121cdae0 |
1 | <?php |
2 | |
6f8f3f52 |
3 | $AuthFunction = 'AuthPlatal'; |
121cdae0 |
4 | |
cab08090 |
5 | $Conditions['logged'] = S::logged(); |
6 | $Conditions['identified'] = S::identified(); |
7 | $Conditions['has_perms'] = S::has_perms(); |
6f8f3f52 |
8 | $Conditions['public'] = 'true'; |
6f8f3f52 |
9 | |
06a5e65b |
10 | $HandleAuth['diff'] = 'edit'; |
11 | $HandleAuth['source'] = 'edit'; |
2907d401 |
12 | |
06a5e65b |
13 | $InputTags['e_textarea'][':html'] = "<textarea \$InputFormArgs |
14 | onkeydown='if (event.keyCode==27) event.returnValue=false;' |
2907d401 |
15 | >{literal}\$EditText{/literal}</textarea>"; |
16 | |
17 | // impossible to see the diff without the source because of the smarty tags |
18 | $DiffShow['source'] = 'y'; |
19 | $DiffSourceFmt = ''; |
20 | |
21 | $DiffStartFmt = "{literal}<div class='diffbox'><div class='difftime'>\$DiffTime \$[by] <span class='diffauthor' title='\$DiffHost'>\$DiffAuthor</span></div>"; |
22 | $DiffEndFmt = "</div>{/literal}"; |
23 | |
24 | // compute permissions based on the permission string (key) |
25 | // if could is true, compute permission that could be enabled with a mdp |
26 | // if smarty is true, return a string to insert in a smarty if tag |
27 | // otherwise return true or false |
28 | function authPerms($pagename, $key, $could=false, $smarty=false) |
121cdae0 |
29 | { |
fd5c9770 |
30 | $words = explode(' ', $key); |
2907d401 |
31 | $auth = $smarty?"":false; |
fd5c9770 |
32 | $and = false; |
33 | foreach ($words as $word) { |
06a5e65b |
34 | if (strpos($word, '@') === 0) $word = substr($word,1); |
fd5c9770 |
35 | $iauth = false; |
36 | if ($word == 'and:') { |
37 | $and = true; |
38 | continue; |
39 | } |
40 | $parts = explode(':', $word); |
251b9351 |
41 | $cond = $parts[0]; |
fd5c9770 |
42 | $param = $parts[1]; |
6f8f3f52 |
43 | if ($cond == 'identified' && $could) { |
44 | $cond = 'logged'; |
fd5c9770 |
45 | } |
06a5e65b |
46 | if ($smarty) { |
47 | $iauth = '$'.$cond.($param?(' eq "'.$param.'"'):''); |
48 | } else { |
49 | if (strpos($cond, "smarty.") === 0) { |
50 | $vars = explode('.', $cond); |
51 | $iauth = false; |
52 | switch ($vars[1]) |
53 | { |
54 | case 'session':$iauth = S::v($vars[2]) == $param; break; |
55 | case 'request':$iauth = Env::get($vars[2]) == $param; break; |
56 | } |
57 | } |
58 | else $iauth = CondText($pagename, 'if '.$cond.' '.$param, true); |
59 | } |
2907d401 |
60 | |
fd5c9770 |
61 | if ($and) { |
06a5e65b |
62 | if ($smarty) |
63 | $auth = ($auth?"($auth) and ":"").$iauth; |
64 | else |
65 | $auth &= $iauth; |
fd5c9770 |
66 | } else { |
06a5e65b |
67 | if ($smarty) |
68 | $auth = ($auth?"($auth) or ":"").$iauth; |
69 | else |
70 | $auth |= $iauth; |
fd5c9770 |
71 | } |
72 | $and = false; |
73 | } |
74 | return $auth; |
121cdae0 |
75 | } |
76 | |
2907d401 |
77 | // try to find the best permission for a given page and a given level of auth |
251b9351 |
78 | // in order: page > site |
79 | function TryAllAuths($pagename, $level, $page_read) |
121cdae0 |
80 | { |
fd5c9770 |
81 | global $DefaultPasswords; |
82 | if (isset($page_read['passwd'.$level]) && $page_read['passwd'.$level] != '*') { |
83 | return array('page', $page_read['passwd'.$level]); |
84 | } |
fd5c9770 |
85 | if (isset($DefaultPasswords[$level])) { |
86 | return array('site', $DefaultPasswords[$level]); |
87 | } |
88 | return array('none', ''); |
121cdae0 |
89 | } |
90 | |
2907d401 |
91 | function auth_pmwiki_to_smarty($text, $pass) |
92 | { |
93 | $ifc = authPerms("", $pass, false, true); |
06a5e65b |
94 | if (!$ifc) |
95 | return ""; |
96 | return "{if $ifc}\n".$text."\n{else}(:div class='erreur':Droits insuffisants.:){/if}"; |
2907d401 |
97 | } |
98 | |
99 | // for read pages: will come only once so we have to be careful |
100 | // and translate any auth from the wiki to smarty auth |
06a5e65b |
101 | function AuthPlatal($pagename, $level, $authprompt) |
121cdae0 |
102 | { |
801fcad8 |
103 | global $Conditions, $page; |
121cdae0 |
104 | |
251b9351 |
105 | $page_read = ReadPage($pagename); |
121cdae0 |
106 | |
fd5c9770 |
107 | $levels = array('read', 'attr', 'edit', 'upload'); |
d0adba41 |
108 | |
06a5e65b |
109 | foreach ($levels as $l) { |
251b9351 |
110 | list($from, $pass) = TryAllAuths($pagename, $l, $page_read); |
06a5e65b |
111 | $passwds[$l] = $pass; |
fd5c9770 |
112 | $pwsources[$l] = $from; |
113 | } |
121cdae0 |
114 | |
2907d401 |
115 | $canedit = authPerms($pagename, $passwds['edit'], true, true); |
116 | $canattr = authPerms($pagename, $passwds['attr'], true, true); |
117 | $panel = "{if ($canedit) or ($canattr)}\n"; |
118 | $panel .= ">>frame<<\n"; |
18f4bfcb |
119 | $panel .= "[[{\$FullName}|Voir la page]]"; |
2907d401 |
120 | $panel .= "{if ($canedit)}\n"; |
18f4bfcb |
121 | $panel .= "[[{\$FullName}?action=edit |Editer]]"; |
122 | $panel .= "[[{\$FullName}?action=diff |Historique]]"; |
123 | $panel .= "[[{\$FullName}?action=upload |Upload]]"; |
2907d401 |
124 | $panel .= "{/if}{if ($canattr)}\n"; |
18f4bfcb |
125 | $panel .= "[[{\$FullName}?action=attr |Droits]]"; |
2907d401 |
126 | $panel .= "{/if}\n"; |
18f4bfcb |
127 | $panel .= "\\\\\n\n"; |
2907d401 |
128 | $panel .= ">><<\n"; |
129 | $panel .= "{/if}\n"; |
06a5e65b |
130 | |
cab08090 |
131 | if ((S::identified() && S::has_perms()) || authPerms($pagename, $passwds[$level])) |
fd5c9770 |
132 | { |
06a5e65b |
133 | $page_read['=passwd'] = $passwds; |
fd5c9770 |
134 | $page_read['=pwsource'] = $pwsources; |
06a5e65b |
135 | |
136 | // if try to read, add the permission limitation as a smarty if tag |
137 | if ($level == 'read') { |
138 | $page_read['text'] = auth_pmwiki_to_smarty($page_read['text'], $passwds['read']); |
139 | $page_read['text'] = $panel.$page_read['text']; |
140 | } |
141 | |
fd5c9770 |
142 | return $page_read; |
143 | } |
144 | |
2907d401 |
145 | // if we arrive here, the user doesn't have enough permission to access page |
146 | |
147 | // maybe it is because he is not identified |
06a5e65b |
148 | if ($authprompt && !S::identified()) { |
149 | require_once dirname(__FILE__).'/../classes/Platal.php'; |
150 | require_once dirname(__FILE__).'/../classes/PLModule.php'; |
151 | $platal = new Platal(); |
152 | $platal->force_login($page); |
fd5c9770 |
153 | } |
154 | |
cab08090 |
155 | if (S::has_perms()) { |
6f8f3f52 |
156 | $page->trig('Erreur : page Wiki inutilisable sur plat/al'); |
fd5c9770 |
157 | } |
2907d401 |
158 | $page->run(); |
121cdae0 |
159 | } |
160 | |
fd5c9770 |
161 | ?> |