/** * Return group members for each group of $groups='group1,group2,...', * + returns rights for each predefined right of $predefined='sd1[sd2,...' * predefined right names are joined by [ as it is forbidden by MediaWiki in titles * * TODO: Rewrite it to just getRights($titles) returning json array(array( * 'pe_type' => $pe_type, * 'pe_id' => $pe_id, * 'child_type' => $child_type, * 'child_id' => $child_id, * 'actions' => $actions, * )) */ function haclGroupClosure($groups, $rights) { global $haclgContLang; $pe = array(); $grp = $haclgContLang->getPetPrefix(IACL::PE_GROUP) . '/'; foreach (explode(',', $groups) as $k) { if (substr($k, 0, strlen($grp)) !== $grp) { $k = $grp . $k; } $pe[] = $k; } foreach (explode('[', $rights) as $k) { $pe[] = $k; } $pe = IACLDefinition::newFromTitles($pe); // Transform all user and group IDs into names $users = $groups = array(); foreach ($pe as $name => $def) { if (isset($def['rules'][IACL::PE_USER])) { $users += $def['rules'][IACL::PE_USER]; } if (isset($def['rules'][IACL::PE_GROUP])) { $groups += $def['rules'][IACL::PE_GROUP]; } } $users = IACLStorage::get('Util')->getUsers(array_keys($users)); if ($groups) { $res = wfGetDB(DB_SLAVE)->select('page', '*', array('page_id' => array_keys($groups))); $groups = array(); foreach ($res as $row) { $groups[$row->page_id] = $row; } } // Then form the result $memberAction = IACL::ACTION_GROUP_MEMBER | IACL::ACTION_GROUP_MEMBER << IACL::INDIRECT_OFFSET; $members = array(); $rules = array(); foreach ($pe as $name => $def) { if ($def['pe_type'] != IACL::PE_GROUP) { // Select all user and group rules for SDs $cur = array(); if (isset($def['rules'][IACL::PE_ALL_USERS])) { foreach ($def['rules'][IACL::PE_ALL_USERS] as $uid => $rule) { $cur[] = array('*', $rule['actions']); } } if (isset($def['rules'][IACL::PE_REG_USERS])) { foreach ($def['rules'][IACL::PE_REG_USERS] as $uid => $rule) { $cur[] = array('#', $rule['actions']); } } if (isset($def['rules'][IACL::PE_USER])) { foreach ($def['rules'][IACL::PE_USER] as $uid => $rule) { if (!isset($users[$uid])) { continue; } $cur[] = array('User:'******'actions']); } } if (isset($def['rules'][IACL::PE_GROUP])) { foreach ($def['rules'][IACL::PE_GROUP] as $gid => $rule) { if (!isset($groups[$gid])) { continue; } $cur[] = array(str_replace('_', ' ', $groups[$gid]->page_title), $rule['actions']); } } foreach ($cur as $child) { foreach (IACL::$actionToName as $i => $a) { if ($child[1] & ($i | $i << IACL::INDIRECT_OFFSET)) { $rules[$name][$child[0]][$a] = true; } } } } else { // Select user and group members for groups if (isset($def['rules'][IACL::PE_ALL_USERS])) { $rule = $def['rules'][IACL::PE_ALL_USERS]; $rule = reset($rule); if ($rule['actions'] & $memberAction) { $members[$name][] = '*'; } } if (isset($def['rules'][IACL::PE_REG_USERS])) { $rule = reset($def['rules'][IACL::PE_REG_USERS]); if ($rule['actions'] & $memberAction) { $members[$name][] = '#'; } } if (isset($def['rules'][IACL::PE_USER])) { foreach ($def['rules'][IACL::PE_USER] as $uid => $rule) { if ($rule['actions'] & $memberAction) { if (!isset($users[$uid])) { continue; } $members[$name][] = 'User:'******'rules'][IACL::PE_GROUP])) { foreach ($g['rules'][IACL::PE_GROUP] as $gid => $right) { if ($right['actions'] & $memberAction) { $members[$name][] = str_replace('_', ' ', $groups[$gid]->page_title); } } sort($members[$name]); } } } return json_encode(array('groups' => $members, 'rights' => $rules)); }
/** * "Real" ACL list, loaded using AJAX */ static function haclAcllist($t, $n, $offset = 0, $limit = 10) { global $wgScript, $wgTitle, $haclgHaloScriptPath, $haclgContLang, $wgUser; haclCheckScriptPath(); // Load data $spec = SpecialPage::getTitleFor('IntraACL'); $titles = IACLStorage::get('SD')->getSDPages($t, $n, NULL, $offset, $limit, $total); $defs = IACLDefinition::newFromTitles($titles); // Build SD data for template $lists = array(); foreach ($titles as $k => $sd) { $d = array('name' => $sd->getText(), 'real' => $sd->getText(), 'editlink' => $spec->getLocalUrl(array('action' => 'acl', 'sd' => $sd->getText())), 'viewlink' => $sd->getLocalUrl(), 'single' => NULL); $pe = IACLDefinition::nameOfPE($sd); $d['type'] = IACL::$typeToName[$pe[0]]; $d['real'] = $pe[1]; // Single SD inclusion if (isset($defs[$k]) && !empty($defs[$k]['single_child'])) { $s = $defs[$k]['single_child']; $name = IACLDefinition::peNameForID($s[0], $s[1]); $d['single'] = Title::newFromText(IACLDefinition::nameOfSD($s[0], $name)); $d['singletype'] = IACL::$typeToName[$s[0]]; $d['singlename'] = $name; $d['singlelink'] = $d['single']->getLocalUrl(); $d['singletip'] = wfMsg('hacl_acllist_hint_single', $d['real'], $d['single']->getPrefixedText()); } $lists[$d['type']][] = $d; } // Next and previous page links $pageurl = Title::makeTitleSafe(NS_SPECIAL, 'IntraACL')->getLocalUrl(array('types' => $t, 'filter' => $n, 'limit' => $limit)); $nextpage = $prevpage = false; if ($total > $limit + $offset) { $nextpage = $pageurl . '&offset=' . intval($offset + $limit); } if ($offset >= $limit) { $prevpage = $pageurl . '&offset=' . intval($offset - $limit); } // Run template ob_start(); require dirname(__FILE__) . '/../templates/HACL_ACLListContents.tpl.php'; $html = ob_get_contents(); ob_end_clean(); return $html; }