git.plutz.net Git - shellwiki/blob - acl.sh

   1 #!/bin/sh
   2
   3 # ACL_OVERRIDE="${ACL_OVERRIDE:-Admin:read,write}"
   4 ACL_DEFAULT="${ACL_DEFAULT:-All:read${BR}Known:read,write}"
   5
   6 acl_cachepath=''
   7 acl_collection=''
   8
   9 acl_collect(){
  10   local path="${1:-${PATH_INFO}}"
  11   # Get directory part of PATH_INFO
  12   local path="${path%/*}/./"
  13   local pagefile head acl
  14
  15   if [ "$acl_cachepath" = "$path" ]; then
  16     printf '%s\n' "$ACL_OVERRIDE" "$acl_collection" "$ACL_DEFAULT"
  17     return 0
  18   else
  19     acl_cachepath="$path"
  20     acl_collection=''
  21   fi
  22
  23   printf '%s\n' "$ACL_OVERRIDE"
  24
  25   while :; do
  26     [ "$path" = / ] && break
  27     path="${path%/*/}/"
  28
  29     if   [ -f "$_DATA/pages/$path/#page.md" ]; then
  30       pagefile="$_DATA/pages/$path/#page.md"
  31     elif [ -f "$_EXEC/pages/$path/#page.md" ]; then
  32       pagefile="$_EXEC/pages/$path/#page.md"
  33     else
  34       continue
  35     fi
  36
  37     n=20; while read -r head acl; do
  38       if [ "$head" = "%acl" ]; then
  39         acl_collection="${acl%${CR}}${BR}"
  40         printf "%s\n" "${acl%${CR}}"
  41         n=$((n+1))
  42       fi
  43
  44       n="$((n - 1))"
  45       [ "$n" -eq 0 ] && break
  46     done <"$pagefile"
  47   done
  48
  49   printf '%s\n' "$ACL_DEFAULT"
  50 }
  51
  52 acl_read(){
  53   local page="${1:-${PATH_INFO}}"
  54   local acl
  55
  56   while read -r acl; do
  57     case ${acl##*:} in
  58       read|*,read,*|read,*|*,read)
  59          acl="${acl%%:*}:read";;
  60       *) acl="${acl%%:*}:";;
  61     esac
  62     [ "$USER_NAME" ] && case $acl in
  63        "Known:read") return 0;;
  64        "Known:")     return 1;;
  65       "+Known:read") return 0;;
  66       "-Known:read") return 1;;
  67        "${USER_NAME}:read") return 0;;
  68        "${USER_NAME}:")      return 1;;
  69       "+{$USER_NAME}:read") return 0;;
  70       "-{$USER_NAME}:read") return 1;;
  71     esac
  72     case $acl in
  73        "All:read") return 0;;
  74        "All:")     return 1;;
  75       "+All:read") return 0;;
  76       "-All:read") return 1;;
  77     esac
  78   done <<-EOF
  79         $(acl_collect "$page")
  80         EOF
  81   return 1
  82 }
  83
  84 acl_write(){
  85   local page="${1:-${PATH_INFO}}"
  86   local acl
  87
  88   while read -r acl; do
  89     case ${acl##*:} in
  90       write|*,write,*|write,*|*,write)
  91          acl="${acl%%:*}:write";;
  92       *) acl="${acl%%:*}:";;
  93     esac
  94     [ "$USER_NAME" ] && case ${acl} in
  95        "Known:write") return 0;;
  96        "Known:")      return 1;;
  97       "+Known:write") return 0;;
  98       "-Known:write") return 1;;
  99        "${USER_NAME}:write") return 0;;
 100        "${USER_NAME}:")      return 1;;
 101       "+{$USER_NAME}:write") return 0;;
 102       "-{$USER_NAME}:write") return 1;;
 103     esac
 104     case $acl in
 105        "All:write") return 0;;
 106        "All:")      return 1;;
 107       "+All:write") return 0;;
 108       "-All:write") return 1;;
 109     esac
 110   done <<-EOF
 111         $(acl_collect "$page")
 112         EOF
 113   return 1
 114 }