search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #4165 from dokuwiki/bot/autofix
[dokuwiki.git] / lib / plugins / usermanager / remote.php
blobd18259a27dd4f8b3ced515a807714c8e653d03cf
1 <?php
2
3 use dokuwiki\Extension\AuthPlugin;
4 use dokuwiki\Extension\RemotePlugin;
5 use dokuwiki\Remote\AccessDeniedException;
6 use dokuwiki\Remote\RemoteException;
7
8 /**
9 * DokuWiki Plugin usermanager (Action Component)
10 *
11 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
12 * @author Chris Smith <chris@jalakai.co.uk>
13 */
14 class remote_plugin_usermanager extends RemotePlugin
15 {
16 /**
17 * Create a new user
18 *
19 * If no password is provided, a password is auto generated. If the user can't be created
20 * by the auth backend a return value of `false` is returned. You need to check this return
21 * value rather than relying on the error code only.
22 *
23 * Superuser permission are required to create users.
24 *
25 * @param string $user The user's login name
26 * @param string $name The user's full name
27 * @param string $mail The user's email address
28 * @param string[] $groups The groups the user should be in
29 * @param string $password The user's password, empty for autogeneration
30 * @param bool $notify Whether to send a notification email to the user
31 * @return bool Wether the user was successfully created
32 * @throws AccessDeniedException
33 * @throws RemoteException
34 * @todo handle error messages from auth backend
35 */
36 public function createUser($user, $name, $mail, $groups, $password = '', $notify = false)
37 {
38 if (!auth_isadmin()) {
39 throw new AccessDeniedException('Only admins are allowed to create users', 114);
40 }
41
42 /** @var AuthPlugin $auth */
43 global $auth;
44
45 if (!$auth->canDo('addUser')) {
46 throw new AccessDeniedException(
47 sprintf('Authentication backend %s can\'t do addUser', $auth->getPluginName()),
48 404
49 );
50 }
51
52 $user = trim($auth->cleanUser($user));
53 $name = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/', '', $name));
54 $mail = trim(preg_replace('/[\x00-\x1f:<>&%,;]+/', '', $mail));
55
56 if ($user === '') throw new RemoteException('empty or invalid user', 401);
57 if ($name === '') throw new RemoteException('empty or invalid user name', 402);
58 if (!mail_isvalid($mail)) throw new RemoteException('empty or invalid mail address', 403);
59
60 if ((string)$password === '') {
61 try {
62 $password = auth_pwgen($user);
63 } catch (\Exception $e) {
64 throw new RemoteException('Could not generate password', 405);
65 }
66 }
67
68 if (!is_array($groups) || $groups === []) {
69 $groups = null;
70 }
71
72 $ok = (bool)$auth->triggerUserMod('create', [$user, $password, $name, $mail, $groups]);
73
74 if ($ok && $notify) {
75 auth_sendPassword($user, $password);
76 }
77
78 return $ok;
79 }
80
81
82 /**
83 * Remove a user
84 *
85 * You need to be a superuser to delete users.
86 *
87 * @param string[] $user The login name of the user to delete
88 * @return bool wether the user was successfully deleted
89 * @throws AccessDeniedException
90 * @todo handle error messages from auth backend
91 */
92 public function deleteUser($user)
93 {
94 if (!auth_isadmin()) {
95 throw new AccessDeniedException('Only admins are allowed to delete users', 114);
96 }
97
98 global $auth;
99 if (!$auth->canDo('delUser')) {
100 throw new AccessDeniedException(
101 sprintf('Authentication backend %s can\'t do delUser', $auth->getPluginName()),
102 404
103 );
104 }
105
106 /** @var AuthPlugin $auth */
107 global $auth;
108 return (bool)$auth->triggerUserMod('delete', [[$user]]);
109 }
110 }