mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
e7bc735774
(merged from branches/gsoc) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@42144 467b73ca-7a2a-4603-9d3b-597d59a354a9
145 lines
3.7 KiB
PHP
145 lines
3.7 KiB
PHP
<?php
|
|
|
|
/**
|
|
* OpenID authentication decorator
|
|
*
|
|
* @author Markus Lanthaler <markus@silverstripe.com>
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
* Decorator for the member class to support OpenID authentication
|
|
*
|
|
* This class adds the needed fields to the default member class to support
|
|
* authentication via OpenID.
|
|
*
|
|
* @author Markus Lanthaler <markus@silverstripe.com
|
|
*/
|
|
class OpenIDAuthenticatedRole extends DataObjectDecorator {
|
|
|
|
/**
|
|
* Define extra database fields
|
|
*
|
|
* Returns a map where the keys are db, has_one, etc, and the values are
|
|
* additional fields/relations to be defined
|
|
*
|
|
* @return array Returns a map where the keys are db, has_one, etc, and
|
|
* the values are additional fields/relations to be defined
|
|
*/
|
|
function extraDBFields() {
|
|
return array(
|
|
'db' => array('IdentityURL' => 'Varchar(255)'),
|
|
'has_one' => array(),
|
|
'defaults' => array('IdentityURL' => null),
|
|
'indexes' => array('IdentityURL' => 'unique (IdentityURL)')
|
|
);
|
|
}
|
|
|
|
|
|
/**
|
|
* Edit the given query object to support queries for this extension
|
|
*
|
|
* At the moment this method does nothing.
|
|
*
|
|
* @param SQLQuery $query Query to augment.
|
|
*/
|
|
function augmentSQL(SQLQuery &$query) {
|
|
}
|
|
|
|
|
|
/**
|
|
* Update the database schema as required by this extension
|
|
*
|
|
* At the moment this method does nothing.
|
|
*/
|
|
function augmentDatabase() {
|
|
}
|
|
|
|
|
|
/**
|
|
* Change the member dialog in the CMS
|
|
*
|
|
* This method updates the form in the member dialog to make it possible
|
|
* to edit the new database fields.
|
|
*/
|
|
function updateCMSFields(FieldSet &$fields) {
|
|
$fields->push(new HeaderField("OpenID/i-name credentials"), "OpenIDHeader");
|
|
$fields->push(new LiteralField("OpenIDDescription",
|
|
"<p>Make sure you enter your normalized OpenID/i-name credentials " .
|
|
"here, i.e. with protocol and trailing slash for OpenID (e.g. " .
|
|
"http://openid.silverstripe.com/).</p>"));
|
|
$fields->push(new TextField("IdentityURL", "OpenID URL/i-name"),
|
|
"IdentityURL");
|
|
}
|
|
|
|
|
|
/**
|
|
* Can the current user edit the given member?
|
|
*
|
|
* Only the user itself or an administrator can edit an user account.
|
|
*
|
|
* @return bool Returns TRUE if this member can be edited, FALSE otherwise
|
|
*/
|
|
function canEdit() {
|
|
if($this->owner->ID == Member::currentUserID())
|
|
return true;
|
|
|
|
$member = Member::currentUser();
|
|
if($member)
|
|
return $member->isAdmin();
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
* Validator of the decorator for the member class to support OpenID
|
|
* authentication
|
|
*
|
|
* @author Markus Lanthaler <markus@silverstripe.com
|
|
*/
|
|
class OpenIDAuthenticatedRole_Validator extends Extension {
|
|
|
|
/**
|
|
* Server-side validation
|
|
*
|
|
* This method checks if the entered identity URL is unique.
|
|
*
|
|
* @param array $data User submitted data
|
|
* @param Form $form The used form
|
|
* @return bool Returns TRUE if the submitted data is valid, otherwise
|
|
* FALSE.
|
|
*/
|
|
function updatePHP(array $data, Form &$form) {
|
|
if(!isset($data['IdentityURL']) || strlen(trim($data['IdentityURL'])) == 0)
|
|
return true;
|
|
|
|
$member = DataObject::get_one('Member',
|
|
"IdentityURL = '". Convert::raw2sql($data['IdentityURL']) ."'");
|
|
|
|
// if we are in a complex table field popup, use ctf[childID], else use
|
|
// ID
|
|
$id = null;
|
|
if(isset($_REQUEST['ctf']['childID'])) {
|
|
$id = $_REQUEST['ctf']['childID'];
|
|
} elseif(isset($_REQUEST['ID'])) {
|
|
$id = $_REQUEST['ID'];
|
|
}
|
|
|
|
if(is_object($member) && $member->ID != $id) {
|
|
$field = $form->dataFieldByName('IdentityURL');
|
|
$this->owner->validationError($field->id(),
|
|
"There already exists a member with this identity URL",
|
|
"required");
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
}
|
|
|
|
|
|
?>
|