186e0f1b9SPhilipp Neuser<?php 286e0f1b9SPhilipp Neuser// must be run within Dokuwiki 386e0f1b9SPhilipp Neuserif(!defined('DOKU_INC')) die(); 486e0f1b9SPhilipp Neuser 586e0f1b9SPhilipp Neuser/** 686e0f1b9SPhilipp Neuser * Chained authentication backend 786e0f1b9SPhilipp Neuser * 886e0f1b9SPhilipp Neuser * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 986e0f1b9SPhilipp Neuser * @author Philipp Nesuer <pneuser@physik.fu-berlin.de> 1086e0f1b9SPhilipp Neuser */ 1186e0f1b9SPhilipp Neuserclass auth_plugin_authchained extends DokuWiki_Auth_Plugin { 1286e0f1b9SPhilipp Neuser public $success = true; 1386e0f1b9SPhilipp Neuser //arry with authentication plugins 1486e0f1b9SPhilipp Neuser protected $chained_plugins = array(); 1586e0f1b9SPhilipp Neuser protected $chained_auth = NULL; 1686e0f1b9SPhilipp Neuser 1786e0f1b9SPhilipp Neuser /** 1886e0f1b9SPhilipp Neuser * Constructor. 1986e0f1b9SPhilipp Neuser * 2086e0f1b9SPhilipp Neuser * Loads all configured plugins or the authentication plugin of the 2186e0f1b9SPhilipp Neuser * logged in user. 2286e0f1b9SPhilipp Neuser * 2386e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 2486e0f1b9SPhilipp Neuser */ 2586e0f1b9SPhilipp Neuser public function __construct() { 2686e0f1b9SPhilipp Neuser global $conf; 2786e0f1b9SPhilipp Neuser // call parent 2886e0f1b9SPhilipp Neuser# parent::__constructor(); 2986e0f1b9SPhilipp Neuser 3086e0f1b9SPhilipp Neuser //check if there is allready an authentication plugin selected 319e84dbfbSPhilipp Neuser if(isset($_SESSION[DOKU_COOKIE]['plugin']['authchained']['module']) && 329e84dbfbSPhilipp Neuser !empty($_SESSION[DOKU_COOKIE]['plugin']['authchained']['module']) ) 3386e0f1b9SPhilipp Neuser { 3486e0f1b9SPhilipp Neuser //get previously selected authentication plugin 359e84dbfbSPhilipp Neuser $tmp_plugin = $_SESSION[DOKU_COOKIE]['plugin']['authchained']['module']; 3686e0f1b9SPhilipp Neuser require_once(DOKU_INC."lib/plugins/".$tmp_plugin."/auth.php"); 3786e0f1b9SPhilipp Neuser $tmp_classname = "auth_plugin_".$tmp_plugin; 3886e0f1b9SPhilipp Neuser $this->chained_auth = new $tmp_classname; 3986e0f1b9SPhilipp Neuser } 4086e0f1b9SPhilipp Neuser else { 4186e0f1b9SPhilipp Neuser //get authentication plugins 429e84dbfbSPhilipp Neuser if(isset($conf['plugin']['authchained']['authtypes'])){ 439e84dbfbSPhilipp Neuser foreach(explode(":",$conf['plugin']['authchained']['authtypes']) as 4486e0f1b9SPhilipp Neuser $tmp_plugin){ 4586e0f1b9SPhilipp Neuser require_once(DOKU_INC."lib/plugins/".$tmp_plugin."/auth.php"); 4686e0f1b9SPhilipp Neuser $tmp_classname = "auth_plugin_".$tmp_plugin; 4786e0f1b9SPhilipp Neuser $tmp_class = new $tmp_classname; 4886e0f1b9SPhilipp Neuser $tmp_module = array($tmp_plugin,$tmp_class); 4986e0f1b9SPhilipp Neuser array_push($this->chained_plugins, $tmp_module); 5086e0f1b9SPhilipp Neuser } 5186e0f1b9SPhilipp Neuser }else{ 5286e0f1b9SPhilipp Neuser $success = false; 5386e0f1b9SPhilipp Neuser } 5486e0f1b9SPhilipp Neuser } 5586e0f1b9SPhilipp Neuser //debug 5686e0f1b9SPhilipp Neuser// print_r($chained_plugins); 5786e0f1b9SPhilipp Neuser } 5886e0f1b9SPhilipp Neuser 5986e0f1b9SPhilipp Neuser /** 6086e0f1b9SPhilipp Neuser * Forwards the authentication to configured authplugins. 6186e0f1b9SPhilipp Neuser * Returns true, if the usermanager authtype has the capability and no user 6286e0f1b9SPhilipp Neuser * is logged in. 6386e0f1b9SPhilipp Neuser * 6486e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 6586e0f1b9SPhilipp Neuser * @param string $cap the capability to check 6686e0f1b9SPhilipp Neuser * @return bool 6786e0f1b9SPhilipp Neuser */ 6886e0f1b9SPhilipp Neuser public function canDo($cap) { 6986e0f1b9SPhilipp Neuser global $conf; 70c368b833SPhilipp Neuser# print_r($cap); 7186e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 7286e0f1b9SPhilipp Neuser { 7386e0f1b9SPhilipp Neuser foreach($this->chained_plugins as $module) 7486e0f1b9SPhilipp Neuser { 7586e0f1b9SPhilipp Neuser #echo "TEST AUTHMANAGER!!!"; 7686e0f1b9SPhilipp Neuser if($module[0] == 779e84dbfbSPhilipp Neuser $conf['plugin']['authchained']['usermanager_authtype']){ 7886e0f1b9SPhilipp Neuser $module[1]->canDo($cap); 7986e0f1b9SPhilipp Neuser } 8086e0f1b9SPhilipp Neuser } 8186e0f1b9SPhilipp Neuser return false; 8286e0f1b9SPhilipp Neuser } 8386e0f1b9SPhilipp Neuser else{ 8486e0f1b9SPhilipp Neuser #echo "canDo $cap ".$this->chained_auth->canDo($cap)."\n"; 8586e0f1b9SPhilipp Neuser return $this->chained_auth->canDo($cap); 8686e0f1b9SPhilipp Neuser } 8786e0f1b9SPhilipp Neuser } 8886e0f1b9SPhilipp Neuser 8986e0f1b9SPhilipp Neuser /** 9086e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 9186e0f1b9SPhilipp Neuser * returns false 9286e0f1b9SPhilipp Neuser * 9386e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 9486e0f1b9SPhilipp Neuser * @param string $type Modification type ('create', 'modify', 'delete') 9586e0f1b9SPhilipp Neuser * @param array $params Parameters for the createUser, modifyUser or deleteUsers method. The content of this array depends on the modification type 9686e0f1b9SPhilipp Neuser * @return mixed Result from the modification function or false if an event handler has canceled the action 9786e0f1b9SPhilipp Neuser */ 9886e0f1b9SPhilipp Neuser public function triggerUserMod($type, $params) { 9986e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 10086e0f1b9SPhilipp Neuser return false; 10186e0f1b9SPhilipp Neuser else 102c368b833SPhilipp Neuser return $this->chained_auth->triggerUserMod($type, $params); 10386e0f1b9SPhilipp Neuser } 10486e0f1b9SPhilipp Neuser 10586e0f1b9SPhilipp Neuser /** 10686e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user and 10786e0f1b9SPhilipp Neuser * unsets our session variable. 10886e0f1b9SPhilipp Neuser * @see auth_logoff() 10986e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de 11086e0f1b9SPhilipp Neuser */ 11186e0f1b9SPhilipp Neuser public function logOff() { 11286e0f1b9SPhilipp Neuser if(!is_null($this->chained_auth)) 11386e0f1b9SPhilipp Neuser $this->chained_auth->logOff(); 1149e84dbfbSPhilipp Neuser unset($_SESSION[DOKU_COOKIE]['plugin']['authchained']['module']); 11586e0f1b9SPhilipp Neuser } 11686e0f1b9SPhilipp Neuser 11786e0f1b9SPhilipp Neuser /** 11886e0f1b9SPhilipp Neuser * Do all authentication [ OPTIONAL ] 11986e0f1b9SPhilipp Neuser * If the current plugin is external, be external. 12086e0f1b9SPhilipp Neuser * 12186e0f1b9SPhilipp Neuser * @see auth_login() 12286e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 12386e0f1b9SPhilipp Neuser * 12486e0f1b9SPhilipp Neuser * @param string $user Username 12586e0f1b9SPhilipp Neuser * @param string $pass Cleartext Password 12686e0f1b9SPhilipp Neuser * @param bool $sticky Cookie should not expire 12786e0f1b9SPhilipp Neuser * @return bool true on successful auth 12886e0f1b9SPhilipp Neuser */ 12986e0f1b9SPhilipp Neuser public function trustExternal($user, $pass, $sticky = false) { 13086e0f1b9SPhilipp Neuser if(!is_null($this->chained_auth) && $this->chained_auth->canDo('external')) 13186e0f1b9SPhilipp Neuser $this->chained_auth->trustExternal($user, $pass, $sticky); 13286e0f1b9SPhilipp Neuser } 13386e0f1b9SPhilipp Neuser 13486e0f1b9SPhilipp Neuser /** 13586e0f1b9SPhilipp Neuser * Check user+password [ MUST BE OVERRIDDEN ] 13686e0f1b9SPhilipp Neuser * 13786e0f1b9SPhilipp Neuser * Checks if the given user exists in one of the plugins and checks 13886e0f1b9SPhilipp Neuser * against the given password. The first plugin returning true becomes 13986e0f1b9SPhilipp Neuser * auth plugin of the user session. 14086e0f1b9SPhilipp Neuser * 14186e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de 14286e0f1b9SPhilipp Neuser * @param string $user the user name 14386e0f1b9SPhilipp Neuser * @param string $pass the clear text password 14486e0f1b9SPhilipp Neuser * @return bool 14586e0f1b9SPhilipp Neuser */ 14686e0f1b9SPhilipp Neuser public function checkPass($user, $pass) { 14786e0f1b9SPhilipp Neuser //debug 14886e0f1b9SPhilipp Neuser //print_r($this->chained_plugins); 149*8a493abfSPhilipp Neuser if(is_null($this->chained_auth)) { 15086e0f1b9SPhilipp Neuser foreach($this->chained_plugins as $module) 15186e0f1b9SPhilipp Neuser { 15286e0f1b9SPhilipp Neuser if($module[1]->canDo('external')) 15386e0f1b9SPhilipp Neuser { 15486e0f1b9SPhilipp Neuser if($module[1]->trustExternal($user, $pass)) 15586e0f1b9SPhilipp Neuser { 1569e84dbfbSPhilipp Neuser $_SESSION[DOKU_COOKIE]['plugin']['authchained']['module'] = 15786e0f1b9SPhilipp Neuser $module[0]; 15886e0f1b9SPhilipp Neuser $this->chained_auth = $module[1]; 15986e0f1b9SPhilipp Neuser return true; 16086e0f1b9SPhilipp Neuser }else{ 16186e0f1b9SPhilipp Neuser if($module[1]->checkPass($user, $pass)) 16286e0f1b9SPhilipp Neuser { 1639e84dbfbSPhilipp Neuser $_SESSION[DOKU_COOKIE]['plugin']['authchained']['module'] = 16486e0f1b9SPhilipp Neuser $module[0]; 16586e0f1b9SPhilipp Neuser $this->chained_auth = $module[1]; 16686e0f1b9SPhilipp Neuser return true; 16786e0f1b9SPhilipp Neuser } 16886e0f1b9SPhilipp Neuser } 16986e0f1b9SPhilipp Neuser }else{ 17086e0f1b9SPhilipp Neuser if($module[1]->checkPass($user, $pass)) 17186e0f1b9SPhilipp Neuser { 1729e84dbfbSPhilipp Neuser $_SESSION[DOKU_COOKIE]['plugin']['authchained']['module'] = 17386e0f1b9SPhilipp Neuser $module[0]; 17486e0f1b9SPhilipp Neuser $this->this->chained_auth = $module[1]; 17586e0f1b9SPhilipp Neuser return true; 17686e0f1b9SPhilipp Neuser } 17786e0f1b9SPhilipp Neuser } 17886e0f1b9SPhilipp Neuser } 179*8a493abfSPhilipp Neuser } else return $this->chained_auth->checkPass($user, $pass); 18086e0f1b9SPhilipp Neuser return false; 18186e0f1b9SPhilipp Neuser } 18286e0f1b9SPhilipp Neuser 18386e0f1b9SPhilipp Neuser /** 18486e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 18586e0f1b9SPhilipp Neuser * checks all plugins if the users exists. The first plugin returning 18686e0f1b9SPhilipp Neuser * data is used. 18786e0f1b9SPhilipp Neuser * 18886e0f1b9SPhilipp Neuser * name string full name of the user 18986e0f1b9SPhilipp Neuser * mail string email addres of the user 19086e0f1b9SPhilipp Neuser * grps array list of groups the user is in 19186e0f1b9SPhilipp Neuser * 19286e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 19386e0f1b9SPhilipp Neuser * @param string $user the user name 19486e0f1b9SPhilipp Neuser * @return array containing user data or false 19586e0f1b9SPhilipp Neuser */ 19686e0f1b9SPhilipp Neuser public function getUserData($user) { 19786e0f1b9SPhilipp Neuser //if(!$this->cando['external']) msg("no valid authorisation system in use", -1); 19886e0f1b9SPhilipp Neuser// echo "TESTSETEST"; 19986e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 20086e0f1b9SPhilipp Neuser { 20186e0f1b9SPhilipp Neuser foreach($this->chained_plugins as $module) 20286e0f1b9SPhilipp Neuser { 20386e0f1b9SPhilipp Neuser $tmp_array = $module[1]->getUserData($user); 20486e0f1b9SPhilipp Neuser if(!is_bool($tmp_array)) 20586e0f1b9SPhilipp Neuser $tmp_chk_arr =array_filter($tmp_array); 20686e0f1b9SPhilipp Neuser if(!empty($tmp_chk_arr) && $tmp_array) 20786e0f1b9SPhilipp Neuser return $tmp_array; 20886e0f1b9SPhilipp Neuser } 20986e0f1b9SPhilipp Neuser return false; 21086e0f1b9SPhilipp Neuser } 21186e0f1b9SPhilipp Neuser else 21286e0f1b9SPhilipp Neuser { 21386e0f1b9SPhilipp Neuser return $this->chained_auth->getUserData($user); 21486e0f1b9SPhilipp Neuser } 21586e0f1b9SPhilipp Neuser } 21686e0f1b9SPhilipp Neuser 21786e0f1b9SPhilipp Neuser /** 21886e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 21986e0f1b9SPhilipp Neuser * returns null. 22086e0f1b9SPhilipp Neuser * 22186e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 22286e0f1b9SPhilipp Neuser * @param string $user 22386e0f1b9SPhilipp Neuser * @param string $pass 22486e0f1b9SPhilipp Neuser * @param string $name 22586e0f1b9SPhilipp Neuser * @param string $mail 22686e0f1b9SPhilipp Neuser * @param null|array $grps 22786e0f1b9SPhilipp Neuser * @return bool|null 22886e0f1b9SPhilipp Neuser */ 22986e0f1b9SPhilipp Neuser public function createUser($user, $pass, $name, $mail, $grps = null) { 23086e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 23186e0f1b9SPhilipp Neuser msg("authorisation method does not allow creation of new users", 23286e0f1b9SPhilipp Neuser -1); 23386e0f1b9SPhilipp Neuser return null; 23486e0f1b9SPhilipp Neuser } 23586e0f1b9SPhilipp Neuser else{ 23686e0f1b9SPhilipp Neuser //please note: users will be added to the module, to which the 23786e0f1b9SPhilipp Neuser //current user is logged into 23886e0f1b9SPhilipp Neuser if($this->canDo('addUser')){ 23986e0f1b9SPhilipp Neuser return $this->chained_auth->createUser($user, $pass, $name, $mail, 24086e0f1b9SPhilipp Neuser $grps); 24186e0f1b9SPhilipp Neuser }else{ 24286e0f1b9SPhilipp Neuser msg("authorisation method does not allow creation of new 24386e0f1b9SPhilipp Neuser users", -1); 24486e0f1b9SPhilipp Neuser return null; 24586e0f1b9SPhilipp Neuser } 24686e0f1b9SPhilipp Neuser } 24786e0f1b9SPhilipp Neuser } 24886e0f1b9SPhilipp Neuser 24986e0f1b9SPhilipp Neuser /** 25086e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 25186e0f1b9SPhilipp Neuser * returns false 25286e0f1b9SPhilipp Neuser * 25386e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 25486e0f1b9SPhilipp Neuser * @param string $user nick of the user to be changed 25586e0f1b9SPhilipp Neuser * @param array $changes array of field/value pairs to be changed (password will be clear text) 25686e0f1b9SPhilipp Neuser * @return bool 25786e0f1b9SPhilipp Neuser */ 25886e0f1b9SPhilipp Neuser public function modifyUser($user, $changes) { 25986e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 26086e0f1b9SPhilipp Neuser msg("authorisation method does not allow modifying of user data", 26186e0f1b9SPhilipp Neuser -1); 26286e0f1b9SPhilipp Neuser return false; 26386e0f1b9SPhilipp Neuser } 26486e0f1b9SPhilipp Neuser else{ 26586e0f1b9SPhilipp Neuser //please note: users will be modified in the module, to which the 26686e0f1b9SPhilipp Neuser //current user is logged into 26786e0f1b9SPhilipp Neuser if($this->canDo('modLogin') && $this->canDo('modPass') && 26886e0f1b9SPhilipp Neuser $this->canDo('modName') && $this->canDo('modMail') && 26986e0f1b9SPhilipp Neuser $this->canDo('modGroups')){ 27086e0f1b9SPhilipp Neuser return $this->chained_auth->createUser($user, $changes); 27186e0f1b9SPhilipp Neuser }else{ 27286e0f1b9SPhilipp Neuser msg("authorisation method does not allow modifying of user 27386e0f1b9SPhilipp Neuser data", -1); 27486e0f1b9SPhilipp Neuser return false; 27586e0f1b9SPhilipp Neuser } 27686e0f1b9SPhilipp Neuser } 27786e0f1b9SPhilipp Neuser 27886e0f1b9SPhilipp Neuser } 27986e0f1b9SPhilipp Neuser 28086e0f1b9SPhilipp Neuser /** 28186e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 28286e0f1b9SPhilipp Neuser * returns false 28386e0f1b9SPhilipp Neuser * 28486e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 28586e0f1b9SPhilipp Neuser * @param array $users 28686e0f1b9SPhilipp Neuser * @return int number of users deleted 28786e0f1b9SPhilipp Neuser */ 28886e0f1b9SPhilipp Neuser public function deleteUsers($users) { 28986e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 29086e0f1b9SPhilipp Neuser msg("authorisation method does not allow deleting of users", 29186e0f1b9SPhilipp Neuser -1); 29286e0f1b9SPhilipp Neuser return false; 29386e0f1b9SPhilipp Neuser } 29486e0f1b9SPhilipp Neuser else{ 29586e0f1b9SPhilipp Neuser //please note: users will be added to the module, to which the 29686e0f1b9SPhilipp Neuser //current user is logged into 29786e0f1b9SPhilipp Neuser if($this->canDo('delUser')){ 29886e0f1b9SPhilipp Neuser return $this->chained_auth->createUser($users); 29986e0f1b9SPhilipp Neuser }else{ 30086e0f1b9SPhilipp Neuser msg("authorisation method does not allow deleting of users", -1); 30186e0f1b9SPhilipp Neuser return false; 30286e0f1b9SPhilipp Neuser } 30386e0f1b9SPhilipp Neuser } 30486e0f1b9SPhilipp Neuser } 30586e0f1b9SPhilipp Neuser 30686e0f1b9SPhilipp Neuser /** 30786e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 30886e0f1b9SPhilipp Neuser * returns 0 30986e0f1b9SPhilipp Neuser * 31086e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 31186e0f1b9SPhilipp Neuser * @param array $filter array of field/pattern pairs, empty array for no filter 31286e0f1b9SPhilipp Neuser * @return int 31386e0f1b9SPhilipp Neuser */ 31486e0f1b9SPhilipp Neuser public function getUserCount($filter = array()) { 31586e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 31686e0f1b9SPhilipp Neuser msg("authorisation method does not provide user counts", 31786e0f1b9SPhilipp Neuser -1); 31886e0f1b9SPhilipp Neuser return 0; 31986e0f1b9SPhilipp Neuser } 32086e0f1b9SPhilipp Neuser else{ 32186e0f1b9SPhilipp Neuser //please note: users will be counted in the module, to which the 32286e0f1b9SPhilipp Neuser //current user is logged into 32386e0f1b9SPhilipp Neuser if($this->canDo('getUserCount')){ 32486e0f1b9SPhilipp Neuser return $this->chained_auth->getUserCount($filter); 32586e0f1b9SPhilipp Neuser }else{ 32686e0f1b9SPhilipp Neuser msg("authorisation method does not provide user counts", -1); 32786e0f1b9SPhilipp Neuser return 0; 32886e0f1b9SPhilipp Neuser } 32986e0f1b9SPhilipp Neuser } 33086e0f1b9SPhilipp Neuser 33186e0f1b9SPhilipp Neuser } 33286e0f1b9SPhilipp Neuser 33386e0f1b9SPhilipp Neuser /** 33486e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 33586e0f1b9SPhilipp Neuser * returns empty array 33686e0f1b9SPhilipp Neuser * 33786e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 33886e0f1b9SPhilipp Neuser * @param int $start index of first user to be returned 33986e0f1b9SPhilipp Neuser * @param int $limit max number of users to be returned 34086e0f1b9SPhilipp Neuser * @param array $filter array of field/pattern pairs, null for no filter 34186e0f1b9SPhilipp Neuser * @return array list of userinfo (refer getUserData for internal userinfo details) 34286e0f1b9SPhilipp Neuser */ 34386e0f1b9SPhilipp Neuser public function retrieveUsers($start = 0, $limit = -1, $filter = null) { 34486e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 34586e0f1b9SPhilipp Neuser msg("authorisation method does not support mass retrievals", 34686e0f1b9SPhilipp Neuser -1); 34786e0f1b9SPhilipp Neuser return array(); 34886e0f1b9SPhilipp Neuser } 34986e0f1b9SPhilipp Neuser else{ 35086e0f1b9SPhilipp Neuser //please note: users will be retrieved from the module, to which the 35186e0f1b9SPhilipp Neuser //current user is logged into 35286e0f1b9SPhilipp Neuser if($this->canDo('getUsers')){ 35386e0f1b9SPhilipp Neuser return $this->chained_auth->retrieveUsers($start, $limit, $filter); 35486e0f1b9SPhilipp Neuser }else{ 35586e0f1b9SPhilipp Neuser msg("authorisation method does not support mass retrievals", -1); 35686e0f1b9SPhilipp Neuser return array(); 35786e0f1b9SPhilipp Neuser } 35886e0f1b9SPhilipp Neuser } 35986e0f1b9SPhilipp Neuser } 36086e0f1b9SPhilipp Neuser 36186e0f1b9SPhilipp Neuser /** 36286e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 36386e0f1b9SPhilipp Neuser * returns false 36486e0f1b9SPhilipp Neuser * 36586e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 36686e0f1b9SPhilipp Neuser * @param string $group 36786e0f1b9SPhilipp Neuser * @return bool 36886e0f1b9SPhilipp Neuser */ 36986e0f1b9SPhilipp Neuser public function addGroup($group) { 37086e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 37186e0f1b9SPhilipp Neuser msg("authorisation method does not support independent group 37286e0f1b9SPhilipp Neuser creation", 37386e0f1b9SPhilipp Neuser -1); 37486e0f1b9SPhilipp Neuser return false; 37586e0f1b9SPhilipp Neuser } 37686e0f1b9SPhilipp Neuser else{ 37786e0f1b9SPhilipp Neuser //please note: users will be added to the module, to which the 37886e0f1b9SPhilipp Neuser //current user is logged into 37986e0f1b9SPhilipp Neuser if($this->canDo('addGroup')){ 38086e0f1b9SPhilipp Neuser return $this->chained_auth->addGroup($group); 38186e0f1b9SPhilipp Neuser }else{ 38286e0f1b9SPhilipp Neuser msg("authorisation method does not support independent group 38386e0f1b9SPhilipp Neuser creation", -1); 38486e0f1b9SPhilipp Neuser return false; 38586e0f1b9SPhilipp Neuser } 38686e0f1b9SPhilipp Neuser } 38786e0f1b9SPhilipp Neuser } 38886e0f1b9SPhilipp Neuser 38986e0f1b9SPhilipp Neuser /** 39086e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 39186e0f1b9SPhilipp Neuser * returns empty array 39286e0f1b9SPhilipp Neuser * 39386e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 39486e0f1b9SPhilipp Neuser * @param int $start 39586e0f1b9SPhilipp Neuser * @param int $limit 39686e0f1b9SPhilipp Neuser * @return array 39786e0f1b9SPhilipp Neuser */ 39886e0f1b9SPhilipp Neuser public function retrieveGroups($start = 0, $limit = 0) { 39986e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)){ 40086e0f1b9SPhilipp Neuser msg("authorisation method does not support group list retrieval", 40186e0f1b9SPhilipp Neuser -1); 40286e0f1b9SPhilipp Neuser return array(); 40386e0f1b9SPhilipp Neuser } 40486e0f1b9SPhilipp Neuser else{ 40586e0f1b9SPhilipp Neuser //please note: users will be retrieved from the module, to which the 40686e0f1b9SPhilipp Neuser //current user is logged into 40786e0f1b9SPhilipp Neuser if($this->canDo('getGroups')){ 40886e0f1b9SPhilipp Neuser return $this->chained_auth->retrieveGroups($start,$limit); 40986e0f1b9SPhilipp Neuser }else{ 41086e0f1b9SPhilipp Neuser msg("authorisation method does not support group list 41186e0f1b9SPhilipp Neuser retrieval", -1); 41286e0f1b9SPhilipp Neuser return array(); 41386e0f1b9SPhilipp Neuser } 41486e0f1b9SPhilipp Neuser } 41586e0f1b9SPhilipp Neuser } 41686e0f1b9SPhilipp Neuser 41786e0f1b9SPhilipp Neuser /** 41886e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 41986e0f1b9SPhilipp Neuser * returns true 42086e0f1b9SPhilipp Neuser * 42186e0f1b9SPhilipp Neuser * @return bool 42286e0f1b9SPhilipp Neuser */ 42386e0f1b9SPhilipp Neuser public function isCaseSensitive() { 42486e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 42586e0f1b9SPhilipp Neuser return true; 42686e0f1b9SPhilipp Neuser else 42786e0f1b9SPhilipp Neuser return $this->chained_auth->isCaseSensitive(); 42886e0f1b9SPhilipp Neuser } 42986e0f1b9SPhilipp Neuser 43086e0f1b9SPhilipp Neuser /** 43186e0f1b9SPhilipp Neuser * Sanitize a given username [OPTIONAL] 43286e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 43386e0f1b9SPhilipp Neuser * returns false 43486e0f1b9SPhilipp Neuser * 43586e0f1b9SPhilipp Neuser * 43686e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 43786e0f1b9SPhilipp Neuser * @param string $user username 43886e0f1b9SPhilipp Neuser * @return string the cleaned username 43986e0f1b9SPhilipp Neuser */ 44086e0f1b9SPhilipp Neuser public function cleanUser($user) { 44186e0f1b9SPhilipp Neuser //print_r($this->chained_auth); 44286e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 44386e0f1b9SPhilipp Neuser return $user; 44486e0f1b9SPhilipp Neuser else 44586e0f1b9SPhilipp Neuser return $this->chained_auth->cleanUser($user); 44686e0f1b9SPhilipp Neuser } 44786e0f1b9SPhilipp Neuser 44886e0f1b9SPhilipp Neuser /** 44986e0f1b9SPhilipp Neuser * Sanitize a given groupname [OPTIONAL] 45086e0f1b9SPhilipp Neuser * Forwards the result of the auth plugin of the logged in user or 45186e0f1b9SPhilipp Neuser * returns false 45286e0f1b9SPhilipp Neuser * 45386e0f1b9SPhilipp Neuser * @author Philipp Neuser <pneuser@physik.fu-berlin.de> 45486e0f1b9SPhilipp Neuser * @param string $group groupname 45586e0f1b9SPhilipp Neuser * @return string the cleaned groupname 45686e0f1b9SPhilipp Neuser */ 45786e0f1b9SPhilipp Neuser public function cleanGroup($group) { 45886e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 45986e0f1b9SPhilipp Neuser { 46086e0f1b9SPhilipp Neuser return $group; 46186e0f1b9SPhilipp Neuser } 46286e0f1b9SPhilipp Neuser else 46386e0f1b9SPhilipp Neuser return $this->chained_auth->cleanGroup($group); 46486e0f1b9SPhilipp Neuser } 46586e0f1b9SPhilipp Neuser 46686e0f1b9SPhilipp Neuser 46786e0f1b9SPhilipp Neuser public function useSessionCache($user) { 46886e0f1b9SPhilipp Neuser global $conf; 46986e0f1b9SPhilipp Neuser if(is_null($this->chained_auth)) 47086e0f1b9SPhilipp Neuser return ($_SESSION[DOKU_COOKIE]['auth']['time'] >= 47186e0f1b9SPhilipp Neuser @filemtime($conf['cachedir'].'/sessionpurge')); 47286e0f1b9SPhilipp Neuser else 47386e0f1b9SPhilipp Neuser return $this->chained_auth->useSessionCache($user); 47486e0f1b9SPhilipp Neuser } 47586e0f1b9SPhilipp Neuser} 476