Subversion Repositories wimsdev

Rev

Rev 5108 | Rev 13211 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed 

!if $auth_password=*wims_site_manager
 !if $wims_ismanager<2
  auth_password=
 !else
  !goto auth_ok
 !endif
!endif

!if $save_logincgu!=$empty
 !if $agreecgu=yes
  !read adm/class/userdef wimshome/log/classes,$class,$save_logincgu
  !setdef !set user_agreecgu=yes in $userdef
  !readdef $userdef
  !reset error
  !if $auth_test=OK
     !goto auth_ok2
  !endif
 !endif
 !!!reset $save_logincgu
!endif

!read adm/class/authchars
auth_user=!word 1 of $auth_user
auth_password=!word 1 of $auth_password

# new variables to keep original data (used only in external authentication)
auth_user_connection=$auth_user
auth_password_connection=$auth_password

##### EXTERNAL connection - part 1 #####
!!default sclass=$class

!if ($auth_user notsametext supervisor or $class_type>0) and $auth_method isitemof $auth_method_list
 authdef=wimshome/log/classes/$superclass/.def

 # don't use auth_user and auth_password, some characters are unvailable
 # parameters are empty for auth-cas
 !readproc adm/class/auth-$auth_method $auth_user_connection,$auth_password_connection

!endif
##### end of EXTERNAL connection - part 1 #####
# now we can run the script
!if $auth_method isitemof $auth_method_list and $auth_user!=supervisor
  auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.userlist_external
  !if $auth_user=$empty
    auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.teacherlist_external
  !endif
!endif
auth_user=!translate internal . to @ in $auth_user
auth_user=!text select $char_login in $auth_user
auth_password=!text select $char_passwd in $auth_password
now=$wims_now
logfile=wimshome/log/classes/$class/.log.auth
logfiles=wimshome/log/classes/$class/.log
logline=$now $auth_user         $$passwd        $httpd_REMOTE_ADDR

!read adm/class/userdef classes,$class,$auth_user

pass=!defof user_password in $userdef
FIXME ### Have to check that sclass is no yet useful
sclass=!defof class_superclass in wimshome/log/classes/$class/.def
!if $superclass!=$empty and $superclass!=$class
 upartic=!defof user_participate in $userdef
 usuperv=!defof user_supervise in $userdef
 pclass=!defof class_parent in wimshome/log/classes/$class/.def
 !if / isin $pclass and ../$pclass/ isin ../$class
  ss=!defof class_ocourses in wimshome/log/classes/$pclass/.def
  !if $ss!=$empty
   ss=!makelist $wims_superclass/xx for xx in $ss
   upartic=!append item $ss to $upartic
  !endif
 !endif
 coursecheck=!defof user_class in wimshome/log/classes/$class/.users/$auth_user
 !if $coursecheck!=$empty
  upartic=!append item $class to $upartic
 !endif
 !!check mandatory course
 dcourse=!record 0 of wimshome/log/classes/$pclass/courses
 dcourse=!column 1 of $dcourse
 !if $dcourse!=$empty
     dcourse=!makelist $wims_superclass/xx for xx in $dcourse
     upartic=!append item $dcourse to $upartic
 !endif
 upartic=!listuniq $upartic
 !if $auth_user=supervisor and $wims_user=supervisor
  ctype=!defof class_typename in wimshome/log/classes/$class/.def
  prog=!defof sharing_exam in wimshome/log/classes/$class/neighbors
  !if $ctype iswordof course icourse and $prog=$wims_class
   pass=$current_pass
  !endif
 !endif
!!upartic : no more authentification should check for optional courses ?
 !if $class notitemof $upartic and $auth_user!=supervisor and $wims_user!=supervisor
  pass=
 !endif
# These lines should be opened later to close this possibility.
# !if $auth_user=supervisor and $wims_user=$empty
#  pass=
# !endif
!endif

!if $auth_user=supervisor
 !goto wimsauth
!endif

##### final test of external connection #####
# finaly, we must check if user is allowed in class

exist_check=!defof user_exists in $userdef

!if OK iswordof $auth_test and $auth_method isitemof $auth_method_list
 !if $exist_check issametext yes
   !goto auth_ok
 !else
   !setdef user_auth=$auth_user_orig in wimshome/$wims_sesdir/var.stat
   !goto end
 !endif
!endif
##### end of final test of external connection #####
:wimsauth

pass=!passcrypt $pass
!if $pass=$empty
  !if $auth_user_connection=$empty
    !exit
  !endif
 passwd=????
 !appendfile $logfile $logline
 auth_user=$auth_user_connection
 error=bad_password
 !exit
!endif

!if $wims_superclass!=$empty and $wims_user!=supervisor and $auth_user!=$wims_user
 supervisable=!defof user_supervisable in wimshome/log/classes/$wims_superclass/.users/$wims_user
 !if $supervisable!=yes
  current_pass=
 !endif
!endif

cps=!passcrypt $current_pass
!if ($auth_user!=$empty and $class $auth_user isitemof $wims_otherclass) or \
        ($current_pass!=$empty and $cps iswordof $pass) or \
        ($auth_user=$wims_user and $class isitemof $wims_participate) or \
        ($auth_user=supervisor and $wims_user=supervisor and \
                (../$wims_class/ isin ../$class/ or $superclass=$wims_class)) or \
        ($auth_user=supervisor and $class isitemof $wims_supervise)
 !goto auth_ok
!endif

!if $auth_password=$empty
 !exit
!endif

!read adm/class/authdelay
!if $auth_password notwordof $pass
  !if $auth_user_orig=$empty and $auth_password=$empty
    !exit
  !endif
 passwd=??????
 !appendfile $logfile $logline
 auth_user=$auth_user_orig
 error=bad_password
 !exit
!endif

:auth_ok
!if $auth_user=supervisor and $wims_user!=$empty and $wims_user!=supervisor and \
        $class notitemof $wims_supervise
 userdef_save=$userdef
 !read adm/class/userdef classes,$wims_class,$wims_user
 !exchange userdef_save,userdef
 spv=!defof user_supervisable in $userdef_save
 !if $spv=yes
  wims_supervise=!append item $class to $wims_supervise
  !setdef !set user_supervise=$wims_supervise in $userdef_save
 !endif
!endif
n=!positionof word $auth_password in $pass
n=!item 1 of $n
!if $n!=$empty
 passwd=OK$n   $
!else
 passwd=$wims_class
!endif
# one-time password
!if $n!=$empty and $n>1
 pass=!replace word $auth_password by $ in $pass
 pass=!singlespace $pass
 pass=!trim $pass
 !setdef !set user_password=$pass in $userdef
!endif
:auth_ok2

!defread $userdef
ctype=!defof class_type in wimshome/log/classes/$class/.def
!if $ctype=4 and $auth_user!=supervisor and $user_supervisable!=yes\
  and (/ notin $wims_class or ../$wims_superclass/ notin ../$wims_class/)
 utest=!itemcnt $user_participate
 !if $utest=1 and / isin $user_participate
  class=!item 1 of $user_participate
  !defread wimshome/log/classes/$class/.def
 !endif
!endif
clang=!defof class_lang in wimshome/log/classes/$class/.def



!if $auth_user=supervisor
 sech=!defof class_secure in wimshome/log/classes/$class/.def
 sech=!trim $sech
 !if $sech=$empty
  t=0
 !else
  t=!checkhost $sech
  !if $t<1
   t=-1
  !endif
 !endif
 sup_secure=$t
!else
 !read adm/class/raftest
 !if $raftest>$lastallow
  error=recent_rafale
  !exit
 !endif
 sup_secure=-1
 !if $user_agreecgu notwordof yes external and $agreecgu!=yes
  error=no_cgu
  !exit
 !endif
!endif

!read adm/class/authprep $class,$auth_user

!if $logfile!=$empty
 !if $auth_user=supervisor
  !appendfile $logfiles $now $httpd_REMOTE_ADDR         supervisor login
 !else
  !appendfile $logfile $logline
 !endif
!endif

!if $class_lock=7 and $auth_user!=supervisor
 !usererror class_closed
 !exit
!endif

!if $class_lock iswordof 2 4 6
 !set wims_protocol=https
!endif
!if $wims_user=$empty and $changesession!=no
 !writefile wimshome/$wims_sesdir/var.class.prep $classdef
 random=!randint 10^5,10^9
 !restart session=new.$random&lang=$clang&old_session=$wims_session&module=home
!else
 !setdef $classdef in wimshome/$wims_sesdir/var.stat
 !sh cd $wims_home\
        rm -Rf $(wims_sesdir)_*\
        mkdir -p log/classes/$class/score $wims_sesdir/getfile\
        rm -f $wims_sesdir/exam*\
        rm -f $wims_sesdir/getfile/oefimages\
        ln -s $wims_home/log/classes/$class/src/images $wims_sesdir/getfile/oefimages
 !restart lang=$clang&module=home
!endif

:end