diff options
Diffstat (limited to 'inc/user.inc.php')
-rw-r--r-- | inc/user.inc.php | 36 |
1 files changed, 15 insertions, 21 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php index bc07f5d..84e517d 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -14,27 +14,27 @@ class User return self::$user !== null; } - public static function isShibbolethAuth() + public static function isShibbolethAuth(): bool { return self::$isShib; } - public static function isInDatabase() + public static function isInDatabase(): bool { return self::$isInDb; } - public static function isLocalOnly() + public static function isLocalOnly(): bool { return self::$user !== null && self::$isShib === false; } - public static function isAnonymous() + public static function isAnonymous(): bool { return self::$isAnonymous; } - public static function getData() + public static function getData(): ?array { return self::$user; } @@ -79,7 +79,7 @@ class User return self::$user !== null && !empty(self::$user['firstname']) && !empty(self::$user['lastname']); } - public static function isTutor() + public static function isTutor(): bool { return isset(self::$user['role']) && self::$user['role'] === 'TUTOR'; } @@ -147,7 +147,7 @@ class User return self::$user['shibid']; } - public static function load() + public static function load(): bool { //file_put_contents('/tmp/test-' . time(), print_r($_SERVER, true)); if (self::isLoggedIn()) @@ -161,6 +161,7 @@ class User . ' an den {{1}}-SP zu übermitteln. Bitte wenden Sie sich an den Support.', CONFIG_IDM, CONFIG_SUITE); } Session::delete(); + file_put_contents('/tmp/shib-load-' . time() . '-' . $_SERVER['REMOTE_ADDR'] . '.txt', print_r($_SERVER, true)); return false; } // Try user from local DB @@ -209,14 +210,7 @@ class User 'email' => $_SERVER['mail'], ); // Figure out whether the user should be considered a tutor - if (isset($_SERVER[CONFIG_SCOPED_AFFILIATION]) && (strpos(";{$_SERVER[CONFIG_SCOPED_AFFILIATION]}", ';employee@') !== false - || strpos(";{$_SERVER[CONFIG_SCOPED_AFFILIATION]}", ';staff@') !== false - || strpos(";{$_SERVER[CONFIG_SCOPED_AFFILIATION]}", ';faculty@') !== false)) - self::$user['role'] = 'TUTOR'; - elseif (isset($_SERVER['entitlement']) && strpos(";{$_SERVER['entitlement']};", CONFIG_ENTITLEMENT) !== false) - self::$user['role'] = 'TUTOR'; - else - self::$user['role'] = 'STUDENT'; + self::$user['role'] = Util::getRole(); // Try to figure out organization if (isset($_SERVER[CONFIG_EPPN]) && preg_match('/@([0-9a-zA-Z\-._]+)$/', $_SERVER[CONFIG_EPPN], $out)) { self::$user['organization'] = $out[1]; @@ -246,7 +240,7 @@ class User return true; } - public static function deploy(bool $anonymous, $existingLogin = false): bool + public static function deploy(bool $anonymous, ?string $existingLogin = null): bool { if (empty(self::$user['shibid'])) Util::traceError('NO SHIBID'); @@ -299,7 +293,7 @@ class User return true; } - public static function updatePassword($pass) + public static function updatePassword(string $pass): bool { if (!self::isLoggedIn() || self::$isShib || !self::$isInDb) return false; @@ -311,7 +305,7 @@ class User return $ret == 1; } - public static function updateMail($mail) + public static function updateMail(string $mail): bool { if (!self::isLoggedIn() || self::$isShib || !self::$isInDb) return false; @@ -322,7 +316,7 @@ class User return $ret == 1 || $mail === self::$user['email']; } - public static function login($user, $pass) + public static function login(string $user, string $pass): bool { $ret = Database::queryFirst('SELECT userid, password FROM user WHERE userid = :user LIMIT 1', array(':user' => $user)); if ($ret === false) @@ -336,7 +330,7 @@ class User return true; } - public static function logout() + public static function logout(): never { foreach ($_COOKIE as $name => $value) { if (substr($name, 0, 5) !== '_shib') @@ -352,7 +346,7 @@ class User exit(0); } - public static function delete() + public static function delete(): bool { if (!User::isLoggedIn() || !User::isInDatabase()) return true; |