This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".
The branch, master has been updated
via 06bcbe5fe389799ee84ce85a76586eff6550f9e9 (commit)
via 4af4d07761977498ab8686bf1d19cd085978a54a (commit)
from 280e688b8d9660e67aec26e944bed32f4e9173a7 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=06bcbe5fe389799ee84ce85a76586eff6550f9e9
commit 06bcbe5fe389799ee84ce85a76586eff6550f9e9
Merge: 280e688 4af4d07
Author: Franck Villaume <[email protected]>
Date: Tue Aug 17 14:16:30 2021 +0200
Merge remote-tracking branch 'rhabacker/master-946'
Avoid code duplication in auth plugins
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=4af4d07761977498ab8686bf1d19cd085978a54a
commit 4af4d07761977498ab8686bf1d19cd085978a54a
Author: Ralf Habacker <[email protected]>
Date: Wed May 26 10:06:46 2021 +0200
[#946] Avoid code duplication in auth plugins for the return values for
checkAuthSession()
The definition of the return values has been moved to setAuthStateResult()
to avoid code duplication.
In this context, the initialization of $this->saved_user, if needed, is now
uniform in the available plugins.
diff --git a/src/common/include/AuthPlugin.class.php
b/src/common/include/AuthPlugin.class.php
index 09c5dd0..391355b 100644
--- a/src/common/include/AuthPlugin.class.php
+++ b/src/common/include/AuthPlugin.class.php
@@ -102,7 +102,7 @@ abstract class ForgeAuthPlugin extends Plugin {
* checkAuthSession - Is there a valid session?
*
* @param array $params
- * @return FORGE_AUTH_AUTHORITATIVE_ACCEPT,
FORGE_AUTH_AUTHORITATIVE_REJECT or FORGE_AUTH_NOT_AUTHORITATIVE
+ * @return see setAuthStateResult()
* TODO : document 'auth_token' param
*/
function checkAuthSession(&$params) {
@@ -112,21 +112,8 @@ abstract class ForgeAuthPlugin extends Plugin {
} else {
$user_id = $this->checkSessionCookie();
}
- if ($user_id) {
- $this->saved_user = user_get_object($user_id);
- if ($this->isSufficient()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- } else {
- $this->saved_user = NULL;
- if ($this->isRequired()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- }
+ $this->saved_user = $user_id ? user_get_object($user_id) : NULL;
+ $this->setAuthStateResult($params, $this->saved_user);
}
/**
@@ -288,6 +275,41 @@ abstract class ForgeAuthPlugin extends Plugin {
forge_define_config_item ('sync_data_on', $this->name, 'never');
}
+
+ /**
+ * Set 'results' array in the given array to a value expected by the
auth support
+ *
+ * Auth support requires as a result of some functions that in the
given $params array,
+ * the ['results'][<plugin_name>] key is set to one of the following
values
+ *
+ * - FORGE_AUTH_AUTHORITATIVE_ACCEPT
+ * - FORGE_AUTH_AUTHORITATIVE_REJECT
+ * - FORGE_AUTH_NOT_AUTHORITATIVE
+ *
+ * depending on the given $state.
+ *
+ * @param array $params
+ * @param bool $state
+ * @return given state
+ * @return $param['results'][<plugin_name>] set
+ */
+ protected function setAuthStateResult(&$params, $state)
+ {
+ if ($state) {
+ if ($this->isSufficient()) {
+ $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
+ } else {
+ $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
+ }
+ } else {
+ if ($this->isRequired()) {
+ $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
+ } else {
+ $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
+ }
+ }
+ return $state;
+ }
}
// Local Variables:
diff --git a/src/plugins/authcas/common/AuthCASPlugin.class.php
b/src/plugins/authcas/common/AuthCASPlugin.class.php
index 9d77b64..c84642f 100644
--- a/src/plugins/authcas/common/AuthCASPlugin.class.php
+++ b/src/plugins/authcas/common/AuthCASPlugin.class.php
@@ -122,21 +122,8 @@ server.");
$user = $this->startSession(phpCAS::getUser());
}
- // TODO : document this
- if ($user) {
- if ($this->isSufficient()) {
- $this->saved_user = $user;
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- } else {
- if ($this->isRequired()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- }
+ $this->saved_user = $user;
+ $this->setAuthStateResult($params, $user);
}
/**
diff --git a/src/plugins/authhttpd/common/AuthHTTPDPlugin.class.php
b/src/plugins/authhttpd/common/AuthHTTPDPlugin.class.php
index 21efdbd..0db4f34 100644
--- a/src/plugins/authhttpd/common/AuthHTTPDPlugin.class.php
+++ b/src/plugins/authhttpd/common/AuthHTTPDPlugin.class.php
@@ -78,19 +78,7 @@ FusionForge, for instance where Kerberos is used.");
function session_login_valid($params) {
$user = user_get_object_by_name($params['loginname']);
- if ($user) {
- if ($this->isSufficient()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- } else {
- if ($this->isRequired()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- }
+ $this->setAuthStateResult($params, $user);
return true;
}
@@ -112,21 +100,8 @@ FusionForge, for instance where Kerberos is used.");
$user = user_get_object_by_name($username);
}
- // TODO : shouldn't this part be factorized as it seems quite
common for many plugins ?
- if ($user) {
- if ($this->isSufficient()) {
- $this->saved_user = $user;
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- } else {
- if ($this->isRequired()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- }
+ $this->saved_user = $user;
+ $this->setAuthStateResult($params, $user);
}
/**
diff --git a/src/plugins/authldap/common/AuthLDAPPlugin.class.php
b/src/plugins/authldap/common/AuthLDAPPlugin.class.php
index ab77333..d043d4c 100644
--- a/src/plugins/authldap/common/AuthLDAPPlugin.class.php
+++ b/src/plugins/authldap/common/AuthLDAPPlugin.class.php
@@ -391,21 +391,8 @@ into the FusionForge database.");
} else {
$user_id = $this->checkSessionCookie();
}
- if ($user_id) {
- $this->saved_user = user_get_object($user_id);
- if ($this->isSufficient()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- } else {
- $this->saved_user = NULL;
- if ($this->isRequired()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- }
+ $this->saved_user = $user_id ? user_get_object($user_id) : NULL;
+ $this->setAuthStateResult($params, $user_id);
}
}
diff --git a/src/plugins/authopenid/include/AuthOpenIDPlugin.class.php
b/src/plugins/authopenid/include/AuthOpenIDPlugin.class.php
index 514bbec..a42538a 100644
--- a/src/plugins/authopenid/include/AuthOpenIDPlugin.class.php
+++ b/src/plugins/authopenid/include/AuthOpenIDPlugin.class.php
@@ -113,20 +113,8 @@ class AuthOpenIDPlugin extends ForgeAuthPlugin {
}
}
- if ($user) {
- if ($this->isSufficient()) {
- $this->saved_user = $user;
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- } else {
- if ($this->isRequired()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- }
+ $this->saved_user = $user;
+ $this->setAuthStateResult($params, $user);
}
/**
diff --git a/src/plugins/authwebid/include/AuthWebIDPlugin.class.php
b/src/plugins/authwebid/include/AuthWebIDPlugin.class.php
index e204c2e..cc68e1b 100644
--- a/src/plugins/authwebid/include/AuthWebIDPlugin.class.php
+++ b/src/plugins/authwebid/include/AuthWebIDPlugin.class.php
@@ -131,20 +131,8 @@ class AuthWebIDPlugin extends ForgeAuthPlugin {
}
}
- if ($user) {
- if ($this->isSufficient()) {
- $this->saved_user = $user;
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_ACCEPT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- } else {
- if ($this->isRequired()) {
- $params['results'][$this->name] =
FORGE_AUTH_AUTHORITATIVE_REJECT;
- } else {
- $params['results'][$this->name] =
FORGE_AUTH_NOT_AUTHORITATIVE;
- }
- }
+ $this->saved_user = $user;
+ $this->setAuthStateResult($params, $user);
}
/**
-----------------------------------------------------------------------
Summary of changes:
src/common/include/AuthPlugin.class.php | 54 +++++++++++++++-------
src/plugins/authcas/common/AuthCASPlugin.class.php | 17 +------
.../authhttpd/common/AuthHTTPDPlugin.class.php | 31 ++-----------
.../authldap/common/AuthLDAPPlugin.class.php | 17 +------
.../authopenid/include/AuthOpenIDPlugin.class.php | 16 +------
.../authwebid/include/AuthWebIDPlugin.class.php | 16 +------
6 files changed, 49 insertions(+), 102 deletions(-)
hooks/post-receive
--
FusionForge
_______________________________________________
Fusionforge-commits mailing list
[email protected]
http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-commits
