You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
200 lines
7.8 KiB
200 lines
7.8 KiB
<?php
|
|
|
|
// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
|
|
//
|
|
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
|
|
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
|
|
// $Id$
|
|
|
|
/**
|
|
* @return array
|
|
*/
|
|
function module_domain_password_info()
|
|
{
|
|
return [
|
|
'name' => tra('Domain Password'),
|
|
'description' => tra('Store personal passwords for other domains securely in Tiki'),
|
|
'prefs' => ['feature_user_encryption'],
|
|
'params' => [
|
|
'domain' => [
|
|
'name' => tra('Domain'),
|
|
'description' => tra('System the credentials apply for. The name must match a defined Password Domain'),
|
|
],
|
|
'use_currentuser' => [
|
|
'name' => tra('Use current user'),
|
|
'description' => tra('Use the currently logged-in user. The username is not editable. (y/n) Default: y'),
|
|
],
|
|
'can_update' => [
|
|
'name' => tra('Can Update'),
|
|
'description' => tra('If "y" the user can update the values, otherwise the display is read-only (y/n). Default: n'),
|
|
],
|
|
'show_domain_prompt' => [
|
|
'name' => tra('Show domain prompt'),
|
|
'description' => tra('If "y" the word "domain" is shown before the domain. Otherwise the domain name takes the full row (y/n). Default: y'),
|
|
],
|
|
],
|
|
'common_params' => ['nonums', 'rows']
|
|
];
|
|
}
|
|
|
|
/**
|
|
* @param $mod_reference
|
|
* @param $module_params
|
|
*/
|
|
function module_domain_password($mod_reference, $module_params)
|
|
{
|
|
global $prefs, $user;
|
|
$smarty = TikiLib::lib('smarty');
|
|
$tikilib = TikiLib::lib('tiki');
|
|
|
|
// Allow for multiple modules on one page
|
|
$moduleNr = $mod_reference['moduleId'];
|
|
$moduleNr = str_replace('wikiplugin_', '', $moduleNr); // Remove the leading wikiplugin_ when used in a wiki page
|
|
$cntModule = (int)$moduleNr;
|
|
$dompwdCount = 0;
|
|
if (isset($_REQUEST['dompwdCount'])) {
|
|
$dompwdCount = (int)$_REQUEST['dompwdCount'];
|
|
}
|
|
$smarty->assign('dompwdCount', $cntModule);
|
|
|
|
|
|
// Use a static array of smarty variables, to support multiple modules on a single page
|
|
static $errors = [];
|
|
$errors[$cntModule] = [];
|
|
|
|
static $can_update = [];
|
|
static $edit_option = [];
|
|
static $use_currentuser = [];
|
|
static $username = [];
|
|
static $domainDisplayPrompt = [];
|
|
|
|
$hasDomain = false;
|
|
|
|
// Determine domain
|
|
$domain = '';
|
|
if (! empty($module_params['domain'])) {
|
|
$domain = $module_params['domain'];
|
|
$smarty->assign('domain', $domain);
|
|
}
|
|
|
|
// Domain display option
|
|
$domainDisplayPrompt[$cntModule] = 'y';
|
|
if (! empty($module_params['show_domain_prompt'])) {
|
|
$domainDisplayPrompt[$cntModule] = $module_params['show_domain_prompt'];
|
|
}
|
|
$smarty->assign('domainDisplayPrompt', $domainDisplayPrompt);
|
|
|
|
|
|
if (empty($user)) {
|
|
$errors[$cntModule][] = tra('You are not logged in');
|
|
} else {
|
|
try {
|
|
$cryptlib = TikiLib::lib('crypt');
|
|
$cryptlib->init();
|
|
|
|
// Determine domain
|
|
if (! empty($domain)) {
|
|
// Validate the domain
|
|
$allDomains = $cryptlib->getPasswordDomains();
|
|
if (! $allDomains) {
|
|
$errors[$cntModule][] = tra('No Password Domains found');
|
|
} elseif (! in_array($domain, $allDomains)) {
|
|
$errors[$cntModule][] = tra('Domain is not valid');
|
|
} else {
|
|
$hasDomain = true;
|
|
}
|
|
} else {
|
|
$errors[$cntModule][] = tra('No domain specified');
|
|
}
|
|
|
|
// Determine if writable
|
|
$can_update[$cntModule] = 'n';
|
|
if (! empty($module_params['can_update'])) {
|
|
$can_update[$cntModule] = $module_params['can_update'];
|
|
}
|
|
|
|
$isSaving = isset($_REQUEST['saveButton' . $cntModule]) ? true : false;
|
|
|
|
// Determine user
|
|
$use_currentuser[$cntModule] = 'y';
|
|
if (! empty($module_params['use_currentuser'])) {
|
|
$use_currentuser[$cntModule] = $module_params['use_currentuser'];
|
|
}
|
|
if ($use_currentuser[$cntModule] == 'y') {
|
|
$username[$cntModule] = $user;
|
|
$smarty->assign('currentuser', $use_currentuser);
|
|
$smarty->assign('username', $username);
|
|
} else {
|
|
$smarty->assign('currentuser', $use_currentuser);
|
|
$username[$cntModule] = $cryptlib->getUserData($domain, 'usr');
|
|
if (! empty($username[$cntModule])) {
|
|
$smarty->assign('username', $username);
|
|
} else {
|
|
if ($isSaving == false) {
|
|
$errors[$cntModule][] = tra('No user defined');
|
|
}
|
|
}
|
|
}
|
|
|
|
// Check if editing
|
|
$edit_option[$cntModule] = 'n';
|
|
if ($can_update[$cntModule] == 'y' && (! isset($_REQUEST['edit_form' . $cntModule]) || $_REQUEST['edit_form' . $cntModule] != 'y')) {
|
|
// Only enable editing, after the user clicks the edit link
|
|
$can_update[$cntModule] = 'n';
|
|
$edit_option[$cntModule] = 'y';
|
|
}
|
|
$smarty->assign('edit_option', $edit_option);
|
|
$smarty->assign('can_update', $can_update);
|
|
|
|
// Check stored data if they can be decrypted
|
|
if (! empty($username[$cntModule]) && $isSaving == false) {
|
|
$chkPwd = $cryptlib->hasUserData($domain);
|
|
if ($chkPwd == false) {
|
|
if ($isSaving == false) {
|
|
$errors[$cntModule][] = tra('No password saved');
|
|
}
|
|
} else {
|
|
$chkPwd = $cryptlib->getUserData($domain);
|
|
if ($chkPwd == false) {
|
|
$errors[$cntModule][] = tra('Read error');
|
|
}
|
|
}
|
|
}
|
|
|
|
// Saved the credentials
|
|
/////////////////////////////////
|
|
if (($dompwdCount == $cntModule) && $isSaving && $hasDomain && isset($_REQUEST['domPassword'])) {
|
|
if (empty($_REQUEST['domPassword'])) {
|
|
$errors[$cntModule][] = tra('No password specified');
|
|
} elseif (! $use_currentuser[$cntModule] && empty($_REQUEST['domUsername'])) {
|
|
$errors[$cntModule][] = tra('No username specified');
|
|
} else {
|
|
$domUsername = $use_currentuser[$cntModule] === 'y' ? $user : $_REQUEST['domUsername'];
|
|
$domPassword = $_REQUEST['domPassword'];
|
|
|
|
if (! $cryptlib->setUserData($domain, $domPassword)) {
|
|
$errors[$cntModule][] = tra('Failed to save password');
|
|
} else {
|
|
if (! $cryptlib->setUserData($domain, $domUsername, 'usr')) {
|
|
$errors[$cntModule][] = tra('Failed to save user');
|
|
} else {
|
|
// Refresh the displayed username is saved ok
|
|
$username[$cntModule] = $domUsername;
|
|
$smarty->assign('username', $username);
|
|
|
|
// Format result
|
|
$result = [];
|
|
$result[$cntModule] = tra('Saved OK');
|
|
$smarty->assign('result', $result);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} catch (Exception $e) {
|
|
$errors[$cntModule][] = $e->getMessage();
|
|
}
|
|
}
|
|
if (! empty($errors[$cntModule])) {
|
|
Feedback::error(['mes' => $errors[$cntModule]]);
|
|
}
|
|
}
|