diff -r 21770a1a5213 -r bda11e521e8a includes/sessions.php --- a/includes/sessions.php Sun Jul 15 11:41:06 2007 -0400 +++ b/includes/sessions.php Sat Jul 21 11:28:59 2007 -0400 @@ -2052,6 +2052,9 @@ } while ( $row = $db->fetchrow() ); } + // Cache the sitewide permissions for later use + $this->acl_base_cache = $this->perms; + // Eliminate types that don't apply to this namespace foreach ( $this->perms AS $i => $perm ) { @@ -2061,9 +2064,6 @@ } } - // Cache the sitewide permissions for later use - $this->acl_base_cache = $this->perms; - // Build a query to grab ACL info $bs = 'SELECT rules,target_type,target_id FROM '.table_prefix.'acl WHERE ( '; $q = Array(); @@ -2368,24 +2368,21 @@ } var testpassed = ' . ( ( isset($_GET['use_crypt']) && $_GET['use_crypt']=='0') ? 'false; // CRYPTO-AUTH DISABLED ON USER REQUEST // ' : '' ) . '( ct == v && md5_vm_test() ); var frm = document.forms.'.$form_name.'; - if(testpassed) - { - frm.'.$use_crypt.'.value = \'yes\'; - var cryptkey = frm.'.$crypt_key.'.value; - frm.'.$crypt_key.'.value = hex_md5(cryptkey); - cryptkey = hexToByteArray(cryptkey); - if(!cryptkey || ( ( typeof cryptkey == \'string\' || typeof cryptkey == \'object\' ) ) && cryptkey.length != keySizeInBits / 8 ) - { - if ( frm._login ) frm._login.disabled = true; - len = ( typeof cryptkey == \'string\' || typeof cryptkey == \'object\' ) ? \'\\nLen: \'+cryptkey.length : \'\'; - alert(\'The key is messed up\\nType: \'+typeof(cryptkey)+len); - } - } function runEncryption() { + var frm = document.forms.'.$form_name.'; if(testpassed) { - var frm = document.forms.'.$form_name.'; + frm.'.$use_crypt.'.value = \'yes\'; + var cryptkey = frm.'.$crypt_key.'.value; + frm.'.$crypt_key.'.value = hex_md5(cryptkey); + cryptkey = hexToByteArray(cryptkey); + if(!cryptkey || ( ( typeof cryptkey == \'string\' || typeof cryptkey == \'object\' ) ) && cryptkey.length != keySizeInBits / 8 ) + { + if ( frm._login ) frm._login.disabled = true; + len = ( typeof cryptkey == \'string\' || typeof cryptkey == \'object\' ) ? \'\\nLen: \'+cryptkey.length : \'\'; + alert(\'The key is messed up\\nType: \'+typeof(cryptkey)+len); + } pass = frm.'.$pw_field.'.value; chal = frm.'.$challenge.'.value; challenge = hex_md5(pass + chal) + chal; @@ -2464,6 +2461,14 @@ var $perms = Array(); /** + * Array to track which default permissions are being used + * @var array + * @access private + */ + + var $acl_defaults_used = Array(); + + /** * Constructor. * @param string $page_id The ID of the page to check * @param string $namespace The namespace of the page to check. @@ -2477,11 +2482,13 @@ { global $db, $session, $paths, $template, $plugins; // Common objects - $this->perms = $session->acl_merge_complete($acl_types, $base); $this->acl_deps = $acl_deps; $this->acl_types = $acl_types; $this->acl_descs = $acl_descs; + $this->perms = $acl_types; + $this->perms = $session->acl_merge_complete($this->perms, $base); + // Build a query to grab ACL info $bs = 'SELECT rules FROM '.table_prefix.'acl WHERE ( '; $q = Array(); @@ -2502,7 +2509,8 @@ { do { $rules = $session->string_to_perm($row['rules']); - $this->perms = $session->acl_merge($this->perms, $rules); + $is_everyone = ( $row['target_type'] == ACL_TYPE_GROUP && $row['target_id'] == 1 ); + $this->acl_merge_with_current($rules, $is_everyone); } while ( $row = $db->fetchrow() ); } @@ -2519,6 +2527,7 @@ function get_permissions($type, $no_deps = false) { + // echo '
' . print_r($this->perms, true) . ''; global $db, $session, $paths, $template, $plugins; // Common objects if ( isset( $this->perms[$type] ) ) { @@ -2611,6 +2620,44 @@ return true; } + /** + * Merges the ACL array sent with the current permissions table, deciding precedence based on whether defaults are in effect or not. + * @param array The array to merge into the master ACL list + * @param bool If true, $perm is treated as the "new default" + * @param int 1 if this is a site-wide ACL, 2 if page-specific. Defaults to 2. + */ + + function acl_merge_with_current($perm, $is_everyone = false, $scope = 2) + { + foreach ( $this->perms as $i => $p ) + { + if ( isset($perm[$i]) ) + { + if ( $is_everyone && !$this->acl_defaults_used[$i] ) + continue; + // Decide precedence + if ( isset($this->acl_defaults_used[$i]) ) + { + //echo "$i: default in use, overriding to: {$perm[$i]}