From 880f62faf63b666adcc1d6aec6a8ead3edb18f59 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Tue, 22 Jun 2010 18:51:00 +0200
Subject: [PATCH] new auth capability 'logout'

This patch implements what Adrian's patch "Hide logout button if auth
backend cannot logout" intended to do.

The 'logoff' capability was used to decide if a special method called
$auth->logOff() should be called when the user logs out, not if the
backend supports logouts at all. This was a superflous capability since
an empty logOff() method is implemented in the base class anyway - it
doesn't hurt to always call the method.

The 'logoff' capability is now deprecated. Backends who want to do
actions on logout simply need to overwrite logOff().

A new capability 'logout' was added which defaults to true. Backends
that can't logoff the user (eg. because they use some automatic
login/logoff mechanism) can set this to false.

Probably makes sense to add a 'login' capability as well...
---
 inc/auth.php             | 4 +---
 inc/auth/basic.class.php | 2 +-
 inc/template.php         | 2 +-
 3 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/inc/auth.php b/inc/auth.php
index 564eb0285..70514316c 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -320,9 +320,7 @@ function auth_logoff($keepbc=false){
         setcookie(DOKU_COOKIE,'',time()-600000,DOKU_REL,'',($conf['securecookie'] && is_ssl()));
     }
 
-    if($auth && $auth->canDo('logoff')){
-        $auth->logOff();
-    }
+    if($auth) $auth->logOff();
 }
 
 /**
diff --git a/inc/auth/basic.class.php b/inc/auth/basic.class.php
index c08422488..fa38970ae 100644
--- a/inc/auth/basic.class.php
+++ b/inc/auth/basic.class.php
@@ -30,7 +30,7 @@ class auth_basic {
     'getUserCount'=> false, // can the number of users be retrieved?
     'getGroups'   => false, // can a list of available groups be retrieved?
     'external'    => false, // does the module do external auth checking?
-    'logoff'      => false, // has the module some special logoff method?
+    'logout'      => true,  // can the user logout again? (eg. not possible with HTTP auth)
   );
 
 
diff --git a/inc/template.php b/inc/template.php
index 15d186a49..20bb969ee 100644
--- a/inc/template.php
+++ b/inc/template.php
@@ -587,7 +587,7 @@ function tpl_get_action($type) {
             }
             $params['sectok'] = getSecurityToken();
             if(isset($_SERVER['REMOTE_USER'])){
-                if (!$auth->canDo('logoff')) {
+                if (!$auth->canDo('logout')) {
                     return false;
                 }
                 $params['do'] = 'logout';
-- 
GitLab