Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/2.05' into 2.05
Browse files Browse the repository at this point in the history
  • Loading branch information
@c-schmitz
c-schmitz committed Apr 2, 2013
2 parents 39d649f + 33e4632 commit 8d79505
Show file tree
Hide file tree
Showing 7 changed files with 215 additions and 48 deletions.
5 changes: 3 additions & 2 deletions application/core/LSYii_Application.php
View file
Expand Up @@ -238,11 +238,12 @@ public function loadConfig($file)
*
* @access public
* @param string $name
* @param type $default Value to return when not found, default is false
* @return mixed
*/
public function getConfig($name)
public function getConfig($name, $default = false)
{
return isset($this->config[$name]) ? $this->config[$name] : false;
return isset($this->config[$name]) ? $this->config[$name] : $default;
}


Expand Down
86 changes: 44 additions & 42 deletions application/core/plugins/Authdb/Authdb.php
View file
@@ -1,7 +1,9 @@
<?php
class Authdb extends PluginBase
class Authdb extends AuthPluginBase
{
protected $storage = 'DbStorage';
protected $storage = 'DbStorage';

protected $_onepass = null;

static protected $description = 'Core: Database authentication';

Expand All @@ -28,22 +30,29 @@ public function beforeDeactivate(PluginEvent $event)

public function beforeLogin(PluginEvent $event)
{
$event->set('default', get_class($this)); // This is the default login method, should be configurable from plugin settings
$this->getEvent()->set('default', get_class($this)); // This is the default login method, should be configurable from plugin settings

// We can skip the login form here and set username/password etc.

/* @var $identity LSUserIdentity */
$identity = $event->get('identity');

$request = $this->api->getRequest();
if ($request->getIsPostRequest() && !is_null($request->getQuery('onepass'))) {
// We have a one time password, skip the login form
$identity->setConfig(array('onepass'=>$request()->getQuery('onepass')));
$identity->username = $request()->getQuery('user');
$event->stop(); // Skip the login form
$this->setOnePass($request()->getQuery('onepass'));
$this->setUsername($request()->getQuery('user'));
$this->getEvent()->stop(); // Skip the login form
}
}

/**
* Get the onetime password (if set)
*
* @return string|null
*/
protected function getOnePass()
{
return $this->_onepass;
}

public function newLoginForm(PluginEvent $event)
{
$event->getContent($this)
Expand All @@ -53,31 +62,22 @@ public function newLoginForm(PluginEvent $event)

public function afterLoginFormSubmit(PluginEvent $event)
{
// Here we handle moving post data to the identity
/* @var $identity LSUserIdentity */
$identity = $event->get('identity');

// Here we handle post data
$request = $this->api->getRequest();
if ($request->getIsPostRequest()) {
$identity->username = $request->getPost('user');
$identity->password = $request->getPost('password');
$this->setUsername( $request->getPost('user'));
$this->setPassword($request->getPost('password'));
}

$event->set('identity', $identity);
}

public function newUserSession(PluginEvent $event)
{
// Here we do the actual authentication
/* @var $identity LSUserIdentity */
$identity = $event->getSender();
// Here we do the actual authentication
$username = $this->getUsername();
$password = $this->getPassword();
$onepass = $this->getOnePass();

$username = $identity->username;
$password = $identity->password;
$config = $identity->getConfig();
$onepass = isset($config['onepass']) ? $config['onepass'] : '';

$user = User::model()->findByAttributes(array('users_name' => $username));
$user = $this->getUserByName($username);

if ($user !== null)
{
Expand All @@ -92,35 +92,37 @@ public function newUserSession(PluginEvent $event)
}
else
{
$event->set('result', new LSAuthResult(LSUserIdentity::ERROR_USERNAME_INVALID));
$this->setAuthFailure(self::ERROR_USERNAME_INVALID);
return;
}

if ($onepass != '' && Yii::app()->getConfig("use_one_time_passwords") && md5($onepass) == $user->one_time_pw)
if ($onepass != '' && $this->api->getConfigKey('use_one_time_passwords') && md5($onepass) == $user->one_time_pw)
{
$user->one_time_pw='';
$user->save();
$identity->id = $user->uid;
$identity->user = $user;
$event->set('result', new LSAuthResult(LSUserIdentity::ERROR_NONE));
$this->setAuthSuccess($user);
return;
}

}

if ($sStoredPassword !== hash('sha256', $password))
{
$event->set('result', new LSAuthResult(LSUserIdentity::ERROR_PASSWORD_INVALID));
return;
}
else
{
$identity->id = $user->uid;
$identity->user = $user;
$event->set('result', new LSAuthResult(LSUserIdentity::ERROR_NONE));
$this->setAuthFailure(self::ERROR_PASSWORD_INVALID);
return;
}

$this->setAuthSuccess($user);
}


/**
* Set the onetime password
*
* @param type $onepass
* @return Authdb
*/
protected function setOnePass($onepass)
{
$this->_onepass = $onepass;

return $this;
}
}
8 changes: 4 additions & 4 deletions application/core/plugins/Authwebserver/Authwebserver.php
View file
Expand Up @@ -35,7 +35,7 @@ public function beforeLogin(PluginEvent $event)
$sUser = substr($sUser, strrpos($sUser, "\\")+1);
}

$aUserMappings=Yii::app()->getConfig("auth_webserver_user_map");
$aUserMappings=$this->api->getConfigKey('auth_webserver_user_map', array());
if (isset($aUserMappings[$sUser]))
{
$sUser = $aUserMappings[$sUser];
Expand Down Expand Up @@ -63,9 +63,9 @@ public function newUserSession(PluginEvent $event)
// describing the default profile for this user
$aUserProfile = hook_get_auth_webserver_profile($sUser);
}
elseif (Yii::app()->getConfig("auth_webserver_autocreate_user"))
elseif ($this->api->getConfigKey('auth_webserver_autocreate_user'))
{
$aUserProfile=Yii::app()->getConfig("auth_webserver_autocreate_profile");
$aUserProfile=$this->api->getConfigKey('auth_webserver_autocreate_profile');
}
} else {
$identity->id = $oUser->uid;
Expand All @@ -76,7 +76,7 @@ public function newUserSession(PluginEvent $event)



if (Yii::app()->getConfig("auth_webserver_autocreate_user") && isset($aUserProfile) && is_null($oUser))
if ($this->api->getConfigKey('auth_webserver_autocreate_user') && isset($aUserProfile) && is_null($oUser))
{ // user doesn't exist but auto-create user is set
$oUser=new User;
$oUser->users_name=$sUser;
Expand Down
120 changes: 120 additions & 0 deletions application/libraries/PluginManager/AuthPluginBase.php
View file
@@ -0,0 +1,120 @@
<?php
abstract class AuthPluginBase extends PluginBase {

/**
* These constants reflect the error codes to be used by the identity, they
* are copied from LSUserIdentity and CBaseUserIdentity for easier access.
*/
const ERROR_NONE = 0;
const ERROR_USERNAME_INVALID = 1;
const ERROR_PASSWORD_INVALID = 2;
const ERROR_IP_LOCKED_OUT = 98;
const ERROR_UNKNOWN_HANDLER = 99;
const ERROR_UNKNOWN_IDENTITY = 100;

protected $_username = null;
protected $_password = null;

/**
* Get the password (if set)
*
* @return string|null
*/
protected function getPassword()
{
return $this->_password;
}

/**
* Get the user object for a given username
*
* @param string $username
* @return User|null Returns the user, or null when not found
*/
protected function getUserByName($username)
{
$user = User::model()->findByAttributes(array('users_name' => $username));

return $user;
}

/**
* Get the username (if set)
*
* @return string|null
*/
protected function getUserName()
{
return $this->_username;
}

/**
* Set authentication result to success for the given user object.
*
* @param User $user
* @return AuthPluginBase
*/
public function setAuthSuccess(User $user)
{
$event = $this->getEvent();
$identity = $this->getEvent()->get('identity');
$identity->id = $user->uid;
$identity->user = $user;
$event->set('result', new LSAuthResult(self::ERROR_NONE));

return $this;
}

/**
* Set authentication result to failure.
*
* @param int $code Any of the constants defined in this class
* @param string $message An optional message to return about the failure
* @return AuthPluginBase
*/
public function setAuthFailure($code = self::ERROR_UNKNOWN_IDENTITY, $message = '')
{
$event = $this->getEvent();
$identity = $this->getEvent()->get('identity');
$identity->id = null;
$event->set('result', new LSAuthResult($code, $message));

return $this;
}

/**
* Set the password to use for authentication
*
* @param string $password
* @return AuthPluginBase
*/
protected function setPassword($password)
{
$this->_password = $password;
$event = $this->getEvent();
$identity = $this->getEvent()->get('identity');
$identity->password = $password;

$event->set('identity', $identity);

return $this;
}

/**
* Set the username to use for authentication
*
* @param string $username The username
* @return AuthPluginBase
*/
protected function setUsername($username)
{
$this->_username = $username;
$event = $this->getEvent();
$identity = $this->getEvent()->get('identity');
$identity->username = $username;

$event->set('identity', $identity);

return $this;
}
}
13 changes: 13 additions & 0 deletions application/libraries/PluginManager/LimesurveyApi.php
View file
Expand Up @@ -6,6 +6,19 @@
*/
class LimesurveyApi
{
/**
* Read a key from the application config, and when not set
* return the default value
*
* @param string $key The key to search for in the application config
* @param mixed $defaultValue Value to return when not found, default is false
* @return mixed
*/
public function getConfigKey($key, $defaultValue = false)
{
return App()->getConfig($key, $defaultValue);
}

/**
* Generates the real table name from plugin and tablename.
* @param iPlugin $plugin
Expand Down
29 changes: 29 additions & 0 deletions application/libraries/PluginManager/PluginBase.php
View file
Expand Up @@ -10,6 +10,12 @@ abstract class PluginBase implements iPlugin {
*/
protected $api = null;

/**
*
* @var PluginEvent
*/
protected $event = null;

protected $id = null;
protected $storage = 'DummyStorage';

Expand Down Expand Up @@ -61,6 +67,16 @@ public static function getDescription()
return static::$description;
}

/**
* Get the current event this plugin is responding to
*
* @return PluginEvent
*/
public function getEvent()
{
return $this->event;
}

/**
* Returns the id of the plugin
*
Expand Down Expand Up @@ -192,6 +208,19 @@ protected function set($key, $data, $model = null, $id = null)
{
return $this->getStore()->set($this, $key, $data, $model, $id);
}

/**
* Set the event to the plugin, this method is executed by the PluginManager
* just before dispatching the event.
*
* @param PluginEvent $event
* @return PluginBase
*/
public function setEvent(PluginEvent $event)
{
$this->event = $event;
return $this;
}

/**
* Here you should handle subscribing to the events your plugin will handle
Expand Down
2 changes: 2 additions & 0 deletions application/libraries/PluginManager/PluginManager.php
View file
Expand Up @@ -142,7 +142,9 @@ public function dispatchEvent(PluginEvent $event, $target = array())
if (!$event->isStopped()
&& (empty($target) || in_array(get_class($subscription[0]), $target)))
{
$subscription[0]->setEvent($event);
call_user_func($subscription, $event);
$event = $subscription[0]->getEvent();
}
}
}
Expand Down

0 comments on commit 8d79505

Please sign in to comment.