xref: /dokuwiki/lib/plugins/acl/remote.php (revision 32168a788f16735bee811b64fb18df40156c5e02) 
1<?php
2
3/**
4 * Class remote_plugin_acl
5 */
6class remote_plugin_acl extends DokuWiki_Remote_Plugin {
7
8    /**
9     * Returns details about the remote plugin methods
10     *
11     * @return array Information about all provided methods. {@see RemoteAPI}
12     */
13    public function _getMethods() {
14        return array(
15            'listAcls' => array(
16                'args' => array(),
17                'return' => 'Array of ACLs {scope, user, permission}',
18                'name' => 'listAcls',
19                'doc' => 'Get the list of all ACLs',
20            ),'addAcl' => array(
21                'args' => array('string','string','int'),
22                'return' => 'int',
23                'name' => 'addAcl',
24                'doc' => 'Adds a new ACL rule.'
25            ), 'delAcl' => array(
26                'args' => array('string','string'),
27                'return' => 'int',
28                'name' => 'delAcl',
29                'doc' => 'Delete an existing ACL rule.'
30            ),
31        );
32    }
33
34    /**
35     * List all ACL config entries
36     *
37     * @throws RemoteAccessDeniedException
38     * @return dictionary {Scope: ACL}, where ACL = dictionnary {user/group: permissions_int}
39     */
40    public function listAcls(){
41        if(!auth_isadmin()) {
42         throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114);
43        }
44        /** @var admin_plugin_acl $apa */
45        $apa = plugin_load('admin', 'acl');
46        $apa->_init_acl_config();
47        return $apa->acl;
48    }
49
50    /**
51     * Add a new entry to ACL config
52     *
53     * @param string $scope
54     * @param string $user
55     * @param int    $level see also inc/auth.php
56     * @throws RemoteAccessDeniedException
57     * @return bool
58     */
59    public function addAcl($scope, $user, $level){
60        if(!auth_isadmin()) {
61            throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114);
62        }
63
64        /** @var admin_plugin_acl $apa */
65        $apa = plugin_load('admin', 'acl');
66        return $apa->_acl_addOrUpdate($scope, $user, $level);
67    }
68
69    /**
70     * Remove an entry from ACL config
71     *
72     * @param string $scope
73     * @param string $user
74     * @throws RemoteAccessDeniedException
75     * @return bool
76     */
77    public function delAcl($scope, $user){
78        if(!auth_isadmin()) {
79            throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114);
80        }
81
82        /** @var admin_plugin_acl $apa */
83        $apa = plugin_load('admin', 'acl');
84        return $apa->_acl_del($scope, $user);
85    }
86}
87
88