Fixed a massive bug with the new authentication system.
This commit is contained in:
JT Smith
parent
d6930f0186
commit
44626a6e07
8 changed files with 76 additions and 84 deletions
|
|
@ -1,2 +1,3 @@
|
|||
insert into webguiVersion values ('4.9.5','upgrade',unix_timestamp());
|
||||
insert into international (internationalId,languageId,namespace,message,lastUpdated) values (856,1,'WebGUI','You have no account properties to edit at this time.', 1040340432);
|
||||
|
||||
|
|
|
|||
|
|
@ -69,9 +69,8 @@ These functions are available from this package:
|
|||
sub _execute {
|
||||
my ($authMethod, $function, $params) = @_;
|
||||
my $cmd = "WebGUI::Authentication::".$authMethod."::".$function;
|
||||
my $result = eval {&$cmd($params)};
|
||||
WebGUI::ErrorHandler::fatalError("Missing method in Authentication module: $authMethod. ".$@) if($@);
|
||||
return $result;
|
||||
return eval {&$cmd($params)} unless ($@);
|
||||
WebGUI::ErrorHandler::fatalError("Missing method in Authentication module: $authMethod. ".$@);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -289,7 +288,7 @@ sub registrationFormSave {
|
|||
|
||||
=head2 registrationFormValidate ( )
|
||||
|
||||
Returns an error string if there are any problems with the form data.
|
||||
Returns the WebGUI username to user for this user, and returns an error string if there are any problems with the form data.
|
||||
|
||||
=cut
|
||||
|
||||
|
|
@ -387,7 +386,7 @@ sub userFormSave {
|
|||
|
||||
=head2 userFormValidate ( )
|
||||
|
||||
Returns an error string if there are any problems with the form data.
|
||||
Returns the WebGUI username to use for this user, and returns an error string if there are any problems with the form data.
|
||||
|
||||
=cut
|
||||
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@ sub authenticate {
|
|||
#-------------------------------------------------------------------
|
||||
sub adminForm {
|
||||
my $userData = WebGUI::Authentication::getParams($_[0],'LDAP');
|
||||
my $ldapUrl = $session{form}{'authLDAP.ldapUrl'} || $userData->{ldapUrl} || $session{setting}{ldapUrl};
|
||||
my $ldapUrl = $session{form}{'authLDAP.ldapUrl'} || $userData->{ldapUrl} || $session{setting}{ldapURL};
|
||||
my $connectDN = $session{form}{'authLDAP.connectDN'} || $userData->{connectDN};
|
||||
my $f;
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
|
|
@ -97,23 +97,17 @@ sub optionsLabel {
|
|||
sub registrationForm {
|
||||
my $f;
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
$f->text("authLDAP.ldapId",$session{setting}{ldapIdName});
|
||||
$f->text("authLDAP.ldapId",$session{setting}{ldapIdName},$session{form}{"authLDAP.ldapId"});
|
||||
$f->password("authLDAP.ldapPassword",$session{setting}{ldapPasswordName});
|
||||
return $f->printRowsOnly;
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub registrationFormSave {
|
||||
my($uri, $port, %args, $ldap, $auth, $search, $connectDN, $uid);
|
||||
my($uri, $ldap, $auth, $search, $connectDN, $uid);
|
||||
my $uid = shift;
|
||||
$uri = URI->new($session{setting}{ldapUrl});
|
||||
if ($uri->port < 1) {
|
||||
$port = 389;
|
||||
} else {
|
||||
$port = $uri->port;
|
||||
}
|
||||
%args = (port => $port);
|
||||
$ldap = Net::LDAP->new($uri->host, %args);
|
||||
$uri = URI->new($session{setting}{ldapURL});
|
||||
$ldap = Net::LDAP->new($uri->host, (port=>$uri->port));
|
||||
$ldap->bind;
|
||||
$search = $ldap->search (base => $uri->dn, filter => $session{setting}{ldapId}."=".$session{form}{'authLDAP.ldapId'});
|
||||
if (defined $search->entry(0)) {
|
||||
|
|
@ -123,27 +117,21 @@ sub registrationFormSave {
|
|||
WebGUI::Authentication::saveParams($uid,'LDAP',
|
||||
{
|
||||
connectDN => $connectDN,
|
||||
ldapUrl => $session{setting}{ldapUrl}
|
||||
ldapUrl => $session{setting}{ldapURL}
|
||||
});
|
||||
return $session{form}{'authLDAP.ldapId'};
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub registrationFormValidate {
|
||||
my ($uri, $error, $ldap, $port, $search, $auth, $connectDN);
|
||||
$uri = URI->new($session{setting}{ldapUrl});
|
||||
if ($uri->port < 1) {
|
||||
$port = 389;
|
||||
} else {
|
||||
$port = $uri->port;
|
||||
}
|
||||
if ($ldap = Net::LDAP->new($uri->host, {port=>$port})) {
|
||||
my ($uri, $error, $ldap, $search, $auth, $connectDN);
|
||||
$uri = URI->new($session{setting}{ldapURL});
|
||||
if ($ldap = Net::LDAP->new($uri->host, (port=>$uri->port))) {
|
||||
if ($ldap->bind) {
|
||||
$search = $ldap->search (base=>$uri->dn,filter=>$session{setting}{ldapId}."=".$session{form}{'authLDAP.ldapId'});
|
||||
if (defined $search->entry(0)) {
|
||||
$connectDN = "cn=".$search->entry(0)->get_value("cn");
|
||||
$ldap->unbind;
|
||||
$ldap = Net::LDAP->new($uri->host, {port=>$port}) or $error .= WebGUI::International::get(2,'Auth/LDAP');
|
||||
$ldap = Net::LDAP->new($uri->host, (port=>$uri->port)) or $error .= WebGUI::International::get(2,'Auth/LDAP');
|
||||
$auth = $ldap->bind(dn=>$connectDN, password=>$session{form}{'authLDAP.ldapPassword'});
|
||||
if ($auth->code == 48 || $auth->code == 49) {
|
||||
$error .= '<li>'.WebGUI::International::get(68);
|
||||
|
|
@ -160,11 +148,13 @@ sub registrationFormValidate {
|
|||
}
|
||||
} else {
|
||||
$error = WebGUI::International::get(2,'Auth/LDAP');
|
||||
WebGUI::ErrorHandler::warn("Couldn't bind to LDAP server: ".$session{setting}{ldapURL});
|
||||
}
|
||||
} else {
|
||||
$error = WebGUI::International::get(2,'Auth/LDAP');
|
||||
WebGUI::ErrorHandler::warn("Couldn't create LDAP object: ".$uri->host);
|
||||
}
|
||||
return $error;
|
||||
return ($session{form}{'authLDAP.ldapId'},$error);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -172,16 +162,16 @@ sub settingsForm {
|
|||
my $f;
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
$f->readOnly('<b>'.optionsLabel().'</b>');
|
||||
$f->url("authLDAP.ldapUrl",WebGUI::International::get(5,'Auth/LDAP'),$session{setting}{ldapUrl});
|
||||
$f->text("authLDAP.ldapId",WebGUI::International::get(6,'Auth/LDAP'),$session{setting}{ldapId});
|
||||
$f->text("authLDAP.ldapIdName",WebGUI::International::get(7,'Auth/LDAP'),$session{setting}{ldapIdName});
|
||||
$f->text("authLDAP.ldapPasswordName",WebGUI::International::get(8,'Auth/LDAP'),$session{setting}{ldapPasswordName});
|
||||
$f->url("ldapURL",WebGUI::International::get(5,'Auth/LDAP'),$session{setting}{ldapURL});
|
||||
$f->text("ldapId",WebGUI::International::get(6,'Auth/LDAP'),$session{setting}{ldapId});
|
||||
$f->text("ldapIdName",WebGUI::International::get(7,'Auth/LDAP'),$session{setting}{ldapIdName});
|
||||
$f->text("ldapPasswordName",WebGUI::International::get(8,'Auth/LDAP'),$session{setting}{ldapPasswordName});
|
||||
return $f->printRowsOnly;
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub userForm {
|
||||
return "";
|
||||
return undef;
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -190,7 +180,7 @@ sub userFormSave {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub userFormValidate {
|
||||
return "";
|
||||
return ($session{user}{username},"");
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ sub registrationFormValidate {
|
|||
if ($smb > 0) {
|
||||
$error = '<li>'. $smbError{$smb} . "pdc: $pdc, bdc: $bdc, domain: $ntDomain";
|
||||
}
|
||||
return $error;
|
||||
return ($session{form}{'authSMB.loginId'}, $error);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -123,7 +123,7 @@ sub settingsForm {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub userForm {
|
||||
return "";
|
||||
return undef;
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -132,7 +132,7 @@ sub userFormSave {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub userFormValidate {
|
||||
return "";
|
||||
return ($session{user}{username},"");
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
|||
|
|
@ -62,6 +62,7 @@ sub optionsLabel {
|
|||
sub registrationForm {
|
||||
my $f;
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
$f->text("authWebGUI.username",WebGUI::International::get(50),$session{form}{"authWebGUI.username"});
|
||||
$f->password("authWebGUI.identifier",WebGUI::International::get(51));
|
||||
$f->password("authWebGUI.identifierConfirm",WebGUI::International::get(2,'Auth/WebGUI'));
|
||||
return $f->printRowsOnly;
|
||||
|
|
@ -75,8 +76,17 @@ sub registrationFormSave {
|
|||
#-------------------------------------------------------------------
|
||||
sub registrationFormValidate {
|
||||
my ($error);
|
||||
if ($session{form}{"authWebGUI.username"} =~ /^\s/ || $session{form}{"authWebGUI.username"} =~ /\s$/) {
|
||||
$error = '<li>'.WebGUI::International::get(724);
|
||||
}
|
||||
if ($session{form}{"authWebGUI.username"} eq "") {
|
||||
$error .= '<li>'.WebGUI::International::get(725);
|
||||
}
|
||||
unless ($session{form}{"authWebGUI.username"} =~ /^[A-Za-z0-9\-\_\.\,\@]+$/) {
|
||||
$error .= '<li>'.WebGUI::International::get(747);
|
||||
}
|
||||
if ($session{form}{'authWebGUI.identifier'} ne $session{form}{'authWebGUI.identifierConfirm'}) {
|
||||
$error = '<li>'.WebGUI::International::get(3,'Auth/WebGUI');
|
||||
$error .= '<li>'.WebGUI::International::get(3,'Auth/WebGUI');
|
||||
}
|
||||
if ($session{form}{'authWebGUI.identifier'} eq "password") {
|
||||
$error .= '<li>'.WebGUI::International::get(5,'Auth/WebGUI');
|
||||
|
|
@ -84,7 +94,7 @@ sub registrationFormValidate {
|
|||
if ($session{form}{'authWebGUI.identifier'} eq "") {
|
||||
$error .= '<li>'.WebGUI::International::get(4,'Auth/WebGUI');
|
||||
}
|
||||
return $error;
|
||||
return ($session{form}{"authWebGUI.username"},$error);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -96,6 +106,7 @@ sub settingsForm {
|
|||
sub userForm {
|
||||
my $f;
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
$f->text("authWebGUI.username",WebGUI::International::get(50),$session{user}{username});
|
||||
$f->password("authWebGUI.identifier",WebGUI::International::get(51),"password");
|
||||
$f->password("authWebGUI.identifierConfirm",WebGUI::International::get(2,'Auth/WebGUI'),"password");
|
||||
return $f->printRowsOnly;
|
||||
|
|
@ -109,13 +120,22 @@ sub userFormSave {
|
|||
#-------------------------------------------------------------------
|
||||
sub userFormValidate {
|
||||
my ($error);
|
||||
if ($session{form}{"authWebGUI.username"} =~ /^\s/ || $session{form}{"authWebGUI.username"} =~ /\s$/) {
|
||||
$error = '<li>'.WebGUI::International::get(724);
|
||||
}
|
||||
if ($session{form}{"authWebGUI.username"} eq "") {
|
||||
$error .= '<li>'.WebGUI::International::get(725);
|
||||
}
|
||||
unless ($session{form}{"authWebGUI.username"} =~ /^[A-Za-z0-9\-\_\.\,\@]+$/) {
|
||||
$error .= '<li>'.WebGUI::International::get(747);
|
||||
}
|
||||
if ($session{form}{'authWebGUI.identifier'} ne $session{form}{'authWebGUI.identifierConfirm'}) {
|
||||
$error = '<li>'.WebGUI::International::get(3,'Auth/WebGUI');
|
||||
}
|
||||
if ($session{form}{'authWebGUI.identifier'} eq "") {
|
||||
$error .= '<li>'.WebGUI::International::get(4,'Auth/WebGUI');
|
||||
}
|
||||
return $error;
|
||||
return ($session{form}{"authWebGUI.username"},$error);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -63,23 +63,15 @@ sub _accountOptions {
|
|||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub _hasBadUsername {
|
||||
my ($error,$otherUser);
|
||||
if ($_[0] =~ /^\s/ || $_[0] =~ /\s$/) {
|
||||
$error = '<li>'.WebGUI::International::get(724);
|
||||
}
|
||||
if ($_[0] eq "") {
|
||||
$error .= '<li>'.WebGUI::International::get(725);
|
||||
sub _checkForDuplicateUsername {
|
||||
my $username = $_[0];
|
||||
my ($otherUser) = WebGUI::SQL->quickArray("select count(*) from users where username=".quote($username));
|
||||
if ($otherUser && $username ne $session{user}{username}) {
|
||||
return '<li>'.WebGUI::International::get(77).' "'.$username.'too", "'.$username.'2", '
|
||||
.'"'.$username.'_'.WebGUI::DateTime::epochToHuman(time(),"%y").'"';
|
||||
} else {
|
||||
return "";
|
||||
}
|
||||
unless ($_[0] =~ /^[A-Za-z0-9\-\_\.\,\@]+$/) {
|
||||
$error .= '<li>'.WebGUI::International::get(747);
|
||||
}
|
||||
($otherUser) = WebGUI::SQL->quickArray("select username from users where username='$_[0]'");
|
||||
if ($otherUser ne "" && $otherUser ne $session{user}{username}) {
|
||||
$error .= '<li>'.WebGUI::International::get(77).' "'.$_[0].'too", "'.$_[0].'2", '
|
||||
.'"'.$_[0].'_'.WebGUI::DateTime::epochToHuman(time(),"%y").'"';
|
||||
}
|
||||
return $error;
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -122,9 +114,6 @@ sub www_createAccount {
|
|||
|
||||
$f = WebGUI::HTMLForm->new();
|
||||
$f->hidden("op","createAccountSave");
|
||||
unless ($session{setting}{authMethod} ne "WebGUI" && $session{setting}{usernameBinding}) {
|
||||
$f->text("username",WebGUI::International::get(50),$session{form}{username});
|
||||
}
|
||||
$f->raw(WebGUI::Authentication::registrationForm());
|
||||
$a = WebGUI::SQL->read("select * from userProfileField,userProfileCategory
|
||||
where userProfileField.profileCategoryId=userProfileCategory.profileCategoryId
|
||||
|
|
@ -179,15 +168,10 @@ sub www_createAccount {
|
|||
sub www_createAccountSave {
|
||||
my ($profile, $u, $username, $uri, $temp, $ldap, $port, %args, $search, $cmd,
|
||||
$connectDN, $auth, $output, $error, $uid, $encryptedPassword, $fieldName);
|
||||
if ($session{setting}{authMethod} ne "WebGUI" && $session{setting}{usernameBinding}) {
|
||||
$username = $session{form}{loginId};
|
||||
} else {
|
||||
$username = $session{form}{username};
|
||||
}
|
||||
$error = _hasBadUsername($username);
|
||||
$error .= WebGUI::Authentication::registrationFormValidate();
|
||||
($username, $error) = WebGUI::Authentication::registrationFormValidate();
|
||||
($profile, $temp) = _validateProfileData();
|
||||
$error .= $temp;
|
||||
$error .= _checkForDuplicateUsername($username);
|
||||
if ($error eq "") {
|
||||
$u = WebGUI::User->new("new");
|
||||
$u->username($username);
|
||||
|
|
@ -244,20 +228,18 @@ sub www_deactivateAccountConfirm {
|
|||
sub www_displayAccount {
|
||||
my ($output, %hash, @array, $f);
|
||||
if ($session{user}{userId} != 1) {
|
||||
$output .= '<h1>'.WebGUI::International::get(61).'</h1>';
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
$f->hidden("op","updateAccount");
|
||||
$f->readOnly($session{user}{karma},WebGUI::International::get(537)) if ($session{setting}{useKarma});
|
||||
|
||||
if ($session{user}{authMethod} ne "WebGUI" && $session{setting}{usernameBinding}) {
|
||||
$f->hidden("username",$session{user}{username});
|
||||
$f->readOnly($session{user}{username},WebGUI::International::get(50));
|
||||
$output = '<h1>'.WebGUI::International::get(61).'</h1>';
|
||||
my $form = WebGUI::Authentication::userForm();
|
||||
unless (defined $form) {
|
||||
$output .= WebGUI::International::get(856);
|
||||
} else {
|
||||
$f->text("username",WebGUI::International::get(50),$session{user}{username});
|
||||
$f = WebGUI::HTMLForm->new;
|
||||
$f->hidden("op","updateAccount");
|
||||
$f->readOnly($session{user}{karma},WebGUI::International::get(537)) if ($session{setting}{useKarma});
|
||||
$f->raw($form);
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
}
|
||||
$f->raw(WebGUI::Authentication::userForm());
|
||||
$f->submit;
|
||||
$output .= $f->print;
|
||||
$output .= _accountOptions();
|
||||
} else {
|
||||
$output .= www_displayLogin();
|
||||
|
|
@ -472,13 +454,13 @@ sub www_recoverPasswordFinish {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub www_updateAccount {
|
||||
my ($output, $error, $encryptedPassword, $passwordStatement, $u);
|
||||
my ($output, $username, $error, $encryptedPassword, $passwordStatement, $u);
|
||||
if ($session{user}{userId} != 1) {
|
||||
$error = WebGUI::Authentication::userFormValidate();
|
||||
$error .= _hasBadUsername($session{form}{username});
|
||||
($username, $error) = WebGUI::Authentication::userFormValidate();
|
||||
$error .= _checkForDuplicateUsername($username);
|
||||
if ($error eq "") {
|
||||
$u = WebGUI::User->new($session{user}{userId});
|
||||
$u->username($session{form}{username});
|
||||
$u->username($username);
|
||||
WebGUI::Authentication::userFormSave();
|
||||
$output .= '<li>'.WebGUI::International::get(81).'<p>';
|
||||
WebGUI::Session::refreshUserInfo($u->userId);
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ sub www_editUserSettings {
|
|||
$f->integer("karmaPerLogin",WebGUI::International::get(540),$session{setting}{karmaPerLogin});
|
||||
$f->interval("sessionTimeout",WebGUI::International::get(142),WebGUI::DateTime::secondsToInterval($session{setting}{sessionTimeout}));
|
||||
$f->select("authMethod",$session{authentication},WebGUI::International::get(119),[$session{setting}{authMethod}]);
|
||||
$f->yesNo("usernameBinding",WebGUI::International::get(306),$session{setting}{usernameBinding});
|
||||
#$f->yesNo("usernameBinding",WebGUI::International::get(306),$session{setting}{usernameBinding});
|
||||
$f->yesNo("selfDeactivation","Allow users to deactivate their account",$session{setting}{selfDeactivation});
|
||||
foreach (keys %{$session{authentication}}) {
|
||||
$f->raw(WebGUI::Authentication::settingsForm($_));
|
||||
|
|
|
|||
|
|
@ -224,7 +224,7 @@ sub www_editUser {
|
|||
Selfdestructed =>WebGUI::International::get(819)
|
||||
);
|
||||
$f->select("status",\%status,WebGUI::International::get(816),[$u->status]);
|
||||
$f->select("authMethod",$session{authentication},WebGUI::International::get(164),[$session{setting}{authMethod}]);
|
||||
$f->select("authMethod",$session{authentication},WebGUI::International::get(164),[$u->authMethod]);
|
||||
foreach (keys %{$session{authentication}}) {
|
||||
$f->raw(WebGUI::Authentication::adminForm($u->userId,$_));
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue