diff options
Diffstat (limited to 'inc')
| -rw-r--r-- | inc/auth.php | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/inc/auth.php b/inc/auth.php index d0f21c825..fbdb2b439 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -123,19 +123,27 @@ function auth_setup() { */ function auth_loadACL() { global $config_cascade; + global $USERINFO; if(!is_readable($config_cascade['acl']['default'])) return array(); $acl = file($config_cascade['acl']['default']); //support user wildcard - if(isset($_SERVER['REMOTE_USER'])) { + if(isset($_SERVER['REMOTE_USER'])){ $len = count($acl); for($i = 0; $i < $len; $i++) { if($acl[$i]{0} == '#') continue; - list($id, $rest) = preg_split('/\s+/', $acl[$i], 2); - $id = str_replace('%USER%', cleanID($_SERVER['REMOTE_USER']), $id); - $rest = str_replace('%USER%', auth_nameencode($_SERVER['REMOTE_USER']), $rest); + list($id,$rest) = preg_split('/\s+/',$acl[$i],2); + if(strstr($acl[$i], '%GROUP%')){ + foreach($USERINFO['grps'] as $grp){ + $nid = str_replace('%GROUP%',cleanID($grp),$id); + $nrest = str_replace('%GROUP%',auth_nameencode($grp),$rest); + $acl[] = "$nid\t$nrest"; + } + } + $id = str_replace('%USER%',cleanID($_SERVER['REMOTE_USER']),$id); + $rest = str_replace('%USER%',auth_nameencode($_SERVER['REMOTE_USER']),$rest); $acl[$i] = "$id\t$rest"; } } @@ -632,6 +640,7 @@ function auth_nameencode($name, $skip_group = false) { // never encode wildcard FS#1955 if($name == '%USER%') return $name; + if($name == '%GROUP%') return $name; if(!isset($cache[$name][$skip_group])) { if($skip_group && $name{0} == '@') { |