Ejemplo n.º 1
0
 function userUsernameToLdapNameTransform($drupal_username, &$watchdog_tokens)
 {
     if ($this->ldapToDrupalUserPhp && module_exists('php')) {
         global $name;
         $old_name_value = $name;
         $name = $drupal_username;
         $code = "<?php global \$name; \n" . $this->ldapToDrupalUserPhp . "; \n ?>";
         $watchdog_tokens['%code'] = $this->ldapToDrupalUserPhp;
         $code_result = php_eval($code);
         $watchdog_tokens['%code_result'] = $code_result;
         $ldap_username = $code_result;
         $watchdog_tokens['%ldap_username'] = $ldap_username;
         $name = $old_name_value;
         // important because of global scope of $name
         if ($this->detailedWatchdogLog) {
             watchdog('ldap_server', '%drupal_user_name tansformed to %ldap_username by applying code <code>%code</code>', $watchdog_tokens, WATCHDOG_DEBUG);
         }
     } else {
         $ldap_username = $drupal_username;
     }
     return $ldap_username;
 }
Ejemplo n.º 2
0
 /**
  * decide if a username is excluded or not
  *
  * @param string $name as proposed drupal username
  * @param array $ldap_user where top level keys are 'dn','attr','mail'
  * @return boolean FALSE means NOT allow; TRUE means allow
  *
  * @todo.  this function should simply invoke hook_ldap_authentication_allowuser_results_alter
  *   and most of this function should go in ldap_authentication_allowuser_results_alter
  */
 public function allowUser($name, $ldap_user)
 {
     /**
      * do one of the exclude attribute pairs match
      */
     $ldap_user_conf = ldap_user_conf();
     // if user does not already exists and deferring to user settings AND user settings only allow
     $user_register = variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL);
     foreach ($this->excludeIfTextInDn as $test) {
         if (stripos($ldap_user['dn'], $test) !== FALSE) {
             return FALSE;
             //  if a match, return FALSE;
         }
     }
     /**
      * evaluate php if it exists
      */
     if ($this->allowTestPhp) {
         if (module_exists('php')) {
             global $_name, $_ldap_user_entry;
             $_name = $name;
             $_ldap_user_entry = $ldap_user;
             $code = '<?php ' . "global \$_name; \n  global \$_ldap_user_entry; \n" . $this->allowTestPhp . ' ?>';
             $code_result = php_eval($code);
             $_name = NULL;
             $_ldap_user_entry = NULL;
             if ((bool) $code_result == FALSE) {
                 return FALSE;
             }
         } else {
             drupal_set_message(t(LDAP_AUTHENTICATION_DISABLED_FOR_BAD_CONF_MSG), 'warning');
             $tokens = array('!ldap_authentication_config' => l(t('LDAP Authentication Configuration'), 'admin/config/people/ldap/authentication'));
             watchdog('ldap_authentication', 'LDAP Authentication is configured to deny users based on php execution with php_eval function, but php module is not enabled. Please enable php module or remove php code at !ldap_authentication_config .', $tokens);
             return FALSE;
         }
     }
     /**
      * do one of the allow attribute pairs match
      */
     if (count($this->allowOnlyIfTextInDn)) {
         $fail = TRUE;
         foreach ($this->allowOnlyIfTextInDn as $test) {
             if (stripos($ldap_user['dn'], $test) !== FALSE) {
                 $fail = FALSE;
             }
         }
         if ($fail) {
             return FALSE;
         }
     }
     /**
      * is excludeIfNoAuthorizations option enabled and user not granted any groups
      */
     if ($this->excludeIfNoAuthorizations) {
         if (!module_exists('ldap_authorization')) {
             drupal_set_message(t(LDAP_AUTHENTICATION_DISABLED_FOR_BAD_CONF_MSG), 'warning');
             $tokens = array('!ldap_authentication_config' => l(t('LDAP Authentication Configuration'), 'admin/config/people/ldap/authentication'));
             watchdog('ldap_authentication', 'LDAP Authentication is configured to deny users without LDAP Authorization mappings, but LDAP Authorization module is not enabled.  Please enable and configure LDAP Authorization or disable this option at !ldap_authentication_config .', $tokens);
             return FALSE;
         }
         $user = new stdClass();
         $user->name = $name;
         $user->ldap_authenticated = TRUE;
         // fake user property added for query
         $consumers = ldap_authorization_get_consumers();
         $has_enabled_consumers = FALSE;
         $has_ldap_authorizations = FALSE;
         foreach ($consumers as $consumer_type => $consumer_config) {
             $consumer_obj = ldap_authorization_get_consumer_object($consumer_type);
             if ($consumer_obj->consumerConf->status) {
                 $has_enabled_consumers = TRUE;
                 list($authorizations, $notifications) = ldap_authorizations_user_authorizations($user, 'query', $consumer_type, 'test_if_authorizations_granted');
                 if (isset($authorizations[$consumer_type]) && count($authorizations[$consumer_type]) > 0) {
                     $has_ldap_authorizations = TRUE;
                 }
             }
         }
         if (!$has_enabled_consumers) {
             drupal_set_message(t(LDAP_AUTHENTICATION_DISABLED_FOR_BAD_CONF_MSG), 'warning');
             $tokens = array('!ldap_consumer_config' => l(t('LDAP Authorization Configuration'), 'admin/config/people/ldap/authorization'));
             watchdog('ldap_authentication', 'LDAP Authentication is configured to deny users without LDAP Authorization mappings, but 0 LDAP Authorization consumers are configured:  !ldap_consumer_config .', $tokens);
             return FALSE;
         } elseif (!$has_ldap_authorizations) {
             return FALSE;
         }
     }
     // allow other modules to hook in and refuse if they like
     $hook_result = TRUE;
     drupal_alter('ldap_authentication_allowuser_results', $ldap_user, $name, $hook_result);
     if ($hook_result === FALSE) {
         watchdog('ldap_authentication', "Authentication Allow User Result=refused for %name", array('%name' => $name), WATCHDOG_NOTICE);
         return FALSE;
     }
     /**
      * default to allowed
      */
     return TRUE;
 }
Ejemplo n.º 3
0
 protected function renderRow($x, $y, $row, $options, &$view = NULL, $key = NULL, $printLabels = TRUE)
 {
     $pageDim = $this->getPageDimensions();
     // Render the content if it is not already:
     if (is_object($view) && $key != NULL && isset($view->field[$key]) && is_object($view->field[$key]) && !is_string($row)) {
         $content = $view->field[$key]->theme($row);
     } elseif (is_string($row)) {
         $content = $row;
     } else {
         // We got bad data. So return.
         return;
     }
     if (empty($key) || !empty($view->field[$key]->options['exclude']) || empty($content) && $view->field[$key]->options['hide_empty']) {
         return '';
     }
     // Apply the hyphenation patterns to the content:
     if (!isset($options['text']['hyphenate']) && is_object($view) && is_object($view->display_handler)) {
         $options['text']['hyphenate'] = $view->display_handler->get_option('default_text_hyphenate');
     }
     if (isset($options['text']['hyphenate']) && $options['text']['hyphenate'] != 'none') {
         $patternFile = $options['text']['hyphenate'];
         if ($options['text']['hyphenate'] == 'auto' && is_object($row)) {
             // Workaround:
             // Since "$nodeLanguage = $row->node_language;" does not work anymore,
             // we using this:
             if (isset($row->_field_data['nid']['entity']->language)) {
                 $nodeLanguage = $row->_field_data['nid']['entity']->language;
                 foreach (self::getAvailableHyphenatePatterns() as $file => $pattern) {
                     if (stristr($pattern, $nodeLanguage) !== FALSE) {
                         $patternFile = $file;
                         break;
                     }
                 }
             }
         }
         $patternFile = views_pdf_get_library('tcpdf') . '/hyphenate_patterns/' . $patternFile;
         if (file_exists($patternFile)) {
             if (method_exists('TCPDF_STATIC', 'getHyphenPatternsFromTEX')) {
                 $hyphen_patterns = TCPDF_STATIC::getHyphenPatternsFromTEX($patternFile);
             } else {
                 $hyphen_patterns = $this->getHyphenPatternsFromTEX($patternFile);
             }
             // Bugfix if you like to print some html code to the PDF, we
             // need to prevent the replacement of this tags.
             $content = str_replace('&gt;', '&amp;gt;', $content);
             $content = str_replace('&lt;', '&amp;lt;', $content);
             $content = $this->hyphenateText($content, $hyphen_patterns);
         }
     }
     // Set css variable
     if (is_object($view) && is_object($view->display_handler)) {
         $css_file = $view->display_handler->get_option('css_file');
     }
     // Render Labels
     $prefix = '';
     if ($printLabels && !empty($view->field[$key]->options['label'])) {
         $prefix = $view->field[$key]->options['label'];
         if ($view->field[$key]->options['element_label_colon']) {
             $prefix .= ':';
         }
         $prefix .= ' ';
     }
     $font_size = empty($options['text']['font_size']) ? $this->defaultFontSize : $options['text']['font_size'];
     $font_family = $options['text']['font_family'] == 'default' || empty($options['text']['font_family']) ? $this->defaultFontFamily : $options['text']['font_family'];
     $font_style = is_array($options['text']['font_style']) ? $options['text']['font_style'] : $this->defaultFontStyle;
     $textColor = !empty($options['text']['color']) ? $this->parseColor($options['text']['color']) : $this->parseColor($this->defaultFontColor);
     $w = $options['position']['width'];
     $h = $options['position']['height'];
     $border = 0;
     $align = isset($options['text']['align']) ? $options['text']['align'] : $this->defaultTextAlign;
     $fill = 0;
     $ln = 1;
     $reseth = TRUE;
     $stretch = 0;
     $ishtml = isset($options['render']['is_html']) ? $options['render']['is_html'] : 1;
     $stripHTML = !$ishtml;
     $autopadding = TRUE;
     $maxh = 0;
     $valign = 'T';
     $fitcell = FALSE;
     // Run eval before.
     if (!empty($options['render']['bypass_eval_before']) && !empty($options['render']['eval_before'])) {
         eval($options['render']['eval_before']);
     } elseif (!empty($options['render']['eval_before'])) {
         $content = php_eval($options['render']['eval_before']);
     }
     // Add css if there is a css file set and stripHTML is not active.
     if (!empty($css_file) && is_string($css_file) && !$stripHTML && $ishtml && !empty($content)) {
         $content = '<link type="text/css" rel="stylesheet" media="all" href="' . $css_file . '" />' . PHP_EOL . $content;
     }
     // Set Text Color.
     $this->SetTextColorArray($textColor);
     // Set font.
     $this->SetFont($font_family, implode('', $font_style), $font_size);
     // Save the last page before starting writing, this
     // is needed to dected if we write over a page. Then we need
     // to reset the y coordinate for the 'last_writing' position option.
     $this->lastWritingPage = $this->getPage();
     if ($stripHTML) {
         $content = strip_tags($content);
     }
     // Write the content of a field to the pdf file:
     if (!empty($content)) {
         $this->MultiCell($w, $h, $prefix . $content, $border, $align, $fill, $ln, $x, $y, $reseth, $stretch, $ishtml, $autopadding, $maxh, $valign, $fitcell);
     } else {
         $this->MultiCell($w, $h, $prefix, $border, $align, $fill, $ln, $x, $y, $reseth, $stretch, $ishtml, $autopadding, $maxh, $valign, $fitcell);
     }
     // Reset font to default.
     $this->SetFont($this->defaultFontFamily, implode('', $this->defaultFontStyle), $this->defaultFontSize);
     // Run eval after.
     if (!empty($options['render']['bypass_eval_after']) && !empty($options['render']['eval_after'])) {
         eval($options['render']['eval_after']);
     } elseif (!empty($options['render']['eval_after'])) {
         $content = php_eval($options['render']['eval_after']);
     }
     // Write Coordinates of element.
     $this->elements[$key] = array('x' => $x, 'y' => $y, 'width' => empty($w) ? $pageDim['wk'] - $this->rMargin - $x : $w, 'height' => $this->y - $y, 'page' => $this->lastWritingPage);
     $this->lastWritingElement = $key;
 }
 /**
  * decide if a username is excluded or not
  *
  * return boolean
  */
 public function allowUser($name, $ldap_user_entry)
 {
     /**
      * do one of the exclude attribute pairs match
      */
     $exclude = FALSE;
     foreach ($this->excludeIfTextInDn as $test) {
         if (strpos(drupal_strtolower($ldap_user_entry['dn']), drupal_strtolower($test)) !== FALSE) {
             return FALSE;
             //  if a match, return FALSE;
         }
     }
     /**
      * evaluate php if it exists
      */
     if ($this->allowTestPhp) {
         if (module_exists('php')) {
             global $_name, $_ldap_user_entry;
             $_name = $name;
             $_ldap_user_entry = $ldap_user_entry;
             $code = '<?php ' . "global \$_name; \n  global \$_ldap_user_entry; \n" . $this->allowTestPhp . ' ?>';
             $code_result = php_eval($code);
             $_name = NULL;
             $_ldap_user_entry = NULL;
             if ((bool) $code_result == FALSE) {
                 return FALSE;
             }
         } else {
             drupal_set_message(t(LDAP_AUTHENTICATION_DISABLED_FOR_BAD_CONF_MSG), 'warning');
             $tokens = array('!ldap_authentication_config' => l(t('LDAP Authentication Configuration'), 'admin/config/people/ldap/authentication'));
             watchdog('warning', 'LDAP Authentication is configured to deny users based on php execution with php_eval function, but php module is not enabled. Please enable php module or remove php code at !ldap_authentication_config .', $tokens);
             return FALSE;
         }
     }
     /**
      * do one of the allow attribute pairs match
      */
     if (count($this->allowOnlyIfTextInDn)) {
         $fail = TRUE;
         foreach ($this->allowOnlyIfTextInDn as $test) {
             if (strpos(drupal_strtolower($ldap_user_entry['dn']), drupal_strtolower($test)) !== FALSE) {
                 $fail = FALSE;
             }
         }
         if ($fail) {
             return FALSE;
         }
     }
     /**
      * is excludeIfNoAuthorizations option enabled and user not granted any groups
      */
     if ($this->excludeIfNoAuthorizations) {
         if (!module_exists('ldap_authorization')) {
             drupal_set_message(t(LDAP_AUTHENTICATION_DISABLED_FOR_BAD_CONF_MSG), 'warning');
             $tokens = array('!ldap_authentication_config' => l(t('LDAP Authentication Configuration'), 'admin/config/people/ldap/authentication'));
             watchdog('warning', 'LDAP Authentication is configured to deny users without LDAP Authorization mappings, but LDAP Authorization module is not enabled.  Please enable and configure LDAP Authorization or disable this option at !ldap_authentication_config .', $tokens);
             return FALSE;
         }
         $user = new stdClass();
         $user->name = $name;
         $user->ldap_authenticated = TRUE;
         // fake user property added for query
         $consumers = ldap_authorization_get_consumers();
         $has_enabled_consumers = FALSE;
         foreach ($consumers as $consumer_type => $consumer_config) {
             $consumer_obj = ldap_authorization_get_consumer_object($consumer_type);
             if ($consumer_obj->consumerConf->status) {
                 $has_enabled_consumers = TRUE;
                 list($authorizations, $notifications) = ldap_authorizations_user_authorizations($user, 'query', $consumer_type, 'test_if_authorizations_granted');
                 if (count(array_filter(array_values($authorizations))) > 0) {
                     return TRUE;
                 }
             }
         }
         if (!$has_enabled_consumers) {
             drupal_set_message(t(LDAP_AUTHENTICATION_DISABLED_FOR_BAD_CONF_MSG), 'warning');
             $tokens = array('!ldap_consumer_config' => l(t('LDAP Authorization Configuration'), 'admin/config/people/ldap/authorization'));
             watchdog('warning', 'LDAP Authentication is configured to deny users without LDAP Authorization mappings, but 0 LDAP Authorization consumers are configured:  !ldap_consumer_config .', $tokens);
             return FALSE;
         }
         return FALSE;
     }
     /**
      * default to allowed
      */
     return TRUE;
 }
Ejemplo n.º 5
0
 /**
  * Checks if the given menu link should be marked as active.
  *
  * If `$item->activation` is a callable function it will be used to determinate
  * if the link should be active or not, returning true from callable indicates
  * link should be active, false indicates it should not be marked as active.
  * Callable receives current request object as first argument and $item as second.
  *
  * `$item->url` property MUST exists if "activation" is not a callable, and can
  * be either:
  *
  * - A string representing an external or internal URL (all internal links must
  *   starts with "/"). e.g. `/user/login`
  *
  * - An array compatible with \Cake\Routing\Router::url(). e.g. `['controller'
  *   => 'users', 'action' => 'login']`
  *
  * Both examples are equivalent.
  *
  * @param \Cake\Datasource\EntityInterface $item A menu's item
  * @return bool
  */
 public function isActive(EntityInterface $item)
 {
     if ($item->has('activation') && is_callable($item->get('activation'))) {
         $callable = $item->get('activation');
         return $callable($this->_View->request, $item);
     }
     $itemUrl = $this->sanitize($item->get('url'));
     if (!str_starts_with($itemUrl, '/')) {
         return false;
     }
     switch ($item->get('activation')) {
         case 'any':
             return $this->_requestMatches($item->get('active'));
         case 'none':
             return !$this->_requestMatches($item->get('active'));
         case 'php':
             return php_eval($item->get('active'), ['view', &$this->_View, 'item', &$item]) === true;
         case 'auto':
         default:
             static $requestUri = null;
             static $requestUrl = null;
             if ($requestUri === null) {
                 $requestUri = urldecode(env('REQUEST_URI'));
                 $requestUrl = str_replace('//', '/', '/' . urldecode($this->_View->request->url) . '/');
             }
             $isInternal = $itemUrl !== '/' && str_ends_with($itemUrl, str_replace_once($this->baseUrl(), '', $requestUri));
             $isIndex = $itemUrl === '/' && $this->_View->request->isHome();
             $isExact = str_replace('//', '/', "{$itemUrl}/") === $requestUrl || $itemUrl == $requestUri;
             if ($this->config('breadcrumbGuessing')) {
                 return $isInternal || $isIndex || $isExact || in_array($itemUrl, $this->_crumbs());
             }
             return $isInternal || $isIndex || $isExact;
     }
 }
Ejemplo n.º 6
0
 /**
  * Checks if the given block can be rendered.
  *
  * @param \Block\Model\Entity\Block $block Block entity
  * @return bool True if can be rendered
  */
 protected function _filterBlock(Block $block)
 {
     $cacheKey = "allowed_{$block->id}";
     $cache = static::cache($cacheKey);
     if ($cache !== null) {
         return $cache;
     }
     if (!empty($block->locale) && !in_array(I18n::locale(), (array) $block->locale)) {
         return static::cache($cacheKey, false);
     }
     if (!$block->isAccessible()) {
         return static::cache($cacheKey, false);
     }
     $allowed = false;
     switch ($block->visibility) {
         case 'except':
             // Show on all pages except listed pages
             $allowed = !$this->_urlMatch($block->pages);
             break;
         case 'only':
             // Show only on listed pages
             $allowed = $this->_urlMatch($block->pages);
             break;
         case 'php':
             // Use custom PHP code to determine visibility
             $allowed = php_eval($block->pages, ['view' => &$this->_View, 'block' => &$block]) === true;
             break;
     }
     if (!$allowed) {
         return static::cache($cacheKey, false);
     }
     return static::cache($cacheKey, true);
 }