From 73d8effd1f083adff274d726190df9b1550733d8 Mon Sep 17 00:00:00 2001 From: rurban Date: Sun, 16 May 2004 22:07:36 +0000 Subject: [PATCH] check more config-default and predefined constants various PagePerm fixes: fix default PagePerms, esp. edit and view for Bogo and Password users implemented Creator and Owner BOGOUSERS renamed to BOGOUSER fixed syntax errors in signin.tmpl git-svn-id: svn://svn.code.sf.net/p/phpwiki/code/trunk@3524 96ab9672-09ca-45d6-a79d-3d69d39ca109 --- lib/IniConfig.php | 51 +++++++++------ lib/PageList.php | 40 +++++++++--- lib/PagePerm.php | 94 +++++++++++++++++++--------- lib/WikiDB.php | 28 ++++++++- lib/WikiGroup.php | 48 +++++++------- lib/WikiUserNew.php | 10 ++- lib/plugin/RecentChanges.php | 9 ++- lib/plugin/WikiAdminRemove.php | 24 ++++--- lib/plugin/WikiAdminSetAcl.php | 35 ++++++----- themes/Sidebar/templates/signin.tmpl | 4 +- themes/default/templates/signin.tmpl | 6 +- 11 files changed, 237 insertions(+), 112 deletions(-) diff --git a/lib/IniConfig.php b/lib/IniConfig.php index c07138af6..823e8ef26 100644 --- a/lib/IniConfig.php +++ b/lib/IniConfig.php @@ -1,5 +1,5 @@ $v) { + if (defined($k)) + $rs[$k] = constant($k); + elseif (!isset($rs[$k])) + $rs[$k] = $v; + } foreach ($_IC_VALID_VALUE as $item) { if (defined($item)) continue; if (array_key_exists($item, $rs)) { define($item, $rs[$item]); - } elseif (array_key_exists($item, $rsdef)) { - define($item, $rsdef[$item]); + //} elseif (array_key_exists($item, $rsdef)) { + // define($item, $rsdef[$item]); // calculate them later: } elseif (in_array($item,array('DATABASE_PREFIX', 'SERVER_NAME', 'SERVER_PORT', 'SCRIPT_NAME', 'DATA_PATH', 'PHPWIKI_DIR', 'VIRTUAL_PATH'))) { @@ -117,8 +123,8 @@ function IniConfig($file) { if (defined($item)) continue; if (array_key_exists($item, $rs)) { $val = $rs[$item]; - } elseif (array_key_exists($item, $rsdef)) { - $val = $rsdef[$item]; + //} elseif (array_key_exists($item, $rsdef)) { + // $val = $rsdef[$item]; } else { $val = false; //trigger_error(sprintf("missing boolean config setting for %s",$item)); } @@ -138,6 +144,8 @@ function IniConfig($file) { } elseif (strtolower($val) == 'false' || strtolower($val) == 'no' || + $val == '' || + $val == false || $val == '0') { define($item, false); } @@ -167,38 +175,36 @@ function IniConfig($file) { $DBParams['directory'] = @$rs['DATABASE_DIRECTORY']; $DBParams['timeout'] = @$rs['DATABASE_TIMEOUT']; if (!defined('USE_DB_SESSION') and $DBParams['db_session_table'] and - in_array($DBParams['dbtype'],array('SQL','ADODB','dba'))) { + in_array($DBParams['dbtype'],array('SQL','ADODB'/*,'dba'*/))) { define('USE_DB_SESSION', true); } // Expiry stuff global $ExpireParams; - $ExpireParams['major'] = array( - 'max_age' => @$rs['MAJOR_MAX_AGE'], - 'min_age' => @$rs['MAJOR_MIN_AGE'], + 'max_age' => @$rs['MAJOR_MAX_AGE'], + 'min_age' => @$rs['MAJOR_MIN_AGE'], 'min_keep' => @$rs['MAJOR_MIN_KEEP'], - 'keep' => @$rs['MAJOR_KEEP'], + 'keep' => @$rs['MAJOR_KEEP'], 'max_keep' => @$rs['MAJOR_MAX_KEEP'] ); $ExpireParams['minor'] = array( - 'max_age' => @$rs['MINOR_MAX_AGE'], - 'min_age' => @$rs['MINOR_MIN_AGE'], + 'max_age' => @$rs['MINOR_MAX_AGE'], + 'min_age' => @$rs['MINOR_MIN_AGE'], 'min_keep' => @$rs['MINOR_MIN_KEEP'], - 'keep' => @$rs['MINOR_KEEP'], + 'keep' => @$rs['MINOR_KEEP'], 'max_keep' => @$rs['MINOR_MAX_KEEP'] ); $ExpireParams['author'] = array( - 'max_age' => @$rs['AUTHOR_MAX_AGE'], - 'min_age' => @$rs['AUTHOR_MIN_AGE'], + 'max_age' => @$rs['AUTHOR_MAX_AGE'], + 'min_age' => @$rs['AUTHOR_MIN_AGE'], 'min_keep' => @$rs['AUTHOR_MIN_KEEP'], - 'keep' => @$rs['AUTHOR_KEEP'], + 'keep' => @$rs['AUTHOR_KEEP'], 'max_keep' => @$rs['AUTHOR_MAX_KEEP'] ); // User authentication - global $USER_AUTH_ORDER; - $USER_AUTH_ORDER = preg_split('/\s*:\s*/', @$rs['USER_AUTH_ORDER']); + $GLOBALS['USER_AUTH_ORDER'] = preg_split('/\s*:\s*/', $rs['USER_AUTH_ORDER']); // LDAP bind options global $LDAP_SET_OPTION; @@ -214,7 +220,7 @@ function IniConfig($file) { } // Now it's the external DB authentication stuff's turn - if (in_array('Db', $USER_AUTH_ORDER) && empty($rs['DBAUTH_AUTH_DSN'])) { + if (in_array('Db', $GLOBALS['USER_AUTH_ORDER']) && empty($rs['DBAUTH_AUTH_DSN'])) { $rs['DBAUTH_AUTH_DSN'] = $DBParams['dsn']; } @@ -231,10 +237,11 @@ function IniConfig($file) { 'DBAUTH_GROUP_MEMBERS' => 'group_members', 'DBAUTH_USER_GROUPS' => 'user_groups' ); - foreach ($DBAP_MAP as $rskey => $apkey) { if (isset($rs[$rskey])) { $DBAuthParams[$apkey] = $rs[$rskey]; + } elseif (isset($rsdef[$rskey])) { + $DBAuthParams[$apkey] = $rsdef[$rskey]; } } @@ -525,6 +532,10 @@ function fix_configs() { } // $Log: not supported by cvs2svn $ +// Revision 1.21 2004/05/08 22:55:12 rurban +// Fixed longstanding sf.net:demo problem. endless loop, caused by an empty definition of +// WIKI_NAME_REGEXP. Exactly this constant wasn't checked for its default setting. +// // Revision 1.20 2004/05/08 20:21:00 rurban // remove php tags in Log // diff --git a/lib/PageList.php b/lib/PageList.php index e99e81243..f0bf63880 100644 --- a/lib/PageList.php +++ b/lib/PageList.php @@ -1,4 +1,4 @@ -WikiNameRegexp = $WikiNameRegexp; - $this->dbi = &$request->getDbh(); + $this->dbi =& $GLOBALS['request']->getDbh(); } function _getValue ($page_handle, &$revision_handle) { $author = _PageList_Column::_getValue($page_handle, $revision_handle); - if (preg_match("/^$this->WikiNameRegexp\$/", $author) && $this->dbi->isWikiPage($author)) + if (isWikiWord($author) && $this->dbi->isWikiPage($author)) + return WikiLink($author); + else + return $author; + } +}; + +class _PageList_Column_owner extends _PageList_Column_author { + function _getValue ($page_handle, &$revision_handle) { + $author = $page_handle->getOwner(); + if (isWikiWord($author) && $this->dbi->isWikiPage($author)) + return WikiLink($author); + else + return $author; + } +}; +class _PageList_Column_creator extends _PageList_Column_author { + function _getValue ($page_handle, &$revision_handle) { + $author = $page_handle->getCreator(); + if (isWikiWord($author) && $this->dbi->isWikiPage($author)) return WikiLink($author); else return $author; @@ -664,9 +681,13 @@ class PageList { 'author' => new _PageList_Column_author('rev:author', _("Last Author")), 'owner' - => new _PageList_Column_author('owner', _("Owner")), + => new _PageList_Column_owner('author_id', _("Owner")), + 'creator' + => new _PageList_Column_creator('author_id', _("Creator")), + /* 'group' => new _PageList_Column_author('group', _("Group")), + */ 'locked' => new _PageList_Column_bool('locked', _("Locked"), _("locked")), @@ -896,6 +917,9 @@ extends PageList { } // $Log: not supported by cvs2svn $ +// Revision 1.81 2004/05/13 12:30:35 rurban +// fix for MacOSX border CSS attr, and if sort buttons are not found +// // Revision 1.80 2004/04/20 00:56:00 rurban // more paging support and paging fix for shorter lists // diff --git a/lib/PagePerm.php b/lib/PagePerm.php index d0c80260b..ee09b40ac 100644 --- a/lib/PagePerm.php +++ b/lib/PagePerm.php @@ -1,5 +1,5 @@ $value) { + if (is_array($value)) { + if (!is_array($array2[$key])) { + $difference[$key] = $value; + } else { + $new_diff = array_diff_assoc_recursive($value, $array2[$key]); + if ($new_diff != false) { + $difference[$key] = $new_diff; + } + } + } elseif(!isset($array2[$key]) || $array2[$key] != $value) { + $difference[$key] = $value; + } + } + return !isset($difference) ? 0 : $difference; +} + /** * The ACL object per page. It is stored in a page, but can also * be merged with ACL's from other pages or taken from the master (pseudo) dot-file. @@ -327,7 +346,7 @@ class PagePermission { * Translate the various special groups to the actual users settings * (userid, group membership). */ - function isMember($user,$group) { + function isMember($user, $group) { global $request; if ($group === ACL_EVERY) return true; if (!isset($this->_group)) $member =& WikiGroup::getGroup($request); @@ -339,8 +358,10 @@ class PagePermission { $member->isMember(GROUP_ADMIN)); if ($group === ACL_ANONYMOUS) return ! $user->isSignedIn(); - if ($group === ACL_BOGOUSERS) - if (ENABLE_USER_NEW) return isa($user,'_BogoUser'); + if ($group === ACL_BOGOUSER) + if (ENABLE_USER_NEW) + return isa($user,'_BogoUser') or + (isWikiWord($user->_userid) and $user->_level >= WIKIAUTH_BOGO); else return isWikiWord($user->UserName()); if ($group === ACL_HASHOMEPAGE) return $user->hasHomePage(); @@ -350,18 +371,18 @@ class PagePermission { return $user->isAuthenticated(); if ($group === ACL_OWNER) { $page = $request->getPage(); - return ($page->get('author') === $user->UserName() and - $user->isAuthenticated()); + return ($user->isAuthenticated() and + $page->getOwner() === $user->UserName()); } if ($group === ACL_CREATOR) { $page = $request->getPage(); - $rev = $page->getRevision(1); - return ($rev->get('author') === $user->UserName() and - $user->isAuthenticated()); + return ($user->isAuthenticated() and + $page->getCreator() === $user->UserName()); } /* Or named groups or usernames. - Note: We don't seperate groups and users here. - Users overrides groups with the same name. */ + Note: We don't seperate groups and users here. + Users overrides groups with the same name. + */ return $user->UserName() === $group or $member->isMember($group); } @@ -372,7 +393,7 @@ class PagePermission { */ function defaultPerms() { //Todo: check for the existance of '.' and take this instead. - //Todo: honor more index.php auth settings here + //Todo: honor more config.ini auth settings here $perm = array('view' => array(ACL_EVERY => true), 'edit' => array(ACL_EVERY => true), 'create' => array(ACL_EVERY => true), @@ -381,24 +402,27 @@ class PagePermission { ACL_OWNER => true), 'change' => array(ACL_ADMIN => true, ACL_OWNER => true)); - if (defined('ZIPDUMP_AUTH') && ZIPDUMP_AUTH) + if (ZIPDUMP_AUTH) $perm['dump'] = array(ACL_ADMIN => true, ACL_OWNER => true); else $perm['dump'] = array(ACL_EVERY => true); - if (defined('REQUIRE_SIGNIN_BEFORE_EDIT') && REQUIRE_SIGNIN_BEFORE_EDIT) - $perm['edit'] = array(ACL_SIGNED => true); - if (defined('ALLOW_ANON_USER') && ! ALLOW_ANON_USER) { - if (defined('ALLOW_BOGO_USER') && ALLOW_BOGO_USER) { - $perm['view'] = array(ACL_BOGOUSER => true); - $perm['edit'] = array(ACL_BOGOUSER => true); - } elseif (defined('ALLOW_USER_PASSWORDS') && ALLOW_USER_PASSWORDS) { - $perm['view'] = array(ACL_AUTHENTICATED => true); - $perm['edit'] = array(ACL_AUTHENTICATED => true); - } else { - $perm['view'] = array(ACL_SIGNED => true); - $perm['edit'] = array(ACL_SIGNED => true); - } + // view: + if (!ALLOW_ANON_USER) { + if (!ALLOW_USER_PASSWORDS) + $perm['view'] = array(ACL_SIGNED => true); + else + $perm['view'] = array(ACL_AUTHENTICATED => true); + $perm['view'][ACL_BOGOUSER] = ALLOW_BOGO_LOGIN ? true : false; + } + // edit: + if (!ALLOW_ANON_EDIT) { + if (!ALLOW_USER_PASSWORDS) + $perm['edit'] = array(ACL_SIGNED => true); + else + $perm['edit'] = array(ACL_AUTHENTICATED => true); + $perm['edit'][ACL_BOGOUSER] = ALLOW_BOGO_LOGIN ? true : false; + $perm['create'] = $perm['edit']; } return $perm; } @@ -410,6 +434,14 @@ class PagePermission { } } } + + /** + * do a recursive comparison + */ + function equal($otherperm) { + $diff = array_diff_assoc_recursive($this->perm, $otherperm); + return empty($diff); + } /** * returns list of all supported access types. @@ -553,7 +585,7 @@ class PagePermission { HTML::tr( HTML::td(HTML::strong($access.":")), HTML::td(array('class' => 'cal-today','align'=>'right'), - $this->groupName($group)), + HTML::strong($this->groupName($group))), HTML::td($nbsp,$checkbox), HTML::td($nbsp,$deletebutton), HTML::td(HTML::em(getAccessDescription($access))))); @@ -563,7 +595,7 @@ class PagePermission { HTML::tr( HTML::td(), HTML::td(array('class' => 'cal-today','align'=>'right'), - $this->groupName($group)), + HTML::strong($this->groupName($group))), HTML::td($nbsp,$checkbox), HTML::td($nbsp,$deletebutton), HTML::td())); @@ -629,6 +661,10 @@ class PagePermission { } // $Log: not supported by cvs2svn $ +// Revision 1.14 2004/05/15 22:54:49 rurban +// fixed important WikiDB bug with DEBUG > 0: wrong assertion +// improved SetAcl (works) and PagePerms, some WikiGroup helpers. +// // Revision 1.13 2004/05/15 19:48:33 rurban // fix some too loose PagePerms for signed, but not authenticated users // (admin, owner, creator) diff --git a/lib/WikiDB.php b/lib/WikiDB.php index 040ab473f..fb4a2fcc3 100644 --- a/lib/WikiDB.php +++ b/lib/WikiDB.php @@ -1,5 +1,5 @@ get('pref') ? true : false; } + // May be empty. Either the stored owner (/Chown), or the first authorized author + function getOwner() { + if ($owner = $this->get('owner')) + return $owner; + // check all revisions for the first author_id + $backend = &$this->_wikidb->_backend; + $pagename = &$this->_pagename; + $latestversion = $backend->get_latest_version($pagename); + for ($v=1; $v <= $latestversion; $v++) { + $rev = $this->getRevision($v); + if ($rev and $owner = $rev->get('author_id')) + return $owner; + } + return ''; + } + + // The authenticated author of the first revision or empty if not authenticated then. + function getCreator() { + $current = $this->getRevision(1); + return $current->get('author_id'); + } + }; /** @@ -1767,6 +1789,10 @@ class WikiDB_cache }; // $Log: not supported by cvs2svn $ +// Revision 1.56 2004/05/15 22:54:49 rurban +// fixed important WikiDB bug with DEBUG > 0: wrong assertion +// improved SetAcl (works) and PagePerms, some WikiGroup helpers. +// // Revision 1.55 2004/05/12 19:27:47 rurban // revert wrong inline optimization. // diff --git a/lib/WikiGroup.php b/lib/WikiGroup.php index 7e57f8c14..98bcfd934 100644 --- a/lib/WikiGroup.php +++ b/lib/WikiGroup.php @@ -1,5 +1,5 @@ membership[$group] = true; case GROUP_ANONYMOUS: return $this->membership[$group] = ! $user->isSignedIn(); - case GROUP_BOGOUSERS: return $this->membership[$group] = isa($user,'_BogoUser'); + case GROUP_BOGOUSER: return $this->membership[$group] = (isa($user,'_BogoUser') and + $user->_level >= WIKIAUTH_BOGO); case GROUP_SIGNED: return $this->membership[$group] = $user->isSignedIn(); case GROUP_AUTHENTICATED: return $this->membership[$group] = $user->isAuthenticated(); case GROUP_ADMIN: return $this->membership[$group] = $user->isAdmin(); @@ -275,7 +273,7 @@ class WikiGroup{ return $all; case GROUP_ANONYMOUS: return $users; - case GROUP_BOGOUSERS: + case GROUP_BOGOUSER: foreach ($all as $u) { if (isWikiWord($user)) $users[] = $u; } @@ -574,16 +572,16 @@ class GroupDb extends WikiGroup { trigger_error(_("No or not enough GROUP_DB SQL statements defined"), E_USER_WARNING); return new GroupNone(&$request); } - $this->_is_member = str_replace(array('"$userid"','"$groupname"'), - array('%s','%s'), - $DBAuthParams['is_member']); - $this->_group_members = str_replace('"$groupname"', - '%s', - $DBAuthParams['group_members']); - $this->_user_groups = str_replace('"$userid"', - '%s', - $DBAuthParams['user_groups']); - $this->dbh = _PassUser::getAuthDbh(); + // use _PassUser::prepare instead + if (isa($request->_user,'_PassUser')) + $user =& $request->_user; + else + $user = new _PassUser($this->username); + $this->_is_member = $user->prepare($DBAuthParams['is_member'], + array('userid','groupname')); + $this->_group_members = $user->prepare($DBAuthParams['group_members'],'groupname'); + $this->_user_groups = $user->prepare($DBAuthParams['user_groups'],'userid'); + $this->dbh = $user->_auth_dbi; } } @@ -605,7 +603,8 @@ class GroupDb_PearDB extends GroupDb { return $this->membership[$group]; } $dbh = & $this->dbh; - $db_result = $dbh->query(sprintf($this->_is_member,$dbh->quote($this->username),$dbh->quote($group))); + $db_result = $dbh->query(sprintf($this->_is_member,$dbh->quote($this->username), + $dbh->quote($group))); if ($db_result->numRows() > 0) { $this->membership[$group] = true; return true; @@ -687,7 +686,8 @@ class GroupDb_ADODB extends GroupDb { return $this->membership[$group]; } $dbh = & $this->dbh; - $rs = $dbh->Execute(sprintf($this->_is_member,$dbh->qstr($this->username),$dbh->qstr($group))); + $rs = $dbh->Execute(sprintf($this->_is_member,$dbh->qstr($this->username), + $dbh->qstr($group))); if ($rs->EOF) { $rs->Close(); } else { @@ -1012,6 +1012,10 @@ class GroupLdap extends WikiGroup { } // $Log: not supported by cvs2svn $ +// Revision 1.28 2004/05/15 22:54:49 rurban +// fixed important WikiDB bug with DEBUG > 0: wrong assertion +// improved SetAcl (works) and PagePerms, some WikiGroup helpers. +// // Revision 1.27 2004/05/06 13:56:40 rurban // Enable the Administrators group, and add the WIKIPAGE group default root page. // diff --git a/lib/WikiUserNew.php b/lib/WikiUserNew.php index 890068b60..451d6e100 100644 --- a/lib/WikiUserNew.php +++ b/lib/WikiUserNew.php @@ -1,5 +1,5 @@ _normalize_stmt_var($variables[$i],$oldstyle); if (!$var) trigger_error(sprintf("DbAuthParams: Undefined or empty statement variable %s in %s", @@ -2848,6 +2848,12 @@ extends UserPreferences // $Log: not supported by cvs2svn $ +// Revision 1.74 2004/05/15 19:48:33 rurban +// fix some too loose PagePerms for signed, but not authenticated users +// (admin, owner, creator) +// no double login page header, better login msg. +// moved action_pdf to lib/pdf.php +// // Revision 1.73 2004/05/15 18:31:01 rurban // some action=pdf Request fixes: With MSIE it works now. Now the work with the page formatting begins. // diff --git a/lib/plugin/RecentChanges.php b/lib/plugin/RecentChanges.php index a8c20b0c8..00edaf1f2 100644 --- a/lib/plugin/RecentChanges.php +++ b/lib/plugin/RecentChanges.php @@ -1,5 +1,5 @@ 0) { @@ -658,7 +658,7 @@ extends WikiPlugin function getVersion() { return preg_replace("/[Revision: $]/", '', - "\$Revision: 1.94 $"); + "\$Revision: 1.95 $"); } function managesValidators() { @@ -841,6 +841,9 @@ class DayButtonBar extends HtmlElement { } // $Log: not supported by cvs2svn $ +// Revision 1.94 2004/05/14 20:55:03 rurban +// simplified RecentComments +// // Revision 1.93 2004/05/14 17:33:07 rurban // new plugin RecentChanges // diff --git a/lib/plugin/WikiAdminRemove.php b/lib/plugin/WikiAdminRemove.php index 134f35bb8..26f1051af 100644 --- a/lib/plugin/WikiAdminRemove.php +++ b/lib/plugin/WikiAdminRemove.php @@ -1,5 +1,5 @@ getDbh(); + $dbi = $request->getDbh(); $count = 0; foreach ($pages as $name) { $name = str_replace(array('%5B','%5D'),array('[',']'),$name); - $dbi->deletePage($name); - $ul->pushContent(HTML::li(fmt("Removed page '%s' successfully.", $name))); + if (mayAccessPage('remove',$name)) { + $dbi->deletePage($name); + $ul->pushContent(HTML::li(fmt("Removed page '%s' successfully.", $name))); + $count++; + } else { + $ul->pushContent(HTML::li(fmt("Didn't removed page '%s'. Access denied.", $name))); + } } - $dbi->touch(); + if ($count) $dbi->touch(); return HTML($ul, - HTML::p(_('All selected pages have been permanently removed.'))); + HTML::p(fmt("%d pages have been permanently removed."),$count)); } function run($dbi, $argstr, &$request, $basepage) { @@ -147,10 +152,12 @@ extends WikiPlugin !empty($post_args['remove']) && empty($post_args['cancel'])) { // FIXME: check individual PagePermissions + /* if (!$request->_user->isAdmin()) { $request->_notAuthorized(WIKIAUTH_ADMIN); $this->disabled("! user->isAdmin"); } + */ if ($post_args['action'] == 'verify') { // Real delete. return $this->removePages($request, array_keys($p)); @@ -237,6 +244,9 @@ class _PageList_Column_remove extends _PageList_Column { // $Log: not supported by cvs2svn $ +// Revision 1.21 2004/05/04 16:34:22 rurban +// prvent hidden p overwrite checked p +// // Revision 1.20 2004/05/03 11:02:30 rurban // fix passing args from WikiAdminSelect to WikiAdminRemove // diff --git a/lib/plugin/WikiAdminSetAcl.php b/lib/plugin/WikiAdminSetAcl.php index 7dc481115..86ee6ad16 100644 --- a/lib/plugin/WikiAdminSetAcl.php +++ b/lib/plugin/WikiAdminSetAcl.php @@ -1,5 +1,5 @@ "[]", - //'acl' => false, /* Pages to exclude in listing */ 'exclude' => '', /* Columns to include in listing */ - 'info' => 'pagename,perm,owner,group,mtime,author', + 'info' => 'pagename,perm,mtime,owner,author', /* How to sort */ 'sortby' => 'pagename', 'limit' => 0, @@ -87,14 +86,19 @@ extends WikiPlugin_WikiAdminSelect } if ($perm = new PagePermission($acl)) { $perm->sanify(); - foreach ($pages as $name) { - //TODO: check if unchanged? - if (mayAccessPage('change',$name)) { - $perm->store($dbi->getPage($name)); - $ul->pushContent(HTML::li(fmt("ACL changed for page '%s'.",$name))); + foreach ($pages as $pagename) { + // check if unchanged? we need a deep array_equal + $page = $dbi->getPage($pagename); + $oldperm = getPagePermissions($page); + $oldperm->sanify(); + if ($perm->equal($oldperm->perm)) // (serialize($oldperm->perm) == serialize($perm->perm)) + $ul->pushContent(HTML::li(fmt("ACL not changed for page '%s'.",$pagename))); + elseif (mayAccessPage('change',$pagename)) { + setPagePermissions ($page,$perm); + $ul->pushContent(HTML::li(fmt("ACL changed for page '%s'.",$pagename))); $count++; } else { - $ul->pushContent(HTML::li(fmt("Access denied to change page '%s'.",$name))); + $ul->pushContent(HTML::li(fmt("Access denied to change page '%s'.",$pagename))); } } } else { @@ -111,8 +115,8 @@ extends WikiPlugin_WikiAdminSelect } function run($dbi, $argstr, &$request, $basepage) { - if (!DEBUG) - return $this->disabled("WikiAdminSetAcl not yet enabled. Set DEBUG to try it."); + //if (!DEBUG) + // return $this->disabled("WikiAdminSetAcl not yet enabled. Set DEBUG to try it."); $args = $this->getArgs($argstr, $request); $this->_args = $args; @@ -131,12 +135,13 @@ extends WikiPlugin_WikiAdminSelect if ($p && $request->isPost() && !empty($post_args['acl']) && empty($post_args['cancel'])) { - // FIXME: check individual PagePermissions + // DONE: check individual PagePermissions + /* if (!$request->_user->isAdmin()) { $request->_notAuthorized(WIKIAUTH_ADMIN); $this->disabled("! user->isAdmin"); } - + */ if ($post_args['action'] == 'verify') { // Real action $header->pushContent( @@ -156,7 +161,7 @@ extends WikiPlugin_WikiAdminSelect $pages = $this->collectPages($pages, $dbi, $args['sortby'], $args['limit']); } if ($next_action == 'verify') { - $args['info'] = "checkbox,pagename,perm,owner,group,mtime,author"; + $args['info'] = "checkbox,pagename,perm,mtime,owner,author"; } $pagelist = new PageList_Selectable($args['info'], $exclude, diff --git a/themes/Sidebar/templates/signin.tmpl b/themes/Sidebar/templates/signin.tmpl index 83f121750..b96f9a9ed 100644 --- a/themes/Sidebar/templates/signin.tmpl +++ b/themes/Sidebar/templates/signin.tmpl @@ -1,12 +1,12 @@ - +
getArgs(), false, array('auth')) ?> diff --git a/themes/default/templates/signin.tmpl b/themes/default/templates/signin.tmpl index f6f7a721a..fdf9fc026 100644 --- a/themes/default/templates/signin.tmpl +++ b/themes/default/templates/signin.tmpl @@ -1,13 +1,13 @@ - - + + getArgs(), false, array('auth')) ?>