Commit 2fc415ae authored by Francesc Guasch's avatar Francesc Guasch
Browse files

[#136] Only external users can change password

parent fd0aecae
......@@ -162,6 +162,7 @@ sub _upgrade_table {
warn "INFO: adding $field $definition to $table\n";
$dbh->do("alter table $table add $field $definition");
return 1;
}
sub _create_table {
......@@ -228,6 +229,12 @@ sub _upgrade_tables {
$self->_upgrade_table('iso_images','device','varchar(255)');
$self->_upgrade_table('users','language','char(3) DEFAULT NULL');
if ( $self->_upgrade_table('users','is_external','int(11) DEFAULT 0')) {
my $sth = $CONNECTOR->dbh->prepare(
"UPDATE users set is_external=1 WHERE password='*LK* no pss'"
);
$sth->execute;
}
}
......
......@@ -297,7 +297,7 @@ sub _check_user_profile {
my $user_sql = Ravada::Auth::SQL->new(name => $self->name);
return if $user_sql->id;
Ravada::Auth::SQL::add_user(name => $self->name);
Ravada::Auth::SQL::add_user(name => $self->name, is_external => 1, is_temporary => 0);
}
sub _match_password {
......
......@@ -106,14 +106,16 @@ sub add_user {
if keys %args;
my $sth = $$CON->dbh->prepare(
"INSERT INTO users (name,password,is_admin,is_temporary) VALUES(?,?,?,?)");
"INSERT INTO users (name,password,is_admin,is_temporary, is_external)"
." VALUES(?,?,?,?,?)");
if ($password) {
$password = sha1_hex($password);
} else {
$password = '*LK* no pss';
}
$sth->execute($name,$password,$is_admin,$is_temporary);
$sth->execute($name,$password,$is_admin,$is_temporary
, ($args{is_external} or 0));
$sth->finish;
}
......@@ -247,6 +249,21 @@ sub is_admin {
return $self->{_data}->{is_admin};
}
=head2 is_external
Returns true if the user authentication is not from SQL
my $is = $user->is_external;
=cut
sub is_external {
my $self = shift;
return $self->{_data}->{is_external};
}
=head2 is_temporary
Returns true if the user is admin.
......
......@@ -5,6 +5,7 @@ CREATE TABLE `users` (
`change_password` integer DEFAULT 1,
`is_admin` integer DEFAULT 0,
`is_temporary` integer DEFAULT 0,
`is_external` integer DEFAULT 0,
`language` char(3) DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `name` (`name`)
......
......@@ -5,6 +5,7 @@ CREATE TABLE `users` (
, `change_password` integer DEFAULT 1
, `is_admin` integer DEFAULT 0
, `is_temporary` integer DEFAULT 0
, `is_external` integer DEFAULT 0
, `language` char(3) DEFAULT NULL
, UNIQUE (`name`)
);
......@@ -33,8 +33,8 @@
% }
</form>
</p>
<p>____<p></br>
% if (!$_user->is_external) {
<hr>
<form method='post' enctype="multipart/form-data">
<p><%=l 'New Password:' %><input type= 'password' name= 'password' id='password'></p>
<p><%=l 'Confirm Password:' %><input type='password' name='conf_password' id='conf_password'></p>
......@@ -44,6 +44,7 @@
% }
</p>
</form>
% }
</div>
</div>
</div>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment