Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Projets publics
Ravada-Mirror
Commits
2fc415ae
Commit
2fc415ae
authored
Apr 25, 2017
by
Francesc Guasch
Browse files
[#136] Only external users can change password
parent
fd0aecae
Changes
6
Hide whitespace changes
Inline
Side-by-side
lib/Ravada.pm
View file @
2fc415ae
...
...
@@ -162,6 +162,7 @@ sub _upgrade_table {
warn
"
INFO: adding
$field
$definition
to
$table
\n
";
$dbh
->
do
("
alter table
$table
add
$field
$definition
");
return
1
;
}
sub
_create_table
{
...
...
@@ -228,6 +229,12 @@ sub _upgrade_tables {
$self
->
_upgrade_table
('
iso_images
','
device
','
varchar(255)
');
$self
->
_upgrade_table
('
users
','
language
','
char(3) DEFAULT NULL
');
if
(
$self
->
_upgrade_table
('
users
','
is_external
','
int(11) DEFAULT 0
'))
{
my
$sth
=
$CONNECTOR
->
dbh
->
prepare
(
"
UPDATE users set is_external=1 WHERE password='*LK* no pss'
"
);
$sth
->
execute
;
}
}
...
...
lib/Ravada/Auth/LDAP.pm
View file @
2fc415ae
...
...
@@ -297,7 +297,7 @@ sub _check_user_profile {
my
$user_sql
=
Ravada::Auth::
SQL
->
new
(
name
=>
$self
->
name
);
return
if
$user_sql
->
id
;
Ravada::Auth::SQL::
add_user
(
name
=>
$self
->
name
);
Ravada::Auth::SQL::
add_user
(
name
=>
$self
->
name
,
is_external
=>
1
,
is_temporary
=>
0
);
}
sub
_match_password
{
...
...
lib/Ravada/Auth/SQL.pm
View file @
2fc415ae
...
...
@@ -106,14 +106,16 @@ sub add_user {
if
keys
%args
;
my
$sth
=
$$CON
->
dbh
->
prepare
(
"
INSERT INTO users (name,password,is_admin,is_temporary) VALUES(?,?,?,?)
");
"
INSERT INTO users (name,password,is_admin,is_temporary, is_external)
"
.
"
VALUES(?,?,?,?,?)
");
if
(
$password
)
{
$password
=
sha1_hex
(
$password
);
}
else
{
$password
=
'
*LK* no pss
';
}
$sth
->
execute
(
$name
,
$password
,
$is_admin
,
$is_temporary
);
$sth
->
execute
(
$name
,
$password
,
$is_admin
,
$is_temporary
,
(
$args
{
is_external
}
or
0
));
$sth
->
finish
;
}
...
...
@@ -247,6 +249,21 @@ sub is_admin {
return
$self
->
{
_data
}
->
{
is_admin
};
}
=head2 is_external
Returns true if the user authentication is not from SQL
my $is = $user->is_external;
=cut
sub
is_external
{
my
$self
=
shift
;
return
$self
->
{
_data
}
->
{
is_external
};
}
=head2 is_temporary
Returns true if the user is admin.
...
...
sql/mysql/users.sql
View file @
2fc415ae
...
...
@@ -5,6 +5,7 @@ CREATE TABLE `users` (
`change_password`
integer
DEFAULT
1
,
`is_admin`
integer
DEFAULT
0
,
`is_temporary`
integer
DEFAULT
0
,
`is_external`
integer
DEFAULT
0
,
`language`
char
(
3
)
DEFAULT
NULL
,
PRIMARY
KEY
(
`id`
),
UNIQUE
KEY
`name`
(
`name`
)
...
...
sql/sqlite/users.sql
View file @
2fc415ae
...
...
@@ -5,6 +5,7 @@ CREATE TABLE `users` (
,
`change_password`
integer
DEFAULT
1
,
`is_admin`
integer
DEFAULT
0
,
`is_temporary`
integer
DEFAULT
0
,
`is_external`
integer
DEFAULT
0
,
`language`
char
(
3
)
DEFAULT
NULL
,
UNIQUE
(
`name`
)
);
templates/bootstrap/user_settings.html.ep
View file @
2fc415ae
...
...
@@ -33,8 +33,8 @@
% }
</form>
</p>
<p>
____
<p></br>
% if (!$_user->is_external) {
<hr>
<form
method=
'post'
enctype=
"multipart/form-data"
>
<p><
%=
l
'
New
Password:
'
%
><input
type=
'password'
name=
'password'
id=
'password'
></p>
<p><
%=
l
'
Confirm
Password:
'
%
><input
type=
'password'
name=
'conf_password'
id=
'conf_password'
></p>
...
...
@@ -44,6 +44,7 @@
% }
</p>
</form>
% }
</div>
</div>
</div>
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment