Menu
▾
▴
phpwiki-checkins
|
From: <var...@us...> - 2009-03-05 12:19:13
|
Revision: 6638
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=6638&view=rev
Author: vargenau
Date: 2009-03-05 12:19:11 +0000 (Thu, 05 Mar 2009)
Log Message:
-----------
Add purge
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2009-03-05 11:04:20 UTC (rev 6637)
+++ trunk/lib/PagePerm.php 2009-03-05 12:19:11 UTC (rev 6638)
@@ -2,6 +2,7 @@
rcs_id('$Id$');
/*
Copyright 2004,2007 $ThePhpWikiProgrammingTeam
+ Copyright 2009 Marc-Etienne Vargenau, Alcatel-Lucent
This file is part of PhpWiki.
@@ -204,6 +205,7 @@
case 'loadfile':
// probably create/edit but we cannot check all page permissions, can we?
case 'remove':
+ case 'purge':
case 'lock':
case 'unlock':
case 'upgrade':
@@ -309,6 +311,7 @@
'dump' => _("Download page contents"),
'change' => _("Change page attributes"),
'remove' => _("Remove this page"),
+ 'purge' => _("Purge this page"),
);
}
if (in_array($access, array_keys($accessDescriptions)))
@@ -448,6 +451,8 @@
'list' => array(ACL_EVERY => true),
'remove' => array(ACL_ADMIN => true,
ACL_OWNER => true),
+ 'purge' => array(ACL_ADMIN => true,
+ ACL_OWNER => true),
'dump' => array(ACL_ADMIN => true,
ACL_OWNER => true),
'change' => array(ACL_ADMIN => true,
@@ -747,211 +752,6 @@
}
}
-// $Log: not supported by cvs2svn $
-// Revision 1.44 2007/09/12 19:34:31 rurban
-// revise INSECURE_ACTIONS_LOCALHOST_ONLY actions
-//
-// Revision 1.43 2007/09/01 13:24:23 rurban
-// add INSECURE_ACTIONS_LOCALHOST_ONLY. advanced security settings
-//
-// Revision 1.42 2007/08/25 18:03:34 rurban
-// change rename action from access perm change to edit: allow the signed in user to rename.
-//
-// Revision 1.41 2007/07/14 12:03:25 rurban
-// fix for mult. group membership: not a member and undecided: check other groups
-//
-// Revision 1.40 2005/10/29 14:16:58 rurban
-// unify message
-//
-// Revision 1.39 2005/05/06 16:57:54 rurban
-// support captcha
-//
-// Revision 1.38 2004/11/30 17:48:38 rurban
-// just comments
-//
-// Revision 1.37 2004/11/23 13:06:30 rurban
-// several fixes and suggestions by Charles Corrigan:
-// * fix GROUP_BOGO_USER check
-// * allow group pages to have the link to the user page in [ ] brackets
-// * fix up the implementation of GroupWikiPage::getMembersOf and allow the
-// user page to be linked in [ ] brackets
-// * added _OWNER and _CREATOR to special wikigroups
-// * check against those two for group membership also, not only the user.
-//
-// Revision 1.36 2004/11/21 11:59:16 rurban
-// remove final \n to be ob_cache independent
-//
-// Revision 1.35 2004/11/15 15:56:40 rurban
-// don't load PagePerm on ENABLE_PAGEPERM = false to save memory. Move mayAccessPage() to main.php
-//
-// Revision 1.34 2004/11/01 10:43:55 rurban
-// seperate PassUser methods into seperate dir (memory usage)
-// fix WikiUser (old) overlarge data session
-// remove wikidb arg from various page class methods, use global ->_dbi instead
-// ...
-//
-// Revision 1.33 2004/09/26 11:47:52 rurban
-// fix another reecursion loop when . exists: deny if ACL not defined; implement pageperm cache
-//
-// Revision 1.32 2004/09/25 18:56:09 rurban
-// avoid recursion bug on setacl for "."
-//
-// Revision 1.31 2004/09/25 18:34:45 rurban
-// fix and warn on too restrictive ACL handling without ACL in existing . (dotpage)
-//
-// Revision 1.30 2004/09/25 16:24:02 rurban
-// fix interesting PagePerm problem: -1 == true
-//
-// Revision 1.29 2004/07/03 08:04:19 rurban
-// fixed implicit PersonalPage login (e.g. on edit), fixed to check against create ACL on create, not edit
-//
-// Revision 1.28 2004/06/25 14:29:17 rurban
-// WikiGroup refactoring:
-// global group attached to user, code for not_current user.
-// improved helpers for special groups (avoid double invocations)
-// new experimental config option ENABLE_XHTML_XML (fails with IE, and document.write())
-// fixed a XHTML validation error on userprefs.tmpl
-//
-// Revision 1.27 2004/06/16 10:38:58 rurban
-// Disallow refernces in calls if the declaration is a reference
-// ("allow_call_time_pass_reference clean").
-// PhpWiki is now allow_call_time_pass_reference = Off clean,
-// but several external libraries may not.
-// In detail these libs look to be affected (not tested):
-// * Pear_DB odbc
-// * adodb oracle
-//
-// Revision 1.26 2004/06/14 11:31:36 rurban
-// renamed global $Theme to $WikiTheme (gforge nameclash)
-// inherit PageList default options from PageList
-// default sortby=pagename
-// use options in PageList_Selectable (limit, sortby, ...)
-// added action revert, with button at action=diff
-// added option regex to WikiAdminSearchReplace
-//
-// Revision 1.25 2004/06/08 13:51:57 rurban
-// some comments only
-//
-// Revision 1.24 2004/06/08 10:54:46 rurban
-// better acl dump representation, read back acl and owner
-//
-// Revision 1.23 2004/06/08 10:05:11 rurban
-// simplified admin action shortcuts
-//
-// Revision 1.22 2004/06/07 22:44:14 rurban
-// added simplified chown, setacl actions
-//
-// Revision 1.21 2004/06/07 22:28:03 rurban
-// add acl field to mimified dump
-//
-// Revision 1.20 2004/06/07 18:39:03 rurban
-// support for SetAclSimple
-//
-// Revision 1.19 2004/06/06 17:12:28 rurban
-// fixed PagePerm non-object problem (mayAccessPage), also bug #967150
-//
-// Revision 1.18 2004/05/27 17:49:05 rurban
-// renamed DB_Session to DbSession (in CVS also)
-// added WikiDB->getParam and WikiDB->getAuthParam method to get rid of globals
-// remove leading slash in error message
-// added force_unlock parameter to File_Passwd (no return on stale locks)
-// fixed adodb session AffectedRows
-// added FileFinder helpers to unify local filenames and DATA_PATH names
-// editpage.php: new edit toolbar javascript on ENABLE_EDIT_TOOLBAR
-//
-// Revision 1.17 2004/05/16 23:10:44 rurban
-// update_locale wrongly resetted LANG, which broke japanese.
-// japanese now correctly uses EUC_JP, not utf-8.
-// more charset and lang headers to help the browser.
-//
-// Revision 1.16 2004/05/16 22:32:53 rurban
-// setacl icons
-//
-// Revision 1.15 2004/05/16 22:07:35 rurban
-// check more config-default and predefined constants
-// various PagePerm fixes:
-// fix default PagePerms, esp. edit and view for Bogo and Password users
-// implemented Creator and Owner
-// BOGOUSERS renamed to BOGOUSER
-// fixed syntax errors in signin.tmpl
-//
-// Revision 1.14 2004/05/15 22:54:49 rurban
-// fixed important WikiDB bug with DEBUG > 0: wrong assertion
-// improved SetAcl (works) and PagePerms, some WikiGroup helpers.
-//
-// Revision 1.13 2004/05/15 19:48:33 rurban
-// fix some too loose PagePerms for signed, but not authenticated users
-// (admin, owner, creator)
-// no double login page header, better login msg.
-// moved action_pdf to lib/pdf.php
-//
-// Revision 1.12 2004/05/04 22:34:25 rurban
-// more pdf support
-//
-// Revision 1.11 2004/05/02 21:26:38 rurban
-// limit user session data (HomePageHandle and auth_dbi have to invalidated anyway)
-// because they will not survive db sessions, if too large.
-// extended action=upgrade
-// some WikiTranslation button work
-// revert WIKIAUTH_UNOBTAINABLE (need it for main.php)
-// some temp. session debug statements
-//
-// Revision 1.10 2004/04/29 22:32:56 zorloc
-// Slightly more elegant fix. Instead of WIKIAUTH_FORBIDDEN, the current user's level + 1 is returned on a false.
-//
-// Revision 1.9 2004/04/29 17:18:19 zorloc
-// Fixes permission failure issues. With PagePermissions and Disabled Actions when user did not have permission WIKIAUTH_FORBIDDEN was returned. In WikiUser this was ok because WIKIAUTH_FORBIDDEN had a value of 11 -- thus no user could perform that action. But WikiUserNew has a WIKIAUTH_FORBIDDEN value of -1 -- thus a user without sufficent permission to do anything. The solution is a new high value permission level (WIKIAUTH_UNOBTAINABLE) to be the default level for access failure.
-//
-// Revision 1.8 2004/03/14 16:24:35 rurban
-// authenti(fi)cation spelling
-//
-// Revision 1.7 2004/02/28 22:25:07 rurban
-// First PagePerm implementation:
-//
-// $WikiTheme->setAnonEditUnknownLinks(false);
-//
-// Layout improvement with dangling links for mostly closed wiki's:
-// If false, only users with edit permissions will be presented the
-// special wikiunknown class with "?" and Tooltip.
-// If true (default), any user will see the ?, but will be presented
-// the PrintLoginForm on a click.
-//
-// Revision 1.6 2004/02/24 15:20:05 rurban
-// fixed minor warnings: unchecked args, POST => Get urls for sortby e.g.
-//
-// Revision 1.5 2004/02/23 21:30:25 rurban
-// more PagePerm stuff: (working against 1.4.0)
-// ACL editing and simplification of ACL's to simple rwx------ string
-// not yet working.
-//
-// Revision 1.4 2004/02/12 13:05:36 rurban
-// Rename functional for PearDB backend
-// some other minor changes
-// SiteMap comes with a not yet functional feature request: includepages (tbd)
-//
-// Revision 1.3 2004/02/09 03:58:12 rurban
-// for now default DB_SESSION to false
-// PagePerm:
-// * not existing perms will now query the parent, and not
-// return the default perm
-// * added pagePermissions func which returns the object per page
-// * added getAccessDescription
-// WikiUserNew:
-// * added global ->prepare (not yet used) with smart user/pref/member table prefixing.
-// * force init of authdbh in the 2 db classes
-// main:
-// * fixed session handling (not triple auth request anymore)
-// * don't store cookie prefs with sessions
-// stdlib: global obj2hash helper from _AuthInfo, also needed for PagePerm
-//
-// Revision 1.2 2004/02/08 13:17:48 rurban
-// This should be the functionality. Needs testing and some minor todos.
-//
-// Revision 1.1 2004/02/08 12:29:30 rurban
-// initial version, not yet hooked into lib/main.php
-//
-//
-
// Local Variables:
// mode: php
// tab-width: 8
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2009-03-22 11:31:56
|
Revision: 6683
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=6683&view=rev
Author: vargenau
Date: 2009-03-22 11:31:45 +0000 (Sun, 22 Mar 2009)
Log Message:
-----------
Valid HTML code
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2009-03-22 08:53:08 UTC (rev 6682)
+++ trunk/lib/PagePerm.php 2009-03-22 11:31:45 UTC (rev 6683)
@@ -558,7 +558,7 @@
function asTable($type) {
$table = HTML::table();
foreach ($this->perm as $access => $perms) {
- $td = HTML::table(array('class' => 'cal','valign' => 'top'));
+ $td = HTML::table(array('class' => 'cal'));
foreach ($perms as $group => $bool) {
$td->pushContent(HTML::tr(HTML::td(array('align'=>'right'),$group),
HTML::td($bool ? '[X]' : '[ ]')));
@@ -601,7 +601,7 @@
$addsrc = $WikiTheme->_findData('images/add.png');
$nbsp = HTML::raw(' ');
foreach ($this->perm as $access => $groups) {
- //$permlist = HTML::table(array('class' => 'cal','valign' => 'top'));
+ //$permlist = HTML::table(array('class' => 'cal'));
$first_only = true;
$newperm = HTML::input(array('type' => 'checkbox',
'name' => "acl[_new_perm][$access]",
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2009-03-31 15:35:29
|
Revision: 6753
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=6753&view=rev
Author: vargenau
Date: 2009-03-31 15:35:27 +0000 (Tue, 31 Mar 2009)
Log Message:
-----------
Do not use array_diff_assoc_recursive
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2009-03-31 15:29:20 UTC (rev 6752)
+++ trunk/lib/PagePerm.php 2009-03-31 15:35:27 UTC (rev 6753)
@@ -505,8 +505,12 @@
* do a recursive comparison
*/
function equal($otherperm) {
- $diff = array_diff_assoc_recursive($this->perm, $otherperm);
- return empty($diff);
+ // The equal function seems to be unable to detect removed perm.
+ // Use case is when a rule is removed.
+ return (print_r($this->perm, true) === print_r($otherperm, true));
+
+// $diff = array_diff_assoc_recursive($this->perm, $otherperm);
+// return empty($diff);
}
/**
@@ -725,7 +729,11 @@
$none = false;
$s .= "$group:";
}
- $s .= " $action";
+ if ($perm[$action][$group]) {
+ $s .= " $action";
+ } else {
+ $s .= " -$action";
+ }
}
}
if (!($none)) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2009-04-01 13:22:50
|
Revision: 6758
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=6758&view=rev
Author: vargenau
Date: 2009-04-01 12:43:12 +0000 (Wed, 01 Apr 2009)
Log Message:
-----------
Fix uninitialized variable problem in function isAuthorized
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2009-04-01 12:13:15 UTC (rev 6757)
+++ trunk/lib/PagePerm.php 2009-04-01 12:43:12 UTC (rev 6758)
@@ -376,8 +376,8 @@
* (userid, group membership).
*/
function isAuthorized($access, $user) {
- if (!empty($this->perm{$access})) {
- $allow = -1;
+ $allow = -1;
+ if (!empty($this->perm{$access})) {
foreach ($this->perm[$access] as $group => $bool) {
if ($this->isMember($user, $group)) {
return $bool;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ru...@us...> - 2009-06-04 11:48:52
|
Revision: 6880
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=6880&view=rev
Author: rurban
Date: 2009-06-04 11:47:52 +0000 (Thu, 04 Jun 2009)
Log Message:
-----------
compress +/-perm logic to one line
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2009-06-04 11:46:17 UTC (rev 6879)
+++ trunk/lib/PagePerm.php 2009-06-04 11:47:52 UTC (rev 6880)
@@ -735,11 +735,7 @@
$none = false;
$s .= "$group:";
}
- if ($perm[$action][$group]) {
- $s .= " $action";
- } else {
- $s .= " -$action";
- }
+ $s .= (($perm[$action][$group] ? " " : " -") . $action);
}
}
if (!($none)) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2010-06-17 15:48:26
|
Revision: 7550
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=7550&view=rev
Author: vargenau
Date: 2010-06-17 15:48:19 +0000 (Thu, 17 Jun 2010)
Log Message:
-----------
array_diff_assoc_recursive is not used
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2010-06-17 15:43:18 UTC (rev 7549)
+++ trunk/lib/PagePerm.php 2010-06-17 15:48:19 UTC (rev 7550)
@@ -334,25 +334,6 @@
return $access;
}
-// from php.net docs
-function array_diff_assoc_recursive($array1, $array2) {
- foreach ($array1 as $key => $value) {
- if (is_array($value)) {
- if (!is_array($array2[$key])) {
- $difference[$key] = $value;
- } else {
- $new_diff = array_diff_assoc_recursive($value, $array2[$key]);
- if ($new_diff != false) {
- $difference[$key] = $new_diff;
- }
- }
- } elseif(!isset($array2[$key]) || $array2[$key] != $value) {
- $difference[$key] = $value;
- }
- }
- return !isset($difference) ? 0 : $difference;
-}
-
/**
* The ACL object per page. It is stored in a page, but can also
* be merged with ACL's from other pages or taken from the master (pseudo) dot-file.
@@ -522,9 +503,6 @@
// The equal function seems to be unable to detect removed perm.
// Use case is when a rule is removed.
return (print_r($this->perm, true) === print_r($otherperm, true));
-
-// $diff = array_diff_assoc_recursive($this->perm, $otherperm);
-// return empty($diff);
}
/**
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2010-08-09 15:30:26
|
Revision: 7634
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=7634&view=rev
Author: vargenau
Date: 2010-08-09 15:30:20 +0000 (Mon, 09 Aug 2010)
Log Message:
-----------
PhpWikiAdministration/Replace --> PhpWikiAdministration/SearchReplace
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2010-08-09 14:00:30 UTC (rev 7633)
+++ trunk/lib/PagePerm.php 2010-08-09 15:30:20 UTC (rev 7634)
@@ -2,7 +2,7 @@
// rcs_id('$Id$');
/*
* Copyright 2004,2007 $ThePhpWikiProgrammingTeam
- * Copyright 2009 Marc-Etienne Vargenau, Alcatel-Lucent
+ * Copyright 2009-2010 Marc-Etienne Vargenau, Alcatel-Lucent
*
* This file is part of PhpWiki.
*
@@ -22,45 +22,45 @@
*/
/**
- Permissions per page and action based on current user,
- ownership and group membership implemented with ACL's (Access Control Lists),
- opposed to the simplier unix-like ugo:rwx system.
- The previous system was only based on action and current user. (lib/main.php)
+ * Permissions per page and action based on current user,
+ * ownership and group membership implemented with ACL's (Access Control Lists),
+ * opposed to the simplier unix-like ugo:rwx system.
+ * The previous system was only based on action and current user. (lib/main.php)
+ *
+ * Permissions may be inherited from its parent pages, a optional the
+ * optional master page ("."), and predefined default permissions, if "."
+ * is not defined.
+ * Pagenames starting with "." have special default permissions.
+ * For Authentication see WikiUserNew.php, WikiGroup.php and main.php
+ * Page Permissions are in PhpWiki since v1.3.9 and enabled since v1.4.0
+ *
+ * This file might replace the following functions from main.php:
+ * Request::_notAuthorized($require_level)
+ * display the denied message and optionally a login form
+ * to gain higher privileges
+ * Request::getActionDescription($action)
+ * helper to localize the _notAuthorized message per action,
+ * when login is tried.
+ * Request::getDisallowedActionDescription($action)
+ * helper to localize the _notAuthorized message per action,
+ * when it aborts
+ * Request::requiredAuthority($action)
+ * returns the needed user level
+ * has a hook for plugins on POST
+ * Request::requiredAuthorityForAction($action)
+ * just returns the level per action, will be replaced with the
+ * action + page pair
+ *
+ * The defined main.php actions map to simplier access types:
+ * browse => view
+ * edit => edit
+ * create => edit or create
+ * remove => remove
+ * rename => change
+ * store prefs => change
+ * list in PageList => list
+ */
- Permissions may be inherited from its parent pages, a optional the
- optional master page ("."), and predefined default permissions, if "."
- is not defined.
- Pagenames starting with "." have special default permissions.
- For Authentication see WikiUserNew.php, WikiGroup.php and main.php
- Page Permissions are in PhpWiki since v1.3.9 and enabled since v1.4.0
-
- This file might replace the following functions from main.php:
- Request::_notAuthorized($require_level)
- display the denied message and optionally a login form
- to gain higher privileges
- Request::getActionDescription($action)
- helper to localize the _notAuthorized message per action,
- when login is tried.
- Request::getDisallowedActionDescription($action)
- helper to localize the _notAuthorized message per action,
- when it aborts
- Request::requiredAuthority($action)
- returns the needed user level
- has a hook for plugins on POST
- Request::requiredAuthorityForAction($action)
- just returns the level per action, will be replaced with the
- action + page pair
-
- The defined main.php actions map to simplier access types:
- browse => view
- edit => edit
- create => edit or create
- remove => remove
- rename => change
- store prefs => change
- list in PageList => list
-*/
-
/* Symbolic special ACL groups. Untranslated to be stored in page metadata*/
define('ACL_EVERY', '_EVERY');
define('ACL_ANONYMOUS', '_ANONYMOUS');
@@ -89,7 +89,7 @@
} elseif ($perm = getPagePermissions($page)) {
return array('page', $perm);
// or no permissions defined; returned inherited permissions, to be displayed in gray
- } elseif ($pagename == '.') { // stop recursion in pathological case.
+ } elseif ($pagename == '.') { // stop recursion in pathological case.
// "." defined, without any acl
return array('default', new PagePermission());
} else {
@@ -141,10 +141,10 @@
return $perm->asTable($type);
}
-/**
+/**
* Check the permissions for the current action.
- * Walk down the inheritance tree. Collect all permissions until
- * the minimum required level is gained, which is not
+ * Walk down the inheritance tree. Collect all permissions until
+ * the minimum required level is gained, which is not
* overruled by more specific forbid rules.
* Todo: cache result per access and page in session?
*/
@@ -188,7 +188,7 @@
// invent a new access-perm massedit? or switch back to change, or keep it at edit?
case _("PhpWikiAdministration")."/"._("Rename"):
- case _("PhpWikiAdministration")."/"._("Replace"):
+ case _("PhpWikiAdministration")."/"._("SearchReplace"):
case 'replace':
case 'rename':
case 'revert':
@@ -199,10 +199,10 @@
if (!$page->exists())
return 'create';
else
- return 'view';
+ return 'view';
break;
case 'upload':
- case 'loadfile':
+ case 'loadfile':
// probably create/edit but we cannot check all page permissions, can we?
case 'remove':
case 'purge':
@@ -227,11 +227,11 @@
// Maybe page-(current+edit+change?)action pairs will help
function _requiredAuthorityForPagename($access, $pagename) {
static $permcache = array();
-
+
if (array_key_exists($pagename, $permcache)
and array_key_exists($access, $permcache[$pagename]))
return $permcache[$pagename][$access];
-
+
global $request;
$page = $request->getPage($pagename);
@@ -256,7 +256,7 @@
return $result;
}
// no ACL defined; check for special dotfile or walk down
- if (! ($perm = getPagePermissions($page))) {
+ if (! ($perm = getPagePermissions($page))) {
if ($pagename == '.') {
$perm = new PagePermission();
if ($perm->isAuthorized('change', $request->_user)) {
@@ -282,7 +282,7 @@
return $authorized;
} elseif ($pagename == '.') {
return false;
- } else {
+ } else {
return _requiredAuthorityForPagename($access, getParentPage($pagename));
}
}
@@ -300,12 +300,12 @@
}
// Read the ACL from the page
-// Done: Not existing pages should NOT be queried.
+// Done: Not existing pages should NOT be queried.
// Check the parent page instead and don't take the default ACL's
function getPagePermissions ($page) {
if ($hash = $page->get('perm')) // hash => object
return new PagePermission(unserialize($hash));
- else
+ else
return false;
}
@@ -335,7 +335,7 @@
}
/**
- * The ACL object per page. It is stored in a page, but can also
+ * The ACL object per page. It is stored in a page, but can also
* be merged with ACL's from other pages or taken from the master (pseudo) dot-file.
*
* A hash of "access" => "requires" pairs.
@@ -343,7 +343,7 @@
* "requires" required username or groupname or any special group => true or false
*
* Define any special rules here, like don't list dot-pages.
- */
+ */
class PagePermission {
var $perm;
@@ -367,7 +367,7 @@
/**
* The workhorse to check the user against the current ACL pairs.
- * Must translate the various special groups to the actual users settings
+ * Must translate the various special groups to the actual users settings
* (userid, group membership).
*/
function isAuthorized($access, $user) {
@@ -385,7 +385,7 @@
}
/**
- * Translate the various special groups to the actual users settings
+ * Translate the various special groups to the actual users settings
* (userid, group membership).
*/
function isMember($user, $group) {
@@ -395,14 +395,14 @@
else $member =& $this->_group;
//$user = & $request->_user;
if ($group === ACL_ADMIN) // WIKI_ADMIN or member of _("Administrators")
- return $user->isAdmin() or
- ($user->isAuthenticated() and
+ return $user->isAdmin() or
+ ($user->isAuthenticated() and
$member->isMember(GROUP_ADMIN));
- if ($group === ACL_ANONYMOUS)
+ if ($group === ACL_ANONYMOUS)
return ! $user->isSignedIn();
if ($group === ACL_BOGOUSER)
if (ENABLE_USER_NEW)
- return isa($user,'_BogoUser') or
+ return isa($user,'_BogoUser') or
(isWikiWord($user->_userid) and $user->_level >= WIKIAUTH_BOGO);
else return isWikiWord($user->UserName());
if ($group === ACL_HASHOMEPAGE)
@@ -415,19 +415,19 @@
if (!$user->isAuthenticated()) return false;
$page = $request->getPage();
$owner = $page->getOwner();
- return ($owner === $user->UserName()
+ return ($owner === $user->UserName()
or $member->isMember($owner));
}
if ($group === ACL_CREATOR) {
if (!$user->isAuthenticated()) return false;
$page = $request->getPage();
$creator = $page->getCreator();
- return ($creator === $user->UserName()
+ return ($creator === $user->UserName()
or $member->isMember($creator));
}
/* Or named groups or usernames.
- Note: We don't seperate groups and users here.
- Users overrides groups with the same name.
+ Note: We don't seperate groups and users here.
+ Users overrides groups with the same name.
*/
return $user->UserName() === $group or
$member->isMember($group);
@@ -467,17 +467,17 @@
$perm['edit'] = array(ACL_SIGNED => true);
// view:
if (!ALLOW_ANON_USER) {
- if (!ALLOW_USER_PASSWORDS)
+ if (!ALLOW_USER_PASSWORDS)
$perm['view'] = array(ACL_SIGNED => true);
- else
+ else
$perm['view'] = array(ACL_AUTHENTICATED => true);
$perm['view'][ACL_BOGOUSER] = ALLOW_BOGO_LOGIN ? true : false;
}
// edit:
if (!ALLOW_ANON_EDIT) {
- if (!ALLOW_USER_PASSWORDS)
+ if (!ALLOW_USER_PASSWORDS)
$perm['edit'] = array(ACL_SIGNED => true);
- else
+ else
$perm['edit'] = array(ACL_AUTHENTICATED => true);
$perm['edit'][ACL_BOGOUSER] = ALLOW_BOGO_LOGIN ? true : false;
$perm['create'] = $perm['edit'];
@@ -504,7 +504,7 @@
// Use case is when a rule is removed.
return (print_r($this->perm, true) === print_r($otherperm, true));
}
-
+
/**
* returns list of all supported access types.
*/
@@ -533,7 +533,7 @@
$hash = $page->get('perm');
if ($hash) // hash => object
$perm = new PagePermission(unserialize($hash));
- else
+ else
$perm = new PagePermission();
$perm->sanify();
return $perm;
@@ -549,7 +549,7 @@
if ($group[0] == '_') return constant("GROUP".$group);
else return $group;
}
-
+
/* type: page, default, inherited */
function asTable($type) {
$table = HTML::table();
@@ -570,11 +570,11 @@
$table->setAttr('style','border: solid thin black; font-weight: bold;');
return $table;
}
-
+
/* type: page, default, inherited */
function asEditableTable($type) {
global $WikiTheme;
- if (!isset($this->_group)) {
+ if (!isset($this->_group)) {
$this->_group =& $GLOBALS['request']->getGroup();
}
$table = HTML::table();
@@ -586,7 +586,7 @@
HTML::th(_("Grant")),
HTML::th(_("Del/+")),
HTML::th(_("Description"))));
-
+
$allGroups = $this->_group->_specialGroups();
foreach ($this->_group->getAllGroupsIn() as $group) {
if (!in_array($group,$this->_group->specialGroups()))
@@ -740,33 +740,33 @@
$perm =& $this->perm;
// get effective user and group
$s = '---------+';
- if (isset($perm['view'][$owner]) or
+ if (isset($perm['view'][$owner]) or
(isset($perm['view'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[0] = 'r';
- if (isset($perm['edit'][$owner]) or
+ if (isset($perm['edit'][$owner]) or
(isset($perm['edit'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[1] = 'w';
- if (isset($perm['change'][$owner]) or
+ if (isset($perm['change'][$owner]) or
(isset($perm['change'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[2] = 'x';
if (!empty($group)) {
- if (isset($perm['view'][$group]) or
+ if (isset($perm['view'][$group]) or
(isset($perm['view'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[3] = 'r';
- if (isset($perm['edit'][$group]) or
+ if (isset($perm['edit'][$group]) or
(isset($perm['edit'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[4] = 'w';
- if (isset($perm['change'][$group]) or
+ if (isset($perm['change'][$group]) or
(isset($perm['change'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[5] = 'x';
}
- if (isset($perm['view'][ACL_EVERY]) or
+ if (isset($perm['view'][ACL_EVERY]) or
(isset($perm['view'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[6] = 'r';
- if (isset($perm['edit'][ACL_EVERY]) or
+ if (isset($perm['edit'][ACL_EVERY]) or
(isset($perm['edit'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[7] = 'w';
- if (isset($perm['change'][ACL_EVERY]) or
+ if (isset($perm['change'][ACL_EVERY]) or
(isset($perm['change'][ACL_AUTHENTICATED]) and $request->_user->isAuthenticated()))
$s[8] = 'x';
return $s;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2012-01-10 17:10:56
|
Revision: 8226
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=8226&view=rev
Author: vargenau
Date: 2012-01-10 17:10:50 +0000 (Tue, 10 Jan 2012)
Log Message:
-----------
Whitespace only
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2012-01-05 13:38:54 UTC (rev 8225)
+++ trunk/lib/PagePerm.php 2012-01-10 17:10:50 UTC (rev 8226)
@@ -456,13 +456,13 @@
$perm['dump'] = array(ACL_ADMIN => true,
ACL_OWNER => true);
elseif (INSECURE_ACTIONS_LOCALHOST_ONLY) {
- if (is_localhost())
- $perm['dump'] = array(ACL_EVERY => true);
+ if (is_localhost())
+ $perm['dump'] = array(ACL_EVERY => true);
+ else
+ $perm['dump'] = array(ACL_ADMIN => true);
+ }
else
- $perm['dump'] = array(ACL_ADMIN => true);
- }
- else
- $perm['dump'] = array(ACL_EVERY => true);
+ $perm['dump'] = array(ACL_EVERY => true);
if (defined('REQUIRE_SIGNIN_BEFORE_EDIT') && REQUIRE_SIGNIN_BEFORE_EDIT)
$perm['edit'] = array(ACL_SIGNED => true);
// view:
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2012-01-11 14:16:44
|
Revision: 8230
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=8230&view=rev
Author: vargenau
Date: 2012-01-11 14:16:33 +0000 (Wed, 11 Jan 2012)
Log Message:
-----------
zip and dumpserial are dump, not view
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2012-01-11 13:05:44 UTC (rev 8229)
+++ trunk/lib/PagePerm.php 2012-01-11 14:16:33 UTC (rev 8230)
@@ -170,20 +170,15 @@
case 'search':
case 'pdf':
case 'captcha':
- case 'zip':
return 'view';
- case 'dumpserial':
- if (INSECURE_ACTIONS_LOCALHOST_ONLY and is_localhost())
- return 'dump';
- else
- return 'view';
-
// performance and security relevant
case 'xmlrpc':
case 'soap':
+ case 'zip':
case 'ziphtml':
case 'dumphtml':
+ case 'dumpserial':
return 'dump';
// invent a new access-perm massedit? or switch back to change, or keep it at edit?
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2014-10-01 10:09:02
|
Revision: 9143
http://sourceforge.net/p/phpwiki/code/9143
Author: vargenau
Date: 2014-10-01 10:08:54 +0000 (Wed, 01 Oct 2014)
Log Message:
-----------
Admin can see all pages, regardless of access rights
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2014-10-01 08:53:38 UTC (rev 9142)
+++ trunk/lib/PagePerm.php 2014-10-01 10:08:54 UTC (rev 9143)
@@ -381,6 +381,10 @@
*/
function isAuthorized($access, $user)
{
+ // Admin can see all pages, regardless of access rights
+ if ($user->isAdmin()) {
+ return true;
+ }
$allow = -1;
if (!empty($this->perm{$access})) {
foreach ($this->perm[$access] as $group => $bool) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2014-10-14 08:44:27
|
Revision: 9255
http://sourceforge.net/p/phpwiki/code/9255
Author: vargenau
Date: 2014-10-14 08:44:25 +0000 (Tue, 14 Oct 2014)
Log Message:
-----------
Indent
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2014-10-14 08:42:22 UTC (rev 9254)
+++ trunk/lib/PagePerm.php 2014-10-14 08:44:25 UTC (rev 9255)
@@ -117,7 +117,8 @@
if ($type == 'page')
return HTML::samp(HTML::strong($perm->asRwxString($owner, $group)));
elseif ($type == 'default')
- return HTML::samp($perm->asRwxString($owner, $group)); elseif ($type == 'inherited') {
+ return HTML::samp($perm->asRwxString($owner, $group));
+ elseif ($type == 'inherited') {
return HTML::samp(array('class' => 'inherited', 'style' => 'color:#aaa;'),
$perm->asRwxString($owner, $group));
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2014-11-17 15:34:25
|
Revision: 9322
http://sourceforge.net/p/phpwiki/code/9322
Author: vargenau
Date: 2014-11-17 15:34:21 +0000 (Mon, 17 Nov 2014)
Log Message:
-----------
function dotPerms is static
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2014-11-17 15:30:45 UTC (rev 9321)
+++ trunk/lib/PagePerm.php 2014-11-17 15:34:21 UTC (rev 9322)
@@ -122,6 +122,7 @@
return HTML::samp(array('class' => 'inherited', 'style' => 'color:#aaa;'),
$perm->asRwxString($owner, $group));
}
+ return '';
}
function pagePermissionsAcl($type, $perm_tree)
@@ -533,7 +534,7 @@
* special permissions for dot-files, beginning with '.'
* maybe also for '_' files?
*/
- function dotPerms()
+ static function dotPerms()
{
$def = array(ACL_ADMIN => true,
ACL_OWNER => true);
@@ -711,7 +712,6 @@
function asAclLines()
{
$s = '';
- $line = '';
$this->sanify();
foreach ($this->perm as $access => $groups) {
// unify groups for same access+bool
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2016-01-07 09:54:57
|
Revision: 9760
http://sourceforge.net/p/phpwiki/code/9760
Author: vargenau
Date: 2016-01-07 09:54:54 +0000 (Thu, 07 Jan 2016)
Log Message:
-----------
Use __construct
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2016-01-07 09:46:33 UTC (rev 9759)
+++ trunk/lib/PagePerm.php 2016-01-07 09:54:54 UTC (rev 9760)
@@ -357,7 +357,7 @@
{
public $perm;
- function PagePermission($hash = array())
+ function __construct($hash = array())
{
/**
* @var WikiRequest $request
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2016-01-07 17:53:42
|
Revision: 9761
http://sourceforge.net/p/phpwiki/code/9761
Author: vargenau
Date: 2016-01-07 17:53:40 +0000 (Thu, 07 Jan 2016)
Log Message:
-----------
Use CSS
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2016-01-07 09:54:54 UTC (rev 9760)
+++ trunk/lib/PagePerm.php 2016-01-07 17:53:40 UTC (rev 9761)
@@ -584,7 +584,7 @@
foreach ($this->perm as $access => $perms) {
$td = HTML::table(array('class' => 'cal'));
foreach ($perms as $group => $bool) {
- $td->pushContent(HTML::tr(HTML::td(array('align' => 'right'), $group),
+ $td->pushContent(HTML::tr(HTML::td(array('class' => 'align-right'), $group),
HTML::td($bool ? '[X]' : '[ ]')));
}
$table->pushContent(HTML::tr(array('class' => 'top'),
@@ -612,9 +612,9 @@
}
$table = HTML::table();
$table->pushContent(HTML::tr(
- HTML::th(array('align' => 'left'),
+ HTML::th(array('class' => 'align-left'),
_("Access")),
- HTML::th(array('align' => 'right'),
+ HTML::th(array('class' => 'align-right'),
_("Group/User")),
HTML::th(_("Grant")),
HTML::th(_("Del/+")),
@@ -681,30 +681,30 @@
$table->pushContent(
HTML::tr(
HTML::td(HTML::strong($access . ":")),
- HTML::td(array('class' => 'cal-today', 'align' => 'right'),
+ HTML::td(array('class' => 'cal-today align-right'),
HTML::strong($this->groupName($group))),
- HTML::td(array('align' => 'center'), $nbsp, $checkbox),
- HTML::td(array('align' => 'right', 'style' => 'background: #aaa url(' . $deletesrc . ') no-repeat'), $deletebutton),
+ HTML::td(array('class' => 'align-center'), $nbsp, $checkbox),
+ HTML::td(array('class' => 'align-right', 'style' => 'background: #aaa url(' . $deletesrc . ') no-repeat'), $deletebutton),
HTML::td(HTML::em(getAccessDescription($access)))));
$first_only = false;
} else {
$table->pushContent(
HTML::tr(
HTML::td(),
- HTML::td(array('class' => 'cal-today', 'align' => 'right'),
+ HTML::td(array('class' => 'cal-today align-right'),
HTML::strong($this->groupName($group))),
- HTML::td(array('align' => 'center'), $nbsp, $checkbox),
- HTML::td(array('align' => 'right', 'style' => 'background: #aaa url(' . $deletesrc . ') no-repeat'), $deletebutton),
+ HTML::td(array('class' => 'align-center'), $nbsp, $checkbox),
+ HTML::td(array('class' => 'align-right', 'style' => 'background: #aaa url(' . $deletesrc . ') no-repeat'), $deletebutton),
HTML::td()));
}
}
if (!empty($groups))
$table->pushContent(
HTML::tr(array('class' => 'top'),
- HTML::td(array('align' => 'right'), _("add ")),
+ HTML::td(array('class' => 'align-right'), _("add ")),
HTML::td($newgroup),
- HTML::td(array('align' => 'center'), $nbsp, $newperm),
- HTML::td(array('align' => 'right', 'style' => 'background: #ccc url(' . $addsrc . ') no-repeat'), $addbutton),
+ HTML::td(array('class' => 'align-center'), $nbsp, $newperm),
+ HTML::td(array('class' => 'align-right', 'style' => 'background: #ccc url(' . $addsrc . ') no-repeat'), $addbutton),
HTML::td(HTML::small(_("Check to add this ACL")))));
}
if ($type == 'default')
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2021-07-28 13:33:12
|
Revision: 10376
http://sourceforge.net/p/phpwiki/code/10376
Author: vargenau
Date: 2021-07-28 13:33:10 +0000 (Wed, 28 Jul 2021)
Log Message:
-----------
php7:notice PHP Deprecated: Array and string offset access syntax with curly braces is deprecated
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2021-07-28 13:30:02 UTC (rev 10375)
+++ trunk/lib/PagePerm.php 2021-07-28 13:33:10 UTC (rev 10376)
@@ -395,7 +395,7 @@
return true;
}
$allow = -1;
- if (!empty($this->perm{$access})) {
+ if (!empty($this->perm[$access])) {
foreach ($this->perm[$access] as $group => $bool) {
if ($this->isMember($user, $group)) {
return $bool;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2024-01-12 18:46:14
|
Revision: 11072
http://sourceforge.net/p/phpwiki/code/11072
Author: vargenau
Date: 2024-01-12 18:46:11 +0000 (Fri, 12 Jan 2024)
Log Message:
-----------
lib/PagePerm.php patches by Christof Meerwald
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2024-01-12 18:43:33 UTC (rev 11071)
+++ trunk/lib/PagePerm.php 2024-01-12 18:46:11 UTC (rev 11072)
@@ -392,7 +392,7 @@
}
} else {
// set default permissions, the so called dot-file acl's
- $this->perm = $this->defaultPerms();
+ $this->perm = PagePermission::defaultPerms();
}
return $this;
}
@@ -488,7 +488,7 @@
* returns hash of default permissions.
* check if the page '.' exists and returns this instead.
*/
- public function defaultPerms()
+ public static function defaultPerms()
{
//Todo: check for the existance of '.' and take this instead.
//Todo: honor more config.ini auth settings here
@@ -566,7 +566,7 @@
/**
* returns list of all supported access types.
*/
- public function accessTypes()
+ public static function accessTypes()
{
return array_keys(PagePermission::defaultPerms());
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2021-09-20 09:25:25
|
Revision: 10580
http://sourceforge.net/p/phpwiki/code/10580
Author: vargenau
Date: 2021-09-20 09:25:22 +0000 (Mon, 20 Sep 2021)
Log Message:
-----------
No break after a return
Modified Paths:
--------------
trunk/lib/PagePerm.php
Modified: trunk/lib/PagePerm.php
===================================================================
--- trunk/lib/PagePerm.php 2021-09-20 09:24:11 UTC (rev 10579)
+++ trunk/lib/PagePerm.php 2021-09-20 09:25:22 UTC (rev 10580)
@@ -204,7 +204,6 @@
return 'create';
else
return 'view';
- break;
case 'upload':
case 'loadfile':
// probably create/edit but we cannot check all page permissions, can we?
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X