/**
* Authenticate against a different PostgreSQL database which contains a usr table in
* the AWL format.
*
* @package awl
*/
function auth_other_awl($username, $password)
{
global $c;
$authconn = pg_Connect($c->authenticate_hook['config']['connection']);
if (!$authconn) {
echo <<<EOERRMSG
<html><head><title>Database Connection Failure</title></head><body>
<h1>Database Error</h1>
<h3>Could not connect to PostgreSQL database</h3>
</body>
</html>
EOERRMSG;
exit(1);
}
if (isset($c->authenticate_hook['config']['columns'])) {
$cols = $c->authenticate_hook['config']['columns'];
} else {
$cols = "*";
}
if (isset($c->authenticate_hook['config']['where'])) {
$andwhere = " AND " . $c->authenticate_hook['config']['where'];
} else {
$andwhere = "";
}
$qry = new AwlQuery("SELECT {$cols} FROM usr WHERE lower(username) = ? {$andwhere}", strtolower($username));
$qry->SetConnection($authconn);
if ($qry->Exec('Login', __LINE, __FILE__) && $qry->rows() == 1) {
$usr = $qry->Fetch();
if (session_validate_password($password, $usr->password)) {
$qry = new AwlQuery("SELECT * FROM usr WHERE user_no = {$usr->user_no};");
if ($qry->Exec('Login', __LINE, __FILE__) && $qry->rows() == 1) {
$type = "UPDATE";
} else {
$type = "INSERT";
}
$qry = new AwlQuery(sql_from_object($usr, $type, 'usr', "WHERE user_no={$usr->user_no}"));
$qry->Exec('Login', __LINE, __FILE__);
/**
* We disallow login by inactive users _after_ we have updated the local copy
*/
if (isset($usr->active) && $usr->active == 'f') {
return false;
}
return $usr;
}
}
return false;
}
/**
* Update the local cache of the remote user details
* @param object $usr The user details we read from the remote.
*/
function UpdateUserFromExternal(&$usr)
{
global $c;
/**
* When we're doing the create we will usually need to generate a user number
*/
if (!isset($usr->user_no) || intval($usr->user_no) == 0) {
$qry = new AwlQuery("SELECT nextval('usr_user_no_seq');");
$qry->Exec('Login', __LINE__, __FILE__);
$sequence_value = $qry->Fetch(true);
// Fetch as an array
$usr->user_no = $sequence_value[0];
}
$qry = new AwlQuery('SELECT * FROM usr WHERE user_no = :user_no', array(':user_no' => $usr->user_no));
if ($qry->Exec('Login', __LINE__, __FILE__) && $qry->rows() == 1) {
$type = "UPDATE";
if ($old = $qry->Fetch()) {
$changes = false;
foreach ($usr as $k => $v) {
if ($old->{$k} != $v) {
$changes = true;
dbg_error_log("Login", "User '%s' field '%s' changed from '%s' to '%s'", $usr->username, $k, $old->{$k}, $v);
break;
}
}
if (!$changes) {
dbg_error_log("Login", "No changes to user record for '%s' - leaving as-is.", $usr->username);
if (isset($usr->active) && $usr->active == 'f') {
return false;
}
return;
// Normal case, if there are no changes
} else {
dbg_error_log("Login", "Changes to user record for '%s' - updating.", $usr->username);
}
}
} else {
$type = "INSERT";
}
$params = array();
if ($type != 'INSERT') {
$params[':user_no'] = $usr->user_no;
}
$qry = new AwlQuery(sql_from_object($usr, $type, 'usr', 'WHERE user_no= :user_no'), $params);
$qry->Exec('Login', __LINE__, __FILE__);
/**
* We disallow login by inactive users _after_ we have updated the local copy
*/
if (isset($usr->active) && ($usr->active === 'f' || $usr->active === false)) {
return false;
}
if ($type == 'INSERT') {
$qry = new AwlQuery('INSERT INTO principal( type_id, user_no, displayname, default_privileges) SELECT 1, user_no, fullname, :privs::INT::BIT(24) FROM usr WHERE username=:username', array(':privs' => privilege_to_bits($c->default_privileges), ':username' => $usr->username));
$qry->Exec('Login', __LINE__, __FILE__);
CreateHomeCalendar($usr->username);
} else {
if ($usr->fullname != $old->{'fullname'}) {
// Also update the displayname if the fullname has been updated.
$qry->QDo('UPDATE principal SET displayname=:new_display WHERE user_no=:user_no', array(':new_display' => $usr->fullname, ':user_no' => $usr->user_no));
}
}
}
/**
* To write the record to the database
* @return boolean Success.
*/
function Write()
{
dbg_error_log("DBRecord", ":Write: %s record as %s.", $this->Table, $this->WriteType);
$sql = sql_from_object($this->Values, $this->WriteType, $this->Table, $this->_BuildWhereClause(), $this->prefix);
$qry = new AwlQuery($sql);
return $qry->Exec("DBRecord", __LINE__, __FILE__);
}
