'; $HTMLHeaderFmt['xorgcustomauth'] = ''; Markup('[[~|','<[[~','/\\[\\[~(.*?)\|(.*?)\\]\\]/e',"Keep('$2')"); Markup('xorgpage','inline','/\\(:xorgpage\\s*(.*?):\\)/e', "Keep('')"); Markup('xnetpage','inline','/\\(:xnetpage\\s*(.*?):\\)/e', "XnetPage('$1')"); function XnetPage($page) { global $XnetWikiGroup; if (!$XnetWikiGroup) return; return Keep(''); } // Récupère les droits au niveau du dossier (Group PmWiki) function XorgAuthGetGroupAuth($pagename,$since) { global $GroupPasswords; if (!isset($GroupPasswords)) { $GroupPasswords = array(); } $group = substr($pagename, 0, strpos($pagename, '.')); if (!isset($GroupPasswords[$group])) { $GroupPasswords[$group] = ReadPage($group.'.GroupAttributes', $since); } return $GroupPasswords[$group]; } // essaie de se connecter via xorg function XorgAuthConnectPlatal() { $privkey = '6e9c9fa9bac23541fe67697c4eff5be6'; global $XnetWikiGroup; $returl = 'http://'.$_SERVER['SERVER_NAME'].str_replace('action=connect', '', $_SERVER['REQUEST_URI']); if (isset($_REQUEST['oldaction'])) { $returl .= '&action='.$_REQUEST['oldaction']; } @session_destroy(); session_start(); $challenge = md5(rand()); $_SESSION['challenge'] = $challenge; $_SESSION['authsite'] = $XnetWikiGroup; $url = "https://www.polytechnique.org/auth-groupex.php"; $url .= "?session=".session_id(); $url .= "&challenge=".$challenge; $url .= "&pass=".md5($challenge.$privkey); $returl .= "&challenge=".$challenge; $url .= "&url=".urlencode($returl); if ($XnetWikiGroup) { $url .= "&group=".$XnetWikiGroup; } header('Location: '.$url); exit(); } // comes back from auth @session_start(); if (isset($_GET['auth']) && !$_SESSION['xorgauth'] && $_SESSION['challenge']) { $tohash = '1'.$_SESSION['challenge'].'6e9c9fa9bac23541fe67697c4eff5be6'; $fields = explode(',','forlife,nom,prenom,promo,grpauth,perms'); foreach ($fields as $f) if (isset($_GET[$f])) { $tohash .= $_GET[$f]; } $tohash .= '1'; if ($_GET['auth'] == md5($tohash)) { $_SESSION['xorgauth'] = 1; foreach ($fields as $f) if (isset($_GET[$f])) { $_SESSION[$f] = $_GET[$f]; } } else { $_SESSION['xorgauth'] = 0; } } if (isset($_SESSION['forlife']) && $_SESSION['forlife']) { $AuthId = $_SESSION['forlife']; $Author = $_SESSION['forlife'].' | '.$_SESSION['prenom'].' '.$_SESSION['nom']; } $Conditions['connected'] = 'isset($_SESSION["xorgauth"])'; function XorgAuthTestPassword($password) { if (!$password) { return true; } if ($_SESSION['perms'] == 'admin') { // administrateur du site d'authentification et donc super user ici aussi return true; } $parts = explode(' ',$password); foreach ($parts as $pass) { if ($pass == 'all' || $pass == 'public') { return true; } if ($pass == 'x' && $_SESSION['xorgauth']) { return true; } if ($_SESSION['grpauth'] && $pass == $_SESSION['grpauth']) { return true; } if ($_SESSION['forlife'] && $pass == $_SESSION['forlife']) { return true; } if ($_SESSION['promo'] && $pass == $_SESSION['promo']) { return true; } } return false; } // test if user has admin rights on this wiki field function XorgAuthIsSiteAdmin() { global $DefaultPasswords; return XorgAuthTestPassword($DefaultPasswords['admin']); } // fonction d'authentification : appellée avant tout accès à une page function XorgAuth($pagename, $level, $authprompt, $since) { global $XnetWikiGroup; // user was authenticaed to another site, but the site has changed if (isset($_SESSION['authsite']) && $XnetWikiGroup != $_SESSION['authsite']) { XorgAuthConnectPlatal(); return false; } $group = substr($pagename, 0, strpos($pagename, '.')); $page = ReadPage($pagename, $since); if (!$page) { return false; } if (XorgAuthIsSiteAdmin()) { return $page; } global $AuthCascade, $DefaultPasswords, $GroupPasswords; $password = ""; do { if (isset($page["passwd".$level])) { $password = $page["passwd".$level]; } if (!$password) { $gpAuth = XorgAuthGetGroupAuth($pagename,$since); if (isset($gpAuth["passwd".$level])) { $password = $gpAuth["passwd".$level]; } } if (!$password) { if (isset($DefaultPasswords[$level])) { $password = $DefaultPasswords[$level]; } } } while (!$password && isset($AuthCascade[$level]) && $level = $AuthCascade[$level]); if (XorgAuthTestPassword($password)) { return $page; } if (!$authprompt) { return false; } global $AuthPromptFmt, $PageStartFmt, $PageEndFmt; $postvars = ''; foreach($_POST as $k=>$v) { if ($k == 'authpw' || $k == 'authid') continue; $v = str_replace('$', '$', htmlspecialchars(stripmagic($v), ENT_COMPAT)); $postvars .= "\n"; } $FmtV['action'] = $_REQUEST['action']; SDV($AuthPromptFmt, array(&$PageStartFmt, "page:Site.AuthForm", &$PageEndFmt)); PrintFmt($pagename,$AuthPromptFmt); exit; } $XorgAuthLevels = array('read' => 'lecture','edit' => 'modification','attr' => 'administration'); function XorgAuthUsers() { global $XnetWikiGroup; if ($XnetWikiGroup) { return array('public' => 'tout le monde','x' => 'les X', 'membre' => 'membres du groupe', 'admin' => 'admins du groupe'); } else { return array('public' => 'tout le monde','x' => 'les X', 'admin' => 'admins X.org'); } } function XorgAuthPermissions($pagename) { global $XnetWikiGroup,$DefaultPasswords,$XorgAuthLevels; $XorgAuthUsers = XorgAuthUsers(); $group = substr($pagename, 0, strpos($pagename, '.')); if ($pagename != $group.'.GroupAttributes') $groupAttr = XorgAuthGetGroupAuth($pagename, 0); $page = ReadPage($pagename, 0); $attrshtml = ''; foreach ($XorgAuthLevels as $level => $action) { $html = $action.' : '; if ($attrshtml) { $attrshtml .= ' - '; } $attrshtml .= $html; } return '
'.$attrshtml.'
'; } function XorgAuthHandleAttr($pagename, $auth = 'attr') { $page = RetrieveAuthPage($pagename, $auth, true); global $PageAttrFmt, $PageStartFmt, $PageEndFmt; SDV($PageAttrFmt,"

$[{\$FullName} Attributes]

".XorgAuthPermissions($pagename)."

"); SDV($HandleAttrFmt,array(&$PageStartFmt,&$PageAttrFmt,&$PageEndFmt)); PrintFmt($pagename,$HandleAttrFmt); } function XorgAuthHandlePostAttr($pagename, $auth = 'attr') { global $XorgAuthLevels, $HandleActions; Lock(2); $page = RetrieveAuthPage($pagename, $auth, true); if (!$page) { Abort("?unable to read $pagename"); } foreach($XorgAuthLevels as $attr=>$p) { $v = stripmagic(@$_REQUEST['passwd'.$attr]); if ($v=='') unset($page['passwd'.$attr]); else if ($v != '...') $page['passwd'.$attr] = $v; } WritePage($pagename,$page); Lock(0); Redirect($pagename); } function XorgAuthGroupAttributes() { global $XnetWikiGroup,$DefaultPasswords,$XorgAuthLevels; $XorgAuthUsers = XorgAuthUsers(); global $pagename, $WikiDir; if (substr($pagename, strpos($pagename, '.') + 1) != 'GroupAttributes') { return ""; } if (!XorgAuth($pagename, 'attr', true,0)) { return ""; } if (isset($_REQUEST['page']) && isset($_REQUEST['user']) && isset($_REQUEST['attr'])) { Lock(2); $page = RetrieveAuthPage(stripmagic(@$_REQUEST['page']), 'attr', true); if ($page && isset($XorgAuthLevels[stripmagic(@$_REQUEST['attr'])]) && (isset($XorgAuthUsers[stripmagic(@$_REQUEST['user'])]) || !$_REQUEST['user'])) { $page['passwd'.stripmagic(@$_REQUEST['attr'])] = stripmagic(@$_REQUEST['user']); if ($_REQUEST['user'] == "") { unset($page['passwd'.stripmagic(@$_REQUEST['attr'])]); } WritePage(stripmagic(@$_REQUEST['page']),$page); } Lock(0); } $html = ''; $html .= ''; foreach ($XorgAuthLevels as $level => $action) { $html .= ''; } $html .= ''; $group = substr($pagename, 0, strpos($pagename, '.')); $pages = $WikiDir->ls($group.'.*'); $groupAttr = XorgAuthGetGroupAuth($pagename, 0); foreach($pages as $p) if ($p != $pagename) { $html .= ''; $page = ReadPage($p, 0); $html .= ''; foreach ($XorgAuthLevels as $level => $action) { $html .= ''; } $html .= ''; } $html .= '
'.$action.'
'.substr($p,strpos($p,'.')+1).'
'; return '

Edition des droits du dossier

'.XorgAuthPermissions($pagename).'

Edition des droits des pages du dossier

'.$html; } ?>