diff --git a/ecrire/action/editer_breve.php b/ecrire/action/editer_breve.php
index e6690b961df5f1976dc78550a1899ee4b8f54126..7784a9dd49e76cbc490f97f59f308bd8b6a57f25 100644
--- a/ecrire/action/editer_breve.php
+++ b/ecrire/action/editer_breve.php
@@ -123,12 +123,8 @@ function revisions_breves ($id_breve, $c=false) {
// et que le demandeur n'est pas admin de la rubrique
// repasser la breve en statut 'prop'.
if ($statut == 'publie') {
- if ($GLOBALS['auteur_session']['statut'] != '0minirezo')
+ if (!autoriser('publierdans','rubrique',$id_parent))
$champs['statut'] = $statut = 'prop';
- else {
- if (!acces_rubrique($id_parent))
- $champs['statut'] = $statut = 'prop';
- }
}
}
diff --git a/ecrire/action/editer_site.php b/ecrire/action/editer_site.php
index fdb5a092b31c4e3a6278738968e09823daf1ec9e..251fd22ebcb736d10178b60571d8f137fc2656ad 100644
--- a/ecrire/action/editer_site.php
+++ b/ecrire/action/editer_site.php
@@ -150,7 +150,7 @@ function revisions_sites ($id_syndic, $c=false) {
if (_request('statut', $c)
AND _request('statut', $c) != $statut
- AND acces_rubrique($id_rubrique)) {
+ AND autoriser('publierdans','rubrique',$id_rubrique)) {
$statut = $champs['statut'] = _request('statut', $c);
}
@@ -166,12 +166,8 @@ function revisions_sites ($id_syndic, $c=false) {
// et que le demandeur n'est pas admin de la rubrique
// repasser le site en statut 'prop'.
if ($statut == 'publie') {
- if ($GLOBALS['auteur_session']['statut'] != '0minirezo')
+ if (!autoriser('publierdans','rubrique',$id_parent))
$champs['statut'] = $statut = 'prop';
- else {
- if (!acces_rubrique($id_parent))
- $champs['statut'] = $statut = 'prop';
- }
}
}
diff --git a/ecrire/exec/articles.php b/ecrire/exec/articles.php
index 7a7c23c7c97a0e1b43ff03dd2b9f3f1b92998000..94efc1f4ccebdbb3808d5f65c060ed7d2878676a 100644
--- a/ecrire/exec/articles.php
+++ b/ecrire/exec/articles.php
@@ -15,7 +15,6 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
include_spip('inc/presentation');
include_spip('inc/texte');
include_spip('inc/actions');
-include_spip('inc/autoriser');
// http://doc.spip.org/@exec_articles_dist
function exec_articles_dist()
diff --git a/ecrire/exec/articles_forum.php b/ecrire/exec/articles_forum.php
index f14497402907ef04939d98e3f0fc519ca16e22cf..a85a8e8375ef84b6c2e749f9a6c61a7b4f704205 100644
--- a/ecrire/exec/articles_forum.php
+++ b/ecrire/exec/articles_forum.php
@@ -13,7 +13,6 @@
if (!defined("_ECRIRE_INC_VERSION")) return;
include_spip('inc/presentation');
include_spip('inc/forum'); // pour boutons_controle_forum
-include_spip('inc/autoriser');
// http://doc.spip.org/@exec_articles_forum_dist
function exec_articles_forum_dist()
diff --git a/ecrire/exec/articles_ortho.php b/ecrire/exec/articles_ortho.php
index 9986d17f30c5337d773d9589ac598887088b388c..5db8cbbcd5c0f947d10c4981a922b73eae96ae53 100644
--- a/ecrire/exec/articles_ortho.php
+++ b/ecrire/exec/articles_ortho.php
@@ -15,7 +15,6 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
include_spip('inc/presentation');
include_spip('inc/distant');
include_spip('inc/ortho');
-include_spip('inc/autoriser');
// http://doc.spip.org/@exec_articles_ortho_dist
function exec_articles_ortho_dist()
diff --git a/ecrire/exec/articles_versions.php b/ecrire/exec/articles_versions.php
index 51230b289108c88cef6cd4d8683c7e59cd6f7b20..b3f4c804074b2f72a3fb09e1ced9a2e87dfae1d8 100644
--- a/ecrire/exec/articles_versions.php
+++ b/ecrire/exec/articles_versions.php
@@ -15,7 +15,6 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
include_spip('inc/presentation');
include_spip('inc/revisions');
-include_spip('inc/autoriser');
// http://doc.spip.org/@exec_articles_versions_dist
function exec_articles_versions_dist()
diff --git a/ecrire/exec/breves.php b/ecrire/exec/breves.php
index 08147a8639eb789cee5823ef8f0c232076a8e529..514c77af28b549dc91321ffcd12fafbf90969e20 100644
--- a/ecrire/exec/breves.php
+++ b/ecrire/exec/breves.php
@@ -38,8 +38,7 @@ function exec_breves_dist()
$titre=typo($row['titre']);
$descriptif=$row['descriptif'];
$texte=$row['texte'];
- $editable = ($GLOBALS['connect_statut'] == "0minirezo")
- && acces_rubrique($id_rubrique);
+ $editable = autoriser('publierdans','rubrique',$id_rubrique);
$statuts = "'prop', 'publie'" . ($editable ? ", 'refuse'": "");
diff --git a/ecrire/exec/breves_edit.php b/ecrire/exec/breves_edit.php
index 24223f1154f6d19a687846379378c2d9a073feed..f80848afce73733cb15008edcfd21909a0ef43ab 100644
--- a/ecrire/exec/breves_edit.php
+++ b/ecrire/exec/breves_edit.php
@@ -164,7 +164,7 @@ if ($connect_statut=="0minirezo" OR $statut=="prop" OR $new == "oui") {
$form .= extra_saisie($extra, 'breves', $id_rubrique);
}
- if ($connect_statut=="0minirezo" AND acces_rubrique($id_rubrique)) {
+ if (autoriser('publierdans','rubrique',$id_rubrique)) {
$form .= debut_cadre_relief('', true)
. "<b>"._T('entree_breve_publiee')."</b>\n"
. "<select name='statut' size='1' class='fondl'>\n"
diff --git a/ecrire/exec/breves_voir.php b/ecrire/exec/breves_voir.php
index a4f442e79148665738d6a4caa9144f694c9fbb1e..fde965659e7834d09f14bce1718d48239bde0acf 100644
--- a/ecrire/exec/breves_voir.php
+++ b/ecrire/exec/breves_voir.php
@@ -40,7 +40,7 @@ function afficher_breves_voir($id_breve, $cherche_mot, $select_groupe)
exit;
}
- $flag_editable = (($connect_statut == '0minirezo' AND acces_rubrique($id_rubrique)) OR $statut == 'prop');
+ $flag_editable = (autoriser('publierdans','rubrique',$id_rubrique) OR $statut == 'prop');
// Est-ce que quelqu'un a deja ouvert la breve en edition ?
if ($flag_editable
@@ -87,7 +87,7 @@ function afficher_breves_voir($id_breve, $cherche_mot, $select_groupe)
// Logos de la breve
//
- if (($spip_display != 4) AND $id_breve>0 AND ($connect_statut == '0minirezo' AND acces_rubrique($id_rubrique))) {
+ if (($spip_display != 4) AND $id_breve>0 AND autoriser('publierdans','rubrique',$id_rubrique)) {
$iconifier = charger_fonction('iconifier', 'inc');
echo $iconifier('id_breve', $id_breve, 'breves_voir');
}
@@ -208,7 +208,7 @@ function afficher_breves_voir($id_breve, $cherche_mot, $select_groupe)
echo extra_affichage($extra, "breves");
}
- if ($connect_statut=="0minirezo" AND acces_rubrique($id_rubrique) AND ($statut=="prop" OR $statut=="prepa")){
+ if (autoriser('publierdans','rubrique',$id_rubrique) AND ($statut=="prop" OR $statut=="prepa")){
echo "<div align='right'>";
echo "<table><tr>";
diff --git a/ecrire/exec/controle_forum.php b/ecrire/exec/controle_forum.php
index 27ee2be3a2bad00ec39c7421badc09ccdf8895eb..9dee4089fcc958ef4245c603b1944df122ebd492 100644
--- a/ecrire/exec/controle_forum.php
+++ b/ecrire/exec/controle_forum.php
@@ -228,7 +228,7 @@ function exec_controle_forum_dist()
# TODO autoriser
$droit = (($connect_statut != "0minirezo") OR
(!$connect_toutes_rubriques AND
- (!$id_rubrique OR !acces_rubrique($id_rubrique))));
+ (!$id_rubrique OR !autoriser('publierdans','rubrique',$id_rubrique))));
if (_request('var_ajaxcharset') AND !$droit) {
ajax_retour($mess);
diff --git a/ecrire/exec/controle_petition.php b/ecrire/exec/controle_petition.php
index d422ad6cce1bb8ffe32b52711088377f88808b03..60190bd456f00a3c5656d697fe8392ed2349cbe5 100644
--- a/ecrire/exec/controle_petition.php
+++ b/ecrire/exec/controle_petition.php
@@ -18,7 +18,6 @@ function exec_controle_petition_dist()
{
include_spip('inc/presentation');
include_spip('inc/signatures');
- include_spip('inc/autoriser');
$id_article = intval(_request('id_article'));
diff --git a/ecrire/exec/dater.php b/ecrire/exec/dater.php
index 968cdcfbbd0b6b0a99e2fcd851ab2f0c727fcb97..61eca1e826966eca56e1e3def53a56bfb1918977 100644
--- a/ecrire/exec/dater.php
+++ b/ecrire/exec/dater.php
@@ -19,7 +19,7 @@ function exec_dater_dist()
$id = intval(_request('id'));
if (($GLOBALS['auteur_session']['statut'] != '0minirezo')
- OR ($type == 'article' AND !acces_article($id))
+ OR ($type == 'article' AND !autoriser('modifier','article',$id))
OR (!preg_match('/^\w+$/',$type))) { // securite
include_spip('inc/minipres');
echo minipres();
diff --git a/ecrire/exec/documents_colonne.php b/ecrire/exec/documents_colonne.php
index 48054f98a853d0a4a151af50a3d54811bbf08ca0..71a4dfd1e74c74f4440fdce4a83711f47e3f5c32 100644
--- a/ecrire/exec/documents_colonne.php
+++ b/ecrire/exec/documents_colonne.php
@@ -19,8 +19,8 @@ function exec_documents_colonne_dist()
$id = intval($id);
if (!($type == 'article'
- ? acces_article($id)
- : acces_rubrique($id))) {
+ ? autoriser('modifier','article',$id)
+ : autoriser('publierdans','rubrique',$id))) {
include_spip('inc/minipres');
echo minipres();
exit;
diff --git a/ecrire/exec/editer_auteurs.php b/ecrire/exec/editer_auteurs.php
index c42422102003c9da2b2c131a9ece5f2de897d363..1fe709643e7247db2a51b45c3691df118af48fe4 100644
--- a/ecrire/exec/editer_auteurs.php
+++ b/ecrire/exec/editer_auteurs.php
@@ -21,7 +21,7 @@ function exec_editer_auteurs_dist()
$id = intval(_request("id_$type"));
- if (! acces_article($id_article)) {
+ if (! autoriser('modifier','article',$id_article)) {
include_spip('inc/minipres');
echo minipres();
exit;
diff --git a/ecrire/exec/editer_mot.php b/ecrire/exec/editer_mot.php
index ef579cd6e37dd64494e8c251391f956ca2b36ef4..d8cc6a782e058321e54a2624e2156c2ba130fd8b 100644
--- a/ecrire/exec/editer_mot.php
+++ b/ecrire/exec/editer_mot.php
@@ -22,14 +22,14 @@ function exec_editer_mot_dist()
if ($GLOBALS['connect_toutes_rubriques']) // pour eviter SQL
$droit = true;
elseif ($objet == 'article')
- $droit = acces_article($id_objet);
+ $droit = autoriser('modifier','article',$id_objet);
elseif ($objet == 'rubrique')
- $droit = acces_rubrique($id_objet);
+ $droit = autoriser('publierdans','rubrique',$id_objet);
else {
if ($objet == 'breve')
$droit = spip_query("SELECT id_rubrique FROM spip_breves WHERE id_breve='$id_objet'");
else $droit = spip_query("SELECT id_rubrique FROM spip_syndic WHERE id_syndic=$id_objet");
- $droit = acces_rubrique($droit['id_rubrique']);
+ $droit = autoriser('publierdans','rubrique',$droit['id_rubrique']);
}
if (!$droit) {
diff --git a/ecrire/exec/iconifier.php b/ecrire/exec/iconifier.php
index fda9fedb2521823600548a6c2c316730024e2c9b..ec3bc6f199925b8036272cde275bc6714dc41799 100644
--- a/ecrire/exec/iconifier.php
+++ b/ecrire/exec/iconifier.php
@@ -31,7 +31,7 @@ function exec_iconifier_dist()
}
if ($type == 'id_rubrique')
- $droit = acces_rubrique($id);
+ $droit = autoriser('publierdans','rubrique',$id);
elseif ($type == 'id_auteur')
$droit = (($id == $connect_id_auteur) OR $connect_toutes_rubriques);
elseif ($type == 'id_mot')
@@ -39,7 +39,7 @@ function exec_iconifier_dist()
else {
$table=substr($type, 3) . (($type == 'id_syndic') ? '' : 's');
$row = spip_fetch_array(spip_query("SELECT id_rubrique, statut FROM spip_$table WHERE $type=$id"));
- $droit = acces_rubrique($row['id_rubrique']);
+ $droit = autoriser('publierdans','rubrique',$row['id_rubrique']);
if (!$droit AND ($row['statut'] == 'prepa' OR $row['statut'] == 'prop' OR $row['statut'] == 'poubelle'))
$droit = spip_num_rows(determiner_auteurs_objet('article',$id, "id_auteur=$connect_id_auteur"));
}
diff --git a/ecrire/exec/legender.php b/ecrire/exec/legender.php
index 49b3b431ffd5fd44444a57d736c514567719078e..bb934bd92690895d018527fe183c9c46f604ffeb 100644
--- a/ecrire/exec/legender.php
+++ b/ecrire/exec/legender.php
@@ -20,8 +20,8 @@ function exec_legender_dist()
$id_document = intval($id_document);
if (!($type == 'article'
- ? acces_article($id)
- : acces_rubrique($id))) {
+ ? autoriser('modifier','article',$id)
+ : autoriser('publierdans','rubrique',$id))) {
include_spip('inc/minipres');
echo minipres();
exit;
diff --git a/ecrire/exec/meme_rubrique.php b/ecrire/exec/meme_rubrique.php
index f04935ea04be088f472b03bc215e901630bca947..eba2ac27c37091cf75445655be274f7c17de9ce3 100644
--- a/ecrire/exec/meme_rubrique.php
+++ b/ecrire/exec/meme_rubrique.php
@@ -22,7 +22,7 @@ function exec_meme_rubrique_dist()
$order = _request('order');
if (($GLOBALS['auteur_session']['statut'] != '0minirezo')
- OR (!acces_rubrique($id))
+ OR (!autoriser('publierdans','rubrique',$id))
OR (!preg_match('/^[\w_-]+$/',$order))
OR (!preg_match('/^[\w_-]+$/',$type))) {
include_spip('inc/minipres');
diff --git a/ecrire/exec/mots_edit.php b/ecrire/exec/mots_edit.php
index f13c0e62c0bf308bbc6b17ac4c21e90209cdc4c7..7063fbd96f867ebc7c16f47c4f933db85917ae7a 100644
--- a/ecrire/exec/mots_edit.php
+++ b/ecrire/exec/mots_edit.php
@@ -56,7 +56,7 @@ global
$id_groupe = $row['id_groupe'];
$onfocus ='';
} else {
- if (!$new OR !acces_mots()) {
+ if (!$new OR !autoriser('modifier','groupemots',$id_groupe)) {
echo minipres(_T('info_mot_sans_groupe'));
exit;
}
@@ -105,7 +105,7 @@ global
// Logos du mot-clef
- if (acces_mots() AND ($spip_display != 4)) {
+ if (autoriser('modifier','groupemots',$id_groupe) AND ($spip_display != 4)) {
$iconifier = charger_fonction('iconifier', 'inc');
$out .= $iconifier('id_mot', $id_mot, 'mots_edit','iconifier');
}
@@ -117,7 +117,7 @@ global
$res ='';
- if (acces_mots() AND $id_groupe) {
+ if ($id_groupe AND autoriser('modifier','groupemots',$id_groupe)) {
$res = icone_horizontale(_T('icone_modif_groupe_mots'), generer_url_ecrire("mots_type","id_groupe=$id_groupe"), "groupe-mot-24.gif", "edit.gif", false)
. icone_horizontale(_T('icone_creation_mots_cles'), generer_url_ecrire("mots_edit", "new=oui&id_groupe=$id_groupe&redirect=" . generer_url_retour('mots_tous')), "mot-cle-24.gif", "creer.gif", false);
}
@@ -188,7 +188,7 @@ global
$out .= fin_cadre_relief(true);
- if (acces_mots()){
+ if (autoriser('modifier','groupemots',$id_groupe)){
$out .= debut_cadre_formulaire('',true);
diff --git a/ecrire/exec/mots_tous.php b/ecrire/exec/mots_tous.php
index e0f9399a5af14e75e4d42bf187e37024de838ad3..a3417e1e7c9b3ea8cab30ea4468cd025f8cad834 100644
--- a/ecrire/exec/mots_tous.php
+++ b/ecrire/exec/mots_tous.php
@@ -30,7 +30,7 @@ function exec_mots_tous_dist()
echo pipeline('affiche_gauche',array('args'=>array('exec'=>'mots_tous'),'data'=>''));
- if (acces_mots() AND !$conf_mot){
+ if (autoriser('modifier','groupemots',$id_groupe) AND !$conf_mot){
$res = icone_horizontale(_T('icone_creation_groupe_mots'), generer_url_ecrire("mots_type","new=oui"), "groupe-mot-24.gif", "creer.gif",false);
echo bloc_des_raccourcis($res);
@@ -42,7 +42,7 @@ function exec_mots_tous_dist()
debut_droite();
gros_titre(_T('titre_mots_tous'));
- if (acces_mots()) {
+ if (autoriser('modifier','groupemots',$id_groupe)) {
echo typo(_T('info_creation_mots_cles')) . aide ("mots") ;
}
echo "<br /><br />";
@@ -119,7 +119,7 @@ function exec_mots_tous_dist()
echo "</div>";
- if (acces_mots()){
+ if (autoriser('modifier','groupemots',$id_groupe)){
echo "\n<table cellpadding='0' cellspacing='0' border='0' width='100%'>";
echo "<tr>";
echo "<td>";
diff --git a/ecrire/exec/naviguer.php b/ecrire/exec/naviguer.php
index e3113583260d2bf0744aa4b4708fbd725b9de837..4802cf49f4e4a3d3b86ab266c88fcab6923d365b 100644
--- a/ecrire/exec/naviguer.php
+++ b/ecrire/exec/naviguer.php
@@ -42,7 +42,7 @@ function exec_naviguer_dist()
else if ($id_parent == 0) $ze_logo = "secteur-24.gif";
else $ze_logo = "rubrique-24.gif";
- $flag_editable = acces_rubrique($id_rubrique);
+ $flag_editable = autoriser('publierdans','rubrique',$id_rubrique);
pipeline('exec_init',array('args'=>array('exec'=>'naviguer','id_rubrique'=>$id_rubrique),'data'=>''));
@@ -62,6 +62,12 @@ function exec_naviguer_dist()
fin_grand_cadre();
changer_typo('', 'rubrique'.$id_rubrique);
+
+ if (!autoriser('voir','rubrique',$id_rubrique)){
+ echo "<strong>"._T('avis_acces_interdit')."</strong>";
+ fin_page();
+ exit;
+ }
debut_gauche();
@@ -151,7 +157,7 @@ function infos_naviguer($id_rubrique, $statut, $ze_logo)
echo $res;
voir_en_ligne ('rubrique', $id_rubrique, $statut);
- if (acces_rubrique($id_rubrique)) {
+ if (autoriser('publierdans','rubrique',$id_rubrique)) {
$id_parent = spip_fetch_array(spip_query("SELECT id_parent FROM spip_rubriques WHERE id_rubrique=$id_rubrique"));
if (!$id_parent['id_parent']) {
list($from, $where) = critere_statut_controle_forum('prop', $id_rubrique);
@@ -358,7 +364,7 @@ function contenu_naviguer($id_rubrique, $id_parent) {
$res .= '<br />' . afficher_sites('<b>' . _T('titre_sites_references_rubrique') . '</b>', array("FROM" => 'spip_syndic', 'WHERE' => "id_rubrique='$id_rubrique' AND statut!='refuse' AND statut != 'prop' AND syndication NOT IN ('off','sus')", 'ORDER BY' => 'nom_site'));
if ($id_rubrique > 0
- AND ($GLOBALS['meta']["proposer_sites"]> 0 OR acces_rubrique($id_rubrique))) {
+ AND ($GLOBALS['meta']["proposer_sites"]> 0 OR autoriser('publierdans','rubrique',$id_rubrique))) {
$res .= "<br /><div align='$spip_lang_right'>"
. icone(_T('info_sites_referencer'), generer_url_ecrire('sites_edit', "id_rubrique=$id_rubrique&redirect=" . generer_url_retour('naviguer', "id_rubrique=$id_rubrique")), "site-24.gif", "creer.gif",'', 'non')
diff --git a/ecrire/exec/petitionner.php b/ecrire/exec/petitionner.php
index dae8938e828c14c1e44d0d3af15442ef46ab3769..b13ac5ca2166a7dfe006057976cf98a8f675ad3c 100644
--- a/ecrire/exec/petitionner.php
+++ b/ecrire/exec/petitionner.php
@@ -18,7 +18,7 @@ function exec_petitionner_dist()
global $id_article, $script;
$id_article = intval($id_article);
- if (!acces_article($id_article)) {
+ if (!autoriser('modifier','article',$id_article)) {
include_spip('inc/minipres');
echo minipres();
exit;
diff --git a/ecrire/exec/puce_statut_article.php b/ecrire/exec/puce_statut_article.php
index cd1fe82718ee541e222b4ae6cb075600b3baa21a..1c9249d85b3532971e45823814e042433b2532a6 100644
--- a/ecrire/exec/puce_statut_article.php
+++ b/ecrire/exec/puce_statut_article.php
@@ -13,7 +13,6 @@
if (!defined("_ECRIRE_INC_VERSION")) return;
include_spip('inc/presentation');
-include_spip('inc/autoriser');
// http://doc.spip.org/@exec_puce_statut_article_dist
function exec_puce_statut_article_dist()
diff --git a/ecrire/exec/referencer_traduction.php b/ecrire/exec/referencer_traduction.php
index 89a257ca42f596509a6c11902bc338903bc0563a..a76de88402e9b6e5fe667fe5539228a4e1599fe5 100644
--- a/ecrire/exec/referencer_traduction.php
+++ b/ecrire/exec/referencer_traduction.php
@@ -17,7 +17,7 @@ function exec_referencer_traduction_dist()
{
$id_article = intval(_request('id_article'));
- if (!acces_article($id_article)) {
+ if (!autoriser('modifier','article',$id_article)) {
include_spip('inc/minipres');
echo minipres();
exit;
diff --git a/ecrire/exec/regler_moderation.php b/ecrire/exec/regler_moderation.php
index 7d629eb77c51dc2f4c0213425cf32202c8d25ec6..e4c8182fb78576d870b6627cf63c1ac8487d1de2 100644
--- a/ecrire/exec/regler_moderation.php
+++ b/ecrire/exec/regler_moderation.php
@@ -18,7 +18,7 @@ function exec_regler_moderation_dist()
global $id_article, $script;
$id_article = intval($id_article);
- if (!acces_article($id_article)) {
+ if (!autoriser('modifier','article',$id_article)) {
include_spip('inc/minipres');
echo minipres();
exit;
diff --git a/ecrire/exec/rubriques_edit.php b/ecrire/exec/rubriques_edit.php
index 31085eab41a8572cc56e5ef91156b1c7c6fb2602..c095e85ebbf7af6f7fdbc36acac9e1f9509bbf91 100644
--- a/ecrire/exec/rubriques_edit.php
+++ b/ecrire/exec/rubriques_edit.php
@@ -39,7 +39,7 @@ function exec_rubriques_edit_dist()
$texte = "";
$id_parent = intval($id_parent);
- if (!acces_rubrique($id_parent)) {
+ if (!autoriser('publierdans','rubrique',$id_parent)) {
$id_parent = $GLOBALS['connect_id_rubrique'][0];
}
} else {
diff --git a/ecrire/exec/sites.php b/ecrire/exec/sites.php
index 0496b95bdc45537384cce909993c9808dbb55f86..946115b1e70d8530525be425dc69ebed300c70f9 100644
--- a/ecrire/exec/sites.php
+++ b/ecrire/exec/sites.php
@@ -43,7 +43,7 @@ function exec_sites_dist()
$mod = $row['moderation'];
$extra=$row["extra"];
- $flag_administrable = acces_rubrique($id_rubrique);
+ $flag_administrable = autoriser('publierdans','rubrique',$id_rubrique);
$flag_editable = ($flag_administrable OR ($GLOBALS['meta']["proposer_sites"] > 0 AND ($statut == 'prop')));
diff --git a/ecrire/exec/statistiques_visites.php b/ecrire/exec/statistiques_visites.php
index b8354c0265e86decc3060819f47269062e27c187..81320768c0eac2db51ea25f0356b67f12f683b5d 100644
--- a/ecrire/exec/statistiques_visites.php
+++ b/ecrire/exec/statistiques_visites.php
@@ -45,7 +45,6 @@ function statistiques_csv($id_article) {
else
$q = "SELECT date, visites FROM spip_visites ORDER BY date";
- include_spip('inc/autoriser');
if (!autoriser('voirstats', $id ? 'article':'', $id)) exit;
diff --git a/ecrire/exec/tourner.php b/ecrire/exec/tourner.php
index 4ffcac67071a703aa6cf060afed355628a7f09e6..da6edd7cbf80b5c5590e07c735cffa95e7cc3cbe 100644
--- a/ecrire/exec/tourner.php
+++ b/ecrire/exec/tourner.php
@@ -20,8 +20,8 @@ function exec_tourner_dist()
$id_document = intval($id_document);
if (!($type == 'article'
- ? acces_article($id)
- : acces_rubrique($id))) {
+ ? autoriser('modifier','article',$id)
+ : autoriser('publierdans','rubrique',$id))) {
include_spip('inc/minipres');
echo minipres();
exit;
diff --git a/ecrire/exec/virtualiser.php b/ecrire/exec/virtualiser.php
index dbe45a5c07c50d0b4a520d4e7f8768df8c5c7e2f..81d79b470fc80bb6c4c4bba60f09edc81a050b42 100644
--- a/ecrire/exec/virtualiser.php
+++ b/ecrire/exec/virtualiser.php
@@ -18,7 +18,7 @@ function exec_virtualiser_dist()
global $id_article, $script;
$id_article = intval($id_article);
- if (!acces_article($id_article)) {
+ if (!autoriser('modifier','article',$id_article)) {
include_spip('inc/minipres');
echo minipres();
exit;
diff --git a/ecrire/inc/admin.php b/ecrire/inc/admin.php
index 42a7d4a6830aff0227668d7a411fcdef85c26767..06346b59af5eea7ff4a656f6c4b8d92ae4accbe0 100644
--- a/ecrire/inc/admin.php
+++ b/ecrire/inc/admin.php
@@ -44,7 +44,6 @@ function debut_admin($script, $action, $commentaire='') {
}
include_spip('inc/minipres');
- include_spip('inc/autoriser');
// Si on est un super-admin, un bouton de validation suffit
diff --git a/ecrire/inc/article_select.php b/ecrire/inc/article_select.php
index 0038c5b40458bb21efe1dd9bf963c444205d2c34..436b0a052f29447c0a25af7e469abc8e5c282d84 100644
--- a/ecrire/inc/article_select.php
+++ b/ecrire/inc/article_select.php
@@ -23,7 +23,6 @@ function article_select($id_article, $id_rubrique=0, $lier_trad=0, $id_version=0
global $connect_id_auteur, $connect_id_rubrique, $spip_lang;
include_spip('inc/auth'); // pour auteurs_article si espace public
- include_spip('inc/autoriser');
if (is_numeric($id_article)) {
diff --git a/ecrire/inc/auth.php b/ecrire/inc/auth.php
index a3644cc00f11f3a20ffae6de1259bed4f40d7686..a4d59705673f3308a5fb263d4e3463506dd9b989 100644
--- a/ecrire/inc/auth.php
+++ b/ecrire/inc/auth.php
@@ -17,14 +17,6 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
// Fonctions de gestion de l'acces restreint aux rubriques
//
-// http://doc.spip.org/@acces_rubrique
-function acces_rubrique($id_rubrique) {
- global $connect_toutes_rubriques;
- global $connect_id_rubrique;
-
- return ($connect_toutes_rubriques OR isset($connect_id_rubrique[$id_rubrique]));
-}
-
// http://doc.spip.org/@acces_restreint_rubrique
function acces_restreint_rubrique($id_rubrique) {
global $connect_id_rubrique;
@@ -33,32 +25,6 @@ function acces_restreint_rubrique($id_rubrique) {
return (isset($connect_id_rubrique[$id_rubrique]));
}
-// http://doc.spip.org/@acces_mots
-function acces_mots() {
- global $connect_toutes_rubriques;
- return $connect_toutes_rubriques;
-}
-
-// http://doc.spip.org/@acces_article
-function acces_article($id_article)
-{
- global $auteur_session, $connect_toutes_rubriques;
-
- if ($connect_toutes_rubriques) return true;
-
- $s = spip_query("SELECT id_rubrique, statut FROM spip_articles WHERE id_article=$id_article");
- $row = spip_fetch_array($s);
-
- if (acces_rubrique($row['id_rubrique'])) return true;
-
- $s = auteurs_article($id_article, " id_auteur=" . $auteur_session['id_auteur']);
- if (!spip_num_rows($s)) return false;
-
- $s = $row['statut'];
-
- return ($s == 'prepa' OR $s == 'prop' OR $s == 'poubelle');
-}
-
// http://doc.spip.org/@auteurs_article
function auteurs_article($id_article, $cond='')
{
diff --git a/ecrire/inc/autoriser.php b/ecrire/inc/autoriser.php
index c8f7907e6e65b23672bc2417c8a632cf5b83d161..3b1a43f5353fbc1c8b7417d56d030ed3a3f52442 100644
--- a/ecrire/inc/autoriser.php
+++ b/ecrire/inc/autoriser.php
@@ -161,6 +161,14 @@ function autoriser_article_modifier_dist($faire, $type, $id, $qui, $opt) {
);
}
+// Autoriser a modifier un groupe de mots $id
+// http://doc.spip.org/@autoriser_rubrique_modifier_dist
+function autoriser_groupemots_modifier_dist($faire, $type, $id, $qui, $opt) {
+ return
+ $qui['statut'] == '0minirezo'
+ AND !$qui['restreint'];
+}
+
// Lire les stats ?
// = tous les admins
// http://doc.spip.org/@autoriser_voirstats_dist
diff --git a/ecrire/inc/chercher_rubrique.php b/ecrire/inc/chercher_rubrique.php
index 53bad9dc39e6b63265c10d5abb63db7551692dfa..687d4c671992ebbaac0b18c9c1b9b6976f8de16f 100644
--- a/ecrire/inc/chercher_rubrique.php
+++ b/ecrire/inc/chercher_rubrique.php
@@ -129,7 +129,7 @@ function sous_menu_rubriques($id_rubrique, $root, $niv, &$data, &$enfants, $excl
$niv+1, $data, $enfants, $exclus, $restreint, $type);
// si l'objet a deplacer est publie, verifier qu'on a acces aux rubriques
- if ($restreint AND !acces_rubrique($root))
+ if ($restreint AND !autoriser('publierdans','rubrique',$root))
return $sous;
// sauter un cran pour les secteurs (sauf premier)
diff --git a/ecrire/inc/editer_mot.php b/ecrire/inc/editer_mot.php
index d469ec17021d05cb9b122ed114983702f59f3d37..19da7cc23eaf17d29e3206588ad5ccfb9a1ab9a9 100644
--- a/ecrire/inc/editer_mot.php
+++ b/ecrire/inc/editer_mot.php
@@ -146,7 +146,7 @@ function recherche_mot_cle($cherche_mots, $id_groupe, $objet, $id_objet, $table,
}
else $res .= affiche_mots_ressemblant($cherche_mot, $objet, $id_objet, $resultat, $table, $table_id, $url_base);
-/* if (acces_mots()) {
+/* if (autoriser('modifier','groupemots',$id_groupe)) {
$titre = rawurlencode($cherche_mot);
$res .= "<div style='width: 200px;'>";
$res .= icone_horizontale(_T('icone_creer_mot_cle'), generer_url_ecrire("mots_edit","new=oui&id_groupe=$id_groupe&ajouter_id_article=$id_objet&table=$table&table_id=$table_id&titre=$titre&redirect=" . generer_url_retour($url_base, "$table_id=$id_objet")), "mot-cle-24.gif", "creer.gif", false);
@@ -324,7 +324,7 @@ function formulaire_mots_cles($id_groupes_vus, $id_objet, $les_mots, $table, $ta
."</div>\n" ;
}
- if (acces_mots()) {
+ if (autoriser('modifier','groupemots')) {
$titre = _request('cherche_mot')
? "&titre=".rawurlencode(_request('cherche_mot')) : '';
$bouton_ajouter = icone_horizontale(_T('icone_creer_mot_cle'), generer_url_ecrire("mots_edit","new=oui&ajouter_id_article=$id_objet&table=$table&table_id=$table_id$titre&redirect=" . generer_url_retour($url_base, "$table_id=$id_objet")), "mot-cle-24.gif", "creer.gif", false)
diff --git a/ecrire/inc/export.php b/ecrire/inc/export.php
index 70d534ff005da1ad51694c2fbb2b337e7aadd33a..e2a185c7a2fad0341a62a2bafc7a9de7acd9a5ea 100644
--- a/ecrire/inc/export.php
+++ b/ecrire/inc/export.php
@@ -132,7 +132,7 @@ function build_while($file,$gz, $nfields, &$pos_in_table, $result, &$status_dump
$k = $fields[$i];
$item .= "<$k>" . text_to_xml($row[$k]) . "</$k>\n";
}
- if ($all OR acces_rubrique($row['id_rubrique']))
+ if ($all OR autoriser('publierdans','rubrique',$row['id_rubrique']))
$string .= "$begin$item$end";
}
$status_dump[3] = $pos_in_table = $pos_in_table +1;
diff --git a/ecrire/inc/grouper_mots.php b/ecrire/inc/grouper_mots.php
index 7497068790de29b8d75113ac0cb550d632a12b7f..2409c242db4e05043acd28078a526c8e1cc6c69b 100644
--- a/ecrire/inc/grouper_mots.php
+++ b/ecrire/inc/grouper_mots.php
@@ -112,7 +112,7 @@ function afficher_groupe_mots_boucle($row, $occurrences, $total)
$vals[] = $texte_lie;
- if (acces_mots()) {
+ if (autoriser('modifier','groupemots',$id_groupe)) {
$clic = _T('info_supprimer_mot')
. " <img src='"
. _DIR_IMG_PACK
diff --git a/ecrire/inc/notifications.php b/ecrire/inc/notifications.php
index 2aca9bf9ab7fa4daf91d33027c4f365c85ed4a6e..2add885868e5236b5e86975e57d7faf2a74d2060 100644
--- a/ecrire/inc/notifications.php
+++ b/ecrire/inc/notifications.php
@@ -217,7 +217,6 @@ function notifications_forumvalide_dist($quoi, $id_forum) {
include_spip('inc/texte');
include_spip('inc/filtres');
include_spip('inc/mail');
- include_spip('inc/autoriser');
// Qui va-t-on prevenir ?
@@ -294,7 +293,6 @@ function notifications_forumposte_dist($quoi, $id_forum) {
include_spip('inc/texte');
include_spip('inc/filtres');
include_spip('inc/mail');
- include_spip('inc/autoriser');
// Qui va-t-on prevenir ?
diff --git a/ecrire/inc/presentation.php b/ecrire/inc/presentation.php
index cd4e9a88c1ea19d9294564e2a629246d7571a15f..79e6bc1e966a13288a1d5a6a368a551ccd5c993e 100644
--- a/ecrire/inc/presentation.php
+++ b/ecrire/inc/presentation.php
@@ -537,7 +537,6 @@ function puce_statut_article($id, $statut, $id_rubrique, $type='article', $ajax
$inser_puce = http_img_pack($puce, $title, " style='margin: 1px;'$ajax_node");
- include_spip('inc/autoriser');
if (!autoriser('publierdans', 'rubrique', $id_rubrique))
return $inser_puce;
@@ -615,7 +614,6 @@ function puce_statut_breve($id, $statut, $type, $droit='AUTO') {
if (!$droit || $droit=='AUTO') return $inser_puce;
/* if ($droit == 'AUTO') { # id_rubrique indefinie. a revoir.
- include_spip('inc/autoriser');
$droit = autoriser('publierdans', 'rubrique', $id_rubrique);
} */
@@ -908,7 +906,7 @@ function afficher_breves_boucle($row, &$tous_id, $voir_logo, $own)
else $lang = $langue_defaut;
$id_rubrique = $row['id_rubrique'];
- $vals[] = puce_statut_breve($id_breve, $statut, 'breve', ($droit && acces_rubrique($id_rubrique)));
+ $vals[] = puce_statut_breve($id_breve, $statut, 'breve', ($droit && autoriser('publierdans','rubrique',$id_rubrique)));
$s = "\n<div>";
$s .= "<a href='" . generer_url_ecrire("breves_voir","id_breve=$id_breve") . "' style=\"display:block;\">";
@@ -1863,7 +1861,6 @@ function afficher_numero_edit($id, $key, $type)
$numero = _T('info_numero_abbreviation');
}
- include_spip("inc/autoriser");
if (!autoriser('modifier',$type,$id)) {
$bal ='span';
$href = '';
@@ -1945,43 +1942,46 @@ function enfant_rub($collection){
$id_rubrique=$row['id_rubrique'];
$id_parent=$row['id_parent'];
$titre=$row['titre'];
-
- $les_sous_enfants = sous_enfant_rub($id_rubrique);
-
- changer_typo($row['lang']);
-
- $descriptif=propre($row['descriptif']);
-
- if ($voir_logo) {
- if ($logo = $chercher_logo($id_rubrique, 'id_rubrique', 'on')) {
- list($fid, $dir, $nom, $format) = $logo;
- include_spip('inc/filtres_images');
- $logo = image_reduire("<img src='$fid' alt='' />", 48, 36);
- if ($logo)
- $logo = "\n<div style='$voir_logo'>$logo</div>";
+
+ if (autoriser('voir','rubrique',$id_rubrique)){
+
+ $les_sous_enfants = sous_enfant_rub($id_rubrique);
+
+ changer_typo($row['lang']);
+
+ $descriptif=propre($row['descriptif']);
+
+ if ($voir_logo) {
+ if ($logo = $chercher_logo($id_rubrique, 'id_rubrique', 'on')) {
+ list($fid, $dir, $nom, $format) = $logo;
+ include_spip('inc/filtres_images');
+ $logo = image_reduire("<img src='$fid' alt='' />", 48, 36);
+ if ($logo)
+ $logo = "\n<div style='$voir_logo'>$logo</div>";
+ }
}
+
+ $les_enfants = "\n<div class='enfants'>" .
+ debut_cadre_sous_rub(($id_parent ? "rubrique-24.gif" : "secteur-24.gif"), true) .
+ (is_string($logo) ? $logo : '') .
+ (!$les_sous_enfants ? "" : bouton_block_invisible("enfants$id_rubrique")) .
+ (!acces_restreint_rubrique($id_rubrique) ? "" :
+ http_img_pack("admin-12.gif", '', " width='12' height='12'", _T('image_administrer_rubrique'))) .
+ " <span dir='$lang_dir'><b><a href='" .
+ generer_url_ecrire("naviguer","id_rubrique=$id_rubrique") .
+ "'>".
+ typo($titre) .
+ "</a></b></span>" .
+ (!$descriptif ? '' : "\n<div class='verdana1'>$descriptif</div>") .
+ (($spip_display == 4) ? '' : $les_sous_enfants) .
+ "\n<div style='clear:both;'></div>" .
+ fin_cadre_sous_rub(true) .
+ "</div>";
+
+ $res .= ($spip_display != 4)
+ ? $les_enfants
+ : "\n<li>$les_enfants</li>";
}
-
- $les_enfants = "\n<div class='enfants'>" .
- debut_cadre_sous_rub(($id_parent ? "rubrique-24.gif" : "secteur-24.gif"), true) .
- (is_string($logo) ? $logo : '') .
- (!$les_sous_enfants ? "" : bouton_block_invisible("enfants$id_rubrique")) .
- (!acces_restreint_rubrique($id_rubrique) ? "" :
- http_img_pack("admin-12.gif", '', " width='12' height='12'", _T('image_administrer_rubrique'))) .
- " <span dir='$lang_dir'><b><a href='" .
- generer_url_ecrire("naviguer","id_rubrique=$id_rubrique") .
- "'>".
- typo($titre) .
- "</a></b></span>" .
- (!$descriptif ? '' : "\n<div class='verdana1'>$descriptif</div>") .
- (($spip_display == 4) ? '' : $les_sous_enfants) .
- "\n<div style='clear:both;'></div>" .
- fin_cadre_sous_rub(true) .
- "</div>";
-
- $res .= ($spip_display != 4)
- ? $les_enfants
- : "\n<li>$les_enfants</li>";
}
changer_typo($spip_lang); # remettre la typo de l'interface pour la suite
@@ -2003,6 +2003,7 @@ function sous_enfant_rub($collection2){
$titre2=$row['titre'];
changer_typo($row['lang']);
+ if (autoriser('voir','rubrique',$id_rubrique2))
$retour.="\n<li><div class='arial11' " .
http_style_background('rubrique-12.gif', "left center no-repeat; padding: 2px; padding-$spip_lang_left: 18px; margin-$spip_lang_left: 3px") . "><a href='" . generer_url_ecrire("naviguer","id_rubrique=$id_rubrique2") . "'><span dir='$lang_dir'>".typo($titre2)."</span></a></div></li>\n";
}
diff --git a/ecrire/inc_version.php b/ecrire/inc_version.php
index a8cb42b1954e50a1807dde23cad882f0e41c34db..40f8a70d6b0dc6540b6189cd85f4887b2e28ef18 100644
--- a/ecrire/inc_version.php
+++ b/ecrire/inc_version.php
@@ -346,7 +346,9 @@ if (@is_readable(_DIR_TMP."charger_plugins_options.php")){
spip_log("generation de charger_plugins_options.php impossible; pipeline desactives");
}
-
+// charger systematiquement inc/autoriser dans l'espace restreint
+if (!_DIR_RESTREINT)
+ include_spip('inc/autoriser');
//
// Installer Spip si pas installe... sauf si justement on est en train
//