/** * Grants admin access for console commands (#1908). * This avoids subsequent permission problems from any components used. */ protected function loginAsAdministrator() { $adminId = 2; // no need to do anything if there is already an admin login if (\UserUtil::isLoggedIn()) { if (\UserUtil::getVar('uid') == $adminId) { return; } if (\SecurityUtil::checkPermission('::', '::', ACCESS_ADMIN)) { return; } } // login / impersonate now \UserUtil::setUserByUid($adminId); // check if it worked if (!\UserUtil::isLoggedIn()) { throw new AccessDeniedException(__('Error! Auto login failed.')); } // check if permissions have become available if (!\SecurityUtil::checkPermission('::', '::', ACCESS_ADMIN)) { throw new AccessDeniedException(__('Error! Insufficient permissions after auto login.')); } }
/** * When Zikula authentication has failed, start SiriusXtecAuth * * @return bool true authetication succesful */ public static function trySiriusXtecAuth(Zikula_Event $event) { $authentication_info = FormUtil::getPassedValue('authentication_info', isset($args['authentication_info']) ? $args['authentication_info'] : null, 'POST'); // Argument check if ($authentication_info['login_id'] == '' || $authentication_info['pass'] == '') { LogUtil::registerError(__('Usuari o contrasenya en blanc.')); return System::redirect(System::getHomepageUrl()); } $uname = $authentication_info['login_id']; $pass = $authentication_info['pass']; // check if ldap is active if (!ModUtil::getVar('SiriusXtecAuth','ldap_active',false)) return false; // checking new users case $userid = UserUtil::getIdFromName($uname); if (($userid === false) && (ModUtil::getVar('SiriusXtecAuth','users_creation',false) === false)) return false; // connect to ldap server if (!$ldap_ds = ldap_connect(ModUtil::getVar('SiriusXtecAuth', 'ldap_server'))) { LogUtil::registerError(__('No ha pogut connectar amb el servidor ldap.')); return false; } /////////////////// // Checking ldap validation $ldaprdn = ModUtil::getVar('SiriusXtecAuth', 'ldap_searchattr') . '=' . $uname . ',' . ModUtil::getVar('SiriusXtecAuth', 'ldap_basedn'); $bind = @ldap_bind($ldap_ds, $ldaprdn, $pass); if (!$bind) { LogUtil::registerError(__('La informació introduïda no correspon a cap validació manual ni XTEC.')); return false; } LogUtil::getErrorMessages(); // Case new users if ($userid === false) { $userLdapFields = array ('cn', 'uid', 'givenname', 'sn', 'mail'); // search the directory for our user if (!$ldap_sr = ldap_search($ldap_ds, ModUtil::getVar('SiriusXtecAuth', 'ldap_basedn'), ModUtil::getVar('SiriusXtecAuth', 'ldap_searchattr') . '=' . DataUtil::formatForStore($uname),$userLdapFields)) { LogUtil::registerError(__('Problemes en la creació d\'un nou usuari de Sirus des de la validació XTEC (I).')); return false; } $info = ldap_get_entries($ldap_ds, $ldap_sr); if (!$info || $info['count'] == 0) { LogUtil::registerError('Problemes en la creació d\'un nou usuari de Sirus des de la validació XTEC (II).'); return false; } else { if (!isset($info[0]['dn'])) { LogUtil::registerError('Problemes en la creació d\'un nou usuari de Sirus des de la validació XTEC (III).'); return false; } } $user['zk']['uname'] =$uname; $user['zk']['email'] = $info[0]['mail'][0]; if (ModUtil::getVar('SiriusXtecAuth','iw_write',false) && ModUtil::available('IWusers')) { $user['iw']['nom'] = ucwords(strtolower($info[0]['givenname'][0])); $cognom_separator = strpos($info[0]['sn'][0],' '); if ($cognom_separator && ModUtil::getVar('SiriusXtecAuth','iw_lastnames',false)) { $user['iw']['cognom1'] = ucwords(strtolower(substr($info[0]['sn'][0],0,$cognom_separator))); $user['iw']['cognom2'] = ucwords(strtolower(substr($info[0]['sn'][0],$cognom_separator+1))); } else{ $user['iw']['cognom1'] = ucwords(strtolower($info[0]['sn'][0])); $user['iw']['cognom1'] = ''; } } if (ModUtil::getVar('SiriusXtecAuth','new_users_activation', false)) { $user['zk']['activated'] = 1; }else { $user['zk']['activated'] = 0; } $user['gr'] = ModUtil::getVar('SiriusXtecAuth','new_users_groups'); $userid = ModUtil::apifunc('SiriusXtecAuth', 'listeners', 'createUser', $user); if (!$userid) { LogUtil::registerError(__('No s\'ha pogut crear l\'usuari. Torneu a validar-vos.')); return false; } } @ldap_unbind($ldap_ds); UserUtil::setUserByUid($userid); if (!ModUtil::getVar('SiriusXtecAuth','loginXtecApps',false)) { return System::redirect(System::getHomepageUrl()); } else { $pass_e = urlencode(base64_encode($pass)); return System::redirect(ModUtil::url('SiriusXtecAuth', 'user', 'logingXtecApps',array('uname'=>$uname,'pass'=>$pass_e,'logtype'=>'in'))); } }