- updated to the new pikotools api (child spaces were removed)

some plugins need to be fixed yet: ticket, gallery, group, menu
- added current user to default models as "user"
- renamed in User: super_user -> is_super_user, env -> admin_env, pass_hash_salted -> is_pass_hash_salted
- now Users class has a WinixModel as a base class
  some plugin calls have to be fixed yet
- added UserWrapper model with a pointer to User class
- removed from ItemContent: methods for accessing 'meta' and 'admin_meta', now ezc can iterate through Space classes
- fixed in env winix function: if there is "changeuser" parameter then we should only switch the user (not save anything)
master
Tomasz Sowa 2 years ago
parent 472490c239
commit 1d18b7fa12

@ -881,6 +881,11 @@ void App::AddDefaultModels()
{
cur.request->models.Add(L"request", cur.request);
if( cur.session && cur.session->puser )
{
cur.request->models.Add(L"user", *cur.session->puser);
}
if( cur.request->is_item )
{
cur.request->models.Add(L"item", cur.request->item);

@ -270,7 +270,7 @@ bool Crypt::RSA(bool encrypt, const std::wstring & keypath, const std::string &
bool Crypt::PassHash(const std::wstring & salt, User & user)
{
bool result = true;
user.pass_hash_salted = false;
user.is_pass_hash_salted = false;
if( user.pass_type != WINIX_CRYPT_HASH_NONE )
{
@ -281,7 +281,7 @@ bool Crypt::PassHash(const std::wstring & salt, User & user)
if( HashHex(user.pass_type, pass_salted, user.password) )
{
if( !salt.empty() )
user.pass_hash_salted = true;
user.is_pass_hash_salted = true;
}
else
{

@ -71,7 +71,7 @@ void Groups::ReadGroups(Db * db)
for(Group & group : groups_tmp)
{
table.PushBack(group);
table.PushBack(group, group.name);
}
}

@ -241,7 +241,7 @@ void SessionManager::SetSessionPutLogInfo(Session & ses, bool has_index, unsigne
main_log << ", index difference: " << (size_t)difference;
if( ses.puser )
main_log << log2 << ", user: " << ses.puser->name << ", id: " << ses.puser->id;
main_log << log2 << ", user: " << ses.puser->login << ", id: " << ses.puser->id;
main_log << log2 << logend;
}

@ -135,7 +135,7 @@ void SessionParser::MakeSession(long id, long user_id, SessionContainer & contai
// !! IMPROVE ME we do not save last_time_get
users->IncrementLoggedUsers();
log << log2 << "SP: read session id: " << id << " for user: " << puser->name << logend;
log << log2 << "SP: read session id: " << id << " for user: " << puser->login << logend;
}
else
{

@ -87,7 +87,8 @@ void System::set_dependency(WinixModelDeprecated * winix_model)
dirs.set_dependency(this);
mounts.set_dependency(this);
users.set_dependency(this);
//users.set_dependency(this);
users.set_connector(model_connector);
groups.set_dependency(this);
rebus.set_dependency(this);
load_avg.set_dependency(this);
@ -140,8 +141,9 @@ void System::Init()
mounts.CreateMounts();
mounts.ReadMounts();
users.SetCur(cur);
users.SetSessionManager(session_manager);
// users.SetCur(cur);
// users.SetSessionManager(session_manager);
users.set_connector(model_connector);
users.ReadUsers(db);
groups.ReadGroups(db); // !! chwilowe przekazanie argumentu, db bedzie zmienione
@ -533,7 +535,7 @@ bool System::CanChangeUser(const Item & item, long new_user_id)
// session must be set
return false;
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
// super user is allowed everything
return true;
@ -553,7 +555,7 @@ bool System::CanChangeGroup(const Item & item, long new_group_id)
// session must be set
return false;
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
// super user is allowed everything
return true;
@ -587,7 +589,7 @@ bool System::CanChangePrivileges(const Item & item, int new_priv)
// session must be set
return false;
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
// super user is allowed everything
return true;
@ -751,7 +753,7 @@ bool System::CanRemoveRenameChild(const Item & dir, long child_item_user_id)
if( cur->session->puser )
{
if( cur->session->puser->super_user )
if( cur->session->puser->is_super_user )
return true;
if( dir.item_content.user_id != -1 && cur->session->puser->id != -1 && child_item_user_id != -1 )
@ -811,7 +813,7 @@ bool System::IsSuperUser(long user_id)
if( !puser )
return false;
return puser->super_user;
return puser->is_super_user;
}

@ -258,7 +258,7 @@ bool TimeZone::SetTzDst(pt::Space & year)
Dst dst;
int year_int = 0;
std::wstring * year_name = year.find_child_space_name();
std::wstring * year_name = year.get_wstr(L"year");
if( year_name )
year_int = Toi(*year_name);
@ -297,7 +297,7 @@ bool TimeZone::SetTz(pt::Space & space)
bool result = true;
name.clear();
std::wstring * space_name = space.find_child_space_name();
std::wstring * space_name = space.get_wstr(L"name");
if( space_name )
name = *space_name;
@ -309,21 +309,16 @@ bool TimeZone::SetTz(pt::Space & space)
if( offset < -h24 || offset > h24 )
result = false;
pt::Space * dst = space.find_child_space(L"dst");
pt::Space::TableType * dst = space.get_table(L"dst");
if( dst )
{
pt::Space::TableType * child_table = dst->find_child_space_table();
if( child_table )
for(pt::Space * dst_space : *dst)
{
for(pt::Space * year : *child_table)
if( !SetTzDst(*dst_space) )
{
if( !SetTzDst(*year) )
{
result = false;
break;
}
result = false;
break;
}
}
}

@ -123,11 +123,11 @@ bool TimeZones::Empty() const
void TimeZones::ParseZones()
{
pt::Space::TableType * child_table = temp_space.find_child_space_table();
pt::Space::TableType * timezones_table = temp_space.get_table(L"timezones");
if( child_table )
if( timezones_table )
{
for(pt::Space * zone : *child_table)
for(pt::Space * zone : *timezones_table)
{
temp_zone.Clear();
@ -155,7 +155,7 @@ void TimeZones::ParseZones()
else
{
log << log1 << "System: problem with reading time zone info from time zone: "
<< zone->get_child_space_name() << " (skipping) " << logend;
<< zone->to_wstr(L"name") << " (skipping) " << logend;
}
}
}

@ -5,7 +5,7 @@
*/
/*
* Copyright (c) 2008-2014, Tomasz Sowa
* Copyright (c) 2008-2021, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -65,7 +65,7 @@ public:
Iterator End();
SizeType Size();
bool Empty();
Iterator PushBack(const Type & type); // can return End() if the user already exists
Iterator PushBack(const Type & type, const std::wstring & name); // can return End() if the user already exists
void Clear();
bool Is(long id);
@ -78,17 +78,20 @@ public:
// main table
Table table;
private:
// don't copy these objects
UGContainer(const UGContainer<Type> &);
UGContainer<Type> & operator=(const UGContainer<Type> &);
void AddIndexes(Iterator iter);
void AddIndexes(Iterator iter, const std::wstring & name);
void RebuildIndexes();
// main table
Table table;
// table.size() has O(n) complexity
size_t table_size;
@ -163,16 +166,16 @@ bool UGContainer<Type>::Empty()
template<class Type>
typename UGContainer<Type>::Iterator UGContainer<Type>::PushBack(const Type & type)
typename UGContainer<Type>::Iterator UGContainer<Type>::PushBack(const Type & type, const std::wstring & name)
{
if( Is(type.id) || Is(type.name) )
if( Is(type.id) || Is(name) )
return End();
table.push_back(type);
table_size += 1;
Iterator i = --table.end();
log << log3 << "UGCont: added, id: " << type.id << ", name: " << type.name << logend;
AddIndexes(i);
log << log3 << "UGCont: added, id: " << type.id << ", name: " << name << logend;
AddIndexes(i, name);
return i;
}
@ -242,12 +245,12 @@ return i->second;
template<class Type>
void UGContainer<Type>::AddIndexes(UGContainer<Type>::Iterator iter)
void UGContainer<Type>::AddIndexes(UGContainer<Type>::Iterator iter, const std::wstring & name)
{
table_id.insert( std::make_pair(iter->id, iter) );
table_name.insert( std::make_pair(iter->name, iter) );
table_name.insert( std::make_pair(name, iter) );
log << log4 << "UGCont: added indexes to: id: " << iter->id << ", name: " << iter->name << logend;
log << log4 << "UGCont: added indexes to: id: " << iter->id << ", name: " << name << logend;
}
@ -286,14 +289,15 @@ bool UGContainer<Type>::Remove(long id)
{
if( n->second == i->second )
{
log << log4 << "UGCont: removed index_name to: id: " << i->second->id << ", name: " << n->first << logend;
table_name.erase(n);
log << log4 << "UGCont: removed index_id to: id: " << i->second->id << ", name: " << i->second->name << logend;
break;
}
}
log << log4 << "UGCont: removed index_name to: id: " << i->second->id << ", name: " << i->second->name << logend;
log << log3 << "UGCont: removed: id: " << i->second->id << ", name: " << i->second->name << logend;
log << log4 << "UGCont: removed index_id to: id: " << i->second->id << logend;
log << log3 << "UGCont: removed: id: " << i->second->id << logend;
table.erase(i->second);
table_id.erase(i);
result = true;

@ -5,7 +5,7 @@
*/
/*
* Copyright (c) 2008-2018, Tomasz Sowa
* Copyright (c) 2008-2021, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -35,6 +35,7 @@
#include <arpa/inet.h>
#include "users.h"
#include "sessionmanager.h"
#include "slog.h"
namespace Winix
@ -45,29 +46,38 @@ namespace Winix
Users::Users()
{
how_many_logged = 0; // !! CHECK ME may it should be moved to Clear() method?
table.set_dependency(this);
// table.set_dependency(this);
Clear();
}
void Users::set_dependency(WinixModelDeprecated * winix_model)
void Users::fields()
{
WinixModelDeprecated::set_dependency(winix_model);
table.set_dependency(winix_model);
last.set_dependency(winix_model);
field(L"users", table.table);
}
void Users::SetCur(Cur * pcur)
{
cur = pcur;
}
void Users::SetSessionManager(SessionManager * sm)
{
session_manager = sm;
}
//void Users::set_dependency(WinixModelDeprecated * winix_model)
//{
// WinixModelDeprecated::set_dependency(winix_model);
// table.set_dependency(winix_model);
// last.set_dependency(winix_model);
//}
//void Users::SetCur(Cur * pcur)
//{
// cur = pcur;
//}
//void Users::SetSessionManager(SessionManager * sm)
//{
// session_manager = sm;
//}
void Users::Clear()
@ -89,7 +99,7 @@ void Users::ReadUsers(Db * db)
for(User & user : users_tmp)
{
table.PushBack(user);
table.PushBack(user, user.login);
}
}
@ -98,7 +108,7 @@ void Users::ReadUsers(Db * db)
bool Users::AddUser(const User & user)
{
Table::Iterator i = table.PushBack(user);
Table::Iterator i = table.PushBack(user, user.login);
return (i != table.End());
}
@ -173,11 +183,11 @@ bool Users::Remove(long user_id)
if( puser )
{
LogoutUser(user_id);
plugin->Call(WINIX_PREPARE_TO_REMOVE_USER, puser);
// plugin->Call(WINIX_PREPARE_TO_REMOVE_USER, puser); FIXME
result = table.Remove(user_id);
if( result )
plugin->Call(WINIX_USER_REMOVED, user_id);
// if( result )
// plugin->Call(WINIX_USER_REMOVED, user_id); FIXME
}
return result;
@ -187,15 +197,20 @@ return result;
// private
bool Users::LoginUserCheckSession(bool use_ses_log)
{
if( !cur->session )
Session * session = get_session();
Log * log = get_logger();
SLog * slog = get_session_logger();
if( !session )
return false;
if( cur->session->id == 0 )
if( session->id == 0 )
{
log << log1 << "Users: I cannot login a user on a temporary session" << logend;
if( log )
(*log) << log1 << "Users: I cannot login a user on a temporary session" << logend;
// if( use_ses_log )
// slog << logerror << T(L"service_unavailable") << logend;
if( slog && use_ses_log )
(*slog) << logerror << T(L"service_unavailable") << logend;
return false;
}
@ -208,34 +223,35 @@ return true;
User * Users::LoginUserCheckStatus(long user_id, bool use_ses_log)
{
User * puser = GetUser(user_id);
Log * log = get_logger();
SLog * slog = get_session_logger();
if( !puser )
{
log << log1 << "Users: user id: " << user_id << " is not in system.users table" << logend;
if( log )
(*log) << log1 << "Users: user id: " << user_id << " is not in system.users table" << logend;
// if( use_ses_log )
// slog << logerror << T(L"service_unavailable") << logend;
if( slog && use_ses_log )
(*slog) << logerror << T(L"service_unavailable") << logend;
return 0;
}
if( puser->status != WINIX_ACCOUNT_READY )
{
log << log1 << "Users: user id: " << user_id << " is not ready for logging in (status: "
(*log) << log1 << "Users: user id: " << user_id << " is not ready for logging in (status: "
<< puser->status << ")" << logend;
if( use_ses_log )
if( slog && use_ses_log )
{
/*
if( puser->status == WINIX_ACCOUNT_NOT_ACTIVATED )
slog << logerror << T(L"account_not_activated") << logend;
(*slog) << logerror << T(L"account_not_activated") << logend;
else
if( puser->status == WINIX_ACCOUNT_SUSPENDED )
slog << logerror << T(L"account_suspended") << logend;
(*slog) << logerror << T(L"account_suspended") << logend;
else
if( puser->status == WINIX_ACCOUNT_BLOCKED )
slog << logerror << T(L"account_banned") << logend;
*/
(*slog) << logerror << T(L"account_banned") << logend;
}
return 0;
@ -252,34 +268,43 @@ bool Users::LoginUser(long user_id, bool remember_me, bool use_ses_log)
return false;
User * puser = LoginUserCheckStatus(user_id, use_ses_log);
Log * log = get_logger();
Session * session = get_session();
SessionManager * session_manager = get_session_manager();
Request * request = get_request();
if( !puser )
if( !puser || !session || !session_manager || !request )
return false;
PluginRes res = plugin->Call(WINIX_PREPARE_USER_TO_LOGIN, puser);
PluginRes res;
//PluginRes res = plugin->Call(WINIX_PREPARE_USER_TO_LOGIN, puser); FIXME
if( res.res_false > 0 )
{
log << log3 << "Users: login prevented by a plugin" << logend;
if( log )
(*log) << log3 << "Users: login prevented by a plugin" << logend;
return false;
}
if( cur->session->puser )
if( session->puser )
LogoutCurrentUser();
cur->session->puser = puser;
cur->session->spam_score = 0;
cur->session->remember_me = remember_me;
session->puser = puser;
session->spam_score = 0;
session->remember_me = remember_me;
// change session id before last.UserLogin()
if( !cur->session->new_session )
session_manager->ChangeSessionId(cur->session->id);
if( !session->new_session )
session_manager->ChangeSessionId(session->id);
last.UserLogin(user_id, cur->session->puser->name, cur->request->ip, cur->session->id);
last.UserLogin(user_id, session->puser->login, request->ip, session->id);
how_many_logged += 1;
log << log2 << "Users: user " << cur->session->puser->name << " (id: " << user_id << ") logged" << logend;
plugin->Call(WINIX_USER_LOGGED);
if( log )
(*log) << log2 << "Users: user " << session->puser->login << " (id: " << user_id << ") logged" << logend;
//plugin->Call(WINIX_USER_LOGGED); FIXME
return true;
}
@ -289,18 +314,26 @@ size_t Users::LogoutUser(long user_id)
{
size_t how_many = 0;
User * puser = GetUser(user_id);
Log * log = get_logger();
SessionManager * session_manager = get_session_manager();
if( puser )
if( puser && session_manager )
{
log << log2 << "Users: logging out user " << puser->name << ", id: "
<< puser->id << " from all sessions" << logend;
if( log )
{
(*log) << log2 << "Users: logging out user " << puser->login << ", id: "
<< puser->id << " from all sessions" << logend;
}
// WINIX_PREPARE_USER_TO_LOGOUT will be sent by MarkAllSessionsToRemove()
how_many = session_manager->MarkAllSessionsToRemove(user_id);
how_many_logged -= how_many;
if( how_many )
log << log3 << "Users: " << how_many << " user(s) were logged out" << logend;
{
if( log )
(*log) << log3 << "Users: " << how_many << " user(s) were logged out" << logend;
}
}
return how_many;
@ -310,20 +343,26 @@ return how_many;
void Users::LogoutCurrentUser()
{
if( !cur->session || !cur->session->puser )
Log * log = get_logger();
Session * session = get_session();
if( !session || !session->puser )
return;
log << log2 << "Users: user " << cur->session->puser->name << ", id: "
<< cur->session->puser->id << " logged out" << logend;
if( log )
{
(*log) << log2 << "Users: user " << session->puser->login << ", id: "
<< session->puser->id << " logged out" << logend;
}
plugin->Call(WINIX_PREPARE_USER_TO_LOGOUT, cur->session->puser);
last.UserLogout(cur->session->puser->id, cur->session->id);
//plugin->Call(WINIX_PREPARE_USER_TO_LOGOUT, cur->session->puser); // FIXME
last.UserLogout(session->puser->id, session->id);
if( how_many_logged > 0 ) // for safety
how_many_logged -= 1;
cur->session->puser = 0;
cur->session->remember_me = false;
session->puser = 0;
session->remember_me = false;
}

@ -5,7 +5,7 @@
*/
/*
* Copyright (c) 2008-2018, Tomasz Sowa
* Copyright (c) 2008-2021, Tomasz Sowa
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -41,7 +41,7 @@
#include "lastcontainer.h"
#include "cur.h"
#include "db/db.h"
#include "winixmodeldeprecated.h"
#include "models/winixmodel.h"
@ -53,13 +53,13 @@ namespace Winix
class SessionManager;
class Users : public WinixModelDeprecated
class Users : public WinixModel
{
typedef UGContainer<User> Table;
public:
void set_dependency(WinixModelDeprecated * winix_model);
//void set_dependency(WinixModelDeprecated * winix_model);
typedef Table::Iterator Iterator;
@ -69,8 +69,8 @@ public:
Users();
void SetCur(Cur * pcur);
void SetSessionManager(SessionManager * sm);
// void SetCur(Cur * pcur);
// void SetSessionManager(SessionManager * sm);
void Clear();
void ReadUsers(Db * db);
@ -91,12 +91,17 @@ public:
void IncrementLoggedUsers();
long HowManyLogged();
protected:
void fields();
private:
Table table;
Cur * cur;
SessionManager * session_manager;
//Cur * cur;
//SessionManager * session_manager;
long how_many_logged;
bool LoginUserCheckSession(bool use_ses_log);

File diff suppressed because it is too large Load Diff

@ -55,18 +55,18 @@ Account::Account()
bool Account::ActivateAccount(User * puser, long code, bool use_ses_log)
{
std::wstring * user_code_str = puser->aenv.get_wstr(L"activation_code");
std::wstring * user_code_str = puser->admin_env.get_wstr(L"activation_code");
if( user_code_str )
{
if( Tol(*user_code_str) == code )
{
puser->status = WINIX_ACCOUNT_READY;
puser->aenv.remove(L"activation_code");
puser->admin_env.remove(L"activation_code");
if( puser->update() )
{
log << log2 << "Account: account: " << puser->name << " activated" << logend;
log << log2 << "Account: account: " << puser->login << " activated" << logend;
if( use_ses_log )
slog << loginfo << T(L"account_activated") << logend;

@ -170,12 +170,12 @@ bool AddUser::AddNewUser(User & user, const std::wstring & pass)
{
if( system->users.AddUser(user) )
{
log << log2 << "AddUser: added a new user: " << user.name << logend;
log << log2 << "AddUser: added a new user: " << user.login << logend;
return true;
}
else
{
log << log1 << "AddUser: I can't add to system->users: " << user.name
log << log1 << "AddUser: I can't add to system->users: " << user.login
<< " but the user was added to the db correctly" << logend;
}
}
@ -217,9 +217,9 @@ bool AddUser::AddNewUser(const std::wstring & login,
user.clear();
//user.Clear();
user.name = login;
user.login = login;
user.email = email;
user.super_user = false;
user.is_super_user = false;
user.notify = 0;
user.locale_id = config->locale_default_id;
user.time_zone_id = config->time_zone_default_id;
@ -232,7 +232,7 @@ bool AddUser::AddNewUser(const std::wstring & login,
if( user.status == WINIX_ACCOUNT_NOT_ACTIVATED )
{
code = std::rand();
user.aenv.add(L"activation_code", code);
user.admin_env.add(L"activation_code", code);
}
if( AddNewUser(user, pass) )
@ -240,13 +240,13 @@ bool AddUser::AddNewUser(const std::wstring & login,
if( try_login && !cur->session->puser && user.status == WINIX_ACCOUNT_READY )
{
system->users.LoginUser(user.id, false);
log << log2 << "AddUser: now logged as: " << user.name << logend;
log << log2 << "AddUser: now logged as: " << user.login << logend;
plugin->Call(WINIX_USER_LOGGED);
}
if( user.status == WINIX_ACCOUNT_NOT_ACTIVATED )
{
system->notify.ActivateAccount(user.name, user.email, code);
system->notify.ActivateAccount(user.login, user.email, code);
if( use_ses_log )
slog << loginfo << T(L"account_email_sent") << logend;
@ -277,7 +277,7 @@ void AddUser::MakePost()
!functions->fun_passwd.IsPasswordCorrect(pass, conf_pass, true) )
return;
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
{
autoactivate = cur->request->IsPostVar(L"autoactivate");

@ -54,7 +54,7 @@ Emacs::Emacs()
bool Emacs::HasAccess(const Item & item)
{
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
// super user can use emacs everywhere
return true;

@ -46,7 +46,6 @@ namespace Fun
Env::Env()
{
fun.url = L"env";
puser = 0;
}
@ -59,7 +58,7 @@ bool Env::HasAccess()
{
// show/change admin environment variables for a user
if( !cur->session->puser->super_user )
if( !cur->session->puser->is_super_user )
return false;
}
@ -78,16 +77,16 @@ bool Env::EditAdminEnv(const std::wstring & env_str, bool use_ses_log)
{
if( Parse(env_str) )
{
puser->aenv = space;
user_wrapper.user->admin_env = space;
if( puser->update() )
if( user_wrapper.user->update() )
{
return true;
}
else
{
log << log1 << "Evn: a database problem with changing admin environment variables for user: "
<< puser->name << ", id: " << puser->id << logend;
<< user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
}
}
else
@ -106,16 +105,16 @@ bool Env::EditEnv(const std::wstring & env_str, bool use_ses_log)
{
if( Parse(env_str) )
{
puser->env = space;
user_wrapper.user->env = space;
if( puser->update() )
if( user_wrapper.user->update() )
{
return true;
}
else
{
log << log1 << "Evn: a database problem with changing admin environment variables for user: "
<< puser->name << ", id: " << puser->id << logend;
<< user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
}
}
else
@ -138,61 +137,89 @@ void Env::SaveEnv()
if( cur->request->IsParam(L"a") )
{
if( cur->session->puser->super_user )
if( cur->session->puser->is_super_user )
{
status = EditAdminEnv(env_str, true);
if( status )
{
slog << loginfo << T(L"env_admin_changed_successfully") << logend;
}
}
}
else
{
status = EditEnv(env_str, true);
if( status )
{
slog << loginfo << T(L"env_changed_successfully") << logend;
}
}
}
if( status )
system->RedirectToLastItem();
void Env::RegisterModels()
{
cur->request->models.Add(L"users", system->users);
cur->request->models.Add(L"env_user", user_wrapper);
}
void Env::MakePost()
{
puser = nullptr;
user_wrapper.user = nullptr;
user_wrapper.set_connector(model_connector);
if( cur->session->puser )
{
puser = cur->session->puser;
user_wrapper.user = cur->session->puser;
if( cur->request->IsPostVar(L"changeuser") )
if( cur->session->puser->is_super_user && cur->request->IsPostVar(L"userid") )
{
// show environments variables for the specified user
if( puser->super_user && cur->request->IsPostVar(L"userid") )
{
long id = Tol(cur->request->PostVar(L"userid"));
puser = system->users.GetUser(id);
long id = Tol(cur->request->PostVar(L"userid"));
user_wrapper.user = system->users.GetUser(id);
if( puser )
{
log << log2 << "Env: changing user to: " << puser->name << ", id: " << puser->id << logend;
}
if( user_wrapper.user->id != cur->session->puser->id )
{
log << log2 << "Env: changing user to: " << user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
}
}
if( puser )
{
/*
* this puser should be set in a new struct (based on Model)
* and put to templates
*
*/
SaveEnv();
}
else
if( !cur->request->IsPostVar(L"changeuser") )
{
cur->request->status = WINIX_ERR_PERMISSION_DENIED;
if( user_wrapper.user )
{
SaveEnv();
}
else
{
cur->request->status = WINIX_ERR_PERMISSION_DENIED;
}
}
}
RegisterModels();
}
void Env::MakeGet()
{
user_wrapper.user = cur->session->puser;
user_wrapper.set_connector(model_connector);
RegisterModels();
}
void Env::Clear()
{
user_wrapper.user = nullptr;
}
} // namespace

@ -35,9 +35,11 @@
#ifndef headerfile_winix_functions_env
#define headerfile_winix_functions_env
#include "models/userwrapper.h"
#include "functionbase.h"
#include "space/spaceparser.h"
namespace Winix
{
@ -54,13 +56,15 @@ public:
bool HasAccess();
void MakePost();
void MakeGet();
void Clear();
private:
pt::SpaceParser conf_parser;
pt::Space space;
User * puser;
UserWrapper user_wrapper;
bool EditAdminEnv(const std::wstring & env_str, bool use_ses_log = false);
bool EditEnv(const std::wstring & env_str, bool use_ses_log = false);
@ -68,6 +72,8 @@ private:
bool Parse(const std::wstring & env_str);
void SaveEnv();
void RegisterModels();
};

@ -615,7 +615,7 @@ void Functions::ReadItemFilterHtml(Item & item)
void Functions::ReadItemContent(Item & item, const std::wstring & content_type)
{
bool is_root = cur->session->puser && cur->session->puser->super_user;
bool is_root = cur->session->puser && cur->session->puser->is_super_user;
bool filter_html = (content_type == L"2") && config->editors_html_safe_mode;
if( filter_html && is_root && config->editors_html_safe_mode_skip_root )

@ -58,7 +58,7 @@ IPBanFun::IPBanFun()
bool IPBanFun::HasAccess()
{
return cur->session->puser && cur->session->puser->super_user;
return cur->session->puser && cur->session->puser->is_super_user;
}

@ -81,7 +81,7 @@ bool Login::CheckPasswords(User & user, const std::wstring & password)
std::wstring password_from_db = user.password;
user.password = password;
if( user.pass_hash_salted )
if( user.is_pass_hash_salted )
salt = config->pass_hash_salt;
else
salt.clear();

@ -53,7 +53,7 @@ Meta::Meta()
bool Meta::HasAccess()
{
if( cur->request->IsParam(L"a") )
return cur->session->puser && cur->session->puser->super_user;
return cur->session->puser && cur->session->puser->is_super_user;
else
return system->HasWriteAccess(*cur->request->last_item);
}
@ -134,7 +134,7 @@ void Meta::ChangeAdminMeta()
{
// IMPROVE ME we need to show an error msg if the user is not an admin
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
{
const std::wstring & meta_str = cur->request->PostVar(L"itemmeta");

@ -60,7 +60,7 @@ bool Mkdir::HasAccess(const Item & item)
if( item.type != Item::dir )
return false;
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
// super user can use mkdir everywhere
return true;

@ -53,7 +53,7 @@ Mount::Mount()
bool Mount::HasAccess()
{
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
return true;
return false;

@ -117,7 +117,7 @@ bool result = false;
result = puser->update();
if( result )
log << log2 << "Passwd: password for user " << puser->name << " has been changed" << logend;
log << log2 << "Passwd: password for user " << puser->login << " has been changed" << logend;
else
log << log1 << "Passwd: I cannot change password -- database problem" << logend;
}
@ -140,7 +140,7 @@ long user_id;
const std::wstring & pass_new = cur->request->PostVar(L"passwordnew");
const std::wstring & pass_conf = cur->request->PostVar(L"passwordconfirm");
if( !cur->session->puser->super_user && !functions->fun_login.CheckUserPass(puser->name, pass_cur, user_id) )
if( !cur->session->puser->is_super_user && !functions->fun_login.CheckUserPass(puser->login, pass_cur, user_id) )
{
log << log3 << "Passwd: incorrect current password" << logend;
slog << logerror << T("passwd_err_bad_current_password") << logend;
@ -190,7 +190,7 @@ return result;
bool Passwd::ResetPassword(User * puser, long code, bool use_ses_log, bool only_check_access)
{
std::wstring * user_code_str = puser->aenv.get_wstr(L"password_change_code");
std::wstring * user_code_str = puser->admin_env.get_wstr(L"password_change_code");
if( user_code_str )
{
@ -230,7 +230,7 @@ bool Passwd::ResetPassword(const std::wstring & login, long code, bool use_ses_l
{
long t = static_cast<long>(cur->request->start_time);
if( puser->aenv.to_long(L"password_change_time") + config->reset_password_code_expiration_time > t )
if( puser->admin_env.to_long(L"password_change_time") + config->reset_password_code_expiration_time > t )
{
result = ResetPassword(puser, code, use_ses_log, only_check_access);
}
@ -297,10 +297,10 @@ const std::wstring * plogin;
if( cur->session->puser )
{
if( cur->session->puser->super_user )
if( cur->session->puser->is_super_user )
plogin = &cur->request->PostVar(L"login");
else
plogin = &cur->session->puser->name;
plogin = &cur->session->puser->login;
User * puser = system->users.GetUser(*plogin);

@ -156,7 +156,7 @@ void PrivChanger::PrivLogStart(const wchar_t * what, long user, long group, int
log << "new user: ";
if( puser )
log << puser->name;
log << puser->login;
else
log << "id: " << user;

@ -53,7 +53,7 @@ Reload::Reload()
bool Reload::HasAccess()
{
return cur->session->puser && cur->session->puser->super_user;
return cur->session->puser && cur->session->puser->is_super_user;
}
@ -74,7 +74,7 @@ void Reload::MakeGet()
{
// !! temporarily only an admin has access
if( !cur->session->puser || !cur->session->puser->super_user )
if( !cur->session->puser || !cur->session->puser->is_super_user )
{
log << log1 << "Content: Only an admin has access to reload function" << logend;
cur->request->status = WINIX_ERR_PERMISSION_DENIED;

@ -55,7 +55,7 @@ RmUser::RmUser()
bool RmUser::HasAccess()
{
return cur->session->puser && cur->session->puser->super_user;
return cur->session->puser && cur->session->puser->is_super_user;
}
@ -66,7 +66,7 @@ bool RmUser::RemoveUser(long user_id)
if( puser )
{
name = puser->name;
name = puser->login;
if( system->users.Remove(user_id) )
{
@ -88,7 +88,7 @@ void RmUser::MakePost()
{
long user_id;
if( cur->session->puser->super_user )
if( cur->session->puser->is_super_user )
user_id = Tol(cur->request->PostVar(L"userid"));
else
user_id = cur->session->puser->id;

@ -53,7 +53,7 @@ Subject::Subject()
bool Subject::SubjectCheckAccess()
{
// super user can always
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
return true;
bool access;

@ -58,7 +58,7 @@ bool Template::HasAccess()
if( config->template_only_root_use_template_fun )
{
// only root is allowed to change the template
return (cur->session->puser && cur->session->puser->super_user);
return (cur->session->puser && cur->session->puser->is_super_user);
}

@ -74,7 +74,7 @@ bool Upload::HasAccess(const Item & item)
return false;
}
if( cur->session->puser && cur->session->puser->super_user )
if( cur->session->puser && cur->session->puser->is_super_user )
// super user can use upload everywhere