MDL-17767 loginas internals refactoring - code moved to sessionlib.php

moodle · Jan 2, 2009 · 542797b · 542797b
1 parent 8d1964c
commit 542797b
Show file tree

Hide file tree

Showing 10 changed files with 43 additions and 19 deletions.
diff --git a/course/enrol.php b/course/enrol.php
@@ -28,7 +28,7 @@
     }
 
 /// do not use when in course login as
-    if (!empty($USER->realuser) and $USER->loginascontext->contextlevel == CONTEXT_COURSE) {
+    if (is_loggedinas() and $USER->loginascontext->contextlevel == CONTEXT_COURSE) {
         print_error('loginasnoenrol', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
     }
 

diff --git a/course/loginas.php b/course/loginas.php
@@ -7,7 +7,7 @@
 /// Reset user back to their real self if needed
     $return = optional_param('return', 0, PARAM_BOOL);   // return to the page we came from
 
-    if (!empty($USER->realuser)) {
+    if (is_loggedinas()) {
         if (!confirm_sesskey()) {
             print_error('confirmsesskeybad');
         }

diff --git a/lib/datalib.php b/lib/datalib.php
@@ -1897,7 +1897,7 @@ function add_to_log($courseid, $module, $action, $url='', $info='', $cm=0, $user
     if ($user) {
         $userid = $user;
     } else {
-        if (!empty($USER->realuser)) {  // Don't log
+        if (is_loggedinas()) {  // Don't log
             return;
         }
         $userid = empty($USER->id) ? '0' : $USER->id;
@@ -1972,7 +1972,7 @@ function add_to_log($courseid, $module, $action, $url='', $info='', $cm=0, $user
 function user_accesstime_log($courseid=0) {
     global $USER, $CFG, $DB;
 
-    if (!isloggedin() or !empty($USER->realuser)) {
+    if (!isloggedin() or is_loggedinas()) {
         // no access tracking
         return;
     }

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
@@ -1920,7 +1920,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu
     }
 
 /// loginas as redirection if needed
-    if ($COURSE->id != SITEID and !empty($USER->realuser)) {
+    if ($COURSE->id != SITEID and is_loggedinas()) {
         if ($USER->loginascontext->contextlevel == CONTEXT_COURSE) {
             if ($USER->loginascontext->instanceid != $COURSE->id) {
                 print_error('loginasonecourse', '', $CFG->wwwroot.'/course/view.php?id='.$USER->loginascontext->instanceid);
@@ -1929,7 +1929,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu
     }
 
 /// check whether the user should be changing password (but only if it is REALLY them)
-    if (get_user_preferences('auth_forcepasswordchange') && empty($USER->realuser)) {
+    if (get_user_preferences('auth_forcepasswordchange') && !is_loggedinas()) {
         $userauth = get_auth_plugin($USER->auth);
         if ($userauth->can_change_password()) {
             $SESSION->wantsurl = $FULLME;
@@ -2107,7 +2107,7 @@ function require_login($courseorid=0, $autologinguest=true, $cm=null, $setwantsu
     /// For non-guests, check if they have course view access
 
         } else if (has_capability('moodle/course:view', $COURSE->context)) {
-            if (!empty($USER->realuser)) {   // Make sure the REAL person can also access this course
+            if (is_loggedinas()) {   // Make sure the REAL person can also access this course
                 if (!has_capability('moodle/course:view', $COURSE->context, $USER->realuser)) {
                     print_header_simple();
                     notice(get_string('studentnotallowed', '', fullname($USER, true)), $CFG->wwwroot .'/');

diff --git a/lib/sessionlib.php b/lib/sessionlib.php
@@ -1,5 +1,9 @@
 <?php  //$Id$
 
+/**
+ * Factory method returning moodle_session object.
+ * @return moodle_session
+ */
 function get_session() {
     static $session = null;
 
@@ -70,7 +74,7 @@ public function terminate() {
             error_log('Can not terminate session properly - headers were already sent in file: '.$file.' on line '.$line);
         } else {
             // TODO: regenerate session ID here
-            
+
         }
 
         @session_write_close();
@@ -249,10 +253,26 @@ function get_moodle_cookie() {
     }
 }
 
+/**
+ * Is current $USER logged-in-as somebody else?
+ * @return bool
+ */
+function is_loggedinas() {
+    global $USER;
+
+    return !empty($USER->realuser);
+}
+
+/**
+ * Login as another user - no security checks here.
+ * @param int $userid
+ * @param object $context
+ * @return void
+ */
 function session_loginas($userid, $context) {
     global $USER, $SESSION;
 
-    if (!empty($USER->realuser)) {
+    if (is_loggedinas()) {
         return;
     }
 
@@ -280,10 +300,14 @@ function session_loginas($userid, $context) {
     }
 }
 
+/**
+ * Terminate login-as session
+ * @return void
+ */
 function session_unloginas() {
     global $USER, $SESSION;
 
-    if (empty($USER->realuser)) {
+    if (!is_loggedinas()) {
         return;
     }
 

diff --git a/lib/setup.php b/lib/setup.php
@@ -504,7 +504,7 @@ function stripslashes_deep($value) {
             $apachelog_name = clean_filename($USER->firstname . " " .
                                              $USER->lastname);
         }
-        if (isset($USER->realuser)) {
+        if (is_loggedinas()) {
             if ($realuser = $DB->get_record('user', array('id'=>$USER->realuser))) {
                 $apachelog_username = clean_filename($realuser->username." as ".$apachelog_username);
                 $apachelog_name = clean_filename($realuser->firstname." ".$realuser->lastname ." as ".$apachelog_name);

diff --git a/lib/simpletest/testcompletionlib.php b/lib/simpletest/testcompletionlib.php
@@ -94,7 +94,7 @@ function setUp() {
         global $DB,$CFG,$SESSION,$USER;
         $this->realdb=$DB;
         $this->realcfg=$CFG;
-        $this->realuser=$USER;
+        $this->prevuser=$USER;
         $DB=new mock_database();
         $CFG=clone($this->realcfg);
         $CFG->prefix='test_';
@@ -108,7 +108,7 @@ function tearDown() {
         $DB=$this->realdb;
         $CFG=$this->realcfg;
         $SESSION=$this->realsession;
-        $USER=$this->realuser;
+        $USER=$this->prevuser;
     }
 
     function test_is_enabled() {

diff --git a/lib/weblib.php b/lib/weblib.php
@@ -3497,7 +3497,7 @@ function user_login_string($course=NULL, $user=NULL) {
         $course = $SITE;
     }
 
-    if (!empty($user->realuser)) {
+    if (is_loggedinas()) {
         if ($realuser = $DB->get_record('user', array('id'=>$user->realuser))) {
             $fullname = fullname($realuser, true);
             $realuserinfo = " [<a $CFG->frametarget
@@ -4755,7 +4755,7 @@ function print_user($user, $course, $messageselect=false, $return=false) {
     if (has_capability('moodle/role:assign', $context) and get_user_roles($context, $user->id, false)) {  // I can unassing and user has some role
         $output .= '<a href="'. $CFG->wwwroot .'/course/unenrol.php?id='. $course->id .'&amp;user='. $user->id .'">'. $string->unenrol .'</a><br />';
     }
-    if ($USER->id != $user->id && empty($USER->realuser) && has_capability('moodle/user:loginas', $context) &&
+    if ($USER->id != $user->id && !is_loggedinas() && has_capability('moodle/user:loginas', $context) &&
                                  ! has_capability('moodle/site:doanything', $context, $user->id, false)) {
         $output .= '<a href="'. $CFG->wwwroot .'/course/loginas.php?id='. $course->id .'&amp;user='. $user->id .'&amp;sesskey='. sesskey() .'">'. $string->loginas .'</a><br />';
     }

diff --git a/login/change_password.php b/login/change_password.php
@@ -30,7 +30,7 @@
     }
 
     // do not allow "Logged in as" users to change any passwords
-    if (!empty($USER->realuser)) {
+    if (is_loggedinas()) {
         print_error('cannotcallscript');
     }
 

diff --git a/user/view.php b/user/view.php
@@ -411,7 +411,7 @@
     if ($passwordchangeurl) {
         $params = array('id'=>$course->id);
 
-        if (!empty($USER->realuser)) {
+        if (is_loggedinas()) {
             $passwordchangeurl = ''; // do not use actual change password url - might contain sensitive data
         } else {
             $parts = explode('?', $passwordchangeurl);
@@ -429,7 +429,7 @@
         foreach($params as $key=>$value) {
             echo '<input type="hidden" name="'.$key.'" value="'.s($value).'" />';
         }
-        if (!empty($USER->realuser)) {
+        if (is_loggedinas()) {
             // changing of password when "Logged in as" is not allowed
             echo "<input type=\"submit\" value=\"".get_string("changepassword")."\" disabled=\"disabled\" />";
         } else {
@@ -471,7 +471,7 @@
         }
     }
 
-    if (!$user->deleted and $USER->id != $user->id  && empty($USER->realuser) && has_capability('moodle/user:loginas', $coursecontext) &&
+    if (!$user->deleted and $USER->id != $user->id  && !is_loggedinas() && has_capability('moodle/user:loginas', $coursecontext) &&
                                  ! has_capability('moodle/site:doanything', $coursecontext, $user->id, false)) {
         echo '<form action="'.$CFG->wwwroot.'/course/loginas.php" method="get">';
         echo '<div>';