Issues in AuthPlugin.php - Failed Issues - Inspection of "Merge branch 'psr2-pluginredux' into psr2" - splitbrain/dokuwiki - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — psr2 ( b8c09b...820934 )

by Andreas

created 2019-05-19 09:10 UTC

inc/Extension/AuthPlugin.php (19 issues)

Labels

Unused Code 19

Severity

Minor 19

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace dokuwiki\Extension;

/**
 * Auth Plugin Prototype
 *
 * allows to authenticate users in a plugin
 *
 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
 * @author     Chris Smith <[email protected]>
 * @author     Jan Schumann <[email protected]>
 */
abstract class AuthPlugin extends Plugin
{
    public $success = true;

    /**
     * Possible things an auth backend module may be able to
     * do. The things a backend can do need to be set to true
     * in the constructor.
     */
    protected $cando = array(
        'addUser' => false, // can Users be created?
        'delUser' => false, // can Users be deleted?
        'modLogin' => false, // can login names be changed?
        'modPass' => false, // can passwords be changed?
        'modName' => false, // can real names be changed?
        'modMail' => false, // can emails be changed?
        'modGroups' => false, // can groups be changed?
        'getUsers' => false, // can a (filtered) list of users be retrieved?
        'getUserCount' => false, // can the number of users be retrieved?
        'getGroups' => false, // can a list of available groups be retrieved?
        'external' => false, // does the module do external auth checking?
        'logout' => true, // can the user logout again? (eg. not possible with HTTP auth)
    );

    /**
     * Constructor.
     *
     * Carry out sanity checks to ensure the object is
     * able to operate. Set capabilities in $this->cando
     * array here
     *
     * For future compatibility, sub classes should always include a call
     * to parent::__constructor() in their constructors!
     *
     * Set $this->success to false if checks fail
     *
     * @author  Christopher Smith <[email protected]>
     */
    public function __construct()
    {
        // the base class constructor does nothing, derived class
        // constructors do the real work
    }

    /**
     * Available Capabilities. [ DO NOT OVERRIDE ]
     *
     * For introspection/debugging
     *
     * @author  Christopher Smith <[email protected]>
     * @return  array
     */
    public function getCapabilities()
    {
        return array_keys($this->cando);
    }

    /**
     * Capability check. [ DO NOT OVERRIDE ]
     *
     * Checks the capabilities set in the $this->cando array and
     * some pseudo capabilities (shortcutting access to multiple
     * ones)
     *
     * ususal capabilities start with lowercase letter
     * shortcut capabilities start with uppercase letter
     *
     * @author  Andreas Gohr <[email protected]>
     * @param   string $cap the capability to check
     * @return  bool
     */
    public function canDo($cap)
    {
        switch ($cap) {
            case 'Profile':
                // can at least one of the user's properties be changed?
                return ($this->cando['modPass'] ||
                    $this->cando['modName'] ||
                    $this->cando['modMail']);
                break;
            case 'UserMod':
                // can at least anything be changed?
                return ($this->cando['modPass'] ||
                    $this->cando['modName'] ||
                    $this->cando['modMail'] ||
                    $this->cando['modLogin'] ||
                    $this->cando['modGroups'] ||
                    $this->cando['modMail']);
                break;
            default:
                // print a helping message for developers
                if (!isset($this->cando[$cap])) {
                    msg("Check for unknown capability '$cap' - Do you use an outdated Plugin?", -1);
                }
                return $this->cando[$cap];
        }
    }

    /**
     * Trigger the AUTH_USERDATA_CHANGE event and call the modification function. [ DO NOT OVERRIDE ]
     *
     * You should use this function instead of calling createUser, modifyUser or
     * deleteUsers directly. The event handlers can prevent the modification, for
     * example for enforcing a user name schema.
     *
     * @author Gabriel Birke <[email protected]>
     * @param string $type Modification type ('create', 'modify', 'delete')
     * @param array $params Parameters for the createUser, modifyUser or deleteUsers method.
     *                       The content of this array depends on the modification type
     * @return bool|null|int Result from the modification function or false if an event handler has canceled the action
     */
    public function triggerUserMod($type, $params)
    {
        $validTypes = array(
            'create' => 'createUser',
            'modify' => 'modifyUser',
            'delete' => 'deleteUsers',
        );
        if (empty($validTypes[$type])) {
            return false;
        }

        $result = false;
        $eventdata = array('type' => $type, 'params' => $params, 'modification_result' => null);
        $evt = new Event('AUTH_USER_CHANGE', $eventdata);
        if ($evt->advise_before(true)) {
            $result = call_user_func_array(array($this, $validTypes[$type]), $evt->data['params']);
            $evt->data['modification_result'] = $result;
        }
        $evt->advise_after();
        unset($evt);
        return $result;
    }

    /**
     * Log off the current user [ OPTIONAL ]
     *
     * Is run in addition to the ususal logoff method. Should
     * only be needed when trustExternal is implemented.
     *
     * @see     auth_logoff()
     * @author  Andreas Gohr <[email protected]>
     */
    public function logOff()
    {
    }

    /**
     * Do all authentication [ OPTIONAL ]
     *
     * Set $this->cando['external'] = true when implemented
     *
     * If this function is implemented it will be used to
     * authenticate a user - all other DokuWiki internals
     * will not be used for authenticating, thus
     * implementing the checkPass() function is not needed
     * anymore.
     *
     * The function can be used to authenticate against third
     * party cookies or Apache auth mechanisms and replaces
     * the auth_login() function
     *
     * The function will be called with or without a set
     * username. If the Username is given it was called
     * from the login form and the given credentials might
     * need to be checked. If no username was given it
     * the function needs to check if the user is logged in
     * by other means (cookie, environment).
     *
     * The function needs to set some globals needed by
     * DokuWiki like auth_login() does.
     *
     * @see     auth_login()
     * @author  Andreas Gohr <[email protected]>
     *
     * @param   string $user Username
     * @param   string $pass Cleartext Password
     * @param   bool $sticky Cookie should not expire
     * @return  bool             true on successful auth
     */
    public function trustExternal($user, $pass, $sticky = false)
    {
        /* some example:

        global $USERINFO;
        global $conf;
        $sticky ? $sticky = true : $sticky = false; //sanity check

        // do the checking here

        // set the globals if authed
        $USERINFO['name'] = 'FIXME';
        $USERINFO['mail'] = 'FIXME';
        $USERINFO['grps'] = array('FIXME');
        $_SERVER['REMOTE_USER'] = $user;
        $_SESSION[DOKU_COOKIE]['auth']['user'] = $user;
        $_SESSION[DOKU_COOKIE]['auth']['pass'] = $pass;
        $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
        return true;

        */
    }

    /**
     * Check user+password [ MUST BE OVERRIDDEN ]
     *
     * Checks if the given user exists and the given
     * plaintext password is correct
     *
     * May be ommited if trustExternal is used.
     *
     * @author  Andreas Gohr <[email protected]>
     * @param   string $user the user name
     * @param   string $pass the clear text password
     * @return  bool
     */
    public function checkPass($user, $pass)

    {
        msg("no valid authorisation system in use", -1);
        return false;
    }

    /**
     * Return user info [ MUST BE OVERRIDDEN ]
     *
     * Returns info about the given user needs to contain
     * at least these fields:
     *
     * name string  full name of the user
     * mail string  email address of the user
     * grps array   list of groups the user is in
     *
     * @author  Andreas Gohr <[email protected]>
     * @param   string $user the user name
     * @param   bool $requireGroups whether or not the returned data must include groups
     * @return  false|array containing user data or false
     */
    public function getUserData($user, $requireGroups = true)

    {
        if (!$this->cando['external']) msg("no valid authorisation system in use", -1);
        return false;
    }

    /**
     * Create a new User [implement only where required/possible]
     *
     * Returns false if the user already exists, null when an error
     * occurred and true if everything went well.
     *
     * The new user HAS TO be added to the default group by this
     * function!
     *
     * Set addUser capability when implemented
     *
     * @author  Andreas Gohr <[email protected]>
     * @param  string $user
     * @param  string $pass
     * @param  string $name
     * @param  string $mail
     * @param  null|array $grps
     * @return bool|null
     */
    public function createUser($user, $pass, $name, $mail, $grps = null)

    {
        msg("authorisation method does not allow creation of new users", -1);
        return null;
    }

    /**
     * Modify user data [implement only where required/possible]
     *
     * Set the mod* capabilities according to the implemented features
     *
     * @author  Chris Smith <[email protected]>
     * @param   string $user nick of the user to be changed
     * @param   array $changes array of field/value pairs to be changed (password will be clear text)
     * @return  bool
     */
    public function modifyUser($user, $changes)

    {
        msg("authorisation method does not allow modifying of user data", -1);
        return false;
    }

    /**
     * Delete one or more users [implement only where required/possible]
     *
     * Set delUser capability when implemented
     *
     * @author  Chris Smith <[email protected]>
     * @param   array $users
     * @return  int    number of users deleted
     */
    public function deleteUsers($users)

    {
        msg("authorisation method does not allow deleting of users", -1);
        return 0;
    }

    /**
     * Return a count of the number of user which meet $filter criteria
     * [should be implemented whenever retrieveUsers is implemented]
     *
     * Set getUserCount capability when implemented
     *
     * @author Chris Smith <[email protected]>
     * @param  array $filter array of field/pattern pairs, empty array for no filter
     * @return int
     */
    public function getUserCount($filter = array())

    {
        msg("authorisation method does not provide user counts", -1);
        return 0;
    }

    /**
     * Bulk retrieval of user data [implement only where required/possible]
     *
     * Set getUsers capability when implemented
     *
     * @author  Chris Smith <[email protected]>
     * @param   int $start index of first user to be returned
     * @param   int $limit max number of users to be returned, 0 for unlimited
     * @param   array $filter array of field/pattern pairs, null for no filter
     * @return  array list of userinfo (refer getUserData for internal userinfo details)
     */
    public function retrieveUsers($start = 0, $limit = 0, $filter = null)

    {
        msg("authorisation method does not support mass retrieval of user data", -1);
        return array();
    }

    /**
     * Define a group [implement only where required/possible]
     *
     * Set addGroup capability when implemented
     *
     * @author  Chris Smith <[email protected]>
     * @param   string $group
     * @return  bool
     */
    public function addGroup($group)

    {
        msg("authorisation method does not support independent group creation", -1);
        return false;
    }

    /**
     * Retrieve groups [implement only where required/possible]
     *
     * Set getGroups capability when implemented
     *
     * @author  Chris Smith <[email protected]>
     * @param   int $start
     * @param   int $limit
     * @return  array
     */
    public function retrieveGroups($start = 0, $limit = 0)

    {
        msg("authorisation method does not support group list retrieval", -1);
        return array();
    }

    /**
     * Return case sensitivity of the backend [OPTIONAL]
     *
     * When your backend is caseinsensitive (eg. you can login with USER and
     * user) then you need to overwrite this method and return false
     *
     * @return bool
     */
    public function isCaseSensitive()
    {
        return true;
    }

    /**
     * Sanitize a given username [OPTIONAL]
     *
     * This function is applied to any user name that is given to
     * the backend and should also be applied to any user name within
     * the backend before returning it somewhere.
     *
     * This should be used to enforce username restrictions.
     *
     * @author Andreas Gohr <[email protected]>
     * @param string $user username
     * @return string the cleaned username
     */
    public function cleanUser($user)
    {
        return $user;
    }

    /**
     * Sanitize a given groupname [OPTIONAL]
     *
     * This function is applied to any groupname that is given to
     * the backend and should also be applied to any groupname within
     * the backend before returning it somewhere.
     *
     * This should be used to enforce groupname restrictions.
     *
     * Groupnames are to be passed without a leading '@' here.
     *
     * @author Andreas Gohr <[email protected]>
     * @param  string $group groupname
     * @return string the cleaned groupname
     */
    public function cleanGroup($group)
    {
        return $group;
    }

    /**
     * Check Session Cache validity [implement only where required/possible]
     *
     * DokuWiki caches user info in the user's session for the timespan defined
     * in $conf['auth_security_timeout'].
     *
     * This makes sure slow authentication backends do not slow down DokuWiki.
     * This also means that changes to the user database will not be reflected
     * on currently logged in users.
     *
     * To accommodate for this, the user manager plugin will touch a reference
     * file whenever a change is submitted. This function compares the filetime
     * of this reference file with the time stored in the session.
     *
     * This reference file mechanism does not reflect changes done directly in
     * the backend's database through other means than the user manager plugin.
     *
     * Fast backends might want to return always false, to force rechecks on
     * each page load. Others might want to use their own checking here. If
     * unsure, do not override.
     *
     * @param  string $user - The username
     * @author Andreas Gohr <[email protected]>
     * @return bool
     */
    public function useSessionCache($user)
    {
        global $conf;
        return ($_SESSION[DOKU_COOKIE]['auth']['time'] >= @filemtime($conf['cachedir'] . '/sessionpurge'));
    }
}


1			<?php
2
3			namespace dokuwiki\Extension;
4
5			/**
6			* Auth Plugin Prototype
7			*
8			* allows to authenticate users in a plugin
9			*
10			* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
11			* @author Chris Smith <[email protected]>
12			* @author Jan Schumann <[email protected]>
13			*/
14			abstract class AuthPlugin extends Plugin
15			{
16			public $success = true;
17
18			/**
19			* Possible things an auth backend module may be able to
20			* do. The things a backend can do need to be set to true
21			* in the constructor.
22			*/
23			protected $cando = array(
24			'addUser' => false, // can Users be created?
25			'delUser' => false, // can Users be deleted?
26			'modLogin' => false, // can login names be changed?
27			'modPass' => false, // can passwords be changed?
28			'modName' => false, // can real names be changed?
29			'modMail' => false, // can emails be changed?
30			'modGroups' => false, // can groups be changed?
31			'getUsers' => false, // can a (filtered) list of users be retrieved?
32			'getUserCount' => false, // can the number of users be retrieved?
33			'getGroups' => false, // can a list of available groups be retrieved?
34			'external' => false, // does the module do external auth checking?
35			'logout' => true, // can the user logout again? (eg. not possible with HTTP auth)
36			);
37
38			/**
39			* Constructor.
40			*
41			* Carry out sanity checks to ensure the object is
42			* able to operate. Set capabilities in $this->cando
43			* array here
44			*
45			* For future compatibility, sub classes should always include a call
46			* to parent::__constructor() in their constructors!
47			*
48			* Set $this->success to false if checks fail
49			*
50			* @author Christopher Smith <[email protected]>
51			*/
52			public function __construct()
53			{
54			// the base class constructor does nothing, derived class
55			// constructors do the real work
56			}
57
58			/**
59			* Available Capabilities. [ DO NOT OVERRIDE ]
60			*
61			* For introspection/debugging
62			*
63			* @author Christopher Smith <[email protected]>
64			* @return array
65			*/
66			public function getCapabilities()
67			{
68			return array_keys($this->cando);
69			}
70
71			/**
72			* Capability check. [ DO NOT OVERRIDE ]
73			*
74			* Checks the capabilities set in the $this->cando array and
75			* some pseudo capabilities (shortcutting access to multiple
76			* ones)
77			*
78			* ususal capabilities start with lowercase letter
79			* shortcut capabilities start with uppercase letter
80			*
81			* @author Andreas Gohr <[email protected]>
82			* @param string $cap the capability to check
83			* @return bool
84			*/
85			public function canDo($cap)
86			{
87			switch ($cap) {
88			case 'Profile':
89			// can at least one of the user's properties be changed?
90			return ($this->cando['modPass'] \|\|
91			$this->cando['modName'] \|\|
92			$this->cando['modMail']);
93			break;
94			case 'UserMod':
95			// can at least anything be changed?
96			return ($this->cando['modPass'] \|\|
97			$this->cando['modName'] \|\|
98			$this->cando['modMail'] \|\|
99			$this->cando['modLogin'] \|\|
100			$this->cando['modGroups'] \|\|
101			$this->cando['modMail']);
102			break;
103			default:
104			// print a helping message for developers
105			if (!isset($this->cando[$cap])) {
106			msg("Check for unknown capability '$cap' - Do you use an outdated Plugin?", -1);
107			}
108			return $this->cando[$cap];
109			}
110			}
111
112			/**
113			* Trigger the AUTH_USERDATA_CHANGE event and call the modification function. [ DO NOT OVERRIDE ]
114			*
115			* You should use this function instead of calling createUser, modifyUser or
116			* deleteUsers directly. The event handlers can prevent the modification, for
117			* example for enforcing a user name schema.
118			*
119			* @author Gabriel Birke <[email protected]>
120			* @param string $type Modification type ('create', 'modify', 'delete')
121			* @param array $params Parameters for the createUser, modifyUser or deleteUsers method.
122			* The content of this array depends on the modification type
123			* @return bool\|null\|int Result from the modification function or false if an event handler has canceled the action
124			*/
125			public function triggerUserMod($type, $params)
126			{
127			$validTypes = array(
128			'create' => 'createUser',
129			'modify' => 'modifyUser',
130			'delete' => 'deleteUsers',
131			);
132			if (empty($validTypes[$type])) {
133			return false;
134			}
135
136			$result = false;
137			$eventdata = array('type' => $type, 'params' => $params, 'modification_result' => null);
138			$evt = new Event('AUTH_USER_CHANGE', $eventdata);
139			if ($evt->advise_before(true)) {
140			$result = call_user_func_array(array($this, $validTypes[$type]), $evt->data['params']);
141			$evt->data['modification_result'] = $result;
142			}
143			$evt->advise_after();
144			unset($evt);
145			return $result;
146			}
147
148			/**
149			* Log off the current user [ OPTIONAL ]
150			*
151			* Is run in addition to the ususal logoff method. Should
152			* only be needed when trustExternal is implemented.
153			*
154			* @see auth_logoff()
155			* @author Andreas Gohr <[email protected]>
156			*/
157			public function logOff()
158			{
159			}
160
161			/**
162			* Do all authentication [ OPTIONAL ]
163			*
164			* Set $this->cando['external'] = true when implemented
165			*
166			* If this function is implemented it will be used to
167			* authenticate a user - all other DokuWiki internals
168			* will not be used for authenticating, thus
169			* implementing the checkPass() function is not needed
170			* anymore.
171			*
172			* The function can be used to authenticate against third
173			* party cookies or Apache auth mechanisms and replaces
174			* the auth_login() function
175			*
176			* The function will be called with or without a set
177			* username. If the Username is given it was called
178			* from the login form and the given credentials might
179			* need to be checked. If no username was given it
180			* the function needs to check if the user is logged in
181			* by other means (cookie, environment).
182			*
183			* The function needs to set some globals needed by
184			* DokuWiki like auth_login() does.
185			*
186			* @see auth_login()
187			* @author Andreas Gohr <[email protected]>
188			*
189			* @param string $user Username
190			* @param string $pass Cleartext Password
191			* @param bool $sticky Cookie should not expire
192			* @return bool true on successful auth
193			*/
194			public function trustExternal($user, $pass, $sticky = false)
195			{
196			/* some example:
197
198			global $USERINFO;
199			global $conf;
200			$sticky ? $sticky = true : $sticky = false; //sanity check
201
202			// do the checking here
203
204			// set the globals if authed
205			$USERINFO['name'] = 'FIXME';
206			$USERINFO['mail'] = 'FIXME';
207			$USERINFO['grps'] = array('FIXME');
208			$_SERVER['REMOTE_USER'] = $user;
209			$_SESSION[DOKU_COOKIE]['auth']['user'] = $user;
210			$_SESSION[DOKU_COOKIE]['auth']['pass'] = $pass;
211			$_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
212			return true;
213
214			*/
215			}
216
217			/**
218			* Check user+password [ MUST BE OVERRIDDEN ]
219			*
220			* Checks if the given user exists and the given
221			* plaintext password is correct
222			*
223			* May be ommited if trustExternal is used.
224			*
225			* @author Andreas Gohr <[email protected]>
226			* @param string $user the user name
227			* @param string $pass the clear text password
228			* @return bool
229			*/
230			public function checkPass($user, $pass)
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$user` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$pass` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
231			{
232			msg("no valid authorisation system in use", -1);
233			return false;
234			}
235
236			/**
237			* Return user info [ MUST BE OVERRIDDEN ]
238			*
239			* Returns info about the given user needs to contain
240			* at least these fields:
241			*
242			* name string full name of the user
243			* mail string email address of the user
244			* grps array list of groups the user is in
245			*
246			* @author Andreas Gohr <[email protected]>
247			* @param string $user the user name
248			* @param bool $requireGroups whether or not the returned data must include groups
249			* @return false\|array containing user data or false
250			*/
251			public function getUserData($user, $requireGroups = true)
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$user` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$requireGroups` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
252			{
253			if (!$this->cando['external']) msg("no valid authorisation system in use", -1);
254			return false;
255			}
256
257			/**
258			* Create a new User [implement only where required/possible]
259			*
260			* Returns false if the user already exists, null when an error
261			* occurred and true if everything went well.
262			*
263			* The new user HAS TO be added to the default group by this
264			* function!
265			*
266			* Set addUser capability when implemented
267			*
268			* @author Andreas Gohr <[email protected]>
269			* @param string $user
270			* @param string $pass
271			* @param string $name
272			* @param string $mail
273			* @param null\|array $grps
274			* @return bool\|null
275			*/
276			public function createUser($user, $pass, $name, $mail, $grps = null)
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$user` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$pass` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$name` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$mail` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$grps` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
277			{
278			msg("authorisation method does not allow creation of new users", -1);
279			return null;
280			}
281
282			/**
283			* Modify user data [implement only where required/possible]
284			*
285			* Set the mod* capabilities according to the implemented features
286			*
287			* @author Chris Smith <[email protected]>
288			* @param string $user nick of the user to be changed
289			* @param array $changes array of field/value pairs to be changed (password will be clear text)
290			* @return bool
291			*/
292			public function modifyUser($user, $changes)
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$user` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$changes` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
293			{
294			msg("authorisation method does not allow modifying of user data", -1);
295			return false;
296			}
297
298			/**
299			* Delete one or more users [implement only where required/possible]
300			*
301			* Set delUser capability when implemented
302			*
303			* @author Chris Smith <[email protected]>
304			* @param array $users
305			* @return int number of users deleted
306			*/
307			public function deleteUsers($users)
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$users` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
308			{
309			msg("authorisation method does not allow deleting of users", -1);
310			return 0;
311			}
312
313			/**
314			* Return a count of the number of user which meet $filter criteria
315			* [should be implemented whenever retrieveUsers is implemented]
316			*
317			* Set getUserCount capability when implemented
318			*
319			* @author Chris Smith <[email protected]>
320			* @param array $filter array of field/pattern pairs, empty array for no filter
321			* @return int
322			*/
323			public function getUserCount($filter = array())
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$filter` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
324			{
325			msg("authorisation method does not provide user counts", -1);
326			return 0;
327			}
328
329			/**
330			* Bulk retrieval of user data [implement only where required/possible]
331			*
332			* Set getUsers capability when implemented
333			*
334			* @author Chris Smith <[email protected]>
335			* @param int $start index of first user to be returned
336			* @param int $limit max number of users to be returned, 0 for unlimited
337			* @param array $filter array of field/pattern pairs, null for no filter
338			* @return array list of userinfo (refer getUserData for internal userinfo details)
339			*/
340			public function retrieveUsers($start = 0, $limit = 0, $filter = null)
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$start` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$limit` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$filter` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
341			{
342			msg("authorisation method does not support mass retrieval of user data", -1);
343			return array();
344			}
345
346			/**
347			* Define a group [implement only where required/possible]
348			*
349			* Set addGroup capability when implemented
350			*
351			* @author Chris Smith <[email protected]>
352			* @param string $group
353			* @return bool
354			*/
355			public function addGroup($group)
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$group` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
356			{
357			msg("authorisation method does not support independent group creation", -1);
358			return false;
359			}
360
361			/**
362			* Retrieve groups [implement only where required/possible]
363			*
364			* Set getGroups capability when implemented
365			*
366			* @author Chris Smith <[email protected]>
367			* @param int $start
368			* @param int $limit
369			* @return array
370			*/
371			public function retrieveGroups($start = 0, $limit = 0)
			0 ignored issues – show Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$start` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history... Unused Code introduced 2018-06-15 15:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$limit` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
372			{
373			msg("authorisation method does not support group list retrieval", -1);
374			return array();
375			}
376
377			/**
378			* Return case sensitivity of the backend [OPTIONAL]
379			*
380			* When your backend is caseinsensitive (eg. you can login with USER and
381			* user) then you need to overwrite this method and return false
382			*
383			* @return bool
384			*/
385			public function isCaseSensitive()
386			{
387			return true;
388			}
389
390			/**
391			* Sanitize a given username [OPTIONAL]
392			*
393			* This function is applied to any user name that is given to
394			* the backend and should also be applied to any user name within
395			* the backend before returning it somewhere.
396			*
397			* This should be used to enforce username restrictions.
398			*
399			* @author Andreas Gohr <[email protected]>
400			* @param string $user username
401			* @return string the cleaned username
402			*/
403			public function cleanUser($user)
404			{
405			return $user;
406			}
407
408			/**
409			* Sanitize a given groupname [OPTIONAL]
410			*
411			* This function is applied to any groupname that is given to
412			* the backend and should also be applied to any groupname within
413			* the backend before returning it somewhere.
414			*
415			* This should be used to enforce groupname restrictions.
416			*
417			* Groupnames are to be passed without a leading '@' here.
418			*
419			* @author Andreas Gohr <[email protected]>
420			* @param string $group groupname
421			* @return string the cleaned groupname
422			*/
423			public function cleanGroup($group)
424			{
425			return $group;
426			}
427
428			/**
429			* Check Session Cache validity [implement only where required/possible]
430			*
431			* DokuWiki caches user info in the user's session for the timespan defined
432			* in $conf['auth_security_timeout'].
433			*
434			* This makes sure slow authentication backends do not slow down DokuWiki.
435			* This also means that changes to the user database will not be reflected
436			* on currently logged in users.
437			*
438			* To accommodate for this, the user manager plugin will touch a reference
439			* file whenever a change is submitted. This function compares the filetime
440			* of this reference file with the time stored in the session.
441			*
442			* This reference file mechanism does not reflect changes done directly in
443			* the backend's database through other means than the user manager plugin.
444			*
445			* Fast backends might want to return always false, to force rechecks on
446			* each page load. Others might want to use their own checking here. If
447			* unsure, do not override.
448			*
449			* @param string $user - The username
450			* @author Andreas Gohr <[email protected]>
451			* @return bool
452			*/
453			public function useSessionCache($user)
454			{
455			global $conf;
456			return ($_SESSION[DOKU_COOKIE]['auth']['time'] >= @filemtime($conf['cachedir'] . '/sessionpurge'));
457			}
458			}
459

splitbrain / dokuwiki

Push — psr2 ( b8c09b...820934 )

inc/Extension/AuthPlugin.php (19 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like