search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
more work on user and group cleaning
[dokuwiki/radio.git] / inc / auth / plain.class.php
blob3983a7d444e9782566c286836217ac2a708d280f
1 <?php
2 /**
3 * Plaintext authentication backend
4 *
5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
6 * @author Andreas Gohr <andi@splitbrain.org>
7 * @author Chris Smith <chris@jalakai.co.uk>
8 */
9
10 define('DOKU_AUTH', dirname(__FILE__));
11 require_once(DOKU_AUTH.'/basic.class.php');
12
13 define('AUTH_USERFILE',DOKU_CONF.'users.auth.php');
14
15 class auth_plain extends auth_basic {
16
17 var $users = null;
18 var $_pattern = array();
19
20 /**
21 * Constructor
22 *
23 * Carry out sanity checks to ensure the object is
24 * able to operate. Set capabilities.
25 *
26 * @author Christopher Smith <chris@jalakai.co.uk>
27 */
28 function auth_plain() {
29 if (!@is_readable(AUTH_USERFILE)){
30 $this->success = false;
31 }else{
32 if(@is_writable(AUTH_USERFILE)){
33 $this->cando['addUser'] = true;
34 $this->cando['delUser'] = true;
35 $this->cando['modLogin'] = true;
36 $this->cando['modPass'] = true;
37 $this->cando['modName'] = true;
38 $this->cando['modMail'] = true;
39 $this->cando['modGroups'] = true;
40 }
41 $this->cando['getUsers'] = true;
42 $this->cando['getUserCount'] = true;
43 }
44 }
45
46 /**
47 * Check user+password [required auth function]
48 *
49 * Checks if the given user exists and the given
50 * plaintext password is correct
51 *
52 * @author Andreas Gohr <andi@splitbrain.org>
53 * @return bool
54 */
55 function checkPass($user,$pass){
56
57 $userinfo = $this->getUserData($user);
58 if ($userinfo === false) return false;
59
60 return auth_verifyPassword($pass,$this->users[$user]['pass']);
61 }
62
63 /**
64 * Return user info
65 *
66 * Returns info about the given user needs to contain
67 * at least these fields:
68 *
69 * name string full name of the user
70 * mail string email addres of the user
71 * grps array list of groups the user is in
72 *
73 * @author Andreas Gohr <andi@splitbrain.org>
74 */
75 function getUserData($user){
76
77 if($this->users === null) $this->_loadUserData();
78 return isset($this->users[$user]) ? $this->users[$user] : false;
79 }
80
81 /**
82 * Create a new User
83 *
84 * Returns false if the user already exists, null when an error
85 * occurred and true if everything went well.
86 *
87 * The new user will be added to the default group by this
88 * function if grps are not specified (default behaviour).
89 *
90 * @author Andreas Gohr <andi@splitbrain.org>
91 * @author Chris Smith <chris@jalakai.co.uk>
92 */
93 function createUser($user,$pwd,$name,$mail,$grps=null){
94 global $conf;
95
96 // user mustn't already exist
97 if ($this->getUserData($user) !== false) return false;
98
99 $pass = auth_cryptPassword($pwd);
100
101 // set default group if no groups specified
102 if (!is_array($grps)) $grps = array($conf['defaultgroup']);
103
104 // prepare user line
105 $groups = join(',',$grps);
106 $userline = join(':',array($user,$pass,$name,$mail,$groups))."\n";
107
108 if (io_saveFile(AUTH_USERFILE,$userline,true)) {
109 $this->users[$user] = compact('pass','name','mail','grps');
110 return $pwd;
111 }
112
113 msg('The '.AUTH_USERFILE.' file is not writable. Please inform the Wiki-Admin',-1);
114 return null;
115 }
116
117 /**
118 * Modify user data
119 *
120 * @author Chris Smith <chris@jalakai.co.uk>
121 * @param $user nick of the user to be changed
122 * @param $changes array of field/value pairs to be changed (password will be clear text)
123 * @return bool
124 */
125 function modifyUser($user, $changes) {
126 global $conf;
127 global $ACT;
128 global $INFO;
129
130 // sanity checks, user must already exist and there must be something to change
131 if (($userinfo = $this->getUserData($user)) === false) return false;
132 if (!is_array($changes) || !count($changes)) return true;
133
134 // update userinfo with new data, remembering to encrypt any password
135 $newuser = $user;
136 foreach ($changes as $field => $value) {
137 if ($field == 'user') {
138 $newuser = $value;
139 continue;
140 }
141 if ($field == 'pass') $value = auth_cryptPassword($value);
142 $userinfo[$field] = $value;
143 }
144
145 $groups = join(',',$userinfo['grps']);
146 $userline = join(':',array($newuser, $userinfo['pass'], $userinfo['name'], $userinfo['mail'], $groups))."\n";
147
148 if (!$this->deleteUsers(array($user))) {
149 msg('Unable to modify user data. Please inform the Wiki-Admin',-1);
150 return false;
151 }
152
153 if (!io_saveFile(AUTH_USERFILE,$userline,true)) {
154 msg('There was an error modifying your user data. You should register again.',-1);
155 // FIXME, user has been deleted but not recreated, should force a logout and redirect to login page
156 $ACT == 'register';
157 return false;
158 }
159
160 $this->users[$newuser] = $userinfo;
161 return true;
162 }
163
164 /**
165 * Remove one or more users from the list of registered users
166 *
167 * @author Christopher Smith <chris@jalakai.co.uk>
168 * @param array $users array of users to be deleted
169 * @return int the number of users deleted
170 */
171 function deleteUsers($users) {
172
173 if (!is_array($users) || empty($users)) return 0;
174
175 if ($this->users === null) $this->_loadUserData();
176
177 $deleted = array();
178 foreach ($users as $user) {
179 if (isset($this->users[$user])) $deleted[] = preg_quote($user,'/');
180 }
181
182 if (empty($deleted)) return 0;
183
184 $pattern = '/^('.join('|',$deleted).'):/';
185
186 if (io_deleteFromFile(AUTH_USERFILE,$pattern,true)) {
187 foreach ($deleted as $user) unset($this->users[$user]);
188 return count($deleted);
189 }
190
191 // problem deleting, reload the user list and count the difference
192 $count = count($this->users);
193 $this->_loadUserData();
194 $count -= count($this->users);
195 return $count;
196 }
197
198 /**
199 * Return a count of the number of user which meet $filter criteria
200 *
201 * @author Chris Smith <chris@jalakai.co.uk>
202 */
203 function getUserCount($filter=array()) {
204
205 if($this->users === null) $this->_loadUserData();
206
207 if (!count($filter)) return count($this->users);
208
209 $count = 0;
210 $this->_constructPattern($filter);
211
212 foreach ($this->users as $user => $info) {
213 $count += $this->_filter($user, $info);
214 }
215
216 return $count;
217 }
218
219 /**
220 * Bulk retrieval of user data
221 *
222 * @author Chris Smith <chris@jalakai.co.uk>
223 * @param start index of first user to be returned
224 * @param limit max number of users to be returned
225 * @param filter array of field/pattern pairs
226 * @return array of userinfo (refer getUserData for internal userinfo details)
227 */
228 function retrieveUsers($start=0,$limit=0,$filter=array()) {
229
230 if ($this->users === null) $this->_loadUserData();
231
232 ksort($this->users);
233
234 $i = 0;
235 $count = 0;
236 $out = array();
237 $this->_constructPattern($filter);
238
239 foreach ($this->users as $user => $info) {
240 if ($this->_filter($user, $info)) {
241 if ($i >= $start) {
242 $out[$user] = $info;
243 $count++;
244 if (($limit > 0) && ($count >= $limit)) break;
245 }
246 $i++;
247 }
248 }
249
250 return $out;
251 }
252
253 /**
254 * Only valid pageid's (no namespaces) for usernames
255 */
256 function cleanUser($user){
257 global $conf;
258 return cleanID(str_replace(':',$conf['sepchar'],$user));
259 }
260
261 /**
262 * Only valid pageid's (no namespaces) for groupnames
263 */
264 function cleanGroup($user){
265 global $conf;
266 return cleanID(str_replace(':',$conf['sepchar'],$group));
267 }
268
269 /**
270 * Load all user data
271 *
272 * loads the user file into a datastructure
273 *
274 * @author Andreas Gohr <andi@splitbrain.org>
275 */
276 function _loadUserData(){
277 $this->users = array();
278
279 if(!@file_exists(AUTH_USERFILE)) return;
280
281 $lines = file(AUTH_USERFILE);
282 foreach($lines as $line){
283 $line = preg_replace('/#.*$/','',$line); //ignore comments
284 $line = trim($line);
285 if(empty($line)) continue;
286
287 $row = explode(":",$line,5);
288 $groups = array_values(array_filter(explode(",",$row[4])));
289
290 $this->users[$row[0]]['pass'] = $row[1];
291 $this->users[$row[0]]['name'] = urldecode($row[2]);
292 $this->users[$row[0]]['mail'] = $row[3];
293 $this->users[$row[0]]['grps'] = $groups;
294 }
295 }
296
297 /**
298 * return 1 if $user + $info match $filter criteria, 0 otherwise
299 *
300 * @author Chris Smith <chris@jalakai.co.uk>
301 */
302 function _filter($user, $info) {
303 // FIXME
304 foreach ($this->_pattern as $item => $pattern) {
305 if ($item == 'user') {
306 if (!preg_match($pattern, $user)) return 0;
307 } else if ($item == 'grps') {
308 if (!count(preg_grep($pattern, $info['grps']))) return 0;
309 } else {
310 if (!preg_match($pattern, $info[$item])) return 0;
311 }
312 }
313 return 1;
314 }
315
316 function _constructPattern($filter) {
317 $this->_pattern = array();
318 foreach ($filter as $item => $pattern) {
319 // $this->_pattern[$item] = '/'.preg_quote($pattern,"/").'/i'; // don't allow regex characters
320 $this->_pattern[$item] = '/'.str_replace('/','\/',$pattern).'/i'; // allow regex characters
321 }
322 }
323 }
324
325 //Setup VIM: ex: et ts=2 enc=utf-8 :