[interchange-cvs] interchange - heins modified lib/Vend/UserDB.pm

interchange-core@interchange.redhat.com interchange-core@interchange.redhat.com
Sun Jun 23 11:05:00 2002


User:      heins
Date:      2002-06-23 15:04:04 GMT
Modified:  lib/Vend UserDB.pm
Log:
	* Add indirect login and new_account creation capability. This works
	  in conjunction with assign_username to use a foreign key as the
	  lookup for login. Designed for use with accounting systems or
	  other auto-user creation situations.

	  Example:

		UserDB   default   indirect_login  email
		UserDB   default   assign_username 1

	  	   [userdb function=new_account]

		[set emailcheck]
			&fatal=1
			email=email
		[/set]
		<form method="POST" action="[area account]">
		<input type=hidden name="mv_form_profile" value="emailcheck">
		<input type=hidden name="mv_action" value="return">
		<input type=hidden name="mv_failpage" value="@@MV_PAGE@@">
		<input type=hidden name="mv_click" value="Login">
		Email address <input type=text name="mv_username">
		Password      <input type=password name="mv_password">
		Verify        <input type=password name="mv_verify">
		<input type=submit value="Create account">
		</form>

	  This causes the following record to be created when the account is
	  made:

	  	username: [counter file=username_counter]
		email: [value mv_username]
		password: [value mv_password]

	  Login is the same. The user would enter their username and it
	  would be used for a lookup of the real username for login.

	  Docs added to icdatabse.sdf.

Revision  Changes    Path
2.6       +68 -10    interchange/lib/Vend/UserDB.pm


rev 2.6, prev_rev 2.5
Index: UserDB.pm
===================================================================
RCS file: /anon_cvs/repository/interchange/lib/Vend/UserDB.pm,v
retrieving revision 2.5
retrieving revision 2.6
diff -u -r2.5 -r2.6
--- UserDB.pm	17 Jun 2002 22:24:08 -0000	2.5
+++ UserDB.pm	23 Jun 2002 15:04:04 -0000	2.6
@@ -1,6 +1,6 @@
 # Vend::UserDB - Interchange user database functions
 #
-# $Id: UserDB.pm,v 2.5 2002/06/17 22:24:08 jon Exp $
+# $Id: UserDB.pm,v 2.6 2002/06/23 15:04:04 mheins Exp $
 #
 # Copyright (C) 1996-2002 Red Hat, Inc. <interchange@redhat.com>
 #
@@ -16,7 +16,7 @@
 
 package Vend::UserDB;
 
-$VERSION = substr(q$Revision: 2.5 $, 10);
+$VERSION = substr(q$Revision: 2.6 $, 10);
 
 use vars qw!
 	$VERSION
@@ -1086,14 +1086,39 @@
 			}
 		}
 
+		my $udb = $self->{DB};
+		my $foreign = $self->{OPTIONS}{indirect_login};
+
+		if($foreign) {
+			my $uname = ($self->{PASSED_USERNAME} ||= $self->{USERNAME});
+			my $ufield = $self->{LOCATION}{USERNAME};
+			$uname = $udb->quote($uname);
+			my $q = "select $ufield from $self->{DB_ID} where $foreign = $uname";
+			my $ary = $udb->query($q)
+				or do {
+					my $msg = ::errmsg( "Database access error for query: %s", $q);
+					die "$msg\n";
+				};
+			@$ary == 1
+				or do {
+					logError(
+						"Denied attempted login with nonexistent (indirect) user name %s",
+						$uname,
+						$self->{USERNAME},
+					);
+					die $stock_error, "\n";
+				};
+			$self->{USERNAME} = $ary->[0][0];
+		}
+
 		# If not superuser, an entry must exist in access database
 		unless ($Vend::superuser) {
-			unless ($self->{DB}->record_exists($self->{USERNAME})) {
+			unless ($udb->record_exists($self->{USERNAME})) {
 				logError("Denied attempted login with nonexistent user name '%s'",
 					$self->{USERNAME});
 				die $stock_error, "\n";
 			}
-			unless ($user_data = $self->{DB}->row_hash($self->{USERNAME})) {
+			unless ($user_data = $udb->row_hash($self->{USERNAME})) {
 				logError("Login denied after failed fetch of user data for user '%s'",
 					$self->{USERNAME});
 				die $stock_error, "\n";
@@ -1118,7 +1143,7 @@
 			my $cmp = $now;
 			$cmp = POSIX::strftime("%Y%m%d%H%M", localtime($now))
 				unless $self->{OPTIONS}->{unix_time};
-			my $exp = $self->{DB}->field(
+			my $exp = $udb->field(
 						$self->{USERNAME},
 						$self->{LOCATION}{EXPIRATION},
 						);
@@ -1134,7 +1159,7 @@
 
 		if ($self->{LOCATION}{LAST} ne 'none') {
 			eval {
-				$self->{DB}->set_field( $self->{USERNAME},
+				$udb->set_field( $self->{USERNAME},
 										$self->{LOCATION}{LAST},
 										time()
 									  );
@@ -1352,7 +1377,10 @@
 			};
 		}
 	
+		my $udb = $self->{DB};
+
 		if($self->{OPTIONS}{assign_username}) {
+			$self->{PASSED_USERNAME} = $self->{USERNAME};
 			$self->{USERNAME} = $self->assign_username();
 			$self->{USERNAME} = lc $self->{USERNAME}
 				if $self->{OPTIONS}{ignore_case};
@@ -1363,15 +1391,45 @@
 		die ::errmsg("Must have at least %s characters in username.",
 			$self->{USERMINLEN}) . "\n"
 			if length($self->{USERNAME}) < $self->{USERMINLEN};
-		if ($self->{DB}->record_exists($self->{USERNAME})) {
-			die ::errmsg("Username already exists.") . "\n"
+
+		# Here we put the username in a non-primary key field, checking
+		# for existence
+		my $foreign = $self->{OPTIONS}{indirect_login};
+		if ($foreign) {
+			my $uname = ($self->{PASSED_USERNAME} ||= $self->{USERNAME});
+			$uname = $udb->quote($uname);
+			my $q = "select username from $self->{DB_ID} where $foreign = $uname";
+			my $ary = $udb->query($q)
+				or do {
+					my $msg = ::errmsg( "Database access error for query: %s", $q);
+					die "$msg\n";
+				};
+			@$ary == 0
+				or do {
+					my $msg = ::errmsg( "Username already exists (indirect).");
+					die "$msg\n";
+				};
 		}
-		my $pass = $self->{DB}->set_field(
+
+		if ($udb->record_exists($self->{USERNAME})) {
+			die ::errmsg("Username already exists.") . "\n";
+		}
+
+		my $pass = $udb->set_field(
 						$self->{USERNAME},
 						$self->{LOCATION}{PASSWORD},
-						$pw
+						$pw,
 						);
 		die ::errmsg("Database access error.") . "\n" unless defined $pass;
+
+		if($foreign) {
+			 $udb->set_field(
+						$self->{USERNAME},
+						$foreign,
+						$self->{PASSED_USERNAME},
+						)
+				or die ::errmsg("Database access error.");
+		}
 
 		username_cookies($self->{USERNAME}, $pw) 
 			if $Vend::Cfg->{CookieLogin};