diff options
author | Kazutaka Miyasaka <kazmiya@gmail.com> | 2012-11-25 21:02:32 +0900 |
---|---|---|
committer | Kazutaka Miyasaka <kazmiya@gmail.com> | 2012-11-25 21:02:32 +0900 |
commit | eb3ce0d55290dd4a60193e680aa50b46571350bd (patch) | |
tree | d56fb1a469918b76d8e4e2462d5db3ca75c616b1 /inc | |
parent | b7183bb542c52e0826a76346fd9005da965a9ac5 (diff) | |
download | rpg-eb3ce0d55290dd4a60193e680aa50b46571350bd.tar.gz rpg-eb3ce0d55290dd4a60193e680aa50b46571350bd.tar.bz2 |
Fix case-insensitive match in ACL checking
ACL checking of DokuWiki is currently always case-sensitive
regardless of auth backend setting ($auth->isCaseSensitive).
This commit enables case-insensitive match in the same way
of auth_isMember().
Diffstat (limited to 'inc')
-rw-r--r-- | inc/auth.php | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/inc/auth.php b/inc/auth.php index 1c8a8f5f5..9c458338d 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -535,9 +535,10 @@ function auth_aclcheck($id, $user, $groups) { return AUTH_ADMIN; } - $ci = ''; - if(!$auth->isCaseSensitive()) $ci = 'ui'; - + if(!$auth->isCaseSensitive()) { + $user = utf8_strtolower($user); + $groups = array_map('utf8_strtolower', $groups); + } $user = $auth->cleanUser($user); $groups = array_map(array($auth, 'cleanGroup'), (array) $groups); $user = auth_nameencode($user); @@ -561,11 +562,14 @@ function auth_aclcheck($id, $user, $groups) { } //check exact match first - $matches = preg_grep('/^'.preg_quote($id, '/').'\s+(\S+)\s+/'.$ci, $AUTH_ACL); + $matches = preg_grep('/^'.preg_quote($id, '/').'\s+(\S+)\s+/u', $AUTH_ACL); if(count($matches)) { foreach($matches as $match) { $match = preg_replace('/#.*$/', '', $match); //ignore comments $acl = preg_split('/\s+/', $match); + if(!$auth->isCaseSensitive() && $acl[1] !== '@ALL') { + $acl[1] = utf8_strtolower($acl[1]); + } if(!in_array($acl[1], $groups)) { continue; } @@ -588,11 +592,14 @@ function auth_aclcheck($id, $user, $groups) { } do { - $matches = preg_grep('/^'.preg_quote($path, '/').'\s+(\S+)\s+/'.$ci, $AUTH_ACL); + $matches = preg_grep('/^'.preg_quote($path, '/').'\s+(\S+)\s+/u', $AUTH_ACL); if(count($matches)) { foreach($matches as $match) { $match = preg_replace('/#.*$/', '', $match); //ignore comments $acl = preg_split('/\s+/', $match); + if(!$auth->isCaseSensitive() && $acl[1] !== '@ALL') { + $acl[1] = utf8_strtolower($acl[1]); + } if(!in_array($acl[1], $groups)) { continue; } |