Major changes to ACL function
Only writing to ACL file when needed instead of rewriting every rules each time and cleaning duplicate lines
This commit is contained in:
Simon DELAGE
parent
7fb70b83e2
commit
7410099319
87
action.php
87
action.php
|
|
@ -116,7 +116,10 @@ class action_plugin_userhomepage extends DokuWiki_Action_Plugin{
|
|||
|
||||
function acl(&$event, $param) {
|
||||
global $conf;
|
||||
|
||||
if ((!$this->getConf('no_acl')) && ($conf['useacl'])) {
|
||||
$existingLines = file(DOKU_CONF.'acl.auth.php');
|
||||
$newLines = array();
|
||||
// ACL
|
||||
$acl = new admin_plugin_acl();
|
||||
// On private namespace
|
||||
|
|
@ -124,25 +127,37 @@ class action_plugin_userhomepage extends DokuWiki_Action_Plugin{
|
|||
// For known users
|
||||
// If use_name_string or group_by_name is enabled, we can't use ACL wildcards so let's create ACL for current user on his private ns
|
||||
if (($this->getConf('use_name_string')) or ($this->getConf('group_by_name'))) {
|
||||
$ns = $this->private_ns.':*';
|
||||
if ($_SERVER['REMOTE_USER'] != null) $acl->_acl_add($ns, strtolower($_SERVER['REMOTE_USER']), AUTH_DELETE);
|
||||
$where = $this->private_ns.':*';
|
||||
$who = strtolower($_SERVER['REMOTE_USER']);
|
||||
// Otherwise we can set ACL for all known users at once
|
||||
} else {
|
||||
$acl->_acl_add(cleanID($this->getConf('users_namespace')).':%USER%:*', '%USER%', AUTH_DELETE);
|
||||
$where = cleanID($this->getConf('users_namespace')).':%USER%:*';
|
||||
$who = '%USER%';
|
||||
}
|
||||
$perm = AUTH_DELETE;
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
// For @ALL
|
||||
if ($this->getConf('acl_all_private') != 'noacl') {
|
||||
$acl->_acl_add(cleanID($this->getConf('users_namespace')).':*', '@ALL', (int)$this->getConf('acl_all_private'));
|
||||
$where = cleanID($this->getConf('users_namespace')).':*';
|
||||
$who = '@ALL';
|
||||
$perm = (int)$this->getConf('acl_all_private');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
}
|
||||
// For @user
|
||||
if (($this->getConf('acl_user_private') != 'noacl') && ($this->getConf('acl_user_private') !== $this->getConf('acl_all_private'))) {
|
||||
$acl->_acl_add(cleanID($this->getConf('users_namespace')).':*', '@user', (int)$this->getConf('acl_user_private'));
|
||||
$where = cleanID($this->getConf('users_namespace')).':*';
|
||||
$who = '@user';
|
||||
$perm = (int)$this->getConf('acl_user_private');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
}
|
||||
} // end of private namespaces acl
|
||||
// On public user pages
|
||||
if ($this->getConf('create_public_page')) {
|
||||
// For known users
|
||||
$acl->_acl_add(cleanID($this->getConf('public_pages_ns')).':%USER%', '%USER%', AUTH_EDIT);
|
||||
$where = cleanID($this->getConf('public_pages_ns')).':%USER%';
|
||||
$who = '%USER%';
|
||||
$perm = AUTH_EDIT;
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
// For others
|
||||
if ($this->getConf('acl_all_public') != 'noacl') {
|
||||
// If both private and public namespaces are identical, we need to force rights for @ALL and/or @user on each public page
|
||||
|
|
@ -154,11 +169,17 @@ class action_plugin_userhomepage extends DokuWiki_Action_Plugin{
|
|||
if (strpos($file, 'userhomepage_p') !== 0) {
|
||||
// @ALL
|
||||
if ($this->getConf('acl_all_public') != 'noacl') {
|
||||
$acl->_acl_add($this->getConf('public_pages_ns').':'.substr($file, 0, -4), '@ALL', $this->getConf('acl_all_public'));
|
||||
$where = $this->getConf('public_pages_ns').':'.substr($file, 0, -4);
|
||||
$who = '@ALL';
|
||||
$perm = $this->getConf('acl_all_public');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
}
|
||||
// @user
|
||||
if ($this->getConf('acl_user_public') != 'noacl') {
|
||||
$acl->_acl_add($this->getConf('public_pages_ns').':'.substr($file, 0, -4), '@user', $this->getConf('acl_user_public'));
|
||||
$where = $this->getConf('public_pages_ns').':'.substr($file, 0, -4);
|
||||
$who = '@user';
|
||||
$perm = $this->getConf('acl_user_public');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -167,11 +188,17 @@ class action_plugin_userhomepage extends DokuWiki_Action_Plugin{
|
|||
} else {
|
||||
// @ALL
|
||||
if ($this->getConf('acl_all_public') != 'noacl') {
|
||||
$acl->_acl_add(cleanID($this->getConf('public_pages_ns')).':*', '@ALL', $this->getConf('acl_all_public'));
|
||||
$where = cleanID($this->getConf('public_pages_ns')).':*';
|
||||
$who = '@ALL';
|
||||
$perm = $this->getConf('acl_all_public');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
}
|
||||
// @user
|
||||
if ($this->getConf('acl_user_public') != 'noacl') {
|
||||
$acl->_acl_add(cleanID($this->getConf('public_pages_ns')).':*', '@user', $this->getConf('acl_user_public'));
|
||||
$where = cleanID($this->getConf('public_pages_ns')).':*';
|
||||
$who = '@user';
|
||||
$perm = $this->getConf('acl_user_public');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -180,22 +207,40 @@ class action_plugin_userhomepage extends DokuWiki_Action_Plugin{
|
|||
if (strpos($this->getConf('templates_path'),'data/pages') !== false) {
|
||||
// For @ALL
|
||||
if (($this->getConf('acl_all_templates') != 'noacl') && (($this->getConf('create_private_ns')) or ($this->getConf('create_public_page')))) {
|
||||
$acl->_acl_add(end(explode('/',$this->getConf('templates_path'))).':userhomepage_private', '@ALL', (int)$this->getConf('acl_all_templates'));
|
||||
$acl->_acl_add(end(explode('/',$this->getConf('templates_path'))).':userhomepage_public', '@ALL', (int)$this->getConf('acl_all_templates'));
|
||||
$where = end(explode('/',$this->getConf('templates_path'))).':userhomepage_private';
|
||||
$who = '@ALL';
|
||||
$perm = (int)$this->getConf('acl_all_templates');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
$where = end(explode('/',$this->getConf('templates_path'))).':userhomepage_public';
|
||||
$who = '@ALL';
|
||||
$perm = (int)$this->getConf('acl_all_templates');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
}
|
||||
// For @user
|
||||
if (($this->getConf('acl_user_templates') != 'noacl') && ($this->getConf('acl_user_templates') !== $this->getConf('acl_all_templates')) && (($this->getConf('create_private_ns')) or ($this->getConf('create_public_page')))) {
|
||||
$acl->_acl_add(end(explode('/',$this->getConf('templates_path'))).':userhomepage_private', '@user', (int)$this->getConf('acl_user_templates'));
|
||||
$acl->_acl_add(end(explode('/',$this->getConf('templates_path'))).':userhomepage_public', '@user', (int)$this->getConf('acl_user_templates'));
|
||||
$where = end(explode('/',$this->getConf('templates_path'))).':userhomepage_private';
|
||||
$who = '@user';
|
||||
$perm = (int)$this->getConf('acl_user_templates');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
$where = end(explode('/',$this->getConf('templates_path'))).':userhomepage_public';
|
||||
$who = '@user';
|
||||
$perm = (int)$this->getConf('acl_user_templates');
|
||||
if (!in_array("$where\t$who\t$perm\n", $existingLines)) { $newLines[] = array('where' => $where, 'who' => $who, 'perm' => $perm); }
|
||||
}
|
||||
} // end of templates acl
|
||||
// Cleaning duplicated lines in acl
|
||||
$lines = file(DOKU_CONF.'acl.auth.php');
|
||||
// And only keep unique lines (OK, we loose an empty comment line...)
|
||||
$lines = array_unique($lines);
|
||||
// Write things back to conf/acl.auth.php
|
||||
// file_put_contents(DOKU_CONF.'acl.auth.php', implode($lines));
|
||||
io_saveFile(DOKU_CONF.'acl.auth.php', join('',$lines));
|
||||
$i = count($newLines);
|
||||
if ($i > 0) {
|
||||
msg("Userhomepage: adding or updating ".$i." ACL rules.",1);
|
||||
foreach($newLines as $line) {
|
||||
if (($line['where'] != null) && ($line['who'] != null)) {
|
||||
// delete potential ACL rule with same scope (aka 'where') and same user (aka 'who')
|
||||
$acl->_acl_del($line['where'], $line['who']);
|
||||
$acl->_acl_add($line['where'], $line['who'], $line['perm']);
|
||||
}
|
||||
}
|
||||
// } else {
|
||||
// msg("Userhomepage has no ACL rules to update or add.",0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
base userhomepage
|
||||
author Simon Delage
|
||||
email simon.geekitude@gmail.com
|
||||
date 2015-01-20
|
||||
date 2015-02-01
|
||||
name User Homepage
|
||||
desc Automatically create user's private namespace and/or public page and redirects users to private namespace on login.
|
||||
url https://www.dokuwiki.org/plugin:userhomepage
|
||||
|
|
|
|||
Loading…
Reference in a new issue