diff options
Diffstat (limited to 'inc/auth.php')
| -rw-r--r-- | inc/auth.php | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/inc/auth.php b/inc/auth.php index d0f21c825..cedfdee36 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -123,23 +123,33 @@ function auth_setup() { */ function auth_loadACL() { global $config_cascade; + global $USERINFO; if(!is_readable($config_cascade['acl']['default'])) return array(); $acl = file($config_cascade['acl']['default']); //support user wildcard - if(isset($_SERVER['REMOTE_USER'])) { - $len = count($acl); - for($i = 0; $i < $len; $i++) { - if($acl[$i]{0} == '#') continue; - list($id, $rest) = preg_split('/\s+/', $acl[$i], 2); - $id = str_replace('%USER%', cleanID($_SERVER['REMOTE_USER']), $id); - $rest = str_replace('%USER%', auth_nameencode($_SERVER['REMOTE_USER']), $rest); - $acl[$i] = "$id\t$rest"; + $out = array(); + foreach($acl as $line) { + $line = trim($line); + if($line{0} == '#') continue; + list($id,$rest) = preg_split('/\s+/',$line,2); + + if(strstr($line, '%GROUP%')){ + foreach((array) $USERINFO['grps'] as $grp){ + $nid = str_replace('%GROUP%',cleanID($grp),$id); + $nrest = str_replace('%GROUP%','@'.auth_nameencode($grp),$rest); + $out[] = "$nid\t$nrest"; + } + } else { + $id = str_replace('%USER%',cleanID($_SERVER['REMOTE_USER']),$id); + $rest = str_replace('%USER%',auth_nameencode($_SERVER['REMOTE_USER']),$rest); + $out[] = "$id\t$rest"; } } - return $acl; + + return $out; } /** @@ -632,6 +642,7 @@ function auth_nameencode($name, $skip_group = false) { // never encode wildcard FS#1955 if($name == '%USER%') return $name; + if($name == '%GROUP%') return $name; if(!isset($cache[$name][$skip_group])) { if($skip_group && $name{0} == '@') { |