121cdae0 |
1 | <?php |
2 | |
3 | $AuthFunction = "AuthPlatal"; |
4 | |
5 | function authPerms($pagename,$key,$could=false) |
6 | { |
7 | $words = explode(' ', $key); |
8 | $auth = false; |
9 | $and = false; |
10 | foreach ($words as $word) { |
11 | $iauth = false; |
12 | if ($word == 'and:') { $and = true; continue; } |
13 | $parts = explode(':', $word); |
14 | $cond = $parts[0]; |
15 | $param = $parts[1]; |
16 | if ($cond == "identified" && $could) |
17 | $cond = "logged"; |
18 | $iauth = CondText($pagename, "if ".$cond." ".$param, true); |
19 | if ($and) $auth &= $iauth; |
20 | else $auth |= $iauth; |
21 | $and = false; |
22 | } |
23 | return $auth; |
24 | } |
25 | |
d0adba41 |
26 | function TryAllAuths($pagename, $level, $page_read, $group_read) |
121cdae0 |
27 | { |
28 | global $DefaultPasswords; |
29 | if (isset($page_read['passwd'.$level]) && $page_read['passwd'.$level] != '*') |
d0adba41 |
30 | return array('page', $page_read['passwd'.$level]); |
121cdae0 |
31 | if (isset($group_read['passwd'.$level]) && $group_read['passwd'.$level] != '*') |
d0adba41 |
32 | return array('group', $group_read['passwd'.$level]); |
121cdae0 |
33 | if (isset($DefaultPasswords[$level])) |
d0adba41 |
34 | return array('site', $DefaultPasswords[$level]); |
35 | return array('none', ''); |
121cdae0 |
36 | } |
37 | |
38 | function AuthPlatal($pagename, $level, $authprompt, $since) |
39 | { |
40 | global $Conditions; |
41 | $authUser = false; |
42 | $authPage = false; |
43 | |
44 | $page_read = ReadPage($pagename, $since); |
45 | $groupattr = FmtPageName('$Group/GroupAttributes', $pagename); |
46 | $group_read = ReadPage($groupattr, $since); |
47 | |
d0adba41 |
48 | $levels = array('read', 'attr', 'edit', 'upload'); |
49 | |
50 | foreach ($levels as $l) |
51 | { |
52 | list($from, $pass) = TryAllAuths($pagename, $l, $page_read, $group_read); |
53 | $passwds[$l] = $pass; |
54 | $pwsources[$l] = $from; |
55 | } |
56 | |
121cdae0 |
57 | if (!isset($Conditions['canedit'])) |
d0adba41 |
58 | $Conditions['canedit'] = authPerms($pagename, $passwds['edit'], true); |
121cdae0 |
59 | if (!isset($Conditions['canattr'])) |
d0adba41 |
60 | $Conditions['canattr'] = authPerms($pagename, $passwds['attr'], true); |
121cdae0 |
61 | |
d0adba41 |
62 | if (authPerms($pagename, $passwds[$level])) |
121cdae0 |
63 | { |
d0adba41 |
64 | $page_read['=passwd'] = $passwds; |
65 | $page_read['=pwsource'] = $pwsources; |
121cdae0 |
66 | return $page_read; |
67 | } |
68 | |
69 | if ($authprompt && !identified()) |
70 | { |
71 | new_skinned_page('wiki.tpl', AUTH_MDP); |
72 | } |
73 | |
74 | global $page; |
75 | new_skinned_page('', AUTH_MDP); |
76 | if (has_perms()) |
77 | $page->trig("Erreur : page Wiki inutilisable sur plat/al"); |
78 | else |
79 | $page->trig("Tu n'as pas le droit d'accéder à ce service"); |
80 | // don't return false or pmwiki will send an exit breaking smarty page |
81 | return 1; |
82 | } |
83 | |
84 | $Conditions['logged'] = 'logged()'; |
85 | $Conditions['identified'] = 'identified()'; |
86 | $Conditions['has_perms'] = 'has_perms()'; |
87 | $Conditions['public'] = 'true'; |
88 | $Conditions['only_public'] = '!identified()'; |
89 | |