3 require_once dirname(__FILE__
) . '/../../inc/core/class.dc.auth.php';
5 class xorgAuth
extends dcAuth
{
6 private $forceSU = false
;
8 public $xorg_infos = array('forlife' => null
,
12 public function __construct(&$core) {
13 parent
::__construct($core);
16 private function buildFromSession() {
18 if (!isset($core) ||
!isset($core->session
)) {
21 $core->session
->start();
22 if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos
['forlife'])) {
23 foreach ($this->xorg_infos
as $key => $val) {
24 $this->xorg_infos
[$key] = $_SESSION['auth-xorg-' . $key];
26 $this->user_id
= $_SESSION['auth-xorg'];
30 public function checkUser($user_id, $pwd = null
, $user_key = null
) {
31 return $this->callXorg() && $user_id == $this->user_id
;
32 // echo "checking auth for " . $user_id;
33 // return parent::checkUser($user_id, $pwd, $user_key);
36 public function check($permissions, $blog_id) {
37 $this->buildFromSession();
39 // echo "Checking right to view $permissions on $blog_id";
40 // return parent::check($permissions, $blog_id);
43 public function callXorg($path = null
) {
45 $path = $_SERVER['REQUEST_URI'];
47 $this->buildFromSession();
48 if (@$_SESSION['auth-xorg']) {
51 $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
52 $url = "https://www.polytechnique.org/auth-groupex/utf8";
53 $url .= "?session=" . session_id();
54 $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
55 $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY
);
56 $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $path);
57 session_write_close();
58 header("Location: $url");
62 private function acquireAdminRights() {
63 $this->forceSU
= true
;
66 private function releaseAdminRights() {
67 $this->forceSU
= false
;
70 private function createUser() {
72 $this->acquireAdminRights();
73 if (!$core->userExists($_SESSION['auth-xorg'])) {
74 $cur = new cursor($this->con
, 'dc_user');
75 $cur->user_id
= $_SESSION['auth-xorg'];
76 $cur->user_pwd
= md5(rand());
77 $cur->user_lang
= 'fr';
78 $cur->user_name
= $_SESSION['auth-xorg-nom'];
79 $cur->user_firstname
= $_SESSION['auth-xorg-prenom'];
80 $cur->user_email
= $_SESSION['auth-xorg'] . '@polytechnique.org';
81 $cur->user_options
= $core->userDefaults();
82 $cur->user_default_blog
= 'default'; // FIXME
84 $core->setUserBlogPermissions($_SESSION['auth-xorg'], 'default', array('usage' => true
,
85 'contentadmin' => true
,
88 $this->releaseAdminRights();
91 public function returnXorg() {
92 if (!isset($_GET['auth'])) {
97 $core->session
->start();
98 foreach($this->xorg_infos
as $key => $val) {
99 if(!isset($_GET[$key])) {
102 $_SESSION['auth-xorg-' . $key] = $_GET[$key];
103 $params .= $_GET[$key];
105 if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY
. $params . '1') == $_GET['auth']) {
106 unset($_GET['auth']);
107 $_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
108 $_SESSION['sess_browser_uid'] = http
::browserUID(DC_MASTER_KEY
);
109 $_SESSION['sess_blog_id'] = 'default';
111 header("Location: http://murphy.m4x.org" . $_GET['path']);
114 unset($_SESSION['auth-xorg']);
115 unset($_SESSION['sess_user_id']);
116 unset($_GET['auth']);
121 public function killSession() {
123 $core->session
->start();
124 $core->session
->destroy();
125 header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
129 public function allowPassChange() {
133 public function userID() {
134 $this->buildFromSession();
135 return $this->user_id
;
138 public function getPermissions() {
139 return array('default' => array('name' => 'My first blog',
140 'url' => 'http://murphy.m4x.org/~x2003bruneau/dotclear/',
141 'permissions' => array('usage' => true
,
142 'contentadmin' => true
,
146 public function getInfo($n) {
150 case 'user_default_blog':
152 case 'user_post_status':
157 return $this->xorg_infos
['nom'];
158 case 'user_firstname':
159 return $this->xorg_infos
['prenom'];
160 case 'user_displayname':
161 return $this->xorg_infos
['prenom'] . ' ' . $this->xorg_infos
['nom'];
163 return $this->user_id
. '@polytechnique.org';
171 public function getOption($n) {
172 $options = $this->getOptions();
173 if (isset($options[$n])) {
180 public function isSuperAdmin() {
181 return $this->forceSU ||
($this->user_id
== 'florent.bruneau.2003');
184 public function getOptions() {
185 return array('edit_size' => 24,
186 'enable_wysiwyg' => true
,
187 'post_format' => 'wiki');