1<?php 2/** 3 * Copyright (c) 2021. ComboStrap, Inc. and its affiliates. All Rights Reserved. 4 * 5 * This source code is licensed under the GPL license found in the 6 * COPYING file in the root directory of this source tree. 7 * 8 * @license GPL 3 (https://www.gnu.org/licenses/gpl-3.0.en.html) 9 * @author ComboStrap <support@combostrap.com> 10 * 11 */ 12 13namespace ComboStrap; 14 15 16use Doku_Form; 17use dokuwiki\Form\Form; 18use dokuwiki\Form\InputElement; 19use dokuwiki\Ui\UserProfile; 20use TestRequest; 21 22class Identity 23{ 24 25 const CANONICAL = "identity"; 26 const CONF_ENABLE_LOGO_ON_IDENTITY_FORMS = "enableLogoOnIdentityForms"; 27 const JS_NAVIGATION_ANONYMOUS_VALUE = "anonymous"; 28 const JS_NAVIGATION_SIGNED_VALUE = "signed"; 29 /** 30 * A javascript indicator 31 * to know if the user is logged in or not 32 * (ie public or not) 33 */ 34 const JS_NAVIGATION_INDICATOR = "navigation"; 35 36 const FORM_IDENTITY_CLASS = "form-identity"; 37 public const FIELD_SET_TO_DELETE = ["fieldsetopen", "fieldsetclose"]; 38 public const CONF_DESIGNER_GROUP_NAME = "combo-conf-006"; 39 40 /** 41 * Is logged in 42 * @return boolean 43 */ 44 public static function isLoggedIn(): bool 45 { 46 global $_SERVER; 47 if (empty($_SERVER['REMOTE_USER'])) { 48 return false; 49 } 50 return true; 51 } 52 53 /** 54 * @param TestRequest $request 55 * @param string $user 56 */ 57 public static function becomeSuperUser(&$request = null, $user = 'admin') 58 { 59 global $conf; 60 $conf['useacl'] = 1; 61 $conf['superuser'] = $user; 62 $conf['remoteuser'] = $user; 63 64 if ($request != null) { 65 $request->setServer('REMOTE_USER', $user); 66 } 67 68 /** 69 * used by {@link getSecurityToken()} 70 */ 71 // same as 72 // global $INPUT; 73 // $INPUT->server->set('REMOTE_USER', $user); 74 $_SERVER['REMOTE_USER'] = $user; 75 76 // global $INFO; 77 // $INFO['ismanager'] = true; 78 79 80 /** 81 * 82 * Userinfo 83 * 84 * Email is Mandatory otherwise the {@link UserProfile} 85 * does not work 86 * 87 * USERINFO is also available via $INFO['userinfo'] 88 * See {@link basicinfo()} 89 */ 90 global $USERINFO; 91 $USERINFO['mail'] = "email@example.com"; 92 $USERINFO['grps'] = array('admin', 'user'); 93 94 95 } 96 97 /** 98 * @param $request 99 * @param string $user - the user to login 100 */ 101 public static function logIn(&$request, $user = 'defaultUser') 102 { 103 104 $request->setServer('REMOTE_USER', $user); 105 106 /** 107 * The {@link getSecurityToken()} needs it 108 */ 109 global $INPUT; 110 $INPUT->server->set('REMOTE_USER', $user); 111 112 } 113 114 /** 115 * @return bool if edit auth 116 */ 117 public static function isWriter($wikiId = null): bool 118 { 119 120 if ($wikiId === null) { 121 $executionContext = ExecutionContext::getActualOrCreateFromEnv(); 122 try { 123 $wikiId = $executionContext->getRequestedPath()->getWikiId(); 124 } catch (ExceptionNotFound $e) { 125 return false; 126 } 127 } 128 /** 129 * There is also 130 * $INFO['writable'] === true 131 * See true if writable See https://www.dokuwiki.org/devel:environment#info 132 */ 133 $remoteUser = $_SERVER['REMOTE_USER'] ?? null; 134 if ($remoteUser !== null) { 135 $perm = auth_quickaclcheck($wikiId); 136 } else { 137 $perm = auth_aclcheck($wikiId, '', null); 138 } 139 140 if ($perm >= AUTH_EDIT) { 141 return true; 142 } else { 143 return false; 144 } 145 146 } 147 148 public static function isAdmin() 149 { 150 global $INFO; 151 if (!empty($INFO)) { 152 $isAdmin = $INFO['isadmin'] ?? null; 153 if ($isAdmin === null) { 154 return false; 155 } 156 return $isAdmin; 157 } else { 158 return auth_isadmin(self::getUser(), self::getUserGroups()); 159 } 160 } 161 162 public static function isMember($group) 163 { 164 165 return auth_isMember($group, self::getUser(), self::getUserGroups()); 166 167 } 168 169 public static function isManager(): bool 170 { 171 172 return auth_ismanager(); 173 174 } 175 176 public static function getUser(): string 177 { 178 global $INPUT; 179 $user = $INPUT->server->str('REMOTE_USER'); 180 if (empty($user)) { 181 return "Anonymous"; 182 } 183 return $user; 184 } 185 186 private static function getUserGroups() 187 { 188 global $USERINFO; 189 return is_array($USERINFO) && isset($USERINFO['grps']) ? $USERINFO['grps'] : array(); 190 } 191 192 public static function isReader(string $wikiId): bool 193 { 194 $perm = self::getPermissions($wikiId); 195 196 if ($perm >= AUTH_READ) { 197 return true; 198 } else { 199 return false; 200 } 201 202 } 203 204 private static function getPermissions(string $wikiId): int 205 { 206 if ($wikiId == null) { 207 $wikiId = MarkupPath::createFromRequestedPage()->getWikiId(); 208 } 209 if ($_SERVER['REMOTE_USER'] ?? null) { 210 $perm = auth_quickaclcheck($wikiId); 211 } else { 212 $perm = auth_aclcheck($wikiId, '', null); 213 } 214 return $perm; 215 } 216 217 public static function getSecurityTokenForAdminUser(): string 218 { 219 $request = null; 220 Identity::becomeSuperUser($request, 'admin'); 221 return getSecurityToken(); 222 } 223 224 public static function isAnonymous(): bool 225 { 226 return !self::isLoggedIn(); 227 } 228 229 230} 231