EndAccountSettingsNav: After showing the account settings menu
- $action: the current action
+StartAccountSettingsProfileMenuItem: Before showing the Profile menu item
+- $widget: AccountSettingsNav instance being shown
+
+EndAccountSettingsProfileMenuItem: After showing the Profile menu item
+- $widget: AccountSettingsNav instance being shown
+
+StartAccountSettingsAvatarMenuItem: Before showing the Avatar menu item
+- $widget: AccountSettingsNav instance being shown
+
+EndAccountSettingsAvatarMenuItem: After showing the Avatar menu item
+- $widget: AccountSettingsNav instance being shown
+
+StartAccountSettingsPasswordMenuItem: Before showing the Password menu item
+- $widget: AccountSettingsNav instance being shown
+
+EndAccountSettingsPasswordMenuItem: After showing the Password menu item
+- $widget: AccountSettingsNav instance being shown
+
+StartAccountSettingsEmailMenuItem: Before showing the Email menu item
+- $widget: AccountSettingsNav instance being shown
+
+EndAccountSettingsEmailMenuItem: After showing the Email menu item
+- $widget: AccountSettingsNav instance being shown
+
+StartAccountSettingsDesignMenuItem: Before showing the Design menu item
+- $widget: AccountSettingsNav instance being shown
+
+EndAccountSettingsDesignMenuItem: After showing the Design menu item
+- $widget: AccountSettingsNav instance being shown
+
+StartAccountSettingsOtherMenuItem: Before showing the Other menu item
+- $widget: AccountSettingsNav instance being shown
+
+EndAccountSettingsOtherMenuItem: After showing the Other menu item
+- $widget: AccountSettingsNav instance being shown
+
Autoload: When trying to autoload a class
- $cls: the class being sought. A plugin might require_once the file for the class.
EndChangePassword: After changing a password
- $nickname: user's nickname
-CanUserChangeField: Determines if a user is allowed to change a specific profile field
-- $nickname: nickname of the user who would like to know which of their profile fields are mutable
-- $field: name of the field the user wants to change (nickname, fullname, password, avatar, etc)
-
UserDeleteRelated: Specify additional tables to delete entries from when deleting users
- $user: User object
- &$related: array of DB_DataObject class names to delete entries on matching user_id.
if (Event::handle('StartAccountSettingsNav', array(&$this->action))) {
$user = common_current_user();
- $menu = array();
- $menu['profilesettings'] =
- array(_('Profile'),
- _('Change your profile settings'));
- if(Event::handle('CanUserChangeField', array($user->nickname, 'avatar'))){
- $menu['avatarsettings'] =
- array(_('Avatar'),
- _('Upload an avatar'));
+ if(Event::handle('StartAccountSettingsProfileMenuItem', array($this, &$menu))){
+ $this->showMenuItem('profilesettings',_('Profile'),_('Change your profile settings'));
+ Event::handle('EndAccountSettingsProfileMenuItem', array($this, &$menu));
}
- if(Event::handle('CanUserChangeField', array($user->nickname, 'password'))){
- $menu['passwordsettings'] =
- array(_('Password'),
- _('Change your password'));
+ if(Event::handle('StartAccountSettingsAvatarMenuItem', array($this, &$menu))){
+ $this->showMenuItem('avatarsettings',_('Avatar'),_('Upload an avatar'));
+ Event::handle('EndAccountSettingsAvatarMenuItem', array($this, &$menu));
}
- $menu['emailsettings'] =
- array(_('Email'),
- _('Change email handling'));
- $menu['userdesignsettings'] =
- array(_('Design'),
- _('Design your profile'));
- $menu['othersettings'] =
- array(_('Other'),
- _('Other options'));
-
- foreach ($menu as $menuaction => $menudesc) {
- $this->action->menuItem(common_local_url($menuaction),
- $menudesc[0],
- $menudesc[1],
- $action_name === $menuaction);
+ if(Event::handle('StartAccountSettingsPasswordMenuItem', array($this, &$menu))){
+ $this->showMenuItem('passwordsettings',_('Password'),_('Change your password'));
+ Event::handle('EndAccountSettingsPasswordMenuItem', array($this, &$menu));
+ }
+ if(Event::handle('StartAccountSettingsEmailMenuItem', array($this, &$menu))){
+ $this->showMenuItem('emailsettings',_('Email'),_('Change email handling'));
+ Event::handle('EndAccountSettingsEmailMenuItem', array($this, &$menu));
+ }
+ if(Event::handle('StartAccountSettingsDesignMenuItem', array($this, &$menu))){
+ $this->showMenuItem('userdesignsettings',_('Design'),_('Design your profile'));
+ Event::handle('EndAccountSettingsDesignMenuItem', array($this, &$menu));
+ }
+ if(Event::handle('StartAccountSettingsOtherMenuItem', array($this, &$menu))){
+ $this->showMenuItem('othersettings',_('Other'),_('Other options'));
+ Event::handle('EndAccountSettingsOtherMenuItem', array($this, &$menu));
}
Event::handle('EndAccountSettingsNav', array(&$this->action));
$this->action->elementEnd('ul');
}
+
+ function showMenuItem($menuaction, $desc1, $desc2)
+ {
+ $action_name = $this->action->trimmed('action');
+ $this->action->menuItem(common_local_url($menuaction),
+ $desc1,
+ $desc2,
+ $action_name === $menuaction);
+ }
}
abstract class AuthPlugin extends Plugin
{
//is this plugin authoritative for authentication?
- protected $authn_authoritative = false;
+ public $authn_authoritative = false;
//should accounts be automatically created after a successful login attempt?
- protected $autoregistration = false;
-
+ public $autoregistration = false;
+
+ //can the user change their email address
+ public $email_changeable=true;
+
+ //can the user change their email address
+ public $password_changeable=true;
+
//------------Auth plugin should implement some (or all) of these methods------------\\
/**
* Check if a nickname/password combination is valid
}
function StartCheckPassword($nickname, $password, &$authenticatedUser){
- $authenticated = $this->checkPassword($nickname, $password);
- if($authenticated){
- $authenticatedUser = User::staticGet('nickname', $nickname);
- if(!$authenticatedUser && $this->autoregistration){
- if($this->autoregister($nickname)){
- $authenticatedUser = User::staticGet('nickname', $nickname);
+ if($this->password_changeable){
+ $authenticated = $this->checkPassword($nickname, $password);
+ if($authenticated){
+ $authenticatedUser = User::staticGet('nickname', $nickname);
+ if(!$authenticatedUser && $this->autoregistration){
+ if($this->autoregister($nickname)){
+ $authenticatedUser = User::staticGet('nickname', $nickname);
+ }
+ }
+ return false;
+ }else{
+ if($this->authn_authoritative){
+ return false;
}
}
- return false;
+ //we're not authoritative, so let other handlers try
}else{
if($this->authn_authoritative){
- return false;
+ //since we're authoritative, no other plugin could do this
+ throw new Exception(_('Password changing is not allowed'));
}
}
- //we're not authoritative, so let other handlers try
}
function onStartChangePassword($nickname,$oldpassword,$newpassword)
{
- $authenticated = $this->checkPassword($nickname, $oldpassword);
- if($authenticated){
- $result = $this->changePassword($nickname,$oldpassword,$newpassword);
- if($result){
- //stop handling of other handlers, because what was requested was done
- return false;
+ if($this->password_changeable){
+ $authenticated = $this->checkPassword($nickname, $oldpassword);
+ if($authenticated){
+ $result = $this->changePassword($nickname,$oldpassword,$newpassword);
+ if($result){
+ //stop handling of other handlers, because what was requested was done
+ return false;
+ }else{
+ throw new Exception(_('Password changing failed'));
+ }
}else{
- throw new Exception(_('Password changing failed'));
+ if($this->authn_authoritative){
+ //since we're authoritative, no other plugin could do this
+ throw new Exception(_('Password changing failed'));
+ }else{
+ //let another handler try
+ return null;
+ }
}
}else{
if($this->authn_authoritative){
//since we're authoritative, no other plugin could do this
- throw new Exception(_('Password changing failed'));
- }else{
- //let another handler try
- return null;
+ throw new Exception(_('Password changing is not allowed'));
}
}
-
+ }
+
+ function onStartAccountSettingsPasswordMenuItem($widget)
+ {
+ if($this->authn_authoritative && !$this->password_changeable){
+ //since we're authoritative, no other plugin could change passwords, so do render the menu item
+ return false;
+ }
}
}
class LdapPlugin extends AuthPlugin
{
+ public $host=null;
+ public $port=null;
+ public $version=null;
+ public $starttls=null;
+ public $binddn=null;
+ public $bindpw=null;
+ public $basedn=null;
+ public $options=null;
+ public $filter=null;
+ public $scope=null;
+ public $attributes=array();
function __construct()
{
$keys = array('host','port','version','starttls','binddn','bindpw','basedn','options','filter','scope');
foreach($keys as $key){
$value = $this->$key;
- if($value!==false){
+ if($value!==null){
$config[$key]=$value;
}
}
============
add "addPlugin('ldap', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php
-
-
Settings
========
-authn_authoritative: Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database).
-autoregistration: Set to true if users should be automatically created when they attempt to login.
+authn_authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database).
+autoregistration (false): Set to true if users should be automatically created when they attempt to login.
+email_changeable (true): Are users allowed to change their email address? (true or false)
+password_changeable (true): Are users allowed to change their passwords? (true or false)
host*: LDAP server name to connect to. You can provide several hosts in an array in which case the hosts are tried from left to right.. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
port: Port on the server. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
location
* required
+default values are in (parenthesis)
Example
=======
Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory.
addPlugin('ldap', array(
+ 'authn_authoritative'=>true,
+ 'autoregistration'=>true,
'binddn'=>'username',
'bindpw'=>'password',
'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
projects / quix0rs-gnu-social.git / commitdiff