User Tools

  • Logged in as: anonymous (anonymous)
  • Log Out

Site Tools


mantisbt:issue:3444

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
mantisbt:issue:3444 [2009/11/24 10:42]
sveyret More detailed specs
mantisbt:issue:3444 [2010/03/05 05:05] (current)
sveyret
Line 127: Line 127:
  
 The access API is modified to manage the new access system. Instead of quering for levels, one should only test if the access (using the representation string) is allowed to a given user. The access API is modified to manage the new access system. Instead of quering for levels, one should only test if the access (using the representation string) is allowed to a given user.
 +
 +
 +
 +
 +
 +
 +
  
 ===== Login plugin ===== ===== Login plugin =====
Line 133: Line 140:
  
 A new class is created for the login plugins. Login plugins should simply extend the MantisLogin.class.php which itself extends the MantisPlugin.class.php. This class handles the newly created events: A new class is created for the login plugins. Login plugins should simply extend the MantisLogin.class.php which itself extends the MantisPlugin.class.php. This class handles the newly created events:
-  * EVENT_LOGIN_AUTHENTICATE (EVENT_TYPE_CHAIN): Each plugin tries to authenticate the user and gives a resultThe input/​output value is an array with 2 values : +  * EVENT_LOGIN_AUTHENTICATE (EVENT_TYPE_FIRST): Plugins try to authenticate the user. Returns null if user cannot be authenticated or the instance of the User.class otherwise. 
-    '​RESULT'​ => '​UNKNOWN' ​(no plugin identified the user yet), '​INFO_REQUIRED'​ (at least one plugin asked for more information ​to identify ​the user), '​AUTHENTICATED'​ (one plugin could identify the user), '​ERROR'​ (if any error occured). +  EVENT_LOGIN_AUTHENTICATE_BY_NAME ​(EVENT_TYPE_FIRST): Plugins try to authenticate ​the user using a given username and optionally a passwordUsed for script login. Returns ​null if user cannot be authenticated ​or the instance of the User.class ​otherwise. 
-    * '​VALUE'​ => null if result is '​UNKNOWN' ​or '​INFO_REQUIRED';​ if '​AUTHENTICATED', ​the value is an instance of User.classif '​ERROR', ​it is a string with the error message+  * EVENT_LOGIN_NEED_FORM (EVENT_TYPE_DEFAULT):​ Each plugin indicates ​if it needs to ask information to user for authentication. 
-  * EVENT_LOGIN_INFO ​(EVENT_TYPE_OUTPUT):​ Mantis is about to ask username/​password to the user. Plugins can add « signup ​»« forgot password ​» or other kinds of links. Some plugins may also ask for additionnal information+  * EVENT_LOGIN_FIELDS (EVENT_TYPE_OUTPUT):​ Mantis ​is about to ask username/​password to the user. Plugins can ask for additionnal information
-  * EVENT_LOGIN_GET_USER (EVENT_TYPE_CHAIN): The parameter is the company_id of the user, given as a string. ​For each plugin, if the input really is a string, ​look if it can return a User.class corresponding. ​If input is already of type User.class or if no matching user is found, returns the input parameters+  * EVENT_LOGIN_EXTRA ​(EVENT_TYPE_OUTPUT):​ Mantis is about to ask username/​password to the user. Plugins can add signupforgot password” or other kinds of links. 
-  * EVENT_LOGIN_GET_GROUP (EVENT_TYPE_CHAIN): Same than EVENT_LOGIN_GET_USER,​ but for groups.+  * EVENT_LOGIN_GET_USER (EVENT_TYPE_FIRST): The parameter is the company_id of the user, given as a string. ​Each plugin ​must look if it can return a matching ​User.class corresponding. ​Returns null otherwise
 +  * EVENT_LOGIN_GET_GROUP (EVENT_TYPE_FIRST): Same than EVENT_LOGIN_GET_USER,​ but for groups.
   * EVENT_LOGIN_SEARCH_USERS (EVENT_TYPE_DEFAULT):​ Search for users having either username, real name, name or first name (depending on the data provided by the plugin) matching the input. If the input string is smaller than a given number of character, searches for exact match. Otherwise, search for users containing the given string. Each plugin returns an array of User.class.   * EVENT_LOGIN_SEARCH_USERS (EVENT_TYPE_DEFAULT):​ Search for users having either username, real name, name or first name (depending on the data provided by the plugin) matching the input. If the input string is smaller than a given number of character, searches for exact match. Otherwise, search for users containing the given string. Each plugin returns an array of User.class.
   * EVENT_LOGIN_SEARCH_GROUPS (EVENT_TYPE_DEFAULT):​ Same than EVENT_LOGIN_SEARCH_USERS,​ but for groups. The search is made in group names (depending on the data provided by the plugin).   * EVENT_LOGIN_SEARCH_GROUPS (EVENT_TYPE_DEFAULT):​ Same than EVENT_LOGIN_SEARCH_USERS,​ but for groups. The search is made in group names (depending on the data provided by the plugin).
   * EVENT_LOGIN_LOGOUT (EVENT_TYPE_EXECUTE):​ The input is the User.class of the current user. If plugin managing the given user can handle it, tries to logout the user.   * EVENT_LOGIN_LOGOUT (EVENT_TYPE_EXECUTE):​ The input is the User.class of the current user. If plugin managing the given user can handle it, tries to logout the user.
 +  * EVENT_LOGIN_LOST_PWD (EVENT_TYPE_FIRST):​ Sent when user forgot his password. Parameter is the internal username used by plugin. First plugin knowing the given user handle the message and returns true, othe plugins return null.
  
 The login procedure is the following: The login procedure is the following:
   * First of all, the EVENT_LOGIN_AUTHENTICATE event is sent.   * First of all, the EVENT_LOGIN_AUTHENTICATE event is sent.
-  * For each plugin ​managing this event, if the input is neither UNKNOWN nor INFO_REQUIRED, ​returns the input+  * The first plugin ​authenticating ​the user returns the User.class instance
-  * If the input is either UNKNOWN or INFO_REQUIRED,​ tries to authenticate user with already available information and returns the result. If input is INFO_REQUIRED and plugin ​cannot ​authenticate the user, keep the INFO_REQUIRED (do not return UNKNOWN). +  * If the event result is null (no plugin ​could authenticate the user), send event EVENT_LOGIN_NEED_INFO
-  * After execution ​of all plugins, if the result is UNKNOWN or ERROR, display an error and stop login. If the result is AUTHENTICATED,​ use the given User.class as the current user. If the result is INFO_REQUIRED, display a login page (sending an EVENT_LOGIN_INFO event) which will call this procedure again. +  * If at least one of the plugin answers true, display a login page (sending an EVENT_LOGIN_INFO event) which will call this procedure again. 
-  * If the login procedure already has username or password information (meaning it already is the second chance, with info provided), then the INFO_REQUIRED ​result ​also makes an error to be displayed ​and login procedure ​stopped.+  * If the login procedure already has username or password information (meaning it already is the second chance, with info provided), then a null result ​throws ​an error and stops login procedure.
   * When the user is authenticated,​ check that the company_id already exists in the Mantis tables. Create the user if not.   * When the user is authenticated,​ check that the company_id already exists in the Mantis tables. Create the user if not.
  
 The User.class contains methods to get information about a user: The User.class contains methods to get information about a user:
-  * getUserName() -> returns the username (internally used name) of the user. +  * getName() -> returns the real name of the user.
-  * getRealName() -> returns the real name of the user.+
   * getEMail() -> returns the e-mail addresse of the user.   * getEMail() -> returns the e-mail addresse of the user.
 +  * getAvatar() -> returns the avatar for the user.
   * isEnabled() -> indicates if the user is enabled.   * isEnabled() -> indicates if the user is enabled.
   * update() -> returns an URL to use to update the user data or null if not modifiable.   * update() -> returns an URL to use to update the user data or null if not modifiable.
mantisbt/issue/3444.1259077328.txt.gz · Last modified: 2010/01/12 06:03 (external edit)