$AuthFunction = 'AuthPlatal';
-$Conditions['logged'] = logged();
-$Conditions['identified'] = identified();
-$Conditions['has_perms'] = has_perms();
+$Conditions['logged'] = S::logged();
+$Conditions['identified'] = S::identified();
+$Conditions['has_perms'] = S::has_perms();
$Conditions['public'] = 'true';
-$Conditions['only_public'] = !identified();
-$HandleAuth['diff'] = 'edit';
-$HandleAuth['source'] = 'edit';
+$HandleAuth['diff'] = 'edit';
+$HandleAuth['source'] = 'edit';
-$InputTags['e_textarea'][':html'] =
- "<textarea \$InputFormArgs
- onkeydown='if (event.keyCode==27) event.returnValue=false;'
+$InputTags['e_textarea'][':html'] = "<textarea \$InputFormArgs
+ onkeydown='if (event.keyCode==27) event.returnValue=false;'
>{literal}\$EditText{/literal}</textarea>";
// impossible to see the diff without the source because of the smarty tags
$auth = $smarty?"":false;
$and = false;
foreach ($words as $word) {
- if (strpos($word, '@') === 0) $word = substr($word,1);
+ if (strpos($word, '@') === 0) $word = substr($word,1);
$iauth = false;
if ($word == 'and:') {
$and = true;
continue;
}
$parts = explode(':', $word);
- $cond = $parts[0];
+ $cond = $parts[0];
$param = $parts[1];
if ($cond == 'identified' && $could) {
$cond = 'logged';
}
- if ($smarty)
- $iauth = '$'.$cond.($param?(' eq "'.$param.'"'):'');
- else
- {
- if (strpos($cond, "smarty.") === 0)
- {
- $vars = explode('.', $cond);
- $iauth = false;
- switch ($vars[1])
- {
- case 'session':$iauth = Session::get($vars[2]) == $param; break;
- case 'request':$iauth = Env::get($vars[2]) == $param; break;
- }
- }
- else $iauth = CondText($pagename, 'if '.$cond.' '.$param, true);
- }
+ if ($smarty) {
+ $iauth = '$'.$cond.($param?(' eq "'.$param.'"'):'');
+ } else {
+ if (strpos($cond, "smarty.") === 0) {
+ $vars = explode('.', $cond);
+ $iauth = false;
+ switch ($vars[1])
+ {
+ case 'session':$iauth = S::v($vars[2]) == $param; break;
+ case 'request':$iauth = Env::get($vars[2]) == $param; break;
+ }
+ }
+ else $iauth = CondText($pagename, 'if '.$cond.' '.$param, true);
+ }
if ($and) {
- if ($smarty)
- $auth = ($auth?"($auth) and ":"").$iauth;
- else
- $auth &= $iauth;
+ if ($smarty)
+ $auth = ($auth?"($auth) and ":"").$iauth;
+ else
+ $auth &= $iauth;
} else {
- if ($smarty)
- $auth = ($auth?"($auth) or ":"").$iauth;
- else
- $auth |= $iauth;
+ if ($smarty)
+ $auth = ($auth?"($auth) or ":"").$iauth;
+ else
+ $auth |= $iauth;
}
$and = false;
}
- if ($smarty)
- $auth = "($auth) or \$wiki_admin";
return $auth;
}
// try to find the best permission for a given page and a given level of auth
-// in order: page > group > site
-function TryAllAuths($pagename, $level, $page_read, $group_read)
+// in order: page > site
+function TryAllAuths($pagename, $level, $page_read)
{
global $DefaultPasswords;
if (isset($page_read['passwd'.$level]) && $page_read['passwd'.$level] != '*') {
return array('page', $page_read['passwd'.$level]);
}
- if (isset($group_read['passwd'.$level]) && $group_read['passwd'.$level] != '*') {
- return array('group', $group_read['passwd'.$level]);
- }
if (isset($DefaultPasswords[$level])) {
return array('site', $DefaultPasswords[$level]);
}
function auth_pmwiki_to_smarty($text, $pass)
{
$ifc = authPerms("", $pass, false, true);
- if (!$ifc) return "";
- return "{if $ifc}\n".$text."{/if}";
+ if (!$ifc)
+ return "";
+ return "{if $ifc}\n".$text."\n{else}(:div class='erreur':Droits insuffisants.:){/if}";
}
// for read pages: will come only once so we have to be careful
// and translate any auth from the wiki to smarty auth
-function AuthPlatal($pagename, $level, $authprompt, $since)
+function AuthPlatal($pagename, $level, $authprompt)
{
- global $Conditions;
- $authUser = false;
- $authPage = false;
+ global $Conditions, $page;
- $page_read = ReadPage($pagename, $since);
- $groupattr = FmtPageName('$Group/GroupAttributes', $pagename);
- $group_read = ReadPage($groupattr, $since);
+ $page_read = ReadPage($pagename);
$levels = array('read', 'attr', 'edit', 'upload');
- foreach ($levels as $l)
- {
- list($from, $pass) = TryAllAuths($pagename, $l, $page_read, $group_read);
- $passwds[$l] = $pass;
+ foreach ($levels as $l) {
+ list($from, $pass) = TryAllAuths($pagename, $l, $page_read);
+ $passwds[$l] = $pass;
$pwsources[$l] = $from;
}
$panel .= "[[{\$FullName}?action=upload |Upload]]\\\\\n";
$panel .= "{/if}{if ($canattr)}\n";
$panel .= "[[{\$FullName}?action=attr |Droits]]\\\\\n";
- $panel .= "[[{\$Group}/GroupAttributes?action=attr|Droits du groupe]]\\\\\n";
$panel .= "{/if}\n";
$panel .= ">><<\n";
$panel .= "{/if}\n";
-
- if ((identifed() && has_perms()) || authPerms($pagename, $passwds[$level]))
+
+ if ((S::identified() && S::has_perms()) || authPerms($pagename, $passwds[$level]))
{
- $page_read['=passwd'] = $passwds;
+ $page_read['=passwd'] = $passwds;
$page_read['=pwsource'] = $pwsources;
- // if try to read, add the permission limitation as a smarty if tag
- if ($level == 'read')
- {
- $page_read['text'] = auth_pmwiki_to_smarty($page_read['text'], $passwds['read']);
- $page_read['text'] = $panel.$page_read['text'];
- }
-// print_r($page_read); die();
+
+ // if try to read, add the permission limitation as a smarty if tag
+ if ($level == 'read') {
+ $page_read['text'] = auth_pmwiki_to_smarty($page_read['text'], $passwds['read']);
+ $page_read['text'] = $panel.$page_read['text'];
+ }
+
return $page_read;
}
// if we arrive here, the user doesn't have enough permission to access page
// maybe it is because he is not identified
- if ($authprompt && !identified())
- {
- new_skinned_page('wiki.tpl', AUTH_MDP);
+ if ($authprompt && !S::identified()) {
+ require_once dirname(__FILE__).'/../classes/Platal.php';
+ require_once dirname(__FILE__).'/../classes/PLModule.php';
+ $platal = new Platal();
+ $platal->force_login($page);
}
- global $page;
- new_skinned_page('', AUTH_MDP);
- if (has_perms()) {
+ if (S::has_perms()) {
$page->trig('Erreur : page Wiki inutilisable sur plat/al');
- } else {
- $page->trig("Tu n'as pas le droit d'accéder à ce service");
}
$page->run();
- // don't return false or pmwiki will send an exit breaking smarty page
- return 1;
}
?>
projects / platal.git / blobdiff