diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2016-01-30 00:09:45 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2016-01-30 00:09:45 +0100 |
| commit | 70a89417b85aed070861be4f936ffa8844eb63dd (patch) | |
| tree | 4dd4a9991862a419724c0c7e616730c092c1cfe4 /lib/plugins | |
| parent | f64dbc90055403db700941e4691ea451bb971cef (diff) | |
| download | dokuwiki-70a89417b85aed070861be4f936ffa8844eb63dd.tar.gz dokuwiki-70a89417b85aed070861be4f936ffa8844eb63dd.zip | |
added user group selection
Diffstat (limited to 'lib/plugins')
| -rw-r--r-- | lib/plugins/authpdo/_test/sqlite.test.php | 8 | ||||
| -rw-r--r-- | lib/plugins/authpdo/auth.php | 83 | ||||
| -rw-r--r-- | lib/plugins/authpdo/conf/default.php | 14 |
3 files changed, 87 insertions, 18 deletions
diff --git a/lib/plugins/authpdo/_test/sqlite.test.php b/lib/plugins/authpdo/_test/sqlite.test.php index b60072d94..dd667a5d5 100644 --- a/lib/plugins/authpdo/_test/sqlite.test.php +++ b/lib/plugins/authpdo/_test/sqlite.test.php @@ -24,6 +24,8 @@ class sqlite_plugin_authpdo_test extends DokuWikiTest { $conf['plugin']['authpdo']['select-user'] = 'SELECT id as uid, login as user, name, pass as clear, mail FROM user WHERE login = :user'; + $conf['plugin']['authpdo']['select-user-groups'] = 'SELECT * FROM member AS m, "group" AS g WHERE m.gid = g.id AND m.uid = :uid'; + } public function tearDown() { @@ -45,5 +47,11 @@ class sqlite_plugin_authpdo_test extends DokuWikiTest { $this->assertFalse($auth->checkPass('admin', 'password')); $this->assertFalse($auth->checkPass('user', md5('password'))); + // access user data + $info = $auth->getUserData('admin'); + $this->assertEquals('admin', $info['user']); + $this->assertEquals('The Admin', $info['name']); + $this->assertEquals('admin@example.com', $info['mail']); + $this->assertEquals(array('admin','user'), $info['grps']); } } diff --git a/lib/plugins/authpdo/auth.php b/lib/plugins/authpdo/auth.php index 1325bdcff..26e7f0d98 100644 --- a/lib/plugins/authpdo/auth.php +++ b/lib/plugins/authpdo/auth.php @@ -38,7 +38,8 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin { $this->getConf('user'), $this->getConf('pass'), array( - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC + PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, // always fetch as array + PDO::ATTR_EMULATE_PREPARES => true, // emulating prepares allows us to reuse param names ) ); } catch(PDOException $e) { @@ -107,8 +108,11 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin { $data = $this->_selectUser($user); if($data == false) return false; - if($requireGroups) { + if(isset($data['hash'])) unset($data['hash']); + if(isset($data['clean'])) unset($data['clean']); + if($requireGroups) { + $data['grps'] = $this->_selectUserGroups($data); } return $data; @@ -304,20 +308,10 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin { protected function _selectUser($user) { $sql = $this->getConf('select-user'); - try { - $sth = $this->pdo->prepare($sql); - $sth->execute(array(':user' => $user)); - $result = $sth->fetchAll(); - $sth->closeCursor(); - $sth = null; - } catch(PDOException $e) { - $this->_debug($e); - $result = array(); - } - $found = count($result); - if($found == 0) return false; + $result = $this->query($sql, array(':user' => $user)); + if(!$result) return false; - if($found > 1) { + if(count($result) > 1) { $this->_debug('Found more than one matching user', -1, __LINE__); return false; } @@ -347,6 +341,65 @@ class auth_plugin_authpdo extends DokuWiki_Auth_Plugin { } /** + * Select all groups of a user + * + * @param array $userdata The userdata as returned by _selectUser() + * @return array + */ + protected function _selectUserGroups($userdata) { + global $conf; + $sql = $this->getConf('select-user-groups'); + + $result = $this->query($sql, $userdata); + + $groups = array($conf['defaultgroup']); // always add default config + if($result) foreach($result as $row) { + if(!isset($row['group'])) continue; + $groups[] = $row['group']; + } + + $groups = array_unique($groups); + sort($groups); + return $groups; + } + + /** + * Executes a query + * + * @param string $sql The SQL statement to execute + * @param array $arguments Named parameters to be used in the statement + * @return array|bool The result as associative array + */ + protected function query($sql, $arguments) { + // prepare parameters - we only use those that exist in the SQL + $params = array(); + foreach($arguments as $key => $value) { + if(is_array($value)) continue; + if(is_object($value)) continue; + if($key[0] != ':') $key = ":$key"; // prefix with colon if needed + if(strpos($sql, $key) !== false) $params[$key] = $value; + } + + // execute + try { + $sth = $this->pdo->prepare($sql); + $sth->execute($params); + $result = $sth->fetchAll(); + if((int) $sth->errorCode()) { + $this->_debug(join(' ',$sth->errorInfo()), -1, __LINE__); + $result = false; + } + $sth->closeCursor(); + $sth = null; + } catch(PDOException $e) { + $this->_debug($e); + $result = false; + } + return $result; + } + + + /** * Wrapper around msg() but outputs only when debug is enabled * * @param string|Exception $message diff --git a/lib/plugins/authpdo/conf/default.php b/lib/plugins/authpdo/conf/default.php index 22f8369d0..74a17c4ea 100644 --- a/lib/plugins/authpdo/conf/default.php +++ b/lib/plugins/authpdo/conf/default.php @@ -13,9 +13,17 @@ $conf['user'] = ''; $conf['pass'] = ''; /** - * statement to select a single user identified by its login name given as :user + * statement to select a single user identified by its login name * - * return; user, name, mail, (clear|hash), [uid] - * other fields are returned but not used + * input: :user + * return: user, name, mail, (clear|hash), [uid], [*] */ $conf['select-user'] = ''; + +/** + * Select all the group names a user is member of + * + * input: :user, [:uid], [*] + * return: group + */ +$conf['select-user-group'] = ''; |