Remove 'user' perm from X.net accounts.

[platal.git] / classes / xnetsession.php

diff --git a/classes/xnetsession.php b/classes/xnetsession.php
index 765ad5e..c1c284b 100644 (file)
--- a/classes/xnetsession.php
+++ b/classes/xnetsession.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2011 Polytechnique.org                              *
+ *  Copyright (C) 2003-2014 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -29,26 +29,7 @@ class XnetSession extends XorgSession
     public function startAvailableAuth()
     {
         if (!S::logged() && Get::has('auth')) {
-            if (!$this->start(AUTH_MDP)) {
-                return false;
-            }
-        }
-
-        if (!S::logged() && Post::has('auth_type') && Post::v('auth_type') == 'xnet' && !Post::has('wait')) {
-            $type = XDB::fetchOneCell('SELECT  type
-                                         FROM  accounts
-                                        WHERE  hruid = {?}',
-                                      Post::v('username'));
-            if (!is_null($type) && $type != 'xnet') {
-                Platal::page()->trigErrorRedirect('Ce formulaire d\'authentification est réservé aux extérieurs à la communauté polytechnicienne.', '');
-            }
-
-            $user = parent::doAuth(AUTH_MDP);
-            if (is_null($user)) {
-                return false;
-            }
-            if (!parent::checkAuth(AUTH_MDP) || !parent::startSessionAs($user, AUTH_MDP)) {
-                $this->destroy();
+            if (!$this->start(AUTH_PASSWD)) {
                 return false;
             }
         }
@@ -96,7 +77,7 @@ class XnetSession extends XorgSession
 
     protected function doAuth($level)
     {
-        if (S::identified()) { // ok, c'est bon, on n'a rien à faire
+        if (S::identified()) { // Nothing to do there
             return User::getSilentWithValues(null, array('uid' => S::i('uid')));
         }
         if (!Get::has('auth')) {
@@ -107,7 +88,7 @@ class XnetSession extends XorgSession
             return null;
         }
         Get::kill('auth');
-        S::set('auth', AUTH_MDP);
+        S::set('auth', AUTH_PASSWD);
         return User::getSilentWithValues(null, array('uid' => Get::i('uid')));
     }
 
@@ -117,8 +98,9 @@ class XnetSession extends XorgSession
         if (!$user->checkPerms('groups')) {
             return false;
         }
+
         if ($level == AUTH_SUID) {
-            S::set('auth', AUTH_MDP);
+            S::set('auth', AUTH_PASSWD);
         }
 
         S::set('uid', $user->uid);
@@ -133,7 +115,7 @@ class XnetSession extends XorgSession
         S::set('perms', $user->perms);
         S::set('is_admin', $user->is_admin);
 
-
+        // Add the 'user' perms to the user.
         $this->makePerms($user->perms, $user->is_admin);
         S::kill('challenge');
         S::kill('loginX');
@@ -155,7 +137,7 @@ class XnetSession extends XorgSession
         if (!$this->startSUID($user)) {
             return false;
         }
-        S::set('perms', User::makePerms(PERMS_USER));
+        S::set('perms', User::makePerms("groups"));
         return true;
     }
 
@@ -236,5 +218,5 @@ function is_member($force = false, $lose = false)
 }
 
 // }}}
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
 ?>