function setaclPages(&$request, $pages, $acl)
{
$ul = HTML::ul();
$count = 0;
$dbi =& $request->_dbi;
// check new_group and new_perm
if (isset($acl['_add_group'])) {
//add groups with perm
foreach ($acl['_add_group'] as $access => $dummy) {
$group = $acl['_new_group'][$access];
$acl[$access][$group] = isset($acl['_new_perm'][$access]) ? 1 : 0;
}
unset($acl['_add_group']);
}
unset($acl['_new_group']);
unset($acl['_new_perm']);
if (isset($acl['_del_group'])) {
//del groups with perm
foreach ($acl['_del_group'] as $access => $del) {
while (list($group, $dummy) = each($del)) {
unset($acl[$access][$group]);
}
}
unset($acl['_del_group']);
}
if ($perm = new PagePermission($acl)) {
$perm->sanify();
foreach ($pages as $pagename) {
// check if unchanged? we need a deep array_equal
$page = $dbi->getPage($pagename);
$oldperm = getPagePermissions($page);
if ($oldperm) {
$oldperm->sanify();
}
if ($oldperm and $perm->equal($oldperm->perm)) {
// (serialize($oldperm->perm) == serialize($perm->perm))
$ul->pushContent(HTML::li(fmt("ACL not changed for page '%s'.", $pagename)));
} elseif (mayAccessPage('change', $pagename)) {
setPagePermissions($page, $perm);
$ul->pushContent(HTML::li(fmt("ACL changed for page '%s'.", $pagename)));
$count++;
} else {
$ul->pushContent(HTML::li(fmt("Access denied to change page '%s'.", $pagename)));
}
}
} else {
$ul->pushContent(HTML::li(fmt("Invalid ACL")));
}
if ($count) {
$dbi->touch();
return HTML($ul, HTML::p(fmt("%s pages have been changed.", $count)));
} else {
return HTML($ul, HTML::p(fmt("No pages changed.")));
}
}
function setaclPages(&$request, $pages, $acl)
{
$result = HTML::div();
$count = 0;
$dbi =& $request->_dbi;
// check new_group and new_perm
if (isset($acl['_add_group'])) {
//add groups with perm
foreach ($acl['_add_group'] as $access => $dummy) {
$group = $acl['_new_group'][$access];
$acl[$access][$group] = isset($acl['_new_perm'][$access]) ? 1 : 0;
}
unset($acl['_add_group']);
}
unset($acl['_new_group']);
unset($acl['_new_perm']);
if (isset($acl['_del_group'])) {
//del groups with perm
foreach ($acl['_del_group'] as $access => $del) {
while (list($group, $dummy) = each($del)) {
unset($acl[$access][$group]);
}
}
unset($acl['_del_group']);
}
if ($perm = new PagePermission($acl)) {
$perm->sanify();
foreach ($pages as $pagename) {
// check if unchanged? we need a deep array_equal
$page = $dbi->getPage($pagename);
$oldperm = getPagePermissions($page);
if ($oldperm) {
$oldperm->sanify();
}
if ($oldperm and $perm->equal($oldperm->perm)) {
$result->setAttr('class', 'error');
$result->pushContent(HTML::p(fmt("ACL not changed for page '%s'.", $pagename)));
} elseif (mayAccessPage('change', $pagename)) {
setPagePermissions($page, $perm);
$result->setAttr('class', 'feedback');
$result->pushContent(HTML::p(fmt("ACL changed for page '%s'", $pagename)));
$result->pushContent(HTML::p(fmt("from '%s'", $oldperm ? $oldperm->asAclLines() : "None")));
$result->pushContent(HTML::p(fmt("to '%s'.", $perm->asAclLines())));
// Create new revision so that ACL change appears in history.
$current = $page->getCurrentRevision();
$version = $current->getVersion();
$meta = $current->_data;
$text = $current->getPackedContent();
$meta['summary'] = sprintf(_("ACL changed for page '%s' from '%s' to '%s'."), $pagename, $oldperm ? $oldperm->asAclLines() : "None", $perm->asAclLines());
$meta['is_minor_edit'] = 1;
$meta['author'] = $request->_user->UserName();
unset($meta['mtime']);
// force new date
$page->save($text, $version + 1, $meta);
$count++;
} else {
$result->setAttr('class', 'error');
$result->pushContent(HTML::p(fmt("Access denied to change page '%s'.", $pagename)));
}
}
} else {
$result->pushContent(HTML::p(fmt("Invalid ACL")));
}
if ($count) {
$dbi->touch();
$result->setAttr('class', 'feedback');
if ($count > 1) {
$result->pushContent(HTML::p(fmt("%s pages have been changed.", $count)));
}
} else {
$result->setAttr('class', 'error');
$result->pushContent(HTML::p(fmt("No pages changed.")));
}
return $result;
}
/**
* For reference see:
* http://www.nacs.uci.edu/indiv/ehood/MIME/2045/rfc2045.html
* http://www.faqs.org/rfcs/rfc2045.html
* (RFC 1521 has been superceeded by RFC 2045 & others).
*
* Also see http://www.faqs.org/rfcs/rfc2822.html
*
*
* Notes on content-transfer-encoding.
*
* "7bit" means short lines of US-ASCII.
* "8bit" means short lines of octets with (possibly) the high-order bit set.
* "binary" means lines are not necessarily short enough for SMTP
* transport, and non-ASCII characters may be present.
*
* Only "7bit", "quoted-printable", and "base64" are universally safe
* for transport via e-mail. (Though many MTAs can/will be configured to
* automatically convert encodings to a safe type if they receive
* mail encoded in '8bit' and/or 'binary' encodings.
*/
function MimeifyPageRevision(&$page, &$revision)
{
// $wikidb =& $revision->_wikidb;
// $page = $wikidb->getPage($revision->getName());
// FIXME: add 'hits' to $params
$params = array('pagename' => $page->getName(), 'flags' => "", 'author' => $revision->get('author'), 'version' => $revision->getVersion(), 'lastmodified' => $revision->get('mtime'));
if ($page->get('mtime')) {
$params['created'] = $page->get('mtime');
}
if ($page->get('locked')) {
$params['flags'] = 'PAGE_LOCKED';
}
if ($revision->get('author_id')) {
$params['author_id'] = $revision->get('author_id');
}
if ($revision->get('markup')) {
// what is the default? we must use 1
$params['markup'] = $revision->get('markup');
}
if ($revision->get('summary')) {
$params['summary'] = $revision->get('summary');
}
if ($page->get('hits')) {
$params['hits'] = $page->get('hits');
}
if ($page->get('owner')) {
$params['owner'] = $page->get('owner');
}
if ($page->get('perm') and class_exists('PagePermission')) {
$acl = getPagePermissions($page);
$params['acl'] = $acl->asAclLines();
//TODO: convert to multiple lines? acl-view => groups,...; acl-edit => groups,...
}
$params['charset'] = $GLOBALS['charset'];
// Non-US-ASCII is not allowed in Mime headers (at least not without
// special handling) --- so we urlencode all parameter values.
foreach ($params as $key => $val) {
$params[$key] = rawurlencode($val);
}
if (isset($params['acl'])) {
// default: "view:_EVERY; edit:_AUTHENTICATED; create:_AUTHENTICATED,_BOGOUSER; ".
// "list:_EVERY; remove:_ADMIN,_OWNER; change:_ADMIN,_OWNER; dump:_EVERY; "
$params['acl'] = str_replace(array("%3A", "%3B%20", "%2C"), array(":", "; ", ","), $params['acl']);
}
$out = MimeContentTypeHeader('application', 'x-phpwiki', $params);
$out .= sprintf("Content-Transfer-Encoding: %s\r\n", STRICT_MAILABLE_PAGEDUMPS ? 'quoted-printable' : 'binary');
$out .= "\r\n";
foreach ($revision->getContent() as $line) {
// This is a dirty hack to allow saving binary text files. See above.
$line = rtrim($line);
if (STRICT_MAILABLE_PAGEDUMPS) {
$line = QuotedPrintableEncode(rtrim($line));
}
$out .= "{$line}\r\n";
}
return $out;
}
function _requiredAuthorityForPagename($access, $pagename)
{
static $permcache = array();
if (array_key_exists($pagename, $permcache) and array_key_exists($access, $permcache[$pagename])) {
return $permcache[$pagename][$access];
}
global $request;
$page = $request->getPage($pagename);
// Page not found; check against default permissions
if (!$page->exists()) {
$perm = new PagePermission();
$result = $perm->isAuthorized($access, $request->_user) === true;
$permcache[$pagename][$access] = $result;
return $result;
}
// no ACL defined; check for special dotfile or walk down
if (!($perm = getPagePermissions($page))) {
if ($pagename == '.') {
$perm = new PagePermission();
if ($perm->isAuthorized('change', $request->_user)) {
// warn the user to set ACL of ".", if he has permissions to do so.
trigger_error(". (dotpage == rootpage for inheriting pageperm ACLs) exists without any ACL!\n" . "Please do ?action=setacl&pagename=.", E_USER_WARNING);
}
$result = $perm->isAuthorized($access, $request->_user) === true;
$permcache[$pagename][$access] = $result;
return $result;
} elseif ($pagename[0] == '.') {
$perm = new PagePermission(PagePermission::dotPerms());
$result = $perm->isAuthorized($access, $request->_user) === true;
$permcache[$pagename][$access] = $result;
return $result;
}
return _requiredAuthorityForPagename($access, getParentPage($pagename));
}
// ACL defined; check if isAuthorized returns true or false or undecided
$authorized = $perm->isAuthorized($access, $request->_user);
if ($authorized !== -1) {
// interestingly true is also -1
$permcache[$pagename][$access] = $authorized;
return $authorized;
} elseif ($pagename == '.') {
return false;
} else {
return _requiredAuthorityForPagename($access, getParentPage($pagename));
}
}