Jannis Moßhammer
Marius Hein
parent
da43813de9
commit
3199f21f29
|
|
@ -1,83 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
use Icinga\Exception;
|
||||
use Zend_Session_Namespace as SessionNamespace;
|
||||
|
||||
class Auth
|
||||
{
|
||||
protected static $instance;
|
||||
protected $userInfo;
|
||||
protected $session;
|
||||
|
||||
final private function __construct()
|
||||
{
|
||||
$this->session = new SessionNamespace('IcingaAuth');
|
||||
}
|
||||
|
||||
public static function getInstance()
|
||||
{
|
||||
if (self::$instance === null) {
|
||||
self::$instance = new Auth();
|
||||
}
|
||||
return self::$instance;
|
||||
}
|
||||
|
||||
public function isAuthenticated()
|
||||
{
|
||||
if ($this->userInfo === null) {
|
||||
if ($sessionInfo = $this->session->userInfo) {
|
||||
$this->userInfo = $sessionInfo;
|
||||
}
|
||||
}
|
||||
return is_object($this->userInfo) && ! empty($this->userInfo->username);
|
||||
}
|
||||
|
||||
public function getUsername()
|
||||
{
|
||||
$this->assertIsAuthenticated();
|
||||
return $this->userInfo->username;
|
||||
}
|
||||
|
||||
public function getEmail()
|
||||
{
|
||||
$this->assertIsAuthenticated();
|
||||
return $this->userInfo->email;
|
||||
}
|
||||
|
||||
public function setAuthenticatedUser(User $user)
|
||||
{
|
||||
$this->userInfo = (object) array(
|
||||
'username' => $user->username,
|
||||
'permissions' => $user->getPermissionList(),
|
||||
'email' => $user->email,
|
||||
);
|
||||
$this->session->userInfo = $this->userInfo;
|
||||
}
|
||||
|
||||
public function forgetAuthentication()
|
||||
{
|
||||
unset($this->session->userInfo);
|
||||
$this->userInfo = null;
|
||||
}
|
||||
|
||||
public function hasPermission($route, $flags = 0x01)
|
||||
{
|
||||
$this->assertBeingAuthenticated();
|
||||
if (! array_key_exists($route, $this->userInfo->permissions)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $this->userInfo->permissions[$route] & $flags === $flags;
|
||||
}
|
||||
|
||||
protected function assertIsAuthenticated()
|
||||
{
|
||||
if (! $this->isAuthenticated()) {
|
||||
throw new Exception\ProgrammingError(
|
||||
'Cannot fetch properties of a non-authenticated user'
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1,4 +1,6 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Icinga\Authentication\Backend;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,57 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
use Icinga\Protocol\Ldap;
|
||||
|
||||
class LdapUserBackend extends UserBackend
|
||||
{
|
||||
protected $connection;
|
||||
|
||||
protected function init()
|
||||
{
|
||||
$this->connection = new Ldap\Connection($this->config);
|
||||
}
|
||||
|
||||
public function hasUsername($username)
|
||||
{
|
||||
if (! $username) {
|
||||
return false;
|
||||
}
|
||||
return $this->connection->fetchOne(
|
||||
$this->selectUsername($username)
|
||||
) === $username;
|
||||
}
|
||||
|
||||
protected function stripAsterisks($string)
|
||||
{
|
||||
return str_replace('*', '', $string);
|
||||
}
|
||||
|
||||
protected function selectUsername($username)
|
||||
{
|
||||
return $this->connection->select()
|
||||
->from('user', array('sAMAccountName'))
|
||||
->where('sAMAccountName', $this->stripAsterisks($username));
|
||||
}
|
||||
|
||||
public function authenticate($username, $password = null)
|
||||
{
|
||||
if (empty($username) || empty($password)) {
|
||||
return false;
|
||||
}
|
||||
if (! $this->connection->testCredentials(
|
||||
$this->connection->fetchDN($this->selectUsername($username)),
|
||||
$password
|
||||
)) {
|
||||
return false;
|
||||
}
|
||||
$user = User::create(
|
||||
$this,
|
||||
array(
|
||||
'username' => $username,
|
||||
)
|
||||
);
|
||||
return $user;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,5 +1,6 @@
|
|||
<?php
|
||||
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,203 +0,0 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Icinga Authentication Storable class
|
||||
*
|
||||
* @package Icinga\Authentication
|
||||
*/
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
/**
|
||||
* This class represents an abstract storable object
|
||||
*
|
||||
* Use this only for objects with unique identifiers. Do not persist such
|
||||
* objects, they shall be loaded at each request. Storable doesn't care about
|
||||
* race conditions and doesn't care about the current data in your backend.
|
||||
*
|
||||
* @copyright Copyright (c) 2013 Icinga-Web Team <info@icinga.org>
|
||||
* @author Icinga-Web Team <info@icinga.org>
|
||||
* @package Icinga\Application
|
||||
* @license http://www.gnu.org/copyleft/gpl.html GNU General Public License
|
||||
*/
|
||||
abstract class Storable
|
||||
{
|
||||
protected $key;
|
||||
|
||||
/**
|
||||
* Current Storable properties
|
||||
*/
|
||||
protected $props;
|
||||
|
||||
/**
|
||||
* Default property values for this Storable
|
||||
*
|
||||
* All allowed properties have to be defined here, otherwise they will be
|
||||
* rejected
|
||||
*/
|
||||
protected $defaultProps = array();
|
||||
|
||||
/**
|
||||
* Properties as they have been once loaded from backend
|
||||
*/
|
||||
protected $storedProps = array();
|
||||
|
||||
/**
|
||||
* Whether this storable has been stored in the current state
|
||||
*/
|
||||
protected $stored = false;
|
||||
|
||||
/**
|
||||
* Create a new Storable instance, with data loaded from backend
|
||||
*
|
||||
* You should NEVER directly use this function unless you are absolutely
|
||||
* sure on what you are doing.
|
||||
*
|
||||
* @param Backend The backend used to load this object from
|
||||
* @param Array Property array
|
||||
* @return Storable
|
||||
*/
|
||||
public static function create(UserBackend $backend, $props = array())
|
||||
{
|
||||
$class = get_called_class();
|
||||
$object = new $class($props);
|
||||
return $object;
|
||||
}
|
||||
|
||||
/**
|
||||
* Override this function for custom cross-value checks before storing it
|
||||
*
|
||||
* @return boolean Whether the Storable is valid
|
||||
*/
|
||||
public function isValid()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* The constructor is protected, you should never override it
|
||||
*
|
||||
* Use the available hooks for all the things you need to do at construction
|
||||
* time
|
||||
*
|
||||
* @param Array Property array
|
||||
* @return void
|
||||
*/
|
||||
final protected function __construct($properties = array())
|
||||
{
|
||||
$this->assertKeyHasBeenDefined();
|
||||
$this->props = $this->defaultProps;
|
||||
foreach ($properties as $key => $val) {
|
||||
$this->set($key, $val);
|
||||
}
|
||||
$this->assertKeyExists();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Get property value, fail unless it exists
|
||||
*
|
||||
* @param string Property name
|
||||
* @return mixed
|
||||
*/
|
||||
public function get($key)
|
||||
{
|
||||
$this->assertPropertyExists($key);
|
||||
return $this->props[$key];
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set property value, fail unless it exists
|
||||
*
|
||||
* @param string Property name
|
||||
* @param mixed New property value
|
||||
* @return Storable
|
||||
*/
|
||||
protected function set($key, $val)
|
||||
{
|
||||
$this->assertPropertyExists($key);
|
||||
$this->props[$key] = $val;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Getter
|
||||
*
|
||||
* @param string Property name
|
||||
* @return mixed
|
||||
*/
|
||||
public function __get($key)
|
||||
{
|
||||
return $this->get($key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Setter
|
||||
*
|
||||
* @param string Property name
|
||||
* @param mixed New property value
|
||||
* @return void
|
||||
*/
|
||||
public function __set($key, $val)
|
||||
{
|
||||
$this->set($key, $val);
|
||||
}
|
||||
|
||||
/**
|
||||
* Whether the given property name exist
|
||||
*
|
||||
* @param string Property name
|
||||
* @return boolean
|
||||
*/
|
||||
public function __isset($key)
|
||||
{
|
||||
return array_key_exists($key, $this->props);
|
||||
}
|
||||
|
||||
/**
|
||||
* Makes sure that the Storable got it's unique key
|
||||
*
|
||||
* @throws \Exception
|
||||
* @return Storable
|
||||
*/
|
||||
protected function assertKeyExists()
|
||||
{
|
||||
return $this->assertPropertyExists($this->key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Makes sure the given property is allowed
|
||||
*
|
||||
* @throws \Exception
|
||||
* @return Storable
|
||||
*/
|
||||
protected function assertPropertyExists($key)
|
||||
{
|
||||
if (! array_key_exists($key, $this->props)) {
|
||||
throw new \Exception(
|
||||
sprintf(
|
||||
'Storable (%s) has no "%s" property',
|
||||
get_class($this),
|
||||
$key
|
||||
)
|
||||
);
|
||||
}
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Makes sure that the class inheriting Storable defined it's key column
|
||||
*
|
||||
* @throws \Exception
|
||||
* @return Storable
|
||||
*/
|
||||
protected function assertKeyHasBeenDefined()
|
||||
{
|
||||
if ($this->key === null) {
|
||||
throw new \Exception(
|
||||
'Implementation error, Storable needs a valid key'
|
||||
);
|
||||
}
|
||||
return $this;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,4 +1,6 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
/**
|
||||
* Icinga Authentication User class
|
||||
|
|
|
|||
|
|
@ -1,4 +1,7 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}}
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
<?php
|
||||
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Tests\Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,67 @@
|
|||
<?php
|
||||
|
||||
namespace Tests\Icinga\Authentication;
|
||||
/**
|
||||
*
|
||||
* Test class for Credentials
|
||||
* Created Mon, 10 Jun 2013 07:54:34 +0000
|
||||
*
|
||||
**/
|
||||
class CredentialsTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
|
||||
/**
|
||||
* Test for Credentials::GetUsername()
|
||||
*
|
||||
**/
|
||||
public function testGetUsername()
|
||||
{
|
||||
$this->markTestIncomplete('testGetUsername is not implemented yet');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test for Credentials::SetUsername()
|
||||
*
|
||||
**/
|
||||
public function testSetUsername()
|
||||
{
|
||||
$this->markTestIncomplete('testSetUsername is not implemented yet');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test for Credentials::GetPassword()
|
||||
*
|
||||
**/
|
||||
public function testGetPassword()
|
||||
{
|
||||
$this->markTestIncomplete('testGetPassword is not implemented yet');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test for Credentials::SetPassword()
|
||||
*
|
||||
**/
|
||||
public function testSetPassword()
|
||||
{
|
||||
$this->markTestIncomplete('testSetPassword is not implemented yet');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test for Credentials::GetDomain()
|
||||
*
|
||||
**/
|
||||
public function testGetDomain()
|
||||
{
|
||||
$this->markTestIncomplete('testGetDomain is not implemented yet');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test for Credentials::SetDomain()
|
||||
*
|
||||
**/
|
||||
public function testSetDomain()
|
||||
{
|
||||
$this->markTestIncomplete('testSetDomain is not implemented yet');
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,6 +1,10 @@
|
|||
<?php
|
||||
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Tests\Icinga\Authentication;
|
||||
|
||||
/**
|
||||
*
|
||||
* Test class for Ldapuserbackend
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
<?php
|
||||
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Tests\Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,6 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Tests\Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
<?php
|
||||
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
|
||||
namespace Tests\Icinga\Authentication;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue