projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge commit 'origin/master' into hruid
[platal.git] / classes / xnetsession.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class XnetSession extends XorgSession
23 {
24 public function __construct()
25 {
26 parent::__construct();
27 }
28
29 public function startAvailableAuth()
30 {
31 if (!S::logged() && Get::has('auth')) {
32 if (!$this->start(AUTH_MDP)) {
33 return false;
34 }
35 }
36
37 global $globals;
38 if (!S::logged()) {
39 // prevent connection to be linked to disconnection
40 if (($i = strpos($_SERVER['REQUEST_URI'], 'exit')) !== false)
41 $returl = "http://{$_SERVER['SERVER_NAME']}".substr($_SERVER['REQUEST_URI'], 0, $i);
42 else
43 $returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}";
44 $url = "https://www.polytechnique.org/auth-groupex";
45 $url .= "?session=" . session_id();
46 $url .= "&challenge=" . S::v('challenge');
47 $url .= "&pass=" . md5(S::v('challenge') . $globals->xnet->secret);
48 $url .= "&url=".urlencode($returl);
49 S::set('loginX', $url);
50 }
51
52 if (S::logged() && $globals->asso()) {
53 $perms = S::v('perms');
54 $perms->rmFlag('groupadmin');
55 $perms->rmFlag('groupmember');
56 $perms->rmFlag('groupannu');
57 if (may_update()) {
58 $perms->addFlag('groupadmin');
59 $perms->addFlag('groupmember');
60 $perms->addFlag('groupannu');
61 }
62 if (is_member()) {
63 $perms->addFlag('groupmember');
64 if ($globals->asso('pub') != 'private') {
65 $perms->addFlag('groupannu');
66 }
67 }
68 if ($globals->asso('cat') == 'Promotions') {
69 $perms->addFlag('groupannu');
70 }
71 S::set('perms', $perms);
72 }
73 return true;
74 }
75
76 protected function doAuth($level)
77 {
78 if (S::identified()) { // ok, c'est bon, on n'a rien à faire
79 return S::i('uid');
80 }
81 if (!Get::has('auth')) {
82 return null;
83 }
84 global $globals;
85 if (md5('1' . S::v('challenge') . $globals->xnet->secret . Get::i('uid') . '1') != Get::v('auth')) {
86 return null;
87 }
88 Get::kill('auth');
89 S::set('auth', AUTH_MDP);
90 return Get::i('uid');
91 }
92
93 protected function startSessionAs($user, $level)
94 {
95 global $globals;
96
97 if ($level == -1) {
98 S::set('auth', AUTH_MDP);
99 }
100 $res = XDB::query("SELECT u.user_id AS uid, u.hruid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
101 CONCAT(a.alias, '@{$globals->mail->domain}') AS forlife,
102 CONCAT(a2.alias, '@{$globals->mail->domain}') AS bestalias,
103 q.core_mail_fmt AS mail_fmt, q.core_rss_hash
104 FROM auth_user_md5 AS u
105 INNER JOIN auth_user_quick AS q USING(user_id)
106 INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = 'a_vie')
107 INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias', a2.flags))
108 WHERE u.user_id = {?} AND u.perms IN('admin', 'user')
109 LIMIT 1", $user);
110 $sess = $res->fetchOneAssoc();
111 $perms = $sess['perms'];
112 unset($sess['perms']);
113 $_SESSION = array_merge($_SESSION, $sess);
114 S::set('perms', User::makePerms($perms));
115 S::kill('challenge');
116 S::kill('loginX');
117 S::kill('may_update');
118 S::kill('is_member');
119 Get::kill('uid');
120 Get::kill('PHPSESSID');
121
122 $args = array();
123 foreach($_GET as $key => $val) {
124 $args[] = urlencode($key). '=' .urlencode($val);
125 }
126 return true;
127 }
128
129 public function doSelfSuid()
130 {
131 if (!$this->startSUID(S::i('uid'))) {
132 return false;
133 }
134 S::set('perms', User::makePerms('user'));
135 return true;
136 }
137
138 public function stopSUID()
139 {
140 $suid = S::v('suid');
141 if (!parent::stopSUID()) {
142 return false;
143 }
144 S::kill('suid');
145 S::kill('may_update');
146 S::kill('is_member');
147 S::set('perms', $suid['perms']);
148 return true;
149 }
150 }
151
152 // {{{ function may_update
153
154 /** Return administration rights for the current asso
155 * @param force Force administration rights to be read from database
156 * @param lose Force administration rights to be false
157 */
158 function may_update($force = false, $lose = false)
159 {
160 if (!isset($_SESSION['may_update'])) {
161 $_SESSION['may_update'] = array();
162 }
163 $may_update =& $_SESSION['may_update'];
164
165 global $globals;
166 $asso_id = $globals->asso('id');
167 if (!$asso_id) {
168 return false;
169 } elseif ($lose) {
170 $may_update[$asso_id] = false;
171 } elseif (S::has_perms() || (S::has('suid') && $force)) {
172 $may_update[$asso_id] = true;
173 } elseif (!isset($may_update[$asso_id]) || $force) {
174 $res = XDB::query("SELECT perms
175 FROM groupex.membres
176 WHERE uid={?} AND asso_id={?}",
177 S::v('uid'), $asso_id);
178 $may_update[$asso_id] = ($res->fetchOneCell() == 'admin');
179 }
180 return $may_update[$asso_id];
181 }
182
183 // }}}
184 // {{{ function is_member
185
186 /** Get membership informations for the current asso
187 * @param force Force membership to be read from database
188 * @param lose Force membership to be false
189 */
190 function is_member($force = false, $lose = false)
191 {
192 if (!isset($_SESSION['is_member'])) {
193 $_SESSION['is_member'] = array();
194 }
195 $is_member =& $_SESSION['is_member'];
196
197 global $globals;
198 $asso_id = $globals->asso('id');
199 if (!$asso_id) {
200 return false;
201 } elseif ($lose) {
202 $is_member[$asso_id] = false;
203 } elseif (S::has('suid') && $force) {
204 $is_member[$asso_id] = true;
205 } elseif (!isset($is_member[$asso_id]) || $force) {
206 $res = XDB::query("SELECT COUNT(*)
207 FROM groupex.membres
208 WHERE uid={?} AND asso_id={?}",
209 S::v('uid'), $asso_id);
210 $is_member[$asso_id] = ($res->fetchOneCell() == 1);
211 }
212 return $is_member[$asso_id];
213 }
214
215 // }}}
216 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
217 ?>
plat/al