[wikifarm.git] / install / cookbook / xorgauth.php

<?php

$AuthFunction = 'XorgAuth';
$HandleActions['attr'] = 'XorgAuthHandleAttr';
$HandleActions['postattr'] = 'XorgAuthHandlePostAttr';
$HandleActions['connect'] = 'XorgAuthConnectPlatal';

if (isset($_POST['action']) && isset($_GET['action'])) {
    $action = $_REQUEST['action'] = $_GET['action'] = $_POST['action'];
}

Markup('grpattributes','inline','/\\(:groupattributes:\\)/e',"Keep(XorgAuthGroupAttributes())");

require_once("$FarmD/cookbook/autocreate.php");
AutoCreatePage('$Group.GroupAttributes', '(:groupattributes:)');

$HTMLHeaderFmt['xorg'] = '<script type="text/javascript" src="http://www.polytechnique.org/javascript/xorg.js"></script>';
$HTMLHeaderFmt['xorgcustomauth'] = '<script type="text/javascript">
  function AddCustomAuth(f){
    if (f.value == \'...\')
    {
      var newval =prompt(\'S�pare les diff�rents autorisations par des espaces\\n\\tx,membre ou admin\\n\\tprenom.nom.promo d\\\'une personne\\n\\tle num�ro d\\\'une promo\\nPar exemple pour autoriser les membres et Pascal Corpet :\\n\\tmembre pascal.corpet.2001\');
      f.value = newval;
      if (f.value != newval && newval)
      {
        var op = document.createElement(\'option\');
        op.appendChild(document.createTextNode(newval));
        f.insertBefore(op,f.childNodes[f.childNodes.length-1]);
        f.value = newval;
      }
    }
  }
  </script>';

Markup('[[~|','<[[~','/\\[\\[~(.*?)\|(.*?)\\]\\]/e',"Keep('<a href=\"http://www.polytechnique.org/profile/$1\" class=\"popup2\">$2</a>')");

Markup('xorgpage','inline','/\\(:xorgpage\\s*(.*?):\\)/e', "Keep('<iframe style=\"width:100%;height:400px;border:none\" src=\"http://www.polytechnique.org/$1\"></iframe>')");
Markup('xnetpage','inline','/\\(:xnetpage\\s*(.*?):\\)/e', "XnetPage('$1')");
function XnetPage($page) {
  global $XnetWikiGroup;
  if (!$XnetWikiGroup) return;
  return Keep('<iframe style="width:100%;height:400px;border:none" src="http://www.polytechnique.net/'.($_SESSION['xorgauth']?'login/':'').$XnetWikiGroup.'/'.$page.'"></iframe>');
}

// R�cup�re les droits au niveau du dossier (Group PmWiki)
function XorgAuthGetGroupAuth($pagename,$since) {
	global $GroupPasswords;
 	if (!isset($GroupPasswords)) {
 		$GroupPasswords = array();
 	}
 	$group = substr($pagename, 0, strpos($pagename, '.'));
 	if (!isset($GroupPasswords[$group])) {
 		$GroupPasswords[$group] = ReadPage($group.'.GroupAttributes', $since);
	}
	return $GroupPasswords[$group];
}

// essaie de se connecter via xorg
function XorgAuthConnectPlatal() {
  $privkey = '6e9c9fa9bac23541fe67697c4eff5be6';
	global $XnetWikiGroup;
	$returl = 'http://'.$_SERVER['SERVER_NAME'].str_replace('action=connect', '', $_SERVER['REQUEST_URI']);
	if (isset($_REQUEST['oldaction'])) {
		$returl .= '&action='.$_REQUEST['oldaction'];
	}
	@session_destroy();
	session_start();
 	$challenge = md5(rand());
	$_SESSION['challenge'] = $challenge; 
	$_SESSION['authsite'] = $XnetWikiGroup;
 	$url = "https://www.polytechnique.org/auth-groupex.php";
 	$url .= "?session=".session_id();
 	$url .= "&challenge=".$challenge;
 	$url .= "&pass=".md5($challenge.$privkey);
 	$returl .= "&challenge=".$challenge;
 	$url .= "&url=".urlencode($returl);
 	if ($XnetWikiGroup) {
 		$url .= "&group=".$XnetWikiGroup;
	}
 	header('Location: '.$url);
	exit();
}


 // comes back from auth
 @session_start();
 if (isset($_GET['auth']) && !$_SESSION['xorgauth'] && $_SESSION['challenge']) {
	$tohash = '1'.$_SESSION['challenge'].'6e9c9fa9bac23541fe67697c4eff5be6';
	$fields = explode(',','forlife,nom,prenom,promo,grpauth,perms');
	foreach ($fields as $f) if (isset($_GET[$f])) {
		$tohash .= $_GET[$f];
	}
	$tohash .= '1';
	if ($_GET['auth'] == md5($tohash)) {
		$_SESSION['xorgauth'] = 1;
		foreach ($fields as $f) if (isset($_GET[$f])) {
			$_SESSION[$f] = $_GET[$f];
		}
	} else {
		$_SESSION['xorgauth'] = 0;
	}
 }
 if (isset($_SESSION['forlife']) && $_SESSION['forlife']) {
  $AuthId = $_SESSION['forlife'];
  $Author = $_SESSION['forlife'].' | '.$_SESSION['prenom'].' '.$_SESSION['nom'];
 }
$Conditions['connected'] = 'isset($_SESSION["xorgauth"])';

function XorgAuthTestPassword($password) {
  if (!$password) {
    return true;
  }
  if ($_SESSION['perms'] == 'admin') {
	// administrateur du site d'authentification et donc super user ici aussi
	return true;
  }
  $parts = explode(' ',$password);
  foreach ($parts as $pass) {
  	if ($pass == 'all' || $pass == 'public') {
  	 return true;
    }
    if ($pass == 'x' && $_SESSION['xorgauth']) {
    	return true;
    }
    if ($_SESSION['grpauth'] && $pass == $_SESSION['grpauth']) {
    	return true;
    }
    if ($_SESSION['forlife'] && $pass == $_SESSION['forlife']) {
    	return true;
    }
    if ($_SESSION['promo'] && $pass == $_SESSION['promo']) {
    	return true;
    }
  }
  return false;
}

// test if user has admin rights on this wiki field
function XorgAuthIsSiteAdmin() {
  global $DefaultPasswords;
  return XorgAuthTestPassword($DefaultPasswords['admin']);
}

// fonction d'authentification : appell�e avant tout acc�s � une page
function XorgAuth($pagename, $level, $authprompt, $since) {
 global $XnetWikiGroup;
  // user was authenticaed to another site, but the site has changed
  if (isset($_SESSION['authsite']) && $XnetWikiGroup != $_SESSION['authsite']) {
    XorgAuthConnectPlatal();
   	return false;
  }
 $group = substr($pagename, 0, strpos($pagename, '.'));
 $page = ReadPage($pagename, $since);
 if (!$page) { return false; }
 if (XorgAuthIsSiteAdmin()) { return $page; }
 global $AuthCascade, $DefaultPasswords, $GroupPasswords;
 $password = "";
 do
 {
 	if (isset($page["passwd".$level])) {
	 	$password = $page["passwd".$level];
 	}
 	if (!$password) {
 		$gpAuth = XorgAuthGetGroupAuth($pagename,$since);
 		if (isset($gpAuth["passwd".$level])) {
 			$password = $gpAuth["passwd".$level];
 		}
 	}
 	if (!$password) {
 		if (isset($DefaultPasswords[$level])) {
 			$password = $DefaultPasswords[$level];
 		}
 	}
 } while (!$password && isset($AuthCascade[$level]) && $level = $AuthCascade[$level]);
 if (XorgAuthTestPassword($password)) {
 	return $page;
 }
 if (!$authprompt) {
 	return false;
}
 global $AuthPromptFmt, $PageStartFmt, $PageEndFmt;
  $postvars = '';
  foreach($_POST as $k=>$v) {
    if ($k == 'authpw' || $k == 'authid') continue;
    $v = str_replace('$', '&#036;', 
             htmlspecialchars(stripmagic($v), ENT_COMPAT));
    $postvars .= "<input type='hidden' name='$k' value=\"$v\" />\n";
  }
  $FmtV['action'] = $_REQUEST['action'];
  SDV($AuthPromptFmt, array(&$PageStartFmt, "page:Site.AuthForm", &$PageEndFmt));
 PrintFmt($pagename,$AuthPromptFmt);
 exit;
}
$XorgAuthLevels = array('read' => 'lecture','edit' => 'modification','attr' => 'administration');

function XorgAuthUsers() {
	global $XnetWikiGroup;
	if ($XnetWikiGroup) {
		return array('public' => 'tout le monde','x' => 'les X', 'membre' => 'membres du groupe', 'admin' => 'admins du groupe');
	} else {
		return array('public' => 'tout le monde','x' => 'les X', 'admin' => 'admins X.org');
	}
}

function XorgAuthPermissions($pagename) {
	global $XnetWikiGroup,$DefaultPasswords,$XorgAuthLevels;
	$XorgAuthUsers = XorgAuthUsers();
	$group = substr($pagename, 0, strpos($pagename, '.'));
	if ($pagename != $group.'.GroupAttributes')
		$groupAttr = XorgAuthGetGroupAuth($pagename, 0); 
	$page = ReadPage($pagename, 0);
	$attrshtml = '';
	foreach ($XorgAuthLevels as $level => $action) {
		$html = $action.' : <select name="passwd'.$level.'" onchange="AddCustomAuth(this)">';
		if (isset($groupAttr['passwd'.$level]) && $groupAttr['passwd'.$level]) {
			$text = 'comme le dossier ('.$XorgAuthUsers[$groupAttr['passwd'.$level]].')';
		} else {
			$text = 'comme le site ('.$XorgAuthUsers[$DefaultPasswords[$level]].')';
		}
		$htmloptions = '<option value="">'.$text.'</option>';
		foreach ($XorgAuthUsers as $passwd => $user) {
			$htmloptions .= '<option value="'.$passwd.'">'.$user.'</option>';
		}
		$htmloptionsselected = str_replace(' value="'.$page['passwd'.$level].'"', ' value="'.$page['passwd'.$level].'" selected="selected"', $htmloptions);
		$html .= $htmloptionsselected;
		if ($htmloptionsselected == $htmloptions) {
		  $html .= '<option value="'.$page['passwd'.$level].'" selected="selected">'.$page['passwd'.$level].'</option>';
    }
    $html .= '<option value="...">...</option>';
		$html .= '</select> ';
		if ($attrshtml) {
			$attrshtml .= ' - ';
		}

		$attrshtml .= $html;
	}
	return '<form action="?action=postattr" method="post">'.$attrshtml.'<input type="submit" value="ok"/></form>';
}

function XorgAuthHandleAttr($pagename, $auth = 'attr') {
  $page = RetrieveAuthPage($pagename, $auth, true);
  global $PageAttrFmt, $PageStartFmt, $PageEndFmt;
  SDV($PageAttrFmt,"<div class='wikiattr'>
    <h2 class='wikiaction'>$[{\$FullName} Attributes]</h2>
    <p>".XorgAuthPermissions($pagename)."</p></div>");
  SDV($HandleAttrFmt,array(&$PageStartFmt,&$PageAttrFmt,&$PageEndFmt));
  PrintFmt($pagename,$HandleAttrFmt);
}

function XorgAuthHandlePostAttr($pagename, $auth = 'attr') {
  global $XorgAuthLevels, $HandleActions;
  Lock(2);
  $page = RetrieveAuthPage($pagename, $auth, true);
  if (!$page) { Abort("?unable to read $pagename"); }
  foreach($XorgAuthLevels as $attr=>$p) {
    $v = stripmagic(@$_REQUEST['passwd'.$attr]);
    if ($v=='') unset($page['passwd'.$attr]);
    else if ($v != '...') $page['passwd'.$attr] = $v;
  }
  WritePage($pagename,$page);
  Lock(0);
  Redirect($pagename);
}

function XorgAuthGroupAttributes() {
	global $XnetWikiGroup,$DefaultPasswords,$XorgAuthLevels;
	$XorgAuthUsers = XorgAuthUsers();
  global $pagename, $WikiDir;
  if (substr($pagename, strpos($pagename, '.') + 1) != 'GroupAttributes') {
    return "";
  }
  if (!XorgAuth($pagename, 'attr', true,0)) {
    return "";
  }
  if (isset($_REQUEST['page']) && isset($_REQUEST['user']) && isset($_REQUEST['attr'])) {
    Lock(2);
    $page = RetrieveAuthPage(stripmagic(@$_REQUEST['page']), 'attr', true);
    if ($page && isset($XorgAuthLevels[stripmagic(@$_REQUEST['attr'])]) && (isset($XorgAuthUsers[stripmagic(@$_REQUEST['user'])]) || !$_REQUEST['user'])) {
      $page['passwd'.stripmagic(@$_REQUEST['attr'])] = stripmagic(@$_REQUEST['user']);
      if ($_REQUEST['user'] == "") {
        unset($page['passwd'.stripmagic(@$_REQUEST['attr'])]);
      }
      WritePage(stripmagic(@$_REQUEST['page']),$page);
    }
    Lock(0);
  }
  $html = '<table>';
  $html .= '<tr><td></td>';
	foreach ($XorgAuthLevels as $level => $action) {
    $html .= '<th>'.$action.'</th>';
  }
  $html .= '</tr>';
  $group = substr($pagename, 0,  strpos($pagename, '.'));
  $pages = $WikiDir->ls($group.'.*');
	$groupAttr = XorgAuthGetGroupAuth($pagename, 0); 
  foreach($pages as $p) if ($p != $pagename) {
  	$html .= '<tr>';
  	$page = ReadPage($p, 0);
  	$html .= '<th>'.substr($p,strpos($p,'.')+1).'</th>';
  	foreach ($XorgAuthLevels as $level => $action) {
  		$html .= '<td><select name="passwd'.$level.'" onchange="AddCustomAuth(this);document.location=\'?page='.$p.'&attr='.$level.'&user=\'+this.value">';
  		if (isset($groupAttr['passwd'.$level]) && $groupAttr['passwd'.$level]) {
  		  $textedossier = $groupAttr['passwd'.$level];
  		  if (isset($XorgAuthUsers[$textedossier])) {
  		    $textedossier = $XorgAuthUsers[$textedossier];
        }
  			$text = 'comme le dossier ('.$textedossier.')';
  		} else {
  			$text = 'comme le site ('.$XorgAuthUsers[$DefaultPasswords[$level]].')';
  		}
  		$htmloptions = '<option value="">'.$text.'</option>';
  		foreach ($XorgAuthUsers as $passwd => $user) {
  			$htmloptions .= '<option value="'.$passwd.'">'.$user.'</option>';
  		}
  		$htmloptionsselected = str_replace(' value="'.$page['passwd'.$level].'"', ' value="'.$page['passwd'.$level].'" selected="selected"', $htmloptions);
  		$html .= $htmloptionsselected;
  		if ($htmloptionsselected == $htmloptions) {
  		  $html .= '<option value="'.$page['passwd'.$level].'" selected="selected">'.$page['passwd'.$level].'</option>';
      }
  		$html .= '<option value="...">...</option></select></td>';
  	}
  	$html .= '</tr>';
  }
  $html .= '</table>';
  return '<h2>Edition des droits du dossier</h2>'.XorgAuthPermissions($pagename).'<h2>Edition des droits des pages du dossier</h2>'.$html;
}
?>
Commit	Line	Data
b1b3c24c DB	1	<?php
	2
	3	$AuthFunction = 'XorgAuth';
	4	$HandleActions['attr'] = 'XorgAuthHandleAttr';
	5	$HandleActions['postattr'] = 'XorgAuthHandlePostAttr';
	6	$HandleActions['connect'] = 'XorgAuthConnectPlatal';
	7
	8	if (isset($_POST['action']) && isset($_GET['action'])) {
	9	$action = $_REQUEST['action'] = $_GET['action'] = $_POST['action'];
	10	}
	11
	12	Markup('grpattributes','inline','/\\(:groupattributes:\\)/e',"Keep(XorgAuthGroupAttributes())");
	13
	14	require_once("$FarmD/cookbook/autocreate.php");
	15	AutoCreatePage('$Group.GroupAttributes', '(:groupattributes:)');
	16
	17	$HTMLHeaderFmt['xorg'] = '<script type="text/javascript" src="http://www.polytechnique.org/javascript/xorg.js"></script>';
	18	$HTMLHeaderFmt['xorgcustomauth'] = '<script type="text/javascript">
	19	function AddCustomAuth(f){
	20	if (f.value == \'...\')
	21	{
	22	var newval =prompt(\'S�pare les diff�rents autorisations par des espaces\\n\\tx,membre ou admin\\n\\tprenom.nom.promo d\\\'une personne\\n\\tle num�ro d\\\'une promo\\nPar exemple pour autoriser les membres et Pascal Corpet :\\n\\tmembre pascal.corpet.2001\');
	23	f.value = newval;
	24	if (f.value != newval && newval)
	25	{
	26	var op = document.createElement(\'option\');
	27	op.appendChild(document.createTextNode(newval));
	28	f.insertBefore(op,f.childNodes[f.childNodes.length-1]);
	29	f.value = newval;
	30	}
	31	}
	32	}
	33	</script>';
	34
	35	Markup('[[~\|','<[[~','/\\[\\[~(.?)\\|(.?)\\]\\]/e',"Keep('<a href=\"http://www.polytechnique.org/profile/$1\" class=\"popup2\">$2</a>')");
	36
ffc04a99	37	Markup('xorgpage','inline','/\\(:xorgpage\\s(.?):\\)/e', "Keep('<iframe style=\"width:100%;height:400px;border:none\" src=\"http://www.polytechnique.org/$1\"></iframe>')");
b1b3c24c DB	38	Markup('xnetpage','inline','/\\(:xnetpage\\s(.?):\\)/e', "XnetPage('$1')");
	39	function XnetPage($page) {
	40	global $XnetWikiGroup;
	41	if (!$XnetWikiGroup) return;
65a3c79c	42	return Keep('<iframe style="width:100%;height:400px;border:none" src="http://www.polytechnique.net/'.($_SESSION['xorgauth']?'login/':'').$XnetWikiGroup.'/'.$page.'"></iframe>');
b1b3c24c DB	43	}
	44
	45	// R�cup�re les droits au niveau du dossier (Group PmWiki)
	46	function XorgAuthGetGroupAuth($pagename,$since) {
	47	global $GroupPasswords;
	48	if (!isset($GroupPasswords)) {
	49	$GroupPasswords = array();
	50	}
	51	$group = substr($pagename, 0, strpos($pagename, '.'));
	52	if (!isset($GroupPasswords[$group])) {
	53	$GroupPasswords[$group] = ReadPage($group.'.GroupAttributes', $since);
	54	}
	55	return $GroupPasswords[$group];
	56	}
	57
	58	// essaie de se connecter via xorg
	59	function XorgAuthConnectPlatal() {
	60	$privkey = '6e9c9fa9bac23541fe67697c4eff5be6';
	61	global $XnetWikiGroup;
	62	$returl = 'http://'.$_SERVER['SERVER_NAME'].str_replace('action=connect', '', $_SERVER['REQUEST_URI']);
	63	if (isset($_REQUEST['oldaction'])) {
	64	$returl .= '&action='.$_REQUEST['oldaction'];
	65	}
	66	@session_destroy();
	67	session_start();
	68	$challenge = md5(rand());
	69	$_SESSION['challenge'] = $challenge;
	70	$_SESSION['authsite'] = $XnetWikiGroup;
	71	$url = "https://www.polytechnique.org/auth-groupex.php";
	72	$url .= "?session=".session_id();
	73	$url .= "&challenge=".$challenge;
	74	$url .= "&pass=".md5($challenge.$privkey);
	75	$returl .= "&challenge=".$challenge;
	76	$url .= "&url=".urlencode($returl);
	77	if ($XnetWikiGroup) {
	78	$url .= "&group=".$XnetWikiGroup;
	79	}
	80	header('Location: '.$url);
	81	exit();
	82	}
	83
	84
	85	// comes back from auth
	86	@session_start();
	87	if (isset($_GET['auth']) && !$_SESSION['xorgauth'] && $_SESSION['challenge']) {
	88	$tohash = '1'.$_SESSION['challenge'].'6e9c9fa9bac23541fe67697c4eff5be6';
65a3c79c	89	$fields = explode(',','forlife,nom,prenom,promo,grpauth,perms');
b1b3c24c DB	90	foreach ($fields as $f) if (isset($_GET[$f])) {
	91	$tohash .= $_GET[$f];
	92	}
	93	$tohash .= '1';
	94	if ($_GET['auth'] == md5($tohash)) {
	95	$_SESSION['xorgauth'] = 1;
	96	foreach ($fields as $f) if (isset($_GET[$f])) {
	97	$_SESSION[$f] = $_GET[$f];
	98	}
	99	} else {
	100	$_SESSION['xorgauth'] = 0;
	101	}
	102	}
	103	if (isset($_SESSION['forlife']) && $_SESSION['forlife']) {
	104	$AuthId = $_SESSION['forlife'];
	105	$Author = $_SESSION['forlife'].' \| '.$_SESSION['prenom'].' '.$_SESSION['nom'];
	106	}
	107	$Conditions['connected'] = 'isset($_SESSION["xorgauth"])';
	108
	109	function XorgAuthTestPassword($password) {
	110	if (!$password) {
	111	return true;
	112	}
65a3c79c PC	113	if ($_SESSION['perms'] == 'admin') {
	114	// administrateur du site d'authentification et donc super user ici aussi
	115	return true;
	116	}
b1b3c24c DB	117	$parts = explode(' ',$password);
	118	foreach ($parts as $pass) {
	119	if ($pass == 'all' \|\| $pass == 'public') {
	120	return true;
	121	}
	122	if ($pass == 'x' && $_SESSION['xorgauth']) {
	123	return true;
	124	}
	125	if ($_SESSION['grpauth'] && $pass == $_SESSION['grpauth']) {
	126	return true;
	127	}
	128	if ($_SESSION['forlife'] && $pass == $_SESSION['forlife']) {
	129	return true;
	130	}
	131	if ($_SESSION['promo'] && $pass == $_SESSION['promo']) {
	132	return true;
	133	}
	134	}
	135	return false;
	136	}
65a3c79c PC	137
65a3c79c PC	138	// test if user has admin rights on this wiki field
b1b3c24c DB	139	function XorgAuthIsSiteAdmin() {
	140	global $DefaultPasswords;
	141	return XorgAuthTestPassword($DefaultPasswords['admin']);
	142	}
	143
	144	// fonction d'authentification : appell�e avant tout acc�s � une page
	145	function XorgAuth($pagename, $level, $authprompt, $since) {
	146	global $XnetWikiGroup;
65a3c79c	147	// user was authenticaed to another site, but the site has changed
b1b3c24c DB	148	if (isset($_SESSION['authsite']) && $XnetWikiGroup != $_SESSION['authsite']) {
	149	XorgAuthConnectPlatal();
	150	return false;
	151	}
	152	$group = substr($pagename, 0, strpos($pagename, '.'));
	153	$page = ReadPage($pagename, $since);
	154	if (!$page) { return false; }
	155	if (XorgAuthIsSiteAdmin()) { return $page; }
	156	global $AuthCascade, $DefaultPasswords, $GroupPasswords;
	157	$password = "";
	158	do
	159	{
	160	if (isset($page["passwd".$level])) {
	161	$password = $page["passwd".$level];
	162	}
	163	if (!$password) {
	164	$gpAuth = XorgAuthGetGroupAuth($pagename,$since);
	165	if (isset($gpAuth["passwd".$level])) {
	166	$password = $gpAuth["passwd".$level];
	167	}
	168	}
	169	if (!$password) {
	170	if (isset($DefaultPasswords[$level])) {
	171	$password = $DefaultPasswords[$level];
	172	}
	173	}
	174	} while (!$password && isset($AuthCascade[$level]) && $level = $AuthCascade[$level]);
	175	if (XorgAuthTestPassword($password)) {
	176	return $page;
	177	}
	178	if (!$authprompt) {
	179	return false;
	180	}
	181	global $AuthPromptFmt, $PageStartFmt, $PageEndFmt;
	182	$postvars = '';
	183	foreach($_POST as $k=>$v) {
	184	if ($k == 'authpw' \|\| $k == 'authid') continue;
	185	$v = str_replace('$', '$',
	186	htmlspecialchars(stripmagic($v), ENT_COMPAT));
	187	$postvars .= "<input type='hidden' name='$k' value=\"$v\" />\n";
	188	}
	189	$FmtV['action'] = $_REQUEST['action'];
	190	SDV($AuthPromptFmt, array(&$PageStartFmt, "page:Site.AuthForm", &$PageEndFmt));
	191	PrintFmt($pagename,$AuthPromptFmt);
	192	exit;
	193	}
	194	$XorgAuthLevels = array('read' => 'lecture','edit' => 'modification','attr' => 'administration');
	195
	196	function XorgAuthUsers() {
	197	global $XnetWikiGroup;
	198	if ($XnetWikiGroup) {
	199	return array('public' => 'tout le monde','x' => 'les X', 'membre' => 'membres du groupe', 'admin' => 'admins du groupe');
	200	} else {
	201	return array('public' => 'tout le monde','x' => 'les X', 'admin' => 'admins X.org');
	202	}
	203	}
	204
	205	function XorgAuthPermissions($pagename) {
	206	global $XnetWikiGroup,$DefaultPasswords,$XorgAuthLevels;
	207	$XorgAuthUsers = XorgAuthUsers();
	208	$group = substr($pagename, 0, strpos($pagename, '.'));
	209	if ($pagename != $group.'.GroupAttributes')
	210	$groupAttr = XorgAuthGetGroupAuth($pagename, 0);
	211	$page = ReadPage($pagename, 0);
212	$attrshtml = '';
213	foreach ($XorgAuthLevels as $level => $action) {
214	$html = $action.' : <select name="passwd'.$level.'" onchange="AddCustomAuth(this)">';
215	if (isset($groupAttr['passwd'.$level]) && $groupAttr['passwd'.$level]) {
216	$text = 'comme le dossier ('.$XorgAuthUsers[$groupAttr['passwd'.$level]].')';
217	} else {
218	$text = 'comme le site ('.$XorgAuthUsers[$DefaultPasswords[$level]].')';
219	}
220	$htmloptions = '<option value="">'.$text.'</option>';
221	foreach ($XorgAuthUsers as $passwd => $user) {
222	$htmloptions .= '<option value="'.$passwd.'">'.$user.'</option>';
223	}
224	$htmloptionsselected = str_replace(' value="'.$page['passwd'.$level].'"', ' value="'.$page['passwd'.$level].'" selected="selected"', $htmloptions);
225	$html .= $htmloptionsselected;
226	if ($htmloptionsselected == $htmloptions) {
227	$html .= '<option value="'.$page['passwd'.$level].'" selected="selected">'.$page['passwd'.$level].'</option>';
228	}
229	$html .= '<option value="...">...</option>';
230	$html .= '</select> ';
231	if ($attrshtml) {
232	$attrshtml .= ' - ';
233	}
234
235	$attrshtml .= $html;
236	}
237	return '<form action="?action=postattr" method="post">'.$attrshtml.'<input type="submit" value="ok"/></form>';
238	}
239
240	function XorgAuthHandleAttr($pagename, $auth = 'attr') {
241	$page = RetrieveAuthPage($pagename, $auth, true);
242	global $PageAttrFmt, $PageStartFmt, $PageEndFmt;
243	SDV($PageAttrFmt,"<div class='wikiattr'>
244	<h2 class='wikiaction'>$[{\$FullName} Attributes]</h2>
245	<p>".XorgAuthPermissions($pagename)."</p></div>");
246	SDV($HandleAttrFmt,array(&$PageStartFmt,&$PageAttrFmt,&$PageEndFmt));
247	PrintFmt($pagename,$HandleAttrFmt);
248	}
249
250	function XorgAuthHandlePostAttr($pagename, $auth = 'attr') {
251	global $XorgAuthLevels, $HandleActions;
252	Lock(2);
253	$page = RetrieveAuthPage($pagename, $auth, true);
254	if (!$page) { Abort("?unable to read $pagename"); }
255	foreach($XorgAuthLevels as $attr=>$p) {
256	$v = stripmagic(@$_REQUEST['passwd'.$attr]);
257	if ($v=='') unset($page['passwd'.$attr]);
258	else if ($v != '...') $page['passwd'.$attr] = $v;
259	}
260	WritePage($pagename,$page);
261	Lock(0);
262	Redirect($pagename);
263	}
264
265	function XorgAuthGroupAttributes() {
266	global $XnetWikiGroup,$DefaultPasswords,$XorgAuthLevels;
267	$XorgAuthUsers = XorgAuthUsers();
268	global $pagename, $WikiDir;
269	if (substr($pagename, strpos($pagename, '.') + 1) != 'GroupAttributes') {
270	return "";
271	}
272	if (!XorgAuth($pagename, 'attr', true,0)) {
273	return "";
274	}
275	if (isset($_REQUEST['page']) && isset($_REQUEST['user']) && isset($_REQUEST['attr'])) {
276	Lock(2);
277	$page = RetrieveAuthPage(stripmagic(@$_REQUEST['page']), 'attr', true);
278	if ($page && isset($XorgAuthLevels[stripmagic(@$_REQUEST['attr'])]) && (isset($XorgAuthUsers[stripmagic(@$_REQUEST['user'])]) \|\| !$_REQUEST['user'])) {
279	$page['passwd'.stripmagic(@$_REQUEST['attr'])] = stripmagic(@$_REQUEST['user']);
280	if ($_REQUEST['user'] == "") {
281	unset($page['passwd'.stripmagic(@$_REQUEST['attr'])]);
282	}
283	WritePage(stripmagic(@$_REQUEST['page']),$page);
284	}
285	Lock(0);
286	}
287	$html = '<table>';
288	$html .= '<tr><td></td>';
289	foreach ($XorgAuthLevels as $level => $action) {
290	$html .= '<th>'.$action.'</th>';
291	}
292	$html .= '</tr>';
293	$group = substr($pagename, 0, strpos($pagename, '.'));
294	$pages = $WikiDir->ls($group.'.*');
295	$groupAttr = XorgAuthGetGroupAuth($pagename, 0);
296	foreach($pages as $p) if ($p != $pagename) {
297	$html .= '<tr>';
298	$page = ReadPage($p, 0);
299	$html .= '<th>'.substr($p,strpos($p,'.')+1).'</th>';
300	foreach ($XorgAuthLevels as $level => $action) {
301	$html .= '<td><select name="passwd'.$level.'" onchange="AddCustomAuth(this);document.location=\'?page='.$p.'&attr='.$level.'&user=\'+this.value">';
302	if (isset($groupAttr['passwd'.$level]) && $groupAttr['passwd'.$level]) {
303	$textedossier = $groupAttr['passwd'.$level];
304	if (isset($XorgAuthUsers[$textedossier])) {
305	$textedossier = $XorgAuthUsers[$textedossier];
306	}
307	$text = 'comme le dossier ('.$textedossier.')';
308	} else {
309	$text = 'comme le site ('.$XorgAuthUsers[$DefaultPasswords[$level]].')';
310	}
311	$htmloptions = '<option value="">'.$text.'</option>';
312	foreach ($XorgAuthUsers as $passwd => $user) {
313	$htmloptions .= '<option value="'.$passwd.'">'.$user.'</option>';
314	}
315	$htmloptionsselected = str_replace(' value="'.$page['passwd'.$level].'"', ' value="'.$page['passwd'.$level].'" selected="selected"', $htmloptions);
316	$html .= $htmloptionsselected;
317	if ($htmloptionsselected == $htmloptions) {
318	$html .= '<option value="'.$page['passwd'.$level].'" selected="selected">'.$page['passwd'.$level].'</option>';
319	}
320	$html .= '<option value="...">...</option></select></td>';
321	}
322	$html .= '</tr>';
323	}
324	$html .= '</table>';
325	return '<h2>Edition des droits du dossier</h2>'.XorgAuthPermissions($pagename).'<h2>Edition des droits des pages du dossier</h2>'.$html;
326	}
327	?>