2011-11-15
pbmichel
I'd love to be able to augment the USERS and ACL files with additional content generated by external tools.
Maybe I am approaching this the wrong way and I should just add an additional authentication backend, but here is the way I implemented:
With the following three small patches, there are two new files which can be configured, which are then used in DokuWiki for authentication and access control.
Honoring the new ACL rules in 'acl.more.auth.php':
<code>
diff -r cd6f1edc5ddc -r b8a85886d5a0 inc/auth.php
--- a/inc/auth.php Sat Oct 15 12:18:39 2011 +0200
+++ b/inc/auth.php Thu Oct 20 11:22:48 2011 +0200
@@ -125,18 +125,26 @@
$acl = file($config_cascade['acl']['default']);
+ if(is_readable($config_cascade['acl.more']['default'])) {
+ $acl = array_merge(file($config_cascade['acl.more']['default']), $acl);
+ }
+
+ $res = array();
+
//support user wildcard
- if(isset($_SERVER['REMOTE_USER'])){
- $len = count($acl);
- for($i=0; $i<$len; $i++){
- if($acl[$i]{0} == '#') continue;
- list($id,$rest) = preg_split('/\s+/',$acl[$i],2);
+ foreach($acl as $line){
+ $line = preg_replace('/#.*$/','',$line); //ignore comments
+ $line = trim($line);
+ if(empty($line)) continue;
+ list($id,$rest) = preg_split('/\s+/',$line,2);
+ if(isset($_SERVER['REMOTE_USER'])){
$id = str_replace('%USER%',cleanID($_SERVER['REMOTE_USER']),$id);
$rest = str_replace('%USER%',auth_nameencode($_SERVER['REMOTE_USER']),$rest);
- $acl[$i] = "$id\t$rest";
}
+ array_push($res, "$id\t$rest");
}
- return $acl;
+
+ return $res;
}
function auth_login_wrapper($evdata) {
</code>
Honoring the new users in 'users.more.auth.php':
<code>
diff -r cd6f1edc5ddc -r b8a85886d5a0 inc/auth/plain.class.php
--- a/inc/auth/plain.class.php Sat Oct 15 12:18:39 2011 +0200
+++ b/inc/auth/plain.class.php Thu Oct 20 11:22:48 2011 +0200
@@ -282,6 +282,11 @@
if(!@file_exists($config_cascade['plainauth.users']['default'])) return;
$lines = file($config_cascade['plainauth.users']['default']);
+
+ if(@file_exists($config_cascade['plainauth.users.more']['default'])) {
+ $lines = array_merge(file($config_cascade['plainauth.users.more']['default']), $lines);
+ }
+
foreach($lines as $line){
$line = preg_replace('/#.*$/','',$line); //ignore comments
$line = trim($line);
</code>
Finally, adding the two new files to the configuration:
<code>
diff -r cd6f1edc5ddc -r b8a85886d5a0 inc/config_cascade.php
--- a/inc/config_cascade.php Sat Oct 15 12:18:39 2011 +0200
+++ b/inc/config_cascade.php Thu Oct 20 11:22:48 2011 +0200
@@ -61,9 +61,15 @@
'acl' => array(
'default' => DOKU_CONF.'acl.auth.php',
),
+ 'acl.more' => array(
+ 'default' => DOKU_CONF.'acl.more.auth.php',
+ ),
'plainauth.users' => array(
'default' => DOKU_CONF.'users.auth.php',
),
+ 'plainauth.users.more' => array(
+ 'default' => DOKU_CONF.'users.more.auth.php',
+ ),
),
$config_cascade
);
</code>
By the way things are done in DokuWiki, the ACL rules neither show up in the ACL manager, nor can they be changed by it. The latter is a GOOD thing. Also, users DO show up in the user manager, yet I am not sure if they can actually be changed, I haven't really tested this deeply. If they can be changed, however, the user will be migrated to the DokuWiki user file... The original DokuWiki files also takes precedence.
This patch is very crude at the moment, yet it achieved what I wanted to do, namely generate the users and acls mainly from an external source and disable sign-up in the Wiki altogether.