Created
June 1, 2010 17:50
-
-
Save opengeek/421232 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * An extension to modUser that allows Atlassian Crowd integration via SOAP. | |
| * | |
| * @todo Complete this class to handle all external user management tasks | |
| * allowed with Crowd. | |
| * | |
| * @package modx | |
| * @subpackage user.crowd | |
| */ | |
| class modCrowdUser extends modUser { | |
| function __construct(xPDO & $xpdo) { | |
| parent :: __construct($xpdo); | |
| $this->set('class_key','modCrowdUser'); | |
| } | |
| public function changePassword($newPassword) { | |
| $changed= false; | |
| if (!empty($newPassword) && $this->isAuthenticated()) { | |
| $crowdAttributes = array ( | |
| 'url' => $this->xpdo->getOption('user.crowd.url'), | |
| 'application' => $this->xpdo->getOption('user.crowd.application'), | |
| 'credential' => $this->xpdo->getOption('user.crowd.credential'), | |
| ); | |
| if ($crowd = $this->xpdo->getService('crowd', 'user.crowd.modCrowdClient', '', $crowdAttributes)) { | |
| $changed = $crowd->setPassword($this->get('username'), $newPassword); | |
| } | |
| $contextKey= $this->xpdo->context->get('key'); | |
| switch ($contextKey) { | |
| case 'web': | |
| $this->xpdo->invokeEvent("OnWebChangePassword", array ( | |
| "userid" => $this->get('id'), | |
| "username" => $this->get('username'), | |
| "userpassword" => $newPassword) | |
| ); | |
| break; | |
| case 'mgr': | |
| $this->xpdo->invokeEvent("OnManagerChangePassword", array ( | |
| "userid" => $this->get('id'), | |
| "username" => $this->get('username'), | |
| "userpassword" => $newPassword) | |
| ); | |
| break; | |
| } | |
| } | |
| return $changed; | |
| } | |
| public function updateCrowdPrincipal() { | |
| //TODO: implement me | |
| $this->xpdo->_log(xPDO::LOG_LEVEL_ERROR, "updateCrowdPrincipal has not yet been implemented."); | |
| return false; | |
| } | |
| public function save($cacheFlag = false) { | |
| $saved = false; | |
| if (!$this->isNew() && !empty($this->_dirty)) { | |
| if (isset($this->_dirty['username'])) { | |
| if (!$saved = $this->updateCrowdPrincipal()) { | |
| $this->xpdo->_log(xPDO::LOG_LEVEL_ERROR, "Crowd update for user with id {$this->get('id')} was unsuccessful."); | |
| return $saved; | |
| } | |
| //$this->set('cachepwd', ''); | |
| } | |
| elseif (isset($this->_dirty['password'])) { | |
| return false; | |
| /* | |
| if ($crowd = $this->xpdo->getService('crowd', 'user.crowd.modCrowdClient', '', $crowdAttributes)) { | |
| $saved = $crowd->setPassword($this->get('username'), $this->get('cachepwd')); | |
| if (!$saved = $this->set('password',$this->get('cachepwd'))) { | |
| $this->xpdo->log(xPDO::LOG_LEVEL_ERROR, "Crowd password change for {$this->get('username')} was unsuccessful."); | |
| return $saved; | |
| } | |
| } | |
| $this->set('password', ''); | |
| */ | |
| } | |
| } | |
| $this->_fields['password'] = ''; | |
| unset($this->_dirty['password']); | |
| $saved = parent :: save(); | |
| return $saved; | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <model package="modx.user.crowd" baseClass="xPDOObject" platform="mysql" defaultEngine="MyISAM" phpdoc-package="modx" phpdoc-subpackage="user-crowd"> | |
| <object class="modCrowdUser" table="users" extends="modUser" /> | |
| </model> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * @package crowd | |
| */ | |
| switch ($modx->event->name) { | |
| case "OnUserNotFound": | |
| $modx->event->_output= false; | |
| if (isset($username) && !empty($username)) { | |
| $crowdAttributes = array ( | |
| 'url' => $modx->getOption('user.crowd.url'), | |
| 'application' => $modx->getOption('user.crowd.application'), | |
| 'credential' => $modx->getOption('user.crowd.credential'), | |
| ); | |
| $modx->addPackage('modx.user.crowd', MODX_CORE_PATH . 'model/'); | |
| if ($crowd = $modx->getService('crowd', 'modCrowdClient', '', $crowdAttributes)) { | |
| $userexists = $crowd->findUsername($username); | |
| if ($userexists) { | |
| $user = & $scriptProperties['user']; | |
| $user = $modx->newObject('modCrowdUser'); | |
| $user->set('username', $username); | |
| $up = $modx->newObject('modUserProfile'); | |
| $user->addOne($up); | |
| $modx->event->_output= $user; | |
| $modx->event->stopPropagation(); | |
| } | |
| } | |
| } | |
| break; | |
| //Register this event for authentication in all other contexts | |
| case "OnWebAuthentication": | |
| //Register this event for manager authentication only | |
| case "OnManagerAuthentication": | |
| $authenticated = false; | |
| if (isset($user) && !empty($user) && isset($password) && !empty($password)) { | |
| $crowdAttributes = array ( | |
| 'url' => isset($crowdUrl) ? $crowdUrl : $modx->config['user.crowd.url'], | |
| 'application' => isset($crowdApp) ? $crowdApp : $modx->config['user.crowd.application'], | |
| 'credential' => isset($crowdPwd) ? $crowdPwd : $modx->config['user.crowd.credential'] | |
| ); | |
| $modx->addPackage('modx.user.crowd', MODX_CORE_PATH . 'model/'); | |
| if ($crowd = $modx->getService('crowd', 'modCrowdClient', '', $crowdAttributes)) { | |
| if ($authenticated = $crowd->authenticate($user->get('username'), $password)) { | |
| if ($user instanceof modCrowdUser && $modx->getOption('user.crowd.autoadd')) { | |
| if ($user->isNew() && $userDetails = $crowd->getUser($user->get('username'))) { | |
| $user->Profile->set('fullname', implode(" ", array($userDetails['givenName'], $userDetails['sn']))); | |
| $user->Profile->set('email', $userDetails['mail']); | |
| $user->Profile->set('failed_logins', $userDetails['invalidPasswordAttempts']); | |
| $user->Profile->set('last_login', $userDetails['lastAuthenticated']); | |
| $authenticated = $user->save(); | |
| if (!$authenticated) { | |
| $modx->log(modX::LOG_LEVEL_ERROR, 'Could not save modCrowdUser: ' . print_r($user->toArray, 1)); | |
| } | |
| } | |
| if ($authenticated && ($crowdGroups = $crowd->findGroupMemberships($user->get('username')))) { | |
| foreach ($crowdGroups as $group) { | |
| $modxGroup = $modx->getObject('modUserGroup', array('name' => $group)); | |
| if ($modxGroup) { | |
| if (!$modx->getObject('modUserGroupMember', array('user_group' => $modxGroup->get('id'), 'member' => $user->get('id')))) { | |
| $membership = $modx->newObject('modUserGroupMember', array('user_group' => $modxGroup->get('id'), 'member' => $user->get('id'), 'role' => 1)); | |
| $membership->save(); | |
| } | |
| } | |
| } | |
| } | |
| } else { | |
| $modx->log(modX::LOG_LEVEL_ERROR, "Crowd authenticated user {$user->get('username')} but the user object was not a modCrowdUser instance: {$user->_class} " . print_r($modx->getAncestry('modCrowdUser', true), 1)); | |
| } | |
| } | |
| } | |
| } | |
| $modx->event->_output = $authenticated; | |
| break; | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment