From 42f3fd0a1f28a8efb7f4f490312d58ddc2b1b8f5 Mon Sep 17 00:00:00 2001
From: Cyril Duchon-Doris <Cyril.Duchon-Doris@telecom-paristech.org>
Date: Wed, 25 Feb 2015 14:18:08 +0100
Subject: [PATCH] Reverting changes so as to use already existing function, and
 adding admin check

---
 lib/plugins/acl/admin.php  | 43 --------------------------------------
 lib/plugins/acl/remote.php |  9 ++++++--
 2 files changed, 7 insertions(+), 45 deletions(-)

diff --git a/lib/plugins/acl/admin.php b/lib/plugins/acl/admin.php
index 3cb541726..fcaf6ca60 100644
--- a/lib/plugins/acl/admin.php
+++ b/lib/plugins/acl/admin.php
@@ -674,49 +674,6 @@ class admin_plugin_acl extends DokuWiki_Admin_Plugin {
         }
     }
 
-    /**
-     * Returns an array of all ACLs
-     * (meant to be use by XMLRC API)
-     * Mostly a copy of _init_acl_config, consider refactoring ?
-     *
-     * @author Cyril Duchon-Doris <cyril.duchon-doris@telecom-paristech.org>
-     */
-    function _acl_list(){
-        global $AUTH_ACL;
-        global $conf;
-        $acl_config = array();
-
-        // get special users and groups
-        $this->specials[] = '@ALL';
-        $this->specials[] = '@'.$conf['defaultgroup'];
-        if($conf['manager'] != '!!not set!!'){
-            $this->specials = array_merge($this->specials,
-                array_map('trim',
-                explode(',',$conf['manager'])));
-        }
-        $this->specials = array_filter($this->specials);
-        $this->specials = array_unique($this->specials);
-        sort($this->specials);
-
-        foreach($AUTH_ACL as $line){
-            $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments
-            if(!$line) continue;
-
-            $acl = preg_split('/[ \t]+/',$line);
-            //0 is pagename, 1 is user, 2 is acl
-
-            $acl[1] = rawurldecode($acl[1]);
-            $acl_config[$acl[0]][$acl[1]] = $acl[2];
-
-            // store non-special users and groups for later selection dialog
-            $ug = $acl[1];
-            if(in_array($ug,$this->specials)) continue;
-        }
-
-        ksort($acl_config);
-        return $acl_config;
-    }
-
     /**
      * adds new acl-entry to conf/acl.auth.php
      *
diff --git a/lib/plugins/acl/remote.php b/lib/plugins/acl/remote.php
index f90aae6de..519fa5399 100644
--- a/lib/plugins/acl/remote.php
+++ b/lib/plugins/acl/remote.php
@@ -34,12 +34,17 @@ class remote_plugin_acl extends DokuWiki_Remote_Plugin {
     /**
      * List all ACL config entries
      *
-     * @return array [{scope, user, permission}]
+     * @throws RemoteAccessDeniedException
+     * @return dictionary {Scope: ACL}, where ACL = dictionnary {user/group: permissions_int}
      */
     public function listAcls(){
+        if(!auth_isadmin()) {
+         throw new RemoteAccessDeniedException('You are not allowed to access ACLs, superuser permission is required', 114);
+        }
         /** @var admin_plugin_acl $apa */
         $apa = plugin_load('admin', 'acl');
-        return $apa->_acl_list();
+        $apa->_init_acl_config();
+        return $apa->acl;
     }
 
     /**
-- 
GitLab