diff options
| author | Simon Rettberg | 2015-10-14 16:57:54 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2015-10-14 16:57:54 +0200 |
| commit | 8eee10ead8906df04255d275b460a78cc90c4e12 (patch) | |
| tree | 66f1c6426ca9404e5309dd34225755fac330f138 /inc/user.inc.php | |
| parent | Adapt to master-server changes (Db scheme) (diff) | |
| download | bwlp-webadmin-8eee10ead8906df04255d275b460a78cc90c4e12.tar.gz bwlp-webadmin-8eee10ead8906df04255d275b460a78cc90c4e12.tar.xz bwlp-webadmin-8eee10ead8906df04255d275b460a78cc90c4e12.zip | |
Fix session handling, support staff-affiliation as being detected as tutor
Diffstat (limited to 'inc/user.inc.php')
| -rw-r--r-- | inc/user.inc.php | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php index 28a1fd5..16ec77d 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -81,7 +81,7 @@ class User public static function isTutor() { - return isset(self::$user['role']) && self::$user['role'] === 'tutor'; + return isset(self::$user['role']) && self::$user['role'] === 'TUTOR'; } public static function isAdmin() @@ -158,18 +158,30 @@ class User . ' aber der IdP Ihrer Einrichtung scheint die benötigten Metadaten nicht' . ' an den bwLehrpool-SP zu übermitteln. Bitte wenden Sie sich an den Support.'); } + Session::delete(); return false; } // Try user from local DB self::$user = Database::queryFirst('SELECT userid, shibid, organizationid AS organization, firstname, lastname, email FROM user WHERE userid = :uid LIMIT 1', array('uid' => Session::getUid())); self::$isInDb = self::$user !== false; + if (!self::$isInDb) { + Session::delete(); + } return self::$isInDb; } // Try bwIDM etc. if (!$hasSession) { + // Make sure cookies are enabled + if (!empty($_SERVER['Shib-Session-ID'])) { + if (isset($_GET['force-cookie'])) + die('Bitte aktivieren Sie Cookies und Javascript!'); + + } Session::create(); Session::set('token', md5(mt_rand() . $_SERVER['REMOTE_ADDR'] . microtime(true) . $_SERVER['persistent-id'] . mt_rand())); Session::save(); + if (!empty($_SERVER['Shib-Session-ID'])) + Util::redirect('?do=Main&force-cookie=true.dat'); } self::$isShib = true; if (!isset($_SERVER['sn'])) @@ -187,10 +199,13 @@ class User 'email' => $_SERVER['mail'], ); // Figure out whether the user should be considered a tutor - if (isset($_SERVER['affiliation']) && preg_match('/(^|;)employee@/', $_SERVER['affiliation'])) - self::$user['role'] = 'tutor'; + if (isset($_SERVER['affiliation']) && (strpos(";{$_SERVER['affiliation']}", ';employee@') !== false + || strpos(";{$_SERVER['affiliation']}", ';staff@') !== false)) + self::$user['role'] = 'TUTOR'; elseif (isset($_SERVER['entitlement']) && strpos(";{$_SERVER['entitlement']};", ';http://bwidm.de/entitlement/bwLehrpool;') !== false) - self::$user['role'] = 'tutor'; + self::$user['role'] = 'TUTOR'; + else + self::$user['role'] = 'STUDENT'; // Try to figure out organization if (isset($_SERVER['affiliation']) && preg_match('/@([a-zA-Z\-\._]+)(;|$)/', $_SERVER['affiliation'], $out)) self::$user['organization'] = $out[1]; |