public static function post_login($parameters)
{
$uid = $parameters['uid'];
$samlBackend = new OC_USER_SAML();
if ($samlBackend->auth->isAuthenticated()) {
$attributes = $samlBackend->auth->getAttributes();
if (array_key_exists($samlBackend->usernameMapping, $attributes) && $attributes[$samlBackend->usernameMapping][0] == $uid) {
$attributes = $samlBackend->auth->getAttributes();
if (array_key_exists($samlBackend->mailMapping, $attributes)) {
$saml_email = $attributes[$samlBackend->mailMapping][0];
}
if (array_key_exists($samlBackend->groupMapping, $attributes)) {
$saml_groups = $attributes[$samlBackend->groupMapping];
} else {
if (!empty($samlBackend->defaultGroup)) {
$saml_groups = array($samlBackend->defaultGroup);
OC_Log::write('saml', 'Using default group "' . $samlBackend->defaultGroup . '" for the user: '******'/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) {
OC_Log::write('saml', 'Invalid username "' . $uid . '", allowed chars "a-zA-Z0-9" and "_.@-" ', OC_Log::DEBUG);
return false;
} else {
$random_password = random_password();
OC_Log::write('saml', 'Creating new user: '******'saml', 'Updating data of the user: ' . $uid, OC_Log::DEBUG);
if (isset($saml_email)) {
update_mail($uid, $saml_email);
}
if (isset($saml_groups)) {
update_groups($uid, $saml_groups, $samlBackend->protectedGroups, false);
}
}
}
return true;
}
}
return false;
}
public static function update_user($uid, $attributes)
{
$casBackend = OC_USER_CAS::getInstance();
\OCP\Util::writeLog('cas', 'Updating data of the user: '******'cas', 'attr: ' . implode(",", $attributes), \OCP\Util::DEBUG);
if (isset($attributes['cas_email'])) {
update_mail($uid, $attributes['cas_email']);
}
if (isset($attributes['cas_name'])) {
update_name($uid, $attributes['cas_name']);
}
if (isset($attributes['cas_groups'])) {
update_groups($uid, $attributes['cas_groups'], $casBackend->protectedGroups, false);
}
}
public static function post_login($parameters)
{
$uid = $parameters['uid'];
$wuid = $uid;
$casBackend = new OC_USER_CAS();
$userDB = new OC_User_Database();
/*
* Récupération des données du fichier config général /config/config.php
*/
$serveur_Search = OCP\Config::getSystemValue('serveur_Search', 'error');
$port = OCP\Config::getSystemValue('port', 'error');
$racineAMU = OCP\Config::getSystemValue('racineAMU', 'error');
$racineAMUGRP = OCP\Config::getSystemValue('racineAMUGRP', 'error');
$AMU_nuage_dn = OCP\Config::getSystemValue('AMU_nuage_dn', 'error');
$AMU_nuage_pw = OCP\Config::getSystemValue('AMU_nuage_pw', 'error');
$PQuota = OCP\Config::getSystemValue('PQuota', 'unManaged');
$EQuota = OCP\Config::getSystemValue('EQuota', 'unManaged');
$LDAP = new LDAP_Infos($serveur_Search, $AMU_nuage_dn, $AMU_nuage_pw, $racineAMUGRP, $racineAMUGRP);
$restrictGrp = array("cn", "member");
/*
* Récupération tableau Groupes
* Si le tableau 'groupMapping' est vide pas de contrôle sur les groupes
*/
$AccesCloud = 0;
OCP\Util::writeLog('user_cas', "Authentification (Mapping groups=" . $casBackend->groupMapping . ")", OCP\Util::DEBUG);
if ($casBackend->groupMapping) {
$wTabGrp = str_replace(array('<br>', '<br />', "\n", "\r"), array('@', '', '@', ''), $casBackend->groupMapping);
$tabGRP = explode("@", $wTabGrp);
$i = 0;
$mesGroupes = array();
foreach ($tabGRP as $key => $value) {
$ListeMembre = $LDAP->getMembersOfGroup($value, $restrictGrp);
if (in_array($uid, $ListeMembre)) {
$AccesCloudAMU = 1;
}
}
} else {
$AccesCloud = 1;
}
/*
* Si pas d'acces, alors déconnexion
*/
if ($AccesCloud == 0) {
/*
* On vérifie si le compte utilisé est un compte local
*/
if (!$userDB->userExists($uid)) {
OCP\Util::writeLog('user_cas', "Aucun droit d'accès pour l'utilisateur " . $uid, OCP\Util::ERROR);
\OC_User::logout();
} else {
OCP\Util::writeLog('user_cas', "Authentification locale pour l'utilisateur " . $uid, OCP\Util::DEBUG);
OC::$REQUESTEDAPP = '';
OC_Util::redirectToDefaultPage();
exit(0);
}
}
/**
* Récupère les groupes liés à l'utilisateur avec la racine définie dans le formulaire 'cas_group_root'
* Si 'cas_group_root' n'est pas renseingé => pas de récupération de groupes
*/
$mesGroupes = array();
OCP\Util::writeLog('user_cas', "Authentification (Racine Groupes LDAP=" . $casBackend->groupRoot . ")", OCP\Util::DEBUG);
if ($casBackend->groupRoot) {
$i = 0;
$ListeGRP = $LDAP->getMemberOf($uid);
$a = sizeof($ListeGRP);
OCP\Util::writeLog('user_cas', "Taille=" . $a . " UID=" . $uid, OCP\Util::ERROR);
OCP\Util::writeLog('user_cas', "Racine Groupe=" . $casBackend->groupRoot, OCP\Util::ERROR);
foreach ($ListeGRP as $key => $value) {
if (strstr($value, $casBackend->groupRoot)) {
$mesGroupes[$i] = strtoupper(str_replace(':', '_', substr($value, 8)));
OCP\Util::writeLog('user_cas', "Groupe[{$i}]=" . $mesGroupes[$i], OCP\Util::ERROR);
$i++;
}
}
}
if (phpCAS::checkAuthentication()) {
//$attributes = phpCAS::getAttributes();
$cas_uid = phpCAS::getUser();
if ($cas_uid == $uid) {
/*
* Récupération des information utilisateur (LDAP)
*/
$tabLdapUser = $LDAP->getUserInfo($uid);
if ($tabLdapUser) {
$DisplayName = $tabLdapUser['displayName'];
}
if (!$userDB->userExists($uid)) {
if (preg_match('/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) {
OCP\Util::writeLog('cas', 'Utilisateur invalide "' . $uid . '", caracteres autorises "a-zA-Z0-9" and "_.@-" ', OCP\Util::DEBUG);
return false;
} else {
/*
* Dans le cas d'une création
*/
$random_password = \OC_Util::generateRandomBytes(20);
$userDB->createUser($uid, $tabLdapUser['userpassword']);
$userDB->setDisplayName($uid, $DisplayName);
/*
* Mise à jour du quota si gestion dans fichier de configuration
*/
if ($EQuota != "unManaged" && $tabLdapUser['eduPersonPrimaryAffiliation'] == 'student') {
update_quota($uid, $EQuota);
}
if ($PQuota != "unManaged" && $tabLdapUser['eduPersonPrimaryAffiliation'] != 'student') {
update_quota($uid, $PQuota);
}
}
}
/*
* Mise à jour des groupes associés
*/
if (sizeof($mesGroupes) > 0) {
$cas_groups = $mesGroupes;
update_groups($uid, $cas_groups, $casBackend->protectedGroups, true);
}
/*
* Mise à jour du mail
*/
update_mail($uid, $tabLdapUser['Mail']);
/*
* Mise à jour du display name
*/
$userDB->setDisplayName($uid, $DisplayName);
return true;
}
}
return false;
}
function update_user_data($uid, $attributes = array(), $just_created = false)
{
OC_Util::setupFS($uid);
OCP\Util::writeLog('saml', 'Updating data of the user: '******'email'])) {
update_mail($uid, $attributes['email']);
}
if (isset($attributes['groups'])) {
update_groups($uid, $attributes['groups'], $attributes['protected_groups'], $just_created);
}
if (isset($attributes['display_name'])) {
update_display_name($uid, $attributes['display_name']);
}
if (isset($attributes['quota'])) {
update_quota($uid, $attributes['quota']);
}
}
public static function post_login($parameters)
{
$userid = $parameters['uid'];
$samlBackend = new OC_USER_SAML();
if ($samlBackend->auth->isAuthenticated()) {
$attributes = $samlBackend->auth->getAttributes();
$usernameFound = false;
foreach ($samlBackend->usernameMapping as $usernameMapping) {
if (array_key_exists($usernameMapping, $attributes) && !empty($attributes[$usernameMapping][0])) {
$usernameFound = true;
$uid = $attributes[$usernameMapping][0];
OC_Log::write('saml', 'Authenticated user ' . $uid, OC_Log::DEBUG);
break;
}
}
if ($usernameFound && $uid == $userid) {
$attributes = $samlBackend->auth->getAttributes();
$saml_email = '';
foreach ($samlBackend->mailMapping as $mailMapping) {
if (array_key_exists($mailMapping, $attributes) && !empty($attributes[$mailMapping][0])) {
$saml_email = $attributes[$mailMapping][0];
break;
}
}
$saml_display_name = '';
foreach ($samlBackend->displayNameMapping as $displayNameMapping) {
if (array_key_exists($displayNameMapping, $attributes) && !empty($attributes[$displayNameMapping][0])) {
$saml_display_name = $attributes[$displayNameMapping][0];
break;
}
}
$saml_groups = array();
foreach ($samlBackend->groupMapping as $groupMapping) {
if (array_key_exists($groupMapping, $attributes) && !empty($attributes[$groupMapping])) {
$saml_groups = array_merge($saml_groups, $attributes[$groupMapping]);
}
}
if (empty($saml_groups) && !empty($samlBackend->defaultGroup)) {
$saml_groups = array($samlBackend->defaultGroup);
OC_Log::write('saml', 'Using default group "' . $samlBackend->defaultGroup . '" for the user: '******'/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) {
OC_Log::write('saml', 'Invalid username "' . $uid . '", allowed chars "a-zA-Z0-9" and "_.@-" ', OC_Log::DEBUG);
return false;
} else {
$random_password = OC_Util::generate_random_bytes(20);
OC_Log::write('saml', 'Creating new user: '******'saml', 'Updating data of the user: ' . $uid, OC_Log::DEBUG);
if (isset($saml_email)) {
update_mail($uid, $saml_email);
}
if (isset($saml_groups)) {
update_groups($uid, $saml_groups, $samlBackend->protectedGroups, false);
}
if (isset($saml_display_name)) {
update_display_name($uid, $saml_display_name);
}
}
}
return true;
}
}
return false;
}
<?php
session_start();
include "inc/connect.php";
include "inc/functions.php";
if (!$_SESSION && !$_SESSION['user'] == "admin") {
header('Location: index.php');
}
$all_mail = get_mail($connexion);
if ($_POST) {
$add_id = nettoyage($_POST['id']);
$add_mail = nettoyage($_POST['mail']);
$add_date = nettoyage($_POST['date']);
$add_privilege = nettoyage($_POST['privilege']);
$result = update_mail($connexion, $add_id, $add_mail, $add_date, $add_privilege);
header('Refresh: 2; URL=platform.php');
}
include 'inc/template/header.php';
include 'inc/template/admin_page.php';
include 'inc/template/footer.php';
