1<?php
2
3use dokuwiki\Extension\RemotePlugin;
4use dokuwiki\Remote\AccessDeniedException;
5
6/**
7 * Class remote_plugin_acl
8 */
9class remote_plugin_acl extends RemotePlugin
10{
11    /**
12     * Get the list all ACL config entries
13     *
14     * @return array {Scope: ACL}, where ACL = dictionnary {user/group: permissions_int}
15     * @throws AccessDeniedException
16     */
17    public function listAcls()
18    {
19        if (!auth_isadmin()) {
20            throw new AccessDeniedException(
21                'You are not allowed to access ACLs, superuser permission is required',
22                114
23            );
24        }
25        /** @var admin_plugin_acl $apa */
26        $apa = plugin_load('admin', 'acl');
27        $apa->initAclConfig();
28        return $apa->acl;
29    }
30
31    /**
32     * Add a new ACL rule to the config
33     *
34     * @param string $scope The page or namespace to apply the ACL to
35     * @param string $user The user or group to apply the ACL to
36     * @param int $level The permission level to set
37     * @return bool  If adding the ACL rule was successful
38     * @throws AccessDeniedException
39     */
40    public function addAcl($scope, $user, $level)
41    {
42        if (!auth_isadmin()) {
43            throw new AccessDeniedException(
44                'You are not allowed to access ACLs, superuser permission is required',
45                114
46            );
47        }
48
49        /** @var admin_plugin_acl $apa */
50        $apa = plugin_load('admin', 'acl');
51        return $apa->addOrUpdateACL($scope, $user, $level);
52    }
53
54    /**
55     * Remove an entry from ACL config
56     *
57     * @param string $scope The page or namespace the ACL applied to
58     * @param string $user The user or group the ACL applied to
59     * @return bool If removing the ACL rule was successful
60     * @throws AccessDeniedException
61     */
62    public function delAcl($scope, $user)
63    {
64        if (!auth_isadmin()) {
65            throw new AccessDeniedException(
66                'You are not allowed to access ACLs, superuser permission is required',
67                114
68            );
69        }
70
71        /** @var admin_plugin_acl $apa */
72        $apa = plugin_load('admin', 'acl');
73        return $apa->deleteACL($scope, $user);
74    }
75}
76