xref: /template/strap/ComboStrap/Identity.php (revision be61a7dff863d71b511ec3d76c85eae93b93e8bc) 
137748cd8SNickeau<?php
237748cd8SNickeau/**
337748cd8SNickeau * Copyright (c) 2021. ComboStrap, Inc. and its affiliates. All Rights Reserved.
437748cd8SNickeau *
537748cd8SNickeau * This source code is licensed under the GPL license found in the
637748cd8SNickeau * COPYING  file in the root directory of this source tree.
737748cd8SNickeau *
837748cd8SNickeau * @license  GPL 3 (https://www.gnu.org/licenses/gpl-3.0.en.html)
937748cd8SNickeau * @author   ComboStrap <support@combostrap.com>
1037748cd8SNickeau *
1137748cd8SNickeau */
1237748cd8SNickeau
1337748cd8SNickeaunamespace ComboStrap;
1437748cd8SNickeau
1537748cd8SNickeau
1637748cd8SNickeauuse Doku_Form;
170581ab2eSgerardnicouse dokuwiki\Form\Form;
1804fd306cSNickeauuse dokuwiki\Form\InputElement;
1904fd306cSNickeauuse dokuwiki\Ui\UserProfile;
2037748cd8SNickeauuse TestRequest;
2137748cd8SNickeau
2237748cd8SNickeauclass Identity
2337748cd8SNickeau{
2437748cd8SNickeau
2537748cd8SNickeau    const CANONICAL = "identity";
2637748cd8SNickeau    const CONF_ENABLE_LOGO_ON_IDENTITY_FORMS = "enableLogoOnIdentityForms";
2737748cd8SNickeau    const JS_NAVIGATION_ANONYMOUS_VALUE = "anonymous";
2837748cd8SNickeau    const JS_NAVIGATION_SIGNED_VALUE = "signed";
2937748cd8SNickeau    /**
3037748cd8SNickeau     * A javascript indicator
3137748cd8SNickeau     * to know if the user is logged in or not
3237748cd8SNickeau     * (ie public or not)
3337748cd8SNickeau     */
3437748cd8SNickeau    const JS_NAVIGATION_INDICATOR = "navigation";
3537748cd8SNickeau
364cadd4f8SNickeau    const FORM_IDENTITY_CLASS = "form-identity";
3704fd306cSNickeau    public const FIELD_SET_TO_DELETE = ["fieldsetopen", "fieldsetclose"];
3804fd306cSNickeau    public const CONF_DESIGNER_GROUP_NAME = "combo-conf-006";
394cadd4f8SNickeau
4037748cd8SNickeau    /**
4137748cd8SNickeau     * Is logged in
4237748cd8SNickeau     * @return boolean
4337748cd8SNickeau     */
4404fd306cSNickeau    public static function isLoggedIn(): bool
4537748cd8SNickeau    {
4604fd306cSNickeau        global $_SERVER;
4704fd306cSNickeau        if (empty($_SERVER['REMOTE_USER'])) {
4804fd306cSNickeau            return false;
4937748cd8SNickeau        }
5004fd306cSNickeau        return true;
5137748cd8SNickeau    }
5237748cd8SNickeau
5337748cd8SNickeau    /**
5437748cd8SNickeau     * @param TestRequest $request
5537748cd8SNickeau     * @param string $user
5637748cd8SNickeau     */
5737748cd8SNickeau    public static function becomeSuperUser(&$request = null, $user = 'admin')
5837748cd8SNickeau    {
5937748cd8SNickeau        global $conf;
6037748cd8SNickeau        $conf['useacl'] = 1;
6137748cd8SNickeau        $conf['superuser'] = $user;
6237748cd8SNickeau        $conf['remoteuser'] = $user;
6337748cd8SNickeau
6437748cd8SNickeau        if ($request != null) {
6537748cd8SNickeau            $request->setServer('REMOTE_USER', $user);
66918039dbSgerardnico        }
67918039dbSgerardnico
68918039dbSgerardnico        /**
69918039dbSgerardnico         * used by {@link getSecurityToken()}
70918039dbSgerardnico         */
7104fd306cSNickeau        // same as
7204fd306cSNickeau        // global $INPUT;
7304fd306cSNickeau        // $INPUT->server->set('REMOTE_USER', $user);
7404fd306cSNickeau        $_SERVER['REMOTE_USER'] = $user;
7537748cd8SNickeau
7637748cd8SNickeau        // global $INFO;
7737748cd8SNickeau        // $INFO['ismanager'] = true;
7837748cd8SNickeau
7904fd306cSNickeau
8004fd306cSNickeau        /**
8104fd306cSNickeau         *
8204fd306cSNickeau         * Userinfo
8304fd306cSNickeau         *
8404fd306cSNickeau         * Email is Mandatory otherwise the {@link UserProfile}
8504fd306cSNickeau         * does not work
8604fd306cSNickeau         *
8704fd306cSNickeau         * USERINFO is also available via $INFO['userinfo']
8804fd306cSNickeau         * See {@link basicinfo()}
8904fd306cSNickeau         */
9004fd306cSNickeau        global $USERINFO;
9104fd306cSNickeau        $USERINFO['mail'] = "email@example.com";
9204fd306cSNickeau        // $USERINFO['grps'] = array('admin', 'user');
9304fd306cSNickeau
9404fd306cSNickeau
9537748cd8SNickeau    }
9637748cd8SNickeau
9737748cd8SNickeau    /**
9837748cd8SNickeau     * @param $request
9937748cd8SNickeau     * @param string $user - the user to login
10037748cd8SNickeau     */
10137748cd8SNickeau    public static function logIn(&$request, $user = 'defaultUser')
10237748cd8SNickeau    {
10337748cd8SNickeau
10437748cd8SNickeau        $request->setServer('REMOTE_USER', $user);
10537748cd8SNickeau
10637748cd8SNickeau        /**
10737748cd8SNickeau         * The {@link getSecurityToken()} needs it
10837748cd8SNickeau         */
10937748cd8SNickeau        global $INPUT;
11037748cd8SNickeau        $INPUT->server->set('REMOTE_USER', $user);
11137748cd8SNickeau
11237748cd8SNickeau    }
11337748cd8SNickeau
11437748cd8SNickeau    /**
11537748cd8SNickeau     * @return bool if edit auth
11637748cd8SNickeau     */
11704fd306cSNickeau    public static function isWriter($wikiId = null): bool
11837748cd8SNickeau    {
11904fd306cSNickeau
12004fd306cSNickeau        if ($wikiId === null) {
12104fd306cSNickeau            $executionContext = ExecutionContext::getActualOrCreateFromEnv();
12204fd306cSNickeau            try {
12304fd306cSNickeau                $wikiId = $executionContext->getRequestedPath()->getWikiId();
12404fd306cSNickeau            } catch (ExceptionNotFound $e) {
12504fd306cSNickeau                return false;
126c3437056SNickeau            }
12704fd306cSNickeau        }
12804fd306cSNickeau        /**
12904fd306cSNickeau         * There is also
13004fd306cSNickeau         * $INFO['writable'] === true
13104fd306cSNickeau         * See true if writable See https://www.dokuwiki.org/devel:environment#info
13204fd306cSNickeau         */
133c3437056SNickeau        if ($_SERVER['REMOTE_USER']) {
13404fd306cSNickeau            $perm = auth_quickaclcheck($wikiId);
135c3437056SNickeau        } else {
13604fd306cSNickeau            $perm = auth_aclcheck($wikiId, '', null);
137c3437056SNickeau        }
13837748cd8SNickeau
139c3437056SNickeau        if ($perm >= AUTH_EDIT) {
140c3437056SNickeau            return true;
141c3437056SNickeau        } else {
142c3437056SNickeau            return false;
143c3437056SNickeau        }
14437748cd8SNickeau
14537748cd8SNickeau    }
14637748cd8SNickeau
14737748cd8SNickeau    public static function isAdmin()
14837748cd8SNickeau    {
14937748cd8SNickeau        global $INFO;
15037748cd8SNickeau        if (!empty($INFO)) {
151*be61a7dfSgerardnico            $isAdmin = $INFO['isadmin'] ?? null;
152*be61a7dfSgerardnico            if ($isAdmin === null) {
153*be61a7dfSgerardnico                return false;
154*be61a7dfSgerardnico            }
155*be61a7dfSgerardnico            return $isAdmin;
15637748cd8SNickeau        } else {
15737748cd8SNickeau            return auth_isadmin(self::getUser(), self::getUserGroups());
15837748cd8SNickeau        }
15937748cd8SNickeau    }
16037748cd8SNickeau
16137748cd8SNickeau    public static function isMember($group)
16237748cd8SNickeau    {
16337748cd8SNickeau
16437748cd8SNickeau        return auth_isMember($group, self::getUser(), self::getUserGroups());
16537748cd8SNickeau
16637748cd8SNickeau    }
16737748cd8SNickeau
16804fd306cSNickeau    public static function isManager(): bool
16937748cd8SNickeau    {
17004fd306cSNickeau
171c3437056SNickeau        return auth_ismanager();
17204fd306cSNickeau
17337748cd8SNickeau    }
17437748cd8SNickeau
175c3437056SNickeau    public static function getUser(): string
17637748cd8SNickeau    {
17737748cd8SNickeau        global $INPUT;
178c3437056SNickeau        $user = $INPUT->server->str('REMOTE_USER');
179c3437056SNickeau        if (empty($user)) {
180c3437056SNickeau            return "Anonymous";
181c3437056SNickeau        }
182c3437056SNickeau        return $user;
18337748cd8SNickeau    }
18437748cd8SNickeau
18537748cd8SNickeau    private static function getUserGroups()
18637748cd8SNickeau    {
18737748cd8SNickeau        global $USERINFO;
18804fd306cSNickeau        return is_array($USERINFO) && isset($USERINFO['grps']) ? $USERINFO['grps'] : array();
18937748cd8SNickeau    }
19037748cd8SNickeau
19104fd306cSNickeau    public static function isReader(string $wikiId): bool
19237748cd8SNickeau    {
19304fd306cSNickeau        $perm = self::getPermissions($wikiId);
194c3437056SNickeau
195c3437056SNickeau        if ($perm >= AUTH_READ) {
196c3437056SNickeau            return true;
197c3437056SNickeau        } else {
198c3437056SNickeau            return false;
199c3437056SNickeau        }
200c3437056SNickeau
201c3437056SNickeau    }
202c3437056SNickeau
20304fd306cSNickeau    private static function getPermissions(string $wikiId): int
204c3437056SNickeau    {
20504fd306cSNickeau        if ($wikiId == null) {
20604fd306cSNickeau            $wikiId = MarkupPath::createFromRequestedPage()->getWikiId();
207c3437056SNickeau        }
208c3437056SNickeau        if ($_SERVER['REMOTE_USER']) {
20904fd306cSNickeau            $perm = auth_quickaclcheck($wikiId);
210c3437056SNickeau        } else {
21104fd306cSNickeau            $perm = auth_aclcheck($wikiId, '', null);
212c3437056SNickeau        }
213c3437056SNickeau        return $perm;
214c3437056SNickeau    }
215c3437056SNickeau
21604fd306cSNickeau    public static function getSecurityTokenForAdminUser(): string
2174cadd4f8SNickeau    {
21804fd306cSNickeau        $request = null;
21904fd306cSNickeau        Identity::becomeSuperUser($request, 'admin');
22004fd306cSNickeau        return getSecurityToken();
2214cadd4f8SNickeau    }
2224cadd4f8SNickeau
22304fd306cSNickeau    public static function isAnonymous(): bool
2244cadd4f8SNickeau    {
22504fd306cSNickeau        return !self::isLoggedIn();
2264cadd4f8SNickeau    }
2274cadd4f8SNickeau
22837748cd8SNickeau
22937748cd8SNickeau}
230