Commit 9698fb0c authored by olivier.salaun's avatar olivier.salaun
Browse files

[BugID 285][reported by M.Verove, Atos Origin]Fix: no more allow password...

[BugID 285][reported by M.Verove, Atos Origin]Fix: no more allow password reminder if regexp doesn't match user email


git-svn-id: https://subversion.renater.fr/sympa/trunk@4022 05aa8bb8-cd2b-0410-b1d7-8918dfa770ce
parent e34542a0
......@@ -45,6 +45,7 @@
[% ELSIF u_err.msg == 'unknown_robot' %][%|loc(u_err.new_robot)%]%1 : unknown robot[%END%]
[% ELSIF u_err.msg == 'unknown_family' %][%|loc(u_err.family)%]%1 : unknown family[%END%]
[% ELSIF u_err.msg == 'already_login' %][%|loc(u_err.email)%]You are already logged in as %1[%END%]
[% ELSIF u_err.msg == 'passwd_reminder_not_allowed' %][%|loc%]You can not get a password reminder ; probably because your password is managed outside Sympa (Single Sign-On system or LDAP directory).[%END%]
[% ELSIF u_err.msg == 'no_email' %][%|loc%]Please provide email address[%END%]
[% ELSIF u_err.msg == 'missing_arg' %][%|loc(u_err.argument)%]Missing argument %1[%END%]
[% ELSIF u_err.msg == 'wrong_value' %][%|loc(u_err.argument)%]Wrong value for parameter %1[%END%]
......
......@@ -70,6 +70,27 @@ use Digest::MD5;
}
}
## This subroutine if Sympa may use its native authentication for a given user
## It might not if no user_table paragraph is found in auth.conf or if the regexp or
## negative_regexp exclude this user
## IN : robot, user email
## OUT : boolean
sub may_use_sympa_native_auth {
my ($robot, $user_email) = @_;
my $ok = 0;
## check each auth.conf paragrpah
foreach my $auth_service (@{$Conf{'auth_services'}{$robot}}){
next unless ($auth_service->{'auth_type'} eq 'user_table');
next if ($auth_service->{'regexp'} && ($user_email !~ /$auth_service->{'regexp'}/i));
next if ($auth_service->{'negative_regexp'} && ($user_email =~ /$auth_service->{'negative_regexp'}/i));
$ok = 1; last;
}
return $ok;
}
sub authentication {
my ($robot, $email,$pwd) = @_;
......
......@@ -2861,6 +2861,13 @@ sub do_remindpasswd {
}
}
 
## Check auth.conf before creating/sending a password
unless (&Auth::may_use_sympa_native_auth($robot, $in{'email'})) {
## TODO: Error handling
&report::reject_report_web('user','passwd_reminder_not_allowed',{},$param->{'action'});
return undef
}
if ($param->{'newuser'} = &List::get_user_db($in{'email'})) {
&wwslog('info','do_sendpasswd: new password allocation for %s', $in{'email'});
## Create a password if none
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment