From 409d7af7c9c6c97c8c00cada876a2bf967fa1526 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Sun, 2 Jul 2006 14:16:22 +0200
Subject: [PATCH] disableactions support
This patch adds a config option to disable certain internal action commands of
DokuWiki's main dispatcher.
The options resendpasswd and openregister were removed because they can now set
through this new option.
The config plugin needs to be adjusted.
darcs-hash:20060702121622-7ad00-1e80e77bcfb0ae561fe7abd79cfbe1bb158be720.gz
---
conf/dokuwiki.php | 3 +--
inc/actions.php | 18 ++++++++---------
inc/auth.php | 2 +-
inc/confutils.php | 22 +++++++++++++++++++++
inc/html.php | 49 +++++++++--------------------------------------
inc/template.php | 25 +++++++++++++++++++++++-
6 files changed, 65 insertions(+), 54 deletions(-)
diff --git a/conf/dokuwiki.php b/conf/dokuwiki.php
index ad99e5516..dbba11efc 100644
--- a/conf/dokuwiki.php
+++ b/conf/dokuwiki.php
@@ -53,14 +53,13 @@ $conf['mailguard'] = 'hex'; //obfuscate email addresses against sp
/* Authentication Options - read http://www.splitbrain.org/dokuwiki/wiki:acl */
$conf['useacl'] = 0; //Use Access Control Lists to restrict access?
-$conf['openregister']= 1; //Should users to be allowed to register?
$conf['autopasswd'] = 1; //autogenerate passwords and email them to user
-$conf['resendpasswd']= 0; //allow resend password function?
$conf['authtype'] = 'plain'; //which authentication backend should be used
$conf['passcrypt'] = 'smd5'; //Used crypt method (smd5,md5,sha1,ssha,crypt,mysql,my411)
$conf['defaultgroup']= 'user'; //Default groups new Users are added to
$conf['superuser'] = '!!not set!!'; //The admin can be user or @group
$conf['profileconfirm'] = '1'; //Require current password to confirm changes to user profile
+$conf['disableactions'] = 'resendpwd'; //comma separated list of actions to disable
/* Advanced Options */
$conf['userewrite'] = 0; //this makes nice URLs: 0: off 1: .htaccess 2: internal
diff --git a/inc/actions.php b/inc/actions.php
index 194beaad3..51fb0a84a 100644
--- a/inc/actions.php
+++ b/inc/actions.php
@@ -155,6 +155,12 @@ function act_clean($act){
if($act == 'export_html') $act = 'export_xhtml';
if($act == 'export_htmlbody') $act = 'export_xhtmlbody';
+ // check if action is disabled
+ if(!actionOK($act)){
+ msg('Command disabled: '.htmlspecialchars($act),-1);
+ return 'show';
+ }
+
//disable all acl related commands if ACL is disabled
if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
'subscribe','unsubscribe','profile',
@@ -198,17 +204,9 @@ function act_permcheck($act){
}elseif(in_array($act,array('login','search','recent','profile'))){
$permneed = AUTH_NONE;
}elseif($act == 'register'){
- if ($conf['openregister']){
- $permneed = AUTH_NONE;
- }else{
- $permneed = AUTH_ADMIN;
- }
+ $permneed = AUTH_NONE;
}elseif($act == 'resendpwd'){
- if ($conf['resendpasswd']) {
- $permneed = AUTH_NONE;
- }else{
- $permneed = AUTH_ADMIN+1; // shouldn't get here if $conf['resendpasswd'] is off
- }
+ $permneed = AUTH_NONE;
}elseif($act == 'admin'){
$permneed = AUTH_ADMIN;
}else{
diff --git a/inc/auth.php b/inc/auth.php
index 72c87552d..345a2ba67 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -581,7 +581,7 @@ function act_resendpwd(){
global $auth;
if(!$_POST['save']) return false;
- if(!$conf['resendpasswd']) return false;
+ if(!actionOK('resendpwd')) return false;
// should not be able to get here without modPass being possible...
if(!$auth->canDo('modPass')) {
diff --git a/inc/confutils.php b/inc/confutils.php
index b800f5f53..c668e8066 100644
--- a/inc/confutils.php
+++ b/inc/confutils.php
@@ -163,5 +163,27 @@ function confToHash($file,$lower=false) {
return $conf;
}
+/**
+ * check if the given action was disabled in config
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ * @returns boolean true if enabled, false if disabled
+ */
+function actionOK($action){
+ static $disabled = null;
+ if(is_null($disabled)){
+ global $conf;
+
+ // prepare disabled actions array and handle legacy options
+ $disabled = explode(',',$conf['disableactions']);
+ $disabled = array_map('trim',$disabled);
+ if(isset($conf['openregister']) && !$conf['openregister']) $disabled[] = 'register';
+ if(isset($conf['resendpasswd']) && !$conf['resendpasswd']) $disabled[] = 'resendpwd';
+ $disabled = array_unique($disabled);
+ }
+
+ return !in_array($action,$disabled);
+}
+
//Setup VIM: ex: et ts=2 enc=utf-8 :
diff --git a/inc/html.php b/inc/html.php
index 9bd926c03..2a02b8c34 100644
--- a/inc/html.php
+++ b/inc/html.php
@@ -75,14 +75,14 @@ function html_login(){
</fieldset>
</form>
<?php
- if($auth->canDo('addUser') && $conf['openregister']){
+ if($auth->canDo('addUser') && actionOK('register')){
print '<p>';
print $lang['reghere'];
print ': <a href="'.wl($ID,'do=register').'" class="wikilink1">'.$lang['register'].'</a>';
print '</p>';
}
- if ($auth->canDo('modPass') && $conf['resendpasswd']) {
+ if ($auth->canDo('modPass') && actionOK('resendpwd')) {
print '<p>';
print $lang['pwdforget'];
print ': <a href="'.wl($ID,'do=resendpwd').'" class="wikilink1">'.$lang['btn_resendpwd'].'</a>';
@@ -99,37 +99,6 @@ function html_login(){
*/
}
-/**
- * shows the edit/source/show/draft button dependent on current mode
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-function html_editbutton(){
- global $ID;
- global $REV;
- global $ACT;
- global $INFO;
-
- if($ACT == 'show' || $ACT == 'search'){
- if($INFO['writable']){
- if($INFO['draft']){
- $r = html_btn('draft',$ID,'e',array('do' => 'draft'),'post');
- }else{
- if($INFO['exists']){
- $r = html_btn('edit',$ID,'e',array('do' => 'edit','rev' => $REV),'post');
- }else{
- $r = html_btn('create',$ID,'e',array('do' => 'edit','rev' => $REV),'post');
- }
- }
- }else{
- $r = html_btn('source',$ID,'v',array('do' => 'edit','rev' => $REV),'post');
- }
- }else{
- $r = html_btn('show',$ID,'v',array('do' => 'show'));
- }
- return $r;
-}
-
/**
* prints a section editing button
* used as a callback in html_secedit
@@ -1046,6 +1015,11 @@ function html_edit($text=null,$include='edit'){ //FIXME: include needed?
if ($REV) print p_locale_xhtml('editrev');
print p_locale_xhtml($include);
}else{
+ // check pseudo action 'source'
+ if(!actionOK('source')){
+ msg('Command disabled: source',-1);
+ return;
+ }
print p_locale_xhtml('read');
$ro='readonly="readonly"';
}
@@ -1057,8 +1031,8 @@ function html_edit($text=null,$include='edit'){ //FIXME: include needed?
<div class="toolbar">
<div id="draft__status"><?php if($INFO['draft']) echo $lang['draftdate'].' '.date($conf['dformat']);?></div>
- <div id="tool__bar"><a href="<?php echo DOKU_BASE?>lib/exe/mediamanager.php?ns=<?php echo $INFO['namespace']?>"
- target="_blank"><?php echo $lang['mediaselect'] ?></a></div>
+ <div id="tool__bar"><?php if(!$ro){?><a href="<?php echo DOKU_BASE?>lib/exe/mediamanager.php?ns=<?php echo $INFO['namespace']?>"
+ target="_blank"><?php echo $lang['mediaselect'] ?></a><?php }?></div>
<?php if($wr){?>
<script type="text/javascript" charset="utf-8">
@@ -1237,11 +1211,6 @@ function html_admin(){
ptln(' <li><div class="li"><a href="'.wl($ID, 'do=admin&page='.$item['plugin']).'">'.$item['prompt'].'</a></div></li>');
}
- // add in non-plugin functions
- if (!$conf['openregister']){
- ptln('<li><div class="li"><a href="'.wl($ID,'do=register').'">'.$lang['admin_register'].'</a></div></li>');
- }
-
ptln('</ul>');
}
diff --git a/inc/template.php b/inc/template.php
index 277c06d8d..f9e69d340 100644
--- a/inc/template.php
+++ b/inc/template.php
@@ -296,9 +296,29 @@ function tpl_button($type){
global $conf;
global $auth;
+ if(!actionOK($type)) return;
+
switch($type){
case 'edit':
- print html_editbutton();
+ #most complicated type - we need to decide on current action
+ if($ACT == 'show' || $ACT == 'search'){
+ if($INFO['writable']){
+ if($INFO['draft']){
+ echo html_btn('draft',$ID,'e',array('do' => 'draft'),'post');
+ }else{
+ if($INFO['exists']){
+ echo html_btn('edit',$ID,'e',array('do' => 'edit','rev' => $REV),'post');
+ }else{
+ echo html_btn('create',$ID,'e',array('do' => 'edit','rev' => $REV),'post');
+ }
+ }
+ }else{
+ if(!actionOK('source')) return false; //pseudo action
+ echo html_btn('source',$ID,'v',array('do' => 'edit','rev' => $REV),'post');
+ }
+ }else{
+ echo html_btn('show',$ID,'v',array('do' => 'show'));
+ }
break;
case 'history':
print html_btn('revs',$ID,'o',array('do' => 'revisions'));
@@ -386,6 +406,8 @@ function tpl_actionlink($type,$pre='',$suf=''){
global $lang;
global $auth;
+ if(!actionOK($type)) return;
+
switch($type){
case 'edit':
#most complicated type - we need to decide on current action
@@ -401,6 +423,7 @@ function tpl_actionlink($type,$pre='',$suf=''){
'class="action create" accesskey="e" rel="nofollow"');
}
}else{
+ if(!actionOK('source')) return false; //pseudo action
tpl_link(wl($ID,'do=edit&rev='.$REV),
$pre.$lang['btn_source'].$suf,
'class="action source" accesskey="v" rel="nofollow"');
--
GitLab