From 02cc92970191a8f6f08ce3a22d13e87a7053608f Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Fri, 15 Feb 2008 09:55:56 +0100
Subject: LDAP backend: try to rebind with current user for getUserData()
 FS#1053

darcs-hash:20080215085556-7ad00-bcdc77251ad51b80bb4a55956efb7987a9eade32.gz
---
 inc/auth/ldap.class.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'inc/auth')

diff --git a/inc/auth/ldap.class.php b/inc/auth/ldap.class.php
index 9fcdc171f..c2e96ba75 100644
--- a/inc/auth/ldap.class.php
+++ b/inc/auth/ldap.class.php
@@ -137,7 +137,8 @@ class auth_ldap extends auth_basic {
      * @author  Andreas Gohr <andi@splitbrain.org>
      * @author  Trouble
      * @author  Dan Allen <dan.j.allen@gmail.com>
-     * @auhtor  <evaldas.auryla@pheur.org>
+     * @author  <evaldas.auryla@pheur.org>
+     * @author  Stephane Chazelas <stephane.chazelas@emerson.com>
      * @return  array containing user data or false
      */
     function getUserData($user) {
@@ -153,8 +154,13 @@ class auth_ldap extends auth_basic {
                 return false;
             }
             $this->bound = 2;
+        }elseif($this->bound == 0) {
+            // in some cases getUserData is called outside the authentication workflow
+            // eg. for sending email notification on subscribed pages. This data might not
+            // be accessible anonymously, so we try to rebind the current user here
+            $pass = PMA_blowfish_decrypt($_SESSION[DOKU_COOKIE]['auth']['pass'],auth_cookiesalt());
+            $this->checkPass($_SESSION[DOKU_COOKIE]['auth']['user'], $pass);
         }
-        // with no superuser creds we continue as user or anonymous here
 
         $info['user']   = $user;
         $info['server'] = $this->cnf['server'];
-- 
cgit v1.2.3