Rev 17285 | Blame | Compare with Previous | Last modification | View Log | RSS feed
!if $auth_password=*wims_site_manager
!if $wims_ismanager<2
auth_password=
!else
wims_realuser=SUPERVISOR
!goto auth_ok
!endif
!endif
!if $save_logincgu!=$empty
!if $agreecgu=yes
!read adm/class/userdef wimshome/log/classes,$class,$save_logincgu
!setdef !set user_agreecgu=yes in $userdef
!readdef $userdef
!reset error
!if $auth_test=OK
!goto auth_ok2
!endif
!endif
!!!reset $save_logincgu
!endif
!read adm/class/authchars
auth_user=!word 1 of $auth_user
auth_password=!word 1 of $auth_password
# new variables to keep original data (used only in external authentication)
auth_user_connection=$auth_user
auth_password_connection=$auth_password
##### EXTERNAL connection - part 1 #####
!!default sclass=$class
!if ($auth_user notsametext supervisor or $class_type>0) and $auth_method isitemof $auth_method_list
authdef=wimshome/log/classes/$superclass/.def
# don't use auth_user and auth_password, some characters are unavailable
# parameters are empty for auth-cas
!readproc adm/class/auth-$auth_method $auth_user_connection,$auth_password_connection
!endif
##### end of EXTERNAL connection - part 1 #####
# now we can run the script
!if $auth_method isitemof $auth_method_list and $auth_user!=supervisor
auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.userlist_external
!if $auth_user=$empty
auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.teacherlist_external
!endif
!endif
!!for retrocompatibility
!set char_login=$char_punct$char_login
auth_user=!translate internal . to @ in $auth_user
auth_user=!text select $char_login in $auth_user
auth_password=!text select $char_passwd in $auth_password
now=$wims_now
logfile=wimshome/log/classes/$class/.log.auth
logfiles=wimshome/log/classes/$class/.log
logline=$now $auth_user $$passwd $httpd_REMOTE_ADDR
!read adm/class/userdef classes,$class,$auth_user
pass=!defof user_password in $userdef
!! passcrypt $empty returns $empty but !setdef must not been done
!if $pass!=$empty
pass=!passcrypt $pass
!setdef !set user_password=$pass in $userdef
!endif
##FIXME ### Have to check that sclass is no yet useful
sclass=!defof class_superclass in wimshome/log/classes/$class/.def
!if $superclass!=$empty and $superclass!=$class
upartic=!defof user_participate in $userdef
usuperv=!defof user_supervise in $userdef
pclass=!defof class_parent in wimshome/log/classes/$class/.def
!if / isin $pclass and ../$pclass/ isin ../$class
ss=!defof class_ocourses in wimshome/log/classes/$pclass/.def
!if $ss!=$empty
ss=!makelist $wims_superclass/xx for xx in $ss
upartic=!append item $ss to $upartic
!endif
!endif
coursecheck=!defof user_class in wimshome/log/classes/$class/.users/$auth_user
!if $coursecheck!=$empty
upartic=!append item $class to $upartic
!endif
!!check mandatory course
dcourse=!record 0 of wimshome/log/classes/$pclass/courses
dcourse=!column 1 of $dcourse
!if $dcourse!=$empty
dcourse=!makelist $superclass/xx for xx in $dcourse
upartic=!append item $dcourse to $upartic
!endif
upartic=!listuniq $upartic
!if $auth_user=supervisor and $wims_user=supervisor
ctype=!defof class_typename in wimshome/log/classes/$class/.def
prog=!defof sharing_exam in wimshome/log/classes/$class/neighbors
!if $ctype iswordof course icourse and $prog=$wims_class
pass=$current_pass
!endif
!endif
!!upartic : no more authentification should check for optional courses ?
!if $class notitemof $upartic and $auth_user!=supervisor and $wims_user!=supervisor
pass=
!endif
# These lines should be opened later to close this possibility.
# !if $auth_user=supervisor and $wims_user=$empty
# pass=
# !endif
!endif
!if $auth_user=supervisor
!goto wimsauth
!endif
##### final test of external connection #####
# finaly, we must check if user is allowed in class
exist_check=!defof user_exists in $userdef
!if OK iswordof $auth_test and $auth_method isitemof $auth_method_list
!if $exist_check issametext yes
!goto auth_ok
!else
!setdef user_auth=$auth_user_orig in wimshome/$wims_sesdir/var.stat
!goto end
!endif
!endif
##### end of final test of external connection #####
:wimsauth
pass=!passcrypt $pass
!if $pass=$empty
!if $auth_user_connection=$empty
!exit
!endif
passwd=????
!appendfile $logfile $logline
auth_user=$auth_user_connection
error=bad_password
!exit
!endif
!if $wims_superclass!=$empty and $wims_user!=supervisor and $auth_user!=$wims_user
supervisable=!defof user_supervisable in wimshome/log/classes/$wims_superclass/.users/$wims_user
!if $supervisable!=yes
current_pass=
!endif
!endif
auth_password_check=!passcheck $current_pass and $pass
!if ($auth_user!=$empty and $class $auth_user isitemof $wims_otherclass) or \
($current_pass!=$empty and $auth_password_check=yes) or \
($auth_user=$wims_user and $class isitemof $wims_participate) or \
($auth_user=supervisor and $wims_user=supervisor and \
(../$wims_class/ isin ../$class/ or $superclass=$wims_class)) or \
($auth_user=supervisor and $class isitemof $wims_supervise)
!goto auth_ok
!endif
!if $auth_password=$empty
!exit
!endif
!read adm/class/authdelay
!if $auth_password_check=no
!if $auth_user_orig=$empty and $auth_password=$empty
!exit
!endif
passwd=??????
!appendfile $logfile $logline
auth_user=$auth_user_orig
error=bad_password
!exit
!endif
:auth_ok
!if $auth_user=supervisor and $wims_user!=$empty and $wims_user!=supervisor and \
$class notitemof $wims_supervise
userdef_save=$userdef
!read adm/class/userdef classes,$wims_class,$wims_user
!exchange userdef_save,userdef
spv=!defof user_supervisable in $userdef_save
!if $spv=yes
wims_supervise=!append item $class to $wims_supervise
!setdef !set user_supervise=$wims_supervise in $userdef_save
!endif
!endif
n=!positionof word $auth_password in $pass
n=!item 1 of $n
!if $n!=$empty
passwd=OK$n $
!else
passwd=$wims_class
!endif
# one-time password
!if $n!=$empty and $n>1
pass=!replace word $auth_password by $ in $pass
pass=!singlespace $pass
pass=!trim $pass
!setdef !set user_password=$pass in $userdef
!endif
:auth_ok2
!defread $userdef
ctype=!defof class_type in wimshome/log/classes/$class/.def
!if $ctype=4 and $auth_user!=supervisor and $user_supervisable!=yes\
and (/ notin $wims_class or ../$wims_superclass/ notin ../$wims_class/)
utest=!itemcnt $user_participate
!if $utest=1 and / isin $user_participate
class=!item 1 of $user_participate
!defread wimshome/log/classes/$class/.def
!endif
!endif
clang=!defof class_lang in wimshome/log/classes/$class/.def
!if $auth_user=supervisor
sech=!defof class_secure in wimshome/log/classes/$class/.def
sech=!trim $sech
!if $sech=$empty
t=0
!else
t=!checkhost $sech
!if $t<1
t=-1
!endif
!endif
sup_secure=$t
!else
!read adm/class/raftest
!if $raftest>$lastallow
error=recent_rafale
!exit
!endif
sup_secure=-1
!if $user_agreecgu notwordof yes external and $agreecgu!=yes
error=no_cgu
!exit
!endif
!endif
!if / notin $class and $class<=9999 and anonymous isin $auth_user
!read adm/class/anonymous.proc $class,$auth_user
auth_user=$output_user
!endif
!read adm/class/authprep $class,$auth_user
!if $logfile!=$empty
!if $auth_user=supervisor
!appendfile $logfiles $now $httpd_REMOTE_ADDR supervisor login
!else
!appendfile $logfile $logline
!endif
!endif
!if $class_lock=7 and $auth_user!=supervisor
!usererror class_closed
!exit
!endif
!if $class_lock iswordof 2 4 6
!set wims_protocol=https
!endif
!if $wims_user=$empty and $changesession!=no
!writefile wimshome/$wims_sesdir/var.class.prep $classdef
random=!randint 10^5,10^9
!restart session=new.$random&lang=$clang&old_session=$wims_session&module=home
!else
!setdef $classdef in wimshome/$wims_sesdir/var.stat
!sh cd $wims_home\
rm -Rf $(wims_sesdir)_*\
mkdir -p log/classes/$class/score $wims_sesdir/getfile\
rm -f $wims_sesdir/exam*\
rm -f $wims_sesdir/getfile/oefimages\
ln -s $wims_home/log/classes/$class/src/images $wims_sesdir/getfile/oefimages
!restart lang=$clang&module=home
!endif
:end