DokuWiki整合Zentao的用户授权及分组体系

时间:2023-04-22 15:27:37

老外们把精力都放在了怎样做通用性上面了。

Doku后台有切换授权方式的选项,改成mysql。

注:如下修改mysql.conf.php后,要把分组和权限设置结合起来,还需要配置dokuwiki的分组,zentao默认有一些角色分组:

acl.auth.php

# acl.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
#
# Auto-generated by install script
# Date: Mon, 05 Jan 2015 13:09:23 +0000
* @ALL 1
* @admin 8
* @user 8
* @dev 8
* @qa 8
* @pm 8
* @po 8
* @td 8
* @pd 8
* @top 8
* @guest 1

conf/mysql.conf.php

<?php
/*
* This is an example configuration for the mysql auth plugin.
*
* This SQL statements are optimized for following table structure.
* If you use a different one you have to change them accordingly.
* See comments of every statement for details.
*
* TABLE users
* uid login pass firstname lastname email
*
* TABLE groups
* gid name
*
* TABLE usergroup
* uid gid
*
* To use this configuration you have to copy them to local.protected.php
* or at least include this file in local.protected.php.
*/ /* Options to configure database access. You need to set up this
* options carefully, otherwise you won't be able to access you
* database.
*/
$conf['plugin']['authmysql']['server'] = 'localhost';
$conf['plugin']['authmysql']['user'] = 'zentaoxx';
$conf['plugin']['authmysql']['password'] = 'xxxxx';
$conf['plugin']['authmysql']['database'] = 'zentaoxx'; /* This option enables debug messages in the mysql plugin. It is
* mostly useful for system admins.
*/
$conf['plugin']['authmysql']['debug'] = 0; /* Normally password encryption is done by DokuWiki (recommended) but for
* some reasons it might be usefull to let the database do the encryption.
* Set 'forwardClearPass' to '1' and the cleartext password is forwarded to
* the database, otherwise the encrypted one.
*/
$conf['plugin']['authmysql']['forwardClearPass'] = 1; /* Multiple table operations will be protected by locks. This array tolds
* the plugin which tables to lock. If you use any aliases for table names
* these array must also contain these aliases. Any unamed alias will cause
* a warning during operation. See the example below.
*/
$conf['plugin']['authmysql']['TablesToLock']= array();//"users", "users AS u","groups", "groups AS g", "usergroup", "usergroup AS ug" /***********************************************************************/
/* Basic SQL statements for user authentication (required) */
/***********************************************************************/ /* This statement is used to grant or deny access to the wiki. The result
* should be a table with exact one line containing at least the password
* of the user. If the result table is empty or contains more than one
* row, access will be denied.
*
* The plugin accesses the password as 'pass' so a alias might be necessary.
*
* Following patters will be replaced:
* %{user} user name
* %{pass} encrypted or clear text password (depends on 'encryptPass')
* %{dgroup} default group name
*/
$conf['plugin']['authmysql']['checkPass'] = "SELECT password
FROM zt_usergroup AS ug
JOIN zt_user AS u ON u.account=ug.account
JOIN zt_group AS g ON g.id=ug.group
WHERE account='%{user}'
AND name='%{dgroup}'"; /* This statement should return a table with exact one row containing
* information about one user. The field needed are:
* 'pass' containing the encrypted or clear text password
* 'name' the user's full name
* 'mail' the user's email address
*
* Keep in mind that Dokuwiki will access thise information through the
* names listed above so aliasses might be neseccary.
*
* Following patters will be replaced:
* %{user} user name
*/
$conf['plugin']['authmysql']['getUserInfo'] = "SELECT password, realname AS name, email AS mail
FROM zt_user
WHERE account='%{user}'"; /* This statement is used to get all groups a user is member of. The
* result should be a table containing all groups the given user is
* member of. The plugin accesses the group name as 'group' so an alias
* might be nessecary.
*
* Following patters will be replaced:
* %{user} user name
*/
$conf['plugin']['authmysql']['getGroups'] = "SELECT name as `group`
FROM zt_group g, zt_user u, zt_usergroup ug
WHERE u.account = ug.account
AND g.id = ug.group
AND u.account='%{user}'"; /***********************************************************************/
/* Additional minimum SQL statements to use the user manager */
/***********************************************************************/ /* This statement should return a table containing all user login names
* that meet certain filter criteria. The filter expressions will be added
* case dependend by the plugin. At the end a sort expression will be added.
* Important is that this list contains no double entries fo a user. Each
* user name is only allowed once in the table.
*
* The login name will be accessed as 'user' to a alias might be neseccary.
* No patterns will be replaced in this statement but following patters
* will be replaced in the filter expressions:
* %{user} in FilterLogin user's login name
* %{name} in FilterName user's full name
* %{email} in FilterEmail user's email address
* %{group} in FilterGroup group name
*/
$conf['plugin']['authmysql']['getUsers'] = "SELECT DISTINCT account AS user
FROM zt_user AS u
LEFT JOIN zt_usergroup AS ug ON u.account=ug.account
LEFT JOIN zt_group AS g ON ug.group=g.id";
$conf['plugin']['authmysql']['FilterLogin'] = "account LIKE '%{user}'";
$conf['plugin']['authmysql']['FilterName'] = "realname LIKE '%{name}'";
$conf['plugin']['authmysql']['FilterEmail'] = "email LIKE '%{email}'";
$conf['plugin']['authmysql']['FilterGroup'] = "name LIKE '%{group}'";
$conf['plugin']['authmysql']['SortOrder'] = "ORDER BY login"; /***********************************************************************/
/* Additional SQL statements to add new users with the user manager */
/***********************************************************************/ /* This statement should add a user to the database. Minimum information
* to store are: login name, password, email address and full name.
*
* Following patterns will be replaced:
* %{user} user's login name
* %{pass} password (encrypted or clear text, depends on 'encryptPass')
* %{email} email address
* %{name} user's full name
*/
$conf['plugin']['authmysql']['addUser'] = ""; /* This statement should add a group to the database.
* Following patterns will be replaced:
* %{group} group name
*/
$conf['plugin']['authmysql']['addGroup'] = ""; /* This statement should connect a user to a group (a user become member
* of that group).
* Following patterns will be replaced:
* %{user} user's login name
* %{uid} id of a user dataset
* %{group} group name
* %{gid} id of a group dataset
*/
$conf['plugin']['authmysql']['addUserGroup']= ""; /* This statement should remove a group fom the database.
* Following patterns will be replaced:
* %{group} group name
* %{gid} id of a group dataset
*/
$conf['plugin']['authmysql']['delGroup'] = ""; /* This statement should return the database index of a given user name.
* The plugin will access the index with the name 'id' so a alias might be
* necessary.
* following patters will be replaced:
* %{user} user name
*/
$conf['plugin']['authmysql']['getUserID'] = ""; /***********************************************************************/
/* Additional SQL statements to delete users with the user manager */
/***********************************************************************/ /* This statement should remove a user fom the database.
* Following patterns will be replaced:
* %{user} user's login name
* %{uid} id of a user dataset
*/
$conf['plugin']['authmysql']['delUser'] = ""; /* This statement should remove all connections from a user to any group
* (a user quits membership of all groups).
* Following patterns will be replaced:
* %{uid} id of a user dataset
*/
$conf['plugin']['authmysql']['delUserRefs'] = ""; /***********************************************************************/
/* Additional SQL statements to modify users with the user manager */
/***********************************************************************/ /* This statements should modify a user entry in the database. The
* statements UpdateLogin, UpdatePass, UpdateEmail and UpdateName will be
* added to updateUser on demand. Only changed parameters will be used.
*
* Following patterns will be replaced:
* %{user} user's login name
* %{pass} password (encrypted or clear text, depends on 'encryptPass')
* %{email} email address
* %{name} user's full name
* %{uid} user id that should be updated
*/
$conf['plugin']['authmysql']['updateUser'] = "UPDATE zt_user SET";
$conf['plugin']['authmysql']['UpdateLogin'] = "account='%{user}'";
$conf['plugin']['authmysql']['UpdatePass'] = "password='%{pass}'";
$conf['plugin']['authmysql']['UpdateEmail'] = "email='%{email}'";
$conf['plugin']['authmysql']['UpdateName'] = "";
$conf['plugin']['authmysql']['UpdateTarget']= "WHERE id=%{uid}"; /* This statement should remove a single connection from a user to a
* group (a user quits membership of that group).
*
* Following patterns will be replaced:
* %{user} user's login name
* %{uid} id of a user dataset
* %{group} group name
* %{gid} id of a group dataset
*/
$conf['plugin']['authmysql']['delUserGroup']= ""; /* This statement should return the database index of a given group name.
* The plugin will access the index with the name 'id' so a alias might
* be necessary.
*
* Following patters will be replaced:
* %{group} group name
*/
$conf['plugin']['authmysql']['getGroupID'] = "SELECT id
FROM zt_group
WHERE name='%{group}'";