Rev 15506 | Rev 17285 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 23 | reyssat | 1 | !if $auth_password=*wims_site_manager |
| 12845 | obado | 2 | !if $wims_ismanager<2 |
| 3 | auth_password= |
||
| 4 | !else |
||
| 5 | !goto auth_ok |
||
| 6 | !endif |
||
| 23 | reyssat | 7 | !endif |
| 8 | |||
| 4360 | guerimand | 9 | !if $save_logincgu!=$empty |
| 12845 | obado | 10 | !if $agreecgu=yes |
| 11 | !read adm/class/userdef wimshome/log/classes,$class,$save_logincgu |
||
| 12 | !setdef !set user_agreecgu=yes in $userdef |
||
| 13 | !readdef $userdef |
||
| 14 | !reset error |
||
| 15 | !if $auth_test=OK |
||
| 16 | !goto auth_ok2 |
||
| 17 | !endif |
||
| 5100 | bpr | 18 | !endif |
| 12845 | obado | 19 | !!!reset $save_logincgu |
| 4360 | guerimand | 20 | !endif |
| 21 | |||
| 23 | reyssat | 22 | !read adm/class/authchars |
| 23 | auth_user=!word 1 of $auth_user |
||
| 24 | auth_password=!word 1 of $auth_password |
||
| 633 | bpr | 25 | |
| 5015 | bpr | 26 | # new variables to keep original data (used only in external authentication) |
| 633 | bpr | 27 | auth_user_connection=$auth_user |
| 28 | auth_password_connection=$auth_password |
||
| 29 | |||
| 4993 | bpr | 30 | ##### EXTERNAL connection - part 1 ##### |
| 5028 | bpr | 31 | !!default sclass=$class |
| 633 | bpr | 32 | |
| 5028 | bpr | 33 | !if ($auth_user notsametext supervisor or $class_type>0) and $auth_method isitemof $auth_method_list |
| 12845 | obado | 34 | authdef=wimshome/log/classes/$superclass/.def |
| 5028 | bpr | 35 | |
| 13868 | obado | 36 | # don't use auth_user and auth_password, some characters are unavailable |
| 12845 | obado | 37 | # parameters are empty for auth-cas |
| 38 | !readproc adm/class/auth-$auth_method $auth_user_connection,$auth_password_connection |
||
| 633 | bpr | 39 | !endif |
| 4993 | bpr | 40 | ##### end of EXTERNAL connection - part 1 ##### |
| 12845 | obado | 41 | |
| 633 | bpr | 42 | # now we can run the script |
| 5015 | bpr | 43 | !if $auth_method isitemof $auth_method_list and $auth_user!=supervisor |
| 5034 | czzmrn | 44 | auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.userlist_external |
| 45 | !if $auth_user=$empty |
||
| 46 | auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.teacherlist_external |
||
| 47 | !endif |
||
| 4993 | bpr | 48 | !endif |
| 15506 | bpr | 49 | !!for retrocompatibility |
| 50 | !set char_login=$char_punct$char_login |
||
| 23 | reyssat | 51 | auth_user=!translate internal . to @ in $auth_user |
| 52 | auth_user=!text select $char_login in $auth_user |
||
| 15506 | bpr | 53 | |
| 23 | reyssat | 54 | auth_password=!text select $char_passwd in $auth_password |
| 55 | now=$wims_now |
||
| 56 | logfile=wimshome/log/classes/$class/.log.auth |
||
| 57 | logfiles=wimshome/log/classes/$class/.log |
||
| 14334 | bpr | 58 | logline=$now $auth_user $$passwd $httpd_REMOTE_ADDR |
| 23 | reyssat | 59 | |
| 60 | !read adm/class/userdef classes,$class,$auth_user |
||
| 61 | |||
| 62 | pass=!defof user_password in $userdef |
||
| 15543 | bpr | 63 | !! passcrypt $empty returns $empty but !setdef must not been done |
| 64 | !if $pass!=$empty |
||
| 65 | pass=!passcrypt $pass |
||
| 66 | !setdef !set user_password=$pass in $userdef |
||
| 67 | !endif |
||
| 15506 | bpr | 68 | |
| 12845 | obado | 69 | ##FIXME ### Have to check that sclass is no yet useful |
| 5015 | bpr | 70 | sclass=!defof class_superclass in wimshome/log/classes/$class/.def |
| 71 | !if $superclass!=$empty and $superclass!=$class |
||
| 12845 | obado | 72 | upartic=!defof user_participate in $userdef |
| 73 | usuperv=!defof user_supervise in $userdef |
||
| 74 | pclass=!defof class_parent in wimshome/log/classes/$class/.def |
||
| 75 | !if / isin $pclass and ../$pclass/ isin ../$class |
||
| 76 | ss=!defof class_ocourses in wimshome/log/classes/$pclass/.def |
||
| 77 | !if $ss!=$empty |
||
| 78 | ss=!makelist $wims_superclass/xx for xx in $ss |
||
| 79 | upartic=!append item $ss to $upartic |
||
| 80 | !endif |
||
| 23 | reyssat | 81 | !endif |
| 12845 | obado | 82 | coursecheck=!defof user_class in wimshome/log/classes/$class/.users/$auth_user |
| 83 | !if $coursecheck!=$empty |
||
| 84 | upartic=!append item $class to $upartic |
||
| 23 | reyssat | 85 | !endif |
| 12845 | obado | 86 | !!check mandatory course |
| 87 | dcourse=!record 0 of wimshome/log/classes/$pclass/courses |
||
| 88 | dcourse=!column 1 of $dcourse |
||
| 89 | !if $dcourse!=$empty |
||
| 13211 | bpr | 90 | dcourse=!makelist $superclass/xx for xx in $dcourse |
| 12845 | obado | 91 | upartic=!append item $dcourse to $upartic |
| 92 | !endif |
||
| 93 | upartic=!listuniq $upartic |
||
| 94 | !if $auth_user=supervisor and $wims_user=supervisor |
||
| 95 | ctype=!defof class_typename in wimshome/log/classes/$class/.def |
||
| 96 | prog=!defof sharing_exam in wimshome/log/classes/$class/neighbors |
||
| 97 | !if $ctype iswordof course icourse and $prog=$wims_class |
||
| 98 | pass=$current_pass |
||
| 99 | !endif |
||
| 100 | !endif |
||
| 101 | !!upartic : no more authentification should check for optional courses ? |
||
| 102 | !if $class notitemof $upartic and $auth_user!=supervisor and $wims_user!=supervisor |
||
| 103 | pass= |
||
| 104 | !endif |
||
| 105 | # These lines should be opened later to close this possibility. |
||
| 106 | # !if $auth_user=supervisor and $wims_user=$empty |
||
| 107 | # pass= |
||
| 108 | # !endif |
||
| 23 | reyssat | 109 | !endif |
| 110 | |||
| 5001 | bpr | 111 | !if $auth_user=supervisor |
| 12845 | obado | 112 | !goto wimsauth |
| 5001 | bpr | 113 | !endif |
| 114 | |||
| 4993 | bpr | 115 | ##### final test of external connection ##### |
| 116 | # finaly, we must check if user is allowed in class |
||
| 633 | bpr | 117 | |
| 23 | reyssat | 118 | exist_check=!defof user_exists in $userdef |
| 5016 | bpr | 119 | |
| 5015 | bpr | 120 | !if OK iswordof $auth_test and $auth_method isitemof $auth_method_list |
| 12845 | obado | 121 | !if $exist_check issametext yes |
| 122 | !goto auth_ok |
||
| 123 | !else |
||
| 124 | !setdef user_auth=$auth_user_orig in wimshome/$wims_sesdir/var.stat |
||
| 125 | !goto end |
||
| 126 | !endif |
||
| 23 | reyssat | 127 | !endif |
| 4993 | bpr | 128 | ##### end of final test of external connection ##### |
| 5001 | bpr | 129 | :wimsauth |
| 5015 | bpr | 130 | |
| 23 | reyssat | 131 | pass=!passcrypt $pass |
| 132 | !if $pass=$empty |
||
| 5092 | bpr | 133 | !if $auth_user_connection=$empty |
| 5045 | bpr | 134 | !exit |
| 135 | !endif |
||
| 12845 | obado | 136 | passwd=???? |
| 137 | !appendfile $logfile $logline |
||
| 138 | auth_user=$auth_user_connection |
||
| 139 | error=bad_password |
||
| 140 | !exit |
||
| 23 | reyssat | 141 | !endif |
| 142 | |||
| 143 | !if $wims_superclass!=$empty and $wims_user!=supervisor and $auth_user!=$wims_user |
||
| 12845 | obado | 144 | supervisable=!defof user_supervisable in wimshome/log/classes/$wims_superclass/.users/$wims_user |
| 145 | !if $supervisable!=yes |
||
| 146 | current_pass= |
||
| 147 | !endif |
||
| 23 | reyssat | 148 | !endif |
| 149 | |||
| 15324 | bpr | 150 | auth_password_check=!passcheck $current_pass and $pass |
| 23 | reyssat | 151 | !if ($auth_user!=$empty and $class $auth_user isitemof $wims_otherclass) or \ |
| 15324 | bpr | 152 | ($current_pass!=$empty and $auth_password_check=yes) or \ |
| 14334 | bpr | 153 | ($auth_user=$wims_user and $class isitemof $wims_participate) or \ |
| 154 | ($auth_user=supervisor and $wims_user=supervisor and \ |
||
| 155 | (../$wims_class/ isin ../$class/ or $superclass=$wims_class)) or \ |
||
| 156 | ($auth_user=supervisor and $class isitemof $wims_supervise) |
||
| 12845 | obado | 157 | !goto auth_ok |
| 23 | reyssat | 158 | !endif |
| 159 | |||
| 160 | !if $auth_password=$empty |
||
| 12845 | obado | 161 | !exit |
| 23 | reyssat | 162 | !endif |
| 163 | |||
| 164 | !read adm/class/authdelay |
||
| 15324 | bpr | 165 | !if $auth_password_check=no |
| 5045 | bpr | 166 | !if $auth_user_orig=$empty and $auth_password=$empty |
| 167 | !exit |
||
| 168 | !endif |
||
| 12845 | obado | 169 | passwd=?????? |
| 170 | !appendfile $logfile $logline |
||
| 171 | auth_user=$auth_user_orig |
||
| 172 | error=bad_password |
||
| 173 | !exit |
||
| 23 | reyssat | 174 | !endif |
| 175 | |||
| 176 | :auth_ok |
||
| 177 | !if $auth_user=supervisor and $wims_user!=$empty and $wims_user!=supervisor and \ |
||
| 14334 | bpr | 178 | $class notitemof $wims_supervise |
| 12845 | obado | 179 | userdef_save=$userdef |
| 180 | !read adm/class/userdef classes,$wims_class,$wims_user |
||
| 181 | !exchange userdef_save,userdef |
||
| 182 | spv=!defof user_supervisable in $userdef_save |
||
| 183 | !if $spv=yes |
||
| 184 | wims_supervise=!append item $class to $wims_supervise |
||
| 185 | !setdef !set user_supervise=$wims_supervise in $userdef_save |
||
| 186 | !endif |
||
| 23 | reyssat | 187 | !endif |
| 188 | n=!positionof word $auth_password in $pass |
||
| 189 | n=!item 1 of $n |
||
| 190 | !if $n!=$empty |
||
| 12845 | obado | 191 | passwd=OK$n $ |
| 23 | reyssat | 192 | !else |
| 12845 | obado | 193 | passwd=$wims_class |
| 23 | reyssat | 194 | !endif |
| 195 | # one-time password |
||
| 196 | !if $n!=$empty and $n>1 |
||
| 12845 | obado | 197 | pass=!replace word $auth_password by $ in $pass |
| 198 | pass=!singlespace $pass |
||
| 199 | pass=!trim $pass |
||
| 200 | !setdef !set user_password=$pass in $userdef |
||
| 23 | reyssat | 201 | !endif |
| 5100 | bpr | 202 | :auth_ok2 |
| 23 | reyssat | 203 | |
| 204 | !defread $userdef |
||
| 205 | ctype=!defof class_type in wimshome/log/classes/$class/.def |
||
| 206 | !if $ctype=4 and $auth_user!=supervisor and $user_supervisable!=yes\ |
||
| 207 | and (/ notin $wims_class or ../$wims_superclass/ notin ../$wims_class/) |
||
| 12845 | obado | 208 | utest=!itemcnt $user_participate |
| 209 | !if $utest=1 and / isin $user_participate |
||
| 210 | class=!item 1 of $user_participate |
||
| 211 | !defread wimshome/log/classes/$class/.def |
||
| 212 | !endif |
||
| 23 | reyssat | 213 | !endif |
| 214 | clang=!defof class_lang in wimshome/log/classes/$class/.def |
||
| 215 | |||
| 4360 | guerimand | 216 | |
| 23 | reyssat | 217 | !if $auth_user=supervisor |
| 12845 | obado | 218 | sech=!defof class_secure in wimshome/log/classes/$class/.def |
| 219 | sech=!trim $sech |
||
| 220 | !if $sech=$empty |
||
| 221 | t=0 |
||
| 222 | !else |
||
| 223 | t=!checkhost $sech |
||
| 224 | !if $t<1 |
||
| 225 | t=-1 |
||
| 226 | !endif |
||
| 23 | reyssat | 227 | !endif |
| 12845 | obado | 228 | sup_secure=$t |
| 23 | reyssat | 229 | !else |
| 12845 | obado | 230 | !read adm/class/raftest |
| 231 | !if $raftest>$lastallow |
||
| 232 | error=recent_rafale |
||
| 233 | !exit |
||
| 234 | !endif |
||
| 235 | sup_secure=-1 |
||
| 236 | !if $user_agreecgu notwordof yes external and $agreecgu!=yes |
||
| 237 | error=no_cgu |
||
| 238 | !exit |
||
| 239 | !endif |
||
| 23 | reyssat | 240 | !endif |
| 241 | |||
| 242 | !read adm/class/authprep $class,$auth_user |
||
| 243 | |||
| 244 | !if $logfile!=$empty |
||
| 12845 | obado | 245 | !if $auth_user=supervisor |
| 246 | !appendfile $logfiles $now $httpd_REMOTE_ADDR supervisor login |
||
| 247 | !else |
||
| 248 | !appendfile $logfile $logline |
||
| 249 | !endif |
||
| 23 | reyssat | 250 | !endif |
| 251 | |||
| 252 | !if $class_lock=7 and $auth_user!=supervisor |
||
| 12845 | obado | 253 | !usererror class_closed |
| 254 | !exit |
||
| 23 | reyssat | 255 | !endif |
| 256 | |||
| 257 | !if $class_lock iswordof 2 4 6 |
||
| 12845 | obado | 258 | !set wims_protocol=https |
| 23 | reyssat | 259 | !endif |
| 260 | !if $wims_user=$empty and $changesession!=no |
||
| 12845 | obado | 261 | !writefile wimshome/$wims_sesdir/var.class.prep $classdef |
| 262 | random=!randint 10^5,10^9 |
||
| 263 | !restart session=new.$random&lang=$clang&old_session=$wims_session&module=home |
||
| 23 | reyssat | 264 | !else |
| 12845 | obado | 265 | !setdef $classdef in wimshome/$wims_sesdir/var.stat |
| 266 | !sh cd $wims_home\ |
||
| 14334 | bpr | 267 | rm -Rf $(wims_sesdir)_*\ |
| 268 | mkdir -p log/classes/$class/score $wims_sesdir/getfile\ |
||
| 269 | rm -f $wims_sesdir/exam*\ |
||
| 270 | rm -f $wims_sesdir/getfile/oefimages\ |
||
| 271 | ln -s $wims_home/log/classes/$class/src/images $wims_sesdir/getfile/oefimages |
||
| 12845 | obado | 272 | !restart lang=$clang&module=home |
| 23 | reyssat | 273 | !endif |
| 274 | |||
| 10171 | bpr | 275 | :end |