projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
wiki => smarty
[platal.git] / plugins / pmwiki.platalAuth.php
1 <?php
2
3 $AuthFunction = 'AuthPlatal';
4
5 $Conditions['logged'] = logged();
6 $Conditions['identified'] = identified();
7 $Conditions['has_perms'] = has_perms();
8 $Conditions['public'] = 'true';
9 $Conditions['only_public'] = !identified();
10
11 $HandleAuth['diff'] = 'edit';
12 $HandleAuth['source'] = 'edit';
13
14 $InputTags['e_textarea'][':html'] =
15 "<textarea \$InputFormArgs
16 onkeydown='if (event.keyCode==27) event.returnValue=false;'
17 >{literal}\$EditText{/literal}</textarea>";
18
19 // impossible to see the diff without the source because of the smarty tags
20 $DiffShow['source'] = 'y';
21 $DiffSourceFmt = '';
22
23 $DiffStartFmt = "{literal}<div class='diffbox'><div class='difftime'>\$DiffTime \$[by] <span class='diffauthor' title='\$DiffHost'>\$DiffAuthor</span></div>";
24 $DiffEndFmt = "</div>{/literal}";
25
26 // compute permissions based on the permission string (key)
27 // if could is true, compute permission that could be enabled with a mdp
28 // if smarty is true, return a string to insert in a smarty if tag
29 // otherwise return true or false
30 function authPerms($pagename, $key, $could=false, $smarty=false)
31 {
32 $words = explode(' ', $key);
33 $auth = $smarty?"":false;
34 $and = false;
35 foreach ($words as $word) {
36 if (strpos($word, '@') === 0) $word = substr($word,1);
37 $iauth = false;
38 if ($word == 'and:') {
39 $and = true;
40 continue;
41 }
42 $parts = explode(':', $word);
43 $cond = $parts[0];
44 $param = $parts[1];
45 if ($cond == 'identified' && $could) {
46 $cond = 'logged';
47 }
48 if ($smarty)
49 $iauth = '$'.$cond.($param?(' eq "'.$param.'"'):'');
50 else
51 {
52 if (strpos($cond, "smarty.") === 0)
53 {
54 $vars = explode('.', $cond);
55 $iauth = false;
56 switch ($vars[1])
57 {
58 case 'session':$iauth = Session::get($vars[2]) == $param; break;
59 case 'request':$iauth = Env::get($vars[2]) == $param; break;
60 }
61 }
62 else $iauth = CondText($pagename, 'if '.$cond.' '.$param, true);
63 }
64
65 if ($and) {
66 if ($smarty)
67 $auth = ($auth?"($auth) and ":"").$iauth;
68 else
69 $auth &= $iauth;
70 } else {
71 if ($smarty)
72 $auth = ($auth?"($auth) or ":"").$iauth;
73 else
74 $auth |= $iauth;
75 }
76 $and = false;
77 }
78 if ($smarty)
79 $auth = "($auth) or \$wiki_admin";
80 return $auth;
81 }
82
83 // try to find the best permission for a given page and a given level of auth
84 // in order: page > group > site
85 function TryAllAuths($pagename, $level, $page_read, $group_read)
86 {
87 global $DefaultPasswords;
88 if (isset($page_read['passwd'.$level]) && $page_read['passwd'.$level] != '*') {
89 return array('page', $page_read['passwd'.$level]);
90 }
91 if (isset($group_read['passwd'.$level]) && $group_read['passwd'.$level] != '*') {
92 return array('group', $group_read['passwd'.$level]);
93 }
94 if (isset($DefaultPasswords[$level])) {
95 return array('site', $DefaultPasswords[$level]);
96 }
97 return array('none', '');
98 }
99
100 function auth_pmwiki_to_smarty($text, $pass)
101 {
102 $ifc = authPerms("", $pass, false, true);
103 if (!$ifc) return "";
104 return "{if $ifc}\n".$text."{/if}";
105 }
106
107 // for read pages: will come only once so we have to be careful
108 // and translate any auth from the wiki to smarty auth
109 function AuthPlatal($pagename, $level, $authprompt, $since)
110 {
111 global $Conditions;
112 $authUser = false;
113 $authPage = false;
114
115 $page_read = ReadPage($pagename, $since);
116 $groupattr = FmtPageName('$Group/GroupAttributes', $pagename);
117 $group_read = ReadPage($groupattr, $since);
118
119 $levels = array('read', 'attr', 'edit', 'upload');
120
121 foreach ($levels as $l)
122 {
123 list($from, $pass) = TryAllAuths($pagename, $l, $page_read, $group_read);
124 $passwds[$l] = $pass;
125 $pwsources[$l] = $from;
126 }
127
128 $canedit = authPerms($pagename, $passwds['edit'], true, true);
129 $canattr = authPerms($pagename, $passwds['attr'], true, true);
130 $panel = "{if ($canedit) or ($canattr)}\n";
131 $panel .= ">>frame<<\n";
132 $panel .= "[[{\$FullName} |Voir la page]]\\\\\n";
133 $panel .= "{if ($canedit)}\n";
134 $panel .= "[[{\$FullName}?action=edit |Editer]]\\\\\n";
135 $panel .= "[[{\$FullName}?action=diff |Historique]]\\\\\n";
136 $panel .= "[[{\$FullName}?action=upload |Upload]]\\\\\n";
137 $panel .= "{/if}{if ($canattr)}\n";
138 $panel .= "[[{\$FullName}?action=attr |Droits]]\\\\\n";
139 $panel .= "[[{\$Group}/GroupAttributes?action=attr|Droits du groupe]]\\\\\n";
140 $panel .= "{/if}\n";
141 $panel .= ">><<\n";
142 $panel .= "{/if}\n";
143
144 if (((identifed() && has_perms()) || authPerms($pagename, $passwds[$level]))
145 {
146 $page_read['=passwd'] = $passwds;
147 $page_read['=pwsource'] = $pwsources;
148 // if try to read, add the permission limitation as a smarty if tag
149 if ($level == 'read')
150 {
151 $page_read['text'] = auth_pmwiki_to_smarty($page_read['text'], $passwds['read']);
152 $page_read['text'] = $panel.$page_read['text'];
153 }
154 // print_r($page_read); die();
155 return $page_read;
156 }
157
158 // if we arrive here, the user doesn't have enough permission to access page
159
160 // maybe it is because he is not identified
161 if ($authprompt && !identified())
162 {
163 new_skinned_page('wiki.tpl', AUTH_MDP);
164 }
165
166 global $page;
167 new_skinned_page('', AUTH_MDP);
168 if (has_perms()) {
169 $page->trig('Erreur : page Wiki inutilisable sur plat/al');
170 } else {
171 $page->trig("Tu n'as pas le droit d'accéder à ce service");
172 }
173 $page->run();
174 // don't return false or pmwiki will send an exit breaking smarty page
175 return 1;
176 }
177
178 ?>
plat/al