Skip to content

Commit

Permalink
Dev: Automatically granting survey creation permission to LDAP automa…
Browse files Browse the repository at this point in the history 
…tically created users

Dev: Improving code (returning null instead -1, new function setGlobalPermission)
  • Loading branch information
@Aestu
Aestu committed Sep 16, 2015
1 parent e1b97cd commit 88606ad
Show file tree
Hide file tree
Showing 5 changed files with 41 additions and 45 deletions.
19 changes: 9 additions & 10 deletions application/core/plugins/AuthLDAP/AuthLDAP.php
View file
Expand Up @@ -150,15 +150,15 @@ private function _createNewUser($new_user)
$oEvent->set('errorCode',self::ERROR_LDAP_CONNECTION);
$oEvent->set('errorMessageTitle','');
$oEvent->set('errorMessageBody',$ldapconn['errorMessage']);
return -1;
return null;
}

if (empty($ldapmode) || $ldapmode=='simplebind')
{
$oEvent->set('errorCode',self::ERROR_LDAP_MODE);
$oEvent->set('errorMessageTitle',gT("Failed to add user"));
$oEvent->set('errorMessageBody',gT("Simple bind LDAP configuration doesn't allow LDAP user creation"));
return -1;
return null;
}

// Search email address and full name
Expand All @@ -178,7 +178,7 @@ private function _createNewUser($new_user)
$oEvent->set('errorMessageTitle',gT('Could not connect to LDAP server.'));
$oEvent->set('errorMessageBody',gT(ldap_error($ldapconn)));
ldap_close($ldapconn); // all done? close connection
return -1;
return null;
}
// Now prepare the search fitler
if ( $extrauserfilter != "")
Expand All @@ -204,15 +204,15 @@ private function _createNewUser($new_user)
$oEvent->set('errorMessageTitle',gT('Username not found in LDAP server'));
$oEvent->set('errorMessageBody',gT('Verify username and try again'));
ldap_close($ldapconn); // all done? close connection
return -1;
return null;
}

if (!validateEmailAddress($new_email))
{
$oEvent->set('errorCode',self::ERROR_INVALID_EMAIL);
$oEvent->set('errorMessageTitle',gT("Failed to add user"));
$oEvent->set('errorMessageBody',gT("The email address is not valid."));
return -1;
return null;
}
$new_pass = createPassword();
// If user is being auto created we set parent ID to 1 (admin user)
Expand All @@ -230,10 +230,10 @@ private function _createNewUser($new_user)
$oEvent->set('errorCode',self::ERROR_ALREADY_EXISTING_USER);
$oEvent->set('errorMessageTitle','');
$oEvent->set('errorMessageBody',gT("Failed to add user"));
return -1;
return null;
}

$this->setAuthPermission($iNewUID,'auth_ldap');
Permission::model()->setGlobalPermission($iNewUID,'auth_ldap');

$oEvent->set('newUserID',$iNewUID);
$oEvent->set('newPassword',$new_pass);
Expand Down Expand Up @@ -486,10 +486,9 @@ public function newUserSession()
// Finally, if user didn't exist and auto creation is enabled, we create it
if ($autoCreateFlag)
{
$iNewUID = $this->_createNewUser($username);
if ($this->get('automaticsurveycreation', null, null, false) == true)
if (($iNewUID = $this->_createNewUser($username)) && $this->get('automaticsurveycreation', null, null, false))
{
$this->setAuthPermission($iNewUID, 'surveys', array('create_p'));
Permission::model()->setGlobalPermission($iNewUID, 'surveys', array('create_p'));
}
}
$user = $this->api->getUserByName($username);
Expand Down
2 changes: 1 addition & 1 deletion application/core/plugins/Authdb/Authdb.php
View file
Expand Up @@ -58,7 +58,7 @@ public function createNewUser()
return;
}

$this->setAuthPermission($iNewUID,'auth_db');
Permission::model()->setGlobalPermission($iNewUID,'auth_db');

$oEvent->set('newUserID',$iNewUID);
$oEvent->set('newPassword',$new_pass);
Expand Down
2 changes: 1 addition & 1 deletion application/core/plugins/Authwebserver/Authwebserver.php
View file
Expand Up @@ -121,7 +121,7 @@ public function newUserSession()
{
$permission=new Permission;
$permission->setPermissions($oUser->uid, 0, 'global', $this->api->getConfigKey('auth_webserver_autocreate_permissions'), true);
$this->setAuthPermission($oUser->uid,'auth_webserver');
Permission::model()->setGlobalPermission($oUser->uid,'auth_webserver');

// read again user from newly created entry
$this->setAuthSuccess($oUser);
Expand Down
33 changes: 0 additions & 33 deletions application/libraries/PluginManager/AuthPluginBase.php
View file
Expand Up @@ -152,37 +152,4 @@ protected function setUsername($username)

return $this;
}

/**
* Set permissions to the user id
*
* @param int $iNewUID
* @param string $sAuthType
* @param array $aPermissions
*/
protected function setAuthPermission($iNewUID,$sAuthType,array $aPermissions=array('read_p'))
{
$aPerm = array(
'entity_id' => 0,
'entity' => 'global',
'uid' => $iNewUID,
'permission' => $sAuthType,
'create_p' => 0,
'read_p' => 0,
'update_p' => 0,
'delete_p' => 0,
'import_p' => 0,
'export_p' => 0
);

foreach ($aPermissions as $sPermType)
{
$aPerm[$sPermType] = 1;
}

$oPermission = new Permission;
foreach ($aPerm as $k => $v)
$oPermission->$k = $v;
$oPermission->save();
}
}
30 changes: 30 additions & 0 deletions application/models/Permission.php
View file
Expand Up @@ -419,6 +419,36 @@ public static function setPermissions($iUserID, $iEntityID, $sEntityName, $aPerm
return true;
}

/**
* Set global permissions to the user id
*
* @param int $iNewUID
* @param string $sAuthType
* @param array $aPermissions
*/
public function setGlobalPermission($iNewUID,$sPermType,array $aPermissions=array('read_p'))
{
$aPerm = array(
'entity_id' => 0,
'entity' => 'global',
'uid' => $iNewUID,
'permission' => $sPermType,
'create_p' => 0,
'read_p' => 0,
'update_p' => 0,
'delete_p' => 0,
'import_p' => 0,
'export_p' => 0
);

foreach ($aPermissions as $sPermType)
{
$aPerm[$sPermType] = 1;
}

$this->insertSomeRecords($aPerm);
}

function giveAllSurveyPermissions($iUserID, $iSurveyID)
{
$aPermissions=$this->getSurveyBasePermissions();
Expand Down

0 comments on commit 88606ad

Please sign in to comment.