Example #1
0
 /**
  * Authenticates the user according to a defined ruleset.
  * @param  User $user       the user
  * @param  array  $conditions [description]
  * @return [type]             [description]
  */
 public static function authenticate($user, $conditions = array())
 {
     Log::info('Ravenly: authenticating.');
     $status = true;
     // If no user, then fail auth
     if (!$user || !Ravenly::loggedIn()) {
         $status = false;
     }
     // Get auth conditions
     $c = Config::get('ravenly::auth.conditions');
     if (is_array($c)) {
         $c = array_merge($c, $conditions);
     }
     Log::info('Ravenly: - checking conditions.');
     // Check crsid conditions
     if (array_key_exists('crsid', $c) && is_array($c['crsid'])) {
         if (!in_array($user->crsid, $c['crsid'])) {
             Log::info('Ravenly: ! failed crsid condition.');
             $status = false;
         } else {
             Log::info('Ravenly: fulfilled crsid condition.');
         }
     }
     // Check College conditions
     if (array_key_exists('collegecode', $c) && is_array($c['collegecode'])) {
         if (!in_array($user->collegecode, $c['collegecode'])) {
             Log::info('Ravenly: ! failed college condition.');
             $status = false;
         } else {
             Log::info('Ravenly: fulfilled college condition.');
         }
     }
     // Check if in the DB (if necessary)
     if (array_key_exists('force_db', $c)) {
         if (!$user->exists && $c['force_db']) {
             Log::info('Ravenly: ! failed force_db condition.');
             $status = false;
         } else {
             Log::info('Ravenly: fulfilled force_db condition.');
         }
     }
     // Check user group conditions
     if (array_key_exists('group', $c) && is_array($c['group'])) {
         if (!$user->inGroup($c['group'])) {
             Log::info('Ravenly: ! failed group condition.');
             $status = false;
         } else {
             Log::info('Ravenly: fulfilled group condition.');
         }
     }
     if ($status) {
         Log::info('Ravenly: - authentication successful.');
     } else {
         Log::info('Ravenly: - authentication failed.');
         return Response::error(403);
     }
 }
 public function check($content, $type, $additionalArgs = array(), $user = false)
 {
     if ($this->controller) {
         if (!$user) {
             $user = new User();
         }
         $wlg = $this->getWhitelistGroup();
         if ($wlg instanceof Group && $user->inGroup($wlg)) {
             // Never spam if user is in the whitelist
             return true;
         }
         /** @var \Concrete\Core\Permission\IPService $iph */
         $iph = Core::make('helper/validation/ip');
         $ip = $iph->getRequestIP();
         $args['ip_address'] = $ip === false ? '' : $ip->getIp($ip::FORMAT_IP_STRING);
         $args['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
         $args['content'] = $content;
         foreach ($additionalArgs as $key => $value) {
             $args[$key] = $value;
         }
         if (isset($args['user']) && is_object($args['user'])) {
             $u = $args['user'];
         } else {
             $u = new User();
         }
         if (!isset($args['email']) && $u->isRegistered()) {
             $ui = UserInfo::getByID($u->getUserID());
             $args['email'] = $ui->getUserEmail();
         }
         $r = $this->controller->check($args);
         if ($r) {
             return true;
         } else {
             $logText = '';
             $c = Page::getCurrentPage();
             if (is_object($c)) {
                 $logText .= t('URL: %s', Loader::helper('navigation')->getLinkToCollection($c, true));
                 $logText .= "\n";
             }
             if ($u->isRegistered()) {
                 $logText .= t('User: %s (ID %s)', $u->getUserName(), $u->getUserID());
                 $logText .= "\n";
             }
             $logText .= t('Type: %s', Loader::helper('text')->unhandle($type));
             $logText .= "\n";
             foreach ($args as $key => $value) {
                 $logText .= Loader::helper('text')->unhandle($key) . ': ' . $value . "\n";
             }
             if (Config::get('concrete.log.spam')) {
                 Log::addEntry($logText, t('spam'));
             }
             if (Config::get('concrete.spam.notify_email') != '') {
                 $mh = Loader::helper('mail');
                 $mh->to(Config::get('concrete.spam.notify_email'));
                 $mh->addParameter('content', $logText);
                 $mh->load('spam_detected');
                 $mh->sendMail();
             }
             return false;
         }
     } else {
         return true;
         // return true if it passes the test
     }
 }