DokuWiki

It's better when it's simple

User Tools

Site Tools

Trace: admidio
plugin:authpdo:admidio

Table of Contents

Admidio Free online membership management software

Configuration for authpdo plugin to authenticate with Admidio Free online membership management software.

Scenario

  • Basic authentication only.
  • Groups are read from Admidio User Management.
  • No user modification/adding. This assumes that all user/group accounts will be created and maintained through Admidio.
  • My “real world” scenario: society with fully working Admidio and 2 DokuWiki's:
    1. DokuWiki for Web and Dokumentation
      → All society users can login to DokuWiki, all leads are represented as groups.
    2. DokuWiki as CMS for the homepage of our society
      → Only group of Admidio users can login to DokuWiki, only part of users are represented as groups.

Working with 2020-07-29 “Hogfather” and Admidio 3.3.17 based on CentOS Linux 7.8.2003 (Core) PHP 7.3.23 and MariaDB 5.5.65.

Prerequisites

  • Access to your DokuWiki files via SSH or FTP.
  • :!: Backup of [yourdokuwiki]/conf/local.php!
  • Access to MariaDB database containing all Admidio data (host, database, user, password).
  • Access to Admidio as “Administrator” (or equivalent role).
  • :!: Backup of Database under create_backup!

Approach

Admidio internal user and role(group) management is quite flexible. To avoid errors in the plugin configuration I decided to add two new views in the database representing the needed data only. This way authpdo's configuration remains still readable.

As a side effect you can check your SELECT-Statements very carefully before connecting DokuWiki's authpdo to Admidio.

Adding views to Moodle database

Login to your MySQL database via command line, PHPMyAdmin, MySQL-Workbench or your other tool.

Execute the following commands:

Select Admidio's database

(don't forget to replace “dbanmeadmidio” with your name): 

USE dbanmeadmidio;

Create view "users" for user data:

check only if User is in Database
<code tsql>
CREATE VIEW dbanmeadmidio.users AS SELECT T1.usr_id AS uid, T1.usr_login_name AS login, T1.usr_password AS password, T2.usd_value AS firstname, T3.usd_value AS lastname, T4.usd_value AS email
FROM adm_users AS T1
LEFT JOIN adm_user_data T2 ON T2.usd_usr_id=T1.usr_id AND T2.usd_usf_id='2'
LEFT JOIN adm_user_data T3 ON T3.usd_usr_id=T1.usr_id AND T3.usd_usf_id='1'
LEFT JOIN adm_user_data T4 ON T4.usd_usr_id=T1.usr_id AND T4.usd_usf_id='12'
WHERE T1.usr_password IS NOT NULL
AND T1.usr_number_invalid=0
GROUP BY T1.usr_id
ORDER BY T1.usr_id DESC

check if the User is active 

CREATE VIEW dbanmeadmidio.users AS 
SELECT T1.usr_id AS uid, T1.usr_login_name AS login, T1.usr_password AS password, 
T2.usd_value AS firstname, T3.usd_value AS lastname, T4.usd_value AS email, T5.mem_end 
FROM adm_users AS T1 
LEFT JOIN adm_user_data T2 ON T2.usd_usr_id=T1.usr_id AND T2.usd_usf_id='2' 
LEFT JOIN adm_user_data T3 ON T3.usd_usr_id=T1.usr_id AND T3.usd_usf_id='1' 
LEFT JOIN adm_user_data T4 ON T4.usd_usr_id=T1.usr_id AND T4.usd_usf_id='12' 
LEFT JOIN adm_members T5 ON T5.mem_usr_id=T1.usr_id AND T5.mem_rol_id='2' 
WHERE T1.usr_password IS NOT NULL 
AND T1.usr_number_invalid=0 
AND T5.mem_end>CURDATE() 
GROUP BY T1.usr_id 
ORDER BY T1.usr_id DESC

Create view "usergroup" for user groups:

CREATE VIEW dbanmeadmidio.usergroup AS SELECT mem_usr_id AS uid, mem_rol_id AS gid FROM `adm_members`

Create view "groups" for groups and names:

CREATE VIEW dbanmeadmidio.groups AS SELECT rol_id AS gid, rol_name AS name FROM adm_roles

Check for success:

SELECT * FROM groups;
 
SELECT * FROM usergroup;
 
SELECT * FROM users;

should give you something like this:

uid login password firstname lastname email mem_end
217username$2ydads$12$9jwwsssffsfdQ….MaxMustermannmax.mustermann@musterhausen.de9999-12-31

and

uid gid
1217

and last but not least

gid name
1wiki_usergroup

As you see, all Admidio users are member of group “user” automatically.1) Group management is done now by creating global Groups and adding Adminio users matching your needs.

Plugin configuration

Common settings

Option 'debug' should be enabled for error messages at first. After success disable it.

Option 'dsn' 

mysql:host=localhost;dbname=dbanmeadmidio;charset=utf8

Option 'user' 

mysqladmidiouser

Option 'pass' 

mysqladmidiousersecret

Don't forget to adjust the core settings:

Scenario

All Admidio Users users can login and all Admidio are DokuWiki groups too:

Option 'select-user' 

SELECT `uid`, `login` AS "user", 
		concat(`lastname`," ",`firstname`) AS "name",
		`password` AS "hash", `email` AS mail FROM `users`
        WHERE `login` = :user

Option 'select-user-groups' 

SELECT name as `group`
                                  FROM groups AS g, users AS u, usergroup AS ug
                                         WHERE u.uid = ug.uid
                                         AND g.gid = ug.gid
                                         AND u.login= :user
                                         GROUP BY name
 

Option 'select-groups' 

SELECT name as `group`
                                  FROM groups AS g, usergroup AS ug
                                         WHERE g.gid = ug.gid

That's it. Save configuration and re-login. Good luck!

1)
If you don't need this, you can delete the AND T1.usr_number_invalid=0 AND T5.mem_end>CURDATE() part from the “user” view.
plugin/authpdo/admidio.txt · Last modified: 2020-10-31 18:41 by webtist_hanschur
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki

Global DokuWiki Links