steffen: server/kolab-webadmin/kolab-webadmin/php/admin/include auth.class.php, 1.9, 1.10 authenticate.php, 1.2, 1.3

cvs at intevation.de cvs at intevation.de
Sat Apr 9 10:55:04 CEST 2005 

Author: steffen

Update of /kolabrepository/server/kolab-webadmin/kolab-webadmin/php/admin/include
In directory doto:/tmp/cvs-serv15118/kolab-webadmin/php/admin/include

Modified Files:
	auth.class.php authenticate.php 
Log Message:
config for allowing/denying access to the webgui

Index: auth.class.php
===================================================================
RCS file: /kolabrepository/server/kolab-webadmin/kolab-webadmin/php/admin/include/auth.class.php,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- auth.class.php	10 Mar 2005 21:58:19 -0000	1.9
+++ auth.class.php	9 Apr 2005 08:55:02 -0000	1.10
@@ -24,7 +24,8 @@
 require_once('locale.php');
 
 class KolabAuth {
-	function KolabAuth( $do_auth = true ) {
+    function KolabAuth( $do_auth = true, $params = array() ) {
+	    $this->params = $params;
 		if( isset( $_GET['logout'] ) || isset( $_POST['logout'] ) ) {
 			$this->logout();
 		} else if( $do_auth ) {
@@ -63,13 +64,19 @@
 				}
 				if( $dn ) {
 					$auth_user = $ldap->uidForDn( $dn );
+					$auth_group = $ldap->groupForUid( $auth_user );
+					$tmp_group = ($auth_user=='manager')?'manager':$auth_group;
+					if( !in_array( $tmp_group, $this->params['allow_user_classes'] ) ) {
+						$this->error_string = _("User class '$tmp_group' is denied access");
+						$this->gotoLoginPage();					  
+					}
 					$bind_result = $ldap->bind( $dn, $_POST['password'] );
 					if( $bind_result ) {
 						// All OK!
 						$_SESSION['auth_dn'] = $dn;
 						$_SESSION['auth_user'] = $auth_user;
 						$_SESSION['auth_pw'] = $_POST['password'];
-						$_SESSION['auth_group'] = $ldap->groupForUid( $auth_user );
+						$_SESSION['auth_group'] = $auth_group;
 						$_SESSION['remote_ip'] = $_SERVER['REMOTE_ADDR'];
 						return true;
 					} else {
@@ -155,6 +162,7 @@
 	}
 
 	var $error_string = false;
+	var $params;
 };
 /*
   Local variables:

Index: authenticate.php
===================================================================
RCS file: /kolabrepository/server/kolab-webadmin/kolab-webadmin/php/admin/include/authenticate.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- authenticate.php	16 Dec 2004 21:03:29 -0000	1.2
+++ authenticate.php	9 Apr 2005 08:55:02 -0000	1.3
@@ -20,8 +20,9 @@
 
 require_once('auth.class.php');
 global $auth;
+global $params;
 if( !isset($auth) ) {
-	$auth =& new KolabAuth;
+  $auth =& new KolabAuth(true,$params);
 }
 /*
   Local variables:

More information about the commits mailing list