[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  use dokuwiki\Extension\RemotePlugin;
   4  use dokuwiki\Remote\AccessDeniedException;
   5  
   6  /**
   7   * Class remote_plugin_acl
   8   */
   9  class remote_plugin_acl extends RemotePlugin
  10  {
  11      /**
  12       * Returns details about the remote plugin methods
  13       *
  14       * @return array Information about all provided methods. {@see dokuwiki\Remote\RemoteAPI}
  15       */
  16      public function _getMethods()
  17      {
  18          return [
  19              'listAcls' => [
  20                  'args' => [],
  21                  'return' => 'Array of ACLs {scope, user, permission}',
  22                  'name' => 'listAcls',
  23                  'doc' => 'Get the list of all ACLs'
  24              ],
  25              'addAcl' => [
  26                  'args' => ['string', 'string', 'int'],
  27                  'return' => 'int',
  28                  'name' => 'addAcl',
  29                  'doc' => 'Adds a new ACL rule.'
  30              ],
  31              'delAcl' => [
  32                  'args' => ['string', 'string'],
  33                  'return' => 'int',
  34                  'name' => 'delAcl',
  35                  'doc' => 'Delete an existing ACL rule.'
  36              ]
  37          ];
  38      }
  39  
  40      /**
  41       * List all ACL config entries
  42       *
  43       * @throws AccessDeniedException
  44       * @return dictionary {Scope: ACL}, where ACL = dictionnary {user/group: permissions_int}
  45       */
  46      public function listAcls()
  47      {
  48          if (!auth_isadmin()) {
  49              throw new AccessDeniedException(
  50                  'You are not allowed to access ACLs, superuser permission is required',
  51                  114
  52              );
  53          }
  54          /** @var admin_plugin_acl $apa */
  55          $apa = plugin_load('admin', 'acl');
  56          $apa->initAclConfig();
  57          return $apa->acl;
  58      }
  59  
  60      /**
  61       * Add a new entry to ACL config
  62       *
  63       * @param string $scope
  64       * @param string $user
  65       * @param int    $level see also inc/auth.php
  66       * @throws AccessDeniedException
  67       * @return bool
  68       */
  69      public function addAcl($scope, $user, $level)
  70      {
  71          if (!auth_isadmin()) {
  72              throw new AccessDeniedException(
  73                  'You are not allowed to access ACLs, superuser permission is required',
  74                  114
  75              );
  76          }
  77  
  78          /** @var admin_plugin_acl $apa */
  79          $apa = plugin_load('admin', 'acl');
  80          return $apa->addOrUpdateACL($scope, $user, $level);
  81      }
  82  
  83      /**
  84       * Remove an entry from ACL config
  85       *
  86       * @param string $scope
  87       * @param string $user
  88       * @throws AccessDeniedException
  89       * @return bool
  90       */
  91      public function delAcl($scope, $user)
  92      {
  93          if (!auth_isadmin()) {
  94              throw new AccessDeniedException(
  95                  'You are not allowed to access ACLs, superuser permission is required',
  96                  114
  97              );
  98          }
  99  
 100          /** @var admin_plugin_acl $apa */
 101          $apa = plugin_load('admin', 'acl');
 102          return $apa->deleteACL($scope, $user);
 103      }
 104  }