Move 6.8's Group ipFilter test into User.t since isInGroup was moved into WebGUI::User.pm
forward port of ipFilter bugfix, typo
This commit is contained in:
Colin Kuskie
parent
c6facc5f16
commit
62a841ced9
4 changed files with 69 additions and 37 deletions
|
|
@ -516,28 +516,28 @@ sub new {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub recoverPassword {
|
||||
my $self = shift;
|
||||
return $self->displayLogin if($self->userId ne "1");
|
||||
my $template = 'Auth/WebGUI/Recovery';
|
||||
my $vars;
|
||||
my $self = shift;
|
||||
return $self->displayLogin if($self->userId ne "1");
|
||||
my $template = 'Auth/WebGUI/Recovery';
|
||||
my $vars;
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
$vars->{title} = $i18n->get(71);
|
||||
$vars->{'recover.form.header'} = "\n\n".WebGUI::Form::formHeader($self->session,{});
|
||||
$vars->{'recover.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"op","value"=>"auth"});
|
||||
$vars->{'recover.form.hidden'} .= WebGUI::Form::hidden($self->session,{"name"=>"method","value"=>"recoverPasswordFinish"});
|
||||
$vars->{title} = $i18n->get(71);
|
||||
$vars->{'recover.form.header'} = "\n\n".WebGUI::Form::formHeader($self->session,{});
|
||||
$vars->{'recover.form.hidden'} = WebGUI::Form::hidden($self->session,{"name"=>"op","value"=>"auth"});
|
||||
$vars->{'recover.form.hidden'} .= WebGUI::Form::hidden($self->session,{"name"=>"method","value"=>"recoverPasswordFinish"});
|
||||
|
||||
$vars->{'recover.form.submit'} = WebGUI::Form::submit($self->session,{});
|
||||
$vars->{'recover.form.footer'} = WebGUI::Form::formFooter($self->session,);
|
||||
$vars->{'login.url'} = $self->session->url->page('op=auth;method=init');
|
||||
$vars->{'login.label'} = $i18n->get(58);
|
||||
$vars->{'recover.form.submit'} = WebGUI::Form::submit($self->session,{});
|
||||
$vars->{'recover.form.footer'} = WebGUI::Form::formFooter($self->session,);
|
||||
$vars->{'login.url'} = $self->session->url->page('op=auth;method=init');
|
||||
$vars->{'login.label'} = $i18n->get(58);
|
||||
|
||||
$vars->{'anonymousRegistration.isAllowed'} = ($self->session->setting->get("anonymousRegistration"));
|
||||
$vars->{'createAccount.url'} = $self->session->url->page('op=auth=;method=createAccount');
|
||||
$vars->{'createAccount.label'} = $i18n->get(67);
|
||||
$vars->{'recover.message'} = $_[0] if ($_[0]);
|
||||
$vars->{'recover.form.email'} = WebGUI::Form::text($self->session,{"name"=>"email"});
|
||||
$vars->{'recover.form.email.label'} = $i18n->get(56);
|
||||
return WebGUI::Asset::Template->new($self->session,$self->getPasswordRecoveryTemplateId)->process($vars);
|
||||
$vars->{'anonymousRegistration.isAllowed'} = ($self->session->setting->get("anonymousRegistration"));
|
||||
$vars->{'createAccount.url'} = $self->session->url->page('op=auth;method=createAccount');
|
||||
$vars->{'createAccount.label'} = $i18n->get(67);
|
||||
$vars->{'recover.message'} = $_[0] if ($_[0]);
|
||||
$vars->{'recover.form.email'} = WebGUI::Form::text($self->session,{"name"=>"email"});
|
||||
$vars->{'recover.form.email.label'} = $i18n->get(56);
|
||||
return WebGUI::Asset::Template->new($self->session,$self->getPasswordRecoveryTemplateId)->process($vars);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
|
|||
|
|
@ -250,11 +250,27 @@ sub isInGroup {
|
|||
### The following several checks are to increase performance. If this section were removed, everything would continue to work as normal.
|
||||
return 1 if ($gid eq '7'); # everyone is in the everyone group
|
||||
return 1 if ($gid eq '1' && $uid eq '1'); # visitors are in the visitors group
|
||||
### Get data for auxillary checks.
|
||||
my $group = WebGUI::Group->new($self->session,$gid);
|
||||
my $isInGroup = $self->session->stow->get("isInGroup");
|
||||
### Check IP Address
|
||||
if ($group->get("ipFilter")) {
|
||||
my $ipFilter = $group->get("ipFilter");
|
||||
$ipFilter =~ s/\s//g;
|
||||
$ipFilter =~ s/\./\\\./g;
|
||||
my @ips = split(";",$ipFilter);
|
||||
foreach my $ip (@ips) {
|
||||
if ($self->session->env->get("REMOTE_ADDR") =~ /^$ip/) {
|
||||
$isInGroup->{$uid}{$gid} = 1;
|
||||
$self->session->stow->set("isInGroup",$isInGroup);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
return 0 if ($uid eq '1'); #Visitor is in no other groups
|
||||
return 1 if ($uid eq '3'); #Admin is in every group
|
||||
return 1 if ($gid eq '2' && $uid ne '1'); # if you're not a visitor, then you're a registered user
|
||||
### Look to see if we've already looked up this group.
|
||||
my $isInGroup = $self->session->stow->get("isInGroup");
|
||||
if ($isInGroup->{$uid}{$gid} eq '1') {
|
||||
return 1;
|
||||
} elsif ($isInGroup->{$uid}{$gid} eq "0") {
|
||||
|
|
@ -271,22 +287,6 @@ sub isInGroup {
|
|||
return 1;
|
||||
}
|
||||
}
|
||||
### Get data for auxillary checks.
|
||||
my $group = WebGUI::Group->new($self->session,$gid);
|
||||
### Check IP Address
|
||||
if ($group->get("ipFilter")) {
|
||||
my $ipFilter = $group->get("ipFilter");
|
||||
$ipFilter =~ s/\s//g;
|
||||
$ipFilter =~ s/\./\\\./g;
|
||||
my @ips = split(";",$ipFilter);
|
||||
foreach my $ip (@ips) {
|
||||
if ($self->session->env->get("REMOTE_ADDR") =~ /^$ip/) {
|
||||
$isInGroup->{$uid}{$gid} = 1;
|
||||
$self->session->stow->set("isInGroup",$isInGroup);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
### Check Scratch Variables
|
||||
if ($group->get("scratchFilter")) {
|
||||
my $scratchFilter = $group->get("scratchFilter");
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue