/** * checks if the user already get a session * @return the user login if the user already has a session ,false otherwise **/ function cas_is_authenticated() { global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri; global $PHPCAS_CLIENT; global $logout; if (!cas_configured()) { return; } if (!is_object($PHPCAS_CLIENT)) { phpCAS::client($cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri); phpCAS::setNoCasServerValidation(); } $auth = phpCAS::checkAuthentication(); if ($auth) { $login = trim(phpCAS::getUser()); /* Get user attributes. Here are the attributes for crdp platform sn => name ENTPersonMailInterne => mail ENTPersonAlias => login ENTPersonProfils => profil givenName => first name */ /*$user=phpCAS::getAttributes(); $firstName = trim($user['givenName']); $lastName = trim($user['sn']); $login = trim($user['ENTPersonAlias']); $profil = trim($user['ENTPersonProfils']); $email = trim($user['ENTPersonMailInterne']); $satus=5; switch ($profil){ case 'admin_etab': $status=3; //Session admin break; case 'admin_sie': $status=3; //Session admin break; case 'National_3': $status=1; // Teacher break; case 'National_1': $status=5; // Student break; default: $status=5; // Student }*/ if (!$logout) { // get user info from username $tab_user_info = UserManager::get_user_info($login); // user found in the chamilo database if (is_array($tab_user_info)) { // if option is on we update user automatically from ldap server if (api_get_setting("update_user_info_cas_with_ldap") == "true") { $ldapuser = extldap_authenticate($login, 'nopass', true); if ($ldap_user !== false) { $chamilo_user = extldap_get_chamilo_user($ldapuser); $chamilo_user['user_id'] = $tab_user_info['user_id']; $chamilo_user['status'] = $tab_user_info['status']; UserManager::update_user($chamilo_user["user_id"], $chamilo_user["firstname"], $chamilo_user["lastname"], $login, null, null, $chamilo_user["email"], $chamilo_user["status"], '', '', '', '', 1, null, 0, null, ''); } } return $login; } else { // if option is on we can ADD user automatically from ldap server or by modify own profil $user_added = false; switch (api_get_setting("cas_add_user_activate")) { case PLATFORM_AUTH_SOURCE: // user will have to modify firstname, lastname, email in chamilo profil edit $userdata = get_lang("EditInProfil"); UserManager::create_user($userdata, $userdata, '5', $userdata, $login, 'casplaceholder', '', '', '', '', CAS_AUTH_SOURCE); $user_added = $login; break; case LDAP_AUTH_SOURCE: // user info are read from ldap connexion // get user info from ldap server // user has already been authenticated by CAS // If user not found in LDAP, user not created $ldapuser = extldap_authenticate($login, 'nopass', true); if ($ldap_user !== false) { $chamilo_user = extldap_get_chamilo_user($ldapuser); $chamilo_user['username'] = $login; $chamilo_user['auth_source'] = CAS_AUTH_SOURCE; $chamilo_uid = external_add_user($chamilo_user); $user_added = $login; } break; default: break; } return $user_added; } } // //If the user is in the dokeos database and we are ,not in a logout request, we upgrade his infomration by ldap // if (! $logout){ // $user_table = Database::get_main_table(TABLE_MAIN_USER); // $sql = "SELECT user_id, username, password, auth_source, active, expiration_date ". // "FROM $user_table ". // "WHERE username = '******' "; // // $result = Database::query($sql,__FILE__,__LINE__); // if(mysql_num_rows($result) == 0) { // require_once(api_get_path(SYS_PATH).'main/inc/lib/usermanager.lib.php'); // $rnumber=rand(0,256000); // UserManager::create_user($firstName, $lastName, $status, $email, $login, md5('casplaceholder'.$rnumber), $official_code='',$language='',$phone='',$picture_uri='',$auth_source = PLATFORM_AUTH_SOURCE); // } // else { // $user = mysql_fetch_assoc($result); // $user_id = intval($user['user_id']); // //echo "deb : $status"; // UserManager::update_user ($user_id, $firstname, $lastname, $login, null, null, $email, $status, '', '', '', '', 1, null, 0, null,'') ; // // } // } return $login; } else { return false; } }
function ldap_add_user_by_array($data, $update_if_exists = true) { $lastname = api_convert_encoding($data['sn'][0], api_get_system_encoding(), 'UTF-8'); $firstname = api_convert_encoding($data['cn'][0], api_get_system_encoding(), 'UTF-8'); $email = $data['mail'][0]; // Get uid from dn $dn_array = ldap_explode_dn($data['dn'], 1); $username = $dn_array[0]; // uid is first key $outab[] = $data['edupersonprimaryaffiliation'][0]; // Here, "student" //$val = ldap_get_values_len($ds, $entry, "userPassword"); //$val = ldap_get_values_len($ds, $data, "userPassword"); //$password = $val[0]; // TODO the password, if encrypted at the source, will be encrypted twice, which makes it useless. Try to fix that. $password = $data['userPassword'][0]; $structure = $data['edupersonprimaryorgunitdn'][0]; $array_structure = explode(",", $structure); $array_val = explode("=", $array_structure[0]); $etape = $array_val[1]; $array_val = explode("=", $array_structure[1]); $annee = $array_val[1]; // To ease management, we add the step-year (etape-annee) code $official_code = $etape . "-" . $annee; $auth_source = 'ldap'; // No expiration date for students (recover from LDAP's shadow expiry) $expiration_date = '0000-00-00 00:00:00'; $active = 1; if (empty($status)) { $status = 5; } if (empty($phone)) { $phone = ''; } if (empty($picture_uri)) { $picture_uri = ''; } // Adding user $user_id = 0; if (UserManager::is_username_available($username)) { $user_id = UserManager::create_user($firstname, $lastname, $status, $email, $username, $password, $official_code, api_get_setting('platformLanguage'), $phone, $picture_uri, $auth_source, $expiration_date, $active); } else { if ($update_if_exists) { $user = UserManager::get_user_info($username); $user_id = $user['user_id']; UserManager::update_user($user_id, $firstname, $lastname, $username, null, null, $email, $status, $official_code, $phone, $picture_uri, $expiration_date, $active); } } return $user_id; }
/** * Adds a user to the Dokeos database or updates its data * @param string username (and uid inside LDAP) * @author Mustapha Alouani */ function ldap_add_user($login) { global $ldap_basedn, $ldap_host, $ldap_port, $ldap_rdn, $ldap_pass; $ds = ldap_connect($ldap_host, $ldap_port); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ds, LDAP_OPT_REFERRALS, 0); if ($ds) { $str_query = "(uid=" . $login . ")"; $r = false; $res = ldap_handle_bind($ds, $r); $sr = ldap_search($ds, $ldap_basedn, $str_query); //echo "Le nombre de resultats est : ".ldap_count_entries($ds,$sr)."<p>"; $info = ldap_get_entries($ds, $sr); for ($key = 0; $key < $info['count']; $key++) { $lastname = api_convert_encoding($info[$key]['sn'][0], api_get_system_encoding(), 'UTF-8'); $firstname = api_convert_encoding($info[$key]['givenname'][0], api_get_system_encoding(), 'UTF-8'); $email = $info[$key]['mail'][0]; // Get uid from dn $dn_array = ldap_explode_dn($info[$key]['dn'], 1); $username = $dn_array[0]; // uid is first key $outab[] = $info[$key]['edupersonprimaryaffiliation'][0]; // Ici "student" //$val = ldap_get_values_len($ds, $entry, "userPassword"); //$val = ldap_get_values_len($ds, $info[$key], "userPassword"); //$password = $val[0]; // TODO the password, if encrypted at the source, will be encrypted twice, which makes it useless. Try to fix that. $password = $info[$key]['userPassword'][0]; $structure = $info[$key]['edupersonprimaryorgunitdn'][0]; $array_structure = explode(",", $structure); $array_val = explode("=", $array_structure[0]); $etape = $array_val[1]; $array_val = explode("=", $array_structure[1]); $annee = $array_val[1]; // Pour faciliter la gestion on ajoute le code "etape-annee" $official_code = $etape . "-" . $annee; $auth_source = 'ldap'; // Pas de date d'expiration d'etudiant (a recuperer par rapport au shadow expire LDAP) $expiration_date = '0000-00-00 00:00:00'; $active = 1; if (empty($status)) { $status = 5; } if (empty($phone)) { $phone = ''; } if (empty($picture_uri)) { $picture_uri = ''; } // Ajout de l'utilisateur if (UserManager::is_username_available($username)) { $user_id = UserManager::create_user($firstname, $lastname, $status, $email, $username, $password, $official_code, api_get_setting('platformLanguage'), $phone, $picture_uri, $auth_source, $expiration_date, $active); } else { $user = UserManager::get_user_info($username); $user_id = $user['user_id']; UserManager::update_user($user_id, $firstname, $lastname, $username, null, null, $email, $status, $official_code, $phone, $picture_uri, $expiration_date, $active); } } } else { Display::display_error_message(get_lang('LDAPConnectionError')); } return $user_id; }
/** * * This file is included in main/inc/local.inc.php at user login if the user * have 'ws' in his auth_source field instead of 'platform'. */ use ChamiloSession as Session; // Configure the web service URL here. e.g. http://174.1.1.19:8020/login.asmx?WSDL $wsUrl = ''; // include common authentication functions require_once dirname(__FILE__) . '/functions.inc.php'; // call the login checker (defined below) $isValid = loginWSAuthenticate($login, $password, $wsUrl); // if the authentication was successful, proceed if ($isValid === 1) { //error_log('WS authentication worked'); $chamiloUser = UserManager::get_user_info($login); $loginFailed = false; $_user['user_id'] = $chamiloUser['user_id']; $_user['status'] = isset($chamiloUser['status']) ? $chamiloUser['status'] : 5; $_user['uidReset'] = true; Session::write('_user', $_user); $uidReset = true; $logging_in = true; Event::event_login($_user['user_id']); } else { //error_log('WS authentication error - user not approved by external WS'); $loginFailed = true; $uidReset = false; if (isset($_user) && isset($_user['user_id'])) { unset($_user['user_id']); }
function WSGetUserFromUsername($params) { global $debug; if ($debug) { error_log('WSGetUserFromUsername'); } if ($debug) { error_log('$params: ' . print_r($params, 1)); } if (!WSHelperVerifyKey($params)) { return return_error(WS_ERROR_SECRET_KEY); } $result = array(); // Get user id $user_data = UserManager::get_user_info($params['username']); if (empty($user_data)) { // If user was not found, there was a problem $result['user_id'] = ''; $result['firstname'] = ''; $result['lastname'] = ''; } else { $result['user_id'] = $user_data['user_id']; $result['firstname'] = $user_data['firstname']; $result['lastname'] = $user_data['lastname']; } return $result; }
/** * Insert users from an array of user fields */ function extldap_add_user_by_array($data, $update_if_exists = true) { global $extldap_user_correspondance; $lastname = api_convert_encoding($data[$extldap_user_correspondance['lastname']][0], api_get_system_encoding(), 'UTF-8'); $firstname = api_convert_encoding($data[$extldap_user_correspondance['firstname']][0], api_get_system_encoding(), 'UTF-8'); $email = $data[$extldap_user_correspondance['email']][0]; $username = $data[$extldap_user_correspondance['username']][0]; // TODO the password, if encrypted at the source, will be encrypted twice, which makes it useless. Try to fix that. $passwordKey = isset($extldap_user_correspondance['password']) ? $extldap_user_correspondance['password'] : '******'; $password = $data[$passwordKey][0]; // To ease management, we add the step-year (etape-annee) code //$official_code = $etape."-".$annee; $official_code = api_convert_encoding($data[$extldap_user_correspondance['official_code']][0], api_get_system_encoding(), 'UTF-8'); $auth_source = 'ldap'; // No expiration date for students (recover from LDAP's shadow expiry) $expiration_date = '0000-00-00 00:00:00'; $active = 1; if (empty($status)) { $status = 5; } if (empty($phone)) { $phone = ''; } if (empty($picture_uri)) { $picture_uri = ''; } // Adding user $user_id = 0; if (UserManager::is_username_available($username)) { //echo "$username\n"; $user_id = UserManager::create_user($firstname, $lastname, $status, $email, $username, $password, $official_code, api_get_setting('platformLanguage'), $phone, $picture_uri, $auth_source, $expiration_date, $active); } else { if ($update_if_exists) { $user = UserManager::get_user_info($username); $user_id = $user['user_id']; //echo "$username\n"; UserManager::update_user($user_id, $firstname, $lastname, $username, null, null, $email, $status, $official_code, $phone, $picture_uri, $expiration_date, $active); } } return $user_id; }
$outab[] = $info[$key]["edupersonprimaryaffiliation"][0]; // Ici "student" $val = ldap_get_values_len($ds, $sr, "userPassword"); $password = $val[0]; // Pour faciliter la gestion on ajoute le code "etape-annee" $official_code = $etape . "-" . $annee; $auth_source = "ldap"; // Pas de date d'expiration d'etudiant (a recuperer par rapport au shadow expire LDAP) $expiration_date = '0000-00-00 00:00:00'; $active = 1; // Ajout de l'utilisateur if (UserManager::is_username_available($username)) { $user_id = UserManager::create_user($firstname, $lastname, $status, $email, $username, $password, $official_code, api_get_setting('platformLanguage'), $phone, $picture_uri, $auth_source, $expiration_date, $active); $UserAdd[] = $user_id; } else { $user = UserManager::get_user_info($username); $user_id = $user['user_id']; UserManager::update_user($user_id, $firstname, $lastname, $username, null, null, $email, $status, $official_code, $phone, $picture_uri, $expiration_date, $active); $UserUpdate[] = $user_id; } $UserList[] = $user_id; } //} } if (isset($included) && $included) { $message .= "> {$name_session}: " . count($UserAdd) . " " . get_lang('Added') . ' ' . get_lang('And') . ' ' . count($UserUpdate) . ' ' . get_lang('Modified') . '<br/>'; } else { print "> {$name_session}: " . count($UserAdd) . get_lang('Added') . ' ' . get_lang('And') . ' ' . count($UserUpdate) . ' ' . get_lang('Modified') . "\n"; } // Une fois les utilisateurs importer dans la base des utilisateurs, on peux les affecter a� la session $result = Database::query("SELECT course_code FROM {$tbl_session_rel_course} " . "WHERE id_session='{$id_session}'");
/** * @depends testCreateUser */ public function testDelete_user2() { $user_info = UserManager::get_user_info('jmontoya666'); $this->assertSame(false, UserManager::delete_user($user_info['user_id'])); }