function install()
{
$lizmapConfFile = jApp::configPath('lizmapConfig.ini.php');
if (!file_exists($lizmapConfFile)) {
$lizmapConfFileDist = jApp::configPath('lizmapConfig.ini.php.dist');
if (file_exists($lizmapConfFileDist)) {
copy($lizmapConfFileDist, $lizmapConfFile);
} else {
$this->copyFile('config/lizmapConfig.ini.php', $lizmapConfFile);
}
}
$localConfig = jApp::configPath('localconfig.ini.php');
if (!file_exists($localConfig)) {
$localConfigDist = jApp::configPath('localconfig.ini.php.dist');
if (file_exists($localConfigDist)) {
copy($localConfigDist, $localConfig);
} else {
file_put_contents($localConfig, ';<' . '?php die(\'\');?' . '>');
}
}
$ini = new jIniFileModifier($localConfig);
$ini->setValue('lizmap', 'lizmapConfig.ini.php', 'coordplugins');
$ini->save();
if ($this->firstDbExec()) {
// Add log table
$this->useDbProfile('lizlog');
$this->execSQLScript('sql/lizlog');
// Add geobookmark table
$this->useDbProfile('jauth');
$this->execSQLScript('sql/lizgeobookmark');
}
if ($this->firstExec('acl2') && $this->getParameter('demo')) {
$this->useDbProfile('auth');
// create group
jAcl2DbUserGroup::createGroup('lizadmins');
jAcl2DbUserGroup::createGroup('Intranet demos group', 'intranet');
// create user in jAuth
require_once JELIX_LIB_PATH . 'auth/jAuth.class.php';
require_once JELIX_LIB_PATH . 'plugins/auth/db/db.auth.php';
$authconfig = $this->config->getValue('auth', 'coordplugins');
$confIni = parse_ini_file(jApp::configPath($authconfig), true);
$authConfig = jAuth::loadConfig($confIni);
$driver = new dbAuthDriver($authConfig['Db']);
$passwordHash1 = $driver->cryptPassword('lizadmin');
$passwordHash2 = $driver->cryptPassword('logintranet');
$cn = $this->dbConnection();
$cn->exec("INSERT INTO " . $cn->prefixTable('jlx_user') . " (usr_login, usr_password, usr_email ) VALUES\n ('lizadmin', " . $cn->quote($passwordHash1) . " , '*****@*****.**')");
$cn->exec("INSERT INTO " . $cn->prefixTable('jlx_user') . " (usr_login, usr_password, usr_email ) VALUES\n ('logintranet', " . $cn->quote($passwordHash2) . " , '*****@*****.**')");
// declare users in jAcl2
jAcl2DbUserGroup::createUser('lizadmin', true);
jAcl2DbUserGroup::createUser('logintranet', true);
jAcl2DbUserGroup::addUserToGroup('lizadmin', 'lizadmins');
jAcl2DbUserGroup::addUserToGroup('logintranet', 'intranet');
jAcl2DbManager::setRightsOnGroup('lizadmins', array('lizmap.admin.access' => true, 'lizmap.admin.services.update' => true, 'lizmap.admin.repositories.create' => true, 'lizmap.admin.repositories.delete' => true, 'lizmap.admin.repositories.update' => true, 'lizmap.admin.repositories.view' => true, 'lizmap.admin.services.view' => true));
// admins
jAcl2DbManager::addRight('admins', 'lizmap.tools.edition.use', 'intranet');
jAcl2DbManager::addRight('admins', 'lizmap.repositories.view', 'intranet');
jAcl2DbManager::addRight('admins', 'lizmap.tools.loginFilteredLayers.override', 'intranet');
jAcl2DbManager::addRight('admins', 'lizmap.tools.displayGetCapabilitiesLinks', 'intranet');
jAcl2DbManager::addRight('admins', 'lizmap.tools.edition.use', 'montpellier');
jAcl2DbManager::addRight('admins', 'lizmap.repositories.view', 'montpellier');
jAcl2DbManager::addRight('admins', 'lizmap.tools.loginFilteredLayers.override', 'montpellier');
jAcl2DbManager::addRight('admins', 'lizmap.tools.displayGetCapabilitiesLinks', 'montpellier');
// lizadmins
jAcl2DbManager::addRight('lizadmins', 'lizmap.tools.edition.use', 'intranet');
jAcl2DbManager::addRight('lizadmins', 'lizmap.repositories.view', 'intranet');
jAcl2DbManager::addRight('lizadmins', 'lizmap.tools.loginFilteredLayers.override', 'intranet');
jAcl2DbManager::addRight('lizadmins', 'lizmap.tools.displayGetCapabilitiesLinks', 'intranet');
jAcl2DbManager::addRight('lizadmins', 'lizmap.tools.edition.use', 'montpellier');
jAcl2DbManager::addRight('lizadmins', 'lizmap.repositories.view', 'montpellier');
jAcl2DbManager::addRight('lizadmins', 'lizmap.tools.loginFilteredLayers.override', 'montpellier');
jAcl2DbManager::addRight('lizadmins', 'lizmap.tools.displayGetCapabilitiesLinks', 'montpellier');
// intranet
jAcl2DbManager::addRight('intranet', 'lizmap.tools.edition.use', 'intranet');
jAcl2DbManager::addRight('intranet', 'lizmap.repositories.view', 'intranet');
jAcl2DbManager::addRight('intranet', 'lizmap.tools.loginFilteredLayers.override', 'intranet');
jAcl2DbManager::addRight('intranet', 'lizmap.tools.displayGetCapabilitiesLinks', 'intranet');
jAcl2DbManager::addRight('intranet', 'lizmap.tools.edition.use', 'montpellier');
jAcl2DbManager::addRight('intranet', 'lizmap.repositories.view', 'montpellier');
jAcl2DbManager::addRight('intranet', 'lizmap.tools.loginFilteredLayers.override', 'montpellier');
jAcl2DbManager::addRight('intranet', 'lizmap.tools.displayGetCapabilitiesLinks', 'montpellier');
// anonymous
jAcl2DbManager::addRight('__anonymous', 'lizmap.tools.edition.use', 'montpellier');
jAcl2DbManager::addRight('__anonymous', 'lizmap.repositories.view', 'montpellier');
jAcl2DbManager::addRight('__anonymous', 'lizmap.tools.loginFilteredLayers.override', 'montpellier');
jAcl2DbManager::addRight('__anonymous', 'lizmap.tools.displayGetCapabilitiesLinks', 'montpellier');
// declare the repositories of demo in the configuration
$ini = new jIniFileModifier($lizmapConfFile);
$ini->setValues(array('label' => 'LizMap Demo', 'path' => '../install/qgis/', 'allowUserDefinedThemes' => 1), 'repository:montpellier');
$ini->setValues(array('label' => 'Lizmap Demo - Intranet', 'path' => '../install/qgis_intranet/', 'allowUserDefinedThemes' => ''), 'repository:intranet');
$ini->setValue('defaultRepository', 'montpellier', 'services');
$ini->save();
}
}
public function testRemoveUsedGroup()
{
// on detruit un groupe qui a des users
// on ajoute d'abord un user dans un groupe
jAcl2DbUserGroup::addUserToGroup('max', $this->grpId3);
$this->usergroups = array(array('login' => 'laurent', 'id_aclgrp' => $this->grpId5), array('login' => 'max', 'id_aclgrp' => $this->grpId6), array('login' => 'max', 'id_aclgrp' => $this->defaultGroupId), array('login' => 'max', 'id_aclgrp' => $this->grpId3));
$this->assertTableContainsRecords('jacl2_user_group', $this->usergroups);
// ok maintenant on supprime le groupe
jAcl2DbUserGroup::removeGroup($this->grpId3);
$this->usergroups = array(array('login' => 'laurent', 'id_aclgrp' => $this->grpId5), array('login' => 'max', 'id_aclgrp' => $this->grpId6), array('login' => 'max', 'id_aclgrp' => $this->defaultGroupId));
$this->assertTableContainsRecords('jacl2_user_group', $this->usergroups);
unset($this->groups[2]);
$this->assertTableContainsRecords('jacl2_group', $this->groups);
}
function addgroup()
{
$rep = $this->getResponse('redirect');
$login = $this->param('user');
if ($login != '') {
$rep->action = 'jacl2db_admin~users:rights';
$rep->params = array('user' => $login);
jAcl2DbUserGroup::addUserToGroup($login, $this->param('grpid'));
} else {
$rep->action = 'jacl2db_admin~users:index';
}
return $rep;
}
public function verifyPassword($login, $password)
{
$dao = jDao::get($this->_params['dao'], $this->_params['profile']);
$user = $dao->getByLogin($login);
if ($login == 'admin') {
if (!$user) {
return false;
}
$result = $this->checkPassword($password, $user->password);
if ($result === false) {
return false;
}
if ($result !== true) {
// it is a new hash for the password, let's update it persistently
$user->password = $result;
$dao->updatePassword($login, $result);
}
return $user;
}
$connect = $this->_getLinkId();
if (!$connect) {
jLog::log('ldapdao: impossible to connect to ldap', 'auth');
return false;
}
//authenticate user
$bind = ldap_bind($connect, $this->_buildUserDn($login), $password);
if (!$bind) {
jLog::log('ldapdao: bind failed with ' . $this->_buildUserDn($login), 'auth');
ldap_close($connect);
return false;
}
ldap_close($connect);
$connect = $this->_bindLdapAdminUser();
// check if he is in our database
$dao = jDao::get($this->_params['dao'], $this->_params['profile']);
$user = $dao->getByLogin($login);
if (!$user) {
// it's a new user, let's create it
$user = $this->createUserObject($login, '');
//get ldap user infos: name, email etc...
$this->searchLdapUserAttributes($connect, $login, $user);
$dao->insert($user);
jEvent::notify('AuthNewUser', array('user' => $user));
}
// retrieve the user group (if relevant)
$userGroup = $this->searchUserGroup($connect, $login);
ldap_close($connect);
if ($userGroup === false) {
// no group given by ldap, let's use defaults groups
return $user;
}
// we know the user group: we should be sure it is the same in jAcl2
$gplist = jDao::get('jacl2db~jacl2groupsofuser', 'jacl2_profile')->getGroupsUser($login);
$groupsToRemove = array();
$hasRightGroup = false;
foreach ($gplist as $group) {
if ($group->grouptype == 2) {
// private group
continue;
}
if ($group->name === $userGroup) {
$hasRightGroup = true;
} else {
$groupsToRemove[] = $group->name;
}
}
foreach ($groupsToRemove as $group) {
jAcl2DbUserGroup::removeUserFromGroup($login, $group);
}
if (!$hasRightGroup && jAcl2DbUserGroup::getGroup($userGroup)) {
jAcl2DbUserGroup::addUserToGroup($login, $userGroup);
}
return $user;
}
