コード例 #1
0
ファイル: UserIdentity.php プロジェクト: assettcu/syllabus
 public function authenticate()
 {
     $this->errorCode = self::ERROR_NONE;
     $authenticated = false;
     $username = $this->username;
     $password = $this->password;
     $adauth = new ADAuth("adcontroller");
     $user = new UserObj($username);
     if (!$adauth->authenticate($username, $password)) {
         $this->errorCode = 3;
     }
     $info = $adauth->lookup_user();
     if ($info["count"] == 1) {
         $user->fullname = $info[0]["displayname"][0];
     }
     /*if(!$user->save()) {
           StdLib::vdump($user->get_error());
       }*/
     if ($this->errorCode != 0) {
         if ($this->errorCode != 4) {
             $user->iterate_attempts();
         }
     }
     return !$this->errorCode;
 }
コード例 #2
0
 public function actionLDAPAll()
 {
     $rest = new RestServer();
     $request = RestUtils::processRequest();
     $required = array("q");
     $keys = array_keys($request);
     if (count(array_intersect($required, $keys)) != count($required)) {
         return RestUtils::sendResponse(308);
     }
     # The Directory we're connecting with is the Active Directory for the Campus
     # (not to be confused with this application's name)
     $ldap = new ADAuth("directory");
     $ldap->bind_anon();
     $info = $ldap->lookup_user($request["q"]);
     return print json_encode($info);
 }
コード例 #3
0
ファイル: UserObj.php プロジェクト: assettcu/syllabus
 private function pull_AD_departments()
 {
     $adauth = new ADAuth("directory");
     $info = $adauth->lookup_user($this->username);
     $departments = array();
     if ($info["count"] == 1) {
         $ou = @$info[0]["ou"];
         if (isset($ou) and $ou["count"] > 0) {
             for ($a = 0; $a < $ou["count"]; $a) {
                 $exists = Yii::app()->db->createCommand()->select("COUNT(*)")->from("user_departments")->where("username = :username AND department = :department", array(":username" => $this->username, ":department" => $ou[$a]))->queryScalar() == 1;
                 if (!$exists) {
                     Yii::app()->db->createCommand()->insert("user_departments", array("username" => $this->username, "department" => $ou[$a]));
                 }
                 $departments[] = $ou[$a];
             }
         }
     }
     return $departments;
 }
コード例 #4
0
ファイル: UserIdentity.php プロジェクト: jbrauchler/directory
 public function authenticate()
 {
     $this->errorCode = self::ERROR_NONE;
     $authenticated = false;
     $username = $this->username;
     $password = $this->password;
     $user = null;
     try {
         Yii::app()->db;
         $dbload = true;
     } catch (Exception $e) {
         # If Connection doesn't exist
         $dbload = false;
     }
     # Check if user exists or is locked out
     if ($dbload) {
         $user = new UserObj($username);
         if ($user->loaded and isset($user->active, $user->attempts) and ($user->active == 0 or $user->attempts > 5)) {
             $this->errorCode = ERROR_MAX_ATTEMPTS;
             return !$this->errorCode;
         }
     }
     # The new Authentication System
     $adauth = new ADAuth("adcontroller");
     # Authenticate!
     if ($adauth->authenticate($username, $password)) {
         # !Important! User groups and their permission levels
         $valid_groups = array("ASSETT-Programming" => 10, "ASSETT-Admins" => 10, "ASSETT-TTAs" => 3, "ASSETT-Core" => 3, "ASSETT-Staff" => 3, "ASSETT-ATCs" => 3, "ASSETT-Design" => 3);
         # Empty for now
         $info = $adauth->lookup_user();
         # Iterate through groups and assign user to appropriate groups
         foreach ($valid_groups as $group => $permlevel) {
             if ($adauth->is_member($group)) {
                 // Update only if membership changed or new user
                 if ($dbload === true and !is_null($user) and (!$user->loaded or $user->loaded and $user->member != $group)) {
                     $user->permission = $permlevel;
                     $user->member = $group;
                 } else {
                     if ($dbload === false and (!isset($permission) or $permlevel > $permission)) {
                         $permission = $permlevel;
                         $belongsto = $group;
                     }
                 }
                 break;
             }
         }
         if ($dbload === false) {
             if (!isset($permission)) {
                 $this->errorCode = ERROR_AUTH_GROUP_INVALID;
                 return !$this->errorCode;
             }
             Yii::app()->user->setState("group", $belongsto);
             Yii::app()->user->setState("permission", $permission);
         } else {
             if (is_null($user->permission) and !$user->loaded) {
                 $user->permission = 1;
             }
             $user->email = $info[0]["mail"][0];
             $user->name = $info[0]["displayname"][0];
             if ($user->permission == 0) {
                 $this->errorCode = ERROR_AUTH_GROUP_INVALID;
             }
             if (!$this->errorCode) {
                 $user->last_login = date("Y-m-d H:i:s");
                 $user->attempts = 0;
                 $user->save();
                 $user->load();
             }
             # Switch to the directory and lookup user's CU affiliation (student/staff/faculty)
             $adauth->change_controller("directory");
             $info = $adauth->lookup_user();
             $user->roles = $this->parse_roles($info[0]["edupersonaffiliation"]);
             # Save and reload
             $user->save();
             $user->load();
             $contact = new ContactObj();
             $contact->username = $user->username;
             $contact->load();
             if ($contact->loaded) {
                 Yii::app()->user->setState("cid", $contact->cid);
                 Yii::app()->user->setState("userobj", $user);
             }
         }
     } else {
         if ($dbload === true and $user->loaded) {
             $user->attempts++;
             $user->save();
         }
         $this->errorCode = ERROR_INVALID_CREDENTIALS;
     }
     return !$this->errorCode;
 }