statistics: Use SimpleSAML_Auth_Simple.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2598 44740490-163a-0410-bde0-09ae8108e29a

statistics: Use SimpleSAML_Auth_Simple.
94fcba86 · Olav Morken · 3423fe55 · 94fcba86
Commit 94fcba86 authored 14 years ago by Olav Morken
--- a/modules/statistics/lib/AccessCheck.php
+++ b/modules/statistics/lib/AccessCheck.php
@@ -15,7 +15,6 @@ class sspmod_statistics_AccessCheck {
 	 * If the user doesn't have access, send the user to the login page.
 	 */
 	public static function checkAccess(SimpleSAML_Configuration $statconfig) {
-		$session = SimpleSAML_Session::getInstance();
 		$protected = $statconfig->getBoolean('protected', FALSE);
 		$authsource = $statconfig->getString('auth', NULL);
 		$allowedusers = $statconfig->getValue('allowedUsers', NULL);
@@ -36,52 +35,50 @@ class sspmod_statistics_AccessCheck {
 			return;
 		}
-		if (isset($authsource) && $session->isValid($authsource) ) {
+		if (!isset($authsource)) {
+			// If authsource is not defined, init admin login.
+			SimpleSAML_Utilities::requireAdmin();
+		}
-			// User logged in with auth source.
+		/* We are using an authsource for login. */
-			SimpleSAML_Logger::debug('Statistics auth - valid login with auth source [' . $authsource . ']');
-			// Retrieving attributes
+		$as = new SimpleSAML_Auth_Simple($authsource);
-			$attributes = $session->getAttributes();
+		$as->requireAuth();
-			if (!empty($allowedusers)) {
+		// User logged in with auth source.
-				// Check if userid exists
+		SimpleSAML_Logger::debug('Statistics auth - valid login with auth source [' . $authsource . ']');
-				if (!isset($attributes[$useridattr][0]))
-					throw new Exception('User ID is missing');
-				// Check if userid is allowed access..
+		// Retrieving attributes
-				if (in_array($attributes[$useridattr][0], $allowedusers)) {
+		$attributes = $as->getAttributes();
-					SimpleSAML_Logger::debug('Statistics auth - User granted access by user ID [' . $attributes[$useridattr][0] . ']');
-					return;
-				}
-				SimpleSAML_Logger::debug('Statistics auth - User denied access by user ID [' . $attributes[$useridattr][0] . ']');
-			} else {
+		if (!empty($allowedusers)) {
-				SimpleSAML_Logger::debug('Statistics auth - no allowedUsers list.');
+			// Check if userid exists
-			}
+			if (!isset($attributes[$useridattr][0]))
+				throw new Exception('User ID is missing');
-			if (!is_null($acl)) {
+			// Check if userid is allowed access..
-				$acl = new sspmod_core_ACL($acl);
+			if (in_array($attributes[$useridattr][0], $allowedusers)) {
-				if ($acl->allows($attributes)) {
+				SimpleSAML_Logger::debug('Statistics auth - User granted access by user ID [' . $attributes[$useridattr][0] . ']');
-					SimpleSAML_Logger::debug('Statistics auth - allowed access by ACL.');
+				return;
-					return;
-				}
-				SimpleSAML_Logger::debug('Statistics auth - denied access by ACL.');
-			} else {
-				SimpleSAML_Logger::debug('Statistics auth - no ACL configured.');
 			}
+			SimpleSAML_Logger::debug('Statistics auth - User denied access by user ID [' . $attributes[$useridattr][0] . ']');
-			throw new SimpleSAML_Error_Exception('Access denied to the current user.');
+		} else {
+			SimpleSAML_Logger::debug('Statistics auth - no allowedUsers list.');
 		}
-		if(isset($authsource)) {
+		if (!is_null($acl)) {
-			// If user is not logged in init login with authrouce if authsousrce is defined.
+			$acl = new sspmod_core_ACL($acl);
-			SimpleSAML_Auth_Default::initLogin($authsource, SimpleSAML_Utilities::selfURL());
+			if ($acl->allows($attributes)) {
+				SimpleSAML_Logger::debug('Statistics auth - allowed access by ACL.');
+				return;
+			}
+			SimpleSAML_Logger::debug('Statistics auth - denied access by ACL.');
 		} else {
-			// If authsource is not defined, init admin login.
+			SimpleSAML_Logger::debug('Statistics auth - no ACL configured.');
-			SimpleSAML_Utilities::requireAdmin();
 		}
+		throw new SimpleSAML_Error_Exception('Access denied to the current user.');
 	}
 }
\ No newline at end of file