Mhh I implemented the groups wildcard now and it works for me. I'm not a very experienced programmer, so it's probably a very dirty workaround, but I'd like to share it with you. ;)
auth.php
function auth_aclcheck($id,$user,$groups){
global $conf;
global $AUTH_ACL;
global $auth;
//build new $AUTH_ACL with Groups Wildcard (REPLACEGROUP) replaced
$new_AUTH_ACL = array();
foreach ($AUTH_ACL as $acl) {
if (strpos($acl, "REPLACEGROUP") !== false) {
foreach ($groups as $group) {
$new_AUTH_ACL[] = str_replace('REPLACEGROUP',$group,$acl);
}
} else {
$new_AUTH_ACL[] = $acl;
}
}
$AUTH_ACL = $new_AUTH_ACL;
// if no ACL is used always return upload rights
if(!$conf['useacl']) return AUTH_UPLOAD;
(........)
acl.auth.php
* @ALL 0
* @user 1
REPLACEGROUP:* @REPLACEGROUP 16
I chose the REPLACEGROUP syntax over %GROUP% because of an existing Bug (
http://bugs.splitbrain.org/index.php?do=details&task_id=1849) and I did the replacing in auth_aclcheck because I need to know all the groups a user is in.
Thanks for your help though, but the first option isn't suitable for my problem and I don't feel comfortable editing the ACL on the fly. :)
Another thing you maybe can help me with is the session starting. ATM users have to login in my cake app AND in dokuwiki. Is there any way to share the session? (If a user logged into my cake app he is automatically logged into dokuwiki)
Thanks again
Max