git.plutz.net Git - shellwiki/blob - acl.sh

   1 #!/bin/sh
   2
   3 [ "$include_acl" ] && return 0
   4 include_acl="$0"
   5
   6 # ACL_OVERRIDE="${ACL_OVERRIDE:-Admin:read,write}"
   7 ACL_DEFAULT="${ACL_DEFAULT:-Known:read,write${BR}All:read}"
   8
   9 acl_cachepath=''
  10 acl_collection=''
  11
  12 acl_collect(){
  13   local path="$1"
  14   # Get directory part of PATH_INFO
  15   local path="${path%/*}/./"
  16   local pagefile head acl
  17
  18   printf '%s\n' "$ACL_OVERRIDE"
  19
  20   while :; do
  21     [ "$path" = / ] && break
  22     path="${path%/*/}/"
  23
  24     # Do not use `mdfile` function here because of specialties
  25     # in translation handler (`handlers/10_translations.sh`)
  26     if   [ -f "$_DATA/pages/$path/#page.md" ]; then
  27       pagefile="$_DATA/pages/$path/#page.md"
  28     elif [ -f "$_EXEC/pages/$path/#page.md" ]; then
  29       pagefile="$_EXEC/pages/$path/#page.md"
  30     else
  31       continue
  32     fi
  33
  34     acl="$(sed -En '
  35       s;\r$;;;
  36       /^%acl([\t ]+.*)?$/bACL;
  37       20q;
  38       b;
  39
  40       :ACL
  41       s;(%(acl)?)?[\t ]*;;
  42       p; n; s;\r$;;;
  43       /^(%[ \t]+|%acl[ \t]+|[ \t]+)[^ \t\r]+$/bACL;
  44       /^(%[ \t]*|%acl[ \t]*)$/bACL;
  45     ' <"$pagefile")"
  46
  47     printf %s\\n "${acl}"
  48   done
  49
  50   printf '%s\n' "$ACL_DEFAULT"
  51 }
  52
  53 acl_read(){
  54   local page="${1:-${PATH_INFO}}"
  55   local acl
  56
  57   if [ "$acl_cachepath" != "$page" ]; then
  58     acl_cachepath="$page"
  59     acl_collection="$(acl_collect "$page")"
  60   fi
  61
  62   while read -r acl; do
  63     case ${acl##*:} in
  64       read|*,read,*|read,*|*,read)
  65          acl="${acl%%:*}:read";;
  66       *) acl="${acl%%:*}:";;
  67     esac
  68     [ "$USER_NAME" ] && case $acl in
  69        "Known:read") return 0;;
  70        "Known:")     return 1;;
  71       "+Known:read") return 0;;
  72       "-Known:read") return 1;;
  73        "@${USER_NAME}:read") return 0;;
  74        "@${USER_NAME}:")      return 1;;
  75       "+@{$USER_NAME}:read") return 0;;
  76       "-@{$USER_NAME}:read") return 1;;
  77     esac
  78     case $acl in
  79        "All:read") return 0;;
  80        "All:")     return 1;;
  81       "+All:read") return 0;;
  82       "-All:read") return 1;;
  83     esac
  84    done <<-EOF
  85         ${acl_collection}
  86         EOF
  87   return 1
  88 }
  89
  90 acl_write(){
  91   local page="${1:-${PATH_INFO}}"
  92   local acl
  93
  94   if [ "$acl_cachepath" != "$page" ]; then
  95     acl_cachepath="$page"
  96     acl_collection="$(acl_collect "$page")"
  97   fi
  98
  99   while read -r acl; do
 100     case ${acl##*:} in
 101       write|*,write,*|write,*|*,write)
 102          acl="${acl%%:*}:write";;
 103       *) acl="${acl%%:*}:";;
 104     esac
 105     [ "$USER_NAME" ] && case ${acl} in
 106        "Known:write") return 0;;
 107        "Known:")      return 1;;
 108       "+Known:write") return 0;;
 109       "-Known:write") return 1;;
 110        "@${USER_NAME}:write") return 0;;
 111        "@${USER_NAME}:")      return 1;;
 112       "+@{$USER_NAME}:write") return 0;;
 113       "-@{$USER_NAME}:write") return 1;;
 114     esac
 115     case $acl in
 116        "All:write") return 0;;
 117        "All:")      return 1;;
 118       "+All:write") return 0;;
 119       "-All:write") return 1;;
 120     esac
 121   done <<-EOF
 122         ${acl_collection}
 123         EOF
 124   return 1
 125 }