From 6194e9375a9bc9ea15989ddb6da6420a2cdd3d34 Mon Sep 17 00:00:00 2001 From: Michael M Slusarz Date: Tue, 1 Jun 2010 03:04:04 -0600 Subject: [PATCH] Moved isAuthenticated() from horde/Auth to horde/Core --- agora/owner.php | 6 ----- ansel/lib/Ansel.php | 2 +- ansel/lib/Gallery.php | 5 +++-- ansel/lib/View/GalleryRenderer/Base.php | 5 +++-- ansel/lib/Widget/Actions.php | 5 +++-- ansel/templates/view/image.inc | 2 +- ansel/xppublish.php | 2 +- folks/account/resetpassword.php | 2 +- folks/edit/friends/approve.php | 2 +- folks/edit/friends/reject.php | 2 +- folks/edit/tabs.php | 2 +- folks/friends.php | 2 +- folks/lib/Block/my_comments.php | 2 +- folks/lib/Driver.php | 4 ++-- folks/lib/Folks.php | 2 +- folks/lib/Notification.php | 4 ++-- folks/login.php | 2 +- folks/search.php | 4 ++-- folks/templates/common-header.inc | 2 +- folks/templates/user/user.php | 6 ++--- folks/user.php | 4 ++-- framework/Auth/lib/Horde/Auth.php | 36 ------------------------------ framework/Core/lib/Horde/Registry.php | 39 +++++++++++++++++++++++++++++++-- framework/Rpc/lib/Horde/Rpc/Phpgw.php | 2 +- horde/login.php | 2 +- news/add.php | 2 +- news/lib/Block/my_comments.php | 2 +- news/mail.php | 2 +- news/reads.php | 2 +- whups/mybugs.php | 2 +- 30 files changed, 76 insertions(+), 80 deletions(-) diff --git a/agora/owner.php b/agora/owner.php index b18ceb124..a9bbac700 100644 --- a/agora/owner.php +++ b/agora/owner.php @@ -13,12 +13,6 @@ require_once dirname(__FILE__) . '/lib/Application.php'; Horde_Registry::appInit('agora'); -/* Only authenticated users should be using this. */ -if (!Horde_Auth::isAuthenticated()) { - $notification->push(_("You are not authorised for this action."), 'horde.warning'); - Horde_Auth::authenticateFailure('agora'); -} - /* Default to agora and current user if is not an admin. */ $scope = Horde_Util::getGet('scope', 'agora'); $owner = $registry->isAdmin() ? Horde_Util::getGet('owner', Horde_Auth::getAuth()) : Horde_Auth::getAuth(); diff --git a/ansel/lib/Ansel.php b/ansel/lib/Ansel.php index 3c25fc12e..933a90c88 100644 --- a/ansel/lib/Ansel.php +++ b/ansel/lib/Ansel.php @@ -602,7 +602,7 @@ class Ansel : '__noselection'); } - if ($conf['faces']['driver'] && Horde_Auth::isAuthenticated()) { + if ($conf['faces']['driver'] && $registry->isAuthenticated()) { $menu->add(Horde::applicationUrl('faces/search/all.php'), _("_Faces"), 'user.png', Horde_Themes::img(null, 'horde')); } diff --git a/ansel/lib/Gallery.php b/ansel/lib/Gallery.php index eb692ac2e..33501e41b 100644 --- a/ansel/lib/Gallery.php +++ b/ansel/lib/Gallery.php @@ -98,7 +98,7 @@ class Ansel_Gallery extends Horde_Share_Object_Sql_Hierarchical return true; case 'authenticated': - return Horde_Auth::isAuthenticated(); + return $GLOBALS['registry']->isAuthenticated(); case 'edit': return $this->hasPermission(Horde_Auth::getAuth(), Horde_Perms::EDIT); @@ -822,7 +822,8 @@ class Ansel_Gallery extends Horde_Share_Object_Sql_Hierarchical } // Can we hook user's age? - if ($GLOBALS['conf']['ages']['hook'] && Horde_Auth::isAuthenticated()) { + if ($GLOBALS['conf']['ages']['hook'] && + $GLOBALS['registry']->isAuthenticated()) { $result = Horde::callHook('_ansel_hook_user_age'); if (is_int($result)) { $_SESSION['ansel']['user_age'] = $result; diff --git a/ansel/lib/View/GalleryRenderer/Base.php b/ansel/lib/View/GalleryRenderer/Base.php index a95a08fb8..4cc0feebd 100644 --- a/ansel/lib/View/GalleryRenderer/Base.php +++ b/ansel/lib/View/GalleryRenderer/Base.php @@ -35,7 +35,7 @@ abstract class Ansel_View_GalleryRenderer_Base /** * The current page we are viewing - * + * * @var integer */ public $page = 0; @@ -150,7 +150,8 @@ abstract class Ansel_View_GalleryRenderer_Base /* Don't show action widget if no actions */ if (Horde_Auth::getAuth() || !empty($conf['report_content']['driver']) && - (($conf['report_content']['allow'] == 'authenticated' && Horde_Auth::isAuthenticated()) || + (($conf['report_content']['allow'] == 'authenticated' && + $GLOBALS['registry']->isAuthenticated()) || $conf['report_content']['allow'] == 'all')) { $this->view->addWidget(Ansel_Widget::factory('Actions')); diff --git a/ansel/lib/Widget/Actions.php b/ansel/lib/Widget/Actions.php index e8c77829e..7b98c4de3 100644 --- a/ansel/lib/Widget/Actions.php +++ b/ansel/lib/Widget/Actions.php @@ -22,7 +22,7 @@ class Ansel_Widget_Actions extends Ansel_Widget_Base } /** - * + * * @see ansel/lib/Widget/Ansel_Widget_Base#html() */ public function html() @@ -183,7 +183,8 @@ class Ansel_Widget_Actions extends Ansel_Widget_Base $this->_view->gallery->get('owner') == Horde_Auth::getAuth()) { $html .= '
  • ' . Horde::link('#', '', 'popup widget', '', Horde::popupJs(Horde::applicationUrl('perms.php'), array('params' => array('cid' => $this->_view->gallery->id), 'urlencode' => true)) . 'return false;') . Horde::img('perms.png') . ' ' . _("Set permissions") . '
    • '; } elseif (!empty($conf['report_content']['driver']) && - (($conf['report_content']['allow'] == 'authenticated' && Horde_Auth::isAuthenticated()) || + (($conf['report_content']['allow'] == 'authenticated' && + $registry->isAuthenticated()) || $conf['report_content']['allow'] == 'all')) { $reporturl = Horde_Util::addParameter(Horde::applicationUrl('report.php'), diff --git a/ansel/templates/view/image.inc b/ansel/templates/view/image.inc index 6b040f470..1e29d1c4a 100644 --- a/ansel/templates/view/image.inc +++ b/ansel/templates/view/image.inc @@ -73,7 +73,7 @@ function arrowHandler(e) $this->gallery->get('owner') != Horde_Auth::getAuth()) && !empty($GLOBALS['conf']['report_content']['driver']) && (($conf['report_content']['allow'] == 'authenticated' && - Horde_Auth::isAuthenticated()) || + $GLOBALS['registry']->isAuthenticated()) || $conf['report_content']['allow'] == 'all')) { $actionHTML .= ($needSeperator ? ' | ' : '' ) . Horde::link($this->_urls['report']) . _("Report") . ''; diff --git a/ansel/xppublish.php b/ansel/xppublish.php index 737065101..bbb865750 100644 --- a/ansel/xppublish.php +++ b/ansel/xppublish.php @@ -53,7 +53,7 @@ if ($cmd == 'login') { } // If we don't have a valid login, print the login form. -if (!Horde_Auth::isAuthenticated()) { +if (!$registry->isAuthenticated()) { $PUBLISH_ONNEXT = 'login.submit();'; $PUBLISH_CMD = 'login.username.focus();'; require ANSEL_TEMPLATES . '/xppublish/login.inc'; diff --git a/folks/account/resetpassword.php b/folks/account/resetpassword.php index a0a74e727..17f5e1da0 100644 --- a/folks/account/resetpassword.php +++ b/folks/account/resetpassword.php @@ -29,7 +29,7 @@ function _getCAPTCHA($new = false) } // We are already logged -if (Horde_Auth::isAuthenticated()) { +if ($registry->isAuthenticated()) { header('Location: ' . Folks::getUrlFor('user', Horde_Auth::getAuth())); exit; } diff --git a/folks/edit/friends/approve.php b/folks/edit/friends/approve.php index 0b15d6e28..d43b6f510 100644 --- a/folks/edit/friends/approve.php +++ b/folks/edit/friends/approve.php @@ -14,7 +14,7 @@ require_once dirname(__FILE__) . '/../../lib/base.php'; require_once FOLKS_BASE . '/lib/Friends.php'; -if (!Horde_Auth::isAuthenticated()) { +if (!$registry->isAuthenticated()) { Horde_Auth::authenticateFailure('folks'); } diff --git a/folks/edit/friends/reject.php b/folks/edit/friends/reject.php index 9877584b5..628dcf693 100644 --- a/folks/edit/friends/reject.php +++ b/folks/edit/friends/reject.php @@ -14,7 +14,7 @@ require_once dirname(__FILE__) . '/../../lib/base.php'; require_once FOLKS_BASE . '/lib/Friends.php'; -if (!Horde_Auth::isAuthenticated()) { +if (!$registry->isAuthenticated()) { Horde_Auth::authenticateFailure('folks'); } diff --git a/folks/edit/tabs.php b/folks/edit/tabs.php index 19da84632..12ef40521 100644 --- a/folks/edit/tabs.php +++ b/folks/edit/tabs.php @@ -11,7 +11,7 @@ * @package Folks */ -if (!Horde_Auth::isAuthenticated()) { +if (!$registry->isAuthenticated()) { Horde_Auth::authenticateFailure('folks'); } diff --git a/folks/friends.php b/folks/friends.php index 18c8d9f14..085902998 100644 --- a/folks/friends.php +++ b/folks/friends.php @@ -14,7 +14,7 @@ require_once dirname(__FILE__) . '/lib/base.php'; require_once FOLKS_BASE . '/lib/Forms/Activity.php'; -if (!Horde_Auth::isAuthenticated()) { +if (!$registry->isAuthenticated()) { Horde_Auth::authenticateFailure('folks'); } diff --git a/folks/lib/Block/my_comments.php b/folks/lib/Block/my_comments.php index b00ff9bbd..ade8f926f 100644 --- a/folks/lib/Block/my_comments.php +++ b/folks/lib/Block/my_comments.php @@ -36,7 +36,7 @@ class Horde_Block_folks_my_comments extends Horde_Block { */ function _content() { - if (!Horde_Auth::isAuthenticated()) { + if (!$GLOBALS['registry']->isAuthenticated()) { return ''; } diff --git a/folks/lib/Driver.php b/folks/lib/Driver.php index 24f741531..4d0e02440 100644 --- a/folks/lib/Driver.php +++ b/folks/lib/Driver.php @@ -272,7 +272,7 @@ class Folks_Driver { $this->_updateOnlineStatus(); // Update profile - if (Horde_Auth::isAuthenticated()) { + if ($GLOBALS['registry']->isAuthenticated()) { $this->_saveProfile(array('last_online_on' => $_SERVER['REQUEST_TIME']), Horde_Auth::getAuth()); } } @@ -420,7 +420,7 @@ class Folks_Driver { */ function logView($id) { - if (!Horde_Auth::isAuthenticated() || Horde_Auth::getAUth() == $id) { + if (!$GLOBALS['registry']->isAuthenticated() || Horde_Auth::getAUth() == $id) { return false; } diff --git a/folks/lib/Folks.php b/folks/lib/Folks.php index 35b0795a7..c2adba31b 100644 --- a/folks/lib/Folks.php +++ b/folks/lib/Folks.php @@ -266,7 +266,7 @@ class Folks { // If there is no email set use the registration one if (empty($email)) { - if (Horde_Auth::isAuthenticated()) { + if ($GLOBALS['registry']->isAuthenticated()) { $profile = $GLOBALS['folks_driver']->getProfile($user); } else { $profile = $GLOBALS['folks_driver']->getRawProfile($user); diff --git a/folks/lib/Notification.php b/folks/lib/Notification.php index acc7df528..e02f73606 100644 --- a/folks/lib/Notification.php +++ b/folks/lib/Notification.php @@ -50,7 +50,7 @@ class Folks_Notification { $result = false; if (empty($user)) { - if (Horde_Auth::isAuthenticated()) { + if ($GLOBALS['registry']->isAuthenticated()) { $user = Horde_Auth::getAuth(); } else { return true; @@ -92,7 +92,7 @@ class Folks_Notification { $result = false; if (empty($user)) { - if (Horde_Auth::isAuthenticated()) { + if ($GLOBALS['registry']->isAuthenticated()) { $user = Horde_Auth::getAuth(); } else { return true; diff --git a/folks/login.php b/folks/login.php index b6da13d16..410b8657e 100644 --- a/folks/login.php +++ b/folks/login.php @@ -94,7 +94,7 @@ $login_url = Horde_Util::addParameter(Horde::getServiceLink('login', 'folks'), ' /* * We are already logged in? */ -if (Horde_Auth::isAuthenticated()) { +if ($registry->isAuthenticated()) { if (empty($url_param)) { $url_param = Folks::getUrlFor('user', Horde_Auth::getAuth()); } diff --git a/folks/search.php b/folks/search.php index 046df1eb0..6bd39f5e7 100644 --- a/folks/search.php +++ b/folks/search.php @@ -73,7 +73,7 @@ if (!empty($criteria)) { $users = array(); } -if (Horde_Auth::isAuthenticated()) { +if ($registry->isAuthenticated()) { $queries = $folks_driver->getSavedSearch(); if ($queries instanceof PEAR_Error) { $notification->push($queries); @@ -92,7 +92,7 @@ require FOLKS_TEMPLATES . '/list/list.php'; echo '
    '; $form->renderActive(null, null, null, 'post'); -if (Horde_Auth::isAuthenticated()) { +if ($registry->isAuthenticated()) { require FOLKS_TEMPLATES . '/list/search.php'; } diff --git a/folks/templates/common-header.inc b/folks/templates/common-header.inc index 8827ce1f4..1e2e32a3f 100644 --- a/folks/templates/common-header.inc +++ b/folks/templates/common-header.inc @@ -22,7 +22,7 @@ Horde::includeScriptFiles(); <?php echo htmlspecialchars($page_title) ?> " /> - +isAuthenticated()): ?> " /> " /> " /> diff --git a/folks/templates/user/user.php b/folks/templates/user/user.php index c5391cc11..70e6a073e 100644 --- a/folks/templates/user/user.php +++ b/folks/templates/user/user.php @@ -50,7 +50,7 @@ include FOLKS_TEMPLATES . '/user/actions.php'; echo '' . _("Offline") . ''; if ($profile['last_online_on'] && ($profile['last_online'] == 'all' || - Horde_Auth::isAuthenticated() && ( + $GLOBALS['registry']->isAuthenticated() && ( $profile['last_online'] == 'authenticated' || $profile['last_online'] == 'friends' && $friends_driver->isFriend(Horde_Auth::getAuth()))) ) { @@ -373,7 +373,7 @@ case 'never': break; case 'authenticated': - $allow_comments = Horde_Auth::isAuthenticated(); + $allow_comments = $GLOBALS['registry']->isAuthenticated(); if ($allow_comments) { if ($friends_driver->isBlacklisted(Horde_Auth::getAuth())) { $allow_comments = false; @@ -394,7 +394,7 @@ case 'friends': default: $allow_comments = true; - if (Horde_Auth::isAuthenticated() && $friends_driver->isBlacklisted(Horde_Auth::getAuth())) { + if ($GLOBALS['registry']->isAuthenticated() && $friends_driver->isBlacklisted(Horde_Auth::getAuth())) { $allow_comments = false; $comments_reason = sprintf(_("You are on %s blacklist."), $user); } diff --git a/folks/user.php b/folks/user.php index 90f520fd6..fb5b0f176 100644 --- a/folks/user.php +++ b/folks/user.php @@ -31,7 +31,7 @@ $folks_driver->logView($user); // Get user activity if ($profile['activity_log'] == 'all' || - Horde_Auth::isAuthenticated() && ( + $registry->isAuthenticated() && ( $profile['activity_log'] == 'authenticated' || $profile['activity_log'] == 'friends' && $friends_driver->isFriend($user)) ) { @@ -83,7 +83,7 @@ case 'private': break; case 'public_authenticated': - if (Horde_Auth::isAuthenticated()) { + if ($registry->isAuthenticated()) { require FOLKS_TEMPLATES . '/user/user.php'; } else { require FOLKS_TEMPLATES . '/user/authenticated.php'; diff --git a/framework/Auth/lib/Horde/Auth.php b/framework/Auth/lib/Horde/Auth.php index f1634ed78..0269b067c 100644 --- a/framework/Auth/lib/Horde/Auth.php +++ b/framework/Auth/lib/Horde/Auth.php @@ -330,42 +330,6 @@ class Horde_Auth } /** - * Checks if there is a session with valid auth information. If there - * isn't, but the configured Auth driver supports transparent - * authentication, then we try that. - * - * @params array $options Additional options: - * 
    -     * 'app' - (string) Check authentication for this app.
-     *         DEFAULT: Checks horde-wide authentication.
-     *
    - * - * @return boolean Whether or not the user is authenticated. - * @throws Horde_Auth_Exception - */ - static public function isAuthenticated($options = array()) - { - /* Check for cached authentication results. */ - if (self::getAuth()) { - $driver = (empty($options['app']) || ($options['app'] == 'horde')) - ? $GLOBALS['conf']['auth']['driver'] - : $options['app']; - - if (($_SESSION['horde_auth']['driver'] == $driver) || - isset($_SESSION['horde_auth']['app'][$driver])) { - return self::checkExistingAuth(); - } - } - - /* Try transparent authentication. */ - $auth = (empty($options['app']) || ($options['app'] == 'horde')) - ? $GLOBALS['injector']->getInstance('Horde_Auth')->getOb() - : $GLOBALS['injector']->getInstance('Horde_Auth')->getOb('application', array('app' => $options['app'])); - - return $auth->transparent(); - } - - /** * Check existing auth for triggers that might invalidate it. * * @return boolean Is existing auth valid? diff --git a/framework/Core/lib/Horde/Registry.php b/framework/Core/lib/Horde/Registry.php index 40cb7920c..e28fe7bca 100644 --- a/framework/Core/lib/Horde/Registry.php +++ b/framework/Core/lib/Horde/Registry.php @@ -1088,7 +1088,7 @@ class Horde_Registry throw new Horde_Exception('User is not authorized', self::AUTH_FAILURE); } if (!$this->hasPermission($app, Horde_Perms::READ)) { - if (!Horde_Auth::isAuthenticated(array('app' => $app))) { + if (!$this->isAuthenticated(array('app' => $app))) { throw new Horde_Exception('User is not authorized', self::AUTH_FAILURE); } @@ -1216,7 +1216,7 @@ class Horde_Registry /* Always do isAuthenticated() check first. You can be an admin, but * application auth != Horde admin auth. And there can *never* be * non-SHOW access to an application that requires authentication. */ - if (!Horde_Auth::isAuthenticated(array('app' => $app)) && + if (!$this->isAuthenticated(array('app' => $app)) && $this->requireAuth($app) && ($perms != Horde_Perms::SHOW)) { return false; @@ -1637,4 +1637,39 @@ class Horde_Registry : $GLOBALS['injector']->getInstance('Horde_Auth')->getOb('application', array('app' => $app))->requireAuth(); } + /** + * Checks if there is a session with valid auth information. If there + * isn't, but the configured Auth driver supports transparent + * authentication, then we try that. + * + * @params array $options Additional options: + * 
    +     * 'app' - (string) Check authentication for this app.
+     *         DEFAULT: Checks horde-wide authentication.
+     *
    + * + * @return boolean Whether or not the user is authenticated. + */ + public function isAuthenticated($options = array()) + { + /* Check for cached authentication results. */ + if (Horde_Auth::getAuth()) { + $driver = (empty($options['app']) || ($options['app'] == 'horde')) + ? $GLOBALS['conf']['auth']['driver'] + : $options['app']; + + if (($_SESSION['horde_auth']['driver'] == $driver) || + isset($_SESSION['horde_auth']['app'][$driver])) { + return Horde_Auth::checkExistingAuth(); + } + } + + /* Try transparent authentication. */ + $auth = (empty($options['app']) || ($options['app'] == 'horde')) + ? $GLOBALS['injector']->getInstance('Horde_Auth')->getOb() + : $GLOBALS['injector']->getInstance('Horde_Auth')->getOb('application', array('app' => $options['app'])); + + return $auth->transparent(); + } + } diff --git a/framework/Rpc/lib/Horde/Rpc/Phpgw.php b/framework/Rpc/lib/Horde/Rpc/Phpgw.php index dc95b52cb..61946471f 100644 --- a/framework/Rpc/lib/Horde/Rpc/Phpgw.php +++ b/framework/Rpc/lib/Horde/Rpc/Phpgw.php @@ -90,7 +90,7 @@ class Horde_Rpc_Phpgw extends Horde_Rpc } // Be authenticated or call system.login. - $authenticated = Horde_Auth::isAuthenticated() || $method== "phpgw/system/login"; + $authenticated = $registry->isAuthenticated() || $method== "phpgw/system/login"; if ($authenticated) { Horde::logMessage("rpc call $method allowed", 'NOTICE'); diff --git a/horde/login.php b/horde/login.php index d7a7030d1..e64354135 100644 --- a/horde/login.php +++ b/horde/login.php @@ -85,7 +85,7 @@ try { } catch (Horde_Exception $e) {} $app = Horde_Util::getFormData('app'); -$is_auth = Horde_Auth::isAuthenticated(); +$is_auth = $registry->isAuthenticated(); /* This ensures index.php doesn't pick up the 'url' parameter. */ $horde_login_url = ''; diff --git a/news/add.php b/news/add.php index 786372120..ca5ec7bfa 100644 --- a/news/add.php +++ b/news/add.php @@ -88,7 +88,7 @@ function _max_upload_size() } // Is logged it? -if (!Horde_Auth::isAuthenticated()) { +if (!$registry->isAuthenticated()) { $notification->push(_("Only authenticated users can post news."), 'horde.warning'); Horde_Auth::authenticateFailure('news'); } diff --git a/news/lib/Block/my_comments.php b/news/lib/Block/my_comments.php index 2feba13b8..1ae4439e0 100644 --- a/news/lib/Block/my_comments.php +++ b/news/lib/Block/my_comments.php @@ -36,7 +36,7 @@ class Horde_Block_news_my_comments extends Horde_Block { */ function _content() { - if (!Horde_Auth::isAuthenticated()) { + if (!$GLOBALS['registry']->isAuthenticated()) { return ''; } diff --git a/news/mail.php b/news/mail.php index 19a9eae4c..68e58185c 100644 --- a/news/mail.php +++ b/news/mail.php @@ -31,7 +31,7 @@ function _error($msg) exit; } -if (!Horde_Auth::isAuthenticated()) { +if (!$registry->isAuthenticated()) { _error(_("Only authenticated users can send mails.")); } diff --git a/news/reads.php b/news/reads.php index 077632c2d..fbabfdabc 100644 --- a/news/reads.php +++ b/news/reads.php @@ -13,7 +13,7 @@ require_once dirname(__FILE__) . '/lib/base.php'; -if (!Horde_Auth::isAuthenticated()) { +if (!$registry->isAuthenticated()) { Horde_Auth::authenticateFailure('news'); } diff --git a/whups/mybugs.php b/whups/mybugs.php index a188ef9c9..f51fbf49b 100644 --- a/whups/mybugs.php +++ b/whups/mybugs.php @@ -34,7 +34,7 @@ if ($r_time = $prefs->getValue('summary_refresh_time')) { // block set for guests. $mybugs_layout = @unserialize($prefs->getValue('mybugs_layout')); if (!$mybugs_layout) { - if (Horde_Auth::isAuthenticated()) { + if ($registry->isAuthenticated()) { $mybugs_layout = array( array(array('app' => 'whups', 'params' => array('type' => 'mytickets', 'params' => false), 'height' => 1, 'width' => 1)), array(array('app' => 'whups', 'params' => array('type' => 'myrequests', 'params' => false), 'height' => 1, 'width' => 1)), -- 2.11.0