public static function post_login($parameters) { $uid = $parameters['uid']; $samlBackend = new OC_USER_SAML(); if ($samlBackend->auth->isAuthenticated()) { $attributes = $samlBackend->auth->getAttributes(); if (array_key_exists($samlBackend->usernameMapping, $attributes) && $attributes[$samlBackend->usernameMapping][0] == $uid) { $attributes = $samlBackend->auth->getAttributes(); if (array_key_exists($samlBackend->mailMapping, $attributes)) { $saml_email = $attributes[$samlBackend->mailMapping][0]; } if (array_key_exists($samlBackend->groupMapping, $attributes)) { $saml_groups = $attributes[$samlBackend->groupMapping]; } else { if (!empty($samlBackend->defaultGroup)) { $saml_groups = array($samlBackend->defaultGroup); OC_Log::write('saml', 'Using default group "' . $samlBackend->defaultGroup . '" for the user: '******'/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) { OC_Log::write('saml', 'Invalid username "' . $uid . '", allowed chars "a-zA-Z0-9" and "_.@-" ', OC_Log::DEBUG); return false; } else { $random_password = random_password(); OC_Log::write('saml', 'Creating new user: '******'saml', 'Updating data of the user: ' . $uid, OC_Log::DEBUG); if (isset($saml_email)) { update_mail($uid, $saml_email); } if (isset($saml_groups)) { update_groups($uid, $saml_groups, $samlBackend->protectedGroups, false); } } } return true; } } return false; }
public static function update_user($uid, $attributes) { $casBackend = OC_USER_CAS::getInstance(); \OCP\Util::writeLog('cas', 'Updating data of the user: '******'cas', 'attr: ' . implode(",", $attributes), \OCP\Util::DEBUG); if (isset($attributes['cas_email'])) { update_mail($uid, $attributes['cas_email']); } if (isset($attributes['cas_name'])) { update_name($uid, $attributes['cas_name']); } if (isset($attributes['cas_groups'])) { update_groups($uid, $attributes['cas_groups'], $casBackend->protectedGroups, false); } }
public static function post_login($parameters) { $uid = $parameters['uid']; $wuid = $uid; $casBackend = new OC_USER_CAS(); $userDB = new OC_User_Database(); /* * Récupération des données du fichier config général /config/config.php */ $serveur_Search = OCP\Config::getSystemValue('serveur_Search', 'error'); $port = OCP\Config::getSystemValue('port', 'error'); $racineAMU = OCP\Config::getSystemValue('racineAMU', 'error'); $racineAMUGRP = OCP\Config::getSystemValue('racineAMUGRP', 'error'); $AMU_nuage_dn = OCP\Config::getSystemValue('AMU_nuage_dn', 'error'); $AMU_nuage_pw = OCP\Config::getSystemValue('AMU_nuage_pw', 'error'); $PQuota = OCP\Config::getSystemValue('PQuota', 'unManaged'); $EQuota = OCP\Config::getSystemValue('EQuota', 'unManaged'); $LDAP = new LDAP_Infos($serveur_Search, $AMU_nuage_dn, $AMU_nuage_pw, $racineAMUGRP, $racineAMUGRP); $restrictGrp = array("cn", "member"); /* * Récupération tableau Groupes * Si le tableau 'groupMapping' est vide pas de contrôle sur les groupes */ $AccesCloud = 0; OCP\Util::writeLog('user_cas', "Authentification (Mapping groups=" . $casBackend->groupMapping . ")", OCP\Util::DEBUG); if ($casBackend->groupMapping) { $wTabGrp = str_replace(array('<br>', '<br />', "\n", "\r"), array('@', '', '@', ''), $casBackend->groupMapping); $tabGRP = explode("@", $wTabGrp); $i = 0; $mesGroupes = array(); foreach ($tabGRP as $key => $value) { $ListeMembre = $LDAP->getMembersOfGroup($value, $restrictGrp); if (in_array($uid, $ListeMembre)) { $AccesCloudAMU = 1; } } } else { $AccesCloud = 1; } /* * Si pas d'acces, alors déconnexion */ if ($AccesCloud == 0) { /* * On vérifie si le compte utilisé est un compte local */ if (!$userDB->userExists($uid)) { OCP\Util::writeLog('user_cas', "Aucun droit d'accès pour l'utilisateur " . $uid, OCP\Util::ERROR); \OC_User::logout(); } else { OCP\Util::writeLog('user_cas', "Authentification locale pour l'utilisateur " . $uid, OCP\Util::DEBUG); OC::$REQUESTEDAPP = ''; OC_Util::redirectToDefaultPage(); exit(0); } } /** * Récupère les groupes liés à l'utilisateur avec la racine définie dans le formulaire 'cas_group_root' * Si 'cas_group_root' n'est pas renseingé => pas de récupération de groupes */ $mesGroupes = array(); OCP\Util::writeLog('user_cas', "Authentification (Racine Groupes LDAP=" . $casBackend->groupRoot . ")", OCP\Util::DEBUG); if ($casBackend->groupRoot) { $i = 0; $ListeGRP = $LDAP->getMemberOf($uid); $a = sizeof($ListeGRP); OCP\Util::writeLog('user_cas', "Taille=" . $a . " UID=" . $uid, OCP\Util::ERROR); OCP\Util::writeLog('user_cas', "Racine Groupe=" . $casBackend->groupRoot, OCP\Util::ERROR); foreach ($ListeGRP as $key => $value) { if (strstr($value, $casBackend->groupRoot)) { $mesGroupes[$i] = strtoupper(str_replace(':', '_', substr($value, 8))); OCP\Util::writeLog('user_cas', "Groupe[{$i}]=" . $mesGroupes[$i], OCP\Util::ERROR); $i++; } } } if (phpCAS::checkAuthentication()) { //$attributes = phpCAS::getAttributes(); $cas_uid = phpCAS::getUser(); if ($cas_uid == $uid) { /* * Récupération des information utilisateur (LDAP) */ $tabLdapUser = $LDAP->getUserInfo($uid); if ($tabLdapUser) { $DisplayName = $tabLdapUser['displayName']; } if (!$userDB->userExists($uid)) { if (preg_match('/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) { OCP\Util::writeLog('cas', 'Utilisateur invalide "' . $uid . '", caracteres autorises "a-zA-Z0-9" and "_.@-" ', OCP\Util::DEBUG); return false; } else { /* * Dans le cas d'une création */ $random_password = \OC_Util::generateRandomBytes(20); $userDB->createUser($uid, $tabLdapUser['userpassword']); $userDB->setDisplayName($uid, $DisplayName); /* * Mise à jour du quota si gestion dans fichier de configuration */ if ($EQuota != "unManaged" && $tabLdapUser['eduPersonPrimaryAffiliation'] == 'student') { update_quota($uid, $EQuota); } if ($PQuota != "unManaged" && $tabLdapUser['eduPersonPrimaryAffiliation'] != 'student') { update_quota($uid, $PQuota); } } } /* * Mise à jour des groupes associés */ if (sizeof($mesGroupes) > 0) { $cas_groups = $mesGroupes; update_groups($uid, $cas_groups, $casBackend->protectedGroups, true); } /* * Mise à jour du mail */ update_mail($uid, $tabLdapUser['Mail']); /* * Mise à jour du display name */ $userDB->setDisplayName($uid, $DisplayName); return true; } } return false; }
function update_user_data($uid, $attributes = array(), $just_created = false) { OC_Util::setupFS($uid); OCP\Util::writeLog('saml', 'Updating data of the user: '******'email'])) { update_mail($uid, $attributes['email']); } if (isset($attributes['groups'])) { update_groups($uid, $attributes['groups'], $attributes['protected_groups'], $just_created); } if (isset($attributes['display_name'])) { update_display_name($uid, $attributes['display_name']); } if (isset($attributes['quota'])) { update_quota($uid, $attributes['quota']); } }
public static function post_login($parameters) { $userid = $parameters['uid']; $samlBackend = new OC_USER_SAML(); if ($samlBackend->auth->isAuthenticated()) { $attributes = $samlBackend->auth->getAttributes(); $usernameFound = false; foreach ($samlBackend->usernameMapping as $usernameMapping) { if (array_key_exists($usernameMapping, $attributes) && !empty($attributes[$usernameMapping][0])) { $usernameFound = true; $uid = $attributes[$usernameMapping][0]; OC_Log::write('saml', 'Authenticated user ' . $uid, OC_Log::DEBUG); break; } } if ($usernameFound && $uid == $userid) { $attributes = $samlBackend->auth->getAttributes(); $saml_email = ''; foreach ($samlBackend->mailMapping as $mailMapping) { if (array_key_exists($mailMapping, $attributes) && !empty($attributes[$mailMapping][0])) { $saml_email = $attributes[$mailMapping][0]; break; } } $saml_display_name = ''; foreach ($samlBackend->displayNameMapping as $displayNameMapping) { if (array_key_exists($displayNameMapping, $attributes) && !empty($attributes[$displayNameMapping][0])) { $saml_display_name = $attributes[$displayNameMapping][0]; break; } } $saml_groups = array(); foreach ($samlBackend->groupMapping as $groupMapping) { if (array_key_exists($groupMapping, $attributes) && !empty($attributes[$groupMapping])) { $saml_groups = array_merge($saml_groups, $attributes[$groupMapping]); } } if (empty($saml_groups) && !empty($samlBackend->defaultGroup)) { $saml_groups = array($samlBackend->defaultGroup); OC_Log::write('saml', 'Using default group "' . $samlBackend->defaultGroup . '" for the user: '******'/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) { OC_Log::write('saml', 'Invalid username "' . $uid . '", allowed chars "a-zA-Z0-9" and "_.@-" ', OC_Log::DEBUG); return false; } else { $random_password = OC_Util::generate_random_bytes(20); OC_Log::write('saml', 'Creating new user: '******'saml', 'Updating data of the user: ' . $uid, OC_Log::DEBUG); if (isset($saml_email)) { update_mail($uid, $saml_email); } if (isset($saml_groups)) { update_groups($uid, $saml_groups, $samlBackend->protectedGroups, false); } if (isset($saml_display_name)) { update_display_name($uid, $saml_display_name); } } } return true; } } return false; }
<?php session_start(); include "inc/connect.php"; include "inc/functions.php"; if (!$_SESSION && !$_SESSION['user'] == "admin") { header('Location: index.php'); } $all_mail = get_mail($connexion); if ($_POST) { $add_id = nettoyage($_POST['id']); $add_mail = nettoyage($_POST['mail']); $add_date = nettoyage($_POST['date']); $add_privilege = nettoyage($_POST['privilege']); $result = update_mail($connexion, $add_id, $add_mail, $add_date, $add_privilege); header('Refresh: 2; URL=platform.php'); } include 'inc/template/header.php'; include 'inc/template/admin_page.php'; include 'inc/template/footer.php';