From 9fe46ef0937d91c50f8cb2578437bfd740e8c49c Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Mon, 19 Jul 2010 21:33:29 +0200 Subject: [PATCH] OC_USER now is an abstract class (OC_USER_ABSTRACT) At start the choosen user manager is created (e.g. OC_USER_DATABASE, OC_USER_LDAP) and put into the global variable `$userManager`. This is the variable to use instead of `OC_USER` class. TODO: A better name than $userManager? --- inc/User/database.php | 26 +++++----- inc/User/ldap.php | 3 +- inc/User/mod_auth.php | 4 +- inc/lib_base.php | 87 ++++++++++++++++++++------------ inc/lib_config.php | 115 +++++++++++++++++++++++------------------- inc/lib_user.php | 98 ++++++----------------------------- 6 files changed, 154 insertions(+), 179 deletions(-) diff --git a/inc/User/database.php b/inc/User/database.php index d0bcf56fa96..c4239eb07cd 100755 --- a/inc/User/database.php +++ b/inc/User/database.php @@ -21,13 +21,15 @@ * */ +require_once $SERVERROOT . '/inc/lib_user.php'; + /** * Class for usermanagement in a SQL Database (e.g. MySQL, SQLite) * */ -class OC_USER_Database extends OC_USER { +class OC_USER_DATABASE extends OC_USER_ABSTRACT { /** * Check if the login button is pressed and logg the user in @@ -35,7 +37,7 @@ class OC_USER_Database extends OC_USER { */ public static function loginLisener() { if ( isset($_POST['loginbutton']) AND isset($_POST['password']) AND isset($_POST['login']) ) { - if ( OC_USER::login($_POST['login'], $_POST['password']) ) { + if ( self::login($_POST['login'], $_POST['password']) ) { echo 1; OC_LOG::event($_SESSION['username'], 1, ''); echo 2; @@ -62,7 +64,7 @@ class OC_USER_Database extends OC_USER { public static function createUser($username, $password) { global $CONFIG_DBTABLEPREFIX; - if ( 0 !== OC_USER::getUserId($username, true) ) { + if ( 0 !== self::getUserId($username, true) ) { return false; } else { $usernameClean = strtolower($username); @@ -132,7 +134,7 @@ class OC_USER_Database extends OC_USER { public static function createGroup($groupName) { global $CONFIG_DBTABLEPREFIX; - if ( 0 === OC_USER::getGroupId($groupName, true) ) { + if ( 0 === self::getGroupId($groupName, true) ) { $groupName = OC_DB::escape($groupName); $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupName')"; $result = OC_DB::query($query); @@ -223,8 +225,8 @@ class OC_USER_Database extends OC_USER { public static function inGroup($username, $groupName) { global $CONFIG_DBTABLEPREFIX; - $userId = OC_USER::getUserId($username); - $groupId = OC_USER::getGroupId($groupName); + $userId = self::getUserId($username); + $groupId = self::getGroupId($groupName); if ( ($groupId > 0) AND ($userId > 0) ) { $query = "SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupId' AND user_id = '$userId';"; $result = OC_DB::select($query); @@ -245,9 +247,9 @@ class OC_USER_Database extends OC_USER { public static function addToGroup($username, $groupName) { global $CONFIG_DBTABLEPREFIX; - if ( !OC_USER::inGroup($username, $groupName) ) { - $userId = OC_USER::getuserid($username); - $groupId = OC_USER::getgroupid($groupName); + if ( !self::inGroup($username, $groupName) ) { + $userId = self::getuserid($username); + $groupId = self::getgroupid($groupName); if ( (0 !== $groupId) AND (0 !== $userId) ) { $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userId', '$groupId');"; $result = OC_DB::query($query); @@ -275,14 +277,14 @@ class OC_USER_Database extends OC_USER { public static function getUserGroups($username) { global $CONFIG_DBTABLEPREFIX; - $userId = OC_USER::getUserId($username); + $userId = self::getUserId($username); $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userId'"; $result = OC_DB::select($query); $groups = array(); if ( is_array($result) ) { foreach ( $result as $group ) { $groupId = $group['group_id']; - $groups[] = OC_USER::getGroupName($groupId); + $groups[] = self::getGroupName($groupId); } } @@ -297,7 +299,7 @@ class OC_USER_Database extends OC_USER { global $CONFIG_DBTABLEPREFIX; $password = sha1($password); - $userId = OC_USER::getUserId($username); + $userId = self::getUserId($username); $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userId'"; $result = OC_DB::query($query); diff --git a/inc/User/ldap.php b/inc/User/ldap.php index 37ca441fc07..9ce36975bd3 100755 --- a/inc/User/ldap.php +++ b/inc/User/ldap.php @@ -21,7 +21,8 @@ * */ -require_once 'mod_auth.php'; +require_once $SERVERROOT . '/inc/lib_user.php'; +require_once $SERVERROOT . '/inc/User/mod_auth.php'; diff --git a/inc/User/mod_auth.php b/inc/User/mod_auth.php index 059bb7b5aaa..8bab4394a5d 100755 --- a/inc/User/mod_auth.php +++ b/inc/User/mod_auth.php @@ -21,13 +21,15 @@ * */ +require_once $SERVERROOT . '/inc/lib_user.php'; + /** * Class for usermanagement in a SQL Database (e.g. MySQL, SQLite) * */ -class OC_USER_MOD_AUTH extends OC_USER { +class OC_USER_MOD_AUTH extends OC_USER_ABSTRACT { /** * Check if the login button is pressed and logg the user in diff --git a/inc/lib_base.php b/inc/lib_base.php index df6df15cc23..7068aad3f4e 100755 --- a/inc/lib_base.php +++ b/inc/lib_base.php @@ -48,20 +48,20 @@ if($WEBROOT!='' and $WEBROOT[0]!=='/'){ // set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config'); // define default config values -$CONFIG_INSTALLED=false; -$CONFIG_DATADIRECTORY=$SERVERROOT.'/data'; -$CONFIG_BACKUPDIRECTORY=$SERVERROOT.'/backup'; -$CONFIG_HTTPFORCESSL=false; -$CONFIG_ENABLEBACKUP=false; -$CONFIG_DATEFORMAT='j M Y G:i'; -$CONFIG_DBNAME='owncloud'; -$CONFIG_DBTYPE='sqlite'; +$CONFIG_INSTALLED = false; +$CONFIG_DATADIRECTORY = $SERVERROOT . '/data'; +$CONFIG_BACKUPDIRECTORY = $SERVERROOT . '/backup'; +$CONFIG_HTTPFORCESSL = false; +$CONFIG_ENABLEBACKUP = false; +$CONFIG_DATEFORMAT = 'j M Y G:i'; +$CONFIG_DBNAME = 'owncloud'; +$CONFIG_DBTYPE = 'sqlite'; // include the generated configfile -@include_once($SERVERROOT.'/config/config.php'); +@include_once($SERVERROOT . '/config/config.php'); - -$CONFIG_DATADIRECTORY_ROOT=$CONFIG_DATADIRECTORY;// store this in a seperate variable so we can change the data directory to jail users. +// Store this in a seperate variable so we can change the data directory to jail users. +$CONFIG_DATADIRECTORY_ROOT = $CONFIG_DATADIRECTORY; // redirect to https site if configured if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){ if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') { @@ -86,10 +86,33 @@ oc_require_once('lib_connect.php'); oc_require_once('lib_remotestorage.php'); + +// Load the choosen user manager +if ( isset($CONFIG_BACKEND) ) { + switch ( $CONFIG_BACKEND ) { + case 'mysql': + case 'sqlite': + require_once 'User/database.php'; + $userManager = new OC_USER_DATABASE(); + break; + case 'ldap': + require_once 'User/ldap.php'; + $userManager = new OC_USER_LDAP(); + break; + default: + require_once 'User/database.php'; + $userManager = new OC_USER_DATABASE(); + break; + } +} else { + require_once 'User/database.php'; + $userManager = new OC_USER_DATABASE(); +} + if(!is_dir($CONFIG_DATADIRECTORY_ROOT)){ @mkdir($CONFIG_DATADIRECTORY_ROOT) or die("Can't create data directory ($CONFIG_DATADIRECTORY_ROOT), you can usually fix this by setting the owner of '$SERVERROOT' to the user that the web server uses (www-data for debian/ubuntu)"); } -if(OC_USER::isLoggedIn()){ +if ( $userManager::isLoggedIn() ) { //jail the user in a seperate data folder $CONFIG_DATADIRECTORY=$CONFIG_DATADIRECTORY_ROOT.'/'.$_SESSION['username_clean']; if(!is_dir($CONFIG_DATADIRECTORY)){ @@ -128,11 +151,11 @@ if(isset($plugins[0])) foreach($plugins as $plugin) require_once($SERVERROOT.'/p // check if the server is correctly configured for ownCloud -OC_UTIL::checkserver(); +OC_UTIL::checkServer(); // listen for login or logout actions -OC_USER::logoutlisener(); -$loginresult=OC_USER::loginlisener(); +$userManager::logoutLisener(); +$loginresult = $userManager::loginLisener(); /** * Class for utility functions @@ -262,25 +285,27 @@ class OC_UTIL { * show the main navigation * */ - public static function showNavigation(){ - global $WEBROOT; - global $SERVERROOT; - echo(''); - echo(''); - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo(''); else echo(''); + public static function showNavigation(){ + global $WEBROOT; + global $SERVERROOT; + global $userManager; - foreach(OC_UTIL::$NAVIGATION as $NAVI) { - if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo(''); else echo(''); - } + echo('
'.$_SESSION['username'].'FilesFiles'.$NAVI['name'].''.$NAVI['name'].'
'); + echo(''); + if ($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo(''); else echo(''); + + foreach(OC_UTIL::$NAVIGATION as $NAVI) { + if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo(''); else echo(''); + } - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo(''); else echo(''); - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo(''); else echo(''); - if(OC_USER::ingroup($_SESSION['username'],'admin')){ - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo(''); else echo(''); + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo(''); else echo(''); + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo(''); else echo(''); + if ( $userManager::inGroup($_SESSION['username'], 'admin') ) { + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo(''); else echo(''); + } + echo(''); + echo('
'.$_SESSION['username'].'FilesFiles'.$NAVI['name'].''.$NAVI['name'].'LogLogSettingsSettingsAdmin PanelAdmin PanelLogLogSettingsSettingsAdmin PanelAdmin PanelLogout
'); } - echo('Logout'); - echo(''); - } /** diff --git a/inc/lib_config.php b/inc/lib_config.php index ff4ead8b6be..8418cd574e7 100644 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -1,5 +1,7 @@ '; }else{ if(isset($_POST['changepass']) and $_POST['changepass']==1){ @@ -95,7 +107,7 @@ class OC_CONFIG{ if(!isset($_POST['password2']) or empty($_POST['password2'])) $error.='retype password not set
'; if($_POST['password']<>$_POST['password2'] ) $error.='passwords are not the same
'; if(empty($error)){ - if(!OC_USER::setpassword($_SESSION['username'],$_POST['password'])){ + if(!$userManager::setpassword($_SESSION['username'],$_POST['password'])){ $error.='error while trying to set password
'; } } @@ -143,11 +155,13 @@ class OC_CONFIG{ */ public static function writeAdminLisener(){ global $CONFIG_INSTALLED; + global $userManager; + $allow=false; if(!$CONFIG_INSTALLED){ $allow=true; - }elseif(OC_USER::isLoggedIn()){ - if(OC_USER::ingroup($_SESSION['username'],'admin')){ + }elseif($userManager::isLoggedIn()){ + if($userManager::ingroup($_SESSION['username'],'admin')){ $allow=true; } } @@ -170,7 +184,7 @@ class OC_CONFIG{ $error=''; $FIRSTRUN=!$CONFIG_INSTALLED; if(!$FIRSTRUN){ - if(!OC_USER::login($_SESSION['username'],$_POST['currentpassword'])){ + if(!$userManager::login($_SESSION['username'],$_POST['currentpassword'])){ $error.='wrong password
'; } } @@ -248,15 +262,15 @@ class OC_CONFIG{ } } if($FIRSTRUN){ - if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){ + if(!$userManager::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !$userManager::login($_POST['adminlogin'],$_POST['adminpassword'])){ $error.='error while trying to create the admin user
'; } - if(OC_USER::getgroupid('admin')==0){ - if(!OC_USER::creategroup('admin')){ + if($userManager::getgroupid('admin')==0){ + if(!$userManager::creategroup('admin')){ $error.='error while trying to create the admin group
'; } } - if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){ + if(!$userManager::addtogroup($_POST['adminlogin'],'admin')){ $error.='error while trying to add the admin user to the admin group
'; } } @@ -365,6 +379,3 @@ class OC_CONFIG{ } } } -?> - - diff --git a/inc/lib_user.php b/inc/lib_user.php index 09ab1a3ddb5..394377984cb 100755 --- a/inc/lib_user.php +++ b/inc/lib_user.php @@ -43,158 +43,92 @@ if ( !isset($_SESSION['group_id_cache']) ) { * Class for user management * */ -class OC_USER { - - public static $classType; +abstract class OC_USER_ABSTRACT { /** * Check if the login button is pressed and logg the user in * */ - public static function loginLisener() { - return self::$classType->loginLisener(); - } + abstract public static function loginLisener(); /** * Try to create a new user * */ - public static function createUser($username, $password) { - return self::$classType->createUser($username, $password); - } + abstract public static function createUser($username, $password); /** * Try to login a user * */ - public static function login($username, $password) { - return self::$classType->login($username, $password); - } + abstract public static function login($username, $password); /** * Check if the logout button is pressed and logout the user * */ - public static function logoutLisener() { - return self::$classType->logoutLisener(); - } + abstract public static function logoutLisener(); /** * Check if a user is logged in * */ - public static function isLoggedIn() { - return self::$classType->isLoggedIn(); - } + abstract public static function isLoggedIn(); /** * Try to create a new group * */ - public static function createGroup($groupName) { - return self::$classType->createGroup($groupName); - } + abstract public static function createGroup($groupName); /** * Get the ID of a user * */ - public static function getUserId($username, $noCache=false) { - return self::$classType->getUserId($username, $noCache); - } + abstract public static function getUserId($username, $noCache=false); /** * Get the ID of a group * */ - public static function getGroupId($groupName, $noCache=false) { - return self::$classType->getGroupId($groupName, $noCache); - } + abstract public static function getGroupId($groupName, $noCache=false); /** * Get the name of a group * */ - public static function getGroupName($groupId, $noCache=false) { - return self::$classType->getGroupName($groupId, $noCache); - } + abstract public static function getGroupName($groupId, $noCache=false); /** * Check if a user belongs to a group * */ - public static function inGroup($username, $groupName) { - return self::$classType->inGroup($username, $groupName); - } + abstract public static function inGroup($username, $groupName); /** * Add a user to a group * */ - public static function addToGroup($username, $groupName) { - return self::$classType->addToGroup($username, $groupName); - } + abstract public static function addToGroup($username, $groupName); - public static function generatePassword() { - return uniqId(); - } + abstract public static function generatePassword(); /** * Get all groups the user belongs to * */ - public static function getUserGroups($username) { - return self::$classType->getUserGroups($username); - } + abstract public static function getUserGroups($username); /** * Set the password of a user * */ - public static function setPassword($username, $password) { - return self::$classType->setPassword($username, $password); - } + abstract public static function setPassword($username, $password); /** * Check the password of a user * */ - public static function checkPassword($username, $password) { - return self::$classType->checkPassword($username, $password); - } - -} - - + abstract public static function checkPassword($username, $password); -/** - * Funtion to set the User Authentication Module - */ -function set_OC_USER() { - global $CONFIG_BACKEND; - - if ( isset($CONFIG_BACKEND) ) { - switch ( $CONFIG_BACKEND ) { - case 'mysql': - case 'sqlite': - require_once 'User/database.php'; - OC_USER::$classType = new OC_USER_Database(); - break; - case 'ldap': - require_once 'User/ldap.php'; - OC_USER::$classType = new OC_USER_LDAP(); - break; - default: - require_once 'User/database.php'; - OC_USER::$classType = new OC_USER_Database(); - break; - } - } else { - require_once 'User/database.php'; - OC_USER::$classType = new OC_USER_Database(); - } } - - - -set_OC_USER(); -- 2.39.5