From f600fa3b1a3a4c81f6573d05dbcf286e2834a389 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 12:16:58 -0500 Subject: Rename the plugins, as I'm separating out Authn, Authz, and user information into separate plugins --- plugins/Authentication/AuthenticationPlugin.php | 172 ++++++++++++++++++++++++ 1 file changed, 172 insertions(+) create mode 100644 plugins/Authentication/AuthenticationPlugin.php (limited to 'plugins/Authentication') diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php new file mode 100644 index 000000000..ef78c7ce4 --- /dev/null +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -0,0 +1,172 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Superclass for plugins that do authentication + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +abstract class AuthenticationPlugin extends Plugin +{ + //is this plugin authoritative for authentication? + public $authoritative = false; + + //should accounts be automatically created after a successful login attempt? + public $autoregistration = false; + + //can the user change their email address + public $email_changeable=true; + + //can the user change their email address + public $password_changeable=true; + + //------------Auth plugin should implement some (or all) of these methods------------\\ + /** + * Check if a nickname/password combination is valid + * @param nickname + * @param password + * @return boolean true if the credentials are valid, false if they are invalid. + */ + function checkPassword($nickname, $password) + { + return false; + } + + /** + * Automatically register a user when they attempt to login with valid credentials. + * User::register($data) is a very useful method for this implementation + * @param nickname + * @return boolean true if the user was created, false if autoregistration is not allowed, null if this plugin is not responsible for this nickname + */ + function autoRegister($nickname) + { + return null; + } + + /** + * Change a user's password + * The old password has been verified to be valid by this plugin before this call is made + * @param nickname + * @param oldpassword + * @param newpassword + * @return boolean true if the password was changed, false if password changing failed for some reason, null if this plugin is not responsible for this nickname + */ + function changePassword($nickname,$oldpassword,$newpassword) + { + return null; + } + + /** + * Can a user change this field in his own profile? + * @param nickname + * @param field + * @return boolean true if the field can be changed, false if not allowed to change it, null if this plugin is not responsible for this nickname + */ + function canUserChangeField($nickname, $field) + { + return null; + } + + //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\ + function __construct() + { + parent::__construct(); + } + + function StartCheckPassword($nickname, $password, &$authenticatedUser){ + if($this->password_changeable){ + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated){ + $authenticatedUser = User::staticGet('nickname', $nickname); + if(!$authenticatedUser && $this->autoregistration){ + if($this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('nickname', $nickname); + } + } + return false; + }else{ + if($this->authoritative){ + return false; + } + } + //we're not authoritative, so let other handlers try + }else{ + if($this->authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing is not allowed')); + } + } + } + + function onStartChangePassword($nickname,$oldpassword,$newpassword) + { + if($this->password_changeable){ + $authenticated = $this->checkPassword($nickname, $oldpassword); + if($authenticated){ + $result = $this->changePassword($nickname,$oldpassword,$newpassword); + if($result){ + //stop handling of other handlers, because what was requested was done + return false; + }else{ + throw new Exception(_('Password changing failed')); + } + }else{ + if($this->authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing failed')); + }else{ + //let another handler try + return null; + } + } + }else{ + if($this->authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing is not allowed')); + } + } + } + + function onStartAccountSettingsPasswordMenuItem($widget) + { + if($this->authoritative && !$this->password_changeable){ + //since we're authoritative, no other plugin could change passwords, so do render the menu item + return false; + } + } +} + -- cgit v1.2.3-54-g00ecf From b43866d9aab10574ec215eea059ab54e5be38841 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 14:04:32 -0500 Subject: Correct stupid spelling errors --- plugins/Authentication/AuthenticationPlugin.php | 2 +- plugins/LdapAuthentication/LdapAuthenticationPlugin.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins/Authentication') diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index ef78c7ce4..e3e55fea6 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -107,7 +107,7 @@ abstract class AuthenticationPlugin extends Plugin parent::__construct(); } - function StartCheckPassword($nickname, $password, &$authenticatedUser){ + function onStartCheckPassword($nickname, $password, &$authenticatedUser){ if($this->password_changeable){ $authenticated = $this->checkPassword($nickname, $password); if($authenticated){ diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index f14080b2d..d3ccd93b6 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -34,7 +34,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { require_once INSTALLDIR.'/plugins/Authentication/AuthenticationPlugin.php'; require_once 'Net/LDAP2.php'; -class LdapAuthenticatonPlugin extends AuthenticationPlugin +class LdapAuthenticationPlugin extends AuthenticationPlugin { public $host=null; public $port=null; -- cgit v1.2.3-54-g00ecf From ed690615de8f6433a1a4d9a8fc7c28385af47d8a Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 12 Nov 2009 20:12:00 -0500 Subject: Added a User_username table that links the external username with a StatusNet user_id Added EmailAuthenticationPlugin Added ReverseUsernameAuthenticationPlugin Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static --- EVENTS.txt | 4 +- actions/passwordsettings.php | 4 +- classes/User.php | 16 +- classes/statusnet.ini | 10 ++ index.php | 1 - lib/util.php | 1 + plugins/Authentication/AuthenticationPlugin.php | 177 ++++++++++++++------- plugins/Authentication/User_username.php | 25 +++ .../EmailAuthenticationPlugin.php | 54 +++++++ plugins/EmailAuthentication/README | 7 + .../LdapAuthenticationPlugin.php | 56 +++---- plugins/LdapAuthentication/README | 5 +- plugins/ReverseUsernameAuthentication/README | 26 +++ .../ReverseUsernameAuthenticationPlugin.php | 58 +++++++ 14 files changed, 349 insertions(+), 95 deletions(-) create mode 100644 plugins/Authentication/User_username.php create mode 100644 plugins/EmailAuthentication/EmailAuthenticationPlugin.php create mode 100644 plugins/EmailAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php (limited to 'plugins/Authentication') diff --git a/EVENTS.txt b/EVENTS.txt index 3acff277b..c788a9215 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -528,12 +528,12 @@ EndCheckPassword: After checking a username/password pair - $authenticatedUser: User object if credentials match a user, else null. StartChangePassword: Before changing a password -- $nickname: user's nickname +- $user: user - $oldpassword: the user's old password - $newpassword: the desired new password EndChangePassword: After changing a password -- $nickname: user's nickname +- $user: user UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index 9e79501e2..11d7bf785 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -170,7 +170,7 @@ class PasswordsettingsAction extends AccountSettingsAction } $success = false; - if(! Event::handle('StartChangePassword', array($user->nickname, $oldpassword, $newpassword))){ + if(! Event::handle('StartChangePassword', array($user, $oldpassword, $newpassword))){ //no handler changed the password, so change the password internally $original = clone($user); @@ -186,7 +186,7 @@ class PasswordsettingsAction extends AccountSettingsAction $this->serverError(_('Can\'t save new password.')); return; } - Event::handle('EndChangePassword', array($nickname)); + Event::handle('EndChangePassword', array($user)); } $this->showForm(_('Password saved.'), true); diff --git a/classes/User.php b/classes/User.php index 9b90ce61b..9f1ee53f4 100644 --- a/classes/User.php +++ b/classes/User.php @@ -114,7 +114,7 @@ class User extends Memcached_DataObject return $result; } - function allowed_nickname($nickname) + static function allowed_nickname($nickname) { // XXX: should already be validated for size, content, etc. $blacklist = common_config('nickname', 'blacklist'); @@ -190,7 +190,17 @@ class User extends Memcached_DataObject $profile->query('BEGIN'); + if(!empty($email)) + { + $email = common_canonical_email($email); + } + + $nickname = common_canonical_nickname($nickname); $profile->nickname = $nickname; + if(! User::allowed_nickname($nickname)){ + common_log(LOG_WARNING, sprintf("Attempted to register a nickname that is not allowed: %s", $profile->nickname), + __FILE__); + } $profile->profileurl = common_profile_url($nickname); if (!empty($fullname)) { @@ -242,6 +252,10 @@ class User extends Memcached_DataObject } } + if(isset($email_confirmed) && $email_confirmed) { + $user->email = $email; + } + // This flag is ignored but still set to 1 $user->inboxed = 1; diff --git a/classes/statusnet.ini b/classes/statusnet.ini index 912d05cdf..19ab7bf97 100644 --- a/classes/statusnet.ini +++ b/classes/statusnet.ini @@ -566,3 +566,13 @@ modified = 384 user_id = K token = K +[user_username] +user_id = 129 +provider_name = 130 +username = 130 +created = 142 +modified = 384 + +[user_username__keys] +provider_name = K +username = K diff --git a/index.php b/index.php index b1e4f651e..577b491ed 100644 --- a/index.php +++ b/index.php @@ -68,7 +68,6 @@ function getPath($req) */ function handleError($error) { -//error_log(print_r($error,1)); if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { return; } diff --git a/lib/util.php b/lib/util.php index 68f3520db..4b2a25ead 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1058,6 +1058,7 @@ function common_log($priority, $msg, $filename=null) } } else { common_ensure_syslog(); + error_log($msg); syslog($priority, $msg); } } diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index e3e55fea6..99b61b808 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -48,20 +48,20 @@ abstract class AuthenticationPlugin extends Plugin //should accounts be automatically created after a successful login attempt? public $autoregistration = false; - //can the user change their email address - public $email_changeable=true; - //can the user change their email address public $password_changeable=true; + //unique name for this authentication provider + public $provider_name; + //------------Auth plugin should implement some (or all) of these methods------------\\ /** * Check if a nickname/password combination is valid - * @param nickname + * @param username * @param password * @return boolean true if the credentials are valid, false if they are invalid. */ - function checkPassword($nickname, $password) + function checkPassword($username, $password) { return false; } @@ -69,88 +69,116 @@ abstract class AuthenticationPlugin extends Plugin /** * Automatically register a user when they attempt to login with valid credentials. * User::register($data) is a very useful method for this implementation - * @param nickname - * @return boolean true if the user was created, false if autoregistration is not allowed, null if this plugin is not responsible for this nickname + * @param username + * @return boolean true if the user was created, false if not */ - function autoRegister($nickname) + function autoRegister($username) { - return null; + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); } /** * Change a user's password * The old password has been verified to be valid by this plugin before this call is made - * @param nickname + * @param username * @param oldpassword * @param newpassword - * @return boolean true if the password was changed, false if password changing failed for some reason, null if this plugin is not responsible for this nickname + * @return boolean true if the password was changed, false if password changing failed for some reason */ - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { - return null; - } - - /** - * Can a user change this field in his own profile? - * @param nickname - * @param field - * @return boolean true if the field can be changed, false if not allowed to change it, null if this plugin is not responsible for this nickname - */ - function canUserChangeField($nickname, $field) - { - return null; + return false; } //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\ - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + if(!isset($this->provider_name)){ + throw new Exception("must specify a provider_name for this authentication provider"); + } } - + function onStartCheckPassword($nickname, $password, &$authenticatedUser){ - if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $password); + //map the nickname to a username + $user_username = new User_username(); + $user_username->username=$nickname; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $username = $user_username->username; + $authenticated = $this->checkPassword($username, $password); if($authenticated){ - $authenticatedUser = User::staticGet('nickname', $nickname); - if(!$authenticatedUser && $this->autoregistration){ - if($this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('id', $user_username->user_id); + return false; + } + }else{ + $user = User::staticGet('nickname', $nickname); + if($user){ + //make sure a different provider isn't handling this nickname + $user_username = new User_username(); + $user_username->username=$nickname; + if(!$user_username->find()){ + //no other provider claims this username, so it's safe for us to handle it + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated){ $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; } } - return false; }else{ - if($this->authoritative){ - return false; + if($this->autoregistration){ + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated && $this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; + } } } - //we're not authoritative, so let other handlers try + } + if($this->authoritative){ + return false; }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing is not allowed')); - } + //we're not authoritative, so let other handlers try + return; } } - function onStartChangePassword($nickname,$oldpassword,$newpassword) + function onStartChangePassword($user,$oldpassword,$newpassword) { if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $oldpassword); - if($authenticated){ - $result = $this->changePassword($nickname,$oldpassword,$newpassword); - if($result){ - //stop handling of other handlers, because what was requested was done - return false; - }else{ - throw new Exception(_('Password changing failed')); - } - }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing failed')); + $user_username = new User_username(); + $user_username->user_id=$user->id; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $authenticated = $this->checkPassword($user_username->username, $oldpassword); + if($authenticated){ + $result = $this->changePassword($user_username->username,$oldpassword,$newpassword); + if($result){ + //stop handling of other handlers, because what was requested was done + return false; + }else{ + throw new Exception(_('Password changing failed')); + } }else{ - //let another handler try - return null; + if($this->authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing failed')); + }else{ + //let another handler try + return null; + } } } }else{ @@ -164,9 +192,42 @@ abstract class AuthenticationPlugin extends Plugin function onStartAccountSettingsPasswordMenuItem($widget) { if($this->authoritative && !$this->password_changeable){ - //since we're authoritative, no other plugin could change passwords, so do render the menu item + //since we're authoritative, no other plugin could change passwords, so do not render the menu item + return false; + } + } + + function onAutoload($cls) + { + switch ($cls) + { + case 'User_username': + require_once(INSTALLDIR.'/plugins/Authentication/User_username.php'); return false; + default: + return true; } } + + function onCheckSchema() { + $schema = Schema::get(); + $schema->ensureTable('user_username', + array(new ColumnDef('provider_name', 'varchar', + '255', false, 'PRI'), + new ColumnDef('username', 'varchar', + '255', false, 'PRI'), + new ColumnDef('user_id', 'integer', + null, false), + new ColumnDef('created', 'datetime', + null, false), + new ColumnDef('modified', 'timestamp'))); + return true; + } + + function onUserDeleteRelated($user, &$tables) + { + $tables[] = 'User_username'; + return true; + } } diff --git a/plugins/Authentication/User_username.php b/plugins/Authentication/User_username.php new file mode 100644 index 000000000..79adeb189 --- /dev/null +++ b/plugins/Authentication/User_username.php @@ -0,0 +1,25 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +class EmailAuthenticationPlugin extends Plugin +{ + //---interface implementation---// + + function onStartCheckPassword($nickname, $password, &$authenticatedUser) + { + if(strpos($nickname, '@')) + { + $user = User::staticGet('email',$nickname); + if($user && isset($user->email)) + { + if(common_check_user($user->nickname,$password)) + { + $authenticatedUser = $user; + return false; + } + } + } + } +} + diff --git a/plugins/EmailAuthentication/README b/plugins/EmailAuthentication/README new file mode 100644 index 000000000..320815689 --- /dev/null +++ b/plugins/EmailAuthentication/README @@ -0,0 +1,7 @@ +The Email Authentication plugin allows users to login using their email address. + +The provided email address is used to lookup the user's nickname, then that nickname and the provided password is checked. + +Installation +============ +add "addPlugin('emailAuthentication');" to the bottom of your config.php diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index ded5cf299..865154730 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -48,20 +48,31 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin public $scope=null; public $attributes=array(); - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->host)){ + throw new Exception("must specify a host"); + } + if(!isset($this->basedn)){ + throw new Exception("must specify a basedn"); + } + if(!isset($this->attributes['nickname'])){ + throw new Exception("must specify a nickname attribute"); + } + if(!isset($this->attributes['username'])){ + throw new Exception("must specify a username attribute"); + } } //---interface implementation---// - function checkPassword($nickname, $password) + function checkPassword($username, $password) { $ldap = $this->ldap_get_connection(); if(!$ldap){ return false; } - $entry = $this->ldap_get_user($nickname); + $entry = $this->ldap_get_user($username); if(!$entry){ return false; }else{ @@ -76,48 +87,33 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin } } - function autoRegister($nickname) + function autoRegister($username) { - $entry = $this->ldap_get_user($nickname,$this->attributes); + $entry = $this->ldap_get_user($username,$this->attributes); if($entry){ $registration_data = array(); foreach($this->attributes as $sn_attribute=>$ldap_attribute){ - if($sn_attribute=='email'){ - $registration_data[$sn_attribute]=common_canonical_email($entry->getValue($ldap_attribute,'single')); - }else if($sn_attribute=='nickname'){ - $registration_data[$sn_attribute]=common_canonical_nickname($entry->getValue($ldap_attribute,'single')); - }else{ - $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); - } + $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); + } + if(isset($registration_data['email']) && !empty($registration_data['email'])){ + $registration_data['email_confirmed']=true; } //set the database saved password to a random string. $registration_data['password']=common_good_rand(16); - $user = User::register($registration_data); - return true; + return User::register($registration_data); }else{ //user isn't in ldap, so we cannot register him - return null; + return false; } } - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { //TODO implement this throw new Exception(_('Sorry, changing LDAP passwords is not supported at this time')); return false; } - - function canUserChangeField($nickname, $field) - { - switch($field) - { - case 'password': - case 'nickname': - case 'email': - return false; - } - } //---utility functions---// function ldap_get_config(){ @@ -159,7 +155,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin */ function ldap_get_user($username,$attributes=array()){ $ldap = $this->ldap_get_connection(); - $filter = Net_LDAP2_Filter::create($this->attributes['nickname'], 'equals', $username); + $filter = Net_LDAP2_Filter::create($this->attributes['username'], 'equals', $username); $options = array( 'scope' => 'sub', 'attributes' => $attributes diff --git a/plugins/LdapAuthentication/README b/plugins/LdapAuthentication/README index 03647e7c7..b10a1eb93 100644 --- a/plugins/LdapAuthentication/README +++ b/plugins/LdapAuthentication/README @@ -6,7 +6,8 @@ add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'valu Settings ======== -authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database). +provider_name*: a unique name for this authentication provider. +authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check any other plugins or the internal password database). autoregistration (false): Set to true if users should be automatically created when they attempt to login. email_changeable (true): Are users allowed to change their email address? (true or false) password_changeable (true): Are users allowed to change their passwords? (true or false) @@ -23,6 +24,7 @@ filter: Default search filter. See http://pear.php.net/manual/en/package.network scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name + username* nickname* email fullname @@ -37,6 +39,7 @@ Example Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. addPlugin('ldapAuthentication', array( + 'provider_name'=>'Example', 'authoritative'=>true, 'autoregistration'=>true, 'binddn'=>'username', diff --git a/plugins/ReverseUsernameAuthentication/README b/plugins/ReverseUsernameAuthentication/README new file mode 100644 index 000000000..e9160ed9b --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/README @@ -0,0 +1,26 @@ +The Reverse Username Authentication plugin allows for StatusNet to handle authentication by checking if the provided password is the same as the reverse of the username. + +THIS PLUGIN IS FOR TESTING PURPOSES ONLY + +Installation +============ +add "addPlugin('reverseUsernameAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php + +Settings +======== +provider_name*: a unique name for this authentication provider. +password_changeable*: must be set to false. This plugin does not support changing passwords. +authoritative (false): Set to true if this plugin's responses are authoritative (meaning if this fails, do check any other plugins or the internal password database). +autoregistration (false): Set to true if users should be automatically created when they attempt to login. + +* required +default values are in (parenthesis) + +Example +======= +addPlugin('reverseUsernameAuthentication', array( + 'provider_name'=>'Example', + 'password_changeable'=>false, + 'authoritative'=>true, + 'autoregistration'=>true +)); diff --git a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php new file mode 100644 index 000000000..d48283b2e --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php @@ -0,0 +1,58 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/plugins/Authentication/AuthenticationPlugin.php'; + +class ReverseUsernameAuthenticationPlugin extends AuthenticationPlugin +{ + //---interface implementation---// + + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->password_changeable) && $this->password_changeable){ + throw new Exception("password_changeable cannot be set to true. This plugin does not support changing passwords."); + } + } + + function checkPassword($username, $password) + { + return $username == strrev($password); + } + + function autoRegister($username) + { + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); + } +} -- cgit v1.2.3-54-g00ecf From b9562cbb18a7b8f3f01bcbc8540933c4dfc10fb9 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 13 Nov 2009 12:54:27 -0500 Subject: autoregister returns the new user on success (not just true) --- plugins/Authentication/AuthenticationPlugin.php | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'plugins/Authentication') diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index 99b61b808..f061e456d 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -70,7 +70,7 @@ abstract class AuthenticationPlugin extends Plugin * Automatically register a user when they attempt to login with valid credentials. * User::register($data) is a very useful method for this implementation * @param username - * @return boolean true if the user was created, false if not + * @return mixed instance of User, or false (if user couldn't be created) */ function autoRegister($username) { @@ -134,15 +134,18 @@ abstract class AuthenticationPlugin extends Plugin }else{ if($this->autoregistration){ $authenticated = $this->checkPassword($nickname, $password); - if($authenticated && $this->autoregister($nickname)){ - $authenticatedUser = User::staticGet('nickname', $nickname); - $user_username = new User_username(); - $user_username->user_id = $authenticatedUser->id; - $user_username->provider_name = $this->provider_name; - $user_username->username = $nickname; - $user_username->created = DB_DataObject_Cast::dateTime(); - $user_username->insert(); - return false; + if($authenticated){ + $user = $this->autoregister($nickname); + if($user){ + $authenticatedUser = $user; + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; + } } } } -- cgit v1.2.3-54-g00ecf From 5494eb61465595466b897fdd88efda250c1107e2 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 13 Nov 2009 13:11:28 -0500 Subject: Refactor User_username object creation to reuse code --- plugins/Authentication/AuthenticationPlugin.php | 14 ++------------ plugins/Authentication/User_username.php | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+), 12 deletions(-) (limited to 'plugins/Authentication') diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index f061e456d..a76848b04 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -122,12 +122,7 @@ abstract class AuthenticationPlugin extends Plugin $authenticated = $this->checkPassword($nickname, $password); if($authenticated){ $authenticatedUser = User::staticGet('nickname', $nickname); - $user_username = new User_username(); - $user_username->user_id = $authenticatedUser->id; - $user_username->provider_name = $this->provider_name; - $user_username->username = $nickname; - $user_username->created = DB_DataObject_Cast::dateTime(); - $user_username->insert(); + User_username::register($authenticatedUser,$nickname,$this->provider_name); return false; } } @@ -138,12 +133,7 @@ abstract class AuthenticationPlugin extends Plugin $user = $this->autoregister($nickname); if($user){ $authenticatedUser = $user; - $user_username = new User_username(); - $user_username->user_id = $authenticatedUser->id; - $user_username->provider_name = $this->provider_name; - $user_username->username = $nickname; - $user_username->created = DB_DataObject_Cast::dateTime(); - $user_username->insert(); + User_username::register($authenticatedUser,$nickname,$this->provider_name); return false; } } diff --git a/plugins/Authentication/User_username.php b/plugins/Authentication/User_username.php index 79adeb189..f30f60d83 100644 --- a/plugins/Authentication/User_username.php +++ b/plugins/Authentication/User_username.php @@ -22,4 +22,25 @@ class User_username extends Memcached_DataObject /* the code above is auto generated do not remove the tag below */ ###END_AUTOCODE + + /** + * Register a user with a username on a given provider + * @param User User object + * @param string username on the given provider + * @param provider_name string name of the provider + * @return mixed User_username instance if the registration succeeded, false if it did not + */ + static function register($user, $username, $provider_name) + { + $user_username = new User_username(); + $user_username->user_id = $user->id; + $user_username->provider_name = $provider_name; + $user_username->username = $username; + $user_username->created = DB_DataObject_Cast::dateTime(); + if($user_username->insert()){ + return $user_username; + }else{ + return false; + } + } } -- cgit v1.2.3-54-g00ecf From a373d07ae00b878f47970f2e4a7d86c6ec3a65cf Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Mon, 16 Nov 2009 15:24:25 -0500 Subject: Allow plugin DB_DataObject classes to not have to use the .ini file by overriding keys(), table(), and sequenceKey() for them --- classes/Plugin_DataObject.php | 195 ++++++++++++++++++++++++ classes/statusnet.ini | 31 ---- lib/schema.php | 41 ++++- plugins/Authentication/AuthenticationPlugin.php | 11 +- plugins/Authentication/User_username.php | 22 ++- plugins/OpenID/OpenIDPlugin.php | 23 +-- plugins/OpenID/User_openid.php | 22 ++- plugins/OpenID/User_openid_trustroot.php | 20 ++- plugins/UserFlag/UserFlagPlugin.php | 11 +- plugins/UserFlag/User_flag_profile.php | 21 ++- 10 files changed, 318 insertions(+), 79 deletions(-) create mode 100644 classes/Plugin_DataObject.php (limited to 'plugins/Authentication') diff --git a/classes/Plugin_DataObject.php b/classes/Plugin_DataObject.php new file mode 100644 index 000000000..d5cecf0f7 --- /dev/null +++ b/classes/Plugin_DataObject.php @@ -0,0 +1,195 @@ +. + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } + +require_once INSTALLDIR.'/classes/Memcached_DataObject.php'; + +abstract class Plugin_DataObject extends Memcached_DataObject +{ + function table() { + static $table = null; + if($table == null) { + $table = array(); + $DB = $this->getDatabaseConnection(); + $dbtype = $DB->phptype; + $tableDef = $this->tableDef(); + foreach($tableDef->columns as $columnDef){ + switch(strtoupper($columnDef->type)) { + /*shamelessly copied from DB_DataObject_Generator*/ + case 'INT': + case 'INT2': // postgres + case 'INT4': // postgres + case 'INT8': // postgres + case 'SERIAL4': // postgres + case 'SERIAL8': // postgres + case 'INTEGER': + case 'TINYINT': + case 'SMALLINT': + case 'MEDIUMINT': + case 'BIGINT': + $type = DB_DATAOBJECT_INT; + if ($columnDef->size == 1) { + $type += DB_DATAOBJECT_BOOL; + } + break; + + case 'REAL': + case 'DOUBLE': + case 'DOUBLE PRECISION': // double precision (firebird) + case 'FLOAT': + case 'FLOAT4': // real (postgres) + case 'FLOAT8': // double precision (postgres) + case 'DECIMAL': + case 'MONEY': // mssql and maybe others + case 'NUMERIC': + case 'NUMBER': // oci8 + $type = DB_DATAOBJECT_INT; // should really by FLOAT!!! / MONEY... + break; + + case 'YEAR': + $type = DB_DATAOBJECT_INT; + break; + + case 'BIT': + case 'BOOL': + case 'BOOLEAN': + + $type = DB_DATAOBJECT_BOOL; + // postgres needs to quote '0' + if ($dbtype == 'pgsql') { + $type += DB_DATAOBJECT_STR; + } + break; + + case 'STRING': + case 'CHAR': + case 'VARCHAR': + case 'VARCHAR2': + case 'TINYTEXT': + + case 'ENUM': + case 'SET': // not really but oh well + + case 'POINT': // mysql geometry stuff - not really string - but will do.. + + case 'TIMESTAMPTZ': // postgres + case 'BPCHAR': // postgres + case 'INTERVAL': // postgres (eg. '12 days') + + case 'CIDR': // postgres IP net spec + case 'INET': // postgres IP + case 'MACADDR': // postgress network Mac address. + + case 'INTEGER[]': // postgres type + case 'BOOLEAN[]': // postgres type + + $type = DB_DATAOBJECT_STR; + break; + + case 'TEXT': + case 'MEDIUMTEXT': + case 'LONGTEXT': + + $type = DB_DATAOBJECT_STR + DB_DATAOBJECT_TXT; + break; + + + case 'DATE': + $type = DB_DATAOBJECT_STR + DB_DATAOBJECT_DATE; + break; + + case 'TIME': + $type = DB_DATAOBJECT_STR + DB_DATAOBJECT_TIME; + break; + + + case 'DATETIME': + + $type = DB_DATAOBJECT_STR + DB_DATAOBJECT_DATE + DB_DATAOBJECT_TIME; + break; + + case 'TIMESTAMP': // do other databases use this??? + + $type = ($dbtype == 'mysql') ? + DB_DATAOBJECT_MYSQLTIMESTAMP : + DB_DATAOBJECT_STR + DB_DATAOBJECT_DATE + DB_DATAOBJECT_TIME; + break; + + + case 'BLOB': /// these should really be ignored!!!??? + case 'TINYBLOB': + case 'MEDIUMBLOB': + case 'LONGBLOB': + + case 'CLOB': // oracle character lob support + + case 'BYTEA': // postgres blob support.. + $type = DB_DATAOBJECT_STR + DB_DATAOBJECT_BLOB; + break; + + default: + throw new Exception("Cannot handle datatype: $columnDef->type"); + } + if(! $columnDef->nullable) { + $type+=DB_DATAOBJECT_NOTNULL; + } + $table[$columnDef->name]=$type; + } + } + return $table; + } + + function keys() { + static $keys = null; + if($keys == null) { + $keys = array(); + $tableDef = $this->tableDef(); + foreach($tableDef->columns as $columnDef){ + if($columnDef->key != null){ + $keys[] = $columnDef->name; + } + } + } + return $keys; + } + + function sequenceKey() { + static $sequenceKey = null; + if($sequenceKey == null) { + $sequenceKey = array(false,false); + $tableDef = $this->tableDef(); + foreach($tableDef->columns as $columnDef){ + if($columnDef->key == 'PRI' && $columnDef->auto_increment){ + $sequenceKey=array($columnDef->name,true); + } + } + } + return $sequenceKey; + } + + /** + * Get the TableDef object that represents the table backing this class + * Ideally, this function would a static function, but PHP doesn't allow + * abstract static functions + * @return TableDef TableDef instance + */ + abstract function tableDef(); +} + diff --git a/classes/statusnet.ini b/classes/statusnet.ini index 19ab7bf97..8572ea8ac 100644 --- a/classes/statusnet.ini +++ b/classes/statusnet.ini @@ -526,27 +526,6 @@ modified = 384 [user_group__keys] id = N -[user_openid] -canonical = 130 -display = 130 -user_id = 129 -created = 142 -modified = 384 - -[user_openid__keys] -canonical = K -display = U - -[user_openid_trustroot] -trustroot = 130 -user_id = 129 -created = 142 -modified = 384 - -[user_openid__keys] -trustroot = K -user_id = K - [user_role] user_id = 129 role = 130 @@ -566,13 +545,3 @@ modified = 384 user_id = K token = K -[user_username] -user_id = 129 -provider_name = 130 -username = 130 -created = 142 -modified = 384 - -[user_username__keys] -provider_name = K -username = K diff --git a/lib/schema.php b/lib/schema.php index 1e0c1f3e9..560884d9f 100644 --- a/lib/schema.php +++ b/lib/schema.php @@ -372,6 +372,26 @@ class Schema return true; } + /** + * Ensures that the table that backs a given + * Plugin_DataObject class exists. + * + * If the table does not yet exist, it will + * create the table. If it does exist, it will + * alter the table to match the column definitions. + * + * @param Plugin_DataObject $dataObjectClass + * + * @return boolean success flag + */ + + public function ensureDataObject($dataObjectClass) + { + $obj = new $dataObjectClass(); + $tableDef = $obj->tableDef(); + return $this->ensureTable($tableDef->name,$tableDef->columns); + } + /** * Ensures that a table exists with the given * name and the given column definitions. @@ -544,6 +564,19 @@ class TableDef public $name; /** array of ColumnDef objects for the columns. */ public $columns; + + /** + * Constructor. + * + * @param string $name name of the table + * @param array $columns columns in the table + */ + + function __construct($name=null,$columns=null) + { + $this->name = $name; + $this->columns = $columns; + } } /** @@ -576,6 +609,8 @@ class ColumnDef /** 'extra' stuff. Returned by MySQL, largely * unused. */ public $extra; + /** auto increment this field if no value is specific for it during an insert **/ + public $auto_increment; /** * Constructor. @@ -591,7 +626,7 @@ class ColumnDef function __construct($name=null, $type=null, $size=null, $nullable=true, $key=null, $default=null, - $extra=null) + $extra=null, $auto_increment=false) { $this->name = strtolower($name); $this->type = strtolower($type); @@ -600,6 +635,7 @@ class ColumnDef $this->key = $key; $this->default = $default; $this->extra = $extra; + $this->auto_increment = $auto_increment; } /** @@ -617,7 +653,8 @@ class ColumnDef $this->_typeMatch($other) && $this->_defaultMatch($other) && $this->_nullMatch($other) && - $this->key == $other->key); + $this->key == $other->key && + $this->auto_increment == $other->auto_increment); } /** diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index a76848b04..a80da901c 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -204,16 +204,7 @@ abstract class AuthenticationPlugin extends Plugin function onCheckSchema() { $schema = Schema::get(); - $schema->ensureTable('user_username', - array(new ColumnDef('provider_name', 'varchar', - '255', false, 'PRI'), - new ColumnDef('username', 'varchar', - '255', false, 'PRI'), - new ColumnDef('user_id', 'integer', - null, false), - new ColumnDef('created', 'datetime', - null, false), - new ColumnDef('modified', 'timestamp'))); + $schema->ensureDataObject(User_username); return true; } diff --git a/plugins/Authentication/User_username.php b/plugins/Authentication/User_username.php index f30f60d83..6826f2681 100644 --- a/plugins/Authentication/User_username.php +++ b/plugins/Authentication/User_username.php @@ -2,9 +2,9 @@ /** * Table Definition for user_username */ -require_once INSTALLDIR.'/classes/Memcached_DataObject.php'; +require_once INSTALLDIR.'/classes/Plugin_DataObject.php'; -class User_username extends Memcached_DataObject +class User_username extends Plugin_DataObject { ###START_AUTOCODE /* the code below is auto generated do not remove the above tag */ @@ -43,4 +43,22 @@ class User_username extends Memcached_DataObject return false; } } + + /** + * Get the TableDef object that represents the table backing this class + * @return TableDef TableDef instance + */ + function tableDef() + { + return new TableDef($this->__table, + array(new ColumnDef('provider_name', 'varchar', + '255', false, 'PRI'), + new ColumnDef('username', 'varchar', + '255', false, 'PRI'), + new ColumnDef('user_id', 'integer', + null, false), + new ColumnDef('created', 'datetime', + null, false), + new ColumnDef('modified', 'timestamp'))); + } } diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index 55c0eadaf..88e23ea3e 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -156,6 +156,9 @@ class OpenIDPlugin extends Plugin case 'User_openid': require_once(INSTALLDIR.'/plugins/OpenID/User_openid.php'); return false; + case 'User_openid_trustroot': + require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php'); + return false; default: return true; } @@ -278,24 +281,8 @@ class OpenIDPlugin extends Plugin function onCheckSchema() { $schema = Schema::get(); - $schema->ensureTable('user_openid', - array(new ColumnDef('canonical', 'varchar', - '255', false, 'PRI'), - new ColumnDef('display', 'varchar', - '255', false), - new ColumnDef('user_id', 'integer', - null, false, 'MUL'), - new ColumnDef('created', 'datetime', - null, false), - new ColumnDef('modified', 'timestamp'))); - $schema->ensureTable('user_openid_trustroot', - array(new ColumnDef('trustroot', 'varchar', - '255', false, 'PRI'), - new ColumnDef('user_id', 'integer', - null, false, 'PRI'), - new ColumnDef('created', 'datetime', - null, false), - new ColumnDef('modified', 'timestamp'))); + $schema->ensureDataObject(User_openid); + $schema->ensureDataObject(User_openid_trustroot); return true; } diff --git a/plugins/OpenID/User_openid.php b/plugins/OpenID/User_openid.php index 338e0f6e9..c3624118e 100644 --- a/plugins/OpenID/User_openid.php +++ b/plugins/OpenID/User_openid.php @@ -2,9 +2,9 @@ /** * Table Definition for user_openid */ -require_once INSTALLDIR.'/classes/Memcached_DataObject.php'; +require_once INSTALLDIR.'/classes/Plugin_DataObject.php'; -class User_openid extends Memcached_DataObject +class User_openid extends Plugin_DataObject { ###START_AUTOCODE /* the code below is auto generated do not remove the above tag */ @@ -33,4 +33,22 @@ class User_openid extends Memcached_DataObject return ($cnt > 0); } + + /** + * Get the TableDef object that represents the table backing this class + * @return TableDef TableDef instance + */ + function tableDef() + { + return new TableDef($this->__table, + array(new ColumnDef('canonical', 'varchar', + '255', false, 'PRI'), + new ColumnDef('display', 'varchar', + '255', false), + new ColumnDef('user_id', 'integer', + null, false, 'MUL'), + new ColumnDef('created', 'datetime', + null, false), + new ColumnDef('modified', 'timestamp'))); + } } diff --git a/plugins/OpenID/User_openid_trustroot.php b/plugins/OpenID/User_openid_trustroot.php index 4654b72df..b208dddfd 100644 --- a/plugins/OpenID/User_openid_trustroot.php +++ b/plugins/OpenID/User_openid_trustroot.php @@ -2,9 +2,9 @@ /** * Table Definition for user_openid_trustroot */ -require_once INSTALLDIR.'/classes/Memcached_DataObject.php'; +require_once INSTALLDIR.'/classes/Plugin_DataObject.php'; -class User_openid_trustroot extends Memcached_DataObject +class User_openid_trustroot extends Plugin_DataObject { ###START_AUTOCODE /* the code below is auto generated do not remove the above tag */ @@ -26,4 +26,20 @@ class User_openid_trustroot extends Memcached_DataObject { return Memcached_DataObject::pkeyGet('User_openid_trustroot', $kv); } + + /** + * Get the TableDef object that represents the table backing this class + * @return TableDef TableDef instance + */ + function tableDef() + { + return new TableDef($this->__table, + array(new ColumnDef('trustroot', 'varchar', + '255', false, 'PRI'), + new ColumnDef('user_id', 'integer', + null, false, 'PRI'), + new ColumnDef('created', 'datetime', + null, false), + new ColumnDef('modified', 'timestamp'))); + } } diff --git a/plugins/UserFlag/UserFlagPlugin.php b/plugins/UserFlag/UserFlagPlugin.php index 6410ee1ce..df7eac7a2 100644 --- a/plugins/UserFlag/UserFlagPlugin.php +++ b/plugins/UserFlag/UserFlagPlugin.php @@ -48,16 +48,7 @@ class UserFlagPlugin extends Plugin $schema = Schema::get(); // For storing user-submitted flags on profiles - - $schema->ensureTable('user_flag_profile', - array(new ColumnDef('profile_id', 'integer', null, - false, 'PRI'), - new ColumnDef('user_id', 'integer', null, - false, 'PRI'), - new ColumnDef('created', 'datetime', null, - false, 'MUL'), - new ColumnDef('cleared', 'datetime', null, - true, 'MUL'))); + $schema->ensureDataObject(User_flag_profile); return true; } diff --git a/plugins/UserFlag/User_flag_profile.php b/plugins/UserFlag/User_flag_profile.php index 30bd4ae68..2fb27912d 100644 --- a/plugins/UserFlag/User_flag_profile.php +++ b/plugins/UserFlag/User_flag_profile.php @@ -21,9 +21,9 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR . '/classes/Memcached_DataObject.php'; +require_once INSTALLDIR.'/classes/Plugin_DataObject.php'; -class User_flag_profile extends Memcached_DataObject +class User_flag_profile extends Plugin_DataObject { ###START_AUTOCODE /* the code below is auto generated do not remove the above tag */ @@ -65,4 +65,21 @@ class User_flag_profile extends Memcached_DataObject return !empty($ufp); } + + /** + * Get the TableDef object that represents the table backing this class + * @return TableDef TableDef instance + */ + function tableDef() + { + return new TableDef($this->__table, + array(new ColumnDef('profile_id', 'integer', null, + false, 'PRI'), + new ColumnDef('user_id', 'integer', null, + false, 'PRI'), + new ColumnDef('created', 'datetime', null, + false, 'MUL'), + new ColumnDef('cleared', 'datetime', null, + true, 'MUL'))); + } } -- cgit v1.2.3-54-g00ecf From 6f9b90921188f477f8b8224c12d6ea7e8b3cc1d3 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 16 Nov 2009 15:36:30 -0800 Subject: Fix for PHP spewing notices from commit a373d07ae00b878f47970f2e4a7d86c6ec3a65cf Please test with error_reporting set to E_ALL! Classnames and function names aren't first-class objects in PHP and need to be referenced as strings here. :( --- plugins/Authentication/AuthenticationPlugin.php | 2 +- plugins/OpenID/OpenIDPlugin.php | 4 ++-- plugins/UserFlag/UserFlagPlugin.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'plugins/Authentication') diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index a80da901c..1b9084187 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -204,7 +204,7 @@ abstract class AuthenticationPlugin extends Plugin function onCheckSchema() { $schema = Schema::get(); - $schema->ensureDataObject(User_username); + $schema->ensureDataObject('User_username'); return true; } diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index 88e23ea3e..6dd8a3f5a 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -281,8 +281,8 @@ class OpenIDPlugin extends Plugin function onCheckSchema() { $schema = Schema::get(); - $schema->ensureDataObject(User_openid); - $schema->ensureDataObject(User_openid_trustroot); + $schema->ensureDataObject('User_openid'); + $schema->ensureDataObject('User_openid_trustroot'); return true; } diff --git a/plugins/UserFlag/UserFlagPlugin.php b/plugins/UserFlag/UserFlagPlugin.php index df7eac7a2..b4d48c74b 100644 --- a/plugins/UserFlag/UserFlagPlugin.php +++ b/plugins/UserFlag/UserFlagPlugin.php @@ -48,7 +48,7 @@ class UserFlagPlugin extends Plugin $schema = Schema::get(); // For storing user-submitted flags on profiles - $schema->ensureDataObject(User_flag_profile); + $schema->ensureDataObject('User_flag_profile'); return true; } -- cgit v1.2.3-54-g00ecf From 1d6bacc681eca89b7c20bb96fbacf5bcb8434d88 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 18 Nov 2009 12:57:37 -0500 Subject: Improved parameter checking --- plugins/Authentication/AuthenticationPlugin.php | 2 +- plugins/LdapAuthentication/LdapAuthenticationPlugin.php | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'plugins/Authentication') diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index 1b9084187..cd1de1149 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -2,7 +2,7 @@ /** * StatusNet, the distributed open-source microblogging tool * - * Superclass for plugins that do authentication and/or authorization + * Superclass for plugins that do authentication * * PHP version 5 * diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index ad5dd3a02..664529497 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -63,6 +63,8 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin if(!isset($this->attributes['username'])){ throw new Exception("must specify a username attribute"); } + if($this->password_changeable && (! isset($this->attributes['password']) || !isset($this->password_encoding))){ + throw new Exception("if password_changeable is set, the password attribute and password_encoding must also be specified"); } //---interface implementation---// -- cgit v1.2.3-54-g00ecf