MRBS - Meeting Room Booking System
MRBS - Meeting Room Booking System, version 1.2.3
This is a very simple booking system that is OSS: MRBS Home Page
To use Raven authentication you could put in your own PHP code, or take the quicker approach and use Apache Raven authentication combined with a simple code change in session_php.inc, in the function "getUserName":
// if (isset($HTTP_SESSION_VARS["UserName"]) && ($HTTP_SESSION_VARS["UserName"] != "")) // return $HTTP_SESSION_VARS["UserName"]; if (isset($_SERVER['REMOTE_USER']) && ($_SERVER['REMOTE_USER'] != "")) return $_SERVER['REMOTE_USER'];
for version 1.2.4 the code is very similar, but with a few more { and } in it.
and this bit of configuration in config.inc.php :
$auth["session"] = "php"; $auth["type"] = "none";
The .htaccess file is very simple:
<Limit GET> order deny,allow deny from all AuthType Ucam-WebAuth Require valid-user Satisfy any </Limit>
From Martin Lucas-Smith:
You could probably simplifying this by adding to your .htaccess file:
php_value auto_prepend_file prepended.php
and creating a file prepended.php (as referenced above) which contains merely:
<?php $HTTP_SESSION_VARS['UserName'] = $_SERVER['REMOTE_USER']; ?>
I've not tried it but I suspect this would probably work. If it does work, it would have the benefit that you avoid having to make any changes to the code itself.
Hope that is useful.
Martin Lucas-Smith www.geog.cam.ac.uk/~mvl22 --mr349 15:58, 19 June 2008 (BST)
Two access levels (very simple)
Since everyone is logged in, listed admins should be level 2 (read-write everyone) with everyone else at level 1 (read-write own entries)
No code changes are necessary but add admin users in config.inc.php
Two access levels (simple)
Since everyone is logged in, listed admins should be level 2 (read-write everyone) with everyone else at level 0 (read-only) instead of 1 (read-write own entries)
In auth_none.inc function authGetUserLevel change:
// Everybody else is access level '0' return 0;
and add admin users in config.inc.php
Three access levels
not-tested --mr349 16:32, 19 June 2008 (BST)
Listed admins should be level 2 (read-write everyone) with listed users at level 1 (read-write own entries) and everyone else at level 0 (read-only)
In auth_none.inc function authGetUserLevel
function authGetUserLevel($user, $lev2_admin, $lev1_admin) {
// User not logged in, user level '0' if(!isset($user)) return 0;
// Check if the user is level '2' for($i = 0; isset($lev2_admin[$i]); $i++) { if(strcasecmp($user, $lev2_admin[$i]) == 0) return 2; }
// Check if the user is level '1' for($i = 0; isset($lev1_admin[$i]); $i++) { if(strcasecmp($user, $lev1_admin[$i]) == 0) return 1; }
// Everybody else is access level '0' return 0;
}
In mrbs_auth.inc function getAuthorised change:
return authGetUserLevel($user, $auth["admin"], $auth["mortal"]) >= $level;
and add both admin and mortal users in config.inc.php
MRBS version 1.4.1
https://www.physiol.ox.ac.uk/~trp/webauth-mrbs/
MRBS version 1.4.5
edit config.inc.php and add this to the end, before ?> :
$auth['session'] = 'remote_user'; $auth['type'] = 'none';
Also define admin users like so:
$auth["admin"][] = "mr349";
For authenticated (Raven) users to have readonly authorisation edit auth_none.inc:
// Everybody else is access level '1' # return 1; # mr349, access level 0 please return 0; }