/**
  * On s'assure que pour ces tâche ce soit bien un administrateur
  */
 public function beforeAction()
 {
     CopixAuth::getCurrentUser()->assertCredential('basic:admin');
     if (!CopixConfig::instance()->copixauth_isRegisteredCredentialHandler('auth|dbdynamiccredentialhandler')) {
         throw new CopixException(_i18n('auth.dynamicHandlerNotRegister'));
     }
 }
 /** The connect function
  * @param array $pParams
  */
 public function connect($pParams)
 {
     $arParams = array();
     foreach ($pParams->item as $item) {
         $arParams[$item->key] = $item->value;
     }
     CopixAuth::getCurrentUser()->login($arParams);
 }
 /**
  * Création de la zone de login
  */
 public function _createContent(&$toReturn)
 {
     $ppo = new CopixPPO();
     $ppo->user = CopixAuth::getCurrentUser()->isConnected() ? CopixAuth::getCurrentUser() : null;
     $ppo->auth_url_return = $this->getParam('auth_url_return', _url('#'));
     $ppo->createUser = CopixConfig::get('auth|createUser');
     $ppo->ask_remember = false;
     $toReturn = $this->_usePPO($ppo, $this->getParam('template', 'login.form.php'));
 }
 /**
  * Vérifie que l'on est bien administrateur
  *
  * @param string $actionName Nom de l'action.
  */
 public function beforeAction($actionName)
 {
     switch (strtolower($actionName)) {
         case 'done':
         case 'checkinstallframework':
             return;
         default:
             CopixAuth::getCurrentUser()->assertCredential('basic:admin');
     }
 }
 public function beforeProcess(&$action)
 {
     if (CopixConfig::get('conf_Saml_actif') != 1) {
         return;
     }
     require_once COPIX_UTILS_PATH . '../../simplesamlphp/lib/_autoload.php';
     $asId = 'iconito-sql';
     if (CopixConfig::exists('default|conf_Saml_authSource') && CopixConfig::get('default|conf_Saml_authSource')) {
         $asId = CopixConfig::get('default|conf_Saml_authSource');
     }
     $as = new SimpleSAML_Auth_Simple($asId);
     $ppo->user = _currentUser();
     if ($as->isAuthenticated() && !$ppo->user->isConnected()) {
         $attributes = $as->getAttributes();
         $uidAttribute = 'login_dbuser';
         if (CopixConfig::exists('default|conf_Saml_uidAttribute') && CopixConfig::get('default|conf_Saml_uidAttribute')) {
             $uidAttribute = CopixConfig::get('default|conf_Saml_uidAttribute');
         }
         $ppo->saml_user = null;
         if (isset($attributes[$uidAttribute]) && isset($attributes[$uidAttribute][0])) {
             $ppo->saml_user = $attributes[$uidAttribute][0];
         }
         if ($ppo->saml_user) {
             $ppo->iconito_user = Kernel::getUserInfo("LOGIN", $ppo->saml_user);
             if ($ppo->iconito_user['login']) {
                 _currentUser()->login(array('login' => $ppo->iconito_user['login'], 'assistance' => true));
                 $url_return = CopixUrl::get('kernel||doSelectHome');
                 // $url_return = CopixUrl::get ('assistance||users');
                 return new CopixActionReturn(COPIX_AR_REDIRECT, $url_return);
             } else {
                 $ppo->cas_error = 'no-iconito-user';
                 return _arPpo($ppo, 'cas.tpl');
             }
         }
     }
     if (!$as->isAuthenticated() && $ppo->user->isConnected()) {
         $ppo->user = _currentUser();
         if ($ppo->user->isConnected()) {
             CopixAuth::getCurrentUser()->logout(array());
             CopixEventNotifier::notify('logout', array('login' => CopixAuth::getCurrentUser()->getLogin()));
             CopixAuth::destroyCurrentUser();
             CopixSession::destroyNamespace('default');
         }
     }
 }
 /**
  * Ajout d'un commentaire dans la base après vérification des droits d'écriture
  * et que l'on a bien la bonne session
  */
 public function processAddComment()
 {
     //Vérifie que l'on a bien un paramètre id
     CopixRequest::assert('id');
     if (($informations = _ioClass('commentsservices')->getEnabled(_request('id'))) === false) {
         throw new Exception(_i18n('comments.error.badidsession'));
     }
     //_log ('FROMPAGE: '.$informations['fromPage']);
     //_log ('POUR ID: '._request ('id'));
     //vérifie les droits d'écriture
     if ($informations['writeCredential'] != "") {
         CopixAuth::getCurrentUser()->assertCredential($informations['writeCredential']);
     }
     //Ajout du commentaire
     $objComment = _record('comments');
     $objComment->content_comment = _request('content');
     $objComment->format_comment = 'TEXT';
     //aujourd'hui on ne supporte que le format text pour les commentaires
     $objComment->authorlogin_comment = _request('author');
     $objComment->authoremail_comment = _request('mail');
     $objComment->authorsite_comment = _request('site');
     $objComment->page_comment = $informations['id'];
     $objComment->date_comment = date('YmdHis');
     if (CopixConfig::get('comments|captcha') != 0) {
         $objComment->captcha_id = _request('captcha_id');
         $objComment->captcha_answer = _request('captcha_answer');
     }
     try {
         if (_request('preview') === null) {
             _ioDAO('comments')->insert($objComment);
             _ioClass('commentsservices')->removeEnabled($informations['id']);
             _notify('Content', array('id' => $informations['id'], 'kind' => 'comment', 'keywords' => null, 'title' => $informations['id'], 'summary' => null, 'content' => $objComment->content_comment, 'url' => $informations['fromPage']));
             return _arRedirect($informations['fromPage']);
         } else {
             _ioClass('commentsservices')->updateEnabled($objComment);
             return _arRedirect(_url($informations['fromPage'], array('preview' => 1, 'comments' => 'list')));
         }
     } catch (CopixDAOCheckException $e) {
         _ioClass('commentsservices')->updateEnabled($objComment);
         return _arRedirect(_url($informations['fromPage'], array('errors' => 1, 'comments' => 'list')));
     }
 }
/**
 * Plugin smarty type modifier
 * Purpose: test credential
 * Input: var
 * Output : CopixAuth::getCurrentUser()->testCredential (var)
 */
function smarty_modifier_testCredential($string)
{
    return CopixAuth::getCurrentUser()->testCredential($string);
}
 /**
  * Affiche le PHPInfo
  */
 public function processPHPInfo()
 {
     CopixAuth::getCurrentUser()->assertCredential('basic:admin');
     $ppo = new CopixPPO();
     $ppo->TITLE_PAGE = 'PHPInfo';
     $ppo->CopixVersion = COPIX_VERSION;
     ob_start();
     phpinfo();
     $info = ob_get_contents();
     ob_end_clean();
     $ppo->phpinfo = preg_replace('%^.*<body>(.*)</body>.*$%ms', '$1', $info);
     return _arPpo($ppo, 'phpinfo.tpl');
 }
 public function processLogout()
 {
     require_once COPIX_UTILS_PATH . '../../simplesamlphp/lib/_autoload.php';
     $asId = 'iconito-sql';
     if (CopixConfig::exists('default|conf_Saml_authSource') && CopixConfig::get('default|conf_Saml_authSource')) {
         $asId = CopixConfig::get('default|conf_Saml_authSource');
     }
     $as = new SimpleSAML_Auth_Simple($asId);
     $ppo = new CopixPPO();
     $ppo->user = _currentUser();
     if ($ppo->user->isConnected()) {
         CopixAuth::getCurrentUser()->logout(array());
         CopixEventNotifier::notify('logout', array('login' => CopixAuth::getCurrentUser()->getLogin()));
         CopixAuth::destroyCurrentUser();
         CopixSession::destroyNamespace('default');
     }
     $as->logout(_url() . 'simplesaml/saml2/idp/initSLO.php?RelayState=' . urlencode(_url('auth|saml|logout_cas')));
     // $as->logout(_url ().'simplesaml/saml2/idp/initSLO.php?RelayState='.urlencode(_url() . 'logout.php'));
 }
 public function testCredentials()
 {
     $this->assertTrue(CopixAuth::getCurrentUser()->login(array('login' => 'CopixTest', 'password' => 'CopixTestPassword')));
     try {
         $this->assertFalse(CopixAuth::getCurrentUser()->assertCredential("nodroits"));
         $this->assertTrue(false);
     } catch (Exception $e) {
         $this->assertTrue(true);
     }
 }
 /**
  * Vérifie que l'on est bien administrateur
  */
 public function beforeAction()
 {
     CopixAuth::getCurrentUser()->assertCredential('basic:admin');
 }
 /**
  * Recupère les droits de edit pour le champs $pId
  * @param $pId string le champ a tester
  */
 private function _getFieldEdit()
 {
     if ($this->getParams('getedit') !== null) {
         if (is_bool($this->getParams('getedit'))) {
             return $this->getParams('getedit');
         }
         return CopixAuth::getCurrentUser()->testCredential($this->getParams('getedit'));
     }
     return true;
 }
/**
* Alias pour CopixAuth::getCurrentUser ()
* @return CopixUser
*/
function _currentUser()
{
    return CopixAuth::getCurrentUser();
}
 public function processLogout()
 {
     include_once COPIX_UTILS_PATH . '../../CAS-1.2.2/CAS.php';
     $ppo = new CopixPPO();
     $ppo->user = _currentUser();
     if ($ppo->user->isConnected()) {
         CopixAuth::getCurrentUser()->logout(array());
         CopixEventNotifier::notify('logout', array('login' => CopixAuth::getCurrentUser()->getLogin()));
         CopixAuth::destroyCurrentUser();
         CopixSession::destroyNamespace('default');
     }
     phpCAS::setDebug();
     $conf_Cas_host = CopixConfig::get('default|conf_Cas_host');
     $conf_Cas_port = CopixConfig::get('default|conf_Cas_port');
     $conf_Cas_path = CopixConfig::get('default|conf_Cas_path');
     phpCAS::client(CAS_VERSION_2_0, $conf_Cas_host, (int) $conf_Cas_port, $conf_Cas_path, false);
     phpCAS::setNoCasServerValidation();
     phpCAS::forceAuthentication();
     phpCAS::logout();
     return _arRedirect(CopixRequest::get('auth_url_return', _url('||')));
 }
 /**
  * Fonction appelée avant l'action pour vérifier les droits
  *
  * @param string nom de l'action
  */
 public function beforeAction($actionName)
 {
     // verification si l'utilisateur est connecte
     CopixAuth::getCurrentUser()->assertCredential('basic:admin');
 }
 public function _createContent(&$toReturn)
 {
     CopixHtmlHeader::addCSSLink(_resource('styles/comments.css'));
     //Si pas d'éléments d'identifiant donné, alors on utilise l'ensemble des paramètres de la requête
     if (($id = $this->getParam('id')) == "") {
         $id = array_keys(CopixRequest::asArray());
     }
     if (($mode = $this->getParam('mode')) == "" || $mode == "request") {
         if (($mode = _request('comments')) == "") {
             $mode = "summary";
         }
     }
     if (($newUrl = $this->getParam('moreUrl')) == "") {
         $newUrl = _url('#', array('comments' => 'list'));
     }
     $tpl = new CopixTpl();
     $tpl->assign('mode', $mode);
     $tpl->assign('newUrl', $newUrl);
     // On teste si nous sommes dans l'actions de prévisualisation
     if (_request('preview') !== null) {
         $tpl->assign('preview', 1);
         $tpl->assign('previewDate', date('YmdHis'));
     }
     if (CopixAuth::getCurrentUser()->testCredential('basic:admin')) {
         $tpl->assign('isAdmin', 1);
     } else {
         $tpl->assign('isAdmin', 0);
     }
     $idComment = _ioClass('commentsservices')->getId($id);
     // On vérifie si les commentaires sont ouvert
     $tpl->assign('locked', _dao('commentslocked')->countBy(_daoSp()->addCondition('locked_page_comment', '=', $idComment)));
     if ($informations = _ioClass('commentsservices')->getEnabled($idComment)) {
         $tpl->assign('newComment', $informations['object']);
         if (_request('errors') !== null) {
             $tpl->assign('errors', _ioDAO('comments')->check($informations['object']));
         }
     }
     _ioClass('commentsservices')->addEnabled(array('fromPage' => _url('#'), 'writeCredential' => $this->getParam('credentialWrite'), 'id' => $idComment));
     $tpl->assign('idComment', $idComment);
     switch ($mode) {
         case "list":
             if ($this->getParam('credentialRead') != "") {
                 CopixAuth::getCurrentUser()->assertCredential($this->getParam('credentialRead'));
             }
             $tpl->assign('arrComments', _dao('comments')->findBy(_daoSp()->addCondition('page_comment', '=', $idComment)));
             break;
         case "summary":
             $tpl->assign('nbComments', _dao('comments')->countBy(_daoSp()->addCondition('page_comment', '=', $idComment)));
             break;
     }
     // Mise en place du captcha si besoin :
     if (CopixConfig::get('comments|captcha') != 0) {
         $arrCaptchaMax = _ioDao('commentscaptcha')->findBy(_daoSp()->orderBy(array('captcha_id', 'DESC'))->setLimit(0, 1));
         $arrCaptchaMin = _ioDao('commentscaptcha')->findBy(_daoSp()->orderBy('captcha_id')->setLimit(0, 1));
         $captcha = false;
         while (!$captcha || is_null($captcha)) {
             srand();
             $rand = rand($arrCaptchaMin[0]->captcha_id, $arrCaptchaMax[0]->captcha_id);
             $captcha = _ioDao('commentscaptcha')->get($rand);
         }
         $tpl->assign('captcha', $captcha);
     }
     $toReturn = $tpl->fetch('zone.comment.tpl');
     //_log ('URL: '._url('#'));
     //_log ('ID: ' . $idComment);
     return true;
 }
 /**
  * Ecran de connexion
  */
 public function processForm()
 {
     $ppo = new CopixPPO();
     $ppo->TITLE_PAGE = _i18n('auth.connect');
     if (CopixAuth::getCurrentUser()->isConnected()) {
         $ppo->user = CopixAuth::getCurrentUser();
         return _arRedirect(_url('kernel||getHome'));
     }
     $config = CopixConfig::instance();
     if (count($config->copixauth_getRegisteredUserHandlers()) > 1 && CopixConfig::get('auth|multipleConnectionHandler')) {
         $ppo->noCredential = true;
     }
     $ppo->auth_url_return = CopixRequest::get('auth_url_return', _url('#'));
     $ppo->failed = array();
     if (CopixRequest::getInt('noCredential', 0)) {
         $ppo->failed[] = _i18n('auth.error.noCredentials');
     }
     if (CopixRequest::getInt('failed', 0)) {
         $ppo->failed[] = _i18n('auth.error.failedLogin');
     }
     $ppo->createUser = Copixconfig::get('auth|createUser');
     $ppo->conf_Saml_actif = CopixConfig::exists('default|conf_Saml_actif') ? CopixConfig::get('default|conf_Saml_actif') : 0;
     return _arPPO($ppo, 'login.form.php');
 }
 /**
  * Saisie des informations supplémentaires si besoin
  * @param	array	$pArExtra	tableau des informations de log actuel
  * @return void
  */
 private static function _fillExtra(&$pArExtra)
 {
     $arTrace = CopixDebug::debug_backtrace(2, array(__FILE__), true);
     $trace = reset($arTrace);
     while ($trace && (isset($trace['class']) && in_array($trace['class'], array('CopixLog', 'CopixErrorHandler')) || $trace['function'] == '_log')) {
         $trace = next($arTrace);
     }
     $info = array();
     $info['file'] = !empty($trace['file']) ? $trace['file'] : '';
     $info['line'] = !empty($trace['line']) ? $trace['line'] : '';
     //$trace = next($arTrace);
     $info['classname'] = isset($trace['class']) ? $trace['class'] : '';
     $info['functionname'] = isset($trace['function']) ? $trace['function'] : '';
     $info['request_uri'] = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
     $pArExtra = array_merge($info, $pArExtra);
     //Détermine l'utilisateur si pas donné
     if (!isset($pArExtra['user'])) {
         $pArExtra['user'] = CopixAuth::getCurrentUser()->getLogin();
     }
 }
 /**
  * Supression de la session (pour éviter de femer le navigateur, c'est mieux)
  */
 public function processSessionDestroy()
 {
     CopixAuth::getCurrentUser()->assertCredential('basic:admin');
     session_destroy();
     return _arRedirect(_url(CopixRequest::get('popup') ? 'admin|session|popup' : 'admin|session|'));
 }