[Summary view] [Print] [Text view]

   1  --- Lib.pm.or    2005-09-27 23:08:20.000000000 +0200
   2  +++ Lib.pm    2005-09-27 23:09:25.000000000 +0200
   3  @@ -50,6 +50,9 @@
   4   use vars qw($Hosts $HostsMTime $ConfigMTime $PrivAdmin);
   5   use vars qw(%UserEmailInfo $UserEmailInfoMTime %RestoreReq %ArchiveReq);
   6   use vars qw($Lang);
   7  +use vars qw($connexionDb $mysqlServerUsername $mysqlServerPw $cookie
   8  +            $peopleDn $ldap_server $adminDn $adminPw $droitsDn $cn @cn
   9  +        $baseurl);
  10   
  11   @ISA = qw(Exporter);
  12   
  13  @@ -112,7 +115,7 @@
  14       # Default REMOTE_USER so in a miminal installation the user
  15       # has a sensible default.
  16       #
  17  -    $ENV{REMOTE_USER} = $Conf{BackupPCUser} if ( $ENV{REMOTE_USER} eq "" );
  18  +    #$ENV{REMOTE_USER} = $Conf{BackupPCUser} if ( $ENV{REMOTE_USER} eq "" );
  19   
  20       #
  21       # We require that Apache pass in $ENV{SCRIPT_NAME} and $ENV{REMOTE_USER}.
  22  @@ -120,8 +123,71 @@
  23       # code if you are using some other type of authentication, and have
  24       # a different way of getting the user name.
  25       #
  26  -    $MyURL  = $ENV{SCRIPT_NAME};
  27  -    $User   = $ENV{REMOTE_USER};
  28  +    #$MyURL  = $ENV{SCRIPT_NAME};
  29  +    #$User   = "www-se3";
  30  +
  31  +    use CGI::Cookie;
  32  +    use Net::LDAP;
  33  +    require '/etc/SeConfig.ph';
  34  +    # Identification de l'utilisateur
  35  +    # ===============================
  36  +    # R\xe9cup\xe9ration du cookie
  37  +    my %cookies = fetch CGI::Cookie;
  38  +    #open LOG, '>/tmp/bpc.log';
  39  +    #foreach $cookie (keys %cookies) {
  40  +    #  print LOG "$cookie : $cookies{$cookie}\n";
  41  +    #}
  42  +    #close LOG;
  43  +    my $isAdmin = "N";
  44  +    if ($cookies{'SambaEdu3'}) {
  45  +      my $session = $cookies{'SambaEdu3'}->value;
  46  +      # Connexion MySql
  47  +      my $lcs_db = DBI->connect("DBI:mysql:$connexionDb", $mysqlServerUsername, $mysqlServerPw);
  48  +      my $requete = $lcs_db->prepare("select id, login from sessions where (sess = '$session')");
  49  +      $requete->execute();
  50  +      my ( $id, $login ) = $requete->fetchrow_array;
  51  +      $lcs_db->disconnect;
  52  +      # Validation
  53  +      my $admindn = 'uid=' . $login .",". $peopleDn;
  54  +      my @attrs = ('cn');
  55  +      my $lcs_ldap = Net::LDAP->new("$ldap_server");
  56  +      $lcs_ldap->bind(dn       => "$adminDn",
  57  +                      password => "$adminPw");
  58  +      my $res = $lcs_ldap->search(base     => "cn=system_is_admin,$droitsDn",
  59  +                                  scope    => 'subtree',
  60  +                                  attrs    => \@attrs,
  61  +                                  filter   => "(member=$admindn)");
  62  +      foreach my $entry ($res->entries) {
  63  +        @cn  = $entry->get('cn');
  64  +      }
  65  +      if ($cn[0] eq 'system_is_admin') {
  66  +        $isAdmin = "Y";
  67  +      }
  68  +      my $res = $lcs_ldap->search(base     => "cn=se3_is_admin,$droitsDn",
  69  +                                  scope    => 'subtree',
  70  +                                  attrs    => \@attrs,
  71  +                                  filter   => "(member=$admindn)");
  72  +      foreach my $entry ($res->entries) {
  73  +        @cn  = $entry->get('cn');
  74  +      }
  75  +      if ($cn[0] eq 'se3_is_admin') {
  76  +        $isAdmin = "Y";
  77  +      }
  78  +      $lcs_ldap->unbind();
  79  +    }
  80  +
  81  +    if ($isAdmin eq 'N') {
  82  +      print $Cgi->header();
  83  +      print
  84  +        "<!doctype html public \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n",
  85  +        "<html><head>\n",
  86  +        "<meta http-equiv=\"Refresh\" content=\"0; url=" . $baseurl,
  87  +        "Err/401.html\">\n",
  88  +        "</head></html>\n";
  89  +      exit;
  90  +    } else {
  91  +      $User = 'www-se3';
  92  +    }
  93   
  94       #
  95       # Clean up %ENV for taint checking