3 * StatusNet, the distributed open-source microblogging tool
5 * Superclass for plugins that do authorization
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Craig Andrews <candrews@integralblue.com>
25 * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET') && !defined('LACONICA')) {
35 * Superclass for plugins that do authorization
39 * @author Craig Andrews <candrews@integralblue.com>
40 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
41 * @link http://status.net/
43 abstract class AuthorizationPlugin extends Plugin
45 //is this plugin authoritative for authorization?
46 public $authoritative = false;
48 //------------Auth plugin should implement some (or all) of these methods------------\\
51 * Is a user allowed to log in?
53 * @return boolean true if the user is allowed to login, false if explicitly not allowed to login, null if we don't explicitly allow or deny login
55 function loginAllowed($user) {
60 * Does a profile grant the user a named role?
62 * @return boolean true if the profile has the role, false if not
64 function hasRole($profile, $name) {
68 //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\
70 function onStartSetUser($user) {
71 $loginAllowed = $this->loginAllowed($user);
72 if($loginAllowed === true){
74 }else if($loginAllowed === false){
78 if($this->authoritative) {
87 function onStartSetApiUser($user) {
88 return $this->onStartSetUser($user);
91 function onStartHasRole($profile, $name, &$has_role) {
92 if($this->hasRole($profile, $name)){
96 if($this->authoritative) {