Rev 5092 | Rev 5108 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
23 | reyssat | 1 | !if $auth_password=*wims_site_manager |
2 | !if $wims_ismanager<2 |
||
3 | auth_password= |
||
4 | !else |
||
5 | !goto auth_ok |
||
6 | !endif |
||
7 | !endif |
||
8 | |||
4360 | guerimand | 9 | !if $save_logincgu!=$empty |
10 | !if $agreecgu=yes |
||
5100 | bpr | 11 | !read adm/class/userdef wimshome/log/classes,$class,$save_logincgu |
12 | !setdef !set user_agreecgu=yes in $userdef |
||
13 | !readdef $userdef |
||
14 | !reset error |
||
15 | !if $auth_test=OK |
||
16 | !goto auth_ok2 |
||
17 | !endif |
||
4360 | guerimand | 18 | !endif |
5100 | bpr | 19 | !!!reset $save_logincgu |
4360 | guerimand | 20 | !endif |
21 | |||
23 | reyssat | 22 | !read adm/class/authchars |
23 | auth_user=!word 1 of $auth_user |
||
24 | auth_password=!word 1 of $auth_password |
||
633 | bpr | 25 | |
5015 | bpr | 26 | # new variables to keep original data (used only in external authentication) |
633 | bpr | 27 | auth_user_connection=$auth_user |
28 | auth_password_connection=$auth_password |
||
29 | |||
4993 | bpr | 30 | ##### EXTERNAL connection - part 1 ##### |
5028 | bpr | 31 | !!default sclass=$class |
633 | bpr | 32 | |
5028 | bpr | 33 | !if ($auth_user notsametext supervisor or $class_type>0) and $auth_method isitemof $auth_method_list |
5015 | bpr | 34 | authdef=wimshome/log/classes/$superclass/.def |
5028 | bpr | 35 | |
633 | bpr | 36 | # don't use auth_user and auth_password, some characters are unvailable |
4993 | bpr | 37 | # parameters are empty for auth-cas |
633 | bpr | 38 | !readproc adm/class/auth-$auth_method $auth_user_connection,$auth_password_connection |
39 | |||
40 | !endif |
||
4993 | bpr | 41 | ##### end of EXTERNAL connection - part 1 ##### |
633 | bpr | 42 | # now we can run the script |
5015 | bpr | 43 | !if $auth_method isitemof $auth_method_list and $auth_user!=supervisor |
5034 | czzmrn | 44 | auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.userlist_external |
45 | !if $auth_user=$empty |
||
46 | auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.teacherlist_external |
||
47 | !endif |
||
4993 | bpr | 48 | !endif |
23 | reyssat | 49 | auth_user=!translate internal . to @ in $auth_user |
50 | auth_user=!text select $char_login in $auth_user |
||
51 | auth_password=!text select $char_passwd in $auth_password |
||
52 | now=$wims_now |
||
53 | logfile=wimshome/log/classes/$class/.log.auth |
||
54 | logfiles=wimshome/log/classes/$class/.log |
||
55 | logline=$now $auth_user $$passwd $httpd_REMOTE_ADDR |
||
56 | |||
57 | !read adm/class/userdef classes,$class,$auth_user |
||
58 | |||
59 | pass=!defof user_password in $userdef |
||
5015 | bpr | 60 | FIXME ### Have to check that sclass is no yet useful |
61 | sclass=!defof class_superclass in wimshome/log/classes/$class/.def |
||
62 | !if $superclass!=$empty and $superclass!=$class |
||
23 | reyssat | 63 | upartic=!defof user_participate in $userdef |
64 | usuperv=!defof user_supervise in $userdef |
||
65 | pclass=!defof class_parent in wimshome/log/classes/$class/.def |
||
66 | !if / isin $pclass and ../$pclass/ isin ../$class |
||
67 | ss=!defof class_ocourses in wimshome/log/classes/$pclass/.def |
||
68 | !if $ss!=$empty |
||
69 | ss=!makelist $wims_superclass/xx for xx in $ss |
||
70 | upartic=!append item $ss to $upartic |
||
71 | !endif |
||
72 | !endif |
||
73 | coursecheck=!defof user_class in wimshome/log/classes/$class/.users/$auth_user |
||
74 | !if $coursecheck!=$empty |
||
75 | upartic=!append item $class to $upartic |
||
76 | !endif |
||
77 | !if $auth_user=supervisor and $wims_user=supervisor |
||
78 | ctype=!defof class_typename in wimshome/log/classes/$class/.def |
||
79 | prog=!defof sharing_exam in wimshome/log/classes/$class/neighbors |
||
80 | !if $ctype iswordof course icourse and $prog=$wims_class |
||
81 | pass=$current_pass |
||
82 | !endif |
||
83 | !endif |
||
5001 | bpr | 84 | !if $class notitemof $upartic and $auth_user!=supervisor and $wims_user!=supervisor |
23 | reyssat | 85 | pass= |
86 | !endif |
||
87 | # These lines should be opened later to close this possibility. |
||
88 | # !if $auth_user=supervisor and $wims_user=$empty |
||
89 | # pass= |
||
90 | # !endif |
||
91 | !endif |
||
92 | |||
5001 | bpr | 93 | !if $auth_user=supervisor |
94 | !goto wimsauth |
||
95 | !endif |
||
96 | |||
4993 | bpr | 97 | ##### final test of external connection ##### |
98 | # finaly, we must check if user is allowed in class |
||
633 | bpr | 99 | |
23 | reyssat | 100 | exist_check=!defof user_exists in $userdef |
5016 | bpr | 101 | |
5015 | bpr | 102 | !if OK iswordof $auth_test and $auth_method isitemof $auth_method_list |
4993 | bpr | 103 | !if $exist_check issametext yes |
104 | !goto auth_ok |
||
105 | !else |
||
106 | !setdef user_auth=$auth_user_orig in wimshome/$wims_sesdir/var.stat |
||
5001 | bpr | 107 | !goto end |
4993 | bpr | 108 | !endif |
23 | reyssat | 109 | !endif |
4993 | bpr | 110 | ##### end of final test of external connection ##### |
5001 | bpr | 111 | :wimsauth |
5015 | bpr | 112 | |
23 | reyssat | 113 | pass=!passcrypt $pass |
114 | !if $pass=$empty |
||
5092 | bpr | 115 | !if $auth_user_connection=$empty |
5045 | bpr | 116 | !exit |
117 | !endif |
||
23 | reyssat | 118 | passwd=???? |
119 | !appendfile $logfile $logline |
||
5092 | bpr | 120 | auth_user=$auth_user_connection |
23 | reyssat | 121 | error=bad_password |
122 | !exit |
||
123 | !endif |
||
124 | |||
125 | !if $wims_superclass!=$empty and $wims_user!=supervisor and $auth_user!=$wims_user |
||
126 | supervisable=!defof user_supervisable in wimshome/log/classes/$wims_superclass/.users/$wims_user |
||
127 | !if $supervisable!=yes |
||
128 | current_pass= |
||
129 | !endif |
||
130 | !endif |
||
131 | |||
132 | cps=!passcrypt $current_pass |
||
133 | !if ($auth_user!=$empty and $class $auth_user isitemof $wims_otherclass) or \ |
||
134 | ($current_pass!=$empty and $cps iswordof $pass) or \ |
||
135 | ($auth_user=$wims_user and $class isitemof $wims_participate) or \ |
||
136 | ($auth_user=supervisor and $wims_user=supervisor and \ |
||
5015 | bpr | 137 | (../$wims_class/ isin ../$class/ or $superclass=$wims_class)) or \ |
23 | reyssat | 138 | ($auth_user=supervisor and $class isitemof $wims_supervise) |
139 | !goto auth_ok |
||
140 | !endif |
||
141 | |||
142 | !if $auth_password=$empty |
||
143 | !exit |
||
144 | !endif |
||
145 | |||
146 | !read adm/class/authdelay |
||
147 | !if $auth_password notwordof $pass |
||
5045 | bpr | 148 | !if $auth_user_orig=$empty and $auth_password=$empty |
149 | !exit |
||
150 | !endif |
||
23 | reyssat | 151 | passwd=?????? |
152 | !appendfile $logfile $logline |
||
3494 | bpr | 153 | auth_user=$auth_user_orig |
23 | reyssat | 154 | error=bad_password |
155 | !exit |
||
156 | !endif |
||
157 | |||
158 | :auth_ok |
||
159 | !if $auth_user=supervisor and $wims_user!=$empty and $wims_user!=supervisor and \ |
||
160 | $class notitemof $wims_supervise |
||
161 | userdef_save=$userdef |
||
162 | !read adm/class/userdef classes,$wims_class,$wims_user |
||
163 | !exchange userdef_save,userdef |
||
164 | spv=!defof user_supervisable in $userdef_save |
||
165 | !if $spv=yes |
||
166 | wims_supervise=!append item $class to $wims_supervise |
||
167 | !setdef !set user_supervise=$wims_supervise in $userdef_save |
||
168 | !endif |
||
169 | !endif |
||
170 | n=!positionof word $auth_password in $pass |
||
171 | n=!item 1 of $n |
||
172 | !if $n!=$empty |
||
173 | passwd=OK$n $ |
||
174 | !else |
||
175 | passwd=$wims_class |
||
176 | !endif |
||
177 | # one-time password |
||
178 | !if $n!=$empty and $n>1 |
||
179 | pass=!replace word $auth_password by $ in $pass |
||
180 | pass=!singlespace $pass |
||
181 | pass=!trim $pass |
||
182 | !setdef !set user_password=$pass in $userdef |
||
183 | !endif |
||
5100 | bpr | 184 | :auth_ok2 |
23 | reyssat | 185 | |
186 | !defread $userdef |
||
187 | ctype=!defof class_type in wimshome/log/classes/$class/.def |
||
188 | !if $ctype=4 and $auth_user!=supervisor and $user_supervisable!=yes\ |
||
189 | and (/ notin $wims_class or ../$wims_superclass/ notin ../$wims_class/) |
||
190 | utest=!itemcnt $user_participate |
||
191 | !if $utest=1 and / isin $user_participate |
||
192 | class=!item 1 of $user_participate |
||
193 | !defread wimshome/log/classes/$class/.def |
||
194 | !endif |
||
195 | !endif |
||
196 | clang=!defof class_lang in wimshome/log/classes/$class/.def |
||
197 | |||
4360 | guerimand | 198 | |
199 | |||
23 | reyssat | 200 | !if $auth_user=supervisor |
201 | sech=!defof class_secure in wimshome/log/classes/$class/.def |
||
202 | sech=!trim $sech |
||
203 | !if $sech=$empty |
||
204 | t=0 |
||
205 | !else |
||
206 | t=!checkhost $sech |
||
207 | !if $t<1 |
||
208 | t=-1 |
||
209 | !endif |
||
210 | !endif |
||
211 | sup_secure=$t |
||
212 | !else |
||
213 | !read adm/class/raftest |
||
214 | !if $raftest>$lastallow |
||
215 | error=recent_rafale |
||
216 | !exit |
||
217 | !endif |
||
218 | sup_secure=-1 |
||
5100 | bpr | 219 | !if $user_agreecgu notwordof yes external and $agreecgu!=yes |
4360 | guerimand | 220 | error=no_cgu |
221 | !exit |
||
222 | !endif |
||
23 | reyssat | 223 | !endif |
224 | |||
225 | !read adm/class/authprep $class,$auth_user |
||
226 | |||
227 | !if $logfile!=$empty |
||
228 | !if $auth_user=supervisor |
||
229 | !appendfile $logfiles $now $httpd_REMOTE_ADDR supervisor login |
||
230 | !else |
||
231 | !appendfile $logfile $logline |
||
232 | !endif |
||
233 | !endif |
||
234 | |||
235 | !if $class_lock=7 and $auth_user!=supervisor |
||
236 | !usererror class_closed |
||
237 | !exit |
||
238 | !endif |
||
239 | |||
240 | !if $class_lock iswordof 2 4 6 |
||
241 | !set wims_protocol=https |
||
242 | !endif |
||
243 | !if $wims_user=$empty and $changesession!=no |
||
244 | !writefile wimshome/$wims_sesdir/var.class.prep $classdef |
||
245 | random=!randint 10^5,10^9 |
||
246 | !restart session=new.$random&lang=$clang&old_session=$wims_session&module=home |
||
247 | !else |
||
248 | !setdef $classdef in wimshome/$wims_sesdir/var.stat |
||
249 | !sh cd $wims_home\ |
||
250 | rm -Rf $(wims_sesdir)_*\ |
||
251 | mkdir -p log/classes/$class/score $wims_sesdir/getfile\ |
||
252 | rm -f $wims_sesdir/exam*\ |
||
253 | rm -f $wims_sesdir/getfile/oefimages\ |
||
254 | ln -s $wims_home/log/classes/$class/src/images $wims_sesdir/getfile/oefimages |
||
255 | !restart lang=$clang&module=home |
||
256 | !endif |
||
257 | |||
5001 | bpr | 258 | :end |