1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
<?php
use dokuwiki\Extension\AuthPlugin;
use dokuwiki\Extension\RemotePlugin;
use dokuwiki\Remote\AccessDeniedException;
use dokuwiki\Remote\RemoteException;
/**
* DokuWiki Plugin usermanager (Action Component)
*
* @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
* @author Chris Smith <chris@jalakai.co.uk>
*/
class remote_plugin_usermanager extends RemotePlugin
{
/**
* Create a new user
*
* If no password is provided, a password is auto generated. If the user can't be created
* by the auth backend a return value of `false` is returned. You need to check this return
* value rather than relying on the error code only.
*
* Superuser permission are required to create users.
*
* @param string $user The user's login name
* @param string $name The user's full name
* @param string $mail The user's email address
* @param string[] $groups The groups the user should be in
* @param string $password The user's password, empty for autogeneration
* @param bool $notify Whether to send a notification email to the user
* @return bool Wether the user was successfully created
* @throws AccessDeniedException
* @throws RemoteException
* @todo handle error messages from auth backend
*/
public function createUser($user, $name, $mail, $groups, $password = '', $notify = false)
{
if (!auth_isadmin()) {
throw new AccessDeniedException('Only admins are allowed to create users', 114);
}
/** @var AuthPlugin $auth */
global $auth;
if (!$auth->canDo('addUser')) {
throw new AccessDeniedException(
sprintf('Authentication backend %s can\'t do addUser', $auth->getPluginName()),
404
);
}
$user = trim($auth->cleanUser($user));
$name = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/', '', $name));
$mail = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/', '', $mail));
if ($user === '') throw new RemoteException('empty or invalid user', 401);
if ($name === '') throw new RemoteException('empty or invalid user name', 402);
if (!mail_isvalid($mail)) throw new RemoteException('empty or invalid mail address', 403);
if ((string)$password === '') {
try {
$password = auth_pwgen($user);
} catch (\Exception $e) {
throw new RemoteException('Could not generate password', 405);
}
}
if (!is_array($groups) || $groups === []) {
$groups = null;
}
$ok = (bool)$auth->triggerUserMod('create', [$user, $password, $name, $mail, $groups]);
if ($ok && $notify) {
auth_sendPassword($user, $password);
}
return $ok;
}
/**
* Remove a user
*
* You need to be a superuser to delete users.
*
* @param string[] $user The login name of the user to delete
* @return bool wether the user was successfully deleted
* @throws AccessDeniedException
* @todo handle error messages from auth backend
*/
public function deleteUser($user)
{
if (!auth_isadmin()) {
throw new AccessDeniedException('Only admins are allowed to delete users', 114);
}
global $auth;
if (!$auth->canDo('delUser')) {
throw new AccessDeniedException(
sprintf('Authentication backend %s can\'t do delUser', $auth->getPluginName()),
404
);
}
/** @var AuthPlugin $auth */
global $auth;
return (bool)$auth->triggerUserMod('delete', [[$user]]);
}
}
|
