From 60bac824c1f338a6ded5a89e79434d9acbc62f0c Mon Sep 17 00:00:00 2001 From: andi Date: Wed, 16 Mar 2005 22:00:20 +0100 Subject: ACL admin finally works darcs-hash:20050316210020-9977f-56cb832616dca3ef6196e39da612fb02f9bc49f9.gz --- inc/admin_acl.php | 62 ++++++++++++++++++++++++++++++++----------------------- 1 file changed, 36 insertions(+), 26 deletions(-) (limited to 'inc') diff --git a/inc/admin_acl.php b/inc/admin_acl.php index 9732318f0..687223761 100644 --- a/inc/admin_acl.php +++ b/inc/admin_acl.php @@ -7,13 +7,18 @@ */ function admin_acl_handler(){ + global $AUTH_ACL; + $cmd = $_REQUEST['acl_cmd']; $scope = $_REQUEST['acl_scope']; $type = $_REQUEST['acl_type']; $user = $_REQUEST['acl_user']; $perm = $_REQUEST['acl_perm']; + if(is_array($perm)){ - $perm = array_pop(sort($perm)); //use the maximum + //use the maximum + sort($perm); + $perm = array_pop($perm); }else{ $perm = 0; } @@ -21,20 +26,23 @@ function admin_acl_handler(){ //sanitize $user = cleanID($user); if($type == '@') $user = '@'.$user; + $perm = (int) $perm; if($perm > AUTH_UPLOAD) $perm = AUTH_UPLOAD; //FIXME sanitize scope!!! + //nothing to do? + if(empty($cmd) || empty($scope) || empty($user)) return; - //FIXME add should delete if nessary, too - if($cmd == 'add'){ - admin_acl_add($scope, $user, $perm); //add feedback? - }elseif($cmd == 'update'){ - admin_acl_del($scope, $user, $perm); - admin_acl_add($scope, $user, $perm); + + if($cmd == 'save'){ + admin_acl_del($scope, $user); + admin_acl_add($scope, $user, $perm); }elseif($cmd == 'delete'){ - admin_acl_del($scope, $user, $perm); + admin_acl_del($scope, $user); } + // reload ACL config + $AUTH_ACL = file('conf/acl.auth'); } /** @@ -108,8 +116,6 @@ function get_acl_config($ID){ * @author Frank Schubert */ function admin_acl_add($acl_scope, $acl_user, $acl_level){ - if($acl_scope === '' || $acl_user === '' || $acl_level === '') return false; - $acl_config = join("",file('conf/acl.auth')); // max level for pagenames is edit @@ -129,14 +135,12 @@ function admin_acl_add($acl_scope, $acl_user, $acl_level){ * * @author Frank Schubert */ -function admin_acl_del($acl_scope, $acl_user, $acl_level){ - if($acl_scope === '' || $acl_user === '' || $acl_level === '') return false; - - $acl_pattern = preg_quote($acl_scope)."\s+".$acl_user."\s+".$acl_level."\n"; - +function admin_acl_del($acl_scope, $acl_user){ $acl_config = file('conf/acl.auth'); + + $acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$'; - // save all non!-matching + // save all non!-matching #FIXME invert is available from 4.2.0 only! $new_config = preg_grep("/$acl_pattern/", $acl_config, PREG_GREP_INVERT); return io_saveFile("conf/acl.auth", join("",$new_config)); @@ -158,7 +162,7 @@ function admin_acl_html(){ print parsedLocale('admin_acl'); - ptln('
'); //new @@ -240,7 +244,7 @@ function admin_acl_html_new(){ ptln('
',4); ptln(' ',4); ptln(' ',4); - ptln(' ',4); + ptln(' ',4); //scope select ptln($lang['acl_perms'],4); @@ -261,7 +265,7 @@ function admin_acl_html_new(){ ptln(' ',4); ptln('
'); - ptln( admin_acl_html_checkboxes(0,false,false),8); + ptln( admin_acl_html_checkboxes(0,false),8); ptln(' ',4); ptln('
'); @@ -303,14 +307,18 @@ function admin_acl_html_current($id,$permissions){ ptln(' '); ptln(' '); + sort($permissions); + foreach ($permissions as $conf){ //userfriendly group/user display if(substr($conf['name'],0,1)=="@"){ $group = $lang['acl_group']; $name = substr($conf['name'],1); + $type = '@'; }else{ $group = $lang['acl_user']; $name = $conf['name']; + $type = ''; } ptln('',2); @@ -321,9 +329,10 @@ function admin_acl_html_current($id,$permissions){ ptln('
',4); ptln(' ',4); ptln(' ',4); - ptln(' ',4); + ptln(' ',4); ptln(' ',4); - ptln(' ',4); + ptln(' ',4); + ptln(' ',4); ptln( admin_acl_html_checkboxes($conf['perm'],$ispage),8); ptln(' ',4); ptln('
'); @@ -340,7 +349,8 @@ function admin_acl_html_current($id,$permissions){ ptln(' ',4); ptln(' ',4); ptln(' ',4); - ptln(' ',4); + ptln(' ',4); + ptln(' ',4); ptln(' ',4); ptln(' ',4); ptln('',4); @@ -357,7 +367,7 @@ function admin_acl_html_current($id,$permissions){ * @author Frank Schubert * @author Andreas Gohr */ -function admin_acl_html_checkboxes($setperm,$ispage,$submit=false){ +function admin_acl_html_checkboxes($setperm,$ispage){ global $lang; static $label = 0; //number labels @@ -369,11 +379,11 @@ function admin_acl_html_checkboxes($setperm,$ispage,$submit=false){ //general checkbox attributes $atts = array( 'type' => 'checkbox', 'id' => 'pbox'.$label, - 'name' => 'aclperm[]', + 'name' => 'acl_perm[]', 'value' => $perm ); //dynamic attributes - if($setperm >= $perm) $atts['checked'] = 'checked'; - if($submit) $atts['onchange'] = 'submit()'; + if($setperm >= $perm) $atts['checked'] = 'checked'; +# if($perm > AUTH_READ) $atts['onchange'] = #FIXME JS to autoadd lower perms if($ispage && $perm > AUTH_EDIT) $atts['disabled'] = 'disabled'; //build code -- cgit v1.2.3