359025439 发表于 2018-1-1 16:10:04

CAS客户端整合(二) Zabbix

/**  * Login from cas
  * init user info.
  * @param $name
  * @author Carl
  */
  function login_via_cas($name) {
  $userInfo = DBfetch(DBselect(
  'SELECT u.userid,u.attempt_failed,u.attempt_clock,u.attempt_ip'.
  ' FROM users u'.
  ' WHERE u.alias='.zbx_dbstr($name)
  ));
  if (!$userInfo) {
  //CUser::exception(ZBX_API_ERROR_PARAMETERS, _('Login name or password is incorrect.'));
  }
  // check if user is blocked
  if ($userInfo['attempt_failed'] >= ZBX_LOGIN_ATTEMPTS) {
  if ((time() - $userInfo['attempt_clock']) < ZBX_LOGIN_BLOCK) {
  //CUser::exception(ZBX_API_ERROR_PARAMETERS, _s('Account is blocked for %s seconds', (ZBX_LOGIN_BLOCK - (time() - $userInfo['attempt_clock']))));
  }
  DBexecute('UPDATE users SET attempt_clock='.time().' WHERE alias='.zbx_dbstr($name));
  }
  // check system permissions
  if (!check_perm2system($userInfo['userid'])) {
  //CUser::exception(ZBX_API_ERROR_PARAMETERS, _('No permissions for system access.'));
  }
  $dbAccess = DBfetch(DBselect(
  'SELECT MAX(g.gui_access) AS gui_access'.
  ' FROM usrgrp g,users_groups ug'.
  ' WHERE ug.userid='.zbx_dbstr($userInfo['userid']).
  ' AND g.usrgrpid=ug.usrgrpid'
  ));
  if (zbx_empty($dbAccess['gui_access'])) {
  $guiAccess = GROUP_GUI_ACCESS_SYSTEM;
  }
  else {
  $guiAccess = $dbAccess['gui_access'];
  }
  // start session
  $sessionid = md5(time().$name.rand(0, 10000000));
  DBexecute('INSERT INTO sessions (sessionid,userid,lastaccess,status)'.
  ' VALUES ('.zbx_dbstr($sessionid).','.zbx_dbstr($userInfo['userid']).','.time().','.ZBX_SESSION_ACTIVE.')'
  );
  $userid = $userInfo['userid'];
  $userData = DBfetch(DBselect(
  'SELECT u.userid,u.alias,u.name,u.surname,u.url,u.autologin,u.autologout,u.lang,u.refresh,u.type,'.
  ' u.theme,u.attempt_failed,u.attempt_ip,u.attempt_clock,u.rows_per_page'.
  ' FROM users u'.
  ' WHERE u.userid='.zbx_dbstr($userid)
  ));
  $userData['debug_mode'] = (bool) DBfetch(DBselect(
  'SELECT ug.userid'.
  ' FROM usrgrp g,users_groups ug'.
  ' WHERE ug.userid='.zbx_dbstr($userid).
  ' AND g.usrgrpid=ug.usrgrpid'.
  ' AND g.debug_mode='.GROUP_DEBUG_MODE_ENABLED
  ));
  $userData['userip'] = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'])
  ? $_SERVER['HTTP_X_FORWARDED_FOR']
  : $_SERVER['REMOTE_ADDR'];
  $userData['sessionid'] = $sessionid;
  $userData['gui_access'] = $guiAccess;
  if ($userInfo['attempt_failed']) {
  DBexecute('UPDATE users SET attempt_failed=0 WHERE userid='.zbx_dbstr($userInfo['userid']));
  }
  CWebUser::$data = CUser::$userData = $userData;
  return $sessionid;
  }
页: [1]
查看完整版本: CAS客户端整合(二) Zabbix