From f8cc712e2ad522d0bd56b9ba3983cd42abf664ad Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Sun, 3 Dec 2006 14:41:04 +0100
Subject: manager user/group

This patch adds support for a manager option as suggested in
http://www.freelists.org/archives/dokuwiki/11-2006/msg00314.html

darcs-hash:20061203134104-7ad00-72ff6422bbb4f79be325c7e77255e1eee32d0f6b.gz
---
 inc/auth.php | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)

(limited to 'inc/auth.php')

diff --git a/inc/auth.php b/inc/auth.php
index bedc3877e..35c2e48d3 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -241,6 +241,63 @@ function auth_logoff(){
   }
 }
 
+/**
+ * Check if a user is a manager
+ *
+ * Should usually be called without any parameters to check the current
+ * user.
+ *
+ * The info is available through $INFO['ismanager'], too
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ * @see    auth_isadmin
+ * @param  string user      - Username
+ * @param  array  groups    - List of groups the user is in
+ * @param  bool   adminonly - when true checks if user is admin
+ */
+function auth_ismanager($user=null,$groups=null,$adminonly=false){
+  global $conf;
+  global $USERINFO;
+
+  if(!$conf['useacl']) return false;
+  if(is_null($user))   $user   = $_SERVER['REMOTE_USER'];
+  if(is_null($groups)) $groups = $USERINFO['grps'];
+  $user   = auth_nameencode($user);
+
+  // check username against superuser and manager
+  if(auth_nameencode($conf['superuser']) == $user) return true;
+  if(!$adminonly){
+    if(auth_nameencode($conf['manager']) == $user) return true;
+  }
+
+  //prepend groups with @ and nameencode
+  $cnt = count($groups);
+  for($i=0; $i<$cnt; $i++){
+    $groups[$i] = '@'.auth_nameencode($groups[$i]);
+  }
+
+  // check groups against superuser and manager
+  if(in_array(auth_nameencode($conf['superuser'],true), $groups)) return true;
+  if(!$adminonly){
+    if(in_array(auth_nameencode($conf['manager'],true), $groups)) return true;
+  }
+  return false;
+}
+
+/**
+ * Check if a user is admin
+ *
+ * Alias to auth_ismanager with adminonly=true
+ *
+ * The info is available through $INFO['isadmin'], too
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ * @see auth_ismanager
+ */
+function auth_isadmin($user=null,$groups=null){
+  return auth_ismanager($user,$groups,true);
+}
+
 /**
  * Convinience function for auth_aclcheck()
  *
-- 
cgit v1.2.3