1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
* Installation hooks for the CAS module.
|
6 |
|
|
*/
|
7 |
|
|
|
8 |
|
|
/**
|
9 |
|
|
* Implements hook_schema().
|
10 |
|
|
*/
|
11 |
|
|
function cas_schema() {
|
12 |
|
|
$schema = array();
|
13 |
|
|
|
14 |
|
|
$schema['cas_login_data'] = array(
|
15 |
|
|
'description' => 'Stores CAS session information.',
|
16 |
|
|
'fields' => array(
|
17 |
|
|
'cas_session_id' => array(
|
18 |
|
|
'description' => 'CAS session ID',
|
19 |
|
|
'type' => 'varchar',
|
20 |
|
|
'length' => 255,
|
21 |
|
|
'not null' => TRUE,
|
22 |
|
|
'default' => '',
|
23 |
|
|
),
|
24 |
|
|
'uid' => array(
|
25 |
|
|
'description' => 'The {users}.uid associated with the CAS session.',
|
26 |
|
|
'type' => 'int',
|
27 |
|
|
'unsigned' => TRUE,
|
28 |
|
|
'not null' => TRUE,
|
29 |
|
|
),
|
30 |
|
|
),
|
31 |
|
|
'primary key' => array('cas_session_id'),
|
32 |
|
|
);
|
33 |
|
|
|
34 |
|
|
$schema['cas_user'] = array(
|
35 |
|
|
'description' => 'Stores CAS authentication mapping.',
|
36 |
|
|
'fields' => array(
|
37 |
|
|
'aid' => array(
|
38 |
|
|
'description' => 'Primary Key: Unique authmap ID.',
|
39 |
|
|
'type' => 'serial',
|
40 |
|
|
'unsigned' => TRUE,
|
41 |
|
|
'not null' => TRUE,
|
42 |
|
|
),
|
43 |
|
|
'uid' => array(
|
44 |
|
|
'type' => 'int',
|
45 |
|
|
'not null' => TRUE,
|
46 |
|
|
'default' => 0,
|
47 |
|
|
'description' => "User's {users}.uid.",
|
48 |
|
|
),
|
49 |
|
|
'cas_name' => array(
|
50 |
|
|
'type' => 'varchar',
|
51 |
|
|
'length' => 128,
|
52 |
|
|
'not null' => TRUE,
|
53 |
|
|
'default' => '',
|
54 |
|
|
'description' => 'Unique authentication name.',
|
55 |
|
|
),
|
56 |
|
|
),
|
57 |
|
|
'unique keys' => array(
|
58 |
|
|
'cas_name' => array('cas_name'),
|
59 |
|
|
),
|
60 |
|
|
'primary key' => array('aid'),
|
61 |
|
|
'foreign keys' => array(
|
62 |
|
|
'user' => array(
|
63 |
|
|
'table' => 'users',
|
64 |
|
|
'columns' => array('uid' => 'uid'),
|
65 |
|
|
),
|
66 |
|
|
),
|
67 |
|
|
);
|
68 |
|
|
|
69 |
|
|
return $schema;
|
70 |
|
|
}
|
71 |
|
|
|
72 |
|
|
/**
|
73 |
|
|
* Implements hook_uninstall().
|
74 |
|
|
*/
|
75 |
|
|
function cas_uninstall() {
|
76 |
|
|
// Delete variables.
|
77 |
|
|
variable_del('cas_access');
|
78 |
|
|
variable_del('cas_allow_rememberme');
|
79 |
|
|
variable_del('cas_authmap');
|
80 |
|
|
variable_del('cas_auto_assigned_role');
|
81 |
|
|
variable_del('cas_cert');
|
82 |
|
|
variable_del('cas_changePasswordURL');
|
83 |
|
|
variable_del('cas_check_first');
|
84 |
|
|
variable_del('cas_debugfile');
|
85 |
|
|
variable_del('cas_domain');
|
86 |
|
|
variable_del('cas_exclude');
|
87 |
|
|
variable_del('cas_first_login_destination');
|
88 |
|
|
variable_del('cas_hide_email');
|
89 |
|
|
variable_del('cas_hide_password');
|
90 |
|
|
variable_del('cas_library_dir');
|
91 |
|
|
variable_del('cas_login_drupal_invite');
|
92 |
|
|
variable_del('cas_login_form');
|
93 |
|
|
variable_del('cas_login_invite');
|
94 |
|
|
variable_del('cas_login_message');
|
95 |
|
|
variable_del('cas_login_redir_message');
|
96 |
|
|
variable_del('cas_logout_destination');
|
97 |
|
|
variable_del('cas_pages');
|
98 |
|
|
variable_del('cas_pgtformat');
|
99 |
|
|
variable_del('cas_pgtpath');
|
100 |
|
|
variable_del('cas_port');
|
101 |
|
|
variable_del('cas_proxy');
|
102 |
|
|
variable_del('cas_registerURL');
|
103 |
|
|
variable_del('cas_server');
|
104 |
|
|
variable_del('cas_uri');
|
105 |
|
|
variable_del('cas_user_register');
|
106 |
|
|
variable_del('cas_version');
|
107 |
|
|
|
108 |
|
|
// And old (un-used) variables.
|
109 |
|
|
variable_del('cas_cert_verify');
|
110 |
|
|
variable_del('cas_first_login');
|
111 |
|
|
variable_del('cas_hijack_user');
|
112 |
|
|
variable_del('cas_ldap_email_attribute');
|
113 |
|
|
variable_del('cas_logout_redirect');
|
114 |
|
|
variable_del('cas_signout');
|
115 |
|
|
variable_del('cas_useldap');
|
116 |
|
|
variable_del('cas_useldap_groups');
|
117 |
|
|
variable_del('cas_verify');
|
118 |
|
|
}
|
119 |
|
|
|
120 |
|
|
/**
|
121 |
|
|
* Implements hook_requirements().
|
122 |
|
|
*/
|
123 |
|
|
function cas_requirements($phase) {
|
124 |
|
|
$requirements = array();
|
125 |
|
|
$t = get_t();
|
126 |
|
|
|
127 |
|
|
if ($phase == 'runtime') {
|
128 |
|
|
$phpcas_url = 'https://wiki.jasig.org/display/CASC/phpCAS';
|
129 |
|
|
|
130 |
|
|
$requirements['phpcas']['title'] = $t('phpCAS');
|
131 |
|
|
// Okay to call functions from cas.module since we are in the runtime
|
132 |
|
|
// phase. We hide errors here in case phpcas could not be loaded.
|
133 |
|
|
if ($version = @cas_phpcas_load()) {
|
134 |
|
|
$requirements['phpcas']['value'] = $version;
|
135 |
|
|
$requirements['phpcas']['severity'] = REQUIREMENT_INFO;
|
136 |
|
|
$requirements['phpcas']['description'] = $t('Please check periodically for <a href="@phpcas_url">security updates</a> to phpCAS.', array('@phpcas_url' => $phpcas_url));
|
137 |
|
|
}
|
138 |
|
|
else {
|
139 |
|
|
$requirements['phpcas']['value'] = $t('Not found');
|
140 |
|
|
$requirements['phpcas']['severity'] = REQUIREMENT_ERROR;
|
141 |
|
|
$requirements['phpcas']['description'] = $t('phpCAS could not be loaded. Please <a href="@phpcas_url">download phpCAS</a> and <a href="@cas_url">configure its location</a>.', array('@phpcas_url' => $phpcas_url, '@cas_url' => url('admin/config/people/cas')));
|
142 |
|
|
}
|
143 |
|
|
}
|
144 |
|
|
return $requirements;
|
145 |
|
|
}
|
146 |
|
|
|
147 |
|
|
/**
|
148 |
|
|
* Creates CAS login data table for Single-Sign-Out.
|
149 |
|
|
*/
|
150 |
|
|
function cas_update_1() {
|
151 |
|
|
$schema = array();
|
152 |
|
|
|
153 |
|
|
$schema['cas_login_data'] = array(
|
154 |
|
|
'description' => 'Stores CAS session information.',
|
155 |
|
|
'fields' => array(
|
156 |
|
|
'cas_session_id' => array(
|
157 |
|
|
'description' => 'CAS session ID',
|
158 |
|
|
'type' => 'varchar',
|
159 |
|
|
'length' => 255,
|
160 |
|
|
'not null' => TRUE,
|
161 |
|
|
'default' => '',
|
162 |
|
|
),
|
163 |
|
|
'uid' => array(
|
164 |
|
|
'description' => 'The {users}.uid associated with the CAS session.',
|
165 |
|
|
'type' => 'int',
|
166 |
|
|
'unsigned' => TRUE,
|
167 |
|
|
'not null' => TRUE,
|
168 |
|
|
),
|
169 |
|
|
),
|
170 |
|
|
'primary key' => array('cas_session_id'),
|
171 |
|
|
);
|
172 |
|
|
|
173 |
|
|
db_create_table('cas_login_data', $schema['cas_login_data']);
|
174 |
|
|
}
|
175 |
|
|
|
176 |
|
|
/**
|
177 |
|
|
* Depreciate "Verify the server using PEM cerificate" option.
|
178 |
|
|
*/
|
179 |
|
|
function cas_update_6300() {
|
180 |
|
|
if (variable_get('cas_cert_verify', 'none') == 'verify') {
|
181 |
|
|
variable_set('cas_cert_verify', 'none');
|
182 |
|
|
}
|
183 |
|
|
}
|
184 |
|
|
|
185 |
|
|
/**
|
186 |
|
|
* Migrate authmap entries to new {cas_user} table.
|
187 |
|
|
*/
|
188 |
|
|
function cas_update_6301() {
|
189 |
|
|
$schema = array();
|
190 |
|
|
|
191 |
|
|
$schema['cas_user'] = array(
|
192 |
|
|
'description' => 'Stores CAS authentication mapping.',
|
193 |
|
|
'fields' => array(
|
194 |
|
|
'aid' => array(
|
195 |
|
|
'description' => 'Primary Key: Unique CAS authentication mapping ID.',
|
196 |
|
|
'type' => 'serial',
|
197 |
|
|
'unsigned' => TRUE,
|
198 |
|
|
'not null' => TRUE,
|
199 |
|
|
),
|
200 |
|
|
'uid' => array(
|
201 |
|
|
'type' => 'int',
|
202 |
|
|
'not null' => TRUE,
|
203 |
|
|
'default' => 0,
|
204 |
|
|
'description' => "User's {users}.uid.",
|
205 |
|
|
),
|
206 |
|
|
'cas_name' => array(
|
207 |
|
|
'type' => 'varchar',
|
208 |
|
|
'length' => 128,
|
209 |
|
|
'not null' => TRUE,
|
210 |
|
|
'default' => '',
|
211 |
|
|
'description' => 'Unique CAS username.',
|
212 |
|
|
),
|
213 |
|
|
),
|
214 |
|
|
'unique keys' => array(
|
215 |
|
|
'cas_name' => array('cas_name'),
|
216 |
|
|
),
|
217 |
|
|
'primary key' => array('aid'),
|
218 |
|
|
'foreign keys' => array(
|
219 |
|
|
'user' => array(
|
220 |
|
|
'table' => 'users',
|
221 |
|
|
'columns' => array('uid' => 'uid'),
|
222 |
|
|
),
|
223 |
|
|
),
|
224 |
|
|
);
|
225 |
|
|
|
226 |
|
|
// Create {cas_user} table.
|
227 |
|
|
db_create_table('cas_user', $schema['cas_user']);
|
228 |
|
|
|
229 |
|
|
// Migrate entries from {authmap} to {cas_user}.
|
230 |
|
|
$query = db_select('authmap', 'a')
|
231 |
|
|
->condition('module', 'cas')
|
232 |
|
|
->condition('uid', 0, '<>');
|
233 |
|
|
$query->addField('a', 'uid');
|
234 |
|
|
$query->addField('a', 'authname', 'cas_name');
|
235 |
|
|
db_insert('cas_user')
|
236 |
|
|
->from($query)
|
237 |
|
|
->execute();
|
238 |
|
|
|
239 |
|
|
// Remove old entries in {authmap}.
|
240 |
|
|
db_delete('authmap')
|
241 |
|
|
->condition('module', 'cas')
|
242 |
|
|
->execute();
|
243 |
|
|
}
|
244 |
|
|
|
245 |
|
|
/**
|
246 |
|
|
* Remove 'hijack user' and 'Drupal is CAS user repository' options.
|
247 |
|
|
*/
|
248 |
|
|
function cas_update_6302() {
|
249 |
|
|
$message = NULL;
|
250 |
|
|
$t = get_t();
|
251 |
|
|
|
252 |
|
|
if (variable_get('cas_authmap', 0) || variable_get('cas_hijack_user', 0)) {
|
253 |
|
|
// Create a mapping in {cas_user} for each current Drupal user.
|
254 |
|
|
// The code below generates SQL equivalent to:
|
255 |
|
|
// INSERT INTO cas_user (uid, cas_name)
|
256 |
|
|
// SELECT u.uid AS uid, u.name as cas_name
|
257 |
|
|
// FROM users u
|
258 |
|
|
// WHERE uid <> 0 AND NOT EXISTS (SELECT cas_name FROM cas_user c WHERE c.cas_name = u.name);
|
259 |
|
|
|
260 |
|
|
$query = db_select('users', 'u');
|
261 |
|
|
$query->addField('u', 'uid', 'uid');
|
262 |
|
|
$query->addField('u', 'name', 'cas_name');
|
263 |
|
|
$query->condition('uid', 0, '<>');
|
264 |
|
|
$query->notExists(
|
265 |
|
|
db_select('cas_user', 'c')
|
266 |
|
|
->fields('c', array('cas_name'))
|
267 |
|
|
->where('c.cas_name = u.name')
|
268 |
|
|
);
|
269 |
|
|
db_insert('cas_user')
|
270 |
|
|
->from($query)
|
271 |
|
|
->execute();
|
272 |
|
|
|
273 |
|
|
$message = $t('Users have been automatically assigned their CAS username. For more information, see "Associating CAS usernames with Drupal users" in the CAS module README.txt.');
|
274 |
|
|
}
|
275 |
|
|
|
276 |
|
|
variable_del('cas_authmap');
|
277 |
|
|
variable_del('cas_hijack_user');
|
278 |
|
|
return $message;
|
279 |
|
|
}
|
280 |
|
|
|
281 |
|
|
/**
|
282 |
|
|
* Remove unnecessary CAS settings.
|
283 |
|
|
*/
|
284 |
|
|
function cas_update_6303() {
|
285 |
|
|
// We have removed the cas_first_login option, and instead verify that
|
286 |
|
|
// cas_first_login_destination is non-empty. To preserve functionality,
|
287 |
|
|
// we need to update the destination to '<front>' if previously the option
|
288 |
|
|
// was selected but the destination was empty.
|
289 |
|
|
if (variable_get('cas_first_login', FALSE)) {
|
290 |
|
|
if (variable_get('cas_first_login_destination', '') == '') {
|
291 |
|
|
variable_set('cas_first_login_destination', '<front>');
|
292 |
|
|
}
|
293 |
|
|
}
|
294 |
|
|
else {
|
295 |
|
|
variable_set('cas_first_login_destination', '');
|
296 |
|
|
}
|
297 |
|
|
variable_del('cas_first_login');
|
298 |
|
|
|
299 |
|
|
// Similarly for the cas_logout_redirect and cas_logout_destination
|
300 |
|
|
// variables.
|
301 |
|
|
if (variable_get('cas_logout_redirect', FALSE)) {
|
302 |
|
|
if (variable_get('cas_logout_destination', '') == '') {
|
303 |
|
|
variable_set('cas_logout_destination', '<front>');
|
304 |
|
|
}
|
305 |
|
|
}
|
306 |
|
|
else {
|
307 |
|
|
variable_set('cas_logout_destination', '');
|
308 |
|
|
}
|
309 |
|
|
variable_del('cas_logout_redirect');
|
310 |
|
|
|
311 |
|
|
// If the Certicate Authority is not being verified, ensure that the
|
312 |
|
|
// certificate field is empty.
|
313 |
|
|
if (variable_get('cas_cert_verify', 'none') == 'none') {
|
314 |
|
|
variable_set('cas_cert', '');
|
315 |
|
|
}
|
316 |
|
|
variable_del('cas_cert_verify');
|
317 |
|
|
|
318 |
|
|
// Also remove the variable controlling CAS Single Sign-Out which is now
|
319 |
|
|
// always enabled.
|
320 |
|
|
variable_del('cas_signout');
|
321 |
|
|
|
322 |
|
|
return array();
|
323 |
|
|
}
|
324 |
|
|
|
325 |
|
|
/**
|
326 |
|
|
* Add destination parameter to CAS Login / CAS Logout menu links.
|
327 |
|
|
*/
|
328 |
|
|
function cas_update_6304() {
|
329 |
|
|
// Load and save each link to 'cas' or 'caslogout' so that the 'alter' option
|
330 |
|
|
// is enabled. This allows us to append the destination parameter to the
|
331 |
|
|
// links at runtime. Since the menu items 'cas' and 'caslogout' are not
|
332 |
|
|
// functional without the destination parameter, we do this for all menu
|
333 |
|
|
// links, even custom defined ones (i.e., those with module = 'menu').
|
334 |
|
|
$result = db_query("SELECT mlid FROM {menu_links} WHERE link_path IN (:link_path)", array(':link_path' => array('cas', 'caslogout')));
|
335 |
|
|
foreach ($result as $record) {
|
336 |
|
|
$link = menu_link_load($record->mlid);
|
337 |
|
|
menu_link_save($link);
|
338 |
|
|
}
|
339 |
|
|
}
|
340 |
|
|
|
341 |
|
|
/**
|
342 |
|
|
* Transform numeric block deltas to string block deltas.
|
343 |
|
|
*/
|
344 |
|
|
function cas_update_7000(&$sandbox) {
|
345 |
|
|
$renamed_deltas = array(
|
346 |
|
|
'cas' => array('0' => 'login'),
|
347 |
|
|
);
|
348 |
|
|
$moved_deltas = array();
|
349 |
|
|
update_fix_d7_block_deltas($sandbox, $renamed_deltas, $moved_deltas);
|
350 |
|
|
} |