keeping tracked of the logged in user is no longer done by the active backend but by oc_user directly instead
multiply backends can be active at the same time, allowing alternative authentication procedures like openid or tokens to be used next to the regular user system
*
*/
-
+/**
+ * error code for functions not provided by the storage provider
+ */
+define('OC_USER_BACKEND_NOT_IMPLEMENTED',-501);
/**
* abstract base class for user management
* Creates a new user. Basic checking of username is done in OC_USER
* itself, not in its subclasses.
*/
- public static function createUser($uid, $password){}
+ public function createUser($uid, $password){
+ return OC_USER_BACKEND_NOT_IMPLEMENTED;
+ }
/**
* @brief delete a user
*
* Deletes a user
*/
- public static function deleteUser( $uid ){}
-
- /**
- * @brief Try to login a user
- * @param $uid The username of the user to log in
- * @param $password The password of the user
- * @returns true/false
- *
- * Log in a user - if the password is ok
- */
- public static function login($uid, $password){}
-
- /**
- * @brief Kick the user
- * @returns true
- *
- * Logout, destroys session
- */
- public static function logout(){}
-
- /**
- * @brief Check if the user is logged in
- * @returns true/false
- *
- * Checks if the user is logged in
- */
- public static function isLoggedIn(){}
-
- /**
- * @brief Autogenerate a password
- * @returns string
- *
- * generates a password
- */
- public static function generatePassword(){}
+ public function deleteUser( $uid ){
+ return OC_USER_BACKEND_NOT_IMPLEMENTED;
+ }
/**
* @brief Set password
*
* Change the password of a user
*/
- public static function setPassword($uid, $password){}
+ public function setPassword($uid, $password){
+ return OC_USER_BACKEND_NOT_IMPLEMENTED;
+ }
/**
* @brief Check if the password is correct
*
* Check if the password is correct without logging in the user
*/
- public static function checkPassword($uid, $password){}
+ public function checkPassword($uid, $password){
+ return OC_USER_BACKEND_NOT_IMPLEMENTED;
+ }
/**
* @brief Get a list of all users
*
* Get a list of all users.
*/
- public static function getUsers(){}
+ public function getUsers(){
+ return OC_USER_BACKEND_NOT_IMPLEMENTED;
+ }
+
+ /**
+ * @brief check if a user exists
+ * @param string $uid the username
+ * @return boolean
+ */
+ public function userExists($uid){
+ return OC_USER_BACKEND_NOT_IMPLEMENTED;
+ }
}
* Creates a new user. Basic checking of username is done in OC_USER
* itself, not in its subclasses.
*/
- public static function createUser( $uid, $password ){
- // Check if the user already exists
- $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" );
- $result = $query->execute( array( $uid ));
-
- if ( $result->numRows() > 0 ){
+ public function createUser( $uid, $password ){
+ if( $this->userExists($uid) ){
return false;
}
else{
*
* Deletes a user
*/
- public static function deleteUser( $uid ){
+ public function deleteUser( $uid ){
// Delete user-group-relation
$query = OC_DB::prepare( "DELETE FROM `*PREFIX*users` WHERE uid = ?" );
$result = $query->execute( array( $uid ));
return true;
}
- /**
- * @brief Try to login a user
- * @param $uid The username of the user to log in
- * @param $password The password of the user
- * @returns true/false
- *
- * Log in a user - if the password is ok
- */
- public static function login( $uid, $password ){
- // Query
- $query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" );
- $result = $query->execute( array( $uid, sha1( $password )));
-
- if( $result->numRows() > 0 ){
- // Set username if name and password are known
- $row = $result->fetchRow();
- $_SESSION['user_id'] = $row["uid"];
- OC_LOG::add( "core", $_SESSION['user_id'], "login" );
- return true;
- }
- else{
- return false;
- }
- }
-
- /**
- * @brief Kick the user
- * @returns true
- *
- * Logout, destroys session
- */
- public static function logout(){
- OC_LOG::add( "core", $_SESSION['user_id'], "logout" );
- $_SESSION['user_id'] = false;
-
- return true;
- }
-
- /**
- * @brief Check if the user is logged in
- * @returns true/false
- *
- * Checks if the user is logged in
- */
- public static function isLoggedIn() {
- if( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ){
- return true;
- }
- else{
- return false;
- }
- }
-
- /**
- * @brief Autogenerate a password
- * @returns string
- *
- * generates a password
- */
- public static function generatePassword(){
- return uniqId();
- }
-
/**
* @brief Set password
* @param $uid The username
*
* Change the password of a user
*/
- public static function setPassword( $uid, $password ){
- // Check if the user already exists
- $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" );
- $result = $query->execute( array( $uid ));
-
- if( $result->numRows() > 0 ){
+ public function setPassword( $uid, $password ){
+ if( $this->userExists($uid) ){
$query = OC_DB::prepare( "UPDATE *PREFIX*users SET password = ? WHERE uid = ?" );
$result = $query->execute( array( sha1( $password ), $uid ));
*
* Check if the password is correct without logging in the user
*/
- public static function checkPassword( $uid, $password ){
+ public function checkPassword( $uid, $password ){
$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users WHERE uid = ? AND password = ?" );
$result = $query->execute( array( $uid, sha1( $password )));
*
* Get a list of all users.
*/
- public static function getUsers(){
+ public function getUsers(){
$query = OC_DB::prepare( "SELECT uid FROM *PREFIX*users" );
$result = $query->execute();
}
return $users;
}
+
+ /**
+ * @brief check if a user exists
+ * @param string $uid the username
+ * @return boolean
+ */
+ public function userExists($uid){
+ $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" );
+ $result = $query->execute( array( $uid ));
+
+ return $result->numRows() > 0;
+ }
}
$error=(count(OC_UTIL::checkServer())>0);
-OC_USER::setBackend( OC_CONFIG::getValue( "userbackend", "database" ));
+OC_USER::useBackend( OC_CONFIG::getValue( "userbackend", "database" ));
OC_GROUP::setBackend( OC_CONFIG::getValue( "groupbackend", "database" ));
// Set up file system unless forbidden
*/
class OC_USER {
// The backend used for user management
- private static $_backend = null;
+ private static $_usedBackends = array();
// Backends available (except database)
private static $_backends = array();
public static function getBackends(){
return self::$_backends;
}
+
+ /**
+ * @brief gets used backends
+ * @returns array of backends
+ *
+ * Returns the names of all used backends.
+ */
+ public static function getUsedBackends(){
+ return array_keys(self::$_usedBackends);
+ }
/**
- * @brief Sets the backend
+ * @brief Adds the backend to the list of used backends
* @param $backend default: database The backend to use for user managment
* @returns true/false
*
* Set the User Authentication Module
*/
- public static function setBackend( $backend = 'database' ){
+ public static function useBackend( $backend = 'database' ){
// You'll never know what happens
if( null === $backend OR !is_string( $backend )){
$backend = 'database';
case 'mysql':
case 'sqlite':
require_once('User/database.php');
- self::$_backend = new OC_USER_DATABASE();
+ self::$_usedBackends[$backend] = new OC_USER_DATABASE();
break;
default:
$className = 'OC_USER_' . strToUpper($backend);
- self::$_backend = new $className();
+ self::$_usedBackends[$backend] = new $className();
break;
}
return false;
}
// Check if user already exists
- if( in_array( $uid, self::getUsers())){
+ if( self::userExists($uid) ){
return false;
}
$run = true;
OC_HOOK::emit( "OC_USER", "pre_createUser", array( "run" => &$run, "uid" => $uid, "password" => $password ));
- if( $run && self::$_backend->createUser( $uid, $password )){
- OC_HOOK::emit( "OC_USER", "post_createUser", array( "uid" => $uid, "password" => $password ));
- return true;
- }
- else{
- return false;
+ if( $run ){
+ //create the user in the first backend that supports creating users
+ foreach(self::$_usedBackends as $backend){
+ $result=$backend->createUser($uid,$password);
+ if($result!==OC_USER_BACKEND_NOT_IMPLEMENTED){
+ OC_HOOK::emit( "OC_USER", "post_createUser", array( "uid" => $uid, "password" => $password ));
+ return true;
+ }
+ }
}
+ return false;
}
/**
$run = true;
OC_HOOK::emit( "OC_USER", "pre_deleteUser", array( "run" => &$run, "uid" => $uid ));
- if( $run && self::$_backend->deleteUser( $uid )){
+ if( $run ){
+ //delete the user from all backends
+ foreach(self::$_usedBackends as $backend){
+ $backend->deleteUser($uid);
+ }
// We have to delete the user from all groups
foreach( OC_GROUP::getUserGroups( $uid ) as $i ){
OC_GROUP::removeFromGroup( $uid, $i );
$run = true;
OC_HOOK::emit( "OC_USER", "pre_login", array( "run" => &$run, "uid" => $uid ));
- if( $run && self::$_backend->login( $uid, $password )){
+ if( $run && self::checkPassword( $uid, $password )){
+ $_SESSION['user_id'] = $uid;
+ OC_LOG::add( "core", $_SESSION['user_id'], "login" );
OC_HOOK::emit( "OC_USER", "post_login", array( "uid" => $uid ));
return true;
}
*/
public static function logout(){
OC_HOOK::emit( "OC_USER", "logout", array());
- return self::$_backend->logout();
+ OC_LOG::add( "core", $_SESSION['user_id'], "logout" );
+ $_SESSION['user_id'] = false;
+ return true;
}
/**
* Checks if the user is logged in
*/
public static function isLoggedIn(){
- return self::$_backend->isLoggedIn();
+ if( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ){
+ return true;
+ }
+ else{
+ return false;
+ }
}
/**
* generates a password
*/
public static function generatePassword(){
- return substr( md5( uniqId().time()), 0, 10 );
+ return uniqId();
}
/**
$run = true;
OC_HOOK::emit( "OC_USER", "pre_setPassword", array( "run" => &$run, "uid" => $uid, "password" => $password ));
- if( $run && self::$_backend->setPassword( $uid, $password )){
+ if( $run ){
+ foreach(self::$_usedBackends as $backend){
+ if($backend->userExists($uid)){
+ $backend->setPassword($uid,$password);
+ }
+ }
OC_HOOK::emit( "OC_USER", "post_setPassword", array( "uid" => $uid, "password" => $password ));
return true;
}
* Check if the password is correct without logging in the user
*/
public static function checkPassword( $uid, $password ){
- return self::$_backend->checkPassword( $uid, $password );
+ foreach(self::$_usedBackends as $backend){
+ $result=$backend->checkPassword( $uid, $password );
+ if($result===true){
+ return true;
+ }
+ }
}
/**
* Get a list of all users.
*/
public static function getUsers(){
- return self::$_backend->getUsers();
+ $users=array();
+ foreach(self::$_usedBackends as $backend){
+ $result=$backend->getUsers();
+ if($result!=OC_USER_BACKEND_NOT_IMPLEMENTED){
+ $users=array_merge($users,$result);
+ }
+ }
+ return $users;
+ }
+
+ /**
+ * @brief check if a user exists
+ * @param string $uid the username
+ * @return boolean
+ */
+ public static function userExists($uid){
+ foreach(self::$_usedBackends as $backend){
+ $result=$backend->userExists($uid);
+ if($result===true){
+ return true;
+ }
+ }
+ return false;
}
}