Rev 5045 | Rev 5092 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 23 | reyssat | 1 | !if $auth_password=*wims_site_manager |
| 2 | !if $wims_ismanager<2 |
||
| 3 | auth_password= |
||
| 4 | !else |
||
| 5 | !goto auth_ok |
||
| 6 | !endif |
||
| 7 | !endif |
||
| 8 | |||
| 4360 | guerimand | 9 | !if $save_logincgu!=$empty |
| 10 | !if $agreecgu=yes |
||
| 11 | !read adm/class/userdef wimshome/log/classes,$class,$user |
||
| 12 | !setdef !set user_agreecgu=yes in $userdef/$save_logincgu |
||
| 13 | !endif |
||
| 14 | !reset $save_logincgu |
||
| 15 | !endif |
||
| 16 | |||
| 23 | reyssat | 17 | !read adm/class/authchars |
| 18 | auth_user=!word 1 of $auth_user |
||
| 19 | auth_password=!word 1 of $auth_password |
||
| 633 | bpr | 20 | |
| 5015 | bpr | 21 | # new variables to keep original data (used only in external authentication) |
| 633 | bpr | 22 | auth_user_connection=$auth_user |
| 23 | auth_password_connection=$auth_password |
||
| 24 | |||
| 4993 | bpr | 25 | ##### EXTERNAL connection - part 1 ##### |
| 5028 | bpr | 26 | !!default sclass=$class |
| 633 | bpr | 27 | |
| 5028 | bpr | 28 | !if ($auth_user notsametext supervisor or $class_type>0) and $auth_method isitemof $auth_method_list |
| 5015 | bpr | 29 | authdef=wimshome/log/classes/$superclass/.def |
| 5028 | bpr | 30 | |
| 633 | bpr | 31 | # don't use auth_user and auth_password, some characters are unvailable |
| 4993 | bpr | 32 | # parameters are empty for auth-cas |
| 633 | bpr | 33 | !readproc adm/class/auth-$auth_method $auth_user_connection,$auth_password_connection |
| 34 | |||
| 35 | !endif |
||
| 4993 | bpr | 36 | ##### end of EXTERNAL connection - part 1 ##### |
| 633 | bpr | 37 | # now we can run the script |
| 5015 | bpr | 38 | !if $auth_method isitemof $auth_method_list and $auth_user!=supervisor |
| 5034 | czzmrn | 39 | auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.userlist_external |
| 40 | !if $auth_user=$empty |
||
| 41 | auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.teacherlist_external |
||
| 42 | !endif |
||
| 4993 | bpr | 43 | !endif |
| 23 | reyssat | 44 | auth_user=!translate internal . to @ in $auth_user |
| 45 | auth_user=!text select $char_login in $auth_user |
||
| 46 | auth_password=!text select $char_passwd in $auth_password |
||
| 47 | now=$wims_now |
||
| 48 | logfile=wimshome/log/classes/$class/.log.auth |
||
| 49 | logfiles=wimshome/log/classes/$class/.log |
||
| 50 | logline=$now $auth_user $$passwd $httpd_REMOTE_ADDR |
||
| 51 | |||
| 52 | !read adm/class/userdef classes,$class,$auth_user |
||
| 53 | |||
| 54 | pass=!defof user_password in $userdef |
||
| 5015 | bpr | 55 | FIXME ### Have to check that sclass is no yet useful |
| 56 | sclass=!defof class_superclass in wimshome/log/classes/$class/.def |
||
| 57 | !if $superclass!=$empty and $superclass!=$class |
||
| 23 | reyssat | 58 | upartic=!defof user_participate in $userdef |
| 59 | usuperv=!defof user_supervise in $userdef |
||
| 60 | pclass=!defof class_parent in wimshome/log/classes/$class/.def |
||
| 61 | !if / isin $pclass and ../$pclass/ isin ../$class |
||
| 62 | ss=!defof class_ocourses in wimshome/log/classes/$pclass/.def |
||
| 63 | !if $ss!=$empty |
||
| 64 | ss=!makelist $wims_superclass/xx for xx in $ss |
||
| 65 | upartic=!append item $ss to $upartic |
||
| 66 | !endif |
||
| 67 | !endif |
||
| 68 | coursecheck=!defof user_class in wimshome/log/classes/$class/.users/$auth_user |
||
| 69 | !if $coursecheck!=$empty |
||
| 70 | upartic=!append item $class to $upartic |
||
| 71 | !endif |
||
| 72 | !if $auth_user=supervisor and $wims_user=supervisor |
||
| 73 | ctype=!defof class_typename in wimshome/log/classes/$class/.def |
||
| 74 | prog=!defof sharing_exam in wimshome/log/classes/$class/neighbors |
||
| 75 | !if $ctype iswordof course icourse and $prog=$wims_class |
||
| 76 | pass=$current_pass |
||
| 77 | !endif |
||
| 78 | !endif |
||
| 5001 | bpr | 79 | !if $class notitemof $upartic and $auth_user!=supervisor and $wims_user!=supervisor |
| 23 | reyssat | 80 | pass= |
| 81 | !endif |
||
| 82 | # These lines should be opened later to close this possibility. |
||
| 83 | # !if $auth_user=supervisor and $wims_user=$empty |
||
| 84 | # pass= |
||
| 85 | # !endif |
||
| 86 | !endif |
||
| 87 | |||
| 5001 | bpr | 88 | !if $auth_user=supervisor |
| 89 | !goto wimsauth |
||
| 90 | !endif |
||
| 91 | |||
| 4993 | bpr | 92 | ##### final test of external connection ##### |
| 93 | # finaly, we must check if user is allowed in class |
||
| 633 | bpr | 94 | |
| 23 | reyssat | 95 | exist_check=!defof user_exists in $userdef |
| 5016 | bpr | 96 | |
| 5015 | bpr | 97 | !if OK iswordof $auth_test and $auth_method isitemof $auth_method_list |
| 4993 | bpr | 98 | !if $exist_check issametext yes |
| 99 | !goto auth_ok |
||
| 100 | !else |
||
| 101 | !setdef user_auth=$auth_user_orig in wimshome/$wims_sesdir/var.stat |
||
| 5001 | bpr | 102 | !goto end |
| 4993 | bpr | 103 | !endif |
| 23 | reyssat | 104 | !endif |
| 4993 | bpr | 105 | ##### end of final test of external connection ##### |
| 5001 | bpr | 106 | :wimsauth |
| 5015 | bpr | 107 | |
| 23 | reyssat | 108 | pass=!passcrypt $pass |
| 109 | !if $pass=$empty |
||
| 5045 | bpr | 110 | !if $auth_user_orig=$empty |
| 111 | !exit |
||
| 112 | !endif |
||
| 23 | reyssat | 113 | passwd=???? |
| 114 | !appendfile $logfile $logline |
||
| 3494 | bpr | 115 | auth_user=$auth_user_orig |
| 23 | reyssat | 116 | error=bad_password |
| 117 | !exit |
||
| 118 | !endif |
||
| 119 | |||
| 120 | !if $wims_superclass!=$empty and $wims_user!=supervisor and $auth_user!=$wims_user |
||
| 121 | supervisable=!defof user_supervisable in wimshome/log/classes/$wims_superclass/.users/$wims_user |
||
| 122 | !if $supervisable!=yes |
||
| 123 | current_pass= |
||
| 124 | !endif |
||
| 125 | !endif |
||
| 126 | |||
| 127 | cps=!passcrypt $current_pass |
||
| 128 | !if ($auth_user!=$empty and $class $auth_user isitemof $wims_otherclass) or \ |
||
| 129 | ($current_pass!=$empty and $cps iswordof $pass) or \ |
||
| 130 | ($auth_user=$wims_user and $class isitemof $wims_participate) or \ |
||
| 131 | ($auth_user=supervisor and $wims_user=supervisor and \ |
||
| 5015 | bpr | 132 | (../$wims_class/ isin ../$class/ or $superclass=$wims_class)) or \ |
| 23 | reyssat | 133 | ($auth_user=supervisor and $class isitemof $wims_supervise) |
| 134 | !goto auth_ok |
||
| 135 | !endif |
||
| 136 | |||
| 137 | !if $auth_password=$empty |
||
| 138 | !exit |
||
| 139 | !endif |
||
| 140 | |||
| 141 | !read adm/class/authdelay |
||
| 142 | !if $auth_password notwordof $pass |
||
| 5045 | bpr | 143 | !if $auth_user_orig=$empty and $auth_password=$empty |
| 144 | !exit |
||
| 145 | !endif |
||
| 23 | reyssat | 146 | passwd=?????? |
| 147 | !appendfile $logfile $logline |
||
| 3494 | bpr | 148 | auth_user=$auth_user_orig |
| 23 | reyssat | 149 | error=bad_password |
| 150 | !exit |
||
| 151 | !endif |
||
| 152 | |||
| 153 | :auth_ok |
||
| 154 | !if $auth_user=supervisor and $wims_user!=$empty and $wims_user!=supervisor and \ |
||
| 155 | $class notitemof $wims_supervise |
||
| 156 | userdef_save=$userdef |
||
| 157 | !read adm/class/userdef classes,$wims_class,$wims_user |
||
| 158 | !exchange userdef_save,userdef |
||
| 159 | spv=!defof user_supervisable in $userdef_save |
||
| 160 | !if $spv=yes |
||
| 161 | wims_supervise=!append item $class to $wims_supervise |
||
| 162 | !setdef !set user_supervise=$wims_supervise in $userdef_save |
||
| 163 | !endif |
||
| 164 | !endif |
||
| 165 | n=!positionof word $auth_password in $pass |
||
| 166 | n=!item 1 of $n |
||
| 167 | !if $n!=$empty |
||
| 168 | passwd=OK$n $ |
||
| 169 | !else |
||
| 170 | passwd=$wims_class |
||
| 171 | !endif |
||
| 172 | # one-time password |
||
| 173 | !if $n!=$empty and $n>1 |
||
| 174 | pass=!replace word $auth_password by $ in $pass |
||
| 175 | pass=!singlespace $pass |
||
| 176 | pass=!trim $pass |
||
| 177 | !setdef !set user_password=$pass in $userdef |
||
| 178 | !endif |
||
| 179 | |||
| 180 | !defread $userdef |
||
| 181 | ctype=!defof class_type in wimshome/log/classes/$class/.def |
||
| 182 | !if $ctype=4 and $auth_user!=supervisor and $user_supervisable!=yes\ |
||
| 183 | and (/ notin $wims_class or ../$wims_superclass/ notin ../$wims_class/) |
||
| 184 | utest=!itemcnt $user_participate |
||
| 185 | !if $utest=1 and / isin $user_participate |
||
| 186 | class=!item 1 of $user_participate |
||
| 187 | !defread wimshome/log/classes/$class/.def |
||
| 188 | !endif |
||
| 189 | !endif |
||
| 190 | clang=!defof class_lang in wimshome/log/classes/$class/.def |
||
| 191 | |||
| 4360 | guerimand | 192 | |
| 193 | |||
| 23 | reyssat | 194 | !if $auth_user=supervisor |
| 195 | sech=!defof class_secure in wimshome/log/classes/$class/.def |
||
| 196 | sech=!trim $sech |
||
| 197 | !if $sech=$empty |
||
| 198 | t=0 |
||
| 199 | !else |
||
| 200 | t=!checkhost $sech |
||
| 201 | !if $t<1 |
||
| 202 | t=-1 |
||
| 203 | !endif |
||
| 204 | !endif |
||
| 205 | sup_secure=$t |
||
| 206 | !else |
||
| 207 | !read adm/class/raftest |
||
| 208 | !if $raftest>$lastallow |
||
| 209 | error=recent_rafale |
||
| 210 | !exit |
||
| 211 | !endif |
||
| 212 | sup_secure=-1 |
||
| 4424 | bpr | 213 | !if $user_agreecgu notwordof yes external |
| 4360 | guerimand | 214 | error=no_cgu |
| 215 | !exit |
||
| 216 | !endif |
||
| 23 | reyssat | 217 | !endif |
| 218 | |||
| 219 | !read adm/class/authprep $class,$auth_user |
||
| 220 | |||
| 221 | !if $logfile!=$empty |
||
| 222 | !if $auth_user=supervisor |
||
| 223 | !appendfile $logfiles $now $httpd_REMOTE_ADDR supervisor login |
||
| 224 | !else |
||
| 225 | !appendfile $logfile $logline |
||
| 226 | !endif |
||
| 227 | !endif |
||
| 228 | |||
| 229 | !if $class_lock=7 and $auth_user!=supervisor |
||
| 230 | !usererror class_closed |
||
| 231 | !exit |
||
| 232 | !endif |
||
| 233 | |||
| 234 | !if $class_lock iswordof 2 4 6 |
||
| 235 | !set wims_protocol=https |
||
| 236 | !endif |
||
| 237 | !if $wims_user=$empty and $changesession!=no |
||
| 238 | !writefile wimshome/$wims_sesdir/var.class.prep $classdef |
||
| 239 | random=!randint 10^5,10^9 |
||
| 240 | !restart session=new.$random&lang=$clang&old_session=$wims_session&module=home |
||
| 241 | !else |
||
| 242 | !setdef $classdef in wimshome/$wims_sesdir/var.stat |
||
| 243 | !sh cd $wims_home\ |
||
| 244 | rm -Rf $(wims_sesdir)_*\ |
||
| 245 | mkdir -p log/classes/$class/score $wims_sesdir/getfile\ |
||
| 246 | rm -f $wims_sesdir/exam*\ |
||
| 247 | rm -f $wims_sesdir/getfile/oefimages\ |
||
| 248 | ln -s $wims_home/log/classes/$class/src/images $wims_sesdir/getfile/oefimages |
||
| 249 | !restart lang=$clang&module=home |
||
| 250 | !endif |
||
| 251 | |||
| 5001 | bpr | 252 | :end |