1*86e0f1b9SPhilipp Neuser<?php 2*86e0f1b9SPhilipp Neuser// must be run within Dokuwiki 3*86e0f1b9SPhilipp Neuserif(!defined('DOKU_INC')) die(); 4*86e0f1b9SPhilipp Neuser 5*86e0f1b9SPhilipp Neuser/** 6*86e0f1b9SPhilipp Neuser * Chained authentication backend 7*86e0f1b9SPhilipp Neuser * 8*86e0f1b9SPhilipp Neuser * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 9*86e0f1b9SPhilipp Neuser * @author Philipp Nesuer <pneuser@physik.fu-berlin.de> 10*86e0f1b9SPhilipp Neuser */ 11*86e0f1b9SPhilipp Neuserclass auth_plugin_authchained extends DokuWiki_Auth_Plugin { 12*86e0f1b9SPhilipp Neuser public $success = true; 13*86e0f1b9SPhilipp Neuser //arry with authentication plugins 14*86e0f1b9SPhilipp Neuser protected $chained_plugins = array(); 15*86e0f1b9SPhilipp Neuser protected $chained_auth = NULL; 16*86e0f1b9SPhilipp Neuser 17*86e0f1b9SPhilipp Neuser /** 18*86e0f1b9SPhilipp Neuser * Constructor. 19*86e0f1b9SPhilipp Neuser * 20*86e0f1b9SPhilipp Neuser * Loads all configured plugins or the authentication plugin of the 21*86e0f1b9SPhilipp Neuser * logged in user. 22*86e0f1b9SPhilipp Neuser * 23*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 24*86e0f1b9SPhilipp Neuser */ 25*86e0f1b9SPhilipp Neuser public function __construct() { 26*86e0f1b9SPhilipp Neuser global $conf; 27*86e0f1b9SPhilipp Neuser // call parent 28*86e0f1b9SPhilipp Neuser# parent::__constructor(); 29*86e0f1b9SPhilipp Neuser 30*86e0f1b9SPhilipp Neuser //check if there is allready an authentication plugin selected 31*86e0f1b9SPhilipp Neuser if(isset($_SESSION[DOKU_COOKIE]['auth']['chained']['module']) && 32*86e0f1b9SPhilipp Neuser !empty($_SESSION[DOKU_COOKIE]['auth']['chained']['module']) ) 33*86e0f1b9SPhilipp Neuser { 34*86e0f1b9SPhilipp Neuser //get previously selected authentication plugin 35*86e0f1b9SPhilipp Neuser $tmp_plugin = $_SESSION[DOKU_COOKIE]['auth']['chained']['module']; 36*86e0f1b9SPhilipp Neuser require_once(DOKU_INC."lib/plugins/".$tmp_plugin."/auth.php"); 37*86e0f1b9SPhilipp Neuser $tmp_classname = "auth_plugin_".$tmp_plugin; 38*86e0f1b9SPhilipp Neuser $this->chained_auth = new $tmp_classname; 39*86e0f1b9SPhilipp Neuser } 40*86e0f1b9SPhilipp Neuser else { 41*86e0f1b9SPhilipp Neuser //get authentication plugins 42*86e0f1b9SPhilipp Neuser if(isset($conf['auth']['chained']['authtypes'])){ 43*86e0f1b9SPhilipp Neuser foreach(explode(":",$conf['auth']['chained']['authtypes']) as 44*86e0f1b9SPhilipp Neuser $tmp_plugin){ 45*86e0f1b9SPhilipp Neuser require_once(DOKU_INC."lib/plugins/".$tmp_plugin."/auth.php"); 46*86e0f1b9SPhilipp Neuser $tmp_classname = "auth_plugin_".$tmp_plugin; 47*86e0f1b9SPhilipp Neuser $tmp_class = new $tmp_classname; 48*86e0f1b9SPhilipp Neuser $tmp_module = array($tmp_plugin,$tmp_class); 49*86e0f1b9SPhilipp Neuser array_push($this->chained_plugins, $tmp_module); 50*86e0f1b9SPhilipp Neuser } 51*86e0f1b9SPhilipp Neuser }else{ 52*86e0f1b9SPhilipp Neuser $success = false; 53*86e0f1b9SPhilipp Neuser } 54*86e0f1b9SPhilipp Neuser } 55*86e0f1b9SPhilipp Neuser //debug 56*86e0f1b9SPhilipp Neuser// print_r($chained_plugins); 57*86e0f1b9SPhilipp Neuser } 58*86e0f1b9SPhilipp Neuser 59*86e0f1b9SPhilipp Neuser /** 60*86e0f1b9SPhilipp Neuser * Forwards the authentication to configured authplugins. 61*86e0f1b9SPhilipp Neuser * Returns true, if the usermanager authtype has the capability and no user 62*86e0f1b9SPhilipp Neuser * is logged in. 63*86e0f1b9SPhilipp Neuser * 64*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 65*86e0f1b9SPhilipp Neuser * @param string $cap the capability to check 66*86e0f1b9SPhilipp Neuser * @return bool 67*86e0f1b9SPhilipp Neuser */ 68*86e0f1b9SPhilipp Neuser public function canDo($cap) { 69*86e0f1b9SPhilipp Neuser global $conf; 70*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 71*86e0f1b9SPhilipp Neuser { 72*86e0f1b9SPhilipp Neuser foreach($this->chained_plugins as $module) 73*86e0f1b9SPhilipp Neuser { 74*86e0f1b9SPhilipp Neuser #echo "TEST AUTHMANAGER!!!"; 75*86e0f1b9SPhilipp Neuser if($module[0] == 76*86e0f1b9SPhilipp Neuser $conf['auth']['chained']['usermanager_authtype']){ 77*86e0f1b9SPhilipp Neuser $module[1]->canDo($cap); 78*86e0f1b9SPhilipp Neuser } 79*86e0f1b9SPhilipp Neuser } 80*86e0f1b9SPhilipp Neuser return false; 81*86e0f1b9SPhilipp Neuser } 82*86e0f1b9SPhilipp Neuser else{ 83*86e0f1b9SPhilipp Neuser #echo "canDo $cap ".$this->chained_auth->canDo($cap)."\n"; 84*86e0f1b9SPhilipp Neuser return $this->chained_auth->canDo($cap); 85*86e0f1b9SPhilipp Neuser } 86*86e0f1b9SPhilipp Neuser } 87*86e0f1b9SPhilipp Neuser 88*86e0f1b9SPhilipp Neuser /** 89*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 90*86e0f1b9SPhilipp Neuser * returns false 91*86e0f1b9SPhilipp Neuser * 92*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 93*86e0f1b9SPhilipp Neuser * @param string $type Modification type ('create', 'modify', 'delete') 94*86e0f1b9SPhilipp Neuser * @param array $params Parameters for the createUser, modifyUser or deleteUsers method. The content of this array depends on the modification type 95*86e0f1b9SPhilipp Neuser * @return mixed Result from the modification function or false if an event handler has canceled the action 96*86e0f1b9SPhilipp Neuser */ 97*86e0f1b9SPhilipp Neuser public function triggerUserMod($type, $params) { 98*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 99*86e0f1b9SPhilipp Neuser return false; 100*86e0f1b9SPhilipp Neuser else 101*86e0f1b9SPhilipp Neuser return $this->chained_auth->canDo($cap); 102*86e0f1b9SPhilipp Neuser } 103*86e0f1b9SPhilipp Neuser 104*86e0f1b9SPhilipp Neuser /** 105*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user and 106*86e0f1b9SPhilipp Neuser * unsets our session variable. 107*86e0f1b9SPhilipp Neuser * @see auth_logoff() 108*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de 109*86e0f1b9SPhilipp Neuser */ 110*86e0f1b9SPhilipp Neuser public function logOff() { 111*86e0f1b9SPhilipp Neuser if(!is_null($this->chained_auth)) 112*86e0f1b9SPhilipp Neuser $this->chained_auth->logOff(); 113*86e0f1b9SPhilipp Neuser unset($_SESSION[DOKU_COOKIE]['auth']['chained']['module']); 114*86e0f1b9SPhilipp Neuser } 115*86e0f1b9SPhilipp Neuser 116*86e0f1b9SPhilipp Neuser /** 117*86e0f1b9SPhilipp Neuser * Do all authentication [ OPTIONAL ] 118*86e0f1b9SPhilipp Neuser * If the current plugin is external, be external. 119*86e0f1b9SPhilipp Neuser * 120*86e0f1b9SPhilipp Neuser * @see auth_login() 121*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 122*86e0f1b9SPhilipp Neuser * 123*86e0f1b9SPhilipp Neuser * @param string $user Username 124*86e0f1b9SPhilipp Neuser * @param string $pass Cleartext Password 125*86e0f1b9SPhilipp Neuser * @param bool $sticky Cookie should not expire 126*86e0f1b9SPhilipp Neuser * @return bool true on successful auth 127*86e0f1b9SPhilipp Neuser */ 128*86e0f1b9SPhilipp Neuser public function trustExternal($user, $pass, $sticky = false) { 129*86e0f1b9SPhilipp Neuser if(!is_null($this->chained_auth) && $this->chained_auth->canDo('external')) 130*86e0f1b9SPhilipp Neuser $this->chained_auth->trustExternal($user, $pass, $sticky); 131*86e0f1b9SPhilipp Neuser } 132*86e0f1b9SPhilipp Neuser 133*86e0f1b9SPhilipp Neuser /** 134*86e0f1b9SPhilipp Neuser * Check user+password [ MUST BE OVERRIDDEN ] 135*86e0f1b9SPhilipp Neuser * 136*86e0f1b9SPhilipp Neuser * Checks if the given user exists in one of the plugins and checks 137*86e0f1b9SPhilipp Neuser * against the given password. The first plugin returning true becomes 138*86e0f1b9SPhilipp Neuser * auth plugin of the user session. 139*86e0f1b9SPhilipp Neuser * 140*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de 141*86e0f1b9SPhilipp Neuser * @param string $user the user name 142*86e0f1b9SPhilipp Neuser * @param string $pass the clear text password 143*86e0f1b9SPhilipp Neuser * @return bool 144*86e0f1b9SPhilipp Neuser */ 145*86e0f1b9SPhilipp Neuser public function checkPass($user, $pass) { 146*86e0f1b9SPhilipp Neuser //debug 147*86e0f1b9SPhilipp Neuser //print_r($this->chained_plugins); 148*86e0f1b9SPhilipp Neuser foreach($this->chained_plugins as $module) 149*86e0f1b9SPhilipp Neuser { 150*86e0f1b9SPhilipp Neuser if($module[1]->canDo('external')) 151*86e0f1b9SPhilipp Neuser { 152*86e0f1b9SPhilipp Neuser if($module[1]->trustExternal($user, $pass)) 153*86e0f1b9SPhilipp Neuser { 154*86e0f1b9SPhilipp Neuser $_SESSION[DOKU_COOKIE]['auth']['chained']['module'] = 155*86e0f1b9SPhilipp Neuser $module[0]; 156*86e0f1b9SPhilipp Neuser $this->chained_auth = $module[1]; 157*86e0f1b9SPhilipp Neuser return true; 158*86e0f1b9SPhilipp Neuser }else{ 159*86e0f1b9SPhilipp Neuser if($module[1]->checkPass($user, $pass)) 160*86e0f1b9SPhilipp Neuser { 161*86e0f1b9SPhilipp Neuser $_SESSION[DOKU_COOKIE]['auth']['chained']['module'] = 162*86e0f1b9SPhilipp Neuser $module[0]; 163*86e0f1b9SPhilipp Neuser $this->chained_auth = $module[1]; 164*86e0f1b9SPhilipp Neuser return true; 165*86e0f1b9SPhilipp Neuser } 166*86e0f1b9SPhilipp Neuser } 167*86e0f1b9SPhilipp Neuser }else{ 168*86e0f1b9SPhilipp Neuser if($module[1]->checkPass($user, $pass)) 169*86e0f1b9SPhilipp Neuser { 170*86e0f1b9SPhilipp Neuser $_SESSION[DOKU_COOKIE]['auth']['chained']['module'] = 171*86e0f1b9SPhilipp Neuser $module[0]; 172*86e0f1b9SPhilipp Neuser $this->this->chained_auth = $module[1]; 173*86e0f1b9SPhilipp Neuser return true; 174*86e0f1b9SPhilipp Neuser } 175*86e0f1b9SPhilipp Neuser } 176*86e0f1b9SPhilipp Neuser } 177*86e0f1b9SPhilipp Neuser return false; 178*86e0f1b9SPhilipp Neuser } 179*86e0f1b9SPhilipp Neuser 180*86e0f1b9SPhilipp Neuser /** 181*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 182*86e0f1b9SPhilipp Neuser * checks all plugins if the users exists. The first plugin returning 183*86e0f1b9SPhilipp Neuser * data is used. 184*86e0f1b9SPhilipp Neuser * 185*86e0f1b9SPhilipp Neuser * name string full name of the user 186*86e0f1b9SPhilipp Neuser * mail string email addres of the user 187*86e0f1b9SPhilipp Neuser * grps array list of groups the user is in 188*86e0f1b9SPhilipp Neuser * 189*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 190*86e0f1b9SPhilipp Neuser * @param string $user the user name 191*86e0f1b9SPhilipp Neuser * @return array containing user data or false 192*86e0f1b9SPhilipp Neuser */ 193*86e0f1b9SPhilipp Neuser public function getUserData($user) { 194*86e0f1b9SPhilipp Neuser //if(!$this->cando['external']) msg("no valid authorisation system in use", -1); 195*86e0f1b9SPhilipp Neuser// echo "TESTSETEST"; 196*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 197*86e0f1b9SPhilipp Neuser { 198*86e0f1b9SPhilipp Neuser foreach($this->chained_plugins as $module) 199*86e0f1b9SPhilipp Neuser { 200*86e0f1b9SPhilipp Neuser $tmp_array = $module[1]->getUserData($user); 201*86e0f1b9SPhilipp Neuser if(!is_bool($tmp_array)) 202*86e0f1b9SPhilipp Neuser $tmp_chk_arr =array_filter($tmp_array); 203*86e0f1b9SPhilipp Neuser if(!empty($tmp_chk_arr) && $tmp_array) 204*86e0f1b9SPhilipp Neuser return $tmp_array; 205*86e0f1b9SPhilipp Neuser } 206*86e0f1b9SPhilipp Neuser return false; 207*86e0f1b9SPhilipp Neuser } 208*86e0f1b9SPhilipp Neuser else 209*86e0f1b9SPhilipp Neuser { 210*86e0f1b9SPhilipp Neuser return $this->chained_auth->getUserData($user); 211*86e0f1b9SPhilipp Neuser } 212*86e0f1b9SPhilipp Neuser } 213*86e0f1b9SPhilipp Neuser 214*86e0f1b9SPhilipp Neuser /** 215*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 216*86e0f1b9SPhilipp Neuser * returns null. 217*86e0f1b9SPhilipp Neuser * 218*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 219*86e0f1b9SPhilipp Neuser * @param string $user 220*86e0f1b9SPhilipp Neuser * @param string $pass 221*86e0f1b9SPhilipp Neuser * @param string $name 222*86e0f1b9SPhilipp Neuser * @param string $mail 223*86e0f1b9SPhilipp Neuser * @param null|array $grps 224*86e0f1b9SPhilipp Neuser * @return bool|null 225*86e0f1b9SPhilipp Neuser */ 226*86e0f1b9SPhilipp Neuser public function createUser($user, $pass, $name, $mail, $grps = null) { 227*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 228*86e0f1b9SPhilipp Neuser msg("authorisation method does not allow creation of new users", 229*86e0f1b9SPhilipp Neuser -1); 230*86e0f1b9SPhilipp Neuser return null; 231*86e0f1b9SPhilipp Neuser } 232*86e0f1b9SPhilipp Neuser else{ 233*86e0f1b9SPhilipp Neuser //please note: users will be added to the module, to which the 234*86e0f1b9SPhilipp Neuser //current user is logged into 235*86e0f1b9SPhilipp Neuser if($this->canDo('addUser')){ 236*86e0f1b9SPhilipp Neuser return $this->chained_auth->createUser($user, $pass, $name, $mail, 237*86e0f1b9SPhilipp Neuser $grps); 238*86e0f1b9SPhilipp Neuser }else{ 239*86e0f1b9SPhilipp Neuser msg("authorisation method does not allow creation of new 240*86e0f1b9SPhilipp Neuser users", -1); 241*86e0f1b9SPhilipp Neuser return null; 242*86e0f1b9SPhilipp Neuser } 243*86e0f1b9SPhilipp Neuser } 244*86e0f1b9SPhilipp Neuser } 245*86e0f1b9SPhilipp Neuser 246*86e0f1b9SPhilipp Neuser /** 247*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 248*86e0f1b9SPhilipp Neuser * returns false 249*86e0f1b9SPhilipp Neuser * 250*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 251*86e0f1b9SPhilipp Neuser * @param string $user nick of the user to be changed 252*86e0f1b9SPhilipp Neuser * @param array $changes array of field/value pairs to be changed (password will be clear text) 253*86e0f1b9SPhilipp Neuser * @return bool 254*86e0f1b9SPhilipp Neuser */ 255*86e0f1b9SPhilipp Neuser public function modifyUser($user, $changes) { 256*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 257*86e0f1b9SPhilipp Neuser msg("authorisation method does not allow modifying of user data", 258*86e0f1b9SPhilipp Neuser -1); 259*86e0f1b9SPhilipp Neuser return false; 260*86e0f1b9SPhilipp Neuser } 261*86e0f1b9SPhilipp Neuser else{ 262*86e0f1b9SPhilipp Neuser //please note: users will be modified in the module, to which the 263*86e0f1b9SPhilipp Neuser //current user is logged into 264*86e0f1b9SPhilipp Neuser if($this->canDo('modLogin') && $this->canDo('modPass') && 265*86e0f1b9SPhilipp Neuser $this->canDo('modName') && $this->canDo('modMail') && 266*86e0f1b9SPhilipp Neuser $this->canDo('modGroups')){ 267*86e0f1b9SPhilipp Neuser return $this->chained_auth->createUser($user, $changes); 268*86e0f1b9SPhilipp Neuser }else{ 269*86e0f1b9SPhilipp Neuser msg("authorisation method does not allow modifying of user 270*86e0f1b9SPhilipp Neuser data", -1); 271*86e0f1b9SPhilipp Neuser return false; 272*86e0f1b9SPhilipp Neuser } 273*86e0f1b9SPhilipp Neuser } 274*86e0f1b9SPhilipp Neuser 275*86e0f1b9SPhilipp Neuser } 276*86e0f1b9SPhilipp Neuser 277*86e0f1b9SPhilipp Neuser /** 278*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 279*86e0f1b9SPhilipp Neuser * returns false 280*86e0f1b9SPhilipp Neuser * 281*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 282*86e0f1b9SPhilipp Neuser * @param array $users 283*86e0f1b9SPhilipp Neuser * @return int number of users deleted 284*86e0f1b9SPhilipp Neuser */ 285*86e0f1b9SPhilipp Neuser public function deleteUsers($users) { 286*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 287*86e0f1b9SPhilipp Neuser msg("authorisation method does not allow deleting of users", 288*86e0f1b9SPhilipp Neuser -1); 289*86e0f1b9SPhilipp Neuser return false; 290*86e0f1b9SPhilipp Neuser } 291*86e0f1b9SPhilipp Neuser else{ 292*86e0f1b9SPhilipp Neuser //please note: users will be added to the module, to which the 293*86e0f1b9SPhilipp Neuser //current user is logged into 294*86e0f1b9SPhilipp Neuser if($this->canDo('delUser')){ 295*86e0f1b9SPhilipp Neuser return $this->chained_auth->createUser($users); 296*86e0f1b9SPhilipp Neuser }else{ 297*86e0f1b9SPhilipp Neuser msg("authorisation method does not allow deleting of users", -1); 298*86e0f1b9SPhilipp Neuser return false; 299*86e0f1b9SPhilipp Neuser } 300*86e0f1b9SPhilipp Neuser } 301*86e0f1b9SPhilipp Neuser } 302*86e0f1b9SPhilipp Neuser 303*86e0f1b9SPhilipp Neuser /** 304*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 305*86e0f1b9SPhilipp Neuser * returns 0 306*86e0f1b9SPhilipp Neuser * 307*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 308*86e0f1b9SPhilipp Neuser * @param array $filter array of field/pattern pairs, empty array for no filter 309*86e0f1b9SPhilipp Neuser * @return int 310*86e0f1b9SPhilipp Neuser */ 311*86e0f1b9SPhilipp Neuser public function getUserCount($filter = array()) { 312*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 313*86e0f1b9SPhilipp Neuser msg("authorisation method does not provide user counts", 314*86e0f1b9SPhilipp Neuser -1); 315*86e0f1b9SPhilipp Neuser return 0; 316*86e0f1b9SPhilipp Neuser } 317*86e0f1b9SPhilipp Neuser else{ 318*86e0f1b9SPhilipp Neuser //please note: users will be counted in the module, to which the 319*86e0f1b9SPhilipp Neuser //current user is logged into 320*86e0f1b9SPhilipp Neuser if($this->canDo('getUserCount')){ 321*86e0f1b9SPhilipp Neuser return $this->chained_auth->getUserCount($filter); 322*86e0f1b9SPhilipp Neuser }else{ 323*86e0f1b9SPhilipp Neuser msg("authorisation method does not provide user counts", -1); 324*86e0f1b9SPhilipp Neuser return 0; 325*86e0f1b9SPhilipp Neuser } 326*86e0f1b9SPhilipp Neuser } 327*86e0f1b9SPhilipp Neuser 328*86e0f1b9SPhilipp Neuser } 329*86e0f1b9SPhilipp Neuser 330*86e0f1b9SPhilipp Neuser /** 331*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 332*86e0f1b9SPhilipp Neuser * returns empty array 333*86e0f1b9SPhilipp Neuser * 334*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 335*86e0f1b9SPhilipp Neuser * @param int $start index of first user to be returned 336*86e0f1b9SPhilipp Neuser * @param int $limit max number of users to be returned 337*86e0f1b9SPhilipp Neuser * @param array $filter array of field/pattern pairs, null for no filter 338*86e0f1b9SPhilipp Neuser * @return array list of userinfo (refer getUserData for internal userinfo details) 339*86e0f1b9SPhilipp Neuser */ 340*86e0f1b9SPhilipp Neuser public function retrieveUsers($start = 0, $limit = -1, $filter = null) { 341*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 342*86e0f1b9SPhilipp Neuser msg("authorisation method does not support mass retrievals", 343*86e0f1b9SPhilipp Neuser -1); 344*86e0f1b9SPhilipp Neuser return array(); 345*86e0f1b9SPhilipp Neuser } 346*86e0f1b9SPhilipp Neuser else{ 347*86e0f1b9SPhilipp Neuser //please note: users will be retrieved from the module, to which the 348*86e0f1b9SPhilipp Neuser //current user is logged into 349*86e0f1b9SPhilipp Neuser if($this->canDo('getUsers')){ 350*86e0f1b9SPhilipp Neuser return $this->chained_auth->retrieveUsers($start, $limit, $filter); 351*86e0f1b9SPhilipp Neuser }else{ 352*86e0f1b9SPhilipp Neuser msg("authorisation method does not support mass retrievals", -1); 353*86e0f1b9SPhilipp Neuser return array(); 354*86e0f1b9SPhilipp Neuser } 355*86e0f1b9SPhilipp Neuser } 356*86e0f1b9SPhilipp Neuser } 357*86e0f1b9SPhilipp Neuser 358*86e0f1b9SPhilipp Neuser /** 359*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 360*86e0f1b9SPhilipp Neuser * returns false 361*86e0f1b9SPhilipp Neuser * 362*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 363*86e0f1b9SPhilipp Neuser * @param string $group 364*86e0f1b9SPhilipp Neuser * @return bool 365*86e0f1b9SPhilipp Neuser */ 366*86e0f1b9SPhilipp Neuser public function addGroup($group) { 367*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 368*86e0f1b9SPhilipp Neuser msg("authorisation method does not support independent group 369*86e0f1b9SPhilipp Neuser creation", 370*86e0f1b9SPhilipp Neuser -1); 371*86e0f1b9SPhilipp Neuser return false; 372*86e0f1b9SPhilipp Neuser } 373*86e0f1b9SPhilipp Neuser else{ 374*86e0f1b9SPhilipp Neuser //please note: users will be added to the module, to which the 375*86e0f1b9SPhilipp Neuser //current user is logged into 376*86e0f1b9SPhilipp Neuser if($this->canDo('addGroup')){ 377*86e0f1b9SPhilipp Neuser return $this->chained_auth->addGroup($group); 378*86e0f1b9SPhilipp Neuser }else{ 379*86e0f1b9SPhilipp Neuser msg("authorisation method does not support independent group 380*86e0f1b9SPhilipp Neuser creation", -1); 381*86e0f1b9SPhilipp Neuser return false; 382*86e0f1b9SPhilipp Neuser } 383*86e0f1b9SPhilipp Neuser } 384*86e0f1b9SPhilipp Neuser } 385*86e0f1b9SPhilipp Neuser 386*86e0f1b9SPhilipp Neuser /** 387*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 388*86e0f1b9SPhilipp Neuser * returns empty array 389*86e0f1b9SPhilipp Neuser * 390*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 391*86e0f1b9SPhilipp Neuser * @param int $start 392*86e0f1b9SPhilipp Neuser * @param int $limit 393*86e0f1b9SPhilipp Neuser * @return array 394*86e0f1b9SPhilipp Neuser */ 395*86e0f1b9SPhilipp Neuser public function retrieveGroups($start = 0, $limit = 0) { 396*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 397*86e0f1b9SPhilipp Neuser msg("authorisation method does not support group list retrieval", 398*86e0f1b9SPhilipp Neuser -1); 399*86e0f1b9SPhilipp Neuser return array(); 400*86e0f1b9SPhilipp Neuser } 401*86e0f1b9SPhilipp Neuser else{ 402*86e0f1b9SPhilipp Neuser //please note: users will be retrieved from the module, to which the 403*86e0f1b9SPhilipp Neuser //current user is logged into 404*86e0f1b9SPhilipp Neuser if($this->canDo('getGroups')){ 405*86e0f1b9SPhilipp Neuser return $this->chained_auth->retrieveGroups($start,$limit); 406*86e0f1b9SPhilipp Neuser }else{ 407*86e0f1b9SPhilipp Neuser msg("authorisation method does not support group list 408*86e0f1b9SPhilipp Neuser retrieval", -1); 409*86e0f1b9SPhilipp Neuser return array(); 410*86e0f1b9SPhilipp Neuser } 411*86e0f1b9SPhilipp Neuser } 412*86e0f1b9SPhilipp Neuser } 413*86e0f1b9SPhilipp Neuser 414*86e0f1b9SPhilipp Neuser /** 415*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 416*86e0f1b9SPhilipp Neuser * returns true 417*86e0f1b9SPhilipp Neuser * 418*86e0f1b9SPhilipp Neuser * @return bool 419*86e0f1b9SPhilipp Neuser */ 420*86e0f1b9SPhilipp Neuser public function isCaseSensitive() { 421*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 422*86e0f1b9SPhilipp Neuser return true; 423*86e0f1b9SPhilipp Neuser else 424*86e0f1b9SPhilipp Neuser return $this->chained_auth->isCaseSensitive(); 425*86e0f1b9SPhilipp Neuser } 426*86e0f1b9SPhilipp Neuser 427*86e0f1b9SPhilipp Neuser /** 428*86e0f1b9SPhilipp Neuser * Sanitize a given username [OPTIONAL] 429*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 430*86e0f1b9SPhilipp Neuser * returns false 431*86e0f1b9SPhilipp Neuser * 432*86e0f1b9SPhilipp Neuser * 433*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 434*86e0f1b9SPhilipp Neuser * @param string $user username 435*86e0f1b9SPhilipp Neuser * @return string the cleaned username 436*86e0f1b9SPhilipp Neuser */ 437*86e0f1b9SPhilipp Neuser public function cleanUser($user) { 438*86e0f1b9SPhilipp Neuser //print_r($this->chained_auth); 439*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 440*86e0f1b9SPhilipp Neuser return $user; 441*86e0f1b9SPhilipp Neuser else 442*86e0f1b9SPhilipp Neuser return $this->chained_auth->cleanUser($user); 443*86e0f1b9SPhilipp Neuser } 444*86e0f1b9SPhilipp Neuser 445*86e0f1b9SPhilipp Neuser /** 446*86e0f1b9SPhilipp Neuser * Sanitize a given groupname [OPTIONAL] 447*86e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 448*86e0f1b9SPhilipp Neuser * returns false 449*86e0f1b9SPhilipp Neuser * 450*86e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 451*86e0f1b9SPhilipp Neuser * @param string $group groupname 452*86e0f1b9SPhilipp Neuser * @return string the cleaned groupname 453*86e0f1b9SPhilipp Neuser */ 454*86e0f1b9SPhilipp Neuser public function cleanGroup($group) { 455*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 456*86e0f1b9SPhilipp Neuser { 457*86e0f1b9SPhilipp Neuser return $group; 458*86e0f1b9SPhilipp Neuser } 459*86e0f1b9SPhilipp Neuser else 460*86e0f1b9SPhilipp Neuser return $this->chained_auth->cleanGroup($group); 461*86e0f1b9SPhilipp Neuser } 462*86e0f1b9SPhilipp Neuser 463*86e0f1b9SPhilipp Neuser 464*86e0f1b9SPhilipp Neuser public function useSessionCache($user) { 465*86e0f1b9SPhilipp Neuser global $conf; 466*86e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 467*86e0f1b9SPhilipp Neuser return ($_SESSION[DOKU_COOKIE]['auth']['time'] >= 468*86e0f1b9SPhilipp Neuser @filemtime($conf['cachedir'].'/sessionpurge')); 469*86e0f1b9SPhilipp Neuser else 470*86e0f1b9SPhilipp Neuser return $this->chained_auth->useSessionCache($user); 471*86e0f1b9SPhilipp Neuser } 472*86e0f1b9SPhilipp Neuser} 473