summaryrefslogtreecommitdiff
path: root/lib/plugins/acl/admin.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/plugins/acl/admin.php')
-rw-r--r--lib/plugins/acl/admin.php46
1 files changed, 25 insertions, 21 deletions
diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php
index 64d6ff3ca..1197892f2 100644
--- a/lib/plugins/acl/admin.php
+++ b/lib/plugins/acl/admin.php
@@ -56,22 +56,23 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
global $ID;
global $auth;
global $config_cascade;
+ global $INPUT;
// fresh 1:1 copy without replacements
$AUTH_ACL = file($config_cascade['acl']['default']);
// namespace given?
- if($_REQUEST['ns'] == '*'){
+ if($INPUT->str('ns') == '*'){
$this->ns = '*';
}else{
- $this->ns = cleanID($_REQUEST['ns']);
+ $this->ns = cleanID($INPUT->str('ns'));
}
- if ($_REQUEST['current_ns']) {
- $this->current_item = array('id' => cleanID($_REQUEST['current_ns']), 'type' => 'd');
- } elseif ($_REQUEST['current_id']) {
- $this->current_item = array('id' => cleanID($_REQUEST['current_id']), 'type' => 'f');
+ if ($INPUT->str('current_ns')) {
+ $this->current_item = array('id' => cleanID($INPUT->str('current_ns')), 'type' => 'd');
+ } elseif ($INPUT->str('current_id')) {
+ $this->current_item = array('id' => cleanID($INPUT->str('current_id')), 'type' => 'f');
} elseif ($this->ns) {
$this->current_item = array('id' => $this->ns, 'type' => 'd');
} else {
@@ -79,24 +80,25 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
}
// user or group choosen?
- $who = trim($_REQUEST['acl_w']);
- if($_REQUEST['acl_t'] == '__g__' && $who){
+ $who = trim($INPUT->str('acl_w'));
+ if($INPUT->str('acl_t') == '__g__' && $who){
$this->who = '@'.ltrim($auth->cleanGroup($who),'@');
- }elseif($_REQUEST['acl_t'] == '__u__' && $who){
+ }elseif($INPUT->str('acl_t') == '__u__' && $who){
$this->who = ltrim($who,'@');
if($this->who != '%USER%' && $this->who != '%GROUP%'){ #keep wildcard as is
$this->who = $auth->cleanUser($this->who);
}
- }elseif($_REQUEST['acl_t'] &&
- $_REQUEST['acl_t'] != '__u__' &&
- $_REQUEST['acl_t'] != '__g__'){
- $this->who = $_REQUEST['acl_t'];
+ }elseif($INPUT->str('acl_t') &&
+ $INPUT->str('acl_t') != '__u__' &&
+ $INPUT->str('acl_t') != '__g__'){
+ $this->who = $INPUT->str('acl_t');
}elseif($who){
$this->who = $who;
}
// handle modifications
- if(isset($_REQUEST['cmd']) && checkSecurityToken()){
+ if($INPUT->has('cmd') && checkSecurityToken()){
+ $cmd = $INPUT->extract('cmd')->str('cmd');
// scope for modifications
if($this->ns){
@@ -109,19 +111,21 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
$scope = $ID;
}
- if(isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])){
+ if($cmd == 'save' && $scope && $this->who && $INPUT->has('acl')){
// handle additions or single modifications
$this->_acl_del($scope, $this->who);
- $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']);
- }elseif(isset($_REQUEST['cmd']['del']) && $scope && $this->who){
+ $this->_acl_add($scope, $this->who, $INPUT->int('acl'));
+ }elseif($cmd == 'del' && $scope && $this->who){
// handle single deletions
$this->_acl_del($scope, $this->who);
- }elseif(isset($_REQUEST['cmd']['update'])){
+ }elseif($cmd == 'update'){
+ $acl = $INPUT->arr('acl');
+
// handle update of the whole file
- foreach((array) $_REQUEST['del'] as $where => $names){
+ foreach($INPUT->arr('del') as $where => $names){
// remove all rules marked for deletion
foreach($names as $who)
- unset($_REQUEST['acl'][$where][$who]);
+ unset($acl[$where][$who]);
}
// prepare lines
$lines = array();
@@ -134,7 +138,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
}
}
// re-add all rules
- foreach((array) $_REQUEST['acl'] as $where => $opt){
+ foreach($acl as $where => $opt){
foreach($opt as $who => $perm){
if ($who[0]=='@') {
if ($who!='@ALL') {
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 10:28:47 +0000