/** @inheritdoc */
public function canDo($cap)
{
global $ACT;
// It is important to know that auth_setup call canDo('external'). In such case the
// $this->currentPlugin must be used. If it is not used and user is authenticated
// via trustExternal() user is logged off!
$callee = debug_backtrace(!DEBUG_BACKTRACE_PROVIDE_OBJECT, 2);
if ($ACT == "admin" && $callee[1]['function'] != 'auth_setup' && (empty($_REQUEST['page']) || $_REQUEST['page'] == "usermanager") && !empty($this->usermanagerPlugin)) {
return $this->usermanagerPlugin->canDo($cap);
// If this part is used, auth plain users does not have roles
} else {
if (!empty($this->currentPlugin)) {
return $this->currentPlugin->canDo($cap);
}
}
return parent::canDo($cap);
}
/**
* Load domain config on capability check
*
* @param string $cap
* @return bool
*/
public function canDo($cap)
{
//capabilities depend on config, which may change depending on domain
$domain = $this->_userDomain($_SERVER['REMOTE_USER']);
$this->_loadServerConfig($domain);
return parent::canDo($cap);
}
/**
* Inherited canDo function, may be useful for localusers
*
* @param string $cap
* @return bool
*/
public function canDo($cap)
{
// We might need to do something to redefine the capabilities for local users
return parent::canDo($cap);
}
/**
* Forwards the authentication to configured authplugins.
* Returns true, if the usermanager authtype has the capability and no user
* is logged in.
*
* @author Philipp Neuser <*****@*****.**>
* @author Christian Marg <*****@*****.**>
* @param string $cap the capability to check
* @return bool
*/
public function canDo($cap)
{
global $ACT;
# print_r($cap);
if (is_null($this->chained_auth)) {
if (!is_null($this->usermanager_auth)) {
return $this->usermanager_auth->canDo($cap);
} else {
return parent::canDo($cap);
}
} else {
switch ($cap) {
case 'Profile':
case 'logoff':
//Depends on current user.
return $this->chained_auth->canDo($cap);
case 'UserMod':
case 'addUser':
case 'delUser':
case 'getUsers':
case 'getUserCount':
case 'getGroups':
//Depends on the auth for use with user manager
return $this->usermanager_auth->canDo($cap);
case 'modPass':
case 'modName':
case 'modLogin':
case 'modGroups':
case 'modMail':
/**
* Use request attributes to guess whether we are in the Profile or UserManager
* and return the appropriate auth capabilities
*/
if ($ACT == "admin" && $_REQUEST['page'] == "usermanager") {
return $this->usermanager_auth->canDo($cap);
} else {
// assume we want profile info.
return $this->chained_auth->canDo($cap);
}
// I don't know how to handle "external" in this context yet.
// Is it in any way sensible to mix regular auth with external auth?
// case 'external':
// //We are external if one of the chains is valid for external use
// return $this->trustExternal($_REQUEST['u'],$_REQUEST['p'],$_REQUEST['r']);
// I don't know how to handle "external" in this context yet.
// Is it in any way sensible to mix regular auth with external auth?
// case 'external':
// //We are external if one of the chains is valid for external use
// return $this->trustExternal($_REQUEST['u'],$_REQUEST['p'],$_REQUEST['r']);
default:
//Everything else (false)
return parent::canDo($cap);
}
#echo "canDo $cap ".$this->chained_auth->canDo($cap)."\n";
}
}
