adding check for Control grant for any operation on .acl files

Author: ylebre

src/WAC.php

@@ -179,6 +179,15 @@ public function getRequestedGrants($request) {
 			$path = str_replace($this->basePath, '', $path);
 		}
 
+		// Special case: restrict access to all .acl files.
+		// Control is needed to do anything with them,
+		// having Control allows all operations.
+		if (preg_match('/.acl$/', $path)) {
+			return array(
+				"resource" => array('http://www.w3.org/ns/auth/acl#Control')
+			);
+		}
+
 		switch ($method) {
 			case "GET":
 			case "HEAD":