diff options
author | Simon Rettberg | 2015-06-03 14:26:22 +0200 |
---|---|---|
committer | Simon Rettberg | 2015-06-03 14:26:22 +0200 |
commit | 5136f6622e7ca87695c158a31cb8e78299f1967a (patch) | |
tree | 554c58c63fdbf58401fcf4e49ac9685e1eff9634 | |
parent | Add AddUser mask for creating test accounts (diff) | |
download | bwlp-webadmin-5136f6622e7ca87695c158a31cb8e78299f1967a.tar.gz bwlp-webadmin-5136f6622e7ca87695c158a31cb8e78299f1967a.tar.xz bwlp-webadmin-5136f6622e7ca87695c158a31cb8e78299f1967a.zip |
Allow registration, add support for creating test accounts, rename satellite to organization
-rw-r--r-- | inc/image.inc.php | 10 | ||||
-rw-r--r-- | inc/user.inc.php | 51 | ||||
-rw-r--r-- | index.php | 8 | ||||
-rw-r--r-- | modules/adduser.inc.php | 4 | ||||
-rw-r--r-- | modules/main.inc.php | 16 | ||||
-rw-r--r-- | modules/register.inc.php | 31 | ||||
-rw-r--r-- | templates/main/deploy.html | 15 | ||||
-rw-r--r-- | templates/sharemode/remove.html | 4 |
8 files changed, 127 insertions, 12 deletions
diff --git a/inc/image.inc.php b/inc/image.inc.php index 2c0ec74..5b8f077 100644 --- a/inc/image.inc.php +++ b/inc/image.inc.php @@ -9,6 +9,16 @@ class Image return false; return Database::exec('DELETE FROM image WHERE ownerid = :userid', array('userid' => $userid)); } + + public static function getImageCount($login) + { + $ret = Database::queryFirst('SELECT Count(*) AS cnt FROM image ' + . ' INNER JOIN user ON (image.ownerid = user.userid) ' + . ' WHERE user.login = :login', array('login' => $login)); + if ($ret === false) + return 0; + return $ret['cnt']; + } } diff --git a/inc/user.inc.php b/inc/user.inc.php index 3325421..c09e936 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -60,6 +60,13 @@ class User return self::$user['firstname'] . ' ' . self::$user['lastname']; } + public static function getFirstName() + { + if (!self::isLoggedIn()) + return false; + return self::$user['firstname']; + } + public static function getLastName() { if (!self::isLoggedIn()) @@ -87,6 +94,11 @@ class User ), true); } + /** + * Organization ID used locally in our DB + * + * @return string + */ public static function getOrganizationId() { $org = self::getOrganization(); @@ -103,6 +115,11 @@ class User return $org['name']; } + /** + * Organization ID as supplied by shibboleth + * + * @return string + */ public static function getRemoteOrganizationId() { if (empty(self::$user['organization'])) @@ -115,8 +132,8 @@ class User if (!self::isLoggedIn()) return false; if (is_null(self::$organization)) { - self::$organization = Database::queryFirst('SELECT organizationid, name FROM satellite_suffix ' - . ' INNER JOIN satellite USING (organizationid) ' + self::$organization = Database::queryFirst('SELECT organizationid, name FROM organization_suffix ' + . ' INNER JOIN organization USING (organizationid) ' . ' WHERE suffix = :org LIMIT 1', array('org' => self::$user['organization'])); } return self::$organization; @@ -194,21 +211,44 @@ class User return true; } - public static function deploy($anonymous) + public static function deploy($anonymous, $existingLogin = false) { if (empty(self::$user['shibid'])) Util::traceError('NO SHIBID'); + + // Merging with test-account: + if (!empty($existingLogin)) { + if ($anonymous) { + $ret = Database::exec("UPDATE user SET shibid = :shibid, firstname = '', lastname = '', email = '', password = '' " + . " WHERE login = :login LIMIT 1", array( + 'shibid' => self::$user['shibid'], + 'login' => $existingLogin + )); + } else { + $ret = Database::exec("UPDATE user SET shibid = :shibid, password = '', firstname = :firstname, lastname = :lastname, email = :email " + . " WHERE login = :login LIMIT 1", array( + 'shibid' => self::$user['shibid'], + 'login' => $existingLogin, + 'firstname' => self::$user['firstname'], + 'lastname' => self::$user['lastname'], + 'email' => self::$user['email'] + )); + } + return $ret > 0; + } + + // New account if ($anonymous) { Database::exec("INSERT INTO user (shibid, login, organizationid, firstname, lastname, email) " . " VALUES (:shibid, :shibid, :org, '', '', '') " - . " ON DUPLICATE KEY UPDATE firstname = '', lastname = '', email = ''", array( + . " ON DUPLICATE KEY UPDATE firstname = '', lastname = '', email = '', password = ''", array( 'shibid' => self::$user['shibid'], 'org' => self::getOrganizationId() )); } else { Database::exec("INSERT INTO user (shibid, login, organizationid, firstname, lastname, email) " . " VALUES (:shibid, :shibid, :org, :firstname, :lastname, :email) " - . " ON DUPLICATE KEY UPDATE firstname = VALUES(firstname), lastname = VALUES(lastname), email = VALUES(email)", array( + . " ON DUPLICATE KEY UPDATE firstname = VALUES(firstname), lastname = VALUES(lastname), email = VALUES(email), password = ''", array( 'shibid' => self::$user['shibid'], 'firstname' => self::$user['firstname'], 'lastname' => self::$user['lastname'], @@ -216,6 +256,7 @@ class User 'org' => self::getOrganizationId() )); } + return true; } public static function updatePassword($pass) @@ -2,12 +2,18 @@ $dest = @readlink($_SERVER['SCRIPT_FILENAME']); if (!empty($dest) && $dest !== $_SERVER['SCRIPT_FILENAME']) { - //error_log($dest . ' !== ' . $_SERVER['SCRIPT_FILENAME'] . ', chdir to ' . dirname($dest)); chdir(dirname($dest)); } require_once 'config.php'; +if (defined('CONFIG_FORCE_DOMAIN')) { + if (!empty($_SERVER['SERVER_NAME']) && strcasecmp($_SERVER['SERVER_NAME'], CONFIG_FORCE_DOMAIN) !== 0) { + Header('HTTP/1.1 400 Bad Request'); + die('<h1>Bad Request</h1>'); + } +} + /** * Page class which all "modules" must be extending from diff --git a/modules/adduser.inc.php b/modules/adduser.inc.php index fc0dfa7..f27717b 100644 --- a/modules/adduser.inc.php +++ b/modules/adduser.inc.php @@ -40,7 +40,7 @@ class Page_AddUser extends Page $suffix = $organizationid; $login .= "@$suffix"; } - $ok = Database::queryFirst('SELECT organizationid FROM satellite_suffix WHERE organizationid = :o AND suffix = :s LIMIT 1', array( + $ok = Database::queryFirst('SELECT organizationid FROM organization_suffix WHERE organizationid = :o AND suffix = :s LIMIT 1', array( 'o' => $organizationid, 's' => $suffix )); @@ -66,7 +66,7 @@ class Page_AddUser extends Page protected function doRender() { // Show mask - $res = Database::simpleQuery('SELECT organizationid, name FROM satellite ORDER BY name ASC'); + $res = Database::simpleQuery('SELECT organizationid, name FROM organization ORDER BY name ASC'); $orgs = array(); $orgs[] = array( 'organizationid' => '', diff --git a/modules/main.inc.php b/modules/main.inc.php index c1382e6..3e3aff8 100644 --- a/modules/main.inc.php +++ b/modules/main.inc.php @@ -59,6 +59,22 @@ class Page_Main extends Page { $data = User::getData(); $data['organization'] = User::getOrganizationName(); + // Shoe testacc merge form if organization has test accounts + $res = Database::queryFirst('SELECT Count(*) as cnt FROM user WHERE organizationid = :oid', array( + 'oid' => User::getOrganizationId() + )); + if ($res !== false && $res['cnt'] > 0) { + $data['testacc'] = true; + $mail = trim(User::getMail()); + if (!empty($mail)) { + $existing = Database::queryFirst('SELECT login FROM user WHERE email = :email LIMIT 1', array( + 'email' => $mail + )); + if ($existing !== false) { + $data['testlogin'] = $existing['login']; + } + } + } Render::addTemplate('main/deploy', $data); } diff --git a/modules/register.inc.php b/modules/register.inc.php index 0fec4c7..d24d304 100644 --- a/modules/register.inc.php +++ b/modules/register.inc.php @@ -19,10 +19,37 @@ class Page_Register extends Page Util::redirect('?do=Main'); } + if (Request::post('testlogin')) { + // Check if one of firstname, lastname or email matches + $user = Database::queryFirst('SELECT firstname, lastname, email, organizationid FROM user WHERE login = :login LIMIT 1', array('login' => Request::post('testlogin'))); + if ($user === false || User::getOrganizationId() !== $user['organizationid']) { + // Invalid Login + Message::addError('Test-Account {{0}} unbekannt. ' + . ' Bitte wenden Sie sich an den bwLehrpool-Support, wenn dieser Test-Account Ihnen gehört.', Request::post('testlogin')); + Util::redirect('?do=Main'); + } + if (User::getLastName() !== $user['lastname'] + && User::getFirstName() !== $user['firstname'] + && User::getMail() !== $user['email']) { + // No match by personal information + Message::addError('Ihre Metadaten stimmen nicht mit dem Test-Account {{0}} überein. ' + . ' Bitte wenden Sie sich an den bwLehrpool-Support, wenn dieser Test-Account Ihnen gehört.', Request::post('testlogin')); + Util::redirect('?do=Main'); + } + // Check if anonymous is requested, but user shared VMs with his testacc + if (Image::getImageCount(Request::post('testlogin')) > 0) { + Message::addError('Sie haben mit Ihrem Test-Account Virtuelle Maschinen auf den Zentral-Server hochgeladen und können sich daher nicht ohne Teilnahme am landesweiten VM-Austausch registrieren.'); + Util::redirect('?do=Main'); + } + } + if (Request::post('agb') === 'on') { // Put stuff in DB - User::deploy(Request::post('share') !== 'on'); - Message::addSuccess('Ihr Konto wurde freigeschaltet'); + if (User::deploy(Request::post('share') !== 'on', Request::post('testlogin'))) { + Message::addSuccess('Ihr Konto wurde freigeschaltet'); + } else { + Message::addError('Fehler beim Zusammenführen mit Ihrem Test-Account. Bitte wenden Sie sich an den Support.'); + } Util::redirect('?do=Main'); } Message::addError('Sie müssen den Nutzungsbedingungen zustimmen'); diff --git a/templates/main/deploy.html b/templates/main/deploy.html index f8f20c2..d9e3ed2 100644 --- a/templates/main/deploy.html +++ b/templates/main/deploy.html @@ -59,6 +59,21 @@ <span class="form-control">{{email}}</span> </div> </div> + + {{#testacc}} + <p> + Haben Sie bisher einen lokalen Account (Test-Account) benutzt? Falls ja können Sie diesen + jetzt mit Ihrem bwIDM-Account zusammenführen, um Ihre bisherigen Veranstaltungen und Virtuelle + Maschinen zu übernehmen. Ansonsten lassen Sie das Feld leer. + </p> + + <div class="input-group"> + <span class="input-group-addon"> + Test-Login + </span> + <input class="form-control" name="testlogin" type="text" value="{{testlogin}}" placeholder="login@einrichtung.de"> + </div> + {{/testacc}} <div class="pull-right"> <button type="submit" class="btn btn-primary">Registrieren</button> diff --git a/templates/sharemode/remove.html b/templates/sharemode/remove.html index d91590e..479e0f7 100644 --- a/templates/sharemode/remove.html +++ b/templates/sharemode/remove.html @@ -8,7 +8,7 @@ Sie nicht mehr am landesweiten VM-Austausch teilnehmen. Eventuell von Ihnen freigegebene Virtuelle Maschinen werden auf dem Zentral-Server einem generischen Benutzer überschrieben. Sollten Sie dem nicht zustimmen, setzen - Sie bitte den Haken bei <b>alle von mir erstellen VMs löschen</b>. Beachten + Sie bitte den Haken bei <b>alle von mir erstellten VMs löschen</b>. Beachten Sie jedoch, dass Ihre VMs bereits von anderen Hochschulen genutzt werden könnten. In diesem Fall werden die dort vorhandenen lokalen Kopien nicht gelöscht, um den Lehrbetrieb nicht zu stören. @@ -18,7 +18,7 @@ <span class="input-group-addon"> <input name="delvms" type="checkbox" id="delvms"> </span> - <span class="form-control"><label for="delvms">Alle von mir erstellen VMs löschen</label></span> + <span class="form-control"><label for="delvms">Alle von mir erstellten VMs löschen</label></span> </div> <div class="pull-right"> |