projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
FS#28 - step 1: more flexible member list visibility on Xnet
[platal.git] / include / xnet / session.inc.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2007 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class XnetSession
23 {
24 // {{{ function init
25
26 public static function init()
27 {
28 global $globals;
29
30 S::init();
31
32 if (!S::logged()) {
33 // prevent connexion to be linked to deconnexion
34 if (($i = strpos($_SERVER['REQUEST_URI'], 'exit')) !== false)
35 $returl = "http://{$_SERVER['SERVER_NAME']}".substr($_SERVER['REQUEST_URI'], 0, $i);
36 else
37 $returl = "http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}";
38 $url = "https://www.polytechnique.org/auth-groupex.php";
39 $url .= "?session=" . session_id();
40 $url .= "&challenge=" . S::v('challenge');
41 $url .= "&pass=" . md5(S::v('challenge') . $globals->xnet->secret);
42 $url .= "&url=".urlencode($returl);
43 $_SESSION['loginX'] = $url;
44 }
45
46 if (S::logged() && $globals->asso()) {
47 $perms = S::v('perms');
48 $perms->rmFlag('groupadmin');
49 $perms->rmFlag('groupmember');
50 $perms->rmFlag('groupannu');
51 if (may_update()) {
52 $perms->addFlag('groupadmin');
53 $perms->addFlag('groupmember');
54 $perms->addFlag('groupannu');
55 }
56 if (is_member()) {
57 $perms->addFlag('groupmember');
58 if ($globals->asso('pub') != 'private') {
59 $perms->addFlag('groupannu');
60 }
61 }
62 if ($globals->asso('cat') == 'Promotions') {
63 $perms->addFlag('groupannu');
64 }
65 $_SESSION['perms'] = $perms;
66 }
67 }
68
69 // }}}
70 // {{{ public static function destroy()
71
72 public static function destroy() {
73 S::destroy();
74 XnetSession::init();
75 }
76
77 // }}}
78 // {{{ public static function doAuth()
79
80 /** Try to do an authentication.
81 *
82 * @param page the calling page (by reference)
83 */
84 public static function doAuth()
85 {
86 if (S::identified()) { // ok, c'est bon, on n'a rien à faire
87 return true;
88 }
89
90 if (Get::has('auth')) {
91 return XnetSession::doAuthX();
92 }
93
94 return false;
95 }
96
97 // }}}
98 // {{{ doAuthCookie
99
100 public static function doAuthCookie() {
101 return XnetSession::doAuth();
102 }
103
104 // }}}
105 // {{{ doAuthX
106
107 public static function doAuthX()
108 {
109 global $globals, $page;
110
111 if (md5('1'.S::v('challenge').$globals->xnet->secret.Get::i('uid').'1') != Get::v('auth')) {
112 $page->kill("Erreur d'authentification avec polytechnique.org !");
113 }
114
115 $res = XDB::query("
116 SELECT u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
117 a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, q.core_rss_hash
118 FROM auth_user_md5 AS u
119 INNER JOIN auth_user_quick AS q USING(user_id)
120 INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type='a_vie')
121 INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias',a2.flags))
122 WHERE u.user_id = {?} AND u.perms IN('admin','user')
123 LIMIT 1", Get::i('uid'));
124 $_SESSION = array_merge($_SESSION, $res->fetchOneAssoc());
125 $_SESSION['auth'] = AUTH_MDP;
126 require_once 'xorg/session.inc.php';
127 $_SESSION['perms'] =& XorgSession::make_perms(S::v('perms'));
128 S::kill('challenge');
129 S::kill('loginX');
130 S::kill('may_update');
131 S::kill('is_member');
132 Get::kill('auth');
133 Get::kill('uid');
134 $path = Get::v('n');
135 Get::kill('n');
136 Get::kill('PHPSESSID');
137
138 $args = array();
139 foreach($_GET as $key => $val) {
140 $args[] = urlencode($key).'='.urlencode($val);
141 }
142
143 http_redirect($globals->baseurl . '/' . $path, join('&', $args));
144 }
145
146 // }}}
147 // {{{ doSelfSuid
148
149 public static function doSelfSuid()
150 {
151 if (!S::has('suid')) {
152 $_SESSION['suid'] = $_SESSION;
153 }
154 require_once 'xorg/session.inc.php';
155 $_SESSION['perms'] =& XorgSession::make_perms('user');
156 }
157
158 // }}}
159 // {{{ killSuid
160
161 public static function killSuid()
162 {
163 if (!S::has('suid')) {
164 return;
165 }
166 $suid = S::v('suid');
167 S::kill('suid');
168 S::kill('may_update');
169 S::kill('is_member');
170 $_SESSION['perms'] = $suid['perms'];
171 }
172
173 // }}}
174 }
175
176 // }}}
177 // {{{ function may_update
178
179 /** Return administration rights for the current asso
180 * @param force Force administration rights to be read from database
181 * @param lose Force administration rights to be false
182 */
183 function may_update($force = false, $lose = false)
184 {
185 if (!isset($_SESSION['may_update'])) {
186 $_SESSION['may_update'] = array();
187 }
188 $may_update =& $_SESSION['may_update'];
189
190 global $globals;
191 $asso_id = $globals->asso('id');
192 if (!$asso_id) {
193 return false;
194 } elseif ($lose) {
195 $may_update[$asso_id] = false;
196 } elseif (S::has_perms() || (S::has('suid') && $force)) {
197 $may_update[$asso_id] = true;
198 } elseif (!isset($may_update[$asso_id]) || $force) {
199 $res = XDB::query("SELECT perms
200 FROM groupex.membres
201 WHERE uid={?} AND asso_id={?}",
202 S::v('uid'), $asso_id);
203 $may_update[$asso_id] = ($res->fetchOneCell() == 'admin');
204 }
205 return $may_update[$asso_id];
206 }
207
208 // }}}
209 // {{{ function is_member
210
211 /** Get membership informations for the current asso
212 * @param force Force membership to be read from database
213 * @param lose Force membership to be false
214 */
215 function is_member($force = false, $lose = false)
216 {
217 if (!isset($_SESSION['is_member'])) {
218 $_SESSION['is_member'] = array();
219 }
220 $is_member =& $_SESSION['is_member'];
221
222 global $globals;
223 $asso_id = $globals->asso('id');
224 if (!$asso_id) {
225 return false;
226 } elseif ($lose) {
227 $is_member[$asso_id] = false;
228 } elseif (S::has('suid') && $force) {
229 $is_member[$asso_id] = true;
230 } elseif (!isset($is_member[$asso_id]) || $force) {
231 $res = XDB::query("SELECT COUNT(*)
232 FROM groupex.membres
233 WHERE uid={?} AND asso_id={?}",
234 S::v('uid'), $asso_id);
235 $is_member[$asso_id] = ($res->fetchOneCell() == 1);
236 }
237 return $is_member[$asso_id];
238 }
239
240 // }}}
241 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
242 ?>
plat/al