From: Florent Bruneau <florent.bruneau@polytechnique.org>
Date: Mon, 22 Dec 2008 21:27:11 +0000 (+0100)
Subject: Add S::suid() to get suid informations. Add S::admin() (deprecates S::has_perms()).
X-Git-Tag: core/1.0.1~47
X-Git-Url: http://git.polytechnique.org/?a=commitdiff_plain;h=f1c8bb75eaae934ac2dd1cbd7f8bbc10960413ee;p=platal.git

Add S::suid() to get suid informations. Add S::admin() (deprecates S::has_perms()).

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
---

diff --git a/classes/platal.php b/classes/platal.php
index 53a2def..27cdd09 100644
--- a/classes/platal.php
+++ b/classes/platal.php
@@ -267,7 +267,7 @@ abstract class Platal
             }
         }
         if ($hook['auth'] != AUTH_PUBLIC && !$this->check_perms($hook['perms'])) {
-            if (S::has_perms()) {
+            if (S::admin()) {
                 $page->trigWarning('Tu accÃ¨des Ã  cette page car tu es administrateur du site.');
             } else {
                 return PL_FORBIDDEN;
diff --git a/classes/plsession.php b/classes/plsession.php
index d4549c9..5f69aa3 100644
--- a/classes/plsession.php
+++ b/classes/plsession.php
@@ -187,7 +187,7 @@ abstract class PlSession
      */
     public function startSUID($user, $perms = null)
     {
-        if (S::has('suid')) {
+        if (S::suid()) {
             return false;
         }
         $backup   = $_SESSION;
@@ -209,7 +209,7 @@ abstract class PlSession
      */
     public function stopSUID()
     {
-        if (!S::has('suid')) {
+        if (!S::suid()) {
             return false;
         }
         $_SESSION = $_SESSION['suid'];
diff --git a/classes/plwikipage.php b/classes/plwikipage.php
index e60b21a..57392ea 100644
--- a/classes/plwikipage.php
+++ b/classes/plwikipage.php
@@ -404,10 +404,11 @@ class PlWikiPage
           case 'public':
             return true;
           case 'logged':
-          case 'mdp':
             return S::logged();
+          case 'mdp':
+            return S::identified();
           case 'admin':
-            return S::has_perms();
+            return S::admin();
           default:
             return false;
         }
diff --git a/classes/s.php b/classes/s.php
index ff29982..7df67c9 100644
--- a/classes/s.php
+++ b/classes/s.php
@@ -60,6 +60,20 @@ class S
         return is_numeric($i) ? intval($i) : $default;
     }
 
+    public static function t($key, $default = '')
+    {
+        return trim(S::s($key, $default));
+    }
+
+    public static function blank($key, $strict = false)
+    {
+        if (!S::has($key)) {
+            return true;
+        }
+        $var = $strict ? S::s($key) : S::t($key);
+        return empty($var);
+    }
+
     public static function l(array $keys)
     {
         return array_map(array('S', 'v'), $keys);
@@ -112,7 +126,8 @@ class S
 
     public static function has_perms()
     {
-        return Platal::session()->checkPerms(PERMS_ADMIN);
+        // XXX: Deprecated, use S::admin() instead
+        return self::admin();
     }
 
     public static function logged()
@@ -125,6 +140,25 @@ class S
         return S::i('auth', AUTH_PUBLIC) >= Platal::session()->sureLevel();
     }
 
+    public static function admin()
+    {
+        return Platal::session()->checkPerms(PERMS_ADMIN);
+    }
+
+    public static function suid($field = null, $default = null)
+    {
+        if (is_null($field)) {
+            return !S::blank('suid');
+        } else {
+            $suid = S::v('suid', array());
+            if (!empty($suid) && isset($suid[$field])) {
+                return $suid[$field];
+            } else {
+                return $default;
+            }
+        }
+    }
+
     // Anti-XSRF protections.
     public static function has_xsrf_token()
     {
@@ -138,8 +172,14 @@ class S
         }
     }
 
+    public static function hasAuthToken()
+    {
+        return !S::blank('token');
+    }
+
     public static function rssActivated()
     {
+        // XXX: Deprecated, to be replaced by S::hasToken()
         return S::has('core_rss_hash') && S::v('core_rss_hash');
     }
 }
diff --git a/include/wiki.engine.inc.php b/include/wiki.engine.inc.php
index c97acc5..26ea365 100644
--- a/include/wiki.engine.inc.php
+++ b/include/wiki.engine.inc.php
@@ -96,7 +96,7 @@ if ($feed) {
         file_put_contents($wiki_cache, $wikiAll);
     } elseif ($cache_exists) {
         $wikiAll = file_get_contents($wiki_cache);
-    } elseif (S::has_perms()) {
+    } elseif (S::admin()) {
         $wikiAll = "<p>La page de wiki $n n'existe pas. "
                  . "Il te suffit de <a href='" . str_replace('.', '/', $n) . "?action=edit'>l'Ã©diter</a></p>";
     } else {
@@ -112,7 +112,7 @@ $page->assign('perms', array($wp->readPerms(), $wp->writePerms()));
 $page->assign('perms_opts', PlWikiPage::permOptions());
 
 $page->assign('canedit',    $wp->canWrite());
-$page->assign('has_perms',  S::has_perms());
+$page->assign('has_perms',  S::admin());
 
 $page->assign('wikipage', str_replace('.', '/', $n));
 if (!$feed && $wp->writePerms() == 'admin' && !Env::v('action') && $wiki_exists) {
diff --git a/modules/core.php b/modules/core.php
index 44b4595..3d6421b 100644
--- a/modules/core.php
+++ b/modules/core.php
@@ -122,13 +122,9 @@ class CoreModule extends PLModule
 
     function handler_get_rights(&$page, $level)
     {
-        if (S::has('suid')) {
+        if (S::suid()) {
             $page->kill('DÃ©jÃ  en SUID');
         }
-
-        if (isset($_SESSION['log'])) {
-            S::logger()->log("suid_start", "login by " . S::user()->login());
-        }
         Platal::session()->startSUID(S::i('uid'), $level);
 
         pl_redirect('/');