diff options
Diffstat (limited to 'lib/plugins/acl')
| -rw-r--r-- | lib/plugins/acl/action.php | 92 | ||||
| -rw-r--r-- | lib/plugins/acl/script.js | 9 |
2 files changed, 97 insertions, 4 deletions
diff --git a/lib/plugins/acl/action.php b/lib/plugins/acl/action.php new file mode 100644 index 000000000..92a93865c --- /dev/null +++ b/lib/plugins/acl/action.php @@ -0,0 +1,92 @@ +<?php +/** + * AJAX call handler for ACL plugin + * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * @author Andreas Gohr <andi@splitbrain.org> + */ + +// must be run within Dokuwiki +if(!defined('DOKU_INC')) die(); + +/** + * Register handler + */ +class action_plugin_acl extends DokuWiki_Action_Plugin { + + /** + * Registers a callback function for a given event + * + * @param Doku_Event_Handler $controller DokuWiki's event controller object + * @return void + */ + public function register(Doku_Event_Handler &$controller) { + + $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handle_ajax_call_acl'); + + } + + /** + * AJAX call handler for ACL plugin + * + * @param Doku_Event $event event object by reference + * @param mixed $param empty + * @return void + */ + + public function handle_ajax_call_acl(Doku_Event &$event, $param) { + if ($event->data !== 'plugin_acl') { + return; + } + $event->stopPropagation(); + $event->preventDefault(); + + + //close session + session_write_close(); + + global $conf; + global $ID; + global $INPUT; + + //fix for Opera XMLHttpRequests + $postData = http_get_raw_post_data(); + if(!count($_POST) && !empty($postData)){ + parse_str($postData, $_POST); + } + + if(!auth_isadmin()) die('for admins only'); + if(!checkSecurityToken()) die('CRSF Attack'); + + $ID = getID(); + + /** @var $acl admin_plugin_acl */ + $acl = plugin_load('admin','acl'); + $acl->handle(); + + $ajax = $INPUT->str('ajax'); + header('Content-Type: text/html; charset=utf-8'); + + if($ajax == 'info'){ + $acl->_html_info(); + }elseif($ajax == 'tree'){ + + $dir = $conf['datadir']; + $ns = $INPUT->str('ns'); + if($ns == '*'){ + $ns =''; + } + $ns = cleanID($ns); + $lvl = count(explode(':',$ns)); + $ns = utf8_encodeFN(str_replace(':','/',$ns)); + + $data = $acl->_get_tree($ns,$ns); + + foreach(array_keys($data) as $item){ + $data[$item]['level'] = $lvl+1; + } + echo html_buildlist($data, 'acl', array($acl, '_html_list_acl'), + array($acl, '_html_li_acl')); + } + } +}
\ No newline at end of file diff --git a/lib/plugins/acl/script.js b/lib/plugins/acl/script.js index 0abb80d67..58598b1e0 100644 --- a/lib/plugins/acl/script.js +++ b/lib/plugins/acl/script.js @@ -25,9 +25,10 @@ var dw_acl = { var $frm = jQuery('#acl__detail form'); jQuery.post( - DOKU_BASE + 'lib/plugins/acl/ajax.php', + DOKU_BASE + 'lib/exe/ajax.php', jQuery.extend(dw_acl.parseatt($clicky.parent().find('a')[0].search), - {ajax: 'tree', + {call: 'plugin_acl', + ajax: 'tree', current_ns: $frm.find('input[name=ns]').val(), current_id: $frm.find('input[name=id]').val()}), show_sublist, @@ -64,8 +65,8 @@ var dw_acl = { .attr('role', 'alert') .html('<img src="'+DOKU_BASE+'lib/images/throbber.gif" alt="..." />') .load( - DOKU_BASE + 'lib/plugins/acl/ajax.php', - jQuery('#acl__detail form').serialize() + '&ajax=info' + DOKU_BASE + 'lib/exe/ajax.php', + jQuery('#acl__detail form').serialize() + '&call=plugin_acl&ajax=info' ); return false; }, |