1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
<?php
class Page_Main extends Page
{
protected function doPreprocess()
{
User::load();
}
protected function doRender()
{
Render::addTemplate('main/_page', array('suite' => CONFIG_SUITE));
if (!User::isLoggedIn()) {
// Guest
Render::addTemplate('main/guest', array('prefix' => CONFIG_PREFIX, 'suite' => CONFIG_SUITE, 'idm' => CONFIG_IDM));
return;
}
// Logged in user --
if (User::isLocalOnly()) {
// Local test account
$this->renderLocalAccount();
return;
}
if (!User::isShibbolethAuth()) {
// Should not be possible
Message::addError('Sie sind nicht korrekt authentifiziert. Bitte melden Sie sich erneut an.');
Session::delete();
return;
}
// --- Below here we know the user via shibboleth
if (User::isInDatabase()) {
// User is also in DB, so he signed up for the service
$this->renderShibbolethRegistered();
return;
}
if (!User::isTutor()) {
Message::addError('Sie sind kein Mitarbeiter der Einrichtung "' . User::getOrganization()
. '" und können daher die ' . CONFIG_SUITE . '-Suite nicht nutzen.');
return;
}
// User is not in DB, so he might want so sign up for the service - see if conditions are met
if (User::getOrganization() !== false) {
// Organization is known, show signup form
$this->renderShibbolethUnregistered();
return;
}
// Nothing we can do here, show error message :-(
if (User::getRemoteOrganizationId() !== false) {
// Organization is not known, see if we at least have an idea
Message::addWarning('Ihre Hochschule/Einrichtung {{0}} ist leider nicht bekannt. Bitte kontaktieren Sie den Support.', User::getRemoteOrganizationId());
} else {
// No idea where the user is coming from
Message::addError('Ihr IdP sendet leider keine Informationen über Ihre Hochschul-/Einrichtungszugehörigkeit');
}
}
private function renderShibbolethRegistered()
{
Render::addTemplate('main/logged-in', array('suite' => CONFIG_SUITE));
}
private function renderShibbolethUnregistered()
{
$data = User::getData();
$data['organization'] = User::getOrganizationName();
// Show testacc merge form if organization has test accounts
$mail = trim(User::getMail());
$fn = User::getFirstName();
$ln = User::getLastName();
if (!empty($mail) && (!empty($fn) || !empty($ln))) {
$extra = '';
if (!CONFIG_ALLOW_SHIB_MERGE) {
$extra = ' AND password IS NOT NULL AND Length(password) <> 0 ';
}
$existing = Database::queryFirst('SELECT userid FROM user
WHERE email = :email AND lastname = :ln AND firstname = :fn AND organizationid = :org ' . $extra . ' LIMIT 1', array(
'email' => $mail,
'fn' => $fn,
'ln' => $ln,
'org' => User::getOrganizationId(),
));
if ($existing !== false) {
$data['testlogin'] = $existing['userid'];
}
}
$data['suite'] = CONFIG_SUITE;
$data['idm'] = CONFIG_IDM;
Render::addTemplate('main/deploy', $data);
}
private function renderLocalAccount()
{
$data = User::getData();
$data['organization'] = User::getOrganizationName();
Render::addTemplate('main/logged-in-testacc', $data);
}
}
|
