[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  use dokuwiki\Extension\ActionPlugin;
   4  use dokuwiki\Extension\EventHandler;
   5  use dokuwiki\Extension\Event;
   6  
   7  /**
   8   * AJAX call handler for ACL plugin
   9   *
  10   * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
  11   * @author     Andreas Gohr <andi@splitbrain.org>
  12   */
  13  /**
  14   * Register handler
  15   */
  16  class action_plugin_acl extends ActionPlugin
  17  {
  18      /**
  19       * Registers a callback function for a given event
  20       *
  21       * @param EventHandler $controller DokuWiki's event controller object
  22       * @return void
  23       */
  24      public function register(EventHandler $controller)
  25      {
  26  
  27          $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleAjaxCallAcl');
  28      }
  29  
  30      /**
  31       * AJAX call handler for ACL plugin
  32       *
  33       * @param Event $event  event object by reference
  34       * @param mixed $param  empty
  35       * @return void
  36       */
  37      public function handleAjaxCallAcl(Event $event, $param)
  38      {
  39          if ($event->data !== 'plugin_acl') {
  40              return;
  41          }
  42          $event->stopPropagation();
  43          $event->preventDefault();
  44  
  45          global $ID;
  46          global $INPUT;
  47  
  48          /** @var $acl admin_plugin_acl */
  49          $acl = plugin_load('admin', 'acl');
  50          if (!$acl->isAccessibleByCurrentUser()) {
  51              echo 'for admins only';
  52              return;
  53          }
  54          if (!checkSecurityToken()) {
  55              echo 'CRSF Attack';
  56              return;
  57          }
  58  
  59          $ID = getID();
  60          $acl->handle();
  61  
  62          $ajax = $INPUT->str('ajax');
  63          header('Content-Type: text/html; charset=utf-8');
  64  
  65          if ($ajax == 'info') {
  66              $acl->printInfo();
  67          } elseif ($ajax == 'tree') {
  68              $ns = $INPUT->str('ns');
  69              if ($ns == '*') {
  70                  $ns = '';
  71              }
  72              $ns = cleanID($ns);
  73              $lvl = count(explode(':', $ns));
  74              $ns = utf8_encodeFN(str_replace(':', '/', $ns));
  75  
  76              $data = $acl->makeTree($ns, $ns);
  77  
  78              foreach (array_keys($data) as $item) {
  79                  $data[$item]['level'] = $lvl + 1;
  80              }
  81              echo html_buildlist(
  82                  $data,
  83                  'acl',
  84                  [$acl, 'makeTreeItem'],
  85                  [$acl, 'makeListItem']
  86              );
  87          }
  88      }
  89  }