xref: /dokuwiki/lib/plugins/acl/remote.php (revision 8553d24d33ab5f260c6e19959de764dd8472d438) 
19f8068d2SMohamed Amine BERGAOUI<?php
29f8068d2SMohamed Amine BERGAOUI
3*8553d24dSAndreas Gohruse dokuwiki\Extension\RemotePlugin;
4dd87735dSAndreas Gohruse dokuwiki\Remote\AccessDeniedException;
5dd87735dSAndreas Gohr
642ea7f44SGerrit Uitslag/**
742ea7f44SGerrit Uitslag * Class remote_plugin_acl
842ea7f44SGerrit Uitslag */
9*8553d24dSAndreas Gohrclass remote_plugin_acl extends RemotePlugin
10a4e3d556SAndreas Gohr{
1142ea7f44SGerrit Uitslag
1242ea7f44SGerrit Uitslag    /**
1342ea7f44SGerrit Uitslag     * Returns details about the remote plugin methods
1442ea7f44SGerrit Uitslag     *
15dd87735dSAndreas Gohr     * @return array Information about all provided methods. {@see dokuwiki\Remote\RemoteAPI}
1642ea7f44SGerrit Uitslag     */
17a4e3d556SAndreas Gohr    public function _getMethods()
18a4e3d556SAndreas Gohr    {
19bff2c9d2SAndreas Gohr        return [
20bff2c9d2SAndreas Gohr            'listAcls' => [
21bff2c9d2SAndreas Gohr                'args' => [],
226d2588b6SCyril Duchon-Doris                'return' => 'Array of ACLs {scope, user, permission}',
2332b2e368SDharmik                'name' => 'listAcls',
24bff2c9d2SAndreas Gohr                'doc' => 'Get the list of all ACLs'
25bff2c9d2SAndreas Gohr            ],
26bff2c9d2SAndreas Gohr            'addAcl' => [
27bff2c9d2SAndreas Gohr                'args' => ['string', 'string', 'int'],
289f8068d2SMohamed Amine BERGAOUI                'return' => 'int',
299f8068d2SMohamed Amine BERGAOUI                'name' => 'addAcl',
309f8068d2SMohamed Amine BERGAOUI                'doc' => 'Adds a new ACL rule.'
31bff2c9d2SAndreas Gohr            ],
32bff2c9d2SAndreas Gohr            'delAcl' => [
33bff2c9d2SAndreas Gohr                'args' => ['string', 'string'],
349f8068d2SMohamed Amine BERGAOUI                'return' => 'int',
359f8068d2SMohamed Amine BERGAOUI                'name' => 'delAcl',
369f8068d2SMohamed Amine BERGAOUI                'doc' => 'Delete an existing ACL rule.'
37bff2c9d2SAndreas Gohr            ]
38bff2c9d2SAndreas Gohr        ];
399f8068d2SMohamed Amine BERGAOUI    }
409f8068d2SMohamed Amine BERGAOUI
4142ea7f44SGerrit Uitslag    /**
426d2588b6SCyril Duchon-Doris     * List all ACL config entries
436d2588b6SCyril Duchon-Doris     *
44dd87735dSAndreas Gohr     * @throws AccessDeniedException
4542f3fd0aSCyril Duchon-Doris     * @return dictionary {Scope: ACL}, where ACL = dictionnary {user/group: permissions_int}
466d2588b6SCyril Duchon-Doris     */
47a4e3d556SAndreas Gohr    public function listAcls()
48a4e3d556SAndreas Gohr    {
4942f3fd0aSCyril Duchon-Doris        if (!auth_isadmin()) {
50dd87735dSAndreas Gohr            throw new AccessDeniedException(
5164159a61SAndreas Gohr                'You are not allowed to access ACLs, superuser permission is required',
5264159a61SAndreas Gohr                114
5364159a61SAndreas Gohr            );
5442f3fd0aSCyril Duchon-Doris        }
556d2588b6SCyril Duchon-Doris        /** @var admin_plugin_acl $apa */
566d2588b6SCyril Duchon-Doris        $apa = plugin_load('admin', 'acl');
57a4e3d556SAndreas Gohr        $apa->initAclConfig();
5842f3fd0aSCyril Duchon-Doris        return $apa->acl;
596d2588b6SCyril Duchon-Doris    }
606d2588b6SCyril Duchon-Doris
616d2588b6SCyril Duchon-Doris    /**
6242ea7f44SGerrit Uitslag     * Add a new entry to ACL config
6342ea7f44SGerrit Uitslag     *
6442ea7f44SGerrit Uitslag     * @param string $scope
6542ea7f44SGerrit Uitslag     * @param string $user
6642ea7f44SGerrit Uitslag     * @param int    $level see also inc/auth.php
67dd87735dSAndreas Gohr     * @throws AccessDeniedException
6842ea7f44SGerrit Uitslag     * @return bool
6942ea7f44SGerrit Uitslag     */
70a4e3d556SAndreas Gohr    public function addAcl($scope, $user, $level)
71a4e3d556SAndreas Gohr    {
729cbf80e6SAndreas Gohr        if (!auth_isadmin()) {
73dd87735dSAndreas Gohr            throw new AccessDeniedException(
7464159a61SAndreas Gohr                'You are not allowed to access ACLs, superuser permission is required',
7564159a61SAndreas Gohr                114
7664159a61SAndreas Gohr            );
779cbf80e6SAndreas Gohr        }
789cbf80e6SAndreas Gohr
7959bc3b48SGerrit Uitslag        /** @var admin_plugin_acl $apa */
801b7fc214SMohamed Amine BERGAOUI        $apa = plugin_load('admin', 'acl');
8155cc5b99SAndreas Gohr        return $apa->addOrUpdateACL($scope, $user, $level);
829f8068d2SMohamed Amine BERGAOUI    }
839f8068d2SMohamed Amine BERGAOUI
8442ea7f44SGerrit Uitslag    /**
8542ea7f44SGerrit Uitslag     * Remove an entry from ACL config
8642ea7f44SGerrit Uitslag     *
8742ea7f44SGerrit Uitslag     * @param string $scope
8842ea7f44SGerrit Uitslag     * @param string $user
89dd87735dSAndreas Gohr     * @throws AccessDeniedException
9042ea7f44SGerrit Uitslag     * @return bool
9142ea7f44SGerrit Uitslag     */
92a4e3d556SAndreas Gohr    public function delAcl($scope, $user)
93a4e3d556SAndreas Gohr    {
949cbf80e6SAndreas Gohr        if (!auth_isadmin()) {
95dd87735dSAndreas Gohr            throw new AccessDeniedException(
9664159a61SAndreas Gohr                'You are not allowed to access ACLs, superuser permission is required',
9764159a61SAndreas Gohr                114
9864159a61SAndreas Gohr            );
999cbf80e6SAndreas Gohr        }
1009cbf80e6SAndreas Gohr
10159bc3b48SGerrit Uitslag        /** @var admin_plugin_acl $apa */
1021b7fc214SMohamed Amine BERGAOUI        $apa = plugin_load('admin', 'acl');
103a4e3d556SAndreas Gohr        return $apa->deleteACL($scope, $user);
1049f8068d2SMohamed Amine BERGAOUI    }
1059f8068d2SMohamed Amine BERGAOUI}
106