File: var.auth

package info (click to toggle)
wims 2%3A4.29a%2Bdfsg1-3
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 185,704 kB
  • sloc: xml: 366,687; javascript: 120,570; ansic: 62,341; java: 62,170; sh: 7,744; perl: 3,937; yacc: 3,217; cpp: 1,915; lex: 1,805; makefile: 1,084; lisp: 914; pascal: 601; python: 520; php: 318; asm: 7
file content (280 lines) | stat: -rw-r--r-- 8,280 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
 
!if $auth_password=*wims_site_manager
  !if $wims_ismanager<2
    auth_password=
  !else
    wims_realuser=SUPERVISOR
    !goto auth_ok
  !endif
!endif

!if $save_logincgu!=$empty
  !if $agreecgu=yes
    !read adm/class/userdef wimshome/log/classes,$class,$save_logincgu
    !setdef !set user_agreecgu=yes in $userdef
    !readdef $userdef
    !reset error
    !if $auth_test=OK
      !goto auth_ok2
    !endif
  !endif
  !!!reset $save_logincgu
!endif

!read adm/class/authchars
auth_user=!word 1 of $auth_user
auth_password=!word 1 of $auth_password

# new variables to keep original data (used only in external authentication)
auth_user_connection=$auth_user
auth_password_connection=$auth_password

##### EXTERNAL connection - part 1 #####
!!default sclass=$class

!if ($auth_user notsametext supervisor or $class_type>0) and $auth_method isitemof $auth_method_list
  authdef=wimshome/log/classes/$superclass/.def

  # don't use auth_user and auth_password, some characters are unavailable
  # parameters are empty for auth-cas
  !readproc adm/class/auth-$auth_method $auth_user_connection,$auth_password_connection
!endif
##### end of EXTERNAL connection - part 1 #####

# now we can run the script
!if $auth_method isitemof $auth_method_list and $auth_user!=supervisor
  auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.userlist_external
  !if $auth_user=$empty
    auth_user=!lookup $auth_user_orig in wimshome/log/classes/$superclass/.teacherlist_external
  !endif
!endif
!!for retrocompatibility
!set char_login=$char_punct$char_login
auth_user=!translate internal . to @ in $auth_user
auth_user=!text select $char_login in $auth_user

auth_password=!text select $char_passwd in $auth_password
now=$wims_now
logfile=wimshome/log/classes/$class/.log.auth
logfiles=wimshome/log/classes/$class/.log
logline=$now $auth_user   $$passwd	$httpd_REMOTE_ADDR

!read adm/class/userdef classes,$class,$auth_user

pass=!defof user_password in $userdef
!! passcrypt $empty returns $empty but !setdef must not been done
!if $pass!=$empty
  pass=!passcrypt $pass
  !setdef !set user_password=$pass in $userdef
!endif

##FIXME ### Have to check that sclass is no yet useful
sclass=!defof class_superclass in wimshome/log/classes/$class/.def
!if $superclass!=$empty and $superclass!=$class
  upartic=!defof user_participate in $userdef
  usuperv=!defof user_supervise in $userdef
  pclass=!defof class_parent in wimshome/log/classes/$class/.def
  !if / isin $pclass and ../$pclass/ isin ../$class
    ss=!defof class_ocourses in wimshome/log/classes/$pclass/.def
    !if $ss!=$empty
      ss=!makelist $wims_superclass/xx for xx in $ss
      upartic=!append item $ss to $upartic
    !endif
  !endif
  coursecheck=!defof user_class in wimshome/log/classes/$class/.users/$auth_user
  !if $coursecheck!=$empty
    upartic=!append item $class to $upartic
  !endif
  !!check mandatory course
  dcourse=!record 0 of wimshome/log/classes/$pclass/courses
  dcourse=!column 1 of $dcourse
  !if $dcourse!=$empty
    dcourse=!makelist $superclass/xx for xx in $dcourse
    upartic=!append item $dcourse to $upartic
  !endif
  upartic=!listuniq $upartic
  !if $auth_user=supervisor and $wims_user=supervisor
    ctype=!defof class_typename in wimshome/log/classes/$class/.def
    prog=!defof sharing_exam in wimshome/log/classes/$class/neighbors
    !if $ctype iswordof course icourse and $prog=$wims_class
      pass=$current_pass
    !endif
  !endif
  !!upartic : no more authentification should check for optional courses ?
  !if $class notitemof $upartic and $auth_user!=supervisor and $wims_user!=supervisor
    pass=
  !endif
  # These lines should be opened later to close this possibility.
  # !if $auth_user=supervisor and $wims_user=$empty
  #  pass=
  # !endif
!endif

!if $auth_user=supervisor
  !goto wimsauth
!endif

##### final test of external connection #####
# finaly, we must check if user is allowed in class

exist_check=!defof user_exists in $userdef

!if OK iswordof $auth_test and $auth_method isitemof $auth_method_list
  !if $exist_check issametext yes
    !goto auth_ok
  !else
    !setdef user_auth=$auth_user_orig in wimshome/$wims_sesdir/var.stat
    !goto end
  !endif
!endif
##### end of final test of external connection #####
:wimsauth

pass=!passcrypt $pass
!if $pass=$empty
  !if $auth_user_connection=$empty
    !exit
  !endif
  passwd=????
  !appendfile $logfile $logline
  auth_user=$auth_user_connection
  error=bad_password
  !exit
!endif

!if $wims_superclass!=$empty and $wims_user!=supervisor and $auth_user!=$wims_user
  supervisable=!defof user_supervisable in wimshome/log/classes/$wims_superclass/.users/$wims_user
  !if $supervisable!=yes
    current_pass=
  !endif
!endif

auth_password_check=!passcheck $current_pass and $pass
!if ($auth_user!=$empty and $class $auth_user isitemof $wims_otherclass) or \
  ($current_pass!=$empty and $auth_password_check=yes) or \
  ($auth_user=$wims_user and $class isitemof $wims_participate) or \
  ($auth_user=supervisor and $wims_user=supervisor and \
    (../$wims_class/ isin ../$class/ or $superclass=$wims_class)) or \
  ($auth_user=supervisor and $class isitemof $wims_supervise)
  !goto auth_ok
!endif

!if $auth_password=$empty
  !exit
!endif

!read adm/class/authdelay
!if $auth_password_check=no
  !if $auth_user_orig=$empty and $auth_password=$empty
    !exit
  !endif
  passwd=??????
  !appendfile $logfile $logline
  auth_user=$auth_user_orig
  error=bad_password
  !exit
!endif

:auth_ok
!if $auth_user=supervisor and $wims_user!=$empty and $wims_user!=supervisor and \
    $class notitemof $wims_supervise
  userdef_save=$userdef
  !read adm/class/userdef classes,$wims_class,$wims_user
  !exchange userdef_save,userdef
  spv=!defof user_supervisable in $userdef_save
  !if $spv=yes
    wims_supervise=!append item $class to $wims_supervise
    !setdef !set user_supervise=$wims_supervise in $userdef_save
  !endif
!endif
n=!positionof word $auth_password in $pass
n=!item 1 of $n
!if $n!=$empty
  passwd=OK$n   $
!else
  passwd=$wims_class
!endif
# one-time password
!if $n!=$empty and $n>1
  pass=!replace word $auth_password by $ in $pass
  pass=!singlespace $pass
  pass=!trim $pass
  !setdef !set user_password=$pass in $userdef
!endif
:auth_ok2

!defread $userdef
ctype=!defof class_type in wimshome/log/classes/$class/.def
!if $ctype=4 and $auth_user!=supervisor and $user_supervisable!=yes\
  and (/ notin $wims_class or ../$wims_superclass/ notin ../$wims_class/)
  utest=!itemcnt $user_participate
  !if $utest=1 and / isin $user_participate
    class=!item 1 of $user_participate
    !defread wimshome/log/classes/$class/.def
  !endif
!endif
clang=!defof class_lang in wimshome/log/classes/$class/.def


!if $auth_user=supervisor
  sech=!defof class_secure in wimshome/log/classes/$class/.def
  sech=!trim $sech
  !if $sech=$empty
    t=0
  !else
    t=!checkhost $sech
    !if $t<1
      t=-1
    !endif
  !endif
  sup_secure=$t
!else
  !read adm/class/raftest
  !if $raftest>$lastallow
    error=recent_rafale
    !exit
  !endif
  sup_secure=-1
  !if $user_agreecgu notwordof yes external and $agreecgu!=yes
    error=no_cgu
    !exit
  !endif
!endif

!if / notin $class and $class<=9999 and anonymous isin $auth_user
  !read adm/class/anonymous.proc $class,$auth_user
  auth_user=$output_user
!endif
!read adm/class/authprep $class,$auth_user

!if $logfile!=$empty
  !if $auth_user=supervisor
    !appendfile $logfiles $now $httpd_REMOTE_ADDR   	supervisor login
  !else
    !appendfile $logfile $logline
  !endif
!endif

!if $class_lock=7 and $auth_user!=supervisor
  !usererror class_closed
  !exit
!endif

!if $class_lock iswordof 2 4 6
  !set wims_protocol=https
!endif
!if $wims_user=$empty and $changesession!=no
  !writefile wimshome/$wims_sesdir/var.class.prep $classdef
  random=!randint 10^5,10^9
  !restart session=new.$random&lang=$clang&old_session=$wims_session&module=home
!else
  !setdef $classdef in wimshome/$wims_sesdir/var.stat
  !sh cd $wims_home\
    rm -Rf $(wims_sesdir)_*\
    mkdir -p log/classes/$class/score $wims_sesdir/getfile\
    rm -f $wims_sesdir/exam*\
    rm -f $wims_sesdir/getfile/oefimages\
    ln -s $wims_home/log/classes/$class/src/images $wims_sesdir/getfile/oefimages
  !restart lang=$clang&module=home
!endif

:end