[Fusionforge-commits] r12744 - in trunk/src: common/include packaging/install plugins/authbuiltin/common plugins/authbuiltin/www

Roland Mas lolando at fusionforge.org
Mon Mar 14 17:46:11 CET 2011


Author: lolando
Date: 2011-03-14 17:46:11 +0100 (Mon, 14 Mar 2011)
New Revision: 12744

Modified:
   trunk/src/common/include/AuthPlugin.class.php
   trunk/src/packaging/install/common
   trunk/src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php
   trunk/src/plugins/authbuiltin/www/post-login.php
Log:
Handle sufficient/required

Modified: trunk/src/common/include/AuthPlugin.class.php
===================================================================
--- trunk/src/common/include/AuthPlugin.class.php	2011-03-14 16:45:56 UTC (rev 12743)
+++ trunk/src/common/include/AuthPlugin.class.php	2011-03-14 16:46:11 UTC (rev 12744)
@@ -42,6 +42,7 @@
 		// get_extra_roles - add new roles not necessarily stored in the database
 		// restrict_roles - filter out unwanted roles
 		// close_auth_session - terminate an authentication session
+
 	}
 
 	// Hook dispatcher
@@ -86,10 +87,18 @@
 		}
 		if ($user_id) {
 			$this->saved_user = user_get_object($user_id);
-			$params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_ACCEPT;
+			if ($this->isSufficient()) {
+				$params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_ACCEPT;
+			} else {
+				$params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
+			}
 		} else {
 			$this->saved_user = NULL;
-			$params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
+			if ($this->isRequired()) {
+				$params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_REJECT;
+			} else {
+				$params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
+			}
 		}
 	}
 
@@ -130,6 +139,45 @@
 		session_cookie($this->cookie_name, '');
 	}
 
+	protected function isRequired() {
+		return forge_get_config('required', $this->name);
+	}
+
+	protected function isSufficient() {
+		return forge_get_config('sufficient', $this->name);
+	}
+
+	protected function syncDataOn($event) {
+		$configval = forge_get_config('sync_data_on', $this->name);
+		$events = array();
+
+		switch ($configval) {
+		case 'every-page':
+			$events = array('every-page','login','user-creation');
+			break;
+		case 'login':
+			$events = array('login','user-creation');
+			break;
+		case 'user-creation':
+			$events = array('user-creation');
+			break;
+		case 'never':
+			$events = array();
+			break;
+		}
+		
+		return in_array($event, $events);
+	}
+
+	protected function declareConfigVars() {
+		forge_define_config_item ('required', $this->name, 'yes');
+		forge_set_config_item_bool ('required', $this->name) ;
+
+		forge_define_config_item ('sufficient', $this->name, 'yes');
+		forge_set_config_item_bool ('sufficient', $this->name) ;
+
+		forge_define_config_item ('sync_data_on', $this->name, 'never');
+	}
 }
 
 // Local Variables:

Modified: trunk/src/packaging/install/common
===================================================================
--- trunk/src/packaging/install/common	2011-03-14 16:45:56 UTC (rev 12743)
+++ trunk/src/packaging/install/common	2011-03-14 16:46:11 UTC (rev 12744)
@@ -26,4 +26,4 @@
 #
 plugins/authbuiltin/common          usr/share/@OLDPACKAGE@/plugins/authbuiltin/
 plugins/authbuiltin/www             usr/share/@OLDPACKAGE@/plugins/authbuiltin/
-plugins/authbuiltin/etc/*.ini 	    etc/@OLDPACKAGE@/config.ini.d/
+plugins/authbuiltin/etc/*.ini 	    etc/@PACKAGE@/config.ini.d/

Modified: trunk/src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php
===================================================================
--- trunk/src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php	2011-03-14 16:45:56 UTC (rev 12743)
+++ trunk/src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php	2011-03-14 16:46:11 UTC (rev 12744)
@@ -29,8 +29,10 @@
 	 */	
 	function AuthBuiltinPlugin() {
 		$this->AuthPlugin();
+
 		$this->name = 'authbuiltin';
 		$this->text = 'Built-in authentication';
+
 		$this->_addHook('check_auth_session');
 		$this->_addHook('fetch_authenticated_user');
 		$this->_addHook('display_auth_form');
@@ -39,9 +41,14 @@
 		// get_extra_roles - add new roles not necessarily stored in the database
 		// restrict_roles - filter out unwanted roles
 		$this->_addHook('close_auth_session');
+
+		$this->declareConfigVars();
 	}
 
 	function displayAuthForm($params) {
+		if (!$this->isRequired() && !$this->isSufficient()) {
+			return true;
+		}
 		$return_to = $params['return_to'];
 		$loginname = '';
 
@@ -64,11 +71,17 @@
 	}
 
 	function login($user) {
+		if (!$this->isRequired() && !$this->isSufficient()) {
+			return true;
+		}
 		$this->saved_user = $user;
 		$this->setSessionCookie();
 	}
 
 	function logout() {
+		if (!$this->isRequired() && !$this->isSufficient()) {
+			return true;
+		}
 		$this->unsetSessionCookie();
 	}
 }

Modified: trunk/src/plugins/authbuiltin/www/post-login.php
===================================================================
--- trunk/src/plugins/authbuiltin/www/post-login.php	2011-03-14 16:45:56 UTC (rev 12743)
+++ trunk/src/plugins/authbuiltin/www/post-login.php	2011-03-14 16:46:11 UTC (rev 12744)
@@ -74,8 +74,9 @@
 	}
 	$success = session_check_credentials_in_database(strtolower($form_loginname),$form_pw,false);
 	if ($success) {
-		error_log ('Login form passed OK');
-		$plugin->login(user_get_object_by_name($form_loginname));
+		if ($plugin->isSufficient()) {
+			$plugin->login(user_get_object_by_name($form_loginname));
+		}
 		if ($return_to) {
 			header ("Location: " . util_make_url($return_to));
 			exit;




More information about the Fusionforge-commits mailing list