<?php
// must be run within Dokuwiki
if(!defined('DOKU_INC')) die();
/**
* Plaintext authentication backend
*
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
* @author Andreas Gohr <andi@splitbrain.org>
* @author Chris Smith <chris@jalakai.co.uk>
* @author Jan Schumann <js@schumann-it.com>
*/
class auth_plugin_authplain extends DokuWiki_Auth_Plugin {
/** @var array user cache */
protected $users = null;
/** @var array filter pattern */
protected $_pattern = array();
/**
* Constructor
*
* Carry out sanity checks to ensure the object is
* able to operate. Set capabilities.
*
* @author Christopher Smith <chris@jalakai.co.uk>
*/
public function __construct() {
parent::__construct();
global $config_cascade;
if(!@is_readable($config_cascade['plainauth.users']['default'])) {
$this->success = false;
} else {
if(@is_writable($config_cascade['plainauth.users']['default'])) {
$this->cando['addUser'] = true;
$this->cando['delUser'] = true;
$this->cando['modLogin'] = true;
$this->cando['modPass'] = true;
$this->cando['modName'] = true;
$this->cando['modMail'] = true;
$this->cando['modGroups'] = true;
}
$this->cando['getUsers'] = true;
$this->cando['getUserCount'] = true;
}
}
/**
* Check user+password
*
* Checks if the given user exists and the given
* plaintext password is correct
*
* @author Andreas Gohr <andi@splitbrain.org>
* @param string $user
* @param string $pass
* @return bool
*/
public function checkPass($user, $pass) {
$userinfo = $this->getUserData($user);
if($userinfo === false) return false;
return auth_verifyPassword($pass, $this->users[$user]['pass']);
}
/**
* Return user info
*
* Returns info about the given user needs to contain
* at least these fields:
*
* name string full name of the user
* mail string email addres of the user
* grps array list of groups the user is in
*
* @author Andreas Gohr <andi@splitbrain.org>
* @param string $user
* @return array|bool
*/
public function getUserData($user) {
if($this->users === null) $this->_loadUserData();
return isset($this->users[$user]) ? $this->users[$user] : false;
}
/**
* Create a new User
*
* Returns false if the user already exists, null when an error
* occurred and true if everything went well.
*
* The new user will be added to the default group by this
* function if grps are not specified (default behaviour).
*
* @author Andreas Gohr <andi@splitbrain.org>
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param string $user
* @param string $pwd
* @param string $name
* @param string $mail
* @param array $grps
* @return bool|null|string
*/
public function createUser($user, $pwd, $name, $mail, $grps = null) {
global $conf;
global $config_cascade;
// user mustn't already exist
if($this->getUserData($user) !== false) return false;
$pass = auth_cryptPassword($pwd);
// set default group if no groups specified
if(!is_array($grps)) $grps = array($conf['defaultgroup']);
// prepare user line
$groups = join(',', $grps);
$userline = join(':', array($user, $pass, $name, $mail, $groups))."\n";
if(io_saveFile($config_cascade['plainauth.users']['default'], $userline, true)) {
$this->users[$user] = compact('pass', 'name', 'mail', 'grps');
return $pwd;
}
msg(
'The '.$config_cascade['plainauth.users']['default'].
' file is not writable. Please inform the Wiki-Admin', -1
);
return null;
}
/**
* Modify user data
*
* @author Chris Smith <chris@jalakai.co.uk>
* @param string $user nick of the user to be changed
* @param array $changes array of field/value pairs to be changed (password will be clear text)
* @return bool
*/
public function modifyUser($user, $changes) {
global $ACT;
global $config_cascade;
// sanity checks, user must already exist and there must be something to change
if(($userinfo = $this->getUserData($user)) === false) return false;
if(!is_array($changes) || !count($changes)) return true;
// update userinfo with new data, remembering to encrypt any password
$newuser = $user;
foreach($changes as $field => $value) {
if($field == 'user') {
$newuser = $value;
continue;
}
if($field == 'pass') $value = auth_cryptPassword($value);
$userinfo[$field] = $value;
}
$groups = join(',', $userinfo['grps']);
$userline = join(':', array($newuser, $userinfo['pass'], $userinfo['name'], $userinfo['mail'], $groups))."\n";
if(!$this->deleteUsers(array($user))) {
msg('Unable to modify user data. Please inform the Wiki-Admin', -1);
return false;
}
if(!io_saveFile($config_cascade['plainauth.users']['default'], $userline, true)) {
msg('There was an error modifying your user data. You should register again.', -1);
// FIXME, user has been deleted but not recreated, should force a logout and redirect to login page
$ACT = 'register';
return false;
}
$this->users[$newuser] = $userinfo;
return true;
}
/**
* Remove one or more users from the list of registered users
*
* @author Christopher Smith <chris@jalakai.co.uk>
* @param array $users array of users to be deleted
* @return int the number of users deleted
*/
public function deleteUsers($users) {
global $config_cascade;
if(!is_array($users) || empty($users)) return 0;
if($this->users === null) $this->_loadUserData();
$deleted = array();
foreach($users as $user) {
if(isset($this->users[$user])) $deleted[] = preg_quote($user, '/');
}
if(empty($deleted)) return 0;
$pattern = '/^('.join('|', $deleted).'):/';
io_deleteFromFile($config_cascade['plainauth.users']['default'], $pattern, true);
// reload the user list and count the difference
$count = count($this->users);
$this->_loadUserData();
$count -= count($this->users);
return $count;
}
/**
* Return a count of the number of user which meet $filter criteria
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param array $filter
* @return int
*/
public function getUserCount($filter = array()) {
if($this->users === null) $this->_loadUserData();
if(!count($filter)) return count($this->users);
$count = 0;
$this->_constructPattern($filter);
foreach($this->users as $user => $info) {
$count += $this->_filter($user, $info);
}
return $count;
}
/**
* Bulk retrieval of user data
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param int $start index of first user to be returned
* @param int $limit max number of users to be returned
* @param array $filter array of field/pattern pairs
* @return array userinfo (refer getUserData for internal userinfo details)
*/
public function retrieveUsers($start = 0, $limit = 0, $filter = array()) {
if($this->users === null) $this->_loadUserData();
ksort($this->users);
$i = 0;
$count = 0;
$out = array();
$this->_constructPattern($filter);
foreach($this->users as $user => $info) {
if($this->_filter($user, $info)) {
if($i >= $start) {
$out[$user] = $info;
$count++;
if(($limit > 0) && ($count >= $limit)) break;
}
$i++;
}
}
return $out;
}
/**
* Only valid pageid's (no namespaces) for usernames
*
* @param string $user
* @return string
*/
public function cleanUser($user) {
global $conf;
return cleanID(str_replace(':', $conf['sepchar'], $user));
}
/**
* Only valid pageid's (no namespaces) for groupnames
*
* @param string $group
* @return string
*/
public function cleanGroup($group) {
global $conf;
return cleanID(str_replace(':', $conf['sepchar'], $group));
}
/**
* Load all user data
*
* loads the user file into a datastructure
*
* @author Andreas Gohr <andi@splitbrain.org>
*/
protected function _loadUserData() {
global $config_cascade;
$this->users = array();
if(!@file_exists($config_cascade['plainauth.users']['default'])) return;
$lines = file($config_cascade['plainauth.users']['default']);
foreach($lines as $line) {
$line = preg_replace('/#.*$/', '', $line); //ignore comments
$line = trim($line);
if(empty($line)) continue;
$row = explode(":", $line, 5);
$groups = array_values(array_filter(explode(",", $row[4])));
$this->users[$row[0]]['pass'] = $row[1];
$this->users[$row[0]]['name'] = urldecode($row[2]);
$this->users[$row[0]]['mail'] = $row[3];
$this->users[$row[0]]['grps'] = $groups;
}
}
/**
* return true if $user + $info match $filter criteria, false otherwise
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param string $user User login
* @param array $info User's userinfo array
* @return bool
*/
protected function _filter($user, $info) {
foreach($this->_pattern as $item => $pattern) {
if($item == 'user') {
if(!preg_match($pattern, $user)) return false;
} else if($item == 'grps') {
if(!count(preg_grep($pattern, $info['grps']))) return false;
} else {
if(!preg_match($pattern, $info[$item])) return false;
}
}
return true;
}
/**
* construct a filter pattern
*
* @param array $filter
*/
protected function _constructPattern($filter) {
$this->_pattern = array();
foreach($filter as $item => $pattern) {
$this->_pattern[$item] = '/'.str_replace('/', '\/', $pattern).'/i'; // allow regex characters
}
}
}