1: <?php
  2: /*
  3:  You may not change or alter any portion of this comment or credits
  4:  of supporting developers from this source code or any supporting source code
  5:  which is considered copyrighted (c) material of the original comment or credit authors.
  6: 
  7:  This program is distributed in the hope that it will be useful,
  8:  but WITHOUT ANY WARRANTY; without even the implied warranty of
  9:  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 10: */
 11: 
 12: namespace Xoops\Auth;
 13: 
 14: use Xoops\Core\Kernel\Criteria;
 15: use Xoops\Core\Kernel\Handlers\XoopsUser;
 16: 
 17: /**
 18:  * Authentication provisioning class
 19:  *
 20:  * This class is responsible to provide synchronisation method to Xoops User Database
 21:  *
 22:  * @category  Xoops\Auth
 23:  * @package   Provisioning
 24:  * @author    Pierre-Eric MENUET <pemphp@free.fr>
 25:  * @copyright 2000-2015 XOOPS Project (http://xoops.org)
 26:  * @license   GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
 27:  * @link      http://xoops.org
 28:  * @since     2.0
 29:  */
 30: class Provisioning
 31: {
 32:     /**
 33:      * @var AuthAbstract instance
 34:      */
 35:     protected $auth_instance;
 36: 
 37:     /**
 38:      * @var bool
 39:      */
 40:     public $ldap_provisioning;
 41: 
 42:     /**
 43:      * @var bool
 44:      */
 45:     public $ldap_provisioning_upd;
 46: 
 47:     /**
 48:      * var array
 49:      */
 50:     public $ldap_field_mapping;
 51: 
 52:     /**
 53:      * @var array
 54:      */
 55:     public $ldap_provisioning_group;
 56: 
 57:     /**
 58:      * getInstance()
 59:      *
 60:      * @param AuthAbstract $auth_instance auth instance
 61:      *
 62:      * @return Provisioning Xoops\Auth\Provisioning
 63:      */
 64:     public static function getInstance(AuthAbstract $auth_instance)
 65:     {
 66:         static $provis_instance;
 67:         if (!isset($provis_instance)) {
 68:             $provis_instance = new self($auth_instance);
 69:         }
 70: 
 71:         return $provis_instance;
 72:     }
 73: 
 74:     /**
 75:      * Authentication Service constructor
 76:      *
 77:      * @param AuthAbstract $auth_instance auth instance
 78:      */
 79:     public function __construct(AuthAbstract $auth_instance)
 80:     {
 81:         $xoops = \Xoops::getInstance();
 82:         $this->auth_instance = $auth_instance;
 83:         $configs = $xoops->getConfigs();
 84:         foreach ($configs as $key => $val) {
 85:             $this->$key = $val;
 86:         }
 87:     }
 88: 
 89:     /**
 90:      * Return a Xoops User Object
 91:      *
 92:      * @param string $uname username
 93:      *
 94:      * @return mixed bool|XoopsUser
 95:      */
 96:     public function getXoopsUser($uname)
 97:     {
 98:         $xoops = \Xoops::getInstance();
 99:         $member_handler = $xoops->getHandlerMember();
100:         $criteria = new Criteria('uname', $uname);
101:         $getuser = $member_handler->getUsers($criteria);
102:         if (count($getuser) == 1) {
103:             return $getuser[0];
104:         } else {
105:             return false;
106:         }
107:     }
108: 
109:     /**
110:      * Launch the synchronisation process
111:      *
112:      * @param string $data  data
113:      * @param string $uname username
114:      * @param string $pwd   password
115:      *
116:      * @return bool|XoopsUser
117:      */
118:     public function sync($data, $uname, $pwd = null)
119:     {
120:         $xoopsUser = $this->getXoopsUser($uname);
121:         if (!$xoopsUser) { // Xoops User Database not exists
122:             if ($this->ldap_provisioning) {
123:                 $xoopsUser = $this->add($data, $uname, $pwd);
124:             } else {
125:                 $this->auth_instance->setErrors(0, sprintf(
126:                     \XoopsLocale::EF_CORRESPONDING_USER_NOT_FOUND_IN_DATABASE,
127:                     $uname
128:                 ));
129:             }
130:         } else { // Xoops User Database exists
131:             if ($this->ldap_provisioning && $this->ldap_provisioning_upd) {
132:                 $xoopsUser = $this->change($xoopsUser, $data, $uname, $pwd);
133:             }
134:         }
135: 
136:         return $xoopsUser;
137:     }
138: 
139:     /**
140:      * setVarsMapping
141:      *
142:      * @param object $object user object
143:      * @param array  $data   data
144:      *
145:      * @return void
146:      */
147:     protected function setVarsMapping($object, $data)
148:     {
149:         $tab_mapping = explode('|', $this->ldap_field_mapping);
150:         foreach ($tab_mapping as $mapping) {
151:             $fields = explode('=', trim($mapping));
152:             if (isset($fields[0]) && ($field0 = trim($fields[0]))) {
153:                 $str = '';
154:                 if (isset($fields[1]) && ($field1 = trim($fields[1]))) {
155:                     if (!empty($data[$field1][0])) {
156:                         $str = $data[$field1][0];
157:                     }
158:                 }
159:                 $object->setVar($field0, $str);
160:             }
161:         }
162:     }
163: 
164:     /**
165:      * Add a new user to the system
166:      *
167:      * @param string $data  data
168:      * @param string $uname username
169:      * @param string $pwd   password
170:      *
171:      * @return mixed XoopsUser or false
172:      */
173:     public function add($data, $uname, $pwd = null)
174:     {
175:         $xoops = \Xoops::getInstance();
176:         $ret = false;
177:         $member_handler = $xoops->getHandlerMember();
178:         // Create XOOPS Database User
179:         $newuser = $member_handler->createUser();
180:         $newuser->setVar('uname', $uname);
181:         $newuser->setVar('pass', password_hash(stripslashes($pwd), PASSWORD_DEFAULT));
182:         $newuser->setVar('last_pass_change', time());
183:         $newuser->setVar('rank', 0);
184:         $newuser->setVar('level', 1);
185:         $newuser->setVar('timezone', $xoops->getConfig('default_TZ'));
186:         $newuser->setVar('theme', $xoops->getConfig('theme_set'));
187:         //$newuser->setVar('umode', $xoops->getConfig('com_mode'));
188:         //$newuser->setVar('uorder', $xoops->getConfig('com_order'));
189:         $newuser->setVar('user_regdate', time());
190:         $this->setVarsMapping($newuser, $data);
191: 
192:         if ($member_handler->insertUser($newuser)) {
193:             foreach ($this->ldap_provisioning_group as $groupid) {
194:                 $member_handler->addUserToGroup($groupid, $newuser->getVar('uid'));
195:             }
196:             $newuser->unsetNew();
197: 
198:             return $newuser;
199:         } else {
200:             $xoops->redirect(\XoopsBaseConfig::get('url') . '/user.php', 5, $newuser->getHtmlErrors());
201:         }
202: 
203:         return $ret;
204:     }
205: 
206:     /**
207:      * Modify user information
208:      *
209:      * @param XoopsUser $xoopsUser user object
210:      * @param string    $data      data
211:      * @param string    $uname     username
212:      * @param string    $pwd       password
213:      *
214:      * @return bool|XoopsUser
215:      */
216:     public function change(XoopsUser $xoopsUser, $data, $uname, $pwd = null)
217:     {
218:         $xoops = \Xoops::getInstance();
219:         $ret = false;
220:         $member_handler = $xoops->getHandlerMember();
221:         $xoopsUser->setVar('pass', password_hash(stripslashes($pwd), PASSWORD_DEFAULT));
222:         $xoopsUser->setVar('last_pass_change', time());
223:         $this->setVarsMapping($xoopsUser, $data);
224: 
225:         if ($member_handler->insertUser($xoopsUser)) {
226:             return $xoopsUser;
227:         } else {
228:             $xoops->redirect(\XoopsBaseConfig::get('url') . '/user.php', 5, $xoopsUser->getHtmlErrors());
229:         }
230: 
231:         return $ret;
232:     }
233: 
234:     /**
235:      * Modify a user
236:      *
237:      * @return boolean|null
238:      */
239:     public function delete()
240:     {
241:     }
242: 
243:     /**
244:      * Suspend a user
245:      *
246:      * @return boolean|null
247:      */
248:     public function suspend()
249:     {
250:     }
251: 
252:     /**
253:      * Restore a user
254:      *
255:      * @return boolean|null
256:      */
257:     public function restore()
258:     {
259:     }
260: 
261:     /**
262:      * Add a new user to the system
263:      *
264:      * @return boolean|null
265:      */
266:     public function resetpwd()
267:     {
268:     }
269: }
270: