X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fxnetsession.php;h=068e6b28c3094205f69995790341a1ea584705ed;hb=cef8ceb20d800a21aa438fd40341793131eb092c;hp=4a96f12580a30af0b96c61d6b0e6620f678216df;hpb=f497128a7c26c25a64e05453ea479520149e2cb7;p=platal.git diff --git a/classes/xnetsession.php b/classes/xnetsession.php index 4a96f12..068e6b2 100644 --- a/classes/xnetsession.php +++ b/classes/xnetsession.php @@ -19,7 +19,7 @@ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * ***************************************************************************/ -class XnetSession extends PlSession +class XnetSession extends XorgSession { public function __construct() { @@ -92,24 +92,20 @@ class XnetSession extends PlSession protected function startSessionAs($user, $level) { - global $globals; - if ($level == -1) { S::set('auth', AUTH_MDP); } - $res = XDB::query('SELECT u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET(\'femme\', u.flags) AS femme, - a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, q.core_rss_hash + $res = XDB::query("SELECT u.user_id AS uid, u.hruid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme, + q.core_mail_fmt AS mail_fmt, q.core_rss_hash FROM auth_user_md5 AS u INNER JOIN auth_user_quick AS q USING(user_id) - INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = \'a_vie\') - INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET(\'bestalias\', a2.flags)) - WHERE u.user_id = {?} AND u.perms IN(\'admin\', \'user\') - LIMIT 1', $user); + WHERE u.user_id = {?} AND u.perms IN('admin', 'user') + LIMIT 1", $user); $sess = $res->fetchOneAssoc(); $perms = $sess['perms']; unset($sess['perms']); $_SESSION = array_merge($_SESSION, $sess); - $this->makePerms($perms); + S::set('perms', User::makePerms($perms)); S::kill('challenge'); S::kill('loginX'); S::kill('may_update'); @@ -124,38 +120,12 @@ class XnetSession extends PlSession return true; } - public function tokenAuth($login, $token) - { - // FIXME: we broke the session here because some RSS feeds (mainly wiki feeds) require - // a valid nome and checks the permissions. When the PlUser object will be ready, we'll - // be able to return a simple 'PlUser' object here without trying to alterate the - // session. - $res = XDB::query('SELECT u.user_id AS uid, u.perms, u.nom, u.nom_usage, u.prenom, u.promo, FIND_IN_SET(\'femme\', u.flags) AS sexe - FROM aliases AS a - INNER JOIN auth_user_md5 AS u ON (a.id = u.user_id AND u.perms IN ("admin", "user")) - INNER JOIN auth_user_quick AS q ON (a.id = q.user_id AND q.core_rss_hash = {?}) - WHERE a.alias = {?} AND a.type != "homonyme"', $token, $login); - if ($res->numRows() == 1) { - $sess = $res->fetchOneAssoc(); - if (!S::has('uid')) { - $_SESSION = $sess; - $this->makePerms($sess['perms']); - return S::i('uid'); - } else if (S::i('uid') == $sess['uid']) { - return S::i('uid'); - } else { - Platal::page()->kill('Invalid state. To be fixed when hruid is ready'); - } - } - return null; - } - public function doSelfSuid() { if (!$this->startSUID(S::i('uid'))) { return false; } - $this->makePerms('user'); + S::set('perms', User::makePerms('user')); return true; } @@ -171,30 +141,6 @@ class XnetSession extends PlSession S::set('perms', $suid['perms']); return true; } - - public function makePerms($perm) - { - $flags = new PlFlagSet(); - if ($perm == 'disabled' || $perm == 'ext') { - S::set('perms', $flags); - return; - } - $flags->addFlag(PERMS_USER); - if ($perm == 'admin') { - $flags->addFlag(PERMS_ADMIN); - } - S::set('perms', $flags); - } - - public function loggedLevel() - { - return AUTH_COOKIE; - } - - public function sureLevel() - { - return AUTH_MDP; - } } // {{{ function may_update