Skip to content

Commit

Permalink
Rename UserID to Anchor
Browse files Browse the repository at this point in the history
  • Loading branch information
lancer committed May 10, 2009
1 parent b95d168 commit 63142b4
Show file tree
Hide file tree
Showing 15 changed files with 98 additions and 88 deletions.
3 changes: 3 additions & 0 deletions ChangeLog
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
External Authenticator Changelog
--------------------------------
0.4
- [MISC] Rename (External_)UserID to Anchor

0.3.1
- [BUGFIX] Ticket #3649 - Syntax issue in LDAP driver
- [BUGFIX] Ticket #3568 - Variable Typo in SSTRIPE_Authenticator Authenticate()
Expand Down
7 changes: 7 additions & 0 deletions UPDATE
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
Update instructions to go from 0.3 to 0.4
-----------------------------------------

Logon to the database as administrator
alter table Member change column External_UserID External_Anchor VarChar(255);


Update instructions to go from 0.1 to 0.2/0.3
---------------------------------------------

Expand Down
18 changes: 9 additions & 9 deletions code/ExternalAuthenticatedRole.php
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,12 @@ class ExternalAuthenticatedRole extends DataObjectDecorator {
*/
function extraStatics() {
return array(
'db' => array('External_UserID' => 'Varchar(255)',
'db' => array('External_Anchor' => 'Varchar(255)',
'External_SourceID' => 'Varchar(50)'),
'has_one' => array(),
'defaults' => array('External_UserID' => null,
'defaults' => array('External_Anchor' => null,
'External_SourceID' => null),
'indexes' => array('External_UserID' => 'index (External_UserID)')
'indexes' => array('External_Anchor' => 'index (External_Anchor)')
);
}

Expand Down Expand Up @@ -76,7 +76,7 @@ function updateCMSFields(FieldSet &$fields) {
new DropdownField('External_SourceID', _t('ExternalAuthenticator.Sources'),
$sources));
$fields->addFieldToTab('Root.ExternalAuthentication',
new TextField('External_UserID', _t('ExternalAuthenticator.EnterNewId',
new TextField('External_Anchor', _t('ExternalAuthenticator.EnterNewId',
'ID to be used with this source')));
}

Expand Down Expand Up @@ -121,14 +121,14 @@ class ExternalAuthenticatedRole_Validator extends Extension {
* FALSE.
*/
function updatePHP(array $data, Form &$form) {
if (!isset($data['External_UserID']) || strlen(trim($data['External_UserID'])) == 0 ||
if (!isset($data['External_Anchor']) || strlen(trim($data['External_Anchor'])) == 0 ||
!isset($data['External_SourceID']) || strlen($data['External_SourceID']) == 0)
return true;

$member = DataObject::get_one('Member',
'External_UserID = \''.
Convert::raw2sql($data['External_UserID']) .
'\' AND External_SourceID = \'' .
'External_Anchor = \''.
Convert::raw2sql($data['External_Anchor']) .
'\' AND External_Source = \'' .
Convert::raw2sql($data['External_SourceID']) .'\'');

// if we are in a complex table field popup, use ctf[childID], else use
Expand All @@ -141,7 +141,7 @@ function updatePHP(array $data, Form &$form) {
}

if(is_object($member) && $member->ID != $id) {
$field = $form->dataFieldByName('External_UserID');
$field = $form->dataFieldByName('External_Anchor');
$this->owner->validationError($field->id(),
_t('ExternalAuthenticator.UserExists', 'There already exists a member with this account name'),
'required');
Expand Down
46 changes: 23 additions & 23 deletions code/ExternalAuthenticator.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ class ExternalAuthenticator extends Authenticator {
* Description of user id
* This description is used for all sources defined
*/
protected static $useriddesc = 'User ID';
protected static $anchordesc = 'User ID';

/**
* Message that results from authenticating
Expand Down Expand Up @@ -65,7 +65,7 @@ public static function createSource($sourceid, $authtype, $nicename) {
'authserver' => 'localhost', //IP or DNS name of server
'authport' => null, //IP port to use
'authsslock' => true, //Check SStripes locking mechanism
'useriddesc' => 'User ID', //How do we refer to a user id
'anchordesc' => 'User ID', //How do we refer to a user id
'encryption' => null, //Enable SSL or TLS encryption
'autoadd' => false, //Automatically add users?
'defaultdomain' => null, //Default mail domain for auto
Expand Down Expand Up @@ -257,19 +257,19 @@ public static function getAutoAdd($sourceid) {
/**
* Set the name of the user id
*
* @param string $useriddesc Description of user id
* @param string $anchordesc Description of user id
*/
public static function setIdDesc($useriddesc) {
self::$useriddesc = $useriddesc;
public static function setAnchorDesc($anchordesc) {
self::$anchordesc = $anchordesc;
}

/**
* Get the user id description
*
* @return string useriddesc Description
* @return string anchordesc Description
*/
public static function getIdDesc() {
return self::$useriddesc;
public static function getAnchorDesc() {
return self::$anchordesc;
}

/**
Expand Down Expand Up @@ -398,13 +398,13 @@ public static function AuthLog($message) {
* Writes a message to the audit log
*
* @param object $member The member if found in the database
* @param string $user_id The login name if the user
* @param string $anchor The login name if the user
* @param string $action_type What was tried?
* @param string $because Reason for success
* @param boolean $success Did we succeed
* @param string $source_id For which source
**/
public static function AuditLog($member, $user_id, $action_type, $because, $success, $source_id) {
public static function AuditLog($member, $anchor, $action_type, $because, $success, $source_id) {
if (self::getAuditLogSStripe()) {
//Use built-in mechanism
$attempt = new LoginAttempt();
Expand All @@ -422,14 +422,14 @@ public static function AuditLog($member, $user_id, $action_type, $because, $succ
}

$attempt->IP = Controller::curr()->getRequest()->getIP();
$attempt->Email = $user_id . '@' . $source_id;
$attempt->Email = $anchor . '@' . $source_id;
$attempt->write();
}

if (!is_bool(self::getAuditLogFile())) {
$logmessage = date(DATE_RFC822). ' - ';
if ($success) $logmessage .= '[SUCCESS] '; else $logmessage .= '[FAILURE] ';
$logmessage .= 'action ' . $action_type . ' for user ' . $user_id . ' at ' .
$logmessage .= 'action ' . $action_type . ' for user ' . $anchor . ' at ' .
Controller::curr()->getRequest()->getIP() . ' from source ' .
$source_id;
if (!is_null($because)) $logmessage .= ' because ' . $because;
Expand Down Expand Up @@ -473,7 +473,7 @@ public static function authenticate($RAW_data, Form $form = null) {
} else {
$A_sources = array($RAW_data['External_SourceID']);
}
$RAW_external_uid = trim($RAW_data['External_UserID']);
$RAW_external_anchor = trim($RAW_data['External_Anchor']);
$RAW_external_passwd = $RAW_data['Password'];
$userexists = false; //Does the user exist within SilverStripe?
$authsuccess = false; //Initialization of variable
Expand All @@ -484,21 +484,21 @@ public static function authenticate($RAW_data, Form $form = null) {
// User ID should not be empty
// Password should not be empty as well, but we check this in the
// external authentication method itself.
if (strlen($RAW_external_uid) == 0) {
if (strlen($RAW_external_anchor) == 0) {
if (!is_null($form)) {
$form->sessionMessage(sprintf(_t('ExternalAuthenticator.EnterUID', 'Please enter a %s') ,self::$useriddesc), 'bad');
$form->sessionMessage(sprintf(_t('ExternalAuthenticator.EnterUID', 'Please enter a %s') ,self::$anchordesc), 'bad');
}
return false;
}
$SQL_identity = Convert::raw2sql($RAW_external_uid);
$SQL_identity = Convert::raw2sql($RAW_external_anchor);

self::AuthLog('Starting process for user ' . $SQL_identity);

// Now we are going to check this user with each source from the source
// array, until we succeed or utterly fail
foreach ($A_sources as $RAW_source) {
$SQL_source = Convert::raw2sql($RAW_source);
if (($member = DataObject::get_one('Member',"Member.External_UserID = '$SQL_identity'".
if (($member = DataObject::get_one('Member',"Member.External_Anchor = '$SQL_identity'".
" AND Member.External_SourceID = '$SQL_source'"))) {
$userexists = true;
self::AuthLog($SQL_identity . ' - User with source ' . $RAW_source . ' found in database');
Expand All @@ -513,7 +513,7 @@ public static function authenticate($RAW_data, Form $form = null) {
self::AuthLog($SQL_identity . ' - This attempt is also logged in the database');
$form->sessionMessage(_t('ExternalAuthenticator.Failed'),'bad');

self::AuditLog($member, $RAW_external_uid, 'logon', 'account is locked' , false, $RAW_source);
self::AuditLog($member, $RAW_external_anchor, 'logon', 'account is locked' , false, $RAW_source);
return false;
} else {
self::AuthLog($SQL_identity . ' - User is not locked');
Expand All @@ -535,7 +535,7 @@ public static function authenticate($RAW_data, Form $form = null) {
$myauthenticator = new $myauthenticator();

self::AuthLog($SQL_identity . ' - executing authentication driver');
$RAW_result = $myauthenticator->Authenticate($RAW_source, $RAW_external_uid,
$RAW_result = $myauthenticator->Authenticate($RAW_source, $RAW_external_anchor,
$RAW_external_passwd);

if ($RAW_result) {
Expand All @@ -559,7 +559,7 @@ public static function authenticate($RAW_data, Form $form = null) {
// An external source verified our existence
if ($authsuccess && !$userexists && self::getAutoAdd($RAW_source)) {
// But SilverStripe denies our existence, so we add ourselves
$SQL_memberdata['External_UserID'] = $SQL_identity;
$SQL_memberdata['External_Anchor'] = $SQL_identity;
$SQL_memberdata['External_SourceID'] = $SQL_source;
if(isset($RAW_result['firstname'])) {
$SQL_memberdata['FirstName'] = Convert::raw2sql($RAW_result['firstname']);
Expand Down Expand Up @@ -600,7 +600,7 @@ public static function authenticate($RAW_data, Form $form = null) {
self::AuthLog($SQL_identity . ' - start adding user to database');
Group::addToGroupByName($member, $group->Code);
self::AuthLog($SQL_identity . ' - finished adding user to database');
self::AuditLog($member, $RAW_external_uid, 'creation', NULL , true, $RAW_source);
self::AuditLog($member, $RAW_external_anchor, 'creation', NULL , true, $RAW_source);
}
} else {
self::AuthLog($SQL_identity . ' - The group to add the user to did not exist');
Expand All @@ -616,14 +616,14 @@ public static function authenticate($RAW_data, Form $form = null) {
Session::set('Security.Message.message', self::$authmessage);
Session::set('Security.Message.type', 'good');

self::AuditLog($member, $RAW_external_uid, 'logon', NULL , true, $RAW_source);
self::AuditLog($member, $RAW_external_anchor, 'logon', NULL , true, $RAW_source);
return $member;
} else {
if(!is_null($form)) {
$form->sessionMessage(self::$authmessage,'bad');
}

self::AuditLog($member, $RAW_external_uid, 'logon', NULL , false, $RAW_source);
self::AuditLog($member, $RAW_external_anchor, 'logon', NULL , false, $RAW_source);

return false;
}
Expand Down
14 changes: 7 additions & 7 deletions code/ExternalLoginForm.php
Original file line number Diff line number Diff line change
Expand Up @@ -46,13 +46,13 @@ function __construct($controller, $name, $fields = null, $actions = null,
new HiddenField('AuthenticationMethod', null, $this->authenticator_class, $this));
} else {
if(!$fields) {
$userdesc = ExternalAuthenticator::getIdDesc();
$userdesc = ExternalAuthenticator::getAnchorDesc();
if ( ExternalAuthenticator::getAuthSequential() ) {
$fields = new FieldSet(
new HiddenField('AuthenticationMethod', null, $this->authenticator_class, $this),
new HiddenField('External_SourceID', 'External_SourceID', 'empty'),
new TextField('External_UserID', $userdesc,
Session::get('SessionForms.ExternalLoginForm.External_UserID')),
new TextField('External_Anchor', $userdesc,
Session::get('SessionForms.ExternalLoginForm.External_Anchor')),
new PasswordField('Password', _t('ExternalAuthenticator.Password','Password'))
);
} else {
Expand All @@ -61,8 +61,8 @@ function __construct($controller, $name, $fields = null, $actions = null,
new HiddenField('AuthenticationMethod', null, $this->authenticator_class, $this),
new DropdownField('External_SourceID', _t('ExternalAuthenticator.Sources','Authentication sources'),
$sources, Session::get('SessionForms.ExternalLoginForm.External_SourceID')),
new TextField('External_UserID', $userdesc,
Session::get('SessionForms.ExternalLoginForm.External_UserID')),
new TextField('External_Anchor', $userdesc,
Session::get('SessionForms.ExternalLoginForm.External_Anchor')),
new PasswordField('Password', _t('ExternalAuthenticator.Password'))
);
}
Expand Down Expand Up @@ -112,7 +112,7 @@ protected function getMessageFromSession() {
*/
public function dologin($data) {
if($this->performLogin($data)) {
Session::clear('SessionForms.ExternalLoginForm.External_UserID');
Session::clear('SessionForms.ExternalLoginForm.External_Anchor');
Session::clear('SessionForms.ExternalLoginForm.External_SourceID');
Session::clear('SessionForms.ExternalLoginForm.Remember');

Expand All @@ -123,7 +123,7 @@ public function dologin($data) {
Director::redirectBack();

} else {
Session::set('SessionForms.ExternalLoginForm.External_UserID', $data['External_UserID']);
Session::set('SessionForms.ExternalLoginForm.External_Anchor', $data['External_Anchor']);
Session::set('SessionForms.ExternalLoginForm.External_SourceID', $data['External_SourceID']);
Session::set('SessionForms.ExternalLoginForm.Remember', isset($data['Remember']));
if($badLoginURL = Session::get("BadLoginURL")) {
Expand Down
2 changes: 1 addition & 1 deletion code/drivers/FAKE.php
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ class FAKE_Authenticator {
* @return boolean True
*/

public function Authenticate($RAW_source, $RAW_external_uid, $RAW_external_passwd) {
public function Authenticate($RAW_source, $RAW_external_anchor, $RAW_external_passwd) {
return true;
}
}
Expand Down
Loading

0 comments on commit 63142b4

Please sign in to comment.