1<?php 2/* 3 * $Id: OpenMediaVault.php 470 2012-10-24 21:43:25Z imooreyahoo@gmail.com $ 4*/ 5 6/* 7 * OMV Specific 8*/ 9try { 10 11 // Must be made global or OMV breaks 12 global $xmlConfig, $OMV_DEFAULT_FILE; 13 14 require_once("openmediavault/globals.inc"); 15 require_once("openmediavault/session.inc"); 16 require_once("rpc/authentication.inc"); 17 18} catch(Exception $e) { 19 20 header("Content-Type: text/html"); 21 die("Error #".$e->getCode().":<br/>". str_replace("\n", "<br/>",$e->__toString())); 22} 23 24class phpvbAuthOpenMediaVault implements phpvbAuth { 25 26 static $session = null; 27 28 var $capabilities = array( 29 'canChangePassword' => false, 30 'sessionStart' => 'sessionStart', 31 'canLogout' => true 32 ); 33 34 var $config = array( 35 'allowNonAdmin' => false 36 ); 37 38 function __construct($userConfig = null) { 39 if($userConfig) $this->config = array_merge($this->config,$userConfig); 40 } 41 42 function login($username, $password) 43 { 44 # Try / catch so that we don't expose 45 # usernames / passwords 46 require_once("rpc/authentication.inc"); 47 $a = new AuthenticationRpc(); 48 try { 49 50 $auth = $a->login(array('username'=>$username,'password'=>$password)); 51 52 self::$session = &OMVSession::getInstance(); 53 54 if(@$auth["authenticated"] && 55 (self::$session->getRole() !== OMV_ROLE_USER || $this->config['allowNonAdmin'])) { 56 $_SESSION['admin'] = (self::$session->getRole() !== OMV_ROLE_USER); 57 $_SESSION['user'] = $_SESSION['username']; 58 $_SESSION['valid'] = ($_SESSION['admin'] || $this->config['allowNonAdmin']); 59 $_SESSION['authCheckHeartbeat'] = time(); 60 61 } 62 63 if(!@$_SESSION['valid']) { 64 return false; 65 } 66 return true; 67 68 } catch (Exception $e) { 69 return false; 70 } 71 return false; 72 } 73 74 function sessionStart($keepopen) { 75 76 self::$session = &OMVSession::getInstance(); 77 self::$session->start(); 78 79 80 if (self::$session->isAuthenticated() && !self::$session->isTimeout()) { 81 82 self::$session->validate(); 83 self::$session->updateLastAccess(); 84 85 $_SESSION['admin'] = (self::$session->getRole() !== OMV_ROLE_USER); 86 $_SESSION['user'] = $_SESSION['username']; 87 $_SESSION['valid'] = (self::$session->getRole() !== OMV_ROLE_USER || $this->config['allowNonAdmin']); 88 89 } else { 90 91 $_SESSION['admin'] = $_SESSION['user'] = $_SESSION['valid'] = null; 92 93 } 94 95 if(!$keepopen) 96 session_write_close(); 97 98 } 99 100 101 function logout(&$response) 102 { 103 require_once("rpc/authentication.inc"); 104 $a = new AuthenticationRpc(); 105 $a->logout(); 106 $response['data']['result'] = 1; 107 } 108 109 /* Defined for compatibility with implemented interface */ 110 function heartbeat($vbox){} 111 function changePassword($old, $new){} 112 function listUsers(){} 113 function updateUser($vboxRequest, $skipExistCheck){} 114 function deleteUser($user){} 115} 116