- updated to the new pikotools api (child spaces were removed)
some plugins need to be fixed yet: ticket, gallery, group, menu - added current user to default models as "user" - renamed in User: super_user -> is_super_user, env -> admin_env, pass_hash_salted -> is_pass_hash_salted - now Users class has a WinixModel as a base class some plugin calls have to be fixed yet - added UserWrapper model with a pointer to User class - removed from ItemContent: methods for accessing 'meta' and 'admin_meta', now ezc can iterate through Space classes - fixed in env winix function: if there is "changeuser" parameter then we should only switch the user (not save anything)master
parent
472490c239
commit
1d18b7fa12
|
@ -881,6 +881,11 @@ void App::AddDefaultModels()
|
|||
{
|
||||
cur.request->models.Add(L"request", cur.request);
|
||||
|
||||
if( cur.session && cur.session->puser )
|
||||
{
|
||||
cur.request->models.Add(L"user", *cur.session->puser);
|
||||
}
|
||||
|
||||
if( cur.request->is_item )
|
||||
{
|
||||
cur.request->models.Add(L"item", cur.request->item);
|
||||
|
|
|
@ -270,7 +270,7 @@ bool Crypt::RSA(bool encrypt, const std::wstring & keypath, const std::string &
|
|||
bool Crypt::PassHash(const std::wstring & salt, User & user)
|
||||
{
|
||||
bool result = true;
|
||||
user.pass_hash_salted = false;
|
||||
user.is_pass_hash_salted = false;
|
||||
|
||||
if( user.pass_type != WINIX_CRYPT_HASH_NONE )
|
||||
{
|
||||
|
@ -281,7 +281,7 @@ bool Crypt::PassHash(const std::wstring & salt, User & user)
|
|||
if( HashHex(user.pass_type, pass_salted, user.password) )
|
||||
{
|
||||
if( !salt.empty() )
|
||||
user.pass_hash_salted = true;
|
||||
user.is_pass_hash_salted = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -71,7 +71,7 @@ void Groups::ReadGroups(Db * db)
|
|||
|
||||
for(Group & group : groups_tmp)
|
||||
{
|
||||
table.PushBack(group);
|
||||
table.PushBack(group, group.name);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -241,7 +241,7 @@ void SessionManager::SetSessionPutLogInfo(Session & ses, bool has_index, unsigne
|
|||
main_log << ", index difference: " << (size_t)difference;
|
||||
|
||||
if( ses.puser )
|
||||
main_log << log2 << ", user: " << ses.puser->name << ", id: " << ses.puser->id;
|
||||
main_log << log2 << ", user: " << ses.puser->login << ", id: " << ses.puser->id;
|
||||
|
||||
main_log << log2 << logend;
|
||||
}
|
||||
|
|
|
@ -135,7 +135,7 @@ void SessionParser::MakeSession(long id, long user_id, SessionContainer & contai
|
|||
// !! IMPROVE ME we do not save last_time_get
|
||||
|
||||
users->IncrementLoggedUsers();
|
||||
log << log2 << "SP: read session id: " << id << " for user: " << puser->name << logend;
|
||||
log << log2 << "SP: read session id: " << id << " for user: " << puser->login << logend;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -87,7 +87,8 @@ void System::set_dependency(WinixModelDeprecated * winix_model)
|
|||
|
||||
dirs.set_dependency(this);
|
||||
mounts.set_dependency(this);
|
||||
users.set_dependency(this);
|
||||
//users.set_dependency(this);
|
||||
users.set_connector(model_connector);
|
||||
groups.set_dependency(this);
|
||||
rebus.set_dependency(this);
|
||||
load_avg.set_dependency(this);
|
||||
|
@ -140,8 +141,9 @@ void System::Init()
|
|||
mounts.CreateMounts();
|
||||
mounts.ReadMounts();
|
||||
|
||||
users.SetCur(cur);
|
||||
users.SetSessionManager(session_manager);
|
||||
// users.SetCur(cur);
|
||||
// users.SetSessionManager(session_manager);
|
||||
users.set_connector(model_connector);
|
||||
users.ReadUsers(db);
|
||||
|
||||
groups.ReadGroups(db); // !! chwilowe przekazanie argumentu, db bedzie zmienione
|
||||
|
@ -533,7 +535,7 @@ bool System::CanChangeUser(const Item & item, long new_user_id)
|
|||
// session must be set
|
||||
return false;
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
// super user is allowed everything
|
||||
return true;
|
||||
|
||||
|
@ -553,7 +555,7 @@ bool System::CanChangeGroup(const Item & item, long new_group_id)
|
|||
// session must be set
|
||||
return false;
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
// super user is allowed everything
|
||||
return true;
|
||||
|
||||
|
@ -587,7 +589,7 @@ bool System::CanChangePrivileges(const Item & item, int new_priv)
|
|||
// session must be set
|
||||
return false;
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
// super user is allowed everything
|
||||
return true;
|
||||
|
||||
|
@ -751,7 +753,7 @@ bool System::CanRemoveRenameChild(const Item & dir, long child_item_user_id)
|
|||
|
||||
if( cur->session->puser )
|
||||
{
|
||||
if( cur->session->puser->super_user )
|
||||
if( cur->session->puser->is_super_user )
|
||||
return true;
|
||||
|
||||
if( dir.item_content.user_id != -1 && cur->session->puser->id != -1 && child_item_user_id != -1 )
|
||||
|
@ -811,7 +813,7 @@ bool System::IsSuperUser(long user_id)
|
|||
if( !puser )
|
||||
return false;
|
||||
|
||||
return puser->super_user;
|
||||
return puser->is_super_user;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -258,7 +258,7 @@ bool TimeZone::SetTzDst(pt::Space & year)
|
|||
Dst dst;
|
||||
|
||||
int year_int = 0;
|
||||
std::wstring * year_name = year.find_child_space_name();
|
||||
std::wstring * year_name = year.get_wstr(L"year");
|
||||
|
||||
if( year_name )
|
||||
year_int = Toi(*year_name);
|
||||
|
@ -297,7 +297,7 @@ bool TimeZone::SetTz(pt::Space & space)
|
|||
bool result = true;
|
||||
name.clear();
|
||||
|
||||
std::wstring * space_name = space.find_child_space_name();
|
||||
std::wstring * space_name = space.get_wstr(L"name");
|
||||
|
||||
if( space_name )
|
||||
name = *space_name;
|
||||
|
@ -309,21 +309,16 @@ bool TimeZone::SetTz(pt::Space & space)
|
|||
if( offset < -h24 || offset > h24 )
|
||||
result = false;
|
||||
|
||||
pt::Space * dst = space.find_child_space(L"dst");
|
||||
pt::Space::TableType * dst = space.get_table(L"dst");
|
||||
|
||||
if( dst )
|
||||
{
|
||||
pt::Space::TableType * child_table = dst->find_child_space_table();
|
||||
|
||||
if( child_table )
|
||||
for(pt::Space * dst_space : *dst)
|
||||
{
|
||||
for(pt::Space * year : *child_table)
|
||||
if( !SetTzDst(*dst_space) )
|
||||
{
|
||||
if( !SetTzDst(*year) )
|
||||
{
|
||||
result = false;
|
||||
break;
|
||||
}
|
||||
result = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -123,11 +123,11 @@ bool TimeZones::Empty() const
|
|||
|
||||
void TimeZones::ParseZones()
|
||||
{
|
||||
pt::Space::TableType * child_table = temp_space.find_child_space_table();
|
||||
pt::Space::TableType * timezones_table = temp_space.get_table(L"timezones");
|
||||
|
||||
if( child_table )
|
||||
if( timezones_table )
|
||||
{
|
||||
for(pt::Space * zone : *child_table)
|
||||
for(pt::Space * zone : *timezones_table)
|
||||
{
|
||||
temp_zone.Clear();
|
||||
|
||||
|
@ -155,7 +155,7 @@ void TimeZones::ParseZones()
|
|||
else
|
||||
{
|
||||
log << log1 << "System: problem with reading time zone info from time zone: "
|
||||
<< zone->get_child_space_name() << " (skipping) " << logend;
|
||||
<< zone->to_wstr(L"name") << " (skipping) " << logend;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
*/
|
||||
|
||||
/*
|
||||
* Copyright (c) 2008-2014, Tomasz Sowa
|
||||
* Copyright (c) 2008-2021, Tomasz Sowa
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
|
@ -65,7 +65,7 @@ public:
|
|||
Iterator End();
|
||||
SizeType Size();
|
||||
bool Empty();
|
||||
Iterator PushBack(const Type & type); // can return End() if the user already exists
|
||||
Iterator PushBack(const Type & type, const std::wstring & name); // can return End() if the user already exists
|
||||
void Clear();
|
||||
|
||||
bool Is(long id);
|
||||
|
@ -78,17 +78,20 @@ public:
|
|||
|
||||
|
||||
|
||||
|
||||
// main table
|
||||
Table table;
|
||||
|
||||
|
||||
private:
|
||||
|
||||
// don't copy these objects
|
||||
UGContainer(const UGContainer<Type> &);
|
||||
UGContainer<Type> & operator=(const UGContainer<Type> &);
|
||||
|
||||
void AddIndexes(Iterator iter);
|
||||
void AddIndexes(Iterator iter, const std::wstring & name);
|
||||
void RebuildIndexes();
|
||||
|
||||
// main table
|
||||
Table table;
|
||||
|
||||
// table.size() has O(n) complexity
|
||||
size_t table_size;
|
||||
|
@ -163,16 +166,16 @@ bool UGContainer<Type>::Empty()
|
|||
|
||||
|
||||
template<class Type>
|
||||
typename UGContainer<Type>::Iterator UGContainer<Type>::PushBack(const Type & type)
|
||||
typename UGContainer<Type>::Iterator UGContainer<Type>::PushBack(const Type & type, const std::wstring & name)
|
||||
{
|
||||
if( Is(type.id) || Is(type.name) )
|
||||
if( Is(type.id) || Is(name) )
|
||||
return End();
|
||||
|
||||
table.push_back(type);
|
||||
table_size += 1;
|
||||
Iterator i = --table.end();
|
||||
log << log3 << "UGCont: added, id: " << type.id << ", name: " << type.name << logend;
|
||||
AddIndexes(i);
|
||||
log << log3 << "UGCont: added, id: " << type.id << ", name: " << name << logend;
|
||||
AddIndexes(i, name);
|
||||
|
||||
return i;
|
||||
}
|
||||
|
@ -242,12 +245,12 @@ return i->second;
|
|||
|
||||
|
||||
template<class Type>
|
||||
void UGContainer<Type>::AddIndexes(UGContainer<Type>::Iterator iter)
|
||||
void UGContainer<Type>::AddIndexes(UGContainer<Type>::Iterator iter, const std::wstring & name)
|
||||
{
|
||||
table_id.insert( std::make_pair(iter->id, iter) );
|
||||
table_name.insert( std::make_pair(iter->name, iter) );
|
||||
table_name.insert( std::make_pair(name, iter) );
|
||||
|
||||
log << log4 << "UGCont: added indexes to: id: " << iter->id << ", name: " << iter->name << logend;
|
||||
log << log4 << "UGCont: added indexes to: id: " << iter->id << ", name: " << name << logend;
|
||||
}
|
||||
|
||||
|
||||
|
@ -286,14 +289,15 @@ bool UGContainer<Type>::Remove(long id)
|
|||
{
|
||||
if( n->second == i->second )
|
||||
{
|
||||
|
||||
log << log4 << "UGCont: removed index_name to: id: " << i->second->id << ", name: " << n->first << logend;
|
||||
table_name.erase(n);
|
||||
log << log4 << "UGCont: removed index_id to: id: " << i->second->id << ", name: " << i->second->name << logend;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
log << log4 << "UGCont: removed index_name to: id: " << i->second->id << ", name: " << i->second->name << logend;
|
||||
log << log3 << "UGCont: removed: id: " << i->second->id << ", name: " << i->second->name << logend;
|
||||
log << log4 << "UGCont: removed index_id to: id: " << i->second->id << logend;
|
||||
log << log3 << "UGCont: removed: id: " << i->second->id << logend;
|
||||
table.erase(i->second);
|
||||
table_id.erase(i);
|
||||
result = true;
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
*/
|
||||
|
||||
/*
|
||||
* Copyright (c) 2008-2018, Tomasz Sowa
|
||||
* Copyright (c) 2008-2021, Tomasz Sowa
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
|
@ -35,6 +35,7 @@
|
|||
#include <arpa/inet.h>
|
||||
#include "users.h"
|
||||
#include "sessionmanager.h"
|
||||
#include "slog.h"
|
||||
|
||||
|
||||
namespace Winix
|
||||
|
@ -45,29 +46,38 @@ namespace Winix
|
|||
Users::Users()
|
||||
{
|
||||
how_many_logged = 0; // !! CHECK ME may it should be moved to Clear() method?
|
||||
table.set_dependency(this);
|
||||
// table.set_dependency(this);
|
||||
Clear();
|
||||
}
|
||||
|
||||
|
||||
void Users::set_dependency(WinixModelDeprecated * winix_model)
|
||||
|
||||
void Users::fields()
|
||||
{
|
||||
WinixModelDeprecated::set_dependency(winix_model);
|
||||
table.set_dependency(winix_model);
|
||||
last.set_dependency(winix_model);
|
||||
field(L"users", table.table);
|
||||
}
|
||||
|
||||
|
||||
void Users::SetCur(Cur * pcur)
|
||||
{
|
||||
cur = pcur;
|
||||
}
|
||||
|
||||
|
||||
void Users::SetSessionManager(SessionManager * sm)
|
||||
{
|
||||
session_manager = sm;
|
||||
}
|
||||
//void Users::set_dependency(WinixModelDeprecated * winix_model)
|
||||
//{
|
||||
// WinixModelDeprecated::set_dependency(winix_model);
|
||||
// table.set_dependency(winix_model);
|
||||
// last.set_dependency(winix_model);
|
||||
//}
|
||||
|
||||
|
||||
//void Users::SetCur(Cur * pcur)
|
||||
//{
|
||||
// cur = pcur;
|
||||
//}
|
||||
|
||||
|
||||
//void Users::SetSessionManager(SessionManager * sm)
|
||||
//{
|
||||
// session_manager = sm;
|
||||
//}
|
||||
|
||||
|
||||
void Users::Clear()
|
||||
|
@ -89,7 +99,7 @@ void Users::ReadUsers(Db * db)
|
|||
|
||||
for(User & user : users_tmp)
|
||||
{
|
||||
table.PushBack(user);
|
||||
table.PushBack(user, user.login);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -98,7 +108,7 @@ void Users::ReadUsers(Db * db)
|
|||
|
||||
bool Users::AddUser(const User & user)
|
||||
{
|
||||
Table::Iterator i = table.PushBack(user);
|
||||
Table::Iterator i = table.PushBack(user, user.login);
|
||||
|
||||
return (i != table.End());
|
||||
}
|
||||
|
@ -173,11 +183,11 @@ bool Users::Remove(long user_id)
|
|||
if( puser )
|
||||
{
|
||||
LogoutUser(user_id);
|
||||
plugin->Call(WINIX_PREPARE_TO_REMOVE_USER, puser);
|
||||
// plugin->Call(WINIX_PREPARE_TO_REMOVE_USER, puser); FIXME
|
||||
result = table.Remove(user_id);
|
||||
|
||||
if( result )
|
||||
plugin->Call(WINIX_USER_REMOVED, user_id);
|
||||
// if( result )
|
||||
// plugin->Call(WINIX_USER_REMOVED, user_id); FIXME
|
||||
}
|
||||
|
||||
return result;
|
||||
|
@ -187,15 +197,20 @@ return result;
|
|||
// private
|
||||
bool Users::LoginUserCheckSession(bool use_ses_log)
|
||||
{
|
||||
if( !cur->session )
|
||||
Session * session = get_session();
|
||||
Log * log = get_logger();
|
||||
SLog * slog = get_session_logger();
|
||||
|
||||
if( !session )
|
||||
return false;
|
||||
|
||||
if( cur->session->id == 0 )
|
||||
if( session->id == 0 )
|
||||
{
|
||||
log << log1 << "Users: I cannot login a user on a temporary session" << logend;
|
||||
if( log )
|
||||
(*log) << log1 << "Users: I cannot login a user on a temporary session" << logend;
|
||||
|
||||
// if( use_ses_log )
|
||||
// slog << logerror << T(L"service_unavailable") << logend;
|
||||
if( slog && use_ses_log )
|
||||
(*slog) << logerror << T(L"service_unavailable") << logend;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
@ -208,34 +223,35 @@ return true;
|
|||
User * Users::LoginUserCheckStatus(long user_id, bool use_ses_log)
|
||||
{
|
||||
User * puser = GetUser(user_id);
|
||||
Log * log = get_logger();
|
||||
SLog * slog = get_session_logger();
|
||||
|
||||
if( !puser )
|
||||
{
|
||||
log << log1 << "Users: user id: " << user_id << " is not in system.users table" << logend;
|
||||
if( log )
|
||||
(*log) << log1 << "Users: user id: " << user_id << " is not in system.users table" << logend;
|
||||
|
||||
// if( use_ses_log )
|
||||
// slog << logerror << T(L"service_unavailable") << logend;
|
||||
if( slog && use_ses_log )
|
||||
(*slog) << logerror << T(L"service_unavailable") << logend;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
if( puser->status != WINIX_ACCOUNT_READY )
|
||||
{
|
||||
log << log1 << "Users: user id: " << user_id << " is not ready for logging in (status: "
|
||||
(*log) << log1 << "Users: user id: " << user_id << " is not ready for logging in (status: "
|
||||
<< puser->status << ")" << logend;
|
||||
|
||||
if( use_ses_log )
|
||||
if( slog && use_ses_log )
|
||||
{
|
||||
/*
|
||||
if( puser->status == WINIX_ACCOUNT_NOT_ACTIVATED )
|
||||
slog << logerror << T(L"account_not_activated") << logend;
|
||||
(*slog) << logerror << T(L"account_not_activated") << logend;
|
||||
else
|
||||
if( puser->status == WINIX_ACCOUNT_SUSPENDED )
|
||||
slog << logerror << T(L"account_suspended") << logend;
|
||||
(*slog) << logerror << T(L"account_suspended") << logend;
|
||||
else
|
||||
if( puser->status == WINIX_ACCOUNT_BLOCKED )
|
||||
slog << logerror << T(L"account_banned") << logend;
|
||||
*/
|
||||
(*slog) << logerror << T(L"account_banned") << logend;
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
@ -252,34 +268,43 @@ bool Users::LoginUser(long user_id, bool remember_me, bool use_ses_log)
|
|||
return false;
|
||||
|
||||
User * puser = LoginUserCheckStatus(user_id, use_ses_log);
|
||||
Log * log = get_logger();
|
||||
Session * session = get_session();
|
||||
SessionManager * session_manager = get_session_manager();
|
||||
Request * request = get_request();
|
||||
|
||||
if( !puser )
|
||||
if( !puser || !session || !session_manager || !request )
|
||||
return false;
|
||||
|
||||
PluginRes res = plugin->Call(WINIX_PREPARE_USER_TO_LOGIN, puser);
|
||||
PluginRes res;
|
||||
//PluginRes res = plugin->Call(WINIX_PREPARE_USER_TO_LOGIN, puser); FIXME
|
||||
|
||||
if( res.res_false > 0 )
|
||||
{
|
||||
log << log3 << "Users: login prevented by a plugin" << logend;
|
||||
if( log )
|
||||
(*log) << log3 << "Users: login prevented by a plugin" << logend;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
if( cur->session->puser )
|
||||
if( session->puser )
|
||||
LogoutCurrentUser();
|
||||
|
||||
cur->session->puser = puser;
|
||||
cur->session->spam_score = 0;
|
||||
cur->session->remember_me = remember_me;
|
||||
session->puser = puser;
|
||||
session->spam_score = 0;
|
||||
session->remember_me = remember_me;
|
||||
|
||||
// change session id before last.UserLogin()
|
||||
if( !cur->session->new_session )
|
||||
session_manager->ChangeSessionId(cur->session->id);
|
||||
if( !session->new_session )
|
||||
session_manager->ChangeSessionId(session->id);
|
||||
|
||||
last.UserLogin(user_id, cur->session->puser->name, cur->request->ip, cur->session->id);
|
||||
last.UserLogin(user_id, session->puser->login, request->ip, session->id);
|
||||
how_many_logged += 1;
|
||||
|
||||
log << log2 << "Users: user " << cur->session->puser->name << " (id: " << user_id << ") logged" << logend;
|
||||
plugin->Call(WINIX_USER_LOGGED);
|
||||
if( log )
|
||||
(*log) << log2 << "Users: user " << session->puser->login << " (id: " << user_id << ") logged" << logend;
|
||||
|
||||
//plugin->Call(WINIX_USER_LOGGED); FIXME
|
||||
|
||||
return true;
|
||||
}
|
||||
|
@ -289,18 +314,26 @@ size_t Users::LogoutUser(long user_id)
|
|||
{
|
||||
size_t how_many = 0;
|
||||
User * puser = GetUser(user_id);
|
||||
Log * log = get_logger();
|
||||
SessionManager * session_manager = get_session_manager();
|
||||
|
||||
if( puser )
|
||||
if( puser && session_manager )
|
||||
{
|
||||
log << log2 << "Users: logging out user " << puser->name << ", id: "
|
||||
<< puser->id << " from all sessions" << logend;
|
||||
if( log )
|
||||
{
|
||||
(*log) << log2 << "Users: logging out user " << puser->login << ", id: "
|
||||
<< puser->id << " from all sessions" << logend;
|
||||
}
|
||||
|
||||
// WINIX_PREPARE_USER_TO_LOGOUT will be sent by MarkAllSessionsToRemove()
|
||||
how_many = session_manager->MarkAllSessionsToRemove(user_id);
|
||||
how_many_logged -= how_many;
|
||||
|
||||
if( how_many )
|
||||
log << log3 << "Users: " << how_many << " user(s) were logged out" << logend;
|
||||
{
|
||||
if( log )
|
||||
(*log) << log3 << "Users: " << how_many << " user(s) were logged out" << logend;
|
||||
}
|
||||
}
|
||||
|
||||
return how_many;
|
||||
|
@ -310,20 +343,26 @@ return how_many;
|
|||
|
||||
void Users::LogoutCurrentUser()
|
||||
{
|
||||
if( !cur->session || !cur->session->puser )
|
||||
Log * log = get_logger();
|
||||
Session * session = get_session();
|
||||
|
||||
if( !session || !session->puser )
|
||||
return;
|
||||
|
||||
log << log2 << "Users: user " << cur->session->puser->name << ", id: "
|
||||
<< cur->session->puser->id << " logged out" << logend;
|
||||
if( log )
|
||||
{
|
||||
(*log) << log2 << "Users: user " << session->puser->login << ", id: "
|
||||
<< session->puser->id << " logged out" << logend;
|
||||
}
|
||||
|
||||
plugin->Call(WINIX_PREPARE_USER_TO_LOGOUT, cur->session->puser);
|
||||
last.UserLogout(cur->session->puser->id, cur->session->id);
|
||||
//plugin->Call(WINIX_PREPARE_USER_TO_LOGOUT, cur->session->puser); // FIXME
|
||||
last.UserLogout(session->puser->id, session->id);
|
||||
|
||||
if( how_many_logged > 0 ) // for safety
|
||||
how_many_logged -= 1;
|
||||
|
||||
cur->session->puser = 0;
|
||||
cur->session->remember_me = false;
|
||||
session->puser = 0;
|
||||
session->remember_me = false;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
*/
|
||||
|
||||
/*
|
||||
* Copyright (c) 2008-2018, Tomasz Sowa
|
||||
* Copyright (c) 2008-2021, Tomasz Sowa
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
|
@ -41,7 +41,7 @@
|
|||
#include "lastcontainer.h"
|
||||
#include "cur.h"
|
||||
#include "db/db.h"
|
||||
#include "winixmodeldeprecated.h"
|
||||
#include "models/winixmodel.h"
|
||||
|
||||
|
||||
|
||||
|
@ -53,13 +53,13 @@ namespace Winix
|
|||
class SessionManager;
|
||||
|
||||
|
||||
class Users : public WinixModelDeprecated
|
||||
class Users : public WinixModel
|
||||
{
|
||||
typedef UGContainer<User> Table;
|
||||
|
||||
public:
|
||||
|
||||
void set_dependency(WinixModelDeprecated * winix_model);
|
||||
//void set_dependency(WinixModelDeprecated * winix_model);
|
||||
|
||||
|
||||
typedef Table::Iterator Iterator;
|
||||
|
@ -69,8 +69,8 @@ public:
|
|||
|
||||
Users();
|
||||
|
||||
void SetCur(Cur * pcur);
|
||||
void SetSessionManager(SessionManager * sm);
|
||||
// void SetCur(Cur * pcur);
|
||||
// void SetSessionManager(SessionManager * sm);
|
||||
|
||||
void Clear();
|
||||
void ReadUsers(Db * db);
|
||||
|
@ -91,12 +91,17 @@ public:
|
|||
void IncrementLoggedUsers();
|
||||
long HowManyLogged();
|
||||
|
||||
protected:
|
||||
|
||||
void fields();
|
||||
|
||||
|
||||
|
||||
private:
|
||||
|
||||
Table table;
|
||||
Cur * cur;
|
||||
SessionManager * session_manager;
|
||||
//Cur * cur;
|
||||
//SessionManager * session_manager;
|
||||
long how_many_logged;
|
||||
|
||||
bool LoginUserCheckSession(bool use_ses_log);
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -55,18 +55,18 @@ Account::Account()
|
|||
|
||||
bool Account::ActivateAccount(User * puser, long code, bool use_ses_log)
|
||||
{
|
||||
std::wstring * user_code_str = puser->aenv.get_wstr(L"activation_code");
|
||||
std::wstring * user_code_str = puser->admin_env.get_wstr(L"activation_code");
|
||||
|
||||
if( user_code_str )
|
||||
{
|
||||
if( Tol(*user_code_str) == code )
|
||||
{
|
||||
puser->status = WINIX_ACCOUNT_READY;
|
||||
puser->aenv.remove(L"activation_code");
|
||||
puser->admin_env.remove(L"activation_code");
|
||||
|
||||
if( puser->update() )
|
||||
{
|
||||
log << log2 << "Account: account: " << puser->name << " activated" << logend;
|
||||
log << log2 << "Account: account: " << puser->login << " activated" << logend;
|
||||
|
||||
if( use_ses_log )
|
||||
slog << loginfo << T(L"account_activated") << logend;
|
||||
|
|
|
@ -170,12 +170,12 @@ bool AddUser::AddNewUser(User & user, const std::wstring & pass)
|
|||
{
|
||||
if( system->users.AddUser(user) )
|
||||
{
|
||||
log << log2 << "AddUser: added a new user: " << user.name << logend;
|
||||
log << log2 << "AddUser: added a new user: " << user.login << logend;
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
log << log1 << "AddUser: I can't add to system->users: " << user.name
|
||||
log << log1 << "AddUser: I can't add to system->users: " << user.login
|
||||
<< " but the user was added to the db correctly" << logend;
|
||||
}
|
||||
}
|
||||
|
@ -217,9 +217,9 @@ bool AddUser::AddNewUser(const std::wstring & login,
|
|||
user.clear();
|
||||
|
||||
//user.Clear();
|
||||
user.name = login;
|
||||
user.login = login;
|
||||
user.email = email;
|
||||
user.super_user = false;
|
||||
user.is_super_user = false;
|
||||
user.notify = 0;
|
||||
user.locale_id = config->locale_default_id;
|
||||
user.time_zone_id = config->time_zone_default_id;
|
||||
|
@ -232,7 +232,7 @@ bool AddUser::AddNewUser(const std::wstring & login,
|
|||
if( user.status == WINIX_ACCOUNT_NOT_ACTIVATED )
|
||||
{
|
||||
code = std::rand();
|
||||
user.aenv.add(L"activation_code", code);
|
||||
user.admin_env.add(L"activation_code", code);
|
||||
}
|
||||
|
||||
if( AddNewUser(user, pass) )
|
||||
|
@ -240,13 +240,13 @@ bool AddUser::AddNewUser(const std::wstring & login,
|
|||
if( try_login && !cur->session->puser && user.status == WINIX_ACCOUNT_READY )
|
||||
{
|
||||
system->users.LoginUser(user.id, false);
|
||||
log << log2 << "AddUser: now logged as: " << user.name << logend;
|
||||
log << log2 << "AddUser: now logged as: " << user.login << logend;
|
||||
plugin->Call(WINIX_USER_LOGGED);
|
||||
}
|
||||
|
||||
if( user.status == WINIX_ACCOUNT_NOT_ACTIVATED )
|
||||
{
|
||||
system->notify.ActivateAccount(user.name, user.email, code);
|
||||
system->notify.ActivateAccount(user.login, user.email, code);
|
||||
|
||||
if( use_ses_log )
|
||||
slog << loginfo << T(L"account_email_sent") << logend;
|
||||
|
@ -277,7 +277,7 @@ void AddUser::MakePost()
|
|||
!functions->fun_passwd.IsPasswordCorrect(pass, conf_pass, true) )
|
||||
return;
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
{
|
||||
autoactivate = cur->request->IsPostVar(L"autoactivate");
|
||||
|
||||
|
|
|
@ -54,7 +54,7 @@ Emacs::Emacs()
|
|||
|
||||
bool Emacs::HasAccess(const Item & item)
|
||||
{
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
// super user can use emacs everywhere
|
||||
return true;
|
||||
|
||||
|
|
|
@ -46,7 +46,6 @@ namespace Fun
|
|||
Env::Env()
|
||||
{
|
||||
fun.url = L"env";
|
||||
puser = 0;
|
||||
}
|
||||
|
||||
|
||||
|
@ -59,7 +58,7 @@ bool Env::HasAccess()
|
|||
{
|
||||
// show/change admin environment variables for a user
|
||||
|
||||
if( !cur->session->puser->super_user )
|
||||
if( !cur->session->puser->is_super_user )
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -78,16 +77,16 @@ bool Env::EditAdminEnv(const std::wstring & env_str, bool use_ses_log)
|
|||
{
|
||||
if( Parse(env_str) )
|
||||
{
|
||||
puser->aenv = space;
|
||||
user_wrapper.user->admin_env = space;
|
||||
|
||||
if( puser->update() )
|
||||
if( user_wrapper.user->update() )
|
||||
{
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
log << log1 << "Evn: a database problem with changing admin environment variables for user: "
|
||||
<< puser->name << ", id: " << puser->id << logend;
|
||||
<< user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -106,16 +105,16 @@ bool Env::EditEnv(const std::wstring & env_str, bool use_ses_log)
|
|||
{
|
||||
if( Parse(env_str) )
|
||||
{
|
||||
puser->env = space;
|
||||
user_wrapper.user->env = space;
|
||||
|
||||
if( puser->update() )
|
||||
if( user_wrapper.user->update() )
|
||||
{
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
log << log1 << "Evn: a database problem with changing admin environment variables for user: "
|
||||
<< puser->name << ", id: " << puser->id << logend;
|
||||
<< user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -138,61 +137,89 @@ void Env::SaveEnv()
|
|||
|
||||
if( cur->request->IsParam(L"a") )
|
||||
{
|
||||
if( cur->session->puser->super_user )
|
||||
if( cur->session->puser->is_super_user )
|
||||
{
|
||||
status = EditAdminEnv(env_str, true);
|
||||
|
||||
if( status )
|
||||
{
|
||||
slog << loginfo << T(L"env_admin_changed_successfully") << logend;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
status = EditEnv(env_str, true);
|
||||
}
|
||||
|
||||
if( status )
|
||||
system->RedirectToLastItem();
|
||||
if( status )
|
||||
{
|
||||
slog << loginfo << T(L"env_changed_successfully") << logend;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void Env::RegisterModels()
|
||||
{
|
||||
cur->request->models.Add(L"users", system->users);
|
||||
cur->request->models.Add(L"env_user", user_wrapper);
|
||||
}
|
||||
|
||||
|
||||
|
||||
void Env::MakePost()
|
||||
{
|
||||
puser = nullptr;
|
||||
user_wrapper.user = nullptr;
|
||||
user_wrapper.set_connector(model_connector);
|
||||
|
||||
if( cur->session->puser )
|
||||
{
|
||||
puser = cur->session->puser;
|
||||
user_wrapper.user = cur->session->puser;
|
||||
|
||||
if( cur->request->IsPostVar(L"changeuser") )
|
||||
if( cur->session->puser->is_super_user && cur->request->IsPostVar(L"userid") )
|
||||
{
|
||||
// show environments variables for the specified user
|
||||
if( puser->super_user && cur->request->IsPostVar(L"userid") )
|
||||
{
|
||||
long id = Tol(cur->request->PostVar(L"userid"));
|
||||
puser = system->users.GetUser(id);
|
||||
long id = Tol(cur->request->PostVar(L"userid"));
|
||||
user_wrapper.user = system->users.GetUser(id);
|
||||
|
||||
if( puser )
|
||||
{
|
||||
log << log2 << "Env: changing user to: " << puser->name << ", id: " << puser->id << logend;
|
||||
}
|
||||
if( user_wrapper.user->id != cur->session->puser->id )
|
||||
{
|
||||
log << log2 << "Env: changing user to: " << user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
|
||||
}
|
||||
}
|
||||
|
||||
if( puser )
|
||||
if( !cur->request->IsPostVar(L"changeuser") )
|
||||
{
|
||||
/*
|
||||
* this puser should be set in a new struct (based on Model)
|
||||
* and put to templates
|
||||
*
|
||||
*/
|
||||
|
||||
SaveEnv();
|
||||
}
|
||||
else
|
||||
{
|
||||
cur->request->status = WINIX_ERR_PERMISSION_DENIED;
|
||||
if( user_wrapper.user )
|
||||
{
|
||||
SaveEnv();
|
||||
}
|
||||
else
|
||||
{
|
||||
cur->request->status = WINIX_ERR_PERMISSION_DENIED;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
RegisterModels();
|
||||
}
|
||||
|
||||
|
||||
void Env::MakeGet()
|
||||
{
|
||||
user_wrapper.user = cur->session->puser;
|
||||
user_wrapper.set_connector(model_connector);
|
||||
|
||||
RegisterModels();
|
||||
}
|
||||
|
||||
|
||||
void Env::Clear()
|
||||
{
|
||||
user_wrapper.user = nullptr;
|
||||
}
|
||||
|
||||
|
||||
|
||||
} // namespace
|
||||
|
||||
|
||||
|
|
|
@ -35,9 +35,11 @@
|
|||
#ifndef headerfile_winix_functions_env
|
||||
#define headerfile_winix_functions_env
|
||||
|
||||
#include "models/userwrapper.h"
|
||||
#include "functionbase.h"
|
||||
#include "space/spaceparser.h"
|
||||
|
||||
|
||||
namespace Winix
|
||||
{
|
||||
|
||||
|
@ -54,13 +56,15 @@ public:
|
|||
|
||||
bool HasAccess();
|
||||
void MakePost();
|
||||
void MakeGet();
|
||||
void Clear();
|
||||
|
||||
|
||||
private:
|
||||
|
||||
pt::SpaceParser conf_parser;
|
||||
pt::Space space;
|
||||
User * puser;
|
||||
UserWrapper user_wrapper;
|
||||
|
||||
bool EditAdminEnv(const std::wstring & env_str, bool use_ses_log = false);
|
||||
bool EditEnv(const std::wstring & env_str, bool use_ses_log = false);
|
||||
|
@ -68,6 +72,8 @@ private:
|
|||
bool Parse(const std::wstring & env_str);
|
||||
void SaveEnv();
|
||||
|
||||
void RegisterModels();
|
||||
|
||||
|
||||
};
|
||||
|
||||
|
|
|
@ -615,7 +615,7 @@ void Functions::ReadItemFilterHtml(Item & item)
|
|||
|
||||
void Functions::ReadItemContent(Item & item, const std::wstring & content_type)
|
||||
{
|
||||
bool is_root = cur->session->puser && cur->session->puser->super_user;
|
||||
bool is_root = cur->session->puser && cur->session->puser->is_super_user;
|
||||
bool filter_html = (content_type == L"2") && config->editors_html_safe_mode;
|
||||
|
||||
if( filter_html && is_root && config->editors_html_safe_mode_skip_root )
|
||||
|
|
|
@ -58,7 +58,7 @@ IPBanFun::IPBanFun()
|
|||
|
||||
bool IPBanFun::HasAccess()
|
||||
{
|
||||
return cur->session->puser && cur->session->puser->super_user;
|
||||
return cur->session->puser && cur->session->puser->is_super_user;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -81,7 +81,7 @@ bool Login::CheckPasswords(User & user, const std::wstring & password)
|
|||
std::wstring password_from_db = user.password;
|
||||
user.password = password;
|
||||
|
||||
if( user.pass_hash_salted )
|
||||
if( user.is_pass_hash_salted )
|
||||
salt = config->pass_hash_salt;
|
||||
else
|
||||
salt.clear();
|
||||
|
|
|
@ -53,7 +53,7 @@ Meta::Meta()
|
|||
bool Meta::HasAccess()
|
||||
{
|
||||
if( cur->request->IsParam(L"a") )
|
||||
return cur->session->puser && cur->session->puser->super_user;
|
||||
return cur->session->puser && cur->session->puser->is_super_user;
|
||||
else
|
||||
return system->HasWriteAccess(*cur->request->last_item);
|
||||
}
|
||||
|
@ -134,7 +134,7 @@ void Meta::ChangeAdminMeta()
|
|||
{
|
||||
// IMPROVE ME we need to show an error msg if the user is not an admin
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
{
|
||||
const std::wstring & meta_str = cur->request->PostVar(L"itemmeta");
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ bool Mkdir::HasAccess(const Item & item)
|
|||
if( item.type != Item::dir )
|
||||
return false;
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
// super user can use mkdir everywhere
|
||||
return true;
|
||||
|
||||
|
|
|
@ -53,7 +53,7 @@ Mount::Mount()
|
|||
|
||||
bool Mount::HasAccess()
|
||||
{
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
return true;
|
||||
|
||||
return false;
|
||||
|
|
|
@ -117,7 +117,7 @@ bool result = false;
|
|||
result = puser->update();
|
||||
|
||||
if( result )
|
||||
log << log2 << "Passwd: password for user " << puser->name << " has been changed" << logend;
|
||||
log << log2 << "Passwd: password for user " << puser->login << " has been changed" << logend;
|
||||
else
|
||||
log << log1 << "Passwd: I cannot change password -- database problem" << logend;
|
||||
}
|
||||
|
@ -140,7 +140,7 @@ long user_id;
|
|||
const std::wstring & pass_new = cur->request->PostVar(L"passwordnew");
|
||||
const std::wstring & pass_conf = cur->request->PostVar(L"passwordconfirm");
|
||||
|
||||
if( !cur->session->puser->super_user && !functions->fun_login.CheckUserPass(puser->name, pass_cur, user_id) )
|
||||
if( !cur->session->puser->is_super_user && !functions->fun_login.CheckUserPass(puser->login, pass_cur, user_id) )
|
||||
{
|
||||
log << log3 << "Passwd: incorrect current password" << logend;
|
||||
slog << logerror << T("passwd_err_bad_current_password") << logend;
|
||||
|
@ -190,7 +190,7 @@ return result;
|
|||
|
||||
bool Passwd::ResetPassword(User * puser, long code, bool use_ses_log, bool only_check_access)
|
||||
{
|
||||
std::wstring * user_code_str = puser->aenv.get_wstr(L"password_change_code");
|
||||
std::wstring * user_code_str = puser->admin_env.get_wstr(L"password_change_code");
|
||||
|
||||
if( user_code_str )
|
||||
{
|
||||
|
@ -230,7 +230,7 @@ bool Passwd::ResetPassword(const std::wstring & login, long code, bool use_ses_l
|
|||
{
|
||||
long t = static_cast<long>(cur->request->start_time);
|
||||
|
||||
if( puser->aenv.to_long(L"password_change_time") + config->reset_password_code_expiration_time > t )
|
||||
if( puser->admin_env.to_long(L"password_change_time") + config->reset_password_code_expiration_time > t )
|
||||
{
|
||||
result = ResetPassword(puser, code, use_ses_log, only_check_access);
|
||||
}
|
||||
|
@ -297,10 +297,10 @@ const std::wstring * plogin;
|
|||
|
||||
if( cur->session->puser )
|
||||
{
|
||||
if( cur->session->puser->super_user )
|
||||
if( cur->session->puser->is_super_user )
|
||||
plogin = &cur->request->PostVar(L"login");
|
||||
else
|
||||
plogin = &cur->session->puser->name;
|
||||
plogin = &cur->session->puser->login;
|
||||
|
||||
User * puser = system->users.GetUser(*plogin);
|
||||
|
||||
|
|
|
@ -156,7 +156,7 @@ void PrivChanger::PrivLogStart(const wchar_t * what, long user, long group, int
|
|||
log << "new user: ";
|
||||
|
||||
if( puser )
|
||||
log << puser->name;
|
||||
log << puser->login;
|
||||
else
|
||||
log << "id: " << user;
|
||||
|
||||
|
|
|
@ -53,7 +53,7 @@ Reload::Reload()
|
|||
|
||||
bool Reload::HasAccess()
|
||||
{
|
||||
return cur->session->puser && cur->session->puser->super_user;
|
||||
return cur->session->puser && cur->session->puser->is_super_user;
|
||||
}
|
||||
|
||||
|
||||
|
@ -74,7 +74,7 @@ void Reload::MakeGet()
|
|||
{
|
||||
// !! temporarily only an admin has access
|
||||
|
||||
if( !cur->session->puser || !cur->session->puser->super_user )
|
||||
if( !cur->session->puser || !cur->session->puser->is_super_user )
|
||||
{
|
||||
log << log1 << "Content: Only an admin has access to reload function" << logend;
|
||||
cur->request->status = WINIX_ERR_PERMISSION_DENIED;
|
||||
|
|
|
@ -55,7 +55,7 @@ RmUser::RmUser()
|
|||
|
||||
bool RmUser::HasAccess()
|
||||
{
|
||||
return cur->session->puser && cur->session->puser->super_user;
|
||||
return cur->session->puser && cur->session->puser->is_super_user;
|
||||
}
|
||||
|
||||
|
||||
|
@ -66,7 +66,7 @@ bool RmUser::RemoveUser(long user_id)
|
|||
|
||||
if( puser )
|
||||
{
|
||||
name = puser->name;
|
||||
name = puser->login;
|
||||
|
||||
if( system->users.Remove(user_id) )
|
||||
{
|
||||
|
@ -88,7 +88,7 @@ void RmUser::MakePost()
|
|||
{
|
||||
long user_id;
|
||||
|
||||
if( cur->session->puser->super_user )
|
||||
if( cur->session->puser->is_super_user )
|
||||
user_id = Tol(cur->request->PostVar(L"userid"));
|
||||
else
|
||||
user_id = cur->session->puser->id;
|
||||
|
|
|
@ -53,7 +53,7 @@ Subject::Subject()
|
|||
bool Subject::SubjectCheckAccess()
|
||||
{
|
||||
// super user can always
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
return true;
|
||||
|
||||
bool access;
|
||||
|
|