diff --git a/application/config/navigation.php b/application/config/navigation.php index 11fd1a3a6..fa7f630b5 100644 --- a/application/config/navigation.php +++ b/application/config/navigation.php @@ -1,11 +1,27 @@ . + */ -if(defined('CIS4') && CIS4) { - $root = APP_ROOT; -} else { - $root = CIS_ROOT; -} +$root = CIS_ROOT; + +if (defined('CIS4') && CIS4) $root = APP_ROOT; + +// -------------------------------------------------------------------------------------------------------------------- +// Head menu $config['navigation_header'] = array( '*' => array( @@ -195,13 +211,20 @@ $config['navigation_header'] = array( 'sort' => 20, 'requiredPermissions' => 'system/developer:r' ), - 'anrechnungen' => array( - 'link' => site_url('lehre/anrechnung/AdminAnrechnung'), - 'description' => 'Anrechnungen', - 'expand' => true, - 'sort' => 30, - 'requiredPermissions' => 'lehre/anrechnungszeitfenster:rw' - ) + 'anrechnungen' => array( + 'link' => site_url('lehre/anrechnung/AdminAnrechnung'), + 'description' => 'Anrechnungen', + 'expand' => true, + 'sort' => 30, + 'requiredPermissions' => 'lehre/anrechnungszeitfenster:rw' + ), + 'loginas' => array( + 'link' => site_url('system/Login/loginAs'), + 'description' => 'Login as', + 'expand' => true, + 'sort' => 40, + 'requiredPermissions' => 'admin:rw' + ) ) ) ) @@ -222,12 +245,12 @@ $config['navigation_menu']['Vilesci/index'] = array( ); $config['navigation_menu']['Vilesci/index'] = array( - 'dashboard' => array( - 'link' => '#', - 'description' => 'Dashboard', - 'icon' => 'dashboard', - 'sort' => 1 - ) + 'dashboard' => array( + 'link' => '#', + 'description' => 'Dashboard', + 'icon' => 'dashboard', + 'sort' => 1 + ) ); $config['navigation_menu']['organisation/Reihungstest/index'] = array( @@ -336,3 +359,4 @@ $config['navigation_menu']['system/issues/Issues/*'] = array( 'requiredPermissions' => array('admin:rw') ), ); + diff --git a/application/controllers/api/frontend/v1/Login.php b/application/controllers/api/frontend/v1/Login.php new file mode 100644 index 000000000..5a2de4ed7 --- /dev/null +++ b/application/controllers/api/frontend/v1/Login.php @@ -0,0 +1,135 @@ +. + */ + +if (! defined('BASEPATH')) exit('No direct script access allowed'); + +/** + * + */ +class Login extends FHCAPI_Controller +{ + /** + * Object initialization + */ + public function __construct() + { + parent::__construct(array( + 'loginLDAP' => self::PERM_ANONYMOUS, + 'loginASByUid' => 'admin:rw', + 'loginASByPersonId' => 'admin:rw', + 'whoAmI' => self::PERM_ANONYMOUS, + 'searchUser' => 'admin:rw' + )); + } + + /** + * Called with HTTP POST via ajax to login using the LDAP authentication + */ + public function loginLDAP() + { + $username = $this->input->post('username'); + $password = $this->input->post('password'); + + $this->load->library('AuthLib', array(false)); // without authentication otherwise loooooop! + + $login = $this->authlib->loginLDAP($username, $password); + + // If login is success then retrieves the desired page + if (isSuccess($login)) $this->terminateWithSuccess($this->authlib->getLandingPage()); + + $this->terminateWithError(getError($login)); // returns the error code + } + + /** + * Called with HTTP POST via ajax to login as another user specified by uid + */ + public function loginASByUid() + { + $uid = $this->input->post('uid'); + + // With authentication -> you must be already logged to gain another identity + $this->load->library('AuthLib'); + + $loginAS = $this->authlib->loginASByUID($uid); + + // Got it! + if (isSuccess($loginAS)) $this->terminateWithSuccess(true); + + // Returns the error code + $this->terminateWithError(getError($loginAS)); + } + + /** + * Called with HTTP POST via ajax to login as another user specified by person id + */ + public function loginASByPersonId() + { + $person_id = $this->input->post('person_id'); + + // With authentication -> you must be already logged to gain another identity + $this->load->library('AuthLib'); + + $loginAS = $this->authlib->loginASByPersonId($person_id); + + // Got it! + if (isSuccess($loginAS)) $this->terminateWithSuccess(true); + + // Returns the error code + $this->terminateWithError(getError($loginAS)); + } + + /** + * Called with HTTP GET via ajax to show which login cretentials are in use + */ + public function whoAmI() + { + // With authentication -> you must be already logged to gain another identity + $this->load->library('AuthLib'); + + $this->terminateWithSuccess($this->authlib->getAuthObj()); + } + + /** + * Search for a user in database checking the name, surname or uid + */ + public function searchUser() + { + $query = strtolower('%'.$this->input->get('query').'%'); + + $this->load->model('person/Benutzer_model', 'BenutzerModel'); + + $dataset = $this->BenutzerModel->execReadOnlyQuery(' + SELECT p.person_id, + b.uid, + p.nachname, + p.vorname, + b.uid || \' - \' || p.nachname || \' \' || p.vorname AS label + FROM public.tbl_person p + LEFT JOIN public.tbl_benutzer b ON(b.person_id = p.person_id) + WHERE b.aktiv = TRUE + AND (p.nachname LIKE ? OR p.vorname = ? OR b.uid LIKE ?) + ', + array($query, $query, $query) + ); + + if (isError($dataset)) $this->terminateWithError(getError($dataset)); + + $this->terminateWithSuccess($dataset); + } +} + diff --git a/application/controllers/system/Login.php b/application/controllers/system/Login.php index 293a25552..42fb54d77 100644 --- a/application/controllers/system/Login.php +++ b/application/controllers/system/Login.php @@ -1,4 +1,20 @@ . + */ if (!defined('BASEPATH')) exit('No direct script access allowed'); @@ -8,12 +24,14 @@ if (!defined('BASEPATH')) exit('No direct script access allowed'); class Login extends FHC_Controller { /** - * + * Object initialization */ public function __construct() - { - parent::__construct(); - } + { + parent::__construct(array( + 'loginAs' => 'admin:rw' + )); + } /** * Displays a login page with username and password @@ -24,72 +42,11 @@ class Login extends FHC_Controller } /** - * Called with HTTP POST via ajax to login using the LDAP authentication + * Displays a login page with username and password */ - public function loginLDAP() - { - $username = $this->input->post('username'); - $password = $this->input->post('password'); - - $this->load->library('AuthLib', array(false)); // without authentication otherwise loooooop! - - $login = $this->authlib->loginLDAP($username, $password); - if (isSuccess($login)) - { - $this->outputJsonSuccess($this->authlib->getLandingPage()); // if login is success then retrieves the desired page - } - else - { - $this->outputJsonError(getCode($login)); // returns the error code - } - } - - /** - * Called with HTTP POST via ajax to login as another user specified by uid - */ - public function loginASByUid() - { - $uid = $this->input->get('uid'); - - // With authentication -> you must be already logged to gain another identity - $this->load->library('AuthLib'); - - $loginAS = $this->authlib->loginASByUID($uid); - $this->outputJson($loginAS); // returns the error code - } - - /** - * Called with HTTP POST via ajax to login as another user specified by person id - */ - public function loginASByPersonId() - { - $person_id = $this->input->get('person_id'); - - // With authentication -> you must be already logged to gain another identity - $this->load->library('AuthLib'); - - $loginAS = $this->authlib->loginASByPersonId($person_id); - if (isSuccess($loginAS)) - { - $this->outputJsonSuccess(true); // obtained! - } - else - { - $this->outputJsonSuccess(getCode($loginAS)); // returns the error code - }; - } - - /** - * To login into the system with email and code as credentials - */ - public function emailCode() - { - } - - /** - * To login into the system using SSO - */ - public function sso() + public function loginAs() { + $this->load->view('system/login/loginAs'); } } + diff --git a/application/views/system/login/loginAs.php b/application/views/system/login/loginAs.php new file mode 100644 index 000000000..46304311c --- /dev/null +++ b/application/views/system/login/loginAs.php @@ -0,0 +1,39 @@ +. + */ + +$includesArray = array( + 'title' => 'Login', + 'axios027' => true, + 'bootstrap5' => true, + 'fontawesome6' => true, + 'vue3' => true, + 'filtercomponent' => true, + 'navigationcomponent' => true, + 'tabulator5' => true, + 'primevue3' => true, + 'phrases' => array('uid', 'global'), + 'customJSModules' => array('public/js/LoginAs.js'), +); + +$this->load->view('templates/FHC-Header', $includesArray); +?> + +
+ +load->view('templates/FHC-Footer', $includesArray); ?> + diff --git a/application/views/system/login/usernamePassword.php b/application/views/system/login/usernamePassword.php index d695089b4..f750504f1 100644 --- a/application/views/system/login/usernamePassword.php +++ b/application/views/system/login/usernamePassword.php @@ -1,44 +1,39 @@ load->view( - 'templates/FHC-Header', - array( - 'title' => 'Login', - 'jquery3' => true, - 'jqueryui1' => true, - 'bootstrap3' => true, - 'fontawesome4' => true, - 'sbadmintemplate3' => true, - 'ajaxlib' => true, - 'dialoglib' => true, - 'customCSSs' => 'public/css/Login.css', - 'customJSs' => 'public/js/Login.js' - ) - ); +/** + * Copyright (C) 2025 fhcomplete.org + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see
-
-