Rev 17285 | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 23 | reyssat | 1 | !if $auth_password=*wims_site_manager |
| 12845 | obado | 2 | !if $wims_ismanager<2 |
| 3 | auth_password= |
||
| 4 | !else |
||
| 17285 | guerimand | 5 | wims_realuser=SUPERVISOR |
| 12845 | obado | 6 | !goto auth_ok |
| 7 | !endif |
||
| 23 | reyssat | 8 | !endif |
| 9 | |||
| 4360 | guerimand | 10 | !if $save_logincgu!=$empty |
| 12845 | obado | 11 | !if $agreecgu=yes |
| 12 | !read adm/class/userdef wimshome/log/classes,$class,$save_logincgu |
||
| 13 | !setdef !set user_agreecgu=yes in $userdef |
||
| 14 | !readdef $userdef |
||
| 15 | !reset error |
||
| 16 | !if $auth_test=OK |
||
| 17 | !goto auth_ok2 |
||
| 18 | !endif |
||
| 5100 | bpr | 19 | !endif |
| 12845 | obado | 20 | !!!reset $save_logincgu |
| 4360 | guerimand | 21 | !endif |
| 22 | |||
| 23 | reyssat | 23 | !read adm/class/authchars |
| 24 | auth_user=!word 1 of $auth_user |
||
| 25 | auth_password=!word 1 of $auth_password |
||
| 633 | bpr | 26 | |
| 5015 | bpr | 27 | # new variables to keep original data (used only in external authentication) |
| 633 | bpr | 28 | auth_user_connection=$auth_user |
| 29 | auth_password_connection=$auth_password |
||
| 30 | |||
| 4993 | bpr | 31 | ##### EXTERNAL connection - part 1 ##### |
| 5028 | bpr | 32 | !!default sclass=$class |
| 633 | bpr | 33 | |
| 5028 | bpr | 34 | !if ($auth_user notsametext supervisor or $class_type>0) and $auth_method isitemof $auth_method_list |
| 12845 | obado | 35 | authdef=wimshome/log/classes/$superclass/.def |
| 5028 | bpr | 36 | |
| 13868 | obado | 37 | # don't use auth_user and auth_password, some characters are unavailable |
| 12845 | obado | 38 | # parameters are empty for auth-cas |
| 39 | !readproc adm/class/auth-$auth_method $auth_user_connection,$auth_password_connection |
||
| 633 | bpr | 40 | !endif |
| 4993 | bpr | 41 | ##### end of EXTERNAL connection - part 1 ##### |
| 12845 | obado | 42 | |
| 633 | bpr | 43 | # now we can run the script |
| 5015 | bpr | 44 | !if $auth_method isitemof $auth_method_list and $auth_user!=supervisor |
| 5034 | czzmrn | 45 | auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.userlist_external |
| 46 | !if $auth_user=$empty |
||
| 47 | auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.teacherlist_external |
||
| 48 | !endif |
||
| 4993 | bpr | 49 | !endif |
| 15506 | bpr | 50 | !!for retrocompatibility |
| 51 | !set char_login=$char_punct$char_login |
||
| 23 | reyssat | 52 | auth_user=!translate internal . to @ in $auth_user |
| 53 | auth_user=!text select $char_login in $auth_user |
||
| 15506 | bpr | 54 | |
| 23 | reyssat | 55 | auth_password=!text select $char_passwd in $auth_password |
| 56 | now=$wims_now |
||
| 57 | logfile=wimshome/log/classes/$class/.log.auth |
||
| 58 | logfiles=wimshome/log/classes/$class/.log |
||
| 14334 | bpr | 59 | logline=$now $auth_user $$passwd $httpd_REMOTE_ADDR |
| 23 | reyssat | 60 | |
| 61 | !read adm/class/userdef classes,$class,$auth_user |
||
| 62 | |||
| 63 | pass=!defof user_password in $userdef |
||
| 15543 | bpr | 64 | !! passcrypt $empty returns $empty but !setdef must not been done |
| 65 | !if $pass!=$empty |
||
| 66 | pass=!passcrypt $pass |
||
| 67 | !setdef !set user_password=$pass in $userdef |
||
| 68 | !endif |
||
| 15506 | bpr | 69 | |
| 12845 | obado | 70 | ##FIXME ### Have to check that sclass is no yet useful |
| 5015 | bpr | 71 | sclass=!defof class_superclass in wimshome/log/classes/$class/.def |
| 72 | !if $superclass!=$empty and $superclass!=$class |
||
| 12845 | obado | 73 | upartic=!defof user_participate in $userdef |
| 74 | usuperv=!defof user_supervise in $userdef |
||
| 75 | pclass=!defof class_parent in wimshome/log/classes/$class/.def |
||
| 76 | !if / isin $pclass and ../$pclass/ isin ../$class |
||
| 77 | ss=!defof class_ocourses in wimshome/log/classes/$pclass/.def |
||
| 78 | !if $ss!=$empty |
||
| 79 | ss=!makelist $wims_superclass/xx for xx in $ss |
||
| 80 | upartic=!append item $ss to $upartic |
||
| 81 | !endif |
||
| 23 | reyssat | 82 | !endif |
| 12845 | obado | 83 | coursecheck=!defof user_class in wimshome/log/classes/$class/.users/$auth_user |
| 84 | !if $coursecheck!=$empty |
||
| 85 | upartic=!append item $class to $upartic |
||
| 23 | reyssat | 86 | !endif |
| 12845 | obado | 87 | !!check mandatory course |
| 88 | dcourse=!record 0 of wimshome/log/classes/$pclass/courses |
||
| 89 | dcourse=!column 1 of $dcourse |
||
| 90 | !if $dcourse!=$empty |
||
| 13211 | bpr | 91 | dcourse=!makelist $superclass/xx for xx in $dcourse |
| 12845 | obado | 92 | upartic=!append item $dcourse to $upartic |
| 93 | !endif |
||
| 94 | upartic=!listuniq $upartic |
||
| 95 | !if $auth_user=supervisor and $wims_user=supervisor |
||
| 96 | ctype=!defof class_typename in wimshome/log/classes/$class/.def |
||
| 97 | prog=!defof sharing_exam in wimshome/log/classes/$class/neighbors |
||
| 98 | !if $ctype iswordof course icourse and $prog=$wims_class |
||
| 99 | pass=$current_pass |
||
| 100 | !endif |
||
| 101 | !endif |
||
| 102 | !!upartic : no more authentification should check for optional courses ? |
||
| 103 | !if $class notitemof $upartic and $auth_user!=supervisor and $wims_user!=supervisor |
||
| 104 | pass= |
||
| 105 | !endif |
||
| 106 | # These lines should be opened later to close this possibility. |
||
| 107 | # !if $auth_user=supervisor and $wims_user=$empty |
||
| 108 | # pass= |
||
| 109 | # !endif |
||
| 23 | reyssat | 110 | !endif |
| 111 | |||
| 5001 | bpr | 112 | !if $auth_user=supervisor |
| 12845 | obado | 113 | !goto wimsauth |
| 5001 | bpr | 114 | !endif |
| 115 | |||
| 4993 | bpr | 116 | ##### final test of external connection ##### |
| 117 | # finaly, we must check if user is allowed in class |
||
| 633 | bpr | 118 | |
| 23 | reyssat | 119 | exist_check=!defof user_exists in $userdef |
| 5016 | bpr | 120 | |
| 5015 | bpr | 121 | !if OK iswordof $auth_test and $auth_method isitemof $auth_method_list |
| 12845 | obado | 122 | !if $exist_check issametext yes |
| 123 | !goto auth_ok |
||
| 124 | !else |
||
| 125 | !setdef user_auth=$auth_user_orig in wimshome/$wims_sesdir/var.stat |
||
| 126 | !goto end |
||
| 127 | !endif |
||
| 23 | reyssat | 128 | !endif |
| 4993 | bpr | 129 | ##### end of final test of external connection ##### |
| 5001 | bpr | 130 | :wimsauth |
| 5015 | bpr | 131 | |
| 23 | reyssat | 132 | pass=!passcrypt $pass |
| 133 | !if $pass=$empty |
||
| 5092 | bpr | 134 | !if $auth_user_connection=$empty |
| 5045 | bpr | 135 | !exit |
| 136 | !endif |
||
| 12845 | obado | 137 | passwd=???? |
| 138 | !appendfile $logfile $logline |
||
| 139 | auth_user=$auth_user_connection |
||
| 140 | error=bad_password |
||
| 141 | !exit |
||
| 23 | reyssat | 142 | !endif |
| 143 | |||
| 144 | !if $wims_superclass!=$empty and $wims_user!=supervisor and $auth_user!=$wims_user |
||
| 12845 | obado | 145 | supervisable=!defof user_supervisable in wimshome/log/classes/$wims_superclass/.users/$wims_user |
| 146 | !if $supervisable!=yes |
||
| 147 | current_pass= |
||
| 148 | !endif |
||
| 23 | reyssat | 149 | !endif |
| 150 | |||
| 15324 | bpr | 151 | auth_password_check=!passcheck $current_pass and $pass |
| 23 | reyssat | 152 | !if ($auth_user!=$empty and $class $auth_user isitemof $wims_otherclass) or \ |
| 15324 | bpr | 153 | ($current_pass!=$empty and $auth_password_check=yes) or \ |
| 14334 | bpr | 154 | ($auth_user=$wims_user and $class isitemof $wims_participate) or \ |
| 155 | ($auth_user=supervisor and $wims_user=supervisor and \ |
||
| 156 | (../$wims_class/ isin ../$class/ or $superclass=$wims_class)) or \ |
||
| 157 | ($auth_user=supervisor and $class isitemof $wims_supervise) |
||
| 12845 | obado | 158 | !goto auth_ok |
| 23 | reyssat | 159 | !endif |
| 160 | |||
| 161 | !if $auth_password=$empty |
||
| 12845 | obado | 162 | !exit |
| 23 | reyssat | 163 | !endif |
| 164 | |||
| 165 | !read adm/class/authdelay |
||
| 15324 | bpr | 166 | !if $auth_password_check=no |
| 5045 | bpr | 167 | !if $auth_user_orig=$empty and $auth_password=$empty |
| 168 | !exit |
||
| 169 | !endif |
||
| 12845 | obado | 170 | passwd=?????? |
| 171 | !appendfile $logfile $logline |
||
| 172 | auth_user=$auth_user_orig |
||
| 173 | error=bad_password |
||
| 174 | !exit |
||
| 23 | reyssat | 175 | !endif |
| 176 | |||
| 177 | :auth_ok |
||
| 178 | !if $auth_user=supervisor and $wims_user!=$empty and $wims_user!=supervisor and \ |
||
| 14334 | bpr | 179 | $class notitemof $wims_supervise |
| 12845 | obado | 180 | userdef_save=$userdef |
| 181 | !read adm/class/userdef classes,$wims_class,$wims_user |
||
| 182 | !exchange userdef_save,userdef |
||
| 183 | spv=!defof user_supervisable in $userdef_save |
||
| 184 | !if $spv=yes |
||
| 185 | wims_supervise=!append item $class to $wims_supervise |
||
| 186 | !setdef !set user_supervise=$wims_supervise in $userdef_save |
||
| 187 | !endif |
||
| 23 | reyssat | 188 | !endif |
| 189 | n=!positionof word $auth_password in $pass |
||
| 190 | n=!item 1 of $n |
||
| 191 | !if $n!=$empty |
||
| 12845 | obado | 192 | passwd=OK$n $ |
| 23 | reyssat | 193 | !else |
| 12845 | obado | 194 | passwd=$wims_class |
| 23 | reyssat | 195 | !endif |
| 196 | # one-time password |
||
| 197 | !if $n!=$empty and $n>1 |
||
| 12845 | obado | 198 | pass=!replace word $auth_password by $ in $pass |
| 199 | pass=!singlespace $pass |
||
| 200 | pass=!trim $pass |
||
| 201 | !setdef !set user_password=$pass in $userdef |
||
| 23 | reyssat | 202 | !endif |
| 5100 | bpr | 203 | :auth_ok2 |
| 23 | reyssat | 204 | |
| 205 | !defread $userdef |
||
| 206 | ctype=!defof class_type in wimshome/log/classes/$class/.def |
||
| 207 | !if $ctype=4 and $auth_user!=supervisor and $user_supervisable!=yes\ |
||
| 208 | and (/ notin $wims_class or ../$wims_superclass/ notin ../$wims_class/) |
||
| 12845 | obado | 209 | utest=!itemcnt $user_participate |
| 210 | !if $utest=1 and / isin $user_participate |
||
| 211 | class=!item 1 of $user_participate |
||
| 212 | !defread wimshome/log/classes/$class/.def |
||
| 213 | !endif |
||
| 23 | reyssat | 214 | !endif |
| 215 | clang=!defof class_lang in wimshome/log/classes/$class/.def |
||
| 216 | |||
| 4360 | guerimand | 217 | |
| 23 | reyssat | 218 | !if $auth_user=supervisor |
| 12845 | obado | 219 | sech=!defof class_secure in wimshome/log/classes/$class/.def |
| 220 | sech=!trim $sech |
||
| 221 | !if $sech=$empty |
||
| 222 | t=0 |
||
| 223 | !else |
||
| 224 | t=!checkhost $sech |
||
| 225 | !if $t<1 |
||
| 226 | t=-1 |
||
| 227 | !endif |
||
| 23 | reyssat | 228 | !endif |
| 12845 | obado | 229 | sup_secure=$t |
| 23 | reyssat | 230 | !else |
| 12845 | obado | 231 | !read adm/class/raftest |
| 232 | !if $raftest>$lastallow |
||
| 233 | error=recent_rafale |
||
| 234 | !exit |
||
| 235 | !endif |
||
| 236 | sup_secure=-1 |
||
| 237 | !if $user_agreecgu notwordof yes external and $agreecgu!=yes |
||
| 238 | error=no_cgu |
||
| 239 | !exit |
||
| 240 | !endif |
||
| 23 | reyssat | 241 | !endif |
| 242 | |||
| 17386 | guerimand | 243 | !if / notin $class and $class<=9999 and anonymous isin $auth_user |
| 244 | !read adm/class/anonymous.proc $class,$auth_user |
||
| 245 | auth_user=$output_user |
||
| 246 | !endif |
||
| 23 | reyssat | 247 | !read adm/class/authprep $class,$auth_user |
| 248 | |||
| 249 | !if $logfile!=$empty |
||
| 12845 | obado | 250 | !if $auth_user=supervisor |
| 251 | !appendfile $logfiles $now $httpd_REMOTE_ADDR supervisor login |
||
| 252 | !else |
||
| 253 | !appendfile $logfile $logline |
||
| 254 | !endif |
||
| 23 | reyssat | 255 | !endif |
| 256 | |||
| 257 | !if $class_lock=7 and $auth_user!=supervisor |
||
| 12845 | obado | 258 | !usererror class_closed |
| 259 | !exit |
||
| 23 | reyssat | 260 | !endif |
| 261 | |||
| 262 | !if $class_lock iswordof 2 4 6 |
||
| 12845 | obado | 263 | !set wims_protocol=https |
| 23 | reyssat | 264 | !endif |
| 265 | !if $wims_user=$empty and $changesession!=no |
||
| 12845 | obado | 266 | !writefile wimshome/$wims_sesdir/var.class.prep $classdef |
| 267 | random=!randint 10^5,10^9 |
||
| 268 | !restart session=new.$random&lang=$clang&old_session=$wims_session&module=home |
||
| 23 | reyssat | 269 | !else |
| 12845 | obado | 270 | !setdef $classdef in wimshome/$wims_sesdir/var.stat |
| 271 | !sh cd $wims_home\ |
||
| 14334 | bpr | 272 | rm -Rf $(wims_sesdir)_*\ |
| 273 | mkdir -p log/classes/$class/score $wims_sesdir/getfile\ |
||
| 274 | rm -f $wims_sesdir/exam*\ |
||
| 275 | rm -f $wims_sesdir/getfile/oefimages\ |
||
| 276 | ln -s $wims_home/log/classes/$class/src/images $wims_sesdir/getfile/oefimages |
||
| 12845 | obado | 277 | !restart lang=$clang&module=home |
| 23 | reyssat | 278 | !endif |
| 279 | |||
| 10171 | bpr | 280 | :end |