'author' => 'Andreas Gohr', 30 'email' => 'andi@splitbrain.org', 31 'date' => '2010-01-17', 32 'name' => 'ACL Manager', 33 'desc' => 'Manage Page Access Control Lists', 34 'url' => 'http://dokuwiki.org/plugin:acl', 35 ); 36 } 37 38 /** 39 * return prompt for admin menu 40 */ 41 function getMenuText($language) { 42 return $this->getLang('admin_acl'); 43 } 44 45 /** 46 * return sort order for position in admin menu 47 */ 48 function getMenuSort() { 49 return 1; 50 } 51 52 /** 53 * handle user request 54 * 55 * Initializes internal vars and handles modifications 56 * 57 * @author Andreas Gohr <andi@splitbrain.org> 58 */ 59 function handle() { 60 global $AUTH_ACL; 61 global $ID; 62 global $auth; 63 64 // fresh 1:1 copy without replacements 65 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php'); 66 67 68 // namespace given? 69 if($_REQUEST['ns'] == '*'){ 70 $this->ns = '*'; 71 }else{ 72 $this->ns = cleanID($_REQUEST['ns']); 73 } 74 75 // user or group choosen? 76 $who = trim($_REQUEST['acl_w']); 77 if($_REQUEST['acl_t'] == '__g__' && $who){ 78 $this->who = '@'.ltrim($auth->cleanGroup($who),'@'); 79 }elseif($_REQUEST['acl_t'] == '__u__' && $who){ 80 $this->who = ltrim($auth->cleanUser($who),'@'); 81 }elseif($_REQUEST['acl_t'] && 82 $_REQUEST['acl_t'] != '__u__' && 83 $_REQUEST['acl_t'] != '__g__'){ 84 $this->who = $_REQUEST['acl_t']; 85 }elseif($who){ 86 $this->who = $who; 87 } 88 89 // handle modifications 90 if(isset($_REQUEST['cmd']) && checkSecurityToken()){ 91 92 // scope for modifications 93 if($this->ns){ 94 if($this->ns == '*'){ 95 $scope = '*'; 96 }else{ 97 $scope = $this->ns.':*'; 98 } 99 }else{ 100 $scope = $ID; 101 } 102 103 if(isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])){ 104 // handle additions or single modifications 105 $this->_acl_del($scope, $this->who); 106 $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']); 107 }elseif(isset($_REQUEST['cmd']['del']) && $scope && $this->who){ 108 // handle single deletions 109 $this->_acl_del($scope, $this->who); 110 }elseif(isset($_REQUEST['cmd']['update'])){ 111 // handle update of the whole file 112 foreach((array) $_REQUEST['del'] as $where => $names){ 113 // remove all rules marked for deletion 114 foreach($names as $who) 115 unset($_REQUEST['acl'][$where][$who]); 116 } 117 // prepare lines 118 $lines = array(); 119 // keep header 120 foreach($AUTH_ACL as $line){ 121 if($line{0} == '#'){ 122 $lines[] = $line; 123 }else{ 124 break; 125 } 126 } 127 // re-add all rules 128 foreach((array) $_REQUEST['acl'] as $where => $opt){ 129 foreach($opt as $who => $perm){ 130 if ($who[0]=='@') { 131 if ($who!='@ALL') { 132 $who = '@'.ltrim($auth->cleanGroup($who),'@'); 133 } 134 } else { 135 $who = $auth->cleanUser($who); 136 } 137 $who = auth_nameencode($who,true); 138 $lines[] = "$where\t$who\t$perm\n"; 139 } 140 } 141 // save it 142 io_saveFile(DOKU_CONF.'acl.auth.php', join('',$lines)); 143 } 144 145 // reload ACL config 146 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php'); 147 } 148 149 // initialize ACL array 150 $this->_init_acl_config(); 151 } 152 153 /** 154 * ACL Output function 155 * 156 * print a table with all significant permissions for the 157 * current id 158 * 159 * @author Frank Schubert <frank@schokilade.de> 160 * @author Andreas Gohr <andi@splitbrain.org> 161 */ 162 function html() { 163 global $ID; 164 165 echo '<div id="acl_manager">'.NL; 166 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL; 167 echo '<div class="level1">'.NL; 168 169 echo '<div id="acl__tree">'.NL; 170 $this->_html_explorer($_REQUEST['ns']); 171 echo '</div>'.NL; 172 173 echo '<div id="acl__detail">'.NL; 174 $this->_html_detail(); 175 echo '</div>'.NL; 176 echo '</div>'.NL; 177 178 echo '<div class="clearer"></div>'; 179 echo '<h2>'.$this->getLang('current').'</h2>'.NL; 180 echo '<div class="level2">'.NL; 181 $this->_html_table(); 182 echo '</div>'.NL; 183 184 echo '<div class="footnotes"><div class="fn">'.NL; 185 echo '<sup><a id="fn__1" class="fn_bot" name="fn__1" href="#fnt__1">1)</a></sup>'.NL; 186 echo $this->getLang('p_include'); 187 echo '</div></div>'; 188 189 echo '</div>'.NL; 190 } 191 192 /** 193 * returns array with set options for building links 194 * 195 * @author Andreas Gohr <andi@splitbrain.org> 196 */ 197 function _get_opts($addopts=null){ 198 global $ID; 199 $opts = array( 200 'do'=>'admin', 201 'page'=>'acl', 202 ); 203 if($this->ns) $opts['ns'] = $this->ns; 204 if($this->who) $opts['acl_w'] = $this->who; 205 206 if(is_null($addopts)) return $opts; 207 return array_merge($opts, $addopts); 208 } 209 210 /** 211 * Display a tree menu to select a page or namespace 212 * 213 * @author Andreas Gohr <andi@splitbrain.org> 214 */ 215 function _html_explorer(){ 216 global $conf; 217 global $ID; 218 global $lang; 219 220 $dir = $conf['datadir']; 221 $ns = $this->ns; 222 if(empty($ns)){ 223 $ns = dirname(str_replace(':','/',$ID)); 224 if($ns == '.') $ns =''; 225 }elseif($ns == '*'){ 226 $ns =''; 227 } 228 $ns = utf8_encodeFN(str_replace(':','/',$ns)); 229 230 $data = $this->_get_tree($ns); 231 232 // wrap a list with the root level around the other namespaces 233 $item = array( 'level' => 0, 'id' => '*', 'type' => 'd', 234 'open' =>'true', 'label' => '['.$lang['mediaroot'].']'); 235 236 echo '<ul class="acltree">'; 237 echo $this->_html_li_acl($item); 238 echo '<div class="li">'; 239 echo $this->_html_list_acl($item); 240 echo '</div>'; 241 echo html_buildlist($data,'acl', 242 array($this,'_html_list_acl'), 243 array($this,'_html_li_acl')); 244 echo '</li>'; 245 echo '</ul>'; 246 247 } 248 249 /** 250 * get a combined list of media and page files 251 * 252 * @param string $folder an already converted filesystem folder of the current namespace 253 * @param string $limit limit the search to this folder 254 */ 255 function _get_tree($folder,$limit=''){ 256 global $conf; 257 258 // read tree structure from pages and media 259 $data = array(); 260 search($data,$conf['datadir'],'search_index',array('ns' => $folder),$limit); 261 $media = array(); 262 search($media,$conf['mediadir'],'search_index',array('ns' => $folder, 'nofiles' => true),$limit); 263 $data = array_merge($data,$media); 264 unset($media); 265 266 // combine by sorting and removing duplicates 267 usort($data,array($this,'_tree_sort')); 268 $count = count($data); 269 if($count>0) for($i=1; $i<$count; $i++){ 270 if($data[$i-1]['id'] == $data[$i]['id'] && $data[$i-1]['type'] == $data[$i]['type']) unset($data[$i]); 271 } 272 return $data; 273 } 274 275 /** 276 * usort callback 277 * 278 * Sorts the combined trees of media and page files 279 */ 280 function _tree_sort($a,$b){ 281 // handle the trivial cases first 282 if ($a['id'] == '') return -1; 283 if ($b['id'] == '') return 1; 284 // split up the id into parts 285 $a_ids = explode(':', $a['id']); 286 $b_ids = explode(':', $b['id']); 287 // now loop through the parts 288 while (count($a_ids) && count($b_ids)) { 289 // compare each level from upper to lower 290 // until a non-equal component is found 291 $cur_result = strcmp(array_shift($a_ids), array_shift($b_ids)); 292 if ($cur_result) { 293 // if one of the components is the last component and is a file 294 // and the other one is either of a deeper level or a directory, 295 // the file has to come after the deeper level or directory 296 if (empty($a_ids) && $a['type'] == 'f' && (count($b_ids) || $b['type'] == 'd')) return 1; 297 if (empty($b_ids) && $b['type'] == 'f' && (count($a_ids) || $a['type'] == 'd')) return -1; 298 return $cur_result; 299 } 300 } 301 // The two ids seem to be equal. One of them might however refer 302 // to a page, one to a namespace, the namespace needs to be first. 303 if (empty($a_ids) && empty($b_ids)) { 304 if ($a['type'] == $b['type']) return 0; 305 if ($a['type'] == 'f') return 1; 306 return -1; 307 } 308 // Now the empty part is either a page in the parent namespace 309 // that obviously needs to be after the namespace 310 // Or it is the namespace that contains the other part and should be 311 // before that other part. 312 if (empty($a_ids)) return ($a['type'] == 'd') ? -1 : 1; 313 if (empty($b_ids)) return ($b['type'] == 'd') ? 1 : -1; 314 } 315 316 /** 317 * Display the current ACL for selected where/who combination with 318 * selectors and modification form 319 * 320 * @author Andreas Gohr <andi@splitbrain.org> 321 */ 322 function _html_detail(){ 323 global $conf; 324 global $ID; 325 326 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 327 328 echo '<div id="acl__user">'; 329 echo $this->getLang('acl_perms').' '; 330 $inl = $this->_html_select(); 331 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL; 332 echo '<input type="submit" value="'.$this->getLang('btn_select').'" class="button" />'.NL; 333 echo '</div>'.NL; 334 335 echo '<div id="acl__info">'; 336 $this->_html_info(); 337 echo '</div>'; 338 339 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 340 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 341 echo '<input type="hidden" name="do" value="admin" />'.NL; 342 echo '<input type="hidden" name="page" value="acl" />'.NL; 343 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 344 echo '</div></form>'.NL; 345 } 346 347 /** 348 * Print infos and editor 349 */ 350 function _html_info(){ 351 global $ID; 352 353 if($this->who){ 354 $current = $this->_get_exact_perm(); 355 356 // explain current permissions 357 $this->_html_explain($current); 358 // load editor 359 $this->_html_acleditor($current); 360 }else{ 361 echo '<p>'; 362 if($this->ns){ 363 printf($this->getLang('p_choose_ns'),hsc($this->ns)); 364 }else{ 365 printf($this->getLang('p_choose_id'),hsc($ID)); 366 } 367 echo '</p>'; 368 369 echo $this->locale_xhtml('help'); 370 } 371 } 372 373 /** 374 * Display the ACL editor 375 * 376 * @author Andreas Gohr <andi@splitbrain.org> 377 */ 378 function _html_acleditor($current){ 379 global $lang; 380 381 echo '<fieldset>'; 382 if(is_null($current)){ 383 echo '<legend>'.$this->getLang('acl_new').'</legend>'; 384 }else{ 385 echo '<legend>'.$this->getLang('acl_mod').'</legend>'; 386 } 387 388 389 echo $this->_html_checkboxes($current,empty($this->ns),'acl'); 390 391 if(is_null($current)){ 392 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_save'].'" />'.NL; 393 }else{ 394 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_update'].'" />'.NL; 395 echo '<input type="submit" name="cmd[del]" class="button" value="'.$lang['btn_delete'].'" />'.NL; 396 } 397 398 echo '</fieldset>'; 399 } 400 401 /** 402 * Explain the currently set permissions in plain english/$lang 403 * 404 * @author Andreas Gohr <andi@splitbrain.org> 405 */ 406 function _html_explain($current){ 407 global $ID; 408 global $auth; 409 410 $who = $this->who; 411 $ns = $this->ns; 412 413 // prepare where to check 414 if($ns){ 415 if($ns == '*'){ 416 $check='*'; 417 }else{ 418 $check=$ns.':*'; 419 } 420 }else{ 421 $check = $ID; 422 } 423 424 // prepare who to check 425 if($who{0} == '@'){ 426 $user = ''; 427 $groups = array(ltrim($who,'@')); 428 }else{ 429 $user = auth_nameencode($who); 430 $info = $auth->getUserData($user); 431 if($info === false){ 432 $groups = array(); 433 }else{ 434 $groups = $info['grps']; 435 } 436 } 437 438 // check the permissions 439 $perm = auth_aclcheck($check,$user,$groups); 440 441 // build array of named permissions 442 $names = array(); 443 if($perm){ 444 if($ns){ 445 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16'); 446 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8'); 447 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4'); 448 } 449 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2'); 450 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1'); 451 $names = array_reverse($names); 452 }else{ 453 $names[] = $this->getLang('acl_perm0'); 454 } 455 456 // print permission explanation 457 echo '<p>'; 458 if($user){ 459 if($ns){ 460 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names)); 461 }else{ 462 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names)); 463 } 464 }else{ 465 if($ns){ 466 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names)); 467 }else{ 468 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names)); 469 } 470 } 471 echo '</p>'; 472 473 // add note if admin 474 if($perm == AUTH_ADMIN){ 475 echo '<p>'.$this->getLang('p_isadmin').'</p>'; 476 }elseif(is_null($current)){ 477 echo '<p>'.$this->getLang('p_inherited').'</p>'; 478 } 479 } 480 481 482 /** 483 * Item formatter for the tree view 484 * 485 * User function for html_buildlist() 486 * 487 * @author Andreas Gohr <andi@splitbrain.org> 488 */ 489 function _html_list_acl($item){ 490 global $ID; 491 $ret = ''; 492 // what to display 493 if($item['label']){ 494 $base = $item['label']; 495 }else{ 496 $base = ':'.$item['id']; 497 $base = substr($base,strrpos($base,':')+1); 498 } 499 500 // highlight? 501 if( ($item['type']=='d' && $item['id'] == $this->ns) || 502 ($item['type']!='d' && $item['id'] == $ID)) $cl = ' cur'; 503 504 // namespace or page? 505 if($item['type']=='d'){ 506 if($item['open']){ 507 $img = DOKU_BASE.'lib/images/minus.gif'; 508 $alt = '−'; 509 }else{ 510 $img = DOKU_BASE.'lib/images/plus.gif'; 511 $alt = '+'; 512 } 513 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />'; 514 $ret .= '<a href="'.wl('',$this->_get_opts(array('ns'=>$item['id'],'sectok'=>getSecurityToken()))).'" class="idx_dir'.$cl.'">'; 515 $ret .= $base; 516 $ret .= '</a>'; 517 }else{ 518 $ret .= '<a href="'.wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>'','sectok'=>getSecurityToken()))).'" class="wikilink1'.$cl.'">'; 519 $ret .= noNS($item['id']); 520 $ret .= '</a>'; 521 } 522 return $ret; 523 } 524 525 526 function _html_li_acl($item){ 527 return '<li class="level'.$item['level'].'">'; 528 } 529 530 531 /** 532 * Get current ACL settings as multidim array 533 * 534 * @author Andreas Gohr <andi@splitbrain.org> 535 */ 536 function _init_acl_config(){ 537 global $AUTH_ACL; 538 global $conf; 539 $acl_config=array(); 540 $usersgroups = array(); 541 542 // get special users and groups 543 $this->specials[] = '@ALL'; 544 $this->specials[] = '@'.$conf['defaultgroup']; 545 if($conf['manager'] != '!!not set!!'){ 546 $this->specials = array_merge($this->specials, 547 array_map('trim', 548 explode(',',$conf['manager']))); 549 } 550 $this->specials = array_filter($this->specials); 551 $this->specials = array_unique($this->specials); 552 sort($this->specials); 553 554 foreach($AUTH_ACL as $line){ 555 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments 556 if(!$line) continue; 557 558 $acl = preg_split('/\s+/',$line); 559 //0 is pagename, 1 is user, 2 is acl 560 561 $acl[1] = rawurldecode($acl[1]); 562 $acl_config[$acl[0]][$acl[1]] = $acl[2]; 563 564 // store non-special users and groups for later selection dialog 565 $ug = $acl[1]; 566 if(in_array($ug,$this->specials)) continue; 567 $usersgroups[] = $ug; 568 } 569 570 $usersgroups = array_unique($usersgroups); 571 sort($usersgroups); 572 ksort($acl_config); 573 574 $this->acl = $acl_config; 575 $this->usersgroups = $usersgroups; 576 } 577 578 /** 579 * Display all currently set permissions in a table 580 * 581 * @author Andreas Gohr <andi@splitbrain.org> 582 */ 583 function _html_table(){ 584 global $lang; 585 global $ID; 586 587 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 588 if($this->ns){ 589 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 590 }else{ 591 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 592 } 593 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL; 594 echo '<input type="hidden" name="do" value="admin" />'.NL; 595 echo '<input type="hidden" name="page" value="acl" />'.NL; 596 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 597 echo '<table class="inline">'; 598 echo '<tr>'; 599 echo '<th>'.$this->getLang('where').'</th>'; 600 echo '<th>'.$this->getLang('who').'</th>'; 601 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" name="fnt__1" href="#fn__1">1)</a></sup></th>'; 602 echo '<th>'.$lang['btn_delete'].'</th>'; 603 echo '</tr>'; 604 foreach($this->acl as $where => $set){ 605 foreach($set as $who => $perm){ 606 echo '<tr>'; 607 echo '<td>'; 608 if(substr($where,-1) == '*'){ 609 echo '<span class="aclns">'.hsc($where).'</span>'; 610 $ispage = false; 611 }else{ 612 echo '<span class="aclpage">'.hsc($where).'</span>'; 613 $ispage = true; 614 } 615 echo '</td>'; 616 617 echo '<td>'; 618 if($who{0} == '@'){ 619 echo '<span class="aclgroup">'.hsc($who).'</span>'; 620 }else{ 621 echo '<span class="acluser">'.hsc($who).'</span>'; 622 } 623 echo '</td>'; 624 625 echo '<td>'; 626 echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']'); 627 echo '</td>'; 628 629 echo '<td align="center">'; 630 echo '<input type="checkbox" name="del['.hsc($where).'][]" value="'.hsc($who).'" />'; 631 echo '</td>'; 632 echo '</tr>'; 633 } 634 } 635 636 echo '<tr>'; 637 echo '<th align="right" colspan="4">'; 638 echo '<input type="submit" value="'.$lang['btn_update'].'" name="cmd[update]" class="button" />'; 639 echo '</th>'; 640 echo '</tr>'; 641 echo '</table>'; 642 echo '</div></form>'.NL; 643 } 644 645 646 /** 647 * Returns the permission which were set for exactly the given user/group 648 * and page/namespace. Returns null if no exact match is available 649 * 650 * @author Andreas Gohr <andi@splitbrain.org> 651 */ 652 function _get_exact_perm(){ 653 global $ID; 654 if($this->ns){ 655 if($this->ns == '*'){ 656 $check = '*'; 657 }else{ 658 $check = $this->ns.':*'; 659 } 660 }else{ 661 $check = $ID; 662 } 663 664 if(isset($this->acl[$check][$this->who])){ 665 return $this->acl[$check][$this->who]; 666 }else{ 667 return null; 668 } 669 } 670 671 /** 672 * adds new acl-entry to conf/acl.auth.php 673 * 674 * @author Frank Schubert <frank@schokilade.de> 675 */ 676 function _acl_add($acl_scope, $acl_user, $acl_level){ 677 $acl_config = file_get_contents(DOKU_CONF.'acl.auth.php'); 678 $acl_user = auth_nameencode($acl_user,true); 679 680 // max level for pagenames is edit 681 if(strpos($acl_scope,'*') === false) { 682 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT; 683 } 684 685 686 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n"; 687 688 $new_config = $acl_config.$new_acl; 689 690 return io_saveFile(DOKU_CONF.'acl.auth.php', $new_config); 691 } 692 693 /** 694 * remove acl-entry from conf/acl.auth.php 695 * 696 * @author Frank Schubert <frank@schokilade.de> 697 */ 698 function _acl_del($acl_scope, $acl_user){ 699 $acl_config = file(DOKU_CONF.'acl.auth.php'); 700 $acl_user = auth_nameencode($acl_user,true); 701 702 $acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$'; 703 704 // save all non!-matching 705 $new_config = preg_grep("/$acl_pattern/", $acl_config, PREG_GREP_INVERT); 706 707 return io_saveFile(DOKU_CONF.'acl.auth.php', join('',$new_config)); 708 } 709 710 /** 711 * print the permission radio boxes 712 * 713 * @author Frank Schubert <frank@schokilade.de> 714 * @author Andreas Gohr <andi@splitbrain.org> 715 */ 716 function _html_checkboxes($setperm,$ispage,$name){ 717 global $lang; 718 719 static $label = 0; //number labels 720 $ret = ''; 721 722 if($ispage && $setperm > AUTH_EDIT) $perm = AUTH_EDIT; 723 724 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ 725 $label += 1; 726 727 //general checkbox attributes 728 $atts = array( 'type' => 'radio', 729 'id' => 'pbox'.$label, 730 'name' => $name, 731 'value' => $perm ); 732 //dynamic attributes 733 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked'; 734 if($ispage && $perm > AUTH_EDIT){ 735 $atts['disabled'] = 'disabled'; 736 $class = ' class="disabled"'; 737 }else{ 738 $class = ''; 739 } 740 741 //build code 742 $ret .= '<label for="pbox'.$label.'" title="'.$this->getLang('acl_perm'.$perm).'"'.$class.'>'; 743 $ret .= '<input '.html_attbuild($atts).' /> '; 744 $ret .= $this->getLang('acl_perm'.$perm); 745 $ret .= '</label>'.NL; 746 } 747 return $ret; 748 } 749 750 /** 751 * Print a user/group selector (reusing already used users and groups) 752 * 753 * @author Andreas Gohr <andi@splitbrain.org> 754 */ 755 function _html_select(){ 756 global $conf; 757 $inlist = false; 758 759 if($this->who && 760 !in_array($this->who,$this->usersgroups) && 761 !in_array($this->who,$this->specials)){ 762 763 if($this->who{0} == '@'){ 764 $gsel = ' selected="selected"'; 765 }else{ 766 $usel = ' selected="selected"'; 767 } 768 }else{ 769 $usel = ''; 770 $gsel = ''; 771 $inlist = true; 772 } 773 774 775 echo '<select name="acl_t" class="edit">'.NL; 776 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').':</option>'.NL; 777 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').':</option>'.NL; 778 echo ' <optgroup label=" ">'.NL; 779 foreach($this->specials as $ug){ 780 if($ug == $this->who){ 781 $sel = ' selected="selected"'; 782 $inlist = true; 783 }else{ 784 $sel = ''; 785 } 786 787 if($ug{0} == '@'){ 788 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 789 }else{ 790 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 791 } 792 } 793 echo ' </optgroup>'.NL; 794 echo ' <optgroup label=" ">'.NL; 795 foreach($this->usersgroups as $ug){ 796 if($ug == $this->who){ 797 $sel = ' selected="selected"'; 798 $inlist = true; 799 }else{ 800 $sel = ''; 801 } 802 803 if($ug{0} == '@'){ 804 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 805 }else{ 806 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 807 } 808 } 809 echo ' </optgroup>'.NL; 810 echo '</select>'.NL; 811 return $inlist; 812 } 813} 814
