diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2013-08-03 08:44:03 -0700 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2013-08-03 08:44:03 -0700 |
| commit | 2ab4be2bed1b819f88d02a2ff2e352432bb13fd7 (patch) | |
| tree | 9929d38da3311570fb9a0787e2961ff4f9d6e75d | |
| parent | 0a57f27ea5c1a6d54627f6af15c516f18f44b229 (diff) | |
| parent | 041a602de97e0bb0e06b7a5a92564e6aadbfa81a (diff) | |
| download | rpg-2ab4be2bed1b819f88d02a2ff2e352432bb13fd7.tar.gz rpg-2ab4be2bed1b819f88d02a2ff2e352432bb13fd7.tar.bz2 | |
Merge pull request #261 from splitbrain/acl_tokensubstitution_fixes
Acl tokensubstitution fixes
| -rw-r--r-- | inc/auth.php | 14 | ||||
| -rw-r--r-- | lib/plugins/acl/admin.php | 2 |
2 files changed, 12 insertions, 4 deletions
diff --git a/inc/auth.php b/inc/auth.php index be6b7ebbe..1c0bf5b4f 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -136,22 +136,30 @@ function auth_loadACL() { $acl = file($config_cascade['acl']['default']); - //support user wildcard $out = array(); foreach($acl as $line) { $line = trim($line); if($line{0} == '#') continue; list($id,$rest) = preg_split('/\s+/',$line,2); + // substitue user wildcard first (its 1:1) + if(strstr($line, '%USER%')){ + // if user is not logged in, this ACL line is meaningless - skip it + if (!isset($_SERVER['REMOTE_USER'])) continue; + + $id = str_replace('%USER%',cleanID($_SERVER['REMOTE_USER']),$id); + $rest = str_replace('%USER%',auth_nameencode($_SERVER['REMOTE_USER']),$rest); + } + + // substitute group wildcard (its 1:m) if(strstr($line, '%GROUP%')){ + // if user is not logged in, grps is empty, no output will be added (i.e. skipped) foreach((array) $USERINFO['grps'] as $grp){ $nid = str_replace('%GROUP%',cleanID($grp),$id); $nrest = str_replace('%GROUP%','@'.auth_nameencode($grp),$rest); $out[] = "$nid\t$nrest"; } } else { - $id = str_replace('%USER%',cleanID($_SERVER['REMOTE_USER']),$id); - $rest = str_replace('%USER%',auth_nameencode($_SERVER['REMOTE_USER']),$rest); $out[] = "$id\t$rest"; } } diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php index 0d9cd742a..50377da81 100644 --- a/lib/plugins/acl/admin.php +++ b/lib/plugins/acl/admin.php @@ -724,7 +724,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin { static $label = 0; //number labels $ret = ''; - if($ispage && $setperm > AUTH_EDIT) $perm = AUTH_EDIT; + if($ispage && $setperm > AUTH_EDIT) $setperm = AUTH_EDIT; foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ $label += 1; |