opensourcemirror
/
dokuwiki
mirror of https://github.com/splitbrain/dokuwiki.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fixed wildcard handling in ACL manager FS#1955 

This patch also removes legacy support for @USER@. Only %USER% is valid
now.
This commit is contained in:
Andreas Gohr 2010-06-26 11:20:25 +02:00
parent 69266de50f
commit 80601d2689
2 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/auth.php
View File

@ -107,7 +107,6 @@ function auth_setup(){
//support user wildcard
if(isset($_SERVER['REMOTE_USER'])){
$AUTH_ACL = str_replace('%USER%',$_SERVER['REMOTE_USER'],$AUTH_ACL);
$AUTH_ACL = str_replace('@USER@',$_SERVER['REMOTE_USER'],$AUTH_ACL); //legacy
}
}
}
@ -569,6 +568,9 @@ function auth_nameencode($name,$skip_group=false){
$cache =& $cache_authname;
$name = (string) $name;
// never encode wildcard FS#1955
if($name == '%USER%') return $name;
if (!isset($cache[$name][$skip_group])) {
if($skip_group && $name{0} =='@'){
$cache[$name][$skip_group] = '@'.preg_replace('/([\x00-\x2f\x3a-\x40\x5b-\x60\x7b-\x7f])/e',

7
lib/plugins/acl/admin.php
View File

@ -96,7 +96,10 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
if($_REQUEST['acl_t'] == '__g__' && $who){
$this->who = '@'.ltrim($auth->cleanGroup($who),'@');
}elseif($_REQUEST['acl_t'] == '__u__' && $who){
$this->who = ltrim($auth->cleanUser($who),'@');
$this->who = ltrim($who,'@');
if($this->who != '%USER%'){ #keep wildcard as is
$this->who = $auth->cleanUser($this->who);
}
}elseif($_REQUEST['acl_t'] &&
$_REQUEST['acl_t'] != '__u__' &&
$_REQUEST['acl_t'] != '__g__'){
@ -150,7 +153,7 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
if ($who!='@ALL') {
$who = '@'.ltrim($auth->cleanGroup($who),'@');
}
} else {
} elseif ($who != '%USER%'){ #keep wildcard as is
$who = $auth->cleanUser($who);
}
$who = auth_nameencode($who,true);