コード例 #1
0
 /**
  * This action delete an existing user.
  *
  * Request parameter is:
  *   - username
  *
  * @todo clean up this method. Idea: create a User->clean() method.
  */
 public function deleteAction()
 {
     $username = Minz_Request::param('username');
     $redirect_url = urldecode(Minz_Request::param('r', false, true));
     if (!$redirect_url) {
         $redirect_url = array('c' => 'user', 'a' => 'manage');
     }
     $self_deletion = Minz_Session::param('currentUser', '_') === $username;
     if (Minz_Request::isPost() && (FreshRSS_Auth::hasAccess('admin') || $self_deletion)) {
         $db = FreshRSS_Context::$system_conf->db;
         require_once APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php';
         $ok = ctype_alnum($username);
         $user_data = join_path(DATA_PATH, 'users', $username);
         if ($ok) {
             $default_user = FreshRSS_Context::$system_conf->default_user;
             $ok &= strcasecmp($username, $default_user) !== 0;
             //It is forbidden to delete the default user
         }
         if ($ok && $self_deletion) {
             // We check the password if it's a self-destruction
             $nonce = Minz_Session::param('nonce');
             $challenge = Minz_Request::param('challenge', '');
             $ok &= FreshRSS_FormAuth::checkCredentials($username, FreshRSS_Context::$user_conf->passwordHash, $nonce, $challenge);
         }
         if ($ok) {
             $ok &= is_dir($user_data);
         }
         if ($ok) {
             $userDAO = new FreshRSS_UserDAO();
             $ok &= $userDAO->deleteUser($username);
             $ok &= recursive_unlink($user_data);
             //TODO: delete Persona file
         }
         if ($ok && $self_deletion) {
             FreshRSS_Auth::removeAccess();
             $redirect_url = array('c' => 'index', 'a' => 'index');
         }
         invalidateHttpCache();
         $notif = array('type' => $ok ? 'good' : 'bad', 'content' => _t('feedback.user.deleted' . (!$ok ? '.error' : ''), $username));
         Minz_Session::_param('notification', $notif);
     }
     Minz_Request::forward($redirect_url, true);
 }
コード例 #2
0
 /**
  * This action resets the authentication system.
  *
  * After reseting, form auth is set by default.
  */
 public function resetAction()
 {
     Minz_View::prependTitle(_t('admin.auth.title_reset') . ' · ');
     Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js')));
     $this->view->no_form = false;
     // Enable changement of auth only if Persona!
     if (FreshRSS_Context::$system_conf->auth_type != 'persona') {
         $this->view->message = array('status' => 'bad', 'title' => _t('gen.short.damn'), 'body' => _t('feedback.auth.not_persona'));
         $this->view->no_form = true;
         return;
     }
     $conf = get_user_configuration(FreshRSS_Context::$system_conf->default_user);
     if (is_null($conf)) {
         return;
     }
     // Admin user must have set its master password.
     if (!$conf->passwordHash) {
         $this->view->message = array('status' => 'bad', 'title' => _t('gen.short.damn'), 'body' => _t('feedback.auth.no_password_set'));
         $this->view->no_form = true;
         return;
     }
     invalidateHttpCache();
     if (Minz_Request::isPost()) {
         $nonce = Minz_Session::param('nonce');
         $username = Minz_Request::param('username', '');
         $challenge = Minz_Request::param('challenge', '');
         $ok = FreshRSS_FormAuth::checkCredentials($username, $conf->passwordHash, $nonce, $challenge);
         if ($ok) {
             FreshRSS_Context::$system_conf->auth_type = 'form';
             $ok = FreshRSS_Context::$system_conf->save();
             if ($ok) {
                 Minz_Request::good(_t('feedback.auth.form.set'));
             } else {
                 Minz_Request::bad(_t('feedback.auth.form.not_set'), array('c' => 'auth', 'a' => 'reset'));
             }
         } else {
             Minz_Log::warning('Password mismatch for' . ' user='******', nonce=' . $nonce . ', c=' . $challenge);
             Minz_Request::bad(_t('feedback.auth.login.invalid'), array('c' => 'auth', 'a' => 'reset'));
         }
     }
 }
コード例 #3
0
ファイル: Auth.php プロジェクト: buggithubs/FreshRSS
 /**
  * Removes all accesses for the current user.
  */
 public static function removeAccess()
 {
     Minz_Session::_param('loginOk');
     self::$login_ok = false;
     $conf = Minz_Configuration::get('system');
     Minz_Session::_param('currentUser', $conf->default_user);
     switch ($conf->auth_type) {
         case 'form':
             Minz_Session::_param('passwordHash');
             FreshRSS_FormAuth::deleteCookie();
             break;
         case 'persona':
             Minz_Session::_param('mail');
             break;
         case 'http_auth':
         case 'none':
             // Nothing to do...
             break;
         default:
             // TODO: extensions
     }
 }