X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=include%2Fxnet%2Fsession.inc.php;h=175a031e04b31d0efcfa5cc94ae4a385dd23558f;hb=15dec88f8111e55bd73d4a6684eeaf204a9d5753;hp=1a2b769dbe24de40245ab9a624cd61650b0b356b;hpb=5ddeb07cc787dd1dc3630a31f1528f5cc7c4d9b9;p=platal.git diff --git a/include/xnet/session.inc.php b/include/xnet/session.inc.php index 1a2b769..175a031 100644 --- a/include/xnet/session.inc.php +++ b/include/xnet/session.inc.php @@ -23,7 +23,8 @@ class XnetSession { // {{{ function init - public static function init() { + public static function init() + { global $globals; S::init(); @@ -41,6 +42,28 @@ class XnetSession $url .= "&url=".urlencode($returl); $_SESSION['loginX'] = $url; } + + if (S::logged() && $globals->asso()) { + $perms = S::v('perms'); + $perms->rmFlag('groupadmin'); + $perms->rmFlag('groupmember'); + $perms->rmFlag('groupannu'); + if (may_update()) { + $perms->addFlag('groupadmin'); + $perms->addFlag('groupmember'); + $perms->addFlag('groupannu'); + } + if (is_member()) { + $perms->addFlag('groupmember'); + if ($globals->asso('pub') != 'private') { + $perms->addFlag('groupannu'); + } + } + if ($globals->asso('cat') == 'Promotions') { + $perms->addFlag('groupannu'); + } + $_SESSION['perms'] = $perms; + } } // }}} @@ -60,7 +83,7 @@ class XnetSession */ public static function doAuth() { - if (S::identified()) { // ok, c'est bon, on n'a rien à faire + if (S::identified()) { // ok, c'est bon, on n'a rien à faire return true; } @@ -81,10 +104,15 @@ class XnetSession // }}} // {{{ doAuthX - public static function doAuthX() { + public static function doAuthX() + { global $globals, $page; if (md5('1'.S::v('challenge').$globals->xnet->secret.Get::i('uid').'1') != Get::v('auth')) { + if (!$page) { + require_once 'xnet.inc.php'; + new_skinned_page('platal/index.tpl'); + } $page->kill("Erreur d'authentification avec polytechnique.org !"); } @@ -99,8 +127,12 @@ class XnetSession LIMIT 1", Get::i('uid')); $_SESSION = array_merge($_SESSION, $res->fetchOneAssoc()); $_SESSION['auth'] = AUTH_MDP; + require_once 'xorg/session.inc.php'; + $_SESSION['perms'] =& XorgSession::make_perms(S::v('perms')); S::kill('challenge'); S::kill('loginX'); + S::kill('may_update'); + S::kill('is_member'); Get::kill('auth'); Get::kill('uid'); $path = Get::v('n'); @@ -123,14 +155,15 @@ class XnetSession if (!S::has('suid')) { $_SESSION['suid'] = $_SESSION; } - $_SESSION['perms'] = 'user'; + require_once 'xorg/session.inc.php'; + $_SESSION['perms'] =& XorgSession::make_perms('user'); } // }}} // {{{ killSuid public static function killSuid() - { + { if (!S::has('suid')) { return; } @@ -170,7 +203,7 @@ function may_update($force = false, $lose = false) $res = XDB::query("SELECT perms FROM groupex.membres WHERE uid={?} AND asso_id={?}", - S::v('uid'), $globals->asso('id')); + S::v('uid'), $asso_id); $may_update[$asso_id] = ($res->fetchOneCell() == 'admin'); } return $may_update[$asso_id]; @@ -182,7 +215,7 @@ function may_update($force = false, $lose = false) /** Get membership informations for the current asso * @param force Force membership to be read from database * @param lose Force membership to be false - */ + */ function is_member($force = false, $lose = false) { if (!isset($_SESSION['is_member'])) { @@ -209,5 +242,5 @@ function is_member($force = false, $lose = false) } // }}} -// vim:set et sw=4 sts=4 sws=4 foldmethod=marker: +// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: ?>