4 Copyright 2004 $ThePhpWikiProgrammingTeam
6 This file is part of PhpWiki.
8 PhpWiki is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 PhpWiki is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with PhpWiki; if not, write to the Free Software
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 * Set individual PagePermissions
26 * Usage: <?plugin WikiAdminSetAcl ?> or called via WikiAdminSelect
27 * Author: Reini Urban <rurban@x-ray.at>
30 * Requires PHP 4.2 so far.
32 * TODO: UI to add custom group/username.
33 * Currently it's easier to dump a page, fix it manually and
34 * import it, than use Setacl
36 require_once('lib/PageList.php');
37 require_once('lib/plugin/WikiAdminSelect.php');
39 class WikiPlugin_WikiAdminSetAcl
40 extends WikiPlugin_WikiAdminSelect
43 return _("WikiAdminSetAcl");
46 function getDescription() {
47 return _("Set individual page permissions.");
50 function getVersion() {
51 return preg_replace("/[Revision: $]/", '',
55 function getDefaultArguments() {
58 PageList::supportedArgs(),
60 'p' => "[]", // list of pages
61 's' => false, /* select by pagename */
62 /* Columns to include in listing */
63 'info' => 'pagename,perm,mtime,owner,author',
67 function setaclPages(&$request, $pages, $acl) {
70 $dbi =& $request->_dbi;
71 // check new_group and new_perm
72 if (isset($acl['_add_group'])) {
73 //add groups with perm
74 foreach ($acl['_add_group'] as $access => $dummy) {
75 $group = $acl['_new_group'][$access];
76 $acl[$access][$group] = isset($acl['_new_perm'][$access]) ? 1 : 0;
78 unset($acl['_add_group']);
80 unset($acl['_new_group']); unset($acl['_new_perm']);
81 if (isset($acl['_del_group'])) {
82 //del groups with perm
83 foreach ($acl['_del_group'] as $access => $del) {
84 while (list($group,$dummy) = each($del))
85 unset($acl[$access][$group]);
87 unset($acl['_del_group']);
89 if ($perm = new PagePermission($acl)) {
91 foreach ($pages as $pagename) {
92 // check if unchanged? we need a deep array_equal
93 $page = $dbi->getPage($pagename);
94 $oldperm = getPagePermissions($page);
97 if ($oldperm and $perm->equal($oldperm->perm)) // (serialize($oldperm->perm) == serialize($perm->perm))
98 $ul->pushContent(HTML::li(fmt("ACL not changed for page '%s'.",$pagename)));
99 elseif (mayAccessPage('change', $pagename)) {
100 setPagePermissions ($page, $perm);
101 $ul->pushContent(HTML::li(fmt("ACL changed for page '%s'.",$pagename)));
104 $ul->pushContent(HTML::li(fmt("Access denied to change page '%s'.",$pagename)));
108 $ul->pushContent(HTML::li(fmt("Invalid ACL")));
113 HTML::p(fmt("%s pages have been changed.",$count)));
116 HTML::p(fmt("No pages changed.")));
120 function run($dbi, $argstr, &$request, $basepage) {
122 // return $this->disabled("WikiAdminSetAcl not yet enabled. Set DEBUG to try it.");
123 if ($request->getArg('action') != 'browse')
124 if ($request->getArg('action') != _("PhpWikiAdministration/SetAcl"))
125 return $this->disabled("(action != 'browse')");
126 if (!ENABLE_PAGEPERM)
127 return $this->disabled("ENABLE_PAGEPERM = false");
129 $args = $this->getArgs($argstr, $request);
130 $this->_args = $args;
131 $this->preSelectS($args, $request);
133 $p = $request->getArg('p');
134 $post_args = $request->getArg('admin_setacl');
135 $next_action = 'select';
137 if ($p && !$request->isPost())
139 elseif ($this->_list)
140 $pages = $this->_list;
141 $header = HTML::div();
142 if ($p && $request->isPost() &&
143 !empty($post_args['acl']) && empty($post_args['cancel'])) {
144 // without individual PagePermissions:
145 if (!ENABLE_PAGEPERM and !$request->_user->isAdmin()) {
146 $request->_notAuthorized(WIKIAUTH_ADMIN);
147 $this->disabled("! user->isAdmin");
149 if ($post_args['action'] == 'verify') {
151 $header->pushContent(
152 $this->setaclPages($request, array_keys($p),
153 $request->getArg('acl')));
155 if ($post_args['action'] == 'select') {
156 if (!empty($post_args['acl']))
157 $next_action = 'verify';
158 foreach ($p as $name => $c) {
163 if ($next_action == 'select' and empty($pages)) {
164 // List all pages to select from.
165 $pages = $this->collectPages($pages, $dbi, $args['sortby'], $args['limit'], $args['exclude']);
167 if ($next_action == 'verify') {
168 $args['info'] = "checkbox,pagename,perm,mtime,owner,author";
170 $pagelist = new PageList_Selectable($args['info'],
172 array('types' => array(
174 => new _PageList_Column_perm('perm', _("Permission")),
176 => new _PageList_Column_acl('acl', _("ACL")))));
178 $pagelist->addPageList($pages);
179 if ($next_action == 'verify') {
180 $button_label = _("Yes");
181 $header = $this->setaclForm($header, $post_args, $pages);
182 $header->pushContent(
183 HTML::p(HTML::strong(
184 _("Are you sure you want to permanently change access to the selected files?"))));
187 $button_label = _("SetAcl");
188 $header = $this->setaclForm($header, $post_args, $pages);
189 $header->pushContent(HTML::p(_("Select the pages to change:")));
192 $buttons = HTML::p(Button('submit:admin_setacl[acl]', $button_label, 'wikiadmin'),
193 Button('submit:admin_setacl[cancel]', _("Cancel"), 'button'));
195 return HTML::form(array('action' => $request->getPostURL(),
198 $pagelist->getContent(),
199 HiddenInputs($request->getArgs(),
201 array('admin_setacl')),
202 HiddenInputs(array('admin_setacl[action]' => $next_action)),
205 : HiddenInputs(array('require_authority_for_post' => WIKIAUTH_ADMIN)),
209 function setaclForm(&$header, $post_args, $pagehash) {
210 $acl = $post_args['acl'];
212 //FIXME: find intersection of all pages perms, not just from the last pagename
214 foreach ($pagehash as $name => $checked) {
215 if ($checked) $pages[] = $name;
217 $perm_tree = pagePermissions($name);
218 $table = pagePermissionsAclFormat($perm_tree, !empty($pages));
219 $header->pushContent(HTML::strong(_("Selected Pages: ")), HTML::tt(join(', ',$pages)), HTML::br());
220 $first_page = $GLOBALS['request']->_dbi->getPage($name);
221 $owner = $first_page->getOwner();
222 list($type, $perm) = pagePermissionsAcl($perm_tree[0], $perm_tree);
223 //if (DEBUG) $header->pushContent(HTML::pre("Permission tree for $name:\n",print_r($perm_tree,true)));
224 if ($type == 'inherited')
225 $type = sprintf(_("page permission inherited from %s"), $perm_tree[1][0]);
226 elseif ($type == 'page')
227 $type = _("invidual page permission");
228 elseif ($type == 'default')
229 $type = _("default page permission");
230 $header->pushContent(HTML::strong(_("Type").': '), HTML::tt($type),HTML::br());
231 $header->pushContent(HTML::strong(_("getfacl").': '), pagePermissionsSimpleFormat($perm_tree, $owner),HTML::br());
232 $header->pushContent(HTML::strong(_("ACL").': '), HTML::tt($perm->asAclLines()),HTML::br());
234 $header->pushContent(HTML::p(HTML::strong(_("Description").': '),
235 _("Selected Grant checkboxes allow access, unselected checkboxes deny access."),
236 _("To ignore delete the line."),
237 _("To add check 'Add' near the dropdown list.")
239 $header->pushContent(HTML::blockquote($table));
241 // display array of checkboxes for existing perms
242 // and a dropdown for user/group to add perms.
243 // disabled if inherited,
244 // checkbox to disable inheritance,
245 // another checkbox to progate new permissions to all childs (if there exist some)
247 // warn if more pages are selected and they have different perms
248 //$header->pushContent(HTML::input(array('name' => 'admin_setacl[acl]',
249 // 'value' => $post_args['acl'])));
250 $header->pushContent(HTML::br());
251 if (!empty($pages) and DEBUG) {
252 $checkbox = HTML::input(array('type' => 'checkbox',
253 'name' => 'admin_setacl[updatechildren]',
255 if (!empty($post_args['updatechildren'])) $checkbox->setAttr('checked','checked');
256 $header->pushContent($checkbox,
257 _("Propagate new permissions to all subpages?"),
258 HTML::raw(" "),
259 HTML::em(_("(disable individual page permissions, enable inheritance)?")),
260 HTML::br(),HTML::em(_("(Currently not working)"))
263 $header->pushContent(HTML::hr(),HTML::p());
268 class _PageList_Column_acl extends _PageList_Column {
269 function _getValue ($page_handle, &$revision_handle) {
270 $perm_tree = pagePermissions($page_handle->_pagename);
272 list($type, $perm) = pagePermissionsAcl($perm_tree[0], $perm_tree);
273 if ($type == 'inherited') {
274 $type = sprintf(_("page permission inherited from %s"), $perm_tree[1][0]);
275 } elseif ($type == 'page') {
276 $type = _("invidual page permission");
277 } elseif ($type == 'default') {
278 $type = _("default page permission");
280 $result = HTML::span();
281 $result->pushContent($type);
282 $result->pushContent(HTML::br());
283 $result->pushContent($perm->asAclLines());
288 class _PageList_Column_perm extends _PageList_Column {
289 function _getValue ($page_handle, &$revision_handle) {
290 $perm_array = pagePermissions($page_handle->_pagename);
291 return pagePermissionsSimpleFormat($perm_array,
292 $page_handle->get('author'),
293 $page_handle->get('group'));
301 // c-hanging-comment-ender-p: nil
302 // indent-tabs-mode: nil