Revision [18979]

This is an old revision of InheritACL made by MasinAlDujaili on 2008-01-28 00:13:29.

 

Inheriting of ACL

As wished in #139, a simple way for setting ACL at creation time might be useful. The idea is to take the ACL of the page where the link leading to page creation has been clicked by the user.

As JavaWoman states on HierarchiesAndInheritance, there are five different ways of creating a new page:

  1. By creating a URL with the new page name (and optionally immediately adding the /edit handler)
  1. By using the form presented by the "newpage" action
  1. By following a "missing page" link from another page and following the "create" link from the resulting dummy page
  1. By cloning from a template page
  1. By cloning from another (non-template) page

Cases 4 & 5 have been taken care by BrianKoontz with his CloneACLs patch. Case 1 just needs to get the defaut ACL of the config file while case 2 might be more difficult to implement something elegant. I want to take care of the third case: The page creation by following a "missing page" link from another page.

As I'm not very familiar with the WikkaWiki code, some solutions might look clumsy -- I greatly appreciate if someone would take a look into the code.

Ensuring to get the 'parent' page

Almost at the end of the Link() function in libs/wakka.class.php you'll find this line
            return ($linkedPage ? "<a href=\"".$this->Href($method, $linkedPage['tag'])."\" title=\"$title\">".$text."</a>" : "<a class=\"missingpage\" href=\"".$this->Href("edit", $tag)."\" title=\"Create this page\">".$text."</a>");


Might look somewhat different, as I have tuned it a little bit to fit my needs (memo: create a test installation with a native 1.1.6.2). Replace the line with this line (fit it to your installation as needed):
            return ($linkedPage ? "<a href=\"".$this->Href($method, $linkedPage['tag'])."\" title=\"$title\">".$text."</a>" : "<a class=\"missingpage\" href=\"".$this->Href("edit", $tag, "page=".$this->GetPageTag())."\" title=\"Create this page\">".$text."</a>");


If a page is not existing in the Wikka database, it gets a link with the edit handler appended to it. I further append the tag of the current page to it.

In handlers/page/edit.php find around l.45 our initialization stuff:
//initialization
$error = '';
$highlight_note = '';
$ondblclick = ''; //#123

and replace by:
// ACL stuff
if (!defined('READ_ACL_LABEL')) define('READ_ACL_LABEL', 'Read ACL:');
if (!defined('WRITE_ACL_LABEL')) define('WRITE_ACL_LABEL', 'Write ACL:');
if (!defined('COMMENT_ACL_LABEL')) define('COMMENT_ACL_LABEL', 'Comment ACL:');

//initialization
$error = '';
$highlight_note = '';
$ondblclick = ''; //#123
$inherit_acl = $this->config['inherit_acl'];


From above, next in line is around line 100 (original file) the part of storing the page with its new ACLs:
            if (!$error)
            {
                // only save if new body differs from old body
                if ($body != $this->page['body']) {

                    // add page (revisions)
                    $this->SavePage($this->tag, $body, $note);

                    // now we render it internally so we can write the updated link table.
                    $this->ClearLinkTable();
                    $this->StartLinkTracking();
                    $dummy = $this->Header();
                    $dummy .= $this->Format($body);
                    $dummy .= $this->Footer();
                    $this->StopLinkTracking();
                    $this->WriteLinkTable();
                    $this->ClearLinkTable();
                }

                // forward
                $this->Redirect($this->Href());
            }

Replace this with:
            if (!$error)
            {
                // only save if new body differs from old body
                if ($body != $this->page['body']) {

                    // add page (revisions)
                    $this->SavePage($this->tag, $body, $note);

                    // now we render it internally so we can write the updated link table.
                    $this->ClearLinkTable();
                    $this->StartLinkTracking();
                    $dummy = $this->Header();
                    $dummy .= $this->Format($body);
                    $dummy .= $this->Footer();
                    $this->StopLinkTracking();
                    $this->WriteLinkTable();
                    $this->ClearLinkTable();
                }
                // Clone ACLs if requested
                if($inherit_acl)
                {
                    if (isset($_POST['read_acl'])) $this->SaveACL($this->tag, 'read', $this->TrimACLs($_POST['read_acl']));
                    if (isset($_POST['write_acl'])) $this->SaveACL($this->tag, 'write', $this->TrimACLs($_POST['write_acl']));
                    if (isset($_POST['comment_acl'])) $this->SaveACL($this->tag, 'comment', $this->TrimACLs($_POST['comment_acl']));
                }

                // forward
                $this->Redirect($this->Href());
            }


Next is the preview part. We find it in the original file at around line 140:
    if (isset($_POST['submit']) && $_POST['submit'] == INPUT_SUBMIT_PREVIEW) # preview output
    {
        $preview_buttons = '<hr />'."\n";
        // We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
        // so we use htmlspecialchars on the edit note (as on the body)
        if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
        {
            $preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
        }
        $preview_buttons .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" />'."\n".
            '<input name="submit" type="submit" value="'.INPUT_SUBMIT_REEDIT.'" accesskey="'.ACCESSKEY_REEDIT.'" id="reedit_id" />'."\n".
            '<input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->href('').'\';" />'."\n";

        $output .= '<div class="previewhead">'.PREVIEW_HEADER.'</div>'."\n";

        $output .= $this->Format($body);

        $output .=
            $this->FormOpen('edit')."\n".
            '<input type="hidden" name="previous" value="'.$previous.'" />'."\n".
            // We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
            // hence htmlspecialchars() instead of htmlspecialchars_ent() which UNescapes entities!
            '<input type="hidden" name="body" value="'.htmlspecialchars($body).'" />'."\n";


        $output .= "<br />\n".$preview_buttons.$this->FormClose()."\n";
    }

Replace it with this piece of code:
    if (isset($_POST['submit']) && $_POST['submit'] == INPUT_SUBMIT_PREVIEW) # preview output
    {
        //check if ACLs have been cloned in the step before and copy them to more readable variables
        if(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']))
        {
            $read_acl = $_POST['read_acl'];
            $write_acl = $_POST['write_acl'];
            $comment_acl = $_POST['comment_acl'];
        }
        else //disable inheriting of ACLs
        {
            $inherit_acl = 0;
        }
        $preview_buttons = '<hr />'."\n";
        // We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
        // so we use htmlspecialchars on the edit note (as on the body)
        if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
        {
            $preview_buttons .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/>'.LABEL_EDIT_NOTE.'<br />'."\n";
        }
        $preview_buttons .= '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" />'."\n".
            '<input name="submit" type="submit" value="'.INPUT_SUBMIT_REEDIT.'" accesskey="'.ACCESSKEY_REEDIT.'" id="reedit_id" />'."\n".
            '<input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->href('').'\';" />'."\n";

        $output .= '<div class="previewhead">'.PREVIEW_HEADER.'</div>'."\n";

        $output .= $this->Format($body);

        $output .=
            $this->FormOpen('edit')."\n".
            '<input type="hidden" name="previous" value="'.$previous.'" />'."\n".
            // We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
            // hence htmlspecialchars() instead of htmlspecialchars_ent() which UNescapes entities!
            '<input type="hidden" name="body" value="'.htmlspecialchars($body).'" />'."\n";
        if($inherit_acl) $output .=
            '<input type="hidden" name="read_acl" value="'.$read_acl.'" />'."\n".
            '<input type="hidden" name="write_acl" value="'.$write_acl.'" />'."\n".
            '<input type="hidden" name="comment_acl" value="'.$comment_acl.'" />'."\n";


        $output .= "<br />\n".$preview_buttons.$this->FormClose()."\n";
    }

At this point, it doesn't matter if there has been activated inheriting of ACLs -- it's just for transporting the information we might or might not need to the preview and back.

The last part is the longest. We find it in the original handlers/page/edit.php at around line 180
    else     # edit page
    {
        // display form
        if ($error)
        {
            $output .= '<em class="error">'.$error.'</em>'."\n";
        }

        // append a comment?
        if (isset($_REQUEST['appendcomment']))
        {
            $body = trim($body)."\n\n----\n\n--".$this->GetUserName().' ('.strftime("%c").')';
        }

        $output .=
            $this->FormOpen('edit').
            '<input type="hidden" name="previous" value="'.$previous.'" />'."\n".
            // We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
            // hence htmlspecialchars() instead of htmlspecialchars_ent() which UNescapes entities!
            '<textarea id="body" name="body">'.htmlspecialchars($body).'</textarea><br />'."\n";
            //note add Edit
            // We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
            // so we use htmlspecialchars on the edit note (as on the body)
        if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
        {
            $output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
        }
        //finish
        $output .=  '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" /> <input name="submit" type="submit" value="'.INPUT_SUBMIT_PREVIEW.'" accesskey="'.ACCESSKEY_PREVIEW.'" /> <input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->Href('').'\';" />'."\n".
            $this->FormClose();

        if ($this->config['gui_editor'] == 1)
        {
            $output .= '<script type="text/javascript" src="3rdparty/plugins/wikiedit/protoedit.js"></script>'."\n".
                    '<script type="text/javascript" src="3rdparty/plugins/wikiedit/wikiedit2.js"></script>'."\n";
            $output .= '<script type="text/javascript">'."  wE = new WikiEdit(); wE.init('body','WikiEdit','editornamecss');".'</script>'."\n";
        }
    }

There is a lot of modifications of which some might be unneccessary. Perhaps someone finds ways to optimize this.
    else     # edit page
    {
        // display form
        if ($error)
        {
            $output .= '<em class="error">'.$error.'</em>'."\n";
        }

        // append a comment?
        if (isset($_REQUEST['appendcomment']))
        {
            $body = trim($body)."\n\n----\n\n--".$this->GetUserName().' ('.strftime("%c").')';
        }

        // has a referring page been appended?
        $ref_page = '';
        if (isset($_GET['page']) && $inherit_acl)
        {
            $ref_page = $this->LoadPage($_GET['page']);
            if($ref_page)
            {
                $ref_ACLs = $this->LoadAllACLs($ref_page['tag']);
                $read_acl = $ref_ACLs['read_acl'];
                $write_acl = $ref_ACLs['write_acl'];
                $comment_acl = $ref_ACLs['comment_acl'];
            }
            else
            {
                $read_acl = $this->GetConfigValue('default_read_acl');
                $write_acl = $this->GetConfigValue('default_write_acl');
                $comment_acl = $this->GetConfigValue('default_comment_acl');
            }
        }
        // has ACLs been posted? if so copy them to a new variable
        elseif(isset($_POST['read_acl']) || isset($_POST['write_acl']) || isset($_POST['comment_acl']))
        {
            $read_acl = $_POST['read_acl'];
            $write_acl = $_POST['write_acl'];
            $comment_acl = $_POST['comment_acl'];
        }
        else // disable ACLs editing
        {
            $read_acl = $this->ACLs['read_acl'];
            $write_acl = $this->ACLs['write_acl'];
            $comment_acl = $this->ACLs['comment_acl'];
            $inherit_acl = 0;
        }
        $output .=
            $this->FormOpen('edit').
            '<input type="hidden" name="previous" value="'.$previous.'" />'."\n".
            // We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
            // hence htmlspecialchars() instead of htmlspecialchars_ent() which UNescapes entities!
            '<textarea id="body" name="body">'.htmlspecialchars($body).'</textarea><br />'."\n";
            //note add Edit
            // We need to escape ALL entity refs before display so we display them _as_ entities instead of interpreting them
            // so we use htmlspecialchars on the edit note (as on the body)
        if ($this->config['require_edit_note'] != 2) //check if edit_notes are enabled
        {
            $output .= '<input size="'.MAX_EDIT_NOTE_LENGTH.'" type="text" name="note" value="'.htmlspecialchars($note).'" '.$highlight_note.'/> '.LABEL_EDIT_NOTE.'<br />'."\n";
        }
        //finish
        $output .=  '<input name="submit" type="submit" value="'.INPUT_SUBMIT_STORE.'" accesskey="'.ACCESSKEY_STORE.'" /> <input name="submit" type="submit" value="'.INPUT_SUBMIT_PREVIEW.'" accesskey="'.ACCESSKEY_PREVIEW.'" /> <input type="button" value="'.INPUT_BUTTON_CANCEL.'" onclick="document.location=\''.$this->Href('').'\';" />'."\n";
        if($inherit_acl) $output .= '<table class="acls">'."\n".
            '<tr>'."\n".
            '<td>'."\n".
            '<strong>'.READ_ACL_LABEL.'</strong><br />'."\n".
            '<textarea name="read_acl" rows="4" cols="20">'.$read_acl.'</textarea>'."\n".
            '</td>'."\n".
            '<td>'."\n".
            '<strong>'.WRITE_ACL_LABEL.'</strong><br />'."\n".
            '<textarea name="write_acl" rows="4" cols="20">'.$write_acl.'</textarea>'."\n".
            '</td>'."\n".
            '<td>'."\n".
            '<strong>'.COMMENT_ACL_LABEL.'</strong><br />'."\n".
            '<textarea name="comment_acl" rows="4" cols="20">'.$comment_acl.'</textarea>'."\n".
            '</td>'."\n".
            '</tr>'."\n".
            '</table>'."\n";
        $output .= $this->FormClose();

        if ($this->config['gui_editor'] == 1)
        {
            $output .= '<script type="text/javascript" src="3rdparty/plugins/wikiedit/protoedit.js"></script>'."\n".
                    '<script type="text/javascript" src="3rdparty/plugins/wikiedit/wikiedit2.js"></script>'."\n";
            $output .= '<script type="text/javascript">'."  wE = new WikiEdit(); wE.init('body','WikiEdit','editornamecss');".'</script>'."\n";
        }
    }


What I almost forgot: You might want to disable this feature, thus you can extend your wikka.config.php with this line, where 1 means on and 0 means off:
    'inherit_acl' => '1',

In fact, without this line you won't get anything different.

 

CategoryUserContributions
There are 3 comments on this page. [Show comments]
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki