diff options
| author | Christopher Smith <chris@jalakai.co.uk> | 2013-10-21 18:54:34 +0100 |
|---|---|---|
| committer | Christopher Smith <chris@jalakai.co.uk> | 2013-10-21 18:54:34 +0100 |
| commit | fa457f5d82989812f1961cb9643c0b55824ba0b3 (patch) | |
| tree | ea4e6325a9a9d760f6603758449a70ac50cc052d /lib/plugins/acl/action.php | |
| parent | 4b94edc8e8badb6bcdc25b41f73310a8e323ba92 (diff) | |
| parent | 7951a37379700f564a20c882a920086b49c473c8 (diff) | |
| download | rpg-fa457f5d82989812f1961cb9643c0b55824ba0b3.tar.gz rpg-fa457f5d82989812f1961cb9643c0b55824ba0b3.tar.bz2 | |
Merge branch 'master' into FS#2867
Diffstat (limited to 'lib/plugins/acl/action.php')
| -rw-r--r-- | lib/plugins/acl/action.php | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/lib/plugins/acl/action.php b/lib/plugins/acl/action.php new file mode 100644 index 000000000..5e186fb61 --- /dev/null +++ b/lib/plugins/acl/action.php @@ -0,0 +1,88 @@ +<?php +/** + * AJAX call handler for ACL plugin + * + * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) + * @author Andreas Gohr <andi@splitbrain.org> + */ + +// must be run within Dokuwiki +if(!defined('DOKU_INC')) die(); + +/** + * Register handler + */ +class action_plugin_acl extends DokuWiki_Action_Plugin { + + /** + * Registers a callback function for a given event + * + * @param Doku_Event_Handler $controller DokuWiki's event controller object + * @return void + */ + public function register(Doku_Event_Handler &$controller) { + + $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handle_ajax_call_acl'); + + } + + /** + * AJAX call handler for ACL plugin + * + * @param Doku_Event $event event object by reference + * @param mixed $param empty + * @return void + */ + + public function handle_ajax_call_acl(Doku_Event &$event, $param) { + if($event->data !== 'plugin_acl') { + return; + } + $event->stopPropagation(); + $event->preventDefault(); + + global $ID; + global $INPUT; + + if(!auth_isadmin()) { + echo 'for admins only'; + return; + } + if(!checkSecurityToken()) { + echo 'CRSF Attack'; + return; + } + + $ID = getID(); + + /** @var $acl admin_plugin_acl */ + $acl = plugin_load('admin', 'acl'); + $acl->handle(); + + $ajax = $INPUT->str('ajax'); + header('Content-Type: text/html; charset=utf-8'); + + if($ajax == 'info') { + $acl->_html_info(); + } elseif($ajax == 'tree') { + + $ns = $INPUT->str('ns'); + if($ns == '*') { + $ns = ''; + } + $ns = cleanID($ns); + $lvl = count(explode(':', $ns)); + $ns = utf8_encodeFN(str_replace(':', '/', $ns)); + + $data = $acl->_get_tree($ns, $ns); + + foreach(array_keys($data) as $item) { + $data[$item]['level'] = $lvl + 1; + } + echo html_buildlist( + $data, 'acl', array($acl, '_html_list_acl'), + array($acl, '_html_li_acl') + ); + } + } +} |