Merge pull request #1 from Kloadut/master

Integrate MediaWiki sources in the repo, and fix php5-cli dependency

scripts/install

@@ -17,6 +17,10 @@ db_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d '[A-Za-z0-9]'
 # Use 'mediawiki' as database name and user
 db_user=mediawiki
 
+# Instal php5-cli dependency
+sudo apt-get update
+sudo apt-get install php5-cli -y
+
 # Initialize database and store mysql password for upgrade
 sudo yunohost app initdb $db_user -p $db_pwd -s $(readlink -e ../conf/SQL/mysql.initial.sql)
 sudo yunohost app setting mediawiki mysqlpwd -v $db_pwd
@@ -24,19 +28,11 @@ sudo yunohost app setting mediawiki mysqlpwd -v $db_pwd
 # Copy files to the right place
 final_path=/var/www/mediawiki
 sudo mkdir -p $final_path
-sudo wget http://releases.wikimedia.org/mediawiki/1.22/mediawiki-1.22.6.tar.gz
-sudo tar xvzf mediawiki-*.tar.gz
-sudo mv mediawiki-*/* $final_path
-sudo rm -R mediawiki-*
+sudo cp -r ../sources/mediawiki/* $final_path
 sudo cp ../conf/LocalSettings.php $final_path/
 
 # LDAP Extension
-sudo wget https://codeload.github.com/wikimedia/mediawiki-extensions-LdapAuthentication/legacy.tar.gz/REL1_22
-sudo tar -xzf REL1_22
-sudo mkdir $final_path/extensions/LdapAuthentication
-sudo mv wikimedia-mediawiki-extensions-LdapAuthentication*/* $final_path/extensions/LdapAuthentication/
-sudo rm -R wikimedia-mediawiki-extensions-LdapAuthentication*
-sudo rm REL1_22
+sudo cp -r ../sources/LdapAuthentication $final_path/extensions/
 
 # RemoteUser Extension
 sudo wget https://codeload.github.com/wikimedia/mediawiki-extensions-Auth_remoteuser/legacy.tar.gz/REL1_22
@@ -73,4 +69,4 @@ sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/mediawiki.conf
 
 # Reload Nginx and regenerate SSOwat conf
 sudo service nginx reload
-sudo yunohost app ssowatconf
+sudo yunohost app ssowatconf

sources/LdapAuthentication/.gitignore

@@ -0,0 +1,4 @@
+.svn
+*~
+*.kate-swp
+.*.swp

sources/LdapAuthentication/.gitreview

@@ -0,0 +1,5 @@
+[gerrit]
+host=gerrit.wikimedia.org
+port=29418
+project=mediawiki/extensions/LdapAuthentication.git
+defaultbranch=master

sources/LdapAuthentication/LdapAuthentication.i18n.php

@@ -0,0 +1,363 @@
+<?php
+/**
+ * Internationalisation file for extension LdapAuthentication.
+ *
+ * @file
+ * @ingroup Extensions
+ */
+
+$messages = array();
+
+/** English
+ * @author Ryan Lane
+ */
+$messages['en'] = array(
+	'ldapauthentication-desc' => 'LDAP authentication plugin with support for multiple LDAP authentication methods',
+);
+
+/** Message documentation (Message documentation)
+ * @author Fryed-peach
+ * @author Shirayuki
+ */
+$messages['qqq'] = array(
+	'ldapauthentication-desc' => '{{desc|name=LDAP Authentication|url=http://www.mediawiki.org/wiki/Extension:LDAP_Authentication}}',
+);
+
+/** Afrikaans (Afrikaans)
+ * @author Naudefj
+ */
+$messages['af'] = array(
+	'ldapauthentication-desc' => 'Uitbreiding vir LDAP-outentisiteit wat die meeste LDAP-outentisiteitsmetodes ondersteun',
+);
+
+/** Gheg Albanian (Gegë)
+ * @author Mdupont
+ */
+$messages['aln'] = array(
+	'ldapauthentication-desc' => 'plugin LDAP vertetimi me mbështetje për metoda të shumta tek LDAP',
+);
+
+/** Arabic (العربية)
+ * @author Meno25
+ */
+$messages['ar'] = array(
+	'ldapauthentication-desc' => 'إضافة تحقيق LDAP بدعم لوسائل تحقيق LDAP متعددة',
+);
+
+/** Asturian (asturianu)
+ * @author Xuacu
+ */
+$messages['ast'] = array(
+	'ldapauthentication-desc' => "Complemento p'autenticación LDAP con sofitu pa dellos métodos d'autenticación LDAP",
+);
+
+/** Belarusian (Taraškievica orthography) (беларуская (тарашкевіца)‎)
+ * @author EugeneZelenko
+ */
+$messages['be-tarask'] = array(
+	'ldapauthentication-desc' => 'Дапаўненьне LDAP-аўтэнтыфікацыі з падтрымкай некалькіх мэтадаў аўтэнтыфікацыі LDAP',
+);
+
+/** Breton (brezhoneg)
+ * @author Fulup
+ */
+$messages['br'] = array(
+	'ldapauthentication-desc' => 'Adveziant gwiriekaat LDAP ennañ meur a hentenn wiriekaat LDAP',
+);
+
+/** Bosnian (bosanski)
+ * @author CERminator
+ */
+$messages['bs'] = array(
+	'ldapauthentication-desc' => 'Proširenje LDAP autentifikacije sa podrškom za mnoge metode LDAP autentifikacije',
+);
+
+/** Catalan (català)
+ * @author Paucabot
+ */
+$messages['ca'] = array(
+	'ldapauthentication-desc' => "Connector d'autentificació LDAP amb suport per a diversos mètodes d'autenticació LDAP",
+);
+
+/** Czech (česky)
+ * @author Mormegil
+ */
+$messages['cs'] = array(
+	'ldapauthentication-desc' => 'Autentizační modul pro LDAP podporující několik autentizačních metod LDAP',
+);
+
+/** German (Deutsch)
+ * @author Imre
+ * @author Kghbln
+ */
+$messages['de'] = array(
+	'ldapauthentication-desc' => 'Ermöglicht die LDAP-Authentifizierung mit Hilfe mehrerer Authentifizierungsmethoden',
+);
+
+/** Lower Sorbian (dolnoserbski)
+ * @author Michawiki
+ */
+$messages['dsb'] = array(
+	'ldapauthentication-desc' => 'Tykac awtentifikacije LDAP z pódpěru za někotare metody LDAP-awtentifikacije',
+);
+
+/** Esperanto (Esperanto)
+ * @author Blahma
+ */
+$messages['eo'] = array(
+	'ldapauthentication-desc' => 'LDAP-aŭtentiga kromprogramo kun subteno de pluraj LDAP-aŭtentigaj metodoj',
+);
+
+/** Spanish (español)
+ * @author Translationista
+ */
+$messages['es'] = array(
+	'ldapauthentication-desc' => 'Complemento de autentificación LDAP con apoyo de múltiples métodos de autentificación LDAP',
+);
+
+/** Finnish (suomi)
+ * @author Centerlink
+ */
+$messages['fi'] = array(
+	'ldapauthentication-desc' => 'LDAP-todentamisliitännäinen useiden LDAP-todennustapojen tuella',
+);
+
+/** French (français)
+ * @author IAlex
+ * @author Urhixidur
+ */
+$messages['fr'] = array(
+	'ldapauthentication-desc' => 'Extension d’authentification LDAP prenant en charge de multiples méthodes d’authentification LDAP',
+);
+
+/** Galician (galego)
+ * @author Toliño
+ */
+$messages['gl'] = array(
+	'ldapauthentication-desc' => 'Complemento de autenticación LDAP con soporte para varios métodos de autenticación LDAP',
+);
+
+/** Swiss German (Alemannisch)
+ * @author Als-Holder
+ */
+$messages['gsw'] = array(
+	'ldapauthentication-desc' => 'LDAP-Authentifizierigs-Plugin mit Unterstitzig fir multipli LDAP-Authentifizierigs-Merthode',
+);
+
+/** Hebrew (עברית)
+ * @author YaronSh
+ */
+$messages['he'] = array(
+	'ldapauthentication-desc' => 'תוסף אימות LDAP עם תמיכה במספר שיטות LDAP לאימות',
+);
+
+/** Upper Sorbian (hornjoserbsce)
+ * @author Michawiki
+ */
+$messages['hsb'] = array(
+	'ldapauthentication-desc' => 'Tykač awtentifikacije LDAP z podpěru za wjacore metody LDAP-awtentifikacije',
+);
+
+/** Hungarian (magyar)
+ * @author Glanthor Reviol
+ */
+$messages['hu'] = array(
+	'ldapauthentication-desc' => 'LDAP hitelesítési bővítmény többféle LDAP azonosítási módszer támogatásával',
+);
+
+/** Interlingua (interlingua)
+ * @author McDutchie
+ */
+$messages['ia'] = array(
+	'ldapauthentication-desc' => 'Plugin pro authentication LDAP con supporto pro multiple methodos de authentication LDAP',
+);
+
+/** Indonesian (Bahasa Indonesia)
+ * @author IvanLanin
+ */
+$messages['id'] = array(
+	'ldapauthentication-desc' => 'Pengaya otentikasi LDAP dengan dukungan untuk berbagai metode otentikasi LDAP',
+);
+
+/** Italian (italiano)
+ * @author HalphaZ
+ */
+$messages['it'] = array(
+	'ldapauthentication-desc' => 'Plugin di autenticazione LDAP con supporto a diversi metodi di autenticazione LDAP',
+);
+
+/** Japanese (日本語)
+ * @author Aotake
+ * @author Shirayuki
+ */
+$messages['ja'] = array(
+	'ldapauthentication-desc' => '複数の LDAP 認証方式対応の LDAP 認証プラグイン',
+);
+
+/** Korean (한국어)
+ * @author 아라
+ */
+$messages['ko'] = array(
+	'ldapauthentication-desc' => '여러 LDAP 인증 방법에 대해 지원하는 LDAP 인증 플러그인',
+);
+
+/** Colognian (Ripoarisch)
+ * @author Purodha
+ */
+$messages['ksh'] = array(
+	'ldapauthentication-desc' => 'Dat Zohsatzprojramm för et Enlogge övver <i lang="en">LDAP</i> löht ungerscheidlijje Mettoohde zoh, för et Prööfe, wä wä es.',
+);
+
+/** Luxembourgish (Lëtzebuergesch)
+ * @author Robby
+ */
+$messages['lb'] = array(
+	'ldapauthentication-desc' => 'Authentifikatiouns-Plugin fir LDAP mat Ënnerstëtzung fir multipel LDAP Authentifikatiouns-Methoden',
+);
+
+/** Macedonian (македонски)
+ * @author Bjankuloski06
+ */
+$messages['mk'] = array(
+	'ldapauthentication-desc' => 'LDAP приклучок за потврдување со поддршка за повеќе методи на LDAP потврдување',
+);
+
+/** Malay (Bahasa Melayu)
+ * @author Anakmalaysia
+ */
+$messages['ms'] = array(
+	'ldapauthentication-desc' => 'Pemalam pengesahan LDAP dengan sokongan untuk berbilang kaedah pengesahan LDAP',
+);
+
+/** Norwegian Bokmål (norsk bokmål)
+ * @author Nghtwlkr
+ */
+$messages['nb'] = array(
+	'ldapauthentication-desc' => 'Programutvidelse for LDAP-autentisering med støtte for flere LDAP-autentiseringsmetoder',
+);
+
+/** Dutch (Nederlands)
+ * @author Siebrand
+ */
+$messages['nl'] = array(
+	'ldapauthentication-desc' => 'LDAP-authenticatieplug-in met ondersteuning voor meerdere LDAP-authenticatiemethoden',
+);
+
+/** Occitan (occitan)
+ * @author Cedric31
+ */
+$messages['oc'] = array(
+	'ldapauthentication-desc' => "Plugin d'autentificacion LDAP amb supòrt de metòdes d'autentificacion LDAP multiples",
+);
+
+/** Polish (polski)
+ * @author Sp5uhe
+ */
+$messages['pl'] = array(
+	'ldapauthentication-desc' => 'Wtyczka autoryzacji użytkowników z użyciem LDAP ze wsparciem dla wielu metod autoryzacji',
+);
+
+/** Piedmontese (Piemontèis)
+ * @author Borichèt
+ * @author Dragonòt
+ */
+$messages['pms'] = array(
+	'ldapauthentication-desc' => "Plugin për l'autenticassion LDAP con apògg për vàire manere d'autenticassion LDAP",
+);
+
+/** Portuguese (português)
+ * @author Hamilton Abreu
+ */
+$messages['pt'] = array(
+	'ldapauthentication-desc' => "''Plugin'' de autenticação LDAP, com suporte para vários métodos de autenticação",
+);
+
+/** Brazilian Portuguese (português do Brasil)
+ * @author Giro720
+ */
+$messages['pt-br'] = array(
+	'ldapauthentication-desc' => "''Plugin'' de autenticação LDAP, com suporte para vários métodos de autenticação",
+);
+
+/** tarandíne (tarandíne)
+ * @author Joetaras
+ */
+$messages['roa-tara'] = array(
+	'ldapauthentication-desc' => "plugin de autendicazione LDAP cu 'u supporte pe autendicaziune multeple de metode LDAP",
+);
+
+/** Russian (русский)
+ * @author Александр Сигачёв
+ */
+$messages['ru'] = array(
+	'ldapauthentication-desc' => 'Плагин LDAP-аутентификации с поддержкой нескольких методов проверки подлинности LDAP',
+);
+
+/** Slovak (slovenčina)
+ * @author Helix84
+ */
+$messages['sk'] = array(
+	'ldapauthentication-desc' => 'Zásuvný modul na autentifikáciu prostredníctvom LDAP s podporou viacerých metód LDAP',
+);
+
+/** Serbian (Cyrillic script) (српски (ћирилица)‎)
+ * @author Михајло Анђелковић
+ */
+$messages['sr-ec'] = array(
+	'ldapauthentication-desc' => 'Плагин за LDAP ауторизацију, са подршком за више метода LDAP ауторизације',
+);
+
+/** Serbian (Latin script) (srpski (latinica)‎)
+ */
+$messages['sr-el'] = array(
+	'ldapauthentication-desc' => 'Plagin za LDAP autorizaciju, sa podrškom za više metoda LDAP autorizacije',
+);
+
+/** Swedish (svenska)
+ * @author Boivie
+ */
+$messages['sv'] = array(
+	'ldapauthentication-desc' => 'LDAP-autentiseringsplugin med stöd för flera LDAP-autentiseringsmetoder',
+);
+
+/** Tagalog (Tagalog)
+ * @author AnakngAraw
+ */
+$messages['tl'] = array(
+	'ldapauthentication-desc' => 'Pampasak na pangpagpapatotoo ng LDAP na may suporta para sa maramihang mga pamamaraan ng pagpapatotoo ng LDAP',
+);
+
+/** Turkish (Türkçe)
+ * @author Vito Genovese
+ */
+$messages['tr'] = array(
+	'ldapauthentication-desc' => 'Birden çok LDAP kimlik doğrulama yöntemini destekleyen LDAP kimlik doğrulama eklentisi',
+);
+
+/** Ukrainian (українська)
+ * @author Ytsukeng Fyvaprol
+ */
+$messages['uk'] = array(
+	'ldapauthentication-desc' => 'Плагін LDAP-аутентифікації з підтримкою декількох методів перевірки автентичності LDAP',
+);
+
+/** Vietnamese (Tiếng Việt)
+ * @author Minh Nguyen
+ */
+$messages['vi'] = array(
+	'ldapauthentication-desc' => 'Phần bổ trợ xác thực LDAP hỗ trợ nhiều phương pháp xác thực LDAP',
+);
+
+/** Simplified Chinese (中文（简体）‎)
+ * @author Yanmiao liu
+ */
+$messages['zh-hans'] = array(
+	'ldapauthentication-desc' => '具有多种LDAP认证方法支持的LDAP认证插件',
+);
+
+/** Traditional Chinese (中文（繁體）‎)
+ * @author Anakmalaysia
+ */
+$messages['zh-hant'] = array(
+	'ldapauthentication-desc' => '具有多種LDAP認證方法支持的LDAP認證外掛程式',
+);

sources/LdapAuthentication/LdapAutoAuthentication.php

@@ -0,0 +1,124 @@
+<?php
+
+class LdapAutoAuthentication {
+
+	/**
+	 * Does the web server authentication piece of the LDAP plugin.
+	 *
+	 * @param $user User
+	 * @param $result bool
+	 * @return bool
+	 */
+	public static function Authenticate( $user, &$result = null ) {
+		/**
+		 * @var $wgAuth LdapAuthenticationPlugin
+		 */
+		global $wgAuth;
+
+		$wgAuth->printDebug( "Entering AutoAuthentication.", NONSENSITIVE );
+
+		if ( $user->isLoggedIn() ) {
+			$wgAuth->printDebug( "User is already logged in.", NONSENSITIVE );
+			return true;
+		}
+
+		$wgAuth->printDebug( "User isn't logged in, calling setup.", NONSENSITIVE );
+
+		// Let regular authentication plugins configure themselves for auto
+		// authentication chaining
+		$wgAuth->autoAuthSetup();
+
+		$autoauthname = $wgAuth->getConf( 'AutoAuthUsername' );
+		$wgAuth->printDebug( "Calling authenticate with username ($autoauthname).", NONSENSITIVE );
+
+		// The user hasn't already been authenticated, let's check them
+		$authenticated = $wgAuth->authenticate( $autoauthname, '' );
+		if ( !$authenticated ) {
+			// If the user doesn't exist in LDAP, there isn't much reason to
+			// go any further.
+			$wgAuth->printDebug( "User wasn't found in LDAP, exiting.", NONSENSITIVE );
+			return false;
+		}
+
+		// We need the username that MediaWiki will always use, not necessarily the one we
+		// get from LDAP.
+		$mungedUsername = $wgAuth->getCanonicalName( $autoauthname );
+
+		$wgAuth->printDebug( "User exists in LDAP; finding the user by name ($mungedUsername) in MediaWiki.", NONSENSITIVE );
+		$localId = User::idFromName( $mungedUsername );
+		$wgAuth->printDebug( "Got id ($localId).", NONSENSITIVE );
+
+		// Is the user already in the database?
+		if ( !$localId ) {
+			$userAdded = self::attemptAddUser( $user, $mungedUsername );
+			if ( !$userAdded ) {
+				$result = false;
+				return false;
+			}
+		} else {
+			$wgAuth->printDebug( "User exists in local database, logging in.", NONSENSITIVE );
+			$user->setID( $localId );
+			$user->loadFromId();
+			$user->setCookies();
+			$wgAuth->updateUser( $user );
+			wfSetupSession();
+			$result = true;
+		}
+
+		return true;
+	}
+
+	/**
+	 * @param $user User
+	 * @param $mungedUsername String
+	 * @return bool
+	 */
+	public static function attemptAddUser( $user, $mungedUsername ) {
+		/**
+		 * @var $wgAuth LdapAuthenticationPlugin
+		 */
+		global $wgAuth;
+
+		if ( !$wgAuth->autoCreate() ) {
+			$wgAuth->printDebug( "Cannot automatically create accounts.", NONSENSITIVE );
+			return false;
+		}
+
+		$wgAuth->printDebug( "User does not exist in local database; creating.", NONSENSITIVE );
+		// Checks passed, create the user
+		$user->loadDefaults( $mungedUsername );
+		$status = $user->addToDatabase();
+		if ( $status !== null && !$status->isOK() ) {
+			$wgAuth->printDebug( "Creation failed: " . $status->getWikiText(), NONSENSITIVE );
+			return false;
+		}
+		$wgAuth->initUser( $user, true );
+		$user->setCookies();
+		wfSetupSession();
+		# Update user count
+		$ssUpdate = new SiteStatsUpdate( 0, 0, 0, 0, 1 );
+		$ssUpdate->doUpdate();
+		# Notify hooks (e.g. Newuserlog)
+		wfRunHooks( 'AuthPluginAutoCreate', array( $user ) );
+
+		return true;
+	}
+
+	/**
+	 * No logout link in MW
+	 * @param $personal_urls array
+	 * @param $title Title
+	 * @return bool
+	 */
+	public static function NoLogout( &$personal_urls, $title ) {
+		/**
+		 * @var $wgAuth LdapAuthenticationPlugin
+		 */
+		global $wgAuth;
+
+		$wgAuth->printDebug( "Entering NoLogout.", NONSENSITIVE );
+		unset( $personal_urls['logout'] );
+		return true;
+	}
+
+}

sources/LdapAuthentication/README

@@ -0,0 +1 @@
+This authentication plugin allows MediaWiki to use an LDAP store as its user database for authentication, and some authorization. Full functionality and configuration information can be found at: http://www.mediawiki.org/wiki/Extension:LDAP_Authentication

sources/LdapAuthentication/schema/ldap-mysql.sql

@@ -0,0 +1,13 @@
+CREATE TABLE /*_*/ldap_domains (
+	-- IF for domain
+	domain_id int not null primary key auto_increment,
+
+	-- domain itself
+	domain varchar(255) binary not null,
+
+	-- User to which this domain belongs
+	user_id int not null
+
+) /*$wgDBTableOptions*/;
+
+CREATE INDEX /*i*/user_id on /*_*/ldap_domains (user_id);

sources/LdapAuthentication/schema/ldap-postgres.sql

@@ -0,0 +1,13 @@
+CREATE TABLE ldap_domains (
+	-- IF for domain
+	domain_id serial PRIMARY KEY,
+
+	-- domain itself
+	domain varchar(255) not null,
+
+	-- User to which this domain belongs
+	user_id integer not null
+
+) /*$wgDBTableOptions*/;
+
+CREATE INDEX user_id on ldap_domains (user_id);