1
1
Fork 0
mirror of https://code.mensbeam.com/MensBeam/Arsse.git synced 2025-01-10 18:02:40 +00:00
Arsse/lib/User.php

453 lines
20 KiB
PHP
Raw Normal View History

<?php
/** @license MIT
* Copyright 2017 J. King, Dustin Wilson et al.
* See LICENSE and AUTHORS files for details */
declare(strict_types=1);
2017-03-28 04:12:12 +00:00
namespace JKingWeb\Arsse;
class User {
const RIGHTS_NONE = 0; // normal user
const RIGHTS_DOMAIN_MANAGER = 25; // able to act for any normal users on same domain; cannot elevate other users
const RIGHTS_DOMAIN_ADMIN = 50; // able to act for any users on same domain not above themselves; may elevate users on same domain to domain manager or domain admin
const RIGHTS_GLOBAL_MANAGER = 75; // able to act for any normal users on any domain; cannot elevate other users
const RIGHTS_GLOBAL_ADMIN = 100; // is completely unrestricted
2017-08-29 14:50:31 +00:00
public $id = null;
2017-02-16 20:29:42 +00:00
/**
* @var User\Driver
*/
2017-02-16 20:29:42 +00:00
protected $u;
protected $authz = 0;
2017-02-16 20:29:42 +00:00
protected $authzSupported = 0;
2017-02-28 04:04:13 +00:00
protected $actor = [];
2017-08-29 14:50:31 +00:00
public static function driverList(): array {
2017-02-16 20:29:42 +00:00
$sep = \DIRECTORY_SEPARATOR;
$path = __DIR__.$sep."User".$sep;
$classes = [];
2017-08-29 14:50:31 +00:00
foreach (glob($path."*".$sep."Driver.php") as $file) {
$name = basename(dirname($file));
$class = NS_BASE."User\\$name\\Driver";
$classes[$class] = $class::driverName();
2017-02-16 20:29:42 +00:00
}
return $classes;
}
public function __construct() {
$driver = Arsse::$conf->userDriver;
$this->u = new $driver();
2017-02-16 20:29:42 +00:00
}
public function __toString() {
2017-08-29 14:50:31 +00:00
if ($this->id===null) {
2017-07-21 02:40:09 +00:00
$this->credentials();
}
2017-02-16 20:29:42 +00:00
return (string) $this->id;
}
// checks whether the logged in user is authorized to act for the affected user (used especially when granting rights)
2017-08-29 14:50:31 +00:00
public function authorize(string $affectedUser, string $action, int $newRightsLevel = 0): bool {
// if authorization checks are disabled (either because we're running the installer or the background updater) just return true
2017-08-29 14:50:31 +00:00
if (!$this->authorizationEnabled()) {
2017-07-21 02:40:09 +00:00
return true;
}
// if we don't have a logged-in user, fetch credentials
2017-08-29 14:50:31 +00:00
if ($this->id===null) {
2017-07-21 02:40:09 +00:00
$this->credentials();
}
// if the affected user is the actor and the actor is not trying to grant themselves rights, accept the request
2017-08-29 14:50:31 +00:00
if ($affectedUser==Arsse::$user->id && $action != "userRightsSet") {
2017-07-21 02:40:09 +00:00
return true;
}
// if we're authorizing something other than a user function and the affected user is not the actor, make sure the affected user exists
$this->authorizationEnabled(false);
2017-08-29 14:50:31 +00:00
if (Arsse::$user->id != $affectedUser && strpos($action, "user")!==0 && !$this->exists($affectedUser)) {
2017-07-21 02:40:09 +00:00
throw new User\Exception("doesNotExist", ["action" => $action, "user" => $affectedUser]);
}
$this->authorizationEnabled(true);
// get properties of actor if not already available
2017-08-29 14:50:31 +00:00
if (!sizeof($this->actor)) {
2017-07-21 02:40:09 +00:00
$this->actor = $this->propertiesGet(Arsse::$user->id);
}
$rights = $this->actor["rights"];
// if actor is a global admin, accept the request
2017-08-29 14:50:31 +00:00
if ($rights==User\Driver::RIGHTS_GLOBAL_ADMIN) {
2017-07-21 02:40:09 +00:00
return true;
}
// if actor is a common user, deny the request
2017-08-29 14:50:31 +00:00
if ($rights==User\Driver::RIGHTS_NONE) {
2017-07-21 02:40:09 +00:00
return false;
}
// if actor is not some other sort of admin, deny the request
2017-08-29 14:50:31 +00:00
if (!in_array($rights, [User\Driver::RIGHTS_GLOBAL_MANAGER,User\Driver::RIGHTS_DOMAIN_MANAGER,User\Driver::RIGHTS_DOMAIN_ADMIN], true)) {
2017-07-21 02:40:09 +00:00
return false;
}
// if actor is a domain admin/manager and domains don't match, deny the request
2017-08-29 14:50:31 +00:00
if ($this->actor["domain"] && $rights != User\Driver::RIGHTS_GLOBAL_MANAGER) {
$test = "@".$this->actor["domain"];
2017-08-29 14:50:31 +00:00
if (substr($affectedUser, -1*strlen($test)) != $test) {
2017-07-21 02:40:09 +00:00
return false;
}
}
// certain actions shouldn't check affected user's rights
2017-08-29 14:50:31 +00:00
if (in_array($action, ["userRightsGet","userExists","userList"], true)) {
2017-07-21 02:40:09 +00:00
return true;
}
2017-08-29 14:50:31 +00:00
if ($action=="userRightsSet") {
// setting rights above your own is not allowed
2017-08-29 14:50:31 +00:00
if ($newRightsLevel > $rights) {
2017-07-21 02:40:09 +00:00
return false;
}
// setting yourself to rights you already have is harmless and can be allowed
2017-08-29 14:50:31 +00:00
if ($this->id==$affectedUser && $newRightsLevel==$rights) {
2017-07-21 02:40:09 +00:00
return true;
}
// managers can only set their own rights, and only to normal user
2017-08-29 14:50:31 +00:00
if (in_array($rights, [User\Driver::RIGHTS_DOMAIN_MANAGER, User\Driver::RIGHTS_GLOBAL_MANAGER])) {
if ($this->id != $affectedUser || $newRightsLevel != User\Driver::RIGHTS_NONE) {
2017-07-21 02:40:09 +00:00
return false;
}
return true;
}
}
$affectedRights = $this->rightsGet($affectedUser);
// managers can only act on themselves (checked above) or regular users
2017-08-29 14:50:31 +00:00
if (in_array($rights, [User\Driver::RIGHTS_GLOBAL_MANAGER,User\Driver::RIGHTS_DOMAIN_MANAGER]) && $affectedRights != User\Driver::RIGHTS_NONE) {
2017-07-21 02:40:09 +00:00
return false;
}
2017-02-28 16:19:33 +00:00
// domain admins canot act above themselves
2017-08-29 14:50:31 +00:00
if (!in_array($affectedRights, [User\Driver::RIGHTS_NONE,User\Driver::RIGHTS_DOMAIN_MANAGER,User\Driver::RIGHTS_DOMAIN_ADMIN])) {
2017-07-21 02:40:09 +00:00
return false;
}
return true;
}
2017-02-16 20:29:42 +00:00
public function credentials(): array {
2017-08-29 14:50:31 +00:00
if ($_SERVER['PHP_AUTH_USER']) {
2017-02-16 20:29:42 +00:00
$out = ["user" => $_SERVER['PHP_AUTH_USER'], "password" => $_SERVER['PHP_AUTH_PW']];
2017-08-29 14:50:31 +00:00
} elseif ($_SERVER['REMOTE_USER']) {
2017-02-16 20:29:42 +00:00
$out = ["user" => $_SERVER['REMOTE_USER'], "password" => ""];
} else {
$out = ["user" => "", "password" => ""];
}
$this->id = $out["user"];
return $out;
}
public function auth(string $user = null, string $password = null): bool {
2017-08-29 14:50:31 +00:00
if ($user===null) {
return $this->authHTTP();
2017-02-16 20:29:42 +00:00
} else {
2017-02-28 04:04:13 +00:00
$this->id = $user;
$this->actor = [];
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions("auth")) {
case User\Driver::FUNC_EXTERNAL:
2017-08-29 14:50:31 +00:00
if (Arsse::$conf->userPreAuth) {
$out = true;
} else {
$out = $this->u->auth($user, $password);
}
2017-08-29 14:50:31 +00:00
if ($out && !Arsse::$db->userExists($user)) {
2017-07-21 02:40:09 +00:00
$this->autoProvision($user, $password);
}
return $out;
case User\Driver::FUNC_INTERNAL:
2017-08-29 14:50:31 +00:00
if (Arsse::$conf->userPreAuth) {
if (!Arsse::$db->userExists($user)) {
2017-07-21 02:40:09 +00:00
$this->autoProvision($user, $password);
}
return true;
} else {
return $this->u->auth($user, $password);
}
case User\Driver::FUNCT_NOT_IMPLEMENTED:
return false;
2017-02-16 20:29:42 +00:00
}
}
}
public function authHTTP(): bool {
$cred = $this->credentials();
2017-08-29 14:50:31 +00:00
if (!$cred["user"]) {
2017-07-21 02:40:09 +00:00
return false;
}
return $this->auth($cred["user"], $cred["password"]);
2017-02-16 20:29:42 +00:00
}
public function driverFunctions(string $function = null) {
return $this->u->driverFunctions($function);
}
2017-02-16 20:29:42 +00:00
public function list(string $domain = null): array {
$func = "userList";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if ($domain===null) {
if (!$this->authorize("@".$domain, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $domain]);
}
} else {
2017-08-29 14:50:31 +00:00
if (!$this->authorize("", $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => "all users"]);
}
}
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userList($domain);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $domain]);
2017-02-16 20:29:42 +00:00
}
}
public function authorizationEnabled(bool $setting = null): bool {
2017-08-29 14:50:31 +00:00
if (is_null($setting)) {
2017-07-21 02:40:09 +00:00
return !$this->authz;
}
$this->authz += ($setting ? -1 : 1);
2017-08-29 14:50:31 +00:00
if ($this->authz < 0) {
2017-07-21 02:40:09 +00:00
$this->authz = 0;
}
return !$this->authz;
2017-02-16 20:29:42 +00:00
}
2017-02-16 20:29:42 +00:00
public function exists(string $user): bool {
$func = "userExists";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if (!$this->authorize($user, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
}
$out = $this->u->userExists($user);
2017-08-29 14:50:31 +00:00
if ($out && !Arsse::$db->userExists($user)) {
2017-07-21 02:40:09 +00:00
$this->autoProvision($user, "");
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userExists($user);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
// throwing an exception here would break all kinds of stuff; we just report that the user exists
return true;
2017-02-16 20:29:42 +00:00
}
}
public function add($user, $password = null): string {
$func = "userAdd";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if (!$this->authorize($user, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
}
$newPassword = $this->u->userAdd($user, $password);
// if there was no exception and we don't have the user in the internal database, add it
2017-08-29 14:50:31 +00:00
if (!Arsse::$db->userExists($user)) {
2017-07-21 02:40:09 +00:00
$this->autoProvision($user, $newPassword);
}
return $newPassword;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userAdd($user, $password);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
2017-02-16 20:29:42 +00:00
}
}
public function remove(string $user): bool {
$func = "userRemove";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if (!$this->authorize($user, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
}
$out = $this->u->userRemove($user);
2017-08-29 14:50:31 +00:00
if ($out && Arsse::$db->userExists($user)) {
// if the user was removed and we have it in our data, remove it there
2017-08-29 14:50:31 +00:00
if (!Arsse::$db->userExists($user)) {
2017-07-21 02:40:09 +00:00
Arsse::$db->userRemove($user);
}
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userRemove($user);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
2017-02-16 20:29:42 +00:00
}
}
2017-02-21 00:04:08 +00:00
public function passwordSet(string $user, string $newPassword = null, $oldPassword = null): string {
$func = "userPasswordSet";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if (!$this->authorize($user, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
}
$out = $this->u->userPasswordSet($user, $newPassword, $oldPassword);
2017-08-29 14:50:31 +00:00
if (Arsse::$db->userExists($user)) {
// if the password change was successful and the user exists, set the internal password to the same value
Arsse::$db->userPasswordSet($user, $out);
} else {
// if the user does not exists in the internal database, create it
$this->autoProvision($user, $out);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userPasswordSet($user, $newPassword);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
2017-02-16 20:29:42 +00:00
}
}
public function propertiesGet(string $user, bool $withAvatar = false): array {
// prepare default values
2017-02-16 20:29:42 +00:00
$domain = null;
2017-08-29 14:50:31 +00:00
if (strrpos($user, "@")!==false) {
$domain = substr($user, strrpos($user, "@")+1);
2017-07-21 02:40:09 +00:00
}
2017-02-16 20:29:42 +00:00
$init = [
"id" => $user,
"name" => $user,
"rights" => User\Driver::RIGHTS_NONE,
"domain" => $domain
];
$func = "userPropertiesGet";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if (!$this->authorize($user, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
}
$out = array_merge($init, $this->u->userPropertiesGet($user));
// remove password if it is return (not exhaustive, but...)
2017-08-29 14:50:31 +00:00
if (array_key_exists('password', $out)) {
2017-07-21 02:40:09 +00:00
unset($out['password']);
}
// if the user does not exist in the internal database, add it
2017-08-29 14:50:31 +00:00
if (!Arsse::$db->userExists($user)) {
2017-07-21 02:40:09 +00:00
$this->autoProvision($user, "", $out);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return array_merge($init, $this->u->userPropertiesGet($user));
case User\Driver::FUNCT_NOT_IMPLEMENTED:
// we can return generic values if the function is not implemented
return $init;
2017-02-16 20:29:42 +00:00
}
}
public function propertiesSet(string $user, array $properties): array {
// remove from the array any values which should be set specially
2017-08-29 14:50:31 +00:00
foreach (['id', 'domain', 'password', 'rights'] as $key) {
if (array_key_exists($key, $properties)) {
2017-07-21 02:40:09 +00:00
unset($properties[$key]);
}
}
$func = "userPropertiesSet";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if (!$this->authorize($user, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
}
$out = $this->u->userPropertiesSet($user, $properties);
2017-08-29 14:50:31 +00:00
if (Arsse::$db->userExists($user)) {
// if the property change was successful and the user exists, set the internal properties to the same values
Arsse::$db->userPropertiesSet($user, $out);
} else {
// if the user does not exists in the internal database, create it
$this->autoProvision($user, "", $out);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userPropertiesSet($user, $properties);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
2017-02-16 20:29:42 +00:00
}
}
public function rightsGet(string $user): int {
$func = "userRightsGet";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if (!$this->authorize($user, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
}
$out = $this->u->userRightsGet($user);
// if the user does not exist in the internal database, add it
2017-08-29 14:50:31 +00:00
if (!Arsse::$db->userExists($user)) {
2017-07-21 02:40:09 +00:00
$this->autoProvision($user, "", null, $out);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userRightsGet($user);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
// assume all users are unprivileged
return User\Driver::RIGHTS_NONE;
2017-02-16 20:29:42 +00:00
}
}
2017-02-16 20:29:42 +00:00
public function rightsSet(string $user, int $level): bool {
$func = "userRightsSet";
2017-08-29 14:50:31 +00:00
switch ($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
2017-08-29 14:50:31 +00:00
if (!$this->authorize($user, $func)) {
2017-07-21 02:40:09 +00:00
throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
}
$out = $this->u->userRightsSet($user, $level);
// if the user does not exist in the internal database, add it
2017-08-29 14:50:31 +00:00
if ($out && Arsse::$db->userExists($user)) {
$authz = $this->authorizationEnabled();
$this->authorizationEnabled(false);
Arsse::$db->userRightsSet($user, $level);
$this->authorizationEnabled($authz);
2017-08-29 14:50:31 +00:00
} elseif ($out) {
$this->autoProvision($user, "", null, $level);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userRightsSet($user, $level);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
2017-02-16 20:29:42 +00:00
}
}
protected function autoProvision(string $user, string $password = null, array $properties = null, int $rights = 0): string {
// temporarily disable authorization checks, to avoid potential problems
$this->authorizationEnabled(false);
// create the user
$out = Arsse::$db->userAdd($user, $password);
// set the user rights
Arsse::$db->userRightsSet($user, $rights);
// set the user properties...
2017-08-29 14:50:31 +00:00
if ($properties===null) {
// if nothing is provided but the driver uses an external function, try to get the current values from the external source
try {
2017-08-29 14:50:31 +00:00
if ($this->u->driverFunctions("userPropertiesGet")==User\Driver::FUNC_EXTERNAL) {
2017-07-21 02:40:09 +00:00
Arsse::$db->userPropertiesSet($user, $this->u->userPropertiesGet($user));
}
2017-08-29 14:50:31 +00:00
} catch (\Throwable $e) {
}
} else {
// otherwise if values are provided, use those
Arsse::$db->userPropertiesSet($user, $properties);
2017-02-16 20:29:42 +00:00
}
// re-enable authorization and return
2017-05-12 03:20:10 +00:00
$this->authorizationEnabled(true);
return $out;
2017-02-16 20:29:42 +00:00
}
2017-08-29 14:50:31 +00:00
}