xref: /dokuwiki/lib/plugins/acl/remote.php (revision 5aa905e95e0f4ee1de1d93da15dbd388e985c134) 
1<?php
2
3use dokuwiki\Remote\AccessDeniedException;
4
5/**
6 * Class remote_plugin_acl
7 */
8class remote_plugin_acl extends DokuWiki_Remote_Plugin {
9
10    /**
11     * Returns details about the remote plugin methods
12     *
13     * @return array Information about all provided methods. {@see dokuwiki\Remote\RemoteAPI}
14     */
15    public function _getMethods() {
16        return array(
17            'listAcls' => array(
18                'args' => array(),
19                'return' => 'Array of ACLs {scope, user, permission}',
20                'name' => 'listAcls',
21                'doc' => 'Get the list of all ACLs',
22            ),'addAcl' => array(
23                'args' => array('string','string','int'),
24                'return' => 'int',
25                'name' => 'addAcl',
26                'doc' => 'Adds a new ACL rule.'
27            ), 'delAcl' => array(
28                'args' => array('string','string'),
29                'return' => 'int',
30                'name' => 'delAcl',
31                'doc' => 'Delete an existing ACL rule.'
32            ),
33        );
34    }
35
36    /**
37     * List all ACL config entries
38     *
39     * @throws AccessDeniedException
40     * @return dictionary {Scope: ACL}, where ACL = dictionnary {user/group: permissions_int}
41     */
42    public function listAcls(){
43        if(!auth_isadmin()) {
44         throw new AccessDeniedException(
45             'You are not allowed to access ACLs, superuser permission is required',
46             114
47         );
48        }
49        /** @var admin_plugin_acl $apa */
50        $apa = plugin_load('admin', 'acl');
51        $apa->_init_acl_config();
52        return $apa->acl;
53    }
54
55    /**
56     * Add a new entry to ACL config
57     *
58     * @param string $scope
59     * @param string $user
60     * @param int    $level see also inc/auth.php
61     * @throws AccessDeniedException
62     * @return bool
63     */
64    public function addAcl($scope, $user, $level){
65        if(!auth_isadmin()) {
66            throw new AccessDeniedException(
67                'You are not allowed to access ACLs, superuser permission is required',
68                114
69            );
70        }
71
72        /** @var admin_plugin_acl $apa */
73        $apa = plugin_load('admin', 'acl');
74        return $apa->_acl_add($scope, $user, $level);
75    }
76
77    /**
78     * Remove an entry from ACL config
79     *
80     * @param string $scope
81     * @param string $user
82     * @throws AccessDeniedException
83     * @return bool
84     */
85    public function delAcl($scope, $user){
86        if(!auth_isadmin()) {
87            throw new AccessDeniedException(
88                'You are not allowed to access ACLs, superuser permission is required',
89                114
90            );
91        }
92
93        /** @var admin_plugin_acl $apa */
94        $apa = plugin_load('admin', 'acl');
95        return $apa->_acl_del($scope, $user);
96    }
97}
98
99