git.plutz.net Git - shellwiki/blob - acl.sh

   1 #!/bin/sh
   2
   3 [ "$include_acl" ] && return 0
   4 include_acl="$0"
   5
   6 # ACL_OVERRIDE="${ACL_OVERRIDE:-Admin:read,write}"
   7 ACL_DEFAULT="${ACL_DEFAULT:-Known:read,write${BR}All:read}"
   8
   9 acl_cachepath=''
  10 acl_collection=''
  11
  12 acl_collect(){
  13   local path="${1:-${PATH_INFO}}"
  14   # Get directory part of PATH_INFO
  15   local path="${path%/*}/./"
  16   local pagefile head acl
  17
  18   if [ "$acl_cachepath" = "$path" ]; then
  19     printf '%s\n' "$ACL_OVERRIDE" "$acl_collection" "$ACL_DEFAULT"
  20     return 0
  21   else
  22     acl_cachepath="$path"
  23     acl_collection=''
  24   fi
  25
  26   printf '%s\n' "$ACL_OVERRIDE"
  27
  28   while :; do
  29     [ "$path" = / ] && break
  30     path="${path%/*/}/"
  31
  32     # Do not use `mdfile` function here because of specialties
  33     # in translation handler (`handlers/10_translations.sh`)
  34     if   [ -f "$_DATA/pages/$path/#page.md" ]; then
  35       pagefile="$_DATA/pages/$path/#page.md"
  36     elif [ -f "$_EXEC/pages/$path/#page.md" ]; then
  37       pagefile="$_EXEC/pages/$path/#page.md"
  38     else
  39       continue
  40     fi
  41
  42     acl="$(sed -En '
  43       s;\r$;;;
  44       /^%acl([\t ]+.*)?$/bACL;
  45       20q;
  46       b;
  47
  48       :ACL
  49       s;(%(acl)?)?[\t ]*;;
  50       p; n; s;\r$;;;
  51       /^(%[ \t]+|%acl[ \t]+|[ \t]+)[^ \t\r]+$/bACL;
  52       /^(%[ \t]*|%acl[ \t]*)$/bACL;
  53     ' <"$pagefile")"
  54
  55     printf %s\\n "${acl}"
  56     acl_collection="${acl_collection}${acl}${BR}"
  57   done
  58
  59   printf '%s\n' "$ACL_DEFAULT"
  60 }
  61
  62 acl_read(){
  63   local page="${1:-${PATH_INFO}}"
  64   local acl
  65
  66   while read -r acl; do
  67     case ${acl##*:} in
  68       read|*,read,*|read,*|*,read)
  69          acl="${acl%%:*}:read";;
  70       *) acl="${acl%%:*}:";;
  71     esac
  72     [ "$USER_NAME" ] && case $acl in
  73        "Known:read") return 0;;
  74        "Known:")     return 1;;
  75       "+Known:read") return 0;;
  76       "-Known:read") return 1;;
  77        "@${USER_NAME}:read") return 0;;
  78        "@${USER_NAME}:")      return 1;;
  79       "+@{$USER_NAME}:read") return 0;;
  80       "-@{$USER_NAME}:read") return 1;;
  81     esac
  82     case $acl in
  83        "All:read") return 0;;
  84        "All:")     return 1;;
  85       "+All:read") return 0;;
  86       "-All:read") return 1;;
  87     esac
  88   done <<-EOF
  89         $(acl_collect "$page")
  90         EOF
  91   return 1
  92 }
  93
  94 acl_write(){
  95   local page="${1:-${PATH_INFO}}"
  96   local acl
  97
  98   while read -r acl; do
  99     case ${acl##*:} in
 100       write|*,write,*|write,*|*,write)
 101          acl="${acl%%:*}:write";;
 102       *) acl="${acl%%:*}:";;
 103     esac
 104     [ "$USER_NAME" ] && case ${acl} in
 105        "Known:write") return 0;;
 106        "Known:")      return 1;;
 107       "+Known:write") return 0;;
 108       "-Known:write") return 1;;
 109        "@${USER_NAME}:write") return 0;;
 110        "@${USER_NAME}:")      return 1;;
 111       "+@{$USER_NAME}:write") return 0;;
 112       "-@{$USER_NAME}:write") return 1;;
 113     esac
 114     case $acl in
 115        "All:write") return 0;;
 116        "All:")      return 1;;
 117       "+All:write") return 0;;
 118       "-All:write") return 1;;
 119     esac
 120   done <<-EOF
 121         $(acl_collect "$page")
 122         EOF
 123   return 1
 124 }