Permalink
Browse files

Split AuthService and move methods to RolesService, UsersService, Bru…

…teForceHelper
  • Loading branch information...
1 parent 8af5677 commit e3e2e1f4a77761e90a2f081b81879abcd8edeb15 @cdujeu cdujeu committed Jun 8, 2016
Showing with 1,275 additions and 1,123 deletions.
  1. +3 −2 core/src/core/src/pydio/Core/Controller/Controller.php
  2. +2 −1 core/src/core/src/pydio/Core/Controller/XMLWriter.php
  3. +2 −1 core/src/core/src/pydio/Core/Http/Cli/AuthCliMiddleware.php
  4. +2 −1 core/src/core/src/pydio/Core/Http/Dav/AuthBackendBasic.php
  5. +2 −1 core/src/core/src/pydio/Core/Http/Dav/AuthBackendDigest.php
  6. +2 −1 core/src/core/src/pydio/Core/Http/Middleware/AuthMiddleware.php
  7. +12 −3 core/src/core/src/pydio/Core/PluginFramework/PluginsService.php
  8. +33 −828 core/src/core/src/pydio/Core/Services/AuthService.php
  9. +20 −8 core/src/core/src/pydio/Core/Services/ConfService.php
  10. +246 −0 core/src/core/src/pydio/Core/Services/RolesService.php
  11. +467 −0 core/src/core/src/pydio/Core/Services/UsersService.php
  12. +108 −0 core/src/core/src/pydio/Core/Utils/BruteForceHelper.php
  13. +37 −0 core/src/core/src/pydio/Core/Utils/CookiesHelper.php
  14. +2 −1 core/src/core/src/pydio/Core/Utils/Utils.php
  15. +3 −2 core/src/core/src/pydio/Core/Utils/VarsFilter.php
  16. +2 −1 core/src/core/src/pydio/Tests/UsersConfig.php
  17. +80 −69 core/src/plugins/access.ajxp_conf/class.ajxp_confAccessDriver.php
  18. +3 −2 core/src/plugins/access.ajxp_user/class.UserDashboardDriver.php
  19. +3 −2 core/src/plugins/access.dropbox/class.dropboxAccessDriver.php
  20. +2 −1 core/src/plugins/action.avatar/class.AvatarProvider.php
  21. +3 −2 core/src/plugins/action.scheduler/class.AjxpScheduler.php
  22. +3 −2 core/src/plugins/action.share/src/Legacy/LegacyPubliclet.php
  23. +2 −1 core/src/plugins/action.share/src/Model/CompositeShare.php
  24. +5 −4 core/src/plugins/action.share/src/ShareCenter.php
  25. +22 −20 core/src/plugins/action.share/src/Store/ShareRightsManager.php
  26. +9 −7 core/src/plugins/action.share/src/Store/ShareStore.php
  27. +2 −2 core/src/plugins/action.updater/class.UpdateController.php
  28. +14 −13 core/src/plugins/auth.ldap/class.ldapAuthDriver.php
  29. +7 −7 core/src/plugins/auth.remote/class.remoteAuthDriver.php
  30. +10 −8 core/src/plugins/auth.remote/glueCode.php
  31. +8 −8 core/src/plugins/auth.serial/class.serialAuthDriver.php
  32. +6 −5 core/src/plugins/authfront.cas/class.CasAuthFrontend.php
  33. +6 −4 core/src/plugins/authfront.duosecurity/class.DuoSecurityFrontend.php
  34. +3 −2 core/src/plugins/authfront.http_server/class.ServerHttpAuthFrontend.php
  35. +2 −3 core/src/plugins/authfront.otp/class.OtpAuthFrontend.php
  36. +10 −8 core/src/plugins/authfront.session_login/class.SessionLoginFrontend.php
  37. +6 −4 core/src/plugins/boot.conf/class.BootConfLoader.php
  38. +4 −3 core/src/plugins/conf.serial/class.AJXP_SerialUser.php
  39. +4 −4 core/src/plugins/conf.serial/class.serialConfDriver.php
  40. +7 −6 core/src/plugins/conf.sql/class.AJXP_SqlUser.php
  41. +4 −5 core/src/plugins/conf.sql/class.sqlConfDriver.php
  42. +2 −2 core/src/plugins/core.access/src/AbstractAccessDriver.php
  43. +9 −9 core/src/plugins/core.auth/class.AbstractAuthDriver.php
  44. +2 −1 core/src/plugins/core.authfront/class.FrontendsLoader.php
  45. +19 −0 core/src/plugins/core.conf/class.AJXP_Role.php
  46. +4 −4 core/src/plugins/core.conf/class.AbstractAjxpUser.php
  47. +25 −23 core/src/plugins/core.conf/class.AbstractConfDriver.php
  48. +2 −1 core/src/plugins/core.log/class.AJXP_Logger.php
  49. +3 −3 core/src/plugins/core.mailer/class.AjxpMailer.php
  50. +2 −1 core/src/plugins/core.mq/class.MqManager.php
  51. +2 −1 core/src/plugins/core.notifications/class.AJXP_Notification.php
  52. +7 −6 core/src/plugins/core.ocs/src/Server/Federated/Server.php
  53. +2 −2 core/src/plugins/editor.browser/class.FileMimeSender.php
  54. +2 −3 core/src/plugins/editor.eml/class.EmlParser.php
  55. +3 −2 core/src/plugins/gui.ajax/class.AJXP_ClientDriver.php
  56. +5 −4 core/src/plugins/gui.user/class.UserGuiController.php
  57. +4 −4 core/src/plugins/index.elasticsearch/class.AjxpElasticSearch.php
  58. +4 −4 core/src/plugins/index.lucene/class.AjxpLuceneIndexer.php
  59. +2 −3 core/src/plugins/meta.simple_lock/class.SimpleLockManager.php
  60. +2 −2 core/src/plugins/meta.user/class.UserMetaManager.php
  61. +2 −2 core/src/plugins/meta.watch/class.MetaWatchRegister.php
  62. +2 −2 core/src/plugins/mq.serial/class.AJXP_SerialMessageExchanger.php
  63. +2 −2 core/src/plugins/uploader.flex/class.FlexUploadProcessor.php
@@ -32,6 +32,7 @@
use Pydio\Core\Services\AuthService;
use Pydio\Core\Services\ConfService;
use Pydio\Core\PluginFramework\PluginsService;
+use Pydio\Core\Services\UsersService;
use Pydio\Core\Utils\UnixProcess;
use Pydio\Log\Core\AJXP_Logger;
use Pydio\Tasks\Task;
@@ -200,7 +201,7 @@ public static function run(ServerRequestInterface $request, &$actionNode = null)
/** @var ContextInterface $ctx */
$ctx = $request->getAttribute("ctx");
//Check Rights
- if (AuthService::usersEnabled()) {
+ if (UsersService::usersEnabled()) {
$loggedUser = $ctx->getUser();
if( $actionName != "logout" && Controller::actionNeedsRight($actionNode, $xPath, "userLogged", "only") && $loggedUser == null){
throw new AuthRequiredException();
@@ -298,7 +299,7 @@ public static function applyActionInBackground(ContextInterface $ctx, $actionNam
if(!is_dir($logDir)) mkdir($logDir, 0755);
$logFile = $logDir."/".$token.".out";
- if (Services\AuthService::usersEnabled()) {
+ if (UsersService::usersEnabled()) {
$cKey = ConfService::getCoreConf("AJXP_CLI_SECRET_KEY", "conf");
if(empty($cKey)){
$cKey = "\1CDAFx¨op#";
@@ -25,6 +25,7 @@
use Pydio\Core\Model\Context;
use Pydio\Core\Model\ContextInterface;
use Pydio\Core\Model\RepositoryInterface;
+use Pydio\Core\Services\UsersService;
use Pydio\Core\Utils\Utils;
use Pydio\Core\Services;
use Pydio\Conf\Core\AbstractAjxpUser;
@@ -510,7 +511,7 @@ public static function getUserXML(ContextInterface $ctx, $userObject = null)
$currentRepoId = $ctx->getRepositoryId();
$confDriver = ConfService::getConfStorageImpl();
if($userObject != null) $loggedUser = $userObject;
- if (!Services\AuthService::usersEnabled()) {
+ if (!UsersService::usersEnabled()) {
$buffer.="<user id=\"shared\">";
$buffer.="<active_repo id=\"".$currentRepoId."\" write=\"1\" read=\"1\"/>";
$buffer.= XMLWriter::writeRepositoriesData($ctx);
@@ -30,6 +30,7 @@
use Pydio\Core\PluginFramework\PluginsService;
use Pydio\Core\Services\AuthService;
use Pydio\Core\Services\ConfService;
+use Pydio\Core\Services\UsersService;
use Zend\Diactoros\Response;
defined('AJXP_EXEC') or die('Access not allowed');
@@ -131,7 +132,7 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R
}
- if (AuthService::usersEnabled() && !empty($optUser)) {
+ if (UsersService::usersEnabled() && !empty($optUser)) {
$seed = AuthService::generateSeed();
if ($seed != -1) {
$optPass = md5(md5($optPass).$seed);
@@ -26,6 +26,7 @@
use Pydio\Core\Model\UserInterface;
use Pydio\Core\Services\AuthService;
use Pydio\Core\Services\ConfService;
+use Pydio\Core\Services\UsersService;
use Pydio\Log\Core\AJXP_Logger;
use \Sabre;
@@ -61,7 +62,7 @@ public function __construct(ContextInterface $ctx)
protected function validateUserPass($username, $password)
{
// Warning, this can only work if TRANSMIT_CLEAR_PASS is true;
- return AuthService::checkPassword($username, $password, false, -1);
+ return UsersService::checkPassword($username, $password, false, -1);
}
public function authenticate(Sabre\DAV\Server $server, $realm)
@@ -20,6 +20,7 @@
*/
namespace Pydio\Core\Http\Dav;
+use Pydio\Core\Services\UsersService;
use \Sabre;
use Pydio\Auth\Core\AJXP_Safe;
use Pydio\Core\Model\ContextInterface;
@@ -54,7 +55,7 @@ public function __construct($context)
public function getDigestHash($realm, $username)
{
- if (!AuthService::userExists($username)) {
+ if (!UsersService::userExists($username)) {
return false;
}
$confDriver = ConfService::getConfStorageImpl();
@@ -32,6 +32,7 @@
use Pydio\Core\PluginFramework\PluginsService;
use Pydio\Core\Services\AuthService;
use Pydio\Core\Services\ConfService;
+use Pydio\Core\Services\UsersService;
use Zend\Diactoros\Response\EmptyResponse;
defined('AJXP_EXEC') or die('Access not allowed');
@@ -108,7 +109,7 @@ protected static function bootSessionServer(ServerRequestInterface $request){
unset($_SESSION["SWITCH_BACK_REPO_ID"]);
}
- if (AuthService::usersEnabled()) {
+ if (UsersService::usersEnabled()) {
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
$res = ConfService::switchUserToActiveRepository($loggedUser, (isSet($parameters["tmp_repository_id"])?$parameters["tmp_repository_id"]:"-1"));
@@ -35,6 +35,7 @@
use Pydio\Core\Services\AuthService;
use Pydio\Core\Services\CacheService;
use Pydio\Core\Services\ConfService;
+use Pydio\Core\Services\UsersService;
use Pydio\Core\Utils\Utils;
use Pydio\Log\Core\AJXP_Logger;
use Pydio\Meta\Core\AJXP_AbstractMetaSource;
@@ -248,7 +249,11 @@ private function initRepositoryPlugins($ctx){
continue;
}
try {
- $instance->init($ctx, AuthService::filterPluginParameters($plugId, $metaSources[$plugId], $ctx));
+ $options = $metaSources[$plugId];
+ if($ctx->hasUser()) {
+ $options = $ctx->getUser()->getMergedRole()->filterPluginConfigs($plugId, $options, $repository->getId());
+ }
+ $instance->init($ctx, $options);
$instance->beforeInitMeta($ctx, $plugInstance);
} catch (\Exception $e) {
AJXP_Logger::error(__CLASS__, 'Meta plugin', 'Cannot instanciate Meta plugin, reason : '.$e->getMessage());
@@ -283,7 +288,11 @@ private function initRepositoryPlugins($ctx){
continue;
}
try {
- $instance->init($ctx, AuthService::filterPluginParameters($plugId, $metaSources[$plugId], $ctx));
+ $options = $metaSources[$plugId];
+ if($ctx->hasUser()) {
+ $options = $ctx->getUser()->getMergedRole()->filterPluginConfigs($plugId, $options, $repository->getId());
+ }
+ $instance->init($ctx, $options);
if(!method_exists($instance, "initMeta")) {
throw new \Exception("Meta Source $plugId does not implement the initMeta method.");
}
@@ -413,7 +422,7 @@ public function getFilteredXMLRegistry($extendedVersion = true, $clone = false,
}
$registry = $this->getXmlRegistry($extendedVersion);
- if(AuthService::usersEnabled()){
+ if(UsersService::usersEnabled()){
$changes = $this->filterRegistryFromRole($registry, $this->context);
if ($changes) {
$this->updateXmlRegistry($registry, $extendedVersion);
Oops, something went wrong.

0 comments on commit e3e2e1f

Please sign in to comment.